Bug 348008

Summary: SSLv2 traffic seen during IMAP exchange
Product: [Frameworks and Libraries] Akonadi Reporter: Eric Christensen <eric>
Component: IMAP resourceAssignee: Christian Mollekopf <chrigi_1>
Status: RESOLVED UNMAINTAINED    
Severity: normal CC: kdepim-bugs, vkrause
Priority: NOR    
Version: 1.13.0   
Target Milestone: ---   
Platform: Fedora RPMs   
OS: Linux   
Latest Commit: Version Fixed In:

Description Eric Christensen 2015-05-20 13:45:25 UTC 
While watching the traffic between Akonadi (Kmail) and my Dovecot server (IMAP) I notice that every so often I see an SSLv2 packet being sent along with the TLSv1.2 IMAP traffic.  I'm concerned since SSLv2 is a big no-no and since my server doesn't support SSLv2 I'm curious why I Akonadi would even try to send such a packet.  Any ideas?

Reproducible: Always

Steps to Reproduce:
1. Check email
2. Watch the packets

Actual Results:  
See an occasional SSLv2 packet.

Expected Results:  
Never, ever, ever see SSLv2.  Ever.
Comment 1 Denis Kurz 2017-06-23 20:00:18 UTC 
This bug has never been confirmed for a KDE PIM version that is based on KDE Frameworks (5.x). Those versions differ significantly from the old 4.x series. Therefore, I plan to close it in around two or three months. In the meantime, it is set to WAITINGFORINFO to give reporters the oportunity to check if it is still valid. As soon as someone confirms it for a recent version (at least 5.1, ideally even more recent), I'll gladly reopen it.

Please understand that we lack the manpower to triage bugs reported for versions almost two years beyond their end of life.
Comment 2 Denis Kurz 2018-02-01 09:54:13 UTC 
Just as announced in my last comment, I close this bug. If you encounter it again in a recent version (at least 5.1 aka 15.12; preferably much more recent), please open a new one unless it already exists. Thank you for all your input.