Forgive the lack of bug report. In a rush.
This should have a umask set in the script to prevent a race condition
from accessing the private key.
-------- Original Message --------
Subject: [SCM] opendkim branch, develop, updated.
9c9f6aa9e5f6f39334f9e2a8126787c798504738
Date: Sat, 23 Feb 2013 06:32:11 +0000
From: Murray S. Kucherawy <cm-msk_at_users.sourceforge.net>
To: opendkim-cvs_at_lists.opendkim.org
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "opendkim".
The branch, develop has been updated
via 9c9f6aa9e5f6f39334f9e2a8126787c798504738 (commit)
via 1512d5ce355ff8be726e34d208cce6e3b0d0daa2 (commit)
via c331c5d15b49a01bee1f9def414d44c3bce25f57 (commit)
via 507cc88dd85c9931e61a2ad7a2fcf129c492b2cf (commit)
from 6e935508ca3ab7f8ce224e2b9e12a2e7867f2635 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9c9f6aa9e5f6f39334f9e2a8126787c798504738
Author: Murray S. Kucherawy <msk_at_trusteddomain.org>
Date: Fri Feb 22 22:32:03 2013 -0800
Document previous
diff --git a/RELEASE_NOTES b/RELEASE_NOTES
index e4582f6..2e10619 100644
--- a/RELEASE_NOTES
+++ b/RELEASE_NOTES
_at_@ -67,6 +67,8 @@ release, and a summary of the changes in that release.
CONTRIB: Fix bug #SF3575666: Pass pid file path to killproc.
Suggested by Christophe Wolfhugel.
CONTRIB: Add systemd directory. Contributed by Steve Jenkins.
+ CONTRIB: Split out initial key generation function from
+ contrib/init/redhat/opendkim. Contributed by Steve Jenkins.
MILTERTEST: Don't crash in mt_connect() if the socketspec doesn't
contain a colon.
MILTERTEST: When connect() fails for an AF_INET socket, it apparently
commit 1512d5ce355ff8be726e34d208cce6e3b0d0daa2
Author: Murray S. Kucherawy <msk_at_trusteddomain.org>
Date: Fri Feb 22 22:31:26 2013 -0800
Add contrib/init/redhat/opendkim-default-keygen.in
diff --git a/configure.ac b/configure.ac
index 12d7ebe..ff018de 100644
--- a/configure.ac
+++ b/configure.ac
_at_@ -2568,6 +2568,7 @@ AC_OUTPUT([ Makefile
contrib/init/generic/Makefile
contrib/init/redhat/Makefile
contrib/init/redhat/opendkim
+ contrib/init/redhat/opendkim-default-keygen
contrib/init/solaris/Makefile
contrib/ldap/Makefile
contrib/lua/Makefile
diff --git a/contrib/init/redhat/.gitignore b/contrib/init/redhat/.gitignore
index 060dd50..13b2502 100644
--- a/contrib/init/redhat/.gitignore
+++ b/contrib/init/redhat/.gitignore
_at_@ -1 +1,2 @@
opendkim
+opendkim-default-keygen
diff --git a/contrib/init/redhat/Makefile.am b/contrib/init/redhat/Makefile.am
index 4bb230a..f29c78c 100644
--- a/contrib/init/redhat/Makefile.am
+++ b/contrib/init/redhat/Makefile.am
_at_@ -1,6 +1,4 @@
-# Copyright (c) 2010, 2011, The Trusted Domain Project. All rights reserved.
-#
+# Copyright (c) 2010, 2011, 2013, The Trusted Domain Project.
+# All rights reserved.
-#AUTOMAKE_OPTIONS = foreign
-
-dist_doc_DATA = opendkim
+dist_doc_DATA = opendkim opendkim-default-keygen
diff --git a/contrib/init/redhat/opendkim-default-keygen.in b/contrib/init/redhat/opendkim-default-keygen.in
new file mode 100644
index 0000000..c09c4eb
--- /dev/null
+++ b/contrib/init/redhat/opendkim-default-keygen.in
_at_@ -0,0 +1,44 @@
+#!/bin/bash
+
+# Create the default keys for the OpenDKIM Milter.
+#
+# The creation is controlled by the $AUTOCREATE_DKIM_KEYS environment
+# variable.
+
+# source function library
+. /etc/rc.d/init.d/functions
+
+# Some functions to make the below more readable
+prog=opendkim
+KEYGEN=_at_sbindir@/$prog-genkey
+DKIM_SELECTOR=default
+DKIM_KEYDIR=_at_sysconfdir@/$prog/keys
+
+# Pull in sysconfig settings (will override previously set functions)
+[ -f _at_sysconfdir@/sysconfig/$prog ] && . @sysconfdir@/sysconfig/$prog
+
+do_dkim_keygen() {
+ if [ ! -s $DKIM_KEYDIR/$DKIM_SELECTOR.private ]; then
+ echo -n $"Generating default DKIM keys: "
+ if [ "x`hostname --domain`" = "x" ]; then
+ echo_warning
+ echo
+ echo $"Cannot determine host's domain name, so skipping default key generation."
+ else
+ mkdir -p $DKIM_KEYDIR
+ $KEYGEN -D $DKIM_KEYDIR -s $DKIM_SELECTOR -d `hostname --domain`
+ chown root:$prog $DKIM_KEYDIR
+ chown $prog:$prog $DKIM_KEYDIR/$DKIM_SELECTOR.{private,txt}
+ chmod 600 $DKIM_KEYDIR/$DKIM_SELECTOR.private
+ chmod 644 $DKIM_KEYDIR/$DKIM_SELECTOR.txt
+ echo_success
+ echo
+ echo Default DKIM keys for `hostname --domain` created in $DKIM_KEYDIR.
+ fi
+ fi
+}
+
+# Create keys if necessary
+if [ "x${AUTOCREATE_DKIM_KEYS}" != xNO ]; then
+ do_dkim_keygen
+fi
commit c331c5d15b49a01bee1f9def414d44c3bce25f57
Author: Murray S. Kucherawy <msk_at_trusteddomain.org>
Date: Fri Feb 22 22:31:14 2013 -0800
Ignore generated file
diff --git a/contrib/systemd/.gitignore b/contrib/systemd/.gitignore
new file mode 100644
index 0000000..ac944cd
--- /dev/null
+++ b/contrib/systemd/.gitignore
_at_@ -0,0 +1 @@
+opendkim.service
commit 507cc88dd85c9931e61a2ad7a2fcf129c492b2cf
Author: Murray S. Kucherawy <msk_at_trusteddomain.org>
Date: Fri Feb 22 22:30:42 2013 -0800
Fixup
diff --git a/contrib/systemd/Makefile.am b/contrib/systemd/Makefile.am
index fe44255..2ffc88c 100644
--- a/contrib/systemd/Makefile.am
+++ b/contrib/systemd/Makefile.am
_at_@ -1,5 +1,3 @@
# Copyright (c) 2013, The Trusted Domain Project. All rights reserved.
-dist_doc_DATA = opendkim.service.in
-
-EXTRA_DIST = opendkim.service
+dist_doc_DATA = opendkim.service
-----------------------------------------------------------------------
Summary of changes:
RELEASE_NOTES | 2 +
configure.ac | 1 +
contrib/init/redhat/.gitignore | 1 +
contrib/init/redhat/Makefile.am | 8 ++---
contrib/init/redhat/opendkim-default-keygen.in | 44 ++++++++++++++++++++++++
contrib/systemd/.gitignore | 1 +
contrib/systemd/Makefile.am | 4 +--
7 files changed, 53 insertions(+), 8 deletions(-)
create mode 100644 contrib/init/redhat/opendkim-default-keygen.in
create mode 100644 contrib/systemd/.gitignore
hooks/post-receive
--
opendkim
Received on Sat Feb 23 2013 - 08:42:50 PST