diff options
author | Konstantin Ryabitsev <konstantin@linuxfoundation.org> | 2021-05-17 13:54:15 -0400 |
---|---|---|
committer | Konstantin Ryabitsev <konstantin@linuxfoundation.org> | 2021-05-17 13:54:15 -0400 |
commit | 9f55eb98f036616f6611c5d605072008d5855356 (patch) | |
tree | def2950fbaeb8f18a628261e53c3f8e8bcda31fc | |
parent | f6f46cd221e35bf80d3b7c24ec4b4d799446399f (diff) | |
download | b4-9f55eb98f036616f6611c5d605072008d5855356.tar.gz |
Perform mboxo unescaping before DKIM check
Python's mailbox will not automatically remove mboxo escaping, so
perform this manually before passing the message to dkim for
verification.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
-rw-r--r-- | b4/__init__.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/b4/__init__.py b/b4/__init__.py index 1418641..7e4295e 100644 --- a/b4/__init__.py +++ b/b4/__init__.py @@ -1011,6 +1011,7 @@ class LoreMessage: if config['attestation-policy'] == 'off': return self._attestors + logger.debug('Loading attestation: %s', self.full_subject) if self.msg.get(DEVSIG_HDR): self._load_patatt_attestors() if self.msg.get('dkim-signature') and config['attestation-check-dkim'] == 'yes': @@ -1052,7 +1053,7 @@ class LoreMessage: signtime = self.date self.msg._headers.append((hn, hval)) # noqa - res = dkim.verify(self.msg.as_bytes()) + res = dkim.verify(self.msg.as_bytes().replace(b'\n>From ', b'\nFrom ')) attestor = LoreAttestorDKIM(res, identity, signtime, errors) logger.debug('DKIM verify results: %s=%s', identity, res) @@ -1099,7 +1100,7 @@ class LoreMessage: checkmark = None critical = False for attestor in self.attestors: - if maxdays and not attestor.check_time_drift(self.date, maxdays): + if attestor.passing and maxdays and not attestor.check_time_drift(self.date, maxdays): logger.debug('The time drift is too much, marking as non-passing') attestor.passing = False if not attestor.passing: |