DandelionNStuff/dkimpy-milter-smtputf8
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Catch more ascii encoding errors to improve resilience against bad data

Browse Source 
(LP: #1844189)
This commit is contained in:
Scott Kitterman
2019-09-23 11:52:17 -04:00
parent 5322c81027
commit 7986de6629
2 changed files with 32 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGES
+2
View File
@@ -4,6 +4,8 @@
as verifying works correctly as verifying works correctly
- Fix variable initialization so mailformed mails missing body From do not - Fix variable initialization so mailformed mails missing body From do not
cause a traceback (LP: #1844161) cause a traceback (LP: #1844161)
- Catch more ascii encoding errors to improve resilience against bad data
(LP: #1844189)
1.0.1 2019-02-11 1.0.1 2019-02-11
* Reorder milter start and dropping privileges so permissions on Unix socket * Reorder milter start and dropping privileges so permissions on Unix socket
dkimpy_milter/__init__.py
+24 -1
View File
@@ -141,7 +141,11 @@ class dkimMilter(Milter.Base):
elif lname == 'authentication-results': elif lname == 'authentication-results':
self.arheaders.append(val) self.arheaders.append(val)
if self.fp: if self.fp:
try:
self.fp.write("%s: %s\n" % (name, val)) self.fp.write("%s: %s\n" % (name, val))
except:
# Don't choke on header fields with garbage in them.
pass
return Milter.CONTINUE return Milter.CONTINUE
@Milter.noreply @Milter.noreply
@@ -255,6 +259,7 @@ class dkimMilter(Milter.Base):
def check_dkim(self, txt): def check_dkim(self, txt):
res = False res = False
self.header_a = None
for y in range(self.has_dkim): # Verify _ALL_ the signatures for y in range(self.has_dkim): # Verify _ALL_ the signatures
d = dkim.DKIM(txt) d = dkim.DKIM(txt)
try: try:
@@ -281,9 +286,20 @@ class dkimMilter(Milter.Base):
self.dkim_comment = str(x) self.dkim_comment = str(x)
if milterconfig.get('Syslog'): if milterconfig.get('Syslog'):
syslog.syslog("check_dkim: {0}".format(x)) syslog.syslog("check_dkim: {0}".format(x))
try:
self.header_i = d.signature_fields.get(b'i') self.header_i = d.signature_fields.get(b'i')
except TypeError as x:
self.header_i = None
try:
self.header_d = d.signature_fields.get(b'd') self.header_d = d.signature_fields.get(b'd')
self.header_a = d.signature_fields.get(b'a') self.header_a = d.signature_fields.get(b'a')
except Exception as x:
self.dkim_comment = str(x)
if milterconfig.get('Syslog'):
syslog.syslog("check_dkim: {0}".format(x))
self.header_d = None
if not self.header_a:
self.header_a = 'rsa-sha256'
if res: if res:
if (milterconfig.get('Syslog') and if (milterconfig.get('Syslog') and
(milterconfig.get('SyslogSuccess') or (milterconfig.get('SyslogSuccess') or
@@ -303,12 +319,18 @@ class dkimMilter(Milter.Base):
syslog.syslog('DKIM: Fail (saved as {0})' syslog.syslog('DKIM: Fail (saved as {0})'
.format(fname)) .format(fname))
else: else:
syslog.syslog('DKIM: Fail ({0})'.format(d.domain.lower())) if milterconfig.get('Syslog'):
if d.domain:
syslog.syslog('DKIM: Fail ({0})'
.format(d.domain.lower()))
else:
syslog.syslog('DKIM: Fail, unextractable domain')
if res: if res:
result = 'pass' result = 'pass'
else: else:
result = 'fail' result = 'fail'
res = False res = False
if self.header_d:
self.arresults.append( self.arresults.append(
authres.DKIMAuthenticationResult(result=result, authres.DKIMAuthenticationResult(result=result,
header_i=self.header_i, header_i=self.header_i,
@@ -317,6 +339,7 @@ class dkimMilter(Milter.Base):
result_comment= result_comment=
self.dkim_comment) self.dkim_comment)
) )
self.header_a = None
return return