git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
DKIM: use string-allocate facilities for DNS lookup
[exim.git]
/
src
/
src
/
pdkim
/
pdkim.c
diff --git
a/src/src/pdkim/pdkim.c
b/src/src/pdkim/pdkim.c
index 53b304d0d6d900af180acd93fac017d13f7ed46f..679607dbd46d4abcf174023227ff8153bd4dd3a7 100644
(file)
--- a/
src/src/pdkim/pdkim.c
+++ b/
src/src/pdkim/pdkim.c
@@
-230,7
+230,7
@@
while (*p == '\t' || *p == ' ') /* dump the leading whitespace */
{ str->size--; str->ptr--; str->s++; }
while ( str->ptr > 0
{ str->size--; str->ptr--; str->s++; }
while ( str->ptr > 0
- && (
q = str->s + str->ptr - 1), *q == '\t' || *q == ' '
+ && (
(q = str->s + str->ptr - 1), (*q == '\t' || *q == ' '))
)
str->ptr--; /* dump trailing whitespace */
)
str->ptr--; /* dump trailing whitespace */
@@
-490,7
+490,12
@@
for (p = raw_hdr; ; p++)
if (c == ';' || c == '\0')
{
if (c == ';' || c == '\0')
{
- if (cur_tag && cur_val)
+ /* We must have both tag and value, and tags must be one char except
+ for the possibility of "bh". */
+
+ if ( cur_tag && cur_val
+ && (cur_tag->ptr == 1 || *cur_tag->s == 'b')
+ )
{
(void) string_from_gstring(cur_val);
pdkim_strtrim(cur_val);
{
(void) string_from_gstring(cur_val);
pdkim_strtrim(cur_val);
@@
-500,8
+505,14
@@
for (p = raw_hdr; ; p++)
switch (*cur_tag->s)
{
case 'b':
switch (*cur_tag->s)
{
case 'b':
- pdkim_decode_base64(cur_val->s,
- cur_tag->s[1] == 'h' ? &sig->bodyhash : &sig->sighash);
+ switch (cur_tag->s[1])
+ {
+ case '\0': pdkim_decode_base64(cur_val->s, &sig->sighash); break;
+ case 'h': if (cur_tag->ptr == 2)
+ pdkim_decode_base64(cur_val->s, &sig->bodyhash);
+ break;
+ default: break;
+ }
break;
case 'v':
/* We only support version 1, and that is currently the
break;
case 'v':
/* We only support version 1, and that is currently the
@@
-643,7
+654,8
@@
while ((ele = string_nextinlist(&raw_record, &sep, NULL, 0)))
}
/* Set fallback defaults */
}
/* Set fallback defaults */
-if (!pub->version ) pub->version = string_copy(PDKIM_PUB_RECORD_VERSION);
+if (!pub->version)
+ pub->version = string_copy(PDKIM_PUB_RECORD_VERSION);
else if (Ustrcmp(pub->version, PDKIM_PUB_RECORD_VERSION) != 0)
{
DEBUG(D_acl) debug_printf(" Bad v= field\n");
else if (Ustrcmp(pub->version, PDKIM_PUB_RECORD_VERSION) != 0)
{
DEBUG(D_acl) debug_printf(" Bad v= field\n");
@@
-1294,10
+1306,7
@@
pdkim_pubkey * p;
dns_txt_name = string_sprintf("%s._domainkey.%s.", sig->selector, sig->domain);
dns_txt_name = string_sprintf("%s._domainkey.%s.", sig->selector, sig->domain);
-dns_txt_reply = store_get(PDKIM_DNS_TXT_MAX_RECLEN);
-memset(dns_txt_reply, 0, PDKIM_DNS_TXT_MAX_RECLEN);
-
-if ( ctx->dns_txt_callback(CS dns_txt_name, CS dns_txt_reply) != PDKIM_OK
+if ( !(dns_txt_reply = ctx->dns_txt_callback(CS dns_txt_name))
|| dns_txt_reply[0] == '\0'
)
{
|| dns_txt_reply[0] == '\0'
)
{
@@
-1701,7
+1710,7
@@
return PDKIM_OK;
/* -------------------------------------------------------------------------- */
DLLEXPORT pdkim_ctx *
/* -------------------------------------------------------------------------- */
DLLEXPORT pdkim_ctx *
-pdkim_init_verify(
int(*dns_txt_callback)(char *,
char *), BOOL dot_stuffing)
+pdkim_init_verify(
uschar * (*dns_txt_callback)(
char *), BOOL dot_stuffing)
{
pdkim_ctx * ctx;
{
pdkim_ctx * ctx;
@@
-1805,7
+1814,7
@@
return;
void
pdkim_init_context(pdkim_ctx * ctx, BOOL dot_stuffed,
void
pdkim_init_context(pdkim_ctx * ctx, BOOL dot_stuffed,
-
int(*dns_txt_callback)(char *,
char *))
+
uschar * (*dns_txt_callback)(
char *))
{
memset(ctx, 0, sizeof(pdkim_ctx));
ctx->flags = dot_stuffed ? PDKIM_MODE_SIGN | PDKIM_DOT_TERM : PDKIM_MODE_SIGN;
{
memset(ctx, 0, sizeof(pdkim_ctx));
ctx->flags = dot_stuffed ? PDKIM_MODE_SIGN | PDKIM_DOT_TERM : PDKIM_MODE_SIGN;