Ubuntu
postfix package

Bug #81242
Comment #7

Comment 7 for bug 81242

Revision history for this message

Steve Langasek (vorlon) wrote on 2008-04-07: Re: [Bug 81242] [NEW] postfix-ldap is linked against gnuTLS

On Mon, Apr 07, 2008 at 05:44:51PM -0000, Launchpad Bug Tracker wrote:

> When trying to get SSL and postfix and ldap going I stumbled accross the following:
> postfix-ldap is linked against gnu TLS and this breaks SSL and LDAP.
> postfix itself /is/ linked against openSSL.

> postmap works, but postfix will complain about 'bad search filter'

> See:
> http://archives.neohapsis.com/archives/postfix/2007-01/1351.html

> for the discussion.

This thread points to /usr/share/doc/postfix/TLS_README.gz, which claims:

NOTE: Do not use Gnu TLS. It will spontaneously terminate a Postfix daemon
process with exit status code 2, instead of allowing Postfix to 1) report
the error to the maillog file, and to 2) provide plaintext service where
this is appropriate.

But that is the extent of the explanation. This doesn't explain why postfix
(but no other ldap-using apps) manages to trigger this issue with GnuTLS.

I find three locations in the libgcrypt11 source where exit(2) is invoked.
Two of them are related to a failure to allocate secure memory. The third
is when an internal logging function is called with GCRY_LOG_FATAL. For the
most part, this seems to be called in the case of memory corruption errors,
or when keys that have just been generated fail to pass a self-test, or upon
failing to initialize a mutex, etc; while it's always unfriendly for a
library to ever call exit() directly, these are at least cases where the
library is in such an inconsistent state that it's probably dangerous to
continue, and if postfix is triggering any of these it's almost certainly a
bug in postfix that needs to be fixed.

The other case where I see log_fatal() being called that may be problematic
is when libgcrypt can't get any entropy. This could point to a real problem
of interactions between libgcrypt and libcrypto (GnuTLS/OpenSSL).

It would be helpful to capture the stderr output from this process before it
dies, since libgcrypt appears to log all fatal errors to stderr; that will
help narrow this down to a GnuTLS vs. Postfix bug.

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
<email address hidden> <email address hidden>

On Mon, Apr 07, 2008 at 05:44:51PM -0000, Launchpad Bug Tracker wrote:

> postmap works, but postfix will complain about 'bad search filter'

> See: 
> http://archives.neohapsis.com/archives/postfix/2007-01/1351.html

> for the discussion.

This thread points to /usr/share/doc/postfix/TLS_README.gz, which claims:

NOTE: Do not use Gnu TLS. It will spontaneously terminate a Postfix daemon
 process with exit status code 2, instead of allowing Postfix to 1) report
 the error to the maillog file, and to 2) provide plaintext service where
 this is appropriate.

But that is the extent of the explanation.  This doesn't explain why postfix
(but no other ldap-using apps) manages to trigger this issue with GnuTLS.

I find three locations in the libgcrypt11 source where exit(2) is invoked.
Two of them are related to a failure to allocate secure memory.  The third
is when an internal logging function is called with GCRY_LOG_FATAL.  For the
most part, this seems to be called in the case of memory corruption errors,
or when keys that have just been generated fail to pass a self-test, or upon
failing to initialize a mutex, etc; while it's always unfriendly for a
library to ever call exit() directly, these are at least cases where the
library is in such an inconsistent state that it's probably dangerous to
continue, and if postfix is triggering any of these it's almost certainly a
bug in postfix that needs to be fixed.

The other case where I see log_fatal() being called that may be problematic
is when libgcrypt can't get any entropy.  This could point to a real problem
of interactions between libgcrypt and libcrypto (GnuTLS/OpenSSL).

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Ubuntupostfix package

Comment 7 for bug 81242

Ubuntu
postfix package