2 # Save SMTP authentication options
4 require './postfix-lib.pl';
8 $access{'sasl'} || &error($text{'opts_ecannot'});
10 &error_setup($text{'sasl_err'});
12 # Validate SASL options
13 if ($in{'smtpd_tls_key_file_def'} eq "__USE_FREE_FIELD__") {
14 -r $in{'smtpd_tls_key_file'} || &error($text{'sasl_ekey'});
16 if ($in{'smtpd_tls_cert_file_def'} eq "__USE_FREE_FIELD__") {
17 -r $in{'smtpd_tls_cert_file'} || &error($text{'sasl_ecert'});
19 if ($in{'smtpd_tls_CAfile_def'} eq "__USE_FREE_FIELD__") {
20 -r $in{'smtpd_tls_CAfile'} || &error($text{'sasl_eca'});
23 # Validate remote mail server login
24 if (!$in{'login_none'}) {
25 $in{'login_user'} =~ /^[^: ]+$/ || &error($text{'sasl_elogin'});
26 $in{'login_pass'} =~ /^[^: ]*$/ || &error($text{'sasl_epass'});
29 &lock_postfix_files();
32 # Save security options
33 @opts = split(/\0/, $in{'sasl_opts'});
34 &set_current_value("smtpd_sasl_security_options", join(" ", @opts));
36 # Save relay options that we care about
37 @recip = split(/[\s,]+/, &get_current_value("smtpd_recipient_restrictions"));
38 %newrecip = map { $_, 1 } split(/\0/, $in{'sasl_recip'});
39 foreach $o (&list_smtpd_restrictions()) {
41 push(@recip, $o) if (&indexof($o, @recip) < 0);
44 @recip = grep { $_ ne $o } @recip;
47 &set_current_value("smtpd_recipient_restrictions", join(" ", @recip));
50 if ($postfix_version >= 2.3) {
51 &set_current_value("smtpd_tls_security_level",
52 $in{'smtpd_tls_security_level'});
55 # Save SMTP relay options
56 $rh = &get_current_value("relayhost");
57 $rh =~ s/^\[(.*)\]$/$1/g;
59 if ($in{'login_none'} == 0 &&
60 !&get_current_value("smtp_sasl_password_maps")) {
62 &set_current_value("smtp_sasl_password_maps",
63 "hash:".&guess_config_dir()."/smtp_sasl_password_map");
65 $pmap = &get_maps("smtp_sasl_password_maps");
66 foreach my $o (@$pmap) {
67 if ($o->{'name'} eq $rh) {
71 $newmap = { 'name' => $rh,
72 'value' => $in{'login_user'}.":".$in{'login_pass'} };
73 if ($old && $in{'login_def'}) {
75 &delete_mapping("smtp_sasl_password_maps", $old);
77 elsif ($old && !$in{'login_def'}) {
79 &modify_mapping("smtp_sasl_password_maps", $old, $newmap);
81 elsif (!$old && !$in{'login_def'}) {
83 &create_mapping("smtp_sasl_password_maps", $newmap);
85 ®enerate_any_table("smtp_sasl_password_maps");
88 &unlock_postfix_files();