[exim-cvs] Lookups: log warning for deprecated syntax. Bug …

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Exim Git Commits Mailing List
日付:  
To: exim-cvs
題目: [exim-cvs] Lookups: log warning for deprecated syntax. Bug 3068
Gitweb: https://git.exim.org/exim.git/commitdiff/06b43f1b7f7319445d4a71b9a60e3f2f144cf7a2
Commit:     06b43f1b7f7319445d4a71b9a60e3f2f144cf7a2
Parent:     4da37662868dcfd8ec23ad9d7f643ef014b1a42b
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Sat Jan 13 15:24:12 2024 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Sat Jan 13 15:49:08 2024 +0000


    Lookups: log warning for deprecated syntax.  Bug 3068
---
 doc/doc-docbook/spec.xfpt       | 19 ++++++++++++++++---
 doc/doc-txt/ChangeLog           |  3 +++
 src/src/lookups/lf_sqlperform.c |  4 +++-
 test/stderr/2610                | 28 ++++++++++++++++++++++++++++
 4 files changed, 50 insertions(+), 4 deletions(-)


diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 57b242a4e..79bdb24e5 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -8156,13 +8156,20 @@ option, you can still update it by a query of this form:
${lookup pgsql,servers=master/db/name/pw {UPDATE ...} }
.endd

-An older syntax places the servers specification before the query,
+.new
+A now-deprecated syntax places the servers specification before the query,
semicolon separated:
.code
${lookup mysql{servers=master; UPDATE ...} }
.endd
-The new version avoids potential issues with tainted
-arguments in the query, for explicit expansion.
+The new version avoids issues with tainted
+arguments explicitly expanded as part of the query.
+The entire string within the braces becomes tainted,
+including the server sepcification - which is not permissible.
+If the older sytax is used, a warning message will be logged.
+This syntax will be removed in a future release.
+.wen
+
&*Note*&: server specifications in list-style lookups are still problematic.


@@ -8339,6 +8346,9 @@ type of match and is given below as the &*value*& information.
.section "Expansion of lists" "SECTlistexpand"
.cindex "expansion" "of lists"
Each list is expanded as a single string before it is used.
+.cindex "tainted data" tracking
+&*Note*&: As a result, if any componend was tainted then the
+entire result string becomes tainted.

&'Exception: the router headers_remove option, where list-item
splitting is done before string-expansion.'&
@@ -9534,6 +9544,9 @@ start of a portion of the string that is interpreted and replaced as described
below in section &<<SECTexpansionitems>>& onwards. Backslash is used as an
escape character, as described in the following section.

+.cindex "tainted data" tracking
+If any porttion of the result string is tainted, the entire result is.
+
 Whether a string is expanded depends upon the context.  Usually this is solely
 dependent upon the option for which a value is sought; in this documentation,
 options for which string expansion is performed are marked with &dagger; after
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 6a0207f2a..40e8a9e7e 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -83,6 +83,9 @@ JH/17 Bug 3064: Fix combination of "-q<period> -R <recipients>". Introduction of
       the multiple-queue-runners facility for 4.97 broking this, giving only
       a one-time run of the queue.


+JH/18 Bug 3068: Log a warning for use of deprecated syntax in query-style
+      lookups.
+


 Exim version 4.97
 -----------------
diff --git a/src/src/lookups/lf_sqlperform.c b/src/src/lookups/lf_sqlperform.c
index ecb0a3221..d5bb8d297 100644
--- a/src/src/lookups/lf_sqlperform.c
+++ b/src/src/lookups/lf_sqlperform.c
@@ -2,7 +2,7 @@
 *     Exim - an Internet mail transport agent    *
 *************************************************/


-/* Copyright (c) The Exim Maintainers 2020 - 2022 */
+/* Copyright (c) The Exim Maintainers 2020 - 2024 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
/* SPDX-License-Identifier: GPL-2.0-or-later */
@@ -56,6 +56,8 @@ if (Ustrncmp(query, "servers", 7) == 0)
const uschar *qserverlist;
uschar *qserver;

+  log_write(0, LOG_MAIN|LOG_CONFIG_IN, "WARNING: obslete syntax used for lookup\n");
+
   s = query + 7;
   skip_whitespace(&s);
   if (*s++ != '=')
diff --git a/test/stderr/2610 b/test/stderr/2610
index 6fedeb321..667d8bba9 100644
--- a/test/stderr/2610
+++ b/test/stderr/2610
@@ -135,6 +135,10 @@ dropping to exim gid; retaining priv uid
    type=mysql key="servers=x:127.0.0.1::PORT_N; select name from them where id='ph10';" opts=NULL
  database lookup required for servers=x:127.0.0.1::PORT_N; select name from them where id='ph10';
  MySQL query: "servers=x:127.0.0.1::PORT_N; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+  Exim configuration error in line 87 of TESTSUITE/test-config:
+  WARNING: obslete syntax used for lookup
+
  lookup deferred: MySQL server "x" not found in mysql_servers
  search_open: mysql "NULL"
    cached open
@@ -145,6 +149,10 @@ dropping to exim gid; retaining priv uid
    type=mysql key="servers=127.0.0.1::PORT_N:x; select name from them where id='ph10';" opts=NULL
  database lookup required for servers=127.0.0.1::PORT_N:x; select name from them where id='ph10';
  MySQL query: "servers=127.0.0.1::PORT_N:x; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+  Exim configuration error in line 87 of TESTSUITE/test-config:
+  WARNING: obslete syntax used for lookup
+
  MYSQL using cached connection for 127.0.0.1:PORT_N/test/root
  creating new cache entry
  lookup yielded: Philip Hazel
@@ -157,6 +165,10 @@ dropping to exim gid; retaining priv uid
    type=mysql key="servers=127.0.0.1::PORT_N/test/root/:x; select name from them where id='ph10';" opts=NULL
  database lookup required for servers=127.0.0.1::PORT_N/test/root/:x; select name from them where id='ph10';
  MySQL query: "servers=127.0.0.1::PORT_N/test/root/:x; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+  Exim configuration error in line 87 of TESTSUITE/test-config:
+  WARNING: obslete syntax used for lookup
+
  MYSQL using cached connection for 127.0.0.1:PORT_N/test/root
  creating new cache entry
  lookup yielded: Philip Hazel
@@ -169,6 +181,10 @@ dropping to exim gid; retaining priv uid
    type=mysql key="servers=ip4.ip4.ip4.ip4::1223/test/root/:127.0.0.1::PORT_N; select name from them where id='ph10';" opts=NULL
  database lookup required for servers=ip4.ip4.ip4.ip4::1223/test/root/:127.0.0.1::PORT_N; select name from them where id='ph10';
  MySQL query: "servers=ip4.ip4.ip4.ip4::1223/test/root/:127.0.0.1::PORT_N; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+  Exim configuration error in line 87 of TESTSUITE/test-config:
+  WARNING: obslete syntax used for lookup
+
  MYSQL new connection: host=ip4.ip4.ip4.ip4 port=PORT_N socket=NULL database=test user=root
  creating new cache entry
  lookup yielded: Philip Hazel
@@ -181,6 +197,10 @@ dropping to exim gid; retaining priv uid
    type=mysql key="servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10';" opts=NULL
  database lookup required for servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10';
  MySQL query: "servers=localhost(TESTSUITE/mysql/sock)/test/root/pass; select name from them where id='ph10';" opts 'NULL'
+LOG: MAIN
+  Exim configuration error in line 87 of TESTSUITE/test-config:
+  WARNING: obslete syntax used for lookup
+
  MYSQL new connection: host=localhost port=0 socket=TESTSUITE/mysql/sock database=test user=root
  creating new cache entry
  lookup yielded: Philip Hazel
@@ -348,6 +368,10 @@ check set acl_m0 = ok:   ${lookup mysql,servers=127.0.0.1::PORT_N    {select nam
  database lookup required for servers=127.0.0.1::PORT_N/test/root/pass; select name from them where id = 'c'
                               (tainted, quoted:mysql)
  MySQL query: "servers=127.0.0.1::PORT_N/test/root/pass; select name from them where id = 'c'" opts 'NULL'
+LOG: MAIN
+  Exim configuration error in line 87 of TESTSUITE/test-config:
+  WARNING: obslete syntax used for lookup
+
  lookup deferred: MySQL server "127.0.0.1:PORT_N/test/root/pass" is tainted
 warn: condition test deferred in ACL "check_recipient"
 LOG: MAIN
@@ -388,6 +412,10 @@ host in "<& net-mysql;servers=127.0.0.1::PORT_N/test/root/pass; select * from th
  database lookup required for servers=127.0.0.1::PORT_N/test/root/pass; select * from them where id='c'
                               (tainted, quoted:mysql)
  MySQL query: "servers=127.0.0.1::PORT_N/test/root/pass; select * from them where id='c'" opts 'NULL'
+LOG: MAIN
+  Exim configuration error in line 87 of TESTSUITE/test-config:
+  WARNING: obslete syntax used for lookup
+
  lookup deferred: MySQL server "127.0.0.1:PORT_N/test/root/pass" is tainted
 host in "<& net-mysql;servers=127.0.0.1::PORT_N/test/root/pass; select * from them where id='c'"? list match deferred for net-mysql;servers=127.0.0.1::1223/test/root/pass; select * from them where id='c'
 warn: condition test deferred in ACL "check_recipient"


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-cvs.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-cvs-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/