Devuan bug report logs - #880
libnet-imap-simple-ssl-perl: IMAP SSL connection not possible

Package: libnet-imap-simple-ssl-perl; Maintainer for libnet-imap-simple-ssl-perl is (unknown); Source for libnet-imap-simple-ssl-perl is src:libnet-imap-simple-ssl-perl.

Reported by: markus schnalke <meillo@marmaro.de>

Date: Tue, 18 Mar 2025 16:08:01 UTC

Severity: normal

Found in version 1.3-5

Done: Mark Hindley <mark@hindley.org.uk>

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to devuan-bugs@lists.dyne.org, devuan-dev@lists.dyne.org:
bug#880; Package libnet-imap-simple-ssl-perl. (Tue, 18 Mar 2025 16:08:01 GMT) (full text, mbox, link).

Acknowledgement sent to markus schnalke <meillo@marmaro.de>:
New bug report received and forwarded. Copy sent to devuan-dev@lists.dyne.org. (Tue, 18 Mar 2025 16:08:02 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.devuan.org (full text, mbox, reply):

Package: libnet-imap-simple-ssl-perl
Version: 1.3-5
Severity: normal

Hoi.

I am unable to establish a connection with IMAP servers:

	:-F cat /tmp/imap-connect-test.pl                   
	#!/usr/bin/perl
	 
	use Net::IMAP::Simple::SSL; 
	 
	Net::IMAP::Simple::SSL->new("imap.gmx.net:993", ssl_version=>"TLSv1") 
		or die("cannot connect to server\n"); 


	:-F perl /tmp/imap-connect-test.pl                  
	cannot connect to server


However, with Openssl I can:

	:-F openssl s_client -quiet -connect imap.gmx.net:993
	depth=2 C = DE, O = T-Systems Enterprise Services GmbH, OU = T-Systems Trust Center, CN = T-TeleSec GlobalRoot Class 2
	verify return:1
	depth=1 C = DE, O = Deutsche Telekom Security GmbH, CN = Telekom Security ServerID OV Class 2 CA
	verify return:1
	depth=0 C = DE, ST = Rheinland-Pfalz, L = Montabaur, O = 1&1 Mail & Media GmbH, CN = mail.gmx.net
	verify return:1
	* OK [CAPABILITY IMAP4rev1 CHILDREN ENABLE ID IDLE LIST-EXTENDED LIST-STATUS LITERAL- MOVE NAMESPACE SASL-IR SORT SPECIAL-USE THREAD=ORDEREDSUBJECT UIDPLUS UNSELECT WITHIN AUTH=LOGIN AUTH=PLAIN] IMAP server ready H migmx112 30.1 IMAP-1MiMV4-1tIcRX2vNm-00flL5
	a logout
	* BYE Server logging out
	a OK LOGOUT completed


I have debugged the problem for days, but cannot find out what the
problem is.

The background: I have qpsmtpd with auth_imap, to authenticate users
against a Dovecot backend, all running locally.

When trying to connect to the local Dovecot server (localhost:993) I
get this message in the logfile:

	dovecot: imap-login: Disconnected: Connection closed:
	SSL_accept() failed: error:0A000076:SSL routines::no suitable signature
	algorithm (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, TLS
	handshaking: SSL_accept() failed: error:0A000076:SSL routines::no
	suitable signature algorithm,
	session=<pqzOP5cwmtMAAAAAAAAAAAAAAAAAAAAB>

Openssl, again, works as expected.

In Dovecot I have allowed all SSL versions and ciphers:

	ssl_min_protocol = ANY
	ssl_cipher_list = ALL


The problem seems to be specific to Devuan -- or to my system --
the above example code works for a friend, running it on Debian
stable, which seems to have the identical version of the package.

My system is a fresh installation of Devuan stable.


Could you please check if it is a Devuan problem.

If not: Any clues how to solve it? ;-)

Thanks.


meillo



-- System Information:
Distributor ID:	Devuan
Description:	Devuan GNU/Linux 5 (daedalus)
Release:	5
Codename:	daedalus
Architecture: x86_64

Kernel: Linux 6.1.0-31-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages libnet-imap-simple-ssl-perl depends on:
ii  libio-socket-ssl-perl    2.081-2
ii  libnet-imap-simple-perl  1.2211-1
ii  perl                     5.36.0-7+deb12u1

libnet-imap-simple-ssl-perl recommends no packages.

libnet-imap-simple-ssl-perl suggests no packages.

-- no debconf information

Reply sent to Mark Hindley <mark@hindley.org.uk>:
You have taken responsibility. (Tue, 18 Mar 2025 17:02:02 GMT) (full text, mbox, link).

Notification sent to markus schnalke <meillo@marmaro.de>:
bug acknowledged by developer. (Tue, 18 Mar 2025 17:02:03 GMT) (full text, mbox, link).

Message #10 received at 880-done@bugs.devuan.org (full text, mbox, reply):

Markus,

On Tue, Mar 18, 2025 at 05:02:38PM +0100, markus schnalke wrote:
> Package: libnet-imap-simple-ssl-perl

This is not a forked package (none of perl is) so I would be astonished if this
is Devuan specific.

> Version: 1.3-5
> Severity: normal
> 
> Hoi.
> 
> I am unable to establish a connection with IMAP servers:
> 
> 	:-F cat /tmp/imap-connect-test.pl                   
> 	#!/usr/bin/perl
> 	 
> 	use Net::IMAP::Simple::SSL; 
> 	 
> 	Net::IMAP::Simple::SSL->new("imap.gmx.net:993", ssl_version=>"TLSv1") 
> 		or die("cannot connect to server\n");

For me, specifying TLSv1_2 or TLSv1_3 works. I suspect the server doesn't accept TLSv1.

> However, with Openssl I can:
> 
> 	:-F openssl s_client -quiet -connect imap.gmx.net:993

This is comparing different protocols.

If you do

  openssl s_client -quiet -connect imap.gmx.net:993 -tls1

you will get a protocol error which matches the perl TLSv1 error above.

Mark

Send a report that this bug log contains spam.

Devuan bug report logs - #880 libnet-imap-simple-ssl-perl: IMAP SSL connection not possible

Devuan bug report logs - #880
libnet-imap-simple-ssl-perl: IMAP SSL connection not possible