diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2012-07-01 16:01:29 +0100 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2012-07-01 16:01:29 +0100 |
commit | 3e8abda0fa92b78c4a3dfbad940b12fc90c241e3 (patch) | |
tree | 856bfe57a0869370207b86139455ce3a8eb51303 /doc | |
parent | ad0192a86e59a2c3cef2945d68dc22e52258d085 (diff) | |
parent | bef3ea7f5de507f4eda7f32ac767ec6ac0441d57 (diff) |
Merge branch 'acl'
Diffstat (limited to 'doc')
-rw-r--r-- | doc/doc-docbook/spec.xfpt | 37 | ||||
-rw-r--r-- | doc/doc-txt/ChangeLog | 3 | ||||
-rw-r--r-- | doc/doc-txt/NewStuff | 9 |
3 files changed, 49 insertions, 0 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index f23c42afb..eb359d088 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -8758,6 +8758,23 @@ string easier to understand. This item inserts &"basic"& header lines. It is described with the &%header%& expansion item below. + +.vitem "&*${acl{*&<&'name'&>&*}{*&<&'arg'&>&*}...}*&" +.cindex "expansion" "calling an acl" +.cindex "&%acl%&" "call from expansion" +The name and zero to nine argument strings are first expanded separately. The expanded +arguments are assigned to the variables &$acl_arg1$& to &$acl_arg9$& in order. +Any unused are made empty. The variable &$acl_narg$& is set to the number of +arguments. The named ACL (see chapter &<<CHAPACL>>&) is called +and may use the variables; if another acl expansion is used the values +are overwritten. If the ACL sets +a value using a "message =" modifier and returns accept or deny, the value becomes +the result of the expansion. +If no message was set and the ACL returned accept or deny +the value is an empty string. +If the ACL returned defer the result is a forced-fail. Otherwise the expansion fails. + + .vitem "&*${dlfunc{*&<&'file'&>&*}{*&<&'function'&>&*}{*&<&'arg'&>&*}&&& {*&<&'arg'&>&*}...}*&" .cindex &%dlfunc%& @@ -10043,6 +10060,21 @@ In all cases, a relative comparator OP is testing if <&'string1'&> OP 10M, not if 10M is larger than &$message_size$&. +.vitem &*acl&~{{*&<&'name'&>&*}{*&<&'arg1'&>&*}&&& + {*&<&'arg2'&>&*}...}*& +.cindex "expansion" "calling an acl" +.cindex "&%acl%&" "expansion condition" +The name and zero to nine argument strings are first expanded separately. The expanded +arguments are assigned to the variables &$acl_arg1$& to &$acl_arg9$& in order. +Any unused are made empty. The variable &$acl_narg$& is set to the number of +arguments. The named ACL (see chapter &<<CHAPACL>>&) is called +and may use the variables; if another acl expansion is used the values +are overwritten. If the ACL sets +a value using a "message =" modifier the variable $value becomes +the result of the expansion, otherwise it is empty. +If the ACL returns accept the condition is true; if deny, false. +If the ACL returns defer the result is a forced-fail. + .vitem &*bool&~{*&<&'string'&>&*}*& .cindex "expansion" "boolean parsing" .cindex "&%bool%& expansion condition" @@ -27301,6 +27333,7 @@ The conditions are as follows: .vitem &*acl&~=&~*&<&'name&~of&~acl&~or&~ACL&~string&~or&~file&~name&~'&> .cindex "&ACL;" "nested" .cindex "&ACL;" "indirect" +.cindex "&ACL;" "arguments" .cindex "&%acl%& ACL condition" The possible values of the argument are the same as for the &%acl_smtp_%&&'xxx'& options. The named or inline ACL is run. If it returns @@ -27310,6 +27343,10 @@ condition is on a &%warn%& verb. In that case, a &"defer"& return makes the condition false. This means that further processing of the &%warn%& verb ceases, but processing of the ACL continues. +If the argument is a named ACL, up to nine space-separated optional values +can be appended; they appear in $acl_arg1 to $acl_arg9, and $acl_narg is set +to the count of values. The name and values are expanded separately. + If the nested &%acl%& returns &"drop"& and the outer condition denies access, the connection is dropped. If it returns &"discard"&, the verb must be &%accept%& or &%discard%&, and the action is taken immediately &-- no further diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index d1beab6e0..a9c9abed8 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -49,6 +49,9 @@ PP/09 Add gnutls_enable_pkcs11 option. PP/10 Let Linux makefile inherit CFLAGS/CFLAGS_DYNAMIC. Pulled from Debian 30_dontoverridecflags.dpatch by Andreas Metzler. +JH/04 Add expansion item ${acl {name}{arg}...}, expansion condition + "acl {{name}{arg}...}", and optional args on acl condition + "acl = name arg..." Exim version 4.80 ----------------- diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index c56256bdd..53d533dea 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -96,6 +96,15 @@ Version 4.81 through, thus breakage. So we explicitly inhibit the PKCS11 initialisation unless this new option is set. +10. The "acl = name" condition on an ACL now supports optional arguments. + New expansion item "${acl {name}{arg}...}" and expansion condition + "acl {{name}{arg}...}" are added. In all cases up to nine arguments + can be used, appearing in $acl_arg1 to $acl_arg9 for the called ACL. + Variable $acl_narg contains the number of arguments. If the ACL sets + a "message =" value this becomes the result of the expansion item, + or the value of $value for the expansion condition. If the ACL returns + accept the expansion condition is true; if reject, false. A defer + return results in a forced fail. Version 4.80 ------------ |