On Fri, 29 Nov 2013, Andreas Schulze wrote:
> # now try to start deamon
> opendkim -x test.conf
> opendkim: getvalues.c:100: ldap_get_values_len: Assertion `target != ((void
> *)0)' failed.
> Abgebrochen (Speicherabzug geschrieben)
If my previous message was right, then here's what's happening:
Using "-Q" mode bypasses some of the startup checks done when the daemon
is being started. One of these is a walk through the signing table to
confirm that no signing table entry references a missing key table entry.
(This was added in 2.7.0; not sure why it would be new in 2.9.0.Beta1.)
The signing table is expected to have two values, namely the pattern to
match and the name of the key to use when a match occurs. The value you
were passing to configuration is this:
SigningTable ldaps://dili.dmarcian.de/dc=ldap?DKIMSelector?sub?(DKIMIdentity=$d)
This only passes a single LDAP attribute, DKIMSelector, as the output
field from that data set. (There's also one missing from your KeyTable
definition.) The DB walk code runs into an assertion failure if you
provide it with fewer LDAP attributes than will be requested. I think
this is what you're getting.
I believe the attached patch will fix it (by returning an error), but I
don't have an environment with which to test it yet. I'm working on
building one now, but this is worth getting out there in parallel to my
own tests.
-MSK
- TEXT/PLAIN attachment: PATCH
Received on Sun Dec 01 2013 - 06:11:05 PST