Commit 98e29195 authored by Nigel Kukard's avatar Nigel Kukard
Browse files

* Add support for [PEER_ADDR/xy] IP address specification, this will match the...

* Add support for [PEER_ADDR/xy] IP address specification, this will match the server requesting the policy

parent 9b995797
......@@ -316,6 +316,23 @@ sub policySourceItemMatches
$res = ipMatches($sessionData->{'ClientAddress'},$item);
$server->log(LOG_DEBUG,"[POLICIES] $debugTxt: - Resolved source '$item' to a IP/CIDR specification, match = $res") if ($log);
# Match peer IP (the server requesting the policy)
} elsif ($item =~ /^\[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(?:\/\d{1,2})?\]$/) {
# Check if peer is actually defined
if (defined($sessionData->{'_protocol_peeraddr'})) {
# Check if its in a supported format
if ($sessionData->{'_protocol_peeraddr'} =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/) {
$res = ipMatches($sessionData->{'_protocol_peeraddr'},$item);
$server->log(LOG_DEBUG,"[POLICIES] $debugTxt: - Resolved source '$item' to a PEER IP/CIDR specification, match = $res") if ($log);
# If unsupported...
} else {
$server->log(LOG_DEBUG,"[POLICIES] $debugTxt: - Resolved source '$item' to a PEER IP/CIDR specification, but peeraddr '".$sessionData->{'_protocol_peeraddr'}."' is not yet supported") if ($log);
}
# If undefined...
} else {
$server->log(LOG_DEBUG,"[POLICIES] $debugTxt: - Resolved source '$item' to a PEER IP/CIDR specification, but peeraddr '".$sessionData->{'_protocol_peeraddr'}."' is not defined??") if ($log);
}
# Match SASL user, must be above email addy to match SASL usernames in the same format as email addies
} elsif ($item =~ /^\$\S+$/) {
$res = saslUsernameMatches($sessionData->{'SASLUsername'},$item);
......
......@@ -110,6 +110,9 @@ sub protocol_check {
# Process buffer into sessionData
sub protocol_parse {
my ($server,$buffer) = @_;
# Get this instance we're working with
my $serverInstance = $server->{'server'};
# Are we going to log?
my $log = defined($server->{'config'}{'logging'}{'bizanga'});
my %res;
......@@ -132,6 +135,7 @@ sub protocol_parse {
$res{'protocol_state'} = "RCPT" if (!defined($res{'protocol_state'}));
$res{'_protocol_transport'} = "HTTP";
$res{'_protocol_peeraddr'} = $serverInstance->{'peeraddr'};
return \%res;
}
......
......@@ -102,6 +102,8 @@ sub protocol_check {
# Process buffer into sessionData
sub protocol_parse {
my ($server,$buffer) = @_;
# Get this instance we're working with
my $serverInstance = $server->{'server'};
my %res;
......@@ -113,6 +115,7 @@ sub protocol_parse {
}
$res{'_protocol_transport'} = "Postfix";
$res{'_protocol_peeraddr'} = $serverInstance->{'peeraddr'};
return \%res;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment