[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nmh-commits] [SCM] The nmh Mail Handling System branch, master, updated
|
From: |
Ken Hornstein |
|
Subject: |
[Nmh-commits] [SCM] The nmh Mail Handling System branch, master, updated. 3bede3fae77775088b8b66e7a26a5e2ee1f61fff |
|
Date: |
Tue, 28 Feb 2012 02:04:52 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The nmh Mail Handling System".
The branch, master has been updated
via 3bede3fae77775088b8b66e7a26a5e2ee1f61fff (commit)
from 3cc586b1fdcef6cecc89386e885175577535e10f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/nmh.git/commit/?id=3bede3fae77775088b8b66e7a26a5e2ee1f61fff
commit 3bede3fae77775088b8b66e7a26a5e2ee1f61fff
Author: Ken Hornstein <address@hidden>
Date: Mon Feb 27 20:50:49 2012 -0500
Add support for -nosasl and -saslmaxssf switches.
diff --git a/man/post.man b/man/post.man
index 2bff3de..50b0298 100644
--- a/man/post.man
+++ b/man/post.man
@@ -21,6 +21,9 @@ post \- deliver a message
.RB [ \-width
.IR columns ]
.RB [ \-sasl ]
+.RB [ \-nosasl ]
+.RB [ \-saslmaxssf
+.IR ssf ]
.RB [ \-saslmech
.IR mechanism ]
.RB [ \-user
@@ -195,7 +198,9 @@ If
.B nmh
has been compiled with SASL support, the
.B \-sasl
-switch will enable
+and
+.B \-nosasl
+switches will enable and disable
the use of SASL authentication with the SMTP MTA. Depending on the
SASL mechanism used, this may require an additional password prompt from the
user (but the
@@ -214,7 +219,11 @@ will attempt to negotiate a security layer for session
encryption.
Encrypted data is labelled with `(sasl-encrypted)' and `(sasl-decrypted)' when
viewing the SMTP transaction with the
.B \-snoop
-switch.
+switch. The
+.B \-saslmaxssf
+switch can be used to select the maximum value of the Security Strength Factor.
+This is an integer value and the exact meaning of this value depends on the
+underlying SASL mechanism. A value of 0 disables encryption.
.PP
If
.B nmh
diff --git a/man/send.man b/man/send.man
index d9158c8..87a74eb 100644
--- a/man/send.man
+++ b/man/send.man
@@ -33,6 +33,9 @@ send \- send a message
.RB [ \-port
.IR port-name/number ]
.RB [ \-sasl ]
+.RB [ \-nosasl ]
+.RB [ \-saslmaxssf
+.IR ssf ]
.RB [ \-saslmech
.IR mechanism ]
.RB [ \-user
@@ -336,7 +339,9 @@ If
.B nmh
has been compiled with SASL support, the
.B \-sasl
-switch will enable
+and
+.B \-nosasl
+switches will enable and disable
the use of SASL authentication with the SMTP MTA. Depending on the
SASL mechanism used, this may require an additional password prompt from the
user (but the
@@ -355,7 +360,11 @@ will attempt to negotiate a security layer for session
encryption.
Encrypted data is labelled with `(encrypted)' and `(decrypted)' when
viewing the SMTP transaction with the
.B \-snoop
-switch.
+switch. The
+.B \-saslmaxssf
+switch can be used to select the maximum value of the Security Strength Factor.
+This is an integer value and the exact meaning of this value depends on the
+underlying SASL mechanism. A value of 0 disables encryption.
.PP
If
.B nmh
diff --git a/mts/smtp/smtp.c b/mts/smtp/smtp.c
index faca17a..620dabc 100644
--- a/mts/smtp/smtp.c
+++ b/mts/smtp/smtp.c
@@ -147,9 +147,9 @@ char *EHLOkeys[MAXEHLO + 1];
* static prototypes
*/
static int smtp_init (char *, char *, char *, int, int, int, int, int, int,
- char *, char *, int);
+ int, char *, char *, int);
static int sendmail_init (char *, char *, int, int, int, int, int, int,
- char *, char *);
+ int, char *, char *);
static int rclient (char *, char *);
static int sm_ierror (char *fmt, ...);
@@ -173,26 +173,28 @@ static int sm_fgets(char *, int, FILE *);
* Function prototypes needed for SASL
*/
-static int sm_auth_sasl(char *, char *, char *);
+static int sm_auth_sasl(char *, int, char *, char *);
#endif /* CYRUS_SASL */
int
sm_init (char *client, char *server, char *port, int watch, int verbose,
- int debug, int onex, int queued, int sasl, char *saslmech,
- char *user, int tls)
+ int debug, int onex, int queued, int sasl, int saslssf,
+ char *saslmech, char *user, int tls)
{
if (sm_mts == MTS_SMTP)
return smtp_init (client, server, port, watch, verbose,
- debug, onex, queued, sasl, saslmech, user, tls);
+ debug, onex, queued, sasl, saslssf, saslmech,
+ user, tls);
else
return sendmail_init (client, server, watch, verbose,
- debug, onex, queued, sasl, saslmech, user);
+ debug, onex, queued, sasl, saslssf, saslmech,
+ user);
}
static int
smtp_init (char *client, char *server, char *port, int watch, int verbose,
int debug, int onex, int queued,
- int sasl, char *saslmech, char *user, int tls)
+ int sasl, int saslssf, char *saslmech, char *user, int tls)
{
#ifdef CYRUS_SASL
char *server_mechs;
@@ -427,7 +429,7 @@ smtp_init (char *client, char *server, char *port, int
watch, int verbose,
saslmech, server_mechs);
}
- if (sm_auth_sasl(user, saslmech ? saslmech : server_mechs,
+ if (sm_auth_sasl(user, saslssf, saslmech ? saslmech : server_mechs,
server) != RP_OK) {
sm_end(NOTOK);
return NOTOK;
@@ -449,13 +451,14 @@ send_options: ;
int
sendmail_init (char *client, char *server, int watch, int verbose,
int debug, int onex, int queued,
- int sasl, char *saslmech, char *user)
+ int sasl, int saslssf, char *saslmech, char *user)
{
#ifdef CYRUS_SASL
char *server_mechs;
#else /* CYRUS_SASL */
NMH_UNUSED (server);
NMH_UNUSED (sasl);
+ NMH_UNUSED (saslssf);
NMH_UNUSED (saslmech);
NMH_UNUSED (user);
#endif /* CYRUS_SASL */
@@ -603,7 +606,7 @@ sendmail_init (char *client, char *server, int watch, int
verbose,
saslmech, server_mechs);
}
- if (sm_auth_sasl(user, saslmech ? saslmech : server_mechs,
+ if (sm_auth_sasl(user, saslssf, saslmech ? saslmech : server_mechs,
server) != RP_OK) {
sm_end(NOTOK);
return NOTOK;
@@ -875,7 +878,7 @@ sm_end (int type)
* (optionally) negotiated a security layer.
*/
static int
-sm_auth_sasl(char *user, char *mechlist, char *inhost)
+sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost)
{
int result, status;
unsigned int buflen, outlen;
@@ -953,7 +956,7 @@ sm_auth_sasl(char *user, char *mechlist, char *inhost)
memset(&secprops, 0, sizeof(secprops));
secprops.maxbufsize = SASL_MAXRECVBUF;
- secprops.max_ssf = tls_active ? 0 : UINT_MAX;
+ secprops.max_ssf = tls_active ? 0 : (saslssf != -1 ? saslssf : UINT_MAX);
result = sasl_setprop(conn, SASL_SEC_PROPS, &secprops);
diff --git a/mts/smtp/smtp.h b/mts/smtp/smtp.h
index c88620e..7de0edc 100644
--- a/mts/smtp/smtp.h
+++ b/mts/smtp/smtp.h
@@ -22,7 +22,7 @@ struct smtp {
* prototypes
*/
/* int client (); */
-int sm_init (char *, char *, char *, int, int, int, int, int, int, char *,
char *, int);
+int sm_init (char *, char *, char *, int, int, int, int, int, int, int, char
*, char *, int);
int sm_winit (int, char *);
int sm_wadr (char *, char *, char *);
int sm_waend (void);
diff --git a/uip/post.c b/uip/post.c
index 580d3d1..6ce3280 100644
--- a/uip/post.c
+++ b/uip/post.c
@@ -131,17 +131,21 @@ static struct swit switches[] = {
{ "queued", -6 },
#define SASLSW 37
{ "sasl", SASLminc(-4) },
-#define SASLMECHSW 38
+#define NOSASLSW 38
+ { "nosasl", SASLminc(-6) },
+#define SASLMXSSFSW 39
+ { "saslmaxssf", SASLminc(-10) },
+#define SASLMECHSW 40
{ "saslmech", SASLminc(-5) },
-#define USERSW 39
+#define USERSW 41
{ "user", SASLminc(-4) },
-#define PORTSW 40
+#define PORTSW 42
{ "port server port name/number", 4 },
-#define TLSSW 41
+#define TLSSW 43
{ "tls", TLSminc(-3) },
-#define FILEPROCSW 42
+#define FILEPROCSW 44
{ "fileproc", -4 },
-#define MHLPROCSW 43
+#define MHLPROCSW 45
{ "mhlproc", -3 },
{ NULL, 0 }
};
@@ -239,6 +243,7 @@ static int checksw = 0; /* whom -check
*/
static int linepos=0; /* putadr()'s position on the line */
static int nameoutput=0; /* putadr() has output header name */
static int sasl=0; /* Use SASL auth for SMTP */
+static int saslssf=-1; /* Our maximum SSF for SASL */
static char *saslmech=NULL; /* Force use of particular SASL mech */
static char *user=NULL; /* Authenticate as this user
*/
static char *port="smtp"; /* Name of server port for SMTP */
@@ -515,6 +520,16 @@ main (int argc, char **argv)
case SASLSW:
sasl++;
continue;
+
+ case NOSASLSW:
+ sasl = 0;
+ continue;
+
+ case SASLMXSSFSW:
+ if (!(cp = *argp++) || *cp == '-')
+ adios (NULL, "missing argument to %s", argp[-2]);
+ saslssf = atoi(cp);
+ continue;
case SASLMECHSW:
if (!(saslmech = *argp++) || *saslmech == '-')
@@ -1431,8 +1446,8 @@ post (char *file, int bccque, int talk)
sigon ();
if (rp_isbad (retval = sm_init (clientsw, serversw, port, watch, verbose,
- snoop, onex, queued, sasl, saslmech,
- user, tls))
+ snoop, onex, queued, sasl, saslssf,
+ saslmech, user, tls))
|| rp_isbad (retval = sm_winit (smtpmode, from)))
die (NULL, "problem initializing server; %s", rp_string (retval));
@@ -1471,7 +1486,7 @@ verify_all_addresses (int talk)
if (!whomsw || checksw)
if (rp_isbad (retval = sm_init (clientsw, serversw, port, watch,
verbose, snoop, 0, queued, sasl,
- saslmech, user, tls))
+ saslssf, saslmech, user, tls))
|| rp_isbad (retval = sm_winit (smtpmode, from)))
die (NULL, "problem initializing server; %s", rp_string (retval));
diff --git a/uip/send.c b/uip/send.c
index 62bf60a..9e804bc 100644
--- a/uip/send.c
+++ b/uip/send.c
@@ -102,17 +102,21 @@ static struct swit switches[] = {
{ "snoop", 5 },
#define SASLSW 37
{ "sasl", SASLminc(4) },
-#define SASLMECHSW 38
+#define NOSASLSW 38
+ { "nosasl", SASLminc(-6) },
+#define SASLMXSSFSW 39
+ { "saslmaxssf", SASLminc(-10) },
+#define SASLMECHSW 40
{ "saslmech mechanism", SASLminc(-5) },
-#define USERSW 39
+#define USERSW 41
{ "user username", SASLminc(-4) },
-#define ATTACHSW 40
+#define ATTACHSW 42
{ "attach", 6 },
-#define ATTACHFORMATSW 41
+#define ATTACHFORMATSW 43
{ "attachformat", 7 },
-#define PORTSW 42
+#define PORTSW 44
{ "port server-port-name/number" , 4 },
-#define TLSSW 43
+#define TLSSW 45
{ "tls", TLSminc(-3) },
{ NULL, 0 }
};
@@ -278,6 +282,7 @@ main (int argc, char **argv)
case SOMLSW:
case SNOOPSW:
case SASLSW:
+ case NOSASLSW:
case TLSSW:
vec[vecp++] = --cp;
continue;
@@ -288,6 +293,7 @@ main (int argc, char **argv)
case CLIESW:
case SERVSW:
case SASLMECHSW:
+ case SASLMXSSFSW:
case USERSW:
case PORTSW:
vec[vecp++] = --cp;
diff --git a/uip/whatnowsbr.c b/uip/whatnowsbr.c
index 36ba346..ac9dc3a 100644
--- a/uip/whatnowsbr.c
+++ b/uip/whatnowsbr.c
@@ -1054,17 +1054,21 @@ static struct swit sendswitches[] = {
{ "nodraftfolder", -3 },
#define SASLSW 36
{ "sasl", SASLminc(-4) },
-#define SASLMECHSW 37
+#define NOSASLSW 37
+ { "nosasl", SASLminc(-6) },
+#define SASLMXSSFSW 38
+ { "saslmaxssf", SASLminc(-10) },
+#define SASLMECHSW 39
{ "saslmech", SASLminc(-5) },
-#define USERSW 38
+#define USERSW 40
{ "user", SASLminc(-4) },
-#define SNDATTACHSW 39
+#define SNDATTACHSW 41
{ "attach file", 6 },
-#define SNDATTACHFORMAT 40
+#define SNDATTACHFORMAT 42
{ "attachformat", 7 },
-#define PORTSW 41
+#define PORTSW 43
{ "port server-port-name/number", 4 },
-#define TLSSW 42
+#define TLSSW 44
{ "tls", TLSminc(-3) },
{ NULL, 0 }
};
@@ -1227,6 +1231,7 @@ sendit (char *sp, char **arg, char *file, int pushed)
case SOMLSW:
case SNOOPSW:
case SASLSW:
+ case NOSASLSW:
case TLSSW:
vec[vecp++] = --cp;
continue;
@@ -1236,6 +1241,7 @@ sendit (char *sp, char **arg, char *file, int pushed)
case WIDTHSW:
case CLIESW:
case SERVSW:
+ case SASLMXSSFSW:
case SASLMECHSW:
case USERSW:
case PORTSW:
-----------------------------------------------------------------------
Summary of changes:
man/post.man | 13 +++++++++++--
man/send.man | 13 +++++++++++--
mts/smtp/smtp.c | 29 ++++++++++++++++-------------
mts/smtp/smtp.h | 2 +-
uip/post.c | 33 ++++++++++++++++++++++++---------
uip/send.c | 18 ++++++++++++------
uip/whatnowsbr.c | 18 ++++++++++++------
7 files changed, 87 insertions(+), 39 deletions(-)
hooks/post-receive
--
The nmh Mail Handling System
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Nmh-commits] [SCM] The nmh Mail Handling System branch, master, updated. 3bede3fae77775088b8b66e7a26a5e2ee1f61fff,
Ken Hornstein <=