[exim] TLS problems with 4.95 under arch linux

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
MJeremy Harris at ->
Delete this message
Reply to this message
Author: Torsten Luettgert
Date:  
To: exim-users
Subject: [exim] TLS problems with 4.95 under arch linux
Dear all,

when trying to update to exim 4.95 (self compiled), I'm getting errors
when connecting with TLS.

My MUA (evolution) cries "TLS connection closed unexpectedly",
and the exim process prints "free(): invalid pointer".

The mainlog only contains something like

2021-10-05 13:35:17.930 [482186] SMTP connection from
[78.55.104.185]:55590 I=[172.31.1.100]:26 (TCP/IP connection count = 1)

It does not matter if I use STARTTLS on a previously-unencrypted
connection or SMTPS on a dedicated TLS port.

Once (cannot reproduce it now) I got this message:

2021-10-01 15:06:16 TLS error on connection from dynamic-089-014-180-
255.89.14.pool.telefonica.de (zehause) [89.14.180.255] (SSL_accept):
NULL (TLSv1.3)

Anyone got an idea what could be wrong?

Regards,
Torsten

P.S.: more information:

exim -bV
========
Exim version 4.95 #2 built 05-Oct-2021 11:29:46
Copyright (c) University of Cambridge, 1995 - 2018
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007
- 2020
Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013)
Support for: crypteq iconv() IPv6 PAM OpenSSL TLS_resume DANE DKIM
DNSSEC Event I18N OCSP PIPE_CONNECT PRDR Experimental_Queue_Ramp SPF
TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm
dbmjz dbmnz dnsdb dsearch
Authenticators: cram_md5 plaintext spa tls
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir autoreply pipe smtp
Fixed never_users: 0:1:2
Configure owner: 0:0
Size of off_t: 8
Configuration file is /etc/exim/exim.conf

System
======
Arch linux with all updates till 2021-10-05
openssl = 1.1.1.l
glibc = 2.33

exim config (relevant parts)
============================
exim_user = 0
tls_advertise_hosts = *
tls_certificate, tls_privatekey, tls_dhparam are set
tls_remember_esmtp = true
tls_require_ciphers = ${if =={$received_port}{25} {DEFAULT}
{HIGH:!MD5:!SHA1:!SHA2}}
openssl_options = +all +no_sslv2 +no_sslv3 +no_compression
+cipher_server_preference

Local/EDITME
============
USE_OPENSSL=yes
USE_OPENSSL_PC=openssl

pkgconf
=======
libs: -lssl -lcrypto
cflags: (none)



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Exim.conf and tainted data[exim] bad memory allocation requested (2147483632 bytes) at string_catn 1163->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)