Bug#315650: marked as done (exim4-daemon-heavy: TLS error (gnutls_handshake) - 4.51-1; was OK in 4.50-8)
Debian Bug Tracking System
owner@bugs.debian.org
Tue, 28 Jun 2005 13:03:26 -0700
Your message dated Tue, 28 Jun 2005 15:47:41 -0400
with message-id <E1DnM3Z-00064K-00@newraff.debian.org>
and subject line Bug#315650: fixed in exim4 4.51-2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 24 Jun 2005 11:34:43 +0000
>From calum.mackay@cdmnet.org Fri Jun 24 04:34:43 2005
Return-path: <calum.mackay@cdmnet.org>
Received: from nat6.sesnet.co.uk (cdmnet.org) [217.206.93.237]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DlmSG-0000oO-00; Fri, 24 Jun 2005 04:34:40 -0700
Received: from calum by cdmnet.org with local (Exim 4.51)
id 1DlmRg-0003Lq-NB; Fri, 24 Jun 2005 12:34:04 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Calum Mackay <calum.mackay@cdmnet.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: exim4-daemon-heavy: TLS error (gnutls_handshake) - 4.51-1; was OK in 4.50-8
X-Mailer: reportbug 3.15
Date: Fri, 24 Jun 2005 12:34:04 +0100
Message-Id: <E1DlmRg-0003Lq-NB@cdmnet.org>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: exim4-daemon-heavy
Version: 4.51-1
Severity: important
The problem here is some, but not all, incoming TLS emails getting
deferred:
2005-06-24 11:55:01 TLS error on connection from
host81-136-150-217.in-addr.btopenworld.com (thegerhards.com)
[81.136.150.217]:30228 (gnutls_handshake): A TLS fatal alert has been
received.
This coincided with (a few hours after) upgrading from 4.50-8 to 4.51-1.
I can reliably reproduce the problem on 4.51-1, within an hour or two.
With the previous 4.50-8 I have never seen the problem. Switching back and
forth between the versions reliably reproduces the problem (on 4.51-1).
For this reason, I believe this bug may be different than the two
existing, older, bugs #285371 & #297174, which affected previous releases
(where I never saw a problem).
I would note that not all incoming TLS traffic seems to be affected.
Somes sites' TLS traffic is deferred, others accepted. Outgoing TLS
traffic seems to be fine.
Running -d+all didn't provide any further information, unfortunately.
One other data point: 4.50-8 seems to reliably recreate the gnutls-params
file if it is removed, whereas I've noted that with 4.51-1 the file is
never created. Of course, this may just be a symptom of the problem.
Please let me know if I can provide more information.
cheers,
calum.
-- Package-specific info:
Exim version 4.51 #1 built 10-Jun-2005 19:02:02
Copyright (c) University of Cambridge 2005
Berkeley DB: Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
Support for: iconv() IPv6 PAM Perl GnuTLS Content_Scanning Old_Demime
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql
Authenticators: cram_md5 cyrus_sasl plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
dc_eximconfig_configtype='internet'
# Our primary hostname is in /etc/mailname
dc_other_hostnames='diz : cdmnet.org.uk : cdmnet.info : cdm.homelinux.org : dialachef.co.uk:cdmnet.org'
dc_local_interfaces=''
dc_readhost=''
dc_relay_domains='CONFDIR/relay.domains'
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname=''
dc_mailname_in_oh='true'
mailname:cdmnet.org
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.10
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages exim4-daemon-heavy depends on:
hi exim4-base 4.51-1 support files for all exim MTA (v4
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-19 Berkeley v4.2 Database Libraries [
ii libgnutls11 1.0.16-13.1 GNU TLS library - runtime library
ii libldap2 2.1.30-10 OpenLDAP libraries
ii libmysqlclient12 4.0.24-10 mysql database client library
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libpcre3 5.0-1.1 Perl 5 Compatible Regular Expressi
ii libperl5.8 5.8.7-3 Shared Perl library
ii libpq4 8.0.3-6 PostgreSQL C client library
ii libsasl2 2.1.19-1.5 Authentication abstraction library
exim4-daemon-heavy recommends no packages.
-- no debconf information
---------------------------------------
Received: (at 315650-close) by bugs.debian.org; 28 Jun 2005 19:51:59 +0000
>From katie@ftp-master.debian.org Tue Jun 28 12:51:59 2005
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DnM7j-0002yP-00; Tue, 28 Jun 2005 12:51:59 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DnM3Z-00064K-00; Tue, 28 Jun 2005 15:47:41 -0400
From: Andreas Metzler <ametzler@debian.org>
To: 315650-close@bugs.debian.org
X-Katie: $Revision: 1.56 $
Subject: Bug#315650: fixed in exim4 4.51-2
Message-Id: <E1DnM3Z-00064K-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Tue, 28 Jun 2005 15:47:41 -0400
Delivered-To: 315650-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 4
Source: exim4
Source-Version: 4.51-2
We believe that the bug you reported is fixed in the latest version of
exim4, which is due to be installed in the Debian FTP archive:
exim4-base_4.51-2_i386.deb
to pool/main/e/exim4/exim4-base_4.51-2_i386.deb
exim4-config_4.51-2_all.deb
to pool/main/e/exim4/exim4-config_4.51-2_all.deb
exim4-daemon-heavy_4.51-2_i386.deb
to pool/main/e/exim4/exim4-daemon-heavy_4.51-2_i386.deb
exim4-daemon-light_4.51-2_i386.deb
to pool/main/e/exim4/exim4-daemon-light_4.51-2_i386.deb
exim4_4.51-2.diff.gz
to pool/main/e/exim4/exim4_4.51-2.diff.gz
exim4_4.51-2.dsc
to pool/main/e/exim4/exim4_4.51-2.dsc
exim4_4.51-2_all.deb
to pool/main/e/exim4/exim4_4.51-2_all.deb
eximon4_4.51-2_i386.deb
to pool/main/e/exim4/eximon4_4.51-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 315650@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Metzler <ametzler@debian.org> (supplier of updated exim4 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 28 Jun 2005 19:35:35 +0200
Source: exim4
Binary: eximon4 exim4-daemon-custom exim4-daemon-heavy exim4-base exim4 exim4-daemon-light exim4-config
Architecture: source i386 all
Version: 4.51-2
Distribution: unstable
Urgency: low
Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
exim4 - metapackage to ease exim MTA (v4) installation
exim4-base - support files for all exim MTA (v4) packages
exim4-config - configuration for the exim MTA (v4)
exim4-daemon-heavy - exim MTA (v4) daemon with extended features, including exiscan-ac
exim4-daemon-light - lightweight exim MTA (v4) daemon
eximon4 - monitor application for the exim MTA (v4) (X11 interface)
Closes: 313023 313246 315173 315650 315656
Changes:
exim4 (4.51-2) unstable; urgency=low
.
* Fix typo in exiwhat.8. (am) Closes: #313246
* Clarify tls_verify_certificates documentation in
conf.d/main/03_exim4-config_tlsoptions. Thanks to Wenzhuo Zhang. (mh)
* Accept postmaster liberally for relay_to_domains. Thanks to
Roderick Schertler. (mh) Closes: #313023
* Improve update-exim4.conf's internal run-parts to warn about ignored files
if running in verbose-mode. (am) Closes: #315656
* Make it possible to purge a previously uninstalled exim4-suite if debconf
has between removed since. (am) Closes: #315173
- Stop useless sourcing of confmodule in exim4-config.postrm.
- Use debconf to ask about trashing the mailqueue if debconf is available,
keep the queue otherwise.
* exim failed to setup gnutls parameters if the gnutls-param file was
missing. This caused TLS breakage. (am) Closes: #315650
Files:
d4694b3b76fd073179bbba9242dcb855 1044 mail important exim4_4.51-2.dsc
19e0117803aaafccd730f5e029229964 468005 mail important exim4_4.51-2.diff.gz
5f1cd34c6f4656017ab56da80dbbec1d 832896 mail important exim4-base_4.51-2_i386.deb
0a2c3f066b388e383e5f9507b448e9b2 371356 mail important exim4-daemon-light_4.51-2_i386.deb
2803a283d4b487b23a7ec97d436e734c 79102 mail optional eximon4_4.51-2_i386.deb
9e00692a21e2f0e429d65563269f4bba 422182 mail optional exim4-daemon-heavy_4.51-2_i386.deb
3fc8a38ff3a4a1e3a3929a0e1c76340f 244774 mail important exim4-config_4.51-2_all.deb
d2bc65a94e6b5d0c18568fe2713b6756 1124 mail important exim4_4.51-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCwZNgHTOcZYuNdmMRAvpkAJ9XpuiWqVRayC8fLyu3sN4z7WYoTwCeISqw
x6jEMQTsmheNuTos6BxW6yY=
=WsjH
-----END PGP SIGNATURE-----