exch: avoid leaking delegate into SMTP FROM under Send-As powers

References: GXH-169

Author: grammmike

exch/emsmdb/common_util.cpp

@@ -1458,8 +1458,11 @@ static BOOL common_util_get_propname(propid_t propid, PROPERTY_NAME **pppropname
 	return false;
 }
 
+/**
+ * @ev_from: address to use for Envelope-From
+ */
 ec_error_t cu_send_message(logon_object *plogon, message_object *msg,
-    bool b_submit) try
+    const char *ev_from) try
 {
 	uint64_t message_id = msg->get_id();
 	MAIL imail;
@@ -1545,7 +1548,7 @@ ec_error_t cu_send_message(logon_object *plogon, message_object *msg,
 		}
 	}
 
-	auto ret = ems_send_mail(&imail, plogon->get_account(), rcpt_list);
+	auto ret = ems_send_mail(&imail, ev_from, rcpt_list);
 	if (ret != ecSuccess) {
 		mlog2(LV_ERR, "E-1280: failed to send %s via SMTP: %s",
 			log_id.c_str(), mapi_strerror(ret));

exch/emsmdb/common_util.hpp

@@ -89,7 +89,7 @@ BOOL common_util_convert_rule_actions(BOOL to_unicode, RULE_ACTIONS *pactions);
 extern void common_util_notify_receipt(const char *username, int type, message_content *brief);
 extern ec_error_t ems_send_mail(MAIL *, const char *sender, const std::vector<std::string> &rcpts);
 extern ec_error_t ems_send_vmail(vmime::shared_ptr<vmime::message>, const char *sender, const std::vector<std::string> &rcpts);
-extern ec_error_t cu_send_message(logon_object *, message_object *, bool submit);
+extern ec_error_t cu_send_message(logon_object *, message_object *, const char *ev_from);
 extern bool bounce_producer_make(bool (*)(const char *, char *, size_t), bool (*)(const char *, char *, size_t), bool (*)(const char *, char *, size_t), const char *user, message_content *, const char *bounce_type, MAIL *);
 
 extern int (*common_util_add_timer)(const char *command, int interval);

exch/emsmdb/oxomsg.cpp

@@ -425,8 +425,9 @@ ec_error_t rop_submitmessage(uint8_t submit_flags, LOGMAP *plogmap,
 		pmessage->reload();
 		return ecSuccess;
 	}
-	
-	ret = cu_send_message(plogon, pmessage, true);
+
+	auto ev_from = repr_grant >= repr_grant::send_as ? delegator.c_str() : actor;
+	ret = cu_send_message(plogon, pmessage, ev_from);
 	if (ret != ecSuccess && ret != ecWarnWithErrors)
 		exmdb_client->clear_submit(dir, pmessage->get_id(), b_unsent);
 	else if (!b_delete)
@@ -664,7 +665,9 @@ ec_error_t rop_transportsend(TPROPVAL_ARRAY **pppropvals, LOGMAP *plogmap,
 			}
 		}
 	}
-	return cu_send_message(plogon, pmessage, false);
+
+	auto ev_from = repr_grant >= repr_grant::send_as ? delegator.c_str() : actor;
+	return cu_send_message(plogon, pmessage, ev_from);
 } catch (const std::bad_alloc &) {
 	mlog(LV_ERR, "E-2352: ENOMEM");
 	return ecServerOOM;

exch/zcore/common_util.cpp

@@ -1062,7 +1062,7 @@ static BOOL common_util_get_propname(propid_t propid, PROPERTY_NAME **pppropname
 }
 
 ec_error_t cu_send_message(store_object *pstore, message_object *msg,
-    bool b_submit) try
+    const char *ev_from) try
 {
 	uint64_t message_id = msg->get_id();
 	void *pvalue;
@@ -1143,8 +1143,7 @@ ec_error_t cu_send_message(store_object *pstore, message_object *msg,
 		}
 	}
 
-	auto ret = cu_send_mail(imail, g_smtp_url.c_str(),
-		   pstore->get_account(), rcpt_list);
+	auto ret = cu_send_mail(imail, g_smtp_url.c_str(), ev_from, rcpt_list);
 	if (ret != ecSuccess) {
 		mlog(LV_ERR, "E-1194: failed to send %s via SMTP: %s",
 			log_id.c_str(), mapi_strerror(ret));

exch/zcore/common_util.hpp

@@ -142,7 +142,7 @@ BOOL common_util_load_file(const char *path, BINARY *pbin);
 extern BOOL common_util_convert_to_zrule_data(store_object *, TPROPVAL_ARRAY *);
 extern ec_error_t cu_remote_copy_message(store_object *s0, uint64_t message_id, store_object *s1, uint64_t folder_id1);
 extern ec_error_t cu_remote_copy_folder(store_object *s0, uint64_t folder_id, store_object *s1, uint64_t folder_id1, const char *new_name);
-extern ec_error_t cu_send_message(store_object *, message_object *, bool submit);
+extern ec_error_t cu_send_message(store_object *, message_object *, const char *ev_from);
 extern BOOL common_util_message_to_rfc822(store_object *, uint64_t inst_id, BINARY *eml);
 extern message_content *cu_rfc822_to_message(store_object *, unsigned int mxf_flags, BINARY *eml);
 extern BOOL common_util_message_to_ical(store_object *, uint64_t msg_id, BINARY *ical);

exch/zcore/zserver.cpp

@@ -3352,7 +3352,8 @@ ec_error_t zs_submitmessage(GUID hsession, uint32_t hmessage) try
 			return ecSuccess;
 		}
 	}
-	auto ret = cu_send_message(pstore, pmessage, TRUE);
+	auto ev_from = repr_grant >= repr_grant::send_as ? delegator.c_str() : actor;
+	auto ret = cu_send_message(pstore, pmessage, ev_from);
 	if (ret != ecSuccess) {
 		exmdb_client->clear_submit(pstore->get_dir(),
 			pmessage->get_id(), b_unsent);