Merge pull request #1050 from ikedas/issue-1036 by ikedas

DKIM signing not working if dkim_feature in domain context was not enabled (#1036)

src/lib/Sympa/Message.pm

@@ -58,6 +58,7 @@ use Sympa::Scenario;
 use Sympa::Spool;
 use Sympa::Template;
 use Sympa::Tools::Data;
+use Sympa::Tools::DKIM;
 use Sympa::Tools::File;
 use Sympa::Tools::Password;
 use Sympa::Tools::SMIME;
@@ -648,15 +649,8 @@ sub check_dkim_signature {
 
     return unless $Mail::DKIM::Verifier::VERSION;
 
-    my $robot_id =
-        (ref $self->{context} eq 'Sympa::List') ? $self->{context}->{'domain'}
-        : (ref $self->{context} eq 'Sympa::Family')
-        ? $self->{context}->{'domain'}
-        : $self->{context};
-
-    return
-        unless Sympa::Tools::Data::smart_eq(
-        Conf::get_robot_conf($robot_id || '*', 'dkim_feature'), 'on');
+    #FIXME: check should be done even if dkim_feature was not "on".
+    return unless Sympa::Tools::DKIM::get_dkim_parameters($self->{context});
 
     my $dkim;
     unless ($dkim = Mail::DKIM::Verifier->new()) {

src/lib/Sympa/Message/Template.pm

@@ -41,6 +41,7 @@ use Sympa::Log;
 use Sympa::Spool;
 use Sympa::Template;
 use Sympa::Tools::Data;
+use Sympa::Tools::DKIM;
 use Sympa::Tools::Password;
 use Sympa::Tools::SMIME;
 use Sympa::Tools::Text;
@@ -203,8 +204,9 @@ sub new {
     # Shelve S/MIME signing.
     $self->{shelved}{smime_sign} = 1
         if $smime_sign;
+
     # Shelve DKIM signing.
-    if (Conf::get_robot_conf($robot_id, 'dkim_feature') eq 'on') {
+    if (Sympa::Tools::DKIM::get_dkim_parameters($that)) {
         my $dkim_add_signature_to =
             Conf::get_robot_conf($robot_id, 'dkim_add_signature_to');
         if ($list and $dkim_add_signature_to =~ /list/

src/lib/Sympa/Spindle/ProcessOutgoing.pm

@@ -8,8 +8,8 @@
 # Copyright (c) 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
 # 2006, 2007, 2008, 2009, 2010, 2011 Comite Reseau des Universites
 # Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016, 2017 GIP RENATER
-# Copyright 2017, 2019 The Sympa Community. See the AUTHORS.md file at
-# the top-level directory of this distribution and at
+# Copyright 2017, 2019, 2020 The Sympa Community. See the AUTHORS.md
+# file at the top-level directory of this distribution and at
 # <https://github.com/sympa-community/sympa.git>.
 #
 # This program is free software; you can redistribute it and/or modify
@@ -329,7 +329,7 @@ sub _twist {
                 delete $new_message->{shelved}{smime_encrypt};
             }
 
-            if (Conf::get_robot_conf($robot, 'dkim_feature') eq 'on') {
+            if ($dkim) {
                 $new_message->remove_invalid_dkim_signature;
             }
             if ($new_message->{shelved}{dkim_sign} and $dkim) {
@@ -394,7 +394,7 @@ sub _twist {
             delete $new_message->{shelved}{smime_sign};
         }
 
-        if (Conf::get_robot_conf($robot, 'dkim_feature') eq 'on') {
+        if ($dkim) {
             $new_message->remove_invalid_dkim_signature;
         }
         # Initial message

src/lib/Sympa/Tools/DKIM.pm

@@ -8,6 +8,9 @@
 # Copyright (c) 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
 # 2006, 2007, 2008, 2009, 2010, 2011 Comite Reseau des Universites
 # Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016, 2017 GIP RENATER
+# Copyright 2018, 2020 The Sympa Community. See the AUTHORS.md
+# file at the top-level directory of this distribution and at
+# <https://github.com/sympa-community/sympa.git>.
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -43,6 +46,8 @@ sub get_dkim_parameters {
     if (ref $that eq 'Sympa::List') {
         $robot_id = $that->{'domain'};
         $list     = $that;
+    } elsif (ref $that eq 'Sympa::Family') {
+        $robot_id = $that->{'domain'};
     } elsif ($that and $that ne '*') {
         $robot_id = $that;
     } else {
@@ -52,6 +57,16 @@ sub get_dkim_parameters {
     my $data;
     my $keyfile;
     if ($list) {
+        # check if enabled for the list
+        $log->syslog(
+            'debug2',
+            'list DKIM feature %s',
+            $list->{'admin'}{'dkim_feature'}
+        );
+
+        return undef
+            unless $list->{'admin'}{'dkim_feature'} eq 'on';
+
         # fetch dkim parameter in list context
         $data->{'d'} = $list->{'admin'}{'dkim_parameters'}{'signer_domain'};
         if ($list->{'admin'}{'dkim_parameters'}{'signer_identity'}) {
@@ -65,6 +80,14 @@ sub get_dkim_parameters {
         $keyfile = $list->{'admin'}{'dkim_parameters'}{'private_key_path'};
     } else {
         # in robot context
+        $log->syslog(
+            'debug2',
+            'robot DKIM feature %s',
+            Conf::get_robot_conf($robot_id, 'dkim_feature')
+        );
+        return undef
+            unless Conf::get_robot_conf($robot_id, 'dkim_feature') eq 'on';
+
         $data->{'d'} = Conf::get_robot_conf($robot_id, 'dkim_signer_domain');
         $data->{'i'} =
             Conf::get_robot_conf($robot_id, 'dkim_signer_identity');