Merge pull request #34 from mtremer/better-authentication

Parse EHLO response and use for authentication

diff --git a/.gitignore b/.gitignore
new file mode 100644 (file)
index 0000000..5e57ccd
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+*.o
+dma
+dma-mbox-create
+aliases_parse.c
+aliases_parse.h
+aliases_scan.c

diff --git a/VERSION b/VERSION
index 9097bf9dbe5f4b742b02c05b9146c9afc3b7c01a..5416288bc5ef602d0e0caf0e9a3cd008b3414ef9 100644 (file)
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-v0.10
+v0.11

diff --git a/crypto.c b/crypto.c
index 8048f204e877963754521de7df17285da82b6933..0ebcf78c86d8babcd89d71c00f4cd959e6f7c2b7 100644 (file)
--- a/crypto.c
+++ b/crypto.c
@@ -93,7 +93,12 @@ smtp_init_crypto(int fd, int feature, struct smtp_features* features)
        SSL_library_init();
        SSL_load_error_strings();
 
-       meth = TLSv1_client_method();
+       // Allow any possible version
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+       meth = TLS_client_method();
+#else
+       meth = SSLv23_client_method();
+#endif
 
        ctx = SSL_CTX_new(meth);
        if (ctx == NULL) {

diff --git a/dma-mbox-create.c b/dma-mbox-create.c
index 532a7afbe0b53b43bf23515b4de8deec66ed367e..80088601f2d75c91d7925273d5b70a65c3f93b01 100644 (file)
--- a/dma-mbox-create.c
+++ b/dma-mbox-create.c
@@ -89,9 +89,7 @@ main(int argc, char **argv)
        struct group *gr;
        uid_t user_uid;
        gid_t mail_gid;
-       int error;
-       char fn[PATH_MAX+1];
-       int f;
+       int f, maildirfd;
 
        openlog("dma-mbox-create", 0, LOG_MAIL);
 
@@ -131,26 +129,22 @@ main(int argc, char **argv)
        if (!pw)
                logfail(EX_NOUSER, "cannot find user `%s'", user);
 
-       user_uid = pw->pw_uid;
+       maildirfd = open(_PATH_MAILDIR, O_RDONLY);
+       if (maildirfd < 0)
+               logfail(EX_NOINPUT, "cannot open maildir %s", _PATH_MAILDIR);
 
-       error = snprintf(fn, sizeof(fn), "%s/%s", _PATH_MAILDIR, user);
-       if (error < 0 || (size_t)error >= sizeof(fn)) {
-               if (error >= 0) {
-                       errno = 0;
-                       logfail(EX_USAGE, "mbox path too long");
-               }
-               logfail(EX_CANTCREAT, "cannot build mbox path for `%s/%s'", _PATH_MAILDIR, user);
-       }
+       user_uid = pw->pw_uid;
 
-       f = open(fn, O_RDONLY|O_CREAT, 0600);
+       f = openat(maildirfd, user, O_RDONLY|O_CREAT|O_NOFOLLOW, 0600);
        if (f < 0)
-               logfail(EX_NOINPUT, "cannt open mbox `%s'", fn);
+               logfail(EX_NOINPUT, "cannot open mbox `%s'", user);
 
        if (fchown(f, user_uid, mail_gid))
-               logfail(EX_OSERR, "cannot change owner of mbox `%s'", fn);
+               logfail(EX_OSERR, "cannot change owner of mbox `%s'", user);
 
        if (fchmod(f, 0620))
-               logfail(EX_OSERR, "cannot change permissions of mbox `%s'", fn);
+               logfail(EX_OSERR, "cannot change permissions of mbox `%s'",
+                   user);
 
        /* file should be present with the right owner and permissions */
 

diff --git a/dma.c b/dma.c
index 94fc3316f7dbe2daf1575518ebf89a19abd65c57..e643e0f4ac9b6cd3bf31a75c2baf9d893184acb9 100644 (file)
--- a/dma.c
+++ b/dma.c
@@ -47,6 +47,7 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <inttypes.h>
+#include <libgen.h>
 #include <paths.h>
 #include <pwd.h>
 #include <signal.h>
@@ -321,7 +322,7 @@ deliver(struct qitem *it)
        snprintf(errmsg, sizeof(errmsg), "unknown bounce reason");
 
 retry:
-       syslog(LOG_INFO, "trying delivery");
+       syslog(LOG_INFO, "<%s> trying delivery", it->addr);
 
        if (it->remote)
                error = deliver_remote(it);
@@ -331,7 +332,7 @@ retry:
        switch (error) {
        case 0:
                delqueue(it);
-               syslog(LOG_INFO, "delivery successful");
+               syslog(LOG_INFO, "<%s> delivery successful", it->addr);
                exit(EX_OK);
 
        case 1:
@@ -457,7 +458,7 @@ main(int argc, char **argv)
        bzero(&queue, sizeof(queue));
        LIST_INIT(&queue.queue);
 
-       if (strcmp(argv[0], "mailq") == 0) {
+       if (strcmp(basename(argv[0]), "mailq") == 0) {
                argv++; argc--;
                showq = 1;
                if (argc != 0)

diff --git a/dma.h b/dma.h
index ee749d8b7ee975d7f35f410c8b0bd3e7181bc3ae..ed0d0fc8cbd09ebb321a321691eacc237874bc10 100644 (file)
--- a/dma.h
+++ b/dma.h
@@ -49,7 +49,7 @@
 #define VERSION        "DragonFly Mail Agent " DMA_VERSION
 
 #define BUF_SIZE       2048
-#define ERRMSG_SIZE    200
+#define ERRMSG_SIZE    1024
 #define USERNAME_SIZE  50
 #define EHLO_RESPONSE_SIZE BUF_SIZE
 #define MIN_RETRY      300             /* 5 minutes */

diff --git a/dns.c b/dns.c
index dd9ebfca8d8298bb9566c585a4f40d04283d8e6c..bd28c4db724c9706f152bfc677a3743212cf79bd 100644 (file)
--- a/dns.c
+++ b/dns.c
@@ -34,6 +34,7 @@
  */
 
 #include <sys/types.h>
+#include <sys/param.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <arpa/nameser.h>

diff --git a/local.c b/local.c
index e3e015217feac05493b5dc30f530a82c3905f366..2bfdbb3cfd26d22fce8411a7c15ef55f0fecade2 100644 (file)
--- a/local.c
+++ b/local.c
@@ -196,7 +196,7 @@ retry:
                goto out;
        }
 
-       error = snprintf(line, sizeof(line), "%sFrom %s\t%s", newline, sender, ctime(&now));
+       error = snprintf(line, sizeof(line), "%sFrom %s %s", newline, sender, ctime(&now));
        if (error < 0 || (size_t)error >= sizeof(line)) {
                syslog(LOG_NOTICE, "local delivery deferred: can not write header: %m");
                goto out;
@@ -218,7 +218,7 @@ retry:
                /*
                 * mboxro processing:
                 * - escape lines that start with "From " with a > sign.
-                * - be reversable by escaping lines that contain an arbitrary
+                * - be reversible by escaping lines that contain an arbitrary
                 *   number of > signs, followed by "From ", i.e. />*From / in regexp.
                 * - strict mbox processing only requires escaping after empty lines,
                 *   yet most MUAs seem to relax this requirement and will treat any

diff --git a/net.c b/net.c
index 33ff8f52ed89370925aecb4a7492639165620de2..a1cc3e3bfd7970dfa37d68fbfbefcc3da831fda2 100644 (file)
--- a/net.c
+++ b/net.c
@@ -483,11 +483,13 @@ deliver_to_host(struct qitem *it, struct mx_hostentry *host)
                       host->host, host->addr, c, neterr); \
                snprintf(errmsg, sizeof(errmsg), "%s [%s] did not like our %s:\n%s", \
                         host->host, host->addr, c, neterr); \
-               return (-1); \
+               error = -1; \
+               goto out; \
        } else if (res != exp) { \
                syslog(LOG_NOTICE, "remote delivery deferred: %s [%s] failed after %s: %s", \
                       host->host, host->addr, c, neterr); \
-               return (1); \
+               error = 1; \
+               goto out; \
        }
 
        /* Check first reply from remote host */
@@ -539,7 +541,8 @@ deliver_to_host(struct qitem *it, struct mx_hostentry *host)
                        syslog(LOG_ERR, "remote delivery failed:"
                                        " SMTP login failed: %m");
                        snprintf(errmsg, sizeof(errmsg), "SMTP login to %s failed", host->host);
-                       return (-1);
+                       error = -1;
+                       goto out;
                }
                /* SMTP login is not available, so try without */
                else if (error > 0) {