time_t now;
dbdata_callout_cache *cache_record;
-cache_record = dbfn_read_with_length(dbm_file, key, &length);
-
-if (cache_record == NULL)
+if (!(cache_record = dbfn_read_with_length(dbm_file, key, &length)))
{
HDEBUG(D_verify) debug_printf("callout cache: no %s record found for %s\n", type, key);
return NULL;
postmaster-verify.
The sync_responses() would need to be taught about it and we'd
need another return code filtering out to here.
+
+ Avoid using a SIZE option on the MAIL for all randon-rcpt checks.
*/
+ sx.avoid_option = OPTION_SIZE;
+
/* Remember when we last did a random test */
new_domain_record.random_stamp = time(NULL);
if (smtp_write_mail_and_rcpt_cmds(&sx, &yield) == 0)
switch(addr->transport_return)
{
- case PENDING_OK:
+ case PENDING_OK: /* random was accepted, unfortunately */
new_domain_record.random_result = ccache_accept;
- break;
- case FAIL:
+ yield = OK; /* Only usable verify result we can return */
+ done = TRUE;
+ goto no_conn;
+ case FAIL: /* rejected: the preferred result */
new_domain_record.random_result = ccache_reject;
+ sx.avoid_option = 0;
/* Between each check, issue RSET, because some servers accept only
one recipient after MAIL FROM:<>.
sx.send_rset = TRUE;
sx.completed_addr = FALSE;
goto tls_retry_connection;
+ case DEFER: /* 4xx response to random */
+ break; /* Just to be clear. ccache_unknown, !done. */
}
/* Re-setup for main verify, or for the error message when failing */
else
done = TRUE;
- /* Main verify. If the host is accepting all local parts, as determined
- by the "random" check, we don't need to waste time doing any further
- checking. */
+ /* Main verify. For rcpt-verify use SIZE if we know it and we're not cacheing;
+ for sndr-verify never use it. */
if (done)
{
+ if (!(options & vopt_is_recipient && options & vopt_callout_no_cache))
+ sx.avoid_option = OPTION_SIZE;
+
done = FALSE;
switch(smtp_write_mail_and_rcpt_cmds(&sx, &yield))
{
case PENDING_OK: done = TRUE;
new_address_record.result = ccache_accept;
break;
- case FAIL: done = TRUE;
+ case FAIL: done = TRUE;
yield = FAIL;
*failure_ptr = US"recipient";
new_address_record.result = ccache_reject;
break;
- default: break;
+ default: break;
}
break;
sx.ok = FALSE;
sx.send_rset = TRUE;
sx.completed_addr = FALSE;
+ sx.avoid_option = OPTION_SIZE;
if( smtp_write_mail_and_rcpt_cmds(&sx, &yield) == 0
&& addr->transport_return == PENDING_OK
if (*sx.buffer == 0) Ustrcpy(sx.buffer, US"connection dropped");
/*XXX test here is ugly; seem to have a split of responsibility for
- building this message. Need to reationalise. Where is it done
+ building this message. Need to rationalise. Where is it done
before here, and when not?
Not == 5xx resp to MAIL on main-verify
*/
if(
#ifdef SUPPORT_TLS
- (tls_out.active == cutthrough.fd) ? tls_write(FALSE, ctblock.buffer, n) :
+ tls_out.active == cutthrough.fd ? tls_write(FALSE, ctblock.buffer, n, FALSE) :
#endif
send(cutthrough.fd, ctblock.buffer, n, 0) > 0
)
tctx.addr = &cutthrough.addr;
tctx.check_string = US".";
tctx.escape_string = US"..";
+/*XXX check under spool_files_wireformat. Might be irrelevant */
tctx.options = topt_use_crlf;
if (!transport_headers_send(&tctx, &cutthrough_write_chunk))
va_start(ap, format);
if (smtp_out && (f == smtp_out))
- smtp_vprintf(format, ap);
+ smtp_vprintf(format, FALSE, ap);
else
vfprintf(f, format, ap);
va_end(ap);
transport. */
transport_feedback tf = {
- NULL, /* interface (=> any) */
- US"smtp", /* port */
- US"smtp", /* protocol */
- NULL, /* hosts */
- US"$smtp_active_hostname", /* helo_data */
- FALSE, /* hosts_override */
- FALSE, /* hosts_randomize */
- FALSE, /* gethostbyname */
- TRUE, /* qualify_single */
- FALSE /* search_parents */
+ .interface = NULL, /* interface (=> any) */
+ .port = US"smtp",
+ .protocol = US"smtp",
+ .hosts = NULL,
+ .helo_data = US"$smtp_active_hostname",
+ .hosts_override = FALSE,
+ .hosts_randomize = FALSE,
+ .gethostbyname = FALSE,
+ .qualify_single = TRUE,
+ .search_parents = FALSE
};
/* If verification yielded a remote transport, we want to use that
*************************************************/
/* This function checks those header lines that contain addresses, and verifies
-that all the addresses therein are syntactially correct.
+that all the addresses therein are 5322-syntactially correct.
Arguments:
msgptr where to put an error message
uschar *colon, *s;
int yield = OK;
-for (h = header_list; h != NULL && yield == OK; h = h->next)
+for (h = header_list; h && yield == OK; h = h->next)
{
if (h->type != htype_from &&
h->type != htype_reply_to &&
parse_allow_group = TRUE;
- while (*s != 0)
+ while (*s)
{
uschar *ss = parse_find_address_end(s, FALSE);
uschar *recipient, *errmess;
/* Permit an unqualified address only if the message is local, or if the
sending host is configured to be permitted to send them. */
- if (recipient != NULL && domain == 0)
+ if (recipient && !domain)
{
if (h->type == htype_from || h->type == htype_sender)
{
/* It's an error if no address could be extracted, except for the special
case of an empty address. */
- if (recipient == NULL && Ustrcmp(errmess, "empty address") != 0)
+ if (!recipient && Ustrcmp(errmess, "empty address") != 0)
{
uschar *verb = US"is";
uschar *t = ss;
/* deconst cast ok as we're passing a non-const to string_printing() */
*msgptr = US string_printing(
string_sprintf("%s: failing address in \"%.*s:\" header %s: %.*s",
- errmess, tt - h->text, h->text, verb, len, s));
+ errmess, (int)(tt - h->text), h->text, verb, len, s));
yield = FAIL;
break; /* Out of address loop */
/* Advance to the next address */
- s = ss + (terminator? 1:0);
+ s = ss + (terminator ? 1 : 0);
while (isspace(*s)) s++;
} /* Next address */
while (ss > s && isspace(ss[-1])) ss--;
*log_msgptr = string_sprintf("syntax error in '%.*s' header when "
"scanning for sender: %s in \"%.*s\"",
- endname - h->text, h->text, *log_msgptr, ss - s, s);
+ (int)(endname - h->text), h->text, *log_msgptr, (int)(ss - s), s);
yield = FAIL;
done = TRUE;
break;
{
*verrno = vaddr->basic_errno;
if (smtp_return_error_details)
- {
*user_msgptr = string_sprintf("Rejected after DATA: "
"could not verify \"%.*s\" header address\n%s: %s",
- endname - h->text, h->text, vaddr->address, vaddr->message);
- }
+ (int)(endname - h->text), h->text, vaddr->address, vaddr->message);
}
/* Success or defer */
int sock, host_af, qlen;
int received_sender_port, received_interface_port, n;
uschar *p;
+blob early_data;
uschar buffer[2048];
/* Default is no ident. Check whether we want to do an ident check for this
goto END_OFF;
}
+/* Construct and send the query. */
+
+qlen = snprintf(CS buffer, sizeof(buffer), "%d , %d\r\n",
+ sender_host_port, interface_port);
+early_data.data = buffer;
+early_data.len = qlen;
+
if (ip_connect(sock, host_af, sender_host_address, port,
- rfc1413_query_timeout, TRUE) < 0)
+ rfc1413_query_timeout, &early_data) < 0)
{
if (errno == ETIMEDOUT && LOGGING(ident_timeout))
log_write(0, LOG_MAIN, "ident connection to %s timed out",
goto END_OFF;
}
-/* Construct and send the query. */
-
-sprintf(CS buffer, "%d , %d\r\n", sender_host_port, interface_port);
-qlen = Ustrlen(buffer);
-if (send(sock, buffer, qlen, 0) < 0)
- {
- DEBUG(D_ident) debug_printf("ident send failed: %s\n", strerror(errno));
- goto END_OFF;
- }
-
/* Read a response line. We put it into the rest of the buffer, using several
recv() calls if necessary. */
int rc;
unsigned int *local_cache_bits = cache_bits;
const uschar *save_host_address = deliver_host_address;
-check_host_block cb;
-cb.host_name = host_name;
-cb.host_address = host_address;
+check_host_block cb = { .host_name = host_name, .host_address = host_address };
-if (valueptr != NULL) *valueptr = NULL;
+if (valueptr) *valueptr = NULL;
/* If the host address starts off ::ffff: it is an IPv6 address in
IPv4-compatible mode. Find the IPv4 part for checking against IPv4
addresses. */
-cb.host_ipv4 = (Ustrncmp(host_address, "::ffff:", 7) == 0)?
- host_address + 7 : host_address;
+cb.host_ipv4 = Ustrncmp(host_address, "::ffff:", 7) == 0
+ ? host_address + 7 : host_address;
/* During the running of the check, put the IP address into $host_address. In
the case of calls from the smtp transport, it will already be there. However,