git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch '4.next'
[exim.git]
/
src
/
src
/
dkim.c
diff --git
a/src/src/dkim.c
b/src/src/dkim.c
index a48f1a17af47e42b309e38118484ccee53f2f247..5b7f17b2da9b3bed79410fe31fd96250a9d34a44 100644
(file)
--- a/
src/src/dkim.c
+++ b/
src/src/dkim.c
@@
-50,11
+50,11
@@
dkim_exim_query_dns_txt(const uschar * name)
dns_answer * dnsa = store_get_dns_answer();
dns_scan dnss;
rmark reset_point = store_mark();
dns_answer * dnsa = store_get_dns_answer();
dns_scan dnss;
rmark reset_point = store_mark();
-gstring * g =
NULL
;
+gstring * g =
string_get_tainted(256, TRUE)
;
lookup_dnssec_authenticated = NULL;
if (dns_lookup(dnsa, name, T_TXT, NULL) != DNS_SUCCEED)
lookup_dnssec_authenticated = NULL;
if (dns_lookup(dnsa, name, T_TXT, NULL) != DNS_SUCCEED)
- return NULL; /*XXX better error detail? logging? */
+ goto bad;
/* Search for TXT record */
/* Search for TXT record */
@@
-62,12
+62,8
@@
for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == T_TXT)
rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == T_TXT)
- {
- int rr_offset = 0;
-
- /* Copy record content to the answer buffer */
-
- while (rr_offset < rr->size)
+ { /* Copy record content to the answer buffer */
+ for (int rr_offset = 0; rr_offset < rr->size; )
{
uschar len = rr->data[rr_offset++];
{
uschar len = rr->data[rr_offset++];
@@
-78,18
+74,20
@@
for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
rr_offset += len;
}
rr_offset += len;
}
- /*
c
heck if this looks like a DKIM record */
+ /*
C
heck if this looks like a DKIM record */
if (Ustrncmp(g->s, "v=", 2) != 0 || strncasecmp(CS g->s, "v=dkim", 6) == 0)
{
if (Ustrncmp(g->s, "v=", 2) != 0 || strncasecmp(CS g->s, "v=dkim", 6) == 0)
{
+ store_free_dns_answer(dnsa);
gstring_release_unused(g);
return string_from_gstring(g);
}
gstring_release_unused(g);
return string_from_gstring(g);
}
-
if (g) g->ptr = 0;
/* overwrite previous record */
+
g->ptr = 0;
/* overwrite previous record */
}
bad:
store_reset(reset_point);
}
bad:
store_reset(reset_point);
+store_free_dns_answer(dnsa);
return NULL; /*XXX better error detail? logging? */
}
return NULL; /*XXX better error detail? logging? */
}
@@
-130,13
+128,16
@@
dkim_verify_ctx = pdkim_init_verify(&dkim_exim_query_dns_txt, dot_stuffing);
dkim_collect_input = dkim_verify_ctx ? DKIM_MAX_SIGNATURES : 0;
dkim_collect_error = NULL;
dkim_collect_input = dkim_verify_ctx ? DKIM_MAX_SIGNATURES : 0;
dkim_collect_error = NULL;
-/* Start feed up with any cached data */
-receive_get_cache();
+/* Start feed up with any cached data, but limited to message data */
+receive_get_cache(chunking_state == CHUNKING_LAST
+ ? chunking_data_left : GETC_BUFFER_UNLIMITED);
store_pool = dkim_verify_oldpool;
}
store_pool = dkim_verify_oldpool;
}
+/* Submit a chunk of data for verification input.
+Only use the data when the feed is activated. */
void
dkim_exim_verify_feed(uschar * data, int len)
{
void
dkim_exim_verify_feed(uschar * data, int len)
{