X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/31f5b3492bde6a055c0c349a3d46718bd5a7e4f0..c9433c53ad292c2f7ec05aa9d083767f95d07858:/src/src/smtp_in.c

diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index 8e9b93ab3..41232d7cd 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -139,7 +139,7 @@ static struct {
 #endif
   BOOL dsn_advertised			:1;
   BOOL esmtp				:1;
-  BOOL helo_required			:1;
+  BOOL helo_verify_required		:1;
   BOOL helo_verify			:1;
   BOOL helo_seen			:1;
   BOOL helo_accept_junk			:1;
@@ -153,7 +153,7 @@ static struct {
   BOOL smtputf8_advertised		:1;
 #endif
 } fl = {
-  .helo_required = FALSE,
+  .helo_verify_required = FALSE,
   .helo_verify = FALSE,
   .smtp_exit_function_called = FALSE,
 };
@@ -581,12 +581,12 @@ return buf;
 }
 
 void
-smtp_get_cache(void)
+smtp_get_cache(unsigned lim)
 {
 #ifndef DISABLE_DKIM
 int n = smtp_inend - smtp_inptr;
-if (chunking_state == CHUNKING_LAST && chunking_data_left < n)
-  n = chunking_data_left;
+if (n > lim)
+  n = lim;
 if (n > 0)
   dkim_exim_verify_feed(smtp_inptr, n);
 #endif
@@ -661,7 +661,9 @@ for(;;)
   if (chunking_state == CHUNKING_LAST)
     {
 #ifndef DISABLE_DKIM
+    dkim_collect_input = dkim_save;
     dkim_exim_verify_feed(NULL, 0);	/* notify EOD */
+    dkim_collect_input = 0;
 #endif
     return EOD;
     }
@@ -2936,8 +2938,8 @@ if (!f.sender_host_unknown)
   /* Determine whether HELO/EHLO is required for this host. The requirement
   can be hard or soft. */
 
-  fl.helo_required = verify_check_host(&helo_verify_hosts) == OK;
-  if (!fl.helo_required)
+  fl.helo_verify_required = verify_check_host(&helo_verify_hosts) == OK;
+  if (!fl.helo_verify_required)
     fl.helo_verify = verify_check_host(&helo_try_verify_hosts) == OK;
 
   /* Determine whether this hosts is permitted to send syntactic junk
@@ -3015,7 +3017,7 @@ else
 
 p = s + Ustrlen(s);
 while (p > s && isspace(p[-1])) p--;
-*p = 0;
+s = string_copyn(s, p-s);
 
 /* It seems that CC:Mail is braindead, and assumes that the greeting message
 is all contained in a single IP packet. The original code wrote out the
@@ -3195,7 +3197,7 @@ which sometimes uses smtp_printf() and sometimes smtp_respond(). */
 
 if (fl.rcpt_in_progress)
   {
-  if (rcpt_smtp_response == NULL)
+  if (!rcpt_smtp_response)
     rcpt_smtp_response = string_copy(msg);
   else if (fl.rcpt_smtp_response_same &&
            Ustrcmp(rcpt_smtp_response, msg) != 0)
@@ -3210,7 +3212,7 @@ not the whole MAIL/RCPT/DATA response set. */
 for (;;)
   {
   uschar *nl = Ustrchr(msg, '\n');
-  if (nl == NULL)
+  if (!nl)
     {
     smtp_printf("%.3s%c%.*s%s\r\n", !final, code, final ? ' ':'-', esclen, esc, msg);
     return;
@@ -3266,27 +3268,26 @@ void
 smtp_message_code(uschar **code, int *codelen, uschar **msg, uschar **log_msg,
   BOOL check_valid)
 {
-int n;
-int ovector[3];
-
-if (!msg || !*msg) return;
+uschar * match;
+int len;
 
-if ((n = pcre_exec(regex_smtp_code, NULL, CS *msg, Ustrlen(*msg), 0,
-  PCRE_EOPT, ovector, sizeof(ovector)/sizeof(int))) < 0) return;
+if (!msg || !*msg || !regex_match(regex_smtp_code, *msg, -1, &match))
+  return;
 
+len = Ustrlen(match);
 if (check_valid && (*msg)[0] != (*code)[0])
   {
   log_write(0, LOG_MAIN|LOG_PANIC, "configured error code starts with "
     "incorrect digit (expected %c) in \"%s\"", (*code)[0], *msg);
-  if (log_msg != NULL && *log_msg == *msg)
-    *log_msg = string_sprintf("%s %s", *code, *log_msg + ovector[1]);
+  if (log_msg && *log_msg == *msg)
+    *log_msg = string_sprintf("%s %s", *code, *log_msg + len);
   }
 else
   {
   *code = *msg;
-  *codelen = ovector[1];    /* Includes final space */
+  *codelen = len;    /* Includes final space */
   }
-*msg += ovector[1];         /* Chop the code off the message */
+*msg += len;         /* Chop the code off the message */
 return;
 }
 
@@ -3981,7 +3982,6 @@ int
 smtp_setup_msg(void)
 {
 int done = 0;
-int mailmax = -1;
 BOOL toomany = FALSE;
 BOOL discarded = FALSE;
 BOOL last_was_rej_mail = FALSE;
@@ -4251,7 +4251,7 @@ while (done <= 0)
       /* If sender_host_unknown is true, we have got here via the -bs interface,
       not called from inetd. Otherwise, we are running an IP connection and the
       host address will be set. If the helo name is the primary name of this
-      host and we haven't done a reverse lookup, force one now. If helo_required
+      host and we haven't done a reverse lookup, force one now. If helo_verify_required
       is set, ensure that the HELO name matches the actual host. If helo_verify
       is set, do the same check, but softly. */
 
@@ -4279,19 +4279,19 @@ while (done <= 0)
 	  tls_in.active.sock >= 0 ? " TLS" : "", host_and_ident(FALSE));
 
 	/* Verify if configured. This doesn't give much security, but it does
-	make some people happy to be able to do it. If helo_required is set,
+	make some people happy to be able to do it. If helo_verify_required is set,
 	(host matches helo_verify_hosts) failure forces rejection. If helo_verify
 	is set (host matches helo_try_verify_hosts), it does not. This is perhaps
 	now obsolescent, since the verification can now be requested selectively
 	at ACL time. */
 
 	f.helo_verified = f.helo_verify_failed = sender_helo_dnssec = FALSE;
-	if (fl.helo_required || fl.helo_verify)
+	if (fl.helo_verify_required || fl.helo_verify)
 	  {
 	  BOOL tempfail = !smtp_verify_helo();
 	  if (!f.helo_verified)
 	    {
-	    if (fl.helo_required)
+	    if (fl.helo_verify_required)
 	      {
 	      smtp_printf("%d %s argument does not match calling host\r\n", FALSE,
 		tempfail? 451 : 550, hello);
@@ -4348,7 +4348,7 @@ while (done <= 0)
 #endif
 
       /* Expand the per-connection message count limit option */
-      mailmax = expand_mailmax(smtp_accept_max_per_connection);
+      smtp_mailcmd_max = expand_mailmax(smtp_accept_max_per_connection);
 
       smtp_code = US"250 ";        /* Default response code plus space*/
       if (!user_msg)
@@ -4410,12 +4410,12 @@ while (done <= 0)
 	  }
 
 #ifdef EXPERIMENTAL_ESMTP_LIMITS
-	if (  (mailmax > 0 || recipients_max)
+	if (  (smtp_mailcmd_max > 0 || recipients_max)
 	   && verify_check_host(&limits_advertise_hosts) == OK)
 	  {
 	  g = string_fmt_append(g, "%.3s-LIMITS", smtp_code);
-	  if (mailmax > 0)
-	    g = string_fmt_append(g, " MAILMAX=%d", mailmax);
+	  if (smtp_mailcmd_max > 0)
+	    g = string_fmt_append(g, " MAILMAX=%d", smtp_mailcmd_max);
 	  if (recipients_max)
 	    g = string_fmt_append(g, " RCPTMAX=%d", recipients_max);
 	  g = string_catn(g, US"\r\n", 2);
@@ -4639,15 +4639,16 @@ while (done <= 0)
       env_mail_type_t * mail_args;       /* Sanity check & validate args */
 
       if (!fl.helo_seen)
-	if (fl.helo_required)
+	if (  fl.helo_verify_required
+	   || verify_check_host(&hosts_require_helo) == OK)
 	  {
 	  smtp_printf("503 HELO or EHLO required\r\n", FALSE);
 	  log_write(0, LOG_MAIN|LOG_REJECT, "rejected MAIL from %s: no "
 	    "HELO/EHLO given", host_and_ident(FALSE));
 	  break;
 	  }
-	else if (mailmax < 0)
-	  mailmax = expand_mailmax(smtp_accept_max_per_connection);
+	else if (smtp_mailcmd_max < 0)
+	  smtp_mailcmd_max = expand_mailmax(smtp_accept_max_per_connection);
 
       if (sender_address)
 	{
@@ -4666,7 +4667,7 @@ while (done <= 0)
       /* Check to see if the limit for messages per connection would be
       exceeded by accepting further messages. */
 
-      if (mailmax > 0 && smtp_mailcmd_count > mailmax)
+      if (smtp_mailcmd_max > 0 && smtp_mailcmd_count > smtp_mailcmd_max)
 	{
 	smtp_printf("421 too many messages in this connection\r\n", FALSE);
 	log_write(0, LOG_MAIN|LOG_REJECT, "rejected MAIL command %s: too many "