git://git.exim.org / exim.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9db451e)
DKIM: add builtin macro with default list of headers for signing
authorJeremy Harris <jgh146exb@wizmail.org>
Wed, 25 Oct 2017 09:58:18 +0000 (10:58 +0100)
committerJeremy Harris <jgh146exb@wizmail.org>
Wed, 25 Oct 2017 10:11:16 +0000 (11:11 +0100)
12 files changed:
doc/doc-docbook/spec.xfpt patch | blob | history
doc/doc-txt/NewStuff patch | blob | history
src/OS/Makefile-Base patch | blob | history
src/src/dkim.c patch | blob | history
src/src/macro_predef.c patch | blob | history
src/src/macro_predef.h patch | blob | history
src/src/pdkim/pdkim.c patch | blob | history
src/src/pdkim/pdkim.h patch | blob | history
test/confs/4520 patch | blob | history
test/log/4520 patch | blob | history
test/log/4523 patch | blob | history
test/log/4524 patch | blob | history

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index f91a4af964f43aeb4c16b44acd425ab5b95ef6b6..d030ee238ee8c49c5943429c76bd415ba488c398 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -23806,7 +23806,7 @@ of the message. Its value must not be zero. See also &%final_timeout%&.
 .option dkim_private_key smtp string&!! unset
 .option dkim_canon smtp string&!! unset
 .option dkim_strict smtp string&!! unset
-.option dkim_sign_headers smtp string&!! unset
+.option dkim_sign_headers smtp string&!! per RFC
 .option dkim_hash smtp string&!! sha256
 .option dkim_identity smtp string&!! unset
 DKIM signing options.  For details see section &<<SECDKIMSIGN>>&.
@@ -38591,11 +38591,13 @@ either "1" or "true", Exim will defer. Otherwise Exim will send the message
 unsigned. You can use the &%$dkim_domain%& and &%$dkim_selector%& expansion
 variables here.
 
-.option dkim_sign_headers smtp string&!! unset
-If set, this option must expand to (or be specified as) a colon-separated
+.option dkim_sign_headers smtp string&!! see below
+If set, this option must expand to a colon-separated
 list of header names. Headers with these names will be included in the message
 signature.
 When unspecified, the header names recommended in RFC4871 will be used.
+The default list is available for the expansion in the macro
+"_DKIM_SIGN_HEADERS".
 
 
 .section "Verifying DKIM signatures in incoming mail" "SECID514"
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 39fce1eab71e533a9592a8225ac984b7a4a0a34d..6d875d5f42ba6e0020b0ed9d07fd4b864fd815af 100644 (file)
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -53,6 +53,7 @@ Version 4.90
 
 13. DKIM support for multiple signing, by domain and/or key-selector.
     DKIM support for multiple hashes, and for alternate-identity tags.
+    Builtin macro with default list of signed headers.
 
 14. Exipick understands -C|--config for an alternative Exim
     configuration file.
diff --git a/src/OS/Makefile-Base b/src/OS/Makefile-Base
index 67ac082bac8a9a0bc76a27aa24824da4acc667d2..60c97c210bc02995cea8ec9d166932c9c0a1dd27 100644 (file)
--- a/src/OS/Makefile-Base
+++ b/src/OS/Makefile-Base
@@ -135,6 +135,7 @@ OBJ_MACRO = macro_predef.o \
        macro-manualroute.o macro-queryprogram.o macro-redirect.o \
        macro-auth-spa.o macro-cram_md5.o macro-cyrus_sasl.o macro-dovecot.o macro-gsasl_exim.o \
        macro-heimdal_gssapi.o macro-plaintext.o macro-spa.o macro-tls.o\
+       macro-dkim.o
 
 $(OBJ_MACRO):  $(MACRO_HSRC)
 
@@ -222,6 +223,9 @@ macro-spa.o :               auths/spa.c
 macro-tls.o:           auths/tls.c
        @echo "$(CC) -DMACRO_PREDEF auths/tls.c"
        $(FE)$(CC) -c $(CFLAGS) -DMACRO_PREDEF $(INCLUDE) -o $@ auths/tls.c
+macro-dkim.o:          dkim.c
+       @echo "$(CC) -DMACRO_PREDEF dkim.c"
+       $(FE)$(CC) -c $(CFLAGS) -DMACRO_PREDEF $(INCLUDE) -o $@ dkim.c
 
 macro_predef: $(OBJ_MACRO)
        @echo "$(LNCC) -o $@"
diff --git a/src/src/dkim.c b/src/src/dkim.c
index 038adb8b9b3c885529f14c4c70346d2778d39677..41540b39d396d71a300394c27baa764ff33d491a 100644 (file)
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -12,7 +12,20 @@
 
 #ifndef DISABLE_DKIM
 
-#include "pdkim/pdkim.h"
+# include "pdkim/pdkim.h"
+
+# ifdef MACRO_PREDEF
+#  include "macro_predef.h"
+
+void
+dkim_params(void)
+{
+builtin_macro_create_var(US"_DKIM_SIGN_HEADERS", US PDKIM_DEFAULT_SIGN_HEADERS);
+}
+# else /*!MACRO_PREDEF*/
+
+
+
 
 int dkim_verify_oldpool;
 pdkim_ctx *dkim_verify_ctx = NULL;
@@ -661,4 +674,5 @@ expand_bad:
   goto bad;
 }
 
-#endif
+# endif        /*!MACRO_PREDEF*/
+#endif /*!DISABLE_DKIM*/
diff --git a/src/src/macro_predef.c b/src/src/macro_predef.c
index 6b3157fbef7223fc9857787c6027b34bd7b1e34c..1b5cf479553b02bd8fdba55e4fad2f63a819702f 100644 (file)
--- a/src/src/macro_predef.c
+++ b/src/src/macro_predef.c
@@ -21,7 +21,7 @@ uschar * syslog_facility_str;
 /******************************************************************************/
 
 void
-builtin_macro_create(const uschar * name)
+builtin_macro_create_var(const uschar * name, const uschar * val)
 {
 printf ("static macro_item p%d = { ", mp_index);
 if (mp_index == 0)
@@ -29,12 +29,20 @@ if (mp_index == 0)
 else
   printf(".next=&p%d,", mp_index-1);
 
-printf(" .command_line=FALSE, .namelen=%d, .replen=1,"
-       " .name=US\"%s\", .replacement=US\"y\" };\n",
-       Ustrlen(name), CS name);
+printf(" .command_line=FALSE, .namelen=%d, .replen=%d,"
+       " .name=US\"%s\", .replacement=US\"%s\" };\n",
+       Ustrlen(name), Ustrlen(val), CS name, CS val);
 mp_index++;
 }
 
+
+void
+builtin_macro_create(const uschar * name)
+{
+builtin_macro_create_var(name, US"y");
+}
+
+
 void
 spf(uschar * buf, int len, const uschar * fmt, ...)
 {
@@ -265,6 +273,12 @@ options_transports();
 options_auths();
 }
 
+static void
+params(void)
+{
+dkim_params();
+}
+
 
 int
 main(void)
@@ -272,6 +286,7 @@ main(void)
 printf("#include \"exim.h\"\n");
 features();
 options();
+params();
 
 printf("macro_item * macros = &p%d;\n", mp_index-1);
 printf("macro_item * mlast = &p0;\n");
diff --git a/src/src/macro_predef.h b/src/src/macro_predef.h
index 1d3ba7f74844c307e08bd70b309282bd209c77b4..aece28cc75a0d2f73e0a0c94ff0d83d8d6f7c492 100644 (file)
--- a/src/src/macro_predef.h
+++ b/src/src/macro_predef.h
@@ -9,6 +9,7 @@
 
 extern void spf(uschar *, int, const uschar *, ...);
 extern void builtin_macro_create(const uschar *);
+extern void builtin_macro_create_var(const uschar *, const uschar *);
 extern void options_from_list(optionlist *, unsigned, const uschar *, uschar *);
 
 extern void options_main(void);
diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
index 06d455d7dbeaeb116ac7905ac1735651e979c754..1420b1a795d32944f624bfecd2277f0a24033bc1 100644 (file)
--- a/src/src/pdkim/pdkim.c
+++ b/src/src/pdkim/pdkim.c
@@ -51,14 +51,6 @@
 #define PDKIM_MAX_HEADERS           512
 #define PDKIM_MAX_BODY_LINE_LEN     16384
 #define PDKIM_DNS_TXT_MAX_NAMELEN   1024
-#define PDKIM_DEFAULT_SIGN_HEADERS "From:Sender:Reply-To:Subject:Date:"\
-                             "Message-ID:To:Cc:MIME-Version:Content-Type:"\
-                             "Content-Transfer-Encoding:Content-ID:"\
-                             "Content-Description:Resent-Date:Resent-From:"\
-                             "Resent-Sender:Resent-To:Resent-Cc:"\
-                             "Resent-Message-ID:In-Reply-To:References:"\
-                             "List-Id:List-Help:List-Unsubscribe:"\
-                             "List-Subscribe:List-Post:List-Owner:List-Archive"
 
 /* -------------------------------------------------------------------------- */
 struct pdkim_stringlist {
diff --git a/src/src/pdkim/pdkim.h b/src/src/pdkim/pdkim.h
index a34999ad83d42afbfebcf51b7a4d2bb75ee1dccd..067c574f2b0d67be307934400c970bb1210ffbd0 100644 (file)
--- a/src/src/pdkim/pdkim.h
+++ b/src/src/pdkim/pdkim.h
@@ -26,6 +26,15 @@
 #include "../blob.h"
 #include "../hash.h"
 
+#define PDKIM_DEFAULT_SIGN_HEADERS "From:Sender:Reply-To:Subject:Date:"\
+                             "Message-ID:To:Cc:MIME-Version:Content-Type:"\
+                             "Content-Transfer-Encoding:Content-ID:"\
+                             "Content-Description:Resent-Date:Resent-From:"\
+                             "Resent-Sender:Resent-To:Resent-Cc:"\
+                             "Resent-Message-ID:In-Reply-To:References:"\
+                             "List-Id:List-Help:List-Unsubscribe:"\
+                             "List-Subscribe:List-Post:List-Owner:List-Archive"
+
 /* -------------------------------------------------------------------------- */
 /* Length of the preallocated buffer for the "answer" from the dns/txt
    callback function. This should match the maximum RDLENGTH from DNS. */
diff --git a/test/confs/4520 b/test/confs/4520
index 897c1a6756baef9f8a468ee518ebd721c0c4e274..8fa3c38c8323089dbde683d0d03e90f946289646 100644 (file)
--- a/test/confs/4520
+++ b/test/confs/4520
@@ -9,7 +9,7 @@ primary_hostname = myhost.test.ex
 
 # ----- Main settings -----
 
-acl_smtp_rcpt = accept
+acl_smtp_rcpt = accept logwrite = macro: _DKIM_SIGN_HEADERS
 acl_smtp_dkim = accept logwrite = signer: $dkim_cur_signer bits: $dkim_key_length h=$dkim_headernames
 
 DDIR=DIR/aux-fixed/dkim
diff --git a/test/log/4520 b/test/log/4520
index 8daa636c025f8fdedfd8f88b509c83ca72848daa..b0ddcd64e551d5a50a7d141c8c9f1a7870f94125 100644 (file)
--- a/test/log/4520
+++ b/test/log/4520
@@ -13,22 +13,26 @@
 
 ******** SERVER ********
 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
 1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
 1999-03-02 09:44:33 10HmaY-0005vi-00 signer: test.ex bits: 1024 h=From
 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-0005vi-00@myhost.test.ex
 1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: <a@test.ex> R=server_dump
 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
 1999-03-02 09:44:33 10HmbA-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
 1999-03-02 09:44:33 10HmbA-0005vi-00 signer: test.ex bits: 1024 h=From:From
 1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaZ-0005vi-00@myhost.test.ex
 1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: <b@test.ex> R=server_dump
 1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
+1999-03-02 09:44:33 macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
 1999-03-02 09:44:33 10HmbC-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 i=allheaders@test.ex [verification succeeded]
 1999-03-02 09:44:33 10HmbC-0005vi-00 signer: test.ex bits: 1024 h=Date:Sender:Message-Id:From:Reply-To:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
 1999-03-02 09:44:33 10HmbC-0005vi-00 signer: allheaders@test.ex bits: 1024 h=Date:Sender:Message-Id:From:Reply-To:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
 1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbB-0005vi-00@myhost.test.ex
 1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: <c@test.ex> R=server_dump
 1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
+1999-03-02 09:44:33 macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
 1999-03-02 09:44:33 10HmbE-0005vi-00 DKIM: d=test.ex s=sel_bad c=relaxed/relaxed a=rsa-sha256 b=1024 [invalid - syntax error in public key record]
 1999-03-02 09:44:33 10HmbE-0005vi-00 signer: test.ex bits: 1024 h=From
 1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbD-0005vi-00@myhost.test.ex
diff --git a/test/log/4523 b/test/log/4523
index d1e5ebba3c8e6a6c7377bcaa0519e4863d50241a..5c07fa5a2cf79a66edfcf753d177d614251c6523 100644 (file)
--- a/test/log/4523
+++ b/test/log/4523
@@ -4,6 +4,7 @@
 
 ******** SERVER ********
 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
 1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha512 b=1024 i=allheaders@test.ex [verification succeeded]
 1999-03-02 09:44:33 10HmaY-0005vi-00 signer: test.ex bits: 1024 h=Date:Sender:Message-Id:From:Reply-To:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
 1999-03-02 09:44:33 10HmaY-0005vi-00 signer: allheaders@test.ex bits: 1024 h=Date:Sender:Message-Id:From:Reply-To:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
diff --git a/test/log/4524 b/test/log/4524
index a6d687c83cd6bc2e238b283f94bd99b179771656..e0dde322a6025deba365b530fbb58dd95c32245c 100644 (file)
--- a/test/log/4524
+++ b/test/log/4524
@@ -4,6 +4,7 @@
 
 ******** SERVER ********
 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
 1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=ses c=relaxed/relaxed a=rsa-sha256 b=512 [verification succeeded]
 1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
 1999-03-02 09:44:33 10HmaY-0005vi-00 signer: test.ex bits: 512 h=From:To:Subject
Master Exim source repository