Merge branch 'master' into ppa

.gitignore

 build
+.project
+.cproject
+.settings

README.md

 
 Configuration
 =============
-The configuration is located in `/etc/default/postsrsd`. You must store 
-a secret key in `/etc/postsrsd.secret`. The installer tries to generate 
+The configuration is located in `/etc/default/postsrsd`. You must store
+at least one secret key in `/etc/postsrsd.secret`. The installer tries to generate
 one from `/dev/urandom`. Be careful that no one can guess your secret,
 because anyone who knows it can use your mail server as open relay!
+Each line of `/etc/postsrsd.secret` is used as secret. The first secret is
+used for signing and verification, the others for verification only.
 
 PostSRSd exposes its functionality via two TCP lookup tables. The
 recommended Postfix configuration is to add the following fragment to

postsrsd.c

   if (c >= '0' && c <= '9') return c - '0';
   if (c >= 'a' && c <= 'f') return c - 'a' + 10;
   if (c >= 'A' && c <= 'F') return c - 'A' + 10;
+  return 0;
 }
 
 static char num2hex (char c)
   return buf;
 }
 
-static void handle_forward (srs_t *srs, FILE *fp, const char *address, const char *domain)
+static void handle_forward (srs_t *srs, FILE *fp, const char *address, const char *domain, const char **excludes)
 {
   int result;
+  size_t addrlen;
   char value[1024];
   char outputbuf[1024], *output;
 
+  addrlen = strlen(address);
+  for(; *excludes; excludes++) {
+    size_t len;
+    len = strlen(*excludes);
+    if (len >= addrlen) continue;
+    if (strcasecmp(*excludes, &address[addrlen - len]) == 0 && (**excludes == '.' || address[addrlen - len - 1] == '@')) {
+      fputs ("500 Domain excluded from SRS\n", fp);
+      fflush (fp);
+      return;
+    }
+  }
   result = srs_forward(srs, value, sizeof(value), address, domain);
   if (result == SRS_SUCCESS) {
     output = url_encode(outputbuf, sizeof(outputbuf), value);
   fflush (fp);
 }
 
-static void handle_reverse (srs_t *srs, FILE *fp, const char *address, const char *domain)
+static void handle_reverse (srs_t *srs, FILE *fp, const char *address, const char *domain, const char **excludes)
 {
   int result;
   char value[1024];
     "\n"
     "Usage: %s -s<file> -d<domain> [other options]\n"
     "Options:\n"
-    "   -s<file>       read secret from file (required)\n"
+    "   -s<file>       read secrets from file (required)\n"
     "   -d<domain>     set domain name for rewrite (required)\n"
     "   -f<port>       set port for the forward SRS lookup (default: 10001)\n"
     "   -r<port>       set port for the reverse SRS lookup (default: 10002)\n"
     "   -c<dir>        chroot to <dir> (default: none)\n"
     "   -u<user>       switch user id after port bind (default: none)\n"
     "   -t<seconds>    timeout for idle client connections (default: 1800)\n"
+    "   -X<domain>     exclude additional domain from address rewriting\n"
     "   -D             fork into background\n"
     "   -4             force IPv4 socket (default: any)\n"
     "   -6             force IPv6 socket (default: any)\n"
   );
 }
 
-typedef void(*handle_t)(srs_t*, FILE*, const char*, const char*);
+typedef void(*handle_t)(srs_t*, FILE*, const char*, const char*, const char**);
 
 int main (int argc, char **argv)
 {
        *user = NULL, *domain = NULL, *chroot_dir = NULL;
   int forward_sock, reverse_sock;
   char *secret_file = NULL, *pid_file = NULL;
-  FILE *pf = NULL;
+  FILE *pf = NULL, *sf = NULL;
   struct passwd *pwd = NULL;
-  char secret[1024];
+  char secretbuf[1024], *secret = NULL;
   char *tmp;
   srs_t *srs;
   struct pollfd fds[3];
+  const char **excludes;
+  size_t s1 = 0, s2 = 1;
   handle_t handler[2] = { handle_forward, handle_reverse };
 
+  excludes = (const char**)calloc(1, sizeof(char*));
   tmp = strrchr(argv[0], '/');
   if (tmp) self = strdup(tmp + 1); else self = strdup(argv[0]);
 
-  while ((opt = getopt(argc, argv, "46d:f:r:s:u:t:p:c:Dhv")) != -1) {
+  while ((opt = getopt(argc, argv, "46d:f:r:s:u:t:p:c:X::Dhv")) != -1) {
     switch (opt) {
       case '?':
         return EXIT_FAILURE;
         user = strdup(optarg);
         break;
       case 'c':
-	chroot_dir = strdup(optarg);
-	break;
+        chroot_dir = strdup(optarg);
+        break;
       case 'D':
         daemonize = TRUE;
         break;
       case 'h':
-	show_help();
+        show_help();
         return EXIT_SUCCESS;
+      case 'X':
+        if (optarg != NULL) {
+          tmp = strtok(optarg, ",; \t\r\n");
+          while (tmp) {
+            if (s1 + 1 >= s2) {
+              s2 *= 2;
+              excludes = (const char **)realloc(excludes, s2 * sizeof(char*));
+              if (excludes == NULL) {
+                fprintf (stderr, "%s: Out of memory\n\n", self);
+                return EXIT_FAILURE;
+              }
+            }
+            excludes[s1++] = strdup(tmp);
+            tmp = strtok(NULL, ",; \t\r\n");
+          }
+          excludes[s1] = NULL;
+        }
+        break;
       case 'v':
-	fprintf (stdout, "%s\n", VERSION);
-	return EXIT_SUCCESS;
+        fprintf (stdout, "%s\n", VERSION);
+        return EXIT_SUCCESS;
     }
   }
   if (domain == NULL) {
   /* Read secret. The default installation makes this root accessible only. */
   if (secret_file != NULL) {
     size_t len;
-    FILE *fp = fopen(secret_file, "rb");
-    if (fp == NULL) {
+    sf = fopen(secret_file, "rb");
+    if (sf == NULL) {
       fprintf (stderr, "%s: Cannot open file with secret: %s\n", self, secret_file);
       return EXIT_FAILURE;
     }
-    len = fread(secret, 1, sizeof(secret) - 1, fp);
-    if (len == 0 || len > sizeof(secret) - 1) {
-      fprintf (stderr, "%s: Cannot read secret from file: %s\n", self, secret_file);
-      return EXIT_FAILURE;
-    }
-    secret[len] = 0;
-    fclose (fp);
   } else {
     fprintf (stderr, "%s: You must set a secret (-s)\n", self);
     show_help();
   }
 
   srs = srs_new();
-  srs_add_secret (srs, secret);
+  while ((secret = fgets(secretbuf, sizeof(secretbuf), sf))) {
+    secret = strtok(secret, "\r\n");
+    if (secret)
+      srs_add_secret (srs, secret);
+  }
+  fclose (sf);
   srs_set_separator (srs, '+');
 
   fds[0].fd = forward_sock;
             }
             key = url_decode(keybuf, sizeof(keybuf), token);
             if (!key) break;
-            handler[i](srs, fp, key, domain);
+            handler[i](srs, fp, key, domain, excludes);
             if (poll(&fds[2], 1, timeout * 1000) <= 0) break;
             line = fgets(linebuf, sizeof(linebuf), fp);
           }

postsrsd.default

 #
 #SRS_DOMAIN=example.com
 
+# Exclude additional domains.
+# You may list domains which shall not be subjected to address rewriting.
+# If a domain name starts with a dot, it matches all subdomains, but not
+# the domain itself. Separate multiple domains by space or comma.
+#
+#SRS_EXCLUDE_DOMAINS=.example.com,example.org
+
 # Secret key to sign rewritten addresses.
 # When postsrsd is installed for the first time, a random secret is generated
 # and stored in /etc/postsrsd.secret. For most installations, that's just fine.

postsrsd.init.in

     . /etc/default/$NAME
 fi
 
-POSTSRS_OPTS="-4 -f$SRS_FORWARD_PORT -r$SRS_REVERSE_PORT -d$SRS_DOMAIN -s$SRS_SECRET -u$RUN_AS -p$PIDFILE -c$CHROOT -D"
-
 test -r "$SRS_SECRET" -a -n "$SRS_DOMAIN" || exit 0
 
 ret=0
 	if start-stop-daemon --start --oknodo --quiet \
 		--pidfile $PIDFILE \
 		--name $NAME \
-		--startas $DAEMON -- $POSTSRS_OPTS
+		--startas $DAEMON \
+		-- -4 -f"$SRS_FORWARD_PORT" -r"$SRS_REVERSE_PORT" -d"$SRS_DOMAIN" -s"$SRS_SECRET" -u"$RUN_AS" -p"$PIDFILE" -c"$CHROOT" -X"$SRS_EXCLUDE_DOMAINS" -D
 	then
 	    log_end_msg 0
 	else

postsrsd.upstart.in

 	SRS_FORWARD_PORT=10001
 	SRS_REVERSE_PORT=10002
 	SRS_SECRET=/etc/@PROJECT_NAME@.secret
+	SRS_EXCLUDE_DOMAINS=
 	RUN_AS=nobody
 	CHROOT=@CHROOT_DIR@
 	if [ -r "$DEFAULTFILE" ]; then
 		. "$DEFAULTFILE"
 	fi
-	exec @CMAKE_INSTALL_PREFIX@/sbin/@POSTSRSD@ -4 -f$SRS_FORWARD_PORT -r$SRS_REVERSE_PORT -d$SRS_DOMAIN -s$SRS_SECRET -u$RUN_AS -c$CHROOT
+	exec @CMAKE_INSTALL_PREFIX@/sbin/@POSTSRSD@ -4 -f"$SRS_FORWARD_PORT" -r"$SRS_REVERSE_PORT" -d"$SRS_DOMAIN" -s"$SRS_SECRET" -u"$RUN_AS" -c"$CHROOT" -X"$SRS_EXCLUDE_DOMAINS"
 end script