Make hash length and hash minimum length configurable

init/postsrsd.default.in

 #
 SRS_SECRET=@SYSCONF_DIR@/@PROJECT_NAME@.secret
 
+# Length of hash to be used in rewritten addresses
+SRS_HASHLENGTH=4
+
+# Minimum length of hash to accept when validating return addresses
+SRS_HASHMIN=4
+
 # Local ports for TCP list.
 # These ports are used to bind the TCP list for postfix. If you change
 # these, you have to modify the postfix settings accordingly. The ports

init/postsrsd.systemd.in

 # Load the real configuration.
 EnvironmentFile=@CONFIG_DIR@/@PROJECT_NAME@
 
-ExecStart=@CMAKE_INSTALL_PREFIX@/sbin/@POSTSRSD@ -f "${SRS_FORWARD_PORT}" -r "${SRS_REVERSE_PORT}" -d "${SRS_DOMAIN}" -s "${SRS_SECRET}" -a "${SRS_SEPARATOR}" -u "${RUN_AS}" -c "${CHROOT}" -X"${SRS_EXCLUDE_DOMAINS}"
+ExecStart=@CMAKE_INSTALL_PREFIX@/sbin/@POSTSRSD@ -f "${SRS_FORWARD_PORT}" -r "${SRS_REVERSE_PORT}" -d "${SRS_DOMAIN}" -s "${SRS_SECRET}" -a "${SRS_SEPARATOR}" -n "${SRS_HASHLENGTH}" -N "${SRS_HASHMIN}" -u "${RUN_AS}" -c "${CHROOT}" -X"${SRS_EXCLUDE_DOMAINS}"
 
 [Install]
 WantedBy=multi-user.target

init/postsrsd.sysv-lsb.in

 		--pidfile $PIDFILE \
 		--name $NAME \
 		--startas $DAEMON \
-		-- -f "$SRS_FORWARD_PORT" -r "$SRS_REVERSE_PORT" -d "$SRS_DOMAIN" -s "$SRS_SECRET" -a "$SRS_SEPARATOR" -u "$RUN_AS" -p "$PIDFILE" -c "$CHROOT" -D -X"$SRS_EXCLUDE_DOMAINS"
+		-- -f "$SRS_FORWARD_PORT" -r "$SRS_REVERSE_PORT" -d "$SRS_DOMAIN" -s "$SRS_SECRET" -a "$SRS_SEPARATOR" -n "$SRS_HASHLENGTH" -N "$SRS_HASHMIN" -u "$RUN_AS" -p "$PIDFILE" -c "$CHROOT" -D -X"$SRS_EXCLUDE_DOMAINS"
 	then
 	    log_end_msg 0
 	else

init/postsrsd.sysv-redhat.in

 do_start()
 {
 	echo -n "Starting $DESC: "
-	daemon $DAEMON -f "$SRS_FORWARD_PORT" -r "$SRS_REVERSE_PORT" -d "$SRS_DOMAIN" -s "$SRS_SECRET" \
+	daemon $DAEMON -f "$SRS_FORWARD_PORT" -r "$SRS_REVERSE_PORT" -d "$SRS_DOMAIN" \
+	               -s "$SRS_SECRET" -n "$SRS_HASHLENGTH" -N "$SRS_HASHMIN" \
 	               -u "$RUN_AS" -p "$PIDFILE" -a "$SRS_SEPARATOR" -c "$CHROOT" -D -X"$SRS_EXCLUDE_DOMAINS"
 	RETVAL=$?
 	echo

init/postsrsd.upstart.in

 	SRS_DOMAIN=`postconf -h mydomain || true`
 	SRS_EXCLUDE_DOMAINS=
 	. "@CONFIG_DIR@/@PROJECT_NAME@"
-	exec @CMAKE_INSTALL_PREFIX@/sbin/@POSTSRSD@ -f "$SRS_FORWARD_PORT" -r "$SRS_REVERSE_PORT" -d "$SRS_DOMAIN" -s "$SRS_SECRET" -a "$SRS_SEPARATOR" -u "$RUN_AS" -c "$CHROOT" -X"$SRS_EXCLUDE_DOMAINS"
+	exec @CMAKE_INSTALL_PREFIX@/sbin/@POSTSRSD@ -f "$SRS_FORWARD_PORT" -r "$SRS_REVERSE_PORT" -d "$SRS_DOMAIN" -s "$SRS_SECRET" -a "$SRS_SEPARATOR" -n "$SRS_HASHLENGTH" -N "$SRS_HASHMIN" -u "$RUN_AS" -c "$CHROOT" -X"$SRS_EXCLUDE_DOMAINS"
 end script
 

postsrsd.c

     "   -s<file>       read secrets from file (required)\n"
     "   -d<domain>     set domain name for rewrite (required)\n"
     "   -a<char>       set first separator character which can be one of: -=+ (default: =)\n"
+    "   -n<num>        length of hash to be used in rewritten addresses (default: 4)\n"
+    "   -N<num>        minimum length of hash to accept for validation (default: 4)\n"
     "   -l<addr>       set socket listen address (default: 127.0.0.1)\n"
     "   -f<port>       set port for the forward SRS lookup (default: 10001)\n"
     "   -r<port>       set port for the reverse SRS lookup (default: 10002)\n"
 
 int main (int argc, char **argv)
 {
-  int opt, timeout = 1800, family = AF_UNSPEC;
+  int opt, timeout = 1800, family = AF_UNSPEC, hashlength = 0, hashmin = 0;
   int daemonize = FALSE;
   char *listen_addr = NULL, *forward_service = NULL, *reverse_service = NULL,
        *user = NULL, *domain = NULL, *chroot_dir = NULL;
   tmp = strrchr(argv[0], '/');
   if (tmp) self = strdup(tmp + 1); else self = strdup(argv[0]);
 
-  while ((opt = getopt(argc, argv, "46d:a:l:f:r:s:u:t:p:c:X::Dhev")) != -1) {
+  while ((opt = getopt(argc, argv, "46d:a:l:f:r:s:n:N:u:t:p:c:X::Dhev")) != -1) {
     switch (opt) {
       case '?':
         return EXIT_FAILURE;
       case 's':
         secret_file = strdup(optarg);
         break;
+      case 'n':
+        hashlength = atoi(optarg);
+        break;
+      case 'N':
+        hashmin = atoi(optarg);
+        break;
       case 'p':
         pid_file = strdup(optarg);
         break;
           domain = strdup(getenv("SRS_DOMAIN"));
         if ( getenv("SRS_SEPARATOR") != NULL )
           separator = *getenv("SRS_SEPARATOR");
+        if ( getenv("SRS_HASHLENGTH") != NULL )
+          hashlength = atoi(getenv("SRS_HASHLENGTH"));
+        if ( getenv("SRS_HASHMIN") != NULL )
+          hashmin = atoi(getenv("SRS_HASHMIN"));
         if ( getenv("SRS_FORWARD_PORT") != NULL )
           forward_service = strdup(getenv("SRS_FORWARD_PORT"));
         if ( getenv("SRS_REVERSE_PORT") != NULL )
   fclose (sf);
 
   srs_set_separator (srs, separator);
+  if (hashlength)
+    srs_set_hashlength (srs, hashlength);
+  if (hashmin)
+    srs_set_hashmin (srs, hashmin);
 
   for (sc = 0; sc < socket_count; ++sc) {
     fds[sc].fd = sockets[sc];

srs2.c

 	len = strlen(hash);
 	if (len < srs->hashmin)
 		return SRS_EHASHTOOSHORT;
-	if (len < srs->hashlength) {
+	if (len > srs->hashlength) {
 		tmp = alloca(srs->hashlength + 1);
 		strncpy(tmp, hash, srs->hashlength);
 		tmp[srs->hashlength] = '\0';