add dkim-keys to the resync-tool

display dns-record for dkim in the mail-domain
rewrite function domain_dkim_update in server/plugins-available/mail_plugin_dkim.inc.php
change dns*.php according to commit 604c0c2

Author: Florian Schaal

interface/web/dns/dns_dkim_edit.php

@@ -57,7 +57,7 @@ function onShowNew() {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another record.
@@ -82,7 +82,7 @@ function onSubmit() {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 			// Check if the user may add another record.
 			if($this->id == 0 && $client["limit_dns_record"] >= 0) {

interface/web/dns/dns_wizard.php

@@ -102,14 +102,14 @@
 if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 
 	// Get the limits of the client
-	$client_group_id = $_SESSION["s"]["user"]["default_group"];
+	$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 	$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 
 	// load the list of clients
-	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id'];
+	sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$app->functions->intval($client['client_id']);
 	$clients = $app->db->queryAllRecords($sql);
-	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']);
+	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client['client_id']));
 	$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
 	if(is_array($clients)) {
 		foreach( $clients as $client) {
@@ -122,8 +122,8 @@
 }
 
 if($_SESSION["s"]["user"]["typ"] != 'admin')
-{
-	$client_group_id = $_SESSION["s"]["user"]["default_group"];
+
+	$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);{
 	$client_dns = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 	$client_dns['dns_servers_ids'] = explode(',', $client_dns['dns_servers']);
@@ -149,7 +149,7 @@
 
 }
 
-$template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = '$template_id'");
+$template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = '".$app->functions->intval($template_id)."'");
 $fields = explode(',', $template_record['fields']);
 if(is_array($fields)) {
 	foreach($fields as $field) {
@@ -165,7 +165,7 @@
 
 	if ($post_server_id)
 	{
-		$client_group_id = $_SESSION["s"]["user"]["default_group"];
+		$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 		$client = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 		$client['dns_servers_ids'] = explode(',', $client['dns_servers']);

interface/web/js/mail_domain_dkim.js

@@ -60,6 +60,7 @@ This Javascript is invoked by
                                 else {
                                         document.getElementsByName('dkim_private')[0].value = request.responseXML.getElementsByTagName('privatekey')[0].firstChild.nodeValue;
                                         document.getElementsByName('dkim_public')[0].value = request.responseXML.getElementsByTagName('publickey')[0].firstChild.nodeValue;
+					document.getElementsByName('dns_record')[0].value = request.responseXML.getElementsByTagName('dns_record')[0].firstChild.nodeValue;
                                 }
                                 break;
                         default:

interface/web/mail/mail_domain_dkim_create.php

@@ -27,11 +27,13 @@
  OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
  EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
 
- This script is invoked by interface/js/mail_domain_dkim.js
- to generate or show the DKIM Private-key and to show the Private-key.
- returns DKIM Private-Key and DKIM Public-Key
- */
+/**
+* This script is invoked by interface/js/mail_domain_dkim.js
+* to generate or show the DKIM Private-key and to show the Private-key.
+* returns DKIM Private-Key and DKIM Public-Key
+*/
 
 
 require_once '../../lib/config.inc.php';
@@ -46,7 +48,6 @@
 header('Content-Type: text/xml; charset=utf-8');
 header('Cache-Control: must-revalidate, pre-check=0, no-store, no-cache, max-age=0, post-check=0');
 
-
 /**
  * This function fix PHP's messing up POST input containing characters space, dot,
  * open square bracket and others to be compatible with with the deprecated register_globals
@@ -64,7 +65,6 @@ function getRealPOST() {
 	return $vars;
 }
 
-
 /**
  * This function formats the public-key
  * @param array $pubkey
@@ -76,32 +76,39 @@ function pub_key($pubkey) {
 	return $public_key;
 }
 
+function get_public_key($private_key) {
+	require_once('../../lib/classes/validate_dkim.inc.php');
+	$validate_dkim=new validate_dkim ();
+	if($validate_dkim->validate_post('private',$private_key)) { /* validate the $_POST-value */
+		exec('echo '.escapeshellarg($private_key).'|openssl rsa -pubout -outform PEM',$pubkey,$result);
+		$public_key=pub_key($pubkey);
+	} else {
+		$public_key='invalid key';
+	}
+	return $public_key;
+}
+
 $_POST=getRealPOST();
 
 switch ($_POST['action']) {
-case 'create': /* create DKIM Private-key */
-	exec('openssl rand -out /usr/local/ispconfig/server/temp/random-data.bin 4096', $output, $result);
-	exec('openssl genrsa -rand /usr/local/ispconfig/server/temp/random-data.bin 1024', $privkey, $result);
-	unlink("/usr/local/ispconfig/server/temp/random-data.bin");
-	$private_key='';
-	foreach($privkey as $values) $private_key=$private_key.$values."\n";
-	if($validate_dkim->validate_post('private', $private_key)) { /* validate the $_POST-value */
-		exec('echo '.escapeshellarg($private_key).'|openssl rsa -pubout -outform PEM', $pubkey, $result);
-		$public_key=pub_key($pubkey);
-	} else { $public_key='invalid key'; }
+	case 'create': /* create DKIM Private-key */
+		exec('openssl rand -out /usr/local/ispconfig/server/temp/random-data.bin 4096', $output, $result);
+		exec('openssl genrsa -rand /usr/local/ispconfig/server/temp/random-data.bin 1024', $privkey, $result);
+		unlink("/usr/local/ispconfig/server/temp/random-data.bin");
+		$private_key='';
 	break;
-case 'show': /* show the DNS-Record onLoad */
-	$private_key=$_POST['pkey'];
-	if($validate_dkim->validate_post('private', $private_key)) { /* validate the $_POST-value */
-		/* get the public-key */
-		exec('echo '.escapeshellarg($private_key).'|openssl rsa -pubout -outform PEM', $pubkey, $result);
-		$public_key=pub_key($pubkey);
-	} else { $public_key='invalid key'; }
+
+	case 'show': /* show the DNS-Record onLoad */
+		$private_key=$_POST['pkey'];
 	break;
 }
+
+$public_key=get_public_key($private_key);
+$dns_record=str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$public_key);
 echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
 echo "<formatname>\n";
 echo "<privatekey>".$private_key."</privatekey>\n";
 echo "<publickey>".$public_key."</publickey>\n";
+echo "<dns_record>v=DKIM1; t=s; p=".$dns_record."</dns_record>\n";
 echo "</formatname>\n";
 ?>

interface/web/mail/templates/mail_domain_edit.htm

@@ -93,10 +93,10 @@ <h2><tmpl_var name="list_head_txt"></h2>
               </div>
 		<div class="ctrlHolder">
                 <textarea name="dkim_public" style="display:none;" id="dkim_public" rows='5' cols='30' readonly>{tmpl_var name='dkim_public'}</textarea>
-<!--
-                <label for="dkim_public">{tmpl_var name='dkim_dns_txt'}</label>
-                <textarea name="dkim_public" id="dkim_public" rows='5' cols='30' readonly>{tmpl_var name='dkim_public'}</textarea>
--->
+              </div>
+              <div class="ctrlHolder">
+                <label for="dns_record">{tmpl_var name='dkim_dns_txt'}</label>
+                <textarea name="dns_record" id="dns_record" rows='10' cols='30' readonly>{tmpl_var name='dns_record'}</textarea>
               </div>
 
             </div>

interface/web/tools/lib/lang/de_resync.lng

@@ -7,6 +7,7 @@ $wb['resync_shell_txt'] = 'Shell Benutzer';
 $wb['resync_cron_txt'] = 'Cronjobs';
 $wb['resync_db_txt'] = 'Datenbanken';
 $wb['resync_mailbox_txt'] = 'E-Mail Konten';
+$wb['resync_dkim_txt'] = 'DKIM-Keys';
 $wb['resync_dns_txt'] = 'DNS Einträge';
 $wb['btn_start_txt'] = 'Start';
 $wb['btn_cancel_txt'] = 'Zurück';

interface/web/tools/lib/lang/en_resync.lng

@@ -7,7 +7,8 @@ $wb['resync_shell_txt'] = 'Resync shell users';
 $wb['resync_cron_txt'] = 'Resync cronjobs';
 $wb['resync_db_txt'] = 'Resync clientdb config';
 $wb['resync_mailbox_txt'] = 'Resync Mailboxes';
+$wb['resync_dkim_txt'] = 'Resync DKIM-Keys';
 $wb['resync_dns_txt'] = 'Resync DNS records';
 $wb['btn_start_txt'] = 'Start';
 $wb['btn_cancel_txt'] = 'Cancel';
-?>
+?>

interface/web/tools/resync.php

@@ -146,6 +146,20 @@
 	}
 }
 
+//* Resyncing DKIM-Keys
+if(isset($_POST['resync_dkim']) && $_POST['resync_dkim'] == 1) {
+	$db_table = 'mail_domain';
+	$index_field = 'domain_id';
+	$sql = "SELECT * FROM ".$db_table." WHERE active = 'y' AND dkim = 'y'";
+	$records = $app->db->queryAllRecords($sql);
+	if(is_array($records)) {
+		foreach($records as $rec) {
+			$app->db->datalogUpdate($db_table, $rec, $index_field, $rec[$index_field], true);
+			$msg .= "Resynced DKIM-Key: ".$rec['domain'].'<br />';
+		}
+	}
+}
+
 //* Resyncing dns zones
 if(isset($_POST['resync_dns']) && $_POST['resync_dns'] == 1) {
 	$zones = $app->db->queryAllRecords("SELECT id,origin,serial FROM dns_soa WHERE active = 'Y'");

interface/web/tools/templates/resync.htm

@@ -41,6 +41,12 @@ <h2><tmpl_var name="head_txt"></h2>
                     <input id="resync_mailbox" type="checkbox" value="1" name="resync_mailbox" />
                 </div>
             </div>
+            <div class="ctrlHolder">
+                <p class="label">{tmpl_var name="resync_dkim_txt"}</p>
+                <div class="multiField">
+                    <input id="resync_dkim" type="checkbox" value="1" name="resync_dkim" />
+                </div>
+            </div>
             <div class="ctrlHolder">
                 <p class="label">{tmpl_var name="resync_dns_txt"}</p>
                 <div class="multiField">