diff --git a/src/cfg.c b/src/cfg.c index a149a9eb..e177033d 100644 --- a/src/cfg.c +++ b/src/cfg.c @@ -92,6 +92,7 @@ struct _parse_rule config_parse_rules[] = { "piler_header_field", "string", (void*) string_parser, offsetof(struct __config, piler_header_field), "", MAXVAL-1}, { "pilergetd_listen_addr", "string", (void*) string_parser, offsetof(struct __config, pilergetd_listen_addr), "127.0.0.1", MAXVAL-1}, { "pilergetd_listen_port", "integer", (void*) int_parser, offsetof(struct __config, pilergetd_listen_port), "10091", sizeof(int)}, + { "pilergetd_password", "string", (void*) string_parser, offsetof(struct __config, pilergetd_password), "xxxxxxxxxx", MAXVAL-1}, { "pilergetd_pidfile", "string", (void*) string_parser, offsetof(struct __config, pilergetd_pidfile), PILERGETD_PIDFILE, MAXVAL-1}, { "queuedir", "string", (void*) string_parser, offsetof(struct __config, queuedir), QUEUE_DIR, MAXVAL-1}, { "server_id", "integer", (void*) int_parser, offsetof(struct __config, server_id), "0", sizeof(int)}, diff --git a/src/cfg.h b/src/cfg.h index d0bc0492..28c7abb7 100644 --- a/src/cfg.h +++ b/src/cfg.h @@ -21,6 +21,8 @@ struct __config { char pilergetd_listen_addr[MAXVAL]; int pilergetd_listen_port; + char pilergetd_password[MAXVAL]; + char clamd_addr[MAXVAL]; int clamd_port; char clamd_socket[MAXVAL]; diff --git a/src/retr.c b/src/retr.c index e375430c..3ccc7bc2 100644 --- a/src/retr.c +++ b/src/retr.c @@ -65,7 +65,7 @@ int stat_message(struct session_data *sdata, struct __data *data, char **buf, in int handle_pilerget_request(int new_sd, struct __data *data, struct __config *cfg){ - int len, n, ssl_ok=0, n_files=0; + int len, n, ssl_ok=0, auth_ok=0, n_files=0; char *q, buf[MAXBUFSIZE], puf[MAXBUFSIZE], muf[TINYBUFSIZE], resp[MAXBUFSIZE]; char ssl_error[SMALLBUFSIZE]; struct session_data sdata; @@ -169,7 +169,7 @@ int handle_pilerget_request(int new_sd, struct __data *data, struct __config *cf while((n = recvtimeoutssl(new_sd, puf, MAXBUFSIZE, TIMEOUT, sdata.tls, data->ssl)) > 0){ - if(strncasecmp(puf, "MESSAGE ", strlen("MESSAGE ")) == 0){ + if(strncasecmp(puf, "MESSAGE ", strlen("MESSAGE ")) == 0 && auth_ok == 1){ trimBuffer(puf); q = &resp[0]; @@ -184,7 +184,25 @@ int handle_pilerget_request(int new_sd, struct __data *data, struct __config *cf } - if(strncasecmp(puf, "STAT ", strlen("STAT ")) == 0){ + if(strncasecmp(puf, "AUTH ", strlen("AUTH ")) == 0){ + trimBuffer(puf); + q = &muf[0]; + + if(strcmp(&puf[5], cfg->pilergetd_password)) + snprintf(resp, sizeof(resp)-1, "550 AUTH FAILED\r\n"); + } + else { + snprintf(resp, sizeof(resp)-1, "250 AUTH\r\n"); + auth_ok = 1; + } + + write1(new_sd, resp, strlen(resp), sdata.tls, data->ssl); + + continue; + } + + + if(strncasecmp(puf, "STAT ", strlen("STAT ")) == 0 && auth_ok == 1){ trimBuffer(puf); q = &muf[0]; @@ -198,7 +216,7 @@ int handle_pilerget_request(int new_sd, struct __data *data, struct __config *cf } - if(strncasecmp(puf, "RETR ", strlen("RETR ")) == 0){ + if(strncasecmp(puf, "RETR ", strlen("RETR ")) == 0 && auth_ok == 1){ trimBuffer(puf); q = &muf[0]; @@ -226,7 +244,7 @@ int handle_pilerget_request(int new_sd, struct __data *data, struct __config *cf break; } - snprintf(resp, sizeof(resp)-1, "ERR\r\n"); + snprintf(resp, sizeof(resp)-1, "550 ERR INVALID COMMAND\r\n"); write1(new_sd, resp, strlen(resp), sdata.tls, data->ssl); } diff --git a/webui/config.php b/webui/config.php index de629456..d64cb65e 100644 --- a/webui/config.php +++ b/webui/config.php @@ -12,6 +12,7 @@ $config['PILERGETD_HOST'] = ''; $config['PILERGETD_PORT'] = 10091; $config['PILERGETD_READ_LENGTH'] = 8192; $config['PILERGETD_TIMEOUT'] = 5; +$config['PILERGETD_PASSWORD'] = ''; $config['BRANDING_TEXT'] = ''; $config['BRANDING_URL'] = ''; diff --git a/webui/model/search/message.php b/webui/model/search/message.php index c3fc7896..55740399 100644 --- a/webui/model/search/message.php +++ b/webui/model/search/message.php @@ -64,6 +64,10 @@ class ModelSearchMessage extends Model { $l = fgets($sd, 4096); + fputs($sd, "AUTH " . PILERGETD_PASSWORD . "\r\n"); + + $l = fgets($sd, 4096); + Registry::set('sd', $sd); } }