Re: [Exim] TLS - GNUTLS vs OpenSSL

Top Page
Delete this message
Reply to this message
Author: Stephen Gran
Date:  
To: exim-users
Subject: Re: [Exim] TLS - GNUTLS vs OpenSSL
On Wed, May 26, 2004 at 01:17:12PM +0200, Torsten Hilbrich said:
> Karl Schmidt wrote:
>
> >First, thanks to Andreas Metzler for getting me up to speed on building
> >Debian packages.
> >
> >Looks like this is a different problem.
> >
> >I've had TLS working on two redhat systems that uses the openSSL libs.
> >In the migration to Debian, I move one end to Debian (uses GNUTLS). I
> >can send from the Redhat end to the Debian end but not the other way.


I am having yet another odd problem.  I have several woody machines
running ametzler's backports of exim4 (both -light and -heavy), and all
but one handle TLS just fine.  The one that doesn't hangs indefinitely
trying to send a message.  This is the result of an exim -d+all:
12:09:03 32363 216.158.52.98 in hosts_avoid_esmtp? no (option unset)
12:09:03 32363   SMTP>> EHLO jupiter.ccil.org
12:09:03 32363 read response data: size=144
12:09:03 32363   SMTP<< 250-mail.lobefin.net Hello ccilcpq.ccil.org [192.190.237.104]
12:09:03 32363          250-SIZE 52428800
12:09:03 32363          250-PIPELINING
12:09:03 32363          250-AUTH LOGIN PLAIN
12:09:03 32363          250-STARTTLS
12:09:03 32363          250 HELP
12:09:03 32363 ---0 Get 0x80e62e8    40       string.c  345
12:09:03 32363 gethostbyname2(af=inet6) returned 4 (NO_DATA)
12:09:03 32363 ---0 Get 0x80e6310    16       string.c  345
12:09:03 32363 gethostbyname2 looked up these IP addresses:
12:09:03 32363   name=linux00.linuxforce.net address=209.152.210.2
12:09:03 32363 216.158.52.98 in hosts_avoid_tls? no (end of list)
12:09:03 32363   SMTP>> STARTTLS
12:09:03 32363 read response data: size=18
12:09:03 32363   SMTP<< 220 TLS go ahead
12:09:03 32363 initializing GnuTLS as a client
12:09:03 32363 generating 512 bit RSA key...
12:10:03 32361 selecting on subprocess pipes
12:11:03 32361 selecting on subprocess pipes
12:12:03 32361 selecting on subprocess pipes


Last line just keeps repeating. It looks like maybe it's not getting
back the information it needs? Doing this on other machines I see a
'read information from file' but no cert or privkey is specified - these
are just client machiens that send system mail, using TLS in case a
password or something is accidentally included. If anyone has
debugging ideas, that would be great.

Thanks,
--
--------------------------------------------------------------------------
|  Stephen Gran                  | Let's do it.   -- Gary Gilmore, to his  |
|  steve@???             | firing squad                            |
|  http://www.lobefin.net/~steve |                                         |

--------------------------------------------------------------------------