properly implement the "from socket" match criteria, so it is now possible

to specifically match a connection that happened through the local enqueuer

2 files changed, 10 insertions, 10 deletions

diff --git a/usr.sbin/smtpd/ruleset.c b/usr.sbin/smtpd/ruleset.c
index 237feae1f26..c8b8aa48ba9 100644
--- a/usr.sbin/smtpd/ruleset.c
+++ b/usr.sbin/smtpd/ruleset.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ruleset.c,v 1.42 2018/12/28 11:40:29 eric Exp $ */
+/*	$OpenBSD: ruleset.c,v 1.43 2019/08/11 10:54:44 gilles Exp $ */
 
 /*
  * Copyright (c) 2009 Gilles Chehade <gilles@poolp.org>
@@ -65,11 +65,6 @@ ruleset_match_from(struct rule *r, const struct envelope *evp)
 	if (!r->flag_from)
 		return 1;
 
-	if (r->flag_from_socket) {
-		/* XXX - socket needs to be distinguished from "local" */
-		return -1;
-	}
-
 	if (evp->flags & EF_INTERNAL)
 		key = "local";
 	else if (r->flag_from_rdns) {
@@ -77,9 +72,12 @@ ruleset_match_from(struct rule *r, const struct envelope *evp)
 			return 0;
 		key = evp->hostname;
 	}
-	else
+	else {
 		key = ss_to_text(&evp->ss);
-
+		if (strcmp(key, "local") == 0)
+			if (r->flag_from_socket)
+				return MATCH_RESULT(1, r->flag_from);
+	}
 	if (r->flag_from_regex)
 		service = K_REGEX;
 
diff --git a/usr.sbin/smtpd/to.c b/usr.sbin/smtpd/to.c
index e9b95ca6239..306f6f189b7 100644
--- a/usr.sbin/smtpd/to.c
+++ b/usr.sbin/smtpd/to.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: to.c,v 1.37 2019/07/24 20:44:21 kn Exp $	*/
+/*	$OpenBSD: to.c,v 1.38 2019/08/11 10:54:44 gilles Exp $	*/
 
 /*
  * Copyright (c) 2009 Jacek Masiulaniec <jacekm@dobremiasto.net>
@@ -458,7 +458,9 @@ rule_to_text(struct rule *r)
 	if (r->flag_from) {
 		if (r->flag_from < 0)
 			(void)strlcat(buf, "!", sizeof buf);
-		if (strcmp(r->table_from, "<anyhost>") == 0)
+		if (r->flag_from_socket)
+			(void)strlcat(buf, "from socket ", sizeof buf);
+		else if (strcmp(r->table_from, "<anyhost>") == 0)
 			(void)strlcat(buf, "from any ", sizeof buf);
 		else if (strcmp(r->table_from, "<localhost>") == 0)
 			(void)strlcat(buf, "from local", sizeof buf);