Cross Reference: /freebsd-10.0-release/contrib/sendmail/src/srvrsmtp.c

Deleted Added

sdiff udiff text old ( 98841 ) new ( 102528 )

full compact

srvrsmtp.c (98841)	srvrsmtp.c (102528)
1/* 2 * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 / 13 14#include <sendmail.h> 15#if MILTER 16# include <libmilter/mfdef.h> 17#endif / MILTER */ 18	1/* 2 * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 / 13 14#include <sendmail.h> 15#if MILTER 16# include <libmilter/mfdef.h> 17#endif / MILTER */ 18
19SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829 2002/06/17 21:54:57 gshapiro Exp $")	19SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829.2.4 2002/08/16 14:56:01 ca Exp $")
20 21#if SASL \|\| STARTTLS 22# include <sys/time.h> 23# include "sfsasl.h" 24#endif /* SASL \|\| STARTTLS / 25#if SASL 26# define ENC64LEN(l) (((l) + 2) 4 / 3 + 1) 27static int saslmechs __P((sasl_conn_t , char )); --- 349 unchanged lines hidden* (view full) --- 377 volatile bool sasl_ok; 378 volatile unsigned int n_auth = 0; /* count of AUTH commands / 379* bool ismore; 380 int result; 381 volatile int authenticating; 382 char user; 383* char in, out2; 384# if SASL >= 20000	20 21#if SASL \|\| STARTTLS 22# include <sys/time.h> 23# include "sfsasl.h" 24#endif /* SASL \|\| STARTTLS / 25#if SASL 26# define ENC64LEN(l) (((l) + 2) 4 / 3 + 1) 27static int saslmechs __P((sasl_conn_t , char )); --- 349 unchanged lines hidden* (view full) --- 377 volatile bool sasl_ok; 378 volatile unsigned int n_auth = 0; /* count of AUTH commands / 379* bool ismore; 380 int result; 381 volatile int authenticating; 382 char user; 383* char in, out2; 384# if SASL >= 20000
385 char *auth_id;	385 char *auth_id;
386 const char *out;	386 const char *out;
387 sasl_ssf_t ext_ssf;	387 sasl_ssf_t ext_ssf;
388# else /* SASL >= 20000 / 389* char out; 390* const char errstr; 391* sasl_external_properties_t ext_ssf; 392# endif /* SASL >= 20000 / 393* sasl_security_properties_t ssp; 394 sasl_ssf_t ssf; 395* unsigned int inlen, out2len; --- 253 unchanged lines hidden (view full) --- 649 / 650* 651# if SASL >= 20000 652 ext_ssf = 0; 653 auth_id = NULL; 654 sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, 655 &ext_ssf) == SASL_OK) && 656 (sasl_setprop(conn, SASL_AUTH_EXTERNAL,	388# else /* SASL >= 20000 / 389* char out; 390* const char errstr; 391* sasl_external_properties_t ext_ssf; 392# endif /* SASL >= 20000 / 393* sasl_security_properties_t ssp; 394 sasl_ssf_t ssf; 395* unsigned int inlen, out2len; --- 253 unchanged lines hidden (view full) --- 649 / 650* 651# if SASL >= 20000 652 ext_ssf = 0; 653 auth_id = NULL; 654 sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, 655 &ext_ssf) == SASL_OK) && 656 (sasl_setprop(conn, SASL_AUTH_EXTERNAL,
657 auth_id) == SASL_OK));	657 auth_id) == SASL_OK));
658# else /* SASL >= 20000 / 659* ext_ssf.ssf = 0; 660 ext_ssf.auth_id = NULL; 661 sasl_ok = sasl_setprop(conn, SASL_SSF_EXTERNAL, 662 &ext_ssf) == SASL_OK; 663# endif /* SASL >= 20000 / 664* } 665 if (sasl_ok) --- 625 unchanged lines hidden (view full) --- 1291 break; 1292 } 1293 1294 if (ismore) 1295 { 1296 /* could this be shorter? XXX / 1297# if SASL >= 20000 1298* in = xalloc(strlen(q) + 1);	658# else /* SASL >= 20000 / 659* ext_ssf.ssf = 0; 660 ext_ssf.auth_id = NULL; 661 sasl_ok = sasl_setprop(conn, SASL_SSF_EXTERNAL, 662 &ext_ssf) == SASL_OK; 663# endif /* SASL >= 20000 / 664* } 665 if (sasl_ok) --- 625 unchanged lines hidden (view full) --- 1291 break; 1292 } 1293 1294 if (ismore) 1295 { 1296 /* could this be shorter? XXX / 1297# if SASL >= 20000 1298* in = xalloc(strlen(q) + 1);
1299 result = sasl_decode64(q, strlen(q), in,	1299 result = sasl_decode64(q, strlen(q), in,
1300 strlen(q), &inlen); 1301# else /* SASL >= 20000 / 1302* in = sm_rpool_malloc(e->e_rpool, strlen(q)); 1303 result = sasl_decode64(q, strlen(q), in, 1304 &inlen); 1305# endif /* SASL >= 20000 / 1306* if (result != SASL_OK) 1307 { --- 16 unchanged lines hidden (view full) --- 1324 else 1325 { 1326 in = NULL; 1327 inlen = 0; 1328 } 1329 1330 /* see if that auth type exists / 1331*# if SASL >= 20000	1300 strlen(q), &inlen); 1301# else /* SASL >= 20000 / 1302* in = sm_rpool_malloc(e->e_rpool, strlen(q)); 1303 result = sasl_decode64(q, strlen(q), in, 1304 &inlen); 1305# endif /* SASL >= 20000 / 1306* if (result != SASL_OK) 1307 { --- 16 unchanged lines hidden (view full) --- 1324 else 1325 { 1326 in = NULL; 1327 inlen = 0; 1328 } 1329 1330 /* see if that auth type exists / 1331*# if SASL >= 20000
1332 result = sasl_server_start(conn, p, in, inlen,	1332 result = sasl_server_start(conn, p, in, inlen,
1333 &out, &outlen); 1334 if (in != NULL) 1335 sm_free(in); 1336# else /* SASL >= 20000 / 1337* result = sasl_server_start(conn, p, in, inlen, 1338 &out, &outlen, &errstr); 1339# endif /* SASL >= 20000 / 1340* --- 251 unchanged lines hidden (view full) --- 1592 / 1593* 1594 saveQuickAbort = QuickAbort; 1595 saveSuprErrs = SuprErrs; 1596 SuprErrs = true; 1597 QuickAbort = false; 1598 if (rscheck("tls_client", 1599 macvalue(macid("{verify}"), e),	1333 &out, &outlen); 1334 if (in != NULL) 1335 sm_free(in); 1336# else /* SASL >= 20000 / 1337* result = sasl_server_start(conn, p, in, inlen, 1338 &out, &outlen, &errstr); 1339# endif /* SASL >= 20000 / 1340* --- 251 unchanged lines hidden (view full) --- 1592 / 1593* 1594 saveQuickAbort = QuickAbort; 1595 saveSuprErrs = SuprErrs; 1596 SuprErrs = true; 1597 QuickAbort = false; 1598 if (rscheck("tls_client", 1599 macvalue(macid("{verify}"), e),
1600 "STARTTLS", e, true, true, 5, 1601 NULL, NOQID) != EX_OK \|\|	1600 "STARTTLS", e, 1601 RSF_RMCOMM\|RSF_COUNT, 1602 5, NULL, NOQID) != EX_OK \|\|
1602 Errors > 0) 1603 { 1604 extern char MsgBuf[]; 1605 1606 if (MsgBuf[0] != '\0' && ISSMTPREPLY(MsgBuf)) 1607 nullserver = newstr(MsgBuf); 1608 else 1609 nullserver = "503 5.7.0 Authentication required."; --- 6 unchanged lines hidden (view full) --- 1616# if SASL 1617 if (sasl_ok) 1618 { 1619 char s; 1620* 1621 s = macvalue(macid("{cipher_bits}"), e); 1622# if SASL >= 20000 1623 if (s != NULL && (ext_ssf = atoi(s)) > 0)	1603 Errors > 0) 1604 { 1605 extern char MsgBuf[]; 1606 1607 if (MsgBuf[0] != '\0' && ISSMTPREPLY(MsgBuf)) 1608 nullserver = newstr(MsgBuf); 1609 else 1610 nullserver = "503 5.7.0 Authentication required."; --- 6 unchanged lines hidden (view full) --- 1617# if SASL 1618 if (sasl_ok) 1619 { 1620 char s; 1621* 1622 s = macvalue(macid("{cipher_bits}"), e); 1623# if SASL >= 20000 1624 if (s != NULL && (ext_ssf = atoi(s)) > 0)
1624 {	1625 {
1625 auth_id = macvalue(macid("{cert_subject}"),	1626 auth_id = macvalue(macid("{cert_subject}"),
1626 e);	1627 e);
1627 sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, 1628 &ext_ssf) == SASL_OK) && 1629 (sasl_setprop(conn, SASL_AUTH_EXTERNAL, 1630 auth_id) == SASL_OK)); 1631# else /* SASL >= 20000 / 1632* if (s != NULL && (ext_ssf.ssf = atoi(s)) > 0) 1633 { 1634 ext_ssf.auth_id = macvalue(macid("{cert_subject}"), --- 493 unchanged lines hidden (view full) --- 2128 macdefine(&e->e_macro, A_PERM, 2129 macid("{addr_type}"), "e s"); 2130#if _FFR_MAIL_MACRO 2131 /* make the "real" sender address available / 2132* macdefine(&e->e_macro, A_TEMP, macid("{mail_from}"), 2133 e->e_from.q_paddr); 2134#endif /* _FFR_MAIL_MACRO / 2135* if (rscheck("check_mail", addr,	1628 sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, 1629 &ext_ssf) == SASL_OK) && 1630 (sasl_setprop(conn, SASL_AUTH_EXTERNAL, 1631 auth_id) == SASL_OK)); 1632# else /* SASL >= 20000 / 1633* if (s != NULL && (ext_ssf.ssf = atoi(s)) > 0) 1634 { 1635 ext_ssf.auth_id = macvalue(macid("{cert_subject}"), --- 493 unchanged lines hidden (view full) --- 2129 macdefine(&e->e_macro, A_PERM, 2130 macid("{addr_type}"), "e s"); 2131#if _FFR_MAIL_MACRO 2132 /* make the "real" sender address available / 2133* macdefine(&e->e_macro, A_TEMP, macid("{mail_from}"), 2134 e->e_from.q_paddr); 2135#endif /* _FFR_MAIL_MACRO / 2136* if (rscheck("check_mail", addr,
2136 NULL, e, true, true, 3, NULL, 2137 e->e_id) != EX_OK \|\|	2137 NULL, e, RSF_RMCOMM\|RSF_COUNT, 3, 2138 NULL, e->e_id) != EX_OK \|\|
2138 Errors > 0) 2139 sm_exc_raisenew_x(&EtypeQuickAbort, 1); 2140 macdefine(&e->e_macro, A_PERM, 2141 macid("{addr_type}"), NULL); 2142 2143 if (MaxMessageSize > 0 && 2144 (e->e_msgsize > MaxMessageSize \|\| 2145 e->e_msgsize < 0)) --- 222 unchanged lines hidden (view full) --- 2368 args[argno] = NULL; 2369 if (Errors > 0) 2370 goto rcpt_done; 2371 2372 /* do config file checking of the recipient / 2373* macdefine(&e->e_macro, A_PERM, 2374 macid("{addr_type}"), "e r"); 2375 if (rscheck("check_rcpt", addr,	2139 Errors > 0) 2140 sm_exc_raisenew_x(&EtypeQuickAbort, 1); 2141 macdefine(&e->e_macro, A_PERM, 2142 macid("{addr_type}"), NULL); 2143 2144 if (MaxMessageSize > 0 && 2145 (e->e_msgsize > MaxMessageSize \|\| 2146 e->e_msgsize < 0)) --- 222 unchanged lines hidden (view full) --- 2369 args[argno] = NULL; 2370 if (Errors > 0) 2371 goto rcpt_done; 2372 2373 /* do config file checking of the recipient / 2374* macdefine(&e->e_macro, A_PERM, 2375 macid("{addr_type}"), "e r"); 2376 if (rscheck("check_rcpt", addr,
2376 NULL, e, true, true, 3, NULL, 2377 e->e_id) != EX_OK \|\|	2377 NULL, e, RSF_RMCOMM\|RSF_COUNT, 3, 2378 NULL, e->e_id) != EX_OK \|\|
2378 Errors > 0) 2379 goto rcpt_done; 2380 macdefine(&e->e_macro, A_PERM, 2381 macid("{addr_type}"), NULL); 2382	2379 Errors > 0) 2380 goto rcpt_done; 2381 macdefine(&e->e_macro, A_PERM, 2382 macid("{addr_type}"), NULL); 2383
	2384 /* If discarding, don't bother to verify user / 2385* if (bitset(EF_DISCARD, e->e_flags)) 2386 a->q_state = QS_VERIFIED; 2387
2383#if MILTER 2384 if (smtp.sm_milterlist && smtp.sm_milterize && 2385 !bitset(EF_DISCARD, e->e_flags)) 2386 { 2387 char state; 2388 char response; 2389* 2390 response = milter_envrcpt(args, e, &state); --- 132 unchanged lines hidden (view full) --- 2523 if (p == '\0') 2524* { 2525 usrerr("501 5.5.2 Argument required"); 2526 } 2527 else 2528 { 2529 /* do config file checking of the address / 2530* if (rscheck(vrfy ? "check_vrfy" : "check_expn",	2388#if MILTER 2389 if (smtp.sm_milterlist && smtp.sm_milterize && 2390 !bitset(EF_DISCARD, e->e_flags)) 2391 { 2392 char state; 2393 char response; 2394* 2395 response = milter_envrcpt(args, e, &state); --- 132 unchanged lines hidden (view full) --- 2528 if (p == '\0') 2529* { 2530 usrerr("501 5.5.2 Argument required"); 2531 } 2532 else 2533 { 2534 /* do config file checking of the address / 2535* if (rscheck(vrfy ? "check_vrfy" : "check_expn",
2531 p, NULL, e, true, false, 3, NULL, 2532 NOQID) != EX_OK \|\|	2536 p, NULL, e, RSF_RMCOMM, 2537 3, NULL, NOQID) != EX_OK \|\|
2533 Errors > 0) 2534 sm_exc_raisenew_x(&EtypeQuickAbort, 1); 2535 (void) sendtolist(p, NULLADDR, &vrfyqueue, 0, e); 2536 } 2537 if (wt > 0) 2538 { 2539 time_t t; 2540 --- 78 unchanged lines hidden (view full) --- 2619 ** Even though we have srv_features now, we still 2620 ** need this ruleset because the former is called 2621 ** when the connection has been established, while 2622 ** this ruleset is called when the command is 2623 ** actually issued and therefore has all information 2624 ** available to make a decision. 2625 / 2626*	2538 Errors > 0) 2539 sm_exc_raisenew_x(&EtypeQuickAbort, 1); 2540 (void) sendtolist(p, NULLADDR, &vrfyqueue, 0, e); 2541 } 2542 if (wt > 0) 2543 { 2544 time_t t; 2545 --- 78 unchanged lines hidden (view full) --- 2624 ** Even though we have srv_features now, we still 2625 ** need this ruleset because the former is called 2626 ** when the connection has been established, while 2627 ** this ruleset is called when the command is 2628 ** actually issued and therefore has all information 2629 ** available to make a decision. 2630 / 2631*
2627 if (rscheck("check_etrn", p, NULL, e, true, false, 3, 2628 NULL, NOQID) != EX_OK \|\| Errors > 0)	2632 if (rscheck("check_etrn", p, NULL, e, 2633 RSF_RMCOMM, 3, NULL, NOQID) != EX_OK \|\| 2634 Errors > 0)
2629 break; 2630 2631 if (LogLevel > 5) 2632 sm_syslog(LOG_INFO, e->e_id, 2633 "%.100s: ETRN %s", CurSmtpClient, 2634 shortenstring(p, MAXSHORTSTR)); 2635 2636 id = p; --- 241 unchanged lines hidden (view full) --- 2878 } 2879 else if (smtp->sm_nrcpts <= 0) 2880 { 2881 usrerr("503 5.0.0 Need RCPT (recipient)"); 2882 return; 2883 } 2884 (void) sm_snprintf(buf, sizeof buf, "%u", smtp->sm_nrcpts); 2885 if (rscheck("check_data", buf, NULL, e,	2635 break; 2636 2637 if (LogLevel > 5) 2638 sm_syslog(LOG_INFO, e->e_id, 2639 "%.100s: ETRN %s", CurSmtpClient, 2640 shortenstring(p, MAXSHORTSTR)); 2641 2642 id = p; --- 241 unchanged lines hidden (view full) --- 2884 } 2885 else if (smtp->sm_nrcpts <= 0) 2886 { 2887 usrerr("503 5.0.0 Need RCPT (recipient)"); 2888 return; 2889 } 2890 (void) sm_snprintf(buf, sizeof buf, "%u", smtp->sm_nrcpts); 2891 if (rscheck("check_data", buf, NULL, e,
2886 true, false, 3, NULL, e->e_id) != EX_OK)	2892 RSF_RMCOMM\|RSF_UNSTRUCTURED\|RSF_COUNT, 3, NULL, 2893 e->e_id) != EX_OK)
2887 return; 2888 2889 /* put back discard bit / 2890* if (smtp->sm_discard) 2891 e->e_flags \|= EF_DISCARD; 2892 2893 /* check to see if we need to re-expand aliases / 2894* /* also reset QS_BADADDR on already-diagnosted addrs / --- 26 unchanged lines hidden* (view full) --- 2921 collect(InChannel, true, NULL, e); 2922 2923 /* redefine message size / 2924* (void) sm_snprintf(buf, sizeof buf, "%ld", e->e_msgsize); 2925 macdefine(&e->e_macro, A_TEMP, macid("{msg_size}"), buf); 2926 2927#if _FFR_CHECK_EOM 2928 /* rscheck() will set Errors or EF_DISCARD if it trips */	2894 return; 2895 2896 /* put back discard bit / 2897* if (smtp->sm_discard) 2898 e->e_flags \|= EF_DISCARD; 2899 2900 /* check to see if we need to re-expand aliases / 2901* /* also reset QS_BADADDR on already-diagnosted addrs / --- 26 unchanged lines hidden* (view full) --- 2928 collect(InChannel, true, NULL, e); 2929 2930 /* redefine message size / 2931* (void) sm_snprintf(buf, sizeof buf, "%ld", e->e_msgsize); 2932 macdefine(&e->e_macro, A_TEMP, macid("{msg_size}"), buf); 2933 2934#if _FFR_CHECK_EOM 2935 /* rscheck() will set Errors or EF_DISCARD if it trips */
2929 (void) rscheck("check_eom", buf, NULL, e, false, 2930 true, 3, NULL, e->e_id);	2936 (void) rscheck("check_eom", buf, NULL, e, RSF_UNSTRUCTURED\|RSF_COUNT, 2937 3, NULL, e->e_id);
2931#endif /* _FFR_CHECK_EOM / 2932* 2933#if MILTER 2934 milteraccept = true; 2935 if (smtp->sm_milterlist && smtp->sm_milterize && 2936 Errors <= 0 && 2937 !bitset(EF_DISCARD, e->e_flags)) 2938 { --- 649 unchanged lines hidden (view full) --- 3588 ** auth_param is acceptable (trusted) 3589 ** we shouldn't trust it if not authenticated 3590 ** (required by RFC, leave it to ruleset?) 3591 / 3592* 3593 SuprErrs = true; 3594 QuickAbort = false; 3595 if (strcmp(auth_param, "<>") != 0 &&	2938#endif /* _FFR_CHECK_EOM / 2939* 2940#if MILTER 2941 milteraccept = true; 2942 if (smtp->sm_milterlist && smtp->sm_milterize && 2943 Errors <= 0 && 2944 !bitset(EF_DISCARD, e->e_flags)) 2945 { --- 649 unchanged lines hidden (view full) --- 3595 ** auth_param is acceptable (trusted) 3596 ** we shouldn't trust it if not authenticated 3597 ** (required by RFC, leave it to ruleset?) 3598 / 3599* 3600 SuprErrs = true; 3601 QuickAbort = false; 3602 if (strcmp(auth_param, "<>") != 0 &&
3596 (rscheck("trust_auth", pbuf, NULL, e, true, false, 9, 3597 NULL, NOQID) != EX_OK \|\| Errors > 0))	3603 (rscheck("trust_auth", pbuf, NULL, e, RSF_RMCOMM, 3604 9, NULL, NOQID) != EX_OK \|\| Errors > 0))
3598 { 3599 if (tTd(95, 8)) 3600 { 3601 q = e->e_auth_param; 3602 sm_dprintf("auth=\"%.100s\" not trusted user=\"%.100s\"\n", 3603 pbuf, (q == NULL) ? "" : q); 3604 } 3605 --- 626 unchanged lines hidden ---	3605 { 3606 if (tTd(95, 8)) 3607 { 3608 q = e->e_auth_param; 3609 sm_dprintf("auth=\"%.100s\" not trusted user=\"%.100s\"\n", 3610 pbuf, (q == NULL) ? "" : q); 3611 } 3612 --- 626 unchanged lines hidden ---

srvrsmtp.c (98841)	srvrsmtp.c (102528)
1/* 2 * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 / 13 14#include <sendmail.h> 15#if MILTER 16# include <libmilter/mfdef.h> 17#endif / MILTER */ 18	1/* 2 * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 / 13 14#include <sendmail.h> 15#if MILTER 16# include <libmilter/mfdef.h> 17#endif / MILTER */ 18
19SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829 2002/06/17 21:54:57 gshapiro Exp $")	19SM_RCSID("@(#)$Id: srvrsmtp.c,v 8.829.2.4 2002/08/16 14:56:01 ca Exp $")
20 21#if SASL \|\| STARTTLS 22# include <sys/time.h> 23# include "sfsasl.h" 24#endif /* SASL \|\| STARTTLS / 25#if SASL 26# define ENC64LEN(l) (((l) + 2) 4 / 3 + 1) 27static int saslmechs __P((sasl_conn_t , char )); --- 349 unchanged lines hidden* (view full) --- 377 volatile bool sasl_ok; 378 volatile unsigned int n_auth = 0; /* count of AUTH commands / 379* bool ismore; 380 int result; 381 volatile int authenticating; 382 char user; 383* char in, out2; 384# if SASL >= 20000	20 21#if SASL \|\| STARTTLS 22# include <sys/time.h> 23# include "sfsasl.h" 24#endif /* SASL \|\| STARTTLS / 25#if SASL 26# define ENC64LEN(l) (((l) + 2) 4 / 3 + 1) 27static int saslmechs __P((sasl_conn_t , char )); --- 349 unchanged lines hidden* (view full) --- 377 volatile bool sasl_ok; 378 volatile unsigned int n_auth = 0; /* count of AUTH commands / 379* bool ismore; 380 int result; 381 volatile int authenticating; 382 char user; 383* char in, out2; 384# if SASL >= 20000
385 char *auth_id;	385 char *auth_id;
386 const char *out;	386 const char *out;
387 sasl_ssf_t ext_ssf;	387 sasl_ssf_t ext_ssf;
388# else /* SASL >= 20000 / 389* char out; 390* const char errstr; 391* sasl_external_properties_t ext_ssf; 392# endif /* SASL >= 20000 / 393* sasl_security_properties_t ssp; 394 sasl_ssf_t ssf; 395* unsigned int inlen, out2len; --- 253 unchanged lines hidden (view full) --- 649 / 650* 651# if SASL >= 20000 652 ext_ssf = 0; 653 auth_id = NULL; 654 sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, 655 &ext_ssf) == SASL_OK) && 656 (sasl_setprop(conn, SASL_AUTH_EXTERNAL,	388# else /* SASL >= 20000 / 389* char out; 390* const char errstr; 391* sasl_external_properties_t ext_ssf; 392# endif /* SASL >= 20000 / 393* sasl_security_properties_t ssp; 394 sasl_ssf_t ssf; 395* unsigned int inlen, out2len; --- 253 unchanged lines hidden (view full) --- 649 / 650* 651# if SASL >= 20000 652 ext_ssf = 0; 653 auth_id = NULL; 654 sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, 655 &ext_ssf) == SASL_OK) && 656 (sasl_setprop(conn, SASL_AUTH_EXTERNAL,
657 auth_id) == SASL_OK));	657 auth_id) == SASL_OK));
658# else /* SASL >= 20000 / 659* ext_ssf.ssf = 0; 660 ext_ssf.auth_id = NULL; 661 sasl_ok = sasl_setprop(conn, SASL_SSF_EXTERNAL, 662 &ext_ssf) == SASL_OK; 663# endif /* SASL >= 20000 / 664* } 665 if (sasl_ok) --- 625 unchanged lines hidden (view full) --- 1291 break; 1292 } 1293 1294 if (ismore) 1295 { 1296 /* could this be shorter? XXX / 1297# if SASL >= 20000 1298* in = xalloc(strlen(q) + 1);	658# else /* SASL >= 20000 / 659* ext_ssf.ssf = 0; 660 ext_ssf.auth_id = NULL; 661 sasl_ok = sasl_setprop(conn, SASL_SSF_EXTERNAL, 662 &ext_ssf) == SASL_OK; 663# endif /* SASL >= 20000 / 664* } 665 if (sasl_ok) --- 625 unchanged lines hidden (view full) --- 1291 break; 1292 } 1293 1294 if (ismore) 1295 { 1296 /* could this be shorter? XXX / 1297# if SASL >= 20000 1298* in = xalloc(strlen(q) + 1);
1299 result = sasl_decode64(q, strlen(q), in,	1299 result = sasl_decode64(q, strlen(q), in,
1300 strlen(q), &inlen); 1301# else /* SASL >= 20000 / 1302* in = sm_rpool_malloc(e->e_rpool, strlen(q)); 1303 result = sasl_decode64(q, strlen(q), in, 1304 &inlen); 1305# endif /* SASL >= 20000 / 1306* if (result != SASL_OK) 1307 { --- 16 unchanged lines hidden (view full) --- 1324 else 1325 { 1326 in = NULL; 1327 inlen = 0; 1328 } 1329 1330 /* see if that auth type exists / 1331*# if SASL >= 20000	1300 strlen(q), &inlen); 1301# else /* SASL >= 20000 / 1302* in = sm_rpool_malloc(e->e_rpool, strlen(q)); 1303 result = sasl_decode64(q, strlen(q), in, 1304 &inlen); 1305# endif /* SASL >= 20000 / 1306* if (result != SASL_OK) 1307 { --- 16 unchanged lines hidden (view full) --- 1324 else 1325 { 1326 in = NULL; 1327 inlen = 0; 1328 } 1329 1330 /* see if that auth type exists / 1331*# if SASL >= 20000
1332 result = sasl_server_start(conn, p, in, inlen,	1332 result = sasl_server_start(conn, p, in, inlen,
1333 &out, &outlen); 1334 if (in != NULL) 1335 sm_free(in); 1336# else /* SASL >= 20000 / 1337* result = sasl_server_start(conn, p, in, inlen, 1338 &out, &outlen, &errstr); 1339# endif /* SASL >= 20000 / 1340* --- 251 unchanged lines hidden (view full) --- 1592 / 1593* 1594 saveQuickAbort = QuickAbort; 1595 saveSuprErrs = SuprErrs; 1596 SuprErrs = true; 1597 QuickAbort = false; 1598 if (rscheck("tls_client", 1599 macvalue(macid("{verify}"), e),	1333 &out, &outlen); 1334 if (in != NULL) 1335 sm_free(in); 1336# else /* SASL >= 20000 / 1337* result = sasl_server_start(conn, p, in, inlen, 1338 &out, &outlen, &errstr); 1339# endif /* SASL >= 20000 / 1340* --- 251 unchanged lines hidden (view full) --- 1592 / 1593* 1594 saveQuickAbort = QuickAbort; 1595 saveSuprErrs = SuprErrs; 1596 SuprErrs = true; 1597 QuickAbort = false; 1598 if (rscheck("tls_client", 1599 macvalue(macid("{verify}"), e),
1600 "STARTTLS", e, true, true, 5, 1601 NULL, NOQID) != EX_OK \|\|	1600 "STARTTLS", e, 1601 RSF_RMCOMM\|RSF_COUNT, 1602 5, NULL, NOQID) != EX_OK \|\|
1602 Errors > 0) 1603 { 1604 extern char MsgBuf[]; 1605 1606 if (MsgBuf[0] != '\0' && ISSMTPREPLY(MsgBuf)) 1607 nullserver = newstr(MsgBuf); 1608 else 1609 nullserver = "503 5.7.0 Authentication required."; --- 6 unchanged lines hidden (view full) --- 1616# if SASL 1617 if (sasl_ok) 1618 { 1619 char s; 1620* 1621 s = macvalue(macid("{cipher_bits}"), e); 1622# if SASL >= 20000 1623 if (s != NULL && (ext_ssf = atoi(s)) > 0)	1603 Errors > 0) 1604 { 1605 extern char MsgBuf[]; 1606 1607 if (MsgBuf[0] != '\0' && ISSMTPREPLY(MsgBuf)) 1608 nullserver = newstr(MsgBuf); 1609 else 1610 nullserver = "503 5.7.0 Authentication required."; --- 6 unchanged lines hidden (view full) --- 1617# if SASL 1618 if (sasl_ok) 1619 { 1620 char s; 1621* 1622 s = macvalue(macid("{cipher_bits}"), e); 1623# if SASL >= 20000 1624 if (s != NULL && (ext_ssf = atoi(s)) > 0)
1624 {	1625 {
1625 auth_id = macvalue(macid("{cert_subject}"),	1626 auth_id = macvalue(macid("{cert_subject}"),
1626 e);	1627 e);
1627 sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, 1628 &ext_ssf) == SASL_OK) && 1629 (sasl_setprop(conn, SASL_AUTH_EXTERNAL, 1630 auth_id) == SASL_OK)); 1631# else /* SASL >= 20000 / 1632* if (s != NULL && (ext_ssf.ssf = atoi(s)) > 0) 1633 { 1634 ext_ssf.auth_id = macvalue(macid("{cert_subject}"), --- 493 unchanged lines hidden (view full) --- 2128 macdefine(&e->e_macro, A_PERM, 2129 macid("{addr_type}"), "e s"); 2130#if _FFR_MAIL_MACRO 2131 /* make the "real" sender address available / 2132* macdefine(&e->e_macro, A_TEMP, macid("{mail_from}"), 2133 e->e_from.q_paddr); 2134#endif /* _FFR_MAIL_MACRO / 2135* if (rscheck("check_mail", addr,	1628 sasl_ok = ((sasl_setprop(conn, SASL_SSF_EXTERNAL, 1629 &ext_ssf) == SASL_OK) && 1630 (sasl_setprop(conn, SASL_AUTH_EXTERNAL, 1631 auth_id) == SASL_OK)); 1632# else /* SASL >= 20000 / 1633* if (s != NULL && (ext_ssf.ssf = atoi(s)) > 0) 1634 { 1635 ext_ssf.auth_id = macvalue(macid("{cert_subject}"), --- 493 unchanged lines hidden (view full) --- 2129 macdefine(&e->e_macro, A_PERM, 2130 macid("{addr_type}"), "e s"); 2131#if _FFR_MAIL_MACRO 2132 /* make the "real" sender address available / 2133* macdefine(&e->e_macro, A_TEMP, macid("{mail_from}"), 2134 e->e_from.q_paddr); 2135#endif /* _FFR_MAIL_MACRO / 2136* if (rscheck("check_mail", addr,
2136 NULL, e, true, true, 3, NULL, 2137 e->e_id) != EX_OK \|\|	2137 NULL, e, RSF_RMCOMM\|RSF_COUNT, 3, 2138 NULL, e->e_id) != EX_OK \|\|
2138 Errors > 0) 2139 sm_exc_raisenew_x(&EtypeQuickAbort, 1); 2140 macdefine(&e->e_macro, A_PERM, 2141 macid("{addr_type}"), NULL); 2142 2143 if (MaxMessageSize > 0 && 2144 (e->e_msgsize > MaxMessageSize \|\| 2145 e->e_msgsize < 0)) --- 222 unchanged lines hidden (view full) --- 2368 args[argno] = NULL; 2369 if (Errors > 0) 2370 goto rcpt_done; 2371 2372 /* do config file checking of the recipient / 2373* macdefine(&e->e_macro, A_PERM, 2374 macid("{addr_type}"), "e r"); 2375 if (rscheck("check_rcpt", addr,	2139 Errors > 0) 2140 sm_exc_raisenew_x(&EtypeQuickAbort, 1); 2141 macdefine(&e->e_macro, A_PERM, 2142 macid("{addr_type}"), NULL); 2143 2144 if (MaxMessageSize > 0 && 2145 (e->e_msgsize > MaxMessageSize \|\| 2146 e->e_msgsize < 0)) --- 222 unchanged lines hidden (view full) --- 2369 args[argno] = NULL; 2370 if (Errors > 0) 2371 goto rcpt_done; 2372 2373 /* do config file checking of the recipient / 2374* macdefine(&e->e_macro, A_PERM, 2375 macid("{addr_type}"), "e r"); 2376 if (rscheck("check_rcpt", addr,
2376 NULL, e, true, true, 3, NULL, 2377 e->e_id) != EX_OK \|\|	2377 NULL, e, RSF_RMCOMM\|RSF_COUNT, 3, 2378 NULL, e->e_id) != EX_OK \|\|
2378 Errors > 0) 2379 goto rcpt_done; 2380 macdefine(&e->e_macro, A_PERM, 2381 macid("{addr_type}"), NULL); 2382	2379 Errors > 0) 2380 goto rcpt_done; 2381 macdefine(&e->e_macro, A_PERM, 2382 macid("{addr_type}"), NULL); 2383
	2384 /* If discarding, don't bother to verify user / 2385* if (bitset(EF_DISCARD, e->e_flags)) 2386 a->q_state = QS_VERIFIED; 2387
2383#if MILTER 2384 if (smtp.sm_milterlist && smtp.sm_milterize && 2385 !bitset(EF_DISCARD, e->e_flags)) 2386 { 2387 char state; 2388 char response; 2389* 2390 response = milter_envrcpt(args, e, &state); --- 132 unchanged lines hidden (view full) --- 2523 if (p == '\0') 2524* { 2525 usrerr("501 5.5.2 Argument required"); 2526 } 2527 else 2528 { 2529 /* do config file checking of the address / 2530* if (rscheck(vrfy ? "check_vrfy" : "check_expn",	2388#if MILTER 2389 if (smtp.sm_milterlist && smtp.sm_milterize && 2390 !bitset(EF_DISCARD, e->e_flags)) 2391 { 2392 char state; 2393 char response; 2394* 2395 response = milter_envrcpt(args, e, &state); --- 132 unchanged lines hidden (view full) --- 2528 if (p == '\0') 2529* { 2530 usrerr("501 5.5.2 Argument required"); 2531 } 2532 else 2533 { 2534 /* do config file checking of the address / 2535* if (rscheck(vrfy ? "check_vrfy" : "check_expn",
2531 p, NULL, e, true, false, 3, NULL, 2532 NOQID) != EX_OK \|\|	2536 p, NULL, e, RSF_RMCOMM, 2537 3, NULL, NOQID) != EX_OK \|\|
2533 Errors > 0) 2534 sm_exc_raisenew_x(&EtypeQuickAbort, 1); 2535 (void) sendtolist(p, NULLADDR, &vrfyqueue, 0, e); 2536 } 2537 if (wt > 0) 2538 { 2539 time_t t; 2540 --- 78 unchanged lines hidden (view full) --- 2619 ** Even though we have srv_features now, we still 2620 ** need this ruleset because the former is called 2621 ** when the connection has been established, while 2622 ** this ruleset is called when the command is 2623 ** actually issued and therefore has all information 2624 ** available to make a decision. 2625 / 2626*	2538 Errors > 0) 2539 sm_exc_raisenew_x(&EtypeQuickAbort, 1); 2540 (void) sendtolist(p, NULLADDR, &vrfyqueue, 0, e); 2541 } 2542 if (wt > 0) 2543 { 2544 time_t t; 2545 --- 78 unchanged lines hidden (view full) --- 2624 ** Even though we have srv_features now, we still 2625 ** need this ruleset because the former is called 2626 ** when the connection has been established, while 2627 ** this ruleset is called when the command is 2628 ** actually issued and therefore has all information 2629 ** available to make a decision. 2630 / 2631*
2627 if (rscheck("check_etrn", p, NULL, e, true, false, 3, 2628 NULL, NOQID) != EX_OK \|\| Errors > 0)	2632 if (rscheck("check_etrn", p, NULL, e, 2633 RSF_RMCOMM, 3, NULL, NOQID) != EX_OK \|\| 2634 Errors > 0)
2629 break; 2630 2631 if (LogLevel > 5) 2632 sm_syslog(LOG_INFO, e->e_id, 2633 "%.100s: ETRN %s", CurSmtpClient, 2634 shortenstring(p, MAXSHORTSTR)); 2635 2636 id = p; --- 241 unchanged lines hidden (view full) --- 2878 } 2879 else if (smtp->sm_nrcpts <= 0) 2880 { 2881 usrerr("503 5.0.0 Need RCPT (recipient)"); 2882 return; 2883 } 2884 (void) sm_snprintf(buf, sizeof buf, "%u", smtp->sm_nrcpts); 2885 if (rscheck("check_data", buf, NULL, e,	2635 break; 2636 2637 if (LogLevel > 5) 2638 sm_syslog(LOG_INFO, e->e_id, 2639 "%.100s: ETRN %s", CurSmtpClient, 2640 shortenstring(p, MAXSHORTSTR)); 2641 2642 id = p; --- 241 unchanged lines hidden (view full) --- 2884 } 2885 else if (smtp->sm_nrcpts <= 0) 2886 { 2887 usrerr("503 5.0.0 Need RCPT (recipient)"); 2888 return; 2889 } 2890 (void) sm_snprintf(buf, sizeof buf, "%u", smtp->sm_nrcpts); 2891 if (rscheck("check_data", buf, NULL, e,
2886 true, false, 3, NULL, e->e_id) != EX_OK)	2892 RSF_RMCOMM\|RSF_UNSTRUCTURED\|RSF_COUNT, 3, NULL, 2893 e->e_id) != EX_OK)
2887 return; 2888 2889 /* put back discard bit / 2890* if (smtp->sm_discard) 2891 e->e_flags \|= EF_DISCARD; 2892 2893 /* check to see if we need to re-expand aliases / 2894* /* also reset QS_BADADDR on already-diagnosted addrs / --- 26 unchanged lines hidden* (view full) --- 2921 collect(InChannel, true, NULL, e); 2922 2923 /* redefine message size / 2924* (void) sm_snprintf(buf, sizeof buf, "%ld", e->e_msgsize); 2925 macdefine(&e->e_macro, A_TEMP, macid("{msg_size}"), buf); 2926 2927#if _FFR_CHECK_EOM 2928 /* rscheck() will set Errors or EF_DISCARD if it trips */	2894 return; 2895 2896 /* put back discard bit / 2897* if (smtp->sm_discard) 2898 e->e_flags \|= EF_DISCARD; 2899 2900 /* check to see if we need to re-expand aliases / 2901* /* also reset QS_BADADDR on already-diagnosted addrs / --- 26 unchanged lines hidden* (view full) --- 2928 collect(InChannel, true, NULL, e); 2929 2930 /* redefine message size / 2931* (void) sm_snprintf(buf, sizeof buf, "%ld", e->e_msgsize); 2932 macdefine(&e->e_macro, A_TEMP, macid("{msg_size}"), buf); 2933 2934#if _FFR_CHECK_EOM 2935 /* rscheck() will set Errors or EF_DISCARD if it trips */
2929 (void) rscheck("check_eom", buf, NULL, e, false, 2930 true, 3, NULL, e->e_id);	2936 (void) rscheck("check_eom", buf, NULL, e, RSF_UNSTRUCTURED\|RSF_COUNT, 2937 3, NULL, e->e_id);
2931#endif /* _FFR_CHECK_EOM / 2932* 2933#if MILTER 2934 milteraccept = true; 2935 if (smtp->sm_milterlist && smtp->sm_milterize && 2936 Errors <= 0 && 2937 !bitset(EF_DISCARD, e->e_flags)) 2938 { --- 649 unchanged lines hidden (view full) --- 3588 ** auth_param is acceptable (trusted) 3589 ** we shouldn't trust it if not authenticated 3590 ** (required by RFC, leave it to ruleset?) 3591 / 3592* 3593 SuprErrs = true; 3594 QuickAbort = false; 3595 if (strcmp(auth_param, "<>") != 0 &&	2938#endif /* _FFR_CHECK_EOM / 2939* 2940#if MILTER 2941 milteraccept = true; 2942 if (smtp->sm_milterlist && smtp->sm_milterize && 2943 Errors <= 0 && 2944 !bitset(EF_DISCARD, e->e_flags)) 2945 { --- 649 unchanged lines hidden (view full) --- 3595 ** auth_param is acceptable (trusted) 3596 ** we shouldn't trust it if not authenticated 3597 ** (required by RFC, leave it to ruleset?) 3598 / 3599* 3600 SuprErrs = true; 3601 QuickAbort = false; 3602 if (strcmp(auth_param, "<>") != 0 &&
3596 (rscheck("trust_auth", pbuf, NULL, e, true, false, 9, 3597 NULL, NOQID) != EX_OK \|\| Errors > 0))	3603 (rscheck("trust_auth", pbuf, NULL, e, RSF_RMCOMM, 3604 9, NULL, NOQID) != EX_OK \|\| Errors > 0))
3598 { 3599 if (tTd(95, 8)) 3600 { 3601 q = e->e_auth_param; 3602 sm_dprintf("auth=\"%.100s\" not trusted user=\"%.100s\"\n", 3603 pbuf, (q == NULL) ? "" : q); 3604 } 3605 --- 626 unchanged lines hidden ---	3605 { 3606 if (tTd(95, 8)) 3607 { 3608 q = e->e_auth_param; 3609 sm_dprintf("auth=\"%.100s\" not trusted user=\"%.100s\"\n", 3610 pbuf, (q == NULL) ? "" : q); 3611 } 3612 --- 626 unchanged lines hidden ---