-
Notifications
You must be signed in to change notification settings - Fork 2
/
DKIMtimer.php
executable file
·72 lines (63 loc) · 3.25 KB
/
DKIMtimer.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/usr/bin/php
<?php
/** DKIM Timer to renew the keys for existing domains **/
/* Return 0 if no errors occur */
require_once(__DIR__.'/function.php');
$ldap = parse_ini_file(__DIR__."/ldap.conf", true);
$ldapconf=$ldap['server'];
$system = parse_ini_file(__DIR__.'/system.conf', true);
$dkim = parse_ini_file(__DIR__.'/dkim.conf',true);
$ns = parse_ini_file(__DIR__.'/ns.conf',true);
if (! isset($ldapconf['port']) ) $ldapconf['port'] = 389;
openlog('DKIMAutoUpdater', LOG_PID, $system['syslog']['fac']);
/* Wait for a while into time slot */
$seconds = rand ( 300, 3600 );
syslog(LOG_INFO, sprintf('%s: Info: waiting for %d minutes',$username, round($seconds/60, 1)) );
sleep ( $seconds );
if ( array_count_values($dkim['delay driver'])[TRUE] == 1 )
$delay_drv = array_search(TRUE, $dkim['delay driver']);
else exit ( 'Error choosing delay driver. You must set one engine.' );
$ldapconn = conn_ldap($ldapconf['host'], $ldapconf['port'],$ldapconf['user'],$ldapconf['pwd']);
if (!$ldapconn) {
$err = 'Program terminated to prevent damage on your DKIM setup.';
syslog(LOG_ERR, $username.': Error: '.$err);
exit($err);
}
foreach ($dkim['selector']['class'] as $selclass) {
syslog(LOG_INFO, username().": Info: Starting renewal process for <$selclass> domains...");
syslog(LOG_INFO, username().": Info: Starting Domains Discover for <$selclass>...");
$domains = listdom($ldapconn,$ldapconf['baseDN'], $selclass);
syslog(LOG_INFO, $username.': Info: Domains Discover found '.count($domains)." domains for <$selclass>.");
$return = 0;
foreach ($domains as $dom)
switch ( $ret = renewkeys($ldapconn,$ldapconf['baseDN'],$ldap['delaydel']['delayDN'], $dom,
$sel = buildSel ($dkim, $selclass, $dom),
$selclass,$dkim['genkey']['opt'],$ns['nsupdate'], $delay_drv,
$system['path']['genkey'], $err) )
{
case -1:
syslog(LOG_ALERT, "$username: Alert: The keys for <$dom> in <$selclass> doesn't have been renewed for error during keys generation!");
$return = $ret;
break;
case -2:
syslog(LOG_ALERT, "$username: Alert: The keys for <$dom> in <$selclass> doesn't have been renewed for error during DNS MOD on pubKey!");
$return = $ret;
break;
case -3:
syslog(LOG_EMERG, "$username: Emerg: The keys for <$dom> in <$selclass> doesn't have been renewed for error during LDAP MOD on privKey. To make consistent your setup manually delete the <$sel._domainkey.$dom> pubKey record added just now!");
$return = $ret;
break;
case -4:
syslog(LOG_ALERT, "$username: Alert: The keys for <$dom> in <$selclass> have been renewed, but can't delayed delete the current DNS record!");
$return = $ret;
break;
case 0:
syslog(LOG_INFO, "$username: Info: LDAP DKIM keys for <$dom> in <$selclass> renewed successfully.");
}
syslog(LOG_INFO, $username.": Info: renewal process for <$selclass> domains terminated.");
}
syslog(LOG_INFO, "$username: Info: Keys renewal process terminated.");
ldap_unbind($ldapconn);
closelog();
exit ( $return );
?>