mailauth 4.6.9 → 4.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/README.md +46 -0
- package/lib/dkim/sign.js +65 -1
- package/lib/gatherer-stream.js +2 -2
- package/man/mailauth.1 +1 -1
- package/package.json +5 -5
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,12 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [4.7.0](https://github.com/postalsys/mailauth/compare/v4.6.9...v4.7.0) (2024-10-02)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Features
|
|
7
|
+
|
|
8
|
+
* **dkim-sign:** Added new Transfor stream class DkimSignStream to sign emails in a stream processing pipeline ([130a1a3](https://github.com/postalsys/mailauth/commit/130a1a3812fac2ad710f244510ca60887c2d33a9))
|
|
9
|
+
|
|
3
10
|
## [4.6.9](https://github.com/postalsys/mailauth/compare/v4.6.8...v4.6.9) (2024-08-22)
|
|
4
11
|
|
|
5
12
|
|
package/README.md
CHANGED
|
@@ -157,6 +157,52 @@ DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=tahvel.info;
|
|
|
157
157
|
From: ...
|
|
158
158
|
```
|
|
159
159
|
|
|
160
|
+
### Signing as a PassThrough Stream
|
|
161
|
+
|
|
162
|
+
Use `DkimSignStream` stream if you want to use DKIM signing as part of a stream processing pipeline.
|
|
163
|
+
|
|
164
|
+
```js
|
|
165
|
+
const { DkimSignStream } = require('mailauth/lib/dkim/sign');
|
|
166
|
+
|
|
167
|
+
const dkimSignStream = new DkimSignStream({
|
|
168
|
+
// Optional, default canonicalization, default is "relaxed/relaxed"
|
|
169
|
+
canonicalization: 'relaxed/relaxed', // c=
|
|
170
|
+
|
|
171
|
+
// Optional, default signing and hashing algorithm
|
|
172
|
+
// Mostly useful when you want to use rsa-sha1, otherwise no need to set
|
|
173
|
+
algorithm: 'rsa-sha256',
|
|
174
|
+
|
|
175
|
+
// Optional, default is current time
|
|
176
|
+
signTime: new Date(), // t=
|
|
177
|
+
|
|
178
|
+
// Keys for one or more signatures
|
|
179
|
+
// Different signatures can use different algorithms (mostly useful when
|
|
180
|
+
// you want to sign a message both with RSA and Ed25519)
|
|
181
|
+
signatureData: [
|
|
182
|
+
{
|
|
183
|
+
signingDomain: 'tahvel.info', // d=
|
|
184
|
+
selector: 'test.rsa', // s=
|
|
185
|
+
// supported key types: RSA, Ed25519
|
|
186
|
+
privateKey: fs.readFileSync('./test/fixtures/private-rsa.pem'),
|
|
187
|
+
|
|
188
|
+
// Optional algorithm, default is derived from the key.
|
|
189
|
+
// Overrides whatever was set in parent object
|
|
190
|
+
algorithm: 'rsa-sha256',
|
|
191
|
+
|
|
192
|
+
// Optional signature specifc canonicalization, overrides whatever was set in parent object
|
|
193
|
+
canonicalization: 'relaxed/relaxed' // c=
|
|
194
|
+
|
|
195
|
+
// Maximum number of canonicalized body bytes to sign (eg. the "l=" tag).
|
|
196
|
+
// Do not use though. This is available only for compatibility testing.
|
|
197
|
+
// maxBodyLength: 12345
|
|
198
|
+
}
|
|
199
|
+
]
|
|
200
|
+
});
|
|
201
|
+
|
|
202
|
+
// Writes a signed message to the output
|
|
203
|
+
process.stdin.pipe(dkimSignStream).pipe(process.stdout);
|
|
204
|
+
```
|
|
205
|
+
|
|
160
206
|
### Verifying
|
|
161
207
|
|
|
162
208
|
```js
|
package/lib/dkim/sign.js
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
const { writeToStream } = require('../../lib/tools');
|
|
4
4
|
const { DkimSigner } = require('./dkim-signer');
|
|
5
|
+
const { Transform } = require('node:stream');
|
|
5
6
|
|
|
6
7
|
const dkimSign = async (input, options) => {
|
|
7
8
|
let dkimSigner = new DkimSigner(options);
|
|
@@ -10,4 +11,67 @@ const dkimSign = async (input, options) => {
|
|
|
10
11
|
return { signatures: dkimSigner.signatureHeaders.join('\r\n') + '\r\n', arc: dkimSigner.arc, errors: dkimSigner.errors };
|
|
11
12
|
};
|
|
12
13
|
|
|
13
|
-
|
|
14
|
+
class DkimSignStream extends Transform {
|
|
15
|
+
constructor(options) {
|
|
16
|
+
super(options);
|
|
17
|
+
this.signer = new DkimSigner(options);
|
|
18
|
+
|
|
19
|
+
this.chunks = [];
|
|
20
|
+
this.chunklen = 0;
|
|
21
|
+
|
|
22
|
+
this.errors = null;
|
|
23
|
+
|
|
24
|
+
this.finished = false;
|
|
25
|
+
this.finishCb = null;
|
|
26
|
+
this.signer.on('end', () => this.finishStream());
|
|
27
|
+
this.signer.on('finish', () => this.finishStream());
|
|
28
|
+
this.signer.on('error', err => {
|
|
29
|
+
this.finished = true;
|
|
30
|
+
this.destroy(err);
|
|
31
|
+
});
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
finishStream() {
|
|
35
|
+
if (this.finished || !this.finishCb) {
|
|
36
|
+
return;
|
|
37
|
+
}
|
|
38
|
+
this.finished = true;
|
|
39
|
+
let done = this.finishCb;
|
|
40
|
+
this.finishCb = null;
|
|
41
|
+
|
|
42
|
+
this.errors = this.signer.errors;
|
|
43
|
+
|
|
44
|
+
this.push(Buffer.from(this.signer.signatureHeaders.join('\r\n') + '\r\n'));
|
|
45
|
+
this.push(Buffer.concat(this.chunks, this.chunklen));
|
|
46
|
+
done();
|
|
47
|
+
}
|
|
48
|
+
|
|
49
|
+
_transform(chunk, encoding, done) {
|
|
50
|
+
if (!chunk || !chunk.length || this.finished) {
|
|
51
|
+
return done();
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
if (typeof chunk === 'string') {
|
|
55
|
+
chunk = Buffer.from(chunk, encoding);
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
this.chunks.push(chunk);
|
|
59
|
+
this.chunklen += chunk.length;
|
|
60
|
+
|
|
61
|
+
if (this.signer.write(chunk) === false) {
|
|
62
|
+
// wait for drain
|
|
63
|
+
return this.signer.once('drain', done);
|
|
64
|
+
}
|
|
65
|
+
done();
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
_flush(done) {
|
|
69
|
+
if (this.finished) {
|
|
70
|
+
return done();
|
|
71
|
+
}
|
|
72
|
+
this.finishCb = done;
|
|
73
|
+
this.signer.end();
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
|
|
77
|
+
module.exports = { dkimSign, DkimSignStream };
|
package/lib/gatherer-stream.js
CHANGED
|
@@ -41,9 +41,9 @@ class GathererStream extends Transform {
|
|
|
41
41
|
return stream;
|
|
42
42
|
}
|
|
43
43
|
|
|
44
|
-
_transform(chunk,
|
|
44
|
+
_transform(chunk, encoding, done) {
|
|
45
45
|
if (typeof chunk === 'string') {
|
|
46
|
-
chunk = Buffer.from(chunk,
|
|
46
|
+
chunk = Buffer.from(chunk, encoding);
|
|
47
47
|
}
|
|
48
48
|
|
|
49
49
|
if (!chunk || !chunk.length) {
|
package/man/mailauth.1
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mailauth",
|
|
3
|
-
"version": "4.
|
|
3
|
+
"version": "4.7.0",
|
|
4
4
|
"description": "Email authentication library for Node.js",
|
|
5
5
|
"main": "lib/mailauth.js",
|
|
6
6
|
"scripts": {
|
|
@@ -38,7 +38,7 @@
|
|
|
38
38
|
"eslint-config-nodemailer": "1.2.0",
|
|
39
39
|
"eslint-config-prettier": "9.1.0",
|
|
40
40
|
"js-yaml": "4.1.0",
|
|
41
|
-
"license-report": "6.
|
|
41
|
+
"license-report": "6.7.0",
|
|
42
42
|
"marked": "0.7.0",
|
|
43
43
|
"marked-man": "0.7.0",
|
|
44
44
|
"mbox-reader": "1.2.0",
|
|
@@ -46,13 +46,13 @@
|
|
|
46
46
|
},
|
|
47
47
|
"dependencies": {
|
|
48
48
|
"@postalsys/vmc": "1.0.8",
|
|
49
|
-
"fast-xml-parser": "4.
|
|
49
|
+
"fast-xml-parser": "4.5.0",
|
|
50
50
|
"ipaddr.js": "2.2.0",
|
|
51
51
|
"joi": "17.13.3",
|
|
52
52
|
"libmime": "5.3.5",
|
|
53
|
-
"nodemailer": "6.9.
|
|
53
|
+
"nodemailer": "6.9.15",
|
|
54
54
|
"punycode.js": "2.3.1",
|
|
55
|
-
"tldts": "6.1.
|
|
55
|
+
"tldts": "6.1.49",
|
|
56
56
|
"undici": "5.28.4",
|
|
57
57
|
"yargs": "17.7.2"
|
|
58
58
|
},
|