summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKonstantin Ryabitsev <konstantin@linuxfoundation.org>2020-11-20 17:41:21 -0500
committerKonstantin Ryabitsev <konstantin@linuxfoundation.org>2020-11-20 17:41:21 -0500
commit403142cb0cbb24ba380a44de1c8d32fa263084c7 (patch)
tree239dfb6b60f3a9a7a50ea459212350274d91a6b4
parent379d1d8a7c64f89282eb80edd3da1ba09d50c3f5 (diff)
downloadb4-403142cb0cbb24ba380a44de1c8d32fa263084c7.tar.gz
Fix DNS lookup failure
Some DKIM keys may not list v=DKIM1. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
-rw-r--r--b4/__init__.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/b4/__init__.py b/b4/__init__.py
index e916feb..d21aab2 100644
--- a/b4/__init__.py
+++ b/b4/__init__.py
@@ -1637,6 +1637,7 @@ class LoreAttestationSignatureDKIM(LoreAttestationSignature):
# return
if not dkim.verify(self.msg.as_bytes(), dnsfunc=dkim_get_txt):
+ logger.debug('DKIM signature did NOT verify')
return
self.good = True
@@ -2344,13 +2345,12 @@ def dkim_get_txt(name: bytes, timeout: int = 5):
logger.debug('DNS-lookup: %s', lookup)
try:
a = _resolver.resolve(lookup, dns.rdatatype.TXT, raise_on_no_answer=False, lifetime=timeout, search=True)
- # Find v=DKIM1
for r in a.response.answer:
if r.rdtype == dns.rdatatype.TXT:
for item in r.items:
# Concatenate all strings
txtdata = b''.join(item.strings)
- if txtdata.find(b'v=DKIM1') >= 0:
+ if txtdata.find(b'p=') >= 0:
_DKIM_DNS_CACHE[name] = txtdata
return txtdata
except dns.resolver.NXDOMAIN: