summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorPhilip Hazel <ph10@hermes.cam.ac.uk>2005-04-04 10:33:49 +0000
committerPhilip Hazel <ph10@hermes.cam.ac.uk>2005-04-04 10:33:49 +0000
commit54cdb463ab15d0a064cfe0a276b3e3974767c8c7 (patch)
treeee03ebf8c5fb9c07a7eff6b83c2835062fab5dba /src
parentfb6f3d5c1822aa3062ad3aac9a63c57c350562f0 (diff)
Added acl_not_smtp_mime. This involved a bit of refactoring of the
content scanning code. Also, updated doc/OptionList.txt with all the content-scanning options (none had been added.)
Diffstat (limited to 'src')
-rw-r--r--src/src/functions.h6
-rw-r--r--src/src/globals.c5
-rw-r--r--src/src/globals.h5
-rw-r--r--src/src/mime.c12
-rw-r--r--src/src/readconf.c5
-rw-r--r--src/src/receive.c333
6 files changed, 209 insertions, 157 deletions
diff --git a/src/src/functions.h b/src/src/functions.h
index 88bc53d74..1563a55c3 100644
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/functions.h,v 1.12 2005/03/08 15:32:02 tom Exp $ */
+/* $Cambridge: exim/src/src/functions.h,v 1.13 2005/04/04 10:33:49 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -152,8 +152,8 @@ extern void md5_start(md5 *);
extern void millisleep(int);
#ifdef WITH_CONTENT_SCAN
struct mime_boundary_context;
-extern int mime_acl_check(FILE *f, struct mime_boundary_context *,
- uschar **, uschar **);
+extern int mime_acl_check(uschar *acl, FILE *f,
+ struct mime_boundary_context *, uschar **, uschar **);
extern int mime_decode(uschar **);
extern int mime_regex(uschar **);
#endif
diff --git a/src/src/globals.c b/src/src/globals.c
index 2324e4072..5fe414b43 100644
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.c,v 1.20 2005/03/22 14:11:54 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.c,v 1.21 2005/04/04 10:33:49 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -160,6 +160,9 @@ int address_expansions_count = sizeof(address_expansions)/sizeof(uschar **);
tree_node *acl_anchor = NULL;
uschar *acl_not_smtp = NULL;
+#ifdef WITH_CONTENT_SCAN
+uschar *acl_not_smtp_mime = NULL;
+#endif
uschar *acl_smtp_auth = NULL;
uschar *acl_smtp_connect = NULL;
uschar *acl_smtp_data = NULL;
diff --git a/src/src/globals.h b/src/src/globals.h
index 404838126..37faa9d50 100644
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.h,v 1.13 2005/03/22 14:11:54 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.h,v 1.14 2005/04/04 10:33:49 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -102,6 +102,9 @@ extern uschar **address_expansions[ADDRESS_EXPANSIONS_COUNT];
extern BOOL accept_8bitmime; /* Allow *BITMIME incoming */
extern tree_node *acl_anchor; /* Tree of named ACLs */
extern uschar *acl_not_smtp; /* ACL run for non-SMTP messages */
+#ifdef WITH_CONTENT_SCAN
+extern uschar *acl_not_smtp_mime; /* For MIME parts of ditto */
+#endif
extern uschar *acl_smtp_auth; /* ACL run for AUTH */
extern uschar *acl_smtp_connect; /* ACL run on SMTP connection */
extern uschar *acl_smtp_data; /* ACL run after DATA received */
diff --git a/src/src/mime.c b/src/src/mime.c
index f97d25abb..05b6e3e2a 100644
--- a/src/src/mime.c
+++ b/src/src/mime.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/mime.c,v 1.6 2005/03/08 16:57:28 ph10 Exp $ */
+/* $Cambridge: exim/src/src/mime.c,v 1.7 2005/04/04 10:33:49 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -502,8 +502,8 @@ int mime_get_header(FILE *f, uschar *header) {
}
-int mime_acl_check(FILE *f, struct mime_boundary_context *context, uschar
- **user_msgptr, uschar **log_msgptr) {
+int mime_acl_check(uschar *acl, FILE *f, struct mime_boundary_context *context,
+ uschar **user_msgptr, uschar **log_msgptr) {
int rc = OK;
uschar *header = NULL;
struct mime_boundary_context nested_context;
@@ -512,7 +512,7 @@ int mime_acl_check(FILE *f, struct mime_boundary_context *context, uschar
header = (uschar *)malloc(MIME_MAX_HEADER_SIZE+1);
if (header == NULL) {
log_write(0, LOG_PANIC,
- "acl_smtp_mime: can't allocate %d bytes of memory.", MIME_MAX_HEADER_SIZE+1);
+ "MIME ACL: can't allocate %d bytes of memory.", MIME_MAX_HEADER_SIZE+1);
return DEFER;
};
@@ -659,7 +659,7 @@ int mime_acl_check(FILE *f, struct mime_boundary_context *context, uschar
mime_is_coverletter = !(context && context->context == MBC_ATTACHMENT);
/* call ACL handling function */
- rc = acl_check(ACL_WHERE_MIME, NULL, acl_smtp_mime, user_msgptr, log_msgptr);
+ rc = acl_check(ACL_WHERE_MIME, NULL, acl, user_msgptr, log_msgptr);
mime_stream = NULL;
mime_current_boundary = NULL;
@@ -680,7 +680,7 @@ int mime_acl_check(FILE *f, struct mime_boundary_context *context, uschar
else
nested_context.context = MBC_COVERLETTER_ONESHOT;
- rc = mime_acl_check(f, &nested_context, user_msgptr, log_msgptr);
+ rc = mime_acl_check(acl, f, &nested_context, user_msgptr, log_msgptr);
if (rc != OK) break;
}
else if ( (mime_content_type != NULL) &&
diff --git a/src/src/readconf.c b/src/src/readconf.c
index 302255ddf..0fe00cf6b 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/readconf.c,v 1.5 2005/02/17 11:58:26 ph10 Exp $ */
+/* $Cambridge: exim/src/src/readconf.c,v 1.6 2005/04/04 10:33:49 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -135,6 +135,9 @@ static optionlist optionlist_config[] = {
{ "*set_system_filter_user", opt_bool|opt_hidden, &system_filter_uid_set },
{ "accept_8bitmime", opt_bool, &accept_8bitmime },
{ "acl_not_smtp", opt_stringptr, &acl_not_smtp },
+#ifdef WITH_CONTENT_SCAN
+ { "acl_not_smtp_mime", opt_stringptr, &acl_not_smtp_mime },
+#endif
{ "acl_smtp_auth", opt_stringptr, &acl_smtp_auth },
{ "acl_smtp_connect", opt_stringptr, &acl_smtp_connect },
{ "acl_smtp_data", opt_stringptr, &acl_smtp_data },
diff --git a/src/src/receive.c b/src/src/receive.c
index e4ce9cb23..325544643 100644
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/receive.c,v 1.12 2005/03/08 15:32:02 tom Exp $ */
+/* $Cambridge: exim/src/src/receive.c,v 1.13 2005/04/04 10:33:49 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -510,7 +510,7 @@ for (count = 0; count < recipients_count; count++)
{
if ((--recipients_count - count) > 0)
memmove(recipients_list + count, recipients_list + count + 1,
- (recipients_count - count)*sizeof(recipient_item));
+ (recipients_count - count)*sizeof(recipient_item));
return TRUE;
}
}
@@ -1009,6 +1009,146 @@ return s;
/*************************************************
+* Run the MIME ACL on a message *
+*************************************************/
+
+/* This code is in a subroutine so that it can be used for both SMTP
+and non-SMTP messages. It is called with a non-NULL ACL pointer.
+
+Arguments:
+ acl The ACL to run (acl_smtp_mime or acl_not_smtp_mime)
+ smtp_yield_ptr Set FALSE to kill messages after dropped connection
+ smtp_reply_ptr Where SMTP reply is being built
+ blackholed_by_ptr Where "blackholed by" message is being built
+
+Returns: TRUE to carry on; FALSE to abandon the message
+*/
+
+static BOOL
+run_mime_acl(uschar *acl, BOOL *smtp_yield_ptr, uschar **smtp_reply_ptr,
+ uschar **blackholed_by_ptr)
+{
+FILE *mbox_file;
+uschar rfc822_file_path[2048];
+unsigned long mbox_size;
+header_line *my_headerlist;
+uschar *user_msg, *log_msg;
+int mime_part_count_buffer = -1;
+int rc;
+
+memset(CS rfc822_file_path,0,2048);
+
+/* check if it is a MIME message */
+my_headerlist = header_list;
+while (my_headerlist != NULL) {
+ /* skip deleted headers */
+ if (my_headerlist->type == '*') {
+ my_headerlist = my_headerlist->next;
+ continue;
+ };
+ if (strncmpic(my_headerlist->text, US"Content-Type:", 13) == 0) {
+ DEBUG(D_receive) debug_printf("Found Content-Type: header - executing acl_smtp_mime.\n");
+ goto DO_MIME_ACL;
+ };
+ my_headerlist = my_headerlist->next;
+};
+
+DEBUG(D_receive) debug_printf("No Content-Type: header - presumably not a MIME message.\n");
+return TRUE;
+
+DO_MIME_ACL:
+/* make sure the eml mbox file is spooled up */
+mbox_file = spool_mbox(&mbox_size);
+if (mbox_file == NULL) {
+ /* error while spooling */
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "acl_smtp_mime: error while creating mbox spool file, message temporarily rejected.");
+ Uunlink(spool_name);
+ unspool_mbox();
+ smtp_respond(451, TRUE, US"temporary local problem");
+ message_id[0] = 0; /* Indicate no message accepted */
+ *smtp_reply_ptr = US""; /* Indicate reply already sent */
+ return FALSE; /* Indicate skip to end of receive function */
+};
+
+mime_is_rfc822 = 0;
+
+MIME_ACL_CHECK:
+mime_part_count = -1;
+rc = mime_acl_check(acl, mbox_file, NULL, &user_msg, &log_msg);
+fclose(mbox_file);
+
+if (Ustrlen(rfc822_file_path) > 0) {
+ mime_part_count = mime_part_count_buffer;
+
+ if (unlink(CS rfc822_file_path) == -1) {
+ log_write(0, LOG_PANIC,
+ "acl_smtp_mime: can't unlink RFC822 spool file, skipping.");
+ goto END_MIME_ACL;
+ };
+};
+
+/* check if we must check any message/rfc822 attachments */
+if (rc == OK) {
+ uschar temp_path[1024];
+ int n;
+ struct dirent *entry;
+ DIR *tempdir;
+
+ snprintf(CS temp_path, 1024, "%s/scan/%s", spool_directory, message_id);
+
+ tempdir = opendir(CS temp_path);
+ n = 0;
+ do {
+ entry = readdir(tempdir);
+ if (entry == NULL) break;
+ if (strncmpic(US entry->d_name,US"__rfc822_",9) == 0) {
+ snprintf(CS rfc822_file_path, 2048,"%s/scan/%s/%s", spool_directory, message_id, entry->d_name);
+ debug_printf("RFC822 attachment detected: running MIME ACL for '%s'\n", rfc822_file_path);
+ break;
+ };
+ } while (1);
+ closedir(tempdir);
+
+ if (entry != NULL) {
+ mbox_file = Ufopen(rfc822_file_path,"r");
+ if (mbox_file == NULL) {
+ log_write(0, LOG_PANIC,
+ "acl_smtp_mime: can't open RFC822 spool file, skipping.");
+ unlink(CS rfc822_file_path);
+ goto END_MIME_ACL;
+ };
+ /* set RFC822 expansion variable */
+ mime_is_rfc822 = 1;
+ mime_part_count_buffer = mime_part_count;
+ goto MIME_ACL_CHECK;
+ };
+};
+
+END_MIME_ACL:
+add_acl_headers(US"MIME");
+if (rc == DISCARD)
+ {
+ recipients_count = 0;
+ *blackholed_by_ptr = US"MIME ACL";
+ }
+else if (rc != OK)
+ {
+ Uunlink(spool_name);
+ unspool_mbox();
+ if (smtp_handle_acl_fail(ACL_WHERE_MIME, rc, user_msg, log_msg) != 0)
+ *smtp_yield_ptr = FALSE; /* No more messsages after dropped connection */
+ *smtp_reply_ptr = US""; /* Indicate reply already sent */
+ message_id[0] = 0; /* Indicate no message accepted */
+ return FALSE; /* Cause skip to end of receive function */
+ };
+
+return TRUE;
+}
+
+
+
+/*************************************************
* Receive message *
*************************************************/
@@ -2754,127 +2894,13 @@ else
#endif
#ifdef WITH_CONTENT_SCAN
- /* MIME ACL hook */
- if (acl_smtp_mime != NULL && recipients_count > 0)
- {
- FILE *mbox_file;
- uschar rfc822_file_path[2048];
- unsigned long mbox_size;
- header_line *my_headerlist;
- uschar *user_msg, *log_msg;
- int mime_part_count_buffer = -1;
-
- memset(CS rfc822_file_path,0,2048);
-
- /* check if it is a MIME message */
- my_headerlist = header_list;
- while (my_headerlist != NULL) {
- /* skip deleted headers */
- if (my_headerlist->type == '*') {
- my_headerlist = my_headerlist->next;
- continue;
- };
- if (strncmpic(my_headerlist->text, US"Content-Type:", 13) == 0) {
- DEBUG(D_receive) debug_printf("Found Content-Type: header - executing acl_smtp_mime.\n");
- goto DO_MIME_ACL;
- };
- my_headerlist = my_headerlist->next;
- };
-
- DEBUG(D_receive) debug_printf("No Content-Type: header - presumably not a MIME message.\n");
- goto NO_MIME_ACL;
-
- DO_MIME_ACL:
- /* make sure the eml mbox file is spooled up */
- mbox_file = spool_mbox(&mbox_size);
- if (mbox_file == NULL) {
- /* error while spooling */
- log_write(0, LOG_MAIN|LOG_PANIC,
- "acl_smtp_mime: error while creating mbox spool file, message temporarily rejected.");
- Uunlink(spool_name);
- unspool_mbox();
- smtp_respond(451, TRUE, US"temporary local problem");
- message_id[0] = 0; /* Indicate no message accepted */
- smtp_reply = US""; /* Indicate reply already sent */
- goto TIDYUP; /* Skip to end of function */
- };
-
- mime_is_rfc822 = 0;
-
- MIME_ACL_CHECK:
- mime_part_count = -1;
- rc = mime_acl_check(mbox_file, NULL, &user_msg, &log_msg);
- fclose(mbox_file);
-
- if (Ustrlen(rfc822_file_path) > 0) {
- mime_part_count = mime_part_count_buffer;
-
- if (unlink(CS rfc822_file_path) == -1) {
- log_write(0, LOG_PANIC,
- "acl_smtp_mime: can't unlink RFC822 spool file, skipping.");
- goto END_MIME_ACL;
- };
- };
-
- /* check if we must check any message/rfc822 attachments */
- if (rc == OK) {
- uschar temp_path[1024];
- int n;
- struct dirent *entry;
- DIR *tempdir;
-
- snprintf(CS temp_path, 1024, "%s/scan/%s", spool_directory, message_id);
-
- tempdir = opendir(CS temp_path);
- n = 0;
- do {
- entry = readdir(tempdir);
- if (entry == NULL) break;
- if (strncmpic(US entry->d_name,US"__rfc822_",9) == 0) {
- snprintf(CS rfc822_file_path, 2048,"%s/scan/%s/%s", spool_directory, message_id, entry->d_name);
- debug_printf("RFC822 attachment detected: running MIME ACL for '%s'\n", rfc822_file_path);
- break;
- };
- } while (1);
- closedir(tempdir);
-
- if (entry != NULL) {
- mbox_file = Ufopen(rfc822_file_path,"r");
- if (mbox_file == NULL) {
- log_write(0, LOG_PANIC,
- "acl_smtp_mime: can't open RFC822 spool file, skipping.");
- unlink(CS rfc822_file_path);
- goto END_MIME_ACL;
- };
- /* set RFC822 expansion variable */
- mime_is_rfc822 = 1;
- mime_part_count_buffer = mime_part_count;
- goto MIME_ACL_CHECK;
- };
- };
-
- END_MIME_ACL:
- add_acl_headers(US"MIME");
- if (rc == DISCARD)
- {
- recipients_count = 0;
- blackholed_by = US"MIME ACL";
- }
- else if (rc != OK)
- {
- Uunlink(spool_name);
- unspool_mbox();
- if (smtp_handle_acl_fail(ACL_WHERE_MIME, rc, user_msg, log_msg) != 0)
- smtp_yield = FALSE; /* No more messsages after dropped connection */
- smtp_reply = US""; /* Indicate reply already sent */
- message_id[0] = 0; /* Indicate no message accepted */
- goto TIDYUP; /* Skip to end of function */
- };
- }
-
- NO_MIME_ACL:
+ if (acl_smtp_mime != NULL &&
+ !run_mime_acl(acl_smtp_mime, &smtp_yield, &smtp_reply, &blackholed_by))
+ goto TIDYUP;
#endif /* WITH_CONTENT_SCAN */
+ /* Check the recipients count again, as the MIME ACL might have changed
+ them. */
if (acl_smtp_data != NULL && recipients_count > 0)
{
@@ -2906,39 +2932,56 @@ else
/* Handle non-SMTP and batch SMTP (i.e. non-interactive) messages. Note that
we cannot take different actions for permanent and temporary rejections. */
- else if (acl_not_smtp != NULL)
+ else
{
- uschar *user_msg, *log_msg;
- rc = acl_check(ACL_WHERE_NOTSMTP, NULL, acl_not_smtp, &user_msg, &log_msg);
- if (rc == DISCARD)
- {
- recipients_count = 0;
- blackholed_by = US"non-SMTP ACL";
- if (log_msg != NULL) blackhole_log_msg = string_sprintf(": %s", log_msg);
- }
- else if (rc != OK)
+
+#ifdef WITH_CONTENT_SCAN
+ if (acl_not_smtp_mime != NULL &&
+ !run_mime_acl(acl_not_smtp_mime, &smtp_yield, &smtp_reply,
+ &blackholed_by))
+ goto TIDYUP;
+#endif /* WITH_CONTENT_SCAN */
+
+ if (acl_not_smtp != NULL)
{
- Uunlink(spool_name);
- log_write(0, LOG_MAIN|LOG_REJECT, "F=<%s> rejected by non-SMTP ACL: %s",
- sender_address, log_msg);
- if (user_msg == NULL) user_msg = US"local configuration problem";
- if (smtp_batched_input)
+ uschar *user_msg, *log_msg;
+ rc = acl_check(ACL_WHERE_NOTSMTP, NULL, acl_not_smtp, &user_msg, &log_msg);
+ if (rc == DISCARD)
{
- moan_smtp_batch(NULL, "%d %s", 550, user_msg);
- /* Does not return */
+ recipients_count = 0;
+ blackholed_by = US"non-SMTP ACL";
+ if (log_msg != NULL)
+ blackhole_log_msg = string_sprintf(": %s", log_msg);
}
- else
+ else if (rc != OK)
{
- fseek(data_file, (long int)SPOOL_DATA_START_OFFSET, SEEK_SET);
- give_local_error(ERRMESS_LOCAL_ACL, user_msg,
- US"message rejected by non-SMTP ACL: ", error_rc, data_file,
- header_list);
- /* Does not return */
+ Uunlink(spool_name);
+#ifdef WITH_CONTENT_SCAN
+ unspool_mbox();
+#endif
+ log_write(0, LOG_MAIN|LOG_REJECT, "F=<%s> rejected by non-SMTP ACL: %s",
+ sender_address, log_msg);
+ if (user_msg == NULL) user_msg = US"local configuration problem";
+ if (smtp_batched_input)
+ {
+ moan_smtp_batch(NULL, "%d %s", 550, user_msg);
+ /* Does not return */
+ }
+ else
+ {
+ fseek(data_file, (long int)SPOOL_DATA_START_OFFSET, SEEK_SET);
+ give_local_error(ERRMESS_LOCAL_ACL, user_msg,
+ US"message rejected by non-SMTP ACL: ", error_rc, data_file,
+ header_list);
+ /* Does not return */
+ }
}
+ add_acl_headers(US"non-SMTP");
}
- add_acl_headers(US"non-SMTP");
}
+ /* The applicable ACLs have been run */
+
if (deliver_freeze) frozen_by = US"ACL"; /* for later logging */
if (queue_only_policy) queued_by = US"ACL";