------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=881
Summary: Socket descriptor leak in dovecot authenticator /
Dovecot authenticator failure [PATCH]
Product: Exim
Version: 4.69
Platform: All
OS/Version: All
Status: NEW
Keywords: work:tiny
Severity: bug
Priority: high
Component: SMTP Authentication
AssignedTo: nigel@???
ReportedBy: alexander@???
CC: exim-dev@???
I have problems with the dovecot authenticator not working if the user mistypes
her password the first time (using Thunderbird 2 as a client). Even if the
correct password is given the second time, the current authentication code
fails with the following log message:
2009-08-21 04:31:14 dovecot_login authenticator failed for
adsl-99-147-160-74.ds
l.lgtpmi.sbcglobal.net (Schneeweisschen-II.local) [99.147.160.74]: 435 Unable
to
authenticate at present: authentication socket read error or premature eof
At the same time, dovecot logs this:
Aug 21 04:31:10 hotzenplotz dovecot: auth(default): BUG: Authentication client
g
ave a PID 55886 of existing connection
Note that authentication is set up correctly, as logging in to dovecot via IMAP
works, as well as hitting cancel in Thunderbird (causing the SMTP connection to
be dropped) and then resends the message typing in the correct password at the
first try.
I googled around a bit, and somewhere on a dovecot mailing list (can't remember
the URL, sorry) the author suggested that this means that dovecot is opening
sockets to quickly, such that dovecot couldn't notice that the old one was
closed yet, and suggested exim should recycle the same socket.
That sounded a bit fishy, in particular since things still fail, even if I wait
2 minutes with entering the password the second time.
So I looked at the code in dovecot.c, and I think there is a close(fd) missing
right before the last line. In the authenticator code, each time it is called a
new socket is created in a local variable fd by calling socket() and it is then
connected. But there seems to be no corresponding close(). Obviously this is
draining system resources, but it also causes the problem I described above.
Simply adding a call to close() before returning solved the issue completely
for me.
If needed, I can create a patch file, but it's really easy to fix, just add
close(fd); at the very end of dovecot.c, just before returning (that's safe
since we never reach it if socket() fails).
I know nothing about the exim source, but from what I saw in dovecot.c, the
more advanced (and likely more efficient) solution may be to cache the file
descriptor for the connected socket in the options_block. For that to work, the
missing response handling (see /* FIXME: add proper response handling */ in
dovecot.c) would probably need to be implemented.
There may also be issues with concurrent access (i.e. two authentication
requests from different clients at the same time) to the same socket, but I
simply don't know enough about the internals of exim to comment on that.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
