trusteddomainproject / openarc Goto Github PK
View Code? Open in Web Editor NEWOpen source ARC implementation
License: BSD 2-Clause "Simplified" License
openarc's Introduction
OPENARC README ============== This directory has the latest open source ARC filter software from The Trusted Domain Project. There is a web site at http://www.trusteddomain.org that is home for the latest updates. +--------------+ | INTRODUCTION | +--------------+ The Trusted Domain Project (TDP) is a non-profit corporation dedicated to research and development of technologies that promote trust in the use of domain names in on the Internet. OpenARC is an initiative of TDP, and is primarily community effort to develop and maintain an open source library for producing ARC-aware applications, and a "milter"-based filter for providing ARC service. ARC is a technology proposal, put forward by a consortium of organizations, intended to allow a chain of message handlers (typically email operators) to confirm handling by trusted upstream handlers in an attempt to confirm the valid use of certain identifiers in the message. ARC is still experimental, and its specification may change. This package is intended for use by operators willing to take part in the experiment and provide their feedback to the development team. "milter" is a portmanteau of "mail filter" and refers to a protocol and API for communicating mail traffic information between MTAs and mail filtering plug-in applications. It was originally invented at Sendmail, Inc. but has also been adapted to other MTAs. A substantial amount of the code here is based on code developed as part of The OpenDKIM Project, also a TDP activity, which started as a code fork of version 2.8.3 of the open source "dkim-milter" package developed and maintained by Sendmail, Inc. The license used by The OpenDKIM Project is found in the LICENSE file. Portions of this project are also covered by the Sendmail Open Source License, available in this distribution in the file "LICENSE.Sendmail". See the copyright notice(s) in each source file to determine whether or not it is covered by both licenses. This package consists of a library that implements the ARC service and a milter-based filter application that can plug in to any milter-aware MTA to provide that service to sufficiently recent sendmail, Postfix or other MTAs that support the milter protocol. +--------------+ | DEPENDENCIES | +--------------+ To compile and operate, this package requires the following: o OpenSSL (http://www.openssl.org, or ask your software vendor for a package). Any version will get you started, however v0.9.8 or later is required if you want to be able to sign or verify messages using the SHA256 message digest algorithm which is generally required for current DKIM applications. o sendmail v8.13.0 (or later), or Postfix 2.3, (or later) and libmilter. (These are only required if you are building the filter.) o Access to a working nameserver (required only for signature verification). o On Linux systems, either libbsd (BSD compatibility library) or some other library that provides strlcat() and strlcpy(). o If you are interested in tinkering with the build and packaging structure, you may need to upgrade to these versions of GNU's "autotools" components: autoconf (GNU Autoconf) 2.61 automake (GNU automake) 1.7 (or 1.9 to avoid warnings) ltmain.sh (GNU libtool) 2.2.6 (or 1.5.26 after make maintainer-clean) +-----------------------+ | RELATED DOCUMENTATION | +-----------------------+ The man page for openarc (the actual filter program) is present in the openarc directory of this source distribution. There is additional information in the INSTALL and FEATURES files, and in the README file in the openarc directory. Changes are documented in the RELEASE_NOTES file. HTML-style documentation for libarc is available in libarc/docs in this source distribution. Mailing lists discussing and supporting the ARC software found in this package are maintained via a list server at trusteddomain.org. Visit http://www.trusteddomain.org to subscribe or browse archives. The available lists are: openarc-announce (moderated) Release announcements. openarc-users General OpenARC user questions and answers. openarc-dev Chatter among OpenARC developers. Bug tracking is done via the issue trackers on GitHub, at https://github.com/mskucherawy/OpenARC/issues. You can enter new bug reports there, but please check first for older bugs already open, or even already closed, before opening a new issue. +---------+ | WARNING | +---------+ Since OpenARC uses cryptography, the following information from OpenSSL applies to this package as well. PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY. If you use OpenSSL then make sure you read their README file which contains information about patents etc. +---------------------+ | DIRECTORY STRUCTURE | +---------------------+ contrib A collection of user contributed scripts that may be useful. docs A collection of RFCs and drafts related to opendkim. libopenarc A library that implements the proposed ARC service. libopenarc/docs HTML documentation describing the API provided by libopenarc. openarc A milter-based filter application which uses libopenarc to provide ARC service via an MTA using the milter protocol. +----------------+ | RUNTIME ISSUES | +----------------+ WARNING: symbol 'X' not available The filter attempted to get some information from the MTA that the MTA did not provide. At various points in the interaction between the MTA and the filter, certain macros containing information about the job in progress or the connection being handled are passed from the MTA to the filter. In the case of sendmail, the names of the macros the MTA should pass to the filter are defined by the "Milter.macros" settings in sendmail.cf, e.g. "Milter.macros.connect", "Milter.macros.envfrom", etc. This message indicates that the filter needed the contents of macro X, but that macro was not passed down from the MTA. Typically the values needed by this filter are passed from the MTA if the sendmail.cf was generated by the usual m4 method. If you do not have those options defined in your sendmail.cf, make sure your M4 configuration files are current and rebuild your sendmail.cf to get appropriate lines added to your sendmail.cf, and then restart sendmail. MTA timeouts By default, the MTA is configured to wait up to ten seconds for a response from a filter before giving up. When querying remote nameservers for key and policy data, the ARC filter may not get a response from the resolver within that time frame, and thus this MTA timeout will occur. This can cause messages to be rejected, temp-failed or delivered without verification, depending on the failure mode selected for the filter. When using the standard resolver library provided with your system, the DNS timeout cannot be adjusted. If you encounter this problem, you must increase the time the MTA waits for replies. See the documentation in the sendmail open source distribution (libmilter/README in particular) for instructions on changing these timeouts. d2i_PUBKEY_bio() failed After retrieving and decoding a public key to perform a message verification, the OpenSSL library attempted to make use of that key but failed. The known possible causes are: (a) Memory exhaustion (b) Key corruption If you're set to temp-fail messages in these cases, the remote end will probably retry the message. If the same message fails again later, the key is probably corrupted or otherwise invalid. Other OpenARC issues: Report any bugs to the email address [email protected] or to the GitHub issue trackers accessible at: https://github.com/mskucherawy/OpenARC/issues +-----------------------------+ | Sendmail REWRITING FEATURES | +-----------------------------+ There are two features of the sendmail MTA which, if activated, can interfere with successful use of the DKIM service. The two features are MASQUERADE_AS and FEATURE(genericstable). See cf/README in the open source sendmail source code distribution for more information. Due to the way the milter protocol is incorporated into the MTA, openarc sees the headers before they are modified as required by those two features. This means any signature is generated based on the headers originally injected by the mail client and not on the headers which are actually sent out by the MTA. As a result, the verifying agent at the receiver's side will be unable to verify the signature as the signed data and the received data don't match. The suggested solutions to this problem are: (1) Send mail with the headers already written as needed, obviating the need for these features (or just turn them off). (2) Have two MTAs set up, either on separate boxes or on the same box. The first MTA should do all of the rewriting (i.e. use these two features) and the second one should use opendkim to add the signature and do no rewriting at all. (3) Have multiple DaemonPortOptions lines in your configuration file. The first daemon port (port 25) does the header rewriting and then routes the message to the second port; the latter does no rewriting but does the signing and then sends the message on its way. There is also a feature of Sendmail that will cause it to alter addresses after signing but before they are transmitted. The feature, which is on by default, passes addresses in header fields to the resolver functions to ensure they are canonical. This can result in the replacement of those strings in the sent message with their canonical forms only after the message is signed, which will invalidate the signatures. To suppress this feature, add the following line to your sendmail.mc and submit.mc configuration files, re-generate your configuration and restart the filter: FEATURE(`nocanonify') -- Copyright (c) 2010-2012, 2014, 2016, 2017, The Trusted Domain Project. All rights reserved.
openarc's People
Contributors
Stargazers
Watchers
Forkers
valimail rotdrop mdomsch juh flowerysong zombig jsoref jcbf gschlossnagle andatche andreasschulze cloud-architecture spinboldok xavierba seriv brbart rtista niko-lay flopraden tih erwanlegrand mabry1985 anewsmurf macmisu bozzg gene-hightower minfrin mxguardian donfanning glts lenlo jot69 dangyajun ikedas nabbi its-core-applications mrpeteh palw3ey cyberflamego drremorse dn-forks dnobori simplelists lquidfireopenarc's Issues
OpenARC doesn't sign the correct headers when a failing chain is detected
The following 2 tests of the signing ARC test suite fail:
i1_base_fail
i2_base_fail
The ARC rfc specifies that when an intermediary has verified the current ARC chain to be failing, and if it is the first intermediary to do so, then the ARC fields to be signed into the b= tag of the current ARC-Seal, are to only be those generated by the current intermediary. OpenARC doesn't appear to have the logic to do this.
Problem during compiling
Hi,
Excuse me if this is not the correct forum, but I have a question regarding the installation of OpenARC
Ubuntu 14.04.5 LTS
My steps:
"git down" the openARC repo:
git clone https://github.com/trusteddomainproject/OpenARC/
Running autoconf:
configure.ac:37: error: possibly undefined macro: AM_INIT_AUTOMAKE
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
configure.ac:65: error: possibly undefined macro: AM_PROG_CC_C_O
configure.ac:66: error: possibly undefined macro: AC_PROG_LIBTOOL
configure.ac:375: error: possibly undefined macro: AM_CONDITIONAL
configure.ac:560: error: possibly undefined macro: AC_MSG_WARN
automake:
configure.ac:36: error: required directory ./build-aux does not exist
configure.ac: error: no proper invocation of AM_INIT_AUTOMAKE was found.
configure.ac: You should verify that configure.ac invokes AM_INIT_AUTOMAKE,
configure.ac: that aclocal.m4 is present in the top-level directory,
configure.ac: and that aclocal.m4 was recently regenerated (using aclocal)
configure.ac:844: error: required file 'build-aux/config.guess' not found
configure.ac:844: 'automake --add-missing' can install 'config.guess'
configure.ac:844: error: required file 'build-aux/config.sub' not found
configure.ac:844: 'automake --add-missing' can install 'config.sub'
configure.ac:44: error: required file 'build-config.h.in' not found
libopenarc/Makefile.am:6: error: DEBUG does not appear in AM_CONDITIONAL
libopenarc/Makefile.am:17: error: ALL_SYMBOLS does not appear in AM_CONDITIONAL
libopenarc/Makefile.am:21: error: RPATH does not appear in AM_CONDITIONAL
libopenarc/Makefile.am:11: error: Libtool library used but 'LIBTOOL' is undefined
libopenarc/Makefile.am:11: The usual way to define 'LIBTOOL' is to add 'LT_INIT'
libopenarc/Makefile.am:11: to 'configure.ac' and run 'aclocal' and 'autoconf' again.
libopenarc/Makefile.am:11: If 'LT_INIT' is in 'configure.ac', make sure
libopenarc/Makefile.am:11: its definition is in aclocal's search path.
libopenarc/Makefile.am: error: required file 'build-aux/depcomp' not found
libopenarc/Makefile.am: 'automake --add-missing' can install 'depcomp'
/usr/share/automake-1.14/am/depend2.am: error: am__fastdepCC does not appear in AM_CONDITIONAL
/usr/share/automake-1.14/am/depend2.am: The usual way to define 'am__fastdepCC' is to add 'AC_PROG_CC'
/usr/share/automake-1.14/am/depend2.am: to 'configure.ac' and run 'aclocal' and 'autoconf' again
/usr/share/automake-1.14/am/depend2.am: error: AMDEP does not appear in AM_CONDITIONAL
/usr/share/automake-1.14/am/depend2.am: The usual way to define 'AMDEP' is to add one of the compiler tests
/usr/share/automake-1.14/am/depend2.am: AC_PROG_CC, AC_PROG_CXX, AC_PROG_OBJC, AC_PROG_OBJCXX,
/usr/share/automake-1.14/am/depend2.am: AM_PROG_AS, AM_PROG_GCJ, AM_PROG_UPC
/usr/share/automake-1.14/am/depend2.am: to 'configure.ac' and run 'aclocal' and 'autoconf' again
openarc/Makefile.am:4: error: DEBUG does not appear in AM_CONDITIONAL
openarc/Makefile.am:8: error: BUILD_FILTER does not appear in AM_CONDITIONAL
After that, I can see that "configure" is created. When I try to run it, I get the following:
configure: error: cannot find install-sh, install.sh, or shtool in build-aux "."/build-aux
What is the recommended installation process?
ARC Message Signature Validation Fixes
There are several bugs in how OpenARC validates the ARC Message Signature.
Notes:
- The following items are not validated properly/per spec:
- a=sha1 is ignored
- Failed ams_fields_a_sha1: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L1960
- c= is ignored (openarc believes everything should be relaxed - this may or may not be correct depending upon WG discussion)
- Failed ams_fields_c_na: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L3146
- Failed ams_fields_c_invalid: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L3310
- Failed ams_fields_c_empty: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L3187
- Failed ams_fields_bh_sim_inl_wsp: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L2734
- Failed ams_fields_c_sr: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L3269
- Failed ams_fields_c_ss: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L3228
- d= and s= are ignored (only the d= and s= from the ARC Seal appear to be used)
- Failed ams_fields_d_invalid: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L3433
- Failed ams_fields_d_empty: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L3392
- Failed ams_fields_s_empty: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L4124
- a=sha1 is ignored
Acceptance Criteria:
- The AMS validates correctly
Just does not work?
No flames intended, this is work in progress. Nevertheless I thought I'd give it a try :) So just some feed-back, partly redundant with other issueds reported here
-
it doesn't build, unless you apply the fixes from the recent build-pull-request. It just does not build otherwise
-
the config-file man-page is just out of date
-
just one working setup example for installation? Daemon complains: domain missing, key-file missing, selector missing. If I supply (just as a quick hack) the config from opendkim, then the daemon is caught in an infinite loop and at some point catches the kernels out-of-memory-oom.
One working example build and config? Or should we just wait a little bit longer until the project has stabilized?
All of the above just sounds too negative. My kind thanks to the author for his efforts! If you have something I could test: I have two servers under my control, including a test-mailing list in order to ping-pong messages through the respective validation frame-works.
"Simple" header canonicalization tests from ValiMail suite failing
Tests ams_fields_c_sr and ams_fields_c_ss from ValiMail's suite are failing for me.
Since these are the only two using "simple" header canonicalization, there might be an issue
with that.
message rejected, "error processing at end of header"
An error in the OpenARC milter appears to be causing the MTA to refuse to accept messages that contain ARC headers. Issue was reported by a tester sending a message signed by another implementation; I've reproduced it with the steps below.
Take the following message and send it through the auto-reply function over at indirect.dmarctest.org (I've obfuscated addresses lamely below):
To: [email protected]
From: [email protected]
Subject: Trying something w/ ARC headers
This is a completely bogus message.
--S.
That message goes through, and the reply comes with fresh ARC headers as expected.
However If I take the same message and insert a set of ARC headers generated by the current OpenARC milter for a different message:
ARC-Seal: i=1; a=rsa-sha1; d=dmarctest.org; s=indirect; t=1474650710; b=hni1X3UW
0/PFPAos+lKXM1PyalZotcewWJq2lhlo4hCr5vwgZTcH/Wl7VoTeTamC1AIDNmBGoVjEUOoA0aY8mr60
lMmU7Pa+4Gh9k5+hVudFl7X6x85VTZHhcUB5iU38FbCn0NLCrr4D4BxR0ZrgkUMiV4w4SoiHhpj+av/1
PCQ=
ARC-Message-Signature: i=1; a=rsa-sha1; d=dmarctest.org; s=indirect; t=147465071
0; bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; h=Received:Date:Message-Id:M
IME-Version:From:To:Subject:X-Mailer:Organization:Content-Type; b=myMPIWfiJDsOb2
g5iG8cOMfjHFuJp5mLPvzPHRr/RzxKuzEP6O6K2Gea1KVvRubxsvbG2G/z+V+uWmDzmUpebjLG+fK09k
OY5CNbTBZK5oMYU+prVLHStapPlatedDA5WIc48NMg6v90qB2Wi2hcnMgBwA7LLpeqk3HeswvoRiE=
ARC-Authentication-Results: i=1 indirect.dmarctest.org; none
To: [email protected]
From: [email protected]
Subject: Trying something w/ ARC headers
This is a completely bogus message.
--S.
I do not get an ARC failure -- in fact, the milter appears to cause the MTA to refuse to accept the message. Here is what the MTA logs:
Sep 23 10:24:18 indirect sm-mta[85102]: STARTTLS=server, relay=segv.crash.com [IPv6:2001:470:1:1e9::4415], version=TLSv1, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Sep 23 10:24:18 indirect sm-mta[85102]: u8NHOGtr085102: from=<[email protected]>, size=1912, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTPS, daemon=IPv6, relay=segv.crash.com [IPv6:2001:470:1:1e9::4415]
**Sep 23 10:24:18 indirect openarc[84412]: u8NHOGtr085102: error processing at end of header**
Sep 23 10:24:18 indirect sm-mta[85102]: u8NHOGtr085102: Milter: data, reject=451 4.3.2 Please try again later
Sep 23 10:24:18 indirect sm-mta[85102]: u8NHOGtr085102: to=<[email protected]>, delay=00:00:00, pri=31912, stat=Please try again later
Source of OpenARC milter is a tarball prepared by msk last night (should be Latest commit 0652d86).
MTA is sendmail 8.15.2
Host OS is FreeBSD 10.2-RELEASE-p14
deb and rpm packages.
@mskucherawy Kudos on this project - OpenARC!
Would it be possible for you to setup a small virtual build server to automatically build deb and rpm packages for the most common linux distros, debian, ubuntu, centos, fedora, etc.?
Proper A-R stamping per spec
Right now, OpenARC just stamps arc=[pass|fail|none] in the A-R. This now needs to be updated since the spec has settled for stamping: https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-14#section-4.1
OpenARC is not merging AR headers
The following 2 tests of the signing ARC test suite fail:
ar_merged1
ar_merged2
The specification states that upon generation of AAR headers in the ARC set, the intermediary is to merge all AR headers from trusted intermediaries into one.
OpenARC failing to sign previously ARC signed messages
The following 2 tests of the signing ARC test suite fail:
i1_base
i2_base
OpenARC seems like it categorically does not correctly sign messages that have already been signed by a previous intermediary. I haven't looked closely, but at the very least it messes up creating AMS's as it seems to strip the b= tag from the previous AMS header & canonicalizes that instead of creating a new AMS with an empty b=
Flags for inbound (verify seal) and outbound (generate new seal) milter processing
OpenARC cannot validate and sign a message in the same milter pass as one would naively hope, as validation must occur before a message is modified, and signing cannot occur until after the message is modified. Therefore, OpenARC needs the ability to run in two passes, one for inbound messages (validation and stamping of Authentication Results), and one for outbound messages (applying a seal).
Notes:
- The current openarc milter runs validate/sign in one pass
- This could mean either milter logic that determines which pass to run, or
- More likely just a command line option that specifies which mode to run in (which would result in two running milters)
Acceptance Criteria:
- OpenARC milters where message modification can be sandwiched between passes properly
Core Dump - Ubuntu
Ubuntu 16.04.4 LTS (Edit : after first error I started using a Ubuntu 18.04.1 system - for newer compiles)
with Postfix (but haven't gotten that far)
I installed all needed packages/deps (afaik). I get no errors in './configure'.
This was a clean compile using commands below. Have re-cloned/reproduced.
Basically I did this:
git clone https://github.com/trusteddomainproject/OpenARC.git
cd OpenARC/
autoreconf -fvi
./configure
make
sudo make install
sudo ldconfig
sudo mkdir /etc/openarc
sudo cat <<EOF >> /etc/openarc/openarc.conf
KeepTemporaryFiles yes
Syslog yes
Domain example.net
Selector example
KeyFile /some-dkimkeys-location/dkim2048.key
UserID opendkim
Socket inet:8999@localhost
EOF
then-
sudo -u opendkim openarc -c /etc/openarc/openarc.conf -n
gives:
*** Error in `openarc': free(): invalid pointer: 0x000000000040e1fa ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f4c1f5d37e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7f4c1f5dc37a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f4c1f5e053c]
openarc[0x408ce8]
openarc[0x408d63]
openarc[0x405063]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7f4c1f57c830]
openarc[0x405159]
======= Memory map: ========
00400000-00412000 r-xp 00000000 fc:00 402291 /usr/local/sbin/openarc
00611000-00612000 r--p 00011000 fc:00 402291 /usr/local/sbin/openarc
00612000-00613000 rw-p 00012000 fc:00 402291 /usr/local/sbin/openarc
00613000-00623000 rw-p 00000000 00:00 0
022a4000-022c5000 rw-p 00000000 00:00 0 [heap]
7f4c18000000-7f4c18021000 rw-p 00000000 00:00 0
7f4c18021000-7f4c1c000000 ---p 00000000 00:00 0
7f4c1e902000-7f4c1e918000 r-xp 00000000 fc:00 4325906 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f4c1e918000-7f4c1eb17000 ---p 00016000 fc:00 4325906 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f4c1eb17000-7f4c1eb18000 rw-p 00015000 fc:00 4325906 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f4c1eb18000-7f4c1eb23000 r-xp 00000000 fc:00 4331171 /lib/x86_64-linux-gnu/libnss_files-2.23.so
7f4c1eb23000-7f4c1ed22000 ---p 0000b000 fc:00 4331171 /lib/x86_64-linux-gnu/libnss_files-2.23.so
7f4c1ed22000-7f4c1ed23000 r--p 0000a000 fc:00 4331171 /lib/x86_64-linux-gnu/libnss_files-2.23.so
7f4c1ed23000-7f4c1ed24000 rw-p 0000b000 fc:00 4331171 /lib/x86_64-linux-gnu/libnss_files-2.23.so
7f4c1ed24000-7f4c1ed2a000 rw-p 00000000 00:00 0
7f4c1ed2a000-7f4c1ed35000 r-xp 00000000 fc:00 4331187 /lib/x86_64-linux-gnu/libnss_nis-2.23.so
7f4c1ed35000-7f4c1ef34000 ---p 0000b000 fc:00 4331187 /lib/x86_64-linux-gnu/libnss_nis-2.23.so
7f4c1ef34000-7f4c1ef35000 r--p 0000a000 fc:00 4331187 /lib/x86_64-linux-gnu/libnss_nis-2.23.so
7f4c1ef35000-7f4c1ef36000 rw-p 0000b000 fc:00 4331187 /lib/x86_64-linux-gnu/libnss_nis-2.23.so
7f4c1ef36000-7f4c1ef4c000 r-xp 00000000 fc:00 4325556 /lib/x86_64-linux-gnu/libnsl-2.23.so
7f4c1ef4c000-7f4c1f14b000 ---p 00016000 fc:00 4325556 /lib/x86_64-linux-gnu/libnsl-2.23.so
7f4c1f14b000-7f4c1f14c000 r--p 00015000 fc:00 4325556 /lib/x86_64-linux-gnu/libnsl-2.23.so
7f4c1f14c000-7f4c1f14d000 rw-p 00016000 fc:00 4325556 /lib/x86_64-linux-gnu/libnsl-2.23.so
7f4c1f14d000-7f4c1f14f000 rw-p 00000000 00:00 0
7f4c1f14f000-7f4c1f157000 r-xp 00000000 fc:00 4330534 /lib/x86_64-linux-gnu/libnss_compat-2.23.so
7f4c1f157000-7f4c1f356000 ---p 00008000 fc:00 4330534 /lib/x86_64-linux-gnu/libnss_compat-2.23.so
7f4c1f356000-7f4c1f357000 r--p 00007000 fc:00 4330534 /lib/x86_64-linux-gnu/libnss_compat-2.23.so
7f4c1f357000-7f4c1f358000 rw-p 00008000 fc:00 4330534 /lib/x86_64-linux-gnu/libnss_compat-2.23.so
7f4c1f358000-7f4c1f35b000 r-xp 00000000 fc:00 4327662 /lib/x86_64-linux-gnu/libdl-2.23.so
7f4c1f35b000-7f4c1f55a000 ---p 00003000 fc:00 4327662 /lib/x86_64-linux-gnu/libdl-2.23.so
7f4c1f55a000-7f4c1f55b000 r--p 00002000 fc:00 4327662 /lib/x86_64-linux-gnu/libdl-2.23.so
7f4c1f55b000-7f4c1f55c000 rw-p 00003000 fc:00 4327662 /lib/x86_64-linux-gnu/libdl-2.23.so
7f4c1f55c000-7f4c1f71c000 r-xp 00000000 fc:00 4327657 /lib/x86_64-linux-gnu/libc-2.23.so
7f4c1f71c000-7f4c1f91c000 ---p 001c0000 fc:00 4327657 /lib/x86_64-linux-gnu/libc-2.23.so
7f4c1f91c000-7f4c1f920000 r--p 001c0000 fc:00 4327657 /lib/x86_64-linux-gnu/libc-2.23.so
7f4c1f920000-7f4c1f922000 rw-p 001c4000 fc:00 4327657 /lib/x86_64-linux-gnu/libc-2.23.so
7f4c1f922000-7f4c1f926000 rw-p 00000000 00:00 0
7f4c1f926000-7f4c1f93e000 r-xp 00000000 fc:00 4327656 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f4c1f93e000-7f4c1fb3d000 ---p 00018000 fc:00 4327656 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f4c1fb3d000-7f4c1fb3e000 r--p 00017000 fc:00 4327656 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f4c1fb3e000-7f4c1fb3f000 rw-p 00018000 fc:00 4327656 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f4c1fb3f000-7f4c1fb43000 rw-p 00000000 00:00 0
7f4c1fb43000-7f4c1fb56000 r-xp 00000000 fc:00 4325876 /lib/x86_64-linux-gnu/libbsd.so.0.8.2
7f4c1fb56000-7f4c1fd55000 ---p 00013000 fc:00 4325876 /lib/x86_64-linux-gnu/libbsd.so.0.8.2
7f4c1fd55000-7f4c1fd56000 r--p 00012000 fc:00 4325876 /lib/x86_64-linux-gnu/libbsd.so.0.8.2
7f4c1fd56000-7f4c1fd57000 rw-p 00013000 fc:00 4325876 /lib/x86_64-linux-gnu/libbsd.so.0.8.2
7f4c1fd57000-7f4c1fd58000 rw-p 00000000 00:00 0
7f4c1fd58000-7f4c1fd6f000 r-xp 00000000 fc:00 4330530 /lib/x86_64-linux-gnu/libresolv-2.23.so
7f4c1fd6f000-7f4c1ff6f000 ---p 00017000 fc:00 4330530 /lib/x86_64-linux-gnu/libresolv-2.23.so
7f4c1ff6f000-7f4c1ff70000 r--p 00017000 fc:00 4330530 /lib/x86_64-linux-gnu/libresolv-2.23.so
7f4c1ff70000-7f4c1ff71000 rw-p 00018000 fc:00 4330530 /lib/x86_64-linux-gnu/libresolv-2.23.so
7f4c1ff71000-7f4c1ff73000 rw-p 00000000 00:00 0
7f4c1ff73000-7f4c2018d000 r-xp 00000000 fc:00 4325415 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7f4c2018d000-7f4c2038c000 ---p 0021a000 fc:00 4325415 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7f4c2038c000-7f4c203a8000 r--p 00219000 fc:00 4325415 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7f4c203a8000-7f4c203b4000 rw-p 00235000 fc:00 4325415 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7f4c203b4000-7f4c203b7000 rw-p 00000000 00:00 0
7f4c203b7000-7f4c20415000 r-xp 00000000 fc:00 4325414 /lib/x86_64-linux-gnu/libssl.so.1.0.0
7f4c20415000-7f4c20615000 ---p 0005e000 fc:00 4325414 /lib/x86_64-linux-gnu/libssl.so.1.0.0
7f4c20615000-7f4c20619000 r--p 0005e000 fc:00 4325414 /lib/x86_64-linux-gnu/libssl.so.1.0.0
7f4c20619000-7f4c20620000 rw-p 00062000 fc:00 4325414 /lib/x86_64-linux-gnu/libssl.so.1.0.0
7f4c20620000-7f4c2062e000 r-xp 00000000 fc:00 403501 /usr/lib/x86_64-linux-gnu/libmilter.so.1.0.1
7f4c2062e000-7f4c2082d000 ---p 0000e000 fc:00 403501 /usr/lib/x86_64-linux-gnu/libmilter.so.1.0.1
7f4c2082d000-7f4c2082e000 r--p 0000d000 fc:00 403501 /usr/lib/x86_64-linux-gnu/libmilter.so.1.0.1
7f4c2082e000-7f4c2082f000 rw-p 0000e000 fc:00 403501 /usr/lib/x86_64-linux-gnu/libmilter.so.1.0.1
7f4c2082f000-7f4c20831000 rw-p 00000000 00:00 0
7f4c20831000-7f4c20840000 r-xp 00000000 fc:00 402287 /usr/local/lib/libopenarc.so.0.0.0
7f4c20840000-7f4c20a3f000 ---p 0000f000 fc:00 402287 /usr/local/lib/libopenarc.so.0.0.0
7f4c20a3f000-7f4c20a40000 r--p 0000e000 fc:00 402287 /usr/local/lib/libopenarc.so.0.0.0
7f4c20a40000-7f4c20a41000 rw-p 0000f000 fc:00 402287 /usr/local/lib/libopenarc.so.0.0.0
7f4c20a41000-7f4c20a67000 r-xp 00000000 fc:00 4325809 /lib/x86_64-linux-gnu/ld-2.23.so
7f4c20c3c000-7f4c20c43000 rw-p 00000000 00:00 0
7f4c20c65000-7f4c20c66000 rw-p 00000000 00:00 0
7f4c20c66000-7f4c20c67000 r--p 00025000 fc:00 4325809 /lib/x86_64-linux-gnu/ld-2.23.so
7f4c20c67000-7f4c20c68000 rw-p 00026000 fc:00 4325809 /lib/x86_64-linux-gnu/ld-2.23.so
7f4c20c68000-7f4c20c69000 rw-p 00000000 00:00 0
7ffda0f7f000-7ffda0fa0000 rw-p 00000000 00:00 0 [stack]
7ffda0fa0000-7ffda0fa3000 r--p 00000000 00:00 0 [vvar]
7ffda0fa3000-7ffda0fa5000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
If I run the keyfile with root priv, it amounts to same - though I get an ownership error/warning as well. (The opendkim key is 600 permission - owned by user 'opendkim'). I do not think it's a key/perms/user issue - it is reading key fine above. I always get a core dump no matter what I do.
Any help is appreciated.
beta0 possible fails
ARC-Authentication-Results
ARC-Message-Signature
ARC-Seal
begin with a space in headers
and a minor
ARC-Filter: OpenARC Filter v0.1.0 mx.example.org A0CA21BE195
version still says it for beta0
openarc: error while loading shared libraries
openarc: error while loading shared libraries: libopenarc.so.0: cannot open shared object file: No such file or directory
This error message is what I get when trying to do openarc -V
I downloaded and compiled as follows:
# autoreconf -fvi
# ./configure
# make
# make install
What have I missed?
ARC-Authentication-Results header missing spaces between fields
Note below in the ARC-Authentication-Results header, spaces missing after header.from=value before spf= and space missing after smtp.mailfrom value before dkim=.
Mail originates from [email protected] (hosted in Google Apps for Nonprofits), coming to [email protected] (my personal domain running sendmail).
Received: from mail-qt0-x235.google.com (mail-qt0-x235.google.com [IPv6:2607:f8b0:400d:c0d::235]) by do2.domsch.com (8.14.4/8.14.4) with ESMTP id v6JDcq7T011858 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=OK) for <[email protected]>; Wed, 19 Jul 2017 13:38:53 GMT
Authentication-Results: do2.domsch.com; arc=none header.d=domsch.com
ARC-Seal: i=1; a=rsa-sha256; d=domsch.com; s=seal-20170618; t=1500471539; cv=none; b=vWlxJw7o/Bc9c3Zo6r1eNWPbJngpyUFs4pk6RjG+JfUtyTli2jfMPJtSNA8h+hXJc2buOONNso8wRZ859t65fsbQyI6igl+jLNsh87DN9FJTG9DSW/t22e3sYcq5QlLt526303uvypD84ZL8uMPx+tUGkBxxIp7/PJTWZv1w4cI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=domsch.com; s=seal-20170618; t=1500471539; c=relaxed/simple; bh=J3cdEvkky4iIA0yvUAxMVQizQ+ffGENXna7N5SXIiq8=; h=DMARC-Filter:Authentication-Results:Authentication-Results:
Authentication-Results:Received:DKIM-Signature:
X-Google-DKIM-Signature:X-Gm-Message-State:X-Received:MIME-Version:
Received:From:Date:Message-ID:Subject:To:Content-Type; b=aEfPGZOtpLdqJOFJVp4//wdYRoZUWEUFOJjl5qv5FIxs1i1eaImT0VBpqjtzVGrQR59sojLHz40UVm5hxEmd4tjSc57MeZUSfhsAwINv03TGAHlOCQqCnwAX7SRD8HooH8S4I2wFzMUCV5xBMPaFNTWKQJK/Pr6KYwc+VqH8ht0=
ARC-Authentication-Results: i=1; do2.domsch.com; dmarc=pass (p=none dis=none) header.from=nwayba.orgspf=pass [email protected]=pass (2048-bit key) header.d=nwayba.org [email protected] header.b=LjFv1MKs
DMARC-Filter: OpenDMARC Filter v1.3.2 do2.domsch.com v6JDcq7T011858
Authentication-Results: do2.domsch.com; dmarc=pass (p=none dis=none) header.from=nwayba.org
Authentication-Results: do2.domsch.com; spf=pass [email protected]
Minimal white list/reputation functionality for final receivers
As a small or corporate receiver at the last hop with no other arc-aware software in my world, I want the option to have openarc drop failed messages the same way opendmarc does.
Notes:
- This would be accomplished through a configuration option
- There would be a simple whitelist of known intermediaries provided
- The message would be dropped if:
- The chain state is not pass
- There is a signatory not on the whitelist
- The chain state is pass, all signatories are on the white list, but the initial DMARC disposition of the message was reject.
Acceptance Criteria:
- A receiver can configure an option, modify a whitelist, and openarc will properly drop bad chains, messages signed by untrusted parties, or messages whose initial dmarc disposition was a reject.
Out of Scope:
- Collecting an initial whitelist
- Handling quarantine or any other message rejection criteria outside the scope above
- Smarter AAR inspection for dmarc disposition than defined above
In signing mode, openarc needs to read the local cv status from the AR header
When operating in signing mode, the cv status needs to be read in so proper signing can happen.
Installation how-to
Hi,
where do I find installation document? I want to try this out, but how do I install and use it on Linux ?
"openarc -n" reports "illegal option"
Low-priority tracking item.
The help output ("openarc -h") and manual page (openarc(8)) for the OpenARC milter indicate that the "-n" flag will cause the milter to check the openarc.conf configuration file. However at run-time the milter reports this as an error:
1509 indirect# uname -a
FreeBSD indirect.dmarctest.org 10.2-RELEASE-p14 FreeBSD 10.2-RELEASE-p14 #0: Wed Mar 16 20:46:12 UTC 2016 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
1510 indirect#
1510 indirect# ../../sbin/openarc -n
openarc: illegal option -- n
-f don't fork-and-exit
-l log activity to system log
-n check configuration and exit
-P pidfile file into which to write process ID
-r require basic RFC5322 header compliance
-t testfile evaluate RFC5322 message in "testfile"
-u userid change to specified userid
-v increase verbosity during testing
-V print version number and terminate
: usage: openarc -p socketfile [options]
-A auto-restart
-c conffile read configuration from conffile
1511 indirect#
openarc process die
on openarc.org the MX is configured to use only one milter: openarc.
After update to today's version, the process die on any incoming message.
how to reproduce? send to [email protected]. the answer don't show ARC related header at all
I configured the milter "openarc_milter = { inet:[::1]:30068, default_action=accept }" so messages will not be deferred at all.
Unfortunately I can't get the process to write a core file. I set "ulimit -c unlimited" upon milter startup, configuration say "EnableCoredumps yes", "/proc/sys/kernel/core_pattern" contain "core", the process' working directory /is/ writeable.
But I get no core file :-/
rpmlint error missing-call-to-chdir-with-chroot
openarc.x86_64: E: missing-call-to-chdir-with-chroot /usr/sbin/openarc
This executable appears to call chroot without using chdir to change the
current directory. This is likely an error and permits an attacker to break
out of the chroot by using fchdir. While that's not always a security issue,
this has to be checked.
Add ability to control tag ordering in signature/seal generation
Makes unit tests easier to write.
Probably do this by letting the caller provide a string specifying the order, with some internal default (e.g., the current order), load up a list with all the values, and cherry-pick. This would go in arc_genamshdr(). There would need to be validation around mandatory tags being included, although failing to do so is really the user shooting itself in the foot.
Mail is deferred if A-R header cannot be parsed
OpenArc deferres a mail if it contains an A-R header that cannot be parsed.
As there are currently a lot of mails with a malformed A-R header sent by Hotmail/Outlook.com it might be a good idea to just ignore A-R headers that cannot be parsed.
Another problem:
OpenArc cannot parse this valid but empty A-R header:
Authentication-Results: authservid; none
make rsa-sha256 default
without configuration OpenARC generate seals using rsa-sha1
SHA1 is deprecated, SHA256 should be default
Missing rules and/or file openarc/openarc.conf.sample
First build of the package died because there was no openarc/openarc.conf.sample file, and no rules to create it. Perhaps it should be referring to openarc.conf.simple, which is present?
Complete build log attached just in case the preceding messages are wanted for review.
FreeBSD $HOSTNAME 10.2-RELEASE-p14 FreeBSD 10.2-RELEASE-p14 #0: Wed Mar 16 20:46:12 UTC 2016 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
Google fails to verify ARC
Wanted to write on mailing lists, unfortunately they are non-existent? (as per: http://www.trusteddomain.org/mailman/listinfo/ )
Using same key to sign as used to sign dkim headers google fails signature verification.
Build on FreeBSD 10.3:
openarc -V <[759][17:11]]
openarc: OpenARC Filter v0.1.0
Compiled with OpenSSL 1.0.1s-freebsd 1 Mar 2016
SMFI_VERSION 0x1000001
libmilter version 1.0.1
libopenarc 0.1.0:
Using postfix, milters after Amavisd.
OpenARC config used:
cat /usr/local/etc/openarc/openarc.conf <[760][17:20]]
AuthservID heteigenwijsje.nl
Domain heteigenwijsje.nl
KeyFile /var/lib/dkim/heteigenwijsje.nl.pem
Mode sv
PidFile /var/run/openarc.pid
Selector dkim
SignatureAlgorithm rsa-sha256
Socket inet:8899@localhost
SoftwareHeader yes
Syslog Yes
UserID vscan:vscan
E-mail headers (replace with zzzomeone in case of gmail and gijsje in heteigenwijsje case):
Delivered-To: <PRIVATE>@gmail.com
Received: by 10.28.28.136 with SMTP id c130csp768192wmc;
Wed, 11 Oct 2017 08:02:42 -0700 (PDT)
X-Google-Smtp-Source: AOwi7QBd5q+jBZiZUwQwL4vDRWwgAw3BQf1REX91IrEIEJZ7s0HrgXCjc+x9C6l/Iy1HbH+VDpRt
X-Received: by 10.80.139.164 with SMTP id m33mr4924985edm.289.1507734162668;
Wed, 11 Oct 2017 08:02:42 -0700 (PDT)
Return-Path: <<PRIVATE>@heteigenwijsje.nl>
Received: from smtp.heteigenwijsje.nl (smtp.heteigenwijsje.nl. [80.127.116.100])
by mx.google.com with ESMTPS id 1si517428edw.461.2017.10.11.08.02.42
for <<PRIVATE>@gmail.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Wed, 11 Oct 2017 08:02:42 -0700 (PDT)
Received-SPF: pass (google.com: domain of <PRIVATE>@heteigenwijsje.nl designates 80.127.116.100 as permitted sender) client-ip=80.127.116.100;
Authentication-Results: mx.google.com;
dkim=pass [email protected] header.s=dkim header.b=o/sOgCmP;
arc=fail (signature failed);
spf=pass (google.com: domain of <PRIVATE>@heteigenwijsje.nl designates 80.127.116.100 as permitted sender) smtp.mailfrom=<PRIVATE>@heteigenwijsje.nl;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=heteigenwijsje.nl
Received: from mailserv.heteigenwijsje.nl (localhost [127.0.0.1]) by smtp.heteigenwijsje.nl (Postfix) with ESMTP id 63DAA34794 for <<PRIVATE>@gmail.com>; Wed, 11 Oct 2017 17:02:40 +0200 (CEST)
ARC-Filter: OpenARC Filter v0.1.0 smtp.heteigenwijsje.nl 63DAA34794
Authentication-Results: heteigenwijsje.nl; arc=none header.d=heteigenwijsje.nl
ARC-Seal: i=1; a=rsa-sha256; d=heteigenwijsje.nl; s=dkim; t=1507734160; cv=none; b=dY5tKxOhqF/8KUsb3Bo7REygUiejdMtF+iC24oBjojTN2A6VHKyWw/o2jto9jhKnjimSmpYdNhdc2rGP7S+F1InghCkPGufk2iiZ/rrv/iKNgNc0LlJRQdudn0P+B/ZWat2HnGHn8CMqvIpbKpidcXYOmj51IPYwQSE5tmwCNmM=
ARC-Message-Signature: i=1; a=rsa-sha256; d=heteigenwijsje.nl; s=dkim; t=1507734160; c=relaxed/simple; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; h=DKIM-Signature:X-Virus-Scanned:Received:Received:To:From:Subject:
Message-ID:Date:User-Agent:MIME-Version:Content-Type:
Content-Transfer-Encoding:Content-Language; b=TRFkzksm2fVytyzdFNm4Up78OtNBDPf0sgNWo1pgkZECKwH+tsAXuj730I4ghUVEAv7WkTpV7BQBI3PoQqLwiX9ljUJOHDMcYFR+AQAxxE4+MHPVHV/xzyqWwzXxIH2TafWEYqVN9Wbcq3lk/Bmru+JG1SAhqefhh4w1U5OHeiM=
ARC-Authentication-Results: i=1; heteigenwijsje.nl; none
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=heteigenwijsje.nl; s=dkim; t=1507734160; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; h=To:From:Subject:Date; b=o/sOgCmPW6NaUTLVY7GV1AD6+hT4PNzeSWU6piwJJBEcD242lA0VAHBkvPwoa0kMK
N8DIWqhmiO9X7wWdespboQi8nzRFVZ6mYybDecWeR/SIg0cls7bZYzjYl8yAKOXxso
WnoKzyGThXM+tiexss4HEkHTSXtl4Yo9OuDRYsHY=
X-Virus-Scanned: amavisd-new at mailserv.heteigenwijsje.nl
Received: from smtp.heteigenwijsje.nl ([127.0.0.1]) by mailserv.heteigenwijsje.nl (mailserv.heteigenwijsje.nl [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id N7iioL2bFyX7 for <<PRIVATE>@gmail.com>; Wed, 11 Oct 2017 17:02:30 +0200 (CEST)
Received: from [IPv6:2001:984:a1fc:1:bc4f:29a2:28ba:ef40] (unknown [IPv6:2001:984:a1fc:1:bc4f:29a2:28ba:ef40]) by smtp.heteigenwijsje.nl (Postfix) with ESMTPSA id 742DB34789 for <<PRIVATE>@gmail.com>; Wed, 11 Oct 2017 17:02:30 +0200 (CEST)
To: <PRIVATE>@gmail.com
From: Gijs Peskens <<PRIVATE>@heteigenwijsje.nl>
Subject: test123
Message-ID: <[email protected]>
Date: Wed, 11 Oct 2017 17:02:30 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-Language: en-US
test
arc_eom:2274 appears to overwrite all states with ARC_CHAIN_PASS
arc_eom:2274 appears to overwrite all states with ARC_CHAIN_PASS
Hardfails should be softened and instead set cv values properly
OpenARC should never hardfail, it should only set the cv= value appropriately and move on.
Notes:
- OpenARC aborts in some instances where a message fails validation.
- Instead, ARC should set the cv to fail or invalid as appropriate.
- Some of these aborts appear to happen well before chain validation even begins
Acceptance Criteria:
- OpenARC should never abort early due to ARC-specific issues, failures therein should results in cv=fail or cv=invalid
Out of Scope:
- Any other reasons for openarc aborting early that aren't directly related to setting a cv value more appropriately
Make sure running openarc with the verification flag set has the appropriate output
As a user testing message verification from the CLI (or a test suite reading output from the CLI), I want a clear understanding of verification state.
Notes:
- Right now the verification flag returns the milter state (if verbosity is on) and nothing else, but should be returning either just the cv value or the updated headers where the cv value can be read from.
- The exact syntax we're talking about is: openarc -c openarc.conf -f -l -v -t [msgfile]
- the expected output should be the message with updated headers (i.e. the output that would be returned via the milter), but this is not the case currently
Acceptance Criteria:
- Running openarc with the verification flag should produce useful output to know the verification status
incorrect rpath spec linking with local openssl10, def'd in LIBCRYPTO_CFLAGS & LIBCRYPTO_LIBS
building head against a local install of openssl10 (afaict, there's no current support for openssl11?)
cd src/openarc
git log | head
commit 9892a9bcf7b7683fc5b8a550eab49cd2d59e1662
Author: Murray S. Kucherawy <[email protected]>
Date: Sat May 20 00:41:55 2017 -0700
First crack at chain validation. I only have one test case against which
to try this but the stuff it's now leaving in /tmp looks promising.
commit 863855e5d9ec9897f50507c9f3500da56b37e888
Author: Murray S. Kucherawy <[email protected]>
Date: Mon May 15 23:57:27 2017 -0700
echo $LIBCRYPTO_LIBS
-L/usr/local/openssl10/lib64 -Wl,-rpath,/usr/local/openssl10/lib64 -lssl -lcrypto
echo $LIBCRYPTO_CFLAGS
-I/usr/local/openssl10/include
make distclean
./configure \
--prefix=/usr/local/opendkim \
--libdir=/usr/local/opendkim/lib64 \
--enable-shared --disable-static \
--enable-rpath \
--with-openssl=/usr/local/openssl10 \
--with-milter \
--with-gnu-ld
...
checking for OpenSSL includes... /usr/local/openssl10
checking openssl/bio.h usability... yes
checking openssl/bio.h presence... yes
checking for openssl/bio.h... yes
checking openssl/conf.h usability... yes
checking openssl/conf.h presence... yes
checking for openssl/conf.h... yes
checking openssl/crypto.h usability... yes
checking openssl/crypto.h presence... yes
checking for openssl/crypto.h... yes
checking openssl/err.h usability... yes
checking openssl/err.h presence... yes
checking for openssl/err.h... yes
checking openssl/evp.h usability... yes
checking openssl/evp.h presence... yes
checking for openssl/evp.h... yes
checking openssl/md5.h usability... yes
checking openssl/md5.h presence... yes
checking for openssl/md5.h... yes
checking openssl/opensslv.h usability... yes
checking openssl/opensslv.h presence... yes
checking for openssl/opensslv.h... yes
checking openssl/pem.h usability... yes
checking openssl/pem.h presence... yes
checking for openssl/pem.h... yes
checking openssl/rsa.h usability... yes
checking openssl/rsa.h presence... yes
checking for openssl/rsa.h... yes
checking openssl/sha.h usability... yes
checking openssl/sha.h presence... yes
checking for openssl/sha.h... yes
checking openssl/ssl.h usability... yes
checking openssl/ssl.h presence... yes
checking for openssl/ssl.h... yes
checking for library containing ERR_peek_error... none required
checking for library containing SSL_library_init... none required
checking whether SHA256_DIGEST_LENGTH is declared... yes
...
make fails.
the spec'd env vars
LIBCRYPTO_LIBS
LIBCRYPTO_CFLAGS
are not being correctly used. Note the missing/incorrect rpath spec
make V=1
...
/bin/sh ../libtool --tag=CC --mode=link ... -L/usr/local/openssl10/lib -L/usr/lib ... -lssl -lcrypto ...
libtool: link: ... -L/usr/local/openssl10/lib -L/usr/lib ... -lssl -lcrypto ... -Wl,-rpath -Wl,/usr/local/arc/lib64
...
full output
make V=1
make all-recursive
make[1]: Entering directory '/usr/local/src/openarc'
Making all in libopenarc
make[2]: Entering directory '/usr/local/src/openarc/libopenarc'
/bin/sh ../libtool --tag=CC --mode=compile /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-base64.lo -MD -MP -MF .deps/libopenarc_la-base64.Tpo -c -o libopenarc_la-base64.lo `test -f 'base64.c' || echo './'`base64.c
libtool: compile: /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-base64.lo -MD -MP -MF .deps/libopenarc_la-base64.Tpo -c base64.c -fPIC -DPIC -o .libs/libopenarc_la-base64.o
mv -f .deps/libopenarc_la-base64.Tpo .deps/libopenarc_la-base64.Plo
/bin/sh ../libtool --tag=CC --mode=compile /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc.lo -MD -MP -MF .deps/libopenarc_la-arc.Tpo -c -o libopenarc_la-arc.lo `test -f 'arc.c' || echo './'`arc.c
libtool: compile: /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc.lo -MD -MP -MF .deps/libopenarc_la-arc.Tpo -c arc.c -fPIC -DPIC -o .libs/libopenarc_la-arc.o
arc.c: In function ‘arc_genamshdr’:
arc.c:315:9: warning: unused variable ‘tmp’ [-Wunused-variable]
u_char tmp[ARC_MAXHEADER + 1];
^~~
arc.c:308:6: warning: unused variable ‘n’ [-Wunused-variable]
int n;
^
arc.c:307:8: warning: unused variable ‘nosigner’ [-Wunused-variable]
_Bool nosigner = FALSE;
^~~~~~~~
arc.c: In function ‘arc_init’:
arc.c:783:10: warning: pointer targets in passing argument 1 of ‘strncpy’ differ in signedness [-Wpointer-sign]
strncpy(lib->arcl_tmpdir, DEFTMPDIR, sizeof lib->arcl_tmpdir - 1);
^~~
In file included from /usr/include/features.h:365:0,
from /usr/include/sys/types.h:25,
from /usr/include/sys/param.h:25,
from arc.c:13:
/usr/include/bits/string3.h:123:1: note: expected ‘char * restrict’ but argument is of type ‘u_char * {aka unsigned char *}’
__NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
^
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c: In function ‘arc_process_set’:
arc.c:1453:18: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
hcopy = strdup(p);
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1453:18: warning: pointer targets in passing argument 1 of ‘__strdup’ differ in signedness [-Wpointer-sign]
hcopy = strdup(p);
^
/usr/include/bits/string2.h:1278:14: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern char *__strdup (const char *__string) __THROW __attribute_malloc__;
^~~~~~~~
arc.c:1453:9: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
hcopy = strdup(p);
^
arc.c:1456:17: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
len = strlen(p);
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1462:21: warning: pointer targets in passing argument 1 of ‘__strtok_r_1c’ differ in signedness [-Wpointer-sign]
for (p = strtok_r(hcopy, ":", &ctx);
^
/usr/include/bits/string2.h:1149:1: note: expected ‘char *’ but argument is of type ‘u_char * {aka unsigned char *}’
__strtok_r_1c (char *__s, char __sep, char **__nextp)
^~~~~~~~~~~~~
arc.c:1462:21: warning: pointer targets in passing argument 1 of ‘__strtok_r’ differ in signedness [-Wpointer-sign]
for (p = strtok_r(hcopy, ":", &ctx);
^
In file included from arc.c:26:0:
/usr/include/string.h:349:14: note: expected ‘char * restrict’ but argument is of type ‘u_char * {aka unsigned char *}’
extern char *__strtok_r (char *__restrict __s,
^~~~~~~~~~
arc.c:1462:10: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
for (p = strtok_r(hcopy, ":", &ctx);
^
arc.c:1464:10: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
p = strtok_r(NULL, ":", &ctx))
^
arc.c:1466:19: warning: pointer targets in passing argument 1 of ‘strcasecmp’ differ in signedness [-Wpointer-sign]
if (strcasecmp(p, ARC_SEAL_HDRNAME) == 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:529:12: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern int strcasecmp (const char *__s1, const char *__s2)
^~~~~~~~~~
arc.c: In function ‘arc_get_key’:
arc.c:1569:6: warning: unused variable ‘c’ [-Wunused-variable]
int c;
^
arc.c:1567:8: warning: unused variable ‘gotreply’ [-Wunused-variable]
_Bool gotreply = FALSE; /* reply received */
^~~~~~~~
arc.c:1566:8: warning: unused variable ‘gotset’ [-Wunused-variable]
_Bool gotset = FALSE; /* set parsed */
^~~~~~
arc.c:1565:8: warning: unused variable ‘gotkey’ [-Wunused-variable]
_Bool gotkey = FALSE; /* key stored */
^~~~~~
arc.c: In function ‘arc_validate_msg’:
arc.c:1788:43: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
msg->arc_selector = arc_param_get(kvset, "s");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:1789:41: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
msg->arc_domain = arc_param_get(kvset, "d");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:1808:32: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
b64sig = arc_param_get(kvset, "b");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:1809:21: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
b64siglen = strlen(b64sig);
^~~~~~
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
arc.c:1810:34: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
b64bhtag = arc_param_get(kvset, "bh");
^~~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:1847:29: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
alg = arc_param_get(kvset, "a");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1849:28: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1849:28: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
arc.c:1849:28: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1849:28: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1849:28: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
arc.c:1849:28: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1849:28: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
arc.c:1849:28: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1849:28: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
arc.c:1849:28: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1870:21: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^~~~~~~~
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1870:41: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1870:48: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1870:41: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
arc.c:1870:41: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1870:48: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
arc.c:1870:48: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1870:41: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1870:41: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
arc.c:1870:41: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1870:48: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
arc.c:1870:48: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1870:48: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1870:41: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
arc.c:1870:41: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1870:48: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
arc.c:1870:48: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1870:41: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
arc.c:1870:41: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1870:48: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (elen != strlen(b64bhtag) || strcmp(b64bh, b64bhtag) != 0)
^
arc.c:1870:48: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1760:7: warning: unused variable ‘keydata’ [-Wunused-variable]
BIO *keydata;
^~~~~~~
arc.c:1758:23: warning: unused variable ‘h’ [-Wunused-variable]
struct arc_hdrfield *h;
^
arc.c: In function ‘arc_validate_seal’:
arc.c:1920:43: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
msg->arc_selector = arc_param_get(kvset, "s");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:1921:41: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
msg->arc_domain = arc_param_get(kvset, "d");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:1940:32: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
b64sig = arc_param_get(kvset, "b");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:1941:21: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
b64siglen = strlen(b64sig);
^~~~~~
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
arc.c:1977:29: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
alg = arc_param_get(kvset, "a");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1979:28: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1979:28: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
arc.c:1979:28: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1979:28: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:1979:28: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
arc.c:1979:28: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1979:28: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
arc.c:1979:28: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:1979:28: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (alg != NULL && strcmp(alg, "rsa-sha256") == 0)
^
arc.c:1979:28: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c: In function ‘arc_message’:
arc.c:2020:8: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
*err = strerror(errno);
^
arc.c: In function ‘arc_parse_header_field’:
arc.c:78:16: warning: pointer targets in passing argument 2 of ‘arc_dstring_catn’ differ in signedness [-Wpointer-sign]
#define CRLF "\r\n"
^
arc.c:2167:30: note: in expansion of macro ‘CRLF’
arc_dstring_catn(tmphdr, CRLF, 2);
^~~~
In file included from arc.c:53:0:
arc-util.h:22:14: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
extern _Bool arc_dstring_catn __P((struct arc_dstring *, u_char *, size_t));
^~~~~~~~~~~~~~~~
arc.c: In function ‘arc_eoh’:
arc.c:2298:18: warning: pointer targets in passing argument 2 of ‘strncpy’ differ in signedness [-Wpointer-sign]
strncpy(hnbuf, h->hdr_text, h->hdr_namelen);
^
In file included from /usr/include/features.h:365:0,
from /usr/include/sys/types.h:25,
from /usr/include/sys/param.h:25,
from arc.c:13:
/usr/include/bits/string3.h:123:1: note: expected ‘const char * restrict’ but argument is of type ‘u_char * {aka unsigned char *}’
__NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
^
arc.c:2326:29: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
inst = arc_param_get(set, "i");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:2327:15: warning: pointer targets in passing argument 1 of ‘strtoul’ differ in signedness [-Wpointer-sign]
n = strtoul(inst, NULL, 10);
^~~~
In file included from arc.c:22:0:
/usr/include/stdlib.h:187:26: note: expected ‘const char * restrict’ but argument is of type ‘u_char * {aka unsigned char *}’
extern unsigned long int strtoul (const char *__restrict __nptr,
^~~~~~~
arc.c:2346:29: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
inst = arc_param_get(set, "i");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:2348:15: warning: pointer targets in passing argument 1 of ‘strtoul’ differ in signedness [-Wpointer-sign]
n = strtoul(inst, NULL, 10);
^~~~
In file included from arc.c:22:0:
/usr/include/stdlib.h:187:26: note: expected ‘const char * restrict’ but argument is of type ‘u_char * {aka unsigned char *}’
extern unsigned long int strtoul (const char *__restrict __nptr,
^~~~~~~
arc.c:2414:37: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
htag = arc_param_get(h->hdr_data, "h");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c: In function ‘arc_eom’:
arc.c:2582:34: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
inst = arc_param_get(kvset, "i");
^~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:2583:15: warning: pointer targets in passing argument 1 of ‘atoi’ differ in signedness [-Wpointer-sign]
if (atoi(inst) == set)
^~~~
In file included from /usr/include/features.h:365:0,
from /usr/include/sys/types.h:25,
from /usr/include/sys/param.h:25,
from arc.c:13:
/usr/include/stdlib.h:278:1: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
__NTH (atoi (const char *__nptr))
^
arc.c:2587:31: warning: pointer targets in passing argument 2 of ‘arc_param_get’ differ in signedness [-Wpointer-sign]
cv = arc_param_get(kvset, "cv");
^~~~
arc.c:967:1: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
arc_param_get(ARC_KVSET *set, u_char *param)
^~~~~~~~~~~~~
arc.c:2588:33: warning: pointer targets in passing argument 1 of ‘strcasecmp’ differ in signedness [-Wpointer-sign]
if ((set == 1 && strcasecmp(cv, "none") == 0) ||
^~
In file included from arc.c:26:0:
/usr/include/string.h:529:12: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern int strcasecmp (const char *__s1, const char *__s2)
^~~~~~~~~~
arc.c:2589:33: warning: pointer targets in passing argument 1 of ‘strcasecmp’ differ in signedness [-Wpointer-sign]
(set != 1 && strcasecmp(cv, "pass") == 0))
^~
In file included from arc.c:26:0:
/usr/include/string.h:529:12: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern int strcasecmp (const char *__s1, const char *__s2)
^~~~~~~~~~
arc.c: In function ‘arc_getseal’:
arc.c:2664:18: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
msg->arc_domain = domain;
^
arc.c:2665:20: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
msg->arc_selector = selector;
^
arc.c:2666:22: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
msg->arc_authservid = authservid;
^
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:2676:14: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strncmp(key, "-----", 5) == 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:2676:14: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strncmp(key, "-----", 5) == 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:2676:14: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strncmp(key, "-----", 5) == 0)
^
arc.c:2676:14: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:2676:14: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strncmp(key, "-----", 5) == 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:2676:14: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strncmp(key, "-----", 5) == 0)
^
arc.c:2676:14: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:2676:14: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strncmp(key, "-----", 5) == 0)
^
arc.c:2676:14: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:2676:14: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strncmp(key, "-----", 5) == 0)
^
arc.c:2676:14: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arc.c:2676:14: warning: pointer targets in passing argument 1 of ‘strncmp’ differ in signedness [-Wpointer-sign]
if (strncmp(key, "-----", 5) == 0)
^
In file included from arc.c:26:0:
/usr/include/string.h:143:12: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern int strncmp (const char *__s1, const char *__s2, size_t __n)
^~~~~~~
arc.c:2728:17: warning: variable ‘next’ set but not used [-Wunused-but-set-variable]
ARC_HDRFIELD *next;
^~~~
arc.c:2839:50: warning: pointer targets in passing argument 5 of ‘RSA_sign’ differ in signedness [-Wpointer-sign]
rstatus = RSA_sign(nid, digest, diglen, sigout, &siglen, rsa);
^
In file included from /usr/local/openssl10/include/openssl/x509.h:96:0,
from /usr/local/openssl10/include/openssl/pem.h:70,
from arc.c:40:
/usr/local/openssl10/include/openssl/rsa.h:410:5: note: expected ‘unsigned int *’ but argument is of type ‘int *’
int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
^~~~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:2901:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
h->hdr_text = strdup(arc_dstring_get(dstr));
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:2901:23: warning: pointer targets in passing argument 1 of ‘__strdup’ differ in signedness [-Wpointer-sign]
h->hdr_text = strdup(arc_dstring_get(dstr));
^
/usr/include/bits/string2.h:1278:14: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern char *__strdup (const char *__string) __THROW __attribute_malloc__;
^~~~~~~~
arc.c:2901:14: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
h->hdr_text = strdup(arc_dstring_get(dstr));
^
arc.c:2995:50: warning: pointer targets in passing argument 5 of ‘RSA_sign’ differ in signedness [-Wpointer-sign]
rstatus = RSA_sign(nid, digest, diglen, sigout, &siglen, rsa);
^
In file included from /usr/local/openssl10/include/openssl/x509.h:96:0,
from /usr/local/openssl10/include/openssl/pem.h:70,
from arc.c:40:
/usr/local/openssl10/include/openssl/rsa.h:410:5: note: expected ‘unsigned int *’ but argument is of type ‘int *’
int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
^~~~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:3041:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
h->hdr_text = strdup(arc_dstring_get(dstr));
^
In file included from arc.c:26:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from arc.c:26:
arc.c:3041:23: warning: pointer targets in passing argument 1 of ‘__strdup’ differ in signedness [-Wpointer-sign]
h->hdr_text = strdup(arc_dstring_get(dstr));
^
/usr/include/bits/string2.h:1278:14: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern char *__strdup (const char *__string) __THROW __attribute_malloc__;
^~~~~~~~
arc.c:3041:14: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
h->hdr_text = strdup(arc_dstring_get(dstr));
^
arc.c:2638:8: warning: unused variable ‘set’ [-Wunused-variable]
u_int set;
^~~
arc.c: In function ‘arc_getamshdr_d’:
arc.c:724:5: warning: ‘__s’ may be used uninitialized in this function [-Wmaybe-uninitialized]
arc_dstring_catn(msg->arc_hdrbuf,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(u_char *) pv,
~~~~~~~~~~~~~~
pvlen);
~~~~~~
arc.c:550:4: warning: ‘__s’ may be used uninitialized in this function [-Wmaybe-uninitialized]
arc_dstring_cat(msg->arc_hdrbuf, (u_char *) pv);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
mv -f .deps/libopenarc_la-arc.Tpo .deps/libopenarc_la-arc.Plo
/bin/sh ../libtool --tag=CC --mode=compile /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-canon.lo -MD -MP -MF .deps/libopenarc_la-arc-canon.Tpo -c -o libopenarc_la-arc-canon.lo `test -f 'arc-canon.c' || echo './'`arc-canon.c
libtool: compile: /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-canon.lo -MD -MP -MF .deps/libopenarc_la-arc-canon.Tpo -c arc-canon.c -fPIC -DPIC -o .libs/libopenarc_la-arc-canon.o
arc-canon.c: In function ‘arc_canon_strip_b’:
arc-canon.c:992:6: warning: variable ‘n’ set but not used [-Wunused-but-set-variable]
int n;
^
arc-canon.c: In function ‘arc_canon_runheaders’:
arc-canon.c:1333:21: warning: pointer targets in passing argument 2 of ‘strncasecmp’ differ in signedness [-Wpointer-sign]
hdr->hdr_text,
^~~
In file included from arc-canon.c:22:0:
/usr/include/string.h:533:12: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern int strncasecmp (const char *__s1, const char *__s2, size_t __n)
^~~~~~~~~~~
arc-canon.c:1336:21: warning: pointer targets in passing argument 2 of ‘strncasecmp’ differ in signedness [-Wpointer-sign]
hdr->hdr_text,
^~~
In file included from arc-canon.c:22:0:
/usr/include/string.h:533:12: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern int strncasecmp (const char *__s1, const char *__s2, size_t __n)
^~~~~~~~~~~
arc-canon.c:1339:21: warning: pointer targets in passing argument 2 of ‘strncasecmp’ differ in signedness [-Wpointer-sign]
hdr->hdr_text,
^~~
In file included from arc-canon.c:22:0:
/usr/include/string.h:533:12: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern int strncasecmp (const char *__s1, const char *__s2, size_t __n)
^~~~~~~~~~~
arc-canon.c:1321:13: warning: unused variable ‘hdrtest’ [-Wunused-variable]
regex_t *hdrtest;
^~~~~~~
arc-canon.c:1320:13: warning: variable ‘lib’ set but not used [-Wunused-but-set-variable]
ARC_LIB *lib;
^~~
arc-canon.c:1246:10: warning: unused variable ‘p’ [-Wunused-variable]
u_char *p;
^
arc-canon.c:1244:10: warning: variable ‘end’ set but not used [-Wunused-but-set-variable]
u_char *end;
^~~
arc-canon.c:1241:6: warning: unused variable ‘last’ [-Wunused-variable]
int last = '\0';
^~~~
arc-canon.c:1239:6: warning: unused variable ‘in’ [-Wunused-variable]
int in;
^~
arc-canon.c:1236:9: warning: unused variable ‘savechar’ [-Wunused-variable]
u_char savechar;
^~~~~~~~
arc-canon.c: In function ‘arc_canon_add_to_seal’:
arc-canon.c:2048:20: warning: variable ‘sc’ set but not used [-Wunused-but-set-variable]
struct arc_canon *sc;
^~
arc-canon.c: In function ‘arc_canon_strip_b’:
arc-canon.c:1021:6: warning: ‘in’ may be used uninitialized in this function [-Wmaybe-uninitialized]
if (in == '\0' && *p == '=')
^
mv -f .deps/libopenarc_la-arc-canon.Tpo .deps/libopenarc_la-arc-canon.Plo
/bin/sh ../libtool --tag=CC --mode=compile /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-dns.lo -MD -MP -MF .deps/libopenarc_la-arc-dns.Tpo -c -o libopenarc_la-arc-dns.lo `test -f 'arc-dns.c' || echo './'`arc-dns.c
libtool: compile: /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-dns.lo -MD -MP -MF .deps/libopenarc_la-arc-dns.Tpo -c arc-dns.c -fPIC -DPIC -o .libs/libopenarc_la-arc-dns.o
mv -f .deps/libopenarc_la-arc-dns.Tpo .deps/libopenarc_la-arc-dns.Plo
/bin/sh ../libtool --tag=CC --mode=compile /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-keys.lo -MD -MP -MF .deps/libopenarc_la-arc-keys.Tpo -c -o libopenarc_la-arc-keys.lo `test -f 'arc-keys.c' || echo './'`arc-keys.c
libtool: compile: /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-keys.lo -MD -MP -MF .deps/libopenarc_la-arc-keys.Tpo -c arc-keys.c -fPIC -DPIC -o .libs/libopenarc_la-arc-keys.o
arc-keys.c: In function ‘arc_get_key_file’:
arc-keys.c:446:28: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
memmove(buf, p2, strlen(p2) + 1);
^~
In file included from arc-keys.c:20:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
mv -f .deps/libopenarc_la-arc-keys.Tpo .deps/libopenarc_la-arc-keys.Plo
/bin/sh ../libtool --tag=CC --mode=compile /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-tables.lo -MD -MP -MF .deps/libopenarc_la-arc-tables.Tpo -c -o libopenarc_la-arc-tables.lo `test -f 'arc-tables.c' || echo './'`arc-tables.c
libtool: compile: /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-tables.lo -MD -MP -MF .deps/libopenarc_la-arc-tables.Tpo -c arc-tables.c -fPIC -DPIC -o .libs/libopenarc_la-arc-tables.o
mv -f .deps/libopenarc_la-arc-tables.Tpo .deps/libopenarc_la-arc-tables.Plo
/bin/sh ../libtool --tag=CC --mode=compile /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-util.lo -MD -MP -MF .deps/libopenarc_la-arc-util.Tpo -c -o libopenarc_la-arc-util.lo `test -f 'arc-util.c' || echo './'`arc-util.c
libtool: compile: /usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT libopenarc_la-arc-util.lo -MD -MP -MF .deps/libopenarc_la-arc-util.Tpo -c arc-util.c -fPIC -DPIC -o .libs/libopenarc_la-arc-util.o
arc-util.c: In function ‘arc_strndup’:
arc-util.c:487:11: warning: pointer targets in passing argument 1 of ‘strncpy’ differ in signedness [-Wpointer-sign]
strncpy(ret, src, len);
^~~
In file included from /usr/include/features.h:365:0,
from /usr/include/sys/types.h:25,
from /usr/include/sys/param.h:25,
from arc-util.c:9:
/usr/include/bits/string3.h:123:1: note: expected ‘char * restrict’ but argument is of type ‘u_char * {aka unsigned char *}’
__NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
^
arc-util.c:487:16: warning: pointer targets in passing argument 2 of ‘strncpy’ differ in signedness [-Wpointer-sign]
strncpy(ret, src, len);
^~~
In file included from /usr/include/features.h:365:0,
from /usr/include/sys/types.h:25,
from /usr/include/sys/param.h:25,
from arc-util.c:9:
/usr/include/bits/string3.h:123:1: note: expected ‘const char * restrict’ but argument is of type ‘u_char * {aka unsigned char *}’
__NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
^
arc-util.c: In function ‘arc_tmpfile’:
arc-util.c:574:29: warning: ‘/arc.XXXXXX’ directive output may be truncated writing 11 bytes into a region of size between 0 and 4096 [-Wformat-truncation=]
snprintf(path, MAXPATHLEN, "%s/arc.XXXXXX",
^~~~~~~~~~~~~~~
In file included from /usr/include/stdio.h:936:0,
from arc-util.c:24:
/usr/include/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 12 and 4108 bytes into a destination of size 4096
return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
__bos (__s), __fmt, __va_arg_pack ());
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
mv -f .deps/libopenarc_la-arc-util.Tpo .deps/libopenarc_la-arc-util.Plo
grep '^extern' arc.h | \
awk '{ for (c = 1; c <= NF; c++) if ($c ~ /arc_/) { print $c; break; } }' | \
sed -e s/\[\*\;\]//g -e s/\[\\\[\\\]\]//g | \
sort -u -o symbols.map
/bin/sh ../libtool --tag=CC --mode=link /usr/bin/gcc-7 -I/usr/local/openssl10/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -no-undefined -L/usr/local/openssl10/lib -version-info 0:0:0 -export-symbols symbols.map -rpath /usr/local/openarc/lib64 -o libopenarc.la -rpath /usr/local/openarc/lib64 libopenarc_la-base64.lo libopenarc_la-arc.lo libopenarc_la-arc-canon.lo libopenarc_la-arc-dns.lo libopenarc_la-arc-keys.lo libopenarc_la-arc-tables.lo libopenarc_la-arc-util.lo -lbsd
libtool: link: echo "{ global:" > .libs/libopenarc.ver
libtool: link: cat symbols.map | sed -e "s/\(.*\)/\1;/" >> .libs/libopenarc.ver
libtool: link: echo "local: *; };" >> .libs/libopenarc.ver
libtool: link: /usr/bin/gcc-7 -shared -fPIC -DPIC .libs/libopenarc_la-base64.o .libs/libopenarc_la-arc.o .libs/libopenarc_la-arc-canon.o .libs/libopenarc_la-arc-dns.o .libs/libopenarc_la-arc-keys.o .libs/libopenarc_la-arc-tables.o .libs/libopenarc_la-arc-util.o -L/usr/local/openssl10/lib -lbsd -O3 -fstack-protector -grecord-gcc-switches -march=native -mtune=native -Wl,-soname -Wl,libopenarc.so.0 -Wl,-version-script -Wl,.libs/libopenarc.ver -o .libs/libopenarc.so.0.0.0
libtool: link: (cd ".libs" && rm -f "libopenarc.so.0" && ln -s "libopenarc.so.0.0.0" "libopenarc.so.0")
libtool: link: (cd ".libs" && rm -f "libopenarc.so" && ln -s "libopenarc.so.0.0.0" "libopenarc.so")
libtool: link: ( cd ".libs" && rm -f "libopenarc.la" && ln -s "../libopenarc.la" "libopenarc.la" )
make[2]: Leaving directory '/usr/local/src/openarc/libopenarc'
Making all in contrib
make[2]: Entering directory '/usr/local/src/openarc/contrib'
Making all in docs
make[3]: Entering directory '/usr/local/src/openarc/contrib/docs'
make[3]: Nothing to be done for 'all'.
make[3]: Leaving directory '/usr/local/src/openarc/contrib/docs'
Making all in init
make[3]: Entering directory '/usr/local/src/openarc/contrib/init'
Making all in generic
make[4]: Entering directory '/usr/local/src/openarc/contrib/init/generic'
make[4]: Nothing to be done for 'all'.
make[4]: Leaving directory '/usr/local/src/openarc/contrib/init/generic'
Making all in redhat
make[4]: Entering directory '/usr/local/src/openarc/contrib/init/redhat'
make[4]: Nothing to be done for 'all'.
make[4]: Leaving directory '/usr/local/src/openarc/contrib/init/redhat'
Making all in solaris
make[4]: Entering directory '/usr/local/src/openarc/contrib/init/solaris'
make[4]: Nothing to be done for 'all'.
make[4]: Leaving directory '/usr/local/src/openarc/contrib/init/solaris'
make[4]: Entering directory '/usr/local/src/openarc/contrib/init'
make[4]: Nothing to be done for 'all-am'.
make[4]: Leaving directory '/usr/local/src/openarc/contrib/init'
make[3]: Leaving directory '/usr/local/src/openarc/contrib/init'
Making all in spec
make[3]: Entering directory '/usr/local/src/openarc/contrib/spec'
make[3]: Nothing to be done for 'all'.
make[3]: Leaving directory '/usr/local/src/openarc/contrib/spec'
Making all in systemd
make[3]: Entering directory '/usr/local/src/openarc/contrib/systemd'
make[3]: Nothing to be done for 'all'.
make[3]: Leaving directory '/usr/local/src/openarc/contrib/systemd'
make[3]: Entering directory '/usr/local/src/openarc/contrib'
make[3]: Nothing to be done for 'all-am'.
make[3]: Leaving directory '/usr/local/src/openarc/contrib'
make[2]: Leaving directory '/usr/local/src/openarc/contrib'
Making all in docs
make[2]: Entering directory '/usr/local/src/openarc/docs'
make[2]: Nothing to be done for 'all'.
make[2]: Leaving directory '/usr/local/src/openarc/docs'
Making all in openarc
make[2]: Entering directory '/usr/local/src/openarc/openarc'
/usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I./../libopenarc -I/usr/local/openssl10/include -I/usr/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -pthread -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT openarc-config.o -MD -MP -MF .deps/openarc-config.Tpo -c -o openarc-config.o `test -f 'config.c' || echo './'`config.c
mv -f .deps/openarc-config.Tpo .deps/openarc-config.Po
/usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I./../libopenarc -I/usr/local/openssl10/include -I/usr/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -pthread -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT openarc-openarc.o -MD -MP -MF .deps/openarc-openarc.Tpo -c -o openarc-openarc.o `test -f 'openarc.c' || echo './'`openarc.c
openarc.c: In function ‘arcf_list_load’:
openarc.c:1229:12: warning: pointer targets in assignment differ in signedness [-Wpointer-sign]
v->value = strdup(buf);
^
openarc.c: In function ‘arcf_config_load’:
openarc.c:1364:10: warning: unused variable ‘which’ [-Wunused-variable]
_Bool which = FALSE;
^~~~~
openarc.c:1348:7: warning: unused variable ‘tmpint’ [-Wunused-variable]
int tmpint;
^~~~~~
openarc.c:1327:11: warning: unused variable ‘fixedtime’ [-Wunused-variable]
uint64_t fixedtime = 0UL;
^~~~~~~~~
openarc.c:1326:6: warning: unused variable ‘dbflags’ [-Wunused-variable]
int dbflags = 0;
^~~~~~~
openarc.c:1325:6: warning: unused variable ‘maxsign’ [-Wunused-variable]
int maxsign;
^~~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c: In function ‘arcf_checkhost’:
openarc.c:2202:15: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, buf) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2202:15: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, buf) == 0)
^
openarc.c:2202:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2202:15: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, buf) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2202:15: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, buf) == 0)
^
openarc.c:2202:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2202:15: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, buf) == 0)
^
openarc.c:2202:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2202:15: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, buf) == 0)
^
openarc.c:2202:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2207:15: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, &buf[1]) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2207:15: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, &buf[1]) == 0)
^
openarc.c:2207:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2207:15: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, &buf[1]) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2207:15: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, &buf[1]) == 0)
^
openarc.c:2207:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2207:15: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, &buf[1]) == 0)
^
openarc.c:2207:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2207:15: warning: pointer targets in passing argument 1 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(node->value, &buf[1]) == 0)
^
openarc.c:2207:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2185:6: warning: unused variable ‘status’ [-Wunused-variable]
int status;
^~~~~~
openarc.c:2184:8: warning: unused variable ‘exists’ [-Wunused-variable]
_Bool exists;
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c: In function ‘arcf_checkip’:
openarc.c:2267:22: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2267:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2267:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2267:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2267:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2267:22: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2267:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2267:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2267:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2267:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2270:26: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2270:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2270:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2270:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2270:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2270:26: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2270:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2270:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2270:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2270:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2279:22: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2279:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2279:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2279:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2279:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2279:22: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2279:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2279:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2279:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2279:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2282:26: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2282:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2282:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2282:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2282:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2282:26: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2282:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2282:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2282:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2282:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2313:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2313:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2313:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2313:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2313:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2313:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2313:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2313:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2313:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2313:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2316:27: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2316:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2316:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2316:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2316:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2316:27: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2316:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2316:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2316:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2316:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2337:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2337:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2337:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2337:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2337:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2337:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2337:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2337:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2337:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2337:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2340:27: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2340:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2340:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2340:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2340:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2340:27: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2340:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2340:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2340:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2340:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2241:7: warning: unused variable ‘status’ [-Wunused-variable]
int status;
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2378:22: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2378:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2378:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2378:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2378:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2378:22: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2378:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2378:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2378:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2378:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2381:26: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2381:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2381:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2381:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2381:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2381:26: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2381:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2381:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2381:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2381:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2390:22: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2390:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2390:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2390:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2390:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2390:22: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2390:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2390:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2390:22: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2390:22: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2393:26: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2393:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2393:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2393:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2393:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2393:26: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2393:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2393:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2393:26: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2393:26: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2424:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2424:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2424:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2424:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2424:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2424:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2424:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2424:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2424:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2424:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2427:27: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2427:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2427:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2427:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2427:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2427:27: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2427:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2427:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2427:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2427:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2439:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2439:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2439:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2439:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2439:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2439:23: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2439:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2439:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2439:23: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(ipbuf, node->value) == 0)
^
openarc.c:2439:23: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2442:27: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2442:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2442:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2442:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2442:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2442:27: warning: pointer targets in passing argument 1 of ‘strlen’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
In file included from openarc.c:39:0:
/usr/include/string.h:394:15: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
extern size_t strlen (const char *__s)
^~~~~~
In file included from /usr/include/string.h:630:0,
from openarc.c:39:
openarc.c:2442:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2442:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2442:27: warning: pointer targets in passing argument 2 of ‘__builtin_strcmp’ differ in signedness [-Wpointer-sign]
if (strcmp(&ipbuf[1], node->value) == 0)
^
openarc.c:2442:27: note: expected ‘const char *’ but argument is of type ‘u_char * {aka unsigned char *}’
openarc.c:2361:7: warning: unused variable ‘status’ [-Wunused-variable]
int status;
^~~~~~
openarc.c:2359:9: warning: variable ‘exists’ set but not used [-Wunused-but-set-variable]
_Bool exists;
^~~~~~
openarc.c:2229:8: warning: variable ‘exists’ set but not used [-Wunused-but-set-variable]
_Bool exists;
^~~~~~
openarc.c: In function ‘mlfi_connect’:
openarc.c:2582:22: warning: variable ‘conf’ set but not used [-Wunused-but-set-variable]
struct arcf_config *conf;
^~~~
openarc.c:2580:8: warning: unused variable ‘err’ [-Wunused-variable]
char *err = NULL;
^~~
openarc.c: In function ‘mlfi_eoh’:
openarc.c:2933:9: warning: unused variable ‘from’ [-Wunused-variable]
Header from = NULL;
^~~~
openarc.c:2932:23: warning: unused variable ‘addr’ [-Wunused-variable]
struct arcf_dstring *addr;
^~~~
openarc.c:2930:10: warning: unused variable ‘domain’ [-Wunused-variable]
u_char *domain;
^~~~~~
openarc.c:2929:10: warning: unused variable ‘user’ [-Wunused-variable]
u_char *user;
^~~~
openarc.c:2924:11: warning: unused variable ‘ms’ [-Wunused-variable]
sfsistat ms = SMFIS_CONTINUE;
^~
openarc.c:2922:6: warning: unused variable ‘c’ [-Wunused-variable]
int c;
^
openarc.c:2921:8: warning: unused variable ‘didfrom’ [-Wunused-variable]
_Bool didfrom = FALSE;
^~~~~~~
openarc.c:2920:8: warning: unused variable ‘originok’ [-Wunused-variable]
_Bool originok;
^~~~~~~~
openarc.c:2919:8: warning: unused variable ‘domainok’ [-Wunused-variable]
_Bool domainok;
^~~~~~~~
openarc.c:2918:8: warning: unused variable ‘setidentity’ [-Wunused-variable]
_Bool setidentity = FALSE;
^~~~~~~~~~~
openarc.c: In function ‘mlfi_eom’:
openarc.c:3250:23: warning: pointer targets in passing argument 1 of ‘ares_parse’ differ in signedness [-Wpointer-sign]
status = ares_parse(hdr->hdr_val, &ar);
^~~
In file included from openarc.c:83:0:
openarc-ar.h:103:12: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
extern int ares_parse __P((u_char *, struct authres *));
^~~~~~~~~~
openarc.c:3263:41: warning: pointer targets in passing argument 2 of ‘strcasecmp’ differ in signedness [-Wpointer-sign]
if (strcasecmp(conf->conf_authservid, ar.ares_host) == 0)
^~
In file included from openarc.c:39:0:
/usr/include/string.h:529:12: note: expected ‘const char *’ but argument is of type ‘unsigned char *’
extern int strcasecmp (const char *__s1, const char *__s2)
^~~~~~~~~~
openarc.c:3269:40: warning: pointer targets in passing argument 2 of ‘arcf_dstring_cat’ differ in signedness [-Wpointer-sign]
arcf_dstring_cat(afc->mctx_tmpstr, "; ");
^~~~
In file included from openarc.c:88:0:
util.h:33:14: note: expected ‘u_char * {aka unsigned char *}’ but argument is of type ‘char *’
extern _Bool arcf_dstring_cat __P((struct arcf_dstring *, u_char *));
^~~~~~~~~~~~~~~~
openarc.c:3332:11: warning: pointer targets in passing argument 1 of ‘strncpy’ differ in signedness [-Wpointer-sign]
strncpy(hfname, hfptr, len);
^~~~~~
In file included from /usr/include/features.h:365:0,
from /usr/include/sys/types.h:25,
from openarc.c:12:
/usr/include/bits/string3.h:123:1: note: expected ‘char * restrict’ but argument is of type ‘u_char * {aka unsigned char *}’
__NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
^
openarc.c:3332:19: warning: pointer targets in passing argument 2 of ‘strncpy’ differ in signedness [-Wpointer-sign]
strncpy(hfname, hfptr, len);
^~~~~
In file included from /usr/include/features.h:365:0,
from /usr/include/sys/types.h:25,
from openarc.c:12:
/usr/include/bits/string3.h:123:1: note: expected ‘const char * restrict’ but argument is of type ‘u_char * {aka unsigned char *}’
__NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
^
openarc.c:3334:35: warning: pointer targets in passing argument 3 of ‘arcf_insheader’ differ in signedness [-Wpointer-sign]
status = arcf_insheader(ctx, 1, hfname,
^~~~~~
openarc.c:351:1: note: expected ‘char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arcf_insheader(SMFICTX *ctx, int idx, char *hname, char *hvalue)
^~~~~~~~~~~~~~
openarc.c:3335:27: warning: pointer targets in passing argument 4 of ‘arcf_insheader’ differ in signedness [-Wpointer-sign]
arc_hdr_value(sealhdr));
^~~~~~~~~~~~~
openarc.c:351:1: note: expected ‘char *’ but argument is of type ‘u_char * {aka unsigned char *}’
arcf_insheader(SMFICTX *ctx, int idx, char *hname, char *hvalue)
^~~~~~~~~~~~~~
openarc.c:3191:16: warning: unused variable ‘header’ [-Wunused-variable]
unsigned char header[ARC_MAXHEADER + 1];
^~~~~~
openarc.c:3184:8: warning: unused variable ‘authservid’ [-Wunused-variable]
char *authservid;
^~~~~~~~~~
openarc.c:3181:11: warning: unused variable ‘ret’ [-Wunused-variable]
sfsistat ret;
^~~
openarc.c:3178:8: warning: unused variable ‘authorsig’ [-Wunused-variable]
_Bool authorsig;
^~~~~~~~~
openarc.c:3177:8: warning: unused variable ‘testkey’ [-Wunused-variable]
_Bool testkey = FALSE;
^~~~~~~
openarc.c: In function ‘main’:
openarc.c:3551:8: warning: unused variable ‘testpubkeys’ [-Wunused-variable]
char *testpubkeys = NULL;
^~~~~~~~~~~
openarc.c:3544:8: warning: unused variable ‘extract’ [-Wunused-variable]
char *extract = NULL;
^~~~~~~
openarc.c:3537:16: warning: unused variable ‘tmpl’ [-Wunused-variable]
unsigned long tmpl;
^~~~
openarc.c:3534:11: warning: unused variable ‘fixedtime’ [-Wunused-variable]
uint64_t fixedtime = (uint64_t) -1;
^~~~~~~~~
openarc.c:3517:8: warning: unused variable ‘querytest’ [-Wunused-variable]
_Bool querytest = FALSE;
^~~~~~~~~
openarc.c:3515:8: warning: unused variable ‘stricttest’ [-Wunused-variable]
_Bool stricttest = FALSE;
^~~~~~~~~~
At top level:
openarc.c:1982:1: warning: ‘arcf_log_ssl_errors’ defined but not used [-Wunused-function]
arcf_log_ssl_errors(ARC_LIB *arc, char *jobid)
^~~~~~~~~~~~~~~~~~~
openarc.c:1062:1: warning: ‘arcf_lookup_inttostr’ defined but not used [-Wunused-function]
arcf_lookup_inttostr(int code, struct lookup *table)
^~~~~~~~~~~~~~~~~~~~
openarc.c: In function ‘arcf_config_load.constprop’:
openarc.c:1045:7: warning: ‘__s’ may be used uninitialized in this function [-Wmaybe-uninitialized]
strcasecmp(opt, table[c].str) == 0)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
openarc.c:1319:1: note: ‘__s’ was declared here
arcf_config_load(struct config *data, struct arcf_config *conf,
^~~~~~~~~~~~~~~~
mv -f .deps/openarc-openarc.Tpo .deps/openarc-openarc.Po
/usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I./../libopenarc -I/usr/local/openssl10/include -I/usr/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -pthread -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT openarc-openarc-ar.o -MD -MP -MF .deps/openarc-openarc-ar.Tpo -c -o openarc-openarc-ar.o `test -f 'openarc-ar.c' || echo './'`openarc-ar.c
mv -f .deps/openarc-openarc-ar.Tpo .deps/openarc-openarc-ar.Po
/usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I./../libopenarc -I/usr/local/openssl10/include -I/usr/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -pthread -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT openarc-openarc-crypto.o -MD -MP -MF .deps/openarc-openarc-crypto.Tpo -c -o openarc-openarc-crypto.o `test -f 'openarc-crypto.c' || echo './'`openarc-crypto.c
mv -f .deps/openarc-openarc-crypto.Tpo .deps/openarc-openarc-crypto.Po
/usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I./../libopenarc -I/usr/local/openssl10/include -I/usr/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -pthread -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT openarc-openarc-test.o -MD -MP -MF .deps/openarc-openarc-test.Tpo -c -o openarc-openarc-test.o `test -f 'openarc-test.c' || echo './'`openarc-test.c
openarc-test.c: In function ‘arcf_testfile’:
openarc-test.c:375:15: warning: unused variable ‘msg’ [-Wunused-variable]
ARC_MESSAGE *msg;
^~~
mv -f .deps/openarc-openarc-test.Tpo .deps/openarc-openarc-test.Po
/usr/bin/gcc-7 -DHAVE_CONFIG_H -I. -I.. -I./../libopenarc -I/usr/local/openssl10/include -I/usr/include -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -D_FORTIFY_SOURCE=2 -DCONFIG_BASE=\"/usr/local/openarc/etc\" -pthread -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -MT openarc-util.o -MD -MP -MF .deps/openarc-util.Tpo -c -o openarc-util.o `test -f 'util.c' || echo './'`util.c
mv -f .deps/openarc-util.Tpo .deps/openarc-util.Po
/bin/sh ../libtool --tag=CC --mode=link /usr/bin/gcc-7 -pthread -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -L/usr/local/openssl10/lib -L/usr/lib -pthread -o openarc openarc-config.o openarc-openarc.o openarc-openarc-ar.o openarc-openarc-crypto.o openarc-openarc-test.o openarc-util.o ../libopenarc/libopenarc.la -lmilter -lssl -lcrypto -lresolv -lbsd
libtool: link: /usr/bin/gcc-7 -pthread -O3 -Wall -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fmessage-length=0 -grecord-gcc-switches -march=native -mtune=native -pthread -o .libs/openarc openarc-config.o openarc-openarc.o openarc-openarc-ar.o openarc-openarc-crypto.o openarc-openarc-test.o openarc-util.o -L/usr/local/openssl10/lib -L/usr/lib ../libopenarc/.libs/libopenarc.so -lmilter -lssl -lcrypto -lresolv -lbsd -pthread -Wl,-rpath -Wl,/usr/local/openarc/lib64
openarc-openarc.o: In function `arcf_config_setlib':
openarc.c:(.text+0x3e): undefined reference to `arc_options'
openarc.c:(.text+0x75): undefined reference to `arc_options'
openarc.c:(.text+0xd1): undefined reference to `arc_options'
openarc.c:(.text+0xe1): undefined reference to `arc_init'
openarc-openarc.o: In function `arcf_config_free':
openarc.c:(.text+0x217): undefined reference to `arc_close'
openarc-openarc.o: In function `arcf_cleanup':
openarc.c:(.text+0x30e): undefined reference to `arc_free'
openarc-openarc.o: In function `mlfi_abort':
openarc.c:(.text+0xa8e): undefined reference to `arc_free'
openarc-openarc.o: In function `mlfi_eom':
openarc.c:(.text+0xc14): undefined reference to `arc_eom'
openarc.c:(.text+0xd39): undefined reference to `arc_getseal'
openarc.c:(.text+0xd7a): undefined reference to `arc_hdr_next'
openarc.c:(.text+0xd93): undefined reference to `arc_hdr_name'
openarc.c:(.text+0xdc2): undefined reference to `arc_hdr_value'
openarc-openarc.o: In function `mlfi_eoh':
openarc.c:(.text+0x14a8): undefined reference to `arc_message'
openarc.c:(.text+0x1600): undefined reference to `arc_header_field'
openarc.c:(.text+0x1623): undefined reference to `arc_eoh'
openarc-openarc.o: In function `main':
openarc.c:(.text.startup+0x3a2): undefined reference to `arc_ssl_version'
openarc.c:(.text.startup+0x7aa): undefined reference to `arc_ssl_version'
openarc.c:(.text.startup+0x1380): undefined reference to `arc_close'
collect2: error: ld returned 1 exit status
Makefile:485: recipe for target 'openarc' failed
make[2]: *** [openarc] Error 1
make[2]: Leaving directory '/usr/local/src/openarc/openarc'
Makefile:507: recipe for target 'all-recursive' failed
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory '/usr/local/src/openarc'
Makefile:418: recipe for target 'all' failed
make: *** [all] Error 2
attempting instead with
unset LIBCRYPTO_CFLAGS LIBCRYPTO_LIBS
echo $LDFLAGS
-L/usr/local/openssl10/lib64 -Wl,-rpath,/usr/local/openssl10/lib64
echo $CFLAGS
-I/usr/local/openssl10/include
echo $LIBS
-lssl -lcrypto
echo $CPPFLAGS
-I/usr/local/openssl10/include
also fails.
either needs fixing, or some additional clarity as to correct usage.
autoupdate
running autoupdate changed configure.ac as attached:
configure.ac.patch.txt
Worth changing?
Ale
ARC-Seal: "a=" tag misformatted
I have the openarc 0.1.0 milter running with sendmail, in a very simplistic configuration. Sending to an address on the box, openarc is signing/sealing the message just before local delivery to a file. In the ARC-Seal: header, the "a=" tag appears to be misformatted - perhaps a pointer issue, since I haven't found this particular typo in the source yet. Here's the relevant part of the header that was applied:
ARC-Seal: i=1; a=rsa-:ha1; ... ARC-Message-Signature: i=1; a=rsa-sha1; ...
Attaching the whole message for reference.
ARC Seal Validation Fixes
There are several bugs in how OpenARC validates the ARC Seal.
Notes:
- The following items are not validated properly/per spec:
- t= is required
- a= is required
- Failed as_fields_a_empty: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L5144
- Failed as_fields_a_na: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L5089
- Failed as_fields_a_unknown: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L5199
- duplicate tags should invalidate the signature, but the message was passed by openarc
- Failed as_format_tags_dup: https://github.com/ValiMail/arc_test_suite/blob/master/tests/arc-draft-validation-tests.yml#L4572
Acceptance Criteria:
- The AS validates correctly
Crashing in arc_process_set()
I've got openarc 0.1.0 in a simplistic configuration, with sendmail and mailman
I'm running the milter, configured with --enable-debug, in the foreground so I can get more information when it dies. Here's what I'm seeing from the command line when the bug is triggered:
629 indirect# sbin/openarc -f -l -c etc/mail/openarc.conf
Assertion failed: (0), function arc_process_set, file arc.c, line 1302.
Abort
630 indirect#
Only one of the three /tmp/arc.* files is not zero-length when this happens. Attaching the one that is populated.
arc.Ypd8lB.txt
I changed the alias for the list to capture a copy of the inbound message, too. I notice
message-interop.txt
Milter configuration, too:
openarc.conf.txt
Generate a prototype Authentication-Results relaying "cv" value
This will be helpful for integration with OpenARC. Note, however, that this is non-standard until the IETF does something with it.
crash on check configuration
"openarc -c /path/to/openarc.conf -n" crash if the configfile don't include the "InternalHosts" statement
reported by Benny Petersen via openarc-users ML
https://openarc.org/listarchives/[email protected]/2018-01/0000008.html
OpenSSL pkg-config misrequired on FreeBSD 10.2p14
There's a dependency on a pkg-config utility from the OpenSSL package that doesn't appear to be present on FreeBSD 10.2. Also involves use of the AC_MSG_WARN macro. I removed the relevant stanza from configure while the autoconf scaffolding is being updated, diff attached because why not?
FreeBSD ($HOSTNAME) 10.2-RELEASE-p14 FreeBSD 10.2-RELEASE-p14 #0: Wed Mar 16 20:46:12 UTC 2016 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
Validation test suite failures
The following 5 tests from the validation test suite fail, however the reasons this is the case has not been isolated:
AssertionError: 'fail' != ''
: cv_fail_i1_as_cv_fail
AssertionError: 'fail' != ''
: cv_fail_i2_as2_fail
AssertionError: 'fail' != ''
: cv_fail_i2_as1_fail
AssertionError: '' != 'none'
: cv_no_headers
AssertionError: '' != 'none'
: cv_empty
malloc(): memory corruption in arc_validate_seal()
CentOS 6.x (latest) with branch flowerysong/build-fixes (so that it builds at all):
commit 1df751be9fa5ecd0ed64cd7abe2257ee857ff0b9
Author: Paul Arthur <[email protected]>
Date: Mon Jun 12 03:38:40 2017 +0000
*** glibc detected *** /usr/sbin/openarc: malloc(): memory corruption: 0xb600e9e8 ***
======= Backtrace: =========
/lib/libc.so.6(+0x70bb1)[0x435bb1]
/lib/libc.so.6(+0x74c30)[0x439c30]
/lib/libc.so.6(__libc_malloc+0x57)[0x43a1b7]
/usr/lib/libcrypto.so.10(+0x40eef)[0x1f7eef]
/usr/lib/libcrypto.so.10(CRYPTO_malloc+0x79)[0x1f8459]
/usr/lib/libcrypto.so.10(RSA_new_method+0x39)[0x24f429]
/usr/lib/libcrypto.so.10(RSA_new+0x1f)[0x24f6af]
/usr/lib/libcrypto.so.10(+0x9b84d)[0x25284d]
/usr/lib/libcrypto.so.10(+0xe20dc)[0x2990dc]
/usr/lib/libcrypto.so.10(ASN1_item_ex_d2i+0xba9)[0x29c399]
/usr/lib/libcrypto.so.10(ASN1_item_d2i+0x66)[0x29cb26]
/usr/lib/libcrypto.so.10(d2i_RSAPublicKey+0x36)[0x2529e6]
/usr/lib/libcrypto.so.10(+0x9d157)[0x254157]
/usr/lib/libcrypto.so.10(X509_PUBKEY_get+0xc1)[0x292371]
/usr/lib/libcrypto.so.10(d2i_PUBKEY+0x58)[0x2929d8]
/usr/lib/libcrypto.so.10(ASN1_d2i_bio+0x49)[0x28e599]
/usr/lib/libcrypto.so.10(d2i_PUBKEY_bio+0x39)[0x2bb809]
/usr/lib/libopenarc.so.0(arc_eom+0x544)[0x135814]
/usr/sbin/openarc[0x804d096]
/usr/lib/libmilter.so.1.0(+0x4849)[0x143849]
/usr/lib/libmilter.so.1.0(mi_engine+0x1e6)[0x143aa6]
/usr/lib/libmilter.so.1.0(mi_handle_session+0x60)[0x145e80]
/usr/lib/libmilter.so.1.0(+0x564e)[0x14464e]
/lib/libpthread.so.0(+0x6bc9)[0x3b0bc9]
/lib/libc.so.6(clone+0x5e)[0x4a804e]
======= Memory map: ========
00110000-0012e000 r-xp 00000000 fc:01 1180262 /lib/ld-2.12.so
0012e000-0012f000 r--p 0001e000 fc:01 1180262 /lib/ld-2.12.so
0012f000-00130000 rw-p 0001f000 fc:01 1180262 /lib/ld-2.12.so
00130000-00131000 r-xp 00000000 00:00 0 [vdso]
00131000-0013e000 r-xp 00000000 fc:01 674480 /usr/lib/libopenarc.so.0.0.0
0013e000-0013f000 rw-p 0000c000 fc:01 674480 /usr/lib/libopenarc.so.0.0.0
0013f000-0014b000 r-xp 00000000 fc:01 655768 /usr/lib/libmilter.so.1.0.1
0014b000-0014c000 rw-p 0000b000 fc:01 655768 /usr/lib/libmilter.so.1.0.1
0014c000-0014e000 rw-p 00000000 00:00 0
0014e000-001b0000 r-xp 00000000 fc:01 671777 /usr/lib/libssl.so.1.0.1e
001b0000-001b3000 r--p 00061000 fc:01 671777 /usr/lib/libssl.so.1.0.1e
001b3000-001b7000 rw-p 00064000 fc:01 671777 /usr/lib/libssl.so.1.0.1e
001b7000-00368000 r-xp 00000000 fc:01 657385 /usr/lib/libcrypto.so.1.0.1e
00368000-00378000 r--p 001b0000 fc:01 657385 /usr/lib/libcrypto.so.1.0.1e
00378000-0037f000 rw-p 001c0000 fc:01 657385 /usr/lib/libcrypto.so.1.0.1e
0037f000-00382000 rw-p 00000000 00:00 0
00382000-00397000 r-xp 00000000 fc:01 1182007 /lib/libresolv-2.12.so
00397000-00399000 r--p 00015000 fc:01 1182007 /lib/libresolv-2.12.so
00399000-0039a000 rw-p 00017000 fc:01 1182007 /lib/libresolv-2.12.so
0039a000-0039c000 rw-p 00000000 00:00 0
0039c000-003a9000 r-xp 00000000 fc:01 669356 /usr/lib/libbsd.so.0.6.0
003a9000-003aa000 rw-p 0000d000 fc:01 669356 /usr/lib/libbsd.so.0.6.0
003aa000-003c1000 r-xp 00000000 fc:01 1180635 /lib/libpthread-2.12.so
003c1000-003c2000 r--p 00016000 fc:01 1180635 /lib/libpthread-2.12.so
003c2000-003c3000 rw-p 00017000 fc:01 1180635 /lib/libpthread-2.12.so
003c3000-003c5000 rw-p 00000000 00:00 0
003c5000-00556000 r-xp 00000000 fc:01 1180392 /lib/libc-2.12.so
00556000-00558000 r--p 00191000 fc:01 1180392 /lib/libc-2.12.so
00558000-00559000 rw-p 00193000 fc:01 1180392 /lib/libc-2.12.so
00559000-0055c000 rw-p 00000000 00:00 0
0055c000-0059a000 r-xp 00000000 fc:01 1181866 /lib/libgssapi_krb5.so.2.2
0059a000-0059b000 r--p 0003e000 fc:01 1181866 /lib/libgssapi_krb5.so.2.2
0059b000-0059c000 rw-p 0003f000 fc:01 1181866 /lib/libgssapi_krb5.so.2.2
0059c000-00673000 r-xp 00000000 fc:01 1181870 /lib/libkrb5.so.3.3
00673000-00679000 r--p 000d6000 fc:01 1181870 /lib/libkrb5.so.3.3
00679000-0067a000 rw-p 000dc000 fc:01 1181870 /lib/libkrb5.so.3.3
0067a000-0067d000 r-xp 00000000 fc:01 1182034 /lib/libcom_err.so.2.1
0067d000-0067e000 r--p 00002000 fc:01 1182034 /lib/libcom_err.so.2.1
0067e000-0067f000 rw-p 00003000 fc:01 1182034 /lib/libcom_err.so.2.1
0067f000-006a7000 r-xp 00000000 fc:01 1180459 /lib/libk5crypto.so.3.1
006a7000-006a8000 r--p 00028000 fc:01 1180459 /lib/libk5crypto.so.3.1
006a8000-006a9000 rw-p 00029000 fc:01 1180459 /lib/libk5crypto.so.3.1
006a9000-006aa000 rw-p 00000000 00:00 0
006aa000-006ad000 r-xp 00000000 fc:01 1181684 /lib/libdl-2.12.so
006ad000-006ae000 r--p 00002000 fc:01 1181684 /lib/libdl-2.12.so
006ae000-006af000 rw-p 00003000 fc:01 1181684 /lib/libdl-2.12.so
006af000-006c1000 r-xp 00000000 fc:01 1183820 /lib/libz.so.1.2.3
006c1000-006c2000 r--p 00011000 fc:01 1183820 /lib/libz.so.1.2.3
006c2000-006c3000 rw-p 00012000 fc:01 1183820 /lib/libz.so.1.2.3
006c3000-006cd000 r-xp 00000000 fc:01 1181871 /lib/libkrb5support.so.0.1
006cd000-006ce000 r--p 00009000 fc:01 1181871 /lib/libkrb5support.so.0.1
006ce000-006cf000 rw-p 0000a000 fc:01 1181871 /lib/libkrb5support.so.0.1
006cf000-006d1000 r-xp 00000000 fc:01 1183845 /lib/libkeyutils.so.1.3
006d1000-006d2000 r--p 00001000 fc:01 1183845 /lib/libkeyutils.so.1.3
006d2000-006d3000 rw-p 00002000 fc:01 1183845 /lib/libkeyutils.so.1.3
006d3000-006f0000 r-xp 00000000 fc:01 1181861 /lib/libselinux.so.1
006f0000-006f1000 r--p 0001d000 fc:01 1181861 /lib/libselinux.so.1
006f1000-006f2000 rw-p 0001e000 fc:01 1181861 /lib/libselinux.so.1
006f2000-006fe000 r-xp 00000000 fc:01 1181752 /lib/libnss_files-2.12.so
006fe000-006ff000 r--p 0000b000 fc:01 1181752 /lib/libnss_files-2.12.so
006ff000-00700000 rw-p 0000c000 fc:01 1181752 /lib/libnss_files-2.12.so
00700000-0071d000 r-xp 00000000 fc:01 1180036 /lib/libgcc_s-4.4.7-20120601.so.1
0071d000-0071e000 rw-p 0001d000 fc:01 1180036 /lib/libgcc_s-4.4.7-20120601.so.1
08048000-08057000 r-xp 00000000 fc:01 674479 /usr/sbin/openarc
08057000-08058000 rw-p 0000f000 fc:01 674479 /usr/sbin/openarc
08058000-08089000 rw-p 00000000 00:00 0 [heap]
b5e00000-b5e21000 rw-p 00000000 00:00 0
b5e21000-b5f00000 ---p 00000000 00:00 0
b6000000-b6021000 rw-p 00000000 00:00 0
b6021000-b6100000 ---p 00000000 00:00 0
b61ef000-b61f0000 ---p 00000000 00:00 0
b61f0000-b6bf0000 rw-p 00000000 00:00 0
b6bf0000-b6bf1000 ---p 00000000 00:00 0
b6bf1000-b75f1000 rw-p 00000000 00:00 0
b75f1000-b75f2000 ---p 00000000 00:00 0
b75f2000-b7ff7000 rw-p 00000000 00:00 0
b7ffd000-b8000000 rw-p 00000000 00:00 0
bffea000-c0000000 rw-p 00000000 00:00 0 [stack]
Program received signal SIGABRT, Aborted.
[Switching to Thread 0xb6befb70 (LWP 27213)]
0x00130424 in __kernel_vsyscall ()
Missing separate debuginfos, use: debuginfo-install keyutils-libs-1.4-5.el6.i686 krb5-libs-1.10.3-65.el6.i686 libcom_err-1.41.12-23.el6.i686 libgcc-4.4.7-18.el6.i686 libselinux-2.0.94-7.el6.i686 openssl-1.0.1e-57.el6.i686
(gdb) bt
#0 0x00130424 in __kernel_vsyscall ()
#1 0x003ef781 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#2 0x003f105a in abort () at abort.c:92
#3 0x0042f645 in __libc_message (do_abort=2, fmt=0x51e810 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:198
#4 0x00435bb1 in malloc_printerr (action=<value optimized out>, str=<value optimized out>, ptr=0xb600e9e8, ar_ptr=0xb6000010) at malloc.c:6360
#5 0x00439c30 in _int_malloc (av=0xb6000010, bytes=88) at malloc.c:4451
#6 0x0043a1b7 in __libc_malloc (bytes=88) at malloc.c:3667
#7 0x001f7eef in ?? () from /usr/lib/libcrypto.so.10
#8 0x001f8459 in CRYPTO_malloc () from /usr/lib/libcrypto.so.10
#9 0x0024f429 in RSA_new_method () from /usr/lib/libcrypto.so.10
#10 0x0024f6af in RSA_new () from /usr/lib/libcrypto.so.10
#11 0x0025284d in ?? () from /usr/lib/libcrypto.so.10
#12 0x002990dc in ?? () from /usr/lib/libcrypto.so.10
#13 0x0029c399 in ASN1_item_ex_d2i () from /usr/lib/libcrypto.so.10
#14 0x0029cb26 in ASN1_item_d2i () from /usr/lib/libcrypto.so.10
#15 0x002529e6 in d2i_RSAPublicKey () from /usr/lib/libcrypto.so.10
#16 0x00254157 in ?? () from /usr/lib/libcrypto.so.10
#17 0x00292371 in X509_PUBKEY_get () from /usr/lib/libcrypto.so.10
#18 0x002929d8 in d2i_PUBKEY () from /usr/lib/libcrypto.so.10
#19 0x0028e599 in ASN1_d2i_bio () from /usr/lib/libcrypto.so.10
#20 0x002bb809 in d2i_PUBKEY_bio () from /usr/lib/libcrypto.so.10
#21 0x00135814 in arc_validate_seal (msg=0xb60026b8) at arc.c:1963
#22 arc_eom (msg=0xb60026b8) at arc.c:2593
#23 0x0804d096 in mlfi_eom (ctx=0x8079f18) at openarc.c:3230
#24 0x00143849 in st_bodyend (g=0xb6bef290) at engine.c:1614
#25 0x00143aa6 in mi_engine (ctx=0x8079f18) at engine.c:405
#26 0x00145e80 in mi_handle_session (ctx=0x8079f18) at handler.c:45
#27 0x0014464e in mi_thread_handle_wrapper (arg=0x8079f18) at listener.c:579
#28 0x003b0bc9 in start_thread (arg=0xb6befb70) at pthread_create.c:301
#29 0x004a804e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:133
(gdb) frame 21
#21 0x00135814 in arc_validate_seal (msg=0xb60026b8) at arc.c:1963
1963 pkey = d2i_PUBKEY_bio(key, NULL);
(gdb) print *msg
$1 = {arc_partial = false, arc_key = 0xb600e4b8 "0\201\237\060\r\006\t*\206H\206\367\r\001\001\001\005", arc_error = 0x0,
arc_hdrlist = 0xb600ce00 "DMARC-Filter", arc_domain = 0xb600a63e "domsch.com", arc_selector = 0xb600a64c "seal-20170618", arc_authservid = 0x0,
arc_b64sig = 0x0,
arc_b64key = 0xb600ec62 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/0rsJcrwka83WFZ9yUUKGI3aZ7lGnTTelnJ3h9PKkwc08vpTDxCz85XkME6XOTU5F8eJ4ORMuHDv72zRwOgbzmLpnR02LPYOCC4/UyBCNFEo2JYRr9t3apIqnSEBoaEBxZ+n5tX1tOK3wmmvRwOmcykWKOQjROFa6"..., arc_signature = 0x0, arc_dnssec_key = -1, arc_signalg = 1, arc_nsets = 1,
arc_margin = 75, arc_state = 3, arc_hdrcnt = 32, arc_timeout = 0, arc_keybits = 0, arc_keytype = 0, arc_hashtype = 0, arc_flags = 0, arc_query = 0,
arc_timestamp = 1497848888, arc_sigttl = 0, arc_siglen = 0, arc_keylen = 162, arc_errorlen = 0, arc_b64keylen = 216, arc_bodylen = 222, arc_canonhdr = 1,
arc_canonbody = 0, arc_cstate = 2, arc_sigerror = 0, arc_querymethods = 0x0, arc_xtags = 0x0, arc_canonbuf = 0xb60074c0, arc_hdrbuf = 0xb60074a8,
arc_sealcanon = 0xb60036a0, arc_sealcanons = 0xb6003640, arc_hdrcanon = 0xb60035a0, arc_bodycanon = 0xb60035f0, arc_canonhead = 0xb60035a0,
arc_canontail = 0xb60036a0, arc_hhead = 0xb6002790, arc_htail = 0xb600a5b8, arc_sealhead = 0x0, arc_sealtail = 0x0, arc_kvsethead = 0xb6001e40,
arc_kvsettail = 0xb600f198, arc_sets = 0xb6003590, arc_library = 0x8069b88, arc_user_context = 0x0}
(gdb) print *key
$3 = {method = 0x379f20, callback = 0, cb_arg = 0x0, init = 1, shutdown = 1, flags = 512, retry_reason = 0, num = 0, ptr = 0xb600ef88, next_bio = 0x0,
prev_bio = 0x0, references = 1, num_read = 162, num_write = 0, ex_data = {sk = 0x0, dummy = 0}}
$ more /etc/openarc.conf
## Basic OpenARC config file for verification only
## See openarc.conf(5) or /usr/share/doc/openarc-0.1.0/openarc.conf.sample for more
PidFile /var/run/openarc/openarc.pid
#Mode v
Syslog yes
#Umask 002
UserID openarc:openarc
#Socket local:/var/run/openarc/openarc.socket
Socket inet:8894@localhost
## After setting Mode to "sv", running
## openarc-genkey -D /etc/openarc -s key -d `hostname --domain`
## and putting /etc/openarc
#Canonicalization relaxed/simple
#Domain example.com # change to domain
#Selector key
#KeyFile /etc/openarc/key.private
Domain domsch.com
KeyFile /etc/openarc/keys/domsch.com/seal-20170618.private
Selector seal-20170618
SignatureAlgorithm rsa-sha256
#PeerList 127.0.0.1
#PeerList ::1
MilterDebug 6
EnableCoredumps yes
Signing overrides for testing
In order to run signing tests, in addition to the standard signing payload, we also need to provide a timestamp and a DNS server to query (or at least a specific public key for example.com validation).
Memory leak in OpenARC-1.0.0.Beta.0
There appears to be a memory leak in OpenARC-0.1.0. It has been consuming an increasing amount of memory on my system, and is disproportionate to the similar OpenDKIM:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
opendkim 9894 0.0 53.6 1570348 1096412 ? Ssl Jan18 7:25 /usr/local/sbin/openarc -c /etc/openarc.conf
opendkim 29899 0.0 0.5 690144 11228 ? Ssl Feb18 1:46 /usr/sbin/opendkim -x /etc/opendkim.conf
Signing mode only, my openarc.conf is below:
AuthservID mailhub.convivian.com
Syslog yes
Mode s
Socket local:/var/spool/postfix/var/run/opendkim/openarc.sock
PidFile /var/spool/postfix/var/run/opendkim/openarc.pid
OversignHeaders From
Domain convivian.com
KeyFile /etc/opendkim/keys/convivian.com
Selector default
UserID opendkim
InternalHosts 0.0.0.0/0
InternalHosts ::/0
Any pointers on how to debug?
Core Dump if cert ownership not same as process user
The config file is read before switching user id and so the private cert needs to be owned by root.
If it is not i get a core dump
xxx.private is not owned by the executing uid (0)
*** Error in `/usr/bin/openarc': free(): invalid pointer: 0x00005558e5c1a01a ***
Aborted (core dumped)
I suspect this is from line 2005 or 2006 in openarc.c (Although I have not debugged ).
Regards
gene
HAVE_OPENSSL_STRDUP broken
OPENSSL_strdup is a macro around CRYPTO_strdup, so AC_SEARCH_LIBS
in configure.ac can't find it. In any case, the code can't simply revert to the
standard library's strdup, as the OpenSSL libraries may/do add debugging
information around memory allocations and deallocations... the fallback code
must use OpenSSL allocation functions instead. I suggest seeing if the version
of OpenSSL that doesn't have OPENSSL_strdup has CRYPTO_strdup and
switch all those OPENARC_malloc, etc. to use CRYPTO_... instead.
ARC-Seal headers with empty b= value
I noticed ARC-Seal headers with empty b= value
on a "validator instance" receiving messages reflected from [email protected]
I played with different values for 'Selector' and 'Domain'.
-
'Selector' 3 char & reserved (?) word arc
ARC-Seal: i=2; a=rsa-sha256; d=mail.somaf.de; s=arc; t=1500192473; cv=pass;
b= -
'Selector' 3 chars not containing 'arc'
ARC-Seal: i=2; a=rsa-sha256; d=mail.somaf.de; s=foo; t=1500192473; cv=pass;
b= -
'Selector' 4 chars
ARC-Seal: i=2; a=rsa-sha256; d=mail.somaf.de; s=1234; t=1500192663; cv=pass;
b= -
'Selector' 5 chars
ARC-Seal: i=2; a=rsa-sha256; d=mail.somaf.de; s=12345; t=1500192757;
cv=pass; b=o7DhG9+5xIfYbgm2FJcW+OYEpuEO7FFl6FmhkLwe0keSDZcpJJw2yDJ+6hOXJ4tSc7JoVRJfeplY8X9BSPzxdgsk61GwdTDMlUWcQkvCmRU08ST35eqqCDbkuskue6Glr9G/WgOhlsWWWNvr/Cqk+CuOfXf70yDrnhNxGm0b2j/7P1ApRRbWXET6SXa+X6sWbG5ZdNlShpuazYfXAzeud/3GoE4L4HapRHFvs3yTWzhe5+1bTa6av6oB9dRpd5zPGtPvsIfYjlJnimciT4XaKxv7IF6W5sJCWktMdlKxu+hJ6704QsZ/QTAjmfWvG4atHZI8DyblmuJWPCf81uKcjA== -
cross-check:
'Selector' still 5 chars but 'Domain' shortend by one
ARC-Seal: i=2; a=rsa-sha256; d=ail.somaf.de; s=12345; t=1500192830; cv=pass;
b=
It looks like the code generating the ARC-Seal header is not perfect.
Side note: In all case an amavis instance processing these messages later insert an alert header:
(case 4)
X-Amavis-Alert: BAD HEADER SECTION, Improper use of control character (char 0D
hex): ARC-Seal: ...e; s=12345; t=1500192757;
cv=pass; b=o7[...]
(case 5)
X-Amavis-Alert: BAD HEADER SECTION, Improper use of control character (char 0D
hex): ARC-Seal: ...somaf.de; s=12345; t=1500192830; cv=pass;
b=
I guess these non conforming ARC-Seal header may a good reason some other software (I hope non running here) may try to repair such defects and thus modify/invalidate ARC informations.
The software running for these tests was a "git clone https://github.com/mskucherawy/OpenARC.git" 20170715
Signing mode can't see verify mode results
The AAR generated in sign mode should include the AR that verify mode generated.
Make AMS h= headers configurable
OpenARC should allow the headers covered by the AMS to be configurable.
Notes:
- Right now, openarc uses the h= tag from the last arc set, or all headers currently in the message, when generating the h= tag for the current AMS.
- The list of headers to sign should be configurable as it is with opendkim
- Per spec, ARC Seal should never be covered by the AMS h= tag
Acceptance Criteria:
- Headers can be specified via config file
OpenARC continues to sign failing chains
The following test of the signing ARC test suite fails:
no_additional_sig
When an intermediary encounters an ARC chain that has been marked as failing by a previous intermediary, it is not supposed to continue adding ARC sets to the chain.
Messages with multiple incoming AR headers generate empty b= values in the AMS
Steps to reproduce:
-
Have 3 milters in sendmail in the following order: opendkim, opendmarc, openarc
-
Send a message from the box
-
You'll receive a message with an AMS that ends with "b="
-
Turn off opendkim and opendmarc
-
Send a message
-
Get an AMS with a b= payload as expected
Please provide correct/detailed pointer to Mailing lists mentioned in README
I tried to locate information about OpenARC as well as the mentioned mailing lists at www.trusteddomain.org, but to no avail.
- http://www.trusteddomain.org/mailman/admin does not mention openarc-xyz
- If you dare to send an e-mail, you get "550 5.1.1 [email protected]... User unknown"
(For the record, https://openarc.org/ contains the details you'd want.)
OpenARC memory leak
Several parties have reported easily noticeable memory leaks from OpenARC.
Juan Pizzorno submitted a PR a while back to help address (that I can't seem to find now), and Jered Floyd posted a message earlier this week to openarc-users with details as well.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.