diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/dkimbase.cpp | 10 | ||||
-rw-r--r-- | src/dkimsign.cpp | 62 | ||||
-rw-r--r-- | src/dkimverify.cpp | 33 | ||||
-rw-r--r-- | src/include/dkimbase.h | 16 | ||||
-rw-r--r-- | src/include/dkimsign.h | 36 | ||||
-rw-r--r-- | src/include/dkimverify.h | 43 |
6 files changed, 93 insertions, 107 deletions
diff --git a/src/dkimbase.cpp b/src/dkimbase.cpp index 0361d8e..5ee6f28 100644 --- a/src/dkimbase.cpp +++ b/src/dkimbase.cpp @@ -27,6 +27,8 @@ #include "dkim.h" +using std::string; + CDKIMBase::CDKIMBase() : m_From(nullptr), @@ -98,7 +100,7 @@ int CDKIMBase::ReAlloc(char *& szBuffer, int& nBufferSize, int nRequiredSize) //////////////////////////////////////////////////////////////////////////////// void CDKIMBase::Free(char *szBuffer) { - if (szBuffer) delete[] szBuffer; + delete[] szBuffer; } //////////////////////////////////////////////////////////////////////////////// @@ -214,17 +216,17 @@ struct isswsp { void CDKIMBase::RemoveSWSP(char *szBuffer) { - *remove_if(szBuffer, szBuffer + strlen(szBuffer), isswsp()) = '\0'; + *std::remove_if(szBuffer, szBuffer + strlen(szBuffer), isswsp()) = '\0'; } void CDKIMBase::RemoveSWSP(char *pBuffer, int& nBufLength) { - nBufLength = remove_if(pBuffer, pBuffer + nBufLength, isswsp()) - pBuffer; + nBufLength = std::remove_if(pBuffer, pBuffer + nBufLength, isswsp()) - pBuffer; } void CDKIMBase::RemoveSWSP(string& sBuffer) { - sBuffer.erase(remove_if(sBuffer.begin(), sBuffer.end(), isswsp()), sBuffer.end()); + sBuffer.erase(std::remove_if(sBuffer.begin(), sBuffer.end(), isswsp()), sBuffer.end()); } ////////////////////////////////////////////////////////////////////////////////////////// diff --git a/src/dkimsign.cpp b/src/dkimsign.cpp index fbdc001..988fd94 100644 --- a/src/dkimsign.cpp +++ b/src/dkimsign.cpp @@ -28,11 +28,17 @@ #include "dkim.h" +#define OLD_SSL \ + ((OPENSSL_VERSION_NUMBER < 0x10100000L) \ + || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) + #define _strnicmp strncasecmp #define _stricmp strcasecmp #define LOWORD(l) ((unsigned)(l) & 0xffff) #define HIWORD(l) ((unsigned)(l) >> 16) +using std::string; + /***************************************************************************** * * Generating Ed25519 signed message: @@ -121,9 +127,7 @@ CDKIMSign::CDKIMSign() m_EmptyLineCount = 0; m_pfnHdrCallback = NULL; -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_SignInit(&m_Hdr_sha1ctx, EVP_sha1()); EVP_SignInit(&m_Hdr_sha256ctx, EVP_sha256()); EVP_DigestInit(&m_Bdy_sha1ctx, EVP_sha1()); @@ -150,9 +154,7 @@ CDKIMSign::CDKIMSign() CDKIMSign::~CDKIMSign() { -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_MD_CTX_cleanup(&m_Hdr_sha1ctx); EVP_MD_CTX_cleanup(&m_Hdr_sha256ctx); EVP_MD_CTX_cleanup(&m_Bdy_sha1ctx); @@ -254,18 +256,14 @@ void CDKIMSign::Hash(const char *szBuffer, int nBufLength, bool bHdr) if (bHdr) { /* Generate signature: b=... */ if ((m_nHash == DKIM_HASH_SHA1) || (m_nHash == DKIM_HASH_SHA1_AND_SHA256)) -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_SignUpdate(&m_Hdr_sha1ctx, szBuffer, nBufLength); #else EVP_SignUpdate(m_Hdr_sha1ctx, szBuffer, nBufLength); #endif if ((m_nHash == DKIM_HASH_SHA256) || (m_nHash == DKIM_HASH_SHA1_AND_SHA256) || (m_nHash == DKIM_HASH_RSA256_AND_ED25519)) -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_SignUpdate(&m_Hdr_sha256ctx, szBuffer, nBufLength); #else EVP_SignUpdate(m_Hdr_sha256ctx, szBuffer, nBufLength); @@ -278,17 +276,13 @@ void CDKIMSign::Hash(const char *szBuffer, int nBufLength, bool bHdr) #endif } else { /* lets go for body hash values: bh=... (either SHA1 or SHA256) */ if ((m_nHash == DKIM_HASH_SHA1) || (m_nHash == DKIM_HASH_SHA1_AND_SHA256)) -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_DigestUpdate(&m_Bdy_sha1ctx, szBuffer, nBufLength); #else EVP_DigestUpdate(m_Bdy_sha1ctx, szBuffer, nBufLength); #endif if (m_nHash != DKIM_HASH_SHA1) -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_DigestUpdate(&m_Bdy_sha256ctx, szBuffer, nBufLength); #else EVP_DigestUpdate(m_Bdy_sha256ctx, szBuffer, nBufLength); @@ -382,10 +376,10 @@ void CDKIMSign::GetHeaderParams(const string& sHdr) //////////////////////////////////////////////////////////////////////////////// int CDKIMSign::ProcessHeaders(void) { - map<string, list<string>::reverse_iterator> IterMap; - map<string, list<string>::reverse_iterator>::iterator IterMapIter; - list<string>::reverse_iterator riter; - list<string>::iterator iter; + std::map<string, std::list<string>::reverse_iterator> IterMap; + std::map<string, std::list<string>::reverse_iterator>::iterator IterMapIter; + std::list<string>::reverse_iterator riter; + std::list<string>::iterator iter; string sTag; bool bFromHeaderFound = false; @@ -824,9 +818,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg) switch (nSigAlg) { case DKIM_HASH_SHA1: -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_DigestFinal(&m_Bdy_sha1ctx, Hash, &nHashLen); break; #else @@ -834,9 +826,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg) break; #endif case DKIM_HASH_SHA256: -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_DigestFinal(&m_Bdy_sha256ctx, Hash, &nHashLen); break; #else @@ -908,9 +898,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg) switch (nSigAlg) { case DKIM_HASH_SHA1: -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_SignUpdate(&m_Hdr_sha1ctx, sTemp.c_str(), sTemp.size()); break; #else @@ -918,9 +906,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg) break; #endif case DKIM_HASH_SHA256: -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL EVP_SignUpdate(&m_Hdr_sha256ctx, sTemp.c_str(), sTemp.size()); break; #else @@ -957,9 +943,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg) switch (nSigAlg) { case DKIM_HASH_SHA1: -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL nSignRet = EVP_SignFinal(&m_Hdr_sha1ctx, sig, &siglen, pkey); break; #else @@ -967,9 +951,7 @@ int CDKIMSign::ConstructSignature(char *szPrivKey, int nSigAlg) break; #endif case DKIM_HASH_SHA256: -#if ( \ - (OPENSSL_VERSION_NUMBER < 0x10100000L) \ - || (LIBRESSL_VERSION_NUMBER > 0 && LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#if OLD_SSL nSignRet = EVP_SignFinal(&m_Hdr_sha256ctx, sig, &siglen, pkey); break; #else diff --git a/src/dkimverify.cpp b/src/dkimverify.cpp index 334e1b4..90f871f 100644 --- a/src/dkimverify.cpp +++ b/src/dkimverify.cpp @@ -37,6 +37,8 @@ extern "C" { #include "dns.h" } +using std::string; + /***************************************************************************** * * Verifying DKIM Ed25519 signatures: @@ -413,7 +415,7 @@ bool WildcardMatch(const char *p, const char *s) // Parse addresses from a string. Returns true if at least one address found // //////////////////////////////////////////////////////////////////////////////// -bool ParseAddresses(string str, vector<string>& Addresses) +bool ParseAddresses(string str, std::vector<string>& Addresses) { char *s = (char *)str.c_str(); @@ -555,9 +557,9 @@ int CDKIMVerify::GetResults(void) int RealFailures = 0; int res = 0; - list<string> SuccessfulDomains; // can contain duplicates + std::list<string> SuccessfulDomains; // can contain duplicates - for (list<SignatureInfo>::iterator i = Signatures.begin(); i != Signatures.end(); ++i) { + for (std::list<SignatureInfo>::iterator i = Signatures.begin(); i != Signatures.end(); ++i) { if (i->Status == DKIM_SUCCESS) { if (!i->BodyHashData.empty()) { // FIRST: Get the body hash unsigned char md[EVP_MAX_MD_SIZE]; @@ -678,13 +680,13 @@ int CDKIMVerify::GetResults(void) // get the From address's domain if we might need it string sFromDomain; if (SuccessCount > 0 || m_CheckPractices) { - for (list<string>::iterator i = HeaderList.begin(); i != HeaderList.end(); ++i) { + for (std::list<string>::iterator i = HeaderList.begin(); i != HeaderList.end(); ++i) { if (_strnicmp(i->c_str(), "From", 4) == 0) { // skip over whitespace between the header name and : const char *s = i->c_str() + 4; while (*s == ' ' || *s == '\t') s++; if (*s == ':') { - vector<string> Addresses; + std::vector<string> Addresses; if (ParseAddresses(s + 1, Addresses)) { unsigned atpos = Addresses[0].find('@'); sFromDomain = Addresses[0].substr(atpos + 1); @@ -698,7 +700,7 @@ int CDKIMVerify::GetResults(void) // if a signature from the From domain verified successfully, return success now // without checking the author domain signing practices if (SuccessCount > 0 && !sFromDomain.empty()) { - for (list<string>::iterator i = SuccessfulDomains.begin(); i != SuccessfulDomains.end(); ++i) { + for (std::list<string>::iterator i = SuccessfulDomains.begin(); i != SuccessfulDomains.end(); ++i) { // see if the successful domain is the same as or a parent of the From domain if (i->length() > sFromDomain.length()) continue; if (_stricmp(i->c_str(), sFromDomain.c_str() + sFromDomain.length() - i->length()) != 0) continue; @@ -779,7 +781,7 @@ void SignatureInfo::Hash(const char *szBuffer, unsigned nBufLength, bool IsBody) //////////////////////////////////////////////////////////////////////////////// int CDKIMVerify::ProcessHeaders(void) { - for (list<string>::iterator i = HeaderList.begin(); i != HeaderList.end(); ++i) { + for (std::list<string>::iterator i = HeaderList.begin(); i != HeaderList.end(); ++i) { if (strlen(i->c_str()) < 14) continue; // too short if (_strnicmp(i->c_str(), "DKIM-Signature", 14) == 0) { // skip over whitespace between the header name and : @@ -800,7 +802,7 @@ int CDKIMVerify::ProcessHeaders(void) bool ValidSigFound = false; - for (list<SignatureInfo>::iterator s = Signatures.begin(); s != Signatures.end(); ++s) { + for (std::list<SignatureInfo>::iterator s = Signatures.begin(); s != Signatures.end(); ++s) { SignatureInfo& sig = *s; if (sig.Status != DKIM_SUCCESS) continue; SelectorInfo& sel = GetSelector(sig.Selector, sig.Domain); @@ -854,10 +856,11 @@ int CDKIMVerify::ProcessHeaders(void) #endif // compute the hash of the header - vector<list<string>::reverse_iterator> used; + std::vector<std::list<string>::reverse_iterator> used; - for (vector<string>::iterator x = sig.SignedHeaders.begin(); x != sig.SignedHeaders.end(); ++x) { - list<string>::reverse_iterator i; + for (std::vector<string>::iterator x = sig.SignedHeaders.begin(); x != sig.SignedHeaders.end(); ++x) + { + std::list<string>::reverse_iterator i; for (i = HeaderList.rbegin(); i != HeaderList.rend(); ++i) { if (_strnicmp(i->c_str(), x->c_str(), x->length()) == 0) { // skip over whitespace between the header name and : @@ -897,7 +900,7 @@ int CDKIMVerify::ProcessHeaders(void) if (!m_AllowUnsignedFromHeaders) { // make sure the message has no unsigned From headers - list<string>::reverse_iterator i; + std::list<string>::reverse_iterator i; for (i = HeaderList.rbegin(); i != HeaderList.rend(); ++i) { if (_strnicmp(i->c_str(), "From", 4) == 0) { // skip over whitespace between the header name and : @@ -1143,7 +1146,7 @@ int CDKIMVerify::ProcessBody(char *szBuffer, int nBufLength, bool bEOF) { bool MoreBodyNeeded = false; - for (list<SignatureInfo>::iterator i = Signatures.begin(); i != Signatures.end(); ++i) { + for (std::list<SignatureInfo>::iterator i = Signatures.begin(); i != Signatures.end(); ++i) { if (i->Status == DKIM_SUCCESS) { if (i->BodyCanonicalization == DKIM_CANON_SIMPLE) { if (nBufLength > 0) { @@ -1351,7 +1354,7 @@ int SelectorInfo::Parse(char *Buffer) SelectorInfo& CDKIMVerify::GetSelector(const string& sSelector, const string& sDomain) { // see if we already have this selector - for (list<SelectorInfo>::iterator i = Selectors.begin(); i != Selectors.end(); ++i) { + for (std::list<SelectorInfo>::iterator i = Selectors.begin(); i != Selectors.end(); ++i) { if (_stricmp(i->Selector.c_str(), sSelector.c_str()) == 0 && _stricmp(i->Domain.c_str(), sDomain.c_str()) == 0) { @@ -1401,7 +1404,7 @@ int CDKIMVerify::GetDetails(int *nSigCount, DKIMVerifyDetails **pDetails) { Details.clear(); - for (list<SignatureInfo>::iterator i = Signatures.begin(); i != Signatures.end(); ++i) { + for (std::list<SignatureInfo>::iterator i = Signatures.begin(); i != Signatures.end(); ++i) { DKIMVerifyDetails d; d.szSignature = (char *)i->Header.c_str(); d.szSignatureDomain = (char *)i->Domain.c_str(); diff --git a/src/include/dkimbase.h b/src/include/dkimbase.h index ddded67..320deb9 100644 --- a/src/include/dkimbase.h +++ b/src/include/dkimbase.h @@ -22,17 +22,15 @@ #ifndef DKIMBASE_H #define DKIMBASE_H +#include <list> +#include <string> + #include <openssl/err.h> #include <openssl/evp.h> #include <openssl/pem.h> #define BUFFER_ALLOC_INCREMENT 256 -#include <list> -#include <string> - -using namespace std; - class CDKIMBase { public: CDKIMBase(); @@ -49,12 +47,12 @@ public: static void RemoveSWSP(char *szBuffer); static void RemoveSWSP(char *pBuffer, int& nBufLength); - static void RemoveSWSP(string& sBuffer); + static void RemoveSWSP(std::string& sBuffer); static void CompressSWSP(char *pBuffer, int& nBufLength); - static void CompressSWSP(string& sBuffer); + static void CompressSWSP(std::string& sBuffer); - static string RelaxHeader(const string& sHeader); + static std::string RelaxHeader(const std::string& sHeader); virtual int ProcessHeaders(void); virtual int ProcessBody(char *szBuffer, int nBufLength, bool bEOF); @@ -70,7 +68,7 @@ protected: int m_LinePos; bool m_InHeaders; - list<string> HeaderList; + std::list<std::string> HeaderList; }; diff --git a/src/include/dkimsign.h b/src/include/dkimsign.h index 49259ba..ad3c9d7 100644 --- a/src/include/dkimsign.h +++ b/src/include/dkimsign.h @@ -44,18 +44,18 @@ public: void Hash(const char *szBuffer, int nBufLength, bool bHdr); protected: - bool SignThisTag(const string& sTag); - void GetHeaderParams(const string& sHdr); - void ProcessHeader(const string& sHdr); + bool SignThisTag(const std::string& sTag); + void GetHeaderParams(const std::string& sHdr); + void ProcessHeader(const std::string& sHdr); bool ParseFromAddress(void); void InitSig(void); - void AddTagToSig(const char *const Tag, const string& sValue, char cbrk, bool bFold); + void AddTagToSig(const char *const Tag, const std::string& sValue, char cbrk, bool bFold); void AddTagToSig(const char *const Tag, unsigned long nValue); void AddInterTagSpace(int nSizeOfNextTag); - void AddFoldedValueToSig(const string& sValue, char cbrk); + void AddFoldedValueToSig(const std::string& sValue, char cbrk); - bool IsRequiredHeader(const string& sTag); + bool IsRequiredHeader(const std::string& sTag); int ConstructSignature(char *szSignKey, int nSigAlg); int AssembleReturnedSig(char *szRSAPrivKey, char *szECCPrivKey); @@ -82,14 +82,14 @@ protected: int m_EmptyLineCount; - string hParam; - string sFrom; - string sSender; - string sSelector; - string eSelector; // Used for Ed25519 signatures - string sDomain; - string sIdentity; // for i= tag, if empty tag will not be included in sig - string sRequiredHeaders; + std::string hParam; + std::string sFrom; + std::string sSender; + std::string sSelector; + std::string eSelector; // Used for Ed25519 signatures + std::string sDomain; + std::string sIdentity; // for i= tag, if empty tag will not be included in sig + std::string sRequiredHeaders; bool m_IncludeBodyLengthTag; int m_nBodyLength; @@ -101,15 +101,15 @@ protected: DKIMHEADERCALLBACK m_pfnHdrCallback; - string m_sSig; // DKIM-Signature .... + std::string m_sSig; // DKIM-Signature .... int m_nSigPos; - string m_sReturnedSig; + std::string m_sReturnedSig; bool m_bReturnedSigAssembled; - string m_sCopiedHeaders; + std::string m_sCopiedHeaders; - string SigHdrs; + std::string SigHdrs; int m_SigHdrs; }; diff --git a/src/include/dkimverify.h b/src/include/dkimverify.h index 8347957..e1d0a92 100644 --- a/src/include/dkimverify.h +++ b/src/include/dkimverify.h @@ -22,6 +22,7 @@ #ifndef DKIMVERIFY_H #define DKIMVERIFY_H +#include <list> #include <vector> #include "dkim.h" @@ -39,18 +40,18 @@ #define DKIM_POLICY_INVALID -53 // internal error /* dito -#define DKIM_SIG_VERSION_PRE_02 0 -#define DKIM_SIG_VERSION_02_PLUS 1 +#define DKIM_SIG_VERSION_PRE_02 0 +#define DKIM_SIG_VERSION_02_PLUS 1 */ class SelectorInfo { public: - SelectorInfo(const string& sSelector, const string& sDomain); + SelectorInfo(const std::string& sSelector, const std::string& sDomain); ~SelectorInfo(); - string Domain; - string Selector; - string Granularity; + std::string Domain; + std::string Selector; + std::string Granularity; bool AllowSHA1; bool AllowSHA256; EVP_PKEY *PublicKey; /* the public key */ @@ -69,16 +70,16 @@ public: void Hash(const char *szBuffer, unsigned nBufLength, bool IsBody = false); - string Header; + std::string Header; unsigned Version; - string Domain; - string Selector; - string SignatureData; - string BodyHashData; - string IdentityLocalPart; - string IdentityDomain; - string CanonicalizedData; - vector<string> SignedHeaders; + std::string Domain; + std::string Selector; + std::string SignatureData; + std::string BodyHashData; + std::string IdentityLocalPart; + std::string IdentityDomain; + std::string CanonicalizedData; + std::vector<std::string> SignedHeaders; unsigned BodyLength; unsigned HeaderCanonicalization; unsigned BodyCanonicalization; @@ -129,14 +130,14 @@ public: } protected: - int ParseDKIMSignature(const string& sHeader, SignatureInfo& sig); + int ParseDKIMSignature(const std::string& sHeader, SignatureInfo& sig); - SelectorInfo& GetSelector(const string& sSelector, const string& sDomain); + SelectorInfo& GetSelector(const std::string& sSelector, const std::string& sDomain); // int GetADSP(const std::string& sDomain, int& iADSP); - list<SignatureInfo> Signatures; - list<SelectorInfo> Selectors; + std::list<SignatureInfo> Signatures; + std::list<SelectorInfo> Selectors; DKIMDNSCALLBACK m_pfnSelectorCallback; // selector record callback // DKIMDNSCALLBACK m_pfnPracticesCallback; // ADSP record callback @@ -147,8 +148,8 @@ protected: bool m_SaveCanonicalizedData; bool m_AllowUnsignedFromHeaders; - vector<DKIMVerifyDetails> Details; - string Practices; + std::vector<DKIMVerifyDetails> Details; + std::string Practices; }; #endif //DKIMVERIFY_H |