https://bugs.exim.org/show_bug.cgi?id=2295
Bug ID: 2295
Summary: Invalid DKIM signatures (due to header hash
miscomputed)
Product: Exim
Version: 4.90
Hardware: x86-64
OS: All
Status: NEW
Severity: bug
Priority: medium
Component: DKIM
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Exim-generated DKIM-Signatures fail on virtually everyone
(http://www.appmaildev.com/fr/dkim, http://dkimvalidator.com/, GMail, â¦),in
4.90 and 4.90.1.
This is due to the header hash being computed (in relaxed mode) on:
[â¦]
dkim-signature:v=1;[â¦];b=;
instead of:
[â¦]
dkim-signature:v=1;[â¦];b=
(there should be no ending semicolon)
This was introduced by commit ea18931d9b1e9b73b699a2f3eb661d70b7f52fab ("DKIM:
fix signing bug induced by total size of parameter text causing header-line
fold between "b=" and terminating ";" of pseudo-header.").
I understand that the semicolon was introduced to prevent headcat() to insert
EOL after the b=. Is this still the case? After having simply modified my
src/pdkim/pdkim.c (s/b=;/b=/), my e-mails get successfully verified by all the
aforementioned verifiers.
Note that I only speak for relaxed canonicalization, I did not test in simple
mode.
--
You are receiving this mail because:
You are on the CC list for the bug.--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/ ##
