Wrong length calculation
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dkimpy |
Fix Released
|
Medium
|
Scott Kitterman |
Bug Description
The module dkim/__init__.py attempts to limit the first line of the dkim signature to 72 (not including the newline sequence). But certain values will cause this limit to be exceeded by 1 or 2.
With typical values of "v=1; a=rsa_sha256; c=relaxed/simple; ", the domain "d=XXXXexample.
The problem is that fold(...., namelen=0) assumes that namelen means "reserve_space", so the code reserves "namelen" characters for the first line. But fold() is called with the length of the header name, not the length of the header + 2 for {colon, space} that is also prepended.
This is very low severity because it only affects recipients with very strict (obsolete) line length limitations (72, rfc-822).
Changed in dkimpy: | |
assignee: | nobody → Scott Kitterman (kitterman) |
importance: | Undecided → Critical |
importance: | Critical → Medium |
milestone: | none → 0.9.2 |
status: | New → In Progress |
Changed in dkimpy: | |
status: | In Progress → Fix Committed |
2019-04-14 Version 0.9.2 lines to avoid using re for Filiatrault for the change) Filiatrault) Filiatrault)
- Fix the arcsign script so it works with the current API (Note: the new
srv_id option is the authserv_id to use in the ARC signatures - Only AR
fields with an authserv-id that matches srv_id will be considered for
ARC signing)
- Fix cv=none processing for initial signature in chain
- Add additional text documenting use of srv_id for ARC signing to
docstrings and man 1 arcsign (LP: #1808301)
- Use same line seperator for output as input in dkimsign/arcsign
(LP: #1808686)
- Refactor canonicalization.py strip_trailing_
more consistent processing across python versions (Thanks to Jonathan
Bastien-
- Refactor header folding for more consistent results, including reduced
stray whitespace (Also Jonathan Bastien-
- Don't log message headers and body unless explicitely requested. This
should also reduce memory usage on large messages. (Jonathan
Bastien-
- Clarify the crlf does not count towards line length in fold
- Adjust fold maxlen to one shorter for lines after the first, since they
already have a leading space (LP: #1823008)