milter: Authentication-Results improvements#4
Merged
flowerysong merged 2 commits intomainfrom Oct 15, 2024
Merged
Conversation
openarc/openarc-ar.c: silence a compiler with ARTEST defined. * openarc/openarc-ar.c (main): explicitly cast pointer to signed char into pointer to u_char. openarc/openarc-ar.c: guarantiee that no-result AR has no other resifo * openarc/openarc.c (ares_parse): Check prevstate if "none" is found on input token in state 3. openarc/openarc-ar.c: Store truely result comment into result_comment field "Result comment" is a comment just after "result" of the "methodspec". No other comments that can be allowed in AR syntax should be ignored. * openarc/openarc-ar.c (ares_parse): Check prevstate before storing result comment. If it stored once update prevstate so as not to store again. openarc/openarc-ar.c: Overwriting former result instead of dedup after adding When the parser find a new result and its "method" is not "dkim", overwriting the old result of same "method" if exists, instead of check the duplicate of the latest result just finished recording and move it. This may allow to parse longer header a bit. * openarc/openarc-ar.c (ares_dedup): Removed (ares_method_seen): New. (ares_parse): As the description above. openarc/openarc-ar.c: Ignore results of unknown methods. According to RFC 8601 Section 2.7.6[1], unknown authentication methods in AR header should be ignored or deleted. With this commit, ares_parse() does not store the result of authres which method is 'unknown'. [1] https://www.rfc-editor.org/rfc/rfc8601.html#section-2.7.6 * openarc/openarc-ar.c (ares_parse): As described above. openarc/openarc-ar.c: continue parsing after reached the limit of the number of auth results. * openarc/openarc-ar.c (ares_parse): Do not return and continue parsing even if there is no space to record more results, for syntax checking, or overwrite the result of some auth method already seen. openarc/openarc-ar.c (main (for testing)): Use appropriate macros openarc/openarc-ar.c (main (for testing)): print result_comment openarc/openarc-ar.c: Inclease max number of tokens for parsing AR header openarc: Ignore unknown method in the result of parsing AR header Since we discard resinfo of which method is not known in AR header parsing now, it should never happen. However we check it as a foolproof. * openarc/openarc.c (mlfi_eom): Ignore unknown method in the result of parsing AR header, and log it.
flowerysong
force-pushed
the
ar
branch
4 times, most recently
from
b9cadce to
3910059
Compare
* Add tests. * Use named states to make it less terribad to read. * Track the current method in a temporary struct instead of putting partial results into `ar`. * Don't parse headers if we don't care about them. * Comprehensively dedup authentication results, instead of just within a single parsed header. * Store all interesting comments. * Clean up whitespace inside of comments. * Fix non-terminal state conditions in the tokenizer and parser. * Output "reason" in the correct location. * Return ARES_RESULT_UNDEFINED when mapping result strings to values does not find a match; ARES_RESULT_UNKNOWN is an actual result. * Parsed values can also need quoting and escaping on output. * Add missing IANA registered values from https://www.iana.org/assignments/email-auth/email-auth.xhtml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
From trusteddomainproject/OpenARC#177:
In addition:
ar.