Bug#511198: exim4-base: Bad parameter handling of exim4_refresh_gnutls-params

emfau at t-online.de emfau at t-online.de
Thu Jan 8 10:30:53 UTC 2009 

Package: exim4-base
Version: 4.63-17
Severity: normal

This is probably not a problem for "normal" usage of the package, but there is
an error in the way exim4_refresh_gnutls-params handles input parameters. When
specifying a configuration file as argument it will be correctly processed

    CONF_FILE=/etc/exim4/configure
    if [ $# -gt 0 ] ; then
      CONF_FILE=$1
    fi

but later on the line

    TIMEOUT=${1:-1800}

will also evaluate to the configuration file's full path. As a consequence

    /usr/share/exim4/timeout.pl "$TIMEOUT" /usr/bin/openssl gendh 1024 \
    	> "$tempgnutls" 2> /dev/null

will silently fail and no update of the TLS parameters ever happens.

An easy fix for my case is below, but my patch might be inappropriate as this
will produce an error for all invocations of using exim4_refresh_gnutls-params
specifying only a timeout.

--- exim4_refresh_gnutls-params.orig    2009-01-07 00:10:19.639332073 +0100
+++ exim4_refresh_gnutls-params 2009-01-07 00:10:46.172990323 +0100
@@ -9,6 +9,7 @@
   CONF_FILE=/etc/exim4/configure
   if [ $# -gt 0 ] ; then
          CONF_FILE=$1
+       shift
   fi

   # regenerate $EXIM4_SPOOLDIR/gnutls-params

-- Package-specific info:
Exim version 4.63 #1 built 20-Jan-2007 10:42:32
Copyright (c) University of Cambridge 2006
Berkeley DB: Sleepycat Software: Berkeley DB 4.3.29: (September  6, 2005)
Support for: crypteq iconv() IPv6 PAM Perl GnuTLS move_frozen_messages
Content_Scanning Old_Demime
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch
ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite
Authenticators: cram_md5 cyrus_sasl plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /etc/submission/configure
--?

As the machine running the exim installation is a production box and has no
reportbug installed I tried to manually create the proper format for the bug
report, so please excuse me if it is important details.

Michael

-- Pkg-exim4-maintainers mailing list 
Pkg-exim4-maintainers at lists.alioth.debian.org 
http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-maintainers

-- 
Pkg-exim4-maintainers mailing list
Pkg-exim4-maintainers at lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-maintainers

More information about the Pkg-exim4-maintainers mailing list