- if (dkim_private_key[0] == '/') {
- int privkey_fd = 0;
- /* Looks like a filename, load the private key. */
- memset(big_buffer,0,big_buffer_size);
- privkey_fd = open(CS dkim_private_key,O_RDONLY);
- if (privkey_fd < 0) {
- log_write(0, LOG_MAIN|LOG_PANIC, "unable to open "
- "private key file for reading: %s", dkim_private_key);
+ /* Get private key to use. */
+ dkim_private_key_expanded = expand_string(dkim_private_key);
+ if (dkim_private_key_expanded == NULL) {
+ log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand "
+ "dkim_private_key: %s", expand_string_message);
+ rc = NULL;
+ goto CLEANUP;
+ }
+ if ( (Ustrlen(dkim_private_key_expanded) == 0) ||
+ (Ustrcmp(dkim_private_key_expanded,"0") == 0) ||
+ (Ustrcmp(dkim_private_key_expanded,"false") == 0) ) {
+ /* don't sign, but no error */
+ continue;
+ }
+
+ if (dkim_private_key_expanded[0] == '/') {
+ int privkey_fd = 0;
+ /* Looks like a filename, load the private key. */
+ memset(big_buffer,0,big_buffer_size);
+ privkey_fd = open(CS dkim_private_key_expanded,O_RDONLY);
+ if (privkey_fd < 0) {
+ log_write(0, LOG_MAIN|LOG_PANIC, "unable to open "
+ "private key file for reading: %s", dkim_private_key_expanded);
+ rc = NULL;
+ goto CLEANUP;
+ }
+ if (read(privkey_fd,big_buffer,(big_buffer_size-2)) < 0) {
+ log_write(0, LOG_MAIN|LOG_PANIC, "unable to read private key file: %s",
+ dkim_private_key_expanded);
+ rc = NULL;
+ goto CLEANUP;
+ }
+ (void)close(privkey_fd);
+ dkim_private_key_expanded = big_buffer;
+ }
+
+ ctx = pdkim_init_sign(PDKIM_INPUT_SMTP,
+ (char *)dkim_signing_domain,
+ (char *)dkim_signing_selector,
+ (char *)dkim_private_key_expanded
+ );
+
+ pdkim_set_debug_stream(ctx,debug_file);
+
+ pdkim_set_optional(ctx,
+ (char *)dkim_sign_headers_expanded,
+ NULL,
+ pdkim_canon,
+ pdkim_canon,
+ -1,
+ PDKIM_ALGO_RSA_SHA256,
+ 0,
+ 0);
+
+ lseek(dkim_fd, 0, SEEK_SET);
+ while((sread = read(dkim_fd,&buf,4096)) > 0) {
+ if (pdkim_feed(ctx,buf,sread) != PDKIM_OK) {
+ rc = NULL;
+ goto CLEANUP;
+ }
+ }
+ /* Handle failed read above. */
+ if (sread == -1) {
+ debug_printf("DKIM: Error reading -K file.\n");
+ save_errno = errno;