OpenDKIM icon indicating copy to clipboard operation
OpenDKIM copied to clipboard

Published 20 hours ago verified publisher icon trusteddomainproject

SignHeaders arbitrary length limit

Open mikenor opened this issue 3 years ago • 1 comments

The SignHeaders configuration option seems to have some undocumented length limit. When SignHeaders is longer than 1016 characters, OpenDKIM fails to start with error:

can't configure DKIM library: failed to set DKIM library options

Makes no difference whether specifying it as a string in the config file, or as a file: dataset with one header per line.

Strangely, OversignHeaders does not seem to have this limit. This makes no sense given that OversignHeaders is always a subset of SignHeaders and thus would never need to be longer. This suggests that the limitation on SignHeaders is perhaps unintentional - i.e., a bug.

mikenor avatar Mar 20 '21 07:03 mikenor

Care to paste here or email me a sample set of what you're trying? gushi at gushi dot org. I don't see a code difference between signheaders and oversignheaders except that when we load signheaders, we're also adding in the deltas of headers that must be signed and must never be signed, so it could be a bug in that path.

thegushi avatar Jan 07 '23 13:01 thegushi