From a5e7a642059ee28d6d19c7a8f75d820b65c858b9 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Tue, 9 Jul 2024 14:51:01 +0100 Subject: [PATCH] DKIM: with dkim_verify_minimal, avoid calling ACL after first pass --- src/src/dkim.c | 11 +++++++---- src/src/pdkim/pdkim.c | 25 ++++++++++++++++--------- src/src/receive.c | 18 +++++++++++------- src/src/smtp_in.c | 1 - test/confs/4510 | 10 +++++++++- test/log/4510 | 18 +++++++++--------- test/log/4513 | 2 +- test/log/4514 | 4 ++-- test/log/4541 | 10 ++++------ test/log/4545 | 6 +++--- test/scripts/4540-DKIM-Ed25519/4541 | 2 +- 11 files changed, 63 insertions(+), 44 deletions(-) diff --git a/src/src/dkim.c b/src/src/dkim.c index e0b76c3b1..68f074889 100644 --- a/src/src/dkim.c +++ b/src/src/dkim.c @@ -342,8 +342,8 @@ for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next) if (sig->domain) g = string_append_listele(g, ':', sig->domain); if (sig->identity) g = string_append_listele(g, ':', sig->identity); } - -if (g) dkim_signers = g->s; +gstring_release_unused(g); +dkim_signers = string_from_gstring(g); out: store_pool = dkim_verify_oldpool; @@ -358,7 +358,8 @@ dkim_acl_call(uschar * id, gstring ** res_ptr, { int rc; DEBUG(D_receive) - debug_printf("calling acl_smtp_dkim for dkim_cur_signer='%s'\n", id); + debug_printf("calling acl_smtp_dkim for identity '%s' domain '%s' sel '%s'\n", + id, dkim_signing_domain, dkim_signing_selector); rc = acl_check(ACL_WHERE_DKIM, NULL, acl_smtp_dkim, user_msgptr, log_msgptr); dkim_exim_verify_log_sig(dkim_cur_sig); @@ -369,6 +370,7 @@ return rc; /* For the given identity, run the DKIM ACL once for each matching signature. +If none match, run it once. Arguments id Identity to look for in dkim signatures @@ -425,7 +427,8 @@ for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next) dkim_verify_status = dkim_exim_expand_query(DKIM_VERIFY_STATUS); dkim_verify_reason = dkim_exim_expand_query(DKIM_VERIFY_REASON); - if ((rc = dkim_acl_call(id, res_ptr, user_msgptr, log_msgptr)) != OK) + if ( (rc = dkim_acl_call(id, res_ptr, user_msgptr, log_msgptr)) != OK + || dkim_verify_minimal && Ustrcmp(dkim_verify_status, "pass") == 0) return rc; } diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c index 4fb22a113..b2caa81ab 100644 --- a/src/src/pdkim/pdkim.c +++ b/src/src/pdkim/pdkim.c @@ -468,15 +468,12 @@ return b64encode(CUS b->data, b->len); static pdkim_signature * pdkim_parse_sig_header(pdkim_ctx * ctx, uschar * raw_hdr) { -pdkim_signature * sig; -uschar *q; -gstring * cur_tag = NULL; -gstring * cur_val = NULL; -BOOL past_hname = FALSE; -BOOL in_b_val = FALSE; +pdkim_signature * sig = store_get(sizeof(pdkim_signature), GET_UNTAINTED); +uschar * q; +gstring * cur_tag = NULL, * cur_val = NULL; +BOOL past_hname = FALSE, in_b_val = FALSE; int where = PDKIM_HDR_LIMBO; -sig = store_get(sizeof(pdkim_signature), GET_UNTAINTED); memset(sig, 0, sizeof(pdkim_signature)); sig->bodylength = -1; @@ -1899,11 +1896,17 @@ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) { sig->verify_status = PDKIM_VERIFY_PASS; verify_pass = TRUE; - if (dkim_verify_minimal) break; + /*XXX We used to "break" here if dkim_verify_minimal, but that didn't + stop the ACL being called. So move that test. Unfortunately, we + need to eval all the sigs here only to possibly ignore some later, + because we don't know what verify options might say. + Could we change to a later eval of the sig? + Both bits are called from receive_msg(). + Moving the test is also suboptimal for the case of no ACL (or no + signers to check!) so keep it for that case, but after debug output */ } NEXT_VERIFY: - DEBUG(D_acl) { debug_printf("DKIM [%s] %s signature status: %s", @@ -1915,6 +1918,10 @@ NEXT_VERIFY: else debug_printf("\n"); } + + if ( verify_pass && dkim_verify_minimal + && !(acl_smtp_dkim && dkim_verify_signers && *dkim_verify_signers)) + break; } } diff --git a/src/src/receive.c b/src/src/receive.c index 9fae6ad60..cc64f44f4 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -3518,7 +3518,7 @@ else #ifndef DISABLE_DKIM if (!f.dkim_disable_verify) { - /* Finish verification */ + /* Finish off the body hashes, calculate sigs and do compares */ dkim_exim_verify_finish(); /* Check if we must run the DKIM ACL */ @@ -3527,12 +3527,10 @@ else { uschar * dkim_verify_signers_expanded = expand_string(dkim_verify_signers); - gstring * results = NULL; - int signer_sep = 0; + gstring * results = NULL, * seen_items = NULL; + int signer_sep = 0, old_pool = store_pool; const uschar * ptr; uschar * item; - gstring * seen_items = NULL; - int old_pool = store_pool; store_pool = POOL_PERM; /* Allow created variables to live to data ACL */ @@ -3541,7 +3539,10 @@ else "expansion of dkim_verify_signers option failed: %s", expand_string_message); - /* Default to OK when no items are present */ + /* Loop over signers we want to verify, calling ACL. Default to OK + when no signers are present. Each call from here expands to a n ACL + call per matching sig in the message. */ + rc = OK; while ((item = string_nextinlist(&ptr, &signer_sep, NULL, 0))) { @@ -3586,6 +3587,9 @@ else cancel_cutthrough_connection(TRUE, US"dkim acl not ok"); break; } + else + if (dkim_verify_minimal && Ustrcmp(dkim_verify_status, "pass") == 0) + break; } dkim_verify_status = string_from_gstring(results); store_pool = old_pool; @@ -3606,7 +3610,7 @@ else goto NOT_ACCEPTED; /* Skip to end of function */ } } - else + else /* No acl or no wanted signers */ dkim_exim_verify_log_all(); } #endif /* DISABLE_DKIM */ diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index c52d3f4d6..f8656a6e8 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1688,7 +1688,6 @@ spf_result_guessed = FALSE; #ifndef DISABLE_DKIM dkim_cur_signer = dkim_signers = dkim_signing_domain = dkim_signing_selector = dkim_signatures = NULL; -dkim_cur_signer = dkim_signers = dkim_signing_domain = dkim_signing_selector = NULL; f.dkim_disable_verify = FALSE; dkim_collect_input = 0; dkim_verify_overall = dkim_verify_status = dkim_verify_reason = NULL; diff --git a/test/confs/4510 b/test/confs/4510 index f36b4df3d..6dab3663b 100644 --- a/test/confs/4510 +++ b/test/confs/4510 @@ -11,7 +11,7 @@ primary_hostname = myhost.test.ex # ----- Main settings ----- acl_smtp_rcpt = accept logwrite = rcpt_acl: macro: _DKIM_SIGN_HEADERS -acl_smtp_dkim = accept logwrite = dkim_acl: signer: $dkim_cur_signer bits: $dkim_key_length h=$dkim_headernames +acl_smtp_dkim = check_dkim_sig acl_smtp_data = accept logwrite = data_acl: dkim status $dkim_verify_status dkim_verify_signers = $dkim_signers @@ -24,6 +24,14 @@ DDIR=DIR/aux-fixed/dkim log_selector = -dkim +dkim_verbose +received_recipients +# ----- ACL +begin acl + +check_dkim_sig: + warn logwrite = dkim_acl: signer: $dkim_cur_signer bits: $dkim_key_length \ + h=$dkim_headernames status: $dkim_verify_status + accept + # ----- Routers begin routers diff --git a/test/log/4510 b/test/log/4510 index 0c5ef4d5e..052ce8cdc 100644 --- a/test/log/4510 +++ b/test/log/4510 @@ -40,49 +40,49 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From status: pass 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaY-000000005vi-0000@myhost.test.ex for a@test.ex 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => a R=server_store T=file 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbB-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From:From +1999-03-02 09:44:33 10HmbB-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From:From status: pass 1999-03-02 09:44:33 10HmbB-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 t=T x=T+10 [verification succeeded] 1999-03-02 09:44:33 10HmbB-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbA-000000005vi-0000@myhost.test.ex for b@test.ex 1999-03-02 09:44:33 10HmbB-000000005vi-0000 => b R=server_store T=file 1999-03-02 09:44:33 10HmbB-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbD-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From:From +1999-03-02 09:44:33 10HmbD-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From:From status: pass 1999-03-02 09:44:33 10HmbD-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 t=T [verification succeeded] 1999-03-02 09:44:33 10HmbD-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmbD-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbC-000000005vi-0000@myhost.test.ex for b02@test.ex 1999-03-02 09:44:33 10HmbD-000000005vi-0000 => b02 R=server_store T=file 1999-03-02 09:44:33 10HmbD-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbF-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From +1999-03-02 09:44:33 10HmbF-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From status: pass 1999-03-02 09:44:33 10HmbF-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmbF-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbE-000000005vi-0000@myhost.test.ex for b10@test.ex 1999-03-02 09:44:33 10HmbF-000000005vi-0000 => b10 R=server_store T=file 1999-03-02 09:44:33 10HmbF-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbH-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-mine:X-mine:From +1999-03-02 09:44:33 10HmbH-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-mine:X-mine:From status: pass 1999-03-02 09:44:33 10HmbH-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmbH-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbG-000000005vi-0000@myhost.test.ex for b12@test.ex 1999-03-02 09:44:33 10HmbH-000000005vi-0000 => b12 R=server_store T=file 1999-03-02 09:44:33 10HmbH-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbJ-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-Mine +1999-03-02 09:44:33 10HmbJ-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-Mine status: pass 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbI-000000005vi-0000@myhost.test.ex for b20@test.ex 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 => b20 R=server_store T=file 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbL-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-mine:X-mine:X-Mine +1999-03-02 09:44:33 10HmbL-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=X-mine:X-mine:X-Mine status: pass 1999-03-02 09:44:33 10HmbL-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmbL-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmbL-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbK-000000005vi-0000@myhost.test.ex for b22@test.ex @@ -90,7 +90,7 @@ 1999-03-02 09:44:33 10HmbL-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive 1999-03-02 09:44:33 10HmbN-000000005vi-0000 DKIM: d=test.ex s=sel_bad [failed key import] -1999-03-02 09:44:33 10HmbN-000000005vi-0000 dkim_acl: signer: test.ex bits: 0 h=From +1999-03-02 09:44:33 10HmbN-000000005vi-0000 dkim_acl: signer: test.ex bits: 0 h=From status: invalid 1999-03-02 09:44:33 10HmbN-000000005vi-0000 DKIM: d=test.ex s=sel_bad c=relaxed/relaxed a=rsa-sha256 b=1024 [invalid - syntax error in public key record] 1999-03-02 09:44:33 10HmbN-000000005vi-0000 data_acl: dkim status invalid 1999-03-02 09:44:33 10HmbN-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbM-000000005vi-0000@myhost.test.ex for d@test.ex @@ -104,7 +104,7 @@ 1999-03-02 09:44:33 10HmbP-000000005vi-0000 => e R=server_store T=file 1999-03-02 09:44:33 10HmbP-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbR-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From +1999-03-02 09:44:33 10HmbR-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From status: pass 1999-03-02 09:44:33 10HmbR-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmbR-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmbR-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for f@test.ex diff --git a/test/log/4513 b/test/log/4513 index c72693ca1..8905a27f3 100644 --- a/test/log/4513 +++ b/test/log/4513 @@ -5,7 +5,7 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From:From +1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From:From status: pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha512 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmaY-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for a@test.ex diff --git a/test/log/4514 b/test/log/4514 index 619023da0..eabf55bfe 100644 --- a/test/log/4514 +++ b/test/log/4514 @@ -5,9 +5,9 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 512 h=From:To:Subject +1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 512 h=From:To:Subject status: pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 DKIM: d=test.ex s=ses c=relaxed/relaxed a=rsa-sha256 b=512 [verification succeeded] -1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From:To:Subject +1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From:To:Subject status: pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmaY-000000005vi-0000 data_acl: dkim status pass:pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for c@test.ex diff --git a/test/log/4541 b/test/log/4541 index f2d4c325b..7f1a65c01 100644 --- a/test/log/4541 +++ b/test/log/4541 @@ -8,9 +8,9 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 253 h=From +1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 253 h=From status: pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 DKIM: d=test.ex s=sed c=relaxed/relaxed a=ed25519-sha256 b=512 [verification succeeded] -1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From +1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From status: pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmaY-000000005vi-0000 data_acl: dkim status pass:pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for a@test.ex @@ -18,11 +18,9 @@ 1999-03-02 09:44:33 10HmaY-000000005vi-0000 Completed 1999-03-02 09:44:33 exim x.yz daemon started: pid=p1235, no queue runs, listening for SMTP on port PORT_D 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbA-000000005vi-0000 dkim_acl: signer: test.ex bits: 253 h=From +1999-03-02 09:44:33 10HmbA-000000005vi-0000 dkim_acl: signer: test.ex bits: 253 h=From status: pass 1999-03-02 09:44:33 10HmbA-000000005vi-0000 DKIM: d=test.ex s=sed c=relaxed/relaxed a=ed25519-sha256 b=512 [verification succeeded] -1999-03-02 09:44:33 10HmbA-000000005vi-0000 dkim_acl: signer: test.ex bits: 0 h=From -1999-03-02 09:44:33 10HmbA-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [not verified] -1999-03-02 09:44:33 10HmbA-000000005vi-0000 data_acl: dkim status pass:none +1999-03-02 09:44:33 10HmbA-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmbA-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for b@test.ex 1999-03-02 09:44:33 10HmbA-000000005vi-0000 => b R=server_store T=file 1999-03-02 09:44:33 10HmbA-000000005vi-0000 Completed diff --git a/test/log/4545 b/test/log/4545 index c983a7a96..20ae7cb9a 100644 --- a/test/log/4545 +++ b/test/log/4545 @@ -8,16 +8,16 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 253 h=From:To:Subject +1999-03-02 09:44:33 10HmaY-000000005vi-0000 dkim_acl: signer: test.ex bits: 253 h=From:To:Subject status: pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 DKIM: d=test.ex s=sed c=relaxed/relaxed a=ed25519-sha256 b=512 [verification succeeded] 1999-03-02 09:44:33 10HmaY-000000005vi-0000 data_acl: dkim status pass 1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for a@test.ex 1999-03-02 09:44:33 10HmaY-000000005vi-0000 => a R=server_store T=file 1999-03-02 09:44:33 10HmaY-000000005vi-0000 Completed 1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive -1999-03-02 09:44:33 10HmbA-000000005vi-0000 dkim_acl: signer: test.ex bits: 253 h=From +1999-03-02 09:44:33 10HmbA-000000005vi-0000 dkim_acl: signer: test.ex bits: 253 h=From status: pass 1999-03-02 09:44:33 10HmbA-000000005vi-0000 DKIM: d=test.ex s=sed c=relaxed/relaxed a=ed25519-sha256 b=512 [verification succeeded] -1999-03-02 09:44:33 10HmbA-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From +1999-03-02 09:44:33 10HmbA-000000005vi-0000 dkim_acl: signer: test.ex bits: 1024 h=From status: pass 1999-03-02 09:44:33 10HmbA-000000005vi-0000 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmbA-000000005vi-0000 data_acl: dkim status pass:pass 1999-03-02 09:44:33 10HmbA-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for b@test.ex diff --git a/test/scripts/4540-DKIM-Ed25519/4541 b/test/scripts/4540-DKIM-Ed25519/4541 index cec41df0f..a8ca3f315 100644 --- a/test/scripts/4540-DKIM-Ed25519/4541 +++ b/test/scripts/4540-DKIM-Ed25519/4541 @@ -15,7 +15,7 @@ millisleep 500 killdaemon # # -# Verify only EC sig +# Verify only EC sig, due to "minimal" exim -bd -DSERVER=server -DFILTER=y -oX PORT_D **** # -- 2.30.2