From 77da14136b689daefe37608b4fd77417cb8c17b3 Mon Sep 17 00:00:00 2001 From: Simon Arlott Date: Sun, 7 Jan 2024 18:04:55 +0000 Subject: [PATCH] DKIM: signing with t but no x timestamp. Bug 2851 --- doc/doc-docbook/spec.xfpt | 15 +++--- doc/doc-txt/NewStuff | 4 ++ src/src/dkim.c | 8 ++- test/log/4510 | 98 ++++++++++++++++++++----------------- test/log/4540 | 4 +- test/log/4560 | 8 +-- test/mail/4510.b02 | 22 +++++++++ test/mail/4510.b10 | 6 +-- test/mail/4510.b12 | 6 +-- test/mail/4510.b20 | 6 +-- test/mail/4510.b22 | 6 +-- test/mail/4510.d | 6 +-- test/mail/4510.e | 6 +-- test/mail/4510.f | 6 +-- test/runtest | 11 ++++- test/scripts/4500-DKIM/4510 | 6 +++ test/stderr/4510 | 4 +- 17 files changed, 139 insertions(+), 83 deletions(-) create mode 100644 test/mail/4510.b02 diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 493c094cd..57b242a4e 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -15706,9 +15706,9 @@ the ACL once for each signature in the message. See section &<>&. -.option dmarc_forensic_sender main string&!! unset -.option dmarc_history_file main string unset -.option dmarc_tld_file main string unset +.option dmarc_forensic_sender main string&!! unset &&& + dmarc_history_file main string unset &&& + dmarc_tld_file main string unset .cindex DMARC "main section options" These options control DMARC processing. See section &<>& for details. @@ -41746,10 +41746,11 @@ name will be appended. .option dkim_timestamps smtp integer&!! unset This option controls the inclusion of timestamp information in the signature. If not set, no such information will be included. -Otherwise, must be an unsigned number giving an offset in seconds from the current time -for the expiry tag -(eg. 1209600 for two weeks); -both creation (t=) and expiry (x=) tags will be included. +.new +Otherwise, must be an unsigned number giving an offset in seconds from the +current time for the expiry tag (e.g. 1209600 for two weeks); both creation +(t=) and expiry (x=) tags will be included unless the offset is 0 (no expiry). +.wen RFC 6376 lists these tags as RECOMMENDED. diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 1a5dac27b..ad385b9ec 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -12,6 +12,10 @@ Version 4.98 2. The dkim_verbose logging control also enables logging of signing + 3. The dkim_timestamps signing option now accepts zero to include a current + timestamp but no extiry timestamp. Code by Simon Arlott; testsuite + additions by jgh. + Version 4.97 ------------ diff --git a/src/src/dkim.c b/src/src/dkim.c index 59025608f..63b16af39 100644 --- a/src/src/dkim.c +++ b/src/src/dkim.c @@ -720,8 +720,12 @@ if (dkim_domain) if (!(dkim_timestamps_expanded = expand_string(dkim->dkim_timestamps))) { errwhen = US"dkim_timestamps"; goto expand_bad; } else - xval = (tval = (unsigned long) time(NULL)) - + strtoul(CCS dkim_timestamps_expanded, NULL, 10); + { + tval = (unsigned long) time(NULL); + xval = strtoul(CCS dkim_timestamps_expanded, NULL, 10); + if (xval > 0) + xval += tval; + } if (!(sig = pdkim_init_sign(&dkim_sign_ctx, dkim_signing_domain, dkim_signing_selector, diff --git a/test/log/4510 b/test/log/4510 index 7632951d0..0c5ef4d5e 100644 --- a/test/log/4510 +++ b/test/log/4510 @@ -4,21 +4,24 @@ 1999-03-02 09:44:33 10HmbA-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b@test.ex 1999-03-02 09:44:33 10HmbA-000000005vi-0000 => b@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbB-000000005vi-0000" 1999-03-02 09:44:33 10HmbA-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbC-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b10@test.ex -1999-03-02 09:44:33 10HmbC-000000005vi-0000 => b10@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbD-000000005vi-0000" +1999-03-02 09:44:33 10HmbC-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b02@test.ex +1999-03-02 09:44:33 10HmbC-000000005vi-0000 => b02@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbD-000000005vi-0000" 1999-03-02 09:44:33 10HmbC-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbE-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b12@test.ex -1999-03-02 09:44:33 10HmbE-000000005vi-0000 => b12@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbF-000000005vi-0000" +1999-03-02 09:44:33 10HmbE-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b10@test.ex +1999-03-02 09:44:33 10HmbE-000000005vi-0000 => b10@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbF-000000005vi-0000" 1999-03-02 09:44:33 10HmbE-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbG-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b20@test.ex -1999-03-02 09:44:33 10HmbG-000000005vi-0000 => b20@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbH-000000005vi-0000" +1999-03-02 09:44:33 10HmbG-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b12@test.ex +1999-03-02 09:44:33 10HmbG-000000005vi-0000 => b12@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbH-000000005vi-0000" 1999-03-02 09:44:33 10HmbG-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbI-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b22@test.ex -1999-03-02 09:44:33 10HmbI-000000005vi-0000 => b22@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbJ-000000005vi-0000" +1999-03-02 09:44:33 10HmbI-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b20@test.ex +1999-03-02 09:44:33 10HmbI-000000005vi-0000 => b20@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbJ-000000005vi-0000" 1999-03-02 09:44:33 10HmbI-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbK-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for d@test.ex -1999-03-02 09:44:33 10HmbK-000000005vi-0000 => d@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel_bad C="250 OK id=10HmbL-000000005vi-0000" +1999-03-02 09:44:33 10HmbK-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for b22@test.ex +1999-03-02 09:44:33 10HmbK-000000005vi-0000 => b22@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbL-000000005vi-0000" 1999-03-02 09:44:33 10HmbK-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbM-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for d@test.ex +1999-03-02 09:44:33 10HmbM-000000005vi-0000 => d@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel_bad C="250 OK id=10HmbN-000000005vi-0000" +1999-03-02 09:44:33 10HmbM-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmaX-000000005vi-0000 <= <> U=CALLER P=local S=sss for e0@test.ex 1999-03-02 09:44:33 10HmaX-000000005vi-0000 failed to expand dkim_timestamps: unknown variable in "${bogus}" 1999-03-02 09:44:33 10HmaX-000000005vi-0000 DKIM: message could not be signed, and dkim_strict is set. Deferring message delivery. @@ -27,12 +30,12 @@ 1999-03-02 09:44:33 10HmaX-000000005vi-0000 ** e0@test.ex: retry timeout exceeded 1999-03-02 09:44:33 10HmaX-000000005vi-0000 e0@test.ex: error ignored 1999-03-02 09:44:33 10HmaX-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbM-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for e@test.ex -1999-03-02 09:44:33 10HmbM-000000005vi-0000 => e@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] C="250 OK id=10HmbN-000000005vi-0000" -1999-03-02 09:44:33 10HmbM-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbO-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for f@test.ex -1999-03-02 09:44:33 10HmbO-000000005vi-0000 => f@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbP-000000005vi-0000" +1999-03-02 09:44:33 10HmbO-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for e@test.ex +1999-03-02 09:44:33 10HmbO-000000005vi-0000 => e@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] C="250 OK id=10HmbP-000000005vi-0000" 1999-03-02 09:44:33 10HmbO-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for f@test.ex +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => f@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel C="250 OK id=10HmbR-000000005vi-0000" +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 Completed ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D @@ -51,52 +54,59 @@ 1999-03-02 09:44:33 10HmbB-000000005vi-0000 => b R=server_store T=file 1999-03-02 09:44:33 10HmbB-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbD-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From -1999-03-02 09:44:33 10HmbD-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] +1999-03-02 09:44:33 10HmbD-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From:From +1999-03-02 09:44:33 10HmbD-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 t=T [verification succeeded] 1999-03-02 09:44:33 10HmbD-000000005vi-0000 data_acl: dkim status pass -1999-03-02 09:44:33 10HmbD-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbC-000000005vi-0000@myhost.test.ex for b10@test.ex -1999-03-02 09:44:33 10HmbD-000000005vi-0000 => b10 R=server_store T=file +1999-03-02 09:44:33 10HmbD-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbC-000000005vi-0000@myhost.test.ex for b02@test.ex +1999-03-02 09:44:33 10HmbD-000000005vi-0000 => b02 R=server_store T=file 1999-03-02 09:44:33 10HmbD-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbF-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-mine:X-mine:From +1999-03-02 09:44:33 10HmbF-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From 1999-03-02 09:44:33 10HmbF-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmbF-000000005vi-0000 data_acl: dkim status pass -1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbE-000000005vi-0000@myhost.test.ex for b12@test.ex -1999-03-02 09:44:33 10HmbF-000000005vi-0000 => b12 R=server_store T=file +1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbE-000000005vi-0000@myhost.test.ex for b10@test.ex +1999-03-02 09:44:33 10HmbF-000000005vi-0000 => b10 R=server_store T=file 1999-03-02 09:44:33 10HmbF-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbH-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-Mine +1999-03-02 09:44:33 10HmbH-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-mine:X-mine:From 1999-03-02 09:44:33 10HmbH-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmbH-000000005vi-0000 data_acl: dkim status pass -1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbG-000000005vi-0000@myhost.test.ex for b20@test.ex -1999-03-02 09:44:33 10HmbH-000000005vi-0000 => b20 R=server_store T=file +1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbG-000000005vi-0000@myhost.test.ex for b12@test.ex +1999-03-02 09:44:33 10HmbH-000000005vi-0000 => b12 R=server_store T=file 1999-03-02 09:44:33 10HmbH-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbJ-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-mine:X-mine:X-Mine +1999-03-02 09:44:33 10HmbJ-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-Mine 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 data_acl: dkim status pass -1999-03-02 09:44:33 10HmbJ-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbI-000000005vi-0000@myhost.test.ex for b22@test.ex -1999-03-02 09:44:33 10HmbJ-000000005vi-0000 => b22 R=server_store T=file +1999-03-02 09:44:33 10HmbJ-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbI-000000005vi-0000@myhost.test.ex for b20@test.ex +1999-03-02 09:44:33 10HmbJ-000000005vi-0000 => b20 R=server_store T=file 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbL-000000005vi-0000 DKIM: d=test.ex s=sel_bad [failed key import] -1999-03-02 09:44:33 10HmbL-000000005vi-0000 dkim_acl: signer: test.ex bits: 0 h=From -1999-03-02 09:44:33 10HmbL-000000005vi-0000 DKIM: d=test.ex s=sel_bad c=relaxed/relaxed a=rsa-sha256 b=1024 [invalid - syntax error in public key record] -1999-03-02 09:44:33 10HmbL-000000005vi-0000 data_acl: dkim status invalid -1999-03-02 09:44:33 10HmbL-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbK-000000005vi-0000@myhost.test.ex for d@test.ex -1999-03-02 09:44:33 10HmbL-000000005vi-0000 => d R=server_store T=file +1999-03-02 09:44:33 10HmbL-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-mine:X-mine:X-Mine +1999-03-02 09:44:33 10HmbL-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] +1999-03-02 09:44:33 10HmbL-000000005vi-0000 data_acl: dkim status pass +1999-03-02 09:44:33 10HmbL-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbK-000000005vi-0000@myhost.test.ex for b22@test.ex +1999-03-02 09:44:33 10HmbL-000000005vi-0000 => b22 R=server_store T=file 1999-03-02 09:44:33 10HmbL-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 SMTP connection from the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] lost while reading message data (header) -1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbN-000000005vi-0000 data_acl: dkim status -1999-03-02 09:44:33 10HmbN-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbM-000000005vi-0000@myhost.test.ex for e@test.ex -1999-03-02 09:44:33 10HmbN-000000005vi-0000 => e R=server_store T=file +1999-03-02 09:44:33 10HmbN-000000005vi-0000 DKIM: d=test.ex s=sel_bad [failed key import] +1999-03-02 09:44:33 10HmbN-000000005vi-0000 dkim_acl: signer: test.ex bits: 0 h=From +1999-03-02 09:44:33 10HmbN-000000005vi-0000 DKIM: d=test.ex s=sel_bad c=relaxed/relaxed a=rsa-sha256 b=1024 [invalid - syntax error in public key record] +1999-03-02 09:44:33 10HmbN-000000005vi-0000 data_acl: dkim status invalid +1999-03-02 09:44:33 10HmbN-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbM-000000005vi-0000@myhost.test.ex for d@test.ex +1999-03-02 09:44:33 10HmbN-000000005vi-0000 => d R=server_store T=file 1999-03-02 09:44:33 10HmbN-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbP-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From -1999-03-02 09:44:33 10HmbP-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] -1999-03-02 09:44:33 10HmbP-000000005vi-0000 data_acl: dkim status pass -1999-03-02 09:44:33 10HmbP-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbO-000000005vi-0000@myhost.test.ex for f@test.ex -1999-03-02 09:44:33 10HmbP-000000005vi-0000 => f R=server_store T=file +1999-03-02 09:44:33 SMTP connection from the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] lost while reading message data (header) +1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive +1999-03-02 09:44:33 10HmbP-000000005vi-0000 data_acl: dkim status +1999-03-02 09:44:33 10HmbP-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbO-000000005vi-0000@myhost.test.ex for e@test.ex +1999-03-02 09:44:33 10HmbP-000000005vi-0000 => e R=server_store T=file 1999-03-02 09:44:33 10HmbP-000000005vi-0000 Completed +1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive +1999-03-02 09:44:33 10HmbR-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From +1999-03-02 09:44:33 10HmbR-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] +1999-03-02 09:44:33 10HmbR-000000005vi-0000 data_acl: dkim status pass +1999-03-02 09:44:33 10HmbR-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for f@test.ex +1999-03-02 09:44:33 10HmbR-000000005vi-0000 => f R=server_store T=file +1999-03-02 09:44:33 10HmbR-000000005vi-0000 Completed diff --git a/test/log/4540 b/test/log/4540 index e283729ed..4f806f3c2 100644 --- a/test/log/4540 +++ b/test/log/4540 @@ -12,9 +12,9 @@ 1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_status includes pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=E10HmaX-0005vi-00@myhost.test.ex 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 signer: kitterman.org bits: 253 -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 DKIM: d=kitterman.org s=ed25519 c=relaxed/simple a=ed25519-sha256 b=512 i=@kitterman.org t=1517847601 [verification succeeded] +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 DKIM: d=kitterman.org s=ed25519 c=relaxed/simple a=ed25519-sha256 b=512 i=@kitterman.org t=T [verification succeeded] 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 signer: @kitterman.org bits: 253 -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 DKIM: d=kitterman.org s=ed25519 c=relaxed/simple a=ed25519-sha256 b=512 i=@kitterman.org t=1517847601 [verification succeeded] +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 DKIM: d=kitterman.org s=ed25519 c=relaxed/simple a=ed25519-sha256 b=512 i=@kitterman.org t=T [verification succeeded] 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=kitterman.org header.i=@kitterman.org header.s=ed25519 header.a=ed25519-sha256 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 dkim_status includes pass 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=kitterman.org id=example@example.com diff --git a/test/log/4560 b/test/log/4560 index 0f8c63aea..2735b4645 100644 --- a/test/log/4560 +++ b/test/log/4560 @@ -217,8 +217,8 @@ 1999-03-02 09:44:33 10HmbO-000000005vi-0000 => a R=d1 T=tfile 1999-03-02 09:44:33 10HmbO-000000005vi-0000 Completed 1999-03-02 09:44:33 End queue run: pid=p1252 -1999-03-02 09:44:33 10HmbP-000000005vi-0000 DKIM: d=dmarc.org s=clochette c=simple/simple a=rsa-sha256 b=1024 t=1517535263 [verification succeeded] -1999-03-02 09:44:33 10HmbP-000000005vi-0000 DKIM: d=convivian.com s=default c=simple/simple a=rsa-sha256 b=1024 t=1517535248 [verification failed - body hash mismatch (body probably modified in transit)] +1999-03-02 09:44:33 10HmbP-000000005vi-0000 DKIM: d=dmarc.org s=clochette c=simple/simple a=rsa-sha256 b=1024 t=T [verification succeeded] +1999-03-02 09:44:33 10HmbP-000000005vi-0000 DKIM: d=convivian.com s=default c=simple/simple a=rsa-sha256 b=1024 t=T [verification failed - body hash mismatch (body probably modified in transit)] 1999-03-02 09:44:33 10HmbP-000000005vi-0000 arc_state: 1999-03-02 09:44:33 10HmbP-000000005vi-0000 domains: 1999-03-02 09:44:33 10HmbP-000000005vi-0000 arc_oldest_pass <0> @@ -228,8 +228,8 @@ 1999-03-02 09:44:33 10HmbP-000000005vi-0000 oldest-p-AAR: <> 1999-03-02 09:44:33 10HmbP-000000005vi-0000 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=dmarc.org id=1426665656.110316.1517535248039.JavaMail.zimbra@convivian.com for za@test.ex 1999-03-02 09:44:33 Start queue run: pid=p1253 -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 DKIM: d=dmarc.org s=clochette c=simple/simple a=rsa-sha256 b=1024 t=1517535263 [verification succeeded] -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 DKIM: d=convivian.com s=default c=simple/simple a=rsa-sha256 b=1024 t=1517535248 [verification failed - body hash mismatch (body probably modified in transit)] +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 DKIM: d=dmarc.org s=clochette c=simple/simple a=rsa-sha256 b=1024 t=T [verification succeeded] +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 DKIM: d=convivian.com s=default c=simple/simple a=rsa-sha256 b=1024 t=T [verification failed - body hash mismatch (body probably modified in transit)] 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 arc_state: 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 domains: 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 arc_oldest_pass <0> diff --git a/test/mail/4510.b02 b/test/mail/4510.b02 new file mode 100644 index 000000000..350ed832a --- /dev/null +++ b/test/mail/4510.b02 @@ -0,0 +1,22 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex) + by myhost.test.ex with esmtp (Exim x.yz) + (envelope-from ) + id 10HmbD-000000005vi-0000 + for b02@test.ex; + Tue, 2 Mar 1999 09:44:33 +0000 +DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; + s=sel; h=From:From; bh=/Ab0giHZitYQbDhFszoqQRUkgqueaX9zatJttIU/plc=; + t=T; b=bbbb; +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmbC-000000005vi-0000 + for b02@test.ex; + Tue, 2 Mar 1999 09:44:33 +0000 +From: nobody@example.com +Message-Id: +Sender: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 + +content + diff --git a/test/mail/4510.b10 b/test/mail/4510.b10 index e5c3dc32b..440f57735 100644 --- a/test/mail/4510.b10 +++ b/test/mail/4510.b10 @@ -2,7 +2,7 @@ From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex) by myhost.test.ex with esmtp (Exim x.yz) (envelope-from ) - id 10HmbD-000000005vi-0000 + id 10HmbF-000000005vi-0000 for b10@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; @@ -12,11 +12,11 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; hvI6IY=; Received: from CALLER by myhost.test.ex with local (Exim x.yz) (envelope-from ) - id 10HmbC-000000005vi-0000 + id 10HmbE-000000005vi-0000 for b10@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 From: nobody@example.com -Message-Id: +Message-Id: Sender: CALLER_NAME Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/mail/4510.b12 b/test/mail/4510.b12 index d0e83a150..3d0417d62 100644 --- a/test/mail/4510.b12 +++ b/test/mail/4510.b12 @@ -2,7 +2,7 @@ From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex) by myhost.test.ex with esmtp (Exim x.yz) (envelope-from ) - id 10HmbF-000000005vi-0000 + id 10HmbH-000000005vi-0000 for b12@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; @@ -12,13 +12,13 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; 5ssCcfufIlOx4EQ9fQA=; Received: from CALLER by myhost.test.ex with local (Exim x.yz) (envelope-from ) - id 10HmbE-000000005vi-0000 + id 10HmbG-000000005vi-0000 for b12@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 From: nobody@example.com X-mine: one X-mine: two -Message-Id: +Message-Id: Sender: CALLER_NAME Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/mail/4510.b20 b/test/mail/4510.b20 index 3ac28acab..be7b99e78 100644 --- a/test/mail/4510.b20 +++ b/test/mail/4510.b20 @@ -2,7 +2,7 @@ From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex) by myhost.test.ex with esmtp (Exim x.yz) (envelope-from ) - id 10HmbH-000000005vi-0000 + id 10HmbJ-000000005vi-0000 for b20@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; @@ -12,11 +12,11 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; d6xCVBLk=; Received: from CALLER by myhost.test.ex with local (Exim x.yz) (envelope-from ) - id 10HmbG-000000005vi-0000 + id 10HmbI-000000005vi-0000 for b20@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 From: nobody@example.com -Message-Id: +Message-Id: Sender: CALLER_NAME Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/mail/4510.b22 b/test/mail/4510.b22 index 33e308b31..7acb7f040 100644 --- a/test/mail/4510.b22 +++ b/test/mail/4510.b22 @@ -2,7 +2,7 @@ From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex) by myhost.test.ex with esmtp (Exim x.yz) (envelope-from ) - id 10HmbJ-000000005vi-0000 + id 10HmbL-000000005vi-0000 for b22@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; @@ -12,13 +12,13 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; /Bzt2ejTfNt7cbQQYHDLajY/q/9W6bGzJm4fBzrWrYgqfvyeXpb8jp2QkwO9zmGMiqmI=; Received: from CALLER by myhost.test.ex with local (Exim x.yz) (envelope-from ) - id 10HmbI-000000005vi-0000 + id 10HmbK-000000005vi-0000 for b22@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 From: nobody@example.com X-mine: one X-mine: two -Message-Id: +Message-Id: Sender: CALLER_NAME Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/mail/4510.d b/test/mail/4510.d index 556249386..58b26dea5 100644 --- a/test/mail/4510.d +++ b/test/mail/4510.d @@ -2,7 +2,7 @@ From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex) by myhost.test.ex with esmtp (Exim x.yz) (envelope-from ) - id 10HmbL-000000005vi-0000 + id 10HmbN-000000005vi-0000 for d@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; @@ -12,11 +12,11 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; QXXNtNEbKg=; Received: from CALLER by myhost.test.ex with local (Exim x.yz) (envelope-from ) - id 10HmbK-000000005vi-0000 + id 10HmbM-000000005vi-0000 for d@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 From: nobody@example.com -Message-Id: +Message-Id: Sender: CALLER_NAME Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/mail/4510.e b/test/mail/4510.e index b06c76e81..264e3d877 100644 --- a/test/mail/4510.e +++ b/test/mail/4510.e @@ -2,16 +2,16 @@ From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex) by myhost.test.ex with esmtp (Exim x.yz) (envelope-from ) - id 10HmbN-000000005vi-0000 + id 10HmbP-000000005vi-0000 for e@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 Received: from CALLER by myhost.test.ex with local (Exim x.yz) (envelope-from ) - id 10HmbM-000000005vi-0000 + id 10HmbO-000000005vi-0000 for e@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 From: nobody@example.com -Message-Id: +Message-Id: Sender: CALLER_NAME Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/mail/4510.f b/test/mail/4510.f index 2cd115784..56e648b77 100644 --- a/test/mail/4510.f +++ b/test/mail/4510.f @@ -2,7 +2,7 @@ From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex) by myhost.test.ex with esmtp (Exim x.yz) (envelope-from ) - id 10HmbP-000000005vi-0000 + id 10HmbR-000000005vi-0000 for f@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; @@ -12,11 +12,11 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex; t2W/iI=; Received: from CALLER by myhost.test.ex with local (Exim x.yz) (envelope-from ) - id 10HmbO-000000005vi-0000 + id 10HmbQ-000000005vi-0000 for f@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 From: nobody@example.com -Message-Id: +Message-Id: Sender: CALLER_NAME Date: Tue, 2 Mar 1999 09:44:33 +0000 diff --git a/test/runtest b/test/runtest index 3f4004cc1..45d00f9f8 100755 --- a/test/runtest +++ b/test/runtest @@ -1594,11 +1594,13 @@ RESET_AFTER_EXTRA_LINE_READ: s/ARC: AMS signing: privkey PEM-block import: error:\K[0-9A-F]{8}:PEM routines:PEM_read_bio:no start line$/1E08010C:DECODER routines::unsupported/; # DKIM timestamps - if ( /(DKIM: d=.*) t=([0-9]*) x=([0-9]*) / ) + if ( /(DKIM: d=.*) t=([0-9]*) x=([0-9]*) \[/ ) { my ($prefix, $t_diff) = ($1, $3 - $2); s/DKIM: d=.* t=[0-9]* x=[0-9]* /${prefix} t=T x=T+${t_diff} /; } + else + { s/DKIM: d=.* \Kt=[0-9]* \[/t=T [/; } # GnuTLS reports a different keysize vs. OpenSSL, for ed25519 keys s/signer: [^ ]* bits:\K 256/ 253/; s/public key too short:\K 256 bits/ 253 bits/; @@ -1641,6 +1643,13 @@ RESET_AFTER_EXTRA_LINE_READ: ; ; } + elsif ( /^(\s+)t=([0-9]*); b=[A-Za-z0-9+\/]+$/ ) + { + my $indent = $1; + s/.*/${indent}t=T; b=bbbb;/; + ; + ; + } # Not all builds include EXPERIMENTAL_DSN_INFO (2 of 2) if (/^X-Exim-Diagnostic:/) diff --git a/test/scripts/4500-DKIM/4510 b/test/scripts/4500-DKIM/4510 index f073be9d3..f4cc6eba3 100644 --- a/test/scripts/4500-DKIM/4510 +++ b/test/scripts/4500-DKIM/4510 @@ -15,6 +15,12 @@ content exim -DOPT=From:From -DTIMES=10 -odf b@test.ex From: nobody@example.com +content +**** +# single header, oversigned, with only t= timestamp; no expiry x= +exim -DOPT=From:From -DTIMES=0 -odf b02@test.ex +From: nobody@example.com + content **** # diff --git a/test/stderr/4510 b/test/stderr/4510 index 39224679a..6ec9545c7 100644 --- a/test/stderr/4510 +++ b/test/stderr/4510 @@ -51,12 +51,12 @@ DKIM [test.ex] Header sha256 computed: 241e16230df5723d899cfae9474c6b376a2ab1f81 SMTP+> QUIT cmd buf flush ddd bytes (more expected) SMTP(shutdown)>> - SMTP<< 250 OK id=10HmbL-000000005vi-0000 + SMTP<< 250 OK id=10HmbN-000000005vi-0000 SMTP<< 221 myhost.test.ex closing connection SMTP(close)>> cmdlog: '220:EHLO:250-:MAIL|:RCPT|:DATA:250:250:354:.:QUIT+:250:221' LOG: MAIN - => d@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel_bad C="250 OK id=10HmbL-000000005vi-0000" + => d@test.ex R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] DKIM=test.ex:sel_bad C="250 OK id=10HmbN-000000005vi-0000" LOG: MAIN Completed >>>>>>>>>>>>>>>> Exim pid=p1236 (local-accept-delivery) terminating with rc=0 >>>>>>>>>>>>>>>> -- 2.30.2