DKIM: permit verify of sig blocks that sign other sig blocks. Bug 2014

[exim.git] / src / src / pdkim / pdkim.c

diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
index 1953c4bd68f4437511e1d3393d0cccb22486409d..a77dd5792322a96ccece9b5c326dd6d1c8c64e4e 100644 (file)
--- a/src/src/pdkim/pdkim.c
+++ b/src/src/pdkim/pdkim.c
@@ -959,6 +959,11 @@ if (ctx->flags & PDKIM_MODE_SIGN)
 /* DKIM-Signature: headers are added to the verification list */
 else
   {
+  DEBUG(D_acl)
+    {
+    debug_printf("PDKIM >> raw hdr: ");
+    pdkim_quoteprint(CUS ctx->cur_header, Ustrlen(ctx->cur_header));
+    }
   if (strncasecmp(CCS ctx->cur_header,
                  DKIM_SIGNATURE_HEADERNAME,
                  Ustrlen(DKIM_SIGNATURE_HEADERNAME)) == 0)
@@ -986,9 +991,8 @@ else
          "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n");
     }
 
-  /* every other header is stored for signature verification */
-  else
-    ctx->headers = pdkim_prepend_stringlist(ctx->headers, ctx->cur_header);
+  /* all headers are stored for signature verification */
+  ctx->headers = pdkim_prepend_stringlist(ctx->headers, ctx->cur_header);
   }
 
 BAIL: