[csw-maintainers] OpenSSL problem after upgrade

Juraj Lutter wilbury at opencsw.org
Thu Apr 25 18:43:34 CEST 2013 

On 04/25/2013 05:45 PM, Yann Rouillard wrote:
> Hi Juraj,
> 
> sha1 seems to be available: 
> $ openssl dgst -sha1 /tmp/file
> SHA1(/tmp/file)= da39a3ee5e6b4b0d3255bfef95601890afd80709
> 
> I don't reproduce your bug. 
> Can you send me your postfix configuration ?

Relevant lines are:

smtpd_tls_security_level = may
smtpd_tls_auth_only = no
smtpd_tls_key_file =  /etc/opt/ows/postfix/ssl1/mailhub.ltc.sk.key
smtpd_tls_cert_file = /etc/opt/ows/postfix/ssl1/mailhub.ltc.sk.crt
smtpd_tls_CApath = /etc/opt/csw/ssl/certs
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_cipherlist =  ALL:!aNULL:!eNULL:!LOW:!SSLv2:TLSv1:SSLv3:+EXP
smtpd_tls_ask_ccert = yes
smtpd_tls_req_ccert = no
smtpd_tls_protocols = !SSLv2,SSLv3,TLSv1
relay_clientcerts = dbm:/etc/opt/ows/postfix/relay_clientcerts
tls_random_source = dev:/dev/urandom

it's been working FOR YEARS, until yesterday when I've upgraded OpenSSL.

:-(

> 
> 
> Yann
> 
> 
> 
> 
> 
> 
> 2013/4/25 Juraj Lutter <wilbury at opencsw.org <mailto:wilbury at opencsw.org>>
> 
>     Hi,
> 
>     after recent OpenSSL upgrade, my postfix started to yield following:
> 
>     Apr 25 10:09:31 filesrv1 postfix-ltc-ssl/smtpd[24885]: [ID 947731
>     mail.warning] warning: Digest algorithm "sha1" not found: disabling TLS
>     support
> 
> 
>     Have anyone of you also encountered this kind of behaviour?
> 
>     Thanks.
> 
>     --
>     Juraj Lutter
>     URL:  http://www.wilbury.sk/
>     XMPP: juraj at lutter.sk <mailto:juraj at lutter.sk>
>     Pekny, mily a usmievavy webhosting a serverhousing: http://www.nic.sk/
> 
>     _______________________________________________
>     maintainers mailing list
>     maintainers at lists.opencsw.org <mailto:maintainers at lists.opencsw.org>
>     https://lists.opencsw.org/mailman/listinfo/maintainers
>     .:: This mailing list's archive is public. ::.
> 
> 
> 
> 
> _______________________________________________
> maintainers mailing list
> maintainers at lists.opencsw.org
> https://lists.opencsw.org/mailman/listinfo/maintainers
> .:: This mailing list's archive is public. ::.
> 


-- 
Juraj Lutter <wilbury at opencsw.org>

More information about the maintainers mailing list