diff options
-rw-r--r-- | doc/doc-misc/WishList | 7 | ||||
-rw-r--r-- | doc/doc-txt/ChangeLog | 9 | ||||
-rw-r--r-- | src/src/acl.c | 77 |
3 files changed, 65 insertions, 28 deletions
diff --git a/doc/doc-misc/WishList b/doc/doc-misc/WishList index a1c0243af..c42118bfd 100644 --- a/doc/doc-misc/WishList +++ b/doc/doc-misc/WishList @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-misc/WishList,v 1.24 2005/03/07 09:36:43 ph10 Exp $ +$Cambridge: exim/doc/doc-misc/WishList,v 1.25 2005/03/15 15:36:41 ph10 Exp $ EXIM 4 WISH LIST ---------------- @@ -1884,5 +1884,8 @@ address. The wish is for options to control these numbers. ... and possibly "accept" or "deny" it. ------------------------------------------------------------------------------ ---- HWM 321 ------------------------------------------------------------------ + +(322) 15-Mar-05 M Add a /defer_ok option to verify=reverse_host_lookup +------------------------------------------------------------------------------ +--- HWM 322 ------------------------------------------------------------------ ---------------------------- End of WishList --------------------------------- diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index fb88fa9e1..f4a898104 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.91 2005/03/15 14:09:12 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.92 2005/03/15 15:36:41 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -43,6 +43,13 @@ PH/04. Change 4.11/85 fixed an obscure bug concerned with addresses that are PH/05. Renamed the macro SOCKLEN_T as EXIM_SOCKLEN_T because AIX uses SOCKLEN_T in its include files, and this causes problems building Exim. +PH/06. A number of "verify =" ACL conditions have no options (e.g. verify = + header_syntax) but Exim was just ignoring anything given after a slash. + In particular, this caused confusion with an attempt to use "verify = + reverse_host_lookup/defer_ok". An error is now given when options are + supplied for verify items that do not have them. (Maybe reverse_host_ + lookup should have a defer_ok option, but that's a different point.) + A note about Exim versions 4.44 and 4.50 ---------------------------------------- diff --git a/src/src/acl.c b/src/src/acl.c index 1d0150d5b..8fb6a7eef 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/acl.c,v 1.24 2005/03/15 11:37:21 ph10 Exp $ */ +/* $Cambridge: exim/src/src/acl.c,v 1.25 2005/03/15 15:36:41 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -1028,6 +1028,13 @@ address_item *sender_vaddr = NULL; uschar *verify_sender_address = NULL; uschar *pm_mailfrom = NULL; uschar *se_mailfrom = NULL; + +/* Some of the verify items have slash-separated options; some do not. Diagnose +an error if options are given for items that don't expect them. This code has +now got very message. Refactoring to use a table would be a good idea one day. +*/ + +uschar *slash = Ustrchr(arg, '/'); uschar *list = arg; uschar *ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size); @@ -1037,6 +1044,7 @@ if (ss == NULL) goto BAD_VERIFY; if (strcmpic(ss, US"reverse_host_lookup") == 0) { + if (slash != NULL) goto NO_OPTIONS; if (sender_host_address == NULL) return OK; return acl_verify_reverse(user_msgptr, log_msgptr); } @@ -1047,6 +1055,7 @@ mandatory verification, the connection doesn't last this long.) */ if (strcmpic(ss, US"certificate") == 0) { + if (slash != NULL) goto NO_OPTIONS; if (tls_certificate_verified) return OK; *user_msgptr = US"no verified certificate"; return FAIL; @@ -1054,42 +1063,51 @@ if (strcmpic(ss, US"certificate") == 0) /* We can test the result of optional HELO verification */ -if (strcmpic(ss, US"helo") == 0) return helo_verified? OK : FAIL; +if (strcmpic(ss, US"helo") == 0) + { + if (slash != NULL) goto NO_OPTIONS; + return helo_verified? OK : FAIL; + } -/* Handle header verification options - permitted only after DATA or a non-SMTP -message. */ +/* Check that all relevant header lines have the correct syntax. If there is +a syntax error, we return details of the error to the sender if configured to +send out full details. (But a "message" setting on the ACL can override, as +always). */ -if (strncmpic(ss, US"header_", 7) == 0) +if (strcmpic(ss, US"header_syntax") == 0) { + if (slash != NULL) goto NO_OPTIONS; if (where != ACL_WHERE_DATA && where != ACL_WHERE_NOTSMTP) { *log_msgptr = string_sprintf("cannot check header contents in ACL for %s " "(only possible in ACL for DATA)", acl_wherenames[where]); return ERROR; } + rc = verify_check_headers(log_msgptr); + if (rc != OK && smtp_return_error_details && *log_msgptr != NULL) + *user_msgptr = string_sprintf("Rejected after DATA: %s", *log_msgptr); + return rc; + } - /* Check that all relevant header lines have the correct syntax. If there is - a syntax error, we return details of the error to the sender if configured to - send out full details. (But a "message" setting on the ACL can override, as - always). */ - if (strcmpic(ss+7, US"syntax") == 0) - { - int rc = verify_check_headers(log_msgptr); - if (rc != OK && smtp_return_error_details && *log_msgptr != NULL) - *user_msgptr = string_sprintf("Rejected after DATA: %s", *log_msgptr); - return rc; - } +/* The remaining verification tests check recipient and sender addresses, +either from the envelope or from the header. There are a number of +slash-separated options that are common to all of them. */ - /* Check that there is at least one verifiable sender address in the relevant - header lines. This can be followed by callout and defer options, just like - sender and recipient. */ - else if (strcmpic(ss+7, US"sender") == 0) verify_header_sender = TRUE; +/* Check that there is at least one verifiable sender address in the relevant +header lines. This can be followed by callout and defer options, just like +sender and recipient. */ - /* Unknown verify argument starting with "header_" */ - - else goto BAD_VERIFY; +if (strcmpic(ss, US"header_sender") == 0) + { + if (where != ACL_WHERE_DATA && where != ACL_WHERE_NOTSMTP) + { + *log_msgptr = string_sprintf("cannot check header contents in ACL for %s " + "(only possible in ACL for DATA)", acl_wherenames[where]); + return ERROR; + } + verify_header_sender = TRUE; } /* Otherwise, first item in verify argument must be "sender" or "recipient". @@ -1127,7 +1145,8 @@ else } } -/* Remaining items are optional */ +/* Remaining items are optional; they apply to sender and recipient +verification, including "header sender" verification. */ while ((ss = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)) != NULL) @@ -1501,9 +1520,17 @@ return rc; BAD_VERIFY: *log_msgptr = string_sprintf("expected \"sender[=address]\", \"recipient\", " - "\"header_syntax\" or \"header_sender\" at start of ACL condition " + "\"helo\", \"header_syntax\", \"header_sender\" or " + "\"reverse_host_lookup\" at start of ACL condition " "\"verify %s\"", arg); return ERROR; + +/* Options supplied when not allowed come here */ + +NO_OPTIONS: +*log_msgptr = string_sprintf("unexpected '/' found in \"%s\" " + "(this verify item has no options)", arg); +return ERROR; } |