1 diff -urN dkfilter-0.11.orig/scripts/dkfilter.out dkfilter-0.11/scripts/dkfilter.out
2 --- dkfilter-0.11.orig/scripts/dkfilter.out 2006-09-21 16:21:36.000000000 +0200
3 +++ dkfilter-0.11/scripts/dkfilter.out 2006-12-05 20:43:15.000000000 +0100
5 # GNU General Public License for more details.
7 # Written by Bennett Todd <bet@rahul.net>
8 +# Support for multiple keys and configuration file added by
9 +# Xavier Perseguers <xavier.perseguers@a3.epfl.ch>
23 my $reject_fail = 0; # not actually used in this filter
28 -my $method = "simple";
35 "reject-fail" => \$reject_fail,
36 "reject-error" => \$reject_error,
37 "hostname=s" => \$hostname,
38 - "keyfile=s" => \$keyfile,
39 - "selector=s" => \$selector,
40 - "domain=s" => \$domain_arg,
41 - "method=s" => \$method,
42 + "configfile=s" => \$configfile,
43 "headers" => \$headers,
44 "user=s" => \$setuser,
45 "group=s" => \$setgroup,
47 pod2usage("Error: source or destination port is missing");
50 -unless (defined $keyfile)
51 +unless (defined $configfile)
53 - pod2usage("Error: no keyfile specified");
54 + pod2usage("Error: no configfile specified");
57 +unless (-r $configfile)
59 - pod2usage("Error: cannot read keyfile $keyfile");
60 + pod2usage("Error: cannot read configfile $configfile");
62 -unless (defined $selector)
64 +# Parse the configuration file
66 +my $state = AppConfig::State->new();
70 + ARGCOUNT => AppConfig::ARGCOUNT_LIST
72 + 'domain_selector', {
73 + ARGCOUNT => AppConfig::ARGCOUNT_LIST
76 + ARGCOUNT => AppConfig::ARGCOUNT_LIST,
77 + VALIDATE => \&check_method
79 + 'domain_private_key', {
80 + ARGCOUNT => AppConfig::ARGCOUNT_LIST,
81 + VALIDATE => \&check_private_key
89 + return ($val eq "simple" || $val eq "nofws") ? 1 : 0;
92 +sub check_private_key {
96 + return (-r $val) ? 1 : 0;
99 +my $config = AppConfig::File->new($state);
100 +$config->parse($configfile);
102 +my $domains = $state->get('domain_name');
103 +my $_methods = $state->get('domain_method');
104 +my $_selectors = $state->get('domain_selector');
105 +my $_keys = $state->get('domain_private_key');
107 +unless ( scalar @$domains == scalar @$_methods )
109 - pod2usage("Error: selector not specified");
110 + pod2usage("Error: number of methods is different than number of domains");
112 -unless (defined $domain_arg)
113 +unless ( scalar @$domains == scalar @$_selectors )
115 - pod2usage("Error: domain not specified");
116 + pod2usage("Error: number of selectors is different than number of domains");
118 -my @domains = split(/,\s*/, $domain_arg);
120 +unless ( scalar @$domains == scalar @$_keys )
122 - pod2usage("Error: domain not specified");
123 + pod2usage("Error: number of private keys is different than number of domains");
125 -unless ($method eq "simple" || $method eq "nofws")
131 +for ( my $i = 0; $i < scalar @$domains; $i++ )
133 - die "Error: invalid method; must be simple or nofws\n";
134 + $methods{ @$domains[$i] } = @$_methods[$i];
135 + $selectors{ @$domains[$i] } = @$_selectors[$i];
136 + $keys{ @$domains[$i] } = @$_keys[$i];
139 +# Compare number of key files and number of domains
140 +# If there is only one key file, each domain will use
141 +# the same key (dkfilter original version). Otherwise
142 +# there should be as many key file as domain definitions.
143 +# If all goes well, create a hash with a key for each domain.
145 use base "MySmtpProxyServer";
152 - if (grep { lc($_) eq $domain } @domains)
153 + if (grep { lc($_) eq $domain } @$domains)
157 @@ -177,14 +230,14 @@
160 # message has no senderdomain
161 - $domain = $domains[0];
162 + $domain = @$domains[0];
165 $result = $mess->sign(
167 - Selector => $selector,
168 + Method => $methods{ $domain },
169 + Selector => $selectors{ $domain },
171 - KeyFile => $keyfile,
172 + KeyFile => $keys{ $domain },
175 $result_detail = $mess->result_detail;
177 dkfilter.out [options] listen.addr:port talk.addr:port
181 - --selector=SELECTOR
183 - --method=simple|nofws
184 + --configfile=filename
190 to see a full description of the various options
192 + Format of the configuration file:
194 + # ------------------------------------------
199 + selector = SELECTOR
200 + private_key = FILENAME
204 + name = otherdomain.tld
206 + selector = SELECTOR
207 + private_key = FILENAME
208 + # ------------------------------------------
213 @@ -274,17 +342,18 @@
215 The most common error is a message parse error.
217 -=item B<--keyfile=FILENAME>
218 +=item B<--configfile=FILENAME>
220 This is a required argument. Use it to specify the filename containing
221 -the private key used in signing outgoing messages.
222 +the configuration of domains and private keys used in signing outgoing
225 -=item B<--selector=SELECTOR>
228 This is a required argument. Use it to specify the name of the key
231 -=item B<--domain=DOMAIN>
234 This is a required argument. Use it to specify what domain(s) emails
235 are signed for. If you want to sign for multiple domains, specify the
236 @@ -293,11 +362,10 @@
237 specified in this argument. If it sees a match, it will sign the message
238 using the matching domain.
240 -=item B<--method=simple|nofws>
243 This option specifies the canonicalization algorithm to use for signing
244 -messages. Specify either C<simple> or C<nofws>. If not specified,
245 -the default is C<simple>.
246 +messages. Specify either C<simple> or C<nofws>.
254 - dkfilter.out --keyfile=private.key --selector=sydney \
255 - --domain=example.org 127.0.0.1:10027 127.0.0.1:10028
256 + dkfilter.out --configfile=/etc/dkfilter.conf \
257 + 127.0.0.1:10027 127.0.0.1:10028