no_require_dnssec option and creation of _HAVE_TRANSPORT_APPEND_MAILDIR
macro. Patches provided by Josh Soref.
+JH/05 Bug 2017: Fix DKIM verification in -bh test mode. The data feed into
+ the dkim code may be unix-mode line endings rather than smtp wire-format
+ CRLF, so prepend a CR to any bare LF.
Exim version 4.88
-----------------
/* Terminate on EOD marker */
if (ctx->flags & PDKIM_DOT_TERM)
{
- if ( memcmp(p, ".\r\n", 3) == 0)
+ if (memcmp(p, ".\r\n", 3) == 0)
return pdkim_body_complete(ctx);
/* Unstuff dots */
if (ctx->flags & PDKIM_PAST_HDRS)
{
+ if (c == '\n' && !(ctx->flags & PDKIM_SEEN_CR)) /* emulate the CR */
+ {
+ ctx->linebuf[ctx->linebuf_offset++] = '\r';
+ if (ctx->linebuf_offset == PDKIM_MAX_BODY_LINE_LEN-1)
+ return PDKIM_ERR_LONG_LINE;
+ }
+
/* Processing body byte */
ctx->linebuf[ctx->linebuf_offset++] = c;
- if (c == '\n')
+ if (c == '\r')
+ ctx->flags |= PDKIM_SEEN_CR;
+ else if (c == '\n')
{
- int rc = pdkim_bodyline_complete(ctx); /* End of line */
- if (rc != PDKIM_OK) return rc;
+ int rc;
+ ctx->flags &= ~PDKIM_SEEN_CR;
+ if ((rc = pdkim_bodyline_complete(ctx)) != PDKIM_OK)
+ return rc;
}
- if (ctx->linebuf_offset == (PDKIM_MAX_BODY_LINE_LEN-1))
+
+ if (ctx->linebuf_offset == PDKIM_MAX_BODY_LINE_LEN-1)
return PDKIM_ERR_LONG_LINE;
}
else
{
/* Processing header byte */
- if (c != '\r')
+ if (c == '\r')
+ ctx->flags |= PDKIM_SEEN_CR;
+ else if (c == '\n')
{
- if (c == '\n')
- {
- if (ctx->flags & PDKIM_SEEN_LF)
- {
- int rc = pdkim_header_complete(ctx); /* Seen last header line */
- if (rc != PDKIM_OK) return rc;
+ if (!(ctx->flags & PDKIM_SEEN_CR)) /* emulate the CR */
+ ctx->cur_header = string_catn(ctx->cur_header, &ctx->cur_header_size,
+ &ctx->cur_header_len, CUS "\r", 1);
- ctx->flags = ctx->flags & ~PDKIM_SEEN_LF | PDKIM_PAST_HDRS;
- DEBUG(D_acl) debug_printf(
- "PDKIM >> Body data for hash, canonicalized >>>>>>>>>>>>>>>>>>>>>>\n");
- continue;
- }
- else
- ctx->flags |= PDKIM_SEEN_LF;
+ if (ctx->flags & PDKIM_SEEN_LF)
+ {
+ int rc = pdkim_header_complete(ctx); /* Seen last header line */
+ if (rc != PDKIM_OK) return rc;
+
+ ctx->flags = ctx->flags & ~(PDKIM_SEEN_LF|PDKIM_SEEN_CR) | PDKIM_PAST_HDRS;
+ DEBUG(D_acl) debug_printf(
+ "PDKIM >> Body data for hash, canonicalized >>>>>>>>>>>>>>>>>>>>>>\n");
+ continue;
}
- else if (ctx->flags & PDKIM_SEEN_LF)
- {
- if (!(c == '\t' || c == ' '))
- {
- int rc = pdkim_header_complete(ctx); /* End of header */
- if (rc != PDKIM_OK) return rc;
- }
- ctx->flags &= ~PDKIM_SEEN_LF;
+ else
+ ctx->flags = ctx->flags & ~PDKIM_SEEN_CR | PDKIM_SEEN_LF;
+ }
+ else if (ctx->flags & PDKIM_SEEN_LF)
+ {
+ if (!(c == '\t' || c == ' '))
+ {
+ int rc = pdkim_header_complete(ctx); /* End of header */
+ if (rc != PDKIM_OK) return rc;
}
+ ctx->flags &= ~PDKIM_SEEN_LF;
}
if (ctx->cur_header_len < PDKIM_MAX_HEADER_LEN)
#define PDKIM_MODE_SIGN BIT(0) /* if unset, mode==verify */
#define PDKIM_DOT_TERM BIT(1) /* dot termination and unstuffing */
-#define PDKIM_SEEN_LF BIT(2)
-#define PDKIM_SEEN_EOD BIT(3)
+#define PDKIM_SEEN_CR BIT(2)
+#define PDKIM_SEEN_LF BIT(3)
#define PDKIM_PAST_HDRS BIT(4)
+#define PDKIM_SEEN_EOD BIT(5)
unsigned flags;
/* One (signing) or several chained (verification) signatures */
--- /dev/null
+4500
\ No newline at end of file
mail from:<ok@test3>
rcpt to:<x@y>
data
+
Some message
.
quit
mail from:<x@y>
rcpt to:<warn_empty@test.ex>
data
+
Testing
.
quit
mail from:<x@y>
rcpt to:<warn_log@test.ex>
data
+
Testing
.
quit
mail from:<x@y>
rcpt to:<warn_user@test.ex>
data
+
Testing
.
quit
rcpt to:<accept@y>
rcpt to:<freeze@y>
data
+
Testing
.
mail from:<x@y>
rcpt to:<accept@y>
data
+
Testing 2
.
mail from:<x@y>
rcpt to:<queue_only@y>
rcpt to:<accept@y>
data
+
Testing 3
.
mail from:<x@y>
rcpt to:<accept@y>
data
+
Testing 4
.
quit
??? 250
data
??? 354
+
Testing
.
??? 250
??? 250
data
??? 354
+
Testing 2
.
??? 250
??? 250
data
??? 354
+
Testing 3
.
??? 250
??? 250
data
??? 354
+
Testing 4
.
??? 250
mail from:<>
rcpt to:<x@y>
data
+
.
quit
****
mail from:<>
rcpt to:<x@y>
data
+
.
quit
****
mail from:<x@y>
rcpt to:<x@y>
data
+
.
vrfy x@y
mail from:<x@y>
mail from:<x@y>
rcpt to:<2@b>
data
+
Message 1
.
rset
mail from:<x@y>
rcpt to:<2@b>
data
+
Message 2
.
quit
mail from:<x@y>
rcpt to:<x@y>
data
+
Message.
.
quit
--- /dev/null
+# DKIM verify, -bh test mode
+#
+#
+# This should pass.
+# - sha1, 1024b
+# Mail original in aux-fixed/4500.msg1.txt
+# Sig generated by: perl aux-fixed/dkim/sign.pl --method=simple/simple < aux-fixed/4500.msg1.txt
+exim -DSERVER=server -DNOTDAEMON -bh 127.0.0.1
+HELO xxx
+MAIL FROM:<CALLER@bloggs.com>
+RCPT TO:<a@test.ex>
+DATA
+DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=test.ex; h=from:to
+ :date:message-id:subject; s=sel; bh=OB9dZVu7+5/ufs3TH9leIcEpXSo=; b=
+ PeUA8iBGfStWv+9/BBKkvCEYj/AVMl4e9k+AqWOXKyuEUfHxqAnV+sPnOejpmvT8
+ 41kuM4u0bICvK371YvB/yO61vtliRhyqU76Y2e55p2uvMADb3UyDhLyzpco4+yBo
+ 1w0AuIxu0VU4TK8UmOLyCw/1hxrh1DcEInbEMEKJ7kI=
+From: mrgus@text.ex
+To: bakawolf@yahoo.com
+Date: Thu, 19 Nov 2015 17:00:07 -0700
+Message-ID: <qwerty1234@disco-zombie.net>
+Subject: simple test
+
+This is a simple test.
+.
+QUIT
+****
+#
+no_stdout_check
+no_msglog_check
rcpt accepted
accept: condition test succeeded in ACL "rcpt"
end of ACL "rcpt": ACCEPT
-host in ignore_fromline_hosts? no (option unset)
>>Headers added by MAIL or RCPT ACL:
X-ACL-Warn: added header line
>>
SMTP<< data
SMTP>> 354 Enter message, ending with "." on a line by itself
search_tidyup called
-host in ignore_fromline_hosts? no (option unset)
>>Headers received:
search_tidyup called
SMTP<< data
SMTP>> 354 Enter message, ending with "." on a line by itself
search_tidyup called
-host in ignore_fromline_hosts? no (option unset)
>>Headers received:
search_tidyup called
SMTP<< data
SMTP>> 354 Enter message, ending with "." on a line by itself
search_tidyup called
-host in ignore_fromline_hosts? no (option unset)
>>Headers received:
search_tidyup called
SMTP<< data
SMTP>> 354 Enter message, ending with "." on a line by itself
search_tidyup called
-host in ignore_fromline_hosts? no (option unset)
>>Headers received:
search_tidyup called
SMTP<< data
SMTP>> 354 Enter message, ending with "." on a line by itself
search_tidyup called
-host in ignore_fromline_hosts? no (option unset)
>>Headers received:
search_tidyup called
SMTP<< data
SMTP>> 354 Enter message, ending with "." on a line by itself
search_tidyup called
-host in ignore_fromline_hosts? no (option unset)
>>Headers received:
search_tidyup called
--- /dev/null
+
+******** SERVER ********
+>>> host in hosts_connection_nolog? no (option unset)
+>>> host in host_lookup? no (option unset)
+>>> host in host_reject_connection? no (option unset)
+>>> host in sender_unqualified_hosts? no (option unset)
+>>> host in recipient_unqualified_hosts? no (option unset)
+>>> host in helo_verify_hosts? no (option unset)
+>>> host in helo_try_verify_hosts? no (option unset)
+>>> host in helo_accept_junk_hosts? no (option unset)
+>>> xxx in helo_lookup_domains? no (end of list)
+>>> processing "accept"
+>>> accept: condition test succeeded in inline ACL
+>>> end of inline ACL: ACCEPT
+>>> host in ignore_fromline_hosts? no (option unset)
+LOG: 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [verification succeeded]
+>>> processing "accept"
+>>> check logwrite = signer: test.ex bits: 1024
+LOG: 10HmaX-0005vi-00 signer: test.ex bits: 1024
+>>> accept: condition test succeeded in inline ACL
+>>> end of inline ACL: ACCEPT
+LOG: 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=qwerty1234@disco-zombie.net
>>> data
??? 354
<<< 354 Enter message, ending with "." on a line by itself
+>>>
>>> Testing
>>> .
??? 250
>>> data
??? 354
<<< 354 Enter message, ending with "." on a line by itself
+>>>
>>> Testing 2
>>> .
??? 250
>>> data
??? 354
<<< 354 Enter message, ending with "." on a line by itself
+>>>
>>> Testing 3
>>> .
??? 250
>>> data
??? 354
<<< 354 Enter message, ending with "." on a line by itself
+>>>
>>> Testing 4
>>> .
??? 250
RCPT TO:<b@test.ex>
250 acceptable rcpt cmd
BDAT 329 LAST
-Unxpected EOF read from client
+Unexpected EOF read from client
Listening on port 1224 ...
Connection request from [127.0.0.1]
220 Greetings
MAIL FROM:<>
RCPT TO:<q@test.ex>
BDAT 329 LAST
-Unxpected EOF read from client
+Unexpected EOF read from client
Listening on port 1224 ...
Connection request from [127.0.0.1]
220 Greetings
git://git.exim.org / users / heiko / exim.git / commitdiff