From patchwork Mon Jul 8 21:08:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?0JjQu9GM0Y8g0KjQuNC/0LjRhtC40L0=?= X-Patchwork-Id: 3755 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:298e:b0:59e:d24b:d55c with SMTP id f14csp2081831max; Mon, 8 Jul 2024 14:10:06 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXdGpNOG0uwZIuA7Jm+iAo8IVz6Jyo7CZP9K3LP8pnAr3GAGWPJkvfl3eyzrwtlBRYniZcTTdLbv7xRViDjD1p2r4DoTF0= X-Google-Smtp-Source: AGHT+IF90sxmV3tfWEYa29O5dFBgZpiWSD6yF2SymCCuiub2DHL0tDuxsWrSB2BMPFZMBZZtIf0w X-Received: by 2002:a05:6a00:4589:b0:706:a85d:bd60 with SMTP id d2e1a72fcca58-70b4368a78fmr874524b3a.3.1720473006416; Mon, 08 Jul 2024 14:10:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720473006; cv=none; d=google.com; s=arc-20160816; b=eWSQxNwfG2Lu/oa7MnVYUJn5wt5RF1xMu4/xE0Fc2W0kkOifP0xPvuC/vmG50Ud6lG oLVqdmRcPY9I9y9GeMGF0q8orxDA3f3FAdKKSFEXyBb+MftfUV5GB+Ax+B0AuFJT6+JO USUyYiy/nR3Zk+l92vIAbXakocnTbtJe0nLPVj6/ZOLT32AL4JKyMg1a1/sSMygmGtH/ pHqXQP+tcbZ5Api/b1XF/IiComlGj7fLrWT5sg8xNPeCy1T8Nm61L1sudxRdI7dIRV0H zJgY1rqPXtx7GYwRpLXuSLlPbr2sC+Dd2o+4w0u/q/MLCI2T0deuHQ4+JfTytWLx4e02 rT7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=JAHTa/J6YmCFu66vDA4wMeUKf4jrpPDIps3udKKsD2s=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=RiQt+cPGNVyscuQWZqVZXBCrar48u0mW9+j56Sz10T3kvgsCzJc2q+JRw8+gpv+q8l 9J1uJKLGCzscdhgwR194av+H9D5XsrUE2YDCkhb8lZs8JiYjvwdQNsMuWwaBjDhybsrK /dTgjQmkS9+VoMlzbjelrBnfLztxO9LlLfnS4gEMm+VQhIWKUMuxqOzxtfJRvgGVv3VE /Q1YeZG1L8ZT9rWHIXPdwKkKghHU9uG6JbqWVkHRrtxMbEcr85q2gUp4YIopOl43sjUl 3DQMMzx5PMTnQBOjQ6jVMIDWC2vN/+W5Spy/hBo26G0v6Zo5pcjpmKlMB8Gno4kzaoPw M1Sg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=havh1+rw; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Ue1vProH; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=e723PWBz; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=fail header.i=@openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 41be03b00d2f7-77d565b405asi565596a12.60.2024.07.08.14.10.06 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 08 Jul 2024 14:10:06 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=havh1+rw; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Ue1vProH; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=e723PWBz; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=fail header.i=@openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1sQvcH-0005pV-3O; Mon, 08 Jul 2024 21:09:44 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1sQvcE-0005pM-P6 for openvpn-devel@lists.sourceforge.net; Mon, 08 Jul 2024 21:09:42 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=jsCnMl4D6DnhA/6RKu5uYDr0SZhan8sZ4RwLhoXMn5g=; b=havh1+rw2OQE9+7j38s1KPjfkG 5Aii85PjjSNOiMq1WEn6GhLwxpa1tyf5Cr5dccUorGUq7OxSr7D4z1goWI74t7FhZJ6aQoqyraP1G eY4qRImsZHt3zWaHvYV/OVS6riTdHZYWD0ZVvg2HISGQF+b2t2M0MOexmx3rJbj5K6/U=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=jsCnMl4D6DnhA/6RKu5uYDr0SZhan8sZ4RwLhoXMn5g=; b=Ue1vProHh337REV4O6BGCB4Rzz iMuVyl34wnBY/43e6p1TQpVnNXwqQbOuwlPLieLlt0Cgk0eYVZPqiNMEdSFKWRcjUanXcUHs/W41T sHa+hgA2Sr7H/IIDrc/ehAJnXiCF2hE5aiMkUNoEpNuyPcr2OiSDTXLvJ+DfEWpTyt0k=; Received: from mail-wm1-f49.google.com ([209.85.128.49]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1sQvcE-0000Rl-8G for openvpn-devel@lists.sourceforge.net; Mon, 08 Jul 2024 21:09:42 +0000 Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-4266ea6a412so5527885e9.1 for ; Mon, 08 Jul 2024 14:09:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1720472974; x=1721077774; darn=lists.sourceforge.net; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jsCnMl4D6DnhA/6RKu5uYDr0SZhan8sZ4RwLhoXMn5g=; b=e723PWBzXvNXYPsfAFgZ6ivebo4jZWHPOpc21F0zP8wjXhXwVy9SFiUHBvSyuP61wS E6fGydbuJXqcfJJAhfefnfOWsYxu/sZ1zgmW6xOQyNAxS6kZD+BMe+Sb6QqfR1YzGV55 Oc744dXzktuieEQ0AW4nEkDGTm43vjSV8hchjURS0cDAI6SM9xsNTefcINb36nkeuc/5 TZHvXK7Wka2rE59ZV2rFMx7oCQZaPo9R0lFnwaS1tIwn2N8iatcVPLGLCX76en+AuGNm zHLd2vj6OcdQdXEq0ztShySTUrkglSh5/Pxxdtt/qBcTWlCYNNXhWvQZOiZz63aQdubk jgeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720472974; x=1721077774; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jsCnMl4D6DnhA/6RKu5uYDr0SZhan8sZ4RwLhoXMn5g=; b=AotTCgzN6q4tJ5l9UUef8eNee2fu+VtJSbmSutokwagj2pAxl81rmtJbXlcf1r8Bo3 4UjyDXpvlgYMVZbQlx4I5XCmKs5BBdCpo9i1602vjxcUyfNudraC46A8cqZP1OG9NPpk 1/JAH1WAAed1yG1MJcZ0Mp4QVCysbUoKGXxSV77WUnLS1z//zTUm834Sv/oDwjjYkodR z7xtJLcJVjEMcq4VRv0XS9SP8DZNEd/HpyfQnL1xtwyJWF4Ikdnk8Z1+mrWp2tZJOWuO 2hvwQPhTuRrwxOMUe5sCBPCsnJTFJUmM0ILXuCLMJcPOiSMfGZglvJR0a37tZ2hyVcco dmKw== X-Gm-Message-State: AOJu0YxAHO8dbVfGg2FHKMLoY49wd36mDqCAc9P/mt7cyunSK9lukIae OnyhsO4DS0eSsI079RxHUJsg6oe5aWU4VruxJbO36mkfSd+E954WukNGMw== X-Received: by 2002:a5d:6da9:0:b0:367:95e8:3af0 with SMTP id ffacd0b85a97d-367cea46c41mr641911f8f.9.1720472974502; Mon, 08 Jul 2024 14:09:34 -0700 (PDT) Received: from localhost.localdomain (109-93-166-140.dynamic.isp.telekom.rs. [109.93.166.140]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-367cdfa079asm684977f8f.68.2024.07.08.14.09.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Jul 2024 14:09:33 -0700 (PDT) From: Ilia Shipitsin To: openvpn-devel@lists.sourceforge.net Date: Mon, 8 Jul 2024 23:08:21 +0200 Message-ID: <20240708210912.566-5-chipitsine@gmail.com> X-Mailer: git-send-email 2.43.0.windows.1 In-Reply-To: <20240708210912.566-1-chipitsine@gmail.com> References: <20240708210912.566-1-chipitsine@gmail.com> MIME-Version: 1.0 X-Spam-Score: -5.2 (-----) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Ilia Shipitsin --- src/openvpn/ssl_verify.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index 934ff8d8..c4b95553 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -1629,6 +1629,10 @@ verify_user_pass(s [...] Content analysis details: (-5.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [chipitsine[at]gmail.com] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [209.85.128.49 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [209.85.128.49 listed in bl.score.senderscore.com] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.49 listed in wl.mailspike.net] -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at https://www.dnswl.org/, high trust [209.85.128.49 listed in list.dnswl.org] X-Headers-End: 1sQvcE-0000Rl-8G Subject: [Openvpn-devel] [PATCH 4/5] src/openvpn/ssl_verify.c: handle strdup errors X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1804046703110882668?= X-GMAIL-MSGID: =?utf-8?q?1804046703110882668?= Signed-off-by: Ilia Shipitsin --- src/openvpn/ssl_verify.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index 934ff8d8..c4b95553 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -1629,6 +1629,10 @@ verify_user_pass(struct user_pass *up, struct tls_multi *multi, if (!multi->auth_token_initial) { multi->auth_token_initial = strdup(up->password); + if (!multi->auth_token_initial) + { + msg( M_FATAL, "Failed allocate memory for multi->auth_token_initial"); + } } if (session->opt->auth_token_call_auth) @@ -1749,6 +1753,10 @@ verify_user_pass(struct user_pass *up, struct tls_multi *multi, && !(ks->auth_token_state_flags & AUTH_TOKEN_EXPIRED)) { multi->auth_token = strdup(up->password); + if (!multi->auth_token) + { + msg( M_FATAL, "Failed allocate memory for multi->auth_token"); + } } /*