[ports] Bug in Alpine TLS patch applied in 6.7 (ports/mail/alpine)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[ports] Bug in Alpine TLS patch applied in 6.7 (ports/mail/alpine)

Jussi Laako
Hi,

I had a problem that with Thunderbird / mobile clients accessing
alpine-based imapd server (imap-uw) over SSL/TLS, eventually the imapd
server process goes into busy-loop consuming all possible CPU time.
After a while the server was crawling with some tens or hundreds of
busy-looping imapd processes.

I found out that this is caused by the TLS patch that was added in 6.7
with header "Add workarounds to fix alpine with TLSv1.3". Involving
following patch:
patch-imap_src_osdep_unix_ssl_unix_c

Removing this patch makes the problem go away. So I have to conclude
there's a problem in this patch. I suspect it may be related to
connection termination time. But I don't know enough about this TLS
implementation and API to know how to fix this.


Best regards,

        - Jussi

Reply | Threaded
Open this post in threaded view
|

Re: [ports] Bug in Alpine TLS patch applied in 6.7 (ports/mail/alpine)

Stuart Henderson
On 2020-09-10, Jussi Laako <[hidden email]> wrote:

> Hi,
>
> I had a problem that with Thunderbird / mobile clients accessing
> alpine-based imapd server (imap-uw) over SSL/TLS, eventually the imapd
> server process goes into busy-loop consuming all possible CPU time.
> After a while the server was crawling with some tens or hundreds of
> busy-looping imapd processes.
>
> I found out that this is caused by the TLS patch that was added in 6.7
> with header "Add workarounds to fix alpine with TLSv1.3". Involving
> following patch:
> patch-imap_src_osdep_unix_ssl_unix_c
>
> Removing this patch makes the problem go away. So I have to conclude
> there's a problem in this patch. I suspect it may be related to
> connection termination time. But I don't know enough about this TLS
> implementation and API to know how to fix this.
>
>
> Best regards,
>
> - Jussi
>
>

Which (if any) syspatches do you have - if not all of them, does that
help?

Please reply on ports@ where there's a higher chance the right people
will see your mail (I've set followup-to, hopefully gmane will convert
that into reply-to but I'm not 100% sure..)