On Fri, Jul 02, 2004 at 05:33:06PM +0200, Claudio Jeker wrote:
>
> The status is the value returned by wait(2). In other words qmail-smtpd
> got a SIGSEGV. Sigh...
>
Yep, it was my stupidity. There where multiple bugs in the code.
The following patch against 20040701 should fix the problem.
--
:wq Claudio
Index: qmail-remote.c
===================================================================
RCS file: /home/cvs-djbware/CVS/qmail-ldap/qmail-remote.c,v
retrieving revision 1.42
diff -u -p -r1.42 qmail-remote.c
--- qmail-remote.c 11 Jun 2004 14:22:57 -0000 1.42
+++ qmail-remote.c 2 Jul 2004 15:54:04 -0000
@@ -871,7 +871,7 @@ void getcontrols(void)
if (!ip_scan(outgoingip.s, &outip)) temp_noip();
#ifdef TLS_REMOTE
- if (control_rldef(&sslcert, "control/remotecert", 0, "") == -1)
+ if (control_readline(&sslcert, "control/remotecert") == -1)
temp_control();
if (!stralloc_0(&sslcert)) temp_nomem();
#endif
Index: qmail-smtpd.c
===================================================================
RCS file: /home/cvs-djbware/CVS/qmail-ldap/qmail-smtpd.c,v
retrieving revision 1.110
diff -u -p -r1.110 qmail-smtpd.c
--- qmail-smtpd.c 29 Jun 2004 19:01:59 -0000 1.110
+++ qmail-smtpd.c 2 Jul 2004 15:54:04 -0000
@@ -168,7 +168,7 @@ void err_bmfunknown(void) { out("553 sor
void err_maxrcpt(void) { out("553 sorry, too many recipients (#5.7.1)\r\n"); }
void err_nogateway(void) { out("553 sorry, relaying denied from your location [");
out(remoteip); out("] (#5.7.1)\r\n"); }
void err_badbounce(void) { out("550 sorry, I don't accept bounce messages with more
than one recipient. Go read RFC2821. (#5.7.1)\r\n"); }
-void err_unimpl(char *arg) { out("502 unimplemented (#5.5.1)\r\n");
logline2(3,"unrecognized command: ",arg); }
+void err_unimpl(const char *arg) { out("502 unimplemented (#5.5.1)\r\n");
logline2(3,"unrecognized command: ",arg); }
void err_size(void) { out("552 sorry, that message size exceeds my databytes limit
(#5.3.4)\r\n"); logline(3,"message denied because: 'SMTP SIZE' too big"); }
void err_syntax(void) { out("555 syntax error (#5.5.4)\r\n"); }
void err_relay(void) { out("553 sorry, we don't relay for ["); out(remoteip); out("]
(#5.7.1)\r\n"); }
@@ -329,7 +329,7 @@ void setup(void)
sslpath = env_get("SSLCERT");
if (!sslpath)
sslpath = (char *)"control/smtpcert";
- if (control_rldef(&sslcert, sslpath, 0, "") == -1)
+ if (control_readline(&sslcert, sslpath) == -1)
die_control();
if (!stralloc_0(&sslcert)) die_nomem();
#endif
@@ -1486,7 +1486,7 @@ void smtp_auth(char *arg)
const char *status;
if (!flagauth) {
- err_unimpl((char *)0);
+ err_unimpl("AUTH without STARTTLS");
return;
}
if (flagauthok) {
@@ -1582,8 +1582,8 @@ void smtp_tls(char *arg)
{
SSL_CTX *ctx;
- if (sslcert.s && *sslcert.s) {
- err_unimpl((char *)0);
+ if (!sslcert.s || *sslcert.s == '\0') {
+ err_unimpl("STARTTLS");
return;
}
@@ -1605,15 +1605,15 @@ void smtp_tls(char *arg)
if(!SSL_CTX_use_RSAPrivateKey_file(ctx, sslcert.s, SSL_FILETYPE_PEM))
{
out("454 TLS not available: missing RSA private key (#4.3.0)\r\n");
- logline(3,"aborting TLS negotiations, "
- "RSA private key invalid or unable to read ~control/cert.pem");
+ logline2(3,"aborting TLS negotiations, "
+ "RSA private key invalid or unable to read ", sslcert.s);
return;
}
if(!SSL_CTX_use_certificate_file(ctx, sslcert.s, SSL_FILETYPE_PEM))
{
out("454 TLS not available: missing certificate (#4.3.0)\r\n");
- logline(3,"aborting TLS negotiations, "
- "local cert invalid or unable to read ~control/cert.pem");
+ logline2(3,"aborting TLS negotiations, "
+ "local cert invalid or unable to read ", sslcert.s);
return;
}
SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
