diff options
author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2017-05-27 14:33:19 +0100 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2017-05-27 14:33:19 +0100 |
commit | 4ecfed9e6dcd329c5d28c8cbd7adaf62c9b77420 (patch) | |
tree | 3bc4c0b594a918e1e4c3352f973f8f0f7c2c5e4a | |
parent | c407dfd27a5c085e9518534d0ca43507311daf60 (diff) | |
download | rspamd-4ecfed9e6dcd329c5d28c8cbd7adaf62c9b77420.tar.gz rspamd-4ecfed9e6dcd329c5d28c8cbd7adaf62c9b77420.zip |
[Minor] Couple ARC fixes
-rw-r--r-- | src/libserver/dkim.c | 63 |
1 files changed, 37 insertions, 26 deletions
diff --git a/src/libserver/dkim.c b/src/libserver/dkim.c index cbb687454..772760b52 100644 --- a/src/libserver/dkim.c +++ b/src/libserver/dkim.c @@ -633,7 +633,7 @@ rspamd_dkim_add_arc_seal_headers (rspamd_mempool_t *pool, struct rspamd_dkim_common_ctx *ctx) { struct rspamd_dkim_header *hdr; - guint count = ctx->idx + 1, i; + guint count = ctx->idx, i; ctx->hlist = g_ptr_array_sized_new (count * 3 - 1); @@ -641,20 +641,20 @@ rspamd_dkim_add_arc_seal_headers (rspamd_mempool_t *pool, /* Authentication results */ hdr = rspamd_mempool_alloc (pool, sizeof (*hdr)); hdr->name = RSPAMD_DKIM_ARC_AUTHHEADER; - hdr->count = i + 1; + hdr->count = i; g_ptr_array_add (ctx->hlist, hdr); /* Arc signature */ hdr = rspamd_mempool_alloc (pool, sizeof (*hdr)); hdr->name = RSPAMD_DKIM_ARC_SIGNHEADER; - hdr->count = i + 1; + hdr->count = i; g_ptr_array_add (ctx->hlist, hdr); /* Arc seal (except last one) */ if (i != count - 1) { hdr = rspamd_mempool_alloc (pool, sizeof (*hdr)); hdr->name = RSPAMD_DKIM_ARC_SEALHEADER; - hdr->count = i + 1; + hdr->count = i; g_ptr_array_add (ctx->hlist, hdr); } } @@ -699,8 +699,16 @@ rspamd_create_dkim_context (const gchar *sig, ctx = rspamd_mempool_alloc0 (pool, sizeof (rspamd_dkim_context_t)); ctx->pool = pool; - ctx->common.header_canon_type = DKIM_CANON_DEFAULT; - ctx->common.body_canon_type = DKIM_CANON_DEFAULT; + + if (type == RSPAMD_DKIM_ARC_SEAL) { + ctx->common.header_canon_type = DKIM_CANON_RELAXED; + ctx->common.body_canon_type = DKIM_CANON_RELAXED; + } + else { + ctx->common.header_canon_type = DKIM_CANON_DEFAULT; + ctx->common.body_canon_type = DKIM_CANON_DEFAULT; + } + ctx->sig_alg = DKIM_SIGN_UNKNOWN; ctx->common.pool = pool; ctx->common.type = type; @@ -992,29 +1000,32 @@ rspamd_create_dkim_context (const gchar *sig, "s parameter missing"); return NULL; } - if (ctx->sig_alg == DKIM_SIGN_RSASHA1) { - /* Check bh length */ - if (ctx->bhlen != (guint)EVP_MD_size (EVP_sha1 ())) { - g_set_error (err, - DKIM_ERROR, - DKIM_SIGERROR_BADSIG, - "signature has incorrect length: %zu", - ctx->bhlen); - return NULL; - } - } - else if (ctx->sig_alg == DKIM_SIGN_RSASHA256) { - if (ctx->bhlen != - (guint)EVP_MD_size (EVP_sha256 ())) { - g_set_error (err, - DKIM_ERROR, - DKIM_SIGERROR_BADSIG, - "signature has incorrect length: %zu", - ctx->bhlen); - return NULL; + if (type != RSPAMD_DKIM_ARC_SEAL) { + if (ctx->sig_alg == DKIM_SIGN_RSASHA1) { + /* Check bh length */ + if (ctx->bhlen != (guint) EVP_MD_size (EVP_sha1 ())) { + g_set_error (err, + DKIM_ERROR, + DKIM_SIGERROR_BADSIG, + "signature has incorrect length: %zu", + ctx->bhlen); + return NULL; + } + + } else if (ctx->sig_alg == DKIM_SIGN_RSASHA256) { + if (ctx->bhlen != + (guint) EVP_MD_size (EVP_sha256 ())) { + g_set_error (err, + DKIM_ERROR, + DKIM_SIGERROR_BADSIG, + "signature has incorrect length: %zu", + ctx->bhlen); + return NULL; + } } } + /* Check expiration */ now = time (NULL); if (ctx->timestamp && now < ctx->timestamp && ctx->timestamp - now > |