1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) University of Cambridge 1995 - 2018 */
6 /* Copyright (c) The Exim Maintainers 2020 */
7 /* See the file NOTICE for conditions of use and distribution. */
9 /* Functions for parsing addresses */
15 static const uschar *last_comment_position;
19 /* In stand-alone mode, provide a replacement for deliver_make_addr()
20 and rewrite_address[_qualify]() so as to avoid having to drag in too much
21 redundant apparatus. */
25 address_item *deliver_make_addr(uschar *address, BOOL copy)
27 address_item *addr = store_get(sizeof(address_item), FALSE);
30 addr->address = address;
34 uschar *rewrite_address(uschar *recipient, BOOL dummy1, BOOL dummy2, rewrite_rule
40 uschar *rewrite_address_qualify(uschar *recipient, BOOL dummy1)
50 /*************************************************
51 * Find the end of an address *
52 *************************************************/
54 /* Scan over a string looking for the termination of an address at a comma,
55 or end of the string. It's the source-routed addresses which cause much pain
56 here. Although Exim ignores source routes, it must recognize such addresses, so
57 we cannot get rid of this logic.
60 s pointer to the start of an address
61 nl_ends if TRUE, '\n' terminates an address
63 Returns: pointer past the end of the address
64 (i.e. points to null or comma)
68 parse_find_address_end(const uschar *s, BOOL nl_ends)
70 BOOL source_routing = *s == '@';
71 int no_term = source_routing? 1 : 0;
73 while (*s != 0 && (*s != ',' || no_term > 0) && (*s != '\n' || !nl_ends))
75 /* Skip single quoted characters. Strictly these should not occur outside
76 quoted strings in RFC 822 addresses, but they can in RFC 821 addresses. Pity
77 about the lack of consistency, isn't it? */
79 if (*s == '\\' && s[1] != 0) s += 2;
81 /* Skip quoted items that are not inside brackets. Note that
82 quoted pairs are allowed inside quoted strings. */
86 while (*(++s) != 0 && (*s != '\n' || !nl_ends))
88 if (*s == '\\' && s[1] != 0) s++;
89 else if (*s == '\"') { s++; break; }
93 /* Skip comments, which may include nested brackets, but quotes
94 are not recognized inside comments, though quoted pairs are. */
99 while (*(++s) != 0 && (*s != '\n' || !nl_ends))
101 if (*s == '\\' && s[1] != 0) s++;
102 else if (*s == '(') level++;
103 else if (*s == ')' && --level <= 0) { s++; break; }
107 /* Non-special character; just advance. Passing the colon in a source
108 routed address means that any subsequent comma or colon may terminate unless
109 inside angle brackets. */
115 source_routing = s[1] == '@';
116 no_term = source_routing? 2 : 1;
118 else if (*s == '>') no_term--;
119 else if (source_routing && *s == ':') no_term--;
129 /*************************************************
130 * Find last @ in an address *
131 *************************************************/
133 /* This function is used when we have something that may not qualified. If we
134 know it's qualified, searching for the rightmost '@' is sufficient. Here we
135 have to be a bit more clever than just a plain search, in order to handle
136 unqualified local parts like "thing@thong" correctly. Since quotes may not
137 legally be part of a domain name, we can give up on hitting the first quote
138 when searching from the right. Now that the parsing also permits the RFC 821
139 form of address, where quoted-pairs are allowed in unquoted local parts, we
140 must take care to handle that too.
142 Argument: pointer to an address, possibly unqualified
143 Returns: pointer to the last @ in an address, or NULL if none
147 parse_find_at(const uschar *s)
149 const uschar * t = s + Ustrlen(s);
153 int backslash_count = 0;
154 const uschar *tt = t - 1;
155 while (tt > s && *tt-- == '\\') backslash_count++;
156 if ((backslash_count & 1) == 0) return t;
167 /***************************************************************************
168 * In all the functions below that read a particular object type from *
169 * the input, return the new value of the pointer s (the first argument), *
170 * and put the object into the store pointed to by t (the second argument), *
171 * adding a terminating zero. If no object is found, t will point to zero *
173 ***************************************************************************/
176 /*************************************************
177 * Skip white space and comment *
178 *************************************************/
182 (2) If uschar not '(', return.
183 (3) Skip till matching ')', not counting any characters
185 (4) Move past ')' and goto (1).
187 The start of the last potential comment position is remembered to
188 make it possible to ignore comments at the end of compound items.
190 Argument: current character pointer
191 Returns: new character pointer
194 static const uschar *
195 skip_comment(const uschar *s)
197 last_comment_position = s;
202 if (Uskip_whitespace(&s) != '(') break;
206 if (c == '(') level++;
207 else if (c == ')') { if (--level <= 0) { s++; break; } }
208 else if (c == '\\' && s[1] != 0) s++;
216 /*************************************************
218 *************************************************/
220 /* A domain is a sequence of subdomains, separated by dots. See comments below
221 for detailed syntax of the subdomains.
223 If allow_domain_literals is TRUE, a "domain" may also be an IP address enclosed
224 in []. Make sure the output is set to the null string if there is a syntax
225 error as well as if there is no domain at all.
227 Optionally, msg_id domain literals ( printable-ascii enclosed in [] )
231 s current character pointer
232 t where to put the domain
233 msg_id_literals flag for relaxed domain-literal processing
234 errorptr put error message here on failure (*t will be 0 on exit)
236 Returns: new character pointer
239 static const uschar *
240 read_domain(const uschar *s, uschar *t, BOOL msg_id_literals, uschar **errorptr)
245 /* Handle domain literals if permitted. An RFC 822 domain literal may contain
246 any character except [ ] \, including linear white space, and may contain
247 quoted characters. However, RFC 821 restricts literals to being dot-separated
248 3-digit numbers, and we make the obvious extension for IPv6. Go for a sequence
249 of digits, dots, hex digits, and colons here; later this will be checked for
250 being a syntactically valid IP address if it ever gets to a router.
252 Allow both the formal IPv6 form, with IPV6: at the start, and the informal form
253 without it, and accept IPV4: as well, 'cause someone will use it sooner or
260 if (strncmpic(s, US"IPv6:", 5) == 0 || strncmpic(s, US"IPv4:", 5) == 0)
268 while (*s >= 33 && *s <= 90 || *s >= 94 && *s <= 126) *t++ = *s++;
270 while (*s == '.' || *s == ':' || isxdigit(*s)) *t++ = *s++;
272 if (*s == ']') *t++ = *s++; else
274 *errorptr = US"malformed domain literal";
278 if (!allow_domain_literals && !msg_id_literals)
280 *errorptr = US"domain literals not allowed";
284 return skip_comment(s);
287 /* Handle a proper domain, which is a sequence of dot-separated atoms. Remove
288 trailing dots if strip_trailing_dot is set. A subdomain is an atom.
290 An atom is a sequence of any characters except specials, space, and controls.
291 The specials are ( ) < > @ , ; : \ " . [ and ]. This is the rule for RFC 822
292 and its successor (RFC 2822). However, RFC 821 and its successor (RFC 2821) is
293 tighter, allowing only letters, digits, and hyphens, not starting with a
296 There used to be a global flag that got set when checking addresses that came
297 in over SMTP and which should therefore should be checked according to the
298 stricter rule. However, it seems silly to make the distinction, because I don't
299 suppose anybody ever uses local domains that are 822-compliant and not
300 821-compliant. Furthermore, Exim now has additional data on the spool file line
301 after an address (after "one_time" processing), and it makes use of a #
302 character to delimit it. When I wrote that code, I forgot about this 822-domain
303 stuff, and assumed # could never appear in a domain.
305 So the old code is now cut out for Release 4.11 onwards, on 09-Aug-02. In a few
306 years, when we are sure this isn't actually causing trouble, throw it away.
308 March 2003: the story continues: There is a camp that is arguing for the use of
309 UTF-8 in domain names as the way to internationalization, and other MTAs
310 support this. Therefore, we now have a flag that permits the use of characters
311 with values greater than 127, encoded in UTF-8, in subdomains, so that Exim can
312 be used experimentally in this way. */
318 /*********************
321 if (*s != '-') while (isalnum(*s) || *s == '-') *t++ = *s++;
324 while (!mac_iscntrl_or_special(*s)) *t++ = *s++;
325 *********************/
329 /* Only letters, digits, and hyphens */
331 if (!allow_utf8_domains)
333 while (isalnum(*s) || *s == '-') *t++ = *s++;
336 /* Permit legal UTF-8 characters to be included */
341 if (isalnum(*s) || *s == '-') /* legal ascii characters */
346 if ((*s & 0xc0) != 0xc0) break; /* not start of UTF-8 character */
348 for (i = 1; i < 6; i++) /* i is the number of additional bytes */
350 if ((d & 0x80) == 0) break;
353 if (i == 6) goto BAD_UTF8; /* invalid UTF-8 */
354 *t++ = *s++; /* leading UTF-8 byte */
355 while (i-- > 0) /* copy and check remainder */
357 if ((*s & 0xc0) != 0x80)
360 *errorptr = US"invalid UTF-8 byte sequence";
366 } /* End of loop for UTF-8 character */
367 } /* End of subdomain */
372 if (t == tsave) /* empty component */
374 if (strip_trailing_dot && t > tt && *s != '.') t[-1] = 0; else
376 *errorptr = US"domain missing or malformed";
382 if (*s != '.') break;
392 /*************************************************
393 * Read a local-part *
394 *************************************************/
396 /* A local-part is a sequence of words, separated by periods. A null word
397 between dots is not strictly allowed but apparently many mailers permit it,
398 so, sigh, better be compatible. Even accept a trailing dot...
400 A <word> is either a quoted string, or an <atom>, which is a sequence
401 of any characters except specials, space, and controls. The specials are
402 ( ) < > @ , ; : \ " . [ and ]. In RFC 822, a single quoted character, (a
403 quoted-pair) is not allowed in a word. However, in RFC 821, it is permitted in
404 the local part of an address. Rather than have separate parsing functions for
405 the different cases, take the liberal attitude always. At least one MUA is
406 happy to recognize this case; I don't know how many other programs do.
409 s current character pointer
410 t where to put the local part
411 error where to point error text
412 allow_null TRUE if an empty local part is not an error
414 Returns: new character pointer
417 static const uschar *
418 read_local_part(const uschar *s, uschar *t, uschar **error, BOOL allow_null)
428 /* Handle a quoted string */
433 while ((c = *++s) && c != '\"')
436 if (c == '\\' && s[1]) *t++ = *++s;
445 *error = US"unmatched doublequote in local part";
450 /* Handle an atom, but allow quoted pairs within it. */
452 else while (!mac_iscntrl_or_special(*s) || *s == '\\')
455 if (c == '\\' && *s) *t++ = *s++;
458 /* Terminate the word and skip subsequent comment */
463 /* If we have read a null component at this point, give an error unless it is
464 terminated by a dot - an extension to RFC 822 - or if it is the first
465 component of the local part and an empty local part is permitted, in which
466 case just return normally. */
468 if (t == tsave && *s != '.')
470 if (t == tt && !allow_null)
471 *error = US"missing or malformed local part";
475 /* Anything other than a dot terminates the local part. Treat multiple dots
476 as a single dot, as this seems to be a common extension. */
478 if (*s != '.') break;
479 do { *t++ = *s++; } while (*s == '.');
486 /*************************************************
487 * Read route part of route-addr *
488 *************************************************/
490 /* The pointer is at the initial "@" on entry. Return it following the
491 terminating colon. Exim no longer supports the use of source routes, but it is
492 required to accept the syntax.
495 s current character pointer
496 t where to put the route
497 errorptr where to put an error message
499 Returns: new character pointer
502 static const uschar *
503 read_route(const uschar *s, uschar *t, uschar **errorptr)
511 s = read_domain(s+1, t, FALSE, errorptr);
512 if (*t == 0) return s;
513 t += Ustrlen((const uschar *)t);
514 if (*s != ',') break;
520 if (*s == ':') *t++ = *s++;
522 /* If there is no colon, and there were no commas, the most likely error
523 is in fact a missing local part in the address rather than a missing colon
526 else *errorptr = commas?
527 US"colon expected after route list" :
530 /* Terminate the route and return */
533 return skip_comment(s);
538 /*************************************************
540 *************************************************/
542 /* Addr-spec is local-part@domain. We make the domain optional -
543 the expected terminator for the whole thing is passed to check this.
544 This function is called only when we know we have a route-addr.
547 s current character pointer
548 t where to put the addr-spec
549 term expected terminator (0 or >)
550 errorptr where to put an error message
551 domainptr set to point to the start of the domain
553 Returns: new character pointer
556 static const uschar *
557 read_addr_spec(const uschar *s, uschar *t, int term, uschar **errorptr,
560 s = read_local_part(s, t, errorptr, FALSE);
561 if (*errorptr == NULL)
564 *errorptr = string_sprintf("\"@\" or \".\" expected after \"%s\"", t);
567 t += Ustrlen((const uschar *)t);
570 s = read_domain(s, t, FALSE, errorptr);
577 /*************************************************
578 * Extract operative address *
579 *************************************************/
581 /* This function extracts an operative address from a full RFC822 mailbox and
582 returns it in a piece of dynamic store. We take the easy way and get a piece
583 of store the same size as the input, and then copy into it whatever is
584 necessary. If we cannot find a valid address (syntax error), return NULL, and
585 point the error pointer to the reason. The arguments "start" and "end" are used
586 to return the offsets of the first and one past the last characters in the
587 original mailbox of the address that has been extracted, to aid in re-writing.
588 The argument "domain" is set to point to the first character after "@" in the
589 final part of the returned address, or zero if there is no @.
591 Exim no longer supports the use of source routed addresses (those of the form
592 @domain,...:route_addr). It recognizes the syntax, but collapses such addresses
593 down to their final components. Formerly, collapse_source_routes had to be set
594 to achieve this effect. RFC 1123 allows collapsing with MAY, while the revision
595 of RFC 821 had increased this to SHOULD, so I've gone for it, because it makes
596 a lot of code elsewhere in Exim much simpler.
598 There are some special fudges here for handling RFC 822 group address notation
599 which may appear in certain headers. If the flag parse_allow_group is set
600 TRUE and parse_found_group is FALSE when this function is called, an address
601 which is the start of a group (i.e. preceded by a phrase and a colon) is
602 recognized; the phrase is ignored and the flag parse_found_group is set. If
603 this flag is TRUE at the end of an address, and if an extraneous semicolon is
604 found, it is ignored and the flag is cleared.
606 This logic is used only when scanning through addresses in headers, either to
607 fulfil the -t option, or for rewriting, or for checking header syntax. Because
608 the group "state" has to be remembered between multiple calls of this function,
609 the variables parse_{allow,found}_group are global. It is important to ensure
610 that they are reset to FALSE at the end of scanning a header's list of
614 mailbox points to the RFC822 mailbox
615 errorptr where to point an error message
616 start set to start offset in mailbox
617 end set to end offset in mailbox
618 domain set to domain offset in result, or 0 if no domain present
619 allow_null allow <> if TRUE
621 Returns: points to the extracted address, or NULL on error
624 #define FAILED(s) { *errorptr = s; goto PARSE_FAILED; }
627 parse_extract_address(const uschar *mailbox, uschar **errorptr, int *start, int *end,
628 int *domain, BOOL allow_null)
630 uschar *yield = store_get(Ustrlen(mailbox) + 1, is_tainted(mailbox));
631 const uschar *startptr, *endptr;
632 const uschar *s = US mailbox;
633 uschar *t = US yield;
637 /* At the start of the string we expect either an addr-spec or a phrase
638 preceding a <route-addr>. If groups are allowed, we might also find a phrase
639 preceding a colon and an address. If we find an initial word followed by
640 a dot, strict interpretation of the RFC would cause it to be taken
641 as the start of an addr-spec. However, many mailers break the rules
642 and use addresses of the form "a.n.other <ano@somewhere>" and so we
645 RESTART: /* Come back here after passing a group name */
648 startptr = s; /* In case addr-spec */
649 s = read_local_part(s, t, errorptr, TRUE); /* Dot separated words */
650 if (*errorptr) goto PARSE_FAILED;
652 /* If the terminator is neither < nor @ then the format of the address
653 must either be a bare local-part (we are now at the end), or a phrase
654 followed by a route-addr (more words must follow). */
656 if (*s != '@' && *s != '<')
658 if (*s == 0 || *s == ';')
660 if (!*t) FAILED(US"empty address");
661 endptr = last_comment_position;
662 goto PARSE_SUCCEEDED; /* Bare local part */
665 /* Expect phrase route-addr, or phrase : if groups permitted, but allow
666 dots in the phrase; complete the loop only when '<' or ':' is encountered -
667 end of string will produce a null local_part and therefore fail. We don't
668 need to keep updating t, as the phrase isn't to be kept. */
670 while (*s != '<' && (!f.parse_allow_group || *s != ':'))
672 s = read_local_part(s, t, errorptr, FALSE);
675 *errorptr = string_sprintf("%s (expected word or \"<\")", *errorptr);
682 f.parse_found_group = TRUE;
683 f.parse_allow_group = FALSE;
688 /* Assert *s == '<' */
691 /* At this point the next character is either '@' or '<'. If it is '@', only a
692 single local-part has previously been read. An angle bracket signifies the
693 start of an <addr-spec>. Throw away anything we have saved so far before
694 processing it. Note that this is "if" rather than "else if" because it's also
695 used after reading a preceding phrase.
697 There are a lot of broken sendmails out there that put additional pairs of <>
698 round <route-addr>s. If strip_excess_angle_brackets is set, allow a limited
699 number of them, as long as they match. */
703 uschar *domainptr = yield;
704 BOOL source_routed = FALSE;
705 int bracket_count = 1;
708 if (strip_excess_angle_brackets) while (*s == '<')
710 if(bracket_count++ > 5) FAILED(US"angle-brackets nested too deep");
718 /* Read an optional series of routes, each of which is a domain. They
719 are separated by commas and terminated by a colon. However, we totally ignore
720 such routes (RFC 1123 says we MAY, and the revision of RFC 821 says we
725 s = read_route(s, t, errorptr);
726 if (*errorptr) goto PARSE_FAILED;
727 *t = 0; /* Ensure route is ignored - probably overkill */
728 source_routed = TRUE;
731 /* Now an addr-spec, terminated by '>'. If there is no preceding route,
732 we must allow an empty addr-spec if allow_null is TRUE, to permit the
733 address "<>" in some circumstances. A source-routed address MUST have
734 a domain in the final part. */
736 if (allow_null && !source_routed && *s == '>')
743 s = read_addr_spec(s, t, '>', errorptr, &domainptr);
744 if (*errorptr) goto PARSE_FAILED;
745 *domain = domainptr - yield;
746 if (source_routed && *domain == 0)
747 FAILED(US"domain missing in source-routed address");
751 if (*errorptr) goto PARSE_FAILED;
752 while (bracket_count-- > 0) if (*s++ != '>')
754 *errorptr = s[-1] == 0
755 ? US"'>' missing at end of address"
756 : string_sprintf("malformed address: %.32s may not follow %.*s",
757 s-1, (int)(s - US mailbox - 1), mailbox);
764 /* Hitting '@' after the first local-part means we have definitely got an
765 addr-spec, on a strict reading of the RFC, and the rest of the string
766 should be the domain. However, for flexibility we allow for a route-address
767 not enclosed in <> as well, which is indicated by an empty first local
768 part preceding '@'. The source routing is, however, ignored. */
772 uschar *domainptr = yield;
773 s = read_route(s, t, errorptr);
774 if (*errorptr) goto PARSE_FAILED;
775 *t = 0; /* Ensure route is ignored - probably overkill */
776 s = read_addr_spec(s, t, 0, errorptr, &domainptr);
777 if (*errorptr) goto PARSE_FAILED;
778 *domain = domainptr - yield;
779 endptr = last_comment_position;
780 if (*domain == 0) FAILED(US"domain missing in source-routed address");
783 /* This is the strict case of local-part@domain. */
787 t += Ustrlen((const uschar *)t);
790 s = read_domain(s, t, TRUE, errorptr);
791 if (!*t) goto PARSE_FAILED;
792 endptr = last_comment_position;
795 /* Use goto to get here from the bare local part case. Arrive by falling
796 through for other cases. Endptr may have been moved over whitespace, so
797 move it back past white space if necessary. */
802 if (f.parse_found_group && *s == ';')
804 f.parse_found_group = FALSE;
805 f.parse_allow_group = TRUE;
809 *errorptr = string_sprintf("malformed address: %.32s may not follow %.*s",
810 s, (int)(s - US mailbox), mailbox);
814 *start = startptr - US mailbox; /* Return offsets */
815 while (isspace(endptr[-1])) endptr--;
816 *end = endptr - US mailbox;
818 /* Although this code has no limitation on the length of address extracted,
819 other parts of Exim may have limits, and in any case, RFC 5321 limits email
820 addresses to 256, so we do a check here, giving an error if the address is
821 ridiculously long. */
823 if (*end - *start > EXIM_EMAILADDR_MAX)
825 *errorptr = string_sprintf("address is ridiculously long: %.64s...", yield);
831 /* Use goto (via the macro FAILED) to get to here from a variety of places.
832 We might have an empty address in a group - the caller can choose to ignore
833 this. We must, however, keep the flags correct. */
836 if (f.parse_found_group && *s == ';')
838 f.parse_found_group = FALSE;
839 f.parse_allow_group = TRUE;
848 /*************************************************
849 * Quote according to RFC 2047 *
850 *************************************************/
852 /* This function is used for quoting text in headers according to RFC 2047.
853 If the only characters that strictly need quoting are spaces, we return the
854 original string, unmodified.
856 Hmmph. As always, things get perverted for other uses. This function was
857 originally for the "phrase" part of addresses. Now it is being used for much
858 longer texts in ACLs and via the ${rfc2047: expansion item. This means we have
859 to check for overlong "encoded-word"s and split them. November 2004.
862 string the string to quote - already checked to contain non-printing
864 len the length of the string
865 charset the name of the character set; NULL => iso-8859-1
866 fold if TRUE, a newline is inserted before the separating space when
867 more than one encoded-word is generated
869 Returns: pointer to the original string, if no quoting needed, or
870 pointer to allocated memory containing the quoted string
874 parse_quote_2047(const uschar *string, int len, const uschar *charset,
877 const uschar * s = string;
880 BOOL first_byte = FALSE;
882 string_fmt_append(NULL, "=?%s?Q?", charset ? charset : US"iso-8859-1");
886 for (s = string; len > 0; s++, len--)
890 if (g->ptr - l > 67 && !first_byte)
892 g = fold ? string_catn(g, US"?=\n ", 4) : string_catn(g, US"?= ", 3);
894 g = string_catn(g, g->s, hlen);
897 if ( ch < 33 || ch > 126
898 || Ustrchr("?=()<>@,;:\\\".[]_", ch) != NULL)
902 g = string_catn(g, US"_", 1);
907 g = string_fmt_append(g, "=%02X", ch);
909 first_byte = !first_byte;
913 { g = string_catn(g, s, 1); first_byte = FALSE; }
917 string = string_from_gstring(g = string_catn(g, US"?=", 2));
921 gstring_release_unused(g);
928 /*************************************************
929 * Fix up an RFC 822 "phrase" *
930 *************************************************/
932 /* This function is called to repair any syntactic defects in the "phrase" part
933 of an RFC822 address. In particular, it is applied to the user's name as read
934 from the passwd file when accepting a local message, and to the data from the
937 If the string contains existing quoted strings or comments containing
938 freestanding quotes, then we just quote those bits that need quoting -
939 otherwise it would get awfully messy and probably not look good. If not, we
940 quote the whole thing if necessary. Thus
942 John Q. Smith => "John Q. Smith"
943 John "Jack" Smith => John "Jack" Smith
944 John "Jack" Q. Smith => John "Jack" "Q." Smith
945 John (Jack) Q. Smith => "John (Jack) Q. Smith"
946 John ("Jack") Q. Smith => John ("Jack") "Q." Smith
948 John (\"Jack\") Q. Smith => "John (\"Jack\") Q. Smith"
950 Sheesh! This is tedious code. It is a great pity that the syntax of RFC822 is
953 August 2000: Additional code added:
955 Previously, non-printing characters were turned into question marks, which do
956 not need to be quoted.
958 Now, a different tactic is used if there are any non-printing ASCII
959 characters. The encoding method from RFC 2047 is used, assuming iso-8859-1 as
962 We *could* use this for all cases, getting rid of the messy original code,
963 but leave it for now. It would complicate simple cases like "John Q. Smith".
965 The result is passed back in allocated memory.
968 phrase an RFC822 phrase
969 len the length of the phrase
971 Returns: the fixed RFC822 phrase
975 parse_fix_phrase(const uschar *phrase, int len)
979 const uschar *s, *end;
983 while (len > 0 && isspace(*phrase)) { phrase++; len--; }
985 /* See if there are any non-printing characters, and if so, use the RFC 2047
986 encoding for the whole thing. */
988 for (i = 0, s = phrase; i < len; i++, s++)
989 if ((*s < 32 && *s != '\t') || *s > 126) break;
992 return parse_quote_2047(phrase, len, headers_charset, FALSE);
994 /* No non-printers; use the RFC 822 quoting rules */
996 if (len <= 0 || len >= INT_MAX/4)
998 return string_copy_taint(CUS"", is_tainted(phrase));
1001 buffer = store_get((len+1)*4, is_tainted(phrase));
1005 yield = t = buffer + 1;
1011 /* Copy over quoted strings, remembering we encountered one */
1016 while (s < end && (ch = *s++) != '\"')
1019 if (ch == '\\' && s < end) *t++ = *s++;
1022 if (s >= end) break;
1026 /* Copy over comments, noting if they contain freestanding quote
1037 if (ch == '(') level++;
1038 else if (ch == ')') { if (--level <= 0) break; }
1039 else if (ch == '\\' && s < end) *t++ = *s++ & 127;
1040 else if (ch == '\"') quoted = TRUE;
1044 while (level--) *t++ = ')';
1049 /* Handle special characters that need to be quoted */
1051 else if (Ustrchr(")<>@,;:\\.[]", ch) != NULL)
1053 /* If hit previous quotes just make one quoted "word" */
1058 while (*(--tt) != ' ' && *tt != '\"' && *tt != ')') tt[1] = *tt;
1064 if (ch == ' ' || ch == '\"') { s--; break; } else *t++ = ch;
1069 /* Else quote the whole string so far, and the rest up to any following
1070 quotes. We must treat anything following a backslash as a literal. */
1074 BOOL escaped = (ch == '\\');
1078 /* Now look for the end or a quote */
1084 /* Handle escaped pairs */
1092 else if (ch == '\\')
1098 /* If hit subsequent quotes, insert our quote before any trailing
1099 spaces and back up to re-handle the quote in the outer loop. */
1101 else if (ch == '\"')
1104 while (t[-1] == ' ') { t--; count++; }
1106 while (count-- > 0) *t++ = ' ';
1111 /* If hit a subsequent comment, check it for unescaped quotes,
1112 and if so, end our quote before it. */
1116 const uschar *ss = s; /* uschar after '(' */
1121 if (ch == '(') level++;
1122 else if (ch == ')') { if (--level <= 0) break; }
1123 else if (ch == '\\' && ss+1 < end) ss++;
1124 else if (ch == '\"') { quoted = TRUE; break; }
1127 /* Comment contains unescaped quotes; end our quote before
1128 the start of the comment. */
1133 while (t[-1] == ' ') { t--; count++; }
1135 while (count-- > 0) *t++ = ' ';
1139 /* Comment does not contain unescaped quotes; include it in
1144 if (ss >= end) ss--;
1148 Ustrncpy(t, s, ss-s);
1155 /* Not a comment or quote; include this character in our quotes. */
1161 /* Add a final quote if we hit the end of the string. */
1163 if (s >= end) *t++ = '\"';
1166 /* Non-special character; just copy it over */
1172 store_release_above(t+1);
1177 /*************************************************
1178 * Extract addresses from a list *
1179 *************************************************/
1181 /* This function is called by the redirect router to scan a string containing a
1182 list of addresses separated by commas (with optional white space) or by
1183 newlines, and to generate a chain of address items from them. In other words,
1184 to unpick data from an alias or .forward file.
1186 The SunOS5 documentation for alias files is not very clear on the syntax; it
1187 does not say that either a comma or a newline can be used for separation.
1188 However, that is the way Smail does it, so we follow suit.
1190 If a # character is encountered in a white space position, then characters from
1191 there to the next newline are skipped.
1193 If an unqualified address begins with '\', just skip that character. This gives
1194 compatibility with Sendmail's use of \ to prevent looping. Exim has its own
1195 loop prevention scheme which handles other cases too - see the code in
1198 An "address" can be a specification of a file or a pipe; the latter may often
1199 need to be quoted because it may contain spaces, but we don't want to retain
1200 the quotes. Quotes may appear in normal addresses too, and should be retained.
1201 We can distinguish between these cases, because in addresses, quotes are used
1202 only for parts of the address, not the whole thing. Therefore, we remove quotes
1203 from items when they entirely enclose them, but not otherwise.
1205 An "address" can also be of the form :include:pathname to include a list of
1206 addresses contained in the specified file.
1208 Any unqualified addresses are qualified with and rewritten if necessary, via
1209 the rewrite_address() function.
1212 s the list of addresses (typically a complete
1213 .forward file or a list of entries in an alias file)
1214 options option bits for permitting or denying various special cases;
1215 not all bits are relevant here - some are for filter
1216 files; those we use here are:
1223 anchor where to hang the chain of newly-created addresses. This
1224 should be initialized to NULL.
1225 error where to return an error text
1226 incoming domain domain of the incoming address; used to qualify unqualified
1227 local parts preceded by \
1228 directory if NULL, no checks are done on :include: files
1229 otherwise, included file names must start with the given
1231 syntax_errors if not NULL, it carries on after syntax errors in addresses,
1232 building up a list of errors as error blocks chained on
1235 Returns: FF_DELIVERED addresses extracted
1236 FF_NOTDELIVERED no addresses extracted, but no errors
1237 FF_BLACKHOLE :blackhole:
1240 FF_INCLUDEFAIL some problem with :include:; *error set
1241 FF_ERROR other problems; *error is set
1245 parse_forward_list(const uschar *s, int options, address_item **anchor,
1246 uschar **error, const uschar *incoming_domain, uschar *directory,
1247 error_block **syntax_errors)
1251 DEBUG(D_route) debug_printf("parse_forward_list: %s\n", s);
1259 const uschar *ss, *nexts;
1261 BOOL inquote = FALSE;
1265 while (isspace(*s) || *s == ',') s++;
1266 if (*s == '#') { while (*s != 0 && *s != '\n') s++; } else break;
1269 /* When we reach the end of the list, we return FF_DELIVERED if any child
1270 addresses have been generated. If nothing has been generated, there are two
1271 possibilities: either the list is really empty, or there were syntax errors
1272 that are being skipped. (If syntax errors are not being skipped, an FF_ERROR
1273 return is generated on hitting a syntax error and we don't get here.) For a
1274 truly empty list we return FF_NOTDELIVERED so that the router can decline.
1275 However, if the list is empty only because syntax errors were skipped, we
1276 return FF_DELIVERED. */
1280 return (count > 0 || (syntax_errors && *syntax_errors))
1281 ? FF_DELIVERED : FF_NOTDELIVERED;
1283 /* This previous code returns FF_ERROR if nothing is generated but a
1284 syntax error has been skipped. I now think it is the wrong approach, but
1285 have left this here just in case, and for the record. */
1288 if (count > 0) return FF_DELIVERED; /* Something was generated */
1290 if (syntax_errors == NULL || /* Not skipping syntax errors, or */
1291 *syntax_errors == NULL) /* we didn't actually skip any */
1292 return FF_NOTDELIVERED;
1294 *error = string_sprintf("no addresses generated: syntax error in %s: %s",
1295 (*syntax_errors)->text2, (*syntax_errors)->text1);
1300 /* Find the end of the next address. Quoted strings in addresses may contain
1301 escaped characters; I haven't found a proper specification of .forward or
1302 alias files that mentions the quoting properties, but it seems right to do
1303 the escaping thing in all cases, so use the function that finds the end of an
1304 address. However, don't let a quoted string extend over the end of a line. */
1306 ss = parse_find_address_end(s, TRUE);
1308 /* Remember where we finished, for starting the next one. */
1312 /* Remove any trailing spaces; we know there's at least one non-space. */
1314 while (isspace((ss[-1]))) ss--;
1316 /* We now have s->start and ss->end of the next address. Remove quotes
1317 if they completely enclose, remembering the address started with a quote
1318 for handling pipes and files. Another round of removal of leading and
1319 trailing spaces is then required. */
1321 if (*s == '\"' && ss[-1] == '\"')
1326 while (s < ss && isspace(*s)) s++;
1327 while (ss > s && isspace((ss[-1]))) ss--;
1330 /* Set up the length of the address. */
1334 DEBUG(D_route) debug_printf("extract item: %.*s\n", len, s);
1336 /* Handle special addresses if permitted. If the address is :unknown:
1337 ignore it - this is for backward compatibility with old alias files. You
1338 don't need to use it nowadays - just generate an empty string. For :defer:,
1339 :blackhole:, or :fail: we have to set up the error message and give up right
1342 if (Ustrncmp(s, ":unknown:", len) == 0)
1348 if (Ustrncmp(s, ":defer:", 7) == 0)
1349 { special = FF_DEFER; specopt = RDO_DEFER; } /* specbit is 0 */
1350 else if (Ustrncmp(s, ":blackhole:", 11) == 0)
1351 { special = FF_BLACKHOLE; specopt = specbit = RDO_BLACKHOLE; }
1352 else if (Ustrncmp(s, ":fail:", 6) == 0)
1353 { special = FF_FAIL; specopt = RDO_FAIL; } /* specbit is 0 */
1357 uschar *ss = Ustrchr(s+1, ':') + 1;
1358 if ((options & specopt) == specbit)
1360 *error = string_sprintf("\"%.*s\" is not permitted", len, s);
1363 while (*ss && isspace(*ss)) ss++;
1364 while (s[len] && s[len] != '\n') len++;
1365 *error = string_copyn(ss, s + len - ss);
1369 /* If the address is of the form :include:pathname, read the file, and call
1370 this function recursively to extract the addresses from it. If directory is
1371 NULL, do no checks. Otherwise, insist that the file name starts with the
1372 given directory and is a regular file. */
1374 if (Ustrncmp(s, ":include:", 9) == 0)
1377 uschar filename[256];
1378 const uschar * t = s+9;
1381 struct stat statbuf;
1385 while (flen > 0 && isspace(*t)) { t++; flen--; }
1389 *error = US"file name missing after :include:";
1395 *error = string_sprintf("included file name \"%s\" is too long", t);
1399 Ustrncpy(filename, t, flen);
1402 /* Insist on absolute path */
1404 if (filename[0] != '/')
1406 *error = string_sprintf("included file \"%s\" is not an absolute path",
1411 /* Check if include is permitted */
1413 if (options & RDO_INCLUDE)
1415 *error = US"included files not permitted";
1419 if ((*error = is_tainted2(filename, 0, "Tainted name '%s' for included file not permitted\n", filename)))
1422 /* Check file name if required */
1426 int len = Ustrlen(directory);
1427 uschar *p = filename + len;
1429 if (Ustrncmp(filename, directory, len) != 0 || *p != '/')
1431 *error = string_sprintf("included file %s is not in directory %s",
1432 filename, directory);
1436 #ifdef EXIM_HAVE_OPENAT
1437 /* It is necessary to check that every component inside the directory
1438 is NOT a symbolic link, in order to keep the file inside the directory.
1439 This is mighty tedious. We open the directory and openat every component,
1440 with a flag that fails symlinks. */
1443 int fd = exim_open2(CS directory, O_RDONLY);
1446 *error = string_sprintf("failed to open directory %s", directory);
1455 while (*++p && *p != '/') ;
1459 fd2 = exim_openat(fd, CS q, O_RDONLY|O_NOFOLLOW);
1464 *error = string_sprintf("failed to open %s (component of included "
1465 "file); could be symbolic link", filename);
1470 f = fdopen(fd, "rb");
1473 /* It is necessary to check that every component inside the directory
1474 is NOT a symbolic link, in order to keep the file inside the directory.
1475 This is mighty tedious. It is also not totally foolproof in that it
1476 leaves the possibility of a race attack, but I don't know how to do
1482 while (*++p && *p != '/');
1485 if (Ulstat(filename, &statbuf) != 0)
1487 *error = string_sprintf("failed to stat %s (component of included "
1495 if ((statbuf.st_mode & S_IFMT) == S_IFLNK)
1497 *error = string_sprintf("included file %s in the %s directory "
1498 "involves a symbolic link", filename, directory);
1505 #ifdef EXIM_HAVE_OPENAT
1508 /* Open and stat the file */
1509 f = Ufopen(filename, "rb");
1513 *error = string_open_failed("included file %s", filename);
1514 return FF_INCLUDEFAIL;
1517 if (fstat(fileno(f), &statbuf) != 0)
1519 *error = string_sprintf("failed to stat included file %s: %s",
1520 filename, strerror(errno));
1522 return FF_INCLUDEFAIL;
1525 /* If directory was checked, double check that we opened a regular file */
1527 if (directory && (statbuf.st_mode & S_IFMT) != S_IFREG)
1529 *error = string_sprintf("included file %s is not a regular file in "
1530 "the %s directory", filename, directory);
1534 /* Get a buffer and read the contents */
1536 if (statbuf.st_size > MAX_INCLUDE_SIZE)
1538 *error = string_sprintf("included file %s is too big (max %d)",
1539 filename, MAX_INCLUDE_SIZE);
1543 filebuf = store_get(statbuf.st_size + 1, is_tainted(filename));
1544 if (fread(filebuf, 1, statbuf.st_size, f) != statbuf.st_size)
1546 *error = string_sprintf("error while reading included file %s: %s",
1547 filename, strerror(errno));
1551 filebuf[statbuf.st_size] = 0;
1555 frc = parse_forward_list(filebuf, options, &addr,
1556 error, incoming_domain, directory, syntax_errors);
1557 if (frc != FF_DELIVERED && frc != FF_NOTDELIVERED) return frc;
1561 for (last = addr; last->next; last = last->next) count++;
1562 last->next = *anchor;
1568 /* Else (not :include:) ensure address is syntactically correct and fully
1569 qualified if not a pipe or a file, removing a leading \ if present on an
1570 unqualified address. For pipes and files we must handle quoting. It's
1571 not quite clear exactly what to do for partially quoted things, but the
1572 common case of having the whole thing in quotes is straightforward. If this
1573 was the case, inquote will have been set TRUE above and the quotes removed.
1575 There is a possible ambiguity over addresses whose local parts start with
1576 a vertical bar or a slash, and the latter do in fact occur, thanks to X.400.
1577 Consider a .forward file that contains the line
1579 /X=xxx/Y=xxx/OU=xxx/@some.gate.way
1581 Is this a file or an X.400 address? Does it make any difference if it is in
1582 quotes? On the grounds that file names of this type are rare, Exim treats
1583 something that parses as an RFC 822 address and has a domain as an address
1584 rather than a file or a pipe. This is also how an address such as the above
1585 would be treated if it came in from outside. */
1589 int start, end, domain;
1590 const uschar *recipient = NULL;
1591 uschar * s_ltd = string_copyn(s, len);
1593 /* If it starts with \ and the rest of it parses as a valid mail address
1594 without a domain, carry on with that address, but qualify it with the
1595 incoming domain. Otherwise arrange for the address to fall through,
1596 causing an error message on the re-parse. */
1601 parse_extract_address(s_ltd+1, error, &start, &end, &domain, FALSE);
1603 recipient = domain != 0 ? NULL :
1604 string_sprintf("%s@%s", recipient, incoming_domain);
1607 /* Try parsing the item as an address. */
1609 if (!recipient) recipient =
1610 parse_extract_address(s_ltd, error, &start, &end, &domain, FALSE);
1612 /* If item starts with / or | and is not a valid address, or there
1613 is no domain, treat it as a file or pipe. If it was a quoted item,
1614 remove the quoting occurrences of \ within it. */
1616 if ((*s_ltd == '|' || *s_ltd == '/') && (recipient == NULL || domain == 0))
1618 uschar *t = store_get(Ustrlen(s_ltd) + 1, is_tainted(s_ltd));
1625 *p++ = (*q == '\\')? *(++q) : *q;
1631 addr = deliver_make_addr(t, TRUE);
1632 setflag(addr, af_pfr); /* indicates pipe/file/reply */
1633 if (*s_ltd != '|') setflag(addr, af_file); /* indicates file */
1636 /* Item must be an address. Complain if not, else qualify, rewrite and set
1637 up the control block. It appears that people are in the habit of using
1638 empty addresses but with comments as a way of putting comments into
1639 alias and forward files. Therefore, ignore the error "empty address".
1640 Mailing lists might want to tolerate syntax errors; there is therefore
1641 an option to do so. */
1647 if (Ustrcmp(*error, "empty address") == 0)
1656 error_block *e = store_get(sizeof(error_block), FALSE);
1657 error_block *last = *syntax_errors;
1658 if (!last) *syntax_errors = e; else
1660 while (last->next) last = last->next;
1671 *error = string_sprintf("%s in \"%s\"", *error, s_ltd);
1676 /* Address was successfully parsed. Rewrite, and then make an address
1679 recipient = ((options & RDO_REWRITE) != 0)?
1680 rewrite_address(recipient, TRUE, FALSE, global_rewrite_rules,
1681 rewrite_existflags) :
1682 rewrite_address_qualify(recipient, TRUE); /*XXX loses track of const */
1683 addr = deliver_make_addr(US recipient, TRUE); /* TRUE => copy recipient, so deconst ok */
1686 /* Add the original data to the output chain. */
1688 addr->next = *anchor;
1693 /* Advance pointer for the next address */
1700 /*************************************************
1701 * Extract a Message-ID *
1702 *************************************************/
1704 /* This function is used to extract message ids from In-Reply-To: and
1705 References: header lines.
1708 str pointer to the start of the message-id
1709 yield put pointer to the message id (in dynamic memory) here
1710 error put error message here on failure
1712 Returns: points after the processed message-id or NULL on error
1716 parse_message_id(const uschar *str, uschar **yield, uschar **error)
1718 uschar *domain = NULL;
1722 str = skip_comment(str);
1725 *error = US"Missing '<' before message-id";
1729 /* Getting a block the size of the input string will definitely be sufficient
1730 for the answer, but it may also be very long if we are processing a header
1731 line. Therefore, take care to release unwanted store afterwards. */
1733 reset_point = store_mark();
1734 id = *yield = store_get(Ustrlen(str) + 1, is_tainted(str));
1737 str = read_addr_spec(str, id, '>', error, &domain);
1741 if (*str != '>') *error = US"Missing '>' after message-id";
1742 else if (domain == NULL) *error = US"domain missing in message-id";
1747 store_reset(reset_point);
1754 store_release_above(id);
1756 return skip_comment(str);
1760 /*************************************************
1761 * Parse a fixed digit number *
1762 *************************************************/
1764 /* Parse a string containing an ASCII encoded fixed digits number
1767 str pointer to the start of the ASCII encoded number
1768 n pointer to the resulting value
1769 digits number of required digits
1771 Returns: points after the processed date or NULL on error
1774 static const uschar *
1775 parse_number(const uschar *str, int *n, int digits)
1780 if (*str<'0' || *str>'9') return NULL;
1781 *n=10*(*n)+(*str++-'0');
1787 /*************************************************
1788 * Parse a RFC 2822 day of week *
1789 *************************************************/
1791 /* Parse the day of the week from a RFC 2822 date, but do not
1792 decode it, because it is only for humans.
1795 str pointer to the start of the day of the week
1797 Returns: points after the parsed day or NULL on error
1800 static const uschar *
1801 parse_day_of_week(const uschar * str)
1804 day-of-week = ([FWS] day-name) / obs-day-of-week
1806 day-name = "Mon" / "Tue" / "Wed" / "Thu" /
1807 "Fri" / "Sat" / "Sun"
1809 obs-day-of-week = [CFWS] day-name [CFWS]
1812 static const uschar *day_name[7]={ US"mon", US"tue", US"wed", US"thu", US"fri", US"sat", US"sun" };
1816 str = skip_comment(str);
1817 for (i = 0; i < 3; ++i)
1819 if ((day[i] = tolower(*str)) == '\0') return NULL;
1823 for (i = 0; i<7; ++i) if (Ustrcmp(day,day_name[i]) == 0) break;
1824 if (i == 7) return NULL;
1825 return skip_comment(str);
1829 /*************************************************
1830 * Parse a RFC 2822 date *
1831 *************************************************/
1833 /* Parse the date part of a RFC 2822 date-time, extracting the
1834 day, month and year.
1837 str pointer to the start of the date
1838 d pointer to the resulting day
1839 m pointer to the resulting month
1840 y pointer to the resulting year
1842 Returns: points after the processed date or NULL on error
1845 static const uschar *
1846 parse_date(const uschar *str, int *d, int *m, int *y)
1849 date = day month year
1851 year = 4*DIGIT / obs-year
1853 obs-year = [CFWS] 2*DIGIT [CFWS]
1855 month = (FWS month-name FWS) / obs-month
1857 month-name = "Jan" / "Feb" / "Mar" / "Apr" /
1858 "May" / "Jun" / "Jul" / "Aug" /
1859 "Sep" / "Oct" / "Nov" / "Dec"
1861 obs-month = CFWS month-name CFWS
1863 day = ([FWS] 1*2DIGIT) / obs-day
1865 obs-day = [CFWS] 1*2DIGIT [CFWS]
1868 const uschar * s, * n;
1869 static const uschar *month_name[]={ US"jan", US"feb", US"mar", US"apr", US"may", US"jun", US"jul", US"aug", US"sep", US"oct", US"nov", US"dec" };
1873 str = skip_comment(str);
1874 if ((str = parse_number(str,d,1)) == NULL) return NULL;
1876 if (*str>='0' && *str<='9') *d = 10*(*d)+(*str++-'0');
1877 s = skip_comment(str);
1878 if (s == str) return NULL;
1881 for (i = 0; i<3; ++i) if ((month[i]=tolower(*(str+i))) == '\0') return NULL;
1883 for (i = 0; i<12; ++i) if (Ustrcmp(month,month_name[i]) == 0) break;
1884 if (i == 12) return NULL;
1887 s = skip_comment(str);
1888 if (s == str) return NULL;
1891 if ((n = parse_number(str,y,4)))
1894 if (*y<1900) return NULL;
1897 else if ((n = parse_number(str,y,2)))
1899 str = skip_comment(n);
1900 while (*(str-1) == ' ' || *(str-1) == '\t') --str; /* match last FWS later */
1908 /*************************************************
1909 * Parse a RFC 2822 Time *
1910 *************************************************/
1912 /* Parse the time part of a RFC 2822 date-time, extracting the
1913 hour, minute, second and timezone.
1916 str pointer to the start of the time
1917 h pointer to the resulting hour
1918 m pointer to the resulting minute
1919 s pointer to the resulting second
1920 z pointer to the resulting timezone (offset in seconds)
1922 Returns: points after the processed time or NULL on error
1925 static const uschar *
1926 parse_time(const uschar *str, int *h, int *m, int *s, int *z)
1929 time = time-of-day FWS zone
1931 time-of-day = hour ":" minute [ ":" second ]
1933 hour = 2DIGIT / obs-hour
1935 obs-hour = [CFWS] 2DIGIT [CFWS]
1937 minute = 2DIGIT / obs-minute
1939 obs-minute = [CFWS] 2DIGIT [CFWS]
1941 second = 2DIGIT / obs-second
1943 obs-second = [CFWS] 2DIGIT [CFWS]
1945 zone = (( "+" / "-" ) 4DIGIT) / obs-zone
1947 obs-zone = "UT" / "GMT" / ; Universal Time
1950 "EST" / "EDT" / ; Eastern: - 5/ - 4
1951 "CST" / "CDT" / ; Central: - 6/ - 5
1952 "MST" / "MDT" / ; Mountain: - 7/ - 6
1953 "PST" / "PDT" / ; Pacific: - 8/ - 7
1955 %d65-73 / ; Military zones - "A"
1956 %d75-90 / ; through "I" and "K"
1957 %d97-105 / ; through "Z", both
1958 %d107-122 ; upper and lower case
1963 str = skip_comment(str);
1964 if ((str = parse_number(str,h,2)) == NULL) return NULL;
1965 str = skip_comment(str);
1966 if (*str!=':') return NULL;
1968 str = skip_comment(str);
1969 if ((str = parse_number(str,m,2)) == NULL) return NULL;
1970 c = skip_comment(str);
1974 str = skip_comment(str);
1975 if ((str = parse_number(str,s,2)) == NULL) return NULL;
1976 c = skip_comment(str);
1978 if (c == str) return NULL;
1980 if (*str == '+' || *str == '-')
1984 neg = (*str == '-');
1986 if ((str = parse_number(str,z,4)) == NULL) return NULL;
1987 *z = (*z/100)*3600+(*z%100)*60;
1993 struct { const char *name; int off; } zone_name[10] =
1994 { {"gmt",0}, {"ut",0}, {"est",-5}, {"edt",-4}, {"cst",-6}, {"cdt",-5}, {"mst",-7}, {"mdt",-6}, {"pst",-8}, {"pdt",-7}};
1997 for (i = 0; i<4; ++i)
1999 zone[i] = tolower(*(str+i));
2000 if (zone[i]<'a' || zone[i]>'z') break;
2003 for (j = 0; j<10 && strcmp(zone,zone_name[j].name); ++j);
2004 /* Besides zones named in the grammar, RFC 2822 says other alphabetic */
2005 /* time zones should be treated as unknown offsets. */
2008 *z = zone_name[j].off*3600;
2011 else if (zone[0]<'a' || zone[1]>'z') return 0;
2014 while ((*str>='a' && *str<='z') || (*str>='A' && *str<='Z')) ++str;
2022 /*************************************************
2023 * Parse a RFC 2822 date-time *
2024 *************************************************/
2026 /* Parse a RFC 2822 date-time and return it in seconds since the epoch.
2029 str pointer to the start of the date-time
2030 t pointer to the parsed time
2032 Returns: points after the processed date-time or NULL on error
2036 parse_date_time(const uschar *str, time_t *t)
2039 date-time = [ day-of-week "," ] date FWS time [CFWS]
2044 extern char **environ;
2046 static char gmt0[]="TZ=GMT0";
2047 static char *gmt_env[]={ gmt0, (char*)0 };
2050 if ((try = parse_day_of_week(str)))
2053 if (*str!=',') return 0;
2056 if ((str = parse_date(str,&tm.tm_mday,&tm.tm_mon,&tm.tm_year)) == NULL) return NULL;
2057 if (*str!=' ' && *str!='\t') return NULL;
2058 while (*str == ' ' || *str == '\t') ++str;
2059 if ((str = parse_time(str,&tm.tm_hour,&tm.tm_min,&tm.tm_sec,&zone)) == NULL) return NULL;
2061 old_environ = environ;
2064 environ = old_environ;
2065 if (*t == -1) return NULL;
2067 return skip_comment(str);
2073 /*************************************************
2074 **************************************************
2075 * Stand-alone test program *
2076 **************************************************
2077 *************************************************/
2079 #if defined STAND_ALONE
2082 int start, end, domain;
2083 uschar buffer[1024];
2086 big_buffer = store_malloc(big_buffer_size);
2088 /* strip_trailing_dot = TRUE; */
2089 allow_domain_literals = TRUE;
2091 printf("Testing parse_fix_phrase\n");
2093 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2095 buffer[Ustrlen(buffer)-1] = 0;
2096 if (buffer[0] == 0) break;
2097 printf("%s\n", CS parse_fix_phrase(buffer, Ustrlen(buffer)));
2100 printf("Testing parse_extract_address without group syntax and without UTF-8\n");
2102 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2106 buffer[Ustrlen(buffer) - 1] = 0;
2107 if (buffer[0] == 0) break;
2108 out = parse_extract_address(buffer, &errmess, &start, &end, &domain, FALSE);
2110 printf("*** bad address: %s\n", errmess);
2113 uschar extract[1024];
2114 Ustrncpy(extract, buffer+start, end-start);
2115 extract[end-start] = 0;
2116 printf("%s %d %d %d \"%s\"\n", out, start, end, domain, extract);
2120 printf("Testing parse_extract_address without group syntax but with UTF-8\n");
2122 allow_utf8_domains = TRUE;
2123 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2127 buffer[Ustrlen(buffer) - 1] = 0;
2128 if (buffer[0] == 0) break;
2129 out = parse_extract_address(buffer, &errmess, &start, &end, &domain, FALSE);
2131 printf("*** bad address: %s\n", errmess);
2134 uschar extract[1024];
2135 Ustrncpy(extract, buffer+start, end-start);
2136 extract[end-start] = 0;
2137 printf("%s %d %d %d \"%s\"\n", out, start, end, domain, extract);
2140 allow_utf8_domains = FALSE;
2142 printf("Testing parse_extract_address with group syntax\n");
2144 f.parse_allow_group = TRUE;
2145 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2150 buffer[Ustrlen(buffer) - 1] = 0;
2151 if (buffer[0] == 0) break;
2155 uschar *ss = parse_find_address_end(s, FALSE);
2156 int terminator = *ss;
2158 out = parse_extract_address(buffer, &errmess, &start, &end, &domain, FALSE);
2162 printf("*** bad address: %s\n", errmess);
2165 uschar extract[1024];
2166 Ustrncpy(extract, buffer+start, end-start);
2167 extract[end-start] = 0;
2168 printf("%s %d %d %d \"%s\"\n", out, start, end, domain, extract);
2171 s = ss + (terminator? 1:0);
2172 Uskip_whitespace(&s);
2176 printf("Testing parse_find_at\n");
2178 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2181 buffer[Ustrlen(buffer)-1] = 0;
2182 if (buffer[0] == 0) break;
2183 s = parse_find_at(buffer);
2184 if (s == NULL) printf("no @ found\n");
2185 else printf("offset = %d\n", s - buffer);
2188 printf("Testing parse_extract_addresses\n");
2190 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2194 address_item *anchor = NULL;
2195 buffer[Ustrlen(buffer) - 1] = 0;
2196 if (buffer[0] == 0) break;
2197 if ((extracted = parse_forward_list(buffer, -1, &anchor,
2198 &errmess, US"incoming.domain", NULL, NULL)) == FF_DELIVERED)
2200 while (anchor != NULL)
2202 address_item *addr = anchor;
2203 anchor = anchor->next;
2204 printf("%d %s\n", testflag(addr, af_pfr), addr->address);
2207 else printf("Failed: %d %s\n", extracted, errmess);
2210 printf("Testing parse_message_id\n");
2212 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2214 uschar *s, *t, *errmess;
2215 buffer[Ustrlen(buffer) - 1] = 0;
2216 if (buffer[0] == 0) break;
2220 s = parse_message_id(s, &t, &errmess);
2221 if (errmess != NULL)
2223 printf("Failed: %s\n", errmess);
2235 /* End of parse.c */