aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2017-05-27 14:33:19 +0100
committerVsevolod Stakhov <vsevolod@highsecure.ru>2017-05-27 14:33:19 +0100
commit4ecfed9e6dcd329c5d28c8cbd7adaf62c9b77420 (patch)
tree3bc4c0b594a918e1e4c3352f973f8f0f7c2c5e4a
parentc407dfd27a5c085e9518534d0ca43507311daf60 (diff)
downloadrspamd-4ecfed9e6dcd329c5d28c8cbd7adaf62c9b77420.tar.gz
rspamd-4ecfed9e6dcd329c5d28c8cbd7adaf62c9b77420.zip
[Minor] Couple ARC fixes
-rw-r--r--src/libserver/dkim.c63
1 files changed, 37 insertions, 26 deletions
diff --git a/src/libserver/dkim.c b/src/libserver/dkim.c
index cbb687454..772760b52 100644
--- a/src/libserver/dkim.c
+++ b/src/libserver/dkim.c
@@ -633,7 +633,7 @@ rspamd_dkim_add_arc_seal_headers (rspamd_mempool_t *pool,
struct rspamd_dkim_common_ctx *ctx)
{
struct rspamd_dkim_header *hdr;
- guint count = ctx->idx + 1, i;
+ guint count = ctx->idx, i;
ctx->hlist = g_ptr_array_sized_new (count * 3 - 1);
@@ -641,20 +641,20 @@ rspamd_dkim_add_arc_seal_headers (rspamd_mempool_t *pool,
/* Authentication results */
hdr = rspamd_mempool_alloc (pool, sizeof (*hdr));
hdr->name = RSPAMD_DKIM_ARC_AUTHHEADER;
- hdr->count = i + 1;
+ hdr->count = i;
g_ptr_array_add (ctx->hlist, hdr);
/* Arc signature */
hdr = rspamd_mempool_alloc (pool, sizeof (*hdr));
hdr->name = RSPAMD_DKIM_ARC_SIGNHEADER;
- hdr->count = i + 1;
+ hdr->count = i;
g_ptr_array_add (ctx->hlist, hdr);
/* Arc seal (except last one) */
if (i != count - 1) {
hdr = rspamd_mempool_alloc (pool, sizeof (*hdr));
hdr->name = RSPAMD_DKIM_ARC_SEALHEADER;
- hdr->count = i + 1;
+ hdr->count = i;
g_ptr_array_add (ctx->hlist, hdr);
}
}
@@ -699,8 +699,16 @@ rspamd_create_dkim_context (const gchar *sig,
ctx = rspamd_mempool_alloc0 (pool, sizeof (rspamd_dkim_context_t));
ctx->pool = pool;
- ctx->common.header_canon_type = DKIM_CANON_DEFAULT;
- ctx->common.body_canon_type = DKIM_CANON_DEFAULT;
+
+ if (type == RSPAMD_DKIM_ARC_SEAL) {
+ ctx->common.header_canon_type = DKIM_CANON_RELAXED;
+ ctx->common.body_canon_type = DKIM_CANON_RELAXED;
+ }
+ else {
+ ctx->common.header_canon_type = DKIM_CANON_DEFAULT;
+ ctx->common.body_canon_type = DKIM_CANON_DEFAULT;
+ }
+
ctx->sig_alg = DKIM_SIGN_UNKNOWN;
ctx->common.pool = pool;
ctx->common.type = type;
@@ -992,29 +1000,32 @@ rspamd_create_dkim_context (const gchar *sig,
"s parameter missing");
return NULL;
}
- if (ctx->sig_alg == DKIM_SIGN_RSASHA1) {
- /* Check bh length */
- if (ctx->bhlen != (guint)EVP_MD_size (EVP_sha1 ())) {
- g_set_error (err,
- DKIM_ERROR,
- DKIM_SIGERROR_BADSIG,
- "signature has incorrect length: %zu",
- ctx->bhlen);
- return NULL;
- }
- }
- else if (ctx->sig_alg == DKIM_SIGN_RSASHA256) {
- if (ctx->bhlen !=
- (guint)EVP_MD_size (EVP_sha256 ())) {
- g_set_error (err,
- DKIM_ERROR,
- DKIM_SIGERROR_BADSIG,
- "signature has incorrect length: %zu",
- ctx->bhlen);
- return NULL;
+ if (type != RSPAMD_DKIM_ARC_SEAL) {
+ if (ctx->sig_alg == DKIM_SIGN_RSASHA1) {
+ /* Check bh length */
+ if (ctx->bhlen != (guint) EVP_MD_size (EVP_sha1 ())) {
+ g_set_error (err,
+ DKIM_ERROR,
+ DKIM_SIGERROR_BADSIG,
+ "signature has incorrect length: %zu",
+ ctx->bhlen);
+ return NULL;
+ }
+
+ } else if (ctx->sig_alg == DKIM_SIGN_RSASHA256) {
+ if (ctx->bhlen !=
+ (guint) EVP_MD_size (EVP_sha256 ())) {
+ g_set_error (err,
+ DKIM_ERROR,
+ DKIM_SIGERROR_BADSIG,
+ "signature has incorrect length: %zu",
+ ctx->bhlen);
+ return NULL;
+ }
}
}
+
/* Check expiration */
now = time (NULL);
if (ctx->timestamp && now < ctx->timestamp && ctx->timestamp - now >