diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2015-02-21 23:51:57 +0000 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2015-02-22 00:01:35 +0000 |
| commit | 82c0c8ea2f3fe5524740c4b46bd9dc907b9d555d (patch) | |
| tree | 57ed62e9d005d007d2f5f4007c47fdab729d9f6f /src | |
| parent | ac9a0d9193d7d7ccd27aa8ebf31eb484182c3db4 (diff) | |
Relax rules on verb use in QUIT/not-QUIT ACLs. Bug 608
Diffstat (limited to 'src')
| -rw-r--r-- | src/src/acl.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/src/src/acl.c b/src/src/acl.c index 18119ecfa..ea078f6fd 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -4077,19 +4077,12 @@ while (acl != NULL) int cond; int basic_errno = 0; BOOL endpass_seen = FALSE; + BOOL acl_quit_check = level == 0 + && (where == ACL_WHERE_QUIT || where == ACL_WHERE_NOTQUIT); *log_msgptr = *user_msgptr = NULL; acl_temp_details = FALSE; - if ((where == ACL_WHERE_QUIT || where == ACL_WHERE_NOTQUIT) && - acl->verb != ACL_ACCEPT && - acl->verb != ACL_WARN) - { - *log_msgptr = string_sprintf("\"%s\" is not allowed in a QUIT or not-QUIT ACL", - verbs[acl->verb]); - return ERROR; - } - HDEBUG(D_acl) debug_printf("processing \"%s\"\n", verbs[acl->verb]); /* Clear out any search error message from a previous check before testing @@ -4170,6 +4163,7 @@ while (acl != NULL) if (cond == OK) { HDEBUG(D_acl) debug_printf("end of %s: DEFER\n", acl_name); + if (acl_quit_check) goto badquit; acl_temp_details = TRUE; return DEFER; } @@ -4179,6 +4173,7 @@ while (acl != NULL) if (cond == OK) { HDEBUG(D_acl) debug_printf("end of %s: DENY\n", acl_name); + if (acl_quit_check) goto badquit; return FAIL; } break; @@ -4187,6 +4182,7 @@ while (acl != NULL) if (cond == OK || cond == DISCARD) { HDEBUG(D_acl) debug_printf("end of %s: DISCARD\n", acl_name); + if (acl_quit_check) goto badquit; return DISCARD; } if (endpass_seen) @@ -4200,6 +4196,7 @@ while (acl != NULL) if (cond == OK) { HDEBUG(D_acl) debug_printf("end of %s: DROP\n", acl_name); + if (acl_quit_check) goto badquit; return FAIL_DROP; } break; @@ -4208,6 +4205,7 @@ while (acl != NULL) if (cond != OK) { HDEBUG(D_acl) debug_printf("end of %s: not OK\n", acl_name); + if (acl_quit_check) goto badquit; return cond; } break; @@ -4238,6 +4236,11 @@ while (acl != NULL) HDEBUG(D_acl) debug_printf("end of %s: implicit DENY\n", acl_name); return FAIL; + +badquit: + *log_msgptr = string_sprintf("QUIT or not-QUIT teplevel ACL may not fail " + "('%s' verb used incorrectly)", verbs[acl->verb]); + return ERROR; } |