示例#1
0
文件: smtp.c 项目: robn/postfix
static void pre_init(char *unused_name, char **unused_argv)
{
    int     use_tls;
    static const NAME_CODE addr_pref_map[] = {
        INET_PROTO_NAME_IPV6, SMTP_MISC_FLAG_PREF_IPV6,
        INET_PROTO_NAME_IPV4, SMTP_MISC_FLAG_PREF_IPV4,
        INET_PROTO_NAME_ANY, 0,
        0, -1,
    };

    /*
     * Turn on per-peer debugging.
     */
    debug_peer_init();

    /*
     * SASL initialization.
     */
    if (var_smtp_sasl_enable)
#ifdef USE_SASL_AUTH
        smtp_sasl_initialize();
#else
        msg_warn("%s is true, but SASL support is not compiled in",
                 VAR_SMTP_SASL_ENABLE);
#endif

    if (*var_smtp_tls_level != 0)
        switch (tls_level_lookup(var_smtp_tls_level)) {
        case TLS_LEV_SECURE:
        case TLS_LEV_VERIFY:
        case TLS_LEV_FPRINT:
        case TLS_LEV_ENCRYPT:
            var_smtp_use_tls = var_smtp_enforce_tls = 1;
            break;
        case TLS_LEV_MAY:
            var_smtp_use_tls = 1;
            var_smtp_enforce_tls = 0;
            break;
        case TLS_LEV_NONE:
            var_smtp_use_tls = var_smtp_enforce_tls = 0;
            break;
        default:
            /* tls_level_lookup() logs no warning. */
            /* session_tls_init() assumes that var_smtp_tls_level is sane. */
            msg_fatal("Invalid TLS level \"%s\"", var_smtp_tls_level);
        }
    use_tls = (var_smtp_use_tls || var_smtp_enforce_tls);

    /*
     * Initialize the TLS data before entering the chroot jail
     */
    if (use_tls || var_smtp_tls_per_site[0] || var_smtp_tls_policy[0]) {
#ifdef USE_TLS
        TLS_CLIENT_INIT_PROPS props;
        int     using_smtp = (strcmp(var_procname, "smtp") == 0);

        /*
         * We get stronger type safety and a cleaner interface by combining
         * the various parameters into a single tls_client_props structure.
         *
         * Large parameter lists are error-prone, so we emulate a language
         * feature that C does not have natively: named parameter lists.
         */
        smtp_tls_ctx =
            TLS_CLIENT_INIT(&props,
                            log_param = using_smtp ?
                                        VAR_SMTP_TLS_LOGLEVEL : VAR_LMTP_TLS_LOGLEVEL,
                            log_level = var_smtp_tls_loglevel,
                            verifydepth = var_smtp_tls_scert_vd,
                            cache_type = using_smtp ?
                                         TLS_MGR_SCACHE_SMTP : TLS_MGR_SCACHE_LMTP,
                            cert_file = var_smtp_tls_cert_file,
                            key_file = var_smtp_tls_key_file,
                            dcert_file = var_smtp_tls_dcert_file,
                            dkey_file = var_smtp_tls_dkey_file,
                            eccert_file = var_smtp_tls_eccert_file,
                            eckey_file = var_smtp_tls_eckey_file,
                            CAfile = var_smtp_tls_CAfile,
                            CApath = var_smtp_tls_CApath,
                            fpt_dgst = var_smtp_tls_fpt_dgst);
        smtp_tls_list_init();
#else
        msg_warn("TLS has been selected, but TLS support is not compiled in");
#endif
    }

    /*
     * Flush client.
     */
    flush_init();

    /*
     * Session cache domain list.
     */
    if (*var_smtp_cache_dest)
        smtp_cache_dest = string_list_init(MATCH_FLAG_RETURN, var_smtp_cache_dest);

    /*
     * EHLO keyword filter.
     */
    if (*var_smtp_ehlo_dis_maps)
        smtp_ehlo_dis_maps = maps_create(VAR_SMTP_EHLO_DIS_MAPS,
                                         var_smtp_ehlo_dis_maps,
                                         DICT_FLAG_LOCK);

    /*
     * PIX bug workarounds.
     */
    if (*var_smtp_pix_bug_maps)
        smtp_pix_bug_maps = maps_create(VAR_SMTP_PIX_BUG_MAPS,
                                        var_smtp_pix_bug_maps,
                                        DICT_FLAG_LOCK);

    /*
     * Generic maps.
     */
    if (*var_prop_extension)
        smtp_ext_prop_mask =
            ext_prop_mask(VAR_PROP_EXTENSION, var_prop_extension);
    if (*var_smtp_generic_maps)
        smtp_generic_maps =
            maps_create(VAR_SMTP_GENERIC_MAPS, var_smtp_generic_maps,
                        DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);

    /*
     * Header/body checks.
     */
    smtp_header_checks = hbc_header_checks_create(
                             VAR_SMTP_HEAD_CHKS, var_smtp_head_chks,
                             VAR_SMTP_MIME_CHKS, var_smtp_mime_chks,
                             VAR_SMTP_NEST_CHKS, var_smtp_nest_chks,
                             smtp_hbc_callbacks);
    smtp_body_checks = hbc_body_checks_create(
                           VAR_SMTP_BODY_CHKS, var_smtp_body_chks,
                           smtp_hbc_callbacks);

    /*
     * Server reply filter.
     */
    if (*var_smtp_resp_filter)
        smtp_chat_resp_filter =
            dict_open(var_smtp_resp_filter, O_RDONLY,
                      DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX);

    /*
     * Address family preference.
     */
    if (*var_smtp_addr_pref) {
        smtp_addr_pref = name_code(addr_pref_map, NAME_CODE_FLAG_NONE,
                                   var_smtp_addr_pref);
        if (smtp_addr_pref < 0)
            msg_fatal("bad %s value: %s", VAR_SMTP_ADDR_PREF, var_smtp_addr_pref);
    }
}
示例#2
0
int     main(int argc, char **argv)
{
    int     rec_type;
    VSTRING *buf;
    int     err;
    MIME_STATE *mime_state;
    HBC_TEST_CONTEXT context;
    static HBC_CALL_BACKS call_backs[1] = {
	log_cb,				/* logger */
	out_cb,				/* prepend */
    };

    /*
     * Sanity check.
     */
    if (argc != 5)
	msg_fatal("usage: %s header_checks mime_header_checks nested_header_checks body_checks", argv[0]);

    /*
     * Initialize.
     */
#define MIME_OPTIONS \
            (MIME_OPT_REPORT_8BIT_IN_7BIT_BODY \
            | MIME_OPT_REPORT_8BIT_IN_HEADER \
            | MIME_OPT_REPORT_ENCODING_DOMAIN \
            | MIME_OPT_REPORT_TRUNC_HEADER \
            | MIME_OPT_REPORT_NESTING \
            | MIME_OPT_DOWNGRADE)
    msg_vstream_init(basename(argv[0]), VSTREAM_OUT);
    buf = vstring_alloc(10);
    mime_state = mime_state_alloc(MIME_OPTIONS,
				  head_out, head_end,
				  body_out, body_end,
				  err_print,
				  (void *) &context);
    context.header_checks =
	hbc_header_checks_create("header_checks", argv[1],
				 "mime_header_checks", argv[2],
				 "nested_header_checks", argv[3],
				 call_backs);
    context.body_checks =
	hbc_body_checks_create("body_checks", argv[4], call_backs);
    context.buf = vstring_alloc(100);
    context.fp = VSTREAM_OUT;
    context.queueid = "test-queueID";
    context.recno = 0;

    /*
     * Main loop.
     */
    do {
	rec_type = rec_streamlf_get(VSTREAM_IN, buf, REC_LEN);
	VSTRING_TERMINATE(buf);
	err = mime_state_update(mime_state, rec_type, STR(buf), LEN(buf));
	vstream_fflush(VSTREAM_OUT);
    } while (rec_type > 0);

    /*
     * Error reporting.
     */
    if (err & MIME_ERR_TRUNC_HEADER)
	msg_warn("message header length exceeds safety limit");
    if (err & MIME_ERR_NESTING)
	msg_warn("MIME nesting exceeds safety limit");
    if (err & MIME_ERR_8BIT_IN_HEADER)
	msg_warn("improper use of 8-bit data in message header");
    if (err & MIME_ERR_8BIT_IN_7BIT_BODY)
	msg_warn("improper use of 8-bit data in message body");
    if (err & MIME_ERR_ENCODING_DOMAIN)
	msg_warn("improper message/* or multipart/* encoding domain");
#ifdef __APPLE_OS_X_SERVER__
    if (err & MIME_ERR_BODY_TOO_LARGE)
	msg_warn("MIME body part too large");
#endif

    /*
     * Cleanup.
     */
    if (context.header_checks)
	hbc_header_checks_free(context.header_checks);
    if (context.body_checks)
	hbc_body_checks_free(context.body_checks);
    vstring_free(context.buf);
    mime_state_free(mime_state);
    vstring_free(buf);
    exit(0);
}