github-public-mirror/ldap-acl-milter
1
0
Fork 0
mirror of https://github.com/chillout2k/ldap-acl-milter.git synced 2025-12-15 04:09:44 +00:00
Code Issues Projects Releases Wiki Activity

not worth a push

Browse Source
This commit is contained in:
Dominik Chilla 2019-04-17 23:19:08 +02:00
parent 4fb6c425a9
commit 275e584bed
2 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
app/ldap-acl-milter.py
View File

@ -114,14 +114,15 @@ class LdapAclMilter(Milter.Base):
pass pass
else: else:
# Authentication hierarchy! # Authentication hierarchy!
# 1. SASL authenticated # 1. x509 client certificate
# TODO: if auth_type sasl_user, check if authenticated user matches sasl_user and # 2. SASL authenticated
# TODO: check if sender/recipient pair match # if auth_type sasl_user, check if authenticated user matches sasl_user and
# 2. Client-IP authenticated # check if sender/recipient pair match
# TODO: if auth_type client_addr, check if client-ip matches client_addr # 3. Client-IP authenticated
# TODO: check if sender/recipient pair match # if auth_type client_addr, check if client-ip matches client_addr
# 3. not authenticated # check if sender/recipient pair match
# TODO: ldap-search with excluded sasl_user and client_addr attributes! # 4. not authenticated
# ldap-search with excluded sasl_user and client_addr attributes!
self.ldap_conn.search(g_ldap_base, self.ldap_conn.search(g_ldap_base,
"(&(allowedRcpts="+to+")(allowedSenders="+self.env_from+"))" "(&(allowedRcpts="+to+")(allowedSenders="+self.env_from+"))"
) )

1
docker/debian/Dockerfile
View File

@ -2,6 +2,7 @@ ARG http_proxy
ARG https_proxy ARG https_proxy
FROM debian FROM debian
LABEL maintainer="Dominik Chilla <dominik@zwackl.de>" LABEL maintainer="Dominik Chilla <dominik@zwackl.de>"
LABEL git_repo="https://github.com/chillout2k/ldap-acl-milter/tree/devel"
ENV DEBIAN_FRONTEND=noninteractive \ ENV DEBIAN_FRONTEND=noninteractive \
TZ=Europe/Berlin TZ=Europe/Berlin