[exim-cvs] cvs commit: exim/exim-doc/doc-txt ChangeLog exim…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Philip Hazel
Datum:  
To: exim-cvs
Betreff: [exim-cvs] cvs commit: exim/exim-doc/doc-txt ChangeLog exim/exim-src/src acl.c
ph10 2005/03/29 11:56:48 BST

  Modified files:
    exim-doc/doc-txt     ChangeLog 
    exim-src/src         acl.c 
  Log:
  Further tidies and minor fixes to the tables that control which ACL
  condition is allowed when.


  Revision  Changes    Path
  1.101     +7 -1      exim/exim-doc/doc-txt/ChangeLog
  1.26      +28 -71    exim/exim-src/src/acl.c


  Index: ChangeLog
  ===================================================================
  RCS file: /home/cvs/exim/exim-doc/doc-txt/ChangeLog,v
  retrieving revision 1.100
  retrieving revision 1.101
  diff -u -r1.100 -r1.101
  --- ChangeLog    29 Mar 2005 09:49:49 -0000    1.100
  +++ ChangeLog    29 Mar 2005 10:56:48 -0000    1.101
  @@ -1,4 +1,4 @@
  -$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.100 2005/03/29 09:49:49 ph10 Exp $
  +$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.101 2005/03/29 10:56:48 ph10 Exp $


   Change log file for Exim from version 4.21
   -------------------------------------------
  @@ -10,7 +10,7 @@
   TK/01 Added Yahoo DomainKeys support via libdomainkeys. See
         doc/experimental-spec.txt for details. (http://domainkeys.sf.net)


-TK/02 Fix ACL "control" statment not being available in MIME ACL.
+TK/02 Fix ACL "control" statement not being available in MIME ACL.

TK/03 Fix ACL "regex" condition not being available in MIME ACL.

  @@ -81,6 +81,12 @@
         commented out examples of how to interface to a virus scanner and to
         SpamAssassin. Also added commented examples of av_scanner and
         spamd_address settings.
  +
  +PH/15 Further to TK/02 and TK/03 above, tidied up the tables of what conditions
  +      and controls are allowed in which ACLs. There were a couple of minor
  +      errors. Some of the entries in the conditions table (which is a table of
  +      where they are NOT allowed) were getting very unwieldy; rewrote them as a
  +      negation of where the condition IS allowed.



A note about Exim versions 4.44 and 4.50

  Index: acl.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/acl.c,v
  retrieving revision 1.25
  retrieving revision 1.26
  diff -u -r1.25 -r1.26
  --- acl.c    15 Mar 2005 15:36:41 -0000    1.25
  +++ acl.c    29 Mar 2005 10:56:48 -0000    1.26
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/acl.c,v 1.25 2005/03/15 15:36:41 ph10 Exp $ */
  +/* $Cambridge: exim/exim-src/src/acl.c,v 1.26 2005/03/29 10:56:48 ph10 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -244,7 +244,8 @@
   };


/* Bit map vector of which conditions are not allowed at certain times. For
-each condition, there's a bitmap of dis-allowed times. */
+each condition, there's a bitmap of dis-allowed times. For some, it is easier
+to specify the negation of a small number of allowed times. */

   static unsigned int cond_forbids[] = {
     0,                                               /* acl */
  @@ -265,34 +266,24 @@
     0,                                               /* condition */


     /* Certain types of control are always allowed, so we let it through
  -  always and check in the control processing itself */
  +  always and check in the control processing itself. */


     0,                                               /* control */


   #ifdef WITH_CONTENT_SCAN
  -  (1<<ACL_WHERE_AUTH)|                             /* decode */
  -    (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
  -    (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_PREDATA)|
  -    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  -    (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
  -    (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
  -    (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_RCPT),
  +  (unsigned int)
  +  ~(1<<ACL_WHERE_MIME),                            /* decode */
   #endif


     0,                                               /* delay */


   #ifdef WITH_OLD_DEMIME
  -  (1<<ACL_WHERE_AUTH)|                             /* demime */
  -    (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
  -    (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
  -    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  -    (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
  -    (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
  -    (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_MIME),
  +  (unsigned int)
  +  ~((1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)),   /* demime */
   #endif


   #ifdef EXPERIMENTAL_DOMAINKEYS
  -  (1<<ACL_WHERE_AUTH)|                            /* dk_domain_source */
  +  (1<<ACL_WHERE_AUTH)|                             /* dk_domain_source */
       (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
       (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
       (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  @@ -300,7 +291,7 @@
       (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
       (1<<ACL_WHERE_VRFY),


  -  (1<<ACL_WHERE_AUTH)|                            /* dk_policy */
  +  (1<<ACL_WHERE_AUTH)|                             /* dk_policy */
       (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
       (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
       (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  @@ -308,7 +299,7 @@
       (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
       (1<<ACL_WHERE_VRFY),


  -  (1<<ACL_WHERE_AUTH)|                            /* dk_sender_domains */
  +  (1<<ACL_WHERE_AUTH)|                             /* dk_sender_domains */
       (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
       (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
       (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  @@ -316,7 +307,7 @@
       (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
       (1<<ACL_WHERE_VRFY),


  -  (1<<ACL_WHERE_AUTH)|                            /* dk_sender_local_parts */
  +  (1<<ACL_WHERE_AUTH)|                             /* dk_sender_local_parts */
       (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
       (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
       (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  @@ -324,7 +315,7 @@
       (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
       (1<<ACL_WHERE_VRFY),


  -  (1<<ACL_WHERE_AUTH)|                            /* dk_senders */
  +  (1<<ACL_WHERE_AUTH)|                             /* dk_senders */
       (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
       (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
       (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  @@ -332,7 +323,7 @@
       (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
       (1<<ACL_WHERE_VRFY),


  -  (1<<ACL_WHERE_AUTH)|                            /* dk_status */
  +  (1<<ACL_WHERE_AUTH)|                             /* dk_status */
       (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
       (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
       (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  @@ -343,13 +334,8 @@


     (1<<ACL_WHERE_NOTSMTP),                          /* dnslists */


  -  (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)|      /* domains */
  -    (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
  -    (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_PREDATA)|
  -    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  -    (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
  -    (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
  -    (1<<ACL_WHERE_VRFY),
  +  (unsigned int)
  +  ~(1<<ACL_WHERE_RCPT),                            /* domains */


     (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_CONNECT)|   /* encrypted */
       (1<<ACL_WHERE_HELO),
  @@ -358,56 +344,32 @@


     (1<<ACL_WHERE_NOTSMTP),                          /* hosts */


  -  (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)|      /* local_parts */
  -    (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
  -    (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_PREDATA)|
  -    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  -    (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
  -    (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
  -    (1<<ACL_WHERE_VRFY),
  +  (unsigned int)
  +  ~(1<<ACL_WHERE_RCPT),                            /* local_parts */


     0,                                               /* log_message */


     0,                                               /* logwrite */


   #ifdef WITH_CONTENT_SCAN
  -  (1<<ACL_WHERE_AUTH)|                             /* malware */
  -    (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
  -    (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
  -    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  -    (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
  -    (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
  -    (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_MIME),
  +  (unsigned int)
  +  ~((1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)),   /* malware */
   #endif


     0,                                               /* message */


   #ifdef WITH_CONTENT_SCAN
  -  (1<<ACL_WHERE_AUTH)|                             /* mime_regex */
  -    (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
  -    (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_PREDATA)|
  -    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  -    (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
  -    (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
  -    (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_RCPT),
  +  (unsigned int)
  +  ~(1<<ACL_WHERE_MIME),                            /* mime_regex */
   #endif


  -  (1<<ACL_WHERE_NOTSMTP)|(1<<ACL_WHERE_AUTH)|      /* recipients */
  -    (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
  -    (1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_PREDATA)|
  -    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  -    (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
  -    (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
  -    (1<<ACL_WHERE_VRFY),
  +  (unsigned int)
  +  ~(1<<ACL_WHERE_RCPT),                            /* recipients */


   #ifdef WITH_CONTENT_SCAN
  -  (1<<ACL_WHERE_AUTH)|                             /* regex */
  -    (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
  -    (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
  -    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  -    (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
  -    (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
  -    (1<<ACL_WHERE_VRFY),
  +  (unsigned int)
  +  ~((1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)|    /* regex */
  +    (1<<ACL_WHERE_MIME)),
   #endif


     (1<<ACL_WHERE_AUTH)|(1<<ACL_WHERE_CONNECT)|      /* sender_domains */
  @@ -425,13 +387,8 @@
     0,                                               /* set */


   #ifdef WITH_CONTENT_SCAN
  -  (1<<ACL_WHERE_AUTH)|                             /* spam */
  -    (1<<ACL_WHERE_CONNECT)|(1<<ACL_WHERE_HELO)|
  -    (1<<ACL_WHERE_RCPT)|(1<<ACL_WHERE_PREDATA)|
  -    (1<<ACL_WHERE_ETRN)|(1<<ACL_WHERE_EXPN)|
  -    (1<<ACL_WHERE_MAILAUTH)|(1<<ACL_WHERE_QUIT)|
  -    (1<<ACL_WHERE_MAIL)|(1<<ACL_WHERE_STARTTLS)|
  -    (1<<ACL_WHERE_VRFY)|(1<<ACL_WHERE_MIME),
  +  (unsigned int)
  +  ~((1<<ACL_WHERE_DATA)|(1<<ACL_WHERE_NOTSMTP)),   /* spam */
   #endif


#ifdef EXPERIMENTAL_SPF