5 files changed, 51 insertions, 6 deletions

diff --git a/usr.sbin/smtpd/lka.c b/usr.sbin/smtpd/lka.c
index 2d8d29ef204..0911b9c4751 100644
--- a/usr.sbin/smtpd/lka.c
+++ b/usr.sbin/smtpd/lka.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: lka.c,v 1.237 2019/07/11 21:04:59 gilles Exp $	*/
+/*	$OpenBSD: lka.c,v 1.238 2019/07/11 21:40:03 gilles Exp $	*/
 
 /*
  * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -80,12 +80,14 @@ lka_imsg(struct mproc *p, struct imsg *imsg)
 	struct timeval		 tv;
 	const char		*direction;
 	const char		*rdns;
-	const char		*command, *response;
+	const char		*command;
+	const char		*response;
 	const char		*ciphers;
 	const char		*address;
 	const char		*helomethod;
 	const char		*heloname;
 	const char		*filter_name;
+	const char		*result;
 	struct sockaddr_storage	ss_src, ss_dest;
 	int                      filter_response;
 	int                      filter_phase;
@@ -434,6 +436,18 @@ lka_imsg(struct mproc *p, struct imsg *imsg)
 		lka_report_smtp_link_reset(direction, &tv, reqid);
 		return;
 
+	case IMSG_REPORT_SMTP_LINK_AUTH:
+		m_msg(&m, imsg);
+		m_get_string(&m, &direction);
+		m_get_timeval(&m, &tv);
+		m_get_id(&m, &reqid);
+		m_get_string(&m, &username);
+		m_get_string(&m, &result);
+		m_end(&m);
+
+		lka_report_smtp_link_auth(direction, &tv, reqid, username, result);
+		return;
+
 	case IMSG_REPORT_SMTP_TX_BEGIN:
 		m_msg(&m, imsg);
 		m_get_string(&m, &direction);
diff --git a/usr.sbin/smtpd/lka_report.c b/usr.sbin/smtpd/lka_report.c
index d7f33c2274c..610e100a308 100644
--- a/usr.sbin/smtpd/lka_report.c
+++ b/usr.sbin/smtpd/lka_report.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: lka_report.c,v 1.20 2019/07/11 21:04:59 gilles Exp $	*/
+/*	$OpenBSD: lka_report.c,v 1.21 2019/07/11 21:40:03 gilles Exp $	*/
 
 /*
  * Copyright (c) 2018 Gilles Chehade <gilles@poolp.org>
@@ -54,6 +54,7 @@ static struct smtp_events {
 	{ "link-identify" },
 	{ "link-tls" },
 	{ "link-reset" },
+	{ "link-auth" },
 
 	{ "tx-begin" },
 	{ "tx-mail" },
@@ -225,6 +226,14 @@ lka_report_smtp_link_reset(const char *direction, struct timeval *tv, uint64_t r
 }
 
 void
+lka_report_smtp_link_auth(const char *direction, struct timeval *tv, uint64_t reqid,
+    const char *username, const char *result)
+{
+	report_smtp_broadcast(reqid, direction, tv, "link-auth",
+	    "%016"PRIx64"|%s|%s\n", reqid, username, result);
+}
+
+void
 lka_report_smtp_link_identify(const char *direction, struct timeval *tv,
     uint64_t reqid, const char *method, const char *heloname)
 {
diff --git a/usr.sbin/smtpd/report_smtp.c b/usr.sbin/smtpd/report_smtp.c
index c20e4df20c9..bdfa3e65925 100644
--- a/usr.sbin/smtpd/report_smtp.c
+++ b/usr.sbin/smtpd/report_smtp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: report_smtp.c,v 1.6 2019/07/11 21:04:59 gilles Exp $	*/
+/*	$OpenBSD: report_smtp.c,v 1.7 2019/07/11 21:40:03 gilles Exp $	*/
 
 /*
  * Copyright (c) 2018 Gilles Chehade <gilles@poolp.org>
@@ -123,6 +123,22 @@ report_smtp_link_reset(const char *direction, uint64_t qid)
 }
 
 void
+report_smtp_link_auth(const char *direction, uint64_t qid, const char *user, const char *result)
+{
+	struct timeval	tv;
+
+	gettimeofday(&tv, NULL);
+
+	m_create(p_lka, IMSG_REPORT_SMTP_LINK_AUTH, 0, 0, -1);
+	m_add_string(p_lka, direction);
+	m_add_timeval(p_lka, &tv);
+	m_add_id(p_lka, qid);
+	m_add_string(p_lka, user);
+	m_add_string(p_lka, result);
+	m_close(p_lka);
+}
+
+void
 report_smtp_tx_begin(const char *direction, uint64_t qid, uint32_t msgid)
 {
 	struct timeval	tv;
diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c
index 8f5fe22fc78..5f21b31460e 100644
--- a/usr.sbin/smtpd/smtp_session.c
+++ b/usr.sbin/smtpd/smtp_session.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: smtp_session.c,v 1.399 2019/07/11 21:04:59 gilles Exp $	*/
+/*	$OpenBSD: smtp_session.c,v 1.400 2019/07/11 21:40:03 gilles Exp $	*/
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -939,6 +939,7 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg)
 			    "result=ok",
 			    s->id, user);
 			s->flags |= SF_AUTHENTICATED;
+			report_smtp_link_auth("smtp-in", s->id, user, "pass");
 			smtp_reply(s, "235 %s: Authentication succeeded",
 			    esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS));
 		}
@@ -947,6 +948,7 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg)
 			    "authentication user=%s "
 			    "result=permfail",
 			    s->id, user);
+			report_smtp_link_auth("smtp-in", s->id, user, "fail");
 			smtp_auth_failure_pause(s);
 			return;
 		}
@@ -955,6 +957,7 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg)
 			    "authentication user=%s "
 			    "result=tempfail",
 			    s->id, user);
+			report_smtp_link_auth("smtp-in", s->id, user, "error");
 			smtp_reply(s, "421 %s: Temporary failure",
 			    esc_code(ESC_STATUS_TEMPFAIL, ESC_OTHER_MAIL_SYSTEM_STATUS));
 		}
diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h
index f9b6ef7ca96..72f2f5c3770 100644
--- a/usr.sbin/smtpd/smtpd.h
+++ b/usr.sbin/smtpd/smtpd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: smtpd.h,v 1.627 2019/07/11 21:04:59 gilles Exp $	*/
+/*	$OpenBSD: smtpd.h,v 1.628 2019/07/11 21:40:03 gilles Exp $	*/
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -312,6 +312,7 @@ enum imsg_type {
 	IMSG_REPORT_SMTP_LINK_IDENTIFY,
 	IMSG_REPORT_SMTP_LINK_TLS,
 	IMSG_REPORT_SMTP_LINK_RESET,
+	IMSG_REPORT_SMTP_LINK_AUTH,
 	IMSG_REPORT_SMTP_TX_BEGIN,
 	IMSG_REPORT_SMTP_TX_MAIL,
 	IMSG_REPORT_SMTP_TX_RCPT,
@@ -1333,6 +1334,7 @@ void lka_report_smtp_link_disconnect(const char *, struct timeval *, uint64_t);
 void lka_report_smtp_link_identify(const char *, struct timeval *, uint64_t, const char *, const char *);
 void lka_report_smtp_link_tls(const char *, struct timeval *, uint64_t, const char *);
 void lka_report_smtp_link_reset(const char *, struct timeval *, uint64_t);
+void lka_report_smtp_link_auth(const char *, struct timeval *, uint64_t, const char *, const char *);
 void lka_report_smtp_tx_begin(const char *, struct timeval *, uint64_t, uint32_t);
 void lka_report_smtp_tx_mail(const char *, struct timeval *, uint64_t, uint32_t, const char *, int);
 void lka_report_smtp_tx_rcpt(const char *, struct timeval *, uint64_t, uint32_t, const char *, int);
@@ -1501,6 +1503,7 @@ void report_smtp_link_disconnect(const char *, uint64_t);
 void report_smtp_link_identify(const char *, uint64_t, const char *, const char *);
 void report_smtp_link_tls(const char *, uint64_t, const char *);
 void report_smtp_link_reset(const char *, uint64_t);
+void report_smtp_link_auth(const char *, uint64_t, const char *, const char *);
 void report_smtp_tx_begin(const char *, uint64_t, uint32_t);
 void report_smtp_tx_mail(const char *, uint64_t, uint32_t, const char *, int);
 void report_smtp_tx_rcpt(const char *, uint64_t, uint32_t, const char *, int);