/* See the file NOTICE for conditions of use and distribution. */
/* SPDX-License-Identifier: GPL-2.0-or-later */
+#define LOOKUPAPI_H
/* The "type" field in each item is a set of bit flags:
}
+/* Don't actually alter the string; just copy to quoted-pool memory */
+
+static uschar *
+testdb_quote(uschar * s, uschar * opt, unsigned idx)
+{
+int len = Ustrlen(s) + 1;
+uschar * quoted = store_get_quoted(len, s, idx, US"testdb");
+memcpy(quoted, s, len);
+return quoted;
+}
+
/*************************************************
* Version reporting entry point *
*************************************************/
}
-static lookup_info _lookup_info = {
+static lookup_info testdb_lookup_info = {
.name = US"testdb", /* lookup name */
.type = lookup_querystyle, /* query-style lookup */
.open = testdb_open, /* open function */
.find = testdb_find, /* find function */
.close = NULL, /* no close function */
.tidy = NULL, /* no tidy function */
- .quote = NULL, /* no quoting function */
+ .quote = testdb_quote, /* quoting function */
+ .version_report = testdb_version_report /* version reporting */
+};
+
+static lookup_info testdb2_lookup_info = {
+ .name = US"testdb2", /* lookup name */
+ .type = lookup_querystyle, /* query-style lookup */
+ .open = testdb_open, /* open function */
+ .check = NULL, /* check function */
+ .find = testdb_find, /* find function */
+ .close = NULL, /* no close function */
+ .tidy = NULL, /* no tidy function */
+ .quote = testdb_quote, /* same quoting function */
+ .version_report = testdb_version_report /* version reporting */
+};
+
+static lookup_info testdb3_lookup_info = {
+ .name = US"testdb_nq", /* lookup name */
+ .type = lookup_querystyle, /* query-style lookup */
+ .open = testdb_open, /* open function */
+ .check = NULL, /* check function */
+ .find = testdb_find, /* find function */
+ .close = NULL, /* no close function */
+ .tidy = NULL, /* no tidy function */
+ .quote = NULL, /* NO quoting function */
.version_report = testdb_version_report /* version reporting */
};
#define testdb_lookup_module_info _lookup_module_info
#endif
-static lookup_info *_lookup_list[] = { &_lookup_info };
-lookup_module_info testdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 };
+static lookup_info *_lookup_list[] = {
+ &testdb_lookup_info,
+ &testdb2_lookup_info,
+ &testdb3_lookup_info
+};
+
+lookup_module_info testdb_lookup_module_info = {
+ LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 3 };
/* End of lookups/testdb.c */
const lookup_info * li = c->li;
expiring_data * e = NULL; /* compiler quietening */
uschar * data = NULL;
-int required_quoter_id = li->acq_num;
int old_pool = store_pool;
/* Lookups that return DEFER may not always set an error message. So that
*/
if ( !filename && li->quote
- && is_tainted(keystring) && !is_quoted_like(keystring, required_quoter_id))
+ && is_tainted(keystring) && !is_quoted_like(keystring, li))
{
const uschar * ks = keystring;
uschar * loc = acl_current_verb();
const uschar * quoter_name;
int q = quoter_for_address(ks, "er_name);
- debug_printf_indent("required_quoter_id %d (%s) quoting %d (%s)\n",
- required_quoter_id, li->name,
+ debug_printf_indent("required_quoter_id (%s) quoting %d (%s)\n",
+ li->name,
q, quoter_name);
}
#endif
There is extra complexity to handle lookup providers with multiple
find variants but shared quote functions. */
BOOL
-is_quoted_like(const void * p, unsigned quoter)
+is_quoted_like(const void * p, const void * v_q_li)
{
-const uschar * p_name, * q_name = NULL;
-const lookup_info * p_li, * q_li;
+const uschar * p_name;
+const lookup_info * p_li, * q_li = v_q_li;
void * p_qfn, * q_qfn;
(void) quoter_for_address(p, &p_name);
-(void) pool_for_quoter(quoter, &q_name);
-if (!p_name || !q_name) return FALSE;
+if (!p_name)
+ {
+ DEBUG(D_any) debug_printf("No quoter name for addr\n");
+ return FALSE;
+ }
p_li = search_findtype(p_name, Ustrlen(p_name));
p_qfn = p_li ? p_li->quote : NULL;
-q_li = search_findtype(q_name, Ustrlen(q_name));
q_qfn = q_li ? q_li->quote : NULL;
BOOL y = p_qfn == q_qfn;
#define GET_TAINTED (const void *)1
extern int quoter_for_address(const void *, const uschar **);
-extern BOOL is_quoted_like(const void *, unsigned);
+extern BOOL is_quoted_like(const void *, const void *);
extern BOOL is_real_quoter(int);
extern void debug_print_taint(const void * p);
begin ACL
check_mail:
- accept senders = testdb;<$sender_address>
+ accept senders = testdb;<${quote_testdb:$sender_address}>
# End
}
# Different builds will have different lookup types included
- s/required_quoter_id \K\d+ \((\w+)\) quoting -1 \(NULL\)$/NN ($1) quoting -1 (NULL)/;
# and different numbers of lookup types result in different type-code letters,
# so convert them all to "0"
s%(?<!lsearch)[^ ](?=TESTSUITE/aux-fixed/(?:0414.list[12]|0464.domains)$)%0%;
bad default: ${lookup testdb*{fail}}
bad default: ${lookup testdb*@{fail}}
****
+#
+exim -be
+set,t acl_m0 = expected_fail
+set,t acl_m1 = barbaz
+set,t acl_m2 = foo_2
+set,t acl_m3 = foo_3
+missing quoter: ${lookup testdb {$acl_m0}}
+proper quoter: ${lookup testdb {${quote_testdb:$acl_m1}}}
+missing (but cached): ${lookup testdb {$acl_m1}}
+shared quoter: ${lookup testdb2 {${quote_testdb:$acl_m2}}}
+quoter notreq: ${lookup testdb_nq {$acl_m3}}
+****
01:01:01 p1235 type=mysql key="select name from them where id = 'c'" opts="no_rd"
01:01:01 p1235 cached data found but wrong opts; database lookup required for select name from them where id = 'c'
01:01:01 p1235 (tainted)
+01:01:01 p1235 No quoter name for addr
01:01:01 p1235 LOG: MAIN PANIC
01:01:01 p1235 tainted search query is not properly quoted (ACL warn, TESTSUITE/test-config 26): select name from them where id = 'c'
-01:01:01 p1235 required_quoter_id NN (mysql) quoting -1 (NULL)
+01:01:01 p1235 required_quoter_id (mysql) quoting -1 (NULL)
01:01:01 p1235 MySQL query: "select name from them where id = 'c'" opts 'no_rd'
01:01:01 p1235 MYSQL using cached connection for 127.0.0.1:PORT_N/test/root
01:01:01 p1235 MYSQL: no data found
01:01:01 p1235 type=mysql key="servers=127.0.0.1::PORT_N; select name from them where id = 'c'" opts=NULL
01:01:01 p1235 database lookup required for servers=127.0.0.1::PORT_N; select name from them where id = 'c'
01:01:01 p1235 (tainted)
+01:01:01 p1235 No quoter name for addr
01:01:01 p1235 LOG: MAIN PANIC
01:01:01 p1235 tainted search query is not properly quoted (ACL warn, TESTSUITE/test-config 39): select name from them where id = 'c'
-01:01:01 p1235 required_quoter_id NN (mysql) quoting -1 (NULL)
+01:01:01 p1235 required_quoter_id (mysql) quoting -1 (NULL)
01:01:01 p1235 MySQL query: "servers=127.0.0.1::PORT_N; select name from them where id = 'c'" opts 'NULL'
01:01:01 p1235 LOG: MAIN
01:01:01 p1235 Exim configuration error in line 89 of TESTSUITE/test-config:
type=mysql key="select name from them where id='ph10' limit 1" opts=NULL
database lookup required for select name from them where id='ph10' limit 1
(tainted)
+No quoter name for addr
LOG: MAIN PANIC
tainted search query is not properly quoted (router r1, TESTSUITE/test-config 68): select name from them where id='ph10' limit 1
- required_quoter_id NN (mysql) quoting -1 (NULL)
+ required_quoter_id (mysql) quoting -1 (NULL)
MySQL query: "select name from them where id='ph10' limit 1" opts 'NULL'
MYSQL using cached connection for 127.0.0.1:PORT_N/test/root
creating new cache entry
type=mysql key="select id from them where id='ph10'" opts=NULL
database lookup required for select id from them where id='ph10'
(tainted)
+No quoter name for addr
LOG: MAIN
tainted search query is not properly quoted (transport t1, TESTSUITE/test-config 82): select id from them where id='ph10'
- required_quoter_id NN (mysql) quoting -1 (NULL)
+ required_quoter_id (mysql) quoting -1 (NULL)
MySQL query: "select id from them where id='ph10'" opts 'NULL'
MYSQL new connection: host=127.0.0.1 port=PORT_N socket=NULL database=test user=root
creating new cache entry
type=pgsql key="select name from them where id = 'c'" opts=NULL
cached data found but no_rd option set; database lookup required for select name from them where id = 'c'
(tainted)
+No quoter name for addr
LOG: MAIN PANIC
tainted search query is not properly quoted (ACL warn, TESTSUITE/test-config 27): select name from them where id = 'c'
- required_quoter_id NN (pgsql) quoting -1 (NULL)
+ required_quoter_id (pgsql) quoting -1 (NULL)
PostgreSQL query: "select name from them where id = 'c'" opts 'NULL'
PGSQL using cached connection for localhost:PORT_N/test/CALLER
PGSQL: no data found
type=pgsql key="select name from them where id = 'c'" opts=NULL
cached data found but no_rd option set; database lookup required for select name from them where id = 'c'
(tainted)
+No quoter name for addr
LOG: MAIN PANIC
tainted search query is not properly quoted (ACL warn, TESTSUITE/test-config 27): select name from them where id = 'c'
- required_quoter_id NN (pgsql) quoting -1 (NULL)
+ required_quoter_id (pgsql) quoting -1 (NULL)
PostgreSQL query: "select name from them where id = 'c'" opts 'NULL'
PGSQL using cached connection for localhost:PORT_N/test/CALLER
PGSQL: no data found
1999-03-02 09:44:33 defaults using "*" or "*@" are not permitted for lookup type "testdb*"
+1999-03-02 09:44:33 tainted search query is not properly quoted: expected_fail
> match_ip: 12 true
> match_ip: 13
->
\ No newline at end of file
+> > variable m0 set
+> variable m1 set
+> variable m2 set
+> variable m3 set
+> missing quoter: expected_fail
+> proper quoter: barbaz
+> missing (but cached): barbaz
+> shared quoter: foo_2
+> quoter notreq: foo_3
+>