DLLEXPORT int
pdkim_feed(pdkim_ctx *ctx, char *data, int len)
{
int p;
for (p = 0; p<len; p++)
{
uschar c = data[p];
if (ctx->past_headers)
{
/* Processing body byte */
ctx->linebuf[ctx->linebuf_offset++] = c;
if (c == '\n')
{
int rc = pdkim_bodyline_complete(ctx); /* End of line */
if (rc != PDKIM_OK) return rc;
}
if (ctx->linebuf_offset == (PDKIM_MAX_BODY_LINE_LEN-1))
return PDKIM_ERR_LONG_LINE;
}
else
{
/* Processing header byte */
if (c != '\r')
{
if (c == '\n')
{
if (ctx->seen_lf)
{
int rc = pdkim_header_complete(ctx); /* Seen last header line */
if (rc != PDKIM_OK) return rc;
ctx->past_headers = TRUE;
ctx->seen_lf = 0;
DEBUG(D_acl) debug_printf(
"PDKIM >> Body data for hash, canonicalized >>>>>>>>>>>>>>>>>>>>>>\n");
continue;
}
else
ctx->seen_lf = TRUE;
}
else if (ctx->seen_lf)
{
if (!(c == '\t' || c == ' '))
{
int rc = pdkim_header_complete(ctx); /* End of header */
if (rc != PDKIM_OK) return rc;
}
ctx->seen_lf = FALSE;
}
}
if (ctx->cur_header_len < PDKIM_MAX_HEADER_LEN)
ctx->cur_header = string_catn(ctx->cur_header, &ctx->cur_header_size,
&ctx->cur_header_len, CUS &data[p], 1);
}
}
return PDKIM_OK;
}
static int
perform_pgsql_search(const uschar *query, uschar *server, uschar **resultptr,
uschar **errmsg, BOOL *defer_break, uint *do_cache)
{
PGconn *pg_conn = NULL;
PGresult *pg_result = NULL;
int i;
uschar *result = NULL;
int ssize = 0;
int offset = 0;
int yield = DEFER;
unsigned int num_fields, num_tuples;
pgsql_connection *cn;
uschar *server_copy = NULL;
uschar *sdata[3];
/* Disaggregate the parameters from the server argument. The order is host or
path, database, user, password. We can write to the string, since it is in a
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */
for (i = 2; i >= 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (pp == NULL)
{
*errmsg = string_sprintf("incomplete pgSQL server data: %s",
(i == 2)? server : server_copy);
*defer_break = TRUE;
return DEFER;
}
*pp++ = 0;
sdata[i] = pp;
if (i == 2) server_copy = string_copy(server); /* sans password */
}
/* The total server string has now been truncated so that what is left at the
start is the identification of the server (host or path). See if we have a
cached connection to the server. */
for (cn = pgsql_connections; cn != NULL; cn = cn->next)
{
if (Ustrcmp(cn->server, server_copy) == 0)
{
pg_conn = cn->handle;
break;
}
}
/* If there is no cached connection, we must set one up. */
if (cn == NULL)
{
uschar *port = US"";
/* For a Unix domain socket connection, the path is in parentheses */
if (*server == '(')
{
uschar *last_slash, *last_dot, *p;
p = ++server;
while (*p != 0 && *p != ')') p++;
*p = 0;
last_slash = Ustrrchr(server, '/');
last_dot = Ustrrchr(server, '.');
DEBUG(D_lookup) debug_printf("PGSQL new connection: socket=%s "
"database=%s user=%s\n", server, sdata[0], sdata[1]);
/* A valid socket name looks like this: /var/run/postgresql/.s.PGSQL.5432
We have to call PQsetdbLogin with '/var/run/postgresql' as the hostname
argument and put '5432' into the port variable. */
if (last_slash == NULL || last_dot == NULL)
{
*errmsg = string_sprintf("PGSQL invalid filename for socket: %s",
server);
*defer_break = TRUE;
return DEFER;
}
/* Terminate the path name and set up the port: we'll have something like
server = "/var/run/postgresql" and port = "5432". */
*last_slash = 0;
port = last_dot + 1;
}
/* Host connection; sort out the port */
else
{
uschar *p;
if ((p = Ustrchr(server, ':')) != NULL)
{
*p++ = 0;
port = p;
}
if (Ustrchr(server, '/') != NULL)
{
*errmsg = string_sprintf("unexpected slash in pgSQL server hostname: %s",
server);
*defer_break = TRUE;
return DEFER;
}
DEBUG(D_lookup) debug_printf("PGSQL new connection: host=%s port=%s "
"database=%s user=%s\n", server, port, sdata[0], sdata[1]);
}
/* If the database is the empty string, set it NULL - the query must then
define it. */
if (sdata[0][0] == 0) sdata[0] = NULL;
/* Get store for a new handle, initialize it, and connect to the server */
pg_conn=PQsetdbLogin(
/* host port options tty database user passwd */
CS server, CS port, NULL, NULL, CS sdata[0], CS sdata[1], CS sdata[2]);
if(PQstatus(pg_conn) == CONNECTION_BAD)
{
store_reset(server_copy);
*errmsg = string_sprintf("PGSQL connection failed: %s",
PQerrorMessage(pg_conn));
PQfinish(pg_conn);
goto PGSQL_EXIT;
}
/* Set the client encoding to SQL_ASCII, which means that the server will
not try to interpret the query as being in any fancy encoding such as UTF-8
or other multibyte code that might cause problems with escaping. */
PQsetClientEncoding(pg_conn, "SQL_ASCII");
/* Set the notice processor to prevent notices from being written to stderr
(which is what the default does). Our function (above) just produces debug
output. */
PQsetNoticeProcessor(pg_conn, notice_processor, NULL);
/* Add the connection to the cache */
cn = store_get(sizeof(pgsql_connection));
cn->server = server_copy;
cn->handle = pg_conn;
cn->next = pgsql_connections;
pgsql_connections = cn;
}
/* Else use a previously cached connection */
else
{
DEBUG(D_lookup) debug_printf("PGSQL using cached connection for %s\n",
server_copy);
}
/* Run the query */
pg_result = PQexec(pg_conn, CS query);
switch(PQresultStatus(pg_result))
{
case PGRES_EMPTY_QUERY:
case PGRES_COMMAND_OK:
/* The command was successful but did not return any data since it was
* not SELECT but either an INSERT, UPDATE or DELETE statement. Tell the
* high level code to not cache this query, and clean the current cache for
* this handle by setting *do_cache zero. */
result = string_copy(US PQcmdTuples(pg_result));
offset = Ustrlen(result);
*do_cache = 0;
DEBUG(D_lookup) debug_printf("PGSQL: command does not return any data "
"but was successful. Rows affected: %s\n", result);
case PGRES_TUPLES_OK:
break;
default:
/* This was the original code:
*errmsg = string_sprintf("PGSQL: query failed: %s\n",
PQresultErrorMessage(pg_result));
This was suggested by a user:
*/
*errmsg = string_sprintf("PGSQL: query failed: %s (%s) (%s)\n",
PQresultErrorMessage(pg_result),
PQresStatus(PQresultStatus(pg_result)), query);
goto PGSQL_EXIT;
}
/* Result is in pg_result. Find the number of fields returned. If this is one,
we don't add field names to the data. Otherwise we do. If the query did not
return anything we skip the for loop; this also applies to the case
PGRES_COMMAND_OK. */
num_fields = PQnfields(pg_result);
num_tuples = PQntuples(pg_result);
/* Get the fields and construct the result string. If there is more than one
row, we insert '\n' between them. */
for (i = 0; i < num_tuples; i++)
{
if (result != NULL)
result = string_catn(result, &ssize, &offset, US"\n", 1);
if (num_fields == 1)
{
result = string_catn(result, &ssize, &offset,
US PQgetvalue(pg_result, i, 0), PQgetlength(pg_result, i, 0));
}
else
{
int j;
for (j = 0; j < num_fields; j++)
{
uschar *tmp = US PQgetvalue(pg_result, i, j);
result = lf_quote(US PQfname(pg_result, j), tmp, Ustrlen(tmp), result,
&ssize, &offset);
}
}
}
/* If result is NULL then no data has been found and so we return FAIL.
Otherwise, we must terminate the string which has been built; string_cat()
always leaves enough room for a terminating zero. */
if (result == NULL)
{
yield = FAIL;
*errmsg = US"PGSQL: no data found";
}
else
{
result[offset] = 0;
store_reset(result + offset + 1);
}
/* Get here by goto from various error checks. */
PGSQL_EXIT:
/* Free store for any result that was got; don't close the connection, as
it is cached. */
if (pg_result != NULL) PQclear(pg_result);
/* Non-NULL result indicates a sucessful result */
if (result != NULL)
{
*resultptr = result;
return OK;
}
else
{
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return yield; /* FAIL or DEFER */
}
}
static int
dnsdb_find(void *handle, uschar *filename, const uschar *keystring, int length,
uschar **result, uschar **errmsg, uint *do_cache)
{
int rc;
int size = 256;
int ptr = 0;
int sep = 0;
int defer_mode = PASS;
int dnssec_mode = OK;
int save_retrans = dns_retrans;
int save_retry = dns_retry;
int type;
int failrc = FAIL;
const uschar *outsep = CUS"\n";
const uschar *outsep2 = NULL;
uschar *equals, *domain, *found;
/* Because we're the working in the search pool, we try to reclaim as much
store as possible later, so we preallocate the result here */
uschar *yield = store_get(size);
dns_record *rr;
dns_answer dnsa;
dns_scan dnss;
handle = handle; /* Keep picky compilers happy */
filename = filename;
length = length;
do_cache = do_cache;
/* If the string starts with '>' we change the output separator.
If it's followed by ';' or ',' we set the TXT output separator. */
while (isspace(*keystring)) keystring++;
if (*keystring == '>')
{
outsep = keystring + 1;
keystring += 2;
if (*keystring == ',')
{
outsep2 = keystring + 1;
keystring += 2;
}
else if (*keystring == ';')
{
outsep2 = US"";
keystring++;
}
while (isspace(*keystring)) keystring++;
}
/* Check for a modifier keyword. */
for (;;)
{
if (strncmpic(keystring, US"defer_", 6) == 0)
{
keystring += 6;
if (strncmpic(keystring, US"strict", 6) == 0)
{ defer_mode = DEFER; keystring += 6; }
else if (strncmpic(keystring, US"lax", 3) == 0)
{ defer_mode = PASS; keystring += 3; }
else if (strncmpic(keystring, US"never", 5) == 0)
{ defer_mode = OK; keystring += 5; }
else
{
*errmsg = US"unsupported dnsdb defer behaviour";
return DEFER;
}
}
else if (strncmpic(keystring, US"dnssec_", 7) == 0)
{
keystring += 7;
if (strncmpic(keystring, US"strict", 6) == 0)
{ dnssec_mode = DEFER; keystring += 6; }
else if (strncmpic(keystring, US"lax", 3) == 0)
{ dnssec_mode = PASS; keystring += 3; }
else if (strncmpic(keystring, US"never", 5) == 0)
{ dnssec_mode = OK; keystring += 5; }
else
{
*errmsg = US"unsupported dnsdb dnssec behaviour";
return DEFER;
}
}
else if (strncmpic(keystring, US"retrans_", 8) == 0)
{
int timeout_sec;
if ((timeout_sec = readconf_readtime(keystring += 8, ',', FALSE)) <= 0)
{
*errmsg = US"unsupported dnsdb timeout value";
return DEFER;
}
dns_retrans = timeout_sec;
while (*keystring != ',') keystring++;
}
else if (strncmpic(keystring, US"retry_", 6) == 0)
{
int retries;
if ((retries = (int)strtol(CCS keystring + 6, CSS &keystring, 0)) < 0)
{
*errmsg = US"unsupported dnsdb retry count";
return DEFER;
}
dns_retry = retries;
}
else
break;
while (isspace(*keystring)) keystring++;
if (*keystring++ != ',')
{
*errmsg = US"dnsdb modifier syntax error";
return DEFER;
}
while (isspace(*keystring)) keystring++;
}
/* Figure out the "type" value if it is not T_TXT.
If the keystring contains an = this must be preceded by a valid type name. */
type = T_TXT;
if ((equals = Ustrchr(keystring, '=')) != NULL)
{
int i, len;
uschar *tend = equals;
while (tend > keystring && isspace(tend[-1])) tend--;
len = tend - keystring;
for (i = 0; i < nelem(type_names); i++)
if (len == Ustrlen(type_names[i]) &&
strncmpic(keystring, US type_names[i], len) == 0)
{
type = type_values[i];
break;
}
if (i >= nelem(type_names))
{
*errmsg = US"unsupported DNS record type";
return DEFER;
}
keystring = equals + 1;
while (isspace(*keystring)) keystring++;
}
/* Initialize the resolver in case this is the first time it has been used. */
dns_init(FALSE, FALSE, dnssec_mode != OK);
/* The remainder of the string must be a list of domains. As long as the lookup
for at least one of them succeeds, we return success. Failure means that none
of them were found.
The original implementation did not support a list of domains. Adding the list
feature is compatible, except in one case: when PTR records are being looked up
for a single IPv6 address. Fortunately, we can hack in a compatibility feature
here: If the type is PTR and no list separator is specified, and the entire
remaining string is valid as an IP address, set an impossible separator so that
it is treated as one item. */
if (type == T_PTR && keystring[0] != '<' &&
string_is_ip_address(keystring, NULL) != 0)
sep = -1;
/* SPF strings should be concatenated without a separator, thus make
it the default if not defined (see RFC 4408 section 3.1.3).
Multiple SPF records are forbidden (section 3.1.2) but are currently
not handled specially, thus they are concatenated with \n by default.
MX priority and value are space-separated by default.
SRV and TLSA record parts are space-separated by default. */
if (!outsep2) switch(type)
{
case T_SPF: outsep2 = US""; break;
case T_SRV: case T_MX: case T_TLSA: outsep2 = US" "; break;
}
/* Now scan the list and do a lookup for each item */
while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
{
uschar rbuffer[256];
int searchtype = (type == T_CSA)? T_SRV : /* record type we want */
(type == T_MXH)? T_MX :
(type == T_ZNS)? T_NS : type;
/* If the type is PTR or CSA, we have to construct the relevant magic lookup
key if the original is an IP address (some experimental protocols are using
PTR records for different purposes where the key string is a host name, and
Exim's extended CSA can be keyed by domains or IP addresses). This code for
doing the reversal is now in a separate function. */
if ((type == T_PTR || type == T_CSA) &&
string_is_ip_address(domain, NULL) != 0)
{
dns_build_reverse(domain, rbuffer);
domain = rbuffer;
}
do
{
DEBUG(D_lookup) debug_printf("dnsdb key: %s\n", domain);
/* Do the lookup and sort out the result. There are four special types that
are handled specially: T_CSA, T_ZNS, T_ADDRESSES and T_MXH.
The first two are handled in a special lookup function so that the facility
could be used from other parts of the Exim code. T_ADDRESSES is handled by looping
over the types of A lookup. T_MXH affects only what happens later on in
this function, but for tidiness it is handled by the "special". If the
lookup fails, continue with the next domain. In the case of DEFER, adjust
the final "nothing found" result, but carry on to the next domain. */
found = domain;
#if HAVE_IPV6
if (type == T_ADDRESSES) /* NB cannot happen unless HAVE_IPV6 */
{
if (searchtype == T_ADDRESSES) searchtype = T_AAAA;
else if (searchtype == T_AAAA) searchtype = T_A;
rc = dns_special_lookup(&dnsa, domain, searchtype, CUSS &found);
}
else
#endif
rc = dns_special_lookup(&dnsa, domain, type, CUSS &found);
lookup_dnssec_authenticated = dnssec_mode==OK ? NULL
: dns_is_secure(&dnsa) ? US"yes" : US"no";
if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue;
if ( rc != DNS_SUCCEED
|| (dnssec_mode == DEFER && !dns_is_secure(&dnsa))
)
{
if (defer_mode == DEFER)
{
dns_retrans = save_retrans;
dns_retry = save_retry;
dns_init(FALSE, FALSE, FALSE); /* clr dnssec bit */
return DEFER; /* always defer */
}
if (defer_mode == PASS) failrc = DEFER; /* defer only if all do */
continue; /* treat defer as fail */
}
/* Search the returned records */
for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
rr != NULL;
rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
{
if (rr->type != searchtype) continue;
if (*do_cache > rr->ttl)
*do_cache = rr->ttl;
if (type == T_A || type == T_AAAA || type == T_ADDRESSES)
{
dns_address *da;
for (da = dns_address_from_rr(&dnsa, rr); da; da = da->next)
{
if (ptr != 0) yield = string_catn(yield, &size, &ptr, outsep, 1);
yield = string_cat(yield, &size, &ptr, da->address);
}
continue;
}
/* Other kinds of record just have one piece of data each, but there may be
several of them, of course. */
if (ptr != 0) yield = string_catn(yield, &size, &ptr, outsep, 1);
if (type == T_TXT || type == T_SPF)
{
if (outsep2 == NULL)
{
/* output only the first item of data */
yield = string_catn(yield, &size, &ptr, (uschar *)(rr->data+1),
(rr->data)[0]);
}
else
{
/* output all items */
int data_offset = 0;
while (data_offset < rr->size)
{
uschar chunk_len = (rr->data)[data_offset++];
if (outsep2[0] != '\0' && data_offset != 1)
yield = string_catn(yield, &size, &ptr, outsep2, 1);
yield = string_catn(yield, &size, &ptr,
US ((rr->data)+data_offset), chunk_len);
data_offset += chunk_len;
}
}
}
else if (type == T_TLSA)
{
uint8_t usage, selector, matching_type;
uint16_t i, payload_length;
uschar s[MAX_TLSA_EXPANDED_SIZE];
uschar * sp = s;
uschar * p = US rr->data;
usage = *p++;
selector = *p++;
matching_type = *p++;
/* What's left after removing the first 3 bytes above */
payload_length = rr->size - 3;
sp += sprintf(CS s, "%d%c%d%c%d%c", usage, *outsep2,
selector, *outsep2, matching_type, *outsep2);
/* Now append the cert/identifier, one hex char at a time */
for (i=0;
i < payload_length && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4);
i++)
sp += sprintf(CS sp, "%02x", (unsigned char)p[i]);
yield = string_cat(yield, &size, &ptr, s);
}
else /* T_CNAME, T_CSA, T_MX, T_MXH, T_NS, T_PTR, T_SOA, T_SRV */
{
int priority, weight, port;
uschar s[264];
uschar * p = US rr->data;
switch (type)
{
case T_MXH:
/* mxh ignores the priority number and includes only the hostnames */
GETSHORT(priority, p);
break;
case T_MX:
GETSHORT(priority, p);
sprintf(CS s, "%d%c", priority, *outsep2);
yield = string_cat(yield, &size, &ptr, s);
break;
case T_SRV:
GETSHORT(priority, p);
GETSHORT(weight, p);
GETSHORT(port, p);
sprintf(CS s, "%d%c%d%c%d%c", priority, *outsep2,
weight, *outsep2, port, *outsep2);
yield = string_cat(yield, &size, &ptr, s);
break;
case T_CSA:
/* See acl_verify_csa() for more comments about CSA. */
GETSHORT(priority, p);
GETSHORT(weight, p);
GETSHORT(port, p);
if (priority != 1) continue; /* CSA version must be 1 */
/* If the CSA record we found is not the one we asked for, analyse
the subdomain assertions in the port field, else analyse the direct
authorization status in the weight field. */
if (Ustrcmp(found, domain) != 0)
{
if (port & 1) *s = 'X'; /* explicit authorization required */
else *s = '?'; /* no subdomain assertions here */
}
else
{
if (weight < 2) *s = 'N'; /* not authorized */
else if (weight == 2) *s = 'Y'; /* authorized */
else if (weight == 3) *s = '?'; /* unauthorizable */
else continue; /* invalid */
}
s[1] = ' ';
yield = string_catn(yield, &size, &ptr, s, 2);
break;
default:
break;
}
/* GETSHORT() has advanced the pointer to the target domain. */
rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p,
(DN_EXPAND_ARG4_TYPE)s, sizeof(s));
/* If an overlong response was received, the data will have been
truncated and dn_expand may fail. */
if (rc < 0)
{
log_write(0, LOG_MAIN, "host name alias list truncated: type=%s "
"domain=%s", dns_text_type(type), domain);
break;
}
else yield = string_cat(yield, &size, &ptr, s);
if (type == T_SOA && outsep2 != NULL)
{
unsigned long serial, refresh, retry, expire, minimum;
p += rc;
yield = string_catn(yield, &size, &ptr, outsep2, 1);
rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p,
(DN_EXPAND_ARG4_TYPE)s, sizeof(s));
if (rc < 0)
{
log_write(0, LOG_MAIN, "responsible-mailbox truncated: type=%s "
"domain=%s", dns_text_type(type), domain);
break;
}
else yield = string_cat(yield, &size, &ptr, s);
p += rc;
GETLONG(serial, p); GETLONG(refresh, p);
GETLONG(retry, p); GETLONG(expire, p); GETLONG(minimum, p);
sprintf(CS s, "%c%lu%c%lu%c%lu%c%lu%c%lu",
*outsep2, serial, *outsep2, refresh,
*outsep2, retry, *outsep2, expire, *outsep2, minimum);
yield = string_cat(yield, &size, &ptr, s);
}
}
} /* Loop for list of returned records */
/* Loop for set of A-lookup types */
} while (type == T_ADDRESSES && searchtype != T_A);
} /* Loop for list of domains */
/* Reclaim unused memory */
store_reset(yield + ptr + 1);
/* If ptr == 0 we have not found anything. Otherwise, insert the terminating
zero and return the result. */
dns_retrans = save_retrans;
dns_retry = save_retry;
dns_init(FALSE, FALSE, FALSE); /* clear the dnssec bit for getaddrbyname */
if (ptr == 0) return failrc;
yield[ptr] = 0;
*result = yield;
return OK;
}
static int
perform_redis_search(const uschar *command, uschar *server, uschar **resultptr,
uschar **errmsg, BOOL *defer_break, uint *do_cache)
{
redisContext *redis_handle = NULL; /* Keep compilers happy */
redisReply *redis_reply = NULL;
redisReply *entry = NULL;
redisReply *tentry = NULL;
redis_connection *cn;
int ssize = 0;
int offset = 0;
int yield = DEFER;
int i, j;
uschar *result = NULL;
uschar *server_copy = NULL;
uschar *tmp, *ttmp;
uschar *sdata[3];
/* Disaggregate the parameters from the server argument.
The order is host:port(socket)
We can write to the string, since it is in a nextinlist temporary buffer.
This copy is also used for debugging output. */
memset(sdata, 0, sizeof(sdata)) /* Set all to NULL */;
for (i = 2; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (!pp)
{
*errmsg = string_sprintf("incomplete Redis server data: %s",
i == 2 ? server : server_copy);
*defer_break = TRUE;
return DEFER;
}
*pp++ = 0;
sdata[i] = pp;
if (i == 2) server_copy = string_copy(server); /* sans password */
}
sdata[0] = server; /* What's left at the start */
/* If the database or password is an empty string, set it NULL */
if (sdata[1][0] == 0) sdata[1] = NULL;
if (sdata[2][0] == 0) sdata[2] = NULL;
/* See if we have a cached connection to the server */
for (cn = redis_connections; cn; cn = cn->next)
if (Ustrcmp(cn->server, server_copy) == 0)
{
redis_handle = cn->handle;
break;
}
if (!cn)
{
uschar *p;
uschar *socket = NULL;
int port = 0;
/* int redis_err = REDIS_OK; */
if ((p = Ustrchr(sdata[0], '(')))
{
*p++ = 0;
socket = p;
while (*p != 0 && *p != ')') p++;
*p = 0;
}
if ((p = Ustrchr(sdata[0], ':')))
{
*p++ = 0;
port = Uatoi(p);
}
else
port = Uatoi("6379");
if (Ustrchr(server, '/'))
{
*errmsg = string_sprintf("unexpected slash in Redis server hostname: %s",
sdata[0]);
*defer_break = TRUE;
return DEFER;
}
DEBUG(D_lookup)
debug_printf("REDIS new connection: host=%s port=%d socket=%s database=%s\n",
sdata[0], port, socket, sdata[1]);
/* Get store for a new handle, initialize it, and connect to the server */
/* XXX: Use timeouts ? */
redis_handle =
socket ? redisConnectUnix(CCS socket) : redisConnect(CCS server, port);
if (!redis_handle)
{
*errmsg = string_sprintf("REDIS connection failed");
*defer_break = FALSE;
goto REDIS_EXIT;
}
/* Add the connection to the cache */
cn = store_get(sizeof(redis_connection));
cn->server = server_copy;
cn->handle = redis_handle;
cn->next = redis_connections;
redis_connections = cn;
}
else
{
DEBUG(D_lookup)
debug_printf("REDIS using cached connection for %s\n", server_copy);
}
/* Authenticate if there is a password */
if(sdata[2])
if (!(redis_reply = redisCommand(redis_handle, "AUTH %s", sdata[2])))
{
*errmsg = string_sprintf("REDIS Authentication failed: %s\n", redis_handle->errstr);
*defer_break = FALSE;
goto REDIS_EXIT;
}
/* Select the database if there is a dbnumber passed */
if(sdata[1])
{
if (!(redis_reply = redisCommand(redis_handle, "SELECT %s", sdata[1])))
{
*errmsg = string_sprintf("REDIS: Selecting database=%s failed: %s\n", sdata[1], redis_handle->errstr);
*defer_break = FALSE;
goto REDIS_EXIT;
}
DEBUG(D_lookup) debug_printf("REDIS: Selecting database=%s\n", sdata[1]);
}
/* split string on whitespace into argv */
{
uschar * argv[32];
int i;
const uschar * s = command;
int siz, ptr;
uschar c;
while (isspace(*s)) s++;
for (i = 0; *s && i < nele(argv); i++)
{
for (argv[i] = NULL, siz = ptr = 0; (c = *s) && !isspace(c); s++)
if (c != '\\' || *++s) /* backslash protects next char */
argv[i] = string_catn(argv[i], &siz, &ptr, s, 1);
*(argv[i]+ptr) = '\0';
DEBUG(D_lookup) debug_printf("REDIS: argv[%d] '%s'\n", i, argv[i]);
while (isspace(*s)) s++;
}
/* Run the command. We use the argv form rather than plain as that parses
into args by whitespace yet has no escaping mechanism. */
redis_reply = redisCommandArgv(redis_handle, i, (const char **) argv, NULL);
if (!redis_reply)
{
*errmsg = string_sprintf("REDIS: query failed: %s\n", redis_handle->errstr);
*defer_break = FALSE;
goto REDIS_EXIT;
}
}
switch (redis_reply->type)
{
case REDIS_REPLY_ERROR:
*errmsg = string_sprintf("REDIS: lookup result failed: %s\n", redis_reply->str);
*defer_break = FALSE;
*do_cache = 0;
goto REDIS_EXIT;
/* NOTREACHED */
case REDIS_REPLY_NIL:
DEBUG(D_lookup)
debug_printf("REDIS: query was not one that returned any data\n");
result = string_sprintf("");
*do_cache = 0;
goto REDIS_EXIT;
/* NOTREACHED */
case REDIS_REPLY_INTEGER:
ttmp = (redis_reply->integer != 0) ? US"true" : US"false";
result = string_cat(result, &ssize, &offset, US ttmp);
break;
case REDIS_REPLY_STRING:
case REDIS_REPLY_STATUS:
result = string_catn(result, &ssize, &offset,
US redis_reply->str, redis_reply->len);
break;
case REDIS_REPLY_ARRAY:
/* NOTE: For now support 1 nested array result. If needed a limitless
result can be parsed */
for (i = 0; i < redis_reply->elements; i++)
{
entry = redis_reply->element[i];
if (result)
result = string_catn(result, &ssize, &offset, US"\n", 1);
switch (entry->type)
{
case REDIS_REPLY_INTEGER:
tmp = string_sprintf("%d", entry->integer);
result = string_cat(result, &ssize, &offset, US tmp);
break;
case REDIS_REPLY_STRING:
result = string_catn(result, &ssize, &offset,
US entry->str, entry->len);
break;
case REDIS_REPLY_ARRAY:
for (j = 0; j < entry->elements; j++)
{
tentry = entry->element[j];
if (result)
result = string_catn(result, &ssize, &offset, US"\n", 1);
switch (tentry->type)
{
case REDIS_REPLY_INTEGER:
ttmp = string_sprintf("%d", tentry->integer);
result = string_cat(result, &ssize, &offset, US ttmp);
break;
case REDIS_REPLY_STRING:
result = string_catn(result, &ssize, &offset,
US tentry->str, tentry->len);
break;
case REDIS_REPLY_ARRAY:
DEBUG(D_lookup)
debug_printf("REDIS: result has nesting of arrays which"
" is not supported. Ignoring!\n");
break;
default:
DEBUG(D_lookup) debug_printf(
"REDIS: result has unsupported type. Ignoring!\n");
break;
}
}
break;
default:
DEBUG(D_lookup) debug_printf("REDIS: query returned unsupported type\n");
break;
}
}
break;
}
if (result)
{
result[offset] = 0;
store_reset(result + offset + 1);
}
else
{
yield = FAIL;
*errmsg = US"REDIS: no data found";
}
REDIS_EXIT:
/* Free store for any result that was got; don't close the connection,
as it is cached. */
if (redis_reply) freeReplyObject(redis_reply);
/* Non-NULL result indicates a sucessful result */
if (result)
{
*resultptr = result;
return OK;
}
else
{
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
/* NOTE: Required to close connection since it needs to be reopened */
return yield; /* FAIL or DEFER */
}
}
uschar *
rfc2047_decode2(uschar *string, BOOL lencheck, uschar *target, int zeroval,
int *lenptr, int *sizeptr, uschar **error)
{
int size = Ustrlen(string);
size_t dlen;
uschar *dptr;
gstring *yield;
uschar *mimeword, *q1, *q2, *endword;
*error = NULL;
mimeword = decode_mimeword(string, lencheck, &q1, &q2, &endword, &dlen, &dptr);
if (!mimeword)
{
if (lenptr) *lenptr = size;
return string;
}
/* Scan through the string, decoding MIME words and copying intermediate text,
building the result as we go. The result may be longer than the input if it is
translated into a multibyte code such as UTF-8. That's why we use the dynamic
string building code. */
yield = store_get(sizeof(gstring) + ++size);
yield->size = size;
yield->ptr = 0;
yield->s = US(yield + 1);
while (mimeword)
{
#if HAVE_ICONV
iconv_t icd = (iconv_t)(-1);
#endif
if (mimeword != string)
yield = string_catn(yield, string, mimeword - string);
/* Do a charset translation if required. This is supported only on hosts
that have the iconv() function. Translation errors set error, but carry on,
using the untranslated data. If there is more than one error, the message
passed back refers to the final one. We use a loop to cater for the case
of long strings - the RFC puts limits on the length, but it's best to be
robust. */
#if HAVE_ICONV
*q1 = 0;
if (target != NULL && strcmpic(target, mimeword+2) != 0)
{
icd = iconv_open(CS target, CS(mimeword+2));
if (icd == (iconv_t)(-1))
{
*error = string_sprintf("iconv_open(\"%s\", \"%s\") failed: %s%s",
target, mimeword+2, strerror(errno),
(errno == EINVAL)? " (maybe unsupported conversion)" : "");
}
}
*q1 = '?';
#endif
while (dlen > 0)
{
uschar *tptr = NULL; /* Stops compiler warning */
int tlen = -1;
#if HAVE_ICONV
uschar tbuffer[256];
uschar *outptr = tbuffer;
size_t outleft = sizeof(tbuffer);
/* If translation is required, go for it. */
if (icd != (iconv_t)(-1))
{
(void)iconv(icd, (ICONV_ARG2_TYPE)(&dptr), &dlen, CSS &outptr, &outleft);
/* If outptr has been adjusted, there is some output. Set up to add it to
the output buffer. The function will have adjusted dptr and dlen. If
iconv() stopped because of an error, we'll pick it up next time when
there's no output.
If there is no output, we expect there to have been a translation
error, because we know there was at least one input byte. We leave the
value of tlen as -1, which causes the rest of the input to be copied
verbatim. */
if (outptr > tbuffer)
{
tptr = tbuffer;
tlen = outptr - tbuffer;
}
else
{
DEBUG(D_any) debug_printf("iconv error translating \"%.*s\" to %s: "
"%s\n", (int)(endword + 2 - mimeword), mimeword, target, strerror(errno));
}
}
#endif
/* No charset translation is happening or there was a translation error;
just set up the original as the string to be added, and mark it all used.
*/
if (tlen == -1)
{
tptr = dptr;
tlen = dlen;
dlen = 0;
}
/* Deal with zero values; convert them if requested. */
if (zeroval != 0)
for (int i = 0; i < tlen; i++)
if (tptr[i] == 0) tptr[i] = zeroval;
/* Add the new string onto the result */
yield = string_catn(yield, tptr, tlen);
}
#if HAVE_ICONV
if (icd != (iconv_t)(-1)) iconv_close(icd);
#endif
/* Update string past the MIME word; skip any white space if the next thing
is another MIME word. */
string = endword + 2;
mimeword = decode_mimeword(string, lencheck, &q1, &q2, &endword, &dlen, &dptr);
if (mimeword)
{
uschar *s = string;
while (isspace(*s)) s++;
if (s == mimeword) string = s;
}
}
/* Copy the remaining characters of the string, zero-terminate it, and return
the length as well if requested. */
yield = string_cat(yield, string);
if (lenptr) *lenptr = yield->ptr;
if (sizeptr) *sizeptr = yield->size;
return string_from_gstring(yield);
}
static pdkim_signature *
pdkim_parse_sig_header(pdkim_ctx *ctx, uschar * raw_hdr)
{
pdkim_signature *sig ;
uschar *p, *q;
uschar * cur_tag = NULL; int ts = 0, tl = 0;
uschar * cur_val = NULL; int vs = 0, vl = 0;
BOOL past_hname = FALSE;
BOOL in_b_val = FALSE;
int where = PDKIM_HDR_LIMBO;
int i;
sig = store_get(sizeof(pdkim_signature));
memset(sig, 0, sizeof(pdkim_signature));
sig->bodylength = -1;
q = sig->rawsig_no_b_val = store_get(Ustrlen(raw_hdr)+1);
for (p = raw_hdr; ; p++)
{
char c = *p;
/* Ignore FWS */
if (c == '\r' || c == '\n')
goto NEXT_CHAR;
/* Fast-forward through header name */
if (!past_hname)
{
if (c == ':') past_hname = TRUE;
goto NEXT_CHAR;
}
if (where == PDKIM_HDR_LIMBO)
{
/* In limbo, just wait for a tag-char to appear */
if (!(c >= 'a' && c <= 'z'))
goto NEXT_CHAR;
where = PDKIM_HDR_TAG;
}
if (where == PDKIM_HDR_TAG)
{
if (c >= 'a' && c <= 'z')
cur_tag = string_catn(cur_tag, &ts, &tl, p, 1);
if (c == '=')
{
cur_tag[tl] = '\0';
if (Ustrcmp(cur_tag, "b") == 0)
{
*q++ = '=';
in_b_val = TRUE;
}
where = PDKIM_HDR_VALUE;
goto NEXT_CHAR;
}
}
if (where == PDKIM_HDR_VALUE)
{
if (c == '\r' || c == '\n' || c == ' ' || c == '\t')
goto NEXT_CHAR;
if (c == ';' || c == '\0')
{
if (tl && vl)
{
cur_val[vl] = '\0';
pdkim_strtrim(cur_val);
DEBUG(D_acl) debug_printf(" %s=%s\n", cur_tag, cur_val);
switch (*cur_tag)
{
case 'b':
if (cur_tag[1] == 'h')
pdkim_decode_base64(cur_val, &sig->bodyhash);
else
pdkim_decode_base64(cur_val, &sig->sigdata);
break;
case 'v':
/* We only support version 1, and that is currently the
only version there is. */
if (Ustrcmp(cur_val, PDKIM_SIGNATURE_VERSION) == 0)
sig->version = 1;
break;
case 'a':
for (i = 0; pdkim_algos[i]; i++)
if (Ustrcmp(cur_val, pdkim_algos[i]) == 0)
{
sig->algo = i;
break;
}
break;
case 'c':
for (i = 0; pdkim_combined_canons[i].str; i++)
if (Ustrcmp(cur_val, pdkim_combined_canons[i].str) == 0)
{
sig->canon_headers = pdkim_combined_canons[i].canon_headers;
sig->canon_body = pdkim_combined_canons[i].canon_body;
break;
}
break;
case 'q':
for (i = 0; pdkim_querymethods[i]; i++)
if (Ustrcmp(cur_val, pdkim_querymethods[i]) == 0)
{
sig->querymethod = i;
break;
}
break;
case 's':
sig->selector = string_copy(cur_val); break;
case 'd':
sig->domain = string_copy(cur_val); break;
case 'i':
sig->identity = pdkim_decode_qp(cur_val); break;
case 't':
sig->created = strtoul(CS cur_val, NULL, 10); break;
case 'x':
sig->expires = strtoul(CS cur_val, NULL, 10); break;
case 'l':
sig->bodylength = strtol(CS cur_val, NULL, 10); break;
case 'h':
sig->headernames = string_copy(cur_val); break;
case 'z':
sig->copiedheaders = pdkim_decode_qp(cur_val); break;
default:
DEBUG(D_acl) debug_printf(" Unknown tag encountered\n");
break;
}
}
tl = 0;
vl = 0;
in_b_val = FALSE;
where = PDKIM_HDR_LIMBO;
}
else
cur_val = string_catn(cur_val, &vs, &vl, p, 1);
}
NEXT_CHAR:
if (c == '\0')
break;
if (!in_b_val)
*q++ = c;
}
/* Make sure the most important bits are there. */
if (!sig->version)
return NULL;
*q = '\0';
/* Chomp raw header. The final newline must not be added to the signature. */
while (--q > sig->rawsig_no_b_val && (*q == '\r' || *q == '\n'))
*q = '\0';
DEBUG(D_acl)
{
debug_printf(
"PDKIM >> Raw signature w/o b= tag value >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n");
pdkim_quoteprint(US sig->rawsig_no_b_val, Ustrlen(sig->rawsig_no_b_val));
debug_printf(
"PDKIM >> Sig size: %4u bits\n", (unsigned) sig->sigdata.len*8);
debug_printf(
"PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n");
}
exim_sha_init(&sig->body_hash, sig->algo == PDKIM_ALGO_RSA_SHA1 ? HASH_SHA1 : HASH_SHA256);
return sig;
}
static pdkim_pubkey *
pdkim_parse_pubkey_record(pdkim_ctx *ctx, const uschar *raw_record)
{
pdkim_pubkey *pub;
const uschar *p;
uschar * cur_tag = NULL; int ts = 0, tl = 0;
uschar * cur_val = NULL; int vs = 0, vl = 0;
int where = PDKIM_HDR_LIMBO;
pub = store_get(sizeof(pdkim_pubkey));
memset(pub, 0, sizeof(pdkim_pubkey));
for (p = raw_record; ; p++)
{
char c = *p;
/* Ignore FWS */
if (c == '\r' || c == '\n')
goto NEXT_CHAR;
if (where == PDKIM_HDR_LIMBO)
{
/* In limbo, just wait for a tag-char to appear */
if (!(c >= 'a' && c <= 'z'))
goto NEXT_CHAR;
where = PDKIM_HDR_TAG;
}
if (where == PDKIM_HDR_TAG)
{
if (c >= 'a' && c <= 'z')
cur_tag = string_catn(cur_tag, &ts, &tl, p, 1);
if (c == '=')
{
cur_tag[tl] = '\0';
where = PDKIM_HDR_VALUE;
goto NEXT_CHAR;
}
}
if (where == PDKIM_HDR_VALUE)
{
if (c == ';' || c == '\0')
{
if (tl && vl)
{
cur_val[vl] = '\0';
pdkim_strtrim(cur_val);
DEBUG(D_acl) debug_printf(" %s=%s\n", cur_tag, cur_val);
switch (cur_tag[0])
{
case 'v':
/* This tag isn't evaluated because:
- We only support version DKIM1.
- Which is the default for this value (set below)
- Other versions are currently not specified. */
break;
case 'h':
case 'k':
pub->hashes = string_copy(cur_val); break;
case 'g':
pub->granularity = string_copy(cur_val); break;
case 'n':
pub->notes = pdkim_decode_qp(cur_val); break;
case 'p':
pdkim_decode_base64(US cur_val, &pub->key);
break;
case 's':
pub->srvtype = string_copy(cur_val); break;
case 't':
if (Ustrchr(cur_val, 'y') != NULL) pub->testing = 1;
if (Ustrchr(cur_val, 's') != NULL) pub->no_subdomaining = 1;
break;
default:
DEBUG(D_acl) debug_printf(" Unknown tag encountered\n");
break;
}
}
tl = 0;
vl = 0;
where = PDKIM_HDR_LIMBO;
}
else
cur_val = string_catn(cur_val, &vs, &vl, p, 1);
}
NEXT_CHAR:
if (c == '\0') break;
}
/* Set fallback defaults */
if (!pub->version ) pub->version = string_copy(PDKIM_PUB_RECORD_VERSION);
if (!pub->granularity) pub->granularity = string_copy(US"*");
if (!pub->keytype ) pub->keytype = string_copy(US"rsa");
if (!pub->srvtype ) pub->srvtype = string_copy(US"*");
/* p= is required */
if (pub->key.data)
return pub;
return NULL;
}
static uschar *
pdkim_headcat(int * col, uschar * str, int * size, int * ptr,
const uschar * pad, const uschar * intro, const uschar * payload)
{
size_t l;
if (pad)
{
l = Ustrlen(pad);
if (*col + l > 78)
str = pdkim_hdr_cont(str, size, ptr, col);
str = string_catn(str, size, ptr, pad, l);
*col += l;
}
l = (pad?1:0) + (intro?Ustrlen(intro):0);
if (*col + l > 78)
{ /*can't fit intro - start a new line to make room.*/
str = pdkim_hdr_cont(str, size, ptr, col);
l = intro?Ustrlen(intro):0;
}
l += payload ? Ustrlen(payload):0 ;
while (l>77)
{ /* this fragment will not fit on a single line */
if (pad)
{
str = string_catn(str, size, ptr, US" ", 1);
*col += 1;
pad = NULL; /* only want this once */
l--;
}
if (intro)
{
size_t sl = Ustrlen(intro);
str = string_catn(str, size, ptr, intro, sl);
*col += sl;
l -= sl;
intro = NULL; /* only want this once */
}
if (payload)
{
size_t sl = Ustrlen(payload);
size_t chomp = *col+sl < 77 ? sl : 78-*col;
str = string_catn(str, size, ptr, payload, chomp);
*col += chomp;
payload += chomp;
l -= chomp-1;
}
/* the while precondition tells us it didn't fit. */
str = pdkim_hdr_cont(str, size, ptr, col);
}
if (*col + l > 78)
{
str = pdkim_hdr_cont(str, size, ptr, col);
pad = NULL;
}
if (pad)
{
str = string_catn(str, size, ptr, US" ", 1);
*col += 1;
pad = NULL;
}
if (intro)
{
size_t sl = Ustrlen(intro);
str = string_catn(str, size, ptr, intro, sl);
*col += sl;
l -= sl;
intro = NULL;
}
if (payload)
{
size_t sl = Ustrlen(payload);
str = string_catn(str, size, ptr, payload, sl);
*col += sl;
}
return str;
}
/* Extend a grwong header with a continuation-linebreak */
static uschar *
pdkim_hdr_cont(uschar * str, int * size, int * ptr, int * col)
{
*col = 1;
return string_catn(str, size, ptr, US"\r\n\t", 3);
}
/* -------------------------------------------------------------------------- */
static uschar *
pdkim_create_header(pdkim_signature *sig, BOOL final)
{
uschar * base64_bh;
uschar * base64_b;
int col = 0;
uschar * hdr; int hdr_size = 0, hdr_len = 0;
uschar * canon_all; int can_size = 0, can_len = 0;
canon_all = string_cat (NULL, &can_size, &can_len,
pdkim_canons[sig->canon_headers]);
canon_all = string_catn(canon_all, &can_size, &can_len, US"/", 1);
canon_all = string_cat (canon_all, &can_size, &can_len,
pdkim_canons[sig->canon_body]);
canon_all[can_len] = '\0';
hdr = string_cat(NULL, &hdr_size, &hdr_len,
US"DKIM-Signature: v="PDKIM_SIGNATURE_VERSION);
col = hdr_len;
/* Required and static bits */
hdr = pdkim_headcat(&col, hdr, &hdr_size, &hdr_len, US";", US"a=",
pdkim_algos[sig->algo]);
hdr = pdkim_headcat(&col, hdr, &hdr_size, &hdr_len, US";", US"q=",
pdkim_querymethods[sig->querymethod]);
hdr = pdkim_headcat(&col, hdr, &hdr_size, &hdr_len, US";", US"c=",
canon_all);
static int
perform_ibase_search(uschar * query, uschar * server, uschar ** resultptr,
uschar ** errmsg, BOOL * defer_break)
{
isc_stmt_handle stmth = NULL;
XSQLDA *out_sqlda;
XSQLVAR *var;
char buffer[256];
ISC_STATUS status[20], *statusp = status;
int i;
int ssize = 0;
int offset = 0;
int yield = DEFER;
uschar *result = NULL;
ibase_connection *cn;
uschar *server_copy = NULL;
uschar *sdata[3];
/* Disaggregate the parameters from the server argument. The order is host,
database, user, password. We can write to the string, since it is in a
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */
for (i = 2; i > 0; i--) {
uschar *pp = Ustrrchr(server, '|');
if (pp == NULL) {
*errmsg =
string_sprintf("incomplete Interbase server data: %s",
(i == 3) ? server : server_copy);
*defer_break = TRUE;
return DEFER;
}
*pp++ = 0;
sdata[i] = pp;
if (i == 2)
server_copy = string_copy(server); /* sans password */
}
sdata[0] = server; /* What's left at the start */
/* See if we have a cached connection to the server */
for (cn = ibase_connections; cn != NULL; cn = cn->next) {
if (Ustrcmp(cn->server, server_copy) == 0) {
break;
}
}
/* Use a previously cached connection ? */
if (cn != NULL) {
static char db_info_options[] = { isc_info_base_level };
/* test if the connection is alive */
if (isc_database_info
(status, &cn->dbh, sizeof(db_info_options), db_info_options,
sizeof(buffer), buffer)) {
/* error occurred: assume connection is down */
DEBUG(D_lookup)
debug_printf
("Interbase cleaning up cached connection: %s\n",
cn->server);
isc_detach_database(status, &cn->dbh);
} else {
DEBUG(D_lookup)
debug_printf("Interbase using cached connection for %s\n",
server_copy);
}
} else {
cn = store_get(sizeof(ibase_connection));
cn->server = server_copy;
cn->dbh = NULL;
cn->transh = NULL;
cn->next = ibase_connections;
ibase_connections = cn;
}
/* If no cached connection, we must set one up. */
if (cn->dbh == NULL || cn->transh == NULL) {
char *dpb, *p;
short dpb_length;
static char trans_options[] =
{ isc_tpb_version3, isc_tpb_read, isc_tpb_read_committed,
isc_tpb_rec_version
};
/* Construct the database parameter buffer. */
dpb = buffer;
*dpb++ = isc_dpb_version1;
*dpb++ = isc_dpb_user_name;
*dpb++ = strlen(sdata[1]);
for (p = sdata[1]; *p;)
*dpb++ = *p++;
*dpb++ = isc_dpb_password;
*dpb++ = strlen(sdata[2]);
for (p = sdata[2]; *p;)
*dpb++ = *p++;
dpb_length = dpb - buffer;
DEBUG(D_lookup)
debug_printf("new Interbase connection: database=%s user=%s\n",
sdata[0], sdata[1]);
/* Connect to the database */
if (isc_attach_database
(status, 0, sdata[0], &cn->dbh, dpb_length, buffer)) {
isc_interprete(buffer, &statusp);
*errmsg =
string_sprintf("Interbase attach() failed: %s", buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
/* Now start a read-only read-committed transaction */
if (isc_start_transaction
(status, &cn->transh, 1, &cn->dbh, sizeof(trans_options),
trans_options)) {
isc_interprete(buffer, &statusp);
isc_detach_database(status, &cn->dbh);
*errmsg =
string_sprintf("Interbase start_transaction() failed: %s",
buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
}
/* Run the query */
if (isc_dsql_allocate_statement(status, &cn->dbh, &stmth)) {
isc_interprete(buffer, &statusp);
*errmsg =
string_sprintf("Interbase alloc_statement() failed: %s",
buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
out_sqlda = store_get(XSQLDA_LENGTH(1));
out_sqlda->version = SQLDA_VERSION1;
out_sqlda->sqln = 1;
if (isc_dsql_prepare
(status, &cn->transh, &stmth, 0, query, 1, out_sqlda)) {
isc_interprete(buffer, &statusp);
store_reset(out_sqlda);
out_sqlda = NULL;
*errmsg =
string_sprintf("Interbase prepare_statement() failed: %s",
buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
/* re-allocate the output structure if there's more than one field */
if (out_sqlda->sqln < out_sqlda->sqld) {
XSQLDA *new_sqlda = store_get(XSQLDA_LENGTH(out_sqlda->sqld));
if (isc_dsql_describe
(status, &stmth, out_sqlda->version, new_sqlda)) {
isc_interprete(buffer, &statusp);
isc_dsql_free_statement(status, &stmth, DSQL_drop);
store_reset(out_sqlda);
out_sqlda = NULL;
*errmsg =
string_sprintf("Interbase describe_statement() failed: %s",
buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
out_sqlda = new_sqlda;
}
/* allocate storage for every returned field */
for (i = 0, var = out_sqlda->sqlvar; i < out_sqlda->sqld; i++, var++) {
switch (var->sqltype & ~1) {
case SQL_VARYING:
var->sqldata =
(char *) store_get(sizeof(char) * var->sqllen + 2);
break;
case SQL_TEXT:
var->sqldata =
(char *) store_get(sizeof(char) * var->sqllen);
break;
case SQL_SHORT:
var->sqldata = (char *) store_get(sizeof(short));
break;
case SQL_LONG:
var->sqldata = (char *) store_get(sizeof(ISC_LONG));
break;
#ifdef SQL_INT64
case SQL_INT64:
var->sqldata = (char *) store_get(sizeof(ISC_INT64));
break;
#endif
case SQL_FLOAT:
var->sqldata = (char *) store_get(sizeof(float));
break;
case SQL_DOUBLE:
var->sqldata = (char *) store_get(sizeof(double));
break;
#ifdef SQL_TIMESTAMP
case SQL_DATE:
var->sqldata = (char *) store_get(sizeof(ISC_QUAD));
break;
#else
case SQL_TIMESTAMP:
var->sqldata = (char *) store_get(sizeof(ISC_TIMESTAMP));
break;
case SQL_TYPE_DATE:
var->sqldata = (char *) store_get(sizeof(ISC_DATE));
break;
case SQL_TYPE_TIME:
var->sqldata = (char *) store_get(sizeof(ISC_TIME));
break;
#endif
}
if (var->sqltype & 1) {
var->sqlind = (short *) store_get(sizeof(short));
}
}
/* finally, we're ready to execute the statement */
if (isc_dsql_execute
(status, &cn->transh, &stmth, out_sqlda->version, NULL)) {
isc_interprete(buffer, &statusp);
*errmsg =
string_sprintf("Interbase describe_statement() failed: %s",
buffer);
isc_dsql_free_statement(status, &stmth, DSQL_drop);
*defer_break = FALSE;
goto IBASE_EXIT;
}
while (isc_dsql_fetch(status, &stmth, out_sqlda->version, out_sqlda) !=
100L) {
/* check if an error occurred */
if (status[0] & status[1]) {
isc_interprete(buffer, &statusp);
*errmsg =
string_sprintf("Interbase fetch() failed: %s", buffer);
isc_dsql_free_statement(status, &stmth, DSQL_drop);
*defer_break = FALSE;
goto IBASE_EXIT;
}
if (result != NULL)
result = string_catn(result, &ssize, &offset, US "\n", 1);
/* Find the number of fields returned. If this is one, we don't add field
names to the data. Otherwise we do. */
if (out_sqlda->sqld == 1) {
if (out_sqlda->sqlvar[0].sqlind == NULL || *out_sqlda->sqlvar[0].sqlind != -1) /* NULL value yields nothing */
result =
string_catn(result, &ssize, &offset, US buffer,
fetch_field(buffer, sizeof(buffer),
&out_sqlda->sqlvar[0]));
}
else
for (i = 0; i < out_sqlda->sqld; i++) {
int len = fetch_field(buffer, sizeof(buffer),
&out_sqlda->sqlvar[i]);
result =
string_cat(result, &ssize, &offset,
US out_sqlda->sqlvar[i].aliasname,
out_sqlda->sqlvar[i].aliasname_length);
result = string_catn(result, &ssize, &offset, US "=", 1);
/* Quote the value if it contains spaces or is empty */
if (*out_sqlda->sqlvar[i].sqlind == -1) { /* NULL value */
result =
string_catn(result, &ssize, &offset, US "\"\"", 2);
}
else if (buffer[0] == 0 || Ustrchr(buffer, ' ') != NULL) {
int j;
result =
string_catn(result, &ssize, &offset, US "\"", 1);
for (j = 0; j < len; j++) {
if (buffer[j] == '\"' || buffer[j] == '\\')
result =
string_cat(result, &ssize, &offset,
US "\\", 1);
result =
string_cat(result, &ssize, &offset,
US buffer + j, 1);
}
result =
string_catn(result, &ssize, &offset, US "\"", 1);
} else {
result =
string_catn(result, &ssize, &offset, US buffer, len);
}
result = string_catn(result, &ssize, &offset, US " ", 1);
}
}
/* If result is NULL then no data has been found and so we return FAIL.
Otherwise, we must terminate the string which has been built; string_cat()
always leaves enough room for a terminating zero. */
if (result == NULL) {
yield = FAIL;
*errmsg = US "Interbase: no data found";
} else {
result[offset] = 0;
store_reset(result + offset + 1);
}
/* Get here by goto from various error checks. */
IBASE_EXIT:
if (stmth != NULL)
isc_dsql_free_statement(status, &stmth, DSQL_drop);
/* Non-NULL result indicates a successful result */
if (result != NULL) {
*resultptr = result;
return OK;
} else {
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return yield; /* FAIL or DEFER */
}
}
uschar *
string_nextinlist(const uschar **listptr, int *separator, uschar *buffer, int buflen)
{
int sep = *separator;
const uschar *s = *listptr;
BOOL sep_is_special;
if (s == NULL) return NULL;
/* This allows for a fixed specified separator to be an iscntrl() character,
but at the time of implementation, this is never the case. However, it's best
to be conservative. */
while (isspace(*s) && *s != sep) s++;
/* A change of separator is permitted, so look for a leading '<' followed by an
allowed character. */
if (sep <= 0)
{
if (*s == '<' && (ispunct(s[1]) || iscntrl(s[1])))
{
sep = s[1];
s += 2;
while (isspace(*s) && *s != sep) s++;
}
else
{
sep = (sep == 0)? ':' : -sep;
}
*separator = sep;
}
/* An empty string has no list elements */
if (*s == 0) return NULL;
/* Note whether whether or not the separator is an iscntrl() character. */
sep_is_special = iscntrl(sep);
/* Handle the case when a buffer is provided. */
if (buffer != NULL)
{
int p = 0;
for (; *s != 0; s++)
{
if (*s == sep && (*(++s) != sep || sep_is_special)) break;
if (p < buflen - 1) buffer[p++] = *s;
}
while (p > 0 && isspace(buffer[p-1])) p--;
buffer[p] = 0;
}
/* Handle the case when a buffer is not provided. */
else
{
int size = 0;
int ptr = 0;
const uschar *ss;
/* We know that *s != 0 at this point. However, it might be pointing to a
separator, which could indicate an empty string, or (if an ispunct()
character) could be doubled to indicate a separator character as data at the
start of a string. Avoid getting working memory for an empty item. */
if (*s == sep)
{
s++;
if (*s != sep || sep_is_special)
{
*listptr = s;
return string_copy(US"");
}
}
/* Not an empty string; the first character is guaranteed to be a data
character. */
for (;;)
{
for (ss = s + 1; *ss != 0 && *ss != sep; ss++);
buffer = string_catn(buffer, &size, &ptr, s, ss-s);
s = ss;
if (*s == 0 || *(++s) != sep || sep_is_special) break;
}
while (ptr > 0 && isspace(buffer[ptr-1])) ptr--;
buffer[ptr] = 0;
}
/* Update the current pointer and return the new string */
*listptr = s;
return buffer;
}
