|
|
@@ -51,13 +51,13 @@ local redis_params |
|
|
|
local sign_func = rspamd_plugins.dkim.sign |
|
|
|
|
|
|
|
local function dkim_signing_cb(task) |
|
|
|
local ret,p = dkim_sign_tools.prepare_dkim_signing(N, task, settings) |
|
|
|
local ret,selectors = dkim_sign_tools.prepare_dkim_signing(N, task, settings) |
|
|
|
|
|
|
|
if not ret then |
|
|
|
return |
|
|
|
end |
|
|
|
|
|
|
|
local function do_sign() |
|
|
|
local function do_sign(p) |
|
|
|
if settings.check_pubkey then |
|
|
|
local resolve_name = p.selector .. "._domainkey." .. p.domain |
|
|
|
task:get_resolver():resolve_txt({ |
|
|
@@ -92,7 +92,7 @@ local function dkim_signing_cb(task) |
|
|
|
end |
|
|
|
|
|
|
|
if settings.use_redis then |
|
|
|
local function try_redis_key(selector) |
|
|
|
local function try_redis_key(selector, p) |
|
|
|
p.key = nil |
|
|
|
p.selector = selector |
|
|
|
local rk = string.format('%s.%s', p.selector, p.domain) |
|
|
@@ -106,7 +106,7 @@ local function dkim_signing_cb(task) |
|
|
|
p.rawkey = data |
|
|
|
lua_util.debugm(N, task, 'found and parsed key for %s:%s in Redis', |
|
|
|
p.domain, p.selector) |
|
|
|
do_sign() |
|
|
|
do_sign(p) |
|
|
|
end |
|
|
|
end |
|
|
|
local rret = rspamd_redis_make_request(task, |
|
|
@@ -121,49 +121,43 @@ local function dkim_signing_cb(task) |
|
|
|
rspamd_logger.infox(task, "cannot make request to load DKIM key for %s", rk) |
|
|
|
end |
|
|
|
end |
|
|
|
if settings.selector_prefix then |
|
|
|
rspamd_logger.infox(task, "Using selector prefix '%s' for domain '%s'", |
|
|
|
settings.selector_prefix, p.domain); |
|
|
|
local function redis_selector_cb(err, data) |
|
|
|
if err or type(data) ~= 'string' then |
|
|
|
rspamd_logger.infox(task, "cannot make request to load DKIM selector for domain %s: %s", p.domain, err) |
|
|
|
else |
|
|
|
try_redis_key(data) |
|
|
|
for _, p in ipairs(selectors) do |
|
|
|
if settings.selector_prefix then |
|
|
|
rspamd_logger.infox(task, "Using selector prefix '%s' for domain '%s'", |
|
|
|
settings.selector_prefix, p.domain); |
|
|
|
local function redis_selector_cb(err, data) |
|
|
|
if err or type(data) ~= 'string' then |
|
|
|
rspamd_logger.infox(task, "cannot make request to load DKIM selector for domain %s: %s", p.domain, err) |
|
|
|
else |
|
|
|
try_redis_key(data, p) |
|
|
|
end |
|
|
|
end |
|
|
|
local rret = lua_redis.redis_make_request(task, |
|
|
|
redis_params, -- connect params |
|
|
|
p.domain, -- hash key |
|
|
|
false, -- is write |
|
|
|
redis_selector_cb, --callback |
|
|
|
'HGET', -- command |
|
|
|
{settings.selector_prefix, p.domain} -- arguments |
|
|
|
) |
|
|
|
if not rret then |
|
|
|
rspamd_logger.infox(task, "cannot make request to load DKIM selector for '%s'", p.domain) |
|
|
|
end |
|
|
|
else |
|
|
|
try_redis_key(p.selector, p) |
|
|
|
end |
|
|
|
local rret = lua_redis.redis_make_request(task, |
|
|
|
redis_params, -- connect params |
|
|
|
p.domain, -- hash key |
|
|
|
false, -- is write |
|
|
|
redis_selector_cb, --callback |
|
|
|
'HGET', -- command |
|
|
|
{settings.selector_prefix, p.domain} -- arguments |
|
|
|
) |
|
|
|
if not rret then |
|
|
|
rspamd_logger.infox(task, "cannot make request to load DKIM selector for '%s'", p.domain) |
|
|
|
end |
|
|
|
else |
|
|
|
if not p.selector then |
|
|
|
rspamd_logger.errx(task, 'No selector specified') |
|
|
|
return false |
|
|
|
end |
|
|
|
try_redis_key(p.selector) |
|
|
|
end |
|
|
|
else |
|
|
|
if #p.keys > 0 then |
|
|
|
for _, k in ipairs(p.keys) do |
|
|
|
if #selectors > 0 then |
|
|
|
for _, k in ipairs(selectors) do |
|
|
|
-- templates |
|
|
|
k.key = lua_util.template(k.key, { |
|
|
|
domain = p.domain, |
|
|
|
domain = k.domain, |
|
|
|
selector = k.selector |
|
|
|
}) |
|
|
|
-- TODO: pass this to the function instead of setting some variable |
|
|
|
p.selector = k.selector |
|
|
|
p.key = k.key |
|
|
|
-- TODO: push handling of multiples keys into sign code |
|
|
|
lua_util.debugm(N, task, 'using key "%s", use selector "%s" for domain "%s"', |
|
|
|
p.key, p.selector, p.domain) |
|
|
|
do_sign() |
|
|
|
k.key, k.selector, k.domain) |
|
|
|
do_sign(k) |
|
|
|
end |
|
|
|
else |
|
|
|
rspamd_logger.infox(task, 'key path or dkim selector unconfigured; no signing') |