From d4de30edf98c3ea326f6f949a9bf934d17d8412e Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 11 May 2018 16:26:17 +0100 Subject: [PATCH] ARC: fix crash on signing with missing key file Cherry-picked from: 97e939dfe2 --- src/src/arc.c | 4 ++- test/confs/4560 | 4 +++ test/log/4560 | 20 +++++++++++-- test/log/4561 | 10 +++++++ test/mail/4560.a | 20 +++++++++++++ test/mail/4561.a | 35 ++++++++++++++++++++++ test/mail/4562.a | 60 ++++++++++++++++++++++++++++++++++++++ test/scripts/4560-ARC/4560 | 34 +++++++++++++++++++++ 8 files changed, 183 insertions(+), 4 deletions(-) create mode 100644 test/log/4561 create mode 100644 test/mail/4561.a create mode 100644 test/mail/4562.a diff --git a/src/src/arc.c b/src/src/arc.c index 557ea8510..a8562a725 100644 --- a/src/src/arc.c +++ b/src/src/arc.c @@ -1632,7 +1632,9 @@ g = arc_sign_append_ams(g, &arc_sign_ctx, instance, identity, selector, including self (but with an empty b= in self) */ -g = arc_sign_prepend_as(g, &arc_sign_ctx, instance, identity, selector, &ar, privkey); +if (g) + g = arc_sign_prepend_as(g, &arc_sign_ctx, instance, identity, selector, &ar, + privkey); /* Finally, append the dkim headers and return the lot. */ diff --git a/test/confs/4560 b/test/confs/4560 index c986d5f5c..5dda8244c 100644 --- a/test/confs/4560 +++ b/test/confs/4560 @@ -76,8 +76,12 @@ tsmtp: port = PORT_D allow_localhost .ifndef OPTION +.ifdef BAD + arc_sign = $primary_hostname : sel : MISSING_KEY +.else arc_sign = $primary_hostname : sel : DIR/aux-fixed/dkim/dkim.private .endif +.endif tmlist: driver = smtp diff --git a/test/log/4560 b/test/log/4560 index a89738027..d3e87a2f8 100644 --- a/test/log/4560 +++ b/test/log/4560 @@ -129,7 +129,21 @@ 1999-03-02 09:44:33 10HmbQ-0005vi-00 => a R=d1 T=tfile 1999-03-02 09:44:33 10HmbQ-0005vi-00 Completed 1999-03-02 09:44:33 End queue run: pid=pppp -1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 -1999-03-02 09:44:33 10HmbR-0005vi-00 H=(xxx) [127.0.0.1] Warning: ARC-FAIL 1999-03-02 09:44:33 10HmbR-0005vi-00 arc_state: -1999-03-02 09:44:33 10HmbR-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss for a@test.ex +1999-03-02 09:44:33 10HmbR-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss for za@test.ex +1999-03-02 09:44:33 Start queue run: pid=pppp +1999-03-02 09:44:33 10HmbR-0005vi-00 ARC: AMS signing: error:0906D06C:PEM routines:PEM_read_bio:no start line + +1999-03-02 09:44:33 10HmbS-0005vi-00 arc_state: +1999-03-02 09:44:33 10HmbS-0005vi-00 <= CALLER@bloggs.com H=localhost (test.ex) [127.0.0.1] P=esmtp S=sss for a@test.ex +1999-03-02 09:44:33 10HmbR-0005vi-00 => a@test.ex R=fwd T=tsmtp H=127.0.0.1 [127.0.0.1] C="250 OK id=10HmbS-0005vi-00" +1999-03-02 09:44:33 10HmbR-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp +1999-03-02 09:44:33 Start queue run: pid=pppp +1999-03-02 09:44:33 10HmbS-0005vi-00 => a R=d1 T=tfile +1999-03-02 09:44:33 10HmbS-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 10HmbT-0005vi-00 H=(xxx) [127.0.0.1] Warning: ARC-FAIL +1999-03-02 09:44:33 10HmbT-0005vi-00 arc_state: +1999-03-02 09:44:33 10HmbT-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss for a@test.ex diff --git a/test/log/4561 b/test/log/4561 new file mode 100644 index 000000000..d5e6af732 --- /dev/null +++ b/test/log/4561 @@ -0,0 +1,10 @@ + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 10HmaX-0005vi-00 arc_state: +1999-03-02 09:44:33 10HmaX-0005vi-00 reason: +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=3885245d-3bae-66a2-7a1e-0dbceae2fb50@test.ex for a@test.ex +1999-03-02 09:44:33 Start queue run: pid=pppp +1999-03-02 09:44:33 10HmaX-0005vi-00 => a R=d1 T=tfile +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp diff --git a/test/mail/4560.a b/test/mail/4560.a index dd38aa6da..f9c4e45f1 100644 --- a/test/mail/4560.a +++ b/test/mail/4560.a @@ -479,3 +479,23 @@ http://lists.dmarc.org/mailman/listinfo/arc-discuss --===============2728806607597782871==-- +From CALLER@bloggs.com Tue Mar 02 09:44:33 1999 +Authentication-Results: test.ex; + iprev=pass (localhost); + arc=none +Received: from localhost ([127.0.0.1] helo=test.ex) + by test.ex with esmtp (Exim x.yz) + (envelope-from ) + id 10HmbS-0005vi-00 + for a@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Authentication-Results: test.ex; + arc=none +Received: from [127.0.0.1] (helo=xxx) + by test.ex with smtp (Exim x.yz) + (envelope-from ) + id 10HmbR-0005vi-00 + for za@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Subject: Test + +This is a test body. + diff --git a/test/mail/4561.a b/test/mail/4561.a new file mode 100644 index 000000000..55f56734f --- /dev/null +++ b/test/mail/4561.a @@ -0,0 +1,35 @@ +From CALLER@bloggs.com Tue Mar 02 09:44:33 1999 +Authentication-Results: test.ex; + arc=fail (i=2 (cv, sequence or missing header)) +Received: from [127.0.0.1] (helo=xxx) + by test.ex with smtp (Exim x.yz) + (envelope-from ) + id 10HmaX-0005vi-00 + for a@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +ARC-Seal: i=2; cv=none; a=rsa-sha256; d=test.ex; s=r201803; + b=HxjMzNcj7OX+I9Vr1Xr14AGgAci/CI8JxspaeoNT7TBsiOAtZ+YDBBSqXe6fqX3mHQEwpnXrdz + PCMIU1SF3ZiBtqWaLBPhStfuNQl5cw+TWXC60rOwCD2bxuBqubM/3AZLMPzIpm62MUYUUGaxwi + +LssT4F237WN88Lu4g5vqi8=; +ARC-Authentication-Results: i=2; test.ex; + iprev=fail; + auth=pass (PLAIN) smtp.auth=fred@test.ex +ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed; d=test.ex; s=r201803; + bh=52LTOZoDLUGP5RZMMrrjLkwTKuJ59wx4n3rL9RKBtgg=; + h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date:Message-ID:Subject: + From:To:Content-Transfer-Encoding:Content-Type:MIME-Version:Date:Message-ID: + Subject:From:To; + b=LYAs/k3m790qXfftAVQxqHFCUkqcavgcpKnbEje3MgCmpCiYzeeusloVSjyFx6Mdo0XkN0GSZb + HXOCRGaJVnpU9V1QzdIqvz/I7DAyWl53XsKxl9YhsuaeuMMgPpqWpYkp0mOIo3Mtg+VdbF2DKd + O8BRJnqfkZkGUqMUJzdaYMU=; +Authentication-Results: test.ex; + iprev=fail; + auth=pass (PLAIN) smtp.auth=fred@test.ex +Received: from [127.0.0.1] +To: a@test.ex +From: Jeremy Harris +Subject: another test +Message-ID: <3885245d-3bae-66a2-7a1e-0dbceae2fb50@test.ex> +Date: Tue, 2 Mar 1999 09:44:33 +0000 + +This is a simple test. + diff --git a/test/mail/4562.a b/test/mail/4562.a new file mode 100644 index 000000000..df2a234ce --- /dev/null +++ b/test/mail/4562.a @@ -0,0 +1,60 @@ +From CALLER@bloggs.com Tue Mar 02 09:44:33 1999 +Authentication-Results: test.ex; + iprev=pass (localhost); + dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha256; + dkim=fail (body hash mismatch; body probably modified in transit) + header.d=example.com header.s=sel header.a=rsa-sha256; + arc=pass (i=1) header.s=sel arc.oldest-pass=1 smtp.client-ip=127.0.0.1 +Received: from localhost ([127.0.0.1] helo=test.ex) + by test.ex with esmtp (Exim x.yz) + (envelope-from ) + id 10HmaY-0005vi-00 + for a@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +ARC-Seal: i=1; cv=none; a=rsa-sha256; d=test.ex; s=sel; + b=1J94ImExSjtnwHY/c/aN3BX/xlnQfi6CPdGQvbeSdsbCCEtOqK9547tA54tYFh8beeVECAR0xu + 9fCSAjZ/0WM7mrxKNMbWkoHNoejUhNkcxJOtFmiS/0JKPQGk8HTE7FHLbogUQvEJoVBBnqo6xW + nFtzlI3JfLnWvB3FQ316xLs=; +ARC-Authentication-Results: i=1; test.ex; + dkim=fail (body hash mismatch; body probably modified in transit) + header.d=example.com header.s=sel header.a=rsa-sha256; + arc=none +ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed; d=test.ex; s=sel; + bh=3UbbJTudPxmejzh7U1Zg33U3QT+16kfV2eOTvMeiEis=; + h=Subject:Message-ID:Date:To:From:DKIM-Signature:DKIM-Signature; + b=cOGacpDRcKUs8d6NK5vfwKQ9OJ3QbHRjxkBgZr2goYGe4M+9/tWjxgbwrpFGkgqqqVE1iHxp73 + XiycAmipwr0J+Hu1PjkqIXLIY+LsCY+Oq/g1roC2VnphFpfQjaelQQxAIk8RSvmhvIN0WWZG5V + UYCQCkQeY+URg26dYoPZRoY=; +DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; + s=sel; h=Subject:Message-ID:Date:To:From:Sender:Reply-To:Cc:MIME-Version: + Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: + Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: + In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: + List-Post:List-Owner:List-Archive; + bh=3UbbJTudPxmejzh7U1Zg33U3QT+16kfV2eOTvMeiEis=; b=kN1wFOnQGZMmJkwnBgDwrqe3xg + +YlqMcd3tS2KBPcnA71tzAKBiX+QMrcIkp9PgEiJkHOCbM44SEoW/GT/aN0FqeGUuIoZ22nNc9wJq + 9u4dqiZV6L0EFx0+BmAcKN/Ban7hsQASjP8USIMomgaG9ymJhrkOoDcQhkQTBriYt91c=; +Authentication-Results: test.ex; + dkim=fail (body hash mismatch; body probably modified in transit) + header.d=example.com header.s=sel header.a=rsa-sha256; + arc=none +Received: from [127.0.0.1] (helo=xxx) + by test.ex with smtp (Exim x.yz) + (envelope-from ) + id 10HmaX-0005vi-00 + for za@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; + d=example.com; s=sel; h=List-Archive; + bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=uslVEq1LzHDR2ACoSTiErsGhe + GcuqL5no/4XYjsEJOIXkKFp4FFTj7QTcblHqyqsjgd5Dgs7zuFV4U3lwU9jSZtqJNQI+BtYZ5dS48 + sjr9PbLiguw8rAv5eDXBQKi5XcNCnZlUnWEjl10OXEgJZ9UXdKToWHpSfWEw1nFvOlKAfPBfkznnA + EOQXSTJOTanLpr7EZ4Yw5LWE+9BWJfnl6snn6W0mmJl4tbfEXEV1ZzOxdQF1rwjJqmojoCG36Z+v5 + sWKswl7HgSlKo2GKgxh9zIIhoxg5+7zfmHdKUQ2/6zuR8nqjDAjl3bSdOMgZVM0L6G6EMxQP6Sj6f + oEr6ePt9A==; +From: mrgus@text.ex +To: bakawolf@yahoo.com +Date: Tue, 2 Mar 1999 09:44:33 +0000 +Message-ID: +Subject: simple test + +This is a simple test. + diff --git a/test/scripts/4560-ARC/4560 b/test/scripts/4560-ARC/4560 index 1a0086f47..e6fba7154 100644 --- a/test/scripts/4560-ARC/4560 +++ b/test/scripts/4560-ARC/4560 @@ -388,6 +388,40 @@ exim -DSERVER=server -DNOTDAEMON -q **** # # +# Check attemtping to sign, with a missing keyfile +# It starts off bare, so the forwarder reception gets an ARC status of "none". +# The outbound tries to sign it with that. +# +client 127.0.0.1 PORT_D +??? 220 +HELO xxx +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +Subject: Test + +This is a test body. +. +??? 250 +QUIT +??? 221 +**** +# +exim -DSERVER=server -DNOTDAEMON -DBAD -q +**** +exim -DSERVER=server -DNOTDAEMON -q +**** +# +# +# +# +# +# +# # killdaemon # -- 2.30.2