[Python-modules-commits] r16015 - in packages/pydkim/trunk/debian (5 files)
kitterman at users.alioth.debian.org
kitterman at users.alioth.debian.org
Mon Mar 7 05:23:41 UTC 2011
Date: Monday, March 7, 2011 @ 05:23:30
Author: kitterman
Revision: 16015
pydkim (0.3-5) unstable; urgency=low
* Add debian/patches/relaxed-canonicalization.patch to fix body hash
verification failures due to out of sequence operations. Thanks to
Martin Pool for the patch
* Add debian/patches/fix-key-record-validation.patch to fix incorrect key
record validation failures due to invalid assumptions about public key
record requirements
* Bump standards version to 3.9.1 without further change
* Change XS-Python-Version to X-Python-Version
* Add Breaks:
* Drop XB-Python-Version
Added:
packages/pydkim/trunk/debian/patches/fix-key-record-validation.patch
packages/pydkim/trunk/debian/patches/relaxed-canonicalization.patch
Modified:
packages/pydkim/trunk/debian/changelog
packages/pydkim/trunk/debian/control
packages/pydkim/trunk/debian/patches/series
Modified: packages/pydkim/trunk/debian/changelog
===================================================================
--- packages/pydkim/trunk/debian/changelog 2011-03-06 20:53:10 UTC (rev 16014)
+++ packages/pydkim/trunk/debian/changelog 2011-03-07 05:23:30 UTC (rev 16015)
@@ -1,3 +1,18 @@
+pydkim (0.3-5) unstable; urgency=low
+
+ * Add debian/patches/relaxed-canonicalization.patch to fix body hash
+ verification failures due to out of sequence operations. Thanks to
+ Martin Pool for the patch
+ * Add debian/patches/fix-key-record-validation.patch to fix incorrect key
+ record validation failures due to invalid assumptions about public key
+ record requirements
+ * Bump standards version to 3.9.1 without further change
+ * Change XS-Python-Version to X-Python-Version
+ * Add Breaks: ${python:Breaks}
+ * Drop XB-Python-Version
+
+ -- Scott Kitterman <scott at kitterman.com> Mon, 07 Mar 2011 00:09:56 -0500
+
pydkim (0.3-4) unstable; urgency=low
* Convert from CDBS to Debhelper 7:
Modified: packages/pydkim/trunk/debian/control
===================================================================
--- packages/pydkim/trunk/debian/control 2011-03-06 20:53:10 UTC (rev 16014)
+++ packages/pydkim/trunk/debian/control 2011-03-07 05:23:30 UTC (rev 16015)
@@ -4,17 +4,17 @@
Maintainer: Scott Kitterman <scott at kitterman.com>
Uploaders: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>
Build-Depends: debhelper (>= 7.3.16), python (>= 2.6.5-2~), quilt (>= 0.46-7)
-XS-Python-Version: >= 2.5
+X-Python-Version: >= 2.5
Vcs-Svn: svn://svn.debian.org/python-modules/packages/pydkim/trunk/
Vcs-Browser: http://svn.debian.org/viewsvn/python-modules/packages/pydkim/trunk/
-Standards-Version: 3.8.4
+Standards-Version: 3.9.1
Homepage: http://hewgill.com/pydkim
Package: python-dkim
Architecture: all
Depends: ${python:Depends}, ${misc:Depends}, python-dnspython
+Breaks: ${python:Breaks}
Conflicts: dkimproxy (<< 1.0.1-8.1~)
-XB-Python-Version: ${python:Versions}
Description: Python module for DKIM signing and verification
Python module that implements DKIM (DomainKeys Identified Mail) email signing
and verification. It also provides helper scripts for command line signing
Added: packages/pydkim/trunk/debian/patches/fix-key-record-validation.patch
===================================================================
--- packages/pydkim/trunk/debian/patches/fix-key-record-validation.patch (rev 0)
+++ packages/pydkim/trunk/debian/patches/fix-key-record-validation.patch 2011-03-07 05:23:30 UTC (rev 16015)
@@ -0,0 +1,15 @@
+Index: pydkim-0.3/dkim.py
+===================================================================
+--- pydkim-0.3.orig/dkim.py 2011-03-06 23:33:14.000000000 -0500
++++ pydkim-0.3/dkim.py 2011-03-06 23:34:13.000000000 -0500
+@@ -557,6 +557,10 @@
+ if not s:
+ return False
+ a = re.split(r"\s*;\s*", s)
++ # Trailing ';' on signature record is valid, see RFC 4871 3.2
++ # tag-list = tag-spec 0*( ";" tag-spec ) [ ";" ]
++ if a[-1] == '':
++ a.pop(-1)
+ pub = {}
+ for f in a:
+ m = re.match(r"(\w+)=(.*)", f)
Added: packages/pydkim/trunk/debian/patches/relaxed-canonicalization.patch
===================================================================
--- packages/pydkim/trunk/debian/patches/relaxed-canonicalization.patch (rev 0)
+++ packages/pydkim/trunk/debian/patches/relaxed-canonicalization.patch 2011-03-07 05:23:30 UTC (rev 16015)
@@ -0,0 +1,44 @@
+Index: pydkim-0.3/dkim.py
+===================================================================
+--- pydkim-0.3.orig/dkim.py 2010-08-25 20:45:42.000000000 +0000
++++ pydkim-0.3/dkim.py 2010-08-25 20:45:53.000000000 +0000
+@@ -363,18 +363,23 @@
+ ('bh', bodyhash),
+ ('b', ""),
+ ] if x]
+- sig = "DKIM-Signature: " + "; ".join("%s=%s" % x for x in sigfields)
+
+- sig = fold(sig)
++ sig_value = fold("; ".join("%s=%s" % x for x in sigfields))
++ dkim_header = canonicalize[0].canonicalize_headers([
++ ['DKIM-Signature', ' ' + sig_value]])[0]
++ # the dkim sig is hashed with no trailing crlf, even if the
++ # canonicalization algorithm would add one.
++ if dkim_header[1][-2:] == '\r\n':
++ dkim_header = (dkim_header[0], dkim_header[1][:-2])
++ sign_headers.append(dkim_header)
+
+ if debuglog is not None:
+- print >>debuglog, "sign headers:", sign_headers + [("DKIM-Signature", " "+"; ".join("%s=%s" % x for x in sigfields))]
++ print >>debuglog, "sign headers:", sign_headers
+ h = hashlib.sha256()
+ for x in sign_headers:
+ h.update(x[0])
+ h.update(":")
+ h.update(x[1])
+- h.update(sig)
+ d = h.digest()
+ if debuglog is not None:
+ print >>debuglog, "sign digest:", " ".join("%02x" % ord(x) for x in d)
+@@ -392,9 +397,9 @@
+ if len(dinfo)+3 > modlen:
+ raise ParameterError("Hash too large for modulus")
+ sig2 = int2str(pow(str2int("\x00\x01"+"\xff"*(modlen-len(dinfo)-3)+"\x00"+dinfo), pk['privateExponent'], pk['modulus']), modlen)
+- sig += base64.b64encode(''.join(sig2))
++ sig_value += base64.b64encode(''.join(sig2))
+
+- return sig + "\r\n"
++ return 'DKIM-Signature: ' + sig_value + "\r\n"
+
+ def verify(message, debuglog=None):
+ """Verify a DKIM signature on an RFC822 formatted message.
Modified: packages/pydkim/trunk/debian/patches/series
===================================================================
--- packages/pydkim/trunk/debian/patches/series 2011-03-06 20:53:10 UTC (rev 16014)
+++ packages/pydkim/trunk/debian/patches/series 2011-03-07 05:23:30 UTC (rev 16015)
@@ -1 +1,3 @@
adjust-setup.py.patch
+relaxed-canonicalization.patch
+fix-key-record-validation.patch
More information about the Python-modules-commits
mailing list