dkimpy

Mangled AAR header when srv_id is a suffix of some AR header fields

Bug #2044146 reported by Nikolay on 2023-11-21

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	dkimpy	Fix Released	Undecided	Unassigned

Bug Description

Here's an example of the generated AAR header from the existing AR header (produced by ARC.sign method):

ARC-Authentication-Results: i=1; 10-69-43-116.qa.plesk.tech; dmarc=pass (p=QUARANTINE sp=NONE) smtp.from=test1.10-69-43-116.qa.plesk.tech header.from=test1.
        dkim=pass header.d=test1.
        spf=pass (sender IP is 127.0.0.1) <email address hidden> smtp.helo=webmail.test1.10-69-43-116.qa.plesk.tech
Authentication-Results: 10-69-43-116.qa.plesk.tech;
        dmarc=pass (p=QUARANTINE sp=NONE) smtp.from=test1.10-69-43-116.qa.plesk.tech header.from=test1.10-69-43-116.qa.plesk.tech;
        dkim=pass header.d=test1.10-69-43-116.qa.plesk.tech;
        spf=pass (sender IP is 127.0.0.1) <email address hidden> smtp.helo=webmail.test1.10-69-43-116.qa.plesk.tech

Note that some semicolons are missing and trailing parts of header.from and header.d are missing as well. For the purposes of this result srv_id = b'10-69-43-116.qa.plesk.tech' in the call to the library.

I believe this can be fixed by the following change in the library code:

- results_lists = [raw.replace(srv_id + b';', b'').strip() for (raw, parsed) in auth_headers]
+ results_lists = [raw.replace(srv_id + b';', b'', 1).strip() for (raw, parsed) in auth_headers]

Library version: dkimpy==1.1.5

Original API call:

r = arc.sign('default'.encode(), 'test1.10-69-43-116.qa.plesk.tech'.encode(), key, '10-69-43-116.qa.plesk.tech'.encode())

Revision history for this message

Scott Kitterman (kitterman) wrote on 2024-06-23:

It looks like this is OBE to your proposed change in #2052526, which I have applied. Please let me know if there's anything still needed for this bug?

Changed in dkimpy:
status:	New → Incomplete

Revision history for this message

Launchpad Janitor (janitor) wrote on 2024-08-23:

[Expired for dkimpy because there has been no activity for 60 days.]

Changed in dkimpy:
status:	Incomplete → Expired

Revision history for this message

Nikolay (nvizovitin) wrote on 2024-08-23:

> It looks like this is OBE to your proposed change in #2052526

I'm not sure what you mean. #2052526 doesn't seem to exist.

Anyway, that's a separate issue from the others I've reported.

Scott Kitterman (kitterman) on 2024-08-23

Changed in dkimpy:
status:	Expired → Incomplete

Revision history for this message

Scott Kitterman (kitterman) wrote on 2024-08-23:

Sorry. I got the bug number wrong. I meant https://bugs.launchpad.net/dkimpy/+bug/2052528

The code you want changed in this bug was otherwise modified. See commit 9380655a6ec29a5ae0992c609ac199ebb8e3d762.

Let me know what needs to be done with this now (if it's different change now, that's fine).

Revision history for this message

Nikolay (nvizovitin) wrote on 2024-08-23:

Yes, sorry for the confusion. Patch from #2052528 already accounts for this issue and the commit you've listed should be enough to resolve it as well.

So, I suppose, nothing else should be done here.

Revision history for this message

Scott Kitterman (kitterman) wrote on 2024-08-23:

Thanks.

Changed in dkimpy:
status:	Incomplete → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.