DKIM: permit verify of sig blocks that sign other sig blocks. Bug 2014

author: Jeremy Harris <jgh146exb@wizmail.org> 2017-01-22 17:35:08 +0000
committer: Jeremy Harris <jgh146exb@wizmail.org> 2017-01-22 17:37:05 +0000
commit: eea190173538a3e71a87f174baa190cb22e0e8fb (patch)
tree: 1261c57a8f5767f197ddcf5ed7dc03af8a4504ea
parent: 1137f3a6938882cc81a1fcd7dc15530e8fae9e32 (diff)
2 files changed, 6 insertions, 3 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 156a89f16..a680593d2 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -45,6 +45,10 @@ JH/08 Bug 2016: Fix DKIM verification vs. CHUNKING.  Any BDAT commands after
       processing; with most chunk sizes in use this resulted in an incorrect
       body hash calculated value.
 
+JH/09 Bug 2014: permit inclusion of a DKIM-Signature header in a received
+      DKIM signature block, for verification.  Although advised against by
+      standards it is specifically not ruled illegal.
+
 
 Exim version 4.88
 -----------------
diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
index 4309675e6..a77dd5792 100644
--- a/src/src/pdkim/pdkim.c
+++ b/src/src/pdkim/pdkim.c
@@ -991,9 +991,8 @@ else
 	  "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n");
     }
 
-  /* every other header is stored for signature verification */
-  else
-    ctx->headers = pdkim_prepend_stringlist(ctx->headers, ctx->cur_header);
+  /* all headers are stored for signature verification */
+  ctx->headers = pdkim_prepend_stringlist(ctx->headers, ctx->cur_header);
   }
 
 BAIL:
author	Jeremy Harris <jgh146exb@wizmail.org>	2017-01-22 17:35:08 +0000
committer	Jeremy Harris <jgh146exb@wizmail.org>	2017-01-22 17:37:05 +0000
commit	eea190173538a3e71a87f174baa190cb22e0e8fb (patch)
tree	1261c57a8f5767f197ddcf5ed7dc03af8a4504ea
parent	1137f3a6938882cc81a1fcd7dc15530e8fae9e32 (diff)