From 82542e4ca05b928b009f29f3422a66ca880f09e0 Mon Sep 17 00:00:00 2001 From: Scott Kitterman Date: Wed, 23 Oct 2019 15:54:51 -0400 Subject: [PATCH] Remove vestiges of SigningTableEd25519, separate per algorithm table not needed --- CHANGES | 2 ++ TODO | 1 - dkimpy_milter/config.py | 4 +--- man/dkimpy-milter.conf.5 | 15 --------------- man/dkimpy-milter.conf.5.in | 15 --------------- tests/runtests | 5 +++-- 6 files changed, 6 insertions(+), 36 deletions(-) diff --git a/CHANGES b/CHANGES index 8052ecb..9eda23b 100644 --- a/CHANGES +++ b/CHANGES @@ -19,6 +19,8 @@ (LP: #1844189) - Fix sysv init so it works (LP: #1839487) - Make error logging more explicit to aid debugging + - Remove SigningTableEd25519 from documentation - it was never implemented + and a per algorithm signing table turns out not to be needed 1.1.0 2019-04-12 - Add SubDomains option to enable signing for sub-domains (LP: #1811535) diff --git a/TODO b/TODO index 6324140..c8ddd24 100644 --- a/TODO +++ b/TODO @@ -55,7 +55,6 @@ KeyTable KeytableEd25519 SignHeaders implemented SigningTable -SigningTableEd25519 TemporaryDirectory Planned dataset type support (if needed): diff --git a/dkimpy_milter/config.py b/dkimpy_milter/config.py index 076ebf3..b3c9159 100644 --- a/dkimpy_milter/config.py +++ b/dkimpy_milter/config.py @@ -51,7 +51,6 @@ defaultConfigData = { 'DNSOverride': None, 'SubDomains': False, 'SigningTable': None, - 'SigningTableEd25519': None, 'debugLevel': 0 # Undocumented config item for developer use } @@ -354,7 +353,6 @@ def _readConfigFile(path, configData=None, configGlobal={}): 'Selector': 'str', 'SelectorEd25519': 'str', 'SigningTable': 'dataset', - 'SigningTableEd25519': 'dataset', 'Canonicalization': 'str', 'InternalHosts': 'dataset', 'IntHosts': 'bool', @@ -434,7 +432,7 @@ def _readConfigFile(path, configData=None, configGlobal={}): # These are the only multi-line dataset types if name == 'KeyTable' or name == 'KeyTableEd25519': configData[name] = _dataset_multiline('KeyTable', interim_value) - elif name == 'SigningTable' or name == 'SigningTableEd25519': + elif name == 'SigningTable': configData[name] = _dataset_multiline('SigningTable', interim_value) else: configData[name] = interim_value diff --git a/man/dkimpy-milter.conf.5 b/man/dkimpy-milter.conf.5 index 83095c2..a51d0ba 100644 --- a/man/dkimpy-milter.conf.5 +++ b/man/dkimpy-milter.conf.5 @@ -222,8 +222,6 @@ domains will be verified rather than being signed. This parameter is not required if a .I SigningTable -or -.I SigningTableEd25519 is in use; in that case, the list of signed domains is implied by the lines in that file. @@ -395,19 +393,6 @@ For all other database types, the full user@host is checked first, then simply h In any case, only the first match is applied. -.TP -.I SigningTableEd25519 (dataset) - -Defines a table used to select one or more signatures to apply to a message based on the address found in the From: header field. Keys in this table vary depending on the type of table used; values in this data set should include one field that contains a name found in the KeyTable (see above) that identifies which key should be used in generating the signature, and an optional second field naming the signer of the message that will be included in the "i=" tag in the generated signature. Note that the "i=" value will not be included in the signature if it conflicts with the signing domain (the "d=" value). - -If the first field contains only a "%" character, it will be replaced by the domain found in the From: header field. Similarly, within the optional second field, any "%" character will be replaced by the domain found in the From: header field. - -If this table specifies a regular expression file ("refile"), then the keys are wildcard patterns that are matched against the address found in the From: header field. Entries are checked in the order in which they appear in the file. ["refile support not implemented"]. - -For all other database types, the full user@host is checked first, then simply host, then user@.domain (with all superdomains checked in sequence, so "foo.example.com" would first check "user@foo.example.com", then "user@.example.com", then "user@.com"), then .domain, then user@*, and finally *. - -In any case, only the first match is applied. - .TP .I Socket (string) Specifies the socket that should be established by the filter to receive diff --git a/man/dkimpy-milter.conf.5.in b/man/dkimpy-milter.conf.5.in index 37a3e50..509a298 100644 --- a/man/dkimpy-milter.conf.5.in +++ b/man/dkimpy-milter.conf.5.in @@ -222,8 +222,6 @@ domains will be verified rather than being signed. This parameter is not required if a .I SigningTable -or -.I SigningTableEd25519 is in use; in that case, the list of signed domains is implied by the lines in that file. @@ -423,19 +421,6 @@ For all other database types, the full user@host is checked first, then simply h In any case, only the first match is applied. -.TP -.I SigningTableEd25519 (dataset) - -Defines a table used to select one or more signatures to apply to a message based on the address found in the From: header field. Keys in this table vary depending on the type of table used; values in this data set should include one field that contains a name found in the KeyTable (see above) that identifies which key should be used in generating the signature, and an optional second field naming the signer of the message that will be included in the "i=" tag in the generated signature. Note that the "i=" value will not be included in the signature if it conflicts with the signing domain (the "d=" value). - -If the first field contains only a "%" character, it will be replaced by the domain found in the From: header field. Similarly, within the optional second field, any "%" character will be replaced by the domain found in the From: header field. - -If this table specifies a regular expression file ("refile"), then the keys are wildcard patterns that are matched against the address found in the From: header field. Entries are checked in the order in which they appear in the file. ["refile support not implemented"]. - -For all other database types, the full user@host is checked first, then simply host, then user@.domain (with all superdomains checked in sequence, so "foo.example.com" would first check "user@foo.example.com", then "user@.example.com", then "user@.com"), then .domain, then user@*, and finally *. - -In any case, only the first match is applied. - .TP .I Socket (string) Specifies the socket that should be established by the filter to receive diff --git a/tests/runtests b/tests/runtests index 1e029d5..4b479eb 100755 --- a/tests/runtests +++ b/tests/runtests @@ -21,7 +21,7 @@ for keytype in "${KEY_TYPES[@]}"; do fi if [ "$keytype" = ed25519 ]; then keytable=KeyTableEd25519 - signingtable=SigningTableEd25519 + signingtable=SigningTable selector=SelectorEd25519 elif [ "$keytype" = rsa ]; then keytable=KeyTable @@ -90,7 +90,8 @@ example.net, testkey, testkey.$keytype.key EOF cat > "signing-table" <