12 years ago · 1048ad10cd
--- a/src/dkim.c
+++ b/src/dkim.c
@@ -349,7 +349,7 @@ rspamd_dkim_parse_bodylength (rspamd_dkim_context_t* ctx, const gchar *param, gs
 * @return new context or NULL
 */
 rspamd_dkim_context_t*
 rspamd_create_dkim_context (const gchar *sig, memory_pool_t *pool, GError **err)
 rspamd_create_dkim_context (const gchar *sig, memory_pool_t *pool, guint time_jitter, GError **err)
 {
 	const gchar						*p, *c, *tag, *end;
 	gsize							 taglen;
@@ -577,7 +577,7 @@ rspamd_create_dkim_context (const gchar *sig, memory_pool_t *pool, GError **err)
 	}
 	/* Check expiration */
 	now = time (NULL);
 	if (new->timestamp && new->timestamp > now) {
 	if (new->timestamp && now < new->timestamp && new->timestamp - now > (gint)time_jitter) {
 		g_set_error (err, DKIM_ERROR, DKIM_SIGERROR_FUTURE, "signature was made in future, ignoring");
 		return NULL;
 	}
--- a/src/dkim.h
+++ b/src/dkim.h
@@ -172,10 +172,11 @@ typedef void (*dkim_key_handler_f)(rspamd_dkim_key_t *key, gsize keylen, rspamd_
 * Create new dkim context from signature
 * @param sig message's signature
 * @param pool pool to allocate memory from
 * @param time_jitter jitter in seconds to allow time diff while checking
 * @param err pointer to error object
 * @return new context or NULL
 */
 rspamd_dkim_context_t* rspamd_create_dkim_context (const gchar *sig, memory_pool_t *pool, GError **err);
 rspamd_dkim_context_t* rspamd_create_dkim_context (const gchar *sig, memory_pool_t *pool,  guint time_jitter, GError **err);

 /**
 * Make DNS request for specified context and obtain and parse key
--- a/src/plugins/dkim_check.c
+++ b/src/plugins/dkim_check.c
@@ -33,6 +33,7 @@
 * - domains (map): map of domains to check (if absent all domains are checked)
 * - strict_domains (map): map of domains that requires strict score for dkim
 * - strict_multiplier (number): multiplier for strict domains
 * - time_jitter (number): jitter in seconds to allow time diff while checking
 */

 #include "config.h"
@@ -52,6 +53,7 @@
 #define DEFAULT_SYMBOL_ALLOW "R_DKIM_ALLOW"
 #define DEFAULT_CACHE_SIZE 2048
 #define DEFAULT_CACHE_MAXAGE 86400
 #define DEFAULT_TIME_JITTER 60

 struct dkim_ctx {
 	gint                            (*filter) (struct worker_task * task);
@@ -64,6 +66,7 @@ struct dkim_ctx {
 	GHashTable						*dkim_domains;
 	GHashTable						*strict_domains;
 	guint							 strict_multiplier;
 	guint							 time_jitter;
 	rspamd_lru_hash_t               *dkim_hash;
 };

@@ -100,6 +103,7 @@ dkim_module_init (struct config_file *cfg, struct module_ctx **ctx)
 	register_module_opt ("dkim", "domains", MODULE_OPT_TYPE_MAP);
 	register_module_opt ("dkim", "strict_domains", MODULE_OPT_TYPE_MAP);
 	register_module_opt ("dkim", "strict_multiplier", MODULE_OPT_TYPE_UINT);
 	register_module_opt ("dkim", "time_jitter", MODULE_OPT_TYPE_TIME);

 	return 0;
 }
@@ -143,6 +147,12 @@ dkim_module_config (struct config_file *cfg)
 	else {
 		cache_expire = DEFAULT_CACHE_MAXAGE;
 	}
 	if ((value = get_module_opt (cfg, "dkim", "time_jitter")) != NULL) {
 		dkim_module_ctx->time_jitter = cfg_parse_time (value, TIME_SECONDS) / 1000;
 	}
 	else {
 		dkim_module_ctx->time_jitter = DEFAULT_TIME_JITTER;
 	}
 	if ((value = get_module_opt (cfg, "dkim", "whitelist")) != NULL) {
 		if (! add_map (value, read_radix_list, fin_radix_list, (void **)&dkim_module_ctx->whitelist_ip)) {
 			msg_warn ("cannot load whitelist from %s", value);
@@ -285,7 +295,7 @@ dkim_symbol_callback (struct worker_task *task, void *unused)
 #endif
 			/* Parse signature */
 			msg_debug ("create dkim signature");
 			ctx = rspamd_create_dkim_context (hlist->data, task->task_pool, &err);
 			ctx = rspamd_create_dkim_context (hlist->data, task->task_pool, dkim_module_ctx->time_jitter, &err);
 			if (ctx == NULL) {
 				msg_info ("cannot parse DKIM context: %s", err->message);
 				g_error_free (err);
--- a/test/rspamd_dkim_test.c
+++ b/test/rspamd_dkim_test.c
@@ -81,7 +81,7 @@ rspamd_dkim_test_func ()

 	g_assert (resolver != NULL);

 	ctx = rspamd_create_dkim_context (test_dkim_sig, pool, &err);
 	ctx = rspamd_create_dkim_context (test_dkim_sig, pool, 0, &err);

 	g_assert (ctx != NULL);