On 3/10/2011 6:50 AM, Mason Loring Bliss wrote: > On Wed, Mar 09, 2011 at 03:01:19PM -0700, Aaron Toponce wrote: > >> It's not a Mutt bug. It's a GnuTLS bug. See the following: > > Thank you for playing, but no, it's not specific to GnuTLS. I can get almost > identical behaviour with OpenSSL.
You're welcome for playing. I read bug reports, and know what they say. > Are you saying that both packages, OpenSSL and GnuTLS, have identical bugs > that interfere with Mutt's handling of status requests for invalid mailboxes > in an almost identical manner? > > Or are you saying that this configuration somehow leaked GnuTLS code in? I'll paste the relevant parts from the bug reports, seeing as though you missed it: "When a server terminates a connection abnormally (TCP termination), TLS (and thus gnutls) cannot distinguish that from a prematurely terminated connection due to attack. This is the reason the error "A TLS packet with unexpected length was received.". If we decided to silence this error, as other implementations or applications might do, we would be vulnerable to premature termination attacks (i.e. someone terminates your connection after the first 10kb of your message were downloaded to prevent you downloading an attachment). That is worse, thus we stay on the safe side of warning of servers that do that." So, shoot your mail provider for cutting your connection, black mail your ISP for dropping you, or keep your cat from chewing your network cables. It's not a Mutt bug. -- . O . O . O . . O O . . . O . . . O . O O O . O . O O . . O O O O . O . . O O O O . O O O
signature.asc
Description: OpenPGP digital signature
