[gnutls-dev] gnutls-cli: segfaults when doing starttls against smtp.hispeed.ch

Andreas Metzler ametzler at downhill.at.eu.org
Sat Jun 16 11:59:25 CEST 2007


Hello,
This is debian bug http://bugs.debian.org/429183

----- Forwarded message from Marc Haber <mh+debian-bugs at zugschlus.de> -----
From: Marc Haber <mh+debian-bugs at zugschlus.de>
To: Debian Bug Tracking System <submit at bugs.debian.org>
Message-ID: <20070616084459.14190.41815.reportbug at scyw00225.scy001.de>
Date: Sat, 16 Jun 2007 10:44:59 +0200

Package: gnutls-bin
Version: 1.6.3-1
Severity: normal
File: /usr/bin/gnutls-cli

Hi,

$ gnutls-cli -p 25 -s smtp.hispeed.ch
Resolving 'smtp.hispeed.ch'...
Connecting to '213.46.255.24:25'...

- Simple Client Mode:

220 smtp.hispeed.ch ESMTP server (InterMail vM.7.08.02.00 201-2186-121-20061213) ready Sat, 16 Jun 2007 10:42:25 +0200
EHLO zugschlus.de
250-smtp.hispeed.ch
250-HELP
250-XREMOTEQUEUE
250-ETRN
250-AUTH=LOGIN PLAIN
250-AUTH LOGIN PLAIN
250-PIPELINING
250-DSN
250-8BITMIME
250-STARTTLS
250 SIZE 15360000
STARTTLS
220 Ready to start TLS
*** Starting TLS handshake
*** Fatal error: A record packet with illegal version was received.
*** Handshake has failed
Segmentation fault
$

The "record packet with illegal version was received" sounds familiar
and might be a bug already known, but gnutls-cli should definetely not
segfault in this situation.

Greetings
Marc
----- End forwarded message -----


This applies to at least 1.4.x, 1.6.3 and 1.7.9. Exim built against
gnutls wil not crash when delivering against smtp.hispeed.ch, however
it will not be able to make use of TLS

| initialized GnuTLS session
| LOG: MAIN
|   TLS error on connection to smtp.hispeed.ch [213.46.255.24] (gnutls_handshake): A TLS fatal alert has been received.
| ok=0 send_quit=0 send_rset=1 continue_more=0 yield=1 first_address is not NULL
| 213.46.255.24 in hosts_require_tls? no (option unset)
| LOG: MAIN
|   TLS session failure: delivering unencrypted to smtp.hispeed.ch [213.46.255.24] (not in hosts_require_tls)

Sadly a backtrace is not helpful, and OpenSSL does not have any
problems with this host.
cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'



More information about the Gnutls-dev mailing list