-/* $Cambridge: exim/src/src/acl.c,v 1.60 2006/06/27 14:04:29 ph10 Exp $ */
+/* $Cambridge: exim/src/src/acl.c,v 1.66 2006/09/25 10:14:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
ACLC_HOSTS,
ACLC_LOCAL_PARTS,
ACLC_LOG_MESSAGE,
+ ACLC_LOG_REJECT_TARGET,
ACLC_LOGWRITE,
#ifdef WITH_CONTENT_SCAN
ACLC_MALWARE,
ACLC_VERIFY };
/* ACL conditions/modifiers: "delay", "control", "endpass", "message",
-"log_message", "logwrite", and "set" are modifiers that look like conditions
-but always return TRUE. They are used for their side effects. */
+"log_message", "log_reject_target", "logwrite", and "set" are modifiers that
+look like conditions but always return TRUE. They are used for their side
+effects. */
static uschar *conditions[] = {
US"acl",
US"dk_senders",
US"dk_status",
#endif
- US"dnslists", US"domains", US"encrypted",
- US"endpass", US"hosts", US"local_parts", US"log_message", US"logwrite",
+ US"dnslists",
+ US"domains",
+ US"encrypted",
+ US"endpass",
+ US"hosts",
+ US"local_parts",
+ US"log_message",
+ US"log_reject_target",
+ US"logwrite",
#ifdef WITH_CONTENT_SCAN
US"malware",
#endif
FALSE, /* hosts */
FALSE, /* local_parts */
TRUE, /* log_message */
+ TRUE, /* log_reject_target */
TRUE, /* logwrite */
#ifdef WITH_CONTENT_SCAN
TRUE, /* malware */
FALSE, /* hosts */
FALSE, /* local_parts */
TRUE, /* log_message */
+ TRUE, /* log_reject_target */
TRUE, /* logwrite */
#ifdef WITH_CONTENT_SCAN
FALSE, /* malware */
0, /* acl */
(unsigned int)
- ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* add_header */
+ ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* add_header */
(1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
- (1<<ACL_WHERE_MIME)|(1<<ACL_WHERE_NOTSMTP)),
+ (1<<ACL_WHERE_MIME)|(1<<ACL_WHERE_NOTSMTP)|
+ (1<<ACL_WHERE_NOTSMTP_START)),
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_CONNECT)| /* authenticated */
- (1<<ACL_WHERE_HELO),
+ (1<<ACL_WHERE_NOTSMTP)| /* authenticated */
+ (1<<ACL_WHERE_NOTSMTP_START)|
+ (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO),
#ifdef EXPERIMENTAL_BRIGHTMAIL
(1<<ACL_WHERE_AUTH)| /* bmi_optin */
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_PREDATA),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_PREDATA)|
+ (1<<ACL_WHERE_NOTSMTP_START),
#endif
0, /* condition */
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_policy */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_sender_domains */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_sender_local_parts */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_senders */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
(1<<ACL_WHERE_AUTH)| /* dk_status */
(1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
(1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
(1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
- (1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_NOTSMTP_START),
#endif
- (1<<ACL_WHERE_NOTSMTP), /* dnslists */
+ (1<<ACL_WHERE_NOTSMTP)| /* dnslists */
+ (1<<ACL_WHERE_NOTSMTP_START),
(unsigned int)
~(1<<ACL_WHERE_RCPT), /* domains */
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_CONNECT)| /* encrypted */
+ (1<<ACL_WHERE_NOTSMTP)| /* encrypted */
+ (1<<ACL_WHERE_CONNECT)|
+ (1<<ACL_WHERE_NOTSMTP_START)|
(1<<ACL_WHERE_HELO),
0, /* endpass */
- (1<<ACL_WHERE_NOTSMTP), /* hosts */
+ (1<<ACL_WHERE_NOTSMTP)| /* hosts */
+ (1<<ACL_WHERE_NOTSMTP_START),
(unsigned int)
~(1<<ACL_WHERE_RCPT), /* local_parts */
0, /* log_message */
+ 0, /* log_reject_target */
+
0, /* logwrite */
#ifdef WITH_CONTENT_SCAN
(1<<ACL_WHERE_HELO)|
(1<<ACL_WHERE_MAILAUTH)|
(1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
- (1<<ACL_WHERE_STARTTLS)|(1<<ACL_WHERE_VRFY),
+ (1<<ACL_WHERE_STARTTLS)|(1<<ACL_WHERE_VRFY)|
+ (1<<ACL_WHERE_NOTSMTP)|
+ (1<<ACL_WHERE_NOTSMTP_START),
#endif
/* Certain types of verify are always allowed, so we let it through
#endif
#ifdef EXPERIMENTAL_DOMAINKEYS
- (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP), /* dk_verify */
+ (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)| /* dk_verify */
+ (1<<ACL_WHERE_NOTSMTP_START),
#endif
0, /* error */
(unsigned int)
~(1<<ACL_WHERE_RCPT), /* caselower_local_part */
- (1<<ACL_WHERE_NOTSMTP), /* enforce_sync */
+ (1<<ACL_WHERE_NOTSMTP)| /* enforce_sync */
+ (1<<ACL_WHERE_NOTSMTP_START),
- (1<<ACL_WHERE_NOTSMTP), /* no_enforce_sync */
+ (1<<ACL_WHERE_NOTSMTP)| /* no_enforce_sync */
+ (1<<ACL_WHERE_NOTSMTP_START),
(unsigned int)
~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* freeze */
(unsigned int)
~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)| /* suppress_local_fixups */
- (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_PREDATA)),
+ (1<<ACL_WHERE_PREDATA)|
+ (1<<ACL_WHERE_NOTSMTP_START)),
#ifdef WITH_CONTENT_SCAN
(unsigned int)
(1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
(1<<ACL_WHERE_MIME)),
- (1<<ACL_WHERE_NOTSMTP) /* no_multiline */
+ (1<<ACL_WHERE_NOTSMTP)| /* no_multiline */
+ (1<<ACL_WHERE_NOTSMTP_START)
};
/* Structure listing various control arguments, with their characteristics. */
can be started by a name, or by a macro definition. */
s = readconf_readname(name, sizeof(name), s);
- if (*s == ':' || isupper(name[0] && *s == '=')) return yield;
+ if (*s == ':' || (isupper(name[0]) && *s == '=')) return yield;
/* If a verb is unrecognized, it may be another condition or modifier that
continues the previous verb. */
/* The "set" modifier is different in that its argument is "name=value"
rather than just a value, and we can check the validity of the name, which
- gives us a variable number to insert into the data block. */
+ gives us a variable name to insert into the data block. The original ACL
+ variable names were acl_c0 ... acl_c9 and acl_m0 ... acl_m9. This was
+ extended to 20 of each type, but after that people successfully argued for
+ arbitrary names. In the new scheme, the names must start with acl_c or acl_m.
+ After that, we allow alphanumerics and underscores, but the first character
+ after c or m must be a digit or an underscore. This retains backwards
+ compatibility. */
if (c == ACLC_SET)
{
- int offset, max, n;
uschar *endptr;
- if (Ustrncmp(s, "acl_", 4) != 0) goto BAD_ACL_VAR;
- if (s[4] == 'c')
+ if (Ustrncmp(s, "acl_c", 5) != 0 &&
+ Ustrncmp(s, "acl_m", 5) != 0)
{
- offset = 0;
- max = ACL_CVARS;
+ *error = string_sprintf("invalid variable name after \"set\" in ACL "
+ "modifier \"set %s\" (must start \"acl_c\" or \"acl_m\")", s);
+ return NULL;
}
- else if (s[4] == 'm')
+
+ endptr = s + 5;
+ if (!isdigit(*endptr) && *endptr != '_')
{
- offset = ACL_CVARS;
- max = ACL_MVARS;
+ *error = string_sprintf("invalid variable name after \"set\" in ACL "
+ "modifier \"set %s\" (digit or underscore must follow acl_c or acl_m)",
+ s);
+ return NULL;
}
- else goto BAD_ACL_VAR;
- n = Ustrtoul(s + 5, &endptr, 10);
- if ((*endptr != 0 && *endptr != '=' && !isspace(*endptr)) || n >= max)
+ while (*endptr != 0 && *endptr != '=' && !isspace(*endptr))
{
- BAD_ACL_VAR:
- *error = string_sprintf("syntax error or unrecognized name after "
- "\"set\" in ACL modifier \"set %s\"", s);
- return NULL;
+ if (!isalnum(*endptr) && *endptr != '_')
+ {
+ *error = string_sprintf("invalid character \"%c\" in variable name "
+ "in ACL modifier \"set %s\"", *endptr, s);
+ return NULL;
+ }
+ endptr++;
}
- cond->u.varnumber = n + offset;
+ cond->u.varname = string_copyn(s + 4, endptr - s - 4);
s = endptr;
while (isspace(*s)) s++;
}
{
uschar *user_message = NULL;
uschar *log_message = NULL;
-uschar *p;
+uschar *p = NULL;
int rc = OK;
#ifdef WITH_CONTENT_SCAN
int sep = '/';
if (cb->type == ACLC_SET)
{
- int n = cb->u.varnumber;
- int t = (n < ACL_CVARS)? 'c' : 'm';
- if (n >= ACL_CVARS) n -= ACL_CVARS;
- debug_printf("acl_%c%d ", t, n);
- lhswidth += 7;
+ debug_printf("acl_%s ", cb->u.varname);
+ lhswidth += 5 + Ustrlen(cb->u.varname);
}
debug_printf("= %s\n", cb->arg);
&deliver_localpart_data);
break;
+ case ACLC_LOG_REJECT_TARGET:
+ {
+ int logbits = 0;
+ int sep = 0;
+ uschar *s = arg;
+ uschar *ss;
+ while ((ss = string_nextinlist(&s, &sep, big_buffer, big_buffer_size))
+ != NULL)
+ {
+ if (Ustrcmp(ss, "main") == 0) logbits |= LOG_MAIN;
+ else if (Ustrcmp(ss, "panic") == 0) logbits |= LOG_PANIC;
+ else if (Ustrcmp(ss, "reject") == 0) logbits |= LOG_REJECT;
+ else
+ {
+ logbits |= LOG_MAIN|LOG_REJECT;
+ log_write(0, LOG_MAIN|LOG_PANIC, "unknown log name \"%s\" in "
+ "\"log_reject_target\" in %s ACL", ss, acl_wherenames[where]);
+ }
+ }
+ log_reject_target = logbits;
+ }
+ break;
+
case ACLC_LOGWRITE:
{
int logbits = 0;
s++;
}
while (isspace(*s)) s++;
+
+
if (logbits == 0) logbits = LOG_MAIN;
log_write(0, logbits, "%s", string_printing(s));
}
#ifdef WITH_CONTENT_SCAN
case ACLC_MALWARE:
{
- /* Seperate the regular expression and any optional parameters. */
+ /* Separate the regular expression and any optional parameters. */
uschar *ss = string_nextinlist(&arg, &sep, big_buffer, big_buffer_size);
/* Run the malware backend. */
rc = malware(&ss);
case ACLC_SET:
{
int old_pool = store_pool;
- if (cb->u.varnumber < ACL_CVARS) store_pool = POOL_PERM;
- acl_var[cb->u.varnumber] = string_copy(arg);
+ if (cb->u.varname[0] == 'c') store_pool = POOL_PERM;
+ acl_var_create(cb->u.varname)->data.ptr = string_copy(arg);
store_pool = old_pool;
}
break;
*user_msgptr = *log_msgptr = NULL;
sender_verified_failed = NULL;
ratelimiters_cmd = NULL;
+log_reject_target = LOG_MAIN|LOG_REJECT;
if (where == ACL_WHERE_RCPT)
{
return rc;
}
+
+
+/*************************************************
+* Create ACL variable *
+*************************************************/
+
+/* Create an ACL variable or reuse an existing one. ACL variables are in a
+binary tree (see tree.c) with acl_var_c and acl_var_m as root nodes.
+
+Argument:
+ name pointer to the variable's name, starting with c or m
+
+Returns the pointer to variable's tree node
+*/
+
+tree_node *
+acl_var_create(uschar *name)
+{
+tree_node *node, **root;
+root = (name[0] == 'c')? &acl_var_c : &acl_var_m;
+node = tree_search(*root, name);
+if (node == NULL)
+ {
+ node = store_get(sizeof(tree_node) + Ustrlen(name));
+ Ustrcpy(node->name, name);
+ (void)tree_insertnode(root, node);
+ }
+node->data.ptr = NULL;
+return node;
+}
+
+
+
+/*************************************************
+* Write an ACL variable in spool format *
+*************************************************/
+
+/* This function is used as a callback for tree_walk when writing variables to
+the spool file. To retain spool file compatibility, what is written is -aclc or
+-aclm followed by the rest of the name and the data length, space separated,
+then the value itself, starting on a new line, and terminated by an additional
+newline. When we had only numbered ACL variables, the first line might look
+like this: "-aclc 5 20". Now it might be "-aclc foo 20" for the variable called
+acl_cfoo.
+
+Arguments:
+ name of the variable
+ value of the variable
+ ctx FILE pointer (as a void pointer)
+
+Returns: nothing
+*/
+
+void
+acl_var_write(uschar *name, uschar *value, void *ctx)
+{
+FILE *f = (FILE *)ctx;
+fprintf(f, "-acl%c %s %d\n%s\n", name[0], name+1, Ustrlen(value), value);
+}
+
/* End of acl.c */