mailauth 4.6.7 → 4.6.9

package/CHANGELOG.md

@@ -1,5 +1,20 @@
 # Changelog
 
+## [4.6.9](https://github.com/postalsys/mailauth/compare/v4.6.8...v4.6.9) (2024-08-22)
+
+
+### Bug Fixes
+
+* **deps:** Removed uuid dependency in favor of crypto.randomUUID() ([0b5d8f5](https://github.com/postalsys/mailauth/commit/0b5d8f5328d0b82f75daea7fdbd74e1e76e8b642))
+* **dkim-relaxed:** Faster DKIM hash calculation for relaxed body if the body contains extremely long lines ([fd8c89e](https://github.com/postalsys/mailauth/commit/fd8c89edd87a114464f99ebf79a1e903a8287876))
+
+## [4.6.8](https://github.com/postalsys/mailauth/compare/v4.6.7...v4.6.8) (2024-06-04)
+
+
+### Bug Fixes
+
+* **dmarc-alignment:** Fixed tldts usage to allow private domains ([cc7dfa8](https://github.com/postalsys/mailauth/commit/cc7dfa8d820c1a4112602340192010354d51cd52))
+
 ## [4.6.7](https://github.com/postalsys/mailauth/compare/v4.6.6...v4.6.7) (2024-05-30)
 
 

package/lib/dkim/body/relaxed.js

@@ -122,24 +122,36 @@ class RelaxedHash {
         this._updateBodyHash(chunk);
     }
 
+    /**
+     * Performs the following modifications for a single line:
+     *  - Replace all <LF> chars with <CR><LF>
+     *  - Replace all spaces and tabs with a single space.
+     *  - Remove trailing whitespace
+     * @param {Buffer} line
+     * @returns {Buffer} fixed line
+     */
     fixLineBuffer(line) {
-        let resultLine = [];
+        // Allocate maximum expected buffer length
+        // If the line is only filled with <LF> bytes then we need 2 times the size of the line
+        let lineBuf = Buffer.alloc(line.length * 2);
+        // Start processing the line from the end to beginning
+        let writePos = lineBuf.length - 1;
 
         let nonWspFound = false;
         let prevWsp = false;
 
         for (let i = line.length - 1; i >= 0; i--) {
             if (line[i] === CHAR_LF) {
-                resultLine.unshift(line[i]);
+                lineBuf[writePos--] = line[i];
                 if (i === 0 || line[i - 1] !== CHAR_CR) {
                     // add missing carriage return
-                    resultLine.unshift(CHAR_CR);
+                    lineBuf[writePos--] = CHAR_CR;
                 }
                 continue;
             }
 
             if (line[i] === CHAR_CR) {
-                resultLine.unshift(line[i]);
+                lineBuf[writePos--] = line[i];
                 continue;
             }
 
@@ -151,19 +163,19 @@ class RelaxedHash {
             }
 
             if (prevWsp) {
-                resultLine.unshift(CHAR_SPACE);
+                lineBuf[writePos--] = CHAR_SPACE;
                 prevWsp = false;
             }
 
             nonWspFound = true;
-            resultLine.unshift(line[i]);
+            lineBuf[writePos--] = line[i];
         }
 
         if (prevWsp && nonWspFound) {
-            resultLine.unshift(CHAR_SPACE);
+            lineBuf[writePos--] = CHAR_SPACE;
         }
 
-        return Buffer.from(resultLine);
+        return lineBuf.subarray(writePos + 1);
     }
 
     update(chunk, final) {

package/lib/dkim/dkim-verifier.js

@@ -8,7 +8,6 @@ const { generateCanonicalizedHeader } = require('./header');
 const { getARChain } = require('../arc');
 const addressparser = require('nodemailer/lib/addressparser');
 const crypto = require('node:crypto');
-const { v4: uuidv4 } = require('uuid');
 const libmime = require('libmime');
 
 class DkimVerifier extends MessageParser {
@@ -333,7 +332,7 @@ class DkimVerifier extends MessageParser {
                 let result = {
                     id: signatureHeader.parsed?.b?.value
                         ? crypto.createHash('sha256').update(Buffer.from(signatureHeader.parsed?.b?.value, 'base64')).digest('hex')
-                        : uuidv4(),
+                        : crypto.randomUUID(),
                     signingDomain: signatureHeader.signingDomain,
                     selector: signatureHeader.selector,
                     signature: signatureHeader.parsed?.b?.value,

package/lib/dmarc/get-dmarc-record.js

@@ -1,7 +1,8 @@
 'use strict';
 
-const tldts = require('tldts');
 const dns = require('node:dns').promises;
+const tldts = require('tldts');
+const { TLDTS_OPTS } = require('../tools');
 
 const resolveTxt = async (domain, resolver) => {
     try {
@@ -33,7 +34,7 @@ const getDmarcRecord = async (domain, resolver) => {
     let isOrgRecord = false;
 
     if (!txt) {
-        let orgDomain = tldts.getDomain(domain);
+        let orgDomain = tldts.getDomain(domain, TLDTS_OPTS);
         if (orgDomain !== domain) {
             // try org domain as well
             txt = await resolveTxt(orgDomain, resolver);

package/lib/dmarc/verify.js

@@ -3,7 +3,7 @@
 const dns = require('node:dns').promises;
 const punycode = require('punycode.js');
 const tldts = require('tldts');
-const { formatAuthHeaderRow, getAlignment } = require('../tools');
+const { formatAuthHeaderRow, getAlignment, TLDTS_OPTS } = require('../tools');
 const getDmarcRecord = require('./get-dmarc-record');
 
 const verifyDmarc = async opts => {
@@ -41,7 +41,7 @@ const verifyDmarc = async opts => {
         return response;
     };
 
-    let orgDomain = tldts.getDomain(domain);
+    let orgDomain = tldts.getDomain(domain, TLDTS_OPTS);
 
     let status = {
         result: 'neutral',

package/lib/tools.js

@@ -29,6 +29,11 @@ const keyOrderingDKIM = ['v', 'a', 'c', 'd', 'h', 'i', 'l', 'q', 's', 't', 'x',
 const keyOrderingARC = ['i', 'a', 'c', 'd', 'h', 'l', 'q', 's', 't', 'x', 'z', 'bh', 'b'];
 const keyOrderingAS = ['i', 'a', 't', 'cv', 'd', 's', 'b'];
 
+const TLDTS_OPTS = {
+    allowIcannDomains: true,
+    allowPrivateDomains: true
+};
+
 const writeToStream = async (stream, input, chunkSize) => {
     chunkSize = chunkSize || 64 * 1024;
 
@@ -483,7 +488,7 @@ const getAlignment = (fromDomain, domainList, strict) => {
     if (strict) {
         fromDomain = formatDomain(fromDomain);
         for (let entry of domainList) {
-            let domain = formatDomain(tldts.getDomain(entry.domain) || entry.domain);
+            let domain = formatDomain(tldts.getDomain(entry.domain, TLDTS_OPTS) || entry.domain);
             if (formatDomain(domain) === fromDomain) {
                 return entry;
             }
@@ -491,9 +496,9 @@ const getAlignment = (fromDomain, domainList, strict) => {
     }
 
     // match org domains
-    fromDomain = formatDomain(tldts.getDomain(fromDomain) || fromDomain);
+    fromDomain = formatDomain(tldts.getDomain(fromDomain, TLDTS_OPTS) || fromDomain);
     for (let entry of domainList) {
-        let domain = formatDomain(tldts.getDomain(entry.domain) || entry.domain);
+        let domain = formatDomain(tldts.getDomain(entry.domain, TLDTS_OPTS) || entry.domain);
         if (domain === fromDomain) {
             return entry;
         }
@@ -591,5 +596,7 @@ module.exports = {
 
     getPtrHostname,
 
-    getCurTime
+    getCurTime,
+
+    TLDTS_OPTS
 };

package/man/mailauth.1

@@ -1,4 +1,4 @@
-.TH "MAILAUTH" "1" "May 2024" "v4.6.7" "Mailauth Help"
+.TH "MAILAUTH" "1" "August 2024" "v4.6.9" "Mailauth Help"
 .SH "NAME"
 \fBmailauth\fR
 .QP

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "mailauth",
-    "version": "4.6.7",
+    "version": "4.6.9",
     "description": "Email authentication library for Node.js",
     "main": "lib/mailauth.js",
     "scripts": {
@@ -41,20 +41,19 @@
         "license-report": "6.5.0",
         "marked": "0.7.0",
         "marked-man": "0.7.0",
-        "mbox-reader": "1.1.5",
-        "mocha": "10.4.0"
+        "mbox-reader": "1.2.0",
+        "mocha": "10.7.3"
     },
     "dependencies": {
         "@postalsys/vmc": "1.0.8",
-        "fast-xml-parser": "4.4.0",
+        "fast-xml-parser": "4.4.1",
         "ipaddr.js": "2.2.0",
-        "joi": "17.13.1",
+        "joi": "17.13.3",
         "libmime": "5.3.5",
-        "nodemailer": "6.9.13",
+        "nodemailer": "6.9.14",
         "punycode.js": "2.3.1",
-        "tldts": "6.1.23",
+        "tldts": "6.1.40",
         "undici": "5.28.4",
-        "uuid": "9.0.1",
         "yargs": "17.7.2"
     },
     "engines": {