tom 2009/10/15 09:06:23 BST
Modified files:
exim-src/src acl.c dkim.c dkim.h expand.c globals.c
globals.h receive.c smtp_in.c spool_in.c
Log:
Fix dkim_signers condition logic / Renamed dkim_signing_domains to dkim_signers
Revision Changes Path
1.85 +2 -11 exim/exim-src/src/acl.c
1.5 +27 -16 exim/exim-src/src/dkim.c
1.3 +2 -0 exim/exim-src/src/dkim.h
1.102 +1 -1 exim/exim-src/src/expand.c
1.83 +2 -2 exim/exim-src/src/globals.c
1.64 +1 -1 exim/exim-src/src/globals.h
1.47 +11 -0 exim/exim-src/src/receive.c
1.65 +1 -1 exim/exim-src/src/smtp_in.c
1.25 +1 -1 exim/exim-src/src/spool_in.c
Index: acl.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/acl.c,v
retrieving revision 1.84
retrieving revision 1.85
diff -u -r1.84 -r1.85
--- acl.c 14 Oct 2009 14:48:41 -0000 1.84
+++ acl.c 15 Oct 2009 08:06:23 -0000 1.85
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/acl.c,v 1.84 2009/10/14 14:48:41 nm4 Exp $ */
+/* $Cambridge: exim/exim-src/src/acl.c,v 1.85 2009/10/15 08:06:23 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -2789,20 +2789,11 @@
#ifndef DISABLE_DKIM
case ACLC_DKIM_SIGNER:
- if (dkim_signing_domain != NULL)
- {
- rc = match_isinlist(dkim_signing_domain,
+ if (dkim_cur_signer != NULL)
+ rc = match_isinlist(dkim_cur_signer,
&arg,0,NULL,NULL,MCL_STRING,TRUE,NULL);
- if (rc == FAIL)
- {
- rc = match_isinlist(dkim_exim_expand_query(DKIM_IDENTITY),
- &arg,0,NULL,NULL,MCL_STRING,TRUE,NULL);
- }
- }
else
- {
rc = FAIL;
- }
break;
case ACLC_DKIM_STATUS:
Index: dkim.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/dkim.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- dkim.c 13 Oct 2009 18:32:05 -0000 1.4
+++ dkim.c 15 Oct 2009 08:06:23 -0000 1.5
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/dkim.c,v 1.4 2009/10/13 18:32:05 tom Exp $ */
+/* $Cambridge: exim/exim-src/src/dkim.c,v 1.5 2009/10/15 08:06:23 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -19,6 +19,7 @@
pdkim_ctx *dkim_verify_ctx = NULL;
pdkim_signature *dkim_signatures = NULL;
pdkim_signature *dkim_cur_sig = NULL;
+uschar *dkim_cur_signer = NULL;
int dkim_exim_query_dns_txt(char *name, char *answer) {
dns_answer dnsa;
@@ -81,9 +82,9 @@
void dkim_exim_verify_finish(void) {
pdkim_signature *sig = NULL;
- int dkim_signing_domains_size = 0;
- int dkim_signing_domains_ptr = 0;
- dkim_signing_domains = NULL;
+ int dkim_signers_size = 0;
+ int dkim_signers_ptr = 0;
+ dkim_signers = NULL;
/* Delete eventual previous signature chain */
dkim_signatures = NULL;
@@ -178,32 +179,42 @@
logmsg[ptr] = '\0';
log_write(0, LOG_MAIN, (char *)logmsg);
- /* Build a colon-separated list of signing domains in dkim_signing_domains */
- dkim_signing_domains = string_append(dkim_signing_domains,
- &dkim_signing_domains_size,
- &dkim_signing_domains_ptr,
- 2,
- sig->domain,
- ":"
- );
+ /* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */
+ dkim_signers = string_append(dkim_signers,
+ &dkim_signers_size,
+ &dkim_signers_ptr,
+ 2,
+ sig->domain,
+ ":"
+ );
+
+ if (sig->identity != NULL) {
+ dkim_signers = string_append(dkim_signers,
+ &dkim_signers_size,
+ &dkim_signers_ptr,
+ 2,
+ sig->identity,
+ ":"
+ );
+ }
/* Process next signature */
sig = sig->next;
}
/* Chop the last colon from the domain list */
- if ((dkim_signing_domains != NULL) &&
- (Ustrlen(dkim_signing_domains) > 0))
- dkim_signing_domains[Ustrlen(dkim_signing_domains)-1] = '\0';
+ if ((dkim_signers != NULL) &&
+ (Ustrlen(dkim_signers) > 0))
+ dkim_signers[Ustrlen(dkim_signers)-1] = '\0';
}
void dkim_exim_acl_setup(uschar *id) {
pdkim_signature *sig = dkim_signatures;
dkim_cur_sig = NULL;
+ dkim_cur_signer = id;
if (dkim_disable_verify ||
- !id || !sig ||
- !dkim_verify_ctx) return;
+ !id || !dkim_verify_ctx) return;
/* Find signature to run ACL on */
while (sig != NULL) {
uschar *cmp_val = NULL;
Index: dkim.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/dkim.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- dkim.h 10 Jun 2009 07:34:04 -0000 1.2
+++ dkim.h 15 Oct 2009 08:06:23 -0000 1.3
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/dkim.h,v 1.2 2009/06/10 07:34:04 tom Exp $ */
+/* $Cambridge: exim/exim-src/src/dkim.h,v 1.3 2009/10/15 08:06:23 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -15,6 +15,8 @@
uschar *dkim_exim_expand_query(int);
uschar *dkim_exim_expand_defaults(int);
+extern uschar *dkim_cur_signer;
+
#define DKIM_ALGO 1
#define DKIM_BODYLENGTH 2
#define DKIM_CANON_BODY 3
Index: expand.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/expand.c,v
retrieving revision 1.101
retrieving revision 1.102
diff -u -r1.101 -r1.102
--- expand.c 14 Oct 2009 14:48:41 -0000 1.101
+++ expand.c 15 Oct 2009 08:06:23 -0000 1.102
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/expand.c,v 1.101 2009/10/14 14:48:41 nm4 Exp $ */
+/* $Cambridge: exim/exim-src/src/expand.c,v 1.102 2009/10/15 08:06:23 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -423,7 +423,7 @@
{ "dkim_key_srvtype", vtype_dkim, (void *)DKIM_KEY_SRVTYPE },
{ "dkim_key_testing", vtype_dkim, (void *)DKIM_KEY_TESTING },
{ "dkim_selector", vtype_stringptr, &dkim_signing_selector },
- { "dkim_signing_domains",vtype_stringptr, &dkim_signing_domains },
+ { "dkim_signers", vtype_stringptr, &dkim_signers },
{ "dkim_verify_reason", vtype_dkim, (void *)DKIM_VERIFY_REASON },
{ "dkim_verify_status", vtype_dkim, (void *)DKIM_VERIFY_STATUS},
#endif
Index: globals.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/globals.c,v
retrieving revision 1.82
retrieving revision 1.83
diff -u -r1.82 -r1.83
--- globals.c 10 Jun 2009 07:34:04 -0000 1.82
+++ globals.c 15 Oct 2009 08:06:23 -0000 1.83
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/globals.c,v 1.82 2009/06/10 07:34:04 tom Exp $ */
+/* $Cambridge: exim/exim-src/src/globals.c,v 1.83 2009/10/15 08:06:23 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -532,10 +532,10 @@
BOOL disable_logging = FALSE;
#ifndef DISABLE_DKIM
-uschar *dkim_signing_domains = NULL;
+uschar *dkim_signers = NULL;
uschar *dkim_signing_domain = NULL;
uschar *dkim_signing_selector = NULL;
-uschar *dkim_verify_signers = US"$dkim_signing_domains";
+uschar *dkim_verify_signers = US"$dkim_signers";
BOOL dkim_collect_input = FALSE;
BOOL dkim_disable_verify = FALSE;
#endif
Index: globals.h
===================================================================
RCS file: /home/cvs/exim/exim-src/src/globals.h,v
retrieving revision 1.63
retrieving revision 1.64
diff -u -r1.63 -r1.64
--- globals.h 10 Jun 2009 07:34:04 -0000 1.63
+++ globals.h 15 Oct 2009 08:06:23 -0000 1.64
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/globals.h,v 1.63 2009/06/10 07:34:04 tom Exp $ */
+/* $Cambridge: exim/exim-src/src/globals.h,v 1.64 2009/10/15 08:06:23 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -299,7 +299,7 @@
extern BOOL disable_logging; /* Disables log writing when TRUE */
#ifndef DISABLE_DKIM
-extern uschar *dkim_signing_domains; /* Expansion variable, holds colon-separated list of domains that have signed a message */
+extern uschar *dkim_signers; /* Expansion variable, holds colon-separated list of domains and identities that have signed a message */
extern uschar *dkim_signing_domain; /* Expansion variable, domain used for signing a message. */
extern uschar *dkim_signing_selector; /* Expansion variable, selector used for signing a message. */
extern uschar *dkim_verify_signers; /* Colon-separated list of domains for each of which we call the DKIM ACL */
Index: receive.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/receive.c,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- receive.c 10 Jun 2009 07:34:04 -0000 1.46
+++ receive.c 15 Oct 2009 08:06:23 -0000 1.47
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/receive.c,v 1.46 2009/06/10 07:34:04 tom Exp $ */
+/* $Cambridge: exim/exim-src/src/receive.c,v 1.47 2009/10/15 08:06:23 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -2993,11 +2993,22 @@
int sep = 0;
uschar *ptr = dkim_verify_signers_expanded;
uschar *item = NULL;
+ uschar *seen_items = NULL;
+ int seen_items_size = 0;
+ int seen_items_offset = 0;
uschar itembuf[256];
while ((item = string_nextinlist(&ptr, &sep,
itembuf,
sizeof(itembuf))) != NULL)
{
+ /* Only run ACL once for each domain or identity, no matter how often it
+ appears in the expanded list. */
+ if (seen_items != NULL) {
+ if (match_isinlist(item,
+ &seen_items,0,NULL,NULL,MCL_STRING,TRUE,NULL) == OK) continue;
+ string_cat(seen_items,&seen_items_size,&seen_items_offset,":",1);
+ }
+ string_cat(seen_items,&seen_items_size,&seen_items_offset,item,Ustrlen(item));
dkim_exim_acl_setup(item);
rc = acl_check(ACL_WHERE_DKIM, NULL, acl_smtp_dkim, &user_msg, &log_msg);
if (rc != OK) break;
Index: smtp_in.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/smtp_in.c,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -r1.64 -r1.65
--- smtp_in.c 10 Jun 2009 07:34:04 -0000 1.64
+++ smtp_in.c 15 Oct 2009 08:06:23 -0000 1.65
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/smtp_in.c,v 1.64 2009/06/10 07:34:04 tom Exp $ */
+/* $Cambridge: exim/exim-src/src/smtp_in.c,v 1.65 2009/10/15 08:06:23 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -1041,7 +1041,7 @@
bmi_verdicts = NULL;
#endif
#ifndef DISABLE_DKIM
-dkim_signing_domains = NULL;
+dkim_signers = NULL;
dkim_disable_verify = FALSE;
dkim_collect_input = FALSE;
#endif
Index: spool_in.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/spool_in.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- spool_in.c 10 Jun 2009 07:34:04 -0000 1.24
+++ spool_in.c 15 Oct 2009 08:06:23 -0000 1.25
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/spool_in.c,v 1.24 2009/06/10 07:34:04 tom Exp $ */
+/* $Cambridge: exim/exim-src/src/spool_in.c,v 1.25 2009/10/15 08:06:23 tom Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -279,7 +279,7 @@
#endif
#ifndef DISABLE_DKIM
-dkim_signing_domains = NULL;
+dkim_signers = NULL;
dkim_disable_verify = FALSE;
dkim_collect_input = FALSE;
#endif
