${lookup pgsql,servers=master/db/name/pw {UPDATE ...} }
.endd
-An older syntax places the servers specification before the query,
+.new
+A now-deprecated syntax places the servers specification before the query,
semicolon separated:
.code
${lookup mysql{servers=master; UPDATE ...} }
.endd
-The new version avoids potential issues with tainted
-arguments in the query, for explicit expansion.
+The new version avoids issues with tainted
+arguments explicitly expanded as part of the query.
+The entire string within the braces becomes tainted,
+including the server sepcification - which is not permissible.
+If the older sytax is used, a warning message will be logged.
+This syntax will be removed in a future release.
+.wen
+
&*Note*&: server specifications in list-style lookups are still problematic.
.section "Expansion of lists" "SECTlistexpand"
.cindex "expansion" "of lists"
Each list is expanded as a single string before it is used.
+.cindex "tainted data" tracking
+&*Note*&: As a result, if any componend was tainted then the
+entire result string becomes tainted.
&'Exception: the router headers_remove option, where list-item
splitting is done before string-expansion.'&
below in section &<<SECTexpansionitems>>& onwards. Backslash is used as an
escape character, as described in the following section.
+.cindex "tainted data" tracking
+If any porttion of the result string is tainted, the entire result is.
+
Whether a string is expanded depends upon the context. Usually this is solely
dependent upon the option for which a value is sought; in this documentation,
options for which string expansion is performed are marked with † after
type=mysql key="servers=x:127.0.0.1::PORT_N; select name from them where id='ph10';" opts=NULL
database lookup required for servers=x:127.0.0.1::PORT_N; select name from them where id='ph10';
MySQL query: "servers=x:127.0.0.1::PORT_N; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+ Exim configuration error in line 87 of TESTSUITE/test-config:
+ WARNING: obslete syntax used for lookup
+
lookup deferred: MySQL server "x" not found in mysql_servers
search_open: mysql "NULL"
cached open
type=mysql key="servers=127.0.0.1::PORT_N:x; select name from them where id='ph10';" opts=NULL
database lookup required for servers=127.0.0.1::PORT_N:x; select name from them where id='ph10';
MySQL query: "servers=127.0.0.1::PORT_N:x; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+ Exim configuration error in line 87 of TESTSUITE/test-config:
+ WARNING: obslete syntax used for lookup
+
MYSQL using cached connection for 127.0.0.1:PORT_N/test/root
creating new cache entry
lookup yielded: Philip Hazel
type=mysql key="servers=127.0.0.1::PORT_N/test/root/:x; select name from them where id='ph10';" opts=NULL
database lookup required for servers=127.0.0.1::PORT_N/test/root/:x; select name from them where id='ph10';
MySQL query: "servers=127.0.0.1::PORT_N/test/root/:x; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+ Exim configuration error in line 87 of TESTSUITE/test-config:
+ WARNING: obslete syntax used for lookup
+
MYSQL using cached connection for 127.0.0.1:PORT_N/test/root
creating new cache entry
lookup yielded: Philip Hazel
type=mysql key="servers=ip4.ip4.ip4.ip4::1223/test/root/:127.0.0.1::PORT_N; select name from them where id='ph10';" opts=NULL
database lookup required for servers=ip4.ip4.ip4.ip4::1223/test/root/:127.0.0.1::PORT_N; select name from them where id='ph10';
MySQL query: "servers=ip4.ip4.ip4.ip4::1223/test/root/:127.0.0.1::PORT_N; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+ Exim configuration error in line 87 of TESTSUITE/test-config:
+ WARNING: obslete syntax used for lookup
+
MYSQL new connection: host=ip4.ip4.ip4.ip4 port=PORT_N socket=NULL database=test user=root
creating new cache entry
lookup yielded: Philip Hazel
type=mysql key="servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10';" opts=NULL
database lookup required for servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10';
MySQL query: "servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+ Exim configuration error in line 87 of TESTSUITE/test-config:
+ WARNING: obslete syntax used for lookup
+
MYSQL new connection: host=localhost port=0 socket=TESTSUITE/mysql/sock database=test user=root
creating new cache entry
lookup yielded: Philip Hazel
database lookup required for servers=127.0.0.1::PORT_N/test/root/pass; select name from them where id = 'c'
(tainted, quoted:mysql)
MySQL query: "servers=127.0.0.1::PORT_N/test/root/pass; select name from them where id = 'c'" opts 'NULL'
+LOG: MAIN
+ Exim configuration error in line 87 of TESTSUITE/test-config:
+ WARNING: obslete syntax used for lookup
+
lookup deferred: MySQL server "127.0.0.1:PORT_N/test/root/pass" is tainted
warn: condition test deferred in ACL "check_recipient"
LOG: MAIN
database lookup required for servers=127.0.0.1::PORT_N/test/root/pass; select * from them where id='c'
(tainted, quoted:mysql)
MySQL query: "servers=127.0.0.1::PORT_N/test/root/pass; select * from them where id='c'" opts 'NULL'
+LOG: MAIN
+ Exim configuration error in line 87 of TESTSUITE/test-config:
+ WARNING: obslete syntax used for lookup
+
lookup deferred: MySQL server "127.0.0.1:PORT_N/test/root/pass" is tainted
host in "<& net-mysql;servers=127.0.0.1::PORT_N/test/root/pass; select * from them where id='c'"? list match deferred for net-mysql;servers=127.0.0.1::1223/test/root/pass; select * from them where id='c'
warn: condition test deferred in ACL "check_recipient"
git://git.exim.org / exim.git / commitdiff