Ubuntu
exim4 package

Merge ~sergiodj/ubuntu/+source/exim4:bug1974214-segfault-smtp-delivery-JAMMY into ubuntu/+source/exim4:ubuntu/jammy-devel

  1. Git
  2. lp:~sergiodj/ubuntu/+source/exim4
  3. bug1974214-segfault-smtp-delivery-JAMMY
  4. Merge into ubuntu/jammy-devel
Proposed by Sergio Durigan Junior
Status: Merged
Approved by: git-ubuntu bot
Approved revision: not available
Merge reported by: Sergio Durigan Junior
Merged at revision: 2947e0629f93371ad06fb72b1c44611e8d3b4c33
Proposed branch: ~sergiodj/ubuntu/+source/exim4:bug1974214-segfault-smtp-delivery-JAMMY
Merge into: ubuntu/+source/exim4:ubuntu/jammy-devel
Diff against target: 247 lines (+219/-0)
4 files modified
debian/changelog (+7/-0)
debian/patches/lp1974214-segfault-smtp-delivery-01.patch (+186/-0)
debian/patches/lp1974214-segfault-smtp-delivery-02.patch (+24/-0)
debian/patches/series (+2/-0)
Reviewer Review Type Date Requested Status
git-ubuntu bot Approve
Bryce Harrington (community) Approve
Canonical Server Pending
Review via email: mp+423963@code.launchpad.net

Description of the change

This MP fixes bug #1974214 in Jammy, which is about exim4 segfaulting while connecting to the secondary MX after the primary MX has deferred the email delivery.

This has been reported and fixed upstream, and the Ubuntu bug reporter already tried these patches and confirmed that they work. It took me a bit of time to come up with a reproducer, but after some failed attempts I was finally able to write step-by-step instructions. You can find them in the bug description, which is an SRU template (since this bug also affects Jammy).

There are two patches required to fix the bug, but they are not complex and shouldn't require too much review time. The annoying part is really reproducing the bug.

You can also find a PPA with the proposed package here:

https://launchpad.net/~sergiodj/+archive/ubuntu/exim4

The build is still running; when it finishes I'll trigger autopkgtests and post the results here.

To post a comment you must log in.
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

autopkgtest is OK:

autopkgtest [23:36:21]: @@@@@@@@@@@@@@@@@@@@ summary
basic PASS

https://autopkgtest.ubuntu.com/results/autopkgtest-jammy-sergiodj-exim4/?format=plain

Revision history for this message
Bryce Harrington (bryce) wrote :

See the kinetic MP for comments.

review: Approve
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

On Friday, June 03 2022, Bryce Harrington wrote:

> Review: Approve
>
> See the kinetic MP for comments.

Thanks, Bryce.

Uploaded:

$ dput exim4_4.95-4ubuntu2.1_source.changes
Trying to upload package to ubuntu
Checking signature on .changes
gpg: /home/sergio/work/exim4/exim4_4.95-4ubuntu2.1_source.changes: Valid signature from 106DA1C8C3CBBF14
Checking signature on .dsc
gpg: /home/sergio/work/exim4/exim4_4.95-4ubuntu2.1.dsc: Valid signature from 106DA1C8C3CBBF14
Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading exim4_4.95-4ubuntu2.1.dsc: done.
  Uploading exim4_4.95-4ubuntu2.1.debian.tar.xz: done.
  Uploading exim4_4.95-4ubuntu2.1_source.buildinfo: done.
  Uploading exim4_4.95-4ubuntu2.1_source.changes: done.
Successfully uploaded packages.

--
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0 EB2F 106D A1C8 C3CB BF14

Revision history for this message
git-ubuntu bot (git-ubuntu-bot) wrote :

Approvers: sergiodj, bryce
Uploaders: sergiodj, bryce
MP auto-approved

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index be86696..7592419 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
1exim4 (4.95-4ubuntu2.1) jammy; urgency=medium
2
3 * d/p/lp1974214-segfault-smtp-delivery-0{1,2}.patch: Fix segfault when
4 there's an SMTP delivery attempt following a deferral. (LP: #1974214)
5
6 -- Sergio Durigan Junior <sergio.durigan@canonical.com> Fri, 03 Jun 2022 17:51:15 -0400
7
1exim4 (4.95-4ubuntu2) jammy; urgency=medium8exim4 (4.95-4ubuntu2) jammy; urgency=medium
29
3 * d/p/lp1966923-exiqgrep-syntax-error.patch: Fix exiqgrep syntax error,10 * d/p/lp1966923-exiqgrep-syntax-error.patch: Fix exiqgrep syntax error,
diff --git a/debian/patches/lp1974214-segfault-smtp-delivery-01.patch b/debian/patches/lp1974214-segfault-smtp-delivery-01.patch
4new file mode 10064411new file mode 100644
index 0000000..1342ae6
--- /dev/null
+++ b/debian/patches/lp1974214-segfault-smtp-delivery-01.patch
@@ -0,0 +1,186 @@
1From: Jeremy Harris <jgh146exb@wizmail.org>
2Date: Thu, 19 May 2022 14:23:02 +0100
3Subject: GnuTLS: Do not free the cached creds on transport connection close.
4 Bug 2886
5
6Origin: upstream, https://git.exim.org/exim.git/commitdiff/8c74b00980bc7e3e479e8dfcd7c0008b2ac3f543
7Bug: https://bugs.exim.org/show_bug.cgi?id=2886
8Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/1974214
9Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004740
10---
11 confs/2011 | 72 ++++++++++++++++++++++++++++++++++++++++++++++++
12 log/2011 | 13 +++++++++
13 rejectlog/2011 | 3 ++
14 scripts/2000-GnuTLS/2011 | 20 ++++++++++++++
15 src/tls-gnu.c | 8 ++----
16 5 files changed, 111 insertions(+), 5 deletions(-)
17 create mode 100644 confs/2011
18 create mode 100644 log/2011
19 create mode 100644 rejectlog/2011
20 create mode 100644 scripts/2000-GnuTLS/2011
21
22diff --git a/confs/2011 b/confs/2011
23new file mode 100644
24index 0000000..eac8ccd
25--- /dev/null
26+++ b/confs/2011
27@@ -0,0 +1,72 @@
28+# Exim test configuration 2011
29+
30+SERVER=
31+
32+keep_environment = PATH:EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK
33+add_environment = SSLKEYLOGFILE=DIR/spool/sslkeys
34+exim_path = EXIM_PATH
35+host_lookup_order = bydns
36+spool_directory = DIR/spool
37+
38+.ifdef SERVER
39+log_file_path = DIR/spool/log/SERVER%slog
40+.else
41+log_file_path = DIR/spool/log/%slog
42+.endif
43+
44+gecos_pattern = ""
45+gecos_name = CALLER_NAME
46+dns_cname_loops = 9
47+chunking_advertise_hosts = *
48+
49+.ifdef _HAVE_PIPE_CONNECT
50+pipelining_connect_advertise_hosts = :
51+.endif
52+.ifdef _HAVE_DMARC
53+dmarc_tld_file =
54+.endif
55+.ifdef _EXP_LIMITS
56+limits_advertise_hosts = !*
57+.endif
58+
59+primary_hostname = test.ex
60+
61+# ----- Main settings -----
62+
63+acl_smtp_rcpt = check_rcpt
64+
65+log_selector = +received_recipients +dkim_verbose
66+queue_only
67+queue_run_in_order
68+
69+# ----- ACL -----
70+begin acl
71+
72+check_rcpt:
73+ defer hosts = HOSTIPV4
74+ accept
75+
76+# ----- Routers -----
77+
78+begin routers
79+
80+d0:
81+ driver = manualroute
82+ route_list = * "HOSTIPV4::PORT_D : 127.0.0.1::PORT_D"
83+ self = send
84+ transport = gsmtp
85+
86+# ----- Transports -----
87+
88+begin transports
89+
90+gsmtp:
91+ driver = smtp
92+ allow_localhost
93+ tls_verify_certificates = system
94+ hosts_require_tls = *
95+
96+begin retry
97+* * F,5d,10s
98+
99+# End
100diff --git a/log/2011 b/log/2011
101new file mode 100644
102index 0000000..f0fad26
103--- /dev/null
104+++ b/log/2011
105@@ -0,0 +1,13 @@
106+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@test.ex U=CALLER P=local S=sss for fred@test.net
107+1999-03-02 09:44:33 Start queue run: pid=pppp
108+1999-03-02 09:44:33 10HmaX-0005vi-00 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]: SMTP error from remote mail server after RCPT TO:<fred@test.net>: 451 Temporary local problem - please try later
109+1999-03-02 09:44:33 10HmaX-0005vi-00 => fred@test.net R=d0 T=gsmtp H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K C="250- 3nn byte chunk, total 3nn\\n250 OK id=10HmaY-0005vi-00"
110+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
111+1999-03-02 09:44:33 End queue run: pid=pppp
112+
113+******** SERVER ********
114+1999-03-02 09:44:33 Warning: No server certificate defined; will use a selfsigned one.
115+ Suggested action: either install a certificate or change tls_advertise_hosts option
116+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
117+1999-03-02 09:44:33 H=the.local.host.name (test.ex) [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no F=<CALLER@test.ex> temporarily rejected RCPT <fred@test.net>
118+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@test.ex H=localhost (test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss id=E10HmaX-0005vi-00@test.ex for fred@test.net
119diff --git a/rejectlog/2011 b/rejectlog/2011
120new file mode 100644
121index 0000000..b8ae22a
122--- /dev/null
123+++ b/rejectlog/2011
124@@ -0,0 +1,3 @@
125+
126+******** SERVER ********
127+1999-03-02 09:44:33 H=the.local.host.name (test.ex) [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no F=<CALLER@test.ex> temporarily rejected RCPT <fred@test.net>
128diff --git a/scripts/2000-GnuTLS/2011 b/scripts/2000-GnuTLS/2011
129new file mode 100644
130index 0000000..c5504c3
131--- /dev/null
132+++ b/scripts/2000-GnuTLS/2011
133@@ -0,0 +1,20 @@
134+# Cached CA bundle re-use
135+#
136+# Preload a message into spool
137+exim -odq fred@test.net
138+Subject: test
139+
140+this is a test
141+
142+****
143+#
144+# Server to work against
145+exim -DSERVER=server -bd -oX PORT_D
146+****
147+#
148+# Send message from spool
149+exim -q
150+****
151+#
152+killdaemon
153+no_msglog_check
154diff --git a/src/tls-gnu.c b/src/tls-gnu.c
155index 31327c8..01a04be 100644
156--- a/src/tls-gnu.c
157+++ b/src/tls-gnu.c
158@@ -1586,6 +1586,9 @@ return lifetime;
159 /* Preload whatever creds are static, onto a transport. The client can then
160 just copy the pointer as it starts up. */
161
162+/*XXX this is not called for a cmdline send. But one needing to use >1 conn would benefit,
163+and there seems little downside. */
164+
165 static void
166 tls_client_creds_init(transport_instance * t, BOOL watch)
167 {
168@@ -3061,8 +3064,6 @@ if (rc != GNUTLS_E_SUCCESS)
169 tls_error_gnu(state, US"gnutls_handshake", rc, errstr);
170 (void) gnutls_alert_send_appropriate(state->session, rc);
171 gnutls_deinit(state->session);
172- gnutls_certificate_free_credentials(state->lib_state.x509_cred);
173- state->lib_state = null_tls_preload;
174 millisleep(500);
175 shutdown(state->fd_out, SHUT_WR);
176 for (int i = 1024; fgetc(smtp_in) != EOF && i > 0; ) i--; /* drain skt */
177@@ -3749,9 +3750,6 @@ if (!ct_ctx) /* server */
178 }
179
180 gnutls_deinit(state->session);
181-gnutls_certificate_free_credentials(state->lib_state.x509_cred);
182-state->lib_state = null_tls_preload;
183-
184 tlsp->active.sock = -1;
185 tlsp->active.tls_ctx = NULL;
186 /* Leave bits, peercert, cipher, peerdn, certificate_verified set, for logging */
diff --git a/debian/patches/lp1974214-segfault-smtp-delivery-02.patch b/debian/patches/lp1974214-segfault-smtp-delivery-02.patch
0new file mode 100644187new file mode 100644
index 0000000..d99e3aa
--- /dev/null
+++ b/debian/patches/lp1974214-segfault-smtp-delivery-02.patch
@@ -0,0 +1,24 @@
1From: Jeremy Harris <jgh146exb@wizmail.org>
2Date: Thu, 19 May 2022 14:24:48 +0100
3Subject: ARC: reset headers before signing for secondary MX. Bug 2886
4
5Origin: upstream, https://git.exim.org/exim.git/commitdiff/5a8015582376ff3cc0c0d034d9237008b10d2164
6Bug: https://bugs.exim.org/show_bug.cgi?id=2886
7Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/1974214
8Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004740
9---
10 src/arc.c | 1 +
11 1 file changed, 1 insertion(+)
12
13diff --git a/src/arc.c b/src/arc.c
14index a68ab6e..b150d3a 100644
15--- a/src/arc.c
16+++ b/src/arc.c
17@@ -1531,6 +1531,7 @@ void
18 arc_sign_init(void)
19 {
20 memset(&arc_sign_ctx, 0, sizeof(arc_sign_ctx));
21+headers_rlist = NULL;
22 }
23
24
diff --git a/debian/patches/series b/debian/patches/series
index 5103fb5..1461ff3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -16,3 +16,5 @@
1690_localscan_dlopen.dpatch1690_localscan_dlopen.dpatch
17fix_smtp_banner.patch17fix_smtp_banner.patch
18lp1966923-exiqgrep-syntax-error.patch18lp1966923-exiqgrep-syntax-error.patch
19lp1974214-segfault-smtp-delivery-01.patch
20lp1974214-segfault-smtp-delivery-02.patch

Subscribers

People subscribed via source and target branches