From 2357aa78ccd7182cad14307eb89cb1065f078356 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 1 Aug 2021 18:15:39 +0100 Subject: ACL: "seen" condition --- doc/doc-docbook/spec.xfpt | 61 +++++++++++++++++++++++++++++++++++++++++++++++ doc/doc-txt/NewStuff | 6 +++++ 2 files changed, 67 insertions(+) (limited to 'doc') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index cea21a18f..397096dff 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -32315,6 +32315,14 @@ content-scanning extension, and is available only in the DATA, MIME, and non-SMTP ACLs. It causes the incoming message to be scanned for a match with any of the regular expressions. For details, see chapter &<>&. +.new +.vitem &*seen&~=&~*&<&'parameters'&> +.cindex "&%sseen%& ACL condition" +This condition can be used to test if a situation has been previously met, +for example for greylisting. +Details are given in section &<>&. +.wen + .vitem &*sender_domains&~=&~*&<&'domain&~list'&> .cindex "&%sender_domains%& ACL condition" .cindex "sender" "ACL checking" @@ -33039,6 +33047,59 @@ address you should specify alternate list separators for both the outer dnslists = <; dnsbl.example.com/<|$acl_m_addrslist .endd + +.new +.section "Previously seen user and hosts" "SECTseen" +.cindex "&%sseen%& ACL condition" +.cindex greylisting +The &%seen%& ACL condition can be used to test whether a +situation has been previously met. +It uses a hints database to record a timestamp against a key. +host. The syntax of the condition is: +.display +&`seen =`& <&'time interval'&> &`/`& <&'options'&> +.endd + +For example, +.code +defer seen = -5m / key=${sender_host_address}_$local_part@$domain +.endd +in a RCPT ACL will implement simple greylisting. + +The parameters for the condition +are an interval followed, slash-separated, by a list of options. +The interval is taken as an offset before the current time, +and used for the test. +If the interval is preceded by a minus sign then the condition returns +whether a record is found which is before the test time. +Otherwise, the condition returns whether one is found which is since the +test time. + +Options are read in order with later ones overriding earlier ones. + +The default key is &$sender_host_address$&. +An explicit key can be set using a &%key=value%& option. + +If a &%readonly%& option is given then +no record create or update is done. +If a &%write%& option is given then +a record create or update is always done. +An update is done if the test is for &"since"&. + +Creates and updates are marked with the current time. + +Finally, a &"before"& test which succeeds, and for which the record +is old enough, will be refreshed with a timstamp of the test time. +This can prevent tidying of the database from removing the entry. +The interval for this is, by default, 10 days. +An explicit interval can be set using a +&%refresh=value%& option. + +Note that &"seen"& should be added to the list of hints databases +for maintenance if this ACL condition is used. +.wen + + .section "Rate limiting incoming messages" "SECTratelimiting" .cindex "rate limiting" "client sending" .cindex "limiting client sending rates" diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 6f3d4b31c..478446b41 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -6,6 +6,12 @@ Before a formal release, there may be quite a lot of detail so that people can test from the snapshots or the Git before the documentation is updated. Once the documentation is updated, this file is reduced to a short list. +Version 4.96 +------------ + + 1. A new ACL condition: seen. Records/tests a timestamp against a key. + + Version 4.95 ------------ -- cgit v1.2.3 From b003ce30f0038c2042303d18fc24f278de06a1f5 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 8 Aug 2021 13:57:24 +0100 Subject: typo --- doc/doc-docbook/spec.xfpt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 397096dff..0385de6db 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -33089,7 +33089,7 @@ An update is done if the test is for &"since"&. Creates and updates are marked with the current time. Finally, a &"before"& test which succeeds, and for which the record -is old enough, will be refreshed with a timstamp of the test time. +is old enough, will be refreshed with a timestamp of the test time. This can prevent tidying of the database from removing the entry. The interval for this is, by default, 10 days. An explicit interval can be set using a -- cgit v1.2.3 From c51f713eebe21071f22d0830fdaeb274b1a77059 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 8 Aug 2021 17:34:49 +0100 Subject: Expansions: mask_n operator --- doc/doc-docbook/spec.xfpt | 17 ++++++++++++++--- doc/doc-txt/NewStuff | 2 ++ src/src/expand.c | 23 +++++++++++++++++------ test/scripts/0000-Basic/0002 | 2 ++ test/stdout/0002 | 2 ++ 5 files changed, 37 insertions(+), 9 deletions(-) (limited to 'doc') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 0385de6db..e766b69e2 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -11228,7 +11228,8 @@ empty. The parsing correctly handles SMTPUTF8 Unicode in the string. -.vitem &*${mask:*&<&'IP&~address'&>&*/*&<&'bit&~count'&>&*}*& +.vitem &*${mask:*&<&'IP&~address'&>&*/*&<&'bit&~count'&>&*}*& &&& + &*${mask_n:*&<&'IP&~address'&>&*/*&<&'bit&~count'&>&*}*& .cindex "masked IP address" .cindex "IP address" "masking" .cindex "CIDR notation" @@ -11242,8 +11243,14 @@ the result back to text, with mask appended. For example, .code ${mask:10.111.131.206/28} .endd -returns the string &"10.111.131.192/28"&. Since this operation is expected to -be mostly used for looking up masked addresses in files, the result for an IPv6 +returns the string &"10.111.131.192/28"&. + +Since this operation is expected to +be mostly used for looking up masked addresses in files, the +.new +normal +.wen +result for an IPv6 address uses dots to separate components instead of colons, because colon terminates a key string in lsearch files. So, for example, .code @@ -11253,6 +11260,10 @@ returns the string .code 3ffe.ffff.836f.0a00.000a.0800.2000.0000/99 .endd +.new +If the optional form &*mask_n*& is used, IPv6 address result are instead +returned in normailsed form, using colons and with zero-compression. +.wen Letters in IPv6 addresses are always output in lower case. diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 478446b41..1d6190b29 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -11,6 +11,8 @@ Version 4.96 1. A new ACL condition: seen. Records/tests a timestamp against a key. + 2. A variant of the "mask" expansion operator to give normalised IPv6. + Version 4.95 ------------ diff --git a/src/src/expand.c b/src/src/expand.c index 4fb935528..83c0ad051 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -7333,11 +7333,11 @@ while (*s) int count; uschar *endptr; int binary[4]; - int mask, maskoffset; - int type = string_is_ip_address(sub, &maskoffset); + int type, mask, maskoffset; + BOOL normalised; uschar buffer[64]; - if (type == 0) + if ((type = string_is_ip_address(sub, &maskoffset)) == 0) { expand_string_message = string_sprintf("\"%s\" is not an IP address", sub); @@ -7353,13 +7353,18 @@ while (*s) mask = Ustrtol(sub + maskoffset + 1, &endptr, 10); - if (*endptr != 0 || mask < 0 || mask > ((type == 4)? 32 : 128)) + if (*endptr || mask < 0 || mask > (type == 4 ? 32 : 128)) { expand_string_message = string_sprintf("mask value too big in \"%s\"", sub); goto EXPAND_FAILED; } + /* If an optional 'n' was given, ipv6 gets normalised output: + colons rather than dots, and zero-compressed. */ + + normalised = arg && *arg == 'n'; + /* Convert the address to binary integer(s) and apply the mask */ sub[maskoffset] = 0; @@ -7368,8 +7373,14 @@ while (*s) /* Convert to masked textual format and add to output. */ - yield = string_catn(yield, buffer, - host_nmtoa(count, binary, mask, buffer, '.')); + if (type == 4 || !normalised) + yield = string_catn(yield, buffer, + host_nmtoa(count, binary, mask, buffer, '.')); + else + { + ipv6_nmtoa(binary, buffer); + yield = string_fmt_append(yield, "%s/%d", buffer, mask); + } continue; } diff --git a/test/scripts/0000-Basic/0002 b/test/scripts/0000-Basic/0002 index cc289e04e..db3eae6be 100644 --- a/test/scripts/0000-Basic/0002 +++ b/test/scripts/0000-Basic/0002 @@ -248,6 +248,8 @@ mask: ${mask:192.168.10.206/33} mask: ${mask:192.168.10.206/0} mask: ${mask:192.168.10.206} mask: ${mask:a.b.c.d} +mask: ${mask:2a00:2:3:4:5:6:7:8/79} +mask_n: ${mask_n:2a00:2:3:4:5:6:7:8/79} ipv6denorm: ${ipv6denorm:::1} ipv6denorm: ${ipv6denorm:fe00::1} ipv6denorm: ${ipv6denorm:192.168.0.1} diff --git a/test/stdout/0002 b/test/stdout/0002 index 0b9a95cd5..5c8c2520c 100644 --- a/test/stdout/0002 +++ b/test/stdout/0002 @@ -230,6 +230,8 @@ newline tab\134backslash ~tilde\177DEL\200\201. > mask: 0.0.0.0/0 > Failed: missing mask value in "192.168.10.206" > Failed: "a.b.c.d" is not an IP address +> mask: 2a00.0002.0003.0004.0004.0000.0000.0000/79 +> mask_n: 2a00:2:3:4:4::/79 > ipv6denorm: 0000:0000:0000:0000:0000:0000:0000:0001 > ipv6denorm: fe00:0000:0000:0000:0000:0000:0000:0001 > ipv6denorm: 0000:0000:0000:0000:0000:ffff:c0a8:0001 -- cgit v1.2.3 From 44226149c4c467c9d109ead4b3c7bbe15b634997 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 15 Aug 2021 10:40:02 +0100 Subject: UTC output option for exim_dumpdb, exim_fixdb --- doc/doc-docbook/spec.xfpt | 17 +++++++-- doc/doc-txt/NewStuff | 2 ++ src/src/exim_dbutil.c | 88 +++++++++++++++++++++++++++++++---------------- 3 files changed, 74 insertions(+), 33 deletions(-) (limited to 'doc') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index e766b69e2..3691b8ba6 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -39936,8 +39936,13 @@ in a transport) .section "exim_dumpdb" "SECTdumpdb" .cindex "&'exim_dumpdb'&" The entire contents of a database are written to the standard output by the -&'exim_dumpdb'& program, which has no options or arguments other than the -spool and database names. For example, to dump the retry database: +&'exim_dumpdb'& program, +.new +taking as arguments the spool and database names. +An option &'-z'& may be given to regest times in UTC; +otherwise times are in the local timezone. +.wen +For example, to dump the retry database: .code exim_dumpdb /var/spool/exim retry .endd @@ -40023,7 +40028,7 @@ databases is likely to keep on increasing. .cindex "&'exim_fixdb'&" The &'exim_fixdb'& program is a utility for interactively modifying databases. Its main use is for testing Exim, but it might also be occasionally useful for -getting round problems in a live system. It has no options, and its interface +getting round problems in a live system. Its interface is somewhat crude. On entry, it prompts for input with a right angle-bracket. A key of a database record can then be entered, and the data for that record is displayed. @@ -40040,6 +40045,12 @@ resets the time of the next delivery attempt. Time values are given as a sequence of digit pairs for year, month, day, hour, and minute. Colons can be used as optional separators. +.new +Both displayed and input times are in the local timezone by default. +If an option &'-z'& is used on the command line, displayed times +are in UTC. +.wen + diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 1d6190b29..99c630324 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -13,6 +13,8 @@ Version 4.96 2. A variant of the "mask" expansion operator to give normalised IPv6. + 3. UTC output option for exim_dumpdb, exim_fixdb + Version 4.95 ------------ diff --git a/src/src/exim_dbutil.c b/src/src/exim_dbutil.c index 45b778fc0..697b87500 100644 --- a/src/src/exim_dbutil.c +++ b/src/src/exim_dbutil.c @@ -17,13 +17,13 @@ maintaining Exim hints databases. In all cases, the first argument is the name of the spool directory. The second argument is the name of the database file. The available names are: - retry: retry delivery information - misc: miscellaneous hints data - wait-: message waiting information; is a transport name - callout: callout verification cache - ratelimit: ACL 'ratelimit' condition - tls: TLS session resumption cache - seen: ACL 'seen' condition + callout: callout verification cache + misc: miscellaneous hints data + ratelimit: record for ACL "ratelimit" condition + retry: etry delivery information + seen: imestamp records for ACL "seen" condition + tls: TLS session resumption cache + wait-: message waiting information; is a transport name There are a number of common subroutines, followed by three main programs, whose inclusion is controlled by -D on the compilation command. */ @@ -47,6 +47,8 @@ whose inclusion is controlled by -D on the compilation command. */ uschar *spool_directory; +BOOL utc = FALSE; + /******************************************************************************/ /* dummies needed by Solaris build */ @@ -130,7 +132,7 @@ usage(uschar *name, uschar *options) { printf("Usage: exim_%s%s \n", name, options); printf(" = retry | misc | wait- | callout | ratelimit | tls | seen\n"); -exit(1); +exit(EXIT_FAILURE); } @@ -145,21 +147,38 @@ second of them to be sure it is a known database name. */ static int check_args(int argc, uschar **argv, uschar *name, uschar *options) { -if (argc == 3) +uschar * aname = argv[optind + 1]; +if (argc - optind == 2) { - if (Ustrcmp(argv[2], "retry") == 0) return type_retry; - if (Ustrcmp(argv[2], "misc") == 0) return type_misc; - if (Ustrncmp(argv[2], "wait-", 5) == 0) return type_wait; - if (Ustrcmp(argv[2], "callout") == 0) return type_callout; - if (Ustrcmp(argv[2], "ratelimit") == 0) return type_ratelimit; - if (Ustrcmp(argv[2], "tls") == 0) return type_tls; - if (Ustrcmp(argv[2], "seen") == 0) return type_seen; + if (Ustrcmp(aname, "retry") == 0) return type_retry; + if (Ustrcmp(aname, "misc") == 0) return type_misc; + if (Ustrncmp(aname, "wait-", 5) == 0) return type_wait; + if (Ustrcmp(aname, "callout") == 0) return type_callout; + if (Ustrcmp(aname, "ratelimit") == 0) return type_ratelimit; + if (Ustrcmp(aname, "tls") == 0) return type_tls; + if (Ustrcmp(aname, "seen") == 0) return type_seen; } usage(name, options); return -1; /* Never obeyed */ } +static void +options(int argc, uschar * argv[], uschar * name) +{ +int opt; + +opterr = 0; +while ((opt = getopt(argc, (char * const *)argv, "z")) != -1) + switch (opt) + { + case 'z': utc = TRUE; break; + default: usage(name, US" [-z]"); + } +} + + + /************************************************* * Handle attempts to write the log * @@ -200,7 +219,7 @@ static uschar time_buffer[sizeof("09-xxx-1999 hh:mm:ss ")]; uschar * print_time(time_t t) { -struct tm *tmstr = localtime(&t); +struct tm *tmstr = utc ? gmtime(&t) : localtime(&t); Ustrftime(time_buffer, sizeof(time_buffer), "%d-%b-%Y %H:%M:%S", tmstr); return time_buffer; } @@ -214,8 +233,8 @@ return time_buffer; uschar * print_cache(int value) { -return (value == ccache_accept)? US"accept" : - (value == ccache_reject)? US"reject" : +return value == ccache_accept ? US"accept" : + value == ccache_reject ? US"reject" : US"unknown"; } @@ -563,12 +582,15 @@ uschar **argv = USS cargv; uschar keybuffer[1024]; store_init(); +options(argc, argv, US"dumpdb"); /* Check the arguments, and open the database */ -dbdata_type = check_args(argc, argv, US"dumpdb", US""); -spool_directory = argv[1]; -if (!(dbm = dbfn_open(argv[2], O_RDONLY, &dbblock, FALSE, TRUE))) +dbdata_type = check_args(argc, argv, US"dumpdb", US" [-z]"); +argc -= optind; argv += optind; +spool_directory = argv[0]; + +if (!(dbm = dbfn_open(argv[1], O_RDONLY, &dbblock, FALSE, TRUE))) exit(1); /* Scan the file, formatting the information for each entry. Note @@ -776,22 +798,29 @@ If the record name is omitted from (2) or (3), the previously used record name is re-used. */ -int main(int argc, char **cargv) +int +main(int argc, char **cargv) { int dbdata_type; uschar **argv = USS cargv; uschar buffer[256]; uschar name[256]; rmark reset_point; +uschar * aname; store_init(); +options(argc, argv, US"fixdb"); name[0] = 0; /* No name set */ /* Sort out the database type, verify what we are working on and then process user requests */ -dbdata_type = check_args(argc, argv, US"fixdb", US""); -printf("Modifying Exim hints database %s/db/%s\n", argv[1], argv[2]); +dbdata_type = check_args(argc, argv, US"fixdb", US" [-z]"); +argc -= optind; argv += optind; +spool_directory = argv[0]; +aname = argv[1]; + +printf("Modifying Exim hints database %s/db/%s\n", spool_directory, aname); for(; (reset_point = store_mark()); store_reset(reset_point)) { @@ -838,9 +867,8 @@ for(; (reset_point = store_mark()); store_reset(reset_point)) if (field[0] != 0) { int verify = 1; - spool_directory = argv[1]; - if (!(dbm = dbfn_open(argv[2], O_RDWR, &dbblock, FALSE, TRUE))) + if (!(dbm = dbfn_open(aname, O_RDWR, &dbblock, FALSE, TRUE))) continue; if (Ustrcmp(field, "d") == 0) @@ -1009,8 +1037,7 @@ for(; (reset_point = store_mark()); store_reset(reset_point)) /* Handle a read request, or verify after an update. */ - spool_directory = argv[1]; - if (!(dbm = dbfn_open(argv[2], O_RDONLY, &dbblock, FALSE, TRUE))) + if (!(dbm = dbfn_open(aname, O_RDONLY, &dbblock, FALSE, TRUE))) continue; if (!(record = dbfn_read_with_length(dbm, name, &oldlength))) @@ -1140,7 +1167,8 @@ typedef struct key_item { } key_item; -int main(int argc, char **cargv) +int +main(int argc, char **cargv) { struct stat statbuf; int maxkeep = 30 * 24 * 60 * 60; -- cgit v1.2.3 From 8271f864edaf7fb2db0eb3aaa0c4789f55125978 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Thu, 2 Sep 2021 17:08:20 +0100 Subject: Avoid wait-for-tick on single-message connections --- doc/doc-txt/ChangeLog | 8 ++++++++ src/src/exim.c | 14 +++++++------ src/src/globals.c | 1 - src/src/globals.h | 1 - src/src/receive.c | 57 +++++++++++++++++++++++---------------------------- 5 files changed, 42 insertions(+), 39 deletions(-) (limited to 'doc') diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 89df37585..8e7749bba 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -2,6 +2,14 @@ This document describes *changes* to previous versions, that might affect Exim's operation, with an unchanged configuration file. For new options, and new features, see the NewStuff file next to this ChangeLog. +Since 4.95 +---------- + +JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from + after reception to before a subsequence reception. This should + mean slightly faster delivery, and also confirmation of reception + to senders. + Exim version 4.95 ----------------- diff --git a/src/src/exim.c b/src/src/exim.c index 37e1b756a..e15d5e476 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -444,9 +444,10 @@ function prepares for the time when things are faster - and it also copes with clocks that go backwards. Arguments: - tgt_tv A timeval which was used to create uniqueness; its usec field + prev_tv A timeval which was used to create uniqueness; its usec field has been rounded down to the value of the resolution. We want to be sure the current time is greater than this. + On return, updated to current (rounded down). resolution The resolution that was used to divide the microseconds (1 for maildir, larger for message ids) @@ -454,7 +455,7 @@ Returns: nothing */ void -exim_wait_tick(struct timeval * tgt_tv, int resolution) +exim_wait_tick(struct timeval * prev_tv, int resolution) { struct timeval now_tv; long int now_true_usec; @@ -463,13 +464,13 @@ exim_gettime(&now_tv); now_true_usec = now_tv.tv_usec; now_tv.tv_usec = (now_true_usec/resolution) * resolution; -while (exim_tvcmp(&now_tv, tgt_tv) <= 0) +while (exim_tvcmp(&now_tv, prev_tv) <= 0) { struct itimerval itval; itval.it_interval.tv_sec = 0; itval.it_interval.tv_usec = 0; - itval.it_value.tv_sec = tgt_tv->tv_sec - now_tv.tv_sec; - itval.it_value.tv_usec = tgt_tv->tv_usec + resolution - now_true_usec; + itval.it_value.tv_sec = prev_tv->tv_sec - now_tv.tv_sec; + itval.it_value.tv_usec = prev_tv->tv_usec + resolution - now_true_usec; /* We know that, overall, "now" is less than or equal to "then". Therefore, a negative value for the microseconds is possible only in the case when "now" @@ -487,7 +488,7 @@ while (exim_tvcmp(&now_tv, tgt_tv) <= 0) if (!f.running_in_test_harness) { debug_printf("tick check: " TIME_T_FMT ".%06lu " TIME_T_FMT ".%06lu\n", - tgt_tv->tv_sec, (long) tgt_tv->tv_usec, + prev_tv->tv_sec, (long) prev_tv->tv_usec, now_tv.tv_sec, (long) now_tv.tv_usec); debug_printf("waiting " TIME_T_FMT ".%06lu sec\n", itval.it_value.tv_sec, (long) itval.it_value.tv_usec); @@ -503,6 +504,7 @@ while (exim_tvcmp(&now_tv, tgt_tv) <= 0) now_true_usec = now_tv.tv_usec; now_tv.tv_usec = (now_true_usec/resolution) * resolution; } +*prev_tv = now_tv; } diff --git a/src/src/globals.c b/src/src/globals.c index c3e8a16cf..50b9c2f2a 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -1167,7 +1167,6 @@ uschar *message_headers = NULL; uschar *message_id; uschar *message_id_domain = NULL; uschar *message_id_text = NULL; -struct timeval message_id_tv = { 0, 0 }; uschar message_id_option[MESSAGE_ID_LENGTH + 3]; uschar *message_id_external; int message_linecount = 0; diff --git a/src/src/globals.h b/src/src/globals.h index d5d93148f..731408bd6 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -724,7 +724,6 @@ extern uschar message_id_option[]; /* -E for use as option */ extern uschar *message_id_external; /* External form of following */ extern uschar *message_id_domain; /* Expanded to form domain-part of message_id */ extern uschar *message_id_text; /* Expanded to form message_id */ -extern struct timeval message_id_tv; /* Time used to create last message_id */ extern int message_linecount; /* As it says */ extern BOOL message_logs; /* TRUE to write message logs */ extern int message_size; /* Size of message */ diff --git a/src/src/receive.c b/src/src/receive.c index c2b313c63..47c5977ee 100644 --- a/src/src/receive.c +++ b/src/src/receive.c @@ -1664,9 +1664,9 @@ int error_rc = error_handling == ERRORS_SENDER ? errors_sender_rc : EXIT_FAILURE; int header_size = 256; int start, end, domain; -int id_resolution = 0; int had_zero = 0; int prevlines_length = 0; +const int id_resolution = BASE_62 == 62 ? 5000 : 10000; int ptr = 0; @@ -1720,6 +1720,10 @@ BOOL msgid_header_newly_created = FALSE; uschar *timestamp; int tslen; +/* Time of creation of message_id */ + +static struct timeval message_id_tv = { 0, 0 }; + /* Release any open files that might have been cached while preparing to accept the message - e.g. by verifying addresses - because reading a message @@ -1786,13 +1790,32 @@ if (smtp_input && !smtp_batched_input && !f.dkim_disable_verify) if (sender_host_address) dmarc_init(); /* initialize libopendmarc */ #endif +/* In SMTP sessions we may receive several messages in one connection. Before +each subsequent one, we wait for the clock to tick at the level of message-id +granularity. +This is so that the combination of time+pid is unique, even on systems where the +pid can be re-used within our time interval. We can't shorten the interval +without re-designing the message-id. See comments above where the message id is +created. This is Something For The Future. +Do this wait any time we have previously created a message-id, even if we +rejected the message. This gives unique IDs for logging done by ACLs. +The initial timestamp must have been obtained via exim_gettime() to avoid +issues on Linux with suspend/resume. */ + +if (message_id_tv.tv_sec) + { + message_id_tv.tv_usec = (message_id_tv.tv_usec/id_resolution) * id_resolution; + exim_wait_tick(&message_id_tv, id_resolution); + } + /* Remember the time of reception. Exim uses time+pid for uniqueness of message ids, and fractions of a second are required. See the comments that precede the message id creation below. We use a routine that if possible uses a monotonic clock, and can be used again after reception for the tick-wait even under the Linux non-Posix behaviour. */ -exim_gettime(&message_id_tv); +else + exim_gettime(&message_id_tv); /* For other uses of the received time we can operate with granularity of one second, and for that we use the global variable received_time. This is for @@ -2681,28 +2704,20 @@ message_id[6] = '-'; Ustrncpy(message_id + 7, string_base62((long int)getpid()), 6); /* Deal with the case where the host number is set. The value of the number was -checked when it was read, to ensure it isn't too big. The timing granularity is -left in id_resolution so that an appropriate wait can be done after receiving -the message, if necessary (we hope it won't be). */ +checked when it was read, to ensure it isn't too big. */ if (host_number_string) - { - id_resolution = BASE_62 == 62 ? 5000 : 10000; sprintf(CS(message_id + MESSAGE_ID_LENGTH - 3), "-%2s", string_base62((long int)( host_number * (1000000/id_resolution) + message_id_tv.tv_usec/id_resolution)) + 4); - } /* Host number not set: final field is just the fractional time at an appropriate resolution. */ else - { - id_resolution = BASE_62 == 62 ? 500 : 1000; sprintf(CS(message_id + MESSAGE_ID_LENGTH - 3), "-%2s", string_base62((long int)(message_id_tv.tv_usec/id_resolution)) + 4); - } /* Add the current message id onto the current process info string if it will fit. */ @@ -4323,26 +4338,6 @@ then we can think about properly declaring the message not-received. */ TIDYUP: -/* In SMTP sessions we may receive several messages in one connection. After -each one, we wait for the clock to tick at the level of message-id granularity. -This is so that the combination of time+pid is unique, even on systems where the -pid can be re-used within our time interval. We can't shorten the interval -without re-designing the message-id. See comments above where the message id is -created. This is Something For The Future. -Do this wait any time we have created a message-id, even if we rejected the -message. This gives unique IDs for logging done by ACLs. -The initial timestamp must have been obtained via exim_gettime() to avoid -issues on Linux with suspend/resume. -It would be Nicer to only pause before a follow-on message. */ - -if (id_resolution != 0) - { - message_id_tv.tv_usec = (message_id_tv.tv_usec/id_resolution) * id_resolution; - exim_wait_tick(&message_id_tv, id_resolution); - id_resolution = 0; - } - - process_info[process_info_len] = 0; /* Remove message id */ if (spool_data_file && cutthrough_done == NOT_TRIED) { -- cgit v1.2.3 From 22ed7a5295f196fce32563f6e9c669110dd36f4d Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 12 Sep 2021 15:42:51 +0100 Subject: pcre2 --- doc/doc-txt/ChangeLog | 3 + src/OS/Makefile-Default | 2 +- src/exim_monitor/em_globals.c | 4 +- src/exim_monitor/em_hdr.h | 7 +- src/exim_monitor/em_init.c | 26 ++++--- src/exim_monitor/em_log.c | 23 +++--- src/scripts/Configure-Makefile | 28 ++++++-- src/src/EDITME | 10 +-- src/src/dns.c | 5 +- src/src/drtables.c | 6 +- src/src/exim.c | 156 ++++++++++++++++++++++++++-------------- src/src/exim.h | 3 +- src/src/expand.c | 91 +++++++++++++---------- src/src/filter.c | 45 ++++++------ src/src/functions.h | 5 +- src/src/globals.c | 36 +++++----- src/src/globals.h | 36 +++++----- src/src/header.c | 16 ++--- src/src/macros.h | 3 +- src/src/malware.c | 94 ++++++++++++------------ src/src/match.c | 4 +- src/src/queue.c | 11 ++- src/src/regex.c | 34 +++++---- src/src/routers/iplookup.c | 2 +- src/src/routers/iplookup.h | 2 +- src/src/routers/redirect.c | 10 ++- src/src/smtp_in.c | 19 +++-- src/src/transports/appendfile.c | 56 ++++++++------- src/src/transports/appendfile.h | 2 +- src/src/transports/lmtp.c | 16 ++--- src/src/transports/smtp.c | 94 ++++++++++++------------ src/src/transports/tf_maildir.c | 25 +++---- src/src/transports/tf_maildir.h | 8 +-- 33 files changed, 498 insertions(+), 384 deletions(-) (limited to 'doc') diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 8e7749bba..63f357885 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -10,6 +10,9 @@ JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from mean slightly faster delivery, and also confirmation of reception to senders. +JH/02 Move from using the pcre library to pcre2. The former is no longer + being developed or supported (by the original developer). + Exim version 4.95 ----------------- diff --git a/src/OS/Makefile-Default b/src/OS/Makefile-Default index 41a4dbbdf..6e42db471 100644 --- a/src/OS/Makefile-Default +++ b/src/OS/Makefile-Default @@ -89,7 +89,7 @@ CC=gcc # PCRE_LIBS contains the library to be linked for PCRE -PCRE_LIBS=-lpcre +PCRE_LIBS=-lpcre2-8 # LIBS and EXTRALIBS contain library settings that are used on linking diff --git a/src/exim_monitor/em_globals.c b/src/exim_monitor/em_globals.c index 88d5103fc..e311aef1c 100644 --- a/src/exim_monitor/em_globals.c +++ b/src/exim_monitor/em_globals.c @@ -81,7 +81,7 @@ uschar *queue_stripchart_name = NULL; int queue_update = 60; int queue_width = 600; -pcre *yyyymmdd_regex; +pcre2_code *yyyymmdd_regex; uschar *size_stripchart = NULL; uschar *size_stripchart_name = NULL; @@ -89,7 +89,7 @@ int spool_is_split = FALSE; int start_small = FALSE; int stripchart_height = 90; int stripchart_number = 1; -pcre **stripchart_regex; +pcre2_code **stripchart_regex; uschar **stripchart_title; int *stripchart_total; int stripchart_update = 60; diff --git a/src/exim_monitor/em_hdr.h b/src/exim_monitor/em_hdr.h index c45f9fca7..6d8b7e2ea 100644 --- a/src/exim_monitor/em_hdr.h +++ b/src/exim_monitor/em_hdr.h @@ -85,7 +85,8 @@ anything. */ /* Regular expression include */ -#include +#define PCRE2_CODE_UNIT_WIDTH 8 +#include /* Includes from the main source of Exim. One of these days I should tidy up this interface so that this kind of kludge isn't needed. */ @@ -273,7 +274,7 @@ extern uschar *queue_stripchart_name; /* sic */ extern int queue_update; /* update interval */ extern int queue_width; /* width of queue window */ -extern pcre *yyyymmdd_regex; /* for matching yyyy-mm-dd */ +extern pcre2_code *yyyymmdd_regex; /* for matching yyyy-mm-dd */ extern uschar *size_stripchart; /* path for size monitoring */ extern uschar *size_stripchart_name; /* name for size stripchart */ @@ -282,7 +283,7 @@ extern int spool_is_split; /* True if detected split spool */ extern int start_small; /* True to start with small window */ extern int stripchart_height; /* height of stripcharts */ extern int stripchart_number; /* number of stripcharts */ -extern pcre **stripchart_regex; /* vector of regexps */ +extern pcre2_code **stripchart_regex; /* vector of regexps */ extern uschar **stripchart_title; /* vector of titles */ extern int *stripchart_total; /* vector of accumulating values */ extern int stripchart_update; /* update interval */ diff --git a/src/exim_monitor/em_init.c b/src/exim_monitor/em_init.c index 56cb29886..f85f858d4 100644 --- a/src/exim_monitor/em_init.c +++ b/src/exim_monitor/em_init.c @@ -32,7 +32,6 @@ int i; work. */ for (i = 0; i <= 1; i++) - { int first = 1; int count = 0; @@ -69,13 +68,18 @@ for (i = 0; i <= 1; i++) buffer[p-pp] = 0; if (first) { - int offset; - const uschar *error; - if (!(stripchart_regex[indx] = pcre_compile(CS buffer, PCRE_COPT, - CCSS &error, &offset, NULL))) + size_t offset; + int err; + + if (!(stripchart_regex[indx] = + pcre2_compile((PCRE2_SPTR)buffer, + PCRE2_ZERO_TERMINATED, PCRE_COPT, + &err, &offset, NULL))) { - printf("regular expression error: %s at offset %d " - "while compiling %s\n", error, offset, buffer); + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); + printf("regular expression error: %s at offset %l " + "while compiling %s\n", errbuf, (long)offset, buffer); exit(99); } } @@ -95,7 +99,7 @@ for (i = 0; i <= 1; i++) if (i == 0) { stripchart_number += count; - stripchart_regex = (pcre **)store_malloc(stripchart_number * sizeof(pcre *)); + stripchart_regex = (pcre2_code **)store_malloc(stripchart_number * sizeof(pcre2_code *)); stripchart_title = (uschar **)store_malloc(stripchart_number * sizeof(uschar *)); } } @@ -109,7 +113,7 @@ for (i = 0; i <= 1; i++) void init(int argc, uschar **argv) { int x; -int erroroffset; +size_t erroroffset; uschar *s; const uschar *error; @@ -230,8 +234,8 @@ queue_stripchart_name = (s != NULL)? string_copy(s) : US"queue"; /* Compile the regex for matching yyyy-mm-dd at the start of a string. */ -yyyymmdd_regex = pcre_compile("^\\d{4}-\\d\\d-\\d\\d\\s", PCRE_COPT, - CCSS &error, &erroroffset, NULL); +yyyymmdd_regex = pcre2_compile((PCRE2_SPTR)"^\\d{4}-\\d\\d-\\d\\d\\s", + PCRE2_ZERO_TERMINATED, PCRE_COPT, &x, &erroroffset, NULL); } /* End of em_init.c */ diff --git a/src/exim_monitor/em_log.c b/src/exim_monitor/em_log.c index 1e1dc7c04..662595b12 100644 --- a/src/exim_monitor/em_log.c +++ b/src/exim_monitor/em_log.c @@ -229,7 +229,7 @@ if (LOG != NULL) uschar *p = buffer; rmark reset_point; int length = Ustrlen(buffer); - int i; + pcre2_match_data * md = pcre2_match_data_create(1, NULL); /* Skip totally blank lines (paranoia: there shouldn't be any) */ @@ -246,27 +246,25 @@ if (LOG != NULL) stripchart is the queue length, which is handled elsewhere, and the 1st may the a size monitor. */ - for (i = stripchart_varstart; i < stripchart_number; i++) - { - if (pcre_exec(stripchart_regex[i], NULL, CS buffer, length, 0, PCRE_EOPT, - NULL, 0) >= 0) + for (int i = stripchart_varstart; i < stripchart_number; i++) + if (pcre2_match(stripchart_regex[i], (PCRE2_SPTR)buffer, length, + 0, PCRE_EOPT, md, NULL) >= 0) stripchart_total[i]++; - } /* Munge the log entry and display shortened form on one line. We omit the date and show only the time. Remove any time zone offset. Take note of the presence of [pid]. */ - if (pcre_exec(yyyymmdd_regex,NULL,CS buffer,length,0,PCRE_EOPT,NULL,0) >= 0) + if (pcre2_match(yyyymmdd_regex, (PCRE2_SPTR) buffer, length, 0, PCRE_EOPT, + md, NULL) >= 0) { int pidlength = 0; - if ((buffer[20] == '+' || buffer[20] == '-') && - isdigit(buffer[21]) && buffer[25] == ' ') + if ( (buffer[20] == '+' || buffer[20] == '-') + && isdigit(buffer[21]) && buffer[25] == ' ') memmove(buffer + 20, buffer + 26, Ustrlen(buffer + 26) + 1); if (buffer[20] == '[') - { - while (Ustrchr("[]0123456789", buffer[20+pidlength++]) != NULL); - } + while (Ustrchr("[]0123456789", buffer[20+pidlength++]) != NULL) + ; id = string_copyn(buffer + 20 + pidlength, MESSAGE_ID_LENGTH); show_log("%s", buffer+11); } @@ -275,6 +273,7 @@ if (LOG != NULL) id = US""; show_log("%s", buffer); } + pcre2_match_data_free(md); /* Deal with frozen and unfrozen messages */ diff --git a/src/scripts/Configure-Makefile b/src/scripts/Configure-Makefile index 61368ecb3..df597a864 100755 --- a/src/scripts/Configure-Makefile +++ b/src/scripts/Configure-Makefile @@ -150,7 +150,7 @@ rm -f ./$mftepcp ./$mftepcp2 egrep "^[$st]*(AUTH|LOOKUP)_[A-Z0-9_]*[$st]*=[$st]*" $mft | \ sed "s/[$st]*=/='/" | \ sed "s/\$/'/" > $mftt -egrep "^[$st]*((USE_(OPENSSL|GNUTLS)_PC)|SUPPORT_TLS|USE_GNUTLS|PCRE_CONFIG|AVOID_GNUTLS_PKCS11)[$st]*=[$st]*" $mft | \ +egrep "^[$st]*((USE_(OPENSSL|GNUTLS)_PC)|SUPPORT_TLS|USE_GNUTLS|PCRE2?_CONFIG|AVOID_GNUTLS_PKCS11)[$st]*=[$st]*" $mft | \ sed "s/[$st]*=/='/" | \ sed "s/\$/'/" >> $mftt if test -s $mftt @@ -233,12 +233,32 @@ then PCRE_CONFIG) case $PCRE_CONFIG in yes|YES|y|Y) - cflags=`pcre-config --cflags` + echo >&2 "pcre is no longer supported; migrate to pcre2" + exit 1 + +# cflags=`pcre-config --cflags` +# if [ $? -ne 0 ]; then +# echo >&2 "*** Missing pcre-config for regular expression support" +# exit 1 +# fi +# libs=`pcre-config --libs` +# if [ ".$cflags" != "." ]; then +# echo "INCLUDE += $cflags" +# fi +# echo "PCRE_LIBS=$libs" + ;; + esac + ;; + + PCRE2_CONFIG) + case $PCRE2_CONFIG in + yes|YES|y|Y) + cflags=`pcre2-config --cflags` if [ $? -ne 0 ]; then - echo >&2 "*** Missing pcre-config for regular expression support" + echo >&2 "*** Missing pcre2-config for regular expression support" exit 1 fi - libs=`pcre-config --libs` + libs=`pcre2-config --libs8` if [ ".$cflags" != "." ]; then echo "INCLUDE += $cflags" fi diff --git a/src/src/EDITME b/src/src/EDITME index f4329fabf..44c30ce9b 100644 --- a/src/src/EDITME +++ b/src/src/EDITME @@ -457,19 +457,19 @@ LOOKUP_DNSDB=yes #------------------------------------------------------------------------------ -# The PCRE library is required for Exim. There is no longer an embedded +# The PCRE2 library is required for Exim. There is no longer an embedded # version of the PCRE library included with the source code, instead you -# must use a system library or build your own copy of PCRE. +# must use a system library or build your own copy of PCRE2. # In either case you must specify the library link info here. If the -# PCRE header files are not in the standard search path you must also +# PCRE2 header files are not in the standard search path you must also # modify the INCLUDE path (above) # # Use PCRE_CONFIG to query the pcre-config command (first found in $PATH) # to find the include files and libraries, else use PCRE_LIBS and set INCLUDE # too if needed. -PCRE_CONFIG=yes -# PCRE_LIBS=-lpcre +PCRE2_CONFIG=yes +# PCRE_LIBS=-lpcre2 #------------------------------------------------------------------------------ diff --git a/src/src/dns.c b/src/src/dns.c index 490eb883d..63856ead3 100644 --- a/src/src/dns.c +++ b/src/src/dns.c @@ -850,11 +850,8 @@ more.) */ if (check_dns_names_pattern[0] != 0 && type != T_PTR && type != T_TXT) { - int ovector[3*(EXPAND_MAXN+1)]; - dns_pattern_init(); - if (pcre_exec(regex_check_dns_names, NULL, CCS name, Ustrlen(name), - 0, PCRE_EOPT, ovector, nelem(ovector)) < 0) + if (!regex_match(regex_check_dns_names, name, -1, NULL)) { DEBUG(D_dns) debug_printf("DNS name syntax check failed: %s (%s)\n", name, diff --git a/src/src/drtables.c b/src/src/drtables.c index 72f47c1ea..02f014e87 100644 --- a/src/src/drtables.c +++ b/src/src/drtables.c @@ -728,15 +728,15 @@ if (!(dd = exim_opendir(LOOKUP_MODULE_DIR))) } else { - const pcre *regex_islookupmod = regex_must_compile( + const pcre2_code *regex_islookupmod = regex_must_compile( US"\\." DYNLIB_FN_EXT "$", FALSE, TRUE); DEBUG(D_lookup) debug_printf("Loading lookup modules from %s\n", LOOKUP_MODULE_DIR); while ((ent = readdir(dd))) { - char *name = ent->d_name; + char * name = ent->d_name; int len = (int)strlen(name); - if (pcre_exec(regex_islookupmod, NULL, name, len, 0, PCRE_EOPT, NULL, 0) >= 0) + if (regex_match(regex_islookupmod, US name, len, NUL)) { int pathnamelen = len + (int)strlen(LOOKUP_MODULE_DIR) + 2; void *dl; diff --git a/src/src/exim.c b/src/src/exim.c index e15d5e476..27f1e9b88 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -45,7 +45,7 @@ are two sets of functions; one for use when we want to retain the compiled regular expression for a long time; the other for short-term use. */ static void * -function_store_get(size_t size) +function_store_get(PCRE2_SIZE size, void * tag) { /* For now, regard all RE results as potentially tainted. We might need more intelligence on this point. */ @@ -53,16 +53,16 @@ return store_get((int)size, TRUE); } static void -function_dummy_free(void * block) {} +function_dummy_free(void * block, void * tag) {} static void * -function_store_malloc(size_t size) +function_store_malloc(PCRE2_SIZE size, void * tag) { return store_malloc((int)size); } static void -function_store_free(void * block) +function_store_free(void * block, void * tag) { store_free(block); } @@ -98,29 +98,51 @@ Argument: Returns: pointer to the compiled pattern */ -const pcre * -regex_must_compile(const uschar *pattern, BOOL caseless, BOOL use_malloc) +const pcre2_code * +regex_must_compile(const uschar * pattern, BOOL caseless, BOOL use_malloc) { -int offset; -int options = PCRE_COPT; -const pcre *yield; -const uschar *error; +size_t offset; +int options = caseless ? PCRE_COPT|PCRE2_CASELESS : PCRE_COPT; +const pcre2_code * yield; +int err; +pcre2_general_context * gctx; +pcre2_compile_context * cctx; + if (use_malloc) { - pcre_malloc = function_store_malloc; - pcre_free = function_store_free; + gctx = pcre2_general_context_create(function_store_malloc, function_store_free, NULL); + cctx = pcre2_compile_context_create(gctx); } -if (caseless) options |= PCRE_CASELESS; -yield = pcre_compile(CCS pattern, options, CCSS &error, &offset, NULL); -pcre_malloc = function_store_get; -pcre_free = function_dummy_free; -if (yield == NULL) +else + cctx = pcre_cmp_ctx; + +if (!(yield = pcre2_compile((PCRE2_SPTR)pattern, PCRE2_ZERO_TERMINATED, options, + &err, &offset, cctx))) + { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); log_write(0, LOG_MAIN|LOG_PANIC_DIE, "regular expression error: " - "%s at offset %d while compiling %s", error, offset, pattern); + "%s at offset %d while compiling %s", errbuf, (long)offset, pattern); + } + +if (use_malloc) + { + pcre2_compile_context_free(cctx); + pcre2_general_context_free(gctx); + } return yield; } +static void +pcre_init(void) +{ +pcre_gen_ctx = pcre2_general_context_create(function_store_malloc, function_store_free, NULL); +pcre_cmp_ctx = pcre2_compile_context_create(pcre_gen_ctx); +pcre_mtc_ctx = pcre2_match_context_create(pcre_gen_ctx); +} + + /************************************************* @@ -128,7 +150,12 @@ return yield; *************************************************/ /* This function runs a regular expression match, and sets up the pointers to -the matched substrings. +the matched substrings. The matched strings are copied. + +We might consider tracing the uses of expand_nstring to see if consitification +is viable, and save the copy cost by just using the pointers into the subject string. +Pre-pcre2 we did that without noticing, so it might just work - or might have been +a bug. It was certainly a risk in the implemenation. Arguments: re the compiled expression @@ -138,32 +165,67 @@ Arguments: if >= 0 setup from setup+1 onwards, excluding the full matched string -Returns: TRUE or FALSE +Returns: TRUE if matched, or FALSE */ BOOL -regex_match_and_setup(const pcre *re, const uschar *subject, int options, int setup) +regex_match_and_setup(const pcre2_code * re, const uschar * subject, int options, int setup) { -int ovector[3*(EXPAND_MAXN+1)]; -uschar * s = string_copy(subject); /* de-constifying */ -int n = pcre_exec(re, NULL, CS s, Ustrlen(s), 0, - PCRE_EOPT | options, ovector, nelem(ovector)); -BOOL yield = n >= 0; -if (n == 0) n = EXPAND_MAXN + 1; -if (yield) +pcre2_match_data * md = pcre2_match_data_create_from_pattern(re, pcre_gen_ctx); +int res = pcre2_match(re, (PCRE2_SPTR)subject, PCRE2_ZERO_TERMINATED, 0, + PCRE_EOPT | options, md, pcre_mtc_ctx); +BOOL yield; + +if ((yield = (res >= 0))) { + res = pcre2_get_ovector_count(md); expand_nmax = setup < 0 ? 0 : setup + 1; - for (int nn = setup < 0 ? 0 : 2; nn < n*2; nn += 2) + for (int matchnum = setup < 0 ? 0 : 1; matchnum < res; matchnum++) { - expand_nstring[expand_nmax] = s + ovector[nn]; - expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn]; + PCRE2_SIZE len; + pcre2_substring_get_bynumber(md, matchnum, + (PCRE2_UCHAR **)&expand_nstring[expand_nmax], &len); + expand_nlength[expand_nmax++] = (int)len; } expand_nmax--; } +else if (res != PCRE2_ERROR_NOMATCH) DEBUG(D_any) + { + uschar errbuf[128]; + pcre2_get_error_message(res, errbuf, sizeof(errbuf)); + debug_printf_indent("pcre2: %s\n", errbuf); + } +pcre2_match_data_free(md); return yield; } +/* Check just for match with regex. Uses the common memory-handling. + +Arguments: + re compiled regex + subject string to be checked + slen length of subject; -1 for nul-terminated + rptr pointer for matched string, copied, or NULL + +Return: TRUE for a match. +*/ + +BOOL +regex_match(const pcre2_code * re, const uschar * subject, int slen, uschar ** rptr) +{ +pcre2_match_data * md = pcre2_match_data_create(1, pcre_gen_ctx); +int rc = pcre2_match(re, (PCRE2_SPTR)subject, + slen >= 0 ? slen : PCRE2_ZERO_TERMINATED, + 0, PCRE_EOPT, md, pcre_mtc_ctx); +PCRE2_SIZE * ovec = pcre2_get_ovector_pointer(md); +if (rc < 0) + return FALSE; +if (rptr) + *rptr = string_copyn(subject + ovec[0], ovec[1] - ovec[0]); +return TRUE; +} + /************************************************* @@ -1181,11 +1243,15 @@ show_db_version(fp); #endif #define QUOTE(X) #X #define EXPAND_AND_QUOTE(X) QUOTE(X) - fprintf(fp, "Library version: PCRE: Compile: %d.%d%s\n" + { + uschar buf[24]; + pcre2_config(PCRE2_CONFIG_VERSION, buf); + fprintf(fp, "Library version: PCRE2: Compile: %d.%d%s\n" " Runtime: %s\n", - PCRE_MAJOR, PCRE_MINOR, - EXPAND_AND_QUOTE(PCRE_PRERELEASE) "", - pcre_version()); + PCRE2_MAJOR, PCRE2_MINOR, + EXPAND_AND_QUOTE(PCRE2_PRERELEASE) "", + buf); + } #undef QUOTE #undef EXPAND_AND_QUOTE @@ -1538,14 +1604,8 @@ for (macro_item * m = macros_user; m; m = m->next) if (m->command_line) continue; if ((len = m->replen) == 0) continue; - n = pcre_exec(regex_whitelisted_macro, NULL, CS m->replacement, len, - 0, PCRE_EOPT, NULL, 0); - if (n < 0) - { - if (n != PCRE_ERROR_NOMATCH) - debug_printf("macros_trusted checking %s returned %d\n", m->name, n); + if (!regex_match(regex_whitelisted_macro, m->replacement, len, NULL)) return FALSE; - } } DEBUG(D_any) debug_printf("macros_trusted overridden to true by whitelisting\n"); return TRUE; @@ -1700,6 +1760,7 @@ extern char **environ; #endif store_init(); /* Initialise the memory allocation susbsystem */ +pcre_init(); /* Set up memory handling for pcre */ /* If the Exim user and/or group and/or the configuration file owner/group were defined by ref:name at build time, we must now find the actual uid/gid values. @@ -1800,15 +1861,6 @@ indirection, because some systems don't allow writing to the variable "stderr". if (fstat(fileno(stderr), &statbuf) >= 0) log_stderr = stderr; -/* Arrange for the PCRE regex library to use our store functions. Note that -the normal calls are actually macros that add additional arguments for -debugging purposes so we have to assign specially constructed functions here. -The default is to use store in the stacking pool, but this is overridden in the -regex_must_compile() function. */ - -pcre_malloc = function_store_get; -pcre_free = function_dummy_free; - /* Ensure there is a big buffer for temporary use in several places. It is put in malloc store so that it can be freed for enlargement if necessary. */ @@ -4845,7 +4897,7 @@ for (i = 0;;) if (gecos_pattern && gecos_name) { - const pcre *re; + const pcre2_code *re; re = regex_must_compile(gecos_pattern, FALSE, TRUE); /* Use malloc */ if (regex_match_and_setup(re, name, 0, -1)) diff --git a/src/src/exim.h b/src/src/exim.h index 484276bb2..b0906d34a 100644 --- a/src/src/exim.h +++ b/src/src/exim.h @@ -522,7 +522,8 @@ extern int ferror(FILE *); /* The header from the PCRE regex package */ -#include +#define PCRE2_CODE_UNIT_WIDTH 8 +#include /* Exim includes are in several files. Note that local_scan.h #includes config.h, mytypes.h, and store.h, so we don't need to mention them explicitly. diff --git a/src/src/expand.c b/src/src/expand.c index 83c0ad051..4e1ffbb24 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -2543,16 +2543,13 @@ BOOL tempcond, combined_cond; BOOL *subcondptr; BOOL sub2_honour_dollar = TRUE; BOOL is_forany, is_json, is_jsons; -int rc, cond_type, roffset; +int rc, cond_type; int_eximarith_t num[2]; struct stat statbuf; uschar * opname; uschar name[256]; const uschar *sub[10]; -const pcre *re; -const uschar *rerror; - for (;;) if (Uskip_whitespace(&s) == '!') { testfor = !testfor; s++; } else break; @@ -2974,15 +2971,24 @@ switch(cond_type = identify_operator(&s, &opname)) break; case ECOND_MATCH: /* Regular expression match */ - if (!(re = pcre_compile(CS sub[1], PCRE_COPT, CCSS &rerror, - &roffset, NULL))) { - expand_string_message = string_sprintf("regular expression error in " - "\"%s\": %s at offset %d", sub[1], rerror, roffset); - return NULL; + const pcre2_code * re; + PCRE2_SIZE offset; + int err; + + if (!(re = pcre2_compile((PCRE2_SPTR)sub[1], PCRE2_ZERO_TERMINATED, + PCRE_COPT, &err, &offset, pcre_cmp_ctx))) + { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); + expand_string_message = string_sprintf("regular expression error in " + "\"%s\": %s at offset %d", sub[1], errbuf, offset); + return NULL; + } + + tempcond = regex_match_and_setup(re, sub[0], 0, -1); + break; } - tempcond = regex_match_and_setup(re, sub[0], 0, -1); - break; case ECOND_MATCH_ADDRESS: /* Match in an address list */ rc = match_address_list(sub[0], TRUE, FALSE, &(sub[1]), NULL, -1, 0, NULL); @@ -3448,9 +3454,10 @@ switch(cond_type = identify_operator(&s, &opname)) /* ${if inbound_srs {local_part}{secret} {yes}{no}} */ { uschar * sub[2]; - const pcre * re; - int ovec[3*(4+1)]; - int n, quoting = 0; + const pcre2_code * re; + pcre2_match_data * md; + PCRE2_SIZE * ovec; + int quoting = 0; uschar cksum[4]; BOOL boolvalue = FALSE; @@ -3466,12 +3473,14 @@ switch(cond_type = identify_operator(&s, &opname)) re = regex_must_compile(US"^(?i)SRS0=([^=]+)=([A-Z2-7]+)=([^=]*)=(.*)$", TRUE, FALSE); - if (pcre_exec(re, NULL, CS sub[0], Ustrlen(sub[0]), 0, PCRE_EOPT, - ovec, nelem(ovec)) < 0) + md = pcre2_match_data_create(4+1, pcre_gen_ctx); + if (pcre2_match(re, sub[0], PCRE2_ZERO_TERMINATED, 0, PCRE_EOPT, + md, pcre_mtc_ctx) < 0) { DEBUG(D_expand) debug_printf("no match for SRS'd local-part pattern\n"); goto srs_result; } + ovec = pcre2_get_ovector_pointer(md); if (sub[0][0] == '"') quoting = 1; @@ -3503,6 +3512,7 @@ switch(cond_type = identify_operator(&s, &opname)) struct timeval now; uschar * ss = sub[0] + ovec[4]; /* substring 2, the timestamp */ long d; + int n; gettimeofday(&now, NULL); now.tv_sec /= 86400; /* days since epoch */ @@ -5189,7 +5199,7 @@ while (*s) { uschar *sub_arg[3]; gstring * g; - const pcre *re; + const pcre2_code *re; uschar *p; /* TF: Ugliness: We want to expand parameter 1 first, then set @@ -5829,11 +5839,11 @@ while (*s) case EITEM_SG: { - const pcre *re; + const pcre2_code * re; int moffset, moffsetextra, slen; - int roffset; - int emptyopt; - const uschar *rerror; + PCRE2_SIZE roffset; + pcre2_match_data * md; + int err, emptyopt; uschar *subject; uschar *sub[3]; int save_expand_nmax = @@ -5848,13 +5858,16 @@ while (*s) /* Compile the regular expression */ - if (!(re = pcre_compile(CS sub[1], PCRE_COPT, CCSS &rerror, - &roffset, NULL))) + if (!(re = pcre2_compile((PCRE2_SPTR)sub[1], PCRE2_ZERO_TERMINATED, + PCRE_COPT, &err, &roffset, pcre_cmp_ctx))) { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); expand_string_message = string_sprintf("regular expression error in " - "\"%s\": %s at offset %d", sub[1], rerror, roffset); + "\"%s\": %s at offset %l", sub[1], errbuf, (long)roffset); goto EXPAND_FAILED; } + md = pcre2_match_data_create(EXPAND_MAXN + 1, pcre_gen_ctx); /* Now run a loop to do the substitutions as often as necessary. It ends when there are no more matches. Take care over matches of the null string; @@ -5867,9 +5880,9 @@ while (*s) for (;;) { - int ovector[3*(EXPAND_MAXN+1)]; - int n = pcre_exec(re, NULL, CS subject, slen, moffset + moffsetextra, - PCRE_EOPT | emptyopt, ovector, nelem(ovector)); + PCRE2_SIZE * ovec = pcre2_get_ovector_pointer(md); + int n = pcre2_match(re, (PCRE2_SPTR)subject, slen, moffset + moffsetextra, + PCRE_EOPT | emptyopt, md, pcre_mtc_ctx); uschar *insert; /* No match - if we previously set PCRE_NOTEMPTY after a null match, this @@ -5897,19 +5910,19 @@ while (*s) expand_nmax = 0; for (int nn = 0; nn < n*2; nn += 2) { - expand_nstring[expand_nmax] = subject + ovector[nn]; - expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn]; + expand_nstring[expand_nmax] = subject + ovec[nn]; + expand_nlength[expand_nmax++] = ovec[nn+1] - ovec[nn]; } expand_nmax--; /* Copy the characters before the match, plus the expanded insertion. */ - yield = string_catn(yield, subject + moffset, ovector[0] - moffset); + yield = string_catn(yield, subject + moffset, ovec[0] - moffset); if (!(insert = expand_string(sub[2]))) goto EXPAND_FAILED; yield = string_cat(yield, insert); - moffset = ovector[1]; + moffset = ovec[1]; moffsetextra = 0; emptyopt = 0; @@ -5920,10 +5933,10 @@ while (*s) string at the same point. If this fails (picked up above) we advance to the next character. */ - if (ovector[0] == ovector[1]) + if (ovec[0] == ovec[1]) { - if (ovector[0] == slen) break; - emptyopt = PCRE_NOTEMPTY | PCRE_ANCHORED; + if (ovec[0] == slen) break; + emptyopt = PCRE2_NOTEMPTY | PCRE2_ANCHORED; } } @@ -8608,11 +8621,11 @@ if (e.var_name) BOOL -regex_match_and_setup(const pcre *re, uschar *subject, int options, int setup) +regex_match_and_setup(const pcre2_code *re, uschar *subject, int options, int setup) { -int ovector[3*(EXPAND_MAXN+1)]; +int ovec[3*(EXPAND_MAXN+1)]; int n = pcre_exec(re, NULL, subject, Ustrlen(subject), 0, PCRE_EOPT|options, - ovector, nelem(ovector)); + ovec, nelem(ovec)); BOOL yield = n >= 0; if (n == 0) n = EXPAND_MAXN + 1; if (yield) @@ -8620,8 +8633,8 @@ if (yield) expand_nmax = setup < 0 ? 0 : setup + 1; for (int nn = setup < 0 ? 0 : 2; nn < n*2; nn += 2) { - expand_nstring[expand_nmax] = subject + ovector[nn]; - expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn]; + expand_nstring[expand_nmax] = subject + ovec[nn]; + expand_nlength[expand_nmax++] = ovec[nn+1] - ovec[nn]; } expand_nmax--; } diff --git a/src/src/filter.c b/src/src/filter.c index 3f9f750b6..7c9e963a4 100644 --- a/src/src/filter.c +++ b/src/src/filter.c @@ -1425,10 +1425,7 @@ static BOOL test_condition(condition_block *c, BOOL toplevel) { BOOL yield = FALSE; -const pcre *re; uschar *exp[2], *p, *pp; -const uschar *regcomp_error = NULL; -int regcomp_error_offset; int val[2]; int i; @@ -1588,26 +1585,34 @@ switch (c->type) case cond_matches: case cond_MATCHES: - if ((filter_test != FTEST_NONE && debug_selector != 0) || - (debug_selector & D_filter) != 0) { - debug_printf_indent("Match expanded arguments:\n"); - debug_printf_indent(" Subject = %s\n", exp[0]); - debug_printf_indent(" Pattern = %s\n", exp[1]); - } + const pcre2_code *re; + int err; + PCRE2_SIZE offset; - if (!(re = pcre_compile(CS exp[1], - PCRE_COPT | ((c->type == cond_matches)? PCRE_CASELESS : 0), - CCSS ®comp_error, ®comp_error_offset, NULL))) - { - *error_pointer = string_sprintf("error while compiling " - "regular expression \"%s\": %s at offset %d", - exp[1], regcomp_error, regcomp_error_offset); - return FALSE; - } + if ((filter_test != FTEST_NONE && debug_selector != 0) || + (debug_selector & D_filter) != 0) + { + debug_printf_indent("Match expanded arguments:\n"); + debug_printf_indent(" Subject = %s\n", exp[0]); + debug_printf_indent(" Pattern = %s\n", exp[1]); + } - yield = regex_match_and_setup(re, exp[0], PCRE_EOPT, -1); - break; + if (!(re = pcre2_compile((PCRE2_SPTR)exp[1], PCRE2_ZERO_TERMINATED, + PCRE_COPT | (c->type == cond_matches ? PCRE2_CASELESS : 0), + &err, &offset, pcre_cmp_ctx))) + { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); + *error_pointer = string_sprintf("error while compiling " + "regular expression \"%s\": %s at offset %l", + exp[1], errbuf, (long)offset); + return FALSE; + } + + yield = regex_match_and_setup(re, exp[0], PCRE_EOPT, -1); + break; + } /* For above and below, convert the strings to numbers */ diff --git a/src/src/functions.h b/src/src/functions.h index 0744697f9..a51998864 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -426,8 +426,9 @@ extern void receive_swallow_smtp(void); #ifdef WITH_CONTENT_SCAN extern int regex(const uschar **); #endif -extern BOOL regex_match_and_setup(const pcre *, const uschar *, int, int); -extern const pcre *regex_must_compile(const uschar *, BOOL, BOOL); +extern BOOL regex_match(const pcre2_code *, const uschar *, int, uschar **); +extern BOOL regex_match_and_setup(const pcre2_code *, const uschar *, int, int); +extern const pcre2_code *regex_must_compile(const uschar *, BOOL, BOOL); extern void retry_add_item(address_item *, uschar *, int); extern BOOL retry_check_address(const uschar *, host_item *, uschar *, BOOL, uschar **, uschar **); diff --git a/src/src/globals.c b/src/src/globals.c index 50b9c2f2a..f54a25227 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -118,7 +118,7 @@ tls_support tls_out = { uschar *dsn_envid = NULL; int dsn_ret = 0; -const pcre *regex_DSN = NULL; +const pcre2_code *regex_DSN = NULL; uschar *dsn_advertise_hosts = NULL; #ifndef DISABLE_TLS @@ -126,7 +126,7 @@ BOOL gnutls_compat_mode = FALSE; BOOL gnutls_allow_auto_pkcs11 = FALSE; uschar *hosts_require_alpn = NULL; uschar *openssl_options = NULL; -const pcre *regex_STARTTLS = NULL; +const pcre2_code *regex_STARTTLS = NULL; uschar *tls_advertise_hosts = US"*"; uschar *tls_alpn = US"smtp:esmtp"; uschar *tls_certificate = NULL; @@ -159,11 +159,11 @@ uschar *tls_advertise_hosts = NULL; /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; BOOL prdr_requested = FALSE; -const pcre *regex_PRDR = NULL; +const pcre2_code *regex_PRDR = NULL; #endif #ifdef SUPPORT_I18N -const pcre *regex_UTF8 = NULL; +const pcre2_code *regex_UTF8 = NULL; #endif /* Input-reading functions for messages, so we can use special ones for @@ -711,10 +711,10 @@ uschar *chunking_advertise_hosts = US"*"; unsigned chunking_datasize = 0; unsigned chunking_data_left = 0; chunking_state_t chunking_state= CHUNKING_NOT_OFFERED; -const pcre *regex_CHUNKING = NULL; +const pcre2_code *regex_CHUNKING = NULL; #ifdef EXPERIMENTAL_ESMTP_LIMITS -const pcre *regex_LIMITS = NULL; +const pcre2_code *regex_LIMITS = NULL; #endif uschar *client_authenticator = NULL; @@ -1212,6 +1212,10 @@ uid_t originator_uid; uschar *override_local_interfaces = NULL; uschar *override_pid_file_path = NULL; +pcre2_general_context * pcre_gen_ctx = NULL; +pcre2_compile_context * pcre_cmp_ctx = NULL; +pcre2_match_context * pcre_mtc_ctx = NULL; + uschar *percent_hack_domains = NULL; uschar *pid_file_path = US PID_FILE_PATH "\0<--------------Space to patch pid_file_path->"; @@ -1305,20 +1309,20 @@ int recipients_count = 0; recipient_item *recipients_list = NULL; int recipients_list_max = 0; int recipients_max = 50000; -const pcre *regex_AUTH = NULL; -const pcre *regex_check_dns_names = NULL; -const pcre *regex_From = NULL; -const pcre *regex_IGNOREQUOTA = NULL; -const pcre *regex_PIPELINING = NULL; -const pcre *regex_SIZE = NULL; +const pcre2_code *regex_AUTH = NULL; +const pcre2_code *regex_check_dns_names = NULL; +const pcre2_code *regex_From = NULL; +const pcre2_code *regex_IGNOREQUOTA = NULL; +const pcre2_code *regex_PIPELINING = NULL; +const pcre2_code *regex_SIZE = NULL; #ifndef DISABLE_PIPE_CONNECT -const pcre *regex_EARLY_PIPE = NULL; +const pcre2_code *regex_EARLY_PIPE = NULL; #endif -const pcre *regex_ismsgid = NULL; -const pcre *regex_smtp_code = NULL; +const pcre2_code *regex_ismsgid = NULL; +const pcre2_code *regex_smtp_code = NULL; uschar *regex_vars[REGEX_VARS]; #ifdef WHITELIST_D_MACROS -const pcre *regex_whitelisted_macro = NULL; +const pcre2_code *regex_whitelisted_macro = NULL; #endif #ifdef WITH_CONTENT_SCAN uschar *regex_match_string = NULL; diff --git a/src/src/globals.h b/src/src/globals.h index 731408bd6..193eed6c5 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -127,7 +127,7 @@ extern BOOL gnutls_compat_mode; /* Less security, more compatibility */ extern BOOL gnutls_allow_auto_pkcs11; /* Let GnuTLS autoload PKCS11 modules */ extern uschar *hosts_require_alpn; /* Mandatory ALPN successful nogitiation */ extern uschar *openssl_options; /* OpenSSL compatibility options */ -extern const pcre *regex_STARTTLS; /* For recognizing STARTTLS settings */ +extern const pcre2_code *regex_STARTTLS; /* For recognizing STARTTLS settings */ extern uschar *tls_alpn; /* ALPN names acceptable */ extern uschar *tls_certificate; /* Certificate file */ extern uschar *tls_crl; /* CRL File */ @@ -153,7 +153,7 @@ extern uschar *tls_advertise_hosts; /* host for which TLS is advertised */ extern uschar *dsn_envid; /* DSN envid string */ extern int dsn_ret; /* DSN ret type*/ -extern const pcre *regex_DSN; /* For recognizing DSN settings */ +extern const pcre2_code *regex_DSN; /* For recognizing DSN settings */ extern uschar *dsn_advertise_hosts; /* host for which TLS is advertised */ /* Input-reading functions for messages, so we can use special ones for @@ -320,7 +320,7 @@ extern uschar *acl_smtp_connect; /* ACL run on SMTP connection */ extern uschar *acl_smtp_data; /* ACL run after DATA received */ #ifndef DISABLE_PRDR extern uschar *acl_smtp_data_prdr; /* ACL run after DATA received if in PRDR mode*/ -const extern pcre *regex_PRDR; /* For recognizing PRDR settings */ +const extern pcre2_code *regex_PRDR; /* For recognizing PRDR settings */ #endif #ifndef DISABLE_DKIM extern uschar *acl_smtp_dkim; /* ACL run for DKIM signatures / domains */ @@ -731,7 +731,7 @@ extern uschar *message_size_limit; /* As it says */ #ifdef SUPPORT_I18N extern BOOL message_smtputf8; /* Internationalized mail handling */ extern int message_utf8_downconvert; /* convert from utf8 */ -const extern pcre *regex_UTF8; /* For recognizing SMTPUTF8 settings */ +const extern pcre2_code *regex_UTF8; /* For recognizing SMTPUTF8 settings */ #endif extern uschar message_subdir[]; /* Subdirectory for messages */ extern uschar *message_reference; /* Reference for error messages */ @@ -779,6 +779,10 @@ extern uid_t originator_uid; /* Uid of ditto */ extern uschar *override_local_interfaces; /* Value of -oX argument */ extern uschar *override_pid_file_path; /* Value of -oP argument */ +extern pcre2_general_context * pcre_gen_ctx; /* pcre memory management */ +extern pcre2_compile_context * pcre_cmp_ctx; +extern pcre2_match_context * pcre_mtc_ctx; + extern uschar *percent_hack_domains; /* Local domains for which '% operates */ extern uschar *pid_file_path; /* For writing daemon pids */ #ifndef DISABLE_PIPE_CONNECT @@ -865,24 +869,24 @@ extern uschar *recipient_verify_failure; /* What went wrong */ extern int recipients_list_max; /* Maximum number fitting in list */ extern int recipients_max; /* Max permitted */ extern BOOL recipients_max_reject; /* If TRUE, reject whole message */ -extern const pcre *regex_AUTH; /* For recognizing AUTH settings */ -extern const pcre *regex_check_dns_names; /* For DNS name checking */ -extern const pcre *regex_From; /* For recognizing "From_" lines */ -extern const pcre *regex_CHUNKING; /* For recognizing CHUNKING (RFC 3030) */ -extern const pcre *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA (LMTP) */ +extern const pcre2_code *regex_AUTH; /* For recognizing AUTH settings */ +extern const pcre2_code *regex_check_dns_names; /* For DNS name checking */ +extern const pcre2_code *regex_From; /* For recognizing "From_" lines */ +extern const pcre2_code *regex_CHUNKING; /* For recognizing CHUNKING (RFC 3030) */ +extern const pcre2_code *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA (LMTP) */ #ifdef EXPERIMENTAL_ESMTP_LIMITS -extern const pcre *regex_LIMITS; /* For recognizing LIMITS */ +extern const pcre2_code *regex_LIMITS; /* For recognizing LIMITS */ #endif -extern const pcre *regex_PIPELINING; /* For recognizing PIPELINING */ -extern const pcre *regex_SIZE; /* For recognizing SIZE settings */ +extern const pcre2_code *regex_PIPELINING; /* For recognizing PIPELINING */ +extern const pcre2_code *regex_SIZE; /* For recognizing SIZE settings */ #ifndef DISABLE_PIPE_CONNECT -extern const pcre *regex_EARLY_PIPE; /* For recognizing PIPE_CONNCT */ +extern const pcre2_code *regex_EARLY_PIPE; /* For recognizing PIPE_CONNCT */ #endif -extern const pcre *regex_ismsgid; /* Compiled r.e. for message it */ -extern const pcre *regex_smtp_code; /* For recognizing SMTP codes */ +extern const pcre2_code *regex_ismsgid; /* Compiled r.e. for message it */ +extern const pcre2_code *regex_smtp_code; /* For recognizing SMTP codes */ extern uschar *regex_vars[]; /* $regexN variables */ #ifdef WHITELIST_D_MACROS -extern const pcre *regex_whitelisted_macro; /* For -D macro values */ +extern const pcre2_code *regex_whitelisted_macro; /* For -D macro values */ #endif #ifdef WITH_CONTENT_SCAN extern uschar *regex_match_string; /* regex that matched a line (regex ACL condition) */ diff --git a/src/src/header.c b/src/src/header.c index 720446bff..e334c69bf 100644 --- a/src/src/header.c +++ b/src/src/header.c @@ -371,7 +371,7 @@ static BOOL one_pattern_match(uschar *name, int slen, BOOL has_addresses, uschar *pattern) { BOOL yield = FALSE; -const pcre *re = NULL; +const pcre2_code *re = NULL; /* If the pattern is a regex, compile it. Bomb out if compiling fails; these patterns are all constructed internally and should be valid. */ @@ -419,10 +419,9 @@ for (header_line * h = header_list; !yield && h; h = h->next) /* Otherwise, test for the pattern; a non-regex must be an exact match */ - yield = !re - ? (strcmpic(next, pattern) == 0) - : (pcre_exec(re, NULL, CS next, Ustrlen(next), 0, PCRE_EOPT, NULL, 0) - >= 0); + yield = re + ? regex_match(re, next, -1, NULL) + : (strcmpic(next, pattern) == 0); } } @@ -431,10 +430,9 @@ for (header_line * h = header_list; !yield && h; h = h->next) else { - yield = (re == NULL)? - (strstric(h->text, pattern, FALSE) != NULL) - : - (pcre_exec(re, NULL, CS h->text, h->slen, 0, PCRE_EOPT, NULL, 0) >= 0); + yield = re + ? regex_match(re, h->text, h->slen, NULL) + : (strstric(h->text, pattern, FALSE) != NULL); } } diff --git a/src/src/macros.h b/src/src/macros.h index ccdcc451f..4263bc444 100644 --- a/src/src/macros.h +++ b/src/src/macros.h @@ -202,8 +202,7 @@ record, and the max number of continuation records allowed. */ /* Macros for trivial functions */ -#define mac_ismsgid(s) \ - (pcre_exec(regex_ismsgid,NULL,CS s,Ustrlen(s),0,PCRE_EOPT,NULL,0) >= 0) +#define mac_ismsgid(s) (regex_match(regex_ismsgid, (s), -1, NULL)) /* Options for dns_next_rr */ diff --git a/src/src/malware.c b/src/src/malware.c index a6e354bc4..cd80cd4b2 100644 --- a/src/src/malware.c +++ b/src/src/malware.c @@ -129,7 +129,7 @@ for (const struct scan * sc = m_scans; sc->scancode != -1; sc++) #define MALWARE_TIMEOUT 120 /* default timeout, seconds */ static const uschar * malware_regex_default = US ".+"; -static const pcre * malware_default_re = NULL; +static const pcre2_code * malware_default_re = NULL; #ifndef DISABLE_MAL_CLAM @@ -156,35 +156,35 @@ typedef struct clamd_address { # define DERR_BAD_CALL (1<<15) /* wrong command */ static const uschar * drweb_re_str = US "infected\\swith\\s*(.+?)$"; -static const pcre * drweb_re = NULL; +static const pcre2_code * drweb_re = NULL; #endif #ifndef DISABLE_MAL_FSECURE static const uschar * fsec_re_str = US "\\S{0,5}INFECTED\\t[^\\t]*\\t([^\\t]+)\\t\\S*$"; -static const pcre * fsec_re = NULL; +static const pcre2_code * fsec_re = NULL; #endif #ifndef DISABLE_MAL_KAV static const uschar * kav_re_sus_str = US "suspicion:\\s*(.+?)\\s*$"; static const uschar * kav_re_inf_str = US "infected:\\s*(.+?)\\s*$"; -static const pcre * kav_re_sus = NULL; -static const pcre * kav_re_inf = NULL; +static const pcre2_code * kav_re_sus = NULL; +static const pcre2_code * kav_re_inf = NULL; #endif #ifndef DISABLE_MAL_AVAST static const uschar * ava_re_clean_str = US "(?!\\\\)\\t\\[\\+\\]"; static const uschar * ava_re_virus_str = US "(?!\\\\)\\t\\[L\\]\\d+\\.0\\t0\\s(.*)"; static const uschar * ava_re_error_str = US "(?!\\\\)\\t\\[E\\]\\d+\\.0\\tError\\s\\d+\\s(.*)"; -static const pcre * ava_re_clean = NULL; -static const pcre * ava_re_virus = NULL; -static const pcre * ava_re_error = NULL; +static const pcre2_code * ava_re_clean = NULL; +static const pcre2_code * ava_re_virus = NULL; +static const pcre2_code * ava_re_error = NULL; #endif #ifndef DISABLE_MAL_FFROT6D static const uschar * fprot6d_re_error_str = US "^\\d+\\s<(.+?)>$"; static const uschar * fprot6d_re_virus_str = US "^\\d+\\s\\s+.+$"; -static const pcre * fprot6d_re_error = NULL; -static const pcre * fprot6d_re_virus = NULL; +static const pcre2_code * fprot6d_re_error = NULL; +static const pcre2_code * fprot6d_re_virus = NULL; #endif @@ -301,37 +301,43 @@ if (send(sock, buf, cnt, 0) < 0) return sock; } -static const pcre * +static const pcre2_code * m_pcre_compile(const uschar * re, uschar ** errstr) { -const uschar * rerror; -int roffset; -const pcre * cre; +int err; +PCRE2_SIZE roffset; +const pcre2_code * cre; -if (!(cre = pcre_compile(CS re, PCRE_COPT, CCSS &rerror, &roffset, NULL))) - *errstr= string_sprintf("regular expression error in '%s': %s at offset %d", - re, rerror, roffset); +if (!(cre = pcre2_compile((PCRE2_SPTR)re, PCRE2_ZERO_TERMINATED, + PCRE_COPT, &err, &roffset, pcre_cmp_ctx))) + { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); + *errstr= string_sprintf("regular expression error in '%s': %s at offset %l", + re, errbuf, (long)roffset); + } return cre; } uschar * -m_pcre_exec(const pcre * cre, uschar * text) +m_pcre_exec(const pcre2_code * cre, uschar * text) { -int ovector[10*3]; -int i = pcre_exec(cre, NULL, CS text, Ustrlen(text), 0, 0, - ovector, nelem(ovector)); -uschar * substr = NULL; +pcre2_match_data * md = pcre2_match_data_create(2, pcre_gen_ctx); +int i = pcre2_match(cre, text, PCRE2_ZERO_TERMINATED, 0, 0, md, pcre_mtc_ctx); +PCRE2_UCHAR * substr = NULL; +PCRE2_SIZE slen; + if (i >= 2) /* Got it */ - pcre_get_substring(CS text, ovector, i, 1, CCSS &substr); -return substr; + pcre2_substring_get_bynumber(md, 1, &substr, &slen); +return US substr; } -static const pcre * +static const pcre2_code * m_pcre_nextinlist(const uschar ** list, int * sep, char * listerr, uschar ** errstr) { const uschar * list_ele; -const pcre * cre = NULL; +const pcre2_code * cre = NULL; if (!(list_ele = string_nextinlist(list, sep, NULL, 0))) *errstr = US listerr; @@ -581,7 +587,7 @@ const uschar *av_scanner_work = av_scanner; uschar *scanner_name; unsigned long mbox_size; FILE *mbox_file; -const pcre *re; +const pcre2_code *re; uschar * errstr; struct scan * scanent; const uschar * scanner_options; @@ -923,7 +929,7 @@ badseek: err = errno; /* read and concatenate virus names into one string */ for (int i = 0; i < drweb_vnum; i++) { - int ovector[10*3]; + pcre2_match_data * md = pcre2_match_data_create(2, pcre_gen_ctx); /* read the size of report */ if (!recv_len(malware_daemon_ctx.sock, &drweb_slen, sizeof(drweb_slen), tmo)) @@ -941,22 +947,20 @@ badseek: err = errno; tmpbuf[drweb_slen] = '\0'; /* try matcher on the line, grab substring */ - result = pcre_exec(drweb_re, NULL, CS tmpbuf, Ustrlen(tmpbuf), 0, 0, - ovector, nelem(ovector)); + result = pcre2_match(drweb_re, (PCRE2_SPTR)tmpbuf, PCRE2_ZERO_TERMINATED, + 0, 0, md, pcre_mtc_ctx); if (result >= 2) { - const char * pre_malware_nb; - - pcre_get_substring(CS tmpbuf, ovector, result, 1, &pre_malware_nb); + PCRE2_SIZE * ovec = pcre2_get_ovector_pointer(md); if (i==0) /* the first name we just copy to malware_name */ - g = string_cat(NULL, US pre_malware_nb); + g = string_catn(NULL, US ovec[2], ovec[3] - ovec[2]); - /*XXX could be string_append_listele? */ else /* concatenate each new virus name to previous */ - g = string_append(g, 2, "/", pre_malware_nb); - - pcre_free_substring(pre_malware_nb); + { + g = string_catn(g, US"/", 1); + g = string_catn(g, US ovec[2], ovec[3] - ovec[2]); + } } } malware_name = string_from_gstring(g); @@ -1149,7 +1153,7 @@ badseek: err = errno; int kav_rc; unsigned long kav_reportlen; int bread; - const pcre *kav_re; + const pcre2_code *kav_re; uschar *p; /* get current date and time, build scan request */ @@ -1258,8 +1262,8 @@ badseek: err = errno; case M_CMDL: /* "cmdline" scanner type ---------------------------------- */ { const uschar *cmdline_scanner = scanner_options; - const pcre *cmdline_trigger_re; - const pcre *cmdline_regex_re; + const pcre2_code *cmdline_trigger_re; + const pcre2_code *cmdline_regex_re; uschar * file_name; uschar * commandline; void (*eximsigchld)(int); @@ -1880,8 +1884,8 @@ badseek: err = errno; uschar * linebuffer; uschar * sockline_scanner; uschar sockline_scanner_default[] = "%s\n"; - const pcre *sockline_trig_re; - const pcre *sockline_name_re; + const pcre2_code *sockline_trig_re; + const pcre2_code *sockline_name_re; /* find scanner command line */ if ( (sockline_scanner = string_nextinlist(&av_scanner_work, &sep, @@ -2120,7 +2124,7 @@ badseek: err = errno; if (malware_name) /* Nothing else matters, just read on */ break; - if (pcre_exec(ava_re_clean, NULL, CS buf, slen, 0, 0, NULL, 0) == 0) + if (regex_match(ava_re_clean, buf, slen, NULL)) break; if ((malware_name = m_pcre_exec(ava_re_virus, buf))) @@ -2141,7 +2145,7 @@ badseek: err = errno; break; } } - else if (pcre_exec(ava_re_error, NULL, CS buf, slen, 0, 0, NULL, 0) == 0) + else if (regex_match(ava_re_error, buf, slen, NULL)) { log_write(0, LOG_MAIN, "internal scanner error (ignored): %s", buf); break; diff --git a/src/src/match.c b/src/src/match.c index 5f6c1fb01..46dd2eec8 100644 --- a/src/src/match.c +++ b/src/src/match.c @@ -128,9 +128,9 @@ required. */ if (pattern[0] == '^') { - const pcre * re = regex_must_compile(pattern, cb->caseless, FALSE); + const pcre2_code * re = regex_must_compile(pattern, cb->caseless, FALSE); if (expand_setup < 0 - ? pcre_exec(re, NULL, CCS s, Ustrlen(s), 0, PCRE_EOPT, NULL, 0) < 0 + ? !regex_match(re, s, -1, NULL) : !regex_match_and_setup(re, s, 0, expand_setup) ) return FAIL; diff --git a/src/src/queue.c b/src/src/queue.c index 567784575..8fb82b4fc 100644 --- a/src/src/queue.c +++ b/src/src/queue.c @@ -350,8 +350,8 @@ queue_run(uschar *start_id, uschar *stop_id, BOOL recurse) { BOOL force_delivery = f.queue_run_force || deliver_selectstring != NULL || deliver_selectstring_sender != NULL; -const pcre *selectstring_regex = NULL; -const pcre *selectstring_regex_sender = NULL; +const pcre2_code *selectstring_regex = NULL; +const pcre2_code *selectstring_regex_sender = NULL; uschar *log_detail = NULL; int subcount = 0; uschar subdirs[64]; @@ -569,9 +569,7 @@ for (int i = queue_run_in_order ? -1 : 0; else if ( deliver_selectstring_sender && !(f.deliver_selectstring_sender_regex - ? (pcre_exec(selectstring_regex_sender, NULL, - CS sender_address, Ustrlen(sender_address), 0, PCRE_EOPT, - NULL, 0) >= 0) + ? regex_match(selectstring_regex_sender, sender_address, -1, NULL) : (strstric(sender_address, deliver_selectstring_sender, FALSE) != NULL) ) ) @@ -590,8 +588,7 @@ for (int i = queue_run_in_order ? -1 : 0; { uschar *address = recipients_list[i].address; if ( (f.deliver_selectstring_regex - ? (pcre_exec(selectstring_regex, NULL, CS address, - Ustrlen(address), 0, PCRE_EOPT, NULL, 0) >= 0) + ? regex_match(selectstring_regex, address, -1, NULL) : (strstric(address, deliver_selectstring, FALSE) != NULL) ) && tree_search(tree_nonrecipients, address) == NULL diff --git a/src/src/regex.c b/src/src/regex.c index f9c06b9e3..35af5e1b5 100644 --- a/src/src/regex.c +++ b/src/src/regex.c @@ -17,7 +17,7 @@ /* Structure to hold a list of Regular expressions */ typedef struct pcre_list { - pcre *re; + pcre2_code *re; uschar *pcre_text; struct pcre_list *next; } pcre_list; @@ -32,8 +32,6 @@ compile(const uschar * list) { int sep = 0; uschar *regex_string; -const char *pcre_error; -int pcre_erroffset; pcre_list *re_list_head = NULL; pcre_list *ri; @@ -41,15 +39,19 @@ pcre_list *ri; while ((regex_string = string_nextinlist(&list, &sep, NULL, 0))) if (strcmpic(regex_string, US"false") != 0 && Ustrcmp(regex_string, "0") != 0) { - pcre *re; + pcre2_code * re; + int err; + PCRE2_SIZE pcre_erroffset; /* compile our regular expression */ - if (!(re = pcre_compile( CS regex_string, - 0, &pcre_error, &pcre_erroffset, NULL ))) + if (!(re = pcre2_compile( (PCRE2_SPTR) regex_string, PCRE2_ZERO_TERMINATED, + 0, &err, &pcre_erroffset, pcre_cmp_ctx))) { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); log_write(0, LOG_MAIN, - "regex acl condition warning - error in regex '%s': %s at offset %d, skipped.", - regex_string, pcre_error, pcre_erroffset); + "regex acl condition warning - error in regex '%s': %s at offset %l, skipped.", + regex_string, errbuf, (long)pcre_erroffset); continue; } @@ -65,25 +67,31 @@ return re_list_head; static int matcher(pcre_list * re_list_head, uschar * linebuffer, int len) { -for(pcre_list * ri = re_list_head; ri; ri = ri->next) +pcre2_match_data * md = pcre2_match_data_create(REGEX_VARS + 1, pcre_gen_ctx); + +for (pcre_list * ri = re_list_head; ri; ri = ri->next) { - int ovec[3*(REGEX_VARS+1)]; int n; /* try matcher on the line */ - if ((n = pcre_exec(ri->re, NULL, CS linebuffer, len, 0, 0, ovec, nelem(ovec))) > 0) + if ((n = pcre2_match(ri->re, (PCRE2_SPTR)linebuffer, len, 0, 0, md, pcre_mtc_ctx)) > 0) { Ustrncpy(regex_match_string_buffer, ri->pcre_text, sizeof(regex_match_string_buffer)-1); regex_match_string = regex_match_string_buffer; for (int nn = 1; nn < n; nn++) - regex_vars[nn-1] = - string_copyn(linebuffer + ovec[nn*2], ovec[nn*2+1] - ovec[nn*2]); + { + PCRE2_UCHAR * cstr; + PCRE2_SIZE cslen; + pcre2_substring_get_bynumber(md, nn, &cstr, &cslen); + regex_vars[nn-1] = US cstr; + } return OK; } } +pcre2_match_data_free(md); return FAIL; } diff --git a/src/src/routers/iplookup.c b/src/src/routers/iplookup.c index 3035b8863..04bc8e26f 100644 --- a/src/src/routers/iplookup.c +++ b/src/src/routers/iplookup.c @@ -165,7 +165,7 @@ host_item *host = store_get(sizeof(host_item), FALSE); address_item *new_addr; iplookup_router_options_block *ob = (iplookup_router_options_block *)(rblock->options_block); -const pcre *re = ob->re_response_pattern; +const pcre2_code *re = ob->re_response_pattern; int count, query_len, rc; int sep = 0; diff --git a/src/src/routers/iplookup.h b/src/src/routers/iplookup.h index d5217ef0f..9b2bf0f41 100644 --- a/src/src/routers/iplookup.h +++ b/src/src/routers/iplookup.h @@ -17,7 +17,7 @@ typedef struct { uschar *query; uschar *response_pattern; uschar *reroute; - const pcre *re_response_pattern; + const pcre2_code *re_response_pattern; BOOL optional; } iplookup_router_options_block; diff --git a/src/src/routers/redirect.c b/src/src/routers/redirect.c index 0090ddaed..71769dbc3 100644 --- a/src/src/routers/redirect.c +++ b/src/src/routers/redirect.c @@ -734,15 +734,13 @@ switch (frc) addr->message = yield == FAIL ? US"forced rejection" : US"forced defer"; else { - int ovector[3]; - if (ob->forbid_smtp_code && - pcre_exec(regex_smtp_code, NULL, CS addr->message, - Ustrlen(addr->message), 0, PCRE_EOPT, - ovector, sizeof(ovector)/sizeof(int)) >= 0) + uschar * matched; + if ( ob->forbid_smtp_code + && regex_match(regex_smtp_code, addr->message, -1, &matched)) { DEBUG(D_route) debug_printf("SMTP code at start of error message " "is ignored because forbid_smtp_code is set\n"); - addr->message += ovector[1]; + addr->message += Ustrlen(matched); } addr->user_message = addr->message; setflag(addr, af_pass_message); diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index ee248c517..5e75e2c16 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -3266,27 +3266,26 @@ void smtp_message_code(uschar **code, int *codelen, uschar **msg, uschar **log_msg, BOOL check_valid) { -int n; -int ovector[3]; +uschar * match; +int len; -if (!msg || !*msg) return; - -if ((n = pcre_exec(regex_smtp_code, NULL, CS *msg, Ustrlen(*msg), 0, - PCRE_EOPT, ovector, sizeof(ovector)/sizeof(int))) < 0) return; +if (!msg || !*msg || !regex_match(regex_smtp_code, *msg, -1, &match)) + return; +len = Ustrlen(match); if (check_valid && (*msg)[0] != (*code)[0]) { log_write(0, LOG_MAIN|LOG_PANIC, "configured error code starts with " "incorrect digit (expected %c) in \"%s\"", (*code)[0], *msg); - if (log_msg != NULL && *log_msg == *msg) - *log_msg = string_sprintf("%s %s", *code, *log_msg + ovector[1]); + if (log_msg && *log_msg == *msg) + *log_msg = string_sprintf("%s %s", *code, *log_msg + len); } else { *code = *msg; - *codelen = ovector[1]; /* Includes final space */ + *codelen = len; /* Includes final space */ } -*msg += ovector[1]; /* Chop the code off the message */ +*msg += len; /* Chop the code off the message */ return; } diff --git a/src/src/transports/appendfile.c b/src/src/transports/appendfile.c index 2d008d97d..bbd4a161f 100644 --- a/src/src/transports/appendfile.c +++ b/src/src/transports/appendfile.c @@ -662,14 +662,14 @@ the log, because we are running as an unprivileged user here. Arguments: dirname the name of the directory countptr where to add the file count (because this function recurses) - regex a compiled regex to get the size from a name + re a compiled regex to get the size from a name Returns: the sum of the sizes of the stattable files zero if the directory cannot be opened */ off_t -check_dir_size(const uschar * dirname, int *countptr, const pcre *regex) +check_dir_size(const uschar * dirname, int * countptr, const pcre2_code * re) { DIR *dir; off_t sum = 0; @@ -688,14 +688,18 @@ for (struct dirent *ent; ent = readdir(dir); ) /* If there's a regex, try to find the size using it */ - if (regex) + if (re) { - int ovector[6]; - if (pcre_exec(regex, NULL, CS name, Ustrlen(name), 0, 0, ovector,6) >= 2) + pcre2_match_data * md = pcre2_match_data_create(2, pcre_gen_ctx); + int rc = pcre2_match(re, (PCRE2_SPTR)name, PCRE2_ZERO_TERMINATED, + 0, 0, md, pcre_mtc_ctx); + PCRE2_SIZE * ovec = pcre2_get_ovector_pointer(md); + if ( rc >= 0 + && (rc = pcre2_get_ovector_count(md)) >= 2) { uschar *endptr; - off_t size = (off_t)Ustrtod(name + ovector[2], &endptr); - if (endptr == name + ovector[3]) + off_t size = (off_t)Ustrtod(name + ovec[2], &endptr); + if (endptr == name + ovec[3]) { sum += size; DEBUG(D_transport) @@ -722,7 +726,7 @@ for (struct dirent *ent; ent = readdir(dir); ) if ((statbuf.st_mode & S_IFMT) == S_IFREG) sum += statbuf.st_size / statbuf.st_nlink; else if ((statbuf.st_mode & S_IFMT) == S_IFDIR) - sum += check_dir_size(path, &count, regex); + sum += check_dir_size(path, &count, re); } closedir(dir); @@ -2175,7 +2179,7 @@ scanning is expensive; for maildirs some fudges have been invented: else { uschar *check_path; /* Default quota check path */ - const pcre *regex = NULL; /* Regex for file size from file name */ + const pcre2_code * re = NULL; /* Regex for file size from file name */ if (!check_creation(string_sprintf("%s/any", path), ob->create_file, deliver_dir)) @@ -2218,18 +2222,20 @@ else if (ob->quota_value > 0 || THRESHOLD_CHECK || ob->maildir_use_size_file) { - const uschar *error; - int offset; + PCRE2_SIZE offset; + int err; /* Compile the regex if there is one. */ if (ob->quota_size_regex) { - if (!(regex = pcre_compile(CS ob->quota_size_regex, PCRE_COPT, - CCSS &error, &offset, NULL))) + if (!(re = pcre2_compile((PCRE2_SPTR)ob->quota_size_regex, + PCRE2_ZERO_TERMINATED, PCRE_COPT, &err, &offset, pcre_cmp_ctx))) { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); addr->message = string_sprintf("appendfile: regular expression " - "error: %s at offset %d while compiling %s", error, offset, + "error: %s at offset %l while compiling %s", errbuf, (long)offset, ob->quota_size_regex); return FALSE; } @@ -2304,19 +2310,21 @@ else #ifdef SUPPORT_MAILDIR if (ob->maildir_use_size_file) { - const pcre *dir_regex = NULL; - const uschar *error; - int offset; + const pcre2_code * dir_regex = NULL; + PCRE2_SIZE offset; + int err; if (ob->maildir_dir_regex) { int check_path_len = Ustrlen(check_path); - if (!(dir_regex = pcre_compile(CS ob->maildir_dir_regex, PCRE_COPT, - CCSS &error, &offset, NULL))) + if (!(dir_regex = pcre2_compile((PCRE2_SPTR)ob->maildir_dir_regex, + PCRE2_ZERO_TERMINATED, PCRE_COPT, &err, &offset, pcre_cmp_ctx))) { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); addr->message = string_sprintf("appendfile: regular expression " - "error: %s at offset %d while compiling %s", error, offset, + "error: %s at offset %l while compiling %s", errbuf, (long)offset, ob->maildir_dir_regex); return FALSE; } @@ -2335,7 +2343,7 @@ else uschar *s = path + check_path_len; while (*s == '/') s++; s = *s ? string_sprintf("%s/new", s) : US"new"; - if (pcre_exec(dir_regex, NULL, CS s, Ustrlen(s), 0, 0, NULL, 0) < 0) + if (!regex_match(dir_regex, s, -1, NULL)) { disable_quota = TRUE; DEBUG(D_transport) debug_printf("delivery directory does not match " @@ -2356,7 +2364,7 @@ else off_t size; int filecount; - if ((maildirsize_fd = maildir_ensure_sizefile(check_path, ob, regex, dir_regex, + if ((maildirsize_fd = maildir_ensure_sizefile(check_path, ob, re, dir_regex, &size, &filecount)) == -1) { addr->basic_errno = errno; @@ -2381,7 +2389,7 @@ else * (void)unlink(CS string_sprintf("%s/maildirsize", check_path)); * if (THRESHOLD_CHECK) * mailbox_size = maildir_compute_size(check_path, &mailbox_filecount, &old_latest, - * regex, dir_regex, FALSE); + * re, dir_regex, FALSE); * } */ @@ -2403,7 +2411,7 @@ else int filecount = 0; DEBUG(D_transport) debug_printf("quota checks on directory %s\n", check_path); - size = check_dir_size(check_path, &filecount, regex); + size = check_dir_size(check_path, &filecount, re); if (mailbox_size < 0) mailbox_size = size; if (mailbox_filecount < 0) mailbox_filecount = filecount; } diff --git a/src/src/transports/appendfile.h b/src/src/transports/appendfile.h index 4f0f126bc..0f5740ef8 100644 --- a/src/src/transports/appendfile.h +++ b/src/src/transports/appendfile.h @@ -94,6 +94,6 @@ extern void appendfile_transport_init(transport_instance *); /* Function that is shared with tf_maildir.c */ -extern off_t check_dir_size(const uschar *, int *, const pcre *); +extern off_t check_dir_size(const uschar *, int *, const pcre2_code *); /* End of transports/appendfile.h */ diff --git a/src/src/transports/lmtp.c b/src/src/transports/lmtp.c index 5a1b7c9b0..e3b3639ad 100644 --- a/src/src/transports/lmtp.c +++ b/src/src/transports/lmtp.c @@ -558,23 +558,23 @@ allows for message+recipient checks after the message has been received. */ /* First thing is to wait for an initial greeting. */ Ustrcpy(big_buffer, US"initial connection"); -if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', - timeout)) goto RESPONSE_FAILED; +if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout)) + goto RESPONSE_FAILED; /* Next, we send a LHLO command, and expect a positive response */ -if (!lmtp_write_command(fd_in, "%s %s\r\n", "LHLO", - primary_hostname)) goto WRITE_FAILED; +if (!lmtp_write_command(fd_in, "%s %s\r\n", "LHLO", primary_hostname)) + goto WRITE_FAILED; -if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', - timeout)) goto RESPONSE_FAILED; +if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout)) + goto RESPONSE_FAILED; /* If the ignore_quota option is set, note whether the server supports the IGNOREQUOTA option, and if so, set an appropriate addition for RCPT. */ if (ob->ignore_quota) - igquotstr = (pcre_exec(regex_IGNOREQUOTA, NULL, CS buffer, - Ustrlen(CS buffer), 0, PCRE_EOPT, NULL, 0) >= 0)? US" IGNOREQUOTA" : US""; + igquotstr = regex_match(regex_IGNOREQUOTA, buffer, -1, NULL) + ? US" IGNOREQUOTA" : US""; /* Now the envelope sender */ diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index 7bb1249cc..0db157a66 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -237,48 +237,39 @@ static unsigned ehlo_response(uschar * buf, unsigned checks); void smtp_deliver_init(void) { -if (!regex_PIPELINING) regex_PIPELINING = - regex_must_compile(US"\\n250[\\s\\-]PIPELINING(\\s|\\n|$)", FALSE, TRUE); - -if (!regex_SIZE) regex_SIZE = - regex_must_compile(US"\\n250[\\s\\-]SIZE(\\s|\\n|$)", FALSE, TRUE); - -if (!regex_AUTH) regex_AUTH = - regex_must_compile(AUTHS_REGEX, FALSE, TRUE); +struct list + { + const pcre2_code ** re; + const uschar * string; + } list[] = + { + { ®ex_AUTH, AUTHS_REGEX }, + { ®ex_CHUNKING, US"\\n250[\\s\\-]CHUNKING(\\s|\\n|$)" }, + { ®ex_DSN, US"\\n250[\\s\\-]DSN(\\s|\\n|$)" }, + { ®ex_IGNOREQUOTA, US"\\n250[\\s\\-]IGNOREQUOTA(\\s|\\n|$)" }, + { ®ex_PIPELINING, US"\\n250[\\s\\-]PIPELINING(\\s|\\n|$)" }, + { ®ex_SIZE, US"\\n250[\\s\\-]SIZE(\\s|\\n|$)" }, #ifndef DISABLE_TLS -if (!regex_STARTTLS) regex_STARTTLS = - regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE); + { ®ex_STARTTLS, US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)" }, #endif - -if (!regex_CHUNKING) regex_CHUNKING = - regex_must_compile(US"\\n250[\\s\\-]CHUNKING(\\s|\\n|$)", FALSE, TRUE); - #ifndef DISABLE_PRDR -if (!regex_PRDR) regex_PRDR = - regex_must_compile(US"\\n250[\\s\\-]PRDR(\\s|\\n|$)", FALSE, TRUE); + { ®ex_PRDR, US"\\n250[\\s\\-]PRDR(\\s|\\n|$)" }, #endif - #ifdef SUPPORT_I18N -if (!regex_UTF8) regex_UTF8 = - regex_must_compile(US"\\n250[\\s\\-]SMTPUTF8(\\s|\\n|$)", FALSE, TRUE); + { ®ex_UTF8, US"\\n250[\\s\\-]SMTPUTF8(\\s|\\n|$)" }, #endif - -if (!regex_DSN) regex_DSN = - regex_must_compile(US"\\n250[\\s\\-]DSN(\\s|\\n|$)", FALSE, TRUE); - -if (!regex_IGNOREQUOTA) regex_IGNOREQUOTA = - regex_must_compile(US"\\n250[\\s\\-]IGNOREQUOTA(\\s|\\n|$)", FALSE, TRUE); - #ifndef DISABLE_PIPE_CONNECT -if (!regex_EARLY_PIPE) regex_EARLY_PIPE = - regex_must_compile(US"\\n250[\\s\\-]" EARLY_PIPE_FEATURE_NAME "(\\s|\\n|$)", FALSE, TRUE); + { ®ex_EARLY_PIPE, US"\\n250[\\s\\-]" EARLY_PIPE_FEATURE_NAME "(\\s|\\n|$)" }, #endif - #ifdef EXPERIMENTAL_ESMTP_LIMITS -if (!regex_LIMITS) regex_LIMITS = - regex_must_compile(US"\\n250[\\s\\-]LIMITS\\s", FALSE, TRUE); + { ®ex_LIMITS, US"\\n250[\\s\\-]LIMITS\\s" }, #endif + }; + +for (struct list * l = list; l < list + nelem(list); l++) + if (!*l->re) + *l->re = regex_must_compile(l->string, FALSE, TRUE); } @@ -777,13 +768,12 @@ This saves us dealing with a duplicate set of values. */ static void ehlo_response_limits_read(smtp_context * sx) { -int ovec[3]; /* results vector for a main-match only */ +uschar * match; /* matches up to just after the first space after the keyword */ -if (pcre_exec(regex_LIMITS, NULL, CS sx->buffer, Ustrlen(sx->buffer), - 0, PCRE_EOPT, ovec, nelem(ovec)) >= 0) - for (const uschar * s = sx->buffer + ovec[1]; *s; ) +if (regex_match(regex_LIMITS, sx->buffer, -1, &match)) + for (const uschar * s = sx->buffer + Ustrlen(match); *s; ) { while (isspace(*s)) s++; if (*s == '\n') break; @@ -1809,57 +1799,65 @@ return Ustrcmp(current_local_identity, message_local_identity) == 0; static unsigned ehlo_response(uschar * buf, unsigned checks) { -size_t bsize = Ustrlen(buf); +PCRE2_SIZE bsize = Ustrlen(buf); +pcre2_match_data * md = pcre2_match_data_create(1, pcre_gen_ctx); /* debug_printf("%s: check for 0x%04x\n", __FUNCTION__, checks); */ #ifndef DISABLE_TLS if ( checks & OPTION_TLS - && pcre_exec(regex_STARTTLS, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_STARTTLS, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) #endif checks &= ~OPTION_TLS; if ( checks & OPTION_IGNQ - && pcre_exec(regex_IGNOREQUOTA, NULL, CS buf, bsize, 0, - PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_IGNOREQUOTA, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_IGNQ; if ( checks & OPTION_CHUNKING - && pcre_exec(regex_CHUNKING, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_CHUNKING, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_CHUNKING; #ifndef DISABLE_PRDR if ( checks & OPTION_PRDR - && pcre_exec(regex_PRDR, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_PRDR, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) #endif checks &= ~OPTION_PRDR; #ifdef SUPPORT_I18N if ( checks & OPTION_UTF8 - && pcre_exec(regex_UTF8, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_UTF8, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) #endif checks &= ~OPTION_UTF8; if ( checks & OPTION_DSN - && pcre_exec(regex_DSN, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_DSN, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_DSN; if ( checks & OPTION_PIPE - && pcre_exec(regex_PIPELINING, NULL, CS buf, bsize, 0, - PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_PIPELINING, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_PIPE; if ( checks & OPTION_SIZE - && pcre_exec(regex_SIZE, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_SIZE, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) checks &= ~OPTION_SIZE; #ifndef DISABLE_PIPE_CONNECT if ( checks & OPTION_EARLY_PIPE - && pcre_exec(regex_EARLY_PIPE, NULL, CS buf, bsize, 0, - PCRE_EOPT, NULL, 0) < 0) + && pcre2_match(regex_EARLY_PIPE, + (PCRE2_SPTR)buf, bsize, 0, PCRE_EOPT, md, pcre_mtc_ctx) < 0) #endif checks &= ~OPTION_EARLY_PIPE; +pcre2_match_data_free(md); /* debug_printf("%s: found 0x%04x\n", __FUNCTION__, checks); */ return checks; } diff --git a/src/src/transports/tf_maildir.c b/src/src/transports/tf_maildir.c index cd1964aa7..2d7d01f11 100644 --- a/src/src/transports/tf_maildir.c +++ b/src/src/transports/tf_maildir.c @@ -140,24 +140,26 @@ for (i = 0; i < 4; i++) /* If the basic path matches maildirfolder_create_regex, we are dealing with a subfolder, and should ensure that a maildirfolder file exists. */ -if (maildirfolder_create_regex != NULL) +if (maildirfolder_create_regex) { - const uschar *error; - int offset; - const pcre *regex; + int err; + PCRE2_SIZE offset; + const pcre2_code * re; DEBUG(D_transport) debug_printf("checking for maildirfolder requirement\n"); - if (!(regex = pcre_compile(CS maildirfolder_create_regex, PCRE_COPT, - CCSS &error, &offset, NULL))) + if (!(re = pcre2_compile((PCRE2_SPTR)maildirfolder_create_regex, + PCRE2_ZERO_TERMINATED, PCRE_COPT, &err, &offset, pcre_cmp_ctx))) { + uschar errbuf[128]; + pcre2_get_error_message(err, errbuf, sizeof(errbuf)); addr->message = string_sprintf("appendfile: regular expression " - "error: %s at offset %d while compiling %s", error, offset, + "error: %s at offset %l while compiling %s", errbuf, (long)offset, maildirfolder_create_regex); return FALSE; } - if (pcre_exec(regex, NULL, CS path, Ustrlen(path), 0, 0, NULL, 0) >= 0) + if (regex_match(re, path, -1, NULL)) { uschar *fname = string_sprintf("%s/maildirfolder", path); if (Ustat(fname, &statbuf) == 0) @@ -250,7 +252,7 @@ Returns: the sum of the sizes of the messages off_t maildir_compute_size(uschar *path, int *filecount, time_t *latest, - const pcre *regex, const pcre *dir_regex, BOOL timestamp_only) + const pcre2_code *regex, const pcre2_code *dir_regex, BOOL timestamp_only) { DIR *dir; off_t sum = 0; @@ -269,8 +271,7 @@ for (struct dirent *ent; ent = readdir(dir); ) scan. We do the regex match first, because that avoids a stat() for names we aren't interested in. */ - if (dir_regex != NULL && - pcre_exec(dir_regex, NULL, CS name, Ustrlen(name), 0, 0, NULL, 0) < 0) + if (dir_regex && !regex_match(dir_regex, name, -1, NULL)) { DEBUG(D_transport) debug_printf("skipping %s/%s: dir_regex does not match\n", path, name); @@ -358,7 +359,7 @@ Returns: >=0 a file descriptor for an open maildirsize file int maildir_ensure_sizefile(uschar *path, appendfile_transport_options_block *ob, - const pcre *regex, const pcre *dir_regex, off_t *returned_size, + const pcre2_code *regex, const pcre2_code *dir_regex, off_t *returned_size, int *returned_filecount) { int count, fd; diff --git a/src/src/transports/tf_maildir.h b/src/src/transports/tf_maildir.h index 0be6bc481..8c26b32c0 100644 --- a/src/src/transports/tf_maildir.h +++ b/src/src/transports/tf_maildir.h @@ -8,13 +8,13 @@ /* Header file for the functions that are used to support the use of maildirsize files for quota handling in maildir directories. */ -extern off_t maildir_compute_size(uschar *, int *, time_t *, const pcre *, - const pcre *, BOOL); +extern off_t maildir_compute_size(uschar *, int *, time_t *, const pcre2_code *, + const pcre2_code *, BOOL); extern BOOL maildir_ensure_directories(uschar *, address_item *, BOOL, int, uschar *); extern int maildir_ensure_sizefile(uschar *, - appendfile_transport_options_block *, const pcre *, - const pcre *, off_t *, int *); + appendfile_transport_options_block *, const pcre2_code *, + const pcre2_code *, off_t *, int *); extern void maildir_record_length(int, int); /* End of tf_maildir.h */ -- cgit v1.2.3 From ecb371298ce4ab016d055de06cff252098e6e603 Mon Sep 17 00:00:00 2001 From: Thomas Noll Date: Wed, 15 Sep 2021 16:29:41 +0100 Subject: Constification --- doc/doc-txt/ChangeLog | 5 +++++ src/src/expand.c | 4 ++-- src/src/filter.c | 53 +++++++++++++++++++++++++++------------------------ src/src/functions.h | 7 ++++--- src/src/globals.c | 2 +- src/src/local_scan.h | 7 ++++--- src/src/parse.c | 3 ++- src/src/rfc2047.c | 6 +++--- 8 files changed, 49 insertions(+), 38 deletions(-) (limited to 'doc') diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 63f357885..62156137e 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -13,6 +13,11 @@ JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from JH/02 Move from using the pcre library to pcre2. The former is no longer being developed or supported (by the original developer). +JH/03 Constification work in the filters module required a major version + bump for the local-scan API. Specifically, the "headers_charset" + global which is visible via the API is now const and may therefore + not be modified by local-scan code. + Exim version 4.95 ----------------- diff --git a/src/src/expand.c b/src/src/expand.c index 88d4e756f..3d48301a1 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -1593,7 +1593,7 @@ Returns: NULL if the header does not exist, else a pointer to a new */ static uschar * -find_header(uschar *name, int *newsize, unsigned flags, uschar *charset) +find_header(uschar *name, int *newsize, unsigned flags, const uschar *charset) { BOOL found = !name; int len = name ? Ustrlen(name) : 0; @@ -4592,7 +4592,7 @@ while (*s) unsigned flags = *name == 'r' ? FH_WANT_RAW : *name == 'l' ? FH_WANT_RAW|FH_WANT_LIST : 0; - uschar * charset = *name == 'b' ? NULL : headers_charset; + const uschar * charset = *name == 'b' ? NULL : headers_charset; s = read_header_name(name, sizeof(name), s); value = find_header(name, &newsize, flags, charset); diff --git a/src/src/filter.c b/src/src/filter.c index dfcc80271..1dbae43e9 100644 --- a/src/src/filter.c +++ b/src/src/filter.c @@ -1993,16 +1993,19 @@ while (commands) s = expargs[0]; if (filter_test != FTEST_NONE) - printf("Headers %s \"%s\"\n", (subtype == TRUE)? "add" : - (subtype == FALSE)? "remove" : "charset", string_printing(s)); + printf("Headers %s \"%s\"\n", + subtype == TRUE ? "add" + : subtype == FALSE ? "remove" + : "charset", + string_printing(s)); if (subtype == TRUE) { while (isspace(*s)) s++; - if (s[0] != 0) + if (*s) { - header_add(htype_other, "%s%s", s, (s[Ustrlen(s)-1] == '\n')? - "" : "\n"); + header_add(htype_other, "%s%s", s, + s[Ustrlen(s)-1] == '\n' ? "" : "\n"); header_last->type = header_checkname(header_last, FALSE); if (header_last->type >= 'a') header_last->type = htype_other; } @@ -2020,7 +2023,7 @@ while (commands) /* This setting lasts only while the filter is running; on exit, the variable is reset to the previous value. */ - else headers_charset = s; /*XXX loses track of const */ + else headers_charset = s; } break; @@ -2043,18 +2046,18 @@ while (commands) ff_name = US"freeze"; ff_ret = FF_FREEZE; - DEFERFREEZEFAIL: - fmsg = expargs[0]; /*XXX loses track of const */ - if (Ustrlen(fmsg) > 1024) Ustrcpy(fmsg + 1000, US" ... (truncated)"); - fmsg = US string_printing(fmsg); - *error_pointer = fmsg; + DEFERFREEZEFAIL: + *error_pointer = fmsg = US string_printing(Ustrlen(expargs[0]) > 1024 + ? string_sprintf("%.1000s ... (truncated)", expargs[0]) + : string_copy(expargs[0])); if (filter_test != FTEST_NONE) { indent(); printf("%c%s text \"%s\"\n", toupper(ff_name[0]), ff_name+1, fmsg); } - else DEBUG(D_filter) debug_printf_indent("Filter: %s \"%s\"\n", ff_name, fmsg); + else + DEBUG(D_filter) debug_printf_indent("Filter: %s \"%s\"\n", ff_name, fmsg); return ff_ret; case finish_command: @@ -2064,19 +2067,19 @@ while (commands) printf("%sinish\n", (commands->seen)? "Seen f" : "F"); } else - { DEBUG(D_filter) debug_printf_indent("Filter: %sfinish\n", - (commands->seen)? " Seen " : ""); - } + commands->seen ? " Seen " : ""); finish_obeyed = TRUE; - return filter_delivered? FF_DELIVERED : FF_NOTDELIVERED; + return filter_delivered ? FF_DELIVERED : FF_NOTDELIVERED; case if_command: { uschar *save_address = filter_thisaddress; int ok = FF_DELIVERED; condition_value = test_condition(commands->args[0].c, TRUE); - if (*error_pointer != NULL) ok = FF_ERROR; else + if (*error_pointer) + ok = FF_ERROR; + else { output_indent += 2; ok = interpret_commands(commands->args[condition_value? 1:2].f, @@ -2084,7 +2087,7 @@ while (commands) output_indent -= 2; } filter_thisaddress = save_address; - if (finish_obeyed || (ok != FF_DELIVERED && ok != FF_NOTDELIVERED)) + if (finish_obeyed || ok != FF_DELIVERED && ok != FF_NOTDELIVERED) return ok; } break; @@ -2096,7 +2099,7 @@ while (commands) case mail_command: case vacation_command: - if (return_path == NULL || return_path[0] == 0) + if (!return_path || !*return_path) { if (filter_test != FTEST_NONE) printf("%s command ignored because return_path is empty\n", @@ -2126,10 +2129,10 @@ while (commands) for (i = 0; i < MAILARGS_STRING_COUNT; i++) { - uschar *p; + const uschar *p; const uschar *s = expargs[i]; - if (s == NULL) continue; + if (!s) continue; if (i != mailarg_index_text) for (p = s; *p != 0; p++) { @@ -2161,12 +2164,12 @@ while (commands) else { - uschar *pp; + const uschar *pp; for (pp = p + 1;; pp++) { c = *pp; if (c == ':' && pp != p + 1) break; - if (c == 0 || c == ':' || isspace(*pp)) + if (!c || c == ':' || isspace(c)) { *error_pointer = string_sprintf("\\n not followed by space or " "valid header name in \"%.1024s\" in %s command", @@ -2196,7 +2199,7 @@ while (commands) commands->noerror ? " (noerror)" : ""); for (i = 1; i < MAILARGS_STRING_COUNT; i++) { - uschar *arg = commands->args[i].u; + const uschar *arg = commands->args[i].u; if (arg) { int len = Ustrlen(mailargs[i]); @@ -2505,7 +2508,7 @@ filter_interpret(uschar *filter, int options, address_item **generated, int i; int yield = FF_ERROR; uschar *ptr = filter; -uschar *save_headers_charset = headers_charset; +const uschar *save_headers_charset = headers_charset; filter_cmd *commands = NULL; filter_cmd **lastcmdptr = &commands; diff --git a/src/src/functions.h b/src/src/functions.h index a51998864..43424061a 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -378,7 +378,8 @@ extern uschar *parse_find_address_end(const uschar *, BOOL); extern const uschar *parse_find_at(const uschar *); extern const uschar *parse_fix_phrase(const uschar *, int); extern const uschar *parse_message_id(const uschar *, uschar **, uschar **); -extern const uschar *parse_quote_2047(const uschar *, int, uschar *, BOOL); +extern const uschar *parse_quote_2047(const uschar *, int, const uschar *, + BOOL); extern const uschar *parse_date_time(const uschar *str, time_t *t); extern void priv_drop_temp(const uid_t, const gid_t); extern void priv_restore(void); @@ -444,8 +445,8 @@ extern header_line *rewrite_header(header_line *, extern const uschar *rewrite_one(const uschar *, int, BOOL *, BOOL, uschar *, rewrite_rule *); extern void rewrite_test(const uschar *); -extern uschar *rfc2047_decode2(uschar *, BOOL, uschar *, int, int *, int *, - uschar **); +extern uschar *rfc2047_decode2(uschar *, BOOL, const uschar *, int, int *, + int *, uschar **); extern int route_address(address_item *, address_item **, address_item **, address_item **, address_item **, int); extern int route_check_prefix(const uschar *, const uschar *, unsigned *); diff --git a/src/src/globals.c b/src/src/globals.c index 7dfbc7608..19269138c 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -953,7 +953,7 @@ volatile sig_atomic_t had_command_timeout = 0; volatile sig_atomic_t had_command_sigterm = 0; volatile sig_atomic_t had_data_timeout = 0; volatile sig_atomic_t had_data_sigint = 0; -uschar *headers_charset = US HEADERS_CHARSET; +const uschar *headers_charset = US HEADERS_CHARSET; int header_insert_maxlen = 64 * 1024; header_line *header_last = NULL; header_line *header_list = NULL; diff --git a/src/src/local_scan.h b/src/src/local_scan.h index cb50a6809..3efe94941 100644 --- a/src/src/local_scan.h +++ b/src/src/local_scan.h @@ -40,7 +40,7 @@ ABI is changed in a non backward compatible way. The minor number is increased each time a new feature is added (in a way that doesn't break backward compatibility). */ -#define LOCAL_SCAN_ABI_VERSION_MAJOR 4 +#define LOCAL_SCAN_ABI_VERSION_MAJOR 5 #define LOCAL_SCAN_ABI_VERSION_MINOR 1 #define LOCAL_SCAN_ABI_VERSION \ LOCAL_SCAN_ABI_VERSION_MAJOR.LOCAL_SCAN_ABI_VERSION_MINOR @@ -160,7 +160,7 @@ extern unsigned int debug_selector; /* Debugging bits */ extern int body_linecount; /* Line count in body */ extern int body_zerocount; /* Binary zero count in body */ extern uschar *expand_string_message; /* Error info for failing expansion */ -extern uschar *headers_charset; /* Charset for RFC 2047 decoding */ +extern const uschar *headers_charset; /* Charset for RFC 2047 decoding */ extern header_line *header_last; /* Final header */ extern header_line *header_list; /* First header */ extern BOOL host_checking; /* Set when checking a host */ @@ -198,7 +198,8 @@ extern int lss_match_address(uschar *, uschar *, BOOL); extern int lss_match_host(uschar *, uschar *, uschar *); extern void receive_add_recipient(uschar *, int); extern BOOL receive_remove_recipient(uschar *); -extern uschar *rfc2047_decode(uschar *, BOOL, uschar *, int, int *, uschar **); +extern uschar *rfc2047_decode(uschar *, BOOL, const uschar *, int, int *, + uschar **); extern int smtp_fflush(void); extern void smtp_printf(const char *, BOOL, ...) PRINTF_FUNCTION(1,3); extern void smtp_vprintf(const char *, BOOL, va_list); diff --git a/src/src/parse.c b/src/src/parse.c index 58f894199..352f07d60 100644 --- a/src/src/parse.c +++ b/src/src/parse.c @@ -863,7 +863,8 @@ Returns: pointer to the original string, if no quoting needed, or */ const uschar * -parse_quote_2047(const uschar *string, int len, uschar *charset, BOOL fold) +parse_quote_2047(const uschar *string, int len, const uschar *charset, + BOOL fold) { const uschar * s = string; int hlen, l; diff --git a/src/src/rfc2047.c b/src/src/rfc2047.c index 6c461029b..c3cf4db11 100644 --- a/src/src/rfc2047.c +++ b/src/src/rfc2047.c @@ -186,8 +186,8 @@ Returns: the decoded, converted string, or NULL on error; if there are */ uschar * -rfc2047_decode2(uschar *string, BOOL lencheck, uschar *target, int zeroval, - int *lenptr, int *sizeptr, uschar **error) +rfc2047_decode2(uschar *string, BOOL lencheck, const uschar *target, + int zeroval, int *lenptr, int *sizeptr, uschar **error) { int size = Ustrlen(string); size_t dlen; @@ -336,7 +336,7 @@ return string_from_gstring(yield); argument. */ uschar * -rfc2047_decode(uschar *string, BOOL lencheck, uschar *target, int zeroval, +rfc2047_decode(uschar *string, BOOL lencheck, const uschar *target, int zeroval, int *lenptr, uschar **error) { return rfc2047_decode2(string, lencheck, target, zeroval, lenptr, NULL, error); -- cgit v1.2.3 From 513ea57aae151098dad2df9d05a3b495de3aac48 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Mon, 20 Sep 2021 22:19:59 +0100 Subject: Docs: update for constification Broken-by: ecb371298c --- doc/doc-docbook/spec.xfpt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 3691b8ba6..812924ac8 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -35384,8 +35384,10 @@ discussed below. .vitem &*header_line&~*header_last*& A pointer to the last of the header lines. -.vitem &*uschar&~*headers_charset*& +.new +.vitem &*const&~uschar&~*headers_charset*& The value of the &%headers_charset%& configuration option. +.wen .vitem &*BOOL&~host_checking*& This variable is TRUE during a host checking session that is initiated by the -- cgit v1.2.3