On Thu, Feb 20, 2014 at 09:45:06PM -0500, Sahil Tandon wrote:
> > Viktor Dukhovni:
> > > On Sun, Feb 16, 2014 at 07:45:24AM -0500, Wietse Venema wrote:
> > >
> > > > This looks like the same problem that Viktor referred to yesterday.
> > > > Same symptom (crash in zlib+openssl), same resolution.
> > >
> > > Perhaps Sahil can comment on what the status of this issue is in
> > > FreeBSD? It has not to my knowledge been seen in other systems.
> >
> > I can run some tests inside a FreeBSD 10 VM (or give you a copy
> > of the VirtualBox VM). The smaller the test program, the better.
>
> If there is a test program, I would also be happy to try it.
I think the test is to compile Postfix against a libssl/libcrypto
from ports in which SSL compression is not disabled at compile-time
(or by default).
Then connect with an SSL client that similarly enabled SSL compression
and send a large message. With "luck" it'll crash.
The thread on Postfix-users from ~2007 was also FreeBSD with OpenSSL
from ports.
Perhaps users are getting compilation flags wrong, mixing headers
from the base system with libraries from ports? Or linking with
the wrong compression library? I really don't have enough detail
to say what they are doing wrong.
--
Viktor.
