#!/usr/bin/perl
#
# relaylock
# smtp-poplock package by David Harris <dharris@drh.net>
#

use strict;

BEGIN: { require "/etc/smtp-poplock.conf" };

&main;

sub main
{
	# Grab the ip addr
	my $ip_addr = $ENV{'TCPREMOTEIP'};

	# Check for an ipaddr
	if ( $ip_addr eq "" ) {
		print STDERR "relaylock: TCPREMOTEIP environment variable is blank. please use tcp-env.\n";
		exit 1;
	}

	# Search for this ip address in the database
	my $value;
	if ( open FH, "< $Conf::dbfile" )
	{
		while ( <FH> )
		{
			next unless /^(\S+)\s(\S+)$/;
			if ( $1 eq $ip_addr )
			{
				$value = $2;
				last;
			}
		}
		close FH;
	}

	# Check access
	if ( defined $value and $value > time() )
	{
		$ENV{'RELAYCLIENT'} = "";
	}
	else
	{
		# They were not allowed by the database, so check the
		# static allowed file

		if ( open FH, "< $Conf::static_allowed_file" )
		{
			my $num_ipaddr;
			$num_ipaddr = ( ( $1 * 256 + $2 ) * 256 + $3 ) * 256 + $4
				if ( $ip_addr =~ /(\d+).(\d+).(\d+).(\d+)/ );

			while ( <FH> )
			{
				s/#.*$//;
				next unless /^\s*(\S+)\s*$/;
				my $pattern = $1;
				if ( $pattern eq $ip_addr )
				{
					$ENV{'RELAYCLIENT'} = "";
					last;
				}
				elsif ( defined $num_ipaddr and
					$pattern =~ /^(\d+).(\d+).(\d+).(\d+)[\\\/](?:(\d+).(\d+).(\d+).(\d+)|(\d+))$/ )
				{
					my $num_pat = ( ( $1 * 256 + $2 ) * 256 + $3 ) * 256 + $4;
					my $num_net = defined $9 ?
						( -1 << (32-$9) ) & 0xffffffff :
						( ( $5 * 256 + $6 ) * 256 + $7 ) * 256 + $8;
					if ( ($num_ipaddr & $num_net) == ($num_pat & $num_net) )
					{
						$ENV{'RELAYCLIENT'} = "";
						last;
					}
				}
				
			}
			close FH;
		}
	}

	# Exec our friend
	exec @ARGV;
	die "exec failed";
}