From 4f3a539f03893f0ddff60ff2b529a8fb1d22fab6 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Mon, 15 Feb 2016 15:12:40 +0000
Subject: [PATCH] Add global trusted keys option

---
 src/libserver/cfg_file.h  | 2 ++
 src/libserver/cfg_rcl.c   | 7 ++++++-
 src/libserver/cfg_utils.c | 3 +++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/libserver/cfg_file.h b/src/libserver/cfg_file.h
index 44e838dd6..8fb0075bc 100644
--- a/src/libserver/cfg_file.h
+++ b/src/libserver/cfg_file.h
@@ -350,6 +350,8 @@ struct rspamd_config {
 
 	struct rspamd_re_cache *re_cache;				/**< static regexp cache								*/
 
+	GHashTable *trusted_keys;						/**< list of trusted public keys						*/
+
 	ref_entry_t ref;								/**< reference counter									*/
 };
 
diff --git a/src/libserver/cfg_rcl.c b/src/libserver/cfg_rcl.c
index 9b05c1396..cae9317d6 100644
--- a/src/libserver/cfg_rcl.c
+++ b/src/libserver/cfg_rcl.c
@@ -1675,7 +1675,12 @@ rspamd_rcl_config_init (struct rspamd_config *cfg)
 			G_STRUCT_OFFSET (struct rspamd_config, local_addrs),
 			0,
 			"Use the specified addresses as local ones (alias for `local_addrs`)");
-
+	rspamd_rcl_add_default_handler (sub,
+			"trusted_keys",
+			rspamd_rcl_parse_struct_string_list,
+			G_STRUCT_OFFSET (struct rspamd_config, trusted_keys),
+			RSPAMD_CL_FLAG_STRING_LIST_HASH,
+			"List of trusted public keys used for signatures in base32 encoding");
 	/* New DNS configuration */
 	ssub = rspamd_rcl_add_section_doc (&sub->subsections, "dns", NULL, NULL,
 			UCL_OBJECT, FALSE, TRUE,
diff --git a/src/libserver/cfg_utils.c b/src/libserver/cfg_utils.c
index 5bd4c0668..1b924859f 100644
--- a/src/libserver/cfg_utils.c
+++ b/src/libserver/cfg_utils.c
@@ -128,6 +128,8 @@ rspamd_config_new (void)
 	cfg->debug_modules = g_hash_table_new (rspamd_str_hash, rspamd_str_equal);
 	cfg->explicit_modules = g_hash_table_new (rspamd_str_hash, rspamd_str_equal);
 	cfg->wrk_parsers = g_hash_table_new (g_int_hash, g_int_equal);
+	cfg->trusted_keys = g_hash_table_new (rspamd_str_hash,
+				rspamd_str_equal);
 
 	cfg->map_timeout = DEFAULT_MAP_TIMEOUT;
 
@@ -182,6 +184,7 @@ rspamd_config_free (struct rspamd_config *cfg)
 	g_hash_table_unref (cfg->debug_modules);
 	g_hash_table_unref (cfg->explicit_modules);
 	g_hash_table_unref (cfg->wrk_parsers);
+	g_hash_table_unref (cfg->trusted_keys);
 
 	if (cfg->checksum) {
 		g_free (cfg->checksum);
-- 
2.39.5