Hi
We're building a 2.3.13 murder in which we would like as much network
traffic as possible to be encrypted. We found that the starttls command
always times out when talking to the MUPDATE master.
strace suggests the problem is the select() call at imap/tls.c line 871
which has the fd ceiling value hard-coded to 1. That code was
introduced by rev 1.60 of this file:
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/cyrus/imap/tls.c.diff?r1=1.59;r2=1.60;f=h
mupdate is the only daemon affected since all the others call
"tls_start_servertls(0, ...)". In the mupdate case readfd is not stdin.
AFAICT this must have been broken in 2.3.11 and 2.3.12 as well, so I'm
surprised no-one seems to have noticed earlier. I did have a hunt
around in CMU bugzilla (and a Google) to no avail. I will create a new
bugzilla tomorrow unless someone can point me at an existing report.
The attached patch "fixes" the problem but reveals a related one (see
next email)...
Cheers
Duncan
--
Duncan Gibb, Technical Director
Sirius Corporation plc - The Open Source Experts
http://www.siriusit.co.uk/
Tel: +44 870 608 0063
diff -Nrub cyrus-imapd-2.3.13/imap/tls.c working_copy/imap/tls.c
--- cyrus-imapd-2.3.13/imap/tls.c 2008-04-15 18:58:08.000000000 +0100
+++ working_copy/imap/tls.c 2008-11-04 16:50:38.000000000 +0000
@@ -868,7 +868,7 @@
tv.tv_sec = timeout;
tv.tv_usec = 0;
- sts = select(1, &rfds, NULL, NULL, &tv);
+ sts = select(readfd+1, &rfds, NULL, NULL, &tv);
if (sts <= 0) {
if (sts == 0) {
syslog(LOG_DEBUG, "SSL_accept() timed out -> fail");
