Andre Dalle
2007-Jan-23 22:06 UTC
[Dovecot] dovecotpw/sql crypt scheme core dump with rc17-19
Platform is Solaris 8 on a 280R.
I'm setting up a new installation of Dovecot, and I ran into some troubles
that I've partly tracked down.
I setup auth/user dbs with LDAP initially, and things worked well.
Passwords are stored as "{crypt}zxcv..." in LDAP.
I setup SQL, and began getting this:
dovecot: Jan 23 16:37:47 Error: child 8718 (auth-worker) killed with signal 11
Passwords are stored as "zxcv..." in SQL.
I changed default_pass_scheme from CRYPT to PLAIN, and no troubles.
I then tried dovecotpw:
dovecotpw -p 123 -s PLAIN-MD5
{PLAIN-MD5}202cb962ac59075b964b07152d234b70
dovecotpw -p 123 -s CRYPT
Segmentation Fault (core dumped)
So I then tried this:
truss dovecotpw -p 123 -s crypt
open64("/dev/urandom", O_RDONLY) = 3
read(3, "F80E82 c", 4) = 4
fcntl(3, F_GETFD, 0x00000000) = 0
fcntl(3, F_SETFD, 0x00000001) = 0
open64("/usr/local/lib/dovecot/auth/password", O_RDONLY|O_NDELAY)
Err#2 ENOENT
read(3, "8382", 2) = 2
Incurred fault #6, FLTBOUNDS %pc = 0xFF0E3304
siginfo: SIGSEGV SEGV_MAPERR addr=0x00000005
Received signal #11, SIGSEGV [default]
siginfo: SIGSEGV SEGV_MAPERR addr=0x00000005
*** process killed ***
Suffice to say, there is no "/usr/local/lib/dovecot/auth/password".
I'm guessing that the dovecot auth-worker process is failing for the same
reason but I don't know how to debug that one.
I have core files for the dovecotpw process.
--
Andr? Dalle
Systems Administrator
NCF Internet
Andre Dalle
2007-Jan-24 02:08 UTC
[Dovecot] dovecotpw/sql crypt scheme core dump with rc17-19
I'm using bind auth for LDAP - this is probably why I don't run into the
problem there.
I checked the core file - the program was ending on DES_set_key_unchecked - an
OpenSSL function.
I changed auth/mycrypt.c to use the OpenSSL crypt function:
char *mycrypt(const char *key, const char *salt)
{
return DES_crypt(key, salt);
}
After rebuilding the binaries, they work with the OpenSSL function:
dovecotpw -p123 -scrypt
{CRYPT}VZtB3DdcYpi0E
I now have the passdb running against SQL and all is well.
I don't know which is faster... Solaris crypt() or OpenSSL DES_crypt(); but
CPU is not an issue on my server so I'll take the tradeoff.
On Tue, Jan 23, 2007 at 05:06:24PM -0500, Andre Dalle
wrote:> Platform is Solaris 8 on a 280R.
>
> I'm setting up a new installation of Dovecot, and I ran into some
troubles
> that I've partly tracked down.
>
> I setup auth/user dbs with LDAP initially, and things worked well.
>
> Passwords are stored as "{crypt}zxcv..." in LDAP.
>
> I setup SQL, and began getting this:
>
> dovecot: Jan 23 16:37:47 Error: child 8718 (auth-worker) killed with signal
11
>
> Passwords are stored as "zxcv..." in SQL.
>
> I changed default_pass_scheme from CRYPT to PLAIN, and no troubles.
>
> I then tried dovecotpw:
>
> dovecotpw -p 123 -s PLAIN-MD5
> {PLAIN-MD5}202cb962ac59075b964b07152d234b70
> dovecotpw -p 123 -s CRYPT
> Segmentation Fault (core dumped)
>
> So I then tried this:
> truss dovecotpw -p 123 -s crypt
>
> open64("/dev/urandom", O_RDONLY) = 3
> read(3, "F80E82 c", 4) = 4
> fcntl(3, F_GETFD, 0x00000000) = 0
> fcntl(3, F_SETFD, 0x00000001) = 0
> open64("/usr/local/lib/dovecot/auth/password", O_RDONLY|O_NDELAY)
Err#2 ENOENT
> read(3, "8382", 2) = 2
> Incurred fault #6, FLTBOUNDS %pc = 0xFF0E3304
> siginfo: SIGSEGV SEGV_MAPERR addr=0x00000005
> Received signal #11, SIGSEGV [default]
> siginfo: SIGSEGV SEGV_MAPERR addr=0x00000005
> *** process killed ***
>
> Suffice to say, there is no
"/usr/local/lib/dovecot/auth/password".
>
> I'm guessing that the dovecot auth-worker process is failing for the
same
> reason but I don't know how to debug that one.
>
> I have core files for the dovecotpw process.
>
> --
> Andr? Dalle
> Systems Administrator
> NCF Internet
--
Andr? Dalle
Systems Administrator
NCF Internet