Open Bug 1179002 Opened 7 years ago Updated 7 years ago
connecting to a mailbox with STARTTLS and encrypted password fails after upgrading to TB 38
User Agent: Mozilla/5.0 (X11; Linux i686; rv:38.0) Gecko/20100101 Firefox/38.0 Build ID: 20150627185143 Steps to reproduce: upgrade from Thunderbird 31.7.0 to 38.0.1 tried 3x First in Mageia cauldron (64bit) Then in Mageia 5 (32bit) Last time I used the version from https://www.mozilla.org/en-US/thunderbird/download/?product=thunderbird-38.0.1&os=linux&lang=en-US (again in Mga5) Actual results: I could no longer connect to one of my mailboxes. It is the only one for which STARTTLS + encrypted password is used Expected results: Connecting should still be possible I removed everything referring to my other mailboxes from the attached imap log. The others all use SSL/TLS and don't have a problem.
(In reply to Magnus Melin from comment #1) > Any difference with 38.1.0. Not bug 1174159? No difference, sorry. However, I created a new .thunderbird with only the Interconnect mailbox, so that I can now attach a full log (just in case I deleted too much in the first one I attached)
Attachment #8627940 - Attachment is obsolete: true
I just got the 38.1 update and it broke one of my accounts also. Platform=Windows. Changing Connection security from SSL/TLS to None allows me to check mail.
(In reply to sean e from comment #3) > I just got the 38.1 update and it broke one of my accounts also. > Platform=Windows. > Changing Connection security from SSL/TLS to None allows me to check mail. Your issue in that case was quite likely the fact the server has not had an update to it's TLS certificates. If that were the case there would be entries in the error console about weak Diffie-Hellman
(In reply to Matt from comment #4) > Your issue in that case was quite likely the fact the server has not had an > update to it's TLS certificates. If that were the case there would be > entries in the error console about weak Diffie-Hellman No weak Diffie-Hellman message: Timestamp: 2015.07.17 7:45:49 pm Error: An error occurred during a connection to mail.ca.astound.net:995. SSL peer was not expecting a handshake message it received. (Error code: ssl_error_handshake_unexpected_alert)
Same issue with Thunderbird update pushed on Ubuntu 14.04 yesterday (07-22-2015), switching from 31.7.0 to 31.8.0, trying to fetch mails from a POP3S server (SSL/TLS secured, normal password). Thunderbird displays "Connected ..." in the status bar but nothing occurs then. Below are information about the certificate, provided by running the following command. Connected with openssl, I can successfully run pop3 commands like "user" "pass" "list" "retr" successfully. $ openssl s_client -connect <host>:pop3s CONNECTED(00000003) depth=1 CN = <Removed4Bugzilla> Authority, OU = <Removed4Bugzilla> Services, O = <Removed4Bugzilla>, C = Fr verify error:num=19:self signed certificate in certificate chain verify return:0 --- Certificate chain 0 s:/CN=<Removed4Bugzilla>/O=<Removed4Bugzilla>/C=fr i:/CN=<Removed4Bugzilla> Authority/OU=<Removed4Bugzilla> Services/O=<Removed4Bugzilla>/C=Fr 1 s:/CN=<Removed4Bugzilla> Authority/OU=<Removed4Bugzilla> Services/O=<Removed4Bugzilla>/C=Fr i:/CN=<Removed4Bugzilla> Authority/OU=<Removed4Bugzilla> Services/O=<Removed4Bugzilla>/C=Fr --- Server certificate -----BEGIN CERTIFICATE----- <Removed4Bugzilla> -----END CERTIFICATE----- subject=/CN=<Removed4Bugzilla>/O=<Removed4Bugzilla>/C=fr issuer=/CN=<Removed4Bugzilla> Authority/OU=<Removed4Bugzilla> Services/O=<Removed4Bugzilla>/C=Fr --- No client certificate CA names sent --- SSL handshake has read 3385 bytes and written 460 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: <Removed4Bugzilla> Session-ID-ctx: Master-Key: <Removed4Bugzilla> Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1437632543 Timeout : 300 (sec) Verify return code: 19 (self signed certificate in certificate chain) --- +OK <Removed4Bugzilla> Zimbra POP3 server ready
(In reply to Maxime from comment #6) > Same issue with Thunderbird update pushed on Ubuntu 14.04 yesterday > (07-22-2015), switching from 31.7.0 to 31.8.0, trying to fetch mails from a > POP3S server (SSL/TLS secured, normal password). Thunderbird displays > "Connected ..." in the status bar but nothing occurs then. > Sorry, Maxime, but I don't have any problems with 31.8.0 (downloaded from https://www.mozilla.org/en-US/thunderbird/download/?product=thunderbird-31.8.0&os=linux&lang=en-US ). Besides, I only have problems in 38.0.1 and 38.1.0 when using STARTTLS + encrypted password, I never had problems with my IMAP SSL/TLS secured mailboxes. So it is extremely unlikely that your bug is the same as mine and getting mine solved might not help you at all. Please file a separate bug report.
I created a new e-mail account with a provider who loves Linux, and exactly the same settings (STARTTLS + encrypted password) aren't a problem there: I can fetch my mails fine with TB 38.1.0 If no one else hits this issue, then it's probably an issue with the other provider, who doesn't seem interested as long as everything works with outlook :-/ Otoh: why does it work fine there in 31.8.0, what is so different between 31.*.* and 38.*.*?
You need to log in before you can comment on or make changes to this bug.