[tpop3d-discuss] Peculiar bug. 1.5.2 with TLS crashes on occasion.

Dave Baker dave at dsb3.com
Wed, 15 Oct 2003 20:39:13 -0400


--5mCyUwZo2JvN/JJP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Since enabling TLS (immediate mode) and testing it for a while I've run
into a peculiar bug.  It was happening infrequently, but when it did
happen it was entirely reproduceable *UNTIL* I tried to isolate which
message was causing it.

Today, I managed to track down a little more about the source of the 
problem.  It seems it's caused by a certain character encoding.  tpop3d is
able to feed one copy of the email just fine, but if the same type of mail
appears again in the mailbox it will crash.

I tracked down a single mail that can duplicate this problem.  I just copy it
into a POP3 mbox and connect via "openssl s_client" to talk POP3.  I can
either log in, and "retr 1" twice to cause the crash, or if I have another
(good) mail I can log in and "retr 1" (bad), "retr 2" (good), "retr 1" (bad
again) and cause the crash.

Something interesting is that even though the mail is 6591 bytes on disk the 
mail headers indicate a Content-Length of 5295... the problem still occurs
if I edit out that header, but this at first led me to think it might be
a multi-byte character problem.


I have not yet tried with a maildir mailbox, but suspect it won't cause a
problem.


Attached is a gzipped copy of the mbox file that duplicates the crash.  Has
anyone else seen this?  


I wonder - does anyone know more about the TLS internals to take a
guess as to where the bug might lie?




Other pertinent details:
  tpop3d-1.5.2
  
  ./configure --prefix=/opt/tpop3d-1.5.2 --disable-auth-pam
  --disable-auth-passwd --disable-auth-mysql --disable-auth-pgsql
  --disable-auth-ldap --disable-auth-flatfile --disable-auth-other
  --enable-auth-perl --enable-mbox-bsd --enable-mbox-maildir --enable-tls
  --disable-snide-comments --enable-tcp-wrappers
  --with-openssl-root=/usr/local/

  Using perl_auth only.  I hand-patched the code (patch was sent to the list a
  few days ago) to modify the behavior of the "apop_only" flag to disable it's
  disconnectingness when under a secure connection.

  This is running under FreeBSD 4.5-RELEASE.
  
  OpenSSL is 0.9.7c

  (ldd) /opt/tpop3d-1.5.2/sbin/tpop3d:
        libwrap.so.3 => /usr/lib/libwrap.so.3 (0x2807b000)
        libssl.so.3 => /usr/local/lib/libssl.so.3 (0x28083000)
        libcrypto.so.3 => /usr/local/lib/libcrypto.so.3 (0x280b1000)
        libcrypt.so.2 => /usr/lib/libcrypt.so.2 (0x2819d000)
        libperl.so.3 => /usr/lib/libperl.so.3 (0x281b6000)
        libm.so.2 => /usr/lib/libm.so.2 (0x2824e000)
        libc.so.4 => /usr/lib/libc.so.4 (0x2826a000)
        libutil.so.3 => /usr/lib/libutil.so.3 (0x28303000)

  

Here's the tpop3d output from the session that crashed:

2003-10-15 20:06:30.871169500 listeners_post_select: client [6]69.0.74.197/mail.server.hostname: connected to local address 69.55.238.47:995
2003-10-15 20:06:35.014563500 authcontext_new_user_pass: began session for `dave@dsb3.com' with perl; uid 68, gid 6
2003-10-15 20:06:35.018870500 fork_child: [6]dave@dsb3.com(69.0.74.197): began session for `dave@dsb3.com' with perl; child PID is 92462
2003-10-15 20:06:35.025294500 mailspool_new_from_file: indexed mailspool /var/mail/dsb3.com/dave (6591 bytes) in 0.000s
2003-10-15 20:06:36.951299500 ioabs_tls_immediate_write: client [6]dave@dsb3.com(69.0.74.197): bad write retry; closing connection
2003-10-15 20:06:36.954052500 connections_post_select: client [6]dave@dsb3.com(69.0.74.197): finished session for `dave@dsb3.com' with perl
2003-10-15 20:06:36.954067500 connections_post_select: client [6]dave@dsb3.com(69.0.74.197): disconnected; 47/8024 bytes read/written


Here's some of the offending POP3 dialogue (I doubt it matters but the 
SSL cert I'm using is signed by geotrust)

$ openssl s_client -connect mail.server.hostname:995
CONNECTED(00000006)
(snip)
---
Server certificate
-----BEGIN CERTIFICATE-----
(snip)
---
No client certificate CA names sent
---
SSL handshake has read 1023 bytes and written 340 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
(snip)
---
+OK <5d10a8d0f08f3b5f65f68b0088cf9af4@mail.server.hostname>
user dave@dsb3.com
+OK Tell me your password.
pass THEPASSWORDHERE
+OK Welcome aboard! You have exactly one message.
retr 1
+OK Message follows
(snip)
Content-Length: 5295
Lines: 3

(message body snipped)

.
retr 1
+OK Message follows
(snip)
Content-Length: 5295
Lines: 3

read:errno=0

(connection broken)






-- 

-    Dave Baker      :      dave@dsb3.com      :      http://dsb3.com/    -
GnuPG:  1024D/D7BCA55D / 09CD D148 57DE 711E 6708  B772 0DD4 51D5 D7BC A55D


--5mCyUwZo2JvN/JJP
Content-Type: application/octet-stream
Content-Disposition: attachment; filename="mbox-crashes-tpop3d-ssl.gz"
Content-Transfer-Encoding: base64

H4sICAFejT8CA21ib3gtY3Jhc2hlcy10cG9wM2Qtc3NsALVYbXMa1xX+HH7FGTLTsaew2gUB
AiPZsi1X7kiWEyup20w+8LIgYgQqu1It/TpfvNdoxe5e2BchUKRM2uRDJknjvHQy037pubsI
EJIdq3Y1g/aFe8997jnnec653GvUN2EvrVb/Wtt5upEobe/dUhRFKODb9W0Z1goqSLMQi2fi
sUw8DjFRjIc+lAtyZUcuZqDEZ2/mFFVuCEU5X8nVhHqjDNc+kWaTwlxMkOJzQurT66H38rug
bMjVKo7ayTdylZq/wt8q6gbIyqa6BdeWnlY2IS7Ekzi6UgRpMV1Yq0VFUUzd28ZL6L1SvQHZ
Ym5HvlVU8nE+f+EGxxjhADlOjm2MNCrO4qwpqOpmrlJVJUHZaQhb9SoaEbafwCdSOiGkOdqU
IImpT8HHe3Fbl8FNgATX7vpjro+RrzzgyGO7H+HlMpCxTCydESUEmbgIcluRG1EpmU4K+XxR
jKkF9JpSncB77ZM5SUilhNScICXFoXsv35oPeQLxrCDNTsBc5TDnFovR5dUb8Ce5iDATY5ji
rA9ThN+LEsK8h+AyMH/zSb0yF23cvH1zbvnuw6ery4v3V1dux2pPynvp9aXY489u35yH7KUp
tRBar2cgr2zsVCHrX26N3bsQerSd/0wuqOfXeLBy6Rr3HxTKc6szS3uFmfXd2Mzj2OpHZfEP
c+XU6uO1YiG1XFhdXhLn1J29xzhHWf6gcGe2fHM+9N6E6ft3Fsvv6vNbplcfr99/UFrZU1J/
jqnLj/Z27z4U59b/GPtgfh6n3s2pcuYS/6cysVRGiqP/g1zequ5GuQcvdW5otbIpRz+WG0ql
XsuAJIihO/WaKtfU6PruFtpX5afqzIa6Wb0BhY1cQ5HV+XCAOBx6HF3F9JEbGVitFBp1pV5S
YW1brdbrT2Dp6VZDVhRICqIoxJL4D5NGxCkPG5V6o6LuZiDODTziJiZePqg3NnNV/g0CW1tZ
ysDDRr24XZCLcHt3Yp3h1/Dx1AKruGiuLEfvIzGyS9P5KnAXRSUxKiWQ6tFYGr+6dSkJMLHU
nLqtZODDtZFLVuRaWd3IQCKWToRWKjVZ4bsIZbl/FrIbcq64kJ0JLvl6cRfy5Tv1ar0x/34+
V0yXSgtZNZevysivoroxH0bMYcjXG0W5MR+OhSFXrZRr8+ECriQ3wlBA5dvKFYuVWnk+nAqe
la1cwX8ezSz4C4TfF/PJZDGJb8tnb0r+X3gBsmqD/0NQW1NrIMyFbAk3ByMzYjrNYSmVPXk+
PBuGUq6AN4uNSq4agWW5uiOrlUIuAkqupkRRcyq4wkv4CX6Ar+BL+Bp+gZ/hx+wMN4q+ODMf
mIufmcN8K+ZqaOX1drN5DvwiRFHk+/o7GRBgrtbfJ9BhGnzPnHaPHeA9fEct3WrZRHPazPTA
Ih2b9Ax8+SxyAdq0WX9Ri2rEoG2G9uEbx7V1Cy21GPSYxvZtYumGfkIE+Jelt4lxZJEuHOo9
1tEdftuxdZtpJAIGdSL45GkRsGkbX9hk0NNdHKJbL2yCdr2269lnuxCG2GB0LVZ2LkRs+xVu
KZX4DsLTrn69h7/RKMfPfAe2md1hNnH1nuU9gyYZeENgEdCYObr3lx+QFsNNWv0D3OUpbfKb
59RybdDBFToCTPp5Zhvxvj3Ykcl7aw/W8YLeCXw0uvcdM0ryz7YVtVLaDQfO2h76601W+ok4
HWawQ8wYOlr1KgYyF9LsjTaY57E/z5lYeIEnNus5bcwb1jQwbY4i5xK0JfzMDIueWpihttOO
QEKEKCQS0OZBC3jRv4QWmMTwsuta+nP/8Zg5DhWm4+RrCCjqbhXBcMdHH93/C6qytPUUHcva
ZGA4HvR6bu+I6qA3CekjT0bbn0roYGMXjCW4sWFaNyaGXzFsv1Db1l1m693JoF0pBBmYcv6A
om6g5wfMQp42TygKjMFOiHb0DNKCJEELKeGwpuP2qMVZcI7vXU4cp8eaSBVuhJpG1+casv9Y
t3l+IZVQCNhBW4+A59+hKU5IHKnhp8WMoxfkjFa/srbttcAx6TGxAvahxrijjXPa9oEnAs9e
gsabeGsKcKW4dnsu67pGCwgxPPCs6YD+r/Ech8GPQuDl2LgK+c9xHvR/c08F4RsRKQNzQgL9
DT3UI6PFHJthzh8AQT9qNFDacXBYGxkMPD7C/x/uP6nW0w91kyE5p1G/49Wl65AEreftf+6S
Q6u/D23d7uin/M7pcDHnr1DJPYf1xt5A9sdjIrR7ggltcqj1DzBrUe252GMWoQB0UE4ccDCB
UAYOLMzb0WQJYumkPzcCbcNrYjI6Lnq3x4vdeFAymRgOGpWEAMh4UHJ2bjiEaKZu6Zjvfr1h
0X026B6MSDQ9T4J0PDWc6bQNovU5xUxOyghG2CaHNwLvxa4jSb+gbbd/vsb2M37t9unAF/CQ
17hZ/g67A3yHedQkxxZFvyAmy3nBbJMgpfyCzjTHJdZzvYv7Zy71Kz5fdxC4YOJrdop7svoU
JYHZHi8gXWGUDFuXVqfzgvNGKvWrQ3HVoWxgPDvYVPDIIwnOsoEK8EPzZBwg4KMRDm6TGZSC
JMKsFAR1BPAVGffO+XOOPL7Gf8tM0+PN1HNdH4l2YCbD/RzhkcJQf45Jit3YKeUaiZslFjH0
AfFdbw7LJEoqhoi+YBaPAyYytd+ZBAzhfsXanondTv8M64Wy0eMRwqaTgF82goy0xiqh43vN
oIfkhALjuYZVBlMW9dqmLU4LbCF7xOoLb6m4V6ygL1FSKX131XO6MCLlsDs+JQYzh/oTpCcv
fi4OwwYaY4bsd5HgDvEsvPRgoGHH3d0H3aTUdbrAnWtR1txnGjoTHYik9jTuLx3T/rsp8WHY
lJ9QC0yquXQfk4whx/34YGqccIbyYmtx6X6Gg5rUGPoew4FgW7zLhTYMdBPVAT5vOx3DIy7P
VAG+xWJsYLXVOOX40UP7gg40rrbEeYGUdANTXF1M4sfVb7cPsIDZrEW5iLU8o4vyQwPZ4S7h
DygfzRO/PUBFxhT3U0U3edo4vCOx+njf8ay2S0z9ik3bEXqsbZl23+yhXBCHOZeX96lYwltx
6Er6Nnm0e4GbfK4zS7c96gLvfgz0NLqcF3wdw6a76M19/nyWHzycOObYJS50qO2gxBtkSobf
PKuBk/57bKewItpUwzwheIg7gp6uUex/sVq6HkaJDSyCZVT3ywNG2PmCmphqQ/Lz5fMT/fAF
DL/VYfwDu7kL/dClJ9gJZY3jUUAEfD25OPZOBsG0hJ//8yVvKAcmbxUBa13rvI/Gp89hreLA
R4euCwfT1xzwZq988Mde3sjANTGduI57SEQTs9FE0j+xBO9SKSmaSEfF2Ymdvd1PDcPMvdxc
7IK59dxGfTPnT7zWYVa0gwcplCxeVzUGMQlOiUMmrF3n5odH16Eb/Tf8c9HRZ35+fbcgTbFp
ckMPhUcYXHKMjZZNsdEZdF3QB0iqtt13sUVELcLuGcWwJ8DLgEf+SQXPcIOebnFZjAB10OEd
3TkyGdpyUHSxQOkWHjcodpeo4gJ8zYf8ymsbDL9AmlLnaLLYoa72gmMoDoKXTAtK9RF/2mcu
UiYCpy5r9icAe3i+5eFGzBrXTHpwrO/zY5PTN1jb5/6xgTNREE1fb/ksD7KLsNGQS/Nh/ze9
eqYoVyuK2sjlc3u5WzVZVQq5LVnAm/DCK7/KziwuDHeNLsS6ZNLgkVfy7oAEDP9dLa9s3fCw
meYoTnHnAwTFsHwEWIjfKzIb6xm6J9gmuh8NEfdokmjZGbXIU0Ll+eH/QDjOjHOcKqTldCH/
Sl23NaY9M8FwbRtcw6BsfArmP0byXyb5z5ShUOi/WRINfL8ZAAA=

--5mCyUwZo2JvN/JJP--