Merge branch 'master' into ppa

.gitignore

@@ -1 +1,4 @@
 build
+.project
+.cproject
+.settings

README.md

@@ -33,10 +33,12 @@ files.
 
 Configuration
 =============
-The configuration is located in `/etc/default/postsrsd`. You must store 
-a secret key in `/etc/postsrsd.secret`. The installer tries to generate 
+The configuration is located in `/etc/default/postsrsd`. You must store
+at least one secret key in `/etc/postsrsd.secret`. The installer tries to generate
 one from `/dev/urandom`. Be careful that no one can guess your secret,
 because anyone who knows it can use your mail server as open relay!
+Each line of `/etc/postsrsd.secret` is used as secret. The first secret is
+used for signing and verification, the others for verification only.
 
 PostSRSd exposes its functionality via two TCP lookup tables. The
 recommended Postfix configuration is to add the following fragment to

postsrsd.c

@@ -85,6 +85,7 @@ static char hex2num (char c)
   if (c >= '0' && c <= '9') return c - '0';
   if (c >= 'a' && c <= 'f') return c - 'a' + 10;
   if (c >= 'A' && c <= 'F') return c - 'A' + 10;
+  return 0;
 }
 
 static char num2hex (char c)
@@ -139,12 +140,24 @@ static char* url_encode (char* buf, size_t len, const char *input)
   return buf;
 }
 
-static void handle_forward (srs_t *srs, FILE *fp, const char *address, const char *domain)
+static void handle_forward (srs_t *srs, FILE *fp, const char *address, const char *domain, const char **excludes)
 {
   int result;
+  size_t addrlen;
   char value[1024];
   char outputbuf[1024], *output;
 
+  addrlen = strlen(address);
+  for(; *excludes; excludes++) {
+    size_t len;
+    len = strlen(*excludes);
+    if (len >= addrlen) continue;
+    if (strcasecmp(*excludes, &address[addrlen - len]) == 0 && (**excludes == '.' || address[addrlen - len - 1] == '@')) {
+      fputs ("500 Domain excluded from SRS\n", fp);
+      fflush (fp);
+      return;
+    }
+  }
   result = srs_forward(srs, value, sizeof(value), address, domain);
   if (result == SRS_SUCCESS) {
     output = url_encode(outputbuf, sizeof(outputbuf), value);
@@ -158,7 +171,7 @@ static void handle_forward (srs_t *srs, FILE *fp, const char *address, const cha
   fflush (fp);
 }
 
-static void handle_reverse (srs_t *srs, FILE *fp, const char *address, const char *domain)
+static void handle_reverse (srs_t *srs, FILE *fp, const char *address, const char *domain, const char **excludes)
 {
   int result;
   char value[1024];
@@ -188,7 +201,7 @@ static void show_help ()
     "\n"
     "Usage: %s -s<file> -d<domain> [other options]\n"
     "Options:\n"
-    "   -s<file>       read secret from file (required)\n"
+    "   -s<file>       read secrets from file (required)\n"
     "   -d<domain>     set domain name for rewrite (required)\n"
     "   -f<port>       set port for the forward SRS lookup (default: 10001)\n"
     "   -r<port>       set port for the reverse SRS lookup (default: 10002)\n"
@@ -196,6 +209,7 @@ static void show_help ()
     "   -c<dir>        chroot to <dir> (default: none)\n"
     "   -u<user>       switch user id after port bind (default: none)\n"
     "   -t<seconds>    timeout for idle client connections (default: 1800)\n"
+    "   -X<domain>     exclude additional domain from address rewriting\n"
     "   -D             fork into background\n"
     "   -4             force IPv4 socket (default: any)\n"
     "   -6             force IPv6 socket (default: any)\n"
@@ -206,7 +220,7 @@ static void show_help ()
   );
 }
 
-typedef void(*handle_t)(srs_t*, FILE*, const char*, const char*);
+typedef void(*handle_t)(srs_t*, FILE*, const char*, const char*, const char**);
 
 int main (int argc, char **argv)
 {
@@ -216,18 +230,21 @@ int main (int argc, char **argv)
        *user = NULL, *domain = NULL, *chroot_dir = NULL;
   int forward_sock, reverse_sock;
   char *secret_file = NULL, *pid_file = NULL;
-  FILE *pf = NULL;
+  FILE *pf = NULL, *sf = NULL;
   struct passwd *pwd = NULL;
-  char secret[1024];
+  char secretbuf[1024], *secret = NULL;
   char *tmp;
   srs_t *srs;
   struct pollfd fds[3];
+  const char **excludes;
+  size_t s1 = 0, s2 = 1;
   handle_t handler[2] = { handle_forward, handle_reverse };
 
+  excludes = (const char**)calloc(1, sizeof(char*));
   tmp = strrchr(argv[0], '/');
   if (tmp) self = strdup(tmp + 1); else self = strdup(argv[0]);
 
-  while ((opt = getopt(argc, argv, "46d:f:r:s:u:t:p:c:Dhv")) != -1) {
+  while ((opt = getopt(argc, argv, "46d:f:r:s:u:t:p:c:X::Dhv")) != -1) {
     switch (opt) {
       case '?':
         return EXIT_FAILURE;
@@ -259,17 +276,35 @@ int main (int argc, char **argv)
         user = strdup(optarg);
         break;
       case 'c':
-	chroot_dir = strdup(optarg);
-	break;
+        chroot_dir = strdup(optarg);
+        break;
       case 'D':
         daemonize = TRUE;
         break;
       case 'h':
-	show_help();
+        show_help();
         return EXIT_SUCCESS;
+      case 'X':
+        if (optarg != NULL) {
+          tmp = strtok(optarg, ",; \t\r\n");
+          while (tmp) {
+            if (s1 + 1 >= s2) {
+              s2 *= 2;
+              excludes = (const char **)realloc(excludes, s2 * sizeof(char*));
+              if (excludes == NULL) {
+                fprintf (stderr, "%s: Out of memory\n\n", self);
+                return EXIT_FAILURE;
+              }
+            }
+            excludes[s1++] = strdup(tmp);
+            tmp = strtok(NULL, ",; \t\r\n");
+          }
+          excludes[s1] = NULL;
+        }
+        break;
       case 'v':
-	fprintf (stdout, "%s\n", VERSION);
-	return EXIT_SUCCESS;
+        fprintf (stdout, "%s\n", VERSION);
+        return EXIT_SUCCESS;
     }
   }
   if (domain == NULL) {
@@ -291,18 +326,11 @@ int main (int argc, char **argv)
   /* Read secret. The default installation makes this root accessible only. */
   if (secret_file != NULL) {
     size_t len;
-    FILE *fp = fopen(secret_file, "rb");
-    if (fp == NULL) {
+    sf = fopen(secret_file, "rb");
+    if (sf == NULL) {
       fprintf (stderr, "%s: Cannot open file with secret: %s\n", self, secret_file);
       return EXIT_FAILURE;
     }
-    len = fread(secret, 1, sizeof(secret) - 1, fp);
-    if (len == 0 || len > sizeof(secret) - 1) {
-      fprintf (stderr, "%s: Cannot read secret from file: %s\n", self, secret_file);
-      return EXIT_FAILURE;
-    }
-    secret[len] = 0;
-    fclose (fp);
   } else {
     fprintf (stderr, "%s: You must set a secret (-s)\n", self);
     show_help();
@@ -370,7 +398,12 @@ int main (int argc, char **argv)
   }
 
   srs = srs_new();
-  srs_add_secret (srs, secret);
+  while ((secret = fgets(secretbuf, sizeof(secretbuf), sf))) {
+    secret = strtok(secret, "\r\n");
+    if (secret)
+      srs_add_secret (srs, secret);
+  }
+  fclose (sf);
   srs_set_separator (srs, '+');
 
   fds[0].fd = forward_sock;
@@ -416,7 +449,7 @@ int main (int argc, char **argv)
             }
             key = url_decode(keybuf, sizeof(keybuf), token);
             if (!key) break;
-            handler[i](srs, fp, key, domain);
+            handler[i](srs, fp, key, domain, excludes);
             if (poll(&fds[2], 1, timeout * 1000) <= 0) break;
             line = fgets(linebuf, sizeof(linebuf), fp);
           }

postsrsd.default

@@ -6,6 +6,13 @@
 #
 #SRS_DOMAIN=example.com
 
+# Exclude additional domains.
+# You may list domains which shall not be subjected to address rewriting.
+# If a domain name starts with a dot, it matches all subdomains, but not
+# the domain itself. Separate multiple domains by space or comma.
+#
+#SRS_EXCLUDE_DOMAINS=.example.com,example.org
+
 # Secret key to sign rewritten addresses.
 # When postsrsd is installed for the first time, a random secret is generated
 # and stored in /etc/postsrsd.secret. For most installations, that's just fine.

postsrsd.init.in

@@ -41,8 +41,6 @@ then
     . /etc/default/$NAME
 fi
 
-POSTSRS_OPTS="-4 -f$SRS_FORWARD_PORT -r$SRS_REVERSE_PORT -d$SRS_DOMAIN -s$SRS_SECRET -u$RUN_AS -p$PIDFILE -c$CHROOT -D"
-
 test -r "$SRS_SECRET" -a -n "$SRS_DOMAIN" || exit 0
 
 ret=0
@@ -52,7 +50,8 @@ case "$1" in
 	if start-stop-daemon --start --oknodo --quiet \
 		--pidfile $PIDFILE \
 		--name $NAME \
-		--startas $DAEMON -- $POSTSRS_OPTS
+		--startas $DAEMON \
+		-- -4 -f"$SRS_FORWARD_PORT" -r"$SRS_REVERSE_PORT" -d"$SRS_DOMAIN" -s"$SRS_SECRET" -u"$RUN_AS" -p"$PIDFILE" -c"$CHROOT" -X"$SRS_EXCLUDE_DOMAINS" -D
 	then
 	    log_end_msg 0
 	else

postsrsd.upstart.in

@@ -12,11 +12,12 @@ script
 	SRS_FORWARD_PORT=10001
 	SRS_REVERSE_PORT=10002
 	SRS_SECRET=/etc/@PROJECT_NAME@.secret
+	SRS_EXCLUDE_DOMAINS=
 	RUN_AS=nobody
 	CHROOT=@CHROOT_DIR@
 	if [ -r "$DEFAULTFILE" ]; then
 		. "$DEFAULTFILE"
 	fi
-	exec @CMAKE_INSTALL_PREFIX@/sbin/@POSTSRSD@ -4 -f$SRS_FORWARD_PORT -r$SRS_REVERSE_PORT -d$SRS_DOMAIN -s$SRS_SECRET -u$RUN_AS -c$CHROOT
+	exec @CMAKE_INSTALL_PREFIX@/sbin/@POSTSRSD@ -4 -f"$SRS_FORWARD_PORT" -r"$SRS_REVERSE_PORT" -d"$SRS_DOMAIN" -s"$SRS_SECRET" -u"$RUN_AS" -c"$CHROOT" -X"$SRS_EXCLUDE_DOMAINS"
 end script