Menu
▾
▴
Re: [fetchmail-devel] timeout not working for TLS
|
From: Matthias A. <mat...@gm...> - 2011-05-23 21:03:58
|
Am 28.04.2011 17:28, schrieb Matthias Andree: > Sorry for the incomplete fix in 6.3.18, and thanks for the report. Now > I need to make sure I catch all similar bugs before releasing the next > version, and I need to update and re-issue the corresponding CVE (or a > new one, need to check with the gurus) and security announcement. > > The fix needs a thorough analysis of the code. Note that I've already > queued patches to ditch SSLv2 support, I need to reconsider that, or > making that an option so that distributors can go ahead and update their > 6.3.ancient version to 6.3.20 without major incompatibilities. > > I'll get back to this. > > Thanks again -- I do appreciate bug reports that are easy to reproduce :-) Thomas, 6.3.20-pre1 should fix that - please test and report back (see the separate announcement). It took a while since I chose to set SO_SNDTIMEO/SO_RCVTIMEO, a BSD socket-level timeout feature, and also SO_KEEPALIVE, to detect crashed TCP connections (although that can take 2 hours and more than 11 minutes on some operating systems to trigger - instead you'll usually get a socket error). I need particular test reports of --idle mode. Best regards, Matthias |
