Relax restrictions on which ACLs verify conditions may be used

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index e3684ba308ed8060b4192bd6ccf36ba878a02fe5..8350b4da7b4e2c225b635678876739ad89135807 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -31776,8 +31776,9 @@ send email. Details of how this works are given in section
 .cindex "header lines" "verifying header names only ASCII"
 .cindex "verifying" "header names only ASCII"
 This condition is relevant only in an ACL that is run after a message has been
 .cindex "header lines" "verifying header names only ASCII"
 .cindex "verifying" "header names only ASCII"
 This condition is relevant only in an ACL that is run after a message has been

-received, that is, in an ACL specified by &%acl_smtp_data%& or
-&%acl_not_smtp%&.  It checks all header names (not the content) to make sure
+received.
+This usually means an ACL specified by &%acl_smtp_data%& or &%acl_not_smtp%&.
+It checks all header names (not the content) to make sure

 there are no non-ASCII characters, also excluding control characters.  The
 allowable characters are decimal ASCII values 33 through 126.
 
 there are no non-ASCII characters, also excluding control characters.  The
 allowable characters are decimal ASCII values 33 through 126.
 


@@ -31932,7 +31933,7 @@ Note that '/' is legal in local-parts; if the address may have such
 (eg. is generated from the received message)
 they must be protected from the options parsing by doubling:
 .code
 (eg. is generated from the received message)
 they must be protected from the options parsing by doubling:
 .code

-verify = sender=${sg{${address:$h_sender:}}{/}{//}}
+verify = sender=${listquote{/}{${address:$h_sender:}}}

 .endd
 .endlist
 
 .endd
 .endlist
 

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index fef4c74b8aceaa6a1dd7329580c62c4528142696..0354ff2580180857f610dd5760405b71995f8a61 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -44,6 +44,11 @@ JH/08 Bug 2598: Fix verify ACL condition.  The options for the condition are
       expanded; previously using tainted values was rejected.  Fix by using
       dynamically-created buffers.
 
       expanded; previously using tainted values was rejected.  Fix by using
       dynamically-created buffers.
 

+JH/09 Relax restrictions on ACL verify condition needing access to message
+      headers.  Previously they were only permitted in data and non-smtp ACLs;
+      permit also mime, dkim, prdr quit and notquit.  Applies to header-syntax,
+      not_blind, header_sender and header_names_ascii verification.
+

 
 Exim version 4.94
 -----------------
 
 Exim version 4.94
 -----------------

diff --git a/src/src/acl.c b/src/src/acl.c
index 297489b3f432c22fcb5865321ca22ba065861b23..e1e6f9ce4c6fa6840effa2e784b33855d458aff5 100644 (file)
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -1517,14 +1517,14 @@ static verify_type_t verify_type_list[] = {
     { US"certificate",         VERIFY_CERT,            (unsigned)~0,   TRUE,  0 },
     { US"helo",                        VERIFY_HELO,            (unsigned)~0,   TRUE,  0 },
     { US"csa",                 VERIFY_CSA,             (unsigned)~0,   FALSE, 0 },
     { US"certificate",         VERIFY_CERT,            (unsigned)~0,   TRUE,  0 },
     { US"helo",                        VERIFY_HELO,            (unsigned)~0,   TRUE,  0 },
     { US"csa",                 VERIFY_CSA,             (unsigned)~0,   FALSE, 0 },

-    { US"header_syntax",       VERIFY_HDR_SYNTAX,      ACL_BIT_DATA | ACL_BIT_NOTSMTP, TRUE, 0 },
-    { US"not_blind",           VERIFY_NOT_BLIND,       ACL_BIT_DATA | ACL_BIT_NOTSMTP, FALSE, 0 },
-    { US"header_sender",       VERIFY_HDR_SNDR,        ACL_BIT_DATA | ACL_BIT_NOTSMTP, FALSE, 0 },
+    { US"header_syntax",       VERIFY_HDR_SYNTAX,      ACL_BITS_HAVEDATA, TRUE, 0 },
+    { US"not_blind",           VERIFY_NOT_BLIND,       ACL_BITS_HAVEDATA, FALSE, 0 },
+    { US"header_sender",       VERIFY_HDR_SNDR,        ACL_BITS_HAVEDATA, FALSE, 0 },

     { US"sender",              VERIFY_SNDR,            ACL_BIT_MAIL | ACL_BIT_RCPT
                        | ACL_BIT_PREDATA | ACL_BIT_DATA | ACL_BIT_NOTSMTP,
                                                                                FALSE, 6 },
     { US"recipient",           VERIFY_RCPT,            ACL_BIT_RCPT,   FALSE, 0 },
     { US"sender",              VERIFY_SNDR,            ACL_BIT_MAIL | ACL_BIT_RCPT
                        | ACL_BIT_PREDATA | ACL_BIT_DATA | ACL_BIT_NOTSMTP,
                                                                                FALSE, 6 },
     { US"recipient",           VERIFY_RCPT,            ACL_BIT_RCPT,   FALSE, 0 },

-    { US"header_names_ascii",  VERIFY_HDR_NAMES_ASCII, ACL_BIT_DATA | ACL_BIT_NOTSMTP, TRUE, 0 },
+    { US"header_names_ascii",  VERIFY_HDR_NAMES_ASCII, ACL_BITS_HAVEDATA, TRUE, 0 },

 #ifdef EXPERIMENTAL_ARC
     { US"arc",                 VERIFY_ARC,             ACL_BIT_DATA,   FALSE , 0 },
 #endif
 #ifdef EXPERIMENTAL_ARC
     { US"arc",                 VERIFY_ARC,             ACL_BIT_DATA,   FALSE , 0 },
 #endif

diff --git a/src/src/macros.h b/src/src/macros.h
index f6012447d02fd09621dae0d3337ae17b5e81d73f..b5221c7ecbbc20016b4975a3414b713f4b241b0f 100644 (file)
--- a/src/src/macros.h
+++ b/src/src/macros.h
@@ -974,7 +974,9 @@ enum { ACL_WHERE_RCPT,       /* Some controls are for RCPT only */
 #define ACL_BIT_MIME           BIT(ACL_WHERE_MIME)
 #define ACL_BIT_DKIM           BIT(ACL_WHERE_DKIM)
 #define ACL_BIT_DATA           BIT(ACL_WHERE_DATA)
 #define ACL_BIT_MIME           BIT(ACL_WHERE_MIME)
 #define ACL_BIT_DKIM           BIT(ACL_WHERE_DKIM)
 #define ACL_BIT_DATA           BIT(ACL_WHERE_DATA)

-#ifndef DISABLE_PRDR
+#ifdef DISABLE_PRDR
+# define ACL_BIT_PRDR          0
+#else

 # define ACL_BIT_PRDR          BIT(ACL_WHERE_PRDR)
 #endif
 #define ACL_BIT_NOTSMTP                BIT(ACL_WHERE_NOTSMTP)
 # define ACL_BIT_PRDR          BIT(ACL_WHERE_PRDR)
 #endif
 #define ACL_BIT_NOTSMTP                BIT(ACL_WHERE_NOTSMTP)


@@ -992,6 +994,10 @@ enum { ACL_WHERE_RCPT,       /* Some controls are for RCPT only */
 #define ACL_BIT_DELIVERY       BIT(ACL_WHERE_DELIVERY)
 #define ACL_BIT_UNKNOWN                BIT(ACL_WHERE_UNKNOWN)
 
 #define ACL_BIT_DELIVERY       BIT(ACL_WHERE_DELIVERY)
 #define ACL_BIT_UNKNOWN                BIT(ACL_WHERE_UNKNOWN)
 

+#define ACL_BITS_HAVEDATA      (ACL_BIT_MIME | ACL_BIT_DKIM | ACL_BIT_DATA \
+                               | ACL_BIT_PRDR \
+                               | ACL_BIT_NOTSMTP | ACL_BIT_QUIT | ACL_BIT_NOTQUIT)
+

 
 /* Situations for spool_write_header() */
 
 
 /* Situations for spool_write_header() */