[exim-cvs] cvs commit: exim/exim-src/src dkim.c expand.c glo…

Top Pagina
Delete this message
Reply to this message
Auteur: Tom Kistner
Datum:  
Aan: exim-cvs
Onderwerp: [exim-cvs] cvs commit: exim/exim-src/src dkim.c expand.c globals.c globals.h macros.h readconf.c receive.c smtp_in.c spool_in.c exim/exim-src/src/pdkim pdkim.c
tom 2009/05/27 18:26:55 BST

  Modified files:        (Branch: DEVEL_PDKIM)
    exim-src/src         dkim.c expand.c globals.c globals.h 
                         macros.h readconf.c receive.c smtp_in.c 
                         spool_in.c 
    exim-src/src/pdkim   pdkim.c 
  Log:
  Add some more glue code for the DKIM acl


  Revision  Changes    Path
  1.1.2.13  +20 -3     exim/exim-src/src/dkim.c
  1.97.2.2  +2 -0      exim/exim-src/src/expand.c
  1.81.2.5  +7 -1      exim/exim-src/src/globals.c
  1.62.2.4  +9 -5      exim/exim-src/src/globals.h
  1.37.2.1  +1 -0      exim/exim-src/src/macros.h
  1.1.2.17  +1 -1      exim/exim-src/src/pdkim/pdkim.c
  1.35.2.2  +3 -0      exim/exim-src/src/readconf.c
  1.45.2.4  +40 -2     exim/exim-src/src/receive.c
  1.63.2.4  +1 -0      exim/exim-src/src/smtp_in.c
  1.23.2.4  +1 -0      exim/exim-src/src/spool_in.c


  Index: dkim.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/Attic/dkim.c,v
  retrieving revision 1.1.2.12
  retrieving revision 1.1.2.13
  diff -u -r1.1.2.12 -r1.1.2.13
  --- dkim.c    20 May 2009 14:30:14 -0000    1.1.2.12
  +++ dkim.c    27 May 2009 17:26:54 -0000    1.1.2.13
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/dkim.c,v 1.1.2.12 2009/05/20 14:30:14 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/dkim.c,v 1.1.2.13 2009/05/27 17:26:54 tom Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -79,6 +79,9 @@



void dkim_exim_verify_finish(void) {
+ int dkim_signing_domains_size = 0;
+ int dkim_signing_domains_ptr = 0;
+ dkim_signing_domains = NULL;

     /* Delete eventual previous signature chain */
     dkim_signatures = NULL;
  @@ -96,10 +99,11 @@
     /* Finish DKIM operation and fetch link to signatures chain */
     if (pdkim_feed_finish(dkim_verify_ctx,&dkim_signatures) != PDKIM_OK) return;


  -  /* Log a line for each signature */
  +
     while (dkim_signatures != NULL) {
       int size = 0;
       int ptr = 0;
  +    /* Log a line for each signature */
       uschar *logmsg = string_append(NULL, &size, &ptr, 5,


         string_sprintf( "DKIM: d=%s s=%s c=%s/%s a=%s ",
  @@ -109,7 +113,6 @@
                         (dkim_signatures->canon_body    == PDKIM_CANON_SIMPLE)?"simple":"relaxed",
                         (dkim_signatures->algo          == PDKIM_ALGO_RSA_SHA256)?"rsa-sha256":"rsa-sha1"
                       ),
  -
         ((dkim_signatures->identity != NULL)?
           string_sprintf("i=%s ", dkim_signatures->identity)
           :
  @@ -173,9 +176,23 @@
       logmsg[ptr] = '\0';
       log_write(0, LOG_MAIN, (char *)logmsg);


  -    /* Log next signature */
  +    /* Build a colon-separated list of signing domains in dkim_signing_domains */
  +    dkim_signing_domains = string_append(dkim_signing_domains,
  +                                         &dkim_signing_domains_size,
  +                                         &dkim_signing_domains_ptr,
  +                                         2,
  +                                         dkim_signatures->domain,
  +                                         ":")
  +                                        );
  +
  +    /* Process next signature */
       dkim_signatures = dkim_signatures->next;
     }
  +
  +  /* Chop the last colon from the domain list */
  +  if ((dkim_signing_domains != NULL) &&
  +      (Ustrlen(dkim_signing_domains) > 0))
  +    dkim_signing_domains[strlen(dkim_signing_domains)-1] = '\0';
   }




  Index: expand.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/expand.c,v
  retrieving revision 1.97.2.1
  retrieving revision 1.97.2.2
  diff -u -r1.97.2.1 -r1.97.2.2
  --- expand.c    24 Feb 2009 15:57:55 -0000    1.97.2.1
  +++ expand.c    27 May 2009 17:26:54 -0000    1.97.2.2
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/expand.c,v 1.97.2.1 2009/02/24 15:57:55 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/expand.c,v 1.97.2.2 2009/05/27 17:26:54 tom Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -404,6 +404,7 @@
   #ifndef DISABLE_DKIM
     { "dkim_domain",         vtype_stringptr,   &dkim_signing_domain },
     { "dkim_selector",       vtype_stringptr,   &dkim_signing_selector },
  +  { "dkim_signing_domains",vtype_stringptr,   &dkim_signing_domains },
   #endif
     { "dnslist_domain",      vtype_stringptr,   &dnslist_domain },
     { "dnslist_matched",     vtype_stringptr,   &dnslist_matched },
  @@ -1544,6 +1545,7 @@
         sprintf(CS var_buffer, "%d", inodes);
         }
       return var_buffer;
  +
       }
     }



  Index: globals.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/globals.c,v
  retrieving revision 1.81.2.4
  retrieving revision 1.81.2.5
  diff -u -r1.81.2.4 -r1.81.2.5
  --- globals.c    20 May 2009 14:30:14 -0000    1.81.2.4
  +++ globals.c    27 May 2009 17:26:54 -0000    1.81.2.5
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/globals.c,v 1.81.2.4 2009/05/20 14:30:14 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/globals.c,v 1.81.2.5 2009/05/27 17:26:54 tom Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -182,6 +182,9 @@
   uschar *acl_smtp_auth          = NULL;
   uschar *acl_smtp_connect       = NULL;
   uschar *acl_smtp_data          = NULL;
  +#ifndef DISABLE_DKIM
  +uschar *acl_smtp_dkim          = NULL;
  +#endif
   uschar *acl_smtp_etrn          = NULL;
   uschar *acl_smtp_expn          = NULL;
   uschar *acl_smtp_helo          = NULL;
  @@ -210,6 +213,7 @@
                                      US"MAIL",
                                      US"PREDATA",
                                      US"MIME",
  +                                   US"DKIM",
                                      US"DATA",
                                      US"non-SMTP",
                                      US"AUTH",
  @@ -229,6 +233,7 @@
                                      US"550",     /* MAIL */
                                      US"550",     /* PREDATA */
                                      US"550",     /* MIME */
  +                                   US"550",     /* DKIM */
                                      US"550",     /* DATA */
                                      US"0",       /* not SMTP; not relevant */
                                      US"503",     /* AUTH */
  @@ -527,9 +532,10 @@
   BOOL    disable_logging        = FALSE;


   #ifndef DISABLE_DKIM
  +uschar *dkim_signing_domains     = NULL;
   uschar *dkim_signing_domain      = NULL;
   uschar *dkim_signing_selector    = NULL;
  -uschar *dkim_verify_domains      = US"@dkim_signed";
  +uschar *dkim_verify_domains      = US"$dkim_signing_domains";
   BOOL    dkim_collect_input       = FALSE;
   BOOL    dkim_disable_verify      = FALSE;
   #endif


  Index: globals.h
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/globals.h,v
  retrieving revision 1.62.2.3
  retrieving revision 1.62.2.4
  diff -u -r1.62.2.3 -r1.62.2.4
  --- globals.h    20 May 2009 14:30:14 -0000    1.62.2.3
  +++ globals.h    27 May 2009 17:26:54 -0000    1.62.2.4
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/globals.h,v 1.62.2.3 2009/05/20 14:30:14 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/globals.h,v 1.62.2.4 2009/05/27 17:26:54 tom Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -118,6 +118,9 @@
   extern uschar *acl_smtp_auth;          /* ACL run for AUTH */
   extern uschar *acl_smtp_connect;       /* ACL run on SMTP connection */
   extern uschar *acl_smtp_data;          /* ACL run after DATA received */
  +#ifndef DISABLE_DKIM
  +extern uschar *acl_smtp_dkim;          /* ACL run for DKIM signatures / domains */
  +#endif
   extern uschar *acl_smtp_etrn;          /* ACL run for ETRN */
   extern uschar *acl_smtp_expn;          /* ACL run for EXPN */
   extern uschar *acl_smtp_helo;          /* ACL run for HELO/EHLO */
  @@ -296,11 +299,12 @@
   extern BOOL    disable_logging;        /* Disables log writing when TRUE */


   #ifndef DISABLE_DKIM
  -extern uschar *dkim_signing_domain;      /* Domain used for signing a message. */
  -extern uschar *dkim_signing_selector;    /* Selector used for signing a message. */
  -extern uschar *dkim_verify_domains;      /* Colon-separated list of domains for each of which we call the DKIM ACL */
  -extern BOOL    dkim_collect_input;       /* Runtime flag that tracks wether SMTP input is fed to DKIM validation */
  -extern BOOL    dkim_disable_verify;      /* Set via ACL control statement. When set, DKIM verification is disabled for the current message */
  +extern uschar *dkim_signing_domains;   /* Expansion variable, holds colon-separated list of domains that have signed a message */
  +extern uschar *dkim_signing_domain;    /* Expansion variable, domain used for signing a message. */
  +extern uschar *dkim_signing_selector;  /* Expansion variable, selector used for signing a message. */
  +extern uschar *dkim_verify_domains;    /* Colon-separated list of domains for each of which we call the DKIM ACL */
  +extern BOOL    dkim_collect_input;     /* Runtime flag that tracks wether SMTP input is fed to DKIM validation */
  +extern BOOL    dkim_disable_verify;    /* Set via ACL control statement. When set, DKIM verification is disabled for the current message */
   #endif


extern uschar *dns_again_means_nonexist; /* Domains that are badly set up */

  Index: macros.h
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/macros.h,v
  retrieving revision 1.37
  retrieving revision 1.37.2.1
  diff -u -r1.37 -r1.37.2.1
  --- macros.h    29 Sep 2008 11:41:07 -0000    1.37
  +++ macros.h    27 May 2009 17:26:54 -0000    1.37.2.1
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/macros.h,v 1.37 2008/09/29 11:41:07 nm4 Exp $ */
  +/* $Cambridge: exim/exim-src/src/macros.h,v 1.37.2.1 2009/05/27 17:26:54 tom Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -799,6 +799,7 @@
          ACL_WHERE_MAIL,       /* )                                           */
          ACL_WHERE_PREDATA,    /* ) There are several tests for "in message", */
          ACL_WHERE_MIME,       /* ) implemented by <= WHERE_NOTSMTP           */
  +       ACL_WHERE_DKIM,       /* )                                           */
          ACL_WHERE_DATA,       /* )                                           */
          ACL_WHERE_NOTSMTP,    /* )                                           */



  Index: readconf.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/readconf.c,v
  retrieving revision 1.35.2.1
  retrieving revision 1.35.2.2
  diff -u -r1.35.2.1 -r1.35.2.2
  --- readconf.c    20 May 2009 14:30:14 -0000    1.35.2.1
  +++ readconf.c    27 May 2009 17:26:55 -0000    1.35.2.2
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/readconf.c,v 1.35.2.1 2009/05/20 14:30:14 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/readconf.c,v 1.35.2.2 2009/05/27 17:26:55 tom Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -142,6 +142,9 @@
     { "acl_smtp_auth",            opt_stringptr,   &acl_smtp_auth },
     { "acl_smtp_connect",         opt_stringptr,   &acl_smtp_connect },
     { "acl_smtp_data",            opt_stringptr,   &acl_smtp_data },
  +#ifndef DISABLE_DKIM
  +  { "acl_smtp_dkim",            opt_stringptr,   &acl_smtp_dkim },
  +#endif
     { "acl_smtp_etrn",            opt_stringptr,   &acl_smtp_etrn },
     { "acl_smtp_expn",            opt_stringptr,   &acl_smtp_expn },
     { "acl_smtp_helo",            opt_stringptr,   &acl_smtp_helo },


  Index: receive.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/receive.c,v
  retrieving revision 1.45.2.3
  retrieving revision 1.45.2.4
  diff -u -r1.45.2.3 -r1.45.2.4
  --- receive.c    20 May 2009 14:30:14 -0000    1.45.2.3
  +++ receive.c    27 May 2009 17:26:55 -0000    1.45.2.4
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/receive.c,v 1.45.2.3 2009/05/20 14:30:14 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/receive.c,v 1.45.2.4 2009/05/27 17:26:55 tom Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -2969,8 +2969,46 @@
       {


   #ifndef DISABLE_DKIM
  -    if (!dkim_disable_verify) dkim_exim_verify_finish();
  -#endif
  +    if (!dkim_disable_verify)
  +      {
  +      /* Finish verification, this will log individual signature results to
  +         the mainlog */
  +      dkim_exim_verify_finish();
  +
  +      /* Check if we must run the DKIM ACL */
  +      if ((acl_smtp_dkim != NULL) &&
  +          (dkim_verify_domains != NULL) &&
  +          (dkim_verify_domains[0] != '\0'))
  +        {
  +        uschar *dkim_verify_domains_expanded =
  +          expand_string(dkim_verify_domains);
  +        if (dkim_verify_domains_expanded == NULL)
  +          {
  +          log_write(0, LOG_MAIN|LOG_PANIC,
  +            "expansion of dkim_verify_domains option failed: %s",
  +            expand_string_message);
  +          }
  +        else
  +          {
  +          int sep = 0;
  +          uschar *ptr = dkim_verify_domains_expanded;
  +          uschar *item = NULL;
  +          uschar itembuf[256];
  +          while ((item = string_nextinlist(&ptr, &sep,
  +                                           itembuf,
  +                                           sizeof(itembuf))) != NULL)
  +            {
  +
  +
  +            rc = acl_check(ACL_WHERE_DKIM, NULL, acl_smtp_dkim, &user_msg, &log_msg);
  +            if (rc != OK) break;
  +            }
  +
  +          add_acl_headers(US"DKIM");
  +          }
  +        }
  +      }
  +#endif /* DISABLE_DKIM */


   #ifdef WITH_CONTENT_SCAN
       if (acl_smtp_mime != NULL &&


  Index: smtp_in.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/smtp_in.c,v
  retrieving revision 1.63.2.3
  retrieving revision 1.63.2.4
  diff -u -r1.63.2.3 -r1.63.2.4
  --- smtp_in.c    20 May 2009 14:30:14 -0000    1.63.2.3
  +++ smtp_in.c    27 May 2009 17:26:55 -0000    1.63.2.4
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/smtp_in.c,v 1.63.2.3 2009/05/20 14:30:14 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/smtp_in.c,v 1.63.2.4 2009/05/27 17:26:55 tom Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -1041,6 +1041,7 @@
   bmi_verdicts = NULL;
   #endif
   #ifndef DISABLE_DKIM
  +dkim_signing_domains = NULL;
   dkim_disable_verify = FALSE;
   dkim_collect_input = FALSE;
   #endif


  Index: spool_in.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/spool_in.c,v
  retrieving revision 1.23.2.3
  retrieving revision 1.23.2.4
  diff -u -r1.23.2.3 -r1.23.2.4
  --- spool_in.c    20 May 2009 14:30:14 -0000    1.23.2.3
  +++ spool_in.c    27 May 2009 17:26:55 -0000    1.23.2.4
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/spool_in.c,v 1.23.2.3 2009/05/20 14:30:14 tom Exp $ */
  +/* $Cambridge: exim/exim-src/src/spool_in.c,v 1.23.2.4 2009/05/27 17:26:55 tom Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -279,6 +279,7 @@
   #endif


#ifndef DISABLE_DKIM
+dkim_signing_domains = NULL;
dkim_disable_verify = FALSE;
dkim_collect_input = FALSE;
#endif

  Index: pdkim.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/pdkim/Attic/pdkim.c,v
  retrieving revision 1.1.2.16
  retrieving revision 1.1.2.17
  diff -u -r1.1.2.16 -r1.1.2.17
  --- pdkim.c    20 May 2009 14:30:15 -0000    1.1.2.16
  +++ pdkim.c    27 May 2009 17:26:55 -0000    1.1.2.17
  @@ -20,7 +20,7 @@
    *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
    */


-/* $Cambridge: exim/exim-src/src/pdkim/pdkim.c,v 1.1.2.16 2009/05/20 14:30:15 tom Exp $ */
+/* $Cambridge: exim/exim-src/src/pdkim/pdkim.c,v 1.1.2.17 2009/05/27 17:26:55 tom Exp $ */

#include <stdlib.h>
#include <stdio.h>
@@ -39,7 +39,7 @@

   #define PDKIM_MAX_HEADER_LEN        65536
   #define PDKIM_MAX_HEADERS           512
  -#define PDKIM_MAX_BODY_LINE_LEN     1024
  +#define PDKIM_MAX_BODY_LINE_LEN     16384
   #define PDKIM_DNS_TXT_MAX_NAMELEN   1024
   #define PDKIM_DEFAULT_SIGN_HEADERS "From:Sender:Reply-To:Subject:Date:"\
                                "Message-ID:To:Cc:MIME-Version:Content-Type:"\