Fix MTA-STS policy id so it does not have invalid characters, fixes #1779
This commit is contained in:
parent
224242dfde
commit
6fd3195275
|
@ -340,11 +340,13 @@ def build_zone(domain, all_domains, additional_records, www_redirect_domains, en
|
||||||
# 'break' was not encountered above, so both domains are good
|
# 'break' was not encountered above, so both domains are good
|
||||||
mta_sts_enabled = True
|
mta_sts_enabled = True
|
||||||
if mta_sts_enabled:
|
if mta_sts_enabled:
|
||||||
# Compute a up-to-32-character hash of the policy file. We'll take a SHA-1 hash of the policy
|
# Compute an up-to-32-character hash of the policy file. We'll take a SHA-1 hash of the policy
|
||||||
# file (20 bytes) and encode it as base-64 (60 bytes) but then just take its first 20 bytes
|
# file (20 bytes) and encode it as base-64 (28 bytes, using alphanumeric alternate characters
|
||||||
# which should be sufficient to change whenever the policy file changes.
|
# instead of '+' and '/' which are not allowed in an MTA-STS policy id) but then just take its
|
||||||
|
# first 20 characters, which is more than sufficient to change whenever the policy file changes
|
||||||
|
# (and ensures any '=' padding at the end of the base64 encoding is dropped).
|
||||||
with open("/var/lib/mailinabox/mta-sts.txt", "rb") as f:
|
with open("/var/lib/mailinabox/mta-sts.txt", "rb") as f:
|
||||||
mta_sts_policy_id = base64.b64encode(hashlib.sha1(f.read()).digest()).decode("ascii")[0:20]
|
mta_sts_policy_id = base64.b64encode(hashlib.sha1(f.read()).digest(), altchars=b"AA").decode("ascii")[0:20]
|
||||||
mta_sts_records.extend([
|
mta_sts_records.extend([
|
||||||
("_mta-sts", "TXT", "v=STSv1; id=" + mta_sts_policy_id, "Optional. Part of the MTA-STS policy for incoming mail. If set, a MTA-STS policy must also be published.")
|
("_mta-sts", "TXT", "v=STSv1; id=" + mta_sts_policy_id, "Optional. Part of the MTA-STS policy for incoming mail. If set, a MTA-STS policy must also be published.")
|
||||||
])
|
])
|
||||||
|
|
Loading…
Reference in New Issue