From: Dean Brooks Date: Sun, 24 Sep 2023 18:24:38 +0000 (+0100) Subject: Docs: inbound_srs behavior for empty secret. Bug 3025 X-Git-Tag: exim-4.97-RC1~4 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/953303cf3170248dae7f284b0a55cf105a66371c?hp=e2fe20104068e079266859fbe7a95fdab5d3fee2 Docs: inbound_srs behavior for empty secret. Bug 3025 Additional docs commentary and code-tidying by committer --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 85c6d3b3b..f99f86011 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -42295,18 +42295,30 @@ encoding operation. If this value is empty the the expansion result will be empty. The third argument should be the recipient domain of the message when it arrived at this system. +All arguments are expanded before use. + +The result of the expansion is the replacement envelope-from (return path) +to be used. .endlist .cindex SRS decoding To decode an address use this expansion condition: .vlist .vitem &*inbound_srs&~{*&<&'local&~part'&>&*}{*&<&'secret'&>&*}*& -The first argument should be the recipient local prt as is was received. +The first argument should be the recipient local part as it was received. The second argument is the site secret. +Both arguments are expanded before use. If the messages is not for an SRS-encoded recipient the condition will -return false. If it is, the condition will return true and the variable +return false. +If it is, the condition will return true and the variable &$srs_recipient$& will be set to the decoded (original) value. + +.new +If the second argument is empty then the condition returns true if +the first argument is in valid SRS formet, else false. +The variable &$srs_recipient$& is not set for this case. +.wen .endlist Example usage: diff --git a/src/src/expand.c b/src/src/expand.c index aa8bfe643..bcfa60fb6 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -3583,53 +3583,50 @@ switch(cond_type = identify_operator(&s, &opname)) /* If a zero-length secret was given, we're done. Otherwise carry on and validate the given SRS local_part againt our secret. */ - if (!*sub[1]) + if (*sub[1]) { - boolvalue = TRUE; - goto srs_result; - } + /* check the timestamp */ + { + struct timeval now; + uschar * ss = sub[0] + ovec[4]; /* substring 2, the timestamp */ + long d; + int n; - /* check the timestamp */ - { - struct timeval now; - uschar * ss = sub[0] + ovec[4]; /* substring 2, the timestamp */ - long d; - int n; + gettimeofday(&now, NULL); + now.tv_sec /= 86400; /* days since epoch */ - gettimeofday(&now, NULL); - now.tv_sec /= 86400; /* days since epoch */ + /* Decode substring 2 from base32 to a number */ - /* Decode substring 2 from base32 to a number */ + for (d = 0, n = ovec[5]-ovec[4]; n; n--) + { + uschar * t = Ustrchr(base32_chars, *ss++); + d = d * 32 + (t - base32_chars); + } - for (d = 0, n = ovec[5]-ovec[4]; n; n--) - { - uschar * t = Ustrchr(base32_chars, *ss++); - d = d * 32 + (t - base32_chars); + if (((now.tv_sec - d) & 0x3ff) > 10) /* days since SRS generated */ + { + DEBUG(D_expand) debug_printf("SRS too old\n"); + goto srs_result; + } } - if (((now.tv_sec - d) & 0x3ff) > 10) /* days since SRS generated */ + /* check length of substring 1, the offered checksum */ + + if (ovec[3]-ovec[2] != 4) { - DEBUG(D_expand) debug_printf("SRS too old\n"); + DEBUG(D_expand) debug_printf("SRS checksum wrong size\n"); goto srs_result; } - } - - /* check length of substring 1, the offered checksum */ - - if (ovec[3]-ovec[2] != 4) - { - DEBUG(D_expand) debug_printf("SRS checksum wrong size\n"); - goto srs_result; - } - /* Hash the address with our secret, and compare that computed checksum - with the one extracted from the arg */ + /* Hash the address with our secret, and compare that computed checksum + with the one extracted from the arg */ - hmac_md5(sub[1], srs_recipient, cksum, sizeof(cksum)); - if (Ustrncmp(cksum, sub[0] + ovec[2], 4) != 0) - { - DEBUG(D_expand) debug_printf("SRS checksum mismatch\n"); - goto srs_result; + hmac_md5(sub[1], srs_recipient, cksum, sizeof(cksum)); + if (Ustrncmp(cksum, sub[0] + ovec[2], 4) != 0) + { + DEBUG(D_expand) debug_printf("SRS checksum mismatch\n"); + goto srs_result; + } } boolvalue = TRUE;