static pdkim_signature *
pdkim_parse_sig_header(pdkim_ctx *ctx, uschar * raw_hdr)
{
-pdkim_signature *sig ;
+pdkim_signature * sig;
uschar *p, *q;
uschar * cur_tag = NULL; int ts = 0, tl = 0;
uschar * cur_val = NULL; int vs = 0, vl = 0;
"PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n");
}
-exim_sha_init(&sig->body_hash_ctx,
- sig->algo == PDKIM_ALGO_RSA_SHA1 ? HASH_SHA1 : HASH_SHA256);
+if (!exim_sha_init(&sig->body_hash_ctx,
+ sig->algo == PDKIM_ALGO_RSA_SHA1 ? HASH_SHA1 : HASH_SHA256))
+ {
+ DEBUG(D_acl) debug_printf("PDKIM: hash init internal error\n");
+ return NULL;
+ }
return sig;
}
#define DKIM_SIGNATURE_HEADERNAME "DKIM-Signature:"
static int
-pdkim_header_complete(pdkim_ctx *ctx)
+pdkim_header_complete(pdkim_ctx * ctx)
{
+pdkim_signature * sig, * last_sig;
+
/* Special case: The last header can have an extra \r appended */
if ( (ctx->cur_header_len > 1) &&
(ctx->cur_header[(ctx->cur_header_len)-1] == '\r') )
--ctx->cur_header_len;
ctx->cur_header[ctx->cur_header_len] = '\0';
-ctx->num_headers++;
-if (ctx->num_headers > PDKIM_MAX_HEADERS) goto BAIL;
+if (++ctx->num_headers > PDKIM_MAX_HEADERS) goto BAIL;
/* SIGNING -------------------------------------------------------------- */
if (ctx->flags & PDKIM_MODE_SIGN)
- {
- pdkim_signature *sig;
-
for (sig = ctx->sig; sig; sig = sig->next) /* Traverse all signatures */
/* Add header to the signed headers list (in reverse order) */
sig->headers = pdkim_prepend_stringlist(sig->headers,
ctx->cur_header);
- }
/* VERIFICATION ----------------------------------------------------------- */
/* DKIM-Signature: headers are added to the verification list */
else
{
+#ifdef notdef
DEBUG(D_acl)
{
debug_printf("PDKIM >> raw hdr: ");
- pdkim_quoteprint(CUS ctx->cur_header, Ustrlen(ctx->cur_header));
+ pdkim_quoteprint(CUS ctx->cur_header, ctx->cur_header_len);
}
+#endif
if (strncasecmp(CCS ctx->cur_header,
DKIM_SIGNATURE_HEADERNAME,
Ustrlen(DKIM_SIGNATURE_HEADERNAME)) == 0)
{
- pdkim_signature * new_sig, * last_sig;
-
/* Create and chain new signature block. We could error-check for all
required tags here, but prefer to create the internal sig and expicitly
fail verification of it later. */
DEBUG(D_acl) debug_printf(
"PDKIM >> Found sig, trying to parse >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n");
- new_sig = pdkim_parse_sig_header(ctx, ctx->cur_header);
+ sig = pdkim_parse_sig_header(ctx, ctx->cur_header);
if (!(last_sig = ctx->sig))
- ctx->sig = new_sig;
+ ctx->sig = sig;
else
{
while (last_sig->next) last_sig = last_sig->next;
- last_sig->next = new_sig;
+ last_sig->next = sig;
}
}
}
BAIL:
-*ctx->cur_header = '\0';
-ctx->cur_header_len = 0; /* leave buffer for reuse */
+ctx->cur_header[ctx->cur_header_len = 0] = '\0'; /* leave buffer for reuse */
return PDKIM_OK;
}
if ((rc = pdkim_header_complete(ctx)) != PDKIM_OK)
return rc;
- ctx->flags = ctx->flags & ~(PDKIM_SEEN_LF|PDKIM_SEEN_CR) | PDKIM_PAST_HDRS;
+ ctx->flags = (ctx->flags & ~(PDKIM_SEEN_LF|PDKIM_SEEN_CR)) | PDKIM_PAST_HDRS;
DEBUG(D_acl) debug_printf(
"PDKIM >> Body data for hash, canonicalized >>>>>>>>>>>>>>>>>>>>>>>>>>>>\n");
continue;
}
else
- ctx->flags = ctx->flags & ~PDKIM_SEEN_CR | PDKIM_SEEN_LF;
+ ctx->flags = (ctx->flags & ~PDKIM_SEEN_CR) | PDKIM_SEEN_LF;
}
else if (ctx->flags & PDKIM_SEEN_LF)
{
hdata.data = NULL;
hdata.len = 0;
- exim_sha_init(&hhash_ctx, is_sha1 ? HASH_SHA1 : HASH_SHA256);
+ if (!exim_sha_init(&hhash_ctx, is_sha1 ? HASH_SHA1 : HASH_SHA256))
+ {
+ DEBUG(D_acl) debug_printf("PDKIM: hask setup internal error\n");
+ break;
+ }
DEBUG(D_acl) debug_printf(
"PDKIM >> Header data for hash, canonicalized, in sequence >>>>>>>>>>>>>>\n");
sig->rsa_privkey = string_copy(US rsa_privkey);
sig->algo = algo;
-exim_sha_init(&sig->body_hash_ctx,
- algo == PDKIM_ALGO_RSA_SHA1 ? HASH_SHA1 : HASH_SHA256);
+if (!exim_sha_init(&sig->body_hash_ctx,
+ algo == PDKIM_ALGO_RSA_SHA1 ? HASH_SHA1 : HASH_SHA256))
+ {
+ DEBUG(D_acl) debug_printf("PDKIM: hash setup internal error\n");
+ return NULL;
+ }
+
DEBUG(D_acl)
{
pdkim_signature s = *sig;