-# DKIM signing, with CHUNKING
+# DKIM signing
#
-exim -bd -DSERVER=server -oX PORT_S
+exim -bd -DSERVER=server -oX PORT_D
****
#
-# This should pass.
-### sha256, 1024b + message in 1 chunk
-# Mail original in aux-fixed/4500.msg2.txt
-# Sig generated by: perl aux-fixed/dkim/sign.pl --algorithm=rsa-sha256 \
-# --method=simple/simple < aux-fixed/4500.msg2.txt
-client 127.0.0.1 PORT_S
-??? 220
-EHLO xxx
-??? 250-
-??? 250-
-??? 250-
-??? 250-
-??? 250-
-??? 250
-MAIL FROM:<CALLER@bloggs.com>
-??? 250
-RCPT TO:<a@test.ex>
-??? 250
-BDAT 557 LAST
-DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=test.ex; h=from:to
- :date:message-id:subject; s=sel; bh=ZS4D3qDAC7osugrdWUTQc9HUuaSC
- +ScH3/NkwGGOlT0=; b=ncPDYKtCsFuFA7wXHxagsZUh3Rpu0dK6Dl7FbkGykEwU
- L/MoAe0D+Aynz+yO0k3d4vGZ6Q2sEJ4MaOZI27ezOSBsBnEhw+0uOaxE6HZew5VD
- owfSxfXTkyfJd0CHdtYoXT0OqngTBOtAv87u1T4aLRDY1yAqasVuvLV7V80d4tQ=
-From: mrgus@text.ex
-To: bakawolf@yahoo.com
-Date: Thu, 19 Nov 2015 17:00:07 -0700
-Message-ID: <qwerty1234@disco-zombie.net>
-Subject: simple test
+# single header signed
+exim -DOPT=From -odf a@test.ex
+From: nobody@example.com
+From: second@example.com
-Line 1: This is a simple test.
-Line 2: This is a simple test.
-??? 250- 557
-??? 250
-QUIT
-??? 221
+content
****
#
-# This should pass.
-### sha256, 1024b + message in 2 chunks
-# Mail original in aux-fixed/4500.msg2.txt
-# Sig generated by: perl aux-fixed/dkim/sign.pl --algorithm=rsa-sha256 \
-# --method=simple/simple < aux-fixed/4500.msg2.txt
-client 127.0.0.1 PORT_S
-??? 220
-EHLO xxx
-??? 250-
-??? 250-
-??? 250-
-??? 250-
-??? 250-
-??? 250
-MAIL FROM:<CALLER@bloggs.com>
-??? 250
-RCPT TO:<a@test.ex>
-??? 250
-BDAT 525
-DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=test.ex; h=from:to
- :date:message-id:subject; s=sel; bh=ZS4D3qDAC7osugrdWUTQc9HUuaSC
- +ScH3/NkwGGOlT0=; b=ncPDYKtCsFuFA7wXHxagsZUh3Rpu0dK6Dl7FbkGykEwU
- L/MoAe0D+Aynz+yO0k3d4vGZ6Q2sEJ4MaOZI27ezOSBsBnEhw+0uOaxE6HZew5VD
- owfSxfXTkyfJd0CHdtYoXT0OqngTBOtAv87u1T4aLRDY1yAqasVuvLV7V80d4tQ=
-From: mrgus@text.ex
-To: bakawolf@yahoo.com
-Date: Thu, 19 Nov 2015 17:00:07 -0700
-Message-ID: <qwerty1234@disco-zombie.net>
-Subject: simple test
+# single header, oversigned, with timestamps
+exim -DOPT=From:From -DTIMES=10 -odf b@test.ex
+From: nobody@example.com
-Line 1: This is a simple test.
-??? 250 525
-BDAT 32 LAST
-Line 2: This is a simple test.
-??? 250- 32
-??? 250
-QUIT
-??? 221
+content
****
+# single header, oversigned, with only t= timestamp; no expiry x=
+exim -DOPT=From:From -DTIMES=0 -odf b02@test.ex
+From: nobody@example.com
+
+content
+****
+#
+# no header, multi-sign
+exim -DOPT=From:=X-Mine -odf b10@test.ex
+From: nobody@example.com
+
+content
+****
+#
+# double header, multi-sign
+exim -DOPT=From:=X-Mine -odf b12@test.ex
+From: nobody@example.com
+X-mine: one
+X-mine: two
+
+content
+****
+#
+#
+# no header, always-oversign
+exim -DOPT=+X-Mine -odf b20@test.ex
+From: nobody@example.com
+
+content
+****
+#
+# double header, always-oversign
+exim -DOPT=+X-Mine -odf b22@test.ex
+From: nobody@example.com
+X-mine: one
+X-mine: two
+
+content
+****
+#
+## default header set
+# cannot test that as it includes Date: so results in a varying signature
+#exim -DHEADERS_MAXSIZE=y -odf c@test.ex
+#From: nobody@example.com
+#
+#content
+#****
+##
+# check that on signing we warn in debug mode about verify problems
+exim -d-all+acl -DOPT=From -DSELECTOR=sel_bad -odf d@test.ex
+From: nobody@example.com
+
+content
+****
+#
+# check dkim_strict results in a defer (even with an expansion)
+exim -DOPT=From '-DSTRICT=${if ={1}{1}{true}}' '-DTIMES=${bogus}' -odf '-f<>' e0@test.ex
+From: nobody@example.com
+
+content
+****
+#
+# check that an empty dkim_privatekey overrides dkim_strict
+exim -DOPT=From -DSTRICT=true -DSELECTOR=none -odf e@test.ex
+From: nobody@example.com
+
+content
+****
+#
+# single header signed, body line starting with dot
+exim -DOPT=From -odf f@test.ex
+From: nobody@example.com
+
+..content
+****
+#
millisleep 500
killdaemon
no_msglog_check