X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/8c5d388a6e12d1a8bd4aa565920238f8a921414a..07eeb4df55e6c0843156aedaacf32bfebe0e9eaa:/src/src/acl.c diff --git a/src/src/acl.c b/src/src/acl.c index f310a87d3..492e9bf17 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -2,7 +2,7 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2015 */ +/* Copyright (c) University of Cambridge 1995 - 2016 */ /* See the file NOTICE for conditions of use and distribution. */ /* Code for handling Access Control Lists (ACLs) */ @@ -65,9 +65,6 @@ enum { ACLC_ACL, ACLC_DECODE, #endif ACLC_DELAY, -#ifdef WITH_OLD_DEMIME - ACLC_DEMIME, -#endif #ifndef DISABLE_DKIM ACLC_DKIM_SIGNER, ACLC_DKIM_STATUS, @@ -91,6 +88,7 @@ enum { ACLC_ACL, #ifdef WITH_CONTENT_SCAN ACLC_MIME_REGEX, #endif + ACLC_QUEUE, ACLC_RATELIMIT, ACLC_RECIPIENTS, #ifdef WITH_CONTENT_SCAN @@ -111,7 +109,7 @@ enum { ACLC_ACL, ACLC_VERIFY }; /* ACL conditions/modifiers: "delay", "control", "continue", "endpass", -"message", "log_message", "log_reject_target", "logwrite", and "set" are +"message", "log_message", "log_reject_target", "logwrite", "queue" and "set" are modifiers that look like conditions but always return TRUE. They are used for their side effects. */ @@ -132,9 +130,6 @@ static uschar *conditions[] = { US"decode", #endif US"delay", -#ifdef WITH_OLD_DEMIME - US"demime", -#endif #ifndef DISABLE_DKIM US"dkim_signers", US"dkim_status", @@ -158,13 +153,16 @@ static uschar *conditions[] = { #ifdef WITH_CONTENT_SCAN US"mime_regex", #endif + US"queue", US"ratelimit", US"recipients", #ifdef WITH_CONTENT_SCAN US"regex", #endif US"remove_header", - US"sender_domains", US"senders", US"set", + US"sender_domains", + US"senders", + US"set", #ifdef WITH_CONTENT_SCAN US"spam", #endif @@ -281,9 +279,6 @@ static uschar cond_expand_at_top[] = { TRUE, /* decode */ #endif TRUE, /* delay */ -#ifdef WITH_OLD_DEMIME - TRUE, /* demime */ -#endif #ifndef DISABLE_DKIM TRUE, /* dkim_signers */ TRUE, /* dkim_status */ @@ -307,6 +302,7 @@ static uschar cond_expand_at_top[] = { #ifdef WITH_CONTENT_SCAN TRUE, /* mime_regex */ #endif + TRUE, /* queue */ TRUE, /* ratelimit */ FALSE, /* recipients */ #ifdef WITH_CONTENT_SCAN @@ -346,9 +342,6 @@ static uschar cond_modifiers[] = { FALSE, /* decode */ #endif TRUE, /* delay */ -#ifdef WITH_OLD_DEMIME - FALSE, /* demime */ -#endif #ifndef DISABLE_DKIM FALSE, /* dkim_signers */ FALSE, /* dkim_status */ @@ -372,6 +365,7 @@ static uschar cond_modifiers[] = { #ifdef WITH_CONTENT_SCAN FALSE, /* mime_regex */ #endif + TRUE, /* queue */ FALSE, /* ratelimit */ FALSE, /* recipients */ #ifdef WITH_CONTENT_SCAN @@ -453,15 +447,6 @@ static unsigned int cond_forbids[] = { (1<next)); @@ -2022,15 +2017,15 @@ message if giving out verification details. */ if (verify_header_sender) { int verrno; - rc = verify_check_header_address(user_msgptr, log_msgptr, callout, + + if ((rc = verify_check_header_address(user_msgptr, log_msgptr, callout, callout_overall, callout_connect, se_mailfrom, pm_mailfrom, verify_options, - &verrno); - if (rc != OK) + &verrno)) != OK) { *basic_errno = verrno; if (smtp_return_error_details) { - if (*user_msgptr == NULL && *log_msgptr != NULL) + if (!*user_msgptr && *log_msgptr) *user_msgptr = string_sprintf("Rejected after DATA: %s", *log_msgptr); if (rc == DEFER) acl_temp_details = TRUE; } @@ -2052,10 +2047,9 @@ Therefore, we always do a full sender verify when any kind of callout is specified. Caching elsewhere, for instance in the DNS resolver and in the callout handling, should ensure that this is not terribly inefficient. */ -else if (verify_sender_address != NULL) +else if (verify_sender_address) { - if ((verify_options & (vopt_callout_recipsender|vopt_callout_recippmaster)) - != 0) + if ((verify_options & (vopt_callout_recipsender|vopt_callout_recippmaster))) { *log_msgptr = US"use_sender or use_postmaster cannot be used for a " "sender verify callout"; @@ -2071,7 +2065,9 @@ else if (verify_sender_address != NULL) callout that was done previously). If the "routed" flag is not set, routing must have failed, so we use the saved return code. */ - if (testflag(sender_vaddr, af_verify_routed)) rc = OK; else + if (testflag(sender_vaddr, af_verify_routed)) + rc = OK; + else { rc = sender_vaddr->special_action; *basic_errno = sender_vaddr->basic_errno; @@ -2125,22 +2121,21 @@ else if (verify_sender_address != NULL) HDEBUG(D_acl) debug_printf("----------- end verify ------------\n"); - if (rc == OK) - { - if (Ustrcmp(sender_vaddr->address, verify_sender_address) != 0) - { - DEBUG(D_acl) debug_printf("sender %s verified ok as %s\n", - verify_sender_address, sender_vaddr->address); - } - else - { - DEBUG(D_acl) debug_printf("sender %s verified ok\n", - verify_sender_address); - } - } - else *basic_errno = sender_vaddr->basic_errno; + if (rc != OK) + *basic_errno = sender_vaddr->basic_errno; + else + DEBUG(D_acl) + { + if (Ustrcmp(sender_vaddr->address, verify_sender_address) != 0) + debug_printf("sender %s verified ok as %s\n", + verify_sender_address, sender_vaddr->address); + else + debug_printf("sender %s verified ok\n", + verify_sender_address); + } } - else rc = OK; /* Null sender */ + else + rc = OK; /* Null sender */ /* Cache the result code */ @@ -2372,17 +2367,13 @@ rate measurement as opposed to rate limiting. */ sender_rate_limit = string_nextinlist(&arg, &sep, NULL, 0); if (sender_rate_limit == NULL) - { - limit = -1.0; - ss = NULL; /* compiler quietening */ - } -else - { - limit = Ustrtod(sender_rate_limit, &ss); - if (tolower(*ss) == 'k') { limit *= 1024.0; ss++; } - else if (tolower(*ss) == 'm') { limit *= 1024.0*1024.0; ss++; } - else if (tolower(*ss) == 'g') { limit *= 1024.0*1024.0*1024.0; ss++; } - } + return ratelimit_error(log_msgptr, "sender rate limit not set"); + +limit = Ustrtod(sender_rate_limit, &ss); +if (tolower(*ss) == 'k') { limit *= 1024.0; ss++; } +else if (tolower(*ss) == 'm') { limit *= 1024.0*1024.0; ss++; } +else if (tolower(*ss) == 'g') { limit *= 1024.0*1024.0*1024.0; ss++; } + if (limit < 0.0 || *ss != '\0') return ratelimit_error(log_msgptr, "\"%s\" is not a positive number", sender_rate_limit); @@ -2997,8 +2988,6 @@ acl_check_condition(int verb, acl_condition_block *cb, int where, { uschar *user_message = NULL; uschar *log_message = NULL; -uschar *debug_tag = NULL; -uschar *debug_opts = NULL; int rc = OK; #ifdef WITH_CONTENT_SCAN int sep = -'/'; @@ -3350,24 +3339,39 @@ for (; cb != NULL; cb = cb->next) break; case CONTROL_DEBUG: - while (*p == '/') { - if (Ustrncmp(p, "/tag=", 5) == 0) - { - const uschar *pp = p + 5; - while (*pp != '\0' && *pp != '/') pp++; - debug_tag = string_copyn(p+5, pp-p-5); - p = pp; - } - else if (Ustrncmp(p, "/opts=", 6) == 0) + uschar * debug_tag = NULL; + uschar * debug_opts = NULL; + BOOL kill = FALSE; + + while (*p == '/') { - const uschar *pp = p + 6; - while (*pp != '\0' && *pp != '/') pp++; - debug_opts = string_copyn(p+6, pp-p-6); + const uschar * pp = p+1; + if (Ustrncmp(pp, "tag=", 4) == 0) + { + for (pp += 4; *pp && *pp != '/';) pp++; + debug_tag = string_copyn(p+5, pp-p-5); + } + else if (Ustrncmp(pp, "opts=", 5) == 0) + { + for (pp += 5; *pp && *pp != '/';) pp++; + debug_opts = string_copyn(p+6, pp-p-6); + } + else if (Ustrncmp(pp, "kill", 4) == 0) + { + for (pp += 4; *pp && *pp != '/';) pp++; + kill = TRUE; + } + else + while (*pp && *pp != '/') pp++; p = pp; } + + if (kill) + debug_logging_stop(); + else + debug_logging_activate(debug_tag, debug_opts); } - debug_logging_activate(debug_tag, debug_opts); break; case CONTROL_SUPPRESS_LOCAL_FIXUPS: @@ -3533,19 +3537,13 @@ for (; cb != NULL; cb = cb->next) } break; - #ifdef WITH_OLD_DEMIME - case ACLC_DEMIME: - rc = demime(&arg); - break; - #endif - #ifndef DISABLE_DKIM case ACLC_DKIM_SIGNER: if (dkim_cur_signer != NULL) rc = match_isinlist(dkim_cur_signer, &arg,0,NULL,NULL,MCL_STRING,TRUE,NULL); else - rc = FAIL; + rc = FAIL; break; case ACLC_DKIM_STATUS: @@ -3567,7 +3565,7 @@ for (; cb != NULL; cb = cb->next) #endif case ACLC_DNSLISTS: - rc = verify_check_dnsbl(&arg); + rc = verify_check_dnsbl(where, &arg, log_msgptr); break; case ACLC_DOMAINS: @@ -3704,6 +3702,10 @@ for (; cb != NULL; cb = cb->next) break; #endif + case ACLC_QUEUE: + queue_name = string_copy_malloc(arg); + break; + case ACLC_RATELIMIT: rc = acl_ratelimit(arg, where, log_msgptr); break; @@ -3744,7 +3746,7 @@ for (; cb != NULL; cb = cb->next) { int old_pool = store_pool; if ( cb->u.varname[0] == 'c' -#ifdef EXPERIMENTAL_EVENT +#ifndef DISABLE_EVENT || event_name /* An event is being delivered */ #endif ) @@ -4452,9 +4454,9 @@ ratelimiters_cmd = NULL; log_reject_target = LOG_MAIN|LOG_REJECT; #ifndef DISABLE_PRDR -if (where == ACL_WHERE_RCPT || where == ACL_WHERE_PRDR) +if (where==ACL_WHERE_RCPT || where==ACL_WHERE_VRFY || where==ACL_WHERE_PRDR) #else -if (where == ACL_WHERE_RCPT) +if (where==ACL_WHERE_RCPT || where==ACL_WHERE_VRFY) #endif { adb = address_defaults; @@ -4485,8 +4487,8 @@ and WHERE_RCPT and not yet opened conn as result of recipient-verify, and rcpt acl returned accept, and first recipient (cancel on any subsequents) open one now and run it up to RCPT acceptance. -A failed verify should cancel cutthrough request. - +A failed verify should cancel cutthrough request, +and will pass the fail to the originator. Initial implementation: dual-write to spool. Assume the rxd datastream is now being copied byte-for-byte to an open cutthrough connection. @@ -4505,12 +4507,14 @@ case ACL_WHERE_RCPT: #ifndef DISABLE_PRDR case ACL_WHERE_PRDR: #endif - if (rc == OK && cutthrough.delivery && rcpt_count > cutthrough.nrcpt) - open_cutthrough_connection(addr); + if (host_checking_callout) /* -bhc mode */ + cancel_cutthrough_connection("host-checking mode"); + else if (rc == OK && cutthrough.delivery && rcpt_count > cutthrough.nrcpt) + rc = open_cutthrough_connection(addr); break; case ACL_WHERE_PREDATA: - if( rc == OK ) + if (rc == OK) cutthrough_predata(); else cancel_cutthrough_connection("predata acl not ok");