X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/f9ba5e2255cf18092750fffacb6a9603571a2be5..2d0dc9298e36bb9c010ede2c42db16e3ab00da79:/src/src/exim.c

diff --git a/src/src/exim.c b/src/src/exim.c
index 354cdf7a8..870b33949 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -832,6 +832,9 @@ fprintf(f, "Support for:");
 #ifdef WITH_CONTENT_SCAN
   fprintf(f, " Content_Scanning");
 #endif
+#ifdef SUPPORT_DANE
+  fprintf(f, " DANE");
+#endif
 #ifndef DISABLE_DKIM
   fprintf(f, " DKIM");
 #endif
@@ -875,9 +878,6 @@ fprintf(f, "Support for:");
 #ifdef EXPERIMENTAL_BRIGHTMAIL
   fprintf(f, " Experimental_Brightmail");
 #endif
-#ifdef EXPERIMENTAL_DANE
-  fprintf(f, " Experimental_DANE");
-#endif
 #ifdef EXPERIMENTAL_DCC
   fprintf(f, " Experimental_DCC");
 #endif
@@ -1295,32 +1295,6 @@ exit(EXIT_FAILURE);
 *    Validate that the macros given are okay     *
 *************************************************/
 
-#ifdef WHITELIST_D_MACROS
-static void
-wlist_check(uschar * name, uschar * val, void * ctx)
-{
-uschar ** w, ** whites = ctx;
-unsigned len;
-int n;
-
-for (w = whites; *w; ++w)
-  if (Ustrcmp(*w, name) == 0) break;
-if (*w) 
-  {
-  if (!val || !*val) return;
-  len = Ustrlen(val);
-  if ((n = pcre_exec(regex_whitelisted_macro, NULL, CS val, len,
-		    0, PCRE_EOPT, NULL, 0)) >= 0)
-    return;
-  if (n != PCRE_ERROR_NOMATCH)
-    debug_printf("macros_trusted checking %s returned %d\n", name, n);
-  }
-*whites = NULL;
-return;
-}
-#endif
-
-
 /* Typically, Exim will drop privileges if macros are supplied.  In some
 cases, we want to not do so.
 
@@ -1333,7 +1307,7 @@ macros_trusted(BOOL opt_D_used)
 {
 #ifdef WHITELIST_D_MACROS
 macro_item *m;
-uschar *whitelisted, *end, *p, **whites;
+uschar *whitelisted, *end, *p, **whites, **w;
 int white_count, i, n;
 size_t len;
 BOOL prev_char_item, found;
@@ -1396,9 +1370,32 @@ for (p = whitelisted, i = 0; (p != end) && (i < white_count); ++p)
   }
 whites[i] = NULL;
 
-tree_walk(tree_macros, wlist_check, whites);
-if (!*whites) return FALSE;
-
+/* The list of commandline macros should be very short.
+Accept the N*M complexity. */
+for (m = macros_user; m; m = m->next) if (m->command_line)
+  {
+  found = FALSE;
+  for (w = whites; *w; ++w)
+    if (Ustrcmp(*w, m->name) == 0)
+      {
+      found = TRUE;
+      break;
+      }
+  if (!found)
+    return FALSE;
+  if (!m->replacement)
+    continue;
+  if ((len = m->replen) == 0)
+    continue;
+  n = pcre_exec(regex_whitelisted_macro, NULL, CS m->replacement, len,
+   0, PCRE_EOPT, NULL, 0);
+  if (n < 0)
+    {
+    if (n != PCRE_ERROR_NOMATCH)
+      debug_printf("macros_trusted checking %s returned %d\n", m->name, n);
+    return FALSE;
+    }
+  }
 DEBUG(D_any) debug_printf("macros_trusted overridden to true by whitelisting\n");
 return TRUE;
 #endif
@@ -1430,10 +1427,7 @@ len = Ustrlen(big_buffer);
 if (isupper(big_buffer[0]))
   {
   if (macro_read_assignment(big_buffer))
-    {
-    uschar * s = Ustrchr(big_buffer, '=');
-    printf("Defined macro '%.*s'\n", (int)(s - big_buffer), big_buffer);
-    }
+    printf("Defined macro '%s'\n", mlast->name);
   }
 else
   if ((line = expand_string(big_buffer))) printf("%s\n", CS line);
@@ -2428,11 +2422,12 @@ for (i = 1; i < argc; i++)
         while (isspace(*s)) s++;
         }
 
-      if (macro_search(name))
-        {
-        fprintf(stderr, "exim: duplicated -D in command line\n");
-        exit(EXIT_FAILURE);
-        }
+      for (m = macros_user; m; m = m->next)
+        if (Ustrcmp(m->name, name) == 0)
+          {
+          fprintf(stderr, "exim: duplicated -D in command line\n");
+          exit(EXIT_FAILURE);
+          }
 
       m = macro_create(name, s, TRUE);
 
@@ -2441,8 +2436,8 @@ for (i = 1; i < argc; i++)
         fprintf(stderr, "exim: too many -D options on command line\n");
         exit(EXIT_FAILURE);
         }
-      clmacros[clmacro_count++] = string_sprintf("-D%s=%s",
-	m->tnode.name, m->tnode.data.ptr);
+      clmacros[clmacro_count++] = string_sprintf("-D%s=%s", m->name,
+        m->replacement);
       }
     #endif
     break;
@@ -4993,7 +4988,7 @@ if (expansion_test)
 
   /* Only admin users may see config-file macros this way */
 
-  if (!admin_user) tree_macros = NULL;
+  if (!admin_user) macros_user = macros = mlast = NULL;
 
   /* Allow $recipients for this testing */
 
@@ -5213,7 +5208,7 @@ already been done (which it will have been for inetd). This caters for the
 case when it is forced by -oMa. However, we must flag that it isn't a socket,
 so that the test for IP options is skipped for -bs input. */
 
-if (sender_host_address != NULL && sender_fullhost == NULL)
+if (sender_host_address && !sender_fullhost)
   {
   host_build_sender_fullhost();
   set_process_info("handling incoming connection from %s via -oMa",