* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge, 1995 - 2015 */
+/* Copyright (c) University of Cambridge, 1995 - 2016 */
/* See the file NOTICE for conditions of use and distribution. */
/* Code for DKIM support. Other DKIM relevant code is in
#include "pdkim/pdkim.h"
+int dkim_verify_oldpool;
pdkim_ctx *dkim_verify_ctx = NULL;
pdkim_signature *dkim_signatures = NULL;
pdkim_signature *dkim_cur_sig = NULL;
}
+
void
dkim_exim_verify_init(void)
{
+/* There is a store-reset between header & body reception
+so cannot use the main pool. Any allocs done by Exim
+memory-handling must use the perm pool. */
+
+dkim_verify_oldpool = store_pool;
+store_pool = POOL_PERM;
+
/* Free previous context if there is one */
if (dkim_verify_ctx)
dkim_verify_ctx = pdkim_init_verify(&dkim_exim_query_dns_txt);
dkim_collect_input = !!dkim_verify_ctx;
+
+store_pool = dkim_verify_oldpool;
}
void
dkim_exim_verify_feed(uschar * data, int len)
{
+store_pool = POOL_PERM;
if ( dkim_collect_input
&& pdkim_feed(dkim_verify_ctx, (char *)data, len) != PDKIM_OK)
dkim_collect_input = FALSE;
+store_pool = dkim_verify_oldpool;
}
int dkim_signers_ptr = 0;
dkim_signers = NULL;
+store_pool = POOL_PERM;
+
/* Delete eventual previous signature chain */
dkim_signatures = NULL;
"DKIM: Error while running this message through validation,"
" disabling signature verification.");
dkim_disable_verify = TRUE;
- return;
+ goto out;
}
dkim_collect_input = FALSE;
/* Finish DKIM operation and fetch link to signatures chain */
if (pdkim_feed_finish(dkim_verify_ctx, &dkim_signatures) != PDKIM_OK)
- return;
+ goto out;
for (sig = dkim_signatures; sig; sig = sig->next)
{
if (Ustrlen(dkim_signers) > 0)
dkim_signers[Ustrlen(dkim_signers) - 1] = '\0';
}
+
+out:
+store_pool = dkim_verify_oldpool;
}