string_sprintf("response to \"%s\" was: %s",
big_buffer, string_printing(sx.buffer));
+ /* RFC 5321 section 4.2: the text portion of the response may have only
+ HT, SP, Printable US-ASCII. Deal with awkward chars by cutting the
+ received message off before passing it onward. Newlines are ok; they
+ just become a multiline response (but wrapped in the error code we
+ produce). */
+
+ for (uschar * s = sx.buffer;
+ *s && s < sx.buffer + sizeof(sx.buffer);
+ s++)
+ {
+ uschar c = *s;
+ if (c != '\t' && c != '\n' && (c < ' ' || c > '~'))
+ {
+ if (s - sx.buffer < sizeof(sx.buffer) - 12)
+ memcpy(s, "(truncated)", 12);
+ else
+ *s = '\0';
+ break;
+ }
+ }
addr->user_message = options & vopt_is_recipient
? string_sprintf("Callout verification failed:\n%s", sx.buffer)
: string_sprintf("Called: %s\nSent: %s\nResponse: %s",
/* Come here from within the cache-reading code on fast-track exit. */
END_CALLOUT:
-tls_modify_variables(&tls_in);
+tls_modify_variables(&tls_in); /* return variables to inbound values */
return yield;
}
out:
verify_mode = NULL;
-tls_modify_variables(&tls_in);
+tls_modify_variables(&tls_in); /* return variables to inbound values */
return yield;
}
if ((*s < 33) || (*s > 126))
{
*msgptr = string_sprintf("Invalid character in header \"%.*s\" found",
- colon - h->text, h->text);
+ (int)(colon - h->text), h->text);
return FAIL;
}
}
uschar *prepend, uschar *iplist, BOOL bitmask, int match_type,
int defer_return)
{
-dns_answer dnsa;
+dns_answer * dnsa = store_get_dns_answer();
dns_scan dnss;
tree_node *t;
dnsbl_cache_block *cb;
/* Do the DNS lookup . */
HDEBUG(D_dnsbl) debug_printf("new DNS lookup for %s\n", query);
- cb->rc = dns_basic_lookup(&dnsa, query, T_A);
+ cb->rc = dns_basic_lookup(dnsa, query, T_A);
cb->text_set = FALSE;
cb->text = NULL;
cb->rhs = NULL;
if (cb->rc == DNS_SUCCEED)
{
dns_address ** addrp = &(cb->rhs);
- for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
- rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
+ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
+ rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == T_A)
{
- dns_address *da = dns_address_from_rr(&dnsa, rr);
+ dns_address *da = dns_address_from_rr(dnsa, rr);
if (da)
{
*addrp = da;
if (!cb->text_set)
{
cb->text_set = TRUE;
- if (dns_basic_lookup(&dnsa, query, T_TXT) == DNS_SUCCEED)
- for (dns_record * rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); rr;
- rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT))
+ if (dns_basic_lookup(dnsa, query, T_TXT) == DNS_SUCCEED)
+ for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
+ rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
if (rr->type == T_TXT)
{
int len = (rr->data)[0];