#122 Canonicalization wrong with 32k or more empty lines

v2.8.2
open
5
2009-06-02
2009-05-22
Mark Martinec
No

I was investigating a case of a broken mail message with lots of empty lines in the body. It turns out that once the number of empty lines exceeds about 32k lines, the dkim-milter-2.8.2 claims the signature is not valid, while Mail::DKIM claims the signature is still valid. To test the hypothesis, I prepared and signed (with Mail::DKIM) two messages, which differ only in the number of empty lines - one has slightly less than 32k empty lines, the other has 33000 empty lines. The signature on the shorter message validates, while the longer one fails, as can be seen by the Authentication-Results header field.

I suspect the problem lies in the canonicalization code, although I haven't investigated the details.

Attached is a tar with both test message.

Discussion

<< < 1 2 (Page 2 of 2)
  • Mark Martinec
    Mark Martinec
    2009-06-02

    Ok, I have enabled the KeepTemporaryFiles and am now looking at a diff of temporary files of a body of each message, as produced by a 2.8.2 verifier. Besides the obvious fact that one file contains more empty lines than the other (as intended), there is one notable difference in the initial double CR near the beginning of a canonicalized body.

    resulting from 1good.txt:
    test^M^J
    ^M^J
    ^M^J
    ...

    resulting from 1fail.txt:
    test^M^J
    ^M^M^J
    ^M^J
    ^M^J
    ...

     
  • I just tried this with both 2.8.2 and 2.8.3 on FreeBSD and can't reproduce this; I never get a double CR in the temporary files thus produced.

    The only difference is that I'm using FreeBSD 6.2-RELEASE, and I didn't get it from ports.

     
  • OK, I see it with 2.8.3 when signing, but not when verifying.

     
  • The problem appears to occur during signing when a CRLF is split across calls to dkim_body(). Working on a patch now.

     
  • More details: The problem appears to occur when CRLFs are split across calls to dkim_body(), but it's not specific to signing. Interestingly, there's already a unit test which covers this case and it wasn't failing, so the counting of blank lines within a message is also involved (the unit test didn't do that).

     
  • Mark Martinec
    Mark Martinec
    2009-07-10

    Previous signatures have expired, here are new samples.

     
    Attachments
<< < 1 2 (Page 2 of 2)