Support TLS 1.3? #375
Comments
|
Found some information
I think |
|
I don't know if it would help or not, but maybe just add |
|
perhaps in intermediate time one can use STUNNEL (https://www.stunnel.org/docs.html) to "translate" TLSv1.2 to TLSv1.3 |
Using STUNNEL as adapter between DavMail and OWA helps around the TLS problem, but an other DavMail exception raises |
This is not relevant to this issue. |
|
esabol wrote:
I changed that line localy and build from source code: But sadly the Davmail log contains |
|
@ifrh wrote:
Ah, sorry, it didn't work. Thanks for trying it. |
|
Used cipher suites by DavMail in own build using changes mentioned in #375 (comment) If I don't have overlook something : No match available. |
What version of Java (JDK) do you have installed? You might need Java 13 for those ciphers? See https://www.java.com/en/configure_crypto.html |
|
I have multiple JDK installed on my windows machine. The lines of build output - complete see above in #375 (comment) - let me think, that JDK 15 is used. |
Access Denied Reference #18.8fb10f17.1734260275.34286122 https://errors.edgesuite.net/18.8fb10f17.1734260275.34286122 |
But there is an information site, which points to the same URLs, so perhaps java.com has some trouble at current time.
|
Found a bugreport https://bugs.openjdk.org/browse/JDK-8257825 So DavMails build-script should use JDK 17 / JRE 17 or at least give an option, to use systemwide installed JDK/JRE without downloading it from api.azul.com . |
|
@ifrh : That java.com URL works for me. Try it with a different browser, like Firefox or Chrome.
I think the non-standalone version of DavMail will use the systemwide JDK when executed. Regardless, you can edit the build.xml file and change lines 556 and 545 from where it says "jdk_version=15" to "jdk_version=17" or whatever version you want. |
|
@ifrh : The error mentioned "edgesuite", so I thought you were using Microsoft Edge. I've tested the URL in Firefox, Chrome, and Safari (iOS). It works in all of them. It must be your computer. |
|
@esabol : I've build DavMail with changes in build.xml , keeping the change for enabling TLSv1.3 in davmail/src/java/davmail/http/HttpClientAdapter.java as DavMail did not try to use Here the build output And here the DavMail log: |
|
@iRFH wrote:
The Java documentation says that Java 17+ supports those ciphers, so that doesn't make any sense to me. I doubt this is a DavMail problem. I suspect it's something with your operating system or your Java configuration. To determine that, please try compiling the following simple Java code (save it to a file named import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.*;
/** Establish a SSL connection to a host and port, writes a byte and
* prints the response. See
* http://confluence.atlassian.com/display/JIRA/Connecting+to+SSL+services
*/
public class SSLPoke {
public static void main(String[] args) {
if (args.length != 2) {
System.out.println("Usage: "+SSLPoke.class.getName()+" <host> <port>");
System.exit(1);
}
try {
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(args[0], Integer.parseInt(args[1]));
SSLParameters sslparams = new SSLParameters();
sslparams.setEndpointIdentificationAlgorithm("HTTPS");
sslsocket.setSSLParameters(sslparams);
InputStream in = sslsocket.getInputStream();
OutputStream out = sslsocket.getOutputStream();
// Write a test byte to get a reaction :)
out.write(1);
while (in.available() > 0) {
System.out.print(in.read());
}
System.out.println("Successfully connected");
} catch (Exception exception) {
exception.printStackTrace();
System.exit(1);
}
}
} |
|
Well some copy&paste errors ... After fixing syntax error and renaming file befor compiling: |
|
Well, that's interesting! |
|
Well I changed those source and targed information, mentioned in #375 (comment) , to value 21. And I decide to not start davmail via exe. but start davmail via calling jar file directly from cmd. The handshake worked! But later an other Exception rises. So SSL-Handshake work starting via But login failed. Perhaps I should query an other entry point? |
Great! Now you are using the same Java installation that you used to compile and execute SSLPoke (instead of the "standalone" .exe build), and it makes sense that they would perform identically.
Yes, it's possible you just have a configuration problem now and you just need to put the proper settings into your Which |
|
I see @mguessan has made some recent commits to the repository which may be relevant. Make sure the code you are compiling is up-to-date with the latest in the GitHub repository, @ifrh . See https://github.com/mguessan/davmail/commits/master/ You might need to change one or more of the following settings: |
|
Changing in GUI the Setting "OWA or EWS (Exchange) URL" And than some lines in logfile later the login page, where I can login via webbrowser is sent to davmail. : |
|
That's great thank you very much! And now I got access to my personal account calendar with the following values in a) window "DavMail Gateway Setting" : b) window "new calendar" (Thunderbird 128.5.2esr (64-Bit)) This creates a calendar in thunderbird for That is great, thank you for your help and development! Sadly Thunderbirds autodiscover did not find the shared group calendar. Should it possible to get access to a shared "group calendar" via davmail, too? I tried to subscribe the shared calendar as new calendar in Thunderbird two times using differend values as changed address
Both failed with java.io.IOException. |
|
@ifrh : I'm glad you have persevered and achieved success! Did you try http://localhost:1080/users/[email protected]/calendar/ ? I think that's the syntax you want. You can test that URL in your web browser while DavMail is running. The calendar needs to be "fully shared". If it's only partially shared, apparently, there could still be a problem with accessing it. Seriously, please read the comments at the following issue: Any additional shared calendars on another user's account can be accessed at I've also noticed that your language is German. If the language of the other user's shared calendar is not German, you might be encountering this very old bug (which may or may not have been addressed in the last 14 years – no idea!): |
|
http://localhost:1080/users/[email protected]/calendar/ Some warings occure as Windows popup messages , like :
But as far as I can see the content of both calendars
And I will think about how to get the standalone version running... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@ifrh wrote:
Originally posted by @ifrh in #374 (comment)
The text was updated successfully, but these errors were encountered: