From 9e0cb0162a2ae8a2f4b102abefe7acfb120dd175 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Sat, 06 Dec 2014 15:45:53 -0500
Subject: [PATCH] updated dkim-handling
---
/dev/null | 72 ------------
interface/web/mail/templates/mail_domain_edit.htm | 2
interface/web/js/mail_domain_dkim.js | 25 ++-
interface/web/mail/mail_domain_edit.php | 161 +++++++++++---------------
interface/web/mail/mail_domain_dkim_create.php | 96 +++++++--------
5 files changed, 131 insertions(+), 225 deletions(-)
diff --git a/interface/web/js/dns_dkim.js b/interface/web/js/dns_dkim.js
deleted file mode 100644
index 58f8dcf..0000000
--- a/interface/web/js/dns_dkim.js
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
-Copyright (c) 2007 - 2013, Till Brehm, projektfarm Gmbh
-Copyright (c) 2013, Florian Schaal, info@schaal-24.de
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
-
- * Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
- * Neither the name of ISPConfig nor the names of its contributors
- may be used to endorse or promote products derived from this software without
- specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
-INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
-OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-
-
-This Javascript is invoked by
- * dns/templates/dns_dkim_edit.htm to get the public key
-*/
- var request = false;
-
- function setRequest(zone) {
- if (window.XMLHttpRequest) {request = new XMLHttpRequest();}
- else if (window.ActiveXObject) {
- try {request = new ActiveXObject('Msxml2.XMLHTTP');}
- catch (e) {
- try {request = new ActiveXObject('Microsoft.XMLHTTP');}
- catch (e) {}
- }
- }
- if (!request) {
- alert("Error creating XMLHTTP-instance");
- return false;
- } else {
- request.open('POST', 'dns/dns_dkim_get.php', true);
- request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
- request.send('&zone='+zone);
- request.onreadystatechange = interpretRequest;
- }
- }
-
- function interpretRequest() {
- switch (request.readyState) {
- case 4:
- if (request.status != 200) {alert("Request done but NOK\nError:"+request.status);}
- else {
- document.getElementsByName('data')[0].value = request.responseXML.getElementsByTagName('data')[0].firstChild.nodeValue;
- document.getElementsByName('name')[0].value = request.responseXML.getElementsByTagName('name')[0].firstChild.nodeValue;
- document.getElementsByName('selector')[0].value = request.responseXML.getElementsByTagName('selector')[0].firstChild.nodeValue;
- }
- break;
- default:
- break;
- }
- }
-
-var serverType = jQuery('#zone').val();
-setRequest(serverType);
diff --git a/interface/web/js/mail_domain_dkim.js b/interface/web/js/mail_domain_dkim.js
index fdc7ae5..0b9ea59 100755
--- a/interface/web/js/mail_domain_dkim.js
+++ b/interface/web/js/mail_domain_dkim.js
@@ -31,15 +31,16 @@
This Javascript is invoked by
* mail/templates/mail_domain_edit.htm to show and/or create the key-pair
*/
-var request = false;
-
$('.subsectiontoggle').on('click', function(){
$(this).children().toggleClass('showing').end().next().slideToggle();
});
-function setRequest(action) {
+var request = false;
+
+//function setRequest(action) {
+function setRequest() {
if (window.XMLHttpRequest) {
- request = new XMLHttpRequest();
+ request = new XMLHttpRequest();
} else if (window.ActiveXObject) {
try {
request = new ActiveXObject('Msxml2.XMLHTTP');
@@ -51,7 +52,6 @@
catch (e) {}
}
}
-
if (!request) {
alert("Error creating XMLHTTP-instance");
return false;
@@ -64,12 +64,20 @@
} else {
var domain = jQuery('#domain').val();
}
+
+ // we nedd the client-id to get the dkim-strength of the right mail-server
+ try {
+ var clientid = document.getElementById("client_group_id").selectedIndex; // admin and reseller
+ }
+ catch (e) {
+ var clientid = jQuery('#client_id').val();; // user
+ }
+
var selector=jQuery('#dkim_selector').val();
var publickey=jQuery('#dkim_public').val();
- var privatekey=encodeURIComponent(document.getElementById("dkim_private").value)
request.open('POST', 'mail/mail_domain_dkim_create.php', true);
request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
- request.send('domain='+domain+'&action='+action+'&dkim_selector='+selector+'&dkim_public='+publickey+'&dkim_private='+privatekey);
+ request.send('domain='+domain+'&dkim_selector='+selector+'&dkim_public='+publickey+'&client_id='+clientid);
request.onreadystatechange = interpretRequest;
}
}
@@ -86,10 +94,9 @@
document.getElementsByName('dns_record')[0].value = request.responseXML.getElementsByTagName('dns_record')[0].firstChild.nodeValue;
}
break;
-
default:
break;
}
}
-setRequest('show');
+//setRequest('show');
diff --git a/interface/web/mail/mail_domain_dkim_create.php b/interface/web/mail/mail_domain_dkim_create.php
index 4b59596..565546c 100644
--- a/interface/web/mail/mail_domain_dkim_create.php
+++ b/interface/web/mail/mail_domain_dkim_create.php
@@ -57,23 +57,6 @@
}
/**
- * This function fix PHP's messing up POST input containing characters space, dot,
- * open square bracket and others to be compatible with with the deprecated register_globals
- * @return array POST
- */
-function getRealPOST() {
- $pairs = explode("&", file_get_contents("php://input"));
- $vars = array();
- foreach ($pairs as $pair) {
- $nv = explode("=", $pair, 2);
- $name = urldecode($nv[0]);
- $value = $nv[1];
- $vars[$name] = $value;
- }
- return $vars;
-}
-
-/**
* This function formats the public-key
* @param array $pubkey
* @return string public-key
@@ -101,21 +84,32 @@
* @param string $old_selector
* @return string selector
*/
-function new_selector ($old_selector, $domain) {
+function new_selector ($old_selector, $domain, $client_id = -1) {
global $app;
//* validate post-values
if ( validate_domain($domain) && validate_selector($old_selector) ) {
//* get active selectors from dns
- $soa_rec = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE active = 'Y' AND origin = ?", $domain.'.');
+ $soa_rec = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE active = 'Y' AND origin = ?");
if ( isset($soa_rec) && !empty($soa_rec) ) {
//* check for a dkim-record in the dns?
- $dns_data = $app->db->queryOneRecord("SELECT name FROM dns_rr WHERE name = ? AND active = 'Y'", $old_selector.'._domainkey.'.$domain.'.');
- $selector = str_replace( '._domainkey.'.$domain.'.', '', $dns_data['name']);
- if ( $old_selector == $selector) {
- $selector = substr($old_selector, 0, 53) . time(); //* add unix-timestamp to delimiter to allow old and new key in the dns
- } else {
- $selector = $old_selector;
+ $dns_data = $app->db->queryOneRecord("SELECT name FROM dns_rr WHERE name = ? AND active = 'Y''", $old_selector.'._domainkey.'.$domain.'.');
+ if ( !empty($dns_data) ){
+ $selector = str_replace( '._domainkey.'.$domain.'.', '', $dns_data['name']);
+ } else {
+ }
+ } else { //* no dns-zone found - check for existing mail-domain to create a new selector (we need this if a external dns is used)
+ if ( $client_id >= 0 ) {
+ $sql = "SELECT * from mail_domain WHERE dkim = 'y' AND domain = ? AND dkim_selector = ?";
+ $maildomain = $app->db->queryOneRecord($sql, $domain, $old_selector);
+ if ( !empty($maildomain) ) {
+ $selector = $maildomain['selector'];
}
+ }
+ }
+ if ( $old_selector == $selector) {
+ $selector = substr($old_selector, 0, 53) . time(); //* add unix-timestamp to delimiter to allow old and new key in the dns
+ } else {
+ $selector = $old_selector;
}
} else {
$selector = 'invalid domain or selector';
@@ -123,35 +117,35 @@
return $selector;
}
+$client_id = $app->functions->intval($_POST['client_id']);
+
//* get dkim-strength for server_id
-//$mail_server_id = $app->functions->intval( $app->db->queryOneRecord("SELECT server_id from mail_domain WHERE domain = ?", $_POST['domain']) );
-//$dkim_strength = $app->functions->intval( $app->getconf->get_server_config($mail_server_id, 'mail')['dkim_strength'] );
-$rec = $app->db->queryOneRecord("SELECT server_id from mail_domain WHERE domain = ?", $_POST['domain']);
-$mail_server_id = $app->functions->intval($rec['server_id']);
-unset ($rec);
-$rec = $app->getconf->get_server_config($mail_server_id, 'mail');
-$dkim_strength = $app->functions->intval($rec['dkim_strength']);
-unset ($rec);
-if ( empty($dkim_strength) ) $dkim_strength = 1024;
-
-switch ($_POST['action']) {
- case 'create': /* create DKIM Private-key */
- $_POST=getRealPOST();
- $rnd_val = $dkim_strength * 10;
- exec('openssl rand -out ../../temp/random-data.bin '.$rnd_val.' 2> /dev/null', $output, $result);
- exec('openssl genrsa -rand ../../temp/random-data.bin '.$dkim_strength.' 2> /dev/null', $privkey, $result);
- unlink('../../temp/random-data.bin');
- foreach($privkey as $values) $private_key=$private_key.$values."\n";
- //* check the selector for updated dkim-settings only
- if ( isset($_POST['dkim_public']) && !empty($_POST['dkim_public']) ) $selector = new_selector($_POST['dkim_selector'], $_POST['domain']);
- break;
-
- case 'show': /* show the DNS-Record onLoad */
- $private_key=$_POST['dkim_private'];
- break;
+$sql = "SELECT server_id from mail_domain WHERE domain = ?";
+$mail_server = $app->db->queryOneRecord($sql, $_POST['domain']);
+if ( is_array($mail_server) ) { //* we are adding an existing mail-domain
+ $mail_server_id = $app->functions->intval( $mail_server['server_id'] );
+} else {
+ $sql = "SELECT default_mailserver FROM client WHERE client_id = ?";
+ $mail_server = $app->db->queryOneRecord($sql, $client_id);
+ $mail_server_id = $app->functions->intval( $mail_server['default_mailserver'] );
}
+unset($mail_server);
+$mail_config = $app->getconf->get_server_config($mail_server_id, 'mail');
+$dkim_strength = $app->functions->intval($mail_config['dkim_strength']);
+unset($mail_config);
-$public_key=get_public_key($private_key, $dkim_strength);
+if ( empty($dkim_strength) ) $dkim_strength = 2048;
+
+$rnd_val = $dkim_strength * 10;
+exec('openssl rand -out ../../temp/random-data.bin '.$rnd_val.' 2> /dev/null', $output, $result);
+exec('openssl genrsa -rand ../../temp/random-data.bin '.$dkim_strength.' 2> /dev/null', $privkey, $result);
+unlink("../../temp/random-data.bin");
+foreach($privkey as $values) $private_key=$private_key.$values."\n";
+//* check the selector for updated dkim-settings only
+if ( isset($_POST['dkim_public']) && !empty($_POST['dkim_public']) ) $selector = new_selector($_POST['dkim_selector'], $_POST['domain'], $client_id);
+
+if ( !isset($public_key) ) $public_key=get_public_key($private_key, $dkim_strength);
+
$dns_record=str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$public_key);
if ( !isset($selector) ) {
diff --git a/interface/web/mail/mail_domain_edit.php b/interface/web/mail/mail_domain_edit.php
old mode 100644
new mode 100755
index b3ea30b..db2a8f3
--- a/interface/web/mail/mail_domain_edit.php
+++ b/interface/web/mail/mail_domain_edit.php
@@ -206,6 +206,16 @@
$app->tpl->setVar("edit_disabled", 0);
}
+ // load dkim-values
+ $sql = "SELECT domain, dkim_private, dkim_public, dkim_selector FROM mail_domain WHERE domain_id = ?";
+ $rec = $app->db->queryOneRecord($sql, $app->functions->intval($_GET['id']));
+ $dns_key = str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$rec['dkim_public']);
+ $dns_record = '.' . $rec['dkim_selector'] . '_domainkey._' . $rec['domain'] . '. 3600 TXT v=DKIM1; t=s; p=' . $dns_key;
+ $app->tpl->setVar('dkim_selector', $rec['dkim_selector']);
+ $app->tpl->setVar('dkim_private', $rec['dkim_private']);
+ $app->tpl->setVar('dkim_public', $rec['dkim_public']);
+ if (isset($rec['dkim_public'])) $app->tpl->setVar('dns_record', $dns_record);
+
parent::onShowEnd();
}
@@ -286,36 +296,6 @@
}
} // endif spamfilter policy
- //* create dns-record with dkim-values if the zone exists
- if ( (isset($this->dataRecord['dkim']) && $this->dataRecord['dkim'] == 'y') && (isset($this->dataRecord['active']) && $this->dataRecord['active'] == 'y') ) {
- $soa_rec = $app->db->queryOneRecord("SELECT id AS zone, sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, server_id, ttl, serial FROM dns_soa WHERE active = 'Y' AND origin = ?", $this->dataRecord['domain'].'.');
- if ( isset($soa_rec) && !empty($soa_rec) ) {
- //* check for a dkim-record in the dns
- $dns_data = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE name = ? AND sys_groupid = ?", $this->dataRecord['dkim_selector'].'._domainkey.'.$this->dataRecord['domain'].'.', $_SESSION["s"]["user"]['sys_groupid']);
- if ( isset($dns_data) && !empty($dns_data) ) {
- $dns_data['data'] = 'v=DKIM1; t=s; p='.str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"), '', $this->dataRecord['dkim_public']);
- $dns_data['active'] = 'Y';
- $dns_data['stamp'] = date('Y-m-d H:i:s');
- $dns_data['serial'] = $app->validate_dns->increase_serial($dns_data['serial']);
- $app->db->datalogUpdate('dns_rr', $dns_data, 'id', $dns_data['id']);
- $zone = $app->db->queryOneRecord("SELECT id, serial FROM dns_soa WHERE active = 'Y' AND id = ?", $dns_data['zone']);
- $new_serial = $app->validate_dns->increase_serial($zone['serial']);
- $app->db->datalogUpdate('dns_soa', "serial = '".$new_serial."'", 'id', $zone['id']);
- } else { //* no dkim-record found - create new record
- $dns_data = $app->db->queryOneRecord("SELECT id AS zone, sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, server_id, ttl, serial FROM dns_soa WHERE active = 'Y' AND origin = ?", $this->dataRecord['domain'].'.');
- $dns_data['name'] = $this->dataRecord['dkim_selector'].'._domainkey.'.$this->dataRecord['domain'].'.';
- $dns_data['type'] = 'TXT';
- $dns_data['data'] = 'v=DKIM1; t=s; p='.str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"), '', $this->dataRecord['dkim_public']);
- $dns_data['aux'] = 0;
- $dns_data['active'] = 'Y';
- $dns_data['stamp'] = date('Y-m-d H:i:s');
- $dns_data['serial'] = $app->validate_dns->increase_serial($dns_data['serial']);
- $app->db->datalogInsert('dns_rr', $dns_data, 'id', $dns_data['zone']);
- $new_serial = $app->validate_dns->increase_serial($soa_rec['serial']);
- $app->db->datalogUpdate('dns_soa', "serial = '".$new_serial."'", 'id', $soa_rec['zone']);
- }
- }
- } //* endif add dns-record
}
function onBeforeUpdate() {
@@ -343,68 +323,6 @@
unset($rec);
}
- //* update dns-record when the dkim record was changed
- // NOTE: only if the domain-name was not changed
-
- //* get domain-data from the db
- $mail_data = $app->db->queryOneRecord("SELECT * FROM mail_domain WHERE domain = ?", $this->dataRecord['domain']);
-
- if ( isset($mail_data) && !empty($mail_data) ) {
- $post_data = $mail_data;
- $post_data['dkim_selector'] = $this->dataRecord['dkim_selector'];
- $post_data['dkim_public'] = $this->dataRecord['dkim_public'];
- $post_data['dkim_private'] = $this->dataRecord['dkim_private'];
- if ( isset($this->dataRecord['dkim']) ) $post_data['dkim'] = 'y'; else $post_data['dkim'] = 'n';
- if ( isset($this->dataRecord['active']) ) $post_data['active'] = 'y'; else $post_data['active'] = 'n';
- }
-
- //* dkim-value changed
- if ( $mail_data != $post_data ) {
- //* get the dns-record for the public from the db
- $dns_data = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE name = ? AND sys_groupid = ?", $mail_data['dkim_selector'].'._domainkey.'.$mail_data['domain'].'.', $mail_data['sys_groupid']);
-
- //* we modify dkim dns-values for active mail-domains only
- if ( $post_data['active'] == 'y' ) {
- if ( $post_data['dkim'] == 'n' ) {
- $new_dns_data['active'] = 'N';
- } else {
- if ( $post_data['dkim_selector'] != $mail_data['dkim_selector'] )
- $new_dns_data['name'] = $post_data['dkim_selector'].'._domainkey.'.$post_data['domain'].'.';
- if ( $post_data['dkim'] != $mail_data['dkim'] )
- $new_dns_data['active'] = 'Y';
- if ( $post_data['active'] != $mail_data['active'] && $post_data['active'] == 'y' )
- $new_dns_data['active'] = 'Y';
- if ( $post_data['dkim_public'] != $mail_data['dkim_public'] )
- $new_dns_data['data'] = 'v=DKIM1; t=s; p='.str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"), '', $post_data['dkim_public']);
- }
- } else $new_dns_data['active'] = 'N';
-
- if ( isset($dns_data) && !empty($dns_data) && isset($new_dns_data) ) {
- //* update dns-record
- $new_dns_data['serial'] = $app->validate_dns->increase_serial($dns_data['serial']);
- $app->db->datalogUpdate('dns_rr', $new_dns_data, 'id', $dns_data['id']);
- $zone = $app->db->queryOneRecord("SELECT id, serial FROM dns_soa WHERE active = 'Y' AND id = ?", $dns_data['zone']);
- $new_serial = $app->validate_dns->increase_serial($zone['serial']);
- $app->db->datalogUpdate('dns_soa', "serial = '".$new_serial."'", 'id', $zone['id']);
- } else {
- //* create a new dns-record
- $new_dns_data = $app->db->queryOneRecord("SELECT id AS zone, sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, server_id, ttl, serial FROM dns_soa WHERE active = 'Y' AND origin = ?", $mail_data['domain'].'.');
- //* create a new record only if the dns-zone exists
- if ( isset($new_dns_data) && !empty($new_dns_data) && $post_data['dkim'] == 'y' ) {
- $new_dns_data['name'] = $post_data['dkim_selector'].'._domainkey.'.$post_data['domain'].'.';
- $new_dns_data['type'] = 'TXT';
- $new_dns_data['data'] = 'v=DKIM1; t=s; p='.str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"), '', $post_data['dkim_public']);
- $new_dns_data['aux'] = 0;
- $new_dns_data['active'] = 'Y';
- $new_dns_data['stamp'] = date('Y-m-d H:i:s');
- $new_dns_data['serial'] = $app->validate_dns->increase_serial($new_dns_data['serial']);
- $app->db->datalogInsert('dns_rr', $new_dns_data, 'id', $new_dns_data['zone']);
- $zone = $app->db->queryOneRecord("SELECT id, serial FROM dns_soa WHERE active = 'Y' AND id = ?", $new_dns_data['zone']);
- $new_serial = $app->validate_dns->increase_serial($zone['serial']);
- $app->db->datalogUpdate('dns_soa', "serial = '".$new_serial."'", 'id', $zone['id']);
- }
- }
- } //* endif $mail_data != $post_data
}
function onAfterUpdate() {
@@ -482,6 +400,65 @@
} // end if domain name changed
+ //* update dns-record when the dkim record was changed
+ // NOTE: only if the domain-name was not changed
+ if ( $this->dataRecord['active'] == 'y' && $this->dataRecord['domain'] == $this->oldDataRecord['domain'] ) {
+ $dkim_active = @($this->dataRecord['dkim'] == 'y') ? true : false;
+ $selector = @($this->dataRecord['dkim_selector'] != $this->oldDataRecord['dkim_selector']) ? true : false;
+ $dkim_private = @($this->dataRecord['dkim_private'] != $this->oldDataRecord['dkim_private']) ? true : false;
+
+ $soa = $app->db->queryOneRecord("SELECT id AS zone, sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, server_id, ttl, serial FROM dns_soa WHERE active = 'Y' AND origin = ?", $this->dataRecord['domain']);
+
+ if ( ($selector || $dkim_private || $dkim_active) && $dkim_active )
+ //* create a new record only if the dns-zone exists
+ if ( isset($soa) && !empty($soa) ) {
+ $this->update_dns($this->dataRecord, $soa);
+ }
+ elseif ( !isset($this->dataRecord['dkim']) ) {
+ // updated existing dmarc-record to policy 'none'
+ $sql = "SELECT * from dns_rr WHERE name ='_dmarc.?.' AND data LIKE 'v=DMARC1%' AND ?";
+ $rec = $app->db->queryOneRecord($sql, $this->dataRecord['domain'], $app->tform->getAuthSQL('r'));
+ if (is_array($rec))
+ if (strpos($rec['data'], 'p=none=') === false) {
+ $rec['data'] = str_replace(array('quarantine', 'reject'), 'none', $rec['data']);
+ $app->db->datalogUpdate('dns_rr', $rec, 'id', $rec['id']);
+ $soa_id = $app->functions->intval($soa['zone']);
+ $serial = $app->validate_dns->increase_serial($soa["serial"]);
+ $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id);
+ }
+ }
+ }
+
+ }
+
+ private function update_dns($dataRecord, $new_rr) {
+ global $app, $conf;
+
+ // purge old rr-record(s)
+ $sql = "SELECT * FROM dns_rr WHERE name LIKE '%._domainkey.?.' AND data LIKE 'v=DKIM1%' AND ? ORDER BY serial DESC";
+ $rec = $app->db->queryAllRecords($sql, $dataRecord['domain'], $app->tform->getAuthSQL('r'));
+ if (is_array($rec[1])) {
+ for ($i=1; $i < count($rec); ++$i)
+ $app->db->datalogDelete('dns_rr', 'id', $rec[$i]['id']);
+ }
+ // also delete a dsn-records with same selector
+ $sql = "SELECT * from dns_rr WHERE name ='?._domainkey.?.' AND data LIKE 'v=DKIM1%' AND ?";
+ $rec = $app->db->queryAllRecords($sql, $dataRecord['dkim_selector'], $dataRecord['domain'], $app->tform->getAuthSQL('r'));
+ if (is_array($rec))
+ foreach ($rec as $del)
+ $app->db->datalogDelete('dns_rr', 'id', $del['id']);
+
+ $new_rr['name'] = $dataRecord['dkim_selector'].'._domainkey.'.$dataRecord['domain'].'.';
+ $new_rr['type'] = 'TXT';
+ $new_rr['data'] = 'v=DKIM1; t=s; p='.str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"), '', $this->dataRecord['dkim_public']);
+ $new_rr['aux'] = 0;
+ $new_rr['active'] = 'Y';
+ $new_rr['stamp'] = date('Y-m-d H:i:s');
+ $new_rr['serial'] = $app->validate_dns->increase_serial($new_rr['serial']);
+ $app->db->datalogInsert('dns_rr', $new_rr, 'id', $new_rr['zone']);
+ $zone = $app->db->queryOneRecord("SELECT id, serial FROM dns_soa WHERE active = 'Y' AND id = ".$app->functions->intval($new_rr['zone']));
+ $new_serial = $app->validate_dns->increase_serial($zone['serial']);
+ $app->db->datalogUpdate('dns_soa', "serial = '".$new_serial."'", 'id', $zone['id']);
}
}
diff --git a/interface/web/mail/templates/mail_domain_edit.htm b/interface/web/mail/templates/mail_domain_edit.htm
index dbd5c6e..04380db 100755
--- a/interface/web/mail/templates/mail_domain_edit.htm
+++ b/interface/web/mail/templates/mail_domain_edit.htm
@@ -102,7 +102,7 @@
<div class="ctrlHolder">
<label for="dkim_private">{tmpl_var name='dkim_private_txt'}</label>
<textarea name="dkim_private" id="dkim_private" rows='10' cols='30'>{tmpl_var name='dkim_private'}</textarea>
-<a href="javascript:setRequest('create')">{tmpl_var name='dkim_generate_txt'}</a>
+ <a href="javascript:setRequest()">{tmpl_var name='dkim_generate_txt'}</a>
</div>
<div class="ctrlHolder">
<textarea name="dkim_public" style="display:none;" id="dkim_public" rows='5' cols='30' readonly>{tmpl_var name='dkim_public'}</textarea>
--
Gitblit v1.9.1