On Sun, May 11, 2014 at 12:58:36PM +0300, Atanas Vladimirov wrote:
> On Sun, May 11, 2014 at 11:36:38AM +0200, Reyk Floeter wrote:
> > On Sun, May 11, 2014 at 02:05:43AM +0300, Atanas Vladimirov wrote:
> > > On Sat, May 10, 2014 at 11:52:01PM +0200, Reyk Floeter wrote:
> > > > On Sat, May 10, 2014 at 07:17:39PM +0300, [email protected] wrote:
> > > > > >Synopsis: OpenSMTPD failed with fatal: ssl_ctx_create: could not
> > > > > >fake private key: No such file or directory
> > > > > >Category: system
> > > > > >Environment:
> > > > > System : OpenBSD 5.5
> > > > > Details : OpenBSD 5.5-current (GENERIC.MP) #100: Sat May 10
> > > > > 02:42:31 MDT 2014
> > > > >
> > > > > [email protected]:/usr/src/sys/arch/i386/compile/GENERIC.MP
> > > > >
> > > > > Architecture: OpenBSD.i386
> > > > > Machine : i386
> > > > > >Description:
> > > > > After upgrade to the latest snapshot OpenSMTPD failed with
> > > > > error - fatal: ssl_ctx_create: could not fake private key: No such
> > > > > file or directory
> > > > >
> > > >
> > > > Thanks for reporting, I just fixed it with smtpd/ssl.c 1.65.
> > > >
> > > > Reyk
> > >
> > > Thanks. I just applied smtpd/ssl.c 1.65 and now OpenSMTPD starts up
> > > normally but when I try to send a new email
> > > it closes with this output:
> > >
> > > .............
> > > debug: smtp: new client on listener: 0x81942000
> > > smtp-in: New session 7b84557cee266239 from host localhost [127.0.0.1]
> > > debug: lka: looking up pki "smtp.bsdbg.net"
> > > warn: parent -> lka: pipe closed
> > > warn: control -> lka: pipe closed
> > > warn: pony -> lka: pipe closed
> > > warn: scheduler -> control: pipe closed
> > > warn: queue -> lka: pipe closed
> > > warn: ca -> parent: pipe closed
> > >
> >
> > I cannot reproduce this one.
> >
> > Would share your smtpd.conf and instructions to trigger it?
> >
> > Reyk
> >
>
> I use mutt via ssh and roundcubemail with dovecot with the smtpd.conf from
> the bottom.
> When I comment out pki macros everything works as it should.
>
OK, I can reproduce it now. It seems to be an older bug in the mta
that is just exposed by the SSL code. gilles@ and me are looking at
it.
But you could try to send the logs by doing the following:
# smtpd -dv -T mta -T imsg 2>&1 | tee smtpd.log
Do you have any malloc options enabled? Otherwise try with:
# ln -sf 'S' /etc/malloc.conf
If you compile smtpd with debug symbols (make DEBUG=-g), we also have
a great way to get core dumps from privsep daemons now:
# mkdir -m 0700 /var/crash/smtpd
# sysctl kern.nosuidcoredump=3
You'll find the core dumps in /var/crash/smtpd/*.core where gdb gives
you a backtrace etc.
Reyk
