git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Rename EXPERIMENTAL_SRS to EXPERIMENTAL_SRS_ALT
[exim.git]
/
src
/
src
/
verify.c
diff --git
a/src/src/verify.c
b/src/src/verify.c
index 4b584c05e6f6af45480adb97a69669056551a3a4..76f6c91673bd8cebc91f0466c208d3360a8e2c37 100644
(file)
--- a/
src/src/verify.c
+++ b/
src/src/verify.c
@@
-3,6
+3,7
@@
*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2018 */
*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
/* Functions concerned with verifying things. The original code for callout
/* See the file NOTICE for conditions of use and distribution. */
/* Functions concerned with verifying things. The original code for callout
@@
-2155,7
+2156,7
@@
for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++)
addr_list = addr->next;
fprintf(fp, "%s", CS addr->address);
addr_list = addr->next;
fprintf(fp, "%s", CS addr->address);
-#ifdef EXPERIMENTAL_SRS
+#ifdef EXPERIMENTAL_SRS
_ALT
if(addr->prop.srs_sender)
fprintf(fp, " [srs = %s]", addr->prop.srs_sender);
#endif
if(addr->prop.srs_sender)
fprintf(fp, " [srs = %s]", addr->prop.srs_sender);
#endif
@@
-2260,7
+2261,7
@@
for (header_line * h = header_list; h && yield == OK; h = h->next)
colon = Ustrchr(h->text, ':');
s = colon + 1;
colon = Ustrchr(h->text, ':');
s = colon + 1;
-
while (isspace(*s)) s++
;
+
Uskip_whitespace(&s)
;
/* Loop for multiple addresses in the header, enabling group syntax. Note
that we have to reset this after the header has been scanned. */
/* Loop for multiple addresses in the header, enabling group syntax. Note
that we have to reset this after the header has been scanned. */
@@
-2339,7
+2340,7
@@
for (header_line * h = header_list; h && yield == OK; h = h->next)
/* Advance to the next address */
s = ss + (terminator ? 1 : 0);
/* Advance to the next address */
s = ss + (terminator ? 1 : 0);
-
while (isspace(*s)) s++
;
+
Uskip_whitespace(&s)
;
} /* Next address */
f.parse_allow_group = FALSE;
} /* Next address */
f.parse_allow_group = FALSE;
@@
-2909,7
+2910,6
@@
provided that host name matching is permitted; if it's "@[]" match against the
local host's IP addresses. */
if (*ss == '@')
local host's IP addresses. */
if (*ss == '@')
- {
if (ss[1] == 0)
{
if (isiponly) return ERROR;
if (ss[1] == 0)
{
if (isiponly) return ERROR;
@@
-2921,7
+2921,6
@@
if (*ss == '@')
if (Ustrcmp(ip->address, cb->host_address) == 0) return OK;
return FAIL;
}
if (Ustrcmp(ip->address, cb->host_address) == 0) return OK;
return FAIL;
}
- }
/* If the pattern is an IP address, optionally followed by a bitmask count, do
a (possibly masked) comparison with the current IP address. */
/* If the pattern is an IP address, optionally followed by a bitmask count, do
a (possibly masked) comparison with the current IP address. */
@@
-2947,10
+2946,20
@@
if (*t == 0 || (*t == '/' && t != ss))
return ERROR;
}
return ERROR;
}
-/* See if there is a semicolon in the pattern */
+/* See if there is a semicolon in the pattern, separating a searchtype
+prefix. If there is one then check for comma-sep options. */
if ((semicolon = Ustrchr(ss, ';')))
if ((semicolon = Ustrchr(ss, ';')))
- endname = (opts = Ustrchr(ss, ',')) ? opts : semicolon;
+ if ((opts = Ustrchr(ss, ',')) && opts < semicolon)
+ {
+ endname = opts++;
+ opts = string_copyn(opts, semicolon - opts);
+ }
+ else
+ {
+ endname = semicolon;
+ opts = NULL;
+ }
/* If we are doing an IP address only match, then all lookups must be IP
address lookups, even if there is no "net-". */
/* If we are doing an IP address only match, then all lookups must be IP
address lookups, even if there is no "net-". */
@@
-3383,11
+3392,13
@@
dns_scan dnss;
tree_node *t;
dnsbl_cache_block *cb;
int old_pool = store_pool;
tree_node *t;
dnsbl_cache_block *cb;
int old_pool = store_pool;
-uschar query[256]; /* DNS domain max length */
+uschar * query;
+int qlen;
/* Construct the specific query domainname */
/* Construct the specific query domainname */
-if (!string_format(query, sizeof(query), "%s.%s", prepend, domain))
+query = string_sprintf("%s.%s", prepend, domain);
+if ((qlen = Ustrlen(query)) >= 256)
{
log_write(0, LOG_MAIN|LOG_PANIC, "dnslist query is too long "
"(ignored): %s...", query);
{
log_write(0, LOG_MAIN|LOG_PANIC, "dnslist query is too long "
"(ignored): %s...", query);
@@
-3422,7
+3433,7
@@
else
else
{ /* Set up a tree entry to cache the lookup */
else
{ /* Set up a tree entry to cache the lookup */
- t = store_get(sizeof(tree_node) +
Ustrlen(query)
, is_tainted(query));
+ t = store_get(sizeof(tree_node) +
qlen + 1 + 1
, is_tainted(query));
Ustrcpy(t->name, query);
t->data.ptr = cb = store_get(sizeof(dnsbl_cache_block), FALSE);
(void)tree_insertnode(&dnsbl_cache, t);
Ustrcpy(t->name, query);
t->data.ptr = cb = store_get(sizeof(dnsbl_cache_block), FALSE);
(void)tree_insertnode(&dnsbl_cache, t);
@@
-3529,7
+3540,6
@@
if (cb->rc == DNS_SUCCEED)
for (da = cb->rhs; da; da = da->next)
{
int ipsep = ',';
for (da = cb->rhs; da; da = da->next)
{
int ipsep = ',';
- uschar ip[46];
const uschar *ptr = iplist;
uschar *res;
const uschar *ptr = iplist;
uschar *res;
@@
-3537,8
+3547,8
@@
if (cb->rc == DNS_SUCCEED)
if (!bitmask)
{
if (!bitmask)
{
- while ((res = string_nextinlist(&ptr, &ipsep,
ip, sizeof(ip)
)))
- if (Ustrcmp(CS da->address,
ip
) == 0)
+ while ((res = string_nextinlist(&ptr, &ipsep,
NULL, 0
)))
+ if (Ustrcmp(CS da->address,
res
) == 0)
break;
}
break;
}
@@
-3560,9
+3570,9
@@
if (cb->rc == DNS_SUCCEED)
/* Scan the returned addresses, skipping any that are IPv6 */
/* Scan the returned addresses, skipping any that are IPv6 */
- while ((res = string_nextinlist(&ptr, &ipsep,
ip, sizeof(ip)
)))
+ while ((res = string_nextinlist(&ptr, &ipsep,
NULL, 0
)))
{
{
- if (host_aton(
ip
, address) != 1) continue;
+ if (host_aton(
res
, address) != 1) continue;
if ((address[0] & mask) == address[0]) break;
}
}
if ((address[0] & mask) == address[0]) break;
}
}
@@
-3732,7
+3742,6
@@
int sep = 0;
int defer_return = FAIL;
const uschar *list = *listptr;
uschar *domain;
int defer_return = FAIL;
const uschar *list = *listptr;
uschar *domain;
-uschar buffer[1024];
uschar revadd[128]; /* Long enough for IPv6 address */
/* Indicate that the inverted IP address is not yet set up */
uschar revadd[128]; /* Long enough for IPv6 address */
/* Indicate that the inverted IP address is not yet set up */
@@
-3745,7
+3754,7
@@
dns_init(FALSE, FALSE, FALSE); /*XXX dnssec? */
/* Loop through all the domains supplied, until something matches */
/* Loop through all the domains supplied, until something matches */
-while ((domain = string_nextinlist(&list, &sep,
buffer, sizeof(buffer)
)))
+while ((domain = string_nextinlist(&list, &sep,
NULL, 0
)))
{
int rc;
BOOL bitmask = FALSE;
{
int rc;
BOOL bitmask = FALSE;