diff options
| author |   Gilles Chehade <gilles@poolp.org> | 2019-07-13 08:26:04 +0200 |
|---|---|---|
| committer | Gilles Chehade <gilles@poolp.org> | 2019-07-13 08:26:04 +0200 |
| commit | fd809b970dfe6e913a95f3c1b0bf018d98f03e71 (patch) | |
| tree | 5ef520b11ebaa7b3da38ed6c710ae8b1f9d0e493 | |
| parent | Merge branch 'master' into portable (diff) | |
| parent | sync (diff) | |
| download | OpenSMTPD-fd809b970dfe6e913a95f3c1b0bf018d98f03e71.tar.xz OpenSMTPD-fd809b970dfe6e913a95f3c1b0bf018d98f03e71.zip | |
Merge branch 'master' into portable
| -rw-r--r-- | smtpd/lka.c | 32 | ||||
| -rw-r--r-- | smtpd/lka_report.c | 24 | ||||
| -rw-r--r-- | smtpd/report_smtp.c | 35 | ||||
| -rw-r--r-- | smtpd/smtp_session.c | 20 | ||||
| -rw-r--r-- | smtpd/smtpd.h | 12 |
5 files changed, 108 insertions, 15 deletions
diff --git a/smtpd/lka.c b/smtpd/lka.c index 2a88fba2..2ea2c168 100644 --- a/smtpd/lka.c +++ b/smtpd/lka.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lka.c,v 1.235 2019/06/27 05:14:49 martijn Exp $ */ +/* $OpenBSD: lka.c,v 1.238 2019/07/11 21:40:03 gilles Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -84,11 +84,14 @@ lka_imsg(struct mproc *p, struct imsg *imsg) struct timeval tv; const char *direction; const char *rdns; - const char *command, *response; + const char *command; + const char *response; const char *ciphers; const char *address; + const char *helomethod; const char *heloname; const char *filter_name; + const char *result; struct sockaddr_storage ss_src, ss_dest; int filter_response; int filter_phase; @@ -409,10 +412,11 @@ lka_imsg(struct mproc *p, struct imsg *imsg) m_get_string(&m, &direction); m_get_timeval(&m, &tv); m_get_id(&m, &reqid); + m_get_string(&m, &helomethod); m_get_string(&m, &heloname); m_end(&m); - lka_report_smtp_link_identify(direction, &tv, reqid, heloname); + lka_report_smtp_link_identify(direction, &tv, reqid, helomethod, heloname); return; case IMSG_REPORT_SMTP_LINK_TLS: @@ -426,6 +430,28 @@ lka_imsg(struct mproc *p, struct imsg *imsg) lka_report_smtp_link_tls(direction, &tv, reqid, ciphers); return; + case IMSG_REPORT_SMTP_LINK_RESET: + m_msg(&m, imsg); + m_get_string(&m, &direction); + m_get_timeval(&m, &tv); + m_get_id(&m, &reqid); + m_end(&m); + + lka_report_smtp_link_reset(direction, &tv, reqid); + return; + + case IMSG_REPORT_SMTP_LINK_AUTH: + m_msg(&m, imsg); + m_get_string(&m, &direction); + m_get_timeval(&m, &tv); + m_get_id(&m, &reqid); + m_get_string(&m, &username); + m_get_string(&m, &result); + m_end(&m); + + lka_report_smtp_link_auth(direction, &tv, reqid, username, result); + return; + case IMSG_REPORT_SMTP_TX_BEGIN: m_msg(&m, imsg); m_get_string(&m, &direction); diff --git a/smtpd/lka_report.c b/smtpd/lka_report.c index ecb28706..9ffdf1fa 100644 --- a/smtpd/lka_report.c +++ b/smtpd/lka_report.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lka_report.c,v 1.18 2019/07/09 15:43:24 gilles Exp $ */ +/* $OpenBSD: lka_report.c,v 1.21 2019/07/11 21:40:03 gilles Exp $ */ /* * Copyright (c) 2018 Gilles Chehade <gilles@poolp.org> @@ -55,6 +55,8 @@ static struct smtp_events { { "link-disconnect" }, { "link-identify" }, { "link-tls" }, + { "link-reset" }, + { "link-auth" }, { "tx-begin" }, { "tx-mail" }, @@ -219,10 +221,26 @@ lka_report_smtp_link_disconnect(const char *direction, struct timeval *tv, uint6 } void -lka_report_smtp_link_identify(const char *direction, struct timeval *tv, uint64_t reqid, const char *heloname) +lka_report_smtp_link_reset(const char *direction, struct timeval *tv, uint64_t reqid) +{ + report_smtp_broadcast(reqid, direction, tv, "link-reset", + "%016"PRIx64"\n", reqid); +} + +void +lka_report_smtp_link_auth(const char *direction, struct timeval *tv, uint64_t reqid, + const char *username, const char *result) +{ + report_smtp_broadcast(reqid, direction, tv, "link-auth", + "%016"PRIx64"|%s|%s\n", reqid, username, result); +} + +void +lka_report_smtp_link_identify(const char *direction, struct timeval *tv, + uint64_t reqid, const char *method, const char *heloname) { report_smtp_broadcast(reqid, direction, tv, "link-identify", - "%016"PRIx64"|%s\n", reqid, heloname); + "%016"PRIx64"|%s|%s\n", reqid, method, heloname); } void diff --git a/smtpd/report_smtp.c b/smtpd/report_smtp.c index 81e9584c..b409f123 100644 --- a/smtpd/report_smtp.c +++ b/smtpd/report_smtp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: report_smtp.c,v 1.4 2019/01/05 09:43:39 gilles Exp $ */ +/* $OpenBSD: report_smtp.c,v 1.7 2019/07/11 21:40:03 gilles Exp $ */ /* * Copyright (c) 2018 Gilles Chehade <gilles@poolp.org> @@ -70,7 +70,7 @@ report_smtp_link_connect(const char *direction, uint64_t qid, const char *rdns, } void -report_smtp_link_identify(const char *direction, uint64_t qid, const char *identity) +report_smtp_link_identify(const char *direction, uint64_t qid, const char *method, const char *identity) { struct timeval tv; @@ -80,6 +80,7 @@ report_smtp_link_identify(const char *direction, uint64_t qid, const char *ident m_add_string(p_lka, direction); m_add_timeval(p_lka, &tv); m_add_id(p_lka, qid); + m_add_string(p_lka, method); m_add_string(p_lka, identity); m_close(p_lka); } @@ -114,6 +115,36 @@ report_smtp_link_disconnect(const char *direction, uint64_t qid) } void +report_smtp_link_reset(const char *direction, uint64_t qid) +{ + struct timeval tv; + + gettimeofday(&tv, NULL); + + m_create(p_lka, IMSG_REPORT_SMTP_LINK_RESET, 0, 0, -1); + m_add_string(p_lka, direction); + m_add_timeval(p_lka, &tv); + m_add_id(p_lka, qid); + m_close(p_lka); +} + +void +report_smtp_link_auth(const char *direction, uint64_t qid, const char *user, const char *result) +{ + struct timeval tv; + + gettimeofday(&tv, NULL); + + m_create(p_lka, IMSG_REPORT_SMTP_LINK_AUTH, 0, 0, -1); + m_add_string(p_lka, direction); + m_add_timeval(p_lka, &tv); + m_add_id(p_lka, qid); + m_add_string(p_lka, user); + m_add_string(p_lka, result); + m_close(p_lka); +} + +void report_smtp_tx_begin(const char *direction, uint64_t qid, uint32_t msgid) { struct timeval tv; diff --git a/smtpd/smtp_session.c b/smtpd/smtp_session.c index 0c3cf428..85eea4c5 100644 --- a/smtpd/smtp_session.c +++ b/smtpd/smtp_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtp_session.c,v 1.395 2019/07/03 03:24:03 deraadt Exp $ */ +/* $OpenBSD: smtp_session.c,v 1.400 2019/07/11 21:40:03 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org> @@ -945,6 +945,7 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg) "result=ok", s->id, user); s->flags |= SF_AUTHENTICATED; + report_smtp_link_auth("smtp-in", s->id, user, "pass"); smtp_reply(s, "235 %s: Authentication succeeded", esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS)); } @@ -953,6 +954,7 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg) "authentication user=%s " "result=permfail", s->id, user); + report_smtp_link_auth("smtp-in", s->id, user, "fail"); smtp_auth_failure_pause(s); return; } @@ -961,6 +963,7 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg) "authentication user=%s " "result=tempfail", s->id, user); + report_smtp_link_auth("smtp-in", s->id, user, "error"); smtp_reply(s, "421 %s: Temporary failure", esc_code(ESC_STATUS_TEMPFAIL, ESC_OTHER_MAIL_SYSTEM_STATUS)); } @@ -1206,20 +1209,27 @@ smtp_command(struct smtp_session *s, char *line) int cmd, i; log_trace(TRACE_SMTP, "smtp: %p: <<< %s", s, line); - report_smtp_protocol_client("smtp-in", s->id, line); /* * These states are special. */ if (s->state == STATE_AUTH_INIT) { + report_smtp_protocol_client("smtp-in", s->id, "********"); smtp_rfc4954_auth_plain(s, line); return; } if (s->state == STATE_AUTH_USERNAME || s->state == STATE_AUTH_PASSWORD) { + report_smtp_protocol_client("smtp-in", s->id, "********"); smtp_rfc4954_auth_login(s, line); return; } + if (s->state == STATE_HELO && strncasecmp(line, "AUTH PLAIN ", 11) == 0) + report_smtp_protocol_client("smtp-in", s->id, "AUTH PLAIN ********"); + else + report_smtp_protocol_client("smtp-in", s->id, line); + + /* * Unlike other commands, "mail from" and "rcpt to" contain a * space in the command name. @@ -1720,6 +1730,8 @@ smtp_proceed_rset(struct smtp_session *s, const char *args) smtp_tx_free(s->tx); } + report_smtp_link_reset("smtp-in", s->id); + smtp_reply(s, "250 %s: Reset state", esc_code(ESC_STATUS_OK, ESC_OTHER_STATUS)); } @@ -1730,7 +1742,7 @@ smtp_proceed_helo(struct smtp_session *s, const char *args) (void)strlcpy(s->helo, args, sizeof(s->helo)); s->flags &= SF_SECURE | SF_AUTHENTICATED | SF_VERIFIED; - report_smtp_link_identify("smtp-in", s->id, s->helo); + report_smtp_link_identify("smtp-in", s->id, "HELO", s->helo); smtp_enter_state(s, STATE_HELO); smtp_reply(s, "250 %s Hello %s [%s], pleased to meet you", @@ -1747,7 +1759,7 @@ smtp_proceed_ehlo(struct smtp_session *s, const char *args) s->flags |= SF_EHLO; s->flags |= SF_8BITMIME; - report_smtp_link_identify("smtp-in", s->id, s->helo); + report_smtp_link_identify("smtp-in", s->id, "EHLO", s->helo); smtp_enter_state(s, STATE_HELO); smtp_reply(s, "250-%s Hello %s [%s], pleased to meet you", diff --git a/smtpd/smtpd.h b/smtpd/smtpd.h index 4f646ca5..858d4e88 100644 --- a/smtpd/smtpd.h +++ b/smtpd/smtpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.h,v 1.625 2019/06/27 05:14:49 martijn Exp $ */ +/* $OpenBSD: smtpd.h,v 1.628 2019/07/11 21:40:03 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org> @@ -338,6 +338,8 @@ enum imsg_type { IMSG_REPORT_SMTP_LINK_DISCONNECT, IMSG_REPORT_SMTP_LINK_IDENTIFY, IMSG_REPORT_SMTP_LINK_TLS, + IMSG_REPORT_SMTP_LINK_RESET, + IMSG_REPORT_SMTP_LINK_AUTH, IMSG_REPORT_SMTP_TX_BEGIN, IMSG_REPORT_SMTP_TX_MAIL, IMSG_REPORT_SMTP_TX_RCPT, @@ -1356,8 +1358,10 @@ void lka_report_register_hook(const char *, const char *); void lka_report_smtp_link_connect(const char *, struct timeval *, uint64_t, const char *, int, const struct sockaddr_storage *, const struct sockaddr_storage *); void lka_report_smtp_link_disconnect(const char *, struct timeval *, uint64_t); -void lka_report_smtp_link_identify(const char *, struct timeval *, uint64_t, const char *); +void lka_report_smtp_link_identify(const char *, struct timeval *, uint64_t, const char *, const char *); void lka_report_smtp_link_tls(const char *, struct timeval *, uint64_t, const char *); +void lka_report_smtp_link_reset(const char *, struct timeval *, uint64_t); +void lka_report_smtp_link_auth(const char *, struct timeval *, uint64_t, const char *, const char *); void lka_report_smtp_tx_begin(const char *, struct timeval *, uint64_t, uint32_t); void lka_report_smtp_tx_mail(const char *, struct timeval *, uint64_t, uint32_t, const char *, int); void lka_report_smtp_tx_rcpt(const char *, struct timeval *, uint64_t, uint32_t, const char *, int); @@ -1523,8 +1527,10 @@ int queue_message_walk(struct envelope *, uint32_t, int *, void **); void report_smtp_link_connect(const char *, uint64_t, const char *, int, const struct sockaddr_storage *, const struct sockaddr_storage *); void report_smtp_link_disconnect(const char *, uint64_t); -void report_smtp_link_identify(const char *, uint64_t, const char *); +void report_smtp_link_identify(const char *, uint64_t, const char *, const char *); void report_smtp_link_tls(const char *, uint64_t, const char *); +void report_smtp_link_reset(const char *, uint64_t); +void report_smtp_link_auth(const char *, uint64_t, const char *, const char *); void report_smtp_tx_begin(const char *, uint64_t, uint32_t); void report_smtp_tx_mail(const char *, uint64_t, uint32_t, const char *, int); void report_smtp_tx_rcpt(const char *, uint64_t, uint32_t, const char *, int); |