static int
find_control(const uschar * name, control_def * ol, int last)
{
-int first = 0;
-while (last > first)
+for (int first = 0; last > first; )
{
int middle = (first + last)/2;
uschar * s = ol[middle].name;
static int
acl_checkcondition(uschar * name, condition_def * list, int end)
{
-int start = 0;
-while (start < end)
+for (int start = 0; start < end; )
{
int mid = (start + end)/2;
int c = Ustrcmp(name, list[mid].name);
static int
acl_checkname(uschar *name, uschar **list, int end)
{
-int start = 0;
-
-while (start < end)
+for (int start = 0; start < end; )
{
int mid = (start + end)/2;
int c = Ustrcmp(name, list[mid]);
acl_block *this = NULL;
acl_condition_block *cond;
acl_condition_block **condp = NULL;
-uschar *s;
+uschar * s;
*error = NULL;
fn_hdrs_added(void)
{
gstring * g = NULL;
-header_line * h;
-for (h = acl_added_headers; h; h = h->next)
+for (header_line * h = acl_added_headers; h; h = h->next)
{
int i = h->slen;
if (h->text[i-1] == '\n') i--;
/* Search previously logged warnings. They are kept in malloc
store so they can be freed at the start of a new message. */
- for (logged = acl_warn_logged; logged != NULL; logged = logged->next)
+ for (logged = acl_warn_logged; logged; logged = logged->next)
if (Ustrcmp(logged->text, text) == 0) break;
- if (logged == NULL)
+ if (!logged)
{
int length = Ustrlen(text) + 1;
log_write(0, LOG_MAIN, "%s", text);
/* If there's no user message, we are done. */
-if (user_message == NULL) return;
+if (!user_message) return;
/* If this isn't a message ACL, we can't do anything with a user message.
Log an error. */
if ((rc = host_name_lookup()) != OK)
{
- *log_msgptr = (rc == DEFER)?
- US"host lookup deferred for reverse lookup check"
- :
- string_sprintf("host lookup failed for reverse lookup check%s",
- host_lookup_msg);
+ *log_msgptr = rc == DEFER
+ ? US"host lookup deferred for reverse lookup check"
+ : string_sprintf("host lookup failed for reverse lookup check%s",
+ host_lookup_msg);
return rc; /* DEFER or FAIL */
}
acl_verify_csa_address(dns_answer *dnsa, dns_scan *dnss, int reset,
uschar *target)
{
-dns_record *rr;
-dns_address *da;
-
-BOOL target_found = FALSE;
+int rc = CSA_FAIL_NOADDR;
-for (rr = dns_next_rr(dnsa, dnss, reset);
- rr != NULL;
+for (dns_record * rr = dns_next_rr(dnsa, dnss, reset);
+ rr;
rr = dns_next_rr(dnsa, dnss, RESET_NEXT))
{
/* Check this is an address RR for the target hostname. */
if (strcmpic(target, rr->name) != 0) continue;
- target_found = TRUE;
+ rc = CSA_FAIL_MISMATCH;
/* Turn the target address RR into a list of textual IP addresses and scan
the list. There may be more than one if it is an A6 RR. */
- for (da = dns_address_from_rr(dnsa, rr); da != NULL; da = da->next)
+ for (dns_address * da = dns_address_from_rr(dnsa, rr); da; da = da->next)
{
/* If the client IP address matches the target IP address, it's good! */
using an unauthorized IP address, otherwise the target has no authorized IP
addresses. */
-if (target_found) return CSA_FAIL_MISMATCH;
-else return CSA_FAIL_NOADDR;
+return rc;
}
/* If we didn't break the loop then no appropriate records were found. */
-if (rr == NULL) return t->data.val = CSA_UNKNOWN;
+if (!rr) return t->data.val = CSA_UNKNOWN;
/* Do not check addresses if the target is ".", in accordance with RFC 2782.
A target of "." indicates there are no valid addresses, so the client cannot
/* Handle name/address consistency verification in a separate function. */
-for (vp= verify_type_list;
+for (vp = verify_type_list;
CS vp < CS verify_type_list + sizeof(verify_type_list);
vp++
)
/* Remaining items are optional; they apply to sender and recipient
verification, including "header sender" verification. */
-while ((ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))
- != NULL)
+while ((ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)))
{
if (strcmpic(ss, US"defer_ok") == 0) defer_ok = TRUE;
else if (strcmpic(ss, US"no_details") == 0) no_details = TRUE;
{
const uschar * sublist = ss;
int optsep = ',';
- uschar *opt;
uschar buffer[256];
- while (isspace(*sublist)) sublist++;
+ uschar * opt;
+ while (isspace(*sublist)) sublist++;
while ((opt = string_nextinlist(&sublist, &optsep, buffer, sizeof(buffer))))
{
callout_opt_t * op;
if (*p == '/')
{
const uschar *pp = p + 1;
- while (*pp != 0) pp++;
+ while (*pp) pp++;
fake_response_text = expand_string(string_copyn(p+1, pp-p-1));
p = pp;
}
else if (Ustrncmp(p, "/domain=", 8) == 0)
{
const uschar *pp = p + 8;
- while (*pp != 0 && *pp != '/') pp++;
+ while (*pp && *pp != '/') pp++;
submission_domain = string_copyn(p+8, pp-p-8);
p = pp;
}
else if (Ustrncmp(p, "/name=", 6) == 0)
{
const uschar *pp = p + 6;
- while (*pp != 0) pp++;
+ while (*pp) pp++;
submission_name = string_copy(parse_fix_phrase(p+6, pp-p-6,
big_buffer, big_buffer_size));
p = pp;
int logbits = 0;
int sep = 0;
const uschar *s = arg;
- uschar *ss;
+ uschar * ss;
while ((ss = string_nextinlist(&s, &sep, big_buffer, big_buffer_size)))
{
if (Ustrcmp(ss, "main") == 0) logbits |= LOG_MAIN;
{
/* Separate the regular expression and any optional parameters. */
const uschar * list = arg;
- uschar *ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size);
- uschar *opt;
+ uschar * ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size);
+ uschar * opt;
BOOL defer_ok = FALSE;
int timeout = 0;
if (*acl_text == 0) return NULL; /* No more data */
yield = acl_text; /* Potential data line */
- while (*acl_text != 0 && *acl_text != '\n') acl_text++;
+ while (*acl_text && *acl_text != '\n') acl_text++;
/* If we hit the end before a newline, we have the whole logical line. If
it's a comment, there's no more data to be given. Otherwise, yield it. */
in the ACL tree, having read it into the POOL_PERM store pool so that it
persists between multiple messages. */
-if (acl == NULL)
+if (!acl)
{
int old_pool = store_pool;
if (fd >= 0) store_pool = POOL_PERM;
acl = acl_read(acl_getline, log_msgptr);
store_pool = old_pool;
- if (acl == NULL && *log_msgptr != NULL) return ERROR;
+ if (!acl && *log_msgptr) return ERROR;
if (fd >= 0)
{
tree_node *t = store_get_perm(sizeof(tree_node) + Ustrlen(ss));
/* Now we have an ACL to use. It's possible it may be NULL. */
-while (acl != NULL)
+while (acl)
{
int cond;
int basic_errno = 0;
/* macros for reading / writing arrays */
# define SMBMACRO(macro,buf,pos,val,len,size) \
-{ int l; for (l = 0; l < (len); l++) (val)[l] = macro((buf), (pos) + (size)*l); }
+{ for (int l = 0; l < (len); l++) (val)[l] = macro((buf), (pos) + (size)*l); }
# define SSMBMACRO(macro,buf,pos,val,len,size) \
-{ int l; for (l = 0; l < (len); l++) macro((buf), (pos) + (size)*l, (val)[l]); }
+{ for (int l = 0; l < (len); l++) macro((buf), (pos) + (size)*l, (val)[l]); }
/* reads multiple data from an SMB buffer */
# define PCVAL(buf,pos,val,len) SMBMACRO(CVAL,buf,pos,val,len,1)
DEBUG_X(5,("%s%04x %s: ", \
tab_depth(depth), base,string)); \
if (charmode) print_asc(5, US (outbuf), (len)); else \
- { int idx; for (idx = 0; idx < len; idx++) { DEBUG_X(5,("%02x ", (outbuf)[idx])); } } \
+ for (int idx = 0; idx < len; idx++) { DEBUG_X(5,("%02x ", (outbuf)[idx])); } \
DEBUG_X(5,("\n")); }
# define DBG_RW_PSVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \
DEBUG_X(5,("%s%04x %s: ", \
tab_depth(depth), base,string)); \
if (charmode) print_asc(5, US (outbuf), 2*(len)); else \
- { int idx; for (idx = 0; idx < len; idx++) { DEBUG_X(5,("%04x ", (outbuf)[idx])); } } \
+ for (int idx = 0; idx < len; idx++) { DEBUG_X(5,("%04x ", (outbuf)[idx])); } \
DEBUG_X(5,("\n")); }
# define DBG_RW_PIVAL(charmode,string,depth,base,read,big_endian,inbuf,outbuf,len) \
DEBUG_X(5,("%s%04x %s: ", \
tab_depth(depth), base,string)); \
if (charmode) print_asc(5, US (outbuf), 4*(len)); else \
- { int idx; for (idx = 0; idx < len; idx++) { DEBUG_X(5,("%08x ", (outbuf)[idx])); } } \
+ for (int idx = 0; idx < len; idx++) { DEBUG_X(5,("%08x ", (outbuf)[idx])); } \
DEBUG_X(5,("\n")); }
# define DBG_RW_CVAL(string,depth,base,read,inbuf,outbuf) \
static void
permute (char *out, char *in, uschar * p, int n)
{
- int i;
- for (i = 0; i < n; i++)
- out[i] = in[p[i] - 1];
+for (int i = 0; i < n; i++)
+ out[i] = in[p[i] - 1];
}
static void
lshift (char *d, int count, int n)
{
- char out[64];
- int i;
- for (i = 0; i < n; i++)
- out[i] = d[(i + count) % n];
- for (i = 0; i < n; i++)
- d[i] = out[i];
+char out[64];
+for (int i = 0; i < n; i++)
+ out[i] = d[(i + count) % n];
+for (int i = 0; i < n; i++)
+ d[i] = out[i];
}
static void
concat (char *out, char *in1, char *in2, int l1, int l2)
{
- while (l1--)
- *out++ = *in1++;
- while (l2--)
- *out++ = *in2++;
+while (l1--)
+ *out++ = *in1++;
+while (l2--)
+ *out++ = *in2++;
}
static void
xor (char *out, char *in1, char *in2, int n)
{
- int i;
- for (i = 0; i < n; i++)
- out[i] = in1[i] ^ in2[i];
+for (int i = 0; i < n; i++)
+ out[i] = in1[i] ^ in2[i];
}
static void
dohash (char *out, char *in, char *key, int forw)
{
- int i, j, k;
- char pk1[56];
- char c[28];
- char d[28];
- char cd[56];
- char ki[16][48];
- char pd1[64];
- char l[32], r[32];
- char rl[64];
-
- permute (pk1, key, perm1, 56);
-
- for (i = 0; i < 28; i++)
- c[i] = pk1[i];
- for (i = 0; i < 28; i++)
- d[i] = pk1[i + 28];
-
- for (i = 0; i < 16; i++)
- {
- lshift (c, sc[i], 28);
- lshift (d, sc[i], 28);
-
- concat (cd, c, d, 28, 28);
- permute (ki[i], cd, perm2, 48);
- }
+int i, j, k;
+char pk1[56];
+char c[28];
+char d[28];
+char cd[56];
+char ki[16][48];
+char pd1[64];
+char l[32], r[32];
+char rl[64];
+
+permute (pk1, key, perm1, 56);
+
+for (i = 0; i < 28; i++)
+ c[i] = pk1[i];
+for (i = 0; i < 28; i++)
+ d[i] = pk1[i + 28];
+
+for (i = 0; i < 16; i++)
+ {
+ lshift (c, sc[i], 28);
+ lshift (d, sc[i], 28);
+
+ concat (cd, c, d, 28, 28);
+ permute (ki[i], cd, perm2, 48);
+ }
- permute (pd1, in, perm3, 64);
+permute (pd1, in, perm3, 64);
- for (j = 0; j < 32; j++)
- {
- l[j] = pd1[j];
- r[j] = pd1[j + 32];
- }
+for (j = 0; j < 32; j++)
+ {
+ l[j] = pd1[j];
+ r[j] = pd1[j + 32];
+ }
- for (i = 0; i < 16; i++)
- {
- char er[48];
- char erk[48];
- char b[8][6];
- char cb[32];
- char pcb[32];
- char r2[32];
+for (i = 0; i < 16; i++)
+ {
+ char er[48];
+ char erk[48];
+ char b[8][6];
+ char cb[32];
+ char pcb[32];
+ char r2[32];
- permute (er, r, perm4, 48);
+ permute (er, r, perm4, 48);
- xor (erk, er, ki[forw ? i : 15 - i], 48);
+ xor (erk, er, ki[forw ? i : 15 - i], 48);
- for (j = 0; j < 8; j++)
- for (k = 0; k < 6; k++)
- b[j][k] = erk[j * 6 + k];
+ for (j = 0; j < 8; j++)
+ for (k = 0; k < 6; k++)
+ b[j][k] = erk[j * 6 + k];
- for (j = 0; j < 8; j++)
- {
- int m, n;
- m = (b[j][0] << 1) | b[j][5];
+ for (j = 0; j < 8; j++)
+ {
+ int m, n;
+ m = (b[j][0] << 1) | b[j][5];
- n = (b[j][1] << 3) | (b[j][2] << 2) | (b[j][3] << 1) | b[j][4];
+ n = (b[j][1] << 3) | (b[j][2] << 2) | (b[j][3] << 1) | b[j][4];
- for (k = 0; k < 4; k++)
- b[j][k] = (sbox[j][m][n] & (1 << (3 - k))) ? 1 : 0;
- }
+ for (k = 0; k < 4; k++)
+ b[j][k] = (sbox[j][m][n] & (1 << (3 - k))) ? 1 : 0;
+ }
- for (j = 0; j < 8; j++)
- for (k = 0; k < 4; k++)
- cb[j * 4 + k] = b[j][k];
- permute (pcb, cb, perm5, 32);
+ for (j = 0; j < 8; j++)
+ for (k = 0; k < 4; k++)
+ cb[j * 4 + k] = b[j][k];
+ permute (pcb, cb, perm5, 32);
- xor (r2, l, pcb, 32);
+ xor (r2, l, pcb, 32);
- for (j = 0; j < 32; j++)
- l[j] = r[j];
+ for (j = 0; j < 32; j++)
+ l[j] = r[j];
- for (j = 0; j < 32; j++)
- r[j] = r2[j];
- }
+ for (j = 0; j < 32; j++)
+ r[j] = r2[j];
+ }
- concat (rl, r, l, 32, 32);
+concat (rl, r, l, 32, 32);
- permute (out, rl, perm6, 64);
+permute (out, rl, perm6, 64);
}
static void
str_to_key (uschar *str, uschar *key)
{
- int i;
-
- key[0] = str[0] >> 1;
- key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2);
- key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3);
- key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4);
- key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5);
- key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6);
- key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7);
- key[7] = str[6] & 0x7F;
- for (i = 0; i < 8; i++)
- {
- key[i] = (key[i] << 1);
- }
+int i;
+
+key[0] = str[0] >> 1;
+key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2);
+key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3);
+key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4);
+key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5);
+key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6);
+key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7);
+key[7] = str[6] & 0x7F;
+for (i = 0; i < 8; i++)
+ key[i] = (key[i] << 1);
}
static void
smbhash (uschar *out, uschar *in, uschar *key, int forw)
{
- int i;
- char outb[64];
- char inb[64];
- char keyb[64];
- uschar key2[8];
-
- str_to_key (key, key2);
-
- for (i = 0; i < 64; i++)
- {
- inb[i] = (in[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
- keyb[i] = (key2[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
- outb[i] = 0;
- }
+int i;
+char outb[64];
+char inb[64];
+char keyb[64];
+uschar key2[8];
+
+str_to_key (key, key2);
+
+for (i = 0; i < 64; i++)
+ {
+ inb[i] = (in[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
+ keyb[i] = (key2[i / 8] & (1 << (7 - (i % 8)))) ? 1 : 0;
+ outb[i] = 0;
+ }
- dohash (outb, inb, keyb, forw);
+dohash (outb, inb, keyb, forw);
- for (i = 0; i < 8; i++)
- {
- out[i] = 0;
- }
+for (i = 0; i < 8; i++)
+ out[i] = 0;
- for (i = 0; i < 64; i++)
- {
- if (outb[i])
- out[i / 8] |= (1 << (7 - (i % 8)));
- }
+for (i = 0; i < 64; i++)
+ if (outb[i])
+ out[i / 8] |= (1 << (7 - (i % 8)));
}
void
E_P16 (uschar *p14, uschar *p16)
{
- uschar sp8[8] = { 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };
- smbhash (p16, sp8, p14, 1);
- smbhash (p16 + 8, sp8, p14 + 7, 1);
+uschar sp8[8] = { 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };
+smbhash (p16, sp8, p14, 1);
+smbhash (p16 + 8, sp8, p14 + 7, 1);
}
void
E_P24 (uschar *p21, uschar *c8, uschar *p24)
{
- smbhash (p24, c8, p21, 1);
- smbhash (p24 + 8, c8, p21 + 7, 1);
- smbhash (p24 + 16, c8, p21 + 14, 1);
+smbhash (p24, c8, p21, 1);
+smbhash (p24 + 8, c8, p21 + 7, 1);
+smbhash (p24 + 16, c8, p21 + 14, 1);
}
void
D_P16 (uschar *p14, uschar *in, uschar *out)
{
- smbhash (out, in, p14, 0);
- smbhash (out + 8, in + 8, p14 + 7, 0);
+smbhash (out, in, p14, 0);
+smbhash (out + 8, in + 8, p14 + 7, 0);
}
/****************************************************************************
char *
StrnCpy (char *dest, const char *src, size_t n)
{
- char *d = dest;
- if (!dest)
- return (NULL);
- if (!src)
- {
- *dest = 0;
- return (dest);
- }
- while (n-- && (*d++ = *src++));
- *d = 0;
+char *d = dest;
+if (!dest)
+ return (NULL);
+if (!src)
+ {
+ *dest = 0;
return (dest);
+ }
+while (n-- && (*d++ = *src++));
+*d = 0;
+return (dest);
}
size_t
skip_multibyte_char (char c)
{
- /* bogus if to get rid of unused compiler warning */
- if (c)
- return 0;
- else
- return 0;
+/* bogus if to get rid of unused compiler warning */
+if (c)
+ return 0;
+else
+ return 0;
}
char *
safe_strcpy (char *dest, const char *src, size_t maxlength)
{
- size_t len;
+size_t len;
- if (!dest)
- {
- DEBUG_X (0, ("ERROR: NULL dest in safe_strcpy\n"));
- return NULL;
- }
+if (!dest)
+ {
+ DEBUG_X (0, ("ERROR: NULL dest in safe_strcpy\n"));
+ return NULL;
+ }
- if (!src)
- {
- *dest = 0;
- return dest;
- }
+if (!src)
+ {
+ *dest = 0;
+ return dest;
+ }
- len = strlen (src);
+len = strlen (src);
- if (len > maxlength)
- {
- DEBUG_X (0, ("ERROR: string overflow by %d in safe_strcpy [%.50s]\n",
- (int) (len - maxlength), src));
- len = maxlength;
- }
+if (len > maxlength)
+ {
+ DEBUG_X (0, ("ERROR: string overflow by %d in safe_strcpy [%.50s]\n",
+ (int) (len - maxlength), src));
+ len = maxlength;
+ }
- memcpy (dest, src, len);
- dest[len] = 0;
- return dest;
+memcpy (dest, src, len);
+dest[len] = 0;
+return dest;
}
void
strupper (char *s)
{
- while (*s)
- {
- {
- size_t skip = skip_multibyte_char (*s);
- if (skip != 0)
- s += skip;
- else
- {
- if (islower ((uschar)(*s)))
- *s = toupper (*s);
- s++;
- }
- }
- }
+while (*s)
+ {
+ size_t skip = skip_multibyte_char (*s);
+ if (skip != 0)
+ s += skip;
+ else
+ {
+ if (islower ((uschar)(*s)))
+ *s = toupper (*s);
+ s++;
+ }
+ }
}
void
spa_smb_encrypt (uschar * passwd, uschar * c8, uschar * p24)
{
- uschar p14[15], p21[21];
+uschar p14[15], p21[21];
- memset (p21, '\0', 21);
- memset (p14, '\0', 14);
- StrnCpy (CS p14, CS passwd, 14);
+memset (p21, '\0', 21);
+memset (p14, '\0', 14);
+StrnCpy (CS p14, CS passwd, 14);
- strupper (CS p14);
- E_P16 (p14, p21);
+strupper (CS p14);
+E_P16 (p14, p21);
- SMBOWFencrypt (p21, c8, p24);
+SMBOWFencrypt (p21, c8, p24);
#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("spa_smb_encrypt: lm#, challenge, response\n"));
- dump_data (100, CS p21, 16);
- dump_data (100, CS c8, 8);
- dump_data (100, CS p24, 24);
+DEBUG_X (100, ("spa_smb_encrypt: lm#, challenge, response\n"));
+dump_data (100, CS p21, 16);
+dump_data (100, CS c8, 8);
+dump_data (100, CS p24, 24);
#endif
}
static int
_my_wcslen (int16x * str)
{
- int len = 0;
- while (*str++ != 0)
- len++;
- return len;
+int len = 0;
+while (*str++ != 0)
+ len++;
+return len;
}
/*
static int
_my_mbstowcs (int16x * dst, uschar * src, int len)
{
- int i;
- int16x val;
-
- for (i = 0; i < len; i++)
- {
- val = *src;
- SSVAL (dst, 0, val);
- dst++;
- src++;
- if (val == 0)
- break;
- }
- return i;
+int i;
+int16x val;
+
+for (i = 0; i < len; i++)
+ {
+ val = *src;
+ SSVAL (dst, 0, val);
+ dst++;
+ src++;
+ if (val == 0)
+ break;
+ }
+return i;
}
/*
void
E_md4hash (uschar * passwd, uschar * p16)
{
- int len;
- int16x wpwd[129];
-
- /* Password cannot be longer than 128 characters */
- len = strlen (CS passwd);
- if (len > 128)
- len = 128;
- /* Password must be converted to NT unicode */
- _my_mbstowcs (wpwd, passwd, len);
- wpwd[len] = 0; /* Ensure string is null terminated */
- /* Calculate length in bytes */
- len = _my_wcslen (wpwd) * sizeof (int16x);
-
- mdfour (p16, US wpwd, len);
+int len;
+int16x wpwd[129];
+
+/* Password cannot be longer than 128 characters */
+len = strlen (CS passwd);
+if (len > 128)
+ len = 128;
+/* Password must be converted to NT unicode */
+_my_mbstowcs (wpwd, passwd, len);
+wpwd[len] = 0; /* Ensure string is null terminated */
+/* Calculate length in bytes */
+len = _my_wcslen (wpwd) * sizeof (int16x);
+
+mdfour (p16, US wpwd, len);
}
/* Does both the NT and LM owfs of a user's password */
void
nt_lm_owf_gen (char *pwd, uschar nt_p16[16], uschar p16[16])
{
- char passwd[130];
+char passwd[130];
- memset (passwd, '\0', 130);
- safe_strcpy (passwd, pwd, sizeof (passwd) - 1);
+memset (passwd, '\0', 130);
+safe_strcpy (passwd, pwd, sizeof (passwd) - 1);
- /* Calculate the MD4 hash (NT compatible) of the password */
- memset (nt_p16, '\0', 16);
- E_md4hash (US passwd, nt_p16);
+/* Calculate the MD4 hash (NT compatible) of the password */
+memset (nt_p16, '\0', 16);
+E_md4hash (US passwd, nt_p16);
#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("nt_lm_owf_gen: pwd, nt#\n"));
- dump_data (120, passwd, strlen (passwd));
- dump_data (100, CS nt_p16, 16);
+DEBUG_X (100, ("nt_lm_owf_gen: pwd, nt#\n"));
+dump_data (120, passwd, strlen (passwd));
+dump_data (100, CS nt_p16, 16);
#endif
- /* Mangle the passwords into Lanman format */
- passwd[14] = '\0';
- strupper (passwd);
+/* Mangle the passwords into Lanman format */
+passwd[14] = '\0';
+strupper (passwd);
- /* Calculate the SMB (lanman) hash functions of the password */
+/* Calculate the SMB (lanman) hash functions of the password */
- memset (p16, '\0', 16);
- E_P16 (US passwd, US p16);
+memset (p16, '\0', 16);
+E_P16 (US passwd, US p16);
#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("nt_lm_owf_gen: pwd, lm#\n"));
- dump_data (120, passwd, strlen (passwd));
- dump_data (100, CS p16, 16);
+DEBUG_X (100, ("nt_lm_owf_gen: pwd, lm#\n"));
+dump_data (120, passwd, strlen (passwd));
+dump_data (100, CS p16, 16);
#endif
- /* clear out local copy of user's password (just being paranoid). */
- memset (passwd, '\0', sizeof (passwd));
+/* clear out local copy of user's password (just being paranoid). */
+memset (passwd, '\0', sizeof (passwd));
}
/* Does the des encryption from the NT or LM MD4 hash. */
void
SMBOWFencrypt (uschar passwd[16], uschar * c8, uschar p24[24])
{
- uschar p21[21];
+uschar p21[21];
- memset (p21, '\0', 21);
+memset (p21, '\0', 21);
- memcpy (p21, passwd, 16);
- E_P24 (p21, c8, p24);
+memcpy (p21, passwd, 16);
+E_P24 (p21, c8, p24);
}
/* Does the des encryption from the FIRST 8 BYTES of the NT or LM MD4 hash. */
void
NTLMSSPOWFencrypt (uschar passwd[8], uschar * ntlmchalresp, uschar p24[24])
{
- uschar p21[21];
+uschar p21[21];
- memset (p21, '\0', 21);
- memcpy (p21, passwd, 8);
- memset (p21 + 8, 0xbd, 8);
+memset (p21, '\0', 21);
+memcpy (p21, passwd, 8);
+memset (p21 + 8, 0xbd, 8);
- E_P24 (p21, ntlmchalresp, p24);
+E_P24 (p21, ntlmchalresp, p24);
#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("NTLMSSPOWFencrypt: p21, c8, p24\n"));
- dump_data (100, CS p21, 21);
- dump_data (100, CS ntlmchalresp, 8);
- dump_data (100, CS p24, 24);
+DEBUG_X (100, ("NTLMSSPOWFencrypt: p21, c8, p24\n"));
+dump_data (100, CS p21, 21);
+dump_data (100, CS ntlmchalresp, 8);
+dump_data (100, CS p24, 24);
#endif
}
void
spa_smb_nt_encrypt (uschar * passwd, uschar * c8, uschar * p24)
{
- uschar p21[21];
+uschar p21[21];
- memset (p21, '\0', 21);
+memset (p21, '\0', 21);
- E_md4hash (passwd, p21);
- SMBOWFencrypt (p21, c8, p24);
+E_md4hash (passwd, p21);
+SMBOWFencrypt (p21, c8, p24);
#ifdef DEBUG_PASSWORD
- DEBUG_X (100, ("spa_smb_nt_encrypt: nt#, challenge, response\n"));
- dump_data (100, CS p21, 16);
- dump_data (100, CS c8, 8);
- dump_data (100, CS p24, 24);
+DEBUG_X (100, ("spa_smb_nt_encrypt: nt#, challenge, response\n"));
+dump_data (100, CS p21, 16);
+dump_data (100, CS c8, 8);
+dump_data (100, CS p24, 24);
#endif
}
static uint32x
F (uint32x X, uint32x Y, uint32x Z)
{
- return (X & Y) | ((~X) & Z);
+return (X & Y) | ((~X) & Z);
}
static uint32x
G (uint32x X, uint32x Y, uint32x Z)
{
- return (X & Y) | (X & Z) | (Y & Z);
+return (X & Y) | (X & Z) | (Y & Z);
}
static uint32x
H (uint32x X, uint32x Y, uint32x Z)
{
- return X ^ Y ^ Z;
+return X ^ Y ^ Z;
}
static uint32x
lshift_a (uint32x x, int s)
{
- x &= 0xFFFFFFFF;
- return ((x << s) & 0xFFFFFFFF) | (x >> (32 - s));
+x &= 0xFFFFFFFF;
+return ((x << s) & 0xFFFFFFFF) | (x >> (32 - s));
}
#define ROUND1(a,b,c,d,k,s) a = lshift_a(a + F(b,c,d) + X[k], s)
static void
spa_mdfour64 (uint32x * M)
{
- int j;
- uint32x AA, BB, CC, DD;
- uint32x X[16];
-
- for (j = 0; j < 16; j++)
- X[j] = M[j];
-
- AA = A;
- BB = B;
- CC = C;
- DD = D;
-
- ROUND1 (A, B, C, D, 0, 3);
- ROUND1 (D, A, B, C, 1, 7);
- ROUND1 (C, D, A, B, 2, 11);
- ROUND1 (B, C, D, A, 3, 19);
- ROUND1 (A, B, C, D, 4, 3);
- ROUND1 (D, A, B, C, 5, 7);
- ROUND1 (C, D, A, B, 6, 11);
- ROUND1 (B, C, D, A, 7, 19);
- ROUND1 (A, B, C, D, 8, 3);
- ROUND1 (D, A, B, C, 9, 7);
- ROUND1 (C, D, A, B, 10, 11);
- ROUND1 (B, C, D, A, 11, 19);
- ROUND1 (A, B, C, D, 12, 3);
- ROUND1 (D, A, B, C, 13, 7);
- ROUND1 (C, D, A, B, 14, 11);
- ROUND1 (B, C, D, A, 15, 19);
-
- ROUND2 (A, B, C, D, 0, 3);
- ROUND2 (D, A, B, C, 4, 5);
- ROUND2 (C, D, A, B, 8, 9);
- ROUND2 (B, C, D, A, 12, 13);
- ROUND2 (A, B, C, D, 1, 3);
- ROUND2 (D, A, B, C, 5, 5);
- ROUND2 (C, D, A, B, 9, 9);
- ROUND2 (B, C, D, A, 13, 13);
- ROUND2 (A, B, C, D, 2, 3);
- ROUND2 (D, A, B, C, 6, 5);
- ROUND2 (C, D, A, B, 10, 9);
- ROUND2 (B, C, D, A, 14, 13);
- ROUND2 (A, B, C, D, 3, 3);
- ROUND2 (D, A, B, C, 7, 5);
- ROUND2 (C, D, A, B, 11, 9);
- ROUND2 (B, C, D, A, 15, 13);
-
- ROUND3 (A, B, C, D, 0, 3);
- ROUND3 (D, A, B, C, 8, 9);
- ROUND3 (C, D, A, B, 4, 11);
- ROUND3 (B, C, D, A, 12, 15);
- ROUND3 (A, B, C, D, 2, 3);
- ROUND3 (D, A, B, C, 10, 9);
- ROUND3 (C, D, A, B, 6, 11);
- ROUND3 (B, C, D, A, 14, 15);
- ROUND3 (A, B, C, D, 1, 3);
- ROUND3 (D, A, B, C, 9, 9);
- ROUND3 (C, D, A, B, 5, 11);
- ROUND3 (B, C, D, A, 13, 15);
- ROUND3 (A, B, C, D, 3, 3);
- ROUND3 (D, A, B, C, 11, 9);
- ROUND3 (C, D, A, B, 7, 11);
- ROUND3 (B, C, D, A, 15, 15);
-
- A += AA;
- B += BB;
- C += CC;
- D += DD;
-
- A &= 0xFFFFFFFF;
- B &= 0xFFFFFFFF;
- C &= 0xFFFFFFFF;
- D &= 0xFFFFFFFF;
-
- for (j = 0; j < 16; j++)
- X[j] = 0;
+int j;
+uint32x AA, BB, CC, DD;
+uint32x X[16];
+
+for (j = 0; j < 16; j++)
+ X[j] = M[j];
+
+AA = A;
+BB = B;
+CC = C;
+DD = D;
+
+ROUND1 (A, B, C, D, 0, 3);
+ROUND1 (D, A, B, C, 1, 7);
+ROUND1 (C, D, A, B, 2, 11);
+ROUND1 (B, C, D, A, 3, 19);
+ROUND1 (A, B, C, D, 4, 3);
+ROUND1 (D, A, B, C, 5, 7);
+ROUND1 (C, D, A, B, 6, 11);
+ROUND1 (B, C, D, A, 7, 19);
+ROUND1 (A, B, C, D, 8, 3);
+ROUND1 (D, A, B, C, 9, 7);
+ROUND1 (C, D, A, B, 10, 11);
+ROUND1 (B, C, D, A, 11, 19);
+ROUND1 (A, B, C, D, 12, 3);
+ROUND1 (D, A, B, C, 13, 7);
+ROUND1 (C, D, A, B, 14, 11);
+ROUND1 (B, C, D, A, 15, 19);
+
+ROUND2 (A, B, C, D, 0, 3);
+ROUND2 (D, A, B, C, 4, 5);
+ROUND2 (C, D, A, B, 8, 9);
+ROUND2 (B, C, D, A, 12, 13);
+ROUND2 (A, B, C, D, 1, 3);
+ROUND2 (D, A, B, C, 5, 5);
+ROUND2 (C, D, A, B, 9, 9);
+ROUND2 (B, C, D, A, 13, 13);
+ROUND2 (A, B, C, D, 2, 3);
+ROUND2 (D, A, B, C, 6, 5);
+ROUND2 (C, D, A, B, 10, 9);
+ROUND2 (B, C, D, A, 14, 13);
+ROUND2 (A, B, C, D, 3, 3);
+ROUND2 (D, A, B, C, 7, 5);
+ROUND2 (C, D, A, B, 11, 9);
+ROUND2 (B, C, D, A, 15, 13);
+
+ROUND3 (A, B, C, D, 0, 3);
+ROUND3 (D, A, B, C, 8, 9);
+ROUND3 (C, D, A, B, 4, 11);
+ROUND3 (B, C, D, A, 12, 15);
+ROUND3 (A, B, C, D, 2, 3);
+ROUND3 (D, A, B, C, 10, 9);
+ROUND3 (C, D, A, B, 6, 11);
+ROUND3 (B, C, D, A, 14, 15);
+ROUND3 (A, B, C, D, 1, 3);
+ROUND3 (D, A, B, C, 9, 9);
+ROUND3 (C, D, A, B, 5, 11);
+ROUND3 (B, C, D, A, 13, 15);
+ROUND3 (A, B, C, D, 3, 3);
+ROUND3 (D, A, B, C, 11, 9);
+ROUND3 (C, D, A, B, 7, 11);
+ROUND3 (B, C, D, A, 15, 15);
+
+A += AA;
+B += BB;
+C += CC;
+D += DD;
+
+A &= 0xFFFFFFFF;
+B &= 0xFFFFFFFF;
+C &= 0xFFFFFFFF;
+D &= 0xFFFFFFFF;
+
+for (j = 0; j < 16; j++)
+ X[j] = 0;
}
static void
copy64 (uint32x * M, uschar *in)
{
- int i;
+int i;
- for (i = 0; i < 16; i++)
- M[i] = (in[i * 4 + 3] << 24) | (in[i * 4 + 2] << 16) |
- (in[i * 4 + 1] << 8) | (in[i * 4 + 0] << 0);
+for (i = 0; i < 16; i++)
+ M[i] = (in[i * 4 + 3] << 24) | (in[i * 4 + 2] << 16) |
+ (in[i * 4 + 1] << 8) | (in[i * 4 + 0] << 0);
}
static void
copy4 (uschar *out, uint32x x)
{
- out[0] = x & 0xFF;
- out[1] = (x >> 8) & 0xFF;
- out[2] = (x >> 16) & 0xFF;
- out[3] = (x >> 24) & 0xFF;
+out[0] = x & 0xFF;
+out[1] = (x >> 8) & 0xFF;
+out[2] = (x >> 16) & 0xFF;
+out[3] = (x >> 24) & 0xFF;
}
/* produce a md4 message digest from data of length n bytes */
void
mdfour (uschar *out, uschar *in, int n)
{
- uschar buf[128];
- uint32x M[16];
- uint32x b = n * 8;
- int i;
-
- A = 0x67452301;
- B = 0xefcdab89;
- C = 0x98badcfe;
- D = 0x10325476;
-
- while (n > 64)
- {
- copy64 (M, in);
- spa_mdfour64 (M);
- in += 64;
- n -= 64;
- }
-
- for (i = 0; i < 128; i++)
- buf[i] = 0;
- memcpy (buf, in, n);
- buf[n] = 0x80;
+uschar buf[128];
+uint32x M[16];
+uint32x b = n * 8;
+int i;
+
+A = 0x67452301;
+B = 0xefcdab89;
+C = 0x98badcfe;
+D = 0x10325476;
+
+while (n > 64)
+ {
+ copy64 (M, in);
+ spa_mdfour64 (M);
+ in += 64;
+ n -= 64;
+ }
- if (n <= 55)
- {
- copy4 (buf + 56, b);
- copy64 (M, buf);
- spa_mdfour64 (M);
- }
- else
- {
- copy4 (buf + 120, b);
- copy64 (M, buf);
- spa_mdfour64 (M);
- copy64 (M, buf + 64);
- spa_mdfour64 (M);
- }
+for (i = 0; i < 128; i++)
+ buf[i] = 0;
+memcpy (buf, in, n);
+buf[n] = 0x80;
- for (i = 0; i < 128; i++)
- buf[i] = 0;
+if (n <= 55)
+ {
+ copy4 (buf + 56, b);
copy64 (M, buf);
+ spa_mdfour64 (M);
+ }
+else
+ {
+ copy4 (buf + 120, b);
+ copy64 (M, buf);
+ spa_mdfour64 (M);
+ copy64 (M, buf + 64);
+ spa_mdfour64 (M);
+ }
- copy4 (out, A);
- copy4 (out + 4, B);
- copy4 (out + 8, C);
- copy4 (out + 12, D);
+for (i = 0; i < 128; i++)
+ buf[i] = 0;
+copy64 (M, buf);
- A = B = C = D = 0;
+copy4 (out, A);
+copy4 (out + 4, B);
+copy4 (out + 8, C);
+copy4 (out + 12, D);
+
+A = B = C = D = 0;
}
char versionString[] = "libntlm version 0.21";
static void
dumpRaw (FILE * fp, uschar *buf, size_t len)
{
- int i;
+int i;
- for (i = 0; i < len; ++i)
- fprintf (fp, "%02x ", buf[i]);
+for (i = 0; i < len; ++i)
+ fprintf (fp, "%02x ", buf[i]);
- fprintf (fp, "\n");
+fprintf (fp, "\n");
}
#endif
char *
unicodeToString (char *p, size_t len)
{
- int i;
- static char buf[1024];
+int i;
+static char buf[1024];
- assert (len + 1 < sizeof buf);
+assert (len + 1 < sizeof buf);
- for (i = 0; i < len; ++i)
- {
- buf[i] = *p & 0x7f;
- p += 2;
- }
+for (i = 0; i < len; ++i)
+ {
+ buf[i] = *p & 0x7f;
+ p += 2;
+ }
- buf[i] = '\0';
- return buf;
+buf[i] = '\0';
+return buf;
}
static uschar *
strToUnicode (char *p)
{
- static uschar buf[1024];
- size_t l = strlen (p);
- int i = 0;
+static uschar buf[1024];
+size_t l = strlen (p);
+int i = 0;
- assert (l * 2 < sizeof buf);
+assert (l * 2 < sizeof buf);
- while (l--)
- {
- buf[i++] = *p++;
- buf[i++] = 0;
- }
+while (l--)
+ {
+ buf[i++] = *p++;
+ buf[i++] = 0;
+ }
- return buf;
+return buf;
}
static uschar *
toString (char *p, size_t len)
{
- static uschar buf[1024];
+static uschar buf[1024];
- assert (len + 1 < sizeof buf);
+assert (len + 1 < sizeof buf);
- memcpy (buf, p, len);
- buf[len] = 0;
- return buf;
+memcpy (buf, p, len);
+buf[len] = 0;
+return buf;
}
#ifdef notdef
void
dumpSmbNtlmAuthRequest (FILE * fp, SPAAuthRequest * request)
{
- fprintf (fp, "NTLM Request:\n");
- fprintf (fp, " Ident = %s\n", request->ident);
- fprintf (fp, " mType = %d\n", IVAL (&request->msgType, 0));
- fprintf (fp, " Flags = %08x\n", IVAL (&request->flags, 0));
- fprintf (fp, " User = %s\n", GetString (request, user));
- fprintf (fp, " Domain = %s\n", GetString (request, domain));
+fprintf (fp, "NTLM Request:\n");
+fprintf (fp, " Ident = %s\n", request->ident);
+fprintf (fp, " mType = %d\n", IVAL (&request->msgType, 0));
+fprintf (fp, " Flags = %08x\n", IVAL (&request->flags, 0));
+fprintf (fp, " User = %s\n", GetString (request, user));
+fprintf (fp, " Domain = %s\n", GetString (request, domain));
}
void
dumpSmbNtlmAuthChallenge (FILE * fp, SPAAuthChallenge * challenge)
{
- fprintf (fp, "NTLM Challenge:\n");
- fprintf (fp, " Ident = %s\n", challenge->ident);
- fprintf (fp, " mType = %d\n", IVAL (&challenge->msgType, 0));
- fprintf (fp, " Domain = %s\n", GetUnicodeString (challenge, uDomain));
- fprintf (fp, " Flags = %08x\n", IVAL (&challenge->flags, 0));
- fprintf (fp, " Challenge = ");
- dumpRaw (fp, challenge->challengeData, 8);
+fprintf (fp, "NTLM Challenge:\n");
+fprintf (fp, " Ident = %s\n", challenge->ident);
+fprintf (fp, " mType = %d\n", IVAL (&challenge->msgType, 0));
+fprintf (fp, " Domain = %s\n", GetUnicodeString (challenge, uDomain));
+fprintf (fp, " Flags = %08x\n", IVAL (&challenge->flags, 0));
+fprintf (fp, " Challenge = ");
+dumpRaw (fp, challenge->challengeData, 8);
}
void
dumpSmbNtlmAuthResponse (FILE * fp, SPAAuthResponse * response)
{
- fprintf (fp, "NTLM Response:\n");
- fprintf (fp, " Ident = %s\n", response->ident);
- fprintf (fp, " mType = %d\n", IVAL (&response->msgType, 0));
- fprintf (fp, " LmResp = ");
- DumpBuffer (fp, response, lmResponse);
- fprintf (fp, " NTResp = ");
- DumpBuffer (fp, response, ntResponse);
- fprintf (fp, " Domain = %s\n", GetUnicodeString (response, uDomain));
- fprintf (fp, " User = %s\n", GetUnicodeString (response, uUser));
- fprintf (fp, " Wks = %s\n", GetUnicodeString (response, uWks));
- fprintf (fp, " sKey = ");
- DumpBuffer (fp, response, sessionKey);
- fprintf (fp, " Flags = %08x\n", IVAL (&response->flags, 0));
+fprintf (fp, "NTLM Response:\n");
+fprintf (fp, " Ident = %s\n", response->ident);
+fprintf (fp, " mType = %d\n", IVAL (&response->msgType, 0));
+fprintf (fp, " LmResp = ");
+DumpBuffer (fp, response, lmResponse);
+fprintf (fp, " NTResp = ");
+DumpBuffer (fp, response, ntResponse);
+fprintf (fp, " Domain = %s\n", GetUnicodeString (response, uDomain));
+fprintf (fp, " User = %s\n", GetUnicodeString (response, uUser));
+fprintf (fp, " Wks = %s\n", GetUnicodeString (response, uWks));
+fprintf (fp, " sKey = ");
+DumpBuffer (fp, response, sessionKey);
+fprintf (fp, " Flags = %08x\n", IVAL (&response->flags, 0));
}
#endif
void
spa_build_auth_request (SPAAuthRequest * request, char *user, char *domain)
{
- char *u = strdup (user);
- char *p = strchr (u, '@');
-
- if (p)
- {
- if (!domain)
- domain = p + 1;
- *p = '\0';
- }
+char *u = strdup (user);
+char *p = strchr (u, '@');
+
+if (p)
+ {
+ if (!domain)
+ domain = p + 1;
+ *p = '\0';
+ }
- request->bufIndex = 0;
- memcpy (request->ident, "NTLMSSP\0\0\0", 8);
- SIVAL (&request->msgType, 0, 1);
- SIVAL (&request->flags, 0, 0x0000b207); /* have to figure out what these mean */
- spa_string_add (request, user, u);
- spa_string_add (request, domain, domain);
- free (u);
+request->bufIndex = 0;
+memcpy (request->ident, "NTLMSSP\0\0\0", 8);
+SIVAL (&request->msgType, 0, 1);
+SIVAL (&request->flags, 0, 0x0000b207); /* have to figure out what these mean */
+spa_string_add (request, user, u);
+spa_string_add (request, domain, domain);
+free (u);
}
void
spa_build_auth_challenge (SPAAuthRequest * request, SPAAuthChallenge * challenge)
{
- char chalstr[8];
- int i;
- int p = (int)getpid();
- int random_seed = (int)time(NULL) ^ ((p << 16) | p);
+char chalstr[8];
+int i;
+int p = (int)getpid();
+int random_seed = (int)time(NULL) ^ ((p << 16) | p);
- request = request; /* Added by PH to stop compilers whinging */
+request = request; /* Added by PH to stop compilers whinging */
- /* Ensure challenge data is cleared, in case it isn't all used. This
- patch added by PH on suggestion of Russell King */
+/* Ensure challenge data is cleared, in case it isn't all used. This
+patch added by PH on suggestion of Russell King */
- memset(challenge, 0, sizeof(SPAAuthChallenge));
+memset(challenge, 0, sizeof(SPAAuthChallenge));
- challenge->bufIndex = 0;
- memcpy (challenge->ident, "NTLMSSP\0", 8);
- SIVAL (&challenge->msgType, 0, 2);
- SIVAL (&challenge->flags, 0, 0x00008201);
- SIVAL (&challenge->uDomain.len, 0, 0x0000);
- SIVAL (&challenge->uDomain.maxlen, 0, 0x0000);
- SIVAL (&challenge->uDomain.offset, 0, 0x00002800);
+challenge->bufIndex = 0;
+memcpy (challenge->ident, "NTLMSSP\0", 8);
+SIVAL (&challenge->msgType, 0, 2);
+SIVAL (&challenge->flags, 0, 0x00008201);
+SIVAL (&challenge->uDomain.len, 0, 0x0000);
+SIVAL (&challenge->uDomain.maxlen, 0, 0x0000);
+SIVAL (&challenge->uDomain.offset, 0, 0x00002800);
- /* generate eight pseudo random bytes (method ripped from host.c) */
+/* generate eight pseudo random bytes (method ripped from host.c) */
- for(i=0;i<8;i++) {
- chalstr[i] = (uschar)(random_seed >> 16) % 256;
- random_seed = (1103515245 - (chalstr[i])) * random_seed + 12345;
- };
+for(i=0;i<8;i++)
+ {
+ chalstr[i] = (uschar)(random_seed >> 16) % 256;
+ random_seed = (1103515245 - (chalstr[i])) * random_seed + 12345;
+ }
- memcpy(challenge->challengeData,chalstr,8);
+memcpy(challenge->challengeData,chalstr,8);
}
SPAAuthResponse * response, char *user,
char *password)
{
- uint8x lmRespData[24];
- uint8x ntRespData[24];
- char *d = strdup (GetUnicodeString (challenge, uDomain));
- char *domain = d;
- char *u = strdup (user);
- char *p = strchr (u, '@');
-
- if (p)
- {
- domain = p + 1;
- *p = '\0';
- }
+uint8x lmRespData[24];
+uint8x ntRespData[24];
+char *d = strdup (GetUnicodeString (challenge, uDomain));
+char *domain = d;
+char *u = strdup (user);
+char *p = strchr (u, '@');
+
+if (p)
+ {
+ domain = p + 1;
+ *p = '\0';
+ }
- spa_smb_encrypt (US password, challenge->challengeData, lmRespData);
- spa_smb_nt_encrypt (US password, challenge->challengeData, ntRespData);
+spa_smb_encrypt (US password, challenge->challengeData, lmRespData);
+spa_smb_nt_encrypt (US password, challenge->challengeData, ntRespData);
- response->bufIndex = 0;
- memcpy (response->ident, "NTLMSSP\0\0\0", 8);
- SIVAL (&response->msgType, 0, 3);
+response->bufIndex = 0;
+memcpy (response->ident, "NTLMSSP\0\0\0", 8);
+SIVAL (&response->msgType, 0, 3);
- spa_bytes_add (response, lmResponse, lmRespData, 24);
- spa_bytes_add (response, ntResponse, ntRespData, 24);
- spa_unicode_add_string (response, uDomain, domain);
- spa_unicode_add_string (response, uUser, u);
- spa_unicode_add_string (response, uWks, u);
- spa_string_add (response, sessionKey, NULL);
+spa_bytes_add (response, lmResponse, lmRespData, 24);
+spa_bytes_add (response, ntResponse, ntRespData, 24);
+spa_unicode_add_string (response, uDomain, domain);
+spa_unicode_add_string (response, uUser, u);
+spa_unicode_add_string (response, uWks, u);
+spa_string_add (response, sessionKey, NULL);
- response->flags = challenge->flags;
+response->flags = challenge->flags;
- free (d);
- free (u);
+free (d);
+free (u);
}
#endif
SPAAuthResponse * response, char *user,
char *password)
{
- uint8x lmRespData[24];
- uint8x ntRespData[24];
- uint32x cf = IVAL(&challenge->flags, 0);
- char *u = strdup (user);
- char *p = strchr (u, '@');
- char *d = NULL;
- char *domain;
-
- if (p)
- {
- domain = p + 1;
- *p = '\0';
- }
+uint8x lmRespData[24];
+uint8x ntRespData[24];
+uint32x cf = IVAL(&challenge->flags, 0);
+char *u = strdup (user);
+char *p = strchr (u, '@');
+char *d = NULL;
+char *domain;
+
+if (p)
+ {
+ domain = p + 1;
+ *p = '\0';
+ }
- else domain = d = strdup((cf & 0x1)?
- CCS GetUnicodeString(challenge, uDomain) :
- CCS GetString(challenge, uDomain));
+else domain = d = strdup((cf & 0x1)?
+ CCS GetUnicodeString(challenge, uDomain) :
+ CCS GetString(challenge, uDomain));
- spa_smb_encrypt (US password, challenge->challengeData, lmRespData);
- spa_smb_nt_encrypt (US password, challenge->challengeData, ntRespData);
+spa_smb_encrypt (US password, challenge->challengeData, lmRespData);
+spa_smb_nt_encrypt (US password, challenge->challengeData, ntRespData);
- response->bufIndex = 0;
- memcpy (response->ident, "NTLMSSP\0\0\0", 8);
- SIVAL (&response->msgType, 0, 3);
+response->bufIndex = 0;
+memcpy (response->ident, "NTLMSSP\0\0\0", 8);
+SIVAL (&response->msgType, 0, 3);
- spa_bytes_add (response, lmResponse, lmRespData, (cf & 0x200) ? 24 : 0);
- spa_bytes_add (response, ntResponse, ntRespData, (cf & 0x8000) ? 24 : 0);
+spa_bytes_add (response, lmResponse, lmRespData, (cf & 0x200) ? 24 : 0);
+spa_bytes_add (response, ntResponse, ntRespData, (cf & 0x8000) ? 24 : 0);
- if (cf & 0x1) { /* Unicode Text */
- spa_unicode_add_string (response, uDomain, domain);
- spa_unicode_add_string (response, uUser, u);
- spa_unicode_add_string (response, uWks, u);
- } else { /* OEM Text */
- spa_string_add (response, uDomain, domain);
- spa_string_add (response, uUser, u);
- spa_string_add (response, uWks, u);
- }
+if (cf & 0x1) { /* Unicode Text */
+ spa_unicode_add_string (response, uDomain, domain);
+ spa_unicode_add_string (response, uUser, u);
+ spa_unicode_add_string (response, uWks, u);
+} else { /* OEM Text */
+ spa_string_add (response, uDomain, domain);
+ spa_string_add (response, uUser, u);
+ spa_string_add (response, uWks, u);
+}
- spa_string_add (response, sessionKey, NULL);
- response->flags = challenge->flags;
+spa_string_add (response, sessionKey, NULL);
+response->flags = challenge->flags;
- if (d != NULL) free (d);
- free (u);
+if (d != NULL) free (d);
+free (u);
}
pam_converse (int num_msg, PAM_CONVERSE_ARG2_TYPE **msg,
struct pam_response **resp, void *appdata_ptr)
{
-int i;
int sep = 0;
struct pam_response *reply;
if (reply == NULL) return PAM_CONV_ERR;
-for (i = 0; i < num_msg; i++)
+for (int i = 0; i < num_msg; i++)
{
uschar *arg;
switch (msg[i]->msg_style)
HDEBUG(D_auth)
{
- int i;
debug_printf("%s authenticator %s:\n", ablock->name, label);
- for (i = 0; i < AUTH_VARS; i++)
+ for (int i = 0; i < AUTH_VARS; i++)
{
if (auth_vars[i] != NULL)
debug_printf(" $auth%d = %s\n", i + 1, auth_vars[i]);
}
- for (i = 1; i <= expand_nmax; i++)
+ for (int i = 1; i <= expand_nmax; i++)
debug_printf(" $%d = %.*s\n", i, expand_nlength[i], expand_nstring[i]);
debug_print_string(ablock->server_debug_string); /* customized debug */
}
compute_cram_md5(uschar *secret, uschar *challenge, uschar *digestptr)
{
md5 base;
-int i;
int len = Ustrlen(secret);
uschar isecret[64];
uschar osecret[64];
memset(isecret+len, 0, 64-len);
memcpy(osecret, isecret, 64);
-for (i = 0; i < 64; i++)
+for (int i = 0; i < 64; i++)
{
isecret[i] ^= 0x36;
osecret[i] ^= 0x5c;
sasl_callback_t cbs[] = {{SASL_CB_LIST_END, NULL, NULL}};
sasl_conn_t *conn;
char * realm_expanded = NULL;
-int rc, i, firsttime = 1, clen, *negotiated_ssf_ptr = NULL, negotiated_ssf;
+int rc, firsttime = 1, clen, *negotiated_ssf_ptr = NULL, negotiated_ssf;
unsigned int inlen, outlen;
input = data;
So the docs are too strict and we shouldn't worry about :: contractions. */
/* Set properties for remote and local host-ip;port */
-for (i = 0; i < 2; ++i)
+for (int i = 0; i < 2; ++i)
{
struct sockaddr_storage ss;
int (*query)(int, struct sockaddr *, socklen_t *);
auth_instance *ablock, /* authenticator block */
void * sx, /* connexction */
int timeout, /* command timeout */
- uschar *buffer, /* for reading response */
+ uschar *buffer, /* for reading response */
int buffsize) /* size of buffer */
{
/* We don't support clients (yet) in this implementation of cyrus_sasl */
static int
strcut(uschar *str, uschar **ptrs, int nptrs)
{
- uschar *last_sub_start = str;
- int n;
-
- for (n = 0; n < nptrs; n++)
- ptrs[n] = NULL;
- n = 1;
-
- while (*str) {
- if (*str == '\t') {
- if (n <= nptrs) {
- *ptrs++ = last_sub_start;
- last_sub_start = str + 1;
- *str = '\0';
- }
- n++;
- }
- str++;
- }
-
- /* It's acceptable for the string to end with a tab character. We see
- this in AUTH PLAIN without an initial response from the client, which
- causing us to send "334 " and get the data from the client. */
- if (n <= nptrs) {
- *ptrs = last_sub_start;
- } else {
- HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs);
- n = nptrs;
- }
-
- return n <= nptrs ? n : nptrs;
+uschar *last_sub_start = str;
+int n;
+
+for (n = 0; n < nptrs; n++)
+ ptrs[n] = NULL;
+n = 1;
+
+while (*str)
+ {
+ if (*str == '\t')
+ {
+ if (n <= nptrs)
+ {
+ *ptrs++ = last_sub_start;
+ last_sub_start = str + 1;
+ *str = '\0';
+ }
+ n++;
+ }
+ str++;
+ }
+
+/* It's acceptable for the string to end with a tab character. We see
+this in AUTH PLAIN without an initial response from the client, which
+causing us to send "334 " and get the data from the client. */
+if (n <= nptrs)
+ *ptrs = last_sub_start;
+else
+ {
+ HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs);
+ n = nptrs;
+ }
+
+return n <= nptrs ? n : nptrs;
}
static void debug_strcut(uschar **ptrs, int nlen, int alen) ARG_UNUSED;
static void
debug_strcut(uschar **ptrs, int nlen, int alen)
{
- int i;
- debug_printf("%d read but unreturned bytes; strcut() gave %d results: ",
- socket_buffer_left, nlen);
- for (i = 0; i < nlen; i++) {
- debug_printf(" {%s}", ptrs[i]);
- }
- if (nlen < alen)
- debug_printf(" last is %s\n", ptrs[i] ? ptrs[i] : US"<null>");
- else
- debug_printf(" (max for capacity)\n");
+int i;
+debug_printf("%d read but unreturned bytes; strcut() gave %d results: ",
+ socket_buffer_left, nlen);
+for (i = 0; i < nlen; i++)
+ debug_printf(" {%s}", ptrs[i]);
+if (nlen < alen)
+ debug_printf(" last is %s\n", ptrs[i] ? ptrs[i] : US"<null>");
+else
+ debug_printf(" (max for capacity)\n");
}
#define CHECK_COMMAND(str, arg_min, arg_max) do { \
void
auth_gsasl_init(auth_instance *ablock)
{
- char *p;
- int rc, supported;
- auth_gsasl_options_block *ob =
- (auth_gsasl_options_block *)(ablock->options_block);
-
- /* As per existing Cyrus glue, use the authenticator's public name as
- the default for the mechanism name; we don't handle multiple mechanisms
- in one authenticator, but the same driver can be used multiple times. */
-
- if (ob->server_mech == NULL)
- ob->server_mech = string_copy(ablock->public_name);
-
- /* Can get multiple session contexts from one library context, so just
- initialise the once. */
- if (gsasl_ctx == NULL) {
- rc = gsasl_init(&gsasl_ctx);
- if (rc != GSASL_OK) {
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
- "couldn't initialise GNU SASL library: %s (%s)",
- ablock->name, gsasl_strerror_name(rc), gsasl_strerror(rc));
- }
- gsasl_callback_set(gsasl_ctx, main_callback);
+char *p;
+int rc, supported;
+auth_gsasl_options_block *ob =
+ (auth_gsasl_options_block *)(ablock->options_block);
+
+/* As per existing Cyrus glue, use the authenticator's public name as
+the default for the mechanism name; we don't handle multiple mechanisms
+in one authenticator, but the same driver can be used multiple times. */
+
+if (ob->server_mech == NULL)
+ ob->server_mech = string_copy(ablock->public_name);
+
+/* Can get multiple session contexts from one library context, so just
+initialise the once. */
+if (gsasl_ctx == NULL) {
+ rc = gsasl_init(&gsasl_ctx);
+ if (rc != GSASL_OK) {
+ log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
+ "couldn't initialise GNU SASL library: %s (%s)",
+ ablock->name, gsasl_strerror_name(rc), gsasl_strerror(rc));
}
+ gsasl_callback_set(gsasl_ctx, main_callback);
+}
- /* We don't need this except to log it for debugging. */
- rc = gsasl_server_mechlist(gsasl_ctx, &p);
- if (rc != GSASL_OK)
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
- "failed to retrieve list of mechanisms: %s (%s)",
- ablock->name, gsasl_strerror_name(rc), gsasl_strerror(rc));
- HDEBUG(D_auth) debug_printf("GNU SASL supports: %s\n", p);
+/* We don't need this except to log it for debugging. */
+rc = gsasl_server_mechlist(gsasl_ctx, &p);
+if (rc != GSASL_OK)
+ log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
+ "failed to retrieve list of mechanisms: %s (%s)",
+ ablock->name, gsasl_strerror_name(rc), gsasl_strerror(rc));
+HDEBUG(D_auth) debug_printf("GNU SASL supports: %s\n", p);
- supported = gsasl_client_support_p(gsasl_ctx, CCS ob->server_mech);
- if (!supported)
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
- "GNU SASL does not support mechanism \"%s\"",
- ablock->name, ob->server_mech);
-
- if ((ablock->server_condition == NULL) &&
- (streqic(ob->server_mech, US"EXTERNAL") ||
- streqic(ob->server_mech, US"ANONYMOUS") ||
- streqic(ob->server_mech, US"PLAIN") ||
- streqic(ob->server_mech, US"LOGIN")))
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
- "Need server_condition for %s mechanism",
- ablock->name, ob->server_mech);
+supported = gsasl_client_support_p(gsasl_ctx, CCS ob->server_mech);
+if (!supported)
+ log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
+ "GNU SASL does not support mechanism \"%s\"",
+ ablock->name, ob->server_mech);
+
+if ((ablock->server_condition == NULL) &&
+ (streqic(ob->server_mech, US"EXTERNAL") ||
+ streqic(ob->server_mech, US"ANONYMOUS") ||
+ streqic(ob->server_mech, US"PLAIN") ||
+ streqic(ob->server_mech, US"LOGIN")))
+ log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
+ "Need server_condition for %s mechanism",
+ ablock->name, ob->server_mech);
- /* This does *not* scale to new SASL mechanisms. Need a better way to ask
- which properties will be needed. */
- if ((ob->server_realm == NULL) &&
- streqic(ob->server_mech, US"DIGEST-MD5"))
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
- "Need server_realm for %s mechanism",
- ablock->name, ob->server_mech);
+/* This does *not* scale to new SASL mechanisms. Need a better way to ask
+which properties will be needed. */
+if ((ob->server_realm == NULL) &&
+ streqic(ob->server_mech, US"DIGEST-MD5"))
+ log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
+ "Need server_realm for %s mechanism",
+ ablock->name, ob->server_mech);
- /* At present, for mechanisms we don't panic on absence of server_condition;
- need to figure out the most generically correct approach to deciding when
- it's critical and when it isn't. Eg, for simple validation (PLAIN mechanism,
- etc) it clearly is critical.
+/* At present, for mechanisms we don't panic on absence of server_condition;
+need to figure out the most generically correct approach to deciding when
+it's critical and when it isn't. Eg, for simple validation (PLAIN mechanism,
+etc) it clearly is critical.
- So don't activate without server_condition, this might be relaxed in the future.
- */
- if (ablock->server_condition != NULL) ablock->server = TRUE;
- ablock->client = FALSE;
+So don't activate without server_condition, this might be relaxed in the future.
+*/
+if (ablock->server_condition != NULL) ablock->server = TRUE;
+ablock->client = FALSE;
}
static int
main_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop)
{
- int rc = 0;
- struct callback_exim_state *cb_state =
- (struct callback_exim_state *)gsasl_session_hook_get(sctx);
-
- HDEBUG(D_auth)
- debug_printf("GNU SASL Callback entered, prop=%d (loop prop=%d)\n",
- prop, callback_loop);
-
- if (cb_state == NULL) {
- HDEBUG(D_auth) debug_printf(" not from our server/client processing.\n");
- return GSASL_NO_CALLBACK;
+int rc = 0;
+struct callback_exim_state *cb_state =
+ (struct callback_exim_state *)gsasl_session_hook_get(sctx);
+
+HDEBUG(D_auth)
+ debug_printf("GNU SASL Callback entered, prop=%d (loop prop=%d)\n",
+ prop, callback_loop);
+
+if (cb_state == NULL)
+ {
+ HDEBUG(D_auth) debug_printf(" not from our server/client processing.\n");
+ return GSASL_NO_CALLBACK;
}
- if (callback_loop > 0) {
- /* Most likely is that we were asked for property foo, and to
- expand the string we asked for property bar to put into an auth
- variable, but property bar is not supplied for this mechanism. */
- HDEBUG(D_auth)
- debug_printf("Loop, asked for property %d while handling property %d\n",
- prop, callback_loop);
- return GSASL_NO_CALLBACK;
+if (callback_loop > 0)
+ {
+ /* Most likely is that we were asked for property foo, and to
+ expand the string we asked for property bar to put into an auth
+ variable, but property bar is not supplied for this mechanism. */
+ HDEBUG(D_auth)
+ debug_printf("Loop, asked for property %d while handling property %d\n",
+ prop, callback_loop);
+ return GSASL_NO_CALLBACK;
}
- callback_loop = prop;
+callback_loop = prop;
- if (cb_state->currently == CURRENTLY_CLIENT)
- rc = client_callback(ctx, sctx, prop, cb_state->ablock);
- else if (cb_state->currently == CURRENTLY_SERVER)
- rc = server_callback(ctx, sctx, prop, cb_state->ablock);
- else {
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
- "unhandled callback state, bug in Exim", cb_state->ablock->name);
- /* NOTREACHED */
- }
+if (cb_state->currently == CURRENTLY_CLIENT)
+ rc = client_callback(ctx, sctx, prop, cb_state->ablock);
+else if (cb_state->currently == CURRENTLY_SERVER)
+ rc = server_callback(ctx, sctx, prop, cb_state->ablock);
+else
+ log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
+ "unhandled callback state, bug in Exim", cb_state->ablock->name);
+ /* NOTREACHED */
- callback_loop = 0;
- return rc;
+callback_loop = 0;
+return rc;
}
int
auth_gsasl_server(auth_instance *ablock, uschar *initial_data)
{
- char *tmps;
- char *to_send, *received;
- Gsasl_session *sctx = NULL;
- auth_gsasl_options_block *ob =
- (auth_gsasl_options_block *)(ablock->options_block);
- struct callback_exim_state cb_state;
- int rc, auth_result, exim_error, exim_error_override;
-
- HDEBUG(D_auth)
- debug_printf("GNU SASL: initialising session for %s, mechanism %s.\n",
- ablock->name, ob->server_mech);
-
- rc = gsasl_server_start(gsasl_ctx, CCS ob->server_mech, &sctx);
- if (rc != GSASL_OK) {
- auth_defer_msg = string_sprintf("GNU SASL: session start failure: %s (%s)",
- gsasl_strerror_name(rc), gsasl_strerror(rc));
- HDEBUG(D_auth) debug_printf("%s\n", auth_defer_msg);
- return DEFER;
+char *tmps;
+char *to_send, *received;
+Gsasl_session *sctx = NULL;
+auth_gsasl_options_block *ob =
+ (auth_gsasl_options_block *)(ablock->options_block);
+struct callback_exim_state cb_state;
+int rc, auth_result, exim_error, exim_error_override;
+
+HDEBUG(D_auth)
+ debug_printf("GNU SASL: initialising session for %s, mechanism %s.\n",
+ ablock->name, ob->server_mech);
+
+rc = gsasl_server_start(gsasl_ctx, CCS ob->server_mech, &sctx);
+if (rc != GSASL_OK)
+ {
+ auth_defer_msg = string_sprintf("GNU SASL: session start failure: %s (%s)",
+ gsasl_strerror_name(rc), gsasl_strerror(rc));
+ HDEBUG(D_auth) debug_printf("%s\n", auth_defer_msg);
+ return DEFER;
}
- /* Hereafter: gsasl_finish(sctx) please */
-
- gsasl_session_hook_set(sctx, (void *)ablock);
- cb_state.ablock = ablock;
- cb_state.currently = CURRENTLY_SERVER;
- gsasl_session_hook_set(sctx, (void *)&cb_state);
-
- tmps = CS expand_string(ob->server_service);
- gsasl_property_set(sctx, GSASL_SERVICE, tmps);
- tmps = CS expand_string(ob->server_hostname);
- gsasl_property_set(sctx, GSASL_HOSTNAME, tmps);
- if (ob->server_realm) {
- tmps = CS expand_string(ob->server_realm);
- if (tmps && *tmps) {
- gsasl_property_set(sctx, GSASL_REALM, tmps);
- }
+/* Hereafter: gsasl_finish(sctx) please */
+
+gsasl_session_hook_set(sctx, (void *)ablock);
+cb_state.ablock = ablock;
+cb_state.currently = CURRENTLY_SERVER;
+gsasl_session_hook_set(sctx, (void *)&cb_state);
+
+tmps = CS expand_string(ob->server_service);
+gsasl_property_set(sctx, GSASL_SERVICE, tmps);
+tmps = CS expand_string(ob->server_hostname);
+gsasl_property_set(sctx, GSASL_HOSTNAME, tmps);
+if (ob->server_realm)
+ {
+ tmps = CS expand_string(ob->server_realm);
+ if (tmps && *tmps)
+ gsasl_property_set(sctx, GSASL_REALM, tmps);
}
- /* We don't support protection layers. */
- gsasl_property_set(sctx, GSASL_QOPS, "qop-auth");
+/* We don't support protection layers. */
+gsasl_property_set(sctx, GSASL_QOPS, "qop-auth");
#ifdef SUPPORT_TLS
- if (tls_channelbinding_b64) {
- /* Some auth mechanisms can ensure that both sides are talking withing the
- same security context; for TLS, this means that even if a bad certificate
- has been accepted, they remain MitM-proof because both sides must be within
- the same negotiated session; if someone is terminating one session and
- proxying data on within a second, authentication will fail.
-
- We might not have this available, depending upon TLS implementation,
- ciphersuite, phase of moon ...
-
- If we do, it results in extra SASL mechanisms being available; here,
- Exim's one-mechanism-per-authenticator potentially causes problems.
- It depends upon how GNU SASL will implement the PLUS variants of GS2
- and whether it automatically mandates a switch to the bound PLUS
- if the data is available. Since default-on, despite being more secure,
- would then result in mechanism name changes on a library update, we
- have little choice but to default it off and let the admin choose to
- enable it. *sigh*
- */
- if (ob->server_channelbinding) {
- HDEBUG(D_auth) debug_printf("Auth %s: Enabling channel-binding\n",
- ablock->name);
- gsasl_property_set(sctx, GSASL_CB_TLS_UNIQUE,
- CCS tls_channelbinding_b64);
- } else {
- HDEBUG(D_auth)
- debug_printf("Auth %s: Not enabling channel-binding (data available)\n",
- ablock->name);
+if (tls_channelbinding_b64)
+ {
+ /* Some auth mechanisms can ensure that both sides are talking withing the
+ same security context; for TLS, this means that even if a bad certificate
+ has been accepted, they remain MitM-proof because both sides must be within
+ the same negotiated session; if someone is terminating one session and
+ proxying data on within a second, authentication will fail.
+
+ We might not have this available, depending upon TLS implementation,
+ ciphersuite, phase of moon ...
+
+ If we do, it results in extra SASL mechanisms being available; here,
+ Exim's one-mechanism-per-authenticator potentially causes problems.
+ It depends upon how GNU SASL will implement the PLUS variants of GS2
+ and whether it automatically mandates a switch to the bound PLUS
+ if the data is available. Since default-on, despite being more secure,
+ would then result in mechanism name changes on a library update, we
+ have little choice but to default it off and let the admin choose to
+ enable it. *sigh*
+ */
+ if (ob->server_channelbinding)
+ {
+ HDEBUG(D_auth) debug_printf("Auth %s: Enabling channel-binding\n",
+ ablock->name);
+ gsasl_property_set(sctx, GSASL_CB_TLS_UNIQUE,
+ CCS tls_channelbinding_b64);
}
- } else {
+ else
+ {
HDEBUG(D_auth)
- debug_printf("Auth %s: no channel-binding data available\n",
- ablock->name);
+ debug_printf("Auth %s: Not enabling channel-binding (data available)\n",
+ ablock->name);
+ }
}
+else
+ HDEBUG(D_auth)
+ debug_printf("Auth %s: no channel-binding data available\n",
+ ablock->name);
#endif
- checked_server_condition = FALSE;
-
- received = CS initial_data;
- to_send = NULL;
- exim_error = exim_error_override = OK;
-
- do {
- rc = gsasl_step64(sctx, received, &to_send);
-
- switch (rc) {
- case GSASL_OK:
- if (!to_send)
- goto STOP_INTERACTION;
- break;
-
- case GSASL_NEEDS_MORE:
- break;
-
- case GSASL_AUTHENTICATION_ERROR:
- case GSASL_INTEGRITY_ERROR:
- case GSASL_NO_AUTHID:
- case GSASL_NO_ANONYMOUS_TOKEN:
- case GSASL_NO_AUTHZID:
- case GSASL_NO_PASSWORD:
- case GSASL_NO_PASSCODE:
- case GSASL_NO_PIN:
- case GSASL_BASE64_ERROR:
- HDEBUG(D_auth) debug_printf("GNU SASL permanent error: %s (%s)\n",
- gsasl_strerror_name(rc), gsasl_strerror(rc));
- log_write(0, LOG_REJECT, "%s authenticator (%s):\n "
- "GNU SASL permanent failure: %s (%s)",
- ablock->name, ob->server_mech,
- gsasl_strerror_name(rc), gsasl_strerror(rc));
- if (rc == GSASL_BASE64_ERROR)
- exim_error_override = BAD64;
- goto STOP_INTERACTION;
-
- default:
- auth_defer_msg = string_sprintf("GNU SASL temporary error: %s (%s)",
- gsasl_strerror_name(rc), gsasl_strerror(rc));
- HDEBUG(D_auth) debug_printf("%s\n", auth_defer_msg);
- exim_error_override = DEFER;
- goto STOP_INTERACTION;
+checked_server_condition = FALSE;
+
+received = CS initial_data;
+to_send = NULL;
+exim_error = exim_error_override = OK;
+
+do {
+ rc = gsasl_step64(sctx, received, &to_send);
+
+ switch (rc)
+ {
+ case GSASL_OK:
+ if (!to_send)
+ goto STOP_INTERACTION;
+ break;
+
+ case GSASL_NEEDS_MORE:
+ break;
+
+ case GSASL_AUTHENTICATION_ERROR:
+ case GSASL_INTEGRITY_ERROR:
+ case GSASL_NO_AUTHID:
+ case GSASL_NO_ANONYMOUS_TOKEN:
+ case GSASL_NO_AUTHZID:
+ case GSASL_NO_PASSWORD:
+ case GSASL_NO_PASSCODE:
+ case GSASL_NO_PIN:
+ case GSASL_BASE64_ERROR:
+ HDEBUG(D_auth) debug_printf("GNU SASL permanent error: %s (%s)\n",
+ gsasl_strerror_name(rc), gsasl_strerror(rc));
+ log_write(0, LOG_REJECT, "%s authenticator (%s):\n "
+ "GNU SASL permanent failure: %s (%s)",
+ ablock->name, ob->server_mech,
+ gsasl_strerror_name(rc), gsasl_strerror(rc));
+ if (rc == GSASL_BASE64_ERROR)
+ exim_error_override = BAD64;
+ goto STOP_INTERACTION;
+
+ default:
+ auth_defer_msg = string_sprintf("GNU SASL temporary error: %s (%s)",
+ gsasl_strerror_name(rc), gsasl_strerror(rc));
+ HDEBUG(D_auth) debug_printf("%s\n", auth_defer_msg);
+ exim_error_override = DEFER;
+ goto STOP_INTERACTION;
}
- if ((rc == GSASL_NEEDS_MORE) ||
- (to_send && *to_send))
- exim_error =
- auth_get_no64_data((uschar **)&received, US to_send);
+ if ((rc == GSASL_NEEDS_MORE) ||
+ (to_send && *to_send))
+ exim_error =
+ auth_get_no64_data((uschar **)&received, US to_send);
- if (to_send) {
- free(to_send);
- to_send = NULL;
+ if (to_send)
+ {
+ free(to_send);
+ to_send = NULL;
}
- if (exim_error)
- break; /* handles * cancelled check */
+ if (exim_error)
+ break; /* handles * cancelled check */
} while (rc == GSASL_NEEDS_MORE);
STOP_INTERACTION:
- auth_result = rc;
+auth_result = rc;
- gsasl_finish(sctx);
+gsasl_finish(sctx);
- /* Can return: OK DEFER FAIL CANCELLED BAD64 UNEXPECTED */
+/* Can return: OK DEFER FAIL CANCELLED BAD64 UNEXPECTED */
- if (exim_error != OK)
- return exim_error;
+if (exim_error != OK)
+ return exim_error;
- if (auth_result != GSASL_OK) {
- HDEBUG(D_auth) debug_printf("authentication returned %s (%s)\n",
- gsasl_strerror_name(auth_result), gsasl_strerror(auth_result));
- if (exim_error_override != OK)
- return exim_error_override; /* might be DEFER */
- if (sasl_error_should_defer) /* overriding auth failure SASL error */
- return DEFER;
- return FAIL;
+if (auth_result != GSASL_OK)
+ {
+ HDEBUG(D_auth) debug_printf("authentication returned %s (%s)\n",
+ gsasl_strerror_name(auth_result), gsasl_strerror(auth_result));
+ if (exim_error_override != OK)
+ return exim_error_override; /* might be DEFER */
+ if (sasl_error_should_defer) /* overriding auth failure SASL error */
+ return DEFER;
+ return FAIL;
}
- /* Auth succeeded, check server_condition unless already done in callback */
- return checked_server_condition ? OK : auth_check_serv_cond(ablock);
+/* Auth succeeded, check server_condition unless already done in callback */
+return checked_server_condition ? OK : auth_check_serv_cond(ablock);
}
+
/* returns the GSASL status of expanding the Exim string given */
static int
condition_check(auth_instance *ablock, uschar *label, uschar *condition_string)
{
- int exim_rc;
+int exim_rc;
- exim_rc = auth_check_some_cond(ablock, label, condition_string, FAIL);
+exim_rc = auth_check_some_cond(ablock, label, condition_string, FAIL);
- if (exim_rc == OK) {
- return GSASL_OK;
- } else if (exim_rc == DEFER) {
- sasl_error_should_defer = TRUE;
- return GSASL_AUTHENTICATION_ERROR;
- } else if (exim_rc == FAIL) {
- return GSASL_AUTHENTICATION_ERROR;
+if (exim_rc == OK)
+ return GSASL_OK;
+else if (exim_rc == DEFER)
+ {
+ sasl_error_should_defer = TRUE;
+ return GSASL_AUTHENTICATION_ERROR;
}
-
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
- "Unhandled return from checking %s: %d",
- ablock->name, label, exim_rc);
- /* NOTREACHED */
+else if (exim_rc == FAIL)
return GSASL_AUTHENTICATION_ERROR;
+
+log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator: "
+ "Unhandled return from checking %s: %d",
+ ablock->name, label, exim_rc);
+/* NOTREACHED */
+return GSASL_AUTHENTICATION_ERROR;
}
static int
server_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop, auth_instance *ablock)
{
- char *tmps;
- uschar *propval;
- int cbrc = GSASL_NO_CALLBACK;
- int i;
- auth_gsasl_options_block *ob =
- (auth_gsasl_options_block *)(ablock->options_block);
-
- HDEBUG(D_auth)
- debug_printf("GNU SASL callback %d for %s/%s as server\n",
- prop, ablock->name, ablock->public_name);
-
- for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
- expand_nmax = 0;
-
- switch (prop) {
- case GSASL_VALIDATE_SIMPLE:
- /* GSASL_AUTHID, GSASL_AUTHZID, and GSASL_PASSWORD */
- propval = US gsasl_property_fast(sctx, GSASL_AUTHID);
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
- propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
- propval = US gsasl_property_fast(sctx, GSASL_PASSWORD);
- auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
- expand_nmax = 3;
- for (i = 1; i <= 3; ++i)
- expand_nlength[i] = Ustrlen(expand_nstring[i]);
-
- cbrc = condition_check(ablock, US"server_condition", ablock->server_condition);
- checked_server_condition = TRUE;
+char *tmps;
+uschar *propval;
+int cbrc = GSASL_NO_CALLBACK;
+auth_gsasl_options_block *ob =
+ (auth_gsasl_options_block *)(ablock->options_block);
+
+HDEBUG(D_auth)
+ debug_printf("GNU SASL callback %d for %s/%s as server\n",
+ prop, ablock->name, ablock->public_name);
+
+for (int i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
+expand_nmax = 0;
+
+switch (prop)
+ {
+ case GSASL_VALIDATE_SIMPLE:
+ /* GSASL_AUTHID, GSASL_AUTHZID, and GSASL_PASSWORD */
+ propval = US gsasl_property_fast(sctx, GSASL_AUTHID);
+ auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
+ auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+ propval = US gsasl_property_fast(sctx, GSASL_PASSWORD);
+ auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
+ expand_nmax = 3;
+ for (int i = 1; i <= 3; ++i)
+ expand_nlength[i] = Ustrlen(expand_nstring[i]);
+
+ cbrc = condition_check(ablock, US"server_condition", ablock->server_condition);
+ checked_server_condition = TRUE;
+ break;
+
+ case GSASL_VALIDATE_EXTERNAL:
+ if (ablock->server_condition == NULL)
+ {
+ HDEBUG(D_auth) debug_printf("No server_condition supplied, to validate EXTERNAL.\n");
+ cbrc = GSASL_AUTHENTICATION_ERROR;
break;
-
- case GSASL_VALIDATE_EXTERNAL:
- if (ablock->server_condition == NULL) {
- HDEBUG(D_auth) debug_printf("No server_condition supplied, to validate EXTERNAL.\n");
- cbrc = GSASL_AUTHENTICATION_ERROR;
- break;
}
- propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- /* We always set $auth1, even if only to empty string. */
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
- expand_nlength[1] = Ustrlen(expand_nstring[1]);
- expand_nmax = 1;
-
- cbrc = condition_check(ablock,
- US"server_condition (EXTERNAL)", ablock->server_condition);
- checked_server_condition = TRUE;
+ propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
+ /* We always set $auth1, even if only to empty string. */
+ auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ expand_nlength[1] = Ustrlen(expand_nstring[1]);
+ expand_nmax = 1;
+
+ cbrc = condition_check(ablock,
+ US"server_condition (EXTERNAL)", ablock->server_condition);
+ checked_server_condition = TRUE;
+ break;
+
+ case GSASL_VALIDATE_ANONYMOUS:
+ if (ablock->server_condition == NULL)
+ {
+ HDEBUG(D_auth) debug_printf("No server_condition supplied, to validate ANONYMOUS.\n");
+ cbrc = GSASL_AUTHENTICATION_ERROR;
break;
-
- case GSASL_VALIDATE_ANONYMOUS:
- if (ablock->server_condition == NULL) {
- HDEBUG(D_auth) debug_printf("No server_condition supplied, to validate ANONYMOUS.\n");
- cbrc = GSASL_AUTHENTICATION_ERROR;
- break;
}
- propval = US gsasl_property_fast(sctx, GSASL_ANONYMOUS_TOKEN);
- /* We always set $auth1, even if only to empty string. */
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
- expand_nlength[1] = Ustrlen(expand_nstring[1]);
- expand_nmax = 1;
-
- cbrc = condition_check(ablock,
- US"server_condition (ANONYMOUS)", ablock->server_condition);
- checked_server_condition = TRUE;
- break;
-
- case GSASL_VALIDATE_GSSAPI:
- /* GSASL_AUTHZID and GSASL_GSSAPI_DISPLAY_NAME
- The display-name is authenticated as part of GSS, the authzid is claimed
- by the SASL integration after authentication; protected against tampering
- (if the SASL mechanism supports that, which Kerberos does) but is
- unverified, same as normal for other mechanisms.
-
- First coding, we had these values swapped, but for consistency and prior
- to the first release of Exim with this authenticator, they've been
- switched to match the ordering of GSASL_VALIDATE_SIMPLE. */
- propval = US gsasl_property_fast(sctx, GSASL_GSSAPI_DISPLAY_NAME);
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
- propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
- expand_nmax = 2;
- for (i = 1; i <= 2; ++i)
- expand_nlength[i] = Ustrlen(expand_nstring[i]);
-
- /* In this one case, it perhaps makes sense to default back open?
- But for consistency, let's just mandate server_condition here too. */
- cbrc = condition_check(ablock,
- US"server_condition (GSSAPI family)", ablock->server_condition);
- checked_server_condition = TRUE;
- break;
-
- case GSASL_PASSWORD:
- /* DIGEST-MD5: GSASL_AUTHID, GSASL_AUTHZID and GSASL_REALM
- CRAM-MD5: GSASL_AUTHID
- PLAIN: GSASL_AUTHID and GSASL_AUTHZID
- LOGIN: GSASL_AUTHID
- */
- if (ob->server_scram_iter) {
- tmps = CS expand_string(ob->server_scram_iter);
- gsasl_property_set(sctx, GSASL_SCRAM_ITER, tmps);
+ propval = US gsasl_property_fast(sctx, GSASL_ANONYMOUS_TOKEN);
+ /* We always set $auth1, even if only to empty string. */
+ auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ expand_nlength[1] = Ustrlen(expand_nstring[1]);
+ expand_nmax = 1;
+
+ cbrc = condition_check(ablock,
+ US"server_condition (ANONYMOUS)", ablock->server_condition);
+ checked_server_condition = TRUE;
+ break;
+
+ case GSASL_VALIDATE_GSSAPI:
+ /* GSASL_AUTHZID and GSASL_GSSAPI_DISPLAY_NAME
+ The display-name is authenticated as part of GSS, the authzid is claimed
+ by the SASL integration after authentication; protected against tampering
+ (if the SASL mechanism supports that, which Kerberos does) but is
+ unverified, same as normal for other mechanisms.
+
+ First coding, we had these values swapped, but for consistency and prior
+ to the first release of Exim with this authenticator, they've been
+ switched to match the ordering of GSASL_VALIDATE_SIMPLE. */
+ propval = US gsasl_property_fast(sctx, GSASL_GSSAPI_DISPLAY_NAME);
+ auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
+ auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+ expand_nmax = 2;
+ for (int i = 1; i <= 2; ++i)
+ expand_nlength[i] = Ustrlen(expand_nstring[i]);
+
+ /* In this one case, it perhaps makes sense to default back open?
+ But for consistency, let's just mandate server_condition here too. */
+ cbrc = condition_check(ablock,
+ US"server_condition (GSSAPI family)", ablock->server_condition);
+ checked_server_condition = TRUE;
+ break;
+
+ case GSASL_PASSWORD:
+ /* DIGEST-MD5: GSASL_AUTHID, GSASL_AUTHZID and GSASL_REALM
+ CRAM-MD5: GSASL_AUTHID
+ PLAIN: GSASL_AUTHID and GSASL_AUTHZID
+ LOGIN: GSASL_AUTHID
+ */
+ if (ob->server_scram_iter)
+ {
+ tmps = CS expand_string(ob->server_scram_iter);
+ gsasl_property_set(sctx, GSASL_SCRAM_ITER, tmps);
}
- if (ob->server_scram_salt) {
- tmps = CS expand_string(ob->server_scram_salt);
- gsasl_property_set(sctx, GSASL_SCRAM_SALT, tmps);
+ if (ob->server_scram_salt)
+ {
+ tmps = CS expand_string(ob->server_scram_salt);
+ gsasl_property_set(sctx, GSASL_SCRAM_SALT, tmps);
}
- /* Asking for GSASL_AUTHZID calls back into us if we use
- gsasl_property_get(), thus the use of gsasl_property_fast().
- Do we really want to hardcode limits per mechanism? What happens when
- a new mechanism is added to the library. It *shouldn't* result in us
- needing to add more glue, since avoiding that is a large part of the
- point of SASL. */
- propval = US gsasl_property_fast(sctx, GSASL_AUTHID);
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
- propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
- propval = US gsasl_property_fast(sctx, GSASL_REALM);
- auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
- expand_nmax = 3;
- for (i = 1; i <= 3; ++i)
- expand_nlength[i] = Ustrlen(expand_nstring[i]);
-
- tmps = CS expand_string(ob->server_password);
- if (tmps == NULL) {
- sasl_error_should_defer = f.expand_string_forcedfail ? FALSE : TRUE;
- HDEBUG(D_auth) debug_printf("server_password expansion failed, so "
- "can't tell GNU SASL library the password for %s\n", auth_vars[0]);
- return GSASL_AUTHENTICATION_ERROR;
+ /* Asking for GSASL_AUTHZID calls back into us if we use
+ gsasl_property_get(), thus the use of gsasl_property_fast().
+ Do we really want to hardcode limits per mechanism? What happens when
+ a new mechanism is added to the library. It *shouldn't* result in us
+ needing to add more glue, since avoiding that is a large part of the
+ point of SASL. */
+ propval = US gsasl_property_fast(sctx, GSASL_AUTHID);
+ auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
+ auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+ propval = US gsasl_property_fast(sctx, GSASL_REALM);
+ auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
+ expand_nmax = 3;
+ for (int i = 1; i <= 3; ++i)
+ expand_nlength[i] = Ustrlen(expand_nstring[i]);
+
+ tmps = CS expand_string(ob->server_password);
+ if (tmps == NULL)
+ {
+ sasl_error_should_defer = f.expand_string_forcedfail ? FALSE : TRUE;
+ HDEBUG(D_auth) debug_printf("server_password expansion failed, so "
+ "can't tell GNU SASL library the password for %s\n", auth_vars[0]);
+ return GSASL_AUTHENTICATION_ERROR;
}
- gsasl_property_set(sctx, GSASL_PASSWORD, tmps);
- /* This is inadequate; don't think Exim's store stacks are geared
- for memory wiping, so expanding strings will leave stuff laying around.
- But no need to compound the problem, so get rid of the one we can. */
- memset(tmps, '\0', strlen(tmps));
- cbrc = GSASL_OK;
- break;
-
- default:
- HDEBUG(D_auth) debug_printf("Unrecognised callback: %d\n", prop);
- cbrc = GSASL_NO_CALLBACK;
+ gsasl_property_set(sctx, GSASL_PASSWORD, tmps);
+ /* This is inadequate; don't think Exim's store stacks are geared
+ for memory wiping, so expanding strings will leave stuff laying around.
+ But no need to compound the problem, so get rid of the one we can. */
+ memset(tmps, '\0', strlen(tmps));
+ cbrc = GSASL_OK;
+ break;
+
+ default:
+ HDEBUG(D_auth) debug_printf("Unrecognised callback: %d\n", prop);
+ cbrc = GSASL_NO_CALLBACK;
}
- HDEBUG(D_auth) debug_printf("Returning %s (%s)\n",
- gsasl_strerror_name(cbrc), gsasl_strerror(cbrc));
+HDEBUG(D_auth) debug_printf("Returning %s (%s)\n",
+ gsasl_strerror_name(cbrc), gsasl_strerror(cbrc));
- return cbrc;
+return cbrc;
}
uschar *buffer, /* buffer for reading response */
int buffsize) /* size of buffer */
{
- HDEBUG(D_auth)
- debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
- /* NOT IMPLEMENTED */
- return FAIL;
+HDEBUG(D_auth)
+ debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
+/* NOT IMPLEMENTED */
+return FAIL;
}
static int
client_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop, auth_instance *ablock)
{
- int cbrc = GSASL_NO_CALLBACK;
- HDEBUG(D_auth)
- debug_printf("GNU SASL callback %d for %s/%s as client\n",
- prop, ablock->name, ablock->public_name);
+int cbrc = GSASL_NO_CALLBACK;
+HDEBUG(D_auth)
+ debug_printf("GNU SASL callback %d for %s/%s as client\n",
+ prop, ablock->name, ablock->public_name);
- HDEBUG(D_auth)
- debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
+HDEBUG(D_auth)
+ debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
- return cbrc;
+return cbrc;
}
/*************************************************
void
auth_gsasl_version_report(FILE *f)
{
- const char *runtime;
- runtime = gsasl_check_version(NULL);
- fprintf(f, "Library version: GNU SASL: Compile: %s\n"
- " Runtime: %s\n",
- GSASL_VERSION, runtime);
+const char *runtime;
+runtime = gsasl_check_version(NULL);
+fprintf(f, "Library version: GNU SASL: Compile: %s\n"
+ " Runtime: %s\n",
+ GSASL_VERSION, runtime);
}
#endif /*!MACRO_PREDEF*/
void
auth_heimdal_gssapi_init(auth_instance *ablock)
{
- krb5_context context;
- krb5_keytab keytab;
- krb5_kt_cursor cursor;
- krb5_keytab_entry entry;
- krb5_error_code krc;
- char *principal, *enctype_s;
- const char *k_keytab_typed_name = NULL;
- auth_heimdal_gssapi_options_block *ob =
- (auth_heimdal_gssapi_options_block *)(ablock->options_block);
-
- ablock->server = FALSE;
- ablock->client = FALSE;
-
- if (!ob->server_service || !*ob->server_service) {
- HDEBUG(D_auth) debug_printf("heimdal: missing server_service\n");
- return;
- }
+krb5_context context;
+krb5_keytab keytab;
+krb5_kt_cursor cursor;
+krb5_keytab_entry entry;
+krb5_error_code krc;
+char *principal, *enctype_s;
+const char *k_keytab_typed_name = NULL;
+auth_heimdal_gssapi_options_block *ob =
+ (auth_heimdal_gssapi_options_block *)(ablock->options_block);
+
+ablock->server = FALSE;
+ablock->client = FALSE;
+
+if (!ob->server_service || !*ob->server_service)
+ {
+ HDEBUG(D_auth) debug_printf("heimdal: missing server_service\n");
+ return;
+}
- krc = krb5_init_context(&context);
- if (krc != 0) {
- int kerr = errno;
- HDEBUG(D_auth) debug_printf("heimdal: failed to initialise krb5 context: %s\n",
- strerror(kerr));
- return;
+krc = krb5_init_context(&context);
+if (krc != 0)
+ {
+ int kerr = errno;
+ HDEBUG(D_auth) debug_printf("heimdal: failed to initialise krb5 context: %s\n",
+ strerror(kerr));
+ return;
}
- if (ob->server_keytab) {
- k_keytab_typed_name = CCS string_sprintf("file:%s", expand_string(ob->server_keytab));
- HDEBUG(D_auth) debug_printf("heimdal: using keytab %s\n", k_keytab_typed_name);
- krc = krb5_kt_resolve(context, k_keytab_typed_name, &keytab);
- if (krc) {
- HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_resolve", context, krc);
- return;
+if (ob->server_keytab)
+ {
+ k_keytab_typed_name = CCS string_sprintf("file:%s", expand_string(ob->server_keytab));
+ HDEBUG(D_auth) debug_printf("heimdal: using keytab %s\n", k_keytab_typed_name);
+ krc = krb5_kt_resolve(context, k_keytab_typed_name, &keytab);
+ if (krc)
+ {
+ HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_resolve", context, krc);
+ return;
}
- } else {
- HDEBUG(D_auth) debug_printf("heimdal: using system default keytab\n");
- krc = krb5_kt_default(context, &keytab);
- if (krc) {
- HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_default", context, krc);
- return;
+ }
+else
+ {
+ HDEBUG(D_auth) debug_printf("heimdal: using system default keytab\n");
+ krc = krb5_kt_default(context, &keytab);
+ if (krc)
+ {
+ HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_default", context, krc);
+ return;
}
}
- HDEBUG(D_auth) {
- /* http://www.h5l.org/manual/HEAD/krb5/krb5_keytab_intro.html */
- krc = krb5_kt_start_seq_get(context, keytab, &cursor);
- if (krc)
- exim_heimdal_error_debug("krb5_kt_start_seq_get", context, krc);
- else {
- while ((krc = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) {
- principal = enctype_s = NULL;
- krb5_unparse_name(context, entry.principal, &principal);
- krb5_enctype_to_string(context, entry.keyblock.keytype, &enctype_s);
- debug_printf("heimdal: keytab principal: %s vno=%d type=%s\n",
- principal ? principal : "??",
- entry.vno,
- enctype_s ? enctype_s : "??");
- free(principal);
- free(enctype_s);
- krb5_kt_free_entry(context, &entry);
+HDEBUG(D_auth)
+ {
+ /* http://www.h5l.org/manual/HEAD/krb5/krb5_keytab_intro.html */
+ krc = krb5_kt_start_seq_get(context, keytab, &cursor);
+ if (krc)
+ exim_heimdal_error_debug("krb5_kt_start_seq_get", context, krc);
+ else
+ {
+ while ((krc = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0)
+ {
+ principal = enctype_s = NULL;
+ krb5_unparse_name(context, entry.principal, &principal);
+ krb5_enctype_to_string(context, entry.keyblock.keytype, &enctype_s);
+ debug_printf("heimdal: keytab principal: %s vno=%d type=%s\n",
+ principal ? principal : "??",
+ entry.vno,
+ enctype_s ? enctype_s : "??");
+ free(principal);
+ free(enctype_s);
+ krb5_kt_free_entry(context, &entry);
}
- krc = krb5_kt_end_seq_get(context, keytab, &cursor);
- if (krc)
- exim_heimdal_error_debug("krb5_kt_end_seq_get", context, krc);
+ krc = krb5_kt_end_seq_get(context, keytab, &cursor);
+ if (krc)
+ exim_heimdal_error_debug("krb5_kt_end_seq_get", context, krc);
}
}
- krc = krb5_kt_close(context, keytab);
- if (krc)
- HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_close", context, krc);
+krc = krb5_kt_close(context, keytab);
+if (krc)
+ HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_close", context, krc);
- krb5_free_context(context);
+krb5_free_context(context);
- /* RFC 4121 section 5.2, SHOULD support 64K input buffers */
- if (big_buffer_size < (64 * 1024)) {
- uschar *newbuf;
- big_buffer_size = 64 * 1024;
- newbuf = store_malloc(big_buffer_size);
- store_free(big_buffer);
- big_buffer = newbuf;
+/* RFC 4121 section 5.2, SHOULD support 64K input buffers */
+if (big_buffer_size < (64 * 1024))
+ {
+ uschar *newbuf;
+ big_buffer_size = 64 * 1024;
+ newbuf = store_malloc(big_buffer_size);
+ store_free(big_buffer);
+ big_buffer = newbuf;
}
- ablock->server = TRUE;
+ablock->server = TRUE;
}
exim_heimdal_error_debug(const char *label,
krb5_context context, krb5_error_code err)
{
- const char *kerrsc;
- kerrsc = krb5_get_error_message(context, err);
- debug_printf("heimdal %s: %s\n", label, kerrsc ? kerrsc : "unknown error");
- krb5_free_error_message(context, kerrsc);
+const char *kerrsc;
+kerrsc = krb5_get_error_message(context, err);
+debug_printf("heimdal %s: %s\n", label, kerrsc ? kerrsc : "unknown error");
+krb5_free_error_message(context, kerrsc);
}
/*************************************************
int
auth_heimdal_gssapi_server(auth_instance *ablock, uschar *initial_data)
{
- gss_name_t gclient = GSS_C_NO_NAME;
- gss_name_t gserver = GSS_C_NO_NAME;
- gss_cred_id_t gcred = GSS_C_NO_CREDENTIAL;
- gss_ctx_id_t gcontext = GSS_C_NO_CONTEXT;
- uschar *ex_server_str;
- gss_buffer_desc gbufdesc = GSS_C_EMPTY_BUFFER;
- gss_buffer_desc gbufdesc_in = GSS_C_EMPTY_BUFFER;
- gss_buffer_desc gbufdesc_out = GSS_C_EMPTY_BUFFER;
- gss_OID mech_type;
- OM_uint32 maj_stat, min_stat;
- int step, error_out, i;
- uschar *tmp1, *tmp2, *from_client;
- auth_heimdal_gssapi_options_block *ob =
- (auth_heimdal_gssapi_options_block *)(ablock->options_block);
- BOOL handled_empty_ir;
- uschar *store_reset_point;
- uschar *keytab;
- uschar sasl_config[4];
- uschar requested_qop;
-
- store_reset_point = store_get(0);
-
- HDEBUG(D_auth)
- debug_printf("heimdal: initialising auth context for %s\n", ablock->name);
-
- /* Construct our gss_name_t gserver describing ourselves */
- tmp1 = expand_string(ob->server_service);
- tmp2 = expand_string(ob->server_hostname);
- ex_server_str = string_sprintf("%s@%s", tmp1, tmp2);
- gbufdesc.value = (void *) ex_server_str;
- gbufdesc.length = Ustrlen(ex_server_str);
- maj_stat = gss_import_name(&min_stat,
- &gbufdesc, GSS_C_NT_HOSTBASED_SERVICE, &gserver);
+gss_name_t gclient = GSS_C_NO_NAME;
+gss_name_t gserver = GSS_C_NO_NAME;
+gss_cred_id_t gcred = GSS_C_NO_CREDENTIAL;
+gss_ctx_id_t gcontext = GSS_C_NO_CONTEXT;
+uschar *ex_server_str;
+gss_buffer_desc gbufdesc = GSS_C_EMPTY_BUFFER;
+gss_buffer_desc gbufdesc_in = GSS_C_EMPTY_BUFFER;
+gss_buffer_desc gbufdesc_out = GSS_C_EMPTY_BUFFER;
+gss_OID mech_type;
+OM_uint32 maj_stat, min_stat;
+int step, error_out;
+uschar *tmp1, *tmp2, *from_client;
+auth_heimdal_gssapi_options_block *ob =
+ (auth_heimdal_gssapi_options_block *)(ablock->options_block);
+BOOL handled_empty_ir;
+uschar *store_reset_point;
+uschar *keytab;
+uschar sasl_config[4];
+uschar requested_qop;
+
+store_reset_point = store_get(0);
+
+HDEBUG(D_auth)
+ debug_printf("heimdal: initialising auth context for %s\n", ablock->name);
+
+/* Construct our gss_name_t gserver describing ourselves */
+tmp1 = expand_string(ob->server_service);
+tmp2 = expand_string(ob->server_hostname);
+ex_server_str = string_sprintf("%s@%s", tmp1, tmp2);
+gbufdesc.value = (void *) ex_server_str;
+gbufdesc.length = Ustrlen(ex_server_str);
+maj_stat = gss_import_name(&min_stat,
+ &gbufdesc, GSS_C_NT_HOSTBASED_SERVICE, &gserver);
+if (GSS_ERROR(maj_stat))
+ return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
+ "gss_import_name(%s)", CS gbufdesc.value);
+
+/* Use a specific keytab, if specified */
+if (ob->server_keytab)
+ {
+ keytab = expand_string(ob->server_keytab);
+ maj_stat = gsskrb5_register_acceptor_identity(CCS keytab);
if (GSS_ERROR(maj_stat))
return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
- "gss_import_name(%s)", CS gbufdesc.value);
-
- /* Use a specific keytab, if specified */
- if (ob->server_keytab) {
- keytab = expand_string(ob->server_keytab);
- maj_stat = gsskrb5_register_acceptor_identity(CCS keytab);
- if (GSS_ERROR(maj_stat))
- return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
- "registering keytab \"%s\"", keytab);
- HDEBUG(D_auth)
- debug_printf("heimdal: using keytab \"%s\"\n", keytab);
+ "registering keytab \"%s\"", keytab);
+ HDEBUG(D_auth)
+ debug_printf("heimdal: using keytab \"%s\"\n", keytab);
}
- /* Acquire our credentials */
- maj_stat = gss_acquire_cred(&min_stat,
- gserver, /* desired name */
- 0, /* time */
- GSS_C_NULL_OID_SET, /* desired mechs */
- GSS_C_ACCEPT, /* cred usage */
- &gcred, /* handle */
- NULL /* actual mechs */,
- NULL /* time rec */);
- if (GSS_ERROR(maj_stat))
- return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
- "gss_acquire_cred(%s)", ex_server_str);
-
- maj_stat = gss_release_name(&min_stat, &gserver);
-
- HDEBUG(D_auth) debug_printf("heimdal: have server credentials.\n");
-
- /* Loop talking to client */
- step = 0;
- from_client = initial_data;
- handled_empty_ir = FALSE;
- error_out = OK;
-
- /* buffer sizes: auth_get_data() uses big_buffer, which we grow per
- GSSAPI RFC in _init, if needed, to meet the SHOULD size of 64KB.
- (big_buffer starts life at the MUST size of 16KB). */
-
- /* step values
- 0: getting initial data from client to feed into GSSAPI
- 1: iterating for as long as GSS_S_CONTINUE_NEEDED
- 2: GSS_S_COMPLETE, SASL wrapping for authz and qop to send to client
- 3: unpick final auth message from client
- 4: break/finish (non-step)
- */
- while (step < 4) {
- switch (step) {
- case 0:
- if (!from_client || *from_client == '\0') {
- if (handled_empty_ir) {
- HDEBUG(D_auth) debug_printf("gssapi: repeated empty input, grr.\n");
- error_out = BAD64;
- goto ERROR_OUT;
- } else {
- HDEBUG(D_auth) debug_printf("gssapi: missing initial response, nudging.\n");
- error_out = auth_get_data(&from_client, US"", 0);
- if (error_out != OK)
- goto ERROR_OUT;
- handled_empty_ir = TRUE;
- continue;
- }
- }
- /* We should now have the opening data from the client, base64-encoded. */
- step += 1;
- HDEBUG(D_auth) debug_printf("heimdal: have initial client data\n");
- break;
-
- case 1:
- gbufdesc_in.length = b64decode(from_client, USS &gbufdesc_in.value);
- if (gclient) {
- maj_stat = gss_release_name(&min_stat, &gclient);
- gclient = GSS_C_NO_NAME;
- }
- maj_stat = gss_accept_sec_context(&min_stat,
- &gcontext, /* context handle */
- gcred, /* acceptor cred handle */
- &gbufdesc_in, /* input from client */
- GSS_C_NO_CHANNEL_BINDINGS, /* XXX fixme: use the channel bindings from GnuTLS */
- &gclient, /* client identifier */
- &mech_type, /* mechanism in use */
- &gbufdesc_out, /* output to send to client */
- NULL, /* return flags */
- NULL, /* time rec */
- NULL /* delegated cred_handle */
- );
- if (GSS_ERROR(maj_stat)) {
- exim_gssapi_error_defer(NULL, maj_stat, min_stat,
- "gss_accept_sec_context()");
- error_out = FAIL;
- goto ERROR_OUT;
- }
- if (gbufdesc_out.length != 0) {
- error_out = auth_get_data(&from_client,
- gbufdesc_out.value, gbufdesc_out.length);
- if (error_out != OK)
- goto ERROR_OUT;
-
- gss_release_buffer(&min_stat, &gbufdesc_out);
- EmptyBuf(gbufdesc_out);
- }
- if (maj_stat == GSS_S_COMPLETE) {
- step += 1;
- HDEBUG(D_auth) debug_printf("heimdal: GSS complete\n");
- } else {
- HDEBUG(D_auth) debug_printf("heimdal: need more data\n");
- }
- break;
-
- case 2:
- memset(sasl_config, 0xFF, 4);
- /* draft-ietf-sasl-gssapi-06.txt defines bitmasks for first octet
- 0x01 No security layer
- 0x02 Integrity protection
- 0x04 Confidentiality protection
-
- The remaining three octets are the maximum buffer size for wrapped
- content. */
- sasl_config[0] = 0x01; /* Exim does not wrap/unwrap SASL layers after auth */
- gbufdesc.value = (void *) sasl_config;
- gbufdesc.length = 4;
- maj_stat = gss_wrap(&min_stat,
- gcontext,
- 0, /* conf_req_flag: integrity only */
- GSS_C_QOP_DEFAULT, /* qop requested */
- &gbufdesc, /* message to protect */
- NULL, /* conf_state: no confidentiality applied */
- &gbufdesc_out /* output buffer */
- );
- if (GSS_ERROR(maj_stat)) {
- exim_gssapi_error_defer(NULL, maj_stat, min_stat,
- "gss_wrap(SASL state after auth)");
- error_out = FAIL;
- goto ERROR_OUT;
- }
-
- HDEBUG(D_auth) debug_printf("heimdal SASL: requesting QOP with no security layers\n");
-
- error_out = auth_get_data(&from_client,
- gbufdesc_out.value, gbufdesc_out.length);
- if (error_out != OK)
- goto ERROR_OUT;
-
- gss_release_buffer(&min_stat, &gbufdesc_out);
- EmptyBuf(gbufdesc_out);
- step += 1;
- break;
-
- case 3:
- gbufdesc_in.length = b64decode(from_client, USS &gbufdesc_in.value);
- maj_stat = gss_unwrap(&min_stat,
- gcontext,
- &gbufdesc_in, /* data from client */
- &gbufdesc_out, /* results */
- NULL, /* conf state */
- NULL /* qop state */
- );
- if (GSS_ERROR(maj_stat)) {
- exim_gssapi_error_defer(NULL, maj_stat, min_stat,
- "gss_unwrap(final SASL message from client)");
- error_out = FAIL;
- goto ERROR_OUT;
- }
- if (gbufdesc_out.length < 4) {
- HDEBUG(D_auth)
- debug_printf("gssapi: final message too short; "
- "need flags, buf sizes and optional authzid\n");
- error_out = FAIL;
- goto ERROR_OUT;
- }
-
- requested_qop = (CS gbufdesc_out.value)[0];
- if ((requested_qop & 0x01) == 0) {
- HDEBUG(D_auth)
- debug_printf("gssapi: client requested security layers (%x)\n",
- (unsigned int) requested_qop);
- error_out = FAIL;
- goto ERROR_OUT;
- }
-
- for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
- expand_nmax = 0;
-
- /* Identifiers:
- The SASL provided identifier is an unverified authzid.
- GSSAPI provides us with a verified identifier, but it might be empty
- for some clients.
- */
-
- /* $auth2 is authzid requested at SASL layer */
- if (gbufdesc_out.length > 4) {
- expand_nlength[2] = gbufdesc_out.length - 4;
- auth_vars[1] = expand_nstring[2] =
- string_copyn((US gbufdesc_out.value) + 4, expand_nlength[2]);
- expand_nmax = 2;
- }
-
- gss_release_buffer(&min_stat, &gbufdesc_out);
- EmptyBuf(gbufdesc_out);
-
- /* $auth1 is GSSAPI display name */
- maj_stat = gss_display_name(&min_stat,
- gclient,
- &gbufdesc_out,
- &mech_type);
- if (GSS_ERROR(maj_stat)) {
- auth_vars[1] = expand_nstring[2] = NULL;
- expand_nmax = 0;
- exim_gssapi_error_defer(NULL, maj_stat, min_stat,
- "gss_display_name(client identifier)");
- error_out = FAIL;
- goto ERROR_OUT;
- }
-
- expand_nlength[1] = gbufdesc_out.length;
- auth_vars[0] = expand_nstring[1] =
- string_copyn(gbufdesc_out.value, gbufdesc_out.length);
-
- if (expand_nmax == 0) { /* should be: authzid was empty */
- expand_nmax = 2;
- expand_nlength[2] = expand_nlength[1];
- auth_vars[1] = expand_nstring[2] = string_copyn(expand_nstring[1], expand_nlength[1]);
- HDEBUG(D_auth)
- debug_printf("heimdal SASL: empty authzid, set to dup of GSSAPI display name\n");
- }
-
- HDEBUG(D_auth)
- debug_printf("heimdal SASL: happy with client request\n"
- " auth1 (verified GSSAPI display-name): \"%s\"\n"
- " auth2 (unverified SASL requested authzid): \"%s\"\n",
- auth_vars[0], auth_vars[1]);
-
- step += 1;
- break;
+/* Acquire our credentials */
+maj_stat = gss_acquire_cred(&min_stat,
+ gserver, /* desired name */
+ 0, /* time */
+ GSS_C_NULL_OID_SET, /* desired mechs */
+ GSS_C_ACCEPT, /* cred usage */
+ &gcred, /* handle */
+ NULL /* actual mechs */,
+ NULL /* time rec */);
+if (GSS_ERROR(maj_stat))
+ return exim_gssapi_error_defer(store_reset_point, maj_stat, min_stat,
+ "gss_acquire_cred(%s)", ex_server_str);
+
+maj_stat = gss_release_name(&min_stat, &gserver);
+
+HDEBUG(D_auth) debug_printf("heimdal: have server credentials.\n");
+
+/* Loop talking to client */
+step = 0;
+from_client = initial_data;
+handled_empty_ir = FALSE;
+error_out = OK;
+
+/* buffer sizes: auth_get_data() uses big_buffer, which we grow per
+GSSAPI RFC in _init, if needed, to meet the SHOULD size of 64KB.
+(big_buffer starts life at the MUST size of 16KB). */
+
+/* step values
+0: getting initial data from client to feed into GSSAPI
+1: iterating for as long as GSS_S_CONTINUE_NEEDED
+2: GSS_S_COMPLETE, SASL wrapping for authz and qop to send to client
+3: unpick final auth message from client
+4: break/finish (non-step)
+*/
+while (step < 4)
+ switch (step)
+ {
+ case 0:
+ if (!from_client || *from_client == '\0')
+ {
+ if (handled_empty_ir)
+ {
+ HDEBUG(D_auth) debug_printf("gssapi: repeated empty input, grr.\n");
+ error_out = BAD64;
+ goto ERROR_OUT;
+ }
+ else
+ {
+ HDEBUG(D_auth) debug_printf("gssapi: missing initial response, nudging.\n");
+ error_out = auth_get_data(&from_client, US"", 0);
+ if (error_out != OK)
+ goto ERROR_OUT;
+ handled_empty_ir = TRUE;
+ continue;
+ }
+ }
+ /* We should now have the opening data from the client, base64-encoded. */
+ step += 1;
+ HDEBUG(D_auth) debug_printf("heimdal: have initial client data\n");
+ break;
+
+ case 1:
+ gbufdesc_in.length = b64decode(from_client, USS &gbufdesc_in.value);
+ if (gclient)
+ {
+ maj_stat = gss_release_name(&min_stat, &gclient);
+ gclient = GSS_C_NO_NAME;
+ }
+ maj_stat = gss_accept_sec_context(&min_stat,
+ &gcontext, /* context handle */
+ gcred, /* acceptor cred handle */
+ &gbufdesc_in, /* input from client */
+ GSS_C_NO_CHANNEL_BINDINGS, /* XXX fixme: use the channel bindings from GnuTLS */
+ &gclient, /* client identifier */
+ &mech_type, /* mechanism in use */
+ &gbufdesc_out, /* output to send to client */
+ NULL, /* return flags */
+ NULL, /* time rec */
+ NULL /* delegated cred_handle */
+ );
+ if (GSS_ERROR(maj_stat))
+ {
+ exim_gssapi_error_defer(NULL, maj_stat, min_stat,
+ "gss_accept_sec_context()");
+ error_out = FAIL;
+ goto ERROR_OUT;
+ }
+ if (gbufdesc_out.length != 0)
+ {
+ error_out = auth_get_data(&from_client,
+ gbufdesc_out.value, gbufdesc_out.length);
+ if (error_out != OK)
+ goto ERROR_OUT;
+
+ gss_release_buffer(&min_stat, &gbufdesc_out);
+ EmptyBuf(gbufdesc_out);
+ }
+ if (maj_stat == GSS_S_COMPLETE)
+ {
+ step += 1;
+ HDEBUG(D_auth) debug_printf("heimdal: GSS complete\n");
+ }
+ else
+ HDEBUG(D_auth) debug_printf("heimdal: need more data\n");
+ break;
+
+ case 2:
+ memset(sasl_config, 0xFF, 4);
+ /* draft-ietf-sasl-gssapi-06.txt defines bitmasks for first octet
+ 0x01 No security layer
+ 0x02 Integrity protection
+ 0x04 Confidentiality protection
+
+ The remaining three octets are the maximum buffer size for wrapped
+ content. */
+ sasl_config[0] = 0x01; /* Exim does not wrap/unwrap SASL layers after auth */
+ gbufdesc.value = (void *) sasl_config;
+ gbufdesc.length = 4;
+ maj_stat = gss_wrap(&min_stat,
+ gcontext,
+ 0, /* conf_req_flag: integrity only */
+ GSS_C_QOP_DEFAULT, /* qop requested */
+ &gbufdesc, /* message to protect */
+ NULL, /* conf_state: no confidentiality applied */
+ &gbufdesc_out /* output buffer */
+ );
+ if (GSS_ERROR(maj_stat)
+ {
+ exim_gssapi_error_defer(NULL, maj_stat, min_stat,
+ "gss_wrap(SASL state after auth)");
+ error_out = FAIL;
+ goto ERROR_OUT;
+ }
+
+ HDEBUG(D_auth) debug_printf("heimdal SASL: requesting QOP with no security layers\n");
+
+ error_out = auth_get_data(&from_client,
+ gbufdesc_out.value, gbufdesc_out.length);
+ if (error_out != OK)
+ goto ERROR_OUT;
+
+ gss_release_buffer(&min_stat, &gbufdesc_out);
+ EmptyBuf(gbufdesc_out);
+ step += 1;
+ break;
+
+ case 3:
+ gbufdesc_in.length = b64decode(from_client, USS &gbufdesc_in.value);
+ maj_stat = gss_unwrap(&min_stat,
+ gcontext,
+ &gbufdesc_in, /* data from client */
+ &gbufdesc_out, /* results */
+ NULL, /* conf state */
+ NULL /* qop state */
+ );
+ if (GSS_ERROR(maj_stat))
+ {
+ exim_gssapi_error_defer(NULL, maj_stat, min_stat,
+ "gss_unwrap(final SASL message from client)");
+ error_out = FAIL;
+ goto ERROR_OUT;
+ }
+ if (gbufdesc_out.length < 4)
+ {
+ HDEBUG(D_auth)
+ debug_printf("gssapi: final message too short; "
+ "need flags, buf sizes and optional authzid\n");
+ error_out = FAIL;
+ goto ERROR_OUT;
+ }
+
+ requested_qop = (CS gbufdesc_out.value)[0];
+ if ((requested_qop & 0x01) == 0)
+ {
+ HDEBUG(D_auth)
+ debug_printf("gssapi: client requested security layers (%x)\n",
+ (unsigned int) requested_qop);
+ error_out = FAIL;
+ goto ERROR_OUT;
+ }
+
+ for (int i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
+ expand_nmax = 0;
+
+ /* Identifiers:
+ The SASL provided identifier is an unverified authzid.
+ GSSAPI provides us with a verified identifier, but it might be empty
+ for some clients.
+ */
+
+ /* $auth2 is authzid requested at SASL layer */
+ if (gbufdesc_out.length > 4)
+ {
+ expand_nlength[2] = gbufdesc_out.length - 4;
+ auth_vars[1] = expand_nstring[2] =
+ string_copyn((US gbufdesc_out.value) + 4, expand_nlength[2]);
+ expand_nmax = 2;
+ }
+
+ gss_release_buffer(&min_stat, &gbufdesc_out);
+ EmptyBuf(gbufdesc_out);
+
+ /* $auth1 is GSSAPI display name */
+ maj_stat = gss_display_name(&min_stat,
+ gclient,
+ &gbufdesc_out,
+ &mech_type);
+ if (GSS_ERROR(maj_stat))
+ {
+ auth_vars[1] = expand_nstring[2] = NULL;
+ expand_nmax = 0;
+ exim_gssapi_error_defer(NULL, maj_stat, min_stat,
+ "gss_display_name(client identifier)");
+ error_out = FAIL;
+ goto ERROR_OUT;
+ }
+
+ expand_nlength[1] = gbufdesc_out.length;
+ auth_vars[0] = expand_nstring[1] =
+ string_copyn(gbufdesc_out.value, gbufdesc_out.length);
+
+ if (expand_nmax == 0) /* should be: authzid was empty */
+ {
+ expand_nmax = 2;
+ expand_nlength[2] = expand_nlength[1];
+ auth_vars[1] = expand_nstring[2] = string_copyn(expand_nstring[1], expand_nlength[1]);
+ HDEBUG(D_auth)
+ debug_printf("heimdal SASL: empty authzid, set to dup of GSSAPI display name\n");
+ }
+
+ HDEBUG(D_auth)
+ debug_printf("heimdal SASL: happy with client request\n"
+ " auth1 (verified GSSAPI display-name): \"%s\"\n"
+ " auth2 (unverified SASL requested authzid): \"%s\"\n",
+ auth_vars[0], auth_vars[1]);
+
+ step += 1;
+ break;
} /* switch */
- } /* while step */
+ /* while step */
ERROR_OUT:
- maj_stat = gss_release_cred(&min_stat, &gcred);
- if (gclient) {
- gss_release_name(&min_stat, &gclient);
- gclient = GSS_C_NO_NAME;
- }
- if (gbufdesc_out.length) {
- gss_release_buffer(&min_stat, &gbufdesc_out);
- EmptyBuf(gbufdesc_out);
+maj_stat = gss_release_cred(&min_stat, &gcred);
+if (gclient)
+ {
+ gss_release_name(&min_stat, &gclient);
+ gclient = GSS_C_NO_NAME;
}
- if (gcontext != GSS_C_NO_CONTEXT) {
- gss_delete_sec_context(&min_stat, &gcontext, GSS_C_NO_BUFFER);
+if (gbufdesc_out.length)
+ {
+ gss_release_buffer(&min_stat, &gbufdesc_out);
+ EmptyBuf(gbufdesc_out);
}
+if (gcontext != GSS_C_NO_CONTEXT)
+ gss_delete_sec_context(&min_stat, &gcontext, GSS_C_NO_BUFFER);
- store_reset(store_reset_point);
+store_reset(store_reset_point);
- if (error_out != OK)
- return error_out;
+if (error_out != OK)
+ return error_out;
- /* Auth succeeded, check server_condition */
- return auth_check_serv_cond(ablock);
+/* Auth succeeded, check server_condition */
+return auth_check_serv_cond(ablock);
}
OM_uint32 major, OM_uint32 minor,
const char *format, ...)
{
- va_list ap;
- OM_uint32 maj_stat, min_stat;
- OM_uint32 msgcontext = 0;
- gss_buffer_desc status_string;
- gstring * g;
-
- HDEBUG(D_auth)
- {
- va_start(ap, format);
- g = string_vformat(NULL, TRUE, format, ap);
- va_end(ap);
- }
+va_list ap;
+OM_uint32 maj_stat, min_stat;
+OM_uint32 msgcontext = 0;
+gss_buffer_desc status_string;
+gstring * g;
+
+HDEBUG(D_auth)
+ {
+ va_start(ap, format);
+ g = string_vformat(NULL, TRUE, format, ap);
+ va_end(ap);
+ }
- auth_defer_msg = NULL;
+auth_defer_msg = NULL;
- do {
- maj_stat = gss_display_status(&min_stat,
- major, GSS_C_GSS_CODE, GSS_C_NO_OID, &msgcontext, &status_string);
+do {
+ maj_stat = gss_display_status(&min_stat,
+ major, GSS_C_GSS_CODE, GSS_C_NO_OID, &msgcontext, &status_string);
- if (!auth_defer_msg)
- auth_defer_msg = string_copy(US status_string.value);
+ if (!auth_defer_msg)
+ auth_defer_msg = string_copy(US status_string.value);
- HDEBUG(D_auth) debug_printf("heimdal %s: %.*s\n",
- string_from_gstring(g), (int)status_string.length,
- CS status_string.value);
- gss_release_buffer(&min_stat, &status_string);
+ HDEBUG(D_auth) debug_printf("heimdal %s: %.*s\n",
+ string_from_gstring(g), (int)status_string.length,
+ CS status_string.value);
+ gss_release_buffer(&min_stat, &status_string);
} while (msgcontext != 0);
- if (store_reset_point)
- store_reset(store_reset_point);
- return DEFER;
+if (store_reset_point)
+ store_reset(store_reset_point);
+return DEFER;
}
uschar *buffer, /* buffer for reading response */
int buffsize) /* size of buffer */
{
- HDEBUG(D_auth)
- debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
- /* NOT IMPLEMENTED */
- return FAIL;
+HDEBUG(D_auth)
+ debug_printf("Client side NOT IMPLEMENTED: you should not see this!\n");
+/* NOT IMPLEMENTED */
+return FAIL;
}
/*************************************************
void
auth_heimdal_gssapi_version_report(FILE *f)
{
- /* No build-time constants available unless we link against libraries at
- build-time and export the result as a string into a header ourselves. */
- fprintf(f, "Library version: Heimdal: Runtime: %s\n"
- " Build Info: %s\n",
- heimdal_version, heimdal_long_version);
+/* No build-time constants available unless we link against libraries at
+build-time and export the result as a string into a header ourselves. */
+fprintf(f, "Library version: Heimdal: Runtime: %s\n"
+ " Build Info: %s\n",
+ heimdal_version, heimdal_long_version);
}
#endif /*!MACRO_PREDEF*/
register unsigned int b = base->abcd[1];
register unsigned int c = base->abcd[2];
register unsigned int d = base->abcd[3];
-int i;
unsigned int X[16];
base->length += 64;
/* Load the 64 bytes into a set of working integers, treating them as 32-bit
numbers in little-endian order. */
-for (i = 0; i < 16; i++)
+for (int i = 0; i < 16; i++)
{
X[i] = (unsigned int)(text[0]) |
((unsigned int)(text[1]) << 8) |
void
md5_end(md5 *base, const uschar *text, int length, uschar *digest)
{
-int i;
uschar work[64];
/* Process in chunks of 64 until we have less than 64 bytes left. */
/* Pass back the result, low-order byte first in each word. */
-for (i = 0; i < 4; i++)
+for (int i = 0; i < 4; i++)
{
register int x = base->abcd[i];
*digest++ = x & 0xff;
for (i = 0; i < sizeof(tests)/sizeof(uschar *); i += 2)
{
- int j;
uschar s[33];
printf("%s\nShould be: %s\n", tests[i], tests[i+1]);
md5_start(&base);
md5_end(&base, tests[i], strlen(tests[i]), digest);
- for (j = 0; j < 16; j++) sprintf(s+2*j, "%02x", digest[j]);
+ for (int j = 0; j < 16; j++) sprintf(s+2*j, "%02x", digest[j]);
printf("Computed: %s\n", s);
if (strcmp(s, tests[i+1]) != 0) printf("*** No match ***\n");
printf("\n");
while ((s = string_nextinlist(&text, &sep, big_buffer, big_buffer_size)))
{
- int i, len, clear_len;
+ int len, clear_len;
uschar *ss = expand_string(s);
uschar *clear;
/* The character ^ is used as an escape for a binary zero character, which is
needed for the PLAIN mechanism. It must be doubled if really needed. */
- for (i = 0; i < len; i++)
+ for (int i = 0; i < len; i++)
if (ss[i] == '^')
if (ss[i+1] != '^')
ss[i] = 0;
mime_decode_base64(FILE * in, FILE * out, uschar * boundary)
{
uschar ibuf[MIME_MAX_LINE_LENGTH], obuf[MIME_MAX_LINE_LENGTH];
-uschar *ipos, *opos;
+uschar *opos;
ssize_t len, size = 0;
int bytestate = 0;
)
break;
- for (ipos = ibuf ; *ipos != '\r' && *ipos != '\n' && *ipos != 0; ++ipos)
+ for (uschar * ipos = ibuf ; *ipos != '\r' && *ipos != '\n' && *ipos; ++ipos)
if (*ipos == '=') /* skip padding */
++bytestate;
if ((max_for_this_host > 0) &&
(smtp_accept_count >= max_for_this_host))
{
- int i;
int host_accept_count = 0;
int other_host_count = 0; /* keep a count of non matches to optimise */
- for (i = 0; i < smtp_accept_max; ++i)
+ for (int i = 0; i < smtp_accept_max; ++i)
if (smtp_slots[i].host_address)
{
if (Ustrcmp(sender_host_address, smtp_slots[i].host_address) == 0)
{
if (smtp_out)
{
- int i, fd = fileno(smtp_in);
+ int fd = fileno(smtp_in);
uschar buf[128];
mac_smtp_fflush();
/* drain socket, for clean TCP FINs */
if (fcntl(fd, F_SETFL, O_NONBLOCK) == 0)
- for(i = 16; read(fd, buf, sizeof(buf)) > 0 && i > 0; ) i--;
+ for(int i = 16; read(fd, buf, sizeof(buf)) > 0 && i > 0; ) i--;
}
cancel_cutthrough_connection(TRUE, US"message setup dropped");
search_tidyup();
DEBUG(D_receive)
{
- int i;
if (sender_address)
debug_printf("Sender: %s\n", sender_address);
if (recipients_list)
{
debug_printf("Recipients:\n");
- for (i = 0; i < recipients_count; i++)
+ for (int i = 0; i < recipients_count; i++)
debug_printf(" %s\n", recipients_list[i].address);
}
}
never_error(US"daemon: accept process fork failed", US"Fork failed", errno);
else
{
- int i;
- for (i = 0; i < smtp_accept_max; ++i)
+ for (int i = 0; i < smtp_accept_max; ++i)
if (smtp_slots[i].pid <= 0)
{
smtp_slots[i].pid = pid;
for (ipa = addresses; ipa; ipa = ipa->next)
{
- int i;
-
if (Ustrcmp(ipa->address, "0.0.0.0") == 0)
ipa->address[0] = 0;
else if (Ustrcmp(ipa->address, "::0") == 0)
ipa->address[1] == 0 ? US"\"all IPv6\"" : ipa->address);
ipa->port = default_smtp_port[0];
- for (i = 1; default_smtp_port[i] > 0; i++)
+ for (int i = 1; default_smtp_port[i] > 0; i++)
{
ip_address_item *new = store_get(sizeof(ip_address_item));
if (smtp_accept_max > 0)
{
- int i;
smtp_slots = store_get(smtp_accept_max * sizeof(smtp_slot));
- for (i = 0; i < smtp_accept_max; i++) smtp_slots[i] = empty_smtp_slot;
+ for (int i = 0; i < smtp_accept_max; i++) smtp_slots[i] = empty_smtp_slot;
}
}
if (queue_interval > 0 && local_queue_run_max > 0)
{
- int i;
queue_pid_slots = store_get(local_queue_run_max * sizeof(pid_t));
- for (i = 0; i < local_queue_run_max; i++) queue_pid_slots[i] = 0;
+ for (int i = 0; i < local_queue_run_max; i++) queue_pid_slots[i] = 0;
}
/* Set up the handler for termination of child processes. */
else if (f.daemon_listen)
{
- int i, j;
int smtp_ports = 0;
int smtps_ports = 0;
ip_address_item * ipa, * i2;
deprecated protocol that starts TLS without using STARTTLS), and others
listening for standard SMTP. Keep their listings separate. */
- for (j = 0; j < 2; j++)
+ for (int j = 0; j < 2; j++)
{
+ int i;
for (i = 0, ipa = addresses; i < 10 && ipa; i++, ipa = ipa->next)
{
/* First time round, look for SMTP ports; second time round, look for
{
if ((pid = fork()) == 0)
{
- int sk;
-
DEBUG(D_any) debug_printf("Starting queue-runner: pid %d\n",
(int)getpid());
/* Close any open listening sockets in the child */
- for (sk = 0; sk < listen_socket_count; sk++)
+ for (int sk = 0; sk < listen_socket_count; sk++)
(void)close(listen_sockets[sk]);
/* Reset SIGHUP and SIGCHLD in the child in both cases. */
}
else
{
- int i;
- for (i = 0; i < local_queue_run_max; ++i)
+ for (int i = 0; i < local_queue_run_max; ++i)
if (queue_pid_slots[i] <= 0)
{
queue_pid_slots[i] = pid;
break;
}
DEBUG(D_any) debug_printf("%d queue-runner process%s running\n",
- queue_run_count, (queue_run_count == 1)? "" : "es");
+ queue_run_count, queue_run_count == 1 ? "" : "es");
}
}
if (f.daemon_listen)
{
- int sk, lcount, select_errno;
+ int lcount, select_errno;
int max_socket = 0;
BOOL select_failed = FALSE;
fd_set select_listen;
FD_ZERO(&select_listen);
- for (sk = 0; sk < listen_socket_count; sk++)
+ for (int sk = 0; sk < listen_socket_count; sk++)
{
FD_SET(listen_sockets[sk], &select_listen);
if (listen_sockets[sk] > max_socket) max_socket = listen_sockets[sk];
int accept_socket = -1;
if (!select_failed)
- for (sk = 0; sk < listen_socket_count; sk++)
+ for (int sk = 0; sk < listen_socket_count; sk++)
if (FD_ISSET(listen_sockets[sk], &select_listen))
{
len = sizeof(accepted);
if (sighup_seen)
{
- int sk;
log_write(0, LOG_MAIN, "pid %d: SIGHUP received: re-exec daemon",
getpid());
- for (sk = 0; sk < listen_socket_count; sk++)
+ for (int sk = 0; sk < listen_socket_count; sk++)
(void)close(listen_sockets[sk]);
ALARM_CLR(0);
signal(SIGHUP, SIG_IGN);
*/
for (matched = 0; !matched && slist; slist = slist->next)
{
- dane_mtype_list m;
unsigned char mdbuf[EVP_MAX_MD_SIZE];
unsigned char *buf = NULL;
unsigned char *buf2;
/*
* Loop over each mtype and data element
*/
- for (m = slist->value->mtype; !matched && m; m = m->next)
+ for (dane_mtype_list m = slist->value->mtype; !matched && m; m = m->next)
{
- dane_data_list d;
unsigned char *cmpbuf = buf;
unsigned int cmplen = len;
if (!EVP_Digest(buf, len, cmpbuf, &cmplen, m->value->md, 0))
matched = -1;
}
- for (d = m->value->data; !matched && d; d = d->next)
+ for (dane_data_list d = m->value->data; !matched && d; d = d->next)
if ( cmplen == d->value->datalen
&& memcmp(cmpbuf, d->value->data, cmplen) == 0)
matched = slist->value->selector + 1;
{
if (akid && akid->issuer)
{
- int i;
GENERAL_NAMES *gens = akid->issuer;
- for (i = 0; i < sk_GENERAL_NAME_num(gens); ++i)
+ for (int i = 0; i < sk_GENERAL_NAME_num(gens); ++i)
{
GENERAL_NAME *gn = sk_GENERAL_NAME_value(gens, i);
static int
ta_signed(ssl_dane *dane, X509 *cert, int depth)
{
-dane_cert_list x;
-dane_pkey_list k;
EVP_PKEY *pk;
int done = 0;
* first (name comparisons), before we bother with signature checks
* (public key operations).
*/
-for (x = dane->certs; !done && x; x = x->next)
+for (dane_cert_list x = dane->certs; !done && x; x = x->next)
{
if (X509_check_issued(x->value, cert) == X509_V_OK)
{
* This may push errors onto the stack when the certificate signature is
* not of the right type or length, throw these away,
*/
-for (k = dane->pkeys; !done && k; k = k->next)
+for (dane_pkey_list k = dane->pkeys; !done && k; k = k->next)
if (X509_verify(cert, k->value) > 0)
done = wrap_issuer(dane, k->value, cert, depth, WRAP_MID) ? 1 : -1;
else
set_trust_anchor(X509_STORE_CTX *ctx, ssl_dane *dane, X509 *cert)
{
int matched = 0;
-int n;
-int i;
int depth = 0;
EVP_PKEY *takey;
X509 *ca;
*
* Caller ensures that the initial certificate is not self-signed.
*/
-for (n = sk_X509_num(in); n > 0; --n, ++depth)
+for (int n = sk_X509_num(in); n > 0; --n, ++depth)
{
+ int i;
for (i = 0; i < n; ++i)
if (X509_check_issued(sk_X509_value(in, i), cert) == X509_V_OK)
break;
match_name(const char *certid, ssl_dane *dane)
{
int multi = dane->multi;
-dane_host_list hosts;
-for (hosts = dane->hosts; hosts; hosts = hosts->next)
+for (dane_host_list hosts = dane->hosts; hosts; hosts = hosts->next)
{
int match_subdomain = 0;
const char *domain = hosts->value;
if (gens)
{
int n = sk_GENERAL_NAME_num(gens);
- int i;
- for (i = 0; i < n; ++i)
+ for (int i = 0; i < n; ++i)
{
const GENERAL_NAME *gn = sk_GENERAL_NAME_value(gens, i);
const char *certid;
static void
list_free(void *list, void (*f)(void *))
{
-dane_list head;
dane_list next;
-for (head = (dane_list) list; head; head = next)
+for (dane_list head = (dane_list) list; head; head = next)
{
next = head->next;
if (f && head->value)
DANESSL_cleanup(SSL *ssl)
{
ssl_dane *dane;
-int u;
DEBUG(D_tls) debug_printf("Dane lib-cleanup\n");
dane_reset(dane);
if (dane->hosts)
list_free(dane->hosts, ossl_free);
-for (u = 0; u <= DANESSL_USAGE_LAST; ++u)
+for (int u = 0; u <= DANESSL_USAGE_LAST; ++u)
if (dane->selectors[u])
list_free(dane->selectors[u], dane_selector_free);
if (dane->pkeys)
DANESSL_init(SSL *ssl, const char *sni_domain, const char **hostnames)
{
ssl_dane *dane;
-int i;
DEBUG(D_tls) debug_printf("Dane ssl_init\n");
if (dane_idx < 0)
dane->count = 0;
dane->hosts = 0;
-for (i = 0; i <= DANESSL_USAGE_LAST; ++i)
+for (int i = 0; i <= DANESSL_USAGE_LAST; ++i)
dane->selectors[i] = 0;
if (hostnames && (dane->hosts = host_list_init(hostnames)) == 0)
static void
tree_printsub(tree_node *p, int pos, int barswitch)
{
-int i;
if (p->right) tree_printsub(p->right, pos+2, 1);
-for (i = 0; i <= pos-1; i++) debug_printf("%c", tree_printline[i]);
+for (int i = 0; i <= pos-1; i++) debug_printf("%c", tree_printline[i]);
debug_printf("-->%s [%d]\n", p->name, p->balance);
tree_printline[pos] = barswitch? '|' : ' ';
if (p->left)
void
debug_print_tree(tree_node *p)
{
-int i;
-for (i = 0; i < tree_printlinesize; i++) tree_printline[i] = ' ';
+for (int i = 0; i < tree_printlinesize; i++) tree_printline[i] = ' ';
if (!p) debug_printf("Empty Tree\n"); else tree_printsub(p, 0, 0);
debug_printf("---- End of tree ----\n");
}
if (indent > 0)
{
- int i;
- for (i = indent >> 2; i > 0; i--)
+ for (int i = indent >> 2; i > 0; i--)
DEBUG(D_noutf8)
{
Ustrcpy(debug_ptr, " !");
else
{
- address_item *addr2;
if (testflag(addr, af_pfr))
{
if (testflag(addr, af_file)) address_file = addr->local_part;
else if (addr->local_part[0] == '|') address_pipe = addr->local_part;
}
- for (addr2 = addr->next; addr2; addr2 = addr2->next)
+ for (address_item * addr2 = addr->next; addr2; addr2 = addr2->next)
{
if (deliver_domain && Ustrcmp(deliver_domain, addr2->domain) != 0)
deliver_domain = NULL;
static int
open_msglog_file(uschar *filename, int mode, uschar **error)
{
-int fd, i;
-
-for (i = 2; i > 0; i--)
+for (int i = 2; i > 0; i--)
{
- fd = Uopen(filename,
+ int fd = Uopen(filename,
#ifdef O_CLOEXEC
O_CLOEXEC |
#endif
static void
replicate_status(address_item *addr)
{
-address_item *addr2;
-for (addr2 = addr->next; addr2; addr2 = addr2->next)
+for (address_item * addr2 = addr->next; addr2; addr2 = addr2->next)
{
addr2->transport = addr->transport;
addr2->transport_return = addr->transport_return;
static void
address_done(address_item *addr, uschar *now)
{
-address_item *dup;
-
update_spool = TRUE; /* Ensure spool gets updated */
/* Top-level address */
/* Check the list of duplicate addresses and ensure they are now marked
done as well. */
-for (dup = addr_duplicate; dup; dup = dup->next)
+for (address_item * dup = addr_duplicate; dup; dup = dup->next)
if (Ustrcmp(addr->unique, dup->unique) == 0)
{
tree_add_nonrecipient(dup->unique);
static void
child_done(address_item *addr, uschar *now)
{
-address_item *aa;
while (addr->parent)
{
+ address_item *aa;
+
addr = addr->parent;
if (--addr->child_count > 0) return; /* Incomplete parent */
address_done(addr, now);
&& addr->parent != topaddr)
{
uschar *s = US" (";
- address_item *addr2;
- for (addr2 = addr->parent; addr2 != topaddr; addr2 = addr2->parent)
+ for (address_item * addr2 = addr->parent; addr2 != topaddr; addr2 = addr2->parent)
{
g = string_catn(g, s, 2);
g = string_cat (g, addr2->address);
&& (addr->host_used || Ustrcmp(addr->transport->driver_name, "lmtp") == 0)
)
{
- unsigned i;
unsigned lim = big_buffer_size < 1024 ? big_buffer_size : 1024;
uschar *p = big_buffer;
uschar *ss = addr->message;
*p++ = '\"';
- for (i = 0; i < lim && ss[i] != 0; i++) /* limit logged amount */
+ for (int i = 0; i < lim && ss[i] != 0; i++) /* limit logged amount */
{
if (ss[i] == '\"' || ss[i] == '\\') *p++ = '\\'; /* quote \ and " */
*p++ = ss[i];
static void
common_error(BOOL logit, address_item *addr, int code, uschar *format, ...)
{
-address_item *addr2;
addr->basic_errno = code;
if (format)
addr->message = string_from_gstring(g);
}
-for (addr2 = addr->next; addr2; addr2 = addr2->next)
+for (address_item * addr2 = addr->next; addr2; addr2 = addr2->next)
{
addr2->basic_errno = code;
addr2->message = addr->message;
static BOOL
check_never_users(uid_t uid, uid_t *nusers)
{
-int i;
if (!nusers) return FALSE;
-for (i = 1; i <= (int)(nusers[0]); i++) if (nusers[i] == uid) return TRUE;
+for (int i = 1; i <= (int)(nusers[0]); i++) if (nusers[i] == uid) return TRUE;
return FALSE;
}
DEBUG(D_deliver)
{
- address_item *batched;
debug_printf(" home=%s current=%s\n", deliver_home, working_directory);
- for (batched = addr->next; batched; batched = batched->next)
+ for (address_item * batched = addr->next; batched; batched = batched->next)
debug_printf("additional batched address: %s\n", batched->address);
}
DEBUG(D_deliver)
{
- address_item *addr;
debug_printf("remote addresses after sorting:\n");
- for (addr = addr_remote; addr; addr = addr->next)
+ for (address_item * addr = addr_remote; addr; addr = addr->next)
debug_printf(" %s\n", addr->address);
}
}
remote_post_process(address_item *addr, int logflags, uschar *msg,
BOOL fallback)
{
-host_item *h;
-
/* If any host addresses were found to be unusable, add them to the unusable
tree so that subsequent deliveries don't try them. */
-for (h = addr->host_list; h; h = h->next)
+for (host_item * h = addr->host_list; h; h = h->next)
if (h->address)
if (h->status >= hstatus_unusable) tree_add_unusable(h);
do_remote_deliveries(BOOL fallback)
{
int parmax;
-int delivery_count;
int poffset;
parcount = 0; /* Number of executing subprocesses */
/* Now loop for each remote delivery */
-for (delivery_count = 0; addr_remote; delivery_count++)
+for (int delivery_count = 0; addr_remote; delivery_count++)
{
pid_t pid;
uid_t uid;
&& addr->host_list
)
{
- host_item * h;
ok = FALSE;
- for (h = addr->host_list; h; h = h->next)
+ for (host_item * h = addr->host_list; h; h = h->next)
if (Ustrcmp(h->name, continue_hostname) == 0)
/*XXX should also check port here */
{ ok = TRUE; break; }
interface to the transport. */
for (next = addr_remote; next && !f.continue_more; next = next->next)
- {
- host_item *h;
- for (h = next->host_list; h; h = h->next)
+ for (host_item * h = next->host_list; h; h = h->next)
if (Ustrcmp(h->name, continue_hostname) == 0)
{ f.continue_more = TRUE; break; }
- }
}
/* The transports set up the process info themselves as they may connect
continue_closedown(void)
{
if (continue_transport)
- {
- transport_instance *t;
- for (t = transports; t; t = t->next)
+ for (transport_instance * t = transports; t; t = t->next)
if (Ustrcmp(t->name, continue_transport) == 0)
{
if (t->info->closedown) (t->info->closedown)(t);
break;
}
- }
return DELIVER_NOT_ATTEMPTED;
}
DEBUG(D_deliver)
{
- address_item *p;
debug_printf("Delivery address list:\n");
- for (p = addr_new; p; p = p->next)
+ for (address_item * p = addr_new; p; p = p->next)
debug_printf(" %s %s\n", p->address,
p->onetime_parent ? p->onetime_parent : US"");
}
DEBUG(D_deliver|D_retry|D_route)
{
- address_item *p;
debug_printf(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n");
debug_printf("After routing:\n Local deliveries:\n");
- for (p = addr_local; p; p = p->next)
+ for (address_item * p = addr_local; p; p = p->next)
debug_printf(" %s\n", p->address);
debug_printf(" Remote deliveries:\n");
- for (p = addr_remote; p; p = p->next)
+ for (address_item * p = addr_remote; p; p = p->next)
debug_printf(" %s\n", p->address);
debug_printf(" Failed addresses:\n");
- for (p = addr_failed; p; p = p->next)
+ for (address_item * p = addr_failed; p; p = p->next)
debug_printf(" %s\n", p->address);
debug_printf(" Deferred addresses:\n");
- for (p = addr_defer; p; p = p->next)
+ for (address_item * p = addr_defer; p; p = p->next)
debug_printf(" %s\n", p->address);
}
{
if (addr_defer)
{
- address_item *addr, *nextaddr;
- for (addr = addr_defer; addr; addr = nextaddr)
+ address_item * nextaddr;
+ for (address_item * addr = addr_defer; addr; addr = nextaddr)
{
log_write(0, LOG_MAIN, "** %s mua_wrapper forced failure for deferred "
"delivery", addr->address);
else if (addr_defer != (address_item *)(+1))
{
- address_item *addr;
uschar *recipients = US"";
BOOL want_warning_msg = FALSE;
deliver_domain = testflag(addr_defer, af_pfr)
? addr_defer->parent->domain : addr_defer->domain;
- for (addr = addr_defer; addr; addr = addr->next)
+ for (address_item * addr = addr_defer; addr; addr = addr->next)
{
address_item *otaddr;
{
dns_answer dnsa;
dns_scan dnss;
-dns_record *rr;
gstring * g = NULL;
lookup_dnssec_authenticated = NULL;
/* Search for TXT record */
-for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
rr;
rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
if (rr->type == T_TXT)
void
dkim_exim_verify_log_all(void)
{
-pdkim_signature * sig;
-for (sig = dkim_signatures; sig; sig = sig->next) dkim_exim_verify_log_sig(sig);
+for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
+ dkim_exim_verify_log_sig(sig);
}
void
dkim_exim_verify_finish(void)
{
-pdkim_signature * sig;
int rc;
gstring * g = NULL;
const uschar * errstr = NULL;
/* Build a colon-separated list of signing domains (and identities, if present) in dkim_signers */
-for (sig = dkim_signatures; sig; sig = sig->next)
+for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
{
if (sig->domain) g = string_append_listele(g, ':', sig->domain);
if (sig->identity) g = string_append_listele(g, ':', sig->identity);
dkim_exim_acl_run(uschar * id, gstring ** res_ptr,
uschar ** user_msgptr, uschar ** log_msgptr)
{
-pdkim_signature * sig;
uschar * cmp_val;
int rc = -1;
/* Find signatures to run ACL on */
-for (sig = dkim_signatures; sig; sig = sig->next)
+for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
if ( (cmp_val = Ustrchr(id, '@') != NULL ? US sig->identity : US sig->domain)
&& strcmpic(cmp_val, id) == 0
)
gstring *
authres_dkim(gstring * g)
{
-pdkim_signature * sig;
int start = 0; /* compiler quietening */
DEBUG(D_acl) start = g->ptr;
-for (sig = dkim_signatures; sig; sig = sig->next)
+for (pdkim_signature * sig = dkim_signatures; sig; sig = sig->next)
{
g = string_catn(g, US";\n\tdkim=", 8);
static void
dmarc_send_forensic_report(u_char **ruf)
{
-int c;
uschar *recipient, *save_sender;
BOOL send_status = FALSE;
error_block *eblock = NULL;
da == DMARC_POLICY_DKIM_ALIGNMENT_PASS ? US"yes" : US"no");
eblock = add_to_eblock(eblock, US"DMARC Results", dmarc_status_text);
- for (c = 0; ruf[c]; c++)
+ for (int c = 0; ruf[c]; c++)
{
recipient = string_copylc(ruf[c]);
if (Ustrncmp(recipient, "mailto:",7))
if (Ustrchr(string, ':') == NULL)
#endif
{
- int i;
- for (i = 0; i < 4; i++)
+ for (int i = 0; i < 4; i++)
{
const uschar *ppp = p;
while (ppp > string && ppp[-1] != '.') ppp--;
#if HAVE_IPV6
else
{
- int i;
int v6[4];
(void)host_aton(string, v6);
nibble, and look in the ip6.int domain. The domain was subsequently
changed to ip6.arpa. */
- for (i = 3; i >= 0; i--)
- {
- int j;
- for (j = 0; j < 32; j += 4)
+ for (int i = 3; i >= 0; i--)
+ for (int j = 0; j < 32; j += 4)
pp += sprintf(CS pp, "%x.", (v6[i] >> j) & 15);
- }
Ustrcpy(pp, "ip6.arpa.");
/* Another way of doing IPv6 reverse lookups was proposed in conjunction
Ustrcpy(pp, "\\[x");
pp += 3;
- for (i = 0; i < 4; i++)
+ for (int i = 0; i < 4; i++)
{
sprintf(pp, "%08X", v6[i]);
pp += 8;
dns_extract_auth_name(const dns_answer * dnsa) /* FIXME: const dns_answer */
{
dns_scan dnss;
-dns_record * rr;
const HEADER * h = (const HEADER *) dnsa->answer;
if (h->nscount && h->aa)
- for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
+ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == (h->ancount ? T_NS : T_SOA))
return string_copy(rr->name);
dns_lookup(dns_answer *dnsa, const uschar *name, int type,
const uschar **fully_qualified_name)
{
-int i;
const uschar *orig_name = name;
BOOL secure_so_far = TRUE;
but no further... The testsuite tests the latter case, mostly assuming that the
former will work. */
-for (i = 0; i <= dns_cname_loops; i++)
+for (int i = 0; i <= dns_cname_loops; i++)
{
uschar * data;
- dns_record *rr, cname_rr, type_rr;
+ dns_record cname_rr, type_rr;
dns_scan dnss;
int rc;
area in the dnsa block. */
cname_rr.data = type_rr.data = NULL;
- for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
+ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
rr; rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == type)
{
if (rr->data + 16 <= dnsa_lim)
{
struct in6_addr in6;
- int i;
- for (i = 0; i < 16; i++) in6.s6_addr[i] = rr->data[i];
+ for (int i = 0; i < 16; i++) in6.s6_addr[i] = rr->data[i];
yield = store_get(sizeof(dns_address) + 50);
inet_ntop(AF_INET6, &in6, CS yield->address, 50);
yield->next = NULL;
void
auth_show_supported(FILE * f)
{
-auth_info * ai;
fprintf(f, "Authenticators:");
-for (ai = auths_available; ai->driver_name[0]; ai++)
+for (auth_info * ai = auths_available; ai->driver_name[0]; ai++)
fprintf(f, " %s", ai->driver_name);
fprintf(f, "\n");
}
void
route_show_supported(FILE * f)
{
-router_info * rr;
fprintf(f, "Routers:");
-for (rr = routers_available; rr->driver_name[0]; rr++)
+for (router_info * rr = routers_available; rr->driver_name[0]; rr++)
fprintf(f, " %s", rr->driver_name);
fprintf(f, "\n");
}
/* now add all lookups to the real list */
p = lookupmodules;
while (p) {
- int j;
struct lookupmodulestr *pnext;
- for (j = 0; j < p->info->lookupcount; j++)
+ for (int j = 0; j < p->info->lookupcount; j++)
add_lookup_to_list(p->info->lookups[j]);
pnext = p->next;
}
else if (Ustrcmp(keep_environment, "*") != 0)
- {
- uschar **p;
- if (environ) for (p = USS environ; *p; /* see below */)
+ if (environ) for (uschar ** p = USS environ; *p; /* see below */)
{
/* It's considered broken if we do not find the '=', according to
Florian Weimer. For now we ignore such strings. unsetenv() would complain,
store_reset(name);
}
}
- }
if (add_environment)
{
uschar * p;
if (n == 0) n = EXPAND_MAXN + 1;
if (yield)
{
- int nn;
expand_nmax = setup < 0 ? 0 : setup + 1;
- for (nn = setup < 0 ? 0 : 2; nn < n*2; nn += 2)
+ for (int nn = setup < 0 ? 0 : 2; nn < n*2; nn += 2)
{
expand_nstring[expand_nmax] = s + ovector[nn];
expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn];
void
exim_nullstd(void)
{
-int i;
int devnull = -1;
struct stat statbuf;
-for (i = 0; i <= 2; i++)
+for (int i = 0; i <= 2; i++)
{
if (fstat(i, &statbuf) < 0 && errno == EBADF)
{
save_errno = errno;
debug_printf(" auxiliary group list:");
if (group_count > 0)
- {
- int i;
- for (i = 0; i < group_count; i++) debug_printf(" %d", (int)group_list[i]);
- }
+ for (int i = 0; i < group_count; i++) debug_printf(" %d", (int)group_list[i]);
else if (group_count < 0)
debug_printf(" <error: %s>", strerror(save_errno));
else debug_printf(" <none>");
static void
show_whats_supported(FILE * fp)
{
-auth_info * authi;
-
DEBUG(D_any) {} else show_db_version(fp);
fprintf(fp, "Support for:");
Perhaps the tls_version_report should move into this too. */
DEBUG(D_any) do {
- int i;
-
/* clang defines __GNUC__ (at least, for me) so test for it first */
#if defined(__clang__)
fprintf(fp, "Compiler: CLang [%s]\n", __clang_version__);
utf8_version_report(fp);
#endif
- for (authi = auths_available; *authi->driver_name != '\0'; ++authi)
+ for (auth_info * authi = auths_available; *authi->driver_name != '\0'; ++authi)
if (authi->version_report)
(*authi->version_report)(fp);
#undef EXPAND_AND_QUOTE
init_lookup_list();
- for (i = 0; i < lookup_list_count; i++)
+ for (int i = 0; i < lookup_list_count; i++)
if (lookup_list[i]->version_report)
lookup_list[i]->version_report(fp);
static void
show_exim_information(enum commandline_info request, FILE *stream)
{
-const uschar **pp;
-
switch(request)
{
case CMDINFO_NONE:
);
return;
case CMDINFO_SIEVE:
- for (pp = exim_sieve_extension_list; *pp; ++pp)
+ for (const uschar ** pp = exim_sieve_extension_list; *pp; ++pp)
fprintf(stream, "%s\n", *pp);
return;
case CMDINFO_DSCP:
{
BOOL needs_quote = FALSE;
gstring * g;
-uschar *t;
-for (t = lpart; !needs_quote && *t != 0; t++)
+for (uschar * t = lpart; !needs_quote && *t != 0; t++)
{
needs_quote = !isalnum(*t) && strchr("!#$%&'*+-/=?^_`{|}~", *t) == NULL &&
(*t != '.' || t == lpart || t[1] == 0);
static uschar *
get_stdinput(char *(*fn_readline)(const char *), void(*fn_addhist)(const char *))
{
-int i;
gstring * g = NULL;
if (!fn_readline) { printf("> "); fflush(stdout); }
-for (i = 0;; i++)
+for (int i = 0;; i++)
{
uschar buffer[1024];
uschar *p, *ss;
macros_trusted(BOOL opt_D_used)
{
#ifdef WHITELIST_D_MACROS
-macro_item *m;
-uschar *whitelisted, *end, *p, **whites, **w;
+uschar *whitelisted, *end, *p, **whites;
int white_count, i, n;
size_t len;
BOOL prev_char_item, found;
/* The list of commandline macros should be very short.
Accept the N*M complexity. */
-for (m = macros_user; m; m = m->next) if (m->command_line)
+for (macro_item * m = macros_user; m; m = m->next) if (m->command_line)
{
found = FALSE;
- for (w = whites; *w; ++w)
+ for (uschar ** w = whites; *w; ++w)
if (Ustrcmp(*w, m->name) == 0)
{
found = TRUE;
if (!one_msg_action)
{
- int j;
- for (j = msg_action_arg; j < argc; j++) if (!mac_ismsgid(argv[j]))
+ for (int j = msg_action_arg; j < argc; j++) if (!mac_ismsgid(argv[j]))
exim_fail("exim: malformed message id %s after %s option\n",
argv[j], arg);
goto END_ARG; /* Remaining args are ids */
argument. */
if (*argrest != 0)
- {
- int i;
- for (i = 0; i < nelem(rsopts); i++)
+ for (int i = 0; i < nelem(rsopts); i++)
if (Ustrcmp(argrest, rsopts[i]) == 0)
{
if (i != 2) f.queue_run_force = TRUE;
if (i == 1 || i == 4) f.deliver_force_thaw = TRUE;
argrest += Ustrlen(rsopts[i]);
}
- }
/* -R: Set string to match in addresses for forced queue run to
pick out particular messages. */
argument. */
if (*argrest)
- {
- int i;
- for (i = 0; i < nelem(rsopts); i++)
+ for (int i = 0; i < nelem(rsopts); i++)
if (Ustrcmp(argrest, rsopts[i]) == 0)
{
if (i != 2) f.queue_run_force = TRUE;
if (i == 1 || i == 4) f.deliver_force_thaw = TRUE;
argrest += Ustrlen(rsopts[i]);
}
- }
/* -S: Set string to match in addresses for forced queue run to
pick out particular messages. */
if (real_uid == root_uid || real_uid == exim_uid || real_gid == exim_gid)
f.admin_user = TRUE;
else
- {
- int i, j;
- for (i = 0; i < group_count && !f.admin_user; i++)
+ for (int i = 0; i < group_count && !f.admin_user; i++)
if (group_list[i] == exim_gid)
f.admin_user = TRUE;
else if (admin_groups)
- for (j = 1; j <= (int)admin_groups[0] && !f.admin_user; j++)
+ for (int j = 1; j <= (int)admin_groups[0] && !f.admin_user; j++)
if (admin_groups[j] == group_list[i])
f.admin_user = TRUE;
- }
/* Another group of privileged users are the trusted users. These are root,
exim, and any caller matching trusted_users or trusted_groups. Trusted callers
f.trusted_caller = TRUE;
else
{
- int i, j;
-
if (trusted_users)
- for (i = 1; i <= (int)trusted_users[0] && !f.trusted_caller; i++)
+ for (int i = 1; i <= (int)trusted_users[0] && !f.trusted_caller; i++)
if (trusted_users[i] == real_uid)
f.trusted_caller = TRUE;
if (trusted_groups)
- for (i = 1; i <= (int)trusted_groups[0] && !f.trusted_caller; i++)
+ for (int i = 1; i <= (int)trusted_groups[0] && !f.trusted_caller; i++)
if (trusted_groups[i] == real_gid)
f.trusted_caller = TRUE;
- else for (j = 0; j < group_count && !f.trusted_caller; j++)
+ else for (int j = 0; j < group_count && !f.trusted_caller; j++)
if (trusted_groups[i] == group_list[j])
f.trusted_caller = TRUE;
}
DEBUG(D_any)
{
- int i;
debug_printf("configuration file is %s\n", config_main_filename);
debug_printf("log selectors =");
- for (i = 0; i < log_selector_size; i++)
+ for (int i = 0; i < log_selector_size; i++)
debug_printf(" %08x", log_selector[i]);
debug_printf("\n");
}
*/
#ifdef EXIM_TMPDIR
- {
- uschar **p;
- if (environ) for (p = USS environ; *p; p++)
+ if (environ) for (uschar ** p = USS environ; *p; p++)
if (Ustrncmp(*p, "TMPDIR=", 7) == 0 && Ustrcmp(*p+7, EXIM_TMPDIR) != 0)
{
uschar * newp = store_malloc(Ustrlen(EXIM_TMPDIR) + 8);
*p = newp;
DEBUG(D_any) debug_printf("reset TMPDIR=%s in environment\n", EXIM_TMPDIR);
}
- }
#endif
/* Timezone handling. If timezone_string is "utc", set a flag to cause all
if ( (debug_selector & D_any || LOGGING(arguments))
&& f.really_exim && !list_options && !checking)
{
- int i;
uschar *p = big_buffer;
Ustrcpy(p, "cwd= (failed)");
(void)string_format(p, big_buffer_size - (p - big_buffer), " %d args:", argc);
while (*p) p++;
- for (i = 0; i < argc; i++)
+ for (int i = 0; i < argc; i++)
{
int len = Ustrlen(argv[i]);
const uschar *printing;
printf("No retry information found\n");
else
{
- retry_rule *r;
more_errno = yield->more_errno;
printf("Retry rule: %s ", yield->pattern);
printf("auth_failed ");
else printf("* ");
- for (r = yield->rules; r; r = r->next)
+ for (retry_rule * r = yield->rules; r; r = r->next)
{
printf("%c,%s", r->rule, readconf_printtime(r->timeout)); /* Do not */
printf(",%s", readconf_printtime(r->p1)); /* amalgamate */
else
{
- int i;
int rcount = 0;
int count = argc - recipients_arg;
uschar **list = argv + recipients_arg;
/* Loop for each argument */
- for (i = 0; i < count; i++)
+ for (int i = 0; i < count; i++)
{
int start, end, domain;
uschar *errmess;
DEBUG(D_receive)
{
- int i;
if (sender_address != NULL) debug_printf("Sender: %s\n", sender_address);
if (recipients_list != NULL)
{
debug_printf("Recipients:\n");
- for (i = 0; i < recipients_count; i++)
+ for (int i = 0; i < recipients_count; i++)
debug_printf(" %s\n", recipients_list[i].address);
}
}
callout_address = NULL;
sending_ip_address = NULL;
acl_var_m = NULL;
- { int i; for(i=0; i<REGEX_VARS; i++) regex_vars[i] = NULL; }
+ for(int i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
store_reset(reset_point);
}
switch(rc = EXIM_DBPUTB(d, key, content))
{
case EXIM_DBPUTB_OK:
- count++;
- break;
+ count++;
+ break;
case EXIM_DBPUTB_DUP:
- if (warn) fprintf(stderr, "** Duplicate key \"%s\"\n",
- keybuffer);
- dupcount++;
- if(duperr) yield = 1;
- if (lastdup) EXIM_DBPUT(d, key, content);
- break;
+ if (warn) fprintf(stderr, "** Duplicate key \"%s\"\n", keybuffer);
+ dupcount++;
+ if(duperr) yield = 1;
+ if (lastdup) EXIM_DBPUT(d, key, content);
+ break;
default:
- fprintf(stderr, "Error %d while writing key %s: errno=%d\n", rc,
- keybuffer, errno);
- yield = 2;
- goto TIDYUP;
+ fprintf(stderr, "Error %d while writing key %s: errno=%d\n", rc,
+ keybuffer, errno);
+ yield = 2;
+ goto TIDYUP;
}
bptr = buffer;
keystart = t;
while (*s != 0 && *s != '\"')
{
- if (*s == '\\') *t++ = string_interpret_escape((const uschar **)&s);
- else *t++ = *s;
+ *t++ = *s == '\\'
+ ? string_interpret_escape((const uschar **)&s)
+ : *s;
s++;
}
if (*s != 0) s++; /* Past terminating " */
}
if (lowercase)
- {
for (i = 0; i < EXIM_DATUM_SIZE(key) - add_zero; i++)
keybuffer[i] = tolower(keystart[i]);
- }
else
- {
for (i = 0; i < EXIM_DATUM_SIZE(key) - add_zero; i++)
keybuffer[i] = keystart[i];
- }
keybuffer[i] = 0;
started = 1;
static time_t
read_time(uschar *s)
{
-uschar *t = s;
int field = 0;
int value;
time_t now = time(NULL);
tm->tm_sec = 0;
tm->tm_isdst = -1;
-for (t = s + Ustrlen(s) - 1; t >= s; t--)
+for (uschar * t = s + Ustrlen(s) - 1; t >= s; t--)
{
if (*t == ':') continue;
if (!isdigit((uschar)*t)) return -1;
open_db *dbm;
EXIM_CURSOR *cursor;
uschar **argv = USS cargv;
-uschar *key;
uschar keybuffer[1024];
/* Check the arguments, and open the database */
that data is returned in a malloc'ed block, in order that it be
correctly aligned. */
-for (key = dbfn_scan(dbm, TRUE, &cursor);
+for (uschar * key = dbfn_scan(dbm, TRUE, &cursor);
key;
key = dbfn_scan(dbm, FALSE, &cursor))
{
dbdata_ratelimit *ratelimit;
dbdata_ratelimit_unique *rate_unique;
int count_bad = 0;
- int i, length;
+ int length;
uschar *t;
uschar name[MESSAGE_ID_LENGTH + 1];
void *value;
switch(dbdata_type)
{
case type_retry:
- retry = (dbdata_retry *)value;
- printf(" %s %d %d %s\n%s ", keybuffer, retry->basic_errno,
- retry->more_errno, retry->text,
- print_time(retry->first_failed));
- printf("%s ", print_time(retry->last_try));
- printf("%s %s\n", print_time(retry->next_try),
- (retry->expired)? "*" : "");
- break;
+ retry = (dbdata_retry *)value;
+ printf(" %s %d %d %s\n%s ", keybuffer, retry->basic_errno,
+ retry->more_errno, retry->text,
+ print_time(retry->first_failed));
+ printf("%s ", print_time(retry->last_try));
+ printf("%s %s\n", print_time(retry->next_try),
+ (retry->expired)? "*" : "");
+ break;
case type_wait:
- wait = (dbdata_wait *)value;
- printf("%s ", keybuffer);
- t = wait->text;
- name[MESSAGE_ID_LENGTH] = 0;
-
- if (wait->count > WAIT_NAME_MAX)
- {
- fprintf(stderr,
- "**** Data for %s corrupted\n count=%d=0x%x max=%d\n",
- CS keybuffer, wait->count, wait->count, WAIT_NAME_MAX);
- wait->count = WAIT_NAME_MAX;
- yield = count_bad = 1;
- }
- for (i = 1; i <= wait->count; i++)
- {
- Ustrncpy(name, t, MESSAGE_ID_LENGTH);
- if (count_bad && name[0] == 0) break;
- if (Ustrlen(name) != MESSAGE_ID_LENGTH ||
- Ustrspn(name, "0123456789"
- "abcdefghijklmnopqrstuvwxyz"
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ-") != MESSAGE_ID_LENGTH)
- {
- int j;
- fprintf(stderr,
- "**** Data for %s corrupted: bad character in message id\n",
- CS keybuffer);
- for (j = 0; j < MESSAGE_ID_LENGTH; j++)
- fprintf(stderr, "%02x ", name[j]);
- fprintf(stderr, "\n");
- yield = 1;
- break;
- }
- printf("%s ", name);
- t += MESSAGE_ID_LENGTH;
- }
- printf("\n");
- break;
+ wait = (dbdata_wait *)value;
+ printf("%s ", keybuffer);
+ t = wait->text;
+ name[MESSAGE_ID_LENGTH] = 0;
+
+ if (wait->count > WAIT_NAME_MAX)
+ {
+ fprintf(stderr,
+ "**** Data for %s corrupted\n count=%d=0x%x max=%d\n",
+ CS keybuffer, wait->count, wait->count, WAIT_NAME_MAX);
+ wait->count = WAIT_NAME_MAX;
+ yield = count_bad = 1;
+ }
+ for (int i = 1; i <= wait->count; i++)
+ {
+ Ustrncpy(name, t, MESSAGE_ID_LENGTH);
+ if (count_bad && name[0] == 0) break;
+ if (Ustrlen(name) != MESSAGE_ID_LENGTH ||
+ Ustrspn(name, "0123456789"
+ "abcdefghijklmnopqrstuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ-") != MESSAGE_ID_LENGTH)
+ {
+ fprintf(stderr,
+ "**** Data for %s corrupted: bad character in message id\n",
+ CS keybuffer);
+ for (int j = 0; j < MESSAGE_ID_LENGTH; j++)
+ fprintf(stderr, "%02x ", name[j]);
+ fprintf(stderr, "\n");
+ yield = 1;
+ break;
+ }
+ printf("%s ", name);
+ t += MESSAGE_ID_LENGTH;
+ }
+ printf("\n");
+ break;
case type_misc:
- printf("%s %s\n", print_time(((dbdata_generic *)value)->time_stamp),
- keybuffer);
- break;
+ printf("%s %s\n", print_time(((dbdata_generic *)value)->time_stamp),
+ keybuffer);
+ break;
case type_callout:
- callout = (dbdata_callout_cache *)value;
-
- /* New-style address record */
-
- if (length == sizeof(dbdata_callout_cache_address))
- {
- printf("%s %s callout=%s\n",
- print_time(((dbdata_generic *)value)->time_stamp),
- keybuffer,
- print_cache(callout->result));
- }
-
- /* New-style domain record */
-
- else if (length == sizeof(dbdata_callout_cache))
- {
- printf("%s %s callout=%s postmaster=%s",
- print_time(((dbdata_generic *)value)->time_stamp),
- keybuffer,
- print_cache(callout->result),
- print_cache(callout->postmaster_result));
- if (callout->postmaster_result != ccache_unknown)
- printf(" (%s)", print_time(callout->postmaster_stamp));
- printf(" random=%s", print_cache(callout->random_result));
- if (callout->random_result != ccache_unknown)
- printf(" (%s)", print_time(callout->random_stamp));
- printf("\n");
- }
-
- break;
+ callout = (dbdata_callout_cache *)value;
+
+ /* New-style address record */
+
+ if (length == sizeof(dbdata_callout_cache_address))
+ {
+ printf("%s %s callout=%s\n",
+ print_time(((dbdata_generic *)value)->time_stamp),
+ keybuffer,
+ print_cache(callout->result));
+ }
+
+ /* New-style domain record */
+
+ else if (length == sizeof(dbdata_callout_cache))
+ {
+ printf("%s %s callout=%s postmaster=%s",
+ print_time(((dbdata_generic *)value)->time_stamp),
+ keybuffer,
+ print_cache(callout->result),
+ print_cache(callout->postmaster_result));
+ if (callout->postmaster_result != ccache_unknown)
+ printf(" (%s)", print_time(callout->postmaster_stamp));
+ printf(" random=%s", print_cache(callout->random_result));
+ if (callout->random_result != ccache_unknown)
+ printf(" (%s)", print_time(callout->random_stamp));
+ printf("\n");
+ }
+
+ break;
case type_ratelimit:
- if (Ustrstr(key, "/unique/") != NULL && length >= sizeof(*rate_unique))
- {
- ratelimit = (dbdata_ratelimit *)value;
- rate_unique = (dbdata_ratelimit_unique *)value;
- printf("%s.%06d rate: %10.3f epoch: %s size: %u key: %s\n",
- print_time(ratelimit->time_stamp),
- ratelimit->time_usec, ratelimit->rate,
- print_time(rate_unique->bloom_epoch), rate_unique->bloom_size,
- keybuffer);
- }
- else
- {
- ratelimit = (dbdata_ratelimit *)value;
- printf("%s.%06d rate: %10.3f key: %s\n",
- print_time(ratelimit->time_stamp),
- ratelimit->time_usec, ratelimit->rate,
- keybuffer);
- }
- break;
+ if (Ustrstr(key, "/unique/") != NULL && length >= sizeof(*rate_unique))
+ {
+ ratelimit = (dbdata_ratelimit *)value;
+ rate_unique = (dbdata_ratelimit_unique *)value;
+ printf("%s.%06d rate: %10.3f epoch: %s size: %u key: %s\n",
+ print_time(ratelimit->time_stamp),
+ ratelimit->time_usec, ratelimit->rate,
+ print_time(rate_unique->bloom_epoch), rate_unique->bloom_size,
+ keybuffer);
+ }
+ else
+ {
+ ratelimit = (dbdata_ratelimit *)value;
+ printf("%s.%06d rate: %10.3f key: %s\n",
+ print_time(ratelimit->time_stamp),
+ ratelimit->time_usec, ratelimit->rate,
+ keybuffer);
+ }
+ break;
}
store_reset(value);
}
dbdata_callout_cache *callout;
dbdata_ratelimit *ratelimit;
dbdata_ratelimit_unique *rate_unique;
- int i, oldlength;
+ int oldlength;
uschar *t;
uschar field[256], value[256];
switch(dbdata_type)
{
case type_retry:
- retry = (dbdata_retry *)record;
- /* length = sizeof(dbdata_retry) + Ustrlen(retry->text); */
-
- switch(fieldno)
- {
- case 0:
- retry->basic_errno = Uatoi(value);
- break;
-
- case 1:
- retry->more_errno = Uatoi(value);
- break;
-
- case 2:
- if ((tt = read_time(value)) > 0) retry->first_failed = tt;
- else printf("bad time value\n");
- break;
-
- case 3:
- if ((tt = read_time(value)) > 0) retry->last_try = tt;
- else printf("bad time value\n");
- break;
-
- case 4:
- if ((tt = read_time(value)) > 0) retry->next_try = tt;
- else printf("bad time value\n");
- break;
-
- case 5:
- if (Ustrcmp(value, "yes") == 0) retry->expired = TRUE;
- else if (Ustrcmp(value, "no") == 0) retry->expired = FALSE;
- else printf("\"yes\" or \"no\" expected=n");
- break;
-
- default:
- printf("unknown field number\n");
- verify = 0;
- break;
- }
- break;
+ retry = (dbdata_retry *)record;
+ /* length = sizeof(dbdata_retry) + Ustrlen(retry->text); */
+
+ switch(fieldno)
+ {
+ case 0: retry->basic_errno = Uatoi(value);
+ break;
+ case 1: retry->more_errno = Uatoi(value);
+ break;
+ case 2: if ((tt = read_time(value)) > 0) retry->first_failed = tt;
+ else printf("bad time value\n");
+ break;
+ case 3: if ((tt = read_time(value)) > 0) retry->last_try = tt;
+ else printf("bad time value\n");
+ break;
+ case 4: if ((tt = read_time(value)) > 0) retry->next_try = tt;
+ else printf("bad time value\n");
+ break;
+ case 5: if (Ustrcmp(value, "yes") == 0) retry->expired = TRUE;
+ else if (Ustrcmp(value, "no") == 0) retry->expired = FALSE;
+ else printf("\"yes\" or \"no\" expected=n");
+ break;
+ default: printf("unknown field number\n");
+ verify = 0;
+ break;
+ }
+ break;
case type_wait:
- printf("Can't change contents of wait database record\n");
- break;
+ printf("Can't change contents of wait database record\n");
+ break;
case type_misc:
- printf("Can't change contents of misc database record\n");
- break;
+ printf("Can't change contents of misc database record\n");
+ break;
case type_callout:
- callout = (dbdata_callout_cache *)record;
- /* length = sizeof(dbdata_callout_cache); */
- switch(fieldno)
- {
- case 0:
- callout->result = Uatoi(value);
- break;
-
- case 1:
- callout->postmaster_result = Uatoi(value);
- break;
-
- case 2:
- callout->random_result = Uatoi(value);
- break;
-
- default:
- printf("unknown field number\n");
- verify = 0;
- break;
- }
- break;
+ callout = (dbdata_callout_cache *)record;
+ /* length = sizeof(dbdata_callout_cache); */
+ switch(fieldno)
+ {
+ case 0: callout->result = Uatoi(value);
+ break;
+ case 1: callout->postmaster_result = Uatoi(value);
+ break;
+ case 2: callout->random_result = Uatoi(value);
+ break;
+ default: printf("unknown field number\n");
+ verify = 0;
+ break;
+ }
+ break;
case type_ratelimit:
- ratelimit = (dbdata_ratelimit *)record;
- switch(fieldno)
- {
- case 0:
- if ((tt = read_time(value)) > 0) ratelimit->time_stamp = tt;
- else printf("bad time value\n");
- break;
-
- case 1:
- ratelimit->time_usec = Uatoi(value);
- break;
-
- case 2:
- ratelimit->rate = Ustrtod(value, NULL);
- break;
-
- case 3:
- if (Ustrstr(name, "/unique/") != NULL
- && oldlength >= sizeof(dbdata_ratelimit_unique))
- {
- rate_unique = (dbdata_ratelimit_unique *)record;
- if ((tt = read_time(value)) > 0) rate_unique->bloom_epoch = tt;
- else printf("bad time value\n");
- break;
- }
- /* else fall through */
-
- case 4:
- case 5:
- if (Ustrstr(name, "/unique/") != NULL
- && oldlength >= sizeof(dbdata_ratelimit_unique))
- {
- /* see acl.c */
- BOOL seen;
- unsigned n, hash, hinc;
- uschar md5sum[16];
- md5 md5info;
- md5_start(&md5info);
- md5_end(&md5info, value, Ustrlen(value), md5sum);
- hash = md5sum[0] << 0 | md5sum[1] << 8
- | md5sum[2] << 16 | md5sum[3] << 24;
- hinc = md5sum[4] << 0 | md5sum[5] << 8
- | md5sum[6] << 16 | md5sum[7] << 24;
- rate_unique = (dbdata_ratelimit_unique *)record;
- seen = TRUE;
- for (n = 0; n < 8; n++, hash += hinc)
- {
- int bit = 1 << (hash % 8);
- int byte = (hash / 8) % rate_unique->bloom_size;
- if ((rate_unique->bloom[byte] & bit) == 0)
- {
- seen = FALSE;
- if (fieldno == 5) rate_unique->bloom[byte] |= bit;
- }
- }
- printf("%s %s\n",
- seen ? "seen" : fieldno == 5 ? "added" : "unseen", value);
- break;
- }
- /* else fall through */
-
- default:
- printf("unknown field number\n");
- verify = 0;
- break;
- }
- break;
+ ratelimit = (dbdata_ratelimit *)record;
+ switch(fieldno)
+ {
+ case 0: if ((tt = read_time(value)) > 0) ratelimit->time_stamp = tt;
+ else printf("bad time value\n");
+ break;
+ case 1: ratelimit->time_usec = Uatoi(value);
+ break;
+ case 2: ratelimit->rate = Ustrtod(value, NULL);
+ break;
+ case 3: if (Ustrstr(name, "/unique/") != NULL
+ && oldlength >= sizeof(dbdata_ratelimit_unique))
+ {
+ rate_unique = (dbdata_ratelimit_unique *)record;
+ if ((tt = read_time(value)) > 0) rate_unique->bloom_epoch = tt;
+ else printf("bad time value\n");
+ break;
+ }
+ /* else fall through */
+ case 4:
+ case 5: if (Ustrstr(name, "/unique/") != NULL
+ && oldlength >= sizeof(dbdata_ratelimit_unique))
+ {
+ /* see acl.c */
+ BOOL seen;
+ unsigned hash, hinc;
+ uschar md5sum[16];
+ md5 md5info;
+ md5_start(&md5info);
+ md5_end(&md5info, value, Ustrlen(value), md5sum);
+ hash = md5sum[0] << 0 | md5sum[1] << 8
+ | md5sum[2] << 16 | md5sum[3] << 24;
+ hinc = md5sum[4] << 0 | md5sum[5] << 8
+ | md5sum[6] << 16 | md5sum[7] << 24;
+ rate_unique = (dbdata_ratelimit_unique *)record;
+ seen = TRUE;
+ for (unsigned n = 0; n < 8; n++, hash += hinc)
+ {
+ int bit = 1 << (hash % 8);
+ int byte = (hash / 8) % rate_unique->bloom_size;
+ if ((rate_unique->bloom[byte] & bit) == 0)
+ {
+ seen = FALSE;
+ if (fieldno == 5) rate_unique->bloom[byte] |= bit;
+ }
+ }
+ printf("%s %s\n",
+ seen ? "seen" : fieldno == 5 ? "added" : "unseen", value);
+ break;
+ }
+ /* else fall through */
+ default: printf("unknown field number\n");
+ verify = 0;
+ break;
+ }
+ break;
}
dbfn_write(dbm, name, record, oldlength);
switch(dbdata_type)
{
case type_retry:
- retry = (dbdata_retry *)record;
- printf("0 error number: %d %s\n", retry->basic_errno, retry->text);
- printf("1 extra data: %d\n", retry->more_errno);
- printf("2 first failed: %s\n", print_time(retry->first_failed));
- printf("3 last try: %s\n", print_time(retry->last_try));
- printf("4 next try: %s\n", print_time(retry->next_try));
- printf("5 expired: %s\n", (retry->expired)? "yes" : "no");
- break;
+ retry = (dbdata_retry *)record;
+ printf("0 error number: %d %s\n", retry->basic_errno, retry->text);
+ printf("1 extra data: %d\n", retry->more_errno);
+ printf("2 first failed: %s\n", print_time(retry->first_failed));
+ printf("3 last try: %s\n", print_time(retry->last_try));
+ printf("4 next try: %s\n", print_time(retry->next_try));
+ printf("5 expired: %s\n", (retry->expired)? "yes" : "no");
+ break;
case type_wait:
- wait = (dbdata_wait *)record;
- t = wait->text;
- printf("Sequence: %d\n", wait->sequence);
- if (wait->count > WAIT_NAME_MAX)
- {
- printf("**** Data corrupted: count=%d=0x%x max=%d ****\n", wait->count,
- wait->count, WAIT_NAME_MAX);
- wait->count = WAIT_NAME_MAX;
- count_bad = 1;
- }
- for (i = 1; i <= wait->count; i++)
- {
- Ustrncpy(value, t, MESSAGE_ID_LENGTH);
- value[MESSAGE_ID_LENGTH] = 0;
- if (count_bad && value[0] == 0) break;
- if (Ustrlen(value) != MESSAGE_ID_LENGTH ||
- Ustrspn(value, "0123456789"
- "abcdefghijklmnopqrstuvwxyz"
- "ABCDEFGHIJKLMNOPQRSTUVWXYZ-") != MESSAGE_ID_LENGTH)
- {
- int j;
- printf("\n**** Data corrupted: bad character in message id ****\n");
- for (j = 0; j < MESSAGE_ID_LENGTH; j++)
- printf("%02x ", value[j]);
- printf("\n");
- break;
- }
- printf("%s ", value);
- t += MESSAGE_ID_LENGTH;
- }
- printf("\n");
- break;
+ wait = (dbdata_wait *)record;
+ t = wait->text;
+ printf("Sequence: %d\n", wait->sequence);
+ if (wait->count > WAIT_NAME_MAX)
+ {
+ printf("**** Data corrupted: count=%d=0x%x max=%d ****\n", wait->count,
+ wait->count, WAIT_NAME_MAX);
+ wait->count = WAIT_NAME_MAX;
+ count_bad = 1;
+ }
+ for (int i = 1; i <= wait->count; i++)
+ {
+ Ustrncpy(value, t, MESSAGE_ID_LENGTH);
+ value[MESSAGE_ID_LENGTH] = 0;
+ if (count_bad && value[0] == 0) break;
+ if (Ustrlen(value) != MESSAGE_ID_LENGTH ||
+ Ustrspn(value, "0123456789"
+ "abcdefghijklmnopqrstuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ-") != MESSAGE_ID_LENGTH)
+ {
+ printf("\n**** Data corrupted: bad character in message id ****\n");
+ for (int j = 0; j < MESSAGE_ID_LENGTH; j++)
+ printf("%02x ", value[j]);
+ printf("\n");
+ break;
+ }
+ printf("%s ", value);
+ t += MESSAGE_ID_LENGTH;
+ }
+ printf("\n");
+ break;
case type_misc:
- break;
+ break;
case type_callout:
- callout = (dbdata_callout_cache *)record;
- printf("0 callout: %s (%d)\n", print_cache(callout->result),
- callout->result);
- if (oldlength > sizeof(dbdata_callout_cache_address))
- {
- printf("1 postmaster: %s (%d)\n", print_cache(callout->postmaster_result),
- callout->postmaster_result);
- printf("2 random: %s (%d)\n", print_cache(callout->random_result),
- callout->random_result);
- }
- break;
+ callout = (dbdata_callout_cache *)record;
+ printf("0 callout: %s (%d)\n", print_cache(callout->result),
+ callout->result);
+ if (oldlength > sizeof(dbdata_callout_cache_address))
+ {
+ printf("1 postmaster: %s (%d)\n", print_cache(callout->postmaster_result),
+ callout->postmaster_result);
+ printf("2 random: %s (%d)\n", print_cache(callout->random_result),
+ callout->random_result);
+ }
+ break;
case type_ratelimit:
- ratelimit = (dbdata_ratelimit *)record;
- printf("0 time stamp: %s\n", print_time(ratelimit->time_stamp));
- printf("1 fract. time: .%06d\n", ratelimit->time_usec);
- printf("2 sender rate: % .3f\n", ratelimit->rate);
- if (Ustrstr(name, "/unique/") != NULL
- && oldlength >= sizeof(dbdata_ratelimit_unique))
- {
- rate_unique = (dbdata_ratelimit_unique *)record;
- printf("3 filter epoch: %s\n", print_time(rate_unique->bloom_epoch));
- printf("4 test filter membership\n");
- printf("5 add element to filter\n");
- }
- break;
+ ratelimit = (dbdata_ratelimit *)record;
+ printf("0 time stamp: %s\n", print_time(ratelimit->time_stamp));
+ printf("1 fract. time: .%06d\n", ratelimit->time_usec);
+ printf("2 sender rate: % .3f\n", ratelimit->rate);
+ if (Ustrstr(name, "/unique/") != NULL
+ && oldlength >= sizeof(dbdata_ratelimit_unique))
+ {
+ rate_unique = (dbdata_ratelimit_unique *)record;
+ printf("3 filter epoch: %s\n", print_time(rate_unique->bloom_epoch));
+ printf("4 test filter membership\n");
+ printf("5 add element to filter\n");
+ }
+ break;
}
}
for (;;)
{
- int offset;
int length = wait->count * MESSAGE_ID_LENGTH;
- for (offset = length - MESSAGE_ID_LENGTH;
+ for (int offset = length - MESSAGE_ID_LENGTH;
offset >= 0; offset -= MESSAGE_ID_LENGTH)
{
Ustrncpy(buffer+path_len, wait->text + offset, MESSAGE_ID_LENGTH);
if (*id++ != ':') continue;
for (i = 0; i < MESSAGE_ID_LENGTH; i++)
- {
if (i == 6 || i == 13)
{ if (id[i] != '-') break; }
else
{ if (!isalnum(id[i])) break; }
- }
if (i < MESSAGE_ID_LENGTH) continue;
Ustrncpy(buffer + path_len, id, MESSAGE_ID_LENGTH);
expand_getcertele(uschar * field, uschar * certvar)
{
var_entry * vp;
-certfield * cp;
if (!(vp = find_var_ent(certvar)))
{
if (*field >= '0' && *field <= '9')
return tls_cert_ext_by_oid(*(void **)vp->value, field, 0);
-for(cp = certfields;
- cp < certfields + nelem(certfields);
- cp++)
+for (certfield * cp = certfields;
+ cp < certfields + nelem(certfields);
+ cp++)
if (Ustrncmp(cp->name, field, cp->namelen) == 0)
{
uschar * modifier = *(field += cp->namelen) == ','
BOOL found = !name;
int len = name ? Ustrlen(name) : 0;
BOOL comma = FALSE;
-header_line * h;
gstring * g = NULL;
-for (h = header_list; h; h = h->next)
+for (header_line * h = header_list; h; h = h->next)
if (h->type != htype_old && h->text) /* NULL => Received: placeholder */
if (!name || (len <= h->slen && strncmpic(name, h->text, len) == 0))
{
{
uschar * s;
gstring * g = NULL;
-int i;
if (!f.enable_dollar_recipients) return NULL;
-for (i = 0; i < recipients_count; i++)
+for (int i = 0; i < recipients_count; i++)
{
s = recipients_list[i].address;
g = string_append2_listele_n(g, US", ", s, Ustrlen(s));
read_subs(uschar **sub, int n, int m, const uschar **sptr, BOOL skipping,
BOOL check_end, uschar *name, BOOL *resetok)
{
-int i;
const uschar *s = *sptr;
while (isspace(*s)) s++;
-for (i = 0; i < n; i++)
+for (int i = 0; i < n; i++)
{
if (*s != '{')
{
case ECOND_STR_GE:
case ECOND_STR_GEI:
- for (i = 0; i < 2; i++)
+ for (int i = 0; i < 2; i++)
{
/* Sometimes, we don't expand substrings; too many insecure configurations
created using match_address{}{} and friends, where the second param
}
else if (sublen == 32)
{
- int i;
uschar coded[36];
- for (i = 0; i < 16; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
+ for (int i = 0; i < 16; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
coded[32] = 0;
DEBUG(D_auth) debug_printf("crypteq: using MD5+hex hashing\n"
" subject=%s\n crypted=%s\n", coded, sub[1]+5);
}
else if (sublen == 40)
{
- int i;
uschar coded[44];
- for (i = 0; i < 20; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
+ for (int i = 0; i < 20; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
coded[40] = 0;
DEBUG(D_auth) debug_printf("crypteq: using SHA1+hex hashing\n"
" subject=%s\n crypted=%s\n", coded, sub[1]+6);
static int
save_expand_strings(uschar **save_expand_nstring, int *save_expand_nlength)
{
-int i;
-for (i = 0; i <= expand_nmax; i++)
+for (int i = 0; i <= expand_nmax; i++)
{
save_expand_nstring[i] = expand_nstring[i];
save_expand_nlength[i] = expand_nlength[i];
restore_expand_strings(int save_expand_nmax, uschar **save_expand_nstring,
int *save_expand_nlength)
{
-int i;
expand_nmax = save_expand_nmax;
-for (i = 0; i <= expand_nmax; i++)
+for (int i = 0; i <= expand_nmax; i++)
{
expand_nstring[i] = save_expand_nstring[i];
expand_nlength[i] = save_expand_nlength[i];
{
gstring * hash_source;
uschar * p;
-int i;
hctx h;
uschar innerhash[20];
uschar finalhash[20];
memset(innerkey, 0x36, 64);
memset(outerkey, 0x5c, 64);
-for (i = 0; i < Ustrlen(key); i++)
+for (int i = 0; i < Ustrlen(key); i++)
{
innerkey[i] ^= key[i];
outerkey[i] ^= key[i];
chash_end(HMAC_SHA1, &h, innerhash, 20, finalhash);
p = finalhash_hex;
-for (i = 0; i < 3; i++)
+for (int i = 0; i < 3; i++)
{
*p++ = hex_digits[(finalhash[i] & 0xf0) >> 4];
*p++ = hex_digits[finalhash[i] & 0x0f];
cat_file_tls(void * tls_ctx, gstring * yield, uschar * eol)
{
int rc;
-uschar * s;
uschar buffer[1024];
+/*XXX could we read direct into a pre-grown string? */
+
while ((rc = tls_read(tls_ctx, buffer, sizeof(buffer))) > 0)
- for (s = buffer; rc--; s++)
+ for (uschar * s = buffer; rc--; s++)
yield = eol && *s == '\n'
? string_cat(yield, eol) : string_catn(yield, s, 1);
}
}
- for (i = 0; i < 2; i++)
+ for (int i = 0; i < 2; i++) if (sub[i])
{
- if (sub[i] == NULL) continue;
val[i] = (int)Ustrtol(sub[i], &ret, 10);
if (*ret != 0 || (i != 0 && val[i] < 0))
{
md5 md5_base;
hctx sha1_ctx;
void *use_base;
- int type, i;
+ int type;
int hashlen; /* Number of octets for the hash algorithm's output */
int hashblocklen; /* Number of octets the hash algorithm processes */
uschar *keyptr, *p;
memset(innerkey, 0x36, hashblocklen);
memset(outerkey, 0x5c, hashblocklen);
- for (i = 0; i < keylen; i++)
+ for (int i = 0; i < keylen; i++)
{
innerkey[i] ^= keyptr[i];
outerkey[i] ^= keyptr[i];
/* Encode the final hash as a hex string */
p = finalhash_hex;
- for (i = 0; i < hashlen; i++)
+ for (int i = 0; i < hashlen; i++)
{
*p++ = hex_digits[(finalhash[i] & 0xf0) >> 4];
*p++ = hex_digits[finalhash[i] & 0x0f];
int ovector[3*(EXPAND_MAXN+1)];
int n = pcre_exec(re, NULL, CS subject, slen, moffset + moffsetextra,
PCRE_EOPT | emptyopt, ovector, nelem(ovector));
- int nn;
uschar *insert;
/* No match - if we previously set PCRE_NOTEMPTY after a null match, this
if (n == 0) n = EXPAND_MAXN + 1;
expand_nmax = 0;
- for (nn = 0; nn < n*2; nn += 2)
+ for (int nn = 0; nn < n*2; nn += 2)
{
expand_nstring[expand_nmax] = subject + ovector[nn];
expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn];
case EITEM_EXTRACT:
{
- int i;
- int j;
int field_number = 1;
BOOL field_number_set = FALSE;
uschar *save_lookup_value = lookup_value;
/* Check for a format-variant specifier */
if (*s != '{') /*}*/
- {
- if (Ustrncmp(s, "json", 4) == 0) {fmt = extract_json; s += 4;}
- }
+ if (Ustrncmp(s, "json", 4) == 0)
+ {fmt = extract_json; s += 4;}
/* While skipping we cannot rely on the data for expansions being
available (eg. $item) hence cannot decide on numeric vs. keyed.
if (skipping)
{
- for (j = 5; j > 0 && *s == '{'; j--) /*'}'*/
+ for (int j = 5; j > 0 && *s == '{'; j--) /*'}'*/
{
if (!expand_string_internal(s+1, TRUE, &s, skipping, TRUE, &resetok))
goto EXPAND_FAILED; /*'{'*/
}
}
- else for (i = 0, j = 2; i < j; i++) /* Read the proper number of arguments */
+ else for (int i = 0, j = 2; i < j; i++) /* Read the proper number of arguments */
{
while (isspace(*s)) s++;
if (*s == '{') /*'}'*/
case EITEM_LISTEXTRACT:
{
- int i;
int field_number = 1;
uschar *save_lookup_value = lookup_value;
uschar *sub[2];
/* Read the field & list arguments */
- for (i = 0; i < 2; i++)
+ for (int i = 0; i < 2; i++)
{
while (isspace(*s)) s++;
- if (*s != '{') /*}*/
+ if (*s != '{') /*'}'*/
{
expand_string_message = string_sprintf(
"missing '{' for arg %d of listextract", i+1);
/* Look up the dynamically loaded object handle in the tree. If it isn't
found, dlopen() the file and put the handle in the tree for next time. */
- t = tree_search(dlobj_anchor, argv[0]);
- if (t == NULL)
+ if (!(t = tree_search(dlobj_anchor, argv[0])))
{
void *handle = dlopen(CS argv[0], RTLD_LAZY);
if (handle == NULL)
{
md5 base;
uschar digest[16];
- int j;
md5_start(&base);
md5_end(&base, sub, Ustrlen(sub), digest);
- for (j = 0; j < 16; j++)
+ for (int j = 0; j < 16; j++)
yield = string_fmt_append(yield, "%02x", digest[j]);
}
continue;
{
hctx h;
uschar digest[20];
- int j;
sha1_start(&h);
sha1_end(&h, sub, Ustrlen(sub), digest);
- for (j = 0; j < 20; j++)
+ for (int j = 0; j < 20; j++)
yield = string_fmt_append(yield, "%02X", digest[j]);
}
continue;
uschar *out = sub;
uschar *enc;
- for (enc = sub; *enc != 0; enc++)
+ for (enc = sub; *enc; enc++)
{
if (!isxdigit(*enc))
{
if (isdigit(c)) c -= '0';
else c = toupper(c) - 'A' + 10;
if (b == -1)
- {
b = c << 4;
- }
else
{
*out++ = b | c;
case EOP_ESCAPE8BIT:
{
- const uschar * s = sub;
uschar c;
- for (s = sub; (c = *s); s++)
+ for (const uschar * s = sub; (c = *s); s++)
yield = c < 127 && c != '\\'
? string_catn(yield, s, 1)
: string_fmt_append(yield, "\\%03o", c);
{
uschar smode[12];
uschar **modetable[3];
- int i;
mode_t mode;
struct stat st;
modetable[1] = ((mode & 02000) == 0)? mtable_normal : mtable_setid;
modetable[2] = ((mode & 04000) == 0)? mtable_normal : mtable_setid;
- for (i = 0; i < 3; i++)
+ for (int i = 0; i < 3; i++)
{
memcpy(CS(smode + 7 - i*3), CS(modetable[i][mode & 7]), 3);
mode >>= 3;
{
err_ctx e = { .region_start = ptr, .region_end = US ptr + len,
.var_name = NULL, .var_data = NULL };
-int i;
-var_entry * v;
/* check acl_ variables */
tree_walk(acl_var_c, assert_variable_notin, &e);
tree_walk(acl_var_m, assert_variable_notin, &e);
/* check auth<n> variables */
-for (i = 0; i < AUTH_VARS; i++) if (auth_vars[i])
+for (int i = 0; i < AUTH_VARS; i++) if (auth_vars[i])
assert_variable_notin(US"auth<n>", auth_vars[i], &e);
/* check regex<n> variables */
-for (i = 0; i < REGEX_VARS; i++) if (regex_vars[i])
+for (int i = 0; i < REGEX_VARS; i++) if (regex_vars[i])
assert_variable_notin(US"regex<n>", regex_vars[i], &e);
/* check known-name variables */
-for (v = var_table; v < var_table + var_table_size; v++)
+for (var_entry * v = var_table; v < var_table + var_table_size; v++)
if (v->type == vtype_stringptr)
assert_variable_notin(US v->name, *(USS v->value), &e);
if (n == 0) n = EXPAND_MAXN + 1;
if (yield)
{
- int nn;
- expand_nmax = (setup < 0)? 0 : setup + 1;
- for (nn = (setup < 0)? 0 : 2; nn < n*2; nn += 2)
+ expand_nmax = setup < 0 ? 0 : setup + 1;
+ for (int nn = setup < 0 ? 0 : 2; nn < n*2; nn += 2)
{
expand_nstring[expand_nmax] = subject + ovector[nn];
expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn];
int main(int argc, uschar **argv)
{
-int i;
uschar buffer[1024];
debug_selector = D_v;
debug_fd = fileno(debug_file);
big_buffer = malloc(big_buffer_size);
-for (i = 1; i < argc; i++)
+for (int i = 1; i < argc; i++)
{
if (argv[i][0] == '+')
{
static void
native_sha1_mid(sha1 *base, const uschar *text)
{
-int i;
uint A, B, C, D, E;
uint W[80];
base->length += 64;
-for (i = 0; i < 16; i++)
+for (int i = 0; i < 16; i++)
{
W[i] = ((uint)text[0] << 24) | (text[1] << 16) | (text[2] << 8) | text[3];
text += 4;
}
-for (i = 16; i < 80; i++)
+for (int i = 16; i < 80; i++)
{
register unsigned int x = W[i-3] ^ W[i-8] ^ W[i-14] ^ W[i-16];
W[i] = (x << 1) | (x >> 31);
D = base->H[3];
E = base->H[4];
-for (i = 0; i < 20; i++)
+for (int i = 0; i < 20; i++)
{
unsigned int T;
T = ((A << 5) | (A >> 27)) + ((B & C) | ((~B) & D)) + E + W[i] + 0x5a827999;
A = T;
}
-for (i = 20; i < 40; i++)
+for (int i = 20; i < 40; i++)
{
unsigned int T;
T = ((A << 5) | (A >> 27)) + (B ^ C ^ D) + E + W[i] + 0x6ed9eba1;
A = T;
}
-for (i = 40; i < 60; i++)
+for (int i = 40; i < 60; i++)
{
unsigned int T;
T = ((A << 5) | (A >> 27)) + ((B & C) | (B & D) | (C & D)) + E + W[i] +
A = T;
}
-for (i = 60; i < 80; i++)
+for (int i = 60; i < 80; i++)
{
unsigned int T;
T = ((A << 5) | (A >> 27)) + (B ^ C ^ D) + E + W[i] + 0xca62c1d6;
static void
native_sha1_end(sha1 *base, const uschar *text, int length, uschar *digest)
{
-int i;
uschar work[64];
/* Process in chunks of 64 until we have less than 64 bytes left. */
/* Pass back the result, high-order byte first in each word. */
-for (i = 0; i < 5; i++)
+for (int i = 0; i < 5; i++)
{
register int x = base->H[i];
*digest++ = (x >> 24) & 0xff;
void
header_remove(int occ, const uschar *name)
{
-header_line *h;
int hcount = 0;
int len = Ustrlen(name);
-for (h = header_list; h != NULL; h = h->next)
- {
+for (header_line * h = header_list; h; h = h->next)
if (header_testname(h, name, len, TRUE) && (occ <= 0 || ++hcount == occ))
{
h->type = htype_old;
if (occ > 0) return;
}
- }
}
one_pattern_match(uschar *name, int slen, BOOL has_addresses, uschar *pattern)
{
BOOL yield = FALSE;
-header_line *h;
const pcre *re = NULL;
/* If the pattern is a regex, compile it. Bomb out if compiling fails; these
/* Scan for the required header(s) and scan each one */
-for (h = header_list; !yield && h != NULL; h = h->next)
+for (header_line * h = header_list; !yield && h; h = h->next)
{
if (h->type == htype_old || slen > h->slen ||
strncmpic(name, h->text, slen) != 0)
{
uschar *s = h->text + slen;
- while (!yield && *s != 0)
+ while (!yield && *s)
{
uschar *error, *next;
uschar *e = parse_find_address_end(s, FALSE);
int count, ...)
{
va_list ap;
-string_item *s;
-int i;
int slen = Ustrlen(name);
-for (s = strings; s != NULL; s = s->next)
- {
- if (one_pattern_match(name, slen, has_addresses, s->text)) return cond;
- }
+for (string_item * s = strings; s; s = s->next)
+ if (one_pattern_match(name, slen, has_addresses, s->text))
+ return cond;
va_start(ap, count);
-for (i = 0; i < count; i++)
+for (int i = 0; i < count; i++)
if (one_pattern_match(name, slen, has_addresses, va_arg(ap, uschar *)))
{
va_end(ap);
struct hostent *yield;
dns_answer dnsa;
dns_scan dnss;
-dns_record *rr;
DEBUG(D_host_lookup)
debug_printf("using host_fake_gethostbyname for %s (%s)\n", name,
/* Handle a literal IP address */
-ipa = string_is_ip_address(lname, NULL);
-if (ipa != 0)
+if ((ipa = string_is_ip_address(lname, NULL)) != 0)
{
if ((ipa == 4 && af == AF_INET) ||
(ipa == 6 && af == AF_INET6))
{
- int i, n;
int x[4];
yield = store_get(sizeof(struct hostent));
alist = store_get(2 * sizeof(char *));
yield->h_length = alen;
yield->h_addr_list = CSS alist;
*alist++ = adds;
- n = host_aton(lname, x);
- for (i = 0; i < n; i++)
+ for (int n = host_aton(lname, x), i = 0; i < n; i++)
{
int y = x[i];
*adds++ = (y >> 24) & 255;
case DNS_FAIL: *error_num = NO_RECOVERY; return NULL;
}
- for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
rr;
- rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
- if (rr->type == type)
- count++;
+ rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == type)
+ count++;
yield = store_get(sizeof(struct hostent));
alist = store_get((count + 1) * sizeof(char *));
yield->h_length = alen;
yield->h_addr_list = CSS alist;
- for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
rr;
- rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
+ rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == type)
{
- int i, n;
int x[4];
dns_address *da;
- if (rr->type != type) continue;
if (!(da = dns_address_from_rr(&dnsa, rr))) break;
*alist++ = adds;
- n = host_aton(da->address, x);
- for (i = 0; i < n; i++)
+ for (int n = host_aton(da->address, x), i = 0; i < n; i++)
{
int y = x[i];
*adds++ = (y >> 24) & 255;
add_unique_interface(ip_address_item *list, ip_address_item *ipa)
{
ip_address_item *ipa2;
-for (ipa2 = list; ipa2 != NULL; ipa2 = ipa2->next)
+for (ipa2 = list; ipa2; ipa2 = ipa2->next)
if (Ustrcmp(ipa2->address, ipa->address) == 0) return list;
ipa2 = store_get_perm(sizeof(ip_address_item));
*ipa2 = *ipa;
US"extra_local_interfaces");
ip_address_item *ipa;
- if (dlist == NULL) dlist = xlist; else
+ if (!dlist) dlist = xlist;
+ else
{
- for (ipa = dlist; ipa->next != NULL; ipa = ipa->next);
+ for (ipa = dlist; ipa->next; ipa = ipa->next) ;
ipa->next = xlist;
}
- for (ipa = dlist; ipa != NULL; ipa = ipa->next)
+ for (ipa = dlist; ipa; ipa = ipa->next)
{
if (Ustrcmp(ipa->address, "0.0.0.0") == 0 ||
Ustrcmp(ipa->address, "::0") == 0)
{
- ip_address_item *ipa2;
BOOL ipv6 = ipa->address[0] == ':';
- if (running_interfaces == NULL)
+ if (!running_interfaces)
running_interfaces = os_find_running_interfaces();
- for (ipa2 = running_interfaces; ipa2 != NULL; ipa2 = ipa2->next)
- {
+ for (ip_address_item * ipa2 = running_interfaces; ipa2; ipa2 = ipa2->next)
if ((Ustrchr(ipa2->address, ':') != NULL) == ipv6)
local_interface_data = add_unique_interface(local_interface_data,
- ipa2);
- }
+ ipa2);
}
else
{
void
host_mask(int count, int *binary, int mask)
{
-int i;
if (mask < 0) mask = 99999;
-for (i = 0; i < count; i++)
+for (int i = 0; i < count; i++)
{
int wordmask;
if (mask == 0) wordmask = 0;
int
host_nmtoa(int count, int *binary, int mask, uschar *buffer, int sep)
{
-int i, j;
+int j;
uschar *tt = buffer;
if (count == 1)
{
j = binary[0];
- for (i = 24; i >= 0; i -= 8)
+ for (int i = 24; i >= 0; i -= 8)
tt += sprintf(CS tt, "%d.", (j >> i) & 255);
}
else
- for (i = 0; i < 4; i++)
+ for (int i = 0; i < 4; i++)
{
j = binary[i];
tt += sprintf(CS tt, "%04x%c%04x%c", (j >> 16) & 0xffff, sep, j & 0xffff, sep);
BOOL
host_is_in_net(const uschar *host, const uschar *net, int maskoffset)
{
-int i;
int address[4];
int incoming[4];
int mlen;
/* Else do the masked comparison. */
-for (i = 0; i < size; i++)
+for (int i = 0; i < size; i++)
{
int mask;
if (mlen == 0) mask = 0;
if (h->address != NULL)
{
- ip_address_item *ip;
if (Ustrcmp(h->address, "0.0.0.0") == 0) goto FOUND_LOCAL;
- for (ip = local_interface_data; ip != NULL; ip = ip->next)
+ for (ip_address_item * ip = local_interface_data; ip; ip = ip->next)
if (Ustrcmp(h->address, ip->address) == 0) goto FOUND_LOCAL;
yield = HOST_FOUND; /* At least one remote address has been found */
}
/* If the host has aliases, build a copy of the alias list */
-if (hosts->h_aliases != NULL)
+if (hosts->h_aliases)
{
int count = 1;
- uschar **aliases, **ptr;
- for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++) count++;
+ uschar **ptr;
+ for (uschar ** aliases = USS hosts->h_aliases; *aliases; aliases++) count++;
ptr = sender_host_aliases = store_get_perm(count * sizeof(uschar *));
- for (aliases = USS hosts->h_aliases; *aliases != NULL; aliases++)
+ for (uschar ** aliases = USS hosts->h_aliases; *aliases; aliases++)
{
uschar *s = *aliases;
int len = Ustrlen(s) + 1;
{
int old_pool, rc;
int sep = 0;
-uschar *hname, *save_hostname;
+uschar *save_hostname;
uschar **aliases;
uschar buffer[256];
uschar *ordername;
const uschar *list = host_lookup_order;
-dns_record *rr;
dns_answer dnsa;
dns_scan dnss;
store_pool = POOL_PERM; /* Save names in permanent storage */
- for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
rr;
- rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
- if (rr->type == T_PTR)
- count++;
+ rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == T_PTR)
+ count++;
/* Get store for the list of aliases. For compatibility with
gethostbyaddr, we make an empty list if there are none. */
/* Re-scan and extract the names */
- for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
rr;
- rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
+ rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == T_PTR)
{
- uschar *s = NULL;
- if (rr->type != T_PTR) continue;
- s = store_get(ssize);
+ uschar * s = store_get(ssize);
/* If an overlong response was received, the data will have been
truncated and dn_expand may fail. */
save_hostname = sender_host_name; /* Save for error messages */
aliases = sender_host_aliases;
-for (hname = sender_host_name; hname; hname = *aliases++)
+for (uschar * hname = sender_host_name; hname; hname = *aliases++)
{
int rc;
BOOL ok = FALSE;
|| rc == HOST_FOUND_LOCAL
)
{
- host_item *hh;
HDEBUG(D_host_lookup) debug_printf("checking addresses for %s\n", hname);
/* If the forward lookup was not secure we cancel the is-secure variable */
h.dnssec == DS_YES ? "DNSSEC verified (AD)" : "unverified");
if (h.dnssec != DS_YES) sender_host_dnssec = FALSE;
- for (hh = &h; hh; hh = hh->next)
+ for (host_item * hh = &h; hh; hh = hh->next)
if (host_is_in_net(hh->address, sender_host_address, 0))
{
HDEBUG(D_host_lookup) debug_printf(" %s OK\n", hh->address);
host_find_byname(host_item *host, const uschar *ignore_target_hosts, int flags,
const uschar **fully_qualified_name, BOOL local_host_check)
{
-int i, yield, times;
-uschar **addrlist;
+int yield, times;
host_item *last = NULL;
BOOL temp_error = FALSE;
#if HAVE_IPV6
/* Loop to look up both kinds of address in an IPv6 world */
-for (i = 1; i <= times;
+for (int i = 1; i <= times;
#if HAVE_IPV6
af = AF_INET, /* If 2 passes, IPv4 on the second */
#endif
ipv4_addr = hostdata->h_length == sizeof(struct in_addr);
- for (addrlist = USS hostdata->h_addr_list; *addrlist != NULL; addrlist++)
+ for (uschar ** addrlist = USS hostdata->h_addr_list; *addrlist; addrlist++)
{
uschar *text_address =
host_ntoa(ipv4_addr? AF_INET:AF_INET6, *addrlist, NULL, NULL);
HDEBUG(D_host_lookup)
{
- const host_item *h;
- if (fully_qualified_name != NULL)
+ if (fully_qualified_name)
debug_printf("fully qualified name = %s\n", *fully_qualified_name);
debug_printf("%s looked up these IP addresses:\n",
#if HAVE_IPV6
"gethostbyname"
#endif
);
- for (h = host; h != last->next; h = h->next)
+ for (const host_item * h = host; h != last->next; h = h->next)
debug_printf(" name=%s address=%s\n", h->name,
- (h->address == NULL)? US"<null>" : h->address);
+ h->address ? h->address : US"<null>");
}
/* Return the found status. */
const uschar **fully_qualified_name,
BOOL dnssec_request, BOOL dnssec_require, int whichrrs)
{
-dns_record *rr;
host_item *thishostlast = NULL; /* Indicates not yet filled in anything */
BOOL v6_find_again = FALSE;
BOOL dnssec_fail = FALSE;
fully_qualified_name = NULL;
- for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
rr;
- rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
+ rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == type)
{
- if (rr->type == type)
- {
- dns_address *da = dns_address_from_rr(&dnsa, rr);
+ dns_address * da = dns_address_from_rr(&dnsa, rr);
- DEBUG(D_host_lookup)
- if (!da) debug_printf("no addresses extracted from A6 RR for %s\n",
- host->name);
+ DEBUG(D_host_lookup)
+ if (!da) debug_printf("no addresses extracted from A6 RR for %s\n",
+ host->name);
- /* This loop runs only once for A and AAAA records, but may run
- several times for an A6 record that generated multiple addresses. */
+ /* This loop runs only once for A and AAAA records, but may run
+ several times for an A6 record that generated multiple addresses. */
- for (; da; da = da->next)
- {
- #ifndef STAND_ALONE
- if (ignore_target_hosts != NULL &&
- verify_check_this_host(&ignore_target_hosts, NULL,
- host->name, da->address, NULL) == OK)
- {
- DEBUG(D_host_lookup)
- debug_printf("ignored host %s [%s]\n", host->name, da->address);
- continue;
- }
- #endif
+ for (; da; da = da->next)
+ {
+ #ifndef STAND_ALONE
+ if (ignore_target_hosts != NULL &&
+ verify_check_this_host(&ignore_target_hosts, NULL,
+ host->name, da->address, NULL) == OK)
+ {
+ DEBUG(D_host_lookup)
+ debug_printf("ignored host %s [%s]\n", host->name, da->address);
+ continue;
+ }
+ #endif
- /* If this is the first address, stick it in the given host block,
- and change the name if the returned RR has a different name. */
+ /* If this is the first address, stick it in the given host block,
+ and change the name if the returned RR has a different name. */
- if (thishostlast == NULL)
- {
- if (strcmpic(host->name, rr->name) != 0)
- host->name = string_copy_dnsdomain(rr->name);
- host->address = da->address;
- host->sort_key = host->mx * 1000 + random_number(500) + randoffset;
- host->status = hstatus_unknown;
- host->why = hwhy_unknown;
- thishostlast = host;
- }
+ if (thishostlast == NULL)
+ {
+ if (strcmpic(host->name, rr->name) != 0)
+ host->name = string_copy_dnsdomain(rr->name);
+ host->address = da->address;
+ host->sort_key = host->mx * 1000 + random_number(500) + randoffset;
+ host->status = hstatus_unknown;
+ host->why = hwhy_unknown;
+ thishostlast = host;
+ }
- /* Not the first address. Check for, and ignore, duplicates. Then
- insert in the chain at a random point. */
+ /* Not the first address. Check for, and ignore, duplicates. Then
+ insert in the chain at a random point. */
- else
- {
- int new_sort_key;
- host_item *next;
-
- /* End of our local chain is specified by "thishostlast". */
-
- for (next = host;; next = next->next)
- {
- if (Ustrcmp(CS da->address, next->address) == 0) break;
- if (next == thishostlast) { next = NULL; break; }
- }
- if (next != NULL) continue; /* With loop for next address */
-
- /* Not a duplicate */
-
- new_sort_key = host->mx * 1000 + random_number(500) + randoffset;
- next = store_get(sizeof(host_item));
-
- /* New address goes first: insert the new block after the first one
- (so as not to disturb the original pointer) but put the new address
- in the original block. */
-
- if (new_sort_key < host->sort_key)
- {
- *next = *host; /* Copies port */
- host->next = next;
- host->address = da->address;
- host->sort_key = new_sort_key;
- if (thishostlast == host) thishostlast = next; /* Local last */
- if (*lastptr == host) *lastptr = next; /* Global last */
- }
-
- /* Otherwise scan down the addresses for this host to find the
- one to insert after. */
-
- else
- {
- host_item *h = host;
- while (h != thishostlast)
- {
- if (new_sort_key < h->next->sort_key) break;
- h = h->next;
- }
- *next = *h; /* Copies port */
- h->next = next;
- next->address = da->address;
- next->sort_key = new_sort_key;
- if (h == thishostlast) thishostlast = next; /* Local last */
- if (h == *lastptr) *lastptr = next; /* Global last */
- }
- }
- }
+ else
+ {
+ int new_sort_key;
+ host_item *next;
+
+ /* End of our local chain is specified by "thishostlast". */
+
+ for (next = host;; next = next->next)
+ {
+ if (Ustrcmp(CS da->address, next->address) == 0) break;
+ if (next == thishostlast) { next = NULL; break; }
+ }
+ if (next != NULL) continue; /* With loop for next address */
+
+ /* Not a duplicate */
+
+ new_sort_key = host->mx * 1000 + random_number(500) + randoffset;
+ next = store_get(sizeof(host_item));
+
+ /* New address goes first: insert the new block after the first one
+ (so as not to disturb the original pointer) but put the new address
+ in the original block. */
+
+ if (new_sort_key < host->sort_key)
+ {
+ *next = *host; /* Copies port */
+ host->next = next;
+ host->address = da->address;
+ host->sort_key = new_sort_key;
+ if (thishostlast == host) thishostlast = next; /* Local last */
+ if (*lastptr == host) *lastptr = next; /* Global last */
+ }
+
+ /* Otherwise scan down the addresses for this host to find the
+ one to insert after. */
+
+ else
+ {
+ host_item *h = host;
+ while (h != thishostlast)
+ {
+ if (new_sort_key < h->next->sort_key) break;
+ h = h->next;
+ }
+ *next = *h; /* Copies port */
+ h->next = next;
+ next->address = da->address;
+ next->sort_key = new_sort_key;
+ if (h == thishostlast) thishostlast = next; /* Local last */
+ if (h == *lastptr) *lastptr = next; /* Global last */
+ }
+ }
}
}
}
const uschar **fully_qualified_name, BOOL *removed)
{
host_item *h, *last;
-dns_record *rr;
int rc = DNS_FAIL;
int ind_type = 0;
int yield;
if (rc == HOST_IGNORED) rc = HOST_FIND_FAILED; /* No special action */
DEBUG(D_host_lookup)
- {
- host_item *h;
- if (host->address != NULL)
+ if (host->address)
{
- if (fully_qualified_name != NULL)
+ if (fully_qualified_name)
debug_printf("fully qualified name = %s\n", *fully_qualified_name);
- for (h = host; h != last->next; h = h->next)
+ for (host_item * h = host; h != last->next; h = h->next)
debug_printf("%s %s mx=%d sort=%d %s\n", h->name,
- (h->address == NULL)? US"<null>" : h->address, h->mx, h->sort_key,
- (h->status >= hstatus_unusable)? US"*" : US"");
+ h->address ? h->address : US"<null>", h->mx, h->sort_key,
+ h->status >= hstatus_unusable ? US"*" : US"");
}
- }
yield = rc;
goto out;
last = NULL; /* Indicates that not even the first item is filled yet */
-for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
+for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
rr;
rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == ind_type)
{
if (ind_type == T_SRV)
{
- host_item **pptr;
+ host_item ** pptr;
if (host == last && host->name[0] == 0)
{
DEBUG(D_host_lookup)
{
- if (fully_qualified_name != NULL)
+ if (fully_qualified_name)
debug_printf("fully qualified name = %s\n", *fully_qualified_name);
debug_printf("host_find_bydns yield = %s (%d); returned hosts:\n",
- (yield == HOST_FOUND)? "HOST_FOUND" :
- (yield == HOST_FOUND_LOCAL)? "HOST_FOUND_LOCAL" :
- (yield == HOST_FIND_SECURITY)? "HOST_FIND_SECURITY" :
- (yield == HOST_FIND_AGAIN)? "HOST_FIND_AGAIN" :
- (yield == HOST_FIND_FAILED)? "HOST_FIND_FAILED" : "?",
+ yield == HOST_FOUND ? "HOST_FOUND" :
+ yield == HOST_FOUND_LOCAL ? "HOST_FOUND_LOCAL" :
+ yield == HOST_FIND_SECURITY ? "HOST_FIND_SECURITY" :
+ yield == HOST_FIND_AGAIN ? "HOST_FIND_AGAIN" :
+ yield == HOST_FIND_FAILED ? "HOST_FIND_FAILED" : "?",
yield);
for (h = host; h != last->next; h = h->next)
{
printf("> ");
while (Ufgets(buffer, 256, stdin) != NULL)
{
- int i;
int x[4];
int len = Ustrlen(buffer);
len = host_aton(buffer, x);
printf("length = %d ", len);
- for (i = 0; i < len; i++)
+ for (int i = 0; i < len; i++)
{
printf("%04x ", (x[i] >> 16) & 0xffff);
printf("%04x ", x[i] & 0xffff);
size_t slen;
uschar *sptr;
gstring * yield = NULL;
-int i = 0, j; /* compiler quietening */
+int i = 0; /* compiler quietening */
uschar c = 0; /* compiler quietening */
BOOL base64mode = FALSE;
BOOL lastsep = FALSE;
i = 0;
}
- for (j = 0; j < 2; j++, s++) switch (i++)
+ for (int j = 0; j < 2; j++, s++) switch (i++)
{
case 0:
/* Top 6 bits of the first octet */
ip_connectedsocket(int type, const uschar * hostname, int portlo, int porthi,
int timeout, host_item * connhost, uschar ** errstr, const blob * fastopen_blob)
{
-int namelen, port;
+int namelen;
host_item shost;
-host_item *h;
int af = 0, fd, fd4 = -1, fd6 = -1;
shost.next = NULL;
/* Try to connect to the server - test each IP till one works */
-for (h = &shost; h; h = h->next)
+for (host_item * h = &shost; h; h = h->next)
{
fd = Ustrchr(h->address, ':') != 0
? fd6 < 0 ? (fd6 = ip_socket(type, af = AF_INET6)) : fd6
goto bad;
}
- for(port = portlo; port <= porthi; port++)
+ for (int port = portlo; port <= porthi; port++)
if (ip_connect(fd, af, h->address, port, timeout, fastopen_blob) == 0)
{
if (fd != fd6) close(fd6);
void
dscp_list_to_stream(FILE *stream)
{
-int i;
-for (i=0; i < dscp_table_size; ++i)
+for (int i = 0; i < dscp_table_size; ++i)
fprintf(stream, "%s\n", dscp_table[i].name);
}
static void
write_syslog(int priority, const uschar *s)
{
-int len, pass;
+int len;
int linecount = 0;
if (!syslog_pid && LOGGING(pid))
/* First do a scan through the message in order to determine how many lines
it is going to end up as. Then rescan to output it. */
-for (pass = 0; pass < 2; pass++)
+for (int pass = 0; pass < 2; pass++)
{
- int i;
- int tlen;
const uschar * ss = s;
- for (i = 1, tlen = len; tlen > 0; i++)
+ for (int i = 1, tlen = len; tlen > 0; i++)
{
int plen = tlen;
uschar *nlptr = Ustrchr(ss, '\n');
if (flags & LOG_REJECT)
{
- header_line *h;
-
if (header_list && LOGGING(rejected_header))
{
uschar * p = g->s + g->ptr;
/* A header with a NULL text is an unfilled in Received: header */
- for (h = header_list; h; h = h->next) if (h->text)
+ for (header_line * h = header_list; h; h = h->next) if (h->text)
{
BOOL fitted = string_format(p, LOG_BUFFER_SIZE - g->ptr,
"%c %s", h->type, h->text);
hash_offset,
hash_offlen,
hash_slotnm;
-int loop;
/* Keep picky compilers happy */
do_cache = do_cache;
uschar * cur_pos = cur_offset + cdbp->cdb_map;
uschar * end_pos = end_offset + cdbp->cdb_map;
- for (loop = 0; (loop < hash_offlen); ++loop)
+ for (int loop = 0; (loop < hash_offlen); ++loop)
{
item_hash = cdb_unpack(cur_pos);
cur_pos += 4;
#endif /* HAVE_MMAP */
-for (loop = 0; (loop < hash_offlen); ++loop)
+for (int loop = 0; (loop < hash_offlen); ++loop)
{
uschar packbuf[8];
struct cdb_state * cdbp = handle;
#ifdef HAVE_MMAP
- if (cdbp->cdb_map) {
- munmap(CS cdbp->cdb_map, cdbp->filelen);
- if (cdbp->cdb_map == cdbp->cdb_offsets)
+if (cdbp->cdb_map)
+ {
+ munmap(CS cdbp->cdb_map, cdbp->filelen);
+ if (cdbp->cdb_map == cdbp->cdb_offsets)
cdbp->cdb_offsets = NULL;
- }
+ }
#endif /* HAVE_MMAP */
- (void)close(cdbp->fileno);
+(void)close(cdbp->fileno);
}
gstring * yield = string_get(256);
-dns_record * rr;
dns_answer dnsa;
dns_scan dnss;
/* Search the returned records */
- for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
+ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) if (rr->type == searchtype)
{
if (*do_cache > rr->ttl)
if (type == T_A || type == T_AAAA || type == T_ADDRESSES)
{
- dns_address *da;
- for (da = dns_address_from_rr(&dnsa, rr); da; da = da->next)
+ for (dns_address * da = dns_address_from_rr(&dnsa, rr); da; da = da->next)
{
if (yield->ptr) yield = string_catn(yield, outsep, 1);
yield = string_cat(yield, da->address);
isc_stmt_handle stmth = NULL;
XSQLDA *out_sqlda;
XSQLVAR *var;
+int i;
char buffer[256];
ISC_STATUS status[20], *statusp = status;
gstring * result;
-int i;
int yield = DEFER;
ibase_connection *cn;
uschar *server_copy = NULL;
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */
-for (i = 2; i > 0; i--)
+for (int i = 2; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '|');
if (cn->dbh == NULL || cn->transh == NULL)
{
- char *dpb, *p;
+ char *dpb;
short dpb_length;
static char trans_options[] =
{ isc_tpb_version3, isc_tpb_read, isc_tpb_read_committed,
*dpb++ = isc_dpb_version1;
*dpb++ = isc_dpb_user_name;
*dpb++ = strlen(sdata[1]);
- for (p = sdata[1]; *p;)
+ for (char * p = sdata[1]; *p;)
*dpb++ = *p++;
*dpb++ = isc_dpb_password;
*dpb++ = strlen(sdata[2]);
- for (p = sdata[2]; *p;)
+ for (char * p = sdata[2]; *p;)
*dpb++ = *p++;
dpb_length = dpb - buffer;
}
else
- for (i = 0; i < out_sqlda->sqld; i++)
+ for (int i = 0; i < out_sqlda->sqld; i++)
{
int len = fetch_field(buffer, sizeof(buffer), &out_sqlda->sqlvar[i]);
else if (buffer[0] == 0 || Ustrchr(buffer, ' ') != NULL)
{
- int j;
-
result = string_catn(result, US "\"", 1);
- for (j = 0; j < len; j++)
+ for (int j = 0; j < len; j++)
{
if (buffer[j] == '\"' || buffer[j] == '\\')
result = string_cat(result, US "\\", 1);
struct timeval timeout;
struct timeval *timeoutptr = NULL;
-uschar *attr;
-uschar **attrp;
gstring * data = NULL;
uschar *dn = NULL;
uschar *host;
/* Count the attributes; we need this later to tell us how to format results */
-for (attrp = USS ludp->lud_attrs; attrp && *attrp; attrp++)
+for (uschar ** attrp = USS ludp->lud_attrs; attrp && *attrp; attrp++)
attrs_requested++;
/* See if we can find a cached connection to this host. The port is not
sequence of name=value pairs, separated by (space), with the value always in quotes.
If there are multiple values, they are given within the quotes, comma separated. */
- else for (attr = US ldap_first_attribute(lcp->ld, e, &ber);
+ else for (uschar * attr = US ldap_first_attribute(lcp->ld, e, &ber);
attr; attr = US ldap_next_attribute(lcp->ld, e, ber))
{
DEBUG(D_lookup) debug_printf("LDAP attr loop\n");
internal quotes, backslashes, newlines, and must double commas. */
if (attrs_requested != 1)
- {
- int j;
- for (j = 0; j < len; j++)
+ for (int j = 0; j < len; j++)
{
if (value[j] == '\n')
data = string_catn(data, US"\\n", 2);
data = string_catn(data, value+j, 1);
}
}
- }
/* For single attributes, just double commas */
else
- {
- int j;
- for (j = 0; j < len; j++)
+ for (int j = 0; j < len; j++)
if (value[j] == ',')
data = string_catn(data, US",,", 2);
else
data = string_catn(data, value+j, 1);
- }
/* Move on to the next value */
if (user != NULL)
{
- uschar *s;
uschar *t = user;
- for (s = user; *s != 0; s++)
+ for (uschar * s = user; *s != 0; s++)
{
int c, d;
if (*s == '%' && isxdigit(c=s[1]) && isxdigit(d=s[2]))
lf_check_file(int fd, uschar *filename, int s_type, int modemask, uid_t *owners,
gid_t *owngroups, const char *type, uschar **errmsg)
{
-int i;
struct stat statbuf;
if ((fd >= 0 && fstat(fd, &statbuf) != 0) ||
if (owners != NULL)
{
BOOL uid_ok = FALSE;
- for (i = 1; i <= (int)owners[0]; i++)
+ for (int i = 1; i <= (int)owners[0]; i++)
if (owners[i] == statbuf.st_uid) { uid_ok = TRUE; break; }
if (!uid_ok)
{
if (owngroups != NULL)
{
BOOL gid_ok = FALSE;
- for (i = 1; i <= (int)owngroups[0]; i++)
+ for (int i = 1; i <= (int)owngroups[0]; i++)
if (owngroups[i] == statbuf.st_gid) { gid_ok = TRUE; break; }
if (!gid_ok)
{
if (value[0] == 0 || Ustrpbrk(value, " \t\n\r") != NULL || value[0] == '\"')
{
- int j;
result = string_catn(result, US"\"", 1);
- for (j = 0; j < vlength; j++)
+ for (int j = 0; j < vlength; j++)
{
if (value[j] == '\"' || value[j] == '\\')
result = string_catn(result, US"\\", 1);
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */
-for (i = 3; i > 0; i--)
+for (int i = 3; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (pp == NULL)
result = string_catn(result, US"\n", 1);
if (num_fields != 1)
- for (i = 0; i < num_fields; i++)
+ for (int i = 0; i < num_fields; i++)
result = lf_quote(US fields[i].name, US mysql_row_data[i], lengths[i],
result);
nisplus_find(void *handle, uschar *filename, const uschar *query, int length,
uschar **result, uschar **errmsg, uint *do_cache)
{
-int i;
int error_error = FAIL;
const uschar * field_name = NULL;
nis_result *nrt = NULL;
with their names. */
eo = &(eno->zo_data.objdata_u.en_data);
-for (i = 0; i < eo->en_cols.en_cols_len; i++)
+for (int i = 0; i < eo->en_cols.en_cols_len; i++)
{
table_col *tc = ta->ta_cols.ta_cols_val + i;
entry_col *ec = eo->en_cols.en_cols_val + i;
if (value[0] == 0 || Ustrchr(value, ' ') != NULL)
{
- int j;
yield = string_catn(yield, US"\"", 1);
- for (j = 0; j < len; j++)
+ for (int j = 0; j < len; j++)
{
if (value[j] == '\"' || value[j] == '\\')
yield = string_catn(yield, US"\\", 1);
Ora_Define *def = NULL;
void *hda = NULL;
-int i;
int yield = DEFER;
unsigned int num_fields = 0;
gstring * result = NULL;
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */
-for (i = 3; i > 0; i--)
+for (int i = 3; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (pp == NULL)
/* Multiple fields - precede by file name, removing {lead,trail}ing WS */
- else for (i = 0; i < num_fields; i++)
+ else for (int i = 0; i < num_fields; i++)
{
int slen;
uschar *s = US desc[i].buf;
if (desc[i].dbtype != INT_TYPE && desc[i].dbtype != FLOAT_TYPE &&
(def[i].buf[0] == 0 || strchr(def[i].buf, ' ') != NULL))
{
- int j;
result = string_catn(result, "\"", 1);
- for (j = 0; j < def[i].col_retlen; j++)
+ for (int j = 0; j < def[i].col_retlen; j++)
{
if (def[i].buf[j] == '\"' || def[i].buf[j] == '\\')
result = string_catn(result, "\\", 1);
PGconn *pg_conn = NULL;
PGresult *pg_result = NULL;
-int i;
gstring * result = NULL;
int yield = DEFER;
unsigned int num_fields, num_tuples;
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */
-for (i = 2; i >= 0; i--)
+for (int i = 2; i >= 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (!pp)
/* Get the fields and construct the result string. If there is more than one
row, we insert '\n' between them. */
-for (i = 0; i < num_tuples; i++)
+for (int i = 0; i < num_tuples; i++)
{
if (result)
result = string_catn(result, US"\n", 1);
result = string_catn(result,
US PQgetvalue(pg_result, i, 0), PQgetlength(pg_result, i, 0));
else
- {
- int j;
- for (j = 0; j < num_fields; j++)
+ for (int j = 0; j < num_fields; j++)
{
uschar *tmp = US PQgetvalue(pg_result, i, j);
result = lf_quote(US PQfname(pg_result, j), tmp, Ustrlen(tmp), result);
}
- }
}
/* If result is NULL then no data has been found and so we return FAIL. */
This copy is also used for debugging output. */
memset(sdata, 0, sizeof(sdata)) /* Set all to NULL */;
-for (i = 2; i > 0; i--)
+for (int i = 2; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
/* split string on whitespace into argv */
{
uschar * argv[32];
- int i;
const uschar * s = command;
- int siz, ptr;
+ int siz, ptr, i;
uschar c;
while (isspace(*s)) s++;
/* NOTE: For now support 1 nested array result. If needed a limitless
result can be parsed */
- for (i = 0; i < redis_reply->elements; i++)
+ for (int i = 0; i < redis_reply->elements; i++)
{
entry = redis_reply->element[i];
result = string_catn(result, US entry->str, entry->len);
break;
case REDIS_REPLY_ARRAY:
- for (j = 0; j < entry->elements; j++)
+ for (int j = 0; j < entry->elements; j++)
{
tentry = entry->element[j];
sqlite_callback(void *arg, int argc, char **argv, char **azColName)
{
gstring * res = *(gstring **)arg;
-int i;
/* For second and subsequent results, insert \n */
if (argc > 1)
{
/* For multiple fields, include the field name too */
- for (i = 0; i < argc; i++)
+ for (int i = 0; i < argc; i++)
{
uschar *value = US((argv[i] != NULL)? argv[i]:"<NULL>");
res = lf_quote(US azColName[i], value, Ustrlen(value), res);
options_from_list(optionlist * opts, unsigned nopt,
const uschar * section, uschar * group)
{
-int i;
const uschar * s;
uschar buf[64];
macros that have substrings are always discovered first during
expansion. */
-for (i = 0; i < nopt; i++) if (*(s = US opts[i].name) && *s != '*')
+for (int i = 0; i < nopt; i++) if (*(s = US opts[i].name) && *s != '*')
{
if (group)
spf(buf, sizeof(buf), CUS"_OPT_%T_%T_%T", section, group, s);
void
features_malware(void)
{
-const struct scan * sc;
const uschar * s;
uschar * t;
uschar buf[64];
spf(buf, sizeof(buf), US"_HAVE_MALWARE_");
-for (sc = m_scans; sc->scancode != -1; sc++)
+for (const struct scan * sc = m_scans; sc->scancode != -1; sc++)
{
- for(s = sc->name, t = buf+14; *s; s++) if (*s != '-') *t++ = toupper(*s);
+ for (s = sc->name, t = buf+14; *s; s++) if (*s != '-')
+ *t++ = toupper(*s);
*t = '\0';
builtin_macro_create(buf);
}
/* "virus(es) found" if virus number is > 0 */
if (drweb_vnum)
{
- int i;
gstring * g = NULL;
/* setup default virus name */
drweb_re = m_pcre_compile(drweb_re_str, &errstr);
/* read and concatenate virus names into one string */
- for (i = 0; i < drweb_vnum; i++)
+ for (int i = 0; i < drweb_vnum; i++)
{
int ovector[10*3];
#ifndef DISABLE_MAL_FSECURE
case M_FSEC: /* "fsecure" scanner type ---------------------------------- */
{
- int i, j, bread = 0;
+ int i, bread = 0;
uschar * file_name;
uschar av_buffer[1024];
static uschar *cmdopt[] = { US"CONFIGURE\tARCHIVE\t1\n",
return m_panic_defer_3(scanent, CUS callout_address,
string_sprintf("unable to read answer %d (%s)", i, strerror(errno)),
malware_daemon_ctx.sock);
- for (j = 0; j < bread; j++)
+ for (int j = 0; j < bread; j++)
if (av_buffer[j] == '\r' || av_buffer[j] == '\n')
av_buffer[j] ='@';
}
void
malware_show_supported(FILE * f)
{
-struct scan * sc;
fprintf(f, "Malware:");
-for (sc = m_scans; sc->scancode != (scanner_t)-1; sc++) fprintf(f, " %s", sc->name);
+for (struct scan * sc = m_scans; sc->scancode != (scanner_t)-1; sc++) fprintf(f, " %s", sc->name);
fprintf(f, "\n");
}
if (Ustrcmp(pattern, "@[]") == 0)
{
- ip_address_item *ip;
int slen = Ustrlen(s);
if (s[0] != '[' && s[slen-1] != ']') return FAIL;
- for (ip = host_find_interfaces(); ip != NULL; ip = ip->next)
+ for (ip_address_item * ip = host_find_interfaces(); ip; ip = ip->next)
if (Ustrncmp(ip->address, s+1, slen - 2) == 0
&& ip->address[slen - 2] == 0)
return OK;
if (valueptr)
{
const uschar *key = get_check_key(arg, type);
- namedlist_cacheblock *p;
- for (p = nb->cache_data; p; p = p->next)
+
+ for (namedlist_cacheblock * p = nb->cache_data; p; p = p->next)
if (Ustrcmp(key, p->key) == 0)
{
*valueptr = p->data;
if (pattern[0] == '@' && pattern[1] == '@')
{
int watchdog = 50;
- const uschar *key;
uschar *list, *ss;
uschar buffer[1024];
/* Loop for handling chains. The last item in any list may be of the form
">name" in order to chain on to another list. */
- for (key = sdomain + 1; key != NULL && watchdog-- > 0; )
+ for (const uschar * key = sdomain + 1; key && watchdog-- > 0; )
{
int sep = 0;
const uschar **listptr, unsigned int *cache_bits, int expand_setup, int sep,
const uschar **valueptr)
{
-uschar *p;
check_address_block ab;
unsigned int *local_cache_bits = cache_bits;
original address. */
sprintf(CS big_buffer, "%.*s", big_buffer_size - 1, address);
-for (p = big_buffer + Ustrlen(big_buffer) - 1; p >= big_buffer; p--)
+for (uschar * p = big_buffer + Ustrlen(big_buffer) - 1; p >= big_buffer; p--)
{
if (!caseless && *p == '@') break;
*p = tolower(*p);
header[num_copied] = '\0';
/* return 0 for EOF or empty line */
-if ((c == EOF) || (num_copied == 1))
- return 0;
-else
- return 1;
+return c == EOF || num_copied == 1 ? 0 : 1;
}
/* parse headers, set up expansion variables */
while (mime_get_header(f, header))
- {
- struct mime_header * mh;
/* look for interesting headers */
- for (mh = mime_header_list;
+ for (struct mime_header * mh = mime_header_list;
mh < mime_header_list + mime_header_list_size;
mh++) if (strncmpic(mh->name, header, mh->namelen) == 0)
{
while (*p)
{
- mime_parameter * mp;
-
DEBUG(D_acl) debug_printf_indent("MIME: considering paramlist '%s'\n", p);
if ( !mime_filename
else
/* look for interesting parameters */
- for (mp = mime_parameter_list;
+ for (mime_parameter * mp = mime_parameter_list;
mp < mime_parameter_list + nelem(mime_parameter_list);
mp++
) if (strncmpic(mp->name, p, mp->namelen) == 0)
}
}
}
- }
/* set additional flag variables (easier access) */
if ( mime_content_type
vfprintf(f, format, ap);
va_end(ap);
-if (addr != NULL)
+if (addr)
{
fprintf(f, "\nThe following address(es) have yet to be delivered:\n");
- for (; addr != NULL; addr = addr->next)
+ for (; addr; addr = addr->next)
{
- uschar *parent = (addr->parent == NULL)? NULL : addr->parent->address;
+ uschar * parent = addr->parent ? addr->parent->address : NULL;
fprintf(f, " %s", addr->address);
- if (parent != NULL) fprintf(f, " <%s>", parent);
+ if (parent) fprintf(f, " <%s>", parent);
if (addr->basic_errno > 0) fprintf(f, ": %s", strerror(addr->basic_errno));
- if (addr->message != NULL) fprintf(f, ": %s", addr->message);
+ if (addr->message) fprintf(f, ": %s", addr->message);
fprintf(f, "\n");
}
}
int pid, fd;
uschar *s, *t;
FILE *f;
-error_block *e;
-for (e = eblock; e != NULL; e = e->next)
- {
+for (error_block * e = eblock; e; e = e->next)
if (e->text2 != NULL)
log_write(0, LOG_MAIN, "%s router: skipped error: %s in \"%s\"",
rname, e->text1, e->text2);
else
log_write(0, LOG_MAIN, "%s router: skipped error: %s", rname,
e->text1);
- }
-if (syntax_errors_to == NULL) return TRUE;
+if (!syntax_errors_to) return TRUE;
-s = expand_string(syntax_errors_to);
-if (s == NULL)
+if (!(s = expand_string(syntax_errors_to)))
{
log_write(0, LOG_MAIN, "%s router failed to expand %s: %s", rname,
syntax_errors_to, expand_string_message);
fprintf(f, "To: %s\n", s);
fprintf(f, "Subject: error(s) in forwarding or filtering\n\n");
-if (custom != NULL)
+if (custom)
{
- t = expand_string(custom);
- if (t == NULL)
+ if (!(t = expand_string(custom)))
{
log_write(0, LOG_MAIN, "%s router failed to expand %s: %s", rname,
custom, expand_string_message);
fprintf(f, "The %s router encountered the following error(s):\n\n",
rname);
-for (e = eblock; e != NULL; e = e->next)
+for (error_block * e = eblock; e; e = e->next)
{
fprintf(f, " %s", e->text1);
if (e->text2 != NULL)
log_write(0, LOG_PANIC_DIE, "Unable to call getifaddrs: %d %s",
errno, strerror(errno));
-struct ifaddrs *ifa;
-for (ifa = ifalist; ifa != NULL; ifa = ifa->ifa_next)
+for (struct ifaddrs * ifa = ifalist; ifa; ifa = ifa->ifa_next)
{
if (ifa->ifa_addr->sa_family != AF_INET
#if HAVE_IPV6
ip_address_item *yield = NULL;
ip_address_item *last = NULL;
ip_address_item *next;
-char *cp;
char buf[MAX_INTERFACES*sizeof(struct V_ifreq)];
struct sockaddr *addrp;
size_t len = 0;
struct to some aligned memory before looking at the field in the fixed part to
find its length, and then recopy the correct length. */
-for (cp = buf; cp < buf + ifc.V_ifc_len; cp += len)
+for (char * cp = buf; cp < buf + ifc.V_ifc_len; cp += len)
{
memcpy(CS &ifreq, cp, sizeof(ifreq));
int
pdkim_hashname_to_hashtype(const uschar * s, unsigned len)
{
-int i;
if (!len) len = Ustrlen(s);
-for (i = 0; i < nelem(pdkim_hashes); i++)
+for (int i = 0; i < nelem(pdkim_hashes); i++)
if (Ustrncmp(s, pdkim_hashes[i].dkim_hashname, len) == 0)
return i;
return -1;
pdkim_cstring_to_canons(const uschar * s, unsigned len,
int * canon_head, int * canon_body)
{
-int i;
if (!len) len = Ustrlen(s);
-for (i = 0; pdkim_combined_canons[i].str; i++)
+for (int i = 0; pdkim_combined_canons[i].str; i++)
if ( Ustrncmp(s, pdkim_combined_canons[i].str, len) == 0
&& len == Ustrlen(pdkim_combined_canons[i].str))
{
void
pdkim_quoteprint(const uschar *data, int len)
{
-int i;
-for (i = 0; i < len; i++)
+for (int i = 0; i < len; i++)
{
const int c = data[i];
switch (c)
void
pdkim_hexprint(const uschar *data, int len)
{
-int i;
-if (data) for (i = 0 ; i < len; i++) debug_printf("%02x", data[i]);
+if (data) for (int i = 0 ; i < len; i++) debug_printf("%02x", data[i]);
else debug_printf("<NULL>");
debug_printf("\n");
}
{
BOOL past_field_name = FALSE;
BOOL seen_wsp = FALSE;
-const uschar * p;
uschar * relaxed = store_get(len+3);
uschar * q = relaxed;
-for (p = header; p - header < len; p++)
+for (const uschar * p = header; p - header < len; p++)
{
uschar c = *p;
pdkim_parse_sig_header(pdkim_ctx * ctx, uschar * raw_hdr)
{
pdkim_signature * sig;
-uschar *p, *q;
+uschar *q;
gstring * cur_tag = NULL;
gstring * cur_val = NULL;
BOOL past_hname = FALSE;
BOOL in_b_val = FALSE;
int where = PDKIM_HDR_LIMBO;
-int i;
sig = store_get(sizeof(pdkim_signature));
memset(sig, 0, sizeof(pdkim_signature));
q = sig->rawsig_no_b_val = store_get(Ustrlen(raw_hdr)+1);
-for (p = raw_hdr; ; p++)
+for (uschar * p = raw_hdr; ; p++)
{
char c = *p;
uschar * elem;
if ((elem = string_nextinlist(&list, &sep, NULL, 0)))
- for(i = 0; i < nelem(pdkim_keytypes); i++)
+ for (int i = 0; i < nelem(pdkim_keytypes); i++)
if (Ustrcmp(elem, pdkim_keytypes[i]) == 0)
{ sig->keytype = i; break; }
if ((elem = string_nextinlist(&list, &sep, NULL, 0)))
- for (i = 0; i < nelem(pdkim_hashes); i++)
+ for (int i = 0; i < nelem(pdkim_hashes); i++)
if (Ustrcmp(elem, pdkim_hashes[i].dkim_hashname) == 0)
{ sig->hashtype = i; break; }
}
&sig->canon_headers, &sig->canon_body);
break;
case 'q': /* Query method (for pubkey)*/
- for (i = 0; pdkim_querymethods[i]; i++)
+ for (int i = 0; pdkim_querymethods[i]; i++)
if (Ustrcmp(cur_val->s, pdkim_querymethods[i]) == 0)
{
sig->querymethod = i; /* we never actually use this */
if (!relaxed_data)
{
BOOL seen_wsp = FALSE;
- const uschar * p, * r;
int q = 0;
/* We want to be able to free this else we allocate
relaxed_data = store_malloc(sizeof(blob) + orig_data->len+1);
relaxed_data->data = US (relaxed_data+1);
- for (p = orig_data->data, r = p + orig_data->len; p < r; p++)
+ for (const uschar * p = orig_data->data, * r = p + orig_data->len; p < r; p++)
{
char c = *p;
if (c == '\r')
static void
pdkim_finish_bodyhash(pdkim_ctx * ctx)
{
-pdkim_bodyhash * b;
-pdkim_signature * sig;
-
-for (b = ctx->bodyhash; b; b = b->next) /* Finish hashes */
+for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next) /* Finish hashes */
{
DEBUG(D_acl) debug_printf("PDKIM: finish bodyhash %d/%d/%ld len %ld\n",
b->hashtype, b->canon_method, b->bodylength, b->signed_body_bytes);
}
/* Traverse all signatures */
-for (sig = ctx->sig; sig; sig = sig->next)
+for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next)
{
- b = sig->calc_body_hash;
+ pdkim_bodyhash * b = sig->calc_body_hash;
DEBUG(D_acl)
{
static void
pdkim_body_complete(pdkim_ctx * ctx)
{
-pdkim_bodyhash * b;
-
/* In simple body mode, if any empty lines were buffered,
replace with one. rfc 4871 3.4.3 */
/*XXX checking the signed-body-bytes is a gross hack; I think
it indicates that all linebreaks should be buffered, including
the one terminating a text line */
-for (b = ctx->bodyhash; b; b = b->next)
+for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next)
if ( b->canon_method == PDKIM_CANON_SIMPLE
&& b->signed_body_bytes == 0
&& b->num_buffered_blanklines > 0
pdkim_bodyline_complete(pdkim_ctx * ctx)
{
blob line = {.data = ctx->linebuf, .len = ctx->linebuf_offset};
-pdkim_bodyhash * b;
blob * rnl = NULL;
blob * rline = NULL;
/* Empty lines need to be buffered until we find a non-empty line */
if (memcmp(line.data, "\r\n", 2) == 0)
{
- for (b = ctx->bodyhash; b; b = b->next) b->num_buffered_blanklines++;
+ for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next)
+ b->num_buffered_blanklines++;
goto all_skip;
}
/* Process line for each bodyhash separately */
-for (b = ctx->bodyhash; b; b = b->next)
+for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next)
{
if (b->canon_method == PDKIM_CANON_RELAXED)
{
static int
pdkim_header_complete(pdkim_ctx * ctx)
{
-pdkim_signature * sig, * last_sig;
-
-/* Special case: The last header can have an extra \r appended */
if ( (ctx->cur_header->ptr > 1) &&
(ctx->cur_header->s[ctx->cur_header->ptr-1] == '\r') )
--ctx->cur_header->ptr;
/* SIGNING -------------------------------------------------------------- */
if (ctx->flags & PDKIM_MODE_SIGN)
- for (sig = ctx->sig; sig; sig = sig->next) /* Traverse all signatures */
+ for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next) /* Traverse all signatures */
/* Add header to the signed headers list (in reverse order) */
sig->headers = pdkim_prepend_stringlist(sig->headers, ctx->cur_header->s);
DKIM_SIGNATURE_HEADERNAME,
Ustrlen(DKIM_SIGNATURE_HEADERNAME)) == 0)
{
+ pdkim_signature * sig, * last_sig;
/* Create and chain new signature block. We could error-check for all
required tags here, but prefer to create the internal sig and expicitly
fail verification of it later. */
DLLEXPORT int
pdkim_feed(pdkim_ctx * ctx, uschar * data, int len)
{
-int p, rc;
-
/* Alternate EOD signal, used in non-dotstuffing mode */
if (!data)
pdkim_body_complete(ctx);
-else for (p = 0; p < len; p++)
+else for (int p = 0; p < len; p++)
{
uschar c = data[p];
+ int rc;
if (ctx->flags & PDKIM_PAST_HDRS)
{
if (sig->keytype < 0)
{
- int i;
- for(i = 0; i < nelem(pdkim_keytypes); i++)
+ for(int i = 0; i < nelem(pdkim_keytypes); i++)
if (Ustrcmp(p->keytype, pdkim_keytypes[i]) == 0)
{ sig->keytype = i; goto k_ok; }
DEBUG(D_acl) debug_printf("verify_init: unhandled keytype %s\n", p->keytype);
pdkim_feed_finish(pdkim_ctx * ctx, pdkim_signature ** return_signatures,
const uschar ** err)
{
-pdkim_bodyhash * b;
-pdkim_signature * sig;
BOOL verify_pass = FALSE;
/* Check if we must still flush a (partial) header. If that is the
if ((rc = pdkim_header_complete(ctx)) != PDKIM_OK)
return rc;
- for (b = ctx->bodyhash; b; b = b->next)
+ for (pdkim_bodyhash * b = ctx->bodyhash; b; b = b->next)
rnl = pdkim_update_ctx_bodyhash(b, &lineending, rnl);
if (rnl) store_free(rnl);
}
return PDKIM_OK;
}
-for (sig = ctx->sig; sig; sig = sig->next)
+for (pdkim_signature * sig = ctx->sig; sig; sig = sig->next)
{
hctx hhash_ctx;
uschar * sig_hdr = US"";
if (ctx->flags & PDKIM_MODE_SIGN)
{
gstring * g = NULL;
- pdkim_stringlist *p;
const uschar * l;
uschar * s;
int sep = 0;
}
sig->keytype = sctx.keytype;
- for (sig->headernames = NULL, /* Collected signed header names */
- p = sig->headers; p; p = p->next)
+ sig->headernames = NULL; /* Collected signed header names */
+ for (pdkim_stringlist * p = sig->headers; p; p = p->next)
{
uschar * rh = p->value;
{
uschar * p = sig->headernames;
uschar * q;
- pdkim_stringlist * hdrs;
if (p)
{
/* clear tags */
- for (hdrs = ctx->headers; hdrs; hdrs = hdrs->next)
+ for (pdkim_stringlist * hdrs = ctx->headers; hdrs; hdrs = hdrs->next)
hdrs->tag = 0;
p = string_copy(p);
*q = '\0';
/*XXX walk the list of headers in same order as received. */
- for (hdrs = ctx->headers; hdrs; hdrs = hdrs->next)
+ for (pdkim_stringlist * hdrs = ctx->headers; hdrs; hdrs = hdrs->next)
if ( hdrs->tag == 0
&& strncasecmp(CCS hdrs->value, CCS p, Ustrlen(p)) == 0
&& (hdrs->value)[Ustrlen(p)] == ':'
else
{
- int j;
next->next = NULL;
- for (j = 0; j < LOG2_MAXNODES; j++)
+ for (int j = 0; j < LOG2_MAXNODES; j++)
if (root[j])
{
next = merge_queue_lists(next, root[j]);
const pcre *selectstring_regex_sender = NULL;
uschar *log_detail = NULL;
int subcount = 0;
-int i;
uschar subdirs[64];
/* Cancel any specific queue domains. Turn off the flag that causes SMTP
When the first argument of queue_get_spool_list() is -1 (for queue_run_in_
order), it scans all directories and makes a single message list. */
-for (i = queue_run_in_order ? -1 : 0;
+for (int i = queue_run_in_order ? -1 : 0;
i <= (queue_run_in_order ? -1 : subcount);
i++)
{
- queue_filename * fq;
void *reset_point1 = store_get(0);
DEBUG(D_queue_run)
debug_printf("queue running subdirectory '%c'\n", subdirs[i]);
}
- for (fq = queue_get_spool_list(i, subdirs, &subcount, !queue_run_in_order);
- fq;
- fq = fq->next)
+ for (queue_filename * fq = queue_get_spool_list(i, subdirs, &subcount,
+ !queue_run_in_order);
+ fq; fq = fq->next)
{
pid_t pid;
int status;
sub-directories have been found, randomize their order if necessary. */
if (i == 0 && subcount > 1 && !queue_run_in_order)
- {
- int j, r;
- for (j = 1; j <= subcount; j++)
+ for (int j = 1; j <= subcount; j++)
+ {
+ int r;
if ((r = random_number(100)) >= 50)
{
int k = (r % subcount) + 1;
subdirs[j] = subdirs[k];
subdirs[k] = x;
}
- }
+ }
} /* End loop for multiple directories */
/* If queue_2stage is true, we do it all again, with the 2stage flag
{
int subcount;
int count = 0;
-queue_filename *f = NULL;
uschar subdirs[64];
-f = queue_get_spool_list(
- -1, /* entire queue */
- subdirs, /* for holding sub list */
- &subcount, /* for subcount */
- FALSE); /* not random */
-for (; f != NULL; f = f->next) count++;
+
+for (queue_filename *f = queue_get_spool_list(
+ -1, /* entire queue */
+ subdirs, /* for holding sub list */
+ &subcount, /* for subcount */
+ FALSE); /* not random */
+ f; f = f->next) count++;
fprintf(stdout, "%d\n", count);
}
void
queue_list(int option, uschar **list, int count)
{
-int i;
int subcount;
int now = (int)time(NULL);
void *reset_point;
if (count > 0)
{
queue_filename *last = NULL;
- for (i = 0; i < count; i++)
+ for (int i = 0; i < count; i++)
{
queue_filename *next =
store_get(sizeof(queue_filename) + Ustrlen(list[i]) + 2);
if (env_read)
{
- int ptr;
+ int i, ptr;
FILE *jread;
struct stat statbuf;
uschar * fname = spool_fname(US"input", message_subdir, qf->text, US"");
}
fprintf(stdout, "%s ", string_format_size(size, big_buffer));
- for (i = 0; i < 16; i++) fputc(qf->text[i], stdout);
+ for (int i = 0; i < 16; i++) fputc(qf->text[i], stdout);
if (env_read && sender_address)
{
if (recipients_list)
{
- for (i = 0; i < recipients_count; i++)
+ for (int i = 0; i < recipients_count; i++)
{
tree_node *delivered =
tree_search(tree_nonrecipients, recipients_list[i].address);
BOOL
queue_action(uschar *id, int action, uschar **argv, int argc, int recipients_arg)
{
-int i, j;
BOOL yield = TRUE;
BOOL removed = FALSE;
struct passwd *pw;
if (action >= MSG_SHOW_BODY)
{
- int fd, i, rc;
+ int fd, rc;
uschar *subdirectory, *suffix;
if (!f.admin_user)
suffix = US"";
}
- for (i = 0; i < 2; i++)
+ for (int i = 0; i < 2; i++)
{
message_subdir[0] = split_spool_directory == (i == 0) ? id[5] : 0;
if ((fd = Uopen(spool_fname(subdirectory, message_subdir, id, suffix),
suffix[2] = 0;
message_subdir[0] = id[5];
- for (j = 0; j < 2; message_subdir[0] = 0, j++)
+ for (int j = 0; j < 2; message_subdir[0] = 0, j++)
{
uschar * fname = spool_fname(US"msglog", message_subdir, id, US"");
DEBUG(D_any) debug_printf(" (ok)\n");
}
- for (i = 0; i < 3; i++)
+ for (int i = 0; i < 3; i++)
{
uschar * fname;
if (removed)
{
#ifndef DISABLE_EVENT
- for (i = 0; i < recipients_count; i++)
+ for (int i = 0; i < recipients_count; i++)
{
tree_node *delivered =
tree_search(tree_nonrecipients, recipients_list[i].address);
case MSG_MARK_ALL_DELIVERED:
- for (i = 0; i < recipients_count; i++)
+ for (int i = 0; i < recipients_count; i++)
tree_add_nonrecipient(recipients_list[i].address);
if (spool_write_header(id, SW_MODIFYING, &errmsg) >= 0)
{
printf("has been modified\n");
- for (i = 0; i < recipients_count; i++)
+ for (int i = 0; i < recipients_count; i++)
log_write(0, LOG_MAIN, "address <%s> marked delivered by %s",
recipients_list[i].address, username);
}
}
else if (action == MSG_MARK_DELIVERED)
{
+ int i;
for (i = 0; i < recipients_count; i++)
if (Ustrcmp(recipients_list[i].address, recipient) == 0) break;
if (i >= recipients_count)
match_tag(const uschar *s, const uschar *tag)
{
for (; *tag != 0; s++, tag++)
- {
if (*tag == ' ')
{
while (*s == ' ' || *s == '\t') s++;
s--;
}
- else if (tolower(*s) != tolower(*tag)) break;
- }
+ else
+ if (tolower(*s) != tolower(*tag)) break;
+
return (*tag == 0);
}
if (rdata->pw != NULL && statbuf.st_uid == rdata->pw->pw_uid)
uid_ok = TRUE;
else if (rdata->owners != NULL)
- {
- int i;
- for (i = 1; i <= (int)(rdata->owners[0]); i++)
+ for (int i = 1; i <= (int)(rdata->owners[0]); i++)
if (rdata->owners[i] == statbuf.st_uid) { uid_ok = TRUE; break; }
- }
}
if (!gid_ok)
if (rdata->pw != NULL && statbuf.st_gid == rdata->pw->pw_gid)
gid_ok = TRUE;
else if (rdata->owngroups != NULL)
- {
- int i;
- for (i = 1; i <= (int)(rdata->owngroups[0]); i++)
+ for (int i = 1; i <= (int)(rdata->owngroups[0]); i++)
if (rdata->owngroups[i] == statbuf.st_gid) { gid_ok = TRUE; break; }
- }
}
if (!uid_ok || !gid_ok)
/* Pass back the contents of any syntax error blocks if we have a pointer */
- if (eblockp != NULL)
+ if (eblockp)
{
- error_block *ep;
- for (ep = *eblockp; ep != NULL; ep = ep->next)
+ for (error_block * ep = *eblockp; ep; ep = ep->next)
if ( rda_write_string(fd, ep->text1) != 0
|| rda_write_string(fd, ep->text2) != 0
)
if (f.system_filtering)
{
int i = 0;
- header_line *h;
- for (h = header_list; h != waslast->next; i++, h = h->next)
+ for (header_line * h = header_list; h != waslast->next; i++, h = h->next)
if ( h->type == htype_old
&& write(fd, &i, sizeof(i)) != sizeof(i)
)
if (yield == FF_DELIVERED || yield == FF_NOTDELIVERED ||
yield == FF_FAIL || yield == FF_FREEZE)
{
- address_item *addr;
- for (addr = *generated; addr; addr = addr->next)
+ for (address_item * addr = *generated; addr; addr = addr->next)
{
int reply_options = 0;
int ig_err = addr->prop.ignore_error ? 1 : 0;
goto bad;
if (addr->pipe_expandn)
- {
- uschar **pp;
- for (pp = addr->pipe_expandn; *pp; pp++)
+ for (uschar ** pp = addr->pipe_expandn; *pp; pp++)
if (rda_write_string(fd, *pp) != 0)
goto bad;
- }
if (rda_write_string(fd, NULL) != 0)
goto bad;
if (eblockp)
{
error_block *e;
- error_block **p;
- for (p = eblockp; ; p = &e->next)
+ for (error_block ** p = eblockp; ; p = &e->next)
{
uschar *s;
if (!rda_read_string(fd, &s)) goto DISASTER;
void
options_auths(void)
{
-struct auth_info * ai;
uschar buf[64];
options_from_list(optionlist_auths, optionlist_auths_size, US"AUTHENTICATORS", NULL);
-for (ai = auths_available; ai->driver_name[0]; ai++)
+for (struct auth_info * ai = auths_available; ai->driver_name[0]; ai++)
{
spf(buf, sizeof(buf), US"_DRIVER_AUTHENTICATOR_%T", ai->driver_name);
builtin_macro_create(buf);
void
options_logging(void)
{
-bit_table * bp;
uschar buf[64];
-for (bp = log_options; bp < log_options + log_options_count; bp++)
+for (bit_table * bp = log_options; bp < log_options + log_options_count; bp++)
{
spf(buf, sizeof(buf), US"_LOG_%T", bp->name);
builtin_macro_create(buf);
uschar *
readconf_find_option(void *p)
{
-int i;
-router_instance *r;
-transport_instance *t;
-
-for (i = 0; i < nelem(optionlist_config); i++)
+for (int i = 0; i < nelem(optionlist_config); i++)
if (p == optionlist_config[i].value) return US optionlist_config[i].name;
-for (r = routers; r; r = r->next)
+for (router_instance * r = routers; r; r = r->next)
{
router_info *ri = r->info;
- for (i = 0; i < *ri->options_count; i++)
+ for (int i = 0; i < *ri->options_count; i++)
{
if ((ri->options[i].type & opt_mask) != opt_stringptr) continue;
if (p == CS (r->options_block) + (long int)(ri->options[i].value))
}
}
-for (t = transports; t; t = t->next)
+for (transport_instance * t = transports; t; t = t->next)
{
transport_info *ti = t->info;
- for (i = 0; i < *ti->options_count; i++)
+ for (int i = 0; i < *ti->options_count; i++)
{
optionlist * op = &ti->options[i];
if ((op->type & opt_mask) != opt_stringptr) continue;
{
uschar * ss = big_buffer + len;
uschar * s;
-macro_item * m;
/* Find the true start of the physical line - leading spaces are always
ignored. */
replacing all occurrences of the macro. */
*macro_found = FALSE;
-if (*s) for (m = *s == '_' ? macros : macros_user; m; m = m->next)
+if (*s) for (macro_item * m = *s == '_' ? macros : macros_user; m; m = m->next)
{
uschar * p, *pp;
uschar * t;
{
int ptr = 0;
int offset = 0;
-int n, count, type, value;
+int count, type, value;
int issecure = 0;
uid_t uid;
gid_t gid;
it turns out that what we read was "hide", set the flag indicating that
this is a secure option, and loop to read the next word. */
-for (n = 0; n < 2; n++)
+for (int n = 0; n < 2; n++)
{
while (isalnum(*s) || *s == '_')
{
if (!no_labels) printf("%s =", name);
if (uidlist)
{
- int i;
uschar sep = no_labels ? '\0' : ' ';
- for (i = 1; i <= (int)(uidlist[0]); i++)
+ for (int i = 1; i <= (int)(uidlist[0]); i++)
{
uschar *name = NULL;
if ((pw = getpwuid(uidlist[i]))) name = US pw->pw_name;
if (!no_labels) printf("%s =", name);
if (gidlist)
{
- int i;
uschar sep = no_labels ? '\0' : ' ';
- for (i = 1; i <= (int)(gidlist[0]); i++)
+ for (int i = 1; i <= (int)(gidlist[0]); i++)
{
uschar *name = NULL;
if ((gr = getgrgid(gidlist[i]))) name = US gr->gr_name;
case opt_timelist:
{
- int i;
int *list = (int *)value;
if (!no_labels) printf("%s = ", name);
- for (i = 0; i < list[1]; i++)
+ for (int i = 0; i < list[1]; i++)
printf("%s%s", i == 0 ? "" : ":", readconf_printtime(list[i+2]));
printf("\n");
}
readconf_print(uschar *name, uschar *type, BOOL no_labels)
{
BOOL names_only = FALSE;
-optionlist *ol;
optionlist *ol2 = NULL;
driver_instance *d = NULL;
-macro_item *m;
int size = 0;
if (!type)
{
if (*name == '+')
{
- int i;
tree_node *t;
BOOL found = FALSE;
static uschar *types[] = { US"address", US"domain", US"host",
static tree_node **anchors[] = { &addresslist_anchor, &domainlist_anchor,
&hostlist_anchor, &localpartlist_anchor };
- for (i = 0; i < 4; i++)
+ for (int i = 0; i < 4; i++)
if ((t = tree_search(*(anchors[i]), name+1)))
{
found = TRUE;
if (Ustrcmp(name, "all") == 0)
{
- for (ol = optionlist_config;
+ for (optionlist * ol = optionlist_config;
ol < optionlist_config + nelem(optionlist_config); ol++)
if (!(ol->type & opt_hidden))
(void) print_ol(ol, US ol->name, NULL,
printf("local_scan() options are not supported\n");
return FALSE;
#else
- for (ol = local_scan_options;
+ for (optionlist * ol = local_scan_options;
ol < local_scan_options + local_scan_options_count; ol++)
(void) print_ol(ol, US ol->name, NULL, local_scan_options,
local_scan_options_count, no_labels);
fprintf(stderr, "exim: permission denied\n");
return FALSE;
}
- for (m = macros; m; m = m->next)
+ for (macro_item * m = macros; m; m = m->next)
if (!name || Ustrcmp(name, m->name) == 0)
{
if (names_only)
printf("\n%s %s:\n", d->name, type);
else if (Ustrcmp(d->name, name) != 0) continue;
- for (ol = ol2; ol < ol2 + size; ol++)
+ for (optionlist * ol = ol2; ol < ol2 + size; ol++)
if (!(ol->type & opt_hidden))
rc |= print_ol(ol, US ol->name, d, ol2, size, no_labels);
- for (ol = d->info->options;
+ for (optionlist * ol = d->info->options;
ol < d->info->options + *(d->info->options_count); ol++)
if (!(ol->type & opt_hidden))
rc |= print_ol(ol, US ol->name, d, d->info->options,
init_driver(driver_instance *d, driver_info *drivers_available,
int size_of_info, uschar *class)
{
-driver_info *dd;
-
-for (dd = drivers_available; dd->driver_name[0] != 0;
+for (driver_info * dd = drivers_available; dd->driver_name[0] != 0;
dd = (driver_info *)((US dd) + size_of_info))
- {
if (Ustrcmp(d->driver_name, dd->driver_name) == 0)
{
- int i;
int len = dd->options_len;
d->info = dd;
d->options_block = store_get(len);
memcpy(d->options_block, dd->options_block, len);
- for (i = 0; i < *(dd->options_count); i++)
+ for (int i = 0; i < *(dd->options_count); i++)
dd->options[i].type &= ~opt_set;
return dd;
}
- }
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
"%s %s: cannot find %s driver \"%s\"", class, d->name, class, d->driver_name);
if (*s++ == ':')
{
- int i;
-
/* Finish off initializing the previous driver. */
if (d)
/* Clear out the "set" bits in the generic options */
- for (i = 0; i < driver_optionlist_count; i++)
+ for (int i = 0; i < driver_optionlist_count; i++)
driver_optionlist[i].type &= ~opt_set;
/* Check nothing more on this line, then do the next loop iteration. */
readconf_depends(driver_instance *d, uschar *s)
{
int count = *(d->info->options_count);
-optionlist *ol;
uschar *ss;
-for (ol = d->info->options; ol < d->info->options + count; ol++)
+for (optionlist * ol = d->info->options; ol < d->info->options + count; ol++)
{
void *options_block;
uschar *value;
static void
auths_init(void)
{
-auth_instance *au, *bu;
#ifdef EXPERIMENTAL_PIPE_CONNECT
int nauths = 0;
#endif
optionlist_auths, /* generic options */
optionlist_auths_size);
-for (au = auths; au; au = au->next)
+for (auth_instance * au = auths; au; au = au->next)
{
if (!au->public_name)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "no public name specified for "
"the %s authenticator", au->name);
- for (bu = au->next; bu; bu = bu->next)
+ for (auth_instance * bu = au->next; bu; bu = bu->next)
if (strcmpic(au->public_name, bu->public_name) == 0)
if ((au->client && bu->client) || (au->server && bu->server))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "two %s authenticators "
void
print_config(BOOL admin, BOOL terse)
{
-config_line_item *i;
const int TS = terse ? 0 : 2;
int indent = 0;
-for (i = config_lines; i; i = i->next)
+for (config_line_item * i = config_lines; i; i = i->next)
{
uschar *current;
uschar *p;
BOOL
receive_remove_recipient(uschar *recipient)
{
-int count;
DEBUG(D_receive) debug_printf("receive_remove_recipient(\"%s\") called\n",
recipient);
-for (count = 0; count < recipients_count; count++)
- {
+for (int count = 0; count < recipients_count; count++)
if (Ustrcmp(recipients_list[count].address, recipient) == 0)
{
if ((--recipients_count - count) > 0)
(recipients_count - count)*sizeof(recipient_item));
return TRUE;
}
- }
return FALSE;
}
static void
add_acl_headers(int where, uschar *acl_name)
{
-header_line *h, *next;
header_line *last_received = NULL;
switch(where)
{
DEBUG(D_receive|D_acl) debug_printf_indent(">>Headers removed by %s ACL:\n", acl_name);
- for (h = header_list; h; h = h->next) if (h->type != htype_old)
+ for (header_line * h = header_list; h; h = h->next) if (h->type != htype_old)
{
const uschar * list = acl_removed_headers;
int sep = ':'; /* This is specified as a colon-separated list */
if (!acl_added_headers) return;
DEBUG(D_receive|D_acl) debug_printf_indent(">>Headers added by %s ACL:\n", acl_name);
-for (h = acl_added_headers; h; h = next)
+for (header_line * h = acl_added_headers, * next; h; h = next)
{
next = h->next;
FILE *mbox_file;
uschar * rfc822_file_path = NULL;
unsigned long mbox_size;
-header_line *my_headerlist;
uschar *user_msg, *log_msg;
int mime_part_count_buffer = -1;
uschar * mbox_filename;
/* check if it is a MIME message */
-for (my_headerlist = header_list; my_headerlist; my_headerlist = my_headerlist->next)
+for (header_line * my_headerlist = header_list; my_headerlist;
+ my_headerlist = my_headerlist->next)
if ( my_headerlist->type != '*' /* skip deleted headers */
&& strncmpic(my_headerlist->text, US"Content-Type:", 13) == 0
)
/* Working header pointers */
-header_line *h, *next;
+header_line *next;
/* Flags for noting the existence of certain headers (only one left) */
the line, stomp on them here. */
if (had_zero > 0)
- for (p = next->text; p < next->text + ptr; p++) if (*p == 0) *p = '?';
+ for (uschar * p = next->text; p < next->text + ptr; p++) if (*p == 0)
+ *p = '?';
/* It is perfectly legal to have an empty continuation line
at the end of a header, but it is confusing to humans
DEBUG(D_receive)
{
debug_printf(">>Headers received:\n");
- for (h = header_list->next; h; h = h->next)
+ for (header_line * h = header_list->next; h; h = h->next)
debug_printf("%s", h->text);
debug_printf("\n");
}
/* Scan the headers to identify them. Some are merely marked for later
processing; some are dealt with here. */
-for (h = header_list->next; h; h = h->next)
+for (header_line * h = header_list->next; h; h = h->next)
{
BOOL is_resent = strncmpic(h->text, US"resent-", 7) == 0;
if (is_resent) contains_resent_headers = TRUE;
/* Now scan the headers */
- for (h = header_list->next; h; h = h->next)
+ for (header_line * h = header_list->next; h; h = h->next)
{
if ((h->type == htype_to || h->type == htype_cc || h->type == htype_bcc) &&
(!contains_resent_headers || strncmpic(h->text, US"resent-", 7) == 0))
while (*s != 0)
{
uschar *ss = parse_find_address_end(s, FALSE);
- uschar *recipient, *errmess, *p, *pp;
+ uschar *recipient, *errmess, *pp;
int start, end, domain;
/* Check on maximum */
of the header. */
pp = recipient = store_get(ss - s + 1);
- for (p = s; p < ss; p++) if (*p != '\n') *pp++ = *p;
+ for (uschar * p = s; p < ss; p++) if (*p != '\n') *pp++ = *p;
*pp = 0;
#ifdef SUPPORT_I18N
if ( !msgid_header
&& ((!sender_host_address && !f.suppress_local_fixups) || f.submission_mode))
{
- uschar *p;
uschar *id_text = US"";
uschar *id_domain = primary_hostname;
else if (*new_id_domain)
{
id_domain = new_id_domain;
- for (p = id_domain; *p; p++)
+ for (uschar * p = id_domain; *p; p++)
if (!isalnum(*p) && *p != '.') *p = '-'; /* No need to test '-' ! */
}
}
else if (*new_id_text)
{
id_text = new_id_text;
- for (p = id_text; *p; p++) if (mac_iscntrl_or_special(*p)) *p = '-';
+ for (uschar * p = id_text; *p; p++) if (mac_iscntrl_or_special(*p)) *p = '-';
}
}
if (LOGGING(received_recipients))
{
raw_recipients = store_get(recipients_count * sizeof(uschar *));
- for (i = 0; i < recipients_count; i++)
+ for (int i = 0; i < recipients_count; i++)
raw_recipients[i] = string_copy(recipients_list[i].address);
raw_recipients_count = recipients_count;
}
recipients will get here only if the conditions were right (allow_unqualified_
recipient is TRUE). */
-for (i = 0; i < recipients_count; i++)
+for (int i = 0; i < recipients_count; i++)
recipients_list[i].address =
rewrite_address(recipients_list[i].address, TRUE, TRUE,
global_rewrite_rules, rewrite_existflags);
documented as happening *after* recipient addresses are taken from the headers
by the -t command line option. An added Sender: gets rewritten here. */
-for (h = header_list->next; h; h = h->next)
+for (header_line * h = header_list->next; h; h = h->next)
{
header_line *newh = rewrite_header(h, NULL, NULL, global_rewrite_rules,
rewrite_existflags, TRUE);
DEBUG(D_receive)
{
debug_printf(">>Headers after rewriting and local additions:\n");
- for (h = header_list->next; h; h = h->next)
+ for (header_line * h = header_list->next; h; h = h->next)
debug_printf("%c %s", h->type, h->text);
debug_printf("\n");
}
if (recipients_count == 0) debug_printf("*** No recipients\n");
if (bad_addresses)
{
- error_block * eblock;
debug_printf("*** Bad address(es)\n");
- for (eblock = bad_addresses; eblock; eblock = eblock->next)
+ for (error_block * eblock = bad_addresses; eblock; eblock = eblock->next)
debug_printf(" %s: %s\n", eblock->text1, eblock->text2);
}
}
#ifndef DISABLE_PRDR
if (prdr_requested && recipients_count > 1 && acl_smtp_data_prdr)
{
- unsigned int c;
int all_pass = OK;
int all_fail = FAIL;
smtp_printf("353 PRDR content analysis beginning\r\n", TRUE);
/* Loop through recipients, responses must be in same order received */
- for (c = 0; recipients_count > c; c++)
+ for (unsigned int c = 0; recipients_count > c; c++)
{
uschar * addr= recipients_list[c].address;
uschar * msg= US"PRDR R=<%s> %s";
if (rc == LOCAL_SCAN_ACCEPT)
{
if (local_scan_data)
- {
- uschar *s;
- for (s = local_scan_data; *s != 0; s++) if (*s == '\n') *s = ' ';
- }
- for (i = 0; i < recipients_count; i++)
+ for (uschar * s = local_scan_data; *s != 0; s++) if (*s == '\n') *s = ' ';
+ for (int i = 0; i < recipients_count; i++)
{
recipient_item *r = recipients_list + i;
r->address = rewrite_address_qualify(r->address, TRUE);
- if (r->errors_to != NULL)
+ if (r->errors_to)
r->errors_to = rewrite_address_qualify(r->errors_to, TRUE);
}
- if (recipients_count == 0 && blackholed_by == NULL)
+ if (recipients_count == 0 && !blackholed_by)
blackholed_by = US"local_scan";
}
if (host_checking || blackholed_by)
{
- header_line *h;
Uunlink(spool_name);
msg_size = 0; /* Compute size for log line */
- for (h = header_list; h; h = h->next)
+ for (header_line * h = header_list; h; h = h->next)
if (h->type != '*') msg_size += h->slen;
}
if (LOGGING(subject) && subject_header)
{
- int i;
uschar *p = big_buffer;
uschar *ss = expand_string(US"$h_subject:");
a C-like string, and turn any non-printers into escape sequences. */
*p++ = '\"';
- if (*ss != 0) for (i = 0; i < 100 && ss[i] != 0; i++)
+ if (*ss != 0) for (int i = 0; i < 100 && ss[i] != 0; i++)
{
if (ss[i] == '\"' || ss[i] == '\\') *p++ = '\\';
*p++ = ss[i];
static int
matcher(pcre_list * re_list_head, uschar * linebuffer, int len)
{
-pcre_list * ri;
-
-for(ri = re_list_head; ri; ri = ri->next)
+for(pcre_list * ri = re_list_head; ri; ri = ri->next)
{
int ovec[3*(REGEX_VARS+1)];
- int n, nn;
+ int n;
/* try matcher on the line */
- n = pcre_exec(ri->re, NULL, CS linebuffer, len, 0, 0, ovec, nelem(ovec));
- if (n > 0)
+ if ((n = pcre_exec(ri->re, NULL, CS linebuffer, len, 0, 0, ovec, nelem(ovec))) > 0)
{
Ustrncpy(regex_match_string_buffer, ri->pcre_text,
sizeof(regex_match_string_buffer)-1);
regex_match_string = regex_match_string_buffer;
- for (nn = 1; nn < n; nn++)
+ for (int nn = 1; nn < n; nn++)
regex_vars[nn-1] =
string_copyn(linebuffer + ovec[nn*2], ovec[nn*2+1] - ovec[nn*2]);
open_db dbblock;
open_db *dbm_file = NULL;
time_t now = time(NULL);
-int i;
DEBUG(D_retry) debug_printf("Processing retry items\n");
Deferred addresses must be handled after failed ones, because some may be moved
to the failed chain if they have timed out. */
-for (i = 0; i < 3; i++)
+for (int i = 0; i < 3; i++)
{
address_item *endaddr, *addr;
address_item *last_first = NULL;
while ((endaddr = *paddr))
{
BOOL timed_out = FALSE;
- retry_item *rti;
for (addr = endaddr; addr; addr = addr->parent)
{
/* Loop for each retry item. */
- for (rti = addr->retries; rti; rti = rti->next)
+ for (retry_item * rti = addr->retries; rti; rti = rti->next)
{
uschar *message;
int message_length, message_space, failing_interval, next_try;
rewrite_one(uschar *s, int flag, BOOL *whole, BOOL add_header, uschar *name,
rewrite_rule *rewrite_rules)
{
-rewrite_rule *rule;
uschar *yield = s;
uschar *subject = s;
uschar *domain = NULL;
/* Scan the rewriting rules */
-for (rule = rewrite_rules;
- rule != NULL && !done;
- rule_number++, rule = rule->next)
+for (rewrite_rule * rule = rewrite_rules; rule; rule_number++, rule = rule->next)
{
int start, end, pdomain;
int count = 0;
if (LOGGING(address_rewrite) || (debug_selector & D_rewrite) != 0)
{
- int i;
const uschar *where = CUS"?";
- for (i = 0; i < where_list_size; i++)
- {
+ for (int i = 0; i < where_list_size; i++)
if (flag == where_list[i].bit)
{
where = where_list[i].string;
break;
}
- }
log_write(L_address_rewrite,
LOG_MAIN, "\"%s\" from %s rewritten as \"%s\" by rule %d",
yield, where, new, rule_number);
_are_ rewritten so as to avoid runaway store usage for these kinds of header.
We want to avoid keeping store for any intermediate versions. */
-while (*s != 0)
+while (*s)
{
uschar *sprev;
uschar *ss = parse_find_address_end(s, FALSE);
/* There isn't much we can do for syntactic disasters at this stage.
Pro tem (possibly for ever) ignore them. */
- if (recipient == NULL)
+ if (!recipient)
{
store_reset(loop_reset_point);
continue;
void rewrite_test(uschar *s)
{
uschar *recipient, *error;
-int i, start, end, domain;
+int start, end, domain;
BOOL done_smtp = FALSE;
if (rewrite_existflags == 0)
recipient = parse_extract_address(s, &error, &start, &end, &domain, FALSE);
-if (recipient == NULL)
+if (!recipient)
{
if (!done_smtp)
printf("Syntax error in %s\n%c%s\n", s, toupper(error[0]), error+1);
return;
}
-for (i = 0; i < 8; i++)
+for (int i = 0; i < 8; i++)
{
BOOL whole = FALSE;
int flag = 1 << i;
/* Deal with zero values; convert them if requested. */
if (zeroval != 0)
- {
- int i;
- for (i = 0; i < tlen; i++)
+ for (int i = 0; i < tlen; i++)
if (tptr[i] == 0) tptr[i] = zeroval;
- }
/* Add the new string onto the result */
void
options_routers(void)
{
-struct router_info * ri;
uschar buf[64];
options_from_list(optionlist_routers, nelem(optionlist_routers), US"ROUTERS", NULL);
-for (ri = routers_available; ri->driver_name[0]; ri++)
+for (router_info * ri = routers_available; ri->driver_name[0]; ri++)
{
spf(buf, sizeof(buf), US"_DRIVER_ROUTER_%T", ri->driver_name);
builtin_macro_create(buf);
void
route_init(void)
{
-router_instance *r;
-
readconf_driver_init(US"router",
(driver_instance **)(&routers), /* chain anchor */
(driver_info *)routers_available, /* available drivers */
optionlist_routers, /* generic options */
optionlist_routers_size);
-for (r = routers; r; r = r->next)
+for (router_instance * r = routers; r; r = r->next)
{
uschar *s = r->self;
void
route_tidyup(void)
{
-router_instance *r;
-for (r = routers; r; r = r->next)
+for (router_instance * r = routers; r; r = r->next)
if (r->info->tidyup) (r->info->tidyup)(r);
}
int plen = Ustrlen(prefix);
if (prefix[0] == '*')
{
- const uschar *p;
prefix++;
- for (p = local_part + Ustrlen(local_part) - (--plen);
+ for (const uschar * p = local_part + Ustrlen(local_part) - (--plen);
p >= local_part; p--)
if (strncmpic(prefix, p, plen) == 0) return plen + p - local_part;
}
int slen = Ustrlen(suffix);
if (suffix[slen-1] == '*')
{
- const uschar *p, *pend;
- pend = local_part + alen - (--slen) + 1;
- for (p = local_part; p < pend; p++)
+ const uschar *pend = local_part + alen - (--slen) + 1;
+ for (const uschar * p = local_part; p < pend; p++)
if (strncmpic(suffix, p, slen) == 0) return alen - (p - local_part);
}
else
uschar *error;
struct passwd *pw = NULL;
struct passwd pwcopy;
- address_item *parent;
BOOL loop_detected = FALSE;
BOOL more;
int loopcount = 0;
continually adding to an address, for example), put a long stop counter on
the number of parents. */
- for (parent = addr->parent; parent; parent = parent->parent)
+ for (address_item * parent = addr->parent; parent; parent = parent->parent)
{
if (parent->router == r)
{
{
int rc;
int old_pool = store_pool;
- host_item *h;
- for (h = addr->host_list; h; h = h->next)
+ for (host_item * h = addr->host_list; h; h = h->next)
{
uschar *newaddress;
uschar *oldaddress, *oldname;
DEBUG(D_route)
{
- host_item *h;
-
debug_printf(" envelope to: %s\n", addr->address);
- debug_printf(" transport: %s\n", (addr->transport == NULL)?
- US"<none>" : addr->transport->name);
+ debug_printf(" transport: %s\n", addr->transport
+ ? addr->transport->name : US"<none>");
if (addr->prop.errors_address)
debug_printf(" errors to %s\n", addr->prop.errors_address);
- for (h = addr->host_list; h; h = h->next)
+ for (host_item * h = addr->host_list; h; h = h->next)
{
debug_printf(" host %s", h->name);
if (h->address) debug_printf(" [%s]", h->address);
{
manualroute_router_options_block *ob =
(manualroute_router_options_block *)(rblock->options_block);
-int i;
/* Host_find_failed must be a recognized word */
-for (i = 0; i < hff_count; i++)
- {
+for (int i = 0; i < hff_count; i++)
if (Ustrcmp(ob->host_find_failed, hff_names[i]) == 0)
{
ob->hff_code = hff_codes[i];
break;
}
- }
if (ob->hff_code < 0)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
"unrecognized setting for host_find_failed option", rblock->name);
-for (i = 1; i < hff_count; i++) /* NB starts at 1 to skip "ignore" */
- {
+for (int i = 1; i < hff_count; i++) /* NB starts at 1 to skip "ignore" */
if (Ustrcmp(ob->host_all_ignored, hff_names[i]) == 0)
{
ob->hai_code = hff_codes[i];
break;
}
- }
if (ob->hai_code < 0)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
"unrecognized setting for host_all_ignored option", rblock->name);
if (*s != 0)
{
transport_instance *transport;
- for (transport = transports; transport != NULL; transport = transport->next)
+ for (transport = transports; transport; transport = transport->next)
if (Ustrcmp(transport->name, s) == 0) break;
- if (transport == NULL)
+ if (!transport)
{
addr->message = string_sprintf("unknown transport name %s yielded by "
"command", s);
if (rewrite)
{
- header_line *h;
DEBUG(D_route|D_rewrite) debug_printf("rewriting header lines\n");
- for (h = header_list; h != NULL; h = h->next)
+ for (header_line * h = header_list; h != NULL; h = h->next)
{
header_line *newh =
rewrite_header(h, parent->domain, domain,
global_rewrite_rules, rewrite_existflags, TRUE);
- if (newh != NULL)
+ if (newh)
{
h = newh;
f.header_rewritten = TRUE;
{
uschar *ss;
BOOL expandable;
-transport_instance *tp;
if (tpname == NULL)
{
}
else ss = tpname;
-for (tp = transports; tp != NULL; tp = tp->next)
- {
+for (transport_instance * tp = transports; tp; tp = tp->next)
if (Ustrcmp(tp->name, ss) == 0)
{
DEBUG(D_route) debug_printf("set transport %s\n", ss);
*tpptr = tp;
return TRUE;
}
- }
addr->basic_errno = ERRNO_BADTRANSPORT;
addr->message = string_sprintf("transport \"%s\" not found in %s router", ss,
address_item **addr_new)
{
BOOL self_send = FALSE;
-host_item *h, *next_h, *prev;
/* Look up each host address. A lookup may add additional items into the chain
if there are multiple addresses. Hence the use of next_h to start each cycle of
list of MX hosts. If the first host is the local host, act according to the
"self" option in the configuration. */
-for (prev = NULL, h = addr->host_list; h; h = next_h)
+for (host_item * prev = NULL, * h = addr->host_list, *next_h; h; h = next_h)
{
const uschar *canonical_name;
int rc, len, port, mx, sort_key;
port, mx and sort_key. */
if (port != PORT_NONE)
- {
- host_item *hh;
- for (hh = h; hh != next_h; hh = hh->next) hh->port = port;
- }
+ for (host_item * hh = h; hh != next_h; hh = hh->next)
+ hh->port = port;
if (mx != MX_NONE)
- {
- host_item *hh;
- for (hh = h; hh != next_h; hh = hh->next)
+ for (host_item * hh = h; hh != next_h; hh = hh->next)
{
hh->mx = mx;
hh->sort_key = sort_key;
}
- }
/* A local host gets chopped, with its successors, if there are previous
hosts. Otherwise the self option is used. If it is set to "send", any
DEBUG(D_route)
{
debug_printf("Removed from host list:\n");
- for (; h != NULL; h = h->next) debug_printf(" %s\n", h->name);
+ for (host_item * hh = next_h; h; h = h->next) debug_printf(" %s\n", h->name);
}
prev->next = NULL;
setflag(addr, af_local_host_removed);
void
search_tidyup(void)
{
-int i;
int old_pool = store_pool;
DEBUG(D_lookup) debug_printf("search_tidyup called\n");
/* Close individually each cached open file. */
store_pool = POOL_SEARCH;
-if (search_tree != NULL)
+if (search_tree)
{
tidyup_subtree(search_tree);
search_tree = NULL;
/* Call the general tidyup entry for any drivers that have one. */
-for (i = 0; i < lookup_list_count; i++)
- if (lookup_list[i]->tidy != NULL) (lookup_list[i]->tidy)();
+for (int i = 0; i < lookup_list_count; i++) if (lookup_list[i]->tidy)
+ (lookup_list[i]->tidy)();
-if (search_reset_point != NULL) store_reset(search_reset_point);
+if (search_reset_point) store_reset(search_reset_point);
search_reset_point = NULL;
store_pool = old_pool;
}
{
size_t len;
const char * end;
-char ** e;
extern char ** environ;
if (!name)
/* Find name in environment and move remaining variables down.
Do not early-out in case there are duplicate names. */
-for (e = environ; *e; e++)
+for (char ** e = environ; *e; e++)
if (strncmp(*e, name, len) == 0 && (*e)[len] == '=')
{
char ** sp = e;
dst
*/
-static struct String *quoted_printable_encode(const struct String *src, struct String *dst)
+static struct String *
+quoted_printable_encode(const struct String *src, struct String *dst)
{
-int pass;
-const uschar *start,*end;
uschar *new = NULL;
uschar ch;
size_t line;
/* Two passes: one to count output allocation size, second
to do the encoding */
-for (pass=0; pass<=1; ++pass)
+for (int pass = 0; pass <= 1; pass++)
{
line=0;
if (pass==0)
dst->character=store_get(dst->length+1); /* plus one for \0 */
new=dst->character;
}
- for (start=src->character,end=start+src->length; start<end; ++start)
+ for (const uschar * start = src->character, * end = start + src->length;
+ start < end; ++start)
{
ch=*start;
if (line>=73) /* line length limit */
*/
#ifdef ENOTIFY
-static int uri_decode(struct String *str)
+static int
+uri_decode(struct String *str)
{
uschar *s,*t,*e;
if (str->length==0) return 0;
for (s=str->character,t=s,e=s+str->length; s<e; )
- {
if (*s=='%')
{
if (s+2<e && isxdigit(*(s+1)) && isxdigit(*(s+2)))
}
else
*t++=*s++;
- }
+
*t='\0';
str->length=t-str->character;
return 0;
switch (mt)
{
case MATCH_IS:
- {
switch (co)
{
case COMP_OCTET:
- {
if (eq_octet(needle,haystack,0)) r=1;
break;
- }
case COMP_EN_ASCII_CASEMAP:
- {
if (eq_asciicase(needle,haystack,0)) r=1;
break;
- }
case COMP_ASCII_NUMERIC:
- {
if (!filter->require_iascii_numeric)
{
filter->errmsg=CUS "missing previous require \"comparator-i;ascii-numeric\";";
}
if (eq_asciinumeric(needle,haystack,EQ)) r=1;
break;
- }
}
break;
- }
+
case MATCH_CONTAINS:
{
struct String h;
switch (co)
{
case COMP_OCTET:
- {
- for (h=*haystack; h.length; ++h.character,--h.length) if (eq_octet(needle,&h,1)) { r=1; break; }
+ for (h = *haystack; h.length; ++h.character,--h.length)
+ if (eq_octet(needle,&h,1)) { r=1; break; }
break;
- }
case COMP_EN_ASCII_CASEMAP:
- {
- for (h=*haystack; h.length; ++h.character,--h.length) if (eq_asciicase(needle,&h,1)) { r=1; break; }
+ for (h = *haystack; h.length; ++h.character, --h.length)
+ if (eq_asciicase(needle,&h,1)) { r=1; break; }
break;
- }
default:
- {
filter->errmsg=CUS "comparator does not offer specified matchtype";
return -1;
- }
}
break;
}
+
case MATCH_MATCHES:
- {
switch (co)
{
case COMP_OCTET:
- {
if ((r=eq_glob(needle,haystack,0,1))==-1)
{
filter->errmsg=CUS "syntactically invalid pattern";
return -1;
}
break;
- }
case COMP_EN_ASCII_CASEMAP:
- {
if ((r=eq_glob(needle,haystack,1,1))==-1)
{
filter->errmsg=CUS "syntactically invalid pattern";
return -1;
}
break;
- }
default:
- {
filter->errmsg=CUS "comparator does not offer specified matchtype";
return -1;
- }
}
break;
- }
}
if ((filter_test != FTEST_NONE && debug_selector != 0) ||
(debug_selector & D_filter) != 0)
{
address_item *new_addr;
-for (new_addr=*generated; new_addr; new_addr=new_addr->next)
+for (new_addr = *generated; new_addr; new_addr = new_addr->next)
if ( Ustrcmp(new_addr->address,addr) == 0
&& ( !file
|| testflag(new_addr, af_pfr)
{
int x,d,n;
- for (x=0,d=0; d<2 && src<end && isxdigit(n=tolower(*src)); x=(x<<4)|(n>='0' && n<='9' ? n-'0' : 10+(n-'a')),++d,++src);
+ for (x = 0, d = 0;
+ d<2 && src<end && isxdigit(n=tolower(*src));
+ x=(x<<4)|(n>='0' && n<='9' ? n-'0' : 10+(n-'a')) ,++d, ++src) ;
if (d==0) return -1;
if (dst) *dst++=x;
++decoded;
-2 semantic error (character range violation)
*/
-static int unicode_decode(uschar *src, uschar *end, uschar *dst)
+static int
+unicode_decode(uschar *src, uschar *end, uschar *dst)
{
int decoded=0;
int c,d,n;
unicode_hex:
- for (hex_seq=src; src<end && *src=='0'; ++src);
- for (c=0,d=0; d<7 && src<end && isxdigit(n=tolower(*src)); c=(c<<4)|(n>='0' && n<='9' ? n-'0' : 10+(n-'a')),++d,++src);
- if (src==hex_seq) return -1;
+ for (hex_seq = src; src < end && *src=='0'; ) src++;
+ for (c = 0, d = 0;
+ d < 7 && src < end && isxdigit(n=tolower(*src));
+ c=(c<<4)|(n>='0' && n<='9' ? n-'0' : 10+(n-'a')), ++d, ++src) ;
+ if (src == hex_seq) return -1;
if (d==7 || (!((c>=0 && c<=0xd7ff) || (c>=0xe000 && c<=0x10ffff)))) return -2;
if (c<128)
{
-1 syntax or execution error
*/
-static int parse_test(struct Sieve *filter, int *cond, int exec)
+static int
+parse_test(struct Sieve *filter, int *cond, int exec)
{
if (parse_white(filter)==-1) return -1;
if (parse_identifier(filter,CUS "address"))
enum AddressPart addressPart=ADDRPART_ALL;
enum Comparator comparator=COMP_EN_ASCII_CASEMAP;
enum MatchType matchType=MATCH_IS;
- struct String *hdr,*h,*key,*k;
+ struct String *hdr,*key;
int m;
int ap=0,co=0,mt=0;
return -1;
}
*cond=0;
- for (h=hdr; h->length!=-1 && !*cond; ++h)
+ for (struct String * h = hdr; h->length!=-1 && !*cond; ++h)
{
uschar *header_value=(uschar*)0,*extracted_addr,*end_addr;
*end_addr = saveend;
if (part)
{
- for (k=key; k->length!=-1; ++k)
+ for (struct String * k = key; k->length !=- 1; ++k)
{
- struct String partStr;
+ struct String partStr = {.character = part, .length = Ustrlen(part)};
- partStr.character=part;
- partStr.length=Ustrlen(part);
if (extracted_addr)
{
*cond=compare(filter,k,&partStr,comparator,matchType);
exists-test = "exists" <header-names: string-list>
*/
- struct String *hdr,*h;
+ struct String *hdr;
int m;
if (parse_white(filter)==-1) return -1;
if (exec)
{
*cond=1;
- for (h=hdr; h->length!=-1 && *cond; ++h)
+ for (struct String * h = hdr; h->length != -1 && *cond; ++h)
{
uschar *header_def;
enum Comparator comparator=COMP_EN_ASCII_CASEMAP;
enum MatchType matchType=MATCH_IS;
- struct String *hdr,*h,*key,*k;
+ struct String *hdr,*key;
int m;
int co=0,mt=0;
return -1;
}
*cond=0;
- for (h=hdr; h->length!=-1 && !*cond; ++h)
+ for (struct String * h = hdr; h->length != -1 && !*cond; ++h)
{
if (!is_header(h))
{
filter->errmsg=CUS "header string expansion failed";
return -1;
}
- for (k=key; k->length!=-1; ++k)
- {
+ for (struct String * k = key; k->length != -1; ++k)
if (Ustrcmp(header_def,"true")==0)
{
*cond=compare(filter,k,&header_value,comparator,matchType);
if (*cond==-1) return -1;
if (*cond) break;
}
- }
}
}
return 1;
enum Comparator comparator=COMP_EN_ASCII_CASEMAP;
enum AddressPart addressPart=ADDRPART_ALL;
enum MatchType matchType=MATCH_IS;
- struct String *env,*e,*key,*k;
+ struct String *env,*key;
int m;
int co=0,ap=0,mt=0;
return -1;
}
*cond=0;
- for (e=env; e->length!=-1 && !*cond; ++e)
+ for (struct String * e = env; e->length != -1 && !*cond; ++e)
{
const uschar *envelopeExpr=CUS 0;
uschar *envelope=US 0;
filter->errmsg=CUS "header string expansion failed";
return -1;
}
- for (k=key; k->length!=-1; ++k)
+ for (struct String * k = key; k->length != -1; ++k)
{
- struct String envelopeStr;
+ struct String envelopeStr = {.character = envelope, .length = Ustrlen(envelope)};
- envelopeStr.character=envelope;
- envelopeStr.length=Ustrlen(envelope);
*cond=compare(filter,k,&envelopeStr,comparator,matchType);
if (*cond==-1) return -1;
if (*cond) break;
<notification-uris: string-list>
*/
- struct String *uris,*u;
+ struct String *uris;
int m;
if (!filter->require_enotify)
if (exec)
{
*cond=1;
- for (u=uris; u->length!=-1 && *cond; ++u)
+ for (struct String * u = uris; u->length != -1 && *cond; ++u)
{
string_item *recipient;
struct String header,subject,body;
enum Comparator comparator=COMP_EN_ASCII_CASEMAP;
enum MatchType matchType=MATCH_IS;
- struct String uri,capa,*keys,*k;
+ struct String uri,capa,*keys;
if (!filter->require_enotify)
{
body.length=-1;
body.character=(uschar*)0;
if (parse_mailto_uri(filter,uri.character,&recipient,&header,&subject,&body)==1)
- {
if (eq_asciicase(&capa,&str_online,0)==1)
- for (k=keys; k->length!=-1; ++k)
+ for (struct String * k = keys; k->length != -1; ++k)
{
*cond=compare(filter,k,&str_maybe,comparator,matchType);
if (*cond==-1) return -1;
if (*cond) break;
}
- }
}
return 1;
}
&& (message.length==-1 || Ustrcmp(already->message.character,message.character)==0))
break;
}
- if (already==(struct Notification*)0)
+ if (!already)
/* New notification, process it */
{
struct Notification *sent;
#ifndef COMPILE_SYNTAX_CHECKER
if (filter_test == FTEST_NONE)
{
- string_item *p;
- int pid,fd;
+ int pid, fd;
if ((pid = child_open_exim2(&fd,envelope_from,envelope_from))>=1)
{
f = fdopen(fd, "wb");
fprintf(f,"From: %s\n",from.length==-1 ? expand_string(US"$local_part_prefix$local_part$local_part_suffix@$domain") : from.character);
- for (p=recipient; p; p=p->next) fprintf(f,"To: %s\n",p->text);
+ for (string_item * p = recipient; p; p=p->next)
+ fprintf(f,"To: %s\n",p->text);
fprintf(f,"Auto-Submitted: auto-notified; %s\n",filter->enotify_mailto_owner);
if (header.length>0) fprintf(f,"%s",header.character);
if (message.length==-1)
}
else if (parse_identifier(filter,CUS ":addresses")==1)
{
- struct String *a;
-
if (parse_white(filter)==-1) return -1;
if ((m=parse_stringlist(filter,&addresses))!=1)
{
if (m==0) filter->errmsg=CUS "addresses string list expected";
return -1;
}
- for (a=addresses; a->length!=-1; ++a)
+ for (struct String * a = addresses; a->length != -1; ++a)
{
- string_item *new;
+ string_item * new = store_get(sizeof(string_item));
- new=store_get(sizeof(string_item));
new->text=store_get(a->length+1);
if (a->length) memcpy(new->text,a->character,a->length);
new->text[a->length]='\0';
{
uschar *s,*end;
- for (s=reason.character,end=reason.character+reason.length; s<end && (*s&0x80)==0; ++s);
+ for (s = reason.character, end = reason.character + reason.length;
+ s<end && (*s&0x80)==0; ) s++;
if (s<end)
{
filter->errmsg=CUS "MIME reason string contains 8bit text";
md5 base;
uschar digest[16];
uschar hexdigest[33];
- int i;
gstring * once;
if (filter_personal(aliases,TRUE))
else
md5_end(&base, handle.character, handle.length, digest);
- for (i = 0; i < 16; i++) sprintf(CS (hexdigest+2*i), "%02X", digest[i]);
+ for (int i = 0; i < 16; i++) sprintf(CS (hexdigest+2*i), "%02X", digest[i]);
if ((filter_test != FTEST_NONE && debug_selector != 0) || (debug_selector & D_filter) != 0)
debug_printf("Sieve: mail was personal, vacation file basename: %s\n", hexdigest);
(
mime_body = reason.character, reason_end = reason.character + reason.length;
mime_body < (reason_end-(sizeof(nlnl)-1)) && memcmp(mime_body, nlnl, (sizeof(nlnl)-1));
- ++mime_body
- );
+ ) mime_body++;
addr->reply->headers = string_copyn(reason.character, mime_body-reason.character);
require-command = "require" <capabilities: string-list>
*/
- struct String *cap,*check;
+ struct String *cap;
int m;
if (parse_white(filter)==-1) return -1;
if (m==0) filter->errmsg=CUS "capability string list expected";
return -1;
}
- for (check=cap; check->character; ++check)
+ for (struct String * check = cap; check->character; ++check)
{
if (eq_octet(check,&str_envelope,0)) filter->require_envelope=1;
else if (eq_octet(check,&str_fileinto,0)) filter->require_fileinto=1;
static void
incomplete_transaction_log(uschar *what)
{
-if (sender_address == NULL || /* No transaction in progress */
- !LOGGING(smtp_incomplete_transaction))
+if (!sender_address /* No transaction in progress */
+ || !LOGGING(smtp_incomplete_transaction))
return;
/* Build list of recipients for logging */
if (recipients_count > 0)
{
- int i;
raw_recipients = store_get(recipients_count * sizeof(uschar *));
- for (i = 0; i < recipients_count; i++)
+ for (int i = 0; i < recipients_count; i++)
raw_recipients[i] = recipients_list[i].address;
raw_recipients_count = recipients_count;
}
{
int c;
int ptr = 0;
-smtp_cmd_list *p;
BOOL hadnull = FALSE;
had_command_timeout = 0;
to the start of the actual data characters. Check for SMTP synchronization
if required. */
-for (p = cmd_list; p < cmd_list_end; p++)
+for (smtp_cmd_list * p = cmd_list; p < cmd_list_end; p++)
{
#ifdef SUPPORT_PROXY
/* Only allow QUIT command if Proxy Protocol parsing failed */
void
smtp_log_no_mail(void)
{
-int i;
uschar * sep, * s;
gstring * g = NULL;
sep = smtp_connection_had[SMTP_HBUFF_SIZE-1] != SCH_NONE ? US" C=..." : US" C=";
-for (i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++)
+for (int i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++)
if (smtp_connection_had[i] != SCH_NONE)
{
g = string_append(g, 2, sep, smtp_names[smtp_connection_had[i]]);
sep = US",";
}
-for (i = 0; i < smtp_ch_index; i++)
+for (int i = 0; i < smtp_ch_index; i++)
{
g = string_append(g, 2, sep, smtp_names[smtp_connection_had[i]]);
sep = US",";
uschar *
smtp_cmd_hist(void)
{
-int i;
gstring * list = NULL;
uschar * s;
-for (i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++)
+for (int i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++)
if (smtp_connection_had[i] != SCH_NONE)
list = string_append_listele(list, ',', smtp_names[smtp_connection_had[i]]);
-for (i = 0; i < smtp_ch_index; i++)
+for (int i = 0; i < smtp_ch_index; i++)
list = string_append_listele(list, ',', smtp_names[smtp_connection_had[i]]);
s = string_from_gstring(list);
{
uschar *p = big_buffer;
uschar *pend = big_buffer + big_buffer_size;
- uschar *opt, *adptr;
+ uschar *adptr;
int optcount;
struct in_addr addr;
Ustrcpy(p, "IP options on incoming call:");
p += Ustrlen(p);
- for (opt = optstart; opt != NULL &&
- opt < US (ipopt) + optlen;)
- {
+ for (uschar * opt = optstart; opt && opt < US (ipopt) + optlen; )
switch (*opt)
{
case IPOPT_EOL:
default:
{
- int i;
if (pend - p < 4 + 3*opt[1]) { opt = NULL; break; }
Ustrcat(p, "[ ");
p += 2;
- for (i = 0; i < opt[1]; i++)
+ for (int i = 0; i < opt[1]; i++)
p += sprintf(CS p, "%2.2x ", opt[i]);
*p++ = ']';
}
opt += opt[1];
break;
}
- }
*p = 0;
log_write(0, LOG_MAIN, "%s", big_buffer);
if (!f.helo_verified)
{
int rc;
- host_item h;
- dnssec_domains d;
- host_item *hh;
-
- h.name = sender_helo_name;
- h.address = NULL;
- h.mx = MX_NONE;
- h.next = NULL;
- d.request = US"*";
- d.require = US"";
+ host_item h =
+ {.name = sender_helo_name, .address = NULL, .mx = MX_NONE, .next = NULL};
+ dnssec_domains d =
+ {.request = US"*", .require = US""};
HDEBUG(D_receive) debug_printf("getting IP address for %s\n",
sender_helo_name);
rc = host_find_bydns(&h, NULL, HOST_FIND_BY_A | HOST_FIND_BY_AAAA,
NULL, NULL, NULL, &d, NULL, NULL);
if (rc == HOST_FOUND || rc == HOST_FOUND_LOCAL)
- for (hh = &h; hh; hh = hh->next)
+ for (host_item * hh = &h; hh; hh = hh->next)
if (Ustrcmp(hh->address, sender_host_address) == 0)
{
f.helo_verified = TRUE;
if (h.dnssec == DS_YES) sender_helo_dnssec = TRUE;
HDEBUG(D_receive)
- {
debug_printf("IP address for %s matches calling address\n"
"Forward DNS security status: %sverified\n",
sender_helo_name, sender_helo_dnssec ? "" : "un");
- }
break;
}
}
smtp_in_auth(auth_instance *au, uschar ** s, uschar ** ss)
{
const uschar *set_id = NULL;
-int rc, i;
+int rc;
/* Run the checking code, passing the remainder of the command line as
data. Initials the $auth<n> variables as empty. Initialize $0 empty and set
authenticated_id. Save this in permanent store, as the working store gets
reset at HELO, RSET, etc. */
-for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
+for (int i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
expand_nmax = 0;
expand_nlength[0] = 0; /* $0 contains nothing */
rc = (au->info->servercode)(au, smtp_cmd_data);
if (au->set_id) set_id = expand_string(au->set_id);
expand_nmax = -1; /* Reset numeric variables */
-for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL; /* Reset $auth<n> */
+for (int i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL; /* Reset $auth<n> */
/* The value of authenticated_id is stored in the spool file and printed in
log lines. It must not contain binary zeros or newline characters. In
int start, end, sender_domain, recipient_domain;
int rc;
int c;
- auth_instance *au;
uschar *orcpt = NULL;
int dsn_flags;
gstring * g;
{
cmd_list[CMD_LIST_TLS_AUTH].is_mail_cmd = FALSE;
- for (au = auths; au; au = au->next)
+ for (auth_instance * au = auths; au; au = au->next)
if (strcmpic(US"tls", au->driver_name) == 0)
{
if ( acl_smtp_auth
as a server and which has been advertised (unless, sigh, allow_auth_
unadvertised is set). */
- for (au = auths; au; au = au->next)
- if (strcmpic(s, au->public_name) == 0 && au->server &&
- (au->advertised || f.allow_auth_unadvertised))
- break;
-
- if (au)
{
- c = smtp_in_auth(au, &s, &ss);
+ auth_instance * au;
+ for (au = auths; au; au = au->next)
+ if (strcmpic(s, au->public_name) == 0 && au->server &&
+ (au->advertised || f.allow_auth_unadvertised))
+ break;
- smtp_printf("%s\r\n", FALSE, s);
- if (c != OK)
- log_write(0, LOG_MAIN|LOG_REJECT, "%s authenticator failed for %s: %s",
- au->name, host_and_ident(FALSE), ss);
+ if (au)
+ {
+ c = smtp_in_auth(au, &s, &ss);
+
+ smtp_printf("%s\r\n", FALSE, s);
+ if (c != OK)
+ log_write(0, LOG_MAIN|LOG_REJECT, "%s authenticator failed for %s: %s",
+ au->name, host_and_ident(FALSE), ss);
+ }
+ else
+ done = synprot_error(L_smtp_protocol_error, 504, NULL,
+ string_sprintf("%s authentication mechanism not supported", s));
}
- else
- done = synprot_error(L_smtp_protocol_error, 504, NULL,
- string_sprintf("%s authentication mechanism not supported", s));
break; /* AUTH_CMD */
&& verify_check_host(&auth_advertise_hosts) == OK
)
{
- auth_instance *au;
BOOL first = TRUE;
- for (au = auths; au; au = au->next)
+ for (auth_instance * au = auths; au; au = au->next)
{
au->advertised = FALSE;
if (au->server)
{
unsigned int i;
spamd_address_container * sd;
-long rnd, weights;
+long weights;
unsigned pri;
static BOOL srandomed = FALSE;
if (weights == 0) /* all servers failed */
return -1;
-for (rnd = random() % weights, i = 0; i < num_servers; i++)
+for (long rnd = random() % weights, i = 0; i < num_servers; i++)
{
sd = spamds[i];
if (!sd->is_failed && sd->priority == pri)
"\r\nFrom: <", sender_address,
">\r\nRecipient-Number: ", string_sprintf("%d\r\n", recipients_count));
- for (i = 0; i < recipients_count; i ++)
+ for (int i = 0; i < recipients_count; i++)
req_str = string_append(req_str, 3,
"Rcpt: <", recipients_list[i].address, ">\r\n");
if ((s = expand_string(US"$sender_helo_name")) && *s)
int
spool_open_datafile(uschar *id)
{
-int i;
struct stat statbuf;
flock_t lock_data;
int fd;
not found there, try the split sub-directory, in case it is left over from a
splitting state. */
-for (i = 0; i < 2; i++)
+for (int i = 0; i < 2; i++)
{
uschar * fname;
int save_errno;
set, just look in the given directory. Otherwise, look in both the split
and unsplit directories, as for the data file above. */
-for (n = 0; n < 2; n++)
+for (int n = 0; n < 2; n++)
{
if (!subdir_set)
message_subdir[0] = split_spool_directory == (n == 0) ? name[5] : 0;
uschar *temp_string;
uschar *mbox_path;
FILE *mbox_file = NULL, *l_data_file = NULL, *yield = NULL;
-header_line *my_headerlist;
struct stat statbuf;
-int i, j;
+int j;
void *reset_point;
mbox_path = string_sprintf("%s/scan/%s/%s.eml",
/* write all non-deleted header lines to mbox file */
- for (my_headerlist = header_list; my_headerlist;
+ for (header_line * my_headerlist = header_list; my_headerlist;
my_headerlist = my_headerlist->next)
if (my_headerlist->type != '*')
if (fwrite(my_headerlist->text, my_headerlist->slen, 1, mbox_file) != 1)
else
{
message_subdir[1] = '\0';
- for (i = 0; i < 2; i++)
+ for (int i = 0; i < 2; i++)
{
message_subdir[0] = split_spool_directory == (i == 0) ? message_id[5] : 0;
temp_string = spool_fname(US"input", message_subdir, message_id, US"-D");
spool_write_header(uschar *id, int where, uschar **errmsg)
{
int fd;
-int i;
int size_correction;
FILE * fp;
-header_line *h;
struct stat statbuf;
uschar * tname;
uschar * fname;
tree_write(tree_nonrecipients, fp);
fprintf(fp, "%d\n", recipients_count);
-for (i = 0; i < recipients_count; i++)
+for (int i = 0; i < recipients_count; i++)
{
recipient_item *r = recipients_list + i;
These are saved as a record for debugging. Don't included them in the message's
size. */
-for (h = header_list; h; h = h->next)
+for (header_line * h = header_list; h; h = h->next)
{
fprintf(fp, "%03d%c %s", h->slen, h->type, h->text);
size_correction += 5;
/* srs_init just initialises libsrs and creates (if necessary)
an srs object to use for all srs calls in this instance */
-int eximsrs_init()
+int
+eximsrs_init()
{
- const uschar *list = srs_config;
- uschar secret_buf[SRS_MAX_SECRET_LENGTH];
- uschar *secret = NULL;
- uschar sbuf[4];
- uschar *sbufp;
-
- /* Check if this instance of Exim has not initialized SRS */
- if(srs == NULL)
+const uschar *list = srs_config;
+uschar secret_buf[SRS_MAX_SECRET_LENGTH];
+uschar *secret = NULL;
+uschar sbuf[4];
+uschar *sbufp;
+
+/* Check if this instance of Exim has not initialized SRS */
+if (srs == NULL)
{
- int co = 0;
- int hashlen, maxage;
- BOOL usetimestamp, usehash;
-
- /* Copy config vars */
- hashlen = srs_hashlength;
- maxage = srs_maxage;
- usetimestamp = srs_usetimestamp;
- usehash = srs_usehash;
-
- /* Pass srs_config var (overrides new config vars) */
- co = 0;
- if(srs_config != NULL)
+ int co = 0;
+ int hashlen, maxage;
+ BOOL usetimestamp, usehash;
+
+ /* Copy config vars */
+ hashlen = srs_hashlength;
+ maxage = srs_maxage;
+ usetimestamp = srs_usetimestamp;
+ usehash = srs_usehash;
+
+ /* Pass srs_config var (overrides new config vars) */
+ co = 0;
+ if (srs_config != NULL)
{
- secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH);
+ secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH);
- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
- maxage = atoi(sbuf);
+ if ((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))))
+ maxage = atoi(sbuf);
- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
- hashlen = atoi(sbuf);
+ if ((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))))
+ hashlen = atoi(sbuf);
- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
- usetimestamp = atoi(sbuf);
+ if ((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))))
+ usetimestamp = atoi(sbuf);
- if((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))) != NULL)
- usehash = atoi(sbuf);
+ if ((sbufp = string_nextinlist(&list, &co, sbuf, sizeof(sbuf))))
+ usehash = atoi(sbuf);
}
- if(srs_hashmin == -1)
- srs_hashmin = hashlen;
+ if (srs_hashmin == -1)
+ srs_hashmin = hashlen;
- /* First secret specified in secrets? */
- co = 0;
- list = srs_secrets;
- if(secret == NULL || *secret == '\0')
- {
- if((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)) == NULL)
+ /* First secret specified in secrets? */
+ co = 0;
+ list = srs_secrets;
+ if (secret == NULL || *secret == '\0')
+ if (!(secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)))
{
- log_write(0, LOG_MAIN | LOG_PANIC,
- "SRS Configuration Error: No secret specified");
- return DEFER;
+ log_write(0, LOG_MAIN | LOG_PANIC,
+ "SRS Configuration Error: No secret specified");
+ return DEFER;
}
- }
- /* Check config */
- if(maxage < 0 || maxage > 365)
+ /* Check config */
+ if (maxage < 0 || maxage > 365)
{
- log_write(0, LOG_MAIN | LOG_PANIC,
- "SRS Configuration Error: Invalid maximum timestamp age");
- return DEFER;
+ log_write(0, LOG_MAIN | LOG_PANIC,
+ "SRS Configuration Error: Invalid maximum timestamp age");
+ return DEFER;
}
- if(hashlen < 1 || hashlen > 20 || srs_hashmin < 1 || srs_hashmin > 20)
+ if (hashlen < 1 || hashlen > 20 || srs_hashmin < 1 || srs_hashmin > 20)
{
- log_write(0, LOG_MAIN | LOG_PANIC,
- "SRS Configuration Error: Invalid hash length");
- return DEFER;
+ log_write(0, LOG_MAIN | LOG_PANIC,
+ "SRS Configuration Error: Invalid hash length");
+ return DEFER;
}
- if((srs = srs_open(secret, Ustrlen(secret), maxage, hashlen, srs_hashmin)) == NULL)
+ if (!(srs = srs_open(secret, Ustrlen(secret), maxage, hashlen, srs_hashmin)))
{
- log_write(0, LOG_MAIN | LOG_PANIC,
- "Failed to allocate SRS memory");
- return DEFER;
+ log_write(0, LOG_MAIN | LOG_PANIC,
+ "Failed to allocate SRS memory");
+ return DEFER;
}
- srs_set_option(srs, SRS_OPTION_USETIMESTAMP, usetimestamp);
- srs_set_option(srs, SRS_OPTION_USEHASH, usehash);
+ srs_set_option(srs, SRS_OPTION_USETIMESTAMP, usetimestamp);
+ srs_set_option(srs, SRS_OPTION_USEHASH, usehash);
- /* Extra secrets? */
- while((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)) != NULL)
- srs_add_secret(srs, secret, (Ustrlen(secret) > SRS_MAX_SECRET_LENGTH) ? SRS_MAX_SECRET_LENGTH : Ustrlen(secret));
+ /* Extra secrets? */
+ while((secret = string_nextinlist(&list, &co, secret_buf, SRS_MAX_SECRET_LENGTH)))
+ srs_add_secret(srs, secret,
+ Ustrlen(secret) > SRS_MAX_SECRET_LENGTH ? SRS_MAX_SECRET_LENGTH : Ustrlen(secret));
- DEBUG(D_any)
- debug_printf("SRS initialized\n");
+ DEBUG(D_any)
+ debug_printf("SRS initialized\n");
}
- return OK;
+return OK;
}
-int eximsrs_done()
+int
+eximsrs_done()
{
- if(srs != NULL)
- srs_close(srs);
-
- srs = NULL;
-
- return OK;
+if (srs) srs_close(srs);
+srs = NULL;
+return OK;
}
-int eximsrs_forward(uschar **result, uschar *orig_sender, uschar *domain)
+int
+eximsrs_forward(uschar **result, uschar *orig_sender, uschar *domain)
{
- char res[512];
- int n;
+char res[512];
+int n;
- if((n = srs_forward(srs, orig_sender, domain, res, sizeof(res))) & SRS_RESULT_FAIL)
+if ((n = srs_forward(srs, orig_sender, domain, res, sizeof(res))) & SRS_RESULT_FAIL)
{
- DEBUG(D_any)
- debug_printf("srs_forward failed (%s, %s): %s\n", orig_sender, domain, srs_geterrormsg(n));
- return DEFER;
+ DEBUG(D_any)
+ debug_printf("srs_forward failed (%s, %s): %s\n", orig_sender, domain, srs_geterrormsg(n));
+ return DEFER;
}
- *result = string_copy(res);
- return OK;
+*result = string_copy(res);
+return OK;
}
-int eximsrs_reverse(uschar **result, uschar *address)
+int
+eximsrs_reverse(uschar **result, uschar *address)
{
- char res[512];
- int n;
+char res[512];
+int n;
- if((n = srs_reverse(srs, address, res, sizeof(res))) & SRS_RESULT_FAIL)
+if ((n = srs_reverse(srs, address, res, sizeof(res))) & SRS_RESULT_FAIL)
{
- DEBUG(D_any)
- debug_printf("srs_reverse failed (%s): %s\n", address, srs_geterrormsg(n));
- if(n == SRS_RESULT_NOTSRS || n == SRS_RESULT_BADSRS)
- return DECLINE;
- if(n == SRS_RESULT_BADHASH || n == SRS_RESULT_BADTIMESTAMP || n == SRS_RESULT_TIMESTAMPEXPIRED)
- return FAIL;
- return DEFER;
+ DEBUG(D_any)
+ debug_printf("srs_reverse failed (%s): %s\n", address, srs_geterrormsg(n));
+ if (n == SRS_RESULT_NOTSRS || n == SRS_RESULT_BADSRS)
+ return DECLINE;
+ if (n == SRS_RESULT_BADHASH || n == SRS_RESULT_BADTIMESTAMP || n == SRS_RESULT_TIMESTAMPEXPIRED)
+ return FAIL;
+ return DEFER;
}
- *result = string_copy(res);
- return OK;
+*result = string_copy(res);
+return OK;
}
-int eximsrs_db_set(BOOL reverse, uschar *srs_db)
+int
+eximsrs_db_set(BOOL reverse, uschar *srs_db)
{
- if(reverse)
- srs_db_reverse = (srs_db == NULL ? NULL : string_copy(srs_db));
- else
- srs_db_forward = (srs_db == NULL ? NULL : string_copy(srs_db));
+if (reverse)
+ srs_db_reverse = (srs_db == NULL ? NULL : string_copy(srs_db));
+else
+ srs_db_forward = (srs_db == NULL ? NULL : string_copy(srs_db));
- if(srs_set_db_functions(srs, (srs_db_forward ? eximsrs_db_insert : NULL),
- (srs_db_reverse ? eximsrs_db_lookup : NULL)) & SRS_RESULT_FAIL)
- return DEFER;
+if (srs_set_db_functions(srs, (srs_db_forward ? eximsrs_db_insert : NULL),
+ (srs_db_reverse ? eximsrs_db_lookup : NULL)) & SRS_RESULT_FAIL)
+ return DEFER;
- return OK;
+return OK;
}
-srs_result eximsrs_db_insert(srs_t *srs, char *data, uint data_len, char *result, uint result_len)
+srs_result
+eximsrs_db_insert(srs_t *srs, char *data, uint data_len, char *result, uint result_len)
{
- uschar *res;
- uschar buf[64];
+uschar *res;
+uschar buf[64];
- if(srs_db_forward == NULL)
- return SRS_RESULT_DBERROR;
+if (srs_db_forward == NULL)
+ return SRS_RESULT_DBERROR;
- srs_db_address = string_copyn(data, data_len);
- if(srs_generate_unique_id(srs, srs_db_address, buf, 64) & SRS_RESULT_FAIL)
- return SRS_RESULT_DBERROR;
+srs_db_address = string_copyn(data, data_len);
+if (srs_generate_unique_id(srs, srs_db_address, buf, 64) & SRS_RESULT_FAIL)
+ return SRS_RESULT_DBERROR;
- srs_db_key = string_copyn(buf, 16);
+srs_db_key = string_copyn(buf, 16);
- if((res = expand_string(srs_db_forward)) == NULL)
- return SRS_RESULT_DBERROR;
+if ((res = expand_string(srs_db_forward)) == NULL)
+ return SRS_RESULT_DBERROR;
- if(result_len < 17)
- return SRS_RESULT_DBERROR;
+if (result_len < 17)
+ return SRS_RESULT_DBERROR;
- Ustrncpy(result, srs_db_key, result_len);
+Ustrncpy(result, srs_db_key, result_len);
- return SRS_RESULT_OK;
+return SRS_RESULT_OK;
}
-srs_result eximsrs_db_lookup(srs_t *srs, char *data, uint data_len, char *result, uint result_len)
+srs_result
+eximsrs_db_lookup(srs_t *srs, char *data, uint data_len, char *result, uint result_len)
{
- uschar *res;
+uschar *res;
- if(srs_db_reverse == NULL)
- return SRS_RESULT_DBERROR;
+if (srs_db_reverse == NULL)
+ return SRS_RESULT_DBERROR;
- srs_db_key = string_copyn(data, data_len);
- if((res = expand_string(srs_db_reverse)) == NULL)
- return SRS_RESULT_DBERROR;
+srs_db_key = string_copyn(data, data_len);
+if ((res = expand_string(srs_db_reverse)) == NULL)
+ return SRS_RESULT_DBERROR;
- if(Ustrlen(res) >= result_len)
- return SRS_RESULT_ADDRESSTOOLONG;
+if (Ustrlen(res) >= result_len)
+ return SRS_RESULT_ADDRESSTOOLONG;
- strncpy(result, res, result_len);
+strncpy(result, res, result_len);
- return SRS_RESULT_OK;
+return SRS_RESULT_OK;
}
static void
store_release_3(void * block, const char * filename, int linenumber)
{
-storeblock * b;
-
/* It will never be the first block, so no need to check that. */
-for (b = chainbase[store_pool]; b; b = b->next)
+for (storeblock * b = chainbase[store_pool]; b; b = b->next)
{
storeblock * bb = b->next;
if (bb && CS block == CS bb + ALIGNED_SIZEOF_STOREBLOCK)
int
string_is_ip_address(const uschar *s, int *maskptr)
{
-int i;
int yield = 4;
/* If an optional mask is permitted, check for it. If found, pass back the
{
BOOL had_double_colon = FALSE;
BOOL v4end = FALSE;
- int count = 0;
yield = 6;
may be one and only one appearance of double colon, which implies any number
of binary zero bits. The number of preceding components is held in count. */
- for (count = 0; count < 8; count++)
+ for (int count = 0; count < 8; count++)
{
/* If the end of the string is reached before reading 8 components, the
address is valid provided a double colon has been read. This also applies
/* Test for IPv4 address, which may be the tail-end of an IPv6 address. */
-for (i = 0; i < 4; i++)
+for (int i = 0; i < 4; i++)
{
long n;
uschar * end;
else
{
- const uschar *ss;
gstring * g = NULL;
/* We know that *s != 0 at this point. However, it might be pointing to a
for (;;)
{
- for (ss = s + 1; *ss && *ss != sep; ss++) ;
+ const uschar * ss;
+ for (ss = s + 1; *ss && *ss != sep; ) ss++;
g = string_catn(g, s, ss-s);
s = ss;
if (!*s || *++s != sep || sep_is_special) break;
gnutls_mac_algorithm_t mac;
gnutls_certificate_type_t ct;
gnutls_x509_crt_t crt;
-uschar *p, *dn_buf;
+uschar *dn_buf;
size_t sz;
if (state->have_set_peerdn)
/* I don't see a way that spaces could occur, in the current GnuTLS
code base, but it was a concern in the old code and perhaps older GnuTLS
releases did return "TLS 1.0"; play it safe, just in case. */
-for (p = cipherbuf; *p != '\0'; ++p)
+for (uschar * p = cipherbuf; *p != '\0'; ++p)
if (isspace(*p))
*p = '-';
old_pool = store_pool;
gnutls_certificate_free_credentials(state->x509_cred);
millisleep(500);
shutdown(state->fd_out, SHUT_WR);
- for (rc = 1024; fgetc(smtp_in) != EOF && rc > 0; ) rc--; /* drain skt */
+ for (int i = 1024; fgetc(smtp_in) != EOF && i > 0; ) i--; /* drain skt */
(void)fclose(smtp_out);
(void)fclose(smtp_in);
smtp_out = smtp_in = NULL;
static BOOL
dane_tlsa_load(exim_gnutls_state_st * state, dns_answer * dnsa)
{
-dns_record * rr;
dns_scan dnss;
int i;
const char ** dane_data;
int * dane_data_len;
-for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS), i = 1;
- rr;
+i = 1;
+for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
) if (rr->type == T_TLSA) i++;
dane_data = store_get(i * sizeof(uschar *));
dane_data_len = store_get(i * sizeof(int));
-for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS), i = 0;
- rr;
+i = 0;
+for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
) if (rr->type == T_TLSA && rr->size > 3)
{
{
unsigned int r;
int i, needed_len;
-uschar *p;
uschar smallbuf[sizeof(r)];
if (max <= 1)
needed_len = sizeof(r);
/* Don't take 8 times more entropy than needed if int is 8 octets and we were
- * asked for a number less than 10. */
+asked for a number less than 10. */
+
for (r = max, i = 0; r; ++i)
r >>= 1;
i = (i + 7) / 8;
return vaguely_random_number_fallback(max);
}
r = 0;
-for (p = smallbuf; needed_len; --needed_len, ++p)
- {
- r *= 256;
- r += *p;
- }
+for (uschar * p = smallbuf; needed_len; --needed_len, ++p)
+ r = r * 256 + *p;
/* We don't particularly care about weighted results; if someone wants
* smooth distribution and cares enough then they should submit a patch then. */
# define EXIM_HAVE_SHA256
#endif
-/*
- * X509_check_host provides sane certificate hostname checking, but was added
- * to OpenSSL late, after other projects forked off the code-base. So in
- * addition to guarding against the base version number, beware that LibreSSL
- * does not (at this time) support this function.
- *
- * If LibreSSL gains a different API, perhaps via libtls, then we'll probably
- * opt to disentangle and ask a LibreSSL user to provide glue for a third
- * crypto provider for libtls instead of continuing to tie the OpenSSL glue
- * into even twistier knots. If LibreSSL gains the same API, we can just
- * change this guard and punt the issue for a while longer.
- */
+/* X509_check_host provides sane certificate hostname checking, but was added
+to OpenSSL late, after other projects forked off the code-base. So in
+addition to guarding against the base version number, beware that LibreSSL
+does not (at this time) support this function.
+
+If LibreSSL gains a different API, perhaps via libtls, then we'll probably
+opt to disentangle and ask a LibreSSL user to provide glue for a third
+crypto provider for libtls instead of continuing to tie the OpenSSL glue
+into even twistier knots. If LibreSSL gains the same API, we can just
+change this guard and punt the issue for a while longer. */
+
#ifndef LIBRESSL_VERSION_NUMBER
# if OPENSSL_VERSION_NUMBER >= 0x010100000L
# define EXIM_HAVE_OPENSSL_CHECKHOST
void
options_tls(void)
{
-struct exim_openssl_option * o;
uschar buf[64];
-for (o = exim_openssl_options;
+for (struct exim_openssl_option * o = exim_openssl_options;
o < exim_openssl_options + nelem(exim_openssl_options); o++)
{
/* Trailing X is workaround for problem with _OPT_OPENSSL_NO_TLSV1
x509_store_dump_cert_s_names(X509_STORE * store)
{
STACK_OF(X509_OBJECT) * roots= store->objs;
-int i;
static uschar name[256];
-for(i= 0; i<sk_X509_OBJECT_num(roots); i++)
+for (int i= 0; i < sk_X509_OBJECT_num(roots); i++)
{
X509_OBJECT * tmp_obj= sk_X509_OBJECT_value(roots, i);
if(tmp_obj->type == X509_LU_X509)
if (f.running_in_test_harness)
{
extern char ** environ;
- uschar ** p;
- if (environ) for (p = USS environ; *p; p++)
+ if (environ) for (uschar ** p = USS environ; *p; p++)
if (Ustrncmp(*p, "EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK", 42) == 0)
{
DEBUG(D_tls) debug_printf("Supplying known bad OCSP response\n");
/* Load the list of CAs for which we will accept certs, for sending
to the client. This is only for the one-file tls_verify_certificates
variant.
- If a list isn't loaded into the server, but
- some verify locations are set, the server end appears to make
- a wildcard request for client certs.
+ If a list isn't loaded into the server, but some verify locations are set,
+ the server end appears to make a wildcard request for client certs.
Meanwhile, the client library as default behaviour *ignores* the list
we send over the wire - see man SSL_CTX_set_client_cert_cb.
Because of this, and that the dir variant is likely only used for
- the public-CA bundle (not for a private CA), not worth fixing.
- */
+ the public-CA bundle (not for a private CA), not worth fixing. */
+
if (file)
{
STACK_OF(X509_NAME) * names = SSL_load_client_CA_file(CS file);
static int
dane_tlsa_load(SSL * ssl, host_item * host, dns_answer * dnsa, uschar ** errstr)
{
-dns_record * rr;
dns_scan dnss;
const char * hostnames[2] = { CS host->name, NULL };
int found = 0;
if (DANESSL_init(ssl, NULL, hostnames) != 1)
return tls_error(US"hostnames load", host, NULL, errstr);
-for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
- rr;
+for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
) if (rr->type == T_TLSA && rr->size > 3)
{
int
tls_write(void * ct_ctx, const uschar *buff, size_t len, BOOL more)
{
-int outbytes, error, left;
+int outbytes, error;
SSL * ssl = ct_ctx ? ((exim_openssl_client_tls_ctx *)ct_ctx)->ssl : server_ssl;
static gstring * corked = NULL;
corked = NULL;
}
-for (left = len; left > 0;)
+for (int left = len; left > 0;)
{
DEBUG(D_tls) debug_printf("SSL_write(%p, %p, %d)\n", ssl, buff, left);
outbytes = SSL_write(ssl, CS buff, left);
int i, needed_len;
static pid_t pidlast = 0;
pid_t pidnow;
-uschar *p;
uschar smallbuf[sizeof(r)];
if (max <= 1)
}
r = 0;
-for (p = smallbuf; needed_len; --needed_len, ++p)
- {
- r *= 256;
- r += *p;
- }
+for (uschar * p = smallbuf; needed_len; --needed_len, ++p)
+ r = 256 * r + *p;
/* We don't particularly care about weighted results; if someone wants
smooth distribution and cares enough then they should submit a patch then. */
tls_openssl_options_parse(uschar *option_spec, long *results)
{
long result, item;
-uschar *s, *end;
+uschar *end;
uschar keep_c;
BOOL adding, item_parsed;
return TRUE;
}
-for (s=option_spec; *s != '\0'; /**/)
+for (uschar * s = option_spec; *s != '\0'; /**/)
{
while (isspace(*s)) ++s;
if (*s == '\0')
static void
dn_to_list(uschar * dn)
{
-uschar * cp;
-for (cp = dn; *cp; cp++)
+for (uschar * cp = dn; *cp; cp++)
if (cp[0] == '\\' && cp[1] == ',')
*cp++ = ',';
}
tls_cert_serial_number(void * cert, uschar * mod)
{
uschar bin[50], txt[150];
+uschar * sp = bin;
size_t sz = sizeof(bin);
-uschar * sp;
-uschar * dp;
int ret;
if ((ret = gnutls_x509_crt_get_serial((gnutls_x509_crt_t)cert,
bin, &sz)))
return g_err("gs0", __FUNCTION__, ret);
-for(dp = txt, sp = bin; sz; sz--)
+for(uschar * dp = txt; sz; sz--)
dp += sprintf(CS dp, "%.2x", *sp++);
for(sp = txt; sp[0]=='0' && sp[1]; ) sp++; /* leading zeroes */
return string_copy(sp);
tls_cert_subject_altname(void * cert, uschar * mod)
{
gstring * list = NULL;
-int index;
size_t siz;
int ret;
uschar sep = '\n';
break;
}
-for(index = 0;; index++)
+for (int index = 0;; index++)
{
siz = 0;
switch(ret = gnutls_x509_crt_get_subject_alt_name(
gnutls_datum_t uri;
int ret;
uschar sep = '\n';
-int index;
gstring * list = NULL;
if (mod)
if (*mod == '>' && *++mod) sep = *mod++;
-for(index = 0;; index++)
+for (int index = 0;; index++)
{
ret = gnutls_x509_crt_get_authority_info_access((gnutls_x509_crt_t)cert,
index, GNUTLS_IA_OCSP_URI, &uri, NULL);
tls_cert_crl_uri(void * cert, uschar * mod)
{
int ret;
-size_t siz;
uschar sep = '\n';
-int index;
gstring * list = NULL;
uschar * ele;
if (mod)
if (*mod == '>' && *++mod) sep = *mod++;
-for(index = 0;; index++)
+for (int index = 0;; index++)
{
- siz = 0;
+ size_t siz = 0;
switch(ret = gnutls_x509_crt_get_crl_dist_points(
(gnutls_x509_crt_t)cert, index, NULL, &siz, NULL, NULL))
{
size_t siz = 0;
uschar * cp;
uschar * cp2;
-uschar * cp3;
if ((ret = gnutls_x509_crt_get_fingerprint(cert, algo, NULL, &siz))
!= GNUTLS_E_SHORT_MEMORY_BUFFER)
if ((ret = gnutls_x509_crt_get_fingerprint(cert, algo, cp, &siz)) < 0)
return g_err("gf1", __FUNCTION__, ret);
-for (cp3 = cp2 = cp+siz; cp < cp2; cp++)
+for (uschar * cp3 = cp2 = cp+siz; cp < cp2; cp++)
cp3 += sprintf(CS cp3, "%02X", *cp);
return cp2;
}
STACK_OF(ACCESS_DESCRIPTION) * ads = (STACK_OF(ACCESS_DESCRIPTION) *)
X509_get_ext_d2i((X509 *)cert, NID_info_access, NULL, NULL);
int adsnum = sk_ACCESS_DESCRIPTION_num(ads);
-int i;
uschar sep = '\n';
gstring * list = NULL;
if (mod)
if (*mod == '>' && *++mod) sep = *mod++;
-for (i = 0; i < adsnum; i++)
+for (int i = 0; i < adsnum; i++)
{
ACCESS_DESCRIPTION * ad = sk_ACCESS_DESCRIPTION_value(ads, i);
X509_get_ext_d2i((X509 *)cert, NID_crl_distribution_points,
NULL, NULL);
DIST_POINT * dp;
-int dpsnum = sk_DIST_POINT_num(dps);
-int i;
uschar sep = '\n';
gstring * list = NULL;
if (mod)
if (*mod == '>' && *++mod) sep = *mod++;
-if (dps) for (i = 0; i < dpsnum; i++)
+if (dps) for (int i = 0, dpsnum = sk_DIST_POINT_num(dps); i < dpsnum; i++)
if ((dp = sk_DIST_POINT_value(dps, i)))
{
STACK_OF(GENERAL_NAME) * names = dp->distpoint->name.fullname;
GENERAL_NAME * np;
- int nnum = sk_GENERAL_NAME_num(names);
- int j;
- for (j = 0; j < nnum; j++)
+ for (int j = 0, nnum = sk_GENERAL_NAME_num(names); j < nnum; j++)
if ( (np = sk_GENERAL_NAME_value(names, j))
&& np->type == GEN_URI
)
static uschar *
fingerprint(X509 * cert, const EVP_MD * fdig)
{
-int j;
unsigned int n;
uschar md[EVP_MAX_MD_SIZE];
uschar * cp;
return NULL;
}
cp = store_get(n*2+1);
-for (j = 0; j < (int)n; j++) sprintf(CS cp+2*j, "%02X", md[j]);
+for (int j = 0; j < (int)n; j++) sprintf(CS cp+2*j, "%02X", md[j]);
return(cp);
}
void
options_transports(void)
{
-struct transport_info * ti;
uschar buf[64];
options_from_list(optionlist_transports, nelem(optionlist_transports), US"TRANSPORTS", NULL);
-for (ti = transports_available; ti->driver_name[0]; ti++)
+for (transport_info * ti = transports_available; ti->driver_name[0]; ti++)
{
spf(buf, sizeof(buf), US"_DRIVER_TRANSPORT_%T", ti->driver_name);
builtin_macro_create(buf);
void
transport_init(void)
{
-transport_instance *t;
-
readconf_driver_init(US"transport",
(driver_instance **)(&transports), /* chain anchor */
(driver_info *)transports_available, /* available drivers */
/* Now scan the configured transports and check inconsistencies. A shadow
transport is permitted only for local transports. */
-for (t = transports; t; t = t->next)
+for (transport_instance * t = transports; t; t = t->next)
{
if (!t->info->local && t->shadow)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
static BOOL
transport_write_block_fd(transport_ctx * tctx, uschar *block, int len, BOOL more)
{
-int i, rc, save_errno;
+int rc, save_errno;
int local_timeout = transport_write_timeout;
int fd = tctx->u.fd;
/* This loop is for handling incomplete writes and other retries. In most
normal cases, it is only ever executed once. */
-for (i = 0; i < 100; i++)
+for (int i = 0; i < 100; i++)
{
DEBUG(D_transport)
debug_printf("writing data block fd=%d size=%d timeout=%d%s\n",
{
uschar *start = chunk;
uschar *end = chunk + len;
-uschar *ptr;
int mlen = DELIVER_OUT_BUFFER_SIZE - nl_escape_length - 2;
/* The assumption is made that the check string will never stretch over move
for possible escaping. The code for the non-NL route should be as fast as
possible. */
-for (ptr = start; ptr < end; ptr++)
+for (uschar * ptr = start; ptr < end; ptr++)
{
int ch, len;
transport_headers_send(transport_ctx * tctx,
BOOL (*sendfn)(transport_ctx * tctx, uschar * s, int len))
{
-header_line *h;
const uschar *list;
transport_instance * tblock = tctx ? tctx->tblock : NULL;
address_item * addr = tctx ? tctx->addr : NULL;
separately and squash any empty ones.
Then check addr->prop.remove_headers too, provided that addr is not NULL. */
-for (h = header_list; h; h = h->next) if (h->type != htype_old)
+for (header_line * h = header_list; h; h = h->next) if (h->type != htype_old)
{
- int i;
BOOL include_header = TRUE;
list = tblock ? tblock->remove_headers : NULL;
- for (i = 0; i < 2; i++) /* For remove_headers && addr->prop.remove_headers */
+ for (int i = 0; i < 2; i++) /* For remove_headers && addr->prop.remove_headers */
{
if (list)
{
if (addr)
{
- int i;
header_line *hprev = addr->prop.extra_headers;
- header_line *hnext;
- for (i = 0; i < 2; i++)
+ header_line *hnext, * h;
+ for (int i = 0; i < 2; i++)
for (h = hprev, hprev = NULL; h; h = hnext)
{
hnext = h->next;
if (tctx->options & topt_add_envelope_to)
{
BOOL first = TRUE;
- address_item *p;
struct aci *plist = NULL;
struct aci *dlist = NULL;
void *reset_point = store_get(0);
anchors for lists of addresses already handled; they have to be defined at
this level because write_env_to() calls itself recursively. */
- for (p = tctx->addr; p; p = p->next)
- if (!write_env_to(p, &plist, &dlist, &first, tctx)) goto bad;
+ for (address_item * p = tctx->addr; p; p = p->next)
+ if (!write_env_to(p, &plist, &dlist, &first, tctx))
+ goto bad;
/* Add a final newline and reset the store used for tracking duplicates */
transport_update_waiting(host_item *hostlist, uschar *tpname)
{
const uschar *prevname = US"";
-host_item *host;
open_db dbblock;
open_db *dbm_file;
/* Scan the list of hosts for which this message is waiting, and ensure
that the message id is in each host record. */
-for (host = hostlist; host; host = host->next)
+for (host_item * host = hostlist; host; host = host->next)
{
BOOL already = FALSE;
dbdata_wait *host_record;
- uschar *s;
- int i, host_length;
+ int host_length;
uschar buffer[256];
/* Skip if this is the same host as we just processed; otherwise remember
/* Search the record to see if the current message is already in it. */
- for (s = host_record->text; s < host_record->text + host_length;
+ for (uschar * s = host_record->text; s < host_record->text + host_length;
s += MESSAGE_ID_LENGTH)
if (Ustrncmp(s, message_id, MESSAGE_ID_LENGTH) == 0)
{ already = TRUE; break; }
/* If we haven't found this message in the main record, search any
continuation records that exist. */
- for (i = host_record->sequence - 1; i >= 0 && !already; i--)
+ for (int i = host_record->sequence - 1; i >= 0 && !already; i--)
{
dbdata_wait *cont;
sprintf(CS buffer, "%.200s:%d", host->name, i);
if ((cont = dbfn_read(dbm_file, buffer)))
{
int clen = cont->count * MESSAGE_ID_LENGTH;
- for (s = cont->text; s < cont->text + clen; s += MESSAGE_ID_LENGTH)
+ for (uschar * s = cont->text; s < cont->text + clen; s += MESSAGE_ID_LENGTH)
if (Ustrncmp(s, message_id, MESSAGE_ID_LENGTH) == 0)
{ already = TRUE; break; }
}
while (host_length <= 0)
{
- int i;
dbdata_wait * newr = NULL;
uschar buffer[256];
/* Search for a continuation */
- for (i = host_record->sequence - 1; i >= 0 && !newr; i--)
+ for (int i = host_record->sequence - 1; i >= 0 && !newr; i--)
{
sprintf(CS buffer, "%.200s:%d", hostname, i);
newr = dbfn_read(dbm_file, buffer);
BOOL expand_arguments, int expand_failed, address_item *addr,
uschar *etext, uschar **errptr)
{
-address_item *ad;
const uschar **argv;
uschar *s, *ss;
int address_count = 0;
int argcount = 0;
-int i, max_args;
+int max_args;
/* Get store in which to build an argument list. Count the number of addresses
supplied, and allow for that many arguments, plus an additional 60, which
should be enough for anybody. Multiple addresses happen only when the local
delivery batch option is set. */
-for (ad = addr; ad != NULL; ad = ad->next) address_count++;
+for (address_item * ad = addr; ad; ad = ad->next) address_count++;
max_args = address_count + 60;
*argvptr = argv = store_get((max_args+1)*sizeof(uschar *));
DEBUG(D_transport)
{
debug_printf("direct command:\n");
- for (i = 0; argv[i] != US 0; i++)
+ for (int i = 0; argv[i] != US 0; i++)
debug_printf(" argv[%d] = %s\n", i, string_printing(argv[i]));
}
addr->parent != NULL &&
Ustrcmp(addr->parent->address, "system-filter") == 0;
- for (i = 0; argv[i] != US 0; i++)
+ for (int i = 0; argv[i] != US 0; i++)
{
/* Handle special fudge for passing an address list */
memmove(argv + i + 1 + additional, argv + i + 1,
(argcount - i)*sizeof(uschar *));
- for (ad = addr; ad != NULL; ad = ad->next) {
- argv[i++] = ad->address;
- argcount++;
- }
+ for (address_item * ad = addr; ad; ad = ad->next)
+ {
+ argv[i++] = ad->address;
+ argcount++;
+ }
/* Subtract one since we replace $pipe_addresses */
argcount--;
(Ustrcmp(argv[i], "$address_pipe") == 0 ||
Ustrcmp(argv[i], "${address_pipe}") == 0))
{
- int address_pipe_i;
int address_pipe_argcount = 0;
int address_pipe_max_args;
uschar **address_pipe_argv;
/* Now we fill in the slots we just moved argv out of
* [argv 0][argv 1][argv 2=pipeargv[0]][argv 3=pipeargv[1]][old argv 3][0]
*/
- for (address_pipe_i = 0;
+ for (int address_pipe_i = 0;
address_pipe_argv[address_pipe_i] != US 0;
address_pipe_i++)
{
DEBUG(D_transport)
{
debug_printf("direct command after expansion:\n");
- for (i = 0; argv[i] != US 0; i++)
+ for (int i = 0; argv[i] != US 0; i++)
debug_printf(" argv[%d] = %s\n", i, string_printing(argv[i]));
}
}
(appendfile_transport_options_block *)(tblock->options_block);
uschar *q = ob->quota;
double default_value = 0.0;
-int i;
addrlist = addrlist; /* Keep picky compilers happy */
dummy = dummy;
/* Loop for quota, quota_filecount, quota_warn_threshold, mailbox_size,
mailbox_filecount */
-for (i = 0; i < 5; i++)
+for (int i = 0; i < 5; i++)
{
double d;
int no_check = 0;
{
struct servent *sp;
host_item host;
-host_item *h;
uschar buffer[256];
DEBUG(D_transport) debug_printf("notify_comsat called\n");
host.address = US"127.0.0.1";
-for (h = &host; h; h = h->next)
+for (host_item * h = &host; h; h = h->next)
{
int sock, rc;
int host_af = Ustrchr(h->address, ':') != NULL ? AF_INET6 : AF_INET;
if (match && tp)
{
- transport_instance *tt;
- for (tt = transports; tt; tt = tt->next)
+ for (transport_instance * tt = transports; tt; tt = tt->next)
if (Ustrcmp(tp, tt->name) == 0)
{
DEBUG(D_transport)
if (saved_size == 0)
{
- int i;
uschar *s;
memset (deliver_out_buffer, '\0', MBX_HDRSIZE);
sprintf(CS(s = deliver_out_buffer), "*mbx*\015\012%08lx00000000\015\012",
(long int)time(NULL));
- for (i = 0; i < MBX_NUSERFLAGS; i++)
+ for (int i = 0; i < MBX_NUSERFLAGS; i++)
sprintf (CS(s += Ustrlen(s)), "\015\012");
if (!transport_write_block (&tctx, deliver_out_buffer, MBX_HDRSIZE, FALSE))
return DEFER;
#ifndef NO_REALPATH
if (yield && create_file == create_belowhome)
{
- uschar *slash, *next;
+ uschar *next;
uschar *rp = NULL;
- for (slash = Ustrrchr(file, '/'); /* There is known to be one */
- rp == NULL && slash > file; /* Stop if reached beginning */
+ for (uschar * slash = Ustrrchr(file, '/'); /* There is known to be one */
+ rp == NULL && slash > file; /* Stop if reached beginning */
slash = next)
{
*slash = 0;
to the true local part. */
if (testflag(addr, af_file))
- {
- address_item *addr2;
- for (addr2 = addr; addr2 != NULL; addr2 = addr2->next)
+ for (address_item * addr2 = addr; addr2 != NULL; addr2 = addr2->next)
addr2->local_part = string_copy(path);
- }
/* The available mailbox formats depend on whether it is a directory or a file
delivery. */
checked at the end, to make sure we don't release this process until the
clock has ticked. */
- for (i = 1;; i++)
+ for (int i = 1;; i++)
{
uschar *basename;
else
{
FILE *env_file;
- address_item *taddr;
mailstore_basename = string_sprintf("%s/%s-%s", path, message_id,
string_base62((long int)getpid()));
fprintf(env_file, "%s\n", sender_address);
- for (taddr = addr; taddr!= NULL; taddr = taddr->next)
+ for (address_item * taddr = addr; taddr; taddr = taddr->next)
fprintf(env_file, "%s@%s\n", taddr->local_part, taddr->domain);
if (ob->mailstore_suffix != NULL)
yield = DEFER;
else
{
- address_item *a;
transport_newlines++;
- for (a = addr; a != NULL; a = a->next)
+ for (address_item * a = addr; a != NULL; a = a->next)
{
address_item *b = testflag(a, af_pfr) ? a->parent: a;
if (!transport_write_string(fd, "RCPT TO:<%s>%s\n",
if (newname == NULL)
{
- int i;
uschar *renameleaf;
uschar *old_renameleaf = US"";
- for (i = 0; ; sleep(1), i++)
+ for (int i = 0; ; sleep(1), i++)
{
deliver_inode = statbuf.st_ino;
renameleaf = expand_string(ob->dirfilename);
static uschar *
checkexpand(uschar *s, address_item *addr, uschar *name, int type)
{
-uschar *t;
uschar *ss = expand_string(s);
if (ss == NULL)
return NULL;
}
-if (type != cke_text) for (t = ss; *t != 0; t++)
+if (type != cke_text) for (uschar * t = ss; *t != 0; t++)
{
int c = *t;
const uschar * sp;
if (ob->once_file_size > 0)
{
- uschar * p, * nextp;
+ uschar * nextp;
struct stat statbuf;
cache_fd = Uopen(oncelog, O_CREAT|O_RDWR, ob->mode);
zero. If we find a match, put the time into "then", and the place where it
was found into "cache_time". Otherwise, "then" is left at zero. */
- for (p = cache_buff; p < cache_buff + cache_size; p = nextp)
+ for (uschar * p = cache_buff; p < cache_buff + cache_size; p = nextp)
{
uschar *s = p + sizeof(time_t);
nextp = s + Ustrlen(s) + 1;
uschar *s, *id, *error;
uschar *referenced_ids[12];
int reference_count = 0;
- int i;
s = Ustrchr(h->text, ':') + 1;
f.parse_allow_group = FALSE;
}
else referenced_ids[reference_count++] = id;
}
- for (i = 0; i < reference_count; ++i) fprintf(fp, " %s", referenced_ids[i]);
+ for (int i = 0; i < reference_count; ++i) fprintf(fp, " %s", referenced_ids[i]);
}
/* The message id will have a newline on the end of it. */
{
DEBUG(D_transport)
{
- int i;
debug_printf("LMTP input line incomplete in one buffer:\n ");
- for (i = 0; i < count; i++)
+ for (int i = 0; i < count; i++)
{
int c = (ptr[i]);
if (mac_isprint(c)) debug_printf("%c", c); else debug_printf("<%d>", c);
int code, save_errno;
BOOL send_data;
BOOL yield = FALSE;
-address_item *addr;
uschar *igquotstr = US"";
uschar *sockname = NULL;
const uschar **argv;
temporarily rejected; others may be accepted, for now. */
send_data = FALSE;
-for (addr = addrlist; addr != NULL; addr = addr->next)
+for (address_item * addr = addrlist; addr; addr = addr->next)
{
if (!lmtp_write_command(fd_in, "RCPT TO:<%s>%s\r\n",
transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr))
any that are accepted have been handed over, even if later responses crash -
at least, that's how I read RFC 2033. */
- for (addr = addrlist; addr != NULL; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
{
if (addr->transport_return != PENDING_OK) continue;
else if (errno != 0 || buffer[0] == 0)
{
- address_item *a;
save_errno = errno;
check_response(&save_errno, addr->more_errno, buffer, &code,
&(addr->message));
addr->transport_return = (code == '5')? FAIL : DEFER;
- for (a = addr->next; a != NULL; a = a->next)
+ for (address_item * a = addr->next; a; a = a->next)
{
if (a->transport_return != PENDING_OK) continue;
a->basic_errno = addr->basic_errno;
(p > cmd && p[-1] == '$') ||
(p > cmd + 1 && p[-2] == '$' && p[-1] == '{' && p[14] == '}')))
{
- address_item *ad;
uschar *q = p + 14;
if (p[-1] == '{') { q++; p--; }
g = string_get(Ustrlen(cmd) + 64);
g = string_catn(g, cmd, p - cmd - 1);
- for (ad = addr; ad; ad = ad->next)
+ for (address_item * ad = addr; ad; ad = ad->next)
{
/*XXX string_append_listele() ? */
if (ad != addr) g = string_catn(g, US" ", 1);
if (ob->use_bsmtp)
{
- address_item *a;
-
if (!transport_write_string(fd_in, "MAIL FROM:<%s>%s", return_path, eol))
goto END_WRITE;
- for (a = addr; a; a = a->next)
+ for (address_item * a = addr; a; a = a->next)
if (!transport_write_string(fd_in,
"RCPT TO:<%s>%s",
transport_rcpt_address(a, tblock->rcpt_include_affixes),
{
uschar *ss;
gstring * g;
- int i;
/* If temp_errors is "*" all codes are temporary. Initialization checks
that it's either "*" or a list of numbers. If not "*", scan the list of
g = string_catn(g, US" from command:", 14);
- for (i = 0; i < sizeof(argv)/sizeof(int *) && argv[i] != NULL; i++)
+ for (int i = 0; i < sizeof(argv)/sizeof(int *) && argv[i] != NULL; i++)
{
BOOL quote = FALSE;
g = string_catn(g, US" ", 1);
{
int i, j;
uschar buffer[16384];
-uschar * s;
if (lseek(src, 0, SEEK_SET) != 0)
return FALSE;
do
if ((j = read(src, buffer, sizeof(buffer))) > 0)
- for (s = buffer; (i = write(dst, s, j)) != j; s += i, j -= i)
+ for (uschar * s = buffer; (i = write(dst, s, j)) != j; s += i, j -= i)
if (i < 0)
return FALSE;
else if (j < 0)
#endif
)
{
-address_item *addr;
int orvalue = 0;
if (errno_value == ERRNO_CONNECTTIMEOUT)
{
errno_value = ETIMEDOUT;
orvalue = RTEF_CTOUT;
}
-for (addr = addrlist; addr; addr = addr->next)
+for (address_item * addr = addrlist; addr; addr = addr->next)
if (addr->transport_return >= PENDING)
{
addr->basic_errno = errno_value;
If one is found, attempt to authenticate by calling its client function.
*/
- for (au = auths; !f.smtp_authenticated && au; au = au->next)
+ for (auth_instance * au = auths; !f.smtp_authenticated && au; au = au->next)
{
uschar *p = names;
DEBUG(D_transport)
{
dns_scan dnss;
- dns_record * rr;
- for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
+ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == T_TLSA && rr->size > 3)
{
/* TLS session is set up */
smtp_peer_options_wrap = smtp_peer_options;
- for (addr = sx->addrlist; addr; addr = addr->next)
+ for (address_item * addr = sx->addrlist; addr; addr = addr->next)
if (addr->transport_return == PENDING_DEFER)
{
addr->cipher = tls_out.cipher;
{
shutdown(sx->cctx.sock, SHUT_WR);
if (fcntl(sx->cctx.sock, F_SETFL, O_NONBLOCK) == 0)
- for (rc = 16; read(sx->cctx.sock, sx->inbuffer, sizeof(sx->inbuffer)) > 0 && rc > 0;)
- rc--; /* drain socket */
+ for (int i = 16; read(sx->cctx.sock, sx->inbuffer, sizeof(sx->inbuffer)) > 0 && i > 0;)
+ i--; /* drain socket */
sx->send_quit = FALSE;
}
(void)close(sx->cctx.sock);
sx->prdr_active = FALSE;
if (sx->peer_offered & OPTION_PRDR)
- for (addr = addrlist; addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
if (addr->transport_return == PENDING_DEFER)
{
for (addr = addr->next; addr; addr = addr->next)
{
if (addr->dsn_flags & rf_dsnflags)
{
- int i;
BOOL first = TRUE;
Ustrcpy(p, " NOTIFY=");
while (*p) p++;
- for (i = 0; i < nelem(rf_list); i++) if (addr->dsn_flags & rf_list[i])
+ for (int i = 0; i < nelem(rf_list); i++) if (addr->dsn_flags & rf_list[i])
{
if (!first) *p++ = ',';
first = FALSE;
{
fd_set rfds, efds;
int max_fd = MAX(pfd[0], tls_out.active.sock) + 1;
-int rc, i, fd_bits, nbytes;
+int rc, i;
close(pfd[1]);
if ((rc = fork()))
FD_SET(tls_out.active.sock, &rfds);
FD_SET(pfd[0], &rfds);
-for (fd_bits = 3; fd_bits; )
+for (int fd_bits = 3; fd_bits; )
{
time_t time_left = timeout;
time_t time_start = time(NULL);
}
else
{
- for (nbytes = 0; rc - nbytes > 0; nbytes += i)
+ for (int nbytes = 0; rc - nbytes > 0; nbytes += i)
if ((i = write(pfd[0], buf + nbytes, rc - nbytes)) < 0) goto done;
}
else if (fd_bits & 1)
}
else
{
- for (nbytes = 0; rc - nbytes > 0; nbytes += i)
+ for (int nbytes = 0; rc - nbytes > 0; nbytes += i)
if ((i = tls_write(ct_ctx, buf + nbytes, rc - nbytes, FALSE)) < 0)
goto done;
}
if (continue_hostname && continue_sequence == 1)
{
- address_item * addr;
-
sx.peer_offered = smtp_peer_options;
sx.pending_MAIL = FALSE;
sx.ok = TRUE;
sx.next_addr = NULL;
- for (addr = addrlist; addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
addr->transport_return = PENDING_OK;
}
else
/* Process all transported addresses - for LMTP or PRDR, read a status for
each one. */
- for (addr = addrlist; addr != sx.first_addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr != sx.first_addr; addr = addr->next)
{
if (addr->transport_return != PENDING_OK) continue;
errno = ERRNO_DATA4XX;
addrlist->more_errno |= ((sx.buffer[1] - '0')*10 + sx.buffer[2] - '0') << 8;
}
- for (addr = addrlist; addr != sx.first_addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr != sx.first_addr; addr = addr->next)
if (sx.buffer[0] == '5' || addr->transport_return == OK)
addr->transport_return = PENDING_OK; /* allow set_errno action */
goto RESPONSE_FAILED;
and update the journal, or setup retry. */
overall_message = string_printing(sx.buffer);
- for (addr = addrlist; addr != sx.first_addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr != sx.first_addr; addr = addr->next)
if (addr->transport_return == OK)
addr->message = string_sprintf("%s\\n%s", addr->message, overall_message);
- for (addr = addrlist; addr != sx.first_addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr != sx.first_addr; addr = addr->next)
if (addr->transport_return == OK)
{
if (testflag(addr, af_homonym))
shutdown(sx.cctx.sock, SHUT_WR);
millisleep(f.running_in_test_harness ? 200 : 20);
if (fcntl(sx.cctx.sock, F_SETFL, O_NONBLOCK) == 0)
- for (rc = 16; read(sx.cctx.sock, sx.inbuffer, sizeof(sx.inbuffer)) > 0 && rc > 0;)
- rc--; /* drain socket */
+ for (int i = 16; read(sx.cctx.sock, sx.inbuffer, sizeof(sx.inbuffer)) > 0 && i > 0;)
+ i--; /* drain socket */
}
(void)close(sx.cctx.sock);
prepare_addresses(address_item *addrlist, host_item *host)
{
address_item *first_addr = NULL;
-address_item *addr;
-for (addr = addrlist; addr; addr = addr->next)
+for (address_item * addr = addrlist; addr; addr = addr->next)
if (addr->transport_return == DEFER)
{
if (!first_addr) first_addr = addr;
transport_instance *tblock, /* data for this instantiation */
address_item *addrlist) /* addresses we are working on */
{
-int cutoff_retry;
int defport;
int hosts_defer = 0;
int hosts_fail = 0;
DEBUG(D_transport)
{
debug_printf("%s transport entered\n", tblock->name);
- for (addr = addrlist; addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
debug_printf(" %s\n", addr->address);
if (hostlist)
{
debug_printf("hostlist:\n");
- for (host = hostlist; host; host = host->next)
+ for (host_item * host = hostlist; host; host = host->next)
debug_printf(" '%s' IP %s port %d\n", host->name, host->address, host->port);
}
if (continue_hostname)
time. After that, set the status and error data for any addresses that haven't
had it set already. */
-for (cutoff_retry = 0;
+for (int cutoff_retry = 0;
expired && cutoff_retry < (ob->delay_after_cutoff ? 1 : 2);
cutoff_retry++)
{
if (!host->address)
{
int new_port, flags;
- host_item *hh;
if (host->status >= hstatus_unusable)
{
/* Update the host (and any additional blocks, resulting from
multihoming) with a host-specific port, if any. */
- for (hh = host; hh != nexthost; hh = hh->next) hh->port = new_port;
+ for (host_item * hh = host; hh != nexthost; hh = hh->next) hh->port = new_port;
/* Failure to find the host at this time (usually DNS temporary failure)
is really a kind of routing failure rather than a transport failure.
"HOST_FIND_AGAIN" : "HOST_FIND_FAILED", host->name);
host->status = hstatus_unusable;
- for (addr = addrlist; addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
{
if (addr->transport_return != DEFER) continue;
addr->basic_errno = ERRNO_UNKNOWNHOST;
if (rc == HOST_FOUND_LOCAL && !ob->allow_localhost)
{
- for (addr = addrlist; addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
{
addr->basic_errno = 0;
addr->message = string_sprintf("%s transport found host %s to be "
&domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK))
{
expired = FALSE;
- for (addr = addrlist; addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
if (addr->transport_return == DEFER)
addr->message = US"domain matches queue_smtp_domains, or -odqs set";
continue; /* With next host */
if (f.dont_deliver)
{
- host_item *host2;
set_errno_nohost(addrlist, 0, NULL, OK, FALSE);
- for (addr = addrlist; addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
{
addr->host_used = host;
addr->special_action = '*';
{
debug_printf("*** delivery by %s transport bypassed by -N option\n"
"*** host and remaining hosts:\n", tblock->name);
- for (host2 = host; host2; host2 = host2->next)
+ for (host_item * host2 = host; host2; host2 = host2->next)
debug_printf(" %s [%s]\n", host2->name,
host2->address ? host2->address : US"unset");
}
if (!host_is_expired && ++unexpired_hosts_tried >= ob->hosts_max_try)
{
- host_item *h;
DEBUG(D_transport)
debug_printf("hosts_max_try limit reached with this host\n");
- for (h = host; h; h = h->next) if (h->mx != host->mx)
+ for (host_item * h = host; h; h = h->next) if (h->mx != host->mx)
{
nexthost = h;
unexpired_hosts_tried--;
case, see if any of them are deferred. */
if (rc == OK)
- for (addr = addrlist; addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
if (addr->transport_return == DEFER)
{
some_deferred = TRUE;
if (mua_wrapper)
{
- for (addr = addrlist; addr; addr = addr->next)
+ for (address_item * addr = addrlist; addr; addr = addr->next)
addr->transport_return = FAIL;
goto END_TRANSPORT;
}
down an existing TCP/IP connection, and something caused the host not to be
found, we end up here, but can detect these cases and handle them specially. */
-for (addr = addrlist; addr; addr = addr->next)
+for (address_item * addr = addrlist; addr; addr = addr->next)
{
/* If host is not NULL, it means that we stopped processing the host list
because of hosts_max_try or hosts_max_try_hardlimit. In the former case, this
len = i + j + 3;
HDEBUG(D_transport|D_acl|D_v)
{
- int i;
debug_printf_indent(" SOCKS>>");
- for (i = 0; i<len; i++) debug_printf(" %02x", s[i]);
+ for (int i = 0; i<len; i++) debug_printf(" %02x", s[i]);
debug_printf("\n");
}
if (send(fd, s, len, 0) < 0)
state = US"connect";
HDEBUG(D_transport|D_acl|D_v)
{
- int i;
debug_printf_indent(" SOCKS>>");
- for (i = 0; i<size; i++) debug_printf(" %02x", buf[i]);
+ for (int i = 0; i<size; i++) debug_printf(" %02x", buf[i]);
debug_printf("\n");
}
if (send(fd, buf, size, 0) < 0)
goto rcv_err;
HDEBUG(D_transport|D_acl|D_v)
{
- int i;
debug_printf_indent(" SOCKS>>");
- for (i = 0; i<size; i++) debug_printf(" %02x", buf[i]);
+ for (int i = 0; i<size; i++) debug_printf(" %02x", buf[i]);
debug_printf("\n");
}
if ( buf[0] != 5
uschar *
string_address_utf8_to_alabel(const uschar * utf8, uschar ** err)
{
-const uschar * s;
-uschar * l;
-uschar * d;
+uschar * l, * d;
if (!*utf8) return string_copy(utf8);
DEBUG(D_expand) debug_printf("addr from utf8 <%s>", utf8);
-for (s = utf8; *s; s++)
+for (const uschar * s = utf8; *s; s++)
if (*s == '@')
{
l = string_copyn(utf8, s - utf8);
transport_feedback * tf, int * yield)
{
BOOL done = FALSE;
-host_item * host;
if (addr->transport == cutthrough.addr.transport)
- for (host = host_list; host; host = host->next)
+ for (host_item * host = host_list; host; host = host->next)
if (Ustrcmp(host->address, cutthrough.host.address) == 0)
{
int host_af;
{
smtp_transport_options_block *ob =
(smtp_transport_options_block *)addr->transport->options_block;
- host_item * host;
/* The information wasn't available in the cache, so we have to do a real
callout and save the result in the cache for next time, unless no_cache is set,
/* If we did not use a cached connection, make connections to the hosts
and do real callouts. The list of hosts is passed in as an argument. */
- for (host = host_list; host && !done; host = host->next)
+ for (host_item * host = host_list; host && !done; host = host->next)
{
int host_af;
int port = 25;
&& !sx.lmtp
)
{
- address_item * parent, * caddr;
-
HDEBUG(D_acl|D_v) debug_printf_indent("holding verify callout open for %s\n",
cutthrough.delivery
? "cutthrough delivery" : "potential further verifies and delivery");
cutthrough.addr = *addr;
cutthrough.addr.next = NULL;
cutthrough.addr.host_used = &cutthrough.host;
- for (caddr = &cutthrough.addr, parent = addr->parent;
+ for (address_item * caddr = &cutthrough.addr, * parent = addr->parent;
parent;
caddr = caddr->parent, parent = parent->parent)
*(caddr->parent = store_get(sizeof(address_item))) = *parent;
cutthrough_finaldot(void)
{
uschar res;
-address_item * addr;
HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> .\n");
/* Assume data finshed with new-line */
res = cutthrough_response(&cutthrough.cctx, '2', &cutthrough.addr.message,
CUTTHROUGH_DATA_TIMEOUT);
-for (addr = &cutthrough.addr; addr; addr = addr->next)
+for (address_item * addr = &cutthrough.addr; addr; addr = addr->next)
{
addr->message = cutthrough.addr.message;
switch(res)
global_rewrite_rules, rewrite_existflags);
if (address != old)
{
- for (i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->localpart_cache[i] = 0;
- for (i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->domain_cache[i] = 0;
+ for (int i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->localpart_cache[i] = 0;
+ for (int i = 0; i < (MAX_NAMED_LIST * 2)/32; i++) vaddr->domain_cache[i] = 0;
if (fp && !expn) fprintf(fp, "Address rewritten as: %s\n", address);
}
}
else
{
int flags;
- host_item *host, *nexthost;
host_build_hostlist(&host_list, s, tf.hosts_randomize);
/* Just ignore failures to find a host address. If we don't manage
if (tf.qualify_single) flags |= HOST_FIND_QUALIFY_SINGLE;
if (tf.search_parents) flags |= HOST_FIND_SEARCH_PARENTS;
- for (host = host_list; host; host = nexthost)
+ for (host_item * host = host_list, * nexthost; host; host = nexthost)
{
nexthost = host->next;
if (tf.gethostbyname ||
while (addr_list)
{
address_item *addr = addr_list;
- address_item *p = addr->parent;
transport_instance * tp = addr->transport;
addr_list = addr->next;
/* Now show its parents */
- for (p = addr->parent; p; p = p->parent)
+ for (address_item * p = addr->parent; p; p = p->parent)
fprintf(fp, "\n <-- %s", p->address);
fprintf(fp, "\n ");
if (addr->host_list && tp && !tp->overrides_hosts)
{
- host_item *h;
int maxlen = 0;
int maxaddlen = 0;
- for (h = addr->host_list; h; h = h->next)
+ for (host_item * h = addr->host_list; h; h = h->next)
{ /* get max lengths of host names, addrs */
int len = Ustrlen(h->name);
if (len > maxlen) maxlen = len;
len = h->address ? Ustrlen(h->address) : 7;
if (len > maxaddlen) maxaddlen = len;
}
- for (h = addr->host_list; h; h = h->next)
+ for (host_item * h = addr->host_list; h; h = h->next)
{
fprintf(fp, " host %-*s ", maxlen, h->name);
int
verify_check_headers(uschar **msgptr)
{
-header_line *h;
uschar *colon, *s;
int yield = OK;
-for (h = header_list; h && yield == OK; h = h->next)
+for (header_line * h = header_list; h && yield == OK; h = h->next)
{
if (h->type != htype_from &&
h->type != htype_reply_to &&
int
verify_check_header_names_ascii(uschar **msgptr)
{
-header_line *h;
-uschar *colon, *s;
+uschar *colon;
-for (h = header_list; h; h = h->next)
+for (header_line * h = header_list; h; h = h->next)
{
colon = Ustrchr(h->text, ':');
- for(s = h->text; s < colon; s++)
+ for(uschar * s = h->text; s < colon; s++)
if ((*s < 33) || (*s > 126))
{
*msgptr = string_sprintf("Invalid character in header \"%.*s\" found",
int
verify_check_notblind(void)
{
-int i;
-for (i = 0; i < recipients_count; i++)
+for (int i = 0; i < recipients_count; i++)
{
- header_line *h;
BOOL found = FALSE;
uschar *address = recipients_list[i].address;
- for (h = header_list; !found && h != NULL; h = h->next)
+ for (header_line * h = header_list; !found && h; h = h->next)
{
uschar *colon, *s;
f.parse_allow_group = TRUE;
- while (*s != 0)
+ while (*s)
{
uschar *ss = parse_find_address_end(s, FALSE);
uschar *recipient,*errmess;
address_item *
verify_checked_sender(uschar *sender)
{
-address_item *addr;
-for (addr = sender_verified_list; addr != NULL; addr = addr->next)
- if (Ustrcmp(sender, addr->address) == 0) break;
-return addr;
+for (address_item * addr = sender_verified_list; addr; addr = addr->next)
+ if (Ustrcmp(sender, addr->address) == 0) return addr;
+return NULL;
}
static int header_types[] = { htype_sender, htype_reply_to, htype_from };
BOOL done = FALSE;
int yield = FAIL;
-int i;
-for (i = 0; i < 3 && !done; i++)
- {
- header_line *h;
- for (h = header_list; h != NULL && !done; h = h->next)
+for (int i = 0; i < 3 && !done; i++)
+ for (header_line * h = header_list; h != NULL && !done; h = h->next)
{
int terminator, new_ok;
uschar *s, *ss, *endname;
f.parse_allow_group = FALSE;
f.parse_found_group = FALSE;
} /* Next header, unless done */
- } /* Next header type unless done */
+ /* Next header type unless done */
if (yield == FAIL && *log_msgptr == NULL)
*log_msgptr = US"there is no valid sender in any header line";
}
else if (Ustrcmp(ss, "@[]") == 0)
{
- ip_address_item *ip;
- for (ip = host_find_interfaces(); ip != NULL; ip = ip->next)
+ for (ip_address_item * ip = host_find_interfaces(); ip; ip = ip->next)
if (Ustrcmp(ip->address, cb->host_address) == 0) return OK;
return FAIL;
}
course slashes may be present in lookups, but not preceded only by digits and
dots). */
-for (t = ss; isdigit(*t) || *t == '.'; t++);
+for (t = ss; isdigit(*t) || *t == '.'; ) t++;
if (*t == 0 || (*t == '/' && t != ss))
{
*error = US"malformed IPv4 address or address mask";
if (mlen == 0 && t == ss+3) mlen = -1; /* No mask supplied */
iplookup = (*t++ == '-');
}
-else t = ss;
+else
+ t = ss;
/* Do the IP address lookup if that is indeed what we have */
rc = host_find_byname(&h, NULL, HOST_FIND_QUALIFY_SINGLE, NULL, FALSE);
if (rc == HOST_FOUND || rc == HOST_FOUND_LOCAL)
{
- host_item *hh;
- for (hh = &h; hh != NULL; hh = hh->next)
- {
+ for (host_item * hh = &h; hh; hh = hh->next)
if (host_is_in_net(hh->address, cb->host_address, 0)) return OK;
- }
return FAIL;
}
if (rc == HOST_FIND_AGAIN) return DEFER;
if (host_aton(address, bin) == 1)
{
- int i;
int x = bin[0];
- for (i = 0; i < 4; i++)
+ for (int i = 0; i < 4; i++)
{
sprintf(CS bptr, "%d.", x & 255);
while (*bptr) bptr++;
#if HAVE_IPV6
else
- {
- int i, j;
- for (j = 3; j >= 0; j--)
+ for (int j = 3; j >= 0; j--)
{
int x = bin[j];
- for (i = 0; i < 8; i++)
+ for (int i = 0; i < 8; i++)
{
sprintf(CS bptr, "%x.", x & 15);
while (*bptr) bptr++;
x >>= 4;
}
}
- }
#endif
/* Remove trailing period -- this is needed so that both arbitrary
if (cb->rc == DNS_SUCCEED)
{
- dns_record *rr;
- dns_address **addrp = &(cb->rhs);
- for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
- rr;
+ dns_address ** addrp = &(cb->rhs);
+ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
if (rr->type == T_A)
{
{
cb->text_set = TRUE;
if (dns_basic_lookup(&dnsa, query, T_TXT) == DNS_SUCCEED)
- {
- dns_record *rr;
- for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
- rr;
+ for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
- if (rr->type == T_TXT) break;
- if (rr)
- {
- int len = (rr->data)[0];
- if (len > 511) len = 127;
- store_pool = POOL_PERM;
- cb->text = string_sprintf("%.*s", len, CUS (rr->data+1));
- store_pool = old_pool;
- }
- }
+ if (rr->type == T_TXT)
+ {
+ int len = (rr->data)[0];
+ if (len > 511) len = 127;
+ store_pool = POOL_PERM;
+ cb->text = string_sprintf("%.*s", len, CUS (rr->data+1));
+ store_pool = old_pool;
+ break;
+ }
}
dnslist_value = addlist;
int defer_return = FAIL;
const uschar *list = *listptr;
uschar *domain;
-uschar *s;
uschar buffer[1024];
uschar revadd[128]; /* Long enough for IPv6 address */
actually causing an error here, because that would no doubt hold up incoming
mail. Instead, I'll just log it. */
- for (s = domain; *s != 0; s++)
- {
+ for (uschar * s = domain; *s; s++)
if (!isalnum(*s) && *s != '-' && *s != '.' && *s != '_')
{
log_write(0, LOG_MAIN, "dnslists domain \"%s\" contains "
"strange characters - is this right?", domain);
break;
}
- }
/* Check the alternate domain if present */
- if (domain_txt != domain) for (s = domain_txt; *s != 0; s++)
- {
+ if (domain_txt != domain) for (uschar * s = domain_txt; *s; s++)
if (!isalnum(*s) && *s != '-' && *s != '.' && *s != '_')
{
log_write(0, LOG_MAIN, "dnslists domain \"%s\" contains "
"strange characters - is this right?", domain_txt);
break;
}
- }
/* If there is no key string, construct the query by adding the domain name
onto the inverted host address, and perform a single DNS lookup. */
- if (key == NULL)
+ if (!key)
{
if (where == ACL_WHERE_NOTSMTP_START || where == ACL_WHERE_NOTSMTP)
{