Menu
▾
▴
libdkim-discuss — Discussion of libdkim
You can subscribe to this list here.
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
| 2010 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2011 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2014 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
| 2015 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
|
From: Rolf E. B. <da...@us...> - 2015-12-26 20:09:07
|
Greetings, I began playing with libdkim today. I found that there were several things that needs to be improved, like fixing warnings and getting the build system fixed so it does "the right thing" automatically. I put all of my stuff here: https://github.com/DerDakon/libdkim I would welcome any comments of if the code would be merged back. Greetings, Eike |
|
From: Joshua R. <meg...@gm...> - 2014-10-30 13:00:49
|
Hi guys,
I've identified a buffer overflow in the 'libdkimtest' which can result
in execution of arbitrary commands, etc. I'm sure you guys know.
Reproducer is: libdkimtest -i`perl -e 'print "a"x256'`
Vulnerable code is libdkimtest.cpp:
> case 'i': // identity
> if( argv[n][2] == '-' )
> {
> opts.szIdentity[0] = '\0';
> }
> else
> {
> *strcpy( opts.szIdentity,
> argv[n] + 2 );*
> }
> break;
>
Could I get a CVE-ID for this?
Thanks,
--
-- Joshua Rogers <https://internot.info/>
|
|
From: Peter C. <co...@qu...> - 2011-07-08 15:51:35
|
Hi again, Am Dienstag, 14. Juni 2011 schrieb Peter Conrad: > > IMO RFC-4871 is not clear on which behaviour is correct. Section 3.4 > mandates that for "simple" canonicalization all whitespace is to be > preserved, while section 3.7 requires the value of the "b=" tag to be > removed for verifying. It is unclear if the FWS between tag and value is > to be removed or not. apparently this is a known problem: http://www.rfc-editor.org/errata_search.php?rfc=4871&eid=1596 If I understand this correctly, Mail::DKIM is right and libdkim is wrong. Bye, Peter |
|
From: Peter C. <co...@qu...> - 2011-06-14 12:14:49
|
Hi, I've run into a curious compatibility problem with Mail::DKIM and libdkim from libdkim.sf.net. I've created a DKIM-signed mail using Mail::DKIM (see the attachement). According to http://www.brandonchecketts.com/emailtest.php (which uses Mail::DKIM, too), the signature verifies OK. libdkim tells me the signature fails to verify. Apart from the problem that libdkim requires a signed subject header in its default configuration, the real problem is the folding whitespace immediately after the "b=" in the DKIM-Signature header. Apparently, the signature doesn't include the FWS, but libdkim does include it for verification. IMO RFC-4871 is not clear on which behaviour is correct. Section 3.4 mandates that for "simple" canonicalization all whitespace is to be preserved, while section 3.7 requires the value of the "b=" tag to be removed for verifying. It is unclear if the FWS between tag and value is to be removed or not. Any ideas? Thanks, Peter |
|
From: Michael M. <mi...@ya...> - 2010-02-28 10:59:56
|
Hi,
I'm wondering if the libdkim library checks only for DKIM signatures or does it also check for DomainKeys?
Some email providers sign with both, some with just DKIM, some with just DomainKeys.
Thanks.
Michael.
|
|
From: Telvis C. Jr. <tel...@gm...> - 2009-12-17 22:44:34
|
I noticed extremely long processing times for messages greater than 5 MB. The problem is the memory reallocation that occurs in dkimbase::process for every 256 bytes! Increasing BUFFER_ALLOC_INCREMENT to 1MB decreased the processing time for a 15MB message from 9 minutes to <5 seconds. You should consider changing this constant in dkimbase.h. Thank you, Telvis E. Calhoun |
|
From: Peter K. <pet...@gm...> - 2008-04-14 11:54:51
|
Hello, I would like to use libDKIM for incoming email DKIM verification and have trouble interpreting the results. Basically, what I need is to boil down the DKIM testing results to easily comprehensible ones like "Not signed", "Not signed, but should be (SSP)", "Forged" and "Error". What would be the proper way (if any) to do this? Also, I'm not sure which part of the evaluation process is the best for making the above decision about the email - DKIMVerifyProcess(), DKIMVerifyResults() or per signature in DKIMVerifyGetDetails()? Peter |
|
From: Arvel H. <arv...@al...> - 2005-12-09 12:20:44
|
Glad you got it working. -- Arvel ----- Original Message ----- From: "Scott Sachtjen" <ssa...@pa...> To: <lib...@li...> Sent: Thursday, December 08, 2005 6:37 PM Subject: [Libdkim-discuss] Re: DKIM_BAD_PRIVATE_KEY > oops... I figured out my problem. All the keys I tried had to be > decrypted e.g. the header reads: > > "-----BEGIN RSA PRIVATE KEY----- > Proc-Type: 4,ENCRYPTED" > > So, since the PEM_read_bio_PrivateKey key passed a NULL for the password > callback I was failing. > > Sorry for the mistake. > scotts > > Scott Sachtjen <ssa...@pa...> wrote: > I have downloaded and built the 1.0.9, but I can't seem to get any > signature out of the libdkimtest application. I have traced the problem > back to the dkimsign.cpp GetSig function. The problem appears to be > PEM_read_bio_PrivateKey is returning NULL for the pkey. I am getting a > valid bio structure and I have verified that the address of the szPrivKey > is in the bio structure. The szPrivKey "looks" ok... It was generated > using OpenSSL and has the standard ----- BEGIN RSA .... headers. But for > some reason it is coming back invalid. Has anyone seen this issue? Could > someone provide a "known good" pem privatekey for me to try? I have tried > several including some provided in the OpenSSL distribution, but always > the same result. > > Thanks in advance, > > Scotts > > > |
|
From: Scott S. <ssa...@pa...> - 2005-12-09 00:37:19
|
oops... I figured out my problem. All the keys I tried had to be decrypted e.g. the header reads:
"-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED"
So, since the PEM_read_bio_PrivateKey key passed a NULL for the password callback I was failing.
Sorry for the mistake.
scotts
Scott Sachtjen <ssa...@pa...> wrote:
I have downloaded and built the 1.0.9, but I can't seem to get any signature out of the libdkimtest application. I have traced the problem back to the dkimsign.cpp GetSig function. The problem appears to be PEM_read_bio_PrivateKey is returning NULL for the pkey. I am getting a valid bio structure and I have verified that the address of the szPrivKey is in the bio structure. The szPrivKey "looks" ok... It was generated using OpenSSL and has the standard ----- BEGIN RSA .... headers. But for some reason it is coming back invalid. Has anyone seen this issue? Could someone provide a "known good" pem privatekey for me to try? I have tried several including some provided in the OpenSSL distribution, but always the same result.
Thanks in advance,
Scotts
|
|
From: Scott S. <ssa...@pa...> - 2005-12-08 19:31:00
|
I have downloaded and built the 1.0.9, but I can't seem to get any signature out of the libdkimtest application. I have traced the problem back to the dkimsign.cpp GetSig function. The problem appears to be PEM_read_bio_PrivateKey is returning NULL for the pkey. I am getting a valid bio structure and I have verified that the address of the szPrivKey is in the bio structure. The szPrivKey "looks" ok... It was generated using OpenSSL and has the standard ----- BEGIN RSA .... headers. But for some reason it is coming back invalid. Has anyone seen this issue? Could someone provide a "known good" pem privatekey for me to try? I have tried several including some provided in the OpenSSL distribution, but always the same result. Thanks in advance, Scotts |
|
From: Arvel H. <ar...@al...> - 2005-07-14 21:42:05
|
Testing list. Please ignore. -- Arvel |
