00:21.30 | *** join/#maemo-ssu joshgillies (~josh@ppp108-33.static.internode.on.net) |
00:44.43 | *** join/#maemo-ssu joshgillies (~josh@ppp108-33.static.internode.on.net) |
01:32.12 | *** join/#maemo-ssu sailus (~sailus@salottisipuli.retiisi.org.uk) |
01:35.58 | *** join/#maemo-ssu jonwil (~jonwil@27-33-80-219.tpgi.com.au) |
02:29.33 | *** join/#maemo-ssu DrCode (~DrCode@gateway/tor-sasl/drcode) |
02:37.51 | *** join/#maemo-ssu amiconn_ (amiconn@rockbox/developer/amiconn) |
03:18.48 | *** part/#maemo-ssu mkaindl (~mkaindl@ama-dablam.markus-kaindl.de) |
04:09.28 | *** join/#maemo-ssu sparetire_ (~sparetire@unaffiliated/sparetire) |
04:50.53 | *** join/#maemo-ssu silviof (~silviof@unaffiliated/silviof) |
05:10.28 | *** join/#maemo-ssu povbot (~supybot@office.pov.lt) |
05:10.29 | *** mode/#maemo-ssu [+v povbot] by ChanServ |
05:19.45 | *** join/#maemo-ssu dhbiker (~dhbiker@APN-123-214-253-gprs.simobil.net) |
05:30.55 | *** join/#maemo-ssu radekp (~radek@82.113.39.213) |
06:08.34 | *** join/#maemo-ssu luf (~luf@ip-89-103-223-142.net.upcbroadband.cz) |
06:14.13 | *** join/#maemo-ssu trx (ns-team@cable-188-2-94-78.dynamic.sbb.rs) |
06:14.13 | *** join/#maemo-ssu trx (ns-team@devbin/founder/trx) |
06:18.17 | *** join/#maemo-ssu chainsawbike (~chainsawb@unaffiliated/chainsawbike) |
07:00.02 | *** join/#maemo-ssu peetah_ (~peetah@cha92-9-82-236-202-86.fbx.proxad.net) |
07:11.33 | *** join/#maemo-ssu sparetire (~sparetire@unaffiliated/sparetire) |
07:35.35 | *** join/#maemo-ssu LauRoman (~LauRoman@5-14-18-48.residential.rdsnet.ro) |
08:30.22 | *** join/#maemo-ssu Pali (~pali@Maemo/community/contributor/Pali) |
09:32.33 | *** join/#maemo-ssu kolp (~quassel@55d46926.access.ecotel.net) |
09:57.40 | *** join/#maemo-ssu arcean (~arcean@aaeq190.neoplus.adsl.tpnet.pl) |
10:59.08 | *** join/#maemo-ssu mkaindl (~mkaindl@ama-dablam.markus-kaindl.de) |
11:05.37 | *** join/#maemo-ssu Pali (~pali@Maemo/community/contributor/Pali) |
11:42.56 | *** part/#maemo-ssu mkaindl (~mkaindl@ama-dablam.markus-kaindl.de) |
11:45.29 | *** join/#maemo-ssu MrPingu (~MrPingute@ip503c83e7.speed.planet.nl) |
12:08.48 | *** join/#maemo-ssu DrCode (~DrCode@gateway/tor-sasl/drcode) |
12:10.30 | *** join/#maemo-ssu MrPingu (~MrPingute@ip503c83e7.speed.planet.nl) |
12:11.21 | *** join/#maemo-ssu joshgillies (~josh@pa49-183-27-186.pa.vic.optusnet.com.au) |
13:33.55 | *** join/#maemo-ssu joshgillies (~josh@pa49-183-25-112.pa.vic.optusnet.com.au) |
14:20.17 | *** join/#maemo-ssu mkaindl (~mkaindl@ama-dablam.markus-kaindl.de) |
14:56.08 | *** join/#maemo-ssu silviof (~silviof@unaffiliated/silviof) |
17:23.34 | *** join/#maemo-ssu seemiyah (~seemiyah_@62.87.99.126) |
17:23.47 | seemiyah | hi everyone. where is the #maemo channel? gone? |
17:28.11 | sixwheeledbeast | seemiyah: it's still there with 205 people in ;) |
17:28.44 | seemiyah | afte callling the channel list and search for maemo, it doest not appear :( |
17:31.23 | seemiyah | sixwheeledbeast: strange - i just found it. Thanks for your support! |
18:22.22 | *** join/#maemo-ssu nox- (noident@freebsd/developer/nox) |
18:38.16 | *** join/#maemo-ssu LauRoman (~LauRoman@5-14-18-48.residential.rdsnet.ro) |
18:49.30 | *** join/#maemo-ssu M4rtinK (~M4rtinK@ip-78-102-146-131.net.upcbroadband.cz) |
18:49.58 | *** join/#maemo-ssu _rd (~rd@pD9566267.dip0.t-ipconnect.de) |
20:06.37 | *** join/#maemo-ssu joshgillies (~josh@pa49-183-25-112.pa.vic.optusnet.com.au) |
20:21.34 | *** join/#maemo-ssu xes (~xes@unaffiliated/xes) |
20:25.28 | peetah | Hi, is there a way to post issues on gitorious ? mine is related to |
20:25.29 | peetah | community-ssu / modest |
20:26.02 | sixwheeledbeast | bugs.maemo.org is the normal place to report. |
20:26.19 | peetah | sixwheeledbeast: ty |
20:26.56 | sixwheeledbeast | peetah: or ask away I would think an idling CSSU dev will appear |
20:28.05 | peetah | since I fixed my mail server to avoid the POODLE issue (forbid SSLv3 connections), modest try to enforce SSL v3 rather than using TLS |
20:28.24 | sixwheeledbeast | modest version? |
20:28.53 | peetah | current cssu thumb |
20:29.37 | peetah | 3.90.7-12.2+thumb |
20:32.05 | sixwheeledbeast | peetah: well I have 3.90.7-13.1 here |
20:34.25 | peetah | sixwheeledbeast: I don't have anything like that in the repos configured on my N900 |
20:35.37 | peetah | sorry, I use cssu testing thumb |
20:37.38 | sixwheeledbeast | peetah: It's a cssu-devel package. See changelog here http://talk.maemo.org/showpost.php?p=1425958&postcount=384 |
20:37.50 | sixwheeledbeast | maybe ping Pali? |
20:38.24 | peetah | that's why then...the changelog does not say anything about TLS connection anyway |
20:40.19 | peetah | Pali: any idea about why Modest 3.90.7-12.2+thumb from cssu testing thumb enforce an SSL v3 connection instead of using TLS with a mail server that forbids SSL v3 connections ? |
20:40.46 | sixwheeledbeast | peetah: :nod: It doesn't seem to address the issue you have found |
20:41.48 | xes | https://gitorious.org/tinymail/tinymail/source/58198f1bd3c429ca102becfe72e2e36c52765df8:libtinymail-camel/camel-lite/camel/camel-tcp-stream-openssl.c#L962 |
20:42.31 | peetah | xes: thanks |
20:43.49 | xes | i may suppose we should apply some kind of change like: https://groups.google.com/forum/#!topic/serf-dev/YEmT52pztaM |
20:44.50 | xes | yw, but i'm not the right one to properly address the issue ;) |
20:48.14 | bencoh | I'm wondering whether the problem is in modest or actually somewhere else |
20:48.53 | peetah | bencoh: it seems to be in tinymail |
20:49.05 | peetah | or maybe related to the openssl version used in maemo |
20:49.22 | peetah | I think this is something currently discussed on tmo |
20:50.37 | peetah | http://talk.maemo.org/showthread.php?t=93296&page=3 |
20:51.30 | bencoh | well ... camel-lite already uses SSLv23_client_method .... |
20:53.06 | bencoh | peetah: did you blacklist tlsv1.0 on your server ? |
20:53.33 | peetah | bencoh: nope, only SSL v2 and v3 |
20:53.47 | *** join/#maemo-ssu iamtheoneiam (~user@2001:19f0:7000:8404:64::1003) |
20:54.13 | peetah | testing with nmap --script ssl-enum-ciphers shows thta TLS 1.0, 1.1 and 1.2 are available |
20:54.18 | bencoh | try openssl s_client -connect foo.tld:993 ; it works here with my server (blacklisted sslv3) |
20:54.23 | bencoh | (from your n900) |
20:54.48 | bencoh | so openssl should be fine at least |
20:56.05 | Sicelo900v6 | ~fam |
20:56.05 | infobot | hmm... fapman is Faster Application Manager, a frontend for apt which uses own repositories catalog, and shouldn't be used to do system upgrades (like CSSU), or actually for anything since ~speedyHAM. It also does "apt-get autoremove" after every operation, by default. In short, it's been identified as source of system corruption and thus deprecated, or see ~hamvsfam |
20:56.31 | Sicelo900v6 | echan. sorry |
20:57.15 | bencoh | hmm, hmmm .... |
20:57.17 | peetah | bencoh: I did not think of trying from the n900 |
20:57.20 | bencoh | #define SSL_PORT_FLAGS (CAMEL_TCP_STREAM_SSL_ENABLE_SSL2 | CAMEL_TCP_STREAM_SSL_ENABLE_SSL3) |
20:57.32 | peetah | just did with your openssl command and it connects using TLSv1.0 |
20:57.33 | bencoh | I dont see CAMEL_TCP_STREAM_SSL_ENABLE_TLS there |
20:57.41 | bencoh | and I see a test for (flags & CAMEL_TCP_STREAM_SSL_ENABLE_TLS) |
20:58.27 | bencoh | I dont see the point of doing this ... and I'm pretty sure patching the 6 lines (6 different files) of #define SSL_PORT_FLAGS with the 3rd flag would fix it |
20:59.23 | bencoh | see tinymail/libtinymail-camel/camel-lite/camel/camel-tcp-stream-ssl.c and tinymail/libtinymail-camel/camel-lite/camel/providers/*/*.c |
20:59.49 | bencoh | yeah that's it |
21:00.10 | bencoh | TLS is explicitly disabled if the flag is missing ... why, I dunno. |
21:00.20 | bencoh | (I mean, I really dont see the point) |
21:04.49 | peetah | it is defined in cssu/tinymail |
21:05.04 | bencoh | yeah, I just pointed at it ;) |
21:06.59 | bencoh | peetah: btw, did you try starttls (I dunno if modest allows that) ? |
21:07.35 | peetah | nope |
21:07.45 | peetah | didnot try, i mean |
21:08.55 | peetah | but I'd rather not modify the server config |
21:26.04 | peetah | ok that seems to be entirely my fault: when configuring another test server, I noticed that modest proposes SSL or TLS for secure connection, which can't be modified with an already configured account |
21:28.31 | peetah | when adding this new test account, I chose TLS, configured my server firewall to accept connection on port 143 and seems fine now |
21:28.41 | peetah | *it seems |
21:29.54 | peetah | the question is now: why can't we modify the connection type on an existing account |
21:50.59 | peetah | bencoh: so I think you are right: modest attempts to establish a starttls connection on port 143 rather than a secure IMAPS connection on 993 and then negociate the TLS cipher |
21:51.04 | *** join/#maemo-ssu sixwheeledbeast (~paul@host-92-25-108-231.as13285.net) |
21:54.06 | peetah | bencoh, sixwheeledbeast, xes : thanks to the three of you for helping me to fix this |
21:54.28 | sixwheeledbeast | peetah: np, didn't do much :) |
22:00.31 | bencoh | peetah: btw does it work wit "tls" and port 993 ? |
22:02.01 | bencoh | as far as I get it from source code, that should be possible ... I just dunno if modest allows it |
22:02.16 | bencoh | and I still believe disabling TLS for MODE_SSL in camel-lite is silly |
22:05.35 | *** join/#maemo-ssu Sicelo900v6 (~user@2001:19f0:7000:8404:64::1003) |
22:07.41 | peetah | modest allows you to choose the port you want to use, so I guess it should work |
22:07.47 | peetah | let me test it |
22:08.38 | peetah | rhhaaa need to recreate another account, i can't modify the port on an existing account |
22:13.18 | bencoh | meh |
22:16.04 | peetah | bencoh: TLS on port 993 fails |
22:31.07 | bencoh | is that imap or imap4 ? |
22:31.30 | bencoh | (considering the source I'd say imap, but ... :) |
22:31.41 | bencoh | imap4* |
22:33.04 | *** join/#maemo-ssu jonwil (~jonwil@27-33-80-219.tpgi.com.au) |
22:37.59 | peetah | bencoh: imap4 |
23:40.36 | *** join/#maemo-ssu DrCode (~DrCode@gateway/tor-sasl/drcode) |
23:52.50 | *** join/#maemo-ssu joshgillies (~josh@ppp108-33.static.internode.on.net) |