X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/da5dfc3ab22a3189116ea5c78927e9884529c0c0..0eb8eedd73556dbf5bb59ee7ebaed5fee282afc1:/src/src/dkim.c diff --git a/src/src/dkim.c b/src/src/dkim.c index 63140e854..15e2b2ce2 100644 --- a/src/src/dkim.c +++ b/src/src/dkim.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/dkim.c,v 1.3 2009/08/31 21:14:50 tom Exp $ */ +/* $Cambridge: exim/src/src/dkim.c,v 1.9 2009/11/12 13:02:17 nm4 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -81,9 +81,9 @@ void dkim_exim_verify_feed(uschar *data, int len) { void dkim_exim_verify_finish(void) { pdkim_signature *sig = NULL; - int dkim_signing_domains_size = 0; - int dkim_signing_domains_ptr = 0; - dkim_signing_domains = NULL; + int dkim_signers_size = 0; + int dkim_signers_ptr = 0; + dkim_signers = NULL; /* Delete eventual previous signature chain */ dkim_signatures = NULL; @@ -178,32 +178,44 @@ void dkim_exim_verify_finish(void) { logmsg[ptr] = '\0'; log_write(0, LOG_MAIN, (char *)logmsg); - /* Build a colon-separated list of signing domains in dkim_signing_domains */ - dkim_signing_domains = string_append(dkim_signing_domains, - &dkim_signing_domains_size, - &dkim_signing_domains_ptr, - 2, - sig->domain, - ":" - ); + /* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */ + dkim_signers = string_append(dkim_signers, + &dkim_signers_size, + &dkim_signers_ptr, + 2, + sig->domain, + ":" + ); + + if (sig->identity != NULL) { + dkim_signers = string_append(dkim_signers, + &dkim_signers_size, + &dkim_signers_ptr, + 2, + sig->identity, + ":" + ); + } /* Process next signature */ sig = sig->next; } - /* Chop the last colon from the domain list */ - if ((dkim_signing_domains != NULL) && - (Ustrlen(dkim_signing_domains) > 0)) - dkim_signing_domains[Ustrlen(dkim_signing_domains)-1] = '\0'; + /* NULL-terminate and chop the last colon from the domain list */ + if (dkim_signers != NULL) { + dkim_signers[dkim_signers_ptr] = '\0'; + if (Ustrlen(dkim_signers) > 0) + dkim_signers[Ustrlen(dkim_signers)-1] = '\0'; + } } void dkim_exim_acl_setup(uschar *id) { pdkim_signature *sig = dkim_signatures; dkim_cur_sig = NULL; + dkim_cur_signer = id; if (dkim_disable_verify || - !id || !sig || - !dkim_verify_ctx) return; + !id || !dkim_verify_ctx) return; /* Find signature to run ACL on */ while (sig != NULL) { uschar *cmp_val = NULL; @@ -418,7 +430,7 @@ uschar *dkim_exim_sign(int dkim_fd, if (Ustrcmp(dkim_canon, "relaxed") == 0) pdkim_canon = PDKIM_CANON_RELAXED; else if (Ustrcmp(dkim_canon, "simple") == 0) - pdkim_canon = PDKIM_CANON_RELAXED; + pdkim_canon = PDKIM_CANON_SIMPLE; else { log_write(0, LOG_MAIN, "DKIM: unknown canonicalization method '%s', defaulting to 'relaxed'.\n",dkim_canon); pdkim_canon = PDKIM_CANON_RELAXED; @@ -456,7 +468,13 @@ uschar *dkim_exim_sign(int dkim_fd, /* Looks like a filename, load the private key. */ memset(big_buffer,0,big_buffer_size); privkey_fd = open(CS dkim_private_key,O_RDONLY); - (void)read(privkey_fd,big_buffer,16383); + if (privkey_fd < 0) { + log_write(0, LOG_MAIN|LOG_PANIC, "unable to open " + "private key file for reading: %s", dkim_private_key); + rc = NULL; + goto CLEANUP; + } + (void)read(privkey_fd,big_buffer,(big_buffer_size-2)); (void)close(privkey_fd); dkim_private_key = big_buffer; } @@ -507,6 +525,6 @@ uschar *dkim_exim_sign(int dkim_fd, store_pool = old_pool; errno = save_errno; return rc; -}; +} #endif