defer_ok was not working if used on a callout with verify=header_sender.

[exim.git] / src / src / acl.c

diff --git a/src/src/acl.c b/src/src/acl.c
index 3f343c1834697c9c86fce21283710d48323f034a..47c4f86a258f906f296546e2782cfc40e7b03d5c 100644 (file)
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -1,10 +1,10 @@
-/* $Cambridge: exim/src/src/acl.c,v 1.9 2004/12/29 16:34:31 ph10 Exp $ */
+/* $Cambridge: exim/src/src/acl.c,v 1.18 2005/01/27 10:26:14 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) University of Cambridge 1995 - 2004 */
+/* Copyright (c) University of Cambridge 1995 - 2005 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 /* Code for handling Access Control Lists (ACLs) */
@@ -216,6 +216,7 @@ each condition, there's a bitmap of dis-allowed times. */
 
 static unsigned int cond_forbids[] = {
   0,                                               /* acl */
+   
   (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_CONNECT)|   /* authenticated */
     (1<<ACL_WHERE_HELO),
   
@@ -270,7 +271,9 @@ static unsigned int cond_forbids[] = {
 
   (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_CONNECT)|   /* encrypted */
     (1<<ACL_WHERE_HELO),
+     
   0,                                               /* endpass */
+   
   (1<<ACL_WHERE_NOTSMTP),                          /* hosts */
 
   (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)|      /* local_parts */
@@ -282,6 +285,7 @@ static unsigned int cond_forbids[] = {
     (1<<ACL_WHERE_VRFY),
 
   0,                                               /* log_message */
+   
   0,                                               /* logwrite */
   
 #ifdef WITH_CONTENT_SCAN
@@ -373,9 +377,9 @@ enum {
   CONTROL_ENFORCE_SYNC, CONTROL_NO_ENFORCE_SYNC, CONTROL_FREEZE,
   CONTROL_QUEUE_ONLY, CONTROL_SUBMISSION,
 #ifdef WITH_CONTENT_SCAN
-  CONTROL_NO_MBOX_UNSPOOL, CONTROL_FAKEREJECT,
+  CONTROL_NO_MBOX_UNSPOOL, 
 #endif
-  CONTROL_NO_MULTILINE };
+  CONTROL_FAKEREJECT, CONTROL_NO_MULTILINE };
 
 /* Bit map vector of which controls are not allowed at certain times. For
 each control, there's a bitmap of dis-allowed times. For some, it is easier to
@@ -385,28 +389,43 @@ static unsigned int control_forbids[] = {
 #ifdef EXPERIMENTAL_BRIGHTMAIL
   0,                                               /* bmi_run */
 #endif
+
   0,                                               /* error */
+  
+  (unsigned int) 
   ~(1<<ACL_WHERE_RCPT),                            /* caseful_local_part */
+   
+  (unsigned int) 
   ~(1<<ACL_WHERE_RCPT),                            /* caselower_local_part */
+   
   (1<<ACL_WHERE_NOTSMTP),                          /* enforce_sync */
+   
   (1<<ACL_WHERE_NOTSMTP),                          /* no_enforce_sync */
    
+  (unsigned int) 
   ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)|       /* freeze */
     (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
     (1<<ACL_WHERE_NOTSMTP)),
      
+  (unsigned int) 
   ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)|       /* queue_only */
     (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
     (1<<ACL_WHERE_NOTSMTP)),
      
+  (unsigned int) 
   ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)|       /* submission */
     (1<<ACL_WHERE_PREDATA)),                       
 
 #ifdef WITH_CONTENT_SCAN
-  (1<<ACL_WHERE_NOTSMTP),                          /* no_mbox_unspool */
-  (1<<ACL_WHERE_NOTSMTP),                          /* fakereject */
+  (unsigned int) 
+  ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)|       /* no_mbox_unspool */
+    (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)),
 #endif
 
+  (unsigned int) 
+  ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)|       /* fakereject */
+    (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)),
+
   (1<<ACL_WHERE_NOTSMTP)                           /* no_multiline */
 };
 
@@ -431,8 +450,8 @@ static control_def controls_list[] = {
   { US"queue_only",             CONTROL_QUEUE_ONLY, FALSE},
 #ifdef WITH_CONTENT_SCAN
   { US"no_mbox_unspool",        CONTROL_NO_MBOX_UNSPOOL, FALSE},
-  { US"fakereject",             CONTROL_FAKEREJECT, TRUE},
 #endif
+  { US"fakereject",             CONTROL_FAKEREJECT, TRUE},
   { US"submission",             CONTROL_SUBMISSION, TRUE}
   };
 
@@ -1188,14 +1207,20 @@ message if giving out verification details. */
 
 if (verify_header_sender)
   {
+  int verrno; 
   rc = verify_check_header_address(user_msgptr, log_msgptr, callout,
-    callout_overall, callout_connect, se_mailfrom, pm_mailfrom, verify_options);
-  if (smtp_return_error_details)
-    {
-    if (*user_msgptr == NULL && *log_msgptr != NULL)
-      *user_msgptr = string_sprintf("Rejected after DATA: %s", *log_msgptr);
-    if (rc == DEFER) acl_temp_details = TRUE;
-    }
+    callout_overall, callout_connect, se_mailfrom, pm_mailfrom, verify_options,
+    &verrno);
+  if (rc != OK)
+    { 
+    *basic_errno = verrno;
+    if (smtp_return_error_details)
+      {
+      if (*user_msgptr == NULL && *log_msgptr != NULL)
+        *user_msgptr = string_sprintf("Rejected after DATA: %s", *log_msgptr);
+      if (rc == DEFER) acl_temp_details = TRUE;
+      }
+    }   
   }
 
 /* Handle a sender address. The default is to verify *the* sender address, but
@@ -1326,8 +1351,10 @@ else
   rc = verify_address(&addr2, NULL, verify_options|vopt_is_recipient, callout,
     callout_overall, callout_connect, se_mailfrom, pm_mailfrom, NULL);
   HDEBUG(D_acl) debug_printf("----------- end verify ------------\n");
+  
   *log_msgptr = addr2.message;
-  *user_msgptr = addr2.user_message;
+  *user_msgptr = (addr2.user_message != NULL)? 
+    addr2.user_message : addr2.message;
   *basic_errno = addr2.basic_errno;
 
   /* Make $address_data visible */
@@ -1663,7 +1690,7 @@ for (; cb != NULL; cb = cb->next)
        else
         {
         /* Explicitly reset to default string */
-        fake_reject_text = US"Your message has been rejected but is being kept for evaluation.\nIf it was a legit message, it may still be delivered to the target recipient(s).";
+        fake_reject_text = US"Your message has been rejected but is being kept for evaluation.\nIf it was a legitimate message, it may still be delivered to the target recipient(s).";
         }
       break;
 
@@ -1728,7 +1755,10 @@ for (; cb != NULL; cb = cb->next)
           HDEBUG(D_acl)
             debug_printf("delay skipped in -bh checking mode\n");
           }
-        else sleep(delay);
+        else 
+          {
+          while (delay > 0) delay = sleep(delay);
+          } 
         }
       }
     break;