From 9f55eb98f036616f6611c5d605072008d5855356 Mon Sep 17 00:00:00 2001 From: Konstantin Ryabitsev Date: Mon, 17 May 2021 13:54:15 -0400 Subject: Perform mboxo unescaping before DKIM check Python's mailbox will not automatically remove mboxo escaping, so perform this manually before passing the message to dkim for verification. Signed-off-by: Konstantin Ryabitsev --- b4/__init__.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'b4') diff --git a/b4/__init__.py b/b4/__init__.py index 1418641..7e4295e 100644 --- a/b4/__init__.py +++ b/b4/__init__.py @@ -1011,6 +1011,7 @@ class LoreMessage: if config['attestation-policy'] == 'off': return self._attestors + logger.debug('Loading attestation: %s', self.full_subject) if self.msg.get(DEVSIG_HDR): self._load_patatt_attestors() if self.msg.get('dkim-signature') and config['attestation-check-dkim'] == 'yes': @@ -1052,7 +1053,7 @@ class LoreMessage: signtime = self.date self.msg._headers.append((hn, hval)) # noqa - res = dkim.verify(self.msg.as_bytes()) + res = dkim.verify(self.msg.as_bytes().replace(b'\n>From ', b'\nFrom ')) attestor = LoreAttestorDKIM(res, identity, signtime, errors) logger.debug('DKIM verify results: %s=%s', identity, res) @@ -1099,7 +1100,7 @@ class LoreMessage: checkmark = None critical = False for attestor in self.attestors: - if maxdays and not attestor.check_time_drift(self.date, maxdays): + if attestor.passing and maxdays and not attestor.check_time_drift(self.date, maxdays): logger.debug('The time drift is too much, marking as non-passing') attestor.passing = False if not attestor.passing: -- cgit v1.2.3