I am reading the code and found that queryDNSTXT may produce the wrong txt record using the default resolver net.LookupTXT
dkim/query.go line 88 wrote that
// Long keys are split in multiple parts
txt := strings.Join(txts, "")
but the default resolve has already joined the txt record with multiple line.
// Multiple strings in one TXT record need to be
// concatenated without separator to be consistent
// with previous Go resolver.
n := 0
for _, s := range txt.TXT {
n += len(s)
}
txtJoin := make([]byte, 0, n)
for _, s := range txt.TXT {
txtJoin = append(txtJoin, s...)
}
if len(txts) == 0 {
txts = make([]string, 0, 1)
}
txts = append(txts, string(txtJoin))
So, if there are multiple records along with DKIM record. It will produce a wrong DKIM record, and the following parsePublicKey will fail
emersion
commented
8 months ago
I am reading the code and found that
queryDNSTXTmay produce the wrong txt record using the default resolvernet.LookupTXTdkim/query.goline 88 wrote thatbut the default resolve has already joined the txt record with multiple line.
So, if there are multiple records along with DKIM record. It will produce a wrong DKIM record, and the following
parsePublicKeywill fail