Commit Graph

480 Commits

Author SHA1 Message Date
Matt Simerson
ae3fe2e4d5 cleanups for Auth::validate_password commit
one for testing to work again
and one to remove MD5 dependency in Plugin.pm
2012-05-20 23:37:16 -07:00
Matt Simerson
35e1ce9883 consolidate auth logic into Qpsmtpd::Auth
These 3 auth plugins all have a data store they fetch the reference
password or hash from. They then match the attemped password or hash
against the reference. This consolidates the latter portion (validating
the password/hash) into Auth.pm.

* less duplicated code in the plugins.
* Pass validation consistently handled for these 3 plugins.
* less work to create new auth plugins

Also caches the CRAM-MD5 ticket. It could also cache user/pass info if
this was desirable.
2012-05-20 23:37:06 -07:00
Matt Simerson
a6e664ce83 Altered SASL method to include the mechanism in log entries.
removed auth method from return calls in all auth plugins. The caller knows the mechanism already. In the code, the difference looks like this:

before:
        or return (DENY, "authcvm/$method");
after:
        or return (DENY, "authcvm");

Added debug level log entries in auth_vpopmaild

Conflicts:

	plugins/auth/auth_vpopmail_sql
2012-05-06 16:20:25 -07:00
Matt Simerson
5285774285 refactored Qpsmtpd::Auth::SASL
unit tests for new methods are in t/auth.t

added PLAIN and LOGIN tests in auth_flat_file

Most tests are disabled unless an interactive terminal is detected and $ENV{QPSMTPD_DEVELOPER} is set.
2012-05-06 16:17:02 -07:00
Matt Simerson
983dc82203 confine duplicate Auth log entry to LOGDEBUG 2012-05-06 16:12:20 -07:00
Matt Simerson
312d983ff7 Command.pm, promoted strictures to 1st line of code 2012-05-06 16:06:54 -07:00
Matt Simerson
c44db8c9e2 removed TODO, p0f v3 doesn't need that extra info 2012-05-06 16:01:57 -07:00
Matt Simerson
c3626f2123 in log entries, print hook name first
so log entries look like this:

86553 (connect) ident::geoip: US, United States
86553 (connect) ident::p0f: Windows 7 or 8
86553 (connect) check_earlytalker: remote host said nothing spontaneous, proceeding

instead of this:

86553 ident::geoip: (connect): US, United States
86553 ident::p0f: (connect) Windows 7 or 8
86553 check_earlytalker: (connect): remote host said nothing spontaneous, proceeding

Conflicts:

	plugins/logging/warn
2012-05-06 16:00:58 -07:00
Matt Simerson
6031e49da8 improved readability of default logging logic 2012-05-06 15:59:49 -07:00
Matt Simerson
d80a347afe SMTP.pm, add missing ; and remove useless if 2012-05-06 15:50:57 -07:00
Matt Simerson
d9a42d1774 confine SMTP.pm duplicate logging to LOGDEBUG 2012-05-06 15:50:23 -07:00
Matt Simerson
049d34ee55 improve readability in SMTP::auth_parse_respond 2012-05-06 15:50:07 -07:00
Matt Simerson
3afcc92150 whitespace, copyright bump, simplify logic 2012-04-29 00:30:06 -07:00
Matt Simerson
005c4d9105 make sure $hook is defined before printing it
This prevents error messages about $hook being undefined in the logs
2012-04-28 20:18:28 -07:00
Robert
461dabc3e1 Revert "Spool body when $transaction->body_fh() is called"
This reverts commit a52660a646.

See http://www.nntp.perl.org/group/perl.qpsmtpd/2010/10/msg9453.html for discussion.
2010-10-29 22:23:58 -07:00
Hanno Hecker
33d8825ecf Fix for plugins returning DONE from HELO/EHLO
We have to return something true, else the client gets an additional
 451 Internal error - try again later - command 'helo' failed unexpectedly
after the plugin's ->respond() message.
2010-09-17 15:25:20 +08:00
Peter A Eisch
e403a56d74 I forgot to sync the code that calls the original config correctly. 2010-09-15 14:33:34 +08:00
Peter A Eisch
2979c52b47 Adds the ability to have multiple instances (each with different
configs) running under Apache.
2010-09-15 14:33:31 +08:00
jaredj
295474503f Add support for multiple postfix cleanup sockets
The current postfix-queue plugin allows the administrator to set a
single path to a local postfix cleanup socket file from the plugin
'command line'.  This adds a 'cleanup_sockets' configuration directive
that can contain a list of paths as well as host/port combinations
pointing to postfix cleanup services, which will be tried in the order
that they appear.  Not yet tested.
2010-09-15 14:32:54 +08:00
jaredj
5c3bd220aa Run hook_reset_transaction after all connections
This makes hook_reset_transaction a bit more useful by running it on
disconnections.  It also ensures that hook_disconnect runs when the
client disconnects without QUITing.
2010-09-15 14:32:53 +08:00
Jared Johnson
96aa5ba171 Shorten/clarify Connection and Transaction notes()
Update Qpsmtpd::Connection::notes() and Qpsmtpd::Transaction::notes()
with clearer, more brief syntax.  A previous patch used seemingly better
syntax, but did not evaluate the size of @_ in order to distinguish
between a call to notes('arg1',undef) and notes('arg1').  This corrects
this issue, and adds a comment to that effect.
2010-09-15 14:32:53 +08:00
Matt Simerson
671a6953b0 add TCPLOCAL* variables to $qp->connection
(patch remade against latest rspier/qpsmtpd)

added remote_port, local_ip, local_port, and local_host to $qp->connection, as the p0f plugin relies on it.
added notes to TcpServer.pm and the p0f plugin noting the dependence, and the lack of support for models other than tcpserver.

Signed-off-by: Robert <rspier@pobox.com>
2010-05-11 21:15:57 -07:00
Matt Simerson
5f81fd7925 remove vestiges of a bygone RCS 2010-05-09 23:22:13 -07:00
Ask Bjørn Hansen
c408aa98ca Update copyright year 2010-04-07 22:32:41 -07:00
Ask Bjørn Hansen
e0948cee24 Prepare 0.84 release 2010-04-07 22:26:48 -07:00
Filippo Carletti
660ed14823 don't initialize the hooks array if it is already initialized 2010-02-13 21:23:03 -08:00
Peter J. Holzer
46171d0c66 fixed issue #29: config now caches returned value
Qpsmtpd::config now checks cache, hooks, qmail_config, default in this
order and returns the first match. In any case the returned value is
stored in the cache, so subsequent calls to Qpsmtpd::config return the
same value (unless the cache is cleared).
2010-01-18 11:36:06 -08:00
Devin Carraway
44c67fcbc7 Add a whatis to Qpsmtpd.pm and Postfix.pm's POD
Signed-off-by: Robert <rspier@pobox.com>
2010-01-14 00:13:10 -08:00
Rick
7de104bf66 AUTH PLAIN bug with qpsmtpd and alpine
Trying to get SMTP auth working with alpine, I came across a bug.
Alpine sends AUTH PLAIN and waits for a 334 response, then sends the
auth string. According to the RFC, the server should reply with 334
and a nothing else, but in Auth.pm qpsmtpd responds with "334 Please
continue."   the "Please continue" is interpreted as a non-zero
length initial challenge which causes alpine (and maybe other
clients?) to abort the session.

Signed-off-by: Charlie Brady <charlieb@budge.apana.org.au>
Signed-off-by: Robert <rspier@pobox.com>
2009-12-24 20:36:51 -08:00
Steve Kemp
d066479a77 PATCH: Spelling fixups
According to my dictionary "Authentification" is not a real word.

Signed-off-by: Robert <rspier@pobox.com>
2009-10-17 23:38:57 -07:00
Ask Bjørn Hansen
90b1206f85 Prepare 0.83 2009-09-15 14:55:35 -07:00
jaredj
a52660a646 Spool body when $transaction->body_fh() is called
Qpsmtpd::Transaction::body_filename() calls $self->body_spool() if the
message body has not already been spool to disk.  This adds the same
check to Qpsmtpd::Transaction::body_fh()
2009-09-15 14:41:05 -07:00
Jared Johnson
16b4dbcd81 Add dup_body_fh to return a dup'd body FH
It wasn't suitable to dup the body FH returned by plain old
body_fh(), so here's a separate function to return that.

Signed-off-by: Ask Bjørn Hansen <ask@develooper.com>
2009-09-15 14:39:50 -07:00
Ask Bjørn Hansen
90535ef883 Release 0.82 2009-06-02 16:02:58 -07:00
Ask Bjørn Hansen
45a5265837 Prepare 0.81 2009-04-02 22:39:23 -07:00
Pedro Melo
8e5bd5aa69 The bare postmaster address is case-insensitive
Per rfc2821, sec 4.5.1 and rfc5321, sec 4.5.1.

Signed-off-by: Pedro Melo <melo@simplicidade.org>
2009-03-14 17:18:13 +00:00
Ask Bjørn Hansen
6b6581fbf5 Add git describe to VERSION when running from a git clone 2009-03-02 13:00:09 -08:00
jaredj
d4edf3acc6 Whitespace cleanups
Remove some trailing spaces and replace some tabs with spaces
2009-03-02 12:53:56 -08:00
jaredj
22a0da47d8 Change transaction->add_recipient to prevent adding undef/empty recipients
Improve Qpsmtpd::Transaction::add_recipient syntax

Update Qpsmtpd::Transaction::add_recipient to use slightly clearer
language, and add 'if $rcpt' to prevent undef recipients from
being added -- in this case, the '@_ and' syntax allowing this set
method to set undef is undesirable, since you shouldn't be adding undef as
a recipient.

Signed-off-by: Ask Bjørn Hansen <ask@develooper.com>
2009-03-02 12:52:10 -08:00
Jared Johnson
82d25b17b0 Consistent Connection and Transaction notes() POD
Qpsmtpd::Connection::notes() and Qpsmtpd::Transaction::notes() have
identicaly functionality; however, the POD documentation for Connection
notes is fairly brief while the documentation for Transaction notes is
longer and more helpful.  This updates the Connection notes documention
to be consistent with its Transaction counterpart.
2009-02-20 07:36:36 -06:00
Jared Johnson
d9cf61175a Add Qpsmtpd::Address::notes() method
Qpsmtpd Connection and Transaction objects support notes() methods which
are conventionally used to pass data between plugins.  This adds the
same functionality to Address objects.  This should make it easier for
plugins to begin supporting message handling based on per-user
configuration directives.

Signed-off-by: Ask Bjørn Hansen <ask@develooper.com>
2009-02-20 07:45:03 -06:00
jaredj
2e552d2297 Add Qpsmtpd::Transaction::remove_recipient()
Add remove_recipient() to Qpsmtpd::Transaction, a counterpart to
add_recipient().

Signed-off-by: Ask Bjørn Hansen <ask@develooper.com>
2009-02-27 00:47:52 -08:00
Ask Bjørn Hansen
9f7ce234b0 prepare v0.80 2009-02-27 00:17:41 -08:00
Ask Bjørn Hansen
afa7efb98d Make the README file less insanely outdated 2009-02-13 00:12:55 -08:00
Robert
01e2190a63 Revert "Add notes to Qpsmtpd::Address class"
This reverts commit ea86b9fdb2.

Jared said...
I originally considered these functionally identical, but they are
not. The new code, called with, say, $txn->notes('discard',undef),
would result in evaluation as if it were a 'get' method rather than
setting the 'discard' note to undef.  That seems quite dangerous.  I
suggest either reverting the language back to the '@_ and' model, or
else doing something like:
2009-02-12 21:00:16 -08:00
Robert
e5507f9672 data_headers_end does not work in async mode 2009-02-12 00:29:56 -08:00
Karl Y. Pradene
059771d31d End of headers hook: data_headers_end
Hook after receiving all headers lines. Defaults to nothing,
just continue processing. At this step, sender does not wait for a reply,
but we can stop him from sending remaining data by disconnecting.

(Cleaned up by Robert for english and coding style.)

Signed-off-by: Ask Bjørn Hansen <ask@develooper.com>
Signed-off-by: Robert Spier <robert@perl.org>
2009-02-10 02:49:38 -05:00
Jared Johnson
ea86b9fdb2 Add notes to Qpsmtpd::Address class
standardize other notes calls
2009-02-08 22:38:03 -08:00
Steve Kemp
815c6d8223 PATCH: Log the name of plugins generating fatal errors
I've got many non-standard plugins and for a given
  fatal error it is non-trivial to determine which of
  them was to blame.

   Perhaps this patch would be useful?  (Against SVN,
 not git, but I think that shouldn't matter too much..)

Steve
--
Stop blog&forum spam
http://blogspam.net/
2009-02-08 22:19:44 -08:00
Jeff King
e4cb191047 Don't do printf interpolation on config('me')
The code feeds the results of $session->config('me') to
sprintf as part of the format string. In practice, this is
probably not a problem since hostnames don't contain percent
signs. However, it triggers a taint warning in perl 5.10,
making cram-md5 auth unusable.

This patch rewrites the sprintf to insert the 'me' value
using a %s format specifier.
2009-01-05 06:34:59 +00:00