Gitweb:
https://git.exim.org/exim.git/commitdiff/b367453a08bff7123dfe0b841de290e17372ad7c
Commit: b367453a08bff7123dfe0b841de290e17372ad7c
Parent: 15a44d749b2f4097d43c2d887b6c5bca2d0d8b4a
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Tue Aug 10 21:32:18 2021 +0100
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Wed Aug 11 00:07:45 2021 +0100
DKIM: fix verify under TLS & chunking, with pipelined next command
---
doc/doc-txt/ChangeLog | 5 ++++
src/src/dkim.c | 7 ++++--
src/src/functions.h | 4 +--
src/src/globals.c | 2 +-
src/src/globals.h | 2 +-
src/src/smtp_in.c | 8 +++---
src/src/tls-gnu.c | 5 +++-
src/src/tls-openssl.c | 5 +++-
test/aux-fixed/4535.mlistfooter | 4 +++
test/confs/4530 | 6 +++++
test/confs/4535 | 4 +++
test/confs/4539 | 6 ++++-
test/log/4530 | 40 +++++++-----------------------
test/log/4531 | 4 +--
test/log/4533 | 6 +----
test/log/4534 | 6 +----
test/log/4535 | 54 ++++++++++++++++++++---------------------
test/log/4539 | 16 +++++-------
test/mail/4535.b | 35 +++++++++++++++++++++++---
test/mail/4535.c | 35 +++++++++++++++++++++++---
test/mail/4539.y | 9 ++++---
test/mail/4539.z | 9 ++++---
test/scripts/4520-TLS-DKIM/4539 | 4 ++-
test/stderr/4530 | 6 +----
test/stdout/4539 | 6 +++--
25 files changed, 174 insertions(+), 114 deletions(-)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 89df375..5fa8040 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -327,6 +327,11 @@ JH/57 Fix control=fakreject for a custom message containing tainted data.
JH/58 GnuTLS: Fix certextract expansion. If a second modifier after a tag
modifier was given, a loop resulted.
+JH/59 DKIM: Fix small-message verification under TLS with chunking. If a
+ pipelined SMTP command followed the BDAT LAST then it would be
+ incorrrectly treated as part of the message body, causing a verification
+ fail.
+
Exim version 4.94
-----------------
diff --git a/src/src/dkim.c b/src/src/dkim.c
index 63b0ba6..5b7f17b 100644
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -128,13 +128,16 @@ dkim_verify_ctx = pdkim_init_verify(&dkim_exim_query_dns_txt, dot_stuffing);
dkim_collect_input = dkim_verify_ctx ? DKIM_MAX_SIGNATURES : 0;
dkim_collect_error = NULL;
-/* Start feed up with any cached data */
-receive_get_cache();
+/* Start feed up with any cached data, but limited to message data */
+receive_get_cache(chunking_state == CHUNKING_LAST
+ ? chunking_data_left : GETC_BUFFER_UNLIMITED);
store_pool = dkim_verify_oldpool;
}
+/* Submit a chunk of data for verification input.
+Only use the data when the feed is activated. */
void
dkim_exim_verify_feed(uschar * data, int len)
{
diff --git a/src/src/functions.h b/src/src/functions.h
index 0744697..f57379e 100644
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -67,7 +67,7 @@ extern uschar *tls_field_from_dn(uschar *, const uschar *);
extern void tls_free_cert(void **);
extern int tls_getc(unsigned);
extern uschar *tls_getbuf(unsigned *);
-extern void tls_get_cache(void);
+extern void tls_get_cache(unsigned);
extern BOOL tls_import_cert(const uschar *, void **);
extern BOOL tls_is_name_for_cert(const uschar *, void *);
# ifdef USE_OPENSSL
@@ -493,7 +493,7 @@ extern BOOL smtp_get_interface(uschar *, int, address_item *,
extern BOOL smtp_get_port(uschar *, address_item *, int *, uschar *);
extern int smtp_getc(unsigned);
extern uschar *smtp_getbuf(unsigned *);
-extern void smtp_get_cache(void);
+extern void smtp_get_cache(unsigned);
extern int smtp_handle_acl_fail(int, int, uschar *, uschar *);
extern void smtp_log_no_mail(void);
extern void smtp_message_code(uschar **, int *, uschar **, uschar **, BOOL);
diff --git a/src/src/globals.c b/src/src/globals.c
index c3e8a16..5d9f7f8 100644
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -176,7 +176,7 @@ uschar * (*lwr_receive_getbuf)(unsigned *) = NULL;
int (*lwr_receive_ungetc)(int) = stdin_ungetc;
int (*receive_getc)(unsigned) = stdin_getc;
uschar * (*receive_getbuf)(unsigned *) = NULL;
-void (*receive_get_cache)(void)= NULL;
+void (*receive_get_cache)(unsigned) = NULL;
int (*receive_ungetc)(int) = stdin_ungetc;
int (*receive_feof)(void) = stdin_feof;
int (*receive_ferror)(void) = stdin_ferror;
diff --git a/src/src/globals.h b/src/src/globals.h
index d5d9314..b610ac0 100644
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -164,7 +164,7 @@ extern uschar * (*lwr_receive_getbuf)(unsigned *);
extern int (*lwr_receive_ungetc)(int);
extern int (*receive_getc)(unsigned);
extern uschar * (*receive_getbuf)(unsigned *);
-extern void (*receive_get_cache)(void);
+extern void (*receive_get_cache)(unsigned);
extern int (*receive_ungetc)(int);
extern int (*receive_feof)(void);
extern int (*receive_ferror)(void);
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index ee248c5..ffda0ec 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -581,12 +581,12 @@ return buf;
}
void
-smtp_get_cache(void)
+smtp_get_cache(unsigned lim)
{
#ifndef DISABLE_DKIM
int n = smtp_inend - smtp_inptr;
-if (chunking_state == CHUNKING_LAST && chunking_data_left < n)
- n = chunking_data_left;
+if (n > lim)
+ n = lim;
if (n > 0)
dkim_exim_verify_feed(smtp_inptr, n);
#endif
@@ -661,7 +661,9 @@ for(;;)
if (chunking_state == CHUNKING_LAST)
{
#ifndef DISABLE_DKIM
+ dkim_collect_input = dkim_save;
dkim_exim_verify_feed(NULL, 0); /* notify EOD */
+ dkim_collect_input = 0;
#endif
return EOD;
}
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 7d434f6..796581b 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -3877,12 +3877,15 @@ return buf;
}
+/* Get up to the given number of bytes from any cached data, and feed to dkim. */
void
-tls_get_cache(void)
+tls_get_cache(unsigned lim)
{
#ifndef DISABLE_DKIM
exim_gnutls_state_st * state = &state_server;
int n = state->xfer_buffer_hwm - state->xfer_buffer_lwm;
+if (n > lim)
+ n = lim;
if (n > 0)
dkim_exim_verify_feed(state->xfer_buffer+state->xfer_buffer_lwm, n);
#endif
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 89f11ce..298d8d4 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -4146,10 +4146,13 @@ return buf;
void
-tls_get_cache(void)
+tls_get_cache(unsigned lim)
{
#ifndef DISABLE_DKIM
int n = ssl_xfer_buffer_hwm - ssl_xfer_buffer_lwm;
+debug_printf("tls_get_cache\n");
+if (n > lim)
+ n = lim;
if (n > 0)
dkim_exim_verify_feed(ssl_xfer_buffer+ssl_xfer_buffer_lwm, n);
#endif
diff --git a/test/aux-fixed/4535.mlistfooter b/test/aux-fixed/4535.mlistfooter
new file mode 100644
index 0000000..7c33b82
--- /dev/null
+++ b/test/aux-fixed/4535.mlistfooter
@@ -0,0 +1,4 @@
+
+--
+This is a generic mailinglist footer, using a traditional .sig-separator line
+----
diff --git a/test/confs/4530 b/test/confs/4530
index daa9218..c27fb95 100644
--- a/test/confs/4530
+++ b/test/confs/4530
@@ -22,6 +22,9 @@ dkim_verify_minimal = true
DDIR=DIR/aux-fixed/dkim
+tls_certificate = DIR/aux-fixed/cert1
+tls_privatekey = DIR/aux-fixed/cert1
+
log_selector = -dkim +dkim_verbose +received_recipients
# ----- Routers
@@ -48,6 +51,9 @@ send_to_server:
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = *
+ tls_verify_certificates = DIR/aux-fixed/cert1
+ tls_verify_cert_hostnames = :
+
dkim_domain = test.ex
.ifdef SELECTOR
diff --git a/test/confs/4535 b/test/confs/4535
index 62c06fc..bafcc53 100644
--- a/test/confs/4535
+++ b/test/confs/4535
@@ -27,6 +27,8 @@ pipelining_connect_advertise_hosts = :
dmarc_tld_file =
.endif
tls_advertise_hosts = *
+tls_certificate = DIR/aux-fixed/cert1
+tls_privatekey = DIR/aux-fixed/cert1
primary_hostname = myhost.test.ex
@@ -67,6 +69,8 @@ send_to_server:
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = *
+ tls_verify_certificates = DIR/aux-fixed/cert1
+ tls_verify_cert_hostnames = :
.ifdef FILTER
transport_filter = /bin/cat - DIR/aux-fixed/TESTNUM.mlistfooter
diff --git a/test/confs/4539 b/test/confs/4539
index 57f359f..571ddc2 100644
--- a/test/confs/4539
+++ b/test/confs/4539
@@ -1,4 +1,4 @@
-# Exim test configuration 0906
+# Exim test configuration 4539
SERVER=
exim_path = EXIM_PATH
@@ -91,6 +91,8 @@ remote_smtp:
port = PORT_D
hosts_try_fastopen = :
allow_localhost
+ tls_verify_certificates = DIR/aux-fixed/cert1
+ tls_verify_cert_hostnames = :
remote_smtp_dkim:
driver = smtp
@@ -98,6 +100,8 @@ remote_smtp_dkim:
port = PORT_D
hosts_try_fastopen = :
allow_localhost
+ tls_verify_certificates = DIR/aux-fixed/cert1
+ tls_verify_cert_hostnames = :
.ifdef OPT
dkim_domain = test.ex
diff --git a/test/log/4530 b/test/log/4530
index 8b739e9..f8695ac 100644
--- a/test/log/4530
+++ b/test/log/4530
@@ -1,41 +1,25 @@
1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for a@???
-1999-03-02 09:44:33 10HmaY-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaY-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaY-0005vi-00 => a@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmaZ-0005vi-00"
+1999-03-02 09:44:33 10HmaY-0005vi-00 => a@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaZ-0005vi-00"
1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for b@???
-1999-03-02 09:44:33 10HmbA-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbA-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbA-0005vi-00 => b@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbB-0005vi-00"
+1999-03-02 09:44:33 10HmbA-0005vi-00 => b@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbB-0005vi-00"
1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for b10@???
-1999-03-02 09:44:33 10HmbC-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbC-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbC-0005vi-00 => b10@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbD-0005vi-00"
+1999-03-02 09:44:33 10HmbC-0005vi-00 => b10@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbD-0005vi-00"
1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for b12@???
-1999-03-02 09:44:33 10HmbE-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbE-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbE-0005vi-00 => b12@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbF-0005vi-00"
+1999-03-02 09:44:33 10HmbE-0005vi-00 => b12@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbF-0005vi-00"
1999-03-02 09:44:33 10HmbE-0005vi-00 Completed
1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for b20@???
-1999-03-02 09:44:33 10HmbG-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbG-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbG-0005vi-00 => b20@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbH-0005vi-00"
+1999-03-02 09:44:33 10HmbG-0005vi-00 => b20@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbH-0005vi-00"
1999-03-02 09:44:33 10HmbG-0005vi-00 Completed
1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for b22@???
-1999-03-02 09:44:33 10HmbI-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbI-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbI-0005vi-00 => b22@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbJ-0005vi-00"
+1999-03-02 09:44:33 10HmbI-0005vi-00 => b22@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbJ-0005vi-00"
1999-03-02 09:44:33 10HmbI-0005vi-00 Completed
1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for d@???
-1999-03-02 09:44:33 10HmbK-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbK-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbK-0005vi-00 => d@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbL-0005vi-00"
+1999-03-02 09:44:33 10HmbK-0005vi-00 => d@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbL-0005vi-00"
1999-03-02 09:44:33 10HmbK-0005vi-00 Completed
1999-03-02 09:44:33 10HmaX-0005vi-00 <= <> U=CALLER P=local S=sss for e0@???
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
1999-03-02 09:44:33 10HmaX-0005vi-00 failed to expand dkim_timestamps: unknown variable in "${bogus}"
1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: message could not be signed, and dkim_strict is set. Deferring message delivery.
1999-03-02 09:44:33 10HmaX-0005vi-00 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]: send() to ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] failed: failed to expand dkim_timestamps: unknown variable in "${bogus}": Permission denied
@@ -44,19 +28,13 @@
1999-03-02 09:44:33 10HmaX-0005vi-00 e0@???: error ignored
1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
1999-03-02 09:44:33 10HmbM-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for e@???
-1999-03-02 09:44:33 10HmbM-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbM-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbM-0005vi-00 => e@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbN-0005vi-00"
+1999-03-02 09:44:33 10HmbM-0005vi-00 => e@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbN-0005vi-00"
1999-03-02 09:44:33 10HmbM-0005vi-00 Completed
1999-03-02 09:44:33 10HmbO-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for f@???
-1999-03-02 09:44:33 10HmbO-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbO-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbO-0005vi-00 => f@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbP-0005vi-00"
+1999-03-02 09:44:33 10HmbO-0005vi-00 => f@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbP-0005vi-00"
1999-03-02 09:44:33 10HmbO-0005vi-00 Completed
******** SERVER ********
-1999-03-02 09:44:33 Warning: No server certificate defined; will use a selfsigned one.
- Suggested action: either install a certificate or change tls_advertise_hosts option
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
1999-03-02 09:44:33 10HmaZ-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
diff --git a/test/log/4531 b/test/log/4531
index 7cfbd7f..6740cab 100644
--- a/test/log/4531
+++ b/test/log/4531
@@ -7,7 +7,7 @@
******** SERVER ********
2017-07-30 18:51:05.712 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_S
-2017-07-30 18:51:05.712 10HmaY-0005vi-00 DKIM FAIL FAIL FAIL: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]
-2017-07-30 18:51:05.712 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss id=E10HmaX-0005vi-00@??? for a@???
+2017-07-30 18:51:05.712 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
+2017-07-30 18:51:05.712 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex id=E10HmaX-0005vi-00@??? for a@???
2017-07-30 18:51:05.712 10HmbA-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
2017-07-30 18:51:05.712 10HmbA-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex id=E10HmaZ-0005vi-00@??? for b@???
diff --git a/test/log/4533 b/test/log/4533
index e3f8d1a..315700e 100644
--- a/test/log/4533
+++ b/test/log/4533
@@ -1,12 +1,8 @@
1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for a@???
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaX-0005vi-00 => a@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 => a@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaY-0005vi-00"
1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
******** SERVER ********
-1999-03-02 09:44:33 Warning: No server certificate defined; will use a selfsigned one.
- Suggested action: either install a certificate or change tls_advertise_hosts option
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
1999-03-02 09:44:33 10HmaY-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From:From
diff --git a/test/log/4534 b/test/log/4534
index b3d9d5f..faac1b6 100644
--- a/test/log/4534
+++ b/test/log/4534
@@ -1,12 +1,8 @@
1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for c@???
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaX-0005vi-00 => c@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 => c@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaY-0005vi-00"
1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
******** SERVER ********
-1999-03-02 09:44:33 Warning: No server certificate defined; will use a selfsigned one.
- Suggested action: either install a certificate or change tls_advertise_hosts option
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 rcpt_acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
1999-03-02 09:44:33 10HmaY-0005vi-00 dkim_acl: signer: test.ex bits: 512 h=From:To:Subject
diff --git a/test/log/4535 b/test/log/4535
index 078e699..2e7fcf2 100644
--- a/test/log/4535
+++ b/test/log/4535
@@ -1,30 +1,20 @@
1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for a@???
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaX-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaX-0005vi-00 => a@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 => a@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaY-0005vi-00"
1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for b@???
-1999-03-02 09:44:33 10HmaZ-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmaZ-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmaZ-0005vi-00 == b@??? R=client T=send_to_server defer (-24) H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]: transport filter process failed (1)
-1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for c@???
-1999-03-02 09:44:33 10HmbA-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbA-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbA-0005vi-00 == c@??? R=client T=send_to_server defer (-24) H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]: transport filter process failed (1)
-1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for b@???
-1999-03-02 09:44:33 10HmbB-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbB-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbB-0005vi-00 => b@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbC-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => b@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for c@???
+1999-03-02 09:44:33 10HmbB-0005vi-00 => c@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmbC-0005vi-00"
1999-03-02 09:44:33 10HmbB-0005vi-00 Completed
-1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for c@???
-1999-03-02 09:44:33 10HmbD-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-1999-03-02 09:44:33 10HmbD-0005vi-00 [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
-1999-03-02 09:44:33 10HmbD-0005vi-00 => c@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmbE-0005vi-00"
+1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for b@???
+1999-03-02 09:44:33 10HmbD-0005vi-00 => b@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbE-0005vi-00"
1999-03-02 09:44:33 10HmbD-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for c@???
+1999-03-02 09:44:33 10HmbF-0005vi-00 => c@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmbG-0005vi-00"
+1999-03-02 09:44:33 10HmbF-0005vi-00 Completed
******** SERVER ********
-1999-03-02 09:44:33 Warning: No server certificate defined; will use a selfsigned one.
- Suggested action: either install a certificate or change tls_advertise_hosts option
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
1999-03-02 09:44:33 10HmaY-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
@@ -33,16 +23,26 @@
1999-03-02 09:44:33 10HmaY-0005vi-00 => a <a@???> R=server_store T=file
1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
-1999-03-02 09:44:33 SMTP connection from the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] lost while reading message data (header)
+1999-03-02 09:44:33 10HmbA-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
+1999-03-02 09:44:33 10HmbA-0005vi-00 data acl: dkim status pass
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss DKIM=test.ex id=E10HmaZ-0005vi-00@??? for b@???
+1999-03-02 09:44:33 10HmbA-0005vi-00 => b <b@???> R=server_store T=file
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
1999-03-02 09:44:33 10HmbC-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
1999-03-02 09:44:33 10HmbC-0005vi-00 data acl: dkim status pass
-1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss DKIM=test.ex id=E10HmbB-0005vi-00@??? for b@???
-1999-03-02 09:44:33 10HmbC-0005vi-00 => b <b@???> R=server_store T=file
+1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex id=E10HmbB-0005vi-00@??? for c@???
+1999-03-02 09:44:33 10HmbC-0005vi-00 => c <c@???> R=server_store T=file
1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
-1999-03-02 09:44:33 10HmbE-0005vi-00 dkim_acl: signer: test.ex bits: 0 h=From
-1999-03-02 09:44:33 10HmbE-0005vi-00 data acl: dkim status fail
-1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss id=E10HmbD-0005vi-00@??? for c@???
-1999-03-02 09:44:33 10HmbE-0005vi-00 => c <c@???> R=server_store T=file
+1999-03-02 09:44:33 10HmbE-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
+1999-03-02 09:44:33 10HmbE-0005vi-00 data acl: dkim status pass
+1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss DKIM=test.ex id=E10HmbD-0005vi-00@??? for b@???
+1999-03-02 09:44:33 10HmbE-0005vi-00 => b <b@???> R=server_store T=file
1999-03-02 09:44:33 10HmbE-0005vi-00 Completed
+1999-03-02 09:44:33 rcpt acl: macro: From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
+1999-03-02 09:44:33 10HmbG-0005vi-00 dkim_acl: signer: test.ex bits: 1024 h=From
+1999-03-02 09:44:33 10HmbG-0005vi-00 data acl: dkim status pass
+1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex id=E10HmbF-0005vi-00@??? for c@???
+1999-03-02 09:44:33 10HmbG-0005vi-00 => c <c@???> R=server_store T=file
+1999-03-02 09:44:33 10HmbG-0005vi-00 Completed
diff --git a/test/log/4539 b/test/log/4539
index 903abb1..78ad873 100644
--- a/test/log/4539
+++ b/test/log/4539
@@ -8,18 +8,14 @@
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_S port PORT_D
1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@??? H=(xxx) [127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss for z@???
-1999-03-02 09:44:33 10HmaZ-0005vi-00 [127.0.0.1] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock
-1999-03-02 09:44:33 10HmaZ-0005vi-00 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" H="127.0.0.1"
-1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]
-1999-03-02 09:44:33 10HmaX-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss for z@???
+1999-03-02 09:44:33 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex for z@???
1999-03-02 09:44:33 10HmaX-0005vi-00 no immediate delivery: queued by ACL
-1999-03-02 09:44:33 10HmaZ-0005vi-00 => z@??? R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K C="250- 6nn byte chunk, total 6nn\\n250 OK id=10HmaX-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => z@??? R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmaX-0005vi-00"
1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? H=(xxx) [127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss for y@???
-1999-03-02 09:44:33 10HmbA-0005vi-00 [127.0.0.1] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock
-1999-03-02 09:44:33 10HmbA-0005vi-00 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" H="127.0.0.1"
-1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification failed - body hash mismatch (body probably modified in transit)]
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss for y@???
+1999-03-02 09:44:33 10HmaY-0005vi-00 DKIM: d=test.ex s=sel c=relaxed/relaxed a=rsa-sha256 b=1024 [verification succeeded]
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= <> H=localhost (testhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K S=sss DKIM=test.ex for y@???
1999-03-02 09:44:33 10HmaY-0005vi-00 no immediate delivery: queued by ACL
-1999-03-02 09:44:33 10HmbA-0005vi-00 => y@??? R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no K C="250- 6nn byte chunk, total 6nn\\n250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmbA-0005vi-00 => y@??? R=to_server T=remote_smtp_dkim H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes K C="250- 7nn byte chunk, total 7nn\\n250 OK id=10HmaY-0005vi-00"
1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
diff --git a/test/mail/4535.b b/test/mail/4535.b
index 8123854..0f04c25 100644
--- a/test/mail/4535.b
+++ b/test/mail/4535.b
@@ -3,7 +3,7 @@ Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
(Exim x.yz)
(envelope-from <CALLER@???>)
- id 10HmbC-0005vi-00
+ id 10HmbA-0005vi-00
for b@???;
Tue, 2 Mar 1999 09:44:33 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
@@ -13,11 +13,40 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
ygZGjs=;
Received: from CALLER by myhost.test.ex with local (Exim x.yz)
(envelope-from <CALLER@???>)
- id 10HmbB-0005vi-00
+ id 10HmaZ-0005vi-00
for b@???;
Tue, 2 Mar 1999 09:44:33 +0000
From: nobody@???
-Message-Id: <E10HmbB-0005vi-00@???>
+Message-Id: <E10HmaZ-0005vi-00@???>
+Sender: CALLER_NAME <CALLER@???>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+
+content
+
+--
+This is a generic mailinglist footer, using a traditional .sig-separator line
+----
+
+From CALLER@??? Tue Mar 02 09:44:33 1999
+Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
+ by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
+ (Exim x.yz)
+ (envelope-from <CALLER@???>)
+ id 10HmbE-0005vi-00
+ for b@???;
+ Tue, 2 Mar 1999 09:44:33 +0000
+DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
+ s=sel; h=From; bh=bzHKix52TV0ojCi2kd18gmIw/tcd5TnhO3QM+89xwyk=; b=LcQAFwKN9DL
+ wCbK0mcUtjmEoLaNUjwHmVrilQI1nBWJDoDUzpUl96U8YzdS/+Xut+pdS/YZf3m/Qbcw6ohO9pEmM
+ ncfURg55wr8fftAyRFA/L/svtP8h3Qv/+jv8gJ9nHyjk3z7Zmzzo8S54h9Ct9pJwkv0cpmdeLiDrL
+ ygZGjs=;
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+ (envelope-from <CALLER@???>)
+ id 10HmbD-0005vi-00
+ for b@???;
+ Tue, 2 Mar 1999 09:44:33 +0000
+From: nobody@???
+Message-Id: <E10HmbD-0005vi-00@???>
Sender: CALLER_NAME <CALLER@???>
Date: Tue, 2 Mar 1999 09:44:33 +0000
diff --git a/test/mail/4535.c b/test/mail/4535.c
index 4394d9c..96fe97f 100644
--- a/test/mail/4535.c
+++ b/test/mail/4535.c
@@ -3,7 +3,7 @@ Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
(Exim x.yz)
(envelope-from <CALLER@???>)
- id 10HmbE-0005vi-00
+ id 10HmbC-0005vi-00
for c@???;
Tue, 2 Mar 1999 09:44:33 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
@@ -13,11 +13,40 @@ DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
ygZGjs=;
Received: from CALLER by myhost.test.ex with local (Exim x.yz)
(envelope-from <CALLER@???>)
- id 10HmbD-0005vi-00
+ id 10HmbB-0005vi-00
for c@???;
Tue, 2 Mar 1999 09:44:33 +0000
From: nobody@???
-Message-Id: <E10HmbD-0005vi-00@???>
+Message-Id: <E10HmbB-0005vi-00@???>
+Sender: CALLER_NAME <CALLER@???>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+
+content
+
+--
+This is a generic mailinglist footer, using a traditional .sig-separator line
+----
+
+From CALLER@??? Tue Mar 02 09:44:33 1999
+Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
+ by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
+ (Exim x.yz)
+ (envelope-from <CALLER@???>)
+ id 10HmbG-0005vi-00
+ for c@???;
+ Tue, 2 Mar 1999 09:44:33 +0000
+DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
+ s=sel; h=From; bh=bzHKix52TV0ojCi2kd18gmIw/tcd5TnhO3QM+89xwyk=; b=LcQAFwKN9DL
+ wCbK0mcUtjmEoLaNUjwHmVrilQI1nBWJDoDUzpUl96U8YzdS/+Xut+pdS/YZf3m/Qbcw6ohO9pEmM
+ ncfURg55wr8fftAyRFA/L/svtP8h3Qv/+jv8gJ9nHyjk3z7Zmzzo8S54h9Ct9pJwkv0cpmdeLiDrL
+ ygZGjs=;
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+ (envelope-from <CALLER@???>)
+ id 10HmbF-0005vi-00
+ for c@???;
+ Tue, 2 Mar 1999 09:44:33 +0000
+From: nobody@???
+Message-Id: <E10HmbF-0005vi-00@???>
Sender: CALLER_NAME <CALLER@???>
Date: Tue, 2 Mar 1999 09:44:33 +0000
diff --git a/test/mail/4539.y b/test/mail/4539.y
index 14b663d..4626114 100644
--- a/test/mail/4539.y
+++ b/test/mail/4539.y
@@ -7,10 +7,10 @@ Received: from localhost ([127.0.0.1] helo=testhost.test.ex)
for y@???;
Tue, 2 Mar 1999 09:44:33 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
- s=sel; h=Subject; bh=CVpkzY75tV/NCKk5pPx4GnM3NX83xwCiT0xVwo0G1Rs=; b=JTYpVY1D
- sO37MibaZTC2CgpQAZlz/lRefFQv3Q7JM4D0aUfseT24Xg+kxv3xc5guSzKWQzycm3zie366tHape
- lu70O4/5+Dyr0f/FKjmYxT+ALcIzuVN7Rty2JioBG07aryqJqmcR0xpmiggctb/h/2a/JGRKPcDWO
- psj50XQNQ=;
+ s=sel; h=Subject; bh=qrFAgZTdNItSIrBZpDPHl7T6nHDpDTlw6cFlhULnt3c=; b=XGR6pjWM
+ PEWqcZj6/UQcH54guCxLNrtBaOS6Bve1+prubUxn6u3FdP+deLkkZTMrgf2LUMg3APxC4moIREkTt
+ 7JmnHBYDEeNOsV8Zpg95yRp+8BIEAqBGddOIs2KzUb3Ua0B2gbVd8Ovc2hrMu+JJPx9CE1mlHtHIw
+ txPmCs15I=;
Received: from [127.0.0.1] (helo=xxx)
by testhost.test.ex with smtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
(Exim x.yz)
@@ -26,5 +26,6 @@ X-received-count: 2
Line 1: This is a simple test.
Line 2: This is a simple test.
.Line 3 has a leading dot
+extra32chars234567890123456789
last line: 4
diff --git a/test/mail/4539.z b/test/mail/4539.z
index a2b43b8..584deb3 100644
--- a/test/mail/4539.z
+++ b/test/mail/4539.z
@@ -7,10 +7,10 @@ Received: from localhost ([127.0.0.1] helo=testhost.test.ex)
for z@???;
Tue, 2 Mar 1999 09:44:33 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=test.ex;
- s=sel; h=Subject; bh=CVpkzY75tV/NCKk5pPx4GnM3NX83xwCiT0xVwo0G1Rs=; b=JTYpVY1D
- sO37MibaZTC2CgpQAZlz/lRefFQv3Q7JM4D0aUfseT24Xg+kxv3xc5guSzKWQzycm3zie366tHape
- lu70O4/5+Dyr0f/FKjmYxT+ALcIzuVN7Rty2JioBG07aryqJqmcR0xpmiggctb/h/2a/JGRKPcDWO
- psj50XQNQ=;
+ s=sel; h=Subject; bh=rr4Eahuyisf50jrZwCMRa+NKEI5cjCTLtiI8sXRsvJo=; b=DMx6DGzU
+ 7Pbz5IGN4NvxeDHYJIVnSMRO0q5PBiGMoaESCZFhQF+fZ7f+kZyNY1Uanggg93Ux7OeQ3ZThnAg4t
+ 1xm24pdfYtXKleKtsZ2ekh6SNXo2YcyclIo8hf4z3iZsjxcjnftZRbtaeAc3Coicq0+51i+/ZxCup
+ EwFMsq92M=;
Received: from [127.0.0.1] (helo=xxx)
by testhost.test.ex with smtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
(Exim x.yz)
@@ -26,5 +26,6 @@ X-received-count: 2
Line 1: This is a simple test.
Line 2: This is a simple test.
.Line 3 has a leading dot
+extra30chars234567890123456789
last line: 4
diff --git a/test/scripts/4520-TLS-DKIM/4539 b/test/scripts/4520-TLS-DKIM/4539
index eaa13fb..9321427 100644
--- a/test/scripts/4520-TLS-DKIM/4539
+++ b/test/scripts/4520-TLS-DKIM/4539
@@ -30,6 +30,7 @@ Subject: simple test
Line 1: This is a simple test.
Line 2: This is a simple test.
..Line 3 has a leading dot
+extra30chars234567890123456789
last line: 4
.
??? 250
@@ -58,12 +59,13 @@ MAIL FROM:<CALLER@???>
??? 250
RCPT TO:<y@???>
??? 250
-BDAT 129 LAST
+BDAT 161 LAST
Subject: simple test
Line 1: This is a simple test.
Line 2: This is a simple test.
.Line 3 has a leading dot
+extra32chars234567890123456789
last line: 4
??? 250-
??? 250
diff --git a/test/stderr/4530 b/test/stderr/4530
index 96951cf..4b93222 100644
--- a/test/stderr/4530
+++ b/test/stderr/4530
@@ -21,10 +21,6 @@ cmd buf flush ddd bytes
SMTP>> STARTTLS
cmd buf flush ddd bytes
SMTP<< 220 TLS go ahead
-LOG: MAIN
- [ip4.ip4.ip4.ip4] SSL verify error: depth=0 error=self signed certificate cert=/C=UK/O=Exim Developers/CN=myhost.test.ex
-LOG: MAIN
- [ip4.ip4.ip4.ip4] SSL verify error: certificate name mismatch: DN="/C=UK/O=Exim Developers/CN=myhost.test.ex" H="ip4.ip4.ip4.ip4"
SMTP>> EHLO myhost.test.ex
cmd buf flush ddd bytes
SMTP<< 250-myhost.test.ex Hello the.local.host.name [ip4.ip4.ip4.ip4]
@@ -68,7 +64,7 @@ cmd buf flush ddd bytes
SMTP<< 221 myhost.test.ex closing connection
SMTP(close)>>
LOG: MAIN
- => d@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no C="250 OK id=10HmbL-0005vi-00"
+ => d@??? R=client T=send_to_server H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbL-0005vi-00"
LOG: MAIN
Completed
>>>>>>>>>>>>>>>> Exim pid=pppp (local-accept-delivery) terminating with rc=0 >>>>>>>>>>>>>>>>
diff --git a/test/stdout/4539 b/test/stdout/4539
index 2a3824b..b766bb2 100644
--- a/test/stdout/4539
+++ b/test/stdout/4539
@@ -38,6 +38,7 @@ Succeeded in starting TLS
>>> Line 1: This is a simple test.
>>> Line 2: This is a simple test.
>>> ..Line 3 has a leading dot
+>>> extra30chars234567890123456789
>>> last line: 4
>>> .
??? 250
@@ -78,15 +79,16 @@ Succeeded in starting TLS
>>> RCPT TO:<y@???>
??? 250
<<< 250 Accepted
->>> BDAT 129 LAST
+>>> BDAT 161 LAST
>>> Subject: simple test
>>>
>>> Line 1: This is a simple test.
>>> Line 2: This is a simple test.
>>> .Line 3 has a leading dot
+>>> extra32chars234567890123456789
>>> last line: 4
??? 250-
-<<< 250- 129 byte chunk, total 129
+<<< 250- 161 byte chunk, total 161
??? 250
<<< 250 OK id=10HmbA-0005vi-00
>>> QUIT