1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
From 8e9770348dc4173ab83657ee023c22f479ebb712 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Mon, 24 Jul 2023 13:30:40 +0100
Subject: [PATCH] GnuTLS: fix crash with "tls_dhparam = none"
---
doc/ChangeLog | 4 ++++
src/tls-gnu.c | 16 +++++++++-------
test/log/2049 | 7 +++++++
test/scripts/2000-GnuTLS/2049 | 8 ++++++++
4 files changed, 28 insertions(+), 7 deletions(-)
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -73,10 +73,14 @@ JH/28 Bug 2996: Fix a crash in the smtp
JH/31 Bug 2998: Fix ${utf8clean:...} to disallow UTF-16 surrogate codepoints.
Found and fixed by Jasen Betts. No testcase for this as my usual text
editor insists on emitting only valid UTF-8.
+JH/32 Fix "tls_dhparam = none" under GnuTLS. At least with 3.7.9 this gave
+ a null-indireciton SIGSEGV for the receive process.
+
+
Exim version 4.96
-----------------
JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
after reception to before a subsequent reception. This should
--- a/src/tls-gnu.c
+++ b/src/tls-gnu.c
@@ -712,11 +712,11 @@ exist, we generate them. This means that
The new file is written as a temporary file and renamed, so that an incomplete
file is never present. If two processes both compute some new parameters, you
waste a bit of effort, but it doesn't seem worth messing around with locking to
prevent this.
-Returns: OK/DEFER/FAIL
+Returns: OK/DEFER (expansion issue)/FAIL (requested none)
*/
static int
init_server_dh(uschar ** errstr)
{
@@ -750,11 +750,11 @@ if (!exp_tls_dhparam)
else if (Ustrcmp(exp_tls_dhparam, "historic") == 0)
use_file_in_spool = TRUE;
else if (Ustrcmp(exp_tls_dhparam, "none") == 0)
{
DEBUG(D_tls) debug_printf("Requested no DH parameters\n");
- return OK;
+ return FAIL;
}
else if (exp_tls_dhparam[0] != '/')
{
if (!(m.data = US std_dh_prime_named(exp_tls_dhparam)))
return tls_error(US"No standard prime named", exp_tls_dhparam, NULL, errstr);
@@ -1971,27 +1971,29 @@ Arguments:
Returns: OK/DEFER/FAIL
*/
static int
-tls_set_remaining_x509(exim_gnutls_state_st *state, uschar ** errstr)
+tls_set_remaining_x509(exim_gnutls_state_st * state, uschar ** errstr)
{
-int rc;
-const host_item *host = state->host; /* macro should be reconsidered? */
+int rc = OK;
+const host_item * host = state->host; /* macro should be reconsidered? */
/* Create D-H parameters, or read them from the cache file. This function does
its own SMTP error messaging. This only happens for the server, TLS D-H ignores
client-side params. */
if (!state->host)
{
if (!dh_server_params)
- if ((rc = init_server_dh(errstr)) != OK) return rc;
+ if ((rc = init_server_dh(errstr)) == DEFER) return rc;
/* Unnecessary & discouraged with 3.6.0 or later, according to docs. But without it,
no DHE- ciphers are advertised. */
- gnutls_certificate_set_dh_params(state->lib_state.x509_cred, dh_server_params);
+
+ if (rc == OK)
+ gnutls_certificate_set_dh_params(state->lib_state.x509_cred, dh_server_params);
}
/* Link the credentials to the session. */
if ((rc = gnutls_credentials_set(state->session,
|