opendkim-testkey fail on large keys

From: Andreas Schulze <sca_at_andreasschulze.de>
Date: Sun, 5 Jan 2014 11:57:29 +0100

Hi all,

January is a good time for keyrotation. So I played with larger keys and hit a bug in
opendkim-testkeys. When not using -d -s and -k it try to parse the current configuration.
In this mode opendkim-testkey fail for keys > 1024 bit. But the keys are fine and could be testet
one by one via commandline args.

If a key is given by commandline a codepath starting sourcodeline 654 is used.
The path to the keyfile and the buffer used to read the keyfile in are two different things.
the later buffer is created by malloc and fit the keysize.

When parsing the configfile, the code starting in line 460 is used. Here a 2k buffer (BUFRSZ, line 42)
is used to store the path to a keyfile. The same buffer is reused to store the content of that file
(function loadkey, line 141) and that fail if the keyfile is large then 2k.

My simple solution is to enlarge the buffer but I think the codepaths should be merged.
see SF-ticket #187

Andreas
Received on Sun Jan 05 2014 - 10:57:44 PST

This archive was generated by hypermail 2.3.0 : Sun Jan 05 2014 - 11:00:00 PST