293 lines
7.3 KiB
Perl
293 lines
7.3 KiB
Perl
package Qpsmtpd::Plugin;
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
use Qpsmtpd::Constants;
|
|
|
|
# more or less in the order they will fire
|
|
our @hooks = qw(
|
|
logging config post-fork pre-connection connect ehlo_parse ehlo
|
|
helo_parse helo auth_parse auth auth-plain auth-login auth-cram-md5
|
|
rcpt_parse rcpt_pre rcpt mail_parse mail mail_pre
|
|
data data_headers_end data_post queue_pre queue queue_post vrfy noop
|
|
quit reset_transaction disconnect post-connection
|
|
unrecognized_command deny ok received_line help
|
|
);
|
|
our %hooks = map { $_ => 1 } @hooks;
|
|
|
|
sub new {
|
|
my $proto = shift;
|
|
my $class = ref($proto) || $proto;
|
|
bless ({}, $class);
|
|
}
|
|
|
|
sub hook_name {
|
|
return shift->{_hook};
|
|
}
|
|
|
|
sub register_hook {
|
|
my ($plugin, $hook, $method, $unshift) = @_;
|
|
|
|
die $plugin->plugin_name . " : Invalid hook: $hook" unless $hooks{$hook};
|
|
|
|
$plugin->{_qp}->log(LOGDEBUG, $plugin->plugin_name, "hooking", $hook)
|
|
unless $hook =~ /logging/; # can't log during load_logging()
|
|
|
|
# I can't quite decide if it's better to parse this code ref or if
|
|
# we should pass the plugin object and method name ... hmn.
|
|
$plugin->qp->_register_hook
|
|
($hook,
|
|
{ code => sub { local $plugin->{_qp} = shift;
|
|
local $plugin->{_hook} = $hook;
|
|
$plugin->$method(@_)
|
|
},
|
|
name => $plugin->plugin_name,
|
|
},
|
|
$unshift,
|
|
);
|
|
}
|
|
|
|
sub _register {
|
|
my $self = shift;
|
|
my $qp = shift;
|
|
local $self->{_qp} = $qp;
|
|
$self->init($qp, @_) if $self->can('init');
|
|
$self->_register_standard_hooks($qp, @_);
|
|
$self->register($qp, @_) if $self->can('register');
|
|
}
|
|
|
|
sub qp {
|
|
shift->{_qp};
|
|
}
|
|
|
|
sub log {
|
|
my $self = shift;
|
|
return if defined $self->{_hook} && $self->{_hook} eq 'logging';
|
|
my $level = $self->adjust_log_level( shift, $self->plugin_name );
|
|
$self->{_qp}->varlog($level, $self->{_hook}, $self->plugin_name, @_);
|
|
}
|
|
|
|
sub adjust_log_level {
|
|
my ( $self, $cur_level, $plugin_name) = @_;
|
|
|
|
my $adj = $self->{_args}{loglevel} or return $cur_level;
|
|
|
|
return $adj if $adj =~ m/^[01234567]$/; # a raw syslog numeral
|
|
|
|
if ( $adj !~ /^[\+\-][\d]$/ ) {
|
|
$self->log( LOGERROR, $self-"invalid $plugin_name loglevel setting ($adj)" );
|
|
undef $self->{_args}{loglevel}; # only complain once per plugin
|
|
return $cur_level;
|
|
};
|
|
|
|
my $operator = substr($adj, 0, 1);
|
|
my $adjust = substr($adj, -1, 1);
|
|
|
|
my $new_level = $operator eq '+' ? $cur_level + $adjust : $cur_level - $adjust;
|
|
|
|
$new_level = 7 if $new_level > 7;
|
|
$new_level = 0 if $new_level < 0;
|
|
|
|
return $new_level;
|
|
};
|
|
|
|
sub transaction {
|
|
# not sure if this will work in a non-forking or a threaded daemon
|
|
shift->qp->transaction;
|
|
}
|
|
|
|
sub connection {
|
|
shift->qp->connection;
|
|
}
|
|
|
|
sub spool_dir {
|
|
shift->qp->spool_dir;
|
|
}
|
|
|
|
sub auth_user {
|
|
shift->qp->auth_user;
|
|
}
|
|
|
|
sub auth_mechanism {
|
|
shift->qp->auth_mechanism;
|
|
}
|
|
|
|
sub temp_file {
|
|
my $self = shift;
|
|
my $tempfile = $self->qp->temp_file;
|
|
push @{$self->qp->transaction->{_temp_files}}, $tempfile;
|
|
return $tempfile;
|
|
}
|
|
|
|
sub temp_dir {
|
|
my $self = shift;
|
|
my $tempdir = $self->qp->temp_dir();
|
|
push @{$self->qp->transaction->{_temp_dirs}}, $tempdir;
|
|
return $tempdir;
|
|
}
|
|
|
|
# plugin inheritance:
|
|
# usage:
|
|
# sub init {
|
|
# my $self = shift;
|
|
# $self->isa_plugin("rhsbl");
|
|
# $self->SUPER::register(@_);
|
|
# }
|
|
sub isa_plugin {
|
|
my ($self, $parent) = @_;
|
|
my ($currentPackage) = caller;
|
|
|
|
my $cleanParent = $parent;
|
|
$cleanParent =~ s/\W/_/g;
|
|
my $newPackage = $currentPackage."::_isa_$cleanParent";
|
|
|
|
# don't reload plugins if they are already loaded
|
|
return if defined &{"${newPackage}::plugin_name"};
|
|
|
|
# find $parent in plugin_dirs
|
|
my $parent_dir;
|
|
for ($self->qp->plugin_dirs) {
|
|
if (-e "$_/$parent") {
|
|
$parent_dir = $_;
|
|
last;
|
|
}
|
|
}
|
|
die "cannot find plugin '$parent'" unless $parent_dir;
|
|
|
|
$self->compile($self->plugin_name . "_isa_$cleanParent",
|
|
$newPackage,
|
|
"$parent_dir/$parent");
|
|
warn "---- $newPackage\n";
|
|
no strict 'refs';
|
|
push @{"${currentPackage}::ISA"}, $newPackage;
|
|
}
|
|
|
|
# why isn't compile private? it's only called from Plugin and Qpsmtpd.
|
|
sub compile {
|
|
my ($class, $plugin, $package, $file, $test_mode, $orig_name) = @_;
|
|
|
|
my $sub;
|
|
open F, $file or die "could not open $file: $!";
|
|
{
|
|
local $/ = undef;
|
|
$sub = <F>;
|
|
}
|
|
close F;
|
|
|
|
my $line = "\n#line 0 $file\n";
|
|
|
|
if ($test_mode) {
|
|
if (open(F, "t/plugin_tests/$orig_name")) {
|
|
local $/ = undef;
|
|
$sub .= "#line 1 t/plugin_tests/$orig_name\n";
|
|
$sub .= <F>;
|
|
close F;
|
|
}
|
|
}
|
|
|
|
my $eval = join(
|
|
"\n",
|
|
"package $package;",
|
|
'use Qpsmtpd::Constants;',
|
|
"require Qpsmtpd::Plugin;",
|
|
'use vars qw(@ISA);',
|
|
'use strict;',
|
|
'@ISA = qw(Qpsmtpd::Plugin);',
|
|
($test_mode ? 'use Test::More;' : ''),
|
|
"sub plugin_name { qq[$plugin] }",
|
|
$line,
|
|
$sub,
|
|
"\n", # last line comment without newline?
|
|
);
|
|
|
|
#warn "eval: $eval";
|
|
|
|
$eval =~ m/(.*)/s;
|
|
$eval = $1;
|
|
|
|
eval $eval;
|
|
die "eval $@" if $@;
|
|
}
|
|
|
|
sub get_reject {
|
|
my $self = shift;
|
|
my $message = shift || "why didn't you pass an error message?";
|
|
my $log_info = shift || '';
|
|
$log_info = ", $log_info" if $log_info;
|
|
|
|
my $reject = $self->{_args}{reject};
|
|
if ( defined $reject && ! $reject ) {
|
|
$self->log(LOGINFO, 'fail, reject disabled');
|
|
return DECLINED;
|
|
};
|
|
|
|
# the naughty plugin will reject later
|
|
if ( $reject eq 'naughty' ) {
|
|
$self->log(LOGINFO, 'fail, NAUGHTY');
|
|
$self->connection->notes('naughty', $message);
|
|
return (DECLINED);
|
|
};
|
|
|
|
# they asked for reject, we give them reject
|
|
$self->log(LOGINFO, 'fail'.$log_info);
|
|
return ( $self->get_reject_type(), $message);
|
|
};
|
|
|
|
sub get_reject_type {
|
|
my $self = shift;
|
|
my $default = shift || DENY;
|
|
my $deny = $self->{_args}{reject_type} or return $default;
|
|
|
|
return $deny =~ /^(temp|soft)$/i ? DENYSOFT
|
|
: $deny =~ /^(perm|hard)$/i ? DENY
|
|
: $deny eq 'disconnect' ? DENY_DISCONNECT
|
|
: $deny eq 'temp_disconnect' ? DENYSOFT_DISCONNECT
|
|
: $default;
|
|
};
|
|
|
|
sub is_immune {
|
|
my $self = shift;
|
|
|
|
if ( $self->qp->connection->relay_client() ) {
|
|
# set by plugins/relay, or Qpsmtpd::Auth
|
|
$self->log(LOGINFO, "skip, relay client");
|
|
return 1;
|
|
};
|
|
if ( $self->qp->connection->notes('whitelisthost') ) {
|
|
# set by plugins/dns_whitelist_soft or plugins/whitelist
|
|
$self->log(LOGINFO, "skip, whitelisted host");
|
|
return 1;
|
|
};
|
|
if ( $self->qp->transaction->notes('whitelistsender') ) {
|
|
# set by plugins/whitelist
|
|
$self->log(LOGINFO, "skip, whitelisted sender");
|
|
return 1;
|
|
};
|
|
if ( $self->connection->notes('naughty') ) {
|
|
# see plugins/naughty
|
|
$self->log(LOGINFO, "skip, naughty");
|
|
return 1;
|
|
};
|
|
if ( $self->connection->notes('rejected') ) {
|
|
# http://www.steve.org.uk/Software/ms-lite/
|
|
$self->log(LOGINFO, "skip, already rejected");
|
|
return 1;
|
|
};
|
|
return;
|
|
};
|
|
|
|
sub _register_standard_hooks {
|
|
my ($plugin, $qp) = @_;
|
|
|
|
for my $hook (@hooks) {
|
|
my $hooksub = "hook_$hook";
|
|
$hooksub =~ s/\W/_/g;
|
|
$plugin->register_hook( $hook, $hooksub )
|
|
if ($plugin->can($hooksub));
|
|
}
|
|
}
|
|
|
|
|
|
1;
|