diff --git a/mbuni/doc/userguide.shtml b/mbuni/doc/userguide.shtml index 72c0286..db9b297 100644 --- a/mbuni/doc/userguide.shtml +++ b/mbuni/doc/userguide.shtml @@ -663,23 +663,20 @@ max-send-threads = 5
send-mail-prog -= /usr/sbin/sendmail -f '%f' '%t'
+= /usr/sbin/sendmail -f %f %t
...

The table below -lists all the configuration directives. Items in black are used by - both modes of operation, while those in blue - are used only when - operating in VAS Gateway mode, and those in red when +lists all the configuration directives. The column Mode + indicates operation mode in which the parameter is applicable: + Config params marked VAS GW + are only applicable when + operating in VAS Gateway mode, while those marked MMSC + are only applicable when operating in - MMSC mode.

+ MMSC mode. The rest are used in both modes.

@@ -687,6 +684,11 @@ lists all the configuration directives. Items in black are used by Variable Name     + + + @@ -697,6 +699,11 @@ lists all the configuration directives. Items in black are used by + + @@ -706,20 +713,35 @@ lists all the configuration directives. Items in black are used by     + + + + + + - + + + + @@ -729,10 +751,16 @@ lists all the configuration directives. Items in black are used by Email or to a foreign MMSC via SMTP. Defaults to localhost     - + + + + @@ -747,11 +775,17 @@ lists all the configuration directives. Items in black are used by notifications. If you do not supply a host alias, the gateway will create a long form URL (http://hostname:port/msgtoken) when it sends notifications     - + + + + - + + + + + + + + + + + @@ -803,10 +856,16 @@ lists all the configuration directives. Items in black are used by faster.     - + + + + @@ -815,7 +874,9 @@ lists all the configuration directives. Items in black are used by (MMS-to-email or to foreign MMS gateways via SMTP). This command can include variables: %f – replaced with the message from address, %t – replaced with the recipient address (RFC 822 compliant), %s – the message subject, %m - – the message ID + – the message ID. (NOTE: Special shell characters — + &, |, $, (, ), and so on &mdash are escaped + after variable substitution, hence parameter quoting is not necessary.)     @@ -823,6 +884,12 @@ lists all the configuration directives. Items in black are used by unified-prefix     + + + @@ -841,6 +908,12 @@ lists all the configuration directives. Items in black are used by maximum-send-attempts     + + + @@ -855,6 +928,12 @@ lists all the configuration directives. Items in black are used by default-message-expiry     + + + @@ -869,6 +948,12 @@ lists all the configuration directives. Items in black are used by queue-run-interval     + + + @@ -882,6 +967,12 @@ lists all the configuration directives. Items in black are used by send-attempt-back-off     + + + @@ -890,10 +981,16 @@ lists all the configuration directives. Items in black are used by delivery attempts, when a delivery attempt fails.     - + + + + @@ -904,11 +1001,16 @@ lists all the configuration directives. Items in black are used by parameters (udh, from, to, text, etc.)     - + + + @@ -917,10 +1019,15 @@ lists all the configuration directives. Items in black are used by pass (for authentication) to send-sms URL     - + + + @@ -929,10 +1036,15 @@ lists all the configuration directives. Items in black are used by pass (for authentication) to send-sms URL     - + + + @@ -941,11 +1053,16 @@ lists all the configuration directives. Items in black are used by (to field) to use in send sms url     - + + + @@ -956,11 +1073,17 @@ lists all the configuration directives. Items in black are used by     - + + + + @@ -975,6 +1098,12 @@ lists all the configuration directives. Items in black are used by + + + + + + - + + + + @@ -1021,10 +1162,16 @@ lists all the configuration directives. Items in black are used by (default header name is X-WAP-Network-Client-MSISDN)     - + + + + @@ -1040,10 +1187,16 @@ lists all the configuration directives. Items in black are used by     - + + + + @@ -1052,10 +1205,16 @@ lists all the configuration directives. Items in black are used by senders identified by IP address (i.e. not by MSISDN). Default: True.     - + + + + @@ -1065,10 +1224,16 @@ lists all the configuration directives. Items in black are used by fields. Default: false     - + + + + @@ -1079,10 +1244,16 @@ lists all the configuration directives. Items in black are used by     - + + + + @@ -1100,10 +1271,16 @@ lists all the configuration directives. Items in black are used by queued, otherwise it is discarded.     - + + + + @@ -1114,10 +1291,16 @@ lists all the configuration directives. Items in black are used by generation. See mms_billing.h for details.     - + + + + @@ -1128,10 +1311,16 @@ lists all the configuration directives. Items in black are used by     - + + + + @@ -1145,10 +1334,16 @@ lists all the configuration directives. Items in black are used by mms_resolve.h for details.     - + + + + @@ -1159,13 +1354,19 @@ lists all the configuration directives. Items in black are used by     - + + + + - + + + + @@ -1190,10 +1397,16 @@ lists all the configuration directives. Items in black are used by     - + + + + @@ -1207,10 +1420,16 @@ lists all the configuration directives. Items in black are used by failed fetch provides a description of the error (e.g. message expired).     - + + + + @@ -1225,10 +1444,16 @@ lists all the configuration directives. Items in black are used by mmsrelay will deliver the message (see below).     - + + + + @@ -1238,23 +1463,35 @@ lists all the configuration directives. Items in black are used by (e.g. SMS) when an MMS message is received for them.     - + + + + - + + + + @@ -1264,10 +1501,16 @@ lists all the configuration directives. Items in black are used by notify-unprovisioned is true).     - + + + + @@ -1279,10 +1522,16 @@ lists all the configuration directives. Items in black are used by part of an MMS message.     - + + + + @@ -1296,10 +1545,16 @@ lists all the configuration directives. Items in black are used by is tagged at the bottom of the HTML.     - + + + + @@ -1311,10 +1566,16 @@ lists all the configuration directives. Items in black are used by - + + + + @@ -1323,10 +1584,16 @@ lists all the configuration directives. Items in black are used by requests. (Optional.)     - + + + + diff --git a/mbuni/mmlib/mms_util.c b/mbuni/mmlib/mms_util.c index 1c17b81..efdf9fc 100644 --- a/mbuni/mmlib/mms_util.c +++ b/mbuni/mmlib/mms_util.c @@ -637,6 +637,7 @@ static int send2email(Octstr *to, Octstr *from, Octstr *subject, i = 0; for (;;) { + Octstr *tmp; while (sendmail_cmd[i]) { char c = sendmail_cmd[i]; if (c == '%' && sendmail_cmd[i + 1]) @@ -649,22 +650,37 @@ static int send2email(Octstr *to, Octstr *from, Octstr *subject, switch(sendmail_cmd[i+1]) { case 't': - octstr_append(cmd, to); + tmp = octstr_duplicate(to); + escape_shell_chars(tmp); + octstr_append(cmd, tmp); + octstr_destroy(tmp); break; case 'f': if (append_hostname) { Octstr *xfrom = octstr_duplicate(from); addmmscname(xfrom, myhostname); + escape_shell_chars(xfrom); + octstr_append(cmd, xfrom); octstr_destroy(xfrom); - } else - octstr_append(cmd, from); + } else { + tmp = octstr_duplicate(from); + escape_shell_chars(tmp); + octstr_append(cmd, tmp); + octstr_destroy(tmp); + } break; case 's': + tmp = octstr_duplicate(subject); + escape_shell_chars(tmp); octstr_append(cmd, subject); + octstr_destroy(tmp); break; case 'm': + tmp = octstr_duplicate(msgid); + escape_shell_chars(tmp); octstr_append(cmd, msgid); + octstr_destroy(tmp); break; case '%': octstr_format_append(cmd, "%%"); @@ -1019,3 +1035,25 @@ int is_allowed_host(Octstr *host, Octstr *host_list) return ret; } + +#define SHELLCHARS "'|\"()[]{}$&!?*><%`\n \t" +void escape_shell_chars(Octstr *str) +{ + Octstr *tmp; + int i, n, prev; + + octstr_strip_blanks(str); + + tmp = octstr_duplicate(str); + octstr_delete(str, 0, octstr_len(str)); + + for (i = 0, prev=0, n = octstr_len(tmp); i < n; i++) { + int ch = octstr_get_char(tmp,i); + + if (strchr(SHELLCHARS, ch) != NULL && prev != '\\') + octstr_append_char(str, '\\'); + octstr_append_char(str, ch); + prev = ch; + } + octstr_destroy(tmp); +} diff --git a/mbuni/mmlib/mms_util.h b/mbuni/mmlib/mms_util.h index 85f687b..2dd0e42 100644 --- a/mbuni/mmlib/mms_util.h +++ b/mbuni/mmlib/mms_util.h @@ -143,6 +143,10 @@ void _mms_fixup_address(Octstr *address); /* Check that host is one of hosts in semi-colon separated list in host_list */ int is_allowed_host(Octstr *host, Octstr *host_list); + +/* escape (backlash) special shell characters. */ +void escape_shell_chars(Octstr *str); + #define MAXQTRIES 100 #define BACKOFF_FACTOR 5*60 /* In seconds */ #define QUEUERUN_INTERVAL 15*60 /* 15 minutes. */
+ Mode +     Type    
group     + ALL +     + mbuni    
name     + ALL +     + string     User-friendly name for the Gateway, used in notices, etc    
hostname     + MMSC +     + string    
host-alias     + MMSC +     + string    
local-mmsc-domains     + MMSC +     + List of Internet domains (comma separated) @@ -762,9 +796,16 @@ lists all the configuration directives. Items in black are used by or MMS messages received destined to these domains should be treated as local    
local-prefixes     + MMSC +     + Number prefix list @@ -780,6 +821,12 @@ lists all the configuration directives. Items in black are used by storage-directory     + ALL +     + Directory name (string) @@ -794,6 +841,12 @@ lists all the configuration directives. Items in black are used by max-send-threads     + ALL +     + Number    
send-mail-prog     + MMSC +     + String    
+ ALL +     + Number list     + ALL +     + integer     + ALL +     + Integer     + ALL +     + Real     + ALL +     + Integer    
sendsms-url     + MMSC +     + String    
sendsms-username     + MMSC +     + String    
sendsms-password     + MMSC +     + String    
sendsms-global-sender     + MMSC +     + String    
mms-port     + MMSC +     + Integer    
mm7-port     + MMSC +     + Integer     allow-ip     + ALL +     + List of IP addresses @@ -993,6 +1122,12 @@ lists all the configuration directives. Items in black are used by deny-ip     + ALL +     + List of IP addresses @@ -1005,10 +1140,16 @@ lists all the configuration directives. Items in black are used by    
mms-client-msisdn-header     + MMSC +     + String    
mms-client-ip-header     + MMSC +     + String    
allow-ip-type     + MMSC +     + Boolean    
optimize-notification-size     + MMSC +     + Boolean    
content-adaptation     + MMSC +     + Boolean    
email2mms-relay-hosts     + MMSC +     + Number list    
billing-library     + MMSC +     + String    
billing-module-parameters     + MMSC +     + String    
resolver-library     + MMSC +     + String    
resolver-module-parameters     + MMSC +     + String    
detokenizer-library     String     + MMSC +     + Optional library containing functions for finding MSISDN from request URL @@ -1176,10 +1377,16 @@ lists all the configuration directives. Items in black are used by mms_detokenize.h for details.    
detokenizer-module-parameters     + MMSC +     + String    
prov-server-notify-script     + MMSC +     + String    
prov-server-sub-status-script     + MMSC +     + string    
notify-unprovisioned     + MMSC +     + Boolean    
mms-notify-text     String     + MMSC +     + Message to send to device that does not support MMS, when a message is received for the user. This message is sent as plain SMS via the Send SMS URL specified above.    
mms-notify-unprovisioned-text     + MMSC +     + String    
mms-message-too-large-txt     + MMSC +     + String    
mms-to-email-html     + MMSC +     + string    
mms-to-email-txt     + MMSC +     + String    
sendmms-port     + VAS GW +     + number    
sendmms-port-ssl     + VAS GW +     + Boolean