-TXSASL_CYRUS_CLIENT
-TXSASL_CYRUS_ERROR_INFO
-TXSASL_CYRUS_SERVER
+-TXSASL_DCSRV_MECH
-TXSASL_DOVECOT_SERVER
-TXSASL_DOVECOT_SERVER_IMPL
-TXSASL_DOVECOT_SERVER_MECHS
from localhost[127.0.0.1]. Files: smtpd/smtpd_peer.c,
qmqpd/qmqpd_peer.c.
+20070502
+
+ Workaround: build without EPOLL support when an epoll-enabled
+ kernel sits underneath a retarded libc. File: makedefs.
+
+ Cleanup: missing support for SASL security properties with
+ Dovecot SASL authentication. Based on an initial version
+ by Lev A. Serebryakov. File: xsasl/xsasl_dovecot_server.c.
+
+20070503
+
+ Cleanup: changed the default address verification sender
+ from "postmaster" to "double-bounce", so that the Postfix
+ SMTP server no longer surprises unsuspecting people by
+ excluding "postmaster" from SMTPD access controls. File:
+ global/mail_params.h.
+
+20070508
+
+ Bugfix: Content-Transfer-Encoding: attribute values are
+ case insensitive. File: src/cleanup/cleanup_message.c.
+
+
Wish list:
+ Would there be a problem adding $smtpd_mumble_restrictions
+ and $smtpd_sender_login_maps to the default proxy_read_maps
+ settings?
+
Remove defer(8) and trace(8) references and man pages. These
are services not program names.
If you upgrade from Postfix 2.3 or earlier, read RELEASE_NOTES-2.4
before proceeding.
+Incompatibility with Postfix snapshot 2007XXXX
+==============================================
+
+The default sender address for address verification probes was
+changed from "postmaster" to "double-bounce", so that the Postfix
+SMTP server no longer causes surprising behavior by excluding
+"postmaster" from SMTP server access controls.
+
Incompatibility with Postfix snapshot 20070422
==============================================
<b>README FILES</b>
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
+<b>HISTORY</b>
+ CIDR table support was introduced with Postfix version 2.1.
+
<b>AUTHOR(S)</b>
The CIDR table lookup code was originally written by:
Jozsef Kadlecsik
</DD>
<DT><b><a name="address_verify_sender">address_verify_sender</a>
-(default: postmaster)</b></DT><DD>
+(default: $<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b></DT><DD>
-<p> The sender address to use in address verification probes. To
+<p> The sender address to use in address verification probes; prior
+to Postfix 2.5 the default was "postmaster". To
avoid problems with address probes that are sent in response to
address probes, the Postfix SMTP server excludes the probe sender
address from all SMTPD access blocks. </p>
<dd>Disallow methods that allow anonymous authentication. </dd>
+<dt><b>forward_secrecy</b></dt>
+
+<dd>Only allow methods that support forward secrecy (Dovecot only).
+</dd>
+
<dt><b>mutual_auth</b></dt>
<dd>Only allow methods that provide mutual authentication (not available
-with SASL version 1). </dd>
+with Cyrus SASL version 1). </dd>
</dl>
ting. It becomes subject to expiration after it is
released from "hold".
+ This feature is available in Postfix 2.0 and later.
+
<b>-H</b> <i>queue</i><b>_</b><i>id</i>
Release mail that was put "on hold". Move one mes-
- sage with the named queue ID from the named mail
+ sage with the named queue ID from the named mail
queue(s) (default: <b>hold</b>) to the <b>deferred</b> queue.
- If a <i>queue</i><b>_</b><i>id</i> of <b>-</b> is specified, the program reads
+ If a <i>queue</i><b>_</b><i>id</i> of <b>-</b> is specified, the program reads
queue IDs from standard input.
- Note: specify "<b>postsuper -r</b>" to release mail that
- was kept on hold for a significant fraction of
- <b>$<a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a></b>
or <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>,
+ Note: specify "<b>postsuper -r</b>" to release mail that
+ was kept on hold for a significant fraction of
+ <b>$<a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a></b>
or <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>,
or longer.
- Specify "<b>-H ALL</b>" to release all mail that is "on
- hold". As a safety measure, the word <b>ALL</b> must be
+ Specify "<b>-H ALL</b>" to release all mail that is "on
+ hold". As a safety measure, the word <b>ALL</b> must be
specified in upper case.
+ This feature is available in Postfix 2.0 and later.
+
<b>-p</b> Purge old temporary files that are left over after
system or software crashes.
the Postfix mail system is running, but no harm
should be done.
- <b>-s</b> Structure check and structure repair. This should
+ This feature is available in Postfix 1.1 and later.
+
+ <b>-s</b> Structure check and structure repair. This should
be done once before Postfix startup.
- <b>o</b> Rename files whose name does not match the
+ <b>o</b> Rename files whose name does not match the
message file inode number. This operation is
- necessary after restoring a mail queue from
+ necessary after restoring a mail queue from
a different machine, or from backup media.
<b>o</b> Move queue files that are in the wrong place
in the file system hierarchy and remove sub-
directories that are no longer needed. File
- position rearrangements are necessary after
+ position rearrangements are necessary after
a change in the <b><a href="postconf.5.html#hash_queue_names">hash_queue_names</a></b> and/or
<b><a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a></b> configuration parameters.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
<b>DIAGNOSTICS</b>
- Problems are reported to the standard error stream and to
+ Problems are reported to the standard error stream and to
<b>syslogd</b>(8).
- <a href="postsuper.1.html"><b>postsuper</b>(1)</a> reports the number of messages deleted with
- <b>-d</b>, the number of messages requeued with <b>-r</b>, and the num-
- ber of messages whose queue file name was fixed with <b>-s</b>.
- The report is written to the standard error stream and to
+ <a href="postsuper.1.html"><b>postsuper</b>(1)</a> reports the number of messages deleted with
+ <b>-d</b>, the number of messages requeued with <b>-r</b>, and the num-
+ ber of messages whose queue file name was fixed with <b>-s</b>.
+ The report is written to the standard error stream and to
<b>syslogd</b>(8).
<b>ENVIRONMENT</b>
Directory with the <a href="postconf.5.html"><b>main.cf</b></a> file.
<b>BUGS</b>
- Mail that is not sanitized by Postfix (i.e. mail in the
+ Mail that is not sanitized by Postfix (i.e. mail in the
<b>maildrop</b> queue) cannot be placed "on hold".
<b>CONFIGURATION PARAMETERS</b>
- The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> (1)</b>
- The number of subdirectory levels for queue direc-
- tories listed with the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> parameter.
+ The number of subdirectory levels for queue direc-
+ tories listed with the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> parameter.
<b><a href="postconf.5.html#hash_queue_names">hash_queue_names</a> (deferred, defer)</b>
- The names of queue directories that are split
+ The names of queue directories that are split
across multiple subdirectory levels.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
<a href="postqueue.1.html">postqueue(1)</a>, unprivileged queue operations
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
case "$RELEASE" in
2.[0-5].*) CCARGS="$CCARGS -DNO_EPOLL";;
esac
+ # Workaround for retarded libc
+ case "$RELEASE" in
+ 2.6.*)
+ trap 'rm -f makedefs.tmp makedefs.tmp.o makedefs.tmp.c' 1 2 3 15
+ cat >makedefs.tmp.c <<EOF
+#include <sys/types.h>
+#include <sys/epoll.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+int main(int argc, char **argv)
+{
+ int epoll_handle;
+
+ if ((epoll_handle = epoll_create(1)) < 0) {
+ perror("epoll_create");
+ exit(1);
+ }
+ exit(0);
+}
+EOF
+ ${CC-gcc} -o makedefs.tmp makedefs.tmp.c || exit 1
+ ./makedefs.tmp 2>/dev/null || CCARGS="$CCARGS -DNO_EPOLL"
+ rm -f makedefs.tmp makedefs.tmp.o makedefs.tmp.c;;
+ esac
;;
GNU.0*|GNU/kFreeBSD.[56]*)
SYSTYPE=GNU0
time in the queue exceeds the \fBmaximal_queue_lifetime\fR
or \fBbounce_queue_lifetime\fR setting. It becomes subject to
expiration after it is released from "hold".
+.sp
+This feature is available in Postfix 2.0 and later.
.IP "\fB-H \fIqueue_id\fR"
Release mail that was put "on hold".
Move one message with the named queue ID from the named
Specify "\fB-H ALL\fR" to release all mail that is "on hold".
As a safety measure, the word \fBALL\fR must be specified in upper
case.
+.sp
+This feature is available in Postfix 2.0 and later.
.IP \fB-p\fR
Purge old temporary files that are left over after system or
software crashes.
There is a very small possibility that \fBpostsuper\fR(1) requeues
the wrong message file when it is executed while the Postfix mail
system is running, but no harm should be done.
+.sp
+This feature is available in Postfix 1.1 and later.
.IP \fB-s\fR
Structure check and structure repair. This should be done once
before Postfix startup.
.na
.nf
DATABASE_README, Postfix lookup table overview
+.SH "HISTORY"
+.na
+.nf
+CIDR table support was introduced with Postfix version 2.1.
.SH "AUTHOR(S)"
.na
.nf
probes. This information can be overruled with the \fBtransport\fR(5) table.
.PP
This feature is available in Postfix 2.1 and later.
-.SH address_verify_sender (default: postmaster)
-The sender address to use in address verification probes. To
+.SH address_verify_sender (default: $double_bounce_sender)
+The sender address to use in address verification probes; prior
+to Postfix 2.5 the default was "postmaster". To
avoid problems with address probes that are sent in response to
address probes, the Postfix SMTP server excludes the probe sender
address from all SMTPD access blocks.
Disallow methods subject to passive (dictionary) attack.
.IP "\fBnoanonymous\fR"
Disallow methods that allow anonymous authentication.
+.IP "\fBforward_secrecy\fR"
+Only allow methods that support forward secrecy (Dovecot only).
.IP "\fBmutual_auth\fR"
Only allow methods that provide mutual authentication (not available
-with SASL version 1).
+with Cyrus SASL version 1).
.PP
By default, the Postfix SMTP server accepts plaintext passwords but
not anonymous logins.
# .na
# .nf
# DATABASE_README, Postfix lookup table overview
+# HISTORY
+# CIDR table support was introduced with Postfix version 2.1.
# AUTHOR(S)
# The CIDR table lookup code was originally written by:
# Jozsef Kadlecsik
This feature is available in Postfix 2.1 and later.
</p>
-%PARAM address_verify_sender postmaster
+%PARAM address_verify_sender $double_bounce_sender
-<p> The sender address to use in address verification probes. To
+<p> The sender address to use in address verification probes; prior
+to Postfix 2.5 the default was "postmaster". To
avoid problems with address probes that are sent in response to
address probes, the Postfix SMTP server excludes the probe sender
address from all SMTPD access blocks. </p>
<dd>Disallow methods that allow anonymous authentication. </dd>
+<dt><b>forward_secrecy</b></dt>
+
+<dd>Only allow methods that support forward secrecy (Dovecot only).
+</dd>
+
<dt><b>mutual_auth</b></dt>
<dd>Only allow methods that provide mutual authentication (not available
-with SASL version 1). </dd>
+with Cyrus SASL version 1). </dd>
</dl>
while (ISSPACE(*hdrval))
hdrval++;
/* trimblanks(hdrval, 0)[0] = 0; */
- if (var_auto_8bit_enc_hdr
+ if (var_auto_8bit_enc_hdr
&& hdr_opts->type == HDR_CONTENT_TRANSFER_ENCODING) {
for (cmp = code_map; cmp->name != 0; cmp++) {
if (strcasecmp(hdrval, cmp->name) == 0) {
- if (strcmp(cmp->encoding, MAIL_ATTR_ENC_8BIT) == 0)
+ if (strcasecmp(cmp->encoding, MAIL_ATTR_ENC_8BIT) == 0)
nvtable_update(state->attr, MAIL_ATTR_ENCODING,
cmp->encoding);
break;
extern bool var_verify_neg_cache;
#define VAR_VERIFY_SENDER "address_verify_sender"
-#define DEF_VERIFY_SENDER "postmaster"
+#define DEF_VERIFY_SENDER "$" VAR_DOUBLE_BOUNCE
extern char *var_verify_sender;
#define VAR_VERIFY_POLL_COUNT "address_verify_poll_count"
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20070501"
+#define MAIL_RELEASE_DATE "20070511"
#define MAIL_VERSION_NUMBER "2.5"
#ifdef SNAPSHOT
*/
#define IFSET(flag, text) ((reply->flags & (flag)) ? (text) : "")
- if (event_time() < last_expire
+ if (time((time_t *) 0) < last_expire
&& *addr && strcmp(addr, STR(last_addr)) == 0
&& strcmp(class, STR(last_class)) == 0
&& strcmp(sender, STR(last_sender)) == 0) {
vstring_strcpy(last_reply.nexthop, STR(reply->nexthop));
vstring_strcpy(last_reply.recipient, STR(reply->recipient));
last_reply.flags = reply->flags;
- last_expire = event_time() + 30; /* XXX make configurable */
+ last_expire = time((time_t *) 0) + 30; /* XXX make configurable */
}
/* resolve_clnt_free - destroy reply */
/*
* Peek at the cache.
*/
- if (event_time() < last_expire
+ if (time((time_t *) 0) < last_expire
&& strcmp(addr, STR(last_addr)) == 0
&& strcmp(rule, STR(last_rule)) == 0) {
vstring_strcpy(result, STR(last_result));
vstring_strcpy(last_rule, rule);
vstring_strcpy(last_addr, addr);
vstring_strcpy(last_result, STR(result));
- last_expire = event_time() + 30; /* XXX make configurable */
+ last_expire = time((time_t *) 0) + 30; /* XXX make configurable */
return (result);
}
/* time in the queue exceeds the \fBmaximal_queue_lifetime\fR
/* or \fBbounce_queue_lifetime\fR setting. It becomes subject to
/* expiration after it is released from "hold".
+/* .sp
+/* This feature is available in Postfix 2.0 and later.
/* .IP "\fB-H \fIqueue_id\fR"
/* Release mail that was put "on hold".
/* Move one message with the named queue ID from the named
/* Specify "\fB-H ALL\fR" to release all mail that is "on hold".
/* As a safety measure, the word \fBALL\fR must be specified in upper
/* case.
+/* .sp
+/* This feature is available in Postfix 2.0 and later.
/* .IP \fB-p\fR
/* Purge old temporary files that are left over after system or
/* software crashes.
/* There is a very small possibility that \fBpostsuper\fR(1) requeues
/* the wrong message file when it is executed while the Postfix mail
/* system is running, but no harm should be done.
+/* .sp
+/* This feature is available in Postfix 1.1 and later.
/* .IP \fB-s\fR
/* Structure check and structure repair. This should be done once
/* before Postfix startup.
* This code detaches the trivial-rewrite process from the master, stops
* accepting new clients, and handles established clients in the background,
* asking them to reconnect the next time they send a request. The master
- * create a new process that accepts connections. This is reasonably safe
+ * creates a new process that accepts connections. This is reasonably safe
* because the number of trivial-rewrite server processes is small compared
* to the number of trivial-rewrite client processes. The few extra
* background processes should not make a difference in Postfix's footprint.
}
/*
- * Extend XSASL_CLIENT_IMPL object with our own state. We use long-lived
+ * Extend the XSASL_CLIENT object with our own state. We use long-lived
* conversion buffers rather than local variables to avoid memory leaks
* in case of read/write timeout or I/O error.
*
}
/*
- * Extend the XSASL_SERVER_IMPL object with our own data. We use
- * long-lived conversion buffers rather than local variables to avoid
- * memory leaks in case of read/write timeout or I/O error.
+ * Extend the XSASL_SERVER object with our own data. We use long-lived
+ * conversion buffers rather than local variables to avoid memory leaks
+ * in case of read/write timeout or I/O error.
*/
server = (XSASL_CYRUS_SERVER *) mymalloc(sizeof(*server));
server->xsasl.free = xsasl_cyrus_server_free;
#include <stringops.h>
#include <vstream.h>
#include <vstring_vstream.h>
+#include <name_mask.h>
/* Global library. */
*/
#define AUTH_TIMEOUT 10
+ /*
+ * Security property bitmasks.
+ */
+#define SEC_PROPS_NOPLAINTEXT (1 << 0)
+#define SEC_PROPS_NOACTIVE (1 << 1)
+#define SEC_PROPS_NODICTIONARY (1 << 2)
+#define SEC_PROPS_NOANONYMOUS (1 << 3)
+#define SEC_PROPS_FWD_SECRECY (1 << 4)
+#define SEC_PROPS_MUTUAL_AUTH (1 << 5)
+#define SEC_PROPS_PRIVATE (1 << 6)
+
+#define SEC_PROPS_POS_MASK (SEC_PROPS_MUTUAL_AUTH | SEC_PROPS_FWD_SECRECY)
+#define SEC_PROPS_NEG_MASK (SEC_PROPS_NOPLAINTEXT | SEC_PROPS_NOACTIVE | \
+ SEC_PROPS_NODICTIONARY | SEC_PROPS_NOANONYMOUS)
+
+ /*
+ * Security properties as specified in the Postfix main.cf file.
+ */
+static NAME_MASK xsasl_dovecot_conf_sec_props[] = {
+ "noplaintext", SEC_PROPS_NOPLAINTEXT,
+ "noactive", SEC_PROPS_NOACTIVE,
+ "nodictionary", SEC_PROPS_NODICTIONARY,
+ "noanonymous", SEC_PROPS_NOANONYMOUS,
+ "forward_secrecy", SEC_PROPS_FWD_SECRECY,
+ "mutual_auth", SEC_PROPS_MUTUAL_AUTH,
+ 0, 0,
+};
+
+ /*
+ * Security properties as specified in the Dovecot protocol. See
+ * http://wiki.dovecot.org/Authentication_Protocol.
+ */
+static NAME_MASK xsasl_dovecot_serv_sec_props[] = {
+ "plaintext", SEC_PROPS_NOPLAINTEXT,
+ "active", SEC_PROPS_NOACTIVE,
+ "dictionary", SEC_PROPS_NODICTIONARY,
+ "anonymous", SEC_PROPS_NOANONYMOUS,
+ "forward-secrecy", SEC_PROPS_FWD_SECRECY,
+ "mutual-auth", SEC_PROPS_MUTUAL_AUTH,
+ "private", SEC_PROPS_PRIVATE,
+ 0, 0,
+};
+
/*
* Class variables.
*/
+typedef struct XSASL_DCSRV_MECH {
+ char *mech_name; /* mechanism name */
+ int sec_props; /* mechanism properties */
+ struct XSASL_DCSRV_MECH *next;
+} XSASL_DCSRV_MECH;
+
typedef struct {
XSASL_SERVER_IMPL xsasl;
VSTREAM *sasl_stream;
char *socket_path;
- char *mechanism_list; /* applicable mechanisms */
+ XSASL_DCSRV_MECH *mechanism_list; /* unfiltered mechanism list */
unsigned int request_id_counter;
} XSASL_DOVECOT_SERVER_IMPL;
char *service;
char *username; /* authenticated user */
VSTRING *sasl_line;
+ unsigned int sec_props; /* Postfix mechanism filter */
+ char *mechanism_list; /* filtered mechanism list */
} XSASL_DOVECOT_SERVER;
/*
static const char *xsasl_dovecot_server_get_mechanism_list(XSASL_SERVER *);
static const char *xsasl_dovecot_server_get_username(XSASL_SERVER *);
+/* xsasl_dovecot_server_mech_append - append server mechanism entry */
+
+static void xsasl_dovecot_server_mech_append(XSASL_DCSRV_MECH **mech_list,
+ const char *mech_name, int sec_props)
+{
+ XSASL_DCSRV_MECH **mpp;
+ XSASL_DCSRV_MECH *mp;
+
+ for (mpp = mech_list; *mpp != 0; mpp = &mpp[0]->next)
+ /* void */ ;
+
+ mp = (XSASL_DCSRV_MECH *) mymalloc(sizeof(*mp));
+ mp->mech_name = mystrdup(mech_name);
+ mp->sec_props = sec_props;
+ mp->next = 0;
+ *mpp = mp;
+}
+
+/* xsasl_dovecot_server_mech_free - destroy server mechanism list */
+
+static void xsasl_dovecot_server_mech_free(XSASL_DCSRV_MECH *mech_list)
+{
+ XSASL_DCSRV_MECH *mp;
+ XSASL_DCSRV_MECH *next;
+
+ for (mp = mech_list; mp != 0; mp = next) {
+ myfree(mp->mech_name);
+ next = mp->next;
+ myfree((char *) mp);
+ }
+}
+
+/* xsasl_dovecot_server_mech_filter - filter server mechanism list */
+
+static char *xsasl_dovecot_server_mech_filter(XSASL_DCSRV_MECH *mechanism_list,
+ unsigned int conf_props)
+{
+ const char *myname = "xsasl_dovecot_server_mech_filter";
+ unsigned int pos_conf_props = (conf_props & SEC_PROPS_POS_MASK);
+ unsigned int neg_conf_props = (conf_props & SEC_PROPS_NEG_MASK);
+ VSTRING *mechanisms_str = vstring_alloc(10);
+ XSASL_DCSRV_MECH *mp;
+
+ /*
+ * Match Postfix properties against Dovecot server properties.
+ */
+ for (mp = mechanism_list; mp != 0; mp = mp->next) {
+ if ((mp->sec_props & pos_conf_props) == pos_conf_props
+ && (mp->sec_props & neg_conf_props) == 0) {
+ if (VSTRING_LEN(mechanisms_str) > 0)
+ VSTRING_ADDCH(mechanisms_str, ' ');
+ vstring_strcat(mechanisms_str, mp->mech_name);
+ if (msg_verbose)
+ msg_info("%s: keep mechanism: %s", myname, mp->mech_name);
+ } else {
+ if (msg_verbose)
+ msg_info("%s: skip mechanism: %s", myname, mp->mech_name);
+ }
+ }
+ return (vstring_export(mechanisms_str));
+}
+
/* xsasl_dovecot_server_connect - initial auth server handshake */
static int xsasl_dovecot_server_connect(XSASL_DOVECOT_SERVER_IMPL *xp)
{
const char *myname = "xsasl_dovecot_server_connect";
- VSTRING *line_str, *mechanisms_str;
+ VSTRING *line_str;
VSTREAM *sasl_stream;
char *line, *cmd, *mech_name;
unsigned int major_version, minor_version;
int fd, success;
+ int sec_props;
if (msg_verbose)
msg_info("%s: Connecting", myname);
}
success = 0;
line_str = vstring_alloc(256);
- mechanisms_str = vstring_alloc(128);
while (vstring_get_nonl(line_str, sasl_stream) != VSTREAM_EOF) {
line = vstring_str(line_str);
} else if (strcmp(cmd, "MECH") == 0 && line != NULL) {
mech_name = line;
line = split_at(line, '\t');
-
- if (VSTRING_LEN(mechanisms_str) > 0)
- VSTRING_ADDCH(mechanisms_str, ' ');
- vstring_strcat(mechanisms_str, mech_name);
+ if (line != 0) {
+ sec_props =
+ name_mask_delim_opt(myname,
+ xsasl_dovecot_serv_sec_props,
+ line, "\t", NAME_MASK_ANY_CASE);
+ if ((sec_props & SEC_PROPS_PRIVATE) != 0)
+ continue;
+ } else
+ sec_props = 0;
+ xsasl_dovecot_server_mech_append(&xp->mechanism_list, mech_name,
+ sec_props);
} else if (strcmp(cmd, "DONE") == 0) {
/* Handshake finished. */
success = 1;
if (!success) {
/* handshake failed */
- vstring_free(mechanisms_str);
(void) vstream_fclose(sasl_stream);
return (-1);
}
xp->sasl_stream = sasl_stream;
- xp->mechanism_list =
- translit(vstring_export(mechanisms_str), "\t", " ");
- if (msg_verbose)
- msg_info("%s: Mechanisms: %s", myname, xp->mechanism_list);
return (0);
}
xp->sasl_stream = 0;
}
if (xp->mechanism_list) {
- myfree(xp->mechanism_list);
+ xsasl_dovecot_server_mech_free(xp->mechanism_list);
xp->mechanism_list = 0;
}
}
VSTREAM *unused_stream,
const char *service,
const char *realm,
- const char *unused_sec_props)
+ const char *sec_props)
{
const char *myname = "xsasl_dovecot_server_create";
XSASL_DOVECOT_SERVER *server;
server->username = 0;
server->service = mystrdup(service);
server->last_request_id = 0;
+ server->mechanism_list = 0;
+ server->sec_props =
+ name_mask_opt(myname, xsasl_dovecot_conf_sec_props,
+ sec_props, NAME_MASK_ANY_CASE | NAME_MASK_FATAL);
return (&server->xsasl);
}
if (xsasl_dovecot_server_connect(server->impl) < 0)
return (0);
}
- return (server->impl->mechanism_list);
+ if (server->mechanism_list == 0)
+ server->mechanism_list =
+ xsasl_dovecot_server_mech_filter(server->impl->mechanism_list,
+ server->sec_props);
+ return (server->mechanism_list[0] ? server->mechanism_list : 0);
}
/* xsasl_dovecot_server_free - destroy server instance */
vstring_free(server->sasl_line);
if (server->username)
myfree(server->username);
+ if (server->mechanism_list)
+ myfree(server->mechanism_list);
myfree(server->service);
myfree((char *) server);
}
projects / thirdparty / postfix.git / commitdiff
