-/*XXX so we currently nail signing to RSA + given hash.
-Need to extract algo from privkey and check for disallowed combos. */
-
- if (!(ctx = pdkim_init_sign(dkim_signing_domain,
- dkim_signing_selector,
- dkim_private_key_expanded,
- dkim_hash_expanded,
- dkim->dot_stuffed,
- &dkim_exim_query_dns_txt,
- errstr
- )))
- goto bad;
- dkim_private_key_expanded[0] = '\0';
- pdkim_set_optional(ctx,
- CS dkim_sign_headers_expanded,
- NULL,
- pdkim_canon,
- pdkim_canon, -1, 0, 0);
-
- if (prefix)
- pdkim_feed(ctx, prefix, Ustrlen(prefix));
-
- if (lseek(fd, off, SEEK_SET) < 0)
- sread = -1;
- else
- while ((sread = read(fd, &buf, sizeof(buf))) > 0)
- if ((pdkim_rc = pdkim_feed(ctx, buf, sread)) != PDKIM_OK)
- goto pk_bad;
-
- /* Handle failed read above. */
- if (sread == -1)
- {
- debug_printf("DKIM: Error reading -K file.\n");
- save_errno = errno;
- goto bad;
+ if (!(sig = pdkim_init_sign(&ctx, dkim_signing_domain,
+ dkim_signing_selector,
+ dkim_private_key_expanded,
+ dkim_hash_expanded,
+ errstr
+ )))
+ goto bad;
+ dkim_private_key_expanded[0] = '\0';
+
+ pdkim_set_optional(sig,
+ CS dkim_sign_headers_expanded,
+ NULL,
+ pdkim_canon,
+ pdkim_canon, -1, 0, 0);
+
+ if (!ctx.sig) /* link sig to context chain */
+ ctx.sig = sig;
+ else
+ {
+ pdkim_signature * n = ctx.sig;
+ while (n->next) n = n->next;
+ n->next = sig;
+ }