dkimpy

Mangled AAR header when srv_id is a suffix of some AR header fields

Bug #2044146 reported by Nikolay on 2023-11-21

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	dkimpy	New	Undecided	Unassigned

Bug Description

Here's an example of the generated AAR header from the existing AR header (produced by ARC.sign method):

ARC-Authentication-Results: i=1; 10-69-43-116.qa.plesk.tech; dmarc=pass (p=QUARANTINE sp=NONE) smtp.from=test1.10-69-43-116.qa.plesk.tech header.from=test1.
        dkim=pass header.d=test1.
        spf=pass (sender IP is 127.0.0.1) <email address hidden> smtp.helo=webmail.test1.10-69-43-116.qa.plesk.tech
Authentication-Results: 10-69-43-116.qa.plesk.tech;
        dmarc=pass (p=QUARANTINE sp=NONE) smtp.from=test1.10-69-43-116.qa.plesk.tech header.from=test1.10-69-43-116.qa.plesk.tech;
        dkim=pass header.d=test1.10-69-43-116.qa.plesk.tech;
        spf=pass (sender IP is 127.0.0.1) <email address hidden> smtp.helo=webmail.test1.10-69-43-116.qa.plesk.tech

Note that some semicolons are missing and trailing parts of header.from and header.d are missing as well. For the purposes of this result srv_id = b'10-69-43-116.qa.plesk.tech' in the call to the library.

I believe this can be fixed by the following change in the library code:

- results_lists = [raw.replace(srv_id + b';', b'').strip() for (raw, parsed) in auth_headers]
+ results_lists = [raw.replace(srv_id + b';', b'', 1).strip() for (raw, parsed) in auth_headers]

Library version: dkimpy==1.1.5

Original API call:

r = arc.sign('default'.encode(), 'test1.10-69-43-116.qa.plesk.tech'.encode(), key, '10-69-43-116.qa.plesk.tech'.encode())

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.