[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

dkimproxy

Bonjour (j'ai oublié le dkimproxy modifier pour que vous ayez les
modifications effectuée),

j'ai trouvé ça sur le sujet mais je ne trouve pas ça suffisant
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886441

En effet il y a un bug dans /etc/init.d/dkimproxy je vous passe mon
fichier modifier (qui fonctionne sauf pour --keyfile). J'ai modifier des
testes en gros if [ -n ...] par des des if [ -z ...].

Le derniers bug viendrais de dkimproxy: il va chercher la clef
/var/lib/dkimproxy/private.key quoi que l'on fasse.

Il y a un truc à ajouter c'est que la clef d'origine:elle n'a pas la
bonne permission.(tant mieux car ça oblige à poser ça clef dans
/var/lib/dkimproxy avec le nom private.key).

-- 
Cordialement Thomas Marsaleix




#!/bin/sh
#
# Copyright (C) 2005 Messiah College.
# Copyright (C) 2008 Thomas Goirand <thomas@goirand.fr>

### BEGIN INIT INFO
# Provides:		dkimproxy
# Required-Start:	$local_fs $remote_fs
# Required-Stop:	$local_fs $remote_fs
# Default-Start:	2 3 4 5
# Default-Stop:		0 1 6
# Short-Description:	Domain key filter init script
# Description:		dkimproxy is an SMTP-proxy designed for Postfix. It
#                       implements DKIM message signing and verification.
#                       It comprises two separate filters, an "outbound" filter
#                       for signing outgoing email, and an "inbound" filter for
#                       verifying signatures of incoming email. The filters can
#                       operate as either Before-Queue or After-Queue Postfix
#                       content filters.
### END INIT INFO

. /lib/lsb/init-functions

if [ -e /etc/default/dkimproxy ] ; then
	. /etc/default/dkimproxy
fi

### START OF CONFIGURATION READINGS FROM /etc/default/dkimproxy ###
# Check if dkimproxy in or out has been disabled
RUN_DKOUT=1
RUN_DKIN=1
if [ -z "${RUN_DKIMPROXY_OUT}" ] ; then
	if ! [ ${RUN_DKIMPROXY_OUT} -eq 1 ] ; then
		RUN_DKOUT=0
	fi
fi
if [ -z "${RUN_DKIMPROXY_IN}" ] ; then
	if ! [ "${RUN_DKIMPROXY_IN}" -eq 1 ] ; then
		RUN_DKIN=0
	fi
fi

# Check if the path to dkimproxy in or out has been overwritten
DKIN_CONF=/etc/dkimproxy/dkimproxy_in.conf
DKOUT_CONF=/etc/dkimproxy/dkimproxy_out.conf
if [ -z "${DKIMPROXY_IN_CONF}" ] ; then
	DKIN_CONF=${DKIMPROXY_IN_CONF}
fi
if [ -z "${DKIMPROXY_OUT_CONF}" ] ; then
	DKOUT_CONF=${DKIMPROXY_OUT_CONF}
fi
echo "${DKIMPROXY_OUT_PRIVKEY}" >> /tmp/log.txt
# Check if the path to the private key has been overwritten
# In fact, if no value, then set the default...
if [ -z "${DKIMPROXY_OUT_PRIVKEY}" ] ; then
	DKIMPROXY_OUT_PRIVKEY="/var/lib/dkimproxy/private.key"
fi

# Set the default number of process to prefork.
if [ -z "${DKIMPROXY_IN_MIN_SERVERS}" ] ; then
	DKIMPROXY_IN_MIN_SERVERS=5
fi
if [ -z "${DKIMPROXY_OUT_MIN_SERVERS}" ] ; then
	DKIMPROXY_OUT_MIN_SERVERS=5
fi

# Check if the path to the hostname has been overwritten
# In fact, if no value, then set the default...
if [ -z "${DKIM_HOSTNAME}" ] ; then
	DKIM_HOSTNAME=`hostname -d`
fi
if [ -z "${DKIM_HOSTNAME}" ] ; then
	echo 'Warning: no domain name from `hostname -d`, using "localdomain".'
	DKIM_HOSTNAME=localdomain
fi

# Get the host domains dynamically. You can change this to the location where
# you have your virtual table here, or best: ehance this script to support more
# situations with packages others than DTC
HOST_DOMAIN=${DKIM_HOSTNAME}
if [ -z "${DOMAIN}" ] ; then
	if [ -f /var/lib/dtc/etc/local_domains ] ; then
		DTC_DOMAIN=`cat /var/lib/dtc/etc/local_domains | grep -v ^${HOST_DOMAIN} | tr \\\r\\\n ,,`
	else
		DTC_DOMAIN=""
	fi
fi
if [ -z "${DOMAIN}" ] ; then
	DOMAIN=${DTC_DOMAIN}${HOST_DOMAIN}
fi

# Configure usernames to run under
if [ -z "${DKIMPROXYUSER}" ] ; then
	DKIMPROXYUSER=dkimproxy
fi
if [ -z "${DKIMPROXYGROUP}" ] ; then
	DKIMPROXYGROUP=dkimproxy
fi

### END OF CONFIGURATION READINGS FROM /etc/default/dkimproxy ###

DKIMPROXY_IN_BIN="/usr/sbin/dkimproxy.in"
DKIMPROXY_OUT_BIN="/usr/sbin/dkimproxy.out"
PIDDKIMPROXY_IN="/var/run/dkimproxy.in"
PIDDKIMPROXY_OUT="/var/run/dkimproxy.out"

COMMON_ARGS="--user=${DKIMPROXYUSER} --group=${DKIMPROXYGROUP} --daemonize"
DKIMPROXY_IN_ARGS="--hostname=${DKIM_HOSTNAME} --conf_file=${DKIN_CONF} ${COMMON_ARGS} --pidfile=${PIDDKIMPROXY_IN} --min_servers=${DKIMPROXY_IN_MIN_SERVERS}"
#DKIMPROXY_OUT_ARGS="--domain=${DOMAIN} --method=simple --conf_file=${DKOUT_CONF} --keyfile=${DKIMPROXY_OUT_PRIVKEY} ${COMMON_ARGS} --pidfile=${PIDDKIMPROXY_OUT} --signature=dkim --signature=domainkeys --min_servers=${DKIMPROXY_OUT_MIN_SERVERS}"
DKIMPROXY_OUT_ARGS="--domain=${DOMAIN} --method=simple --conf_file=${DKOUT_CONF} --keyfile=${DKIMPROXY_OUT_PRIVKEY} ${COMMON_ARGS} --pidfile=${PIDDKIMPROXY_OUT} --signature=dkim --min_servers=${DKIMPROXY_OUT_MIN_SERVERS}"

if [ -x /sbin/start-stop-daemon ] ; then
	STRT_STP_DMN=/sbin/start-stop-daemon
else
	STRT_STP_DMN=`which start-stop-daemon`
fi
if [ -z "${STRT_STP_DMN}" ] ; then
	echo "Can't find the start-stop-daemon binary"
fi

case "$1" in
start)
	START_ERROR=0
	RETVAL=0
	if [ -x ${DKIMPROXY_IN_BIN} ] ; then
		if [ "${RUN_DKIN}" -eq 1 ] ; then
			log_daemon_msg "Starting inbound DomainKeys-filter" "dkimproxy.in"
			echo "===>${DKIMPROXY_IN_BIN} ${DKIMPROXY_IN_ARGS}"
			${DKIMPROXY_IN_BIN} ${DKIMPROXY_IN_ARGS}
			RETVAL=$?
			START_ERROR=${RETVAL}
			log_end_msg ${RETVAL}
			if ! [ "${RETVAL}" -eq 0 ] ; then
				exit ${RETVAL}
			fi
		else
			echo "DomainKeys-filter dkimproxy.in disabled in /etc/default/dkimproxy"
		fi
	fi

	if [ -x ${DKIMPROXY_OUT_BIN} ] ; then
		if [ "${RUN_DKOUT}" -eq 1 ] ; then
			log_daemon_msg "Starting outbound DomainKeys-signing" "dkimproxy.out"
			echo "===>${DKIMPROXY_OUT_BIN} ${DKIMPROXY_OUT_ARGS}"
			${DKIMPROXY_OUT_BIN} ${DKIMPROXY_OUT_ARGS}
			#${STRT_STP_DMN} --background --make-pidfile --start -p ${PIDDKIMPROXY_OUT} -u ${DKIMPROXYUSER} -g ${DKIMPROXYGROUP} -x ${DKIMPROXY_OUT_BIN} -- ${DKIMPROXY_OUT_ARGS}
			RETVAL=$?
			log_end_msg ${RETVAL}
		else
			echo "DomainKeys-signing dkimproxy.out disabled in /etc/default/dkimproxy"
		fi
	fi
	if ! [ "${RETVAL}" -eq 0 -a "${START_ERROR}" -eq 0 ] ; then
		if ! [ ${START_ERROR} -eq 0 ] ; then
			echo "Error ${START_ERROR} when starting ${DKIMPROXY_IN_BIN}"
		fi
		if ! [ "${RETVAL}" -eq 0 ] ; then
			echo "Error ${RETVAL} when starting ${DKIMPROXY_OUT_BIN}"
		fi
	fi
	;;

stop)
	RETVALIN=0
	RETVALOUT=0
	if [ -x ${DKIMPROXY_IN_BIN} ] ; then
		if [ "${RUN_DKIN}" -eq 1 ] ; then
			log_daemon_msg "Shutting down inbound DomainKeys-filter" "dkimproxy.in"
			if [ -f "${PIDDKIMPROXY_IN}" ] ; then
				kill `cat ${PIDDKIMPROXY_IN}`
				RETVALIN=$?
			else
				echo -n " ${PIDDKIMPROXY_IN} not found "
				RETVALIN=1
			fi
			log_end_msg ${RETVALIN}
		else
			echo "DomainKeys-filter dkimproxy.in disabled in /etc/default/dkimproxy"
		fi
	fi
	if [ -x ${DKIMPROXY_OUT_BIN} ] ; then
		if [ "${RUN_DKOUT}" -eq 1 ] ; then
			log_daemon_msg "Shutting down outbound DomainKeys-filter" "dkimproxy.out"
			if [ -f "${PIDDKIMPROXY_OUT}" ] ; then
				kill `cat ${PIDDKIMPROXY_OUT}`
				RETVALOUT=$?
			else
				echo -n " ${PIDDKIMPROXY_OUT} not found "
				RETVALOUT=1
			fi
			log_end_msg ${RETVALOUT}
		else
			echo "DomainKeys-signing dkimproxy.out disabled in /etc/default/dkimproxy"
		fi
	fi
	rm -f "${PIDDKIMPROXY_IN}" "${PIDDKIMPROXY_OUT}"
	if ! [ ${RETVALIN} -eq 0 -a ${RETVALOUT} -eq 0 ]; then
		if ! [ ${RETVALIN} -eq 0 ] ; then
			echo "Error ${RETVALIN} when shutting down ${PIDDKIMPROXY_IN}"
		fi
		if ! [ "${RETVALOUT}" -eq 0 ] ; then
			echo "Error ${RETVALOUT} when shutting down ${PIDDKIMPROXY_OUT}"
		fi
	fi
	;;
force-reload)
	$0 stop
	sleep 1
	$0 start
	;;
reload)
	$0 stop
	sleep 1
	$0 start
	;;
restart)
	$0 stop
	sleep 1
	$0 start
	;;
*)
	echo "Usage: $0 {start|stop|restart|reload|force-reload}"
	exit 1
	;;
esac

exit 0

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: