add option to specify (optional) fileextension/suffix for generated dkim-private keys; fixes #907

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2024-09-21 10:27:29 +00:00 · 2021-01-20 10:35:46 +01:00 · 2021-01-20 10:35:46 +01:00 · 3a17d03796
commit 3a17d03796
parent 57ae195930
8 changed files with 28 additions and 5 deletions
--- a/actions/admin/settings/180.dkim.php
+++ b/actions/admin/settings/180.dkim.php
@ -39,6 +39,15 @@ return array(
 					'default' => '/etc/postfix/dkim/',
 					'save_method' => 'storeSettingField'
 				),
+				'dkim_privkeysuffix' => array(
+					'label' => $lng['dkim']['privkeysuffix'],
+					'settinggroup' => 'dkim',
+					'varname' => 'privkeysuffix',
+					'type' => 'string',
+					'string_regexp' => '/^[a-z0-9\._]+$/i',
+					'default' => '.priv',
+					'save_method' => 'storeSettingField'
+				),
 				'dkim_domains' => array(
 					'label' => $lng['dkim']['dkim_domains'],
 					'settinggroup' => 'dkim',
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@ -387,6 +387,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('dkim', 'dkim_domains', 'domains'),
 	('dkim', 'dkim_dkimkeys', 'dkim-keys.conf'),
 	('dkim', 'dkimrestart_command', '/etc/init.d/dkim-filter restart'),
+	('dkim', 'privkeysuffix', '.priv'),
 	('admin', 'show_news_feed', '0'),
 	('admin', 'show_version_login', '0'),
 	('admin', 'show_version_footer', '0'),
@ -708,7 +709,7 @@ opcache.interned_strings_buffer'),
 	('panel', 'customer_hide_options', ''),
 	('panel', 'is_configured', '0'),
 	('panel', 'version', '0.10.23.1'),
-	('panel', 'db_version', '202012300');
+	('panel', 'db_version', '202101200');


 DROP TABLE IF EXISTS `panel_tasks`;
--- a/install/updates/froxlor/0.10/update_0.10.inc.php
+++ b/install/updates/froxlor/0.10/update_0.10.inc.php
@ -711,3 +711,12 @@ if (\Froxlor\Froxlor::isDatabaseVersion('202009070')) {

 	\Froxlor\Froxlor::updateToDbVersion('202012300');
 }
+
+if (\Froxlor\Froxlor::isDatabaseVersion('202012300')) {
+
+	showUpdateStep("Adding setting for DKIM private key extension/suffix", true);
+	Settings::AddNew("dkim.privkeysuffix", '.priv');
+	lastStepStatus(0);
+
+	\Froxlor\Froxlor::updateToDbVersion('202101200');
+}
--- a/lib/Froxlor/Cron/Dns/DnsBase.php
+++ b/lib/Froxlor/Cron/Dns/DnsBase.php
@ -200,14 +200,14 @@ abstract class DnsBase

 			while ($domain = $result_domains_stmt->fetch(\PDO::FETCH_ASSOC)) {

-				$privkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . '.priv');
+				$privkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . Settings::Get('dkim.privkeysuffix'));
 				$pubkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . '.public');

 				if ($domain['dkim_privkey'] == '' || $domain['dkim_pubkey'] == '') {
 					$max_dkim_id_stmt = Database::query("SELECT MAX(`dkim_id`) as `max_dkim_id` FROM `" . TABLE_PANEL_DOMAINS . "`");
 					$max_dkim_id = $max_dkim_id_stmt->fetch(\PDO::FETCH_ASSOC);
 					$domain['dkim_id'] = (int) $max_dkim_id['max_dkim_id'] + 1;
-					$privkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . '.priv');
+					$privkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . Settings::Get('dkim.privkeysuffix'));
 					\Froxlor\FileDir::safe_exec('openssl genrsa -out ' . escapeshellarg($privkey_filename) . ' ' . Settings::Get('dkim.dkim_keylength'));
 					$domain['dkim_privkey'] = file_get_contents($privkey_filename);
 					\Froxlor\FileDir::safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
--- a/lib/Froxlor/Froxlor.php
+++ b/lib/Froxlor/Froxlor.php
@ -10,7 +10,7 @@ final class Froxlor
 	const VERSION = '0.10.23.1';

 	// Database version (YYYYMMDDC where C is a daily counter)
-	const DBVERSION = '202012300';
+	const DBVERSION = '202101200';

 	// Distribution branding-tag (used for Debian etc.)
 	const BRANDING = '';
--- a/lib/Froxlor/Settings/Store.php
+++ b/lib/Froxlor/Settings/Store.php
@ -176,7 +176,7 @@ class Store
 		if ($returnvalue !== false) {
 			\Froxlor\System\Cronjob::inserttask('4');
 		}
-		return false;
+		return $returnvalue;
 	}

 	public static function storeSettingHostname($fieldname, $fielddata, $newfieldvalue)
--- a/lng/english.lng.php
+++ b/lng/english.lng.php
@ -702,6 +702,8 @@ $lng['dkim']['dkim_dkimkeys']['title'] = 'KeyList filename';
 $lng['dkim']['dkim_dkimkeys']['description'] = '<em>Filename</em> of the  DKIM KeyList parameter specified in the dkim-milter configuration';
 $lng['dkim']['dkimrestart_command']['title'] = 'Milter restart command';
 $lng['dkim']['dkimrestart_command']['description'] = 'Please specify the restart command for the DKIM milter service';
+$lng['dkim']['privkeysuffix']['title'] = 'Private keys suffix';
+$lng['dkim']['privkeysuffix']['description'] = 'You can specify an (optional) filename extension/suffix for the generate dkim private keys. Some services like dkim-filter requires this to be empty';

 // ADDED IN 1.2.19-svn9

--- a/lng/german.lng.php
+++ b/lng/german.lng.php
@ -695,6 +695,8 @@ $lng['dkim']['dkim_dkimkeys']['title'] = 'KeyList Dateiname';
 $lng['dkim']['dkim_dkimkeys']['description'] = 'Dateiname der DKIM-KeyList-Angabe aus der DKIM-Milter-Konfigurationsdatei.';
 $lng['dkim']['dkimrestart_command']['title'] = 'Milter-Restart-Kommando';
 $lng['dkim']['dkimrestart_command']['description'] = 'Wie lautet das Kommando zum Neustarten des DKIM-Milter-Dienstes?';
+$lng['dkim']['privkeysuffix']['title'] = 'Suffix für Private Keys';
+$lng['dkim']['privkeysuffix']['description'] = 'Hier kann eine (optionale) Dateiendung für die generierten Private Keys angegeben werden. Manche Dienste, wie dkim-filter, erwarten, dass die Schlüssel keine Dateiendung haben (leer).';

 // ADDED IN 1.2.19-svn9