]> git.pld-linux.org Git - packages/exim.git/blame - exim-dkim.patch
projects / packages / exim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- rel 2; dkim fixes/updates from cvs
[packages/exim.git] / exim-dkim.patch
CommitLineData
b6cbc73e
AM		 1diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/dkim.c src/dkim.c
2--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/dkim.c 2009-11-16 20:50:36.000000000 +0100
3+++ src/dkim.c 2009-12-17 12:17:01.778692630 +0100
4@@ -1,4 +1,4 @@
5-/* $Cambridge: exim/exim-src/src/dkim.c,v 1.10 2009/11/16 19:50:36 nm4 Exp $ */
6+/* $Cambridge: exim/exim-src/src/dkim.c,v 1.11 2009/12/15 08:23:15 tom Exp $ */
7
8 /*************************************************
9 * Exim - an Internet mail transport agent *
10@@ -391,6 +391,7 @@
11 uschar *rc = NULL;
12 pdkim_signature *signature;
13 int pdkim_canon;
14+ int pdkim_rc;
15 int sread;
16 char buf[4096];
17 int save_errno = 0;
18@@ -511,8 +512,11 @@
19 goto CLEANUP;
20 }
21
22- if (pdkim_feed_finish(ctx,&signature) != PDKIM_OK)
23+ pdkim_rc = pdkim_feed_finish(ctx,&signature);
24+ if (pdkim_rc != PDKIM_OK) {
25+ log_write(0, LOG_MAIN|LOG_PANIC, "DKIM: signing failed (RC %d)", pdkim_rc);
26 goto CLEANUP;
27+ }
28
29 rc = store_get(strlen(signature->signature_header)+3);
30 Ustrcpy(rc,US signature->signature_header);
31diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/base64.c src/pdkim/base64.c
32--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/base64.c 2009-06-10 09:34:05.000000000 +0200
33+++ src/pdkim/base64.c 2009-12-17 12:17:01.822130396 +0100
34@@ -1,9 +1,10 @@
35 /*
36 * RFC 1521 base64 encoding/decoding
37 *
38- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
39+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
40+ * All rights reserved.
41 *
42- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
43+ * Joined copyright on original XySSL code with: Christophe Devine
44 *
45 * This program is free software; you can redistribute it and/or modify
46 * it under the terms of the GNU General Public License as published by
47@@ -20,7 +21,7 @@
48 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
49 */
50
51-/* $Cambridge: exim/exim-src/src/pdkim/base64.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */
52+/* $Cambridge: exim/exim-src/src/pdkim/base64.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */
53
54 #include "base64.h"
55
56diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/base64.h src/pdkim/base64.h
57--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/base64.h 2009-06-10 09:34:05.000000000 +0200
58+++ src/pdkim/base64.h 2009-12-17 12:17:01.822130396 +0100
59@@ -1,9 +1,10 @@
60 /**
61 * \file base64.h
62 *
63- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
64+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
65+ * All rights reserved.
66 *
67- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
68+ * Joined copyright on original XySSL code with: Christophe Devine
69 *
70 * This program is free software; you can redistribute it and/or modify
71 * it under the terms of the GNU General Public License as published by
72@@ -20,13 +21,13 @@
73 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
74 */
75
76-/* $Cambridge: exim/exim-src/src/pdkim/base64.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */
77+/* $Cambridge: exim/exim-src/src/pdkim/base64.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */
78
79 #ifndef POLARSSL_BASE64_H
80 #define POLARSSL_BASE64_H
81
82-#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x0010
83-#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x0012
84+#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL 0x0010
85+#define POLARSSL_ERR_BASE64_INVALID_CHARACTER 0x0012
86
87 #ifdef __cplusplus
88 extern "C" {
89diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bignum.c src/pdkim/bignum.c
90--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bignum.c 2009-06-10 09:34:05.000000000 +0200
91+++ src/pdkim/bignum.c 2009-12-17 12:17:01.824459747 +0100
92@@ -1,9 +1,10 @@
93 /*
94 * Multi-precision integer library
95 *
96- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
97+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
98+ * All rights reserved.
99 *
100- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
101+ * Joined copyright on original XySSL code with: Christophe Devine
102 *
103 * This program is free software; you can redistribute it and/or modify
104 * it under the terms of the GNU General Public License as published by
105@@ -27,7 +28,8 @@
106 * http://math.libtomcrypt.com/files/tommath.pdf
107 */
108
109-/* $Cambridge: exim/exim-src/src/pdkim/bignum.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */
110+/* $Cambridge: exim/exim-src/src/pdkim/bignum.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */
111+
112
113 #include "bignum.h"
114 #include "bn_mul.h"
115@@ -284,7 +286,15 @@
116
117 MPI_CHK( mpi_get_digit( &d, radix, s[i] ) );
118 MPI_CHK( mpi_mul_int( &T, X, radix ) );
119- MPI_CHK( mpi_add_int( X, &T, d ) );
120+
121+ if( X->s == 1 )
122+ {
123+ MPI_CHK( mpi_add_int( X, &T, d ) );
124+ }
125+ else
126+ {
127+ MPI_CHK( mpi_sub_int( X, &T, d ) );
128+ }
129 }
130 }
131
132@@ -372,6 +382,10 @@
133 else
134 {
135 MPI_CHK( mpi_copy( &T, X ) );
136+
137+ if( T.s == -1 )
138+ T.s = 1;
139+
140 MPI_CHK( mpi_write_hlp( &T, radix, &p ) );
141 }
142
143@@ -674,6 +688,11 @@
144 if( X != A )
145 MPI_CHK( mpi_copy( X, A ) );
146
147+ /*
148+ * X should always be positive as a result of unsigned additions.
149+ */
150+ X->s = 1;
151+
152 for( j = B->n - 1; j >= 0; j-- )
153 if( B->p[j] != 0 )
154 break;
155@@ -747,6 +766,11 @@
156 if( X != A )
157 MPI_CHK( mpi_copy( X, A ) );
158
159+ /*
160+ * X should always be positive as a result of unsigned substractions.
161+ */
162+ X->s = 1;
163+
164 ret = 0;
165
166 for( n = B->n - 1; n >= 0; n-- )
167@@ -1160,6 +1184,9 @@
168 {
169 int ret;
170
171+ if( mpi_cmp_int( B, 0 ) < 0 )
172+ return POLARSSL_ERR_MPI_NEGATIVE_VALUE;
173+
174 MPI_CHK( mpi_div_mpi( NULL, R, A, B ) );
175
176 while( mpi_cmp_int( R, 0 ) < 0 )
177@@ -1185,7 +1212,7 @@
178 return( POLARSSL_ERR_MPI_DIVISION_BY_ZERO );
179
180 if( b < 0 )
181- b = -b;
182+ return POLARSSL_ERR_MPI_NEGATIVE_VALUE;
183
184 /*
185 * handle trivial cases
186@@ -1218,6 +1245,13 @@
187 y -= z * b;
188 }
189
190+ /*
191+ * If A is negative, then the current y represents a negative value.
192+ * Flipping it to the positive side.
193+ */
194+ if( A->s < 0 && y != 0 )
195+ y = b - y;
196+
197 *r = y;
198
199 return( 0 );
200@@ -1474,21 +1508,29 @@
201 */
202 int mpi_gcd( mpi *G, mpi *A, mpi *B )
203 {
204- int ret;
205+ int ret, lz, lzt;
206 mpi TG, TA, TB;
207
208 mpi_init( &TG, &TA, &TB, NULL );
209
210- MPI_CHK( mpi_lset( &TG, 1 ) );
211 MPI_CHK( mpi_copy( &TA, A ) );
212 MPI_CHK( mpi_copy( &TB, B ) );
213
214+ lz = mpi_lsb( &TA );
215+ lzt = mpi_lsb( &TB );
216+
217+ if ( lzt < lz )
218+ lz = lzt;
219+
220+ MPI_CHK( mpi_shift_r( &TA, lz ) );
221+ MPI_CHK( mpi_shift_r( &TB, lz ) );
222+
223 TA.s = TB.s = 1;
224
225 while( mpi_cmp_int( &TA, 0 ) != 0 )
226 {
227- while( ( TA.p[0] & 1 ) == 0 ) MPI_CHK( mpi_shift_r( &TA, 1 ) );
228- while( ( TB.p[0] & 1 ) == 0 ) MPI_CHK( mpi_shift_r( &TB, 1 ) );
229+ MPI_CHK( mpi_shift_r( &TA, mpi_lsb( &TA ) ) );
230+ MPI_CHK( mpi_shift_r( &TB, mpi_lsb( &TB ) ) );
231
232 if( mpi_cmp_mpi( &TA, &TB ) >= 0 )
233 {
234@@ -1502,7 +1544,8 @@
235 }
236 }
237
238- MPI_CHK( mpi_mul_mpi( G, &TG, &TB ) );
239+ MPI_CHK( mpi_shift_l( &TB, lz ) );
240+ MPI_CHK( mpi_copy( G, &TB ) );
241
242 cleanup:
243
244@@ -1511,6 +1554,8 @@
245 return( ret );
246 }
247
248+#if defined(POLARSSL_GENPRIME)
249+
250 /*
251 * Modular inverse: X = A^-1 mod N (HAC 14.61 / 14.64)
252 */
253@@ -1638,7 +1683,11 @@
254 mpi W, R, T, A, RR;
255 unsigned char *p;
256
257- if( mpi_cmp_int( X, 0 ) == 0 )
258+ if( mpi_cmp_int( X, 0 ) == 0 ||
259+ mpi_cmp_int( X, 1 ) == 0 )
260+ return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE );
261+
262+ if( mpi_cmp_int( X, 2 ) == 0 )
263 return( 0 );
264
265 mpi_init( &W, &R, &T, &A, &RR, NULL );
266@@ -1811,3 +1860,5 @@
267
268 return( ret );
269 }
270+
271+#endif
272diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bignum.h src/pdkim/bignum.h
273--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bignum.h 2009-06-10 09:34:05.000000000 +0200
274+++ src/pdkim/bignum.h 2009-12-17 12:17:01.824459747 +0100
275@@ -1,9 +1,10 @@
276 /**
277 * \file bignum.h
278 *
279- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
280+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
281+ * All rights reserved.
282 *
283- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
284+ * Joined copyright on original XySSL code with: Christophe Devine
285 *
286 * This program is free software; you can redistribute it and/or modify
287 * it under the terms of the GNU General Public License as published by
288@@ -20,20 +21,20 @@
289 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
290 */
291
292-/* $Cambridge: exim/exim-src/src/pdkim/bignum.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */
293+/* $Cambridge: exim/exim-src/src/pdkim/bignum.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */
294
295 #ifndef POLARSSL_BIGNUM_H
296 #define POLARSSL_BIGNUM_H
297
298 #include <stdio.h>
299
300-#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002
301-#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004
302-#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006
303-#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008
304-#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A
305-#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C
306-#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E
307+#define POLARSSL_ERR_MPI_FILE_IO_ERROR 0x0002
308+#define POLARSSL_ERR_MPI_BAD_INPUT_DATA 0x0004
309+#define POLARSSL_ERR_MPI_INVALID_CHARACTER 0x0006
310+#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL 0x0008
311+#define POLARSSL_ERR_MPI_NEGATIVE_VALUE 0x000A
312+#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO 0x000C
313+#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE 0x000E
314
315 #define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup
316
317@@ -57,7 +58,9 @@
318 defined(__ia64__) || defined(__alpha__)
319 typedef unsigned int t_dbl __attribute__((mode(TI)));
320 #else
321- typedef unsigned long long t_dbl;
322+ #if defined(POLARSSL_HAVE_LONGLONG)
323+ typedef unsigned long long t_dbl;
324+ #endif
325 #endif
326 #endif
327 #endif
328@@ -91,6 +94,9 @@
329 /**
330 * \brief Enlarge to the specified number of limbs
331 *
332+ * \param X MPI to grow
333+ * \param nblimbs The target number of limbs
334+ *
335 * \return 0 if successful,
336 * 1 if memory allocation failed
337 */
338@@ -99,6 +105,9 @@
339 /**
340 * \brief Copy the contents of Y into X
341 *
342+ * \param X Destination MPI
343+ * \param Y Source MPI
344+ *
345 * \return 0 if successful,
346 * 1 if memory allocation failed
347 */
348@@ -106,12 +115,18 @@
349
350 /**
351 * \brief Swap the contents of X and Y
352+ *
353+ * \param X First MPI value
354+ * \param Y Second MPI value
355 */
356 void mpi_swap( mpi *X, mpi *Y );
357
358 /**
359 * \brief Set value from integer
360 *
361+ * \param X MPI to set
362+ * \param z Value to use
363+ *
364 * \return 0 if successful,
365 * 1 if memory allocation failed
366 */
367@@ -119,25 +134,31 @@
368
369 /**
370 * \brief Return the number of least significant bits
371+ *
372+ * \param X MPI to use
373 */
374 int mpi_lsb( mpi *X );
375
376 /**
377 * \brief Return the number of most significant bits
378+ *
379+ * \param X MPI to use
380 */
381 int mpi_msb( mpi *X );
382
383 /**
384 * \brief Return the total size in bytes
385+ *
386+ * \param X MPI to use
387 */
388 int mpi_size( mpi *X );
389
390 /**
391 * \brief Import from an ASCII string
392 *
393- * \param X destination mpi
394- * \param radix input numeric base
395- * \param s null-terminated string buffer
396+ * \param X Destination MPI
397+ * \param radix Input numeric base
398+ * \param s Null-terminated string buffer
399 *
400 * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
401 */
402@@ -146,10 +167,10 @@
403 /**
404 * \brief Export into an ASCII string
405 *
406- * \param X source mpi
407- * \param radix output numeric base
408- * \param s string buffer
409- * \param slen string buffer size
410+ * \param X Source MPI
411+ * \param radix Output numeric base
412+ * \param s String buffer
413+ * \param slen String buffer size
414 *
415 * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
416 *
417@@ -161,21 +182,21 @@
418 /**
419 * \brief Read X from an opened file
420 *
421- * \param X destination mpi
422- * \param radix input numeric base
423- * \param fin input file handle
424+ * \param X Destination MPI
425+ * \param radix Input numeric base
426+ * \param fin Input file handle
427 *
428 * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
429 */
430 int mpi_read_file( mpi *X, int radix, FILE *fin );
431
432 /**
433- * \brief Write X into an opened file, or stdout
434+ * \brief Write X into an opened file, or stdout if fout is NULL
435 *
436- * \param p prefix, can be NULL
437- * \param X source mpi
438- * \param radix output numeric base
439- * \param fout output file handle
440+ * \param p Prefix, can be NULL
441+ * \param X Source MPI
442+ * \param radix Output numeric base
443+ * \param fout Output file handle (can be NULL)
444 *
445 * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
446 *
447@@ -186,9 +207,9 @@
448 /**
449 * \brief Import X from unsigned binary data, big endian
450 *
451- * \param X destination mpi
452- * \param buf input buffer
453- * \param buflen input buffer size
454+ * \param X Destination MPI
455+ * \param buf Input buffer
456+ * \param buflen Input buffer size
457 *
458 * \return 0 if successful,
459 * 1 if memory allocation failed
460@@ -198,21 +219,21 @@
461 /**
462 * \brief Export X into unsigned binary data, big endian
463 *
464- * \param X source mpi
465- * \param buf output buffer
466- * \param buflen output buffer size
467+ * \param X Source MPI
468+ * \param buf Output buffer
469+ * \param buflen Output buffer size
470 *
471 * \return 0 if successful,
472 * POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough
473- *
474- * \note Call this function with *buflen = 0 to obtain the
475- * minimum required buffer size in *buflen.
476 */
477 int mpi_write_binary( mpi *X, unsigned char *buf, int buflen );
478
479 /**
480 * \brief Left-shift: X <<= count
481 *
482+ * \param X MPI to shift
483+ * \param count Amount to shift
484+ *
485 * \return 0 if successful,
486 * 1 if memory allocation failed
487 */
488@@ -221,6 +242,9 @@
489 /**
490 * \brief Right-shift: X >>= count
491 *
492+ * \param X MPI to shift
493+ * \param count Amount to shift
494+ *
495 * \return 0 if successful,
496 * 1 if memory allocation failed
497 */
498@@ -229,6 +253,9 @@
499 /**
500 * \brief Compare unsigned values
501 *
502+ * \param X Left-hand MPI
503+ * \param Y Right-hand MPI
504+ *
505 * \return 1 if |X| is greater than |Y|,
506 * -1 if |X| is lesser than |Y| or
507 * 0 if |X| is equal to |Y|
508@@ -238,6 +265,9 @@
509 /**
510 * \brief Compare signed values
511 *
512+ * \param X Left-hand MPI
513+ * \param Y Right-hand MPI
514+ *
515 * \return 1 if X is greater than Y,
516 * -1 if X is lesser than Y or
517 * 0 if X is equal to Y
518@@ -247,6 +277,9 @@
519 /**
520 * \brief Compare signed values
521 *
522+ * \param X Left-hand MPI
523+ * \param z The integer value to compare to
524+ *
525 * \return 1 if X is greater than z,
526 * -1 if X is lesser than z or
527 * 0 if X is equal to z
528@@ -256,6 +289,10 @@
529 /**
530 * \brief Unsigned addition: X = |A| + |B|
531 *
532+ * \param X Destination MPI
533+ * \param A Left-hand MPI
534+ * \param B Right-hand MPI
535+ *
536 * \return 0 if successful,
537 * 1 if memory allocation failed
538 */
539@@ -264,6 +301,10 @@
540 /**
541 * \brief Unsigned substraction: X = |A| - |B|
542 *
543+ * \param X Destination MPI
544+ * \param A Left-hand MPI
545+ * \param B Right-hand MPI
546+ *
547 * \return 0 if successful,
548 * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A
549 */
550@@ -272,6 +313,10 @@
551 /**
552 * \brief Signed addition: X = A + B
553 *
554+ * \param X Destination MPI
555+ * \param A Left-hand MPI
556+ * \param B Right-hand MPI
557+ *
558 * \return 0 if successful,
559 * 1 if memory allocation failed
560 */
561@@ -280,6 +325,10 @@
562 /**
563 * \brief Signed substraction: X = A - B
564 *
565+ * \param X Destination MPI
566+ * \param A Left-hand MPI
567+ * \param B Right-hand MPI
568+ *
569 * \return 0 if successful,
570 * 1 if memory allocation failed
571 */
572@@ -288,6 +337,10 @@
573 /**
574 * \brief Signed addition: X = A + b
575 *
576+ * \param X Destination MPI
577+ * \param A Left-hand MPI
578+ * \param b The integer value to add
579+ *
580 * \return 0 if successful,
581 * 1 if memory allocation failed
582 */
583@@ -296,6 +349,10 @@
584 /**
585 * \brief Signed substraction: X = A - b
586 *
587+ * \param X Destination MPI
588+ * \param A Left-hand MPI
589+ * \param b The integer value to subtract
590+ *
591 * \return 0 if successful,
592 * 1 if memory allocation failed
593 */
594@@ -304,6 +361,10 @@
595 /**
596 * \brief Baseline multiplication: X = A * B
597 *
598+ * \param X Destination MPI
599+ * \param A Left-hand MPI
600+ * \param B Right-hand MPI
601+ *
602 * \return 0 if successful,
603 * 1 if memory allocation failed
604 */
605@@ -311,6 +372,12 @@
606
607 /**
608 * \brief Baseline multiplication: X = A * b
609+ * Note: b is an unsigned integer type, thus
610+ * Negative values of b are ignored.
611+ *
612+ * \param X Destination MPI
613+ * \param A Left-hand MPI
614+ * \param b The integer value to multiply with
615 *
616 * \return 0 if successful,
617 * 1 if memory allocation failed
618@@ -320,6 +387,11 @@
619 /**
620 * \brief Division by mpi: A = Q * B + R
621 *
622+ * \param Q Destination MPI for the quotient
623+ * \param R Destination MPI for the rest value
624+ * \param A Left-hand MPI
625+ * \param B Right-hand MPI
626+ *
627 * \return 0 if successful,
628 * 1 if memory allocation failed,
629 * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0
630@@ -331,6 +403,11 @@
631 /**
632 * \brief Division by int: A = Q * b + R
633 *
634+ * \param Q Destination MPI for the quotient
635+ * \param R Destination MPI for the rest value
636+ * \param A Left-hand MPI
637+ * \param b Integer to divide by
638+ *
639 * \return 0 if successful,
640 * 1 if memory allocation failed,
641 * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
642@@ -342,24 +419,40 @@
643 /**
644 * \brief Modulo: R = A mod B
645 *
646+ * \param R Destination MPI for the rest value
647+ * \param A Left-hand MPI
648+ * \param B Right-hand MPI
649+ *
650 * \return 0 if successful,
651 * 1 if memory allocation failed,
652- * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0
653+ * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0,
654+ * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0
655 */
656 int mpi_mod_mpi( mpi *R, mpi *A, mpi *B );
657
658 /**
659 * \brief Modulo: r = A mod b
660 *
661+ * \param a Destination t_int
662+ * \param A Left-hand MPI
663+ * \param b Integer to divide by
664+ *
665 * \return 0 if successful,
666 * 1 if memory allocation failed,
667- * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
668+ * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0,
669+ * POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0
670 */
671 int mpi_mod_int( t_int *r, mpi *A, int b );
672
673 /**
674 * \brief Sliding-window exponentiation: X = A^E mod N
675 *
676+ * \param X Destination MPI
677+ * \param A Left-hand MPI
678+ * \param E Exponent MPI
679+ * \param N Modular MPI
680+ * \param _RR Speed-up MPI used for recalculations
681+ *
682 * \return 0 if successful,
683 * 1 if memory allocation failed,
684 * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even
685@@ -373,6 +466,10 @@
686 /**
687 * \brief Greatest common divisor: G = gcd(A, B)
688 *
689+ * \param G Destination MPI
690+ * \param A Left-hand MPI
691+ * \param B Right-hand MPI
692+ *
693 * \return 0 if successful,
694 * 1 if memory allocation failed
695 */
696@@ -381,13 +478,46 @@
697 /**
698 * \brief Modular inverse: X = A^-1 mod N
699 *
700+ * \param X Destination MPI
701+ * \param A Left-hand MPI
702+ * \param N Right-hand MPI
703+ *
704 * \return 0 if successful,
705 * 1 if memory allocation failed,
706 * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil
707- * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
708+ POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
709 */
710 int mpi_inv_mod( mpi *X, mpi *A, mpi *N );
711
712+/**
713+ * \brief Miller-Rabin primality test
714+ *
715+ * \param X MPI to check
716+ * \param f_rng RNG function
717+ * \param p_rng RNG parameter
718+ *
719+ * \return 0 if successful (probably prime),
720+ * 1 if memory allocation failed,
721+ * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime
722+ */
723+int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng );
724+
725+/**
726+ * \brief Prime number generation
727+ *
728+ * \param X Destination MPI
729+ * \param nbits Required size of X in bits
730+ * \param dh_flag If 1, then (X-1)/2 will be prime too
731+ * \param f_rng RNG function
732+ * \param p_rng RNG parameter
733+ *
734+ * \return 0 if successful (probably prime),
735+ * 1 if memory allocation failed,
736+ * POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
737+ */
738+int mpi_gen_prime( mpi *X, int nbits, int dh_flag,
739+ int (*f_rng)(void *), void *p_rng );
740+
741 #ifdef __cplusplus
742 }
743 #endif
744diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bn_mul.h src/pdkim/bn_mul.h
745--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bn_mul.h 2009-06-10 09:34:05.000000000 +0200
746+++ src/pdkim/bn_mul.h 2009-12-17 12:17:01.824459747 +0100
747@@ -1,9 +1,10 @@
748 /**
749 * \file bn_mul.h
750 *
751- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
752+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
753+ * All rights reserved.
754 *
755- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
756+ * Joined copyright on original XySSL code with: Christophe Devine
757 *
758 * This program is free software; you can redistribute it and/or modify
759 * it under the terms of the GNU General Public License as published by
760@@ -34,7 +35,7 @@
761 * . C, longlong . C, generic
762 */
763
764-/* $Cambridge: exim/exim-src/src/pdkim/bn_mul.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */
765+/* $Cambridge: exim/exim-src/src/pdkim/bn_mul.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */
766
767 #ifndef POLARSSL_BN_MUL_H
768 #define POLARSSL_BN_MUL_H
769@@ -44,105 +45,120 @@
770 #if defined(__GNUC__)
771 #if defined(__i386__)
772
773-#define MULADDC_INIT \
774- asm( "movl %%ebx, %0 " : "=m" (t)); \
775- asm( "movl %0, %%esi " :: "m" (s)); \
776- asm( "movl %0, %%edi " :: "m" (d)); \
777- asm( "movl %0, %%ecx " :: "m" (c)); \
778- asm( "movl %0, %%ebx " :: "m" (b));
779-
780-#define MULADDC_CORE \
781- asm( "lodsl " ); \
782- asm( "mull %ebx " ); \
783- asm( "addl %ecx, %eax " ); \
784- asm( "adcl $0, %edx " ); \
785- asm( "addl (%edi), %eax " ); \
786- asm( "adcl $0, %edx " ); \
787- asm( "movl %edx, %ecx " ); \
788- asm( "stosl " );
789+#define MULADDC_INIT \
790+ asm( " \
791+ movl %%ebx, %0; \
792+ movl %5, %%esi; \
793+ movl %6, %%edi; \
794+ movl %7, %%ecx; \
795+ movl %8, %%ebx; \
796+ "
797+
798+#define MULADDC_CORE \
799+ " \
800+ lodsl; \
801+ mull %%ebx; \
802+ addl %%ecx, %%eax; \
803+ adcl $0, %%edx; \
804+ addl (%%edi), %%eax; \
805+ adcl $0, %%edx; \
806+ movl %%edx, %%ecx; \
807+ stosl; \
808+ "
809
810 #if defined(POLARSSL_HAVE_SSE2)
811
812-#define MULADDC_HUIT \
813- asm( "movd %ecx, %mm1 " ); \
814- asm( "movd %ebx, %mm0 " ); \
815- asm( "movd (%edi), %mm3 " ); \
816- asm( "paddq %mm3, %mm1 " ); \
817- asm( "movd (%esi), %mm2 " ); \
818- asm( "pmuludq %mm0, %mm2 " ); \
819- asm( "movd 4(%esi), %mm4 " ); \
820- asm( "pmuludq %mm0, %mm4 " ); \
821- asm( "movd 8(%esi), %mm6 " ); \
822- asm( "pmuludq %mm0, %mm6 " ); \
823- asm( "movd 12(%esi), %mm7 " ); \
824- asm( "pmuludq %mm0, %mm7 " ); \
825- asm( "paddq %mm2, %mm1 " ); \
826- asm( "movd 4(%edi), %mm3 " ); \
827- asm( "paddq %mm4, %mm3 " ); \
828- asm( "movd 8(%edi), %mm5 " ); \
829- asm( "paddq %mm6, %mm5 " ); \
830- asm( "movd 12(%edi), %mm4 " ); \
831- asm( "paddq %mm4, %mm7 " ); \
832- asm( "movd %mm1, (%edi) " ); \
833- asm( "movd 16(%esi), %mm2 " ); \
834- asm( "pmuludq %mm0, %mm2 " ); \
835- asm( "psrlq $32, %mm1 " ); \
836- asm( "movd 20(%esi), %mm4 " ); \
837- asm( "pmuludq %mm0, %mm4 " ); \
838- asm( "paddq %mm3, %mm1 " ); \
839- asm( "movd 24(%esi), %mm6 " ); \
840- asm( "pmuludq %mm0, %mm6 " ); \
841- asm( "movd %mm1, 4(%edi) " ); \
842- asm( "psrlq $32, %mm1 " ); \
843- asm( "movd 28(%esi), %mm3 " ); \
844- asm( "pmuludq %mm0, %mm3 " ); \
845- asm( "paddq %mm5, %mm1 " ); \
846- asm( "movd 16(%edi), %mm5 " ); \
847- asm( "paddq %mm5, %mm2 " ); \
848- asm( "movd %mm1, 8(%edi) " ); \
849- asm( "psrlq $32, %mm1 " ); \
850- asm( "paddq %mm7, %mm1 " ); \
851- asm( "movd 20(%edi), %mm5 " ); \
852- asm( "paddq %mm5, %mm4 " ); \
853- asm( "movd %mm1, 12(%edi) " ); \
854- asm( "psrlq $32, %mm1 " ); \
855- asm( "paddq %mm2, %mm1 " ); \
856- asm( "movd 24(%edi), %mm5 " ); \
857- asm( "paddq %mm5, %mm6 " ); \
858- asm( "movd %mm1, 16(%edi) " ); \
859- asm( "psrlq $32, %mm1 " ); \
860- asm( "paddq %mm4, %mm1 " ); \
861- asm( "movd 28(%edi), %mm5 " ); \
862- asm( "paddq %mm5, %mm3 " ); \
863- asm( "movd %mm1, 20(%edi) " ); \
864- asm( "psrlq $32, %mm1 " ); \
865- asm( "paddq %mm6, %mm1 " ); \
866- asm( "movd %mm1, 24(%edi) " ); \
867- asm( "psrlq $32, %mm1 " ); \
868- asm( "paddq %mm3, %mm1 " ); \
869- asm( "movd %mm1, 28(%edi) " ); \
870- asm( "addl $32, %edi " ); \
871- asm( "addl $32, %esi " ); \
872- asm( "psrlq $32, %mm1 " ); \
873- asm( "movd %mm1, %ecx " );
874-
875-#define MULADDC_STOP \
876- asm( "emms " ); \
877- asm( "movl %0, %%ebx " :: "m" (t)); \
878- asm( "movl %%ecx, %0 " : "=m" (c)); \
879- asm( "movl %%edi, %0 " : "=m" (d)); \
880- asm( "movl %%esi, %0 " : "=m" (s) :: \
881- "eax", "ecx", "edx", "esi", "edi" );
882+#define MULADDC_HUIT \
883+ " \
884+ movd %%ecx, %%mm1; \
885+ movd %%ebx, %%mm0; \
886+ movd (%%edi), %%mm3; \
887+ paddq %%mm3, %%mm1; \
888+ movd (%%esi), %%mm2; \
889+ pmuludq %%mm0, %%mm2; \
890+ movd 4(%%esi), %%mm4; \
891+ pmuludq %%mm0, %%mm4; \
892+ movd 8(%%esi), %%mm6; \
893+ pmuludq %%mm0, %%mm6; \
894+ movd 12(%%esi), %%mm7; \
895+ pmuludq %%mm0, %%mm7; \
896+ paddq %%mm2, %%mm1; \
897+ movd 4(%%edi), %%mm3; \
898+ paddq %%mm4, %%mm3; \
899+ movd 8(%%edi), %%mm5; \
900+ paddq %%mm6, %%mm5; \
901+ movd 12(%%edi), %%mm4; \
902+ paddq %%mm4, %%mm7; \
903+ movd %%mm1, (%%edi); \
904+ movd 16(%%esi), %%mm2; \
905+ pmuludq %%mm0, %%mm2; \
906+ psrlq $32, %%mm1; \
907+ movd 20(%%esi), %%mm4; \
908+ pmuludq %%mm0, %%mm4; \
909+ paddq %%mm3, %%mm1; \
910+ movd 24(%%esi), %%mm6; \
911+ pmuludq %%mm0, %%mm6; \
912+ movd %%mm1, 4(%%edi); \
913+ psrlq $32, %%mm1; \
914+ movd 28(%%esi), %%mm3; \
915+ pmuludq %%mm0, %%mm3; \
916+ paddq %%mm5, %%mm1; \
917+ movd 16(%%edi), %%mm5; \
918+ paddq %%mm5, %%mm2; \
919+ movd %%mm1, 8(%%edi); \
920+ psrlq $32, %%mm1; \
921+ paddq %%mm7, %%mm1; \
922+ movd 20(%%edi), %%mm5; \
923+ paddq %%mm5, %%mm4; \
924+ movd %%mm1, 12(%%edi); \
925+ psrlq $32, %%mm1; \
926+ paddq %%mm2, %%mm1; \
927+ movd 24(%%edi), %%mm5; \
928+ paddq %%mm5, %%mm6; \
929+ movd %%mm1, 16(%%edi); \
930+ psrlq $32, %%mm1; \
931+ paddq %%mm4, %%mm1; \
932+ movd 28(%%edi), %%mm5; \
933+ paddq %%mm5, %%mm3; \
934+ movd %%mm1, 20(%%edi); \
935+ psrlq $32, %%mm1; \
936+ paddq %%mm6, %%mm1; \
937+ movd %%mm1, 24(%%edi); \
938+ psrlq $32, %%mm1; \
939+ paddq %%mm3, %%mm1; \
940+ movd %%mm1, 28(%%edi); \
941+ addl $32, %%edi; \
942+ addl $32, %%esi; \
943+ psrlq $32, %%mm1; \
944+ movd %%mm1, %%ecx; \
945+ "
946+
947+#define MULADDC_STOP \
948+ " \
949+ emms; \
950+ movl %4, %%ebx; \
951+ movl %%ecx, %1; \
952+ movl %%edi, %2; \
953+ movl %%esi, %3; \
954+ " \
955+ : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
956+ : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
957+ : "eax", "ecx", "edx", "esi", "edi" \
958+ );
959
960 #else
961
962-#define MULADDC_STOP \
963- asm( "movl %0, %%ebx " :: "m" (t)); \
964- asm( "movl %%ecx, %0 " : "=m" (c)); \
965- asm( "movl %%edi, %0 " : "=m" (d)); \
966- asm( "movl %%esi, %0 " : "=m" (s) :: \
967- "eax", "ecx", "edx", "esi", "edi" );
968-
969+#define MULADDC_STOP \
970+ " \
971+ movl %4, %%ebx; \
972+ movl %%ecx, %1; \
973+ movl %%edi, %2; \
974+ movl %%esi, %3; \
975+ " \
976+ : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
977+ : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
978+ : "eax", "ecx", "edx", "esi", "edi" \
979+ );
980 #endif /* SSE2 */
981 #endif /* i386 */
982
983diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/pdkim.c src/pdkim/pdkim.c
984--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/pdkim.c 2009-11-23 13:34:51.000000000 +0100
985+++ src/pdkim/pdkim.c 2009-12-17 12:17:01.824459747 +0100
986@@ -20,7 +20,7 @@
987 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
988 */
989
990-/* $Cambridge: exim/exim-src/src/pdkim/pdkim.c,v 1.11 2009/11/23 12:34:51 nm4 Exp $ */
991+/* $Cambridge: exim/exim-src/src/pdkim/pdkim.c,v 1.12 2009/12/07 13:05:07 tom Exp $ */
992
993 #include <stdlib.h>
994 #include <stdio.h>
995@@ -822,7 +822,7 @@
996 pub->srvtype = strdup(cur_val->str);
997 break;
998 case 't':
999- if (strchr(cur_val->str,'t') != NULL) pub->testing = 1;
1000+ if (strchr(cur_val->str,'y') != NULL) pub->testing = 1;
1001 if (strchr(cur_val->str,'s') != NULL) pub->no_subdomaining = 1;
1002 break;
1003 default:
1004@@ -1304,7 +1304,7 @@
1005 #ifdef PDKIM_DEBUG
1006 if (ctx->debug_stream)
1007 fprintf(ctx->debug_stream,
1008- "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n");
1009+ "\nPDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n");
1010 #endif
1011 }
1012
1013@@ -1494,7 +1494,7 @@
1014
1015 if (rsa_pkcs1_sign( &rsa, RSA_PRIVATE,
1016 ((sig->algo == PDKIM_ALGO_RSA_SHA1)?
1017- RSA_SHA1:RSA_SHA256),
1018+ SIG_RSA_SHA1:SIG_RSA_SHA256),
1019 0,
1020 (unsigned char *)headerhash,
1021 (unsigned char *)sig->sigdata ) != 0) {
1022@@ -1588,7 +1588,7 @@
1023 if (rsa_pkcs1_verify(&rsa,
1024 RSA_PUBLIC,
1025 ((sig->algo == PDKIM_ALGO_RSA_SHA1)?
1026- RSA_SHA1:RSA_SHA256),
1027+ SIG_RSA_SHA1:SIG_RSA_SHA256),
1028 0,
1029 (unsigned char *)headerhash,
1030 (unsigned char *)sig->sigdata) != 0) {
1031diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/rsa.c src/pdkim/rsa.c
1032--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/rsa.c 2009-06-10 09:34:05.000000000 +0200
1033+++ src/pdkim/rsa.c 2009-12-17 12:17:01.824459747 +0100
1034@@ -1,9 +1,10 @@
1035 /*
1036 * The RSA public-key cryptosystem
1037 *
1038- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
1039+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
1040+ * All rights reserved.
1041 *
1042- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
1043+ * Joined copyright on original XySSL code with: Christophe Devine
1044 *
1045 * This program is free software; you can redistribute it and/or modify
1046 * it under the terms of the GNU General Public License as published by
1047@@ -26,7 +27,7 @@
1048 * http://www.cacr.math.uwaterloo.ca/hac/about/chap8.pdf
1049 */
1050
1051-/* $Cambridge: exim/exim-src/src/pdkim/rsa.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */
1052+/* $Cambridge: exim/exim-src/src/pdkim/rsa.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */
1053
1054 #include "rsa.h"
1055 #include "base64.h"
1056@@ -36,6 +37,7 @@
1057 #include <stdio.h>
1058
1059
1060+/* *************** begin copy from x509parse.c ********************/
1061 /*
1062 * ASN.1 DER decoding routines
1063 */
1064@@ -133,6 +135,8 @@
1065
1066 return( ret );
1067 }
1068+/* *************** end copy from x509parse.c ********************/
1069+
1070
1071
1072 /*
1073@@ -159,6 +163,9 @@
1074 */
1075 int rsa_check_pubkey( rsa_context *ctx )
1076 {
1077+ if( !ctx->N.p || !ctx->E.p )
1078+ return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
1079+
1080 if( ( ctx->N.p[0] & 1 ) == 0 ||
1081 ( ctx->E.p[0] & 1 ) == 0 )
1082 return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
1083@@ -185,6 +192,9 @@
1084 if( ( ret = rsa_check_pubkey( ctx ) ) != 0 )
1085 return( ret );
1086
1087+ if( !ctx->P.p || !ctx->Q.p || !ctx->D.p )
1088+ return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
1089+
1090 mpi_init( &PQ, &DE, &P1, &Q1, &H, &I, &G, NULL );
1091
1092 MPI_CHK( mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) );
1093@@ -355,11 +365,11 @@
1094 int mode, int *olen,
1095 unsigned char *input,
1096 unsigned char *output,
1097- int output_max_len)
1098+ int output_max_len)
1099 {
1100 int ret, ilen;
1101 unsigned char *p;
1102- unsigned char buf[512];
1103+ unsigned char buf[1024];
1104
1105 ilen = ctx->len;
1106
1107@@ -397,7 +407,7 @@
1108 }
1109
1110 if (ilen - (int)(p - buf) > output_max_len)
1111- return( POLARSSL_ERR_RSA_OUTPUT_TO_LARGE );
1112+ return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
1113
1114 *olen = ilen - (int)(p - buf);
1115 memcpy( output, p, *olen );
1116@@ -426,24 +436,37 @@
1117
1118 switch( hash_id )
1119 {
1120- case RSA_RAW:
1121+ case SIG_RSA_RAW:
1122 nb_pad = olen - 3 - hashlen;
1123 break;
1124
1125- case RSA_MD2:
1126- case RSA_MD4:
1127- case RSA_MD5:
1128- nb_pad = olen - 3 - 16 - 18;
1129+ case SIG_RSA_MD2:
1130+ case SIG_RSA_MD4:
1131+ case SIG_RSA_MD5:
1132+ nb_pad = olen - 3 - 34;
1133+ break;
1134+
1135+ case SIG_RSA_SHA1:
1136+ nb_pad = olen - 3 - 35;
1137+ break;
1138+
1139+ case SIG_RSA_SHA224:
1140+ nb_pad = olen - 3 - 47;
1141 break;
1142
1143- case RSA_SHA1:
1144- nb_pad = olen - 3 - 20 - 15;
1145+ case SIG_RSA_SHA256:
1146+ nb_pad = olen - 3 - 51;
1147 break;
1148
1149- case RSA_SHA256:
1150- nb_pad = olen - 3 - 32 - 19;
1151+ case SIG_RSA_SHA384:
1152+ nb_pad = olen - 3 - 67;
1153 break;
1154
1155+ case SIG_RSA_SHA512:
1156+ nb_pad = olen - 3 - 83;
1157+ break;
1158+
1159+
1160 default:
1161 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
1162 }
1163@@ -465,34 +488,49 @@
1164
1165 switch( hash_id )
1166 {
1167- case RSA_RAW:
1168+ case SIG_RSA_RAW:
1169 memcpy( p, hash, hashlen );
1170 break;
1171
1172- case RSA_MD2:
1173+ case SIG_RSA_MD2:
1174 memcpy( p, ASN1_HASH_MDX, 18 );
1175 memcpy( p + 18, hash, 16 );
1176 p[13] = 2; break;
1177
1178- case RSA_MD4:
1179+ case SIG_RSA_MD4:
1180 memcpy( p, ASN1_HASH_MDX, 18 );
1181 memcpy( p + 18, hash, 16 );
1182 p[13] = 4; break;
1183
1184- case RSA_MD5:
1185+ case SIG_RSA_MD5:
1186 memcpy( p, ASN1_HASH_MDX, 18 );
1187 memcpy( p + 18, hash, 16 );
1188 p[13] = 5; break;
1189
1190- case RSA_SHA1:
1191+ case SIG_RSA_SHA1:
1192 memcpy( p, ASN1_HASH_SHA1, 15 );
1193 memcpy( p + 15, hash, 20 );
1194 break;
1195
1196- case RSA_SHA256:
1197- memcpy( p, ASN1_HASH_SHA256, 19 );
1198+ case SIG_RSA_SHA224:
1199+ memcpy( p, ASN1_HASH_SHA2X, 19 );
1200+ memcpy( p + 19, hash, 28 );
1201+ p[1] += 28; p[14] = 4; p[18] += 28; break;
1202+
1203+ case SIG_RSA_SHA256:
1204+ memcpy( p, ASN1_HASH_SHA2X, 19 );
1205 memcpy( p + 19, hash, 32 );
1206- break;
1207+ p[1] += 32; p[14] = 1; p[18] += 32; break;
1208+
1209+ case SIG_RSA_SHA384:
1210+ memcpy( p, ASN1_HASH_SHA2X, 19 );
1211+ memcpy( p + 19, hash, 48 );
1212+ p[1] += 48; p[14] = 2; p[18] += 48; break;
1213+
1214+ case SIG_RSA_SHA512:
1215+ memcpy( p, ASN1_HASH_SHA2X, 19 );
1216+ memcpy( p + 19, hash, 64 );
1217+ p[1] += 64; p[14] = 3; p[18] += 64; break;
1218
1219 default:
1220 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
1221@@ -515,7 +553,7 @@
1222 {
1223 int ret, len, siglen;
1224 unsigned char *p, c;
1225- unsigned char buf[512];
1226+ unsigned char buf[1024];
1227
1228 siglen = ctx->len;
1229
1230@@ -562,9 +600,9 @@
1231 if( memcmp( p, ASN1_HASH_MDX, 18 ) != 0 )
1232 return( POLARSSL_ERR_RSA_VERIFY_FAILED );
1233
1234- if( ( c == 2 && hash_id == RSA_MD2 ) ||
1235- ( c == 4 && hash_id == RSA_MD4 ) ||
1236- ( c == 5 && hash_id == RSA_MD5 ) )
1237+ if( ( c == 2 && hash_id == SIG_RSA_MD2 ) ||
1238+ ( c == 4 && hash_id == SIG_RSA_MD4 ) ||
1239+ ( c == 5 && hash_id == SIG_RSA_MD5 ) )
1240 {
1241 if( memcmp( p + 18, hash, 16 ) == 0 )
1242 return( 0 );
1243@@ -573,7 +611,7 @@
1244 }
1245 }
1246
1247- if( len == 35 && hash_id == RSA_SHA1 )
1248+ if( len == 35 && hash_id == SIG_RSA_SHA1 )
1249 {
1250 if( memcmp( p, ASN1_HASH_SHA1, 15 ) == 0 &&
1251 memcmp( p + 15, hash, 20 ) == 0 )
1252@@ -581,17 +619,24 @@
1253 else
1254 return( POLARSSL_ERR_RSA_VERIFY_FAILED );
1255 }
1256-
1257- if( len == 51 && hash_id == RSA_SHA256 )
1258- {
1259- if( memcmp( p, ASN1_HASH_SHA256, 19 ) == 0 &&
1260- memcmp( p + 19, hash, 32 ) == 0 )
1261+ if( ( len == 19 + 28 && p[14] == 4 && hash_id == SIG_RSA_SHA224 ) ||
1262+ ( len == 19 + 32 && p[14] == 1 && hash_id == SIG_RSA_SHA256 ) ||
1263+ ( len == 19 + 48 && p[14] == 2 && hash_id == SIG_RSA_SHA384 ) ||
1264+ ( len == 19 + 64 && p[14] == 3 && hash_id == SIG_RSA_SHA512 ) )
1265+ {
1266+ c = p[1] - 17;
1267+ p[1] = 17;
1268+ p[14] = 0;
1269+
1270+ if( p[18] == c &&
1271+ memcmp( p, ASN1_HASH_SHA2X, 18 ) == 0 &&
1272+ memcmp( p + 19, hash, c ) == 0 )
1273 return( 0 );
1274 else
1275 return( POLARSSL_ERR_RSA_VERIFY_FAILED );
1276 }
1277
1278- if( len == hashlen && hash_id == RSA_RAW )
1279+ if( len == hashlen && hash_id == SIG_RSA_RAW )
1280 {
1281 if( memcmp( p, hash, hashlen ) == 0 )
1282 return( 0 );
1283@@ -613,7 +658,6 @@
1284 &ctx->E, &ctx->N, NULL );
1285 }
1286
1287-
1288 /*
1289 * Parse a public RSA key
1290
1291diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/rsa.h src/pdkim/rsa.h
1292--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/rsa.h 2009-06-10 09:34:05.000000000 +0200
1293+++ src/pdkim/rsa.h 2009-12-17 12:17:01.824459747 +0100
1294@@ -1,9 +1,10 @@
1295 /**
1296 * \file rsa.h
1297 *
1298- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
1299+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
1300+ * All rights reserved.
1301 *
1302- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
1303+ * Joined copyright on original XySSL code with: Christophe Devine
1304 *
1305 * This program is free software; you can redistribute it and/or modify
1306 * it under the terms of the GNU General Public License as published by
1307@@ -20,13 +21,16 @@
1308 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
1309 */
1310
1311-/* $Cambridge: exim/exim-src/src/pdkim/rsa.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */
1312+/* $Cambridge: exim/exim-src/src/pdkim/rsa.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */
1313
1314 #ifndef POLARSSL_RSA_H
1315 #define POLARSSL_RSA_H
1316
1317 #include "bignum.h"
1318
1319+/*
1320+ * RSA Error codes
1321+ */
1322 #define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x0400
1323 #define POLARSSL_ERR_RSA_INVALID_PADDING -0x0410
1324 #define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x0420
1325@@ -34,14 +38,24 @@
1326 #define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x0440
1327 #define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x0450
1328 #define POLARSSL_ERR_RSA_VERIFY_FAILED -0x0460
1329-#define POLARSSL_ERR_RSA_OUTPUT_TO_LARGE -0x0470
1330+#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x0470
1331
1332-#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0014
1333-#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0016
1334-#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0018
1335-#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x001A
1336-#define POLARSSL_ERR_ASN1_INVALID_DATA -0x001C
1337+/* *************** begin copy from x509.h ************************/
1338+/*
1339+ * ASN1 Error codes
1340+ *
1341+ * These error codes will be OR'ed to X509 error codes for
1342+ * higher error granularity.
1343+ */
1344+#define POLARSSL_ERR_ASN1_OUT_OF_DATA 0x0014
1345+#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG 0x0016
1346+#define POLARSSL_ERR_ASN1_INVALID_LENGTH 0x0018
1347+#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH 0x001A
1348+#define POLARSSL_ERR_ASN1_INVALID_DATA 0x001C
1349
1350+/*
1351+ * X509 Error codes
1352+ */
1353 #define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x0020
1354 #define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x0040
1355 #define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x0060
1356@@ -90,15 +104,20 @@
1357 #define ASN1_CONSTRUCTED 0x20
1358 #define ASN1_CONTEXT_SPECIFIC 0x80
1359
1360+/* *************** end copy from x509.h ************************/
1361+
1362 /*
1363 * PKCS#1 constants
1364 */
1365-#define RSA_RAW 0
1366-#define RSA_MD2 2
1367-#define RSA_MD4 3
1368-#define RSA_MD5 4
1369-#define RSA_SHA1 5
1370-#define RSA_SHA256 6
1371+#define SIG_RSA_RAW 0
1372+#define SIG_RSA_MD2 2
1373+#define SIG_RSA_MD4 3
1374+#define SIG_RSA_MD5 4
1375+#define SIG_RSA_SHA1 5
1376+#define SIG_RSA_SHA224 14
1377+#define SIG_RSA_SHA256 11
1378+#define SIG_RSA_SHA384 12
1379+#define SIG_RSA_SHA512 13
1380
1381 #define RSA_PUBLIC 0
1382 #define RSA_PRIVATE 1
1383@@ -109,6 +128,29 @@
1384 #define RSA_SIGN 1
1385 #define RSA_CRYPT 2
1386
1387+#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30"
1388+#define ASN1_STR_NULL "\x05"
1389+#define ASN1_STR_OID "\x06"
1390+#define ASN1_STR_OCTET_STRING "\x04"
1391+
1392+#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00"
1393+#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a"
1394+#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00"
1395+
1396+#define OID_ISO_MEMBER_BODIES "\x2a"
1397+#define OID_ISO_IDENTIFIED_ORG "\x2b"
1398+
1399+/*
1400+ * ISO Member bodies OID parts
1401+ */
1402+#define OID_COUNTRY_US "\x86\x48"
1403+#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d"
1404+
1405+/*
1406+ * ISO Identified organization OID parts
1407+ */
1408+#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a"
1409+
1410 /*
1411 * DigestInfo ::= SEQUENCE {
1412 * digestAlgorithm DigestAlgorithmIdentifier,
1413@@ -118,18 +160,31 @@
1414 *
1415 * Digest ::= OCTET STRING
1416 */
1417-#define ASN1_HASH_MDX \
1418- "\x30\x20\x30\x0C\x06\x08\x2A\x86\x48" \
1419- "\x86\xF7\x0D\x02\x00\x05\x00\x04\x10"
1420-
1421-#define ASN1_HASH_SHA1 \
1422- "\x30\x21\x30\x09\x06\x05\x2B\x0E\x03" \
1423- "\x02\x1A\x05\x00\x04\x14"
1424-
1425-#define ASN1_HASH_SHA256 \
1426- "\x30\x31\x30\x0d\x06\x09\x60\x86\x48" \
1427- "\x01\x65\x03\x04\x02\x01\x05\x00\x04" \
1428- "\x20"
1429+#define ASN1_HASH_MDX \
1430+( \
1431+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \
1432+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \
1433+ ASN1_STR_OID "\x08" \
1434+ OID_DIGEST_ALG_MDX \
1435+ ASN1_STR_NULL "\x00" \
1436+ ASN1_STR_OCTET_STRING "\x10" \
1437+)
1438+
1439+#define ASN1_HASH_SHA1 \
1440+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \
1441+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \
1442+ ASN1_STR_OID "\x05" \
1443+ OID_HASH_ALG_SHA1 \
1444+ ASN1_STR_NULL "\x00" \
1445+ ASN1_STR_OCTET_STRING "\x14"
1446+
1447+#define ASN1_HASH_SHA2X \
1448+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \
1449+ ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \
1450+ ASN1_STR_OID "\x09" \
1451+ OID_HASH_ALG_SHA2X \
1452+ ASN1_STR_NULL "\x00" \
1453+ ASN1_STR_OCTET_STRING "\x00"
1454
1455 /**
1456 * \brief RSA context structure
1457@@ -227,7 +282,8 @@
1458 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
1459 *
1460 * \note This function does NOT take care of message
1461- * padding. Also, be sure to set input[0] = 0.
1462+ * padding. Also, be sure to set input[0] = 0 or assure that
1463+ * input is smaller than N.
1464 *
1465 * \note The input and output buffers must be large
1466 * enough (eg. 128 bytes if RSA-1024 is used).
1467@@ -257,7 +313,7 @@
1468 *
1469 * \param ctx RSA context
1470 * \param mode RSA_PUBLIC or RSA_PRIVATE
1471- * \param ilen contains the the plaintext length
1472+ * \param ilen contains the plaintext length
1473 * \param input buffer holding the data to be encrypted
1474 * \param output buffer that will hold the ciphertext
1475 *
1476@@ -279,7 +335,7 @@
1477 * \param input buffer holding the encrypted data
1478 * \param output buffer that will hold the plaintext
1479 * \param olen will contain the plaintext length
1480- * \param output_max_len maximum length of the output buffer
1481+ * \param output_max_len maximum length of the output buffer
1482 *
1483 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
1484 *
1485@@ -291,15 +347,15 @@
1486 int mode, int *olen,
1487 unsigned char *input,
1488 unsigned char *output,
1489- int output_max_len);
1490+ int output_max_len );
1491
1492 /**
1493 * \brief Do a private RSA to sign a message digest
1494 *
1495 * \param ctx RSA context
1496 * \param mode RSA_PUBLIC or RSA_PRIVATE
1497- * \param hash_id RSA_RAW, RSA_MD{2,4,5} or RSA_SHA{1,256}
1498- * \param hashlen message digest length (for RSA_RAW only)
1499+ * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512}
1500+ * \param hashlen message digest length (for SIG_RSA_RAW only)
1501 * \param hash buffer holding the message digest
1502 * \param sig buffer that will hold the ciphertext
1503 *
1504@@ -321,8 +377,8 @@
1505 *
1506 * \param ctx points to an RSA public key
1507 * \param mode RSA_PUBLIC or RSA_PRIVATE
1508- * \param hash_id RSA_RAW, RSA_MD{2,4,5} or RSA_SHA{1,256}
1509- * \param hashlen message digest length (for RSA_RAW only)
1510+ * \param hash_id SIG_RSA_RAW, RSA_MD{2,4,5} or RSA_SHA{1,256}
1511+ * \param hashlen message digest length (for SIG_RSA_RAW only)
1512 * \param hash buffer holding the message digest
1513 * \param sig buffer holding the ciphertext
1514 *
1515@@ -341,6 +397,8 @@
1516
1517 /**
1518 * \brief Free the components of an RSA key
1519+ *
1520+ * \param ctx RSA Context to free
1521 */
1522 void rsa_free( rsa_context *ctx );
1523
1524diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha1.c src/pdkim/sha1.c
1525--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha1.c 2009-06-10 09:34:05.000000000 +0200
1526+++ src/pdkim/sha1.c 2009-12-17 12:17:01.824459747 +0100
1527@@ -1,9 +1,10 @@
1528 /*
1529 * FIPS-180-1 compliant SHA-1 implementation
1530 *
1531- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
1532+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
1533+ * All rights reserved.
1534 *
1535- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
1536+ * Joined copyright on original XySSL code with: Christophe Devine
1537 *
1538 * This program is free software; you can redistribute it and/or modify
1539 * it under the terms of the GNU General Public License as published by
1540@@ -25,7 +26,7 @@
1541 * http://www.itl.nist.gov/fipspubs/fip180-1.htm
1542 */
1543
1544-/* $Cambridge: exim/exim-src/src/pdkim/sha1.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */
1545+/* $Cambridge: exim/exim-src/src/pdkim/sha1.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */
1546
1547 #include "sha1.h"
1548
1549@@ -310,7 +311,7 @@
1550 /*
1551 * output = SHA-1( input buffer )
1552 */
1553-void sha1_oneshot( unsigned char *input, int ilen, unsigned char output[20] )
1554+void sha1( unsigned char *input, int ilen, unsigned char output[20] )
1555 {
1556 sha1_context ctx;
1557
1558@@ -363,7 +364,7 @@
1559
1560 if( keylen > 64 )
1561 {
1562- sha1_oneshot( key, keylen, sum );
1563+ sha1( key, keylen, sum );
1564 keylen = 20;
1565 key = sum;
1566 }
1567diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha1.h src/pdkim/sha1.h
1568--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha1.h 2009-06-10 09:34:05.000000000 +0200
1569+++ src/pdkim/sha1.h 2009-12-17 12:17:01.824459747 +0100
1570@@ -1,9 +1,10 @@
1571 /**
1572 * \file sha1.h
1573 *
1574- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
1575+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
1576+ * All rights reserved.
1577 *
1578- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
1579+ * Joined copyright on original XySSL code with: Christophe Devine
1580 *
1581 * This program is free software; you can redistribute it and/or modify
1582 * it under the terms of the GNU General Public License as published by
1583@@ -20,7 +21,7 @@
1584 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
1585 */
1586
1587-/* $Cambridge: exim/exim-src/src/pdkim/sha1.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */
1588+/* $Cambridge: exim/exim-src/src/pdkim/sha1.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */
1589
1590 #ifndef POLARSSL_SHA1_H
1591 #define POLARSSL_SHA1_H
1592@@ -28,6 +29,7 @@
1593 /**
1594 * \brief SHA-1 context structure
1595 */
1596+
1597 #ifndef HAVE_SHA1_CONTEXT
1598 #define HAVE_SHA1_CONTEXT
1599 typedef struct sha1_context sha1_context;
1600@@ -43,6 +45,7 @@
1601 unsigned char opad[64]; /*!< HMAC: outer padding */
1602 };
1603
1604+
1605 #ifdef __cplusplus
1606 extern "C" {
1607 #endif
1608@@ -78,7 +81,7 @@
1609 * \param ilen length of the input data
1610 * \param output SHA-1 checksum result
1611 */
1612-void sha1_oneshot( unsigned char *input, int ilen, unsigned char output[20] );
1613+void sha1( unsigned char *input, int ilen, unsigned char output[20] );
1614
1615 /**
1616 * \brief Output = SHA-1( file contents )
1617diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha2.c src/pdkim/sha2.c
1618--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha2.c 2009-06-10 09:34:05.000000000 +0200
1619+++ src/pdkim/sha2.c 2009-12-17 12:17:01.824459747 +0100
1620@@ -1,9 +1,10 @@
1621 /*
1622 * FIPS-180-2 compliant SHA-256 implementation
1623 *
1624- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
1625+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
1626+ * All rights reserved.
1627 *
1628- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
1629+ * Joined copyright on original XySSL code with: Christophe Devine
1630 *
1631 * This program is free software; you can redistribute it and/or modify
1632 * it under the terms of the GNU General Public License as published by
1633@@ -25,7 +26,7 @@
1634 * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
1635 */
1636
1637-/* $Cambridge: exim/exim-src/src/pdkim/sha2.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */
1638+/* $Cambridge: exim/exim-src/src/pdkim/sha2.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */
1639
1640 #include "sha2.h"
1641
1642diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha2.h src/pdkim/sha2.h
1643--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha2.h 2009-06-10 09:34:05.000000000 +0200
1644+++ src/pdkim/sha2.h 2009-12-17 12:17:01.824459747 +0100
1645@@ -1,9 +1,10 @@
1646 /**
1647 * \file sha2.h
1648 *
1649- * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine
1650+ * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org>
1651+ * All rights reserved.
1652 *
1653- * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
1654+ * Joined copyright on original XySSL code with: Christophe Devine
1655 *
1656 * This program is free software; you can redistribute it and/or modify
1657 * it under the terms of the GNU General Public License as published by
1658@@ -20,7 +21,7 @@
1659 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
1660 */
1661
1662-/* $Cambridge: exim/exim-src/src/pdkim/sha2.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */
1663+/* $Cambridge: exim/exim-src/src/pdkim/sha2.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */
1664
1665 #ifndef POLARSSL_SHA2_H
1666 #define POLARSSL_SHA2_H
1667diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/transport.c src/transport.c
1668--- /home/users/arekm/rpm/packages/exim/exim-4.71/src/transport.c 2009-11-16 20:50:37.000000000 +0100
1669+++ src/transport.c 2009-12-17 12:17:01.902130465 +0100
1670@@ -1,4 +1,4 @@
1671-/* $Cambridge: exim/exim-src/src/transport.c,v 1.25 2009/11/16 19:50:37 nm4 Exp $ */
1672+/* $Cambridge: exim/exim-src/src/transport.c,v 1.26 2009/12/15 08:23:15 tom Exp $ */
1673
1674 /*************************************************
1675 * Exim - an Internet mail transport agent *
1676@@ -1034,7 +1034,9 @@
1677 if (dkim_strict_result != NULL) {
1678 if ( (strcmpic(dkim_strict,US"1") == 0) ||
1679 (strcmpic(dkim_strict,US"true") == 0) ) {
1680- save_errno = errno;
1681+ /* Set errno to something halfway meaningful */
1682+ save_errno = EACCES;
1683+ log_write(0, LOG_MAIN, "DKIM: message could not be signed, and dkim_strict is set. Deferring message delivery.");
1684 rc = FALSE;
1685 goto CLEANUP;
1686 }
University of Cambridge Mail Transfer Agent
This page took 0.256749 seconds and 4 git commands to generate.