X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/1ed70f64c0df2c1428057c2ad5b3d43260087396..c2ef5d7e9fc09693770d5d89a6913b47b9d6dbe7:/src/src/expand.c diff --git a/src/src/expand.c b/src/src/expand.c index b7719f642..06dc58cb1 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -2,8 +2,8 @@ * Exim - an Internet mail transport agent * *************************************************/ +/* Copyright (c) The Exim Maintainers 2020 - 2022 */ /* Copyright (c) University of Cambridge 1995 - 2018 */ -/* Copyright (c) The Exim Maintainers 2020 - 2021 */ /* See the file NOTICE for conditions of use and distribution. */ @@ -2964,12 +2964,12 @@ switch(cond_type = identify_operator(&s, &opname)) case ECOND_MATCH_ADDRESS: /* Match in an address list */ rc = match_address_list(sub[0], TRUE, FALSE, &(sub[1]), NULL, -1, 0, - NULL); + CUSS &lookup_value); goto MATCHED_SOMETHING; case ECOND_MATCH_DOMAIN: /* Match in a domain list */ rc = match_isinlist(sub[0], &(sub[1]), 0, &domainlist_anchor, NULL, - MCL_DOMAIN + MCL_NOEXPAND, TRUE, NULL); + MCL_DOMAIN + MCL_NOEXPAND, TRUE, CUSS &lookup_value); goto MATCHED_SOMETHING; case ECOND_MATCH_IP: /* Match IP address in a host list */ @@ -3003,13 +3003,13 @@ switch(cond_type = identify_operator(&s, &opname)) &cb, /* argument for function */ MCL_HOST, /* type of check */ sub[0], /* text for debugging */ - NULL); /* where to pass back data */ + CUSS &lookup_value); /* where to pass back data */ } goto MATCHED_SOMETHING; case ECOND_MATCH_LOCAL_PART: rc = match_isinlist(sub[0], &(sub[1]), 0, &localpartlist_anchor, NULL, - MCL_LOCALPART + MCL_NOEXPAND, TRUE, NULL); + MCL_LOCALPART + MCL_NOEXPAND, TRUE, CUSS &lookup_value); /* Fall through */ /* VVVVVVVVVVVV */ MATCHED_SOMETHING: @@ -3187,6 +3187,7 @@ switch(cond_type = identify_operator(&s, &opname)) if (compare(sub[0], iterate_item) == 0) { tempcond = TRUE; + lookup_value = iterate_item; break; } } @@ -3918,7 +3919,7 @@ Returns: new pointer for expandable string, terminated if non-null */ gstring * -cat_file(FILE *f, gstring *yield, uschar *eol) +cat_file(FILE * f, gstring * yield, uschar * eol) { uschar buffer[1024]; @@ -3930,8 +3931,6 @@ while (Ufgets(buffer, sizeof(buffer), f)) if (eol && buffer[len]) yield = string_cat(yield, eol); } - -(void) string_from_gstring(yield); return yield; } @@ -3953,7 +3952,6 @@ while ((rc = tls_read(tls_ctx, buffer, sizeof(buffer))) > 0) /* We assume that all errors, and any returns of zero bytes, are actually EOF. */ -(void) string_from_gstring(yield); return yield; } #endif @@ -4801,6 +4799,7 @@ while (*s) const uschar *next_s; int save_expand_nmax = save_expand_strings(save_expand_nstring, save_expand_nlength); + uschar * save_lookup_value = lookup_value; Uskip_whitespace(&s); if (!(next_s = eval_condition(s, &resetok, skipping ? NULL : &cond))) @@ -4834,6 +4833,7 @@ while (*s) /* Restore external setting of expansion variables for continuation at this level. */ + lookup_value = save_lookup_value; restore_expand_strings(save_expand_nmax, save_expand_nstring, save_expand_nlength); break; @@ -5526,10 +5526,8 @@ while (*s) case EITEM_RUN: { FILE * f; - uschar * arg; - const uschar ** argv; - pid_t pid; - int fd_in, fd_out; + const uschar * arg, ** argv; + BOOL late_expand = TRUE; if ((expand_forbid & RDO_RUN) != 0) { @@ -5537,17 +5535,45 @@ while (*s) goto EXPAND_FAILED; } + /* Handle options to the "run" */ + + while (*s == ',') + { + if (Ustrncmp(++s, "preexpand", 9) == 0) + { late_expand = FALSE; s += 9; } + else + { + const uschar * t = s; + while (isalpha(*++t)) ; + expand_string_message = string_sprintf("bad option '%.*s' for run", + (int)(t-s), s); + goto EXPAND_FAILED; + } + } Uskip_whitespace(&s); - if (*s != '{') + + if (*s != '{') /*}*/ { expand_string_message = US"missing '{' for command arg of run"; - goto EXPAND_FAILED_CURLY; + goto EXPAND_FAILED_CURLY; /*"}*/ } - if (!(arg = expand_string_internal(s+1, TRUE, &s, skipping, TRUE, &resetok))) - goto EXPAND_FAILED; - Uskip_whitespace(&s); + s++; + + if (late_expand) /* this is the default case */ + { + int n = Ustrcspn(s, "}"); + arg = skipping ? NULL : string_copyn(s, n); + s += n; + } + else + { + if (!(arg = expand_string_internal(s, TRUE, &s, skipping, TRUE, &resetok))) + goto EXPAND_FAILED; + Uskip_whitespace(&s); + } + /*{*/ if (*s++ != '}') - { + { /*{*/ expand_string_message = US"missing '}' closing command arg of run"; goto EXPAND_FAILED_CURLY; } @@ -5559,13 +5585,17 @@ while (*s) } else { + int fd_in, fd_out; + pid_t pid; + if (!transport_set_up_command(&argv, /* anchor for arg list */ arg, /* raw command */ - FALSE, /* don't expand the arguments */ - 0, /* not relevant when... */ - NULL, /* no transporting address */ - US"${run} expansion", /* for error messages */ - &expand_string_message)) /* where to put error message */ + late_expand, /* expand args if not already done */ + 0, /* not relevant when... */ + NULL, /* no transporting address */ + late_expand, /* allow tainted args, when expand-after-split */ + US"${run} expansion", /* for error messages */ + &expand_string_message)) /* where to put error message */ goto EXPAND_FAILED; /* Create the child process, making it a group leader. */ @@ -5576,7 +5606,7 @@ while (*s) expand_string_message = string_sprintf("couldn't create child process: %s", strerror(errno)); goto EXPAND_FAILED; - } + } /* Nothing is written to the standard input. */ @@ -6417,7 +6447,6 @@ while (*s) goto EXPAND_FAILED; /*{{*/ if (*s++ != '}') { - /*{*/ expand_string_message = string_sprintf("missing '}' closing first arg of %s", name); goto EXPAND_FAILED_CURLY; @@ -6544,6 +6573,9 @@ while (*s) item of the output list, add in a space if the new item begins with the separator character, or is an empty string. */ +/*XXX is there not a standard support function for this, appending to a list? */ +/* yes, string_append_listele(), but it depends on lack of text before the list */ + if ( yield && yield->ptr != save_ptr && (temp[0] == *outsep || temp[0] == 0)) yield = string_catn(yield, US" ", 1); @@ -6911,68 +6943,73 @@ while (*s) case 3: goto EXPAND_FAILED; } - g = string_catn(g, US"SRS0=", 5); - - /* ${l_4:${hmac{md5}{SRS_SECRET}{${lc:$return_path}}}}= */ - hmac_md5(sub[0], string_copylc(sub[1]), cksum, sizeof(cksum)); - g = string_catn(g, cksum, sizeof(cksum)); - g = string_catn(g, US"=", 1); - - /* ${base32:${eval:$tod_epoch/86400&0x3ff}}= */ + if (sub[1] && *(sub[1])) { - struct timeval now; - unsigned long i; - gstring * h = NULL; - - gettimeofday(&now, NULL); - for (unsigned long i = (now.tv_sec / 86400) & 0x3ff; i; i >>= 5) - h = string_catn(h, &base32_chars[i & 0x1f], 1); - if (h) while (h->ptr > 0) - g = string_catn(g, &h->s[--h->ptr], 1); - } - g = string_catn(g, US"=", 1); + g = string_catn(g, US"SRS0=", 5); - /* ${domain:$return_path}=${local_part:$return_path} */ - { - int start, end, domain; - uschar * t = parse_extract_address(sub[1], &expand_string_message, - &start, &end, &domain, FALSE); - uschar * s; + /* ${l_4:${hmac{md5}{SRS_SECRET}{${lc:$return_path}}}}= */ + hmac_md5(sub[0], string_copylc(sub[1]), cksum, sizeof(cksum)); + g = string_catn(g, cksum, sizeof(cksum)); + g = string_catn(g, US"=", 1); - if (!t) - goto EXPAND_FAILED; + /* ${base32:${eval:$tod_epoch/86400&0x3ff}}= */ + { + struct timeval now; + unsigned long i; + gstring * h = NULL; - if (domain > 0) g = string_cat(g, t + domain); + gettimeofday(&now, NULL); + for (unsigned long i = (now.tv_sec / 86400) & 0x3ff; i; i >>= 5) + h = string_catn(h, &base32_chars[i & 0x1f], 1); + if (h) while (h->ptr > 0) + g = string_catn(g, &h->s[--h->ptr], 1); + } g = string_catn(g, US"=", 1); - s = domain > 0 ? string_copyn(t, domain - 1) : t; - if ((quoted = Ustrchr(s, '"') != NULL)) + /* ${domain:$return_path}=${local_part:$return_path} */ { - gstring * h = NULL; - DEBUG(D_expand) debug_printf_indent("auto-quoting local part\n"); - while (*s) /* de-quote */ + int start, end, domain; + uschar * t = parse_extract_address(sub[1], &expand_string_message, + &start, &end, &domain, FALSE); + uschar * s; + + if (!t) + goto EXPAND_FAILED; + + if (domain > 0) g = string_cat(g, t + domain); + g = string_catn(g, US"=", 1); + + s = domain > 0 ? string_copyn(t, domain - 1) : t; + if ((quoted = Ustrchr(s, '"') != NULL)) { - while (*s && *s != '"') h = string_catn(h, s++, 1); - if (*s) s++; - while (*s && *s != '"') h = string_catn(h, s++, 1); - if (*s) s++; + gstring * h = NULL; + DEBUG(D_expand) debug_printf_indent("auto-quoting local part\n"); + while (*s) /* de-quote */ + { + while (*s && *s != '"') h = string_catn(h, s++, 1); + if (*s) s++; + while (*s && *s != '"') h = string_catn(h, s++, 1); + if (*s) s++; + } + gstring_release_unused(h); + s = string_from_gstring(h); } - gstring_release_unused(h); - s = string_from_gstring(h); + g = string_cat(g, s); } - g = string_cat(g, s); - } - /* Assume that if the original local_part had quotes - it was for good reason */ + /* Assume that if the original local_part had quotes + it was for good reason */ - if (quoted) yield = string_catn(yield, US"\"", 1); - yield = string_catn(yield, g->s, g->ptr); - if (quoted) yield = string_catn(yield, US"\"", 1); + if (quoted) yield = string_catn(yield, US"\"", 1); + yield = string_catn(yield, g->s, g->ptr); + if (quoted) yield = string_catn(yield, US"\"", 1); - /* @$original_domain */ - yield = string_catn(yield, US"@", 1); - yield = string_cat(yield, sub[2]); + /* @$original_domain */ + yield = string_catn(yield, US"@", 1); + yield = string_cat(yield, sub[2]); + } + else + DEBUG(D_expand) debug_printf_indent("null return_path for srs-encode\n"); if (skipping) continue; break; @@ -7241,7 +7278,7 @@ NOT_ITEM: ; goto EXPAND_FAILED; } - exim_sha_update(&h, sub, Ustrlen(sub)); + exim_sha_update_string(&h, sub); exim_sha_finish(&h, &b); while (b.len-- > 0) yield = string_fmt_append(yield, "%02X", *b.data++); @@ -7269,7 +7306,7 @@ NOT_ITEM: ; goto EXPAND_FAILED; } - exim_sha_update(&h, sub, Ustrlen(sub)); + exim_sha_update_string(&h, sub); exim_sha_finish(&h, &b); while (b.len-- > 0) yield = string_fmt_append(yield, "%02X", *b.data++);