NetBSD Problem Report #55171
From www@netbsd.org Mon Apr 13 18:24:14 2020
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 7D40F1A9219
for <gnats-bugs@gnats.NetBSD.org>; Mon, 13 Apr 2020 18:24:14 +0000 (UTC)
Message-Id: <20200413182413.04EA71A924B@mollari.NetBSD.org>
Date: Mon, 13 Apr 2020 18:24:12 +0000 (UTC)
From: russhan@new-swankton.net
Reply-To: russhan@new-swankton.net
To: gnats-bugs@NetBSD.org
Subject: Canonicalization issue in OpenDKIM 2.10.3
X-Send-Pr-Version: www-1.0
>Number: 55171
>Category: pkg
>Synopsis: Canonicalization issue in OpenDKIM 2.10.3
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pettai
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Apr 13 18:25:00 +0000 2020
>Closed-Date: Fri Jul 30 06:55:14 +0000 2021
>Last-Modified: Fri Jul 30 06:55:14 +0000 2021
>Originator: Russell Hansen
>Release: trunk
>Organization:
>Environment:
SunOS mail 5.11 joyent_20191205T020950Z i86pc i386 i86pc illumos
>Description:
E-mail messages from my work to my home server have been failing
dkim=fail reason="signature verification failed"
# opendkim -t work_to_home.eml
opendkim: work_to_home.eml: verification (s=<work_selector>, d=<work_domain>, 1024-bit key) succeeded
# opendkim-testmsg -K < work_to_home.eml
opendkim-testmsg: dkim_eom(): Bad signature
# cat work_to_home.eml
[...]
Message-ID:
<BY5PR09MB54279DDC1D9C935E1681D7DFA2F40@BY5PR09MB5427.namprd09.prod.outlook.com>
[...]
# cat dkim.opendkim-testmsg.Hwauuw
message-id: <BY5PR09MB54279DDC1D9C935E1681D7DFA2F40@BY5PR09MB5427.namprd09.prod.outlook.com>
I don't know if the web for will preserve the formatting but there is a new line for the Message-ID field in the e-mail file and the space after the message-id: in the temp file from opendkim-testmsg -K.
>How-To-Repeat:
Send an e-mail with the message-id (or any header signed by DKIM) containing \r\n
e.g.
Message-ID:
<some_message_id>
From:
<some_person>
>Fix:
https://sourceforge.net/p/opendkim/bugs/226/#bd34
Attached ticket226.patch
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: pkg-manager->pettai
Responsible-Changed-By: hauke@NetBSD.org
Responsible-Changed-When: Fri, 17 Apr 2020 10:34:04 +0000
Responsible-Changed-Why:
Over to maintainer.
From: Richard Hansen <rhansen@rhansen.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/55171
Date: Thu, 8 Oct 2020 23:26:32 -0400
This bug was fixed upstream (https://github.com/trusteddomainproject/OpenDKIM/commit/a65442161a6e59de49b3db9091754174e363c392) over 5 years ago, but upstream has not made a stable release since then.
Debian has been using various 2.11.0 prerelease versions since Stretch (June 2017), so it should be safe to bump this package to 2.11.0-Beta2 (the latest tag).
See https://github.com/joyent/pkgsrc/pull/285 for a pkgsrc patch.
From: Russell Hansen <russhan@new-swankton.net>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: pkg/55171
Date: Thu, 29 Jul 2021 11:55:21 -0700
This issue appears to have been resolved:
https://github.com/NetBSD/pkgsrc/commit/81e324d51e6b24d910bae5ef183e7c20a4ad4864
State-Changed-From-To: open->closed
State-Changed-By: nia@NetBSD.org
State-Changed-When: Fri, 30 Jul 2021 06:55:14 +0000
State-Changed-Why:
Resolved.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.