dkimpy

Wrong length calculation

Bug #1823006 reported by Lester Potter on 2019-04-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	dkimpy	Fix Released	Medium	Scott Kitterman	dkimpy 0.9.2

Bug Description

The module dkim/__init__.py attempts to limit the first line of the dkim signature to 72 (not including the newline sequence). But certain values will cause this limit to be exceeded by 1 or 2.

With typical values of "v=1; a=rsa_sha256; c=relaxed/simple; ", the domain "d=XXXXexample.com;" will result in a first line of 73 characters. The domain "XXXXXexample.com" will result in 74 characters.

The problem is that fold(...., namelen=0) assumes that namelen means "reserve_space", so the code reserves "namelen" characters for the first line. But fold() is called with the length of the header name, not the length of the header + 2 for {colon, space} that is also prepended.

This is very low severity because it only affects recipients with very strict (obsolete) line length limitations (72, rfc-822).

Scott Kitterman (kitterman) on 2019-04-14

Changed in dkimpy:
assignee:	nobody → Scott Kitterman (kitterman)
importance:	Undecided → Critical
importance:	Critical → Medium
milestone:	none → 0.9.2
status:	New → In Progress

Scott Kitterman (kitterman) on 2019-04-14

Changed in dkimpy:
status:	In Progress → Fix Committed

Revision history for this message

Scott Kitterman (kitterman) wrote on 2019-04-15:

2019-04-14 Version 0.9.2
    - Fix the arcsign script so it works with the current API (Note: the new
      srv_id option is the authserv_id to use in the ARC signatures - Only AR
      fields with an authserv-id that matches srv_id will be considered for
      ARC signing)
    - Fix cv=none processing for initial signature in chain
    - Add additional text documenting use of srv_id for ARC signing to
      docstrings and man 1 arcsign (LP: #1808301)
    - Use same line seperator for output as input in dkimsign/arcsign
      (LP: #1808686)
    - Refactor canonicalization.py strip_trailing_lines to avoid using re for
      more consistent processing across python versions (Thanks to Jonathan
      Bastien-Filiatrault for the change)
    - Refactor header folding for more consistent results, including reduced
      stray whitespace (Also Jonathan Bastien-Filiatrault)
    - Don't log message headers and body unless explicitely requested. This
      should also reduce memory usage on large messages. (Jonathan
      Bastien-Filiatrault)
    - Clarify the crlf does not count towards line length in fold
    - Adjust fold maxlen to one shorter for lines after the first, since they
      already have a leading space (LP: #1823008)

Changed in dkimpy:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1823008

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.