Initial commit

.gitignore

@@ -0,0 +1 @@
+build

CMakeLists.txt

@@ -0,0 +1,25 @@
+cmake_minimum_required(VERSION 2.8)
+project(postsrsd C)
+
+find_program(HELP2MAN help2man DOC "path to help2man executable")
+find_program(DD dd DOC "path to dd executable")
+find_program(BASE64 base64 DOC "path to base64 executable")
+
+add_executable(${PROJECT_NAME} postsrsd.c sha1.c srs2.c)
+configure_file(${PROJECT_NAME}.init.in ${PROJECT_NAME}.init @ONLY)
+configure_file(postinstall.cmake.in postinstall.cmake @ONLY)
+
+if(HELP2MAN)
+add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD
+	COMMAND ${HELP2MAN} ARGS -s8 -o${PROJECT_NAME}.8 -N -h-h -v-v ./${PROJECT_NAME}
+	VERBATIM
+)
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}.8 DESTINATION "share/man/man8")
+endif()
+
+install(TARGETS ${PROJECT_NAME} DESTINATION "sbin")
+install(FILES README.md main.cf.ex DESTINATION "share/doc/${PROJECT_NAME}")
+install(PROGRAMS ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}.init DESTINATION "/etc/init.d" RENAME ${PROJECT_NAME})
+install(FILES ${PROJECT_NAME}.default DESTINATION "/etc/default" RENAME ${PROJECT_NAME})
+install(SCRIPT "${CMAKE_CURRENT_BINARY_DIR}/postinstall.cmake")
+

LICENSE

@@ -0,0 +1,339 @@
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+                            NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.

README.md

@@ -0,0 +1,52 @@
+About
+=====
+PostSRSd provides the Sender Rewriting Scheme (SRS) via TCP-based 
+lookup tables for Postfix. SRS is needed if your mail server acts
+as forwarder. 
+
+Imagine your server receives a mail from alice@example.com
+that is to be forwarded. If example.com uses the Sender Policy Framework 
+to indicate that all legit mails originate from their server, your 
+forwarded mail might be bounced, because you have no permission to send
+on behalf of example.com. The solution is that you map the address to
+your own domain, e.g. 
+SRS0+xxxx=yy=example.com=alice@yourdomain.org (forward SRS). If the
+mail is bounced later and a notification arrives, you can extract the
+original address from the rewritten one (revere SRS) and return the
+notification to the sender. You might notice that the reverse SRS can
+be abused to turn your server into an open relay. For this reason, xxxx
+and yy are a cryptographic signature and a time stamp. If the signature
+does not match, the address is forged and the mail can be discarded.
+
+Building
+========
+PostSRSd requires a POSIX compatible system and CMake to build. 
+Optionally, help2man is used to create a manual page.
+
+For convenience, a Makefile fragment is provided which calls CMake with
+the recommended command line options. Just run `make`.
+
+Installing
+==========
+Run `make install` as root to install the daemon and the configuration
+files.
+
+Configuration
+=============
+The configuration is located in `/etc/default/postsrsd`. You must store 
+a secret key in `/etc/postsrsd.secret`. The installer tries to generate 
+one from `/dev/urandom`. Be careful that no one can guess your secret,
+because anyone who knows it can use your mail server as open relay!
+
+PostSRSd exposes its functionality via two TCP lookup tables. The
+recommended Postfix configuration is to add the following fragment to
+your main.cf:
+
+    sender_canonical_maps = tcp:127.0.0.1:10001
+    sender_canonical_classes = envelope_sender
+    recipient_canonical_maps = tcp:127.0.0.1:10002
+    recipient_canonical_maps = envelope_recipient
+
+This will transparently rewrite incoming and outgoing envelope addresses.
+Run `service postsrsd start` and `postfix reload` as root, or reboot.
+

main.cf.ex

@@ -0,0 +1,8 @@
+# Add this fragment to your main.cf
+
+sender_canonical_maps = tcp:127.0.0.1:10001
+sender_canonical_classes = envelope_sender
+recipient_canonical_maps = tcp:127.0.0.1:10002
+recipient_canonical_maps = envelope_recipient
+
+

makefile

@@ -0,0 +1,11 @@
+all install: build/Makefile
+	$(MAKE) -C build $@
+
+clean distclean:
+	rm -rf build
+
+build/Makefile: CMakeLists.txt
+	mkdir -p build
+	cd build && cmake .. -DCMAKE_BUILD_TYPE=Release
+
+	

postinstall.cmake.in

@@ -0,0 +1,35 @@
+message(STATUS "Updating RC: $ENV{DESTDIR}/etc/init.d/@PROJECT_NAME@")
+file(MAKE_DIRECTORY 
+	"$ENV{DESTDIR}/etc/rc0.d" 
+	"$ENV{DESTDIR}/etc/rc1.d" 
+	"$ENV{DESTDIR}/etc/rc2.d" 
+	"$ENV{DESTDIR}/etc/rc3.d" 
+	"$ENV{DESTDIR}/etc/rc4.d" 
+	"$ENV{DESTDIR}/etc/rc5.d" 
+	"$ENV{DESTDIR}/etc/rc6.d" 
+)
+execute_process(
+	COMMAND ln -sf ../init.d/@PROJECT_NAME@ rc0.d/K20@PROJECT_NAME@
+	COMMAND ln -sf ../init.d/@PROJECT_NAME@ rc1.d/K20@PROJECT_NAME@
+	COMMAND ln -sf ../init.d/@PROJECT_NAME@ rc2.d/S20@PROJECT_NAME@
+	COMMAND ln -sf ../init.d/@PROJECT_NAME@ rc3.d/S20@PROJECT_NAME@
+	COMMAND ln -sf ../init.d/@PROJECT_NAME@ rc4.d/S20@PROJECT_NAME@
+	COMMAND ln -sf ../init.d/@PROJECT_NAME@ rc5.d/S20@PROJECT_NAME@
+	COMMAND ln -sf ../init.d/@PROJECT_NAME@ rc6.d/K20@PROJECT_NAME@
+	WORKING_DIRECTORY "$ENV{DESTDIR}/etc"
+)
+set(SECRET_FILE "@PROJECT_NAME@.secret")
+set(DD "@DD@")
+set(BASE64 "@BASE64@")
+if(DD AND BASE64 AND EXISTS "/dev/urandom" AND NOT EXISTS "$ENV{DESTDIR}/etc/${SECRET_FILE}")
+	message(STATUS "Generating secret key")
+	execute_process(
+		COMMAND ${DD} if=/dev/urandom bs=18 count=1
+		COMMAND ${BASE64} -w0
+		OUTPUT_FILE "@CMAKE_CURRENT_BINARY_DIR@/${SECRET_FILE}"
+		ERROR_QUIET
+		OUTPUT_STRIP_TRAILING_WHITESPACE
+	)
+file(INSTALL "@CMAKE_CURRENT_BINARY_DIR@/${SECRET_FILE}" DESTINATION "/etc" FILE_PERMISSIONS OWNER_READ OWNER_WRITE)
+endif()
+

postsrsd.c

@@ -0,0 +1,392 @@
+/* PostSRSd - Sender Rewriting Scheme daemon for Postfix
+ * Copyright (c) 2012 Timo Röhling <timo.roehling@gmx.de>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/* This program uses the libsrs2 library. The relevant source
+ * files have been added to this distribution. */
+
+#include "srs2.h"
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+#include <errno.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <string.h>
+#include <poll.h>
+#include <wait.h>
+
+#ifndef VERSION
+#define VERSION "1.0"
+#endif
+
+static char *self = NULL;
+
+static int bind_service (const char *service, int family)
+{
+  struct addrinfo *addr, *it;
+  struct addrinfo hints;
+  int err, sock, flags;
+  static const int one = 1;
+
+  memset (&hints, 0, sizeof(hints));
+  hints.ai_family = family;
+  hints.ai_socktype = SOCK_STREAM;
+  hints.ai_flags = AI_ADDRCONFIG | AI_V4MAPPED;
+  err = getaddrinfo(NULL, service, &hints, &addr);
+  if (err != 0) {
+    fprintf(stderr, "%s: bind_service(%s): %s\n", self, service, gai_strerror(err));
+    return -1;
+  }
+  sock = -1;
+  for (it = addr; it; it = it->ai_next) {
+    sock = socket(it->ai_family, it->ai_socktype, it->ai_protocol);
+    if (sock < 0) goto fail;
+    if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) < 0) goto fail;
+    if (bind(sock, it->ai_addr, it->ai_addrlen) < 0) goto fail;
+    if (listen(sock, 10) < 0) goto fail;
+    flags = fcntl (sock, F_GETFL, 0);
+    if (flags < 0) goto fail;
+    if (fcntl(sock, F_SETFL, flags | O_NONBLOCK) < 0) goto fail;
+    break;
+  fail:
+    err = errno;
+    if (sock >= 0) close (sock);
+    sock = -1;
+  }
+  freeaddrinfo (addr);
+  if (sock < 0)
+    fprintf (stderr, "%s: bind_service(%s): %s\n", self, service, strerror(err));
+  return sock;
+}
+
+static int is_hexdigit (char c)
+{
+  return (c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F');
+}
+
+static char hex2num (char c)
+{
+  if (c >= '0' && c <= '9') return c - '0';
+  if (c >= 'a' && c <= 'f') return c - 'a' + 10;
+  if (c >= 'A' && c <= 'F') return c - 'A' + 10;
+}
+
+static char num2hex (char c)
+{
+  if (c < 10) return '0' + c;
+  return 'a' + c - 10;
+}
+
+static char hex2char (const char *s)
+{
+  return 16 * hex2num(s[0]) + hex2num(s[1]);
+}
+
+static void char2hex (char c, char *buf)
+{
+  buf[0] = num2hex((c >> 4) & 0xf);
+  buf[1] = num2hex((c     ) & 0xf);
+}
+
+static char* url_decode (char *buf, size_t len, const char *input)
+{
+  char *output = buf;
+  if (!input || !output || len == 0) return NULL;
+
+  while (*input && --len) {
+    if (*input == '%' && is_hexdigit(input[1]) && is_hexdigit(input[2])) {
+      *output++ = hex2char(++input);
+      input += 2;
+    } else {
+      *output++ = *input++;
+    }
+  }
+  *output = 0;
+  return buf;
+}
+
+static char* url_encode (char* buf, size_t len, const char *input)
+{
+  char *output = buf;
+  if (!input || !output || len == 0) return NULL;
+  while (*input && --len) {
+    if (isspace(*input)) {
+      if (len <= 2) break;
+      *output++ = '%';
+      char2hex(*input, output);
+      output += 2; len -= 2;
+    } else {
+      *output++ = *input++;
+    }
+  }
+  *output = 0;
+  return buf;
+}
+
+static void handle_forward (srs_t *srs, FILE *fp, const char *address, const char *domain)
+{
+  int result;
+  char value[1024];
+  char outputbuf[1024], *output;
+
+  result = srs_forward(srs, value, sizeof(value), address, domain);
+  if (result == SRS_SUCCESS) {
+    output = url_encode(outputbuf, sizeof(outputbuf), value);
+    fprintf (fp, "200 %s\n", output);
+  } else {
+    fprintf (fp, "500 %s\n", srs_strerror(result));
+  }
+  fflush (fp);
+}
+
+static void handle_reverse (srs_t *srs, FILE *fp, const char *address, const char *domain)
+{
+  int result;
+  char value[1024];
+  char outputbuf[1024], *output;
+  result = srs_reverse(srs, value, sizeof(value), address);
+  if (result == SRS_SUCCESS) {
+    output = url_encode(outputbuf, sizeof(outputbuf), value);
+    fprintf (fp, "200 %s\n", output);
+  } else {
+    fprintf (fp, "500 %s\n", srs_strerror(result));
+  }
+  fflush (fp);
+}
+
+static void show_help ()
+{
+  fprintf (stdout,
+    "Sender Rewriting Scheme implementation for Postfix.\n\n"
+    "Implements two TCP lookup tables to rewrite mail addresses\n"
+    "as needed. The forward SRS is for sender envelope addresses\n"
+    "to prevent SPF-related bounces. The reverse SRS is for\n"
+    "recipient envelope addresses so that bounced mails can be\n"
+    "routed back to their original sender.\n"
+    "\n"
+    "Usage: %s -s<file> -d<domain> [other options]\n"
+    "Options:\n"
+    "   -s<file>       read secret from file (required)\n"
+    "   -d<domain>     set domain name for rewrite (required)\n"
+    "   -f<port>       set port for the forward SRS lookup (default: 10001)\n"
+    "   -r<port>       set port for the reverse SRS lookup (default: 10002)\n"
+    "   -p<pidfile>    write process ID to pidfile (default: none)\n"
+    "   -u<user>       switch user id after port bind (default: none)\n"
+    "   -t<seconds>    timeout for idle client connections (default: 1800)\n"
+    "   -D             fork into background\n"
+    "   -4             force IPv4 socket (default: any)\n"
+    "   -6             force IPv6 socket (default: any)\n"
+    "   -h             show this help\n"
+    "   -v             show version\n"
+    "\n",
+    self
+  );
+}
+
+typedef void(*handle_t)(srs_t*, FILE*, const char*, const char*);
+
+int main (int argc, char **argv)
+{
+  int opt, timeout = 1800, family = AF_UNSPEC;
+  int daemonize = FALSE;
+  char *forward_service = NULL, *reverse_service = NULL,
+       *user = NULL, *domain = NULL;
+  int forward_sock, reverse_sock;
+  char *secret_file = NULL, *pid_file = NULL;
+  FILE *pf = NULL;
+  char secret[1024];
+  char *tmp;
+  srs_t *srs;
+  struct pollfd fds[3];
+  handle_t handler[2] = { handle_forward, handle_reverse };
+
+  tmp = strrchr(argv[0], '/');
+  if (tmp) self = strdup(tmp + 1); else self = strdup(argv[0]);
+
+  while ((opt = getopt(argc, argv, "46d:f:r:s:u:t:p:Dhv")) != -1) {
+    switch (opt) {
+      case '?':
+        return EXIT_FAILURE;
+      case '4':
+        family = AF_INET;
+        break;
+      case '6':
+        family = AF_INET6;
+        break;
+      case 'd':
+        domain = strdup(optarg);
+        break;
+      case 'f':
+        forward_service = strdup(optarg);
+        break;
+      case 'r':
+        reverse_service = strdup(optarg);
+        break;
+      case 't':
+        timeout = atoi(optarg);
+        break;
+      case 's':
+        secret_file = strdup(optarg);
+        break;
+      case 'p':
+        pid_file = strdup(optarg);
+        break;
+      case 'u':
+        user = strdup(optarg);
+        break;
+      case 'D':
+        daemonize = TRUE;
+        break;
+      case 'h':
+	show_help();
+        return EXIT_SUCCESS;
+      case 'v':
+	fprintf (stdout, "%s\n", VERSION);
+	return EXIT_SUCCESS;
+    }
+  }
+  if (pid_file) {
+    pf = fopen (pid_file, "w");
+    if (pf == NULL) {
+      fprintf (stderr, "%s: Cannot write PID: %s\n\n", self, pid_file);
+      return EXIT_FAILURE;
+    }
+  }
+  if (domain == NULL) {
+    fprintf (stderr, "%s: You must set a home domain (-d)\n", self);
+    show_help();
+    return EXIT_FAILURE;
+  }
+  if (secret_file != NULL) {
+    size_t len;
+    FILE *fp = fopen(secret_file, "rb");
+    if (fp == NULL) {
+      fprintf (stderr, "%s: Cannot open file with secret: %s\n", self, secret_file);
+      return EXIT_FAILURE;
+    }
+    len = fread(secret, 1, sizeof(secret) - 1, fp);
+    if (len == 0 || len > sizeof(secret) - 1) {
+      fprintf (stderr, "%s: Cannot read secret from file: %s\n", self, secret_file);
+      return EXIT_FAILURE;
+    }
+    secret[len] = 0;
+    fclose (fp);
+  } else {
+    fprintf (stderr, "%s: You must set a secret (-s)\n", self);
+    show_help();
+    return EXIT_FAILURE;
+  }
+  if (forward_service != NULL) {
+    forward_sock = bind_service(forward_service, family);
+    free (forward_service);
+  } else {
+    forward_sock = bind_service("10001", family);
+  }
+  if (forward_sock < 0) return EXIT_FAILURE;
+  if (reverse_service != NULL) {
+    reverse_sock = bind_service(reverse_service, family);
+    free (reverse_service);
+  } else {
+    reverse_sock = bind_service("10002", family);
+  }
+  if (reverse_sock < 0) return EXIT_FAILURE;
+  if (user) {
+    struct passwd *pwd;
+    errno = 0;
+    pwd = getpwnam(user);
+    if (pwd == NULL) {
+      if (errno != 0)
+        fprintf (stderr, "%s: Failed to lookup user: %s\n", self, strerror(errno));
+      else
+        fprintf (stderr, "%s: No such user: %s\n", self, user);
+      return EXIT_FAILURE;
+    }
+    if (setuid(pwd->pw_uid) < 0) {
+      fprintf (stderr, "%s: Failed to switch user id: %s\n", self, strerror(errno));
+      return EXIT_FAILURE;
+    }
+  }
+  if (daemonize) {
+    close(0); close(1); close(2);
+    if (fork() != 0) return EXIT_SUCCESS;
+    setsid();
+    if (fork() != 0) return EXIT_SUCCESS;
+  }
+  if (pf) {
+    fprintf (pf, "%d", (int)getpid());
+    fclose (pf);
+  }
+
+  srs = srs_new();
+  srs_add_secret (srs, secret);
+  srs_set_separator (srs, '+');
+
+  fds[0].fd = forward_sock;
+  fds[0].events = POLLIN;
+  fds[1].fd = reverse_sock;
+  fds[1].events = POLLIN;
+
+  while(TRUE) {
+    int i, conn;
+    FILE *fp;
+    char linebuf[1024], *line;
+    char keybuf[1024], *key;
+
+    if (poll(fds, 2, 1000) < 0) {
+      if (!daemonize) fprintf (stderr, "%s: Poll failure: %s\n", self, strerror(errno));
+      return EXIT_FAILURE;
+    }
+    for (i = 0; i < 2; ++i) {
+      if (fds[i].revents) {
+        conn = accept(fds[i].fd, NULL, NULL);
+        if (conn < 0) continue;
+        if (fork() == 0) {
+          fp = fdopen(conn, "r+");
+          if (fp == NULL) exit(EXIT_FAILURE);
+          fds[2].fd = conn;
+          fds[2].events = POLLIN;
+          if (poll(&fds[2], 1, timeout * 1000) <= 0) return EXIT_FAILURE;
+          line = fgets(linebuf, sizeof(linebuf), fp);
+          while (line) {
+            char* token;
+            token = strtok(line, " \r\n");
+            if (token == NULL || strcmp(token, "get") != 0) {
+              fprintf (fp, "500 Invalid request\n");
+              return EXIT_FAILURE;
+            }
+            token = strtok(NULL, "\r\n");
+            if (!token) {
+              fprintf (fp, "500 Invalid request\n");
+              return EXIT_FAILURE;
+            }
+            key = url_decode(keybuf, sizeof(keybuf), token);
+            if (!key) break;
+            handler[i](srs, fp, key, domain);
+            if (poll(&fds[2], 1, timeout * 1000) <= 0) break;
+            line = fgets(linebuf, sizeof(linebuf), fp);
+          }
+          fclose (fp);
+          return EXIT_SUCCESS;
+        }
+        close (conn);
+      }
+    }
+    waitpid(-1, NULL, WNOHANG);
+  }
+  return EXIT_SUCCESS;
+}

postsrsd.default

@@ -0,0 +1,15 @@
+# Default settings for postsrsd
+
+# Local domain name. Addresses are rewritten to originate from this domain
+#SRS_DOMAIN=example.com
+
+# The secret key to sign the addresses is stored in this file
+#SRS_SECRET=/etc/postsrsd.secret
+
+# These ports are used to bind the TCP list for postfix
+#SRS_FORWARD_PORT=10001
+#SRS_REVERSE_PORT=10002
+
+# Drop root privileges and run as this user after initialization.
+RUN_AS=nobody
+

postsrsd.init.in

@@ -0,0 +1,85 @@
+#! /bin/sh
+#
+# @PROJECT_NAME@
+#               start/stop the @PROJECT_NAME@ daemon for Postfix
+#
+### BEGIN INIT INFO
+# Provides:          @PROJECT_NAME@
+# Required-Start:    $syslog, $local_fs
+# Required-Stop:     $syslog, $local_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start/stop the postsrs daemon
+### END INIT INFO
+
+set -e
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=@CMAKE_INSTALL_PREFIX@/sbin/@PROJECT_NAME@
+NAME=@PROJECT_NAME@
+DESC="Postfix Sender Rewriting Scheme daemon"
+
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Gracefully exit if the package has been removed.
+test -x $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+# Default configuration
+SRS_DOMAIN=`[ ! -r /etc/mailname ] || cat /etc/mailname | cut -d. -f2-`
+SRS_FORWARD_PORT=10001
+SRS_REVERSE_PORT=10002
+SRS_SECRET=/etc/@PROJECT_NAME@.secret
+RUN_AS=nobody
+
+# Read config file if it is present.
+if [ -r /etc/default/$NAME ]
+then
+    . /etc/default/$NAME
+fi
+
+POSTSRS_OPTS="-4 -f$SRS_FORWARD_PORT -r$SRS_REVERSE_PORT -d$SRS_DOMAIN -s$SRS_SECRET -u$RUN_AS -p$PIDFILE -D"
+
+test -r "$SRS_SECRET" || exit 0
+
+ret=0
+case "$1" in
+  start)
+	log_daemon_msg "Starting $DESC" "$NAME"
+	if start-stop-daemon --start --oknodo --quiet \
+		--pidfile $PIDFILE \
+		--name $NAME \
+		--startas $DAEMON -- $POSTSRS_OPTS
+	then
+	    log_end_msg 0
+	else
+	    ret=$?
+	    log_end_msg 1
+	fi
+	;;
+  stop)
+	log_daemon_msg "Stopping $DESC" "$NAME"
+	if start-stop-daemon --stop --oknodo --quiet \
+		--pidfile $PIDFILE --name $NAME
+	then
+	    log_end_msg 0
+	else
+	    ret=$?
+	    log_end_msg 1
+	fi
+        rm -f $PIDFILE
+	;;
+  reload|force-reload|restart)
+	$0 stop
+	$0 start
+	ret=$?
+	;;
+  *)
+	echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+	exit 1
+	;;
+esac
+
+exit $ret

sha1.c

@@ -0,0 +1,386 @@
+/* This file is copied from the libsrs2 sources */
+/* Modified by Timo Röhling <timo.roehling@gmx.de> */
+
+/* NIST Secure Hash Algorithm */
+/* Borrowed from SHA1.xs by Gisle Ass */
+/* heavily modified by Uwe Hollerbach <uh@alumni.caltech edu> */
+/* from Peter C. Gutmann's implementation as found in */
+/* Applied Cryptography by Bruce Schneier */
+/* Further modifications to include the "UNRAVEL" stuff, below */
+/* HMAC functions by Shevek <srs@anarres.org> for inclusion in
+ * libsrs2, under GPL-2 or BSD license. Combine this lot in any way
+ * you think will stand up in court. I hope my intent is clear. */
+
+/* This code is in the public domain */
+
+/* Useful defines & typedefs */
+
+#include <stdarg.h>
+#include <time.h>       /* time */
+#include <sys/types.h>  /* tyepdefs */
+#include <sys/time.h>   /* timeval / timezone struct */
+#include <string.h>		/* memcpy, strcpy, memset */
+
+#include "srs2.h"
+
+#ifdef SIZEOF_UNSIGNED_LONG
+#if SIZEOF_UNSIGNED_LONG < 4
+#error "SHA1 requires an unsigned long of at least 32 bits"
+#endif
+#endif
+
+#ifdef WORDS_BIGENDIAN
+#define BYTEORDER 0x4321
+#else
+#define BYTEORDER 0x1234
+#endif
+
+
+/* UNRAVEL should be fastest & biggest */
+/* UNROLL_LOOPS should be just as big, but slightly slower */
+/* both undefined should be smallest and slowest */
+
+#define SHA_VERSION 1
+#define UNRAVEL
+/* #define UNROLL_LOOPS */
+
+/* SHA f()-functions */
+#define f1(x,y,z)		((x & y) | (~x & z))
+#define f2(x,y,z)		(x ^ y ^ z)
+#define f3(x,y,z)		((x & y) | (x & z) | (y & z))
+#define f4(x,y,z)		(x ^ y ^ z)
+
+/* SHA constants */
+#define CONST1				0x5a827999L
+#define CONST2				0x6ed9eba1L
+#define CONST3				0x8f1bbcdcL
+#define CONST4				0xca62c1d6L
+
+/* truncate to 32 bits -- should be a null op on 32-bit machines */
+#define T32(x)		((x) & 0xffffffffL)
+
+/* 32-bit rotate */
+#define R32(x,n)		T32(((x << n) | (x >> (32 - n))))
+
+/* the generic case, for when the overall rotation is not unraveled */
+#define FG(n)		\
+	T = T32(R32(A,5) + f##n(B,C,D) + E + *WP++ + CONST##n);		\
+	E = D; D = C; C = R32(B,30); B = A; A = T
+
+/* specific cases, for when the overall rotation is unraveled */
+#define FA(n)		\
+	T = T32(R32(A,5) + f##n(B,C,D) + E + *WP++ + CONST##n); B = R32(B,30)
+
+#define FB(n)		\
+	E = T32(R32(T,5) + f##n(A,B,C) + D + *WP++ + CONST##n); A = R32(A,30)
+
+#define FC(n)		\
+	D = T32(R32(E,5) + f##n(T,A,B) + C + *WP++ + CONST##n); T = R32(T,30)
+
+#define FD(n)		\
+	C = T32(R32(D,5) + f##n(E,T,A) + B + *WP++ + CONST##n); E = R32(E,30)
+
+#define FE(n)		\
+	B = T32(R32(C,5) + f##n(D,E,T) + A + *WP++ + CONST##n); D = R32(D,30)
+
+#define FT(n)		\
+	A = T32(R32(B,5) + f##n(C,D,E) + T + *WP++ + CONST##n); C = R32(C,30)
+
+
+static void sha_transform(SHA_INFO *sha_info)
+{
+	int i;
+	sha_byte *dp;
+	ULONG T, A, B, C, D, E, W[80], *WP;
+
+	dp = sha_info->data;
+
+/*
+the following makes sure that at least one code block below is
+traversed or an error is reported, without the necessity for nested
+preprocessor if/else/endif blocks, which are a great pain in the
+nether regions of the anatomy...
+*/
+#undef SWAP_DONE
+
+#if BYTEORDER == 0x1234
+#define SWAP_DONE
+	/* assert(sizeof(ULONG) == 4); */
+	for (i = 0; i < 16; ++i) {
+		T = *((ULONG *) dp);
+		dp += 4;
+		W[i] =  ((T << 24) & 0xff000000) | ((T <<  8) & 0x00ff0000) |
+				((T >>  8) & 0x0000ff00) | ((T >> 24) & 0x000000ff);
+	}
+#endif
+
+#if BYTEORDER == 0x4321
+#define SWAP_DONE
+	/* assert(sizeof(ULONG) == 4); */
+	for (i = 0; i < 16; ++i) {
+		T = *((ULONG *) dp);
+		dp += 4;
+		W[i] = T32(T);
+	}
+#endif
+
+#if BYTEORDER == 0x12345678
+#define SWAP_DONE
+	/* assert(sizeof(ULONG) == 8); */
+	for (i = 0; i < 16; i += 2) {
+		T = *((ULONG *) dp);
+		dp += 8;
+		W[i] =  ((T << 24) & 0xff000000) | ((T <<  8) & 0x00ff0000) |
+				((T >>  8) & 0x0000ff00) | ((T >> 24) & 0x000000ff);
+		T >>= 32;
+		W[i+1] = ((T << 24) & 0xff000000) | ((T <<  8) & 0x00ff0000) |
+				 ((T >>  8) & 0x0000ff00) | ((T >> 24) & 0x000000ff);
+	}
+#endif
+
+#if BYTEORDER == 0x87654321
+#define SWAP_DONE
+	/* assert(sizeof(ULONG) == 8); */
+	for (i = 0; i < 16; i += 2) {
+		T = *((ULONG *) dp);
+		dp += 8;
+		W[i] = T32(T >> 32);
+		W[i+1] = T32(T);
+	}
+#endif
+
+#ifndef SWAP_DONE
+#error Unknown byte order -- you need to add code here
+#endif /* SWAP_DONE */
+
+	for (i = 16; i < 80; ++i) {
+		W[i] = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16];
+#if (SHA_VERSION == 1)
+		W[i] = R32(W[i], 1);
+#endif /* SHA_VERSION */
+	}
+	A = sha_info->digest[0];
+	B = sha_info->digest[1];
+	C = sha_info->digest[2];
+	D = sha_info->digest[3];
+	E = sha_info->digest[4];
+	WP = W;
+#ifdef UNRAVEL
+	FA(1); FB(1); FC(1); FD(1); FE(1); FT(1); FA(1); FB(1); FC(1); FD(1);
+	FE(1); FT(1); FA(1); FB(1); FC(1); FD(1); FE(1); FT(1); FA(1); FB(1);
+	FC(2); FD(2); FE(2); FT(2); FA(2); FB(2); FC(2); FD(2); FE(2); FT(2);
+	FA(2); FB(2); FC(2); FD(2); FE(2); FT(2); FA(2); FB(2); FC(2); FD(2);
+	FE(3); FT(3); FA(3); FB(3); FC(3); FD(3); FE(3); FT(3); FA(3); FB(3);
+	FC(3); FD(3); FE(3); FT(3); FA(3); FB(3); FC(3); FD(3); FE(3); FT(3);
+	FA(4); FB(4); FC(4); FD(4); FE(4); FT(4); FA(4); FB(4); FC(4); FD(4);
+	FE(4); FT(4); FA(4); FB(4); FC(4); FD(4); FE(4); FT(4); FA(4); FB(4);
+	sha_info->digest[0] = T32(sha_info->digest[0] + E);
+	sha_info->digest[1] = T32(sha_info->digest[1] + T);
+	sha_info->digest[2] = T32(sha_info->digest[2] + A);
+	sha_info->digest[3] = T32(sha_info->digest[3] + B);
+	sha_info->digest[4] = T32(sha_info->digest[4] + C);
+#else /* !UNRAVEL */
+#ifdef UNROLL_LOOPS
+	FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1);
+	FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1); FG(1);
+	FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2);
+	FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2); FG(2);
+	FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3);
+	FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3); FG(3);
+	FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4);
+	FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4); FG(4);
+#else /* !UNROLL_LOOPS */
+	for (i =  0; i < 20; ++i) { FG(1); }
+	for (i = 20; i < 40; ++i) { FG(2); }
+	for (i = 40; i < 60; ++i) { FG(3); }
+	for (i = 60; i < 80; ++i) { FG(4); }
+#endif /* !UNROLL_LOOPS */
+	sha_info->digest[0] = T32(sha_info->digest[0] + A);
+	sha_info->digest[1] = T32(sha_info->digest[1] + B);
+	sha_info->digest[2] = T32(sha_info->digest[2] + C);
+	sha_info->digest[3] = T32(sha_info->digest[3] + D);
+	sha_info->digest[4] = T32(sha_info->digest[4] + E);
+#endif /* !UNRAVEL */
+}
+
+/* initialize the SHA digest */
+
+static void
+sha_init(SHA_INFO *sha_info)
+{
+	sha_info->digest[0] = 0x67452301L;
+	sha_info->digest[1] = 0xefcdab89L;
+	sha_info->digest[2] = 0x98badcfeL;
+	sha_info->digest[3] = 0x10325476L;
+	sha_info->digest[4] = 0xc3d2e1f0L;
+	sha_info->count_lo = 0L;
+	sha_info->count_hi = 0L;
+	sha_info->local = 0;
+}
+
+/* update the SHA digest */
+
+static void
+sha_update(SHA_INFO *sha_info, sha_byte *buffer, int count)
+{
+	int i;
+	ULONG clo;
+
+	clo = T32(sha_info->count_lo + ((ULONG) count << 3));
+	if (clo < sha_info->count_lo) {
+		++sha_info->count_hi;
+	}
+	sha_info->count_lo = clo;
+	sha_info->count_hi += (ULONG) count >> 29;
+	if (sha_info->local) {
+		i = SHA_BLOCKSIZE - sha_info->local;
+		if (i > count) {
+			i = count;
+		}
+		memcpy(((sha_byte *) sha_info->data) + sha_info->local, buffer, i);
+		count -= i;
+		buffer += i;
+		sha_info->local += i;
+		if (sha_info->local == SHA_BLOCKSIZE) {
+			sha_transform(sha_info);
+		} else {
+			return;
+		}
+	}
+	while (count >= SHA_BLOCKSIZE) {
+		memcpy(sha_info->data, buffer, SHA_BLOCKSIZE);
+		buffer += SHA_BLOCKSIZE;
+		count -= SHA_BLOCKSIZE;
+		sha_transform(sha_info);
+	}
+	memcpy(sha_info->data, buffer, count);
+	sha_info->local = count;
+}
+
+
+static void
+sha_transform_and_copy(unsigned char digest[20], SHA_INFO *sha_info)
+{
+	sha_transform(sha_info);
+	digest[ 0] = (unsigned char) ((sha_info->digest[0] >> 24) & 0xff);
+	digest[ 1] = (unsigned char) ((sha_info->digest[0] >> 16) & 0xff);
+	digest[ 2] = (unsigned char) ((sha_info->digest[0] >>  8) & 0xff);
+	digest[ 3] = (unsigned char) ((sha_info->digest[0]      ) & 0xff);
+	digest[ 4] = (unsigned char) ((sha_info->digest[1] >> 24) & 0xff);
+	digest[ 5] = (unsigned char) ((sha_info->digest[1] >> 16) & 0xff);
+	digest[ 6] = (unsigned char) ((sha_info->digest[1] >>  8) & 0xff);
+	digest[ 7] = (unsigned char) ((sha_info->digest[1]      ) & 0xff);
+	digest[ 8] = (unsigned char) ((sha_info->digest[2] >> 24) & 0xff);
+	digest[ 9] = (unsigned char) ((sha_info->digest[2] >> 16) & 0xff);
+	digest[10] = (unsigned char) ((sha_info->digest[2] >>  8) & 0xff);
+	digest[11] = (unsigned char) ((sha_info->digest[2]      ) & 0xff);
+	digest[12] = (unsigned char) ((sha_info->digest[3] >> 24) & 0xff);
+	digest[13] = (unsigned char) ((sha_info->digest[3] >> 16) & 0xff);
+	digest[14] = (unsigned char) ((sha_info->digest[3] >>  8) & 0xff);
+	digest[15] = (unsigned char) ((sha_info->digest[3]      ) & 0xff);
+	digest[16] = (unsigned char) ((sha_info->digest[4] >> 24) & 0xff);
+	digest[17] = (unsigned char) ((sha_info->digest[4] >> 16) & 0xff);
+	digest[18] = (unsigned char) ((sha_info->digest[4] >>  8) & 0xff);
+	digest[19] = (unsigned char) ((sha_info->digest[4]      ) & 0xff);
+}
+
+/* finish computing the SHA digest */
+static void
+sha_final(unsigned char digest[20], SHA_INFO *sha_info)
+{
+	int count;
+	ULONG lo_bit_count, hi_bit_count;
+
+	lo_bit_count = sha_info->count_lo;
+	hi_bit_count = sha_info->count_hi;
+	count = (int) ((lo_bit_count >> 3) & 0x3f);
+	((sha_byte *) sha_info->data)[count++] = 0x80;
+	if (count > SHA_BLOCKSIZE - 8) {
+		memset(((sha_byte *) sha_info->data) + count, 0, SHA_BLOCKSIZE - count);
+		sha_transform(sha_info);
+		memset((sha_byte *) sha_info->data, 0, SHA_BLOCKSIZE - 8);
+	} else {
+		memset(((sha_byte *) sha_info->data) + count, 0,
+			SHA_BLOCKSIZE - 8 - count);
+	}
+	sha_info->data[56] = (hi_bit_count >> 24) & 0xff;
+	sha_info->data[57] = (hi_bit_count >> 16) & 0xff;
+	sha_info->data[58] = (hi_bit_count >>  8) & 0xff;
+	sha_info->data[59] = (hi_bit_count >>  0) & 0xff;
+	sha_info->data[60] = (lo_bit_count >> 24) & 0xff;
+	sha_info->data[61] = (lo_bit_count >> 16) & 0xff;
+	sha_info->data[62] = (lo_bit_count >>  8) & 0xff;
+	sha_info->data[63] = (lo_bit_count >>  0) & 0xff;
+	sha_transform_and_copy(digest, sha_info);
+}
+
+
+
+/********************************************************************/
+
+/*
+		SHA_INFO ctx;
+		unsigned char *data;
+	STRLEN len;
+		unsigned char digeststr[20];
+
+		sha_init(&ctx);
+
+		for (i = 0; i < items; i++) {
+			data = (unsigned char *)(SvPVbyte(ST(i), len));
+			sha_update(&ctx, data, len);
+		}
+		sha_final(digeststr, &ctx);
+*/
+
+static void
+sha_digest(char *out, char *data, int len)
+{
+	SHA_INFO ctx;
+	sha_init(&ctx);
+	sha_update(&ctx, data, len);
+	sha_final(out, &ctx);
+}
+
+void
+srs_hmac_init(srs_hmac_ctx_t *ctx, char *secret, int len)
+{
+	char	 sbuf[SHA_BLOCKSIZE];
+	int		 i;
+
+	if (len > SHA_BLOCKSIZE) {
+		sha_digest(sbuf, secret, len);
+		secret = sbuf;
+		len = strlen(sbuf);	/* SHA_BLOCKSIZE? */
+	}
+
+	memset(ctx->ipad, 0x36, SHA_BLOCKSIZE);
+	memset(ctx->opad, 0x5c, SHA_BLOCKSIZE);
+	for (i = 0; i < len; i++) {
+		ctx->ipad[i] ^= secret[i];
+		ctx->opad[i] ^= secret[i];
+	}
+
+	memset(sbuf, 0, SHA_BLOCKSIZE);
+
+	sha_init(&ctx->sctx);
+	sha_update(&ctx->sctx, ctx->ipad, SHA_BLOCKSIZE);
+}
+
+void
+srs_hmac_update(srs_hmac_ctx_t *ctx, char *data, int len)
+{
+	sha_update(&ctx->sctx, data, len);
+}
+
+void
+srs_hmac_fini(srs_hmac_ctx_t *ctx, char *out)
+{
+	char	 buf[SHA_DIGESTSIZE + 1];
+
+	sha_final(buf, &ctx->sctx);
+	sha_init(&ctx->sctx);
+	sha_update(&ctx->sctx, ctx->opad, SHA_BLOCKSIZE);
+	sha_update(&ctx->sctx, buf, SHA_DIGESTSIZE);
+	sha_final(out, &ctx->sctx);
+}

srs2.c

@@ -0,0 +1,704 @@
+/* This file is copied from the libsrs2 sources */
+/* Modified by Timo Röhling <timo.roehling@gmx.de> */
+
+/* Copyright (c) 2004 Shevek (srs@anarres.org)
+ * All rights reserved.
+ *
+ * This file is a part of libsrs2 from http://www.libsrs2.org/
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, under the terms of either the GNU General Public
+ * License version 2 or the BSD license, at the discretion of the
+ * user. Copies of these licenses have been included in the libsrs2
+ * distribution. See the the file called LICENSE for more
+ * information.
+ */
+
+#undef USE_OPENSSL
+
+#include <stdarg.h>
+#include <time.h>       /* time */
+#include <sys/types.h>  /* tyepdefs */
+#include <sys/time.h>   /* timeval / timezone struct */
+#include <string.h>		/* memcpy, strcpy, memset */
+#include <alloca.h>
+
+#ifdef USE_OPENSSL
+#include <openssl/hmac.h>
+#endif
+
+#include "srs2.h"
+
+
+#ifndef EVP_MAX_MD_SIZE
+#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
+#endif
+
+#ifndef HAVE_STRCASECMP
+# ifdef HAVE__STRICMP
+#  define strcasecmp _stricmp
+# endif
+#endif
+
+#ifndef HAVE_STRNCASECMP
+# ifdef HAVE__STRNICMP
+#  define strncasecmp _strnicmp
+# endif
+#endif
+
+	/* Use this */
+#define STRINGP(s) ((s != NULL) && (*(s) != '\0'))
+
+static const char *srs_separators = "=-+";
+
+static srs_malloc_t		srs_f_malloc	= malloc;
+static srs_realloc_t	srs_f_realloc	= realloc;
+static srs_free_t		srs_f_free		= free;
+
+int		
+srs_set_malloc(srs_malloc_t m, srs_realloc_t r, srs_free_t f)
+{
+	srs_f_malloc = m;
+	srs_f_realloc = r;
+	srs_f_free = f;
+	return SRS_SUCCESS;
+}
+
+const char *
+srs_strerror(int code)
+{
+	switch (code) {
+		/* Simple errors */
+		case SRS_SUCCESS:
+			return "Success";
+		case SRS_ENOTSRSADDRESS:
+			return "Not an SRS address.";
+
+		/* Config errors */
+		case SRS_ENOSECRETS:
+			return "No secrets in SRS configuration.";
+		case SRS_ESEPARATORINVALID:
+			return "Invalid separator suggested.";
+
+		/* Input errors */
+		case SRS_ENOSENDERATSIGN:
+			return "No at sign in sender address";
+		case SRS_EBUFTOOSMALL:
+			return "Buffer too small.";
+
+		/* Syntax errors */
+		case SRS_ENOSRS0HOST:
+			return "No host in SRS0 address.";
+		case SRS_ENOSRS0USER:
+			return "No user in SRS0 address.";
+		case SRS_ENOSRS0HASH:
+			return "No hash in SRS0 address.";
+		case SRS_ENOSRS0STAMP:
+			return "No timestamp in SRS0 address.";
+		case SRS_ENOSRS1HOST:
+			return "No host in SRS1 address.";
+		case SRS_ENOSRS1USER:
+			return "No user in SRS1 address.";
+		case SRS_ENOSRS1HASH:
+			return "No hash in SRS1 address.";
+		case SRS_EBADTIMESTAMPCHAR:
+			return "Bad base32 character in timestamp.";
+		case SRS_EHASHTOOSHORT:
+			return "Hash too short in SRS address.";
+
+		/* SRS errors */
+		case SRS_ETIMESTAMPOUTOFDATE:
+			return "Time stamp out of date.";
+		case SRS_EHASHINVALID:
+			return "Hash invalid in SRS address.";
+
+		default:
+			return "Unknown error in SRS library.";
+	}
+}
+
+srs_t *
+srs_new()
+{
+	srs_t	*srs = (srs_t *)srs_f_malloc(sizeof(srs_t));
+	srs_init(srs);
+	return srs;
+}
+
+void
+srs_init(srs_t *srs)
+{
+	memset(srs, 0, sizeof(srs_t));
+	srs->secrets = NULL;
+	srs->numsecrets = 0;
+	srs->separator = '=';
+	srs->maxage = 21;
+	srs->hashlength = 4;
+	srs->hashmin = srs->hashlength;
+	srs->alwaysrewrite = FALSE;
+}
+
+void
+srs_free(srs_t *srs)
+{
+	int	 i;
+	for (i = 0; i < srs->numsecrets; i++) {
+		memset(srs->secrets[i], 0, strlen(srs->secrets[i]));
+		srs_f_free(srs->secrets[i]);
+		srs->secrets[i] = '\0';
+	}
+	srs_f_free(srs);
+}
+
+int
+srs_add_secret(srs_t *srs, const char *secret)
+{
+	int		newlen = (srs->numsecrets + 1) * sizeof(char *);
+	srs->secrets = (char **)srs_f_realloc(srs->secrets, newlen);
+	srs->secrets[srs->numsecrets++] = strdup(secret);
+	return SRS_SUCCESS;
+}
+
+const char *
+srs_get_secret(srs_t *srs, int idx)
+{
+	if (idx < srs->numsecrets)
+		return srs->secrets[idx];
+	return NULL;
+}
+
+#define SRS_PARAM_DEFINE(n, t) \
+	int srs_set_ ## n (srs_t *srs, t value) { \
+		srs->n = value; \
+		return SRS_SUCCESS; \
+	} \
+	t srs_get_ ## n (srs_t *srs) { \
+		return srs->n; \
+	}
+
+int
+srs_set_separator(srs_t *srs, char value)
+{
+	if (strchr(srs_separators, value) == NULL)
+		return SRS_ESEPARATORINVALID;
+	srs->separator = value;
+	return SRS_SUCCESS;
+}
+
+char
+srs_get_separator(srs_t *srs)
+{
+	return srs->separator;
+}
+
+SRS_PARAM_DEFINE(maxage, int)
+	/* XXX Check hashlength >= hashmin */
+SRS_PARAM_DEFINE(hashlength, int)
+SRS_PARAM_DEFINE(hashmin, int)
+SRS_PARAM_DEFINE(alwaysrewrite, srs_bool)
+SRS_PARAM_DEFINE(noforward, srs_bool)
+SRS_PARAM_DEFINE(noreverse, srs_bool)
+
+/* Don't mess with these unless you know what you're doing well
+ * enough to rewrite the timestamp functions. These are based on
+ * a 2 character timestamp. Changing these in the wild is probably
+ * a bad idea. */
+#define SRS_TIME_PRECISION	(60 * 60 * 24)	/* One day */
+#define SRS_TIME_BASEBITS	5		/* 2^5 = 32 = strlen(CHARS) */
+/* This had better be a real variable since we do arithmethic
+ * with it. */
+const char *SRS_TIME_BASECHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
+#define SRS_TIME_SIZE		2
+#define SRS_TIME_SLOTS		(1<<(SRS_TIME_BASEBITS<<(SRS_TIME_SIZE-1)))
+
+int
+srs_timestamp_create(srs_t *srs, char *buf, time_t now)
+{
+	now = now / SRS_TIME_PRECISION;
+	buf[1] = SRS_TIME_BASECHARS[now & ((1 << SRS_TIME_BASEBITS) - 1)];
+	now = now >> SRS_TIME_BASEBITS;
+	buf[0] = SRS_TIME_BASECHARS[now & ((1 << SRS_TIME_BASEBITS) - 1)];
+	buf[2] = '\0';
+	return SRS_SUCCESS;
+}
+
+int
+srs_timestamp_check(srs_t *srs, const char *stamp)
+{
+	const char	*sp;
+	char		*bp;
+	int			 off;
+	time_t		 now;
+	time_t		 then;
+
+	/* We had better go around this loop exactly twice! */
+	then = 0;
+	for (sp = stamp; *sp; sp++) {
+		bp = strchr(SRS_TIME_BASECHARS, toupper(*sp));
+		if (bp == NULL)
+			return SRS_EBADTIMESTAMPCHAR;
+		off = bp - SRS_TIME_BASECHARS;
+		then = (then << SRS_TIME_BASEBITS) | off;
+	}
+
+	time(&now);
+	now = (now / SRS_TIME_PRECISION) % SRS_TIME_SLOTS;
+	while (now < then)
+		now = now + SRS_TIME_SLOTS;
+
+	if (now <= then + srs->maxage)
+		return SRS_SUCCESS;
+	return SRS_ETIMESTAMPOUTOFDATE;
+}
+
+const char *SRS_HASH_BASECHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+								 "abcdefghijklmnopqrstuvwxyz"
+								 "0123456789+/";
+
+static void
+srs_hash_create_v(srs_t *srs, int idx, char *buf, int nargs, va_list ap)
+{
+#ifdef USE_OPENSSL
+	HMAC_CTX		 ctx;
+	int				 srshashlen;
+	char			 srshash[EVP_MAX_MD_SIZE + 1];
+#else
+	srs_hmac_ctx_t	 ctx;
+	char			 srshash[SHA_DIGESTSIZE + 1];
+#endif
+	char			*secret;
+	char			*data;
+	int				 len;
+	char			*lcdata;
+	unsigned char	*hp;
+	char			*bp;
+	int				 i;
+	int				 j;
+
+	secret = srs->secrets[idx];
+
+#ifdef USE_OPENSSL
+	HMAC_CTX_init(&ctx);
+	HMAC_Init(&ctx, secret, strlen(secret), EVP_sha1());
+#else
+	srs_hmac_init(&ctx, secret, strlen(secret));
+#endif
+
+	for (i = 0; i < nargs; i++) {
+		data = va_arg(ap, char *);
+		len = strlen(data);
+		lcdata = alloca(len + 1);
+		for (j = 0; j < len; j++) {
+			if (isupper(data[j]))
+				lcdata[j] = tolower(data[j]);
+			else
+				lcdata[j] = data[j];
+		}
+#ifdef USE_OPENSSL
+		HMAC_Update(&ctx, lcdata, len);
+#else
+		srs_hmac_update(&ctx, lcdata, len);
+#endif
+	}
+
+#ifdef USE_OPENSSL
+	HMAC_Final(&ctx, srshash, &srshashlen);
+	HMAC_CTX_cleanup(&ctx);
+	srshash[EVP_MAX_MD_SIZE] = '\0';
+#else
+	srs_hmac_fini(&ctx, srshash);
+	srshash[SHA_DIGESTSIZE] = '\0';
+#endif
+
+
+	/* A little base64 encoding. Just a little. */
+	hp = (unsigned char *)srshash;
+	bp = buf;
+	for (i = 0; i < srs->hashlength; i++) {
+		switch (i & 0x03) {
+			default:	/* NOTREACHED */
+			case 0:
+				j = (*hp >> 2);
+				break;
+			case 1:
+				j = ((*hp & 0x03) << 4) |
+						((*(hp + 1) & 0xF0) >> 4);
+				hp++;
+				break;
+			case 2:
+				j = ((*hp & 0x0F) << 2) |
+						((*(hp + 1) & 0xC0) >> 6);
+				hp++;
+				break;
+			case 3:
+				j = (*hp++ & 0x3F);
+				break;
+		}
+		*bp++ = SRS_HASH_BASECHARS[j];
+	}
+
+	*bp = '\0';
+	buf[srs->hashlength] = '\0';
+}
+
+int
+srs_hash_create(srs_t *srs, char *buf, int nargs, ...)
+{
+	va_list	 ap;
+
+	if (srs->numsecrets == 0)
+		return SRS_ENOSECRETS;
+	if (srs->secrets == NULL)
+		return SRS_ENOSECRETS;
+	if (srs->secrets[0] == NULL)
+		return SRS_ENOSECRETS;
+
+	va_start(ap, nargs);
+	srs_hash_create_v(srs, 0, buf, nargs, ap);
+	va_end(ap);
+
+	return SRS_SUCCESS;
+}
+
+int
+srs_hash_check(srs_t *srs, char *hash, int nargs, ...)
+{
+	va_list	ap;
+	char	*srshash;
+	char	*tmp;
+	int		 len;
+	int		 i;
+
+	len = strlen(hash);
+	if (len < srs->hashmin)
+		return SRS_EHASHTOOSHORT;
+	if (len < srs->hashlength) {
+		tmp = alloca(srs->hashlength + 1);
+		strncpy(tmp, hash, srs->hashlength);
+		tmp[srs->hashlength] = '\0';
+		hash = tmp;
+		len = srs->hashlength;
+	}
+
+	for (i = 0; i < srs->numsecrets; i++) {
+		va_start(ap, nargs);
+		srshash = alloca(srs->hashlength + 1);
+		srs_hash_create_v(srs, i, srshash, nargs, ap);
+		va_end(ap);
+		if (strncasecmp(hash, srshash, len) == 0)
+			return SRS_SUCCESS;
+	}
+
+	return SRS_EHASHINVALID;
+}
+
+int
+srs_compile_shortcut(srs_t *srs,
+				char *buf, int buflen,
+				char *sendhost, char *senduser,
+				const char *aliashost) {
+	char	*srshash;
+	char	 srsstamp[SRS_TIME_SIZE + 1];
+	int		 len;
+	int		 ret;
+
+	/* This never happens if we get called from guarded() */
+	if ((strncasecmp(senduser, SRS0TAG, 4) == 0) &&
+		(strchr(srs_separators, senduser[4]) != NULL)) {
+		sendhost = senduser + 5;
+		if (*sendhost == '\0')
+			return SRS_ENOSRS0HOST;
+		senduser = strchr(sendhost, SRSSEP);
+		if ((senduser == NULL) || (*senduser == '\0'))
+			return SRS_ENOSRS0USER;
+	}
+
+	len = strlen(SRS0TAG) + 1 +
+		srs->hashlength + 1 +
+			SRS_TIME_SIZE + 1 +
+				strlen(sendhost) + 1 + strlen(senduser)
+			+ 1 + strlen(aliashost);
+	if (len >= buflen)
+		return SRS_EBUFTOOSMALL;
+
+	ret = srs_timestamp_create(srs, srsstamp, time(NULL));
+	if (ret != SRS_SUCCESS)
+		return ret;
+	srshash = alloca(srs->hashlength + 1);
+	ret = srs_hash_create(srs, srshash,3, srsstamp, sendhost, senduser);
+	if (ret != SRS_SUCCESS)
+		return ret;
+
+	sprintf(buf, SRS0TAG "%c%s%c%s%c%s%c%s@%s", srs->separator,
+					srshash, SRSSEP, srsstamp, SRSSEP,
+						sendhost, SRSSEP, senduser,
+							aliashost);
+
+	return SRS_SUCCESS;
+}
+
+int
+srs_compile_guarded(srs_t *srs,
+				char *buf, int buflen,
+				char *sendhost, char *senduser,
+				const char *aliashost) {
+	char	*srshost;
+	char	*srsuser;
+	char	*srshash;
+	int		 len;
+	int		 ret;
+
+	if ((strncasecmp(senduser, SRS1TAG, 4) == 0) &&
+		(strchr(srs_separators, senduser[4]) != NULL)) {
+		/* Used as a temporary convenience var */
+		srshash = senduser + 5;
+		if (*srshash == '\0')
+			return SRS_ENOSRS1HASH;
+		/* Used as a temporary convenience var */
+		srshost = strchr(srshash, SRSSEP);
+		if (!STRINGP(srshost))
+			return SRS_ENOSRS1HOST;
+		*srshost++ = '\0';
+		srsuser = strchr(srshost, SRSSEP);
+		if (!STRINGP(srsuser))
+			return SRS_ENOSRS1USER;
+		*srsuser++ = '\0';
+		srshash = alloca(srs->hashlength + 1);
+		ret = srs_hash_create(srs, srshash, 2, srshost, srsuser);
+		if (ret != SRS_SUCCESS)
+			return ret;
+		len = strlen(SRS1TAG) + 1 +
+			srs->hashlength + 1 +
+				strlen(srshost) + 1 + strlen(srsuser)
+			+ 1 + strlen(aliashost);
+		if (len >= buflen)
+			return SRS_EBUFTOOSMALL;
+		sprintf(buf, SRS1TAG "%c%s%c%s%c%s@%s", srs->separator,
+						srshash, SRSSEP,
+							srshost, SRSSEP, srsuser,
+								aliashost);
+		return SRS_SUCCESS;
+	}
+	else if ((strncasecmp(senduser, SRS0TAG, 4) == 0) &&
+		(strchr(srs_separators, senduser[4]) != NULL)) {
+		srsuser = senduser + 4;
+		srshost = sendhost;
+		srshash = alloca(srs->hashlength + 1);
+		ret = srs_hash_create(srs, srshash, 2, srshost, srsuser);
+		if (ret != SRS_SUCCESS)
+			return ret;
+		len = strlen(SRS1TAG) + 1 +
+			srs->hashlength + 1 +
+				strlen(srshost) + 1 + strlen(srsuser)
+			+ 1 + strlen(aliashost);
+		if (len >= buflen)
+			return SRS_EBUFTOOSMALL;
+		sprintf(buf, SRS1TAG "%c%s%c%s%c%s@%s", srs->separator,
+						srshash, SRSSEP,
+							srshost, SRSSEP, srsuser,
+								aliashost);
+	}
+	else {
+		return srs_compile_shortcut(srs, buf, buflen,
+						sendhost, senduser, aliashost);
+	}
+
+	return SRS_SUCCESS;
+}
+
+int
+srs_parse_shortcut(srs_t *srs, char *buf, int buflen, char *senduser)
+{
+	char	*srshash;
+	char	*srsstamp;
+	char	*srshost;
+	char	*srsuser;
+	int		 ret;
+
+	if (strncasecmp(senduser, SRS0TAG, 4) == 0) {
+		srshash = senduser + 5;
+		if (!STRINGP(srshash))
+			return SRS_ENOSRS0HASH;
+		srsstamp = strchr(srshash, SRSSEP);
+		if (!STRINGP(srsstamp))
+			return SRS_ENOSRS0STAMP;
+		*srsstamp++ = '\0';
+		srshost = strchr(srsstamp, SRSSEP);
+		if (!STRINGP(srshost))
+			return SRS_ENOSRS0HOST;
+		*srshost++ = '\0';
+		srsuser = strchr(srshost, SRSSEP);
+		if (!STRINGP(srsuser))
+			return SRS_ENOSRS0USER;
+		*srsuser++ = '\0';
+		ret = srs_timestamp_check(srs, srsstamp);
+		if (ret != SRS_SUCCESS)
+			return ret;
+		ret = srs_hash_check(srs, srshash, 3, srsstamp,
+						srshost, srsuser);
+		if (ret != SRS_SUCCESS)
+			return ret;
+		sprintf(buf, "%s@%s", srsuser, srshost);
+		return SRS_SUCCESS;
+	}
+
+	return SRS_ENOTSRSADDRESS;
+}
+
+int
+srs_parse_guarded(srs_t *srs, char *buf, int buflen, char *senduser)
+{
+	char	*srshash;
+	char	*srshost;
+	char	*srsuser;
+	int		 ret;
+
+	if (strncasecmp(senduser, SRS1TAG, 4) == 0) {
+		srshash = senduser + 5;
+		if (!STRINGP(srshash))
+			return SRS_ENOSRS1HASH;
+		srshost = strchr(srshash, SRSSEP);
+		if (!STRINGP(srshost))
+			return SRS_ENOSRS1HOST;
+		*srshost++ = '\0';
+		srsuser = strchr(srshost, SRSSEP);
+		if (!STRINGP(srsuser))
+			return SRS_ENOSRS1USER;
+		*srsuser++ = '\0';
+		ret = srs_hash_check(srs, srshash, 2, srshost, srsuser);
+		if (ret != SRS_SUCCESS)
+			return ret;
+		sprintf(buf, SRS0TAG "%s@%s", srsuser, srshost);
+		return SRS_SUCCESS;
+	}
+	else {
+		return srs_parse_shortcut(srs, buf, buflen, senduser);
+	}
+}
+
+int
+srs_forward(srs_t *srs, char *buf, int buflen,
+				const char *sender, const char *alias)
+{
+	char	*senduser;
+	char	*sendhost;
+	char	*tmp;
+	int		 len;
+
+	if (srs->noforward)
+		return SRS_ENOTREWRITTEN;
+
+	/* This is allowed to be a plain domain */
+	while ((tmp = strchr(alias, '@')) != NULL)
+		alias = tmp + 1;
+
+	tmp = strchr(sender, '@');
+	if (tmp == NULL)
+		return SRS_ENOSENDERATSIGN;
+	sendhost = tmp + 1;
+
+	len = strlen(sender);
+
+	if (! srs->alwaysrewrite) {
+		if (strcasecmp(sendhost, alias) == 0) {
+			if (strlen(sender) >= buflen)
+				return SRS_EBUFTOOSMALL;
+			strcpy(buf, sender);
+			return SRS_SUCCESS;
+		}
+	}
+
+	/* Reconstruct the whole show into our alloca() buffer. */
+	senduser = alloca(len + 1);
+	strcpy(senduser, sender);
+	tmp = (senduser + (tmp - sender));
+	sendhost = tmp + 1;
+	*tmp = '\0';
+
+	return srs_compile_guarded(srs, buf, buflen,
+					sendhost, senduser, alias);
+}
+
+int		
+srs_forward_alloc(srs_t *srs, char **sptr,
+				const char *sender, const char *alias)
+{
+	char	*buf;
+	int		 slen;
+	int		 alen;
+	int		 len;
+	int		 ret;
+
+	if (srs->noforward)
+		return SRS_ENOTREWRITTEN;
+
+	slen = strlen(sender);
+	alen = strlen(alias);
+
+	/* strlen(SRSxTAG) + strlen("====+@") < 64 */
+	len = slen + alen + srs->hashlength + SRS_TIME_SIZE + 64;
+	buf = (char *)srs_f_malloc(len);
+
+	ret = srs_forward(srs, buf, len, sender, alias);
+
+	if (ret == SRS_SUCCESS)
+		*sptr = buf;
+	else
+		srs_f_free(buf);
+
+	return ret;
+}
+
+int
+srs_reverse(srs_t *srs, char *buf, int buflen, const char *sender)
+{
+	char	*senduser;
+	char	*tmp;
+	int		 len;
+
+	if (!SRS_IS_SRS_ADDRESS(sender))
+		return SRS_ENOTSRSADDRESS;
+
+	if (srs->noreverse)
+		return SRS_ENOTREWRITTEN;
+
+	len = strlen(sender);
+	if (len >= buflen)
+		return SRS_EBUFTOOSMALL;
+	senduser = alloca(len + 1);
+	strcpy(senduser, sender);
+
+	/* We don't really care about the host for reversal. */
+	tmp = strchr(senduser, '@');
+	if (tmp != NULL)
+		*tmp = '\0';
+	return srs_parse_guarded(srs, buf, buflen, senduser);
+}
+
+int
+srs_reverse_alloc(srs_t *srs, char **sptr, const char *sender)
+{
+	char	*buf;
+	int		 len;
+	int		 ret;
+
+	*sptr = NULL;
+
+	if (!SRS_IS_SRS_ADDRESS(sender))
+		return SRS_ENOTSRSADDRESS;
+
+	if (srs->noreverse)
+		return SRS_ENOTREWRITTEN;
+
+	len = strlen(sender) + 1;
+	buf = (char *)srs_f_malloc(len);
+
+	ret = srs_reverse(srs, buf, len, sender);
+
+	if (ret == SRS_SUCCESS)
+		*sptr = buf;
+	else
+		srs_f_free(buf);
+
+	return ret;
+}

srs2.h

@@ -0,0 +1,178 @@
+/* This file is copied from the libsrs2 sources */
+/* Modified by Timo Röhling <timo.roehling@gmx.de> */
+
+/* Copyright (c) 2004 Shevek (srs@anarres.org)
+ * All rights reserved.
+ *
+ * This file is a part of libsrs2 from http://www.libsrs2.org/
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, under the terms of either the GNU General Public
+ * License version 2 or the BSD license, at the discretion of the
+ * user. Copies of these licenses have been included in the libsrs2
+ * distribution. See the the file called LICENSE for more
+ * information.
+ */
+
+#ifndef __SRS2_H__
+#define __SRS2_H__
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+
+#ifndef __BEGIN_DECLS
+#define __BEGIN_DECLS
+#define __END_DECLS
+#endif
+
+__BEGIN_DECLS
+
+#define SRS_VERSION_MAJOR			1
+#define SRS_VERSION_MINOR			0
+#define SRS_VERSION_PATCHLEVEL		14
+#define SRS_VERSION_FROM(m, n, p)	(((m) << 16) + ((n) << 8) + (p))
+#define SRS_VERSION		SRS_VERSION_FROM(SRS_VERSION_MAJOR, \
+										SRS_VERSION_MINOR, \
+										SRS_VERSION_PATCHLEVEL)
+
+/* This is ugly, but reasonably safe. */
+#undef TRUE
+#define TRUE 1
+#undef FALSE
+#define FALSE 0
+
+#define SRSSEP	'='
+#define SRS0TAG	"SRS0"
+#define SRS1TAG	"SRS1"
+
+/* Error codes */
+
+#define SRS_ERRTYPE_MASK		0xF000
+#define SRS_ERRTYPE_NONE		0x0000
+#define SRS_ERRTYPE_CONFIG		0x1000
+#define SRS_ERRTYPE_INPUT		0x2000
+#define SRS_ERRTYPE_SYNTAX		0x4000
+#define SRS_ERRTYPE_SRS			0x8000
+
+#define SRS_SUCCESS				(0)
+#define SRS_ENOTSRSADDRESS		(1)
+#define SRS_ENOTREWRITTEN		(2)
+
+#define SRS_ENOSECRETS			(SRS_ERRTYPE_CONFIG | 1)
+#define SRS_ESEPARATORINVALID	(SRS_ERRTYPE_CONFIG | 2)
+
+#define SRS_ENOSENDERATSIGN		(SRS_ERRTYPE_INPUT | 1)
+#define SRS_EBUFTOOSMALL		(SRS_ERRTYPE_INPUT | 2)
+
+#define SRS_ENOSRS0HOST			(SRS_ERRTYPE_SYNTAX | 1)
+#define SRS_ENOSRS0USER			(SRS_ERRTYPE_SYNTAX | 2)
+#define SRS_ENOSRS0HASH			(SRS_ERRTYPE_SYNTAX | 3)
+#define SRS_ENOSRS0STAMP		(SRS_ERRTYPE_SYNTAX | 4)
+#define SRS_ENOSRS1HOST			(SRS_ERRTYPE_SYNTAX | 5)
+#define SRS_ENOSRS1USER			(SRS_ERRTYPE_SYNTAX | 6)
+#define SRS_ENOSRS1HASH			(SRS_ERRTYPE_SYNTAX | 7)
+#define	SRS_EBADTIMESTAMPCHAR	(SRS_ERRTYPE_SYNTAX | 8)
+#define SRS_EHASHTOOSHORT		(SRS_ERRTYPE_SYNTAX | 9)
+
+#define SRS_ETIMESTAMPOUTOFDATE	(SRS_ERRTYPE_SRS | 1)
+#define SRS_EHASHINVALID		(SRS_ERRTYPE_SRS | 2)
+
+#define SRS_ERROR_TYPE(x) ((x) & SRS_ERRTYPE_MASK)
+
+/* SRS implementation */
+
+#define SRS_IS_SRS_ADDRESS(x) ( \
+				(strncasecmp((x), "SRS", 3) == 0) && \
+				(strchr("01", (x)[3]) != NULL) && \
+				(strchr("-+=", (x)[4]) != NULL) \
+			)
+
+typedef void *(*srs_malloc_t)(size_t);
+typedef void *(*srs_realloc_t)(void *, size_t);
+typedef void (*srs_free_t)(void *);
+
+typedef int srs_bool;
+
+typedef
+struct _srs_t {
+	/* Rewriting parameters */
+	char	**secrets;
+	int		  numsecrets;
+	char	  separator;
+
+	/* Security parameters */
+	int		  maxage;			/* Maximum allowed age in seconds */
+	int		  hashlength;
+	int		  hashmin;
+
+	/* Behaviour parameters */
+	srs_bool  alwaysrewrite;	/* Rewrite even into same domain? */
+	srs_bool  noforward;		/* Never perform forwards rewriting */
+	srs_bool  noreverse;		/* Never perform reverse rewriting */
+	char	**neverrewrite;		/* A list of non-rewritten domains */
+} srs_t;
+
+/* Interface */
+int		 srs_set_malloc(srs_malloc_t m, srs_realloc_t r, srs_free_t f);
+srs_t	*srs_new();
+void	 srs_init(srs_t *srs);
+void	 srs_free(srs_t *srs);
+int		 srs_forward(srs_t *srs, char *buf, int buflen,
+				const char *sender, const char *alias);
+int		 srs_forward_alloc(srs_t *srs, char **sptr,
+				const char *sender, const char *alias);
+int		 srs_reverse(srs_t *srs, char *buf, int buflen,
+				const char *sender);
+int		 srs_reverse_alloc(srs_t *srs, char **sptr, const char *sender);
+const char *
+		 srs_strerror(int code);
+int		 srs_add_secret(srs_t *srs, const char *secret);
+const char *
+		 srs_get_secret(srs_t *srs, int idx);
+	/* You probably shouldn't call these. */
+int		 srs_timestamp_create(srs_t *srs, char *buf, time_t now);
+int		 srs_timestamp_check(srs_t *srs, const char *stamp);
+
+#define SRS_PARAM_DECLARE(n, t) \
+	int srs_set_ ## n (srs_t *srs, t value); \
+	t srs_get_ ## n (srs_t *srs);
+
+SRS_PARAM_DECLARE(alwaysrewrite, srs_bool)
+SRS_PARAM_DECLARE(separator, char)
+SRS_PARAM_DECLARE(maxage, int)
+SRS_PARAM_DECLARE(hashlength, int)
+SRS_PARAM_DECLARE(hashmin, int)
+SRS_PARAM_DECLARE(noforward, srs_bool)
+SRS_PARAM_DECLARE(noreverse, srs_bool)
+
+/* SHA1 implementation */
+
+typedef unsigned long	ULONG;	 /* 32-or-more-bit quantity */
+typedef unsigned char	sha_byte;
+
+#define SHA_BLOCKSIZE				64
+#define SHA_DIGESTSIZE				20
+
+typedef struct {
+	ULONG digest[5];				/* message digest */
+	ULONG count_lo, count_hi;		/* 64-bit bit count */
+	sha_byte data[SHA_BLOCKSIZE];		/* SHA data buffer */
+	int local;						/* unprocessed amount in data */
+} SHA_INFO;
+
+typedef
+struct _srs_hmac_ctx_t {
+	SHA_INFO	sctx;
+	char		ipad[SHA_BLOCKSIZE + 1];
+	char		opad[SHA_BLOCKSIZE + 1];
+} srs_hmac_ctx_t;
+
+void	 srs_hmac_init(srs_hmac_ctx_t *ctx, char *secret, int len);
+void	 srs_hmac_update(srs_hmac_ctx_t *ctx, char *data, int len);
+void	 srs_hmac_fini(srs_hmac_ctx_t *ctx, char *out);
+
+
+__END_DECLS
+
+#endif