1#!/usr/local/bin/perl 2# Save SMTP authentication options 3 4require './postfix-lib.pl'; 5 6&ReadParse(); 7 8$access{'sasl'} || &error($text{'opts_ecannot'}); 9 10&error_setup($text{'sasl_err'}); 11 12# Validate SASL options 13if ($in{'smtpd_tls_key_file_def'} eq "__USE_FREE_FIELD__") { 14 -r $in{'smtpd_tls_key_file'} || &error($text{'sasl_ekey'}); 15 } 16if ($in{'smtpd_tls_cert_file_def'} eq "__USE_FREE_FIELD__") { 17 -r $in{'smtpd_tls_cert_file'} || &error($text{'sasl_ecert'}); 18 } 19if ($in{'smtpd_tls_CAfile_def'} eq "__USE_FREE_FIELD__") { 20 -r $in{'smtpd_tls_CAfile'} || &error($text{'sasl_eca'}); 21 } 22 23# Validate remote mail server login 24if (!$in{'login_none'}) { 25 $in{'login_user'} =~ /^[^: ]+$/ || &error($text{'sasl_elogin'}); 26 $in{'login_pass'} =~ /^[^ ]*$/ || &error($text{'sasl_epass'}); 27 } 28 29&lock_postfix_files(); 30&save_options(\%in); 31 32# Save security options 33@opts = split(/\0/, $in{'sasl_opts'}); 34&set_current_value("smtpd_sasl_security_options", join(" ", @opts)); 35 36# Save recipient options that we care about 37@recip = split(/[\s,]+/, &get_current_value("smtpd_recipient_restrictions")); 38%newrecip = map { $_, 1 } split(/\0/, $in{'sasl_recip'}); 39foreach $o (&list_smtpd_restrictions()) { 40 if ($newrecip{$o}) { 41 push(@recip, $o) if (&indexof($o, @recip) < 0); 42 } 43 else { 44 @recip = grep { $_ ne $o } @recip; 45 } 46 } 47&set_current_value("smtpd_recipient_restrictions", join(" ", @recip)); 48 49# Save relay options that we care about 50@relay = split(/[\s,]+/, &get_current_value("smtpd_relay_restrictions")); 51%newrelay = map { $_, 1 } split(/\0/, $in{'sasl_relay'}); 52foreach $o (&list_smtpd_restrictions()) { 53 if ($newrelay{$o}) { 54 push(@relay, $o) if (&indexof($o, @relay) < 0); 55 } 56 else { 57 @relay = grep { $_ ne $o } @relay; 58 } 59 } 60&set_current_value("smtpd_relay_restrictions", join(" ", @relay)); 61 62# Save SSL options 63if (&compare_version_numbers($postfix_version, 2.3) >= 0) { 64 &set_current_value("smtpd_tls_security_level", 65 $in{'smtpd_tls_security_level'}); 66 } 67 68# Save SMTP relay options 69$rh = &get_current_value("relayhost"); 70$rh =~ s/^\[(.*)\]$/$1/g; 71if ($rh) { 72 if ($in{'login_none'} == 0 && 73 !&get_current_value("smtp_sasl_password_maps")) { 74 # Setup initial map 75 &set_current_value("smtp_sasl_password_maps", 76 "hash:".&guess_config_dir()."/smtp_sasl_password_map"); 77 } 78 $pmap = &get_maps("smtp_sasl_password_maps"); 79 foreach my $o (@$pmap) { 80 if ($o->{'name'} eq $rh) { 81 $old = $o; 82 } 83 } 84 $newmap = { 'name' => $rh, 85 'value' => $in{'login_user'}.":".$in{'login_pass'} }; 86 if ($old && $in{'login_def'}) { 87 # Delete entry 88 &delete_mapping("smtp_sasl_password_maps", $old); 89 } 90 elsif ($old && !$in{'login_def'}) { 91 # Update entry 92 &modify_mapping("smtp_sasl_password_maps", $old, $newmap); 93 } 94 elsif (!$old && !$in{'login_def'}) { 95 # Add entry 96 &create_mapping("smtp_sasl_password_maps", $newmap); 97 } 98 ®enerate_any_table("smtp_sasl_password_maps"); 99 } 100 101&unlock_postfix_files(); 102 103$err = &reload_postfix(); 104&error($err) if ($err); 105 106&webmin_log("sasl"); 107&redirect(""); 108 109 110 111