[Web] Fix duplicating DKIM keys: Duplicated keys were invalid, fixes #3578

This commit is contained in:
andryyy 2020-05-28 08:53:27 +02:00
parent 6106206790
commit 60da09c0dc
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF

View File

@ -1,6 +1,6 @@
<?php
function dkim($_action, $_data = null) {
function dkim($_action, $_data = null, $privkey = false) {
global $redis;
global $lang;
switch ($_action) {
@ -8,7 +8,7 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, ),
'msg' => 'access_denied'
);
return false;
@ -21,7 +21,7 @@ function dkim($_action, $_data = null) {
if (!is_valid_domain_name($domain) || !is_numeric($key_length)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain)
);
continue;
@ -29,7 +29,7 @@ function dkim($_action, $_data = null) {
if ($redis->hGet('DKIM_PUB_KEYS', $domain)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain)
);
continue;
@ -37,7 +37,7 @@ function dkim($_action, $_data = null) {
if (!ctype_alnum($dkim_selector)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain)
);
continue;
@ -62,7 +62,7 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e)
);
continue;
@ -76,7 +76,7 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e)
);
continue;
@ -84,14 +84,14 @@ function dkim($_action, $_data = null) {
}
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_added', $domain)
);
}
else {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain)
);
continue;
@ -102,17 +102,17 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => 'access_denied'
);
return false;
}
$from_domain = $_data['from_domain'];
$from_domain_dkim = dkim('details', $from_domain);
$from_domain_dkim = dkim('details', $from_domain, true);
if (empty($from_domain_dkim)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $from_domain)
);
continue;
@ -128,14 +128,14 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e)
);
continue;
}
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_duplicated', $from_domain, $to_domain)
);
}
@ -144,7 +144,7 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => 'access_denied'
);
return false;
@ -155,7 +155,7 @@ function dkim($_action, $_data = null) {
if ($ssl_error = openssl_error_string()) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('private_key_error', $ssl_error)
);
return false;
@ -172,7 +172,7 @@ function dkim($_action, $_data = null) {
if (!is_valid_domain_name($domain)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain)
);
return false;
@ -180,7 +180,7 @@ function dkim($_action, $_data = null) {
if ($redis->hGet('DKIM_PUB_KEYS', $domain)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain)
);
return false;
@ -188,7 +188,7 @@ function dkim($_action, $_data = null) {
if (!ctype_alnum($dkim_selector)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain)
);
return false;
@ -201,7 +201,7 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e)
);
return false;
@ -214,14 +214,14 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e)
);
return false;
}
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_added', $domain)
);
return true;
@ -253,7 +253,7 @@ function dkim($_action, $_data = null) {
$dkimdata['dkim_txt'] = 'v=DKIM1;k=rsa;t=s;s=email;p=' . $redis_dkim_key_data;
}
$dkimdata['dkim_selector'] = $redis->hGet('DKIM_SELECTORS', $_data);
if ($GLOBALS['SHOW_DKIM_PRIV_KEYS']) {
if ($GLOBALS['SHOW_DKIM_PRIV_KEYS'] || $privkey == true) {
$dkimdata['privkey'] = base64_encode($redis->hGet('DKIM_PRIV_KEYS', $dkimdata['dkim_selector'] . '.' . $_data));
}
else {
@ -266,7 +266,7 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => 'access_denied'
);
return false;
@ -282,7 +282,7 @@ function dkim($_action, $_data = null) {
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => 'access_denied'
);
return false;
@ -291,7 +291,7 @@ function dkim($_action, $_data = null) {
if (!is_valid_domain_name($domain)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_domain_or_sel_invalid', $domain)
);
continue;
@ -305,14 +305,14 @@ function dkim($_action, $_data = null) {
catch (RedisException $e) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('redis_error', $e)
);
continue;
}
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data),
'log' => array(__FUNCTION__, $_action, $_data, $privkey),
'msg' => array('dkim_removed', htmlspecialchars($domain))
);
}