/*
* Copyright © 2006-2007 Pierre Habouzit
+ * Copyright © 2008 Florent Bruneau
*/
#include <getopt.h>
#include "buffer.h"
#include "common.h"
#include "epoll.h"
-#include "threads.h"
#include "tokens.h"
+#include "server.h"
#define DAEMON_NAME "postlicyd"
#define DEFAULT_PORT 10000
#define RUNAS_USER "nobody"
#define RUNAS_GROUP "nogroup"
+DECLARE_MAIN
+
enum smtp_state {
SMTP_UNKNOWN,
SMTP_CONNECT,
const char *size;
const char *ccert_subject;
const char *ccert_issuer;
- const char *ccsert_fingerprint;
+ const char *ccert_fingerprint;
/* postfix 2.3+ */
const char *encryption_protocol;
const char *encryption_cipher;
const char *encryption_keysize;
const char *etrn_domain;
-} query_t;
-typedef struct plicyd_t {
- unsigned listener : 1;
- unsigned watchwr : 1;
- int fd;
- buffer_t ibuf;
- buffer_t obuf;
-} plicyd_t;
+ /* postfix 2.5+ */
+ const char *stress;
+ const char *eoq;
+} query_t;
-static plicyd_t *plicyd_new(void)
+static query_t *query_new(void)
{
- plicyd_t *plicyd = p_new(plicyd_t, 1);
- plicyd->fd = -1;
- return plicyd;
+ return p_new(query_t, 1);
}
-#if 0
-static void plicyd_delete(plicyd_t **plicyd)
+static void query_delete(query_t **query)
{
- if (*plicyd) {
- if ((*plicyd)->fd >= 0)
- close((*plicyd)->fd);
- buffer_wipe(&(*plicyd)->ibuf);
- buffer_wipe(&(*plicyd)->obuf);
- p_delete(plicyd);
+ if (*query) {
+ p_delete(query);
}
}
-#endif
+
+static void *query_starter(server_t* server)
+{
+ return query_new();
+}
static int postfix_parsejob(query_t *query, char *p)
{
CASE(SIZE, size);
CASE(CCERT_SUBJECT, ccert_subject);
CASE(CCERT_ISSUER, ccert_issuer);
- CASE(CCSERT_FINGERPRINT, ccsert_fingerprint);
+ CASE(CCERT_FINGERPRINT, ccert_fingerprint);
CASE(ENCRYPTION_PROTOCOL, encryption_protocol);
CASE(ENCRYPTION_CIPHER, encryption_cipher);
CASE(ENCRYPTION_KEYSIZE, encryption_keysize);
CASE(ETRN_DOMAIN, etrn_domain);
+ CASE(STRESS, stress);
#undef CASE
case PTK_REQUEST:
default:
syslog(LOG_WARNING, "unexpected key, skipped: %.*s", klen, k);
- break;
+ continue;
}
}
#undef PARSE_CHECK
}
-static void *policy_run(int fd, void *data)
+__attribute__((format(printf,2,0)))
+static void policy_answer(server_t *pcy, const char *fmt, ...)
{
- buffer_t buf;
-
- buffer_init(&buf);
- for (;;) {
- ssize_t search_offs = MAX(0, buf.len - 1);
- int nb = buffer_read(&buf, fd, -1);
- const char *eoq;
- query_t q;
-
- if (nb < 0) {
- if (errno == EAGAIN || errno == EINTR)
- continue;
- UNIXERR("read");
- break;
- }
- if (nb == 0) {
- if (buf.len)
- syslog(LOG_ERR, "unexpected end of data");
- break;
- }
-
- eoq = strstr(buf.data + search_offs, "\n\n");
- if (!eoq)
- continue;
+ va_list args;
+ const query_t* query = pcy->data;
+
+ buffer_addstr(&pcy->obuf, "action=");
+ va_start(args, fmt);
+ buffer_addvf(&pcy->obuf, fmt, args);
+ va_end(args);
+ buffer_addstr(&pcy->obuf, "\n\n");
+ buffer_consume(&pcy->ibuf, query->eoq - pcy->ibuf.data);
+ epoll_modify(pcy->fd, EPOLLIN | EPOLLOUT, pcy);
+}
- if (postfix_parsejob(&q, buf.data) < 0)
- break;
+static bool policy_run_filter(const query_t* query, void* filter, void* conf)
+{
+ return false;
+}
- buffer_consume(&buf, eoq + strlen("\n\n") - buf.data);
- if (xwrite(fd, "DUNNO\n\n", strlen("DUNNO\n\n"))) {
- UNIXERR("write");
- break;
- }
+static void policy_process(server_t *pcy)
+{
+ const query_t* query = pcy->data;
+ if (!policy_run_filter(query, NULL, NULL)) {
+ policy_answer(pcy, "DUNNO");
}
- buffer_wipe(&buf);
-
- close(fd);
- return NULL;
}
-int start_listener(int port)
+static int policy_run(server_t *pcy, void* config)
{
- struct sockaddr_in addr = {
- .sin_family = AF_INET,
- .sin_addr = { htonl(INADDR_LOOPBACK) },
- };
- struct epoll_event evt = { .events = EPOLLIN };
- plicyd_t *tmp;
- int sock;
-
- addr.sin_port = htons(port);
- sock = tcp_listen_nonblock((const struct sockaddr *)&addr, sizeof(addr));
- if (sock < 0) {
+ ssize_t search_offs = MAX(0, pcy->ibuf.len - 1);
+ int nb = buffer_read(&pcy->ibuf, pcy->fd, -1);
+ const char *eoq;
+ query_t* query = pcy->data;
+
+ if (nb < 0) {
+ if (errno == EAGAIN || errno == EINTR)
+ return 0;
+ UNIXERR("read");
return -1;
}
-
- evt.data.ptr = tmp = plicyd_new();
- tmp->fd = sock;
- tmp->listener = true;
- if (epoll_ctl(epollfd, EPOLL_CTL_ADD, sock, &evt) < 0) {
- UNIXERR("epoll_ctl");
+ if (nb == 0) {
+ if (pcy->ibuf.len)
+ syslog(LOG_ERR, "unexpected end of data");
return -1;
}
- return 0;
-}
-/* administrivia {{{ */
-static int main_initialize(void)
-{
- openlog("postlicyd", LOG_PID, LOG_MAIL);
- signal(SIGPIPE, SIG_IGN);
- signal(SIGINT, &common_sighandler);
- signal(SIGTERM, &common_sighandler);
- signal(SIGHUP, &common_sighandler);
- signal(SIGSEGV, &common_sighandler);
- syslog(LOG_INFO, "Starting...");
+ if (!(eoq = strstr(pcy->ibuf.data + search_offs, "\n\n")))
+ return 0;
+
+ if (postfix_parsejob(pcy->data, pcy->ibuf.data) < 0)
+ return -1;
+ query->eoq = eoq + strlen("\n\n");
+ epoll_modify(pcy->fd, 0, pcy);
+ policy_process(pcy);
return 0;
}
-static void main_shutdown(void)
+int start_listener(int port)
{
- closelog();
+ return start_server(port, NULL, NULL);
}
-module_init(main_initialize);
-module_exit(main_shutdown);
+/* administrivia {{{ */
void usage(void)
{
int main(int argc, char *argv[])
{
+ bool unsafe = false;
const char *pidfile = NULL;
bool daemonize = true;
int port = DEFAULT_PORT;
case 'p':
pidfile = optarg;
break;
+ case 'u':
+ unsafe = true;
+ break;
case 'l':
port = atoi(optarg);
break;
return EXIT_FAILURE;
}
- if (pidfile_open(pidfile) < 0) {
- syslog(LOG_CRIT, "unable to write pidfile %s", pidfile);
- return EXIT_FAILURE;
- }
-
- if (drop_privileges(RUNAS_USER, RUNAS_GROUP) < 0) {
- syslog(LOG_CRIT, "unable to drop privileges");
- return EXIT_FAILURE;
- }
-
- if (daemonize && daemon_detach() < 0) {
- syslog(LOG_CRIT, "unable to fork");
+ if (common_setup(pidfile, false, RUNAS_USER, RUNAS_GROUP,
+ daemonize) != EXIT_SUCCESS
+ || start_listener(port) < 0) {
return EXIT_FAILURE;
}
-
- pidfile_refresh();
-
- if (start_listener(port) < 0)
- return EXIT_FAILURE;
-
- while (!sigint) {
- struct epoll_event evts[1024];
- int n;
-
- n = epoll_wait(epollfd, evts, countof(evts), -1);
- if (n < 0) {
- if (errno != EAGAIN && errno != EINTR) {
- UNIXERR("epoll_wait");
- return EXIT_FAILURE;
- }
- continue;
- }
-
- while (--n >= 0) {
- plicyd_t *d = evts[n].data.ptr;
-
- if (d->listener) {
- int fd = accept(d->fd, NULL, 0);
- if (fd < 0) {
- if (errno != EINTR && errno != EAGAIN) {
- UNIXERR("accept");
- return EXIT_FAILURE;
- }
- continue;
- }
- thread_launch(policy_run, fd, NULL);
- }
- }
- threads_join();
- }
-
- syslog(LOG_INFO, "Stopping...");
- return EXIT_SUCCESS;
+ return server_loop(query_starter, (delete_client_t)query_delete,
+ policy_run, NULL);
}
projects / apps / pfixtools.git / blobdiff