The crash seems involved with bad handled AD response
DSID-0C090627,.comment:.In.order.to.perform.this.operation.a.successful.bind.must.be.completed.on.the.connection.
when this occurs dovecot got a segmentation fault
this bug probably has been corrected (changelogs aren't clear) because this response is well handled on dovecot-2.2.18-2.fc21.x86_64
2015-06-17 23:03 GMT+02:00 Andrea Lisci andrelisci@gmail.com:
dovecot 2.2.10 packaged by centos 7
configuring ldap driver on userdb cause imap crash during login
userdb { driver = ldap args = /etc/dovecot/dovecot-ldap-userdb.conf3.ext
# Default fields can be used to specify defaults that LDAP may override #default_fields = home=/home/virtual/%u }
#ldap conf
hosts = myDChost base = dc=company,dc=testdomain,dc=dom ldap_version = 3 auth_bind = yes auth_bind_userdn = windowsdomain\%u user_filter = (&(objectclass=person)(|(mail=%u)(sAMAccountName=%n))) user_attrs = =uid=vmail,=gid=vmail,=home=/users/vmail/ maildomain.com/%n,=mail_location=maildir:/users/vmail/maildomain.com/%n/Maildir tls = yes tls_require_cert = never
dovecot -n
# 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-229.4.2.el7.x86_64 x86_64 CentOS Linux release 7.1.1503 (Core) xfs auth_debug = yes auth_mechanisms = plain login listen = * mail_debug = yes mail_location = maildir:/users/vmail/maildomain.com/%n/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mbox_write_locks = fcntl namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-ldap.conf2.ext driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = required ssl_cert =
core dump
gdb /usr/libexec/dovecot/auth /var/core/25122 GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-64.el7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/... Reading symbols from /usr/libexec/dovecot/auth...Reading symbols from /usr/lib/debug/usr/libexec/dovecot/auth.debug...done. done. [New LWP 25122] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Missing separate debuginfo for /usr/lib64/libnssckbi.so Try: yum --enablerepo='*debug*' install /usr/lib/debug/.build-id/1e/a2171aee7143d971607597b24f2a97e9276cbb.debug Core was generated by `dovecot/auth'. Program terminated with signal 11, Segmentation fault. #0 db_ldap_handle_request_result (res=0x0, idx=<optimized out>, request=<optimized out>, conn=<optimized out>) at db-ldap.c:819 819 request->callback(conn, request, res->msg); (gdb) bt full #0 db_ldap_handle_request_result (res=0x0, idx=<optimized out>, request=<optimized out>, conn=<optimized out>) at db-ldap.c:819 _data_stack_cur_id = 3 srequest = <optimized out> ret = <optimized out> final_result = <optimized out> named_res = <optimized out> #1 db_ldap_handle_result (res=<optimized out>, conn=<optimized out>) at db-ldap.c:886 auth_request = 0x7f3704fa2620 idx = <optimized out> msgid = <optimized out> #2 ldap_input (conn=<optimized out>) at db-ldap.c:918 timeout = {tv_sec = 0, tv_usec = 0} res = 0x7f3704b1b530 msg = 0x7f370489fcb0 prev_reply_diff = <optimized out> ret = <optimized out> #3 0x00007f3702a19a47 in io_loop_call_io (io=0x7f37046dbad0) at ioloop.c:388 ioloop = 0x7f37046bd7b0 t_id = 2 #4 0x00007f3702a1a8cf in io_loop_handler_run (ioloop=ioloop@entry=0x7f37046bd7b0) at ioloop-epoll.c:220 ctx = 0x7f37046c5450 events = <optimized out> list = 0x7f3704998170 io = <optimized out> tv = {tv_sec = 0, tv_usec = 999118} events_count = <optimized out> msecs = <optimized out> ret = 1 i = 0 call = <optimized out> __FUNCTION__ = "io_loop_handler_run" #5 0x00007f3702a19598 in io_loop_run (ioloop=0x7f37046bd7b0) at ioloop.c:412 __FUNCTION__ = "io_loop_run" #6 0x00007f37029c69e3 in master_service_run (service=0x7f37046bd640, callback=<optimized out>) at master-service.c:571 No locals. #7 0x00007f3702ea77f1 in main (argc=1, argv=0x7f37046bd390) at main.c:393 c = <optimized out>