[exim-dev] [Bug 2316] Missing Error Check in function X509_NAME_oneline()
https://bugs.exim.org/show_bug.cgi?id=2316
--- Comment #2 from Chi Li ---
(In reply to Jeremy Harris from comment #1)
> The docs at
> https://www.openssl.org/docs/man1.0.2/crypto/X509_NAME_oneline.html
> do not say that NULL can be returned. Nor do the 1.1.0 versions.
Sorry, It was my fault to forget to check the docs about the version 1.0.2.
However, in the ref
https://www.openssl.org/docs/manmaster/man3/X509_NAME_oneline.html which is the
latest version docs says NULL on error.
Also,the 1.0.2 version is already corrected referring to the latest standards.
ref:
https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/crypto/x509v3/v3_alt.c
152:if (X509_NAME_oneline(gen->d.dirn, oline, 256) == NULL
153:|| !X509V3_add_value("DirName", oline, ))
154: return NULL;
The 1.1.0 version is corrected too.
ref:
https://github.com/openssl/openssl/blob/OpenSSL_1_1_0-stable/crypto/x509v3/v3_alt.c
103:if (X509_NAME_oneline(gen->d.dirn, oline, 256) == NULL
104:|| !X509V3_add_value("DirName", oline, ))
105: return NULL;
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/ ##
[exim-dev] [Bug 2310] event_action fires/expands with -Mg flag, but not with -Mrm
https://bugs.exim.org/show_bug.cgi?id=2310 Matthias Kurz changed: What|Removed |Added Attachment #1109|0 |1 is obsolete|| --- Comment #13 from Matthias Kurz --- Created attachment 1118 --> https://bugs.exim.org/attachment.cgi?id=1118=edit Set acl_where -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2310] event_action fires/expands with -Mg flag, but not with -Mrm
https://bugs.exim.org/show_bug.cgi?id=2310 --- Comment #15 from Matthias Kurz --- NOW it's really done ;) The last patch file I added now also fires "msg:fail:internal" for non-delivered recipients when removing a message via -Mrm. Comment 9 still applies. Let me know what you think, I am eager to get this in. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2310] event_action fires/expands with -Mg flag, but not with -Mrm
https://bugs.exim.org/show_bug.cgi?id=2310 --- Comment #14 from Matthias Kurz --- Created attachment 1119 --> https://bugs.exim.org/attachment.cgi?id=1119=edit Fire msg:fail:internal for each recipient for -Mrm -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2310] event_action fires/expands with -Mg flag, but not with -Mrm
https://bugs.exim.org/show_bug.cgi?id=2310 Matthias Kurz changed: What|Removed |Added Attachment #1108|0 |1 is obsolete|| --- Comment #12 from Matthias Kurz --- Created attachment 1117 --> https://bugs.exim.org/attachment.cgi?id=1117=edit Test: Fire event(s) when removing message from queue -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2310] event_action fires/expands with -Mg flag, but not with -Mrm
https://bugs.exim.org/show_bug.cgi?id=2310 Matthias Kurz changed: What|Removed |Added Attachment #1106|0 |1 is obsolete|| --- Comment #10 from Matthias Kurz --- Created attachment 1115 --> https://bugs.exim.org/attachment.cgi?id=1115=edit event_raise(...) can be used outside of transport -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2310] event_action fires/expands with -Mg flag, but not with -Mrm
https://bugs.exim.org/show_bug.cgi?id=2310 Matthias Kurz changed: What|Removed |Added Attachment #1107|0 |1 is obsolete|| --- Comment #11 from Matthias Kurz --- Created attachment 1116 --> https://bugs.exim.org/attachment.cgi?id=1116=edit Call event_raise when removing message from queue (-Mrm) -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2313] [PATCH] Documentation is missing info about $event_data
https://bugs.exim.org/show_bug.cgi?id=2313 Jeremy Harris changed: What|Removed |Added Resolution|--- |FIXED Status|WAIT_FIX_CONFIRMATION |RESOLVED --- Comment #8 from Jeremy Harris --- Fix confirmed by reporter -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2313] [PATCH] Documentation is missing info about $event_data
https://bugs.exim.org/show_bug.cgi?id=2313 --- Comment #7 from Matthias Kurz --- Looks fine to me ;) -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2313] [PATCH] Documentation is missing info about $event_data
https://bugs.exim.org/show_bug.cgi?id=2313 Jeremy Harris changed: What|Removed |Added Status|ASSIGNED|WAIT_FIX_CONFIRMATION --- Comment #6 from Jeremy Harris --- I usually leave them open for a week in case anyone spots an issue. Are you happy that the commit was correct? -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2313] [PATCH] Documentation is missing info about $event_data
https://bugs.exim.org/show_bug.cgi?id=2313 --- Comment #5 from Matthias Kurz --- I thing this one can be marked as fixed now? -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2318] New: noerror command in filter file is not working
https://bugs.exim.org/show_bug.cgi?id=2318 Bug ID: 2318 Summary: noerror command in filter file is not working Product: Exim Version: 4.91 Hardware: All OS: All Status: NEW Severity: bug Priority: medium Component: Filters Assignee: ni...@exim.org Reporter: m.k...@irregular.at CC: exim-dev@exim.org Created attachment 1114 --> https://bugs.exim.org/attachment.cgi?id=1114=edit Test for the noerror command in a filter file See the attached test 0616: --- 1. A message gets send to userx. 2. The router that handles userx processes a filter file. 3. That filter file (also) delivers the message to usery. 3.1. "unseen" makes the delivery not significant (userx also continues processing). 3.2. "noerror" is set. 4. Now both addresses get processed by the (same) smtp transport. 4.1. userx gets accepted. 4.2. usery however gets rejected (550) What happens now is a bug I think: For usery a bounce gets send (see 10HmaY-0005vi-00 in the log) even though "noerror" was set. Let's see what the docs say about the noerror command (https://www.exim.org/exim-html-current/doc/html/spec_html/filter_ch-exim_filter_files.html#SEC43): --- > ... If any of the generated addresses subsequently suffers a delivery > failure, an error message is generated in the normal way. However, if a > filter command that sets up a delivery is preceded by the word ânoerrorâ, > errors for that delivery, (...) are ignored. The "error ignored" log entry is also relevant here (https://www.exim.org/exim-html-current/doc/html/spec_html/ch-log_files.html#SECID259): --- > There are several circumstances that give rise to this message: > ... > 2. A filter file set up a delivery using the ânoerrorâ option, and the > delivery failed. The delivery was discarded. Therefore instead of the bounce message I would expect "error ignored" to be logged. So is that a bug or do I misunderstand how to use the noerror commmand and/or how it works exactly? Because I debugged it, I am also sure following statement in filter.c gets processed - which supports my thought even more that this is a bug (https://git.exim.org/exim.git/blob/8768d5483a5894400ae1f70cda1beb44ed9b087c:/src/src/filter.c#l1818): --- if (commands->noerror) addr->prop.ignore_error = TRUE; Possible solutions: --- 1. If that is a bug it should get fixed ;) and the log in my test needs to be updated of course to reflect the correct behavour. 2. If that is not a bug, can someone please update my test or provide a new one which sets up a test case for the noerror command so that "error ignored" gets logged? I just wasn't able to do so. Also there is not a single test for the noerror command yet. -- You are receiving this mail because: You are on the CC list for the bug.-- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2317] Missing Error Check in function SSL_CTX_set_cipher_list()
https://bugs.exim.org/show_bug.cgi?id=2317 Jeremy Harris changed: What|Removed |Added Status|NEW |ASSIGNED -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2317] New: Missing Error Check in function SSL_CTX_set_cipher_list()
https://bugs.exim.org/show_bug.cgi?id=2317
Bug ID: 2317
Summary: Missing Error Check in function
SSL_CTX_set_cipher_list()
Product: Exim
Version: 4.91
Hardware: x86
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: TLS
Assignee: jgh146...@wizmail.org
Reporter: chi-l...@mails.tsinghua.edu.cn
CC: exim-dev@exim.org
Function SSL_CTX_set_cipher_list() returns 1 if any cipher selected and 0 on
complete failure. However, the SSL_CTX_set_cipher_list() didn't check the
return value is 0 or not.
The unchecked return value.
line: 1242
SSL_CTX_set_cipher_list(server_sni, CS cbinfo->server_cipher_list);
ref: https://github.com/Exim/exim/blob/exim-4_91%2Bfixes/src/src/tls-openssl.c
===
The specification about function SSL_CTX_set_cipher_listï¼ï¼
ref: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_cipher_list.html
We find the return value of this call been checked in the same file
Such as,
2000: if (!SSL_CTX_set_cipher_list(server_ctx, CS expciphers))
2001: return tls_error(US"SSL_CTX_set_cipher_list", NULL, NULL, errstr);
2337: if (!SSL_CTX_set_cipher_list(client_ctx, CS expciphers))
2338: return tls_error(US"SSL_CTX_set_cipher_list", host, NULL, errstr);
2858: if (!SSL_CTX_set_cipher_list(ctx, CS expciphers))
2859:{
2860:ERR_error_string(ERR_get_error(), ssl_errstring);
2861:err = string_sprintf("SSL_CTX_set_cipher_list(%s) failed: %s",
2862: expciphers, ssl_errstring);
2863:}
--
You are receiving this mail because:
You are on the CC list for the bug.--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/ ##
[exim-dev] [Bug 2316] Missing Error Check in function X509_NAME_oneline()
https://bugs.exim.org/show_bug.cgi?id=2316 --- Comment #1 from Jeremy Harris --- The docs at https://www.openssl.org/docs/man1.0.2/crypto/X509_NAME_oneline.html do not say that NULL can be returned. Nor do the 1.1.0 versions. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2316] New: Missing Error Check in function X509_NAME_oneline()
https://bugs.exim.org/show_bug.cgi?id=2316
Bug ID: 2316
Summary: Missing Error Check in function X509_NAME_oneline()
Product: Exim
Version: 4.91
Hardware: x86
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: TLS
Assignee: jgh146...@wizmail.org
Reporter: chi-l...@mails.tsinghua.edu.cn
CC: exim-dev@exim.org
Function X509_NAME_oneline() returns a valid string on success or NULL on
error. However, the function X509_NAME_oneline() didn't check the return value
is NULL or not. See the following details.
line: 384
code: X509_NAME_oneline(X509_get_subject_name(cert), CS dn, sizeof(dn));
The same situation is also occured in line 530 and 1739.
ref: https://github.com/Exim/exim/blob/exim-4_91%2Bfixes/src/src/tls-openssl.c
===
The following ref is about the specification of function X509_NAME_oneline.
ref: https://www.openssl.org/docs/manmaster/man3/X509_NAME_oneline.html.
We find the return value of this call been checked in openssl project with the
version of openssl 1.1.2.
Such as in openssl/crypto folder,
crypto/x509/x_name.c
ref: https://github.com/openssl/openssl/blob/master/crypto/x509/x_name.c
500: b = X509_NAME_oneline(name, NULL, 0);
501: if (!b)
502: return 0;
/crypto/x509v3/v3_alt.c
ref: https://github.com/openssl/openssl/blob/master/crypto/x509v3/v3_alt.c
104:if (X509_NAME_oneline(gen->d.dirn, oline, sizeof(oline)) == NULL
105:|| !X509V3_add_value("DirName", oline, ))
106: return NULL;
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/ ##
