compiler quietening

[exim.git] / src / src / pdkim / pdkim.c

diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
index eec1a9c1621268d94fbac86295b9547c3bea99d2..c75b0ae78a96bed3f299f09718a5f620ccc85329 100644 (file)
--- a/src/src/pdkim/pdkim.c
+++ b/src/src/pdkim/pdkim.c
@@ -2,7 +2,7 @@
  *  PDKIM - a RFC4871 (DKIM) implementation
  *
  *  Copyright (C) 2009 - 2016  Tom Kistner <tom@duncanthrax.net>
- *  Copyright (C) 2016 - 2017  Jeremy Harris <jgh@exim.org>
+ *  Copyright (C) 2016 - 2018  Jeremy Harris <jgh@exim.org>
  *
  *  http://duncanthrax.net/pdkim/
  *
@@ -547,7 +547,7 @@ for (p = raw_hdr; ; p++)
            if (sig->hashtype < 0)
              log_write(0, LOG_MAIN,
                "DKIM: ignoring signature due to nonhandled hashtype in a=%s",
-               cur_val);
+               cur_val->s);
            break;
            }
 
@@ -710,7 +710,7 @@ if (b->canon_method == PDKIM_CANON_RELAXED)
   if (!relaxed_data)
     {
     BOOL seen_wsp = FALSE;
-    const uschar * p;
+    const uschar * p, * r;
     int q = 0;
 
     /* We want to be able to free this else we allocate
@@ -721,7 +721,7 @@ if (b->canon_method == PDKIM_CANON_RELAXED)
     relaxed_data = store_malloc(sizeof(blob) + orig_data->len+1);
     relaxed_data->data = US (relaxed_data+1);
 
-    for (p = orig_data->data; *p; p++)
+    for (p = orig_data->data, r = p + orig_data->len; p < r; p++)
       {
       char c = *p;
       if (c == '\r')
@@ -781,10 +781,10 @@ for (sig = ctx->sig; sig; sig = sig->next)
 
   DEBUG(D_acl)
     {
-    debug_printf("PDKIM [%s] Body bytes hashed: %lu\n"
+    debug_printf("PDKIM [%s] Body bytes (%s) hashed: %lu\n"
                 "PDKIM [%s] Body %s computed: ",
-               sig->domain, b->signed_body_bytes,
-               sig->domain, pdkim_hashes[sig->hashtype].dkim_hashname);
+       sig->domain, pdkim_canons[b->canon_method], b->signed_body_bytes,
+       sig->domain, pdkim_hashes[b->hashtype].dkim_hashname);
     pdkim_hexprint(CUS b->bh.data, b->bh.len);
     }
 
@@ -804,7 +804,7 @@ for (sig = ctx->sig; sig; sig = sig->next)
     if (  sig->bodyhash.data
        && memcmp(b->bh.data, sig->bodyhash.data, b->bh.len) == 0)
       {
-      DEBUG(D_acl) debug_printf("PDKIM [%s] Body hash verified OK\n", sig->domain);
+      DEBUG(D_acl) debug_printf("PDKIM [%s] Body hash compared OK\n", sig->domain);
       }
     else
       {
@@ -848,6 +848,7 @@ ctx->linebuf_offset = 0;
 
 /* -------------------------------------------------------------------------- */
 /* Call from pdkim_feed below for processing complete body lines */
+/* NOTE: the line is not NUL-terminated; but we have a count */
 
 static void
 pdkim_bodyline_complete(pdkim_ctx * ctx)
@@ -1385,7 +1386,6 @@ pdkim_feed_finish(pdkim_ctx * ctx, pdkim_signature ** return_signatures,
 pdkim_bodyhash * b;
 pdkim_signature * sig;
 BOOL verify_pass = FALSE;
-es_ctx sctx;
 
 /* Check if we must still flush a (partial) header. If that is the
    case, the message has no body, and we must compute a body hash
@@ -1458,7 +1458,8 @@ for (sig = ctx->sig; sig; sig = sig->next)
        sig->sign_headers);
 
   DEBUG(D_acl) debug_printf(
-      "PDKIM >> Header data for hash, canonicalized, in sequence >>>>>>>>>>>>\n");
+      "PDKIM >> Header data for hash, canonicalized (%-7s), in sequence >>\n",
+       pdkim_canons[sig->canon_headers]);
 
 
   /* SIGNING ---------------------------------------------------------------- */
@@ -1595,8 +1596,8 @@ for (sig = ctx->sig; sig; sig = sig->next)
 
   DEBUG(D_acl)
     {
-    debug_printf(
-           "PDKIM >> Signed DKIM-Signature header, canonicalized >>>>>>>>>>>>>>>>>\n");
+    debug_printf("PDKIM >> Signed DKIM-Signature header, canonicalized (%-7s) >>>>>>>\n",
+           pdkim_canons[sig->canon_headers]);
     pdkim_quoteprint(CUS sig_hdr, Ustrlen(sig_hdr));
     debug_printf(
            "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n");