vm team mailing list archive

Thread
Date
vm team
Mailing list archive
Message #01101
Re: [Question #108267]: stunnel on Windows

To: vm@xxxxxxxxxxxxxxxxxxx
From: Alan Wehmann <question108267@xxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 11 Mar 2012 17:50:42 -0000
Reply-to: question108267@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx
Question #108267 on VM changed:
https://answers.launchpad.net/vm/+question/108267

Alan Wehmann posted a new comment:
The last sentence in my entry--Answer #12--was garbled.  It should have
read:

"I checked that this same error message also occurs with VM reading
email with pop.gmail.com:995--via stunnel."

I have since explored the suggestion in Answer #6, of using "gnutls-cli"
from Cygwin, and signalling the TLS handshake to start via the "kill"
program from Cygwin.

As before, I am using GNU Emacs 23.3.1 (i386-mingw-nt5.1.2600) of
2011-03-10 on 3249CTO (on a Dell Latitude D531 laptop running Windows XP
Home).

One additional change that I had to make (not mentioned in Answer #6)
was in function "smtpmail-read-response".  Present there was the line:

        (while (not (search-forward "\r\n" nil t))

which I changed to:

        (while (not (search-forward "\n" nil t))

This was necessary because the initial response from smtp.gmail.com:587
was:

220 mx.google.com ESMTP hy6sm7021189igc.12

which did not have at the end the two characters CRLF that were expected
by the unmodified "smtpmail-read-response".

The full output of the trace buffer is shown below.  I have added a
comment, that starts and ends with "!!!".  (I have also changed the CR
character that appeared at the end of many lines, to ^M, so that they
remain visible and obvious when I insert this text into the the
Launchpad "Message" window.)

-----------------------------------------------------------------

220 mx.google.com ESMTP hy6sm7021189igc.12
!!! this next line was inserted after the QUIT signal was given & is out of order!!!
Process SMTP exited abnormally with code 1
EHLO DELLLAPTOP^M
250-mx.google.com at your service, [108.89.145.141]^M
250-SIZE 35882577^M
250-8BITMIME^M
250-STARTTLS^M
250 ENHANCEDSTATUSCODES^M
STARTTLS^M
220 2.0.0 Ready to start TLS^M
EHLO DELLLAPTOP^M
250-mx.google.com at your service, [108.89.145.141]^M
250-SIZE 35882577^M
250-8BITMIME^M
250-AUTH LOGIN PLAIN XOAUTH^M
250 ENHANCEDSTATUSCODES^M
AUTH PLAIN AEFsYW4uV2VobWFubkBnbWFpbC5jb20AY2FiZXphcGVycm85^M
235 2.7.0 Accepted^M
MAIL FROM:<Alan.Wehmann@xxxxxxxxx> SIZE=485^M
250 2.1.0 OK hy6sm7021189igc.12^M
RCPT TO:<awehmann@xxxxxxxxxxxxx>^M
250 2.1.5 OK hy6sm7021189igc.12^M
DATA^M
354  Go ahead hy6sm7021189igc.12^M
From: Alan Wehmann <Alan.Wehmann@xxxxxxxxx>^M
MIME-Version: 1.0^M
Content-Type: text/plain; charset=us-ascii^M
Content-Transfer-Encoding: 7bit^M
Message-ID: <20315.16272.640000.2540@xxxxxxxxxxxxxxxxxx>^M
Date: Sat, 10 Mar 2012 05:48:32 -0600^M
To: awehmann@xxxxxxxxxxxxx ^M
Subject: test #2 of using Cygwin gnutls-cli^M
X-Mailer: VM 8.2.0b under 23.3.1 (i386-mingw-nt5.1.2600)^M
Reply-To: Alan.wehmann@xxxxxxxxx^M
^M
test #2 of using Cygwin gnutls-cli^M
-- ^M
Alan Wehmann^M
awehmann@xxxxxxxxxxxxx^M
.^M
250 2.0.0 OK 1331483970 hy6sm7021189igc.12^M
QUIT^M
221 2.0.0 closing connection hy6sm7021189igc.12^M
*** Fatal error: A TLS packet with unexpected length was received.
*** Server has terminated the connection abnormally.

-----------------------------------------------------------------

To understand better the out-of-order line insertion, I temporarily
changed the process filter function (smtpmail-process-filter) and had it
also insert all output from smtp.gmail.com:587 into a separate buffer.
That buffer's contents are shown below:

-----------------------------------------------------------------

250-mx.google.com at your service, [108.89.145.141]^M
250-SIZE 35882577^M
250-8BITMIME^M
250-STARTTLS^M
250 ENHANCEDSTATUSCODES^M
220 2.0.0 Ready to start TLS^M
*** Starting TLS handshake
- Certificate type: X.509
 - Got a certificate list of 2 certificates.
 - Certificate[0] info:
  - subject `C=US,ST=California,L=Mountain View,O=Google Inc,CN=smtp.gmail.com', issuer `C=US,O=Google Inc,CN=Google Internet Authority', RSA key 1024 bits, signed using RSA-SHA1, activated `2011-11-18 01:57:17 UTC', expires `2012-11-18 02:07:17 UTC', SHA-1 fingerprint `f392aeb428fe64036fe155ed719e5ff688905a57'
 - Certificate[1] info:
  - subject `C=US,O=Google Inc,CN=Google Internet Authority', issuer `C=US,O=Equifax,OU=Equifax Secure Certificate Authority', RSA key 1024 bits, signed using RSA-SHA1, activated `2009-06-08 20:43:27 UTC', expires `2013-06-07 19:43:27 UTC', SHA-1 fingerprint `dd7a7f131ddba33d3e8670179483e6fea6987d6a'
- The hostname in the certificate matches 'smtp.gmail.com'.
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: RSA
- Cipher: ARCFOUR-128
- MAC: SHA1
- Compression: NULL
250-mx.google.com at your service, [108.89.145.141]^M
250-SIZE 35882577^M
250-8BITMIME^M
250-AUTH LOGIN PLAIN XOAUTH^M
250 ENHANCEDSTATUSCODES^M
235 2.7.0 Accepted^M
250 2.1.0 OK hy6sm7021189igc.12^M
250 2.1.5 OK hy6sm7021189igc.12^M
354  Go ahead hy6sm7021189igc.12^M
250 2.0.0 OK 1331483970 hy6sm7021189igc.12^M
221 2.0.0 closing connection hy6sm7021189igc.12^M
*** Fatal error: A TLS packet with unexpected length was received.
*** Server has terminated the connection abnormally.

-----------------------------------------------------------------

>From this it can be seen that the out-of-order line is not inserted by
using the filter function smtpmail-process-filter.  It can also be seen
that the trace buffer is receiving the lines that show the TLS
handshake.

Character CR (^M) is visible at the end of many lines, because the
buffers have coding set for unix line endings (LF--line feed) and the
SMTP RFC says to send CRLF at the end of each line.

The out-of-order line insertion is apparently being done in the
"process.c" code, in the routine "status_notify".

You received this question notification because you are a member of VM
development team, which is an answer contact for VM.