summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTomás Touceda <chiiph@leap.se>2013-11-06 11:51:33 -0300
committerTomás Touceda <chiiph@leap.se>2013-11-07 07:43:34 -0300
commit6ced1934bd46087a5f55eedf24dfeb2eacda70ad (patch)
tree6f8c92293768d93ac43da43c131fca1fe802ed29
parentd5609b3d7f0d005babf118d34472f725bbc94e18 (diff)
Reject senders if they aren't the logged in user
-rw-r--r--mail/changes/bug_reject_bad_sender2
-rw-r--r--mail/src/leap/mail/smtp/__init__.py6
-rw-r--r--mail/src/leap/mail/smtp/smtprelay.py17
3 files changed, 20 insertions, 5 deletions
diff --git a/mail/changes/bug_reject_bad_sender b/mail/changes/bug_reject_bad_sender
new file mode 100644
index 0000000..0e46c28
--- /dev/null
+++ b/mail/changes/bug_reject_bad_sender
@@ -0,0 +1,2 @@
+ o Reject senders that aren't the user that is currently logged
+ in. Fixes #3952. \ No newline at end of file
diff --git a/mail/src/leap/mail/smtp/__init__.py b/mail/src/leap/mail/smtp/__init__.py
index b30cd20..be568b8 100644
--- a/mail/src/leap/mail/smtp/__init__.py
+++ b/mail/src/leap/mail/smtp/__init__.py
@@ -29,7 +29,7 @@ from leap.common.events import proto, signal
from leap.mail.smtp.smtprelay import SMTPFactory
-def setup_smtp_relay(port, keymanager, smtp_host, smtp_port,
+def setup_smtp_relay(port, userid, keymanager, smtp_host, smtp_port,
smtp_cert, smtp_key, encrypted_only):
"""
Setup SMTP relay to run with Twisted.
@@ -39,6 +39,8 @@ def setup_smtp_relay(port, keymanager, smtp_host, smtp_port,
:param port: The port in which to run the server.
:type port: int
+ :param userid: The user currently logged in
+ :type userid: unicode
:param keymanager: A Key Manager from where to get recipients' public
keys.
:type keymanager: leap.common.keymanager.KeyManager
@@ -75,7 +77,7 @@ def setup_smtp_relay(port, keymanager, smtp_host, smtp_port,
}
# configure the use of this service with twistd
- factory = SMTPFactory(keymanager, config)
+ factory = SMTPFactory(userid, keymanager, config)
try:
tport = reactor.listenTCP(port, factory,
interface="localhost")
diff --git a/mail/src/leap/mail/smtp/smtprelay.py b/mail/src/leap/mail/smtp/smtprelay.py
index fca66c0..92a9f0e 100644
--- a/mail/src/leap/mail/smtp/smtprelay.py
+++ b/mail/src/leap/mail/smtp/smtprelay.py
@@ -153,7 +153,7 @@ class SMTPFactory(ServerFactory):
Factory for an SMTP server with encrypted relaying capabilities.
"""
- def __init__(self, keymanager, config):
+ def __init__(self, userid, keymanager, config):
"""
Initialize the SMTP factory.
@@ -169,11 +169,14 @@ class SMTPFactory(ServerFactory):
ENCRYPTED_ONLY_KEY: <bool>,
}
@type config: dict
+ @param userid: The user currently logged in
+ @type userid: unicode
"""
# assert params
leap_assert_type(keymanager, KeyManager)
assert_config_structure(config)
# and store them
+ self._userid = userid
self._km = keymanager
self._config = config
@@ -187,7 +190,8 @@ class SMTPFactory(ServerFactory):
@return: The protocol.
@rtype: SMTPDelivery
"""
- smtpProtocol = smtp.SMTP(SMTPDelivery(self._km, self._config))
+ smtpProtocol = smtp.SMTP(SMTPDelivery(self._userid, self._km,
+ self._config))
smtpProtocol.factory = self
return smtpProtocol
@@ -203,7 +207,7 @@ class SMTPDelivery(object):
implements(smtp.IMessageDelivery)
- def __init__(self, keymanager, config):
+ def __init__(self, userid, keymanager, config):
"""
Initialize the SMTP delivery object.
@@ -219,11 +223,14 @@ class SMTPDelivery(object):
ENCRYPTED_ONLY_KEY: <bool>,
}
@type config: dict
+ @param userid: The user currently logged in
+ @type userid: unicode
"""
# assert params
leap_assert_type(keymanager, KeyManager)
assert_config_structure(config)
# and store them
+ self._userid = userid
self._km = keymanager
self._config = config
self._origin = None
@@ -310,6 +317,10 @@ class SMTPDelivery(object):
"""
# accept mail from anywhere. To reject an address, raise
# smtp.SMTPBadSender here.
+ if str(origin) != str(self._userid):
+ log.msg("Rejecting sender {0}, expected {1}".format(origin,
+ self._userid))
+ raise smtp.SMTPBadSender(origin)
self._origin = origin
return origin