On Sun, Apr 17, 2016 at 11:20:05AM -0400, Ryan Kavanagh wrote: > > smtpd.conf > > > > filter filter-dkim-signer dkim-signer "-D mydomain -p > > /etc/mail/private.key -s selector1" > > Part of the problem is the spaces here. At least, when I tried with a space > before the argument for "-p", I got a file not found error.
Please find below a diff which fixes this and allows spaces, bringing the filter in-line with others. I only compile tested this, as I do not use filter-dkim-signer. Please let me know if it works for you (you need a recent git source checkout to apply this diff), then I would like to commit it. > I also ended up having to wrap each individual argument in quotes, > though I'm not sure if this was necessary. It is. > Here's what I have in my smtpd.conf: > > filter filter-dkim-signer dkim-signer "-Dryanak.ca" > "-p/var/db/dkim/_may2014.ryanak.ca.key" "-smay2014" > filter all chain filter-dkim-signer > > ... > > listen on lo0 filter all > listen on vio0 filter all secure pki ryanak.ca > listen on vio0 port submission filter all tls-require pki ryanak.ca auth > <authdb> > > ... > > accept from local for any relay > > In retrospect, I probably shouldn't have the filter applied on the second > "listen on" line, because I this causes incoming mail to also be DKIM signed. Yes. :) diff --git a/extras/wip/filters/filter-dkim-signer/filter_dkim_signer.c b/extras/wip/filters/filter-dkim-signer/filter_dkim_signer.c index d0bb911..78117ab 100644 --- a/extras/wip/filters/filter-dkim-signer/filter_dkim_signer.c +++ b/extras/wip/filters/filter-dkim-signer/filter_dkim_signer.c @@ -33,7 +33,6 @@ #define CRLF "\r\n" #define CRLF_LEN 2 #define PRIVATE_KEY "/etc/ssl/private/rsa.private" -#define DEF_SELECTOR "default" #define TEMPLATE "DKIM-Signature: v=1; a=rsa-sha256; " \ "c=simple/simple; d=%s; " \ "h=%s; " \ @@ -71,7 +70,7 @@ static void on_rollback(uint64_t); static RSA *rsa; static const char *domain; -static const char *selector; +static const char *selector = "default"; static void cleanup(struct signer *s) @@ -268,7 +267,8 @@ int main(int argc, char **argv) { int ch, d = 0, v = 0; - const char *p = NULL; + const char *p = PRIVATE_KEY; + char *D = NULL, *s = NULL; FILE *fp; static char hostname[SMTPD_MAXHOSTNAMELEN]; @@ -277,7 +277,7 @@ main(int argc, char **argv) while ((ch = getopt(argc, argv, "D:dp:s:v")) != -1) { switch (ch) { case 'D': - domain = optarg; + D = optarg; break; case 'd': d = 1; @@ -286,7 +286,7 @@ main(int argc, char **argv) p = optarg; break; case 's': - selector = optarg; + s = optarg; break; case 'v': v |= TRACE_DEBUG; @@ -297,36 +297,29 @@ main(int argc, char **argv) /* NOTREACHED */ } } - argc -= optind; argv += optind; - if (domain == NULL) { - if (gethostname(hostname, sizeof(hostname)) == -1) - fatal("main: gethostname"); - domain = hostname; - } - - if (selector == NULL) - selector = DEF_SELECTOR; - - if (p == NULL) - p = PRIVATE_KEY; + if (D) + domain = strip(D); + if (s) + selector = strip(s); log_init(d); log_verbose(v); log_debug("debug: starting..."); - OpenSSL_add_all_algorithms(); OpenSSL_add_all_ciphers(); OpenSSL_add_all_digests(); - + if (domain == NULL) { + if (gethostname(hostname, sizeof(hostname)) == -1) + fatal("main: gethostname"); + domain = hostname; + } if ((fp = fopen(p, "r")) == NULL) fatal("main: fopen %s", p); - - rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); - if (rsa == NULL) + if ((rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL)) == NULL) fatalx("dkim_signer: PEM_read_RSAPrivateKey"); filter_api_on_data(on_data); @@ -337,7 +330,6 @@ main(int argc, char **argv) filter_api_on_rollback(on_rollback); filter_api_loop(); - log_debug("debug: exiting"); return 1; -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org