summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2012-06-24 16:57:06 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2012-06-24 16:57:06 +0100
commitfd8c9db9ffc56400f46b2f5168ae4ee36adc50a5 (patch)
tree6cae9280f97b9e600639b2a10ffd007324dfeb8e
parent333eea9c862f2368e61fee5ce7231011c19f04ec (diff)
parent7421ecabc69420415b86bd14f2abeee6f6fa4c81 (diff)
Merge branch 'acl-args' into acl
-rw-r--r--src/src/acl.c41
1 files changed, 34 insertions, 7 deletions
diff --git a/src/src/acl.c b/src/src/acl.c
index 84b0609cf..5101267c2 100644
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -236,7 +236,7 @@ at the outer level. In the other cases, expansion already occurs in the
checking functions. */
static uschar cond_expand_at_top[] = {
- TRUE, /* acl */
+ FALSE, /* acl */
TRUE, /* add_header */
FALSE, /* authenticated */
#ifdef EXPERIMENTAL_BRIGHTMAIL
@@ -2785,13 +2785,40 @@ for (; cb != NULL; cb = cb->next)
"discard" verb. */
case ACLC_ACL:
- rc = acl_check_internal(where, addr, arg, level+1, user_msgptr, log_msgptr);
- if (rc == DISCARD && verb != ACL_ACCEPT && verb != ACL_DISCARD)
{
- *log_msgptr = string_sprintf("nested ACL returned \"discard\" for "
- "\"%s\" command (only allowed with \"accept\" or \"discard\")",
- verbs[verb]);
- return ERROR;
+ uschar * cp = arg;
+ uschar * tmp;
+ uschar * name;
+
+ if (!(tmp = string_dequote(&cp)) || !(name = expand_string(tmp)))
+ {
+ if (expand_string_forcedfail) continue;
+ *log_msgptr = string_sprintf("failed to expand ACL string \"%s\": %s",
+ tmp, expand_string_message);
+ return search_find_defer? DEFER : ERROR;
+ }
+
+ for (acl_narg = 0; acl_narg < sizeof(acl_arg)/sizeof(*acl_arg); acl_narg++)
+ {
+ while (*cp && isspace(*cp)) cp++;
+ if (!*cp) break;
+ if (!(tmp = string_dequote(&cp)) || !(acl_arg[acl_narg] = expand_string(tmp)))
+ {
+ if (expand_string_forcedfail) continue;
+ *log_msgptr = string_sprintf("failed to expand ACL string \"%s\": %s",
+ arg, expand_string_message);
+ return search_find_defer? DEFER : ERROR;
+ }
+ }
+
+ rc = acl_check_internal(where, addr, name, level+1, user_msgptr, log_msgptr);
+ if (rc == DISCARD && verb != ACL_ACCEPT && verb != ACL_DISCARD)
+ {
+ *log_msgptr = string_sprintf("nested ACL returned \"discard\" for "
+ "\"%s\" command (only allowed with \"accept\" or \"discard\")",
+ verbs[verb]);
+ return ERROR;
+ }
}
break;