Re: [exim] safe handling of $tls_sni

Top Page
Delete this message
Reply to this message
Author: Jasen Betts
Date:  
To: exim-users
Subject: Re: [exim] safe handling of $tls_sni
On 2016-10-17, Mike Tubby <mike@???> wrote:
>
> Couldn't we have - per perhaps shouldn't we have - a "safe domain name"
> function in Exim that could be used for this and elsewhere where an
> untrusted domain name enters - it would:
>
>      * remove white space (tab, space, etc)
>      * remove non-printing chars
>      * remove 'quoting' and 'escaping'
>      * make it lower case
>      * only allow valid characters for a FQDN


why remove? why not just reject if it contains any badness?

> call it something like "safe_fqdn" and then you could do:
>
>      ${if 
> exists{/etc/mail/ssl/${safe_fqdn:tls_sni}.pem}{/etc/mail/ssl/${safe_fqdn:tls_sni}.pem}{/etc/mail/default-cert.pem}

>
> aren't computers are supposed to be doing the work for us...?
>

This:

${domain:a@$tls_sni}

will give the domain part if the $tls_sni is syntactically correct for a
domain name else it will give the empty string.

Is that not good enough?


   ${if exists{/etc/mail/ssl/${domain:a@$tls_sni}.pem}\
        {/etc/mail/ssl/${domain:a@$tls_sni}.pem}\
        {/etc/mail/default-cert.pem}\
    }



it's going to try to use a file called /etc/mail/ssl/.pem if the sni
is empty or contains garbage, probably not a problem.

--
This email has not been checked by half-arsed antivirus software