Vsevolod Stakhov
vor 7 Jahren
1 geänderte Dateien mit 37 neuen und 26 gelöschten Zeilen
+ 37
- 26
src/libserver/dkim.c
Datei anzeigen
| @@ -633,7 +633,7 @@ rspamd_dkim_add_arc_seal_headers (rspamd_mempool_t *pool, | |||
| struct rspamd_dkim_common_ctx *ctx) | |||
| { | |||
| struct rspamd_dkim_header *hdr; | |||
| guint count = ctx->idx + 1, i; | |||
| guint count = ctx->idx, i; | |||
| ctx->hlist = g_ptr_array_sized_new (count * 3 - 1); | |||
| @@ -641,20 +641,20 @@ rspamd_dkim_add_arc_seal_headers (rspamd_mempool_t *pool, | |||
| /* Authentication results */ | |||
| hdr = rspamd_mempool_alloc (pool, sizeof (*hdr)); | |||
| hdr->name = RSPAMD_DKIM_ARC_AUTHHEADER; | |||
| hdr->count = i + 1; | |||
| hdr->count = i; | |||
| g_ptr_array_add (ctx->hlist, hdr); | |||
| /* Arc signature */ | |||
| hdr = rspamd_mempool_alloc (pool, sizeof (*hdr)); | |||
| hdr->name = RSPAMD_DKIM_ARC_SIGNHEADER; | |||
| hdr->count = i + 1; | |||
| hdr->count = i; | |||
| g_ptr_array_add (ctx->hlist, hdr); | |||
| /* Arc seal (except last one) */ | |||
| if (i != count - 1) { | |||
| hdr = rspamd_mempool_alloc (pool, sizeof (*hdr)); | |||
| hdr->name = RSPAMD_DKIM_ARC_SEALHEADER; | |||
| hdr->count = i + 1; | |||
| hdr->count = i; | |||
| g_ptr_array_add (ctx->hlist, hdr); | |||
| } | |||
| } | |||
| @@ -699,8 +699,16 @@ rspamd_create_dkim_context (const gchar *sig, | |||
| ctx = rspamd_mempool_alloc0 (pool, sizeof (rspamd_dkim_context_t)); | |||
| ctx->pool = pool; | |||
| ctx->common.header_canon_type = DKIM_CANON_DEFAULT; | |||
| ctx->common.body_canon_type = DKIM_CANON_DEFAULT; | |||
| if (type == RSPAMD_DKIM_ARC_SEAL) { | |||
| ctx->common.header_canon_type = DKIM_CANON_RELAXED; | |||
| ctx->common.body_canon_type = DKIM_CANON_RELAXED; | |||
| } | |||
| else { | |||
| ctx->common.header_canon_type = DKIM_CANON_DEFAULT; | |||
| ctx->common.body_canon_type = DKIM_CANON_DEFAULT; | |||
| } | |||
| ctx->sig_alg = DKIM_SIGN_UNKNOWN; | |||
| ctx->common.pool = pool; | |||
| ctx->common.type = type; | |||
| @@ -992,29 +1000,32 @@ rspamd_create_dkim_context (const gchar *sig, | |||
| "s parameter missing"); | |||
| return NULL; | |||
| } | |||
| if (ctx->sig_alg == DKIM_SIGN_RSASHA1) { | |||
| /* Check bh length */ | |||
| if (ctx->bhlen != (guint)EVP_MD_size (EVP_sha1 ())) { | |||
| g_set_error (err, | |||
| DKIM_ERROR, | |||
| DKIM_SIGERROR_BADSIG, | |||
| "signature has incorrect length: %zu", | |||
| ctx->bhlen); | |||
| return NULL; | |||
| } | |||
| } | |||
| else if (ctx->sig_alg == DKIM_SIGN_RSASHA256) { | |||
| if (ctx->bhlen != | |||
| (guint)EVP_MD_size (EVP_sha256 ())) { | |||
| g_set_error (err, | |||
| DKIM_ERROR, | |||
| DKIM_SIGERROR_BADSIG, | |||
| "signature has incorrect length: %zu", | |||
| ctx->bhlen); | |||
| return NULL; | |||
| if (type != RSPAMD_DKIM_ARC_SEAL) { | |||
| if (ctx->sig_alg == DKIM_SIGN_RSASHA1) { | |||
| /* Check bh length */ | |||
| if (ctx->bhlen != (guint) EVP_MD_size (EVP_sha1 ())) { | |||
| g_set_error (err, | |||
| DKIM_ERROR, | |||
| DKIM_SIGERROR_BADSIG, | |||
| "signature has incorrect length: %zu", | |||
| ctx->bhlen); | |||
| return NULL; | |||
| } | |||
| } else if (ctx->sig_alg == DKIM_SIGN_RSASHA256) { | |||
| if (ctx->bhlen != | |||
| (guint) EVP_MD_size (EVP_sha256 ())) { | |||
| g_set_error (err, | |||
| DKIM_ERROR, | |||
| DKIM_SIGERROR_BADSIG, | |||
| "signature has incorrect length: %zu", | |||
| ctx->bhlen); | |||
| return NULL; | |||
| } | |||
| } | |||
| } | |||
| /* Check expiration */ | |||
| now = time (NULL); | |||
| if (ctx->timestamp && now < ctx->timestamp && ctx->timestamp - now > | |||
Laden…