Adding new DKIM - stuff d00p made, fixes #94

actions/admin/settings/180.dkim.php

@@ -56,6 +56,63 @@ return array(
 					'default' => 'dkim-keys.conf',
 					'save_method' => 'storeSettingField',
 					),
+				'dkim_algorithm' => array(
+					'label' => $lng['dkim']['dkim_algorithm'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_algorithm',
+					'type' => 'option',
+					'default' => 'all',
+					'option_mode' => 'multiple',
+					'option_options' => array('all' => 'All', 'sha1' => 'SHA1', 'sha256' => 'SHA256'),
+					'save_method' => 'storeSettingField',
+					),
+				'dkim_servicetype' => array(
+					'label' => $lng['dkim']['dkim_servicetype'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_servicetype',
+					'type' => 'option',
+					'default' => '0',
+					'option_mode' => 'one',
+					'option_options' => array('0' => 'All', '1' => 'E-Mail'),
+					'save_method' => 'storeSettingField',
+					),
+				'dkim_keylength' => array(
+					'label' => $lng['dkim']['dkim_keylength'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_keylength',
+					'type' => 'option',
+					'default' => '1024',
+					'option_mode' => 'one',
+					'option_options' => array('1024' => '1024 Bit', '2048' => '2048 Bit'),
+					'save_method' => 'storeSettingField',
+					),
+				'dkim_notes' => array(
+					'label' => $lng['dkim']['dkim_notes'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_notes',
+					'type' => 'string',
+					'string_regexp' => '/^[a-z0-9\._]+$/i',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
+				'dkim_add_adsp' => array(
+					'label' => $lng['dkim']['dkim_add_adsp'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_add_adsp',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'dkim_add_adsppolicy' => array(
+					'label' => $lng['dkim']['dkim_add_adsppolicy'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_add_adsppolicy',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options' => array('0' => 'Unknown', '1' => 'All', '2' => 'Discardable'),
+					'save_method' => 'storeSettingField',
+					),
 				'dkimrestart_command' => array(
 					'label' => $lng['dkim']['dkimrestart_command'],
 					'settinggroup' => 'dkim',

install/froxlor.sql

@@ -451,7 +451,7 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (18, 'system', 'vmail_homedir', '/var/customers/mail/');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (19, 'system', 'bindconf_directory', '/etc/bind/');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (20, 'system', 'bindreload_command', '/etc/init.d/bind9 reload');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (22, 'panel', 'version', '0.9.3-svn3');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (22, 'panel', 'version', '0.9.3-svn4');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (23, 'system', 'hostname', 'SERVERNAME');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (24, 'login', 'maxloginattempts', '3');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (25, 'login', 'deactivatetime', '900');
@@ -550,6 +550,11 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (119, 'system', 'store_index_file_subs', '1');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (120, 'panel', 'adminmail_defname', 'Froxlor Administrator');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (121, 'panel', 'adminmail_return', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (122, 'dkim', 'dkim_algorithm', 'all');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (123, 'dkim', 'dkim_add_adsp', '1');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (124, 'dkim', 'dkim_keylength', '1024');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (125, 'dkim', 'dkim_servicetype', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (126, 'dkim', 'dkim_add_adsppolicy', '1');
 
 # --------------------------------------------------------
 

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -358,4 +358,19 @@ if(isFroxlorVersion('0.9.3-svn2'))
 	updateToVersion('0.9.3-svn3');
 }
 
+if(isFroxlorVersion('0.9.3-svn3'))
+{
+	showUpdateStep("Updating from 0.9.3-svn3 to 0.9.3-svn4", false);
+
+	showUpdateStep("Adding new DKIM settings");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_algorithm', 'all');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_add_adsp', '1');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_keylength', '1024');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_servicetype', '0');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_add_adsppolicy', '1');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.3-svn4');
+}
+
 ?>

lib/configfiles/gentoo.inc.php

@@ -131,19 +131,21 @@ return Array(
 					'dkim' => Array(
 						'label' => 'DomainKey filter',
 						'commands_1' => Array(
+							'emerge dkim-milter',
+							'emerge --config mail-filter/dkim-milter',
 							'mkdir -p /etc/postfix/dkim'
 						),
 						'files' => Array(
-							'dkim-filter.conf' => '/etc/postfix/dkim/dkim-filter.conf'
+							'dkim-filter.conf' => '/etc/mail/dkim-filter/dkim-filter.conf'
 						),
 						'commands_2' => Array(
-							'chgrp postfix /etc/postfix/dkim/dkim-filter.conf',
+							'echo "smtpd_milters = inet:localhost:8891
-							'echo "smtpd_milters = inet:localhost:8891\n
+milter_macro_daemon_name = SIGNING
-milter_macro_daemon_name = SIGNING\n
+milter_default_action = accept" >> /etc/postfix/main.cf'
-milter_default_action = accept\n" >> /etc/postfix/main.cf'
 						),
 						'restart' => Array(
-							'/etc/init.d/dkim-filter restart'
+							'rc-update add dkim-filter default',
+							'/etc/init.d/postfix restart'
 						)
 					)
 				)

lib/tables.inc.php

@@ -68,7 +68,7 @@ define('PACKAGE_ENABLED', 2);
 
 // VERSION INFO
 
-$version = '0.9.3-svn3';
+$version = '0.9.3-svn4';
 $dbversion = '2';
 $branding = '';
 

lng/english.lng.php

@@ -1319,4 +1319,16 @@ $lng['serversettings']['adminmail_return']['title'] = 'Reply-To address';
 $lng['serversettings']['adminmail_return']['description'] = 'Define an e-mail address as reply-to-address for mails sent by the panel.';
 $lng['serversettings']['adminmail_defname'] = 'Panel e-mail sender name';
 
+// ADDED IN FROXLOR 0.9.3-svn3
+$lng['dkim']['dkim_algorithm']['title'] = 'Allowed Hash Algorithms';
+$lng['dkim']['dkim_algorithm']['description'] = 'Define allowed hash algorithms, chose "All" for all algorithms or one or more from the other available algorithms';
+$lng['dkim']['dkim_servicetype'] = 'Service Types';
+$lng['dkim']['dkim_keylength'] = 'Key-length';
+$lng['dkim']['dkim_notes']['title'] = 'DKIM Notes';
+$lng['dkim']['dkim_notes']['description'] = 'Notes that might be of interest to a human, e.g. a URL like http://www.dnswatch.info. No interpretation is made by any program. This tag should be used sparingly due to space limitations in DNS. This is intended for use by administrators, not end users.';
+$lng['dkim']['dkim_add_adsp']['title'] = 'Add DKIM ADSP entry';
+$lng['dkim']['dkim_add_adsp']['description'] = 'If you don\'t know what this is, leave it "enabled"';
+$lng['dkim']['dkim_add_adsppolicy']['title'] = 'ADSP policy';
+$lng['dkim']['dkim_add_adsppolicy']['description'] = 'For more information about this setting see <a href="http://wiki.froxlor.org/contrib/dkim-adsp-policies">http://wiki.froxlor.org/contrib/dkim-adsp-policies</a>';
+
 ?>

scripts/jobs/cron_tasks.inc.dns.10.bind.php

@@ -226,12 +226,10 @@ class bind
 			$zonefile.= $this->settings['spf']['spf_entry'] . "\n";
 		}
 
-		if($this->settings['dkim']['use_dkim'] == '1'
+		/**
-		   && $domain['dkim'] == '1'
+		 * generate dkim-zone-entries
-		   && $domain['dkim_pubkey'] != '')
+		 */
-		{
+		$zonefile.= $this->generateDkim($domain);
-			$zonefile.= 'dkim_' . $domain['dkim_id'] . '._domainkey	IN	TXT	"v=DKIM1; k=rsa; p=' . trim(preg_replace('/-----BEGIN PUBLIC KEY-----(.+)-----END PUBLIC KEY-----/s', '$1', str_replace("\n", '', $domain['dkim_pubkey']))) . '"' . "\n";
-		}
 
 		$nssubdomains = $this->db->query('SELECT `domain` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `isbinddomain`=\'1\' AND `domain` LIKE \'%.' . $domain['domain'] . '\'');
 
@@ -273,6 +271,88 @@ class bind
 		return $zonefile;
 	}
 	
+	private function generateDkim($domain)
+	{
+		$zone_dkim = '';
+
+		if($this->settings['dkim']['use_dkim'] == '1'
+		   && $domain['dkim'] == '1'
+		   && $domain['dkim_pubkey'] != '')
+		{
+			// start
+			$dkim_txt = 'v=DKIM1;';
+
+			// algorithm
+			$algorithm = explode(',', $this->settings['dkim']['dkim_algorithm']);
+			$alg = '';
+			foreach($algorithm as $a)
+			{
+				if($a == 'all')
+				{
+					break;
+				}
+				else
+				{
+					$alg.=$a.':';
+				}
+			}
+			if($alg != '') 
+			{
+				$alg = substr($alg, 0, -1);
+				$dkim_txt.= 'h='.$alg.';';
+			}
+			
+			// notes
+			if(trim($this->settings['dkim']['dkim_notes'] != ''))
+			{
+				$dkim_txt.= 'n='.trim($this->settings['dkim']['dkim_notes']).';';
+			}
+
+			// key
+			$dkim_txt.= 'k=rsa;p='.trim(preg_replace('/-----BEGIN PUBLIC KEY-----(.+)-----END PUBLIC KEY-----/s', '$1', str_replace("\n", '', $domain['dkim_pubkey']))).';';
+			
+			// service-type
+			if($this->settings['dkim']['dkim_servicetype'] == '1')
+			{
+				$dkim_txt.=	's=email;';
+			}
+			
+			// end-part
+			$dkim_txt.='t=s';
+			
+			// split if necessary
+			$txt_record_split='';
+			$lbr=50;
+			for($pos=0; $pos<=strlen($dkim_txt)-1; $pos+=$lbr)
+			{
+				$txt_record_split.= (($pos==0) ? '("' : "\t\t\t\t\t \"") . substr($dkim_txt, $pos, $lbr) . (($pos>=strlen($dkim_txt)-$lbr) ? '")' : '"' ) ."\n";
+			}
+
+			// dkim-entry
+			$zone_dkim .= 'dkim_' . $domain['dkim_id'] . '._domainkey IN TXT ' . $txt_record_split;
+			
+			// adsp-entry
+			if($this->settings['dkim']['dkim_add_adsp'] == "1")
+			{
+				$zone_dkim .= '_adsp._domainkey IN TXT "dkim=';
+				switch((int)$this->settings['dkim']['dkim_add_adsppolicy'])
+				{
+					case 0:
+						$zone_dkim .= 'unknown"'. "\n";
+						break;
+					case 1:
+						$zone_dkim .= 'all"'. "\n";
+						break;
+					case 2:
+						$zone_dkim .= 'discardable"'. "\n";
+						break;
+				}
+			}
+		}
+
+		return $zone_dkim;
+	}
+
 	public function writeDKIMconfigs()
 	{
 		if($this->settings['dkim']['use_dkim'] == '1')
@@ -298,7 +378,7 @@ class bind
 					$max_dkim_id = $this->db->query_first("SELECT MAX(`dkim_id`) as `max_dkim_id` FROM `" . TABLE_PANEL_DOMAINS . "`");
 					$domain['dkim_id'] = (int)$max_dkim_id['max_dkim_id'] + 1;
 					$privkey_filename = makeCorrectFile($this->settings['dkim']['dkim_prefix'] . '/dkim_' . $domain['dkim_id']);
-					safe_exec('openssl genrsa -out ' . escapeshellarg($privkey_filename) . ' 1024');
+					safe_exec('openssl genrsa -out ' . escapeshellarg($privkey_filename) . ' ' . $this->settings['dkim']['dkim_keylength']);
 					$domain['dkim_privkey'] = file_get_contents($privkey_filename);
 					safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
 					$pubkey_filename = makeCorrectFile($this->settings['dkim']['dkim_prefix'] . '/dkim_' . $domain['dkim_id'] . '.public');

templates/misc/configfiles/gentoo/dkim/dkim-filter.conf

@@ -1,3 +1,10 @@
+#
+# !!! DO NOT REPLACE THE ORIGINAL CONFIG WITH THIS FILE !!!
+#
+# Instead, just set the shown values in the file to the
+# given values ;-)
+#
+
 Syslog			yes
 Domain			/etc/postfix/dkim/domains
-KeyList			/etc/postfix/dkim/dkim-keys.conf
+KeyList		/etc/postfix/dkim/dkim-keys.conf