Re: OpenDKIM 2.9.0 Beta1 available from Andreas Schulze on 2013-11-26 (OpenDKIM Developers mailing list)

From: Andreas Schulze <sca_at_andreasschulze.de>
Date: Tue, 26 Nov 2013 21:55:52 +0100

Am 26.11.2013 01:27 schrieb Murray S. Kucherawy:
> Changes since Beta0:
Murray,

I still get segfaults while starting opendkim.
It could be tested also without really starting as daemon:

# /usr/sbin/opendkim -x /etc/opendkim/opendkim.conf -e ChangeRootDirectory
opendkim: getvalues.c:100: ldap_get_values_len: Assertion `target != ((void *)0)' failed.
Abgebrochen (Speicherabzug geschrieben)

# cat /etc/opendkim/opendkim.conf
EnableCoredumps yes
KeyTable file:/dev/null
SigningTable ldaps://dili.dmarcian.de/dc=ldap?DKIMSelector?sub?(DKIMIdentity=$d)
LDAPBindUser cn=opendkim,ou=services,dc=ldap
LDAPBindPassword test

# gdb /usr/sbin/opendkim /var/core/opendkim_running_as_pid_25463_at_host_solar_got_signal_6
...
Core was generated by `/usr/sbin/opendkim -x /etc/opendkim/opendkim.conf -e ChangeRootDirectory'.
Program terminated with signal 6, Aborted.
#0 0xb779d424 in __kernel_vsyscall ()
(gdb) bt
#0 0xb779d424 in __kernel_vsyscall ()
#1 0xb6c2b781 in raise () from /lib/i686/cmov/libc.so.6
#2 0xb6c2ebb2 in abort () from /lib/i686/cmov/libc.so.6
#3 0xb6c248e8 in __assert_fail () from /lib/i686/cmov/libc.so.6
#4 0xb732dc31 in ldap_get_values_len () from /usr/lib/libldap_r-2.4.so.2
#5 0x0806c56c in dkimf_db_walk (db=0xa0182f0, first=true, key=0x0, keylen=0x0, req=0xbf97f854, reqnum=2) at opendkim-db.c:6190
#6 0x08055ed1 in dkimf_config_load (data=0xa0188e0, conf=0xa018028, err=0xbf982ad7 "", errlen=1025, become=0x0) at opendkim.c:8587
#7 0x08062a5f in main (argc=5, argv=0xbf9930f4) at opendkim.c:16911
(gdb) quit
#

# LDAP-Logging:
2013-11-26 21:29:46.237616500 529504ba conn=1098 fd=13 ACCEPT from IP=[::1]:12499 (IP=[::]:636)
2013-11-26 21:29:46.450932500 529504ba conn=1098 fd=13 TLS established tls_ssf=128 ssf=128
2013-11-26 21:29:46.528815500 529504ba conn=1098 op=0 BIND dn="cn=opendkim,ou=services,dc=ldap" method=128
2013-11-26 21:29:46.528817500 529504ba conn=1098 op=0 BIND dn="cn=opendkim,ou=services,dc=ldap" mech=SIMPLE ssf=0
2013-11-26 21:29:46.528818500 529504ba conn=1098 op=0 RESULT tag=97 err=0 text=
2013-11-26 21:29:46.595020500 529504ba conn=1098 op=1 SRCH base="dc=ldap" scope=2 deref=0 filter="(DKIMIdentity=*)"
2013-11-26 21:29:46.595039500 529504ba conn=1098 op=1 SRCH attr=DKIMSelector
2013-11-26 21:29:46.595218500 529504ba conn=1098 op=1 SEARCH RESULT tag=101 err=0 nentries=2 text=
2013-11-26 21:29:46.663011500 529504ba conn=1098 fd=13 closed (connection lost)

The Test LDAP-Server contain testdata any is public available. For that reason I setup the LDAP-Server on LDAPS only.
OpenDKIM (libldap) connect only if it knows the ca certificate.
I have this in /etc/ldap/ldap.conf: "TLS_CACERT /path/to/cacert.org-root.pem"

# opendkim -V
opendkim: OpenDKIM Filter v2.9.0
        Compiled with OpenSSL 0.9.8o 01 Jun 2010
        SMFI_VERSION 0x1000001
        libmilter version 1.0.1
        Supported signing algorithms:
                rsa-sha1
                rsa-sha256
        Supported canonicalization algorithms:
                relaxed
                simple
        Active code options:
                USE_DB
                USE_JANSSON
                USE_LDAP
                USE_ODBX
                USE_UNBOUND
                _FFR_DIFFHEADERS
                _FFR_IDENTITY_HEADER
                _FFR_RATE_LIMIT
                _FFR_REDIRECT
                _FFR_REPRRD
                _FFR_REPUTATION
                _FFR_SENDER_MACRO
                _FFR_STATS
        libopendkim 2.9.0: diffheaders debug

Andreas
Received on Tue Nov 26 2013 - 20:56:07 PST

This archive was generated by hypermail 2.3.0 : Tue Nov 26 2013 - 21:00:01 PST