-/* $Cambridge: exim/src/src/acl.c,v 1.47 2005/09/12 10:08:54 ph10 Exp $ */
+/* $Cambridge: exim/src/src/acl.c,v 1.55 2006/02/13 12:02:59 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2005 */
+/* Copyright (c) University of Cambridge 1995 - 2006 */
/* See the file NOTICE for conditions of use and distribution. */
/* Code for handling Access Control Lists (ACLs) */
{ US"caseful_local_part", CONTROL_CASEFUL_LOCAL_PART, FALSE },
{ US"caselower_local_part", CONTROL_CASELOWER_LOCAL_PART, FALSE },
{ US"enforce_sync", CONTROL_ENFORCE_SYNC, FALSE },
- { US"freeze", CONTROL_FREEZE, FALSE },
+ { US"freeze", CONTROL_FREEZE, TRUE },
{ US"no_enforce_sync", CONTROL_NO_ENFORCE_SYNC, FALSE },
{ US"no_multiline_responses", CONTROL_NO_MULTILINE, FALSE },
{ US"queue_only", CONTROL_QUEUE_ONLY, FALSE },
if (c == ACLC_SET)
{
- if (Ustrncmp(s, "acl_", 4) != 0 || (s[4] != 'c' && s[4] != 'm') ||
- !isdigit(s[5]) || (!isspace(s[6]) && s[6] != '='))
+ int offset, max, n;
+ uschar *endptr;
+
+ if (Ustrncmp(s, "acl_", 4) != 0) goto BAD_ACL_VAR;
+ if (s[4] == 'c')
+ {
+ offset = 0;
+ max = ACL_CVARS;
+ }
+ else if (s[4] == 'm')
+ {
+ offset = ACL_CVARS;
+ max = ACL_MVARS;
+ }
+ else goto BAD_ACL_VAR;
+
+ n = Ustrtoul(s + 5, &endptr, 10);
+ if ((*endptr != 0 && *endptr != '=' && !isspace(*endptr)) || n >= max)
{
- *error = string_sprintf("unrecognized name after \"set\" in ACL "
- "modifier \"set %s\"", s);
+ BAD_ACL_VAR:
+ *error = string_sprintf("syntax error or unrecognized name after "
+ "\"set\" in ACL modifier \"set %s\"", s);
return NULL;
}
- cond->u.varnumber = s[5] - '0';
- if (s[4] == 'm') cond->u.varnumber += ACL_C_MAX;
- s += 6;
+ cond->u.varnumber = n + offset;
+ s = endptr;
while (isspace(*s)) s++;
}
address literals, but it's probably the most friendly thing to do. This is an
extension to CSA, so we allow it to be turned off for proper conformance. */
-if (string_is_ip_address(domain, NULL))
+if (string_is_ip_address(domain, NULL) != 0)
{
if (!dns_csa_use_reverse) return CSA_UNKNOWN;
dns_build_reverse(domain, target);
if (strcmpic(ss, US"helo") == 0)
{
if (slash != NULL) goto NO_OPTIONS;
- if (helo_verified) return OK;
- if (helo_verify_failed) return FAIL;
- if (smtp_verify_helo()) return helo_verified? OK : FAIL;
- return DEFER;
+ if (!helo_verified && !helo_verify_failed) smtp_verify_helo();
+ return helo_verified? OK : FAIL;
}
/* Do Client SMTP Authorization checks in a separate function, and turn the
+ (double)tv.tv_usec / 1000000.0;
double prev_time = (double)dbd->time_stamp
+ (double)dbd->time_usec / 1000000.0;
- double interval = this_time - prev_time;
-
- double i_over_p = interval / period;
- double a = exp(-i_over_p);
/* We must avoid division by zero, and deal gracefully with the clock going
backwards. If we blunder ahead when time is in reverse then the computed
- rate will become bogusly huge. Clamp i/p to a very small number instead. */
+ rate will be bogus. To be safe we clamp interval to a very small number. */
- if (i_over_p <= 0.0) i_over_p = 1e-9;
+ double interval = this_time - prev_time <= 0.0 ? 1e-9
+ : this_time - prev_time;
+
+ double i_over_p = interval / period;
+ double a = exp(-i_over_p);
dbd->time_stamp = tv.tv_sec;
dbd->time_usec = tv.tv_usec;
if (cb->type == ACLC_SET)
{
int n = cb->u.varnumber;
- int t = (n < ACL_C_MAX)? 'c' : 'm';
- if (n >= ACL_C_MAX) n -= ACL_C_MAX;
+ int t = (n < ACL_CVARS)? 'c' : 'm';
+ if (n >= ACL_CVARS) n -= ACL_CVARS;
debug_printf("acl_%c%d ", t, n);
lhswidth += 7;
}
{
/* A nested ACL that returns "discard" makes sense only for an "accept" or
"discard" verb. */
-
+\
case ACLC_ACL:
rc = acl_check_internal(where, addr, arg, level+1, user_msgptr, log_msgptr);
if (rc == DISCARD && verb != ACL_ACCEPT && verb != ACL_DISCARD)
case CONTROL_FREEZE:
deliver_freeze = TRUE;
deliver_frozen_at = time(NULL);
+ freeze_tell = freeze_tell_config; /* Reset to configured value */
+ if (Ustrncmp(p, "/no_tell", 8) == 0)
+ {
+ p += 8;
+ freeze_tell = NULL;
+ }
+ if (*p != 0)
+ {
+ *log_msgptr = string_sprintf("syntax error in \"control=%s\"", arg);
+ return ERROR;
+ }
break;
case CONTROL_QUEUE_ONLY:
submission_domain = string_copyn(p+8, pp-p-8);
p = pp;
}
+ /* The name= option must be last, because it swallows the rest of
+ the string. */
else if (Ustrncmp(p, "/name=", 6) == 0)
{
uschar *pp = p + 6;
- while (*pp != 0 && *pp != '/') pp++;
+ while (*pp != 0) pp++;
submission_name = string_copy(parse_fix_phrase(p+6, pp-p-6,
big_buffer, big_buffer_size));
p = pp;
case ACLC_SET:
{
int old_pool = store_pool;
- if (cb->u.varnumber < ACL_C_MAX) store_pool = POOL_PERM;
+ if (cb->u.varnumber < ACL_CVARS) store_pool = POOL_PERM;
acl_var[cb->u.varnumber] = string_copy(arg);
store_pool = old_pool;
}
case ACL_WARN:
if (cond == OK)
acl_warn(where, *user_msgptr, *log_msgptr);
- else if (cond == DEFER)
+ else if (cond == DEFER && (log_extra_selector & LX_acl_warn_skipped) != 0)
log_write(0, LOG_MAIN, "%s Warning: ACL \"warn\" statement skipped: "
"condition test deferred%s%s", host_and_ident(TRUE),
(*log_msgptr == NULL)? US"" : US": ",
git://git.exim.org / exim.git / blobdiff