Correct issue with relaxed/simple handling. Fixes: #910

[exim.git] / src / src / dkim.c

diff --git a/src/src/dkim.c b/src/src/dkim.c
index 3109168a33c44005ae6d44e940ef4aacf4007314..15e2b2ce20864e842fd0fd50262c7564351003e8 100644 (file)
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/dkim.c,v 1.4 2009/10/13 18:32:05 tom Exp $ */
+/* $Cambridge: exim/src/src/dkim.c,v 1.9 2009/11/12 13:02:17 nm4 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -81,9 +81,9 @@ void dkim_exim_verify_feed(uschar *data, int len) {
 
 void dkim_exim_verify_finish(void) {
   pdkim_signature *sig = NULL;
-  int dkim_signing_domains_size = 0;
-  int dkim_signing_domains_ptr = 0;
-  dkim_signing_domains = NULL;
+  int dkim_signers_size = 0;
+  int dkim_signers_ptr = 0;
+  dkim_signers = NULL;
 
   /* Delete eventual previous signature chain */
   dkim_signatures = NULL;
@@ -178,32 +178,44 @@ void dkim_exim_verify_finish(void) {
     logmsg[ptr] = '\0';
     log_write(0, LOG_MAIN, (char *)logmsg);
 
-    /* Build a colon-separated list of signing domains in dkim_signing_domains */
-    dkim_signing_domains = string_append(dkim_signing_domains,
-                                         &dkim_signing_domains_size,
-                                         &dkim_signing_domains_ptr,
-                                         2,
-                                         sig->domain,
-                                         ":"
-                                        );
+    /* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */
+    dkim_signers = string_append(dkim_signers,
+                                 &dkim_signers_size,
+                                 &dkim_signers_ptr,
+                                 2,
+                                 sig->domain,
+                                 ":"
+                                );
+
+    if (sig->identity != NULL) {
+      dkim_signers = string_append(dkim_signers,
+                                   &dkim_signers_size,
+                                   &dkim_signers_ptr,
+                                   2,
+                                   sig->identity,
+                                   ":"
+                                  );
+    }
 
     /* Process next signature */
     sig = sig->next;
   }
 
-  /* Chop the last colon from the domain list */
-  if ((dkim_signing_domains != NULL) &&
-      (Ustrlen(dkim_signing_domains) > 0))
-    dkim_signing_domains[Ustrlen(dkim_signing_domains)-1] = '\0';
+  /* NULL-terminate and chop the last colon from the domain list */
+  if (dkim_signers != NULL) {
+    dkim_signers[dkim_signers_ptr] = '\0';
+    if (Ustrlen(dkim_signers) > 0)
+      dkim_signers[Ustrlen(dkim_signers)-1] = '\0';
+  }
 }
 
 
 void dkim_exim_acl_setup(uschar *id) {
   pdkim_signature *sig = dkim_signatures;
   dkim_cur_sig = NULL;
+  dkim_cur_signer = id;
   if (dkim_disable_verify ||
-      !id || !sig ||
-      !dkim_verify_ctx) return;
+      !id || !dkim_verify_ctx) return;
   /* Find signature to run ACL on */
   while (sig != NULL) {
     uschar *cmp_val = NULL;
@@ -418,7 +430,7 @@ uschar *dkim_exim_sign(int dkim_fd,
   if (Ustrcmp(dkim_canon, "relaxed") == 0)
     pdkim_canon = PDKIM_CANON_RELAXED;
   else if (Ustrcmp(dkim_canon, "simple") == 0)
-    pdkim_canon = PDKIM_CANON_RELAXED;
+    pdkim_canon = PDKIM_CANON_SIMPLE;
   else {
     log_write(0, LOG_MAIN, "DKIM: unknown canonicalization method '%s', defaulting to 'relaxed'.\n",dkim_canon);
     pdkim_canon = PDKIM_CANON_RELAXED;
@@ -513,6 +525,6 @@ uschar *dkim_exim_sign(int dkim_fd,
   store_pool = old_pool;
   errno = save_errno;
   return rc;
-};
+}
 
 #endif