X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/0ed25f66ccc56d56b3b5b7d64f4537bafbb42697..9fa4d5b45f70b36a46c0d04381a5e05cb39ae3e9:/src/src/arc.c diff --git a/src/src/arc.c b/src/src/arc.c index 06ca93736..c266849ca 100644 --- a/src/src/arc.c +++ b/src/src/arc.c @@ -21,6 +21,11 @@ extern pdkim_ctx * dkim_verify_ctx; extern pdkim_ctx dkim_sign_ctx; +#define ARC_SIGN_OPT_TSTAMP BIT(0) +#define ARC_SIGN_OPT_EXPIRE BIT(1) + +#define ARC_SIGN_DEFAULT_EXPIRE_DELTA (60 * 60 * 24 * 30) /* one month */ + /******************************************************************************/ typedef struct hdr_rlist { @@ -84,8 +89,11 @@ typedef struct arc_ctx { #define HDR_AR US"Authentication-Results:" #define HDRLEN_AR 23 +static time_t now; +static time_t expire; static hdr_rlist * headers_rlist; static arc_ctx arc_sign_ctx = { NULL }; +static arc_ctx arc_verify_ctx = { NULL }; /******************************************************************************/ @@ -135,7 +143,7 @@ for (pas = &ctx->arcset_chain, prev = NULL, next = ctx->arcset_chain; } DEBUG(D_acl) debug_printf("ARC: new instance %u\n", i); -*pas = as = store_get(sizeof(arc_set)); +*pas = as = store_get(sizeof(arc_set), FALSE); memset(as, 0, sizeof(arc_set)); as->next = next; as->prev = prev; @@ -193,7 +201,7 @@ al->complete = h; if (!instance_only) { - al->rawsig_no_b_val.data = store_get(h->slen + 1); + al->rawsig_no_b_val.data = store_get(h->slen + 1, TRUE); /* tainted */ memcpy(al->rawsig_no_b_val.data, h->text, off); /* copy the header name blind */ r = al->rawsig_no_b_val.data + off; al->rawsig_no_b_val.len = off; @@ -252,9 +260,10 @@ while ((c = *s)) while ((c = *++s) && c != ';') if (c != ' ' && c != '\t' && c != '\n' && c != '\r') g = string_catn(g, s, 1); + if (!g) return US"no b= value"; al->b.data = string_from_gstring(g); al->b.len = g->ptr; - gstring_reset_unused(g); + gstring_release_unused(g); bend = s; break; case 'h': /* bh= AMS body hash */ @@ -268,9 +277,10 @@ while ((c = *s)) while ((c = *++s) && c != ';') if (c != ' ' && c != '\t' && c != '\n' && c != '\r') g = string_catn(g, s, 1); + if (!g) return US"no bh= value"; al->bh.data = string_from_gstring(g); al->bh.len = g->ptr; - gstring_reset_unused(g); + gstring_release_unused(g); break; default: return US"b? tag"; @@ -375,9 +385,9 @@ static uschar * arc_insert_hdr(arc_ctx * ctx, header_line * h, unsigned off, unsigned hoff, BOOL instance_only) { -int i; +unsigned i; arc_set * as; -arc_line * al = store_get(sizeof(arc_line)), ** alp; +arc_line * al = store_get(sizeof(arc_line), FALSE), ** alp; uschar * e; memset(al, 0, sizeof(arc_line)); @@ -388,6 +398,7 @@ if ((e = arc_parse_line(al, h, off, instance_only))) return US"line parse"; } if (!(i = arc_instance_from_hdr(al))) return US"instance find"; +if (i > 50) return US"overlarge instance number"; if (!(as = arc_find_set(ctx, i))) return US"set find"; if (*(alp = (arc_line **)(US as + hoff))) return US"dup hdr"; @@ -488,7 +499,7 @@ const uschar * e; DEBUG(D_acl) debug_printf("ARC: collecting arc sets\n"); for (h = header_list; h; h = h->next) { - r = store_get(sizeof(hdr_rlist)); + r = store_get(sizeof(hdr_rlist), FALSE); r->prev = rprev; r->used = FALSE; r->h = h; @@ -631,6 +642,7 @@ arc_ams_setup_vfy_bodyhash(arc_line * ams) int canon_head, canon_body; long bodylen; +if (!ams->c.data) ams->c.data = US"simple"; /* RFC 6376 (DKIM) default */ pdkim_cstring_to_canons(ams->c.data, ams->c.len, &canon_head, &canon_body); bodylen = ams->l.data ? strtol(CS string_copyn(ams->l.data, ams->l.len), NULL, 10) : -1; @@ -759,24 +771,26 @@ arc_headers_check(arc_ctx * ctx) arc_set * as; int inst; BOOL ams_fail_found = FALSE; -uschar * ret = NULL; -if (!(as = ctx->arcset_chain)) +if (!(as = ctx->arcset_chain_last)) return US"none"; -for(inst = 0; as; as = as->next) +for(inst = as->instance; as; as = as->prev, inst--) { - if ( as->instance != ++inst - || !as->hdr_aar || !as->hdr_ams || !as->hdr_as - || arc_cv_match(as->hdr_as, US"fail") - ) - { - arc_state_reason = string_sprintf("i=%d fail" - " (cv, sequence or missing header)", as->instance); - DEBUG(D_acl) debug_printf("ARC %s\n", arc_state_reason); - ret = US"fail"; - } + if (as->instance != inst) + arc_state_reason = string_sprintf("i=%d (sequence; expected %d)", + as->instance, inst); + else if (!as->hdr_aar || !as->hdr_ams || !as->hdr_as) + arc_state_reason = string_sprintf("i=%d (missing header)", as->instance); + else if (arc_cv_match(as->hdr_as, US"fail")) + arc_state_reason = string_sprintf("i=%d (cv)", as->instance); + else + goto good; + + DEBUG(D_acl) debug_printf("ARC chain fail at %s\n", arc_state_reason); + return US"fail"; + good: /* Evaluate the oldest-pass AMS validation while we're here. It does not affect the AS chain validation but is reported as auxilary info. */ @@ -788,23 +802,29 @@ for(inst = 0; as; as = as->next) arc_oldest_pass = inst; arc_state_reason = NULL; } +if (inst != 0) + { + arc_state_reason = string_sprintf("(sequence; expected i=%d)", inst); + DEBUG(D_acl) debug_printf("ARC chain fail %s\n", arc_state_reason); + return US"fail"; + } arc_received = ctx->arcset_chain_last; -arc_received_instance = inst; -if (ret) - return ret; +arc_received_instance = arc_received->instance; /* We can skip the latest-AMS validation, if we already did it. */ as = ctx->arcset_chain_last; -if (as->ams_verify_done && !as->ams_verify_passed) +if (!as->ams_verify_passed) { - arc_state_reason = as->ams_verify_done; - return US"fail"; + if (as->ams_verify_done) + { + arc_state_reason = as->ams_verify_done; + return US"fail"; + } + if (!!arc_ams_verify(ctx, as)) + return US"fail"; } -if (!!arc_ams_verify(ctx, as)) - return US"fail"; - return NULL; } @@ -966,16 +986,13 @@ return NULL; static const uschar * arc_verify_seals(arc_ctx * ctx) { -arc_set * as = ctx->arcset_chain; +arc_set * as = ctx->arcset_chain_last; if (!as) return US"none"; -while (as) - { - if (arc_seal_verify(ctx, as)) return US"fail"; - as = as->next; - } +for ( ; as; as = as->prev) if (arc_seal_verify(ctx, as)) return US"fail"; + DEBUG(D_acl) debug_printf("ARC: AS vfy overall pass\n"); return NULL; } @@ -990,9 +1007,10 @@ Return: The ARC state, or NULL on error. const uschar * acl_verify_arc(void) { -arc_ctx ctx = { NULL }; const uschar * res; +memset(&arc_verify_ctx, 0, sizeof(arc_verify_ctx)); + if (!dkim_verify_ctx) { DEBUG(D_acl) debug_printf("ARC: no DKIM verify context\n"); @@ -1006,7 +1024,7 @@ https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-10#section-6 none, the ARC state is "none" and the algorithm stops here. */ -if ((res = arc_vfy_collect_hdrs(&ctx))) +if ((res = arc_vfy_collect_hdrs(&arc_verify_ctx))) goto out; /* 2. If the form of any ARC set is invalid (e.g., does not contain @@ -1024,7 +1042,7 @@ if ((res = arc_vfy_collect_hdrs(&ctx))) then the chain state is "fail" and the algorithm stops here. */ -if ((res = arc_headers_check(&ctx))) +if ((res = arc_headers_check(&arc_verify_ctx))) goto out; /* 4. For each ARC-Seal from the "N"th instance to the first, apply the @@ -1066,7 +1084,7 @@ if ((res = arc_headers_check(&ctx))) the algorithm is complete. */ -if ((res = arc_verify_seals(&ctx))) +if ((res = arc_verify_seals(&arc_verify_ctx))) goto out; res = US"pass"; @@ -1082,7 +1100,7 @@ out: static hdr_rlist * arc_rlist_entry(hdr_rlist * list, const uschar * s, int len) { -hdr_rlist * r = store_get(sizeof(hdr_rlist) + sizeof(header_line)); +hdr_rlist * r = store_get(sizeof(hdr_rlist) + sizeof(header_line), FALSE); header_line * h = r->h = (header_line *)(r+1); r->prev = list; @@ -1102,8 +1120,7 @@ return r; /* Walk the given headers strings identifying each header, and construct -a reverse-order list. Also parse ARC-chain headers and build the chain -struct, retaining pointers into the string. +a reverse-order list. */ static hdr_rlist * @@ -1174,12 +1191,13 @@ arc_sign_append_aar(gstring * g, arc_ctx * ctx, const uschar * identity, int instance, blob * ar) { int aar_off = g ? g->ptr : 0; -arc_set * as = store_get(sizeof(arc_set) + sizeof(arc_line) + sizeof(header_line)); +arc_set * as = + store_get(sizeof(arc_set) + sizeof(arc_line) + sizeof(header_line), FALSE); arc_line * al = (arc_line *)(as+1); header_line * h = (header_line *)(al+1); g = string_catn(g, ARC_HDR_AAR, ARC_HDRLEN_AAR); -g = string_cat(g, string_sprintf(" i=%d; %s;\r\n\t", instance, identity)); +g = string_fmt_append(g, " i=%d; %s;\r\n\t", instance, identity); g = string_catn(g, US ar->data, ar->len); h->slen = g->ptr - aar_off; @@ -1239,7 +1257,10 @@ else if ( (errstr = exim_dkim_signing_init(privkey, &sctx)) || (errstr = exim_dkim_sign(&sctx, hm, &hhash, sig))) { - log_write(0, LOG_MAIN|LOG_PANIC, "ARC: %s signing: %s\n", why, errstr); + log_write(0, LOG_MAIN, "ARC: %s signing: %s\n", why, errstr); + DEBUG(D_transport) + debug_printf("private key, or private-key file content, was: '%s'\n", + privkey); return FALSE; } return TRUE; @@ -1262,7 +1283,7 @@ for (;;) g = string_catn(g, US"\r\n\t ", 5); } g = string_catn(g, US";\r\n", 3); -gstring_reset_unused(g); +gstring_release_unused(g); string_from_gstring(g); return g; } @@ -1273,7 +1294,7 @@ return g; static gstring * arc_sign_append_ams(gstring * g, arc_ctx * ctx, int instance, const uschar * identity, const uschar * selector, blob * bodyhash, - hdr_rlist * rheaders, const uschar * privkey) + hdr_rlist * rheaders, const uschar * privkey, unsigned options) { uschar * s; gstring * hdata = NULL; @@ -1281,7 +1302,7 @@ int col; int hashtype = pdkim_hashname_to_hashtype(US"sha256", 6); /*XXX hardwired */ blob sig; int ams_off; -arc_line * al = store_get(sizeof(header_line) + sizeof(arc_line)); +arc_line * al = store_get(sizeof(header_line) + sizeof(arc_line), FALSE); header_line * h = (header_line *)(al+1); /* debug_printf("%s\n", __FUNCTION__); */ @@ -1289,13 +1310,14 @@ header_line * h = (header_line *)(al+1); /* Construct the to-be-signed AMS pseudo-header: everything but the sig. */ ams_off = g->ptr; -g = string_append(g, 10, - ARC_HDR_AMS, - US" i=", string_sprintf("%d", instance), - US"; a=rsa-sha256; c=relaxed; d=", identity, /*XXX hardwired */ - US"; s=", selector, - US";\r\n\tbh=", pdkim_encode_base64(bodyhash), - US";\r\n\th="); +g = string_fmt_append(g, "%s i=%d; a=rsa-sha256; c=relaxed; d=%s; s=%s", + ARC_HDR_AMS, instance, identity, selector); /*XXX hardwired a= */ +if (options & ARC_SIGN_OPT_TSTAMP) + g = string_fmt_append(g, "; t=%lu", (u_long)now); +if (options & ARC_SIGN_OPT_EXPIRE) + g = string_fmt_append(g, "; x=%lu", (u_long)expire); +g = string_fmt_append(g, ";\r\n\tbh=%s;\r\n\th=", + pdkim_encode_base64(bodyhash)); for(col = 3; rheaders; rheaders = rheaders->prev) { @@ -1391,12 +1413,12 @@ return US"none"; static gstring * arc_sign_prepend_as(gstring * arcset_interim, arc_ctx * ctx, int instance, const uschar * identity, const uschar * selector, blob * ar, - const uschar * privkey) + const uschar * privkey, unsigned options) { gstring * arcset; arc_set * as; uschar * status = arc_ar_cv_status(ar); -arc_line * al = store_get(sizeof(header_line) + sizeof(arc_line)); +arc_line * al = store_get(sizeof(header_line) + sizeof(arc_line), FALSE); header_line * h = (header_line *)(al+1); gstring * hdata = NULL; @@ -1418,12 +1440,16 @@ blob sig; /* Construct the AS except for the signature */ -arcset = string_append(NULL, 10, +arcset = string_append(NULL, 9, ARC_HDR_AS, US" i=", string_sprintf("%d", instance), US"; cv=", status, US"; a=rsa-sha256; d=", identity, /*XXX hardwired */ - US"; s=", selector, /*XXX same as AMS */ + US"; s=", selector); /*XXX same as AMS */ +if (options & ARC_SIGN_OPT_TSTAMP) + arcset = string_append(arcset, 2, + US"; t=", string_sprintf("%lu", (u_long)now)); +arcset = string_cat(arcset, US";\r\n\t b=;"); h->slen = arcset->ptr; @@ -1486,6 +1512,14 @@ return pdkim_set_bodyhash(&dkim_sign_ctx, +void +arc_sign_init(void) +{ +memset(&arc_sign_ctx, 0, sizeof(arc_sign_ctx)); +} + + + /* A "normal" header line, identified by DKIM processing. These arrive before the call to arc_sign(), which carries any newly-created DKIM headers - and those go textually before the normal ones in the message. @@ -1513,7 +1547,8 @@ The dkim_exim_sign() function has already been called, so will have hashed the message body for us so long as we requested a hash previously. Arguments: - signspec Three-element colon-sep list: identity, selector, privkey + signspec Three-element colon-sep list: identity, selector, privkey. + Optional fourth element: comma-sep list of options. Already expanded sigheaders Any signature headers already generated, eg. by DKIM, or NULL errstr Error string @@ -1526,7 +1561,8 @@ Return value gstring * arc_sign(const uschar * signspec, gstring * sigheaders, uschar ** errstr) { -const uschar * identity, * selector, * privkey; +const uschar * identity, * selector, * privkey, * opts, * s; +unsigned options = 0; int sep = 0; header_line * headers; hdr_rlist * rheaders; @@ -1535,56 +1571,95 @@ int instance; gstring * g = NULL; pdkim_bodyhash * b; +expire = now = 0; + /* Parse the signing specification */ identity = string_nextinlist(&signspec, &sep, NULL, 0); selector = string_nextinlist(&signspec, &sep, NULL, 0); -if ( !*identity | !*selector +if ( !*identity || !*selector || !(privkey = string_nextinlist(&signspec, &sep, NULL, 0)) || !*privkey) { - log_write(0, LOG_MAIN|LOG_PANIC, "ARC: bad signing-specification (%s)", + log_write(0, LOG_MAIN, "ARC: bad signing-specification (%s)", !*identity ? "identity" : !*selector ? "selector" : "private-key"); - return NULL; + return sigheaders ? sigheaders : string_get(0); } if (*privkey == '/' && !(privkey = expand_file_big_buffer(privkey))) - return NULL; + return sigheaders ? sigheaders : string_get(0); -DEBUG(D_transport) debug_printf("ARC: sign for %s\n", identity); +if ((opts = string_nextinlist(&signspec, &sep, NULL, 0))) + { + int osep = ','; + while ((s = string_nextinlist(&opts, &osep, NULL, 0))) + if (Ustrcmp(s, "timestamps") == 0) + { + options |= ARC_SIGN_OPT_TSTAMP; + if (!now) now = time(NULL); + } + else if (Ustrncmp(s, "expire", 6) == 0) + { + options |= ARC_SIGN_OPT_EXPIRE; + if (*(s += 6) == '=') + if (*++s == '+') + { + if (!(expire = (time_t)atoi(CS ++s))) + expire = ARC_SIGN_DEFAULT_EXPIRE_DELTA; + if (!now) now = time(NULL); + expire += now; + } + else + expire = (time_t)atol(CS s); + else + { + if (!now) now = time(NULL); + expire = now + ARC_SIGN_DEFAULT_EXPIRE_DELTA; + } + } + } -/* -- scan headers for existing ARC chain & A-R (with matching system-identfier) - - paniclog & skip on problems (no A-R) -*/ +DEBUG(D_transport) debug_printf("ARC: sign for %s\n", identity); -/* Make an rlist of any new DKIM headers, then add the "normals" rlist to it */ +/* Make an rlist of any new DKIM headers, then add the "normals" rlist to it. +Then scan the list for an A-R header. */ string_from_gstring(sigheaders); if ((rheaders = arc_sign_scan_headers(&arc_sign_ctx, sigheaders))) { hdr_rlist ** rp; - for (rp = &rheaders; *rp; ) rp = &(*rp)->prev; - *rp = headers_rlist; - headers_rlist = rheaders; + for (rp = &headers_rlist; *rp; ) rp = &(*rp)->prev; + *rp = rheaders; } -else - rheaders = headers_rlist; + /* Finally, build a normal-order headers list */ /*XXX only needed for hunt-the-AR? */ -{ -header_line * hnext = NULL; -for (; rheaders; hnext = rheaders->h, rheaders = rheaders->prev) - rheaders->h->next = hnext; -headers = hnext; -} - -instance = arc_sign_ctx.arcset_chain_last ? arc_sign_ctx.arcset_chain_last->instance + 1 : 1; +/*XXX also, we really should be accepting any number of ADMD-matching ARs */ + { + header_line * hnext = NULL; + for (rheaders = headers_rlist; rheaders; + hnext = rheaders->h, rheaders = rheaders->prev) + rheaders->h->next = hnext; + headers = hnext; + } if (!(arc_sign_find_ar(headers, identity, &ar))) { - log_write(0, LOG_MAIN|LOG_PANIC, "ARC: no Authentication-Results header for signing"); + log_write(0, LOG_MAIN, "ARC: no Authentication-Results header for signing"); return sigheaders ? sigheaders : string_get(0); } +/* We previously built the data-struct for the existing ARC chain, if any, using a headers +feed from the DKIM module. Use that to give the instance number for the ARC set we are +about to build. */ + +DEBUG(D_transport) + if (arc_sign_ctx.arcset_chain_last) + debug_printf("ARC: existing chain highest instance: %d\n", + arc_sign_ctx.arcset_chain_last->instance); + else + debug_printf("ARC: no existing chain\n"); + +instance = arc_sign_ctx.arcset_chain_last ? arc_sign_ctx.arcset_chain_last->instance + 1 : 1; + /* - Generate AAR - copy the A-R; prepend i= & identity @@ -1603,7 +1678,7 @@ g = arc_sign_append_aar(g, &arc_sign_ctx, identity, instance, &ar); b = arc_ams_setup_sign_bodyhash(); g = arc_sign_append_ams(g, &arc_sign_ctx, instance, identity, selector, - &b->bh, headers_rlist, privkey); + &b->bh, headers_rlist, privkey, options); /* - Generate AS @@ -1618,13 +1693,15 @@ g = arc_sign_append_ams(g, &arc_sign_ctx, instance, identity, selector, including self (but with an empty b= in self) */ -g = arc_sign_prepend_as(g, &arc_sign_ctx, instance, identity, selector, &ar, privkey); +if (g) + g = arc_sign_prepend_as(g, &arc_sign_ctx, instance, identity, selector, &ar, + privkey, options); /* Finally, append the dkim headers and return the lot. */ -g = string_catn(g, sigheaders->s, sigheaders->ptr); +if (sigheaders) g = string_catn(g, sigheaders->s, sigheaders->ptr); (void) string_from_gstring(g); -gstring_reset_unused(g); +gstring_release_unused(g); return g; } @@ -1704,7 +1781,37 @@ return is_vfy ? arc_header_vfy_feed(g) : arc_header_sign_feed(g); /******************************************************************************/ -/* Construct an Authenticate-Results header portion, for the ARC module */ +/* Construct the list of domains from the ARC chain after validation */ + +uschar * +fn_arc_domains(void) +{ +arc_set * as; +unsigned inst; +gstring * g = NULL; + +for (as = arc_verify_ctx.arcset_chain, inst = 1; as; as = as->next, inst++) + { + arc_line * hdr_as = as->hdr_as; + if (hdr_as) + { + blob * d = &hdr_as->d; + + for (; inst < as->instance; inst++) + g = string_catn(g, US":", 1); + + g = d->data && d->len + ? string_append_listele_n(g, ':', d->data, d->len) + : string_catn(g, US":", 1); + } + else + g = string_catn(g, US":", 1); + } +return g ? g->s : US""; +} + + +/* Construct an Authentication-Results header portion, for the ARC module */ gstring * authres_arc(gstring * g) @@ -1718,20 +1825,20 @@ if (arc_state) g = string_append(g, 2, US";\n\tarc=", arc_state); if (arc_received_instance > 0) { - g = string_append(g, 3, US" (i=", - string_sprintf("%d", arc_received_instance), US")"); + g = string_fmt_append(g, " (i=%d)", arc_received_instance); if (arc_state_reason) g = string_append(g, 3, US"(", arc_state_reason, US")"); g = string_catn(g, US" header.s=", 10); highest_ams = arc_received->hdr_ams; g = string_catn(g, highest_ams->s.data, highest_ams->s.len); - g = string_append(g, 2, - US" arc.oldest-pass=", string_sprintf("%d", arc_oldest_pass)); + g = string_fmt_append(g, " arc.oldest-pass=%d", arc_oldest_pass); if (sender_host_address) - g = string_append(g, 2, US" smtp.client-ip=", sender_host_address); + g = string_append(g, 2, US" smtp.remote-ip=", sender_host_address); } + else if (arc_state_reason) + g = string_append(g, 3, US" (", arc_state_reason, US")"); DEBUG(D_acl) debug_printf("ARC: authres '%.*s'\n", g->ptr - start - 3, g->s + start + 3); }