email app is unavailable to check for mails when SSLv3 is disabling

[Patschi]

Hello,

since I disabled the complete support of SSLv3 on my mailserver, I'm unable to estabilish a connection to the mailserver. When I allow SSLv3 again, it's working fine as expected. I guess the app is trying if SSLv3 is possible and aborts continuing checking for a working connection, even if TLS is working. I attached a screenshot, which error is occuring.

Thank you for your help!

Regards,
Patrik

[Kostya Vasilyev]

Actually, recent versions of Aqua have a setting (in app settings, under Network) to blacklist SSLv3.

Is that the one you are talking about -- or about server side settings?

When you enable "SSL hardening" there and also enable "blacklist SSLv3", then the preferred protocol order is: TLSv1.2, TLSv1.1, TLS1 and that's it. No SSLv3.

[mikeone]

Please install the latest "stable" version 1.5.0.25
http://www.aqua-mail.com/download/AquaMail-market-1.5.0.25.apk

There is a (new) setting under Settings > network to blacklist Sslv3 protocol

[Patschi]

@Kostya: I've completely disabled SSLv3 support on the serverside, but when I do so, I can't check anymore my mails in AquaMail because of this error in the screenshot I posted before.
@mikeone: I'm currently on 1.5.1-24.2-dev. Also when enabling this setting, it still does not work. The same error as above.

I'm getting the following error message on the server, when I try to check mails on my phone:

Oct 24 00:03:15 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=XXX.XXX.XXX.XXX, lip=XXX.XXX.XXX.XXX, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher

[Kostya Vasilyev]

With "SSL hardening" in Aqua enabled, it will use TLS if available at the server end (1, 1.1 or 1.2).

After changing "Blacklist SSLv3" you will need to restart the phone -- I'll fix that.

Please try toggling the "Harden SSL" and restarting the phone.

I got things to work that way, with this in dovecot's 10-ssl.conf

# SSL protocols to use
ssl_protocols = !SSLv2 !SSLv3

# SSL ciphers to use
#ssl_cipher_list = ALL:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL

Looked like this:

Oct 24 02:33:20 li463-125 dovecot: imap-login: Login: user=<xxxxxx@aqua-mail.com>, method=CRAM-MD5, rip=xxxxxxx, lip=xxxxxxx, mpid=18217, TLS, session=<CUzNph4GeQA+Tj2I>

and this:

10-24 02:33:19.400 I/AquaMail(23427): [NETWRK.2173] Connection to [mail.aqua-mail.com:993, sslRelaxed] completed: mail.aqua-mail.com/xxxxx:993
10-24 02:33:19.410 I/AquaMail(23427): [NETWRK.2173] Buffer sizes: 524288 send, 1048576 receive
10-24 02:33:19.420 I/AquaMail(23427): [NETWRK.2173] Encryption: protocol TLSv1.2, cipher TLS_DHE_RSA_WITH_AES_256_CBC_SHA

[mikeone]

@Kostya: I've completely disabled SSLv3 support on the serverside, but when I do so, I can't check anymore my mails in AquaMail because of this error in the screenshot I posted before.
@mikeone: I'm currently on 1.5.1-24.2-dev. Also when enabling this setting, it still does not work. The same error as above.

I'm getting the following error message on the server, when I try to check mails on my phone:

Oct 24 00:03:15 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=XXX.XXX.XXX.XXX, lip=XXX.XXX.XXX.XXX, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher

... okay.  Then please try it with the newest dev-build:
http://www.aqua-mail.com/download/AquaMail-market-1.5.1-25-dev5.apk

[Patschi]

It's really strange... As I wrote before, it only does not work, when I remove the SSLv3 support. When I enable SSLv3, AquaMail is working fine and is using TLSv1.2 without issues...  Can't understand why. A friend, which is also using AquaMail, has the exact same issue as me.

However, I'm trying the blacklist functionality in the next couple of hours and will report back.

I'm currently using the following Dovecot settings: (Maybe it needs some improvements, but first AquaMail should work)

ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list = ALL:!LOW:!ADH:!SSLv2:!SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:+HIGH:+MEDIUM

When I remove the bold marked SSLv3 and restart Dovecot, AquaMail is connecting. When I keep the SSLv3 in there, the error of the screenshot of my first post is showing up and is not connecting. I'm trying to retry it after I enabled the Debug mode - maybe there are more interesting messages, which could help to locate the problem.

Thanks for the help so far!

[Patschi]

Okay, tested it right now.

Rebooting the phone after blacklisting SSLv3 on AquaMail does not help.

I've enabled the debug settings to get some more informations about the error. And yeah, got some more detailed debug messages. The most interesting part is:

2014.10.24 08:19:01.730 +0200   AquaMail   [NETWRK.639] Connecting to [mail.domain.tld:143, tlsStrict]
2014.10.24 08:19:01.731 +0200   AquaMail   [NETWRK.639] Resolving address for mail.domain.tld
2014.10.24 08:19:02.180 +0200   AquaMail   [NETWRK.639] IPv4: mail.domain.tld/XXX.XXX.XXX.XXX
2014.10.24 08:19:02.184 +0200   AquaMail   [NETWRK.639] Trying: mail.domain.tld/XXX.XXX.XXX.XXX:143
2014.10.24 08:19:02.567 +0200   AquaMail   [NETWRK.639] Socket connection completed
2014.10.24 08:19:02.582 +0200   AquaMail   [NETWRK.639] Connection to [mail.domain.tld:143, tlsStrict] completed: mail.domain.tld/XXX.XXX.XXX.XXX:143, time = 0.85 sec
2014.10.24 08:19:02.586 +0200   AquaMail   [NETWRK.639] Buffer sizes: 20500 send, 87380 receive
2014.10.24 08:19:03.350 +0200   AquaMail   [IMAP.639] Server greeting: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED] Dovecot ready.
2014.10.24 08:19:03.351 +0200   AquaMail   [IMAP.639] Server is Dovecot
2014.10.24 08:19:03.352 +0200   AquaMail   [IMAP.639] Sending: kman1 CAPABILITY
2014.10.24 08:19:03.454 +0200   AquaMail   [IMAP.639] Pre-login capabilities: CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED
2014.10.24 08:19:03.456 +0200   AquaMail   [IMAP.639] Server supports ID
2014.10.24 08:19:03.459 +0200   AquaMail   [IMAP.639] Result for kman1: 0 Pre-login capabilities listed, post-login capabilities have more., traffic: 171 read, 18 write
2014.10.24 08:19:03.463 +0200   AquaMail   [IMAP.639] Sending: kman2 ID ("name" "AquaMail" "version" "1.5.1-24.3-dev3" "build" "2101855" "os" "Android")
2014.10.24 08:19:03.555 +0200   AquaMail   [IMAP.639] Result for kman2: 0 ID completed., traffic: 34 read, 91 write
2014.10.24 08:19:03.556 +0200   AquaMail   [IMAP.639] Sending: kman3 STARTTLS
2014.10.24 08:19:03.682 +0200   AquaMail   [IMAP.639] Result for kman3: 0 Begin TLS negotiation now., traffic: 37 read, 16 write
2014.10.24 08:19:03.686 +0200   AquaMail   [NETWRK.639] Request for startTls content://org.kman.AquaMail.data/accounts/1/in to [mail.domain.tld:143, tlsStrict]
2014.10.24 08:19:03.689 +0200   AquaMail   [NETWRK.639] Using strict STARTTLS factory
2014.10.24 08:19:03.864 +0200   AquaMail   [NETWRK.639] Reconnecting to [mail.domain.tld:143, tlsStrict]
2014.10.24 08:19:03.868 +0200   SSLHardening   Hardening reorder: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, SSL_RSA_WITH_NULL_MD5, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_DH_anon_WITH_RC4_128_MD5, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_256_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, TLS_ECDH_anon_WITH_RC4_128_SHA, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_AES_256_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_ECDH_anon_WITH_NULL_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV], [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5], [SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA] -> [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_NULL_MD5, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_DH_anon_WITH_RC4_128_MD5, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_256_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, TLS_ECDH_anon_WITH_RC4_128_SHA, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_AES_256_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_ECDH_anon_WITH_NULL_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
2014.10.24 08:19:03.870 +0200   SSLHardening   Hardening reorder: [SSLv3, TLSv1, TLSv1.1, TLSv1.2], [TLSv1.2, TLSv1.1, TLSv1, SSLv3], [SSLv3] -> [TLSv1.2, TLSv1.1, TLSv1]
2014.10.24 08:19:03.872 +0200   SSLHardening   Setting hardened ciphers: [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_NULL_MD5, SSL_RSA_WITH_NULL_SHA, TLS_ECDH_ECDSA_WITH_NULL_SHA, TLS_ECDH_RSA_WITH_NULL_SHA, TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, SSL_DH_anon_WITH_RC4_128_MD5, TLS_DH_anon_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_256_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, TLS_ECDH_anon_WITH_RC4_128_SHA, TLS_ECDH_anon_WITH_AES_128_CBC_SHA, TLS_ECDH_anon_WITH_AES_256_CBC_SHA, TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_EXPORT_WITH_RC4_40_MD5, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TLS_ECDH_anon_WITH_NULL_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
2014.10.24 08:19:03.873 +0200   SSLHardening   Setting hardened protocols: [TLSv1.2, TLSv1.1, TLSv1]
2014.10.24 08:19:03.970 +0200   AquaMail   [NETWRK.639] Closing socket SSL socket over Socket[address=mail.domain.tld/XXX.XXX.XXX.XXX,port=143,localPort=46515]
2014.10.24 08:19:03.989 +0200   AquaMail   [NETWRK.639] ***** ERROR: Unable to reconnect to [mail.domain.tld:143, tlsStrict]
javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x791b7250: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x73142cf8:0x00000000)
   at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:448)
   at com.android.org.conscrypt.OpenSSLSocketImpl$SSLInputStream.<init>(OpenSSLSocketImpl.java:661)
   at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:632)
   at org.kman.AquaMail.net.MailSocketConnection.doReconnectImpl(MailSocketConnection.java:263)
   at org.kman.AquaMail.net.MailConnectionManager.startTls(MailConnectionManager.java:323)
   at org.kman.AquaMail.mail.imap.ImapTask.ensureStartTLS(ImapTask.java:78)
   at org.kman.AquaMail.mail.imap.ImapTask_ConnectLogin.ensureConnectLogin(ImapTask_ConnectLogin.java:79)
   at org.kman.AquaMail.mail.imap.ImapTask_ConnectLogin.ensureConnectLogin(ImapTask_ConnectLogin.java:30)
   at org.kman.AquaMail.mail.imap.ImapTask_Sync.process(ImapTask_Sync.java:198)
   at org.kman.AquaMail.core.MailTaskExecutor.onTask(MailTaskExecutor.java:438)
   at org.kman.AquaMail.core.MailTaskExecutor.run(MailTaskExecutor.java:401)
   at java.lang.Thread.run(Thread.java:841)
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x791b7250: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x73142cf8:0x00000000)
   at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
   at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:405)
   ... 11 more

Last data:
kman3 STARTTLS
Result for kman3: 0 Begin TLS negotiation now.
Caused by:
javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x791b7250: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x73142cf8:0x00000000)
   at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
   at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:405)
   at com.android.org.conscrypt.OpenSSLSocketImpl$SSLInputStream.<init>(OpenSSLSocketImpl.java:661)
   at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:632)
   at org.kman.AquaMail.net.MailSocketConnection.doReconnectImpl(MailSocketConnection.java:263)
   at org.kman.AquaMail.net.MailConnectionManager.startTls(MailConnectionManager.java:323)
   at org.kman.AquaMail.mail.imap.ImapTask.ensureStartTLS(ImapTask.java:78)
   at org.kman.AquaMail.mail.imap.ImapTask_ConnectLogin.ensureConnectLogin(ImapTask_ConnectLogin.java:79)
   at org.kman.AquaMail.mail.imap.ImapTask_ConnectLogin.ensureConnectLogin(ImapTask_ConnectLogin.java:30)
   at org.kman.AquaMail.mail.imap.ImapTask_Sync.process(ImapTask_Sync.java:198)
   at org.kman.AquaMail.core.MailTaskExecutor.onTask(MailTaskExecutor.java:438)
   at org.kman.AquaMail.core.MailTaskExecutor.run(MailTaskExecutor.java:401)
   at java.lang.Thread.run(Thread.java:841)

I really could imagine, that AquaMail is trying somehow to detect support of SSLv2/SSLv3 and is failing with that...

[Kostya Vasilyev]

>>> AquaMail is trying somehow to detect support of SSLv2/SSLv3 and is failing with that

Reasonable conjecture, but no.

This line:

>>> Setting hardened protocols: [TLSv1.2, TLSv1.1, TLSv1]

Means that my code called sslSocket.setEnabledProtocols( array TLSv1.2, TLSv1.1, TLSv1 ):

http://developer.android.com/reference/javax/net/ssl/SSLSocket.html#setEnabledProtocols(java.lang.String[])

I just tried STARTTLS (strict) and STARTTLS (accept any) with my server. It worked.

What I think you're seeing is Android's system level SSL negotiation cache -- easy to enable, no way to disable... So I delete the cache files, but I think the system code loads them into memory.

Please try this:

1 - Aqua settings -> Network -> switch "SSL hardening" off and on
2 - Reboot the phone

The first step will delete those SSL cache files, and the second step will make sure that the already loaded ones won't be used.

[Patschi]

Tried it right now, but sadly it's still not working. I don't have any ideas what I could try otherwise.

[Kostya Vasilyev]

Yes, I see this too.

Adding !SSLv3 in Dovecot *ciphers* causes same error -- even when SSLv3 is explicitly turned off at the socket level on my side.

In K9 Mail too.

This works and uses TLSv1.2:

# SSL protocols to use
ssl_protocols = !SSLv2 !SSLv3

# SSL ciphers to use
#ssl_cipher_list = ALL:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL

And achieves the goal of blocking SSLv3 at the server:

$ openssl s_client -starttls imap -crlf -connect mail.aqua-mail.com:143 -ssl3
CONNECTED(00000003)
140252064523936:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1260:SSL alert number 40
140252064523936:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 350 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1414150578
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---

It's interesting that explicitly using TLS 1.2 to connect, with openssl, still shows SSLv3 in the Dovecot log:

$ openssl s_client -starttls imap -crlf -connect mail.aqua-mail.com:143 -tls1_2
...
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DHE-RSA-AES256-GCM-SHA384

Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2002, ret=-1: unknown state [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write key exchange A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write session ticket A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [x.y.z.w]
Oct 24 15:41:05 li463-125 dovecot: imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [x.y.z.w]

But I don't know if it means anything.

Finally, this https://zmap.io/sslv3/servers.html#dovecot says that

"ssl_protocols = !SSLv2 !SSLv3" is for Dovecot 2.1+

and

"ssl_ciphers = ..." is for Dovecot 2.0

I'm running 1:2.1.7-7+deb7u1

[Patschi]

I have the exact same Dovecot version as you (default Debian stable repository). So what does this exactly mean? Do you know any ways we could resolve this? I don't want to have SSLv3 still enabled at all.

[Kostya Vasilyev]

I got it to work, please see my above message.

[Patschi]

Oh, sorry! I didn't read your post good enough and replied to fast. I also tested it now again with the following configuration as I posted a few posts before, but without the SSLv3 entry:

ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list = ALL:!LOW:!ADH:!SSLv2:!SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:+HIGH:+MEDIUM

It really seems that SSLv3 is disabled anyway and the app is working fine. That's a bit strange. But good to know! :-)

Thanks for your help!

[Kostya Vasilyev]

It really looks like something in system code -- "openssl s_client" can connect even when you have "!SSLv3" in "ssL_cipher_list" -- but neither Aqua nor K9 Mail can...

On the other hand, this configuration key is supposedly not necessary for Dovecot 2.1+, which is what we're both using (Debian 7.7) -- and it does the job with preventing SSLv3 connections.