Red Hat Bugzilla – Bug 284801
stunnel fails to handle smtp protocol.
Last modified: 2013-04-12 15:20:59 EDT
Description of problem:
If I configure stunnel for SMTP TLS then it gives the wrong greeting (see below)
and crashes on a subsequent EHLO.
Version-Release number of selected component (if applicable): stunnel-4.15-2
How reproducible: Every time.
Steps to Reproduce:
1. Configure stunnel. I created /etc/stunnel/stunnel.conf containing this:
cert = /etc/pki/tls/certs/localhost.crt
key = /etc/pki/tls/private/localhost.key
chroot = /var/run/stunnel
setuid = nobody
setgid = nobody
pid = /stunnel.pid
accept = 465
connect = 25
protocol = smtp
Don't forget to
chgrp nobody:nobody /var/run/stunnel
2. Start stunne: "stunnel /etc/stunnel/stunnel.conf
3. Connect to port 465 and start an SMTP conversation. You'll see this (I've
put <<< and >>> to indicate who is sending what
# telnet localhost 465
<<< Trying 127.0.0.1...
<<< Connected to localhost.localdomain (127.0.0.1).
<<< Escape character is '^]'.
<<< 220220 beth.example.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 10 Sep 2007
17:18:58 +0100 + stunnel
>>> ehlo localhost
<<< 250-ehlo localhost Welcome
<<< Connection closed by foreign host.
/var/log/secure says this:
Sep 10 17:18:57 beth stunnel: LOG5[28421:3086252944]: smtps connected from
Sep 10 16:18:58 beth stunnel: LOG5[28421:3086252944]: Negotiations for smtp
(server side) started
On x86_64 I also get this:
Sep 10 17:12:00 aleph kernel: stunnel: segfault at 0000555555564f5f rip
000055555555feb7 rsp 000000004000f8b0 error 7
You can see what the actual protocol exchange should be if you telnet to port 25
and send the "ehlo localhost". In this case, the greeting starts "220" not
"220220" and there's rather more than the one line with the spurious
continuation in response to the ehlo.
For the moment, I've installed Fedora 7's stunnel (stunnel-4.20-2) and that
Sorry, where it says "chgrp nobody:nobody /var/run/stunnel" that should of
course be "chown ..."
Created attachment 204111 [details]
A backported patch
Thanks for your report.
If you are a RHEL customer and have an active support entitlement, please
contact official Red Hat Support at https://www.redhat.com/apps/support/ to
allow correct prioritization of this issue.
Only got a developer license :-(
However, the patch applies just fine and fixes the problem. Many thanks.
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. This request will
be reviewed for a future Red Hat Enterprise Linux release.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.