Merge pull request trusteddomainproject#228 from r-a-z-v-a-n/CheckSigningTable

futatuki · futatuki · commit d95b8e490935 · 2024-09-19T20:18:36.000+09:00
Add CheckSigningTable config option When CheckSigningTable is set to no, the keys in KeyTable are no longer verified when config is loaded. Also implement a command line option -g for skipping SigningTable verification. trusteddomainproject#228
diff --git a/opendkim/opendkim-config.h b/opendkim/opendkim-config.h
@@ -44,6 +44,7 @@ struct configdef dkimf_config[] =
 	{ "Canonicalization",		CONFIG_TYPE_STRING,	FALSE },
 	{ "CaptureUnknownErrors",	CONFIG_TYPE_BOOLEAN,	FALSE },
 	{ "ChangeRootDirectory",	CONFIG_TYPE_STRING,	FALSE },
+	{ "CheckSigningTable",		CONFIG_TYPE_BOOLEAN,	FALSE },
 	{ "ClockDrift",			CONFIG_TYPE_INTEGER,	FALSE },
 #ifdef _FFR_CONDITIONAL
 	{ "ConditionalSignatures",	CONFIG_TYPE_STRING,	FALSE },
diff --git a/opendkim/opendkim.8.in b/opendkim/opendkim.8.in
@@ -282,6 +282,10 @@ Normally
 forks and exits immediately, leaving the service running in the background.
 This flag suppresses that behaviour so that it runs in the foreground.
 .TP
+.I \-g
+Skip checking the SigningTable for any missing keys in the KeyTable.  This 
+is the same as setting CheckSigningTable=no in opendkim.conf(5).
+.TP
 .I \-F time
 Specifies a fixed time to use when generating signatures.  Ignored unless
 also used in conjunction with
diff --git a/opendkim/opendkim.c b/opendkim/opendkim.c
@@ -137,7 +137,7 @@
 #endif /* _FFR_REPUTATION */
 
 /* macros */
-#define CMDLINEOPTS	"Ab:c:d:De:fF:k:lL:no:p:P:Qrs:S:t:T:u:vVWx:X?"
+#define CMDLINEOPTS	"Ab:c:d:De:fF:gk:lL:no:p:P:Qrs:S:t:T:u:vVWx:X?"
 
 #ifndef MIN
 # define MIN(x,y)	((x) < (y) ? (x) : (y))
@@ -248,6 +248,7 @@ struct dkimf_config
 	_Bool		conf_noheaderb;		/* suppress "header.b" */
 	_Bool		conf_singleauthres;	/* single Auth-Results */
 	_Bool		conf_safekeys;		/* check key permissions */
+	_Bool		conf_checksigningtable; /* skip checking keys on startup */
 #ifdef _FFR_RESIGN
 	_Bool		conf_resignall;		/* resign unverified mail */
 #endif /* _FFR_RESIGN */
@@ -5892,6 +5893,7 @@ dkimf_config_new(void)
 	new->conf_atpshash = dkimf_atpshash[0].str;
 #endif /* _FFR_ATPS */
 	new->conf_selectcanonhdr = SELECTCANONHDR;
+	new->conf_checksigningtable = TRUE;
 
 	memcpy(&new->conf_handling, &defaults, sizeof new->conf_handling);
 
@@ -6209,6 +6211,10 @@ dkimf_config_load(struct config *data, struct dkimf_config *conf,
 		                  sizeof conf->conf_softstart);
 #endif /* (USE_LDAP || USE_ODBX) */
 
+		(void) config_get(data, "CheckSigningTable",
+		                  &conf->conf_checksigningtable,
+		                  sizeof conf->conf_checksigningtable);
+
 		(void) config_get(data, "DNSConnect",
 		                  &conf->conf_dnsconnect,
 		                  sizeof conf->conf_dnsconnect);
@@ -8333,7 +8339,7 @@ dkimf_config_load(struct config *data, struct dkimf_config *conf,
 		**  missing KeyTable entries.
 		*/
 
-		if (conf->conf_signtabledb != NULL)
+		if (conf->conf_signtabledb != NULL && conf->conf_checksigningtable != FALSE)
 		{
 			_Bool first = TRUE;
 			_Bool found;
@@ -15508,6 +15514,7 @@ usage(void)
 	                "\t-e name     \textract configuration value and exit\n"
 	                "\t-f          \tdon't fork-and-exit\n"
 	                "\t-F time     \tfixed timestamp to use when signing (test mode only)\n"
+	                "\t-g          \tdo not walk SigningTable when loading config\n"
 	                "\t-k keyfile  \tlocation of secret key file\n"
 	                "\t-l          \tlog activity to system log\n"
 	                "\t-L limit    \tsignature limit requirements\n"
@@ -15687,6 +15694,11 @@ main(int argc, char **argv)
 			}
 			break;
 
+		  case 'g':
+			curconf->conf_checksigningtable = FALSE;
+			break;
+
+
 		  case 'k':
 			if (optarg == NULL || *optarg == '\0')
 				return usage();
diff --git a/opendkim/opendkim.conf.5.in b/opendkim/opendkim.conf.5.in
@@ -179,6 +179,11 @@ requires superuser access. A warning will be generated if
 .I UserID
 is not also set.
 
+.TP
+.I CheckSigningTable (Boolean)
+If set to yes, it walks the SigningTable on boot when it loads the config
+file to check for missing keys in KeyTable.  The default is yes.
+
 .TP
 .I ClockDrift (integer)
 Sets the tolerance in seconds to be applied when determining whether a
diff --git a/opendkim/opendkim.conf.sample b/opendkim/opendkim.conf.sample
@@ -129,6 +129,15 @@
 
 # Canonicalization	simple/simple
 
+##  CheckSigningTable  { yes | no }
+##  	default "yes"
+##
+##  If set, the SigningTable will be checked for missing keys in
+##  KeyTable when loading the config. This can take a longer time with 
+##  larger databases. Requires opendbx.
+
+# CheckSigningTable		yes
+
 ##  ClockDrift n
 ##  	default 300
 ##
