diff options
| author | Gilles Chehade <gilles@cvs.openbsd.org> | 2010-10-29 09:16:09 +0000 |
|---|---|---|
| committer | Gilles Chehade <gilles@cvs.openbsd.org> | 2010-10-29 09:16:09 +0000 |
| commit | 7e76f02782ab7976338844f864eef0659b6e5393 (patch) | |
| tree | bc9ef868b80c0064dce46f04de870680dc036365 /usr.sbin/smtpd/parse.y | |
| parent | 3bbbe5b8ce319e42892d378b832ec4eb444528c1 (diff) | |
smtpd no longer knows a map called "secrets" which holds credentials for
authenticated relaying. one can create many maps holding credentials and
name them however he/she wants, just like any other map.
teach smtpd how to select a credentials map at the rule-level allowing a
setup to relay through the same MX with different credentials depending
on the source.
smtpd.conf.5 updated to reflect changes with help from jmc@
Diffstat (limited to 'usr.sbin/smtpd/parse.y')
| -rw-r--r-- | usr.sbin/smtpd/parse.y | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y index eebf471f02a..38ce43c1716 100644 --- a/usr.sbin/smtpd/parse.y +++ b/usr.sbin/smtpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.69 2010/10/28 21:15:50 gilles Exp $ */ +/* $OpenBSD: parse.y,v 1.70 2010/10/29 09:16:08 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -126,7 +126,7 @@ typedef struct { %token <v.string> STRING %token <v.number> NUMBER %type <v.map> map -%type <v.number> quantifier decision port from auth ssl size expire +%type <v.number> quantifier decision port from auth ssl size expire credentials %type <v.cond> condition %type <v.tv> interval %type <v.object> mapref @@ -280,6 +280,20 @@ expire : EXPIRE STRING { | /* empty */ { $$ = conf->sc_qexpire; } ; +credentials : AUTH STRING { + struct map *m; + + if ((m = map_findbyname(conf, $2)) == NULL) { + yyerror("no such map: %s", $2); + free($2); + YYERROR; + } + free($2); + $$ = m->m_id; + } + | /* empty */ { $$ = 0; } + ; + main : QUEUE INTERVAL interval { conf->sc_qintval = $3; } @@ -871,7 +885,7 @@ action : DELIVER TO MAILDIR user { | RELAY { rule->r_action = A_RELAY; } - | RELAY VIA STRING port ssl certname auth { + | RELAY VIA STRING port ssl certname credentials { rule->r_action = A_RELAYVIA; if ($5 == 0 && ($6 != NULL || $7)) { @@ -889,8 +903,10 @@ action : DELIVER TO MAILDIR user { rule->r_value.relayhost.port = $4; rule->r_value.relayhost.flags |= $5; - if ($7) + if ($7) { rule->r_value.relayhost.flags |= F_AUTH; + rule->r_value.relayhost.secmapid = $7; + } if ($6 != NULL) { if (ssl_load_certfile(conf, $6, F_CCERT) < 0) { |