diff options
| author | Eric Faurot <eric@cvs.openbsd.org> | 2011-10-23 15:36:54 +0000 |
|---|---|---|
| committer | Eric Faurot <eric@cvs.openbsd.org> | 2011-10-23 15:36:54 +0000 |
| commit | 7f7be081eacbf7bde7d297431b93f8a70307274c (patch) | |
| tree | 1318a19a0492576bf87c65e3a34fd1606f702175 /usr.sbin | |
| parent | bd0c81af7c32d9f797ee6cefca04399f7335d4d4 (diff) | |
a few important fixes:
- use correct endianness when dumping/loading port
- use the right flag set when dumping/loading flags
- keep and use the authmap name when needed, rather than an id that
might change when smtpd is restarted
- dump/load the authmap name with the envelope
- remove the rule struct from rq_batch as only the relay info is useful
ok gilles@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/smtpd/lka.c | 4 | ||||
| -rw-r--r-- | usr.sbin/smtpd/mta.c | 22 | ||||
| -rw-r--r-- | usr.sbin/smtpd/parse.y | 13 | ||||
| -rw-r--r-- | usr.sbin/smtpd/queue_fsqueue_ascii.c | 60 | ||||
| -rw-r--r-- | usr.sbin/smtpd/ramqueue.c | 4 | ||||
| -rw-r--r-- | usr.sbin/smtpd/smtpd.h | 10 |
6 files changed, 65 insertions, 48 deletions
diff --git a/usr.sbin/smtpd/lka.c b/usr.sbin/smtpd/lka.c index 086c7395953..3f3f1bd6633 100644 --- a/usr.sbin/smtpd/lka.c +++ b/usr.sbin/smtpd/lka.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lka.c,v 1.129 2011/10/23 09:30:06 gilles Exp $ */ +/* $OpenBSD: lka.c,v 1.130 2011/10/23 15:36:53 eric Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -112,7 +112,7 @@ lka_imsg(struct imsgev *iev, struct imsg *imsg) struct map_secret *map_secret; secret = imsg->data; - map = map_find(secret->secmapid); + map = map_findbyname(secret->mapname); if (map == NULL) fatalx("lka: secrets map not found"); map_secret = map_lookup(map->m_id, secret->host, K_SECRET); diff --git a/usr.sbin/smtpd/mta.c b/usr.sbin/smtpd/mta.c index 26d83c3833e..0c0be404edc 100644 --- a/usr.sbin/smtpd/mta.c +++ b/usr.sbin/smtpd/mta.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mta.c,v 1.115 2011/10/23 09:30:07 gilles Exp $ */ +/* $OpenBSD: mta.c,v 1.116 2011/10/23 15:36:53 eric Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -80,18 +80,18 @@ mta_imsg(struct imsgev *iev, struct imsg *imsg) s->batch = rq_batch; /* establish host name */ - if (rq_batch->rule.r_action == A_RELAYVIA) { - s->host = strdup(rq_batch->rule.r_value.relayhost.hostname); + if (rq_batch->relay.hostname[0]) { + s->host = strdup(rq_batch->relay.hostname); s->flags |= MTA_FORCE_MX; } else s->host = NULL; /* establish port */ - s->port = ntohs(rq_batch->rule.r_value.relayhost.port); /* XXX */ + s->port = ntohs(rq_batch->relay.port); /* XXX */ /* have cert? */ - s->cert = strdup(rq_batch->rule.r_value.relayhost.cert); + s->cert = strdup(rq_batch->relay.cert); if (s->cert == NULL) fatal(NULL); else if (s->cert[0] == '\0') { @@ -100,14 +100,16 @@ mta_imsg(struct imsgev *iev, struct imsg *imsg) } /* use auth? */ - if ((rq_batch->rule.r_value.relayhost.flags & F_SSL) && - (rq_batch->rule.r_value.relayhost.flags & F_AUTH)) { + if ((rq_batch->relay.flags & F_SSL) && + (rq_batch->relay.flags & F_AUTH)) { s->flags |= MTA_USE_AUTH; - s->secmapid = rq_batch->rule.r_value.relayhost.secmapid; + s->authmap = strdup(rq_batch->relay.authmap); + if (s->authmap == NULL) + fatalx("mta: strdup authmap"); } /* force a particular SSL mode? */ - switch (rq_batch->rule.r_value.relayhost.flags & F_SSL) { + switch (rq_batch->relay.flags & F_SSL) { case F_SSL: s->flags |= MTA_FORCE_ANYSSL; break; @@ -354,7 +356,7 @@ mta_enter_state(struct mta_session *s, int newstate, void *p) */ bzero(&secret, sizeof(secret)); secret.id = s->id; - secret.secmapid = s->secmapid; + strlcpy(secret.mapname, s->authmap, sizeof(secret.mapname)); strlcpy(secret.host, s->host, sizeof(secret.host)); imsg_compose_event(env->sc_ievs[PROC_LKA], IMSG_LKA_SECRET, 0, 0, -1, &secret, sizeof(secret)); diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y index 5846b4e9f3f..96676ead15c 100644 --- a/usr.sbin/smtpd/parse.y +++ b/usr.sbin/smtpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.80 2011/09/01 16:23:33 chl Exp $ */ +/* $OpenBSD: parse.y,v 1.81 2011/10/23 15:36:53 eric Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -128,12 +128,12 @@ typedef struct { %token <v.string> STRING %token <v.number> NUMBER %type <v.map> map -%type <v.number> quantifier decision port from auth ssl size expire credentials +%type <v.number> quantifier decision port from auth ssl size expire %type <v.cond> condition %type <v.tv> interval %type <v.object> mapref %type <v.maddr> relay_as -%type <v.string> certname user tag on alias +%type <v.string> certname user tag on alias credentials %% @@ -291,8 +291,7 @@ credentials : AUTH STRING { free($2); YYERROR; } - free($2); - $$ = m->m_id; + $$ = $2; } | /* empty */ { $$ = 0; } ; @@ -1022,7 +1021,9 @@ action : DELIVER TO MAILDIR user { if ($7) { rule->r_value.relayhost.flags |= F_AUTH; - rule->r_value.relayhost.secmapid = $7; + strlcpy(rule->r_value.relayhost.authmap, $7, + sizeof(rule->r_value.relayhost.authmap)); + free($7); } if ($6 != NULL) { diff --git a/usr.sbin/smtpd/queue_fsqueue_ascii.c b/usr.sbin/smtpd/queue_fsqueue_ascii.c index c0c8f97e85b..3e1b546ef96 100644 --- a/usr.sbin/smtpd/queue_fsqueue_ascii.c +++ b/usr.sbin/smtpd/queue_fsqueue_ascii.c @@ -1,4 +1,4 @@ -/* $OpenBSD: queue_fsqueue_ascii.c,v 1.3 2011/10/23 13:08:18 eric Exp $ */ +/* $OpenBSD: queue_fsqueue_ascii.c,v 1.4 2011/10/23 15:36:53 eric Exp $ */ /* * Copyright (c) 2011 Gilles Chehade <gilles@openbsd.org> @@ -69,6 +69,7 @@ #define KW_MTA_RELAY_PORT "mta-relay-port" #define KW_MTA_RELAY_FLAGS "mta-relay-flags" #define KW_MTA_RELAY_CERT "mta-relay-cert" +#define KW_MTA_RELAY_AUTHMAP "mta-relay-authmap" int fsqueue_load_envelope_ascii(FILE *, struct envelope *); int fsqueue_dump_envelope_ascii(FILE *, struct envelope *); @@ -391,7 +392,7 @@ ascii_load_mta_relay_port(struct envelope *ep, char *buf) { const char *errstr; - ep->agent.mta.relay.port = strtonum(buf, 0, 0xffff, &errstr); + ep->agent.mta.relay.port = htons(strtonum(buf, 0, 0xffff, &errstr)); if (errstr) return 0; return 1; @@ -402,7 +403,7 @@ ascii_dump_mta_relay_port(struct envelope *ep, FILE *fp) { if (ep->agent.mta.relay.port) fprintf(fp, "%s: %d\n", KW_MTA_RELAY_PORT, - ep->agent.mta.relay.port); + ntohs(ep->agent.mta.relay.port)); return 1; } @@ -426,21 +427,36 @@ ascii_dump_mta_relay_cert(struct envelope *ep, FILE *fp) } static int +ascii_load_mta_relay_authmap(struct envelope *ep, char *buf) +{ + if (strlcpy(ep->agent.mta.relay.authmap, buf, + sizeof(ep->agent.mta.relay.authmap)) + >= sizeof(ep->agent.mta.relay.authmap)) + return 0; + return 1; +} + +static int +ascii_dump_mta_relay_authmap(struct envelope *ep, FILE *fp) +{ + if (ep->agent.mta.relay.authmap[0]) + fprintf(fp, "%s: %s\n", KW_MTA_RELAY_AUTHMAP, + ep->agent.mta.relay.authmap); + return 1; +} + +static int ascii_load_mta_relay_flags(struct envelope *ep, char *buf) { char *flag; while ((flag = strsep(&buf, " ,|")) != NULL) { - if (strcasecmp(flag, "force-anyssl") == 0) - ep->agent.mta.relay.flags |= MTA_FORCE_ANYSSL; - else if (strcasecmp(flag, "force-smtps") == 0) - ep->agent.mta.relay.flags |= MTA_FORCE_SMTPS; - else if (strcasecmp(flag, "allow-plain") == 0) - ep->agent.mta.relay.flags |= MTA_ALLOW_PLAIN; - else if (strcasecmp(flag, "use-auth") == 0) - ep->agent.mta.relay.flags |= MTA_USE_AUTH; - else if (strcasecmp(flag, "force-mx") == 0) - ep->agent.mta.relay.flags |= MTA_FORCE_MX; + if (strcasecmp(flag, "smtps") == 0) + ep->agent.mta.relay.flags |= F_SMTPS; + else if (strcasecmp(flag, "tls") == 0) + ep->agent.mta.relay.flags |= F_STARTTLS; + else if (strcasecmp(flag, "auth") == 0) + ep->agent.mta.relay.flags |= F_AUTH; else return 0; } @@ -453,16 +469,12 @@ ascii_dump_mta_relay_flags(struct envelope *ep, FILE *fp) { if (ep->agent.mta.relay.flags) { fprintf(fp, "%s:", KW_MTA_RELAY_FLAGS); - if (ep->agent.mta.relay.flags & MTA_FORCE_ANYSSL) - fprintf(fp, " force-anyssl"); - if (ep->agent.mta.relay.flags & MTA_FORCE_SMTPS) - fprintf(fp, " force-smtps"); - if (ep->agent.mta.relay.flags & MTA_ALLOW_PLAIN) - fprintf(fp, " allow-plain"); - if (ep->agent.mta.relay.flags & MTA_USE_AUTH) - fprintf(fp, " use-auth"); - if (ep->agent.mta.relay.flags & MTA_FORCE_MX) - fprintf(fp, " force-mx"); + if (ep->agent.mta.relay.flags & F_SMTPS) + fprintf(fp, " smtps"); + if (ep->agent.mta.relay.flags & F_STARTTLS) + fprintf(fp, " tls"); + if (ep->agent.mta.relay.flags & F_AUTH) + fprintf(fp, " auth"); fprintf(fp, "\n"); } return 1; @@ -623,6 +635,7 @@ ascii_dump_agent(struct envelope *ep, FILE *fp) if (! ascii_dump_mta_relay_host(ep, fp) || ! ascii_dump_mta_relay_port(ep, fp) || ! ascii_dump_mta_relay_cert(ep, fp) || + ! ascii_dump_mta_relay_authmap(ep, fp) || ! ascii_dump_mta_relay_flags(ep, fp)) return 0; break; @@ -677,6 +690,7 @@ fsqueue_load_envelope_ascii(FILE *fp, struct envelope *ep) { KW_MTA_RELAY_PORT, ascii_load_mta_relay_port }, { KW_MTA_RELAY_FLAGS, ascii_load_mta_relay_flags }, { KW_MTA_RELAY_CERT, ascii_load_mta_relay_cert }, + { KW_MTA_RELAY_AUTHMAP, ascii_load_mta_relay_authmap }, }; int i; int n; diff --git a/usr.sbin/smtpd/ramqueue.c b/usr.sbin/smtpd/ramqueue.c index 6290c42115a..d1615988fc5 100644 --- a/usr.sbin/smtpd/ramqueue.c +++ b/usr.sbin/smtpd/ramqueue.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ramqueue.c,v 1.21 2011/10/23 13:03:05 gilles Exp $ */ +/* $OpenBSD: ramqueue.c,v 1.22 2011/10/23 15:36:53 eric Exp $ */ /* * Copyright (c) 2011 Gilles Chehade <gilles@openbsd.org> @@ -319,7 +319,7 @@ ramqueue_get_batch(struct ramqueue *rqueue, struct ramqueue_host *host, if (rq_batch == NULL) fatal("calloc"); rq_batch->b_id = generate_uid(); - rq_batch->rule = envelope->rule; + rq_batch->relay = envelope->agent.mta.relay; rq_batch->type = envelope->type; rq_batch->msgid = evpid_to_msgid(envelope->id); diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h index 6efa774c4b1..142ac9754de 100644 --- a/usr.sbin/smtpd/smtpd.h +++ b/usr.sbin/smtpd/smtpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.h,v 1.245 2011/10/23 13:08:18 eric Exp $ */ +/* $OpenBSD: smtpd.h,v 1.246 2011/10/23 15:36:53 eric Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -118,7 +118,7 @@ struct relayhost { char hostname[MAXHOSTNAMELEN]; u_int16_t port; char cert[PATH_MAX]; - objid_t secmapid; + char authmap[MAX_PATH_SIZE]; }; enum imsg_type { @@ -574,7 +574,7 @@ struct ramqueue_batch { u_int64_t h_id; u_int64_t b_id; u_int32_t msgid; - struct rule rule; + struct relayhost relay; }; struct ramqueue_envelope { TAILQ_ENTRY(ramqueue_envelope) queue_entry; @@ -763,7 +763,7 @@ struct dns { struct secret { u_int64_t id; - objid_t secmapid; + char mapname[MAX_PATH_SIZE]; char host[MAXHOSTNAMELEN]; char secret[MAX_LINE_SIZE]; }; @@ -859,7 +859,7 @@ struct mta_session { int flags; TAILQ_HEAD(,envelope) recipients; TAILQ_HEAD(,mta_relay) relays; - objid_t secmapid; + char *authmap; char *secret; int fd; FILE *datafp; |