X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fdkim.c;h=349947ab1644c12a1abdc3aef2971ec8d56ce0f4;hb=468c0c7e3066886ff5028bb423b96712a155fe05;hp=db2eb4948cd587f56f1a5f8a29a11fc1f39a7b12;hpb=1cfe5c1c3f79de51039d47efd88620c3c325d2a6;p=user%2Fhenk%2Fcode%2Fexim.git

diff --git a/src/src/dkim.c b/src/src/dkim.c
index db2eb4948..349947ab1 100644
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -59,6 +59,13 @@ return PDKIM_FAIL;
 }
 
 
+void
+dkim_exim_init(void)
+{
+pdkim_init();
+}
+
+
 void
 dkim_exim_verify_init(void)
 {
@@ -69,10 +76,8 @@ if (dkim_verify_ctx)
 
 /* Create new context */
 
-dkim_verify_ctx = pdkim_init_verify(PDKIM_INPUT_SMTP, &dkim_exim_query_dns_txt);
-
-if ((dkim_collect_input = !!dkim_verify_ctx))
-  pdkim_set_debug_stream(dkim_verify_ctx, debug_file);
+dkim_verify_ctx = pdkim_init_verify(&dkim_exim_query_dns_txt);
+dkim_collect_input = !!dkim_verify_ctx;
 }
 
 
@@ -125,12 +130,14 @@ for (sig = dkim_signatures; sig; sig = sig->next)
   /* Log a line for each signature */
 
   uschar *logmsg = string_append(NULL, &size, &ptr, 5,
-	string_sprintf("d=%s s=%s c=%s/%s a=%s ",
+	string_sprintf("d=%s s=%s c=%s/%s a=%s b=%d ",
 	      sig->domain,
 	      sig->selector,
 	      sig->canon_headers == PDKIM_CANON_SIMPLE ?  "simple" : "relaxed",
 	      sig->canon_body == PDKIM_CANON_SIMPLE ?  "simple" : "relaxed",
-	      sig->algo == PDKIM_ALGO_RSA_SHA256 ?  "rsa-sha256" : "rsa-sha1"),
+	      sig->algo == PDKIM_ALGO_RSA_SHA256 ?  "rsa-sha256" : "rsa-sha1",
+	      sig->sigdata.len * 8
+	      ),
 
 	sig->identity ? string_sprintf("i=%s ", sig->identity) : US"",
 	sig->created > 0 ? string_sprintf("t=%lu ", sig->created) : US"",
@@ -158,7 +165,8 @@ for (sig = dkim_signatures; sig; sig = sig->next)
 			"overlong public key record]");
 	  break;
 
-	case PDKIM_VERIFY_INVALID_PUBKEY_PARSING:
+	case PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD:
+	case PDKIM_VERIFY_INVALID_PUBKEY_IMPORT:
 	  logmsg = string_append(logmsg, &size, &ptr, 1,
 		       "syntax error in public key record]");
 	  break;
@@ -229,7 +237,6 @@ dkim_exim_acl_setup(uschar * id)
 pdkim_signature * sig;
 uschar * cmp_val;
 
-
 dkim_cur_sig = NULL;
 dkim_cur_signer = id;
 
@@ -255,6 +262,7 @@ for (sig = dkim_signatures; sig; sig = sig->next)
 
     dkim_signing_domain = US sig->domain;
     dkim_signing_selector = US sig->selector;
+    dkim_key_length = sig->sigdata.len * 8;
     return;
     }
 }
@@ -339,7 +347,7 @@ switch (what)
 
   case DKIM_HEADERNAMES:
     return dkim_cur_sig->headernames
-      ?  US dkim_cur_sig->headernames : dkim_exim_expand_defaults(what);
+      ? dkim_cur_sig->headernames : dkim_exim_expand_defaults(what);
 
   case DKIM_IDENTITY:
     return dkim_cur_sig->identity
@@ -395,7 +403,8 @@ switch (what)
       {
       case PDKIM_VERIFY_INVALID_PUBKEY_UNAVAILABLE:
 						return US"pubkey_unavailable";
-      case PDKIM_VERIFY_INVALID_PUBKEY_PARSING:	return US"pubkey_syntax";
+      case PDKIM_VERIFY_INVALID_PUBKEY_DNSRECORD:return US"pubkey_dns_syntax";
+      case PDKIM_VERIFY_INVALID_PUBKEY_IMPORT:	return US"pubkey_der_syntax";
       case PDKIM_VERIFY_FAIL_BODY:		return US"bodyhash_mismatch";
       case PDKIM_VERIFY_FAIL_MESSAGE:		return US"signature_incorrect";
       }
@@ -561,16 +570,15 @@ while ((dkim_signing_domain = string_nextinlist(&dkim_domain, &sep,
     dkim_private_key_expanded = big_buffer;
     }
 
-  ctx = pdkim_init_sign(PDKIM_INPUT_SMTP,
-			 (char *) dkim_signing_domain,
+  ctx = pdkim_init_sign( (char *) dkim_signing_domain,
 			 (char *) dkim_signing_selector,
-			 (char *) dkim_private_key_expanded);
-  pdkim_set_debug_stream(ctx, debug_file);
+			 (char *) dkim_private_key_expanded,
+			 PDKIM_ALGO_RSA_SHA256);
   pdkim_set_optional(ctx,
 		      (char *) dkim_sign_headers_expanded,
 		      NULL,
 		      pdkim_canon,
-		      pdkim_canon, -1, PDKIM_ALGO_RSA_SHA256, 0, 0);
+		      pdkim_canon, -1, 0, 0);
 
   lseek(dkim_fd, 0, SEEK_SET);