[Pkg-openssl-devel] Bug#221689: openssl: s_client's starttls smtp
option broken
Andreas Metzler
ametzler at downhill.at.eu.org
Tue Feb 7 18:32:10 UTC 2006
On 2005-05-09 Christoph Martin <martin at uni-mainz.de> wrote:
> wt at electro-mechanical.com schrieb:
> >Package: openssl
> >Version: 0.9.7c-5
> >I start s_client like this:
> >openssl s_client -connect localhost:25 -cert /etc/ssl/user.pem \
> > -key /etc/ssl/user.key -starttls smtp
> The current version (0.9.7e) works perfectly with sendmail. Can you
> please check the latest version with exim and let me know, if the bug is
> fixed?
Nope. Same breakage with 0.9.7e-3sarge1. I guess sendmail simply
accepts more garbage.
OpenSSL connects, waits for the SMTP-server to say /something/ (perhaps
it checks whether 220 is sent, but I doubt it), then it sends STARTTLS
again waits for the server to say /something/ and after that starts
TLS initialisation, definitely not checking the answer it got to
STARTTLS.
The original submitter might be more happy with gnutls-cli or swaks.
cu andreas
--
The 'Galactic Cleaning' policy undertaken by Emperor Zhark is a personal
vision of the emperor's, and its inclusion in this work does not constitute
tacit approval by the author or the publisher for any such projects,
howsoever undertaken. (c) Jasper Ffforde
More information about the Pkg-openssl-devel
mailing list