From e34f8ca2022e340d3c0e36260a0232fab306dfcc Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 18 Feb 2018 16:22:52 +0000 Subject: [PATCH] Expansions: make ${authresults } usable in a named ACL This will be more common than directly in the acl_smtp_data option, and suffers one less expansion in operation. --- src/src/dkim.c | 2 +- src/src/expand.c | 6 +++--- src/src/smtp_in.c | 2 +- src/src/spf.c | 2 +- test/confs/3403 | 8 +++++++- test/confs/4500 | 5 ++++- test/stderr/4507 | 7 ++++--- 7 files changed, 21 insertions(+), 11 deletions(-) diff --git a/src/src/dkim.c b/src/src/dkim.c index 4fe4a11ab..ec5ba494b 100644 --- a/src/src/dkim.c +++ b/src/src/dkim.c @@ -803,7 +803,7 @@ pdkim_signature * sig; for (sig = dkim_signatures; sig; sig = sig->next) { - g = string_catn(g, US";\\n\\tdkim=", 10); + g = string_catn(g, US";\n\tdkim=", 8); if (sig->verify_status & PDKIM_VERIFY_POLICY) g = string_append(g, 5, diff --git a/src/src/expand.c b/src/src/expand.c index 44e8e1ba0..d49f943b0 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -1666,11 +1666,11 @@ static gstring * authres_iprev(gstring * g) { if (sender_host_name) - return string_append(g, 3, US";\\n\\tiprev=pass (", sender_host_name, US")"); + return string_append(g, 3, US";\n\tiprev=pass (", sender_host_name, US")"); if (host_lookup_deferred) - return string_catn(g, US";\\n\\tiprev=temperror", 21); + return string_catn(g, US";\n\tiprev=temperror", 19); if (host_lookup_failed) - return string_catn(g, US";\\n\\tiprev=fail", 15); + return string_catn(g, US";\n\tiprev=fail", 13); return g; } diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 1b7df5c30..d804bc7d2 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -5751,7 +5751,7 @@ authres_smtpauth(gstring * g) if (!sender_host_authenticated) return g; -g = string_append(g, 4, US";\\n\\tauth=pass" +g = string_append(g, 4, US";\n\tauth=pass" " (", sender_host_authenticated, US") smtp.auth=", authenticated_id); if (authenticated_sender) g = string_append(g, 2, US" smtp.mailfrom=", authenticated_sender); diff --git a/src/src/spf.c b/src/src/spf.c index a2f93b0ce..12994a690 100644 --- a/src/src/spf.c +++ b/src/src/spf.c @@ -153,7 +153,7 @@ authres_spf(gstring * g) { if (!spf_result) return g; -return string_append(g, 4, US";\\n\\tspf=", spf_result, +return string_append(g, 4, US";\n\tspf=", spf_result, US" smtp.mailfrom=", expand_string(US"$sender_address_domain")); } diff --git a/test/confs/3403 b/test/confs/3403 index 79fb73fe1..b8c8086b6 100644 --- a/test/confs/3403 +++ b/test/confs/3403 @@ -7,7 +7,7 @@ primary_hostname = myhost.test.ex # ----- Main settings ----- acl_smtp_rcpt = accept -acl_smtp_data = accept add_header = :at_start:${authresults {$primary_hostname}} +acl_smtp_data = check_data # ----- Authentication ----- @@ -27,6 +27,12 @@ plain1: server_mail_auth_condition = ${if eq{$authenticated_id}{userx}{yes}} +# ----- ACL ----- +begin acl + +check_data: + accept add_header = :at_start:${authresults {$primary_hostname}} + # ----- Routers ----- begin routers diff --git a/test/confs/4500 b/test/confs/4500 index a952758ae..502de4a19 100644 --- a/test/confs/4500 +++ b/test/confs/4500 @@ -10,7 +10,7 @@ primary_hostname = myhost.test.ex acl_smtp_rcpt = accept acl_smtp_dkim = check_dkim -acl_smtp_data = accept logwrite = ${authresults {$primary_hostname}} +acl_smtp_data = check_data log_selector = +dkim_verbose @@ -37,4 +37,7 @@ check_dkim: accept .endif +check_data: + accept logwrite = ${authresults {$primary_hostname}} + # End diff --git a/test/stderr/4507 b/test/stderr/4507 index 42dd96980..e1961ceb3 100644 --- a/test/stderr/4507 +++ b/test/stderr/4507 @@ -23,11 +23,12 @@ LOG: 10HmaX-0005vi-00 signer: test.ex bits: 1024 >>> accept: condition test succeeded in ACL "check_dkim" >>> end of ACL "check_dkim": ACCEPT LOG: 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [verification succeeded] +>>> using ACL "check_data" >>> processing "accept" ->>> check logwrite = Authentication-Results: myhost.test.ex;\n\tdkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1 +>>> check logwrite = ${authresults {$primary_hostname}} >>> = Authentication-Results: myhost.test.ex; >>> dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1 LOG: 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1 ->>> accept: condition test succeeded in inline ACL ->>> end of inline ACL: ACCEPT +>>> accept: condition test succeeded in ACL "check_data" +>>> end of ACL "check_data": ACCEPT LOG: 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=qwerty1234@disco-zombie.net -- 2.30.2