1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
4
5 /* Copyright (c) University of Cambridge 1995 - 2018 */
6 /* Copyright (c) The Exim Maintainers 2020 */
7 /* See the file NOTICE for conditions of use and distribution. */
8
9 /* Functions for parsing addresses */
10
11
12 #include "exim.h"
13
14
15 static const uschar *last_comment_position;
16
17
18
19 /* In stand-alone mode, provide a replacement for deliver_make_addr()
20 and rewrite_address[_qualify]() so as to avoid having to drag in too much
21 redundant apparatus. */
22
23 #ifdef STAND_ALONE
24
deliver_make_addr(uschar * address,BOOL copy)25 address_item *deliver_make_addr(uschar *address, BOOL copy)
26 {
27 address_item *addr = store_get(sizeof(address_item), FALSE);
28 addr->next = NULL;
29 addr->parent = NULL;
30 addr->address = address;
31 return addr;
32 }
33
rewrite_address(uschar * recipient,BOOL dummy1,BOOL dummy2,rewrite_rule * dummy3,int dummy4)34 uschar *rewrite_address(uschar *recipient, BOOL dummy1, BOOL dummy2, rewrite_rule
35 *dummy3, int dummy4)
36 {
37 return recipient;
38 }
39
rewrite_address_qualify(uschar * recipient,BOOL dummy1)40 uschar *rewrite_address_qualify(uschar *recipient, BOOL dummy1)
41 {
42 return recipient;
43 }
44
45 #endif
46
47
48
49
50 /*************************************************
51 * Find the end of an address *
52 *************************************************/
53
54 /* Scan over a string looking for the termination of an address at a comma,
55 or end of the string. It's the source-routed addresses which cause much pain
56 here. Although Exim ignores source routes, it must recognize such addresses, so
57 we cannot get rid of this logic.
58
59 Argument:
60 s pointer to the start of an address
61 nl_ends if TRUE, '\n' terminates an address
62
63 Returns: pointer past the end of the address
64 (i.e. points to null or comma)
65 */
66
67 uschar *
parse_find_address_end(const uschar * s,BOOL nl_ends)68 parse_find_address_end(const uschar *s, BOOL nl_ends)
69 {
70 BOOL source_routing = *s == '@';
71 int no_term = source_routing? 1 : 0;
72
73 while (*s != 0 && (*s != ',' || no_term > 0) && (*s != '\n' || !nl_ends))
74 {
75 /* Skip single quoted characters. Strictly these should not occur outside
76 quoted strings in RFC 822 addresses, but they can in RFC 821 addresses. Pity
77 about the lack of consistency, isn't it? */
78
79 if (*s == '\\' && s[1] != 0) s += 2;
80
81 /* Skip quoted items that are not inside brackets. Note that
82 quoted pairs are allowed inside quoted strings. */
83
84 else if (*s == '\"')
85 {
86 while (*(++s) != 0 && (*s != '\n' || !nl_ends))
87 {
88 if (*s == '\\' && s[1] != 0) s++;
89 else if (*s == '\"') { s++; break; }
90 }
91 }
92
93 /* Skip comments, which may include nested brackets, but quotes
94 are not recognized inside comments, though quoted pairs are. */
95
96 else if (*s == '(')
97 {
98 int level = 1;
99 while (*(++s) != 0 && (*s != '\n' || !nl_ends))
100 {
101 if (*s == '\\' && s[1] != 0) s++;
102 else if (*s == '(') level++;
103 else if (*s == ')' && --level <= 0) { s++; break; }
104 }
105 }
106
107 /* Non-special character; just advance. Passing the colon in a source
108 routed address means that any subsequent comma or colon may terminate unless
109 inside angle brackets. */
110
111 else
112 {
113 if (*s == '<')
114 {
115 source_routing = s[1] == '@';
116 no_term = source_routing? 2 : 1;
117 }
118 else if (*s == '>') no_term--;
119 else if (source_routing && *s == ':') no_term--;
120 s++;
121 }
122 }
123
124 return US s;
125 }
126
127
128
129 /*************************************************
130 * Find last @ in an address *
131 *************************************************/
132
133 /* This function is used when we have something that may not qualified. If we
134 know it's qualified, searching for the rightmost '@' is sufficient. Here we
135 have to be a bit more clever than just a plain search, in order to handle
136 unqualified local parts like "thing@thong" correctly. Since quotes may not
137 legally be part of a domain name, we can give up on hitting the first quote
138 when searching from the right. Now that the parsing also permits the RFC 821
139 form of address, where quoted-pairs are allowed in unquoted local parts, we
140 must take care to handle that too.
141
142 Argument: pointer to an address, possibly unqualified
143 Returns: pointer to the last @ in an address, or NULL if none
144 */
145
146 const uschar *
parse_find_at(const uschar * s)147 parse_find_at(const uschar *s)
148 {
149 const uschar * t = s + Ustrlen(s);
150 while (--t >= s)
151 if (*t == '@')
152 {
153 int backslash_count = 0;
154 const uschar *tt = t - 1;
155 while (tt > s && *tt-- == '\\') backslash_count++;
156 if ((backslash_count & 1) == 0) return t;
157 }
158 else if (*t == '\"')
159 return NULL;
160
161 return NULL;
162 }
163
164
165
166
167 /***************************************************************************
168 * In all the functions below that read a particular object type from *
169 * the input, return the new value of the pointer s (the first argument), *
170 * and put the object into the store pointed to by t (the second argument), *
171 * adding a terminating zero. If no object is found, t will point to zero *
172 * on return. *
173 ***************************************************************************/
174
175
176 /*************************************************
177 * Skip white space and comment *
178 *************************************************/
179
180 /* Algorithm:
181 (1) Skip spaces.
182 (2) If uschar not '(', return.
183 (3) Skip till matching ')', not counting any characters
184 escaped with '\'.
185 (4) Move past ')' and goto (1).
186
187 The start of the last potential comment position is remembered to
188 make it possible to ignore comments at the end of compound items.
189
190 Argument: current character pointer
191 Returns: new character pointer
192 */
193
194 static const uschar *
skip_comment(const uschar * s)195 skip_comment(const uschar *s)
196 {
197 last_comment_position = s;
198 while (*s)
199 {
200 int c, level;
201
202 if (Uskip_whitespace(&s) != '(') break;
203 level = 1;
204 while((c = *(++s)))
205 {
206 if (c == '(') level++;
207 else if (c == ')') { if (--level <= 0) { s++; break; } }
208 else if (c == '\\' && s[1] != 0) s++;
209 }
210 }
211 return s;
212 }
213
214
215
216 /*************************************************
217 * Read a domain *
218 *************************************************/
219
220 /* A domain is a sequence of subdomains, separated by dots. See comments below
221 for detailed syntax of the subdomains.
222
223 If allow_domain_literals is TRUE, a "domain" may also be an IP address enclosed
224 in []. Make sure the output is set to the null string if there is a syntax
225 error as well as if there is no domain at all.
226
227 Optionally, msg_id domain literals ( printable-ascii enclosed in [] )
228 are permitted.
229
230 Arguments:
231 s current character pointer
232 t where to put the domain
233 msg_id_literals flag for relaxed domain-literal processing
234 errorptr put error message here on failure (*t will be 0 on exit)
235
236 Returns: new character pointer
237 */
238
239 static const uschar *
read_domain(const uschar * s,uschar * t,BOOL msg_id_literals,uschar ** errorptr)240 read_domain(const uschar *s, uschar *t, BOOL msg_id_literals, uschar **errorptr)
241 {
242 uschar *tt = t;
243 s = skip_comment(s);
244
245 /* Handle domain literals if permitted. An RFC 822 domain literal may contain
246 any character except [ ] \, including linear white space, and may contain
247 quoted characters. However, RFC 821 restricts literals to being dot-separated
248 3-digit numbers, and we make the obvious extension for IPv6. Go for a sequence
249 of digits, dots, hex digits, and colons here; later this will be checked for
250 being a syntactically valid IP address if it ever gets to a router.
251
252 Allow both the formal IPv6 form, with IPV6: at the start, and the informal form
253 without it, and accept IPV4: as well, 'cause someone will use it sooner or
254 later. */
255
256 if (*s == '[')
257 {
258 *t++ = *s++;
259
260 if (strncmpic(s, US"IPv6:", 5) == 0 || strncmpic(s, US"IPv4:", 5) == 0)
261 {
262 memcpy(t, s, 5);
263 t += 5;
264 s += 5;
265 }
266
267 if (msg_id_literals)
268 while (*s >= 33 && *s <= 90 || *s >= 94 && *s <= 126) *t++ = *s++;
269 else
270 while (*s == '.' || *s == ':' || isxdigit(*s)) *t++ = *s++;
271
272 if (*s == ']') *t++ = *s++; else
273 {
274 *errorptr = US"malformed domain literal";
275 *tt = 0;
276 }
277
278 if (!allow_domain_literals && !msg_id_literals)
279 {
280 *errorptr = US"domain literals not allowed";
281 *tt = 0;
282 }
283 *t = 0;
284 return skip_comment(s);
285 }
286
287 /* Handle a proper domain, which is a sequence of dot-separated atoms. Remove
288 trailing dots if strip_trailing_dot is set. A subdomain is an atom.
289
290 An atom is a sequence of any characters except specials, space, and controls.
291 The specials are ( ) < > @ , ; : \ " . [ and ]. This is the rule for RFC 822
292 and its successor (RFC 2822). However, RFC 821 and its successor (RFC 2821) is
293 tighter, allowing only letters, digits, and hyphens, not starting with a
294 hyphen.
295
296 There used to be a global flag that got set when checking addresses that came
297 in over SMTP and which should therefore should be checked according to the
298 stricter rule. However, it seems silly to make the distinction, because I don't
299 suppose anybody ever uses local domains that are 822-compliant and not
300 821-compliant. Furthermore, Exim now has additional data on the spool file line
301 after an address (after "one_time" processing), and it makes use of a #
302 character to delimit it. When I wrote that code, I forgot about this 822-domain
303 stuff, and assumed # could never appear in a domain.
304
305 So the old code is now cut out for Release 4.11 onwards, on 09-Aug-02. In a few
306 years, when we are sure this isn't actually causing trouble, throw it away.
307
308 March 2003: the story continues: There is a camp that is arguing for the use of
309 UTF-8 in domain names as the way to internationalization, and other MTAs
310 support this. Therefore, we now have a flag that permits the use of characters
311 with values greater than 127, encoded in UTF-8, in subdomains, so that Exim can
312 be used experimentally in this way. */
313
314 for (;;)
315 {
316 uschar *tsave = t;
317
318 /*********************
319 if (rfc821_domains)
320 {
321 if (*s != '-') while (isalnum(*s) || *s == '-') *t++ = *s++;
322 }
323 else
324 while (!mac_iscntrl_or_special(*s)) *t++ = *s++;
325 *********************/
326
327 if (*s != '-')
328 {
329 /* Only letters, digits, and hyphens */
330
331 if (!allow_utf8_domains)
332 {
333 while (isalnum(*s) || *s == '-') *t++ = *s++;
334 }
335
336 /* Permit legal UTF-8 characters to be included */
337
338 else for(;;)
339 {
340 int i, d;
341 if (isalnum(*s) || *s == '-') /* legal ascii characters */
342 {
343 *t++ = *s++;
344 continue;
345 }
346 if ((*s & 0xc0) != 0xc0) break; /* not start of UTF-8 character */
347 d = *s << 2;
348 for (i = 1; i < 6; i++) /* i is the number of additional bytes */
349 {
350 if ((d & 0x80) == 0) break;
351 d <<= 1;
352 }
353 if (i == 6) goto BAD_UTF8; /* invalid UTF-8 */
354 *t++ = *s++; /* leading UTF-8 byte */
355 while (i-- > 0) /* copy and check remainder */
356 {
357 if ((*s & 0xc0) != 0x80)
358 {
359 BAD_UTF8:
360 *errorptr = US"invalid UTF-8 byte sequence";
361 *tt = 0;
362 return s;
363 }
364 *t++ = *s++;
365 }
366 } /* End of loop for UTF-8 character */
367 } /* End of subdomain */
368
369 s = skip_comment(s);
370 *t = 0;
371
372 if (t == tsave) /* empty component */
373 {
374 if (strip_trailing_dot && t > tt && *s != '.') t[-1] = 0; else
375 {
376 *errorptr = US"domain missing or malformed";
377 *tt = 0;
378 }
379 return s;
380 }
381
382 if (*s != '.') break;
383 *t++ = *s++;
384 s = skip_comment(s);
385 }
386
387 return s;
388 }
389
390
391
392 /*************************************************
393 * Read a local-part *
394 *************************************************/
395
396 /* A local-part is a sequence of words, separated by periods. A null word
397 between dots is not strictly allowed but apparently many mailers permit it,
398 so, sigh, better be compatible. Even accept a trailing dot...
399
400 A <word> is either a quoted string, or an <atom>, which is a sequence
401 of any characters except specials, space, and controls. The specials are
402 ( ) < > @ , ; : \ " . [ and ]. In RFC 822, a single quoted character, (a
403 quoted-pair) is not allowed in a word. However, in RFC 821, it is permitted in
404 the local part of an address. Rather than have separate parsing functions for
405 the different cases, take the liberal attitude always. At least one MUA is
406 happy to recognize this case; I don't know how many other programs do.
407
408 Arguments:
409 s current character pointer
410 t where to put the local part
411 error where to point error text
412 allow_null TRUE if an empty local part is not an error
413
414 Returns: new character pointer
415 */
416
417 static const uschar *
read_local_part(const uschar * s,uschar * t,uschar ** error,BOOL allow_null)418 read_local_part(const uschar *s, uschar *t, uschar **error, BOOL allow_null)
419 {
420 uschar *tt = t;
421 *error = NULL;
422 for (;;)
423 {
424 int c;
425 uschar *tsave = t;
426 s = skip_comment(s);
427
428 /* Handle a quoted string */
429
430 if (*s == '\"')
431 {
432 *t++ = '\"';
433 while ((c = *++s) && c != '\"')
434 {
435 *t++ = c;
436 if (c == '\\' && s[1]) *t++ = *++s;
437 }
438 if (c == '\"')
439 {
440 s++;
441 *t++ = '\"';
442 }
443 else
444 {
445 *error = US"unmatched doublequote in local part";
446 return s;
447 }
448 }
449
450 /* Handle an atom, but allow quoted pairs within it. */
451
452 else while (!mac_iscntrl_or_special(*s) || *s == '\\')
453 {
454 c = *t++ = *s++;
455 if (c == '\\' && *s) *t++ = *s++;
456 }
457
458 /* Terminate the word and skip subsequent comment */
459
460 *t = 0;
461 s = skip_comment(s);
462
463 /* If we have read a null component at this point, give an error unless it is
464 terminated by a dot - an extension to RFC 822 - or if it is the first
465 component of the local part and an empty local part is permitted, in which
466 case just return normally. */
467
468 if (t == tsave && *s != '.')
469 {
470 if (t == tt && !allow_null)
471 *error = US"missing or malformed local part";
472 return s;
473 }
474
475 /* Anything other than a dot terminates the local part. Treat multiple dots
476 as a single dot, as this seems to be a common extension. */
477
478 if (*s != '.') break;
479 do { *t++ = *s++; } while (*s == '.');
480 }
481
482 return s;
483 }
484
485
486 /*************************************************
487 * Read route part of route-addr *
488 *************************************************/
489
490 /* The pointer is at the initial "@" on entry. Return it following the
491 terminating colon. Exim no longer supports the use of source routes, but it is
492 required to accept the syntax.
493
494 Arguments:
495 s current character pointer
496 t where to put the route
497 errorptr where to put an error message
498
499 Returns: new character pointer
500 */
501
502 static const uschar *
read_route(const uschar * s,uschar * t,uschar ** errorptr)503 read_route(const uschar *s, uschar *t, uschar **errorptr)
504 {
505 BOOL commas = FALSE;
506 *errorptr = NULL;
507
508 while (*s == '@')
509 {
510 *t++ = '@';
511 s = read_domain(s+1, t, FALSE, errorptr);
512 if (*t == 0) return s;
513 t += Ustrlen((const uschar *)t);
514 if (*s != ',') break;
515 *t++ = *s++;
516 commas = TRUE;
517 s = skip_comment(s);
518 }
519
520 if (*s == ':') *t++ = *s++;
521
522 /* If there is no colon, and there were no commas, the most likely error
523 is in fact a missing local part in the address rather than a missing colon
524 after the route. */
525
526 else *errorptr = commas?
527 US"colon expected after route list" :
528 US"no local part";
529
530 /* Terminate the route and return */
531
532 *t = 0;
533 return skip_comment(s);
534 }
535
536
537
538 /*************************************************
539 * Read addr-spec *
540 *************************************************/
541
542 /* Addr-spec is local-part@domain. We make the domain optional -
543 the expected terminator for the whole thing is passed to check this.
544 This function is called only when we know we have a route-addr.
545
546 Arguments:
547 s current character pointer
548 t where to put the addr-spec
549 term expected terminator (0 or >)
550 errorptr where to put an error message
551 domainptr set to point to the start of the domain
552
553 Returns: new character pointer
554 */
555
556 static const uschar *
read_addr_spec(const uschar * s,uschar * t,int term,uschar ** errorptr,uschar ** domainptr)557 read_addr_spec(const uschar *s, uschar *t, int term, uschar **errorptr,
558 uschar **domainptr)
559 {
560 s = read_local_part(s, t, errorptr, FALSE);
561 if (*errorptr == NULL)
562 if (*s != term)
563 if (*s != '@')
564 *errorptr = string_sprintf("\"@\" or \".\" expected after \"%s\"", t);
565 else
566 {
567 t += Ustrlen((const uschar *)t);
568 *t++ = *s++;
569 *domainptr = t;
570 s = read_domain(s, t, FALSE, errorptr);
571 }
572 return s;
573 }
574
575
576
577 /*************************************************
578 * Extract operative address *
579 *************************************************/
580
581 /* This function extracts an operative address from a full RFC822 mailbox and
582 returns it in a piece of dynamic store. We take the easy way and get a piece
583 of store the same size as the input, and then copy into it whatever is
584 necessary. If we cannot find a valid address (syntax error), return NULL, and
585 point the error pointer to the reason. The arguments "start" and "end" are used
586 to return the offsets of the first and one past the last characters in the
587 original mailbox of the address that has been extracted, to aid in re-writing.
588 The argument "domain" is set to point to the first character after "@" in the
589 final part of the returned address, or zero if there is no @.
590
591 Exim no longer supports the use of source routed addresses (those of the form
592 @domain,...:route_addr). It recognizes the syntax, but collapses such addresses
593 down to their final components. Formerly, collapse_source_routes had to be set
594 to achieve this effect. RFC 1123 allows collapsing with MAY, while the revision
595 of RFC 821 had increased this to SHOULD, so I've gone for it, because it makes
596 a lot of code elsewhere in Exim much simpler.
597
598 There are some special fudges here for handling RFC 822 group address notation
599 which may appear in certain headers. If the flag parse_allow_group is set
600 TRUE and parse_found_group is FALSE when this function is called, an address
601 which is the start of a group (i.e. preceded by a phrase and a colon) is
602 recognized; the phrase is ignored and the flag parse_found_group is set. If
603 this flag is TRUE at the end of an address, and if an extraneous semicolon is
604 found, it is ignored and the flag is cleared.
605
606 This logic is used only when scanning through addresses in headers, either to
607 fulfil the -t option, or for rewriting, or for checking header syntax. Because
608 the group "state" has to be remembered between multiple calls of this function,
609 the variables parse_{allow,found}_group are global. It is important to ensure
610 that they are reset to FALSE at the end of scanning a header's list of
611 addresses.
612
613 Arguments:
614 mailbox points to the RFC822 mailbox
615 errorptr where to point an error message
616 start set to start offset in mailbox
617 end set to end offset in mailbox
618 domain set to domain offset in result, or 0 if no domain present
619 allow_null allow <> if TRUE
620
621 Returns: points to the extracted address, or NULL on error
622 */
623
624 #define FAILED(s) { *errorptr = s; goto PARSE_FAILED; }
625
626 uschar *
parse_extract_address(const uschar * mailbox,uschar ** errorptr,int * start,int * end,int * domain,BOOL allow_null)627 parse_extract_address(const uschar *mailbox, uschar **errorptr, int *start, int *end,
628 int *domain, BOOL allow_null)
629 {
630 uschar *yield = store_get(Ustrlen(mailbox) + 1, is_tainted(mailbox));
631 const uschar *startptr, *endptr;
632 const uschar *s = US mailbox;
633 uschar *t = US yield;
634
635 *domain = 0;
636
637 /* At the start of the string we expect either an addr-spec or a phrase
638 preceding a <route-addr>. If groups are allowed, we might also find a phrase
639 preceding a colon and an address. If we find an initial word followed by
640 a dot, strict interpretation of the RFC would cause it to be taken
641 as the start of an addr-spec. However, many mailers break the rules
642 and use addresses of the form "a.n.other <ano@somewhere>" and so we
643 allow this case. */
644
645 RESTART: /* Come back here after passing a group name */
646
647 s = skip_comment(s);
648 startptr = s; /* In case addr-spec */
649 s = read_local_part(s, t, errorptr, TRUE); /* Dot separated words */
650 if (*errorptr) goto PARSE_FAILED;
651
652 /* If the terminator is neither < nor @ then the format of the address
653 must either be a bare local-part (we are now at the end), or a phrase
654 followed by a route-addr (more words must follow). */
655
656 if (*s != '@' && *s != '<')
657 {
658 if (*s == 0 || *s == ';')
659 {
660 if (!*t) FAILED(US"empty address");
661 endptr = last_comment_position;
662 goto PARSE_SUCCEEDED; /* Bare local part */
663 }
664
665 /* Expect phrase route-addr, or phrase : if groups permitted, but allow
666 dots in the phrase; complete the loop only when '<' or ':' is encountered -
667 end of string will produce a null local_part and therefore fail. We don't
668 need to keep updating t, as the phrase isn't to be kept. */
669
670 while (*s != '<' && (!f.parse_allow_group || *s != ':'))
671 {
672 s = read_local_part(s, t, errorptr, FALSE);
673 if (*errorptr)
674 {
675 *errorptr = string_sprintf("%s (expected word or \"<\")", *errorptr);
676 goto PARSE_FAILED;
677 }
678 }
679
680 if (*s == ':')
681 {
682 f.parse_found_group = TRUE;
683 f.parse_allow_group = FALSE;
684 s++;
685 goto RESTART;
686 }
687
688 /* Assert *s == '<' */
689 }
690
691 /* At this point the next character is either '@' or '<'. If it is '@', only a
692 single local-part has previously been read. An angle bracket signifies the
693 start of an <addr-spec>. Throw away anything we have saved so far before
694 processing it. Note that this is "if" rather than "else if" because it's also
695 used after reading a preceding phrase.
696
697 There are a lot of broken sendmails out there that put additional pairs of <>
698 round <route-addr>s. If strip_excess_angle_brackets is set, allow a limited
699 number of them, as long as they match. */
700
701 if (*s == '<')
702 {
703 uschar *domainptr = yield;
704 BOOL source_routed = FALSE;
705 int bracket_count = 1;
706
707 s++;
708 if (strip_excess_angle_brackets) while (*s == '<')
709 {
710 if(bracket_count++ > 5) FAILED(US"angle-brackets nested too deep");
711 s++;
712 }
713
714 t = yield;
715 startptr = s;
716 s = skip_comment(s);
717
718 /* Read an optional series of routes, each of which is a domain. They
719 are separated by commas and terminated by a colon. However, we totally ignore
720 such routes (RFC 1123 says we MAY, and the revision of RFC 821 says we
721 SHOULD). */
722
723 if (*s == '@')
724 {
725 s = read_route(s, t, errorptr);
726 if (*errorptr) goto PARSE_FAILED;
727 *t = 0; /* Ensure route is ignored - probably overkill */
728 source_routed = TRUE;
729 }
730
731 /* Now an addr-spec, terminated by '>'. If there is no preceding route,
732 we must allow an empty addr-spec if allow_null is TRUE, to permit the
733 address "<>" in some circumstances. A source-routed address MUST have
734 a domain in the final part. */
735
736 if (allow_null && !source_routed && *s == '>')
737 {
738 *t = 0;
739 *errorptr = NULL;
740 }
741 else
742 {
743 s = read_addr_spec(s, t, '>', errorptr, &domainptr);
744 if (*errorptr) goto PARSE_FAILED;
745 *domain = domainptr - yield;
746 if (source_routed && *domain == 0)
747 FAILED(US"domain missing in source-routed address");
748 }
749
750 endptr = s;
751 if (*errorptr) goto PARSE_FAILED;
752 while (bracket_count-- > 0) if (*s++ != '>')
753 {
754 *errorptr = s[-1] == 0
755 ? US"'>' missing at end of address"
756 : string_sprintf("malformed address: %.32s may not follow %.*s",
757 s-1, (int)(s - US mailbox - 1), mailbox);
758 goto PARSE_FAILED;
759 }
760
761 s = skip_comment(s);
762 }
763
764 /* Hitting '@' after the first local-part means we have definitely got an
765 addr-spec, on a strict reading of the RFC, and the rest of the string
766 should be the domain. However, for flexibility we allow for a route-address
767 not enclosed in <> as well, which is indicated by an empty first local
768 part preceding '@'. The source routing is, however, ignored. */
769
770 else if (!*t)
771 {
772 uschar *domainptr = yield;
773 s = read_route(s, t, errorptr);
774 if (*errorptr) goto PARSE_FAILED;
775 *t = 0; /* Ensure route is ignored - probably overkill */
776 s = read_addr_spec(s, t, 0, errorptr, &domainptr);
777 if (*errorptr) goto PARSE_FAILED;
778 *domain = domainptr - yield;
779 endptr = last_comment_position;
780 if (*domain == 0) FAILED(US"domain missing in source-routed address");
781 }
782
783 /* This is the strict case of local-part@domain. */
784
785 else
786 {
787 t += Ustrlen((const uschar *)t);
788 *t++ = *s++;
789 *domain = t - yield;
790 s = read_domain(s, t, TRUE, errorptr);
791 if (!*t) goto PARSE_FAILED;
792 endptr = last_comment_position;
793 }
794
795 /* Use goto to get here from the bare local part case. Arrive by falling
796 through for other cases. Endptr may have been moved over whitespace, so
797 move it back past white space if necessary. */
798
799 PARSE_SUCCEEDED:
800 if (*s)
801 {
802 if (f.parse_found_group && *s == ';')
803 {
804 f.parse_found_group = FALSE;
805 f.parse_allow_group = TRUE;
806 }
807 else
808 {
809 *errorptr = string_sprintf("malformed address: %.32s may not follow %.*s",
810 s, (int)(s - US mailbox), mailbox);
811 goto PARSE_FAILED;
812 }
813 }
814 *start = startptr - US mailbox; /* Return offsets */
815 while (isspace(endptr[-1])) endptr--;
816 *end = endptr - US mailbox;
817
818 /* Although this code has no limitation on the length of address extracted,
819 other parts of Exim may have limits, and in any case, RFC 5321 limits email
820 addresses to 256, so we do a check here, giving an error if the address is
821 ridiculously long. */
822
823 if (*end - *start > EXIM_EMAILADDR_MAX)
824 {
825 *errorptr = string_sprintf("address is ridiculously long: %.64s...", yield);
826 return NULL;
827 }
828
829 return yield;
830
831 /* Use goto (via the macro FAILED) to get to here from a variety of places.
832 We might have an empty address in a group - the caller can choose to ignore
833 this. We must, however, keep the flags correct. */
834
835 PARSE_FAILED:
836 if (f.parse_found_group && *s == ';')
837 {
838 f.parse_found_group = FALSE;
839 f.parse_allow_group = TRUE;
840 }
841 return NULL;
842 }
843
844 #undef FAILED
845
846
847
848 /*************************************************
849 * Quote according to RFC 2047 *
850 *************************************************/
851
852 /* This function is used for quoting text in headers according to RFC 2047.
853 If the only characters that strictly need quoting are spaces, we return the
854 original string, unmodified.
855
856 Hmmph. As always, things get perverted for other uses. This function was
857 originally for the "phrase" part of addresses. Now it is being used for much
858 longer texts in ACLs and via the ${rfc2047: expansion item. This means we have
859 to check for overlong "encoded-word"s and split them. November 2004.
860
861 Arguments:
862 string the string to quote - already checked to contain non-printing
863 chars
864 len the length of the string
865 charset the name of the character set; NULL => iso-8859-1
866 fold if TRUE, a newline is inserted before the separating space when
867 more than one encoded-word is generated
868
869 Returns: pointer to the original string, if no quoting needed, or
870 pointer to allocated memory containing the quoted string
871 */
872
873 const uschar *
parse_quote_2047(const uschar * string,int len,uschar * charset,BOOL fold)874 parse_quote_2047(const uschar *string, int len, uschar *charset, BOOL fold)
875 {
876 const uschar * s = string;
877 int hlen, l;
878 BOOL coded = FALSE;
879 BOOL first_byte = FALSE;
880 gstring * g =
881 string_fmt_append(NULL, "=?%s?Q?", charset ? charset : US"iso-8859-1");
882
883 hlen = l = g->ptr;
884
885 for (s = string; len > 0; s++, len--)
886 {
887 int ch = *s;
888
889 if (g->ptr - l > 67 && !first_byte)
890 {
891 g = fold ? string_catn(g, US"?=\n ", 4) : string_catn(g, US"?= ", 3);
892 l = g->ptr;
893 g = string_catn(g, g->s, hlen);
894 }
895
896 if ( ch < 33 || ch > 126
897 || Ustrchr("?=()<>@,;:\\\".[]_", ch) != NULL)
898 {
899 if (ch == ' ')
900 {
901 g = string_catn(g, US"_", 1);
902 first_byte = FALSE;
903 }
904 else
905 {
906 g = string_fmt_append(g, "=%02X", ch);
907 coded = TRUE;
908 first_byte = !first_byte;
909 }
910 }
911 else
912 { g = string_catn(g, s, 1); first_byte = FALSE; }
913 }
914
915 if (coded)
916 string = string_from_gstring(g = string_catn(g, US"?=", 2));
917 else
918 g->ptr = -1;
919
920 gstring_release_unused(g);
921 return string;
922 }
923
924
925
926
927 /*************************************************
928 * Fix up an RFC 822 "phrase" *
929 *************************************************/
930
931 /* This function is called to repair any syntactic defects in the "phrase" part
932 of an RFC822 address. In particular, it is applied to the user's name as read
933 from the passwd file when accepting a local message, and to the data from the
934 -F option.
935
936 If the string contains existing quoted strings or comments containing
937 freestanding quotes, then we just quote those bits that need quoting -
938 otherwise it would get awfully messy and probably not look good. If not, we
939 quote the whole thing if necessary. Thus
940
941 John Q. Smith => "John Q. Smith"
942 John "Jack" Smith => John "Jack" Smith
943 John "Jack" Q. Smith => John "Jack" "Q." Smith
944 John (Jack) Q. Smith => "John (Jack) Q. Smith"
945 John ("Jack") Q. Smith => John ("Jack") "Q." Smith
946 but
947 John (\"Jack\") Q. Smith => "John (\"Jack\") Q. Smith"
948
949 Sheesh! This is tedious code. It is a great pity that the syntax of RFC822 is
950 the way it is...
951
952 August 2000: Additional code added:
953
954 Previously, non-printing characters were turned into question marks, which do
955 not need to be quoted.
956
957 Now, a different tactic is used if there are any non-printing ASCII
958 characters. The encoding method from RFC 2047 is used, assuming iso-8859-1 as
959 the character set.
960
961 We *could* use this for all cases, getting rid of the messy original code,
962 but leave it for now. It would complicate simple cases like "John Q. Smith".
963
964 The result is passed back in allocated memory.
965
966 Arguments:
967 phrase an RFC822 phrase
968 len the length of the phrase
969
970 Returns: the fixed RFC822 phrase
971 */
972
973 const uschar *
parse_fix_phrase(const uschar * phrase,int len)974 parse_fix_phrase(const uschar *phrase, int len)
975 {
976 int ch, i;
977 BOOL quoted = FALSE;
978 const uschar *s, *end;
979 uschar * buffer;
980 uschar *t, *yield;
981
982 while (len > 0 && isspace(*phrase)) { phrase++; len--; }
983
984 /* See if there are any non-printing characters, and if so, use the RFC 2047
985 encoding for the whole thing. */
986
987 for (i = 0, s = phrase; i < len; i++, s++)
988 if ((*s < 32 && *s != '\t') || *s > 126) break;
989
990 if (i < len)
991 return parse_quote_2047(phrase, len, headers_charset, FALSE);
992
993 /* No non-printers; use the RFC 822 quoting rules */
994
995 if (len <= 0 || len >= INT_MAX/4)
996 {
997 return string_copy_taint(CUS"", is_tainted(phrase));
998 }
999
1000 buffer = store_get((len+1)*4, is_tainted(phrase));
1001
1002 s = phrase;
1003 end = s + len;
1004 yield = t = buffer + 1;
1005
1006 while (s < end)
1007 {
1008 ch = *s++;
1009
1010 /* Copy over quoted strings, remembering we encountered one */
1011
1012 if (ch == '\"')
1013 {
1014 *t++ = '\"';
1015 while (s < end && (ch = *s++) != '\"')
1016 {
1017 *t++ = ch;
1018 if (ch == '\\' && s < end) *t++ = *s++;
1019 }
1020 *t++ = '\"';
1021 if (s >= end) break;
1022 quoted = TRUE;
1023 }
1024
1025 /* Copy over comments, noting if they contain freestanding quote
1026 characters */
1027
1028 else if (ch == '(')
1029 {
1030 int level = 1;
1031 *t++ = '(';
1032 while (s < end)
1033 {
1034 ch = *s++;
1035 *t++ = ch;
1036 if (ch == '(') level++;
1037 else if (ch == ')') { if (--level <= 0) break; }
1038 else if (ch == '\\' && s < end) *t++ = *s++ & 127;
1039 else if (ch == '\"') quoted = TRUE;
1040 }
1041 if (ch == 0)
1042 {
1043 while (level--) *t++ = ')';
1044 break;
1045 }
1046 }
1047
1048 /* Handle special characters that need to be quoted */
1049
1050 else if (Ustrchr(")<>@,;:\\.[]", ch) != NULL)
1051 {
1052 /* If hit previous quotes just make one quoted "word" */
1053
1054 if (quoted)
1055 {
1056 uschar *tt = t++;
1057 while (*(--tt) != ' ' && *tt != '\"' && *tt != ')') tt[1] = *tt;
1058 tt[1] = '\"';
1059 *t++ = ch;
1060 while (s < end)
1061 {
1062 ch = *s++;
1063 if (ch == ' ' || ch == '\"') { s--; break; } else *t++ = ch;
1064 }
1065 *t++ = '\"';
1066 }
1067
1068 /* Else quote the whole string so far, and the rest up to any following
1069 quotes. We must treat anything following a backslash as a literal. */
1070
1071 else
1072 {
1073 BOOL escaped = (ch == '\\');
1074 *(--yield) = '\"';
1075 *t++ = ch;
1076
1077 /* Now look for the end or a quote */
1078
1079 while (s < end)
1080 {
1081 ch = *s++;
1082
1083 /* Handle escaped pairs */
1084
1085 if (escaped)
1086 {
1087 *t++ = ch;
1088 escaped = FALSE;
1089 }
1090
1091 else if (ch == '\\')
1092 {
1093 *t++ = ch;
1094 escaped = TRUE;
1095 }
1096
1097 /* If hit subsequent quotes, insert our quote before any trailing
1098 spaces and back up to re-handle the quote in the outer loop. */
1099
1100 else if (ch == '\"')
1101 {
1102 int count = 0;
1103 while (t[-1] == ' ') { t--; count++; }
1104 *t++ = '\"';
1105 while (count-- > 0) *t++ = ' ';
1106 s--;
1107 break;
1108 }
1109
1110 /* If hit a subsequent comment, check it for unescaped quotes,
1111 and if so, end our quote before it. */
1112
1113 else if (ch == '(')
1114 {
1115 const uschar *ss = s; /* uschar after '(' */
1116 int level = 1;
1117 while(ss < end)
1118 {
1119 ch = *ss++;
1120 if (ch == '(') level++;
1121 else if (ch == ')') { if (--level <= 0) break; }
1122 else if (ch == '\\' && ss+1 < end) ss++;
1123 else if (ch == '\"') { quoted = TRUE; break; }
1124 }
1125
1126 /* Comment contains unescaped quotes; end our quote before
1127 the start of the comment. */
1128
1129 if (quoted)
1130 {
1131 int count = 0;
1132 while (t[-1] == ' ') { t--; count++; }
1133 *t++ = '\"';
1134 while (count-- > 0) *t++ = ' ';
1135 break;
1136 }
1137
1138 /* Comment does not contain unescaped quotes; include it in
1139 our quote. */
1140
1141 else
1142 {
1143 if (ss >= end) ss--;
1144 *t++ = '(';
1145 if (ss > s)
1146 {
1147 Ustrncpy(t, s, ss-s);
1148 t += ss-s;
1149 s = ss;
1150 }
1151 }
1152 }
1153
1154 /* Not a comment or quote; include this character in our quotes. */
1155
1156 else *t++ = ch;
1157 }
1158 }
1159
1160 /* Add a final quote if we hit the end of the string. */
1161
1162 if (s >= end) *t++ = '\"';
1163 }
1164
1165 /* Non-special character; just copy it over */
1166
1167 else *t++ = ch;
1168 }
1169
1170 *t = 0;
1171 store_release_above(t+1);
1172 return yield;
1173 }
1174
1175
1176 /*************************************************
1177 * Extract addresses from a list *
1178 *************************************************/
1179
1180 /* This function is called by the redirect router to scan a string containing a
1181 list of addresses separated by commas (with optional white space) or by
1182 newlines, and to generate a chain of address items from them. In other words,
1183 to unpick data from an alias or .forward file.
1184
1185 The SunOS5 documentation for alias files is not very clear on the syntax; it
1186 does not say that either a comma or a newline can be used for separation.
1187 However, that is the way Smail does it, so we follow suit.
1188
1189 If a # character is encountered in a white space position, then characters from
1190 there to the next newline are skipped.
1191
1192 If an unqualified address begins with '\', just skip that character. This gives
1193 compatibility with Sendmail's use of \ to prevent looping. Exim has its own
1194 loop prevention scheme which handles other cases too - see the code in
1195 route_address().
1196
1197 An "address" can be a specification of a file or a pipe; the latter may often
1198 need to be quoted because it may contain spaces, but we don't want to retain
1199 the quotes. Quotes may appear in normal addresses too, and should be retained.
1200 We can distinguish between these cases, because in addresses, quotes are used
1201 only for parts of the address, not the whole thing. Therefore, we remove quotes
1202 from items when they entirely enclose them, but not otherwise.
1203
1204 An "address" can also be of the form :include:pathname to include a list of
1205 addresses contained in the specified file.
1206
1207 Any unqualified addresses are qualified with and rewritten if necessary, via
1208 the rewrite_address() function.
1209
1210 Arguments:
1211 s the list of addresses (typically a complete
1212 .forward file or a list of entries in an alias file)
1213 options option bits for permitting or denying various special cases;
1214 not all bits are relevant here - some are for filter
1215 files; those we use here are:
1216 RDO_DEFER
1217 RDO_FREEZE
1218 RDO_FAIL
1219 RDO_BLACKHOLE
1220 RDO_REWRITE
1221 RDO_INCLUDE
1222 anchor where to hang the chain of newly-created addresses. This
1223 should be initialized to NULL.
1224 error where to return an error text
1225 incoming domain domain of the incoming address; used to qualify unqualified
1226 local parts preceded by \
1227 directory if NULL, no checks are done on :include: files
1228 otherwise, included file names must start with the given
1229 directory
1230 syntax_errors if not NULL, it carries on after syntax errors in addresses,
1231 building up a list of errors as error blocks chained on
1232 here.
1233
1234 Returns: FF_DELIVERED addresses extracted
1235 FF_NOTDELIVERED no addresses extracted, but no errors
1236 FF_BLACKHOLE :blackhole:
1237 FF_DEFER :defer:
1238 FF_FAIL :fail:
1239 FF_INCLUDEFAIL some problem with :include:; *error set
1240 FF_ERROR other problems; *error is set
1241 */
1242
1243 int
parse_forward_list(const uschar * s,int options,address_item ** anchor,uschar ** error,const uschar * incoming_domain,uschar * directory,error_block ** syntax_errors)1244 parse_forward_list(const uschar *s, int options, address_item **anchor,
1245 uschar **error, const uschar *incoming_domain, uschar *directory,
1246 error_block **syntax_errors)
1247 {
1248 int count = 0;
1249
1250 DEBUG(D_route) debug_printf("parse_forward_list: %s\n", s);
1251
1252 for (;;)
1253 {
1254 int len;
1255 int special = 0;
1256 int specopt = 0;
1257 int specbit = 0;
1258 const uschar *ss, *nexts;
1259 address_item *addr;
1260 BOOL inquote = FALSE;
1261
1262 for (;;)
1263 {
1264 while (isspace(*s) || *s == ',') s++;
1265 if (*s == '#') { while (*s != 0 && *s != '\n') s++; } else break;
1266 }
1267
1268 /* When we reach the end of the list, we return FF_DELIVERED if any child
1269 addresses have been generated. If nothing has been generated, there are two
1270 possibilities: either the list is really empty, or there were syntax errors
1271 that are being skipped. (If syntax errors are not being skipped, an FF_ERROR
1272 return is generated on hitting a syntax error and we don't get here.) For a
1273 truly empty list we return FF_NOTDELIVERED so that the router can decline.
1274 However, if the list is empty only because syntax errors were skipped, we
1275 return FF_DELIVERED. */
1276
1277 if (!*s)
1278 {
1279 return (count > 0 || (syntax_errors && *syntax_errors))
1280 ? FF_DELIVERED : FF_NOTDELIVERED;
1281
1282 /* This previous code returns FF_ERROR if nothing is generated but a
1283 syntax error has been skipped. I now think it is the wrong approach, but
1284 have left this here just in case, and for the record. */
1285
1286 #ifdef NEVER
1287 if (count > 0) return FF_DELIVERED; /* Something was generated */
1288
1289 if (syntax_errors == NULL || /* Not skipping syntax errors, or */
1290 *syntax_errors == NULL) /* we didn't actually skip any */
1291 return FF_NOTDELIVERED;
1292
1293 *error = string_sprintf("no addresses generated: syntax error in %s: %s",
1294 (*syntax_errors)->text2, (*syntax_errors)->text1);
1295 return FF_ERROR;
1296 #endif
1297 }
1298
1299 /* Find the end of the next address. Quoted strings in addresses may contain
1300 escaped characters; I haven't found a proper specification of .forward or
1301 alias files that mentions the quoting properties, but it seems right to do
1302 the escaping thing in all cases, so use the function that finds the end of an
1303 address. However, don't let a quoted string extend over the end of a line. */
1304
1305 ss = parse_find_address_end(s, TRUE);
1306
1307 /* Remember where we finished, for starting the next one. */
1308
1309 nexts = ss;
1310
1311 /* Remove any trailing spaces; we know there's at least one non-space. */
1312
1313 while (isspace((ss[-1]))) ss--;
1314
1315 /* We now have s->start and ss->end of the next address. Remove quotes
1316 if they completely enclose, remembering the address started with a quote
1317 for handling pipes and files. Another round of removal of leading and
1318 trailing spaces is then required. */
1319
1320 if (*s == '\"' && ss[-1] == '\"')
1321 {
1322 s++;
1323 ss--;
1324 inquote = TRUE;
1325 while (s < ss && isspace(*s)) s++;
1326 while (ss > s && isspace((ss[-1]))) ss--;
1327 }
1328
1329 /* Set up the length of the address. */
1330
1331 len = ss - s;
1332
1333 DEBUG(D_route) debug_printf("extract item: %.*s\n", len, s);
1334
1335 /* Handle special addresses if permitted. If the address is :unknown:
1336 ignore it - this is for backward compatibility with old alias files. You
1337 don't need to use it nowadays - just generate an empty string. For :defer:,
1338 :blackhole:, or :fail: we have to set up the error message and give up right
1339 away. */
1340
1341 if (Ustrncmp(s, ":unknown:", len) == 0)
1342 {
1343 s = nexts;
1344 continue;
1345 }
1346
1347 if (Ustrncmp(s, ":defer:", 7) == 0)
1348 { special = FF_DEFER; specopt = RDO_DEFER; } /* specbit is 0 */
1349 else if (Ustrncmp(s, ":blackhole:", 11) == 0)
1350 { special = FF_BLACKHOLE; specopt = specbit = RDO_BLACKHOLE; }
1351 else if (Ustrncmp(s, ":fail:", 6) == 0)
1352 { special = FF_FAIL; specopt = RDO_FAIL; } /* specbit is 0 */
1353
1354 if (special)
1355 {
1356 uschar *ss = Ustrchr(s+1, ':') + 1;
1357 if ((options & specopt) == specbit)
1358 {
1359 *error = string_sprintf("\"%.*s\" is not permitted", len, s);
1360 return FF_ERROR;
1361 }
1362 while (*ss && isspace(*ss)) ss++;
1363 while (s[len] && s[len] != '\n') len++;
1364 *error = string_copyn(ss, s + len - ss);
1365 return special;
1366 }
1367
1368 /* If the address is of the form :include:pathname, read the file, and call
1369 this function recursively to extract the addresses from it. If directory is
1370 NULL, do no checks. Otherwise, insist that the file name starts with the
1371 given directory and is a regular file. */
1372
1373 if (Ustrncmp(s, ":include:", 9) == 0)
1374 {
1375 uschar *filebuf;
1376 uschar filename[256];
1377 const uschar * t = s+9;
1378 int flen = len - 9;
1379 int frc;
1380 struct stat statbuf;
1381 address_item *last;
1382 FILE *f;
1383
1384 while (flen > 0 && isspace(*t)) { t++; flen--; }
1385
1386 if (flen <= 0)
1387 {
1388 *error = US"file name missing after :include:";
1389 return FF_ERROR;
1390 }
1391
1392 if (flen > 255)
1393 {
1394 *error = string_sprintf("included file name \"%s\" is too long", t);
1395 return FF_ERROR;
1396 }
1397
1398 Ustrncpy(filename, t, flen);
1399 filename[flen] = 0;
1400
1401 /* Insist on absolute path */
1402
1403 if (filename[0] != '/')
1404 {
1405 *error = string_sprintf("included file \"%s\" is not an absolute path",
1406 filename);
1407 return FF_ERROR;
1408 }
1409
1410 /* Check if include is permitted */
1411
1412 if (options & RDO_INCLUDE)
1413 {
1414 *error = US"included files not permitted";
1415 return FF_ERROR;
1416 }
1417
1418 if ((*error = is_tainted2(filename, 0, "Tainted name '%s' for included file not permitted\n", filename)))
1419 return FF_ERROR;
1420
1421 /* Check file name if required */
1422
1423 if (directory)
1424 {
1425 int len = Ustrlen(directory);
1426 uschar *p = filename + len;
1427
1428 if (Ustrncmp(filename, directory, len) != 0 || *p != '/')
1429 {
1430 *error = string_sprintf("included file %s is not in directory %s",
1431 filename, directory);
1432 return FF_ERROR;
1433 }
1434
1435 #ifdef EXIM_HAVE_OPENAT
1436 /* It is necessary to check that every component inside the directory
1437 is NOT a symbolic link, in order to keep the file inside the directory.
1438 This is mighty tedious. We open the directory and openat every component,
1439 with a flag that fails symlinks. */
1440
1441 {
1442 int fd = exim_open2(CS directory, O_RDONLY);
1443 if (fd < 0)
1444 {
1445 *error = string_sprintf("failed to open directory %s", directory);
1446 return FF_ERROR;
1447 }
1448 while (*p)
1449 {
1450 uschar temp;
1451 int fd2;
1452 uschar * q = p;
1453
1454 while (*++p && *p != '/') ;
1455 temp = *p;
1456 *p = '\0';
1457
1458 fd2 = exim_openat(fd, CS q, O_RDONLY|O_NOFOLLOW);
1459 close(fd);
1460 *p = temp;
1461 if (fd2 < 0)
1462 {
1463 *error = string_sprintf("failed to open %s (component of included "
1464 "file); could be symbolic link", filename);
1465 return FF_ERROR;
1466 }
1467 fd = fd2;
1468 }
1469 f = fdopen(fd, "rb");
1470 }
1471 #else
1472 /* It is necessary to check that every component inside the directory
1473 is NOT a symbolic link, in order to keep the file inside the directory.
1474 This is mighty tedious. It is also not totally foolproof in that it
1475 leaves the possibility of a race attack, but I don't know how to do
1476 any better. */
1477
1478 while (*p)
1479 {
1480 int temp;
1481 while (*++p && *p != '/');
1482 temp = *p;
1483 *p = 0;
1484 if (Ulstat(filename, &statbuf) != 0)
1485 {
1486 *error = string_sprintf("failed to stat %s (component of included "
1487 "file)", filename);
1488 *p = temp;
1489 return FF_ERROR;
1490 }
1491
1492 *p = temp;
1493
1494 if ((statbuf.st_mode & S_IFMT) == S_IFLNK)
1495 {
1496 *error = string_sprintf("included file %s in the %s directory "
1497 "involves a symbolic link", filename, directory);
1498 return FF_ERROR;
1499 }
1500 }
1501 #endif
1502 }
1503
1504 #ifdef EXIM_HAVE_OPENAT
1505 else
1506 #endif
1507 /* Open and stat the file */
1508 f = Ufopen(filename, "rb");
1509
1510 if (!f)
1511 {
1512 *error = string_open_failed("included file %s", filename);
1513 return FF_INCLUDEFAIL;
1514 }
1515
1516 if (fstat(fileno(f), &statbuf) != 0)
1517 {
1518 *error = string_sprintf("failed to stat included file %s: %s",
1519 filename, strerror(errno));
1520 (void)fclose(f);
1521 return FF_INCLUDEFAIL;
1522 }
1523
1524 /* If directory was checked, double check that we opened a regular file */
1525
1526 if (directory && (statbuf.st_mode & S_IFMT) != S_IFREG)
1527 {
1528 *error = string_sprintf("included file %s is not a regular file in "
1529 "the %s directory", filename, directory);
1530 return FF_ERROR;
1531 }
1532
1533 /* Get a buffer and read the contents */
1534
1535 if (statbuf.st_size > MAX_INCLUDE_SIZE)
1536 {
1537 *error = string_sprintf("included file %s is too big (max %d)",
1538 filename, MAX_INCLUDE_SIZE);
1539 return FF_ERROR;
1540 }
1541
1542 filebuf = store_get(statbuf.st_size + 1, is_tainted(filename));
1543 if (fread(filebuf, 1, statbuf.st_size, f) != statbuf.st_size)
1544 {
1545 *error = string_sprintf("error while reading included file %s: %s",
1546 filename, strerror(errno));
1547 (void)fclose(f);
1548 return FF_ERROR;
1549 }
1550 filebuf[statbuf.st_size] = 0;
1551 (void)fclose(f);
1552
1553 addr = NULL;
1554 frc = parse_forward_list(filebuf, options, &addr,
1555 error, incoming_domain, directory, syntax_errors);
1556 if (frc != FF_DELIVERED && frc != FF_NOTDELIVERED) return frc;
1557
1558 if (addr)
1559 {
1560 for (last = addr; last->next; last = last->next) count++;
1561 last->next = *anchor;
1562 *anchor = addr;
1563 count++;
1564 }
1565 }
1566
1567 /* Else (not :include:) ensure address is syntactically correct and fully
1568 qualified if not a pipe or a file, removing a leading \ if present on an
1569 unqualified address. For pipes and files we must handle quoting. It's
1570 not quite clear exactly what to do for partially quoted things, but the
1571 common case of having the whole thing in quotes is straightforward. If this
1572 was the case, inquote will have been set TRUE above and the quotes removed.
1573
1574 There is a possible ambiguity over addresses whose local parts start with
1575 a vertical bar or a slash, and the latter do in fact occur, thanks to X.400.
1576 Consider a .forward file that contains the line
1577
1578 /X=xxx/Y=xxx/OU=xxx/@some.gate.way
1579
1580 Is this a file or an X.400 address? Does it make any difference if it is in
1581 quotes? On the grounds that file names of this type are rare, Exim treats
1582 something that parses as an RFC 822 address and has a domain as an address
1583 rather than a file or a pipe. This is also how an address such as the above
1584 would be treated if it came in from outside. */
1585
1586 else
1587 {
1588 int start, end, domain;
1589 const uschar *recipient = NULL;
1590 uschar * s_ltd = string_copyn(s, len);
1591
1592 /* If it starts with \ and the rest of it parses as a valid mail address
1593 without a domain, carry on with that address, but qualify it with the
1594 incoming domain. Otherwise arrange for the address to fall through,
1595 causing an error message on the re-parse. */
1596
1597 if (*s_ltd == '\\')
1598 {
1599 recipient =
1600 parse_extract_address(s_ltd+1, error, &start, &end, &domain, FALSE);
1601 if (recipient)
1602 recipient = domain != 0 ? NULL :
1603 string_sprintf("%s@%s", recipient, incoming_domain);
1604 }
1605
1606 /* Try parsing the item as an address. */
1607
1608 if (!recipient) recipient =
1609 parse_extract_address(s_ltd, error, &start, &end, &domain, FALSE);
1610
1611 /* If item starts with / or | and is not a valid address, or there
1612 is no domain, treat it as a file or pipe. If it was a quoted item,
1613 remove the quoting occurrences of \ within it. */
1614
1615 if ((*s_ltd == '|' || *s_ltd == '/') && (recipient == NULL || domain == 0))
1616 {
1617 uschar *t = store_get(Ustrlen(s_ltd) + 1, is_tainted(s_ltd));
1618 uschar *p = t;
1619 uschar *q = s_ltd;
1620 while (*q != 0)
1621 {
1622 if (inquote)
1623 {
1624 *p++ = (*q == '\\')? *(++q) : *q;
1625 q++;
1626 }
1627 else *p++ = *q++;
1628 }
1629 *p = 0;
1630 addr = deliver_make_addr(t, TRUE);
1631 setflag(addr, af_pfr); /* indicates pipe/file/reply */
1632 if (*s_ltd != '|') setflag(addr, af_file); /* indicates file */
1633 }
1634
1635 /* Item must be an address. Complain if not, else qualify, rewrite and set
1636 up the control block. It appears that people are in the habit of using
1637 empty addresses but with comments as a way of putting comments into
1638 alias and forward files. Therefore, ignore the error "empty address".
1639 Mailing lists might want to tolerate syntax errors; there is therefore
1640 an option to do so. */
1641
1642 else
1643 {
1644 if (!recipient)
1645 {
1646 if (Ustrcmp(*error, "empty address") == 0)
1647 {
1648 *error = NULL;
1649 s = nexts;
1650 continue;
1651 }
1652
1653 if (syntax_errors)
1654 {
1655 error_block *e = store_get(sizeof(error_block), FALSE);
1656 error_block *last = *syntax_errors;
1657 if (!last) *syntax_errors = e; else
1658 {
1659 while (last->next) last = last->next;
1660 last->next = e;
1661 }
1662 e->next = NULL;
1663 e->text1 = *error;
1664 e->text2 = s_ltd;
1665 s = nexts;
1666 continue;
1667 }
1668 else
1669 {
1670 *error = string_sprintf("%s in \"%s\"", *error, s_ltd);
1671 return FF_ERROR;
1672 }
1673 }
1674
1675 /* Address was successfully parsed. Rewrite, and then make an address
1676 block. */
1677
1678 recipient = ((options & RDO_REWRITE) != 0)?
1679 rewrite_address(recipient, TRUE, FALSE, global_rewrite_rules,
1680 rewrite_existflags) :
1681 rewrite_address_qualify(recipient, TRUE); /*XXX loses track of const */
1682 addr = deliver_make_addr(US recipient, TRUE); /* TRUE => copy recipient, so deconst ok */
1683 }
1684
1685 /* Add the original data to the output chain. */
1686
1687 addr->next = *anchor;
1688 *anchor = addr;
1689 count++;
1690 }
1691
1692 /* Advance pointer for the next address */
1693
1694 s = nexts;
1695 }
1696 }
1697
1698
1699 /*************************************************
1700 * Extract a Message-ID *
1701 *************************************************/
1702
1703 /* This function is used to extract message ids from In-Reply-To: and
1704 References: header lines.
1705
1706 Arguments:
1707 str pointer to the start of the message-id
1708 yield put pointer to the message id (in dynamic memory) here
1709 error put error message here on failure
1710
1711 Returns: points after the processed message-id or NULL on error
1712 */
1713
1714 const uschar *
parse_message_id(const uschar * str,uschar ** yield,uschar ** error)1715 parse_message_id(const uschar *str, uschar **yield, uschar **error)
1716 {
1717 uschar *domain = NULL;
1718 uschar *id;
1719 rmark reset_point;
1720
1721 str = skip_comment(str);
1722 if (*str != '<')
1723 {
1724 *error = US"Missing '<' before message-id";
1725 return NULL;
1726 }
1727
1728 /* Getting a block the size of the input string will definitely be sufficient
1729 for the answer, but it may also be very long if we are processing a header
1730 line. Therefore, take care to release unwanted store afterwards. */
1731
1732 reset_point = store_mark();
1733 id = *yield = store_get(Ustrlen(str) + 1, is_tainted(str));
1734 *id++ = *str++;
1735
1736 str = read_addr_spec(str, id, '>', error, &domain);
1737
1738 if (!*error)
1739 {
1740 if (*str != '>') *error = US"Missing '>' after message-id";
1741 else if (domain == NULL) *error = US"domain missing in message-id";
1742 }
1743
1744 if (*error)
1745 {
1746 store_reset(reset_point);
1747 return NULL;
1748 }
1749
1750 while (*id) id++;
1751 *id++ = *str++;
1752 *id++ = 0;
1753 store_release_above(id);
1754
1755 return skip_comment(str);
1756 }
1757
1758
1759 /*************************************************
1760 * Parse a fixed digit number *
1761 *************************************************/
1762
1763 /* Parse a string containing an ASCII encoded fixed digits number
1764
1765 Arguments:
1766 str pointer to the start of the ASCII encoded number
1767 n pointer to the resulting value
1768 digits number of required digits
1769
1770 Returns: points after the processed date or NULL on error
1771 */
1772
1773 static const uschar *
parse_number(const uschar * str,int * n,int digits)1774 parse_number(const uschar *str, int *n, int digits)
1775 {
1776 *n=0;
1777 while (digits--)
1778 {
1779 if (*str<'0' || *str>'9') return NULL;
1780 *n=10*(*n)+(*str++-'0');
1781 }
1782 return str;
1783 }
1784
1785
1786 /*************************************************
1787 * Parse a RFC 2822 day of week *
1788 *************************************************/
1789
1790 /* Parse the day of the week from a RFC 2822 date, but do not
1791 decode it, because it is only for humans.
1792
1793 Arguments:
1794 str pointer to the start of the day of the week
1795
1796 Returns: points after the parsed day or NULL on error
1797 */
1798
1799 static const uschar *
parse_day_of_week(const uschar * str)1800 parse_day_of_week(const uschar * str)
1801 {
1802 /*
1803 day-of-week = ([FWS] day-name) / obs-day-of-week
1804
1805 day-name = "Mon" / "Tue" / "Wed" / "Thu" /
1806 "Fri" / "Sat" / "Sun"
1807
1808 obs-day-of-week = [CFWS] day-name [CFWS]
1809 */
1810
1811 static const uschar *day_name[7]={ US"mon", US"tue", US"wed", US"thu", US"fri", US"sat", US"sun" };
1812 int i;
1813 uschar day[4];
1814
1815 str = skip_comment(str);
1816 for (i = 0; i < 3; ++i)
1817 {
1818 if ((day[i] = tolower(*str)) == '\0') return NULL;
1819 ++str;
1820 }
1821 day[3] = '\0';
1822 for (i = 0; i<7; ++i) if (Ustrcmp(day,day_name[i]) == 0) break;
1823 if (i == 7) return NULL;
1824 return skip_comment(str);
1825 }
1826
1827
1828 /*************************************************
1829 * Parse a RFC 2822 date *
1830 *************************************************/
1831
1832 /* Parse the date part of a RFC 2822 date-time, extracting the
1833 day, month and year.
1834
1835 Arguments:
1836 str pointer to the start of the date
1837 d pointer to the resulting day
1838 m pointer to the resulting month
1839 y pointer to the resulting year
1840
1841 Returns: points after the processed date or NULL on error
1842 */
1843
1844 static const uschar *
parse_date(const uschar * str,int * d,int * m,int * y)1845 parse_date(const uschar *str, int *d, int *m, int *y)
1846 {
1847 /*
1848 date = day month year
1849
1850 year = 4*DIGIT / obs-year
1851
1852 obs-year = [CFWS] 2*DIGIT [CFWS]
1853
1854 month = (FWS month-name FWS) / obs-month
1855
1856 month-name = "Jan" / "Feb" / "Mar" / "Apr" /
1857 "May" / "Jun" / "Jul" / "Aug" /
1858 "Sep" / "Oct" / "Nov" / "Dec"
1859
1860 obs-month = CFWS month-name CFWS
1861
1862 day = ([FWS] 1*2DIGIT) / obs-day
1863
1864 obs-day = [CFWS] 1*2DIGIT [CFWS]
1865 */
1866
1867 const uschar * s, * n;
1868 static const uschar *month_name[]={ US"jan", US"feb", US"mar", US"apr", US"may", US"jun", US"jul", US"aug", US"sep", US"oct", US"nov", US"dec" };
1869 int i;
1870 uschar month[4];
1871
1872 str = skip_comment(str);
1873 if ((str = parse_number(str,d,1)) == NULL) return NULL;
1874
1875 if (*str>='0' && *str<='9') *d = 10*(*d)+(*str++-'0');
1876 s = skip_comment(str);
1877 if (s == str) return NULL;
1878 str = s;
1879
1880 for (i = 0; i<3; ++i) if ((month[i]=tolower(*(str+i))) == '\0') return NULL;
1881 month[3] = '\0';
1882 for (i = 0; i<12; ++i) if (Ustrcmp(month,month_name[i]) == 0) break;
1883 if (i == 12) return NULL;
1884 str+=3;
1885 *m = i;
1886 s = skip_comment(str);
1887 if (s == str) return NULL;
1888 str=s;
1889
1890 if ((n = parse_number(str,y,4)))
1891 {
1892 str = n;
1893 if (*y<1900) return NULL;
1894 *y = *y-1900;
1895 }
1896 else if ((n = parse_number(str,y,2)))
1897 {
1898 str = skip_comment(n);
1899 while (*(str-1) == ' ' || *(str-1) == '\t') --str; /* match last FWS later */
1900 if (*y<50) *y+=100;
1901 }
1902 else return NULL;
1903 return str;
1904 }
1905
1906
1907 /*************************************************
1908 * Parse a RFC 2822 Time *
1909 *************************************************/
1910
1911 /* Parse the time part of a RFC 2822 date-time, extracting the
1912 hour, minute, second and timezone.
1913
1914 Arguments:
1915 str pointer to the start of the time
1916 h pointer to the resulting hour
1917 m pointer to the resulting minute
1918 s pointer to the resulting second
1919 z pointer to the resulting timezone (offset in seconds)
1920
1921 Returns: points after the processed time or NULL on error
1922 */
1923
1924 static const uschar *
parse_time(const uschar * str,int * h,int * m,int * s,int * z)1925 parse_time(const uschar *str, int *h, int *m, int *s, int *z)
1926 {
1927 /*
1928 time = time-of-day FWS zone
1929
1930 time-of-day = hour ":" minute [ ":" second ]
1931
1932 hour = 2DIGIT / obs-hour
1933
1934 obs-hour = [CFWS] 2DIGIT [CFWS]
1935
1936 minute = 2DIGIT / obs-minute
1937
1938 obs-minute = [CFWS] 2DIGIT [CFWS]
1939
1940 second = 2DIGIT / obs-second
1941
1942 obs-second = [CFWS] 2DIGIT [CFWS]
1943
1944 zone = (( "+" / "-" ) 4DIGIT) / obs-zone
1945
1946 obs-zone = "UT" / "GMT" / ; Universal Time
1947 ; North American UT
1948 ; offsets
1949 "EST" / "EDT" / ; Eastern: - 5/ - 4
1950 "CST" / "CDT" / ; Central: - 6/ - 5
1951 "MST" / "MDT" / ; Mountain: - 7/ - 6
1952 "PST" / "PDT" / ; Pacific: - 8/ - 7
1953
1954 %d65-73 / ; Military zones - "A"
1955 %d75-90 / ; through "I" and "K"
1956 %d97-105 / ; through "Z", both
1957 %d107-122 ; upper and lower case
1958 */
1959
1960 const uschar * c;
1961
1962 str = skip_comment(str);
1963 if ((str = parse_number(str,h,2)) == NULL) return NULL;
1964 str = skip_comment(str);
1965 if (*str!=':') return NULL;
1966 ++str;
1967 str = skip_comment(str);
1968 if ((str = parse_number(str,m,2)) == NULL) return NULL;
1969 c = skip_comment(str);
1970 if (*str == ':')
1971 {
1972 ++str;
1973 str = skip_comment(str);
1974 if ((str = parse_number(str,s,2)) == NULL) return NULL;
1975 c = skip_comment(str);
1976 }
1977 if (c == str) return NULL;
1978 else str=c;
1979 if (*str == '+' || *str == '-')
1980 {
1981 int neg;
1982
1983 neg = (*str == '-');
1984 ++str;
1985 if ((str = parse_number(str,z,4)) == NULL) return NULL;
1986 *z = (*z/100)*3600+(*z%100)*60;
1987 if (neg) *z = -*z;
1988 }
1989 else
1990 {
1991 char zone[5];
1992 struct { const char *name; int off; } zone_name[10] =
1993 { {"gmt",0}, {"ut",0}, {"est",-5}, {"edt",-4}, {"cst",-6}, {"cdt",-5}, {"mst",-7}, {"mdt",-6}, {"pst",-8}, {"pdt",-7}};
1994 int i,j;
1995
1996 for (i = 0; i<4; ++i)
1997 {
1998 zone[i] = tolower(*(str+i));
1999 if (zone[i]<'a' || zone[i]>'z') break;
2000 }
2001 zone[i] = '\0';
2002 for (j = 0; j<10 && strcmp(zone,zone_name[j].name); ++j);
2003 /* Besides zones named in the grammar, RFC 2822 says other alphabetic */
2004 /* time zones should be treated as unknown offsets. */
2005 if (j<10)
2006 {
2007 *z = zone_name[j].off*3600;
2008 str+=i;
2009 }
2010 else if (zone[0]<'a' || zone[1]>'z') return 0;
2011 else
2012 {
2013 while ((*str>='a' && *str<='z') || (*str>='A' && *str<='Z')) ++str;
2014 *z = 0;
2015 }
2016 }
2017 return str;
2018 }
2019
2020
2021 /*************************************************
2022 * Parse a RFC 2822 date-time *
2023 *************************************************/
2024
2025 /* Parse a RFC 2822 date-time and return it in seconds since the epoch.
2026
2027 Arguments:
2028 str pointer to the start of the date-time
2029 t pointer to the parsed time
2030
2031 Returns: points after the processed date-time or NULL on error
2032 */
2033
2034 const uschar *
parse_date_time(const uschar * str,time_t * t)2035 parse_date_time(const uschar *str, time_t *t)
2036 {
2037 /*
2038 date-time = [ day-of-week "," ] date FWS time [CFWS]
2039 */
2040
2041 struct tm tm;
2042 int zone;
2043 extern char **environ;
2044 char **old_environ;
2045 static char gmt0[]="TZ=GMT0";
2046 static char *gmt_env[]={ gmt0, (char*)0 };
2047 const uschar * try;
2048
2049 if ((try = parse_day_of_week(str)))
2050 {
2051 str = try;
2052 if (*str!=',') return 0;
2053 ++str;
2054 }
2055 if ((str = parse_date(str,&tm.tm_mday,&tm.tm_mon,&tm.tm_year)) == NULL) return NULL;
2056 if (*str!=' ' && *str!='\t') return NULL;
2057 while (*str == ' ' || *str == '\t') ++str;
2058 if ((str = parse_time(str,&tm.tm_hour,&tm.tm_min,&tm.tm_sec,&zone)) == NULL) return NULL;
2059 tm.tm_isdst = 0;
2060 old_environ = environ;
2061 environ = gmt_env;
2062 *t = mktime(&tm);
2063 environ = old_environ;
2064 if (*t == -1) return NULL;
2065 *t-=zone;
2066 return skip_comment(str);
2067 }
2068
2069
2070
2071
2072 /*************************************************
2073 **************************************************
2074 * Stand-alone test program *
2075 **************************************************
2076 *************************************************/
2077
2078 #if defined STAND_ALONE
main(void)2079 int main(void)
2080 {
2081 int start, end, domain;
2082 uschar buffer[1024];
2083
2084 store_init();
2085 big_buffer = store_malloc(big_buffer_size);
2086
2087 /* strip_trailing_dot = TRUE; */
2088 allow_domain_literals = TRUE;
2089
2090 printf("Testing parse_fix_phrase\n");
2091
2092 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2093 {
2094 buffer[Ustrlen(buffer)-1] = 0;
2095 if (buffer[0] == 0) break;
2096 printf("%s\n", CS parse_fix_phrase(buffer, Ustrlen(buffer)));
2097 }
2098
2099 printf("Testing parse_extract_address without group syntax and without UTF-8\n");
2100
2101 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2102 {
2103 uschar *out;
2104 uschar *errmess;
2105 buffer[Ustrlen(buffer) - 1] = 0;
2106 if (buffer[0] == 0) break;
2107 out = parse_extract_address(buffer, &errmess, &start, &end, &domain, FALSE);
2108 if (!out)
2109 printf("*** bad address: %s\n", errmess);
2110 else
2111 {
2112 uschar extract[1024];
2113 Ustrncpy(extract, buffer+start, end-start);
2114 extract[end-start] = 0;
2115 printf("%s %d %d %d \"%s\"\n", out, start, end, domain, extract);
2116 }
2117 }
2118
2119 printf("Testing parse_extract_address without group syntax but with UTF-8\n");
2120
2121 allow_utf8_domains = TRUE;
2122 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2123 {
2124 uschar *out;
2125 uschar *errmess;
2126 buffer[Ustrlen(buffer) - 1] = 0;
2127 if (buffer[0] == 0) break;
2128 out = parse_extract_address(buffer, &errmess, &start, &end, &domain, FALSE);
2129 if (!out)
2130 printf("*** bad address: %s\n", errmess);
2131 else
2132 {
2133 uschar extract[1024];
2134 Ustrncpy(extract, buffer+start, end-start);
2135 extract[end-start] = 0;
2136 printf("%s %d %d %d \"%s\"\n", out, start, end, domain, extract);
2137 }
2138 }
2139 allow_utf8_domains = FALSE;
2140
2141 printf("Testing parse_extract_address with group syntax\n");
2142
2143 f.parse_allow_group = TRUE;
2144 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2145 {
2146 uschar *out;
2147 uschar *errmess;
2148 uschar *s;
2149 buffer[Ustrlen(buffer) - 1] = 0;
2150 if (buffer[0] == 0) break;
2151 s = buffer;
2152 while (*s)
2153 {
2154 uschar *ss = parse_find_address_end(s, FALSE);
2155 int terminator = *ss;
2156 *ss = 0;
2157 out = parse_extract_address(buffer, &errmess, &start, &end, &domain, FALSE);
2158 *ss = terminator;
2159
2160 if (!out)
2161 printf("*** bad address: %s\n", errmess);
2162 else
2163 {
2164 uschar extract[1024];
2165 Ustrncpy(extract, buffer+start, end-start);
2166 extract[end-start] = 0;
2167 printf("%s %d %d %d \"%s\"\n", out, start, end, domain, extract);
2168 }
2169
2170 s = ss + (terminator? 1:0);
2171 Uskip_whitespace(&s);
2172 }
2173 }
2174
2175 printf("Testing parse_find_at\n");
2176
2177 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2178 {
2179 uschar *s;
2180 buffer[Ustrlen(buffer)-1] = 0;
2181 if (buffer[0] == 0) break;
2182 s = parse_find_at(buffer);
2183 if (s == NULL) printf("no @ found\n");
2184 else printf("offset = %d\n", s - buffer);
2185 }
2186
2187 printf("Testing parse_extract_addresses\n");
2188
2189 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2190 {
2191 uschar *errmess;
2192 int extracted;
2193 address_item *anchor = NULL;
2194 buffer[Ustrlen(buffer) - 1] = 0;
2195 if (buffer[0] == 0) break;
2196 if ((extracted = parse_forward_list(buffer, -1, &anchor,
2197 &errmess, US"incoming.domain", NULL, NULL)) == FF_DELIVERED)
2198 {
2199 while (anchor != NULL)
2200 {
2201 address_item *addr = anchor;
2202 anchor = anchor->next;
2203 printf("%d %s\n", testflag(addr, af_pfr), addr->address);
2204 }
2205 }
2206 else printf("Failed: %d %s\n", extracted, errmess);
2207 }
2208
2209 printf("Testing parse_message_id\n");
2210
2211 while (Ufgets(buffer, sizeof(buffer), stdin) != NULL)
2212 {
2213 uschar *s, *t, *errmess;
2214 buffer[Ustrlen(buffer) - 1] = 0;
2215 if (buffer[0] == 0) break;
2216 s = buffer;
2217 while (*s != 0)
2218 {
2219 s = parse_message_id(s, &t, &errmess);
2220 if (errmess != NULL)
2221 {
2222 printf("Failed: %s\n", errmess);
2223 break;
2224 }
2225 printf("%s\n", t);
2226 }
2227 }
2228
2229 return 0;
2230 }
2231
2232 #endif
2233
2234 /* End of parse.c */
2235