On 31/05/16 18:44, Samuel wrote: > 2016-05-31 05:55:44 TLS error on connection from > researchscan258.eecs.XXXX.edu (eecs.XXXX.edu) [1XX.212.XXX.3] > (gnutls_handshake): Could not negotiate a supported cipher suite. > 2016-05-31 05:55:44 H=researchscan258.eecs.XXXX.edu (eecs.XXXX.edu) > [1XX.212.XXX.3] Warning: erreur : tls-failed
OK, cipher-suite mismatch... > /var/log/syslog : > > May 31 05:55:44 anemone-mailin-01 kernel: [4547900.677897] traps: > exim4[23055] general protection ip:6664ddc0bad6 sp:7483826d3710 error:0 > in libc-2.19.so[6664ddba2000+1a2000] Oops! > So if I understand well, A special craft ssl request can cause DOS on > Exim on Grsecurity kernel ? Not all that crafted; just a choice of ciphers. > What can I do to stop this ? Gather more information so that we can fix the bug where the crash is. A full stack trace of the crash point, with debuginfo. Generally this means enabling suid-process coredumps though, and this is a security issue (the coredump potentially contains sensitive info, so you don't want just anyone to be able to read the file). Also: any idea if this was STARTTLS or SSL-on-connect? > exim -d --version > Exim version 4.84_2 #1 built 13-Mar-2016 17:47:17 Many thanks for gathering that level of info - I wish more people did! -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
