https://bugs.exim.org/show_bug.cgi?id=1649
Mike Brudenell <mike.bruden...@york.ac.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mike.bruden...@york.ac.uk --- Comment #6 from Mike Brudenell <mike.bruden...@york.ac.uk> --- There's a problem with applying base32d to the $2 pattern match. The latter contains an extract of user-supplied data within $local_part; if this contains characters outside the base32 character set then base32d fails, causing the string expansion to fail, eventually leading to an entry being logged in paniclog. This can be avoided by making sure the pattern matching expression that produces $2 only matches against the base32 character set, and also ensures it consists of at least one character. The hash string ($1) should also be at least one character, as in the pattern used within the sg substitution later: ^(?i)SRS0=([^=]+)=([A-Z2-7]+)=([^=]*)=(.*)\$ It's probably also a good idea to follow the inbound_srs router with one that matches the SRS0 address with most other conditions relaxed and have it issue a failure response if, for example, the hash fails to verify or the timestamp is too old. Finally, I don't think that the "max_rcpt = 1" is needed on the transport as nothing within it depends on the recipient address, or uses variables that are only populated if all the recipients share the same domain. My testing so far supports this. These changes, along with Jeremy's earlier response about needing to use "lc:" to lowercase the return-path, the above becomes... #routers outbound: driver = dnslookup domains = ! +my_domains transport = ${if eq {$local_part@$domain} \ {$original_local_part@$original_domain} \ {remote_smtp} {remote_forwarded_smtp}} inbound_srs: driver = redirect senders = : domains = +my_domains condition = ${if match {$local_part} \ {^(?i)SRS0=([^=]+)=([A-Z2-7]+)=([^=]*)=(.*)\$} \ {${if and { {<= {${eval:$tod_epoch/86400 - ${base32d:$2} & 0x3ff}} \ {10}} \ {eq {$1} \ {${l_4:${hmac{md5}{SRS_SECRET}{${lc:$4@$3}}}}}} \ } \ {true}{false} \ }} \ {false} \ } data = ${sg {$local_part} \ {^(?i)SRS0=[^=]+=[^=]+=([^=]*)=(.*)\$} \ {\$2@\$1}} inbound_srs_failure: driver = redirect senders = : domains = +my_domains condition = ${if match {$local_part} \ {^(?i)SRS0=([^=]+)=([^=]+)=([^=]*)=(.*)\$} \ } allow_fail data = :fail: Invalid SRS recipient address # transport remote_forwarded_smtp: driver = smtp return_path = SRS0\ =${l_4:${hmac{md5}{SRS_SECRET}{${lc:$return_path}}}}\ =${base32:${eval:$tod_epoch/86400&0x3ff}}\ =${domain:$return_path}\ =${local_part:$return_path}\ @$original_domain The above uses ${base32:}, which only just appeared in 4.next, for the timestamp. You could perfectly well use the decimal number, making sure you update the pattern match that produces $2 to contain just decimal digits: [0-9]+ -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##