Update version number and copyright year.
[exim.git] / src / src / expand.c
CommitLineData
184e8823 1/* $Cambridge: exim/src/src/expand.c,v 1.75 2007/01/08 10:50:18 ph10 Exp $ */
059ec3d9
PH
2
3/*************************************************
4* Exim - an Internet mail transport agent *
5*************************************************/
6
184e8823 7/* Copyright (c) University of Cambridge 1995 - 2007 */
059ec3d9
PH
8/* See the file NOTICE for conditions of use and distribution. */
9
10
11/* Functions for handling string expansion. */
12
13
14#include "exim.h"
15
96c065cb
PH
16/* Recursively called function */
17
18static uschar *expand_string_internal(uschar *, BOOL, uschar **, BOOL);
19
059ec3d9
PH
20#ifdef STAND_ALONE
21#ifndef SUPPORT_CRYPTEQ
22#define SUPPORT_CRYPTEQ
23#endif
24#endif
25
96c065cb
PH
26#ifdef LOOKUP_LDAP
27#include "lookups/ldap.h"
28#endif
29
059ec3d9
PH
30#ifdef SUPPORT_CRYPTEQ
31#ifdef CRYPT_H
32#include <crypt.h>
33#endif
34#ifndef HAVE_CRYPT16
35extern char* crypt16(char*, char*);
36#endif
37#endif
38
96c065cb
PH
39/* The handling of crypt16() is a mess. I will record below the analysis of the
40mess that was sent to me. We decided, however, to make changing this very low
41priority, because in practice people are moving away from the crypt()
42algorithms nowadays, so it doesn't seem worth it.
43
44<quote>
45There is an algorithm named "crypt16" in Ultrix and Tru64. It crypts
46the first 8 characters of the password using a 20-round version of crypt
47(standard crypt does 25 rounds). It then crypts the next 8 characters,
48or an empty block if the password is less than 9 characters, using a
4920-round version of crypt and the same salt as was used for the first
50block. Charaters after the first 16 are ignored. It always generates
51a 16-byte hash, which is expressed together with the salt as a string
52of 24 base 64 digits. Here are some links to peruse:
53
54 http://cvs.pld.org.pl/pam/pamcrypt/crypt16.c?rev=1.2
55 http://seclists.org/bugtraq/1999/Mar/0076.html
56
57There's a different algorithm named "bigcrypt" in HP-UX, Digital Unix,
58and OSF/1. This is the same as the standard crypt if given a password
59of 8 characters or less. If given more, it first does the same as crypt
60using the first 8 characters, then crypts the next 8 (the 9th to 16th)
61using as salt the first two base 64 digits from the first hash block.
62If the password is more than 16 characters then it crypts the 17th to 24th
63characters using as salt the first two base 64 digits from the second hash
64block. And so on: I've seen references to it cutting off the password at
6540 characters (5 blocks), 80 (10 blocks), or 128 (16 blocks). Some links:
66
67 http://cvs.pld.org.pl/pam/pamcrypt/bigcrypt.c?rev=1.2
68 http://seclists.org/bugtraq/1999/Mar/0109.html
69 http://h30097.www3.hp.com/docs/base_doc/DOCUMENTATION/HTML/AA-Q0R2D-
70 TET1_html/sec.c222.html#no_id_208
71
72Exim has something it calls "crypt16". It will either use a native
73crypt16 or its own implementation. A native crypt16 will presumably
74be the one that I called "crypt16" above. The internal "crypt16"
75function, however, is a two-block-maximum implementation of what I called
76"bigcrypt". The documentation matches the internal code.
77
78I suspect that whoever did the "crypt16" stuff for Exim didn't realise
79that crypt16 and bigcrypt were different things.
80
81Exim uses the LDAP-style scheme identifier "{crypt16}" to refer
82to whatever it is using under that name. This unfortunately sets a
83precedent for using "{crypt16}" to identify two incompatible algorithms
84whose output can't be distinguished. With "{crypt16}" thus rendered
85ambiguous, I suggest you deprecate it and invent two new identifiers
86for the two algorithms.
87
88Both crypt16 and bigcrypt are very poor algorithms, btw. Hashing parts
89of the password separately means they can be cracked separately, so
90the double-length hash only doubles the cracking effort instead of
91squaring it. I recommend salted SHA-1 ({SSHA}), or the Blowfish-based
92bcrypt ({CRYPT}$2a$).
93</quote>
94*/
059ec3d9
PH
95
96
059ec3d9
PH
97
98
99/*************************************************
100* Local statics and tables *
101*************************************************/
102
103/* Table of item names, and corresponding switch numbers. The names must be in
104alphabetical order. */
105
106static uschar *item_table[] = {
1a46a8c5 107 US"dlfunc",
059ec3d9
PH
108 US"extract",
109 US"hash",
110 US"hmac",
111 US"if",
112 US"length",
113 US"lookup",
114 US"nhash",
1a46a8c5 115 US"perl",
fffda43a
TK
116 US"prvs",
117 US"prvscheck",
059ec3d9
PH
118 US"readfile",
119 US"readsocket",
120 US"run",
121 US"sg",
122 US"substr",
123 US"tr" };
124
125enum {
1a46a8c5 126 EITEM_DLFUNC,
059ec3d9
PH
127 EITEM_EXTRACT,
128 EITEM_HASH,
129 EITEM_HMAC,
130 EITEM_IF,
131 EITEM_LENGTH,
132 EITEM_LOOKUP,
133 EITEM_NHASH,
1a46a8c5 134 EITEM_PERL,
fffda43a
TK
135 EITEM_PRVS,
136 EITEM_PRVSCHECK,
059ec3d9
PH
137 EITEM_READFILE,
138 EITEM_READSOCK,
139 EITEM_RUN,
140 EITEM_SG,
141 EITEM_SUBSTR,
142 EITEM_TR };
143
144/* Tables of operator names, and corresponding switch numbers. The names must be
145in alphabetical order. There are two tables, because underscore is used in some
146cases to introduce arguments, whereas for other it is part of the name. This is
147an historical mis-design. */
148
149static uschar *op_table_underscore[] = {
150 US"from_utf8",
151 US"local_part",
152 US"quote_local_part",
f90d018c 153 US"time_eval",
059ec3d9
PH
154 US"time_interval"};
155
156enum {
157 EOP_FROM_UTF8,
158 EOP_LOCAL_PART,
159 EOP_QUOTE_LOCAL_PART,
f90d018c 160 EOP_TIME_EVAL,
059ec3d9
PH
161 EOP_TIME_INTERVAL };
162
163static uschar *op_table_main[] = {
164 US"address",
165 US"base62",
166 US"base62d",
167 US"domain",
168 US"escape",
169 US"eval",
170 US"eval10",
171 US"expand",
172 US"h",
173 US"hash",
174 US"hex2b64",
175 US"l",
176 US"lc",
177 US"length",
178 US"mask",
179 US"md5",
180 US"nh",
181 US"nhash",
182 US"quote",
183 US"rfc2047",
184 US"rxquote",
185 US"s",
186 US"sha1",
187 US"stat",
188 US"str2b64",
189 US"strlen",
190 US"substr",
191 US"uc" };
192
193enum {
194 EOP_ADDRESS = sizeof(op_table_underscore)/sizeof(uschar *),
195 EOP_BASE62,
196 EOP_BASE62D,
197 EOP_DOMAIN,
198 EOP_ESCAPE,
199 EOP_EVAL,
200 EOP_EVAL10,
201 EOP_EXPAND,
202 EOP_H,
203 EOP_HASH,
204 EOP_HEX2B64,
205 EOP_L,
206 EOP_LC,
207 EOP_LENGTH,
208 EOP_MASK,
209 EOP_MD5,
210 EOP_NH,
211 EOP_NHASH,
212 EOP_QUOTE,
213 EOP_RFC2047,
214 EOP_RXQUOTE,
215 EOP_S,
216 EOP_SHA1,
217 EOP_STAT,
218 EOP_STR2B64,
219 EOP_STRLEN,
220 EOP_SUBSTR,
221 EOP_UC };
222
223
224/* Table of condition names, and corresponding switch numbers. The names must
225be in alphabetical order. */
226
227static uschar *cond_table[] = {
228 US"<",
229 US"<=",
230 US"=",
231 US"==", /* Backward compatibility */
232 US">",
233 US">=",
234 US"and",
235 US"crypteq",
236 US"def",
237 US"eq",
238 US"eqi",
239 US"exists",
240 US"first_delivery",
241 US"ge",
242 US"gei",
243 US"gt",
244 US"gti",
245 US"isip",
246 US"isip4",
247 US"isip6",
248 US"ldapauth",
249 US"le",
250 US"lei",
251 US"lt",
252 US"lti",
253 US"match",
254 US"match_address",
255 US"match_domain",
32d668a5 256 US"match_ip",
059ec3d9
PH
257 US"match_local_part",
258 US"or",
259 US"pam",
260 US"pwcheck",
261 US"queue_running",
262 US"radius",
263 US"saslauthd"
264};
265
266enum {
267 ECOND_NUM_L,
268 ECOND_NUM_LE,
269 ECOND_NUM_E,
270 ECOND_NUM_EE,
271 ECOND_NUM_G,
272 ECOND_NUM_GE,
273 ECOND_AND,
274 ECOND_CRYPTEQ,
275 ECOND_DEF,
276 ECOND_STR_EQ,
277 ECOND_STR_EQI,
278 ECOND_EXISTS,
279 ECOND_FIRST_DELIVERY,
280 ECOND_STR_GE,
281 ECOND_STR_GEI,
282 ECOND_STR_GT,
283 ECOND_STR_GTI,
284 ECOND_ISIP,
285 ECOND_ISIP4,
286 ECOND_ISIP6,
287 ECOND_LDAPAUTH,
288 ECOND_STR_LE,
289 ECOND_STR_LEI,
290 ECOND_STR_LT,
291 ECOND_STR_LTI,
292 ECOND_MATCH,
293 ECOND_MATCH_ADDRESS,
294 ECOND_MATCH_DOMAIN,
32d668a5 295 ECOND_MATCH_IP,
059ec3d9
PH
296 ECOND_MATCH_LOCAL_PART,
297 ECOND_OR,
298 ECOND_PAM,
299 ECOND_PWCHECK,
300 ECOND_QUEUE_RUNNING,
301 ECOND_RADIUS,
302 ECOND_SASLAUTHD
303};
304
305
306/* Type for main variable table */
307
308typedef struct {
309 char *name;
310 int type;
311 void *value;
312} var_entry;
313
314/* Type for entries pointing to address/length pairs. Not currently
315in use. */
316
317typedef struct {
318 uschar **address;
319 int *length;
320} alblock;
321
322/* Types of table entry */
323
324enum {
325 vtype_int, /* value is address of int */
326 vtype_filter_int, /* ditto, but recognized only when filtering */
327 vtype_ino, /* value is address of ino_t (not always an int) */
328 vtype_uid, /* value is address of uid_t (not always an int) */
329 vtype_gid, /* value is address of gid_t (not always an int) */
330 vtype_stringptr, /* value is address of pointer to string */
331 vtype_msgbody, /* as stringptr, but read when first required */
332 vtype_msgbody_end, /* ditto, the end of the message */
ff75a1f7
PH
333 vtype_msgheaders, /* the message's headers, processed */
334 vtype_msgheaders_raw, /* the message's headers, unprocessed */
059ec3d9
PH
335 vtype_localpart, /* extract local part from string */
336 vtype_domain, /* extract domain from string */
337 vtype_recipients, /* extract recipients from recipients list */
338 /* (enabled only during system filtering */
339 vtype_todbsdin, /* value not used; generate BSD inbox tod */
340 vtype_tode, /* value not used; generate tod in epoch format */
341 vtype_todf, /* value not used; generate full tod */
342 vtype_todl, /* value not used; generate log tod */
343 vtype_todlf, /* value not used; generate log file datestamp tod */
344 vtype_todzone, /* value not used; generate time zone only */
345 vtype_todzulu, /* value not used; generate zulu tod */
346 vtype_reply, /* value not used; get reply from headers */
347 vtype_pid, /* value not used; result is pid */
348 vtype_host_lookup, /* value not used; get host name */
5cb8cbc6
PH
349 vtype_load_avg, /* value not used; result is int from os_getloadavg */
350 vtype_pspace, /* partition space; value is T/F for spool/log */
8e669ac1 351 vtype_pinodes /* partition inodes; value is T/F for spool/log */
fb2274d4
TK
352#ifdef EXPERIMENTAL_DOMAINKEYS
353 ,vtype_dk_verify /* Serve request out of DomainKeys verification structure */
84330b7b 354#endif
059ec3d9
PH
355 };
356
357/* This table must be kept in alphabetical order. */
358
359static var_entry var_table[] = {
38a0a95f
PH
360 /* WARNING: Do not invent variables whose names start acl_c or acl_m because
361 they will be confused with user-creatable ACL variables. */
059ec3d9
PH
362 { "acl_verify_message", vtype_stringptr, &acl_verify_message },
363 { "address_data", vtype_stringptr, &deliver_address_data },
364 { "address_file", vtype_stringptr, &address_file },
365 { "address_pipe", vtype_stringptr, &address_pipe },
366 { "authenticated_id", vtype_stringptr, &authenticated_id },
367 { "authenticated_sender",vtype_stringptr, &authenticated_sender },
368 { "authentication_failed",vtype_int, &authentication_failed },
8523533c
TK
369#ifdef EXPERIMENTAL_BRIGHTMAIL
370 { "bmi_alt_location", vtype_stringptr, &bmi_alt_location },
371 { "bmi_base64_tracker_verdict", vtype_stringptr, &bmi_base64_tracker_verdict },
372 { "bmi_base64_verdict", vtype_stringptr, &bmi_base64_verdict },
373 { "bmi_deliver", vtype_int, &bmi_deliver },
374#endif
059ec3d9
PH
375 { "body_linecount", vtype_int, &body_linecount },
376 { "body_zerocount", vtype_int, &body_zerocount },
377 { "bounce_recipient", vtype_stringptr, &bounce_recipient },
378 { "bounce_return_size_limit", vtype_int, &bounce_return_size_limit },
379 { "caller_gid", vtype_gid, &real_gid },
380 { "caller_uid", vtype_uid, &real_uid },
381 { "compile_date", vtype_stringptr, &version_date },
382 { "compile_number", vtype_stringptr, &version_cnumber },
e5a9dba6 383 { "csa_status", vtype_stringptr, &csa_status },
8523533c
TK
384#ifdef WITH_OLD_DEMIME
385 { "demime_errorlevel", vtype_int, &demime_errorlevel },
386 { "demime_reason", vtype_stringptr, &demime_reason },
fb2274d4
TK
387#endif
388#ifdef EXPERIMENTAL_DOMAINKEYS
389 { "dk_domain", vtype_stringptr, &dk_signing_domain },
390 { "dk_is_signed", vtype_dk_verify, NULL },
391 { "dk_result", vtype_dk_verify, NULL },
392 { "dk_selector", vtype_stringptr, &dk_signing_selector },
393 { "dk_sender", vtype_dk_verify, NULL },
394 { "dk_sender_domain", vtype_dk_verify, NULL },
395 { "dk_sender_local_part",vtype_dk_verify, NULL },
396 { "dk_sender_source", vtype_dk_verify, NULL },
397 { "dk_signsall", vtype_dk_verify, NULL },
398 { "dk_status", vtype_dk_verify, NULL },
399 { "dk_testing", vtype_dk_verify, NULL },
8523533c 400#endif
059ec3d9
PH
401 { "dnslist_domain", vtype_stringptr, &dnslist_domain },
402 { "dnslist_text", vtype_stringptr, &dnslist_text },
403 { "dnslist_value", vtype_stringptr, &dnslist_value },
404 { "domain", vtype_stringptr, &deliver_domain },
405 { "domain_data", vtype_stringptr, &deliver_domain_data },
406 { "exim_gid", vtype_gid, &exim_gid },
407 { "exim_path", vtype_stringptr, &exim_path },
408 { "exim_uid", vtype_uid, &exim_uid },
8523533c
TK
409#ifdef WITH_OLD_DEMIME
410 { "found_extension", vtype_stringptr, &found_extension },
8e669ac1 411#endif
059ec3d9
PH
412 { "home", vtype_stringptr, &deliver_home },
413 { "host", vtype_stringptr, &deliver_host },
414 { "host_address", vtype_stringptr, &deliver_host_address },
415 { "host_data", vtype_stringptr, &host_data },
b08b24c8 416 { "host_lookup_deferred",vtype_int, &host_lookup_deferred },
059ec3d9
PH
417 { "host_lookup_failed", vtype_int, &host_lookup_failed },
418 { "inode", vtype_ino, &deliver_inode },
419 { "interface_address", vtype_stringptr, &interface_address },
420 { "interface_port", vtype_int, &interface_port },
421 #ifdef LOOKUP_LDAP
422 { "ldap_dn", vtype_stringptr, &eldap_dn },
423 #endif
424 { "load_average", vtype_load_avg, NULL },
425 { "local_part", vtype_stringptr, &deliver_localpart },
426 { "local_part_data", vtype_stringptr, &deliver_localpart_data },
427 { "local_part_prefix", vtype_stringptr, &deliver_localpart_prefix },
428 { "local_part_suffix", vtype_stringptr, &deliver_localpart_suffix },
429 { "local_scan_data", vtype_stringptr, &local_scan_data },
430 { "local_user_gid", vtype_gid, &local_user_gid },
431 { "local_user_uid", vtype_uid, &local_user_uid },
432 { "localhost_number", vtype_int, &host_number },
5cb8cbc6 433 { "log_inodes", vtype_pinodes, (void *)FALSE },
8e669ac1 434 { "log_space", vtype_pspace, (void *)FALSE },
059ec3d9 435 { "mailstore_basename", vtype_stringptr, &mailstore_basename },
8523533c
TK
436#ifdef WITH_CONTENT_SCAN
437 { "malware_name", vtype_stringptr, &malware_name },
438#endif
059ec3d9
PH
439 { "message_age", vtype_int, &message_age },
440 { "message_body", vtype_msgbody, &message_body },
441 { "message_body_end", vtype_msgbody_end, &message_body_end },
442 { "message_body_size", vtype_int, &message_body_size },
1ab52c69 443 { "message_exim_id", vtype_stringptr, &message_id },
059ec3d9 444 { "message_headers", vtype_msgheaders, NULL },
ff75a1f7 445 { "message_headers_raw", vtype_msgheaders_raw, NULL },
059ec3d9 446 { "message_id", vtype_stringptr, &message_id },
2e0c1448 447 { "message_linecount", vtype_int, &message_linecount },
059ec3d9 448 { "message_size", vtype_int, &message_size },
8523533c
TK
449#ifdef WITH_CONTENT_SCAN
450 { "mime_anomaly_level", vtype_int, &mime_anomaly_level },
451 { "mime_anomaly_text", vtype_stringptr, &mime_anomaly_text },
452 { "mime_boundary", vtype_stringptr, &mime_boundary },
453 { "mime_charset", vtype_stringptr, &mime_charset },
454 { "mime_content_description", vtype_stringptr, &mime_content_description },
455 { "mime_content_disposition", vtype_stringptr, &mime_content_disposition },
456 { "mime_content_id", vtype_stringptr, &mime_content_id },
457 { "mime_content_size", vtype_int, &mime_content_size },
458 { "mime_content_transfer_encoding",vtype_stringptr, &mime_content_transfer_encoding },
459 { "mime_content_type", vtype_stringptr, &mime_content_type },
460 { "mime_decoded_filename", vtype_stringptr, &mime_decoded_filename },
461 { "mime_filename", vtype_stringptr, &mime_filename },
462 { "mime_is_coverletter", vtype_int, &mime_is_coverletter },
463 { "mime_is_multipart", vtype_int, &mime_is_multipart },
464 { "mime_is_rfc822", vtype_int, &mime_is_rfc822 },
465 { "mime_part_count", vtype_int, &mime_part_count },
466#endif
059ec3d9
PH
467 { "n0", vtype_filter_int, &filter_n[0] },
468 { "n1", vtype_filter_int, &filter_n[1] },
469 { "n2", vtype_filter_int, &filter_n[2] },
470 { "n3", vtype_filter_int, &filter_n[3] },
471 { "n4", vtype_filter_int, &filter_n[4] },
472 { "n5", vtype_filter_int, &filter_n[5] },
473 { "n6", vtype_filter_int, &filter_n[6] },
474 { "n7", vtype_filter_int, &filter_n[7] },
475 { "n8", vtype_filter_int, &filter_n[8] },
476 { "n9", vtype_filter_int, &filter_n[9] },
477 { "original_domain", vtype_stringptr, &deliver_domain_orig },
478 { "original_local_part", vtype_stringptr, &deliver_localpart_orig },
479 { "originator_gid", vtype_gid, &originator_gid },
480 { "originator_uid", vtype_uid, &originator_uid },
481 { "parent_domain", vtype_stringptr, &deliver_domain_parent },
482 { "parent_local_part", vtype_stringptr, &deliver_localpart_parent },
483 { "pid", vtype_pid, NULL },
484 { "primary_hostname", vtype_stringptr, &primary_hostname },
fffda43a
TK
485 { "prvscheck_address", vtype_stringptr, &prvscheck_address },
486 { "prvscheck_keynum", vtype_stringptr, &prvscheck_keynum },
487 { "prvscheck_result", vtype_stringptr, &prvscheck_result },
059ec3d9
PH
488 { "qualify_domain", vtype_stringptr, &qualify_domain_sender },
489 { "qualify_recipient", vtype_stringptr, &qualify_domain_recipient },
490 { "rcpt_count", vtype_int, &rcpt_count },
491 { "rcpt_defer_count", vtype_int, &rcpt_defer_count },
492 { "rcpt_fail_count", vtype_int, &rcpt_fail_count },
493 { "received_count", vtype_int, &received_count },
494 { "received_for", vtype_stringptr, &received_for },
194cc0e4
PH
495 { "received_ip_address", vtype_stringptr, &interface_address },
496 { "received_port", vtype_int, &interface_port },
059ec3d9 497 { "received_protocol", vtype_stringptr, &received_protocol },
7dbf77c9 498 { "received_time", vtype_int, &received_time },
059ec3d9 499 { "recipient_data", vtype_stringptr, &recipient_data },
8e669ac1 500 { "recipient_verify_failure",vtype_stringptr,&recipient_verify_failure },
059ec3d9
PH
501 { "recipients", vtype_recipients, NULL },
502 { "recipients_count", vtype_int, &recipients_count },
8523533c
TK
503#ifdef WITH_CONTENT_SCAN
504 { "regex_match_string", vtype_stringptr, &regex_match_string },
505#endif
059ec3d9
PH
506 { "reply_address", vtype_reply, NULL },
507 { "return_path", vtype_stringptr, &return_path },
508 { "return_size_limit", vtype_int, &bounce_return_size_limit },
509 { "runrc", vtype_int, &runrc },
510 { "self_hostname", vtype_stringptr, &self_hostname },
511 { "sender_address", vtype_stringptr, &sender_address },
2a3eea10 512 { "sender_address_data", vtype_stringptr, &sender_address_data },
059ec3d9
PH
513 { "sender_address_domain", vtype_domain, &sender_address },
514 { "sender_address_local_part", vtype_localpart, &sender_address },
515 { "sender_data", vtype_stringptr, &sender_data },
516 { "sender_fullhost", vtype_stringptr, &sender_fullhost },
517 { "sender_helo_name", vtype_stringptr, &sender_helo_name },
518 { "sender_host_address", vtype_stringptr, &sender_host_address },
519 { "sender_host_authenticated",vtype_stringptr, &sender_host_authenticated },
520 { "sender_host_name", vtype_host_lookup, NULL },
521 { "sender_host_port", vtype_int, &sender_host_port },
522 { "sender_ident", vtype_stringptr, &sender_ident },
870f6ba8
TF
523 { "sender_rate", vtype_stringptr, &sender_rate },
524 { "sender_rate_limit", vtype_stringptr, &sender_rate_limit },
525 { "sender_rate_period", vtype_stringptr, &sender_rate_period },
059ec3d9 526 { "sender_rcvhost", vtype_stringptr, &sender_rcvhost },
8e669ac1
PH
527 { "sender_verify_failure",vtype_stringptr, &sender_verify_failure },
528 { "smtp_active_hostname", vtype_stringptr, &smtp_active_hostname },
3ee512ff
PH
529 { "smtp_command", vtype_stringptr, &smtp_cmd_buffer },
530 { "smtp_command_argument", vtype_stringptr, &smtp_cmd_argument },
059ec3d9
PH
531 { "sn0", vtype_filter_int, &filter_sn[0] },
532 { "sn1", vtype_filter_int, &filter_sn[1] },
533 { "sn2", vtype_filter_int, &filter_sn[2] },
534 { "sn3", vtype_filter_int, &filter_sn[3] },
535 { "sn4", vtype_filter_int, &filter_sn[4] },
536 { "sn5", vtype_filter_int, &filter_sn[5] },
537 { "sn6", vtype_filter_int, &filter_sn[6] },
538 { "sn7", vtype_filter_int, &filter_sn[7] },
539 { "sn8", vtype_filter_int, &filter_sn[8] },
540 { "sn9", vtype_filter_int, &filter_sn[9] },
8523533c
TK
541#ifdef WITH_CONTENT_SCAN
542 { "spam_bar", vtype_stringptr, &spam_bar },
543 { "spam_report", vtype_stringptr, &spam_report },
544 { "spam_score", vtype_stringptr, &spam_score },
545 { "spam_score_int", vtype_stringptr, &spam_score_int },
546#endif
547#ifdef EXPERIMENTAL_SPF
548 { "spf_header_comment", vtype_stringptr, &spf_header_comment },
549 { "spf_received", vtype_stringptr, &spf_received },
550 { "spf_result", vtype_stringptr, &spf_result },
551 { "spf_smtp_comment", vtype_stringptr, &spf_smtp_comment },
552#endif
059ec3d9 553 { "spool_directory", vtype_stringptr, &spool_directory },
5cb8cbc6 554 { "spool_inodes", vtype_pinodes, (void *)TRUE },
8e669ac1 555 { "spool_space", vtype_pspace, (void *)TRUE },
8523533c
TK
556#ifdef EXPERIMENTAL_SRS
557 { "srs_db_address", vtype_stringptr, &srs_db_address },
558 { "srs_db_key", vtype_stringptr, &srs_db_key },
559 { "srs_orig_recipient", vtype_stringptr, &srs_orig_recipient },
560 { "srs_orig_sender", vtype_stringptr, &srs_orig_sender },
561 { "srs_recipient", vtype_stringptr, &srs_recipient },
562 { "srs_status", vtype_stringptr, &srs_status },
563#endif
059ec3d9
PH
564 { "thisaddress", vtype_stringptr, &filter_thisaddress },
565 { "tls_certificate_verified", vtype_int, &tls_certificate_verified },
566 { "tls_cipher", vtype_stringptr, &tls_cipher },
567 { "tls_peerdn", vtype_stringptr, &tls_peerdn },
568 { "tod_bsdinbox", vtype_todbsdin, NULL },
569 { "tod_epoch", vtype_tode, NULL },
570 { "tod_full", vtype_todf, NULL },
571 { "tod_log", vtype_todl, NULL },
572 { "tod_logfile", vtype_todlf, NULL },
573 { "tod_zone", vtype_todzone, NULL },
574 { "tod_zulu", vtype_todzulu, NULL },
575 { "value", vtype_stringptr, &lookup_value },
576 { "version_number", vtype_stringptr, &version_string },
577 { "warn_message_delay", vtype_stringptr, &warnmsg_delay },
578 { "warn_message_recipient",vtype_stringptr, &warnmsg_recipients },
579 { "warn_message_recipients",vtype_stringptr,&warnmsg_recipients },
580 { "warnmsg_delay", vtype_stringptr, &warnmsg_delay },
581 { "warnmsg_recipient", vtype_stringptr, &warnmsg_recipients },
582 { "warnmsg_recipients", vtype_stringptr, &warnmsg_recipients }
583};
584
585static int var_table_size = sizeof(var_table)/sizeof(var_entry);
586static uschar var_buffer[256];
587static BOOL malformed_header;
588
589/* For textual hashes */
590
591static char *hashcodes = "abcdefghijklmnopqrtsuvwxyz"
592 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
593 "0123456789";
594
595enum { HMAC_MD5, HMAC_SHA1 };
596
597/* For numeric hashes */
598
599static unsigned int prime[] = {
600 2, 3, 5, 7, 11, 13, 17, 19, 23, 29,
601 31, 37, 41, 43, 47, 53, 59, 61, 67, 71,
602 73, 79, 83, 89, 97, 101, 103, 107, 109, 113};
603
604/* For printing modes in symbolic form */
605
606static uschar *mtable_normal[] =
607 { US"---", US"--x", US"-w-", US"-wx", US"r--", US"r-x", US"rw-", US"rwx" };
608
609static uschar *mtable_setid[] =
610 { US"--S", US"--s", US"-wS", US"-ws", US"r-S", US"r-s", US"rwS", US"rws" };
611
612static uschar *mtable_sticky[] =
613 { US"--T", US"--t", US"-wT", US"-wt", US"r-T", US"r-t", US"rwT", US"rwt" };
614
615
616
617/*************************************************
618* Tables for UTF-8 support *
619*************************************************/
620
621/* Table of the number of extra characters, indexed by the first character
622masked with 0x3f. The highest number for a valid UTF-8 character is in fact
6230x3d. */
624
625static uschar utf8_table1[] = {
626 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
627 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
628 2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,
629 3,3,3,3,3,3,3,3,4,4,4,4,5,5,5,5 };
630
631/* These are the masks for the data bits in the first byte of a character,
632indexed by the number of additional bytes. */
633
634static int utf8_table2[] = { 0xff, 0x1f, 0x0f, 0x07, 0x03, 0x01};
635
636/* Get the next UTF-8 character, advancing the pointer. */
637
638#define GETUTF8INC(c, ptr) \
639 c = *ptr++; \
640 if ((c & 0xc0) == 0xc0) \
641 { \
642 int a = utf8_table1[c & 0x3f]; /* Number of additional bytes */ \
643 int s = 6*a; \
644 c = (c & utf8_table2[a]) << s; \
645 while (a-- > 0) \
646 { \
647 s -= 6; \
648 c |= (*ptr++ & 0x3f) << s; \
649 } \
650 }
651
652
653/*************************************************
654* Binary chop search on a table *
655*************************************************/
656
657/* This is used for matching expansion items and operators.
658
659Arguments:
660 name the name that is being sought
661 table the table to search
662 table_size the number of items in the table
663
664Returns: the offset in the table, or -1
665*/
666
667static int
668chop_match(uschar *name, uschar **table, int table_size)
669{
670uschar **bot = table;
671uschar **top = table + table_size;
672
673while (top > bot)
674 {
675 uschar **mid = bot + (top - bot)/2;
676 int c = Ustrcmp(name, *mid);
677 if (c == 0) return mid - table;
678 if (c > 0) bot = mid + 1; else top = mid;
679 }
680
681return -1;
682}
683
684
685
686/*************************************************
687* Check a condition string *
688*************************************************/
689
690/* This function is called to expand a string, and test the result for a "true"
691or "false" value. Failure of the expansion yields FALSE; logged unless it was a
692forced fail or lookup defer. All store used by the function can be released on
693exit.
694
695Arguments:
696 condition the condition string
697 m1 text to be incorporated in panic error
698 m2 ditto
699
700Returns: TRUE if condition is met, FALSE if not
701*/
702
703BOOL
704expand_check_condition(uschar *condition, uschar *m1, uschar *m2)
705{
706int rc;
707void *reset_point = store_get(0);
708uschar *ss = expand_string(condition);
709if (ss == NULL)
710 {
711 if (!expand_string_forcedfail && !search_find_defer)
712 log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand condition \"%s\" "
713 "for %s %s: %s", condition, m1, m2, expand_string_message);
714 return FALSE;
715 }
716rc = ss[0] != 0 && Ustrcmp(ss, "0") != 0 && strcmpic(ss, US"no") != 0 &&
717 strcmpic(ss, US"false") != 0;
718store_reset(reset_point);
719return rc;
720}
721
722
723
724/*************************************************
725* Pick out a name from a string *
726*************************************************/
727
728/* If the name is too long, it is silently truncated.
729
730Arguments:
731 name points to a buffer into which to put the name
732 max is the length of the buffer
733 s points to the first alphabetic character of the name
734 extras chars other than alphanumerics to permit
735
736Returns: pointer to the first character after the name
737
738Note: The test for *s != 0 in the while loop is necessary because
739Ustrchr() yields non-NULL if the character is zero (which is not something
740I expected). */
741
742static uschar *
743read_name(uschar *name, int max, uschar *s, uschar *extras)
744{
745int ptr = 0;
746while (*s != 0 && (isalnum(*s) || Ustrchr(extras, *s) != NULL))
747 {
748 if (ptr < max-1) name[ptr++] = *s;
749 s++;
750 }
751name[ptr] = 0;
752return s;
753}
754
755
756
757/*************************************************
758* Pick out the rest of a header name *
759*************************************************/
760
761/* A variable name starting $header_ (or just $h_ for those who like
762abbreviations) might not be the complete header name because headers can
763contain any printing characters in their names, except ':'. This function is
764called to read the rest of the name, chop h[eader]_ off the front, and put ':'
765on the end, if the name was terminated by white space.
766
767Arguments:
768 name points to a buffer in which the name read so far exists
769 max is the length of the buffer
770 s points to the first character after the name so far, i.e. the
771 first non-alphameric character after $header_xxxxx
772
773Returns: a pointer to the first character after the header name
774*/
775
776static uschar *
777read_header_name(uschar *name, int max, uschar *s)
778{
779int prelen = Ustrchr(name, '_') - name + 1;
780int ptr = Ustrlen(name) - prelen;
781if (ptr > 0) memmove(name, name+prelen, ptr);
782while (mac_isgraph(*s) && *s != ':')
783 {
784 if (ptr < max-1) name[ptr++] = *s;
785 s++;
786 }
787if (*s == ':') s++;
788name[ptr++] = ':';
789name[ptr] = 0;
790return s;
791}
792
793
794
795/*************************************************
796* Pick out a number from a string *
797*************************************************/
798
799/* Arguments:
800 n points to an integer into which to put the number
801 s points to the first digit of the number
802
803Returns: a pointer to the character after the last digit
804*/
805
806static uschar *
807read_number(int *n, uschar *s)
808{
809*n = 0;
810while (isdigit(*s)) *n = *n * 10 + (*s++ - '0');
811return s;
812}
813
814
815
816/*************************************************
817* Extract keyed subfield from a string *
818*************************************************/
819
820/* The yield is in dynamic store; NULL means that the key was not found.
821
822Arguments:
823 key points to the name of the key
824 s points to the string from which to extract the subfield
825
826Returns: NULL if the subfield was not found, or
827 a pointer to the subfield's data
828*/
829
830static uschar *
831expand_getkeyed(uschar *key, uschar *s)
832{
833int length = Ustrlen(key);
834while (isspace(*s)) s++;
835
836/* Loop to search for the key */
837
838while (*s != 0)
839 {
840 int dkeylength;
841 uschar *data;
842 uschar *dkey = s;
843
844 while (*s != 0 && *s != '=' && !isspace(*s)) s++;
845 dkeylength = s - dkey;
846 while (isspace(*s)) s++;
847 if (*s == '=') while (isspace((*(++s))));
848
849 data = string_dequote(&s);
850 if (length == dkeylength && strncmpic(key, dkey, length) == 0)
851 return data;
852
853 while (isspace(*s)) s++;
854 }
855
856return NULL;
857}
858
859
860
861
862/*************************************************
863* Extract numbered subfield from string *
864*************************************************/
865
866/* Extracts a numbered field from a string that is divided by tokens - for
867example a line from /etc/passwd is divided by colon characters. First field is
868numbered one. Negative arguments count from the right. Zero returns the whole
869string. Returns NULL if there are insufficient tokens in the string
870
871***WARNING***
872Modifies final argument - this is a dynamically generated string, so that's OK.
873
874Arguments:
875 field number of field to be extracted,
876 first field = 1, whole string = 0, last field = -1
877 separators characters that are used to break string into tokens
878 s points to the string from which to extract the subfield
879
880Returns: NULL if the field was not found,
881 a pointer to the field's data inside s (modified to add 0)
882*/
883
884static uschar *
885expand_gettokened (int field, uschar *separators, uschar *s)
886{
887int sep = 1;
888int count;
889uschar *ss = s;
890uschar *fieldtext = NULL;
891
892if (field == 0) return s;
893
894/* Break the line up into fields in place; for field > 0 we stop when we have
895done the number of fields we want. For field < 0 we continue till the end of
896the string, counting the number of fields. */
897
898count = (field > 0)? field : INT_MAX;
899
900while (count-- > 0)
901 {
902 size_t len;
903
904 /* Previous field was the last one in the string. For a positive field
905 number, this means there are not enough fields. For a negative field number,
906 check that there are enough, and scan back to find the one that is wanted. */
907
908 if (sep == 0)
909 {
910 if (field > 0 || (-field) > (INT_MAX - count - 1)) return NULL;
911 if ((-field) == (INT_MAX - count - 1)) return s;
912 while (field++ < 0)
913 {
914 ss--;
915 while (ss[-1] != 0) ss--;
916 }
917 fieldtext = ss;
918 break;
919 }
920
921 /* Previous field was not last in the string; save its start and put a
922 zero at its end. */
923
924 fieldtext = ss;
925 len = Ustrcspn(ss, separators);
926 sep = ss[len];
927 ss[len] = 0;
928 ss += len + 1;
929 }
930
931return fieldtext;
932}
933
934
935
936/*************************************************
937* Extract a substring from a string *
938*************************************************/
939
940/* Perform the ${substr or ${length expansion operations.
941
942Arguments:
943 subject the input string
944 value1 the offset from the start of the input string to the start of
945 the output string; if negative, count from the right.
946 value2 the length of the output string, or negative (-1) for unset
947 if value1 is positive, unset means "all after"
948 if value1 is negative, unset means "all before"
949 len set to the length of the returned string
950
951Returns: pointer to the output string, or NULL if there is an error
952*/
953
954static uschar *
955extract_substr(uschar *subject, int value1, int value2, int *len)
956{
957int sublen = Ustrlen(subject);
958
959if (value1 < 0) /* count from right */
960 {
961 value1 += sublen;
962
963 /* If the position is before the start, skip to the start, and adjust the
964 length. If the length ends up negative, the substring is null because nothing
965 can precede. This falls out naturally when the length is unset, meaning "all
966 to the left". */
967
968 if (value1 < 0)
969 {
970 value2 += value1;
971 if (value2 < 0) value2 = 0;
972 value1 = 0;
973 }
974
975 /* Otherwise an unset length => characters before value1 */
976
977 else if (value2 < 0)
978 {
979 value2 = value1;
980 value1 = 0;
981 }
982 }
983
984/* For a non-negative offset, if the starting position is past the end of the
985string, the result will be the null string. Otherwise, an unset length means
986"rest"; just set it to the maximum - it will be cut down below if necessary. */
987
988else
989 {
990 if (value1 > sublen)
991 {
992 value1 = sublen;
993 value2 = 0;
994 }
995 else if (value2 < 0) value2 = sublen;
996 }
997
998/* Cut the length down to the maximum possible for the offset value, and get
999the required characters. */
1000
1001if (value1 + value2 > sublen) value2 = sublen - value1;
1002*len = value2;
1003return subject + value1;
1004}
1005
1006
1007
1008
1009/*************************************************
1010* Old-style hash of a string *
1011*************************************************/
1012
1013/* Perform the ${hash expansion operation.
1014
1015Arguments:
1016 subject the input string (an expanded substring)
1017 value1 the length of the output string; if greater or equal to the
1018 length of the input string, the input string is returned
1019 value2 the number of hash characters to use, or 26 if negative
1020 len set to the length of the returned string
1021
1022Returns: pointer to the output string, or NULL if there is an error
1023*/
1024
1025static uschar *
1026compute_hash(uschar *subject, int value1, int value2, int *len)
1027{
1028int sublen = Ustrlen(subject);
1029
1030if (value2 < 0) value2 = 26;
1031else if (value2 > Ustrlen(hashcodes))
1032 {
1033 expand_string_message =
1034 string_sprintf("hash count \"%d\" too big", value2);
1035 return NULL;
1036 }
1037
1038/* Calculate the hash text. We know it is shorter than the original string, so
1039can safely place it in subject[] (we know that subject is always itself an
1040expanded substring). */
1041
1042if (value1 < sublen)
1043 {
1044 int c;
1045 int i = 0;
1046 int j = value1;
1047 while ((c = (subject[j])) != 0)
1048 {
1049 int shift = (c + j++) & 7;
1050 subject[i] ^= (c << shift) | (c >> (8-shift));
1051 if (++i >= value1) i = 0;
1052 }
1053 for (i = 0; i < value1; i++)
1054 subject[i] = hashcodes[(subject[i]) % value2];
1055 }
1056else value1 = sublen;
1057
1058*len = value1;
1059return subject;
1060}
1061
1062
1063
1064
1065/*************************************************
1066* Numeric hash of a string *
1067*************************************************/
1068
1069/* Perform the ${nhash expansion operation. The first characters of the
1070string are treated as most important, and get the highest prime numbers.
1071
1072Arguments:
1073 subject the input string
1074 value1 the maximum value of the first part of the result
1075 value2 the maximum value of the second part of the result,
1076 or negative to produce only a one-part result
1077 len set to the length of the returned string
1078
1079Returns: pointer to the output string, or NULL if there is an error.
1080*/
1081
1082static uschar *
1083compute_nhash (uschar *subject, int value1, int value2, int *len)
1084{
1085uschar *s = subject;
1086int i = 0;
1087unsigned long int total = 0; /* no overflow */
1088
1089while (*s != 0)
1090 {
1091 if (i == 0) i = sizeof(prime)/sizeof(int) - 1;
1092 total += prime[i--] * (unsigned int)(*s++);
1093 }
1094
1095/* If value2 is unset, just compute one number */
1096
1097if (value2 < 0)
1098 {
1099 s = string_sprintf("%d", total % value1);
1100 }
1101
1102/* Otherwise do a div/mod hash */
1103
1104else
1105 {
1106 total = total % (value1 * value2);
1107 s = string_sprintf("%d/%d", total/value2, total % value2);
1108 }
1109
1110*len = Ustrlen(s);
1111return s;
1112}
1113
1114
1115
1116
1117
1118/*************************************************
1119* Find the value of a header or headers *
1120*************************************************/
1121
1122/* Multiple instances of the same header get concatenated, and this function
1123can also return a concatenation of all the header lines. When concatenating
1124specific headers that contain lists of addresses, a comma is inserted between
1125them. Otherwise we use a straight concatenation. Because some messages can have
1126pathologically large number of lines, there is a limit on the length that is
1127returned. Also, to avoid massive store use which would result from using
1128string_cat() as it copies and extends strings, we do a preliminary pass to find
1129out exactly how much store will be needed. On "normal" messages this will be
1130pretty trivial.
1131
1132Arguments:
1133 name the name of the header, without the leading $header_ or $h_,
1134 or NULL if a concatenation of all headers is required
1135 exists_only TRUE if called from a def: test; don't need to build a string;
1136 just return a string that is not "" and not "0" if the header
1137 exists
1138 newsize return the size of memory block that was obtained; may be NULL
1139 if exists_only is TRUE
1140 want_raw TRUE if called for $rh_ or $rheader_ variables; no processing,
ff75a1f7
PH
1141 other than concatenating, will be done on the header. Also used
1142 for $message_headers_raw.
059ec3d9
PH
1143 charset name of charset to translate MIME words to; used only if
1144 want_raw is false; if NULL, no translation is done (this is
1145 used for $bh_ and $bheader_)
1146
1147Returns: NULL if the header does not exist, else a pointer to a new
1148 store block
1149*/
1150
1151static uschar *
1152find_header(uschar *name, BOOL exists_only, int *newsize, BOOL want_raw,
1153 uschar *charset)
1154{
1155BOOL found = name == NULL;
1156int comma = 0;
1157int len = found? 0 : Ustrlen(name);
1158int i;
1159uschar *yield = NULL;
1160uschar *ptr = NULL;
1161
1162/* Loop for two passes - saves code repetition */
1163
1164for (i = 0; i < 2; i++)
1165 {
1166 int size = 0;
1167 header_line *h;
1168
1169 for (h = header_list; size < header_insert_maxlen && h != NULL; h = h->next)
1170 {
1171 if (h->type != htype_old && h->text != NULL) /* NULL => Received: placeholder */
1172 {
1173 if (name == NULL || (len <= h->slen && strncmpic(name, h->text, len) == 0))
1174 {
1175 int ilen;
1176 uschar *t;
1177
1178 if (exists_only) return US"1"; /* don't need actual string */
1179 found = TRUE;
1180 t = h->text + len; /* text to insert */
1181 if (!want_raw) /* unless wanted raw, */
1182 while (isspace(*t)) t++; /* remove leading white space */
1183 ilen = h->slen - (t - h->text); /* length to insert */
1184
fd700877
PH
1185 /* Unless wanted raw, remove trailing whitespace, including the
1186 newline. */
1187
1188 if (!want_raw)
1189 while (ilen > 0 && isspace(t[ilen-1])) ilen--;
1190
059ec3d9
PH
1191 /* Set comma = 1 if handling a single header and it's one of those
1192 that contains an address list, except when asked for raw headers. Only
1193 need to do this once. */
1194
1195 if (!want_raw && name != NULL && comma == 0 &&
1196 Ustrchr("BCFRST", h->type) != NULL)
1197 comma = 1;
1198
1199 /* First pass - compute total store needed; second pass - compute
1200 total store used, including this header. */
1201
fd700877 1202 size += ilen + comma + 1; /* +1 for the newline */
059ec3d9
PH
1203
1204 /* Second pass - concatentate the data, up to a maximum. Note that
1205 the loop stops when size hits the limit. */
1206
1207 if (i != 0)
1208 {
1209 if (size > header_insert_maxlen)
1210 {
fd700877 1211 ilen -= size - header_insert_maxlen - 1;
059ec3d9
PH
1212 comma = 0;
1213 }
1214 Ustrncpy(ptr, t, ilen);
1215 ptr += ilen;
fd700877
PH
1216
1217 /* For a non-raw header, put in the comma if needed, then add
3168332a
PH
1218 back the newline we removed above, provided there was some text in
1219 the header. */
fd700877 1220
3168332a 1221 if (!want_raw && ilen > 0)
059ec3d9 1222 {
3168332a 1223 if (comma != 0) *ptr++ = ',';
059ec3d9
PH
1224 *ptr++ = '\n';
1225 }
1226 }
1227 }
1228 }
1229 }
1230
fd700877
PH
1231 /* At end of first pass, return NULL if no header found. Then truncate size
1232 if necessary, and get the buffer to hold the data, returning the buffer size.
1233 */
059ec3d9
PH
1234
1235 if (i == 0)
1236 {
1237 if (!found) return NULL;
1238 if (size > header_insert_maxlen) size = header_insert_maxlen;
1239 *newsize = size + 1;
1240 ptr = yield = store_get(*newsize);
1241 }
1242 }
1243
059ec3d9
PH
1244/* That's all we do for raw header expansion. */
1245
1246if (want_raw)
1247 {
1248 *ptr = 0;
1249 }
1250
fd700877
PH
1251/* Otherwise, remove a final newline and a redundant added comma. Then we do
1252RFC 2047 decoding, translating the charset if requested. The rfc2047_decode2()
059ec3d9
PH
1253function can return an error with decoded data if the charset translation
1254fails. If decoding fails, it returns NULL. */
1255
1256else
1257 {
1258 uschar *decoded, *error;
3168332a 1259 if (ptr > yield && ptr[-1] == '\n') ptr--;
fd700877 1260 if (ptr > yield && comma != 0 && ptr[-1] == ',') ptr--;
059ec3d9 1261 *ptr = 0;
a0d6ba8a
PH
1262 decoded = rfc2047_decode2(yield, check_rfc2047_length, charset, '?', NULL,
1263 newsize, &error);
059ec3d9
PH
1264 if (error != NULL)
1265 {
1266 DEBUG(D_any) debug_printf("*** error in RFC 2047 decoding: %s\n"
1267 " input was: %s\n", error, yield);
1268 }
1269 if (decoded != NULL) yield = decoded;
1270 }
1271
1272return yield;
1273}
1274
1275
1276
1277
1278/*************************************************
1279* Find value of a variable *
1280*************************************************/
1281
1282/* The table of variables is kept in alphabetic order, so we can search it
1283using a binary chop. The "choplen" variable is nothing to do with the binary
1284chop.
1285
1286Arguments:
1287 name the name of the variable being sought
1288 exists_only TRUE if this is a def: test; passed on to find_header()
1289 skipping TRUE => skip any processing evaluation; this is not the same as
1290 exists_only because def: may test for values that are first
1291 evaluated here
1292 newsize pointer to an int which is initially zero; if the answer is in
1293 a new memory buffer, *newsize is set to its size
1294
1295Returns: NULL if the variable does not exist, or
1296 a pointer to the variable's contents, or
1297 something non-NULL if exists_only is TRUE
1298*/
1299
1300static uschar *
1301find_variable(uschar *name, BOOL exists_only, BOOL skipping, int *newsize)
1302{
1303int first = 0;
1304int last = var_table_size;
1305
38a0a95f
PH
1306/* Handle ACL variables, whose names are of the form acl_cxxx or acl_mxxx.
1307Originally, xxx had to be a number in the range 0-9 (later 0-19), but from
1308release 4.64 onwards arbitrary names are permitted, as long as the first 5
641cb756
PH
1309characters are acl_c or acl_m and the sixth is either a digit or an underscore
1310(this gave backwards compatibility at the changeover). There may be built-in
1311variables whose names start acl_ but they should never start in this way. This
1312slightly messy specification is a consequence of the history, needless to say.
47ca6d6c 1313
38a0a95f
PH
1314If an ACL variable does not exist, treat it as empty, unless strict_acl_vars is
1315set, in which case give an error. */
47ca6d6c 1316
641cb756
PH
1317if ((Ustrncmp(name, "acl_c", 5) == 0 || Ustrncmp(name, "acl_m", 5) == 0) &&
1318 !isalpha(name[5]))
38a0a95f
PH
1319 {
1320 tree_node *node =
1321 tree_search((name[4] == 'c')? acl_var_c : acl_var_m, name + 4);
1322 return (node == NULL)? (strict_acl_vars? NULL : US"") : node->data.ptr;
47ca6d6c
PH
1323 }
1324
38a0a95f 1325/* Handle $auth<n> variables. */
f78eb7c6
PH
1326
1327if (Ustrncmp(name, "auth", 4) == 0)
1328 {
1329 uschar *endptr;
1330 int n = Ustrtoul(name + 4, &endptr, 10);
1331 if (*endptr == 0 && n != 0 && n <= AUTH_VARS)
1332 return (auth_vars[n-1] == NULL)? US"" : auth_vars[n-1];
1333 }
1334
47ca6d6c
PH
1335/* For all other variables, search the table */
1336
059ec3d9
PH
1337while (last > first)
1338 {
1339 uschar *s, *domain;
1340 uschar **ss;
1341 int middle = (first + last)/2;
1342 int c = Ustrcmp(name, var_table[middle].name);
1343
1344 if (c > 0) { first = middle + 1; continue; }
1345 if (c < 0) { last = middle; continue; }
1346
1347 /* Found an existing variable. If in skipping state, the value isn't needed,
47ca6d6c 1348 and we want to avoid processing (such as looking up the host name). */
059ec3d9
PH
1349
1350 if (skipping) return US"";
1351
1352 switch (var_table[middle].type)
1353 {
fb2274d4
TK
1354#ifdef EXPERIMENTAL_DOMAINKEYS
1355
1356 case vtype_dk_verify:
cacfbf29 1357 if (dk_verify_block == NULL) return US"";
fb2274d4
TK
1358 s = NULL;
1359 if (Ustrcmp(var_table[middle].name, "dk_result") == 0)
1360 s = dk_verify_block->result_string;
1361 if (Ustrcmp(var_table[middle].name, "dk_sender") == 0)
1362 s = dk_verify_block->address;
1363 if (Ustrcmp(var_table[middle].name, "dk_sender_domain") == 0)
1364 s = dk_verify_block->domain;
1365 if (Ustrcmp(var_table[middle].name, "dk_sender_local_part") == 0)
1366 s = dk_verify_block->local_part;
84330b7b 1367
fb2274d4
TK
1368 if (Ustrcmp(var_table[middle].name, "dk_sender_source") == 0)
1369 switch(dk_verify_block->address_source) {
a8d97c8a
PH
1370 case DK_EXIM_ADDRESS_NONE: s = US"0"; break;
1371 case DK_EXIM_ADDRESS_FROM_FROM: s = US"from"; break;
1372 case DK_EXIM_ADDRESS_FROM_SENDER: s = US"sender"; break;
fb2274d4
TK
1373 }
1374
1375 if (Ustrcmp(var_table[middle].name, "dk_status") == 0)
1376 switch(dk_verify_block->result) {
a8d97c8a
PH
1377 case DK_EXIM_RESULT_ERR: s = US"error"; break;
1378 case DK_EXIM_RESULT_BAD_FORMAT: s = US"bad format"; break;
1379 case DK_EXIM_RESULT_NO_KEY: s = US"no key"; break;
1380 case DK_EXIM_RESULT_NO_SIGNATURE: s = US"no signature"; break;
1381 case DK_EXIM_RESULT_REVOKED: s = US"revoked"; break;
1382 case DK_EXIM_RESULT_NON_PARTICIPANT: s = US"non-participant"; break;
1383 case DK_EXIM_RESULT_GOOD: s = US"good"; break;
1384 case DK_EXIM_RESULT_BAD: s = US"bad"; break;
fb2274d4 1385 }
84330b7b 1386
fb2274d4 1387 if (Ustrcmp(var_table[middle].name, "dk_signsall") == 0)
a8d97c8a 1388 s = (dk_verify_block->signsall)? US"1" : US"0";
84330b7b 1389
fb2274d4 1390 if (Ustrcmp(var_table[middle].name, "dk_testing") == 0)
a8d97c8a 1391 s = (dk_verify_block->testing)? US"1" : US"0";
84330b7b 1392
fb2274d4 1393 if (Ustrcmp(var_table[middle].name, "dk_is_signed") == 0)
a8d97c8a 1394 s = (dk_verify_block->is_signed)? US"1" : US"0";
84330b7b 1395
fb2274d4
TK
1396 return (s == NULL)? US"" : s;
1397#endif
1398
9a26b6b2
PH
1399 case vtype_filter_int:
1400 if (!filter_running) return NULL;
1401 /* Fall through */
1402 /* VVVVVVVVVVVV */
059ec3d9
PH
1403 case vtype_int:
1404 sprintf(CS var_buffer, "%d", *(int *)(var_table[middle].value)); /* Integer */
1405 return var_buffer;
1406
1407 case vtype_ino:
1408 sprintf(CS var_buffer, "%ld", (long int)(*(ino_t *)(var_table[middle].value))); /* Inode */
1409 return var_buffer;
1410
1411 case vtype_gid:
1412 sprintf(CS var_buffer, "%ld", (long int)(*(gid_t *)(var_table[middle].value))); /* gid */
1413 return var_buffer;
1414
1415 case vtype_uid:
1416 sprintf(CS var_buffer, "%ld", (long int)(*(uid_t *)(var_table[middle].value))); /* uid */
1417 return var_buffer;
1418
1419 case vtype_stringptr: /* Pointer to string */
1420 s = *((uschar **)(var_table[middle].value));
1421 return (s == NULL)? US"" : s;
1422
1423 case vtype_pid:
1424 sprintf(CS var_buffer, "%d", (int)getpid()); /* pid */
1425 return var_buffer;
1426
1427 case vtype_load_avg:
1428 sprintf(CS var_buffer, "%d", os_getloadavg()); /* load_average */
1429 return var_buffer;
1430
1431 case vtype_host_lookup: /* Lookup if not done so */
1432 if (sender_host_name == NULL && sender_host_address != NULL &&
1433 !host_lookup_failed && host_name_lookup() == OK)
1434 host_build_sender_fullhost();
1435 return (sender_host_name == NULL)? US"" : sender_host_name;
1436
1437 case vtype_localpart: /* Get local part from address */
1438 s = *((uschar **)(var_table[middle].value));
1439 if (s == NULL) return US"";
1440 domain = Ustrrchr(s, '@');
1441 if (domain == NULL) return s;
1442 if (domain - s > sizeof(var_buffer) - 1)
1443 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "local part longer than %d in "
1444 "string expansion", sizeof(var_buffer));
1445 Ustrncpy(var_buffer, s, domain - s);
1446 var_buffer[domain - s] = 0;
1447 return var_buffer;
1448
1449 case vtype_domain: /* Get domain from address */
1450 s = *((uschar **)(var_table[middle].value));
1451 if (s == NULL) return US"";
1452 domain = Ustrrchr(s, '@');
1453 return (domain == NULL)? US"" : domain + 1;
1454
1455 case vtype_msgheaders:
1456 return find_header(NULL, exists_only, newsize, FALSE, NULL);
1457
ff75a1f7
PH
1458 case vtype_msgheaders_raw:
1459 return find_header(NULL, exists_only, newsize, TRUE, NULL);
1460
059ec3d9
PH
1461 case vtype_msgbody: /* Pointer to msgbody string */
1462 case vtype_msgbody_end: /* Ditto, the end of the msg */
1463 ss = (uschar **)(var_table[middle].value);
1464 if (*ss == NULL && deliver_datafile >= 0) /* Read body when needed */
1465 {
1466 uschar *body;
0d7eb84a 1467 off_t start_offset = SPOOL_DATA_START_OFFSET;
059ec3d9
PH
1468 int len = message_body_visible;
1469 if (len > message_size) len = message_size;
1470 *ss = body = store_malloc(len+1);
1471 body[0] = 0;
1472 if (var_table[middle].type == vtype_msgbody_end)
1473 {
1474 struct stat statbuf;
1475 if (fstat(deliver_datafile, &statbuf) == 0)
1476 {
1477 start_offset = statbuf.st_size - len;
1478 if (start_offset < SPOOL_DATA_START_OFFSET)
1479 start_offset = SPOOL_DATA_START_OFFSET;
1480 }
1481 }
1482 lseek(deliver_datafile, start_offset, SEEK_SET);
1483 len = read(deliver_datafile, body, len);
1484 if (len > 0)
1485 {
1486 body[len] = 0;
1487 while (len > 0)
1488 {
1489 if (body[--len] == '\n' || body[len] == 0) body[len] = ' ';
1490 }
1491 }
1492 }
1493 return (*ss == NULL)? US"" : *ss;
1494
1495 case vtype_todbsdin: /* BSD inbox time of day */
1496 return tod_stamp(tod_bsdin);
1497
1498 case vtype_tode: /* Unix epoch time of day */
1499 return tod_stamp(tod_epoch);
1500
1501 case vtype_todf: /* Full time of day */
1502 return tod_stamp(tod_full);
1503
1504 case vtype_todl: /* Log format time of day */
1505 return tod_stamp(tod_log_bare); /* (without timezone) */
1506
1507 case vtype_todzone: /* Time zone offset only */
1508 return tod_stamp(tod_zone);
1509
1510 case vtype_todzulu: /* Zulu time */
1511 return tod_stamp(tod_zulu);
1512
1513 case vtype_todlf: /* Log file datestamp tod */
1514 return tod_stamp(tod_log_datestamp);
1515
1516 case vtype_reply: /* Get reply address */
c8ea1597 1517 s = find_header(US"reply-to:", exists_only, newsize, TRUE,
059ec3d9 1518 headers_charset);
6979240a 1519 if (s != NULL) while (isspace(*s)) s++;
059ec3d9 1520 if (s == NULL || *s == 0)
41a13e0a
PH
1521 {
1522 *newsize = 0; /* For the *s==0 case */
c8ea1597
PH
1523 s = find_header(US"from:", exists_only, newsize, TRUE, headers_charset);
1524 }
1525 if (s != NULL)
1526 {
1527 uschar *t;
1528 while (isspace(*s)) s++;
1529 for (t = s; *t != 0; t++) if (*t == '\n') *t = ' ';
6979240a
PH
1530 while (t > s && isspace(t[-1])) t--;
1531 *t = 0;
41a13e0a 1532 }
059ec3d9
PH
1533 return (s == NULL)? US"" : s;
1534
1535 /* A recipients list is available only during system message filtering,
1536 during ACL processing after DATA, and while expanding pipe commands
1537 generated from a system filter, but not elsewhere. */
1538
1539 case vtype_recipients:
1540 if (!enable_dollar_recipients) return NULL; else
1541 {
1542 int size = 128;
1543 int ptr = 0;
1544 int i;
1545 s = store_get(size);
1546 for (i = 0; i < recipients_count; i++)
1547 {
1548 if (i != 0) s = string_cat(s, &size, &ptr, US", ", 2);
1549 s = string_cat(s, &size, &ptr, recipients_list[i].address,
1550 Ustrlen(recipients_list[i].address));
1551 }
1552 s[ptr] = 0; /* string_cat() leaves room */
1553 }
1554 return s;
8e669ac1 1555
5cb8cbc6
PH
1556 case vtype_pspace:
1557 {
1558 int inodes;
8e669ac1
PH
1559 sprintf(CS var_buffer, "%d",
1560 receive_statvfs(var_table[middle].value == (void *)TRUE, &inodes));
5cb8cbc6
PH
1561 }
1562 return var_buffer;
8e669ac1 1563
5cb8cbc6
PH
1564 case vtype_pinodes:
1565 {
1566 int inodes;
8e669ac1 1567 (void) receive_statvfs(var_table[middle].value == (void *)TRUE, &inodes);
5cb8cbc6
PH
1568 sprintf(CS var_buffer, "%d", inodes);
1569 }
1570 return var_buffer;
059ec3d9
PH
1571 }
1572 }
1573
1574return NULL; /* Unknown variable name */
1575}
1576
1577
1578
1579
1580/*************************************************
1581* Read and expand substrings *
1582*************************************************/
1583
1584/* This function is called to read and expand argument substrings for various
1585expansion items. Some have a minimum requirement that is less than the maximum;
1586in these cases, the first non-present one is set to NULL.
1587
1588Arguments:
1589 sub points to vector of pointers to set
1590 n maximum number of substrings
1591 m minimum required
1592 sptr points to current string pointer
1593 skipping the skipping flag
1594 check_end if TRUE, check for final '}'
1595 name name of item, for error message
1596
1597Returns: 0 OK; string pointer updated
1598 1 curly bracketing error (too few arguments)
1599 2 too many arguments (only if check_end is set); message set
1600 3 other error (expansion failure)
1601*/
1602
1603static int
1604read_subs(uschar **sub, int n, int m, uschar **sptr, BOOL skipping,
1605 BOOL check_end, uschar *name)
1606{
1607int i;
1608uschar *s = *sptr;
1609
1610while (isspace(*s)) s++;
1611for (i = 0; i < n; i++)
1612 {
1613 if (*s != '{')
1614 {
1615 if (i < m) return 1;
1616 sub[i] = NULL;
1617 break;
1618 }
1619 sub[i] = expand_string_internal(s+1, TRUE, &s, skipping);
1620 if (sub[i] == NULL) return 3;
1621 if (*s++ != '}') return 1;
1622 while (isspace(*s)) s++;
1623 }
1624if (check_end && *s++ != '}')
1625 {
1626 if (s[-1] == '{')
1627 {
1628 expand_string_message = string_sprintf("Too many arguments for \"%s\" "
1629 "(max is %d)", name, n);
1630 return 2;
1631 }
1632 return 1;
1633 }
1634
1635*sptr = s;
1636return 0;
1637}
1638
1639
1640
1641
641cb756
PH
1642/*************************************************
1643* Elaborate message for bad variable *
1644*************************************************/
1645
1646/* For the "unknown variable" message, take a look at the variable's name, and
1647give additional information about possible ACL variables. The extra information
1648is added on to expand_string_message.
1649
1650Argument: the name of the variable
1651Returns: nothing
1652*/
1653
1654static void
1655check_variable_error_message(uschar *name)
1656{
1657if (Ustrncmp(name, "acl_", 4) == 0)
1658 expand_string_message = string_sprintf("%s (%s)", expand_string_message,
1659 (name[4] == 'c' || name[4] == 'm')?
1660 (isalpha(name[5])?
1661 US"6th character of a user-defined ACL variable must be a digit or underscore" :
1662 US"strict_acl_vars is set" /* Syntax is OK, it has to be this */
1663 ) :
1664 US"user-defined ACL variables must start acl_c or acl_m");
1665}
1666
1667
1668
059ec3d9
PH
1669/*************************************************
1670* Read and evaluate a condition *
1671*************************************************/
1672
1673/*
1674Arguments:
1675 s points to the start of the condition text
1676 yield points to a BOOL to hold the result of the condition test;
1677 if NULL, we are just reading through a condition that is
1678 part of an "or" combination to check syntax, or in a state
1679 where the answer isn't required
1680
1681Returns: a pointer to the first character after the condition, or
1682 NULL after an error
1683*/
1684
1685static uschar *
1686eval_condition(uschar *s, BOOL *yield)
1687{
1688BOOL testfor = TRUE;
1689BOOL tempcond, combined_cond;
1690BOOL *subcondptr;
1691int i, rc, cond_type, roffset;
1692int num[2];
1693struct stat statbuf;
1694uschar name[256];
1695uschar *sub[4];
1696
1697const pcre *re;
1698const uschar *rerror;
1699
1700for (;;)
1701 {
1702 while (isspace(*s)) s++;
1703 if (*s == '!') { testfor = !testfor; s++; } else break;
1704 }
1705
1706/* Numeric comparisons are symbolic */
1707
1708if (*s == '=' || *s == '>' || *s == '<')
1709 {
1710 int p = 0;
1711 name[p++] = *s++;
1712 if (*s == '=')
1713 {
1714 name[p++] = '=';
1715 s++;
1716 }
1717 name[p] = 0;
1718 }
1719
1720/* All other conditions are named */
1721
1722else s = read_name(name, 256, s, US"_");
1723
1724/* If we haven't read a name, it means some non-alpha character is first. */
1725
1726if (name[0] == 0)
1727 {
1728 expand_string_message = string_sprintf("condition name expected, "
1729 "but found \"%.16s\"", s);
1730 return NULL;
1731 }
1732
1733/* Find which condition we are dealing with, and switch on it */
1734
1735cond_type = chop_match(name, cond_table, sizeof(cond_table)/sizeof(uschar *));
1736switch(cond_type)
1737 {
9b4768fa
PH
1738 /* def: tests for a non-empty variable, or for the existence of a header. If
1739 yield == NULL we are in a skipping state, and don't care about the answer. */
059ec3d9
PH
1740
1741 case ECOND_DEF:
1742 if (*s != ':')
1743 {
1744 expand_string_message = US"\":\" expected after \"def\"";
1745 return NULL;
1746 }
1747
1748 s = read_name(name, 256, s+1, US"_");
1749
0d85fa3f
PH
1750 /* Test for a header's existence. If the name contains a closing brace
1751 character, this may be a user error where the terminating colon has been
1752 omitted. Set a flag to adjust a subsequent error message in this case. */
059ec3d9
PH
1753
1754 if (Ustrncmp(name, "h_", 2) == 0 ||
1755 Ustrncmp(name, "rh_", 3) == 0 ||
1756 Ustrncmp(name, "bh_", 3) == 0 ||
1757 Ustrncmp(name, "header_", 7) == 0 ||
1758 Ustrncmp(name, "rheader_", 8) == 0 ||
1759 Ustrncmp(name, "bheader_", 8) == 0)
1760 {
1761 s = read_header_name(name, 256, s);
0d85fa3f 1762 if (Ustrchr(name, '}') != NULL) malformed_header = TRUE;
059ec3d9
PH
1763 if (yield != NULL) *yield =
1764 (find_header(name, TRUE, NULL, FALSE, NULL) != NULL) == testfor;
1765 }
1766
9b4768fa
PH
1767 /* Test for a variable's having a non-empty value. A non-existent variable
1768 causes an expansion failure. */
059ec3d9
PH
1769
1770 else
1771 {
1772 uschar *value = find_variable(name, TRUE, yield == NULL, NULL);
1773 if (value == NULL)
1774 {
1775 expand_string_message = (name[0] == 0)?
1776 string_sprintf("variable name omitted after \"def:\"") :
1777 string_sprintf("unknown variable \"%s\" after \"def:\"", name);
641cb756 1778 check_variable_error_message(name);
059ec3d9
PH
1779 return NULL;
1780 }
9b4768fa 1781 if (yield != NULL) *yield = (value[0] != 0) == testfor;
059ec3d9
PH
1782 }
1783
1784 return s;
1785
1786
1787 /* first_delivery tests for first delivery attempt */
1788
1789 case ECOND_FIRST_DELIVERY:
1790 if (yield != NULL) *yield = deliver_firsttime == testfor;
1791 return s;
1792
1793
1794 /* queue_running tests for any process started by a queue runner */
1795
1796 case ECOND_QUEUE_RUNNING:
1797 if (yield != NULL) *yield = (queue_run_pid != (pid_t)0) == testfor;
1798 return s;
1799
1800
1801 /* exists: tests for file existence
1802 isip: tests for any IP address
1803 isip4: tests for an IPv4 address
1804 isip6: tests for an IPv6 address
1805 pam: does PAM authentication
1806 radius: does RADIUS authentication
1807 ldapauth: does LDAP authentication
1808 pwcheck: does Cyrus SASL pwcheck authentication
1809 */
1810
1811 case ECOND_EXISTS:
1812 case ECOND_ISIP:
1813 case ECOND_ISIP4:
1814 case ECOND_ISIP6:
1815 case ECOND_PAM:
1816 case ECOND_RADIUS:
1817 case ECOND_LDAPAUTH:
1818 case ECOND_PWCHECK:
1819
1820 while (isspace(*s)) s++;
1821 if (*s != '{') goto COND_FAILED_CURLY_START;
1822
1823 sub[0] = expand_string_internal(s+1, TRUE, &s, yield == NULL);
1824 if (sub[0] == NULL) return NULL;
1825 if (*s++ != '}') goto COND_FAILED_CURLY_END;
1826
1827 if (yield == NULL) return s; /* No need to run the test if skipping */
1828
1829 switch(cond_type)
1830 {
1831 case ECOND_EXISTS:
1832 if ((expand_forbid & RDO_EXISTS) != 0)
1833 {
1834 expand_string_message = US"File existence tests are not permitted";
1835 return NULL;
1836 }
1837 *yield = (Ustat(sub[0], &statbuf) == 0) == testfor;
1838 break;
1839
1840 case ECOND_ISIP:
1841 case ECOND_ISIP4:
1842 case ECOND_ISIP6:
1843 rc = string_is_ip_address(sub[0], NULL);
7e66e54d 1844 *yield = ((cond_type == ECOND_ISIP)? (rc != 0) :
059ec3d9
PH
1845 (cond_type == ECOND_ISIP4)? (rc == 4) : (rc == 6)) == testfor;
1846 break;
1847
1848 /* Various authentication tests - all optionally compiled */
1849
1850 case ECOND_PAM:
1851 #ifdef SUPPORT_PAM
1852 rc = auth_call_pam(sub[0], &expand_string_message);
1853 goto END_AUTH;
1854 #else
1855 goto COND_FAILED_NOT_COMPILED;
1856 #endif /* SUPPORT_PAM */
1857
1858 case ECOND_RADIUS:
1859 #ifdef RADIUS_CONFIG_FILE
1860 rc = auth_call_radius(sub[0], &expand_string_message);
1861 goto END_AUTH;
1862 #else
1863 goto COND_FAILED_NOT_COMPILED;
1864 #endif /* RADIUS_CONFIG_FILE */
1865
1866 case ECOND_LDAPAUTH:
1867 #ifdef LOOKUP_LDAP
1868 {
1869 /* Just to keep the interface the same */
1870 BOOL do_cache;
1871 int old_pool = store_pool;
1872 store_pool = POOL_SEARCH;
1873 rc = eldapauth_find((void *)(-1), NULL, sub[0], Ustrlen(sub[0]), NULL,
1874 &expand_string_message, &do_cache);
1875 store_pool = old_pool;
1876 }
1877 goto END_AUTH;
1878 #else
1879 goto COND_FAILED_NOT_COMPILED;
1880 #endif /* LOOKUP_LDAP */
1881
1882 case ECOND_PWCHECK:
1883 #ifdef CYRUS_PWCHECK_SOCKET
1884 rc = auth_call_pwcheck(sub[0], &expand_string_message);
1885 goto END_AUTH;
1886 #else
1887 goto COND_FAILED_NOT_COMPILED;
1888 #endif /* CYRUS_PWCHECK_SOCKET */
1889
1890 #if defined(SUPPORT_PAM) || defined(RADIUS_CONFIG_FILE) || \
1891 defined(LOOKUP_LDAP) || defined(CYRUS_PWCHECK_SOCKET)
1892 END_AUTH:
1893 if (rc == ERROR || rc == DEFER) return NULL;
1894 *yield = (rc == OK) == testfor;
1895 #endif
1896 }
1897 return s;
1898
1899
1900 /* saslauthd: does Cyrus saslauthd authentication. Four parameters are used:
1901
1902 ${if saslauthd {{username}{password}{service}{realm}} {yes}[no}}
1903
1904 However, the last two are optional. That is why the whole set is enclosed
1905 in their own set or braces. */
1906
1907 case ECOND_SASLAUTHD:
1908 #ifndef CYRUS_SASLAUTHD_SOCKET
1909 goto COND_FAILED_NOT_COMPILED;
1910 #else
1911 while (isspace(*s)) s++;
1912 if (*s++ != '{') goto COND_FAILED_CURLY_START;
1913 switch(read_subs(sub, 4, 2, &s, yield == NULL, TRUE, US"saslauthd"))
1914 {
1915 case 1: expand_string_message = US"too few arguments or bracketing "
1916 "error for saslauthd";
1917 case 2:
1918 case 3: return NULL;
1919 }
1920 if (sub[2] == NULL) sub[3] = NULL; /* realm if no service */
1921 if (yield != NULL)
1922 {
1923 int rc;
1924 rc = auth_call_saslauthd(sub[0], sub[1], sub[2], sub[3],
1925 &expand_string_message);
1926 if (rc == ERROR || rc == DEFER) return NULL;
1927 *yield = (rc == OK) == testfor;
1928 }
1929 return s;
1930 #endif /* CYRUS_SASLAUTHD_SOCKET */
1931
1932
1933 /* symbolic operators for numeric and string comparison, and a number of
1934 other operators, all requiring two arguments.
1935
1936 match: does a regular expression match and sets up the numerical
1937 variables if it succeeds
1938 match_address: matches in an address list
1939 match_domain: matches in a domain list
32d668a5 1940 match_ip: matches a host list that is restricted to IP addresses
059ec3d9
PH
1941 match_local_part: matches in a local part list
1942 crypteq: encrypts plaintext and compares against an encrypted text,
1943 using crypt(), crypt16(), MD5 or SHA-1
1944 */
1945
1946 case ECOND_MATCH:
1947 case ECOND_MATCH_ADDRESS:
1948 case ECOND_MATCH_DOMAIN:
32d668a5 1949 case ECOND_MATCH_IP:
059ec3d9
PH
1950 case ECOND_MATCH_LOCAL_PART:
1951 case ECOND_CRYPTEQ:
1952
1953 case ECOND_NUM_L: /* Numerical comparisons */
1954 case ECOND_NUM_LE:
1955 case ECOND_NUM_E:
1956 case ECOND_NUM_EE:
1957 case ECOND_NUM_G:
1958 case ECOND_NUM_GE:
1959
1960 case ECOND_STR_LT: /* String comparisons */
1961 case ECOND_STR_LTI:
1962 case ECOND_STR_LE:
1963 case ECOND_STR_LEI:
1964 case ECOND_STR_EQ:
1965 case ECOND_STR_EQI:
1966 case ECOND_STR_GT:
1967 case ECOND_STR_GTI:
1968 case ECOND_STR_GE:
1969 case ECOND_STR_GEI:
1970
1971 for (i = 0; i < 2; i++)
1972 {
1973 while (isspace(*s)) s++;
1974 if (*s != '{')
1975 {
1976 if (i == 0) goto COND_FAILED_CURLY_START;
1977 expand_string_message = string_sprintf("missing 2nd string in {} "
1978 "after \"%s\"", name);
1979 return NULL;
1980 }
1981 sub[i] = expand_string_internal(s+1, TRUE, &s, yield == NULL);
1982 if (sub[i] == NULL) return NULL;
1983 if (*s++ != '}') goto COND_FAILED_CURLY_END;
1984
1985 /* Convert to numerical if required; we know that the names of all the
1986 conditions that compare numbers do not start with a letter. This just saves
1987 checking for them individually. */
1988
d6066548 1989 if (!isalpha(name[0]) && yield != NULL)
059ec3d9 1990 {
d45b1de8
PH
1991 num[i] = expand_string_integer(sub[i], FALSE);
1992 if (expand_string_message != NULL) return NULL;
059ec3d9
PH
1993 }
1994 }
1995
1996 /* Result not required */
1997
1998 if (yield == NULL) return s;
1999
2000 /* Do an appropriate comparison */
2001
2002 switch(cond_type)
2003 {
2004 case ECOND_NUM_E:
2005 case ECOND_NUM_EE:
2006 *yield = (num[0] == num[1]) == testfor;
2007 break;
2008
2009 case ECOND_NUM_G:
2010 *yield = (num[0] > num[1]) == testfor;
2011 break;
2012
2013 case ECOND_NUM_GE:
2014 *yield = (num[0] >= num[1]) == testfor;
2015 break;
2016
2017 case ECOND_NUM_L:
2018 *yield = (num[0] < num[1]) == testfor;
2019 break;
2020
2021 case ECOND_NUM_LE:
2022 *yield = (num[0] <= num[1]) == testfor;
2023 break;
2024
2025 case ECOND_STR_LT:
2026 *yield = (Ustrcmp(sub[0], sub[1]) < 0) == testfor;
2027 break;
2028
2029 case ECOND_STR_LTI:
2030 *yield = (strcmpic(sub[0], sub[1]) < 0) == testfor;
2031 break;
2032
2033 case ECOND_STR_LE:
2034 *yield = (Ustrcmp(sub[0], sub[1]) <= 0) == testfor;
2035 break;
2036
2037 case ECOND_STR_LEI:
2038 *yield = (strcmpic(sub[0], sub[1]) <= 0) == testfor;
2039 break;
2040
2041 case ECOND_STR_EQ:
2042 *yield = (Ustrcmp(sub[0], sub[1]) == 0) == testfor;
2043 break;
2044
2045 case ECOND_STR_EQI:
2046 *yield = (strcmpic(sub[0], sub[1]) == 0) == testfor;
2047 break;
2048
2049 case ECOND_STR_GT:
2050 *yield = (Ustrcmp(sub[0], sub[1]) > 0) == testfor;
2051 break;
2052
2053 case ECOND_STR_GTI:
2054 *yield = (strcmpic(sub[0], sub[1]) > 0) == testfor;
2055 break;
2056
2057 case ECOND_STR_GE:
2058 *yield = (Ustrcmp(sub[0], sub[1]) >= 0) == testfor;
2059 break;
2060
2061 case ECOND_STR_GEI:
2062 *yield = (strcmpic(sub[0], sub[1]) >= 0) == testfor;
2063 break;
2064
2065 case ECOND_MATCH: /* Regular expression match */
2066 re = pcre_compile(CS sub[1], PCRE_COPT, (const char **)&rerror, &roffset,
2067 NULL);
2068 if (re == NULL)
2069 {
2070 expand_string_message = string_sprintf("regular expression error in "
2071 "\"%s\": %s at offset %d", sub[1], rerror, roffset);
2072 return NULL;
2073 }
2074 *yield = regex_match_and_setup(re, sub[0], 0, -1) == testfor;
2075 break;
2076
2077 case ECOND_MATCH_ADDRESS: /* Match in an address list */
2078 rc = match_address_list(sub[0], TRUE, FALSE, &(sub[1]), NULL, -1, 0, NULL);
2079 goto MATCHED_SOMETHING;
2080
2081 case ECOND_MATCH_DOMAIN: /* Match in a domain list */
2082 rc = match_isinlist(sub[0], &(sub[1]), 0, &domainlist_anchor, NULL,
2083 MCL_DOMAIN + MCL_NOEXPAND, TRUE, NULL);
2084 goto MATCHED_SOMETHING;
2085
32d668a5 2086 case ECOND_MATCH_IP: /* Match IP address in a host list */
7e66e54d 2087 if (sub[0][0] != 0 && string_is_ip_address(sub[0], NULL) == 0)
32d668a5
PH
2088 {
2089 expand_string_message = string_sprintf("\"%s\" is not an IP address",
2090 sub[0]);
2091 return NULL;
2092 }
2093 else
2094 {
2095 unsigned int *nullcache = NULL;
2096 check_host_block cb;
2097
2098 cb.host_name = US"";
2099 cb.host_address = sub[0];
2100
2101 /* If the host address starts off ::ffff: it is an IPv6 address in
2102 IPv4-compatible mode. Find the IPv4 part for checking against IPv4
2103 addresses. */
2104
2105 cb.host_ipv4 = (Ustrncmp(cb.host_address, "::ffff:", 7) == 0)?
2106 cb.host_address + 7 : cb.host_address;
2107
2108 rc = match_check_list(
2109 &sub[1], /* the list */
2110 0, /* separator character */
2111 &hostlist_anchor, /* anchor pointer */
2112 &nullcache, /* cache pointer */
2113 check_host, /* function for testing */
2114 &cb, /* argument for function */
2115 MCL_HOST, /* type of check */
2116 sub[0], /* text for debugging */
2117 NULL); /* where to pass back data */
2118 }
2119 goto MATCHED_SOMETHING;
2120
059ec3d9
PH
2121 case ECOND_MATCH_LOCAL_PART:
2122 rc = match_isinlist(sub[0], &(sub[1]), 0, &localpartlist_anchor, NULL,
2123 MCL_LOCALPART + MCL_NOEXPAND, TRUE, NULL);
2124 /* Fall through */
9a26b6b2 2125 /* VVVVVVVVVVVV */
059ec3d9
PH
2126 MATCHED_SOMETHING:
2127 switch(rc)
2128 {
2129 case OK:
2130 *yield = testfor;
2131 break;
2132
2133 case FAIL:
2134 *yield = !testfor;
2135 break;
2136
2137 case DEFER:
2138 expand_string_message = string_sprintf("unable to complete match "
2139 "against \"%s\": %s", sub[1], search_error_message);
2140 return NULL;
2141 }
2142
2143 break;
2144
2145 /* Various "encrypted" comparisons. If the second string starts with
2146 "{" then an encryption type is given. Default to crypt() or crypt16()
2147 (build-time choice). */
2148
2149 case ECOND_CRYPTEQ:
2150 #ifndef SUPPORT_CRYPTEQ
2151 goto COND_FAILED_NOT_COMPILED;
2152 #else
2153 if (strncmpic(sub[1], US"{md5}", 5) == 0)
2154 {
2155 int sublen = Ustrlen(sub[1]+5);
2156 md5 base;
2157 uschar digest[16];
2158
2159 md5_start(&base);
2160 md5_end(&base, (uschar *)sub[0], Ustrlen(sub[0]), digest);
2161
2162 /* If the length that we are comparing against is 24, the MD5 digest
2163 is expressed as a base64 string. This is the way LDAP does it. However,
2164 some other software uses a straightforward hex representation. We assume
2165 this if the length is 32. Other lengths fail. */
2166
2167 if (sublen == 24)
2168 {
2169 uschar *coded = auth_b64encode((uschar *)digest, 16);
2170 DEBUG(D_auth) debug_printf("crypteq: using MD5+B64 hashing\n"
2171 " subject=%s\n crypted=%s\n", coded, sub[1]+5);
2172 *yield = (Ustrcmp(coded, sub[1]+5) == 0) == testfor;
2173 }
2174 else if (sublen == 32)
2175 {
2176 int i;
2177 uschar coded[36];
2178 for (i = 0; i < 16; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
2179 coded[32] = 0;
2180 DEBUG(D_auth) debug_printf("crypteq: using MD5+hex hashing\n"
2181 " subject=%s\n crypted=%s\n", coded, sub[1]+5);
2182 *yield = (strcmpic(coded, sub[1]+5) == 0) == testfor;
2183 }
2184 else
2185 {
2186 DEBUG(D_auth) debug_printf("crypteq: length for MD5 not 24 or 32: "
2187 "fail\n crypted=%s\n", sub[1]+5);
2188 *yield = !testfor;
2189 }
2190 }
2191
2192 else if (strncmpic(sub[1], US"{sha1}", 6) == 0)
2193 {
2194 int sublen = Ustrlen(sub[1]+6);
2195 sha1 base;
2196 uschar digest[20];
2197
2198 sha1_start(&base);
2199 sha1_end(&base, (uschar *)sub[0], Ustrlen(sub[0]), digest);
2200
2201 /* If the length that we are comparing against is 28, assume the SHA1
2202 digest is expressed as a base64 string. If the length is 40, assume a
2203 straightforward hex representation. Other lengths fail. */
2204
2205 if (sublen == 28)
2206 {
2207 uschar *coded = auth_b64encode((uschar *)digest, 20);
2208 DEBUG(D_auth) debug_printf("crypteq: using SHA1+B64 hashing\n"
2209 " subject=%s\n crypted=%s\n", coded, sub[1]+6);
2210 *yield = (Ustrcmp(coded, sub[1]+6) == 0) == testfor;
2211 }
2212 else if (sublen == 40)
2213 {
2214 int i;
2215 uschar coded[44];
2216 for (i = 0; i < 20; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
2217 coded[40] = 0;
2218 DEBUG(D_auth) debug_printf("crypteq: using SHA1+hex hashing\n"
2219 " subject=%s\n crypted=%s\n", coded, sub[1]+6);
2220 *yield = (strcmpic(coded, sub[1]+6) == 0) == testfor;
2221 }
2222 else
2223 {
2224 DEBUG(D_auth) debug_printf("crypteq: length for SHA-1 not 28 or 40: "
2225 "fail\n crypted=%s\n", sub[1]+6);
2226 *yield = !testfor;
2227 }
2228 }
2229
2230 else /* {crypt} or {crypt16} and non-{ at start */
2231 {
2232 int which = 0;
2233 uschar *coded;
2234
2235 if (strncmpic(sub[1], US"{crypt}", 7) == 0)
2236 {
2237 sub[1] += 7;
2238 which = 1;
2239 }
2240 else if (strncmpic(sub[1], US"{crypt16}", 9) == 0)
2241 {
2242 sub[1] += 9;
2243 which = 2;
2244 }
2245 else if (sub[1][0] == '{')
2246 {
2247 expand_string_message = string_sprintf("unknown encryption mechanism "
2248 "in \"%s\"", sub[1]);
2249 return NULL;
2250 }
2251
2252 switch(which)
2253 {
2254 case 0: coded = US DEFAULT_CRYPT(CS sub[0], CS sub[1]); break;
2255 case 1: coded = US crypt(CS sub[0], CS sub[1]); break;
2256 default: coded = US crypt16(CS sub[0], CS sub[1]); break;
2257 }
2258
2259 #define STR(s) # s
2260 #define XSTR(s) STR(s)
2261 DEBUG(D_auth) debug_printf("crypteq: using %s()\n"
2262 " subject=%s\n crypted=%s\n",
2263 (which == 0)? XSTR(DEFAULT_CRYPT) : (which == 1)? "crypt" : "crypt16",
2264 coded, sub[1]);
2265 #undef STR
2266 #undef XSTR
2267
2268 /* If the encrypted string contains fewer than two characters (for the
2269 salt), force failure. Otherwise we get false positives: with an empty
2270 string the yield of crypt() is an empty string! */
2271
2272 *yield = (Ustrlen(sub[1]) < 2)? !testfor :
2273 (Ustrcmp(coded, sub[1]) == 0) == testfor;
2274 }
2275 break;
2276 #endif /* SUPPORT_CRYPTEQ */
2277 } /* Switch for comparison conditions */
2278
2279 return s; /* End of comparison conditions */
2280
2281
2282 /* and/or: computes logical and/or of several conditions */
2283
2284 case ECOND_AND:
2285 case ECOND_OR:
2286 subcondptr = (yield == NULL)? NULL : &tempcond;
2287 combined_cond = (cond_type == ECOND_AND);
2288
2289 while (isspace(*s)) s++;
2290 if (*s++ != '{') goto COND_FAILED_CURLY_START;
2291
2292 for (;;)
2293 {
2294 while (isspace(*s)) s++;
2295 if (*s == '}') break;
2296 if (*s != '{')
2297 {
2298 expand_string_message = string_sprintf("each subcondition "
2299 "inside an \"%s{...}\" condition must be in its own {}", name);
2300 return NULL;
2301 }
2302
2303 s = eval_condition(s+1, subcondptr);
2304 if (s == NULL)
2305 {
2306 expand_string_message = string_sprintf("%s inside \"%s{...}\" condition",
2307 expand_string_message, name);
2308 return NULL;
2309 }
2310 while (isspace(*s)) s++;
2311
2312 if (*s++ != '}')
2313 {
2314 expand_string_message = string_sprintf("missing } at end of condition "
2315 "inside \"%s\" group", name);
2316 return NULL;
2317 }
2318
2319 if (yield != NULL)
2320 {
2321 if (cond_type == ECOND_AND)
2322 {
2323 combined_cond &= tempcond;
2324 if (!combined_cond) subcondptr = NULL; /* once false, don't */
2325 } /* evaluate any more */
2326 else
2327 {
2328 combined_cond |= tempcond;
2329 if (combined_cond) subcondptr = NULL; /* once true, don't */
2330 } /* evaluate any more */
2331 }
2332 }
2333
2334 if (yield != NULL) *yield = (combined_cond == testfor);
2335 return ++s;
2336
2337
2338 /* Unknown condition */
2339
2340 default:
2341 expand_string_message = string_sprintf("unknown condition \"%s\"", name);
2342 return NULL;
2343 } /* End switch on condition type */
2344
2345/* Missing braces at start and end of data */
2346
2347COND_FAILED_CURLY_START:
2348expand_string_message = string_sprintf("missing { after \"%s\"", name);
2349return NULL;
2350
2351COND_FAILED_CURLY_END:
2352expand_string_message = string_sprintf("missing } at end of \"%s\" condition",
2353 name);
2354return NULL;
2355
2356/* A condition requires code that is not compiled */
2357
2358#if !defined(SUPPORT_PAM) || !defined(RADIUS_CONFIG_FILE) || \
2359 !defined(LOOKUP_LDAP) || !defined(CYRUS_PWCHECK_SOCKET) || \
2360 !defined(SUPPORT_CRYPTEQ) || !defined(CYRUS_SASLAUTHD_SOCKET)
2361COND_FAILED_NOT_COMPILED:
2362expand_string_message = string_sprintf("support for \"%s\" not compiled",
2363 name);
2364return NULL;
2365#endif
2366}
2367
2368
2369
2370
2371/*************************************************
2372* Save numerical variables *
2373*************************************************/
2374
2375/* This function is called from items such as "if" that want to preserve and
2376restore the numbered variables.
2377
2378Arguments:
2379 save_expand_string points to an array of pointers to set
2380 save_expand_nlength points to an array of ints for the lengths
2381
2382Returns: the value of expand max to save
2383*/
2384
2385static int
2386save_expand_strings(uschar **save_expand_nstring, int *save_expand_nlength)
2387{
2388int i;
2389for (i = 0; i <= expand_nmax; i++)
2390 {
2391 save_expand_nstring[i] = expand_nstring[i];
2392 save_expand_nlength[i] = expand_nlength[i];
2393 }
2394return expand_nmax;
2395}
2396
2397
2398
2399/*************************************************
2400* Restore numerical variables *
2401*************************************************/
2402
2403/* This function restored saved values of numerical strings.
2404
2405Arguments:
2406 save_expand_nmax the number of strings to restore
2407 save_expand_string points to an array of pointers
2408 save_expand_nlength points to an array of ints
2409
2410Returns: nothing
2411*/
2412
2413static void
2414restore_expand_strings(int save_expand_nmax, uschar **save_expand_nstring,
2415 int *save_expand_nlength)
2416{
2417int i;
2418expand_nmax = save_expand_nmax;
2419for (i = 0; i <= expand_nmax; i++)
2420 {
2421 expand_nstring[i] = save_expand_nstring[i];
2422 expand_nlength[i] = save_expand_nlength[i];
2423 }
2424}
2425
2426
2427
2428
2429
2430/*************************************************
2431* Handle yes/no substrings *
2432*************************************************/
2433
2434/* This function is used by ${if}, ${lookup} and ${extract} to handle the
2435alternative substrings that depend on whether or not the condition was true,
2436or the lookup or extraction succeeded. The substrings always have to be
2437expanded, to check their syntax, but "skipping" is set when the result is not
2438needed - this avoids unnecessary nested lookups.
2439
2440Arguments:
2441 skipping TRUE if we were skipping when this item was reached
2442 yes TRUE if the first string is to be used, else use the second
2443 save_lookup a value to put back into lookup_value before the 2nd expansion
2444 sptr points to the input string pointer
2445 yieldptr points to the output string pointer
2446 sizeptr points to the output string size
2447 ptrptr points to the output string pointer
2448 type "lookup" or "if" or "extract" or "run", for error message
2449
2450Returns: 0 OK; lookup_value has been reset to save_lookup
2451 1 expansion failed
2452 2 expansion failed because of bracketing error
2453*/
2454
2455static int
2456process_yesno(BOOL skipping, BOOL yes, uschar *save_lookup, uschar **sptr,
2457 uschar **yieldptr, int *sizeptr, int *ptrptr, uschar *type)
2458{
2459int rc = 0;
2460uschar *s = *sptr; /* Local value */
2461uschar *sub1, *sub2;
2462
2463/* If there are no following strings, we substitute the contents of $value for
063b1e99 2464lookups and for extractions in the success case. For the ${if item, the string
8e669ac1 2465"true" is substituted. In the fail case, nothing is substituted for all three
063b1e99 2466items. */
059ec3d9
PH
2467
2468while (isspace(*s)) s++;
2469if (*s == '}')
2470 {
063b1e99
PH
2471 if (type[0] == 'i')
2472 {
8e669ac1 2473 if (yes) *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, US"true", 4);
063b1e99
PH
2474 }
2475 else
8e669ac1 2476 {
063b1e99
PH
2477 if (yes && lookup_value != NULL)
2478 *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, lookup_value,
2479 Ustrlen(lookup_value));
2480 lookup_value = save_lookup;
2481 }
059ec3d9
PH
2482 s++;
2483 goto RETURN;
2484 }
2485
9b4768fa
PH
2486/* The first following string must be braced. */
2487
2488if (*s++ != '{') goto FAILED_CURLY;
2489
059ec3d9
PH
2490/* Expand the first substring. Forced failures are noticed only if we actually
2491want this string. Set skipping in the call in the fail case (this will always
2492be the case if we were already skipping). */
2493
9b4768fa 2494sub1 = expand_string_internal(s, TRUE, &s, !yes);
059ec3d9
PH
2495if (sub1 == NULL && (yes || !expand_string_forcedfail)) goto FAILED;
2496expand_string_forcedfail = FALSE;
2497if (*s++ != '}') goto FAILED_CURLY;
2498
2499/* If we want the first string, add it to the output */
2500
2501if (yes)
2502 *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, sub1, Ustrlen(sub1));
2503
2504/* If this is called from a lookup or an extract, we want to restore $value to
2505what it was at the start of the item, so that it has this value during the
d20976dc
PH
2506second string expansion. For the call from "if" or "run" to this function,
2507save_lookup is set to lookup_value, so that this statement does nothing. */
059ec3d9
PH
2508
2509lookup_value = save_lookup;
2510
2511/* There now follows either another substring, or "fail", or nothing. This
2512time, forced failures are noticed only if we want the second string. We must
2513set skipping in the nested call if we don't want this string, or if we were
2514already skipping. */
2515
2516while (isspace(*s)) s++;
2517if (*s == '{')
2518 {
2519 sub2 = expand_string_internal(s+1, TRUE, &s, yes || skipping);
2520 if (sub2 == NULL && (!yes || !expand_string_forcedfail)) goto FAILED;
2521 expand_string_forcedfail = FALSE;
2522 if (*s++ != '}') goto FAILED_CURLY;
2523
2524 /* If we want the second string, add it to the output */
2525
2526 if (!yes)
2527 *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, sub2, Ustrlen(sub2));
2528 }
2529
2530/* If there is no second string, but the word "fail" is present when the use of
2531the second string is wanted, set a flag indicating it was a forced failure
2532rather than a syntactic error. Swallow the terminating } in case this is nested
2533inside another lookup or if or extract. */
2534
2535else if (*s != '}')
2536 {
2537 uschar name[256];
2538 s = read_name(name, sizeof(name), s, US"_");
2539 if (Ustrcmp(name, "fail") == 0)
2540 {
2541 if (!yes && !skipping)
2542 {
2543 while (isspace(*s)) s++;
2544 if (*s++ != '}') goto FAILED_CURLY;
2545 expand_string_message =
2546 string_sprintf("\"%s\" failed and \"fail\" requested", type);
2547 expand_string_forcedfail = TRUE;
2548 goto FAILED;
2549 }
2550 }
2551 else
2552 {
2553 expand_string_message =
2554 string_sprintf("syntax error in \"%s\" item - \"fail\" expected", type);
2555 goto FAILED;
2556 }
2557 }
2558
2559/* All we have to do now is to check on the final closing brace. */
2560
2561while (isspace(*s)) s++;
2562if (*s++ == '}') goto RETURN;
2563
2564/* Get here if there is a bracketing failure */
2565
2566FAILED_CURLY:
2567rc++;
2568
2569/* Get here for other failures */
2570
2571FAILED:
2572rc++;
2573
2574/* Update the input pointer value before returning */
2575
2576RETURN:
2577*sptr = s;
2578return rc;
2579}
2580
2581
2582
2583
059ec3d9
PH
2584/*************************************************
2585* Handle MD5 or SHA-1 computation for HMAC *
2586*************************************************/
2587
2588/* These are some wrapping functions that enable the HMAC code to be a bit
2589cleaner. A good compiler will spot the tail recursion.
2590
2591Arguments:
2592 type HMAC_MD5 or HMAC_SHA1
2593 remaining are as for the cryptographic hash functions
2594
2595Returns: nothing
2596*/
2597
2598static void
2599chash_start(int type, void *base)
2600{
2601if (type == HMAC_MD5)
2602 md5_start((md5 *)base);
2603else
2604 sha1_start((sha1 *)base);
2605}
2606
2607static void
2608chash_mid(int type, void *base, uschar *string)
2609{
2610if (type == HMAC_MD5)
2611 md5_mid((md5 *)base, string);
2612else
2613 sha1_mid((sha1 *)base, string);
2614}
2615
2616static void
2617chash_end(int type, void *base, uschar *string, int length, uschar *digest)
2618{
2619if (type == HMAC_MD5)
2620 md5_end((md5 *)base, string, length, digest);
2621else
2622 sha1_end((sha1 *)base, string, length, digest);
2623}
2624
2625
2626
2627
2628
1549ea3b
PH
2629/********************************************************
2630* prvs: Get last three digits of days since Jan 1, 1970 *
2631********************************************************/
2632
2633/* This is needed to implement the "prvs" BATV reverse
2634 path signing scheme
2635
2636Argument: integer "days" offset to add or substract to
2637 or from the current number of days.
2638
2639Returns: pointer to string containing the last three
2640 digits of the number of days since Jan 1, 1970,
2641 modified by the offset argument, NULL if there
2642 was an error in the conversion.
2643
2644*/
2645
2646static uschar *
2647prvs_daystamp(int day_offset)
2648{
a86229cf
PH
2649uschar *days = store_get(32); /* Need at least 24 for cases */
2650(void)string_format(days, 32, TIME_T_FMT, /* where TIME_T_FMT is %lld */
1549ea3b 2651 (time(NULL) + day_offset*86400)/86400);
e169f567 2652return (Ustrlen(days) >= 3) ? &days[Ustrlen(days)-3] : US"100";
1549ea3b
PH
2653}
2654
2655
2656
2657/********************************************************
2658* prvs: perform HMAC-SHA1 computation of prvs bits *
2659********************************************************/
2660
2661/* This is needed to implement the "prvs" BATV reverse
2662 path signing scheme
2663
2664Arguments:
2665 address RFC2821 Address to use
2666 key The key to use (must be less than 64 characters
2667 in size)
2668 key_num Single-digit key number to use. Defaults to
2669 '0' when NULL.
2670
2671Returns: pointer to string containing the first three
2672 bytes of the final hash in hex format, NULL if
2673 there was an error in the process.
2674*/
2675
2676static uschar *
2677prvs_hmac_sha1(uschar *address, uschar *key, uschar *key_num, uschar *daystamp)
2678{
2679uschar *hash_source, *p;
2680int size = 0,offset = 0,i;
2681sha1 sha1_base;
2682void *use_base = &sha1_base;
2683uschar innerhash[20];
2684uschar finalhash[20];
2685uschar innerkey[64];
2686uschar outerkey[64];
2687uschar *finalhash_hex = store_get(40);
2688
2689if (key_num == NULL)
2690 key_num = US"0";
2691
2692if (Ustrlen(key) > 64)
2693 return NULL;
2694
2695hash_source = string_cat(NULL,&size,&offset,key_num,1);
2696string_cat(hash_source,&size,&offset,daystamp,3);
2697string_cat(hash_source,&size,&offset,address,Ustrlen(address));
2698hash_source[offset] = '\0';
2699
2700DEBUG(D_expand) debug_printf("prvs: hash source is '%s'\n", hash_source);
2701
2702memset(innerkey, 0x36, 64);
2703memset(outerkey, 0x5c, 64);
2704
2705for (i = 0; i < Ustrlen(key); i++)
2706 {
2707 innerkey[i] ^= key[i];
2708 outerkey[i] ^= key[i];
2709 }
2710
2711chash_start(HMAC_SHA1, use_base);
2712chash_mid(HMAC_SHA1, use_base, innerkey);
2713chash_end(HMAC_SHA1, use_base, hash_source, offset, innerhash);
2714
2715chash_start(HMAC_SHA1, use_base);
2716chash_mid(HMAC_SHA1, use_base, outerkey);
2717chash_end(HMAC_SHA1, use_base, innerhash, 20, finalhash);
2718
2719p = finalhash_hex;
2720for (i = 0; i < 3; i++)
2721 {
2722 *p++ = hex_digits[(finalhash[i] & 0xf0) >> 4];
2723 *p++ = hex_digits[finalhash[i] & 0x0f];
2724 }
2725*p = '\0';
2726
2727return finalhash_hex;
2728}
2729
2730
2731
2732
059ec3d9
PH
2733/*************************************************
2734* Join a file onto the output string *
2735*************************************************/
2736
2737/* This is used for readfile and after a run expansion. It joins the contents
2738of a file onto the output string, globally replacing newlines with a given
2739string (optionally). The file is closed at the end.
2740
2741Arguments:
2742 f the FILE
2743 yield pointer to the expandable string
2744 sizep pointer to the current size
2745 ptrp pointer to the current position
2746 eol newline replacement string, or NULL
2747
2748Returns: new value of string pointer
2749*/
2750
2751static uschar *
2752cat_file(FILE *f, uschar *yield, int *sizep, int *ptrp, uschar *eol)
2753{
2754int eollen;
2755uschar buffer[1024];
2756
2757eollen = (eol == NULL)? 0 : Ustrlen(eol);
2758
2759while (Ufgets(buffer, sizeof(buffer), f) != NULL)
2760 {
2761 int len = Ustrlen(buffer);
2762 if (eol != NULL && buffer[len-1] == '\n') len--;
2763 yield = string_cat(yield, sizep, ptrp, buffer, len);
2764 if (buffer[len] != 0)
2765 yield = string_cat(yield, sizep, ptrp, eol, eollen);
2766 }
2767
2768if (yield != NULL) yield[*ptrp] = 0;
2769
2770return yield;
2771}
2772
2773
2774
2775
2776/*************************************************
2777* Evaluate numeric expression *
2778*************************************************/
2779
af561417
PH
2780/* This is a set of mutually recursive functions that evaluate an arithmetic
2781expression involving + - * / % & | ^ ~ << >> and parentheses. The only one of
2782these functions that is called from elsewhere is eval_expr, whose interface is:
059ec3d9
PH
2783
2784Arguments:
af561417
PH
2785 sptr pointer to the pointer to the string - gets updated
2786 decimal TRUE if numbers are to be assumed decimal
2787 error pointer to where to put an error message - must be NULL on input
2788 endket TRUE if ')' must terminate - FALSE for external call
059ec3d9 2789
af561417
PH
2790Returns: on success: the value of the expression, with *error still NULL
2791 on failure: an undefined value, with *error = a message
059ec3d9
PH
2792*/
2793
af561417
PH
2794static int eval_op_or(uschar **, BOOL, uschar **);
2795
059ec3d9
PH
2796
2797static int
2798eval_expr(uschar **sptr, BOOL decimal, uschar **error, BOOL endket)
2799{
2800uschar *s = *sptr;
af561417 2801int x = eval_op_or(&s, decimal, error);
059ec3d9
PH
2802if (*error == NULL)
2803 {
af561417 2804 if (endket)
059ec3d9 2805 {
af561417
PH
2806 if (*s != ')')
2807 *error = US"expecting closing parenthesis";
2808 else
2809 while (isspace(*(++s)));
059ec3d9 2810 }
af561417 2811 else if (*s != 0) *error = US"expecting operator";
059ec3d9 2812 }
059ec3d9
PH
2813*sptr = s;
2814return x;
2815}
2816
af561417 2817
059ec3d9 2818static int
af561417 2819eval_number(uschar **sptr, BOOL decimal, uschar **error)
059ec3d9
PH
2820{
2821register int c;
2822int n;
2823uschar *s = *sptr;
2824while (isspace(*s)) s++;
2825c = *s;
af561417 2826if (isdigit(c))
059ec3d9
PH
2827 {
2828 int count;
2829 (void)sscanf(CS s, (decimal? "%d%n" : "%i%n"), &n, &count);
2830 s += count;
2831 if (tolower(*s) == 'k') { n *= 1024; s++; }
2832 else if (tolower(*s) == 'm') { n *= 1024*1024; s++; }
2833 while (isspace (*s)) s++;
2834 }
2835else if (c == '(')
2836 {
2837 s++;
2838 n = eval_expr(&s, decimal, error, 1);
2839 }
2840else
2841 {
2842 *error = US"expecting number or opening parenthesis";
2843 n = 0;
2844 }
2845*sptr = s;
2846return n;
2847}
2848
af561417
PH
2849
2850static int eval_op_unary(uschar **sptr, BOOL decimal, uschar **error)
2851{
2852uschar *s = *sptr;
2853int x;
2854while (isspace(*s)) s++;
2855if (*s == '+' || *s == '-' || *s == '~')
2856 {
2857 int op = *s++;
2858 x = eval_op_unary(&s, decimal, error);
2859 if (op == '-') x = -x;
2860 else if (op == '~') x = ~x;
2861 }
2862else
2863 {
2864 x = eval_number(&s, decimal, error);
2865 }
2866*sptr = s;
2867return x;
2868}
2869
2870
2871static int eval_op_mult(uschar **sptr, BOOL decimal, uschar **error)
059ec3d9
PH
2872{
2873uschar *s = *sptr;
af561417 2874int x = eval_op_unary(&s, decimal, error);
059ec3d9
PH
2875if (*error == NULL)
2876 {
5591031b 2877 while (*s == '*' || *s == '/' || *s == '%')
059ec3d9
PH
2878 {
2879 int op = *s++;
af561417 2880 int y = eval_op_unary(&s, decimal, error);
059ec3d9 2881 if (*error != NULL) break;
5591031b
PH
2882 if (op == '*') x *= y;
2883 else if (op == '/') x /= y;
2884 else x %= y;
059ec3d9
PH
2885 }
2886 }
2887*sptr = s;
2888return x;
2889}
2890
2891
af561417
PH
2892static int eval_op_sum(uschar **sptr, BOOL decimal, uschar **error)
2893{
2894uschar *s = *sptr;
2895int x = eval_op_mult(&s, decimal, error);
2896if (*error == NULL)
2897 {
2898 while (*s == '+' || *s == '-')
2899 {
2900 int op = *s++;
2901 int y = eval_op_mult(&s, decimal, error);
2902 if (*error != NULL) break;
2903 if (op == '+') x += y; else x -= y;
2904 }
2905 }
2906*sptr = s;
2907return x;
2908}
2909
2910
2911static int eval_op_shift(uschar **sptr, BOOL decimal, uschar **error)
2912{
2913uschar *s = *sptr;
2914int x = eval_op_sum(&s, decimal, error);
2915if (*error == NULL)
2916 {
2917 while ((*s == '<' || *s == '>') && s[1] == s[0])
2918 {
2919 int y;
2920 int op = *s++;
2921 s++;
2922 y = eval_op_sum(&s, decimal, error);
2923 if (*error != NULL) break;
2924 if (op == '<') x <<= y; else x >>= y;
2925 }
2926 }
2927*sptr = s;
2928return x;
2929}
2930
2931
2932static int eval_op_and(uschar **sptr, BOOL decimal, uschar **error)
2933{
2934uschar *s = *sptr;
2935int x = eval_op_shift(&s, decimal, error);
2936if (*error == NULL)
2937 {
2938 while (*s == '&')
2939 {
2940 int y;
2941 s++;
2942 y = eval_op_shift(&s, decimal, error);
2943 if (*error != NULL) break;
2944 x &= y;
2945 }
2946 }
2947*sptr = s;
2948return x;
2949}
2950
2951
2952static int eval_op_xor(uschar **sptr, BOOL decimal, uschar **error)
2953{
2954uschar *s = *sptr;
2955int x = eval_op_and(&s, decimal, error);
2956if (*error == NULL)
2957 {
2958 while (*s == '^')
2959 {
2960 int y;
2961 s++;
2962 y = eval_op_and(&s, decimal, error);
2963 if (*error != NULL) break;
2964 x ^= y;
2965 }
2966 }
2967*sptr = s;
2968return x;
2969}
2970
2971
2972static int eval_op_or(uschar **sptr, BOOL decimal, uschar **error)
2973{
2974uschar *s = *sptr;
2975int x = eval_op_xor(&s, decimal, error);
2976if (*error == NULL)
2977 {
2978 while (*s == '|')
2979 {
2980 int y;
2981 s++;
2982 y = eval_op_xor(&s, decimal, error);
2983 if (*error != NULL) break;
2984 x |= y;
2985 }
2986 }
2987*sptr = s;
2988return x;
2989}
2990
059ec3d9
PH
2991
2992
2993/*************************************************
2994* Expand string *
2995*************************************************/
2996
2997/* Returns either an unchanged string, or the expanded string in stacking pool
2998store. Interpreted sequences are:
2999
3000 \... normal escaping rules
3001 $name substitutes the variable
3002 ${name} ditto
3003 ${op:string} operates on the expanded string value
3004 ${item{arg1}{arg2}...} expands the args and then does the business
3005 some literal args are not enclosed in {}
3006
3007There are now far too many operators and item types to make it worth listing
3008them here in detail any more.
3009
3010We use an internal routine recursively to handle embedded substrings. The
3011external function follows. The yield is NULL if the expansion failed, and there
3012are two cases: if something collapsed syntactically, or if "fail" was given
3013as the action on a lookup failure. These can be distinguised by looking at the
3014variable expand_string_forcedfail, which is TRUE in the latter case.
3015
3016The skipping flag is set true when expanding a substring that isn't actually
3017going to be used (after "if" or "lookup") and it prevents lookups from
3018happening lower down.
3019
3020Store usage: At start, a store block of the length of the input plus 64
3021is obtained. This is expanded as necessary by string_cat(), which might have to
3022get a new block, or might be able to expand the original. At the end of the
3023function we can release any store above that portion of the yield block that
3024was actually used. In many cases this will be optimal.
3025
3026However: if the first item in the expansion is a variable name or header name,
3027we reset the store before processing it; if the result is in fresh store, we
3028use that without copying. This is helpful for expanding strings like
3029$message_headers which can get very long.
3030
3031Arguments:
3032 string the string to be expanded
3033 ket_ends true if expansion is to stop at }
3034 left if not NULL, a pointer to the first character after the
3035 expansion is placed here (typically used with ket_ends)
3036 skipping TRUE for recursive calls when the value isn't actually going
3037 to be used (to allow for optimisation)
3038
3039Returns: NULL if expansion fails:
3040 expand_string_forcedfail is set TRUE if failure was forced
3041 expand_string_message contains a textual error message
3042 a pointer to the expanded string on success
3043*/
3044
3045static uschar *
3046expand_string_internal(uschar *string, BOOL ket_ends, uschar **left,
3047 BOOL skipping)
3048{
3049int ptr = 0;
3050int size = Ustrlen(string)+ 64;
3051int item_type;
3052uschar *yield = store_get(size);
3053uschar *s = string;
3054uschar *save_expand_nstring[EXPAND_MAXN+1];
3055int save_expand_nlength[EXPAND_MAXN+1];
3056
3057expand_string_forcedfail = FALSE;
3058expand_string_message = US"";
3059
3060while (*s != 0)
3061 {
3062 uschar *value;
3063 uschar name[256];
3064
3065 /* \ escapes the next character, which must exist, or else
3066 the expansion fails. There's a special escape, \N, which causes
3067 copying of the subject verbatim up to the next \N. Otherwise,
3068 the escapes are the standard set. */
3069
3070 if (*s == '\\')
3071 {
3072 if (s[1] == 0)
3073 {
3074 expand_string_message = US"\\ at end of string";
3075 goto EXPAND_FAILED;
3076 }
3077
3078 if (s[1] == 'N')
3079 {
3080 uschar *t = s + 2;
3081 for (s = t; *s != 0; s++) if (*s == '\\' && s[1] == 'N') break;
3082 yield = string_cat(yield, &size, &ptr, t, s - t);
3083 if (*s != 0) s += 2;
3084 }
3085
3086 else
3087 {
3088 uschar ch[1];
3089 ch[0] = string_interpret_escape(&s);
3090 s++;
3091 yield = string_cat(yield, &size, &ptr, ch, 1);
3092 }
3093
3094 continue;
3095 }
3096
3097 /* Anything other than $ is just copied verbatim, unless we are
3098 looking for a terminating } character. */
3099
3100 if (ket_ends && *s == '}') break;
3101
3102 if (*s != '$')
3103 {
3104 yield = string_cat(yield, &size, &ptr, s++, 1);
3105 continue;
3106 }
3107
3108 /* No { after the $ - must be a plain name or a number for string
3109 match variable. There has to be a fudge for variables that are the
3110 names of header fields preceded by "$header_" because header field
3111 names can contain any printing characters except space and colon.
3112 For those that don't like typing this much, "$h_" is a synonym for
3113 "$header_". A non-existent header yields a NULL value; nothing is
3114 inserted. */
3115
3116 if (isalpha((*(++s))))
3117 {
3118 int len;
3119 int newsize = 0;
3120
3121 s = read_name(name, sizeof(name), s, US"_");
3122
3123 /* If this is the first thing to be expanded, release the pre-allocated
3124 buffer. */
3125
3126 if (ptr == 0 && yield != NULL)
3127 {
3128 store_reset(yield);
3129 yield = NULL;
3130 size = 0;
3131 }
3132
3133 /* Header */
3134
3135 if (Ustrncmp(name, "h_", 2) == 0 ||
3136 Ustrncmp(name, "rh_", 3) == 0 ||
3137 Ustrncmp(name, "bh_", 3) == 0 ||
3138 Ustrncmp(name, "header_", 7) == 0 ||
3139 Ustrncmp(name, "rheader_", 8) == 0 ||
3140 Ustrncmp(name, "bheader_", 8) == 0)
3141 {
3142 BOOL want_raw = (name[0] == 'r')? TRUE : FALSE;
3143 uschar *charset = (name[0] == 'b')? NULL : headers_charset;
3144 s = read_header_name(name, sizeof(name), s);
3145 value = find_header(name, FALSE, &newsize, want_raw, charset);
3146
3147 /* If we didn't find the header, and the header contains a closing brace
0d85fa3f 3148 character, this may be a user error where the terminating colon
059ec3d9
PH
3149 has been omitted. Set a flag to adjust the error message in this case.
3150 But there is no error here - nothing gets inserted. */
3151
3152 if (value == NULL)
3153 {
3154 if (Ustrchr(name, '}') != NULL) malformed_header = TRUE;
3155 continue;
3156 }
3157 }
3158
3159 /* Variable */
3160
3161 else
3162 {
3163 value = find_variable(name, FALSE, skipping, &newsize);
3164 if (value == NULL)
3165 {
3166 expand_string_message =
3167 string_sprintf("unknown variable name \"%s\"", name);
641cb756 3168 check_variable_error_message(name);
059ec3d9
PH
3169 goto EXPAND_FAILED;
3170 }
3171 }
3172
3173 /* If the data is known to be in a new buffer, newsize will be set to the
3174 size of that buffer. If this is the first thing in an expansion string,
3175 yield will be NULL; just point it at the new store instead of copying. Many
3176 expansion strings contain just one reference, so this is a useful
3177 optimization, especially for humungous headers. */
3178
3179 len = Ustrlen(value);
3180 if (yield == NULL && newsize != 0)
3181 {
3182 yield = value;
3183 size = newsize;
3184 ptr = len;
3185 }
3186 else yield = string_cat(yield, &size, &ptr, value, len);
3187
3188 continue;
3189 }
3190
3191 if (isdigit(*s))
3192 {
3193 int n;
3194 s = read_number(&n, s);
3195 if (n >= 0 && n <= expand_nmax)
3196 yield = string_cat(yield, &size, &ptr, expand_nstring[n],
3197 expand_nlength[n]);
3198 continue;
3199 }
3200
3201 /* Otherwise, if there's no '{' after $ it's an error. */
3202
3203 if (*s != '{')
3204 {
3205 expand_string_message = US"$ not followed by letter, digit, or {";
3206 goto EXPAND_FAILED;
3207 }
3208
3209 /* After { there can be various things, but they all start with
3210 an initial word, except for a number for a string match variable. */
3211
3212 if (isdigit((*(++s))))
3213 {
3214 int n;
3215 s = read_number(&n, s);
3216 if (*s++ != '}')
3217 {
3218 expand_string_message = US"} expected after number";
3219 goto EXPAND_FAILED;
3220 }
3221 if (n >= 0 && n <= expand_nmax)
3222 yield = string_cat(yield, &size, &ptr, expand_nstring[n],
3223 expand_nlength[n]);
3224 continue;
3225 }
3226
3227 if (!isalpha(*s))
3228 {
3229 expand_string_message = US"letter or digit expected after ${";
3230 goto EXPAND_FAILED;
3231 }
3232
3233 /* Allow "-" in names to cater for substrings with negative
3234 arguments. Since we are checking for known names after { this is
3235 OK. */
3236
3237 s = read_name(name, sizeof(name), s, US"_-");
3238 item_type = chop_match(name, item_table, sizeof(item_table)/sizeof(uschar *));
3239
3240 switch(item_type)
3241 {
3242 /* Handle conditionals - preserve the values of the numerical expansion
3243 variables in case they get changed by a regular expression match in the
3244 condition. If not, they retain their external settings. At the end
3245 of this "if" section, they get restored to their previous values. */
3246
3247 case EITEM_IF:
3248 {
3249 BOOL cond = FALSE;
3250 uschar *next_s;
3251 int save_expand_nmax =
3252 save_expand_strings(save_expand_nstring, save_expand_nlength);
3253
3254 while (isspace(*s)) s++;
3255 next_s = eval_condition(s, skipping? NULL : &cond);
3256 if (next_s == NULL) goto EXPAND_FAILED; /* message already set */
3257
3258 DEBUG(D_expand)
3259 debug_printf("condition: %.*s\n result: %s\n", (int)(next_s - s), s,
3260 cond? "true" : "false");
3261
3262 s = next_s;
3263
3264 /* The handling of "yes" and "no" result strings is now in a separate
3265 function that is also used by ${lookup} and ${extract} and ${run}. */
3266
3267 switch(process_yesno(
3268 skipping, /* were previously skipping */
3269 cond, /* success/failure indicator */
3270 lookup_value, /* value to reset for string2 */
3271 &s, /* input pointer */
3272 &yield, /* output pointer */
3273 &size, /* output size */
3274 &ptr, /* output current point */
3275 US"if")) /* condition type */
3276 {
3277 case 1: goto EXPAND_FAILED; /* when all is well, the */
3278 case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
3279 }
3280
3281 /* Restore external setting of expansion variables for continuation
3282 at this level. */
3283
3284 restore_expand_strings(save_expand_nmax, save_expand_nstring,
3285 save_expand_nlength);
3286 continue;
3287 }
3288
3289 /* Handle database lookups unless locked out. If "skipping" is TRUE, we are
3290 expanding an internal string that isn't actually going to be used. All we
3291 need to do is check the syntax, so don't do a lookup at all. Preserve the
3292 values of the numerical expansion variables in case they get changed by a
3293 partial lookup. If not, they retain their external settings. At the end
3294 of this "lookup" section, they get restored to their previous values. */
3295
3296 case EITEM_LOOKUP:
3297 {
3298 int stype, partial, affixlen, starflags;
3299 int expand_setup = 0;
3300 int nameptr = 0;
3301 uschar *key, *filename, *affix;
3302 uschar *save_lookup_value = lookup_value;
3303 int save_expand_nmax =
3304 save_expand_strings(save_expand_nstring, save_expand_nlength);
3305
3306 if ((expand_forbid & RDO_LOOKUP) != 0)
3307 {
3308 expand_string_message = US"lookup expansions are not permitted";
3309 goto EXPAND_FAILED;
3310 }
3311
3312 /* Get the key we are to look up for single-key+file style lookups.
3313 Otherwise set the key NULL pro-tem. */
3314
3315 while (isspace(*s)) s++;
3316 if (*s == '{')
3317 {
3318 key = expand_string_internal(s+1, TRUE, &s, skipping);
3319 if (key == NULL) goto EXPAND_FAILED;
3320 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3321 while (isspace(*s)) s++;
3322 }
3323 else key = NULL;
3324
3325 /* Find out the type of database */
3326
3327 if (!isalpha(*s))
3328 {
3329 expand_string_message = US"missing lookup type";
3330 goto EXPAND_FAILED;
3331 }
3332
3333 /* The type is a string that may contain special characters of various
3334 kinds. Allow everything except space or { to appear; the actual content
3335 is checked by search_findtype_partial. */
3336
3337 while (*s != 0 && *s != '{' && !isspace(*s))
3338 {
3339 if (nameptr < sizeof(name) - 1) name[nameptr++] = *s;
3340 s++;
3341 }
3342 name[nameptr] = 0;
3343 while (isspace(*s)) s++;
3344
3345 /* Now check for the individual search type and any partial or default
3346 options. Only those types that are actually in the binary are valid. */
3347
3348 stype = search_findtype_partial(name, &partial, &affix, &affixlen,
3349 &starflags);
3350 if (stype < 0)
3351 {
3352 expand_string_message = search_error_message;
3353 goto EXPAND_FAILED;
3354 }
3355
3356 /* Check that a key was provided for those lookup types that need it,
3357 and was not supplied for those that use the query style. */
3358
13b685f9 3359 if (!mac_islookup(stype, lookup_querystyle|lookup_absfilequery))
059ec3d9
PH
3360 {
3361 if (key == NULL)
3362 {
3363 expand_string_message = string_sprintf("missing {key} for single-"
3364 "key \"%s\" lookup", name);
3365 goto EXPAND_FAILED;
3366 }
3367 }
3368 else
3369 {
3370 if (key != NULL)
3371 {
3372 expand_string_message = string_sprintf("a single key was given for "
3373 "lookup type \"%s\", which is not a single-key lookup type", name);
3374 goto EXPAND_FAILED;
3375 }
3376 }
3377
3378 /* Get the next string in brackets and expand it. It is the file name for
13b685f9
PH
3379 single-key+file lookups, and the whole query otherwise. In the case of
3380 queries that also require a file name (e.g. sqlite), the file name comes
3381 first. */
059ec3d9
PH
3382
3383 if (*s != '{') goto EXPAND_FAILED_CURLY;
3384 filename = expand_string_internal(s+1, TRUE, &s, skipping);
3385 if (filename == NULL) goto EXPAND_FAILED;
3386 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3387 while (isspace(*s)) s++;
3388
3389 /* If this isn't a single-key+file lookup, re-arrange the variables
13b685f9
PH
3390 to be appropriate for the search_ functions. For query-style lookups,
3391 there is just a "key", and no file name. For the special query-style +
3392 file types, the query (i.e. "key") starts with a file name. */
059ec3d9
PH
3393
3394 if (key == NULL)
3395 {
13b685f9 3396 while (isspace(*filename)) filename++;
059ec3d9 3397 key = filename;
13b685f9
PH
3398
3399 if (mac_islookup(stype, lookup_querystyle))
3400 {
3401 filename = NULL;
3402 }
3403 else
3404 {
3405 if (*filename != '/')
3406 {
3407 expand_string_message = string_sprintf(
3408 "absolute file name expected for \"%s\" lookup", name);
3409 goto EXPAND_FAILED;
3410 }
3411 while (*key != 0 && !isspace(*key)) key++;
3412 if (*key != 0) *key++ = 0;
3413 }
059ec3d9
PH
3414 }
3415
3416 /* If skipping, don't do the next bit - just lookup_value == NULL, as if
3417 the entry was not found. Note that there is no search_close() function.
3418 Files are left open in case of re-use. At suitable places in higher logic,
3419 search_tidyup() is called to tidy all open files. This can save opening
3420 the same file several times. However, files may also get closed when
3421 others are opened, if too many are open at once. The rule is that a
3422 handle should not be used after a second search_open().
3423
3424 Request that a partial search sets up $1 and maybe $2 by passing
3425 expand_setup containing zero. If its value changes, reset expand_nmax,
3426 since new variables will have been set. Note that at the end of this
3427 "lookup" section, the old numeric variables are restored. */
3428
3429 if (skipping)
3430 lookup_value = NULL;
3431 else
3432 {
3433 void *handle = search_open(filename, stype, 0, NULL, NULL);
3434 if (handle == NULL)
3435 {
3436 expand_string_message = search_error_message;
3437 goto EXPAND_FAILED;
3438 }
3439 lookup_value = search_find(handle, filename, key, partial, affix,
3440 affixlen, starflags, &expand_setup);
3441 if (search_find_defer)
3442 {
3443 expand_string_message =
3444 string_sprintf("lookup of \"%s\" gave DEFER: %s", key,
3445 search_error_message);
3446 goto EXPAND_FAILED;
3447 }
3448 if (expand_setup > 0) expand_nmax = expand_setup;
3449 }
3450
3451 /* The handling of "yes" and "no" result strings is now in a separate
3452 function that is also used by ${if} and ${extract}. */
3453
3454 switch(process_yesno(
3455 skipping, /* were previously skipping */
3456 lookup_value != NULL, /* success/failure indicator */
3457 save_lookup_value, /* value to reset for string2 */
3458 &s, /* input pointer */
3459 &yield, /* output pointer */
3460 &size, /* output size */
3461 &ptr, /* output current point */
3462 US"lookup")) /* condition type */
3463 {
3464 case 1: goto EXPAND_FAILED; /* when all is well, the */
3465 case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
3466 }
3467
3468 /* Restore external setting of expansion variables for carrying on
3469 at this level, and continue. */
3470
3471 restore_expand_strings(save_expand_nmax, save_expand_nstring,
3472 save_expand_nlength);
3473 continue;
3474 }
3475
3476 /* If Perl support is configured, handle calling embedded perl subroutines,
3477 unless locked out at this time. Syntax is ${perl{sub}} or ${perl{sub}{arg}}
3478 or ${perl{sub}{arg1}{arg2}} or up to a maximum of EXIM_PERL_MAX_ARGS
3479 arguments (defined below). */
3480
059ec3d9
PH
3481 #define EXIM_PERL_MAX_ARGS 8
3482
3483 case EITEM_PERL:
1a46a8c5
PH
3484 #ifndef EXIM_PERL
3485 expand_string_message = US"\"${perl\" encountered, but this facility "
3486 "is not included in this binary";
3487 goto EXPAND_FAILED;
3488
3489 #else /* EXIM_PERL */
059ec3d9
PH
3490 {
3491 uschar *sub_arg[EXIM_PERL_MAX_ARGS + 2];
3492 uschar *new_yield;
3493
3494 if ((expand_forbid & RDO_PERL) != 0)
3495 {
3496 expand_string_message = US"Perl calls are not permitted";
3497 goto EXPAND_FAILED;
3498 }
3499
3500 switch(read_subs(sub_arg, EXIM_PERL_MAX_ARGS + 1, 1, &s, skipping, TRUE,
3501 US"perl"))
3502 {
3503 case 1: goto EXPAND_FAILED_CURLY;
3504 case 2:
3505 case 3: goto EXPAND_FAILED;
3506 }
3507
3508 /* If skipping, we don't actually do anything */
3509
3510 if (skipping) continue;
3511
3512 /* Start the interpreter if necessary */
3513
3514 if (!opt_perl_started)
3515 {
3516 uschar *initerror;
3517 if (opt_perl_startup == NULL)
3518 {
3519 expand_string_message = US"A setting of perl_startup is needed when "
3520 "using the Perl interpreter";
3521 goto EXPAND_FAILED;
3522 }
3523 DEBUG(D_any) debug_printf("Starting Perl interpreter\n");
3524 initerror = init_perl(opt_perl_startup);
3525 if (initerror != NULL)
3526 {
3527 expand_string_message =
3528 string_sprintf("error in perl_startup code: %s\n", initerror);
3529 goto EXPAND_FAILED;
3530 }
3531 opt_perl_started = TRUE;
3532 }
3533
3534 /* Call the function */
3535
3536 sub_arg[EXIM_PERL_MAX_ARGS + 1] = NULL;
3537 new_yield = call_perl_cat(yield, &size, &ptr, &expand_string_message,
3538 sub_arg[0], sub_arg + 1);
3539
3540 /* NULL yield indicates failure; if the message pointer has been set to
3541 NULL, the yield was undef, indicating a forced failure. Otherwise the
3542 message will indicate some kind of Perl error. */
3543
3544 if (new_yield == NULL)
3545 {
3546 if (expand_string_message == NULL)
3547 {
3548 expand_string_message =
3549 string_sprintf("Perl subroutine \"%s\" returned undef to force "
3550 "failure", sub_arg[0]);
3551 expand_string_forcedfail = TRUE;
3552 }
3553 goto EXPAND_FAILED;
3554 }
3555
3556 /* Yield succeeded. Ensure forcedfail is unset, just in case it got
3557 set during a callback from Perl. */
3558
3559 expand_string_forcedfail = FALSE;
3560 yield = new_yield;
3561 continue;
3562 }
3563 #endif /* EXIM_PERL */
3564
fffda43a
TK
3565 /* Transform email address to "prvs" scheme to use
3566 as BATV-signed return path */
3567
3568 case EITEM_PRVS:
3569 {
3570 uschar *sub_arg[3];
3571 uschar *p,*domain;
3572
3573 switch(read_subs(sub_arg, 3, 2, &s, skipping, TRUE, US"prvs"))
3574 {
3575 case 1: goto EXPAND_FAILED_CURLY;
3576 case 2:
3577 case 3: goto EXPAND_FAILED;
3578 }
3579
3580 /* If skipping, we don't actually do anything */
3581 if (skipping) continue;
3582
3583 /* sub_arg[0] is the address */
3584 domain = Ustrrchr(sub_arg[0],'@');
3585 if ( (domain == NULL) || (domain == sub_arg[0]) || (Ustrlen(domain) == 1) )
3586 {
cb9328de
PH
3587 expand_string_message = US"prvs first argument must be a qualified email address";
3588 goto EXPAND_FAILED;
3589 }
3590
3591 /* Calculate the hash. The second argument must be a single-digit
3592 key number, or unset. */
3593
3594 if (sub_arg[2] != NULL &&
3595 (!isdigit(sub_arg[2][0]) || sub_arg[2][1] != 0))
3596 {
3597 expand_string_message = US"prvs second argument must be a single digit";
fffda43a
TK
3598 goto EXPAND_FAILED;
3599 }
3600
fffda43a
TK
3601 p = prvs_hmac_sha1(sub_arg[0],sub_arg[1],sub_arg[2],prvs_daystamp(7));
3602 if (p == NULL)
3603 {
cb9328de 3604 expand_string_message = US"prvs hmac-sha1 conversion failed";
fffda43a
TK
3605 goto EXPAND_FAILED;
3606 }
3607
3608 /* Now separate the domain from the local part */
3609 *domain++ = '\0';
3610
3611 yield = string_cat(yield,&size,&ptr,US"prvs=",5);
3612 string_cat(yield,&size,&ptr,sub_arg[0],Ustrlen(sub_arg[0]));
3613 string_cat(yield,&size,&ptr,US"/",1);
3614 string_cat(yield,&size,&ptr,(sub_arg[2] != NULL) ? sub_arg[2] : US"0", 1);
3615 string_cat(yield,&size,&ptr,prvs_daystamp(7),3);
3616 string_cat(yield,&size,&ptr,p,6);
3617 string_cat(yield,&size,&ptr,US"@",1);
3618 string_cat(yield,&size,&ptr,domain,Ustrlen(domain));
3619
3620 continue;
3621 }
3622
3623 /* Check a prvs-encoded address for validity */
3624
3625 case EITEM_PRVSCHECK:
3626 {
3627 uschar *sub_arg[3];
3628 int mysize = 0, myptr = 0;
3629 const pcre *re;
3630 uschar *p;
72fdd6ae
PH
3631
3632 /* TF: Ugliness: We want to expand parameter 1 first, then set
fffda43a
TK
3633 up expansion variables that are used in the expansion of
3634 parameter 2. So we clone the string for the first
72fdd6ae
PH
3635 expansion, where we only expand parameter 1.
3636
3637 PH: Actually, that isn't necessary. The read_subs() function is
3638 designed to work this way for the ${if and ${lookup expansions. I've
3639 tidied the code.
3640 */
fffda43a
TK
3641
3642 /* Reset expansion variables */
3643 prvscheck_result = NULL;
3644 prvscheck_address = NULL;
3645 prvscheck_keynum = NULL;
3646
72fdd6ae 3647 switch(read_subs(sub_arg, 1, 1, &s, skipping, FALSE, US"prvs"))
fffda43a
TK
3648 {
3649 case 1: goto EXPAND_FAILED_CURLY;
3650 case 2:
3651 case 3: goto EXPAND_FAILED;
3652 }
3653
3654 re = regex_must_compile(US"^prvs\\=(.+)\\/([0-9])([0-9]{3})([A-F0-9]{6})\\@(.+)$",
3655 TRUE,FALSE);
3656
72fdd6ae
PH
3657 if (regex_match_and_setup(re,sub_arg[0],0,-1))
3658 {
fffda43a
TK
3659 uschar *local_part = string_copyn(expand_nstring[1],expand_nlength[1]);
3660 uschar *key_num = string_copyn(expand_nstring[2],expand_nlength[2]);
3661 uschar *daystamp = string_copyn(expand_nstring[3],expand_nlength[3]);
3662 uschar *hash = string_copyn(expand_nstring[4],expand_nlength[4]);
3663 uschar *domain = string_copyn(expand_nstring[5],expand_nlength[5]);
3664
3665 DEBUG(D_expand) debug_printf("prvscheck localpart: %s\n", local_part);
3666 DEBUG(D_expand) debug_printf("prvscheck key number: %s\n", key_num);
3667 DEBUG(D_expand) debug_printf("prvscheck daystamp: %s\n", daystamp);
3668 DEBUG(D_expand) debug_printf("prvscheck hash: %s\n", hash);
3669 DEBUG(D_expand) debug_printf("prvscheck domain: %s\n", domain);
3670
3671 /* Set up expansion variables */
3672 prvscheck_address = string_cat(NULL, &mysize, &myptr, local_part, Ustrlen(local_part));
2740a2ca 3673 string_cat(prvscheck_address,&mysize,&myptr,US"@",1);
fffda43a
TK
3674 string_cat(prvscheck_address,&mysize,&myptr,domain,Ustrlen(domain));
3675 prvscheck_address[myptr] = '\0';
3676 prvscheck_keynum = string_copy(key_num);
3677
72fdd6ae
PH
3678 /* Now expand the second argument */
3679 switch(read_subs(sub_arg, 1, 1, &s, skipping, FALSE, US"prvs"))
fffda43a
TK
3680 {
3681 case 1: goto EXPAND_FAILED_CURLY;
3682 case 2:
3683 case 3: goto EXPAND_FAILED;
3684 }
3685
fffda43a 3686 /* Now we have the key and can check the address. */
72fdd6ae
PH
3687
3688 p = prvs_hmac_sha1(prvscheck_address, sub_arg[0], prvscheck_keynum,
3689 daystamp);
3690
fffda43a
TK
3691 if (p == NULL)
3692 {
3693 expand_string_message = US"hmac-sha1 conversion failed";
3694 goto EXPAND_FAILED;
3695 }
3696
3697 DEBUG(D_expand) debug_printf("prvscheck: received hash is %s\n", hash);
3698 DEBUG(D_expand) debug_printf("prvscheck: own hash is %s\n", p);
72fdd6ae 3699
fffda43a
TK
3700 if (Ustrcmp(p,hash) == 0)
3701 {
3702 /* Success, valid BATV address. Now check the expiry date. */
3703 uschar *now = prvs_daystamp(0);
3704 unsigned int inow = 0,iexpire = 1;
3705
ff790e47
PH
3706 (void)sscanf(CS now,"%u",&inow);
3707 (void)sscanf(CS daystamp,"%u",&iexpire);
fffda43a
TK
3708
3709 /* When "iexpire" is < 7, a "flip" has occured.
3710 Adjust "inow" accordingly. */
3711 if ( (iexpire < 7) && (inow >= 993) ) inow = 0;
3712
3713 if (iexpire > inow)
3714 {
3715 prvscheck_result = US"1";
3716 DEBUG(D_expand) debug_printf("prvscheck: success, $pvrs_result set to 1\n");
3717 }
3718 else
3719 {
3720 prvscheck_result = NULL;
3721 DEBUG(D_expand) debug_printf("prvscheck: signature expired, $pvrs_result unset\n");
3722 }
3723 }
3724 else
3725 {
3726 prvscheck_result = NULL;
3727 DEBUG(D_expand) debug_printf("prvscheck: hash failure, $pvrs_result unset\n");
3728 }
72fdd6ae
PH
3729
3730 /* Now expand the final argument. We leave this till now so that
3731 it can include $prvscheck_result. */
3732
3733 switch(read_subs(sub_arg, 1, 0, &s, skipping, TRUE, US"prvs"))
3734 {
3735 case 1: goto EXPAND_FAILED_CURLY;
3736 case 2:
3737 case 3: goto EXPAND_FAILED;
3738 }
3739
3740 if (sub_arg[0] == NULL || *sub_arg[0] == '\0')
3741 yield = string_cat(yield,&size,&ptr,prvscheck_address,Ustrlen(prvscheck_address));
3742 else
3743 yield = string_cat(yield,&size,&ptr,sub_arg[0],Ustrlen(sub_arg[0]));
3744
3745 /* Reset the "internal" variables afterwards, because they are in
3746 dynamic store that will be reclaimed if the expansion succeeded. */
3747
3748 prvscheck_address = NULL;
3749 prvscheck_keynum = NULL;
3750 }
fffda43a
TK
3751 else
3752 {
3753 /* Does not look like a prvs encoded address, return the empty string.
72fdd6ae
PH
3754 We need to make sure all subs are expanded first, so as to skip over
3755 the entire item. */
3756
5a03bd24 3757 switch(read_subs(sub_arg, 2, 1, &s, skipping, TRUE, US"prvs"))
fffda43a
TK
3758 {
3759 case 1: goto EXPAND_FAILED_CURLY;
3760 case 2:
3761 case 3: goto EXPAND_FAILED;
3762 }
3763 }
3764
3765 continue;
3766 }
3767
059ec3d9
PH
3768 /* Handle "readfile" to insert an entire file */
3769
3770 case EITEM_READFILE:
3771 {
3772 FILE *f;
3773 uschar *sub_arg[2];
3774
3775 if ((expand_forbid & RDO_READFILE) != 0)
3776 {
3777 expand_string_message = US"file insertions are not permitted";
3778 goto EXPAND_FAILED;
3779 }
3780
3781 switch(read_subs(sub_arg, 2, 1, &s, skipping, TRUE, US"readfile"))
3782 {
3783 case 1: goto EXPAND_FAILED_CURLY;
3784 case 2:
3785 case 3: goto EXPAND_FAILED;
3786 }
3787
3788 /* If skipping, we don't actually do anything */
3789
3790 if (skipping) continue;
3791
3792 /* Open the file and read it */
3793
3794 f = Ufopen(sub_arg[0], "rb");
3795 if (f == NULL)
3796 {
3797 expand_string_message = string_open_failed(errno, "%s", sub_arg[0]);
3798 goto EXPAND_FAILED;
3799 }
3800
3801 yield = cat_file(f, yield, &size, &ptr, sub_arg[1]);
f1e894f3 3802 (void)fclose(f);
059ec3d9
PH
3803 continue;
3804 }
3805
3806 /* Handle "readsocket" to insert data from a Unix domain socket */
3807
3808 case EITEM_READSOCK:
3809 {
3810 int fd;
3811 int timeout = 5;
3812 int save_ptr = ptr;
3813 FILE *f;
3814 struct sockaddr_un sockun; /* don't call this "sun" ! */
3815 uschar *arg;
3816 uschar *sub_arg[4];
3817
3818 if ((expand_forbid & RDO_READSOCK) != 0)
3819 {
3820 expand_string_message = US"socket insertions are not permitted";
3821 goto EXPAND_FAILED;
3822 }
3823
3824 /* Read up to 4 arguments, but don't do the end of item check afterwards,
3825 because there may be a string for expansion on failure. */
3826
3827 switch(read_subs(sub_arg, 4, 2, &s, skipping, FALSE, US"readsocket"))
3828 {
3829 case 1: goto EXPAND_FAILED_CURLY;
3830 case 2: /* Won't occur: no end check */
3831 case 3: goto EXPAND_FAILED;
3832 }
3833
3834 /* Sort out timeout, if given */
3835
3836 if (sub_arg[2] != NULL)
3837 {
3838 timeout = readconf_readtime(sub_arg[2], 0, FALSE);
3839 if (timeout < 0)
3840 {
3841 expand_string_message = string_sprintf("bad time value %s",
3842 sub_arg[2]);
3843 goto EXPAND_FAILED;
3844 }
3845 }
3846 else sub_arg[3] = NULL; /* No eol if no timeout */
3847
1cce3af8
PH
3848 /* If skipping, we don't actually do anything. Otherwise, arrange to
3849 connect to either an IP or a Unix socket. */
059ec3d9
PH
3850
3851 if (!skipping)
3852 {
1cce3af8 3853 /* Handle an IP (internet) domain */
059ec3d9 3854
91ecef39 3855 if (Ustrncmp(sub_arg[0], "inet:", 5) == 0)
059ec3d9 3856 {
1cce3af8
PH
3857 BOOL connected = FALSE;
3858 int namelen, port;
3859 host_item shost;
3860 host_item *h;
3861 uschar *server_name = sub_arg[0] + 5;
3862 uschar *port_name = Ustrrchr(server_name, ':');
3863
3864 /* Sort out the port */
3865
3866 if (port_name == NULL)
3867 {
3868 expand_string_message =
3869 string_sprintf("missing port for readsocket %s", sub_arg[0]);
3870 goto EXPAND_FAILED;
3871 }
3872 *port_name++ = 0; /* Terminate server name */
3873
3874 if (isdigit(*port_name))
3875 {
3876 uschar *end;
3877 port = Ustrtol(port_name, &end, 0);
3878 if (end != port_name + Ustrlen(port_name))
3879 {
3880 expand_string_message =
3881 string_sprintf("invalid port number %s", port_name);
3882 goto EXPAND_FAILED;
3883 }
3884 }
3885 else
3886 {
3887 struct servent *service_info = getservbyname(CS port_name, "tcp");
3888 if (service_info == NULL)
3889 {
3890 expand_string_message = string_sprintf("unknown port \"%s\"",
3891 port_name);
3892 goto EXPAND_FAILED;
3893 }
3894 port = ntohs(service_info->s_port);
3895 }
3896
3897 /* Sort out the server. */
3898
3899 shost.next = NULL;
3900 shost.address = NULL;
3901 shost.port = port;
3902 shost.mx = -1;
3903
3904 namelen = Ustrlen(server_name);
3905
3906 /* Anything enclosed in [] must be an IP address. */
3907
3908 if (server_name[0] == '[' &&
3909 server_name[namelen - 1] == ']')
3910 {
3911 server_name[namelen - 1] = 0;
3912 server_name++;
3913 if (string_is_ip_address(server_name, NULL) == 0)
3914 {
3915 expand_string_message =
3916 string_sprintf("malformed IP address \"%s\"", server_name);
3917 goto EXPAND_FAILED;
3918 }
3919 shost.name = shost.address = server_name;
3920 }
3921
3922 /* Otherwise check for an unadorned IP address */
3923
3924 else if (string_is_ip_address(server_name, NULL) != 0)
3925 shost.name = shost.address = server_name;
3926
3927 /* Otherwise lookup IP address(es) from the name */
3928
3929 else
3930 {
3931 shost.name = server_name;
322050c2
PH
3932 if (host_find_byname(&shost, NULL, HOST_FIND_QUALIFY_SINGLE, NULL,
3933 FALSE) != HOST_FOUND)
1cce3af8
PH
3934 {
3935 expand_string_message =
3936 string_sprintf("no IP address found for host %s", shost.name);
3937 goto EXPAND_FAILED;
3938 }
3939 }
3940
3941 /* Try to connect to the server - test each IP till one works */
3942
3943 for (h = &shost; h != NULL; h = h->next)
3944 {
3945 int af = (Ustrchr(h->address, ':') != 0)? AF_INET6 : AF_INET;
3946 if ((fd = ip_socket(SOCK_STREAM, af)) == -1)
3947 {
3948 expand_string_message = string_sprintf("failed to create socket: "
3949 "%s", strerror(errno));
3950 goto SOCK_FAIL;
3951 }
3952
3953 if (ip_connect(fd, af, h->address, port, timeout) == 0)
3954 {
3955 connected = TRUE;
3956 break;
3957 }
3958 }
3959
3960 if (!connected)
3961 {
3962 expand_string_message = string_sprintf("failed to connect to "
3963 "socket %s: couldn't connect to any host", sub_arg[0],
3964 strerror(errno));
3965 goto SOCK_FAIL;
3966 }
059ec3d9
PH
3967 }
3968
1cce3af8
PH
3969 /* Handle a Unix domain socket */
3970
3971 else
059ec3d9 3972 {
a401ddaa 3973 int rc;
1cce3af8
PH
3974 if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
3975 {
3976 expand_string_message = string_sprintf("failed to create socket: %s",
3977 strerror(errno));
3978 goto SOCK_FAIL;
3979 }
3980
3981 sockun.sun_family = AF_UNIX;
3982 sprintf(sockun.sun_path, "%.*s", (int)(sizeof(sockun.sun_path)-1),
3983 sub_arg[0]);
a401ddaa
PH
3984
3985 sigalrm_seen = FALSE;
3986 alarm(timeout);
3987 rc = connect(fd, (struct sockaddr *)(&sockun), sizeof(sockun));
3988 alarm(0);
734e1499 3989 if (sigalrm_seen)
1cce3af8 3990 {
734e1499 3991 expand_string_message = US "socket connect timed out";
1cce3af8
PH
3992 goto SOCK_FAIL;
3993 }
734e1499 3994 if (rc < 0)
a401ddaa 3995 {
734e1499
PH
3996 expand_string_message = string_sprintf("failed to connect to socket "
3997 "%s: %s", sub_arg[0], strerror(errno));
a401ddaa
PH
3998 goto SOCK_FAIL;
3999 }
059ec3d9 4000 }
1cce3af8 4001
059ec3d9
PH
4002 DEBUG(D_expand) debug_printf("connected to socket %s\n", sub_arg[0]);
4003
4004 /* Write the request string, if not empty */
4005
4006 if (sub_arg[1][0] != 0)
4007 {