DandelionNStuff/dkimpy-milter-smtputf8
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove vestiges of SigningTableEd25519, separate per algorithm table not needed

Browse Source
This commit is contained in:
Scott Kitterman
2019-10-23 15:54:51 -04:00
parent b0604bf00c
commit 82542e4ca0
6 changed files with 6 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGES
+2
View File
@@ -19,6 +19,8 @@
(LP: #1844189) (LP: #1844189)
- Fix sysv init so it works (LP: #1839487) - Fix sysv init so it works (LP: #1839487)
- Make error logging more explicit to aid debugging - Make error logging more explicit to aid debugging
- Remove SigningTableEd25519 from documentation - it was never implemented
and a per algorithm signing table turns out not to be needed
1.1.0 2019-04-12 1.1.0 2019-04-12
- Add SubDomains option to enable signing for sub-domains (LP: #1811535) - Add SubDomains option to enable signing for sub-domains (LP: #1811535)
TODO
-1
View File
@@ -55,7 +55,6 @@ KeyTable
KeytableEd25519 KeytableEd25519
SignHeaders implemented SignHeaders implemented
SigningTable SigningTable
SigningTableEd25519
TemporaryDirectory TemporaryDirectory
Planned dataset type support (if needed): Planned dataset type support (if needed):
dkimpy_milter/config.py
+1 -3
View File
@@ -51,7 +51,6 @@ defaultConfigData = {
'DNSOverride': None, 'DNSOverride': None,
'SubDomains': False, 'SubDomains': False,
'SigningTable': None, 'SigningTable': None,
'SigningTableEd25519': None,
'debugLevel': 0 # Undocumented config item for developer use 'debugLevel': 0 # Undocumented config item for developer use
} }
@@ -354,7 +353,6 @@ def _readConfigFile(path, configData=None, configGlobal={}):
'Selector': 'str', 'Selector': 'str',
'SelectorEd25519': 'str', 'SelectorEd25519': 'str',
'SigningTable': 'dataset', 'SigningTable': 'dataset',
'SigningTableEd25519': 'dataset',
'Canonicalization': 'str', 'Canonicalization': 'str',
'InternalHosts': 'dataset', 'InternalHosts': 'dataset',
'IntHosts': 'bool', 'IntHosts': 'bool',
@@ -434,7 +432,7 @@ def _readConfigFile(path, configData=None, configGlobal={}):
# These are the only multi-line dataset types # These are the only multi-line dataset types
if name == 'KeyTable' or name == 'KeyTableEd25519': if name == 'KeyTable' or name == 'KeyTableEd25519':
configData[name] = _dataset_multiline('KeyTable', interim_value) configData[name] = _dataset_multiline('KeyTable', interim_value)
elif name == 'SigningTable' or name == 'SigningTableEd25519': elif name == 'SigningTable':
configData[name] = _dataset_multiline('SigningTable', interim_value) configData[name] = _dataset_multiline('SigningTable', interim_value)
else: else:
configData[name] = interim_value configData[name] = interim_value
man/dkimpy-milter.conf.5
-15
View File
@@ -222,8 +222,6 @@ domains will be verified rather than being signed.
This parameter is not required if a This parameter is not required if a
.I SigningTable .I SigningTable
or
.I SigningTableEd25519
is in use; in that case, the list of signed domains is implied by the is in use; in that case, the list of signed domains is implied by the
lines in that file. lines in that file.
@@ -395,19 +393,6 @@ For all other database types, the full user@host is checked first, then simply h
In any case, only the first match is applied. In any case, only the first match is applied.
.TP
.I SigningTableEd25519 (dataset)
Defines a table used to select one or more signatures to apply to a message based on the address found in the From: header field. Keys in this table vary depending on the type of table used; values in this data set should include one field that contains a name found in the KeyTable (see above) that identifies which key should be used in generating the signature, and an optional second field naming the signer of the message that will be included in the "i=" tag in the generated signature. Note that the "i=" value will not be included in the signature if it conflicts with the signing domain (the "d=" value).
If the first field contains only a "%" character, it will be replaced by the domain found in the From: header field. Similarly, within the optional second field, any "%" character will be replaced by the domain found in the From: header field.
If this table specifies a regular expression file ("refile"), then the keys are wildcard patterns that are matched against the address found in the From: header field. Entries are checked in the order in which they appear in the file. ["refile support not implemented"].
For all other database types, the full user@host is checked first, then simply host, then user@.domain (with all superdomains checked in sequence, so "foo.example.com" would first check "user@foo.example.com", then "user@.example.com", then "user@.com"), then .domain, then user@*, and finally *.
In any case, only the first match is applied.
.TP .TP
.I Socket (string) .I Socket (string)
Specifies the socket that should be established by the filter to receive Specifies the socket that should be established by the filter to receive
man/dkimpy-milter.conf.5.in
-15
View File
@@ -222,8 +222,6 @@ domains will be verified rather than being signed.
This parameter is not required if a This parameter is not required if a
.I SigningTable .I SigningTable
or
.I SigningTableEd25519
is in use; in that case, the list of signed domains is implied by the is in use; in that case, the list of signed domains is implied by the
lines in that file. lines in that file.
@@ -423,19 +421,6 @@ For all other database types, the full user@host is checked first, then simply h
In any case, only the first match is applied. In any case, only the first match is applied.
.TP
.I SigningTableEd25519 (dataset)
Defines a table used to select one or more signatures to apply to a message based on the address found in the From: header field. Keys in this table vary depending on the type of table used; values in this data set should include one field that contains a name found in the KeyTable (see above) that identifies which key should be used in generating the signature, and an optional second field naming the signer of the message that will be included in the "i=" tag in the generated signature. Note that the "i=" value will not be included in the signature if it conflicts with the signing domain (the "d=" value).
If the first field contains only a "%" character, it will be replaced by the domain found in the From: header field. Similarly, within the optional second field, any "%" character will be replaced by the domain found in the From: header field.
If this table specifies a regular expression file ("refile"), then the keys are wildcard patterns that are matched against the address found in the From: header field. Entries are checked in the order in which they appear in the file. ["refile support not implemented"].
For all other database types, the full user@host is checked first, then simply host, then user@.domain (with all superdomains checked in sequence, so "foo.example.com" would first check "user@foo.example.com", then "user@.example.com", then "user@.com"), then .domain, then user@*, and finally *.
In any case, only the first match is applied.
.TP .TP
.I Socket (string) .I Socket (string)
Specifies the socket that should be established by the filter to receive Specifies the socket that should be established by the filter to receive
tests/runtests
+3 -2
View File
@@ -21,7 +21,7 @@ for keytype in "${KEY_TYPES[@]}"; do
fi fi
if [ "$keytype" = ed25519 ]; then if [ "$keytype" = ed25519 ]; then
keytable=KeyTableEd25519 keytable=KeyTableEd25519
signingtable=SigningTableEd25519 signingtable=SigningTable
selector=SelectorEd25519 selector=SelectorEd25519
elif [ "$keytype" = rsa ]; then elif [ "$keytype" = rsa ]; then
keytable=KeyTable keytable=KeyTable
@@ -90,7 +90,8 @@ example.net, testkey, testkey.$keytype.key
EOF EOF
cat > "signing-table" <<EOF cat > "signing-table" <<EOF
%, @test.example.net example.org
%, @test.test.example.net
EOF EOF
done done