Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: [milter-greylist] DKIM and ACL syntax

2010-09-03 by John Wood

> I amaffraid you will have to add a few printf in the code to debug 
> this.
> 
> In dkim.c, you will want to watch what happens to priv->priv_dkimstat

Alright, I've done this by using gdb on a live session. The results are 
somewhat interesting:

(gdb) break dkimcheck_validate
Breakpoint 1 at 0x806b2d6: file dkimcheck.c, line 235.
(gdb) cont
Continuing.
[Switching to Thread 285b9b00 (LWP 100095)]

Breakpoint 1, dkimcheck_validate (ad=0x28512318, stage=AS_DATA, 
ap=0xbf5f98e8, priv=0x286aed00) at dkimcheck.c:235
235             if (stage != AS_DATA) {
(gdb) bt
#0  dkimcheck_validate (ad=0x28512318, stage=AS_DATA, ap=0xbf5f98e8, 
priv=0x286aed00) at dkimcheck.c:235
#1  0x0806551a in acl_filter (stage=AS_DATA, ctx=0x28640180, 
priv=0x286aed00) at acl.c:1902
#2  0x0804cb50 in real_eom (ctx=0x28640180) at milter-greylist.c:938
#3  0x0804b3b6 in mlfi_eom (ctx=0x28640180) at milter-greylist.c:265
#4  0x282ccc54 in st_bodyend () from /usr/local/lib/libmilter.so.4
#5  0x282ccfd2 in mi_engine () from /usr/local/lib/libmilter.so.4
#6  0x282ceb75 in mi_worker () from /usr/local/lib/libmilter.so.4
#7  0x282dc75f in pthread_getprio () from /lib/libthr.so.3
#8  0x00000000 in ?? ()
(gdb) n
240             stat = ad ? *(enum spf_status *)ad : MGSPF_PASS;
(gdb) n
242             switch (stat) {
(gdb) n
275                     result = (priv->priv_dkimstat == 
DKIM_STAT_NOSIG);
(gdb) n
276                     break;
(gdb) p stat
$1 = MGSPF_NONE
(gdb) p result
$2 = 0
(gdb) p priv->priv_dkimstat
$3 = 0
(gdb) p ad
$4 = (acl_data_t *) 0x28512318
(gdb) p *ad
$5 = {netblock = {addr = 0x6, mask = 0x30000000, salen = 1342177282, 
cidr = 1610612740},
  string = 0x6 <Error reading address 0x6: Bad address>, regex = {re = 
0x6,
    re_copy = 0x30000000 <Error reading address 0x30000000: Bad 
address>, nmatch = 1342177282}, list = 0x6,
  macro = 0x6, dnsrbl = 0x6, urlcheck = 0x6, prop = 0x6, opnum = {op = 
6, num = 805306368}, clockspec = 0x6,
  spf_status = MGSPF_NONE, dkim_status = MGSPF_NONE, ratelimit_conf = 
0x6}
(gdb) p *(enum spf_status *)ad
$6 = MGSPF_NONE
(gdb) up
#1  0x0806551a in acl_filter (stage=AS_DATA, ctx=0x28640180, 
priv=0x286aed00) at acl.c:1902
1902                            if ((found = (*ac->ac_acr->acr_filter)

It looks like result = (priv->priv_dkimstat == DKIM_STAT_NOSIG); is the 
reason. This is strange because milter-greylist is linked against the 
same library as the DKIM milter running, which validates the signature 
just fine. While I don't understand all of the code, it is also 
interesting to point out that while it seems to get NOSIG, the ACL for 
"pass" is matching; which also seems incorrect? as it should be NONE and 
not match: spf pass dkim pass.

John

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.