Comments (29)
jens-maus
commented on May 27, 2024
And what exactly is a "live server" and "upload server"?!?!
from amissl.
jerseywurzel
commented on May 27, 2024
Sorry. Live is the Outlook/Hotmail server, I use the same smtp.Live server to send emails too.
from amissl.
Futaura
commented on May 27, 2024
So, you are saying POP3 doesn't work, but SMTP does? What are the server names? And are there any error messages?
from amissl.
Futaura
commented on May 27, 2024
Have been looking more closely at this and using the OpenSSL command to connect to pop3.live.com, the same TLSv1.2 cipher is used with both 4.2 and 4.3, so there shouldn't be a speed related issue. This is using the OS4 build, I should add, but it should be the same on OS3.
Try OpenSSL s_client -connect pop3.live.com:995 and see what it says. Unfortunately, it seems the m68k build doesn't work under emulation on OS4, so I can't test it.
You may need to use the OS3 OpenSSL command from 4.2 (the 4.3 one is crashing for me under emulation on OS4). This will work with the 4.3 libs too.
from amissl.
jerseywurzel
commented on May 27, 2024
Hi Oliver,
Yes, pop3 doesn't work but smpt does.
Pop3.live.com (also tried office365.outlook.com)
Smpt was smpt.live.com which worked, but I've set now set up office365.outlook.com which also works
On 23 Feb 2019 9:25 pm, Oliver Roberts <[email protected]> wrote:
So, you are saying POP3 doesn't work, but SMTP does? What are the server names? And are there any error messages?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<#27 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AYg7jYfeuU5bND0EfPTDRIlUvE5fyf05ks5vQbHJgaJpZM4bOICe>.
from amissl.
jerseywurzel
commented on May 27, 2024
I typed what you suggested and got a whole paragraph.
It starts with
Connected (000000)
and ends with
Timout : 7200(sec)
Verify returncode: 0 (ok)
Extended master secret : yes
I thank you for looking but I will be away for Adweek from tomorrow, so no rush.
Thanks wurzel
On 23 Feb 2019 11:32 pm, Oliver Roberts <[email protected]> wrote:
Have been looking more closely at this and using the OpenSSL command to connect to pop3.live.com, the same TLSv1.2 cipher is used with both 4.2 and 4.3, so there shouldn't be a speed related issue. This is using the OS4 build, I should add, but it should be the same on OS3.
Try OpenSSL s_client -connect pop3.live.com:995 and see what it says. Unfortunately, it seems the m68k build doesn't work under emulation on OS4, so I can't test it.
You may need to use the OS3 OpenSSL command from 4.2 (the 4.3 one is crashing for me under emulation on OS4). This will work with the 4.3 libs too.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<#27 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AYg7janCmCG1NUsYQxtojs2RkGkjDMgxks5vQc-agaJpZM4bOICe>.
from amissl.
Futaura
commented on May 27, 2024
Posting the entire output from the OpenSSL command would be helpful. It is frustrating that AmigaKit hijacked my broken A1200, as I have no way of testing the m68k AmiSSL natively. And the m68k emulation on OS4 breaks AmiSSL it seems, which obviously doesn't help.
from amissl.
jerseywurzel
commented on May 27, 2024
Hi Oliver,
Ok I saved the output to a file and have copied to my phone. Hopefully, it will be attached.
On 24 Feb 2019 6:26 pm, Oliver Roberts <[email protected]> wrote:
Posting the entire output from the OpenSSL command would be helpful. It is frustrating that AmigaKit hijacked my broken A1200, as I have no way of testing the m68k AmiSSL natively. And the m68k emulation on OS4 breaks AmiSSL it seems, which obviously doesn't help.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<#27 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AYg7jcVfbVgUrsJ3Hu5Een1gI_NG6Gqlks5vQtlbgaJpZM4bOICe>.
from amissl.
Futaura
commented on May 27, 2024
@jerseywurzel Nope - I think you can only attach files via the full web interface.
from amissl.
jerseywurzel
commented on May 27, 2024
Ok, hope it's attached now?
log.txt
from amissl.
jerseywurzel
commented on May 27, 2024
Hi Oliver,
I think I've done it now.
On 24 Feb 2019 8:29 pm, Oliver Roberts <[email protected]> wrote:
@jerseywurzel<https://github.com/jerseywurzel> Nope - I think you can only attach files via the full web interface.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#27 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AYg7jeFtgleAJoBcqcRhZWXYRo0qacmTks5vQvYfgaJpZM4bOICe>.
from amissl.
Futaura
commented on May 27, 2024
Yes, thanks. May need to get you to re-run it later with extra debug output on, but I've got a deja vu feeling so will check back through the archives.
Does the OpenSSL command from 4.3 work for you or does it crash? Output looks like it is the 4.2 command.
from amissl.
Futaura
commented on May 27, 2024
Ok, I knew this felt familiar - see #11 - did you make any changes to get previous versions of AmiSSL v4 working with YAM? ECDH key exchange is a potential issue still. Maybe cipher priority changed since OpenSSL 1.1.0g and/or older faster ciphers were removed, which is causing ECDH to be chosen when it wasn't before.
from amissl.
jerseywurzel
commented on May 27, 2024
Sorry, but I don't know the difference in the commands you mentioned.
I just installed 4.3 in the same directory as 4.2. It said it was deleting old ciphers.
Then I opened a she'll and typed the command as you showed.
Thanks
On 24 Feb 2019 8:55 pm, Oliver Roberts <[email protected]> wrote:
Yes, thanks. May need to get you to re-run it later with extra debug output on, but I've got a deja vu feeling so will check back through the archives.
Does the OpenSSL command from 4.3 work for you or does it crash? Output looks like it is the 4.2 command.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#27 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AYg7jbSxkNTpP7ENlay3H-_ZN4Z-a1bdks5vQvxRgaJpZM4bOICe>.
from amissl.
jerseywurzel
commented on May 27, 2024
Hi Oliver,
Not sure if you saw a reply; Im sure I sent one but it doesnt show here.
Not sure how to tell what version OpenSSL command (Version OpenSSL?) it used or how to change from one version to another -could you let me know?
from amissl.
Futaura
commented on May 27, 2024
@jerseywurzel Yes, "version OpenSSL". Although, I am 99% sure the latest OpenSSL command is broken on m68k somehow.
What is your DefaultSSLCiphers setting in your YAM .config file? Sounds like you may need to adjust this like you did previously.
from amissl.
jerseywurzel
commented on May 27, 2024
@Futaura
Ok, I tried version openssl but it wasn't found. So I searched and found a few in C:, SSLROOT, and previous versions of animal from 3.6 onwards. I tidied it all up but version command still didn't work, although dopus does. I've tried various versions but none enable yam to download mail, although uploading does. I can't find a defaultcipher setting in Yam at all but I wouldn't have amended them.
Do you need me to manually install previous versions of openssl and run the test command at all?
Thanks
from amissl.
Futaura
commented on May 27, 2024
The OpenSSL command should be in AmiSSL: on OS3, IIRC. Don't worry about testing this further though.
Regarding DefaultSSLCiphers I refer you to #11 (comment) :-) Just wondering if something changed in this respect when you updated YAM.
from amissl.
jerseywurzel
commented on May 27, 2024
Ah, I think you're onto it. The DefaultSSLCipher was:
ECDHE-RSA-AES128-SHA.
After changing it as per the previous comment, it worked! Thank you so much.
It looks like the default ciphers were changed somehow?
from amissl.
jens-maus
commented on May 27, 2024
Can you please state what exactly you entered now as the new DefaultSSLCipher setting?!?
from amissl.
jerseywurzel
commented on May 27, 2024
@ jens-maus
Yes, I entered
DefaultSSLCiphers = AES256-SHA
Also, I am using the OPENSSL command from the Amissl 4.3 download, version 1.1.1a 20 Nov 18.
from amissl.
jerseywurzel
commented on May 27, 2024
@jens-maus
I was doing some testing using the OPENSSL command. The version 1.1.1a did not work (causing an error and freezing the miggy), but version 1.1.0g (from amissl4.2) does work
from amissl.
Futaura
commented on May 27, 2024
@jerseywurzel Thanks for confirming - I've opened a separate issue (#28) for that.
Regarding your DefaultSSLCiphers, as @jens-maus told you a long time ago, that isn't one of the most secure settings. I would recommend trying setting it to the default and adding ":!ECDH" to the end. This will disable all the ECDH(E) ciphers that are problematic on m68k and choose the best of the rest instead. You could also try "DEFAULT:!ECDH" or "ALL:!ECDH". That said, some of the other ciphers may be problematic on m68k too.
from amissl.
jerseywurzel
commented on May 27, 2024
@Futaura
Hi Oliver,
On 08/03/2019, you wrote:
@jerseywurzel Thanks for confirming - I've opened a separate issue (#28) for that.
Regarding your DefaultSSLCiphers, as @jens-maus told you a long time ago, that isn't one of
the most secure settings. I would recommend trying setting it to the default and adding
":!ECDH" to the end. This will disable all the ECDH(E) ciphers that are problematic on m68k
and choose the best of the rest instead. You could also try "DEFAULT:!ECDH" or "ALL:!ECDH".
That said, some of the other ciphers may be problematic on m68k too.
I've tried different combinations of DefaultSSLCipher settings. I'm not sure if it's because I'm not typing it correctly or not, but all connections fail except with AES256-SHA
I've tried entering:
ECDHE-RSA-AES128-SHA
ECDHE-RSA-AES128-SHA:!ECDH
ECDHE-RSA-AES128-SHA :!ECDH
DefaultSSLCiphers = DEFAULT:!ECDH
I restarted YAM each time so it would load the new configuration but none connect.
Anything else I can try?
Thanks
from amissl.
Futaura
commented on May 27, 2024
@jerseywurzel I wonder - are you running MuRedox? If not, please give it a try (assuming you are still using MMULib). I think it may help.
from amissl.
jerseywurzel
commented on May 27, 2024
Hi Oliver,
On 18/01/2020, you wrote:
@jerseywurzel I wonder - are you running MuRedox? If not, please give it a try - I think it
may help.
No, never even heard of it but I'll look it up.
Thanks.
Bye for now,
--
Russell
A lot of money is tainted -Taint yours and taint mine.
weather:
Partly Cloudy : 7.00 C, 44.60 F
Winds : East 10.36 MPH, 16.67 KPH, 9.00 Knots
Jersey Airport (EGJJ), United Kingdom
from amissl.
Futaura
commented on May 27, 2024
@jerseywurzel It will be interesting to see if AmiSSL 4.4 has improved your YAM experience - IIRC, YAM is compiled for AmiSSL 4.2, so it will automatically use AmiSSL 4.4 instead once you've installed it. I'm hopeful it will resolve your issue due to a fundamental flaw being fixes specific to running on a 68060.
from amissl.
jerseywurzel
commented on May 27, 2024
Hi Oliver,
On 15/02/2020, you wrote:
@jerseywurzel It will be interesting to see if AmiSSL 4.4 has improved your YAM experience
- IIRC, YAM is compiled for AmiSSL 4.2, so it will automatically use AmiSSL 4.4 instead
once you've installed it. I'm hopeful it will resolve your issue due to a fundamental flaw
being fixes specific to running on a 68060.
Yes, YAM is much faster now. I have even changed to Default Cipher to:
ECDHE-RSA-AES256-SHA384
And it still flies along.
Thank you.
Bye for now,
--
Russell
from amissl.
Futaura
commented on May 27, 2024
Fixed in ff6c5f9
from amissl.
Related Issues (20)
- Cannot compile SDL example
- 64bit arguments passing with 68k .library ABI HOT 2
- openssl/asn1.h header redefinitions in Storm C 4 HOT 5
- Update installer to allow installation even while AmiSSL is in use HOT 8
- Optional installation of include? HOT 3
- vbcc proto/inline issues HOT 7
- Random generator init is very slow HOT 11
- OpenSSL speed output order issue when redirected HOT 15
- 68000 version missing HOT 7
- OpenSSL 3.0 / AmiSSL v5 HOT 8
- const const in header files HOT 2
- interfaces/amissl.h:4320:73: error: duplicate ‘const’ HOT 1
- libamisslstubs.a missing a few stubs HOT 15
- AmiSSL version defines mismatches HOT 5
- Split Installer
- AMISSL_INLINE_H doesn't fully work with the 5.x SDK's HOT 12
- Big SSL/TLS connect performance regression in AmiSSL 5.x HOT 25
- FTPS stops working with ZitaFTP Server from version 5.4 HOT 13
- Example https Crashes on Vanilla AmigaOS v3.2 Installation on WinUAE HOT 3
- PatchWork Reports InitSemaphore "Structure Is Not Cleared" HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amissl.