* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 - 2021 */
/* See the file NOTICE for conditions of use and distribution. */
/* Functions concerned with verifying things. The original code for callout
}
+
+
+/* A rcpt callout, or cached record of one, verified the address.
+Set $domain_data and $local_part_data to detainted versions.
+*/
+static void
+callout_verified_rcpt(const address_item * addr)
+{
+address_item a = {.address = addr->address};
+if (deliver_split_address(&a) != OK) return;
+deliver_localpart_data = string_copy_taint(a.local_part, GET_UNTAINTED);
+deliver_domain_data = string_copy_taint(a.domain, GET_UNTAINTED);
+}
+
+
/*************************************************
* Do callout verification for an address *
*************************************************/
sx->conn_args.interface = interface;
sx->helo_data = tf->helo_data;
sx->conn_args.tblock = addr->transport;
+ sx->conn_args.sock = -1;
sx->verify = TRUE;
tls_retry_connection:
#ifndef DISABLE_TLS
deliver_set_expansions(NULL);
#endif
+ if ( options & vopt_is_recipient
+ && rc == OK
+ /* set to "random", with OK, for an accepted random */
+ && !recipient_verify_failure
+ )
+ callout_verified_rcpt(addr);
}
}
else if (local_verify)
if (n > 4)
save_errno = (buf[1] << 24) | (buf[2] << 16) | (buf[3] << 8) | buf[4];
if ((recipient_verify_failure = n > 5
- ? string_copyn_taint(buf+5, n-5, FALSE) : NULL))
+ ? string_copyn_taint(buf+5, n-5, GET_UNTAINTED) : NULL))
{
int m;
s = buf + 5 + Ustrlen(recipient_verify_failure) + 1;
m = n - (s - buf);
acl_verify_message = *msg =
- m > 0 ? string_copyn_taint(s, m, FALSE) : NULL;
+ m > 0 ? string_copyn_taint(s, m, GET_UNTAINTED) : NULL;
}
DEBUG(D_verify) debug_printf_indent("verify call response:"