diff options
author | Tomás Touceda <chiiph@leap.se> | 2013-11-06 11:51:33 -0300 |
---|---|---|
committer | Tomás Touceda <chiiph@leap.se> | 2013-11-07 07:43:34 -0300 |
commit | 6ced1934bd46087a5f55eedf24dfeb2eacda70ad (patch) | |
tree | 6f8c92293768d93ac43da43c131fca1fe802ed29 /mail/src/leap | |
parent | d5609b3d7f0d005babf118d34472f725bbc94e18 (diff) |
Reject senders if they aren't the logged in user
Diffstat (limited to 'mail/src/leap')
-rw-r--r-- | mail/src/leap/mail/smtp/__init__.py | 6 | ||||
-rw-r--r-- | mail/src/leap/mail/smtp/smtprelay.py | 17 |
2 files changed, 18 insertions, 5 deletions
diff --git a/mail/src/leap/mail/smtp/__init__.py b/mail/src/leap/mail/smtp/__init__.py index b30cd20..be568b8 100644 --- a/mail/src/leap/mail/smtp/__init__.py +++ b/mail/src/leap/mail/smtp/__init__.py @@ -29,7 +29,7 @@ from leap.common.events import proto, signal from leap.mail.smtp.smtprelay import SMTPFactory -def setup_smtp_relay(port, keymanager, smtp_host, smtp_port, +def setup_smtp_relay(port, userid, keymanager, smtp_host, smtp_port, smtp_cert, smtp_key, encrypted_only): """ Setup SMTP relay to run with Twisted. @@ -39,6 +39,8 @@ def setup_smtp_relay(port, keymanager, smtp_host, smtp_port, :param port: The port in which to run the server. :type port: int + :param userid: The user currently logged in + :type userid: unicode :param keymanager: A Key Manager from where to get recipients' public keys. :type keymanager: leap.common.keymanager.KeyManager @@ -75,7 +77,7 @@ def setup_smtp_relay(port, keymanager, smtp_host, smtp_port, } # configure the use of this service with twistd - factory = SMTPFactory(keymanager, config) + factory = SMTPFactory(userid, keymanager, config) try: tport = reactor.listenTCP(port, factory, interface="localhost") diff --git a/mail/src/leap/mail/smtp/smtprelay.py b/mail/src/leap/mail/smtp/smtprelay.py index fca66c0..92a9f0e 100644 --- a/mail/src/leap/mail/smtp/smtprelay.py +++ b/mail/src/leap/mail/smtp/smtprelay.py @@ -153,7 +153,7 @@ class SMTPFactory(ServerFactory): Factory for an SMTP server with encrypted relaying capabilities. """ - def __init__(self, keymanager, config): + def __init__(self, userid, keymanager, config): """ Initialize the SMTP factory. @@ -169,11 +169,14 @@ class SMTPFactory(ServerFactory): ENCRYPTED_ONLY_KEY: <bool>, } @type config: dict + @param userid: The user currently logged in + @type userid: unicode """ # assert params leap_assert_type(keymanager, KeyManager) assert_config_structure(config) # and store them + self._userid = userid self._km = keymanager self._config = config @@ -187,7 +190,8 @@ class SMTPFactory(ServerFactory): @return: The protocol. @rtype: SMTPDelivery """ - smtpProtocol = smtp.SMTP(SMTPDelivery(self._km, self._config)) + smtpProtocol = smtp.SMTP(SMTPDelivery(self._userid, self._km, + self._config)) smtpProtocol.factory = self return smtpProtocol @@ -203,7 +207,7 @@ class SMTPDelivery(object): implements(smtp.IMessageDelivery) - def __init__(self, keymanager, config): + def __init__(self, userid, keymanager, config): """ Initialize the SMTP delivery object. @@ -219,11 +223,14 @@ class SMTPDelivery(object): ENCRYPTED_ONLY_KEY: <bool>, } @type config: dict + @param userid: The user currently logged in + @type userid: unicode """ # assert params leap_assert_type(keymanager, KeyManager) assert_config_structure(config) # and store them + self._userid = userid self._km = keymanager self._config = config self._origin = None @@ -310,6 +317,10 @@ class SMTPDelivery(object): """ # accept mail from anywhere. To reject an address, raise # smtp.SMTPBadSender here. + if str(origin) != str(self._userid): + log.msg("Rejecting sender {0}, expected {1}".format(origin, + self._userid)) + raise smtp.SMTPBadSender(origin) self._origin = origin return origin |