git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix build on older OpenSSL
[exim.git]
/
src
/
src
/
arc.c
diff --git
a/src/src/arc.c
b/src/src/arc.c
index 773b34c28da25758105d4f861072b98a292ed410..8a94015b320b0172f2214dcbc07796dcd6dadcfa 100644
(file)
--- a/
src/src/arc.c
+++ b/
src/src/arc.c
@@
-7,10
+7,8
@@
*/
#include "exim.h"
*/
#include "exim.h"
-#ifdef EXPERIMENTAL_ARC
-# if !defined SUPPORT_SPF
-# error SPF must also be enabled for ARC
-# elif defined DISABLE_DKIM
+#if defined EXPERIMENTAL_ARC
+# if defined DISABLE_DKIM
# error DKIM must also be enabled for ARC
# else
# error DKIM must also be enabled for ARC
# else
@@
-544,7
+542,8
@@
hctx hhash_ctx;
const uschar * s;
int len;
const uschar * s;
int len;
-if (!exim_sha_init(&hhash_ctx, pdkim_hashes[hashtype].exim_hashmethod))
+if ( hashtype == -1
+ || !exim_sha_init(&hhash_ctx, pdkim_hashes[hashtype].exim_hashmethod))
{
DEBUG(D_acl)
debug_printf("ARC: hash setup error, possibly nonhandled hashtype\n");
{
DEBUG(D_acl)
debug_printf("ARC: hash setup error, possibly nonhandled hashtype\n");
@@
-639,7
+638,7
@@
return p;
static pdkim_bodyhash *
arc_ams_setup_vfy_bodyhash(arc_line * ams)
{
static pdkim_bodyhash *
arc_ams_setup_vfy_bodyhash(arc_line * ams)
{
-int canon_head
, canon_body
;
+int canon_head
= -1, canon_body = -1
;
long bodylen;
if (!ams->c.data) ams->c.data = US"simple"; /* RFC 6376 (DKIM) default */
long bodylen;
if (!ams->c.data) ams->c.data = US"simple"; /* RFC 6376 (DKIM) default */
@@
-745,6
+744,11
@@
if ((errstr = exim_dkim_verify_init(&p->key, KEYFMT_DER, &vctx)))
}
hashtype = pdkim_hashname_to_hashtype(ams->a_hash.data, ams->a_hash.len);
}
hashtype = pdkim_hashname_to_hashtype(ams->a_hash.data, ams->a_hash.len);
+if (hashtype == -1)
+ {
+ DEBUG(D_acl) debug_printf("ARC i=%d AMS verify bad a_hash\n", as->instance);
+ return as->ams_verify_done = arc_state_reason = US"AMS sig nonverify";
+ }
if ((errstr = exim_dkim_verify(&vctx,
pdkim_hashes[hashtype].exim_hashmethod, &hhash, &sighash)))
if ((errstr = exim_dkim_verify(&vctx,
pdkim_hashes[hashtype].exim_hashmethod, &hhash, &sighash)))
@@
-871,7
+875,8
@@
if ( as->instance == 1 && !arc_cv_match(hdr_as, US"none")
hashtype = pdkim_hashname_to_hashtype(hdr_as->a_hash.data, hdr_as->a_hash.len);
hashtype = pdkim_hashname_to_hashtype(hdr_as->a_hash.data, hdr_as->a_hash.len);
-if (!exim_sha_init(&hhash_ctx, pdkim_hashes[hashtype].exim_hashmethod))
+if ( hashtype == -1
+ || !exim_sha_init(&hhash_ctx, pdkim_hashes[hashtype].exim_hashmethod))
{
DEBUG(D_acl)
debug_printf("ARC: hash setup error, possibly nonhandled hashtype\n");
{
DEBUG(D_acl)
debug_printf("ARC: hash setup error, possibly nonhandled hashtype\n");
@@
-966,8
+971,6
@@
if ((errstr = exim_dkim_verify_init(&p->key, KEYFMT_DER, &vctx)))
return US"fail";
}
return US"fail";
}
-hashtype = pdkim_hashname_to_hashtype(hdr_as->a_hash.data, hdr_as->a_hash.len);
-
if ((errstr = exim_dkim_verify(&vctx,
pdkim_hashes[hashtype].exim_hashmethod,
&hhash_computed, &sighash)))
if ((errstr = exim_dkim_verify(&vctx,
pdkim_hashes[hashtype].exim_hashmethod,
&hhash_computed, &sighash)))
@@
-1738,7
+1741,13
@@
memset(&al, 0, sizeof(arc_line));
if ((errstr = arc_parse_line(&al, &h, ARC_HDRLEN_AMS, FALSE)))
{
DEBUG(D_acl) if (errstr) debug_printf("ARC: %s\n", errstr);
if ((errstr = arc_parse_line(&al, &h, ARC_HDRLEN_AMS, FALSE)))
{
DEBUG(D_acl) if (errstr) debug_printf("ARC: %s\n", errstr);
- return US"line parsing error";
+ goto badline;
+ }
+
+if (!al.a_hash.data)
+ {
+ DEBUG(D_acl) debug_printf("ARC: no a_hash from '%.*s'\n", h.slen, h.text);
+ goto badline;
}
/* defaults */
}
/* defaults */
@@
-1757,6
+1766,9
@@
if (!(b = arc_ams_setup_vfy_bodyhash(&al)))
should have been created here. */
return NULL;
should have been created here. */
return NULL;
+
+badline:
+ return US"line parsing error";
}
}
@@
-1848,7
+1860,7
@@
return g;
}
}
-# endif /*
SUPPORT_SPF
*/
+# endif /*
DISABLE_DKIM
*/
#endif /* EXPERIMENTAL_ARC */
/* vi: aw ai sw=2
*/
#endif /* EXPERIMENTAL_ARC */
/* vi: aw ai sw=2
*/