From: Jeremy Harris Date: Mon, 24 Jul 2023 12:30:40 +0000 (+0100) Subject: GnuTLS: fix crash with "tls_dhparam = none" X-Git-Tag: exim-4.97-RC0~48 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/8e9770348dc4173ab83657ee023c22f479ebb712?ds=sidebyside;hp=249f39385d608eaa6a3daabce6f9bcfa15eb2d3c GnuTLS: fix crash with "tls_dhparam = none" --- diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 3d74d58b0..97c48d887 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -167,6 +167,10 @@ JH/31 Bug 2998: Fix ${utf8clean:...} to disallow UTF-16 surrogate codepoints. Found and fixed by Jasen Betts. No testcase for this as my usual text editor insists on emitting only valid UTF-8. +JH/32 Fix "tls_dhparam = none" under GnuTLS. At least with 3.7.9 this gave + a null-indireciton SIGSEGV for the receive process. + + Exim version 4.96 ----------------- diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index c3e2d98e8..dd70e73e1 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -727,7 +727,7 @@ file is never present. If two processes both compute some new parameters, you waste a bit of effort, but it doesn't seem worth messing around with locking to prevent this. -Returns: OK/DEFER/FAIL +Returns: OK/DEFER (expansion issue)/FAIL (requested none) */ static int @@ -765,7 +765,7 @@ else if (Ustrcmp(exp_tls_dhparam, "historic") == 0) else if (Ustrcmp(exp_tls_dhparam, "none") == 0) { DEBUG(D_tls) debug_printf("Requested no DH parameters\n"); - return OK; + return FAIL; } else if (exp_tls_dhparam[0] != '/') { @@ -2002,10 +2002,10 @@ Returns: OK/DEFER/FAIL */ static int -tls_set_remaining_x509(exim_gnutls_state_st *state, uschar ** errstr) +tls_set_remaining_x509(exim_gnutls_state_st * state, uschar ** errstr) { -int rc; -const host_item *host = state->host; /* macro should be reconsidered? */ +int rc = OK; +const host_item * host = state->host; /* macro should be reconsidered? */ /* Create D-H parameters, or read them from the cache file. This function does its own SMTP error messaging. This only happens for the server, TLS D-H ignores @@ -2014,11 +2014,13 @@ client-side params. */ if (!state->host) { if (!dh_server_params) - if ((rc = init_server_dh(errstr)) != OK) return rc; + if ((rc = init_server_dh(errstr)) == DEFER) return rc; /* Unnecessary & discouraged with 3.6.0 or later, according to docs. But without it, no DHE- ciphers are advertised. */ - gnutls_certificate_set_dh_params(state->lib_state.x509_cred, dh_server_params); + + if (rc == OK) + gnutls_certificate_set_dh_params(state->lib_state.x509_cred, dh_server_params); } /* Link the credentials to the session. */ diff --git a/test/log/2049 b/test/log/2049 index 883f5502a..e697e8b4f 100644 --- a/test/log/2049 +++ b/test/log/2049 @@ -13,6 +13,9 @@ 1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss 1999-03-02 09:44:33 10HmbF-000000005vi-0000 => userb@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbG-000000005vi-0000" 1999-03-02 09:44:33 10HmbF-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbH-000000005vi-0000 => userx@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbI-000000005vi-0000" +1999-03-02 09:44:33 10HmbH-000000005vi-0000 Completed ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D @@ -37,3 +40,7 @@ 1999-03-02 09:44:33 10HmbG-000000005vi-0000 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbF-000000005vi-0000@myhost.test.ex 1999-03-02 09:44:33 10HmbG-000000005vi-0000 => userb R=server T=local_delivery 1999-03-02 09:44:33 10HmbG-000000005vi-0000 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=p1239, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 10HmbI-000000005vi-0000 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbH-000000005vi-0000@myhost.test.ex +1999-03-02 09:44:33 10HmbI-000000005vi-0000 => userx R=server T=local_delivery +1999-03-02 09:44:33 10HmbI-000000005vi-0000 Completed diff --git a/test/scripts/2000-GnuTLS/2049 b/test/scripts/2000-GnuTLS/2049 index e66d952ab..f017e0378 100644 --- a/test/scripts/2000-GnuTLS/2049 +++ b/test/scripts/2000-GnuTLS/2049 @@ -40,4 +40,12 @@ exim -odf userb@test.ex Test message **** killdaemon +# +# Check we can survive an explicit request for no DH-params +exim -DSERVER=server -DDATA=none -bd -oX PORT_D +**** +exim -odf userx@test.ex +Test message +**** +killdaemon no_message_check