diff options
author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2020-09-23 12:15:13 +0100 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2020-09-23 12:15:13 +0100 |
commit | cddc9021de2e7d2eee1a843620af8c80eb5acf2c (patch) | |
tree | 134406fe11764a559d68198628e3895bef897c01 | |
parent | e4fcd0fcda0d192b068dc28eb317e09dc0eb3a12 (diff) | |
download | rspamd-cddc9021de2e7d2eee1a843620af8c80eb5acf2c.tar.gz rspamd-cddc9021de2e7d2eee1a843620af8c80eb5acf2c.zip |
[Minor] Dkim: Use IDNA translation in DKIM checks as well
-rw-r--r-- | src/libserver/dkim.c | 54 | ||||
-rw-r--r-- | src/libserver/dkim.h | 1 | ||||
-rw-r--r-- | src/plugins/dkim_check.c | 2 |
3 files changed, 49 insertions, 8 deletions
diff --git a/src/libserver/dkim.c b/src/libserver/dkim.c index a37f1c036..62acad4fe 100644 --- a/src/libserver/dkim.c +++ b/src/libserver/dkim.c @@ -130,6 +130,7 @@ enum rspamd_arc_seal_cv { struct rspamd_dkim_context_s { struct rspamd_dkim_common_ctx common; rspamd_mempool_t *pool; + struct rspamd_dns_resolver *resolver; gsize blen; gsize bhlen; gint sig_alg; @@ -333,8 +334,25 @@ rspamd_dkim_parse_domain (rspamd_dkim_context_t * ctx, gsize len, GError **err) { - ctx->domain = rspamd_mempool_alloc (ctx->pool, len + 1); - rspamd_strlcpy (ctx->domain, param, len + 1); + if (!rspamd_str_has_8bit (param, len)) { + ctx->domain = rspamd_mempool_alloc (ctx->pool, len + 1); + rspamd_strlcpy (ctx->domain, param, len + 1); + } + else { + ctx->domain = rspamd_dns_resolver_idna_convert_utf8 (ctx->resolver, + ctx->pool, param, len, NULL); + + if (!ctx->domain) { + g_set_error (err, + DKIM_ERROR, + DKIM_SIGERROR_INVALID_H, + "invalid dkim domain tag %*.s: idna failed", + (int)len, param); + + return FALSE; + } + } + return TRUE; } @@ -416,8 +434,26 @@ rspamd_dkim_parse_selector (rspamd_dkim_context_t * ctx, gsize len, GError **err) { - ctx->selector = rspamd_mempool_alloc (ctx->pool, len + 1); - rspamd_strlcpy (ctx->selector, param, len + 1); + + if (!rspamd_str_has_8bit (param, len)) { + ctx->selector = rspamd_mempool_alloc (ctx->pool, len + 1); + rspamd_strlcpy (ctx->selector, param, len + 1); + } + else { + ctx->selector = rspamd_dns_resolver_idna_convert_utf8 (ctx->resolver, + ctx->pool, param, len, NULL); + + if (!ctx->selector) { + g_set_error (err, + DKIM_ERROR, + DKIM_SIGERROR_INVALID_H, + "invalid dkim selector tag %*.s: idna failed", + (int)len, param); + + return FALSE; + } + } + return TRUE; } @@ -758,10 +794,11 @@ rspamd_dkim_add_arc_seal_headers (rspamd_mempool_t *pool, */ rspamd_dkim_context_t * rspamd_create_dkim_context (const gchar *sig, - rspamd_mempool_t *pool, - guint time_jitter, - enum rspamd_dkim_type type, - GError **err) + rspamd_mempool_t *pool, + struct rspamd_dns_resolver *resolver, + guint time_jitter, + enum rspamd_dkim_type type, + GError **err) { const gchar *p, *c, *tag = NULL, *end; gsize taglen; @@ -788,6 +825,7 @@ rspamd_create_dkim_context (const gchar *sig, ctx = rspamd_mempool_alloc0 (pool, sizeof (rspamd_dkim_context_t)); ctx->pool = pool; + ctx->resolver = resolver; if (type == RSPAMD_DKIM_ARC_SEAL) { ctx->common.header_canon_type = DKIM_CANON_RELAXED; diff --git a/src/libserver/dkim.h b/src/libserver/dkim.h index afd272028..011b79eff 100644 --- a/src/libserver/dkim.h +++ b/src/libserver/dkim.h @@ -166,6 +166,7 @@ typedef void (*dkim_key_handler_f) (rspamd_dkim_key_t *key, gsize keylen, */ rspamd_dkim_context_t *rspamd_create_dkim_context (const gchar *sig, rspamd_mempool_t *pool, + struct rspamd_dns_resolver *resolver, guint time_jitter, enum rspamd_dkim_type type, GError **err); diff --git a/src/plugins/dkim_check.c b/src/plugins/dkim_check.c index 43331d9d9..a46624bd8 100644 --- a/src/plugins/dkim_check.c +++ b/src/plugins/dkim_check.c @@ -1187,6 +1187,7 @@ dkim_symbol_callback (struct rspamd_task *task, ctx = rspamd_create_dkim_context (rh_cur->decoded, task->task_pool, + task->resolver, dkim_module_ctx->time_jitter, RSPAMD_DKIM_NORMAL, &err); @@ -1508,6 +1509,7 @@ lua_dkim_verify_handler (lua_State *L) ctx = rspamd_create_dkim_context (sig, task->task_pool, + task->resolver, dkim_module_ctx->time_jitter, type, &err); |