Lookups: ret=key option
authorJeremy Harris <jgh146exb@wizmail.org>
Thu, 7 May 2020 15:38:04 +0000 (16:38 +0100)
committerJeremy Harris <jgh146exb@wizmail.org>
Thu, 7 May 2020 16:19:06 +0000 (17:19 +0100)
doc/doc-txt/NewStuff
src/src/search.c
test/aux-fixed/0625.lsearch [new file with mode: 0644]
test/confs/0153
test/confs/0625 [new symlink]
test/log/0625 [new file with mode: 0644]
test/scripts/0000-Basic/0625 [new file with mode: 0644]
test/scripts/2500-dsearch/2500
test/stderr/0625 [new file with mode: 0644]
test/stdout/0625 [new file with mode: 0644]
test/stdout/2500

index cf142af..c29525d 100644 (file)
@@ -54,20 +54,23 @@ Version 4.94
 15. Options on pgsql and mysql lookups, to specify server separate from the
     lookup string.
 
-16. Expansion item ${listquote {<char} {<item>}}.
+16. An option on all single-key lookups, to return (on a hit) a de-tainted
+    version of the lookup key rather than the looked-up data.
 
-17. An option for the ${readsocket {}{}{}} expansion to make the result data
-    cacheable.
-
-18. dkim_verify_min_keysizes, a list of minimum acceptable public-key sizes.
-
-19. bounce_message_file and warn_message_file are now expanded before use.
-
-20. $domain_data and $localpart_data are now set by all list-match successes.
+17. $domain_data and $localpart_data are now set by all list-match successes.
     Previously only list items that performed lookups did so.
     Also, matching list items that are tail-match or RE-match now set the
     numeric variables $0 (etc) in the same way os other RE matches.
 
+18. Expansion item ${listquote {<char} {<item>}}.
+
+19. An option for the ${readsocket {}{}{}} expansion to make the result data
+    cacheable.
+
+20. dkim_verify_min_keysizes, a list of minimum acceptable public-key sizes.
+
+21. bounce_message_file and warn_message_file are now expanded before use.
+
 
 
 Version 4.93
index db56b61..94a5889 100644 (file)
@@ -189,7 +189,7 @@ if ((t = Ustrchr(t, ',')))
   *opts = string_copy(t+1);
   }
 else
-  * opts = NULL;
+  *opts = NULL;
 
 /* Check for the individual search type. Only those that are actually in the
 binary are valid. For query-style types, "partial" and default types are
@@ -715,7 +715,7 @@ else if (partial >= 0)
   /* The key in its entirety did not match a wild entry; try chopping off
   leading components. */
 
-  if (yield == NULL)
+  if (!yield)
     {
     int dotcount = 0;
     uschar *keystring3 = keystring2 + affixlen;
@@ -839,6 +839,19 @@ if (set_null_wild && expand_setup && *expand_setup >= 0)
   expand_nlength[*expand_setup] = Ustrlen(keystring);
   }
 
+/* If we have a result, check the options to see if the key was wanted rather
+than the result.  Return a de-tainted version of the key on the grounds that
+it have been validated by the lookup. */
+
+if (yield && opts)
+  {
+  int sep = ',';
+  uschar * ele;
+  while ((ele = string_nextinlist(&opts, &sep, NULL, 0)))
+    if (Ustrcmp(ele, "ret=key") == 0)
+      { yield = string_copy_taint(keystring, FALSE); break; }
+  }
+
 return yield;
 }
 
diff --git a/test/aux-fixed/0625.lsearch b/test/aux-fixed/0625.lsearch
new file mode 100644 (file)
index 0000000..7ec3b5b
--- /dev/null
@@ -0,0 +1 @@
+trythiskey.ex: has this data
index 35a004a..7b5f023 100644 (file)
@@ -13,17 +13,22 @@ begin routers
 virtual:
   driver = redirect
   domains = *.virt.test.ex
-  address_data = ${if match{$domain}{^(.*)\\.virt\\.test\\.ex\$}{${bless:$1}}}
-  data = ${if exists{DIR/aux-fixed/TESTNUM.alias.$address_data} \
-           {${lookup{$local_part}lsearch{DIR/aux-fixed/TESTNUM.alias.$address_data}}} \
-          fail}
+#  address_data = ${if match{$domain}{^(.*)\\.virt\\.test\\.ex\$}{${bless:$1}}}
+  address_data = $1
+#  data = ${if exists{DIR/aux-fixed/TESTNUM.alias.$address_data} \
+#           {${lookup{$local_part}lsearch{DIR/aux-fixed/TESTNUM.alias.$address_data}}} \
+#          fail}
+  data = ${lookup {TESTNUM.alias.$address_data} dsearch,ret=full {DIR/aux-fixed} \
+           {${lookup{$local_part}lsearch{$value}}} \
+          fail}
   no_more
 
 list:
   driver = redirect
   domains = list.test.ex
-  file = ${if exists{DIR/aux-fixed/TESTNUM.list.${bless:$local_part}} \
-            {DIR/aux-fixed/TESTNUM.list.${bless:$local_part}}fail}
+#  file = ${if exists{DIR/aux-fixed/TESTNUM.list.${bless:$local_part}} \
+#            {DIR/aux-fixed/TESTNUM.list.${bless:$local_part}}fail}
+  file = ${lookup {TESTNUM.list.$local_part} dsearch,ret=full {DIR/aux-fixed} {$value}fail}
   no_more
 
 real:
diff --git a/test/confs/0625 b/test/confs/0625
new file mode 120000 (symlink)
index 0000000..f9ae37c
--- /dev/null
@@ -0,0 +1 @@
+0624
\ No newline at end of file
diff --git a/test/log/0625 b/test/log/0625
new file mode 100644 (file)
index 0000000..3cd4ee1
--- /dev/null
@@ -0,0 +1,6 @@
+1999-03-02 09:44:33 domain trythiskey.ex
+1999-03-02 09:44:33 value  has this data
+1999-03-02 09:44:33 $0 'trythiskey.ex'  $1 ''
+1999-03-02 09:44:33 domain trythiskey.ex
+1999-03-02 09:44:33 value  trythiskey.ex
+1999-03-02 09:44:33 $0 'trythiskey.ex'  $1 ''
diff --git a/test/scripts/0000-Basic/0625 b/test/scripts/0000-Basic/0625
new file mode 100644 (file)
index 0000000..0958775
--- /dev/null
@@ -0,0 +1,18 @@
+# singlekey lookup ret-key
+#
+# baseline, get the data
+exim -d-all+expand -bs '-DOPT=notthis : lsearch;DIR/aux-fixed/TESTNUM.lsearch : nothiseither'
+HELO test
+MAIL FROM:<testclient>
+RCPT TO:<a@trythiskey.ex>
+QUIT
+****
+#
+# get the key
+exim -d-all+expand -bs '-DOPT=notthis : lsearch,ret=key;DIR/aux-fixed/TESTNUM.lsearch : nothiseither'
+HELO test
+MAIL FROM:<testclient>
+RCPT TO:<a@trythiskey.ex>
+QUIT
+****
+#
index 5886903..381ef25 100644 (file)
@@ -8,6 +8,7 @@ fail(case): ${lookup{TESTNUM.TST}               dsearch{DIR/aux-fixed}{$value}{FAIL}}
 fail(case): ${lookup{TESTNUM.TST}              dsearch{DIR/AUX-fixed}{$value}{FAIL}}
 fail(path): ${lookup{TESTNUM.tst}              dsearch{.}{$value}{OTHER}}
 ok,full:    ${lookup{TESTNUM.tst} dsearch,ret=full      {DIR/aux-fixed}{$value}{FAIL}}
+ok,key:     ${lookup{TESTNUM.tst} dsearch,ret=key       {DIR/aux-fixed}{$value}{FAIL}}
 ok,file:    ${lookup{TESTNUM.tst} dsearch,filter=file   {DIR/aux-fixed}{$value}{FAIL}}
 fail,file:  ${lookup{TESTNUM.dir} dsearch,filter=file   {DIR/aux-fixed}{$value}{FAIL}}
 ok,dir:     ${lookup{TESTNUM.dir} dsearch,filter=dir    {DIR/aux-fixed}{$value}{FAIL}}
diff --git a/test/stderr/0625 b/test/stderr/0625
new file mode 100644 (file)
index 0000000..455a3ee
--- /dev/null
@@ -0,0 +1,59 @@
+Exim version x.yz ....
+adding SSLKEYLOGFILE=TESTSUITE/spool/sslkeys
+configuration file is TESTSUITE/test-config
+admin user
+LOG: smtp_connection MAIN
+  SMTP connection from CALLER
+ ╭considering: $smtp_active_hostname ESMTP Exim $version_number $tod_full
+ ├──expanding: $smtp_active_hostname ESMTP Exim $version_number $tod_full
+ ╰─────result: primaryhostname.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+ ╭considering: domain $domain
+ ├──expanding: domain $domain
+ ╰─────result: domain trythiskey.ex
+            ╰──(tainted)
+LOG: MAIN
+  domain trythiskey.ex
+created log directory TESTSUITE/spool/log
+ ╭considering: value  $domain_data
+ ├──expanding: value  $domain_data
+ ╰─────result: value  has this data
+LOG: MAIN
+  value  has this data
+ ╭considering: \$0 '$0'  \$1 '$1'
+ ├──expanding: \$0 '$0'  \$1 '$1'
+ ╰─────result: $0 'trythiskey.ex'  $1 ''
+            ╰──(tainted)
+LOG: MAIN
+  $0 'trythiskey.ex'  $1 ''
+LOG: smtp_connection MAIN
+  SMTP connection from CALLER closed by QUIT
+>>>>>>>>>>>>>>>> Exim pid=pppp (fresh-exec) terminating with rc=0 >>>>>>>>>>>>>>>>
+Exim version x.yz ....
+adding SSLKEYLOGFILE=TESTSUITE/spool/sslkeys
+configuration file is TESTSUITE/test-config
+admin user
+LOG: smtp_connection MAIN
+  SMTP connection from CALLER
+ ╭considering: $smtp_active_hostname ESMTP Exim $version_number $tod_full
+ ├──expanding: $smtp_active_hostname ESMTP Exim $version_number $tod_full
+ ╰─────result: primaryhostname.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+ ╭considering: domain $domain
+ ├──expanding: domain $domain
+ ╰─────result: domain trythiskey.ex
+            ╰──(tainted)
+LOG: MAIN
+  domain trythiskey.ex
+ ╭considering: value  $domain_data
+ ├──expanding: value  $domain_data
+ ╰─────result: value  trythiskey.ex
+LOG: MAIN
+  value  trythiskey.ex
+ ╭considering: \$0 '$0'  \$1 '$1'
+ ├──expanding: \$0 '$0'  \$1 '$1'
+ ╰─────result: $0 'trythiskey.ex'  $1 ''
+            ╰──(tainted)
+LOG: MAIN
+  $0 'trythiskey.ex'  $1 ''
+LOG: smtp_connection MAIN
+  SMTP connection from CALLER closed by QUIT
+>>>>>>>>>>>>>>>> Exim pid=pppp (fresh-exec) terminating with rc=0 >>>>>>>>>>>>>>>>
diff --git a/test/stdout/0625 b/test/stdout/0625
new file mode 100644 (file)
index 0000000..e09987c
--- /dev/null
@@ -0,0 +1,10 @@
+220 primaryhostname.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250 primaryhostname.ex Hello CALLER at test\r
+250 OK\r
+250 Accepted\r
+221 primaryhostname.ex closing connection\r
+220 primaryhostname.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250 primaryhostname.ex Hello CALLER at test\r
+250 OK\r
+250 Accepted\r
+221 primaryhostname.ex closing connection\r
index ef5b2a1..7e413c0 100644 (file)
@@ -5,6 +5,7 @@
 > Failed: failed to open TESTSUITE/AUX-fixed for directory search: No such file or directory
 > Failed: dirname '.' for dsearch is not absolute
 > ok,full:    TESTSUITE/aux-fixed/2500.tst
+> ok,key:     2500.tst
 > ok,file:    2500.tst
 > fail,file:  FAIL
 > ok,dir:     2500.dir