From: Wietse Venema Date: Fri, 19 Apr 2013 04:55:13 +0000 (-0400) Subject: postfix-2.11-20130418-nonprod X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=63da406a9609e9e8aa3cba4214dd4997229045f1;p=thirdparty%2Fpostfix.git postfix-2.11-20130418-nonprod --- diff --git a/postfix/HISTORY b/postfix/HISTORY index be2f38862..25e1cb268 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -18468,3 +18468,11 @@ Apologies for any names omitted. by IP addres for plaintext or SASL-unauthenticated connections. Files: smtp/smtp.h smtp/smtp_connect.c, smtp/smtp_reuse.c, smtp/smtp_key.c, smtp/smtp_tls_sess.s. + +20130418 + + Cleanup: configurable field delimiter and optional "not + available" field place holder for cache and table lookup + keys; automatic base64 encoding for key fields that contain + these. Files: smtp/smtp_key,c, smtp/smtp_reuse.c, + smtp/smtp_proto.c, smtp/smtp_tls_sess.c. diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index af6393d2e..f19472adf 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20130417" +#define MAIL_RELEASE_DATE "20130418" #define MAIL_VERSION_NUMBER "2.11" #ifdef SNAPSHOT diff --git a/postfix/src/smtp/smtp.h b/postfix/src/smtp/smtp.h index eefd717d5..24acadf46 100644 --- a/postfix/src/smtp/smtp.h +++ b/postfix/src/smtp/smtp.h @@ -422,6 +422,9 @@ extern HBC_CALL_BACKS smtp_hbc_callbacks[]; /* * Encapsulate the following so that we don't expose details of of * connection management and error handling to the SMTP protocol engine. + * + * XXX Update the policy to TLS_LEV_NONE, so that smtp_reuse_addr() can do the + * right thing. */ #define RETRY_AS_PLAINTEXT do { \ session->tls_retry_plain = 1; \ @@ -530,7 +533,7 @@ extern int smtp_map11_internal(VSTRING *, MAPS *, int); /* * smtp_key.c */ -char *smtp_key_prefix(VSTRING *, SMTP_ITERATOR *, int); +char *smtp_key_prefix(VSTRING *, const char *, SMTP_ITERATOR *, int); #define SMTP_KEY_FLAG_SERVICE (1<<0) /* service name */ #define SMTP_KEY_FLAG_SENDER (1<<1) /* sender address */ diff --git a/postfix/src/smtp/smtp_key.c b/postfix/src/smtp/smtp_key.c index c57eb9095..f92540428 100644 --- a/postfix/src/smtp/smtp_key.c +++ b/postfix/src/smtp/smtp_key.c @@ -6,8 +6,9 @@ /* SYNOPSIS /* #include "smtp.h" /* -/* char *smtp_key_prefix(buffer, iterator, context_flags) +/* char *smtp_key_prefix(buffer, delim_na, iterator, context_flags) /* VSTRING *buffer; +/* const char *delim_na; /* SMTP_ITERATOR *iterator; /* int context_flags; /* DESCRIPTION @@ -30,6 +31,14 @@ /* Arguments: /* .IP buffer /* Storage for the result. +/* .IP delim_na +/* The field delimiter character, and the optional place holder +/* character for a) information that is unavailable, b) +/* information that is inapplicable, or c) that would result +/* in an empty field. Key fields that contain "delim_na" +/* characters will be base64-encoded. +/* Do not specify "delim_na" characters that are part of the +/* base64 character set. /* .IP iterator /* Information that will be selected by the specified flags. /* .IP context_flags @@ -85,6 +94,7 @@ #include #include /* ntohs() for Solaris or BSD */ #include /* ntohs() for Linux or BSD */ +#include /* * Utility library. @@ -104,19 +114,60 @@ #include /* - * We use newline as the field terminator and "*" as the place holder for - * "not applicable" data. We encode user-controlled content that may contain - * our special characters and content that needs obfuscation. + * We use a configurable field terminator and optional place holder for data + * that is unavailable or inapplicable. We base64-encode content that + * contains these characters, and content that needs obfuscation. */ -#define SMTP_KEY_DUMMY_SASL_CRED "*\n*\n" -#define SMTP_KEY_APPEND_BASE64_DELIM(buf, str) do { \ - base64_encode_opt((buf), (str), strlen(str), BASE64_FLAG_APPEND); \ - vstring_strcat(buffer, "\n"); \ - } while (0) + +/* smtp_key_append_na - append place-holder key field */ + +static void smtp_key_append_na(VSTRING *buffer, const char *delim_na) +{ + if (delim_na[1] != 0) + VSTRING_ADDCH(buffer, delim_na[1]); + VSTRING_ADDCH(buffer, delim_na[0]); +} + +/* smtp_key_append_base64 - append base64-encoded key field */ + +static void smtp_key_append_base64(VSTRING *buffer, const char *str, + const char *delim_na) +{ + if (str == 0 || str[0] == 0) { + smtp_key_append_na(buffer, delim_na); + } else { + base64_encode_opt(buffer, str, strlen(str), BASE64_FLAG_APPEND); + VSTRING_ADDCH(buffer, delim_na[0]); + } +} + +/* smtp_key_append_str - append string-valued key field */ + +static void smtp_key_append_str(VSTRING *buffer, const char *str, + const char *delim_na) +{ + if (str == 0 || str[0] == 0) { + smtp_key_append_na(buffer, delim_na); + } else if (str[strcspn(str, delim_na)] != 0) { + base64_encode_opt(buffer, str, strlen(str), BASE64_FLAG_APPEND); + VSTRING_ADDCH(buffer, delim_na[0]); + } else { + vstring_sprintf_append(buffer, "%s%c", str, delim_na[0]); + } +} + +/* smtp_key_append_uint - append unsigned-valued key field */ + +static void smtp_key_append_uint(VSTRING *buffer, unsigned num, + const char *delim_na) +{ + vstring_sprintf_append(buffer, "%u%c", num, delim_na[0]); +} /* smtp_key_prefix - format common elements in lookup key */ -char *smtp_key_prefix(VSTRING *buffer, SMTP_ITERATOR *iter, int flags) +char *smtp_key_prefix(VSTRING *buffer, const char *delim_na, + SMTP_ITERATOR *iter, int flags) { const char myname[] = "smtp_key_prefix"; SMTP_STATE *state = iter->parent; /* private member */ @@ -126,7 +177,7 @@ char *smtp_key_prefix(VSTRING *buffer, SMTP_ITERATOR *iter, int flags) * Sanity checks. */ if (state == 0) - msg_panic("%s: no parent state :-)", myname); + msg_panic("%s: no parent state", myname); if (flags & ~SMTP_KEY_MASK_ALL) msg_panic("%s: unknown key flags 0x%x", myname, flags & ~SMTP_KEY_MASK_ALL); @@ -142,47 +193,56 @@ char *smtp_key_prefix(VSTRING *buffer, SMTP_ITERATOR *iter, int flags) * Per-service and per-request context. */ if (flags & SMTP_KEY_FLAG_SERVICE) - vstring_sprintf_append(buffer, "%s\n", state->service); - if (flags & SMTP_KEY_FLAG_SENDER) - vstring_sprintf_append(buffer, "%s\n", - var_smtp_sender_auth - && *var_smtp_sasl_passwd ? - state->request->sender : "*"); + smtp_key_append_str(buffer, state->service, delim_na); +#ifdef USE_SASL_AUTH + if (flags & SMTP_KEY_FLAG_SENDER) { + if (var_smtp_sender_auth && *var_smtp_sasl_passwd) { + smtp_key_append_str(buffer, state->request->sender, delim_na); + } else { + smtp_key_append_na(buffer, delim_na); /* sender n/a */ + } + } +#endif /* * Per-destination context, non-canonicalized form. */ if (flags & SMTP_KEY_FLAG_REQ_NEXTHOP) - vstring_sprintf_append(buffer, "%s\n", STR(iter->request_nexthop)); + smtp_key_append_str(buffer, STR(iter->request_nexthop), delim_na); if (flags & SMTP_KEY_FLAG_NEXTHOP) - vstring_sprintf_append(buffer, "%s\n", STR(iter->dest)); + smtp_key_append_str(buffer, STR(iter->dest), delim_na); /* * Per-host context, canonicalized form. */ if (flags & SMTP_KEY_FLAG_HOSTNAME) - vstring_sprintf_append(buffer, "%s\n", STR(iter->host)); + smtp_key_append_str(buffer, STR(iter->host), delim_na); if (flags & SMTP_KEY_FLAG_ADDR) - vstring_sprintf_append(buffer, "%s\n", STR(iter->addr)); + smtp_key_append_str(buffer, STR(iter->addr), delim_na); if (flags & SMTP_KEY_FLAG_PORT) - vstring_sprintf_append(buffer, "%u\n", ntohs(iter->port)); + smtp_key_append_uint(buffer, ntohs(iter->port), delim_na); /* * Security attributes. */ #ifdef USE_SASL_AUTH - if (flags & SMTP_KEY_FLAG_NOSASL) - vstring_strcat(buffer, SMTP_KEY_DUMMY_SASL_CRED); + if (flags & SMTP_KEY_FLAG_NOSASL) { + smtp_key_append_na(buffer, delim_na); /* username n/a */ + smtp_key_append_na(buffer, delim_na); /* password n/a */ + } if (flags & SMTP_KEY_FLAG_SASL) { if ((session = state->session) == 0 || session->sasl_username == 0) { - vstring_strcat(buffer, SMTP_KEY_DUMMY_SASL_CRED); + smtp_key_append_na(buffer, delim_na); /* username n/a */ + smtp_key_append_na(buffer, delim_na); /* password n/a */ } else { - SMTP_KEY_APPEND_BASE64_DELIM(buffer, session->sasl_username); - SMTP_KEY_APPEND_BASE64_DELIM(buffer, session->sasl_passwd); + smtp_key_append_base64(buffer, session->sasl_username, delim_na); + smtp_key_append_base64(buffer, session->sasl_passwd, delim_na); } } #endif /* Similarly, provide unique TLS fingerprint when applicable. */ + VSTRING_TERMINATE(buffer); + return STR(buffer); } diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c index 4059e4919..2f02116c0 100644 --- a/postfix/src/smtp/smtp_proto.c +++ b/postfix/src/smtp/smtp_proto.c @@ -776,7 +776,7 @@ static int smtp_start_tls(SMTP_STATE *state) * SSL session lookup key lengths. */ serverid = vstring_alloc(10); - smtp_key_prefix(serverid, state->iterator, SMTP_KEY_FLAG_SERVICE + smtp_key_prefix(serverid, ":", state->iterator, SMTP_KEY_FLAG_SERVICE | SMTP_KEY_FLAG_ADDR | SMTP_KEY_FLAG_PORT); diff --git a/postfix/src/smtp/smtp_reuse.c b/postfix/src/smtp/smtp_reuse.c index b32968562..7e0dbf684 100644 --- a/postfix/src/smtp/smtp_reuse.c +++ b/postfix/src/smtp/smtp_reuse.c @@ -98,6 +98,12 @@ #include #include + /* + * Key field delimiter and place holder for unavailable/inapplicable + * information. + */ +#define SMTP_REUSE_KEY_DELIM_NA "\n*" + /* smtp_save_session - save session under next-hop name and server address */ void smtp_save_session(SMTP_STATE *state, int name_key_flags, @@ -111,13 +117,15 @@ void smtp_save_session(SMTP_STATE *state, int name_key_flags, * that is also used for cache lookup queries. */ if (HAVE_NEXTHOP_STATE(state)) - smtp_key_prefix(state->dest_label, state->iterator, name_key_flags); + smtp_key_prefix(state->dest_label, SMTP_REUSE_KEY_DELIM_NA, + state->iterator, name_key_flags); /* * Encode the physical endpoint name. Reuse storage that is also used for * cache lookup queries. */ - smtp_key_prefix(state->endp_label, state->iterator, endp_key_flags); + smtp_key_prefix(state->endp_label, SMTP_REUSE_KEY_DELIM_NA, + state->iterator, endp_key_flags); /* * Passivate the SMTP_SESSION object, destroying the object in the @@ -225,7 +233,8 @@ SMTP_SESSION *smtp_reuse_nexthop(SMTP_STATE *state, int name_key_flags) /* * Look up the session by its logical name. */ - smtp_key_prefix(state->dest_label, state->iterator, name_key_flags); + smtp_key_prefix(state->dest_label, SMTP_REUSE_KEY_DELIM_NA, + state->iterator, name_key_flags); if ((fd = scache_find_dest(smtp_scache, STR(state->dest_label), state->dest_prop, state->endp_prop)) < 0) return (0); @@ -281,7 +290,8 @@ SMTP_SESSION *smtp_reuse_addr(SMTP_STATE *state, int endp_key_flags) * Look up the session by its IP address. This means that we have no * destination-to-address binding properties. */ - smtp_key_prefix(state->endp_label, state->iterator, endp_key_flags); + smtp_key_prefix(state->endp_label, SMTP_REUSE_KEY_DELIM_NA, + state->iterator, endp_key_flags); if ((fd = scache_find_endp(smtp_scache, STR(state->endp_label), state->endp_prop)) < 0) return (0); diff --git a/postfix/src/smtp/smtp_tls_sess.c b/postfix/src/smtp/smtp_tls_sess.c index a3a62926c..ac80d27d8 100644 --- a/postfix/src/smtp/smtp_tls_sess.c +++ b/postfix/src/smtp/smtp_tls_sess.c @@ -650,7 +650,7 @@ SMTP_TLS_POLICY *smtp_tls_policy(DSN_BUF *why, SMTP_ITERATOR *iter, int valid) if (iter != 0) { key = vstring_alloc(100); - smtp_key_prefix(key, iter, SMTP_KEY_FLAG_NEXTHOP + smtp_key_prefix(key, ":", iter, SMTP_KEY_FLAG_NEXTHOP | SMTP_KEY_FLAG_HOSTNAME | SMTP_KEY_FLAG_PORT); vstring_sprintf_append(key, "%d", !!valid);