1 commit 6a11a9e618a72b8d96aecb2ad9aa300b98f8d991
2 Author: Jeremy Harris <jgh146exb@wizmail.org>
3 Date: Sun Nov 29 01:12:38 2015 +0000
5 DKIM: relaxed body canonicalisation should ignore whitespace at EOL
6 and empty lines at EOM. Bug 1721
8 diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
9 index cd79521..de774a2 100644
10 --- a/src/src/pdkim/pdkim.c
11 +++ b/src/src/pdkim/pdkim.c
12 @@ -596,7 +596,7 @@ pdkim_signature *pdkim_parse_sig_header(pdkim_ctx *ctx, char *raw_hdr) {
13 pdkim_strtrim(cur_val);
15 if (ctx->debug_stream)
16 - fprintf(ctx->debug_stream, "%s=%s\n", cur_tag->str, cur_val->str);
17 + fprintf(ctx->debug_stream, " %s=%s\n", cur_tag->str, cur_val->str);
19 switch (cur_tag->str[0]) {
21 @@ -674,7 +674,7 @@ pdkim_signature *pdkim_parse_sig_header(pdkim_ctx *ctx, char *raw_hdr) {
24 if (ctx->debug_stream)
25 - fprintf(ctx->debug_stream, "Unknown tag encountered\n");
26 + fprintf(ctx->debug_stream, " Unknown tag encountered\n");
30 @@ -799,7 +799,7 @@ pdkim_pubkey *pdkim_parse_pubkey_record(pdkim_ctx *ctx, char *raw_record) {
31 pdkim_strtrim(cur_val);
33 if (ctx->debug_stream)
34 - fprintf(ctx->debug_stream, "%s=%s\n", cur_tag->str, cur_val->str);
35 + fprintf(ctx->debug_stream, " %s=%s\n", cur_tag->str, cur_val->str);
37 switch (cur_tag->str[0]) {
39 @@ -833,7 +833,7 @@ pdkim_pubkey *pdkim_parse_pubkey_record(pdkim_ctx *ctx, char *raw_record) {
42 if (ctx->debug_stream)
43 - fprintf(ctx->debug_stream, "Unknown tag encountered\n");
44 + fprintf(ctx->debug_stream, " Unknown tag encountered\n");
48 @@ -925,7 +925,7 @@ int pdkim_update_bodyhash(pdkim_ctx *ctx, const char *data, int len) {
49 sig->signed_body_bytes += canon_len;
51 if (ctx->debug_stream!=NULL)
52 - pdkim_quoteprint(ctx->debug_stream,canon_data,canon_len,0);
53 + pdkim_quoteprint(ctx->debug_stream,canon_data,canon_len,1);
57 @@ -1037,6 +1037,23 @@ int pdkim_bodyline_complete(pdkim_ctx *ctx) {
62 + && ctx->sig->canon_body == PDKIM_CANON_RELAXED) {
63 + /* Lines with just spaces need to be buffered too */
65 + while(memcmp(check,"\r\n",2) != 0) {
68 + if (c != '\t' && c != ' ')
73 + ctx->num_buffered_crlf++;
78 /* At this point, we have a non-empty line, so release the buffered ones. */
79 while (ctx->num_buffered_crlf) {
80 pdkim_update_bodyhash(ctx,"\r\n",2);
81 @@ -1699,7 +1716,7 @@ DLLEXPORT int pdkim_feed_finish(pdkim_ctx *ctx, pdkim_signature **return_signatu
82 if (ctx->debug_stream) {
83 fprintf(ctx->debug_stream,
84 "PDKIM >> Parsing public key record >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n");
85 - fprintf(ctx->debug_stream,"Raw record: ");
86 + fprintf(ctx->debug_stream," Raw record: ");
87 pdkim_quoteprint(ctx->debug_stream, dns_txt_reply, strlen(dns_txt_reply), 1);
90 @@ -1710,7 +1727,7 @@ DLLEXPORT int pdkim_feed_finish(pdkim_ctx *ctx, pdkim_signature **return_signatu
91 sig->verify_ext_status = PDKIM_VERIFY_INVALID_PUBKEY_PARSING;
93 if (ctx->debug_stream) {
94 - fprintf(ctx->debug_stream,"Error while parsing public key record\n");
95 + fprintf(ctx->debug_stream," Error while parsing public key record\n");
96 fprintf(ctx->debug_stream,
97 "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n");
100 commit 9042106b5116fcc621e1c720460a42896011c1cd
101 Author: Jeremy Harris <jgh146exb@wizmail.org>
102 Date: Sun Nov 29 01:36:06 2015 +0000
104 DKIM: fix relaxed body verify for a newline-only body. Bug 963
106 diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
107 index 99948ff..94328f7 100644
108 --- a/src/src/pdkim/pdkim.c
109 +++ b/src/src/pdkim/pdkim.c
110 @@ -987,11 +987,11 @@ int pdkim_finish_bodyhash(pdkim_ctx *ctx) {
113 if (ctx->debug_stream) {
114 - fprintf(ctx->debug_stream, "PDKIM [%s] Body hash did NOT verify\n",
116 fprintf(ctx->debug_stream, "PDKIM [%s] bh signature: ", sig->domain);
117 pdkim_hexprint(ctx->debug_stream, sig->bodyhash,
118 (sig->algo == PDKIM_ALGO_RSA_SHA1)?20:32,1);
119 + fprintf(ctx->debug_stream, "PDKIM [%s] Body hash did NOT verify\n",
123 sig->verify_status = PDKIM_VERIFY_FAIL;
124 @@ -1022,6 +1022,12 @@ int pdkim_bodyline_complete(pdkim_ctx *ctx) {
125 if (ctx->input_mode == PDKIM_INPUT_SMTP) {
126 /* Terminate on EOD marker */
127 if (memcmp(p,".\r\n",3) == 0) {
128 + /* In simple body mode, if any empty lines were buffered,
129 + replace with one. rfc 4871 3.4.3 */
130 + if (ctx->sig && ctx->sig->canon_body == PDKIM_CANON_SIMPLE
131 + && ctx->num_buffered_crlf > 0)
132 + pdkim_update_bodyhash(ctx,"\r\n",2);
138 --- a/src/src/pdkim/pdkim.c~ 2015-12-02 19:18:54.000000000 +0100
139 +++ a/src/src/pdkim/pdkim.c 2015-12-02 19:22:09.149625694 +0100
140 @@ -1096,6 +1096,7 @@
141 int pdkim_bodyline_complete(pdkim_ctx *ctx) {
142 char *p = ctx->linebuf;
143 int n = ctx->linebuf_offset;
144 + pdkim_signature *sig = ctx->sig; /*XXX assumes only one sig */
146 /* Ignore extra data if we've seen the end-of-data marker */
147 if (ctx->seen_eod) goto BAIL;
148 @@ -1108,7 +1109,8 @@
149 if (memcmp(p,".\r\n",3) == 0) {
150 /* In simple body mode, if any empty lines were buffered,
151 replace with one. rfc 4871 3.4.3 */
152 - if (ctx->sig && ctx->sig->canon_body == PDKIM_CANON_SIMPLE
153 + if ( sig && sig->canon_body == PDKIM_CANON_SIMPLE
154 + && sig->signed_body_bytes == 0
155 && ctx->num_buffered_crlf > 0)
156 pdkim_update_bodyhash(ctx,"\r\n",2);
158 @@ -1128,8 +1130,8 @@
163 - && ctx->sig->canon_body == PDKIM_CANON_RELAXED) {
165 + && sig->canon_body == PDKIM_CANON_RELAXED) {
166 /* Lines with just spaces need to be buffered too */
168 while(memcmp(check,"\r\n",2) != 0) {