Re: [exim] Segmentation fault on SPF check

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MBryan Rawlins at <-
M 
Delete this message
Reply to this message
Author: Bryan Rawlins
Date:  
To: exim-users
Subject: Re: [exim] Segmentation fault on SPF check
I found a SRPM for libspf2 that includes 2 patch files to make it compatible
with x86_64 based processors. Hopefully this will save someone else the work in
the future. 

::::::::::::::
libspf2-1.2.5-64bitfixes.patch
::::::::::::::
--- libspf2-1.2.5/src/libspf2/spf_interpret.c~  2005-02-22 04:41:27.000000000 +0100
+++ libspf2-1.2.5/src/libspf2/spf_interpret.c   2005-10-25 13:40:42.000000000 +0200
@@ -49,7 +49,7 @@
        SPF_record_t    *spf_record;
        SPF_errcode_t    err;
        char                    *buf;
-       int                              buflen;
+       size_t                           buflen;
        int                              len;


        SPF_ASSERT_NOTNULL(spf_response);


::::::::::::::
libspf2-1.2.5-headers.patch
::::::::::::::
--- libspf2-1.2.5/src/include/spf_server.h~     2004-09-29 12:33:09.000000000 +0200
+++ libspf2-1.2.5/src/include/spf_server.h      2005-07-04 18:33:42.000000000 +0200
@@ -20,7 +20,6 @@


#include "spf_record.h"
#include "spf_dns.h"
-#include "spf_dns_internal.h"

#ifndef SPF_MAX_DNS_MECH
/* It is a bad idea to change this for two reasons.

Bryan Rawlins wrote:
>
> After further testing this Segmentation Fault appears to be in libspf2, and not
> exim.
>
> I'm going to try and work out where the failure is and if I do I'll post my
> results just in case others run into the same problem in the future.
>
> Bryan Rawlins wrote:
>> Hello,
>> I'm running into a bit of a problem with SPF Segfaulting in the ACL.
>>
>> I'm using the following versions.
>> CentOS 4.3 x86_64
>> exim-4.60 from source
>> libspf2-1.2.5 from source
>>
>> I've also tried exim-4.62 with the same results.
>>
>> Output of >exim -bh 172.30.0.62
>> <snip>
>> 250-mailfilter3.onlymyemail.com Hello corsair2.onlymyemail.com [172.30.0.62]
>> 250-SIZE 15728640
>> 250-PIPELINING
>> 250-STARTTLS
>> 250 HELP
>> mail from: bryan a t rawlinsnet.net <munged>
>>>>> using ACL "check_sender"
>>>>> processing "accept"
>>>>> check hosts = +local_hosts
>>>>> host in "+local_hosts"? no (end of list)
>>>>> accept: condition test failed
>>>>> processing "warn"
>>>>> check hosts = 172.30.0.0/24
>>>>> host in "172.30.0.0/24"? yes (matched "172.30.0.0/24")
>>>>> check spf = *
>> Segmentation fault
>>
>> The revelent portion of te ACL file looks like this:
>> <snip>
>> # SPF
>>
>> warn    hosts    = 172.30.0.0/24

>>
>>     message    = X-OmeMetric-strSPF: $spf_result

>>
>>     spf    = *

>>
>> # Insert headers for connection metrics
>> warn    message    = $acl_c0
>> <snip>

>>
>> This configuration did work on our previous hadware (Intel 32bit).
>>
>> I'm pretty sure libspf2 is functioning correctly, here output from spftest:
>> # spftest domain onlymyemail.com
>> spf_compile.c:473    Debug: Adding string literal (6): 'Please'
>> spf_compile.c:473    Debug: Adding string literal (3): 'see'
>> spf_compile.c:473    Debug: Adding string literal (37):
>> 'http://spf.pobox.com/why.html?sender='
>> spf_compile.c:473    Debug: Adding string literal (4): '&ip='
>> spf_compile.c:473    Debug: Adding string literal (10): '&receiver='
>> spf_compile.c:1063   Debug: Compiling record v=spf1
>> include:spf.trusted-forwarder.org
>> spf_compile.c:1163   Debug: Name starts at
>> include:spf.trusted-forwarder.org
>> spf_compile.c:1257   Debug: Adding mechanism type 4
>> spf_compile.c:719    Debug: SPF_c_mech_add: type=4,
>> value=:spf.trusted-forwarder.org
>> spf_compile.c:577    Debug: Parsing domainspec starting at
>> spf.trusted-forwarder.org, cidr is forbidden
>> spf_compile.c:473    Debug: Adding string literal (25):
>> 'spf.trusted-forwarder.org'
>> spf_dns.c:62         Debug: DNS cache lookup:  onlymyemail.com  TXT (16)
>> spf_dns.c:62         Debug: DNS resolv lookup:  onlymyemail.com  TXT (16)
>> spf_dns_resolv.c:199 Debug: msg id:             10108
>> spf_dns_resolv.c:200 Debug: ns_f_qr quest/resp: 1
>> spf_dns_resolv.c:201 Debug: ns_f_opcode:        0
>> spf_dns_resolv.c:202 Debug: ns_f_aa auth ans:   1
>> spf_dns_resolv.c:203 Debug: ns_f_tc truncated:  0
>> spf_dns_resolv.c:204 Debug: ns_f_rd rec desire: 1
>> spf_dns_resolv.c:205 Debug: ns_f_ra rec avail:  1
>> spf_dns_resolv.c:206 Debug: ns_f_rcode:         0
>> spf_dns_resolv.c:218 Debug: Answer:  1
>> spf_dns_resolv.c:236 Debug: name: onlymyemail.com  type: 16  class: 1
>> ttl: 86400  rdlen: 55
>> spf_dns_resolv.c:305 Debug: TXT: (55) "v=spf1 ip4:69.16.145.32/27
>> ip4:216.234.108.224/27 ~all"
>> spf_dns.c:86         Debug: DNS resolv found:  onlymyemail.com  TXT (16)
>>  TTL: 0  RR found: 1  herrno: 0  source: resolv
>> spf_dns.c:86         Debug: DNS cache found:  onlymyemail.com  TXT (16)
>>  TTL: 0  RR found: 1  herrno: 0  source: resolv
>> SPF record in:  v=spf1 ip4:69.16.145.32/27 ip4:216.234.108.224/27 ~all
>> spf_compile.c:1063   Debug: Compiling record v=spf1 ip4:69.16.145.32/27
>> ip4:216.234.108.224/27 ~all
>> spf_compile.c:1163   Debug: Name starts at  ip4:69.16.145.32/27
>> ip4:216.234.108.224/27 ~all
>> spf_compile.c:1257   Debug: Adding mechanism type 5
>> spf_compile.c:719    Debug: SPF_c_mech_add: type=5,
>> value=:69.16.145.32/27 ip4:216.234.108.224/27 ~all
>> spf_compile.c:1163   Debug: Name starts at  ip4:216.234.108.224/27 ~all
>> spf_compile.c:1257   Debug: Adding mechanism type 5
>> spf_compile.c:719    Debug: SPF_c_mech_add: type=5,
>> value=:216.234.108.224/27 ~all
>> spf_compile.c:1163   Debug: Name starts at  all
>> spf_compile.c:1257   Debug: Adding mechanism type 8
>> spf_compile.c:719    Debug: SPF_c_mech_add: type=8, value=
>> no errors
>> SPF header:  version: 1  mech 3/20  mod 0/0  len=84
>> spf_id2str.c:312     Debug: stringify: Buffer length is 153

>>
>> spf_id2str.c:333     Debug: stringify: Handling item  0/3 at 0x503130
>> spf_id2str.c:367     Debug: Mechanism type is 5
>> spf_id2str.c:431     Debug: stringify: Buffer so far is
>> spf_id2str.c:333     Debug: stringify: Handling item  1/3 at 0x503138
>> spf_id2str.c:367     Debug: Mechanism type is 5
>> spf_id2str.c:431     Debug: stringify: Buffer so far is
>> spf_id2str.c:333     Debug: stringify: Handling item  2/3 at 0x503140
>> spf_id2str.c:367     Debug: Mechanism type is 8
>> spf_id2str.c:431     Debug: stringify: Buffer so far is
>> spf_id2str.c:55      Debug:  string data: Building
>> SPF record:  v=spf1 ip4:69.16.145.32/27 ip4:216.234.108.224/27 ~all

>>
>> Any insight would be greatly appreciated.
>>
>> Bryan Rawlins
>> System Administrator
>> OnlyMyEmail Inc
>> http://www.onlymyemail.com
>>
>

--
Bryan Rawlins
Network Administrator
OnlyMyEmail.com
(734) 780-2184
Bryan.Rawlins@???
http://www.onlymyemail.com


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Segmentation fault on SPF checkRe: [exim] eximstats failed causing server to be slow?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)