updated dkim-handling

Author: Florian Schaal

interface/web/js/dns_dkim.js

@@ -31,15 +31,16 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 This Javascript is invoked by
 	* mail/templates/mail_domain_edit.htm to show and/or create the key-pair
 */
-var request = false;
-
 $('.subsectiontoggle').on('click', function(){
 	$(this).children().toggleClass('showing').end().next().slideToggle();
 });
 
-function setRequest(action) {
+var request = false;
+
+//function setRequest(action) {
+function setRequest() {
 	if (window.XMLHttpRequest) {
-		request = new XMLHttpRequest();
+			request = new XMLHttpRequest();
 	} else if (window.ActiveXObject) {
 		try {
 			request = new ActiveXObject('Msxml2.XMLHTTP');
@@ -51,7 +52,6 @@ function setRequest(action) {
 			catch (e) {}
 		}
 	}
-
 	if (!request) {
 		alert("Error creating XMLHTTP-instance");
 		return false;
@@ -64,12 +64,20 @@ function setRequest(action) {
 		} else { 
 			var domain = jQuery('#domain').val();
 		}
+
+		// we nedd the client-id to get the dkim-strength of the right mail-server
+		try {
+			var clientid = document.getElementById("client_group_id").selectedIndex; // admin and reseller
+		}
+		catch (e) {
+			var clientid = jQuery('#client_id').val();; // user
+		}
+
 		var selector=jQuery('#dkim_selector').val();
 		var publickey=jQuery('#dkim_public').val();
-		var privatekey=encodeURIComponent(document.getElementById("dkim_private").value)
 		request.open('POST', 'mail/mail_domain_dkim_create.php', true);
 		request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
-		request.send('domain='+domain+'&action='+action+'&dkim_selector='+selector+'&dkim_public='+publickey+'&dkim_private='+privatekey);
+		request.send('domain='+domain+'&dkim_selector='+selector+'&dkim_public='+publickey+'&client_id='+clientid);
 		request.onreadystatechange = interpretRequest;
 	}
 }
@@ -86,10 +94,9 @@ function interpretRequest() {
 				document.getElementsByName('dns_record')[0].value = request.responseXML.getElementsByTagName('dns_record')[0].firstChild.nodeValue;
 			}
 		break;
-
 		default:
 		break;
 	}
 }
 
-setRequest('show');
+//setRequest('show');

interface/web/js/mail_domain_dkim.js

@@ -56,23 +56,6 @@ function validate_selector($selector) {
 	if ( preg_match($regex, $selector) === 1 ) return true; else return false;
 }
 
-/**
- * This function fix PHP's messing up POST input containing characters space, dot,
- * open square bracket and others to be compatible with with the deprecated register_globals
- * @return array POST
- */
-function getRealPOST() {
-	$pairs = explode("&", file_get_contents("php://input"));
-	$vars = array();
-	foreach ($pairs as $pair) {
-		$nv = explode("=", $pair, 2);
-		$name = urldecode($nv[0]);
-		$value = $nv[1];
-		$vars[$name] = $value;
-	}
-	return $vars;
-}
-
 /**
  * This function formats the public-key
  * @param array $pubkey
@@ -101,57 +84,68 @@ function get_public_key($private_key, $dkim_strength) {
  * @param string $old_selector
  * @return string selector
  */
-function new_selector ($old_selector, $domain) {
+function new_selector ($old_selector, $domain, $client_id = -1) {
 	global $app;
 	//* validate post-values
 	if ( validate_domain($domain) && validate_selector($old_selector) ) {
 		//* get active selectors from dns
-		$soa_rec = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE active = 'Y' AND origin = ?", $domain.'.');
+		$soa_rec = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE active = 'Y' AND origin = ?");
 		if ( isset($soa_rec) && !empty($soa_rec) ) {
 			//* check for a dkim-record in the dns?
-			$dns_data = $app->db->queryOneRecord("SELECT name FROM dns_rr WHERE name = ? AND active = 'Y'", $old_selector.'._domainkey.'.$domain.'.');
-			$selector = str_replace( '._domainkey.'.$domain.'.', '', $dns_data['name']);
-				if ( $old_selector == $selector) {
-					$selector = substr($old_selector, 0, 53) . time(); //* add unix-timestamp to delimiter to allow old and new key in the dns
-				} else {
-					$selector = $old_selector;
+			$dns_data = $app->db->queryOneRecord("SELECT name FROM dns_rr WHERE name = ? AND active = 'Y''", $old_selector.'._domainkey.'.$domain.'.');
+			if ( !empty($dns_data) ){
+				$selector = str_replace( '._domainkey.'.$domain.'.', '', $dns_data['name']);
+			} else {
+			}
+		} else { //* no dns-zone found - check for existing mail-domain to create a new selector (we need this if a external dns is used)
+			if ( $client_id >= 0 ) {
+				$sql = "SELECT * from mail_domain WHERE dkim = 'y' AND domain = ? AND dkim_selector = ?";
+				$maildomain =  $app->db->queryOneRecord($sql, $domain, $old_selector);
+				if ( !empty($maildomain) ) {
+					$selector = $maildomain['selector'];
 				}
+			}
+		}
+		if ( $old_selector == $selector) {
+			$selector = substr($old_selector, 0, 53) . time(); //* add unix-timestamp to delimiter to allow old and new key in the dns
+		} else {
+			$selector = $old_selector;
 		}
 	} else {
 		$selector = 'invalid domain or selector';
 	}
 	return $selector;
 }
 
+$client_id = $app->functions->intval($_POST['client_id']);
+
 //* get dkim-strength for server_id
-//$mail_server_id = $app->functions->intval( $app->db->queryOneRecord("SELECT server_id from mail_domain WHERE domain = ?", $_POST['domain']) );
-//$dkim_strength = $app->functions->intval( $app->getconf->get_server_config($mail_server_id, 'mail')['dkim_strength'] );
-$rec = $app->db->queryOneRecord("SELECT server_id from mail_domain WHERE domain = ?", $_POST['domain']);
-$mail_server_id = $app->functions->intval($rec['server_id']);
-unset ($rec);
-$rec = $app->getconf->get_server_config($mail_server_id, 'mail');
-$dkim_strength = $app->functions->intval($rec['dkim_strength']);
-unset ($rec);
-if ( empty($dkim_strength) ) $dkim_strength = 1024;
-
-switch ($_POST['action']) {
-	case 'create': /* create DKIM Private-key */
-		$_POST=getRealPOST();
-		$rnd_val = $dkim_strength * 10;
-		exec('openssl rand -out ../../temp/random-data.bin '.$rnd_val.' 2> /dev/null', $output, $result);
-		exec('openssl genrsa -rand ../../temp/random-data.bin '.$dkim_strength.' 2> /dev/null', $privkey, $result);
-		unlink('../../temp/random-data.bin');
-		foreach($privkey as $values) $private_key=$private_key.$values."\n";
-		//* check the selector for updated dkim-settings only
-		if ( isset($_POST['dkim_public']) && !empty($_POST['dkim_public']) ) $selector = new_selector($_POST['dkim_selector'], $_POST['domain']); 
-	break;
-
-	case 'show': /* show the DNS-Record onLoad */
-		$private_key=$_POST['dkim_private'];
-	break;
+$sql = "SELECT server_id from mail_domain WHERE domain = ?";
+$mail_server = $app->db->queryOneRecord($sql, $_POST['domain']);
+if ( is_array($mail_server) ) { //* we are adding an existing mail-domain
+	$mail_server_id = $app->functions->intval( $mail_server['server_id'] );
+} else {
+	$sql = "SELECT default_mailserver FROM client WHERE client_id = ?";
+	$mail_server = $app->db->queryOneRecord($sql, $client_id);
+	$mail_server_id = $app->functions->intval( $mail_server['default_mailserver'] );
 }
+unset($mail_server);
+$mail_config = $app->getconf->get_server_config($mail_server_id, 'mail');
+$dkim_strength = $app->functions->intval($mail_config['dkim_strength']);
+unset($mail_config);
+
+if ( empty($dkim_strength) ) $dkim_strength = 2048;
+
+$rnd_val = $dkim_strength * 10;
+exec('openssl rand -out ../../temp/random-data.bin '.$rnd_val.' 2> /dev/null', $output, $result);
+exec('openssl genrsa -rand ../../temp/random-data.bin '.$dkim_strength.' 2> /dev/null', $privkey, $result);
+unlink("../../temp/random-data.bin");
+foreach($privkey as $values) $private_key=$private_key.$values."\n";
+//* check the selector for updated dkim-settings only
+if ( isset($_POST['dkim_public']) && !empty($_POST['dkim_public']) ) $selector = new_selector($_POST['dkim_selector'], $_POST['domain'], $client_id); 
+
+if ( !isset($public_key) ) $public_key=get_public_key($private_key, $dkim_strength);
 
-$public_key=get_public_key($private_key, $dkim_strength);
 $dns_record=str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$public_key);
 
 if ( !isset($selector) ) {