Add support for Canonicalization option
This commit is contained in:
Scott Kitterman
@@ -10,3 +10,5 @@
|
||||
0.9.2 UNRELEASED
|
||||
- Improved package requirements definition
|
||||
- Added systemd unit file and (untested) sysv init file
|
||||
- Added dkim-milter.8 (based on opendim.8)
|
||||
- Implemented support for Canonicalization option
|
||||
|
||||
@@ -19,11 +19,11 @@ DKIM 'a' in AR implemented verified
|
||||
dkimpy-milter.service implemented verified
|
||||
sysv init implemented
|
||||
remove PidFile on stop implemented verified
|
||||
dkimpy-milter.8 provided needs work
|
||||
Canonicalization implementd verified
|
||||
|
||||
0.9.5 (Beta)
|
||||
dkimpy-milter.8
|
||||
AuthservID
|
||||
Canonicalization
|
||||
Diagnostics
|
||||
DiagnosticDirectory
|
||||
InternalHosts
|
||||
@@ -31,6 +31,7 @@ SyslogFacility
|
||||
SyslogSuccess
|
||||
|
||||
1.0.0
|
||||
Convert dkim-milter-python config
|
||||
No additional features planned
|
||||
|
||||
Considered for near-term feature release
|
||||
|
||||
@@ -173,17 +173,24 @@ class dkimMilter(Milter.Base):
|
||||
return Milter.CONTINUE
|
||||
|
||||
def sign_dkim(self,txt):
|
||||
conf = self.conf
|
||||
canon = milterconfig.get('Canonicalization')
|
||||
if len(canon.split('/')) == 2:
|
||||
canonicalize.append(canon.split('/')[0])
|
||||
canonicalize.append(canon.split('/')[1])
|
||||
else:
|
||||
canonicalize.append(canon)
|
||||
canonicalize.append(canon)
|
||||
syslog.syslog('canonicalize: {0}'.format(canonicalize))
|
||||
try:
|
||||
d = dkim.DKIM(txt)
|
||||
h = d.sign(milterconfig.get('Selector'),milterconfig.get('Domain'), privateRSA,
|
||||
canonicalize=('relaxed','simple'))
|
||||
canonicalize=(canonicalize[0], canonicalize[1]))
|
||||
name,val = h.split(': ',1)
|
||||
self.addheader(name,val.strip().replace('\r\n','\n'),0)
|
||||
if privateEd25519:
|
||||
d = dkim.DKIM(txt)
|
||||
h = d.sign(milterconfig.get('SelectorEd25519'),milterconfig.get('Domain'), privateEd25519,
|
||||
canonicalize=('relaxed','simple'), signature_algorithm='ed25519-sha256')
|
||||
canonicalize=(canonicalize[0], canonicalize[1]), signature_algorithm='ed25519-sha256')
|
||||
name,val = h.split(': ',1)
|
||||
self.addheader(name,val.strip().replace('\r\n','\n'),0)
|
||||
except dkim.DKIMException as x:
|
||||
@@ -254,14 +261,14 @@ def main():
|
||||
if milterconfig.get('Syslog'):
|
||||
syslog.openlog(os.path.basename(sys.argv[0]), syslog.LOG_PID, syslog.LOG_MAIL)
|
||||
setExceptHook()
|
||||
write_pid(milterconfig)
|
||||
pid = write_pid(milterconfig)
|
||||
if milterconfig.get('KeyFile'):
|
||||
privateRSA = read_keyfile(milterconfig, 'RSA')
|
||||
if milterconfig.get('KeyFileEd25519'):
|
||||
privateEd25519 = read_keyfile(milterconfig, 'Ed25519')
|
||||
drop_privileges(milterconfig)
|
||||
if milterconfig.get('Syslog'):
|
||||
syslog.syslog('dkimpy-milter started. user: {0}'.format(milterconfig.get('UserID')))
|
||||
syslog.syslog('dkimpy-milter started:{0} user:{1}'.format(pid,milterconfig.get('UserID')))
|
||||
Milter.factory = dkimMilter
|
||||
Milter.set_flags(Milter.CHGHDRS + Milter.ADDHDRS)
|
||||
miltername = 'dkimpy-filter'
|
||||
|
||||
@@ -42,7 +42,7 @@ defaultConfigData = {
|
||||
'Socket' : 'local:/var/run/dkimpy-milter/dkimpy-milter.sock',
|
||||
'PidFile' : '/var/run/dkimpy-milter/dkimpy-milter.pid',
|
||||
'UserID' : 'dkimpy-milter',
|
||||
'Canonicalization' : 'simple'
|
||||
'Canonicalization' : 'relaxed/simple'
|
||||
}
|
||||
|
||||
|
||||
@@ -111,7 +111,6 @@ def _readConfigFile(path, configData = None, configGlobal = {}):
|
||||
'Selector' : 'str',
|
||||
'SelectorEd25519': 'str',
|
||||
'Canonicalization' : 'str',
|
||||
'CanonicalizationEd25519' : 'str'
|
||||
}
|
||||
|
||||
# check to see if it's a file
|
||||
|
||||
@@ -92,6 +92,7 @@ def write_pid(milterconfig):
|
||||
if milterconfig.get('Syslog'):
|
||||
syslog.syslog('Unable to write pidfle {0}. File exists.'.format(milterconfig.get('PidFile')))
|
||||
raise RuntimeError('Unable to write pidfle {0}. File exists.'.format(milterconfig.get('PidFile')))
|
||||
return pid
|
||||
|
||||
####################
|
||||
def read_keyfile(milterconfig, keytype):
|
||||
|
||||
@@ -16,7 +16,7 @@ KeyFile /etc/mail/dkim.key
|
||||
Selector default
|
||||
|
||||
# Commonly-used options; the commented-out versions show the defaults.
|
||||
#Canonicalization simple
|
||||
#Canonicalization relaxed/simple
|
||||
#Mode sv
|
||||
|
||||
# Socket local:/var/run/dkimpy-milter/dkimpy-milter.sock
|
||||
|
||||
@@ -133,7 +133,7 @@
|
||||
dkimpy-milter \- Python milter for DKIM signing and validation
|
||||
.SH "VERSION"
|
||||
.IX Header "VERSION"
|
||||
0\.9\.1
|
||||
0\.9\.2
|
||||
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
@@ -208,6 +208,8 @@ the canonicalization method. The recognized values are
|
||||
and
|
||||
.I simple
|
||||
as defined by the DKIM specification. The default is
|
||||
.I relaxed
|
||||
/
|
||||
.I simple.
|
||||
The value may include two different canonicalizations separated by a
|
||||
slash ("/") character, in which case the first will be applied to the
|
||||
|
||||
Reference in New Issue
Block a user