On Sun, Apr 17, 2016 at 11:20:05AM -0400, Ryan Kavanagh wrote:
> > smtpd.conf
> >
> > filter filter-dkim-signer dkim-signer "-D mydomain -p
> > /etc/mail/private.key -s selector1"
>
> Part of the problem is the spaces here. At least, when I tried with a space
> before the argument for "-p", I got a file not found error.
Please find below a diff which fixes this and allows spaces, bringing
the filter in-line with others. I only compile tested this, as I do not
use filter-dkim-signer. Please let me know if it works for you (you
need a recent git source checkout to apply this diff), then I would like
to commit it.
> I also ended up having to wrap each individual argument in quotes,
> though I'm not sure if this was necessary.
It is.
> Here's what I have in my smtpd.conf:
>
> filter filter-dkim-signer dkim-signer "-Dryanak.ca"
> "-p/var/db/dkim/_may2014.ryanak.ca.key" "-smay2014"
> filter all chain filter-dkim-signer
>
> ...
>
> listen on lo0 filter all
> listen on vio0 filter all secure pki ryanak.ca
> listen on vio0 port submission filter all tls-require pki ryanak.ca auth
> <authdb>
>
> ...
>
> accept from local for any relay
>
> In retrospect, I probably shouldn't have the filter applied on the second
> "listen on" line, because I this causes incoming mail to also be DKIM signed.
Yes. :)
diff --git a/extras/wip/filters/filter-dkim-signer/filter_dkim_signer.c
b/extras/wip/filters/filter-dkim-signer/filter_dkim_signer.c
index d0bb911..78117ab 100644
--- a/extras/wip/filters/filter-dkim-signer/filter_dkim_signer.c
+++ b/extras/wip/filters/filter-dkim-signer/filter_dkim_signer.c
@@ -33,7 +33,6 @@
#define CRLF "\r\n"
#define CRLF_LEN 2
#define PRIVATE_KEY "/etc/ssl/private/rsa.private"
-#define DEF_SELECTOR "default"
#define TEMPLATE "DKIM-Signature: v=1; a=rsa-sha256; " \
"c=simple/simple; d=%s; " \
"h=%s; " \
@@ -71,7 +70,7 @@ static void on_rollback(uint64_t);
static RSA *rsa;
static const char *domain;
-static const char *selector;
+static const char *selector = "default";
static void
cleanup(struct signer *s)
@@ -268,7 +267,8 @@ int
main(int argc, char **argv)
{
int ch, d = 0, v = 0;
- const char *p = NULL;
+ const char *p = PRIVATE_KEY;
+ char *D = NULL, *s = NULL;
FILE *fp;
static char hostname[SMTPD_MAXHOSTNAMELEN];
@@ -277,7 +277,7 @@ main(int argc, char **argv)
while ((ch = getopt(argc, argv, "D:dp:s:v")) != -1) {
switch (ch) {
case 'D':
- domain = optarg;
+ D = optarg;
break;
case 'd':
d = 1;
@@ -286,7 +286,7 @@ main(int argc, char **argv)
p = optarg;
break;
case 's':
- selector = optarg;
+ s = optarg;
break;
case 'v':
v |= TRACE_DEBUG;
@@ -297,36 +297,29 @@ main(int argc, char **argv)
/* NOTREACHED */
}
}
-
argc -= optind;
argv += optind;
- if (domain == NULL) {
- if (gethostname(hostname, sizeof(hostname)) == -1)
- fatal("main: gethostname");
- domain = hostname;
- }
-
- if (selector == NULL)
- selector = DEF_SELECTOR;
-
- if (p == NULL)
- p = PRIVATE_KEY;
+ if (D)
+ domain = strip(D);
+ if (s)
+ selector = strip(s);
log_init(d);
log_verbose(v);
log_debug("debug: starting...");
-
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
-
+ if (domain == NULL) {
+ if (gethostname(hostname, sizeof(hostname)) == -1)
+ fatal("main: gethostname");
+ domain = hostname;
+ }
if ((fp = fopen(p, "r")) == NULL)
fatal("main: fopen %s", p);
-
- rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL);
- if (rsa == NULL)
+ if ((rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL)) == NULL)
fatalx("dkim_signer: PEM_read_RSAPrivateKey");
filter_api_on_data(on_data);
@@ -337,7 +330,6 @@ main(int argc, char **argv)
filter_api_on_rollback(on_rollback);
filter_api_loop();
-
log_debug("debug: exiting");
return 1;
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
