Re: SEGFAULT in opendkim

From: Christian Rößner <>
Date: Fri, 18 Jan 2013 00:08:04 +0100


> This is a known problem for installations that use openldap with opendkim. openldap goes through some steps to ensure that libcrypto is set up with mutexes as openssl requires, but opendkim does the same set of steps; during shutdown, both of them call the opposite routine to free those resources but that results in a double-free and/or heap corruption, and you get this crash.
> I contend that openldap shouldn't be doing this; libraries shouldn't be initializing each other, as that's the job of the application. But understanding that openldap is probably not as agile as we are and may disagree, opendkim 2.8.0 includes the option to skip the libcrypto setup steps in order to avoid this problem.
> I will be starting 2.8.0 betas soon, so you can give this option a try in the near future.

thank you very much for your answer. I am looking forward for testing :) This is a nasty bug for me, as it triggers a grsec protection :)

If you have a patch that would also work for 2.7.4 that would be great. So I could stabilize that release. Would this be possible or is it too much changes between 2.7.4 and upcoming 2.8.0?

Kind regards

-Christian Rößner

[*] sys4 AG, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich
Received on Thu Jan 17 2013 - 23:08:15 PST

This archive was generated by hypermail 2.3.0 : Thu Jan 17 2013 - 23:18:02 PST