git.proxmox.com Git - pmg-api.git/commit

author	Stoiko Ivanov <s.ivanov@proxmox.com>
	Tue, 14 Jan 2020 18:31:34 +0000 (19:31 +0100)
committer	Thomas Lamprecht <t.lamprecht@proxmox.com>
	Tue, 21 Jan 2020 08:08:22 +0000 (09:08 +0100)
commit	d95c075a10ddfdc4d86abfbfab80b9414d4f5674
tree	f5cafdf6a278c0eecc69856fe30d6aade27f4c5f	tree
parent	d9a86cfe316ddc0602ad76e919f0d8353ccbcd0c	commit \| diff

fix #2504: do not overwrite existing selector key

This patch changes the behavior of DKIM selector creation. Instead of blindly
overwriting an already present file, add a force parameter to overwrite it (and
behave like the current code).

Overwriting an existing selector can potentially be quite destructive (e.g.
a setup where the admin has already posted the DNS-record for one selector to
many domains, then wants to quickly experiment with a larger keysize, and tries
to go back to the existing behavior).

The new behavior without force set to true, when a private key for the selector
already exists is to die if the file is either not a private RSA key, or has
the wrong size, or else just set the selector in pmg.conf

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>

src/PMG/API2/DKIMSign.pm		diff \| blob \| blame \| history
src/PMG/DKIMSign.pm		diff \| blob \| blame \| history