Bug#551106: exim4-daemon-heavy: exim segfaults with dovecot auth
Andreas Metzler wrote: thanks for the files. The crucial point seems to be that you have configured dovecot to support *many* auth methods which triggers the bug. Yes, you are right, and the patch works perfectly. Thanks a lot! -- Fabio Kurgan Muzzi If electricity comes from electrons, does morality come from morons? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#551106: exim4-daemon-heavy: exim segfaults with dovecot auth
On 2009-10-17 Fabio Muzzi kur...@kurgan.org wrote:
Andreas Metzler wrote:
How is dovecot configured? (Ldap, sql, plain files, pam)? I cannot
reproduce the crash here with passdb lookup. Do you use some fancy nss
helper (ldap)?
Dovecot authenticates on plain text files.
You'll find attached the Dovecot config file, an example plain text
password file, and also the complete exim4.conf file. (I run exim with a
personalized configuration file that is made of a single exim4.conf file)
Dovecot authenticates on files that are in /etc/vmail/users/domainname
Exim in this config uses two file-based authenticators (plain and login)
and a CRAM-MD5 authenticator that uses dovecot. It is a test setup,
where the two file-based authenticators work, and the dovecot-based one
crashes. I have tried setting up all authenticators in Exim to run with
the dovecot driver, and all of them crash. If I set them all up to be
file-based, they all work.
The same exact configuration works properly on another server (same
Debian version) and crashes on a third one.
Hello,
thanks for the files. The crucial point seems to be that you have
configured dovecot to support *many* auth methods which triggers the
bug.
This simple patch fixes it for me:
--
diff -NurbBp exim/src/auths/dovecot.c exim.new/src/auths/dovecot.c
--- exim/src/auths/dovecot.c2007-03-01 15:06:56.0 +0100
+++ exim.new/src/auths/dovecot.c2009-10-18 10:11:32.0 +0200
@@ -131,6 +131,7 @@ for (;;)
{
sbp = read(fd, sbuffer, sizeof(sbuffer));
if (sbp == 0) { if (count == 0) return NULL; else break; }
+p = 0;
}
while (p sbp)
--
For your convenience I have built amd64 binary package and uploaded it
to my webspace
http://www.bebt.de/debian/misc/exim4-daemon-heavy_4.69-9.test.1_amd64.deb
ametz...@tmp$ sha1sum exim4-daemon-heavy_4.69-9.test.1_amd64.deb
805d45af492d0647a05e19c998bb21e0d44cd9c3
exim4-daemon-heavy_4.69-9.test.1_amd64.deb
ametz...@tmp$ md5sum exim4-daemon-heavy_4.69-9.test.1_amd64.deb
aa4aea3fc1212025a8521af0eb086c2e exim4-daemon-heavy_4.69-9.test.1_amd64.deb
Could check whether this fixes the issue for you?
thanks, cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
signature.asc
Description: Digital signature
Bug#551106: exim4-daemon-heavy: exim segfaults with dovecot auth
On 2009-10-15 Fabio Muzzi debianb...@kurgan.org wrote: Package: exim4-daemon-heavy Version: 4.69-9 Severity: important I have just set up exim4 to authenticate using Dovecot on two servers. Both are 64 bit, both use the same version of Exim4 and Dovecot (the latest up to date in Debian) and the configuration is the same for both Dovecot and Exim. While one works, the other segfaults sistematically when I try to use the dovecot authentication for SMTP sessions. If I use another auth method, it works. [...] How is dovecot configured? (Ldap, sql, plain files, pam)? I cannot reproduce the crash here with passdb lookup. Do you use some fancy nss helper (ldap)? cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#551106: exim4-daemon-heavy: exim segfaults with dovecot auth
Package: exim4-daemon-heavy Version: 4.69-9 Severity: important I have just set up exim4 to authenticate using Dovecot on two servers. Both are 64 bit, both use the same version of Exim4 and Dovecot (the latest up to date in Debian) and the configuration is the same for both Dovecot and Exim. While one works, the other segfaults sistematically when I try to use the dovecot authentication for SMTP sessions. If I use another auth method, it works. This is an example SMTP session as seen from the client: kur...@vongola:~$ telnet hosting1.soultech.it 25 Trying 79.98.45.34... Connected to hosting1.soultech.it. Escape character is '^]'. 220 hosting1.soultech.it ESMTP Exim 4.69 Thu, 15 Oct 2009 19:40:35 +0200 ehlo a 250-hosting1.soultech.it Hello a [78.4.122.170] 250-SIZE 104857600 250-PIPELINING 250-AUTH PLAIN LOGIN CRAM-MD5 250-STARTTLS 250 HELP auth cram-md5 Connection closed by foreign host. As you can see, as soon as I enter the auth request, the connection drops. On the server, I get this error in the syslog: Oct 15 19:20:17 hosting1 kernel: [6678213.835528] exim4[19769]: segfault at 6c6ff8 ip 7f804d7f97cc sp 7fff583b0558 error 4 in libc-2.7.so[7f804d77c000+14a000] If I shut down Dovecot, so that the auth socket is not available, then Exim answers with a 435 Unable to authenticate at present at the auth cram-md5 command, and does not crash. So, as far as I can tell, Exim crashes after connecting to Dovecot and before asking me for a username. I have tried also other auth methods (plain, login) and all of them crash the same way, when I use the dovecot driver. This is the relevant Exim4.conf part: == dovecot_cram: driver = dovecot public_name = CRAM-MD5 server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 == I'm baffled. I'll try to run the dovecot authenticator on more servers (all of them are configured the same way, but with different hardware) later and report back. -- Package-specific info: Exim version 4.69 #1 built 30-Sep-2008 18:55:37 Copyright (c) University of Cambridge 2006 Berkeley DB: Berkeley DB 4.6.21: (September 27, 2007) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning Old_Demime Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 Configuration file is /etc/exim4/exim4.conf mailname:hosting1.soultech.it -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages exim4-daemon-heavy depends on: ii debconf [debconf- 1.5.24 Debian configuration management sy ii exim4-base4.69-9 support files for all Exim MTA (v4 ii libc6 2.7-18 GNU C Library: Shared libraries ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [ ii libgnutls26 2.4.2-6+lenny1 the GNU TLS library - runtime libr ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries ii libmysqlclient15o 5.0.51a-24+lenny2 MySQL database client library ii libpam0g 1.0.1-5+lenny1 Pluggable Authentication Modules l ii libpcre3 7.6-2.1Perl 5 Compatible Regular Expressi ii libperl5.10 5.10.0-19lenny2Shared Perl library ii libpq58.3.8-0lenny1 PostgreSQL C client library ii libsasl2-22.1.22.dfsg1-23+lenny1 Cyrus SASL - authentication abstra ii libsqlite3-0 3.5.9-6SQLite 3 shared library exim4-daemon-heavy recommends no packages. exim4-daemon-heavy suggests no packages. -- debconf information: exim4-daemon-heavy/drec: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
