From: Jeremy Harris Date: Tue, 28 Sep 2021 22:27:59 +0000 (+0100) Subject: Merge branch '4.next' X-Git-Tag: exim-4.96-RC0~162 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/c9433c53ad292c2f7ec05aa9d083767f95d07858?ds=inline;hp=-c Merge branch '4.next' --- c9433c53ad292c2f7ec05aa9d083767f95d07858 diff --combined doc/doc-docbook/spec.xfpt index 529861208,812924ac8..540a9cbf8 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@@ -45,7 -45,7 +45,7 @@@ . Update the Copyright year (only) when changing content. . ///////////////////////////////////////////////////////////////////////////// -.set previousversion "4.94" +.set previousversion "4.95" .include ./local_params .set ACL "access control lists (ACLs)" @@@ -54,7 -54,7 +54,7 @@@ .set drivernamemax "64" .macro copyyear -2020 +2021 .endmacro . ///////////////////////////////////////////////////////////////////////////// @@@ -193,7 -193,7 +193,7 @@@ .copyyear - University of Cambridge + The Exim Maintainers .literal off @@@ -1421,6 -1421,7 +1421,6 @@@ check an address given in the SMTP EXP .next If the &%domains%& option is set, the domain of the address must be in the set of domains that it defines. -.new .cindex "tainted data" "de-tainting" A match verifies the variable &$domain$& (which carries tainted data) and assigns an untainted value to the &$domain_data$& variable. @@@ -1430,6 -1431,7 +1430,6 @@@ refer to section &<>& When an untainted value is wanted, use this option rather than the generic &%condition%& option. -.wen .next .vindex "&$local_part_prefix$&" @@@ -1440,6 -1442,7 +1440,6 @@@ .cindex affix "router precondition" If the &%local_parts%& option is set, the local part of the address must be in the set of local parts that it defines. -.new A match verifies the variable &$local_part$& (which carries tainted data) and assigns an untainted value to the &$local_part_data$& variable. Such an untainted value is often needed in the transport. @@@ -1448,6 -1451,7 +1448,6 @@@ refer to section &<>& When an untainted value is wanted, use this option rather than the generic &%condition%& option. -.wen If &%local_part_prefix%& or &%local_part_suffix%& is in use, the prefix or suffix is removed from the local @@@ -1488,6 -1492,7 +1488,6 @@@ If the &%condition%& option is set, it uses an expanded string to allow you to set up your own custom preconditions. Expanded strings are described in chapter &<>&. -.new Note that while using this option for address matching technically works, it does not set any de-tainted values. @@@ -1495,6 -1500,7 +1495,6 @@@ Such values are often needed, either fo for transport options. Using the &%domains%& and &%local_parts%& options is usually the most convenient way to obtain them. -.wen .endlist @@@ -3946,6 -3952,7 +3946,6 @@@ This option is not intended for use by by Exim in conjunction with the &%-MC%& option. It signifies that a remote host supports the ESMTP &_CHUNKING_& extension. -.new .vitem &%-MCL%& .oindex "&%-MCL%&" This option is not intended for use by external callers. It is used internally @@@ -3953,6 -3960,7 +3953,6 @@@ by Exim in conjunction with the &%-MC% which Exim is connected advertised limits on numbers of mails, recipients or recipient domains. The limits are given by the following three arguments. -.wen .vitem &%-MCP%& .oindex "&%-MCP%&" @@@ -3960,12 -3968,14 +3960,12 @@@ This option is not intended for use by by Exim in conjunction with the &%-MC%& option. It signifies that the server to which Exim is connected supports pipelining. -.new .vitem &%-MCp%& .oindex "&%-MCp%&" This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option. It signifies that the connection t a remote server is via a SOCKS proxy, using addresses and ports given by the following four arguments. -.wen .vitem &%-MCQ%&&~<&'process&~id'&>&~<&'pipe&~fd'&> .oindex "&%-MCQ%&" @@@ -3976,10 -3986,12 +3976,10 @@@ together with the file descriptor numbe signals the final completion of the sequence of processes that are passing messages through the same SMTP connection. -.new .vitem &%-MCq%&&~<&'recipient&~address'&>&~<&'size'&> .oindex "&%-MCq%&" This option is not intended for use by external callers. It is used internally by Exim to implement quota checking for local users. -.wen .vitem &%-MCS%& .oindex "&%-MCS%&" @@@ -3994,6 -4006,7 +3994,6 @@@ This option is not intended for use by by Exim in conjunction with the &%-MC%& option, and passes on the fact that the host to which Exim is connected supports TLS encryption. -.new .vitem &%-MCr%&&~<&'SNI'&> &&& &%-MCs%&&~<&'SNI'&> .oindex "&%-MCs%&" @@@ -4003,6 -4016,7 +4003,6 @@@ by Exim in conjunction with the &%-MCt% a TLS Server Name Indication was sent as part of the channel establishment. The argument gives the SNI string. The "r" variant indicates a DANE-verified connection. -.wen .vitem &%-MCt%&&~<&'IP&~address'&>&~<&'port'&>&~<&'cipher'&> .oindex "&%-MCt%&" @@@ -4524,6 -4538,7 +4524,6 @@@ of the syntax, and how it interacts wit in chapter &<>&. When &%-oX%& is used to start a daemon, no pid file is written unless &%-oP%& is also present to specify a pid filename. -.new .vitem &%-oY%& .oindex &%-oY%& .cindex "daemon notifier socket" @@@ -4542,6 -4557,7 +4542,6 @@@ fast ramp-up of queue runner processe .next obtaining a current queue size .endlist -.wen .vitem &%-pd%& .oindex "&%-pd%&" @@@ -6769,6 -6785,7 +6769,6 @@@ If the value of &$sender_host_address$ first &%domains%& setting above generates the second setting, which therefore causes a second lookup to occur. -.new The lookup type may optionally be followed by a comma and a comma-separated list of options. Each option is a &"name=value"& pair. @@@ -6778,6 -6795,7 +6778,6 @@@ All lookups support the option &"cache= If this is given then the cache that Exim manages for lookup results is not checked before doing the lookup. The result of the lookup is still written to the cache. -.wen The rest of this chapter describes the different lookup types that are available. Any of them can be used in any part of the configuration where a @@@ -6960,9 -6978,11 +6960,9 @@@ the implicit key is the host's IP addre IPv4, in dotted-quad form. (Exim converts IPv4-mapped IPv6 addresses to this notation before executing the lookup.) -.new One option is supported, "ret=full", to request the return of the entire line rather than omitting the key porttion. Note however that the key portion will have been de-quoted. -.wen .next .cindex lookup json @@@ -6983,6 -7003,7 +6983,6 @@@ is returned For elements of type string, the returned value is de-quoted. -.new .next .cindex LMDB .cindex lookup lmdb @@@ -7000,6 -7021,7 +7000,6 @@@ To enable LMDB support in Exim set LOOK You will need to separately create the LMDB database file, possibly using the &"mdb_load"& utility. -.wen .next @@@ -7401,10 -7423,6 +7401,10 @@@ lookups. However, because (apart from t of independent, short-lived processes, this caching applies only within a single Exim process. There is no inter-process lookup caching facility. +If an option &"cache=no_rd"& is used on the lookup then +the cache is only written to, cached data is not used for the operation +and a real lookup is done. + For single-key lookups, Exim keeps the relevant files open in case there is another lookup that needs them. In some types of configuration this can lead to many files being kept open for messages with many recipients. To avoid hitting @@@ -8261,6 -8279,7 +8261,6 @@@ SQLite is different to the other SQL lo addition to the SQL query. An SQLite database is a single file, and there is no daemon as in the other SQL databases. -.new .oindex &%sqlite_dbfile%& There are two ways of specifying the file. @@@ -8270,6 -8289,7 +8270,6 @@@ is to use an option appended, comma-sep lookup type word. The option is the word &"file"&, then an equals, then the filename. The filename in this case cannot contain whitespace or open-brace charachters. -.wen A deprecated method is available, prefixing the query with the filename separated by white space. @@@ -8493,8 -8513,10 +8493,8 @@@ will store a result in the &$host_data$ A &%local_parts%& router option or &%local_parts%& ACL condition will store a result in the &$local_part_data$& variable. .vitem domains -.new A &%domains%& router option or &%domains%& ACL condition will store a result in the &$domain_data$& variable. -.wen .vitem senders A &%senders%& router option or &%senders%& ACL condition will store a result in the &$sender_data$& variable. @@@ -8798,10 -8820,12 +8798,10 @@@ other statements in the same ACL .cindex "tainted data" "de-tainting" The value will be untainted. -.new &*Note*&: If the data result of the lookup (as opposed to the key) is empty, then this empty value is stored in &$domain_data$&. The option to return the key for the lookup, as the value, may be what is wanted. -.wen .next @@@ -9588,10 -9612,13 +9588,10 @@@ reasons .cindex "tainted data" definition .cindex expansion "tainted data" and expansion of data deriving from the sender (&"tainted data"&) -.new is not permitted (including acessing a file using a tainted name). The main config option &%allow_insecure_tainted_data%& can be used as mitigation during uprades to more secure configurations. -.wen -.new Common ways of obtaining untainted equivalents of variables with tainted values .cindex "tainted data" "de-tainting" @@@ -9600,6 -9627,7 +9600,6 @@@ This database could be the filesystem s or the password file, or accessed via a DBMS. Specific methods are indexed under &"de-tainting"&. -.wen @@@ -10312,6 -10340,7 +10312,6 @@@ extracted is used You can use &`fail`& instead of {<&'string3'&>} as in a string extract. -.new .vitem &*${listquote{*&<&'separator'&>&*}{*&<&'string'&>&*}}*& .cindex quoting "for list" .cindex list quoting @@@ -10320,6 -10349,7 +10320,6 @@@ in the given string An empty string is replaced with a single space. This converts the string into a safe form for use as a list element, in a list using the given separator. -.wen .vitem "&*${lookup&~{*&<&'key'&>&*}&~*&<&'search&~type'&>&*&~&&& @@@ -10760,8 -10790,10 +10760,8 @@@ will sort an MX lookup into priority or -.new .vitem &*${srs_encode&~{*&<&'secret'&>&*}{*&<&'return&~path'&>&*}{*&<&'original&~domain'&>&*}}*& SRS encoding. See SECT &<>& for details. -.wen @@@ -11181,8 -11213,10 +11181,8 @@@ If the optional type is given it must b and selects address-, domain-, host- or localpart- lists to search among respectively. Otherwise all types are searched in an undefined order and the first matching list is returned. -.new &*Note*&: Neither string-expansion of lists referenced by named-list syntax elements, nor expansion of lookup elements, is done by the &%listnamed%& operator. -.wen .vitem &*${local_part:*&<&'string'&>&*}*& @@@ -11194,7 -11228,8 +11194,8 @@@ empty The parsing correctly handles SMTPUTF8 Unicode in the string. - .vitem &*${mask:*&<&'IP&~address'&>&*/*&<&'bit&~count'&>&*}*& + .vitem &*${mask:*&<&'IP&~address'&>&*/*&<&'bit&~count'&>&*}*& &&& + &*${mask_n:*&<&'IP&~address'&>&*/*&<&'bit&~count'&>&*}*& .cindex "masked IP address" .cindex "IP address" "masking" .cindex "CIDR notation" @@@ -11208,8 -11243,14 +11209,14 @@@ the result back to text, with mask appe .code ${mask:10.111.131.206/28} .endd - returns the string &"10.111.131.192/28"&. Since this operation is expected to - be mostly used for looking up masked addresses in files, the result for an IPv6 + returns the string &"10.111.131.192/28"&. + + Since this operation is expected to + be mostly used for looking up masked addresses in files, the + .new + normal + .wen + result for an IPv6 address uses dots to separate components instead of colons, because colon terminates a key string in lsearch files. So, for example, .code @@@ -11219,6 -11260,10 +11226,10 @@@ returns the strin .code 3ffe.ffff.836f.0a00.000a.0800.2000.0000/99 .endd + .new + If the optional form &*mask_n*& is used, IPv6 address result are instead + returned in normailsed form, using colons and with zero-compression. + .wen Letters in IPv6 addresses are always output in lower case. @@@ -11745,9 -11790,11 +11756,9 @@@ condition is true if the named file (o is done by calling the &[stat()]& function. The use of the &%exists%& test in users' filter files may be locked out by the system administrator. -.new &*Note:*& Testing a path using this condition is not a sufficient way of de-tainting it. Consider using a dsearch lookup. -.wen .vitem &*first_delivery*& .cindex "delivery" "first" @@@ -11834,8 -11881,10 +11845,8 @@@ case-independent Case and collation order are defined per the system C locale. -.new .vitem &*inbound_srs&~{*&<&'local&~part'&>&*}{*&<&'secret'&>&*}*& SRS decode. See SECT &<>& for details. -.wen .vitem &*inlist&~{*&<&'string1'&>&*}{*&<&'string2'&>&*}*& &&& @@@ -12303,7 -12352,9 +12314,7 @@@ warn !verify = sende You can use &$acl_verify_message$& during the expansion of the &%message%& or &%log_message%& modifiers, to include information about the verification failure. -.new &*Note*&: The variable is cleared at the end of processing the ACL verb. -.wen .vitem &$address_data$& .vindex "&$address_data$&" @@@ -12607,12 -12658,14 +12618,12 @@@ Often &$domain_data$& is usable in thi .vitem &$domain_data$& .vindex "&$domain_data$&" When the &%domains%& condition on a router -.new or an ACL matches a domain against a list, the match value is copied to &$domain_data$&. This is an enhancement over previous versions of Exim, when it only applied to the data read by a lookup. For details on match values see section &<>& et. al. -.wen If the router routes the address to a transport, the value is available in that transport. If the @@@ -12760,11 -12813,13 +12771,11 @@@ option in the &(appendfile)& transport of the temporary file which is about to be renamed. It can be used to construct a unique name for the file. -.vitem &$interface_address$& +.vitem &$interface_address$& &&& + &$interface_port$& .vindex "&$interface_address$&" -This is an obsolete name for &$received_ip_address$&. - -.vitem &$interface_port$& .vindex "&$interface_port$&" -This is an obsolete name for &$received_port$&. +These are obsolete names for &$received_ip_address$& and &$received_port$&. .vitem &$item$& .vindex "&$item$&" @@@ -12853,10 -12908,12 +12864,10 @@@ to process local parts in a case-depend .vindex "&$local_part_data$&" When the &%local_parts%& condition on a router or ACL matches a local part list -.new the match value is copied to &$local_part_data$&. This is an enhancement over previous versions of Exim, when it only applied to the data read by a lookup. For details on match values see section &<>& et. al. -.wen The &%check_local_user%& router option also sets this variable. @@@ -12952,7 -13009,7 +12963,7 @@@ when the ACL &%malware%& condition is t This variable contains the number of bytes in the longest line that was received as part of the message, not counting the line termination character(s). -It is not valid if the &%spool_files_wireformat%& option is used. +It is not valid if the &%spool_wireformat%& option is used. .vitem &$message_age$& .cindex "message" "age of" @@@ -12996,7 -13053,7 +13007,7 @@@ separates the body from the header. New also &$message_size$&, &$body_linecount$&, and &$body_zerocount$&. If the spool file is wireformat -(see the &%spool_files_wireformat%& main option) +(see the &%spool_wireformat%& main option) the CRLF line-terminators are included in the count. .vitem &$message_exim_id$& @@@ -13049,7 -13106,7 +13060,7 @@@ deny condition = In the MAIL and RCPT ACLs, the value is zero because at that stage the message has not yet been received. -This variable is not valid if the &%spool_files_wireformat%& option is used. +This variable is not valid if the &%spool_wireformat%& option is used. .vitem &$message_size$& .cindex "size" "of message" @@@ -13269,13 -13326,11 +13280,13 @@@ variable contains that address when th built. The value is copied after recipient rewriting has happened, but before the &[local_scan()]& function is run. -.vitem &$received_ip_address$& +.vitem &$received_ip_address$& &&& + &$received_port$& .vindex "&$received_ip_address$&" -As soon as an Exim server starts processing an incoming TCP/IP connection, this -variable is set to the address of the local IP interface, and &$received_port$& -is set to the local port number. (The remote IP address and port are in +.vindex "&$received_port$&" +As soon as an Exim server starts processing an incoming TCP/IP connection, these +variables are set to the address and port on the local IP interface. +(The remote IP address and port are in &$sender_host_address$& and &$sender_host_port$&.) When testing with &%-bh%&, the port value is -1 unless it has been set using the &%-oMi%& command line option. @@@ -13288,6 -13343,10 +13299,6 @@@ messages that are received, thus makin time. For outbound connections see &$sending_ip_address$&. -.vitem &$received_port$& -.vindex "&$received_port$&" -See &$received_ip_address$&. - .vitem &$received_protocol$& .vindex "&$received_protocol$&" When a message is being processed, this variable contains the name of the @@@ -13930,12 -13989,14 +13941,12 @@@ If certificate verification fails it ma which is not the leaf. -.new .vitem &$tls_in_resumption$& &&& &$tls_out_resumption$& .vindex &$tls_in_resumption$& .vindex &$tls_out_resumption$& .cindex TLS resumption Observability for TLS session resumption. See &<>& for details. -.wen .vitem &$tls_in_sni$& @@@ -14121,7 -14182,9 +14132,7 @@@ taint mode of the Perl interpreter. Yo option to a true value. To avoid breaking existing installations, it defaults to false. -.new &*Note*&: This is entirely separate from Exim's tainted-data tracking. -.wen .section "Calling Perl subroutines" "SECID86" @@@ -15172,6 -15235,7 +15183,6 @@@ domains (defined in the named domain li configuration). This &"magic string"& matches the domain literal form of all the local host's IP addresses. -.new .option allow_insecure_tainted_data main boolean false .cindex "de-tainting" .oindex "allow_insecure_tainted_data" @@@ -15180,6 -15244,7 +15191,6 @@@ Setting this option to "true" turns tai message rejection) into warnings. This option is meant as mitigation only and deprecated already today. Future releases of Exim may ignore it. The &%taint%& log selector can be used to suppress even the warnings. -.wen @@@ -16286,6 -16351,7 +16297,6 @@@ hosts_connection_nolog = If the &%smtp_connection%& log selector is not set, this option has no effect. -.new .option hosts_require_alpn main "host list&!!" unset .cindex ALPN "require negotiation in server" .cindex TLS ALPN @@@ -16297,6 -16363,7 +16308,6 @@@ See also the &%tls_alpn%& option &*Note*&: prevention of fallback to in-clear connection is not managed by this option, and should be done separately. -.wen .option hosts_proxy main "host list&!!" unset @@@ -16835,11 -16902,14 +16846,11 @@@ The option is expanded before use If the platform supports Linux-style abstract socket names, the result is used with a nul byte prefixed. Otherwise, -.new "if nonempty," it should be a full path name and use a directory accessible to Exim. -.new If this option is set as empty, or the command line &%-oY%& option is used, or -.wen the command line uses a &%-oX%& option and does not use &%-oP%&, then a notifier socket is not created. @@@ -17037,7 -17107,9 +17048,7 @@@ When used, the pipelining saves on roun See also the &%hosts_pipe_connect%& smtp transport option. -.new The SMTP service extension keyword advertised is &"PIPE_CONNECT"&. -.wen .option prdr_enable main boolean false @@@ -17118,10 -17190,12 +17129,10 @@@ admin user unless &%prod_requires_admin &%queue_list_requires_admin%& and &%commandline_checks_require_admin%&. -.new .option proxy_protocol_timeout main time 3s .cindex proxy "proxy protocol" This option sets the timeout for proxy protocol negotiation. For details see section &<>&. -.wen .option qualify_domain main string "see below" @@@ -17159,6 -17233,7 +17170,6 @@@ domains that do not match are processed next queue run. See also &%hold_domains%& and &%queue_smtp_domains%&. -.new .option queue_fast_ramp main boolean false .cindex "queue runner" "two phase" .cindex "queue" "double scanning" @@@ -17166,6 -17241,7 +17177,6 @@@ If set to true, two-phase queue runs, i command line, may start parallel delivery processes during their first phase. This will be done when a threshold number of messages have been routed for a single host. -.wen .option queue_list_requires_admin main boolean true @@@ -17605,9 -17681,11 +17616,9 @@@ results in the transfer of a message. A response is given to subsequent MAIL commands. This limit is a safety precaution against a client that goes mad (incidents of this type have been seen). -.new The option is expanded after the HELO or EHLO is received and may depend on values available at that time. An empty or zero value after expansion removes the limit. -.wen .option smtp_accept_max_per_host main string&!! unset @@@ -18313,6 -18391,7 +18324,6 @@@ using the &%tls_certificate%& option. is not required the &%tls_advertise_hosts%& option should be set empty. -.new .option tls_alpn main "string list&!!" "smtp : esmtp" .cindex TLS "Application Layer Protocol Names" .cindex TLS ALPN @@@ -18322,6 -18401,7 +18333,6 @@@ the TLS library supports ALPN and the client offers either more than ALPN name or a name which does not match the list, the TLS connection is declined. -.wen .option tls_certificate main "string list&!!" unset @@@ -18354,9 -18434,11 +18365,9 @@@ Server Name Indication extension, then &<>& will be re-expanded. If this option is unset or empty a self-signed certificate will be -.new used. Under Linux this is generated at daemon startup; on other platforms it will be generated fresh for every connection. -.wen .option tls_crl main string&!! unset .cindex "TLS" "server certificate revocation list" @@@ -18567,10 -18649,12 +18578,10 @@@ preference order of the available ciphe &<>& and &<>&. -.new .option tls_resumption_hosts main "host list&!!" unset .cindex TLS resumption This option controls which connections to offer the TLS resumption feature. See &<>& for details. -.wen .option tls_try_verify_hosts main "host list&!!" unset @@@ -18802,9 -18886,11 +18813,9 @@@ which the preconditions are tested. Th provide data for a transport is: &%errors_to%&, &%headers_add%&, &%headers_remove%&, &%transport%&. -.new The name of a router is limited to be &drivernamemax; ASCII characters long; prior to Exim 4.95 names would be silently truncated at this length, but now it is enforced. -.wen .option address_data routers string&!! unset @@@ -19796,8 -19882,10 +19807,8 @@@ Values containing a list-separator shou When a router runs, the strings are evaluated in order, to create variables which are added to the set associated with the address. -.new This is done immediately after all the preconditions, before the evaluation of the &%address_data%& option. -.wen The variable is set with the expansion of the value. The variables can be used by the router options (not including any preconditions) @@@ -22346,9 -22434,11 +22357,9 @@@ and &$original_domain$& is never set .scindex IIDgenoptra1 "generic options" "transport" .scindex IIDgenoptra2 "options" "generic; for transports" .scindex IIDgenoptra3 "transport" "generic options for" -.new The name of a transport is limited to be &drivernamemax; ASCII characters long; prior to Exim 4.95 names would be silently truncated at this length, but now it is enforced. -.wen The following generic options apply to all transports: @@@ -22419,12 -22509,6 +22430,12 @@@ header, Exim has a configuration optio its removal from incoming messages, so that delivered messages can safely be resent to other recipients. +&*Note:*& If used on a transport handling multiple recipients +(the smtp transport unless &%rcpt_max%& is 1, the appendfile, pipe or lmtp +transport if &%batch_max%& is greater than 1) +then information about Bcc recipients will be leaked. +Doing so is generally not advised. + .option event_action transports string&!! unset .cindex events @@@ -23183,8 -23267,10 +23194,8 @@@ directories defined by the &%directory% delivery, it applies to the top level directory, not the maildir directories beneath. -.new The option must be set to one of the words &"anywhere"&, &"inhome"&, or &"belowhome"&, or to an absolute path. -.wen In the second and third cases, a home directory must have been set for the transport, and the file or directory being created must @@@ -23197,6 -23283,7 +23208,6 @@@ are generated from users' &_.forward_& by an &(appendfile)& transport called &%address_file%&. See also &%file_must_exist%&. -.new In the fourth case, the value given for this option must be an absolute path for an existing directory. @@@ -23206,6 -23293,7 +23217,6 @@@ checking is done in "belowhome" mode .cindex "tainted data" "de-tainting" If "belowhome" checking is used, the file or directory path becomes de-tainted. -.wen .option directory appendfile string&!! unset @@@ -23219,8 -23307,10 +23230,8 @@@ appended to a single mailbox file. A nu (see &%maildir_format%& and &%mailstore_format%&), and see section &<>& for further details of this form of delivery. -.new The result of expansion must not be tainted, unless the &%create_file%& option specifies a path. -.wen .option directory_file appendfile string&!! "see below" @@@ -23254,8 -23344,10 +23265,8 @@@ specifies a single file, to which the m &%use_fcntl_lock%&, &%use_flock_lock%&, or &%use_lockfile%& must be set with &%file%&. -.new The result of expansion must not be tainted, unless the &%create_file%& option specifies a path. -.wen .cindex "NFS" "lock file" .cindex "locking files" @@@ -25612,6 -25704,7 +25623,6 @@@ Exim will request a Certificate Status TLS session for any host that matches this list. &%tls_verify_certificates%& should also be set for the transport. -.new .option hosts_require_alpn smtp "host list&!!" unset .cindex ALPN "require negotiation in client" .cindex TLS ALPN @@@ -25623,6 -25716,7 +25634,6 @@@ See also the &%tls_alpn%& option &*Note*&: prevention of fallback to in-clear connection is not managed by this option; see &%hosts_require_tls%&. -.wen .option hosts_require_dane smtp "host list&!!" unset .cindex DANE "transport options" @@@ -25657,7 -25751,9 +25668,7 @@@ incoming messages, use an appropriate A This option provides a list of servers to which, provided they announce authentication support, Exim will attempt to authenticate as a client when it connects. If authentication fails -.new and &%hosts_require_auth%& permits, -.wen Exim will try to transfer the message unauthenticated. See also chapter &<>& for details of authentication. @@@ -25673,11 -25769,13 +25684,11 @@@ BDAT will not be used in conjunction wi .option hosts_try_dane smtp "host list&!!" * .cindex DANE "transport options" .cindex DANE "attempting for certain servers" -.new If built with DANE support, Exim will look up a TLSA record for any host matching the list, If one is found and that lookup was DNSSEC-validated, then Exim requires that a DANE-verified TLS connection is made for that host; there will be no fallback to in-clear communication. -.wen See the &%dnssec_request_domains%& router and transport options. See section &<>&. @@@ -25766,6 -25864,7 +25777,6 @@@ so can cause parallel connections to th permits this. A value setting of zero disables the limit. -.new .option message_linelength_limit smtp integer 998 .cindex "line length" limit This option sets the maximum line length, in bytes, that the transport @@@ -25776,6 -25875,7 +25787,6 @@@ The default value is that defined by th It is generally wise to also check in the data ACL so that messages received via SMTP can be refused without producing a bounce. -.wen .option multi_domain smtp boolean&!! true @@@ -25791,9 -25891,11 +25802,9 @@@ It is expanded per-address and can depe &$address_data$&, &$domain_data$&, &$local_part_data$&, &$host$&, &$host_address$& and &$host_port$&. -.new If the connection is DANE-enabled then this option is ignored; only messages having the domain used for the DANE TLSA lookup are sent on the connection. -.wen .option port smtp string&!! "see below" .cindex "port" "sending TCP/IP" @@@ -25899,6 -26001,7 +25910,6 @@@ This option enables use of SOCKS proxie transport. For details see section &<>&. -.new .option tls_alpn smtp string&!! unset .cindex TLS "Application Layer Protocol Names" .cindex TLS ALPN @@@ -25909,6 -26012,7 +25920,6 @@@ the value given is used As of writing no value has been standardised for email use. The authors suggest using &"smtp"&. -.wen @@@ -25976,10 -26080,12 +25987,10 @@@ is used in different ways by OpenSSL an ciphers is a preference order. -.new .option tls_resumption_hosts smtp "host list&!!" unset .cindex TLS resumption This option controls which connections to use the TLS resumption feature. See &<>& for details. -.wen @@@ -25989,7 -26095,9 +26000,7 @@@ .cindex SNI "setting in client" .vindex "&$tls_sni$&" If this option is set -.new and the connection is not DANE-validated -.wen then it sets the $tls_out_sni variable and causes any TLS session to pass this value as the Server Name Indication extension to the remote side, which can be used by the remote side to select an appropriate @@@ -27202,9 -27310,11 +27213,9 @@@ permitted to use it as a relay. SMTP au transfer of mail between servers that have no managerial connection with each other. -.new The name of an authenticator is limited to be &drivernamemax; ASCII characters long; prior to Exim 4.95 names would be silently truncated at this length, but now it is enforced. -.wen .cindex "AUTH" "description of" .cindex "ESMTP extensions" AUTH @@@ -27949,8 -28059,10 +27960,8 @@@ fixed_plain .endd The lack of colons means that the entire text is sent with the AUTH command, with the circumflex characters converted to NULs. -.new Note that due to the ambiguity of parsing three consectutive circumflex characters there is no way to provide a password having a leading circumflex. -.wen A similar example @@@ -28277,9 -28389,11 +28288,9 @@@ realease for the SCRAM-SHA-256 method The macro _HAVE_AUTH_GSASL_SCRAM_SHA_256 will be defined when this happens. -.new To see the list of mechanisms supported by the library run Exim with "auth" debug enabled and look for a line containing "GNU SASL supports". Note however that some may not have been tested from Exim. -.wen .option client_authz gsasl string&!! unset @@@ -28302,8 -28416,10 +28313,8 @@@ the account name to be used .option client_spassword gsasl string&!! unset -.new This option is only supported for library versions 1.9.1 and greater. The macro _HAVE_AUTH_GSASL_SCRAM_S_KEY will be defined when this is so. -.wen If a SCRAM mechanism is being used and this option is set and correctly sized @@@ -28315,6 -28431,7 +28326,6 @@@ with the PBKDF2-prepared password, hex- Note that this value will depend on the salt and iteration-count supplied by the server. The option is expanded before use. -.new During the expansion &$auth1$& is set with the client username, &$auth2$& with the iteration count, and &$auth3$& with the salt. @@@ -28331,6 -28448,7 +28342,6 @@@ If the authentication succeeds then th plus the calculated salted password value value in &$auth4$&, during the expansion of the &%client_set_id%& option. A side-effect of this expansion can be used to prime the cache. -.wen .option server_channelbinding gsasl boolean false @@@ -28357,10 -28475,12 +28368,10 @@@ of Exim might have switched the defaul . Do not plan to rely upon this feature for security, ever, without consulting . with a subject matter expert (a cryptographic engineer). -.new This option was deprecated in previous releases due to doubts over the "Triple Handshake" vulnerability. Exim takes suitable precausions (requiring Extended Master Secret if TLS Session Resumption was used) for safety. -.wen .option server_hostname gsasl string&!! "see below" @@@ -29033,10 -29153,12 +29044,10 @@@ Some other recently added features may This should be documented with the feature. If the documentation does not explicitly state that the feature is infeasible in the other TLS implementation, then patches are welcome. -.new .next The output from "exim -bV" will show which (if any) support was included in the build. Also, the macro "_HAVE_OPENSSL" or "_HAVE_GNUTLS" will be defined. -.wen .endlist @@@ -29510,6 -29632,7 +29521,6 @@@ There is no current way to staple a pro .endd -.new .section "Caching of static server configuration items" "SECTserverTLScache" .cindex certificate caching .cindex privatekey caching @@@ -29561,6 -29684,7 +29572,6 @@@ is acceptable in configurations for th Caching of the system Certificate Authorities bundle can save siginificant time and processing on every TLS connection accepted by Exim. -.wen @@@ -29632,11 -29756,13 +29643,11 @@@ or need not succeed respectively The &%tls_verify_cert_hostnames%& option lists hosts for which additional name checks are made on the server certificate. -.new The match against this list is, as per other Exim usage, the IP for the host. That is most closely associated with the name on the DNS A (or AAAA) record for the host. However, the name that needs to be in the certificate is the one at the head of any CNAME chain leading to the A record. -.wen The option defaults to always checking. The &(smtp)& transport has two OCSP-related options: @@@ -29684,6 -29810,7 +29695,6 @@@ outgoing connection -.new .section "Caching of static client configuration items" "SECTclientTLScache" .cindex certificate caching .cindex privatekey caching @@@ -29734,6 -29861,7 +29745,6 @@@ is acceptable in configurations for th Caching of the system Certificate Authorities bundle can save siginificant time and processing on every TLS connection initiated by Exim. -.wen @@@ -29773,8 -29901,10 +29784,8 @@@ nothing more to it. Choosing a sensibl only point of caution. The &$tls_out_sni$& variable will be set to this string for the lifetime of the client connection (including during authentication). -.new If DANE validated the connection attempt then the value of the &%tls_sni%& option is forced to the domain part of the recipient address. -.wen Except during SMTP client sessions, if &$tls_in_sni$& is set then it is a string received from a client. @@@ -29816,6 -29946,7 +29827,6 @@@ When Exim is built against GnuTLS, SNI 0.5.10. (Its presence predates the current API which Exim uses, so if Exim built, then you have SNI support). -.new .cindex TLS ALPN .cindex ALPN "general information" .cindex TLS "Application Layer Protocol Names" @@@ -29842,6 -29973,7 +29853,6 @@@ depends on the behavious of the pee This feature is available when Exim is built with OpenSSL 1.1.0 or later or GnuTLS 3.2.0 or later; the macro _HAVE_TLS_ALPN will be defined when this is so. -.wen @@@ -29989,6 -30121,7 +30000,6 @@@ Open-source PKI book, available online .ecindex IIDencsmtp2 -.new .section "TLS Resumption" "SECTresumption" .cindex TLS resumption TLS Session Resumption for TLS 1.2 and TLS 1.3 connections can be used (defined @@@ -30080,6 -30213,7 +30091,6 @@@ Issues .endlist .endlist -.wen .section DANE "SECDANE" @@@ -31357,9 -31491,11 +31368,9 @@@ anyway. If the message contains newline response. .vindex "&$acl_verify_message$&" -.new While the text is being expanded, the &$acl_verify_message$& variable contains any message previously set. Afterwards, &$acl_verify_message$& is cleared. -.wen If &%message%& is used on a statement that verifies an address, the message specified overrides any message that is generated by the verification process. @@@ -32190,6 -32326,14 +32201,14 @@@ content-scanning extension, and is avai non-SMTP ACLs. It causes the incoming message to be scanned for a match with any of the regular expressions. For details, see chapter &<>&. + .new + .vitem &*seen&~=&~*&<&'parameters'&> + .cindex "&%sseen%& ACL condition" + This condition can be used to test if a situation has been previously met, + for example for greylisting. + Details are given in section &<>&. + .wen + .vitem &*sender_domains&~=&~*&<&'domain&~list'&> .cindex "&%sender_domains%& ACL condition" .cindex "sender" "ACL checking" @@@ -32614,10 -32758,12 +32633,10 @@@ Section &<>& below descr different values. Some DNS lists may return more than one address record; see section &<>& for details of how they are checked. -.new Values returned by a properly running DBSBL should be in the 127.0.0.0/8 range. If a DNSBL operator loses control of the domain, lookups on it may start returning other addresses. Because of this, Exim now ignores returned values outside the 127/8 region. -.wen .section "Variables set from DNS lists" "SECID204" @@@ -32912,6 -33058,59 +32931,59 @@@ address you should specify alternate li dnslists = <; dnsbl.example.com/<|$acl_m_addrslist .endd + + .new + .section "Previously seen user and hosts" "SECTseen" + .cindex "&%sseen%& ACL condition" + .cindex greylisting + The &%seen%& ACL condition can be used to test whether a + situation has been previously met. + It uses a hints database to record a timestamp against a key. + host. The syntax of the condition is: + .display + &`seen =`& <&'time interval'&> &`/`& <&'options'&> + .endd + + For example, + .code + defer seen = -5m / key=${sender_host_address}_$local_part@$domain + .endd + in a RCPT ACL will implement simple greylisting. + + The parameters for the condition + are an interval followed, slash-separated, by a list of options. + The interval is taken as an offset before the current time, + and used for the test. + If the interval is preceded by a minus sign then the condition returns + whether a record is found which is before the test time. + Otherwise, the condition returns whether one is found which is since the + test time. + + Options are read in order with later ones overriding earlier ones. + + The default key is &$sender_host_address$&. + An explicit key can be set using a &%key=value%& option. + + If a &%readonly%& option is given then + no record create or update is done. + If a &%write%& option is given then + a record create or update is always done. + An update is done if the test is for &"since"&. + + Creates and updates are marked with the current time. + + Finally, a &"before"& test which succeeds, and for which the record + is old enough, will be refreshed with a timestamp of the test time. + This can prevent tidying of the database from removing the entry. + The interval for this is, by default, 10 days. + An explicit interval can be set using a + &%refresh=value%& option. + + Note that &"seen"& should be added to the list of hints databases + for maintenance if this ACL condition is used. + .wen + + .section "Rate limiting incoming messages" "SECTratelimiting" .cindex "rate limiting" "client sending" .cindex "limiting client sending rates" @@@ -33217,6 -33416,7 +33289,6 @@@ The &%success_on_redirect%& option caus immediately after a successful redirection. By default, if a redirection generates just one address, that address is also verified. See further discussion in section &<>&. -.new .next If the &%quota%& option is specified for recipient verify, successful routing to an appendfile transport is followed by a call into @@@ -33224,6 -33424,7 +33296,6 @@@ the transport to evaluate the quota sta No actual delivery is done, but verification will succeed if the quota is sufficient for the message (if the sender gave a message size) or not already exceeded (otherwise). -.wen .endlist .cindex "verifying address" "differentiating failures" @@@ -33258,6 -33459,7 +33330,6 @@@ connection, HELO, or MAIL) &%recipient%&: The RCPT command in a callout was rejected. .next &%postmaster%&: The postmaster check in a callout was rejected. -.new .next &%quota%&: The quota check for a local recipient did non pass. .endlist @@@ -33589,6 -33791,7 +33661,6 @@@ behaviour will be the same -.new .section "Quota caching" "SECTquotacache" .cindex "hints database" "quota cache" .cindex "quota" "cache, description of" @@@ -33618,6 -33821,7 +33690,6 @@@ As above, for a negative entry .vitem &*no_cache*& Set both positive and negative lifetimes to zero. -.wen .section "Sender address verification reporting" "SECTsenaddver" .cindex "verifying" "suppressing error details" @@@ -35141,11 -35345,11 +35213,11 @@@ C variables are as follows .vlist .vitem &*int&~body_linecount*& This variable contains the number of lines in the message's body. -It is not valid if the &%spool_files_wireformat%& option is used. +It is not valid if the &%spool_wireformat%& option is used. .vitem &*int&~body_zerocount*& This variable contains the number of binary zero bytes in the message's body. -It is not valid if the &%spool_files_wireformat%& option is used. +It is not valid if the &%spool_wireformat%& option is used. .vitem &*unsigned&~int&~debug_selector*& This variable is set to zero when no debugging is taking place. Otherwise, it @@@ -35180,8 -35384,10 +35252,10 @@@ discussed below .vitem &*header_line&~*header_last*& A pointer to the last of the header lines. - .vitem &*uschar&~*headers_charset*& + .new + .vitem &*const&~uschar&~*headers_charset*& The value of the &%headers_charset%& configuration option. + .wen .vitem &*BOOL&~host_checking*& This variable is TRUE during a host checking session that is initiated by the @@@ -37566,8 -37772,8 +37640,8 @@@ lists_request lists_post: driver = redirect domains = lists.example - senders = ${if exists {/usr/lists/$local_part}\ - {lsearch;/usr/lists/$local_part}{*}} + local_parts = ${lookup {$local_part} dsearch,filter=file,ret=full {/usr/lists}} + senders = ${if exists {$local_part_data} {lsearch;$local_part_data}{*}} file = ${lookup {$local_part} dsearch,ret=full {/usr/lists}} forbid_pipe forbid_file @@@ -38487,7 -38693,9 +38561,7 @@@ When more than one address is included SMTP RCPT commands in one transaction) the second and subsequent addresses are flagged with &`->`& instead of &`=>`&. When two or more messages are delivered down a single SMTP connection, an asterisk follows the -.new remote IP address (and port if enabled) -.wen in the log lines for the second and subsequent messages. When two or more messages are delivered down a single TLS connection, the DNS and some TLS-related information logged for the first message delivered @@@ -38867,7 -39075,9 +38941,7 @@@ to the &"<="& line as an IP address in followed by a colon and the port number. The local interface and port are also added to other SMTP log lines, for example, &"SMTP connection from"&, to rejection lines, and (despite the name) to outgoing -.new &"=>"&, &"->"&, &"=="& and &"**"& lines. -.wen The latter can be disabled by turning off the &%outgoing_interface%& option. .next .cindex log "incoming proxy address" @@@ -39152,9 -39362,11 +39226,9 @@@ added to the log line, preceded by DN= .next .cindex "log" "TLS resumption" .cindex "TLS" "logging session resumption" -.new &%tls_resumption%&: When a message is sent or received over an encrypted connection and the TLS session resumed one used on a previous TCP connection, an asterisk is appended to the X= cipher field in the log line. -.wen .next .cindex "log" "TLS SNI" .cindex "TLS" "logging SNI" @@@ -39702,7 -39914,9 +39776,7 @@@ for remote host .next &'ratelimit'&: the data for implementing the ratelimit ACL condition .next -.new &'tls'&: TLS session resumption data -.wen .next &'misc'&: other hints data .endlist @@@ -39724,8 -39938,13 +39798,13 @@@ in a transport .section "exim_dumpdb" "SECTdumpdb" .cindex "&'exim_dumpdb'&" The entire contents of a database are written to the standard output by the - &'exim_dumpdb'& program, which has no options or arguments other than the - spool and database names. For example, to dump the retry database: + &'exim_dumpdb'& program, + .new + taking as arguments the spool and database names. + An option &'-z'& may be given to regest times in UTC; + otherwise times are in the local timezone. + .wen + For example, to dump the retry database: .code exim_dumpdb /var/spool/exim retry .endd @@@ -39811,7 -40030,7 +39890,7 @@@ databases is likely to keep on increasi .cindex "&'exim_fixdb'&" The &'exim_fixdb'& program is a utility for interactively modifying databases. Its main use is for testing Exim, but it might also be occasionally useful for - getting round problems in a live system. It has no options, and its interface + getting round problems in a live system. Its interface is somewhat crude. On entry, it prompts for input with a right angle-bracket. A key of a database record can then be entered, and the data for that record is displayed. @@@ -39828,6 -40047,12 +39907,12 @@@ resets the time of the next delivery at sequence of digit pairs for year, month, day, hour, and minute. Colons can be used as optional separators. + .new + Both displayed and input times are in the local timezone by default. + If an option &'-z'& is used on the command line, displayed times + are in UTC. + .wen + @@@ -41212,12 -41437,14 +41297,12 @@@ option along with &%$dkim_domain%& If the option is empty after expansion, DKIM signing is not done for this domain, and no error will result even if &%dkim_strict%& is set. -.new To do, for example, dual-signing with RSA and EC keys this could be be used: .code dkim_selector = ec_sel : rsa_sel dkim_private_key = KEYS_DIR/$dkim_selector .endd -.wen .option dkim_private_key smtp string&!! unset This sets the private key to use. @@@ -41827,6 -42054,7 +41912,6 @@@ The lookup will return the same result .section "SRS (Sender Rewriting Scheme)" SECTSRS .cindex SRS "sender rewriting scheme" -.new SRS can be used to modify sender addresses when forwarding so that SPF verification does not object to them. It operates by encoding the original envelope sender in a new @@@ -41921,6 -42149,7 +42006,6 @@@ Example usage .endd -.wen diff --combined doc/doc-txt/ChangeLog index b5cc1a889,62156137e..4c37d9192 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@@ -2,6 -2,22 +2,22 @@@ This document describes *changes* to pr affect Exim's operation, with an unchanged configuration file. For new options, and new features, see the NewStuff file next to this ChangeLog. + Since 4.95 + ---------- + + JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from + after reception to before a subsequence reception. This should + mean slightly faster delivery, and also confirmation of reception + to senders. + + JH/02 Move from using the pcre library to pcre2. The former is no longer + being developed or supported (by the original developer). + + JH/03 Constification work in the filters module required a major version + bump for the local-scan API. Specifically, the "headers_charset" + global which is visible via the API is now const and may therefore + not be modified by local-scan code. + Exim version 4.95 ----------------- @@@ -327,15 -343,6 +343,15 @@@ JH/57 Fix control=fakreject for a custo JH/58 GnuTLS: Fix certextract expansion. If a second modifier after a tag modifier was given, a loop resulted. +JH/59 DKIM: Fix small-message verification under TLS with chunking. If a + pipelined SMTP command followed the BDAT LAST then it would be + incorrectly treated as part of the message body, causing a verification + fail. + +JH/60 Bug 2805: Fix logging of domain-literals in Message_ID: headers. They + require looser validation rules than those for 821-level addresses, + which only permit IP addresses. + Exim version 4.94 ----------------- diff --combined doc/doc-txt/NewStuff index cef9018c3,99c630324..eb1eb5dad --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@@ -6,6 -6,16 +6,16 @@@ Before a formal release, there may be q test from the snapshots or the Git before the documentation is updated. Once the documentation is updated, this file is reduced to a short list. + Version 4.96 + ------------ + + 1. A new ACL condition: seen. Records/tests a timestamp against a key. + + 2. A variant of the "mask" expansion operator to give normalised IPv6. + + 3. UTC output option for exim_dumpdb, exim_fixdb + + Version 4.95 ------------ @@@ -61,8 -71,6 +71,8 @@@ 18. TLS ALPN handling. By default, refuse TLS connections that try to specify a non-smtp (eg. http) use. Options for customising. +19. Support for MacOS (darwin) has been dropped. + Version 4.94 ------------ diff --combined src/src/acl.c index 242425d1e,be17b5768..6d064e8a2 --- a/src/src/acl.c +++ b/src/src/acl.c @@@ -10,7 -10,6 +10,7 @@@ #include "exim.h" +#ifndef MACRO_PREDEF /* Default callout timeout */ @@@ -54,8 -53,6 +54,8 @@@ static int msgcond[] = [ACL_WARN] = BIT(OK) }; +#endif + /* ACL condition and modifier codes - keep in step with the table that follows. down. */ @@@ -106,6 -103,7 +106,7 @@@ enum { ACLC_ACL ACLC_REGEX, #endif ACLC_REMOVE_HEADER, + ACLC_SEEN, ACLC_SENDER_DOMAINS, ACLC_SENDERS, ACLC_SET, @@@ -291,6 -289,7 +292,7 @@@ static condition_def conditions[] = ACL_BIT_MIME | ACL_BIT_NOTSMTP | ACL_BIT_NOTSMTP_START), }, + [ACLC_SEEN] = { US"seen", TRUE, FALSE, 0 }, [ACLC_SENDER_DOMAINS] = { US"sender_domains", FALSE, FALSE, ACL_BIT_AUTH | ACL_BIT_CONNECT | ACL_BIT_HELO | @@@ -341,24 -340,6 +343,24 @@@ }; +#ifdef MACRO_PREDEF +# include "macro_predef.h" +void +features_acl(void) +{ +for (condition_def * c = conditions; c < conditions + nelem(conditions); c++) + { + uschar buf[64], * p, * s; + int n = sprintf(CS buf, "_ACL_%s_", c->is_modifier ? "MOD" : "COND"); + for (p = buf + n, s = c->name; *s; s++) *p++ = toupper(*s); + *p = '\0'; + builtin_macro_create(buf); + } +} +#endif + + +#ifndef MACRO_PREDEF /* Return values from decode_control(); used as index so keep in step with the controls_list table that follows! */ @@@ -2836,6 -2817,143 +2838,143 @@@ return rc + /************************************************* + * Handle a check for previously-seen * + *************************************************/ + + /* + ACL clauses like: seen = -5m / key=$foo / readonly + + Return is true for condition-true - but the semantics + depend heavily on the actual use-case. + + Negative times test for seen-before, positive for seen-more-recently-than + (the given interval before current time). + + All are subject to history not having been cleaned from the DB. + + Default for seen-before is to create if not present, and to + update if older than 10d (with the seen-test time). + Default for seen-since is to always create or update. + + Options: + key=value. Default key is $sender_host_address + readonly + write + refresh=: update an existing DB entry older than given + amount. Default refresh lacking this option is 10d. + The update sets the record timestamp to the seen-test time. + + XXX do we need separate nocreate, noupdate controls? + + Arguments: + arg the option string for seen= + where ACL_WHERE_xxxx indicating which ACL this is + log_msgptr for error messages + + Returns: OK - Condition is true + FAIL - Condition is false + DEFER - Problem opening history database + ERROR - Syntax error in options + */ + + static int + acl_seen(const uschar * arg, int where, uschar ** log_msgptr) + { + enum { SEEN_DEFAULT, SEEN_READONLY, SEEN_WRITE }; + + const uschar * list = arg; + int slash = '/', equal = '=', interval, mode = SEEN_DEFAULT, yield = FAIL; + BOOL before; + int refresh = 10 * 24 * 60 * 60; /* 10 days */ + const uschar * ele, * key = sender_host_address; + open_db dbblock, * dbm; + dbdata_seen * dbd; + time_t now; + + /* Parse the first element, the time-relation. */ + + if (!(ele = string_nextinlist(&list, &slash, NULL, 0))) + goto badparse; + if ((before = *ele == '-')) + ele++; + if ((interval = readconf_readtime(ele, 0, FALSE)) < 0) + goto badparse; + + /* Remaining elements are options */ + + while ((ele = string_nextinlist(&list, &slash, NULL, 0))) + if (Ustrncmp(ele, "key=", 4) == 0) + key = ele + 4; + else if (Ustrcmp(ele, "readonly") == 0) + mode = SEEN_READONLY; + else if (Ustrcmp(ele, "write") == 0) + mode = SEEN_WRITE; + else if (Ustrncmp(ele, "refresh=", 8) == 0) + { + if ((refresh = readconf_readtime(ele + 8, 0, FALSE)) < 0) + goto badparse; + } + else + goto badopt; + + if (!(dbm = dbfn_open(US"seen", O_RDWR, &dbblock, TRUE, TRUE))) + { + HDEBUG(D_acl) debug_printf_indent("database for 'seen' not available\n"); + *log_msgptr = US"database for 'seen' not available"; + return DEFER; + } + + dbd = dbfn_read_with_length(dbm, key, NULL); + now = time(NULL); + if (dbd) /* an existing record */ + { + time_t diff = now - dbd->time_stamp; /* time since the record was written */ + + if (before ? diff >= interval : diff < interval) + yield = OK; + + if (mode == SEEN_READONLY) + { HDEBUG(D_acl) debug_printf_indent("seen db not written (readonly)\n"); } + else if (mode == SEEN_WRITE || !before) + { + dbd->time_stamp = now; + dbfn_write(dbm, key, dbd, sizeof(*dbd)); + HDEBUG(D_acl) debug_printf_indent("seen db written (update)\n"); + } + else if (diff >= refresh) + { + dbd->time_stamp = now - interval; + dbfn_write(dbm, key, dbd, sizeof(*dbd)); + HDEBUG(D_acl) debug_printf_indent("seen db written (refresh)\n"); + } + } + else + { /* No record found, yield always FAIL */ + if (mode != SEEN_READONLY) + { + dbdata_seen d = {.time_stamp = now}; + dbfn_write(dbm, key, &d, sizeof(*dbd)); + HDEBUG(D_acl) debug_printf_indent("seen db written (create)\n"); + } + else + HDEBUG(D_acl) debug_printf_indent("seen db not written (readonly)\n"); + } + + dbfn_close(dbm); + return yield; + + + badparse: + *log_msgptr = string_sprintf("failed to parse '%s'", arg); + return ERROR; + badopt: + *log_msgptr = string_sprintf("unrecognised option '%s' in '%s'", ele, arg); + return ERROR; + } + + + /************************************************* * The udpsend ACL modifier * *************************************************/ @@@ -3761,6 -3879,10 +3900,10 @@@ for (; cb; cb = cb->next setup_remove_header(arg); break; + case ACLC_SEEN: + rc = acl_seen(arg, where, log_msgptr); + break; + case ACLC_SENDER_DOMAINS: { uschar *sdomain; @@@ -4715,7 -4837,6 +4858,7 @@@ if (is_tainted(value)) putc('-', f) fprintf(f, "-acl%c %s %d\n%s\n", name[0], name+1, Ustrlen(value), value); } +#endif /* !MACRO_PREDEF */ /* vi: aw ai sw=2 */ /* End of acl.c */ diff --combined src/src/functions.h index f57379e2b,43424061a..3f04ec782 --- a/src/src/functions.h +++ b/src/src/functions.h @@@ -67,7 -67,7 +67,7 @@@ extern uschar *tls_field_from_dn(uscha extern void tls_free_cert(void **); extern int tls_getc(unsigned); extern uschar *tls_getbuf(unsigned *); -extern void tls_get_cache(void); +extern void tls_get_cache(unsigned); extern BOOL tls_import_cert(const uschar *, void **); extern BOOL tls_is_name_for_cert(const uschar *, void *); # ifdef USE_OPENSSL @@@ -378,7 -378,8 +378,8 @@@ extern uschar *parse_find_address_end(c extern const uschar *parse_find_at(const uschar *); extern const uschar *parse_fix_phrase(const uschar *, int); extern const uschar *parse_message_id(const uschar *, uschar **, uschar **); - extern const uschar *parse_quote_2047(const uschar *, int, uschar *, BOOL); + extern const uschar *parse_quote_2047(const uschar *, int, const uschar *, + BOOL); extern const uschar *parse_date_time(const uschar *str, time_t *t); extern void priv_drop_temp(const uid_t, const gid_t); extern void priv_restore(void); @@@ -426,8 -427,9 +427,9 @@@ extern void receive_swallow_smtp(voi #ifdef WITH_CONTENT_SCAN extern int regex(const uschar **); #endif - extern BOOL regex_match_and_setup(const pcre *, const uschar *, int, int); - extern const pcre *regex_must_compile(const uschar *, BOOL, BOOL); + extern BOOL regex_match(const pcre2_code *, const uschar *, int, uschar **); + extern BOOL regex_match_and_setup(const pcre2_code *, const uschar *, int, int); + extern const pcre2_code *regex_must_compile(const uschar *, BOOL, BOOL); extern void retry_add_item(address_item *, uschar *, int); extern BOOL retry_check_address(const uschar *, host_item *, uschar *, BOOL, uschar **, uschar **); @@@ -443,8 -445,8 +445,8 @@@ extern header_line *rewrite_header(head extern const uschar *rewrite_one(const uschar *, int, BOOL *, BOOL, uschar *, rewrite_rule *); extern void rewrite_test(const uschar *); - extern uschar *rfc2047_decode2(uschar *, BOOL, uschar *, int, int *, int *, - uschar **); + extern uschar *rfc2047_decode2(uschar *, BOOL, const uschar *, int, int *, + int *, uschar **); extern int route_address(address_item *, address_item **, address_item **, address_item **, address_item **, int); extern int route_check_prefix(const uschar *, const uschar *, unsigned *); @@@ -493,7 -495,7 +495,7 @@@ extern BOOL smtp_get_interface(uscha extern BOOL smtp_get_port(uschar *, address_item *, int *, uschar *); extern int smtp_getc(unsigned); extern uschar *smtp_getbuf(unsigned *); -extern void smtp_get_cache(void); +extern void smtp_get_cache(unsigned); extern int smtp_handle_acl_fail(int, int, uschar *, uschar *); extern void smtp_log_no_mail(void); extern void smtp_message_code(uschar **, int *, uschar **, uschar **, BOOL); diff --combined src/src/globals.c index 5d9f7f8c6,19269138c..1adb540c2 --- a/src/src/globals.c +++ b/src/src/globals.c @@@ -118,7 -118,7 +118,7 @@@ tls_support tls_out = uschar *dsn_envid = NULL; int dsn_ret = 0; - const pcre *regex_DSN = NULL; + const pcre2_code *regex_DSN = NULL; uschar *dsn_advertise_hosts = NULL; #ifndef DISABLE_TLS @@@ -126,7 -126,7 +126,7 @@@ BOOL gnutls_compat_mode = FALSE BOOL gnutls_allow_auto_pkcs11 = FALSE; uschar *hosts_require_alpn = NULL; uschar *openssl_options = NULL; - const pcre *regex_STARTTLS = NULL; + const pcre2_code *regex_STARTTLS = NULL; uschar *tls_advertise_hosts = US"*"; uschar *tls_alpn = US"smtp:esmtp"; uschar *tls_certificate = NULL; @@@ -159,11 -159,11 +159,11 @@@ uschar *tls_advertise_hosts = NULL /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; BOOL prdr_requested = FALSE; - const pcre *regex_PRDR = NULL; + const pcre2_code *regex_PRDR = NULL; #endif #ifdef SUPPORT_I18N - const pcre *regex_UTF8 = NULL; + const pcre2_code *regex_UTF8 = NULL; #endif /* Input-reading functions for messages, so we can use special ones for @@@ -176,7 -176,7 +176,7 @@@ uschar * (*lwr_receive_getbuf)(unsigne int (*lwr_receive_ungetc)(int) = stdin_ungetc; int (*receive_getc)(unsigned) = stdin_getc; uschar * (*receive_getbuf)(unsigned *) = NULL; -void (*receive_get_cache)(void)= NULL; +void (*receive_get_cache)(unsigned) = NULL; int (*receive_ungetc)(int) = stdin_ungetc; int (*receive_feof)(void) = stdin_feof; int (*receive_ferror)(void) = stdin_ferror; @@@ -658,7 -658,7 +658,7 @@@ auth_instance auth_defaults = uschar *auth_defer_msg = US"reason not recorded"; uschar *auth_defer_user_msg = US""; - uschar *auth_vars[AUTH_VARS]; + const uschar *auth_vars[AUTH_VARS]; int auto_thaw = 0; #ifdef WITH_CONTENT_SCAN int av_failed = FALSE; /* boolean but accessed as vtype_int*/ @@@ -711,10 -711,10 +711,10 @@@ uschar *chunking_advertise_hosts = US"* unsigned chunking_datasize = 0; unsigned chunking_data_left = 0; chunking_state_t chunking_state= CHUNKING_NOT_OFFERED; - const pcre *regex_CHUNKING = NULL; + const pcre2_code *regex_CHUNKING = NULL; #ifdef EXPERIMENTAL_ESMTP_LIMITS - const pcre *regex_LIMITS = NULL; + const pcre2_code *regex_LIMITS = NULL; #endif uschar *client_authenticator = NULL; @@@ -924,7 -924,7 +924,7 @@@ int expand_level = 0; /* Ne int expand_forbid = 0; int expand_nlength[EXPAND_MAXN+1]; int expand_nmax = -1; - uschar *expand_nstring[EXPAND_MAXN+1]; + const uschar *expand_nstring[EXPAND_MAXN+1]; uschar *expand_string_message; uschar *extra_local_interfaces = NULL; @@@ -953,7 -953,7 +953,7 @@@ volatile sig_atomic_t had_command_timeo volatile sig_atomic_t had_command_sigterm = 0; volatile sig_atomic_t had_data_timeout = 0; volatile sig_atomic_t had_data_sigint = 0; - uschar *headers_charset = US HEADERS_CHARSET; + const uschar *headers_charset = US HEADERS_CHARSET; int header_insert_maxlen = 64 * 1024; header_line *header_last = NULL; header_line *header_list = NULL; @@@ -1167,7 -1167,6 +1167,6 @@@ uschar *message_headers = NULL uschar *message_id; uschar *message_id_domain = NULL; uschar *message_id_text = NULL; - struct timeval message_id_tv = { 0, 0 }; uschar message_id_option[MESSAGE_ID_LENGTH + 3]; uschar *message_id_external; int message_linecount = 0; @@@ -1213,6 -1212,10 +1212,10 @@@ uid_t originator_uid uschar *override_local_interfaces = NULL; uschar *override_pid_file_path = NULL; + pcre2_general_context * pcre_gen_ctx = NULL; + pcre2_compile_context * pcre_cmp_ctx = NULL; + pcre2_match_context * pcre_mtc_ctx = NULL; + uschar *percent_hack_domains = NULL; uschar *pid_file_path = US PID_FILE_PATH "\0<--------------Space to patch pid_file_path->"; @@@ -1306,20 -1309,20 +1309,20 @@@ int recipients_count = 0 recipient_item *recipients_list = NULL; int recipients_list_max = 0; int recipients_max = 50000; - const pcre *regex_AUTH = NULL; - const pcre *regex_check_dns_names = NULL; - const pcre *regex_From = NULL; - const pcre *regex_IGNOREQUOTA = NULL; - const pcre *regex_PIPELINING = NULL; - const pcre *regex_SIZE = NULL; + const pcre2_code *regex_AUTH = NULL; + const pcre2_code *regex_check_dns_names = NULL; + const pcre2_code *regex_From = NULL; + const pcre2_code *regex_IGNOREQUOTA = NULL; + const pcre2_code *regex_PIPELINING = NULL; + const pcre2_code *regex_SIZE = NULL; #ifndef DISABLE_PIPE_CONNECT - const pcre *regex_EARLY_PIPE = NULL; + const pcre2_code *regex_EARLY_PIPE = NULL; #endif - const pcre *regex_ismsgid = NULL; - const pcre *regex_smtp_code = NULL; - uschar *regex_vars[REGEX_VARS]; + const pcre2_code *regex_ismsgid = NULL; + const pcre2_code *regex_smtp_code = NULL; + const uschar *regex_vars[REGEX_VARS]; #ifdef WHITELIST_D_MACROS - const pcre *regex_whitelisted_macro = NULL; + const pcre2_code *regex_whitelisted_macro = NULL; #endif #ifdef WITH_CONTENT_SCAN uschar *regex_match_string = NULL; diff --combined src/src/globals.h index b610ac0a9,95b8a08dc..bd88f7482 --- a/src/src/globals.h +++ b/src/src/globals.h @@@ -127,7 -127,7 +127,7 @@@ extern BOOL gnutls_compat_mode; extern BOOL gnutls_allow_auto_pkcs11; /* Let GnuTLS autoload PKCS11 modules */ extern uschar *hosts_require_alpn; /* Mandatory ALPN successful nogitiation */ extern uschar *openssl_options; /* OpenSSL compatibility options */ - extern const pcre *regex_STARTTLS; /* For recognizing STARTTLS settings */ + extern const pcre2_code *regex_STARTTLS; /* For recognizing STARTTLS settings */ extern uschar *tls_alpn; /* ALPN names acceptable */ extern uschar *tls_certificate; /* Certificate file */ extern uschar *tls_crl; /* CRL File */ @@@ -153,7 -153,7 +153,7 @@@ extern uschar *tls_advertise_hosts; extern uschar *dsn_envid; /* DSN envid string */ extern int dsn_ret; /* DSN ret type*/ - extern const pcre *regex_DSN; /* For recognizing DSN settings */ + extern const pcre2_code *regex_DSN; /* For recognizing DSN settings */ extern uschar *dsn_advertise_hosts; /* host for which TLS is advertised */ /* Input-reading functions for messages, so we can use special ones for @@@ -164,7 -164,7 +164,7 @@@ extern uschar * (*lwr_receive_getbuf)(u extern int (*lwr_receive_ungetc)(int); extern int (*receive_getc)(unsigned); extern uschar * (*receive_getbuf)(unsigned *); -extern void (*receive_get_cache)(void); +extern void (*receive_get_cache)(unsigned); extern int (*receive_ungetc)(int); extern int (*receive_feof)(void); extern int (*receive_ferror)(void); @@@ -320,7 -320,7 +320,7 @@@ extern uschar *acl_smtp_connect; extern uschar *acl_smtp_data; /* ACL run after DATA received */ #ifndef DISABLE_PRDR extern uschar *acl_smtp_data_prdr; /* ACL run after DATA received if in PRDR mode*/ - const extern pcre *regex_PRDR; /* For recognizing PRDR settings */ + const extern pcre2_code *regex_PRDR; /* For recognizing PRDR settings */ #endif #ifndef DISABLE_DKIM extern uschar *acl_smtp_dkim; /* ACL run for DKIM signatures / domains */ @@@ -372,7 -372,7 +372,7 @@@ extern auth_instance *auths; extern auth_instance auth_defaults; /* Default values */ extern uschar *auth_defer_msg; /* Error message for log */ extern uschar *auth_defer_user_msg; /* Error message for user */ - extern uschar *auth_vars[]; /* $authn variables */ + extern const uschar *auth_vars[]; /* $authn variables */ extern int auto_thaw; /* Auto-thaw interval */ #ifdef WITH_CONTENT_SCAN extern int av_failed; /* TRUE if the AV process failed */ @@@ -600,7 -600,7 +600,7 @@@ extern int expand_level; /* extern int expand_forbid; /* RDO flags for forbidding things */ extern int expand_nlength[]; /* Lengths of numbered strings */ extern int expand_nmax; /* Max numerical value */ - extern uschar *expand_nstring[]; /* Numbered strings */ + extern const uschar *expand_nstring[]; /* Numbered strings */ extern BOOL extract_addresses_remove_arguments; /* Controls -t behaviour */ extern uschar *extra_local_interfaces; /* Local, non-listen interfaces */ @@@ -724,7 -724,6 +724,6 @@@ extern uschar message_id_option[]; extern uschar *message_id_external; /* External form of following */ extern uschar *message_id_domain; /* Expanded to form domain-part of message_id */ extern uschar *message_id_text; /* Expanded to form message_id */ - extern struct timeval message_id_tv; /* Time used to create last message_id */ extern int message_linecount; /* As it says */ extern BOOL message_logs; /* TRUE to write message logs */ extern int message_size; /* Size of message */ @@@ -732,7 -731,7 +731,7 @@@ extern uschar *message_size_limit; #ifdef SUPPORT_I18N extern BOOL message_smtputf8; /* Internationalized mail handling */ extern int message_utf8_downconvert; /* convert from utf8 */ - const extern pcre *regex_UTF8; /* For recognizing SMTPUTF8 settings */ + const extern pcre2_code *regex_UTF8; /* For recognizing SMTPUTF8 settings */ #endif extern uschar message_subdir[]; /* Subdirectory for messages */ extern uschar *message_reference; /* Reference for error messages */ @@@ -780,6 -779,10 +779,10 @@@ extern uid_t originator_uid; extern uschar *override_local_interfaces; /* Value of -oX argument */ extern uschar *override_pid_file_path; /* Value of -oP argument */ + extern pcre2_general_context * pcre_gen_ctx; /* pcre memory management */ + extern pcre2_compile_context * pcre_cmp_ctx; + extern pcre2_match_context * pcre_mtc_ctx; + extern uschar *percent_hack_domains; /* Local domains for which '% operates */ extern uschar *pid_file_path; /* For writing daemon pids */ #ifndef DISABLE_PIPE_CONNECT @@@ -866,24 -869,24 +869,24 @@@ extern uschar *recipient_verify_failure extern int recipients_list_max; /* Maximum number fitting in list */ extern int recipients_max; /* Max permitted */ extern BOOL recipients_max_reject; /* If TRUE, reject whole message */ - extern const pcre *regex_AUTH; /* For recognizing AUTH settings */ - extern const pcre *regex_check_dns_names; /* For DNS name checking */ - extern const pcre *regex_From; /* For recognizing "From_" lines */ - extern const pcre *regex_CHUNKING; /* For recognizing CHUNKING (RFC 3030) */ - extern const pcre *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA (LMTP) */ + extern const pcre2_code *regex_AUTH; /* For recognizing AUTH settings */ + extern const pcre2_code *regex_check_dns_names; /* For DNS name checking */ + extern const pcre2_code *regex_From; /* For recognizing "From_" lines */ + extern const pcre2_code *regex_CHUNKING; /* For recognizing CHUNKING (RFC 3030) */ + extern const pcre2_code *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA (LMTP) */ #ifdef EXPERIMENTAL_ESMTP_LIMITS - extern const pcre *regex_LIMITS; /* For recognizing LIMITS */ + extern const pcre2_code *regex_LIMITS; /* For recognizing LIMITS */ #endif - extern const pcre *regex_PIPELINING; /* For recognizing PIPELINING */ - extern const pcre *regex_SIZE; /* For recognizing SIZE settings */ + extern const pcre2_code *regex_PIPELINING; /* For recognizing PIPELINING */ + extern const pcre2_code *regex_SIZE; /* For recognizing SIZE settings */ #ifndef DISABLE_PIPE_CONNECT - extern const pcre *regex_EARLY_PIPE; /* For recognizing PIPE_CONNCT */ + extern const pcre2_code *regex_EARLY_PIPE; /* For recognizing PIPE_CONNCT */ #endif - extern const pcre *regex_ismsgid; /* Compiled r.e. for message it */ - extern const pcre *regex_smtp_code; /* For recognizing SMTP codes */ - extern uschar *regex_vars[]; /* $regexN variables */ + extern const pcre2_code *regex_ismsgid; /* Compiled r.e. for message ID */ + extern const pcre2_code *regex_smtp_code; /* For recognizing SMTP codes */ + extern const uschar *regex_vars[]; /* $regexN variables */ #ifdef WHITELIST_D_MACROS - extern const pcre *regex_whitelisted_macro; /* For -D macro values */ + extern const pcre2_code *regex_whitelisted_macro; /* For -D macro values */ #endif #ifdef WITH_CONTENT_SCAN extern uschar *regex_match_string; /* regex that matched a line (regex ACL condition) */ diff --combined src/src/malware.c index e696f7a49,b34ca5794..ebd360cd2 --- a/src/src/malware.c +++ b/src/src/malware.c @@@ -129,7 -129,7 +129,7 @@@ for (const struct scan * sc = m_scans; #define MALWARE_TIMEOUT 120 /* default timeout, seconds */ static const uschar * malware_regex_default = US ".+"; - static const pcre * malware_default_re = NULL; + static const pcre2_code * malware_default_re = NULL; #ifndef DISABLE_MAL_CLAM @@@ -156,35 -156,35 +156,35 @@@ typedef struct clamd_address # define DERR_BAD_CALL (1<<15) /* wrong command */ static const uschar * drweb_re_str = US "infected\\swith\\s*(.+?)$"; - static const pcre * drweb_re = NULL; + static const pcre2_code * drweb_re = NULL; #endif #ifndef DISABLE_MAL_FSECURE static const uschar * fsec_re_str = US "\\S{0,5}INFECTED\\t[^\\t]*\\t([^\\t]+)\\t\\S*$"; - static const pcre * fsec_re = NULL; + static const pcre2_code * fsec_re = NULL; #endif #ifndef DISABLE_MAL_KAV static const uschar * kav_re_sus_str = US "suspicion:\\s*(.+?)\\s*$"; static const uschar * kav_re_inf_str = US "infected:\\s*(.+?)\\s*$"; - static const pcre * kav_re_sus = NULL; - static const pcre * kav_re_inf = NULL; + static const pcre2_code * kav_re_sus = NULL; + static const pcre2_code * kav_re_inf = NULL; #endif #ifndef DISABLE_MAL_AVAST static const uschar * ava_re_clean_str = US "(?!\\\\)\\t\\[\\+\\]"; static const uschar * ava_re_virus_str = US "(?!\\\\)\\t\\[L\\]\\d+\\.0\\t0\\s(.*)"; static const uschar * ava_re_error_str = US "(?!\\\\)\\t\\[E\\]\\d+\\.0\\tError\\s\\d+\\s(.*)"; - static const pcre * ava_re_clean = NULL; - static const pcre * ava_re_virus = NULL; - static const pcre * ava_re_error = NULL; + static const pcre2_code * ava_re_clean = NULL; + static const pcre2_code * ava_re_virus = NULL; + static const pcre2_code * ava_re_error = NULL; #endif #ifndef DISABLE_MAL_FFROT6D static const uschar * fprot6d_re_error_str = US "^\\d+\\s<(.+?)>$"; static const uschar * fprot6d_re_virus_str = US "^\\d+\\s\\s+.+$"; - static const pcre * fprot6d_re_error = NULL; - static const pcre * fprot6d_re_virus = NULL; + static const pcre2_code * fprot6d_re_error = NULL; + static const pcre2_code * fprot6d_re_virus = NULL; #endif @@@ -301,37 -301,43 +301,43 @@@ if (send(sock, buf, cnt, 0) < 0 return sock; } - static const pcre * + static const pcre2_code * m_pcre_compile(const uschar * re, uschar ** errstr) { - const uschar * rerror; - int roffset; - const pcre * cre; + int err; + PCRE2_SIZE roffset; + const pcre2_code * cre; - if (!(cre = pcre_compile(CS re, PCRE_COPT, CCSS &rerror, &roffset, NULL))) - *errstr= string_sprintf("regular expression error in '%s': %s at offset %d", - re, rerror, roffset); + if (!(cre = pcre2_compile((PCRE2_SPTR)re, PCRE2_ZERO_TERMINATED, + PCRE_COPT, &err, &roffset, pcre_cmp_ctx))) + { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); + *errstr= string_sprintf("regular expression error in '%s': %s at offset %ld", + re, errbuf, (long)roffset); + } return cre; } uschar * - m_pcre_exec(const pcre * cre, uschar * text) + m_pcre_exec(const pcre2_code * cre, uschar * text) { - int ovector[10*3]; - int i = pcre_exec(cre, NULL, CS text, Ustrlen(text), 0, 0, - ovector, nelem(ovector)); - uschar * substr = NULL; + pcre2_match_data * md = pcre2_match_data_create(2, pcre_gen_ctx); + int i = pcre2_match(cre, text, PCRE2_ZERO_TERMINATED, 0, 0, md, pcre_mtc_ctx); + PCRE2_UCHAR * substr = NULL; + PCRE2_SIZE slen; + if (i >= 2) /* Got it */ - pcre_get_substring(CS text, ovector, i, 1, CCSS &substr); - return substr; + pcre2_substring_get_bynumber(md, 1, &substr, &slen); + return US substr; } - static const pcre * + static const pcre2_code * m_pcre_nextinlist(const uschar ** list, int * sep, char * listerr, uschar ** errstr) { const uschar * list_ele; - const pcre * cre = NULL; + const pcre2_code * cre = NULL; if (!(list_ele = string_nextinlist(list, sep, NULL, 0))) *errstr = US listerr; @@@ -581,7 -587,7 +587,7 @@@ const uschar *av_scanner_work = av_scan uschar *scanner_name; unsigned long mbox_size; FILE *mbox_file; - const pcre *re; + const pcre2_code *re; uschar * errstr; struct scan * scanent; const uschar * scanner_options; @@@ -923,7 -929,7 +929,7 @@@ badseek: err = errno /* read and concatenate virus names into one string */ for (int i = 0; i < drweb_vnum; i++) { - int ovector[10*3]; + pcre2_match_data * md = pcre2_match_data_create(2, pcre_gen_ctx); /* read the size of report */ if (!recv_len(malware_daemon_ctx.sock, &drweb_slen, sizeof(drweb_slen), tmo)) @@@ -941,22 -947,20 +947,20 @@@ tmpbuf[drweb_slen] = '\0'; /* try matcher on the line, grab substring */ - result = pcre_exec(drweb_re, NULL, CS tmpbuf, Ustrlen(tmpbuf), 0, 0, - ovector, nelem(ovector)); + result = pcre2_match(drweb_re, (PCRE2_SPTR)tmpbuf, PCRE2_ZERO_TERMINATED, + 0, 0, md, pcre_mtc_ctx); if (result >= 2) { - const char * pre_malware_nb; - - pcre_get_substring(CS tmpbuf, ovector, result, 1, &pre_malware_nb); + PCRE2_SIZE * ovec = pcre2_get_ovector_pointer(md); if (i==0) /* the first name we just copy to malware_name */ - g = string_cat(NULL, US pre_malware_nb); + g = string_catn(NULL, US ovec[2], ovec[3] - ovec[2]); - /*XXX could be string_append_listele? */ else /* concatenate each new virus name to previous */ - g = string_append(g, 2, "/", pre_malware_nb); - - pcre_free_substring(pre_malware_nb); + { + g = string_catn(g, US"/", 1); + g = string_catn(g, US ovec[2], ovec[3] - ovec[2]); + } } } malware_name = string_from_gstring(g); @@@ -1149,7 -1153,7 +1153,7 @@@ int kav_rc; unsigned long kav_reportlen; int bread; - const pcre *kav_re; + const pcre2_code *kav_re; uschar *p; /* get current date and time, build scan request */ @@@ -1258,8 -1262,8 +1262,8 @@@ case M_CMDL: /* "cmdline" scanner type ---------------------------------- */ { const uschar *cmdline_scanner = scanner_options; - const pcre *cmdline_trigger_re; - const pcre *cmdline_regex_re; + const pcre2_code *cmdline_trigger_re; + const pcre2_code *cmdline_regex_re; uschar * file_name; uschar * commandline; void (*eximsigchld)(int); @@@ -1559,11 -1563,7 +1563,11 @@@ if (!use_scan_command) { cmd_str.data = US"zINSTREAM"; cmd_str.len = 10; } else - cmd_str.data = string_sprintf("SCAN %s\n%n", eml_filename, &cmd_str.len); + { + int n; + cmd_str.data = string_sprintf("SCAN %s\n%n", eml_filename, &n); + cmd_str.len = n; /* .len is a size_t */ + } /* We have some network servers specified */ if (num_servers) @@@ -1820,7 -1820,7 +1824,7 @@@ if (*p) ++p; /* colon in returned output? */ - if(!(p = Ustrchr(av_buffer,':'))) + if (!(p = Ustrchr(av_buffer,':'))) return m_panic_defer(scanent, CUS callout_address, string_sprintf( "ClamAV returned malformed result (missing colon): %s", av_buffer)); @@@ -1884,8 -1884,8 +1888,8 @@@ uschar * linebuffer; uschar * sockline_scanner; uschar sockline_scanner_default[] = "%s\n"; - const pcre *sockline_trig_re; - const pcre *sockline_name_re; + const pcre2_code *sockline_trig_re; + const pcre2_code *sockline_name_re; /* find scanner command line */ if ( (sockline_scanner = string_nextinlist(&av_scanner_work, &sep, @@@ -2124,7 -2124,7 +2128,7 @@@ if (malware_name) /* Nothing else matters, just read on */ break; - if (pcre_exec(ava_re_clean, NULL, CS buf, slen, 0, 0, NULL, 0) == 0) + if (regex_match(ava_re_clean, buf, slen, NULL)) break; if ((malware_name = m_pcre_exec(ava_re_virus, buf))) @@@ -2145,7 -2145,7 +2149,7 @@@ break; } } - else if (pcre_exec(ava_re_error, NULL, CS buf, slen, 0, 0, NULL, 0) == 0) + else if (regex_match(ava_re_error, buf, slen, NULL)) { log_write(0, LOG_MAIN, "internal scanner error (ignored): %s", buf); break; diff --combined src/src/match.c index f8edd5df5,46dd2eec8..8a1c9e5ea --- a/src/src/match.c +++ b/src/src/match.c @@@ -128,9 -128,9 +128,9 @@@ required. * if (pattern[0] == '^') { - const pcre * re = regex_must_compile(pattern, cb->caseless, FALSE); + const pcre2_code * re = regex_must_compile(pattern, cb->caseless, FALSE); if (expand_setup < 0 - ? pcre_exec(re, NULL, CCS s, Ustrlen(s), 0, PCRE_EOPT, NULL, 0) < 0 + ? !regex_match(re, s, -1, NULL) : !regex_match_and_setup(re, s, 0, expand_setup) ) return FAIL; @@@ -500,7 -500,7 +500,7 @@@ els /* For an unnamed list, use the expanded version in comments */ #define LIST_LIMIT_PR 2048 -HDEBUG(D_any) if (!ot) +HDEBUG(D_any) if (!ot) { int n, m; gstring * g = string_fmt_append(NULL, "%s in \"%n%.*s%n\"", @@@ -1284,7 -1284,7 +1284,7 @@@ provided that "caseless" is set. (It i patterns.) Otherwise just the domain is lower cases. A magic item "+caseful" in the list can be used to restore a caseful copy of the local part from the original address. -Limit the subject address size to avoid mem-exhastion attacks. The size chosen +Limit the subject address size to avoid mem-exhaustion attacks. The size chosen is historical (we used to use big_buffer here). */ if ((len = Ustrlen(address)) > BIG_BUFFER_SIZE) len = BIG_BUFFER_SIZE; diff --combined src/src/parse.c index 42f1234be,352f07d60..a290ae7c3 --- a/src/src/parse.c +++ b/src/src/parse.c @@@ -224,20 -224,16 +224,20 @@@ If allow_domain_literals is TRUE, a "do in []. Make sure the output is set to the null string if there is a syntax error as well as if there is no domain at all. +Optionally, msg_id domain literals ( printable-ascii enclosed in [] ) +are permitted. + Arguments: s current character pointer t where to put the domain + msg_id_literals flag for relaxed domain-literal processing errorptr put error message here on failure (*t will be 0 on exit) Returns: new character pointer */ static const uschar * -read_domain(const uschar *s, uschar *t, uschar **errorptr) +read_domain(const uschar *s, uschar *t, BOOL msg_id_literals, uschar **errorptr) { uschar *tt = t; s = skip_comment(s); @@@ -263,11 -259,7 +263,11 @@@ if (*s == '[' t += 5; s += 5; } - while (*s == '.' || *s == ':' || isxdigit(*s)) *t++ = *s++; + + if (msg_id_literals) + while (*s >= 33 && *s <= 90 || *s >= 94 && *s <= 126) *t++ = *s++; + else + while (*s == '.' || *s == ':' || isxdigit(*s)) *t++ = *s++; if (*s == ']') *t++ = *s++; else { @@@ -275,7 -267,7 +275,7 @@@ *tt = 0; } - if (!allow_domain_literals) + if (!allow_domain_literals && !msg_id_literals) { *errorptr = US"domain literals not allowed"; *tt = 0; @@@ -508,7 -500,7 +508,7 @@@ BOOL commas = FALSE while (*s == '@') { *t++ = '@'; - s = read_domain(s+1, t, errorptr); + s = read_domain(s+1, t, FALSE, errorptr); if (*t == 0) return s; t += Ustrlen((const uschar *)t); if (*s != ',') break; @@@ -567,7 -559,7 +567,7 @@@ if (*errorptr == NULL t += Ustrlen((const uschar *)t); *t++ = *s++; *domainptr = t; - s = read_domain(s, t, errorptr); + s = read_domain(s, t, FALSE, errorptr); } return s; } @@@ -657,7 -649,7 +657,7 @@@ if (*s != '@' && *s != '<' { if (*s == 0 || *s == ';') { - if (*t == 0) FAILED(US"empty address"); + if (!*t) FAILED(US"empty address"); endptr = last_comment_position; goto PARSE_SUCCEEDED; /* Bare local part */ } @@@ -748,7 -740,7 +748,7 @@@ if (*s == '<' } endptr = s; - if (*errorptr != NULL) goto PARSE_FAILED; + if (*errorptr) goto PARSE_FAILED; while (bracket_count-- > 0) if (*s++ != '>') { *errorptr = s[-1] == 0 @@@ -767,14 -759,14 +767,14 @@@ should be the domain. However, for flex not enclosed in <> as well, which is indicated by an empty first local part preceding '@'. The source routing is, however, ignored. */ -else if (*t == 0) +else if (!*t) { uschar *domainptr = yield; s = read_route(s, t, errorptr); - if (*errorptr != NULL) goto PARSE_FAILED; + if (*errorptr) goto PARSE_FAILED; *t = 0; /* Ensure route is ignored - probably overkill */ s = read_addr_spec(s, t, 0, errorptr, &domainptr); - if (*errorptr != NULL) goto PARSE_FAILED; + if (*errorptr) goto PARSE_FAILED; *domain = domainptr - yield; endptr = last_comment_position; if (*domain == 0) FAILED(US"domain missing in source-routed address"); @@@ -787,8 -779,8 +787,8 @@@ els t += Ustrlen((const uschar *)t); *t++ = *s++; *domain = t - yield; - s = read_domain(s, t, errorptr); - if (*t == 0) goto PARSE_FAILED; + s = read_domain(s, t, TRUE, errorptr); + if (!*t) goto PARSE_FAILED; endptr = last_comment_position; } @@@ -797,7 -789,7 +797,7 @@@ through for other cases. Endptr may hav move it back past white space if necessary. */ PARSE_SUCCEEDED: -if (*s != 0) +if (*s) { if (f.parse_found_group && *s == ';') { @@@ -871,7 -863,8 +871,8 @@@ Returns: pointer to the original */ const uschar * - parse_quote_2047(const uschar *string, int len, uschar *charset, BOOL fold) + parse_quote_2047(const uschar *string, int len, const uschar *charset, + BOOL fold) { const uschar * s = string; int hlen, l; diff --combined src/src/receive.c index 5471aa7cb,47c5977ee..3a9a91a81 --- a/src/src/receive.c +++ b/src/src/receive.c @@@ -1663,9 -1663,10 +1663,9 @@@ int process_info_len = Ustrlen(process int error_rc = error_handling == ERRORS_SENDER ? errors_sender_rc : EXIT_FAILURE; int header_size = 256; - int id_resolution = 0; -int start, end, domain; int had_zero = 0; int prevlines_length = 0; + const int id_resolution = BASE_62 == 62 ? 5000 : 10000; int ptr = 0; @@@ -1719,6 -1720,10 +1719,10 @@@ BOOL msgid_header_newly_created = FALSE uschar *timestamp; int tslen; + /* Time of creation of message_id */ + + static struct timeval message_id_tv = { 0, 0 }; + /* Release any open files that might have been cached while preparing to accept the message - e.g. by verifying addresses - because reading a message @@@ -1785,13 -1790,32 +1789,32 @@@ if (smtp_input && !smtp_batched_input & if (sender_host_address) dmarc_init(); /* initialize libopendmarc */ #endif + /* In SMTP sessions we may receive several messages in one connection. Before + each subsequent one, we wait for the clock to tick at the level of message-id + granularity. + This is so that the combination of time+pid is unique, even on systems where the + pid can be re-used within our time interval. We can't shorten the interval + without re-designing the message-id. See comments above where the message id is + created. This is Something For The Future. + Do this wait any time we have previously created a message-id, even if we + rejected the message. This gives unique IDs for logging done by ACLs. + The initial timestamp must have been obtained via exim_gettime() to avoid + issues on Linux with suspend/resume. */ + + if (message_id_tv.tv_sec) + { + message_id_tv.tv_usec = (message_id_tv.tv_usec/id_resolution) * id_resolution; + exim_wait_tick(&message_id_tv, id_resolution); + } + /* Remember the time of reception. Exim uses time+pid for uniqueness of message ids, and fractions of a second are required. See the comments that precede the message id creation below. We use a routine that if possible uses a monotonic clock, and can be used again after reception for the tick-wait even under the Linux non-Posix behaviour. */ - exim_gettime(&message_id_tv); + else + exim_gettime(&message_id_tv); /* For other uses of the received time we can operate with granularity of one second, and for that we use the global variable received_time. This is for @@@ -2680,28 -2704,20 +2703,20 @@@ message_id[6] = '-' Ustrncpy(message_id + 7, string_base62((long int)getpid()), 6); /* Deal with the case where the host number is set. The value of the number was - checked when it was read, to ensure it isn't too big. The timing granularity is - left in id_resolution so that an appropriate wait can be done after receiving - the message, if necessary (we hope it won't be). */ + checked when it was read, to ensure it isn't too big. */ if (host_number_string) - { - id_resolution = BASE_62 == 62 ? 5000 : 10000; sprintf(CS(message_id + MESSAGE_ID_LENGTH - 3), "-%2s", string_base62((long int)( host_number * (1000000/id_resolution) + message_id_tv.tv_usec/id_resolution)) + 4); - } /* Host number not set: final field is just the fractional time at an appropriate resolution. */ else - { - id_resolution = BASE_62 == 62 ? 500 : 1000; sprintf(CS(message_id + MESSAGE_ID_LENGTH - 3), "-%2s", string_base62((long int)(message_id_tv.tv_usec/id_resolution)) + 4); - } /* Add the current message id onto the current process info string if it will fit. */ @@@ -4083,8 -4099,6 +4098,8 @@@ if ( LOGGING(msg_id) && msgid_heade uschar * old_id; BOOL save_allow_domain_literals = allow_domain_literals; allow_domain_literals = TRUE; + int start, end, domain; + old_id = parse_extract_address(Ustrchr(msgid_header->text, ':') + 1, &errmsg, &start, &end, &domain, FALSE); allow_domain_literals = save_allow_domain_literals; @@@ -4324,26 -4338,6 +4339,6 @@@ then we can think about properly declar TIDYUP: - /* In SMTP sessions we may receive several messages in one connection. After - each one, we wait for the clock to tick at the level of message-id granularity. - This is so that the combination of time+pid is unique, even on systems where the - pid can be re-used within our time interval. We can't shorten the interval - without re-designing the message-id. See comments above where the message id is - created. This is Something For The Future. - Do this wait any time we have created a message-id, even if we rejected the - message. This gives unique IDs for logging done by ACLs. - The initial timestamp must have been obtained via exim_gettime() to avoid - issues on Linux with suspend/resume. - It would be Nicer to only pause before a follow-on message. */ - - if (id_resolution != 0) - { - message_id_tv.tv_usec = (message_id_tv.tv_usec/id_resolution) * id_resolution; - exim_wait_tick(&message_id_tv, id_resolution); - id_resolution = 0; - } - - process_info[process_info_len] = 0; /* Remove message id */ if (spool_data_file && cutthrough_done == NOT_TRIED) { diff --combined src/src/smtp_in.c index ffda0ec81,5e75e2c16..41232d7cd --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@@ -581,12 -581,12 +581,12 @@@ return buf } void -smtp_get_cache(void) +smtp_get_cache(unsigned lim) { #ifndef DISABLE_DKIM int n = smtp_inend - smtp_inptr; -if (chunking_state == CHUNKING_LAST && chunking_data_left < n) - n = chunking_data_left; +if (n > lim) + n = lim; if (n > 0) dkim_exim_verify_feed(smtp_inptr, n); #endif @@@ -661,9 -661,7 +661,9 @@@ for(;; if (chunking_state == CHUNKING_LAST) { #ifndef DISABLE_DKIM + dkim_collect_input = dkim_save; dkim_exim_verify_feed(NULL, 0); /* notify EOD */ + dkim_collect_input = 0; #endif return EOD; } @@@ -3268,27 -3266,26 +3268,26 @@@ voi smtp_message_code(uschar **code, int *codelen, uschar **msg, uschar **log_msg, BOOL check_valid) { - int n; - int ovector[3]; + uschar * match; + int len; - if (!msg || !*msg) return; - - if ((n = pcre_exec(regex_smtp_code, NULL, CS *msg, Ustrlen(*msg), 0, - PCRE_EOPT, ovector, sizeof(ovector)/sizeof(int))) < 0) return; + if (!msg || !*msg || !regex_match(regex_smtp_code, *msg, -1, &match)) + return; + len = Ustrlen(match); if (check_valid && (*msg)[0] != (*code)[0]) { log_write(0, LOG_MAIN|LOG_PANIC, "configured error code starts with " "incorrect digit (expected %c) in \"%s\"", (*code)[0], *msg); - if (log_msg != NULL && *log_msg == *msg) - *log_msg = string_sprintf("%s %s", *code, *log_msg + ovector[1]); + if (log_msg && *log_msg == *msg) + *log_msg = string_sprintf("%s %s", *code, *log_msg + len); } else { *code = *msg; - *codelen = ovector[1]; /* Includes final space */ + *codelen = len; /* Includes final space */ } - *msg += ovector[1]; /* Chop the code off the message */ + *msg += len; /* Chop the code off the message */ return; } diff --combined src/src/tls-gnu.c index 9aabcbfd0,618caf6a2..4626dc945 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@@ -1079,8 -1079,7 +1079,8 @@@ static in tls_server_clienthello_ext(void * ctx, unsigned tls_id, const uschar * data, unsigned size) { -/* https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml */ +/* The values for tls_id are documented here: +https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml */ switch (tls_id) { case 5: /* Status Request */ @@@ -2113,7 -2112,7 +2113,7 @@@ if (!state->lib_state.pri_string if ((rc = creds_load_pristring(state, p, &errpos))) return tls_error_gnu(state, string_sprintf( "gnutls_priority_init(%s) failed at offset %ld, \"%.6s..\"", - p, errpos - CS p, errpos), + p, (long)(errpos - CS p), errpos), rc, errstr); } else @@@ -3878,15 -3877,12 +3878,15 @@@ return buf } +/* Get up to the given number of bytes from any cached data, and feed to dkim. */ void -tls_get_cache(void) +tls_get_cache(unsigned lim) { #ifndef DISABLE_DKIM exim_gnutls_state_st * state = &state_server; int n = state->xfer_buffer_hwm - state->xfer_buffer_lwm; +if (n > lim) + n = lim; if (n > 0) dkim_exim_verify_feed(state->xfer_buffer+state->xfer_buffer_lwm, n); #endif @@@ -4201,7 -4197,7 +4201,7 @@@ DEBUG(D_tls rc = gnutls_priority_init(&priority_cache, CS expciphers, &errpos); validate_check_rc(string_sprintf( "gnutls_priority_init(%s) failed at offset %ld, \"%.8s..\"", - expciphers, errpos - CS expciphers, errpos)); + expciphers, (long)(errpos - CS expciphers), errpos)); #undef return_deinit #undef validate_check_rc diff --combined src/src/transports/appendfile.c index a53e3bc9c,5451416c9..39ff881bb --- a/src/src/transports/appendfile.c +++ b/src/src/transports/appendfile.c @@@ -435,7 -435,7 +435,7 @@@ if ((s = ob->create_file_string ) && *s else if (Ustrcmp(s, "inhome") == 0) val = create_inhome; else log_write(0, LOG_PANIC_DIE|LOG_CONFIG, - "invalid value given for \"file_create\" for the %s transport: '%s'", + "invalid value given for \"create_file\" for the %s transport: '%s'", tblock->name, s); ob->create_file = val; } @@@ -662,14 -662,14 +662,14 @@@ the log, because we are running as an u Arguments: dirname the name of the directory countptr where to add the file count (because this function recurses) - regex a compiled regex to get the size from a name + re a compiled regex to get the size from a name Returns: the sum of the sizes of the stattable files zero if the directory cannot be opened */ off_t - check_dir_size(const uschar * dirname, int *countptr, const pcre *regex) + check_dir_size(const uschar * dirname, int * countptr, const pcre2_code * re) { DIR *dir; off_t sum = 0; @@@ -688,14 -688,18 +688,18 @@@ for (struct dirent *ent; ent = readdir( /* If there's a regex, try to find the size using it */ - if (regex) + if (re) { - int ovector[6]; - if (pcre_exec(regex, NULL, CS name, Ustrlen(name), 0, 0, ovector,6) >= 2) + pcre2_match_data * md = pcre2_match_data_create(2, pcre_gen_ctx); + int rc = pcre2_match(re, (PCRE2_SPTR)name, PCRE2_ZERO_TERMINATED, + 0, 0, md, pcre_mtc_ctx); + PCRE2_SIZE * ovec = pcre2_get_ovector_pointer(md); + if ( rc >= 0 + && (rc = pcre2_get_ovector_count(md)) >= 2) { uschar *endptr; - off_t size = (off_t)Ustrtod(name + ovector[2], &endptr); - if (endptr == name + ovector[3]) + off_t size = (off_t)Ustrtod(name + ovec[2], &endptr); + if (endptr == name + ovec[3]) { sum += size; DEBUG(D_transport) @@@ -722,7 -726,7 +726,7 @@@ if ((statbuf.st_mode & S_IFMT) == S_IFREG) sum += statbuf.st_size / statbuf.st_nlink; else if ((statbuf.st_mode & S_IFMT) == S_IFDIR) - sum += check_dir_size(path, &count, regex); + sum += check_dir_size(path, &count, re); } closedir(dir); @@@ -2175,7 -2179,7 +2179,7 @@@ scanning is expensive; for maildirs som else { uschar *check_path; /* Default quota check path */ - const pcre *regex = NULL; /* Regex for file size from file name */ + const pcre2_code * re = NULL; /* Regex for file size from file name */ if (!check_creation(string_sprintf("%s/any", path), ob->create_file, deliver_dir)) @@@ -2218,18 -2222,20 +2222,20 @@@ if (ob->quota_value > 0 || THRESHOLD_CHECK || ob->maildir_use_size_file) { - const uschar *error; - int offset; + PCRE2_SIZE offset; + int err; /* Compile the regex if there is one. */ if (ob->quota_size_regex) { - if (!(regex = pcre_compile(CS ob->quota_size_regex, PCRE_COPT, - CCSS &error, &offset, NULL))) + if (!(re = pcre2_compile((PCRE2_SPTR)ob->quota_size_regex, + PCRE2_ZERO_TERMINATED, PCRE_COPT, &err, &offset, pcre_cmp_ctx))) { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); addr->message = string_sprintf("appendfile: regular expression " - "error: %s at offset %d while compiling %s", error, offset, + "error: %s at offset %ld while compiling %s", errbuf, (long)offset, ob->quota_size_regex); return FALSE; } @@@ -2304,19 -2310,21 +2310,21 @@@ #ifdef SUPPORT_MAILDIR if (ob->maildir_use_size_file) { - const pcre *dir_regex = NULL; - const uschar *error; - int offset; + const pcre2_code * dir_regex = NULL; + PCRE2_SIZE offset; + int err; if (ob->maildir_dir_regex) { int check_path_len = Ustrlen(check_path); - if (!(dir_regex = pcre_compile(CS ob->maildir_dir_regex, PCRE_COPT, - CCSS &error, &offset, NULL))) + if (!(dir_regex = pcre2_compile((PCRE2_SPTR)ob->maildir_dir_regex, + PCRE2_ZERO_TERMINATED, PCRE_COPT, &err, &offset, pcre_cmp_ctx))) { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); addr->message = string_sprintf("appendfile: regular expression " - "error: %s at offset %d while compiling %s", error, offset, + "error: %s at offset %ld while compiling %s", errbuf, (long)offset, ob->maildir_dir_regex); return FALSE; } @@@ -2335,7 -2343,7 +2343,7 @@@ uschar *s = path + check_path_len; while (*s == '/') s++; s = *s ? string_sprintf("%s/new", s) : US"new"; - if (pcre_exec(dir_regex, NULL, CS s, Ustrlen(s), 0, 0, NULL, 0) < 0) + if (!regex_match(dir_regex, s, -1, NULL)) { disable_quota = TRUE; DEBUG(D_transport) debug_printf("delivery directory does not match " @@@ -2356,7 -2364,7 +2364,7 @@@ off_t size; int filecount; - if ((maildirsize_fd = maildir_ensure_sizefile(check_path, ob, regex, dir_regex, + if ((maildirsize_fd = maildir_ensure_sizefile(check_path, ob, re, dir_regex, &size, &filecount)) == -1) { addr->basic_errno = errno; @@@ -2381,7 -2389,7 +2389,7 @@@ * (void)unlink(CS string_sprintf("%s/maildirsize", check_path)); * if (THRESHOLD_CHECK) * mailbox_size = maildir_compute_size(check_path, &mailbox_filecount, &old_latest, - * regex, dir_regex, FALSE); + * re, dir_regex, FALSE); * } */ @@@ -2403,7 -2411,7 +2411,7 @@@ int filecount = 0; DEBUG(D_transport) debug_printf("quota checks on directory %s\n", check_path); - size = check_dir_size(check_path, &filecount, regex); + size = check_dir_size(check_path, &filecount, re); if (mailbox_size < 0) mailbox_size = size; if (mailbox_filecount < 0) mailbox_filecount = filecount; } diff --combined src/src/transports/smtp.c index 7e6e34a67,0db157a66..757b7b387 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@@ -237,48 -237,39 +237,39 @@@ static unsigned ehlo_response(uschar * void smtp_deliver_init(void) { - if (!regex_PIPELINING) regex_PIPELINING = - regex_must_compile(US"\\n250[\\s\\-]PIPELINING(\\s|\\n|$)", FALSE, TRUE); - - if (!regex_SIZE) regex_SIZE = - regex_must_compile(US"\\n250[\\s\\-]SIZE(\\s|\\n|$)", FALSE, TRUE); - - if (!regex_AUTH) regex_AUTH = - regex_must_compile(AUTHS_REGEX, FALSE, TRUE); + struct list + { + const pcre2_code ** re; + const uschar * string; + } list[] = + { + { ®ex_AUTH, AUTHS_REGEX }, + { ®ex_CHUNKING, US"\\n250[\\s\\-]CHUNKING(\\s|\\n|$)" }, + { ®ex_DSN, US"\\n250[\\s\\-]DSN(\\s|\\n|$)" }, + { ®ex_IGNOREQUOTA, US"\\n250[\\s\\-]IGNOREQUOTA(\\s|\\n|$)" }, + { ®ex_PIPELINING, US"\\n250[\\s\\-]PIPELINING(\\s|\\n|$)" }, + { ®ex_SIZE, US"\\n250[\\s\\-]SIZE(\\s|\\n|$)" }, #ifndef DISABLE_TLS - if (!regex_STARTTLS) regex_STARTTLS = - regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE); + { ®ex_STARTTLS, US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)" }, #endif - - if (!regex_CHUNKING) regex_CHUNKING = - regex_must_compile(US"\\n250[\\s\\-]CHUNKING(\\s|\\n|$)", FALSE, TRUE); - #ifndef DISABLE_PRDR - if (!regex_PRDR) regex_PRDR = - regex_must_compile(US"\\n250[\\s\\-]PRDR(\\s|\\n|$)", FALSE, TRUE); + { ®ex_PRDR, US"\\n250[\\s\\-]PRDR(\\s|\\n|$)" }, #endif - #ifdef SUPPORT_I18N - if (!regex_UTF8) regex_UTF8 = - regex_must_compile(US"\\n250[\\s\\-]SMTPUTF8(\\s|\\n|$)", FALSE, TRUE); + { ®ex_UTF8, US"\\n250[\\s\\-]SMTPUTF8(\\s|\\n|$)" }, #endif - - if (!regex_DSN) regex_DSN = - regex_must_compile(US"\\n250[\\s\\-]DSN(\\s|\\n|$)", FALSE, TRUE); - - if (!regex_IGNOREQUOTA) regex_IGNOREQUOTA = - regex_must_compile(US"\\n250[\\s\\-]IGNOREQUOTA(\\s|\\n|$)", FALSE, TRUE); - #ifndef DISABLE_PIPE_CONNECT - if (!regex_EARLY_PIPE) regex_EARLY_PIPE = - regex_must_compile(US"\\n250[\\s\\-]" EARLY_PIPE_FEATURE_NAME "(\\s|\\n|$)", FALSE, TRUE); + { ®ex_EARLY_PIPE, US"\\n250[\\s\\-]" EARLY_PIPE_FEATURE_NAME "(\\s|\\n|$)" }, #endif - #ifdef EXPERIMENTAL_ESMTP_LIMITS - if (!regex_LIMITS) regex_LIMITS = - regex_must_compile(US"\\n250[\\s\\-]LIMITS\\s", FALSE, TRUE); + { ®ex_LIMITS, US"\\n250[\\s\\-]LIMITS\\s" }, #endif + }; + + for (struct list * l = list; l < list + nelem(list); l++) + if (!*l->re) + *l->re = regex_must_compile(l->string, FALSE, TRUE); } @@@ -777,13 -768,12 +768,12 @@@ This saves us dealing with a duplicate static void ehlo_response_limits_read(smtp_context * sx) { - int ovec[3]; /* results vector for a main-match only */ + uschar * match; /* matches up to just after the first space after the keyword */ - if (pcre_exec(regex_LIMITS, NULL, CS sx->buffer, Ustrlen(sx->buffer), - 0, PCRE_EOPT, ovec, nelem(ovec)) >= 0) - for (const uschar * s = sx->buffer + ovec[1]; *s; ) + if (regex_match(regex_LIMITS, sx->buffer, -1, &match)) + for (const uschar * s = sx->buffer + Ustrlen(match); *s; ) { while (isspace(*s)) s++; if (*s == '\n') break; @@@ -1809,57 -1799,65 +1799,65 @@@ return Ustrcmp(current_local_identity, static unsigned ehlo_response(uschar * buf, unsigned checks) { - size_t bsize = Ustrlen(buf); + PCRE2_SIZE bsize = Ustrlen(buf); + pcre2_match_data * md = pcre2_match_data_create(1, pcre_gen_ctx); /* debug_printf("%s: check for 0x%04x\n", __FUNCTION__, checks); */ #ifndef DISABLE_TLS if ( checks & OPTION_TLS - && pcre_exec(regex_STARTTLS, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_STARTTLS, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) #endif checks &= ~OPTION_TLS; if ( checks & OPTION_IGNQ - && pcre_exec(regex_IGNOREQUOTA, NULL, CS buf, bsize, 0, - PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_IGNOREQUOTA, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_IGNQ; if ( checks & OPTION_CHUNKING - && pcre_exec(regex_CHUNKING, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_CHUNKING, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_CHUNKING; #ifndef DISABLE_PRDR if ( checks & OPTION_PRDR - && pcre_exec(regex_PRDR, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_PRDR, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) #endif checks &= ~OPTION_PRDR; #ifdef SUPPORT_I18N if ( checks & OPTION_UTF8 - && pcre_exec(regex_UTF8, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_UTF8, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) #endif checks &= ~OPTION_UTF8; if ( checks & OPTION_DSN - && pcre_exec(regex_DSN, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_DSN, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_DSN; if ( checks & OPTION_PIPE - && pcre_exec(regex_PIPELINING, NULL, CS buf, bsize, 0, - PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_PIPELINING, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_PIPE; if ( checks & OPTION_SIZE - && pcre_exec(regex_SIZE, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_SIZE, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_SIZE; #ifndef DISABLE_PIPE_CONNECT if ( checks & OPTION_EARLY_PIPE - && pcre_exec(regex_EARLY_PIPE, NULL, CS buf, bsize, 0, - PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_EARLY_PIPE, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) #endif checks &= ~OPTION_EARLY_PIPE; + pcre2_match_data_free(md); /* debug_printf("%s: found 0x%04x\n", __FUNCTION__, checks); */ return checks; } @@@ -3079,7 -3077,7 +3077,7 @@@ return OK SEND_FAILED: code = '4'; - message = US string_sprintf("send() to %s [%s] failed: %s", + message = US string_sprintf("smtp send to %s [%s] failed: %s", sx->conn_args.host->name, sx->conn_args.host->address, strerror(errno)); sx->send_quit = FALSE; yield = DEFER; @@@ -4400,7 -4398,7 +4398,7 @@@ if (!sx->ok { save_errno = errno; code = '4'; - message = string_sprintf("send() to %s [%s] failed: %s", + message = string_sprintf("smtp send to %s [%s] failed: %s", host->name, host->address, message ? message : US strerror(save_errno)); sx->send_quit = FALSE; goto FAILED; @@@ -4436,21 -4434,6 +4434,21 @@@ message_error = Ustrncmp(smtp_command,"end ",4) == 0; break; +#ifndef DISABLE_DKIM + case EACCES: + /* DKIM signing failure: avoid thinking we pipelined quit, + just abandon the message and close the socket. */ + + message_error = FALSE; +# ifndef DISABLE_TLS + if (sx->cctx.tls_ctx) + { + tls_close(sx->cctx.tls_ctx, TLS_SHUTDOWN_WAIT); + sx->cctx.tls_ctx = NULL; + } +# endif + break; +#endif default: message_error = FALSE; break; @@@ -4599,7 -4582,7 +4597,7 @@@ if (sx->completed_addr && sx->ok && sx- if (sx->send_rset) if (! (sx->ok = smtp_write_command(sx, SCMD_FLUSH, "RSET\r\n") >= 0)) { - msg = US string_sprintf("send() to %s [%s] failed: %s", host->name, + msg = US string_sprintf("smtp send to %s [%s] failed: %s", host->name, host->address, strerror(errno)); sx->send_quit = FALSE; } diff --combined test/scripts/0000-Basic/0002 index e74ca6e39,db3eae6be..463ad96e9 --- a/test/scripts/0000-Basic/0002 +++ b/test/scripts/0000-Basic/0002 @@@ -249,8 -249,7 +249,9 @@@ mask: ${mask:192.168.10.206/0 mask: ${mask:192.168.10.206} mask: ${mask:a.b.c.d} mask: ${mask:2a00:2:3:4:5:6:7:8/79} +mask: ${mask:2a00:2:3:4:5:6:7:8/128} +mask: ${mask:2a00:2:3:4:5:6:7:8/129} + mask_n: ${mask_n:2a00:2:3:4:5:6:7:8/79} ipv6denorm: ${ipv6denorm:::1} ipv6denorm: ${ipv6denorm:fe00::1} ipv6denorm: ${ipv6denorm:192.168.0.1} diff --combined test/stdout/0002 index f6f722e47,5c8c2520c..f340b9426 --- a/test/stdout/0002 +++ b/test/stdout/0002 @@@ -231,8 -231,7 +231,9 @@@ newline tab\134backslash ~tilde\177DEL\ > Failed: missing mask value in "192.168.10.206" > Failed: "a.b.c.d" is not an IP address > mask: 2a00.0002.0003.0004.0004.0000.0000.0000/79 +> mask: 2a00.0002.0003.0004.0005.0006.0007.0008/128 +> Failed: mask value too big in "2a00:2:3:4:5:6:7:8/129" + > mask_n: 2a00:2:3:4:4::/79 > ipv6denorm: 0000:0000:0000:0000:0000:0000:0000:0001 > ipv6denorm: fe00:0000:0000:0000:0000:0000:0000:0001 > ipv6denorm: 0000:0000:0000:0000:0000:ffff:c0a8:0001