DKIM: permit verify of sig blocks that sign other sig blocks. Bug 2014

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 156a89f168d4baefa673622d9b73cbd282f1d563..a680593d29eec9e1d7f0d4fb49677b8a9cced88b 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -45,6 +45,10 @@ JH/08 Bug 2016: Fix DKIM verification vs. CHUNKING.  Any BDAT commands after
       processing; with most chunk sizes in use this resulted in an incorrect
       body hash calculated value.
 
+JH/09 Bug 2014: permit inclusion of a DKIM-Signature header in a received
+      DKIM signature block, for verification.  Although advised against by
+      standards it is specifically not ruled illegal.
+
 
 Exim version 4.88
 -----------------

diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
index 4309675e6d86f48bc55b297cd5388a2895ac26af..a77dd5792322a96ccece9b5c326dd6d1c8c64e4e 100644 (file)
--- a/src/src/pdkim/pdkim.c
+++ b/src/src/pdkim/pdkim.c
@@ -991,9 +991,8 @@ else
          "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n");
     }
 
-  /* every other header is stored for signature verification */
-  else
-    ctx->headers = pdkim_prepend_stringlist(ctx->headers, ctx->cur_header);
+  /* all headers are stored for signature verification */
+  ctx->headers = pdkim_prepend_stringlist(ctx->headers, ctx->cur_header);
   }
 
 BAIL: