From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Thu, 19 Mar 2020 17:07:33 +0000 (+0000)
Subject: [Minor] Improve dkim failures logging
X-Git-Tag: 2.5~41
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f86e20edf67cb9bb947c61f8ef8e774faf2f8fbf;p=thirdparty%2Frspamd.git

[Minor] Improve dkim failures logging
---

diff --git a/src/libserver/dkim.c b/src/libserver/dkim.c
index 20135a5962..3c7b9530c8 100644
--- a/src/libserver/dkim.c
+++ b/src/libserver/dkim.c
@@ -2611,53 +2611,47 @@ rspamd_dkim_check (rspamd_dkim_context_t *ctx,
 	case RSPAMD_DKIM_KEY_RSA:
 		if (RSA_verify (nid, raw_digest, dlen, ctx->b, ctx->blen,
 				key->key.key_rsa) != 1) {
-			msg_debug_dkim ("rsa verify failed");
+			msg_debug_dkim ("headers rsa verify failed");
 			res->rcode = DKIM_REJECT;
-			res->fail_reason = "rsa verify failed";
+			res->fail_reason = "headers rsa verify failed";
 
 			msg_info_dkim (
-					"%s: RSA verification failure: got %*Bs, expected %*Bs; "
-					"body length %d->%d; headers length %d; d=%s; s=%s",
+					"%s: headers RSA verification failure; "
+					"body length %d->%d; headers length %d; d=%s; s=%s; orig header: %s",
 					rspamd_dkim_type_to_string (ctx->common.type),
-					(gint)dlen, raw_digest,
-					(gint)ctx->blen, ctx->b,
 					(gint)(body_end - body_start), ctx->common.body_canonicalised,
 					ctx->common.headers_canonicalised,
-					ctx->domain, ctx->selector);
+					ctx->domain, ctx->selector, ctx->dkim_header);
 		}
 		break;
 	case RSPAMD_DKIM_KEY_ECDSA:
 		if (ECDSA_verify (nid, raw_digest, dlen, ctx->b, ctx->blen,
 				key->key.key_ecdsa) != 1) {
 			msg_info_dkim (
-					"%s: ECDSA verification failure: got %*Bs, expected %*Bs; "
-					"body length %d->%d; headers length %d; d=%s; s=%s",
+					"%s: headers ECDSA verification failure; "
+					"body length %d->%d; headers length %d; d=%s; s=%s; orig header: %s",
 					rspamd_dkim_type_to_string (ctx->common.type),
-					(gint)dlen, raw_digest,
-					(gint)ctx->blen, ctx->b,
 					(gint)(body_end - body_start), ctx->common.body_canonicalised,
 					ctx->common.headers_canonicalised,
-					ctx->domain, ctx->selector);
-			msg_debug_dkim ("ecdsa verify failed");
+					ctx->domain, ctx->selector, ctx->dkim_header);
+			msg_debug_dkim ("headers ecdsa verify failed");
 			res->rcode = DKIM_REJECT;
-			res->fail_reason = "ecdsa verify failed";
+			res->fail_reason = "headers ecdsa verify failed";
 		}
 		break;
 	case RSPAMD_DKIM_KEY_EDDSA:
 		if (!rspamd_cryptobox_verify (ctx->b, ctx->blen, raw_digest, dlen,
 				key->key.key_eddsa, RSPAMD_CRYPTOBOX_MODE_25519)) {
 			msg_info_dkim (
-					"%s: EDDSA verification failure: got %*Bs, expected %*Bs; "
-					"body length %d->%d; headers length %d; d=%s; s=%s",
+					"%s: headers EDDSA verification failure; "
+					"body length %d->%d; headers length %d; d=%s; s=%s; orig header: %s",
 					rspamd_dkim_type_to_string (ctx->common.type),
-					(gint)dlen, raw_digest,
-					(gint)ctx->blen, ctx->b,
 					(gint)(body_end - body_start), ctx->common.body_canonicalised,
 					ctx->common.headers_canonicalised,
-					ctx->domain, ctx->selector);
-			msg_debug_dkim ("eddsa verify failed");
+					ctx->domain, ctx->selector, ctx->dkim_header);
+			msg_debug_dkim ("headers eddsa verify failed");
 			res->rcode = DKIM_REJECT;
-			res->fail_reason = "eddsa verify failed";
+			res->fail_reason = "headers eddsa verify failed";
 		}
 		break;
 	}