Add domain validity check for ascii domains (no specials)
This commit is contained in:
Scott Kitterman
@@ -1,4 +1,5 @@
|
|||||||
Version 1.1
|
Version 1.1
|
||||||
|
- Add domain validity check for ascii domains (no specials)
|
||||||
- Add option to specify index number of signature to verify to dkimverify
|
- Add option to specify index number of signature to verify to dkimverify
|
||||||
(Thanks to Nick Baugh for the change)
|
(Thanks to Nick Baugh for the change)
|
||||||
- Correct signature indexing error introduced in 1.0.0 that prevents
|
- Correct signature indexing error introduced in 1.0.0 that prevents
|
||||||
|
|||||||
@@ -286,6 +286,16 @@ def validate_signature_fields(sig, mandatory_fields=[b'v', b'a', b'b', b'bh', b'
|
|||||||
if b'cv' in sig and sig[b'cv'] not in (CV_Pass, CV_Fail, CV_None):
|
if b'cv' in sig and sig[b'cv'] not in (CV_Pass, CV_Fail, CV_None):
|
||||||
raise ValidationError("cv= value is not valid (%s)" % sig[b'cv'])
|
raise ValidationError("cv= value is not valid (%s)" % sig[b'cv'])
|
||||||
|
|
||||||
|
# Limit domain validation to ASCII domains because too hard
|
||||||
|
try:
|
||||||
|
str(sig[b'd'], 'ascii')
|
||||||
|
# No specials, which is close enough
|
||||||
|
if re.findall(b"[\(\)<>\[\]:;@\\,]", sig[b'd']):
|
||||||
|
raise ValidationError("d= value is not valid (%s)" % sig[b'd'])
|
||||||
|
except UnicodeDecodeError as e:
|
||||||
|
# Not an ASCII domain
|
||||||
|
pass
|
||||||
|
|
||||||
# Nasty hack to support both str and bytes... check for both the
|
# Nasty hack to support both str and bytes... check for both the
|
||||||
# character and integer values.
|
# character and integer values.
|
||||||
if not arc and b'i' in sig and (
|
if not arc and b'i' in sig and (
|
||||||
|
|||||||
Reference in New Issue
Block a user