X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/cf7453055ad53ee3d2ee7b790ee83168ce58412d..dcdf4e3e2e614d612f7d4d884c856c7b67caf5e3:/src/src/dkim.c diff --git a/src/src/dkim.c b/src/src/dkim.c index 3109168a3..e303776c2 100644 --- a/src/src/dkim.c +++ b/src/src/dkim.c @@ -1,10 +1,10 @@ -/* $Cambridge: exim/src/src/dkim.c,v 1.4 2009/10/13 18:32:05 tom Exp $ */ +/* $Cambridge: exim/src/src/dkim.c,v 1.11 2009/12/15 08:23:15 tom Exp $ */ /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 2009 */ +/* Copyright (c) University of Cambridge, 1995 - 2007 */ /* See the file NOTICE for conditions of use and distribution. */ /* Code for DKIM support. Other DKIM relevant code is in @@ -81,9 +81,9 @@ void dkim_exim_verify_feed(uschar *data, int len) { void dkim_exim_verify_finish(void) { pdkim_signature *sig = NULL; - int dkim_signing_domains_size = 0; - int dkim_signing_domains_ptr = 0; - dkim_signing_domains = NULL; + int dkim_signers_size = 0; + int dkim_signers_ptr = 0; + dkim_signers = NULL; /* Delete eventual previous signature chain */ dkim_signatures = NULL; @@ -178,32 +178,44 @@ void dkim_exim_verify_finish(void) { logmsg[ptr] = '\0'; log_write(0, LOG_MAIN, (char *)logmsg); - /* Build a colon-separated list of signing domains in dkim_signing_domains */ - dkim_signing_domains = string_append(dkim_signing_domains, - &dkim_signing_domains_size, - &dkim_signing_domains_ptr, - 2, - sig->domain, - ":" - ); + /* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */ + dkim_signers = string_append(dkim_signers, + &dkim_signers_size, + &dkim_signers_ptr, + 2, + sig->domain, + ":" + ); + + if (sig->identity != NULL) { + dkim_signers = string_append(dkim_signers, + &dkim_signers_size, + &dkim_signers_ptr, + 2, + sig->identity, + ":" + ); + } /* Process next signature */ sig = sig->next; } - /* Chop the last colon from the domain list */ - if ((dkim_signing_domains != NULL) && - (Ustrlen(dkim_signing_domains) > 0)) - dkim_signing_domains[Ustrlen(dkim_signing_domains)-1] = '\0'; + /* NULL-terminate and chop the last colon from the domain list */ + if (dkim_signers != NULL) { + dkim_signers[dkim_signers_ptr] = '\0'; + if (Ustrlen(dkim_signers) > 0) + dkim_signers[Ustrlen(dkim_signers)-1] = '\0'; + } } void dkim_exim_acl_setup(uschar *id) { pdkim_signature *sig = dkim_signatures; dkim_cur_sig = NULL; + dkim_cur_signer = id; if (dkim_disable_verify || - !id || !sig || - !dkim_verify_ctx) return; + !id || !dkim_verify_ctx) return; /* Find signature to run ACL on */ while (sig != NULL) { uschar *cmp_val = NULL; @@ -379,6 +391,7 @@ uschar *dkim_exim_sign(int dkim_fd, uschar *rc = NULL; pdkim_signature *signature; int pdkim_canon; + int pdkim_rc; int sread; char buf[4096]; int save_errno = 0; @@ -418,7 +431,7 @@ uschar *dkim_exim_sign(int dkim_fd, if (Ustrcmp(dkim_canon, "relaxed") == 0) pdkim_canon = PDKIM_CANON_RELAXED; else if (Ustrcmp(dkim_canon, "simple") == 0) - pdkim_canon = PDKIM_CANON_RELAXED; + pdkim_canon = PDKIM_CANON_SIMPLE; else { log_write(0, LOG_MAIN, "DKIM: unknown canonicalization method '%s', defaulting to 'relaxed'.\n",dkim_canon); pdkim_canon = PDKIM_CANON_RELAXED; @@ -499,8 +512,11 @@ uschar *dkim_exim_sign(int dkim_fd, goto CLEANUP; } - if (pdkim_feed_finish(ctx,&signature) != PDKIM_OK) + pdkim_rc = pdkim_feed_finish(ctx,&signature); + if (pdkim_rc != PDKIM_OK) { + log_write(0, LOG_MAIN|LOG_PANIC, "DKIM: signing failed (RC %d)", pdkim_rc); goto CLEANUP; + } rc = store_get(strlen(signature->signature_header)+3); Ustrcpy(rc,US signature->signature_header); @@ -513,6 +529,6 @@ uschar *dkim_exim_sign(int dkim_fd, store_pool = old_pool; errno = save_errno; return rc; -}; +} #endif