Bug#394598: exim4-daemon-heavy: Upgrade breaks TLS

John Goerzen jgoerzen at complete.org
Sun Oct 22 03:05:05 UTC 2006 

Package: exim4-daemon-heavy
Version: 4.63-7
Severity: serious

I have upgraded from exim4 4.50-8sarge2.

Now, whenever a client attempts to use TLS, I see:

2006-10-21 22:00:08 TLS error on connection from xxx (yyy) [x.x.x] (DH params import): Base64 decoding error.

Nothing has changed with my certs.  I initially answered N when it asked me
whether to replace the TLS conffile, though I later migrated it to the new
system, just in case that made a difference.

This is a serious upgrade-from-sarge issue that could break things.

The only thing I can think of is that I'm using a combined key+cert file
for the server -- and this is documented to be supported -- but perhaps
something is broken with its support.

-- Package-specific info:
Exim version 4.63 #1 built 15-Oct-2006 10:08:44
Copyright (c) University of Cambridge 2006
Berkeley DB: Sleepycat Software: Berkeley DB 4.3.29: (September  6, 2005)
Support for: crypteq iconv() IPv6 PAM Perl GnuTLS move_frozen_messages Content_Scanning Old_Demime
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql
Authenticators: cram_md5 cyrus_sasl plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /var/lib/exim4/config.autogenerated

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.9
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages exim4-daemon-heavy depends on:
ii  debconf [debconf-2.0]   1.5.6            Debian configuration management sy
ii  exim4-base              4.63-7           support files for all exim MTA (v4
ii  libc6                   2.3.6.ds1-4      GNU C Library: Shared libraries
ii  libdb4.3                4.3.29-6         Berkeley v4.3 Database Libraries [
ii  libgnutls13             1.4.4-1          the GNU TLS library - runtime libr
ii  libldap2                2.1.30-13+b1     OpenLDAP libraries
ii  libmysqlclient15off     5.0.24a-9        mysql database client library
ii  libpam0g                0.79-3.2         Pluggable Authentication Modules l
ii  libpcre3                6.7-1            Perl 5 Compatible Regular Expressi
ii  libperl5.8              5.8.8-6.1        Shared Perl library
ii  libpq4                  8.1.4-7          PostgreSQL C client library
ii  libsasl2                2.1.19.dfsg1-0.5 Authentication abstraction library

exim4-daemon-heavy recommends no packages.

-- debconf information excluded

More information about the Pkg-exim4-maintainers mailing list