[Users] [Bug 3422] New: starttls starts too early when using client certificates

[noreply at thewildbeast.co.uk]

http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3422

            Bug ID: 3422
           Summary: starttls starts too early when using client
                    certificates
    Classification: Unclassified
           Product: Claws Mail
           Version: other
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: SMTP
          Assignee: users at lists.claws-mail.org
          Reporter: darix at nordisch.org

postfix submission port is set to enforce encryption and require a client cert.
It works if you disable the client cert in postfix and on the client.
claws-mail has a pkcs#12 file set up for sending and retrieving. the IMAP part
works nicely.

On the sending side you run into an SSL error. With debug you get:

```
ssl.c:247:SSL_connect thread returned -50
** (claws-mail:19632): WARNING **: SSL connection failed (The request is
invalid.)
** (claws-mail:19632): WARNING **: couldn't start TLS session.
** (claws-mail:19632): WARNING **: [02:02:00] couldn't start TLS session
(claws-mail:19632): Claws-Mail-WARNING **: send: error: 220 2.0.0 Ready to
start TLS
** (claws-mail:19632): WARNING **: [02:02:00] Error occurred while sending the
message.
session.c:363:session (0xe58d10): closed
session.c:237:session (0xe58d10): destroyed
```

To me it looks like it doesn't wait for the starttls ack from the server but
starts right away.

Tested the setup with gnutls-cli/openssl s_client/msmtp and all work as
expected.

-- 
You are receiving this mail because:
You are the assignee for the bug.