Hi,
I am running mutt from the official Ubuntu Hardy repository on a x86_64
server. As of today, mutt is no longer able to remember previously
accepted SSL certificates and is unable to the certificate_file.
When I remove the default $certificate_file, first time I startup mutt
it will present me with some details of the certificate and asks me to
reject it, accept it once or accept it permanently. When I choose the
latter, I can proceed using mutt. Then, after closing and restarting
mutt, it will show me the certificate again, it will ask me the same
question, but it's no longer possible to save it. It will barf back a
warning: "couldn't save certificate".
I can't think of a reason for this to suddenly popup. Certificate hasn't
changed, I haven't made a change to mutt or it's environment (or at
least, I can remember...).
A small snippet from a strace:
| write(1, "\33[H\33[0;10;1m\33[33m\33[41m-- Mutt: TLS/SSL Certificate
check\33[K\r\n\33[0;10m\33[37mThis certificate belongs to:\r\n
| rejo.zenger.nl\r\n rej"..., 565) = 565
| rt_sigaction(SIGINT, {0x4645d0, [], SA_RESTORER, 0x7f536d000100}, NULL, 8) = 0
| read(0, "a", 1) = 1
| rt_sigaction(SIGINT, {0x4645d0, [], SA_RESTORER|SA_RESTART, 0x7f536d000100},
NULL, 8) = 0
| open("/home/rejo/.mutt_certificates", O_WRONLY|O_CREAT|O_APPEND, 0666) = 5
| fstat(5, {st_mode=S_IFREG|0600, st_size=2538, ...}) = 0
| mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f536c2fc000
| fstat(5, {st_mode=S_IFREG|0600, st_size=2538, ...}) = 0
| lseek(5, 2538, SEEK_SET) = 2538
| close(5) = 0
| munmap(0x7f536c2fc000, 4096) = 0
| write(1, "\7", 1) = 1
| write(1, "\r\33[43d\33[31mWarning: Couldn\'t save
certificate\33[37m\33[K\33[39m\33[0;10m", 65) = 65
| rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
| rt_sigaction(SIGCHLD, NULL, {0x464260, [],
SA_RESTORER|SA_RESTART|SA_NOCLDSTOP, 0x7f536d000100}, 8) = 0
| rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
| nanosleep({2, 0}, {2, 0}) = 0
| write(1, "\r\33[37mSSL/TLS connection using TLS 1.0 (DHE RSA/AES 256
CBC/SHA)\33[39m\33[0;10m", 76) = 76
The file to save it to does exist, seems to be a correctly formatted
file and has the right permissions:
| rejo@trillian:~$ head -4 /home/rejo/.mutt_certificates
| #H localhost 816B 21E4 F1D3 EFF6 9D30 085E 524B DEFC
| -----BEGIN CERTIFICATE-----
| MIIDXDCCAsWgAwIBAgIJAKedR4iKYzkZMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNV
| BAYTAk5MMQswCQYDVQQIEwJaSDESMBAGA1UEBxMJUm90dGVyZGFtMRAwDgYDVQQK
| rejo@trillian:~$ ls -la .mutt_certificates
| -rw------- 1 rejo rejo 2538 2009-07-09 17:51 .mutt_certificates
| rejo@trillian:~$ lsattr .mutt_certificates
| ------------------ .mutt_certificates
Now, I have found others having the same problem. But, apart from a few
workarounds, I haven't been able to find the real cause (and the proper
solution).
So, for one reason or another mutt is unable to find the alredy present
certificate in the file and is then unable to add. Anyone sees why this
happens?
--
Rejo Zenger . <rejo@xxxxxxxxx> . 0x21DBEFD4 . <https://rejo.zenger.nl>
GPG encrypted e-mail prefered.
Attachment:
signature.asc
Description: Digital signature