From c14470c30aa0d41ef018c35043616c703b01f80a Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Wed, 2 Dec 2015 16:48:26 +0000 Subject: [PATCH] DKIM: fix simple body verify for trailing empty lines after text --- src/src/pdkim/pdkim.c | 8 ++-- test/aux-fixed/4502.msg3.txt | 15 +++++++ test/log/4502 | 3 ++ .../4500-Domain-Keys-Identified-Mail/4502 | 39 +++++++++++++++++++ 4 files changed, 61 insertions(+), 4 deletions(-) create mode 100644 test/aux-fixed/4502.msg3.txt diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c index 825a2f996..90a0584fa 100644 --- a/src/src/pdkim/pdkim.c +++ b/src/src/pdkim/pdkim.c @@ -1122,6 +1122,7 @@ pdkim_bodyline_complete(pdkim_ctx *ctx) { char *p = ctx->linebuf; int n = ctx->linebuf_offset; +pdkim_signature *sig = ctx->sig; /*XXX assumes only one sig */ /* Ignore extra data if we've seen the end-of-data marker */ if (ctx->seen_eod) goto BAIL; @@ -1136,7 +1137,8 @@ if (ctx->input_mode == PDKIM_INPUT_SMTP) { /* In simple body mode, if any empty lines were buffered, replace with one. rfc 4871 3.4.3 */ - if ( ctx->sig && ctx->sig->canon_body == PDKIM_CANON_SIMPLE + if ( sig && sig->canon_body == PDKIM_CANON_SIMPLE + && sig->signed_body_bytes == 0 && ctx->num_buffered_crlf > 0 ) pdkim_update_bodyhash(ctx, "\r\n", 2); @@ -1159,9 +1161,7 @@ if (memcmp(p, "\r\n", 2) == 0) goto BAIL; } -if ( ctx->sig - && ctx->sig->canon_body == PDKIM_CANON_RELAXED - ) +if (sig && sig->canon_body == PDKIM_CANON_RELAXED) { /* Lines with just spaces need to be buffered too */ char *check = p; diff --git a/test/aux-fixed/4502.msg3.txt b/test/aux-fixed/4502.msg3.txt new file mode 100644 index 000000000..6ca081c25 --- /dev/null +++ b/test/aux-fixed/4502.msg3.txt @@ -0,0 +1,15 @@ +Received: from xxxxxxxx.sproing.at ([127.0.0.1]:6225 helo=xxxxxxxx.sproing.at) + by yyyyyyyyyy.sproing.at with esmtp (Exim 4.86) + (envelope-from ) + id 1a2FuN-0007pz-HD + for eximdkimtest@sproing.at; Fri, 27 Nov 2015 11:05:39 +0100 +From: +To: +Subject: test +Date: Fri, 27 Nov 2015 11:05:38 +0100 +MIME-Version: 1.0 +Content-Type: text/plain; + +Some content, then two blank lines. + + diff --git a/test/log/4502 b/test/log/4502 index 8745884d5..ab5273ad0 100644 --- a/test/log/4502 +++ b/test/log/4502 @@ -7,3 +7,6 @@ 1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/simple a=rsa-sha1 b=1024 [verification succeeded] 1999-03-02 09:44:33 10HmaY-0005vi-00 signer: test.ex bits: 1024 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss +1999-03-02 09:44:33 10HmaZ-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/simple a=rsa-sha1 b=1024 [verification succeeded] +1999-03-02 09:44:33 10HmaZ-0005vi-00 signer: test.ex bits: 1024 +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss diff --git a/test/scripts/4500-Domain-Keys-Identified-Mail/4502 b/test/scripts/4500-Domain-Keys-Identified-Mail/4502 index 25ebadde3..5e63f129f 100644 --- a/test/scripts/4500-Domain-Keys-Identified-Mail/4502 +++ b/test/scripts/4500-Domain-Keys-Identified-Mail/4502 @@ -85,6 +85,45 @@ Content-Type: text/plain; +. +??? 250 +QUIT +??? 221 +**** +# +# This should pass. +# Mail original in aux-fixed/4502.msg3.txt +# Sig generated by: perl aux-fixed/dkim/sign.pl --method=relaxed < aux_fixed/4502.msg3.txt +client 127.0.0.1 PORT_D +??? 220 +HELO xxx +??? 250 +MAIL FROM: +??? 250 +RCPT TO: +??? 250 +DATA +??? 354 +DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=test.ex; h=from:to:subject + :date:mime-version:content-type; s=sel; bh=nlP/3EB0g/eKjl7+VInpZ + PDwELc=; b=TDZikuksDQgvVnkU+ZD7XZFhkfuf73WV9NcLRp7R/ADkBh2ZWzoKc + 1wST+dRBSt9m27BPx3EeUy1rZHryChKoTDy9XzLqo4mLOH4dC5pU5MWGD+bdtdeC + s3kEaYt3+l+7fsVdHFTu+2WwQUcQlvmUbENRn1k8sbpe9CGPrtvcAg= +Received: from xxxxxxxx.sproing.at ([127.0.0.1]:6225 helo=xxxxxxxx.sproing.at) + by yyyyyyyyyy.sproing.at with esmtp (Exim 4.86) + (envelope-from ) + id 1a2FuN-0007pz-HD + for eximdkimtest@sproing.at; Fri, 27 Nov 2015 11:05:39 +0100 +From: +To: +Subject: test +Date: Fri, 27 Nov 2015 11:05:38 +0100 +MIME-Version: 1.0 +Content-Type: text/plain; + +Some content, then two blank lines. + + . ??? 250 QUIT -- 2.25.1