#include "exim.h"
#ifdef EXPERIMENTAL_DMARC
-# if !defined EXPERIMENTAL_SPF
+# if !defined SUPPORT_SPF
# error SPF must also be enabled for DMARC
# elif defined DISABLE_DKIM
# error DKIM must also be enabled for DMARC
messages on the same SMTP connection (that come from the
same host with the same HELO string) */
-int dmarc_init()
+int
+dmarc_init()
{
int *netmask = NULL; /* Ignored */
int is_ipv6 = 0;
-char *tld_file = (dmarc_tld_file == NULL) ?
- DMARC_TLD_FILE : CS dmarc_tld_file;
+char *tld_file = dmarc_tld_file ? CS dmarc_tld_file : DMARC_TLD_FILE;
/* Set some sane defaults. Also clears previous results when
* multiple messages in one connection. */
dmarc_abort = FALSE;
dmarc_pass_fail = US"skipped";
dmarc_used_domain = US"";
-dmarc_ar_header = NULL;
dmarc_has_been_checked = FALSE;
header_from_sender = NULL;
spf_sender_domain = NULL;
/* dmarc_store_data stores the header data so that subsequent
- * dmarc_process can access the data */
+dmarc_process can access the data */
-int dmarc_store_data(header_line *hdr) {
- /* No debug output because would change every test debug output */
- if (dmarc_disable_verify != TRUE)
- from_header = hdr;
- return OK;
+int
+dmarc_store_data(header_line *hdr)
+{
+/* No debug output because would change every test debug output */
+if (!dmarc_disable_verify)
+ from_header = hdr;
+return OK;
}
}
/* dmarc_process adds the envelope sender address to the existing
- context (if any), retrieves the result, sets up expansion
- strings and evaluates the condition outcome. */
+context (if any), retrieves the result, sets up expansion
+strings and evaluates the condition outcome. */
int
dmarc_process()
/* ACLs have "control=dmarc_disable_verify" */
if (dmarc_disable_verify)
- {
- dmarc_ar_header = dmarc_auth_results_header(from_header, NULL);
return OK;
- }
/* Store the header From: sender domain for this part of DMARC.
* If there is no from_header struct, then it's likely this message
while (sig)
{
int dkim_result, dkim_ares_result, vs, ves;
- vs = sig->verify_status;
+ vs = sig->verify_status & ~PDKIM_VERIFY_POLICY;
ves = sig->verify_ext_status;
dkim_result = vs == PDKIM_VERIFY_PASS ? DMARC_POLICY_DKIM_OUTCOME_PASS :
vs == PDKIM_VERIFY_FAIL ? DMARC_POLICY_DKIM_OUTCOME_FAIL :
log_write(0, LOG_MAIN|LOG_PANIC, "failure to read DMARC alignment: %s",
opendmarc_policy_status_to_str(libdm_status));
- if (has_dmarc_record == TRUE)
+ if (has_dmarc_record)
{
log_write(0, LOG_MAIN, "DMARC results: spf_domain=%s dmarc_domain=%s "
"spf_align=%s dkim_align=%s enforcement='%s'",
}
}
-/* set some global variables here */
-dmarc_ar_header = dmarc_auth_results_header(from_header, NULL);
-
/* shut down libopendmarc */
-if ( dmarc_pctx != NULL )
+if (dmarc_pctx)
(void) opendmarc_policy_connect_shutdown(dmarc_pctx);
-if ( dmarc_disable_verify == FALSE )
+if (!dmarc_disable_verify)
(void) opendmarc_policy_library_shutdown(&dmarc_ctx);
return OK;
history_file_fd = log_create(dmarc_history_file);
if (history_file_fd < 0)
-{
+ {
log_write(0, LOG_MAIN|LOG_PANIC, "failure to create DMARC history file: %s",
dmarc_history_file);
return DMARC_HIST_FILE_ERR;
-}
+ }
/* Generate the contents of the history file */
history_buffer = string_sprintf(
return DMARC_HIST_OK;
}
+
uschar *
dmarc_exim_expand_query(int what)
{
if (dmarc_disable_verify || !dmarc_pctx)
return dmarc_exim_expand_defaults(what);
-switch(what)
- {
- case DMARC_VERIFY_STATUS:
- return(dmarc_status);
- default:
- return US"";
- }
+if (what == DMARC_VERIFY_STATUS)
+ return dmarc_status;
+return US"";
}
uschar *
dmarc_exim_expand_defaults(int what)
{
-switch(what)
- {
- case DMARC_VERIFY_STATUS:
- return dmarc_disable_verify ? US"off" : US"none";
- default:
- return US"";
- }
+if (what == DMARC_VERIFY_STATUS)
+ return dmarc_disable_verify ? US"off" : US"none";
+return US"";
}
-uschar *
-dmarc_auth_results_header(header_line *from_header, uschar *hostname)
-{
-uschar *hdr_tmp = US"";
-
-/* Allow a server hostname to be passed to this function, but is
- * currently unused */
-if (!hostname)
- hostname = primary_hostname;
-hdr_tmp = string_sprintf("%s %s;", DMARC_AR_HEADER, hostname);
-
-#if 0
-/* I don't think this belongs here, but left it here commented out
- * because it was a lot of work to get working right. */
-if (spf_response != NULL) {
- uschar *dmarc_ar_spf = US"";
- int sr = 0;
- sr = spf_response->result;
- dmarc_ar_spf = (sr == SPF_RESULT_NEUTRAL) ? US"neutral" :
- (sr == SPF_RESULT_PASS) ? US"pass" :
- (sr == SPF_RESULT_FAIL) ? US"fail" :
- (sr == SPF_RESULT_SOFTFAIL) ? US"softfail" :
- US"none";
- hdr_tmp = string_sprintf("%s spf=%s (%s) smtp.mail=%s;",
- hdr_tmp, dmarc_ar_spf_result,
- spf_response->header_comment,
- expand_string(US"$sender_address") );
-}
-#endif
-hdr_tmp = string_sprintf("%s dmarc=%s", hdr_tmp, dmarc_pass_fail);
+gstring *
+authres_dmarc(gstring * g)
+{
+g = string_append(g, 2, US";\n\tdmarc=", dmarc_pass_fail);
if (header_from_sender)
- hdr_tmp = string_sprintf("%s header.from=%s",
- hdr_tmp, header_from_sender);
-return hdr_tmp;
+ g = string_append(g, 2, US"header.from=", header_from_sender);
+return g;
}
-# endif /* EXPERIMENTAL_SPF */
+# endif /* SUPPORT_SPF */
#endif /* EXPERIMENTAL_DMARC */
/* vi: aw ai sw=2
*/
projects / exim.git / blobdiff