git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Copyright updates:
[exim.git]
/
src
/
src
/
dkim.c
diff --git
a/src/src/dkim.c
b/src/src/dkim.c
index a48f1a17af47e42b309e38118484ccee53f2f247..ea82f34eab673d3be03407449656426aed568d1f 100644
(file)
--- a/
src/src/dkim.c
+++ b/
src/src/dkim.c
@@
-2,9
+2,10
@@
* Exim - an Internet mail transport agent *
*************************************************/
* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2023 */
/* Copyright (c) University of Cambridge, 1995 - 2018 */
/* Copyright (c) University of Cambridge, 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/* Code for DKIM support. Other DKIM relevant code is in
receive.c, transport.c and transports/smtp.c */
/* Code for DKIM support. Other DKIM relevant code is in
receive.c, transport.c and transports/smtp.c */
@@
-50,11
+51,11
@@
dkim_exim_query_dns_txt(const uschar * name)
dns_answer * dnsa = store_get_dns_answer();
dns_scan dnss;
rmark reset_point = store_mark();
dns_answer * dnsa = store_get_dns_answer();
dns_scan dnss;
rmark reset_point = store_mark();
-gstring * g =
NULL
;
+gstring * g =
string_get_tainted(256, GET_TAINTED)
;
lookup_dnssec_authenticated = NULL;
if (dns_lookup(dnsa, name, T_TXT, NULL) != DNS_SUCCEED)
lookup_dnssec_authenticated = NULL;
if (dns_lookup(dnsa, name, T_TXT, NULL) != DNS_SUCCEED)
- return NULL; /*XXX better error detail? logging? */
+ goto bad;
/* Search for TXT record */
/* Search for TXT record */
@@
-62,12
+63,8
@@
for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == T_TXT)
rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == T_TXT)
- {
- int rr_offset = 0;
-
- /* Copy record content to the answer buffer */
-
- while (rr_offset < rr->size)
+ { /* Copy record content to the answer buffer */
+ for (int rr_offset = 0; rr_offset < rr->size; )
{
uschar len = rr->data[rr_offset++];
{
uschar len = rr->data[rr_offset++];
@@
-78,18
+75,20
@@
for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
rr_offset += len;
}
rr_offset += len;
}
- /*
c
heck if this looks like a DKIM record */
+ /*
C
heck if this looks like a DKIM record */
if (Ustrncmp(g->s, "v=", 2) != 0 || strncasecmp(CS g->s, "v=dkim", 6) == 0)
{
if (Ustrncmp(g->s, "v=", 2) != 0 || strncasecmp(CS g->s, "v=dkim", 6) == 0)
{
+ store_free_dns_answer(dnsa);
gstring_release_unused(g);
return string_from_gstring(g);
}
gstring_release_unused(g);
return string_from_gstring(g);
}
-
if (g) g->ptr = 0;
/* overwrite previous record */
+
gstring_reset(g);
/* overwrite previous record */
}
bad:
store_reset(reset_point);
}
bad:
store_reset(reset_point);
+store_free_dns_answer(dnsa);
return NULL; /*XXX better error detail? logging? */
}
return NULL; /*XXX better error detail? logging? */
}
@@
-130,13
+129,16
@@
dkim_verify_ctx = pdkim_init_verify(&dkim_exim_query_dns_txt, dot_stuffing);
dkim_collect_input = dkim_verify_ctx ? DKIM_MAX_SIGNATURES : 0;
dkim_collect_error = NULL;
dkim_collect_input = dkim_verify_ctx ? DKIM_MAX_SIGNATURES : 0;
dkim_collect_error = NULL;
-/* Start feed up with any cached data */
-receive_get_cache();
+/* Start feed up with any cached data, but limited to message data */
+receive_get_cache(chunking_state == CHUNKING_LAST
+ ? chunking_data_left : GETC_BUFFER_UNLIMITED);
store_pool = dkim_verify_oldpool;
}
store_pool = dkim_verify_oldpool;
}
+/* Submit a chunk of data for verification input.
+Only use the data when the feed is activated. */
void
dkim_exim_verify_feed(uschar * data, int len)
{
void
dkim_exim_verify_feed(uschar * data, int len)
{
@@
-287,7
+289,7
@@
else
break;
}
break;
}
-log_write(0, LOG_MAIN, "%
s", string_from_gstring(logmsg)
);
+log_write(0, LOG_MAIN, "%
Y", logmsg
);
return;
}
return;
}
@@
-820,7
+822,7
@@
authres_dkim(gstring * g)
{
int start = 0; /* compiler quietening */
{
int start = 0; /* compiler quietening */
-DEBUG(D_acl) start = g
->ptr
;
+DEBUG(D_acl) start = g
string_length(g)
;
for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
{
for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
{
@@
-882,10
+884,10
@@
for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
}
DEBUG(D_acl)
}
DEBUG(D_acl)
- if (g
->ptr
== start)
- debug_printf("DKIM:
no authres\n");
+ if (g
string_length(g)
== start)
+ debug_printf("DKIM:
\t
no authres\n");
else
else
- debug_printf("DKIM:
authres '%.*s'\n", g->ptr - start - 3, g->s + start + 3);
+ debug_printf("DKIM:
\t
authres '%.*s'\n", g->ptr - start - 3, g->s + start + 3);
return g;
}
return g;
}