X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/e162fc9757d4b8cb41aca74214e968622d6c3dee..3c51463e961cb96df8f624420f833c65505bb451:/src/src/verify.c diff --git a/src/src/verify.c b/src/src/verify.c index 435570bc8..ef95394d3 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -174,7 +174,7 @@ dbdata_callout_cache new_domain_record; dbdata_callout_cache_address new_address_record; host_item *host; time_t callout_start_time; -#ifdef EXPERIMENTAL_INTERNATIONAL +#ifdef SUPPORT_I18N BOOL utf8_offered = FALSE; #endif @@ -687,7 +687,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. if (!(done= smtp_read_response(&inblock, responsebuffer, sizeof(responsebuffer), '2', callout))) goto RESPONSE_FAILED; -#ifdef EXPERIMENTAL_EVENT +#ifndef DISABLE_EVENT lookup_dnssec_authenticated = host->dnssec==DS_YES ? US"yes" : host->dnssec==DS_NO ? US"no" : NULL; if (event_raise(addr->transport->event_action, @@ -811,7 +811,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. if (rc == DEFER) { (void)close(inblock.sock); -# ifdef EXPERIMENTAL_EVENT +# ifndef DISABLE_EVENT (void) event_raise(addr->transport->event_action, US"tcp:close", NULL); # endif @@ -924,7 +924,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. } } -#ifdef EXPERIMENTAL_INTERNATIONAL +#ifdef SUPPORT_I18N else if ( addr->prop.utf8_msg && !addr->prop.utf8_downcvt && !( esmtp @@ -976,7 +976,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. /* Send the MAIL command */ (smtp_write_command(&outblock, FALSE, -#ifdef EXPERIMENTAL_INTERNATIONAL +#ifdef SUPPORT_I18N addr->prop.utf8_msg && !addr->prop.utf8_downcvt ? "MAIL FROM:<%s>%s SMTPUTF8\r\n" : @@ -1022,7 +1022,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. { const uschar * rcpt_domain = addr->domain; -#ifdef EXPERIMENTAL_INTERNATIONAL +#ifdef SUPPORT_I18N uschar * errstr = NULL; if ( testflag(addr, af_utf8_downcvt) && (rcpt_domain = string_domain_utf8_to_alabel(rcpt_domain, @@ -1084,7 +1084,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. '2', callout) && smtp_write_command(&outblock, FALSE, -#ifdef EXPERIMENTAL_INTERNATIONAL +#ifdef SUPPORT_I18N addr->prop.utf8_msg && !addr->prop.utf8_downcvt ? "MAIL FROM:<%s> SMTPUTF8\r\n" : @@ -1103,7 +1103,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. tls_close(FALSE, TRUE); #endif (void)close(inblock.sock); -#ifdef EXPERIMENTAL_EVENT +#ifndef DISABLE_EVENT (void) event_raise(addr->transport->event_action, US"tcp:close", NULL); #endif @@ -1124,7 +1124,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. uschar * rcpt = transport_rcpt_address(addr, addr->transport ? addr->transport->rcpt_include_affixes : FALSE); -#ifdef EXPERIMENTAL_INTERNATIONAL +#ifdef SUPPORT_I18N /*XXX should the conversion be moved into transport_rcpt_address() ? */ uschar * dummy_errstr = NULL; if ( testflag(addr, af_utf8_downcvt) @@ -1229,7 +1229,7 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. HDEBUG(D_verify) debug_printf("SMTP timeout\n"); send_quit = FALSE; } -#ifdef EXPERIMENTAL_INTERNATIONAL +#ifdef SUPPORT_I18N else if (errno == ERRNO_UTF8_FWD) { extern int acl_where; /* src/acl.c */ @@ -1312,9 +1312,8 @@ can do it there for the non-rcpt-verify case. For this we keep an addresscount. tls_close(FALSE, TRUE); #endif (void)close(inblock.sock); -#ifdef EXPERIMENTAL_EVENT - (void) event_raise(addr->transport->event_action, - US"tcp:close", NULL); +#ifndef DISABLE_EVENT + (void) event_raise(addr->transport->event_action, US"tcp:close", NULL); #endif } @@ -2004,6 +2003,7 @@ while (addr_new != NULL) if (callout > 0) { host_item *host_list = addr->host_list; + transport_instance * tp; /* Make up some data for use in the case where there is no remote transport. */ @@ -2025,9 +2025,9 @@ while (addr_new != NULL) transport's options, so as to mimic what would happen if we were really sending a message to this address. */ - if (addr->transport != NULL && !addr->transport->info->local) + if ((tp = addr->transport) && !tp->info->local) { - (void)(addr->transport->setup)(addr->transport, addr, &tf, 0, 0, NULL); + (void)(tp->setup)(tp, addr, &tf, 0, 0, NULL); /* If the transport has hosts and the router does not, or if the transport is configured to override the router's hosts, we must build a @@ -2051,7 +2051,7 @@ while (addr_new != NULL) { log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand list of hosts " "\"%s\" in %s transport for callout: %s", tf.hosts, - addr->transport->name, expand_string_message); + tp->name, expand_string_message); } else { @@ -2078,11 +2078,10 @@ while (addr_new != NULL) else { dnssec_domains * dnssec_domains = NULL; - if (Ustrcmp(addr->transport->driver_name, "smtp") == 0) + if (Ustrcmp(tp->driver_name, "smtp") == 0) { smtp_transport_options_block * ob = - (smtp_transport_options_block *) - addr->transport->options_block; + (smtp_transport_options_block *) tp->options_block; dnssec_domains = &ob->dnssec; } @@ -2291,11 +2290,12 @@ if (allok && addr_local == NULL && addr_remote == NULL) } for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++) - { - while (addr_list != NULL) + while (addr_list) { address_item *addr = addr_list; address_item *p = addr->parent; + transport_instance * tp = addr->transport; + addr_list = addr->next; fprintf(f, "%s", CS addr->address); @@ -2309,73 +2309,56 @@ for (addr_list = addr_local, i = 0; i < 2; addr_list = addr_remote, i++) if (!testflag(addr, af_pfr)) { tree_node *tnode; - if ((tnode = tree_search(tree_duplicates, addr->unique)) != NULL) + if ((tnode = tree_search(tree_duplicates, addr->unique))) fprintf(f, " [duplicate, would not be delivered]"); else tree_add_duplicate(addr->unique, addr); } /* Now show its parents */ - while (p != NULL) - { + for (p = addr->parent; p; p = p->parent) fprintf(f, "\n <-- %s", p->address); - p = p->parent; - } fprintf(f, "\n "); /* Show router, and transport */ - fprintf(f, "router = %s, ", addr->router->name); - fprintf(f, "transport = %s\n", (addr->transport == NULL)? US"unset" : - addr->transport->name); + fprintf(f, "router = %s, transport = %s\n", + addr->router->name, tp ? tp->name : US"unset"); /* Show any hosts that are set up by a router unless the transport is going to override them; fiddle a bit to get a nice format. */ - if (addr->host_list != NULL && addr->transport != NULL && - !addr->transport->overrides_hosts) + if (addr->host_list && tp && !tp->overrides_hosts) { host_item *h; int maxlen = 0; int maxaddlen = 0; - for (h = addr->host_list; h != NULL; h = h->next) - { + for (h = addr->host_list; h; h = h->next) + { /* get max lengths of host names, addrs */ int len = Ustrlen(h->name); if (len > maxlen) maxlen = len; - len = (h->address != NULL)? Ustrlen(h->address) : 7; + len = h->address ? Ustrlen(h->address) : 7; if (len > maxaddlen) maxaddlen = len; } - for (h = addr->host_list; h != NULL; h = h->next) - { - int len = Ustrlen(h->name); - fprintf(f, " host %s ", h->name); - while (len++ < maxlen) fprintf(f, " "); - if (h->address != NULL) - { - fprintf(f, "[%s] ", h->address); - len = Ustrlen(h->address); - } - else if (!addr->transport->info->local) /* Omit [unknown] for local */ - { - fprintf(f, "[unknown] "); - len = 7; - } - else len = -3; - while (len++ < maxaddlen) fprintf(f," "); - if (h->mx >= 0) fprintf(f, "MX=%d", h->mx); + for (h = addr->host_list; h; h = h->next) + { + fprintf(f, " host %-*s ", maxlen, h->name); + + if (h->address) + fprintf(f, "[%s%-*c", h->address, maxaddlen+1 - Ustrlen(h->address), ']'); + else if (tp->info->local) + fprintf(f, " %-*s ", maxaddlen, ""); /* Omit [unknown] for local */ + else + fprintf(f, "[%s%-*c", "unknown", maxaddlen+1 - 7, ']'); + + if (h->mx >= 0) fprintf(f, " MX=%d", h->mx); if (h->port != PORT_NONE) fprintf(f, " port=%d", h->port); - if (running_in_test_harness) -#ifndef DISABLE_DNSSEC - fprintf(f, " ad=%s", h->dnssec==DS_YES ? "yes" : "no"); -#else - fprintf(f, " ad=no"); -#endif - if (h->status == hstatus_unusable) fprintf(f, " ** unusable **"); - fprintf(f, "\n"); + if (running_in_test_harness && h->dnssec == DS_YES) fputs(" AD", f); + if (h->status == hstatus_unusable) fputs(" ** unusable **", f); + fputc('\n', f); } } } - } /* Yield will be DEFER or FAIL if any one address has, only for full_info (which is the -bv or -bt case). */ @@ -3893,7 +3876,9 @@ Note: an address for testing DUL is 192.203.178.4 Note: a domain for testing RFCI is example.tld.dsn.rfc-ignorant.org Arguments: + where the acl type listptr the domain/address/data list + log_msgptr log message on error Returns: OK successful lookup (i.e. the address is on the list), or lookup deferred after +include_unknown @@ -3903,7 +3888,7 @@ Returns: OK successful lookup (i.e. the address is on the list), or */ int -verify_check_dnsbl(const uschar **listptr) +verify_check_dnsbl(int where, const uschar ** listptr, uschar ** log_msgptr) { int sep = 0; int defer_return = FAIL; @@ -3950,21 +3935,19 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL /* See if there's explicit data to be looked up */ - key = Ustrchr(domain, '/'); - if (key != NULL) *key++ = 0; + if ((key = Ustrchr(domain, '/'))) *key++ = 0; /* See if there's a list of addresses supplied after the domain name. This is introduced by an = or a & character; if preceded by = we require all matches and if preceded by ! we invert the result. */ - iplist = Ustrchr(domain, '='); - if (iplist == NULL) + if (!(iplist = Ustrchr(domain, '='))) { bitmask = TRUE; iplist = Ustrchr(domain, '&'); } - if (iplist != NULL) /* Found either = or & */ + if (iplist) /* Found either = or & */ { if (iplist > domain && iplist[-1] == '!') /* Handle preceding ! */ { @@ -3983,6 +3966,7 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL } } + /* If there is a comma in the domain, it indicates that a second domain for looking up TXT records is provided, before the main domain. Otherwise we must set domain_txt == domain. */ @@ -4028,6 +4012,13 @@ while ((domain = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL if (key == NULL) { + if (where == ACL_WHERE_NOTSMTP_START || where == ACL_WHERE_NOTSMTP) + { + *log_msgptr = string_sprintf + ("cannot test auto-keyed dnslists condition in %s ACL", + acl_wherenames[where]); + return ERROR; + } if (sender_host_address == NULL) return FAIL; /* can never match */ if (revadd[0] == 0) invert_address(revadd, sender_host_address); rc = one_check_dnsbl(domain, domain_txt, sender_host_address, revadd,