Gitweb:
https://git.exim.org/exim.git/commitdiff/49e56fb37f587bf0e69d2fbe76fa0793f898c26f
Commit: 49e56fb37f587bf0e69d2fbe76fa0793f898c26f
Parent: 79f9c6442c53839fb74d3414af4cb5c226bc6ce6
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Thu Jun 21 17:03:38 2018 +0100
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Thu Jun 21 17:09:41 2018 +0100
DKIM: Fix signing for body lines starting with a pair of dots. Bug 2284
Broken-by: 42055a3385
---
doc/doc-txt/ChangeLog | 2 ++
src/src/dkim_transport.c | 9 +++++++--
test/log/4520 | 14 ++++++++++++--
test/mail/4520.a | 17 -----------------
test/scripts/4500-DKIM/4520 | 9 ++++++++-
5 files changed, 29 insertions(+), 22 deletions(-)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 5303b2d..96508ff 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -66,6 +66,8 @@ JH/13 For receent Openssl versions (1.1 onward) use modern generic protocol
now-deprecated earlier definitions used only specified the range up to TLS
1.2 (in the older-version library docs).
+JH/14 Bug 2284: Fix DKIM signing for body lines starting with a pair of dots.
+
Exim version 4.91
-----------------
diff --git a/src/src/dkim_transport.c b/src/src/dkim_transport.c
index c35ba1e..0e9c381 100644
--- a/src/src/dkim_transport.c
+++ b/src/src/dkim_transport.c
@@ -154,7 +154,10 @@ if (!rc) return FALSE;
arc_sign_init();
#endif
-dkim->dot_stuffed = !!(save_options & topt_end_dot);
+/* The dotstuffed status of the datafile depends on whether it was stored
+in wireformat. */
+
+dkim->dot_stuffed = spool_file_wireformat;
if (!(dkim_signature = dkim_exim_sign(deliver_datafile, SPOOL_DATA_START_OFFSET,
hdrs, dkim, &errstr)))
if (!(rc = dkt_sign_fail(dkim, &errno)))
@@ -272,7 +275,9 @@ if (!rc)
arc_sign_init();
#endif
-/* Feed the file to the goats^W DKIM lib */
+/* Feed the file to the goats^W DKIM lib. At this point the dotstuffed
+status of the file depends on the output of transport_write_message() just
+above, which should be the result of the end_dot flag in tctx->options. */
dkim->dot_stuffed = !!(options & topt_end_dot);
if (!(dkim_signature = dkim_exim_sign(dkim_fd, 0, NULL, dkim, &errstr)))
diff --git a/test/log/4520 b/test/log/4520
index d583933..f49af25 100644
--- a/test/log/4520
+++ b/test/log/4520
@@ -20,8 +20,11 @@
1999-03-02 09:44:33 10HmbJ-0005vi-00 => d@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] C="250 OK id=10HmbK-0005vi-00"
1999-03-02 09:44:33 10HmbJ-0005vi-00 Completed
1999-03-02 09:44:33 10HmbL-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
-1999-03-02 09:44:33 10HmbL-0005vi-00 => a@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] C="250 OK id=10HmbM-0005vi-00"
+1999-03-02 09:44:33 10HmbL-0005vi-00 => e@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] C="250 OK id=10HmbM-0005vi-00"
1999-03-02 09:44:33 10HmbL-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbN-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbN-0005vi-00 => f@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] C="250 OK id=10HmbO-0005vi-00"
+1999-03-02 09:44:33 10HmbN-0005vi-00 Completed
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
@@ -78,5 +81,12 @@
1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
1999-03-02 09:44:33 10HmbM-0005vi-00 data acl: dkim status
1999-03-02 09:44:33 10HmbM-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbL-0005vi-00@???
-1999-03-02 09:44:33 10HmbM-0005vi-00 => a <a@???> R=server_store T=file
+1999-03-02 09:44:33 10HmbM-0005vi-00 => e <e@???> R=server_store T=file
1999-03-02 09:44:33 10HmbM-0005vi-00 Completed
+1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
+1999-03-02 09:44:33 10HmbO-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
+1999-03-02 09:44:33 10HmbO-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmbO-0005vi-00 data acl: dkim status pass
+1999-03-02 09:44:33 10HmbO-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbN-0005vi-00@???
+1999-03-02 09:44:33 10HmbO-0005vi-00 => f <f@???> R=server_store T=file
+1999-03-02 09:44:33 10HmbO-0005vi-00 Completed
diff --git a/test/mail/4520.a b/test/mail/4520.a
index f33057d..430033f 100644
--- a/test/mail/4520.a
+++ b/test/mail/4520.a
@@ -21,20 +21,3 @@ Date: Tue, 2 Mar 1999 09:44:33 +0000
content
-From CALLER@??? Tue Mar 02 09:44:33 1999
-Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
- by myhost.test.ex with esmtp (Exim x.yz)
- (envelope-from <CALLER@???>)
- id 10HmbM-0005vi-00
- for a@???; Tue, 2 Mar 1999 09:44:33 +0000
-Received: from CALLER by myhost.test.ex with local (Exim x.yz)
- (envelope-from <CALLER@???>)
- id 10HmbL-0005vi-00
- for a@???; Tue, 2 Mar 1999 09:44:33 +0000
-From: nobody@???
-Message-Id: <E10HmbL-0005vi-00@???>
-Sender: CALLER_NAME <CALLER@???>
-Date: Tue, 2 Mar 1999 09:44:33 +0000
-
-content
-
diff --git a/test/scripts/4500-DKIM/4520 b/test/scripts/4500-DKIM/4520
index 8e60f4b..8f962a0 100644
--- a/test/scripts/4500-DKIM/4520
+++ b/test/scripts/4500-DKIM/4520
@@ -67,12 +67,19 @@ content
****
#
# check that an empty dkim_privatekey overrides dkim_strict
-exim -DOPT=From -DSTRICT=true -DSELECTOR=none -odf a@???
+exim -DOPT=From -DSTRICT=true -DSELECTOR=none -odf e@???
From: nobody@???
content
****
#
+# single header signed, body line starting with dot
+exim -DOPT=From -odf f@???
+From: nobody@???
+
+..content
+****
+#
millisleep 500
killdaemon
no_msglog_check