static const uschar *
arc_verify_seals(arc_ctx * ctx)
{
-arc_set * as = ctx->arcset_chain;
+arc_set * as = ctx->arcset_chain_last;
if (!as)
return US"none";
-while (as)
- {
- if (arc_seal_verify(ctx, as)) return US"fail";
- as = as->next;
- }
+for ( ; as; as = as->prev) if (arc_seal_verify(ctx, as)) return US"fail";
+
DEBUG(D_acl) debug_printf("ARC: AS vfy overall pass\n");
return NULL;
}
header_line * h = (header_line *)(al+1);
g = string_catn(g, ARC_HDR_AAR, ARC_HDRLEN_AAR);
-g = string_cat(g, string_sprintf(" i=%d; %s;\r\n\t", instance, identity));
+g = string_fmt_append(g, " i=%d; %s;\r\n\t", instance, identity);
g = string_catn(g, US ar->data, ar->len);
h->slen = g->ptr - aar_off;
|| (errstr = exim_dkim_sign(&sctx, hm, &hhash, sig)))
{
log_write(0, LOG_MAIN, "ARC: %s signing: %s\n", why, errstr);
+ DEBUG(D_transport)
+ debug_printf("private key, or private-key file content, was: '%s'\n",
+ privkey);
return FALSE;
}
return TRUE;
/* Construct the to-be-signed AMS pseudo-header: everything but the sig. */
ams_off = g->ptr;
-g = string_append(g, 7,
- ARC_HDR_AMS,
- US" i=", string_sprintf("%d", instance),
- US"; a=rsa-sha256; c=relaxed; d=", identity, /*XXX hardwired */
- US"; s=", selector);
+g = string_fmt_append(g, "%s i=%d; a=rsa-sha256; c=relaxed; d=%s; s=%s",
+ ARC_HDR_AMS, instance, identity, selector); /*XXX hardwired a= */
if (options & ARC_SIGN_OPT_TSTAMP)
- g = string_append(g, 2,
- US"; t=", string_sprintf("%lu", (u_long)now));
+ g = string_fmt_append(g, "; t=%lu", (u_long)now);
if (options & ARC_SIGN_OPT_EXPIRE)
- g = string_append(g, 2,
- US"; x=", string_sprintf("%lu", (u_long)expire));
-g = string_append(g, 3,
- US";\r\n\tbh=", pdkim_encode_base64(bodyhash),
- US";\r\n\th=");
+ g = string_fmt_append(g, "; x=%lu", (u_long)expire);
+g = string_fmt_append(g, ";\r\n\tbh=%s;\r\n\th=",
+ pdkim_encode_base64(bodyhash));
for(col = 3; rheaders; rheaders = rheaders->prev)
{
if (*(s += 6) == '=')
if (*++s == '+')
{
- if (!(expire = (time_t)atoi(++s)))
+ if (!(expire = (time_t)atoi(CS ++s)))
expire = ARC_SIGN_DEFAULT_EXPIRE_DELTA;
if (!now) now = time(NULL);
expire += now;
}
else
- expire = (time_t)atol(s);
+ expire = (time_t)atol(CS s);
else
{
if (!now) now = time(NULL);
including self (but with an empty b= in self)
*/
-g = arc_sign_prepend_as(g, &arc_sign_ctx, instance, identity, selector, &ar,
+if (g)
+ g = arc_sign_prepend_as(g, &arc_sign_ctx, instance, identity, selector, &ar,
privkey, options);
/* Finally, append the dkim headers and return the lot. */
-g = string_catn(g, sigheaders->s, sigheaders->ptr);
+if (sigheaders) g = string_catn(g, sigheaders->s, sigheaders->ptr);
(void) string_from_gstring(g);
gstring_reset_unused(g);
return g;
blob * d = &hdr_as->d;
for (; inst < as->instance; inst++)
- g = string_catn(g, ":", 1);
+ g = string_catn(g, US":", 1);
g = d->data && d->len
? string_append_listele_n(g, ':', d->data, d->len)
- : string_catn(g, ":", 1);
+ : string_catn(g, US":", 1);
}
else
- g = string_catn(g, ":", 1);
+ g = string_catn(g, US":", 1);
}
return g ? g->s : US"";
}
-/* Construct an Authenticate-Results header portion, for the ARC module */
+/* Construct an Authentication-Results header portion, for the ARC module */
gstring *
authres_arc(gstring * g)
g = string_append(g, 2, US";\n\tarc=", arc_state);
if (arc_received_instance > 0)
{
- g = string_append(g, 3, US" (i=",
- string_sprintf("%d", arc_received_instance), US")");
+ g = string_fmt_append(g, " (i=%d)", arc_received_instance);
if (arc_state_reason)
g = string_append(g, 3, US"(", arc_state_reason, US")");
g = string_catn(g, US" header.s=", 10);
highest_ams = arc_received->hdr_ams;
g = string_catn(g, highest_ams->s.data, highest_ams->s.len);
- g = string_append(g, 2,
- US" arc.oldest-pass=", string_sprintf("%d", arc_oldest_pass));
+ g = string_fmt_append(g, " arc.oldest-pass=%d", arc_oldest_pass);
if (sender_host_address)
- g = string_append(g, 2, US" smtp.client-ip=", sender_host_address);
+ g = string_append(g, 2, US" smtp.remote-ip=", sender_host_address);
}
else if (arc_state_reason)
g = string_append(g, 3, US" (", arc_state_reason, US")");