Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 115632

Summary: mail-client/mutt-1.5.11: ssl_force_tls doesn't work
Product: Gentoo Linux Reporter: Sascha Silbe <sascha-gentoo-bugzilla>
Component: Current packagesAssignee: Fernando J. Pereda (RETIRED) <ferdy>
Status: RESOLVED INVALID    
Severity: normal CC: agriffis, jakub
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Sascha Silbe 2005-12-15 02:43:11 UTC
The new option ssl_force_tls (intended as a replacement for imap_force_ssl, at least according to the ChangeLog) doesn't work.
mutt can only connect to my IMAPS server (SSL only) if I tell it explicitly to use SSL (i.e. use {server/ssl} instead of {server}).


Reproducible: Always
Steps to Reproduce:
1. set ssl_force_tls
2. set spoolfile='{imap.sascha.silbe.org}INBOX'
3. start mutt
4. set spoolfile='{imap.sascha.silbe.org/ssl}INBOX'
5. start mutt

Actual Results:  
Step 3: connection gets refused
Step 5: everything works fine


Expected Results:  
Step 3: everything works fine
Step 5: everything works fine


Gentoo Base System version 1.6.13
Portage 2.0.51.22-r3 (default-linux/x86/2005.0, gcc-3.3.6, glibc-2.3.5-r2, 2.6.11.6-infra-cube-1 i686)
=================================================================
System uname: 2.6.11.6-infra-cube-1 i686 AMD Athlon(tm) XP 1700+
distcc 2.18.3 i586-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled]
ccache version 2.3 [disabled]
dev-lang/python:     2.3.5-r2, 2.4.2
sys-apps/sandbox:    1.2.12
sys-devel/autoconf:  2.13, 2.59-r6
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1
sys-devel/libtool:   1.5.20
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i586-pc-linux-gnu"
CFLAGS="-march=pentium -mcpu=athlon-xp -O3 -pipe"
CHOST="i586-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /usr/vice/etc /var/qmail/alias /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/afs/C /etc/afs/afsws /etc/afs/modload /etc/gconf /etc/make.globals /etc/terminfo /etc/env.d"
CXXFLAGS="-march=pentium -mcpu=athlon-xp -O3 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig collision-protect distcc distlocks fixpackages sandbox sfperms strict test userpriv usersandbox"
GENTOO_MIRRORS="ftp://ftp.easynet.nl/mirror/gentoo/ http://gentoo.inode.at/ ftp://gentoo.inode.at/source/"
LANG="en_US"
LINGUAS="en,de"
MAKEOPTS="-j10 -s"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp/portage"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage /usr/local/portage-local--main--1.0"
SYNC="rsync://copper.sascha.silbe.org/gentoo-portage"
USE="x86 3dnow 3dnowext S3TC X a52 aac accessibility acl afs alsa apm audiofile avi bash-completion berkdb bitmap-fonts blas bzip2 bzlib cdparanoia cdr chipcard cjk crypt curl doc dts dv dvd dvdr dvdread ecc eds emboss encode examples exif expat fam fame ffmpeg flac foomaticdb fortran gd gdbm geldkarte gif gimpprint glut gmp gstreamer gtk gtk2 gtkhtml guile hbci idn imagemagick imap imlib ipv6 j-noaim j-nomsn j-noyahoo jabber jpeg jpeg2k lapack lcms libg++ libwww lm_sensors lua lvm1 lzo mad maildir mailwrapper makecheck mbox mikmod mjpeg mmx mmxext mng monitor mozsvg mp3 mpeg mysql nas ncurses nls nodrm offensive ogg oggvorbis openal opengl oss pam pcre pda pdflib plotutils png postgres python qt qtmt quicktime readline recode samba scanner sdl serial skey smartcard speex spell sqlite sse ssl svg sysfs test tetex theora tiff truetype truetype-fonts type1-fonts udev unicode usb userlocales vorbis win32codecs xine xml xml2 xv xvid yv12 zlib linguas_en,de userland_GNU kernel_linux elibc_glibc"
Unset:  ASFLAGS, CTARGET, LC_ALL, LDFLAGS
Comment 1 Fernando J. Pereda (RETIRED) gentoo-dev 2005-12-15 03:28:40 UTC
Is that server accepting TLS connections on the default imap port ?

Anyway, I wouldn't consider this a Gentoo bug. If anything this is an upstream bug.

Cheers,
Ferdy
Comment 2 Sascha Silbe 2005-12-15 07:32:49 UTC
The server is only accepting SSL connections on the imaps port (993). No plain-text-connect-and-agree-to-switch-to-ssl hack whatsoever.
Comment 3 Jakub Moc (RETIRED) gentoo-dev 2005-12-16 04:37:41 UTC
(In reply to comment #2)
> The server is only accepting SSL connections on the imaps port (993). No
plain-text-connect-and-agree-to-switch-to-ssl hack whatsoever.
> 

Well, then it can't work, if it's not supported on server side, this is not a
bug (though I suspect that trying TLS also if not advertised by the server
breaks an RFC or two ;p). Otherwise, it does what's documented - forces
encrypted connections. Encryption is not available on imap:// port unless server
supports TLS, so it properly fails. With imaps:// the connection is encrypted
via SSL, so it works.

Not a bug, IMHO.
Comment 4 Fernando J. Pereda (RETIRED) gentoo-dev 2005-12-16 05:36:33 UTC
Indeed... not a bug.

Cheers,
Ferdy