Red Hat Bugzilla – Bug 115284
(openssl or kernel) dovecot crashes with ssl error message
Last modified: 2007-11-30 17:10:36 EST
Description of problem:
Dovecot crashes with the following error message:
imap-login: RAND_bytes() failed: error:24064064:random number
generator:SSLEAY_RAND_BYTES:PRNG not seeded
and with the next login attempt from the same machine
dovecot: Login process died too early - shutting down
The user is using "KMail" and checks every minute for mail.
Version-Release number of selected component (if applicable):
How reproducible: Always
I'm not seeing this at all. Do you have anything away from the
defaults in your dovecot.conf?
I'm seeing this same error. I've switched to ~/Maildir and postfix.
But apart from that I have a standard setup. I'll attach my dovecot.conf
Created attachment 98061 [details]
Dovecot.conf for machine which crashed.
This crash happens very rarely. There's some mention of it here:
This happend to our dovecot server as well. See log below. As far as I
know we don't have any users using KMail.
imap-login: Mar 30 08:08:00 Fatal: RAND_bytes() failed:
error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded
dovecot: Mar 30 08:08:00 Error: Login process died too early -
dovecot: Mar 30 08:08:00 Error: child 21354 (login) returned error 89
Today this crash happend 2 times and counting :-/
I am attaching my dovecot.conf as well.
I see that the status is NEEDINFO - is there anything else I could do
to help get this fixed?
Created attachment 99035 [details]
I too have had this problem occur recently on 2 different servers that
I just switched from stock imap to dovecot. They happened 1 day apart
all within 3 days of switching to dovecot. Another 3rd machine I
manage has been running dovecot for 1 week with the exact same
configuration with zero errors so far.
protocols = imap imaps pop3 pop3s
imap_listen = *
pop3_listen = *
ssl_cert_file = /usr/share/ssl/certs/dovecot.pem
ssl_key_file = /usr/share/ssl/private/dovecot.pem
login_dir = /var/run/dovecot-login
login = imap
login_process_per_connection = yes
login = pop3
first_valid_uid = 300
maildir_copy_with_hardlinks = yes
mbox_locks = fcntl
umask = 0027
auth = default
auth_mechanisms = plain
auth_userdb = passwd
auth_passdb = pam
auth_user = root
It's happened again for me. So that's a good 2 months since the last
Apr 21 14:58:53 mithrandir imap-login: Login: michael [127.0.0.1]
Apr 21 14:58:53 mithrandir imap-login: RAND_bytes() failed:
error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded
Apr 21 14:58:53 mithrandir dovecot: Login process died too early -
Apr 21 14:58:53 mithrandir dovecot: child 14926 (login) returned error 89
Happening to me, on two servers, both Fedora Core 1.0. About 20
users. Works find most of the time, but dovecot crashes about once a
day, sometimes several times, sometimes not at all. I'm running a
cron job every minute to check for dovecot and restart it as needed.
The sshd and mod_ssl seem to work fine.
I don't know SSL stuff very well, but it seems to be related to
/dev/urandom - entropy starvation maybe?
# cat /proc/version
Linux version 2.4.22-1.2115.nptlsmp (firstname.lastname@example.org)
(gcc version 3.2.3 20030422 (Red Hat Linux 3.2.3-6)) #1 SMP Wed Oct 29
15:30:09 EST 2003
# rpm -q openssl
# rpm -q dovecot
Created attachment 100137 [details]
I've had the same problem using Fedora core 1. My dovecot.conf is attached.
[root@mail log]# rpm -q dovecot openssl openssl096 glibc
I do not experience this using a Rawhide version dovecot-0.99.10.4-3
under either Red Hat 9 or Fedora Core 1, but did experience it using
the stock Fedora Core 1 package dovecot-0.99.10-6. I am also using SSL
Those of you experiencing problems: Do you have more than one version
of libssl installed? Strange crashes can occur if some
applications/libraries use 0.9.6 and others use 0.9.7 concurrently -
even if they are not linked together.
Adding Nalin to CC as he is the openssl maintainer and I want his input.
In dovecot this error seems to be generated here:
src/login-common/ssl-proxy-openssl.c line 447
/* PRNG initialization might want to use /dev/urandom, make sure it
does it before chrooting. */
if (RAND_bytes(&buf, 1) != 1)
i_fatal("RAND_bytes() failed: %s\n", ssl_last_error());
RAND_bytes is in the openssl library and if this fails dovecot fails
so I don't think this is dovecot issue (or at least not yet).
I briefly looked at the RAND_bytes implemtation all the all places
where openssl generates "PRNG not seeded" error message but it was a
bit opaque to me, Nalin I believe you own openssl, are you familar
with this problem? Is there any reason to believe this is dovecot
related, or is this a general failure of openssl?
# rpm -qa | grep -i ssl | sort
There are just
with /lib/libssl.so.4 -> libssl.so.0.9.7a.
The RAND_bytes man page of the openssl-devel package says:
"RAND_bytes() puts num cryptographically strong pseudo-random bytes
into buf. An error occurs if the PRNG has not been seeded with enough
randomness to ensure an unpredictable byte sequence."
which seems to be the case here. Need some openssl expert on this
matter. I tried to strace the whole thing, but after more than 3 weeks
without the error I gave up. The above comment (written at the same
time a mine) seems to point the right direction (IMHO).
(You may want to read the entire thread though...)
I tried using the rawhide version dovecot-0.99.10.4-3. It crashed 2
times within the first hour which isn't unsual.
The I applied Timo's second patch (The one in 003316 above). After 24
hours no crashes :-)
Since I would expect 5-10 crashes on a working day this looks promising!
dovecot-0.99.10.4-4 is what will be shipping in FC2, which contains
three patches from Timo during last week. Unfortunately it seems at
least one maildir user had new problems with -4 while -3 was fine.
Due the maildir crash issue, and the SSL crash issue, it appears that
we need to sort this stuff out and prepare a very well tested update
for FC2 later this month.
I personally have been using this on FC1 with SSL with perfect
stability through RH9 and FC1's lifetime. But now I realized that I
am using my own custom vanilla upstream 2.4 kernel. This supports
Timo's finding that this may be a problem with FC1's 2.4 kernel
/dev/urandom. Nalin said something about running out of entropy. Any
status update on this?
Well, the SSL related crash seems to be fixed with Timo's patch as I
noted in comment #16.
Now I have 8 days of uptime with it - it used to crash serveral times
It don't think the patch made it into the rpm yet though.
Timo, is that patch a proper general fix, or rather an ugly hack to
workaround Fedora's openssl or kernel problem? Will future releases
of dovecot contain that patch?
Do you recommend FC's dovecot to be patched in that way?
It doesn't crash anymore, but I think it instead just fails SSL
connections since it doesn't have enough entropy.
I'm currently assuming this is all because Redhat kernel has some
/dev/urandom change that makes it possible that read()ing it returns
less bytes than requested. OpenSSL library then doesn't try reading
more and fails instead. So the problem could be fixed in either of them.
Maybe OpenSSL library fix would be better as it's logic currently is a
bit broken.. There's this workaround: if (t.tv_usec == 10*1000)
t.tv_usec=0; which is triggered with Linux every time as select()
doesn't spend any time waiting for data and so tv_usec isn't updated.
How about this attached patch.
Created attachment 100326 [details]
I think the /dev/urandom change isn't in the current FC2/3 2.6.x
kernels so the patch is unnecessary.