4107 – let spamd not crash on accepting a non-ssl connection if spamd is configured for ssl

Bug 4107 - let spamd not crash on accepting a non-ssl connection if spamd is configured for ssl

Summary: let spamd not crash on accepting a non-ssl connection if spamd is configured ...

Status:	RESOLVED FIXED

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	spamc/spamd (show other bugs)
Version:	SVN Trunk (Latest Devel Version)
Hardware:	Other other

Importance:	P3 normal
Target Milestone:	3.1.0
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-01-26 05:22 UTC by Nico Prenzel
Modified:	2005-06-12 16:04 UTC (History)
CC List:	0 users

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Nico Prenzel 2005-01-26 05:22:58 UTC

I think it's an unwanted behaviour if spamd is configured to accept only ssl
connections, but crashes itself if a non-ssl connection arrives.

crash log:


debug: prefork: ordered 20559 to accept
debug: log: SSL failure: SSL accept attempt failederror:140760FC:SSL
routines:SSL23_GET_CLIENT_HELLO:unknown
protocolerror:00000000:lib(0):func(0):reason(0)
debug: prefork: child 20559: entering state 1
prefork: ordered child to accept, but child reported state '1' at
/usr/local/share/perl/5.8.4/Mail/SpamAssassin/SpamdForkScaling.pm line 263,
<GEN2> line 2.
empty order from parent at
/usr/local/share/perl/5.8.4/Mail/SpamAssassin/SpamdForkScaling.pm line 309.
debian:/home#
debian:/home#
debian:/home#
debian:/home#
debian:/home#
debian:/home#
debian:/home# empty order from parent at
/usr/local/share/perl/5.8.4/Mail/SpamAssassin/SpamdForkScaling.pm line 309,
<GEN3> line 1.

Comment 1 Nico Prenzel 2005-01-26 09:54:25 UTC

Also the other way round:

If you connect to spamd which only accepts non-ssl communication from spamc, 
configured to use ssl, than spamd gives a
debug: log: connection from x.x.x.x [x.x.x.x] at port xxxx
and hangs after the output.

Comment 2 Bob Menschel 2005-05-26 21:46:14 UTC

Triage: Guessing this should be easy enough to reproduce and then fix for 3.1

Comment 3 Justin Mason 2005-06-01 20:34:12 UTC

btw I presume this is not a crash bug -- ie. the entire spamd server isn't
killed, just that child process?

Comment 4 Nico Prenzel 2005-06-02 15:59:46 UTC

Hi Justin,

you're right now. As I reported the error the behaviour was a complete crash. 
SA version was current trunk at report time. (i don't remember)

btw. it shouldn't also crash a child.

Comment 5 Justin Mason 2005-06-07 20:42:31 UTC

Nico, if the child crashes but then is restarted by the master spamd, that's OK.
anyway, raising pri -- this is about the biggest bug left in the 3.1.0 queue....

Comment 6 Justin Mason 2005-06-13 00:04:06 UTC

ok, fixed.  
Sending        MANIFEST
Sending        spamd/spamd.raw
Adding         t/spamd_ssl_accept_fail.t
Transmitting file data ...
Committed revision 190364.


ps: I'd say we're ready for a 3.1.0 prerelease...