DandelionNStuff/dkimpy-smtputf8
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

A fix for bug #644046

Browse Source
This commit is contained in:
Stuart D. Gathman
2011-06-17 13:52:09 -04:00
parent 1fa37e02a8
commit a203b29874
2 changed files with 26 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ChangeLog
+3
View File
@@ -1,4 +1,7 @@
UNRELEASED Version 0.5 UNRELEASED Version 0.5
- Add test case for <https://launchpad.net/bugs/644046>
- Add test case for <https://launchpad.net/bugs/737311>
- Fix dkim.fold()
2011-06-16 Version 0.4.2 2011-06-16 Version 0.4.2
- Fix use of dns namespace so dnspython works - Fix use of dns namespace so dnspython works
dkim/__init__.py
+23 -6
View File
@@ -90,19 +90,29 @@ def _remove(s, t):
assert i >= 0 assert i >= 0
return s[:i] + s[i+len(t):] return s[:i] + s[i+len(t):]
def hash_headers(hasher, canonicalize_headers, headers, include_headers, def select_headers(headers, include_headers):
sigheaders, sig): """Select message header fields to be signed/verified.
"""Sign message header fields.""" >>> h = [('from','biz'),('foo','bar'),('from','baz'),('subject','boring')]
>>> i = ['from','subject','from']
>>> select_headers(h,i)
[('from', 'baz'), ('subject', 'boring'), ('from', 'biz')]
"""
sign_headers = [] sign_headers = []
lastindex = {} lastindex = {}
for h in include_headers: for h in [x.lower() for x in include_headers]:
i = lastindex.get(h, len(headers)) i = lastindex.get(h, len(headers))
while i > 0: while i > 0:
i -= 1 i -= 1
if h.lower() == headers[i][0].lower(): if h == headers[i][0].lower():
sign_headers.append(headers[i]) sign_headers.append(headers[i])
break break
lastindex[h] = i lastindex[h] = i
return sign_headers
def hash_headers(hasher, canonicalize_headers, headers, include_headers,
sigheaders, sig):
"""Sign message header fields."""
sign_headers = select_headers(headers,include_headers)
# The call to _remove() assumes that the signature b= only appears # The call to _remove() assumes that the signature b= only appears
# once in the signature header # once in the signature header
cheaders = canonicalize_headers.canonicalize_headers( cheaders = canonicalize_headers.canonicalize_headers(
@@ -113,7 +123,6 @@ def hash_headers(hasher, canonicalize_headers, headers, include_headers,
hasher.update(b":") hasher.update(b":")
hasher.update(x[1]) hasher.update(x[1])
def validate_signature_fields(sig): def validate_signature_fields(sig):
"""Validate DKIM-Signature fields. """Validate DKIM-Signature fields.
@@ -196,6 +205,8 @@ def fold(header):
"""Fold a header line into multiple crlf-separated lines at column 72. """Fold a header line into multiple crlf-separated lines at column 72.
>>> fold(b'foo') >>> fold(b'foo')
'foo' 'foo'
>>> fold(b'foo '+b'foo'*24).splitlines()[0]
'foo '
>>> fold(b'foo'*25).splitlines()[-1] >>> fold(b'foo'*25).splitlines()[-1]
' foo' ' foo'
>>> len(fold(b'foo'*25).splitlines()[0]) >>> len(fold(b'foo'*25).splitlines()[0])
@@ -364,6 +375,12 @@ class DKIM(object):
raise KeyFormatError("could not parse public key (%s): %s" % (pub[b'p'],e)) raise KeyFormatError("could not parse public key (%s): %s" % (pub[b'p'],e))
include_headers = re.split(br"\s*:\s*", sig[b'h']) include_headers = re.split(br"\s*:\s*", sig[b'h'])
# address bug#644046 by including any additional From header
# fields when verifying. Since there should be only one From header,
# this shouldn't break any legitimate messages. This could be
# generalized to check for extras of other singleton headers.
if 'from' in [x.lower() for x in include_headers]:
include_headers.append('from')
h = hasher() h = hasher()
hash_headers(h, canon_policy, headers, include_headers, sigheaders, sig) hash_headers(h, canon_policy, headers, include_headers, sigheaders, sig)
try: try: