Commit 05ef62fc authored by david.verdin's avatar david.verdin
Browse files

[svn] Reintegrating and closing branch sympa-dkim. this is the end of the side...

[svn] Reintegrating and closing branch sympa-dkim. this is the end of the side development of the DKIM feature for Sympa. DON'T FORGET TO INCLUDE THE COMMIT LOGS FROM THAT BRACNH TO THE NEWS FILE BEFORE RELEASING THE NEXT VERSION.



git-svn-id: https://subversion.renater.fr/sympa/trunk@6187 05aa8bb8-cd2b-0410-b1d7-8918dfa770ce
parent a55a84ce
......@@ -15,9 +15,13 @@ X-Loop: [% conf.sympa %]
[%- FOREACH notice = notices -%]
> [% notice.cmd -%]
> [% notice.entry %]
[% IF notice.entry == 'smime' -%]
[%|loc%]Your message signature was successfully verified using S/MIME.[%END%]
[% IF notice.entry == 'dkim' -%]
[%|loc%]Your message contain a DKIM signature. It was succesfully verified[%END%]
[% ELSIF notice.entry == 'req_forward' -%]
[%|loc%]Your request to subscribe/unsubscribe has been forwarded to the list's
owners for approval. You will receive a notification when you have
......
......@@ -169,6 +169,7 @@ $Conf::Conf{'maxsmtp'} = int($Conf::Conf{'maxsmtp'}/$Conf::Conf{'bulk_max_count'
while (!$end) {
&List::init_list_cache();
my $bulk;
my $message_from_spool ;
unless ($main::options{'foreground'}) {
##
......@@ -222,14 +223,15 @@ while (!$end) {
if ($bulk->{'messagekey'} ne $messagekey) {
# current packet is no related to the same message as the previous packet
# so it is needed to fetch the new message from message_table
$messageasstring_init = &Bulk::messageasstring($bulk->{'messagekey'});
$message_from_spool = &Bulk::message_from_spool($bulk->{'messagekey'});
$messageasstring_init = $message_from_spool->{'messageasstring'};
unless ( $messageasstring_init ) {
&do_log('err',"internal error : current packet 'messagekey= %s contain a ref to a null message",$bulk->{'messagekey'});
&do_log('err',"internal error : current packet (messagekey= %s) contain a ref to a null message",$bulk->{'messagekey'});
}
}
#--------------------------------------------------
#------------- BEGIN VERP AND MERGE ---------------
#--------------------------------------------------
my $data; #HASH which will contain the attributes of the subscriber
# Initialization of the HASH : $data. It will be used by parse_tt2 to personalized messages.
......@@ -243,6 +245,14 @@ while (!$end) {
## Use an intermediate handler to encode to filesystem_encoding
my $user;
# message transformation must be done in the folowing order
# -1 headers modifications (done in sympa.pl)
# -2 merge
# -3 smime sign
# -4 smime encrypt
# -5 dkim sign
#
if (($bulk->{'verp'})||($bulk->{'merge'})){ # message needs personalization
foreach $rcpt (@rcpts) {
......@@ -262,17 +272,31 @@ while (!$end) {
&do_log('err', 'Erreur d appel &Bulk::merge_msg');
}
$messageasstring = $entity->as_string;
$messageasstring = $entity->as_string;
}
if ($message_from_spool->{'dkim_d'}){ # apply dkim signature AFTER any other message transformation.
$messageasstring = &tools::dkim_sign($messageasstring,{'dkim_d'=> $message_from_spool->{'dkim_d'},
'dkim_i'=> $message_from_spool->{'dkim_i'},
'dkim_selector'=> $message_from_spool->{'dkim_selector'},
'dkim_privatekey' => $message_from_spool->{'dkim_privatekey'},
'dkim_header_list' =>$message_from_spool->{'dkim_header_list'} } );
}
*SMTP = &mail::smtpto($return_path, \$rcpt, $bulk->{'robot'});
# Message with customized data
print SMTP $messageasstring;
close SMTP;
}
}else{ # message dont needs personalization, they can be sent by packet
*SMTP = &mail::smtpto($bulk->{'returnpath'}, \@rcpts, $bulk->{'robot'});
# Initial message
if ($message_from_spool->{'dkim_d'}){
$messageasstring_init = &tools::dkim_sign($messageasstring_init,{'dkim_d'=> $message_from_spool->{'dkim_d'},
'dkim_i'=> $message_from_spool->{'dkim_i'},
'dkim_selector'=> $message_from_spool->{'dkim_selector'},
'dkim_privatekey' => $message_from_spool->{'dkim_privatekey'},
'dkim_header_list' =>$message_from_spool->{'dkim_header_list'} } );
}
*SMTP = &mail::smtpto($bulk->{'returnpath'}, \@rcpts, $bulk->{'robot'});
print SMTP $messageasstring_init;
close SMTP;
}
......
......@@ -120,6 +120,15 @@ remove_outgoing_headers owner,privileged_owner hidden
default_user_options owner,privileged_owner hidden
dkim_feature listmaster write
dkim_feature owner,privileged_owner hidden
dkim_parameters listmaster write
dkim_parameters owner,privileged_owner hidden
dkim_signature_apply_on listmaster write
dkim_signature_apply_on owner,privileged_owner hidden
create_list_request.tt2 owner,privileged_owner hidden
list_created.tt2 owner,privileged_owner hidden
......
title.gettext restricted to owner with authentication
is_owner([listname],[sender]) smtp -> request_auth
is_listmaster([sender]) smtp -> request_auth
is_owner([listname],[sender]) smtp,dkim -> request_auth
is_listmaster([sender]) smtp,dkim -> request_auth
is_owner([listname],[sender]) md5,smime -> do_it
is_listmaster([sender]) md5,smime -> do_it
true() smtp,md5,smime -> reject(reason='add_owner')
true() smtp,dkim,md5,smime -> reject(reason='add_owner')
title.gettext restricted to owner without authentication if DKIM signature is OK.
is_owner([listname],[sender]) smtp -> request_auth
is_listmaster([sender]) smtp -> request_auth
is_owner([listname],[sender]) dkim,md5,smime -> do_it
is_listmaster([sender]) dkim,md5,smime -> do_it
true() smtp,dkim,md5,smime -> reject(reason='add_owner')
title.gettext add impossible
true() smtp,md5,smime -> reject('add_closed')
true() smtp,dkim,md5,smime -> reject('add_closed')
......
title.gettext add performed by list owner does not need authentication
is_owner([listname],[sender]) smtp,md5,smime -> do_it
is_listmaster([sender]) smtp -> request_auth
is_owner([listname],[sender]) smtp,dkim,md5,smime -> do_it
is_listmaster([sender]) smtp,dkim -> request_auth
is_listmaster([sender]) md5,smime -> do_it
true() smtp,md5,smime -> reject(reason='add_owner')
true() smtp,dkim,md5,smime -> reject(reason='add_owner')
title.gettext add performed by owner does not need authentication (notification)
is_owner([listname],[sender]) smtp,md5,smime -> do_it,notify
is_owner([listname],[sender]) smtp,dkim,md5,smime -> do_it,notify
is_listmaster([sender]) smtp -> request_auth
is_listmaster([sender]) md5,smime -> do_it,notify
true() smtp,md5,smime -> reject(reason='add_owner')
is_listmaster([sender]) dkim,md5,smime -> do_it,notify
true() smtp,dkim,md5,smime -> reject(reason='add_owner')
title.gettext add performed by list owner does not need authentication if DKIM signature OK
is_owner([listname],[sender]) smtp -> request_auth
is_owner([listname],[sender]) dkim,md5,smime -> do_it
is_listmaster([sender]) smtp -> request_auth
is_listmaster([sender]) dkim,md5,smime -> do_it
true() smtp,dkim,md5,smime -> reject(reason='add_owner')
title.gettext restricted to listmaster
is_listmaster([sender]) smime -> do_it
true() smtp,md5,smime -> reject
is_listmaster([sender]) smime,md5 -> do_it
true() smtp,dkim,md5,smime -> reject
title.gettext anybody. Be sure you know what you are doing
true() smtp,smime -> do_it
true() smtp,dkim,md5,smime -> do_it
title.gettext deletion performed only by list owners, need authentication
is_owner([listname],[sender]) smtp -> request_auth
is_listmaster([sender]) smtp -> request_auth
is_owner([listname],[sender]) md5,smime -> do_it
is_listmaster([sender]) md5,smime -> do_it
true() smtp,md5,smime -> reject(reason='del_owner')
is_owner([listname],[sender]) smtp,dkim -> request_auth
is_listmaster([sender]) smtp,dkim -> request_auth
is_owner([listname],[sender]) md5,smime -> do_it
is_listmaster([sender]) md5,smime -> do_it
true() smtp,dkim,md5,smime -> reject(reason='del_owner')
title.gettext deletion performed only by list owners, need authentication unless DKIM signature is OK
is_owner([listname],[sender]) smtp -> request_auth
is_listmaster([sender]) smtp -> request_auth
is_owner([listname],[sender]) dkim,md5,smime -> do_it
is_listmaster([sender]) dkim,md5,smime -> do_it
true() smtp,dkim,md5,smime -> reject(reason='del_owner')
title.gettext remove subscriber impossible
true() smtp,md5,smime -> reject(reason='del_closed')
true() smtp,dkim,md5,smime -> reject(reason='del_closed')
title.gettext by owner without authentication
is_owner([listname],[sender]) smtp,md5,smime -> do_it
is_listmaster([sender]) smtp -> request_auth
is_listmaster([sender]) md5,smime -> do_it
is_owner([listname],[sender]) smtp,dkim,md5,smime -> do_it
is_listmaster([sender]) smtp,dkim -> request_auth
is_listmaster([sender]) md5,smime -> do_it
true() smtp,md5,smime -> reject(reason='del_owner')
title.gettext list owners, authentication not needed (notification)
is_owner([listname],[sender]) smtp,smime,md5 -> do_it,notify
is_listmaster([sender]) smtp -> request_auth
is_owner([listname],[sender]) smtp,dkim,smime,md5 -> do_it,notify
is_listmaster([sender]) smtp,dkim -> request_auth
is_listmaster([sender]) md5,smime -> do_it,notify
true() smtp,md5,smime -> reject(reason='del_owner')
true() smtp,dkim,md5,smime -> reject(reason='del_owner')
title.gettext just for listmaster
is_listmaster([sender]) smtp -> request_auth
is_listmaster([sender]) smtp,dkim -> request_auth
is_listmaster([sender]) md5,smime -> do_it
true() smtp,md5,smime -> reject(reason='global_remind_listmaster')
true() smtp,dkim,md5,smime -> reject(reason='global_remind_listmaster')
title.gettext closed
true() smtp,md5,smime -> reject(reason='invite_closed')
true() smtp,dkim,md5,smime -> reject(reason='invite_closed')
title.gettext invite perform by list owner do not need authentication
is_owner([listname],[sender]) smtp,md5,smime -> do_it
is_listmaster([sender]) smtp -> request_auth
is_owner([listname],[sender]) smtp,dkim,md5,smime -> do_it
is_listmaster([sender]) smtp,dkim -> request_auth
is_listmaster([sender]) md5,smime -> do_it
true() smtp,md5,smime -> reject(reason='invite_owner')
true() smtp,dkim,md5,smime -> reject(reason='invite_owner')
title.gettext restricted to subscribers
is_subscriber([listname],[sender]) smtp,md5,smime -> do_it
is_owner([listname],[sender]) smtp,md5,smime -> do_it
is_editor([listname],[sender]) smtp,md5,smime -> do_it
is_listmaster([sender]) smtp,md5,smime -> do_it
true() smtp,md5,smime -> reject(reason='invite_subscriber')
is_subscriber([listname],[sender]) smtp,dkim,md5,smime -> do_it
is_owner([listname],[sender]) smtp,dkim,md5,smime -> do_it
is_editor([listname],[sender]) smtp,dkim,md5,smime -> do_it
is_listmaster([sender]) smtp,dkim,md5,smime -> do_it
true() smtp,dkim,md5,smime -> reject(reason='invite_subscriber')
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment