Bug#285371: exim4-daemon-heavy: gnutls-params not being re-created and hangs STARTTLS connections
Yazz D. Atlas
"Yazz D. Atlas" <yazz@230volts.net>, 285371@bugs.debian.org
Sun, 12 Dec 2004 13:29:02 -0800
Package: exim4-daemon-heavy
Version: 4.34-9
Severity: important
Recently I upgrade and now for some reason one of my machine has stopped
creating the /var/spool/exim4/gnutls-params file after the
/etc/cron.daily/exim4-base removes it.
The file never is regenerated. So when a client connects expecting TLS
the client hangs waiting for exim4 to send it the TLS go ahead.
# swaks -t yazz@230volts.net -f yazz@230volts.net -s ruroni.230volts.net -tls
=== Trying ruroni.230volts.net:25...
=== Connected to ruroni.230volts.net.
<- 220 ruroni.230volts.net ESMTP Exim 4.34 Sun, 12 Dec 2004 12:52:40
-0800
-> EHLO exodus.230volts.net
<- 250-ruroni.230volts.net Hello exodus.230volts.net [66.35.250.245]
<- 250-SIZE 10485760
<- 250-EXPN
<- 250-PIPELINING
<- 250-AUTH PLAIN LOGIN CRAM-MD5
<- 250-STARTTLS
<- 250 HELP
-> STARTTLS
It just waits right there spinning away.
I have a second machine running the same version and it has no
problem generating the needed file on the fly. I'm stumped to why this
is happening and not really sure how I can even find out what the
problem is. Any help would be great.
On the machine NOT working I have theses installed
# dpkg -l |grep gnutls
ii gnutls-bin 1.0.16-13 GNU TLS library - commandline
utilities
ii libgnutls10 1.0.4-8 GNU TLS library - runtime library
ii libgnutls11 1.0.16-13 GNU TLS library - runtime library
ii libgnutls5 0.8.8-2 GNU TLS library - runtime library
ii libgnutls7 0.8.12-7 GNU TLS library - runtime library
On the working machine I have the same versions.
My only solution right now it to comment out the line in the cron.daily
script that removes the file in the first place but that isn't really a
long time fix.
TIA,
Yazz
-- Package-specific info:
Exim version 4.34 #1 built 07-Dec-2004 14:01:09
Copyright (c) University of Cambridge 2004
Berkeley DB: Sleepycat Software: Berkeley DB 3.2.9: (May 26, 2004)
Support for: iconv() IPv6 PAM Perl GnuTLS
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Contains exiscan-acl patch revision 21 (c) Tom Kistner [http://duncanthrax.net/exiscan/]
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# comments will be lost.
dc_eximconfig_configtype='internet'
dc_local_interfaces='0.0.0.0.25 : 127.0.0.1.10025'
dc_other_hostnames='230volts.net:230volts.com:230volts.org:antiochsucks.com:bashmaster.org:bashmaster.com:bashmaster.net:pornforge.com:pornforge.org:pornforge.net'
dc_readhost=''
dc_relay_domains='tangent.org'
dc_relay_nets=''
dc_smarthost=''
dc_minimaldns='false'
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname=''
mailname:230volts.net
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-1-686-smp
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages exim4-daemon-heavy depends on:
ii exim4-base 4.34-9 EXperimental Internal Mailer -- a
ii libc6 2.3.2.ds1-19 GNU C Library: Shared libraries an
ii libdb3 3.2.9-20 Berkeley v3 Database Libraries [ru
ii libgnutls11 1.0.16-13 GNU TLS library - runtime library
ii libldap2 2.1.30-3 OpenLDAP libraries
ii libmysqlclient10 3.23.56-2 LGPL-licensed client library for M
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libpcre3 4.5-1.1 Perl 5 Compatible Regular Expressi
ii libperl5.8 5.8.4-4 Shared Perl library
ii libpq3 7.4.6-5 PostgreSQL C client library
-- no debconf information