maemo.org - Talk - [SOLVED] smtp to gmail suddenly stopped working when SSL enabled

maemo.org - Talk (https://talk.maemo.org/index.php)

- Maemo 5 / Fremantle (https://talk.maemo.org/forumdisplay.php?f=40)

- - [SOLVED] smtp to gmail suddenly stopped working when SSL enabled (https://talk.maemo.org/showthread.php?t=96756)

Re: smtp to gmail suddenly stopped working when SSL enabled

I'm stumped, sorry... I don't see anything in the logs to indicate what the problem is...

The only other difference I can think of is that I'm on CSSU Stable, I have no idea if that matters...

Depending on how much more effort you want to put into this, how familiar you are with the tools, and what your comfort level is with playing around a bit, some further suggestions for exploring the problem:

You might want to try to sniff the traffic (e.g., with wireshark) to see if a connection with the gmail servers is even established, or if things go wrong even before that happens...

Completely delete (move to backup) the .modest folder on your n900, and start from scratch, see if that makes a difference? (If you do this, don't forget to reconfigure the certificates!)

Create a new account on gmail, and try to connect with it?

Good luck!

Re: smtp to gmail suddenly stopped working when SSL enabled

I am on "stock" PR but of course with updated tinymail libs.

My account is manually set up.
user name includes '@gmail.com' (but should not matter)
imap ssl 993
smtp ssl 465

And all working ...

Re: smtp to gmail suddenly stopped working when SSL enabled

I sniffered network traffic between my N900 and imap.google.com with Wireshark. My N900 sends SSLv2 Client Hello packet with the following Cipher specs:

Code:

Secure Sockets Layer

    SSLv2 Record Layer: Client Hello

        [Version: SSL 2.0 (0x0002)]

        Length: 136

        Handshake Message Type: Client Hello (1)

        Version: SSL 3.0 (0x0300)

        Cipher Spec Length: 111

        Session ID Length: 0

        Challenge Length: 16

        Cipher Specs (37 specs)

            Cipher Spec: SSL2_RC4_128_WITH_MD5 (0x010080)

            Cipher Spec: SSL2_RC2_128_CBC_WITH_MD5 (0x030080)

            Cipher Spec: SSL2_DES_192_EDE3_CBC_WITH_MD5 (0x0700c0)

            Cipher Spec: SSL2_DES_64_CBC_WITH_MD5 (0x060040)

            Cipher Spec: SSL2_RC4_128_EXPORT40_WITH_MD5 (0x020080)

            Cipher Spec: SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 (0x040080)

            Cipher Spec: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x000088)

            Cipher Spec: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x000087)

            Cipher Spec: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x000039)

            Cipher Spec: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x000038)

            Cipher Spec: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x000084)

            Cipher Spec: TLS_RSA_WITH_AES_256_CBC_SHA (0x000035)

            Cipher Spec: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x000045)

            Cipher Spec: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x000044)

            Cipher Spec: TLS_DHE_DSS_WITH_RC4_128_SHA (0x000066)

            Cipher Spec: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x000033)

            Cipher Spec: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x000032)

            Cipher Spec: TLS_RSA_WITH_SEED_CBC_SHA (0x000096)

            Cipher Spec: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x000041)

            Cipher Spec: TLS_RSA_WITH_RC4_128_MD5 (0x000004)

            Cipher Spec: TLS_RSA_WITH_RC4_128_SHA (0x000005)

            Cipher Spec: TLS_RSA_WITH_AES_128_CBC_SHA (0x00002f)

            Cipher Spec: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x000016)

            Cipher Spec: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x000013)

            Cipher Spec: SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (0x00feff)

            Cipher Spec: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x00000a)

            Cipher Spec: TLS_DHE_RSA_WITH_DES_CBC_SHA (0x000015)

            Cipher Spec: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x000012)

            Cipher Spec: SSL_RSA_FIPS_WITH_DES_CBC_SHA (0x00fefe)

            Cipher Spec: TLS_RSA_WITH_DES_CBC_SHA (0x000009)

            Cipher Spec: TLS_RSA_EXPORT1024_WITH_RC4_56_SHA (0x000064)

            Cipher Spec: TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA (0x000062)

            Cipher Spec: TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x000003)

            Cipher Spec: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x000006)

            Cipher Spec: TLS_RSA_WITH_NULL_SHA (0x000002)

            Cipher Spec: TLS_RSA_WITH_NULL_MD5 (0x000001)

            Cipher Spec: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x0000ff)

I get the following reply from imap.google.com:

Code:

Secure Sockets Layer

    TLSv1 Record Layer: Alert (Level: Fatal, Description: Protocol Version)

        Content Type: Alert (21)

        Version: TLS 1.0 (0x0301)

        Length: 2

        Alert Message

            Level: Fatal (2)

            Description: Protocol Version (70)

To me this looks like Google does not accept the encryption protocols that my N900 offers for protocol negotiation? Google has dropped support for some protocols, see this announcement:

http://googleappsupdates.blogspot.fi...d-rc4-for.html

Claws works - maybe it uses different libraries for encryption than Modest?

Peter, have you upgraded encryption libraries on your N900?

Re: smtp to gmail suddenly stopped working when SSL enabled

To me this lokks exactly like you analyzed on your own.
N900 offering up to SSL3 and google demanding TLS1.

This would tell me the new libtinymail libraries from CSSU (or my extracted tar.gz files) are not in place.

And no, I have not (yet) upgraded ssl libs (0.9.8n).

Re: smtp to gmail suddenly stopped working when SSL enabled

Quote:

This would tell me the new libtinymail libraries from CSSU (or my extracted tar.gz files) are not in place.

I extraced the two .tar.gz files that were attached into the posting that you mentioned earlier in this thread. However, I realized that I had already done so a year or two ago :-)

Here are the dates and sizes of my tinymail files, do you have the same?

Code:

Nokia-N900:~# ls -l /usr/lib/camel-lite-1.2/camel-providers/libcamel* /usr/lib/libcamel-lite-1.2.so.0* /usr/lib/libtinymail*

176252 Jul 14  2010 /usr/lib/camel-lite-1.2/camel-providers/libcamelas.so

    11 Jul 14  2010 /usr/lib/camel-lite-1.2/camel-providers/libcamelas.urls

168212 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelimap.so

     5 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelimap.urls

 70672 Jun 30  2010 /usr/lib/camel-lite-1.2/camel-providers/libcamelisync.so

    20 Jun 30  2010 /usr/lib/camel-lite-1.2/camel-providers/libcamelisync.urls

 89608 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamellocal.so

    22 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamellocal.urls

 44868 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelnntp.so

    10 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelnntp.urls

 52128 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelpop3.so

     4 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelpop3.urls

  7804 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelsendmail.so

     9 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelsendmail.urls

 24520 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelsmtp.so

     5 Jun 13  2013 /usr/lib/camel-lite-1.2/camel-providers/libcamelsmtp.urls

    26 Aug  7 17:48 /usr/lib/libcamel-lite-1.2.so.0 -> libcamel-lite-1.2.so.0.0.0

733852 Jun 13  2013 /usr/lib/libcamel-lite-1.2.so.0.0.0

    26 Aug  7 17:48 /usr/lib/libtinymail-1.0.so.0 -> libtinymail-1.0.so.0.190.0

117292 Jun 13  2013 /usr/lib/libtinymail-1.0.so.0.190.0

    32 Aug  7 17:48 /usr/lib/libtinymail-camel-1.0.so.0 -> libtinymail-camel-1.0.so.0.190.0

239796 Jun 13  2013 /usr/lib/libtinymail-camel-1.0.so.0.190.0

    35 Aug  7 17:48 /usr/lib/libtinymail-gnomevfs-1.0.so.0 -> libtinymail-gnomevfs-1.0.so.0.190.0

  7260 Jun 13  2013 /usr/lib/libtinymail-gnomevfs-1.0.so.0.190.0

    32 Aug  7 17:48 /usr/lib/libtinymail-maemo-1.0.so.0 -> libtinymail-maemo-1.0.so.0.190.0

 27404 Jun 13  2013 /usr/lib/libtinymail-maemo-1.0.so.0.190.0

    28 Aug  7 17:48 /usr/lib/libtinymailui-1.0.so.0 -> libtinymailui-1.0.so.0.190.0

  8108 Jun 13  2013 /usr/lib/libtinymailui-1.0.so.0.190.0

    32 Aug  7 17:48 /usr/lib/libtinymailui-gtk-1.0.so.0 -> libtinymailui-gtk-1.0.so.0.190.0

 95080 Jun 13  2013 /usr/lib/libtinymailui-gtk-1.0.so.0.190.0

I have libssl0.9.8 version 0.9.8n-1+maemo4+0m5

Re: smtp to gmail suddenly stopped working when SSL enabled

Hmm, on first glance they look the same. But the dates are different. And checking some backup/temp folders I have those files with exactly the same file sizes but different dates. And they differ!

I have files with date of Nov 2014
and the uploaded tar.gz should have too.

So best: download again, extract to a temporary folder and diff the extracted libs, e.g.~
$ diff tmp/tinymail/usr/lib/libcamel-lite-1.2.so.0.0.0 /usr/lib
/libcamel-lite-1.2.so.0.0.0

If they differ, put them in correct place, killall modest and try again.
If not: out of ideas...

Code:

~ $ ll /usr/lib/camel-lite-1.2/camel-providers/libcamel* /usr/lib/libcamel-lite-1.2.so.0* /usr/lib/libtinymail*

-rw-r--r--    1 root     root        176252 Jul 14  2010 /usr/lib/camel-lite-1.2/camel-providers/libcamelas.so

-rw-r--r--    1 root     root            11 Jul 14  2010 /usr/lib/camel-lite-1.2/camel-providers/libcamelas.urls

-rw-r--r--    1 root     root        168212 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelimap.so

-rw-r--r--    1 root     root             5 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelimap.urls

-rw-r--r--    1 root     root         70672 Jun 30  2010 /usr/lib/camel-lite-1.2/camel-providers/libcamelisync.so

-rw-r--r--    1 root     root            20 Jun 30  2010 /usr/lib/camel-lite-1.2/camel-providers/libcamelisync.urls

-rw-r--r--    1 root     root         89608 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamellocal.so

-rw-r--r--    1 root     root            22 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamellocal.urls

-rw-r--r--    1 root     root         44832 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelnntp.so

-rw-r--r--    1 root     root            10 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelnntp.urls

-rw-r--r--    1 root     root         52128 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelpop3.so

-rw-r--r--    1 root     root             4 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelpop3.urls

-rw-r--r--    1 root     root          7804 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelsendmail.so

-rw-r--r--    1 root     root             9 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelsendmail.urls

-rw-r--r--    1 root     root         24520 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelsmtp.so

-rw-r--r--    1 root     root             5 Nov  2  2014 /usr/lib/camel-lite-1.2/camel-providers/libcamelsmtp.urls

lrwxrwxrwx    1 root     root            26 Jan  5  2016 /usr/lib/libcamel-lite-1.2.so.0 -> libcamel-lite-1.2.so.0.0.0

-rw-r--r--    1 root     root        733852 Nov  2  2014 /usr/lib/libcamel-lite-1.2.so.0.0.0

lrwxrwxrwx    1 root     root            26 Jan  5  2016 /usr/lib/libtinymail-1.0.so.0 -> libtinymail-1.0.so.0.190.0

-rw-r--r--    1 root     root        117292 Jun 13  2013 /usr/lib/libtinymail-1.0.so.0.190.0

lrwxrwxrwx    1 root     root            32 Jan  5  2016 /usr/lib/libtinymail-camel-1.0.so.0 -> libtinymail-camel-1.0.so.0.190.0

-rw-r--r--    1 root     root        240124 Nov  2  2014 /usr/lib/libtinymail-camel-1.0.so.0.190.0

lrwxrwxrwx    1 root     root            35 Jan  5  2016 /usr/lib/libtinymail-gnomevfs-1.0.so.0 -> libtinymail-gnomevfs-1.0.so.0.190.0

-rw-r--r--    1 root     root          7260 Jun 13  2013 /usr/lib/libtinymail-gnomevfs-1.0.so.0.190.0

lrwxrwxrwx    1 root     root            32 Jan  5  2016 /usr/lib/libtinymail-maemo-1.0.so.0 -> libtinymail-maemo-1.0.so.0.190.0

-rw-r--r--    1 root     root         27404 Jun 13  2013 /usr/lib/libtinymail-maemo-1.0.so.0.190.0

-rw-r--r--    1 root     root        406825 Jun 19  2013 /usr/lib/libtinymail_ori.tar.bz2

lrwxrwxrwx    1 root     root            28 Jan  5  2016 /usr/lib/libtinymailui-1.0.so.0 -> libtinymailui-1.0.so.0.190.0

-rw-r--r--    1 root     root          8108 Jun 13  2013 /usr/lib/libtinymailui-1.0.so.0.190.0

lrwxrwxrwx    1 root     root            32 Jan  5  2016 /usr/lib/libtinymailui-gtk-1.0.so.0 -> libtinymailui-gtk-1.0.so.0.190.0

-rw-r--r--    1 root     root         95080 Jun 13  2013 /usr/lib/libtinymailui-gtk-1.0.so.0.190.0

~ $

Re: smtp to gmail suddenly stopped working when SSL enabled

I downloaded the two tar.gz files (libtinymail-camel.tar.gz and libtinymail-tiny.tar.gz) from the attachments of this message:

http://talk.maemo.org/showpost.php?p...7&postcount=13

That message is dated 2013-06-21 so it can't possibly contain files with date Nov 2014.

Can I download a newer version somewhere?

Re: smtp to gmail suddenly stopped working when SSL enabled

Quote:

Originally Posted by JuhaniJaakola (Post 1512178)

If the files dates were touched, for example, install date ?

Re: smtp to gmail suddenly stopped working when SSL enabled

Quote:

Originally Posted by JuhaniJaakola (Post 1512178)

Oops, absolutely right!
Sorry. It was that long ago I mixed it up / forgot somehow. Sorry.

Please check old place once more and you will find the post edited to link you to
http://talk.maemo.org/showpost.php?p...8&postcount=44
with latest libs.

Re: smtp to gmail suddenly stopped working when SSL enabled

I downloaded the two tar.gz files from your posting on 2014-11-06 and followed your instructions and rebooted my N900 - and now both sending and receiving Gmail messages work!

Many thanks!