On Sun, May 11, 2014 at 11:36:38AM +0200, Reyk Floeter wrote:
> On Sun, May 11, 2014 at 02:05:43AM +0300, Atanas Vladimirov wrote:
> > On Sat, May 10, 2014 at 11:52:01PM +0200, Reyk Floeter wrote:
> > > On Sat, May 10, 2014 at 07:17:39PM +0300, [email protected] wrote:
> > > > >Synopsis: OpenSMTPD failed with fatal: ssl_ctx_create: could not
> > > > >fake private key: No such file or directory
> > > > >Category: system
> > > > >Environment:
> > > > System : OpenBSD 5.5
> > > > Details : OpenBSD 5.5-current (GENERIC.MP) #100: Sat May 10
> > > > 02:42:31 MDT 2014
> > > >
> > > > [email protected]:/usr/src/sys/arch/i386/compile/GENERIC.MP
> > > >
> > > > Architecture: OpenBSD.i386
> > > > Machine : i386
> > > > >Description:
> > > > After upgrade to the latest snapshot OpenSMTPD failed with
> > > > error - fatal: ssl_ctx_create: could not fake private key: No such file
> > > > or directory
> > > >
> > >
> > > Thanks for reporting, I just fixed it with smtpd/ssl.c 1.65.
> > >
> > > Reyk
> >
> > Thanks. I just applied smtpd/ssl.c 1.65 and now OpenSMTPD starts up
> > normally but when I try to send a new email
> > it closes with this output:
> >
> > .............
> > debug: smtp: new client on listener: 0x81942000
> > smtp-in: New session 7b84557cee266239 from host localhost [127.0.0.1]
> > debug: lka: looking up pki "smtp.bsdbg.net"
> > warn: parent -> lka: pipe closed
> > warn: control -> lka: pipe closed
> > warn: pony -> lka: pipe closed
> > warn: scheduler -> control: pipe closed
> > warn: queue -> lka: pipe closed
> > warn: ca -> parent: pipe closed
> >
>
> I cannot reproduce this one.
>
> Would share your smtpd.conf and instructions to trigger it?
>
> Reyk
>
I use mutt via ssh and roundcubemail with dovecot with the smtpd.conf from the
bottom.
When I comment out pki macros everything works as it should.
~$ cat /etc/mail/smtpd.conf
# $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $
# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.
# pki
pki smtp.bsdbg.net certificate "/etc/ssl/smtp.bsdbg.net.crt"
pki smtp.bsdbg.net key "/etc/ssl/private/smtp.bsdbg.net.key"
# To accept external mail, replace with: listen on all
#
listen on lo0 secure pki smtp.bsdbg.net auth-optional
listen on vlan41 smtps pki smtp.bsdbg.net auth
listen on egress smtps pki smtp.bsdbg.net auth
table aliases db:/etc/mail/aliases.db
table myaddrs { 94.26.7.48 }
table myhelo { 94.26.7.48 => smtp.bsdbg.net }
# Uncomment the following to accept external mail for domain "example.org"
#
accept from any for domain 'bsdbg.net' alias <aliases> deliver to maildir
accept from any for domain '*.bsdbg.net' alias <aliases> deliver to maildir
accept for local alias <aliases> deliver to maildir
accept for any relay as '@bsdbg.net' source <myaddrs> hostnames <myhelo>
