-
Notifications
You must be signed in to change notification settings - Fork 0
/
clamsmtp-1.9rbl.patch
245 lines (237 loc) · 6.79 KB
/
clamsmtp-1.9rbl.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
*** clamsmtp-1.9.org/configure.in 2007-05-27 03:01:56.000000000 +0300
--- clamsmtp-1.9.new/configure.in 2008-05-01 03:24:23.000000000 +0300
***************
*** 125,128 ****
--- 125,130 ----
fi
+ AC_CHECK_LIB(resolv,__res_query,[LIBS="${LIBS} -lresolv"],[echo "resolver library not found"; exit 1])
+
# Have to resolve this for the path below
if test "${prefix}" = "NONE"; then
*** clamsmtp-1.9.org/configure 2007-05-28 22:15:38.000000000 +0300
--- clamsmtp-1.9.new/configure 2008-05-01 03:29:35.000000000 +0300
***************
*** 6039,6042 ****
--- 6039,6110 ----
fi
+ { echo "$as_me:$LINENO: checking for __res_query in -lresolv" >&5
+ echo $ECHO_N "checking for __res_query in -lresolv... $ECHO_C" >&6; }
+ if test "${ac_cv_lib_resolv___res_query+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+ else
+ ac_check_lib_save_LIBS=$LIBS
+ LIBS="-lresolv $LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h. */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h. */
+
+ /* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+ #ifdef __cplusplus
+ extern "C"
+ #endif
+ char __res_query ();
+ int
+ main ()
+ {
+ return __res_query ();
+ ;
+ return 0;
+ }
+ _ACEOF
+ rm -f conftest.$ac_objext conftest$ac_exeext
+ if { (ac_try="$ac_link"
+ case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+ esac
+ eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_resolv___res_query=yes
+ else
+ echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_lib_resolv___res_query=no
+ fi
+
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ LIBS=$ac_check_lib_save_LIBS
+ fi
+ { echo "$as_me:$LINENO: result: $ac_cv_lib_resolv___res_query" >&5
+ echo "${ECHO_T}$ac_cv_lib_resolv___res_query" >&6; }
+ if test $ac_cv_lib_resolv___res_query = yes; then
+ LIBS="${LIBS} -lresolv"
+ else
+ echo "resolver library not found"; exit 1
+ fi
+
+
# Have to resolve this for the path below
if test "${prefix}" = "NONE"; then
*** clamsmtp-1.9.org/common/sppriv.h 2007-05-27 03:00:02.000000000 +0300
--- clamsmtp-1.9.new/common/sppriv.h 2008-05-01 03:07:31.000000000 +0300
***************
*** 66,69 ****
--- 66,71 ----
int daemonized; /* Whether process is daemonized or not */
+ const char* rblserver;
+
/* Internal Use ------------------------- */
char* _p;
*** clamsmtp-1.9.org/common/smtppass.c 2007-05-27 03:00:18.000000000 +0300
--- clamsmtp-1.9.new/common/smtppass.c 2008-05-01 03:31:53.000000000 +0300
***************
*** 70,73 ****
--- 70,82 ----
#include "sppriv.h"
+ #include <string.h>
+ #include <netinet/in.h>
+ #include <arpa/nameser.h>
+ #include <resolv.h>
+ #include <netdb.h>
+ #include <stdlib.h>
+
+ #define RBL_MSG "554 You are in blacklist. Connection Rejected" CRLF
+
/* -----------------------------------------------------------------------
* STRUCTURES
***************
*** 118,121 ****
--- 127,131 ----
#define EHLO_CMD "EHLO"
#define FROM_CMD "MAIL FROM"
+ #define AUTH_CMD "AUTH"
#define TO_CMD "RCPT TO"
#define DATA_CMD "DATA"
***************
*** 169,172 ****
--- 179,183 ----
#define CFG_PIDFILE "PidFile"
#define CFG_XCLIENT "XClient"
+ #define CFG_RBL "RBL"
/* -----------------------------------------------------------------------
***************
*** 213,216 ****
--- 224,285 ----
* BASIC RUN FUNCTIONALITY
*/
+ int rblcheck( int a, int b, int c, int d, char * rbldomain )
+ {
+ char * domain;
+ int result = 0;
+ u_char fixedans[ PACKETSZ ];
+ u_char * answer;
+ const u_char * cp;
+ u_char * rp;
+ const u_char * cend;
+ const u_char * rend;
+ int len;
+
+ domain = ( char * )malloc( 17 + strlen( rbldomain ) );
+ sprintf( domain, "%d.%d.%d.%d.%s", d, c, b, a, rbldomain );
+
+ res_init();
+ answer = fixedans;
+ len = res_query( domain, C_IN, T_A, answer, PACKETSZ );
+
+ if( len == -1 ) {
+ free(domain);
+ return result;
+ }
+
+ if( len > PACKETSZ )
+ {
+ answer = malloc( len );
+ len = res_query( domain, C_IN, T_A, answer, len );
+ free(answer);
+ if( len == -1 ) {
+ free(domain);
+ return result;
+ }
+ }
+
+ free(domain);
+ return(1);
+
+ }
+
+ int rbl_( char * addr ,char *domain)
+ {
+ int a, b, c, d;
+ int count = 0;
+ int response;
+ struct rbl * ptr;
+
+ if( sscanf( addr, "%d.%d.%d.%d", &a, &b, &c, &d ) != 4
+ || a < 0 || a > 255 || b < 0 || b > 255 || c < 0 || c > 255
+ || d < 0 || d > 255 )
+ {
+ return(0);
+ }
+ response = rblcheck( a, b, c, d,domain );
+ if (response) return(1);
+ return(0);
+ }
+
void sp_init(const char* name)
***************
*** 833,836 ****
--- 902,906 ----
int xclient_sup = 0; /* Is XCLIENT supported? */
int xclient_sent = 0; /* Have we sent an XCLIENT command? */
+ int auth_sent = 0;
ASSERT(spio_valid(&(ctx->client)) &&
***************
*** 893,898 ****
--- 963,977 ----
/* Handle the DATA section via our AV checker */
+ if(is_first_word(C_LINE, AUTH_CMD, KL(AUTH_CMD))) auth_sent = 1;
if(is_first_word(C_LINE, DATA_CMD, KL(DATA_CMD)))
{
+ if ((!auth_sent) && (g_state.rblserver))
+ if (rbl_(ctx->client.peername,g_state.rblserver)) {
+ sp_message(NULL, LOG_INFO, "%s rejected by RBL",ctx->client.peername);
+ if(spio_write_data(ctx, &(ctx->client), RBL_MSG) == -1)
+ RETURN(-1);
+ RETURN(-2);
+ }
+
/* Send back the intermediate response to the client */
if(spio_write_data(ctx, &(ctx->client), SMTP_DATAINTERMED) == -1)
***************
*** 1963,1967 ****
ret = 1;
}
!
else if(strcasecmp(CFG_DIRECTORY, name) == 0)
{
--- 2042,2054 ----
ret = 1;
}
!
! else if(strcasecmp(CFG_RBL, name) == 0)
! {
! if(strlen(value) == 0)
! errx(2, "invalid setting: " CFG_RBL);
! g_state.rblserver = value;
! ret = 1;
! }
!
else if(strcasecmp(CFG_DIRECTORY, name) == 0)
{