Bug 284801 - stunnel fails to handle smtp protocol.
stunnel fails to handle smtp protocol.
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: stunnel (Show other bugs)
5.0
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Miloslav Trmač
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-09-10 12:32 EDT by John Haxby
Modified: 2013-04-12 15:20 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-09-24 11:11:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
A backported patch (1.60 KB, patch)
2007-09-24 08:55 EDT, Miloslav Trmač
no flags Details | Diff

  None (edit)
Description John Haxby 2007-09-10 12:32:10 EDT
Description of problem:

If I configure stunnel for SMTP TLS then it gives the wrong greeting (see below)
and crashes on a subsequent EHLO.

Version-Release number of selected component (if applicable): stunnel-4.15-2


How reproducible: Every time.


Steps to Reproduce:
1. Configure stunnel.  I created /etc/stunnel/stunnel.conf containing this:
-------------------------------------------
cert = /etc/pki/tls/certs/localhost.crt
key = /etc/pki/tls/private/localhost.key

chroot = /var/run/stunnel
setuid = nobody
setgid = nobody
pid = /stunnel.pid

[smtps]
accept = 465
connect = 25
protocol = smtp
--------------------------------------
Don't forget to

mkdir /var/run/stunnel
chgrp nobody:nobody /var/run/stunnel

2. Start stunne: "stunnel /etc/stunnel/stunnel.conf
3. Connect to port 465 and start an SMTP conversation.  You'll see this (I've
put <<< and >>> to indicate who is sending what

# telnet localhost 465
<<< Trying 127.0.0.1...
<<< Connected to localhost.localdomain (127.0.0.1).
<<< Escape character is '^]'.
<<< 220220 beth.example.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 10 Sep 2007
17:18:58 +0100 + stunnel
>>> ehlo localhost
<<< 250-ehlo localhost Welcome
<<< Connection closed by foreign host.

/var/log/secure says this:

Sep 10 17:18:57 beth stunnel: LOG5[28421:3086252944]: smtps connected from
127.0.0.1:3297
Sep 10 16:18:58 beth stunnel: LOG5[28421:3086252944]: Negotiations for smtp
(server side) started

On x86_64 I also get this:
Sep 10 17:12:00 aleph kernel: stunnel[25408]: segfault at 0000555555564f5f rip
000055555555feb7 rsp 000000004000f8b0 error 7


You can see what the actual protocol exchange should be if you telnet to port 25
and send the "ehlo localhost".  In this case, the greeting starts "220" not
"220220" and there's rather more than the one line with the spurious
continuation in response to the ehlo.

For the moment, I've installed Fedora 7's stunnel (stunnel-4.20-2) and that
works fine.
Comment 1 John Haxby 2007-09-10 12:40:54 EDT
Sorry, where it says "chgrp nobody:nobody /var/run/stunnel" that should of
course be "chown ..."
Comment 2 Miloslav Trmač 2007-09-24 08:55:15 EDT
Created attachment 204111 [details]
A backported patch

Thanks for your report.

If you are a RHEL customer and have an active support entitlement, please
contact official Red Hat Support at https://www.redhat.com/apps/support/ to
allow correct prioritization of this issue.
Comment 3 John Haxby 2007-10-11 06:15:55 EDT
Only got a developer license :-(

However, the patch applies just fine and fixes the problem.  Many thanks.
Comment 4 RHEL Product and Program Management 2007-12-03 15:46:13 EST
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release.  This request will
be reviewed for a future Red Hat Enterprise Linux release.
Comment 10 errata-xmlrpc 2008-09-24 11:11:42 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2008-0894.html

Note You need to log in before you can comment on or make changes to this bug.