Vsevolod Stakhov
2 mesi fa
2 ha cambiato i file con 22 aggiunte e 25 eliminazioni
+ 4
- 4
lualib/lua_dkim_tools.lua
Vedi File
| end | end | ||||
| end | end | ||||
| exports.sign_using_vault = function(N, task, settings, selectors, sign_func, err_func) | |||||
| exports.sign_using_vault = function(N, task, settings, selector, sign_func, err_func) | |||||
| local http = require "rspamd_http" | local http = require "rspamd_http" | ||||
| local ucl = require "ucl" | local ucl = require "ucl" | ||||
| local full_url = string.format('%s/v1/%s/%s', | local full_url = string.format('%s/v1/%s/%s', | ||||
| settings.vault_url, settings.vault_path or 'dkim', selectors.domain) | |||||
| settings.vault_url, settings.vault_path or 'dkim', selector.domain) | |||||
| local upstream_list = lua_util.http_upstreams_by_url(rspamd_config:get_mempool(), settings.vault_url) | local upstream_list = lua_util.http_upstreams_by_url(rspamd_config:get_mempool(), settings.vault_url) | ||||
| local function vault_callback(err, code, body, _) | local function vault_callback(err, code, body, _) | ||||
| local dkim_sign_data = { | local dkim_sign_data = { | ||||
| rawkey = p.key, | rawkey = p.key, | ||||
| selector = p.selector, | selector = p.selector, | ||||
| domain = p.domain or selectors.domain, | |||||
| domain = p.domain or selector.domain, | |||||
| alg = p.alg, | alg = p.alg, | ||||
| } | } | ||||
| lua_util.debugm(N, task, 'found and parsed key for %s:%s in Vault', | lua_util.debugm(N, task, 'found and parsed key for %s:%s in Vault', | ||||
| if not ret then | if not ret then | ||||
| err_func(task, string.format("cannot make HTTP request to load DKIM data domain %s", | err_func(task, string.format("cannot make HTTP request to load DKIM data domain %s", | ||||
| selectors.domain)) | |||||
| selector.domain)) | |||||
| end | end | ||||
| end | end | ||||
+ 18
- 21
src/plugins/lua/dkim_signing.lua
Vedi File
| if not ret or #selectors == 0 then | if not ret or #selectors == 0 then | ||||
| return | return | ||||
| end | end | ||||
| if settings.use_redis then | if settings.use_redis then | ||||
| -- Use only redis stuff here | |||||
| dkim_sign_tools.sign_using_redis(N, task, settings, selectors, do_sign, sign_error) | dkim_sign_tools.sign_using_redis(N, task, settings, selectors, do_sign, sign_error) | ||||
| else | |||||
| if selectors.vault then | |||||
| dkim_sign_tools.sign_using_vault(N, task, settings, selectors, do_sign, sign_error) | |||||
| return | |||||
| end | |||||
| for _, k in ipairs(selectors) do | |||||
| if k.vault then | |||||
| dkim_sign_tools.sign_using_vault(N, task, settings, k, do_sign, sign_error) | |||||
| else | else | ||||
| if #selectors > 0 then | |||||
| for _, k in ipairs(selectors) do | |||||
| -- templates | |||||
| if k.key then | |||||
| k.key = lua_util.template(k.key, { | |||||
| domain = k.domain, | |||||
| selector = k.selector | |||||
| }) | |||||
| lua_util.debugm(N, task, 'using key "%s", use selector "%s" for domain "%s"', | |||||
| k.key, k.selector, k.domain) | |||||
| end | |||||
| do_sign(task, k) | |||||
| end | |||||
| else | |||||
| rspamd_logger.infox(task, 'key path or dkim selector unconfigured; no signing') | |||||
| return false | |||||
| -- templates | |||||
| if k.key then | |||||
| k.key = lua_util.template(k.key, { | |||||
| domain = k.domain, | |||||
| selector = k.selector | |||||
| }) | |||||
| lua_util.debugm(N, task, 'using key "%s", use selector "%s" for domain "%s"', | |||||
| k.key, k.selector, k.domain) | |||||
| end | end | ||||
| do_sign(task, k) | |||||
| end | end | ||||
| end | end | ||||
| end | end |
Loading…