diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2017-05-29 15:39:45 +0100 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2017-05-29 15:40:07 +0100 |
| commit | 7c3e81ab7a91f184fd1a221d315206686c8b33d7 (patch) | |
| tree | 7c65e63aa71b7515285c5a2ca6b208ae66cab3ed | |
| parent | 1427aa052ab313d6aa9eae6af593180847abd3a3 (diff) | |
| download | rspamd-7c3e81ab7a91f184fd1a221d315206686c8b33d7.tar.gz rspamd-7c3e81ab7a91f184fd1a221d315206686c8b33d7.zip | |
[Minor] More fixes to arc sealing
| -rw-r--r-- | src/plugins/lua/arc.lua | 33 |
1 files changed, 22 insertions, 11 deletions
diff --git a/src/plugins/lua/arc.lua b/src/plugins/lua/arc.lua index 60db2035b..403bfffcc 100644 --- a/src/plugins/lua/arc.lua +++ b/src/plugins/lua/arc.lua @@ -373,15 +373,21 @@ local function arc_sign_seal(task, params, header) cur_idx = #arc_seals + 1 for i = (cur_idx - 1), 1, (-1) do if arc_auth_results[i] then - sha_ctx:update(dkim_canonicalize('ARC-Authentication-Results', - arc_auth_results[i].value)) + local s = dkim_canonicalize('ARC-Authentication-Results', + arc_auth_results[i].value) + sha_ctx:update(s) + rspamd_logger.debugm(N, task, 'update signature with header: %s', s) end if arc_sigs[i] then - sha_ctx:update(dkim_canonicalize('ARC-Message-Signature', - arc_sigs[i].raw_header)) + local s = dkim_canonicalize('ARC-Message-Signature', + arc_sigs[i].raw_header) + sha_ctx:update(s) + rspamd_logger.debugm(N, task, 'update signature with header: %s', s) end if arc_seals[i] then - sha_ctx:update(dkim_canonicalize('ARC-Seal', arc_seals[i].raw_header)) + local s = dkim_canonicalize('ARC-Seal', arc_seals[i].raw_header) + sha_ctx:update(s) + rspamd_logger.debugm(N, task, 'update signature with header: %s', s) end end end @@ -389,20 +395,25 @@ local function arc_sign_seal(task, params, header) header = rspamd_util.fold_header( 'ARC-Message-Signature', header) + cur_auth_results = rspamd_util.fold_header( 'ARC-Authentication-Results', cur_auth_results) cur_auth_results = string.format('i=%d; %s', cur_idx, cur_auth_results) - sha_ctx:update(dkim_canonicalize('ARC-Authentication-Results', - cur_auth_results)) - sha_ctx:update(dkim_canonicalize('ARC-Message-Signature', - header)) + local s = dkim_canonicalize('ARC-Authentication-Results', + cur_auth_results) + sha_ctx:update(s) + rspamd_logger.debugm(N, task, 'update signature with header: %s', s) + s = dkim_canonicalize('ARC-Message-Signature', header) + sha_ctx:update(s) + rspamd_logger.debugm(N, task, 'update signature with header: %s', s) local cur_arc_seal = string.format('i=%d; s=%s; d=%s; t=%d; a=rsa-sha256; cv=%s; b=', cur_idx, params.selector, params.domain, rspamd_util.get_time(), params.arc_cv) - sha_ctx:update(dkim_canonicalize('ARC-Message-Signature', - cur_arc_seal)) + s = string.format('%s:%s', 'arc-seal', cur_arc_seal) + sha_ctx:update(s) + rspamd_logger.debugm(N, task, 'initial update signature with header: %s', s) local sig = rspamd_rsa.sign_memory(privkey, sha_ctx:bin()) cur_arc_seal = string.format('%s%s', cur_arc_seal, |