Yes, the 100% CPU bug seems to be TLS-related but it is separate from the bug with TLS passthrough. The two functions use different portions of the code, so fixing one will not necessarily fix the other. By disabling TLS, you've simply switched bugs. Sorry about that. :(
-- Sam Clippinger Paolo wrote: > Hello, > > I think the 100% cpu bug is related to TLS. > > I disabled TLS on spamdyke and the 100% bug disappeared, but now I > see that qmail-smtpd TLS is broken too: > > openssl s_client -starttls smtp -crlf -connect localhost:25 > CONNECTED(00000003) > 6570:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown > protocol:s23_clnt.c:567: > > This was an old issue documented at shupp.org but I can't solve it . > > my /var/qmail/control: > > /var/qmail/control# ls -l tls* > -rw-r--r-- 1 root root 386 2008-01-01 10:44 tlsclientciphers > -rw-r--r-- 1 root root 386 2008-01-01 10:44 tlsserverciphers > > /var/qmail/control# ls -l *.pem > -rw-r----- 1 vpopmail qmail 2189 2007-12-12 15:53 clientcert.pem > -rw-r----- 1 vpopmail qmail 245 2008-01-16 01:01 dh1024.pem > -rw-r----- 1 vpopmail qmail 156 2008-01-16 01:01 dh512.pem > -rw-r----- 1 vpopmail qmail 493 2008-01-16 01:01 rsa512.pem > -rw-r----- 1 vpopmail qmail 2189 2007-12-12 15:53 servercert.pem > > > # dpkg -l openssl > openssl 0.9.8c-4etch1 > > I hope you can give me some hints. > > > > Il giorno 16 gen 2008, alle ore 18:26, Sam Clippinger ha scritto: > >> It sounds like a bug. I've seen several complaints about TLS >> passthrough but I've been unable to reproduce it myself. Out of >> curiosity, why do you want qmail to do the TLS instead of spamdyke? >> >> During my (very) little free time over the past week, I've been trying >> to fix the 100% CPU bug (reported by Pablo González on 1/11). I >> haven't >> been able to reproduce it yet, despite trying a number of different >> things. There are still more ideas to try. Hopefully Real Life(tm) >> will slow down this week and I'll have more time for spamdyke. >> >> -- Sam Clippinger >> >> Davide Bozzelli wrote: >>> Is it a bug ? >>> >>> I'll summarize the problem: >>> >>> Spamdyke , when tls is disabled, seems to require every time a tls >>> connetion, and so forece the remote mta to talk tls. >>> I understand that the problem could be fixed by enabling the tls >>> support >>> in spamdyke, but if i want to use the tls on qmail-smtpd side i >>> need >>> to disable tls on the spamdyke side. >>> >>> So, is a problem that could be solved ? >>> >>> Thx in advance, >>> Davie >>> _______________________________________________ >>> spamdyke-users mailing list >>> spamdyke-users@spamdyke.org >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
