-/* $Cambridge: exim/src/src/dkim.c,v 1.4 2009/10/13 18:32:05 tom Exp $ */
+/* $Cambridge: exim/src/src/dkim.c,v 1.11 2009/12/15 08:23:15 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 2009 */
+/* Copyright (c) University of Cambridge, 1995 - 2007 */
/* See the file NOTICE for conditions of use and distribution. */
/* Code for DKIM support. Other DKIM relevant code is in
void dkim_exim_verify_finish(void) {
pdkim_signature *sig = NULL;
- int dkim_signing_domains_size = 0;
- int dkim_signing_domains_ptr = 0;
- dkim_signing_domains = NULL;
+ int dkim_signers_size = 0;
+ int dkim_signers_ptr = 0;
+ dkim_signers = NULL;
/* Delete eventual previous signature chain */
dkim_signatures = NULL;
logmsg[ptr] = '\0';
log_write(0, LOG_MAIN, (char *)logmsg);
- /* Build a colon-separated list of signing domains in dkim_signing_domains */
- dkim_signing_domains = string_append(dkim_signing_domains,
- &dkim_signing_domains_size,
- &dkim_signing_domains_ptr,
- 2,
- sig->domain,
- ":"
- );
+ /* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */
+ dkim_signers = string_append(dkim_signers,
+ &dkim_signers_size,
+ &dkim_signers_ptr,
+ 2,
+ sig->domain,
+ ":"
+ );
+
+ if (sig->identity != NULL) {
+ dkim_signers = string_append(dkim_signers,
+ &dkim_signers_size,
+ &dkim_signers_ptr,
+ 2,
+ sig->identity,
+ ":"
+ );
+ }
/* Process next signature */
sig = sig->next;
}
- /* Chop the last colon from the domain list */
- if ((dkim_signing_domains != NULL) &&
- (Ustrlen(dkim_signing_domains) > 0))
- dkim_signing_domains[Ustrlen(dkim_signing_domains)-1] = '\0';
+ /* NULL-terminate and chop the last colon from the domain list */
+ if (dkim_signers != NULL) {
+ dkim_signers[dkim_signers_ptr] = '\0';
+ if (Ustrlen(dkim_signers) > 0)
+ dkim_signers[Ustrlen(dkim_signers)-1] = '\0';
+ }
}
void dkim_exim_acl_setup(uschar *id) {
pdkim_signature *sig = dkim_signatures;
dkim_cur_sig = NULL;
+ dkim_cur_signer = id;
if (dkim_disable_verify ||
- !id || !sig ||
- !dkim_verify_ctx) return;
+ !id || !dkim_verify_ctx) return;
/* Find signature to run ACL on */
while (sig != NULL) {
uschar *cmp_val = NULL;
uschar *rc = NULL;
pdkim_signature *signature;
int pdkim_canon;
+ int pdkim_rc;
int sread;
char buf[4096];
int save_errno = 0;
if (Ustrcmp(dkim_canon, "relaxed") == 0)
pdkim_canon = PDKIM_CANON_RELAXED;
else if (Ustrcmp(dkim_canon, "simple") == 0)
- pdkim_canon = PDKIM_CANON_RELAXED;
+ pdkim_canon = PDKIM_CANON_SIMPLE;
else {
log_write(0, LOG_MAIN, "DKIM: unknown canonicalization method '%s', defaulting to 'relaxed'.\n",dkim_canon);
pdkim_canon = PDKIM_CANON_RELAXED;
goto CLEANUP;
}
- if (pdkim_feed_finish(ctx,&signature) != PDKIM_OK)
+ pdkim_rc = pdkim_feed_finish(ctx,&signature);
+ if (pdkim_rc != PDKIM_OK) {
+ log_write(0, LOG_MAIN|LOG_PANIC, "DKIM: signing failed (RC %d)", pdkim_rc);
goto CLEANUP;
+ }
rc = store_get(strlen(signature->signature_header)+3);
Ustrcpy(rc,US signature->signature_header);
store_pool = old_pool;
errno = save_errno;
return rc;
-};
+}
#endif
git://git.exim.org / exim.git / blobdiff