| 1 | /* $Cambridge: exim/src/src/dk.c,v 1.2 2005/03/08 16:57:28 ph10 Exp $ */ |
| 2 | |
| 3 | /************************************************* |
| 4 | * Exim - an Internet mail transport agent * |
| 5 | *************************************************/ |
| 6 | |
| 7 | /* Copyright (c) University of Cambridge 1995 - 2005 */ |
| 8 | /* See the file NOTICE for conditions of use and distribution. */ |
| 9 | |
| 10 | /* Code for DomainKeys support. Other DK relevant code is in |
| 11 | receive.c, transport.c and transports/smtp.c */ |
| 12 | |
| 13 | #include "exim.h" |
| 14 | |
| 15 | #ifdef EXPERIMENTAL_DOMAINKEYS |
| 16 | |
| 17 | /* Globals related to the DK reference library. */ |
| 18 | DK *dk_context = NULL; |
| 19 | DK_LIB *dk_lib = NULL; |
| 20 | DK_FLAGS dk_flags; |
| 21 | DK_STAT dk_internal_status; |
| 22 | |
| 23 | /* Globals related to Exim DK implementation. */ |
| 24 | dk_exim_verify_block *dk_verify_block = NULL; |
| 25 | |
| 26 | /* Global char buffer for getc/ungetc functions. We need |
| 27 | to accumulate some chars to be able to match EOD and |
| 28 | doubled SMTP dots. Those must not be fed to the validation |
| 29 | engine. */ |
| 30 | int dkbuff[6] = {256,256,256,256,256,256}; |
| 31 | |
| 32 | /* receive_getc() wrapper that feeds DK while Exim reads |
| 33 | the message. */ |
| 34 | int dk_receive_getc(void) { |
| 35 | int i; |
| 36 | int c = receive_getc(); |
| 37 | |
| 38 | if (dk_context != NULL) { |
| 39 | /* Send oldest byte */ |
| 40 | if ((dkbuff[0] < 256) && (dk_internal_status == DK_STAT_OK)) { |
| 41 | dk_internal_status = dk_message(dk_context, (char *)&dkbuff[0], 1); |
| 42 | if (dk_internal_status != DK_STAT_OK) |
| 43 | DEBUG(D_receive) debug_printf("DK: %s\n", DK_STAT_to_string(dk_internal_status)); |
| 44 | } |
| 45 | /* rotate buffer */ |
| 46 | for (i=0;i<5;i++) dkbuff[i]=dkbuff[i+1]; |
| 47 | dkbuff[5]=c; |
| 48 | /* look for our candidate patterns */ |
| 49 | if ( (dkbuff[1] == '\r') && |
| 50 | (dkbuff[2] == '\n') && |
| 51 | (dkbuff[3] == '.') && |
| 52 | (dkbuff[4] == '\r') && |
| 53 | (dkbuff[5] == '\n') ) { |
| 54 | /* End of DATA */ |
| 55 | dkbuff[3] = 256; |
| 56 | dkbuff[4] = 256; |
| 57 | dkbuff[5] = 256; |
| 58 | } |
| 59 | if ( (dkbuff[2] == '\r') && |
| 60 | (dkbuff[3] == '\n') && |
| 61 | (dkbuff[4] == '.') && |
| 62 | (dkbuff[5] == '.') ) { |
| 63 | /* doubled dot, skip this char */ |
| 64 | dkbuff[5] = 256; |
| 65 | } |
| 66 | } |
| 67 | return c; |
| 68 | } |
| 69 | |
| 70 | /* When exim puts a char back in the fd, we |
| 71 | must rotate our buffer back. */ |
| 72 | int dk_receive_ungetc(int c) { |
| 73 | int i; |
| 74 | if (dk_context != NULL) { |
| 75 | /* rotate buffer back */ |
| 76 | for (i=5;i>0;i--) dkbuff[i]=dkbuff[i-1]; |
| 77 | dkbuff[0]=256; |
| 78 | } |
| 79 | return receive_ungetc(c); |
| 80 | } |
| 81 | |
| 82 | |
| 83 | void dk_exim_verify_init(void) { |
| 84 | int old_pool = store_pool; |
| 85 | store_pool = POOL_PERM; |
| 86 | |
| 87 | /* Reset DK state in any case. */ |
| 88 | dk_context = NULL; |
| 89 | dk_lib = NULL; |
| 90 | dk_verify_block = NULL; |
| 91 | |
| 92 | /* Set up DK context if DK was requested and input is SMTP. */ |
| 93 | if (smtp_input && !smtp_batched_input && dk_do_verify) { |
| 94 | /* initialize library */ |
| 95 | dk_lib = dk_init(&dk_internal_status); |
| 96 | if (dk_internal_status != DK_STAT_OK) |
| 97 | debug_printf("DK: %s\n", DK_STAT_to_string(dk_internal_status)); |
| 98 | else { |
| 99 | /* initialize verification context */ |
| 100 | dk_context = dk_verify(dk_lib, &dk_internal_status); |
| 101 | if (dk_internal_status != DK_STAT_OK) { |
| 102 | debug_printf("DK: %s\n", DK_STAT_to_string(dk_internal_status)); |
| 103 | dk_context = NULL; |
| 104 | } |
| 105 | else { |
| 106 | /* Reserve some space for the verify block. */ |
| 107 | dk_verify_block = store_get(sizeof(dk_exim_verify_block)); |
| 108 | if (dk_verify_block == NULL) { |
| 109 | debug_printf("DK: Can't allocate %d bytes.\n",sizeof(dk_exim_verify_block)); |
| 110 | dk_context = NULL; |
| 111 | } |
| 112 | else { |
| 113 | memset(dk_verify_block, 0, sizeof(dk_exim_verify_block)); |
| 114 | } |
| 115 | } |
| 116 | } |
| 117 | } |
| 118 | store_pool = old_pool; |
| 119 | } |
| 120 | |
| 121 | |
| 122 | void dk_exim_verify_finish(void) { |
| 123 | char *p,*q; |
| 124 | int i; |
| 125 | int old_pool = store_pool; |
| 126 | |
| 127 | /* Bail out if context could not be set up earlier. */ |
| 128 | if (dk_context == NULL) |
| 129 | return; |
| 130 | |
| 131 | store_pool = POOL_PERM; |
| 132 | |
| 133 | /* Send remaining bytes from input which are still in the buffer. */ |
| 134 | for (i=0;i<6;i++) |
| 135 | if (dkbuff[i] < 256) |
| 136 | dk_internal_status = dk_message(dk_context, (char *)&dkbuff[i], 1); |
| 137 | |
| 138 | /* Flag end-of-message. */ |
| 139 | dk_internal_status = dk_end(dk_context, NULL); |
| 140 | |
| 141 | /* Grab address/domain information. */ |
| 142 | p = dk_address(dk_context); |
| 143 | if (p != NULL) { |
| 144 | switch(p[0]) { |
| 145 | case 'N': |
| 146 | dk_verify_block->address_source = DK_EXIM_ADDRESS_NONE; |
| 147 | break; |
| 148 | case 'S': |
| 149 | dk_verify_block->address_source = DK_EXIM_ADDRESS_FROM_SENDER; |
| 150 | break; |
| 151 | case 'F': |
| 152 | dk_verify_block->address_source = DK_EXIM_ADDRESS_FROM_FROM; |
| 153 | break; |
| 154 | } |
| 155 | p++; |
| 156 | if (*p != '\0') { |
| 157 | dk_verify_block->address = string_copy((uschar *)p); |
| 158 | q = strrchr(p,'@'); |
| 159 | if ((q != NULL) && (*(q+1) != '\0')) { |
| 160 | dk_verify_block->domain = string_copy((uschar *)(q+1)); |
| 161 | *q = '\0'; |
| 162 | dk_verify_block->local_part = string_copy((uschar *)p); |
| 163 | } |
| 164 | } |
| 165 | } |
| 166 | |
| 167 | dk_flags = dk_policy(dk_context); |
| 168 | |
| 169 | /* Grab domain policy */ |
| 170 | if (dk_flags & DK_FLAG_SET) { |
| 171 | if (dk_flags & DK_FLAG_TESTING) |
| 172 | dk_verify_block->testing = TRUE; |
| 173 | if (dk_flags & DK_FLAG_SIGNSALL) |
| 174 | dk_verify_block->signsall = TRUE; |
| 175 | } |
| 176 | |
| 177 | /* Set up main result. */ |
| 178 | switch(dk_internal_status) |
| 179 | { |
| 180 | case DK_STAT_NOSIG: |
| 181 | dk_verify_block->is_signed = FALSE; |
| 182 | dk_verify_block->result = DK_EXIM_RESULT_NO_SIGNATURE; |
| 183 | break; |
| 184 | case DK_STAT_OK: |
| 185 | dk_verify_block->is_signed = TRUE; |
| 186 | dk_verify_block->result = DK_EXIM_RESULT_GOOD; |
| 187 | break; |
| 188 | case DK_STAT_BADSIG: |
| 189 | dk_verify_block->is_signed = TRUE; |
| 190 | dk_verify_block->result = DK_EXIM_RESULT_BAD; |
| 191 | break; |
| 192 | case DK_STAT_REVOKED: |
| 193 | dk_verify_block->is_signed = TRUE; |
| 194 | dk_verify_block->result = DK_EXIM_RESULT_REVOKED; |
| 195 | break; |
| 196 | case DK_STAT_BADKEY: |
| 197 | case DK_STAT_SYNTAX: |
| 198 | dk_verify_block->is_signed = TRUE; |
| 199 | /* Syntax -> Bad format? */ |
| 200 | dk_verify_block->result = DK_EXIM_RESULT_BAD_FORMAT; |
| 201 | break; |
| 202 | case DK_STAT_NOKEY: |
| 203 | dk_verify_block->is_signed = TRUE; |
| 204 | dk_verify_block->result = DK_EXIM_RESULT_NO_KEY; |
| 205 | break; |
| 206 | case DK_STAT_NORESOURCE: |
| 207 | case DK_STAT_INTERNAL: |
| 208 | case DK_STAT_ARGS: |
| 209 | case DK_STAT_CANTVRFY: |
| 210 | dk_verify_block->result = DK_EXIM_RESULT_ERR; |
| 211 | break; |
| 212 | /* This is missing DK_EXIM_RESULT_NON_PARTICIPANT. The lib does not |
| 213 | report such a status. */ |
| 214 | } |
| 215 | |
| 216 | /* Set up human readable result string. */ |
| 217 | dk_verify_block->result_string = string_copy((uschar *)DK_STAT_to_string(dk_internal_status)); |
| 218 | |
| 219 | /* All done, reset dk_context. */ |
| 220 | dk_free(dk_context); |
| 221 | dk_context = NULL; |
| 222 | |
| 223 | store_pool = old_pool; |
| 224 | } |
| 225 | |
| 226 | uschar *dk_exim_sign(int dk_fd, |
| 227 | uschar *dk_private_key, |
| 228 | uschar *dk_domain, |
| 229 | uschar *dk_selector, |
| 230 | uschar *dk_canon) { |
| 231 | uschar *rc = NULL; |
| 232 | int dk_canon_int = DK_CANON_SIMPLE; |
| 233 | char c; |
| 234 | int seen_lf = 0; |
| 235 | int seen_lfdot = 0; |
| 236 | uschar sig[1024]; |
| 237 | int save_errno = 0; |
| 238 | int sread; |
| 239 | int old_pool = store_pool; |
| 240 | store_pool = POOL_PERM; |
| 241 | |
| 242 | dk_lib = dk_init(&dk_internal_status); |
| 243 | if (dk_internal_status != DK_STAT_OK) { |
| 244 | debug_printf("DK: %s\n", DK_STAT_to_string(dk_internal_status)); |
| 245 | rc = NULL; |
| 246 | goto CLEANUP; |
| 247 | } |
| 248 | |
| 249 | /* Figure out what canonicalization to use. Unfortunately |
| 250 | we must do this BEFORE knowing which domain we sign for. */ |
| 251 | if ((dk_canon != NULL) && (Ustrcmp(dk_canon, "nofws") == 0)) dk_canon_int = DK_CANON_NOFWS; |
| 252 | else dk_canon = "simple"; |
| 253 | |
| 254 | /* Initialize signing context. */ |
| 255 | dk_context = dk_sign(dk_lib, &dk_internal_status, dk_canon_int); |
| 256 | if (dk_internal_status != DK_STAT_OK) { |
| 257 | debug_printf("DK: %s\n", DK_STAT_to_string(dk_internal_status)); |
| 258 | dk_context = NULL; |
| 259 | goto CLEANUP; |
| 260 | } |
| 261 | |
| 262 | while((sread = read(dk_fd,&c,1)) > 0) { |
| 263 | |
| 264 | if ((c == '.') && seen_lfdot) { |
| 265 | /* escaped dot, write "\n.", continue */ |
| 266 | dk_message(dk_context, "\n.", 2); |
| 267 | seen_lf = 0; |
| 268 | seen_lfdot = 0; |
| 269 | continue; |
| 270 | } |
| 271 | |
| 272 | if (seen_lfdot) { |
| 273 | /* EOM, write "\n" and break */ |
| 274 | dk_message(dk_context, "\n", 1); |
| 275 | break; |
| 276 | } |
| 277 | |
| 278 | if ((c == '.') && seen_lf) { |
| 279 | seen_lfdot = 1; |
| 280 | continue; |
| 281 | } |
| 282 | |
| 283 | if (seen_lf) { |
| 284 | /* normal lf, just send it */ |
| 285 | dk_message(dk_context, "\n", 1); |
| 286 | seen_lf = 0; |
| 287 | } |
| 288 | |
| 289 | if (c == '\n') { |
| 290 | seen_lf = 1; |
| 291 | continue; |
| 292 | } |
| 293 | |
| 294 | /* write the char */ |
| 295 | dk_message(dk_context, &c, 1); |
| 296 | } |
| 297 | |
| 298 | /* Handle failed read above. */ |
| 299 | if (sread == -1) { |
| 300 | debug_printf("DK: Error reading -K file.\n"); |
| 301 | save_errno = errno; |
| 302 | rc = NULL; |
| 303 | goto CLEANUP; |
| 304 | } |
| 305 | |
| 306 | /* Flag end-of-message. */ |
| 307 | dk_internal_status = dk_end(dk_context, NULL); |
| 308 | /* TODO: check status */ |
| 309 | |
| 310 | |
| 311 | /* Get domain to use, unless overridden. */ |
| 312 | if (dk_domain == NULL) { |
| 313 | dk_domain = dk_address(dk_context); |
| 314 | switch(dk_domain[0]) { |
| 315 | case 'N': dk_domain = NULL; break; |
| 316 | case 'F': |
| 317 | case 'S': |
| 318 | dk_domain++; |
| 319 | dk_domain = strrchr(dk_domain,'@'); |
| 320 | if (dk_domain != NULL) { |
| 321 | uschar *p; |
| 322 | dk_domain++; |
| 323 | p = dk_domain; |
| 324 | while (*p != 0) { *p = tolower(*p); p++; } |
| 325 | } |
| 326 | break; |
| 327 | } |
| 328 | if (dk_domain == NULL) { |
| 329 | debug_printf("DK: Could not determine domain to use for signing from message headers.\n"); |
| 330 | /* In this case, we return "OK" by sending up an empty string as the |
| 331 | DomainKey-Signature header. If there is no domain to sign for, we |
| 332 | can send the message anyway since the recipient has no policy to |
| 333 | apply ... */ |
| 334 | rc = ""; |
| 335 | goto CLEANUP; |
| 336 | } |
| 337 | } |
| 338 | else { |
| 339 | dk_domain = expand_string(dk_domain); |
| 340 | if (dk_domain == NULL) { |
| 341 | /* expansion error, do not send message. */ |
| 342 | debug_printf("DK: Error while expanding dk_domain option.\n"); |
| 343 | rc = NULL; |
| 344 | goto CLEANUP; |
| 345 | } |
| 346 | } |
| 347 | |
| 348 | /* Set up $dk_domain expansion variable. */ |
| 349 | dk_signing_domain = dk_domain; |
| 350 | |
| 351 | /* Get selector to use. */ |
| 352 | dk_selector = expand_string(dk_selector); |
| 353 | if (dk_selector == NULL) { |
| 354 | log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand " |
| 355 | "dk_selector: %s", expand_string_message); |
| 356 | rc = NULL; |
| 357 | goto CLEANUP; |
| 358 | } |
| 359 | |
| 360 | /* Set up $dk_selector expansion variable. */ |
| 361 | dk_signing_selector = dk_selector; |
| 362 | |
| 363 | /* Get private key to use. */ |
| 364 | dk_private_key = expand_string(dk_private_key); |
| 365 | if (dk_private_key == NULL) { |
| 366 | log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand " |
| 367 | "dk_private_key: %s", expand_string_message); |
| 368 | rc = NULL; |
| 369 | goto CLEANUP; |
| 370 | } |
| 371 | |
| 372 | if ( (Ustrlen(dk_private_key) == 0) || |
| 373 | (Ustrcmp(dk_private_key,"0") == 0) || |
| 374 | (Ustrcmp(dk_private_key,"false") == 0) ) { |
| 375 | /* don't sign, but no error */ |
| 376 | rc = ""; |
| 377 | goto CLEANUP; |
| 378 | } |
| 379 | |
| 380 | if (dk_private_key[0] == '/') { |
| 381 | int privkey_fd = 0; |
| 382 | /* Looks like a filename, load the private key. */ |
| 383 | memset(big_buffer,0,big_buffer_size); |
| 384 | privkey_fd = open(dk_private_key,O_RDONLY); |
| 385 | read(privkey_fd,big_buffer,16383); |
| 386 | close(privkey_fd); |
| 387 | dk_private_key = big_buffer; |
| 388 | } |
| 389 | |
| 390 | /* Get the signature. */ |
| 391 | dk_internal_status = dk_getsig(dk_context, dk_private_key, sig, 8192); |
| 392 | |
| 393 | /* Check for unuseable key */ |
| 394 | if (dk_internal_status != DK_STAT_OK) { |
| 395 | debug_printf("DK: %s\n", DK_STAT_to_string(dk_internal_status)); |
| 396 | rc = NULL; |
| 397 | goto CLEANUP; |
| 398 | } |
| 399 | |
| 400 | rc = store_get(1024); |
| 401 | /* Build DomainKey-Signature header to return. */ |
| 402 | snprintf(rc, 1024, "DomainKey-Signature: a=rsa-sha1; q=dns; c=%s;\r\n" |
| 403 | "\ts=%s; d=%s;\r\n" |
| 404 | "\tb=%s;\r\n", dk_canon, dk_selector, dk_domain, sig); |
| 405 | |
| 406 | log_write(0, LOG_MAIN, "DK: message signed using a=rsa-sha1; q=dns; c=%s; s=%s; d=%s;", dk_canon, dk_selector, dk_domain); |
| 407 | |
| 408 | CLEANUP: |
| 409 | if (dk_context != NULL) { |
| 410 | dk_free(dk_context); |
| 411 | dk_context = NULL; |
| 412 | } |
| 413 | store_pool = old_pool; |
| 414 | errno = save_errno; |
| 415 | return rc; |
| 416 | } |
| 417 | |
| 418 | #endif |