2044: Vault/rspamd: don't return any key for relayed domains r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR 

Don't return any key for relayed domains. We may want to revisit this (ARC signing)... but in the meantime it saves from a scary message in rspamd.
    
```signing failure: cannot request data from the vault url: /internal/rspamd/vault/v1/dkim/ ...```


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
master
bors[bot] 3 years ago committed by GitHub
commit 56cbc56df7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -14,17 +14,14 @@ def vault_error(*messages, status=404):
@internal.route("/rspamd/vault/v1/dkim/<domain_name>", methods=['GET'])
def rspamd_dkim_key(domain_name):
domain = models.Domain.query.get(domain_name) or flask.abort(vault_error('unknown domain'))
key = domain.dkim_key or flask.abort(vault_error('no dkim key', status=400))
return flask.jsonify({
'data': {
'selectors': [
selectors = []
if domain := models.Domain.query.get(domain_name):
if key := domain.dkim_key:
selectors.append(
{
'domain' : domain.name,
'key' : key.decode('utf8'),
'selector': flask.current_app.config.get('DKIM_SELECTOR', 'dkim'),
}
]
}
})
)
return flask.jsonify({'data': {'selectors': selectors}})

@ -38,7 +38,7 @@ def login():
flask.session.regenerate()
flask_login.login_user(user)
response = flask.redirect(destination)
response.set_cookie('rate_limit', utils.limiter.device_cookie(username), max_age=31536000, path=flask.url_for('sso.login'))
response.set_cookie('rate_limit', utils.limiter.device_cookie(username), max_age=31536000, path=flask.url_for('sso.login'), secure=app.config['SESSION_COOKIE_SECURE'], httponly=True)
flask.current_app.logger.info(f'Login succeeded for {username} from {client_ip}.')
return response
else:

Loading…
Cancel
Save