DKIM: fix relaxed body verify for a newline-only body. Bug 963

author: Jeremy Harris <jgh146exb@wizmail.org> 2015-11-29 01:36:06 +0000
committer: Jeremy Harris <jgh146exb@wizmail.org> 2015-11-29 22:56:04 +0000
commit: 9042106b5116fcc621e1c720460a42896011c1cd (patch)
tree: 9384fc34c1b13a4c148082cd4b0e5aad2d8b8654 /src
parent: ac3ad4262e3fe4b6ca02532c706069251c32106e (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/src/src/pdkim/pdkim.c b/src/src/pdkim/pdkim.c
index 99948ffc5..94328f7ee 100644
--- a/src/src/pdkim/pdkim.c
+++ b/src/src/pdkim/pdkim.c
@@ -987,11 +987,11 @@ int pdkim_finish_bodyhash(pdkim_ctx *ctx) {
       else {
         #ifdef PDKIM_DEBUG
         if (ctx->debug_stream) {
-          fprintf(ctx->debug_stream, "PDKIM [%s] Body hash did NOT verify\n",
-                  sig->domain);
           fprintf(ctx->debug_stream, "PDKIM [%s] bh signature: ", sig->domain);
           pdkim_hexprint(ctx->debug_stream, sig->bodyhash,
                            (sig->algo == PDKIM_ALGO_RSA_SHA1)?20:32,1);
+          fprintf(ctx->debug_stream, "PDKIM [%s] Body hash did NOT verify\n",
+                  sig->domain);
         }
         #endif
         sig->verify_status     = PDKIM_VERIFY_FAIL;
@@ -1022,6 +1022,12 @@ int pdkim_bodyline_complete(pdkim_ctx *ctx) {
   if (ctx->input_mode == PDKIM_INPUT_SMTP) {
     /* Terminate on EOD marker */
     if (memcmp(p,".\r\n",3) == 0) {
+      /* In simple body mode, if any empty lines were buffered,
+      replace with one. rfc 4871 3.4.3 */
+      if (ctx->sig && ctx->sig->canon_body == PDKIM_CANON_SIMPLE
+	 && ctx->num_buffered_crlf > 0)
+	pdkim_update_bodyhash(ctx,"\r\n",2);
+
       ctx->seen_eod = 1;
       goto BAIL;
     }
author	Jeremy Harris <jgh146exb@wizmail.org>	2015-11-29 01:36:06 +0000
committer	Jeremy Harris <jgh146exb@wizmail.org>	2015-11-29 22:56:04 +0000
commit	9042106b5116fcc621e1c720460a42896011c1cd (patch)
tree	9384fc34c1b13a4c148082cd4b0e5aad2d8b8654 /src
parent	ac3ad4262e3fe4b6ca02532c706069251c32106e (diff)