Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Export selector and DNS response via Verification #42

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Export selector and DNS response via Verification #42

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
66831f9
Export selector and DNS response via Verification
kmille Mar 14, 2021
f7a5ed3
Fix copy paste typo in print
kmille Mar 14, 2021
b23726d
Update verify example in the README
kmille Mar 14, 2021
f5c7524
Fix tests after adding QueryResult to Verification struct
kmille Mar 17, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,9 @@ if err != nil {

for _, v := range verifications {
if v.Err == nil {
log.Println("Valid signature for:", v.Domain)
log.Printf("Valid signature for %v (selector=%s) (algo=%s)", v.Domain, v.Selector, v.QueryResult.KeyAlgo)
} else {
log.Println("Invalid signature for:", v.Domain, v.Err)
log.Printf("Invalid signature for %v (selector=%s) (algo=%s): %v", v.Domain, v.Selector, v.QueryResult.KeyAlgo, v.Err)
}
}
```
Expand Down
4 changes: 2 additions & 2 deletions cmd/dkim-verify/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,9 @@ func main() {

for _, v := range verifications {
if v.Err == nil {
log.Printf("Valid signature for %v", v.Domain)
log.Printf("Valid signature for %v (selector=%s) (algo=%s)", v.Domain, v.Selector, v.QueryResult.KeyAlgo)
} else {
log.Printf("Invalid signature for %v: %v", v.Domain, v.Err)
log.Printf("Invalid signature for %v (selector=%s) (algo=%s): %v", v.Domain, v.Selector, v.QueryResult.KeyAlgo, v.Err)
}
}
}
10 changes: 10 additions & 0 deletions dkim/verify.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,10 @@ type Verification struct {
// The SDID claiming responsibility for an introduction of a message into the
// mail stream.
Domain string

// The Selector is the s value of the DKIM-Signature header
Selector string

// The Agent or User Identifier (AUID) on behalf of which the SDID is taking
// responsibility.
Identifier string
Expand All @@ -79,6 +83,9 @@ type Verification struct {
// The expiration time. If the signature doesn't expire, it's set to zero.
Expiration time.Time

// The QueryResult holds the parsed DNS response
QueryResult *queryResult
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can't add a public field with a private type like this.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand what you mean. Why is it private and why can't we export it?

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's unexported, because it begins with a lowercase letter.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But QueryResult starts with a big letter? Can you explain what you mean? Thanks.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The field QueryResult is exported, the type *queryResult isn't.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah I see. I'm still not sure about you're opinion. Should I make the type public or do you think that's a bad idea in general?


// Err is nil if the signature is valid.
Err error
}
Expand Down Expand Up @@ -221,6 +228,7 @@ func verify(h header, r io.Reader, sigField, sigValue string, options *VerifyOpt
return verif, permFailError("incompatible signature version")
}

verif.Selector = stripWhitespace(params["s"])
verif.Domain = stripWhitespace(params["d"])

for _, tag := range requiredTags {
Expand Down Expand Up @@ -286,11 +294,13 @@ func verify(h header, r io.Reader, sigField, sigValue string, options *VerifyOpt
break
}
}

if err != nil {
return verif, err
} else if res == nil {
return verif, permFailError("unsupported public key query method")
}
verif.QueryResult = res

// Parse algos
algos := strings.SplitN(stripWhitespace(params["a"]), "-", 2)
Expand Down