157521 – mutt segfaults when trying to connect to imap server

Bug 157521 - mutt segfaults when trying to connect to imap server

Summary: mutt segfaults when trying to connect to imap server

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	mutt
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Bill Nottingham
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	171528 (view as bug list)
Depends On:
Blocks:	FC4Target
TreeView+	depends on / blocked

Reported:	2005-05-12 09:31 UTC by Sarantis Paskalis
Modified:	2014-03-17 02:53 UTC (History)
CC List:	10 users (show)
Fixed In Version:	1.4.2.1-4
Clone Of:
Environment:
Last Closed:	2005-10-25 02:18:25 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
mutt backtrace (1.09 KB, application/octet-stream) 2005-05-13 08:22 UTC, Sarantis Paskalis	no flags	Details
backtrace with cyrus-sasl-debuginfo installed (1.43 KB, text/plain) 2005-05-13 08:26 UTC, Sarantis Paskalis	no flags	Details
output of "openssl s_client -showcerts -connect cnl.di.uoa.gr:imaps" (3.44 KB, text/plain) 2005-05-21 08:20 UTC, Sarantis Paskalis	no flags	Details
full output of openssl commandline with "0001 LOGOUT" issued (3.54 KB, text/plain) 2005-05-21 08:23 UTC, Sarantis Paskalis	no flags	Details
coredump of the procedure (1012.00 KB, application/octet-stream) 2005-05-27 10:53 UTC, Sarantis Paskalis	no flags	Details
backtrace, cyrus imapd / gssapi (1.06 KB, text/plain) 2005-06-28 20:08 UTC, Need Real Name	no flags	Details
Fix, from the mutt devel tree (1.68 KB, patch) 2005-10-25 02:16 UTC, Bill Nottingham	no flags	Details \| Diff
View All

Description Sarantis Paskalis 2005-05-12 09:31:33 UTC

Description of problem:
mutt segfaults when trying to connect to a remote IMAP server.  Note that this
does not always happen, but when it does it seems repeatable.  The certificate
is also expired, but the only impact was that I had to always accept the
certificate.  Remote server runs RH 7.0 and the relevant imap service through
xinetd.

The series of messages is:

In the main screen-> 
   This certificate belongs to:
      xxxxxxxxxxxxxxx

   This certificate was issued by:
      xxxxxxxxxxxxxxx

   This certificate is valid
      from Aug 26 06:41:41 2002 GMT
        to Aug 26 06:41:41 2003 GMT

   Fingerprint: 1FE6 7164 31B7 84AE 2055 A9D6 35D5 4F90

In the status bar->  Mutt: SSL Certificate check
Below the status bar (in the following order)->
(r)eject, accept (o)nce, (a)ccept always
Certificate saved
SSL connection using TLSv1/SSLv3 (DES-CBC3-SHA)

Segmentation fault

After that sequence it used to ask for my password.


Version-Release number of selected component (if applicable):
mutt-1.4.2.1-2

How reproducible:
Sometimes, but if it occurs, it seems repeatable (i.e. it always crashes
afterwards).  I haven't observed a pattern.

Steps to Reproduce:
1. start mutt
2. try to connect to remote imap server
3. mutt segfaults in checking the SSL certificate.
  
Actual results:


Expected results:


Additional info: System was a FC3 box upgraded to rawhide through yum.

Comment 1 Bill Nottingham 2005-05-12 18:09:04 UTC

Can you install the debuginfo and get a backtrace?

Comment 2 Sarantis Paskalis 2005-05-13 08:22:24 UTC

Created attachment 114325 [details]
mutt backtrace

Attached a backtrace with mutt debuginfo installed.

Comment 3 Sarantis Paskalis 2005-05-13 08:26:43 UTC

Created attachment 114326 [details]
backtrace with cyrus-sasl-debuginfo installed

I noticed that the last function is called from /usr/lib/libsasl2.so.2, which
belongs to cyrus-sasl, so I also installed the cyrus-sasl-debuginfo rpm. 
Attached the (slightly) different backtrace.

Comment 4 Nalin Dahyabhai 2005-05-20 22:52:22 UTC

I can't reproduce this here with the same version of mutt pointed to a local
imaps server.  Can you connect to the server by running:
   openssl s_client -showcerts -connect SERVERNAME:imaps
issuing a "0001 LOGOUT" command, and attaching the output?  It shouldn't contain
anything sensitive (the certificate is by definition just the server's public
key), but it may shed some light on whether or not there's something specific
about the certificate which is causing mutt to segfault.

Comment 5 Sarantis Paskalis 2005-05-21 08:20:31 UTC

Created attachment 114663 [details]
output of "openssl s_client -showcerts -connect cnl.di.uoa.gr:imaps"

Attached output of the command.  

I should note again that it does not segfault reliably, and that it only
exhibits the breakage behavior with the specific imap server (connecting to
another imap server seems just fine).

Comment 6 Sarantis Paskalis 2005-05-21 08:23:29 UTC

Created attachment 114664 [details]
full output of openssl commandline with "0001 LOGOUT" issued

Comment 7 Sarantis Paskalis 2005-05-27 10:53:45 UTC

Created attachment 114902 [details]
coredump of the procedure

Comment 8 Markus Wigge 2005-06-15 08:57:50 UTC

Here we have the same problem on different hosts and it is reproducable.
Always when I try to connect to a remote IMAP-Server using
"mutt -f imap://<user>@host/INBOX"
I get asked if I accept the certificate and if I do so mutt segfaults.

Comment 9 Albert Strasheim 2005-06-16 00:05:44 UTC

Same problem when one has the following line ~/.muttrc:

set spoolfile=imap://albert.1.1/

This worked with mutt-1.4.1-10 in Fedora Core 3.

Comment 10 Bill Nottingham 2005-06-16 17:48:19 UTC

Albert/Markus - do you get the same backtrace?

Comment 11 Albert Strasheim 2005-06-16 21:13:27 UTC

I just tested again and now imap:// and imaps:// works. Strange. So somehow the
bug might be related to the IMAP server. I am running dovecot-0.99.14-4.fc4. I
also upgraded from FC3 -> FC4 (as opposed to a clean install). 

It is possible that I have rebooted or that I have restarted dovecot since
reporting this problem.

I noticed some changes in /etc/doveconf.conf between FC3 and FC4, specifically
these lines changed (FC4 version shown below):

ssl_cert_file = /etc/pki/dovecot/dovecot.pem
ssl_key_file = /etc/pki/dovecot/private/dovecot.pem

Comment 12 Albert Strasheim 2005-06-16 22:01:14 UTC

Cancel that. After having IMAP work for a while, it's segfaulting again now. I
haven't restarted dovecot or anything like that. I'll install the debug symbols
and see what is to be seen.

Comment 13 Albert Strasheim 2005-06-16 22:08:16 UTC

Same backtrace for me. In three consecutive runs under GDB it worked twice and
then failed.

Comment 14 Need Real Name 2005-06-28 20:04:52 UTC

Very similar backtrace for same mutt error for me, with the difference that I'm
talking to a cyrus imap server and using gssapi for authentication. The odd
thing is that I have one FC4 system where it segfaults every time, and another
where it segfaults maybe one in ten tries. Both were installed using the same
kickstart, so I'm baffled. I'll attach my stack trace if it helps.

Comment 15 Need Real Name 2005-06-28 20:08:34 UTC

Created attachment 116085 [details]
backtrace, cyrus imapd / gssapi

Comment 16 Markus Wigge 2005-07-15 07:06:19 UTC

Hi,
after I tested it again right now mutt works when I use "mutt -f imaps://", but
"mutt -f imap://" with the same host segfaults!
Seems to me that it can't handle "SSL" while the URI says "imap://".

Last time I checked it both URIs segfaulted.

Comment 17 Bill Nottingham 2005-10-24 20:24:12 UTC

*** Bug 171528 has been marked as a duplicate of this bug. ***

Comment 18 Need Real Name 2005-10-24 21:16:31 UTC

This seems to be fixed in mutt-1.4.2.1-3 from fedora development.

Comment 19 Kaj J. Niemi 2005-10-24 21:19:50 UTC

It's not, see #171528...

Comment 20 Need Real Name 2005-10-24 21:31:06 UTC

Correction: GSSAPI seems to be fixed in mutt-1.4.2.1-3

Comment 21 Bill Nottingham 2005-10-25 02:16:25 UTC

Created attachment 120334 [details]
Fix, from the mutt devel tree

Here's the fix.

Comment 22 Kenn Humborg 2005-10-25 07:30:38 UTC

Are there any plans to release this as an FC4 update?

Note You need to log in before you can comment on or make changes to this bug.