From: Jeremy Harris Date: Sun, 22 Jan 2017 17:35:08 +0000 (+0000) Subject: DKIM: permit verify of sig blocks that sign other sig blocks. Bug 2014 X-Git-Tag: exim-4_89_RC1~28 X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=eea190173538a3e71a87f174baa190cb22e0e8fb;p=exim.git DKIM: permit verify of sig blocks that sign other sig blocks. Bug 2014 --- diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 156a89f16..a680593d2 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -45,6 +45,10 @@ JH/08 Bug 2016: Fix DKIM verification vs. CHUNKING. Any BDAT commands after processing; with most chunk sizes in use this resulted in an incorrect body hash calculated value. +JH/09 Bug 2014: permit inclusion of a DKIM-Signature header in a received + DKIM signature block, for verification. Although advised against by + standards it is specifically not ruled illegal. + Exim version 4.88 ----------------- diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c index 4309675e6..a77dd5792 100644 --- a/src/src/pdkim/pdkim.c +++ b/src/src/pdkim/pdkim.c @@ -991,9 +991,8 @@ else "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); } - /* every other header is stored for signature verification */ - else - ctx->headers = pdkim_prepend_stringlist(ctx->headers, ctx->cur_header); + /* all headers are stored for signature verification */ + ctx->headers = pdkim_prepend_stringlist(ctx->headers, ctx->cur_header); } BAIL: