uschar *bmi_get_base64_verdict(uschar *bmi_local_part, uschar *bmi_domain) {
BmiError err;
BmiErrorLocation err_loc;
BmiErrorType err_type;
BmiVerdict *verdict = NULL;
const BmiRecipient *recipient = NULL;
const char *verdict_str = NULL;
uschar *verdict_ptr;
uschar *verdict_buffer = NULL;
int sep = 0;
/* return nothing if there are no verdicts available */
if (bmi_verdicts == NULL)
return NULL;
/* allocate room for the b64 verdict string */
verdict_buffer = store_get(Ustrlen(bmi_verdicts)+1);
/* loop through verdicts */
verdict_ptr = bmi_verdicts;
while ((verdict_str = (const char *)string_nextinlist(&verdict_ptr, &sep,
verdict_buffer,
Ustrlen(bmi_verdicts)+1)) != NULL) {
/* create verdict from base64 string */
err = bmiCreateVerdictFromStr(verdict_str, &verdict);
if (bmiErrorIsFatal(err) == BMI_TRUE) {
err_loc = bmiErrorGetLocation(err);
err_type = bmiErrorGetType(err);
log_write(0, LOG_PANIC,
"bmi error [loc %d type %d]: bmiCreateVerdictFromStr() failed. [%s]", (int)err_loc, (int)err_type, verdict_str);
return NULL;
};
/* loop through rcpts for this verdict */
for ( recipient = bmiVerdictAccessFirstRecipient(verdict);
recipient != NULL;
recipient = bmiVerdictAccessNextRecipient(verdict, recipient)) {
uschar *rcpt_local_part;
uschar *rcpt_domain;
/* compare address against our subject */
rcpt_local_part = (unsigned char *)bmiRecipientAccessAddress(recipient);
rcpt_domain = Ustrchr(rcpt_local_part,'@');
if (rcpt_domain == NULL) {
rcpt_domain = US"";
}
else {
*rcpt_domain = '\0';
rcpt_domain++;
};
if ( (strcmpic(rcpt_local_part, bmi_local_part) == 0) &&
(strcmpic(rcpt_domain, bmi_domain) == 0) ) {
/* found verdict */
bmiFreeVerdict(verdict);
return (uschar *)verdict_str;
};
};
bmiFreeVerdict(verdict);
};
return NULL;
}
/* Create a socket and connect to host (name or number, ipv6 ok)
at one of port-range.
Arguments:
type SOCK_DGRAM or SOCK_STREAM
af AF_INET6 or AF_INET for the socket type
address the remote address, in text form
portlo,porthi the remote port range
timeout a timeout
connhost if not NULL, host_item filled in with connection details
errstr pointer for allocated string on error
Return:
socket fd, or -1 on failure (having allocated an error string)
*/
int
ip_connectedsocket(int type, const uschar * hostname, int portlo, int porthi,
int timeout, host_item * connhost, uschar ** errstr)
{
int namelen, port;
host_item shost;
host_item *h;
int af = 0, fd, fd4 = -1, fd6 = -1;
shost.next = NULL;
shost.address = NULL;
shost.port = portlo;
shost.mx = -1;
namelen = Ustrlen(hostname);
/* Anything enclosed in [] must be an IP address. */
if (hostname[0] == '[' &&
hostname[namelen - 1] == ']')
{
uschar * host = string_copy(hostname);
host[namelen - 1] = 0;
host++;
if (string_is_ip_address(host, NULL) == 0)
{
*errstr = string_sprintf("malformed IP address \"%s\"", hostname);
return -1;
}
shost.name = shost.address = host;
}
/* Otherwise check for an unadorned IP address */
else if (string_is_ip_address(hostname, NULL) != 0)
shost.name = shost.address = string_copy(hostname);
/* Otherwise lookup IP address(es) from the name */
else
{
shost.name = string_copy(hostname);
if (host_find_byname(&shost, NULL, HOST_FIND_QUALIFY_SINGLE, NULL,
FALSE) != HOST_FOUND)
{
*errstr = string_sprintf("no IP address found for host %s", shost.name);
return -1;
}
}
/* Try to connect to the server - test each IP till one works */
for (h = &shost; h != NULL; h = h->next)
{
fd = (Ustrchr(h->address, ':') != 0)
? (fd6 < 0) ? (fd6 = ip_socket(type, af = AF_INET6)) : fd6
: (fd4 < 0) ? (fd4 = ip_socket(type, af = AF_INET )) : fd4;
if (fd < 0)
{
*errstr = string_sprintf("failed to create socket: %s", strerror(errno));
goto bad;
}
for(port = portlo; port <= porthi; port++)
if (ip_connect(fd, af, h->address, port, timeout) == 0)
{
if (fd != fd6) close(fd6);
if (fd != fd4) close(fd4);
if (connhost) {
h->port = port;
*connhost = *h;
connhost->next = NULL;
}
return fd;
}
}
*errstr = string_sprintf("failed to connect to any address for %s: %s",
hostname, strerror(errno));
bad:
close(fd4); close(fd6); return -1;
}
void read_log(void)
{
struct stat statdata;
uschar buffer[log_buffer_len];
/* If log is not yet open, skip all of this. */
if (LOG != NULL)
{
fseek(LOG, log_position, SEEK_SET);
while (Ufgets(buffer, log_buffer_len, LOG) != NULL)
{
uschar *id;
uschar *p = buffer;
void *reset_point;
int length = Ustrlen(buffer);
int i;
/* Skip totally blank lines (paranoia: there shouldn't be any) */
while (*p == ' ' || *p == '\t') p++;
if (*p == '\n') continue;
/* We should now have a complete log entry in the buffer; check
it for various regular expression matches and take appropriate
action. Get the current store point so we can reset to it. */
reset_point = store_get(0);
/* First, update any stripchart data values, noting that the zeroth
stripchart is the queue length, which is handled elsewhere, and the
1st may the a size monitor. */
for (i = stripchart_varstart; i < stripchart_number; i++)
{
if (pcre_exec(stripchart_regex[i], NULL, CS buffer, length, 0, PCRE_EOPT,
NULL, 0) >= 0)
stripchart_total[i]++;
}
/* Munge the log entry and display shortened form on one line.
We omit the date and show only the time. Remove any time zone offset.
Take note of the presence of [pid]. */
if (pcre_exec(yyyymmdd_regex,NULL,CS buffer,length,0,PCRE_EOPT,NULL,0) >= 0)
{
int pidlength = 0;
if ((buffer[20] == '+' || buffer[20] == '-') &&
isdigit(buffer[21]) && buffer[25] == ' ')
memmove(buffer + 20, buffer + 26, Ustrlen(buffer + 26) + 1);
if (buffer[20] == '[')
{
while (Ustrchr("[]0123456789", buffer[20+pidlength++]) != NULL);
}
id = string_copyn(buffer + 20 + pidlength, MESSAGE_ID_LENGTH);
show_log("%s", buffer+11);
}
else
{
id = US"";
show_log("%s", buffer);
}
/* Deal with frozen and unfrozen messages */
if (strstric(buffer, US"frozen", FALSE) != NULL)
{
queue_item *qq = find_queue(id, queue_noop, 0);
if (qq != NULL)
{
if (strstric(buffer, US"unfrozen", FALSE) != NULL)
qq->frozen = FALSE;
else qq->frozen = TRUE;
}
}
/* Notice defer messages, and add the destination if it
isn't already on the list for this message, with a pointer
to the parent if we can. */
if ((p = Ustrstr(buffer, "==")) != NULL)
{
queue_item *qq = find_queue(id, queue_noop, 0);
if (qq != NULL)
{
dest_item *d;
uschar *q, *r;
p += 2;
while (isspace(*p)) p++;
q = p;
while (*p != 0 && !isspace(*p))
{
if (*p++ != '\"') continue;
while (*p != 0)
{
if (*p == '\\') p += 2;
else if (*p++ == '\"') break;
}
}
*p++ = 0;
if ((r = strstric(q, qualify_domain, FALSE)) != NULL &&
*(--r) == '@') *r = 0;
/* If we already have this destination, as tested case-insensitively,
do not add it to the destinations list. */
d = find_dest(qq, q, dest_add, TRUE);
if (d->parent == NULL)
{
while (isspace(*p)) p++;
if (*p == '<')
{
dest_item *dd;
q = ++p;
while (*p != 0 && *p != '>') p++;
*p = 0;
if ((p = strstric(q, qualify_domain, FALSE)) != NULL &&
*(--p) == '@') *p = 0;
dd = find_dest(qq, q, dest_noop, FALSE);
if (dd != NULL && dd != d) d->parent = dd;
}
}
}
}
store_reset(reset_point);
}
}
/* We have to detect when the log file is changed, and switch to the new file.
In practice, for non-datestamped files, this means that some deliveries might
go unrecorded, since they'll be written to the old file, but this usually
happens in the middle of the night, and I don't think the hassle of keeping
track of two log files is worth it.
First we check the datestamped name of the log file if necessary; if it is
different to the file we currently have open, go for the new file. As happens
in Exim itself, we leave in the following inode check, even when datestamping
because it does no harm and will cope should a file actually be renamed for
some reason.
The test for a changed log file is to look up the inode of the file by name and
compare it with the saved inode of the file we currently are processing. This
accords with the usual interpretation of POSIX and other Unix specs that imply
"one file, one inode". However, it appears that on some Digital systems, if an
open file is unlinked, a new file may be created with the same inode while the
old file remains in existence. This can happen if the old log file is renamed,
processed in some way, and then deleted. To work round this, also test for a
link count of zero on the currently open file. */
if (log_datestamping)
{
uschar log_file_wanted[256];
string_format(log_file_wanted, sizeof(log_file_wanted), CS log_file);
if (Ustrcmp(log_file_wanted, log_file_open) != 0)
{
if (LOG != NULL)
{
fclose(LOG);
LOG = NULL;
}
Ustrcpy(log_file_open, log_file_wanted);
}
}
if (LOG == NULL ||
(fstat(fileno(LOG), &statdata) == 0 && statdata.st_nlink == 0) ||
(Ustat(log_file, &statdata) == 0 && log_inode != statdata.st_ino))
{
FILE *TEST;
/* Experiment shows that sometimes you can't immediately open
the new log file - presumably immediately after the old one
is renamed and before the new one exists. Therefore do a
trial open first to be sure. */
if ((TEST = fopen(CS log_file_open, "r")) != NULL)
{
if (LOG != NULL) fclose(LOG);
LOG = TEST;
fstat(fileno(LOG), &statdata);
log_inode = statdata.st_ino;
}
}
/* Save the position we have got to in the log. */
if (LOG != NULL) log_position = ftell(LOG);
}
static int
nisplus_find(void *handle, uschar *filename, uschar *query, int length,
uschar **result, uschar **errmsg, uint *do_cache)
{
int i;
int ssize = 0;
int offset = 0;
int error_error = FAIL;
uschar *field_name = NULL;
nis_result *nrt = NULL;
nis_result *nre = NULL;
nis_object *tno, *eno;
struct entry_obj *eo;
struct table_obj *ta;
uschar *p = query + length;
uschar *yield = NULL;
do_cache = do_cache; /* Placate picky compilers */
/* Search backwards for a colon to see if a result field name
has been given. */
while (p > query && p[-1] != ':') p--;
if (p > query)
{
field_name = p;
p[-1] = 0;
}
else p = query + length;
/* Now search backwards to find the comma that starts the
table name. */
while (p > query && p[-1] != ',') p--;
if (p <= query)
{
*errmsg = US"NIS+ query malformed";
error_error = DEFER;
goto NISPLUS_EXIT;
}
/* Look up the data for the table, in order to get the field names,
check that we got back a table, and set up pointers so the field
names can be scanned. */
nrt = nis_lookup(CS p, EXPAND_NAME | NO_CACHE);
if (nrt->status != NIS_SUCCESS)
{
*errmsg = string_sprintf("NIS+ error accessing %s table: %s", p,
nis_sperrno(nrt->status));
if (nrt->status != NIS_NOTFOUND && nrt->status != NIS_NOSUCHTABLE)
error_error = DEFER;
goto NISPLUS_EXIT;
}
tno = nrt->objects.objects_val;
if (tno->zo_data.zo_type != TABLE_OBJ)
{
*errmsg = string_sprintf("NIS+ error: %s is not a table", p);
goto NISPLUS_EXIT;
}
ta = &(tno->zo_data.objdata_u.ta_data);
/* Now look up the entry in the table, check that we got precisely one
object and that it is a table entry. */
nre = nis_list(CS query, EXPAND_NAME, NULL, NULL);
if (nre->status != NIS_SUCCESS)
{
*errmsg = string_sprintf("NIS+ error accessing entry %s: %s",
query, nis_sperrno(nre->status));
goto NISPLUS_EXIT;
}
if (nre->objects.objects_len > 1)
{
*errmsg = string_sprintf("NIS+ returned more than one object for %s",
query);
goto NISPLUS_EXIT;
}
else if (nre->objects.objects_len < 1)
{
*errmsg = string_sprintf("NIS+ returned no data for %s", query);
goto NISPLUS_EXIT;
}
eno = nre->objects.objects_val;
if (eno->zo_data.zo_type != ENTRY_OBJ)
{
*errmsg = string_sprintf("NIS+ error: %s is not an entry", query);
goto NISPLUS_EXIT;
}
/* Scan the columns in the entry and in the table. If a result field
was given, look for that field; otherwise concatenate all the fields
with their names. */
eo = &(eno->zo_data.objdata_u.en_data);
for (i = 0; i < eo->en_cols.en_cols_len; i++)
{
table_col *tc = ta->ta_cols.ta_cols_val + i;
entry_col *ec = eo->en_cols.en_cols_val + i;
int len = ec->ec_value.ec_value_len;
uschar *value = US ec->ec_value.ec_value_val;
/* The value may be NULL for a zero-length field. Turn this into an
empty string for consistency. Remove trailing whitespace and zero
bytes. */
if (value == NULL) value = US""; else
while (len > 0 && (value[len-1] == 0 || isspace(value[len-1])))
len--;
/* Concatenate all fields if no specific one selected */
if (field_name == NULL)
{
yield = string_cat(yield, &ssize, &offset,US tc->tc_name,
Ustrlen(tc->tc_name));
yield = string_cat(yield, &ssize, &offset, US"=", 1);
/* Quote the value if it contains spaces or is empty */
if (value[0] == 0 || Ustrchr(value, ' ') != NULL)
{
int j;
yield = string_cat(yield, &ssize, &offset, US"\"", 1);
for (j = 0; j < len; j++)
{
if (value[j] == '\"' || value[j] == '\\')
yield = string_cat(yield, &ssize, &offset, US"\\", 1);
yield = string_cat(yield, &ssize, &offset, value+j, 1);
}
yield = string_cat(yield, &ssize, &offset, US"\"", 1);
}
else yield = string_cat(yield, &ssize, &offset, value, len);
yield = string_cat(yield, &ssize, &offset, US" ", 1);
}
/* When the specified field is found, grab its data and finish */
else if (Ustrcmp(field_name, tc->tc_name) == 0)
{
yield = string_copyn(value, len);
goto NISPLUS_EXIT;
}
}
/* Error if a field name was specified and we didn't find it; if no
field name, ensure the concatenated data is zero-terminated. */
if (field_name != NULL)
*errmsg = string_sprintf("NIS+ field %s not found for %s", field_name,
query);
else
{
yield[offset] = 0;
store_reset(yield + offset + 1);
}
/* Restore the colon in the query, and free result store before
finishing. */
NISPLUS_EXIT:
if (field_name != NULL) field_name[-1] = ':';
if (nrt != NULL) nis_freeresult(nrt);
if (nre != NULL) nis_freeresult(nre);
if (yield != NULL)
{
*result = yield;
return OK;
}
return error_error; /* FAIL or DEFER */
}
static void ActOnMessage(uschar *id, uschar *action, uschar *address_arg)
{
int pid;
int pipe_fd[2];
int delivery = Ustrcmp(action + Ustrlen(action) - 2, "-M") == 0;
uschar *quote = US"";
uschar *at = US"";
uschar *qualify = US"";
uschar buffer[256];
queue_item *qq;
Widget text = NULL;
/* If the address arg is not empty and does not contain @ and there is a
qualify domain, qualify it. (But don't qualify '<>'.)*/
if (address_arg[0] != 0)
{
quote = US"\'";
if (Ustrchr(address_arg, '@') == NULL &&
Ustrcmp(address_arg, "<>") != 0 &&
qualify_domain != NULL &&
qualify_domain[0] != 0)
{
at = US"@";
qualify = qualify_domain;
}
}
sprintf(CS buffer, "%s %s %s %s %s %s%s%s%s%s", exim_path,
(alternate_config == NULL)? US"" : US"-C",
(alternate_config == NULL)? US"" : alternate_config,
action, id, quote, address_arg, at, qualify, quote);
/* If we know we are going to need the window, create it now. */
if (action_output || delivery)
{
text = text_create(id, text_depth);
text_showf(text, "%s\n", buffer);
}
/* Create the pipe for output. Remember, on most systems pipe[0] is
for reading and pipe[1] is for writing! Solaris, with its two-way
pipes is a trap! */
if (pipe(pipe_fd) != 0)
{
if (text == NULL)
{
text = text_create(id, text_depth);
text_showf(text, "%s\n", buffer);
}
text_show(text, US"*** Failed to create pipe ***\n");
return;
}
if ( fcntl(pipe_fd[0], F_SETFL, O_NONBLOCK)
|| fcntl(pipe_fd[1], F_SETFL, O_NONBLOCK))
{
perror("set nonblocking on pipe");
exit(1);
}
/* Delivering a message can take some time, and we want to show the
output as it goes along. This requires subprocesses and is coded below. For
other commands, we can assume an immediate response, and so need not waste
resources with subprocesses. If action_output is FALSE, don't show the
output at all. */
if (!delivery)
{
int count, rc;
int save_stdout = dup(1);
int save_stderr = dup(2);
close(1);
close(2);
dup2(pipe_fd[1], 1);
dup2(pipe_fd[1], 2);
close(pipe_fd[1]);
rc = system(CS buffer);
close(1);
close(2);
if (action_output || rc != 0)
{
if (text == NULL)
{
text = text_create(id, text_depth);
text_showf(text, "%s\n", buffer);
}
while ((count = read(pipe_fd[0], buffer, 254)) > 0)
{
buffer[count] = 0;
text_show(text, buffer);
}
}
close(pipe_fd[0]);
dup2(save_stdout, 1);
dup2(save_stderr, 2);
close(save_stdout);
close(save_stderr);
/* If action was to change the sender, and it succeeded, we have to
update the in-store data. */
if (rc == 0 && Ustrcmp(action + Ustrlen(action) - 4, "-Mes") == 0)
{
queue_item *q = find_queue(id, queue_noop, 0);
if (q)
{
if (q->sender) store_free(q->sender);
q->sender = store_malloc(Ustrlen(address_arg) + 1);
Ustrcpy(q->sender, address_arg);
}
}
/* If configured, cause a display update and return */
if (action_queue_update) tick_queue_accumulator = 999999;
return;
}
/* Message is to be delivered. Ensure that it is marked unfrozen,
because nothing will get written to the log to show that this has
happened. (Other freezing/unfreezings get logged and picked up from
there.) */
qq = find_queue(id, queue_noop, 0);
if (qq != NULL) qq->frozen = FALSE;
/* New, asynchronous code runs in a subprocess for commands that
will take some time. The main process does not wait. There is a
SIGCHLD handler in the main program that cleans up any terminating
sub processes. */
if ((pid = fork()) == 0)
{
close(1);
close(2);
dup2(pipe_fd[1], 1);
dup2(pipe_fd[1], 2);
close(pipe_fd[1]);
system(CS buffer);
close(1);
close(2);
close(pipe_fd[0]);
_exit(0);
}
/* Main process - set up an item for the main ticker to watch. */
if (pid < 0) text_showf(text, "Failed to fork: %s\n", strerror(errno)); else
{
pipe_item *p = (pipe_item *)store_malloc(sizeof(pipe_item));
if (p == NULL)
{
text_show(text, US"Run out of store\n");
return;
}
p->widget = text;
p->fd = pipe_fd[0];
p->next = pipe_chain;
pipe_chain = p;
close(pipe_fd[1]);
}
}
void
dns_build_reverse(const uschar *string, uschar *buffer)
{
const uschar *p = string + Ustrlen(string);
uschar *pp = buffer;
/* Handle IPv4 address */
#if HAVE_IPV6
if (Ustrchr(string, ':') == NULL)
#endif
{
int i;
for (i = 0; i < 4; i++)
{
const uschar *ppp = p;
while (ppp > string && ppp[-1] != '.') ppp--;
Ustrncpy(pp, ppp, p - ppp);
pp += p - ppp;
*pp++ = '.';
p = ppp - 1;
}
Ustrcpy(pp, "in-addr.arpa");
}
/* Handle IPv6 address; convert to binary so as to fill out any
abbreviation in the textual form. */
#if HAVE_IPV6
else
{
int i;
int v6[4];
(void)host_aton(string, v6);
/* The original specification for IPv6 reverse lookup was to invert each
nibble, and look in the ip6.int domain. The domain was subsequently
changed to ip6.arpa. */
for (i = 3; i >= 0; i--)
{
int j;
for (j = 0; j < 32; j += 4)
{
sprintf(CS pp, "%x.", (v6[i] >> j) & 15);
pp += 2;
}
}
Ustrcpy(pp, "ip6.arpa.");
/* Another way of doing IPv6 reverse lookups was proposed in conjunction
with A6 records. However, it fell out of favour when they did. The
alternative was to construct a binary key, and look in ip6.arpa. I tried
to make this code do that, but I could not make it work on Solaris 8. The
resolver seems to lose the initial backslash somehow. However, now that
this style of reverse lookup has been dropped, it doesn't matter. These
lines are left here purely for historical interest. */
/**************************************************
Ustrcpy(pp, "\\[x");
pp += 3;
for (i = 0; i < 4; i++)
{
sprintf(pp, "%08X", v6[i]);
pp += 8;
}
Ustrcpy(pp, "].ip6.arpa.");
**************************************************/
}
#endif
}
int
lf_sqlperform(const uschar *name, const uschar *optionname,
const uschar *optserverlist, const uschar *query,
uschar **result, uschar **errmsg, BOOL *do_cache,
int(*fn)(const uschar *, uschar *, uschar **, uschar **, BOOL *, BOOL *))
{
int sep, rc;
uschar *server;
const uschar *serverlist;
uschar buffer[512];
BOOL defer_break = FALSE;
DEBUG(D_lookup) debug_printf("%s query: %s\n", name, query);
/* Handle queries that do not have server information at the start. */
if (Ustrncmp(query, "servers", 7) != 0)
{
sep = 0;
serverlist = optserverlist;
while ((server = string_nextinlist(&serverlist, &sep, buffer,
sizeof(buffer))) != NULL)
{
rc = (*fn)(query, server, result, errmsg, &defer_break, do_cache);
if (rc != DEFER || defer_break) return rc;
}
if (optserverlist == NULL)
*errmsg = string_sprintf("no %s servers defined (%s option)", name,
optionname);
}
/* Handle queries that do have server information at the start. */
else
{
int qsep;
const uschar *s, *ss;
const uschar *qserverlist;
uschar *qserver;
uschar qbuffer[512];
s = query + 7;
while (isspace(*s)) s++;
if (*s++ != '=')
{
*errmsg = string_sprintf("missing = after \"servers\" in %s lookup", name);
return DEFER;
}
while (isspace(*s)) s++;
ss = Ustrchr(s, ';');
if (ss == NULL)
{
*errmsg = string_sprintf("missing ; after \"servers=\" in %s lookup",
name);
return DEFER;
}
if (ss == s)
{
*errmsg = string_sprintf("\"servers=\" defines no servers in \"%s\"",
query);
return DEFER;
}
qserverlist = string_sprintf("%.*s", ss - s, s);
qsep = 0;
while ((qserver = string_nextinlist(&qserverlist, &qsep, qbuffer,
sizeof(qbuffer))) != NULL)
{
if (Ustrchr(qserver, '/') != NULL)
server = qserver;
else
{
int len = Ustrlen(qserver);
sep = 0;
serverlist = optserverlist;
while ((server = string_nextinlist(&serverlist, &sep, buffer,
sizeof(buffer))) != NULL)
{
if (Ustrncmp(server, qserver, len) == 0 && server[len] == '/')
break;
}
if (server == NULL)
{
*errmsg = string_sprintf("%s server \"%s\" not found in %s", name,
qserver, optionname);
return DEFER;
}
}
rc = (*fn)(ss+1, server, result, errmsg, &defer_break, do_cache);
if (rc != DEFER || defer_break) return rc;
}
}
return DEFER;
}
static int
perform_mysql_search(const uschar *query, uschar *server, uschar **resultptr,
uschar **errmsg, BOOL *defer_break, BOOL *do_cache)
{
MYSQL *mysql_handle = NULL; /* Keep compilers happy */
MYSQL_RES *mysql_result = NULL;
MYSQL_ROW mysql_row_data;
MYSQL_FIELD *fields;
int i;
int ssize = 0;
int offset = 0;
int yield = DEFER;
unsigned int num_fields;
uschar *result = NULL;
mysql_connection *cn;
uschar *server_copy = NULL;
uschar *sdata[4];
/* Disaggregate the parameters from the server argument. The order is host,
database, user, password. We can write to the string, since it is in a
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */
for (i = 3; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (pp == NULL)
{
*errmsg = string_sprintf("incomplete MySQL server data: %s",
(i == 3)? server : server_copy);
*defer_break = TRUE;
return DEFER;
}
*pp++ = 0;
sdata[i] = pp;
if (i == 3) server_copy = string_copy(server); /* sans password */
}
sdata[0] = server; /* What's left at the start */
/* See if we have a cached connection to the server */
for (cn = mysql_connections; cn != NULL; cn = cn->next)
{
if (Ustrcmp(cn->server, server_copy) == 0)
{
mysql_handle = cn->handle;
break;
}
}
/* If no cached connection, we must set one up. Mysql allows for a host name
and port to be specified. It also allows the name of a Unix socket to be used.
Unfortunately, this contains slashes, but its use is expected to be rare, so
the rather cumbersome syntax shouldn't inconvenience too many people. We use
this: host:port(socket) where all the parts are optional. */
if (cn == NULL)
{
uschar *p;
uschar *socket = NULL;
int port = 0;
if ((p = Ustrchr(sdata[0], '(')) != NULL)
{
*p++ = 0;
socket = p;
while (*p != 0 && *p != ')') p++;
*p = 0;
}
if ((p = Ustrchr(sdata[0], ':')) != NULL)
{
*p++ = 0;
port = Uatoi(p);
}
if (Ustrchr(sdata[0], '/') != NULL)
{
*errmsg = string_sprintf("unexpected slash in MySQL server hostname: %s",
sdata[0]);
*defer_break = TRUE;
return DEFER;
}
/* If the database is the empty string, set it NULL - the query must then
define it. */
if (sdata[1][0] == 0) sdata[1] = NULL;
DEBUG(D_lookup)
debug_printf("MYSQL new connection: host=%s port=%d socket=%s "
"database=%s user=%s\n", sdata[0], port, socket, sdata[1], sdata[2]);
/* Get store for a new handle, initialize it, and connect to the server */
mysql_handle = store_get(sizeof(MYSQL));
mysql_init(mysql_handle);
if (mysql_real_connect(mysql_handle,
/* host user passwd database */
CS sdata[0], CS sdata[2], CS sdata[3], CS sdata[1],
port, CS socket, CLIENT_MULTI_RESULTS) == NULL)
{
*errmsg = string_sprintf("MYSQL connection failed: %s",
mysql_error(mysql_handle));
*defer_break = FALSE;
goto MYSQL_EXIT;
}
/* Add the connection to the cache */
cn = store_get(sizeof(mysql_connection));
cn->server = server_copy;
cn->handle = mysql_handle;
cn->next = mysql_connections;
mysql_connections = cn;
}
/* Else use a previously cached connection */
else
{
DEBUG(D_lookup)
debug_printf("MYSQL using cached connection for %s\n", server_copy);
}
/* Run the query */
if (mysql_query(mysql_handle, CS query) != 0)
{
*errmsg = string_sprintf("MYSQL: query failed: %s\n",
mysql_error(mysql_handle));
*defer_break = FALSE;
goto MYSQL_EXIT;
}
/* Pick up the result. If the query was not of the type that returns data,
namely INSERT, UPDATE, or DELETE, an error occurs here. However, this situation
can be detected by calling mysql_field_count(). If its result is zero, no data
was expected (this is all explained clearly in the MySQL manual). In this case,
we return the number of rows affected by the command. In this event, we do NOT
want to cache the result; also the whole cache for the handle must be cleaned
up. Setting do_cache FALSE requests this. */
if ((mysql_result = mysql_use_result(mysql_handle)) == NULL)
{
if ( mysql_field_count(mysql_handle) == 0 )
{
DEBUG(D_lookup) debug_printf("MYSQL: query was not one that returns data\n");
result = string_sprintf("%d", mysql_affected_rows(mysql_handle));
*do_cache = FALSE;
goto MYSQL_EXIT;
}
*errmsg = string_sprintf("MYSQL: lookup result failed: %s\n",
mysql_error(mysql_handle));
*defer_break = FALSE;
goto MYSQL_EXIT;
}
/* Find the number of fields returned. If this is one, we don't add field
names to the data. Otherwise we do. */
num_fields = mysql_num_fields(mysql_result);
/* Get the fields and construct the result string. If there is more than one
row, we insert '\n' between them. */
fields = mysql_fetch_fields(mysql_result);
while ((mysql_row_data = mysql_fetch_row(mysql_result)) != NULL)
{
unsigned long *lengths = mysql_fetch_lengths(mysql_result);
if (result != NULL)
result = string_cat(result, &ssize, &offset, US"\n", 1);
if (num_fields == 1)
{
if (mysql_row_data[0] != NULL) /* NULL value yields nothing */
result = string_cat(result, &ssize, &offset, US mysql_row_data[0],
lengths[0]);
}
else for (i = 0; i < num_fields; i++)
{
result = lf_quote(US fields[i].name, US mysql_row_data[i], lengths[i],
result, &ssize, &offset);
}
}
/* more results? -1 = no, >0 = error, 0 = yes (keep looping)
This is needed because of the CLIENT_MULTI_RESULTS on mysql_real_connect(),
we don't expect any more results. */
while((i = mysql_next_result(mysql_handle)) >= 0) {
if(i == 0) { /* Just ignore more results */
DEBUG(D_lookup) debug_printf("MYSQL: got unexpected more results\n");
continue;
}
*errmsg = string_sprintf("MYSQL: lookup result error when checking for more results: %s\n",
mysql_error(mysql_handle));
goto MYSQL_EXIT;
}
/* If result is NULL then no data has been found and so we return FAIL.
Otherwise, we must terminate the string which has been built; string_cat()
always leaves enough room for a terminating zero. */
if (result == NULL)
{
yield = FAIL;
*errmsg = US"MYSQL: no data found";
}
else
{
result[offset] = 0;
store_reset(result + offset + 1);
}
/* Get here by goto from various error checks and from the case where no data
was read (e.g. an update query). */
MYSQL_EXIT:
/* Free mysal store for any result that was got; don't close the connection, as
it is cached. */
if (mysql_result != NULL) mysql_free_result(mysql_result);
/* Non-NULL result indicates a sucessful result */
if (result != NULL)
{
*resultptr = result;
return OK;
}
else
{
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return yield; /* FAIL or DEFER */
}
}
static pdkim_pubkey *
pdkim_parse_pubkey_record(pdkim_ctx *ctx, const uschar *raw_record)
{
pdkim_pubkey *pub;
const uschar *p;
uschar * cur_tag = NULL; int ts = 0, tl = 0;
uschar * cur_val = NULL; int vs = 0, vl = 0;
int where = PDKIM_HDR_LIMBO;
pub = store_get(sizeof(pdkim_pubkey));
memset(pub, 0, sizeof(pdkim_pubkey));
for (p = raw_record; ; p++)
{
char c = *p;
/* Ignore FWS */
if (c == '\r' || c == '\n')
goto NEXT_CHAR;
if (where == PDKIM_HDR_LIMBO)
{
/* In limbo, just wait for a tag-char to appear */
if (!(c >= 'a' && c <= 'z'))
goto NEXT_CHAR;
where = PDKIM_HDR_TAG;
}
if (where == PDKIM_HDR_TAG)
{
if (c >= 'a' && c <= 'z')
cur_tag = string_catn(cur_tag, &ts, &tl, p, 1);
if (c == '=')
{
cur_tag[tl] = '\0';
where = PDKIM_HDR_VALUE;
goto NEXT_CHAR;
}
}
if (where == PDKIM_HDR_VALUE)
{
if (c == ';' || c == '\0')
{
if (tl && vl)
{
cur_val[vl] = '\0';
pdkim_strtrim(cur_val);
DEBUG(D_acl) debug_printf(" %s=%s\n", cur_tag, cur_val);
switch (cur_tag[0])
{
case 'v':
/* This tag isn't evaluated because:
- We only support version DKIM1.
- Which is the default for this value (set below)
- Other versions are currently not specified. */
break;
case 'h':
case 'k':
pub->hashes = string_copy(cur_val); break;
case 'g':
pub->granularity = string_copy(cur_val); break;
case 'n':
pub->notes = pdkim_decode_qp(cur_val); break;
case 'p':
pdkim_decode_base64(US cur_val, &pub->key);
break;
case 's':
pub->srvtype = string_copy(cur_val); break;
case 't':
if (Ustrchr(cur_val, 'y') != NULL) pub->testing = 1;
if (Ustrchr(cur_val, 's') != NULL) pub->no_subdomaining = 1;
break;
default:
DEBUG(D_acl) debug_printf(" Unknown tag encountered\n");
break;
}
}
tl = 0;
vl = 0;
where = PDKIM_HDR_LIMBO;
}
else
cur_val = string_catn(cur_val, &vs, &vl, p, 1);
}
NEXT_CHAR:
if (c == '\0') break;
}
/* Set fallback defaults */
if (!pub->version ) pub->version = string_copy(PDKIM_PUB_RECORD_VERSION);
if (!pub->granularity) pub->granularity = string_copy(US"*");
if (!pub->keytype ) pub->keytype = string_copy(US"rsa");
if (!pub->srvtype ) pub->srvtype = string_copy(US"*");
/* p= is required */
if (pub->key.data)
return pub;
return NULL;
}
static int
perform_ldap_search(uschar *ldap_url, uschar *server, int s_port, int search_type,
uschar **res, uschar **errmsg, BOOL *defer_break, uschar *user, uschar *password,
int sizelimit, int timelimit, int tcplimit, int dereference, void *referrals)
{
LDAPURLDesc *ludp = NULL;
LDAPMessage *result = NULL;
BerElement *ber;
LDAP_CONNECTION *lcp;
struct timeval timeout;
struct timeval *timeoutptr = NULL;
uschar *attr;
uschar **attrp;
uschar *data = NULL;
uschar *dn = NULL;
uschar *host;
uschar **values;
uschar **firstval;
uschar porttext[16];
uschar *error1 = NULL; /* string representation of errcode (static) */
uschar *error2 = NULL; /* error message from the server */
uschar *matched = NULL; /* partially matched DN */
int attr_count = 0;
int error_yield = DEFER;
int msgid;
int rc, ldap_rc, ldap_parse_rc;
int port;
int ptr = 0;
int rescount = 0;
int size = 0;
BOOL attribute_found = FALSE;
BOOL ldapi = FALSE;
DEBUG(D_lookup)
debug_printf("perform_ldap_search: ldap%s URL = \"%s\" server=%s port=%d "
"sizelimit=%d timelimit=%d tcplimit=%d\n",
(search_type == SEARCH_LDAP_MULTIPLE)? "m" :
(search_type == SEARCH_LDAP_DN)? "dn" :
(search_type == SEARCH_LDAP_AUTH)? "auth" : "",
ldap_url, server, s_port, sizelimit, timelimit, tcplimit);
/* Check if LDAP thinks the URL is a valid LDAP URL. We assume that if the LDAP
library that is in use doesn't recognize, say, "ldapi", it will barf here. */
if (!ldap_is_ldap_url(CS ldap_url))
{
*errmsg = string_sprintf("ldap_is_ldap_url: not an LDAP url \"%s\"\n",
ldap_url);
goto RETURN_ERROR_BREAK;
}
/* Parse the URL */
if ((rc = ldap_url_parse(CS ldap_url, &ludp)) != 0)
{
*errmsg = string_sprintf("ldap_url_parse: (error %d) parsing \"%s\"\n", rc,
ldap_url);
goto RETURN_ERROR_BREAK;
}
/* If the host name is empty, take it from the separate argument, if one is
given. OpenLDAP 2.0.6 sets an unset hostname to "" rather than empty, but
expects NULL later in ldap_init() to mean "default", annoyingly. In OpenLDAP
2.0.11 this has changed (it uses NULL). */
if ((ludp->lud_host == NULL || ludp->lud_host[0] == 0) && server != NULL)
{
host = server;
port = s_port;
}
else
{
host = US ludp->lud_host;
if (host != NULL && host[0] == 0) host = NULL;
port = ludp->lud_port;
}
DEBUG(D_lookup) debug_printf("after ldap_url_parse: host=%s port=%d\n",
host, port);
if (port == 0) port = LDAP_PORT; /* Default if none given */
sprintf(CS porttext, ":%d", port); /* For messages */
/* If the "host name" is actually a path, we are going to connect using a Unix
socket, regardless of whether "ldapi" was actually specified or not. This means
that a Unix socket can be declared in eldap_default_servers, and "traditional"
LDAP queries using just "ldap" can be used ("ldaps" is similarly overridden).
The path may start with "/" or it may already be escaped as "%2F" if it was
actually declared that way in eldap_default_servers. (I did it that way the
first time.) If the host name is not a path, the use of "ldapi" causes an
error, except in the default case. (But lud_scheme doesn't seem to exist in
older libraries.) */
if (host != NULL)
{
if ((host[0] == '/' || Ustrncmp(host, "%2F", 3) == 0))
{
ldapi = TRUE;
porttext[0] = 0; /* Remove port from messages */
}
#if defined LDAP_LIB_OPENLDAP2
else if (strncmp(ludp->lud_scheme, "ldapi", 5) == 0)
{
*errmsg = string_sprintf("ldapi requires an absolute path (\"%s\" given)",
host);
goto RETURN_ERROR;
}
#endif
}
/* Count the attributes; we need this later to tell us how to format results */
for (attrp = USS ludp->lud_attrs; attrp != NULL && *attrp != NULL; attrp++)
attr_count++;
/* See if we can find a cached connection to this host. The port is not
relevant for ldapi. The host name pointer is set to NULL if no host was given
(implying the library default), rather than to the empty string. Note that in
this case, there is no difference between ldap and ldapi. */
for (lcp = ldap_connections; lcp != NULL; lcp = lcp->next)
{
if ((host == NULL) != (lcp->host == NULL) ||
(host != NULL && strcmpic(lcp->host, host) != 0))
continue;
if (ldapi || port == lcp->port) break;
}
/* Use this network timeout in any requests. */
if (tcplimit > 0)
{
timeout.tv_sec = tcplimit;
timeout.tv_usec = 0;
timeoutptr = &timeout;
}
/* If no cached connection found, we must open a connection to the server. If
the server name is actually an absolute path, we set ldapi=TRUE above. This
requests connection via a Unix socket. However, as far as I know, only OpenLDAP
supports the use of sockets, and the use of ldap_initialize(). */
if (lcp == NULL)
{
LDAP *ld;
/* --------------------------- OpenLDAP ------------------------ */
/* There seems to be a preference under OpenLDAP for ldap_initialize()
instead of ldap_init(), though I have as yet been unable to find
documentation that says this. (OpenLDAP documentation is sparse to
non-existent). So we handle OpenLDAP differently here. Also, support for
ldapi seems to be OpenLDAP-only at present. */
#ifdef LDAP_LIB_OPENLDAP2
/* We now need an empty string for the default host. Get some store in which
to build a URL for ldap_initialize(). In the ldapi case, it can't be bigger
than (9 + 3*Ustrlen(shost)), whereas in the other cases it can't be bigger
than the host name + "ldaps:///" plus : and a port number, say 20 + the
length of the host name. What we get should accommodate both, easily. */
uschar *shost = (host == NULL)? US"" : host;
uschar *init_url = store_get(20 + 3 * Ustrlen(shost));
uschar *init_ptr;
/* Handle connection via Unix socket ("ldapi"). We build a basic LDAP URI to
contain the path name, with slashes escaped as %2F. */
if (ldapi)
{
int ch;
init_ptr = init_url + 8;
Ustrcpy(init_url, "ldapi://");
while ((ch = *shost++) != 0)
{
if (ch == '/')
{
Ustrncpy(init_ptr, "%2F", 3);
init_ptr += 3;
}
else *init_ptr++ = ch;
}
*init_ptr = 0;
}
/* This is not an ldapi call. Just build a URI with the protocol type, host
name, and port. */
else
{
init_ptr = Ustrchr(ldap_url, '/');
Ustrncpy(init_url, ldap_url, init_ptr - ldap_url);
init_ptr = init_url + (init_ptr - ldap_url);
sprintf(CS init_ptr, "//%s:%d/", shost, port);
}
/* Call ldap_initialize() and check the result */
DEBUG(D_lookup) debug_printf("ldap_initialize with URL %s\n", init_url);
rc = ldap_initialize(&ld, CS init_url);
if (rc != LDAP_SUCCESS)
{
*errmsg = string_sprintf("ldap_initialize: (error %d) URL \"%s\"\n",
rc, init_url);
goto RETURN_ERROR;
}
store_reset(init_url); /* Might as well save memory when we can */
/* ------------------------- Not OpenLDAP ---------------------- */
/* For libraries other than OpenLDAP, use ldap_init(). */
#else /* LDAP_LIB_OPENLDAP2 */
ld = ldap_init(CS host, port);
#endif /* LDAP_LIB_OPENLDAP2 */
/* -------------------------------------------------------------- */
/* Handle failure to initialize */
if (ld == NULL)
{
*errmsg = string_sprintf("failed to initialize for LDAP server %s%s - %s",
host, porttext, strerror(errno));
goto RETURN_ERROR;
}
/* Set the TCP connect time limit if available. This is something that is
in Netscape SDK v4.1; I don't know about other libraries. */
#ifdef LDAP_X_OPT_CONNECT_TIMEOUT
if (tcplimit > 0)
{
int timeout1000 = tcplimit*1000;
ldap_set_option(ld, LDAP_X_OPT_CONNECT_TIMEOUT, (void *)&timeout1000);
}
else
{
int notimeout = LDAP_X_IO_TIMEOUT_NO_TIMEOUT;
ldap_set_option(ld, LDAP_X_OPT_CONNECT_TIMEOUT, (void *)¬imeout);
}
#endif
/* Set the TCP connect timeout. This works with OpenLDAP 2.2.14. */
#ifdef LDAP_OPT_NETWORK_TIMEOUT
if (tcplimit > 0)
ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, (void *)timeoutptr);
#endif
/* I could not get TLS to work until I set the version to 3. That version
seems to be the default nowadays. The RFC is dated 1997, so I would hope
that all the LDAP libraries support it. Therefore, if eldap_version hasn't
been set, go for v3 if we can. */
if (eldap_version < 0)
{
#ifdef LDAP_VERSION3
eldap_version = LDAP_VERSION3;
#else
eldap_version = 2;
#endif
}
#ifdef LDAP_OPT_PROTOCOL_VERSION
ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, (void *)&eldap_version);
#endif
DEBUG(D_lookup) debug_printf("initialized for LDAP (v%d) server %s%s\n",
eldap_version, host, porttext);
/* If not using ldapi and TLS is available, set appropriate TLS options: hard
for "ldaps" and soft otherwise. */
#ifdef LDAP_OPT_X_TLS
if (!ldapi)
{
int tls_option;
if (strncmp(ludp->lud_scheme, "ldaps", 5) == 0)
{
tls_option = LDAP_OPT_X_TLS_HARD;
DEBUG(D_lookup) debug_printf("LDAP_OPT_X_TLS_HARD set\n");
}
else
{
tls_option = LDAP_OPT_X_TLS_TRY;
DEBUG(D_lookup) debug_printf("LDAP_OPT_X_TLS_TRY set\n");
}
ldap_set_option(ld, LDAP_OPT_X_TLS, (void *)&tls_option);
}
#endif /* LDAP_OPT_X_TLS */
#ifdef LDAP_OPT_X_TLS_CACERTFILE
if (eldap_ca_cert_file != NULL)
{
ldap_set_option(ld, LDAP_OPT_X_TLS_CACERTFILE, eldap_ca_cert_file);
}
#endif
#ifdef LDAP_OPT_X_TLS_CACERTDIR
if (eldap_ca_cert_dir != NULL)
{
ldap_set_option(ld, LDAP_OPT_X_TLS_CACERTDIR, eldap_ca_cert_dir);
}
#endif
#ifdef LDAP_OPT_X_TLS_CERTFILE
if (eldap_cert_file != NULL)
{
ldap_set_option(ld, LDAP_OPT_X_TLS_CERTFILE, eldap_cert_file);
}
#endif
#ifdef LDAP_OPT_X_TLS_KEYFILE
if (eldap_cert_key != NULL)
{
ldap_set_option(ld, LDAP_OPT_X_TLS_KEYFILE, eldap_cert_key);
}
#endif
#ifdef LDAP_OPT_X_TLS_CIPHER_SUITE
if (eldap_cipher_suite != NULL)
{
ldap_set_option(ld, LDAP_OPT_X_TLS_CIPHER_SUITE, eldap_cipher_suite);
}
#endif
#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
if (eldap_require_cert != NULL)
{
int cert_option = LDAP_OPT_X_TLS_NEVER;
if (Ustrcmp(eldap_require_cert, "hard") == 0)
{
cert_option = LDAP_OPT_X_TLS_HARD;
}
else if (Ustrcmp(eldap_require_cert, "demand") == 0)
{
cert_option = LDAP_OPT_X_TLS_DEMAND;
}
else if (Ustrcmp(eldap_require_cert, "allow") == 0)
{
cert_option = LDAP_OPT_X_TLS_ALLOW;
}
else if (Ustrcmp(eldap_require_cert, "try") == 0)
{
cert_option = LDAP_OPT_X_TLS_TRY;
}
ldap_set_option(ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &cert_option);
}
#endif
/* Now add this connection to the chain of cached connections */
lcp = store_get(sizeof(LDAP_CONNECTION));
lcp->host = (host == NULL)? NULL : string_copy(host);
lcp->bound = FALSE;
lcp->user = NULL;
lcp->password = NULL;
lcp->port = port;
lcp->ld = ld;
lcp->next = ldap_connections;
ldap_connections = lcp;
}
/* Found cached connection */
else
{
DEBUG(D_lookup)
debug_printf("re-using cached connection to LDAP server %s%s\n",
host, porttext);
}
/* Bind with the user/password supplied, or an anonymous bind if these values
are NULL, unless a cached connection is already bound with the same values. */
if (!lcp->bound ||
(lcp->user == NULL && user != NULL) ||
(lcp->user != NULL && user == NULL) ||
(lcp->user != NULL && user != NULL && Ustrcmp(lcp->user, user) != 0) ||
(lcp->password == NULL && password != NULL) ||
(lcp->password != NULL && password == NULL) ||
(lcp->password != NULL && password != NULL &&
Ustrcmp(lcp->password, password) != 0))
{
DEBUG(D_lookup) debug_printf("%sbinding with user=%s password=%s\n",
(lcp->bound)? "re-" : "", user, password);
#ifdef LDAP_OPT_X_TLS
/* The Oracle LDAP libraries (LDAP_LIB_TYPE=SOLARIS) don't support this: */
if (eldap_start_tls)
{
ldap_start_tls_s(lcp->ld, NULL, NULL);
}
#endif
if ((msgid = ldap_bind(lcp->ld, CS user, CS password, LDAP_AUTH_SIMPLE))
== -1)
{
*errmsg = string_sprintf("failed to bind the LDAP connection to server "
"%s%s - ldap_bind() returned -1", host, porttext);
goto RETURN_ERROR;
}
if ((rc = ldap_result( lcp->ld, msgid, 1, timeoutptr, &result )) <= 0)
{
*errmsg = string_sprintf("failed to bind the LDAP connection to server "
"%s%s - LDAP error: %s", host, porttext,
rc == -1 ? "result retrieval failed" : "timeout" );
result = NULL;
goto RETURN_ERROR;
}
rc = ldap_result2error( lcp->ld, result, 0 );
/* Invalid credentials when just checking credentials returns FAIL. This
stops any further servers being tried. */
if (search_type == SEARCH_LDAP_AUTH && rc == LDAP_INVALID_CREDENTIALS)
{
DEBUG(D_lookup)
debug_printf("Invalid credentials: ldapauth returns FAIL\n");
error_yield = FAIL;
goto RETURN_ERROR_NOMSG;
}
/* Otherwise we have a problem that doesn't stop further servers from being
tried. */
if (rc != LDAP_SUCCESS)
{
*errmsg = string_sprintf("failed to bind the LDAP connection to server "
"%s%s - LDAP error %d: %s", host, porttext, rc, ldap_err2string(rc));
goto RETURN_ERROR;
}
/* Successful bind */
lcp->bound = TRUE;
lcp->user = (user == NULL)? NULL : string_copy(user);
lcp->password = (password == NULL)? NULL : string_copy(password);
ldap_msgfree(result);
result = NULL;
}
/* If we are just checking credentials, return OK. */
if (search_type == SEARCH_LDAP_AUTH)
{
DEBUG(D_lookup) debug_printf("Bind succeeded: ldapauth returns OK\n");
goto RETURN_OK;
}
/* Before doing the search, set the time and size limits (if given). Here again
the different implementations of LDAP have chosen to do things differently. */
#if defined(LDAP_OPT_SIZELIMIT)
ldap_set_option(lcp->ld, LDAP_OPT_SIZELIMIT, (void *)&sizelimit);
ldap_set_option(lcp->ld, LDAP_OPT_TIMELIMIT, (void *)&timelimit);
#else
lcp->ld->ld_sizelimit = sizelimit;
lcp->ld->ld_timelimit = timelimit;
#endif
/* Similarly for dereferencing aliases. Don't know if this is possible on
an LDAP library without LDAP_OPT_DEREF. */
#if defined(LDAP_OPT_DEREF)
ldap_set_option(lcp->ld, LDAP_OPT_DEREF, (void *)&dereference);
#endif
/* Similarly for the referral setting; should the library follow referrals that
the LDAP server returns? The conditional is just in case someone uses a library
without it. */
#if defined(LDAP_OPT_REFERRALS)
ldap_set_option(lcp->ld, LDAP_OPT_REFERRALS, referrals);
#endif
/* Start the search on the server. */
DEBUG(D_lookup) debug_printf("Start search\n");
msgid = ldap_search(lcp->ld, ludp->lud_dn, ludp->lud_scope, ludp->lud_filter,
ludp->lud_attrs, 0);
if (msgid == -1)
{
#if defined LDAP_LIB_SOLARIS || defined LDAP_LIB_OPENLDAP2
int err;
ldap_get_option(lcp->ld, LDAP_OPT_ERROR_NUMBER, &err);
*errmsg = string_sprintf("ldap_search failed: %d, %s", err,
ldap_err2string(err));
#else
*errmsg = string_sprintf("ldap_search failed");
#endif
goto RETURN_ERROR;
}
/* Loop to pick up results as they come in, setting a timeout if one was
given. */
while ((rc = ldap_result(lcp->ld, msgid, 0, timeoutptr, &result)) ==
LDAP_RES_SEARCH_ENTRY)
{
LDAPMessage *e;
DEBUG(D_lookup) debug_printf("ldap_result loop\n");
for(e = ldap_first_entry(lcp->ld, result);
e != NULL;
e = ldap_next_entry(lcp->ld, e))
{
uschar *new_dn;
BOOL insert_space = FALSE;
DEBUG(D_lookup) debug_printf("LDAP entry loop\n");
rescount++; /* Count results */
/* Results for multiple entries values are separated by newlines. */
if (data != NULL) data = string_cat(data, &size, &ptr, US"\n", 1);
/* Get the DN from the last result. */
new_dn = US ldap_get_dn(lcp->ld, e);
if (new_dn != NULL)
{
if (dn != NULL)
{
#if defined LDAP_LIB_NETSCAPE || defined LDAP_LIB_OPENLDAP2
ldap_memfree(dn);
#else /* OPENLDAP 1, UMich, Solaris */
free(dn);
#endif
}
/* Save for later */
dn = new_dn;
}
/* If the data we want is actually the DN rather than any attribute values,
(an "ldapdn" search) add it to the data string. If there are multiple
entries, the DNs will be concatenated, but we test for this case below, as
for SEARCH_LDAP_SINGLE, and give an error. */
if (search_type == SEARCH_LDAP_DN) /* Do not amalgamate these into one */
{ /* condition, because of the else */
if (new_dn != NULL) /* below, that's for the first only */
{
data = string_cat(data, &size, &ptr, new_dn, Ustrlen(new_dn));
data[ptr] = 0;
attribute_found = TRUE;
}
}
/* Otherwise, loop through the entry, grabbing attribute values. If there's
only one attribute being retrieved, no attribute name is given, and the
result is not quoted. Multiple values are separated by (comma, space).
If more than one attribute is being retrieved, the data is given as a
sequence of name=value pairs, with the value always in quotes. If there are
multiple values, they are given within the quotes, comma separated. */
else for (attr = US ldap_first_attribute(lcp->ld, e, &ber);
attr != NULL;
attr = US ldap_next_attribute(lcp->ld, e, ber))
{
if (attr[0] != 0)
{
/* Get array of values for this attribute. */
if ((firstval = values = USS ldap_get_values(lcp->ld, e, CS attr))
!= NULL)
{
if (attr_count != 1)
{
if (insert_space)
data = string_cat(data, &size, &ptr, US" ", 1);
else
insert_space = TRUE;
data = string_cat(data, &size, &ptr, attr, Ustrlen(attr));
data = string_cat(data, &size, &ptr, US"=\"", 2);
}
while (*values != NULL)
{
uschar *value = *values;
int len = Ustrlen(value);
DEBUG(D_lookup) debug_printf("LDAP attr loop %s:%s\n", attr, value);
if (values != firstval)
data = string_cat(data, &size, &ptr, US", ", 2);
/* For multiple attributes, the data is in quotes. We must escape
internal quotes, backslashes, newlines. */
if (attr_count != 1)
{
int j;
for (j = 0; j < len; j++)
{
if (value[j] == '\n')
data = string_cat(data, &size, &ptr, US"\\n", 2);
else
{
if (value[j] == '\"' || value[j] == '\\')
data = string_cat(data, &size, &ptr, US"\\", 1);
data = string_cat(data, &size, &ptr, value+j, 1);
}
}
}
/* For single attributes, copy the value verbatim */
else data = string_cat(data, &size, &ptr, value, len);
/* Move on to the next value */
values++;
attribute_found = TRUE;
}
/* Closing quote at the end of the data for a named attribute. */
if (attr_count != 1)
data = string_cat(data, &size, &ptr, US"\"", 1);
/* Free the values */
ldap_value_free(CSS firstval);
}
}
#if defined LDAP_LIB_NETSCAPE || defined LDAP_LIB_OPENLDAP2
/* Netscape and OpenLDAP2 LDAP's attrs are dynamically allocated and need
to be freed. UMich LDAP stores them in static storage and does not require
this. */
ldap_memfree(attr);
#endif
} /* End "for" loop for extracting attributes from an entry */
} /* End "for" loop for extracting entries from a result */
/* Free the result */
ldap_msgfree(result);
result = NULL;
} /* End "while" loop for multiple results */
/* Terminate the dynamic string that we have built and reclaim unused store */
if (data != NULL)
{
data[ptr] = 0;
store_reset(data + ptr + 1);
}
/* Copy the last dn into eldap_dn */
if (dn != NULL)
{
eldap_dn = string_copy(dn);
#if defined LDAP_LIB_NETSCAPE || defined LDAP_LIB_OPENLDAP2
ldap_memfree(dn);
#else /* OPENLDAP 1, UMich, Solaris */
free(dn);
#endif
}
DEBUG(D_lookup) debug_printf("search ended by ldap_result yielding %d\n",rc);
if (rc == 0)
{
*errmsg = US"ldap_result timed out";
goto RETURN_ERROR;
}
/* A return code of -1 seems to mean "ldap_result failed internally or couldn't
provide you with a message". Other error states seem to exist where
ldap_result() didn't give us any message from the server at all, leaving result
set to NULL. Apparently, "the error parameters of the LDAP session handle will
be set accordingly". That's the best we can do to retrieve an error status; we
can't use functions like ldap_result2error because they parse a message from
the server, which we didn't get.
Annoyingly, the different implementations of LDAP have gone for different
methods of handling error codes and generating error messages. */
if (rc == -1 || result == NULL)
{
int err;
DEBUG(D_lookup) debug_printf("ldap_result failed\n");
#if defined LDAP_LIB_SOLARIS || defined LDAP_LIB_OPENLDAP2
ldap_get_option(lcp->ld, LDAP_OPT_ERROR_NUMBER, &err);
*errmsg = string_sprintf("ldap_result failed: %d, %s",
err, ldap_err2string(err));
#elif defined LDAP_LIB_NETSCAPE
/* Dubious (surely 'matched' is spurious here?) */
(void)ldap_get_lderrno(lcp->ld, &matched, &error1);
*errmsg = string_sprintf("ldap_result failed: %s (%s)", error1, matched);
#else /* UMich LDAP aka OpenLDAP 1.x */
*errmsg = string_sprintf("ldap_result failed: %d, %s",
lcp->ld->ld_errno, ldap_err2string(lcp->ld->ld_errno));
#endif
goto RETURN_ERROR;
}
/* A return code that isn't -1 doesn't necessarily mean there were no problems
with the search. The message must be an LDAP_RES_SEARCH_RESULT or
LDAP_RES_SEARCH_REFERENCE or else it's something we can't handle. Some versions
of LDAP do not define LDAP_RES_SEARCH_REFERENCE (LDAP v1 is one, it seems). So
we don't provide that functionality when we can't. :-) */
if (rc != LDAP_RES_SEARCH_RESULT
#ifdef LDAP_RES_SEARCH_REFERENCE
&& rc != LDAP_RES_SEARCH_REFERENCE
#endif
)
{
*errmsg = string_sprintf("ldap_result returned unexpected code %d", rc);
goto RETURN_ERROR;
}
/* We have a result message from the server. This doesn't yet mean all is well.
We need to parse the message to find out exactly what's happened. */
#if defined LDAP_LIB_SOLARIS || defined LDAP_LIB_OPENLDAP2
ldap_rc = rc;
ldap_parse_rc = ldap_parse_result(lcp->ld, result, &rc, CSS &matched,
CSS &error2, NULL, NULL, 0);
DEBUG(D_lookup) debug_printf("ldap_parse_result: %d\n", ldap_parse_rc);
if (ldap_parse_rc < 0 &&
(ldap_parse_rc != LDAP_NO_RESULTS_RETURNED
#ifdef LDAP_RES_SEARCH_REFERENCE
|| ldap_rc != LDAP_RES_SEARCH_REFERENCE
#endif
))
{
*errmsg = string_sprintf("ldap_parse_result failed %d", ldap_parse_rc);
goto RETURN_ERROR;
}
error1 = US ldap_err2string(rc);
#elif defined LDAP_LIB_NETSCAPE
/* Dubious (it doesn't reference 'result' at all!) */
rc = ldap_get_lderrno(lcp->ld, &matched, &error1);
#else /* UMich LDAP aka OpenLDAP 1.x */
rc = ldap_result2error(lcp->ld, result, 0);
error1 = ldap_err2string(rc);
error2 = lcp->ld->ld_error;
matched = lcp->ld->ld_matched;
#endif
/* Process the status as follows:
(1) If we get LDAP_SIZELIMIT_EXCEEDED, just carry on, to return the
truncated result list.
(2) If we get LDAP_RES_SEARCH_REFERENCE, also just carry on. This was a
submitted patch that is reported to "do the right thing" with Solaris
LDAP libraries. (The problem it addresses apparently does not occur with
Open LDAP.)
(3) The range of errors defined by LDAP_NAME_ERROR generally mean "that
object does not, or cannot, exist in the database". For those cases we
fail the lookup.
(4) All other non-successes here are treated as some kind of problem with
the lookup, so return DEFER (which is the default in error_yield).
*/
DEBUG(D_lookup) debug_printf("ldap_parse_result yielded %d: %s\n",
rc, ldap_err2string(rc));
if (rc != LDAP_SUCCESS && rc != LDAP_SIZELIMIT_EXCEEDED
#ifdef LDAP_RES_SEARCH_REFERENCE
&& rc != LDAP_RES_SEARCH_REFERENCE
#endif
)
{
*errmsg = string_sprintf("LDAP search failed - error %d: %s%s%s%s%s",
rc,
(error1 != NULL)? error1 : US"",
(error2 != NULL && error2[0] != 0)? US"/" : US"",
(error2 != NULL)? error2 : US"",
(matched != NULL && matched[0] != 0)? US"/" : US"",
(matched != NULL)? matched : US"");
#if defined LDAP_NAME_ERROR
if (LDAP_NAME_ERROR(rc))
#elif defined NAME_ERROR /* OPENLDAP1 calls it this */
if (NAME_ERROR(rc))
#else
if (rc == LDAP_NO_SUCH_OBJECT)
#endif
{
DEBUG(D_lookup) debug_printf("lookup failure forced\n");
error_yield = FAIL;
}
goto RETURN_ERROR;
}
/* The search succeeded. Check if we have too many results */
if (search_type != SEARCH_LDAP_MULTIPLE && rescount > 1)
{
*errmsg = string_sprintf("LDAP search: more than one entry (%d) was returned "
"(filter not specific enough?)", rescount);
goto RETURN_ERROR_BREAK;
}
/* Check if we have too few (zero) entries */
if (rescount < 1)
{
*errmsg = string_sprintf("LDAP search: no results");
error_yield = FAIL;
goto RETURN_ERROR_BREAK;
}
/* If an entry was found, but it had no attributes, we behave as if no entries
were found, that is, the lookup failed. */
if (!attribute_found)
{
*errmsg = US"LDAP search: found no attributes";
error_yield = FAIL;
goto RETURN_ERROR;
}
/* Otherwise, it's all worked */
DEBUG(D_lookup) debug_printf("LDAP search: returning: %s\n", data);
*res = data;
RETURN_OK:
if (result != NULL) ldap_msgfree(result);
ldap_free_urldesc(ludp);
return OK;
/* Error returns */
RETURN_ERROR_BREAK:
*defer_break = TRUE;
RETURN_ERROR:
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
RETURN_ERROR_NOMSG:
if (result != NULL) ldap_msgfree(result);
if (ludp != NULL) ldap_free_urldesc(ludp);
#if defined LDAP_LIB_OPENLDAP2
if (error2 != NULL) ldap_memfree(error2);
if (matched != NULL) ldap_memfree(matched);
#endif
return error_yield;
}
static uschar *
eldap_quote(uschar *s, uschar *opt)
{
register int c;
int count = 0;
int len = 0;
BOOL dn = FALSE;
uschar *t = s;
uschar *quoted;
/* Test for a DN quotation. */
if (opt != NULL)
{
if (Ustrcmp(opt, "dn") != 0) return NULL; /* No others recognized */
dn = TRUE;
}
/* Compute how much extra store we need for the string. This doesn't have to be
exact as long as it isn't an underestimate. The worst case is the addition of 5
extra bytes for a single character. This occurs for certain characters in DNs,
where, for example, < turns into %5C%3C. For simplicity, we just add 5 for each
possibly escaped character. The really fast way would be just to test for
non-alphanumerics, but it is probably better to spot a few others that are
never escaped, because if there are no specials at all, we can avoid copying
the string. */
while ((c = *t++) != 0)
{
len++;
if (!isalnum(c) && Ustrchr(ALWAYS_LITERAL, c) == NULL) count += 5;
}
if (count == 0) return s;
/* Get sufficient store to hold the quoted string */
t = quoted = store_get(len + count + 1);
/* Handle plain quote_ldap */
if (!dn)
{
while ((c = *s++) != 0)
{
if (!isalnum(c))
{
if (Ustrchr(LDAP_QUOTE, c) != NULL)
{
sprintf(CS t, "%%5C%02X", c); /* e.g. * => %5C2A */
t += 5;
continue;
}
if (Ustrchr(URL_NONQUOTE, c) == NULL) /* e.g. ] => %5D */
{
sprintf(CS t, "%%%02X", c);
t += 3;
continue;
}
}
*t++ = c; /* unquoted character */
}
}
/* Handle quote_ldap_dn */
else
{
uschar *ss = s + len;
/* Find the last char before any trailing spaces */
while (ss > s && ss[-1] == ' ') ss--;
/* Quote leading spaces and sharps */
for (; s < ss; s++)
{
if (*s != ' ' && *s != '#') break;
sprintf(CS t, "%%5C%%%02X", *s);
t += 6;
}
/* Handle the rest of the string, up to the trailing spaces */
while (s < ss)
{
c = *s++;
if (!isalnum(c))
{
if (Ustrchr(LDAP_DN_QUOTE, c) != NULL)
{
Ustrncpy(t, "%5C", 3); /* insert \ where needed */
t += 3; /* fall through to check URL */
}
if (Ustrchr(URL_NONQUOTE, c) == NULL) /* e.g. ] => %5D */
{
sprintf(CS t, "%%%02X", c);
t += 3;
continue;
}
}
*t++ = c; /* unquoted character, or non-URL quoted after %5C */
}
/* Handle the trailing spaces */
while (*ss++ != 0)
{
Ustrncpy(t, "%5C%20", 6);
t += 6;
}
}
/* Terminate the new string and return */
*t = 0;
return quoted;
}
static int
control_ldap_search(uschar *ldap_url, int search_type, uschar **res,
uschar **errmsg)
{
BOOL defer_break = FALSE;
int timelimit = LDAP_NO_LIMIT;
int sizelimit = LDAP_NO_LIMIT;
int tcplimit = 0;
int sep = 0;
int dereference = LDAP_DEREF_NEVER;
void* referrals = LDAP_OPT_ON;
uschar *url = ldap_url;
uschar *p;
uschar *user = NULL;
uschar *password = NULL;
uschar *server, *list;
uschar buffer[512];
while (isspace(*url)) url++;
/* Until the string begins "ldap", search for the other parameter settings that
are recognized. They are of the form NAME=VALUE, with the value being
optionally double-quoted. There must still be a space after it, however. No
NAME has the value "ldap". */
while (strncmpic(url, US"ldap", 4) != 0)
{
uschar *name = url;
while (*url != 0 && *url != '=') url++;
if (*url == '=')
{
int namelen;
uschar *value;
namelen = ++url - name;
value = string_dequote(&url);
if (isspace(*url))
{
if (strncmpic(name, US"USER="******"PASS="******"SIZE=", namelen) == 0) sizelimit = Uatoi(value);
else if (strncmpic(name, US"TIME=", namelen) == 0) timelimit = Uatoi(value);
else if (strncmpic(name, US"CONNECT=", namelen) == 0) tcplimit = Uatoi(value);
else if (strncmpic(name, US"NETTIME=", namelen) == 0) tcplimit = Uatoi(value);
/* Don't know if all LDAP libraries have LDAP_OPT_DEREF */
#ifdef LDAP_OPT_DEREF
else if (strncmpic(name, US"DEREFERENCE=", namelen) == 0)
{
if (strcmpic(value, US"never") == 0) dereference = LDAP_DEREF_NEVER;
else if (strcmpic(value, US"searching") == 0)
dereference = LDAP_DEREF_SEARCHING;
else if (strcmpic(value, US"finding") == 0)
dereference = LDAP_DEREF_FINDING;
if (strcmpic(value, US"always") == 0) dereference = LDAP_DEREF_ALWAYS;
}
#else
else if (strncmpic(name, US"DEREFERENCE=", namelen) == 0)
{
*errmsg = string_sprintf("LDAP_OP_DEREF not defined in this LDAP "
"library - cannot use \"dereference\"");
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return DEFER;
}
#endif
#ifdef LDAP_OPT_REFERRALS
else if (strncmpic(name, US"REFERRALS=", namelen) == 0)
{
if (strcmpic(value, US"follow") == 0) referrals = LDAP_OPT_ON;
else if (strcmpic(value, US"nofollow") == 0) referrals = LDAP_OPT_OFF;
else
{
*errmsg = string_sprintf("LDAP option REFERRALS is not \"follow\" "
"or \"nofollow\"");
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return DEFER;
}
}
#else
else if (strncmpic(name, US"REFERRALS=", namelen) == 0)
{
*errmsg = string_sprintf("LDAP_OP_REFERRALS not defined in this LDAP "
"library - cannot use \"referrals\"");
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return DEFER;
}
#endif
else
{
*errmsg =
string_sprintf("unknown parameter \"%.*s\" precedes LDAP URL",
namelen, name);
DEBUG(D_lookup) debug_printf("LDAP query error: %s\n", *errmsg);
return DEFER;
}
while (isspace(*url)) url++;
continue;
}
}
*errmsg = US"malformed parameter setting precedes LDAP URL";
DEBUG(D_lookup) debug_printf("LDAP query error: %s\n", *errmsg);
return DEFER;
}
/* If user is set, de-URL-quote it. Some LDAP libraries do this for themselves,
but it seems that not all behave like this. The DN for the user is often the
result of ${quote_ldap_dn:...} quoting, which does apply URL quoting, because
that is needed when the DN is used as a base DN in a query. Sigh. This is all
far too complicated. */
if (user != NULL)
{
uschar *s;
uschar *t = user;
for (s = user; *s != 0; s++)
{
int c, d;
if (*s == '%' && isxdigit(c=s[1]) && isxdigit(d=s[2]))
{
c = tolower(c);
d = tolower(d);
*t++ =
(((c >= 'a')? (10 + c - 'a') : c - '0') << 4) |
((d >= 'a')? (10 + d - 'a') : d - '0');
s += 2;
}
else *t++ = *s;
}
*t = 0;
}
DEBUG(D_lookup)
debug_printf("LDAP parameters: user=%s pass=%s size=%d time=%d connect=%d "
"dereference=%d referrals=%s\n", user, password, sizelimit, timelimit,
tcplimit, dereference, (referrals == LDAP_OPT_ON)? "on" : "off");
/* If the request is just to check authentication, some credentials must
be given. The password must not be empty because LDAP binds with an empty
password are considered anonymous, and will succeed on most installations. */
if (search_type == SEARCH_LDAP_AUTH)
{
if (user == NULL || password == NULL)
{
*errmsg = US"ldapauth lookups must specify the username and password";
return DEFER;
}
if (password[0] == 0)
{
DEBUG(D_lookup) debug_printf("Empty password: ldapauth returns FAIL\n");
return FAIL;
}
}
/* Check for valid ldap url starters */
p = url + 4;
if (tolower(*p) == 's' || tolower(*p) == 'i') p++;
if (Ustrncmp(p, "://", 3) != 0)
{
*errmsg = string_sprintf("LDAP URL does not start with \"ldap://\", "
"\"ldaps://\", or \"ldapi://\" (it starts with \"%.16s...\")", url);
DEBUG(D_lookup) debug_printf("LDAP query error: %s\n", *errmsg);
return DEFER;
}
/* No default servers, or URL contains a server name: just one attempt */
if (eldap_default_servers == NULL || p[3] != '/')
{
return perform_ldap_search(url, NULL, 0, search_type, res, errmsg,
&defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
referrals);
}
/* Loop through the default servers until OK or FAIL */
list = eldap_default_servers;
while ((server = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL)
{
int rc;
int port = 0;
uschar *colon = Ustrchr(server, ':');
if (colon != NULL)
{
*colon = 0;
port = Uatoi(colon+1);
}
rc = perform_ldap_search(url, server, port, search_type, res, errmsg,
&defer_break, user, password, sizelimit, timelimit, tcplimit, dereference,
referrals);
if (rc != DEFER || defer_break) return rc;
}
return DEFER;
}
static int
perform_ibase_search(uschar * query, uschar * server, uschar ** resultptr,
uschar ** errmsg, BOOL * defer_break)
{
isc_stmt_handle stmth = NULL;
XSQLDA *out_sqlda;
XSQLVAR *var;
char buffer[256];
ISC_STATUS status[20], *statusp = status;
int i;
int ssize = 0;
int offset = 0;
int yield = DEFER;
uschar *result = NULL;
ibase_connection *cn;
uschar *server_copy = NULL;
uschar *sdata[3];
/* Disaggregate the parameters from the server argument. The order is host,
database, user, password. We can write to the string, since it is in a
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */
for (i = 2; i > 0; i--) {
uschar *pp = Ustrrchr(server, '|');
if (pp == NULL) {
*errmsg =
string_sprintf("incomplete Interbase server data: %s",
(i == 3) ? server : server_copy);
*defer_break = TRUE;
return DEFER;
}
*pp++ = 0;
sdata[i] = pp;
if (i == 2)
server_copy = string_copy(server); /* sans password */
}
sdata[0] = server; /* What's left at the start */
/* See if we have a cached connection to the server */
for (cn = ibase_connections; cn != NULL; cn = cn->next) {
if (Ustrcmp(cn->server, server_copy) == 0) {
break;
}
}
/* Use a previously cached connection ? */
if (cn != NULL) {
static char db_info_options[] = { isc_info_base_level };
/* test if the connection is alive */
if (isc_database_info
(status, &cn->dbh, sizeof(db_info_options), db_info_options,
sizeof(buffer), buffer)) {
/* error occurred: assume connection is down */
DEBUG(D_lookup)
debug_printf
("Interbase cleaning up cached connection: %s\n",
cn->server);
isc_detach_database(status, &cn->dbh);
} else {
DEBUG(D_lookup)
debug_printf("Interbase using cached connection for %s\n",
server_copy);
}
} else {
cn = store_get(sizeof(ibase_connection));
cn->server = server_copy;
cn->dbh = NULL;
cn->transh = NULL;
cn->next = ibase_connections;
ibase_connections = cn;
}
/* If no cached connection, we must set one up. */
if (cn->dbh == NULL || cn->transh == NULL) {
char *dpb, *p;
short dpb_length;
static char trans_options[] =
{ isc_tpb_version3, isc_tpb_read, isc_tpb_read_committed,
isc_tpb_rec_version
};
/* Construct the database parameter buffer. */
dpb = buffer;
*dpb++ = isc_dpb_version1;
*dpb++ = isc_dpb_user_name;
*dpb++ = strlen(sdata[1]);
for (p = sdata[1]; *p;)
*dpb++ = *p++;
*dpb++ = isc_dpb_password;
*dpb++ = strlen(sdata[2]);
for (p = sdata[2]; *p;)
*dpb++ = *p++;
dpb_length = dpb - buffer;
DEBUG(D_lookup)
debug_printf("new Interbase connection: database=%s user=%s\n",
sdata[0], sdata[1]);
/* Connect to the database */
if (isc_attach_database
(status, 0, sdata[0], &cn->dbh, dpb_length, buffer)) {
isc_interprete(buffer, &statusp);
*errmsg =
string_sprintf("Interbase attach() failed: %s", buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
/* Now start a read-only read-committed transaction */
if (isc_start_transaction
(status, &cn->transh, 1, &cn->dbh, sizeof(trans_options),
trans_options)) {
isc_interprete(buffer, &statusp);
isc_detach_database(status, &cn->dbh);
*errmsg =
string_sprintf("Interbase start_transaction() failed: %s",
buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
}
/* Run the query */
if (isc_dsql_allocate_statement(status, &cn->dbh, &stmth)) {
isc_interprete(buffer, &statusp);
*errmsg =
string_sprintf("Interbase alloc_statement() failed: %s",
buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
out_sqlda = store_get(XSQLDA_LENGTH(1));
out_sqlda->version = SQLDA_VERSION1;
out_sqlda->sqln = 1;
if (isc_dsql_prepare
(status, &cn->transh, &stmth, 0, query, 1, out_sqlda)) {
isc_interprete(buffer, &statusp);
store_reset(out_sqlda);
out_sqlda = NULL;
*errmsg =
string_sprintf("Interbase prepare_statement() failed: %s",
buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
/* re-allocate the output structure if there's more than one field */
if (out_sqlda->sqln < out_sqlda->sqld) {
XSQLDA *new_sqlda = store_get(XSQLDA_LENGTH(out_sqlda->sqld));
if (isc_dsql_describe
(status, &stmth, out_sqlda->version, new_sqlda)) {
isc_interprete(buffer, &statusp);
isc_dsql_free_statement(status, &stmth, DSQL_drop);
store_reset(out_sqlda);
out_sqlda = NULL;
*errmsg =
string_sprintf("Interbase describe_statement() failed: %s",
buffer);
*defer_break = FALSE;
goto IBASE_EXIT;
}
out_sqlda = new_sqlda;
}
/* allocate storage for every returned field */
for (i = 0, var = out_sqlda->sqlvar; i < out_sqlda->sqld; i++, var++) {
switch (var->sqltype & ~1) {
case SQL_VARYING:
var->sqldata =
(char *) store_get(sizeof(char) * var->sqllen + 2);
break;
case SQL_TEXT:
var->sqldata =
(char *) store_get(sizeof(char) * var->sqllen);
break;
case SQL_SHORT:
var->sqldata = (char *) store_get(sizeof(short));
break;
case SQL_LONG:
var->sqldata = (char *) store_get(sizeof(ISC_LONG));
break;
#ifdef SQL_INT64
case SQL_INT64:
var->sqldata = (char *) store_get(sizeof(ISC_INT64));
break;
#endif
case SQL_FLOAT:
var->sqldata = (char *) store_get(sizeof(float));
break;
case SQL_DOUBLE:
var->sqldata = (char *) store_get(sizeof(double));
break;
#ifdef SQL_TIMESTAMP
case SQL_DATE:
var->sqldata = (char *) store_get(sizeof(ISC_QUAD));
break;
#else
case SQL_TIMESTAMP:
var->sqldata = (char *) store_get(sizeof(ISC_TIMESTAMP));
break;
case SQL_TYPE_DATE:
var->sqldata = (char *) store_get(sizeof(ISC_DATE));
break;
case SQL_TYPE_TIME:
var->sqldata = (char *) store_get(sizeof(ISC_TIME));
break;
#endif
}
if (var->sqltype & 1) {
var->sqlind = (short *) store_get(sizeof(short));
}
}
/* finally, we're ready to execute the statement */
if (isc_dsql_execute
(status, &cn->transh, &stmth, out_sqlda->version, NULL)) {
isc_interprete(buffer, &statusp);
*errmsg =
string_sprintf("Interbase describe_statement() failed: %s",
buffer);
isc_dsql_free_statement(status, &stmth, DSQL_drop);
*defer_break = FALSE;
goto IBASE_EXIT;
}
while (isc_dsql_fetch(status, &stmth, out_sqlda->version, out_sqlda) !=
100L) {
/* check if an error occurred */
if (status[0] & status[1]) {
isc_interprete(buffer, &statusp);
*errmsg =
string_sprintf("Interbase fetch() failed: %s", buffer);
isc_dsql_free_statement(status, &stmth, DSQL_drop);
*defer_break = FALSE;
goto IBASE_EXIT;
}
if (result != NULL)
result = string_catn(result, &ssize, &offset, US "\n", 1);
/* Find the number of fields returned. If this is one, we don't add field
names to the data. Otherwise we do. */
if (out_sqlda->sqld == 1) {
if (out_sqlda->sqlvar[0].sqlind == NULL || *out_sqlda->sqlvar[0].sqlind != -1) /* NULL value yields nothing */
result =
string_catn(result, &ssize, &offset, US buffer,
fetch_field(buffer, sizeof(buffer),
&out_sqlda->sqlvar[0]));
}
else
for (i = 0; i < out_sqlda->sqld; i++) {
int len = fetch_field(buffer, sizeof(buffer),
&out_sqlda->sqlvar[i]);
result =
string_cat(result, &ssize, &offset,
US out_sqlda->sqlvar[i].aliasname,
out_sqlda->sqlvar[i].aliasname_length);
result = string_catn(result, &ssize, &offset, US "=", 1);
/* Quote the value if it contains spaces or is empty */
if (*out_sqlda->sqlvar[i].sqlind == -1) { /* NULL value */
result =
string_catn(result, &ssize, &offset, US "\"\"", 2);
}
else if (buffer[0] == 0 || Ustrchr(buffer, ' ') != NULL) {
int j;
result =
string_catn(result, &ssize, &offset, US "\"", 1);
for (j = 0; j < len; j++) {
if (buffer[j] == '\"' || buffer[j] == '\\')
result =
string_cat(result, &ssize, &offset,
US "\\", 1);
result =
string_cat(result, &ssize, &offset,
US buffer + j, 1);
}
result =
string_catn(result, &ssize, &offset, US "\"", 1);
} else {
result =
string_catn(result, &ssize, &offset, US buffer, len);
}
result = string_catn(result, &ssize, &offset, US " ", 1);
}
}
/* If result is NULL then no data has been found and so we return FAIL.
Otherwise, we must terminate the string which has been built; string_cat()
always leaves enough room for a terminating zero. */
if (result == NULL) {
yield = FAIL;
*errmsg = US "Interbase: no data found";
} else {
result[offset] = 0;
store_reset(result + offset + 1);
}
/* Get here by goto from various error checks. */
IBASE_EXIT:
if (stmth != NULL)
isc_dsql_free_statement(status, &stmth, DSQL_drop);
/* Non-NULL result indicates a successful result */
if (result != NULL) {
*resultptr = result;
return OK;
} else {
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return yield; /* FAIL or DEFER */
}
}
int
string_is_ip_address(const uschar *s, int *maskptr)
{
int i;
int yield = 4;
/* If an optional mask is permitted, check for it. If found, pass back the
offset. */
if (maskptr != NULL)
{
const uschar *ss = s + Ustrlen(s);
*maskptr = 0;
if (s != ss && isdigit(*(--ss)))
{
while (ss > s && isdigit(ss[-1])) ss--;
if (ss > s && *(--ss) == '/') *maskptr = ss - s;
}
}
/* A colon anywhere in the string => IPv6 address */
if (Ustrchr(s, ':') != NULL)
{
BOOL had_double_colon = FALSE;
BOOL v4end = FALSE;
int count = 0;
yield = 6;
/* An IPv6 address must start with hex digit or double colon. A single
colon is invalid. */
if (*s == ':' && *(++s) != ':') return 0;
/* Now read up to 8 components consisting of up to 4 hex digits each. There
may be one and only one appearance of double colon, which implies any number
of binary zero bits. The number of preceding components is held in count. */
for (count = 0; count < 8; count++)
{
/* If the end of the string is reached before reading 8 components, the
address is valid provided a double colon has been read. This also applies
if we hit the / that introduces a mask or the % that introduces the
interface specifier (scope id) of a link-local address. */
if (*s == 0 || *s == '%' || *s == '/') return had_double_colon? yield : 0;
/* If a component starts with an additional colon, we have hit a double
colon. This is permitted to appear once only, and counts as at least
one component. The final component may be of this form. */
if (*s == ':')
{
if (had_double_colon) return 0;
had_double_colon = TRUE;
s++;
continue;
}
/* If the remainder of the string contains a dot but no colons, we
can expect a trailing IPv4 address. This is valid if either there has
been no double-colon and this is the 7th component (with the IPv4 address
being the 7th & 8th components), OR if there has been a double-colon
and fewer than 6 components. */
if (Ustrchr(s, ':') == NULL && Ustrchr(s, '.') != NULL)
{
if ((!had_double_colon && count != 6) ||
(had_double_colon && count > 6)) return 0;
v4end = TRUE;
yield = 6;
break;
}
/* Check for at least one and not more than 4 hex digits for this
component. */
if (!isxdigit(*s++)) return 0;
if (isxdigit(*s) && isxdigit(*(++s)) && isxdigit(*(++s))) s++;
/* If the component is terminated by colon and there is more to
follow, skip over the colon. If there is no more to follow the address is
invalid. */
if (*s == ':' && *(++s) == 0) return 0;
}
/* If about to handle a trailing IPv4 address, drop through. Otherwise
all is well if we are at the end of the string or at the mask or at a percent
sign, which introduces the interface specifier (scope id) of a link local
address. */
if (!v4end)
return (*s == 0 || *s == '%' ||
(*s == '/' && maskptr != NULL && *maskptr != 0))? yield : 0;
}
/* Test for IPv4 address, which may be the tail-end of an IPv6 address. */
for (i = 0; i < 4; i++)
{
if (i != 0 && *s++ != '.') return 0;
if (!isdigit(*s++)) return 0;
if (isdigit(*s) && isdigit(*(++s))) s++;
}
return (*s == 0 || (*s == '/' && maskptr != NULL && *maskptr != 0))?
yield : 0;
}
static int
spamd_param(const uschar * param, spamd_address_container * spamd)
{
static int timesinceday = -1;
const uschar * s;
const uschar * name;
/*XXX more clever parsing could discard embedded spaces? */
if (sscanf(CCS param, "pri=%u", &spamd->priority))
return 0; /* OK */
if (sscanf(CCS param, "weight=%u", &spamd->weight))
{
if (spamd->weight == 0) /* this server disabled: skip it */
return 1;
return 0; /* OK */
}
if (Ustrncmp(param, "time=", 5) == 0)
{
unsigned int start_h = 0, start_m = 0, start_s = 0;
unsigned int end_h = 24, end_m = 0, end_s = 0;
unsigned int time_start, time_end;
const uschar * end_string;
name = US"time";
s = param+5;
if ((end_string = Ustrchr(s, '-')))
{
end_string++;
if ( sscanf(CS end_string, "%u.%u.%u", &end_h, &end_m, &end_s) == 0
|| sscanf(CS s, "%u.%u.%u", &start_h, &start_m, &start_s) == 0
)
goto badval;
}
else
goto badval;
if (timesinceday < 0)
{
time_t now = time(NULL);
struct tm *tmp = localtime(&now);
timesinceday = tmp->tm_hour*3600 + tmp->tm_min*60 + tmp->tm_sec;
}
time_start = start_h*3600 + start_m*60 + start_s;
time_end = end_h*3600 + end_m*60 + end_s;
if (timesinceday < time_start || timesinceday >= time_end)
return 1; /* skip spamd server */
return 0; /* OK */
}
if (Ustrcmp(param, "variant=rspamd") == 0)
{
spamd->is_rspamd = TRUE;
return 0;
}
if (Ustrncmp(param, "tmo=", 4) == 0)
{
int sec = readconf_readtime((s = param+4), '\0', FALSE);
name = US"timeout";
if (sec < 0)
goto badval;
spamd->timeout = sec;
return 0;
}
if (Ustrncmp(param, "retry=", 6) == 0)
{
int sec = readconf_readtime((s = param+6), '\0', FALSE);
name = US"retry";
if (sec < 0)
goto badval;
spamd->retry = sec;
return 0;
}
log_write(0, LOG_MAIN, "%s warning - invalid spamd parameter: '%s'",
loglabel, param);
return -1; /* syntax error */
badval:
log_write(0, LOG_MAIN,
"%s warning - invalid spamd %s value: '%s'", loglabel, name, s);
return -1; /* syntax error */
}
static int
dnsdb_find(void *handle, uschar *filename, const uschar *keystring, int length,
uschar **result, uschar **errmsg, uint *do_cache)
{
int rc;
int size = 256;
int ptr = 0;
int sep = 0;
int defer_mode = PASS;
int dnssec_mode = OK;
int save_retrans = dns_retrans;
int save_retry = dns_retry;
int type;
int failrc = FAIL;
const uschar *outsep = CUS"\n";
const uschar *outsep2 = NULL;
uschar *equals, *domain, *found;
/* Because we're the working in the search pool, we try to reclaim as much
store as possible later, so we preallocate the result here */
uschar *yield = store_get(size);
dns_record *rr;
dns_answer dnsa;
dns_scan dnss;
handle = handle; /* Keep picky compilers happy */
filename = filename;
length = length;
do_cache = do_cache;
/* If the string starts with '>' we change the output separator.
If it's followed by ';' or ',' we set the TXT output separator. */
while (isspace(*keystring)) keystring++;
if (*keystring == '>')
{
outsep = keystring + 1;
keystring += 2;
if (*keystring == ',')
{
outsep2 = keystring + 1;
keystring += 2;
}
else if (*keystring == ';')
{
outsep2 = US"";
keystring++;
}
while (isspace(*keystring)) keystring++;
}
/* Check for a modifier keyword. */
for (;;)
{
if (strncmpic(keystring, US"defer_", 6) == 0)
{
keystring += 6;
if (strncmpic(keystring, US"strict", 6) == 0)
{ defer_mode = DEFER; keystring += 6; }
else if (strncmpic(keystring, US"lax", 3) == 0)
{ defer_mode = PASS; keystring += 3; }
else if (strncmpic(keystring, US"never", 5) == 0)
{ defer_mode = OK; keystring += 5; }
else
{
*errmsg = US"unsupported dnsdb defer behaviour";
return DEFER;
}
}
else if (strncmpic(keystring, US"dnssec_", 7) == 0)
{
keystring += 7;
if (strncmpic(keystring, US"strict", 6) == 0)
{ dnssec_mode = DEFER; keystring += 6; }
else if (strncmpic(keystring, US"lax", 3) == 0)
{ dnssec_mode = PASS; keystring += 3; }
else if (strncmpic(keystring, US"never", 5) == 0)
{ dnssec_mode = OK; keystring += 5; }
else
{
*errmsg = US"unsupported dnsdb dnssec behaviour";
return DEFER;
}
}
else if (strncmpic(keystring, US"retrans_", 8) == 0)
{
int timeout_sec;
if ((timeout_sec = readconf_readtime(keystring += 8, ',', FALSE)) <= 0)
{
*errmsg = US"unsupported dnsdb timeout value";
return DEFER;
}
dns_retrans = timeout_sec;
while (*keystring != ',') keystring++;
}
else if (strncmpic(keystring, US"retry_", 6) == 0)
{
int retries;
if ((retries = (int)strtol(CCS keystring + 6, CSS &keystring, 0)) < 0)
{
*errmsg = US"unsupported dnsdb retry count";
return DEFER;
}
dns_retry = retries;
}
else
break;
while (isspace(*keystring)) keystring++;
if (*keystring++ != ',')
{
*errmsg = US"dnsdb modifier syntax error";
return DEFER;
}
while (isspace(*keystring)) keystring++;
}
/* Figure out the "type" value if it is not T_TXT.
If the keystring contains an = this must be preceded by a valid type name. */
type = T_TXT;
if ((equals = Ustrchr(keystring, '=')) != NULL)
{
int i, len;
uschar *tend = equals;
while (tend > keystring && isspace(tend[-1])) tend--;
len = tend - keystring;
for (i = 0; i < sizeof(type_names)/sizeof(uschar *); i++)
{
if (len == Ustrlen(type_names[i]) &&
strncmpic(keystring, US type_names[i], len) == 0)
{
type = type_values[i];
break;
}
}
if (i >= sizeof(type_names)/sizeof(uschar *))
{
*errmsg = US"unsupported DNS record type";
return DEFER;
}
keystring = equals + 1;
while (isspace(*keystring)) keystring++;
}
/* Initialize the resolver in case this is the first time it has been used. */
dns_init(FALSE, FALSE, dnssec_mode != OK);
/* The remainder of the string must be a list of domains. As long as the lookup
for at least one of them succeeds, we return success. Failure means that none
of them were found.
The original implementation did not support a list of domains. Adding the list
feature is compatible, except in one case: when PTR records are being looked up
for a single IPv6 address. Fortunately, we can hack in a compatibility feature
here: If the type is PTR and no list separator is specified, and the entire
remaining string is valid as an IP address, set an impossible separator so that
it is treated as one item. */
if (type == T_PTR && keystring[0] != '<' &&
string_is_ip_address(keystring, NULL) != 0)
sep = -1;
/* SPF strings should be concatenated without a separator, thus make
it the default if not defined (see RFC 4408 section 3.1.3).
Multiple SPF records are forbidden (section 3.1.2) but are currently
not handled specially, thus they are concatenated with \n by default.
MX priority and value are space-separated by default.
SRV and TLSA record parts are space-separated by default. */
if (!outsep2) switch(type)
{
case T_SPF: outsep2 = US""; break;
case T_SRV: case T_MX: case T_TLSA: outsep2 = US" "; break;
}
/* Now scan the list and do a lookup for each item */
while ((domain = string_nextinlist(&keystring, &sep, NULL, 0)))
{
uschar rbuffer[256];
int searchtype = (type == T_CSA)? T_SRV : /* record type we want */
(type == T_MXH)? T_MX :
(type == T_ZNS)? T_NS : type;
/* If the type is PTR or CSA, we have to construct the relevant magic lookup
key if the original is an IP address (some experimental protocols are using
PTR records for different purposes where the key string is a host name, and
Exim's extended CSA can be keyed by domains or IP addresses). This code for
doing the reversal is now in a separate function. */
if ((type == T_PTR || type == T_CSA) &&
string_is_ip_address(domain, NULL) != 0)
{
dns_build_reverse(domain, rbuffer);
domain = rbuffer;
}
do
{
DEBUG(D_lookup) debug_printf("dnsdb key: %s\n", domain);
/* Do the lookup and sort out the result. There are four special types that
are handled specially: T_CSA, T_ZNS, T_ADDRESSES and T_MXH.
The first two are handled in a special lookup function so that the facility
could be used from other parts of the Exim code. T_ADDRESSES is handled by looping
over the types of A lookup. T_MXH affects only what happens later on in
this function, but for tidiness it is handled by the "special". If the
lookup fails, continue with the next domain. In the case of DEFER, adjust
the final "nothing found" result, but carry on to the next domain. */
found = domain;
#if HAVE_IPV6
if (type == T_ADDRESSES) /* NB cannot happen unless HAVE_IPV6 */
{
if (searchtype == T_ADDRESSES) searchtype = T_AAAA;
else if (searchtype == T_AAAA) searchtype = T_A;
rc = dns_special_lookup(&dnsa, domain, searchtype, CUSS &found);
}
else
#endif
rc = dns_special_lookup(&dnsa, domain, type, CUSS &found);
lookup_dnssec_authenticated = dnssec_mode==OK ? NULL
: dns_is_secure(&dnsa) ? US"yes" : US"no";
if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue;
if ( rc != DNS_SUCCEED
|| (dnssec_mode == DEFER && !dns_is_secure(&dnsa))
)
{
if (defer_mode == DEFER)
{
dns_retrans = save_retrans;
dns_retry = save_retry;
dns_init(FALSE, FALSE, FALSE); /* clr dnssec bit */
return DEFER; /* always defer */
}
if (defer_mode == PASS) failrc = DEFER; /* defer only if all do */
continue; /* treat defer as fail */
}
/* Search the returned records */
for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS);
rr != NULL;
rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
{
if (rr->type != searchtype) continue;
if (*do_cache > rr->ttl)
*do_cache = rr->ttl;
if (type == T_A || type == T_AAAA || type == T_ADDRESSES)
{
dns_address *da;
for (da = dns_address_from_rr(&dnsa, rr); da; da = da->next)
{
if (ptr != 0) yield = string_cat(yield, &size, &ptr, outsep, 1);
yield = string_cat(yield, &size, &ptr, da->address,
Ustrlen(da->address));
}
continue;
}
/* Other kinds of record just have one piece of data each, but there may be
several of them, of course. */
if (ptr != 0) yield = string_cat(yield, &size, &ptr, outsep, 1);
if (type == T_TXT || type == T_SPF)
{
if (outsep2 == NULL)
{
/* output only the first item of data */
yield = string_cat(yield, &size, &ptr, (uschar *)(rr->data+1),
(rr->data)[0]);
}
else
{
/* output all items */
int data_offset = 0;
while (data_offset < rr->size)
{
uschar chunk_len = (rr->data)[data_offset++];
if (outsep2[0] != '\0' && data_offset != 1)
yield = string_cat(yield, &size, &ptr, outsep2, 1);
yield = string_cat(yield, &size, &ptr,
(uschar *)((rr->data)+data_offset), chunk_len);
data_offset += chunk_len;
}
}
}
else if (type == T_TLSA)
{
uint8_t usage, selector, matching_type;
uint16_t i, payload_length;
uschar s[MAX_TLSA_EXPANDED_SIZE];
uschar * sp = s;
uschar * p = US rr->data;
usage = *p++;
selector = *p++;
matching_type = *p++;
/* What's left after removing the first 3 bytes above */
payload_length = rr->size - 3;
sp += sprintf(CS s, "%d%c%d%c%d%c", usage, *outsep2,
selector, *outsep2, matching_type, *outsep2);
/* Now append the cert/identifier, one hex char at a time */
for (i=0;
i < payload_length && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4);
i++)
sp += sprintf(CS sp, "%02x", (unsigned char)p[i]);
yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
}
else /* T_CNAME, T_CSA, T_MX, T_MXH, T_NS, T_PTR, T_SOA, T_SRV */
{
int priority, weight, port;
uschar s[264];
uschar * p = US rr->data;
switch (type)
{
case T_MXH:
/* mxh ignores the priority number and includes only the hostnames */
GETSHORT(priority, p);
break;
case T_MX:
GETSHORT(priority, p);
sprintf(CS s, "%d%c", priority, *outsep2);
yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
break;
case T_SRV:
GETSHORT(priority, p);
GETSHORT(weight, p);
GETSHORT(port, p);
sprintf(CS s, "%d%c%d%c%d%c", priority, *outsep2,
weight, *outsep2, port, *outsep2);
yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
break;
case T_CSA:
/* See acl_verify_csa() for more comments about CSA. */
GETSHORT(priority, p);
GETSHORT(weight, p);
GETSHORT(port, p);
if (priority != 1) continue; /* CSA version must be 1 */
/* If the CSA record we found is not the one we asked for, analyse
the subdomain assertions in the port field, else analyse the direct
authorization status in the weight field. */
if (Ustrcmp(found, domain) != 0)
{
if (port & 1) *s = 'X'; /* explicit authorization required */
else *s = '?'; /* no subdomain assertions here */
}
else
{
if (weight < 2) *s = 'N'; /* not authorized */
else if (weight == 2) *s = 'Y'; /* authorized */
else if (weight == 3) *s = '?'; /* unauthorizable */
else continue; /* invalid */
}
s[1] = ' ';
yield = string_cat(yield, &size, &ptr, s, 2);
break;
default:
break;
}
/* GETSHORT() has advanced the pointer to the target domain. */
rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p,
(DN_EXPAND_ARG4_TYPE)s, sizeof(s));
/* If an overlong response was received, the data will have been
truncated and dn_expand may fail. */
if (rc < 0)
{
log_write(0, LOG_MAIN, "host name alias list truncated: type=%s "
"domain=%s", dns_text_type(type), domain);
break;
}
else yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
if (type == T_SOA && outsep2 != NULL)
{
unsigned long serial, refresh, retry, expire, minimum;
p += rc;
yield = string_cat(yield, &size, &ptr, outsep2, 1);
rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p,
(DN_EXPAND_ARG4_TYPE)s, sizeof(s));
if (rc < 0)
{
log_write(0, LOG_MAIN, "responsible-mailbox truncated: type=%s "
"domain=%s", dns_text_type(type), domain);
break;
}
else yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
p += rc;
GETLONG(serial, p); GETLONG(refresh, p);
GETLONG(retry, p); GETLONG(expire, p); GETLONG(minimum, p);
sprintf(CS s, "%c%lu%c%lu%c%lu%c%lu%c%lu",
*outsep2, serial, *outsep2, refresh,
*outsep2, retry, *outsep2, expire, *outsep2, minimum);
yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
}
}
} /* Loop for list of returned records */
/* Loop for set of A-lookupu types */
} while (type == T_ADDRESSES && searchtype != T_A);
} /* Loop for list of domains */
/* Reclaim unused memory */
store_reset(yield + ptr + 1);
/* If ptr == 0 we have not found anything. Otherwise, insert the terminating
zero and return the result. */
dns_retrans = save_retrans;
dns_retry = save_retry;
dns_init(FALSE, FALSE, FALSE); /* clear the dnssec bit for getaddrbyname */
if (ptr == 0) return failrc;
yield[ptr] = 0;
*result = yield;
return OK;
}
/* This function is called from the find entry point to do the search for a
* single server.
*
* Arguments:
* query the query string
* server the server string
* resultptr where to store the result
* errmsg where to point an error message
* defer_break TRUE if no more servers are to be tried after DEFER
* do_cache set false if data is changed
*
* The server string is of the form "host/dbnumber/password". The host can be
* host:port. This string is in a nextinlist temporary buffer, so can be
* overwritten.
*
* Returns: OK, FAIL, or DEFER
*/
static int
perform_redis_search(uschar *command, uschar *server, uschar **resultptr,
uschar **errmsg, BOOL *defer_break, BOOL *do_cache)
{
redisContext *redis_handle = NULL; /* Keep compilers happy */
redisReply *redis_reply = NULL;
redisReply *entry = NULL;
redisReply *tentry = NULL;
redis_connection *cn;
int ssize = 0;
int offset = 0;
int yield = DEFER;
int i, j;
uschar *result = NULL;
uschar *server_copy = NULL;
uschar *tmp, *ttmp;
uschar *sdata[3];
/*
* Disaggregate the parameters from the server argument.
* The order is host:port(socket)
* We can write to the string, since it is in a nextinlist temporary buffer.
* This copy is also used for debugging output.
*/
memset(sdata, 0, sizeof(sdata)) /* Set all to NULL */;
for (i = 2; i > 0; i--) {
uschar *pp = Ustrrchr(server, '/');
if (pp == NULL) {
*errmsg = string_sprintf("incomplete Redis server data: %s", (i == 2) ? server : server_copy);
*defer_break = TRUE;
return DEFER;
}
*pp++ = 0;
sdata[i] = pp;
if (i == 2) server_copy = string_copy(server); /* sans password */
}
sdata[0] = server; /* What's left at the start */
/* If the database or password is an empty string, set it NULL */
if (sdata[1][0] == 0) sdata[1] = NULL;
if (sdata[2][0] == 0) sdata[2] = NULL;
/* See if we have a cached connection to the server */
for (cn = redis_connections; cn != NULL; cn = cn->next) {
if (Ustrcmp(cn->server, server_copy) == 0) {
redis_handle = cn->handle;
break;
}
}
if (cn == NULL) {
uschar *p;
uschar *socket = NULL;
int port = 0;
/* int redis_err = REDIS_OK; */
if ((p = Ustrchr(sdata[0], '(')) != NULL) {
*p++ = 0;
socket = p;
while (*p != 0 && *p != ')')
p++;
*p = 0;
}
if ((p = Ustrchr(sdata[0], ':')) != NULL) {
*p++ = 0;
port = Uatoi(p);
} else {
port = Uatoi("6379");
}
if (Ustrchr(server, '/') != NULL) {
*errmsg = string_sprintf("unexpected slash in Redis server hostname: %s", sdata[0]);
*defer_break = TRUE;
return DEFER;
}
DEBUG(D_lookup)
debug_printf("REDIS new connection: host=%s port=%d socket=%s database=%s\n", sdata[0], port, socket, sdata[1]);
/* Get store for a new handle, initialize it, and connect to the server */
/* XXX: Use timeouts ? */
if (socket != NULL)
redis_handle = redisConnectUnix(CCS socket);
else
redis_handle = redisConnect(CCS server, port);
if (redis_handle == NULL) {
*errmsg = string_sprintf("REDIS connection failed");
*defer_break = FALSE;
goto REDIS_EXIT;
}
/* Add the connection to the cache */
cn = store_get(sizeof(redis_connection));
cn->server = server_copy;
cn->handle = redis_handle;
cn->next = redis_connections;
redis_connections = cn;
} else {
DEBUG(D_lookup)
debug_printf("REDIS using cached connection for %s\n", server_copy);
}
/* Authenticate if there is a password */
if(sdata[2] != NULL) {
if ((redis_reply = redisCommand(redis_handle, "AUTH %s", sdata[2])) == NULL) {
*errmsg = string_sprintf("REDIS Authentication failed: %s\n", redis_handle->errstr);
*defer_break = FALSE;
goto REDIS_EXIT;
}
}
/* Select the database if there is a dbnumber passed */
if(sdata[1] != NULL) {
if ((redis_reply = redisCommand(redis_handle, "SELECT %s", sdata[1])) == NULL) {
*errmsg = string_sprintf("REDIS: Selecting database=%s failed: %s\n", sdata[1], redis_handle->errstr);
*defer_break = FALSE;
goto REDIS_EXIT;
} else {
DEBUG(D_lookup) debug_printf("REDIS: Selecting database=%s\n", sdata[1]);
}
}
/* Run the command */
if ((redis_reply = redisCommand(redis_handle, CS command)) == NULL) {
*errmsg = string_sprintf("REDIS: query failed: %s\n", redis_handle->errstr);
*defer_break = FALSE;
goto REDIS_EXIT;
}
switch (redis_reply->type) {
case REDIS_REPLY_ERROR:
*errmsg = string_sprintf("REDIS: lookup result failed: %s\n", redis_reply->str);
*defer_break = FALSE;
*do_cache = FALSE;
goto REDIS_EXIT;
/* NOTREACHED */
break;
case REDIS_REPLY_NIL:
DEBUG(D_lookup) debug_printf("REDIS: query was not one that returned any data\n");
result = string_sprintf("");
*do_cache = FALSE;
goto REDIS_EXIT;
/* NOTREACHED */
break;
case REDIS_REPLY_INTEGER:
ttmp = (redis_reply->integer == 1) ? US"true" : US"false";
result = string_cat(result, &ssize, &offset, US ttmp, Ustrlen(ttmp));
break;
case REDIS_REPLY_STRING:
case REDIS_REPLY_STATUS:
result = string_cat(result, &ssize, &offset, US redis_reply->str, redis_reply->len);
break;
case REDIS_REPLY_ARRAY:
/* NOTE: For now support 1 nested array result. If needed a limitless result can be parsed */
for (i = 0; i < redis_reply->elements; i++) {
entry = redis_reply->element[i];
if (result != NULL)
result = string_cat(result, &ssize, &offset, US"\n", 1);
switch (entry->type) {
case REDIS_REPLY_INTEGER:
tmp = string_sprintf("%d", entry->integer);
result = string_cat(result, &ssize, &offset, US tmp, Ustrlen(tmp));
break;
case REDIS_REPLY_STRING:
result = string_cat(result, &ssize, &offset, US entry->str, entry->len);
break;
case REDIS_REPLY_ARRAY:
for (j = 0; j < entry->elements; j++) {
tentry = entry->element[j];
if (result != NULL)
result = string_cat(result, &ssize, &offset, US"\n", 1);
switch (tentry->type) {
case REDIS_REPLY_INTEGER:
ttmp = string_sprintf("%d", tentry->integer);
result = string_cat(result, &ssize, &offset, US ttmp, Ustrlen(ttmp));
break;
case REDIS_REPLY_STRING:
result = string_cat(result, &ssize, &offset, US tentry->str, tentry->len);
break;
case REDIS_REPLY_ARRAY:
DEBUG(D_lookup) debug_printf("REDIS: result has nesting of arrays which is not supported. Ignoring!\n");
break;
default:
DEBUG(D_lookup) debug_printf("REDIS: result has unsupported type. Ignoring!\n");
break;
}
}
break;
default:
DEBUG(D_lookup) debug_printf("REDIS: query returned unsupported type\n");
break;
}
}
break;
}
if (result == NULL) {
yield = FAIL;
*errmsg = US"REDIS: no data found";
} else {
result[offset] = 0;
store_reset(result + offset + 1);
}
REDIS_EXIT:
/* Free store for any result that was got; don't close the connection, as it is cached. */
if (redis_reply != NULL)
freeReplyObject(redis_reply);
/* Non-NULL result indicates a sucessful result */
if (result != NULL) {
*resultptr = result;
return OK;
} else {
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
/* NOTE: Required to close connection since it needs to be reopened */
return yield; /* FAIL or DEFER */
}
}
int main(int argc, char **cargv)
{
struct stat statbuf;
int maxkeep = 30 * 24 * 60 * 60;
int dbdata_type, i, oldest, path_len;
key_item *keychain = NULL;
void *reset_point;
open_db dbblock;
open_db *dbm;
EXIM_CURSOR *cursor;
uschar **argv = USS cargv;
uschar buffer[256];
uschar *key;
/* Scan the options */
for (i = 1; i < argc; i++)
{
if (argv[i][0] != '-') break;
if (Ustrcmp(argv[i], "-f") == 0) continue;
if (Ustrcmp(argv[i], "-t") == 0)
{
uschar *s;
s = argv[++i];
maxkeep = 0;
while (*s != 0)
{
int value, count;
if (!isdigit(*s)) usage(US"tidydb", US" [-t <time>]");
(void)sscanf(CS s, "%d%n", &value, &count);
s += count;
switch (*s)
{
case 'w': value *= 7;
case 'd': value *= 24;
case 'h': value *= 60;
case 'm': value *= 60;
case 's': s++;
break;
default: usage(US"tidydb", US" [-t <time>]");
}
maxkeep += value;
}
}
else usage(US"tidydb", US" [-t <time>]");
}
/* Adjust argument values and process arguments */
argc -= --i;
argv += i;
dbdata_type = check_args(argc, argv, US"tidydb", US" [-t <time>]");
/* Compute the oldest keep time, verify what we are doing, and open the
database */
oldest = time(NULL) - maxkeep;
printf("Tidying Exim hints database %s/db/%s\n", argv[1], argv[2]);
dbm = dbfn_open(argv[1], argv[2], O_RDWR, &dbblock);
if (dbm == NULL) exit(1);
/* Prepare for building file names */
sprintf(CS buffer, "%s/input/", argv[1]);
path_len = Ustrlen(buffer);
/* It appears, by experiment, that it is a bad idea to make changes
to the file while scanning it. Pity the man page doesn't warn you about that.
Therefore, we scan and build a list of all the keys. Then we use that to
read the records and possibly update them. */
key = dbfn_scan(dbm, TRUE, &cursor);
while (key != NULL)
{
key_item *k = store_get(sizeof(key_item) + Ustrlen(key));
k->next = keychain;
keychain = k;
Ustrcpy(k->key, key);
key = dbfn_scan(dbm, FALSE, &cursor);
}
/* Now scan the collected keys and operate on the records, resetting
the store each time round. */
reset_point = store_get(0);
while (keychain != NULL)
{
dbdata_generic *value;
store_reset(reset_point);
key = keychain->key;
keychain = keychain->next;
value = dbfn_read_with_length(dbm, key, NULL);
/* A continuation record may have been deleted or renamed already, so
non-existence is not serious. */
if (value == NULL) continue;
/* Delete if too old */
if (value->time_stamp < oldest)
{
printf("deleted %s (too old)\n", key);
dbfn_delete(dbm, key);
continue;
}
/* Do database-specific tidying for wait databases, and message-
specific tidying for the retry database. */
if (dbdata_type == type_wait)
{
dbdata_wait *wait = (dbdata_wait *)value;
BOOL update = FALSE;
/* Leave corrupt records alone */
if (wait->count > WAIT_NAME_MAX)
{
printf("**** Data for %s corrupted\n count=%d=0x%x max=%d\n",
key, wait->count, wait->count, WAIT_NAME_MAX);
continue;
}
/* Loop for renamed continuation records. For each message id,
check to see if the message exists, and if not, remove its entry
from the record. Because of the possibility of split input directories,
we must look in both possible places for a -D file. */
for (;;)
{
int offset;
int length = wait->count * MESSAGE_ID_LENGTH;
for (offset = length - MESSAGE_ID_LENGTH;
offset >= 0; offset -= MESSAGE_ID_LENGTH)
{
Ustrncpy(buffer+path_len, wait->text + offset, MESSAGE_ID_LENGTH);
sprintf(CS(buffer+path_len + MESSAGE_ID_LENGTH), "-D");
if (Ustat(buffer, &statbuf) != 0)
{
buffer[path_len] = wait->text[offset+5];
buffer[path_len+1] = '/';
Ustrncpy(buffer+path_len+2, wait->text + offset, MESSAGE_ID_LENGTH);
sprintf(CS(buffer+path_len+2 + MESSAGE_ID_LENGTH), "-D");
if (Ustat(buffer, &statbuf) != 0)
{
int left = length - offset - MESSAGE_ID_LENGTH;
if (left > 0) Ustrncpy(wait->text + offset,
wait->text + offset + MESSAGE_ID_LENGTH, left);
wait->count--;
length -= MESSAGE_ID_LENGTH;
update = TRUE;
}
}
}
/* If record is empty and the main record, either delete it or rename
the next continuation, repeating if that is also empty. */
if (wait->count == 0 && Ustrchr(key, ':') == NULL)
{
while (wait->count == 0 && wait->sequence > 0)
{
uschar newkey[256];
dbdata_generic *newvalue;
sprintf(CS newkey, "%s:%d", key, wait->sequence - 1);
newvalue = dbfn_read_with_length(dbm, newkey, NULL);
if (newvalue != NULL)
{
value = newvalue;
wait = (dbdata_wait *)newvalue;
dbfn_delete(dbm, newkey);
printf("renamed %s\n", newkey);
update = TRUE;
}
else wait->sequence--;
}
/* If we have ended up with an empty main record, delete it
and break the loop. Otherwise the new record will be scanned. */
if (wait->count == 0 && wait->sequence == 0)
{
dbfn_delete(dbm, key);
printf("deleted %s (empty)\n", key);
update = FALSE;
break;
}
}
/* If not an empty main record, break the loop */
else break;
}
/* Re-write the record if required */
if (update)
{
printf("updated %s\n", key);
dbfn_write(dbm, key, wait, sizeof(dbdata_wait) +
wait->count * MESSAGE_ID_LENGTH);
}
}
/* If a retry record's key ends with a message-id, check that that message
still exists; if not, remove this record. */
else if (dbdata_type == type_retry)
{
uschar *id;
int len = Ustrlen(key);
if (len < MESSAGE_ID_LENGTH + 1) continue;
id = key + len - MESSAGE_ID_LENGTH - 1;
if (*id++ != ':') continue;
for (i = 0; i < MESSAGE_ID_LENGTH; i++)
{
if (i == 6 || i == 13)
{ if (id[i] != '-') break; }
else
{ if (!isalnum(id[i])) break; }
}
if (i < MESSAGE_ID_LENGTH) continue;
Ustrncpy(buffer + path_len, id, MESSAGE_ID_LENGTH);
sprintf(CS(buffer + path_len + MESSAGE_ID_LENGTH), "-D");
if (Ustat(buffer, &statbuf) != 0)
{
sprintf(CS(buffer + path_len), "%c/%s-D", id[5], id);
if (Ustat(buffer, &statbuf) != 0)
{
dbfn_delete(dbm, key);
printf("deleted %s (no message)\n", key);
}
}
}
}
dbfn_close(dbm);
printf("Tidying complete\n");
return 0;
}
static BOOL
set_up_direct_command(const uschar ***argvptr, uschar *cmd,
BOOL expand_arguments, int expand_fail, address_item *addr, uschar *tname,
pipe_transport_options_block *ob)
{
BOOL permitted = FALSE;
const uschar **argv;
uschar buffer[64];
/* Set up "transport <name>" to be put in any error messages, and then
call the common function for creating an argument list and expanding
the items if necessary. If it fails, this function fails (error information
is in the addresses). */
sprintf(CS buffer, "%.50s transport", tname);
if (!transport_set_up_command(argvptr, cmd, expand_arguments, expand_fail,
addr, buffer, NULL))
return FALSE;
/* Point to the set-up arguments. */
argv = *argvptr;
/* If allow_commands is set, see if the command is in the permitted list. */
if (ob->allow_commands != NULL)
{
int sep = 0;
const uschar *s;
uschar *p;
uschar buffer[256];
if (!(s = expand_string(ob->allow_commands)))
{
addr->transport_return = DEFER;
addr->message = string_sprintf("failed to expand string \"%s\" "
"for %s transport: %s", ob->allow_commands, tname, expand_string_message);
return FALSE;
}
while ((p = string_nextinlist(&s, &sep, buffer, sizeof(buffer))))
if (Ustrcmp(p, argv[0]) == 0) { permitted = TRUE; break; }
}
/* If permitted is TRUE it means the command was found in the allowed list, and
no further checks are done. If permitted = FALSE, it either means
allow_commands wasn't set, or that the command didn't match anything in the
list. In both cases, if restrict_to_path is set, we fail if the command
contains any slashes, but if restrict_to_path is not set, we must fail the
command only if allow_commands is set. */
if (!permitted)
{
if (ob->restrict_to_path)
{
if (Ustrchr(argv[0], '/') != NULL)
{
addr->transport_return = FAIL;
addr->message = string_sprintf("\"/\" found in \"%s\" (command for %s "
"transport) - failed for security reasons", cmd, tname);
return FALSE;
}
}
else if (ob->allow_commands != NULL)
{
addr->transport_return = FAIL;
addr->message = string_sprintf("\"%s\" command not permitted by %s "
"transport", argv[0], tname);
return FALSE;
}
}
/* If the command is not an absolute path, search the PATH directories
for it. */
if (argv[0][0] != '/')
{
int sep = 0;
uschar *p;
const uschar *listptr = ob->path;
uschar buffer[1024];
while ((p = string_nextinlist(&listptr, &sep, buffer, sizeof(buffer))) != NULL)
{
struct stat statbuf;
sprintf(CS big_buffer, "%.256s/%.256s", p, argv[0]);
if (Ustat(big_buffer, &statbuf) == 0)
{
argv[0] = string_copy(big_buffer);
break;
}
}
if (p == NULL)
{
addr->transport_return = FAIL;
addr->message = string_sprintf("\"%s\" command not found for %s transport",
argv[0], tname);
return FALSE;
}
}
return TRUE;
}
int auth_dovecot_server(auth_instance *ablock, uschar *data)
{
auth_dovecot_options_block *ob =
(auth_dovecot_options_block *)(ablock->options_block);
struct sockaddr_un sa;
uschar buffer[4096];
uschar *args[8];
uschar *auth_command;
uschar *auth_extra_data = US"";
int nargs, tmp;
int cuid = 0, cont = 1, found = 0, fd, ret = DEFER;
HDEBUG(D_auth) debug_printf("dovecot authentication\n");
memset(&sa, 0, sizeof(sa));
sa.sun_family = AF_UNIX;
/* This was the original code here: it is nonsense because strncpy()
does not return an integer. I have converted this to use the function
that formats and checks length. PH */
/*
if (strncpy(sa.sun_path, ob->server_socket, sizeof(sa.sun_path)) < 0) {
*/
if (!string_format(US sa.sun_path, sizeof(sa.sun_path), "%s",
ob->server_socket)) {
auth_defer_msg = US"authentication socket path too long";
return DEFER;
}
auth_defer_msg = US"authentication socket connection error";
fd = socket(PF_UNIX, SOCK_STREAM, 0);
if (fd < 0)
return DEFER;
if (connect(fd, (struct sockaddr *) &sa, sizeof(sa)) < 0)
goto out;
auth_defer_msg = US"authentication socket protocol error";
sbp = 0; /* Socket buffer pointer */
while (cont) {
if (dc_gets(buffer, sizeof(buffer), fd) == NULL)
OUT("authentication socket read error or premature eof");
buffer[Ustrlen(buffer) - 1] = 0;
HDEBUG(D_auth) debug_printf("received: %s\n", buffer);
nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0]));
/* Code below rewritten by Kirill Miazine ([email protected]). Only check commands that
Exim will need. Original code also failed if Dovecot server sent unknown
command. E.g. COOKIE in version 1.1 of the protocol would cause troubles. */
if (Ustrcmp(args[0], US"CUID") == 0) {
CHECK_COMMAND("CUID", 1, 1);
cuid = Uatoi(args[1]);
} else if (Ustrcmp(args[0], US"VERSION") == 0) {
CHECK_COMMAND("VERSION", 2, 2);
if (Uatoi(args[1]) != VERSION_MAJOR)
OUT("authentication socket protocol version mismatch");
} else if (Ustrcmp(args[0], US"MECH") == 0) {
CHECK_COMMAND("MECH", 1, INT_MAX);
if (strcmpic(US args[1], ablock->public_name) == 0)
found = 1;
} else if (Ustrcmp(args[0], US"DONE") == 0) {
CHECK_COMMAND("DONE", 0, 0);
cont = 0;
}
}
if (!found)
goto out;
/* Added by PH: data must not contain tab (as it is
b64 it shouldn't, but check for safety). */
if (Ustrchr(data, '\t') != NULL) {
ret = FAIL;
goto out;
}
/* Added by PH: extra fields when TLS is in use or if the TCP/IP
connection is local. */
if (tls_cipher != NULL)
auth_extra_data = string_sprintf("secured\t%s%s",
tls_certificate_verified? "valid-client-cert" : "",
tls_certificate_verified? "\t" : "");
else if (interface_address != NULL &&
Ustrcmp(sender_host_address, interface_address) == 0)
auth_extra_data = US"secured\t";
/****************************************************************************
The code below was the original code here. It didn't work. A reading of the
file auth-protocol.txt.gz that came with Dovecot 1.0_beta8 indicated that
this was not right. Maybe something changed. I changed it to move the
service indication into the AUTH command, and it seems to be better. PH
fprintf(f, "VERSION\t%d\t%d\r\nSERVICE\tSMTP\r\nCPID\t%d\r\n"
"AUTH\t%d\t%s\trip=%s\tlip=%s\tresp=%s\r\n",
VERSION_MAJOR, VERSION_MINOR, getpid(), cuid,
ablock->public_name, sender_host_address, interface_address,
data ? (char *) data : "");
Subsequently, the command was modified to add "secured" and "valid-client-
cert" when relevant.
The auth protocol is documented here:
http://wiki.dovecot.org/Authentication_Protocol
****************************************************************************/
auth_command = string_sprintf("VERSION\t%d\t%d\nCPID\t%d\n"
"AUTH\t%d\t%s\tservice=smtp\t%srip=%s\tlip=%s\tnologin\tresp=%s\n",
VERSION_MAJOR, VERSION_MINOR, getpid(), cuid,
ablock->public_name, auth_extra_data, sender_host_address,
interface_address, data ? (char *) data : "");
if (write(fd, auth_command, Ustrlen(auth_command)) < 0)
HDEBUG(D_auth) debug_printf("error sending auth_command: %s\n",
strerror(errno));
HDEBUG(D_auth) debug_printf("sent: %s", auth_command);
while (1) {
uschar *temp;
uschar *auth_id_pre = NULL;
int i;
if (dc_gets(buffer, sizeof(buffer), fd) == NULL) {
auth_defer_msg = US"authentication socket read error or premature eof";
goto out;
}
buffer[Ustrlen(buffer) - 1] = 0;
HDEBUG(D_auth) debug_printf("received: %s\n", buffer);
nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0]));
if (Uatoi(args[1]) != cuid)
OUT("authentication socket connection id mismatch");
switch (toupper(*args[0])) {
case 'C':
CHECK_COMMAND("CONT", 1, 2);
tmp = auth_get_no64_data(&data, US args[2]);
if (tmp != OK) {
ret = tmp;
goto out;
}
/* Added by PH: data must not contain tab (as it is
b64 it shouldn't, but check for safety). */
if (Ustrchr(data, '\t') != NULL) {
ret = FAIL;
goto out;
}
temp = string_sprintf("CONT\t%d\t%s\n", cuid, data);
if (write(fd, temp, Ustrlen(temp)) < 0)
OUT("authentication socket write error");
break;
case 'F':
CHECK_COMMAND("FAIL", 1, -1);
for (i=2; (i<nargs) && (auth_id_pre == NULL); i++)
{
if ( Ustrncmp(args[i], US"user="******"OK", 2, -1);
/*
* Search for the "user=$USER" string in the args array
* and return the proper value.
*/
for (i=2; (i<nargs) && (auth_id_pre == NULL); i++)
{
if ( Ustrncmp(args[i], US"user="******"authentication socket protocol error, username missing");
ret = OK;
/* fallthrough */
default:
goto out;
}
}
out:
/* close the socket used by dovecot */
if (fd >= 0)
close(fd);
/* Expand server_condition as an authorization check */
return (ret == OK)? auth_check_serv_cond(ablock) : ret;
}
