Le 01/06/2016 à 11:24, Jeremy Harris a écrit :
On 31/05/16 18:44, Samuel wrote:
2016-05-31 05:55:44 TLS error on connection from
researchscan258.eecs.XXXX.edu (eecs.XXXX.edu) [1XX.212.XXX.3]
(gnutls_handshake): Could not negotiate a supported cipher suite.
2016-05-31 05:55:44 H=researchscan258.eecs.XXXX.edu (eecs.XXXX.edu)
[1XX.212.XXX.3] Warning: erreur : tls-failed
OK, cipher-suite mismatch...
/var/log/syslog :
May 31 05:55:44 anemone-mailin-01 kernel: [4547900.677897] traps:
exim4[23055] general protection ip:6664ddc0bad6 sp:7483826d3710 error:0
in libc-2.19.so[6664ddba2000+1a2000]
Oops!
So if I understand well, A special craft ssl request can cause DOS on
Exim on Grsecurity kernel ?
Not all that crafted; just a choice of ciphers.
Is this a problem from my side ? Do I have to do someting ?
What can I do to stop this ?
Gather more information so that we can fix the bug where the crash is.
A full stack trace of the crash point, with debuginfo. Generally this
means enabling suid-process coredumps though, and this is a security
issue (the coredump potentially contains sensitive info, so you
don't want just anyone to be able to read the file).
Also: any idea if this was STARTTLS or SSL-on-connect?
I can't see it for this connexion.
I just now enable logging in connect acl for that port :
warn
log_message = $received_port
So if it happens again I will now the connect port.
Cheers,
Jeremy
Thanks.
Samuel.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
