From c2a3b7df6de7e023639789864940b0c997869954 Mon Sep 17 00:00:00 2001 From: Florent Bruneau Date: Mon, 8 Sep 2008 18:44:45 +0200 Subject: [PATCH] Working policy daemon. Add support for the stress parameter of postfix 2.5+. Can mlock rbl data. Signed-off-by: Florent Bruneau --- main-postlicyd.c | 9 +++++++-- rbl.c | 10 +++++++++- rbl.h | 2 +- tokens.sh | 5 ++++- tst-rbl.c | 2 +- 5 files changed, 22 insertions(+), 6 deletions(-) diff --git a/main-postlicyd.c b/main-postlicyd.c index 0431b95..a1444ec 100644 --- a/main-postlicyd.c +++ b/main-postlicyd.c @@ -84,7 +84,7 @@ typedef struct query_t { const char *size; const char *ccert_subject; const char *ccert_issuer; - const char *ccsert_fingerprint; + const char *ccert_fingerprint; /* postfix 2.3+ */ const char *encryption_protocol; @@ -92,6 +92,9 @@ typedef struct query_t { const char *encryption_keysize; const char *etrn_domain; + /* postfix 2.5+ */ + const char *stress; + const char *eoq; } query_t; @@ -159,11 +162,12 @@ static int postfix_parsejob(query_t *query, char *p) CASE(SIZE, size); CASE(CCERT_SUBJECT, ccert_subject); CASE(CCERT_ISSUER, ccert_issuer); - CASE(CCSERT_FINGERPRINT, ccsert_fingerprint); + CASE(CCERT_FINGERPRINT, ccert_fingerprint); CASE(ENCRYPTION_PROTOCOL, encryption_protocol); CASE(ENCRYPTION_CIPHER, encryption_cipher); CASE(ENCRYPTION_KEYSIZE, encryption_keysize); CASE(ETRN_DOMAIN, etrn_domain); + CASE(STRESS, stress); #undef CASE case PTK_REQUEST: @@ -211,6 +215,7 @@ static void policy_answer(server_t *pcy, const char *fmt, ...) { va_list args; va_start(args, fmt); + buffer_addstr(&pcy->obuf, "action="); buffer_addvf(&pcy->obuf, fmt, args); va_end(args); buffer_addstr(&pcy->obuf, "\n\n"); diff --git a/rbl.c b/rbl.c index 71f1d85..3f98ee9 100644 --- a/rbl.c +++ b/rbl.c @@ -60,6 +60,7 @@ enum { struct rbldb_t { uint32_t len, size; uint32_t *ips; + bool locked; }; static int get_o(const char *s, const char **out) @@ -114,7 +115,7 @@ static int parse_ipv4(const char *s, const char **out, uint32_t *ip) return 0; } -rbldb_t *rbldb_create(const char *file) +rbldb_t *rbldb_create(const char *file, bool lock) { rbldb_t *db; const char *map, *p, *end; @@ -169,6 +170,10 @@ rbldb_t *rbldb_create(const char *file) } munmap((void*)map, st.st_size); + /* Lookup may perform serveral I/O, so avoid swap. + */ + db->locked = lock && mlock(db->ips, db->len * sizeof(*(db->ips))) == 0; + if (db->len) { # define QSORT_TYPE uint32_t # define QSORT_BASE db->ips @@ -184,6 +189,9 @@ rbldb_t *rbldb_create(const char *file) void rbldb_delete(rbldb_t **db) { if (*db) { + if ((*db)->locked) { + (void)munlock((*db)->ips, (*db)->len * sizeof(*(*db)->ips)); + } p_delete(&(*db)->ips); p_delete(&(*db)); } diff --git a/rbl.h b/rbl.h index af342e4..e87025e 100644 --- a/rbl.h +++ b/rbl.h @@ -38,7 +38,7 @@ typedef struct rbldb_t rbldb_t; -rbldb_t *rbldb_create(const char *file); +rbldb_t *rbldb_create(const char *file, bool lock); void rbldb_delete(rbldb_t **); uint32_t rbldb_stats(rbldb_t *rbl); diff --git a/tokens.sh b/tokens.sh index 65376ea..4e1abb3 100755 --- a/tokens.sh +++ b/tokens.sh @@ -143,7 +143,7 @@ exit 0 ## size ## ccert_subject ## ccert_issuer -## ccsert_fingerprint +## ccert_fingerprint # # postfix 2.3+ ## encryption_protocol @@ -151,6 +151,9 @@ exit 0 ## encryption_keysize ## etrn_domain # +# postfix 2.5+ +## stress +# # request value ## smtpd_access_policy # diff --git a/tst-rbl.c b/tst-rbl.c index c208630..3087560 100644 --- a/tst-rbl.c +++ b/tst-rbl.c @@ -43,7 +43,7 @@ int main(int argc, char *argv[]) { if (argc > 1) { - rbldb_t *db = rbldb_create(argv[1]); + rbldb_t *db = rbldb_create(argv[1], false); printf("loaded: %s, %d ips, %d o\n", argv[1], rbldb_stats(db), rbldb_stats(db) * 4); rbldb_delete(&db); -- 2.20.1