DandelionNStuff/dkimpy-milter-smtputf8
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor signing domain determination into get_identities_sign function and add support for passing i= when signing in prepartation for parsing the signing table

Browse Source
This commit is contained in:
Scott Kitterman
2019-10-22 19:45:18 -04:00
parent 3061215f49
commit d6b0acb101
1 changed files with 18 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dkimpy_milter/__init__.py
+18 -13
View File
@@ -54,6 +54,7 @@ class dkimMilter(Milter.Base):
self.conf = milterconfig self.conf = milterconfig
self.fp = None self.fp = None
self.fdomain = '' self.fdomain = ''
self.iequals = None
@Milter.noreply @Milter.noreply
def connect(self, hostname, unused, hostaddr): def connect(self, hostname, unused, hostaddr):
@@ -188,13 +189,8 @@ class dkimMilter(Milter.Base):
# Check and/or sign DKIM # Check and/or sign DKIM
self.fp.seek(0) self.fp.seek(0)
txt = self.fp.read() txt = self.fp.read()
if self.conf.get('Domain'): self.get_identities_sign()
domain = self.conf.get('Domain') if ((self.fdomain in self.domain) and not self.conf.get('Mode') == 'v'
else:
domain = ''
if self.conf.get('SubDomains'):
self.fdomain = _get_parent_domain(self.fdomain, domain)
if ((self.fdomain in domain) and not self.conf.get('Mode') == 'v'
and not self.external_connection): and not self.external_connection):
self.sign_dkim(txt) self.sign_dkim(txt)
if ((self.has_dkim) and (not self.internal_connection) and if ((self.has_dkim) and (not self.internal_connection) and
@@ -213,6 +209,16 @@ class dkimMilter(Milter.Base):
self.addheader(name, val, 0) self.addheader(name, val, 0)
return Milter.CONTINUE return Milter.CONTINUE
def get_identities_sign(self):
"""Determine d= and i= identiies for signature"""
if self.conf.get('Domain'):
self.domain = self.conf.get('Domain')
else:
self.domain = ''
if self.conf.get('SubDomains'):
self.fdomain = _get_parent_domain(self.fdomain, self.domain)
def sign_dkim(self, txt): def sign_dkim(self, txt):
canon = codecs.encode(self.conf.get('Canonicalization'), 'ascii') canon = codecs.encode(self.conf.get('Canonicalization'), 'ascii')
canonicalize = [] canonicalize = []
@@ -234,9 +240,8 @@ class dkimMilter(Milter.Base):
d = dkim.DKIM(txt) d = dkim.DKIM(txt)
h = d.sign(codecs.encode(self.conf.get('Selector'), 'ascii'), codecs.encode(self.fdomain, 'ascii'), h = d.sign(codecs.encode(self.conf.get('Selector'), 'ascii'), codecs.encode(self.fdomain, 'ascii'),
codecs.encode(self.conf.get('privateRSA'), 'ascii'), codecs.encode(self.conf.get('privateRSA'), 'ascii'),
canonicalize=(canonicalize[0], canonicalize=(canonicalize[0], canonicalize[1]),
canonicalize[1]), identity=self.iequals, include_headers=sign_headers)
include_headers=sign_headers)
name, val = h.split(b': ', 1) name, val = h.split(b': ', 1)
self.addheader(codecs.decode(name, 'ascii'), codecs.decode(val, 'ascii').strip().replace('\r\n', '\n'), 0) self.addheader(codecs.decode(name, 'ascii'), codecs.decode(val, 'ascii').strip().replace('\r\n', '\n'), 0)
if (self.conf.get('Syslog') and if (self.conf.get('Syslog') and
@@ -250,9 +255,9 @@ class dkimMilter(Milter.Base):
if self.conf.get('privateEd25519'): if self.conf.get('privateEd25519'):
d = dkim.DKIM(txt) d = dkim.DKIM(txt)
h = d.sign(codecs.encode(self.conf.get('SelectorEd25519'), 'ascii'), codecs.encode(self.fdomain, 'ascii'), h = d.sign(codecs.encode(self.conf.get('SelectorEd25519'), 'ascii'), codecs.encode(self.fdomain, 'ascii'),
self.conf.get('privateEd25519'), canonicalize=(canonicalize[0], self.conf.get('privateEd25519'),
canonicalize[1]), canonicalize=(canonicalize[0], canonicalize[1]),
include_headers=sign_headers, identity=self.iequals, include_headers=sign_headers,
signature_algorithm=b'ed25519-sha256') signature_algorithm=b'ed25519-sha256')
name, val = h.split(b': ', 1) name, val = h.split(b': ', 1)
self.addheader(codecs.decode(name, 'ascii'), codecs.decode(val, 'ascii').strip().replace('\r\n', '\n'), 0) self.addheader(codecs.decode(name, 'ascii'), codecs.decode(val, 'ascii').strip().replace('\r\n', '\n'), 0)