diff options
Diffstat (limited to 'src/match.c')
-rw-r--r-- | src/match.c | 1354 |
1 files changed, 1354 insertions, 0 deletions
diff --git a/src/match.c b/src/match.c new file mode 100644 index 0000000..dfb4b51 --- /dev/null +++ b/src/match.c @@ -0,0 +1,1354 @@ +/************************************************* +* Exim - an Internet mail transport agent * +*************************************************/ + +/* Copyright (c) University of Cambridge 1995 - 2018 */ +/* Copyright (c) The Exim Maintainers 2020 */ +/* See the file NOTICE for conditions of use and distribution. */ + +/* Functions for matching strings */ + + +#include "exim.h" + + +/* Argument block for the check_string() function. This is used for general +strings, domains, and local parts. */ + +typedef struct check_string_block { + const uschar *origsubject; /* caseful; keep these two first, in */ + const uschar *subject; /* step with the block below */ + int expand_setup; + BOOL use_partial; + BOOL caseless; + BOOL at_is_special; +} check_string_block; + + +/* Argument block for the check_address() function. This is used for whole +addresses. */ + +typedef struct check_address_block { + const uschar *origaddress; /* caseful; keep these two first, in */ + uschar *address; /* step with the block above */ + int expand_setup; + BOOL caseless; +} check_address_block; + + + +/************************************************* +* Generalized string match * +*************************************************/ + +/* This function does a single match of a subject against a pattern, and +optionally sets up the numeric variables according to what it matched. It is +called from match_isinlist() via match_check_list() when scanning a list, and +from match_check_string() when testing just a single item. The subject and +options arguments are passed in a check_string_block so as to make it easier to +pass them through match_check_list. + +The possible types of pattern are: + + . regular expression - starts with ^ + . tail match - starts with * + . lookup - starts with search type + . if at_is_special is set in the argument block: + @ matches the primary host name + @[] matches a local IP address in brackets + @mx_any matches any domain with an MX to the local host + @mx_primary matches any domain with a primary MX to the local host + @mx_secondary matches any domain with a secondary MX to the local host + . literal - anything else + +Any of the @mx_xxx options can be followed by "/ignore=<list>" where <list> is +a list of IP addresses that are to be ignored (typically 127.0.0.1). + +Arguments: + arg check_string_block pointer - see below + pattern the pattern to be matched + valueptr if not NULL, and a lookup is done, return the result here + instead of discarding it; else set it to point to NULL + error for error messages (not used in this function; it never + returns ERROR) + +Contents of the argument block: + origsubject the subject in its original casing + subject the subject string to be checked, lowercased if caseless + expand_setup if < 0, don't set up any numeric expansion variables; + if = 0, set $0 to whole subject, and either + $1 to what matches * or + $1, $2, ... to r.e. bracketed items + if > 0, don't set $0, but do set either + $n to what matches *, or + $n, $n+1, ... to r.e. bracketed items + (where n = expand_setup) + use_partial if FALSE, override any partial- search types + caseless TRUE for caseless matching where possible + at_is_special enable special handling of items starting with @ + +Returns: OK if matched + FAIL if not matched + DEFER if lookup deferred +*/ + +static int +check_string(void *arg, const uschar *pattern, const uschar **valueptr, uschar **error) +{ +const check_string_block *cb = arg; +int search_type, partial, affixlen, starflags; +int expand_setup = cb->expand_setup; +const uschar * affix, * opts; +uschar *s; +uschar *filename = NULL; +uschar *keyquery, *result, *semicolon; +void *handle; + +error = error; /* Keep clever compilers from complaining */ + +if (valueptr) *valueptr = NULL; + +/* For regular expressions, use cb->origsubject rather than cb->subject so that +it works if the pattern uses (?-i) to turn off case-independence, overriding +"caseless". */ + +s = string_copy(pattern[0] == '^' ? cb->origsubject : cb->subject); + +/* If required to set up $0, initialize the data but don't turn on by setting +expand_nmax until the match is assured. */ + +expand_nmax = -1; +if (expand_setup == 0) + { + expand_nstring[0] = s; /* $0 (might be) the matched subject in full */ + expand_nlength[0] = Ustrlen(s); + } +else if (expand_setup > 0) expand_setup--; + +/* Regular expression match: compile, match, and set up $ variables if +required. */ + +if (pattern[0] == '^') + { + const pcre * re = regex_must_compile(pattern, cb->caseless, FALSE); + if (expand_setup < 0 + ? pcre_exec(re, NULL, CCS s, Ustrlen(s), 0, PCRE_EOPT, NULL, 0) < 0 + : !regex_match_and_setup(re, s, 0, expand_setup) + ) + return FAIL; + if (valueptr) *valueptr = pattern; /* "value" gets the RE */ + return OK; + } + +/* Tail match */ + +if (pattern[0] == '*') + { + int slen = Ustrlen(s); + int patlen; /* Sun compiler doesn't like non-constant initializer */ + + patlen = Ustrlen(++pattern); + if (patlen > slen) return FAIL; + if (cb->caseless + ? strncmpic(s + slen - patlen, pattern, patlen) != 0 + : Ustrncmp(s + slen - patlen, pattern, patlen) != 0) + return FAIL; + if (expand_setup >= 0) + { + expand_nstring[++expand_setup] = s; /* write a $n, the matched subject variable-part */ + expand_nlength[expand_setup] = slen - patlen; + expand_nmax = expand_setup; /* commit also $0, the matched subject */ + } + if (valueptr) *valueptr = pattern - 1; /* "value" gets the (original) pattern */ + return OK; + } + +/* Match a special item starting with @ if so enabled. On its own, "@" matches +the primary host name - implement this by changing the pattern. For the other +cases we have to do some more work. If we don't recognize a special pattern, +just fall through - the match will fail. */ + +if (cb->at_is_special && pattern[0] == '@') + { + if (pattern[1] == 0) + { + pattern = primary_hostname; + goto NOT_AT_SPECIAL; /* Handle as exact string match */ + } + + if (Ustrcmp(pattern, "@[]") == 0) + { + int slen = Ustrlen(s); + if (s[0] != '[' && s[slen-1] != ']') return FAIL; /*XXX should this be || ? */ + for (ip_address_item * ip = host_find_interfaces(); ip; ip = ip->next) + if (Ustrncmp(ip->address, s+1, slen - 2) == 0 + && ip->address[slen - 2] == 0) + { + if (expand_setup >= 0) expand_nmax = expand_setup; /* commit $0, the IP addr */ + if (valueptr) *valueptr = pattern; /* "value" gets the pattern */ + return OK; + } + return FAIL; + } + + if (strncmpic(pattern, US"@mx_", 4) == 0) + { + int rc; + host_item h; + BOOL prim = FALSE; + BOOL secy = FALSE; + BOOL removed = FALSE; + const uschar *ss = pattern + 4; + const uschar *ignore_target_hosts = NULL; + + if (strncmpic(ss, US"any", 3) == 0) ss += 3; + else if (strncmpic(ss, US"primary", 7) == 0) + { + ss += 7; + prim = TRUE; + } + else if (strncmpic(ss, US"secondary", 9) == 0) + { + ss += 9; + secy = TRUE; + } + else goto NOT_AT_SPECIAL; + + if (strncmpic(ss, US"/ignore=", 8) == 0) ignore_target_hosts = ss + 8; + else if (*ss) goto NOT_AT_SPECIAL; + + h.next = NULL; + h.name = s; + h.address = NULL; + + rc = host_find_bydns(&h, + ignore_target_hosts, + HOST_FIND_BY_MX, /* search only for MX, not SRV or A */ + NULL, /* service name not relevant */ + NULL, /* srv_fail_domains not relevant */ + NULL, /* mx_fail_domains not relevant */ + NULL, /* no dnssec request/require XXX ? */ + NULL, /* no feedback FQDN */ + &removed); /* feedback if local removed */ + + if (rc == HOST_FIND_AGAIN) + { + search_error_message = string_sprintf("DNS lookup of \"%s\" deferred", s); + return DEFER; + } + + if ((rc != HOST_FOUND_LOCAL || secy) && (prim || !removed)) + return FAIL; + + if (expand_setup >= 0) expand_nmax = expand_setup; /* commit $0, the matched subject */ + if (valueptr) *valueptr = pattern; /* "value" gets the patterm */ + return OK; + + /*** The above line used to be the following line, but this is incorrect, + because host_find_bydns() may return HOST_NOT_FOUND if it removed some MX + hosts, but the remaining ones were non-existent. All we are interested in + is whether or not it removed some hosts. + + return (rc == HOST_FOUND && removed)? OK : FAIL; + ***/ + } + } + +/* Escape point from code for specials that start with "@" */ + +NOT_AT_SPECIAL: + +/* This is an exact string match if there is no semicolon in the pattern. */ + +if ((semicolon = Ustrchr(pattern, ';')) == NULL) + { + if (cb->caseless ? strcmpic(s, pattern) != 0 : Ustrcmp(s, pattern) != 0) + return FAIL; + if (expand_setup >= 0) expand_nmax = expand_setup; /* Original code! $0 gets the matched subject */ + if (valueptr) *valueptr = pattern; /* "value" gets the pattern */ + return OK; + } + +/* Otherwise we have a lookup item. The lookup type, including partial, etc. is +the part of the string preceding the semicolon. */ + +*semicolon = 0; +search_type = search_findtype_partial(pattern, &partial, &affix, &affixlen, + &starflags, &opts); +*semicolon = ';'; +if (search_type < 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", + search_error_message); + +/* Partial matching is not appropriate for certain lookups (e.g. when looking +up user@domain for sender rejection). There's a flag to disable it. */ + +if (!cb->use_partial) partial = -1; + +/* Set the parameters for the three different kinds of lookup. */ + +keyquery = semicolon + 1; +Uskip_whitespace(&keyquery); + +if (mac_islookup(search_type, lookup_absfilequery)) + { + filename = keyquery; + while (*keyquery && !isspace(*keyquery)) keyquery++; + filename = string_copyn(filename, keyquery - filename); + Uskip_whitespace(&keyquery); + } + +else if (!mac_islookup(search_type, lookup_querystyle)) + { + filename = keyquery; + keyquery = s; + } + +/* Now do the actual lookup; throw away the data returned unless it was asked +for; partial matching is all handled inside search_find(). Note that there is +no search_close() because of the caching arrangements. */ + +if (!(handle = search_open(filename, search_type, 0, NULL, NULL))) + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", search_error_message); +result = search_find(handle, filename, keyquery, partial, affix, affixlen, + starflags, &expand_setup, opts); + +if (!result) return f.search_find_defer ? DEFER : FAIL; +if (valueptr) *valueptr = result; + +expand_nmax = expand_setup; +return OK; +} + + + +/************************************************* +* Public interface to check_string() * +*************************************************/ + +/* This function is called from several places where is it most convenient to +pass the arguments individually. It places them in a check_string_block +structure, and then calls check_string(). + +Arguments: + s the subject string to be checked + pattern the pattern to check it against + expand_setup expansion setup option (see check_string()) + use_partial if FALSE, override any partial- search types + caseless TRUE for caseless matching where possible + at_is_special TRUE to recognize @, @[], etc. + valueptr if not NULL, and a file lookup was done, return the result + here instead of discarding it; else set it to point to NULL + +Returns: OK if matched + FAIL if not matched + DEFER if lookup deferred +*/ + +int +match_check_string(const uschar *s, const uschar *pattern, int expand_setup, + BOOL use_partial, BOOL caseless, BOOL at_is_special, const uschar **valueptr) +{ +check_string_block cb; +cb.origsubject = s; +cb.subject = caseless ? string_copylc(s) : string_copy(s); +cb.expand_setup = expand_setup; +cb.use_partial = use_partial; +cb.caseless = caseless; +cb.at_is_special = at_is_special; +return check_string(&cb, pattern, valueptr, NULL); +} + + + +/************************************************* +* Get key string from check block * +*************************************************/ + +/* When caching the data from a lookup for a named list, we have to save the +key that was found, because other lookups of different keys on the same list +may occur. This function has knowledge of the different lookup types, and +extracts the appropriate key. + +Arguments: + arg the check block + type MCL_STRING, MCL_DOMAIN, MCL_HOST, MCL_ADDRESS, or MCL_LOCALPART +*/ + +static const uschar * +get_check_key(void *arg, int type) +{ +switch(type) + { + case MCL_STRING: + case MCL_DOMAIN: + case MCL_LOCALPART: + return ((check_string_block *)arg)->subject; + + case MCL_HOST: + return ((check_host_block *)arg)->host_address; + + case MCL_ADDRESS: + return ((check_address_block *)arg)->address; + } +return US""; /* In practice, should never happen */ +} + + + +/************************************************* +* Scan list and run matching function * +*************************************************/ + +/* This function scans a list of patterns, and runs a matching function for +each item in the list. It is called from the functions that match domains, +local parts, hosts, and addresses, because its overall structure is the same in +all cases. However, the details of each particular match is different, so it +calls back to a given function do perform an actual match. + +We can't quite keep the different types anonymous here because they permit +different special cases. A pity. + +If a list item starts with !, that implies negation if the subject matches the +rest of the item (ignoring white space after the !). The result when the end of +the list is reached is FALSE unless the last item on the list is negated, in +which case it is TRUE. A file name in the list causes its lines to be +interpolated as if items in the list. An item starting with + is a named +sublist, obtained by searching the tree pointed to by anchorptr, with possible +cached match results in cache_bits. + +Arguments: + listptr pointer to the pointer to the list + sep separator character for string_nextinlist(); + normally zero for a standard list; + sometimes UCHAR_MAX+1 for single items; + anchorptr -> tree of named items, or NULL if no named items + cache_ptr pointer to pointer to cache bits for named items, or + pointer to NULL if not caching; may get set NULL if an + uncacheable named list is encountered + func function to call back to do one test + arg pointer to pass to the function; the string to be matched is + in the structure it points to + type MCL_STRING, MCL_DOMAIN, MCL_HOST, MCL_ADDRESS, or MCL_LOCALPART + these are used for some special handling + MCL_NOEXPAND (whose value is greater than any of them) may + be added to any value to suppress expansion of the list + name string to use in debugging info + valueptr where to pass back data from a lookup + +Returns: OK if matched a non-negated item + OK if hit end of list after a negated item + FAIL if expansion force-failed + FAIL if matched a negated item + FAIL if hit end of list after a non-negated item + DEFER if a something deferred or expansion failed +*/ + +int +match_check_list(const uschar **listptr, int sep, tree_node **anchorptr, + unsigned int **cache_ptr, int (*func)(void *,const uschar *,const uschar **,uschar **), + void *arg, int type, const uschar *name, const uschar **valueptr) +{ +int yield = OK; +unsigned int *original_cache_bits = *cache_ptr; +BOOL include_unknown = FALSE; +BOOL ignore_unknown = FALSE; +BOOL include_defer = FALSE; +BOOL ignore_defer = FALSE; +const uschar *list; +uschar *sss; +uschar *ot = NULL; + +/* Save time by not scanning for the option name when we don't need it. */ + +HDEBUG(D_any) + { + uschar *listname = readconf_find_option(listptr); + if (listname[0] != 0) ot = string_sprintf("%s in %s?", name, listname); + } + +/* If the list is empty, the answer is no. Skip the debugging output for +an unnamed list. */ + +if (!*listptr) + { + HDEBUG(D_lists) if (ot) debug_printf("%s no (option unset)\n", ot); + return FAIL; + } + +/* Expand the list before we scan it. A forced expansion gives the answer +"not in list"; other expansion errors cause DEFER to be returned. However, +if the type value is greater than or equal to than MCL_NOEXPAND, do not expand +the list. */ + +if (type >= MCL_NOEXPAND) + { + list = *listptr; + type -= MCL_NOEXPAND; /* Remove the "no expand" flag */ + } +else + { + /* If we are searching a domain list, and $domain is not set, set it to the + subject that is being sought for the duration of the expansion. */ + + if (type == MCL_DOMAIN && !deliver_domain) + { + check_string_block *cb = (check_string_block *)arg; + deliver_domain = string_copy(cb->subject); + list = expand_cstring(*listptr); + deliver_domain = NULL; + } + else + list = expand_cstring(*listptr); + + if (!list) + { + if (f.expand_string_forcedfail) + { + HDEBUG(D_lists) debug_printf("expansion of \"%s\" forced failure: " + "assume not in this list\n", *listptr); + return FAIL; + } + log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand \"%s\" while checking " + "a list: %s", *listptr, expand_string_message); + return DEFER; + } + } + +/* For an unnamed list, use the expanded version in comments */ + +HDEBUG(D_any) if (!ot) ot = string_sprintf("%s in \"%s\"?", name, list); + +/* Now scan the list and process each item in turn, until one of them matches, +or we hit an error. */ + +while ((sss = string_nextinlist(&list, &sep, NULL, 0))) + { + uschar * ss = sss; + + /* Address lists may contain +caseful, to restore caseful matching of the + local part. We have to know the layout of the control block, unfortunately. + The lower cased address is in a temporary buffer, so we just copy the local + part back to the start of it (if a local part exists). */ + + if (type == MCL_ADDRESS) + { + if (Ustrcmp(ss, "+caseful") == 0) + { + check_address_block *cb = (check_address_block *)arg; + uschar *at = Ustrrchr(cb->origaddress, '@'); + + if (at) + Ustrncpy(cb->address, cb->origaddress, at - cb->origaddress); + cb->caseless = FALSE; + continue; + } + } + + /* Similar processing for local parts */ + + else if (type == MCL_LOCALPART) + { + if (Ustrcmp(ss, "+caseful") == 0) + { + check_string_block *cb = (check_string_block *)arg; + Ustrcpy(US cb->subject, cb->origsubject); + cb->caseless = FALSE; + continue; + } + } + + /* If the host item is "+include_unknown" or "+ignore_unknown", remember it + in case there's a subsequent failed reverse lookup. There is similar + processing for "defer". */ + + else if (type == MCL_HOST && *ss == '+') + { + if (Ustrcmp(ss, "+include_unknown") == 0) + { + include_unknown = TRUE; + ignore_unknown = FALSE; + continue; + } + if (Ustrcmp(ss, "+ignore_unknown") == 0) + { + ignore_unknown = TRUE; + include_unknown = FALSE; + continue; + } + if (Ustrcmp(ss, "+include_defer") == 0) + { + include_defer = TRUE; + ignore_defer = FALSE; + continue; + } + if (Ustrcmp(ss, "+ignore_defer") == 0) + { + ignore_defer = TRUE; + include_defer = FALSE; + continue; + } + } + + /* Starting with ! specifies a negative item. It is theoretically possible + for a local part to start with !. In that case, a regex has to be used. */ + + if (*ss == '!') + { + yield = FAIL; + while (isspace((*(++ss)))); + } + else + yield = OK; + + /* If the item does not begin with '/', it might be a + item for a named + list. Otherwise, it is just a single list entry that has to be matched. + We recognize '+' only when supplied with a tree of named lists. */ + + if (*ss != '/') + { + if (*ss == '+' && anchorptr) + { + int bits = 0; + int offset = 0; + int shift = 0; + unsigned int *use_cache_bits = original_cache_bits; + uschar *cached = US""; + namedlist_block *nb; + tree_node * t; + + if (!(t = tree_search(*anchorptr, ss+1))) + { + log_write(0, LOG_MAIN|LOG_PANIC, "unknown named%s list \"%s\"", + type == MCL_DOMAIN ? " domain" : + type == MCL_HOST ? " host" : + type == MCL_ADDRESS ? " address" : + type == MCL_LOCALPART ? " local part" : "", + ss); + return DEFER; + } + nb = t->data.ptr; + + /* If the list number is negative, it means that this list is not + cacheable because it contains expansion items. */ + + if (nb->number < 0) use_cache_bits = NULL; + + /* If we have got a cache pointer, get the bits. This is not an "else" + because the pointer may be NULL from the start if caching is not + required. */ + + if (use_cache_bits) + { + offset = (nb->number)/16; + shift = ((nb->number)%16)*2; + bits = use_cache_bits[offset] & (3 << shift); + } + + /* Not previously tested or no cache - run the full test */ + + if (bits == 0) + { + switch (match_check_list(&(nb->string), 0, anchorptr, &use_cache_bits, + func, arg, type, name, valueptr)) + { + case OK: bits = 1; break; + case FAIL: bits = 3; break; + case DEFER: goto DEFER_RETURN; + } + + /* If this list was uncacheable, or a sublist turned out to be + uncacheable, the value of use_cache_bits will now be NULL, even if it + wasn't before. Ensure that this is passed up to the next level. + Otherwise, remember the result of the search in the cache. */ + + if (!use_cache_bits) + *cache_ptr = NULL; + else + { + use_cache_bits[offset] |= bits << shift; + + if (valueptr) + { + int old_pool = store_pool; + namedlist_cacheblock *p; + + /* Cached data for hosts persists over more than one message, + so we use the permanent store pool */ + + store_pool = POOL_PERM; + p = store_get(sizeof(namedlist_cacheblock), FALSE); + p->key = string_copy(get_check_key(arg, type)); + + + p->data = *valueptr ? string_copy(*valueptr) : NULL; + store_pool = old_pool; + + p->next = nb->cache_data; + nb->cache_data = p; + if (*valueptr) + DEBUG(D_lists) debug_printf("data from lookup saved for " + "cache for %s: key '%s' value '%s'\n", ss, p->key, *valueptr); + } + } + } + + /* Previously cached; to find a lookup value, search a chain of values + and compare keys. Typically, there is only one such, but it is possible + for different keys to have matched the same named list. */ + + else + { + DEBUG(D_lists) debug_printf("cached %s match for %s\n", + (bits & (-bits)) == bits ? "yes" : "no", ss); + + cached = US" - cached"; + if (valueptr) + { + const uschar *key = get_check_key(arg, type); + + for (namedlist_cacheblock * p = nb->cache_data; p; p = p->next) + if (Ustrcmp(key, p->key) == 0) + { + *valueptr = p->data; + break; + } + DEBUG(D_lists) debug_printf("cached lookup data = %s\n", *valueptr); + } + } + + /* Result of test is indicated by value in bits. For each test, we + have 00 => untested, 01 => tested yes, 11 => tested no. */ + + if ((bits & (-bits)) == bits) /* Only one of the two bits is set */ + { + HDEBUG(D_lists) debug_printf("%s %s (matched \"%s\"%s)\n", ot, + (yield == OK)? "yes" : "no", sss, cached); + return yield; + } + } + + /* Run the provided function to do the individual test. */ + + else + { + uschar * error = NULL; + switch ((func)(arg, ss, valueptr, &error)) + { + case OK: + HDEBUG(D_lists) debug_printf("%s %s (matched \"%s\")\n", ot, + (yield == OK)? "yes" : "no", sss); + return yield; + + case DEFER: + if (!error) + error = string_sprintf("DNS lookup of \"%s\" deferred", ss); + if (ignore_defer) + { + HDEBUG(D_lists) debug_printf("%s: item ignored by +ignore_defer\n", + error); + break; + } + if (include_defer) + { + log_write(0, LOG_MAIN, "%s: accepted by +include_defer", error); + return OK; + } + if (!search_error_message) search_error_message = error; + goto DEFER_RETURN; + + /* The ERROR return occurs when checking hosts, when either a forward + or reverse lookup has failed. It can also occur in a match_ip list if a + non-IP address item is encountered. The error string gives details of + which it was. */ + + case ERROR: + if (ignore_unknown) + { + HDEBUG(D_lists) debug_printf("%s: item ignored by +ignore_unknown\n", + error); + } + else + { + HDEBUG(D_lists) debug_printf("%s %s (%s)\n", ot, + include_unknown? "yes":"no", error); + if (!include_unknown) + { + if (LOGGING(unknown_in_list)) + log_write(0, LOG_MAIN, "list matching forced to fail: %s", error); + return FAIL; + } + log_write(0, LOG_MAIN, "%s: accepted by +include_unknown", error); + return OK; + } + } + } + } + + /* If the item is a file name, we read the file and do a match attempt + on each line in the file, including possibly more negation processing. */ + + else + { + int file_yield = yield; /* In case empty file */ + uschar * filename = ss; + FILE * f = Ufopen(filename, "rb"); + uschar filebuffer[1024]; + + /* ot will be null in non-debugging cases, and anyway, we get better + wording by reworking it. */ + + if (!f) + { + uschar * listname = readconf_find_option(listptr); + if (listname[0] == 0) + listname = string_sprintf("\"%s\"", *listptr); + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", + string_open_failed(errno, "%s when checking %s", sss, listname)); + } + + /* Trailing comments are introduced by #, but in an address list or local + part list, the # must be preceded by white space or the start of the line, + because the # character is a legal character in local parts. */ + + while (Ufgets(filebuffer, sizeof(filebuffer), f) != NULL) + { + uschar *error; + uschar *sss = filebuffer; + + while ((ss = Ustrchr(sss, '#')) != NULL) + { + if ((type != MCL_ADDRESS && type != MCL_LOCALPART) || + ss == filebuffer || isspace(ss[-1])) + { + *ss = 0; + break; + } + sss = ss + 1; + } + + ss = filebuffer + Ustrlen(filebuffer); /* trailing space */ + while (ss > filebuffer && isspace(ss[-1])) ss--; + *ss = 0; + + ss = filebuffer; + while (isspace(*ss)) ss++; /* leading space */ + + if (*ss == 0) continue; /* ignore empty */ + + file_yield = yield; /* positive yield */ + sss = ss; /* for debugging */ + + if (*ss == '!') /* negation */ + { + file_yield = (file_yield == OK)? FAIL : OK; + while (isspace((*(++ss)))); + } + + switch ((func)(arg, ss, valueptr, &error)) + { + case OK: + (void)fclose(f); + HDEBUG(D_lists) debug_printf("%s %s (matched \"%s\" in %s)\n", ot, + yield == OK ? "yes" : "no", sss, filename); + + /* The "pattern" being matched came from the file; we use a stack-local. + Copy it to allocated memory now we know it matched. */ + + if (valueptr) *valueptr = string_copy(ss); + return file_yield; + + case DEFER: + if (!error) + error = string_sprintf("DNS lookup of %s deferred", ss); + if (ignore_defer) + { + HDEBUG(D_lists) debug_printf("%s: item ignored by +ignore_defer\n", + error); + break; + } + (void)fclose(f); + if (include_defer) + { + log_write(0, LOG_MAIN, "%s: accepted by +include_defer", error); + return OK; + } + goto DEFER_RETURN; + + case ERROR: /* host name lookup failed - this can only */ + if (ignore_unknown) /* be for an incoming host (not outgoing) */ + { + HDEBUG(D_lists) debug_printf("%s: item ignored by +ignore_unknown\n", + error); + } + else + { + HDEBUG(D_lists) debug_printf("%s %s (%s)\n", ot, + include_unknown? "yes":"no", error); + (void)fclose(f); + if (!include_unknown) + { + if (LOGGING(unknown_in_list)) + log_write(0, LOG_MAIN, "list matching forced to fail: %s", error); + return FAIL; + } + log_write(0, LOG_MAIN, "%s: accepted by +include_unknown", error); + return OK; + } + } + } + + /* At the end of the file, leave the yield setting at the final setting + for the file, in case this is the last item in the list. */ + + yield = file_yield; + (void)fclose(f); + } + } /* Loop for the next item on the top-level list */ + +/* End of list reached: if the last item was negated yield OK, else FAIL. */ + +HDEBUG(D_lists) + debug_printf("%s %s (end of list)\n", ot, yield == OK ? "no":"yes"); +return yield == OK ? FAIL : OK; + +/* Something deferred */ + +DEFER_RETURN: +HDEBUG(D_lists) debug_printf("%s list match deferred for %s\n", ot, sss); +return DEFER; +} + + +/************************************************* +* Match in colon-separated list * +*************************************************/ + +/* This function is used for domain lists and local part lists. It is not used +for host lists or address lists, which have additional interpretation of the +patterns. Some calls of it set sep > UCHAR_MAX in order to use its matching +facilities on single items. When this is done, it arranges to set the numerical +variables as a result of the match. + +This function is now just a short interface to match_check_list(), which does +list scanning in a general way. A good compiler will optimize the tail +recursion. + +Arguments: + s string to search for + listptr ptr to ptr to colon separated list of patterns, or NULL + sep a separator value for the list (see string_nextinlist()) + anchorptr ptr to tree for named items, or NULL if no named items + cache_bits ptr to cache_bits for ditto, or NULL if not caching + type MCL_DOMAIN when matching a domain list + MCL_LOCALPART when matching a local part list (address lists + have their own function) + MCL_STRING for others (e.g. list of ciphers) + MCL_NOEXPAND (whose value is greater than any of them) may + be added to any value to suppress expansion of the list + caseless TRUE for (mostly) caseless matching - passed directly to + match_check_string() + valueptr pointer to where any lookup data is to be passed back, + or NULL (just passed on to match_check_string) + +Returns: OK if matched a non-negated item + OK if hit end of list after a negated item + FAIL if expansion force-failed + FAIL if matched a negated item + FAIL if hit end of list after a non-negated item + DEFER if a lookup deferred +*/ + +int +match_isinlist(const uschar *s, const uschar **listptr, int sep, + tree_node **anchorptr, + unsigned int *cache_bits, int type, BOOL caseless, const uschar **valueptr) +{ +unsigned int *local_cache_bits = cache_bits; +check_string_block cb; +cb.origsubject = s; +cb.subject = caseless ? string_copylc(s) : string_copy(s); +cb.at_is_special = FALSE; +switch (type & ~MCL_NOEXPAND) + { + case MCL_DOMAIN: cb.at_is_special = TRUE; /*FALLTHROUGH*/ + case MCL_LOCALPART: cb.expand_setup = 0; break; + default: cb.expand_setup = sep > UCHAR_MAX ? 0 : -1; break; + } +cb.use_partial = TRUE; +cb.caseless = caseless; +if (valueptr) *valueptr = NULL; +return match_check_list(listptr, sep, anchorptr, &local_cache_bits, + check_string, &cb, type, s, valueptr); +} + + + +/************************************************* +* Match address to single address-list item * +*************************************************/ + +/* This function matches an address to an item from an address list. It is +called from match_address_list() via match_check_list(). That is why most of +its arguments are in an indirect block. + +Arguments: + arg the argument block (see below) + pattern the pattern to match + valueptr where to return a value + error for error messages (not used in this function; it never + returns ERROR) + +The argument block contains: + address the start of the subject address; when called from retry.c + it may be *@domain if the local part isn't relevant + origaddress the original, un-case-forced address (not used here, but used + in match_check_list() when +caseful is encountered) + expand_setup controls setting up of $n variables + caseless TRUE for caseless local part matching + +Returns: OK for a match + FAIL for no match + DEFER if a lookup deferred +*/ + +static int +check_address(void *arg, const uschar *pattern, const uschar **valueptr, uschar **error) +{ +check_address_block *cb = (check_address_block *)arg; +check_string_block csb; +int rc; +int expand_inc = 0; +unsigned int *null = NULL; +const uschar *listptr; +uschar *subject = cb->address; +const uschar *s; +uschar *pdomain, *sdomain; + +error = error; /* Keep clever compilers from complaining */ + +DEBUG(D_lists) debug_printf("address match test: subject=%s pattern=%s\n", + subject, pattern); + +/* Find the subject's domain */ + +sdomain = Ustrrchr(subject, '@'); + +/* The only case where a subject may not have a domain is if the subject is +empty. Otherwise, a subject with no domain is a serious configuration error. */ + +if (sdomain == NULL && *subject != 0) + { + log_write(0, LOG_MAIN|LOG_PANIC, "no @ found in the subject of an " + "address list match: subject=\"%s\" pattern=\"%s\"", subject, pattern); + return FAIL; + } + +/* Handle a regular expression, which must match the entire incoming address. +This may be the empty address. */ + +if (*pattern == '^') + return match_check_string(subject, pattern, cb->expand_setup, TRUE, + cb->caseless, FALSE, NULL); + +/* Handle a pattern that is just a lookup. Skip over possible lookup names +(letters, digits, hyphens). Skip over a possible * or *@ at the end. Then we +must have a semicolon for it to be a lookup. */ + +for (s = pattern; isalnum(*s) || *s == '-'; s++); +if (*s == '*') s++; +if (*s == '@') s++; + +/* If it is a straight lookup, do a lookup for the whole address. This may be +the empty address. Partial matching doesn't make sense here, so we ignore it, +but write a panic log entry. However, *@ matching will be honoured. */ + +if (*s == ';') + { + if (Ustrncmp(pattern, "partial-", 8) == 0) + log_write(0, LOG_MAIN|LOG_PANIC, "partial matching is not applicable to " + "whole-address lookups: ignored \"partial-\" in \"%s\"", pattern); + return match_check_string(subject, pattern, -1, FALSE, cb->caseless, FALSE, + valueptr); + } + +/* For the remaining cases, an empty subject matches only an empty pattern, +because other patterns expect to have a local part and a domain to match +against. */ + +if (*subject == 0) return (*pattern == 0)? OK : FAIL; + +/* If the pattern starts with "@@" we have a split lookup, where the domain is +looked up to obtain a list of local parts. If the subject's local part is just +"*" (called from retry) the match always fails. */ + +if (pattern[0] == '@' && pattern[1] == '@') + { + int watchdog = 50; + uschar *list, *ss; + uschar buffer[1024]; + + if (sdomain == subject + 1 && *subject == '*') return FAIL; + + /* Loop for handling chains. The last item in any list may be of the form + ">name" in order to chain on to another list. */ + + for (const uschar * key = sdomain + 1; key && watchdog-- > 0; ) + { + int sep = 0; + + if ((rc = match_check_string(key, pattern + 2, -1, TRUE, FALSE, FALSE, + CUSS &list)) != OK) return rc; + + /* Check for chaining from the last item; set up the next key if one + is found. */ + + ss = Ustrrchr(list, ':'); + if (ss == NULL) ss = list; else ss++; + while (isspace(*ss)) ss++; + if (*ss == '>') + { + *ss++ = 0; + while (isspace(*ss)) ss++; + key = string_copy(ss); + } + else key = NULL; + + /* Look up the local parts provided by the list; negation is permitted. + If a local part has to begin with !, a regex can be used. */ + + while ((ss = string_nextinlist(CUSS &list, &sep, buffer, sizeof(buffer)))) + { + int local_yield; + + if (*ss == '!') + { + local_yield = FAIL; + while (isspace((*(++ss)))); + } + else local_yield = OK; + + *sdomain = 0; + rc = match_check_string(subject, ss, -1, TRUE, cb->caseless, FALSE, + valueptr); + *sdomain = '@'; + + switch(rc) + { + case OK: + return local_yield; + + case DEFER: + return DEFER; + } + } + } + + /* End of chain loop; panic if too many times */ + + if (watchdog <= 0) + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Loop detected in lookup of " + "local part of %s in %s", subject, pattern); + + /* Otherwise the local part check has failed, so the whole match + fails. */ + + return FAIL; + } + + +/* We get here if the pattern is not a lookup or a regular expression. If it +contains an @ there is both a local part and a domain. */ + +pdomain = Ustrrchr(pattern, '@'); +if (pdomain != NULL) + { + int pllen, sllen; + + /* If the domain in the pattern is empty or one of the special cases [] or + mx_{any,primary,secondary}, and the local part in the pattern ends in "@", + we have a pattern of the form <something>@@, <something>@@[], or + <something>@@mx_{any,primary,secondary}. These magic "domains" are + automatically interpreted in match_check_string. We just need to arrange that + the leading @ is included in the domain. */ + + if (pdomain > pattern && pdomain[-1] == '@' && + (pdomain[1] == 0 || + Ustrcmp(pdomain+1, "[]") == 0 || + Ustrcmp(pdomain+1, "mx_any") == 0 || + Ustrcmp(pdomain+1, "mx_primary") == 0 || + Ustrcmp(pdomain+1, "mx_secondary") == 0)) + pdomain--; + + pllen = pdomain - pattern; + sllen = sdomain - subject; + + /* Compare the local parts in the subject and the pattern */ + + if (*pattern == '*') + { + int cllen = pllen - 1; + if (sllen < cllen) return FAIL; + if (cb->caseless + ? strncmpic(subject+sllen-cllen, pattern + 1, cllen) != 0 + : Ustrncmp(subject+sllen-cllen, pattern + 1, cllen) != 0) + return FAIL; + if (cb->expand_setup > 0) + { + expand_nstring[cb->expand_setup] = subject; + expand_nlength[cb->expand_setup] = sllen - cllen; + expand_inc = 1; + } + } + else + { + if (sllen != pllen) return FAIL; + if (cb->caseless + ? strncmpic(subject, pattern, sllen) != 0 + : Ustrncmp(subject, pattern, sllen) != 0) return FAIL; + } + } + +/* If the local part matched, or was not being checked, check the domain using +the generalized function, which supports file lookups (which may defer). The +original code read as follows: + + return match_check_string(sdomain + 1, + pdomain ? pdomain + 1 : pattern, + cb->expand_setup + expand_inc, TRUE, cb->caseless, TRUE, NULL); + +This supported only literal domains and *.x.y patterns. In order to allow for +named domain lists (so that you can right, for example, "senders=+xxxx"), it +was changed to use the list scanning function. */ + +csb.origsubject = sdomain + 1; +csb.subject = cb->caseless ? string_copylc(sdomain+1) : string_copy(sdomain+1); +csb.expand_setup = cb->expand_setup + expand_inc; +csb.use_partial = TRUE; +csb.caseless = cb->caseless; +csb.at_is_special = TRUE; + +listptr = pdomain ? pdomain + 1 : pattern; +if (valueptr) *valueptr = NULL; + +return match_check_list( + &listptr, /* list of one item */ + UCHAR_MAX+1, /* impossible separator; single item */ + &domainlist_anchor, /* it's a domain list */ + &null, /* ptr to NULL means no caching */ + check_string, /* the function to do one test */ + &csb, /* its data */ + MCL_DOMAIN + MCL_NOEXPAND, /* domain list; don't expand */ + csb.subject, /* string for messages */ + valueptr); /* where to pass back lookup data */ +} + + + + +/************************************************* +* Test whether address matches address list * +*************************************************/ + +/* This function is given an address and a list of things to match it against. +The list may contain individual addresses, regular expressions, lookup +specifications, and indirection via bare files. Negation is supported. The +address to check can consist of just a domain, which will then match only +domain items or items specified as *@domain. + +Domains are always lower cased before the match. Local parts are also lower +cased unless "caseless" is false. The work of actually scanning the list is +done by match_check_list(), with an appropriate block of arguments and a +callback to check_address(). During caseless matching, it will recognize ++caseful and revert to caseful matching. + +Arguments: + address address to test + caseless TRUE to start in caseless state + expand TRUE to allow list expansion + listptr list to check against + cache_bits points to cache bits for named address lists, or NULL + expand_setup controls setting up of $n variables - passed through + to check_address (q.v.) + sep separator character for the list; + may be 0 to get separator from the list; + may be UCHAR_MAX+1 for one-item list + valueptr where to return a lookup value, or NULL + +Returns: OK for a positive match, or end list after a negation; + FAIL for a negative match, or end list after non-negation; + DEFER if a lookup deferred +*/ + +int +match_address_list(const uschar *address, BOOL caseless, BOOL expand, + const uschar **listptr, unsigned int *cache_bits, int expand_setup, int sep, + const uschar **valueptr) +{ +check_address_block ab; +unsigned int *local_cache_bits = cache_bits; +int len; + +/* RFC 2505 recommends that for spam checking, local parts should be caselessly +compared. Therefore, Exim now forces the entire address into lower case here, +provided that "caseless" is set. (It is FALSE for calls for matching rewriting +patterns.) Otherwise just the domain is lower cases. A magic item "+caseful" in +the list can be used to restore a caseful copy of the local part from the +original address. +Limit the subject address size to avoid mem-exhastion attacks. The size chosen +is historical (we used to use big_buffer her). */ + +if ((len = Ustrlen(address)) > BIG_BUFFER_SIZE) len = BIG_BUFFER_SIZE; +ab.address = string_copyn(address, len); + +for (uschar * p = ab.address + len - 1; p >= ab.address; p--) + { + if (!caseless && *p == '@') break; + *p = tolower(*p); + } + +/* If expand_setup is zero, we need to set up $0 to the whole thing, in +case there is a match. Can't use the built-in facilities of match_check_string +(via check_address), as we may just be calling that for part of the address +(the domain). */ + +if (expand_setup == 0) + { + expand_nstring[0] = string_copy(address); + expand_nlength[0] = Ustrlen(address); + expand_setup++; + } + +/* Set up the data to be passed ultimately to check_address. */ + +ab.origaddress = address; +/* ab.address is above */ +ab.expand_setup = expand_setup; +ab.caseless = caseless; + +return match_check_list(listptr, sep, &addresslist_anchor, &local_cache_bits, + check_address, &ab, MCL_ADDRESS + (expand? 0:MCL_NOEXPAND), address, + valueptr); +} + +/* Simpler version of match_address_list; always caseless, expanding, +no cache bits, no value-return. + +Arguments: + address address to test + listptr list to check against + sep separator character for the list; + may be 0 to get separator from the list; + may be UCHAR_MAX+1 for one-item list + +Returns: OK for a positive match, or end list after a negation; + FAIL for a negative match, or end list after non-negation; + DEFER if a lookup deferred +*/ + +int +match_address_list_basic(const uschar *address, const uschar **listptr, int sep) +{ +return match_address_list(address, TRUE, TRUE, listptr, NULL, -1, sep, NULL); +} + +/* End of match.c */ |