invalid SSL_version specified at /usr/share/perl5/IO/Socket/SSL.pm line 332

I can reproduce the error with the 'sendemail' command. Notice not 'sendmail' but 'sendemail. Same error message.

Comming to think about it, this problem is not with dirvish at all but with the sendemail program. I use sendemail in the dirvish post scripts to mail status updates to users.

sendemail:
  Installed: 1.56-2
  Candidate: 1.56-2
  Version table:
 *** 1.56-2 0
        500 http://nl.archive.ubuntu.com/ubuntu/ quantal/universe amd64 Packages
        100 /var/lib/dpkg/status

Solved it for the time being by changing 'SSLv3 TLSv1'in sendemail line 1907 to 'SSLv3', but editing files installed by a package manager is bad practice. Also I don't think this is a proper solution. Here is the code sniplet:

1903 ## Start TLS if possible
1904 if ($conf{'tls_server'} == 1 and $conf{'tls_client'} == 1 and $opt{'tls'} =~ /^(yes|auto)$/) {
1905 printmsg("DEBUG => Starting TLS", 2);
1906 if (SMTPchat('STARTTLS')) { quit($conf{'error'}, 1); }

Original:
1907 if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => 'SSLv3 TLSv1')) {

Workaround:
1907 if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => 'SSLv3')) {

1908 quit("ERROR => TLS setup failed: " . IO::Socket::SSL::errstr(), 1);
1909 }
1910 printmsg("DEBUG => TLS: Using cipher: ". $SERVER->get_cipher(), 3);
1911 printmsg("DEBUG => TLS session initialized :)", 1);
1912
1913 ## Restart our SMTP session
1914 if (SMTPchat('EHLO ' . $opt{'fqdn'})) { quit($conf{'error'}, 1); }
1915 }
1916 elsif ($opt{'tls'} eq 'yes' and $conf{'tls_server'} == 0) {
1917 quit("ERROR => TLS not possible! Remote SMTP server, $conf{'server'}, does not support it.", 1);
1918 }

Hi

have found similar bug in Debian (http://bugs.debian.org/679911) for sendemail package. Reassigning there.

Regards,
Salvatore

Status changed to 'Confirmed' because the bug affects multiple users.

Easier workaround is:

Replace:

m{^(!?)(?:(SSL(?:v2|v3|v23|v2/3))|(TLSv1[12]?))$}i

With:

m{^(!?)(?:(SSL(?:v2|v3|v23|v2/3))|(TLSv1[12]?))}i

@war59312
It works, thank you!

Of course it does. ;)

Your welcome! :D

@war59312
Sorry, noob question, but which file do we replace that in?

/usr/share/perl5/IO/Socket/SSL.pm

The file that has the bug after all. ;)

$ is very powerful as you have now witnessed. :p

Cool. Thank you. Silly me, I was still looking in sendemail, even though that is what I didn't want to change. Is this a permanent fix, or can this get overwritten by a package upgrade? (in which case I hope that it'll be fixed by then).

@war59312
Yes, in usr/share/perl5/IO/Socket/SSL.pm in line 1482.

@pieterjanvu Yes it can be overwritten by the package. So just a temporary work around for now.

But by then it should be fixed anyways. That is, once this bug has been marked fixed. ;)

I really would not worry about it. Not like SSL.pm is updated often and even if it does you will know right away when mail breaks again. :p

If you are using recommended pracitices...

When the new package tries to install, it will warn you that you have made modifications to the original file and asks if you want to override it with the one in the package or keep yous. It even goes so far as showing exact changes.

So not really an issue. Better to have mail working than worrying about a package maybe breaking it. ;)

Hi, I have tried the above by changing 'SSLv3 TLSv1' to 'SSLv3' <-- That didn't work.
I then changed it back and tried to change:
m{^(!?)(?:(SSL(?:v2|v3|v23|v2/3))|(TLSv1[12]?))$}i
With:
m{^(!?)(?:(SSL(?:v2|v3|v23|v2/3))|(TLSv1[12]?))}i

That didn't work either. I got the following error on both:

sendEmail[11597]: ERROR => TLS setup failed: SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Anyone know how this could be.

Thank you
Darrell

Afraid that is a totally unrelated error.

This bug was fixed in debian version 1.56-3, which has been sync'd to Raring.