mirror of
https://bitbucket.org/jsuto/piler.git
synced 2025-01-23 22:39:58 +01:00
added encrypt_messages piler.conf option to decide whether to encrypt messages or not
This commit is contained in:
SJ
parent
d7792ee9f3
commit
04a39461d3
@ -25,6 +25,9 @@ default_retention_days=2557
|
|||||||
; this is a 16 character long vector
|
; this is a 16 character long vector
|
||||||
iv=****************
|
iv=****************
|
||||||
|
|
||||||
|
; whether to encrypt messages (1) or not (0).
|
||||||
|
encrypt_messages=1
|
||||||
|
|
||||||
; number of worker processes, ie. the number of simultaneous smtp connections to piler.
|
; number of worker processes, ie. the number of simultaneous smtp connections to piler.
|
||||||
number_of_worker_processes=10
|
number_of_worker_processes=10
|
||||||
|
|
||||||
|
|||||||
@ -8,6 +8,7 @@
|
|||||||
#include <sys/time.h>
|
#include <sys/time.h>
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
|
#include <sys/mman.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
@ -132,7 +133,7 @@ int inf(unsigned char *in, int len, int mode, char **buffer, FILE *dest){
|
|||||||
|
|
||||||
int retrieve_file_from_archive(char *filename, int mode, char **buffer, FILE *dest, struct __config *cfg){
|
int retrieve_file_from_archive(char *filename, int mode, char **buffer, FILE *dest, struct __config *cfg){
|
||||||
int rc=0, n, olen, tlen, len, fd=-1;
|
int rc=0, n, olen, tlen, len, fd=-1;
|
||||||
unsigned char *s=NULL, inbuf[REALLYBIGBUFSIZE];
|
unsigned char *s=NULL, *addr=NULL, inbuf[REALLYBIGBUFSIZE];
|
||||||
struct stat st;
|
struct stat st;
|
||||||
EVP_CIPHER_CTX ctx;
|
EVP_CIPHER_CTX ctx;
|
||||||
|
|
||||||
@ -154,6 +155,7 @@ int retrieve_file_from_archive(char *filename, int mode, char **buffer, FILE *de
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if(cfg->encrypt_messages == 1){
|
||||||
EVP_CIPHER_CTX_init(&ctx);
|
EVP_CIPHER_CTX_init(&ctx);
|
||||||
EVP_DecryptInit_ex(&ctx, EVP_bf_cbc(), NULL, cfg->key, cfg->iv);
|
EVP_DecryptInit_ex(&ctx, EVP_bf_cbc(), NULL, cfg->key, cfg->iv);
|
||||||
|
|
||||||
@ -166,7 +168,6 @@ int retrieve_file_from_archive(char *filename, int mode, char **buffer, FILE *de
|
|||||||
goto CLEANUP;
|
goto CLEANUP;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
tlen = 0;
|
tlen = 0;
|
||||||
|
|
||||||
while((n = read(fd, inbuf, sizeof(inbuf)))){
|
while((n = read(fd, inbuf, sizeof(inbuf)))){
|
||||||
@ -187,16 +188,22 @@ int retrieve_file_from_archive(char *filename, int mode, char **buffer, FILE *de
|
|||||||
|
|
||||||
|
|
||||||
tlen += olen;
|
tlen += olen;
|
||||||
|
|
||||||
|
|
||||||
rc = inf(s, tlen, mode, buffer, dest);
|
rc = inf(s, tlen, mode, buffer, dest);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
addr = mmap(NULL, st.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
|
||||||
|
rc = inf(addr, st.st_size, mode, buffer, dest);
|
||||||
|
munmap(addr, st.st_size);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
if(rc != Z_OK) zerr(rc);
|
if(rc != Z_OK) zerr(rc);
|
||||||
|
|
||||||
|
|
||||||
CLEANUP:
|
CLEANUP:
|
||||||
if(fd != -1) close(fd);
|
if(fd != -1) close(fd);
|
||||||
if(s) free(s);
|
if(s) free(s);
|
||||||
EVP_CIPHER_CTX_cleanup(&ctx);
|
if(cfg->encrypt_messages == 1) EVP_CIPHER_CTX_cleanup(&ctx);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -67,6 +67,7 @@ struct _parse_rule config_parse_rules[] =
|
|||||||
{ "clamd_socket", "string", (void*) string_parser, offsetof(struct __config, clamd_socket), CLAMD_SOCKET, MAXVAL-1},
|
{ "clamd_socket", "string", (void*) string_parser, offsetof(struct __config, clamd_socket), CLAMD_SOCKET, MAXVAL-1},
|
||||||
{ "debug", "integer", (void*) int_parser, offsetof(struct __config, debug), "0", sizeof(int)},
|
{ "debug", "integer", (void*) int_parser, offsetof(struct __config, debug), "0", sizeof(int)},
|
||||||
{ "default_retention_days", "integer", (void*) int_parser, offsetof(struct __config, default_retention_days), "2557", sizeof(int)},
|
{ "default_retention_days", "integer", (void*) int_parser, offsetof(struct __config, default_retention_days), "2557", sizeof(int)},
|
||||||
|
{ "encrypt_messages", "integer", (void*) int_parser, offsetof(struct __config, encrypt_messages), "1", sizeof(int)},
|
||||||
{ "extra_to_field", "string", (void*) string_parser, offsetof(struct __config, extra_to_field), "", MAXVAL-1},
|
{ "extra_to_field", "string", (void*) string_parser, offsetof(struct __config, extra_to_field), "", MAXVAL-1},
|
||||||
{ "hostid", "string", (void*) string_parser, offsetof(struct __config, hostid), HOSTID, MAXVAL-1},
|
{ "hostid", "string", (void*) string_parser, offsetof(struct __config, hostid), HOSTID, MAXVAL-1},
|
||||||
{ "iv", "string", (void*) string_parser, offsetof(struct __config, iv), "", MAXVAL-1},
|
{ "iv", "string", (void*) string_parser, offsetof(struct __config, iv), "", MAXVAL-1},
|
||||||
|
|||||||
@ -21,6 +21,8 @@ struct __config {
|
|||||||
int clamd_port;
|
int clamd_port;
|
||||||
char clamd_socket[MAXVAL];
|
char clamd_socket[MAXVAL];
|
||||||
|
|
||||||
|
int encrypt_messages;
|
||||||
|
|
||||||
int tls_enable;
|
int tls_enable;
|
||||||
char pemfile[MAXVAL];
|
char pemfile[MAXVAL];
|
||||||
char cipher_list[MAXVAL];
|
char cipher_list[MAXVAL];
|
||||||
|
|||||||
@ -13,7 +13,7 @@
|
|||||||
|
|
||||||
#define VERSION "0.1.23-master-branch"
|
#define VERSION "0.1.23-master-branch"
|
||||||
|
|
||||||
#define BUILD 751
|
#define BUILD 752
|
||||||
|
|
||||||
#define HOSTID "mailarchiver"
|
#define HOSTID "mailarchiver"
|
||||||
|
|
||||||
|
|||||||
22
src/store.c
22
src/store.c
@ -48,7 +48,7 @@ int store_file(struct session_data *sdata, char *filename, int startpos, int len
|
|||||||
|
|
||||||
EVP_CIPHER_CTX ctx;
|
EVP_CIPHER_CTX ctx;
|
||||||
unsigned char *outbuf=NULL;
|
unsigned char *outbuf=NULL;
|
||||||
int outlen, tmplen;
|
int outlen, writelen, tmplen;
|
||||||
|
|
||||||
struct timezone tz;
|
struct timezone tz;
|
||||||
struct timeval tv1, tv2;
|
struct timeval tv1, tv2;
|
||||||
@ -91,6 +91,7 @@ int store_file(struct session_data *sdata, char *filename, int startpos, int len
|
|||||||
|
|
||||||
if(rc != Z_OK) goto ENDE;
|
if(rc != Z_OK) goto ENDE;
|
||||||
|
|
||||||
|
if(cfg->encrypt_messages == 1){
|
||||||
gettimeofday(&tv1, &tz);
|
gettimeofday(&tv1, &tz);
|
||||||
|
|
||||||
EVP_CIPHER_CTX_init(&ctx);
|
EVP_CIPHER_CTX_init(&ctx);
|
||||||
@ -106,7 +107,7 @@ int store_file(struct session_data *sdata, char *filename, int startpos, int len
|
|||||||
|
|
||||||
gettimeofday(&tv2, &tz);
|
gettimeofday(&tv2, &tz);
|
||||||
sdata->__encrypt += tvdiff(tv2, tv1);
|
sdata->__encrypt += tvdiff(tv2, tv1);
|
||||||
|
}
|
||||||
|
|
||||||
/* create a filename in the store based on piler_id */
|
/* create a filename in the store based on piler_id */
|
||||||
|
|
||||||
@ -146,14 +147,21 @@ int store_file(struct session_data *sdata, char *filename, int startpos, int len
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if(cfg->encrypt_messages == 1){
|
||||||
n = write(fd, outbuf, outlen);
|
n = write(fd, outbuf, outlen);
|
||||||
|
writelen = outlen;
|
||||||
if(n == outlen){
|
|
||||||
ret = 1;
|
|
||||||
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: stored '%s' %d/%d bytes", sdata->ttmpfile, filename, len, outlen);
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
syslog(LOG_PRIORITY, "%s: cannot write %d bytes (only %d)", sdata->ttmpfile, outlen, n);
|
n = write(fd, z, dstlen);
|
||||||
|
writelen = dstlen;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(n == writelen){
|
||||||
|
ret = 1;
|
||||||
|
if(cfg->verbosity >= _LOG_DEBUG) syslog(LOG_PRIORITY, "%s: stored '%s' %d/%d bytes", sdata->ttmpfile, filename, len, writelen);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
syslog(LOG_PRIORITY, "%s: cannot write %d bytes (only %d)", sdata->ttmpfile, writelen, n);
|
||||||
}
|
}
|
||||||
|
|
||||||
fsync(fd);
|
fsync(fd);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user