/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/* Code for handling Access Control Lists (ACLs) */
},
[ACLC_ENCRYPTED] = { US"encrypted", FALSE, FALSE,
ACL_BIT_NOTSMTP | ACL_BIT_NOTSMTP_START |
- ACL_BIT_HELO,
+ ACL_BIT_CONNECT
},
[ACLC_ENDPASS] = { US"endpass", TRUE, TRUE, 0 },
g = string_append_listele_n(g, '\n', h->text, i);
}
-return g ? g->s : NULL;
+return string_from_gstring(g);
}
+static BOOL
+sender_helo_verified_internal(void)
+{
+/* We can test the result of optional HELO verification that might have
+occurred earlier. If not, we can attempt the verification now. */
+
+if (!f.helo_verified && !f.helo_verify_failed) smtp_verify_helo();
+return f.helo_verified;
+}
+
+static int
+sender_helo_verified_cond(void)
+{
+return sender_helo_verified_internal() ? OK : FAIL;
+}
+
+uschar *
+sender_helo_verified_boolstr(void)
+{
+return sender_helo_verified_internal() ? US"yes" : US"no";
+}
+
+
+
/* This function implements the "verify" condition. It is called when
encountered in any ACL, because some tests are almost always permitted. Some
just don't make sense, and always fail (for example, an attempt to test a host
return FAIL;
case VERIFY_HELO:
- /* We can test the result of optional HELO verification that might have
- occurred earlier. If not, we can attempt the verification now. */
-
- if (!f.helo_verified && !f.helo_verify_failed) smtp_verify_helo();
- return f.helo_verified ? OK : FAIL;
+ return sender_helo_verified_cond();
case VERIFY_CSA:
/* Do Client SMTP Authorization checks in a separate function, and turn the
anchor = NULL; /* silence an "unused" complaint */
log_write(0, LOG_MAIN|LOG_PANIC_DIE,
"internal ACL error: unknown ratelimit mode %d", mode);
+ /*NOTREACHED*/
break;
}
address_item *addr, int level, BOOL *epp, uschar **user_msgptr,
uschar **log_msgptr, int *basic_errno)
{
-uschar *user_message = NULL;
-uschar *log_message = NULL;
+uschar * user_message = NULL;
+uschar * log_message = NULL;
int rc = OK;
-#ifdef WITH_CONTENT_SCAN
-int sep = -'/';
-#endif
for (; cb; cb = cb->next)
{
break;
}
- #ifdef EXPERIMENTAL_DCC
+#ifdef EXPERIMENTAL_DCC
case ACLC_DCC:
{
/* Separate the regular expression and any optional parameters. */
const uschar * list = arg;
- uschar *ss = string_nextinlist(&list, &sep, NULL, 0);
+ int sep = -'/';
+ uschar * ss = string_nextinlist(&list, &sep, NULL, 0);
/* Run the dcc backend. */
rc = dcc_process(&ss);
/* Modify return code based upon the existence of options. */
rc = FAIL; /* FAIL so that the message is passed to the next ACL */
break;
}
- #endif
+#endif
- #ifdef WITH_CONTENT_SCAN
+#ifdef WITH_CONTENT_SCAN
case ACLC_DECODE:
rc = mime_decode(&arg);
break;
- #endif
+#endif
case ACLC_DELAY:
{
if (!f.dmarc_has_been_checked)
dmarc_process();
f.dmarc_has_been_checked = TRUE;
+
/* used long way of dmarc_exim_expand_query() in case we need more
- * view into the process in the future. */
+ view into the process in the future. */
rc = match_isinlist(dmarc_exim_expand_query(DMARC_VERIFY_STATUS),
&arg, 0, NULL, NULL, MCL_STRING, TRUE, NULL);
break;
case ACLC_LOG_REJECT_TARGET:
{
- int logbits = 0;
- int sep = 0;
- const uschar *s = arg;
- uschar * ss;
- while ((ss = string_nextinlist(&s, &sep, NULL, 0)))
+ int logbits = 0, sep = 0;
+ const uschar * s = arg;
+
+ for (uschar * ss; ss = string_nextinlist(&s, &sep, NULL, 0); )
{
if (Ustrcmp(ss, "main") == 0) logbits |= LOG_MAIN;
else if (Ustrcmp(ss, "panic") == 0) logbits |= LOG_PANIC;
break;
}
- #ifdef WITH_CONTENT_SCAN
+#ifdef WITH_CONTENT_SCAN
case ACLC_MALWARE: /* Run the malware backend. */
{
/* Separate the regular expression and any optional parameters. */
const uschar * list = arg;
- uschar * ss = string_nextinlist(&list, &sep, NULL, 0);
- uschar * opt;
BOOL defer_ok = FALSE;
- int timeout = 0;
+ int timeout = 0, sep = -'/';
+ uschar * ss = string_nextinlist(&list, &sep, NULL, 0);
- while ((opt = string_nextinlist(&list, &sep, NULL, 0)))
+ for (uschar * opt; opt = string_nextinlist(&list, &sep, NULL, 0); )
if (strcmpic(opt, US"defer_ok") == 0)
defer_ok = TRUE;
else if ( strncmpic(opt, US"tmo=", 4) == 0
case ACLC_MIME_REGEX:
rc = mime_regex(&arg, textonly);
break;
- #endif
+#endif
case ACLC_QUEUE:
if (is_tainted(arg))
{
/* Separate the regular expression and any optional parameters. */
const uschar * list = arg;
- uschar *ss = string_nextinlist(&list, &sep, NULL, 0);
+ int sep = -'/';
+ uschar * ss = string_nextinlist(&list, &sep, NULL, 0);
rc = spam(CUSS &ss);
/* Modify return code based upon the existence of options. */