- backported patches

Marius Cramer

2015-05-20 8d3466b091af302eaf6ed81deb8ff946cd04c74a

 server/plugins-available/mail_plugin_dkim.inc.php

@@ -75,9 +75,9 @@
    */
   function get_amavis_config() {
      $pos_config=array(
         '/etc/amavisd.conf',
         '/etc/amavisd.conf/50-user',
         '/etc/amavis/conf.d/50-user',
         '/etc/amavisd.conf',
         '/etc/amavisd/amavisd.conf'
      );
      $amavis_configfile='';
@@ -111,20 +111,20 @@

      //* When we can use 60-dkim for the dkim-keys create the file if it does not exists.
      if (substr_compare($amavis_configfile, '60-dkim', -7) === 0 && !file_exists($amavis_configfile))
         $app->system->file_put_contents($amavis_configfile, '');
         $app->system->touch($amavis_configfile);

      if ( $amavis_configfile == '' || !is_writeable($amavis_configfile) ) {
         $app->log('Amavis-config not found or not writeable.', LOGLEVEL_ERROR);
         $check=false;
      }

      /* dir for dkim-keys writeable? */
      $mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail');
      if (   isset($mail_config['dkim_path']) && 
            !empty($mail_config['dkim_path']) && 
            isset($data['new']['dkim_private']) && 
            !empty($data['new']['dkim_private']) &&
            $mail_config['dkim_path'] != '/' &&
            $app->system->checkpath($mail_config['dkim_path'])
            $mail_config['dkim_path'] != '/' 
      ) {
            if (!is_dir($mail_config['dkim_path'])) {
                $app->log('DKIM Path '.$mail_config['dkim_path'].' not found - (re)created.', LOGLEVEL_DEBUG);
@@ -141,18 +141,27 @@
               $app->system->chown($mail_config['dkim_path'], $amavis_user);
            } else {
               mkdir($mail_config['dkim_path'], 0755, true);
               $app->log('No user amavis or vscan found - using root for '.$mail_config['dkim_path']
, LOGLEVEL_WARNING);
               $app->log('No user amavis or vscan found - using root for '.$mail_config['dkim_path'], LOGLEVEL_WARNING);
            }
            }
            } else {
            if (!$app->system->checkpath($mail_config['dkim_path'])) {
               $app->log('Unable to write DKIM settings - invalid DKIM-Path (symlink?)', LOGLEVEL_ERROR);
               $check=false;
            }
         }

         if (!is_writeable($mail_config['dkim_path'])) {
            $app->log('DKIM Path '.$mail_config['dkim_path'].' not writeable.', LOGLEVEL_ERROR);
            $check=false;
         }

         if ( !$app->system->checkpath($mail_config['dkim_path']) ) {
            $app->log('DKIM Path '.$mail_config['dkim_path'].' failed in checkpath.', LOGLEVEL_ERROR);
            $check = false;
         }

      } else {
         $app->log('Unable to write DKIM settings - no DKIM-Path defined', LOGLEVEL_ERROR);
         $app->log('Unable to write DKIM settings - no or invalid DKIM-Path defined', LOGLEVEL_ERROR);
         $check=false;
      }
      return $check;
@@ -174,6 +183,7 @@
                break;
                }
        }
      if ( $initfile == '' ) $initfile = 'service amavis';
        $app->log('Restarting amavis: '.$initfile.'.', LOGLEVEL_DEBUG);
        exec(escapeshellarg($initfile).' restart', $output);
        foreach($output as $logline) $app->log($logline, LOGLEVEL_DEBUG);
@@ -184,12 +194,12 @@
    * @param string $key_file full path to the key-file
    * @param string $key_value private-key
    * @param string $key_domain mail-domain
    * @return bool - true when the key is written to disk
    * @return bool - true when the private key was written to disk
    */
   function write_dkim_key($key_file, $key_value, $key_domain) {
      global $app, $mailconfig;
      $success=false;
      if (!$app->system->file_put_contents($key_file.'.private', $key_value) === false) {
      if ( $app->system->file_put_contents($key_file.'.private', $key_value) ) {
         $app->log('Saved DKIM Private-key to '.$key_file.'.private', LOGLEVEL_DEBUG);
         $success=true;
         /* now we get the DKIM Public-key */
@@ -197,7 +207,7 @@
         $public_key='';
         foreach($pubkey as $values) $public_key=$public_key.$values."\n";
         /* save the DKIM Public-key in dkim-dir */
         if (!$app->system->file_put_contents($key_file.'.public', $public_key) === false)
         if ( $app->system->file_put_contents($key_file.'.public', $public_key) )
            $app->log('Saved DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
         else $app->log('Unable to save DKIM Public to '.$key_domain.'.', LOGLEVEL_DEBUG);
      } else {
@@ -239,20 +249,20 @@
      //* If we are using seperate config-files with amavis remove existing keys from 50-user to avoid duplicate keys
      if (substr_compare($amavis_configfile, '60-dkim', -7) === 0) {
         $temp_configfile = str_replace('60-dkim', '50-user', $amavis_configfile);
         $temp_config = $app->system->file_get_contents($temp_configfile);
         $temp_config = $app->system->file_get_contents($temp_configfile, true);
         if (preg_match($search_regex, $temp_config)) {
            $temp_config = preg_replace($search_regex, '', $temp_config)."\n";
            $app->system->file_put_contents($temp_configfile, $temp_config);
            $app->system->file_put_contents($temp_configfile, $temp_config, true);
         }
         unset($temp_configfile);
         unset($temp_config);
      }

      $key_value="dkim_key('".$key_domain."', '".$selector."', '".$mail_config['dkim_path']."/".$key_domain.".private');\n";
      $amavis_config = $app->system->file_get_contents($amavis_configfile);
      $amavis_config = $app->system->file_get_contents($amavis_configfile, true);
      $amavis_config = preg_replace($search_regex, '', $amavis_config).$key_value;

      if ( $app->system->file_put_contents($amavis_configfile, $amavis_config) ) {
      if ( $app->system->file_put_contents($amavis_configfile, $amavis_config, true) ) {
         $app->log('Adding DKIM Private-key to amavis-config.', LOGLEVEL_DEBUG);
         $restart = true;
      } else {
@@ -271,13 +281,13 @@

      $restart = false;
      $amavis_configfile = $this->get_amavis_config();
      $amavis_config = $app->system->file_get_contents($amavis_configfile);
      $amavis_config = $app->system->file_get_contents($amavis_configfile, true);

      $search_regex = "/(\n|\r)?dkim_key.*".$key_domain.".*(\n|\r)?/";

      if (preg_match($search_regex, $amavis_config)) {
         $amavis_config = preg_replace($search_regex, '', $amavis_config);
         $app->system->file_put_contents($amavis_configfile, $amavis_config);
         $app->system->file_put_contents($amavis_configfile, $amavis_config, true);
         $app->log('Deleted the DKIM settings from amavis-config for '.$key_domain.'.', LOGLEVEL_DEBUG);
         $restart = true;
      }
@@ -285,10 +295,10 @@
      //* If we are using seperate config-files with amavis remove existing keys from 50-user, too
      if (substr_compare($amavis_configfile, '60-dkim', -7) === 0) {
         $temp_configfile = str_replace('60-dkim', '50-user', $amavis_configfile);
         $temp_config = $app->system->file_get_contents($temp_configfile);
         $temp_config = $app->system->file_get_contents($temp_configfile, true);
         if (preg_match($search_regex, $temp_config)) {
            $temp_config = preg_replace($search_regex, '', $temp_config);
            $app->system->file_put_contents($temp_configfile, $temp_config);
            $app->system->file_put_contents($temp_configfile, $temp_config, true);
            $restart = true;
         }
         unset($temp_configfile);
@@ -315,7 +325,7 @@
               $this->remove_dkim_key($mail_config['dkim_path']."/".$data['new']['domain'], $data['new']['domain']);
            }
         } else {
            $app->log('Error saving the DKIM Private-key for '.$data['new']['domain'].' - DKIM is not enabled for the domain.', LOGLEVEL_ERROR);
            $app->log('Error saving the DKIM Private-key for '.$data['new']['domain'].' - DKIM is not enabled for the domain.', LOGLEVEL_DEBUG);
         }
      }
   }
@@ -359,44 +369,46 @@
    */
   function domain_dkim_update($event_name, $data) {
      global $app;
      if ($this->check_system($data)) {
         /* maildomain disabled */
         if ($data['new']['active'] == 'n' && $data['old']['active'] == 'y' && $data['new']['dkim']=='y') {
            $app->log('Maildomain '.$data['new']['domain'].' disabled - remove DKIM-settings', LOGLEVEL_DEBUG);
            $this->remove_dkim($data['new']);
         }
         /* maildomain re-enabled */
         if ($data['new']['active'] == 'y' && $data['old']['active'] == 'n' && $data['new']['dkim']=='y') 
            $this->add_dkim($data);

         /* maildomain active - only dkim changes */
         if ($data['new']['active'] == 'y' && $data['old']['active'] == 'y') {
            /* dkim disabled */
            if ($data['new']['dkim'] != $data['old']['dkim'] && $data['new']['dkim'] == 'n') {
      if($data['new']['dkim'] == 'y' || $data['old']['dkim'] == 'y'){
         if ($this->check_system($data)) {
            /* maildomain disabled */
            if ($data['new']['active'] == 'n' && $data['old']['active'] == 'y' && $data['new']['dkim']=='y') {
               $app->log('Maildomain '.$data['new']['domain'].' disabled - remove DKIM-settings', LOGLEVEL_DEBUG);
               $this->remove_dkim($data['new']);
            }
            /* dkim enabled */
            elseif ($data['new']['dkim'] != $data['old']['dkim'] && $data['new']['dkim'] == 'y') {
            /* maildomain re-enabled */
            if ($data['new']['active'] == 'y' && $data['old']['active'] == 'n' && $data['new']['dkim']=='y') 
               $this->add_dkim($data);
            }
            /* new private-key */
            if ($data['new']['dkim_private'] != $data['old']['dkim_private'] && $data['new']['dkim'] == 'y') {
               $this->add_dkim($data);
            }
            /* new selector */
            if ($data['new']['dkim_selector'] != $data['old']['dkim_selector'] && $data['new']['dkim'] == 'y') {
               $this->add_dkim($data);
            }
            /* new domain-name */
            if ($data['new']['domain'] != $data['old']['domain']) {
               $this->remove_dkim($data['old']);
               $this->add_dkim($data);
            }
         }

         /* resync */
         if ($data['new']['active'] == 'y' && $data['new'] == $data['old']) {
            $this->add_dkim($data);
            /* maildomain active - only dkim changes */
            if ($data['new']['active'] == 'y' && $data['old']['active'] == 'y') {
               /* dkim disabled */
               if ($data['new']['dkim'] != $data['old']['dkim'] && $data['new']['dkim'] == 'n') {
                  $this->remove_dkim($data['new']);
               }
               /* dkim enabled */
               elseif ($data['new']['dkim'] != $data['old']['dkim'] && $data['new']['dkim'] == 'y') {
                  $this->add_dkim($data);
               }
               /* new private-key */
               if ($data['new']['dkim_private'] != $data['old']['dkim_private'] && $data['new']['dkim'] == 'y') {
                  $this->add_dkim($data);
               }
               /* new selector */
               if ($data['new']['dkim_selector'] != $data['old']['dkim_selector'] && $data['new']['dkim'] == 'y') {
                  $this->add_dkim($data);
               }
               /* new domain-name */
               if ($data['new']['domain'] != $data['old']['domain']) {
                  $this->remove_dkim($data['old']);
                  $this->add_dkim($data);
               }
            }

            /* resync */
            if ($data['new']['active'] == 'y' && $data['new'] == $data['old'] && $data['new']['dkim']=='y') {
               $this->add_dkim($data);
            }
         }
      }
   }