Re: openssl s_client gives "called a function you should not call"
Hi Claus, On Fri, Nov 13, 2020 at 06:42:28AM +0100, Claus Assmann wrote: | On Thu, Nov 12, 2020, Paul de Weerd wrote: | | > $ openssl s_client -starttls smtp -connect localhost:587 | | > RCPT TO: | ^ = RENEGOTIATING | | and the syntax is wrong too: NO space after colon, see the fine RFCs. Ah, good one. Fortunately, most (all?) MTAs I've come across while doing manual SMTP (admittedly, this is not my biggest hobby, so not that many) are lenient enough to allow for the space. But I'll keep that in mind. | openssl(1): | When used interactively (which means neither -quiet nor -ign_eof have | been given), the session will be renegotiated if the line begins with an | R; if the line begins with a Q or if end of file is reached, the | connection will be closed down. It's actually documented! Would not have thought to look for this in the manpage .. thank you for the pointer! Cheers, Paul -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/
Re: openssl s_client gives "called a function you should not call"
Hi Janne, On Fri, Nov 13, 2020 at 07:59:22AM +0100, Janne Johansson wrote: | I think anything starting with capital R in that case (s_client) gets | parsed as RENEGOTIATING. | As for why openssl complains about it is unknown to me, but that gotcha is | old at least. Wow .. unexpected. But thanks for the clue-by-4, using 'rcpt to:' instead of 'RCPT TO:' allows me to deliver mail without a problem using openssl s_client. Cheers, Paul -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/
Re: openssl s_client gives "called a function you should not call"
On Thu, Nov 12, 2020, Paul de Weerd wrote: > $ openssl s_client -starttls smtp -connect localhost:587 > RCPT TO: ^ = RENEGOTIATING and the syntax is wrong too: NO space after colon, see the fine RFCs. openssl(1): When used interactively (which means neither -quiet nor -ign_eof have been given), the session will be renegotiated if the line begins with an R; if the line begins with a Q or if end of file is reached, the connection will be closed down. Use rcpt to: -- Address is valid for this mailing list only, please do not reply to it direcly, but to the list.
Re: openssl s_client gives "called a function you should not call"
Den tors 12 nov. 2020 kl 22:15 skrev Paul de Weerd : > While trying to debug my smtpd setup, I got the error "called a > function you should not call" from openssl s_client: > > $ openssl s_client -starttls smtp -connect localhost:587 > > EHLO > > RCPT TO: > RENEGOTIATING > > Is this something openssl s_client doesn't support? I notice that > "RENEGOTIATING" only comes after sending the RCPT TO: command to the > server. Futzing around with other commands before sending RCPT TO: > didn't get to RENEGOTIATING. Am I doing something wrong? Should I be > using some other tool? > I think anything starting with capital R in that case (s_client) gets parsed as RENEGOTIATING. As for why openssl complains about it is unknown to me, but that gotcha is old at least. from 2012: https://serverfault.com/questions/336617/postfix-tls-over-smtp-rcpt-to-prompts-renegotiation-then-554-5-5-1-error-no-v -- May the most significant bit of your life be positive.
openssl s_client gives "called a function you should not call"
While trying to debug my smtpd setup, I got the error "called a function you should not call" from openssl s_client: $ openssl s_client -starttls smtp -connect localhost:587 EHLO 250- Hello [127.0.0.1], pleased to meet you 250-8BITMIME 250-ENHANCEDSTATUSCODES 250-SIZE 36700160 250-DSN 250-AUTH PLAIN LOGIN 250 HELP AUTH LOGIN 334 VXNlcm5hbWU6 Tm9wZSE= 334 UGFzc3dvcmQ6 cmVkYWN0ZWQ= 235 2.0.0 Authentication succeeded MAIL FROM: 250 2.0.0 Ok RCPT TO: RENEGOTIATING 9754412775936:error:1404C042:SSL routines:ST_OK:called a function you should not call:/usr/src/lib/libssl/ssl_lib.c:2415: Is this something openssl s_client doesn't support? I notice that "RENEGOTIATING" only comes after sending the RCPT TO: command to the server. Futzing around with other commands before sending RCPT TO: didn't get to RENEGOTIATING. Am I doing something wrong? Should I be using some other tool? Thanks for any insights! Paul 'WEiRD' de Weerd -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/