FS#76561 - openssl / mbsync "error:0A000126:SSL routines::unexpected eof while reading"

Attached to Project: Arch Linux
Opened by Sam Halliday (fommil) - Monday, 14 November 2022, 10:03 GMT
Last edited by Toolybird (Toolybird) - Tuesday, 15 November 2022, 02:04 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To No-one
Architecture x86_64
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 2
Private No

Details

Description:

Since upgrading openssl (and related ssl packages) from 1.1.1.q-1 to 3.0.7-2 I am unable to connect to gmail imap servers using mbsync. The error is passed through directly from the SSL layer, so does not appear to be an application tier problem although it is very difficult to diagnose this any further.

I enabled the legacy_sect profile to see if it made any difference, but the problem still continued (I followed this gist and confirmed that the profile is enabled https://gist.github.com/rdh27785/97210d439a280063bd768006450c435d )

This hasn't been documented here yet: https://wiki.archlinux.org/title/Isync#SSL_error

mbsync (isync) version 1.4.4.

Exact error is, there doesn't appear to be any further detail.

"Socket error: secure read from imap.gmail.com ([2a00:1450:400c:c09::6d]:993): error:0A000126:SSL routines::unexpected eof while reading"

and enabling both debug and verbose mode in mbsync seems to reveal that mbsync thinks that it has otherwise authenticated successfully and completed processing.

Steps to reproduce:

I have a very standard mbsync setup that has working stably for years, based on

https://wiki.archlinux.org/index.php/Isync
https://el-tramo.be/blog/gmail-mbsync/
This task depends upon

Closed by  Toolybird (Toolybird)
Tuesday, 15 November 2022, 02:04 GMT
Reason for closing:  Duplicate
Additional comments about closing:   FS#76467 
Comment by Jan de Groot (JGC) - Monday, 14 November 2022, 12:07 GMT
This is caused by changes in OpenSSL 3.0:
https://github.com/curl/curl/issues/7800
https://github.com/curl/curl/issues/9024

isync needs to set SSL_OP_IGNORE_UNEXPECTED_EOF flag on the connection so OpenSSL will not generate errors when server closes connection.

Loading...