commit cddc902: [Minor] Dkim: Use IDNA translation in DKIM checks as well
Vsevolod Stakhov
vsevolod at highsecure.ru
Wed Sep 23 11:21:09 UTC 2020
Author: Vsevolod Stakhov
Date: 2020-09-23 12:15:13 +0100
URL: https://github.com/rspamd/rspamd/commit/cddc9021de2e7d2eee1a843620af8c80eb5acf2c (HEAD -> master)
[Minor] Dkim: Use IDNA translation in DKIM checks as well
---
src/libserver/dkim.c | 54 +++++++++++++++++++++++++++++++++++++++++-------
src/libserver/dkim.h | 1 +
src/plugins/dkim_check.c | 2 ++
3 files changed, 49 insertions(+), 8 deletions(-)
diff --git a/src/libserver/dkim.c b/src/libserver/dkim.c
index a37f1c036..62acad4fe 100644
--- a/src/libserver/dkim.c
+++ b/src/libserver/dkim.c
@@ -130,6 +130,7 @@ enum rspamd_arc_seal_cv {
struct rspamd_dkim_context_s {
struct rspamd_dkim_common_ctx common;
rspamd_mempool_t *pool;
+ struct rspamd_dns_resolver *resolver;
gsize blen;
gsize bhlen;
gint sig_alg;
@@ -333,8 +334,25 @@ rspamd_dkim_parse_domain (rspamd_dkim_context_t * ctx,
gsize len,
GError **err)
{
- ctx->domain = rspamd_mempool_alloc (ctx->pool, len + 1);
- rspamd_strlcpy (ctx->domain, param, len + 1);
+ if (!rspamd_str_has_8bit (param, len)) {
+ ctx->domain = rspamd_mempool_alloc (ctx->pool, len + 1);
+ rspamd_strlcpy (ctx->domain, param, len + 1);
+ }
+ else {
+ ctx->domain = rspamd_dns_resolver_idna_convert_utf8 (ctx->resolver,
+ ctx->pool, param, len, NULL);
+
+ if (!ctx->domain) {
+ g_set_error (err,
+ DKIM_ERROR,
+ DKIM_SIGERROR_INVALID_H,
+ "invalid dkim domain tag %*.s: idna failed",
+ (int)len, param);
+
+ return FALSE;
+ }
+ }
+
return TRUE;
}
@@ -416,8 +434,26 @@ rspamd_dkim_parse_selector (rspamd_dkim_context_t * ctx,
gsize len,
GError **err)
{
- ctx->selector = rspamd_mempool_alloc (ctx->pool, len + 1);
- rspamd_strlcpy (ctx->selector, param, len + 1);
+
+ if (!rspamd_str_has_8bit (param, len)) {
+ ctx->selector = rspamd_mempool_alloc (ctx->pool, len + 1);
+ rspamd_strlcpy (ctx->selector, param, len + 1);
+ }
+ else {
+ ctx->selector = rspamd_dns_resolver_idna_convert_utf8 (ctx->resolver,
+ ctx->pool, param, len, NULL);
+
+ if (!ctx->selector) {
+ g_set_error (err,
+ DKIM_ERROR,
+ DKIM_SIGERROR_INVALID_H,
+ "invalid dkim selector tag %*.s: idna failed",
+ (int)len, param);
+
+ return FALSE;
+ }
+ }
+
return TRUE;
}
@@ -758,10 +794,11 @@ rspamd_dkim_add_arc_seal_headers (rspamd_mempool_t *pool,
*/
rspamd_dkim_context_t *
rspamd_create_dkim_context (const gchar *sig,
- rspamd_mempool_t *pool,
- guint time_jitter,
- enum rspamd_dkim_type type,
- GError **err)
+ rspamd_mempool_t *pool,
+ struct rspamd_dns_resolver *resolver,
+ guint time_jitter,
+ enum rspamd_dkim_type type,
+ GError **err)
{
const gchar *p, *c, *tag = NULL, *end;
gsize taglen;
@@ -788,6 +825,7 @@ rspamd_create_dkim_context (const gchar *sig,
ctx = rspamd_mempool_alloc0 (pool, sizeof (rspamd_dkim_context_t));
ctx->pool = pool;
+ ctx->resolver = resolver;
if (type == RSPAMD_DKIM_ARC_SEAL) {
ctx->common.header_canon_type = DKIM_CANON_RELAXED;
diff --git a/src/libserver/dkim.h b/src/libserver/dkim.h
index afd272028..011b79eff 100644
--- a/src/libserver/dkim.h
+++ b/src/libserver/dkim.h
@@ -166,6 +166,7 @@ typedef void (*dkim_key_handler_f) (rspamd_dkim_key_t *key, gsize keylen,
*/
rspamd_dkim_context_t *rspamd_create_dkim_context (const gchar *sig,
rspamd_mempool_t *pool,
+ struct rspamd_dns_resolver *resolver,
guint time_jitter,
enum rspamd_dkim_type type,
GError **err);
diff --git a/src/plugins/dkim_check.c b/src/plugins/dkim_check.c
index 43331d9d9..a46624bd8 100644
--- a/src/plugins/dkim_check.c
+++ b/src/plugins/dkim_check.c
@@ -1187,6 +1187,7 @@ dkim_symbol_callback (struct rspamd_task *task,
ctx = rspamd_create_dkim_context (rh_cur->decoded,
task->task_pool,
+ task->resolver,
dkim_module_ctx->time_jitter,
RSPAMD_DKIM_NORMAL,
&err);
@@ -1508,6 +1509,7 @@ lua_dkim_verify_handler (lua_State *L)
ctx = rspamd_create_dkim_context (sig,
task->task_pool,
+ task->resolver,
dkim_module_ctx->time_jitter,
type,
&err);
More information about the Commits
mailing list