On Wed, May 13, 2020 at 04:37:29PM -0700, Alexander Vasarab wrote:
> The output is attached.
>
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: tls_bio:
> SSL_get_error(-1) = 2
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: tls_bio: waiting for
> readable socket
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: tls_bio:
> SSL_get_error(36) = 0
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: tls_bio: TLS success
Finished reading "RCPT TO:<....>\r\n" (36 bytes).
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: C6917102C03E:
> client=<data scrubbed>[<data scrubbed>], sasl_method=LOGIN,
> sasl_username=<data scrubbed>
Logged queue file creation.
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: tls_bio:
> SSL_get_error(14) = 0
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: tls_bio: TLS success
Wrote a 14-byte response.
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: tls_bio:
> SSL_get_error(-1) = 1
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: tls_bio: TLS layer error
Went back to read more data, but got SSL_ERROR_SSL, with the error
stack holding:
> May 13 16:31:24 vasaconsulting postfix/smtpd[14216]: warning: TLS library
> problem: error:140E0197:SSL routines:SSL_shutdown:shutdown while in
> init:../ssl/ssl_lib.c:2086:
WTF?
Postfix did not yet have any opportunity to call SSL_shutdown() (that
should show up in the bio trace). Postfix calls ERR_clear_error() just
before each new handshake, so we should not see spurious messages left
over from previous sessions.
Your OpenSSL library looks busted. Do you have more than one set of
OpenSSL libraries installed on your system? What ldd report for the
"smtpd" executable?
Is this the stock OpenSSL for your system, or your own build?
OpenSSL 1.1.1g on my FreeBSD system does not exhibit such symptoms.
What OS are you running?
--
Viktor.
