Bug#674990: exim breaks (again?) with TLS packet with unexpected length
Norbert Preining
preining at logic.at
Tue May 29 09:45:52 UTC 2012
On Di, 29 Mai 2012, Marc Haber wrote:
> > I have found various suggestions, like adding the Debian-exim user
> > to the group shadow,
>
> Where is this dangerous suggestion written?
http://vk6hgr.echidna.id.au/blog/?p=184
> Can you give a transcript of a gnutls-cli session from your server to
> the smarthost, if you wish in private mail to andreas and me.
Actually, no, I realized that it didn't work out.
Ok here is what I have:
* swaks:
$ swaks --tls --server smtp.jaist.ac.jp -p 587 --to preining at logic.at
=== Trying smtp.jaist.ac.jp:587...
=== Connected to smtp.jaist.ac.jp.
<- 220 jaist.ac.jp ESMTP mail service ready
-> EHLO mithrandir
<- 250-mailrelayi.jaist.ac.jp
<- 250-8BITMIME
<- 250-SIZE 104857600
<- 250-AUTH PLAIN LOGIN
<- 250-STARTTLS
<- 250 AUTH=PLAIN LOGIN
-> STARTTLS
<- 220 Go ahead
Segmentation fault
$ dmesg | tail -1
[ 4963.125646] swaks[21719]: segfault at 0 ip 00007f0bfd596e10 sp 00007fff363daa38 error 4 in libcrypto.so.1.0.0[7f0bfd46e000+1b7000]
* openssl
$ openssl s_client -connect smtp.jaist.ac.jp:587CONNECTED(00000003)
140240510559912:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:766:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 320 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
$
* gnutls-cli
$ gnutls-cli -s -p 587 smtp.jaist.ac.jp
Processed 0 CA certificate(s).
Resolving 'smtp.jaist.ac.jp'...
Connecting to '150.65.19.12:587'...
- Simple Client Mode:
220 jaist.ac.jp ESMTP mail service ready
EHLO mithrandir
(nothing ... pressing Ctrl-D)
*** Starting TLS handshake
(nothing ... until I Ctrl-C out)
Does this help you? Anything else? (Sorry, no I don't speak
SMTP protocol fluently)
Norbert
More information about the Pkg-exim4-maintainers
mailing list