tom 2009/06/10 08:34:05 BST
Modified files:
exim-src Makefile
exim-src/OS Makefile-Base os.h-Linux
exim-src/scripts MakeLinks
exim-src/src acl.c config.h.defaults dns.c drtables.c
exim.c exim.h expand.c functions.h
globals.c globals.h macros.h readconf.c
receive.c smtp_in.c spool_in.c tls-gnu.c
tls-openssl.c transport.c
exim-src/src/lookups Makefile dnsdb.c
exim-src/src/transports smtp.c smtp.h
Added files:
exim-src/src dkim.c dkim.h
exim-src/src/pdkim Makefile README base64.c base64.h
bignum.c bignum.h bn_mul.h pdkim.c
pdkim.h rsa.c rsa.h sha1.c sha1.h sha2.c
sha2.h
Removed files:
exim-src/src dk.c dk.h dkim-exim.c dkim-exim.h
exim-src/src/lookups dkim.c dkim.h
Log:
Merge native DKIM support (from DEVEL_PDKIM)
Revision Changes Path
1.6 +1 -1 exim/exim-src/Makefile
1.17 +15 -9 exim/exim-src/OS/Makefile-Base
1.8 +4 -4 exim/exim-src/OS/os.h-Linux
1.15 +23 -4 exim/exim-src/scripts/MakeLinks
1.83 +44 -190 exim/exim-src/src/acl.c
1.17 +1 -3 exim/exim-src/src/config.h.defaults
1.13 +0 -440 exim/exim-src/src/dk.c (dead)
1.4 +0 -51 exim/exim-src/src/dk.h (dead)
1.5 +0 -510 exim/exim-src/src/dkim-exim.c (dead)
1.2 +0 -35 exim/exim-src/src/dkim-exim.h (dead)
1.2 +500 -0 exim/exim-src/src/dkim.c (new)
1.2 +33 -0 exim/exim-src/src/dkim.h (new)
1.18 +6 -1 exim/exim-src/src/dns.c
1.10 +0 -22 exim/exim-src/src/drtables.c
1.62 +3 -6 exim/exim-src/src/exim.c
1.25 +2 -5 exim/exim-src/src/exim.h
1.98 +27 -62 exim/exim-src/src/expand.c
1.44 +2 -4 exim/exim-src/src/functions.h
1.82 +11 -9 exim/exim-src/src/globals.c
1.63 +10 -10 exim/exim-src/src/globals.h
1.9 +1 -2 exim/exim-src/src/lookups/Makefile
1.2 +0 -52 exim/exim-src/src/lookups/dkim.c (dead)
1.2 +0 -16 exim/exim-src/src/lookups/dkim.h (dead)
1.18 +8 -2 exim/exim-src/src/lookups/dnsdb.c
1.38 +1 -0 exim/exim-src/src/macros.h
1.2 +22 -0 exim/exim-src/src/pdkim/Makefile (new)
1.2 +13 -0 exim/exim-src/src/pdkim/README (new)
1.2 +180 -0 exim/exim-src/src/pdkim/base64.c (new)
1.2 +76 -0 exim/exim-src/src/pdkim/base64.h (new)
1.2 +1813 -0 exim/exim-src/src/pdkim/bignum.c (new)
1.2 +395 -0 exim/exim-src/src/pdkim/bignum.h (new)
1.2 +719 -0 exim/exim-src/src/pdkim/bn_mul.h (new)
1.2 +1714 -0 exim/exim-src/src/pdkim/pdkim.c (new)
1.2 +325 -0 exim/exim-src/src/pdkim/pdkim.h (new)
1.2 +822 -0 exim/exim-src/src/pdkim/rsa.c (new)
1.2 +356 -0 exim/exim-src/src/pdkim/rsa.h (new)
1.2 +424 -0 exim/exim-src/src/pdkim/sha1.c (new)
1.2 +137 -0 exim/exim-src/src/pdkim/sha1.h (new)
1.2 +431 -0 exim/exim-src/src/pdkim/sha2.c (new)
1.2 +145 -0 exim/exim-src/src/pdkim/sha2.h (new)
1.36 +6 -0 exim/exim-src/src/readconf.c
1.46 +74 -63 exim/exim-src/src/receive.c
1.64 +7 -5 exim/exim-src/src/smtp_in.c
1.24 +4 -6 exim/exim-src/src/spool_in.c
1.21 +3 -1 exim/exim-src/src/tls-gnu.c
1.14 +3 -1 exim/exim-src/src/tls-openssl.c
1.24 +5 -61 exim/exim-src/src/transport.c
1.42 +18 -38 exim/exim-src/src/transports/smtp.c
1.15 +1 -7 exim/exim-src/src/transports/smtp.h
Index: Makefile
===================================================================
RCS file: /home/cvs/exim/exim-src/Makefile,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- Makefile 14 Feb 2008 13:49:35 -0000 1.5
+++ Makefile 10 Jun 2009 07:34:04 -0000 1.6
@@ -77,7 +77,7 @@
cd build-$(buildname); \
$(RM_COMMAND) -f *.o lookups/*.o lookups/*.a auths/*.o auths/*.a \
routers/*.o routers/*.a transports/*.o transports/*.a \
- pcre/*.o pcre/*.a
+ pdkim/*.o pdkim/*.a
clean_exim:; cd build-$(buildname); \
$(RM_COMMAND) -f *.o lookups/*.o lookups/*.a auths/*.o auths/*.a \
Index: Makefile-Base
===================================================================
RCS file: /home/cvs/exim/exim-src/OS/Makefile-Base,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- Makefile-Base 20 Jan 2009 16:06:14 -0000 1.16
+++ Makefile-Base 10 Jun 2009 07:34:04 -0000 1.17
@@ -96,7 +96,7 @@
# therefore always be run, even if the files exist. This shouldn't in fact be a
# problem, but it does no harm. Other make programs will just ignore this.
-.PHONY: all allexim buildauths buildlookups buildrouters \
+.PHONY: all allexim buildauths buildlookups buildpdkim buildrouters \
buildtransports checklocalmake clean
@@ -109,7 +109,7 @@
exim_checkaccess \
exim_dbmbuild exim_dumpdb exim_fixdb exim_tidydb exim_lock \
buildlookups buildrouters buildtransports \
- buildauths exim
+ buildauths buildpdkim exim
# Targets for special-purpose configuration header builders
@@ -300,14 +300,14 @@
OBJ_WITH_CONTENT_SCAN = malware.o mime.o regex.o spam.o spool_mbox.o
OBJ_WITH_OLD_DEMIME = demime.o
-OBJ_EXPERIMENTAL = bmi_spam.o spf.o srs.o dk.o dkim-exim.o dcc.o
+OBJ_EXPERIMENTAL = bmi_spam.o spf.o srs.o dcc.o
# Targets for final binaries; the main one has a build number which is
# updated each time. We don't bother with that for the auxiliaries.
OBJ_EXIM = acl.o child.o crypt16.o daemon.o dbfn.o debug.o deliver.o \
directory.o dns.o drtables.o enq.o exim.o expand.o filter.o \
- filtertest.o globals.o \
+ filtertest.o globals.o dkim.o \
header.o host.o ip.o log.o lss.o match.o moan.o \
os.o parse.o queue.o \
rda.o readconf.o receive.o retry.o rewrite.o rfc2047.o \
@@ -316,7 +316,7 @@
local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \
$(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL)
-exim: lookups/lookups.a auths/auths.a \
+exim: lookups/lookups.a auths/auths.a pdkim/pdkim.a \
routers/routers.a transports/transports.a \
$(OBJ_EXIM) version.c
@echo " "
@@ -328,7 +328,7 @@
@echo "$(LNCC) -o exim"
$(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \
routers/routers.a transports/transports.a lookups/lookups.a \
- auths/auths.a \
+ auths/auths.a pdkim/pdkim.a \
$(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \
$(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \
$(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS)
@@ -578,7 +578,7 @@
transport.o: $(HDRS) transport.c
tree.o: $(HDRS) tree.c
verify.o: $(HDRS) verify.c
-
+dkim.o: $(HDRS) dkim.c
# Dependencies for WITH_CONTENT_SCAN modules
@@ -599,8 +599,6 @@
bmi_spam.o: $(HDRS) bmi_spam.c
spf.o: $(HDRS) spf.h spf.c
srs.o: $(HDRS) srs.h srs.c
-dk.o: $(HDRS) dk.h dk.c
-dkim-exim.o: $(HDRS) dkim-exim.h dkim-exim.c
dcc.o: $(HDRS) dcc.h dcc.c
# The module containing tables of available lookups, routers, auths, and
@@ -670,6 +668,14 @@
INCLUDE="$(INCLUDE) $(IPV6_INCLUDE) $(TLS_INCLUDE)"; \
echo " "
+# The PDKIM library
+
+buildpdkim pdkim/pdkim.a: config.h
+ @cd pdkim; $(MAKE) SHELL=$(SHELL) AR="$(AR)" $(MFLAGS) CC="$(CC)" CFLAGS="$(CFLAGS)" \
+ FE="$(FE)" RANLIB="$(RANLIB)" RM_COMMAND="$(RM_COMMAND)" HDRS="$(PHDRS)" \
+ INCLUDE="$(INCLUDE) $(IPV6_INCLUDE) $(TLS_INCLUDE)"; \
+ echo " "
+
# The "clean", "install", and "makefile" targets just pass themselves back to
# the main Exim makefile. These targets will be obeyed only if "make" is obeyed
# for them in the build directory.
Index: os.h-Linux
===================================================================
RCS file: /home/cvs/exim/exim-src/OS/os.h-Linux,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- os.h-Linux 4 Oct 2007 13:28:06 -0000 1.7
+++ os.h-Linux 10 Jun 2009 07:34:04 -0000 1.8
@@ -10,10 +10,10 @@
#define NO_IP_VAR_H
#define SIG_IGN_WORKS
-/* When using the experimental Domainkeys/DKIM extensions, setting
-HAVE_LINUX_SENDFILE can increase performance on outgoing mail a bit.
-Note: With older glibc versions this setting will conflict with the
-_FILE_OFFSET_BITS=64 setting defined as part of the Linux CFLAGS. */
+/* When using the DKIM, setting HAVE_LINUX_SENDFILE can increase
+performance on outgoing mail a bit. Note: With older glibc versions
+this setting will conflict with the _FILE_OFFSET_BITS=64 setting
+defined as part of the Linux CFLAGS. */
/* #define HAVE_LINUX_SENDFILE */
Index: MakeLinks
===================================================================
RCS file: /home/cvs/exim/exim-src/scripts/MakeLinks,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- MakeLinks 17 Jan 2008 13:03:35 -0000 1.14
+++ MakeLinks 10 Jun 2009 07:34:04 -0000 1.15
@@ -189,6 +189,27 @@
ln -s ../../src/auths/spa.h spa.h
cd ..
+# Likewise for the code for the PDKIM library
+mkdir pdkim
+cd pdkim
+ln -s ../../src/pdkim/README README
+ln -s ../../src/pdkim/Makefile Makefile
+ln -s ../../src/pdkim/base64.c base64.c
+ln -s ../../src/pdkim/base64.h base64.h
+ln -s ../../src/pdkim/bignum.c bignum.c
+ln -s ../../src/pdkim/bignum.h bignum.h
+ln -s ../../src/pdkim/bn_mul.h bn_mul.h
+ln -s ../../src/pdkim/pdkim.c pdkim.c
+ln -s ../../src/pdkim/pdkim.h pdkim.h
+ln -s ../../src/pdkim/pdkim-api.h pdkim-api.h
+ln -s ../../src/pdkim/rsa.c rsa.c
+ln -s ../../src/pdkim/rsa.h rsa.h
+ln -s ../../src/pdkim/sha1.c sha1.c
+ln -s ../../src/pdkim/sha1.h sha1.h
+ln -s ../../src/pdkim/sha2.c sha2.c
+ln -s ../../src/pdkim/sha2.h sha2.h
+cd ..
+
# The basic source files for Exim and utilities. NB local_scan.h gets linked,
# but local_scan.c does not, because its location is taken from the build-time
# configuration. Likewise for the os.c file, which gets build dynamically.
@@ -259,6 +280,8 @@
ln -s ../src/tree.c tree.c
ln -s ../src/verify.c verify.c
ln -s ../src/version.c version.c
+ln -s ../src/dkim.c dkim.c
+ln -s ../src/dkim.h dkim.h
# WITH_CONTENT_SCAN
ln -s ../src/spam.c spam.c
@@ -280,10 +303,6 @@
ln -s ../src/spf.h spf.h
ln -s ../src/srs.c srs.c
ln -s ../src/srs.h srs.h
-ln -s ../src/dk.c dk.c
-ln -s ../src/dk.h dk.h
-ln -s ../src/dkim-exim.c dkim-exim.c
-ln -s ../src/dkim-exim.h dkim-exim.h
ln -s ../src/dcc.c dcc.c
ln -s ../src/dcc.h dcc.h
Index: acl.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/acl.c,v
retrieving revision 1.82
retrieving revision 1.83
diff -u -r1.82 -r1.83
--- acl.c 12 Feb 2008 12:52:51 -0000 1.82
+++ acl.c 10 Jun 2009 07:34:04 -0000 1.83
@@ -65,13 +65,9 @@
#ifdef WITH_OLD_DEMIME
ACLC_DEMIME,
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
- ACLC_DK_DOMAIN_SOURCE,
- ACLC_DK_POLICY,
- ACLC_DK_SENDER_DOMAINS,
- ACLC_DK_SENDER_LOCAL_PARTS,
- ACLC_DK_SENDERS,
- ACLC_DK_STATUS,
+#ifndef DISABLE_DKIM
+ ACLC_DKIM_SIGNER,
+ ACLC_DKIM_STATUS,
#endif
ACLC_DNSLISTS,
ACLC_DOMAINS,
@@ -131,13 +127,9 @@
#ifdef WITH_OLD_DEMIME
US"demime",
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
- US"dk_domain_source",
- US"dk_policy",
- US"dk_sender_domains",
- US"dk_sender_local_parts",
- US"dk_senders",
- US"dk_status",
+#ifndef DISABLE_DKIM
+ US"dkim_signers",
+ US"dkim_status",
#endif
US"dnslists",
US"domains",
@@ -179,10 +171,7 @@
#ifdef EXPERIMENTAL_BRIGHTMAIL
CONTROL_BMI_RUN,
#endif
- #ifdef EXPERIMENTAL_DOMAINKEYS
- CONTROL_DK_VERIFY,
- #endif
- #ifdef EXPERIMENTAL_DKIM
+ #ifndef DISABLE_DKIM
CONTROL_DKIM_VERIFY,
#endif
CONTROL_ERROR,
@@ -215,11 +204,8 @@
#ifdef EXPERIMENTAL_BRIGHTMAIL
US"bmi_run",
#endif
- #ifdef EXPERIMENTAL_DOMAINKEYS
- US"dk_verify",
- #endif
- #ifdef EXPERIMENTAL_DKIM
- US"dkim_verify",
+ #ifndef DISABLE_DKIM
+ US"dkim_disable_verify",
#endif
US"error",
US"caseful_local_part",
@@ -265,13 +251,9 @@
#ifdef WITH_OLD_DEMIME
TRUE, /* demime */
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
- TRUE, /* dk_domain_source */
- TRUE, /* dk_policy */
- TRUE, /* dk_sender_domains */
- TRUE, /* dk_sender_local_parts */
- TRUE, /* dk_senders */
- TRUE, /* dk_status */
+#ifndef DISABLE_DKIM
+ TRUE, /* dkim_signers */
+ TRUE, /* dkim_status */
#endif
TRUE, /* dnslists */
FALSE, /* domains */
@@ -329,13 +311,9 @@
#ifdef WITH_OLD_DEMIME
FALSE, /* demime */
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
- FALSE, /* dk_domain_source */
- FALSE, /* dk_policy */
- FALSE, /* dk_sender_domains */
- FALSE, /* dk_sender_local_parts */
- FALSE, /* dk_senders */
- FALSE, /* dk_status */
+#ifndef DISABLE_DKIM
+ FALSE, /* dkim_signers */
+ FALSE, /* dkim_status */
#endif
FALSE, /* dnslists */
FALSE, /* domains */
@@ -426,54 +404,12 @@
~((1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)), /* demime */
#endif
- #ifdef EXPERIMENTAL_DOMAINKEYS
- (1<<ACL_WHERE_AUTH)| /* dk_domain_source */
- (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
- (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
- (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
- (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
- (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
-
- (1<<ACL_WHERE_AUTH)| /* dk_policy */
- (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
- (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
- (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
- (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
- (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
-
- (1<<ACL_WHERE_AUTH)| /* dk_sender_domains */
- (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
- (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
- (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
- (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
- (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
-
- (1<<ACL_WHERE_AUTH)| /* dk_sender_local_parts */
- (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
- (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
- (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
- (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
- (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
-
- (1<<ACL_WHERE_AUTH)| /* dk_senders */
- (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
- (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
- (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
- (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
- (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
+ #ifndef DISABLE_DKIM
+ (unsigned int)
+ ~(1<<ACL_WHERE_DKIM), /* dkim_signers */
- (1<<ACL_WHERE_AUTH)| /* dk_status */
- (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
- (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
- (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
- (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
- (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
+ (unsigned int)
+ ~(1<<ACL_WHERE_DKIM), /* dkim_status */
#endif
(1<<ACL_WHERE_NOTSMTP)| /* dnslists */
@@ -580,13 +516,8 @@
0, /* bmi_run */
#endif
- #ifdef EXPERIMENTAL_DOMAINKEYS
- (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)| /* dk_verify */
- (1<<ACL_WHERE_NOTSMTP_START),
- #endif
-
- #ifdef EXPERIMENTAL_DKIM
- (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)| /* dkim_verify */
+ #ifndef DISABLE_DKIM
+ (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)| /* dkim_disable_verify */
(1<<ACL_WHERE_NOTSMTP_START),
#endif
@@ -666,11 +597,8 @@
#ifdef EXPERIMENTAL_BRIGHTMAIL
{ US"bmi_run", CONTROL_BMI_RUN, FALSE },
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
- { US"dk_verify", CONTROL_DK_VERIFY, FALSE },
-#endif
-#ifdef EXPERIMENTAL_DKIM
- { US"dkim_verify", CONTROL_DKIM_VERIFY, FALSE },
+#ifndef DISABLE_DKIM
+ { US"dkim_disable_verify", CONTROL_DKIM_VERIFY, FALSE },
#endif
{ US"caseful_local_part", CONTROL_CASEFUL_LOCAL_PART, FALSE },
{ US"caselower_local_part", CONTROL_CASELOWER_LOCAL_PART, FALSE },
@@ -2650,15 +2578,9 @@
break;
#endif
- #ifdef EXPERIMENTAL_DOMAINKEYS
- case CONTROL_DK_VERIFY:
- dk_do_verify = 1;
- break;
- #endif
-
- #ifdef EXPERIMENTAL_DKIM
+ #ifndef DISABLE_DKIM
case CONTROL_DKIM_VERIFY:
- dkim_do_verify = 1;
+ dkim_disable_verify = TRUE;
break;
#endif
@@ -2862,95 +2784,27 @@
break;
#endif
- #ifdef EXPERIMENTAL_DOMAINKEYS
- case ACLC_DK_DOMAIN_SOURCE:
- if (dk_verify_block == NULL) { rc = FAIL; break; };
- /* check header source of domain against given string */
- switch (dk_verify_block->address_source) {
- case DK_EXIM_ADDRESS_FROM_FROM:
- rc = match_isinlist(US"from", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
- case DK_EXIM_ADDRESS_FROM_SENDER:
- rc = match_isinlist(US"sender", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
- case DK_EXIM_ADDRESS_NONE:
- rc = match_isinlist(US"none", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
+ #ifndef DISABLE_DKIM
+ case ACLC_DKIM_SIGNER:
+ if (dkim_signing_domain != NULL)
+ {
+ rc = match_isinlist(dkim_signing_domain,
+ &arg,0,NULL,NULL,MCL_STRING,TRUE,NULL);
+ if (rc == FAIL)
+ {
+ rc = match_isinlist(dkim_exim_expand_query(DKIM_IDENTITY),
+ &arg,0,NULL,NULL,MCL_STRING,TRUE,NULL);
+ }
+ }
+ else
+ {
+ rc = FAIL;
}
break;
- case ACLC_DK_POLICY:
- if (dk_verify_block == NULL) { rc = FAIL; break; };
- /* check policy against given string, default FAIL */
- rc = FAIL;
- if (dk_verify_block->signsall)
- rc = match_isinlist(US"signsall", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- if (dk_verify_block->testing)
- rc = match_isinlist(US"testing", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
-
- case ACLC_DK_SENDER_DOMAINS:
- if (dk_verify_block == NULL) { rc = FAIL; break; };
- if (dk_verify_block->domain != NULL)
- rc = match_isinlist(dk_verify_block->domain, &arg, 0, &domainlist_anchor,
- NULL, MCL_DOMAIN, TRUE, NULL);
- else rc = FAIL;
- break;
-
- case ACLC_DK_SENDER_LOCAL_PARTS:
- if (dk_verify_block == NULL) { rc = FAIL; break; };
- if (dk_verify_block->local_part != NULL)
- rc = match_isinlist(dk_verify_block->local_part, &arg, 0, &localpartlist_anchor,
- NULL, MCL_LOCALPART, TRUE, NULL);
- else rc = FAIL;
- break;
-
- case ACLC_DK_SENDERS:
- if (dk_verify_block == NULL) { rc = FAIL; break; };
- if (dk_verify_block->address != NULL)
- rc = match_address_list(dk_verify_block->address, TRUE, TRUE, &arg, NULL, -1, 0, NULL);
- else rc = FAIL;
- break;
-
- case ACLC_DK_STATUS:
- if (dk_verify_block == NULL) { rc = FAIL; break; };
- if (dk_verify_block->result > 0) {
- switch(dk_verify_block->result) {
- case DK_EXIM_RESULT_BAD_FORMAT:
- rc = match_isinlist(US"bad format", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
- case DK_EXIM_RESULT_NO_KEY:
- rc = match_isinlist(US"no key", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
- case DK_EXIM_RESULT_NO_SIGNATURE:
- rc = match_isinlist(US"no signature", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
- case DK_EXIM_RESULT_REVOKED:
- rc = match_isinlist(US"revoked", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
- case DK_EXIM_RESULT_NON_PARTICIPANT:
- rc = match_isinlist(US"non-participant", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
- case DK_EXIM_RESULT_GOOD:
- rc = match_isinlist(US"good", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
- case DK_EXIM_RESULT_BAD:
- rc = match_isinlist(US"bad", &arg, 0, NULL,
- NULL, MCL_STRING, TRUE, NULL);
- break;
- }
- }
+ case ACLC_DKIM_STATUS:
+ rc = match_isinlist(dkim_exim_expand_query(DKIM_VERIFY_STATUS),
+ &arg,0,NULL,NULL,MCL_STRING,TRUE,NULL);
break;
#endif
Index: config.h.defaults
===================================================================
RCS file: /home/cvs/exim/exim-src/src/config.h.defaults,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- config.h.defaults 17 Jan 2008 13:03:35 -0000 1.16
+++ config.h.defaults 10 Jun 2009 07:34:04 -0000 1.17
@@ -150,15 +150,13 @@
/* EXPERIMENTAL features */
#define EXPERIMENTAL_SPF
#define EXPERIMENTAL_SRS
-#define EXPERIMENTAL_DOMAINKEYS
-#define EXPERIMENTAL_DKIM
#define EXPERIMENTAL_BRIGHTMAIL
#define EXPERIMENTAL_DCC
/* Things that are not routinely changed but are nevertheless configurable
just in case. */
-#define DNS_MAXNAME 256
+#define DNS_MAXNAME 1024
#define EXPAND_MAXN 20
#define ROOT_UID 0
Index: dns.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/dns.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- dns.c 8 Jan 2007 10:50:18 -0000 1.17
+++ dns.c 10 Jun 2009 07:34:04 -0000 1.18
@@ -562,7 +562,12 @@
else
dnsa->answerlen = res_search(CS name, C_IN, type, dnsa->answer, MAXPACKET);
-if (dnsa->answerlen > MAXPACKET) dnsa->answerlen = MAXPACKET;
+if (dnsa->answerlen > MAXPACKET)
+ {
+ DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) resulted in overlong packet (size %d), truncating to %d.\n",
+ name, dns_text_type(type), dnsa->answerlen, MAXPACKET);
+ dnsa->answerlen = MAXPACKET;
+ }
if (dnsa->answerlen < 0) switch (h_errno)
{
Index: drtables.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/drtables.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- drtables.c 28 Sep 2007 12:21:57 -0000 1.9
+++ drtables.c 10 Jun 2009 07:34:04 -0000 1.10
@@ -105,11 +105,6 @@
#include "lookups/whoson.h"
#endif
-#ifdef EXPERIMENTAL_DKIM
-#include "lookups/dkim.h"
-#endif
-
-
/* The second field in each item below is a set of bit flags:
lookup_querystyle => this is a query-style lookup,
@@ -176,23 +171,6 @@
#endif
},
-/* DKIM lookups */
-
- {
- US"dkim", /* lookup name */
- lookup_querystyle, /* query style */
-#ifdef EXPERIMENTAL_DKIM
- dkim_open, /* open function */
- NULL, /* check function */
- dkim_find, /* find function */
- NULL, /* no close function */
- NULL, /* no tidy function */
- NULL /* no quoting function */
-#else
- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */
-#endif
- },
-
/* Using DNS TXT records as a database */
{
Index: exim.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/exim.c,v
retrieving revision 1.61
retrieving revision 1.62
diff -u -r1.61 -r1.62
--- exim.c 12 Oct 2008 09:58:13 -0000 1.61
+++ exim.c 10 Jun 2009 07:34:04 -0000 1.62
@@ -905,6 +905,9 @@
#ifdef WITH_CONTENT_SCAN
fprintf(f, " Content_Scanning");
#endif
+#ifndef DISABLE_DKIM
+ fprintf(f, " DKIM");
+#endif
#ifdef WITH_OLD_DEMIME
fprintf(f, " Old_Demime");
#endif
@@ -917,12 +920,6 @@
#ifdef EXPERIMENTAL_BRIGHTMAIL
fprintf(f, " Experimental_Brightmail");
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
- fprintf(f, " Experimental_DomainKeys");
-#endif
-#ifdef EXPERIMENTAL_DKIM
- fprintf(f, " Experimental_DKIM");
-#endif
#ifdef EXPERIMENTAL_DCC
fprintf(f, " Experimental_DCC");
#endif
Index: exim.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/exim.h,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- exim.h 16 Jan 2008 13:44:45 -0000 1.24
+++ exim.h 10 Jun 2009 07:34:04 -0000 1.25
@@ -446,11 +446,8 @@
#ifdef EXPERIMENTAL_SRS
#include "srs.h"
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
-#include "dk.h"
-#endif
-#ifdef EXPERIMENTAL_DKIM
-#include "dkim-exim.h"
+#ifndef DISABLE_DKIM
+#include "dkim.h"
#endif
/* The following stuff must follow the inclusion of config.h because it
Index: expand.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/expand.c,v
retrieving revision 1.97
retrieving revision 1.98
diff -u -r1.97 -r1.98
--- expand.c 12 Dec 2008 14:51:47 -0000 1.97
+++ expand.c 10 Jun 2009 07:34:04 -0000 1.98
@@ -364,9 +364,9 @@
vtype_load_avg, /* value not used; result is int from os_getloadavg */
vtype_pspace, /* partition space; value is T/F for spool/log */
vtype_pinodes /* partition inodes; value is T/F for spool/log */
-#ifdef EXPERIMENTAL_DOMAINKEYS
- ,vtype_dk_verify /* Serve request out of DomainKeys verification structure */
-#endif
+ #ifndef DISABLE_DKIM
+ ,vtype_dkim /* Lookup of value in DKIM signature */
+ #endif
};
/* This table must be kept in alphabetical order. */
@@ -404,22 +404,26 @@
{ "demime_errorlevel", vtype_int, &demime_errorlevel },
{ "demime_reason", vtype_stringptr, &demime_reason },
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
- { "dk_domain", vtype_stringptr, &dk_signing_domain },
- { "dk_is_signed", vtype_dk_verify, NULL },
- { "dk_result", vtype_dk_verify, NULL },
- { "dk_selector", vtype_stringptr, &dk_signing_selector },
- { "dk_sender", vtype_dk_verify, NULL },
- { "dk_sender_domain", vtype_dk_verify, NULL },
- { "dk_sender_local_part",vtype_dk_verify, NULL },
- { "dk_sender_source", vtype_dk_verify, NULL },
- { "dk_signsall", vtype_dk_verify, NULL },
- { "dk_status", vtype_dk_verify, NULL },
- { "dk_testing", vtype_dk_verify, NULL },
-#endif
-#ifdef EXPERIMENTAL_DKIM
+#ifndef DISABLE_DKIM
+ { "dkim_algo", vtype_dkim, (void *)DKIM_ALGO },
+ { "dkim_bodylength", vtype_dkim, (void *)DKIM_BODYLENGTH },
+ { "dkim_canon_body", vtype_dkim, (void *)DKIM_CANON_BODY },
+ { "dkim_canon_headers", vtype_dkim, (void *)DKIM_CANON_HEADERS },
+ { "dkim_copiedheaders", vtype_dkim, (void *)DKIM_COPIEDHEADERS },
+ { "dkim_created", vtype_dkim, (void *)DKIM_CREATED },
{ "dkim_domain", vtype_stringptr, &dkim_signing_domain },
+ { "dkim_expires", vtype_dkim, (void *)DKIM_EXPIRES },
+ { "dkim_headernames", vtype_dkim, (void *)DKIM_HEADERNAMES },
+ { "dkim_identity", vtype_dkim, (void *)DKIM_IDENTITY },
+ { "dkim_key_granularity",vtype_dkim, (void *)DKIM_KEY_GRANULARITY },
+ { "dkim_key_nosubdomains",vtype_dkim, (void *)DKIM_NOSUBDOMAINS },
+ { "dkim_key_notes", vtype_dkim, (void *)DKIM_KEY_NOTES },
+ { "dkim_key_srvtype", vtype_dkim, (void *)DKIM_KEY_SRVTYPE },
+ { "dkim_key_testing", vtype_dkim, (void *)DKIM_KEY_TESTING },
{ "dkim_selector", vtype_stringptr, &dkim_signing_selector },
+ { "dkim_signing_domains",vtype_stringptr, &dkim_signing_domains },
+ { "dkim_verify_reason", vtype_dkim, (void *)DKIM_VERIFY_REASON },
+ { "dkim_verify_status", vtype_dkim, (void *)DKIM_VERIFY_STATUS},
#endif
{ "dnslist_domain", vtype_stringptr, &dnslist_domain },
{ "dnslist_matched", vtype_stringptr, &dnslist_matched },
@@ -1382,51 +1386,6 @@
switch (var_table[middle].type)
{
-#ifdef EXPERIMENTAL_DOMAINKEYS
-
- case vtype_dk_verify:
- if (dk_verify_block == NULL) return US"";
- s = NULL;
- if (Ustrcmp(var_table[middle].name, "dk_result") == 0)
- s = dk_verify_block->result_string;
- if (Ustrcmp(var_table[middle].name, "dk_sender") == 0)
- s = dk_verify_block->address;
- if (Ustrcmp(var_table[middle].name, "dk_sender_domain") == 0)
- s = dk_verify_block->domain;
- if (Ustrcmp(var_table[middle].name, "dk_sender_local_part") == 0)
- s = dk_verify_block->local_part;
-
- if (Ustrcmp(var_table[middle].name, "dk_sender_source") == 0)
- switch(dk_verify_block->address_source) {
- case DK_EXIM_ADDRESS_NONE: s = US"0"; break;
- case DK_EXIM_ADDRESS_FROM_FROM: s = US"from"; break;
- case DK_EXIM_ADDRESS_FROM_SENDER: s = US"sender"; break;
- }
-
- if (Ustrcmp(var_table[middle].name, "dk_status") == 0)
- switch(dk_verify_block->result) {
- case DK_EXIM_RESULT_ERR: s = US"error"; break;
- case DK_EXIM_RESULT_BAD_FORMAT: s = US"bad format"; break;
- case DK_EXIM_RESULT_NO_KEY: s = US"no key"; break;
- case DK_EXIM_RESULT_NO_SIGNATURE: s = US"no signature"; break;
- case DK_EXIM_RESULT_REVOKED: s = US"revoked"; break;
- case DK_EXIM_RESULT_NON_PARTICIPANT: s = US"non-participant"; break;
- case DK_EXIM_RESULT_GOOD: s = US"good"; break;
- case DK_EXIM_RESULT_BAD: s = US"bad"; break;
- }
-
- if (Ustrcmp(var_table[middle].name, "dk_signsall") == 0)
- s = (dk_verify_block->signsall)? US"1" : US"0";
-
- if (Ustrcmp(var_table[middle].name, "dk_testing") == 0)
- s = (dk_verify_block->testing)? US"1" : US"0";
-
- if (Ustrcmp(var_table[middle].name, "dk_is_signed") == 0)
- s = (dk_verify_block->is_signed)? US"1" : US"0";
-
- return (s == NULL)? US"" : s;
-#endif
-
case vtype_filter_int:
if (!filter_running) return NULL;
/* Fall through */
@@ -1605,6 +1564,12 @@
sprintf(CS var_buffer, "%d", inodes);
}
return var_buffer;
+
+ #ifndef DKIM_DISABLE
+ case vtype_dkim:
+ return dkim_exim_expand_query((int)var_table[middle].value);
+ #endif
+
}
}
Index: functions.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/functions.h,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- functions.h 18 Dec 2008 13:13:54 -0000 1.43
+++ functions.h 10 Jun 2009 07:34:04 -0000 1.44
@@ -83,12 +83,10 @@
extern int demime(uschar **);
#endif
extern BOOL directory_make(uschar *, uschar *, int, BOOL);
-#if (defined EXPERIMENTAL_DOMAINKEYS) || (defined EXPERIMENTAL_DKIM)
+#ifndef DISABLE_DKIM
extern BOOL dkim_transport_write_message(address_item *, int, int,
int, uschar *, uschar *, uschar *, uschar *, rewrite_rule *,
- int, uschar *, uschar *, uschar *, uschar *, uschar *, uschar *,
- uschar *, uschar *, uschar *, uschar *, uschar *, uschar *
- );
+ int, uschar *, uschar *, uschar *, uschar *, uschar *, uschar *);
#endif
extern dns_address *dns_address_from_rr(dns_answer *, dns_record *);
extern void dns_build_reverse(uschar *, uschar *);
Index: globals.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/globals.c,v
retrieving revision 1.81
retrieving revision 1.82
diff -u -r1.81 -r1.82
--- globals.c 12 Feb 2008 12:52:51 -0000 1.81
+++ globals.c 10 Jun 2009 07:34:04 -0000 1.82
@@ -182,6 +182,9 @@
uschar *acl_smtp_auth = NULL;
uschar *acl_smtp_connect = NULL;
uschar *acl_smtp_data = NULL;
+#ifndef DISABLE_DKIM
+uschar *acl_smtp_dkim = NULL;
+#endif
uschar *acl_smtp_etrn = NULL;
uschar *acl_smtp_expn = NULL;
uschar *acl_smtp_helo = NULL;
@@ -210,6 +213,7 @@
US"MAIL",
US"PREDATA",
US"MIME",
+ US"DKIM",
US"DATA",
US"non-SMTP",
US"AUTH",
@@ -229,6 +233,7 @@
US"550", /* MAIL */
US"550", /* PREDATA */
US"550", /* MIME */
+ US"550", /* DKIM */
US"550", /* DATA */
US"0", /* not SMTP; not relevant */
US"503", /* AUTH */
@@ -391,7 +396,7 @@
int callout_cache_positive_expire = 24*60*60;
int callout_cache_negative_expire = 2*60*60;
uschar *callout_random_local_part = US"$primary_hostname-$tod_epoch-testing";
-uschar *check_dns_names_pattern= US"(?i)^(?>(?(1)\\.|())[^\\W_](?>[a-z0-9/-]*[^\\W_])?)+$";
+uschar *check_dns_names_pattern= US"(?i)^(?>(?(1)\\.|())[^\\W](?>[a-z0-9/_-]*[^\\W])?)+(\\.?)$";
int check_log_inodes = 0;
int check_log_space = 0;
BOOL check_rfc2047_length = TRUE;
@@ -526,16 +531,13 @@
BOOL disable_ipv6 = FALSE;
BOOL disable_logging = FALSE;
-#ifdef EXPERIMENTAL_DOMAINKEYS
-uschar *dk_signing_domain = NULL;
-uschar *dk_signing_selector = NULL;
-int dk_do_verify = 0;
-#endif
-
-#ifdef EXPERIMENTAL_DKIM
+#ifndef DISABLE_DKIM
+uschar *dkim_signing_domains = NULL;
uschar *dkim_signing_domain = NULL;
uschar *dkim_signing_selector = NULL;
-int dkim_do_verify = 0;
+uschar *dkim_verify_signers = US"$dkim_signing_domains";
+BOOL dkim_collect_input = FALSE;
+BOOL dkim_disable_verify = FALSE;
#endif
uschar *dns_again_means_nonexist = NULL;
Index: globals.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/globals.h,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -r1.62 -r1.63
--- globals.h 12 Feb 2008 12:52:51 -0000 1.62
+++ globals.h 10 Jun 2009 07:34:04 -0000 1.63
@@ -118,6 +118,9 @@
extern uschar *acl_smtp_auth; /* ACL run for AUTH */
extern uschar *acl_smtp_connect; /* ACL run on SMTP connection */
extern uschar *acl_smtp_data; /* ACL run after DATA received */
+#ifndef DISABLE_DKIM
+extern uschar *acl_smtp_dkim; /* ACL run for DKIM signatures / domains */
+#endif
extern uschar *acl_smtp_etrn; /* ACL run for ETRN */
extern uschar *acl_smtp_expn; /* ACL run for EXPN */
extern uschar *acl_smtp_helo; /* ACL run for HELO/EHLO */
@@ -295,16 +298,13 @@
extern BOOL disable_ipv6; /* Don't do any IPv6 things */
extern BOOL disable_logging; /* Disables log writing when TRUE */
-#ifdef EXPERIMENTAL_DOMAINKEYS
-extern uschar *dk_signing_domain; /* Domain used for signing a message. */
-extern uschar *dk_signing_selector; /* Selector used for signing a message. */
-extern int dk_do_verify; /* DK verification switch. Set with ACL control statement. */
-#endif
-
-#ifdef EXPERIMENTAL_DKIM
-extern uschar *dkim_signing_domain; /* Domain used for signing a message. */
-extern uschar *dkim_signing_selector; /* Selector used for signing a message. */
-extern int dkim_do_verify; /* DKIM verification switch. Set with ACL control statement. */
+#ifndef DISABLE_DKIM
+extern uschar *dkim_signing_domains; /* Expansion variable, holds colon-separated list of domains that have signed a message */
+extern uschar *dkim_signing_domain; /* Expansion variable, domain used for signing a message. */
+extern uschar *dkim_signing_selector; /* Expansion variable, selector used for signing a message. */
+extern uschar *dkim_verify_signers; /* Colon-separated list of domains for each of which we call the DKIM ACL */
+extern BOOL dkim_collect_input; /* Runtime flag that tracks wether SMTP input is fed to DKIM validation */
+extern BOOL dkim_disable_verify; /* Set via ACL control statement. When set, DKIM verification is disabled for the current message */
#endif
extern uschar *dns_again_means_nonexist; /* Domains that are badly set up */
Index: macros.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/macros.h,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- macros.h 29 Sep 2008 11:41:07 -0000 1.37
+++ macros.h 10 Jun 2009 07:34:04 -0000 1.38
@@ -799,6 +799,7 @@
ACL_WHERE_MAIL, /* ) */
ACL_WHERE_PREDATA, /* ) There are several tests for "in message", */
ACL_WHERE_MIME, /* ) implemented by <= WHERE_NOTSMTP */
+ ACL_WHERE_DKIM, /* ) */
ACL_WHERE_DATA, /* ) */
ACL_WHERE_NOTSMTP, /* ) */
Index: readconf.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/readconf.c,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -r1.35 -r1.36
--- readconf.c 12 Feb 2008 12:52:51 -0000 1.35
+++ readconf.c 10 Jun 2009 07:34:04 -0000 1.36
@@ -142,6 +142,9 @@
{ "acl_smtp_auth", opt_stringptr, &acl_smtp_auth },
{ "acl_smtp_connect", opt_stringptr, &acl_smtp_connect },
{ "acl_smtp_data", opt_stringptr, &acl_smtp_data },
+#ifndef DISABLE_DKIM
+ { "acl_smtp_dkim", opt_stringptr, &acl_smtp_dkim },
+#endif
{ "acl_smtp_etrn", opt_stringptr, &acl_smtp_etrn },
{ "acl_smtp_expn", opt_stringptr, &acl_smtp_expn },
{ "acl_smtp_helo", opt_stringptr, &acl_smtp_helo },
@@ -205,6 +208,9 @@
{ "disable_fsync", opt_bool, &disable_fsync },
#endif
{ "disable_ipv6", opt_bool, &disable_ipv6 },
+#ifndef DISABLE_DKIM
+ { "dkim_verify_signers", opt_stringptr, &dkim_verify_signers },
+#endif
{ "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist },
{ "dns_check_names_pattern", opt_stringptr, &check_dns_names_pattern },
{ "dns_csa_search_limit", opt_int, &dns_csa_search_limit },
Index: receive.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/receive.c,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- receive.c 2 Jan 2009 17:12:03 -0000 1.45
+++ receive.c 10 Jun 2009 07:34:04 -0000 1.46
@@ -11,38 +11,6 @@
#include "exim.h"
-#if (defined EXPERIMENTAL_DOMAINKEYS) && (defined EXPERIMENTAL_DKIM)
-
-#warning Chaining Domainkeys via DKIM receive functions
-#define RECEIVE_GETC dkim_receive_getc
-#define RECEIVE_UNGETC dkim_receive_ungetc
-
-#else
-
-#if (defined EXPERIMENTAL_DOMAINKEYS) || (defined EXPERIMENTAL_DKIM)
-
-#ifdef EXPERIMENTAL_DOMAINKEYS
-#warning Using Domainkeys receive functions
-#define RECEIVE_GETC dk_receive_getc
-#define RECEIVE_UNGETC dk_receive_ungetc
-#endif
-#ifdef EXPERIMENTAL_DKIM
-#warning Using DKIM receive functions
-#define RECEIVE_GETC dkim_receive_getc
-#define RECEIVE_UNGETC dkim_receive_ungetc
-#endif
-
-#else
-
-/* Normal operation */
-#define RECEIVE_GETC receive_getc
-#define RECEIVE_UNGETC receive_ungetc
-
-#endif
-
-#endif
-
-
#ifdef EXPERIMENTAL_DCC
extern int dcc_ok;
#endif
@@ -600,7 +568,7 @@
{
register int last_ch = '\n';
- for (; (ch = (RECEIVE_GETC)()) != EOF; last_ch = ch)
+ for (; (ch = (receive_getc)()) != EOF; last_ch = ch)
{
if (ch == 0) body_zerocount++;
if (last_ch == '\r' && ch != '\n')
@@ -642,7 +610,7 @@
ch_state = 1;
-while ((ch = (RECEIVE_GETC)()) != EOF)
+while ((ch = (receive_getc)()) != EOF)
{
if (ch == 0) body_zerocount++;
switch (ch_state)
@@ -758,7 +726,7 @@
register int ch;
register int linelength = 0;
-while ((ch = (RECEIVE_GETC)()) != EOF)
+while ((ch = (receive_getc)()) != EOF)
{
if (ch == 0) body_zerocount++;
switch (ch_state)
@@ -1416,17 +1384,10 @@
message_linecount = body_linecount = body_zerocount =
max_received_linelength = 0;
-#ifdef EXPERIMENTAL_DOMAINKEYS
-/* Call into DK to set up the context. Check if DK is to be run are carried out
- inside dk_exim_verify_init(). */
-dk_exim_verify_init();
+#ifndef DISABLE_DKIM
+/* Call into DKIM to set up the context. */
+if (smtp_input && !smtp_batched_input && !dkim_disable_verify) dkim_exim_verify_init();
#endif
-#ifdef EXPERIMENTAL_DKIM
-/* Call into DKIM to set up the context. Check if DKIM is to be run are carried out
- inside dk_exim_verify_init(). */
-dkim_exim_verify_init();
-#endif
-
/* Remember the time of reception. Exim uses time+pid for uniqueness of message
ids, and fractions of a second are required. See the comments that precede the
@@ -1476,7 +1437,7 @@
for (;;)
{
- int ch = (RECEIVE_GETC)();
+ int ch = (receive_getc)();
/* If we hit EOF on a SMTP connection, it's an error, since incoming
SMTP must have a correct "." terminator. */
@@ -1540,7 +1501,7 @@
if (ch == '\n')
{
if (first_line_ended_crlf == TRUE_UNSET) first_line_ended_crlf = FALSE;
- else if (first_line_ended_crlf) RECEIVE_UNGETC(' ');
+ else if (first_line_ended_crlf) receive_ungetc(' ');
goto EOL;
}
@@ -1555,13 +1516,13 @@
if (ptr == 0 && ch == '.' && (smtp_input || dot_ends))
{
- ch = (RECEIVE_GETC)();
+ ch = (receive_getc)();
if (ch == '\r')
{
- ch = (RECEIVE_GETC)();
+ ch = (receive_getc)();
if (ch != '\n')
{
- RECEIVE_UNGETC(ch);
+ receive_ungetc(ch);
ch = '\r'; /* Revert to CR */
}
}
@@ -1589,7 +1550,7 @@
if (ch == '\r')
{
- ch = (RECEIVE_GETC)();
+ ch = (receive_getc)();
if (ch == '\n')
{
if (first_line_ended_crlf == TRUE_UNSET) first_line_ended_crlf = TRUE;
@@ -1599,7 +1560,7 @@
/* Otherwise, put back the character after CR, and turn the bare CR
into LF SP. */
- ch = (RECEIVE_UNGETC)(ch);
+ ch = (receive_ungetc)(ch);
next->text[ptr++] = '\n';
message_size++;
ch = ' ';
@@ -1684,14 +1645,14 @@
if (ch != EOF)
{
- int nextch = (RECEIVE_GETC)();
+ int nextch = (receive_getc)();
if (nextch == ' ' || nextch == '\t')
{
next->text[ptr++] = nextch;
message_size++;
continue; /* Iterate the loop */
}
- else if (nextch != EOF) (RECEIVE_UNGETC)(nextch); /* For next time */
+ else if (nextch != EOF) (receive_ungetc)(nextch); /* For next time */
else ch = EOF; /* Cause main loop to exit at end */
}
@@ -3007,15 +2968,65 @@
if (smtp_input && !smtp_batched_input)
{
-#ifdef EXPERIMENTAL_DOMAINKEYS
- dk_exim_verify_finish();
-#endif
-#ifdef EXPERIMENTAL_DKIM
- dkim_exim_verify_finish();
-#endif
+#ifndef DISABLE_DKIM
+ if (!dkim_disable_verify)
+ {
+ /* Finish verification, this will log individual signature results to
+ the mainlog */
+ dkim_exim_verify_finish();
+
+ /* Check if we must run the DKIM ACL */
+ if ((acl_smtp_dkim != NULL) &&
+ (dkim_verify_signers != NULL) &&
+ (dkim_verify_signers[0] != '\0'))
+ {
+ uschar *dkim_verify_signers_expanded =
+ expand_string(dkim_verify_signers);
+ if (dkim_verify_signers_expanded == NULL)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "expansion of dkim_verify_signers option failed: %s",
+ expand_string_message);
+ }
+ else
+ {
+ int sep = 0;
+ uschar *ptr = dkim_verify_signers_expanded;
+ uschar *item = NULL;
+ uschar itembuf[256];
+ while ((item = string_nextinlist(&ptr, &sep,
+ itembuf,
+ sizeof(itembuf))) != NULL)
+ {
+ dkim_exim_acl_setup(item);
+ rc = acl_check(ACL_WHERE_DKIM, NULL, acl_smtp_dkim, &user_msg, &log_msg);
+ if (rc != OK) break;
+ }
+ add_acl_headers(US"DKIM");
+ if (rc == DISCARD)
+ {
+ recipients_count = 0;
+ blackholed_by = US"DKIM ACL";
+ if (log_msg != NULL)
+ blackhole_log_msg = string_sprintf(": %s", log_msg);
+ }
+ else if (rc != OK)
+ {
+ Uunlink(spool_name);
+ if (smtp_handle_acl_fail(ACL_WHERE_DKIM, rc, user_msg, log_msg) != 0)
+ smtp_yield = FALSE; /* No more messsages after dropped connection */
+ smtp_reply = US""; /* Indicate reply already sent */
+ message_id[0] = 0; /* Indicate no message accepted */
+ goto TIDYUP; /* Skip to end of function */
+ }
+ }
+ }
+ }
+#endif /* DISABLE_DKIM */
#ifdef WITH_CONTENT_SCAN
- if (acl_smtp_mime != NULL &&
+ if (recipients_count > 0 &&
+ acl_smtp_mime != NULL &&
!run_mime_acl(acl_smtp_mime, &smtp_yield, &smtp_reply, &blackholed_by))
goto TIDYUP;
#endif /* WITH_CONTENT_SCAN */
@@ -3554,8 +3565,8 @@
if (select(fileno(smtp_in) + 1, &select_check, NULL, NULL, &tv) != 0)
{
- int c = (RECEIVE_GETC)();
- if (c != EOF) (RECEIVE_UNGETC)(c); else
+ int c = (receive_getc)();
+ if (c != EOF) (receive_ungetc)(c); else
{
uschar *msg = US"SMTP connection lost after final dot";
smtp_reply = US""; /* No attempt to send a response */
Index: smtp_in.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/smtp_in.c,v
retrieving revision 1.63
retrieving revision 1.64
diff -u -r1.63 -r1.64
--- smtp_in.c 29 Sep 2008 11:41:07 -0000 1.63
+++ smtp_in.c 10 Jun 2009 07:34:04 -0000 1.64
@@ -264,6 +264,9 @@
else smtp_had_eof = 1;
return EOF;
}
+#ifndef DISABLE_DKIM
+ dkim_exim_verify_feed(smtp_inbuffer, rc);
+#endif
smtp_inend = smtp_inbuffer + rc;
smtp_inptr = smtp_inbuffer;
}
@@ -1037,11 +1040,10 @@
bmi_run = 0;
bmi_verdicts = NULL;
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
-dk_do_verify = 0;
-#endif
-#ifdef EXPERIMENTAL_DKIM
-dkim_do_verify = 0;
+#ifndef DISABLE_DKIM
+dkim_signing_domains = NULL;
+dkim_disable_verify = FALSE;
+dkim_collect_input = FALSE;
#endif
#ifdef EXPERIMENTAL_SPF
spf_header_comment = NULL;
Index: spool_in.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/spool_in.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- spool_in.c 20 Jan 2009 16:09:20 -0000 1.23
+++ spool_in.c 10 Jun 2009 07:34:04 -0000 1.24
@@ -278,12 +278,10 @@
bmi_verdicts = NULL;
#endif
-#ifdef EXPERIMENTAL_DOMAINKEYS
-dk_do_verify = 0;
-#endif
-
-#ifdef EXPERIMENTAL_DKIM
-dkim_do_verify = 0;
+#ifndef DISABLE_DKIM
+dkim_signing_domains = NULL;
+dkim_disable_verify = FALSE;
+dkim_collect_input = FALSE;
#endif
#ifdef SUPPORT_TLS
Index: tls-gnu.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/tls-gnu.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- tls-gnu.c 3 Sep 2008 18:53:29 -0000 1.20
+++ tls-gnu.c 10 Jun 2009 07:34:04 -0000 1.21
@@ -1172,7 +1172,9 @@
ssl_xfer_error = 1;
return EOF;
}
-
+#ifndef DISABLE_DKIM
+ dkim_exim_verify_feed(ssl_xfer_buffer, inbytes);
+#endif
ssl_xfer_buffer_hwm = inbytes;
ssl_xfer_buffer_lwm = 0;
}
Index: tls-openssl.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/tls-openssl.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- tls-openssl.c 3 Sep 2008 18:53:29 -0000 1.13
+++ tls-openssl.c 10 Jun 2009 07:34:04 -0000 1.14
@@ -887,7 +887,9 @@
ssl_xfer_error = 1;
return EOF;
}
-
+#ifndef DISABLE_DKIM
+ dkim_exim_verify_feed(ssl_xfer_buffer, inbytes);
+#endif
ssl_xfer_buffer_hwm = inbytes;
ssl_xfer_buffer_lwm = 0;
}
Index: transport.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/transport.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- transport.c 30 Sep 2008 10:03:55 -0000 1.23
+++ transport.c 10 Jun 2009 07:34:04 -0000 1.24
@@ -941,7 +941,7 @@
}
-#if (defined EXPERIMENTAL_DOMAINKEYS) || (defined EXPERIMENTAL_DKIM)
+#ifndef DISABLE_DKIM
/***************************************************************************************************
* External interface to write the message, while signing it with DKIM and/or Domainkeys *
@@ -965,14 +965,6 @@
0/false => send anyway
uschar *dkim_sign_headers DKIM: List of headers that should be included in signature
generation
- uschar *dk_private_key Domainkeys: The private key to use (filename or plain data)
- uschar *dk_domain Domainkeys: Override domain (normally NULL)
- uschar *dk_selector Domainkeys: The selector to use.
- uschar *dk_canon Domainkeys: The canonalization scheme to use, "simple" or "nofws"
- uschar *dk_headers Domainkeys: Colon-separated header list to include in the signing
- process.
- uschar *dk_strict Domainkeys: What to do if signing fails: 1/true => throw error
- 0/false => send anyway
Returns: TRUE on success; FALSE (with errno) for any failure
*/
@@ -982,9 +974,7 @@
int size_limit, uschar *add_headers, uschar *remove_headers,
uschar *check_string, uschar *escape_string, rewrite_rule *rewrite_rules,
int rewrite_existflags, uschar *dkim_private_key, uschar *dkim_domain,
- uschar *dkim_selector, uschar *dkim_canon, uschar *dkim_strict, uschar *dkim_sign_headers,
- uschar *dk_private_key, uschar *dk_domain, uschar *dk_selector, uschar *dk_canon,
- uschar *dk_headers, uschar *dk_strict
+ uschar *dkim_selector, uschar *dkim_canon, uschar *dkim_strict, uschar *dkim_sign_headers
)
{
int dkim_fd;
@@ -995,12 +985,10 @@
int sread = 0;
int wwritten = 0;
uschar *dkim_signature = NULL;
- uschar *dk_signature = NULL;
off_t size = 0;
- if ( !( ((dkim_private_key != NULL) && (dkim_domain != NULL) && (dkim_selector != NULL)) ||
- ((dk_private_key != NULL) && (dk_selector != NULL)) ) ) {
- /* If we can sign with neither method, just call the original function. */
+ if (!( ((dkim_private_key != NULL) && (dkim_domain != NULL) && (dkim_selector != NULL)) )) {
+ /* If we can't sign, just call the original function. */
return transport_write_message(addr, fd, options,
size_limit, add_headers, remove_headers,
check_string, escape_string, rewrite_rules,
@@ -1031,8 +1019,6 @@
goto CLEANUP;
}
-
- #ifdef EXPERIMENTAL_DKIM
if ( (dkim_private_key != NULL) && (dkim_domain != NULL) && (dkim_selector != NULL) ) {
/* Rewind file and feed it to the goats^W DKIM lib */
lseek(dkim_fd, 0, SEEK_SET);
@@ -1073,49 +1059,6 @@
}
}
}
- #endif
-
- #ifdef EXPERIMENTAL_DOMAINKEYS
- if ( (dk_private_key != NULL) && (dk_selector != NULL) ) {
- /* Rewind file and feed it to the goats^W DK lib */
- lseek(dkim_fd, 0, SEEK_SET);
- dk_signature = dk_exim_sign(dkim_fd,
- dk_private_key,
- dk_domain,
- dk_selector,
- dk_canon);
- if (dk_signature == NULL) {
- if (dk_strict != NULL) {
- uschar *dk_strict_result = expand_string(dk_strict);
- if (dk_strict_result != NULL) {
- if ( (strcmpic(dk_strict,US"1") == 0) ||
- (strcmpic(dk_strict,US"true") == 0) ) {
- save_errno = errno;
- rc = FALSE;
- goto CLEANUP;
- }
- }
- }
- }
- else {
- int siglen = Ustrlen(dk_signature);
- while(siglen > 0) {
- #ifdef SUPPORT_TLS
- if (tls_active == fd) wwritten = tls_write(dk_signature, siglen); else
- #endif
- wwritten = write(fd,dk_signature,siglen);
- if (wwritten == -1) {
- /* error, bail out */
- save_errno = errno;
- rc = FALSE;
- goto CLEANUP;
- }
- siglen -= wwritten;
- dk_signature += wwritten;
- }
- }
- }
- #endif
/* Fetch file positition (the size) */
size = lseek(dkim_fd,0,SEEK_CUR);
@@ -1185,6 +1128,7 @@
errno = save_errno;
return rc;
}
+
#endif
Index: Makefile
===================================================================
RCS file: /home/cvs/exim/exim-src/src/lookups/Makefile,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- Makefile 14 Feb 2008 13:49:35 -0000 1.8
+++ Makefile 10 Jun 2009 07:34:05 -0000 1.9
@@ -5,7 +5,7 @@
# to the lookups subdirectory. When the relevant LOOKUP_ macros are not
# defined, dummy modules get compiled.
-OBJ = cdb.o dbmdb.o dkim.o dnsdb.o dsearch.o ibase.o ldap.o lsearch.o mysql.o nis.o \
+OBJ = cdb.o dbmdb.o dnsdb.o dsearch.o ibase.o ldap.o lsearch.o mysql.o nis.o \
nisplus.o oracle.o passwd.o pgsql.o spf.o sqlite.o testdb.o whoson.o \
lf_check_file.o lf_quote.o lf_sqlperform.o
@@ -25,7 +25,6 @@
cdb.o: $(HDRS) cdb.c cdb.h
dbmdb.o: $(HDRS) dbmdb.c dbmdb.h
-dkim.o: $(HDRS) dkim.c dkim.h
dnsdb.o: $(HDRS) dnsdb.c dnsdb.h
dsearch.o: $(HDRS) dsearch.c dsearch.h
ibase.o: $(HDRS) ibase.c ibase.h
Index: dnsdb.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/lookups/dnsdb.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- dnsdb.c 8 Jan 2007 10:50:19 -0000 1.17
+++ dnsdb.c 10 Jun 2009 07:34:05 -0000 1.18
@@ -303,8 +303,14 @@
if (type == T_TXT)
{
- yield = string_cat(yield, &size, &ptr, (uschar *)(rr->data+1),
- (rr->data)[0]);
+ int data_offset = 0;
+ while (data_offset < rr->size)
+ {
+ uschar chunk_len = (rr->data)[data_offset++];
+ yield = string_cat(yield, &size, &ptr,
+ (uschar *)((rr->data)+data_offset), chunk_len);
+ data_offset += chunk_len;
+ }
}
else /* T_CNAME, T_CSA, T_MX, T_MXH, T_NS, T_PTR, T_SRV */
{
Index: smtp.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/transports/smtp.c,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- smtp.c 2 Jan 2009 17:22:12 -0000 1.41
+++ smtp.c 10 Jun 2009 07:34:05 -0000 1.42
@@ -39,19 +39,7 @@
(void *)offsetof(smtp_transport_options_block, data_timeout) },
{ "delay_after_cutoff", opt_bool,
(void *)offsetof(smtp_transport_options_block, delay_after_cutoff) },
- #if (defined EXPERIMENTAL_DOMAINKEYS) || (defined EXPERIMENTAL_DKIM)
- { "dk_canon", opt_stringptr,
- (void *)offsetof(smtp_transport_options_block, dk_canon) },
- { "dk_domain", opt_stringptr,
- (void *)offsetof(smtp_transport_options_block, dk_domain) },
- { "dk_headers", opt_stringptr,
- (void *)offsetof(smtp_transport_options_block, dk_headers) },
- { "dk_private_key", opt_stringptr,
- (void *)offsetof(smtp_transport_options_block, dk_private_key) },
- { "dk_selector", opt_stringptr,
- (void *)offsetof(smtp_transport_options_block, dk_selector) },
- { "dk_strict", opt_stringptr,
- (void *)offsetof(smtp_transport_options_block, dk_strict) },
+#ifndef DISABLE_DKIM
{ "dkim_canon", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, dkim_canon) },
{ "dkim_domain", opt_stringptr,
@@ -64,7 +52,7 @@
(void *)offsetof(smtp_transport_options_block, dkim_sign_headers) },
{ "dkim_strict", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, dkim_strict) },
- #endif
+#endif
{ "dns_qualify_single", opt_bool,
(void *)offsetof(smtp_transport_options_block, dns_qualify_single) },
{ "dns_search_parents", opt_bool,
@@ -75,14 +63,14 @@
(void *)offsetof(smtp_transport_options_block, final_timeout) },
{ "gethostbyname", opt_bool,
(void *)offsetof(smtp_transport_options_block, gethostbyname) },
- #ifdef SUPPORT_TLS
+#ifdef SUPPORT_TLS
{ "gnutls_require_kx", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, gnutls_require_kx) },
{ "gnutls_require_mac", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, gnutls_require_mac) },
{ "gnutls_require_protocols", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, gnutls_require_proto) },
- #endif
+#endif
{ "helo_data", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, helo_data) },
{ "hosts", opt_stringptr,
@@ -91,28 +79,28 @@
(void *)offsetof(smtp_transport_options_block, hosts_avoid_esmtp) },
{ "hosts_avoid_pipelining", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_avoid_pipelining) },
- #ifdef SUPPORT_TLS
+#ifdef SUPPORT_TLS
{ "hosts_avoid_tls", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_avoid_tls) },
- #endif
+#endif
{ "hosts_max_try", opt_int,
(void *)offsetof(smtp_transport_options_block, hosts_max_try) },
{ "hosts_max_try_hardlimit", opt_int,
(void *)offsetof(smtp_transport_options_block, hosts_max_try_hardlimit) },
- #ifdef SUPPORT_TLS
+#ifdef SUPPORT_TLS
{ "hosts_nopass_tls", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_nopass_tls) },
- #endif
+#endif
{ "hosts_override", opt_bool,
(void *)offsetof(smtp_transport_options_block, hosts_override) },
{ "hosts_randomize", opt_bool,
(void *)offsetof(smtp_transport_options_block, hosts_randomize) },
{ "hosts_require_auth", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_require_auth) },
- #ifdef SUPPORT_TLS
+#ifdef SUPPORT_TLS
{ "hosts_require_tls", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_require_tls) },
- #endif
+#endif
{ "hosts_try_auth", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_try_auth) },
{ "interface", opt_stringptr,
@@ -135,7 +123,7 @@
(void *)offsetof(smtp_transport_options_block, serialize_hosts) },
{ "size_addition", opt_int,
(void *)offsetof(smtp_transport_options_block, size_addition) }
- #ifdef SUPPORT_TLS
+#ifdef SUPPORT_TLS
,{ "tls_certificate", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, tls_certificate) },
{ "tls_crl", opt_stringptr,
@@ -148,7 +136,7 @@
(void *)offsetof(smtp_transport_options_block, tls_tempfail_tryclear) },
{ "tls_verify_certificates", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, tls_verify_certificates) }
- #endif
+#endif
};
/* Size of the options list. An extern variable has to be used so that its
@@ -196,7 +184,7 @@
TRUE, /* keepalive */
FALSE, /* lmtp_ignore_quota */
TRUE /* retry_include_ip_address */
- #ifdef SUPPORT_TLS
+#ifdef SUPPORT_TLS
,NULL, /* tls_certificate */
NULL, /* tls_crl */
NULL, /* tls_privatekey */
@@ -206,21 +194,15 @@
NULL, /* gnutls_require_proto */
NULL, /* tls_verify_certificates */
TRUE /* tls_tempfail_tryclear */
- #endif
- #if (defined EXPERIMENTAL_DOMAINKEYS) || (defined EXPERIMENTAL_DKIM)
- ,NULL, /* dk_canon */
- NULL, /* dk_domain */
- NULL, /* dk_headers */
- NULL, /* dk_private_key */
- NULL, /* dk_selector */
- NULL /* dk_strict */
+#endif
+#ifndef DISABLE_DKIM
,NULL, /* dkim_canon */
NULL, /* dkim_domain */
NULL, /* dkim_private_key */
NULL, /* dkim_selector */
NULL, /* dkim_sign_headers */
NULL /* dkim_strict */
- #endif
+#endif
};
@@ -1592,7 +1574,7 @@
DEBUG(D_transport|D_v)
debug_printf(" SMTP>> writing message and terminating \".\"\n");
transport_count = 0;
-#if (defined EXPERIMENTAL_DOMAINKEYS) || (defined EXPERIMENTAL_DKIM)
+#ifndef DISABLE_DKIM
ok = dkim_transport_write_message(addrlist, inblock.sock,
topt_use_crlf | topt_end_dot | topt_escape_headers |
(tblock->body_only? topt_no_headers : 0) |
@@ -1605,9 +1587,7 @@
US".", US"..", /* Escaping strings */
tblock->rewrite_rules, tblock->rewrite_existflags,
ob->dkim_private_key, ob->dkim_domain, ob->dkim_selector,
- ob->dkim_canon, ob->dkim_strict, ob->dkim_sign_headers,
- ob->dk_private_key, ob->dk_domain, ob->dk_selector,
- ob->dk_canon, ob->dk_headers, ob->dk_strict
+ ob->dkim_canon, ob->dkim_strict, ob->dkim_sign_headers
);
#else
ok = transport_write_message(addrlist, inblock.sock,
Index: smtp.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/transports/smtp.h,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- smtp.h 5 Mar 2008 21:13:23 -0000 1.14
+++ smtp.h 10 Jun 2009 07:34:05 -0000 1.15
@@ -57,13 +57,7 @@
uschar *tls_verify_certificates;
BOOL tls_tempfail_tryclear;
#endif
- #if (defined EXPERIMENTAL_DOMAINKEYS) || (defined EXPERIMENTAL_DKIM)
- uschar *dk_domain;
- uschar *dk_private_key;
- uschar *dk_selector;
- uschar *dk_canon;
- uschar *dk_headers;
- uschar *dk_strict;
+ #ifndef DISABLE_DKIM
uschar *dkim_domain;
uschar *dkim_private_key;
uschar *dkim_selector;
