| 2021-06-30 14:45:32 |
Bill Yikes |
bug |
|
|
added bug |
| 2021-06-30 14:46:33 |
Bill Yikes |
description |
Version 6.4.16 is unable to fetch mail from the underwood onion site. This is the output when trying to connect:
fetchmail: normal termination, status 2
fetchmail: 6.4.16 querying underwood-onion (protocol IMAP) at Wed 30 Jun 2021 02:10:52 PM UTC: poll started
fetchmail: Trying to connect to 127.0.0.1/12345...connected.
fetchmail: IMAP< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN
fetchmail: IMAP< A0001 OK Pre-login capabilities listed, post-login capabilities have more.
fetchmail: IMAP> A0002 STARTTLS
fetchmail: IMAP< A0002 BAD TLS support isn't enabled.
fetchmail: 127.0.0.1: upgrade to TLS failed.
fetchmail: Unknown login or authentication error on billyikes@127.0.0.1
fetchmail: socket error while fetching from billyikes@underwood-onion
This worked with past versions. To reproduce, use this stanza in .fetchmailrc:
skip underwood-onion via 127.0.0.1
protocol imap
port 12345
username "billyikes"
sslproto 'SSL3+'
no sslcertck
fetchall
Note that past working stanzas did not need "sslproto" or "no sslcertck" but were introduced to after upgrading to 6.4.16.
run these commands:
$ socat TCP4-LISTEN:12345,reuseaddr,fork SOCKS4A:127.0.0.1:underwood2hj3pwd.onion:143,socksport=9050
$ fetchmail -v -d0 underwood-onion
$ pkill socat
This is one report, but there are a few bugs here:
1) inability to connect to handshake with bad TLS protocols. It's an onion site, so SSL is not needed for crypto (it's there for a different purpose). So if fetchmail is judging the crypto to be insecure, it's overzealous in this case.
2) the "Unknown login or authentication error" is not only a false error, it's alarming. It's the worst kind of false error because it tells the user that there's a problem with their account.
3) there is no per-account SOCKS4a config parameter, so users are pushed into this inconvenient and ugly hack of running socat and piping through that. The "plugin" parameter does not help in this case because fetchmail still attempts to resolve the underwood2hj3pwd.onion outside of the proxy.
Bug 3 has always existed, but 1 & 2 are new regressions. |
Version 6.4.16 is unable to fetch mail from the underwood onion site. This is the output when trying to connect:
fetchmail: normal termination, status 2
fetchmail: 6.4.16 querying underwood-onion (protocol IMAP) at Wed 30 Jun 2021 02:10:52 PM UTC: poll started
fetchmail: Trying to connect to 127.0.0.1/12345...connected.
fetchmail: IMAP< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN
fetchmail: IMAP< A0001 OK Pre-login capabilities listed, post-login capabilities have more.
fetchmail: IMAP> A0002 STARTTLS
fetchmail: IMAP< A0002 BAD TLS support isn't enabled.
fetchmail: 127.0.0.1: upgrade to TLS failed.
fetchmail: Unknown login or authentication error on billyikes@127.0.0.1
fetchmail: socket error while fetching from billyikes@underwood-onion
This worked with past versions. To reproduce, use this stanza in .fetchmailrc:
skip underwood-onion via 127.0.0.1
protocol imap
port 12345
username "billyikes"
sslproto 'SSL3+'
no sslcertck
fetchall
Note that past working stanzas did not need "sslproto" or "no sslcertck" but were introduced to after upgrading to 6.4.16.
run these commands:
$ socat TCP4-LISTEN:12345,reuseaddr,fork SOCKS4A:127.0.0.1:underwood2hj3pwd.onion:143,socksport=9050
$ fetchmail -v -d0 underwood-onion
$ pkill socat
This is one report, but there are a few bugs here:
1) inability to connect to handshake with bad TLS protocols. It's an onion site, so SSL is not needed for crypto (it's there for a different purpose). So if fetchmail is judging the crypto to be insecure, it's overzealous in this case.
2) the "Unknown login or authentication error" is not only a false error, it's alarming. It's the worst kind of false error because it tells the user that there's a problem with their account.
3) there is no per-account SOCKS4a config parameter, so users are pushed into this inconvenient and ugly hack of running socat and piping through that. The "plugin" parameter does not help in this case because fetchmail still attempts to resolve the underwood2hj3pwd.onion outside of the proxy.
Bug \3 has always existed, but 1 & 2 are new regressions. |
|
| 2021-06-30 15:25:57 |
Bill Yikes |
description |
Version 6.4.16 is unable to fetch mail from the underwood onion site. This is the output when trying to connect:
fetchmail: normal termination, status 2
fetchmail: 6.4.16 querying underwood-onion (protocol IMAP) at Wed 30 Jun 2021 02:10:52 PM UTC: poll started
fetchmail: Trying to connect to 127.0.0.1/12345...connected.
fetchmail: IMAP< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN
fetchmail: IMAP< A0001 OK Pre-login capabilities listed, post-login capabilities have more.
fetchmail: IMAP> A0002 STARTTLS
fetchmail: IMAP< A0002 BAD TLS support isn't enabled.
fetchmail: 127.0.0.1: upgrade to TLS failed.
fetchmail: Unknown login or authentication error on billyikes@127.0.0.1
fetchmail: socket error while fetching from billyikes@underwood-onion
This worked with past versions. To reproduce, use this stanza in .fetchmailrc:
skip underwood-onion via 127.0.0.1
protocol imap
port 12345
username "billyikes"
sslproto 'SSL3+'
no sslcertck
fetchall
Note that past working stanzas did not need "sslproto" or "no sslcertck" but were introduced to after upgrading to 6.4.16.
run these commands:
$ socat TCP4-LISTEN:12345,reuseaddr,fork SOCKS4A:127.0.0.1:underwood2hj3pwd.onion:143,socksport=9050
$ fetchmail -v -d0 underwood-onion
$ pkill socat
This is one report, but there are a few bugs here:
1) inability to connect to handshake with bad TLS protocols. It's an onion site, so SSL is not needed for crypto (it's there for a different purpose). So if fetchmail is judging the crypto to be insecure, it's overzealous in this case.
2) the "Unknown login or authentication error" is not only a false error, it's alarming. It's the worst kind of false error because it tells the user that there's a problem with their account.
3) there is no per-account SOCKS4a config parameter, so users are pushed into this inconvenient and ugly hack of running socat and piping through that. The "plugin" parameter does not help in this case because fetchmail still attempts to resolve the underwood2hj3pwd.onion outside of the proxy.
Bug \3 has always existed, but 1 & 2 are new regressions. |
Version 6.4.16 is unable to fetch mail from the underwood onion site. This is the output when trying to connect:
fetchmail: normal termination, status 2
fetchmail: 6.4.16 querying underwood-onion (protocol IMAP) at Wed 30 Jun 2021 02:10:52 PM UTC: poll started
fetchmail: Trying to connect to 127.0.0.1/12345...connected.
fetchmail: IMAP< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN
fetchmail: IMAP< A0001 OK Pre-login capabilities listed, post-login capabilities have more.
fetchmail: IMAP> A0002 STARTTLS
fetchmail: IMAP< A0002 BAD TLS support isn't enabled.
fetchmail: 127.0.0.1: upgrade to TLS failed.
fetchmail: Unknown login or authentication error on billyikes@127.0.0.1
fetchmail: socket error while fetching from billyikes@underwood-onion
This worked with past versions. To reproduce, use this stanza in .fetchmailrc:
skip underwood-onion via 127.0.0.1
protocol imap
port 12345
username "billyikes"
sslproto 'SSL3+'
no sslcertck
fetchall
Note that past working stanzas did not need "sslproto" or "no sslcertck" but were introduced to after upgrading to 6.4.16.
run these commands:
$ socat TCP4-LISTEN:12345,reuseaddr,fork SOCKS4A:127.0.0.1:underwood2hj3pwd.onion:143,socksport=9050
$ fetchmail -v -d0 underwood-onion
$ pkill socat
It's the same outcome if "sslproto 'SSL23'" is used instead.
This is one report, but there are a few bugs here:
1) inability to connect to handshake with bad TLS protocols. It's an onion site, so SSL is not needed for crypto (it's there for a different purpose). So if fetchmail is judging the crypto to be insecure, it's overzealous in this case.
2) the "Unknown login or authentication error" is not only a false error, it's alarming. It's the worst kind of false error because it tells the user that there's a problem with their account.
3) there is no per-account SOCKS4a config parameter, so users are pushed into this inconvenient and ugly hack of running socat and piping through that. The "plugin" parameter does not help in this case because fetchmail still attempts to resolve the underwood2hj3pwd.onion outside of the proxy.
Bug number 3 has always existed, but 1 & 2 are new regressions. |
|
| 2021-06-30 18:32:39 |
Bill Yikes |
description |
Version 6.4.16 is unable to fetch mail from the underwood onion site. This is the output when trying to connect:
fetchmail: normal termination, status 2
fetchmail: 6.4.16 querying underwood-onion (protocol IMAP) at Wed 30 Jun 2021 02:10:52 PM UTC: poll started
fetchmail: Trying to connect to 127.0.0.1/12345...connected.
fetchmail: IMAP< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN
fetchmail: IMAP< A0001 OK Pre-login capabilities listed, post-login capabilities have more.
fetchmail: IMAP> A0002 STARTTLS
fetchmail: IMAP< A0002 BAD TLS support isn't enabled.
fetchmail: 127.0.0.1: upgrade to TLS failed.
fetchmail: Unknown login or authentication error on billyikes@127.0.0.1
fetchmail: socket error while fetching from billyikes@underwood-onion
This worked with past versions. To reproduce, use this stanza in .fetchmailrc:
skip underwood-onion via 127.0.0.1
protocol imap
port 12345
username "billyikes"
sslproto 'SSL3+'
no sslcertck
fetchall
Note that past working stanzas did not need "sslproto" or "no sslcertck" but were introduced to after upgrading to 6.4.16.
run these commands:
$ socat TCP4-LISTEN:12345,reuseaddr,fork SOCKS4A:127.0.0.1:underwood2hj3pwd.onion:143,socksport=9050
$ fetchmail -v -d0 underwood-onion
$ pkill socat
It's the same outcome if "sslproto 'SSL23'" is used instead.
This is one report, but there are a few bugs here:
1) inability to connect to handshake with bad TLS protocols. It's an onion site, so SSL is not needed for crypto (it's there for a different purpose). So if fetchmail is judging the crypto to be insecure, it's overzealous in this case.
2) the "Unknown login or authentication error" is not only a false error, it's alarming. It's the worst kind of false error because it tells the user that there's a problem with their account.
3) there is no per-account SOCKS4a config parameter, so users are pushed into this inconvenient and ugly hack of running socat and piping through that. The "plugin" parameter does not help in this case because fetchmail still attempts to resolve the underwood2hj3pwd.onion outside of the proxy.
Bug number 3 has always existed, but 1 & 2 are new regressions. |
Version 6.4.16 is unable to fetch mail from the underwood onion site. This is the output when trying to connect:
fetchmail: normal termination, status 2
fetchmail: 6.4.16 querying underwood-onion (protocol IMAP) at Wed 30 Jun 2021 02:10:52 PM UTC: poll started
fetchmail: Trying to connect to 127.0.0.1/12345...connected.
fetchmail: IMAP< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN
fetchmail: IMAP< A0001 OK Pre-login capabilities listed, post-login capabilities have more.
fetchmail: IMAP> A0002 STARTTLS
fetchmail: IMAP< A0002 BAD TLS support isn't enabled.
fetchmail: 127.0.0.1: upgrade to TLS failed.
fetchmail: Unknown login or authentication error on billyikes@127.0.0.1
fetchmail: socket error while fetching from billyikes@underwood-onion
This worked with past versions. To reproduce, use this stanza in .fetchmailrc:
skip underwood-onion via 127.0.0.1
protocol imap
port 12345
username "billyikes"
sslproto 'SSL3+'
no sslcertck
fetchall
Note that past working stanzas did not need "sslproto" or "no sslcertck" but were introduced to after upgrading to 6.4.16.
run these commands:
$ socat TCP4-LISTEN:12345,reuseaddr,fork SOCKS4A:127.0.0.1:underwood2hj3pwd.onion:143,socksport=9050
$ fetchmail -v -d0 underwood-onion
$ pkill socat
It's the same outcome if "sslproto 'SSL23'" is used instead.
This is one report, but there are a few bugs here:
1) inability to connect to handshake with bad TLS protocols. It's an onion site, so SSL is not needed for crypto (it's there for a different purpose). So if fetchmail is judging the crypto to be insecure, it's overzealous in this case.
2) the "Unknown login or authentication error" is not only a false error, it's alarming. It's the worst kind of false error because it tells the user that there's a problem with their account.
3) there is no per-account SOCKS4a config parameter, so users are pushed into this inconvenient and ugly hack of running socat and piping through that. The "plugin" parameter does not help in this case because fetchmail still attempts to resolve the underwood2hj3pwd.onion outside of the proxy.
Bug (3) has always existed, but (1) & (2) are new regressions. |
|
| 2021-07-01 12:59:28 |
Paride Legovini |
fetchmail (Ubuntu): status |
New |
Incomplete |
|
| 2021-07-02 15:22:56 |
Bill Yikes |
fetchmail (Ubuntu): status |
Incomplete |
New |
|
| 2021-07-05 06:44:57 |
Christian Ehrhardt |
fetchmail (Ubuntu): status |
New |
Incomplete |
|
| 2021-09-04 04:17:20 |
Launchpad Janitor |
fetchmail (Ubuntu): status |
Incomplete |
Expired |
|
