From 641cb756c2435863f776dfdee060338d482219c2 Mon Sep 17 00:00:00 2001 From: Philip Hazel <ph10@hermes.cam.ac.uk> Date: Tue, 19 Sep 2006 14:31:06 +0000 Subject: Tweak the ACL variable name code to require either a digit or an underscore after acl_c or acl_m. --- doc/doc-txt/ChangeLog | 4 ++-- doc/doc-txt/NewStuff | 27 +++++++++++---------- src/src/acl.c | 23 ++++++++++-------- src/src/expand.c | 64 ++++++++++++++++++++++++++++--------------------- test/aux-var-src/0372.F | 2 +- test/confs/0372 | 6 ++--- test/stderr/0372 | 18 +++++++------- 7 files changed, 79 insertions(+), 65 deletions(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 7dc6095d7..1dcf3b2c5 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.393 2006/09/19 11:28:44 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.394 2006/09/19 14:31:06 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -43,7 +43,7 @@ PH/07 There was no check for overflow in expansions such as ${if >{1}{4096M}}. PH/08 An error is now given if message_size_limit is specified negative. PH/09 Applied and tidied up Jakob Hirsch's patch for allowing ACL variables - to be given arbitrary names. + to be given (somewhat) arbitrary names. Exim version 4.63 diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 5be3e69bf..6ee8f6bdc 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/NewStuff,v 1.109 2006/09/19 11:28:44 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/NewStuff,v 1.110 2006/09/19 14:31:06 ph10 Exp $ New Features in Exim -------------------- @@ -13,22 +13,23 @@ Version 4.64 ------------ 1. ACL variables can now be given arbitrary names, as long as they start with - "acl_c" or "acl_m" (for connection variables and message variables) and are - at least 6 characters long. However, only alphanumeric characters and - underscores are allowed. This is a compatible change because the old set of + "acl_c" or "acl_m" (for connection variables and message variables), are + at least six characters long, with the sixth character being either a digit + or an underscore. The rest of the name can contain alphanumeric characters + and underscores. This is a compatible change because the old set of variables such as acl_m12 are a subset of the allowed names. There may now be any number of ACL variables. For example: - set acl_c_foo = something - set acl_ccc = thingsome - set acl_m13 = value for original ACL variable - set acl_m13b = whatever + set acl_c13 = value for original ACL variable + set acl_c13b = whatever + set acl_m_foo = something - What happens if an undefined ACL variable is referenced depends on the - setting of the strict_acl_vars option. If it is false (the default), an - empty string is substituted; if it is true, an error is generated. This - affects all ACL variables, including the "old" ones such as acl_c4. - (Previously there wasn't the concept of an undefined ACL variable.) + What happens if a syntactically valid but undefined ACL variable is + referenced depends on the setting of the strict_acl_vars option. If it is + false (the default), an empty string is substituted; if it is true, an error + is generated. This affects all ACL variables, including the "old" ones such + as acl_c4. (Previously there wasn't the concept of an undefined ACL + variable.) The implementation has been done in such a way that spool files containing ACL variable settings written by previous releases of Exim are compatible diff --git a/src/src/acl.c b/src/src/acl.c index 8c2ab699a..5709a11ab 100644 --- a/src/src/acl.c +++ b/src/src/acl.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/acl.c,v 1.64 2006/09/19 11:28:45 ph10 Exp $ */ +/* $Cambridge: exim/src/src/acl.c,v 1.65 2006/09/19 14:31:06 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -808,8 +808,10 @@ while ((s = (*func)()) != NULL) gives us a variable name to insert into the data block. The original ACL variable names were acl_c0 ... acl_c9 and acl_m0 ... acl_m9. This was extended to 20 of each type, but after that people successfully argued for - arbitrary names. For compatibility, however, the names must still start with - acl_c or acl_m. After that, we allow alphanumerics and underscores. */ + arbitrary names. In the new scheme, the names must start with acl_c or acl_m. + After that, we allow alphanumerics and underscores, but the first character + after c or m must be a digit or an underscore. This retains backwards + compatibility. */ if (c == ACLC_SET) { @@ -824,6 +826,14 @@ while ((s = (*func)()) != NULL) } endptr = s + 5; + if (!isdigit(*endptr) && *endptr != '_') + { + *error = string_sprintf("invalid variable name after \"set\" in ACL " + "modifier \"set %s\" (digit or underscore must follow acl_c or acl_m)", + s); + return NULL; + } + while (*endptr != 0 && *endptr != '=' && !isspace(*endptr)) { if (!isalnum(*endptr) && *endptr != '_') @@ -835,13 +845,6 @@ while ((s = (*func)()) != NULL) endptr++; } - if (endptr - s < 6) - { - *error = string_sprintf("invalid variable name after \"set\" in ACL " - "modifier \"set %s\" (must be at least 6 characters)", s); - return NULL; - } - cond->u.varname = string_copyn(s + 4, endptr - s - 4); s = endptr; while (isspace(*s)) s++; diff --git a/src/src/expand.c b/src/src/expand.c index 2e39f2638..b47a1bc12 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/expand.c,v 1.61 2006/09/19 11:28:45 ph10 Exp $ */ +/* $Cambridge: exim/src/src/expand.c,v 1.62 2006/09/19 14:31:07 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -1236,15 +1236,16 @@ int last = var_table_size; /* Handle ACL variables, whose names are of the form acl_cxxx or acl_mxxx. Originally, xxx had to be a number in the range 0-9 (later 0-19), but from release 4.64 onwards arbitrary names are permitted, as long as the first 5 -characters are acl_c or acl_m (this gave backwards compatibility at the -changeover). There may be built-in variables whose names start acl_ but they -should never start acl_c or acl_m. This slightly messy specification is a -consequence of the history, needless to say. +characters are acl_c or acl_m and the sixth is either a digit or an underscore +(this gave backwards compatibility at the changeover). There may be built-in +variables whose names start acl_ but they should never start in this way. This +slightly messy specification is a consequence of the history, needless to say. If an ACL variable does not exist, treat it as empty, unless strict_acl_vars is set, in which case give an error. */ -if (Ustrncmp(name, "acl_c", 5) == 0 || Ustrncmp(name, "acl_m", 5) == 0) +if ((Ustrncmp(name, "acl_c", 5) == 0 || Ustrncmp(name, "acl_m", 5) == 0) && + !isalpha(name[5])) { tree_node *node = tree_search((name[4] == 'c')? acl_var_c : acl_var_m, name + 4); @@ -1565,6 +1566,33 @@ return 0; +/************************************************* +* Elaborate message for bad variable * +*************************************************/ + +/* For the "unknown variable" message, take a look at the variable's name, and +give additional information about possible ACL variables. The extra information +is added on to expand_string_message. + +Argument: the name of the variable +Returns: nothing +*/ + +static void +check_variable_error_message(uschar *name) +{ +if (Ustrncmp(name, "acl_", 4) == 0) + expand_string_message = string_sprintf("%s (%s)", expand_string_message, + (name[4] == 'c' || name[4] == 'm')? + (isalpha(name[5])? + US"6th character of a user-defined ACL variable must be a digit or underscore" : + US"strict_acl_vars is set" /* Syntax is OK, it has to be this */ + ) : + US"user-defined ACL variables must start acl_c or acl_m"); +} + + + /************************************************* * Read and evaluate a condition * *************************************************/ @@ -1671,13 +1699,7 @@ switch(cond_type) expand_string_message = (name[0] == 0)? string_sprintf("variable name omitted after \"def:\"") : string_sprintf("unknown variable \"%s\" after \"def:\"", name); - - if (strict_acl_vars && - Ustrncmp(name, "acl_", 4) == 0 && - (name[4] == 'c' || name[4] == 'm')) - expand_string_message = string_sprintf("%s (strict_acl_vars is set)", - expand_string_message); - + check_variable_error_message(name); return NULL; } if (yield != NULL) *yield = (value[0] != 0) == testfor; @@ -2956,13 +2978,7 @@ while (*s != 0) { expand_string_message = string_sprintf("unknown variable name \"%s\"", name); - - if (strict_acl_vars && - Ustrncmp(name, "acl_", 4) == 0 && - (name[4] == 'c' || name[4] == 'm')) - expand_string_message = string_sprintf("%s (strict_acl_vars is set)", - expand_string_message); - + check_variable_error_message(name); goto EXPAND_FAILED; } } @@ -5122,13 +5138,7 @@ while (*s != 0) { expand_string_message = string_sprintf("unknown variable in \"${%s}\"", name); - - if (strict_acl_vars && - Ustrncmp(name, "acl_", 4) == 0 && - (name[4] == 'c' || name[4] == 'm')) - expand_string_message = string_sprintf("%s (strict_acl_vars is set)", - expand_string_message); - + check_variable_error_message(name); goto EXPAND_FAILED; } len = Ustrlen(value); diff --git a/test/aux-var-src/0372.F b/test/aux-var-src/0372.F index c24183786..df1303975 100644 --- a/test/aux-var-src/0372.F +++ b/test/aux-var-src/0372.F @@ -10,7 +10,7 @@ logwrite " acl_c0=\"$acl_c0\"\n acl_c1=\"$acl_c1\"\n acl_c2=\"$acl_c2\"\n \ acl_m2=\"$acl_m2\"\n acl_m3=\"$acl_m3\"\n acl_m4=\"$acl_m4\"\n \ acl_m5=\"$acl_m5\"\n acl_m6=\"$acl_m6\"\n acl_m7=\"$acl_m7\"\n \ acl_m8=\"$acl_m8\"\n acl_m9=\"$acl_m9\"\n \ - acl_mfoo=\"$acl_mfoo\"\n acl_mbar=\"$acl_mbar\"\n \ + acl_m_foo=\"$acl_m_foo\"\n acl_m_bar=\"$acl_m_bar\"\n \ acl_c_foo=\"$acl_c_foo\"\n acl_c_bar=\"$acl_c_bar\"\n" logwrite "-------------------------" diff --git a/test/confs/0372 b/test/confs/0372 index 682eb91a8..af03b3a37 100644 --- a/test/confs/0372 +++ b/test/confs/0372 @@ -30,8 +30,8 @@ a1: set acl_m0 = value for m0 is local_part: $local_part set acl_m5 = value for m5 contains newline\nthere! set acl_m9 = value for m9 is domain: $domain - set acl_mfoo = value for mfoo is local_part: $local_part - set acl_mbar = value for mbar is domain: $domain + set acl_m_foo = value for mfoo is local_part: $local_part + set acl_m_bar = value for mbar is domain: $domain accept local_parts = a set acl_m0 = value for m0 is local_part: $local_part @@ -58,7 +58,7 @@ r1: acl_m2="$acl_m2"\nacl_m3="$acl_m3"\nacl_m4="$acl_m4"\n\ acl_m5="$acl_m5"\nacl_m6="$acl_m6"\nacl_m7="$acl_m7"\n\ acl_m8="$acl_m8"\nacl_m9="$acl_m9"\n\ - acl_mfoo="$acl_mfoo"\nacl_mbar="$acl_mbar"\n\ + acl_m_foo="$acl_m_foo"\nacl_m_bar="$acl_m_bar"\n\ acl_c_foo="$acl_c_foo"\nacl_c_bar="$acl_c_bar" transport = t1 diff --git a/test/stderr/0372 b/test/stderr/0372 index b0c01f4a4..771c7a491 100644 --- a/test/stderr/0372 +++ b/test/stderr/0372 @@ -26,8 +26,8 @@ there!" acl_m7="" acl_m8="" acl_m9="value for m9 is domain: y" - acl_mfoo="value for mfoo is local_part: x" - acl_mbar="value for mbar is domain: y" + acl_m_foo="value for mfoo is local_part: x" + acl_m_bar="value for mbar is domain: y" acl_c_foo="value for c_foo is ip: 1.2.3.4" acl_c_bar="value for c_bar is name: host.name" ------------------------- @@ -53,8 +53,8 @@ acl_m6="" acl_m7="" acl_m8="" acl_m9="value for m9 is domain: y" -acl_mfoo="value for mfoo is local_part: x" -acl_mbar="value for mbar is domain: y" +acl_m_foo="value for mfoo is local_part: x" +acl_m_bar="value for mbar is domain: y" acl_c_foo="value for c_foo is ip: 1.2.3.4" acl_c_bar="value for c_bar is name: host.name" LOG: MAIN @@ -86,8 +86,8 @@ there!" acl_m7="" acl_m8="" acl_m9="value for m9 is domain: b" - acl_mfoo="" - acl_mbar="" + acl_m_foo="" + acl_m_bar="" acl_c_foo="value for c_foo is ip: 1.2.3.4" acl_c_bar="value for c_bar is name: host.name" ------------------------- @@ -112,8 +112,8 @@ acl_m6="" acl_m7="" acl_m8="" acl_m9="value for m9 is domain: b" -acl_mfoo="" -acl_mbar="" +acl_m_foo="" +acl_m_bar="" acl_c_foo="value for c_foo is ip: 1.2.3.4" acl_c_bar="value for c_bar is name: host.name" LOG: MAIN @@ -123,4 +123,4 @@ LOG: MAIN LOG: smtp_connection MAIN SMTP connection from CALLER closed by QUIT ----- System filter ----- -1999-03-02 09:44:33 10HmaZ-0005vi-00 Error in system filter: failed to expand " acl_c0="$acl_c0"\n acl_c1="$acl_c1"\n acl_c2="$acl_c2"\n acl_c3="$acl_c3"\n acl_c4="$acl_c4"\n acl_c5="$acl_c5"\n acl_c6="$acl_c6"\n acl_c7="$acl_c7"\n acl_c8="$acl_c8"\n acl_c9="$acl_c9"\n acl_m0="$acl_m0"\n acl_m1="$acl_m1"\n acl_m2="$acl_m2"\n acl_m3="$acl_m3"\n acl_m4="$acl_m4"\n acl_m5="$acl_m5"\n acl_m6="$acl_m6"\n acl_m7="$acl_m7"\n acl_m8="$acl_m8"\n acl_m9="$acl_m9"\n acl_mfoo="$acl_mfoo"\n acl_mbar="$acl_mbar"\n acl_c_foo="$acl_c_foo"\n acl_c_bar="$acl_c_bar"\n" in logwrite command: unknown variable name "acl_c1" (strict_acl_vars is set) +1999-03-02 09:44:33 10HmaZ-0005vi-00 Error in system filter: failed to expand " acl_c0="$acl_c0"\n acl_c1="$acl_c1"\n acl_c2="$acl_c2"\n acl_c3="$acl_c3"\n acl_c4="$acl_c4"\n acl_c5="$acl_c5"\n acl_c6="$acl_c6"\n acl_c7="$acl_c7"\n acl_c8="$acl_c8"\n acl_c9="$acl_c9"\n acl_m0="$acl_m0"\n acl_m1="$acl_m1"\n acl_m2="$acl_m2"\n acl_m3="$acl_m3"\n acl_m4="$acl_m4"\n acl_m5="$acl_m5"\n acl_m6="$acl_m6"\n acl_m7="$acl_m7"\n acl_m8="$acl_m8"\n acl_m9="$acl_m9"\n acl_m_foo="$acl_m_foo"\n acl_m_bar="$acl_m_bar"\n acl_c_foo="$acl_c_foo"\n acl_c_bar="$acl_c_bar"\n" in logwrite command: unknown variable name "acl_c1" (strict_acl_vars is set) -- cgit v1.2.3