Re: [exim] "closed connection in response to sending data bl…

Top Page
Delete this message
Reply to this message
Author: Tom Kistner
Date:  
To: Tony Meyer
CC: exim users
Subject: Re: [exim] "closed connection in response to sending data block" issue with 4.71 DKIM signing
On 15.12.2009 05:04, Tony Meyer wrote:

> [pid 20730] write(2, "2f"..., 22f)        = 2
> [pid 20730] write(2, "5f"..., 25f)        = 2
> [pid 20730] write(2, "ea"..., 2ea)        = 2
> [pid 20730] write(2, "\n"..., 1
> )        = 1


At this point the lib should also log the b= tag value, but it does not.
So the signing operation fails. An additional problem is that there's no
sane log output when this occurs AND dkim_strict is set. I have
corrected this in CVS (patch attached).

Bottom line: Try the patch (or pull fresh tree from git), then check
which signing error code gets logged. I guess there's a problem with
your RSA key.

/tom


? Local
? build-Linux-i386
? src/receive.c.org
Index: src/dkim.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/dkim.c,v
retrieving revision 1.10
diff -u -r1.10 dkim.c
--- src/dkim.c    16 Nov 2009 19:50:36 -0000    1.10
+++ src/dkim.c    15 Dec 2009 08:22:00 -0000
@@ -391,6 +391,7 @@
   uschar *rc = NULL;
   pdkim_signature *signature;
   int pdkim_canon;
+  int pdkim_rc;
   int sread;
   char buf[4096];
   int save_errno = 0;
@@ -511,8 +512,11 @@
     goto CLEANUP;
   }


-  if (pdkim_feed_finish(ctx,&signature) != PDKIM_OK)
-    goto CLEANUP;
+  pdkim_rc = pdkim_feed_finish(ctx,&signature);
+  if (pdkim_rc != PDKIM_OK) {
+    log_write(0, LOG_MAIN|LOG_PANIC, "DKIM: signing failed (RC %d)", pdkim_rc);
+    goto CLEANUP;  
+  }


   rc = store_get(strlen(signature->signature_header)+3);
   Ustrcpy(rc,US signature->signature_header);
Index: src/transport.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/transport.c,v
retrieving revision 1.25
diff -u -r1.25 transport.c
--- src/transport.c    16 Nov 2009 19:50:37 -0000    1.25
+++ src/transport.c    15 Dec 2009 08:22:00 -0000
@@ -1034,7 +1034,9 @@
         if (dkim_strict_result != NULL) {
           if ( (strcmpic(dkim_strict,US"1") == 0) ||
                (strcmpic(dkim_strict,US"true") == 0) ) {
-            save_errno = errno;
+            /* Set errno to something halfway meaningful */
+            save_errno = EACCES;
+            log_write(0, LOG_MAIN, "DKIM: message could not be signed, and dkim_strict is set. Deferring message delivery.");
             rc = FALSE;
             goto CLEANUP;
           }