DandelionNStuff/dkimpy-milter-smtputf8
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use self.conf vice milterconfig in dkimMilter to make sure config doesn't change while running

Browse Source
This commit is contained in:
Scott Kitterman
2019-10-19 03:31:29 -04:00
parent 2106e2b1f6
commit d0bc03453f
1 changed files with 52 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dkimpy_milter/__init__.py
+52 -52
View File
@@ -65,19 +65,19 @@ class dkimMilter(Milter.Base):
if self.receiver is not None: if self.receiver is not None:
self.receiver = self.receiver.strip() self.receiver = self.receiver.strip()
try: try:
self.AuthservID = milterconfig['AuthservID'] self.AuthservID = self.conf['AuthservID']
except: except:
self.AuthservID = self.receiver self.AuthservID = self.receiver
if hostaddr and len(hostaddr) > 0: if hostaddr and len(hostaddr) > 0:
ipaddr = hostaddr[0] ipaddr = hostaddr[0]
if milterconfig['IntHosts']: if self.conf['IntHosts']:
if milterconfig['IntHosts'].match(ipaddr): if self.conf['IntHosts'].match(ipaddr):
self.internal_connection = True self.internal_connection = True
else: else:
ipaddr = '' ipaddr = ''
self.connectip = ipaddr self.connectip = ipaddr
if milterconfig.get('MacroList') and not self.internal_connection: if self.conf.get('MacroList') and not self.internal_connection:
macrolist = milterconfig.get('MacroList') macrolist = self.conf.get('MacroList')
for macro in macrolist: for macro in macrolist:
macroname = macro.split('|')[0] macroname = macro.split('|')[0]
macroname = '{' + macroname + '}' macroname = '{' + macroname + '}'
@@ -85,8 +85,8 @@ class dkimMilter(Milter.Base):
if ((len(macro.split('|')) == 1 and macroresult) or macroresult if ((len(macro.split('|')) == 1 and macroresult) or macroresult
in macro.split('|')[1:]): in macro.split('|')[1:]):
self.internal_connection = True self.internal_connection = True
if milterconfig.get('MacroListVerify'): if self.conf.get('MacroListVerify'):
macrolist = milterconfig.get('MacroListVerify') macrolist = self.conf.get('MacroListVerify')
for macro in macrolist: for macro in macrolist:
macroname = macro.split('|')[0] macroname = macro.split('|')[0]
macroname = '{' + macroname + '}' macroname = '{' + macroname + '}'
@@ -98,7 +98,7 @@ class dkimMilter(Milter.Base):
connecttype = 'INTERNAL' connecttype = 'INTERNAL'
else: else:
connecttype = 'EXTERNAL' connecttype = 'EXTERNAL'
if milterconfig.get('Syslog') and milterconfig.get('debugLevel') >= 1: if self.conf.get('Syslog') and self.conf.get('debugLevel') >= 1:
syslog.syslog("connect from {0} at {1} {2}" syslog.syslog("connect from {0} at {1} {2}"
.format(hostname, hostaddr, connecttype)) .format(hostname, hostaddr, connecttype))
return Milter.CONTINUE return Milter.CONTINUE
@@ -108,7 +108,7 @@ class dkimMilter(Milter.Base):
# of each message. # of each message.
@Milter.noreply @Milter.noreply
def envfrom(self, f, *str): def envfrom(self, f, *str):
if milterconfig.get('Syslog') and milterconfig.get('debugLevel') >= 2: if self.conf.get('Syslog') and self.conf.get('debugLevel') >= 2:
syslog.syslog("mail from: {0} {1}".format(f, str)) syslog.syslog("mail from: {0} {1}".format(f, str))
self.fp = io.BytesIO() self.fp = io.BytesIO()
self.mailfrom = f self.mailfrom = f
@@ -125,14 +125,14 @@ class dkimMilter(Milter.Base):
@Milter.noreply @Milter.noreply
def header(self, name, val): def header(self, name, val):
lname = name.lower() lname = name.lower()
if milterconfig.get('Syslog') and milterconfig.get('debugLevel') >= 4: if self.conf.get('Syslog') and self.conf.get('debugLevel') >= 4:
if lname == 'content-transfer-encoding': if lname == 'content-transfer-encoding':
syslog.syslog("content-transfer-encodeing: {0}".format(val)) syslog.syslog("content-transfer-encodeing: {0}".format(val))
if lname == 'content-type': if lname == 'content-type':
syslog.syslog("content-type: {0}".format(val)) syslog.syslog("content-type: {0}".format(val))
if lname == 'dkim-signature': if lname == 'dkim-signature':
if (milterconfig.get('Syslog') and if (self.conf.get('Syslog') and
milterconfig.get('debugLevel') >= 1): self.conf.get('debugLevel') >= 1):
syslog.syslog("{0}: {1}".format(name, val)) syslog.syslog("{0}: {1}".format(name, val))
self.has_dkim += 1 self.has_dkim += 1
if lname == 'from': if lname == 'from':
@@ -141,8 +141,8 @@ class dkimMilter(Milter.Base):
self.fdomain = self.author.split('@')[1].lower() self.fdomain = self.author.split('@')[1].lower()
except IndexError as er: except IndexError as er:
pass # self.author was not a proper email address pass # self.author was not a proper email address
if (milterconfig.get('Syslog') and if (self.conf.get('Syslog') and
milterconfig.get('debugLevel') >= 1): self.conf.get('debugLevel') >= 1):
syslog.syslog("{0}: {1}".format(name, val)) syslog.syslog("{0}: {1}".format(name, val))
elif lname == 'authentication-results': elif lname == 'authentication-results':
self.arheaders.append(val) self.arheaders.append(val)
@@ -179,8 +179,8 @@ class dkimMilter(Milter.Base):
.parse_value(FWS.sub('', val))) .parse_value(FWS.sub('', val)))
if ar.authserv_id == self.AuthservID: if ar.authserv_id == self.AuthservID:
self.chgheader('authentication-results', i, '') self.chgheader('authentication-results', i, '')
if (milterconfig.get('Syslog') and if (self.conf.get('Syslog') and
milterconfig.get('debugLevel') >= 1): self.conf.get('debugLevel') >= 1):
syslog.syslog('REMOVE: {0}'.format(val)) syslog.syslog('REMOVE: {0}'.format(val))
except: except:
# Don't error out on unparseable AR header fiels # Don't error out on unparseable AR header fiels
@@ -188,33 +188,33 @@ class dkimMilter(Milter.Base):
# Check and/or sign DKIM # Check and/or sign DKIM
self.fp.seek(0) self.fp.seek(0)
txt = self.fp.read() txt = self.fp.read()
if milterconfig.get('Domain'): if self.conf.get('Domain'):
domain = milterconfig.get('Domain') domain = self.conf.get('Domain')
else: else:
domain = '' domain = ''
if milterconfig.get('SubDomains'): if self.conf.get('SubDomains'):
self.fdomain = _get_parent_domain(self.fdomain, domain) self.fdomain = _get_parent_domain(self.fdomain, domain)
if ((self.fdomain in domain) and not milterconfig.get('Mode') == 'v' if ((self.fdomain in domain) and not self.conf.get('Mode') == 'v'
and not self.external_connection): and not self.external_connection):
self.sign_dkim(txt) self.sign_dkim(txt)
if ((self.has_dkim) and (not self.internal_connection) and if ((self.has_dkim) and (not self.internal_connection) and
(milterconfig.get('Mode') == 'v' or (self.conf.get('Mode') == 'v' or
milterconfig.get('Mode') == 'sv')): self.conf.get('Mode') == 'sv')):
self.check_dkim(txt) self.check_dkim(txt)
if self.arresults: if self.arresults:
h = authres.AuthenticationResultsHeader(authserv_id= h = authres.AuthenticationResultsHeader(authserv_id=
self.AuthservID, self.AuthservID,
results=self.arresults) results=self.arresults)
h = fold(codecs.encode(str(h), 'ascii')) h = fold(codecs.encode(str(h), 'ascii'))
if (milterconfig.get('Syslog') and if (self.conf.get('Syslog') and
milterconfig.get('debugLevel') >= 2): self.conf.get('debugLevel') >= 2):
syslog.syslog(codecs.decode(h, 'ascii')) syslog.syslog(codecs.decode(h, 'ascii'))
name, val = codecs.decode(h, 'ascii').split(': ', 1) name, val = codecs.decode(h, 'ascii').split(': ', 1)
self.addheader(name, val, 0) self.addheader(name, val, 0)
return Milter.CONTINUE return Milter.CONTINUE
def sign_dkim(self, txt): def sign_dkim(self, txt):
canon = codecs.encode(milterconfig.get('Canonicalization'), 'ascii') canon = codecs.encode(self.conf.get('Canonicalization'), 'ascii')
canonicalize = [] canonicalize = []
if len(canon.split(b'/')) == 2: if len(canon.split(b'/')) == 2:
canonicalize.append(canon.split(b'/')[0]) canonicalize.append(canon.split(b'/')[0])
@@ -222,53 +222,53 @@ class dkimMilter(Milter.Base):
else: else:
canonicalize.append(canon) canonicalize.append(canon)
canonicalize.append(canon) canonicalize.append(canon)
if (milterconfig.get('Syslog') and if (self.conf.get('Syslog') and
milterconfig.get('debugLevel') >= 1): self.conf.get('debugLevel') >= 1):
syslog.syslog('canonicalize: {0}'.format(canonicalize)) syslog.syslog('canonicalize: {0}'.format(canonicalize))
sign_headers = milterconfig.get('SignHeaders') sign_headers = self.conf.get('SignHeaders')
if not sign_headers: if not sign_headers:
# None or empty. DKIM explicitly tests for None. # None or empty. DKIM explicitly tests for None.
sign_headers = None sign_headers = None
try: try:
if milterconfig.get('privateRSA'): if self.conf.get('privateRSA'):
d = dkim.DKIM(txt) d = dkim.DKIM(txt)
h = d.sign(codecs.encode(milterconfig.get('Selector'), 'ascii'), codecs.encode(self.fdomain, 'ascii'), h = d.sign(codecs.encode(self.conf.get('Selector'), 'ascii'), codecs.encode(self.fdomain, 'ascii'),
codecs.encode(milterconfig.get('privateRSA'), 'ascii'), codecs.encode(self.conf.get('privateRSA'), 'ascii'),
canonicalize=(canonicalize[0], canonicalize=(canonicalize[0],
canonicalize[1]), canonicalize[1]),
include_headers=sign_headers) include_headers=sign_headers)
name, val = h.split(b': ', 1) name, val = h.split(b': ', 1)
self.addheader(codecs.decode(name, 'ascii'), codecs.decode(val, 'ascii').strip().replace('\r\n', '\n'), 0) self.addheader(codecs.decode(name, 'ascii'), codecs.decode(val, 'ascii').strip().replace('\r\n', '\n'), 0)
if (milterconfig.get('Syslog') and if (self.conf.get('Syslog') and
(milterconfig.get('SyslogSuccess') (self.conf.get('SyslogSuccess')
or milterconfig.get('debugLevel') >= 1)): or self.conf.get('debugLevel') >= 1)):
syslog.syslog('{0}: {1} DKIM signature added (s={2} ' syslog.syslog('{0}: {1} DKIM signature added (s={2} '
'd={3})'.format(self.getsymval('i'), 'd={3})'.format(self.getsymval('i'),
d.signature_fields.get(b'a').decode(), d.signature_fields.get(b'a').decode(),
d.signature_fields.get(b's').decode(), d.signature_fields.get(b's').decode(),
d.domain.decode().lower())) d.domain.decode().lower()))
if milterconfig.get('privateEd25519'): if self.conf.get('privateEd25519'):
d = dkim.DKIM(txt) d = dkim.DKIM(txt)
h = d.sign(codecs.encode(milterconfig.get('SelectorEd25519'), 'ascii'), codecs.encode(self.fdomain, 'ascii'), h = d.sign(codecs.encode(self.conf.get('SelectorEd25519'), 'ascii'), codecs.encode(self.fdomain, 'ascii'),
milterconfig.get('privateEd25519'), canonicalize=(canonicalize[0], self.conf.get('privateEd25519'), canonicalize=(canonicalize[0],
canonicalize[1]), canonicalize[1]),
include_headers=sign_headers, include_headers=sign_headers,
signature_algorithm=b'ed25519-sha256') signature_algorithm=b'ed25519-sha256')
name, val = h.split(b': ', 1) name, val = h.split(b': ', 1)
self.addheader(codecs.decode(name, 'ascii'), codecs.decode(val, 'ascii').strip().replace('\r\n', '\n'), 0) self.addheader(codecs.decode(name, 'ascii'), codecs.decode(val, 'ascii').strip().replace('\r\n', '\n'), 0)
if (milterconfig.get('Syslog') and if (self.conf.get('Syslog') and
(milterconfig.get('SyslogSuccess') (self.conf.get('SyslogSuccess')
or milterconfig.get('debugLevel') >= 1)): or self.conf.get('debugLevel') >= 1)):
syslog.syslog('{0}: {1} DKIM signature added (s={2} ' syslog.syslog('{0}: {1} DKIM signature added (s={2} '
'd={3})'.format(self.getsymval('i'), 'd={3})'.format(self.getsymval('i'),
d.signature_fields.get(b'a').decode(), d.signature_fields.get(b'a').decode(),
d.signature_fields.get(b's').decode(), d.signature_fields.get(b's').decode(),
d.domain.decode().lower())) d.domain.decode().lower()))
except dkim.DKIMException as x: except dkim.DKIMException as x:
if milterconfig.get('Syslog'): if self.conf.get('Syslog'):
syslog.syslog('DKIM: {0}'.format(x)) syslog.syslog('DKIM: {0}'.format(x))
except Exception as x: except Exception as x:
if milterconfig.get('Syslog'): if self.conf.get('Syslog'):
syslog.syslog("sign_dkim: {0}".format(x)) syslog.syslog("sign_dkim: {0}".format(x))
raise raise
@@ -278,7 +278,7 @@ class dkimMilter(Milter.Base):
for y in range(self.has_dkim): # Verify _ALL_ the signatures for y in range(self.has_dkim): # Verify _ALL_ the signatures
d = dkim.DKIM(txt) d = dkim.DKIM(txt)
try: try:
dnsoverride = milterconfig.get('DNSOverride') dnsoverride = self.conf.get('DNSOverride')
if isinstance(dnsoverride, str): if isinstance(dnsoverride, str):
syslog.syslog("DNSOverride: {0}".format(dnsoverride)) syslog.syslog("DNSOverride: {0}".format(dnsoverride))
res = d.verify(idx=y, dnsfunc=lambda _x: dnsoverride) res = d.verify(idx=y, dnsfunc=lambda _x: dnsoverride)
@@ -297,11 +297,11 @@ class dkimMilter(Milter.Base):
.format(d.keysize, algo)) .format(d.keysize, algo))
except dkim.DKIMException as x: except dkim.DKIMException as x:
self.dkim_comment = str(x) self.dkim_comment = str(x)
if milterconfig.get('Syslog'): if self.conf.get('Syslog'):
syslog.syslog('DKIM: {0}'.format(x)) syslog.syslog('DKIM: {0}'.format(x))
except Exception as x: except Exception as x:
self.dkim_comment = str(x) self.dkim_comment = str(x)
if milterconfig.get('Syslog'): if self.conf.get('Syslog'):
syslog.syslog("check_dkim: Internal program fault while verifying: {0}".format(x)) syslog.syslog("check_dkim: Internal program fault while verifying: {0}".format(x))
try: try:
# i= is optional and dkimpy is fine if it's not provided # i= is optional and dkimpy is fine if it's not provided
@@ -313,15 +313,15 @@ class dkimMilter(Milter.Base):
self.header_a = codecs.decode(d.signature_fields.get(b'a'), 'ascii') self.header_a = codecs.decode(d.signature_fields.get(b'a'), 'ascii')
except Exception as x: except Exception as x:
self.dkim_comment = str(x) self.dkim_comment = str(x)
if milterconfig.get('Syslog'): if self.conf.get('Syslog'):
syslog.syslog("check_dkim: Internal proram fuault extracting header a or d: {0}".format(x)) syslog.syslog("check_dkim: Internal proram fuault extracting header a or d: {0}".format(x))
self.header_d = None self.header_d = None
if not self.header_a: if not self.header_a:
self.header_a = 'rsa-sha256' self.header_a = 'rsa-sha256'
if res: if res:
if (milterconfig.get('Syslog') and if (self.conf.get('Syslog') and
(milterconfig.get('SyslogSuccess') or (self.conf.get('SyslogSuccess') or
milterconfig.get('debugLevel') >= 1)): self.conf.get('debugLevel') >= 1)):
syslog.syslog('{0}: {1} DKIM signature verified (s={2} ' syslog.syslog('{0}: {1} DKIM signature verified (s={2} '
'd={3})'.format(self.getsymval('i'), 'd={3})'.format(self.getsymval('i'),
d.signature_fields.get(b'a').decode(), d.signature_fields.get(b'a').decode(),
@@ -329,15 +329,15 @@ class dkimMilter(Milter.Base):
d.domain.decode().lower())) d.domain.decode().lower()))
self.dkim_domain = d.domain.lower() self.dkim_domain = d.domain.lower()
else: else:
if milterconfig.get('DiagnosticDirectory'): if self.conf.get('DiagnosticDirectory'):
fd, fname = tempfile.mkstemp(".dkim") fd, fname = tempfile.mkstemp(".dkim")
with os.fdopen(fd, "w+b") as fp: with os.fdopen(fd, "w+b") as fp:
fp.write(txt) fp.write(txt)
if milterconfig.get('Syslog'): if self.conf.get('Syslog'):
syslog.syslog('DKIM: Fail (saved as {0})' syslog.syslog('DKIM: Fail (saved as {0})'
.format(fname)) .format(fname))
else: else:
if milterconfig.get('Syslog'): if self.conf.get('Syslog'):
if d.domain: if d.domain:
syslog.syslog('DKIM: Fail ({0})' syslog.syslog('DKIM: Fail ({0})'
.format(d.domain.lower())) .format(d.domain.lower()))