From: Jeremy Harris Date: Wed, 20 Dec 2017 11:34:47 +0000 (+0000) Subject: ACL: Disallow '/' characters in queue names specified for "queue=" X-Git-Url: https://git.exim.org/users/jgh/exim.git/commitdiff_plain/944e8b37e80589aef9de20ea5fedd98bc0900307?ds=sidebyside ACL: Disallow '/' characters in queue names specified for "queue=" --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 7440a4c06..c06fb9c4f 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -17136,7 +17136,7 @@ be the name of a file that contains CRLs in PEM format. .new Under OpenSSL the option can specify a directory with CRL files. -&*Note: Under OpenSSL the option must, if given, supply a CRL +&*Note:*& Under OpenSSL the option must, if given, supply a CRL for each signing element of the certificate chain (i.e. all but the leaf). For the file variant this can be multiple PEM blocks in the one file. .wen @@ -28998,6 +28998,8 @@ effect. .vitem &*queue*&&~=&~<&'text'&> +.cindex "&%queue%& ACL modifier" +.cindex "named queues" "selecting in ACL" This modifier specifies the use of a named queue for spool files for the message. It can only be used before the message is received (i.e. not in diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index d4b1820d5..4897f4a0c 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -13,6 +13,9 @@ JH/01 Replace the store_release() internal interface with store_newblock(), the allocate and data copy operations duplicated in both (!) of the extant use locations. +JH/02 Disallow '/' characters in queue names specified for the "queue=" ACL + modifier. This matches the restriction on the commandline. + Exim version 4.90 ----------------- diff --git a/src/src/acl.c b/src/src/acl.c index 477b059a5..b8a4b8865 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -3597,6 +3597,12 @@ for (; cb != NULL; cb = cb->next) #endif case ACLC_QUEUE: + if (Ustrchr(arg, '/')) + { + *log_msgptr = string_sprintf( + "Directory separator not permitted in queue name: '%s'", arg); + return ERROR; + } queue_name = string_copy_malloc(arg); break;