SA Bugzilla – Bug 4107
let spamd not crash on accepting a non-ssl connection if spamd is configured for ssl
Last modified: 2005-06-12 16:04:06 UTC
I think it's an unwanted behaviour if spamd is configured to accept only ssl connections, but crashes itself if a non-ssl connection arrives. crash log: debug: prefork: ordered 20559 to accept debug: log: SSL failure: SSL accept attempt failederror:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocolerror:00000000:lib(0):func(0):reason(0) debug: prefork: child 20559: entering state 1 prefork: ordered child to accept, but child reported state '1' at /usr/local/share/perl/5.8.4/Mail/SpamAssassin/SpamdForkScaling.pm line 263, <GEN2> line 2. empty order from parent at /usr/local/share/perl/5.8.4/Mail/SpamAssassin/SpamdForkScaling.pm line 309. debian:/home# debian:/home# debian:/home# debian:/home# debian:/home# debian:/home# debian:/home# empty order from parent at /usr/local/share/perl/5.8.4/Mail/SpamAssassin/SpamdForkScaling.pm line 309, <GEN3> line 1.
Also the other way round: If you connect to spamd which only accepts non-ssl communication from spamc, configured to use ssl, than spamd gives a debug: log: connection from x.x.x.x [x.x.x.x] at port xxxx and hangs after the output.
Triage: Guessing this should be easy enough to reproduce and then fix for 3.1
btw I presume this is not a crash bug -- ie. the entire spamd server isn't killed, just that child process?
Hi Justin, you're right now. As I reported the error the behaviour was a complete crash. SA version was current trunk at report time. (i don't remember) btw. it shouldn't also crash a child.
Nico, if the child crashes but then is restarted by the master spamd, that's OK. anyway, raising pri -- this is about the biggest bug left in the 3.1.0 queue....
ok, fixed. Sending MANIFEST Sending spamd/spamd.raw Adding t/spamd_ssl_accept_fail.t Transmitting file data ... Committed revision 190364. ps: I'd say we're ready for a 3.1.0 prerelease...