arc_set * as;
int inst;
BOOL ams_fail_found = FALSE;
-uschar * ret = NULL;
if (!(as = ctx->arcset_chain))
return US"none";
arc_received = ctx->arcset_chain_last;
arc_received_instance = inst;
-if (ret)
- return ret;
/* We can skip the latest-AMS validation, if we already did it. */
as = ctx->arcset_chain_last;
-if (as->ams_verify_done && !as->ams_verify_passed)
+if (!as->ams_verify_passed)
{
- arc_state_reason = as->ams_verify_done;
- return US"fail";
+ if (as->ams_verify_done)
+ {
+ arc_state_reason = as->ams_verify_done;
+ return US"fail";
+ }
+ if (!!arc_ams_verify(ctx, as))
+ return US"fail";
}
-if (!!arc_ams_verify(ctx, as))
- return US"fail";
-
return NULL;
}
if ( (errstr = exim_dkim_signing_init(privkey, &sctx))
|| (errstr = exim_dkim_sign(&sctx, hm, &hhash, sig)))
{
- log_write(0, LOG_MAIN|LOG_PANIC, "ARC: %s signing: %s\n", why, errstr);
+ log_write(0, LOG_MAIN, "ARC: %s signing: %s\n", why, errstr);
return FALSE;
}
return TRUE;
if ( !*identity | !*selector
|| !(privkey = string_nextinlist(&signspec, &sep, NULL, 0)) || !*privkey)
{
- log_write(0, LOG_MAIN|LOG_PANIC, "ARC: bad signing-specification (%s)",
+ log_write(0, LOG_MAIN, "ARC: bad signing-specification (%s)",
!*identity ? "identity" : !*selector ? "selector" : "private-key");
- return NULL;
+ return sigheaders ? sigheaders : string_get(0);
}
if (*privkey == '/' && !(privkey = expand_file_big_buffer(privkey)))
- return NULL;
+ return sigheaders ? sigheaders : string_get(0);
DEBUG(D_transport) debug_printf("ARC: sign for %s\n", identity);
if ((rheaders = arc_sign_scan_headers(&arc_sign_ctx, sigheaders)))
{
hdr_rlist ** rp;
- for (rp = &rheaders; *rp; ) rp = &(*rp)->prev;
- *rp = headers_rlist;
- headers_rlist = rheaders;
+ for (rp = &headers_rlist; *rp; ) rp = &(*rp)->prev;
+ *rp = rheaders;
}
-else
- rheaders = headers_rlist;
/* Finally, build a normal-order headers list */
/*XXX only needed for hunt-the-AR? */
+/*XXX also, we really should be accepting any number of ADMD-matching ARs */
{
header_line * hnext = NULL;
- for (; rheaders; hnext = rheaders->h, rheaders = rheaders->prev)
+ for (rheaders = headers_rlist; rheaders;
+ hnext = rheaders->h, rheaders = rheaders->prev)
rheaders->h->next = hnext;
headers = hnext;
}
if (!(arc_sign_find_ar(headers, identity, &ar)))
{
- log_write(0, LOG_MAIN|LOG_PANIC, "ARC: no Authentication-Results header for signing");
+ log_write(0, LOG_MAIN, "ARC: no Authentication-Results header for signing");
return sigheaders ? sigheaders : string_get(0);
}