]>
Commit | Line | Data |
---|---|---|
03daa12d SI |
1 | package PMG::API2::DKIMSign; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | ||
6 | use PVE::Tools qw(extract_param); | |
7 | use PVE::JSONSchema qw(get_standard_option); | |
8 | use PVE::Exception qw(raise_param_exc); | |
9 | use PVE::RESTHandler; | |
10 | ||
11 | use PMG::Config; | |
12 | use PMG::DKIMSign; | |
13 | ||
14 | use PMG::API2::DKIMSignDomains; | |
15 | ||
16 | use base qw(PVE::RESTHandler); | |
17 | ||
18 | __PACKAGE__->register_method({ | |
19 | subclass => "PMG::API2::DKIMSignDomains", | |
20 | path => 'domains', | |
21 | }); | |
22 | ||
23 | __PACKAGE__->register_method({ | |
24 | name => 'index', | |
25 | path => '', | |
26 | method => 'GET', | |
27 | description => "Directory index.", | |
28 | parameters => { | |
29 | additionalProperties => 0, | |
30 | properties => {}, | |
31 | }, | |
32 | returns => { | |
33 | type => 'array', | |
34 | items => { | |
35 | type => "object", | |
36 | properties => { section => { type => 'string'} }, | |
37 | }, | |
38 | links => [ { rel => 'child', href => "{section}" } ], | |
39 | }, | |
40 | code => sub { | |
41 | my ($param) = @_; | |
42 | ||
43 | return [ | |
44 | { section => 'domains'}, | |
45 | { section => 'selector'} | |
46 | ]; | |
47 | }}); | |
48 | ||
49 | __PACKAGE__->register_method({ | |
50 | name => 'set_selector', | |
51 | path => 'selector', | |
52 | method => 'POST', | |
53 | description => "Generate a new private key for selector. All future mail will be signed with the new key!", | |
54 | protected => 1, | |
55 | permissions => { check => [ 'admin' ] }, | |
56 | proxyto => 'master', | |
57 | parameters => { | |
58 | additionalProperties => 0, | |
59 | properties => { | |
60 | selector => { | |
61 | description => "DKIM Selector", | |
62 | type => 'string', format => 'dns-name', | |
63 | }, | |
64 | keysize => { | |
65 | description => "Number of bits for the RSA-Key", | |
66 | type => 'integer', minimum => 1024 | |
67 | }, | |
68 | }, | |
69 | }, | |
70 | returns => { type => 'null' }, | |
71 | code => sub { | |
72 | my ($param) = @_; | |
73 | my $selector = extract_param($param, 'selector'); | |
74 | my $keysize = extract_param($param, 'keysize'); | |
75 | ||
76 | PMG::DKIMSign::set_selector($selector, $keysize); | |
77 | ||
78 | return undef; | |
79 | }}); | |
80 | ||
81 | sub pmg_verify_dkim_pubkey_record { | |
82 | my ($rec, $noerr) = @_; | |
83 | ||
84 | if ($rec !~ /\._domainkey\tIN\tTXT\t\( "v=DKIM1; h=sha256; k=rsa; ".+ \) ; ----- DKIM key/ms ) { | |
85 | return undef if $noerr; | |
86 | die "value does not look like a valid DKIM TXT record\n"; | |
87 | } | |
88 | ||
89 | return $rec | |
90 | } | |
91 | ||
92 | PVE::JSONSchema::register_format( | |
93 | 'pmg-dkim-record', \&pmg_verify_dkim_pubkey_record); | |
94 | ||
95 | __PACKAGE__->register_method({ | |
96 | name => 'get_selector_info', | |
97 | path => 'selector', | |
98 | method => 'GET', | |
99 | description => "Get the public key for the configured selector, prepared as DKIM TXT record", | |
100 | protected => 1, | |
101 | permissions => { check => [ 'admin' ] }, | |
102 | proxyto => 'master', | |
103 | parameters => { | |
104 | additionalProperties => 0, | |
105 | properties => { }, | |
106 | }, | |
107 | returns => { | |
108 | type => 'object', | |
109 | properties => { | |
110 | selector => { type => 'string', format => 'dns-name', optional => 1 }, | |
111 | keysize => { type => 'integer', minimum => 1024 , optional => 1}, | |
112 | record => { type => 'string', format => 'pmg-dkim-record', optional => 1}, | |
113 | }, | |
114 | }, | |
115 | code => sub { | |
116 | my $cfg = PMG::Config->new(); | |
117 | my $selector = $cfg->get('admin', 'dkim_selector'); | |
118 | ||
119 | return {} if !defined($selector); | |
120 | ||
121 | my ($record, $size); | |
122 | eval { ($record, $size) = PMG::DKIMSign::get_selector_info($selector); }; | |
123 | return {selector => $selector} if $@; | |
124 | ||
125 | return { selector => $selector, keysize => $size, record => $record }; | |
126 | }}); | |
127 | 1; |