Re: Cyrus IMAP4 v2.1.18 no login via SSL

From: Lars Hanke (no email)
Date: Mon May 23 2005 - 19:22:57 EDT

  • Next message: Derrick J Brashear: "Re: Cyrus IMAP4 v2.1.18 no login via SSL"

    Derrick,

    >>
    >> telnet mail imap or openssl s_client -connect mail:imaps,
    >>
    >> but in the first case it returns well, in the latter it does only
    >> return, if the password is wrong. Otherwise, it hangs in running
    >> state eating lots of CPU time (99%).
    >>
    >> SASL uses the ldapdb backend to retrieve the password using ldaps. Is
    >> there anything prohibiting two simultaneous SSL connections for a
    >> single process?
    >
    >
    > If there were it should hang when the password is wrong, also, rather
    > than being able to return a message to you.

    Well, this is supported by my findings from yesterday, i.e. lookup in
    the auxprop plugin backend appears to work OK.

    >> Can somebody with deeper SASL understanding give me some hint?
    >
    > Well, what's it doing? I assume it's select()ing waiting for an answer.

    select() would do schedule(), i.e. would not eat CPU, would it?

    > Is attaching with a debugger and getting a backtrace possible?

    On the long term ... actually I've installed more development stuff I've
    ever wanted to on this machine, it's a server, though! It's currently a
    simple thing to replace single binaries by recompiles with extra
    logging. Something I can manage for the night.

    Imapd is spawned from cyrus-master, which takes the socket connect, I
    believe. I would have to trace the master and follow into the child
    through fork. Never tried such things, to be honest.

    Regards,
     - lars.


  • Next message: Derrick J Brashear: "Re: Cyrus IMAP4 v2.1.18 no login via SSL"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD