dns_scan dnss;
dns_record *rr;
+ lookup_dnssec_authenticated = NULL;
if (dns_lookup(&dnsa, (uschar *)name, T_TXT, NULL) != DNS_SUCCEED) return PDKIM_FAIL;
/* Search for TXT record */
"%.*s", (int)len, (char *)((rr->data)+rr_offset));
rr_offset+=len;
answer_offset+=len;
+ if (answer_offset >= PDKIM_DNS_TXT_MAX_RECLEN) {
+ return PDKIM_FAIL;
+ }
}
}
else return PDKIM_FAIL;
}
-uschar *dkim_exim_sign(int dkim_fd,
- uschar *dkim_private_key,
- uschar *dkim_domain,
- uschar *dkim_selector,
- uschar *dkim_canon,
- uschar *dkim_sign_headers) {
+uschar *
+dkim_exim_sign(int dkim_fd, uschar *dkim_private_key,
+ const uschar *dkim_domain, uschar *dkim_selector,
+ uschar *dkim_canon, uschar *dkim_sign_headers)
+{
int sep = 0;
uschar *seen_items = NULL;
int seen_items_size = 0;
store_pool = POOL_MAIN;
- dkim_domain = expand_string(dkim_domain);
+ dkim_domain = expand_cstring(dkim_domain);
if (dkim_domain == NULL) {
/* expansion error, do not send message. */
log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand "
/* Only sign once for each domain, no matter how often it
appears in the expanded list. */
if (seen_items != NULL) {
- uschar *seen_items_list = seen_items;
+ const uschar *seen_items_list = seen_items;
if (match_isinlist(dkim_signing_domain,
&seen_items_list,0,NULL,NULL,MCL_STRING,TRUE,NULL) == OK)
continue;
rc = NULL;
goto CLEANUP;
}
- (void)read(privkey_fd,big_buffer,(big_buffer_size-2));
+ if (read(privkey_fd,big_buffer,(big_buffer_size-2)) < 0) {
+ log_write(0, LOG_MAIN|LOG_PANIC, "unable to read private key file: %s",
+ dkim_private_key_expanded);
+ rc = NULL;
+ goto CLEANUP;
+ }
(void)close(privkey_fd);
dkim_private_key_expanded = big_buffer;
}
projects / exim.git / blobdiff