Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

If KeyTable is present in config file then KeyFile is silently ignored #240

Open
apoelstra opened this issue Dec 31, 2024 · 0 comments
Open

If KeyTable is present in config file then KeyFile is silently ignored #240

apoelstra opened this issue Dec 31, 2024 · 0 comments

Comments

@apoelstra
Copy link

It would be better to forbid both KeyTable and KeyFile, or to at least emit a warning that KeyFile is being ignored. Instead what happens is that KeyFile is treated as though it were not present at all.

If Selector then appears, or is provided on the command line, the user will see the error KeyFile and Selector must both be defined or both be undefined.

This is very confusing to untangle (I had to dig into the source code) because the actual condition being checked is that "if KeyTable is present, then neither KeyFile nor Selector may be present" -- and since SigningTable requires KeyTable, we also have the condition "if SigningTable is present then neither KeyFile nor Selector may be present".

Unfortunately in NixOS, KeyFile and Selector are unconditionally provided on the command-line, which seems to preempt using opendkim in signing mode. (This is easy to override, but I am mentioning it here to help future people who may be searching for these error messages. I may also file a PR against nixpkgs to encode this logic in nix assertions.)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@apoelstra