[exim-cvs] Fix list-expansion for various domainlists, havi…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Exim Git Commits Mailing List
Date:  
À: exim-cvs
Sujet: [exim-cvs] Fix list-expansion for various domainlists, having included sublist elements. Bug 2701
Gitweb: https://git.exim.org/exim.git/commitdiff/e2be2df5c0760e2b6a7870c88ad486a23f5e4b01
Commit:     e2be2df5c0760e2b6a7870c88ad486a23f5e4b01
Parent:     f39bb672424423847bce771bc31f5c13f2eb4185
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Mon Feb 22 21:24:01 2021 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Mon Feb 22 21:24:01 2021 +0000


    Fix list-expansion for various domainlists, having included sublist elements.  Bug 2701
---
 doc/doc-txt/ChangeLog |  6 ++++++
 src/src/acl.c         |  6 +++---
 src/src/deliver.c     |  2 +-
 src/src/dns.c         |  6 +++---
 src/src/host.c        | 46 +++++++++++++++++++++++-----------------------
 src/src/readconf.c    | 33 +++++++++++++++------------------
 6 files changed, 51 insertions(+), 48 deletions(-)


diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 2c17877..6993499 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -207,6 +207,12 @@ JH/43 Bug 2694: Fix weighted distribution of work to multiple spamd servers.
       Previously the weighting was incorrectly applied.  Similar fix for socks
       proxies.  Found and fixed by Heiko Schlichting.


+JH/44 Bug 2701: Fix list-expansion of dns_ipv4_lookup.  Previously, it did
+      not handle sub-lists included using the +namedlist syntax.  While
+      investigating, the same found for dns_trust_aa, dns_again_means_nonexist,
+      dnssec_require_domains, dnssec_request_domains, srv_fail_domains,
+      mx_fail_domains.
+


 Exim version 4.94
 -----------------
diff --git a/src/src/acl.c b/src/src/acl.c
index aaf0ce6..fff2ac0 100644
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -3508,14 +3508,14 @@ for (; cb; cb = cb->next)
     case ACLC_DKIM_SIGNER:
     if (dkim_cur_signer)
       rc = match_isinlist(dkim_cur_signer,
-                          &arg,0,NULL,NULL,MCL_STRING,TRUE,NULL);
+                          &arg, 0, NULL, NULL, MCL_STRING, TRUE, NULL);
     else
       rc = FAIL;
     break;


     case ACLC_DKIM_STATUS:
     rc = match_isinlist(dkim_verify_status,
-                        &arg,0,NULL,NULL,MCL_STRING,TRUE,NULL);
+                        &arg, 0, NULL, NULL, MCL_STRING, TRUE, NULL);
     break;
     #endif


@@ -3527,7 +3527,7 @@ for (; cb; cb = cb->next)
     /* used long way of dmarc_exim_expand_query() in case we need more
      * view into the process in the future. */
     rc = match_isinlist(dmarc_exim_expand_query(DMARC_VERIFY_STATUS),
-                        &arg,0,NULL,NULL,MCL_STRING,TRUE,NULL);
+                        &arg, 0, NULL, NULL, MCL_STRING, TRUE, NULL);
     break;
 #endif


diff --git a/src/src/deliver.c b/src/src/deliver.c
index 238e33a..833970c 100644
--- a/src/src/deliver.c
+++ b/src/src/deliver.c
@@ -6814,7 +6814,7 @@ while (addr_new)           /* Loop until all addresses dealt with */
       addr_route = addr->next;


       deliver_domain = addr->domain;  /* set $domain */
-      if ((rc = match_isinlist(addr->domain, (const uschar **)&queue_domains, 0,
+      if ((rc = match_isinlist(addr->domain, CUSS &queue_domains, 0,
             &domainlist_anchor, addr->domain_cache, MCL_DOMAIN, TRUE, NULL))
               != OK)
         if (rc == DEFER)
diff --git a/src/src/dns.c b/src/src/dns.c
index a636f07..c686987 100644
--- a/src/src/dns.c
+++ b/src/src/dns.c
@@ -515,7 +515,7 @@ if (  !h->aa
    || !(trusted = expand_string(dns_trust_aa))
    || !*trusted
    || !(auth_name = dns_extract_auth_name(dnsa))
-   || OK != match_isinlist(auth_name, &trusted, 0, NULL, NULL,
+   || OK != match_isinlist(auth_name, &trusted, 0, &domainlist_anchor, NULL,
                 MCL_DOMAIN, TRUE, NULL)
    )
   return FALSE;
@@ -904,8 +904,8 @@ if (dnsa->answerlen < 0) switch (h_errno)
 #ifndef STAND_ALONE
     save_domain = deliver_domain;
     deliver_domain = string_copy(name);  /* set $domain */
-    rc = match_isinlist(name, (const uschar **)&dns_again_means_nonexist, 0, NULL, NULL,
-      MCL_DOMAIN, TRUE, NULL);
+    rc = match_isinlist(name, CUSS &dns_again_means_nonexist, 0,
+      &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
     deliver_domain = save_domain;
     if (rc != OK)
       {
diff --git a/src/src/host.c b/src/src/host.c
index a31c09b..5f254a2 100644
--- a/src/src/host.c
+++ b/src/src/host.c
@@ -1971,8 +1971,8 @@ lookups here (except when testing standalone). */
   #else
   if (  disable_ipv6
      ||    dns_ipv4_lookup
-    && match_isinlist(host->name, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
-        MCL_DOMAIN, TRUE, NULL) == OK)
+    && match_isinlist(host->name, CUSS &dns_ipv4_lookup, 0,
+        &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK)
   #endif


     { af = AF_INET; times = 1; }
@@ -2191,12 +2191,12 @@ dns_again_means_nonexist, return permanent rather than temporary failure. */


 RETURN_AGAIN:
   {
-  #ifndef STAND_ALONE
+#ifndef STAND_ALONE
   int rc;
   const uschar *save = deliver_domain;
   deliver_domain = host->name;  /* set $domain */
-  rc = match_isinlist(host->name, CUSS &dns_again_means_nonexist, 0, NULL, NULL,
-    MCL_DOMAIN, TRUE, NULL);
+  rc = match_isinlist(host->name, CUSS &dns_again_means_nonexist, 0,
+    &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
   deliver_domain = save;
   if (rc == OK)
     {
@@ -2204,7 +2204,7 @@ RETURN_AGAIN:
       "returning HOST_FIND_FAILED\n", host->name);
     return HOST_FIND_FAILED;
     }
-  #endif
+#endif
   return HOST_FIND_AGAIN;
   }
 }
@@ -2296,9 +2296,9 @@ On an IPv4 system, go round the loop once only, looking only for A records. */
   #ifndef STAND_ALONE
     if (  disable_ipv6
        || !(whichrrs & HOST_FIND_BY_AAAA)
-       || (dns_ipv4_lookup
-          && match_isinlist(host->name, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
-          MCL_DOMAIN, TRUE, NULL) == OK)
+       ||    dns_ipv4_lookup
+          && match_isinlist(host->name, CUSS &dns_ipv4_lookup, 0,
+          &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK
        )
       i = 0;    /* look up A records only */
     else
@@ -2556,12 +2556,12 @@ int yield;
 dns_answer * dnsa = store_get_dns_answer();
 dns_scan dnss;
 BOOL dnssec_require = dnssec_d
-            && match_isinlist(host->name, CUSS &dnssec_d->require,
-                    0, NULL, NULL, MCL_DOMAIN, TRUE, NULL) == OK;
+  && match_isinlist(host->name, CUSS &dnssec_d->require,
+          0, &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK;
 BOOL dnssec_request = dnssec_require
-            || (  dnssec_d
-               && match_isinlist(host->name, CUSS &dnssec_d->request,
-                    0, NULL, NULL, MCL_DOMAIN, TRUE, NULL) == OK);
+    || (  dnssec_d
+       && match_isinlist(host->name, CUSS &dnssec_d->request,
+            0, &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK);
 dnssec_status_t dnssec;


 /* Set the default fully qualified name to the incoming name, initialize the
@@ -2626,13 +2626,13 @@ if (whichrrs & HOST_FIND_BY_SRV)
     }
   if (rc == DNS_FAIL || rc == DNS_AGAIN)
     {
-    #ifndef STAND_ALONE
-    if (match_isinlist(host->name, CUSS &srv_fail_domains, 0, NULL, NULL,
-    MCL_DOMAIN, TRUE, NULL) != OK)
-    #endif
+#ifndef STAND_ALONE
+    if (match_isinlist(host->name, CUSS &srv_fail_domains, 0,
+    &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) != OK)
+#endif
       { yield = HOST_FIND_AGAIN; goto out; }
     DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA "
-      "(domain in srv_fail_domains)\n", (rc == DNS_FAIL)? "FAIL":"AGAIN");
+      "(domain in srv_fail_domains)\n", rc == DNS_FAIL ? "FAIL":"AGAIN");
     }
   }


@@ -2678,8 +2678,8 @@ if (rc != DNS_SUCCEED  &&  whichrrs & HOST_FIND_BY_MX)
       DEBUG(D_host_lookup)
     debug_printf("dnssec fail on MX for %.256s", host->name);
 #ifndef STAND_ALONE
-      if (match_isinlist(host->name, CUSS &mx_fail_domains, 0, NULL, NULL,
-      MCL_DOMAIN, TRUE, NULL) != OK)
+      if (match_isinlist(host->name, CUSS &mx_fail_domains, 0,
+      &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) != OK)
     { yield = HOST_FIND_SECURITY; goto out; }
 #endif
       rc = DNS_FAIL;
@@ -2688,8 +2688,8 @@ if (rc != DNS_SUCCEED  &&  whichrrs & HOST_FIND_BY_MX)
     case DNS_FAIL:
     case DNS_AGAIN:
 #ifndef STAND_ALONE
-      if (match_isinlist(host->name, CUSS &mx_fail_domains, 0, NULL, NULL,
-      MCL_DOMAIN, TRUE, NULL) != OK)
+      if (match_isinlist(host->name, CUSS &mx_fail_domains, 0,
+      &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) != OK)
 #endif
     { yield = HOST_FIND_AGAIN; goto out; }
       DEBUG(D_host_lookup) debug_printf("DNS_%s treated as DNS_NODATA "
diff --git a/src/src/readconf.c b/src/src/readconf.c
index 7f808de..fb9164c 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -3350,10 +3350,11 @@ but if that yields an unqualified value, make a FQDN by using gethostbyname to
 canonize it. Some people like upper case letters in their host names, so we
 don't force the case. */


-if (primary_hostname == NULL)
+if (!primary_hostname)
   {
-  const uschar *hostname;
+  const uschar * hostname;
   struct utsname uts;
+
   if (uname(&uts) < 0)
     log_write(0, LOG_MAIN|LOG_PANIC_DIE, "uname() failed to yield host name");
   hostname = US uts.nodename;
@@ -3363,33 +3364,29 @@ if (primary_hostname == NULL)
     int af = AF_INET;
     struct hostent *hostdata;


-    #if HAVE_IPV6
-    if (!disable_ipv6 && (dns_ipv4_lookup == NULL ||
-         match_isinlist(hostname, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
+#if HAVE_IPV6
+    if (  !disable_ipv6
+       && (  !dns_ipv4_lookup
+      || match_isinlist(hostname, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
         MCL_DOMAIN, TRUE, NULL) != OK))
       af = AF_INET6;
-    #else
-    af = AF_INET;
-    #endif
+#endif


     for (;;)
       {
-      #if HAVE_IPV6
-        #if HAVE_GETIPNODEBYNAME
+#if HAVE_IPV6
+# if HAVE_GETIPNODEBYNAME
         int error_num;
         hostdata = getipnodebyname(CS hostname, af, 0, &error_num);
         #else
         hostdata = gethostbyname2(CS hostname, af);
-        #endif
-      #else
+# endif
+#else
       hostdata = gethostbyname(CS hostname);
-      #endif
+#endif


-      if (hostdata != NULL)
-        {
-        hostname = US hostdata->h_name;
-        break;
-        }
+      if (hostdata)
+        { hostname = US hostdata->h_name; break; }


       if (af == AF_INET) break;
       af = AF_INET;