diff options
author | Gilles Chehade <gilles@cvs.openbsd.org> | 2010-04-21 21:47:40 +0000 |
---|---|---|
committer | Gilles Chehade <gilles@cvs.openbsd.org> | 2010-04-21 21:47:40 +0000 |
commit | f209e1c2b2287d23574cf017ff6687e5d0a1ff4e (patch) | |
tree | 61e5b3dd59b80c893ffba80f5e69fe03708491cc /usr.sbin | |
parent | 6eefdaa84a48152289e968a9f5ea3d8324a4404c (diff) |
introduce first map parser for maps of kind K_SECRETS !
map_parse_secret() converts a map value into a struct map_secret. lka no
longer needs to do any parsing, it simply calls map_lookup() with kind
K_SECRETS, checks if it returned a !NULL value, and call lka_encode_secret
to safely do the base64 encoding.
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/smtpd/lka.c | 29 | ||||
-rw-r--r-- | usr.sbin/smtpd/map.c | 4 | ||||
-rw-r--r-- | usr.sbin/smtpd/map_parser.c | 48 | ||||
-rw-r--r-- | usr.sbin/smtpd/smtpd.h | 9 |
4 files changed, 69 insertions, 21 deletions
diff --git a/usr.sbin/smtpd/lka.c b/usr.sbin/smtpd/lka.c index 0d5376f6125..0dfdbe2990d 100644 --- a/usr.sbin/smtpd/lka.c +++ b/usr.sbin/smtpd/lka.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lka.c,v 1.105 2010/04/21 19:53:15 gilles Exp $ */ +/* $OpenBSD: lka.c,v 1.106 2010/04/21 21:47:38 gilles Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -56,7 +56,7 @@ struct lkasession *lka_session_init(struct smtpd *, struct submit_status *); void lka_request_forwardfile(struct smtpd *, struct lkasession *, char *); void lka_clear_expandtree(struct expandtree *); void lka_clear_deliverylist(struct deliverylist *); -int lka_encode_credentials(char *, size_t, char *); +int lka_encode_credentials(char *, size_t, struct map_secret *); size_t lka_expand(char *, size_t, struct path *); void lka_rcpt_action(struct smtpd *, char *, struct path *); void lka_session_destroy(struct smtpd *, struct lkasession *); @@ -127,25 +127,27 @@ lka_imsg(struct smtpd *env, struct imsgev *iev, struct imsg *imsg) if (iev->proc == PROC_MTA) { switch (imsg->hdr.type) { - case IMSG_LKA_SECRET: + case IMSG_LKA_SECRET: { + struct map_secret *map_secret; secret = imsg->data; map = map_findbyname(env, "secrets"); if (map == NULL) fatalx("lka: secrets map not found"); - tmp = map_lookup(env, map->m_id, secret->host, K_SECRETS); + map_secret = map_lookup(env, map->m_id, secret->host, K_SECRETS); log_debug("lka: %s secret lookup (%d)", secret->host, - tmp != NULL); + map_secret != NULL); secret->secret[0] = '\0'; - if (tmp == NULL) + if (map_secret == NULL) log_warnx("%s secret not found", secret->host); else if (lka_encode_credentials(secret->secret, - sizeof secret->secret, tmp) == 0) + sizeof secret->secret, map_secret) == 0) log_warnx("%s secret parse fail", secret->host); imsg_compose_event(iev, IMSG_LKA_SECRET, 0, 0, -1, secret, sizeof *secret); - free(tmp); + free(map_secret); return; } + } } if (iev->proc == PROC_PARENT) { @@ -795,16 +797,13 @@ lka_clear_deliverylist(struct deliverylist *deliverylist) } int -lka_encode_credentials(char *dst, size_t size, char *user) +lka_encode_credentials(char *dst, size_t size, struct map_secret *map_secret) { - char *pass, *buf; + char *buf; int buflen; - if ((pass = strchr(user, ':')) == NULL) - return 0; - *pass++ = '\0'; - - if ((buflen = asprintf(&buf, "%c%s%c%s", '\0', user, '\0', pass)) == -1) + if ((buflen = asprintf(&buf, "%c%s%c%s", '\0', map_secret->username, + '\0', map_secret->password)) == -1) fatal(NULL); if (__b64_ntop((unsigned char *)buf, buflen, dst, size) == -1) { diff --git a/usr.sbin/smtpd/map.c b/usr.sbin/smtpd/map.c index 63b9c684a4b..1586a0c1062 100644 --- a/usr.sbin/smtpd/map.c +++ b/usr.sbin/smtpd/map.c @@ -1,4 +1,4 @@ -/* $OpenBSD: map.c,v 1.14 2010/04/21 21:04:29 gilles Exp $ */ +/* $OpenBSD: map.c,v 1.15 2010/04/21 21:47:38 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -61,7 +61,7 @@ map_find(struct smtpd *env, objid_t id) return (m); } -char * +void * map_lookup(struct smtpd *env, objid_t mapid, char *key, enum map_kind kind) { void *hdl = NULL; diff --git a/usr.sbin/smtpd/map_parser.c b/usr.sbin/smtpd/map_parser.c index daa21094bc9..ca999a0a124 100644 --- a/usr.sbin/smtpd/map_parser.c +++ b/usr.sbin/smtpd/map_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: map_parser.c,v 1.1 2010/04/21 21:04:29 gilles Exp $ */ +/* $OpenBSD: map_parser.c,v 1.2 2010/04/21 21:47:38 gilles Exp $ */ /* * Copyright (c) 2010 Gilles Chehade <gilles@openbsd.org> @@ -36,12 +36,13 @@ struct map_parser *map_parser_lookup(enum map_kind); +void *map_parse_secret(char *, size_t); struct map_parser map_parsers[] = { { K_NONE, NULL }, { K_ALIASES, NULL }, { K_VIRTUAL, NULL }, - { K_SECRETS, NULL } + { K_SECRETS, map_parse_secret } }; struct map_parser * @@ -58,3 +59,46 @@ map_parser_lookup(enum map_kind kind) return &map_parsers[i]; } + +void * +map_parse_secret(char *line, size_t len) +{ + struct map_secret *map_secret = NULL; + char *p; + + /* credentials are stored as user:password */ + if (len < 3) + return NULL; + + /* too big to fit in a smtp session line */ + if (len >= MAX_LINE_SIZE) + return NULL; + + p = strchr(line, ':'); + if (p == NULL) + return NULL; + + if (p == line || p == line + len - 1) + return NULL; + *p++ = '\0'; + + map_secret = calloc(1, sizeof(struct map_secret)); + if (map_secret == NULL) + fatalx("calloc"); + + if (strlcpy(map_secret->username, line, + sizeof(map_secret->username)) >= + sizeof(map_secret->username)) + goto err; + + if (strlcpy(map_secret->password, p, + sizeof(map_secret->password)) >= + sizeof(map_secret->password)) + goto err; + + return map_secret; + +err: + free(map_secret); + return NULL; +} diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h index d49c7234a99..eba74f986a1 100644 --- a/usr.sbin/smtpd/smtpd.h +++ b/usr.sbin/smtpd/smtpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.h,v 1.178 2010/04/21 21:04:29 gilles Exp $ */ +/* $OpenBSD: smtpd.h,v 1.179 2010/04/21 21:47:39 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -298,6 +298,11 @@ struct map_parser { void *(*extract)(char *, size_t); }; +struct map_secret { + char username[MAX_LINE_SIZE]; + char password[MAX_LINE_SIZE]; +}; + enum cond_type { C_ALL, C_NET, @@ -952,7 +957,7 @@ void show_queue(char *, int); u_int16_t queue_hash(char *); /* map.c */ -char *map_lookup(struct smtpd *, objid_t, char *, enum map_kind); +void *map_lookup(struct smtpd *, objid_t, char *, enum map_kind); /* mda.c */ pid_t mda(struct smtpd *); |