-/* $Cambridge: exim/src/src/dkim.c,v 1.3 2009/08/31 21:14:50 tom Exp $ */
+/* $Cambridge: exim/src/src/dkim.c,v 1.10 2009/11/16 19:50:36 nm4 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 2009 */
+/* Copyright (c) University of Cambridge, 1995 - 2007 */
/* See the file NOTICE for conditions of use and distribution. */
/* Code for DKIM support. Other DKIM relevant code is in
void dkim_exim_verify_finish(void) {
pdkim_signature *sig = NULL;
- int dkim_signing_domains_size = 0;
- int dkim_signing_domains_ptr = 0;
- dkim_signing_domains = NULL;
+ int dkim_signers_size = 0;
+ int dkim_signers_ptr = 0;
+ dkim_signers = NULL;
/* Delete eventual previous signature chain */
dkim_signatures = NULL;
logmsg[ptr] = '\0';
log_write(0, LOG_MAIN, (char *)logmsg);
- /* Build a colon-separated list of signing domains in dkim_signing_domains */
- dkim_signing_domains = string_append(dkim_signing_domains,
- &dkim_signing_domains_size,
- &dkim_signing_domains_ptr,
- 2,
- sig->domain,
- ":"
- );
+ /* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */
+ dkim_signers = string_append(dkim_signers,
+ &dkim_signers_size,
+ &dkim_signers_ptr,
+ 2,
+ sig->domain,
+ ":"
+ );
+
+ if (sig->identity != NULL) {
+ dkim_signers = string_append(dkim_signers,
+ &dkim_signers_size,
+ &dkim_signers_ptr,
+ 2,
+ sig->identity,
+ ":"
+ );
+ }
/* Process next signature */
sig = sig->next;
}
- /* Chop the last colon from the domain list */
- if ((dkim_signing_domains != NULL) &&
- (Ustrlen(dkim_signing_domains) > 0))
- dkim_signing_domains[Ustrlen(dkim_signing_domains)-1] = '\0';
+ /* NULL-terminate and chop the last colon from the domain list */
+ if (dkim_signers != NULL) {
+ dkim_signers[dkim_signers_ptr] = '\0';
+ if (Ustrlen(dkim_signers) > 0)
+ dkim_signers[Ustrlen(dkim_signers)-1] = '\0';
+ }
}
void dkim_exim_acl_setup(uschar *id) {
pdkim_signature *sig = dkim_signatures;
dkim_cur_sig = NULL;
+ dkim_cur_signer = id;
if (dkim_disable_verify ||
- !id || !sig ||
- !dkim_verify_ctx) return;
+ !id || !dkim_verify_ctx) return;
/* Find signature to run ACL on */
while (sig != NULL) {
uschar *cmp_val = NULL;
if (Ustrcmp(dkim_canon, "relaxed") == 0)
pdkim_canon = PDKIM_CANON_RELAXED;
else if (Ustrcmp(dkim_canon, "simple") == 0)
- pdkim_canon = PDKIM_CANON_RELAXED;
+ pdkim_canon = PDKIM_CANON_SIMPLE;
else {
log_write(0, LOG_MAIN, "DKIM: unknown canonicalization method '%s', defaulting to 'relaxed'.\n",dkim_canon);
pdkim_canon = PDKIM_CANON_RELAXED;
/* Looks like a filename, load the private key. */
memset(big_buffer,0,big_buffer_size);
privkey_fd = open(CS dkim_private_key,O_RDONLY);
- (void)read(privkey_fd,big_buffer,16383);
+ if (privkey_fd < 0) {
+ log_write(0, LOG_MAIN|LOG_PANIC, "unable to open "
+ "private key file for reading: %s", dkim_private_key);
+ rc = NULL;
+ goto CLEANUP;
+ }
+ (void)read(privkey_fd,big_buffer,(big_buffer_size-2));
(void)close(privkey_fd);
dkim_private_key = big_buffer;
}
store_pool = old_pool;
errno = save_errno;
return rc;
-};
+}
#endif