From 08c13654268e986d03341c564d7cc91db80d940d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Touceda?= <chiiph@leap.se>
Date: Wed, 6 Nov 2013 11:51:33 -0300
Subject: Reject senders if they aren't the logged in user

---
 src/leap/mail/smtp/smtprelay.py | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to 'src/leap/mail/smtp/smtprelay.py')

diff --git a/src/leap/mail/smtp/smtprelay.py b/src/leap/mail/smtp/smtprelay.py
index fca66c0..92a9f0e 100644
--- a/src/leap/mail/smtp/smtprelay.py
+++ b/src/leap/mail/smtp/smtprelay.py
@@ -153,7 +153,7 @@ class SMTPFactory(ServerFactory):
     Factory for an SMTP server with encrypted relaying capabilities.
     """
 
-    def __init__(self, keymanager, config):
+    def __init__(self, userid, keymanager, config):
         """
         Initialize the SMTP factory.
 
@@ -169,11 +169,14 @@ class SMTPFactory(ServerFactory):
                     ENCRYPTED_ONLY_KEY: <bool>,
                 }
         @type config: dict
+        @param userid: The user currently logged in
+        @type userid: unicode
         """
         # assert params
         leap_assert_type(keymanager, KeyManager)
         assert_config_structure(config)
         # and store them
+        self._userid = userid
         self._km = keymanager
         self._config = config
 
@@ -187,7 +190,8 @@ class SMTPFactory(ServerFactory):
         @return: The protocol.
         @rtype: SMTPDelivery
         """
-        smtpProtocol = smtp.SMTP(SMTPDelivery(self._km, self._config))
+        smtpProtocol = smtp.SMTP(SMTPDelivery(self._userid, self._km,
+                                              self._config))
         smtpProtocol.factory = self
         return smtpProtocol
 
@@ -203,7 +207,7 @@ class SMTPDelivery(object):
 
     implements(smtp.IMessageDelivery)
 
-    def __init__(self, keymanager, config):
+    def __init__(self, userid, keymanager, config):
         """
         Initialize the SMTP delivery object.
 
@@ -219,11 +223,14 @@ class SMTPDelivery(object):
                     ENCRYPTED_ONLY_KEY: <bool>,
                 }
         @type config: dict
+        @param userid: The user currently logged in
+        @type userid: unicode
         """
         # assert params
         leap_assert_type(keymanager, KeyManager)
         assert_config_structure(config)
         # and store them
+        self._userid = userid
         self._km = keymanager
         self._config = config
         self._origin = None
@@ -310,6 +317,10 @@ class SMTPDelivery(object):
         """
         # accept mail from anywhere. To reject an address, raise
         # smtp.SMTPBadSender here.
+        if str(origin) != str(self._userid):
+            log.msg("Rejecting sender {0}, expected {1}".format(origin,
+                                                                self._userid))
+            raise smtp.SMTPBadSender(origin)
         self._origin = origin
         return origin
 
-- 
cgit v1.2.3