Submission crashes when relaying over TLS

Alec Moskvin alecm at gmx.com
Thu Sep 3 06:11:02 EEST 2020 

Hi Stephan,

I actually found the problem.

If I downgrade to 2.3.10.1, it no longer crashes and outputs a proper 
error message. The issue was here:

> ssl_client_ca_file = </etc/dovecot/ca.crt

It takes the file path rather than its contents so the "<" shouldn't be 
there. Also, I needed to disable "submission_relay_ssl_verify" since the 
cert isn't for "localhost" (this also causes a crash on 2.3.11.3).

Thanks,
Alec

On Wednesday 02 September 2020 19:58:30, Stephan Bosch wrote:
> Will investigate..
> 
> On 28/08/2020 01:07, Alec Moskvin wrote:
> > Hello,
> >
> > I'm trying to set up the submission proxy, but if I set
> > submission_relay_ssl = starttls, it crashes. Without it, it works.
> >
> > Please find the details below.
> >
> > Thanks,
> > Alec
> >
> >
> > dovecot[256855]: submission-login: Login: user=<alec>, method=PLAIN, rip=::1, lip=::1, mpid=257033, secured, session=<kMd1B9uthLUAAAAAAAAAAAAAAAAAAAAB>
> > dovecot[256855]: submission(alec)<257033><kMd1B9uthLUAAAAAAAAAAAAAAAAAAAAB>: Panic: file smtp-client-connection.c: line 290 (smtp_client_connection_fail): assertion failed: (conn->to_connect == NULL)
> > dovecot[256855]: submission(alec)<257033><kMd1B9uthLUAAAAAAAAAAAAAAAAAAAAB>: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(backtrace_append+0x42) [0x7fbbfb2bcaf2] -> /usr/lib64/dovecot/libdovecot.so.0(backtrace_get+0x1e) [0x7fbbfb2bcc0e] -> /usr/lib64/dovecot/libdovecot.so.0(+0xf5f09) [0x7fbbfb2c5f09] -> /usr/lib64/dovecot/libdovecot.so.0(+0xf5fa1) [0x7fbbfb2c5fa1] -> /usr/lib64/dovecot/libdovecot.so.0(+0x51eec) [0x7fbbfb221eec] -> /usr/lib64/dovecot/libdovecot.so.0(+0x44d5e) [0x7fbbfb214d5e] -> /usr/lib64/dovecot/libdovecot.so.0(+0x6c431) [0x7fbbfb23c431] -> /usr/lib64/dovecot/libdovecot.so.0(smtp_client_command_input_reply+0x201) [0x7fbbfb235261] -> /usr/lib64/dovecot/libdovecot.so.0(+0x6ccfd) [0x7fbbfb23ccfd] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x68) [0x7fbbfb2dc048] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x132) [0x7fbbfb2dd662] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x51) [0x7fbbfb2dc0f1] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x40) [0x7fbbfb2dc2b0] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7fbbfb255ee3] -> dovecot/submission(main+0x4df) [0x561d486b3daf] -> /lib64/libc.so.6(__libc_start_main+0xea) [0x7fbbfb054b8a] -> dovecot/submission(_start+0x2a) [0x561d486b3e3a]
> > dovecot[256855]: submission(alec)<257033><kMd1B9uthLUAAAAAAAAAAAAAAAAAAAAB>: Fatal: master: service(submission): child 257033 killed with signal 6 (core dumped)
> >
> >
> > (gdb) bt
> > #0  0x00007fbbfb069a31 in raise () from /lib64/libc.so.6
> > #1  0x00007fbbfb0532b6 in abort () from /lib64/libc.so.6
> > #2  0x00007fbbfb22223c in default_fatal_finish (status=0, type=LOG_TYPE_PANIC) at failures.c:459
> > #3  fatal_handler_real (ctx=<optimized out>, format=<optimized out>, args=<optimized out>) at failures.c:471
> > #4  0x00007fbbfb2c5fa1 in i_internal_fatal_handler (ctx=<optimized out>, format=<optimized out>, args=<optimized out>) at failures.c:848
> > #5  0x00007fbbfb221eec in i_panic (format=format at entry=0x7fbbfb30fd08 "file %s: line %d (%s): assertion failed: (%s)") at failures.c:523
> > #6  0x00007fbbfb214d5e in smtp_client_connection_fail (status=9002, error=<optimized out>, conn=0x561d491296a8) at smtp-client-connection.c:290
> > #7  smtp_client_connection_fail (conn=0x561d491296a8, status=<optimized out>, error=<optimized out>) at smtp-client-connection.c:282
> > #8  0x00007fbbfb23c431 in smtp_client_connection_starttls_cb (reply=0x561d4912d048, conn=0x561d491296a8) at smtp-client-connection.c:788
> > #9  0x00007fbbfb235261 in smtp_client_command_input_reply (cmd=<optimized out>, reply=reply at entry=0x561d4912d048) at smtp-client-command.c:971
> > #10 0x00007fbbfb23ccfd in smtp_client_connection_input_reply (reply=0x561d4912d048, conn=0x561d491296a8) at smtp-client-connection.c:1045
> > #11 smtp_client_connection_input (_conn=<optimized out>) at smtp-client-connection.c:1116
> > #12 0x00007fbbfb2dc048 in io_loop_call_io (io=0x561d49109cb0) at ioloop.c:713
> > #13 0x00007fbbfb2dd662 in io_loop_handler_run_internal (ioloop=ioloop at entry=0x561d490fd050) at ioloop-epoll.c:222
> > #14 0x00007fbbfb2dc0f1 in io_loop_handler_run (ioloop=0x561d490fd050) at ioloop.c:765
> > #15 0x00007fbbfb2dc2b0 in io_loop_run (ioloop=0x561d490fd050) at ioloop.c:738
> > #16 0x00007fbbfb255ee3 in master_service_run (service=0x561d490fceb0, callback=<optimized out>) at master-service.c:851
> > #17 0x0000561d486b3daf in main (argc=<optimized out>, argv=<optimized out>) at main.c:396
> >
> >
> > $ openssl version
> > OpenSSL 1.1.1g  21 Apr 2020
> >
> >
> > # doveconf -n
> > # 2.3.11.3 (502c39af9): /etc/dovecot/dovecot.conf
> > # OS: Linux 5.8.4 x86_64 Gentoo Base System release 2.7
> > # Hostname: haswell
> > listen = localhost
> > mail_location = maildir:~/.maildir
> > namespace inbox {
> >    inbox = yes
> >    location =
> >    mailbox Drafts {
> >      special_use = \Drafts
> >    }
> >    mailbox Junk {
> >      special_use = \Junk
> >    }
> >    mailbox Sent {
> >      special_use = \Sent
> >    }
> >    mailbox "Sent Messages" {
> >      special_use = \Sent
> >    }
> >    mailbox Trash {
> >      special_use = \Trash
> >    }
> >    prefix =
> > }
> > passdb {
> >    args = scheme=CRYPT username_format=%u /etc/dovecot/users
> >    driver = passwd-file
> > }
> > protocols = submission
> > ssl_cert = </etc/ssl/dovecot/server.pem
> > ssl_client_ca_file = </etc/dovecot/ca.crt
> > ssl_key = # hidden, use -P to show it
> > submission_relay_host = localhost
> > submission_relay_port = 2525
> > submission_relay_rawlog_dir = %h/rawlog
> > submission_relay_ssl = starttls
> > userdb {
> >    args = username_format=%u /etc/dovecot/users
> >    driver = passwd-file
> > }
> > protocol submission {
> >    rawlog_dir = %h/rawlog
> > }
> 
>

More information about the dovecot mailing list