mod_mail: Fix alias resolution.

* mod_mail: Always resolve aliases case-insensitively. * mod_mail: Allow wildcard user matches for aliases. * net_smtp: Don't emit warning for partial wildcard (wildcard user but not domain) authorized sender, only full wildcards (user and domain).
InterLinked1 · Dec 31, 2024 · 1740b55 · 1740b55
1 parent b0597ee
commit 1740b55
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 9 deletions.
diff --git a/modules/mod_mail.c b/modules/mod_mail.c
@@ -459,14 +459,24 @@ static const char *resolve_alias(const char *user, const char *domain)
 
 	RWLIST_RDLOCK(&aliases);
 	RWLIST_TRAVERSE(&aliases, alias, entry) {
-		/* RFC 5321 4.5.1: postmaster match must be case-insensitive.
-		 * We allow all other matches to be made case-sensitively. */
-		if (!strcmp(alias->aliasuser, user) || (!strcmp(alias->aliasuser, "postmaster") && !strcasecmp(user, "postmaster"))) {
-			/* Unqualified match, or domain must match */
-			if (!alias->aliasdomain || (domain && !strcmp(alias->aliasdomain, domain))) {
-				retval = alias->target; /* Safe to return in practice since aliases cannot be unloaded while the module is running */
-				break;
-			}
+		int user_match;
+		if (!strcmp(alias->aliasuser, "*")) {
+			user_match = 1; /* Match like '*@example.com' */
+		} else if (!strcasecmp(alias->aliasuser, "postmaster")) {
+			/* RFC 5321 4.5.1: postmaster match must be case-insensitive.
+			 * All other matches could be case-sensitive,
+			 * but we also make them case-insensitively for compatibility. */
+			user_match = !strcasecmp(user, "postmaster");
+		} else {
+			user_match = !strcasecmp(alias->aliasuser, user); /* Explicit user match */
+		}
+		if (!user_match) {
+			continue;
+		}
+		/* Unqualified match, or domain must match */
+		if (!alias->aliasdomain || (domain && !strcasecmp(alias->aliasdomain, domain))) {
+			retval = alias->target; /* Safe to return in practice since aliases cannot be unloaded while the module is running */
+			break;
 		}
 	}
 	RWLIST_UNLOCK(&aliases);

diff --git a/nets/net_smtp.c b/nets/net_smtp.c
@@ -274,7 +274,7 @@ static void add_authorized_identity(const char *username, const char *identities
 {
 	struct smtp_authorized_identity *i;
 
-	if (STARTS_WITH(identities, "*")) {
+	if (!strcmp(identities, "*")) {
 		bbs_notice("This server is configured as an open mail relay for user '%s' and may be abused!\n", username);
 	}