postfix/save_sasl.cgi

   1 #!/usr/local/bin/perl
   2 # Save SMTP authentication options
   3
   4 require './postfix-lib.pl';
   5
   6 &ReadParse();
   7
   8 $access{'sasl'} || &error($text{'opts_ecannot'});
   9
  10 &error_setup($text{'sasl_err'});
  11
  12 # Validate SASL options
  13 if ($in{'smtpd_tls_key_file_def'} eq "__USE_FREE_FIELD__") {
  14         -r $in{'smtpd_tls_key_file'} || &error($text{'sasl_ekey'});
  15         }
  16 if ($in{'smtpd_tls_cert_file_def'} eq "__USE_FREE_FIELD__") {
  17         -r $in{'smtpd_tls_cert_file'} || &error($text{'sasl_ecert'});
  18         }
  19 if ($in{'smtpd_tls_CAfile_def'} eq "__USE_FREE_FIELD__") {
  20         -r $in{'smtpd_tls_CAfile'} || &error($text{'sasl_eca'});
  21         }
  22
  23 # Validate remote mail server login
  24 if (!$in{'login_none'}) {
  25         $in{'login_user'} =~ /^[^: ]+$/ || &error($text{'sasl_elogin'});
  26         $in{'login_pass'} =~ /^[^: ]*$/ || &error($text{'sasl_epass'});
  27         }
  28
  29 &lock_postfix_files();
  30 &save_options(\%in);
  31
  32 # Save security options
  33 @opts = split(/\0/, $in{'sasl_opts'});
  34 &set_current_value("smtpd_sasl_security_options", join(" ", @opts));
  35
  36 # Save relay options that we care about
  37 @recip = split(/[\s,]+/, &get_current_value("smtpd_recipient_restrictions"));
  38 %newrecip = map { $_, 1 } split(/\0/, $in{'sasl_recip'});
  39 foreach $o (&list_smtpd_restrictions()) {
  40         if ($newrecip{$o}) {
  41                 push(@recip, $o) if (&indexof($o, @recip) < 0);
  42                 }
  43         else {
  44                 @recip = grep { $_ ne $o } @recip;
  45                 }
  46         }
  47 &set_current_value("smtpd_recipient_restrictions", join(" ", @recip));
  48
  49 # Save SSL options
  50 if ($postfix_version >= 2.3) {
  51         &set_current_value("smtpd_tls_security_level",
  52                            $in{'smtpd_tls_security_level'});
  53         }
  54
  55 # Save SMTP relay options
  56 $rh = &get_current_value("relayhost");
  57 $rh =~ s/^\[(.*)\]$/$1/g;
  58 if ($rh) {
  59         if ($in{'login_none'} == 0 &&
  60             !&get_current_value("smtp_sasl_password_maps")) {
  61                 # Setup initial map
  62                 &set_current_value("smtp_sasl_password_maps",
  63                                 "hash:".&guess_config_dir()."/smtp_sasl_password_map");
  64                 }
  65         $pmap = &get_maps("smtp_sasl_password_maps");
  66         foreach my $o (@$pmap) {
  67                 if ($o->{'name'} eq $rh) {
  68                         $old = $o;
  69                         }
  70                 }
  71         $newmap = { 'name' => $rh,
  72                     'value' => $in{'login_user'}.":".$in{'login_pass'} };
  73         if ($old && $in{'login_def'}) {
  74                 # Delete entry
  75                 &delete_mapping("smtp_sasl_password_maps", $old);
  76                 }
  77         elsif ($old && !$in{'login_def'}) {
  78                 # Update entry
  79                 &modify_mapping("smtp_sasl_password_maps", $old, $newmap);
  80                 }
  81         elsif (!$old && !$in{'login_def'}) {
  82                 # Add entry
  83                 &create_mapping("smtp_sasl_password_maps", $newmap);
  84                 }
  85         &regenerate_any_table("smtp_sasl_password_maps");
  86         }
  87
  88 &unlock_postfix_files();
  89
  90 &reload_postfix();
  91
  92 &webmin_log("sasl");
  93 &redirect("");
  94
  95
  96