diff options
Diffstat (limited to 'usr.sbin/smtpd')
-rw-r--r-- | usr.sbin/smtpd/mta_session.c | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/usr.sbin/smtpd/mta_session.c b/usr.sbin/smtpd/mta_session.c index c38a5cedb38..f0f2c59b3c0 100644 --- a/usr.sbin/smtpd/mta_session.c +++ b/usr.sbin/smtpd/mta_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mta_session.c,v 1.125 2019/12/21 17:43:49 gilles Exp $ */ +/* $OpenBSD: mta_session.c,v 1.126 2020/01/07 22:39:02 gilles Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -105,6 +105,8 @@ struct mta_session { char *helo; char *mxname; + char *username; + int flags; int attempt; @@ -177,9 +179,7 @@ static void mta_report_link_greeting(struct mta_session *, const char *); static void mta_report_link_identify(struct mta_session *, const char *, const char *); static void mta_report_link_tls(struct mta_session *, const char *); static void mta_report_link_disconnect(struct mta_session *); -#if 0 static void mta_report_link_auth(struct mta_session *, const char *, const char *); -#endif static void mta_report_tx_reset(struct mta_session *, uint32_t); static void mta_report_tx_begin(struct mta_session *, uint32_t); static void mta_report_tx_mail(struct mta_session *, uint32_t, const char *, int); @@ -410,6 +410,7 @@ mta_free(struct mta_session *s) relay = s->relay; route = s->route; + free(s->username); free(s->mxname); free(s); stat_decrement("mta.session", 1); @@ -658,6 +659,14 @@ again: break; case MTA_AUTH_PLAIN: + memset(ibuf, 0, sizeof ibuf); + if (base64_decode(s->relay->secret, (unsigned char *)ibuf, + sizeof(ibuf)-1) == -1) { + log_debug("debug: mta: %p: credentials too large on session", s); + mta_error(s, "Credentials too large"); + break; + } + s->username = xstrdup(ibuf+1); mta_send(s, "AUTH PLAIN %s", s->relay->secret); break; @@ -673,6 +682,7 @@ again: mta_error(s, "Credentials too large"); break; } + s->username = xstrdup(ibuf+1); memset(obuf, 0, sizeof obuf); base64_encode((unsigned char *)ibuf + 1, strlen(ibuf + 1), obuf, sizeof obuf); @@ -967,15 +977,18 @@ mta_response(struct mta_session *s, char *line) case MTA_AUTH_PLAIN: if (line[0] != '2') { mta_error(s, "AUTH rejected: %s", line); + mta_report_link_auth(s, s->username, "fail"); s->flags |= MTA_FREE; return; } + mta_report_link_auth(s, s->username, "pass"); mta_enter_state(s, MTA_READY); break; case MTA_AUTH_LOGIN: if (strncmp(line, "334 ", 4) != 0) { mta_error(s, "AUTH rejected: %s", line); + mta_report_link_auth(s, s->username, "fail"); s->flags |= MTA_FREE; return; } @@ -985,6 +998,7 @@ mta_response(struct mta_session *s, char *line) case MTA_AUTH_LOGIN_USER: if (strncmp(line, "334 ", 4) != 0) { mta_error(s, "AUTH rejected: %s", line); + mta_report_link_auth(s, s->username, "fail"); s->flags |= MTA_FREE; return; } @@ -994,9 +1008,11 @@ mta_response(struct mta_session *s, char *line) case MTA_AUTH_LOGIN_PASS: if (line[0] != '2') { mta_error(s, "AUTH rejected: %s", line); + mta_report_link_auth(s, s->username, "fail"); s->flags |= MTA_FREE; return; } + mta_report_link_auth(s, s->username, "pass"); mta_enter_state(s, MTA_READY); break; @@ -1883,7 +1899,6 @@ mta_report_link_disconnect(struct mta_session *s) report_smtp_link_disconnect("smtp-out", s->id); } -#if 0 static void mta_report_link_auth(struct mta_session *s, const char *user, const char *result) { @@ -1892,7 +1907,6 @@ mta_report_link_auth(struct mta_session *s, const char *user, const char *result report_smtp_link_auth("smtp-out", s->id, user, result); } -#endif static void mta_report_tx_reset(struct mta_session *s, uint32_t msgid) |