DKIM: fix relaxed body verify for a newline-only body. Bug 963
authorJeremy Harris <jgh146exb@wizmail.org>
Sun, 29 Nov 2015 01:36:06 +0000 (01:36 +0000)
committerJeremy Harris <jgh146exb@wizmail.org>
Sun, 29 Nov 2015 22:56:04 +0000 (22:56 +0000)
src/src/pdkim/pdkim.c
test/aux-fixed/4502.msg2.txt [new file with mode: 0644]
test/log/4502
test/scripts/4500-Domain-Keys-Identified-Mail/4502

index 99948ff..94328f7 100644 (file)
@@ -987,11 +987,11 @@ int pdkim_finish_bodyhash(pdkim_ctx *ctx) {
       else {
         #ifdef PDKIM_DEBUG
         if (ctx->debug_stream) {
-          fprintf(ctx->debug_stream, "PDKIM [%s] Body hash did NOT verify\n",
-                  sig->domain);
           fprintf(ctx->debug_stream, "PDKIM [%s] bh signature: ", sig->domain);
           pdkim_hexprint(ctx->debug_stream, sig->bodyhash,
                            (sig->algo == PDKIM_ALGO_RSA_SHA1)?20:32,1);
+          fprintf(ctx->debug_stream, "PDKIM [%s] Body hash did NOT verify\n",
+                  sig->domain);
         }
         #endif
         sig->verify_status     = PDKIM_VERIFY_FAIL;
@@ -1022,6 +1022,12 @@ int pdkim_bodyline_complete(pdkim_ctx *ctx) {
   if (ctx->input_mode == PDKIM_INPUT_SMTP) {
     /* Terminate on EOD marker */
     if (memcmp(p,".\r\n",3) == 0) {
+      /* In simple body mode, if any empty lines were buffered,
+      replace with one. rfc 4871 3.4.3 */
+      if (ctx->sig && ctx->sig->canon_body == PDKIM_CANON_SIMPLE
+        && ctx->num_buffered_crlf > 0)
+       pdkim_update_bodyhash(ctx,"\r\n",2);
+
       ctx->seen_eod = 1;
       goto BAIL;
     }
diff --git a/test/aux-fixed/4502.msg2.txt b/test/aux-fixed/4502.msg2.txt
new file mode 100644 (file)
index 0000000..d0eabc4
--- /dev/null
@@ -0,0 +1,17 @@
+Received: from xxxxxxxx.sproing.at ([127.0.0.1]:6225 helo=xxxxxxxx.sproing.at)
+       by yyyyyyyyyy.sproing.at with esmtp (Exim 4.86)
+       (envelope-from <postmaster@sproing.at>)
+       id 1a2FuN-0007pz-HD
+       for eximdkimtest@sproing.at; Fri, 27 Nov 2015 11:05:39 +0100
+From: <postmaster@test.ex>
+To: <eximdkimtest@sproing.at>
+Subject: test
+Date: Fri, 27 Nov 2015 11:05:38 +0100
+MIME-Version: 1.0
+Content-Type: text/plain;
+
+
+
+
+
+
index 1e6be43..eff4be0 100644 (file)
@@ -3,3 +3,5 @@
 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
 1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha1 [verification succeeded]
 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss id=564CFC9B.1040905@yahoo.com
+1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/simple a=rsa-sha1 [verification succeeded]
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss
index 9f6d62f..25ebadd 100644 (file)
@@ -50,6 +50,47 @@ QUIT
 ??? 221
 ****
 #
+# This should pass.
+# Mail original in aux-fixed/4502.msg2.txt
+# Sig generated by:  perl aux-fixed/dkim/sign.pl --method=relaxed < aux_fixed/4502.msg2.txt
+client 127.0.0.1 PORT_D
+??? 220
+HELO xxx
+??? 250
+MAIL FROM:<CALLER@bloggs.com>
+??? 250
+RCPT TO:<a@test.ex>
+??? 250
+DATA
+??? 354
+DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=test.ex; h=from:to:subject
+       :date:mime-version:content-type; s=sel; bh=uoq1oCgLlTqpdDX/iUbLy
+       7J1Wic=; b=R8INFWPcNpQCsFaaflR6DMlxeSiNyJzOhC6cd56blJf1Ko4pgXnPP
+       /iZk1GVEUVvrCg/PUSQZGbXfukFf3iiPeKuq3xLtFHLZ23BcWTBUTK/mBPNQrB6p
+       YSQAYzZC/3x4DzTlkqgQgBcm78x8SkO2TdaUK/3Ja6HloNp2spUgLQ=
+Received: from xxxxxxxx.sproing.at ([127.0.0.1]:6225 helo=xxxxxxxx.sproing.at)
+       by yyyyyyyyyy.sproing.at with esmtp (Exim 4.86)
+       (envelope-from <postmaster@sproing.at>)
+       id 1a2FuN-0007pz-HD
+       for eximdkimtest@sproing.at; Fri, 27 Nov 2015 11:05:39 +0100
+From: <postmaster@test.ex>
+To: <eximdkimtest@sproing.at>
+Subject: test
+Date: Fri, 27 Nov 2015 11:05:38 +0100
+MIME-Version: 1.0
+Content-Type: text/plain;
+
+
+
+
+
+
+.
+??? 250
+QUIT
+??? 221
+****
+#
 killdaemon
 no_stdout_check
 no_msglog_check