DKIM: fix verify under TLS & chunking, with pipelined next command

author Jeremy Harris <jgh146exb@wizmail.org>

Tue, 10 Aug 2021 20:32:18 +0000 (21:32 +0100)

committer Jeremy Harris <jgh146exb@wizmail.org>

Tue, 10 Aug 2021 23:07:45 +0000 (00:07 +0100)
author Jeremy Harris <jgh146exb@wizmail.org>
Tue, 10 Aug 2021 20:32:18 +0000 (21:32 +0100)
committer Jeremy Harris <jgh146exb@wizmail.org>
Tue, 10 Aug 2021 23:07:45 +0000 (00:07 +0100)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog

index 89df37585d249d91cecbdb861afa0208c47e712a..5fa80401f75ebc02e32ced833630337ac510bc7e 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -327,6 +327,11 @@ JH/57 Fix control=fakreject for a custom message containing tainted data.
  JH/58 GnuTLS: Fix certextract expansion.  If a second modifier after a tag
        modifier was given, a loop resulted.
  
+JH/59 DKIM: Fix small-message verification under TLS with chunking. If a
+      pipelined SMTP command followed the BDAT LAST then it would be
+      incorrrectly treated as part of the message body, causing a verification
+      fail.
+
  
  Exim version 4.94
  -----------------
diff --git a/src/src/dkim.c b/src/src/dkim.c

index 63b0ba62c337e2e2fd0c49afd012134187180e1e..5b7f17b2da9b3bed79410fe31fd96250a9d34a44 100644 (file)
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -128,13 +128,16 @@ dkim_verify_ctx = pdkim_init_verify(&dkim_exim_query_dns_txt, dot_stuffing);
  dkim_collect_input = dkim_verify_ctx ? DKIM_MAX_SIGNATURES : 0;
  dkim_collect_error = NULL;
  
-/* Start feed up with any cached data */
-receive_get_cache();
+/* Start feed up with any cached data, but limited to message data */
+receive_get_cache(chunking_state == CHUNKING_LAST
+                 ? chunking_data_left : GETC_BUFFER_UNLIMITED);
  
  store_pool = dkim_verify_oldpool;
  }
  
  
+/* Submit a chunk of data for verification input.
+Only use the data when the feed is activated. */
  void
  dkim_exim_verify_feed(uschar * data, int len)
  {
diff --git a/src/src/functions.h b/src/src/functions.h

index 0744697f9d47ab2c47cf80d0ca25073b74afa11e..f57379e2bbccda1494afb7b708379e55aa306639 100644 (file)
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -67,7 +67,7 @@ extern uschar *tls_field_from_dn(uschar *, const uschar *);
  extern void    tls_free_cert(void **);
  extern int     tls_getc(unsigned);
  extern uschar *tls_getbuf(unsigned *);
-extern void    tls_get_cache(void);
+extern void    tls_get_cache(unsigned);
  extern BOOL    tls_import_cert(const uschar *, void **);
  extern BOOL    tls_is_name_for_cert(const uschar *, void *);
  # ifdef USE_OPENSSL
@@ -493,7 +493,7 @@ extern BOOL    smtp_get_interface(uschar *, int, address_item *,
  extern BOOL    smtp_get_port(uschar *, address_item *, int *, uschar *);
  extern int     smtp_getc(unsigned);
  extern uschar *smtp_getbuf(unsigned *);
-extern void    smtp_get_cache(void);
+extern void    smtp_get_cache(unsigned);
  extern int     smtp_handle_acl_fail(int, int, uschar *, uschar *);
  extern void    smtp_log_no_mail(void);
  extern void    smtp_message_code(uschar **, int *, uschar **, uschar **, BOOL);
diff --git a/src/src/globals.c b/src/src/globals.c

index c3e8a16cf3d38d24b2808f17c6faabf22d1a1022..5d9f7f8c6e0193e849ad1500beba7af26af3bc09 100644 (file)
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -176,7 +176,7 @@ uschar * (*lwr_receive_getbuf)(unsigned *) = NULL;
  int (*lwr_receive_ungetc)(int) = stdin_ungetc;
  int (*receive_getc)(unsigned)  = stdin_getc;
  uschar * (*receive_getbuf)(unsigned *)  = NULL;
-void (*receive_get_cache)(void)= NULL;
+void (*receive_get_cache)(unsigned)    = NULL;
  int (*receive_ungetc)(int)     = stdin_ungetc;
  int (*receive_feof)(void)      = stdin_feof;
  int (*receive_ferror)(void)    = stdin_ferror;
diff --git a/src/src/globals.h b/src/src/globals.h

index d5d93148fc06385d520cd28301a67440f9d9e3c2..b610ac0a9b286ec90199cfb4de55a6f784f8f9cb 100644 (file)
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -164,7 +164,7 @@ extern uschar * (*lwr_receive_getbuf)(unsigned *);
  extern int (*lwr_receive_ungetc)(int);
  extern int (*receive_getc)(unsigned);
  extern uschar * (*receive_getbuf)(unsigned *);
-extern void (*receive_get_cache)(void);
+extern void (*receive_get_cache)(unsigned);
  extern int (*receive_ungetc)(int);
  extern int (*receive_feof)(void);
  extern int (*receive_ferror)(void);
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c

index ee248c5173e4c1ac0ab81524532b47f40f7c73c2..ffda0ec811e7d01cbb29fed65200b9971dd050b6 100644 (file)
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -581,12 +581,12 @@ return buf;
  }
  
  void
-smtp_get_cache(void)
+smtp_get_cache(unsigned lim)
  {
  #ifndef DISABLE_DKIM
  int n = smtp_inend - smtp_inptr;
-if (chunking_state == CHUNKING_LAST && chunking_data_left < n)
-  n = chunking_data_left;
+if (n > lim)
+  n = lim;
  if (n > 0)
    dkim_exim_verify_feed(smtp_inptr, n);
  #endif
@@ -661,7 +661,9 @@ for(;;)
    if (chunking_state == CHUNKING_LAST)
      {
  #ifndef DISABLE_DKIM
+    dkim_collect_input = dkim_save;
      dkim_exim_verify_feed(NULL, 0);    /* notify EOD */
+    dkim_collect_input = 0;
  #endif
      return EOD;
      }
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c

index 7d434f6afe06db7758c35b7045373e5b4f14f87d..796581b0e70fe2bbe8d89ef030763b5086d8ce5d 100644 (file)
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -3877,12 +3877,15 @@ return buf;
  }
  
  
+/* Get up to the given number of bytes from any cached data, and feed to dkim. */
  void
-tls_get_cache(void)
+tls_get_cache(unsigned lim)
  {
  #ifndef DISABLE_DKIM
  exim_gnutls_state_st * state = &state_server;
  int n = state->xfer_buffer_hwm - state->xfer_buffer_lwm;
+if (n > lim)
+  n = lim;
  if (n > 0)
    dkim_exim_verify_feed(state->xfer_buffer+state->xfer_buffer_lwm, n);
  #endif
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c

index 89f11ce374b8d6e8c2855bab92f84d5283356988..298d8d4e176d9984ecd1822ed9aa43ec2add1867 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -4146,10 +4146,13 @@ return buf;
  
  
  void
-tls_get_cache(void)
+tls_get_cache(unsigned lim)
  {
  #ifndef DISABLE_DKIM
  int n = ssl_xfer_buffer_hwm - ssl_xfer_buffer_lwm;
+debug_printf("tls_get_cache\n");
+if (n > lim)
+  n = lim;
  if (n > 0)
    dkim_exim_verify_feed(ssl_xfer_buffer+ssl_xfer_buffer_lwm, n);
  #endif
diff --git a/test/aux-fixed/4535.mlistfooter b/test/aux-fixed/4535.mlistfooter

new file mode 100644 (file)

index 0000000..7c33b82
--- /dev/null
+++ b/test/aux-fixed/4535.mlistfooter
@@ -0,0 +1,4 @@
+
+-- 
+This is a generic mailinglist footer, using a traditional .sig-separator line
+----
diff --git a/test/confs/4530 b/test/confs/4530

index daa9218ffabf76675ace12b351e523354620a753..c27fb95054e0bd4fdc92977b1a838beca4f1f665 100644 (file)
--- a/test/confs/4530
+++ b/test/confs/4530
@@ -22,6 +22,9 @@ dkim_verify_minimal = true
  
  DDIR=DIR/aux-fixed/dkim
  
+tls_certificate = DIR/aux-fixed/cert1
+tls_privatekey = DIR/aux-fixed/cert1
+
  log_selector = -dkim +dkim_verbose +received_recipients
  
  # ----- Routers
@@ -48,6 +51,9 @@ send_to_server:
    port = PORT_D
    hosts_try_fastopen = :
    hosts_require_tls =  *
+  tls_verify_certificates =   DIR/aux-fixed/cert1
+  tls_verify_cert_hostnames = :
+
  
    dkim_domain =                test.ex
  .ifdef SELECTOR
diff --git a/test/confs/4535 b/test/confs/4535

index 62c06fcc166873f932b237be6814d9cbcf4c72fa..bafcc537ddff36a6d65bc66bd3003b584b471aa8 100644 (file)
--- a/test/confs/4535
+++ b/test/confs/4535
@@ -27,6 +27,8 @@ pipelining_connect_advertise_hosts = :
  dmarc_tld_file =
  .endif
  tls_advertise_hosts = *
+tls_certificate = DIR/aux-fixed/cert1
+tls_privatekey = DIR/aux-fixed/cert1
  
  primary_hostname = myhost.test.ex
  
@@ -67,6 +69,8 @@ send_to_server:
    port = PORT_D
    hosts_try_fastopen = :
    hosts_require_tls =  *
+  tls_verify_certificates =   DIR/aux-fixed/cert1
+  tls_verify_cert_hostnames = :
  
  .ifdef FILTER
    transport_filter =   /bin/cat - DIR/aux-fixed/TESTNUM.mlistfooter
diff --git a/test/confs/4539 b/test/confs/4539

index 57f359ff0ee8d2e68dcfe9c31799599784aac8f9..571ddc2d2cc7455362dbfe72e86e968c7c4da560 100644 (file)
--- a/test/confs/4539
+++ b/test/confs/4539
@@ -1,4 +1,4 @@
-# Exim test configuration 0906
+# Exim test configuration 4539
  SERVER=
  
  exim_path = EXIM_PATH
@@ -91,6 +91,8 @@ remote_smtp:
    port =       PORT_D
    hosts_try_fastopen = :
    allow_localhost
+  tls_verify_certificates =   DIR/aux-fixed/cert1
+  tls_verify_cert_hostnames = :
  
  remote_smtp_dkim:
    driver = smtp
@@ -98,6 +100,8 @@ remote_smtp_dkim:
    port =       PORT_D
    hosts_try_fastopen = :
    allow_localhost
+  tls_verify_certificates =   DIR/aux-fixed/cert1
+  tls_verify_cert_hostnames = :
  
  .ifdef OPT
    dkim_domain =                test.ex
diff --git a/test/log/4530 b/test/log/4530

index 8b739e9df81926195eda0915bb68518ad9dad553..f8695ac56720c2b14c142fe0a158eb35f9caed38 100644 (file)
--- a/test/log/4530
+++ b/test/log/4530
@@ -1,41 +1,25 @@
  1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for a@test.ex
-1999-03-02 09:44:33 10HmaY-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaY-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaY-0005vi-00 => a@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmaZ-0005vi-00"
+1999-03-02 09:44:33 10HmaY-0005vi-00 => a@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaZ-0005vi-00"
  1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
  1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b@test.ex
-1999-03-02 09:44:33 10HmbA-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbA-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbA-0005vi-00 => b@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbB-0005vi-00"
+1999-03-02 09:44:33 10HmbA-0005vi-00 => b@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbB-0005vi-00"
  1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
  1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b10@test.ex
-1999-03-02 09:44:33 10HmbC-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbC-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbC-0005vi-00 => b10@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbD-0005vi-00"
+1999-03-02 09:44:33 10HmbC-0005vi-00 => b10@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbD-0005vi-00"
  1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
  1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b12@test.ex
-1999-03-02 09:44:33 10HmbE-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbE-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbE-0005vi-00 => b12@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbF-0005vi-00"
+1999-03-02 09:44:33 10HmbE-0005vi-00 => b12@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbF-0005vi-00"
  1999-03-02 09:44:33 10HmbE-0005vi-00 Completed
  1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b20@test.ex
-1999-03-02 09:44:33 10HmbG-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbG-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbG-0005vi-00 => b20@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbH-0005vi-00"
+1999-03-02 09:44:33 10HmbG-0005vi-00 => b20@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbH-0005vi-00"
  1999-03-02 09:44:33 10HmbG-0005vi-00 Completed
  1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b22@test.ex
-1999-03-02 09:44:33 10HmbI-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbI-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbI-0005vi-00 => b22@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbJ-0005vi-00"
+1999-03-02 09:44:33 10HmbI-0005vi-00 => b22@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbJ-0005vi-00"
  1999-03-02 09:44:33 10HmbI-0005vi-00 Completed
  1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for d@test.ex
-1999-03-02 09:44:33 10HmbK-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbK-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbK-0005vi-00 => d@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbL-0005vi-00"
+1999-03-02 09:44:33 10HmbK-0005vi-00 => d@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbL-0005vi-00"
  1999-03-02 09:44:33 10HmbK-0005vi-00 Completed
  1999-03-02 09:44:33 10HmaX-0005vi-00 <= <> U=CALLER P=local S=sss for e0@test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
  1999-03-02 09:44:33 10HmaX-0005vi-00 failed to expand dkim_timestamps: unknown variable in "${bogus}"
  1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: message could not be signed, and dkim_strict is set. Deferring message delivery.
  1999-03-02 09:44:33 10HmaX-0005vi-00 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]: send() to ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] failed: failed to expand dkim_timestamps: unknown variable in "${bogus}": Permission denied
@@ -44,19 +28,13 @@
  1999-03-02 09:44:33 10HmaX-0005vi-00 e0@test.ex: error ignored
  1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
  1999-03-02 09:44:33 10HmbM-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for e@test.ex
-1999-03-02 09:44:33 10HmbM-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbM-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbM-0005vi-00 => e@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbN-0005vi-00"
+1999-03-02 09:44:33 10HmbM-0005vi-00 => e@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbN-0005vi-00"
  1999-03-02 09:44:33 10HmbM-0005vi-00 Completed
  1999-03-02 09:44:33 10HmbO-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for f@test.ex
-1999-03-02 09:44:33 10HmbO-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbO-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbO-0005vi-00 => f@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbP-0005vi-00"
+1999-03-02 09:44:33 10HmbO-0005vi-00 => f@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbP-0005vi-00"
  1999-03-02 09:44:33 10HmbO-0005vi-00 Completed
  
  ******** SERVER ********
-1999-03-02 09:44:33 Warning: No server certificate defined; will use a selfsigned one.
- Suggested action: either install a certificate or change tls_advertise_hosts option
  1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
  1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
  1999-03-02 09:44:33 10HmaZ-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
diff --git a/test/log/4531 b/test/log/4531

index 7cfbd7f36afc729753e5347099e8316275f461ee..6740cabbf8d5b1d0b1ea7d7205269bfea31b0d23 100644 (file)
--- a/test/log/4531
+++ b/test/log/4531
@@ -7,7 +7,7 @@
  
  ******** SERVER ********
  2017-07-30 18:51:05.712 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_S
-2017-07-30 18:51:05.712 10HmaY-0005vi-00 DKIM FAIL FAIL FAIL: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]
-2017-07-30 18:51:05.712 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss id=E10HmaX-0005vi-00@testhost.test.ex for a@test.ex
+2017-07-30 18:51:05.712 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
+2017-07-30 18:51:05.712 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex id=E10HmaX-0005vi-00@testhost.test.ex for a@test.ex
  2017-07-30 18:51:05.712 10HmbA-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
  2017-07-30 18:51:05.712 10HmbA-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex id=E10HmaZ-0005vi-00@testhost.test.ex for b@test.ex
diff --git a/test/log/4533 b/test/log/4533

index e3f8d1a73c115e80758dd3e3db7606c2668ee60b..315700ecd4525292999bbcfe820f713a9bb33d9e 100644 (file)
--- a/test/log/4533
+++ b/test/log/4533
@@ -1,12 +1,8 @@
  1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for a@test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaX-0005vi-00 => a@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 => a@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaY-0005vi-00"
  1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
  
  ******** SERVER ********
-1999-03-02 09:44:33 Warning: No server certificate defined; will use a selfsigned one.
- Suggested action: either install a certificate or change tls_advertise_hosts option
  1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
  1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
  1999-03-02 09:44:33 10HmaY-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From:From
diff --git a/test/log/4534 b/test/log/4534

index b3d9d5f71229d472a6e206245aa402b33627ad19..faac1b64eb669f85c4b2048866008cd67377dde3 100644 (file)
--- a/test/log/4534
+++ b/test/log/4534
@@ -1,12 +1,8 @@
  1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for c@test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaX-0005vi-00 => c@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 => c@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaY-0005vi-00"
  1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
  
  ******** SERVER ********
-1999-03-02 09:44:33 Warning: No server certificate defined; will use a selfsigned one.
- Suggested action: either install a certificate or change tls_advertise_hosts option
  1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
  1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
  1999-03-02 09:44:33 10HmaY-0005vi-00 dkim_acl: signer: test.ex bits: 512 h=From:To:Subject
diff --git a/test/log/4535 b/test/log/4535

index 078e699b77644c87dece3c0ba57697c0d070d93d..2e7fcf26dc158cd4763e5420f125c8df87cca430 100644 (file)
--- a/test/log/4535
+++ b/test/log/4535
@@ -1,30 +1,20 @@
  1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for a@test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaX-0005vi-00 => a@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 => a@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaY-0005vi-00"
  1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
  1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b@test.ex
-1999-03-02 09:44:33 10HmaZ-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaZ-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaZ-0005vi-00 == b@test.ex R=client T=send_to_server defer (-24) H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]: transport filter process failed (1)
-1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for c@test.ex
-1999-03-02 09:44:33 10HmbA-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbA-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbA-0005vi-00 == c@test.ex R=client T=send_to_server defer (-24) H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]: transport filter process failed (1)
-1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b@test.ex
-1999-03-02 09:44:33 10HmbB-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbB-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbB-0005vi-00 => b@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbC-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => b@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for c@test.ex
+1999-03-02 09:44:33 10HmbB-0005vi-00 => c@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmbC-0005vi-00"
  1999-03-02 09:44:33 10HmbB-0005vi-00 Completed
-1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for c@test.ex
-1999-03-02 09:44:33 10HmbD-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbD-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbD-0005vi-00 => c@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmbE-0005vi-00"
+1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b@test.ex
+1999-03-02 09:44:33 10HmbD-0005vi-00 => b@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbE-0005vi-00"
  1999-03-02 09:44:33 10HmbD-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for c@test.ex
+1999-03-02 09:44:33 10HmbF-0005vi-00 => c@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmbG-0005vi-00"
+1999-03-02 09:44:33 10HmbF-0005vi-00 Completed
  
  ******** SERVER ********
-1999-03-02 09:44:33 Warning: No server certificate defined; will use a selfsigned one.
- Suggested action: either install a certificate or change tls_advertise_hosts option
  1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
  1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
  1999-03-02 09:44:33 10HmaY-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
@@ -33,16 +23,26 @@
  1999-03-02 09:44:33 10HmaY-0005vi-00 => a <a@test.ex> R=server_store T=file
  1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
  1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
-1999-03-02 09:44:33 SMTP connection from the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] lost while reading message data (header)
+1999-03-02 09:44:33 10HmbA-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
+1999-03-02 09:44:33 10HmbA-0005vi-00 data acl: dkim status pass
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss DKIM=test.ex id=E10HmaZ-0005vi-00@myhost.test.ex for b@test.ex
+1999-03-02 09:44:33 10HmbA-0005vi-00 => b <b@test.ex> R=server_store T=file
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
  1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
  1999-03-02 09:44:33 10HmbC-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
  1999-03-02 09:44:33 10HmbC-0005vi-00 data acl: dkim status pass
-1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss DKIM=test.ex id=E10HmbB-0005vi-00@myhost.test.ex for b@test.ex
-1999-03-02 09:44:33 10HmbC-0005vi-00 => b <b@test.ex> R=server_store T=file
+1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex id=E10HmbB-0005vi-00@myhost.test.ex for c@test.ex
+1999-03-02 09:44:33 10HmbC-0005vi-00 => c <c@test.ex> R=server_store T=file
  1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
  1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
-1999-03-02 09:44:33 10HmbE-0005vi-00 dkim_acl: signer: test.ex bits: 0 h=From
-1999-03-02 09:44:33 10HmbE-0005vi-00 data acl: dkim status fail
-1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss id=E10HmbD-0005vi-00@myhost.test.ex for c@test.ex
-1999-03-02 09:44:33 10HmbE-0005vi-00 => c <c@test.ex> R=server_store T=file
+1999-03-02 09:44:33 10HmbE-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
+1999-03-02 09:44:33 10HmbE-0005vi-00 data acl: dkim status pass
+1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss DKIM=test.ex id=E10HmbD-0005vi-00@myhost.test.ex for b@test.ex
+1999-03-02 09:44:33 10HmbE-0005vi-00 => b <b@test.ex> R=server_store T=file
  1999-03-02 09:44:33 10HmbE-0005vi-00 Completed
+1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
+1999-03-02 09:44:33 10HmbG-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
+1999-03-02 09:44:33 10HmbG-0005vi-00 data acl: dkim status pass
+1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex id=E10HmbF-0005vi-00@myhost.test.ex for c@test.ex
+1999-03-02 09:44:33 10HmbG-0005vi-00 => c <c@test.ex> R=server_store T=file
+1999-03-02 09:44:33 10HmbG-0005vi-00 Completed
diff --git a/test/log/4539 b/test/log/4539

index 903abb16456bbd448cc021694615ffdc671c18bb..78ad87365988abee7eae3e3214cd1c3b34eb32f8 100644 (file)
--- a/test/log/4539
+++ b/test/log/4539
@@ -8,18 +8,14 @@
  ******** SERVER ********
  1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_S port PORT_D
  1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss for z@test.ex
-1999-03-02 09:44:33 10HmaZ-0005vi-00 [127.0.0.1] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock
-1999-03-02 09:44:33 10HmaZ-0005vi-00 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" H="127.0.0.1"
-1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]
-1999-03-02 09:44:33 10HmaX-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss for z@test.ex
+1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex for z@test.ex
  1999-03-02 09:44:33 10HmaX-0005vi-00 no immediate delivery: queued by ACL
-1999-03-02 09:44:33 10HmaZ-0005vi-00 => z@test.ex R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K C="250- 6nn byte chunk, total 6nn\\n250 OK id=10HmaX-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => z@test.ex R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmaX-0005vi-00"
  1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
  1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss for y@test.ex
-1999-03-02 09:44:33 10HmbA-0005vi-00 [127.0.0.1] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock
-1999-03-02 09:44:33 10HmbA-0005vi-00 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" H="127.0.0.1"
-1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss for y@test.ex
+1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex for y@test.ex
  1999-03-02 09:44:33 10HmaY-0005vi-00 no immediate delivery: queued by ACL
-1999-03-02 09:44:33 10HmbA-0005vi-00 => y@test.ex R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K C="250- 6nn byte chunk, total 6nn\\n250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmbA-0005vi-00 => y@test.ex R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmaY-0005vi-00"
  1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
diff --git a/test/mail/4535.b b/test/mail/4535.b

index 8123854360ed13b74d51c95b4dd1774c36c58afa..0f04c255abb6fc8ba74d01efe1981ab579a4a130 100644 (file)
--- a/test/mail/4535.b
+++ b/test/mail/4535.b
@@ -3,7 +3,7 @@ Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
         by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
         (Exim x.yz)
         (envelope-from <CALLER@myhost.test.ex>)
-       id 10HmbC-0005vi-00
+       id 10HmbA-0005vi-00
         for b@test.ex;
         Tue, 2 Mar 1999 09:44:33 +0000
  DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
@@ -13,11 +13,40 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
         ygZGjs=;
  Received: from CALLER by myhost.test.ex with local (Exim x.yz)
         (envelope-from <CALLER@myhost.test.ex>)
-       id 10HmbB-0005vi-00
+       id 10HmaZ-0005vi-00
         for b@test.ex;
         Tue, 2 Mar 1999 09:44:33 +0000
  From: nobody@example.com
-Message-Id: <E10HmbB-0005vi-00@myhost.test.ex>
+Message-Id: <E10HmaZ-0005vi-00@myhost.test.ex>
+Sender: CALLER_NAME <CALLER@myhost.test.ex>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+
+content
+
+-- 
+This is a generic mailinglist footer, using a traditional .sig-separator line
+----
+
+From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999
+Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
+       by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
+       (Exim x.yz)
+       (envelope-from <CALLER@myhost.test.ex>)
+       id 10HmbE-0005vi-00
+       for b@test.ex;
+       Tue, 2 Mar 1999 09:44:33 +0000
+DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
+       s=sel; h=From; bh=bzHKix52TV0ojCi2kd18gmIw/tcd5TnhO3QM+89xwyk=; b=LcQAFwKN9DL
+       wCbK0mcUtjmEoLaNUjwHmVrilQI1nBWJDoDUzpUl96U8YzdS/+Xut+pdS/YZf3m/Qbcw6ohO9pEmM
+       ncfURg55wr8fftAyRFA/L/svtP8h3Qv/+jv8gJ9nHyjk3z7Zmzzo8S54h9Ct9pJwkv0cpmdeLiDrL
+       ygZGjs=;
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+       (envelope-from <CALLER@myhost.test.ex>)
+       id 10HmbD-0005vi-00
+       for b@test.ex;
+       Tue, 2 Mar 1999 09:44:33 +0000
+From: nobody@example.com
+Message-Id: <E10HmbD-0005vi-00@myhost.test.ex>
  Sender: CALLER_NAME <CALLER@myhost.test.ex>
  Date: Tue, 2 Mar 1999 09:44:33 +0000
  
diff --git a/test/mail/4535.c b/test/mail/4535.c

index 4394d9c1f3933c8710b71f22a8946150a8254178..96fe97f4463dae20da2f875e7bc91b1f910ed70c 100644 (file)
--- a/test/mail/4535.c
+++ b/test/mail/4535.c
@@ -3,7 +3,7 @@ Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
         by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
         (Exim x.yz)
         (envelope-from <CALLER@myhost.test.ex>)
-       id 10HmbE-0005vi-00
+       id 10HmbC-0005vi-00
         for c@test.ex;
         Tue, 2 Mar 1999 09:44:33 +0000
  DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
@@ -13,11 +13,40 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
         ygZGjs=;
  Received: from CALLER by myhost.test.ex with local (Exim x.yz)
         (envelope-from <CALLER@myhost.test.ex>)
-       id 10HmbD-0005vi-00
+       id 10HmbB-0005vi-00
         for c@test.ex;
         Tue, 2 Mar 1999 09:44:33 +0000
  From: nobody@example.com
-Message-Id: <E10HmbD-0005vi-00@myhost.test.ex>
+Message-Id: <E10HmbB-0005vi-00@myhost.test.ex>
+Sender: CALLER_NAME <CALLER@myhost.test.ex>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+
+content
+
+-- 
+This is a generic mailinglist footer, using a traditional .sig-separator line
+----
+
+From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999
+Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
+       by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
+       (Exim x.yz)
+       (envelope-from <CALLER@myhost.test.ex>)
+       id 10HmbG-0005vi-00
+       for c@test.ex;
+       Tue, 2 Mar 1999 09:44:33 +0000
+DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
+       s=sel; h=From; bh=bzHKix52TV0ojCi2kd18gmIw/tcd5TnhO3QM+89xwyk=; b=LcQAFwKN9DL
+       wCbK0mcUtjmEoLaNUjwHmVrilQI1nBWJDoDUzpUl96U8YzdS/+Xut+pdS/YZf3m/Qbcw6ohO9pEmM
+       ncfURg55wr8fftAyRFA/L/svtP8h3Qv/+jv8gJ9nHyjk3z7Zmzzo8S54h9Ct9pJwkv0cpmdeLiDrL
+       ygZGjs=;
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+       (envelope-from <CALLER@myhost.test.ex>)
+       id 10HmbF-0005vi-00
+       for c@test.ex;
+       Tue, 2 Mar 1999 09:44:33 +0000
+From: nobody@example.com
+Message-Id: <E10HmbF-0005vi-00@myhost.test.ex>
  Sender: CALLER_NAME <CALLER@myhost.test.ex>
  Date: Tue, 2 Mar 1999 09:44:33 +0000
  
diff --git a/test/mail/4539.y b/test/mail/4539.y

index 14b663dd05878c0dafa9f5332769e51039a2bd6a..462611460d9e31b22e4cd9518a4b96d42aafd907 100644 (file)
--- a/test/mail/4539.y
+++ b/test/mail/4539.y
@@ -7,10 +7,10 @@ Received: from localhost ([127.0.0.1] helo=testhost.test.ex)
         for y@test.ex;
         Tue, 2 Mar 1999 09:44:33 +0000
  DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
-       s=sel; h=Subject; bh=CVpkzY75tV/NCKk5pPx4GnM3NX83xwCiT0xVwo0G1Rs=; b=JTYpVY1D
-       sO37MibaZTC2CgpQAZlz/lRefFQv3Q7JM4D0aUfseT24Xg+kxv3xc5guSzKWQzycm3zie366tHape
-       lu70O4/5+Dyr0f/FKjmYxT+ALcIzuVN7Rty2JioBG07aryqJqmcR0xpmiggctb/h/2a/JGRKPcDWO
-       psj50XQNQ=;
+       s=sel; h=Subject; bh=qrFAgZTdNItSIrBZpDPHl7T6nHDpDTlw6cFlhULnt3c=; b=XGR6pjWM
+       PEWqcZj6/UQcH54guCxLNrtBaOS6Bve1+prubUxn6u3FdP+deLkkZTMrgf2LUMg3APxC4moIREkTt
+       7JmnHBYDEeNOsV8Zpg95yRp+8BIEAqBGddOIs2KzUb3Ua0B2gbVd8Ovc2hrMu+JJPx9CE1mlHtHIw
+       txPmCs15I=;
  Received: from [127.0.0.1] (helo=xxx)
         by testhost.test.ex with smtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
         (Exim x.yz)
@@ -26,5 +26,6 @@ X-received-count: 2
  Line 1: This is a simple test.
  Line 2: This is a simple test.
  .Line 3 has a leading dot
+extra32chars234567890123456789
  last line: 4
  
diff --git a/test/mail/4539.z b/test/mail/4539.z

index a2b43b8da28d9d63e2ad5519b2de0bd088443bdb..584deb3cb874780db7838ebd60fdb471004c7b6f 100644 (file)
--- a/test/mail/4539.z
+++ b/test/mail/4539.z
@@ -7,10 +7,10 @@ Received: from localhost ([127.0.0.1] helo=testhost.test.ex)
         for z@test.ex;
         Tue, 2 Mar 1999 09:44:33 +0000
  DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
-       s=sel; h=Subject; bh=CVpkzY75tV/NCKk5pPx4GnM3NX83xwCiT0xVwo0G1Rs=; b=JTYpVY1D
-       sO37MibaZTC2CgpQAZlz/lRefFQv3Q7JM4D0aUfseT24Xg+kxv3xc5guSzKWQzycm3zie366tHape
-       lu70O4/5+Dyr0f/FKjmYxT+ALcIzuVN7Rty2JioBG07aryqJqmcR0xpmiggctb/h/2a/JGRKPcDWO
-       psj50XQNQ=;
+       s=sel; h=Subject; bh=rr4Eahuyisf50jrZwCMRa+NKEI5cjCTLtiI8sXRsvJo=; b=DMx6DGzU
+       7Pbz5IGN4NvxeDHYJIVnSMRO0q5PBiGMoaESCZFhQF+fZ7f+kZyNY1Uanggg93Ux7OeQ3ZThnAg4t
+       1xm24pdfYtXKleKtsZ2ekh6SNXo2YcyclIo8hf4z3iZsjxcjnftZRbtaeAc3Coicq0+51i+/ZxCup
+       EwFMsq92M=;
  Received: from [127.0.0.1] (helo=xxx)
         by testhost.test.ex with smtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
         (Exim x.yz)
@@ -26,5 +26,6 @@ X-received-count: 2
  Line 1: This is a simple test.
  Line 2: This is a simple test.
  .Line 3 has a leading dot
+extra30chars234567890123456789
  last line: 4
  
diff --git a/test/scripts/4520-TLS-DKIM/4539 b/test/scripts/4520-TLS-DKIM/4539

index eaa13fb1817f95e445033a3bbde9fb4ddc9ce315..93214275dfa08f86023f8736e8307fa7f3bc7276 100644 (file)
--- a/test/scripts/4520-TLS-DKIM/4539
+++ b/test/scripts/4520-TLS-DKIM/4539
@@ -30,6 +30,7 @@ Subject: simple test
  Line 1: This is a simple test.
  Line 2: This is a simple test.
  ..Line 3 has a leading dot
+extra30chars234567890123456789
  last line: 4
  .
  ??? 250
@@ -58,12 +59,13 @@ MAIL FROM:<CALLER@bloggs.com>
  ??? 250
  RCPT TO:<y@test.ex>
  ??? 250
-BDAT 129 LAST
+BDAT 161 LAST
  Subject: simple test
  
  Line 1: This is a simple test.
  Line 2: This is a simple test.
  .Line 3 has a leading dot
+extra32chars234567890123456789
  last line: 4
  ??? 250-
  ??? 250
diff --git a/test/stderr/4530 b/test/stderr/4530

index 96951cff6141de8f7c3b57712385b0086b6f2e8d..4b93222f07813c620dfa5f35dc69601a93efe2f8 100644 (file)
--- a/test/stderr/4530
+++ b/test/stderr/4530
@@ -21,10 +21,6 @@ cmd buf flush ddd bytes
    SMTP>> STARTTLS
  cmd buf flush ddd bytes
    SMTP<< 220 TLS go ahead
-LOG: MAIN
-  [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-LOG: MAIN
-  [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
    SMTP>> EHLO myhost.test.ex
  cmd buf flush ddd bytes
    SMTP<< 250-myhost.test.ex Hello the.local.host.name [ip4.ip4.ip4.ip4]
@@ -68,7 +64,7 @@ cmd buf flush ddd bytes
    SMTP<< 221 myhost.test.ex closing connection
    SMTP(close)>>
  LOG: MAIN
-  => d@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbL-0005vi-00"
+  => d@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbL-0005vi-00"
  LOG: MAIN
    Completed
  >>>>>>>>>>>>>>>> Exim pid=pppp (local-accept-delivery) terminating with rc=0 >>>>>>>>>>>>>>>>
diff --git a/test/stdout/4539 b/test/stdout/4539

index 2a3824b7d22e57593e30f0e9cbc62b4e9a179ab8..b766bb2e09a077c6eb22faad39e39e788d63ec6b 100644 (file)
--- a/test/stdout/4539
+++ b/test/stdout/4539
@@ -38,6 +38,7 @@ Succeeded in starting TLS
  >>> Line 1: This is a simple test.
  >>> Line 2: This is a simple test.
  >>> ..Line 3 has a leading dot
+>>> extra30chars234567890123456789
  >>> last line: 4
  >>> .
  ??? 250
@@ -78,15 +79,16 @@ Succeeded in starting TLS
  >>> RCPT TO:<y@test.ex>
  ??? 250
  <<< 250 Accepted
->>> BDAT 129 LAST
+>>> BDAT 161 LAST
  >>> Subject: simple test
  >>> 
  >>> Line 1: This is a simple test.
  >>> Line 2: This is a simple test.
  >>> .Line 3 has a leading dot
+>>> extra32chars234567890123456789
  >>> last line: 4
  ??? 250-
-<<< 250- 129 byte chunk, total 129
+<<< 250- 161 byte chunk, total 161
  ??? 250
  <<< 250 OK id=10HmbA-0005vi-00
  >>> QUIT
author	Jeremy Harris <jgh146exb@wizmail.org>
	Tue, 10 Aug 2021 20:32:18 +0000 (21:32 +0100)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Tue, 10 Aug 2021 23:07:45 +0000 (00:07 +0100)
doc/doc-txt/ChangeLog		patch \| blob \| history
src/src/dkim.c		patch \| blob \| history
src/src/functions.h		patch \| blob \| history
src/src/globals.c		patch \| blob \| history
src/src/globals.h		patch \| blob \| history
src/src/smtp_in.c		patch \| blob \| history
src/src/tls-gnu.c		patch \| blob \| history
src/src/tls-openssl.c		patch \| blob \| history
test/aux-fixed/4535.mlistfooter	[new file with mode: 0644]	patch \| blob
test/confs/4530		patch \| blob \| history
test/confs/4535		patch \| blob \| history
test/confs/4539		patch \| blob \| history
test/log/4530		patch \| blob \| history
test/log/4531		patch \| blob \| history
test/log/4533		patch \| blob \| history
test/log/4534		patch \| blob \| history
test/log/4535		patch \| blob \| history
test/log/4539		patch \| blob \| history
test/mail/4535.b		patch \| blob \| history
test/mail/4535.c		patch \| blob \| history
test/mail/4539.y		patch \| blob \| history
test/mail/4539.z		patch \| blob \| history
test/scripts/4520-TLS-DKIM/4539		patch \| blob \| history
test/stderr/4530		patch \| blob \| history
test/stdout/4539		patch \| blob \| history