*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
US"run",
US"sg",
US"sort",
-#ifdef EXPERIMENTAL_SRS_NATIVE
+#ifdef SUPPORT_SRS
US"srs_encode",
#endif
US"substr",
EITEM_RUN,
EITEM_SG,
EITEM_SORT,
-#ifdef EXPERIMENTAL_SRS_NATIVE
+#ifdef SUPPORT_SRS
EITEM_SRS_ENCODE,
#endif
EITEM_SUBSTR,
US"gei",
US"gt",
US"gti",
-#ifdef EXPERIMENTAL_SRS_NATIVE
+#ifdef SUPPORT_SRS
US"inbound_srs",
#endif
US"inlist",
ECOND_STR_GEI,
ECOND_STR_GT,
ECOND_STR_GTI,
-#ifdef EXPERIMENTAL_SRS_NATIVE
+#ifdef SUPPORT_SRS
ECOND_INBOUND_SRS,
#endif
ECOND_INLIST,
{ "local_part_prefix_v", vtype_stringptr, &deliver_localpart_prefix_v },
{ "local_part_suffix", vtype_stringptr, &deliver_localpart_suffix },
{ "local_part_suffix_v", vtype_stringptr, &deliver_localpart_suffix_v },
- { "local_part_verified", vtype_stringptr, &deliver_localpart_verified },
#ifdef HAVE_LOCAL_SCAN
{ "local_scan_data", vtype_stringptr, &local_scan_data },
#endif
{ "spool_directory", vtype_stringptr, &spool_directory },
{ "spool_inodes", vtype_pinodes, (void *)TRUE },
{ "spool_space", vtype_pspace, (void *)TRUE },
-#ifdef EXPERIMENTAL_SRS
+#ifdef EXPERIMENTAL_SRS_ALT
{ "srs_db_address", vtype_stringptr, &srs_db_address },
{ "srs_db_key", vtype_stringptr, &srs_db_key },
{ "srs_orig_recipient", vtype_stringptr, &srs_orig_recipient },
{ "srs_orig_sender", vtype_stringptr, &srs_orig_sender },
#endif
-#if defined(EXPERIMENTAL_SRS) || defined(EXPERIMENTAL_SRS_NATIVE)
+#if defined(EXPERIMENTAL_SRS_ALT) || defined(SUPPORT_SRS)
{ "srs_recipient", vtype_stringptr, &srs_recipient },
#endif
-#ifdef EXPERIMENTAL_SRS
+#ifdef EXPERIMENTAL_SRS_ALT
{ "srs_status", vtype_stringptr, &srs_status },
#endif
{ "thisaddress", vtype_stringptr, &filter_thisaddress },
{ "tls_in_ourcert", vtype_cert, &tls_in.ourcert },
{ "tls_in_peercert", vtype_cert, &tls_in.peercert },
{ "tls_in_peerdn", vtype_stringptr, &tls_in.peerdn },
-#ifdef EXPERIMENTAL_TLS_RESUME
+#ifndef DISABLE_TLS_RESUME
{ "tls_in_resumption", vtype_int, &tls_in.resumption },
#endif
#ifndef DISABLE_TLS
{ "tls_out_ourcert", vtype_cert, &tls_out.ourcert },
{ "tls_out_peercert", vtype_cert, &tls_out.peercert },
{ "tls_out_peerdn", vtype_stringptr, &tls_out.peerdn },
-#ifdef EXPERIMENTAL_TLS_RESUME
+#ifndef DISABLE_TLS_RESUME
{ "tls_out_resumption", vtype_int, &tls_out.resumption },
#endif
#ifndef DISABLE_TLS
a pointer to the subfield's data
*/
-static uschar *
-expand_getkeyed(uschar * key, const uschar * s)
+uschar *
+expand_getkeyed(const uschar * key, const uschar * s)
{
int length = Ustrlen(key);
Uskip_whitespace(&s);
{
const uschar * tlist = list;
int sep = 0;
-uschar dummy;
+/* Tainted mem for the throwaway element copies */
+uschar * dummy = store_get(2, TRUE);
if (field < 0)
{
- for (field++; string_nextinlist(&tlist, &sep, &dummy, 1); ) field++;
+ for (field++; string_nextinlist(&tlist, &sep, dummy, 1); ) field++;
sep = 0;
}
if (field == 0) return NULL;
-while (--field > 0 && (string_nextinlist(&list, &sep, &dummy, 1))) ;
+while (--field > 0 && (string_nextinlist(&list, &sep, dummy, 1))) ;
return string_nextinlist(&list, &sep, NULL, 0);
}
if (sender_host_name)
g = string_append(g, 3, US";\n\tiprev=pass (", sender_host_name, US")");
else if (host_lookup_deferred)
- g = string_catn(g, US";\n\tiprev=temperror", 19);
+ g = string_cat(g, US";\n\tiprev=temperror");
else if (host_lookup_failed)
- g = string_catn(g, US";\n\tiprev=fail", 13);
+ g = string_cat(g, US";\n\tiprev=fail");
else
return g;
ss = (uschar **)(val);
if (!*ss && deliver_datafile >= 0) /* Read body when needed */
{
- uschar *body;
+ uschar * body;
off_t start_offset = SPOOL_DATA_START_OFFSET;
int len = message_body_visible;
+
if (len > message_size) len = message_size;
- *ss = body = store_malloc(len+1);
+ *ss = body = store_get(len+1, TRUE);
body[0] = 0;
if (vp->type == vtype_msgbody_end)
{
if (lseek(deliver_datafile, start_offset, SEEK_SET) < 0)
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "deliver_datafile lseek: %s",
strerror(errno));
- len = read(deliver_datafile, body, len);
- if (len > 0)
+ if ((len = read(deliver_datafile, body, len)) > 0)
{
body[len] = 0;
if (message_body_newlines) /* Separate loops for efficiency */
case vtype_string_func:
{
stringptr_fn_t * fn = (stringptr_fn_t *) val;
- return fn();
+ uschar* s = fn();
+ return s ? s : US"";
}
case vtype_pspace:
+#ifdef SUPPORT_SRS
/* Do an hmac_md5. The result is _not_ nul-terminated, and is sized as
the smaller of a full hmac_md5 result (16 bytes) or the supplied output buffer.
}
return;
}
+#endif /*SUPPORT_SRS*/
/*************************************************
return s;
}
-#ifdef EXPERIMENTAL_SRS_NATIVE
+#ifdef SUPPORT_SRS
case ECOND_INBOUND_SRS:
/* ${if inbound_srs {local_part}{secret} {yes}{no}} */
{
uschar * sub[2];
const pcre * re;
int ovec[3*(4+1)];
- int n;
+ int n, quoting = 0;
uschar cksum[4];
BOOL boolvalue = FALSE;
goto srs_result;
}
- /* Side-effect: record the decoded recipient */
+ if (sub[0][0] == '"')
+ quoting = 1;
+ else for (uschar * s = sub[0]; *s; s++)
+ if (!isalnum(*s) && Ustrchr(".!#$%&'*+-/=?^_`{|}~", *s) == NULL)
+ { quoting = 1; break; }
+ if (quoting)
+ DEBUG(D_expand) debug_printf_indent("auto-quoting local part\n");
+
+ /* Record the (quoted, if needed) decoded recipient as $srs_recipient */
- srs_recipient = string_sprintf("%.*S@%.*S", /* lowercased */
+ srs_recipient = string_sprintf("%.*s%.*S%.*s@%.*S", /* lowercased */
+ quoting, "\"",
ovec[9]-ovec[8], sub[0] + ovec[8], /* substring 4 */
+ quoting, "\"",
ovec[7]-ovec[6], sub[0] + ovec[6]); /* substring 3 */
/* If a zero-length secret was given, we're done. Otherwise carry on
if (yield) *yield = (boolvalue == testfor);
return s;
}
-#endif /*EXPERIMENTAL_SRS_NATIVE*/
+#endif /*SUPPORT_SRS*/
/* Unknown condition */
}
+/* Expand a named list. Return false on failure. */
+static gstring *
+expand_listnamed(gstring * yield, const uschar * name, const uschar * listtype)
+{
+tree_node *t = NULL;
+const uschar * list;
+int sep = 0;
+uschar * item;
+uschar * suffix = US"";
+BOOL needsep = FALSE;
+#define LISTNAMED_BUF_SIZE 256
+uschar b[LISTNAMED_BUF_SIZE];
+uschar * buffer = b;
+
+if (*name == '+') name++;
+if (!listtype) /* no-argument version */
+ {
+ if ( !(t = tree_search(addresslist_anchor, name))
+ && !(t = tree_search(domainlist_anchor, name))
+ && !(t = tree_search(hostlist_anchor, name)))
+ t = tree_search(localpartlist_anchor, name);
+ }
+else switch(*listtype) /* specific list-type version */
+ {
+ case 'a': t = tree_search(addresslist_anchor, name); suffix = US"_a"; break;
+ case 'd': t = tree_search(domainlist_anchor, name); suffix = US"_d"; break;
+ case 'h': t = tree_search(hostlist_anchor, name); suffix = US"_h"; break;
+ case 'l': t = tree_search(localpartlist_anchor, name); suffix = US"_l"; break;
+ default:
+ expand_string_message = US"bad suffix on \"list\" operator";
+ return yield;
+ }
+
+if(!t)
+ {
+ expand_string_message = string_sprintf("\"%s\" is not a %snamed list",
+ name, !listtype?""
+ : *listtype=='a'?"address "
+ : *listtype=='d'?"domain "
+ : *listtype=='h'?"host "
+ : *listtype=='l'?"localpart "
+ : 0);
+ return yield;
+ }
+
+list = ((namedlist_block *)(t->data.ptr))->string;
+
+/* The list could be quite long so we (re)use a buffer for each element
+rather than getting each in new memory */
+
+if (is_tainted(list)) buffer = store_get(LISTNAMED_BUF_SIZE, TRUE);
+while ((item = string_nextinlist(&list, &sep, buffer, LISTNAMED_BUF_SIZE)))
+ {
+ uschar * buf = US" : ";
+ if (needsep)
+ yield = string_catn(yield, buf, 3);
+ else
+ needsep = TRUE;
+
+ if (*item == '+') /* list item is itself a named list */
+ {
+ yield = expand_listnamed(yield, item, listtype);
+ if (expand_string_message)
+ return yield;
+ }
+
+ else if (sep != ':') /* item from non-colon-sep list, re-quote for colon list-separator */
+ {
+ char tok[3];
+ tok[0] = sep; tok[1] = ':'; tok[2] = 0;
+
+ for(char * cp; cp = strpbrk(CCS item, tok); item = US cp)
+ {
+ yield = string_catn(yield, item, cp - CS item);
+ if (*cp++ == ':') /* colon in a non-colon-sep list item, needs doubling */
+ yield = string_catn(yield, US"::", 2);
+ else /* sep in item; should already be doubled; emit once */
+ {
+ yield = string_catn(yield, US tok, 1);
+ if (*cp == sep) cp++;
+ }
+ }
+ yield = string_cat(yield, item);
+ }
+ else
+ yield = string_cat(yield, item);
+ }
+return yield;
+}
+
+
+
/*************************************************
* Expand string *
*************************************************/
goto EXPAND_FAILED;
}
-while (*s != 0)
+while (*s)
{
uschar *value;
uschar name[256];
int save_expand_nmax =
save_expand_strings(save_expand_nstring, save_expand_nlength);
- if ((expand_forbid & RDO_LOOKUP) != 0)
+ if (expand_forbid & RDO_LOOKUP)
{
expand_string_message = US"lookup expansions are not permitted";
goto EXPAND_FAILED;
file types, the query (i.e. "key") starts with a file name. */
if (!key)
- {
- Uskip_whitespace(&filename);
- key = filename;
-
- if (mac_islookup(stype, lookup_querystyle))
- filename = NULL;
- else
- if (*filename == '/')
- {
- while (*key && !isspace(*key)) key++;
- if (*key) *key++ = '\0';
- }
- else
- filename = NULL;
- }
+ key = search_args(stype, name, filename, &filename, opts);
/* If skipping, don't do the next bit - just lookup_value == NULL, as if
the entry was not found. Note that there is no search_close() function.
{
expand_string_message =
string_sprintf("lookup of \"%s\" gave DEFER: %s",
- string_printing2(key, FALSE), search_error_message);
+ string_printing2(key, SP_TAB), search_error_message);
goto EXPAND_FAILED;
}
if (expand_setup > 0) expand_nmax = expand_setup;
if (!(f = Ufopen(sub_arg[0], "rb")))
{
- expand_string_message = string_open_failed(errno, "%s", sub_arg[0]);
+ expand_string_message = string_open_failed("%s", sub_arg[0]);
goto EXPAND_FAILED;
}
case EITEM_READSOCK:
{
- client_conn_ctx cctx;
- int timeout = 5;
- int save_ptr = gstring_length(yield);
- FILE * fp = NULL;
uschar * arg;
uschar * sub_arg[4];
- uschar * server_name = NULL;
- host_item host;
- BOOL do_shutdown = TRUE;
- BOOL do_tls = FALSE; /* Only set under ! DISABLE_TLS */
if (expand_forbid & RDO_READSOCK)
{
while ((item = string_nextinlist(&list, &sep, NULL, 0)))
g = string_append_listele(g, ',', item);
- /* possibly plus an EOL string */
+ /* possibly plus an EOL string. Process with escapes, to protect
+ from list-processing. The only current user of eol= in search
+ options is the readsock expansion. */
+
if (sub_arg[3] && *sub_arg[3])
g = string_append_listele(g, ',',
- string_sprintf("eol=%s", sub_arg[3]));
-
+ string_sprintf("eol=%s",
+ string_printing2(sub_arg[3], SP_TAB|SP_SPACE)));
}
/* Gat a (possibly cached) handle for the connection */
case 2:
case 3: goto EXPAND_FAILED;
}
- for (uschar sep = *sub[0], c; c = *sub[1]; sub[1]++)
+ if (*sub[1]) for (uschar sep = *sub[0], c; c = *sub[1]; sub[1]++)
{
if (c == sep) yield = string_catn(yield, sub[1], 1);
yield = string_catn(yield, sub[1], 1);
}
+ else yield = string_catn(yield, US" ", 1);
continue;
}
continue;
}
-#ifdef EXPERIMENTAL_SRS_NATIVE
+#ifdef SUPPORT_SRS
case EITEM_SRS_ENCODE:
/* ${srs_encode {secret} {return_path} {orig_domain}} */
{
uschar * sub[3];
uschar cksum[4];
+ gstring * g = NULL;
+ BOOL quoted = FALSE;
switch (read_subs(sub, 3, 3, CUSS &s, skipping, TRUE, name, &resetok))
{
case 3: goto EXPAND_FAILED;
}
- yield = string_catn(yield, US"SRS0=", 5);
+ g = string_catn(g, US"SRS0=", 5);
/* ${l_4:${hmac{md5}{SRS_SECRET}{${lc:$return_path}}}}= */
hmac_md5(sub[0], string_copylc(sub[1]), cksum, sizeof(cksum));
- yield = string_catn(yield, cksum, sizeof(cksum));
- yield = string_catn(yield, US"=", 1);
+ g = string_catn(g, cksum, sizeof(cksum));
+ g = string_catn(g, US"=", 1);
/* ${base32:${eval:$tod_epoch/86400&0x3ff}}= */
{
struct timeval now;
unsigned long i;
- gstring * g = NULL;
+ gstring * h = NULL;
gettimeofday(&now, NULL);
for (unsigned long i = (now.tv_sec / 86400) & 0x3ff; i; i >>= 5)
- g = string_catn(g, &base32_chars[i & 0x1f], 1);
- if (g) while (g->ptr > 0)
- yield = string_catn(yield, &g->s[--g->ptr], 1);
+ h = string_catn(h, &base32_chars[i & 0x1f], 1);
+ if (h) while (h->ptr > 0)
+ g = string_catn(g, &h->s[--h->ptr], 1);
}
- yield = string_catn(yield, US"=", 1);
+ g = string_catn(g, US"=", 1);
/* ${domain:$return_path}=${local_part:$return_path} */
{
int start, end, domain;
uschar * t = parse_extract_address(sub[1], &expand_string_message,
&start, &end, &domain, FALSE);
+ uschar * s;
+
if (!t)
goto EXPAND_FAILED;
- if (domain > 0) yield = string_cat(yield, t + domain);
- yield = string_catn(yield, US"=", 1);
- yield = domain > 0
- ? string_catn(yield, t, domain - 1) : string_cat(yield, t);
+ if (domain > 0) g = string_cat(g, t + domain);
+ g = string_catn(g, US"=", 1);
+
+ s = domain > 0 ? string_copyn(t, domain - 1) : t;
+ if ((quoted = Ustrchr(s, '"') != NULL))
+ {
+ gstring * h = NULL;
+ DEBUG(D_expand) debug_printf_indent("auto-quoting local part\n");
+ while (*s) /* de-quote */
+ {
+ while (*s && *s != '"') h = string_catn(h, s++, 1);
+ if (*s) s++;
+ while (*s && *s != '"') h = string_catn(h, s++, 1);
+ if (*s) s++;
+ }
+ gstring_release_unused(h);
+ s = string_from_gstring(h);
+ }
+ g = string_cat(g, s);
}
+ /* Assume that if the original local_part had quotes
+ it was for good reason */
+
+ if (quoted) yield = string_catn(yield, US"\"", 1);
+ yield = string_catn(yield, g->s, g->ptr);
+ if (quoted) yield = string_catn(yield, US"\"", 1);
+
/* @$original_domain */
yield = string_catn(yield, US"@", 1);
yield = string_cat(yield, sub[2]);
continue;
}
-#endif /*EXPERIMENTAL_SRS_NATIVE*/
+#endif /*SUPPORT_SRS*/
} /* EITEM_* switch */
/* Control reaches here if the name is not recognized as one of the more
case EOP_LISTCOUNT:
{
- int cnt = 0;
- int sep = 0;
- uschar buffer[256];
+ int cnt = 0, sep = 0;
+ uschar * buf = store_get(2, is_tainted(sub));
- while (string_nextinlist(CUSS &sub, &sep, buffer, sizeof(buffer))) cnt++;
+ while (string_nextinlist(CUSS &sub, &sep, buf, 1)) cnt++;
yield = string_fmt_append(yield, "%d", cnt);
continue;
}
/* handles nested named lists; requotes as colon-sep list */
case EOP_LISTNAMED:
- {
- tree_node *t = NULL;
- const uschar * list;
- int sep = 0;
- uschar * item;
- uschar * suffix = US"";
- BOOL needsep = FALSE;
- uschar buffer[256];
-
- if (*sub == '+') sub++;
- if (!arg) /* no-argument version */
- {
- if (!(t = tree_search(addresslist_anchor, sub)) &&
- !(t = tree_search(domainlist_anchor, sub)) &&
- !(t = tree_search(hostlist_anchor, sub)))
- t = tree_search(localpartlist_anchor, sub);
- }
- else switch(*arg) /* specific list-type version */
- {
- case 'a': t = tree_search(addresslist_anchor, sub); suffix = US"_a"; break;
- case 'd': t = tree_search(domainlist_anchor, sub); suffix = US"_d"; break;
- case 'h': t = tree_search(hostlist_anchor, sub); suffix = US"_h"; break;
- case 'l': t = tree_search(localpartlist_anchor, sub); suffix = US"_l"; break;
- default:
- expand_string_message = US"bad suffix on \"list\" operator";
- goto EXPAND_FAILED;
- }
-
- if(!t)
- {
- expand_string_message = string_sprintf("\"%s\" is not a %snamed list",
- sub, !arg?""
- : *arg=='a'?"address "
- : *arg=='d'?"domain "
- : *arg=='h'?"host "
- : *arg=='l'?"localpart "
- : 0);
+ expand_string_message = NULL;
+ yield = expand_listnamed(yield, sub, arg);
+ if (expand_string_message)
goto EXPAND_FAILED;
- }
-
- list = ((namedlist_block *)(t->data.ptr))->string;
-
- while ((item = string_nextinlist(&list, &sep, buffer, sizeof(buffer))))
- {
- uschar * buf = US" : ";
- if (needsep)
- yield = string_catn(yield, buf, 3);
- else
- needsep = TRUE;
-
- if (*item == '+') /* list item is itself a named list */
- {
- uschar * sub = string_sprintf("${listnamed%s:%s}", suffix, item);
- item = expand_string_internal(sub, FALSE, NULL, FALSE, TRUE, &resetok);
- }
- else if (sep != ':') /* item from non-colon-sep list, re-quote for colon list-separator */
- {
- char * cp;
- char tok[3];
- tok[0] = sep; tok[1] = ':'; tok[2] = 0;
- while ((cp= strpbrk(CCS item, tok)))
- {
- yield = string_catn(yield, item, cp - CS item);
- if (*cp++ == ':') /* colon in a non-colon-sep list item, needs doubling */
- {
- yield = string_catn(yield, US"::", 2);
- item = US cp;
- }
- else /* sep in item; should already be doubled; emit once */
- {
- yield = string_catn(yield, US tok, 1);
- if (*cp == sep) cp++;
- item = US cp;
- }
- }
- }
- yield = string_cat(yield, item);
- }
continue;
- }
/* quote a list-item for the given list-separator */
uschar *t = sub - 1;
if (c == EOP_QUOTE)
- {
- while (!needs_quote && *(++t) != 0)
+ while (!needs_quote && *++t)
needs_quote = !isalnum(*t) && !strchr("_-.", *t);
- }
+
else /* EOP_QUOTE_LOCAL_PART */
- {
- while (!needs_quote && *(++t) != 0)
- needs_quote = !isalnum(*t) &&
- strchr("!#$%&'*+-/=?^_`{|}~", *t) == NULL &&
- (*t != '.' || t == sub || t[1] == 0);
- }
+ while (!needs_quote && *++t)
+ needs_quote = !isalnum(*t)
+ && strchr("!#$%&'*+-/=?^_`{|}~", *t) == NULL
+ && (*t != '.' || t == sub || !t[1]);
if (needs_quote)
{
yield = string_catn(yield, US"\"", 1);
t = sub - 1;
- while (*(++t) != 0)
- {
+ while (*++t)
if (*t == '\n')
yield = string_catn(yield, US"\\n", 2);
else if (*t == '\r')
yield = string_catn(yield, US"\\", 1);
yield = string_catn(yield, t, 1);
}
- }
yield = string_catn(yield, US"\"", 1);
}
- else yield = string_cat(yield, sub);
+ else
+ yield = string_cat(yield, sub);
continue;
}
prescribed by the RFC, if there are characters that need to be encoded */
case EOP_RFC2047:
- {
- uschar buffer[2048];
yield = string_cat(yield,
parse_quote_2047(sub, Ustrlen(sub), headers_charset,
- buffer, sizeof(buffer), FALSE));
+ FALSE));
continue;
- }
/* RFC 2047 decode */
git://git.exim.org / exim.git / blobdiff