From owner-freebsd-ports@FreeBSD.ORG  Wed Mar 10 07:26:32 2004
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8F99A16A4CE
	for <ports@FreeBSD.org>; Wed, 10 Mar 2004 07:26:32 -0800 (PST)
Received: from mistert.lan.homeboyz.com (mistert.lan.homeboyz.com
	[208.178.127.35])
	by mx1.FreeBSD.org (Postfix) with SMTP id BB32A43D3F
	for <ports@FreeBSD.org>; Wed, 10 Mar 2004 07:26:31 -0800 (PST)
	(envelope-from tduffey@homeboyz.com)
Received: (qmail 77319 invoked by uid 0); 10 Mar 2004 15:27:07 -0000
Received: from hbi-int93.mke.homeboyz.com (HELO homeboyz.com)
	(tduffey@192.168.1.93)
	by mistert.mke.homeboyz.com with SMTP; 10 Mar 2004 15:27:07 -0000
Message-ID: <404F34BC.9080901@homeboyz.com>
Date: Wed, 10 Mar 2004 09:31:08 -0600
From: "Thomas M. Duffey" <tduffey@homeboyz.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
	rv:1.6b) Gecko/20031205 Thunderbird/0.4
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: ucspi@list.superscript.com
References: <404E8FDA.5040604@homeboyz.com>
	<p06020401bc743ff56c02@[192.168.1.22]> <404E9504.9060905@homeboyz.com>
In-Reply-To: <404E9504.9060905@homeboyz.com>
X-Enigmail-Version: 0.82.6.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
cc: ports@FreeBSD.org
Subject: Re: Problems running ucspi-ssl
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Mar 2004 15:26:32 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi All,

| Eben wrote:
|
| |I had the same test failures, but success in production, on Solaris.
| |What problems, besides the test results, are you seeing?

After following the exact same steps on a Linux server it's working
fine, so I'm wondering if this is specific to FreeBSD.  I'm running
FreeBSD 4.7 w/the base OpenSSL package.  Has anyone had success with
ucspi-ssl on FreeBSD?

|
| If I install ucspi-ssl as-is and then follow the "poppin' with SSL:
| qmail-pop3sd" instructions
| (http://www.thedjbway.org/ssl/qmail-pop3sd.html), then I get errors
| when I try to connect to the POP3-over-SSL service.  Here's the client
| side output:
|
| $ sslconnect <myserver> 995 -a /usr/local/ssl/pop3s.cert
| sslclient: fatal: unable to SSL connect:
| error:00000005:lib(0):func(0):bad asn1 object header
| sslclient: fatal: unable to SSL connect:
| error:00000005:lib(0):func(0):bad asn1 object header
|
| Here's the multilog output:
|
| 2004-03-10 03:34:03.918113500 sslserver: status: 0/40
| 2004-03-10 03:57:15.527228500 sslserver: cafile 78559
| 2004-03-10 03:57:15.527282500 sslserver: ccafile 78559
| 2004-03-10 03:57:15.527288500 sslserver: cadir 78559
| /usr/local/ssl/certs
| 2004-03-10 03:57:15.527295500 sslserver: cert 78559
| /usr/local/ssl/pop3s.cert
| 2004-03-10 03:57:15.527300500 sslserver: key 78559
| /usr/local/ssl/private/pop3s.key
| 2004-03-10 03:57:15.527305500 sslserver: param 78559
| /usr/local/ssl/pem/dh1024.pem 512
| 2004-03-10 03:57:15.527310500 sslserver: status: 0/40
| (service startup)
|
| 2004-03-10 03:58:01.472397500 sslserver: status: 1/40
| 2004-03-10 03:58:01.473406500 sslserver: pid 78600 from <client ip>
| 2004-03-10 03:58:01.474487500 sslserver: ok 78600 0:<server ip>:995
| :<client ip>::1152
| 2004-03-10 03:58:01.476881500 sslserver: warning: dropping connection,
| unable to accept SSL: error:00000001:lib(0):func(0):reason(1)
| 2004-03-10 03:58:01.477697500 sslserver: end 78600 status 28416
| 2004-03-10 03:58:01.477702500 sslserver: status: 0/40
| (connection failure)
|
| The same thing happens if I try to connect using Mozilla Thunderbird.

- --
:: t h o m a s       d u f f e y
:: h o m e b o y z   i n t e r a c t i v e
:: AB64 0DB9 CAA7 A904 A20A C56F F1F2 9602 9F02 CC30


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFATzS78fKWAp8CzDARAr6pAJ9DF2wDIatNGT0VLkrpNXiahOSIVQCfaCgo
sFIrAWq1+GkMvYj/JsKkTlc=
=59v5
-----END PGP SIGNATURE-----

