On Fri, Jun 4, 2010 at 8:21 AM, Murray S. Kucherawy <msk_at_blackops.org> wrote:
>>
>> CentOS55[root_at_lunar mail]# /usr/local/sbin/opendkim -x
>> /usr/local/etc/opendkim.conf -u dkim -P /var/run/opendkim/opendkim.pid
>> -f -vvvv
>> opendkim: dkim.c:4528: dkim_sign: Assertion `secretkey != ((void *)0)'
>> failed.
>> Aborted
>
> Your build looks fine. This is clearly an indicator of a bug in the filter;
> it's calling a libopendkim function improperly.
>
> I'll track down and fix the problem (should be fairly easy), but as a
> workaround you can remove the Domain line from your configuration and try it
> again. Presumably you don't need it as you've got signing instructions for
> ivenue.com in the SigningTable.
One confirming data point, I disabled signing completely, leaving only
verification and it has run with no problems for 1.75 hours now.
So, if I'm understanding correctly, it's dying because I have a Domain
defined but not a KeyFile. Normally this would be a configuration
error and refuse to start, but since I have a KeyTable, it's allowing
it to start with the misconfiguration that a global domain is defined
but no global private key to go with it. I'm guessing it checks the
global settings before the entries in the KeyTable, and the global
domain matches, so it segfaults when trying to access the (supposed to
be accompanying) private key. Am I close?
I've commented out the Domain setting so that it's using only the
KeyTable, and restarted the daemon in foreground mode so that I can
see any potential output. I'll let you know in a couple hours if it
has been stable.
--
Regards... Todd
I seek the truth...it is only persistence in self-delusion and
ignorance that does harm. -- Marcus Aurealius
Received on Fri Jun 04 2010 - 15:56:15 PST