diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2017-06-13 18:27:55 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2017-06-13 18:39:25 +0200 |
| commit | 402799906a53aeb3c6feff9b3e98d750acd559e0 (patch) | |
| tree | 2036651d23a27ecd53f30efefffe69f6e2bd8ad5 | |
| parent | 8a227e93b1f8d6ffbdde9433b99ac820db513c9f (diff) | |
postfix-sender-login: strip extension before lookup.
Users can add an extension (following postconf(5)'s
$recipient_delimiter) to the local part of any envelope sender address
already allowed.
| -rwxr-xr-x | roles/MSA/files/usr/local/bin/postfix-sender-login.pl | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/roles/MSA/files/usr/local/bin/postfix-sender-login.pl b/roles/MSA/files/usr/local/bin/postfix-sender-login.pl index 3248e15..374cc70 100755 --- a/roles/MSA/files/usr/local/bin/postfix-sender-login.pl +++ b/roles/MSA/files/usr/local/bin/postfix-sender-login.pl @@ -108,40 +108,41 @@ sub process_request($) { my $strlen = length("$1") + 1; # [len]":" my $len = $strlen + $1 + 1; # [len]":"[string]"," while ($offset < $len) { my $n = sysread($conn, $buf, $BUFSIZE, $offset) // do { next if $! == EINTR; return "TEMP can't read: $!"; }; return "TEMP EOF" if $n == 0; $offset += $n; } # requests are of the form $name <space> $key, cf. socketmap_table(5) my $i = index($buf, ' ', $strlen); return "TEMP invalid input: $buf" unless $i > $strlen and substr($buf,-1) eq ','; my $name = substr($buf, $strlen, $i-$strlen); my $key = substr($buf, $i, -1); return "TEMP invalid name: $name" unless $name eq 'sender_login'; $key =~ /\A(.+)@([^\@]+)\z/ or return "NOTFOUND "; # invalid sender address my ($localpart, $domainpart) = ($1, $2); + $localpart =~ s/\+.*//; # strip extension, cf. postconf(5)'s $recipient_delimiter my $ldap = Net::LDAPI::->new( $LDAPI ) // return "TEMP couldn't create Net::LDAPI object"; $ldap->bind( undef, sasl => Authen::SASL::->new(mechanism => 'EXTERNAL') ) or return "TEMP LDAP: couldn't bind"; my $reply = lookup_sender($ldap, $localpart, $domainpart); $ldap->unbind(); return $reply; } sub lookup_sender($$$) { my ($ldap, $l, $d) = @_; my $filter = '(&(objectClass=FripostVirtualDomain)(fvd='.escape_filter_value($d).'))'; my $mesg = $ldap->search( base => $BASEDN, scope => 'one', deref => 'never' , filter => $filter , attrs => [qw/objectClass fripostOwner fripostPostmaster/] ); return "TEMP LDAP error: ".$mesg->error() if $mesg->code; |