Re: centos 7 dovecot 2.2.10 segmentation fault on devcot/auth using ldap driver in userdb
The crash seems involved with bad handled AD response
DSID-0C090627,.comment:.In.order.to.perform.this.operation.a.successful.bind.must.be.completed.on.the.connection.
when this occurs dovecot got a segmentation fault
this bug probably has been corrected (changelogs aren't clear) because this
response is well handled on dovecot-2.2.18-2.fc21.x86_64
2015-06-17 23:03 GMT+02:00 Andrea Lisci andreli...@gmail.com:
dovecot 2.2.10 packaged by centos 7
configuring ldap driver on userdb cause imap crash during login
userdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap-userdb.conf3.ext
# Default fields can be used to specify defaults that LDAP may override
#default_fields = home=/home/virtual/%u
}
#ldap conf
---
hosts = myDChost
base = dc=company,dc=testdomain,dc=dom
ldap_version = 3
auth_bind = yes
auth_bind_userdn = windowsdomain\%u
user_filter = ((objectclass=person)(|(mail=%u)(sAMAccountName=%n)))
user_attrs =
=uid=vmail,=gid=vmail,=home=/users/vmail/
maildomain.com/%n,=mail_location=maildir:/users/vmail/maildomain.com/%n/Maildir
tls = yes
tls_require_cert = never
dovecot -n
---
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-229.4.2.el7.x86_64 x86_64 CentOS Linux release
7.1.1503 (Core) xfs
auth_debug = yes
auth_mechanisms = plain login
listen = *
mail_debug = yes
mail_location = maildir:/users/vmail/maildomain.com/%n/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf2.ext
driver = ldap
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = required
ssl_cert = /etc/pki/dovecot/certs/mail.maildomain.com.crt.pem
ssl_key = /etc/pki/dovecot/private/mail.maildomain.com.key.pem
userdb {
args = /etc/dovecot/dovecot-ldap-userdb.conf3.ext
driver = ldap
}
protocol lmtp {
mail_plugins = quota sieve
passdb {
args = password=foo
driver = static
}
}
protocol lda {
mail_plugins = sieve
}
core dump
-
gdb /usr/libexec/dovecot/auth /var/core/25122
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-64.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type show copying
and show warranty for details.
This GDB was configured as x86_64-redhat-linux-gnu.
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/...
Reading symbols from /usr/libexec/dovecot/auth...Reading symbols from
/usr/lib/debug/usr/libexec/dovecot/auth.debug...done.
done.
[New LWP 25122]
[Thread debugging using libthread_db enabled]
Using host libthread_db library /lib64/libthread_db.so.1.
Missing separate debuginfo for /usr/lib64/libnssckbi.so
Try: yum --enablerepo='*debug*' install
/usr/lib/debug/.build-id/1e/a2171aee7143d971607597b24f2a97e9276cbb.debug
Core was generated by `dovecot/auth'.
Program terminated with signal 11, Segmentation fault.
#0 db_ldap_handle_request_result (res=0x0, idx=optimized out,
request=optimized out, conn=optimized out) at db-ldap.c:819
819request-callback(conn, request, res-msg);
(gdb) bt full
#0 db_ldap_handle_request_result (res=0x0, idx=optimized out,
request=optimized out, conn=optimized out) at db-ldap.c:819
_data_stack_cur_id = 3
srequest = optimized out
ret = optimized out
final_result = optimized out
named_res = optimized out
#1 db_ldap_handle_result (res=optimized out, conn=optimized out) at
db-ldap.c:886
auth_request = 0x7f3704fa2620
idx = optimized out
msgid = optimized out
#2 ldap_input (conn=optimized out) at db-ldap.c:918
timeout = {tv_sec = 0, tv_usec = 0}
res = 0x7f3704b1b530
msg = 0x7f370489fcb0
prev_reply_diff = optimized out
ret = optimized out
#3 0x7f3702a19a47 in io_loop_call_io (io=0x7f37046dbad0) at
ioloop.c:388
ioloop = 0x7f37046bd7b0
t_id = 2
#4 0x7f3702a1a8cf in
centos 7 dovecot 2.2.10 segmentation fault on devcot/auth using ldap driver in userdb
dovecot 2.2.10 packaged by centos 7
configuring ldap driver on userdb cause imap crash during login
userdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap-userdb.conf3.ext
# Default fields can be used to specify defaults that LDAP may override
#default_fields = home=/home/virtual/%u
}
#ldap conf
---
hosts = myDChost
base = dc=company,dc=testdomain,dc=dom
ldap_version = 3
auth_bind = yes
auth_bind_userdn = windowsdomain\%u
user_filter = ((objectclass=person)(|(mail=%u)(sAMAccountName=%n)))
user_attrs =
=uid=vmail,=gid=vmail,=home=/users/vmail/maildomain.com/%n,=mail_location=maildir:/users/vmail/maildomain.com/%n/Maildir
tls = yes
tls_require_cert = never
dovecot -n
---
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-229.4.2.el7.x86_64 x86_64 CentOS Linux release
7.1.1503 (Core) xfs
auth_debug = yes
auth_mechanisms = plain login
listen = *
mail_debug = yes
mail_location = maildir:/users/vmail/maildomain.com/%n/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf2.ext
driver = ldap
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = required
ssl_cert = /etc/pki/dovecot/certs/mail.maildomain.com.crt.pem
ssl_key = /etc/pki/dovecot/private/mail.maildomain.com.key.pem
userdb {
args = /etc/dovecot/dovecot-ldap-userdb.conf3.ext
driver = ldap
}
protocol lmtp {
mail_plugins = quota sieve
passdb {
args = password=foo
driver = static
}
}
protocol lda {
mail_plugins = sieve
}
core dump
-
gdb /usr/libexec/dovecot/auth /var/core/25122
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-64.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type show copying
and show warranty for details.
This GDB was configured as x86_64-redhat-linux-gnu.
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/...
Reading symbols from /usr/libexec/dovecot/auth...Reading symbols from
/usr/lib/debug/usr/libexec/dovecot/auth.debug...done.
done.
[New LWP 25122]
[Thread debugging using libthread_db enabled]
Using host libthread_db library /lib64/libthread_db.so.1.
Missing separate debuginfo for /usr/lib64/libnssckbi.so
Try: yum --enablerepo='*debug*' install
/usr/lib/debug/.build-id/1e/a2171aee7143d971607597b24f2a97e9276cbb.debug
Core was generated by `dovecot/auth'.
Program terminated with signal 11, Segmentation fault.
#0 db_ldap_handle_request_result (res=0x0, idx=optimized out,
request=optimized out, conn=optimized out) at db-ldap.c:819
819request-callback(conn, request, res-msg);
(gdb) bt full
#0 db_ldap_handle_request_result (res=0x0, idx=optimized out,
request=optimized out, conn=optimized out) at db-ldap.c:819
_data_stack_cur_id = 3
srequest = optimized out
ret = optimized out
final_result = optimized out
named_res = optimized out
#1 db_ldap_handle_result (res=optimized out, conn=optimized out) at
db-ldap.c:886
auth_request = 0x7f3704fa2620
idx = optimized out
msgid = optimized out
#2 ldap_input (conn=optimized out) at db-ldap.c:918
timeout = {tv_sec = 0, tv_usec = 0}
res = 0x7f3704b1b530
msg = 0x7f370489fcb0
prev_reply_diff = optimized out
ret = optimized out
#3 0x7f3702a19a47 in io_loop_call_io (io=0x7f37046dbad0) at
ioloop.c:388
ioloop = 0x7f37046bd7b0
t_id = 2
#4 0x7f3702a1a8cf in io_loop_handler_run
(ioloop=ioloop@entry=0x7f37046bd7b0) at ioloop-epoll.c:220
ctx = 0x7f37046c5450
events = optimized out
list = 0x7f3704998170
io = optimized out
tv = {tv_sec = 0, tv_usec = 999118}
events_count = optimized out
msecs = optimized out
ret = 1
i = 0
call = optimized out
__FUNCTION__ = io_loop_handler_run
#5 0x7f3702a19598 in io_loop_run (ioloop=0x7f37046bd7b0) at
ioloop.c:412
__FUNCTION__ = io_loop_run
#6 0x7f37029c69e3 in master_service_run
Re: centos 7 dovecot 2.2.10 segmentation fault on devcot/auth using ldap driver in userdb
* Andrea Lisci andreli...@gmail.com: dovecot 2.2.10 packaged by centos 7 configuring ldap driver on userdb cause imap crash during login SELinux enabled? p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
