hwelte
/
mbuni
1
0
Fork 0
Code Releases Activity

- Added escaping of shell characters in parameters to sendmail command 

- Cleanup documentation (colour schemes)
This commit is contained in:
bagyenda 2006-03-02 10:57:19 +00:00
parent cc00c947ec
commit 7644c1d064
3 changed files with 357 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

357
mbuni/doc/userguide.shtml
View File

@ -663,23 +663,20 @@ max-send-threads
= 5<br>
send-mail-prog
= /usr/sbin/sendmail -f '%f' '%t'<br>
= /usr/sbin/sendmail -f %f %t<br>
...<br>
</tt>
</p>
<p >The table below
lists all the configuration directives. Items in black are used by
both modes of operation, while those in <b><span style="color: #001177;
background:
white">blue</span></b>
are used only when
operating in VAS Gateway mode, and those in <b><span style="color:
#500000;
background:
white">red</span></b> when
lists all the configuration directives. The column <b>Mode</b>
indicates operation mode in which the parameter is applicable:
Config params marked <i>VAS GW</i>
are only applicable when
operating in VAS Gateway mode, while those marked <i>MMSC</i>
are only applicable when
operating in
MMSC mode.</p>
MMSC mode. The rest are used in both modes.</p>
<table border=0 cellspacing=2 cellpadding=1 >
<tr>
@ -687,6 +684,11 @@ lists all the configuration directives. Items in black are used by
<b>Variable
Name</b>
&nbsp; &nbsp;</td>
<td valign=top>
<b>Mode</b>
&nbsp; &nbsp;</td>
<td valign=top>
<b>Type</b>
&nbsp; &nbsp;</td>
@ -697,6 +699,11 @@ lists all the configuration directives. Items in black are used by
<tr >
<td valign=top><tt>group </tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top>
mbuni
&nbsp; &nbsp;</td>
@ -706,20 +713,35 @@ lists all the configuration directives. Items in black are used by
&nbsp; &nbsp;</td>
</tr>
<tr>
<td valign=top ><tt>name </tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
string
&nbsp; &nbsp;</td>
<td valign=top>
User-friendly
name for the Gateway, used in notices, etc
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top ><tt>hostname
</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
string
&nbsp; &nbsp;</td>
@ -729,10 +751,16 @@ lists all the configuration directives. Items in black are used by
Email or to a foreign MMSC via SMTP. Defaults to <tt>localhost</tt>
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top ><tt>host-alias
</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top>
string
&nbsp; &nbsp;</td>
@ -747,11 +775,17 @@ lists all the configuration directives. Items in black are used by
notifications. If you do not supply a host alias, the gateway will create a long form URL (http://<i>hostname:port/msgtoken</i>) when it sends notifications
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>local-mmsc-domains</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
List of
Internet domains (comma separated)
@ -762,9 +796,16 @@ lists all the configuration directives. Items in black are used by
or MMS messages received destined to these domains should be treated as local
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top ><tt>local-prefixes</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Number
prefix list
@ -780,6 +821,12 @@ lists all the configuration directives. Items in black are used by
<tt>storage-directory
</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Directory name
(string)
@ -794,6 +841,12 @@ lists all the configuration directives. Items in black are used by
<td valign=top >
<tt>max-send-threads</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Number
&nbsp; &nbsp;</td>
@ -803,10 +856,16 @@ lists all the configuration directives. Items in black are used by
faster.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>send-mail-prog</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -815,7 +874,9 @@ lists all the configuration directives. Items in black are used by
(MMS-to-email or to foreign MMS gateways via SMTP). This command can include variables: %f
&#8211; replaced with the message from address, %t &#8211; replaced with the
recipient address (RFC 822 compliant), %s &#8211; the message subject, %m
&#8211; the message ID
&#8211; the message ID. (NOTE: Special shell characters &mdash;
&amp;, |, $, (, ), and so on &mdash are escaped
after variable substitution, hence parameter quoting is not necessary.)
&nbsp; &nbsp;</td>
</tr>
<tr>
@ -823,6 +884,12 @@ lists all the configuration directives. Items in black are used by
<tt>unified-prefix
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Number list
&nbsp; &nbsp;</td>
@ -841,6 +908,12 @@ lists all the configuration directives. Items in black are used by
<tt>maximum-send-attempts
</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
integer
&nbsp; &nbsp;</td>
@ -855,6 +928,12 @@ lists all the configuration directives. Items in black are used by
<tt>default-message-expiry</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Integer
&nbsp; &nbsp;</td>
@ -869,6 +948,12 @@ lists all the configuration directives. Items in black are used by
<tt>queue-run-interval</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Real
&nbsp; &nbsp;</td>
@ -882,6 +967,12 @@ lists all the configuration directives. Items in black are used by
<tt>send-attempt-back-off</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Integer
&nbsp; &nbsp;</td>
@ -890,10 +981,16 @@ lists all the configuration directives. Items in black are used by
delivery attempts, when a delivery attempt fails.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>sendsms-url</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -904,11 +1001,16 @@ lists all the configuration directives. Items in black are used by
parameters (udh, from, to, text, etc.)
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>sendsms-username</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -917,10 +1019,15 @@ lists all the configuration directives. Items in black are used by
pass (for authentication) to send-sms URL
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>sendsms-password</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -929,10 +1036,15 @@ lists all the configuration directives. Items in black are used by
pass (for authentication) to send-sms URL
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>sendsms-global-sender</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -941,11 +1053,16 @@ lists all the configuration directives. Items in black are used by
(<i>to</i> field) to use in send sms url
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>mms-port</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Integer
&nbsp; &nbsp;</td>
@ -956,11 +1073,17 @@ lists all the configuration directives. Items in black are used by
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>mm7-port</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Integer
&nbsp; &nbsp;</td>
@ -975,6 +1098,12 @@ lists all the configuration directives. Items in black are used by
<td valign=top >
<tt>allow-ip</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
List of IP
addresses
@ -993,6 +1122,12 @@ lists all the configuration directives. Items in black are used by
<td valign=top >
<tt>deny-ip</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>ALL</i>
&nbsp; &nbsp;
</td>
<td valign=top >
List of IP
addresses
@ -1005,10 +1140,16 @@ lists all the configuration directives. Items in black are used by
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>mms-client-msisdn-header</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1021,10 +1162,16 @@ lists all the configuration directives. Items in black are used by
(default header name is <tt>X-WAP-Network-Client-MSISDN</tt>)
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>mms-client-ip-header</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1040,10 +1187,16 @@ lists all the configuration directives. Items in black are used by
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>allow-ip-type</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Boolean
&nbsp; &nbsp;</td>
@ -1052,10 +1205,16 @@ lists all the configuration directives. Items in black are used by
senders identified by IP address (i.e. not by MSISDN). Default: True.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>optimize-notification-size</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Boolean
&nbsp; &nbsp;</td>
@ -1065,10 +1224,16 @@ lists all the configuration directives. Items in black are used by
fields. Default: false
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>content-adaptation</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Boolean
&nbsp; &nbsp;</td>
@ -1079,10 +1244,16 @@ lists all the configuration directives. Items in black are used by
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>email2mms-relay-hosts</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Number list
&nbsp; &nbsp;</td>
@ -1100,10 +1271,16 @@ lists all the configuration directives. Items in black are used by
queued, otherwise it is discarded.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>billing-library</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1114,10 +1291,16 @@ lists all the configuration directives. Items in black are used by
generation. See <tt>mms_billing.h</tt> for details.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>billing-module-parameters</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1128,10 +1311,16 @@ lists all the configuration directives. Items in black are used by
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>resolver-library</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1145,10 +1334,16 @@ lists all the configuration directives. Items in black are used by
<tt>mms_resolve.h</tt> for details.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>resolver-module-parameters</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1159,13 +1354,19 @@ lists all the configuration directives. Items in black are used by
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>detokenizer-library</tt>
&nbsp; &nbsp;</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Optional
library containing functions for finding MSISDN from request URL
@ -1176,10 +1377,16 @@ lists all the configuration directives. Items in black are used by
<tt>mms_detokenize.h</tt> for details.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>detokenizer-module-parameters</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1190,10 +1397,16 @@ lists all the configuration directives. Items in black are used by
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>prov-server-notify-script</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1207,10 +1420,16 @@ lists all the configuration directives. Items in black are used by
failed fetch provides a description of the error (e.g. message expired).
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>prov-server-sub-status-script</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
string
&nbsp; &nbsp;</td>
@ -1225,10 +1444,16 @@ lists all the configuration directives. Items in black are used by
<tt>mmsrelay</tt> will deliver the message (see below).
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top>
<tt>notify-unprovisioned</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Boolean
&nbsp; &nbsp;</td>
@ -1238,23 +1463,35 @@ lists all the configuration directives. Items in black are used by
(e.g. SMS) when an MMS message is received for them.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top>
<tt>mms-notify-text</tt>
&nbsp; &nbsp;</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Message to send
to device that does not support MMS, when a message is received for the user.
This message is sent as plain SMS via the Send SMS URL specified above.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>mms-notify-unprovisioned-text</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top>
String
&nbsp; &nbsp;</td>
@ -1264,10 +1501,16 @@ lists all the configuration directives. Items in black are used by
<tt>notify-unprovisioned</tt> is true).
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>mms-message-too-large-txt</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1279,10 +1522,16 @@ lists all the configuration directives. Items in black are used by
part of an MMS message.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>mms-to-email-html</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
string
&nbsp; &nbsp;</td>
@ -1296,10 +1545,16 @@ lists all the configuration directives. Items in black are used by
is tagged at the bottom of the HTML.
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #500000; background: white">
<tr >
<td valign=top >
<tt>mms-to-email-txt</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>MMSC</i>
&nbsp; &nbsp;
</td>
<td valign=top >
String
&nbsp; &nbsp;</td>
@ -1311,10 +1566,16 @@ lists all the configuration directives. Items in black are used by
</tr>
<tr style="color: #001177; background: white">
<tr >
<td valign=top >
<tt>sendmms-port</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>VAS GW</i>
&nbsp; &nbsp;
</td>
<td valign=top >
number
&nbsp; &nbsp;</td>
@ -1323,10 +1584,16 @@ lists all the configuration directives. Items in black are used by
requests. (Optional.)
&nbsp; &nbsp;</td>
</tr>
<tr style="color: #001177; background: white">
<tr >
<td valign=top >
<tt>sendmms-port-ssl</tt>
&nbsp; &nbsp;</td>
<td valign=top >
<i>VAS GW</i>
&nbsp; &nbsp;
</td>
<td valign=top >
Boolean
&nbsp; &nbsp;</td>

44
mbuni/mmlib/mms_util.c
View File

@ -637,6 +637,7 @@ static int send2email(Octstr *to, Octstr *from, Octstr *subject,
i = 0;
for (;;) {
Octstr *tmp;
while (sendmail_cmd[i]) {
char c = sendmail_cmd[i];
if (c == '%' && sendmail_cmd[i + 1])
@ -649,22 +650,37 @@ static int send2email(Octstr *to, Octstr *from, Octstr *subject,
switch(sendmail_cmd[i+1]) {
case 't':
octstr_append(cmd, to);
tmp = octstr_duplicate(to);
escape_shell_chars(tmp);
octstr_append(cmd, tmp);
octstr_destroy(tmp);
break;
case 'f':
if (append_hostname) {
Octstr *xfrom = octstr_duplicate(from);
addmmscname(xfrom, myhostname);
escape_shell_chars(xfrom);
octstr_append(cmd, xfrom);
octstr_destroy(xfrom);
} else
octstr_append(cmd, from);
} else {
tmp = octstr_duplicate(from);
escape_shell_chars(tmp);
octstr_append(cmd, tmp);
octstr_destroy(tmp);
}
break;
case 's':
tmp = octstr_duplicate(subject);
escape_shell_chars(tmp);
octstr_append(cmd, subject);
octstr_destroy(tmp);
break;
case 'm':
tmp = octstr_duplicate(msgid);
escape_shell_chars(tmp);
octstr_append(cmd, msgid);
octstr_destroy(tmp);
break;
case '%':
octstr_format_append(cmd, "%%");
@ -1019,3 +1035,25 @@ int is_allowed_host(Octstr *host, Octstr *host_list)
return ret;
}
#define SHELLCHARS "'|\"()[]{}$&!?*><%`\n \t"
void escape_shell_chars(Octstr *str)
{
Octstr *tmp;
int i, n, prev;
octstr_strip_blanks(str);
tmp = octstr_duplicate(str);
octstr_delete(str, 0, octstr_len(str));
for (i = 0, prev=0, n = octstr_len(tmp); i < n; i++) {
int ch = octstr_get_char(tmp,i);
if (strchr(SHELLCHARS, ch) != NULL && prev != '\\')
octstr_append_char(str, '\\');
octstr_append_char(str, ch);
prev = ch;
}
octstr_destroy(tmp);
}

4
mbuni/mmlib/mms_util.h
View File

@ -143,6 +143,10 @@ void _mms_fixup_address(Octstr *address);
/* Check that host is one of hosts in semi-colon separated list in host_list */
int is_allowed_host(Octstr *host, Octstr *host_list);
/* escape (backlash) special shell characters. */
void escape_shell_chars(Octstr *str);
#define MAXQTRIES 100
#define BACKOFF_FACTOR 5*60 /* In seconds */
#define QUEUERUN_INTERVAL 15*60 /* 15 minutes. */