[Web] Fix duplicating DKIM keys: Duplicated keys were invalid, fixes #3578

master
andryyy 2020-05-28 08:53:27 +02:00
parent 6106206790
commit 60da09c0dc
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
1 changed files with 28 additions and 28 deletions

View File

@ -1,6 +1,6 @@
<?php <?php
function dkim($_action, $_data = null) { function dkim($_action, $_data = null, $privkey = false) {
global $redis; global $redis;
global $lang; global $lang;
switch ($_action) { switch ($_action) {
@ -8,7 +8,7 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") { if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, ),
'msg' => 'access_denied' 'msg' => 'access_denied'
); );
return false; return false;
@ -21,7 +21,7 @@ function dkim($_action, $_data = null) {
if (!is_valid_domain_name($domain) || !is_numeric($key_length)) { if (!is_valid_domain_name($domain) || !is_numeric($key_length)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain) 'msg' => array('dkim_domain_or_sel_invalid', $domain)
); );
continue; continue;
@ -29,7 +29,7 @@ function dkim($_action, $_data = null) {
if ($redis->hGet('DKIM_PUB_KEYS', $domain)) { if ($redis->hGet('DKIM_PUB_KEYS', $domain)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain) 'msg' => array('dkim_domain_or_sel_invalid', $domain)
); );
continue; continue;
@ -37,7 +37,7 @@ function dkim($_action, $_data = null) {
if (!ctype_alnum($dkim_selector)) { if (!ctype_alnum($dkim_selector)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain) 'msg' => array('dkim_domain_or_sel_invalid', $domain)
); );
continue; continue;
@ -62,7 +62,7 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) { catch (RedisException $e) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e) 'msg' => array('redis_error', $e)
); );
continue; continue;
@ -76,7 +76,7 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) { catch (RedisException $e) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e) 'msg' => array('redis_error', $e)
); );
continue; continue;
@ -84,14 +84,14 @@ function dkim($_action, $_data = null) {
} }
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'success', 'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_added', $domain) 'msg' => array('dkim_added', $domain)
); );
} }
else { else {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain) 'msg' => array('dkim_domain_or_sel_invalid', $domain)
); );
continue; continue;
@ -102,17 +102,17 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") { if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => 'access_denied' 'msg' => 'access_denied'
); );
return false; return false;
} }
$from_domain = $_data['from_domain']; $from_domain = $_data['from_domain'];
$from_domain_dkim = dkim('details', $from_domain); $from_domain_dkim = dkim('details', $from_domain, true);
if (empty($from_domain_dkim)) { if (empty($from_domain_dkim)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $from_domain) 'msg' => array('dkim_domain_or_sel_invalid', $from_domain)
); );
continue; continue;
@ -128,14 +128,14 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) { catch (RedisException $e) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e) 'msg' => array('redis_error', $e)
); );
continue; continue;
} }
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'success', 'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_duplicated', $from_domain, $to_domain) 'msg' => array('dkim_duplicated', $from_domain, $to_domain)
); );
} }
@ -144,7 +144,7 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") { if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => 'access_denied' 'msg' => 'access_denied'
); );
return false; return false;
@ -155,7 +155,7 @@ function dkim($_action, $_data = null) {
if ($ssl_error = openssl_error_string()) { if ($ssl_error = openssl_error_string()) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('private_key_error', $ssl_error) 'msg' => array('private_key_error', $ssl_error)
); );
return false; return false;
@ -172,7 +172,7 @@ function dkim($_action, $_data = null) {
if (!is_valid_domain_name($domain)) { if (!is_valid_domain_name($domain)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain) 'msg' => array('dkim_domain_or_sel_invalid', $domain)
); );
return false; return false;
@ -180,7 +180,7 @@ function dkim($_action, $_data = null) {
if ($redis->hGet('DKIM_PUB_KEYS', $domain)) { if ($redis->hGet('DKIM_PUB_KEYS', $domain)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain) 'msg' => array('dkim_domain_or_sel_invalid', $domain)
); );
return false; return false;
@ -188,7 +188,7 @@ function dkim($_action, $_data = null) {
if (!ctype_alnum($dkim_selector)) { if (!ctype_alnum($dkim_selector)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain) 'msg' => array('dkim_domain_or_sel_invalid', $domain)
); );
return false; return false;
@ -201,7 +201,7 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) { catch (RedisException $e) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e) 'msg' => array('redis_error', $e)
); );
return false; return false;
@ -214,14 +214,14 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) { catch (RedisException $e) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e) 'msg' => array('redis_error', $e)
); );
return false; return false;
} }
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'success', 'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_added', $domain) 'msg' => array('dkim_added', $domain)
); );
return true; return true;
@ -253,7 +253,7 @@ function dkim($_action, $_data = null) {
$dkimdata['dkim_txt'] = 'v=DKIM1;k=rsa;t=s;s=email;p=' . $redis_dkim_key_data; $dkimdata['dkim_txt'] = 'v=DKIM1;k=rsa;t=s;s=email;p=' . $redis_dkim_key_data;
} }
$dkimdata['dkim_selector'] = $redis->hGet('DKIM_SELECTORS', $_data); $dkimdata['dkim_selector'] = $redis->hGet('DKIM_SELECTORS', $_data);
if ($GLOBALS['SHOW_DKIM_PRIV_KEYS']) { if ($GLOBALS['SHOW_DKIM_PRIV_KEYS'] || $privkey == true) {
$dkimdata['privkey'] = base64_encode($redis->hGet('DKIM_PRIV_KEYS', $dkimdata['dkim_selector'] . '.' . $_data)); $dkimdata['privkey'] = base64_encode($redis->hGet('DKIM_PRIV_KEYS', $dkimdata['dkim_selector'] . '.' . $_data));
} }
else { else {
@ -266,7 +266,7 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") { if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => 'access_denied' 'msg' => 'access_denied'
); );
return false; return false;
@ -282,7 +282,7 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") { if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => 'access_denied' 'msg' => 'access_denied'
); );
return false; return false;
@ -291,7 +291,7 @@ function dkim($_action, $_data = null) {
if (!is_valid_domain_name($domain)) { if (!is_valid_domain_name($domain)) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain) 'msg' => array('dkim_domain_or_sel_invalid', $domain)
); );
continue; continue;
@ -305,14 +305,14 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) { catch (RedisException $e) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'danger', 'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e) 'msg' => array('redis_error', $e)
); );
continue; continue;
} }
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'success', 'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data), 'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_removed', htmlspecialchars($domain)) 'msg' => array('dkim_removed', htmlspecialchars($domain))
); );
} }