IRC log for #maemo-ssu on 20141023

00:21.30*** join/#maemo-ssu joshgillies (~josh@ppp108-33.static.internode.on.net)
00:44.43*** join/#maemo-ssu joshgillies (~josh@ppp108-33.static.internode.on.net)
01:32.12*** join/#maemo-ssu sailus (~sailus@salottisipuli.retiisi.org.uk)
01:35.58*** join/#maemo-ssu jonwil (~jonwil@27-33-80-219.tpgi.com.au)
02:29.33*** join/#maemo-ssu DrCode (~DrCode@gateway/tor-sasl/drcode)
02:37.51*** join/#maemo-ssu amiconn_ (amiconn@rockbox/developer/amiconn)
03:18.48*** part/#maemo-ssu mkaindl (~mkaindl@ama-dablam.markus-kaindl.de)
04:09.28*** join/#maemo-ssu sparetire_ (~sparetire@unaffiliated/sparetire)
04:50.53*** join/#maemo-ssu silviof (~silviof@unaffiliated/silviof)
05:10.28*** join/#maemo-ssu povbot (~supybot@office.pov.lt)
05:10.29*** mode/#maemo-ssu [+v povbot] by ChanServ
05:19.45*** join/#maemo-ssu dhbiker (~dhbiker@APN-123-214-253-gprs.simobil.net)
05:30.55*** join/#maemo-ssu radekp (~radek@82.113.39.213)
06:08.34*** join/#maemo-ssu luf (~luf@ip-89-103-223-142.net.upcbroadband.cz)
06:14.13*** join/#maemo-ssu trx (ns-team@cable-188-2-94-78.dynamic.sbb.rs)
06:14.13*** join/#maemo-ssu trx (ns-team@devbin/founder/trx)
06:18.17*** join/#maemo-ssu chainsawbike (~chainsawb@unaffiliated/chainsawbike)
07:00.02*** join/#maemo-ssu peetah_ (~peetah@cha92-9-82-236-202-86.fbx.proxad.net)
07:11.33*** join/#maemo-ssu sparetire (~sparetire@unaffiliated/sparetire)
07:35.35*** join/#maemo-ssu LauRoman (~LauRoman@5-14-18-48.residential.rdsnet.ro)
08:30.22*** join/#maemo-ssu Pali (~pali@Maemo/community/contributor/Pali)
09:32.33*** join/#maemo-ssu kolp (~quassel@55d46926.access.ecotel.net)
09:57.40*** join/#maemo-ssu arcean (~arcean@aaeq190.neoplus.adsl.tpnet.pl)
10:59.08*** join/#maemo-ssu mkaindl (~mkaindl@ama-dablam.markus-kaindl.de)
11:05.37*** join/#maemo-ssu Pali (~pali@Maemo/community/contributor/Pali)
11:42.56*** part/#maemo-ssu mkaindl (~mkaindl@ama-dablam.markus-kaindl.de)
11:45.29*** join/#maemo-ssu MrPingu (~MrPingute@ip503c83e7.speed.planet.nl)
12:08.48*** join/#maemo-ssu DrCode (~DrCode@gateway/tor-sasl/drcode)
12:10.30*** join/#maemo-ssu MrPingu (~MrPingute@ip503c83e7.speed.planet.nl)
12:11.21*** join/#maemo-ssu joshgillies (~josh@pa49-183-27-186.pa.vic.optusnet.com.au)
13:33.55*** join/#maemo-ssu joshgillies (~josh@pa49-183-25-112.pa.vic.optusnet.com.au)
14:20.17*** join/#maemo-ssu mkaindl (~mkaindl@ama-dablam.markus-kaindl.de)
14:56.08*** join/#maemo-ssu silviof (~silviof@unaffiliated/silviof)
17:23.34*** join/#maemo-ssu seemiyah (~seemiyah_@62.87.99.126)
17:23.47seemiyahhi everyone. where is the #maemo channel? gone?
17:28.11sixwheeledbeastseemiyah: it's still there with 205 people in ;)
17:28.44seemiyahafte callling the channel list and search for maemo, it doest not appear :(
17:31.23seemiyahsixwheeledbeast: strange - i just found it. Thanks for your support!
18:22.22*** join/#maemo-ssu nox- (noident@freebsd/developer/nox)
18:38.16*** join/#maemo-ssu LauRoman (~LauRoman@5-14-18-48.residential.rdsnet.ro)
18:49.30*** join/#maemo-ssu M4rtinK (~M4rtinK@ip-78-102-146-131.net.upcbroadband.cz)
18:49.58*** join/#maemo-ssu _rd (~rd@pD9566267.dip0.t-ipconnect.de)
20:06.37*** join/#maemo-ssu joshgillies (~josh@pa49-183-25-112.pa.vic.optusnet.com.au)
20:21.34*** join/#maemo-ssu xes (~xes@unaffiliated/xes)
20:25.28peetahHi, is there a way to post issues on gitorious ? mine is related to
20:25.29peetahcommunity-ssu / modest
20:26.02sixwheeledbeastbugs.maemo.org is the normal place to report.
20:26.19peetahsixwheeledbeast: ty
20:26.56sixwheeledbeastpeetah: or ask away I would think an idling CSSU dev will appear
20:28.05peetahsince I fixed my mail server to avoid the POODLE issue (forbid SSLv3 connections), modest try to enforce SSL v3 rather than using TLS
20:28.24sixwheeledbeastmodest version?
20:28.53peetahcurrent cssu thumb
20:29.37peetah3.90.7-12.2+thumb
20:32.05sixwheeledbeastpeetah: well I have 3.90.7-13.1 here
20:34.25peetahsixwheeledbeast: I don't have anything like that in the repos configured on my N900
20:35.37peetahsorry, I use cssu testing thumb
20:37.38sixwheeledbeastpeetah: It's a cssu-devel package. See changelog here http://talk.maemo.org/showpost.php?p=1425958&postcount=384
20:37.50sixwheeledbeastmaybe ping Pali?
20:38.24peetahthat's why then...the changelog does not say anything about TLS connection anyway
20:40.19peetahPali: any idea about why Modest 3.90.7-12.2+thumb from cssu testing thumb enforce an SSL v3 connection instead of using TLS with a mail server that forbids SSL v3 connections ?
20:40.46sixwheeledbeastpeetah: :nod: It doesn't seem to address the issue you have found
20:41.48xeshttps://gitorious.org/tinymail/tinymail/source/58198f1bd3c429ca102becfe72e2e36c52765df8:libtinymail-camel/camel-lite/camel/camel-tcp-stream-openssl.c#L962
20:42.31peetahxes: thanks
20:43.49xesi may suppose we should apply some kind of change like: https://groups.google.com/forum/#!topic/serf-dev/YEmT52pztaM
20:44.50xesyw, but i'm not the right one to properly address the issue ;)
20:48.14bencohI'm wondering whether the problem is in modest or actually somewhere else
20:48.53peetahbencoh: it seems to be in tinymail
20:49.05peetahor maybe related to the openssl version used in maemo
20:49.22peetahI think this is something currently discussed on tmo
20:50.37peetahhttp://talk.maemo.org/showthread.php?t=93296&page=3
20:51.30bencohwell ... camel-lite already uses SSLv23_client_method ....
20:53.06bencohpeetah: did you blacklist tlsv1.0 on your server ?
20:53.33peetahbencoh: nope, only SSL v2 and v3
20:53.47*** join/#maemo-ssu iamtheoneiam (~user@2001:19f0:7000:8404:64::1003)
20:54.13peetahtesting with nmap --script ssl-enum-ciphers shows thta TLS 1.0, 1.1 and 1.2 are available
20:54.18bencohtry openssl s_client -connect foo.tld:993 ; it works here with my server (blacklisted sslv3)
20:54.23bencoh(from your n900)
20:54.48bencohso openssl should be fine at least
20:56.05Sicelo900v6~fam
20:56.05infobothmm... fapman is Faster Application Manager, a frontend for apt which uses own repositories catalog, and shouldn't be used to do system upgrades (like CSSU), or actually for anything since ~speedyHAM. It also does "apt-get autoremove" after every operation, by default. In short, it's been identified as source of system corruption and thus deprecated, or see ~hamvsfam
20:56.31Sicelo900v6echan. sorry
20:57.15bencohhmm, hmmm ....
20:57.17peetahbencoh: I did not think of trying from the n900
20:57.20bencoh#define SSL_PORT_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_SSL2 | CAMEL_TCP_STREAM_SSL_ENABLE_SSL3)
20:57.32peetahjust did with your openssl command and it connects using TLSv1.0
20:57.33bencohI dont see CAMEL_TCP_STREAM_SSL_ENABLE_TLS there
20:57.41bencohand I see a test for (flags & CAMEL_TCP_STREAM_SSL_ENABLE_TLS)
20:58.27bencohI dont see the point of doing this ... and I'm pretty sure patching the 6 lines (6 different files) of #define SSL_PORT_FLAGS with the 3rd flag would fix it
20:59.23bencohsee tinymail/libtinymail-camel/camel-lite/camel/camel-tcp-stream-ssl.c and tinymail/libtinymail-camel/camel-lite/camel/providers/*/*.c
20:59.49bencohyeah that's it
21:00.10bencohTLS is explicitly disabled if the flag is missing ... why, I dunno.
21:00.20bencoh(I mean, I really dont see the point)
21:04.49peetahit is defined in cssu/tinymail
21:05.04bencohyeah, I just pointed at it ;)
21:06.59bencohpeetah: btw, did you try starttls (I dunno if modest allows that) ?
21:07.35peetahnope
21:07.45peetahdidnot try, i mean
21:08.55peetahbut I'd rather not modify the server config
21:26.04peetahok that seems to be entirely my fault: when configuring another test server, I noticed that modest proposes SSL or TLS for secure connection, which can't be modified with an already configured account
21:28.31peetahwhen adding this new test account, I chose TLS, configured my server firewall to accept connection on port 143 and seems fine now
21:28.41peetah*it seems
21:29.54peetahthe question is now: why can't we modify the connection type on an existing account
21:50.59peetahbencoh: so I think you are right: modest attempts to establish a starttls connection on port 143 rather than a secure IMAPS connection on 993 and then negociate the TLS cipher
21:51.04*** join/#maemo-ssu sixwheeledbeast (~paul@host-92-25-108-231.as13285.net)
21:54.06peetahbencoh, sixwheeledbeast, xes : thanks to the three of you for helping me to fix this
21:54.28sixwheeledbeastpeetah: np, didn't do much :)
22:00.31bencohpeetah: btw does it work wit "tls" and port 993 ?
22:02.01bencohas far as I get it from source code, that should be possible ... I just dunno if modest allows it
22:02.16bencohand I still believe disabling TLS for MODE_SSL in camel-lite is silly
22:05.35*** join/#maemo-ssu Sicelo900v6 (~user@2001:19f0:7000:8404:64::1003)
22:07.41peetahmodest allows you to choose the port you want to use, so I guess it should work
22:07.47peetahlet me test it
22:08.38peetahrhhaaa need to recreate another account, i can't modify the port on an existing account
22:13.18bencohmeh
22:16.04peetahbencoh: TLS on port 993 fails
22:31.07bencohis that imap or imap4 ?
22:31.30bencoh(considering the source I'd say imap, but ... :)
22:31.41bencohimap4*
22:33.04*** join/#maemo-ssu jonwil (~jonwil@27-33-80-219.tpgi.com.au)
22:37.59peetahbencoh: imap4
23:40.36*** join/#maemo-ssu DrCode (~DrCode@gateway/tor-sasl/drcode)
23:52.50*** join/#maemo-ssu joshgillies (~josh@ppp108-33.static.internode.on.net)

Generated by irclog2html.pl Modified by Tim Riker to work with infobot.