- /* Feed header to the hash algorithm */
- if (sig->algo == PDKIM_ALGO_RSA_SHA1)
- sha1_update(&(sha1_headers),(unsigned char *)rh,strlen(rh));
- else
- sha2_update(&(sha2_headers),(unsigned char *)rh,strlen(rh));
- #ifdef PDKIM_DEBUG
- if (ctx->debug_stream)
- pdkim_quoteprint(ctx->debug_stream, rh, strlen(rh), 1);
- #endif
- free(rh);
- p = p->next;
+ /* Feed header to the hash algorithm */
+ if (sig->algo == PDKIM_ALGO_RSA_SHA1)
+ sha1_update(&(sha1_headers),(unsigned char *)rh,strlen(rh));
+ else
+ sha2_update(&(sha2_headers),(unsigned char *)rh,strlen(rh));
+ #ifdef PDKIM_DEBUG
+ if (ctx->debug_stream)
+ pdkim_quoteprint(ctx->debug_stream, rh, strlen(rh), 1);
+ #endif
+ free(rh);
+ p = p->next;
+ }
+ }
+ /* VERIFICATION ----------------------------------------------------------- */
+ /* When verifying, walk through the header name list in the h= parameter and
+ add the headers to the hash in that order. */
+ else {
+ char *b = strdup(sig->headernames);
+ char *p = b;
+ char *q = NULL;
+ if (b == NULL) return PDKIM_ERR_OOM;
+
+ while(1) {
+ pdkim_stringlist *hdrs = sig->headers;
+ q = strchr(p,':');
+ if (q != NULL) *q = '\0';
+ while (hdrs != NULL) {
+ if (strncasecmp(hdrs->value,p,strlen(p)) == 0) {
+ char *rh = NULL;
+ if (sig->canon_headers == PDKIM_CANON_RELAXED)
+ rh = pdkim_relax_header(hdrs->value,1); /* cook header for relaxed canon */
+ else
+ rh = strdup(hdrs->value); /* just copy it for simple canon */
+ if (rh == NULL) return PDKIM_ERR_OOM;
+ /* Feed header to the hash algorithm */
+ if (sig->algo == PDKIM_ALGO_RSA_SHA1)
+ sha1_update(&(sha1_headers),(unsigned char *)rh,strlen(rh));
+ else
+ sha2_update(&(sha2_headers),(unsigned char *)rh,strlen(rh));
+ #ifdef PDKIM_DEBUG
+ if (ctx->debug_stream)
+ pdkim_quoteprint(ctx->debug_stream, rh, strlen(rh), 1);
+ #endif
+ free(rh);
+ }
+ hdrs = hdrs->next;
+ }
+ if (q == NULL) break;
+ p = q+1;
+ }
+ free(b);