Bug#863520: cyrus-imapd version 2.5.10-3 Fatal error with SSL

[Gianluigi Tiesi]

Source: cyrus-imapd
Followup-For: Bug #863520

I have also problems with imaps, attached patch fixes the reported
problem, but I still to restart cyrus everyday because clients
are not able to connect anymore to the server.

reference bug here https://github.com/cyrusimap/cyrus-imapd/issues/1872


Regards


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
-------------- next part --------------
commit a1c917df8de04e108228f38f0010498bec3d81e8
Author: Bron Gondwana <brong at fastmail.fm>
Date:   Sun Apr 16 15:05:51 2017 +1000

    tls: make sure we never try to do DB ops on a zero-length key

diff --git a/imap/tls.c b/imap/tls.c
index 68131d87d..05def8469 100644
--- a/imap/tls.c
+++ b/imap/tls.c
@@ -518,11 +518,13 @@ static int new_session_cb(SSL *ssl __attribute__((unused)),
 	/* store the session in our database */
 
 	session_id = SSL_SESSION_get_id(sess, &session_id_length);
-	do {
-	    ret = cyrusdb_store(sessdb, (const char *) session_id,
-			    session_id_length,
-			    (const char *) data, len + sizeof(time_t), NULL);
-	} while (ret == CYRUSDB_AGAIN);
+        if (session_id_length) {
+	    do {
+	        ret = cyrusdb_store(sessdb, (const char *) session_id,
+			        session_id_length,
+			        (const char *) data, len + sizeof(time_t), NULL);
+	    } while (ret == CYRUSDB_AGAIN);
+        }
     }
 
     free(data);
@@ -551,6 +553,7 @@ static void remove_session(const unsigned char *id, int idlen)
     assert(id);
     assert(idlen <= SSL_MAX_SSL_SESSION_ID_LENGTH);
     
+    if (!idlen) return;
     if (!sess_dbopen) return;
 
     do {