Support /defer_ok on verify=reverse_host_lookup. Bug 344

[exim.git] / src / src / acl.c

diff --git a/src/src/acl.c b/src/src/acl.c
index eb2211d60f3d0a38cdf03c924b20b7d1d9b91013..f0716e0168693adeeab61e8c2f25a5eb8d7fa009 100644 (file)
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -397,7 +397,7 @@ static unsigned int cond_forbids[] = {
   (unsigned int)
   ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)|       /* add_header */
     (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
   #endif
     (1<<ACL_WHERE_MIME)|(1<<ACL_WHERE_NOTSMTP)|
@@ -412,7 +412,7 @@ static unsigned int cond_forbids[] = {
   (1<<ACL_WHERE_AUTH)|                             /* bmi_optin */
     (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
     (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_MIME)|
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
   #endif
     (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
@@ -434,9 +434,9 @@ static unsigned int cond_forbids[] = {
   #ifdef EXPERIMENTAL_DCC
   (unsigned int)
   ~((1<<ACL_WHERE_DATA)|                           /* dcc */
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
-  #endif /* EXPERIMENTAL_PRDR */
+  #endif
     (1<<ACL_WHERE_NOTSMTP)),
   #endif
 
@@ -450,9 +450,9 @@ static unsigned int cond_forbids[] = {
   #ifdef WITH_OLD_DEMIME
   (unsigned int)
   ~((1<<ACL_WHERE_DATA)|                           /* demime */
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
-  #endif /* EXPERIMENTAL_PRDR */
+  #endif
     (1<<ACL_WHERE_NOTSMTP)),
   #endif
 
@@ -474,7 +474,7 @@ static unsigned int cond_forbids[] = {
 
   (unsigned int)
   ~((1<<ACL_WHERE_RCPT)                            /* domains */
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     |(1<<ACL_WHERE_PRDR)
   #endif
     ),
@@ -491,7 +491,7 @@ static unsigned int cond_forbids[] = {
 
   (unsigned int)
   ~((1<<ACL_WHERE_RCPT)                             /* local_parts */
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     |(1<<ACL_WHERE_PRDR)
   #endif
     ),
@@ -505,9 +505,9 @@ static unsigned int cond_forbids[] = {
   #ifdef WITH_CONTENT_SCAN
   (unsigned int)
   ~((1<<ACL_WHERE_DATA)|                           /* malware */
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
-  #endif /* EXPERIMENTAL_PRDR */
+  #endif
     (1<<ACL_WHERE_NOTSMTP)),
   #endif
 
@@ -526,9 +526,9 @@ static unsigned int cond_forbids[] = {
   #ifdef WITH_CONTENT_SCAN
   (unsigned int)
   ~((1<<ACL_WHERE_DATA)|                           /* regex */
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
-  #endif /* EXPERIMENTAL_PRDR */
+  #endif
     (1<<ACL_WHERE_NOTSMTP)|
     (1<<ACL_WHERE_MIME)),
   #endif
@@ -536,7 +536,7 @@ static unsigned int cond_forbids[] = {
   (unsigned int)
   ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)|       /* remove_header */
     (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
   #endif
     (1<<ACL_WHERE_MIME)|(1<<ACL_WHERE_NOTSMTP)|
@@ -559,9 +559,9 @@ static unsigned int cond_forbids[] = {
   #ifdef WITH_CONTENT_SCAN
   (unsigned int)
   ~((1<<ACL_WHERE_DATA)|                           /* spam */
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
-  #endif /* EXPERIMENTAL_PRDR */
+  #endif
     (1<<ACL_WHERE_NOTSMTP)),
   #endif
 
@@ -608,9 +608,9 @@ static unsigned int control_forbids[] = {
 
   #ifndef DISABLE_DKIM
   (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)|      /* dkim_disable_verify */
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
-  #endif /* EXPERIMENTAL_PRDR */
+  #endif
     (1<<ACL_WHERE_NOTSMTP_START),
   #endif
 
@@ -674,17 +674,17 @@ static unsigned int control_forbids[] = {
   (unsigned int)
   ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)|       /* fakedefer */
     (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
-  #endif /* EXPERIMENTAL_PRDR */
+  #endif
     (1<<ACL_WHERE_MIME)),
 
   (unsigned int)
   ~((1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_RCPT)|       /* fakereject */
     (1<<ACL_WHERE_PREDATA)|(1<<ACL_WHERE_DATA)|
-  #ifdef EXPERIMENTAL_PRDR
+  #ifndef DISABLE_PRDR
     (1<<ACL_WHERE_PRDR)|
-  #endif /* EXPERIMENTAL_PRDR */
+  #endif
     (1<<ACL_WHERE_MIME)),
 
   (1<<ACL_WHERE_NOTSMTP)|                          /* no_multiline */
@@ -1550,7 +1550,7 @@ for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
   assertion: legitimate SMTP clients are all explicitly authorized with CSA
   SRV records of their own. */
 
-  if (found != domain)
+  if (Ustrcmp(found, domain) != 0)
     {
     if (port & 1)
       return t->data.val = CSA_FAIL_EXPLICIT;
@@ -1662,7 +1662,7 @@ typedef struct {
   unsigned alt_opt_sep;                /* >0 Non-/ option separator (custom parser) */
   } verify_type_t;
 static verify_type_t verify_type_list[] = {
-    { US"reverse_host_lookup", VERIFY_REV_HOST_LKUP,   ~0,     TRUE, 0 },
+    { US"reverse_host_lookup", VERIFY_REV_HOST_LKUP,   ~0,     FALSE, 0 },
     { US"certificate",         VERIFY_CERT,            ~0,     TRUE, 0 },
     { US"helo",                        VERIFY_HELO,            ~0,     TRUE, 0 },
     { US"csa",                 VERIFY_CSA,             ~0,     FALSE, 0 },
@@ -1783,7 +1783,11 @@ switch(vp->value)
   {
   case VERIFY_REV_HOST_LKUP:
     if (sender_host_address == NULL) return OK;
-    return acl_verify_reverse(user_msgptr, log_msgptr);
+    if ((rc = acl_verify_reverse(user_msgptr, log_msgptr)) == DEFER)
+      while ((ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)))
+       if (strcmpic(ss, US"defer_ok") == 0)
+         return OK;
+    return rc;
 
   case VERIFY_CERT:
     /* TLS certificate verification is done at STARTTLS time; here we just
@@ -2352,7 +2356,10 @@ rate measurement as opposed to rate limiting. */
 
 sender_rate_limit = string_nextinlist(&arg, &sep, NULL, 0);
 if (sender_rate_limit == NULL)
+  {
   limit = -1.0;
+  ss = NULL;   /* compiler quietening */
+  }
 else
   {
   limit = Ustrtod(sender_rate_limit, &ss);
@@ -2979,7 +2986,7 @@ uschar *debug_opts = NULL;
 uschar *p = NULL;
 int rc = OK;
 #ifdef WITH_CONTENT_SCAN
-int sep = '/';
+int sep = -'/';
 #endif
 
 for (; cb != NULL; cb = cb->next)
@@ -2992,12 +2999,14 @@ for (; cb != NULL; cb = cb->next)
 
   if (cb->type == ACLC_MESSAGE)
     {
+    HDEBUG(D_acl) debug_printf("  message: %s\n", cb->arg);
     user_message = cb->arg;
     continue;
     }
 
   if (cb->type == ACLC_LOG_MESSAGE)
     {
+    HDEBUG(D_acl) debug_printf("l_message: %s\n", cb->arg);
     log_message = cb->arg;
     continue;
     }
@@ -3349,19 +3358,27 @@ for (; cb != NULL; cb = cb->next)
       break;
 
       case CONTROL_CUTTHROUGH_DELIVERY:
-      if (deliver_freeze)
-        *log_msgptr = US"frozen";
-      else if (queue_only_policy)
-        *log_msgptr = US"queue-only";
-      else if (fake_response == FAIL)
-        *log_msgptr = US"fakereject";
+      if (prdr_requested)
+       /* Too hard to think about for now.  We might in future cutthrough
+       the case where both sides handle prdr and this-node prdr acl
+       is "accept" */
+        *log_msgptr = string_sprintf(US"PRDR on %s reception\n", arg);
       else
        {
-       cutthrough_delivery = TRUE;
-       break;
+       if (deliver_freeze)
+         *log_msgptr = US"frozen";
+       else if (queue_only_policy)
+         *log_msgptr = US"queue-only";
+       else if (fake_response == FAIL)
+         *log_msgptr = US"fakereject";
+       else
+         {
+         if (rcpt_count == 1) cutthrough.delivery = TRUE;
+         break;
+         }
+       *log_msgptr = string_sprintf("\"control=%s\" on %s item",
+                                     arg, *log_msgptr);
        }
-      *log_msgptr = string_sprintf("\"control=%s\" on %s item",
-                                   arg, *log_msgptr);
       return ERROR;
       }
     break;
@@ -3578,21 +3595,28 @@ for (; cb != NULL; cb = cb->next)
     break;
 
     #ifdef WITH_CONTENT_SCAN
-    case ACLC_MALWARE:
+    case ACLC_MALWARE:                 /* Run the malware backend. */
       {
       /* Separate the regular expression and any optional parameters. */
       uschar *ss = string_nextinlist(&arg, &sep, big_buffer, big_buffer_size);
-      /* Run the malware backend. */
-      rc = malware(&ss);
-      /* Modify return code based upon the existance of options. */
-      while ((ss = string_nextinlist(&arg, &sep, big_buffer, big_buffer_size))
-            != NULL) {
-        if (strcmpic(ss, US"defer_ok") == 0 && rc == DEFER)
-          {
-          /* FAIL so that the message is passed to the next ACL */
-          rc = FAIL;
-          }
-        }
+      uschar *opt;
+      BOOL defer_ok = FALSE;
+      int timeout = 0;
+
+      while ((opt = string_nextinlist(&arg, &sep, NULL, 0)))
+        if (strcmpic(opt, US"defer_ok") == 0)
+         defer_ok = TRUE;
+       else if (  strncmpic(opt, US"tmo=", 4) == 0
+               && (timeout = readconf_readtime(opt+4, '\0', FALSE)) < 0
+               )
+         {
+         *log_msgptr = string_sprintf("bad timeout value in '%s'", opt);
+         return ERROR;
+         }
+
+      rc = malware(ss, timeout);
+      if (rc == DEFER && defer_ok)
+       rc = FAIL;      /* FAIL so that the message is passed to the next ACL */
       }
     break;
 
@@ -4127,7 +4151,11 @@ while (acl != NULL)
   switch(acl->verb)
     {
     case ACL_ACCEPT:
-    if (cond == OK || cond == DISCARD) return cond;
+    if (cond == OK || cond == DISCARD)
+      {
+      HDEBUG(D_acl) debug_printf("end of %s: ACCEPT\n", acl_name);
+      return cond;
+      }
     if (endpass_seen)
       {
       HDEBUG(D_acl) debug_printf("accept: endpass encountered - denying access\n");
@@ -4138,17 +4166,26 @@ while (acl != NULL)
     case ACL_DEFER:
     if (cond == OK)
       {
+      HDEBUG(D_acl) debug_printf("end of %s: DEFER\n", acl_name);
       acl_temp_details = TRUE;
       return DEFER;
       }
     break;
 
     case ACL_DENY:
-    if (cond == OK) return FAIL;
+    if (cond == OK)
+      {
+      HDEBUG(D_acl) debug_printf("end of %s: DENY\n", acl_name);
+      return FAIL;
+      }
     break;
 
     case ACL_DISCARD:
-    if (cond == OK || cond == DISCARD) return DISCARD;
+    if (cond == OK || cond == DISCARD)
+      {
+      HDEBUG(D_acl) debug_printf("end of %s: DISCARD\n", acl_name);
+      return DISCARD;
+      }
     if (endpass_seen)
       {
       HDEBUG(D_acl) debug_printf("discard: endpass encountered - denying access\n");
@@ -4157,11 +4194,19 @@ while (acl != NULL)
     break;
 
     case ACL_DROP:
-    if (cond == OK) return FAIL_DROP;
+    if (cond == OK)
+      {
+      HDEBUG(D_acl) debug_printf("end of %s: DROP\n", acl_name);
+      return FAIL_DROP;
+      }
     break;
 
     case ACL_REQUIRE:
-    if (cond != OK) return cond;
+    if (cond != OK)
+      {
+      HDEBUG(D_acl) debug_printf("end of %s: not OK\n", acl_name);
+      return cond;
+      }
     break;
 
     case ACL_WARN:
@@ -4317,10 +4362,10 @@ sender_verified_failed = NULL;
 ratelimiters_cmd = NULL;
 log_reject_target = LOG_MAIN|LOG_REJECT;
 
-#ifdef EXPERIMENTAL_PRDR
-if (where == ACL_WHERE_RCPT || where == ACL_WHERE_PRDR )
+#ifndef DISABLE_PRDR
+if (where == ACL_WHERE_RCPT || where == ACL_WHERE_PRDR)
 #else
-if (where == ACL_WHERE_RCPT )
+if (where == ACL_WHERE_RCPT)
 #endif
   {
   adb = address_defaults;
@@ -4361,12 +4406,10 @@ If conn-failure, no action (and keep the spooled copy).
 switch (where)
 {
 case ACL_WHERE_RCPT:
-#ifdef EXPERIMENTAL_PRDR
+#ifndef DISABLE_PRDR
 case ACL_WHERE_PRDR:
 #endif
-  if( rcpt_count > 1 )
-    cancel_cutthrough_connection("more than one recipient");
-  else if (rc == OK  &&  cutthrough_delivery  &&  cutthrough_fd < 0)
+  if (rc == OK  &&  cutthrough.delivery  && rcpt_count > cutthrough.nrcpt)
     open_cutthrough_connection(addr);
   break;