Comments (29)
And what exactly is a "live server" and "upload server"?!?!
from amissl.
Sorry. Live is the Outlook/Hotmail server, I use the same smtp.Live server to send emails too.
from amissl.
So, you are saying POP3 doesn't work, but SMTP does? What are the server names? And are there any error messages?
from amissl.
Have been looking more closely at this and using the OpenSSL command to connect to pop3.live.com, the same TLSv1.2 cipher is used with both 4.2 and 4.3, so there shouldn't be a speed related issue. This is using the OS4 build, I should add, but it should be the same on OS3.
Try OpenSSL s_client -connect pop3.live.com:995
and see what it says. Unfortunately, it seems the m68k build doesn't work under emulation on OS4, so I can't test it.
You may need to use the OS3 OpenSSL command from 4.2 (the 4.3 one is crashing for me under emulation on OS4). This will work with the 4.3 libs too.
from amissl.
from amissl.
from amissl.
Posting the entire output from the OpenSSL command would be helpful. It is frustrating that AmigaKit hijacked my broken A1200, as I have no way of testing the m68k AmiSSL natively. And the m68k emulation on OS4 breaks AmiSSL it seems, which obviously doesn't help.
from amissl.
from amissl.
@jerseywurzel Nope - I think you can only attach files via the full web interface.
from amissl.
Ok, hope it's attached now?
log.txt
from amissl.
from amissl.
Yes, thanks. May need to get you to re-run it later with extra debug output on, but I've got a deja vu feeling so will check back through the archives.
Does the OpenSSL command from 4.3 work for you or does it crash? Output looks like it is the 4.2 command.
from amissl.
Ok, I knew this felt familiar - see #11 - did you make any changes to get previous versions of AmiSSL v4 working with YAM? ECDH key exchange is a potential issue still. Maybe cipher priority changed since OpenSSL 1.1.0g and/or older faster ciphers were removed, which is causing ECDH to be chosen when it wasn't before.
from amissl.
from amissl.
Hi Oliver,
Not sure if you saw a reply; Im sure I sent one but it doesn
t show here.
Not sure how to tell what version OpenSSL command (Version OpenSSL?) it used or how to change from one version to another -could you let me know?
from amissl.
@jerseywurzel Yes, "version OpenSSL". Although, I am 99% sure the latest OpenSSL command is broken on m68k somehow.
What is your DefaultSSLCiphers setting in your YAM .config file? Sounds like you may need to adjust this like you did previously.
from amissl.
@Futaura
Ok, I tried version openssl but it wasn't found. So I searched and found a few in C:, SSLROOT, and previous versions of animal from 3.6 onwards. I tidied it all up but version command still didn't work, although dopus does. I've tried various versions but none enable yam to download mail, although uploading does. I can't find a defaultcipher setting in Yam at all but I wouldn't have amended them.
Do you need me to manually install previous versions of openssl and run the test command at all?
Thanks
from amissl.
The OpenSSL command should be in AmiSSL: on OS3, IIRC. Don't worry about testing this further though.
Regarding DefaultSSLCiphers I refer you to #11 (comment) :-) Just wondering if something changed in this respect when you updated YAM.
from amissl.
Ah, I think you're onto it. The DefaultSSLCipher was:
ECDHE-RSA-AES128-SHA.
After changing it as per the previous comment, it worked! Thank you so much.
It looks like the default ciphers were changed somehow?
from amissl.
Can you please state what exactly you entered now as the new DefaultSSLCipher setting?!?
from amissl.
@ jens-maus
Yes, I entered
DefaultSSLCiphers = AES256-SHA
Also, I am using the OPENSSL command from the Amissl 4.3 download, version 1.1.1a 20 Nov 18.
from amissl.
@jens-maus
I was doing some testing using the OPENSSL command. The version 1.1.1a did not work (causing an error and freezing the miggy), but version 1.1.0g (from amissl4.2) does work
from amissl.
@jerseywurzel Thanks for confirming - I've opened a separate issue (#28) for that.
Regarding your DefaultSSLCiphers, as @jens-maus told you a long time ago, that isn't one of the most secure settings. I would recommend trying setting it to the default and adding ":!ECDH" to the end. This will disable all the ECDH(E) ciphers that are problematic on m68k and choose the best of the rest instead. You could also try "DEFAULT:!ECDH" or "ALL:!ECDH". That said, some of the other ciphers may be problematic on m68k too.
from amissl.
from amissl.
@jerseywurzel I wonder - are you running MuRedox? If not, please give it a try (assuming you are still using MMULib). I think it may help.
from amissl.
from amissl.
@jerseywurzel It will be interesting to see if AmiSSL 4.4 has improved your YAM experience - IIRC, YAM is compiled for AmiSSL 4.2, so it will automatically use AmiSSL 4.4 instead once you've installed it. I'm hopeful it will resolve your issue due to a fundamental flaw being fixes specific to running on a 68060.
from amissl.
from amissl.
Fixed in ff6c5f9
from amissl.
Related Issues (20)
- Cannot compile SDL example
- 64bit arguments passing with 68k .library ABI HOT 2
- openssl/asn1.h header redefinitions in Storm C 4 HOT 5
- Update installer to allow installation even while AmiSSL is in use HOT 8
- Optional installation of include? HOT 3
- vbcc proto/inline issues HOT 7
- Random generator init is very slow HOT 11
- OpenSSL speed output order issue when redirected HOT 15
- 68000 version missing HOT 7
- OpenSSL 3.0 / AmiSSL v5 HOT 8
- const const in header files HOT 2
- interfaces/amissl.h:4320:73: error: duplicate ‘const’ HOT 1
- libamisslstubs.a missing a few stubs HOT 15
- AmiSSL version defines mismatches HOT 5
- Split Installer
- AMISSL_INLINE_H doesn't fully work with the 5.x SDK's HOT 12
- Big SSL/TLS connect performance regression in AmiSSL 5.x HOT 25
- FTPS stops working with ZitaFTP Server from version 5.4 HOT 13
- Example https Crashes on Vanilla AmigaOS v3.2 Installation on WinUAE HOT 3
- PatchWork Reports InitSemaphore "Structure Is Not Cleared" HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amissl.