Documentation: in a pgsql: client configuration, the setting
"dbname" is required, but ignored when the setting "hosts"
contains an URI with a database name. File: proto/pgsql_table.
+
+20241025
+
+ Cleanup: accept any well-formed URI prefix as a pgsql: client
+ connection target (the PostgreSQL URI parser decides what
+ is allowed). The dbname setting is now optional if the hosts
+ setting specifies only URIs. Files: util/valid_uri_scheme.[hc],
+ proto/pgsql_table.
<b><a name="pgsql_parameters">PGSQL PARAMETERS</a></b>
<b>hosts</b> The hosts that Postfix will try to connect to and query from.
- Besides a <b>postgresql://</b> connection URI, this setting supports
- the historical forms <b>unix:/</b><i>pathname</i> for UNIX-domain sockets and
+ Besides a PostgreSQL connection URI, this setting supports the
+ historical forms <b>unix:/</b><i>pathname</i> for UNIX-domain sockets and
<b>inet:</b><i>host:port</i> for TCP connections, where the <b>unix:</b> and <b>inet:</b>
prefixes are accepted and ignored for backwards compatibility.
Examples:
hosts = postgresql://username@example.com/<i>databasename</i>?sslmode=require
+ hosts = postgres://user:secret@localhost
hosts = inet:host1.some.domain inet:host2.some.domain:port
hosts = host1.some.domain host2.some.domain:port
hosts = unix:/file/name
- The hosts are tried in random order. The connections are auto-
- matically closed after being idle for about 1 minute, and are
- re-opened as necessary.
+ See <a href="https://www.postgresql.org/docs/current/libpq-connect.html">https://www.postgresql.org/docs/current/libpq-connect.html</a>
+ for the supported connection URI syntax.
- NOTE: if "hosts" specifies one load balancer and no alternative
- servers, specify the load balancer multiple times in the "hosts"
- line. Without the duplicate info, the Postfix PostgreSQL client
- would not reconnect immediately to the same load balancer after
+ The hosts are tried in random order. The connections are auto-
+ matically closed after being idle for about 1 minute, and are
+ re-opened as necessary. See <b>idle_interval</b> for details.
+
+ NOTE: if <b>hosts</b> specifies a PostgreSQL connection URI, the Post-
+ greSQL client library will ignore the <b>dbname</b> setting for that
+ connection.
+
+ NOTE: if <b>hosts</b> specifies one load balancer and no alternative
+ servers, specify the load balancer multiple times in the <b>hosts</b>
+ line. Without the duplicate info, the Postfix PostgreSQL client
+ would not reconnect immediately to the same load balancer after
a PostgreSQL server failure.
<b>user</b>
<b>password</b>
- The user name and password to log into the pgsql server. Exam-
+ The user name and password to log into the pgsql server. Exam-
ple:
user = someone
password = some_password
- <b>dbname</b> (required)
- The database name on the servers. Example:
+ <b>dbname</b> The database name on the servers. Example:
dbname = customer_database
- This setting is required, but ignored when a postgresql:// URI
- specifies a database name.
+ The <b>dbname</b> setting is ignored for <b>hosts</b> connections that are
+ specified as an URI.
+
+ The <b>dbname</b> setting is required with Postfix 3.10 and later, when
+ <b>hosts</b> specifies any non-URI connection; it is always required
+ with earlier Postfix versions.
<b>encoding</b>
- The encoding used by the database client. The default setting
+ The encoding used by the database client. The default setting
is:
encoding = UTF8
- Historically, the database client was hard coded to use LATIN1
+ Historically, the database client was hard coded to use LATIN1
in an attempt to disable multibyte character support.
This feature is available in Postfix 3.8 and later.
<b>idle_interval (default: 60)</b>
- The number of seconds after which an idle database connection
+ The number of seconds after which an idle database connection
will be closed.
This feature is available in Postfix 3.9 and later.
This feature is available in Postfix 3.9 and later.
- <b>query</b> The SQL query template used to search the database, where <b>%s</b> is
- a substitute for the address Postfix is trying to resolve, e.g.
+ <b>query</b> The SQL query template used to search the database, where <b>%s</b> is
+ a substitute for the address Postfix is trying to resolve, e.g.
query = SELECT replacement FROM aliases WHERE mailbox = '%s'
This parameter supports the following '%' expansions:
<b>%%</b> This is replaced by a literal '%' character. (Postfix 2.2
and later)
- <b>%s</b> This is replaced by the input key. SQL quoting is used
- to make sure that the input key does not add unexpected
+ <b>%s</b> This is replaced by the input key. SQL quoting is used
+ to make sure that the input key does not add unexpected
metacharacters.
<b>%u</b> When the input key is an address of the form user@domain,
- <b>%u</b> is replaced by the SQL quoted local part of the
- address. Otherwise, <b>%u</b> is replaced by the entire search
- string. If the localpart is empty, the query is sup-
+ <b>%u</b> is replaced by the SQL quoted local part of the
+ address. Otherwise, <b>%u</b> is replaced by the entire search
+ string. If the localpart is empty, the query is sup-
pressed and returns no results.
<b>%d</b> When the input key is an address of the form user@domain,
- <b>%d</b> is replaced by the SQL quoted domain part of the
- address. Otherwise, the query is suppressed and returns
+ <b>%d</b> is replaced by the SQL quoted domain part of the
+ address. Otherwise, the query is suppressed and returns
no results.
<b>%[SUD]</b> The upper-case equivalents of the above expansions behave
- in the <b>query</b> parameter identically to their lower-case
- counter-parts. With the <b>result_format</b> parameter (see
- below), they expand the input key rather than the result
+ in the <b>query</b> parameter identically to their lower-case
+ counter-parts. With the <b>result_format</b> parameter (see
+ below), they expand the input key rather than the result
value.
- The above %S, %U and %D expansions are available with
+ The above %S, %U and %D expansions are available with
Postfix 2.2 and later
- <b>%[1-9]</b> The patterns %1, %2, ... %9 are replaced by the corre-
- sponding most significant component of the input key's
- domain. If the input key is <i>user@mail.example.com</i>, then
+ <b>%[1-9]</b> The patterns %1, %2, ... %9 are replaced by the corre-
+ sponding most significant component of the input key's
+ domain. If the input key is <i>user@mail.example.com</i>, then
%1 is <b>com</b>, %2 is <b>example</b> and %3 is <b>mail</b>. If the input key
- is unqualified or does not have enough domain components
- to satisfy all the specified patterns, the query is sup-
+ is unqualified or does not have enough domain components
+ to satisfy all the specified patterns, the query is sup-
pressed and returns no results.
- The above %1, ... %9 expansions are available with Post-
+ The above %1, ... %9 expansions are available with Post-
fix 2.2 and later
- The <b>domain</b> parameter described below limits the input keys to
- addresses in matching domains. When the <b>domain</b> parameter is
+ The <b>domain</b> parameter described below limits the input keys to
+ addresses in matching domains. When the <b>domain</b> parameter is
non-empty, SQL queries for unqualified addresses or addresses in
non-matching domains are suppressed and return no results.
- The precedence of this parameter has changed with Postfix 2.2,
- in prior releases the precedence was, from highest to lowest,
+ The precedence of this parameter has changed with Postfix 2.2,
+ in prior releases the precedence was, from highest to lowest,
<b>select_function</b>, <b>query</b>, <b>select_field</b>, ...
With Postfix 2.2 the <b>query</b> parameter has highest precedence, see
<b>result_format (default: %s</b>)
Format template applied to result attributes. Most commonly used
- to append (or prepend) text to the result. This parameter sup-
+ to append (or prepend) text to the result. This parameter sup-
ports the following '%' expansions:
<b>%%</b> This is replaced by a literal '%' character.
- <b>%s</b> This is replaced by the value of the result attribute.
+ <b>%s</b> This is replaced by the value of the result attribute.
When result is empty it is skipped.
<b>%u</b> When the result attribute value is an address of the form
- user@domain, <b>%u</b> is replaced by the local part of the
- address. When the result has an empty localpart it is
+ user@domain, <b>%u</b> is replaced by the local part of the
+ address. When the result has an empty localpart it is
skipped.
- <b>%d</b> When a result attribute value is an address of the form
- user@domain, <b>%d</b> is replaced by the domain part of the
- attribute value. When the result is unqualified it is
+ <b>%d</b> When a result attribute value is an address of the form
+ user@domain, <b>%d</b> is replaced by the domain part of the
+ attribute value. When the result is unqualified it is
skipped.
<b>%[SUD1-9]</b>
- The upper-case and decimal digit expansions interpolate
- the parts of the input key rather than the result. Their
- behavior is identical to that described with <b>query</b>, and
- in fact because the input key is known in advance,
- queries whose key does not contain all the information
- specified in the result template are suppressed and
+ The upper-case and decimal digit expansions interpolate
+ the parts of the input key rather than the result. Their
+ behavior is identical to that described with <b>query</b>, and
+ in fact because the input key is known in advance,
+ queries whose key does not contain all the information
+ specified in the result template are suppressed and
return no results.
For example, using "result_format = <a href="smtp.8.html">smtp</a>:[%s]" allows one to use
a mailHost attribute as the basis of a <a href="transport.5.html">transport(5)</a> table. After
- applying the result format, multiple values are concatenated as
+ applying the result format, multiple values are concatenated as
comma separated strings. The expansion_limit and parameter
- explained below allows one to restrict the number of values in
+ explained below allows one to restrict the number of values in
the result, which is especially useful for maps that must return
at most one value.
- The default value <b>%s</b> specifies that each result value should be
+ The default value <b>%s</b> specifies that each result value should be
used as is.
This parameter is available with Postfix 2.2 and later.
NOTE: DO NOT put quotes around the result format!
<b>domain (default: no domain list)</b>
- This
is a list of domain names, paths to files, or "<a href="DATABASE_README.html">type:table</a>"
+ This
is a list of domain names, paths to files, or "<a href="DATABASE_README.html">type:table</a>"
databases. When specified, only fully qualified search keys with
- a *non-empty* localpart and a matching domain are eligible for
+ a *non-empty* localpart and a matching domain are eligible for
lookup: 'user' lookups, bare domain lookups and "@domain"
- lookups are not performed. This can significantly reduce the
+ lookups are not performed. This can significantly reduce the
query load on the PostgreSQL server.
domain = postfix.org, <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/searchdomains
- It is best not to use SQL to store the domains eligible for SQL
+ It is best not to use SQL to store the domains eligible for SQL
lookups.
This parameter is available with Postfix 2.2 and later.
the input keys are always unqualified.
<b>expansion_limit (default: 0)</b>
- A limit on the total number of result elements returned (as a
+ A limit on the total number of result elements returned (as a
comma separated list) by a lookup against the map. A setting of
- zero disables the limit. Lookups fail with a temporary error if
- the limit is exceeded. Setting the limit to 1 ensures that
+ zero disables the limit. Lookups fail with a temporary error if
+ the limit is exceeded. Setting the limit to 1 ensures that
lookups do not return multiple values.
<b>OBSOLETE MAIN.CF PARAMETERS</b>
- For compatibility with other Postfix lookup tables, PostgreSQL parame-
- ters can also be defined in <a href="postconf.5.html">main.cf</a>. In order to do that, specify as
+ For compatibility with other Postfix lookup tables, PostgreSQL parame-
+ ters can also be defined in <a href="postconf.5.html">main.cf</a>. In order to do that, specify as
PostgreSQL source a name that doesn't begin with a slash or a dot. The
- PostgreSQL parameters will then be accessible as the name you've given
+ PostgreSQL parameters will then be accessible as the name you've given
the source in its definition, an underscore, and the name of the param-
- eter. For example, if the map is specified as "<a href="pgsql_table.5.html">pgsql</a>:<i>pgsqlname</i>", the
+ eter. For example, if the map is specified as "<a href="pgsql_table.5.html">pgsql</a>:<i>pgsqlname</i>", the
parameter "hosts" would be defined in <a href="postconf.5.html">main.cf</a> as "<i>pgsqlname</i>_hosts".
- Note: with this form, the passwords for the PostgreSQL sources are
+ Note: with this form, the passwords for the PostgreSQL sources are
written in <a href="postconf.5.html">main.cf</a>, which is normally world-readable. Support for this
form will be removed in a future Postfix version.
<b><a name="obsolete_query_interfaces">OBSOLETE QUERY INTERFACES</a></b>
This section describes query interfaces that are deprecated as of Post-
- fix 2.2. Please migrate to the new <b>query</b> interface as the old inter-
+ fix 2.2. Please migrate to the new <b>query</b> interface as the old inter-
faces are slated to be phased out.
<b>select_function</b>
This is equivalent to:
query = SELECT my_lookup_user_alias('%s')
- This parameter overrides the legacy table-related fields
- (described below). With Postfix versions prior to 2.2, it also
- overrides the <b>query</b> parameter. Starting with Postfix 2.2, the
- <b>query</b> parameter has highest precedence, and the <b>select_function</b>
+ This parameter overrides the legacy table-related fields
+ (described below). With Postfix versions prior to 2.2, it also
+ overrides the <b>query</b> parameter. Starting with Postfix 2.2, the
+ <b>query</b> parameter has highest precedence, and the <b>select_function</b>
parameter is deprecated.
- The following parameters (with lower precedence than the <b>select_func-</b>
- <b>tion</b> interface described above) can be used to build the SQL select
+ The following parameters (with lower precedence than the <b>select_func-</b>
+ <b>tion</b> interface described above) can be used to build the SQL select
statement as follows:
SELECT [<b>select_field</b>]
WHERE [<b>where_field</b>] = '%s'
[<b>additional_conditions</b>]
- The specifier %s is replaced with each lookup by the lookup key and is
- escaped so if it contains single quotes or other odd characters, it
+ The specifier %s is replaced with each lookup by the lookup key and is
+ escaped so if it contains single quotes or other odd characters, it
will not cause a parse error, or worse, a security problem.
Starting with Postfix 2.2, this interface is obsoleted by the more gen-
eral <b>query</b> interface described above. If higher precedence the <b>query</b> or
- <b>select_function</b> parameters described above are defined, the parameters
+ <b>select_function</b> parameters described above are defined, the parameters
described here are ignored.
<b>select_field</b>
.fi
.IP "\fBhosts\fR"
The hosts that Postfix will try to connect to and query
-from. Besides a \fBpostgresql://\fR connection URI, this
+from. Besides a PostgreSQL connection URI, this
setting supports the historical forms \fBunix:/\fIpathname\fR
for UNIX\-domain sockets and \fBinet:\fIhost:port\fR for TCP
connections, where the \fBunix:\fR and \fBinet:\fR prefixes
Examples:
.nf
hosts = postgresql://username@example.com/\fIdatabasename\fR?sslmode=require
+ hosts = postgres://user:secret@localhost
hosts = inet:host1.some.domain inet:host2.some.domain:port
hosts = host1.some.domain host2.some.domain:port
hosts = unix:/file/name
.fi
+See https://www.postgresql.org/docs/current/libpq\-connect.html
+for the supported connection URI syntax.
+
The hosts are tried in random order. The connections are
automatically closed after being idle for about 1 minute,
-and are re\-opened as necessary.
+and are re\-opened as necessary. See \fBidle_interval\fR
+for details.
+
+NOTE: if \fBhosts\fR specifies a PostgreSQL connection URI,
+the PostgreSQL client library will ignore the \fBdbname\fR
+setting for that connection.
-NOTE: if "hosts" specifies one load balancer and no alternative
+NOTE: if \fBhosts\fR specifies one load balancer and no
+alternative
servers, specify the load balancer multiple times in the
-"hosts" line. Without the duplicate info, the Postfix
+\fBhosts\fR line. Without the duplicate info, the Postfix
PostgreSQL client would not reconnect immediately to the
same load balancer after a PostgreSQL server failure.
.IP "\fBuser\fR"
user = someone
password = some_password
.fi
-.IP "\fBdbname\fR (required)"
+.IP "\fBdbname\fR"
The database name on the servers. Example:
.nf
dbname = customer_database
.fi
.sp
-This setting is required, but ignored when a postgresql://
-URI specifies a database name.
+The \fBdbname\fR setting is ignored for \fBhosts\fR connections
+that are specified as an URI.
+
+The \fBdbname\fR setting is required with Postfix 3.10 and later,
+when \fBhosts\fR specifies any non\-URI connection; it is always
+required with earlier Postfix versions.
.IP "\fBencoding\fR"
The encoding used by the database client. The default setting
is:
# .fi
# .IP "\fBhosts\fR"
# The hosts that Postfix will try to connect to and query
-# from. Besides a \fBpostgresql://\fR connection URI, this
+# from. Besides a PostgreSQL connection URI, this
# setting supports the historical forms \fBunix:/\fIpathname\fR
# for UNIX-domain sockets and \fBinet:\fIhost:port\fR for TCP
# connections, where the \fBunix:\fR and \fBinet:\fR prefixes
# Examples:
# .nf
# hosts = postgresql://username@example.com/\fIdatabasename\fR?sslmode=require
+# hosts = postgres://user:secret@localhost
# hosts = inet:host1.some.domain inet:host2.some.domain:port
# hosts = host1.some.domain host2.some.domain:port
# hosts = unix:/file/name
# .fi
#
+# See https://www.postgresql.org/docs/current/libpq-connect.html
+# for the supported connection URI syntax.
+#
# The hosts are tried in random order. The connections are
# automatically closed after being idle for about 1 minute,
-# and are re-opened as necessary.
+# and are re-opened as necessary. See \fBidle_interval\fR
+# for details.
+#
+# NOTE: if \fBhosts\fR specifies a PostgreSQL connection URI,
+# the PostgreSQL client library will ignore the \fBdbname\fR
+# setting for that connection.
#
-# NOTE: if "hosts" specifies one load balancer and no alternative
+# NOTE: if \fBhosts\fR specifies one load balancer and no
+# alternative
# servers, specify the load balancer multiple times in the
-# "hosts" line. Without the duplicate info, the Postfix
+# \fBhosts\fR line. Without the duplicate info, the Postfix
# PostgreSQL client would not reconnect immediately to the
# same load balancer after a PostgreSQL server failure.
# .IP "\fBuser\fR"
# user = someone
# password = some_password
# .fi
-# .IP "\fBdbname\fR (required)"
+# .IP "\fBdbname\fR"
# The database name on the servers. Example:
# .nf
# dbname = customer_database
# .fi
# .sp
-# This setting is required, but ignored when a postgresql://
-# URI specifies a database name.
+# The \fBdbname\fR setting is ignored for \fBhosts\fR connections
+# that are specified as an URI.
+#
+# The \fBdbname\fR setting is required with Postfix 3.10 and later,
+# when \fBhosts\fR specifies any non-URI connection; it is always
+# required with earlier Postfix versions.
# .IP "\fBencoding\fR"
# The encoding used by the database client. The default setting
# is:
dict_pgsql.o: ../../include/split_at.h
dict_pgsql.o: ../../include/stringops.h
dict_pgsql.o: ../../include/sys_defs.h
+dict_pgsql.o: ../../include/valid_uri_scheme.h
dict_pgsql.o: ../../include/vbuf.h
dict_pgsql.o: ../../include/vstream.h
dict_pgsql.o: ../../include/vstring.h
#include "myrand.h"
#include "events.h"
#include "stringops.h"
+#include "valid_uri_scheme.h"
/* Global library. */
typedef struct {
int len_hosts; /* number of hosts */
HOST **db_hosts; /* hosts on which databases reside */
+ char *non_uri_target; /* require dbname to be specified */
} PLPGSQL;
typedef struct {
dict_pgsql->username = cfg_get_str(p, "user", "", 0, 0);
dict_pgsql->password = cfg_get_str(p, "password", "", 0, 0);
- dict_pgsql->dbname = cfg_get_str(p, "dbname", "", 1, 0);
+ dict_pgsql->dbname = cfg_get_str(p, "dbname", "", 0, 0);
dict_pgsql->encoding = cfg_get_str(p, "encoding", "UTF8", 1, 0);
dict_pgsql->retry_interval = cfg_get_int(p, "retry_interval",
DEF_RETRY_INTV, 1, 0);
dict_pgsql->pldb = plpgsql_init(dict_pgsql->hosts);
if (dict_pgsql->pldb == NULL)
msg_fatal("couldn't initialize pldb!\n");
+ if (msg_verbose && dict_pgsql->pldb->non_uri_target == 0
+ && dict_pgsql->dbname[0] != 0)
+ msg_info("%s:%s table ignores 'dbname' field -- "
+ "all 'hosts' targets are URIs",
+ DICT_TYPE_PGSQL, name);
+ if (dict_pgsql->pldb->non_uri_target && dict_pgsql->dbname[0] == 0) {
+ DICT *ret;
+
+ ret == (dict_surrogate(DICT_TYPE_PGSQL, name, open_flags, dict_flags,
+ "%s:%s host target '%s' requires dbname setting",
+ DICT_TYPE_PGSQL, name,
+ dict_pgsql->pldb->non_uri_target));
+ dict_pgsql_close(&dict_pgsql->dict);
+ return (ret);
+ }
dict_pgsql->dict.owner = cfg_get_owner(dict_pgsql->parser);
return (DICT_DEBUG (&dict_pgsql->dict));
}
PLDB = (PLPGSQL *) mymalloc(sizeof(PLPGSQL));
PLDB->len_hosts = hosts->argc;
PLDB->db_hosts = (HOST **) mymalloc(sizeof(HOST *) * hosts->argc);
- for (i = 0; i < hosts->argc; i++)
+ PLDB->non_uri_target = 0;
+ for (i = 0; i < hosts->argc; i++) {
PLDB->db_hosts[i] = host_init(hosts->argv[i]);
+ if (PLDB->db_hosts[i]->type != TYPECONNSTR)
+ PLDB->non_uri_target = PLDB->db_hosts[i]->name;
+ }
return PLDB;
}
host->ts = 0;
/*
- * Modern syntax: "postgresql://connection-info".
+ * Modern syntax: connection URI.
*/
- if (strncmp(d, "postgresql:", 11) == 0) {
+ if (valid_uri_scheme(d)) {
host->type = TYPECONNSTR;
host->name = mystrdup(d);
host->port = 0;
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20241024"
+#define MAIL_RELEASE_DATE "20241025"
#define MAIL_VERSION_NUMBER "3.10"
#ifdef SNAPSHOT
sane_strtol.c hash_fnv.c ldseed.c mkmap_cdb.c mkmap_db.c mkmap_dbm.c \
mkmap_fail.c mkmap_lmdb.c mkmap_open.c mkmap_sdbm.c inet_prefix_top.c \
inet_addr_sizes.c quote_for_json.c mystrerror.c \
- sane_sockaddr_to_hostaddr.c normalize_ws.c
+ sane_sockaddr_to_hostaddr.c normalize_ws.c valid_uri_scheme.c
OBJS = alldig.o allprint.o argv.o argv_split.o attr_clnt.o attr_print0.o \
attr_print64.o attr_print_plain.o attr_scan0.o attr_scan64.o \
attr_scan_plain.o auto_clnt.o base64_code.o basename.o binhash.o \
sane_strtol.o hash_fnv.o ldseed.o mkmap_db.o mkmap_dbm.o \
mkmap_fail.o mkmap_open.o inet_prefix_top.o inet_addr_sizes.o \
quote_for_json.o mystrerror.o sane_sockaddr_to_hostaddr.o \
- normalize_ws.o
+ normalize_ws.o valid_uri_scheme.o
# MAP_OBJ is for maps that may be dynamically loaded with dynamicmaps.cf.
# When hard-linking these, makedefs sets NON_PLUGIN_MAP_OBJ=$(MAP_OBJ),
# otherwise it sets the PLUGIN_* macros.
valid_utf8_hostname.h midna_domain.h dict_union.h dict_inline.h \
check_arg.h argv_attr.h msg_logger.h logwriter.h byte_mask.h \
known_tcp_ports.h sane_strtol.h hash_fnv.h ldseed.h mkmap.h \
- inet_prefix_top.h inet_addr_sizes.h
+ inet_prefix_top.h inet_addr_sizes.h valid_uri_scheme.h
TESTSRC = fifo_open.c fifo_rdwr_bug.c fifo_rdonly_bug.c select_bug.c \
stream_test.c dup2_pass_on_exec.c
DEFS = -I. -D$(SYSTYPE)
vbuf_print split_qnameval vstream msg_logger byte_mask \
known_tcp_ports dict_stream find_inet binhash hash_fnv argv \
clean_env inet_prefix_top printable readlline quote_for_json \
- normalize_ws
+ normalize_ws valid_uri_scheme
PLUGIN_MAP_SO = $(LIB_PREFIX)pcre$(LIB_SUFFIX) $(LIB_PREFIX)lmdb$(LIB_SUFFIX) \
$(LIB_PREFIX)cdb$(LIB_SUFFIX) $(LIB_PREFIX)sdbm$(LIB_SUFFIX)
HTABLE_FIX = NORANDOMIZE=1
$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS)
mv junk $@.o
+valid_uri_scheme: $(LIB)
+ mv $@.o junk
+ $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS)
+ mv junk $@.o
+
tests: all valid_hostname_test mac_expand_test dict_test unescape_test \
hex_quote_test ctable_test inet_addr_list_test base64_code_test \
attr_scan64_test attr_scan0_test host_port_test dict_tests \
vstream_test byte_mask_tests mystrtok_test known_tcp_ports_test \
binhash_test argv_test inet_prefix_top_test printable_test \
valid_utf8_string_test readlline_test quote_for_json_test \
- normalize_ws_test
+ normalize_ws_test valid_uri_scheme_test
dict_tests: all dict_test \
dict_pcre_tests dict_cidr_test dict_thash_test dict_static_test \
normalize_ws_test: normalize_ws
$(SHLIB_ENV) ${VALGRIND} ./normalize_ws
+valid_uri_scheme_test: valid_uri_scheme
+ $(SHLIB_ENV) ${VALGRIND} ./valid_uri_scheme
+
depend: $(MAKES)
(sed '1,/^# do not edit/!d' Makefile.in; \
set -e; for i in [a-z][a-z0-9]*.c; do \
valid_hostname.o: valid_hostname.h
valid_hostname.o: vbuf.h
valid_hostname.o: vstring.h
+valid_uri_scheme.o: check_arg.h
+valid_uri_scheme.o: msg.h
+valid_uri_scheme.o: msg_vstream.h
+valid_uri_scheme.o: stringops.h
+valid_uri_scheme.o: sys_defs.h
+valid_uri_scheme.o: valid_uri_scheme.c
+valid_uri_scheme.o: valid_uri_scheme.h
+valid_uri_scheme.o: vbuf.h
+valid_uri_scheme.o: vstream.h
+valid_uri_scheme.o: vstring.h
valid_utf8_hostname.o: check_arg.h
valid_utf8_hostname.o: midna_domain.h
valid_utf8_hostname.o: msg.h
--- /dev/null
+/*++
+/* NAME
+/* valid_uri_scheme 3
+/* SUMMARY
+/* validate scheme:// prefix
+/* SYNOPSIS
+/* #include <valid_uri_scheme.h>
+/*
+/* int valid_uri_scheme(const char *str)
+/* DESCRIPTION
+/* valid_uri_scheme() takes a null-terminated string and returns
+/* the length of a valid scheme:// prefix, or zero if no valid
+/* prefix was found.
+/*
+/* This function requires that input is encoded in ASCII or UTF-8.
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* porcupine.org
+/*--*/
+
+ /*
+ * System library.
+ */
+#include <sys_defs.h>
+#include <ctype.h>
+#include <stdlib.h>
+
+ /*
+ * Utility library.
+ */
+#include <valid_uri_scheme.h>
+#include <msg.h>
+#include <msg_vstream.h>
+#include <stringops.h>
+
+/* valid_uri_scheme - predicate that string starts with scheme:// */
+
+ssize_t valid_uri_scheme(const char *str)
+{
+ const char *cp = str;
+ int ch = *cp++;
+
+ /* Per RFC 3986, a valid scheme starts with ALPHA. */
+ if (!ISALPHA(ch))
+ return (0);
+
+ while ((ch = *cp++) != 0) {
+ /* A valid scheme continues with ALPHA | DIGIT | '+' | '-'. */
+ if (ISALNUM(ch) || ch == '+' || ch == '-')
+ continue;
+ /* A valid scheme is followed by "://". */
+ if (ch == ':' && *cp++ == '/' && *cp++ == '/')
+ return (cp - str);
+ /* Not a valid scheme. */
+ break;
+ }
+ /* Not a valid scheme. */
+ return (0);
+}
+
+#ifdef TEST
+
+typedef struct TEST_CASE {
+ const char *label;
+ const char *input;
+ const ssize_t want;
+} TEST_CASE;
+
+#define PASS (0)
+#define FAIL (1)
+
+static const TEST_CASE test_cases[] = {
+ {"accepts_alpha_scheme", "abcd://blah", sizeof("abcd://") - 1},
+ {"accepts_mixed_scheme", "a-bcd+123://blah", sizeof("a-bcd+123://") - 1},
+ {"rejects_minus_first", "-bcd+123://blah'", 0},
+ {"rejects_plus_first", "+123://blah", 0},
+ {"rejects_digit_first", "123://blah", 0},
+ {"rejects_other_first", "?123://blah", 0},
+ {"rejects_other_middle", "abcd?123://blah", 0},
+ {"rejects_other_end", "abcd-123?://blah", 0},
+ {"rejects_non_scheme", "inet:host:port", 0},
+ {"rejects_no_colon", "inet", 0},
+ {"rejects_colon_slash", "abcd:/blah", 0},
+ {"rejects_empty", "", 0},
+ {0,}
+};
+
+static int test_validate_scheme(const TEST_CASE *tp)
+{
+ int got;
+
+ got = valid_uri_scheme(tp->input);
+ if (got != tp->want) {
+ msg_warn("got '%ld', want '%ld'", (long) got, (long) tp->want);
+ return (FAIL);
+ }
+ return (PASS);
+}
+
+int main(int argc, char **argv)
+{
+ const TEST_CASE *tp;
+ int pass = 0;
+ int fail = 0;
+
+ msg_vstream_init(sane_basename((VSTRING *) 0, argv[0]), VSTREAM_ERR);
+
+ for (tp = test_cases; tp->label != 0; tp++) {
+ int test_failed;
+
+ msg_info("RUN %s", tp->label);
+ test_failed = test_validate_scheme(tp);
+ if (test_failed) {
+ msg_info("FAIL %s", tp->label);
+ fail++;
+ } else {
+ msg_info("PASS %s", tp->label);
+ pass++;
+ }
+ }
+ msg_info("PASS=%d FAIL=%d", pass, fail);
+ exit(fail != 0);
+}
+
+#endif
--- /dev/null
+#ifndef _VALID_SCHEME_H_INCLUDED_
+#define _VALID_SCHEME_H_INCLUDED_
+
+/*++
+/* NAME
+/* valid_uri_scheme 3h
+/* SUMMARY
+/* validate scheme:// prefix
+/* SYNOPSIS
+/* #include <valid_uri_scheme.h>
+/* DESCRIPTION
+/* .nf
+
+ /*
+ * External interface.
+ */
+extern ssize_t valid_uri_scheme(const char *);
+
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* porcupine.org
+/*--*/
+
+#endif
projects / thirdparty / postfix.git / commitdiff
