Increase DH_BITS in tls-gnu.c from 768 to 1024.
[exim.git] / src / src / expand.c
CommitLineData
734e1499 1/* $Cambridge: exim/src/src/expand.c,v 1.72 2006/11/13 12:32:58 ph10 Exp $ */
059ec3d9
PH
2
3/*************************************************
4* Exim - an Internet mail transport agent *
5*************************************************/
6
d7d7b7b9 7/* Copyright (c) University of Cambridge 1995 - 2006 */
059ec3d9
PH
8/* See the file NOTICE for conditions of use and distribution. */
9
10
11/* Functions for handling string expansion. */
12
13
14#include "exim.h"
15
16#ifdef STAND_ALONE
17#ifndef SUPPORT_CRYPTEQ
18#define SUPPORT_CRYPTEQ
19#endif
20#endif
21
22#ifdef SUPPORT_CRYPTEQ
23#ifdef CRYPT_H
24#include <crypt.h>
25#endif
26#ifndef HAVE_CRYPT16
27extern char* crypt16(char*, char*);
28#endif
29#endif
30
31#ifdef LOOKUP_LDAP
32#include "lookups/ldap.h"
33#endif
34
35
36
37/* Recursively called function */
38
39static uschar *expand_string_internal(uschar *, BOOL, uschar **, BOOL);
40
41
42
43/*************************************************
44* Local statics and tables *
45*************************************************/
46
47/* Table of item names, and corresponding switch numbers. The names must be in
48alphabetical order. */
49
50static uschar *item_table[] = {
1a46a8c5 51 US"dlfunc",
059ec3d9
PH
52 US"extract",
53 US"hash",
54 US"hmac",
55 US"if",
56 US"length",
57 US"lookup",
58 US"nhash",
1a46a8c5 59 US"perl",
fffda43a
TK
60 US"prvs",
61 US"prvscheck",
059ec3d9
PH
62 US"readfile",
63 US"readsocket",
64 US"run",
65 US"sg",
66 US"substr",
67 US"tr" };
68
69enum {
1a46a8c5 70 EITEM_DLFUNC,
059ec3d9
PH
71 EITEM_EXTRACT,
72 EITEM_HASH,
73 EITEM_HMAC,
74 EITEM_IF,
75 EITEM_LENGTH,
76 EITEM_LOOKUP,
77 EITEM_NHASH,
1a46a8c5 78 EITEM_PERL,
fffda43a
TK
79 EITEM_PRVS,
80 EITEM_PRVSCHECK,
059ec3d9
PH
81 EITEM_READFILE,
82 EITEM_READSOCK,
83 EITEM_RUN,
84 EITEM_SG,
85 EITEM_SUBSTR,
86 EITEM_TR };
87
88/* Tables of operator names, and corresponding switch numbers. The names must be
89in alphabetical order. There are two tables, because underscore is used in some
90cases to introduce arguments, whereas for other it is part of the name. This is
91an historical mis-design. */
92
93static uschar *op_table_underscore[] = {
94 US"from_utf8",
95 US"local_part",
96 US"quote_local_part",
f90d018c 97 US"time_eval",
059ec3d9
PH
98 US"time_interval"};
99
100enum {
101 EOP_FROM_UTF8,
102 EOP_LOCAL_PART,
103 EOP_QUOTE_LOCAL_PART,
f90d018c 104 EOP_TIME_EVAL,
059ec3d9
PH
105 EOP_TIME_INTERVAL };
106
107static uschar *op_table_main[] = {
108 US"address",
109 US"base62",
110 US"base62d",
111 US"domain",
112 US"escape",
113 US"eval",
114 US"eval10",
115 US"expand",
116 US"h",
117 US"hash",
118 US"hex2b64",
119 US"l",
120 US"lc",
121 US"length",
122 US"mask",
123 US"md5",
124 US"nh",
125 US"nhash",
126 US"quote",
127 US"rfc2047",
128 US"rxquote",
129 US"s",
130 US"sha1",
131 US"stat",
132 US"str2b64",
133 US"strlen",
134 US"substr",
135 US"uc" };
136
137enum {
138 EOP_ADDRESS = sizeof(op_table_underscore)/sizeof(uschar *),
139 EOP_BASE62,
140 EOP_BASE62D,
141 EOP_DOMAIN,
142 EOP_ESCAPE,
143 EOP_EVAL,
144 EOP_EVAL10,
145 EOP_EXPAND,
146 EOP_H,
147 EOP_HASH,
148 EOP_HEX2B64,
149 EOP_L,
150 EOP_LC,
151 EOP_LENGTH,
152 EOP_MASK,
153 EOP_MD5,
154 EOP_NH,
155 EOP_NHASH,
156 EOP_QUOTE,
157 EOP_RFC2047,
158 EOP_RXQUOTE,
159 EOP_S,
160 EOP_SHA1,
161 EOP_STAT,
162 EOP_STR2B64,
163 EOP_STRLEN,
164 EOP_SUBSTR,
165 EOP_UC };
166
167
168/* Table of condition names, and corresponding switch numbers. The names must
169be in alphabetical order. */
170
171static uschar *cond_table[] = {
172 US"<",
173 US"<=",
174 US"=",
175 US"==", /* Backward compatibility */
176 US">",
177 US">=",
178 US"and",
179 US"crypteq",
180 US"def",
181 US"eq",
182 US"eqi",
183 US"exists",
184 US"first_delivery",
185 US"ge",
186 US"gei",
187 US"gt",
188 US"gti",
189 US"isip",
190 US"isip4",
191 US"isip6",
192 US"ldapauth",
193 US"le",
194 US"lei",
195 US"lt",
196 US"lti",
197 US"match",
198 US"match_address",
199 US"match_domain",
32d668a5 200 US"match_ip",
059ec3d9
PH
201 US"match_local_part",
202 US"or",
203 US"pam",
204 US"pwcheck",
205 US"queue_running",
206 US"radius",
207 US"saslauthd"
208};
209
210enum {
211 ECOND_NUM_L,
212 ECOND_NUM_LE,
213 ECOND_NUM_E,
214 ECOND_NUM_EE,
215 ECOND_NUM_G,
216 ECOND_NUM_GE,
217 ECOND_AND,
218 ECOND_CRYPTEQ,
219 ECOND_DEF,
220 ECOND_STR_EQ,
221 ECOND_STR_EQI,
222 ECOND_EXISTS,
223 ECOND_FIRST_DELIVERY,
224 ECOND_STR_GE,
225 ECOND_STR_GEI,
226 ECOND_STR_GT,
227 ECOND_STR_GTI,
228 ECOND_ISIP,
229 ECOND_ISIP4,
230 ECOND_ISIP6,
231 ECOND_LDAPAUTH,
232 ECOND_STR_LE,
233 ECOND_STR_LEI,
234 ECOND_STR_LT,
235 ECOND_STR_LTI,
236 ECOND_MATCH,
237 ECOND_MATCH_ADDRESS,
238 ECOND_MATCH_DOMAIN,
32d668a5 239 ECOND_MATCH_IP,
059ec3d9
PH
240 ECOND_MATCH_LOCAL_PART,
241 ECOND_OR,
242 ECOND_PAM,
243 ECOND_PWCHECK,
244 ECOND_QUEUE_RUNNING,
245 ECOND_RADIUS,
246 ECOND_SASLAUTHD
247};
248
249
250/* Type for main variable table */
251
252typedef struct {
253 char *name;
254 int type;
255 void *value;
256} var_entry;
257
258/* Type for entries pointing to address/length pairs. Not currently
259in use. */
260
261typedef struct {
262 uschar **address;
263 int *length;
264} alblock;
265
266/* Types of table entry */
267
268enum {
269 vtype_int, /* value is address of int */
270 vtype_filter_int, /* ditto, but recognized only when filtering */
271 vtype_ino, /* value is address of ino_t (not always an int) */
272 vtype_uid, /* value is address of uid_t (not always an int) */
273 vtype_gid, /* value is address of gid_t (not always an int) */
274 vtype_stringptr, /* value is address of pointer to string */
275 vtype_msgbody, /* as stringptr, but read when first required */
276 vtype_msgbody_end, /* ditto, the end of the message */
ff75a1f7
PH
277 vtype_msgheaders, /* the message's headers, processed */
278 vtype_msgheaders_raw, /* the message's headers, unprocessed */
059ec3d9
PH
279 vtype_localpart, /* extract local part from string */
280 vtype_domain, /* extract domain from string */
281 vtype_recipients, /* extract recipients from recipients list */
282 /* (enabled only during system filtering */
283 vtype_todbsdin, /* value not used; generate BSD inbox tod */
284 vtype_tode, /* value not used; generate tod in epoch format */
285 vtype_todf, /* value not used; generate full tod */
286 vtype_todl, /* value not used; generate log tod */
287 vtype_todlf, /* value not used; generate log file datestamp tod */
288 vtype_todzone, /* value not used; generate time zone only */
289 vtype_todzulu, /* value not used; generate zulu tod */
290 vtype_reply, /* value not used; get reply from headers */
291 vtype_pid, /* value not used; result is pid */
292 vtype_host_lookup, /* value not used; get host name */
5cb8cbc6
PH
293 vtype_load_avg, /* value not used; result is int from os_getloadavg */
294 vtype_pspace, /* partition space; value is T/F for spool/log */
8e669ac1 295 vtype_pinodes /* partition inodes; value is T/F for spool/log */
fb2274d4
TK
296#ifdef EXPERIMENTAL_DOMAINKEYS
297 ,vtype_dk_verify /* Serve request out of DomainKeys verification structure */
84330b7b 298#endif
059ec3d9
PH
299 };
300
301/* This table must be kept in alphabetical order. */
302
303static var_entry var_table[] = {
38a0a95f
PH
304 /* WARNING: Do not invent variables whose names start acl_c or acl_m because
305 they will be confused with user-creatable ACL variables. */
059ec3d9
PH
306 { "acl_verify_message", vtype_stringptr, &acl_verify_message },
307 { "address_data", vtype_stringptr, &deliver_address_data },
308 { "address_file", vtype_stringptr, &address_file },
309 { "address_pipe", vtype_stringptr, &address_pipe },
310 { "authenticated_id", vtype_stringptr, &authenticated_id },
311 { "authenticated_sender",vtype_stringptr, &authenticated_sender },
312 { "authentication_failed",vtype_int, &authentication_failed },
8523533c
TK
313#ifdef EXPERIMENTAL_BRIGHTMAIL
314 { "bmi_alt_location", vtype_stringptr, &bmi_alt_location },
315 { "bmi_base64_tracker_verdict", vtype_stringptr, &bmi_base64_tracker_verdict },
316 { "bmi_base64_verdict", vtype_stringptr, &bmi_base64_verdict },
317 { "bmi_deliver", vtype_int, &bmi_deliver },
318#endif
059ec3d9
PH
319 { "body_linecount", vtype_int, &body_linecount },
320 { "body_zerocount", vtype_int, &body_zerocount },
321 { "bounce_recipient", vtype_stringptr, &bounce_recipient },
322 { "bounce_return_size_limit", vtype_int, &bounce_return_size_limit },
323 { "caller_gid", vtype_gid, &real_gid },
324 { "caller_uid", vtype_uid, &real_uid },
325 { "compile_date", vtype_stringptr, &version_date },
326 { "compile_number", vtype_stringptr, &version_cnumber },
e5a9dba6 327 { "csa_status", vtype_stringptr, &csa_status },
8523533c
TK
328#ifdef WITH_OLD_DEMIME
329 { "demime_errorlevel", vtype_int, &demime_errorlevel },
330 { "demime_reason", vtype_stringptr, &demime_reason },
331#endif
fb2274d4
TK
332#ifdef EXPERIMENTAL_DOMAINKEYS
333 { "dk_domain", vtype_stringptr, &dk_signing_domain },
334 { "dk_is_signed", vtype_dk_verify, NULL },
335 { "dk_result", vtype_dk_verify, NULL },
336 { "dk_selector", vtype_stringptr, &dk_signing_selector },
337 { "dk_sender", vtype_dk_verify, NULL },
338 { "dk_sender_domain", vtype_dk_verify, NULL },
339 { "dk_sender_local_part",vtype_dk_verify, NULL },
340 { "dk_sender_source", vtype_dk_verify, NULL },
341 { "dk_signsall", vtype_dk_verify, NULL },
342 { "dk_status", vtype_dk_verify, NULL },
343 { "dk_testing", vtype_dk_verify, NULL },
344#endif
059ec3d9
PH
345 { "dnslist_domain", vtype_stringptr, &dnslist_domain },
346 { "dnslist_text", vtype_stringptr, &dnslist_text },
347 { "dnslist_value", vtype_stringptr, &dnslist_value },
348 { "domain", vtype_stringptr, &deliver_domain },
349 { "domain_data", vtype_stringptr, &deliver_domain_data },
350 { "exim_gid", vtype_gid, &exim_gid },
351 { "exim_path", vtype_stringptr, &exim_path },
352 { "exim_uid", vtype_uid, &exim_uid },
8523533c
TK
353#ifdef WITH_OLD_DEMIME
354 { "found_extension", vtype_stringptr, &found_extension },
8e669ac1 355#endif
059ec3d9
PH
356 { "home", vtype_stringptr, &deliver_home },
357 { "host", vtype_stringptr, &deliver_host },
358 { "host_address", vtype_stringptr, &deliver_host_address },
359 { "host_data", vtype_stringptr, &host_data },
b08b24c8 360 { "host_lookup_deferred",vtype_int, &host_lookup_deferred },
059ec3d9
PH
361 { "host_lookup_failed", vtype_int, &host_lookup_failed },
362 { "inode", vtype_ino, &deliver_inode },
363 { "interface_address", vtype_stringptr, &interface_address },
364 { "interface_port", vtype_int, &interface_port },
365 #ifdef LOOKUP_LDAP
366 { "ldap_dn", vtype_stringptr, &eldap_dn },
367 #endif
368 { "load_average", vtype_load_avg, NULL },
369 { "local_part", vtype_stringptr, &deliver_localpart },
370 { "local_part_data", vtype_stringptr, &deliver_localpart_data },
371 { "local_part_prefix", vtype_stringptr, &deliver_localpart_prefix },
372 { "local_part_suffix", vtype_stringptr, &deliver_localpart_suffix },
373 { "local_scan_data", vtype_stringptr, &local_scan_data },
374 { "local_user_gid", vtype_gid, &local_user_gid },
375 { "local_user_uid", vtype_uid, &local_user_uid },
376 { "localhost_number", vtype_int, &host_number },
5cb8cbc6 377 { "log_inodes", vtype_pinodes, (void *)FALSE },
8e669ac1 378 { "log_space", vtype_pspace, (void *)FALSE },
059ec3d9 379 { "mailstore_basename", vtype_stringptr, &mailstore_basename },
8523533c
TK
380#ifdef WITH_CONTENT_SCAN
381 { "malware_name", vtype_stringptr, &malware_name },
382#endif
059ec3d9
PH
383 { "message_age", vtype_int, &message_age },
384 { "message_body", vtype_msgbody, &message_body },
385 { "message_body_end", vtype_msgbody_end, &message_body_end },
386 { "message_body_size", vtype_int, &message_body_size },
1ab52c69 387 { "message_exim_id", vtype_stringptr, &message_id },
059ec3d9 388 { "message_headers", vtype_msgheaders, NULL },
ff75a1f7 389 { "message_headers_raw", vtype_msgheaders_raw, NULL },
059ec3d9 390 { "message_id", vtype_stringptr, &message_id },
2e0c1448 391 { "message_linecount", vtype_int, &message_linecount },
059ec3d9 392 { "message_size", vtype_int, &message_size },
8523533c
TK
393#ifdef WITH_CONTENT_SCAN
394 { "mime_anomaly_level", vtype_int, &mime_anomaly_level },
395 { "mime_anomaly_text", vtype_stringptr, &mime_anomaly_text },
396 { "mime_boundary", vtype_stringptr, &mime_boundary },
397 { "mime_charset", vtype_stringptr, &mime_charset },
398 { "mime_content_description", vtype_stringptr, &mime_content_description },
399 { "mime_content_disposition", vtype_stringptr, &mime_content_disposition },
400 { "mime_content_id", vtype_stringptr, &mime_content_id },
401 { "mime_content_size", vtype_int, &mime_content_size },
402 { "mime_content_transfer_encoding",vtype_stringptr, &mime_content_transfer_encoding },
403 { "mime_content_type", vtype_stringptr, &mime_content_type },
404 { "mime_decoded_filename", vtype_stringptr, &mime_decoded_filename },
405 { "mime_filename", vtype_stringptr, &mime_filename },
406 { "mime_is_coverletter", vtype_int, &mime_is_coverletter },
407 { "mime_is_multipart", vtype_int, &mime_is_multipart },
408 { "mime_is_rfc822", vtype_int, &mime_is_rfc822 },
409 { "mime_part_count", vtype_int, &mime_part_count },
410#endif
059ec3d9
PH
411 { "n0", vtype_filter_int, &filter_n[0] },
412 { "n1", vtype_filter_int, &filter_n[1] },
413 { "n2", vtype_filter_int, &filter_n[2] },
414 { "n3", vtype_filter_int, &filter_n[3] },
415 { "n4", vtype_filter_int, &filter_n[4] },
416 { "n5", vtype_filter_int, &filter_n[5] },
417 { "n6", vtype_filter_int, &filter_n[6] },
418 { "n7", vtype_filter_int, &filter_n[7] },
419 { "n8", vtype_filter_int, &filter_n[8] },
420 { "n9", vtype_filter_int, &filter_n[9] },
421 { "original_domain", vtype_stringptr, &deliver_domain_orig },
422 { "original_local_part", vtype_stringptr, &deliver_localpart_orig },
423 { "originator_gid", vtype_gid, &originator_gid },
424 { "originator_uid", vtype_uid, &originator_uid },
425 { "parent_domain", vtype_stringptr, &deliver_domain_parent },
426 { "parent_local_part", vtype_stringptr, &deliver_localpart_parent },
427 { "pid", vtype_pid, NULL },
428 { "primary_hostname", vtype_stringptr, &primary_hostname },
fffda43a
TK
429 { "prvscheck_address", vtype_stringptr, &prvscheck_address },
430 { "prvscheck_keynum", vtype_stringptr, &prvscheck_keynum },
431 { "prvscheck_result", vtype_stringptr, &prvscheck_result },
059ec3d9
PH
432 { "qualify_domain", vtype_stringptr, &qualify_domain_sender },
433 { "qualify_recipient", vtype_stringptr, &qualify_domain_recipient },
434 { "rcpt_count", vtype_int, &rcpt_count },
435 { "rcpt_defer_count", vtype_int, &rcpt_defer_count },
436 { "rcpt_fail_count", vtype_int, &rcpt_fail_count },
437 { "received_count", vtype_int, &received_count },
438 { "received_for", vtype_stringptr, &received_for },
194cc0e4
PH
439 { "received_ip_address", vtype_stringptr, &interface_address },
440 { "received_port", vtype_int, &interface_port },
059ec3d9 441 { "received_protocol", vtype_stringptr, &received_protocol },
7dbf77c9 442 { "received_time", vtype_int, &received_time },
059ec3d9 443 { "recipient_data", vtype_stringptr, &recipient_data },
8e669ac1 444 { "recipient_verify_failure",vtype_stringptr,&recipient_verify_failure },
059ec3d9
PH
445 { "recipients", vtype_recipients, NULL },
446 { "recipients_count", vtype_int, &recipients_count },
8523533c
TK
447#ifdef WITH_CONTENT_SCAN
448 { "regex_match_string", vtype_stringptr, &regex_match_string },
449#endif
059ec3d9
PH
450 { "reply_address", vtype_reply, NULL },
451 { "return_path", vtype_stringptr, &return_path },
452 { "return_size_limit", vtype_int, &bounce_return_size_limit },
453 { "runrc", vtype_int, &runrc },
454 { "self_hostname", vtype_stringptr, &self_hostname },
455 { "sender_address", vtype_stringptr, &sender_address },
2a3eea10 456 { "sender_address_data", vtype_stringptr, &sender_address_data },
059ec3d9
PH
457 { "sender_address_domain", vtype_domain, &sender_address },
458 { "sender_address_local_part", vtype_localpart, &sender_address },
459 { "sender_data", vtype_stringptr, &sender_data },
460 { "sender_fullhost", vtype_stringptr, &sender_fullhost },
461 { "sender_helo_name", vtype_stringptr, &sender_helo_name },
462 { "sender_host_address", vtype_stringptr, &sender_host_address },
463 { "sender_host_authenticated",vtype_stringptr, &sender_host_authenticated },
464 { "sender_host_name", vtype_host_lookup, NULL },
465 { "sender_host_port", vtype_int, &sender_host_port },
466 { "sender_ident", vtype_stringptr, &sender_ident },
870f6ba8
TF
467 { "sender_rate", vtype_stringptr, &sender_rate },
468 { "sender_rate_limit", vtype_stringptr, &sender_rate_limit },
469 { "sender_rate_period", vtype_stringptr, &sender_rate_period },
059ec3d9 470 { "sender_rcvhost", vtype_stringptr, &sender_rcvhost },
8e669ac1
PH
471 { "sender_verify_failure",vtype_stringptr, &sender_verify_failure },
472 { "smtp_active_hostname", vtype_stringptr, &smtp_active_hostname },
3ee512ff
PH
473 { "smtp_command", vtype_stringptr, &smtp_cmd_buffer },
474 { "smtp_command_argument", vtype_stringptr, &smtp_cmd_argument },
059ec3d9
PH
475 { "sn0", vtype_filter_int, &filter_sn[0] },
476 { "sn1", vtype_filter_int, &filter_sn[1] },
477 { "sn2", vtype_filter_int, &filter_sn[2] },
478 { "sn3", vtype_filter_int, &filter_sn[3] },
479 { "sn4", vtype_filter_int, &filter_sn[4] },
480 { "sn5", vtype_filter_int, &filter_sn[5] },
481 { "sn6", vtype_filter_int, &filter_sn[6] },
482 { "sn7", vtype_filter_int, &filter_sn[7] },
483 { "sn8", vtype_filter_int, &filter_sn[8] },
484 { "sn9", vtype_filter_int, &filter_sn[9] },
8523533c
TK
485#ifdef WITH_CONTENT_SCAN
486 { "spam_bar", vtype_stringptr, &spam_bar },
487 { "spam_report", vtype_stringptr, &spam_report },
488 { "spam_score", vtype_stringptr, &spam_score },
489 { "spam_score_int", vtype_stringptr, &spam_score_int },
490#endif
491#ifdef EXPERIMENTAL_SPF
492 { "spf_header_comment", vtype_stringptr, &spf_header_comment },
493 { "spf_received", vtype_stringptr, &spf_received },
494 { "spf_result", vtype_stringptr, &spf_result },
495 { "spf_smtp_comment", vtype_stringptr, &spf_smtp_comment },
496#endif
059ec3d9 497 { "spool_directory", vtype_stringptr, &spool_directory },
5cb8cbc6 498 { "spool_inodes", vtype_pinodes, (void *)TRUE },
8e669ac1 499 { "spool_space", vtype_pspace, (void *)TRUE },
8523533c
TK
500#ifdef EXPERIMENTAL_SRS
501 { "srs_db_address", vtype_stringptr, &srs_db_address },
502 { "srs_db_key", vtype_stringptr, &srs_db_key },
503 { "srs_orig_recipient", vtype_stringptr, &srs_orig_recipient },
504 { "srs_orig_sender", vtype_stringptr, &srs_orig_sender },
505 { "srs_recipient", vtype_stringptr, &srs_recipient },
506 { "srs_status", vtype_stringptr, &srs_status },
507#endif
059ec3d9
PH
508 { "thisaddress", vtype_stringptr, &filter_thisaddress },
509 { "tls_certificate_verified", vtype_int, &tls_certificate_verified },
510 { "tls_cipher", vtype_stringptr, &tls_cipher },
511 { "tls_peerdn", vtype_stringptr, &tls_peerdn },
512 { "tod_bsdinbox", vtype_todbsdin, NULL },
513 { "tod_epoch", vtype_tode, NULL },
514 { "tod_full", vtype_todf, NULL },
515 { "tod_log", vtype_todl, NULL },
516 { "tod_logfile", vtype_todlf, NULL },
517 { "tod_zone", vtype_todzone, NULL },
518 { "tod_zulu", vtype_todzulu, NULL },
519 { "value", vtype_stringptr, &lookup_value },
520 { "version_number", vtype_stringptr, &version_string },
521 { "warn_message_delay", vtype_stringptr, &warnmsg_delay },
522 { "warn_message_recipient",vtype_stringptr, &warnmsg_recipients },
523 { "warn_message_recipients",vtype_stringptr,&warnmsg_recipients },
524 { "warnmsg_delay", vtype_stringptr, &warnmsg_delay },
525 { "warnmsg_recipient", vtype_stringptr, &warnmsg_recipients },
526 { "warnmsg_recipients", vtype_stringptr, &warnmsg_recipients }
527};
528
529static int var_table_size = sizeof(var_table)/sizeof(var_entry);
530static uschar var_buffer[256];
531static BOOL malformed_header;
532
533/* For textual hashes */
534
535static char *hashcodes = "abcdefghijklmnopqrtsuvwxyz"
536 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
537 "0123456789";
538
539enum { HMAC_MD5, HMAC_SHA1 };
540
541/* For numeric hashes */
542
543static unsigned int prime[] = {
544 2, 3, 5, 7, 11, 13, 17, 19, 23, 29,
545 31, 37, 41, 43, 47, 53, 59, 61, 67, 71,
546 73, 79, 83, 89, 97, 101, 103, 107, 109, 113};
547
548/* For printing modes in symbolic form */
549
550static uschar *mtable_normal[] =
551 { US"---", US"--x", US"-w-", US"-wx", US"r--", US"r-x", US"rw-", US"rwx" };
552
553static uschar *mtable_setid[] =
554 { US"--S", US"--s", US"-wS", US"-ws", US"r-S", US"r-s", US"rwS", US"rws" };
555
556static uschar *mtable_sticky[] =
557 { US"--T", US"--t", US"-wT", US"-wt", US"r-T", US"r-t", US"rwT", US"rwt" };
558
559
560
561/*************************************************
562* Tables for UTF-8 support *
563*************************************************/
564
565/* Table of the number of extra characters, indexed by the first character
566masked with 0x3f. The highest number for a valid UTF-8 character is in fact
5670x3d. */
568
569static uschar utf8_table1[] = {
570 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
571 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
572 2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,
573 3,3,3,3,3,3,3,3,4,4,4,4,5,5,5,5 };
574
575/* These are the masks for the data bits in the first byte of a character,
576indexed by the number of additional bytes. */
577
578static int utf8_table2[] = { 0xff, 0x1f, 0x0f, 0x07, 0x03, 0x01};
579
580/* Get the next UTF-8 character, advancing the pointer. */
581
582#define GETUTF8INC(c, ptr) \
583 c = *ptr++; \
584 if ((c & 0xc0) == 0xc0) \
585 { \
586 int a = utf8_table1[c & 0x3f]; /* Number of additional bytes */ \
587 int s = 6*a; \
588 c = (c & utf8_table2[a]) << s; \
589 while (a-- > 0) \
590 { \
591 s -= 6; \
592 c |= (*ptr++ & 0x3f) << s; \
593 } \
594 }
595
596
597/*************************************************
598* Binary chop search on a table *
599*************************************************/
600
601/* This is used for matching expansion items and operators.
602
603Arguments:
604 name the name that is being sought
605 table the table to search
606 table_size the number of items in the table
607
608Returns: the offset in the table, or -1
609*/
610
611static int
612chop_match(uschar *name, uschar **table, int table_size)
613{
614uschar **bot = table;
615uschar **top = table + table_size;
616
617while (top > bot)
618 {
619 uschar **mid = bot + (top - bot)/2;
620 int c = Ustrcmp(name, *mid);
621 if (c == 0) return mid - table;
622 if (c > 0) bot = mid + 1; else top = mid;
623 }
624
625return -1;
626}
627
628
629
630/*************************************************
631* Check a condition string *
632*************************************************/
633
634/* This function is called to expand a string, and test the result for a "true"
635or "false" value. Failure of the expansion yields FALSE; logged unless it was a
636forced fail or lookup defer. All store used by the function can be released on
637exit.
638
639Arguments:
640 condition the condition string
641 m1 text to be incorporated in panic error
642 m2 ditto
643
644Returns: TRUE if condition is met, FALSE if not
645*/
646
647BOOL
648expand_check_condition(uschar *condition, uschar *m1, uschar *m2)
649{
650int rc;
651void *reset_point = store_get(0);
652uschar *ss = expand_string(condition);
653if (ss == NULL)
654 {
655 if (!expand_string_forcedfail && !search_find_defer)
656 log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand condition \"%s\" "
657 "for %s %s: %s", condition, m1, m2, expand_string_message);
658 return FALSE;
659 }
660rc = ss[0] != 0 && Ustrcmp(ss, "0") != 0 && strcmpic(ss, US"no") != 0 &&
661 strcmpic(ss, US"false") != 0;
662store_reset(reset_point);
663return rc;
664}
665
666
667
668/*************************************************
669* Pick out a name from a string *
670*************************************************/
671
672/* If the name is too long, it is silently truncated.
673
674Arguments:
675 name points to a buffer into which to put the name
676 max is the length of the buffer
677 s points to the first alphabetic character of the name
678 extras chars other than alphanumerics to permit
679
680Returns: pointer to the first character after the name
681
682Note: The test for *s != 0 in the while loop is necessary because
683Ustrchr() yields non-NULL if the character is zero (which is not something
684I expected). */
685
686static uschar *
687read_name(uschar *name, int max, uschar *s, uschar *extras)
688{
689int ptr = 0;
690while (*s != 0 && (isalnum(*s) || Ustrchr(extras, *s) != NULL))
691 {
692 if (ptr < max-1) name[ptr++] = *s;
693 s++;
694 }
695name[ptr] = 0;
696return s;
697}
698
699
700
701/*************************************************
702* Pick out the rest of a header name *
703*************************************************/
704
705/* A variable name starting $header_ (or just $h_ for those who like
706abbreviations) might not be the complete header name because headers can
707contain any printing characters in their names, except ':'. This function is
708called to read the rest of the name, chop h[eader]_ off the front, and put ':'
709on the end, if the name was terminated by white space.
710
711Arguments:
712 name points to a buffer in which the name read so far exists
713 max is the length of the buffer
714 s points to the first character after the name so far, i.e. the
715 first non-alphameric character after $header_xxxxx
716
717Returns: a pointer to the first character after the header name
718*/
719
720static uschar *
721read_header_name(uschar *name, int max, uschar *s)
722{
723int prelen = Ustrchr(name, '_') - name + 1;
724int ptr = Ustrlen(name) - prelen;
725if (ptr > 0) memmove(name, name+prelen, ptr);
726while (mac_isgraph(*s) && *s != ':')
727 {
728 if (ptr < max-1) name[ptr++] = *s;
729 s++;
730 }
731if (*s == ':') s++;
732name[ptr++] = ':';
733name[ptr] = 0;
734return s;
735}
736
737
738
739/*************************************************
740* Pick out a number from a string *
741*************************************************/
742
743/* Arguments:
744 n points to an integer into which to put the number
745 s points to the first digit of the number
746
747Returns: a pointer to the character after the last digit
748*/
749
750static uschar *
751read_number(int *n, uschar *s)
752{
753*n = 0;
754while (isdigit(*s)) *n = *n * 10 + (*s++ - '0');
755return s;
756}
757
758
759
760/*************************************************
761* Extract keyed subfield from a string *
762*************************************************/
763
764/* The yield is in dynamic store; NULL means that the key was not found.
765
766Arguments:
767 key points to the name of the key
768 s points to the string from which to extract the subfield
769
770Returns: NULL if the subfield was not found, or
771 a pointer to the subfield's data
772*/
773
774static uschar *
775expand_getkeyed(uschar *key, uschar *s)
776{
777int length = Ustrlen(key);
778while (isspace(*s)) s++;
779
780/* Loop to search for the key */
781
782while (*s != 0)
783 {
784 int dkeylength;
785 uschar *data;
786 uschar *dkey = s;
787
788 while (*s != 0 && *s != '=' && !isspace(*s)) s++;
789 dkeylength = s - dkey;
790 while (isspace(*s)) s++;
791 if (*s == '=') while (isspace((*(++s))));
792
793 data = string_dequote(&s);
794 if (length == dkeylength && strncmpic(key, dkey, length) == 0)
795 return data;
796
797 while (isspace(*s)) s++;
798 }
799
800return NULL;
801}
802
803
804
805
806/*************************************************
807* Extract numbered subfield from string *
808*************************************************/
809
810/* Extracts a numbered field from a string that is divided by tokens - for
811example a line from /etc/passwd is divided by colon characters. First field is
812numbered one. Negative arguments count from the right. Zero returns the whole
813string. Returns NULL if there are insufficient tokens in the string
814
815***WARNING***
816Modifies final argument - this is a dynamically generated string, so that's OK.
817
818Arguments:
819 field number of field to be extracted,
820 first field = 1, whole string = 0, last field = -1
821 separators characters that are used to break string into tokens
822 s points to the string from which to extract the subfield
823
824Returns: NULL if the field was not found,
825 a pointer to the field's data inside s (modified to add 0)
826*/
827
828static uschar *
829expand_gettokened (int field, uschar *separators, uschar *s)
830{
831int sep = 1;
832int count;
833uschar *ss = s;
834uschar *fieldtext = NULL;
835
836if (field == 0) return s;
837
838/* Break the line up into fields in place; for field > 0 we stop when we have
839done the number of fields we want. For field < 0 we continue till the end of
840the string, counting the number of fields. */
841
842count = (field > 0)? field : INT_MAX;
843
844while (count-- > 0)
845 {
846 size_t len;
847
848 /* Previous field was the last one in the string. For a positive field
849 number, this means there are not enough fields. For a negative field number,
850 check that there are enough, and scan back to find the one that is wanted. */
851
852 if (sep == 0)
853 {
854 if (field > 0 || (-field) > (INT_MAX - count - 1)) return NULL;
855 if ((-field) == (INT_MAX - count - 1)) return s;
856 while (field++ < 0)
857 {
858 ss--;
859 while (ss[-1] != 0) ss--;
860 }
861 fieldtext = ss;
862 break;
863 }
864
865 /* Previous field was not last in the string; save its start and put a
866 zero at its end. */
867
868 fieldtext = ss;
869 len = Ustrcspn(ss, separators);
870 sep = ss[len];
871 ss[len] = 0;
872 ss += len + 1;
873 }
874
875return fieldtext;
876}
877
878
879
880/*************************************************
881* Extract a substring from a string *
882*************************************************/
883
884/* Perform the ${substr or ${length expansion operations.
885
886Arguments:
887 subject the input string
888 value1 the offset from the start of the input string to the start of
889 the output string; if negative, count from the right.
890 value2 the length of the output string, or negative (-1) for unset
891 if value1 is positive, unset means "all after"
892 if value1 is negative, unset means "all before"
893 len set to the length of the returned string
894
895Returns: pointer to the output string, or NULL if there is an error
896*/
897
898static uschar *
899extract_substr(uschar *subject, int value1, int value2, int *len)
900{
901int sublen = Ustrlen(subject);
902
903if (value1 < 0) /* count from right */
904 {
905 value1 += sublen;
906
907 /* If the position is before the start, skip to the start, and adjust the
908 length. If the length ends up negative, the substring is null because nothing
909 can precede. This falls out naturally when the length is unset, meaning "all
910 to the left". */
911
912 if (value1 < 0)
913 {
914 value2 += value1;
915 if (value2 < 0) value2 = 0;
916 value1 = 0;
917 }
918
919 /* Otherwise an unset length => characters before value1 */
920
921 else if (value2 < 0)
922 {
923 value2 = value1;
924 value1 = 0;
925 }
926 }
927
928/* For a non-negative offset, if the starting position is past the end of the
929string, the result will be the null string. Otherwise, an unset length means
930"rest"; just set it to the maximum - it will be cut down below if necessary. */
931
932else
933 {
934 if (value1 > sublen)
935 {
936 value1 = sublen;
937 value2 = 0;
938 }
939 else if (value2 < 0) value2 = sublen;
940 }
941
942/* Cut the length down to the maximum possible for the offset value, and get
943the required characters. */
944
945if (value1 + value2 > sublen) value2 = sublen - value1;
946*len = value2;
947return subject + value1;
948}
949
950
951
952
953/*************************************************
954* Old-style hash of a string *
955*************************************************/
956
957/* Perform the ${hash expansion operation.
958
959Arguments:
960 subject the input string (an expanded substring)
961 value1 the length of the output string; if greater or equal to the
962 length of the input string, the input string is returned
963 value2 the number of hash characters to use, or 26 if negative
964 len set to the length of the returned string
965
966Returns: pointer to the output string, or NULL if there is an error
967*/
968
969static uschar *
970compute_hash(uschar *subject, int value1, int value2, int *len)
971{
972int sublen = Ustrlen(subject);
973
974if (value2 < 0) value2 = 26;
975else if (value2 > Ustrlen(hashcodes))
976 {
977 expand_string_message =
978 string_sprintf("hash count \"%d\" too big", value2);
979 return NULL;
980 }
981
982/* Calculate the hash text. We know it is shorter than the original string, so
983can safely place it in subject[] (we know that subject is always itself an
984expanded substring). */
985
986if (value1 < sublen)
987 {
988 int c;
989 int i = 0;
990 int j = value1;
991 while ((c = (subject[j])) != 0)
992 {
993 int shift = (c + j++) & 7;
994 subject[i] ^= (c << shift) | (c >> (8-shift));
995 if (++i >= value1) i = 0;
996 }
997 for (i = 0; i < value1; i++)
998 subject[i] = hashcodes[(subject[i]) % value2];
999 }
1000else value1 = sublen;
1001
1002*len = value1;
1003return subject;
1004}
1005
1006
1007
1008
1009/*************************************************
1010* Numeric hash of a string *
1011*************************************************/
1012
1013/* Perform the ${nhash expansion operation. The first characters of the
1014string are treated as most important, and get the highest prime numbers.
1015
1016Arguments:
1017 subject the input string
1018 value1 the maximum value of the first part of the result
1019 value2 the maximum value of the second part of the result,
1020 or negative to produce only a one-part result
1021 len set to the length of the returned string
1022
1023Returns: pointer to the output string, or NULL if there is an error.
1024*/
1025
1026static uschar *
1027compute_nhash (uschar *subject, int value1, int value2, int *len)
1028{
1029uschar *s = subject;
1030int i = 0;
1031unsigned long int total = 0; /* no overflow */
1032
1033while (*s != 0)
1034 {
1035 if (i == 0) i = sizeof(prime)/sizeof(int) - 1;
1036 total += prime[i--] * (unsigned int)(*s++);
1037 }
1038
1039/* If value2 is unset, just compute one number */
1040
1041if (value2 < 0)
1042 {
1043 s = string_sprintf("%d", total % value1);
1044 }
1045
1046/* Otherwise do a div/mod hash */
1047
1048else
1049 {
1050 total = total % (value1 * value2);
1051 s = string_sprintf("%d/%d", total/value2, total % value2);
1052 }
1053
1054*len = Ustrlen(s);
1055return s;
1056}
1057
1058
1059
1060
1061
1062/*************************************************
1063* Find the value of a header or headers *
1064*************************************************/
1065
1066/* Multiple instances of the same header get concatenated, and this function
1067can also return a concatenation of all the header lines. When concatenating
1068specific headers that contain lists of addresses, a comma is inserted between
1069them. Otherwise we use a straight concatenation. Because some messages can have
1070pathologically large number of lines, there is a limit on the length that is
1071returned. Also, to avoid massive store use which would result from using
1072string_cat() as it copies and extends strings, we do a preliminary pass to find
1073out exactly how much store will be needed. On "normal" messages this will be
1074pretty trivial.
1075
1076Arguments:
1077 name the name of the header, without the leading $header_ or $h_,
1078 or NULL if a concatenation of all headers is required
1079 exists_only TRUE if called from a def: test; don't need to build a string;
1080 just return a string that is not "" and not "0" if the header
1081 exists
1082 newsize return the size of memory block that was obtained; may be NULL
1083 if exists_only is TRUE
1084 want_raw TRUE if called for $rh_ or $rheader_ variables; no processing,
ff75a1f7
PH
1085 other than concatenating, will be done on the header. Also used
1086 for $message_headers_raw.
059ec3d9
PH
1087 charset name of charset to translate MIME words to; used only if
1088 want_raw is false; if NULL, no translation is done (this is
1089 used for $bh_ and $bheader_)
1090
1091Returns: NULL if the header does not exist, else a pointer to a new
1092 store block
1093*/
1094
1095static uschar *
1096find_header(uschar *name, BOOL exists_only, int *newsize, BOOL want_raw,
1097 uschar *charset)
1098{
1099BOOL found = name == NULL;
1100int comma = 0;
1101int len = found? 0 : Ustrlen(name);
1102int i;
1103uschar *yield = NULL;
1104uschar *ptr = NULL;
1105
1106/* Loop for two passes - saves code repetition */
1107
1108for (i = 0; i < 2; i++)
1109 {
1110 int size = 0;
1111 header_line *h;
1112
1113 for (h = header_list; size < header_insert_maxlen && h != NULL; h = h->next)
1114 {
1115 if (h->type != htype_old && h->text != NULL) /* NULL => Received: placeholder */
1116 {
1117 if (name == NULL || (len <= h->slen && strncmpic(name, h->text, len) == 0))
1118 {
1119 int ilen;
1120 uschar *t;
1121
1122 if (exists_only) return US"1"; /* don't need actual string */
1123 found = TRUE;
1124 t = h->text + len; /* text to insert */
1125 if (!want_raw) /* unless wanted raw, */
1126 while (isspace(*t)) t++; /* remove leading white space */
1127 ilen = h->slen - (t - h->text); /* length to insert */
1128
fd700877
PH
1129 /* Unless wanted raw, remove trailing whitespace, including the
1130 newline. */
1131
1132 if (!want_raw)
1133 while (ilen > 0 && isspace(t[ilen-1])) ilen--;
1134
059ec3d9
PH
1135 /* Set comma = 1 if handling a single header and it's one of those
1136 that contains an address list, except when asked for raw headers. Only
1137 need to do this once. */
1138
1139 if (!want_raw && name != NULL && comma == 0 &&
1140 Ustrchr("BCFRST", h->type) != NULL)
1141 comma = 1;
1142
1143 /* First pass - compute total store needed; second pass - compute
1144 total store used, including this header. */
1145
fd700877 1146 size += ilen + comma + 1; /* +1 for the newline */
059ec3d9
PH
1147
1148 /* Second pass - concatentate the data, up to a maximum. Note that
1149 the loop stops when size hits the limit. */
1150
1151 if (i != 0)
1152 {
1153 if (size > header_insert_maxlen)
1154 {
fd700877 1155 ilen -= size - header_insert_maxlen - 1;
059ec3d9
PH
1156 comma = 0;
1157 }
1158 Ustrncpy(ptr, t, ilen);
1159 ptr += ilen;
fd700877
PH
1160
1161 /* For a non-raw header, put in the comma if needed, then add
3168332a
PH
1162 back the newline we removed above, provided there was some text in
1163 the header. */
fd700877 1164
3168332a 1165 if (!want_raw && ilen > 0)
059ec3d9 1166 {
3168332a 1167 if (comma != 0) *ptr++ = ',';
059ec3d9
PH
1168 *ptr++ = '\n';
1169 }
1170 }
1171 }
1172 }
1173 }
1174
fd700877
PH
1175 /* At end of first pass, return NULL if no header found. Then truncate size
1176 if necessary, and get the buffer to hold the data, returning the buffer size.
1177 */
059ec3d9
PH
1178
1179 if (i == 0)
1180 {
1181 if (!found) return NULL;
1182 if (size > header_insert_maxlen) size = header_insert_maxlen;
1183 *newsize = size + 1;
1184 ptr = yield = store_get(*newsize);
1185 }
1186 }
1187
059ec3d9
PH
1188/* That's all we do for raw header expansion. */
1189
1190if (want_raw)
1191 {
1192 *ptr = 0;
1193 }
1194
fd700877
PH
1195/* Otherwise, remove a final newline and a redundant added comma. Then we do
1196RFC 2047 decoding, translating the charset if requested. The rfc2047_decode2()
059ec3d9
PH
1197function can return an error with decoded data if the charset translation
1198fails. If decoding fails, it returns NULL. */
1199
1200else
1201 {
1202 uschar *decoded, *error;
3168332a 1203 if (ptr > yield && ptr[-1] == '\n') ptr--;
fd700877 1204 if (ptr > yield && comma != 0 && ptr[-1] == ',') ptr--;
059ec3d9 1205 *ptr = 0;
a0d6ba8a
PH
1206 decoded = rfc2047_decode2(yield, check_rfc2047_length, charset, '?', NULL,
1207 newsize, &error);
059ec3d9
PH
1208 if (error != NULL)
1209 {
1210 DEBUG(D_any) debug_printf("*** error in RFC 2047 decoding: %s\n"
1211 " input was: %s\n", error, yield);
1212 }
1213 if (decoded != NULL) yield = decoded;
1214 }
1215
1216return yield;
1217}
1218
1219
1220
1221
1222/*************************************************
1223* Find value of a variable *
1224*************************************************/
1225
1226/* The table of variables is kept in alphabetic order, so we can search it
1227using a binary chop. The "choplen" variable is nothing to do with the binary
1228chop.
1229
1230Arguments:
1231 name the name of the variable being sought
1232 exists_only TRUE if this is a def: test; passed on to find_header()
1233 skipping TRUE => skip any processing evaluation; this is not the same as
1234 exists_only because def: may test for values that are first
1235 evaluated here
1236 newsize pointer to an int which is initially zero; if the answer is in
1237 a new memory buffer, *newsize is set to its size
1238
1239Returns: NULL if the variable does not exist, or
1240 a pointer to the variable's contents, or
1241 something non-NULL if exists_only is TRUE
1242*/
1243
1244static uschar *
1245find_variable(uschar *name, BOOL exists_only, BOOL skipping, int *newsize)
1246{
1247int first = 0;
1248int last = var_table_size;
1249
38a0a95f
PH
1250/* Handle ACL variables, whose names are of the form acl_cxxx or acl_mxxx.
1251Originally, xxx had to be a number in the range 0-9 (later 0-19), but from
1252release 4.64 onwards arbitrary names are permitted, as long as the first 5
641cb756
PH
1253characters are acl_c or acl_m and the sixth is either a digit or an underscore
1254(this gave backwards compatibility at the changeover). There may be built-in
1255variables whose names start acl_ but they should never start in this way. This
1256slightly messy specification is a consequence of the history, needless to say.
47ca6d6c 1257
38a0a95f
PH
1258If an ACL variable does not exist, treat it as empty, unless strict_acl_vars is
1259set, in which case give an error. */
47ca6d6c 1260
641cb756
PH
1261if ((Ustrncmp(name, "acl_c", 5) == 0 || Ustrncmp(name, "acl_m", 5) == 0) &&
1262 !isalpha(name[5]))
38a0a95f
PH
1263 {
1264 tree_node *node =
1265 tree_search((name[4] == 'c')? acl_var_c : acl_var_m, name + 4);
1266 return (node == NULL)? (strict_acl_vars? NULL : US"") : node->data.ptr;
47ca6d6c
PH
1267 }
1268
38a0a95f 1269/* Handle $auth<n> variables. */
f78eb7c6
PH
1270
1271if (Ustrncmp(name, "auth", 4) == 0)
1272 {
1273 uschar *endptr;
1274 int n = Ustrtoul(name + 4, &endptr, 10);
1275 if (*endptr == 0 && n != 0 && n <= AUTH_VARS)
1276 return (auth_vars[n-1] == NULL)? US"" : auth_vars[n-1];
1277 }
1278
47ca6d6c
PH
1279/* For all other variables, search the table */
1280
059ec3d9
PH
1281while (last > first)
1282 {
1283 uschar *s, *domain;
1284 uschar **ss;
1285 int middle = (first + last)/2;
1286 int c = Ustrcmp(name, var_table[middle].name);
1287
1288 if (c > 0) { first = middle + 1; continue; }
1289 if (c < 0) { last = middle; continue; }
1290
1291 /* Found an existing variable. If in skipping state, the value isn't needed,
47ca6d6c 1292 and we want to avoid processing (such as looking up the host name). */
059ec3d9
PH
1293
1294 if (skipping) return US"";
1295
1296 switch (var_table[middle].type)
1297 {
fb2274d4
TK
1298#ifdef EXPERIMENTAL_DOMAINKEYS
1299
1300 case vtype_dk_verify:
cacfbf29 1301 if (dk_verify_block == NULL) return US"";
fb2274d4
TK
1302 s = NULL;
1303 if (Ustrcmp(var_table[middle].name, "dk_result") == 0)
1304 s = dk_verify_block->result_string;
1305 if (Ustrcmp(var_table[middle].name, "dk_sender") == 0)
1306 s = dk_verify_block->address;
1307 if (Ustrcmp(var_table[middle].name, "dk_sender_domain") == 0)
1308 s = dk_verify_block->domain;
1309 if (Ustrcmp(var_table[middle].name, "dk_sender_local_part") == 0)
1310 s = dk_verify_block->local_part;
84330b7b 1311
fb2274d4
TK
1312 if (Ustrcmp(var_table[middle].name, "dk_sender_source") == 0)
1313 switch(dk_verify_block->address_source) {
a8d97c8a
PH
1314 case DK_EXIM_ADDRESS_NONE: s = US"0"; break;
1315 case DK_EXIM_ADDRESS_FROM_FROM: s = US"from"; break;
1316 case DK_EXIM_ADDRESS_FROM_SENDER: s = US"sender"; break;
fb2274d4
TK
1317 }
1318
1319 if (Ustrcmp(var_table[middle].name, "dk_status") == 0)
1320 switch(dk_verify_block->result) {
a8d97c8a
PH
1321 case DK_EXIM_RESULT_ERR: s = US"error"; break;
1322 case DK_EXIM_RESULT_BAD_FORMAT: s = US"bad format"; break;
1323 case DK_EXIM_RESULT_NO_KEY: s = US"no key"; break;
1324 case DK_EXIM_RESULT_NO_SIGNATURE: s = US"no signature"; break;
1325 case DK_EXIM_RESULT_REVOKED: s = US"revoked"; break;
1326 case DK_EXIM_RESULT_NON_PARTICIPANT: s = US"non-participant"; break;
1327 case DK_EXIM_RESULT_GOOD: s = US"good"; break;
1328 case DK_EXIM_RESULT_BAD: s = US"bad"; break;
fb2274d4 1329 }
84330b7b 1330
fb2274d4 1331 if (Ustrcmp(var_table[middle].name, "dk_signsall") == 0)
a8d97c8a 1332 s = (dk_verify_block->signsall)? US"1" : US"0";
84330b7b 1333
fb2274d4 1334 if (Ustrcmp(var_table[middle].name, "dk_testing") == 0)
a8d97c8a 1335 s = (dk_verify_block->testing)? US"1" : US"0";
84330b7b 1336
fb2274d4 1337 if (Ustrcmp(var_table[middle].name, "dk_is_signed") == 0)
a8d97c8a 1338 s = (dk_verify_block->is_signed)? US"1" : US"0";
84330b7b 1339
fb2274d4
TK
1340 return (s == NULL)? US"" : s;
1341#endif
1342
9a26b6b2
PH
1343 case vtype_filter_int:
1344 if (!filter_running) return NULL;
1345 /* Fall through */
1346 /* VVVVVVVVVVVV */
059ec3d9
PH
1347 case vtype_int:
1348 sprintf(CS var_buffer, "%d", *(int *)(var_table[middle].value)); /* Integer */
1349 return var_buffer;
1350
1351 case vtype_ino:
1352 sprintf(CS var_buffer, "%ld", (long int)(*(ino_t *)(var_table[middle].value))); /* Inode */
1353 return var_buffer;
1354
1355 case vtype_gid:
1356 sprintf(CS var_buffer, "%ld", (long int)(*(gid_t *)(var_table[middle].value))); /* gid */
1357 return var_buffer;
1358
1359 case vtype_uid:
1360 sprintf(CS var_buffer, "%ld", (long int)(*(uid_t *)(var_table[middle].value))); /* uid */
1361 return var_buffer;
1362
1363 case vtype_stringptr: /* Pointer to string */
1364 s = *((uschar **)(var_table[middle].value));
1365 return (s == NULL)? US"" : s;
1366
1367 case vtype_pid:
1368 sprintf(CS var_buffer, "%d", (int)getpid()); /* pid */
1369 return var_buffer;
1370
1371 case vtype_load_avg:
1372 sprintf(CS var_buffer, "%d", os_getloadavg()); /* load_average */
1373 return var_buffer;
1374
1375 case vtype_host_lookup: /* Lookup if not done so */
1376 if (sender_host_name == NULL && sender_host_address != NULL &&
1377 !host_lookup_failed && host_name_lookup() == OK)
1378 host_build_sender_fullhost();
1379 return (sender_host_name == NULL)? US"" : sender_host_name;
1380
1381 case vtype_localpart: /* Get local part from address */
1382 s = *((uschar **)(var_table[middle].value));
1383 if (s == NULL) return US"";
1384 domain = Ustrrchr(s, '@');
1385 if (domain == NULL) return s;
1386 if (domain - s > sizeof(var_buffer) - 1)
1387 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "local part longer than %d in "
1388 "string expansion", sizeof(var_buffer));
1389 Ustrncpy(var_buffer, s, domain - s);
1390 var_buffer[domain - s] = 0;
1391 return var_buffer;
1392
1393 case vtype_domain: /* Get domain from address */
1394 s = *((uschar **)(var_table[middle].value));
1395 if (s == NULL) return US"";
1396 domain = Ustrrchr(s, '@');
1397 return (domain == NULL)? US"" : domain + 1;
1398
1399 case vtype_msgheaders:
1400 return find_header(NULL, exists_only, newsize, FALSE, NULL);
1401
ff75a1f7
PH
1402 case vtype_msgheaders_raw:
1403 return find_header(NULL, exists_only, newsize, TRUE, NULL);
1404
059ec3d9
PH
1405 case vtype_msgbody: /* Pointer to msgbody string */
1406 case vtype_msgbody_end: /* Ditto, the end of the msg */
1407 ss = (uschar **)(var_table[middle].value);
1408 if (*ss == NULL && deliver_datafile >= 0) /* Read body when needed */
1409 {
1410 uschar *body;
0d7eb84a 1411 off_t start_offset = SPOOL_DATA_START_OFFSET;
059ec3d9
PH
1412 int len = message_body_visible;
1413 if (len > message_size) len = message_size;
1414 *ss = body = store_malloc(len+1);
1415 body[0] = 0;
1416 if (var_table[middle].type == vtype_msgbody_end)
1417 {
1418 struct stat statbuf;
1419 if (fstat(deliver_datafile, &statbuf) == 0)
1420 {
1421 start_offset = statbuf.st_size - len;
1422 if (start_offset < SPOOL_DATA_START_OFFSET)
1423 start_offset = SPOOL_DATA_START_OFFSET;
1424 }
1425 }
1426 lseek(deliver_datafile, start_offset, SEEK_SET);
1427 len = read(deliver_datafile, body, len);
1428 if (len > 0)
1429 {
1430 body[len] = 0;
1431 while (len > 0)
1432 {
1433 if (body[--len] == '\n' || body[len] == 0) body[len] = ' ';
1434 }
1435 }
1436 }
1437 return (*ss == NULL)? US"" : *ss;
1438
1439 case vtype_todbsdin: /* BSD inbox time of day */
1440 return tod_stamp(tod_bsdin);
1441
1442 case vtype_tode: /* Unix epoch time of day */
1443 return tod_stamp(tod_epoch);
1444
1445 case vtype_todf: /* Full time of day */
1446 return tod_stamp(tod_full);
1447
1448 case vtype_todl: /* Log format time of day */
1449 return tod_stamp(tod_log_bare); /* (without timezone) */
1450
1451 case vtype_todzone: /* Time zone offset only */
1452 return tod_stamp(tod_zone);
1453
1454 case vtype_todzulu: /* Zulu time */
1455 return tod_stamp(tod_zulu);
1456
1457 case vtype_todlf: /* Log file datestamp tod */
1458 return tod_stamp(tod_log_datestamp);
1459
1460 case vtype_reply: /* Get reply address */
c8ea1597 1461 s = find_header(US"reply-to:", exists_only, newsize, TRUE,
059ec3d9 1462 headers_charset);
6979240a 1463 if (s != NULL) while (isspace(*s)) s++;
059ec3d9 1464 if (s == NULL || *s == 0)
41a13e0a
PH
1465 {
1466 *newsize = 0; /* For the *s==0 case */
c8ea1597
PH
1467 s = find_header(US"from:", exists_only, newsize, TRUE, headers_charset);
1468 }
1469 if (s != NULL)
1470 {
1471 uschar *t;
1472 while (isspace(*s)) s++;
1473 for (t = s; *t != 0; t++) if (*t == '\n') *t = ' ';
6979240a
PH
1474 while (t > s && isspace(t[-1])) t--;
1475 *t = 0;
41a13e0a 1476 }
059ec3d9
PH
1477 return (s == NULL)? US"" : s;
1478
1479 /* A recipients list is available only during system message filtering,
1480 during ACL processing after DATA, and while expanding pipe commands
1481 generated from a system filter, but not elsewhere. */
1482
1483 case vtype_recipients:
1484 if (!enable_dollar_recipients) return NULL; else
1485 {
1486 int size = 128;
1487 int ptr = 0;
1488 int i;
1489 s = store_get(size);
1490 for (i = 0; i < recipients_count; i++)
1491 {
1492 if (i != 0) s = string_cat(s, &size, &ptr, US", ", 2);
1493 s = string_cat(s, &size, &ptr, recipients_list[i].address,
1494 Ustrlen(recipients_list[i].address));
1495 }
1496 s[ptr] = 0; /* string_cat() leaves room */
1497 }
1498 return s;
8e669ac1 1499
5cb8cbc6
PH
1500 case vtype_pspace:
1501 {
1502 int inodes;
8e669ac1
PH
1503 sprintf(CS var_buffer, "%d",
1504 receive_statvfs(var_table[middle].value == (void *)TRUE, &inodes));
5cb8cbc6
PH
1505 }
1506 return var_buffer;
8e669ac1 1507
5cb8cbc6
PH
1508 case vtype_pinodes:
1509 {
1510 int inodes;
8e669ac1 1511 (void) receive_statvfs(var_table[middle].value == (void *)TRUE, &inodes);
5cb8cbc6
PH
1512 sprintf(CS var_buffer, "%d", inodes);
1513 }
1514 return var_buffer;
059ec3d9
PH
1515 }
1516 }
1517
1518return NULL; /* Unknown variable name */
1519}
1520
1521
1522
1523
1524/*************************************************
1525* Read and expand substrings *
1526*************************************************/
1527
1528/* This function is called to read and expand argument substrings for various
1529expansion items. Some have a minimum requirement that is less than the maximum;
1530in these cases, the first non-present one is set to NULL.
1531
1532Arguments:
1533 sub points to vector of pointers to set
1534 n maximum number of substrings
1535 m minimum required
1536 sptr points to current string pointer
1537 skipping the skipping flag
1538 check_end if TRUE, check for final '}'
1539 name name of item, for error message
1540
1541Returns: 0 OK; string pointer updated
1542 1 curly bracketing error (too few arguments)
1543 2 too many arguments (only if check_end is set); message set
1544 3 other error (expansion failure)
1545*/
1546
1547static int
1548read_subs(uschar **sub, int n, int m, uschar **sptr, BOOL skipping,
1549 BOOL check_end, uschar *name)
1550{
1551int i;
1552uschar *s = *sptr;
1553
1554while (isspace(*s)) s++;
1555for (i = 0; i < n; i++)
1556 {
1557 if (*s != '{')
1558 {
1559 if (i < m) return 1;
1560 sub[i] = NULL;
1561 break;
1562 }
1563 sub[i] = expand_string_internal(s+1, TRUE, &s, skipping);
1564 if (sub[i] == NULL) return 3;
1565 if (*s++ != '}') return 1;
1566 while (isspace(*s)) s++;
1567 }
1568if (check_end && *s++ != '}')
1569 {
1570 if (s[-1] == '{')
1571 {
1572 expand_string_message = string_sprintf("Too many arguments for \"%s\" "
1573 "(max is %d)", name, n);
1574 return 2;
1575 }
1576 return 1;
1577 }
1578
1579*sptr = s;
1580return 0;
1581}
1582
1583
1584
1585
1586/*************************************************
641cb756
PH
1587* Elaborate message for bad variable *
1588*************************************************/
1589
1590/* For the "unknown variable" message, take a look at the variable's name, and
1591give additional information about possible ACL variables. The extra information
1592is added on to expand_string_message.
1593
1594Argument: the name of the variable
1595Returns: nothing
1596*/
1597
1598static void
1599check_variable_error_message(uschar *name)
1600{
1601if (Ustrncmp(name, "acl_", 4) == 0)
1602 expand_string_message = string_sprintf("%s (%s)", expand_string_message,
1603 (name[4] == 'c' || name[4] == 'm')?
1604 (isalpha(name[5])?
1605 US"6th character of a user-defined ACL variable must be a digit or underscore" :
1606 US"strict_acl_vars is set" /* Syntax is OK, it has to be this */
1607 ) :
1608 US"user-defined ACL variables must start acl_c or acl_m");
1609}
1610
1611
1612
1613/*************************************************
059ec3d9
PH
1614* Read and evaluate a condition *
1615*************************************************/
1616
1617/*
1618Arguments:
1619 s points to the start of the condition text
1620 yield points to a BOOL to hold the result of the condition test;
1621 if NULL, we are just reading through a condition that is
1622 part of an "or" combination to check syntax, or in a state
1623 where the answer isn't required
1624
1625Returns: a pointer to the first character after the condition, or
1626 NULL after an error
1627*/
1628
1629static uschar *
1630eval_condition(uschar *s, BOOL *yield)
1631{
1632BOOL testfor = TRUE;
1633BOOL tempcond, combined_cond;
1634BOOL *subcondptr;
1635int i, rc, cond_type, roffset;
1636int num[2];
1637struct stat statbuf;
1638uschar name[256];
1639uschar *sub[4];
1640
1641const pcre *re;
1642const uschar *rerror;
1643
1644for (;;)
1645 {
1646 while (isspace(*s)) s++;
1647 if (*s == '!') { testfor = !testfor; s++; } else break;
1648 }
1649
1650/* Numeric comparisons are symbolic */
1651
1652if (*s == '=' || *s == '>' || *s == '<')
1653 {
1654 int p = 0;
1655 name[p++] = *s++;
1656 if (*s == '=')
1657 {
1658 name[p++] = '=';
1659 s++;
1660 }
1661 name[p] = 0;
1662 }
1663
1664/* All other conditions are named */
1665
1666else s = read_name(name, 256, s, US"_");
1667
1668/* If we haven't read a name, it means some non-alpha character is first. */
1669
1670if (name[0] == 0)
1671 {
1672 expand_string_message = string_sprintf("condition name expected, "
1673 "but found \"%.16s\"", s);
1674 return NULL;
1675 }
1676
1677/* Find which condition we are dealing with, and switch on it */
1678
1679cond_type = chop_match(name, cond_table, sizeof(cond_table)/sizeof(uschar *));
1680switch(cond_type)
1681 {
9b4768fa
PH
1682 /* def: tests for a non-empty variable, or for the existence of a header. If
1683 yield == NULL we are in a skipping state, and don't care about the answer. */
059ec3d9
PH
1684
1685 case ECOND_DEF:
1686 if (*s != ':')
1687 {
1688 expand_string_message = US"\":\" expected after \"def\"";
1689 return NULL;
1690 }
1691
1692 s = read_name(name, 256, s+1, US"_");
1693
0d85fa3f
PH
1694 /* Test for a header's existence. If the name contains a closing brace
1695 character, this may be a user error where the terminating colon has been
1696 omitted. Set a flag to adjust a subsequent error message in this case. */
059ec3d9
PH
1697
1698 if (Ustrncmp(name, "h_", 2) == 0 ||
1699 Ustrncmp(name, "rh_", 3) == 0 ||
1700 Ustrncmp(name, "bh_", 3) == 0 ||
1701 Ustrncmp(name, "header_", 7) == 0 ||
1702 Ustrncmp(name, "rheader_", 8) == 0 ||
1703 Ustrncmp(name, "bheader_", 8) == 0)
1704 {
1705 s = read_header_name(name, 256, s);
0d85fa3f 1706 if (Ustrchr(name, '}') != NULL) malformed_header = TRUE;
059ec3d9
PH
1707 if (yield != NULL) *yield =
1708 (find_header(name, TRUE, NULL, FALSE, NULL) != NULL) == testfor;
1709 }
1710
9b4768fa
PH
1711 /* Test for a variable's having a non-empty value. A non-existent variable
1712 causes an expansion failure. */
059ec3d9
PH
1713
1714 else
1715 {
1716 uschar *value = find_variable(name, TRUE, yield == NULL, NULL);
1717 if (value == NULL)
1718 {
1719 expand_string_message = (name[0] == 0)?
1720 string_sprintf("variable name omitted after \"def:\"") :
1721 string_sprintf("unknown variable \"%s\" after \"def:\"", name);
641cb756 1722 check_variable_error_message(name);
059ec3d9
PH
1723 return NULL;
1724 }
9b4768fa 1725 if (yield != NULL) *yield = (value[0] != 0) == testfor;
059ec3d9
PH
1726 }
1727
1728 return s;
1729
1730
1731 /* first_delivery tests for first delivery attempt */
1732
1733 case ECOND_FIRST_DELIVERY:
1734 if (yield != NULL) *yield = deliver_firsttime == testfor;
1735 return s;
1736
1737
1738 /* queue_running tests for any process started by a queue runner */
1739
1740 case ECOND_QUEUE_RUNNING:
1741 if (yield != NULL) *yield = (queue_run_pid != (pid_t)0) == testfor;
1742 return s;
1743
1744
1745 /* exists: tests for file existence
1746 isip: tests for any IP address
1747 isip4: tests for an IPv4 address
1748 isip6: tests for an IPv6 address
1749 pam: does PAM authentication
1750 radius: does RADIUS authentication
1751 ldapauth: does LDAP authentication
1752 pwcheck: does Cyrus SASL pwcheck authentication
1753 */
1754
1755 case ECOND_EXISTS:
1756 case ECOND_ISIP:
1757 case ECOND_ISIP4:
1758 case ECOND_ISIP6:
1759 case ECOND_PAM:
1760 case ECOND_RADIUS:
1761 case ECOND_LDAPAUTH:
1762 case ECOND_PWCHECK:
1763
1764 while (isspace(*s)) s++;
1765 if (*s != '{') goto COND_FAILED_CURLY_START;
1766
1767 sub[0] = expand_string_internal(s+1, TRUE, &s, yield == NULL);
1768 if (sub[0] == NULL) return NULL;
1769 if (*s++ != '}') goto COND_FAILED_CURLY_END;
1770
1771 if (yield == NULL) return s; /* No need to run the test if skipping */
1772
1773 switch(cond_type)
1774 {
1775 case ECOND_EXISTS:
1776 if ((expand_forbid & RDO_EXISTS) != 0)
1777 {
1778 expand_string_message = US"File existence tests are not permitted";
1779 return NULL;
1780 }
1781 *yield = (Ustat(sub[0], &statbuf) == 0) == testfor;
1782 break;
1783
1784 case ECOND_ISIP:
1785 case ECOND_ISIP4:
1786 case ECOND_ISIP6:
1787 rc = string_is_ip_address(sub[0], NULL);
7e66e54d 1788 *yield = ((cond_type == ECOND_ISIP)? (rc != 0) :
059ec3d9
PH
1789 (cond_type == ECOND_ISIP4)? (rc == 4) : (rc == 6)) == testfor;
1790 break;
1791
1792 /* Various authentication tests - all optionally compiled */
1793
1794 case ECOND_PAM:
1795 #ifdef SUPPORT_PAM
1796 rc = auth_call_pam(sub[0], &expand_string_message);
1797 goto END_AUTH;
1798 #else
1799 goto COND_FAILED_NOT_COMPILED;
1800 #endif /* SUPPORT_PAM */
1801
1802 case ECOND_RADIUS:
1803 #ifdef RADIUS_CONFIG_FILE
1804 rc = auth_call_radius(sub[0], &expand_string_message);
1805 goto END_AUTH;
1806 #else
1807 goto COND_FAILED_NOT_COMPILED;
1808 #endif /* RADIUS_CONFIG_FILE */
1809
1810 case ECOND_LDAPAUTH:
1811 #ifdef LOOKUP_LDAP
1812 {
1813 /* Just to keep the interface the same */
1814 BOOL do_cache;
1815 int old_pool = store_pool;
1816 store_pool = POOL_SEARCH;
1817 rc = eldapauth_find((void *)(-1), NULL, sub[0], Ustrlen(sub[0]), NULL,
1818 &expand_string_message, &do_cache);
1819 store_pool = old_pool;
1820 }
1821 goto END_AUTH;
1822 #else
1823 goto COND_FAILED_NOT_COMPILED;
1824 #endif /* LOOKUP_LDAP */
1825
1826 case ECOND_PWCHECK:
1827 #ifdef CYRUS_PWCHECK_SOCKET
1828 rc = auth_call_pwcheck(sub[0], &expand_string_message);
1829 goto END_AUTH;
1830 #else
1831 goto COND_FAILED_NOT_COMPILED;
1832 #endif /* CYRUS_PWCHECK_SOCKET */
1833
1834 #if defined(SUPPORT_PAM) || defined(RADIUS_CONFIG_FILE) || \
1835 defined(LOOKUP_LDAP) || defined(CYRUS_PWCHECK_SOCKET)
1836 END_AUTH:
1837 if (rc == ERROR || rc == DEFER) return NULL;
1838 *yield = (rc == OK) == testfor;
1839 #endif
1840 }
1841 return s;
1842
1843
1844 /* saslauthd: does Cyrus saslauthd authentication. Four parameters are used:
1845
1846 ${if saslauthd {{username}{password}{service}{realm}} {yes}[no}}
1847
1848 However, the last two are optional. That is why the whole set is enclosed
1849 in their own set or braces. */
1850
1851 case ECOND_SASLAUTHD:
1852 #ifndef CYRUS_SASLAUTHD_SOCKET
1853 goto COND_FAILED_NOT_COMPILED;
1854 #else
1855 while (isspace(*s)) s++;
1856 if (*s++ != '{') goto COND_FAILED_CURLY_START;
1857 switch(read_subs(sub, 4, 2, &s, yield == NULL, TRUE, US"saslauthd"))
1858 {
1859 case 1: expand_string_message = US"too few arguments or bracketing "
1860 "error for saslauthd";
1861 case 2:
1862 case 3: return NULL;
1863 }
1864 if (sub[2] == NULL) sub[3] = NULL; /* realm if no service */
1865 if (yield != NULL)
1866 {
1867 int rc;
1868 rc = auth_call_saslauthd(sub[0], sub[1], sub[2], sub[3],
1869 &expand_string_message);
1870 if (rc == ERROR || rc == DEFER) return NULL;
1871 *yield = (rc == OK) == testfor;
1872 }
1873 return s;
1874 #endif /* CYRUS_SASLAUTHD_SOCKET */
1875
1876
1877 /* symbolic operators for numeric and string comparison, and a number of
1878 other operators, all requiring two arguments.
1879
1880 match: does a regular expression match and sets up the numerical
1881 variables if it succeeds
1882 match_address: matches in an address list
1883 match_domain: matches in a domain list
32d668a5 1884 match_ip: matches a host list that is restricted to IP addresses
059ec3d9
PH
1885 match_local_part: matches in a local part list
1886 crypteq: encrypts plaintext and compares against an encrypted text,
1887 using crypt(), crypt16(), MD5 or SHA-1
1888 */
1889
1890 case ECOND_MATCH:
1891 case ECOND_MATCH_ADDRESS:
1892 case ECOND_MATCH_DOMAIN:
32d668a5 1893 case ECOND_MATCH_IP:
059ec3d9
PH
1894 case ECOND_MATCH_LOCAL_PART:
1895 case ECOND_CRYPTEQ:
1896
1897 case ECOND_NUM_L: /* Numerical comparisons */
1898 case ECOND_NUM_LE:
1899 case ECOND_NUM_E:
1900 case ECOND_NUM_EE:
1901 case ECOND_NUM_G:
1902 case ECOND_NUM_GE:
1903
1904 case ECOND_STR_LT: /* String comparisons */
1905 case ECOND_STR_LTI:
1906 case ECOND_STR_LE:
1907 case ECOND_STR_LEI:
1908 case ECOND_STR_EQ:
1909 case ECOND_STR_EQI:
1910 case ECOND_STR_GT:
1911 case ECOND_STR_GTI:
1912 case ECOND_STR_GE:
1913 case ECOND_STR_GEI:
1914
1915 for (i = 0; i < 2; i++)
1916 {
1917 while (isspace(*s)) s++;
1918 if (*s != '{')
1919 {
1920 if (i == 0) goto COND_FAILED_CURLY_START;
1921 expand_string_message = string_sprintf("missing 2nd string in {} "
1922 "after \"%s\"", name);
1923 return NULL;
1924 }
1925 sub[i] = expand_string_internal(s+1, TRUE, &s, yield == NULL);
1926 if (sub[i] == NULL) return NULL;
1927 if (*s++ != '}') goto COND_FAILED_CURLY_END;
1928
1929 /* Convert to numerical if required; we know that the names of all the
1930 conditions that compare numbers do not start with a letter. This just saves
1931 checking for them individually. */
1932
1933 if (!isalpha(name[0]))
1934 {
d45b1de8
PH
1935 num[i] = expand_string_integer(sub[i], FALSE);
1936 if (expand_string_message != NULL) return NULL;
059ec3d9
PH
1937 }
1938 }
1939
1940 /* Result not required */
1941
1942 if (yield == NULL) return s;
1943
1944 /* Do an appropriate comparison */
1945
1946 switch(cond_type)
1947 {
1948 case ECOND_NUM_E:
1949 case ECOND_NUM_EE:
1950 *yield = (num[0] == num[1]) == testfor;
1951 break;
1952
1953 case ECOND_NUM_G:
1954 *yield = (num[0] > num[1]) == testfor;
1955 break;
1956
1957 case ECOND_NUM_GE:
1958 *yield = (num[0] >= num[1]) == testfor;
1959 break;
1960
1961 case ECOND_NUM_L:
1962 *yield = (num[0] < num[1]) == testfor;
1963 break;
1964
1965 case ECOND_NUM_LE:
1966 *yield = (num[0] <= num[1]) == testfor;
1967 break;
1968
1969 case ECOND_STR_LT:
1970 *yield = (Ustrcmp(sub[0], sub[1]) < 0) == testfor;
1971 break;
1972
1973 case ECOND_STR_LTI:
1974 *yield = (strcmpic(sub[0], sub[1]) < 0) == testfor;
1975 break;
1976
1977 case ECOND_STR_LE:
1978 *yield = (Ustrcmp(sub[0], sub[1]) <= 0) == testfor;
1979 break;
1980
1981 case ECOND_STR_LEI:
1982 *yield = (strcmpic(sub[0], sub[1]) <= 0) == testfor;
1983 break;
1984
1985 case ECOND_STR_EQ:
1986 *yield = (Ustrcmp(sub[0], sub[1]) == 0) == testfor;
1987 break;
1988
1989 case ECOND_STR_EQI:
1990 *yield = (strcmpic(sub[0], sub[1]) == 0) == testfor;
1991 break;
1992
1993 case ECOND_STR_GT:
1994 *yield = (Ustrcmp(sub[0], sub[1]) > 0) == testfor;
1995 break;
1996
1997 case ECOND_STR_GTI:
1998 *yield = (strcmpic(sub[0], sub[1]) > 0) == testfor;
1999 break;
2000
2001 case ECOND_STR_GE:
2002 *yield = (Ustrcmp(sub[0], sub[1]) >= 0) == testfor;
2003 break;
2004
2005 case ECOND_STR_GEI:
2006 *yield = (strcmpic(sub[0], sub[1]) >= 0) == testfor;
2007 break;
2008
2009 case ECOND_MATCH: /* Regular expression match */
2010 re = pcre_compile(CS sub[1], PCRE_COPT, (const char **)&rerror, &roffset,
2011 NULL);
2012 if (re == NULL)
2013 {
2014 expand_string_message = string_sprintf("regular expression error in "
2015 "\"%s\": %s at offset %d", sub[1], rerror, roffset);
2016 return NULL;
2017 }
2018 *yield = regex_match_and_setup(re, sub[0], 0, -1) == testfor;
2019 break;
2020
2021 case ECOND_MATCH_ADDRESS: /* Match in an address list */
2022 rc = match_address_list(sub[0], TRUE, FALSE, &(sub[1]), NULL, -1, 0, NULL);
2023 goto MATCHED_SOMETHING;
2024
2025 case ECOND_MATCH_DOMAIN: /* Match in a domain list */
2026 rc = match_isinlist(sub[0], &(sub[1]), 0, &domainlist_anchor, NULL,
2027 MCL_DOMAIN + MCL_NOEXPAND, TRUE, NULL);
2028 goto MATCHED_SOMETHING;
2029
32d668a5 2030 case ECOND_MATCH_IP: /* Match IP address in a host list */
7e66e54d 2031 if (sub[0][0] != 0 && string_is_ip_address(sub[0], NULL) == 0)
32d668a5
PH
2032 {
2033 expand_string_message = string_sprintf("\"%s\" is not an IP address",
2034 sub[0]);
2035 return NULL;
2036 }
2037 else
2038 {
2039 unsigned int *nullcache = NULL;
2040 check_host_block cb;
2041
2042 cb.host_name = US"";
2043 cb.host_address = sub[0];
2044
2045 /* If the host address starts off ::ffff: it is an IPv6 address in
2046 IPv4-compatible mode. Find the IPv4 part for checking against IPv4
2047 addresses. */
2048
2049 cb.host_ipv4 = (Ustrncmp(cb.host_address, "::ffff:", 7) == 0)?
2050 cb.host_address + 7 : cb.host_address;
2051
2052 rc = match_check_list(
2053 &sub[1], /* the list */
2054 0, /* separator character */
2055 &hostlist_anchor, /* anchor pointer */
2056 &nullcache, /* cache pointer */
2057 check_host, /* function for testing */
2058 &cb, /* argument for function */
2059 MCL_HOST, /* type of check */
2060 sub[0], /* text for debugging */
2061 NULL); /* where to pass back data */
2062 }
2063 goto MATCHED_SOMETHING;
2064
059ec3d9
PH
2065 case ECOND_MATCH_LOCAL_PART:
2066 rc = match_isinlist(sub[0], &(sub[1]), 0, &localpartlist_anchor, NULL,
2067 MCL_LOCALPART + MCL_NOEXPAND, TRUE, NULL);
2068 /* Fall through */
9a26b6b2 2069 /* VVVVVVVVVVVV */
059ec3d9
PH
2070 MATCHED_SOMETHING:
2071 switch(rc)
2072 {
2073 case OK:
2074 *yield = testfor;
2075 break;
2076
2077 case FAIL:
2078 *yield = !testfor;
2079 break;
2080
2081 case DEFER:
2082 expand_string_message = string_sprintf("unable to complete match "
2083 "against \"%s\": %s", sub[1], search_error_message);
2084 return NULL;
2085 }
2086
2087 break;
2088
2089 /* Various "encrypted" comparisons. If the second string starts with
2090 "{" then an encryption type is given. Default to crypt() or crypt16()
2091 (build-time choice). */
2092
2093 case ECOND_CRYPTEQ:
2094 #ifndef SUPPORT_CRYPTEQ
2095 goto COND_FAILED_NOT_COMPILED;
2096 #else
2097 if (strncmpic(sub[1], US"{md5}", 5) == 0)
2098 {
2099 int sublen = Ustrlen(sub[1]+5);
2100 md5 base;
2101 uschar digest[16];
2102
2103 md5_start(&base);
2104 md5_end(&base, (uschar *)sub[0], Ustrlen(sub[0]), digest);
2105
2106 /* If the length that we are comparing against is 24, the MD5 digest
2107 is expressed as a base64 string. This is the way LDAP does it. However,
2108 some other software uses a straightforward hex representation. We assume
2109 this if the length is 32. Other lengths fail. */
2110
2111 if (sublen == 24)
2112 {
2113 uschar *coded = auth_b64encode((uschar *)digest, 16);
2114 DEBUG(D_auth) debug_printf("crypteq: using MD5+B64 hashing\n"
2115 " subject=%s\n crypted=%s\n", coded, sub[1]+5);
2116 *yield = (Ustrcmp(coded, sub[1]+5) == 0) == testfor;
2117 }
2118 else if (sublen == 32)
2119 {
2120 int i;
2121 uschar coded[36];
2122 for (i = 0; i < 16; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
2123 coded[32] = 0;
2124 DEBUG(D_auth) debug_printf("crypteq: using MD5+hex hashing\n"
2125 " subject=%s\n crypted=%s\n", coded, sub[1]+5);
2126 *yield = (strcmpic(coded, sub[1]+5) == 0) == testfor;
2127 }
2128 else
2129 {
2130 DEBUG(D_auth) debug_printf("crypteq: length for MD5 not 24 or 32: "
2131 "fail\n crypted=%s\n", sub[1]+5);
2132 *yield = !testfor;
2133 }
2134 }
2135
2136 else if (strncmpic(sub[1], US"{sha1}", 6) == 0)
2137 {
2138 int sublen = Ustrlen(sub[1]+6);
2139 sha1 base;
2140 uschar digest[20];
2141
2142 sha1_start(&base);
2143 sha1_end(&base, (uschar *)sub[0], Ustrlen(sub[0]), digest);
2144
2145 /* If the length that we are comparing against is 28, assume the SHA1
2146 digest is expressed as a base64 string. If the length is 40, assume a
2147 straightforward hex representation. Other lengths fail. */
2148
2149 if (sublen == 28)
2150 {
2151 uschar *coded = auth_b64encode((uschar *)digest, 20);
2152 DEBUG(D_auth) debug_printf("crypteq: using SHA1+B64 hashing\n"
2153 " subject=%s\n crypted=%s\n", coded, sub[1]+6);
2154 *yield = (Ustrcmp(coded, sub[1]+6) == 0) == testfor;
2155 }
2156 else if (sublen == 40)
2157 {
2158 int i;
2159 uschar coded[44];
2160 for (i = 0; i < 20; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
2161 coded[40] = 0;
2162 DEBUG(D_auth) debug_printf("crypteq: using SHA1+hex hashing\n"
2163 " subject=%s\n crypted=%s\n", coded, sub[1]+6);
2164 *yield = (strcmpic(coded, sub[1]+6) == 0) == testfor;
2165 }
2166 else
2167 {
2168 DEBUG(D_auth) debug_printf("crypteq: length for SHA-1 not 28 or 40: "
2169 "fail\n crypted=%s\n", sub[1]+6);
2170 *yield = !testfor;
2171 }
2172 }
2173
2174 else /* {crypt} or {crypt16} and non-{ at start */
2175 {
2176 int which = 0;
2177 uschar *coded;
2178
2179 if (strncmpic(sub[1], US"{crypt}", 7) == 0)
2180 {
2181 sub[1] += 7;
2182 which = 1;
2183 }
2184 else if (strncmpic(sub[1], US"{crypt16}", 9) == 0)
2185 {
2186 sub[1] += 9;
2187 which = 2;
2188 }
2189 else if (sub[1][0] == '{')
2190 {
2191 expand_string_message = string_sprintf("unknown encryption mechanism "
2192 "in \"%s\"", sub[1]);
2193 return NULL;
2194 }
2195
2196 switch(which)
2197 {
2198 case 0: coded = US DEFAULT_CRYPT(CS sub[0], CS sub[1]); break;
2199 case 1: coded = US crypt(CS sub[0], CS sub[1]); break;
2200 default: coded = US crypt16(CS sub[0], CS sub[1]); break;
2201 }
2202
2203 #define STR(s) # s
2204 #define XSTR(s) STR(s)
2205 DEBUG(D_auth) debug_printf("crypteq: using %s()\n"
2206 " subject=%s\n crypted=%s\n",
2207 (which == 0)? XSTR(DEFAULT_CRYPT) : (which == 1)? "crypt" : "crypt16",
2208 coded, sub[1]);
2209 #undef STR
2210 #undef XSTR
2211
2212 /* If the encrypted string contains fewer than two characters (for the
2213 salt), force failure. Otherwise we get false positives: with an empty
2214 string the yield of crypt() is an empty string! */
2215
2216 *yield = (Ustrlen(sub[1]) < 2)? !testfor :
2217 (Ustrcmp(coded, sub[1]) == 0) == testfor;
2218 }
2219 break;
2220 #endif /* SUPPORT_CRYPTEQ */
2221 } /* Switch for comparison conditions */
2222
2223 return s; /* End of comparison conditions */
2224
2225
2226 /* and/or: computes logical and/or of several conditions */
2227
2228 case ECOND_AND:
2229 case ECOND_OR:
2230 subcondptr = (yield == NULL)? NULL : &tempcond;
2231 combined_cond = (cond_type == ECOND_AND);
2232
2233 while (isspace(*s)) s++;
2234 if (*s++ != '{') goto COND_FAILED_CURLY_START;
2235
2236 for (;;)
2237 {
2238 while (isspace(*s)) s++;
2239 if (*s == '}') break;
2240 if (*s != '{')
2241 {
2242 expand_string_message = string_sprintf("each subcondition "
2243 "inside an \"%s{...}\" condition must be in its own {}", name);
2244 return NULL;
2245 }
2246
2247 s = eval_condition(s+1, subcondptr);
2248 if (s == NULL)
2249 {
2250 expand_string_message = string_sprintf("%s inside \"%s{...}\" condition",
2251 expand_string_message, name);
2252 return NULL;
2253 }
2254 while (isspace(*s)) s++;
2255
2256 if (*s++ != '}')
2257 {
2258 expand_string_message = string_sprintf("missing } at end of condition "
2259 "inside \"%s\" group", name);
2260 return NULL;
2261 }
2262
2263 if (yield != NULL)
2264 {
2265 if (cond_type == ECOND_AND)
2266 {
2267 combined_cond &= tempcond;
2268 if (!combined_cond) subcondptr = NULL; /* once false, don't */
2269 } /* evaluate any more */
2270 else
2271 {
2272 combined_cond |= tempcond;
2273 if (combined_cond) subcondptr = NULL; /* once true, don't */
2274 } /* evaluate any more */
2275 }
2276 }
2277
2278 if (yield != NULL) *yield = (combined_cond == testfor);
2279 return ++s;
2280
2281
2282 /* Unknown condition */
2283
2284 default:
2285 expand_string_message = string_sprintf("unknown condition \"%s\"", name);
2286 return NULL;
2287 } /* End switch on condition type */
2288
2289/* Missing braces at start and end of data */
2290
2291COND_FAILED_CURLY_START:
2292expand_string_message = string_sprintf("missing { after \"%s\"", name);
2293return NULL;
2294
2295COND_FAILED_CURLY_END:
2296expand_string_message = string_sprintf("missing } at end of \"%s\" condition",
2297 name);
2298return NULL;
2299
2300/* A condition requires code that is not compiled */
2301
2302#if !defined(SUPPORT_PAM) || !defined(RADIUS_CONFIG_FILE) || \
2303 !defined(LOOKUP_LDAP) || !defined(CYRUS_PWCHECK_SOCKET) || \
2304 !defined(SUPPORT_CRYPTEQ) || !defined(CYRUS_SASLAUTHD_SOCKET)
2305COND_FAILED_NOT_COMPILED:
2306expand_string_message = string_sprintf("support for \"%s\" not compiled",
2307 name);
2308return NULL;
2309#endif
2310}
2311
2312
2313
2314
2315/*************************************************
2316* Save numerical variables *
2317*************************************************/
2318
2319/* This function is called from items such as "if" that want to preserve and
2320restore the numbered variables.
2321
2322Arguments:
2323 save_expand_string points to an array of pointers to set
2324 save_expand_nlength points to an array of ints for the lengths
2325
2326Returns: the value of expand max to save
2327*/
2328
2329static int
2330save_expand_strings(uschar **save_expand_nstring, int *save_expand_nlength)
2331{
2332int i;
2333for (i = 0; i <= expand_nmax; i++)
2334 {
2335 save_expand_nstring[i] = expand_nstring[i];
2336 save_expand_nlength[i] = expand_nlength[i];
2337 }
2338return expand_nmax;
2339}
2340
2341
2342
2343/*************************************************
2344* Restore numerical variables *
2345*************************************************/
2346
2347/* This function restored saved values of numerical strings.
2348
2349Arguments:
2350 save_expand_nmax the number of strings to restore
2351 save_expand_string points to an array of pointers
2352 save_expand_nlength points to an array of ints
2353
2354Returns: nothing
2355*/
2356
2357static void
2358restore_expand_strings(int save_expand_nmax, uschar **save_expand_nstring,
2359 int *save_expand_nlength)
2360{
2361int i;
2362expand_nmax = save_expand_nmax;
2363for (i = 0; i <= expand_nmax; i++)
2364 {
2365 expand_nstring[i] = save_expand_nstring[i];
2366 expand_nlength[i] = save_expand_nlength[i];
2367 }
2368}
2369
2370
2371
2372
2373
2374/*************************************************
2375* Handle yes/no substrings *
2376*************************************************/
2377
2378/* This function is used by ${if}, ${lookup} and ${extract} to handle the
2379alternative substrings that depend on whether or not the condition was true,
2380or the lookup or extraction succeeded. The substrings always have to be
2381expanded, to check their syntax, but "skipping" is set when the result is not
2382needed - this avoids unnecessary nested lookups.
2383
2384Arguments:
2385 skipping TRUE if we were skipping when this item was reached
2386 yes TRUE if the first string is to be used, else use the second
2387 save_lookup a value to put back into lookup_value before the 2nd expansion
2388 sptr points to the input string pointer
2389 yieldptr points to the output string pointer
2390 sizeptr points to the output string size
2391 ptrptr points to the output string pointer
2392 type "lookup" or "if" or "extract" or "run", for error message
2393
2394Returns: 0 OK; lookup_value has been reset to save_lookup
2395 1 expansion failed
2396 2 expansion failed because of bracketing error
2397*/
2398
2399static int
2400process_yesno(BOOL skipping, BOOL yes, uschar *save_lookup, uschar **sptr,
2401 uschar **yieldptr, int *sizeptr, int *ptrptr, uschar *type)
2402{
2403int rc = 0;
2404uschar *s = *sptr; /* Local value */
2405uschar *sub1, *sub2;
2406
2407/* If there are no following strings, we substitute the contents of $value for
063b1e99 2408lookups and for extractions in the success case. For the ${if item, the string
8e669ac1 2409"true" is substituted. In the fail case, nothing is substituted for all three
063b1e99 2410items. */
059ec3d9
PH
2411
2412while (isspace(*s)) s++;
2413if (*s == '}')
2414 {
063b1e99
PH
2415 if (type[0] == 'i')
2416 {
8e669ac1 2417 if (yes) *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, US"true", 4);
063b1e99
PH
2418 }
2419 else
8e669ac1 2420 {
063b1e99
PH
2421 if (yes && lookup_value != NULL)
2422 *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, lookup_value,
2423 Ustrlen(lookup_value));
2424 lookup_value = save_lookup;
2425 }
059ec3d9
PH
2426 s++;
2427 goto RETURN;
2428 }
2429
9b4768fa
PH
2430/* The first following string must be braced. */
2431
2432if (*s++ != '{') goto FAILED_CURLY;
2433
059ec3d9
PH
2434/* Expand the first substring. Forced failures are noticed only if we actually
2435want this string. Set skipping in the call in the fail case (this will always
2436be the case if we were already skipping). */
2437
9b4768fa 2438sub1 = expand_string_internal(s, TRUE, &s, !yes);
059ec3d9
PH
2439if (sub1 == NULL && (yes || !expand_string_forcedfail)) goto FAILED;
2440expand_string_forcedfail = FALSE;
2441if (*s++ != '}') goto FAILED_CURLY;
2442
2443/* If we want the first string, add it to the output */
2444
2445if (yes)
2446 *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, sub1, Ustrlen(sub1));
2447
2448/* If this is called from a lookup or an extract, we want to restore $value to
2449what it was at the start of the item, so that it has this value during the
d20976dc
PH
2450second string expansion. For the call from "if" or "run" to this function,
2451save_lookup is set to lookup_value, so that this statement does nothing. */
059ec3d9
PH
2452
2453lookup_value = save_lookup;
2454
2455/* There now follows either another substring, or "fail", or nothing. This
2456time, forced failures are noticed only if we want the second string. We must
2457set skipping in the nested call if we don't want this string, or if we were
2458already skipping. */
2459
2460while (isspace(*s)) s++;
2461if (*s == '{')
2462 {
2463 sub2 = expand_string_internal(s+1, TRUE, &s, yes || skipping);
2464 if (sub2 == NULL && (!yes || !expand_string_forcedfail)) goto FAILED;
2465 expand_string_forcedfail = FALSE;
2466 if (*s++ != '}') goto FAILED_CURLY;
2467
2468 /* If we want the second string, add it to the output */
2469
2470 if (!yes)
2471 *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, sub2, Ustrlen(sub2));
2472 }
2473
2474/* If there is no second string, but the word "fail" is present when the use of
2475the second string is wanted, set a flag indicating it was a forced failure
2476rather than a syntactic error. Swallow the terminating } in case this is nested
2477inside another lookup or if or extract. */
2478
2479else if (*s != '}')
2480 {
2481 uschar name[256];
2482 s = read_name(name, sizeof(name), s, US"_");
2483 if (Ustrcmp(name, "fail") == 0)
2484 {
2485 if (!yes && !skipping)
2486 {
2487 while (isspace(*s)) s++;
2488 if (*s++ != '}') goto FAILED_CURLY;
2489 expand_string_message =
2490 string_sprintf("\"%s\" failed and \"fail\" requested", type);
2491 expand_string_forcedfail = TRUE;
2492 goto FAILED;
2493 }
2494 }
2495 else
2496 {
2497 expand_string_message =
2498 string_sprintf("syntax error in \"%s\" item - \"fail\" expected", type);
2499 goto FAILED;
2500 }
2501 }
2502
2503/* All we have to do now is to check on the final closing brace. */
2504
2505while (isspace(*s)) s++;
2506if (*s++ == '}') goto RETURN;
2507
2508/* Get here if there is a bracketing failure */
2509
2510FAILED_CURLY:
2511rc++;
2512
2513/* Get here for other failures */
2514
2515FAILED:
2516rc++;
2517
2518/* Update the input pointer value before returning */
2519
2520RETURN:
2521*sptr = s;
2522return rc;
2523}
2524
2525
2526
2527
059ec3d9
PH
2528/*************************************************
2529* Handle MD5 or SHA-1 computation for HMAC *
2530*************************************************/
2531
2532/* These are some wrapping functions that enable the HMAC code to be a bit
2533cleaner. A good compiler will spot the tail recursion.
2534
2535Arguments:
2536 type HMAC_MD5 or HMAC_SHA1
2537 remaining are as for the cryptographic hash functions
2538
2539Returns: nothing
2540*/
2541
2542static void
2543chash_start(int type, void *base)
2544{
2545if (type == HMAC_MD5)
2546 md5_start((md5 *)base);
2547else
2548 sha1_start((sha1 *)base);
2549}
2550
2551static void
2552chash_mid(int type, void *base, uschar *string)
2553{
2554if (type == HMAC_MD5)
2555 md5_mid((md5 *)base, string);
2556else
2557 sha1_mid((sha1 *)base, string);
2558}
2559
2560static void
2561chash_end(int type, void *base, uschar *string, int length, uschar *digest)
2562{
2563if (type == HMAC_MD5)
2564 md5_end((md5 *)base, string, length, digest);
2565else
2566 sha1_end((sha1 *)base, string, length, digest);
2567}
2568
2569
2570
2571
2572
1549ea3b
PH
2573/********************************************************
2574* prvs: Get last three digits of days since Jan 1, 1970 *
2575********************************************************/
2576
2577/* This is needed to implement the "prvs" BATV reverse
2578 path signing scheme
2579
2580Argument: integer "days" offset to add or substract to
2581 or from the current number of days.
2582
2583Returns: pointer to string containing the last three
2584 digits of the number of days since Jan 1, 1970,
2585 modified by the offset argument, NULL if there
2586 was an error in the conversion.
2587
2588*/
2589
2590static uschar *
2591prvs_daystamp(int day_offset)
2592{
a86229cf
PH
2593uschar *days = store_get(32); /* Need at least 24 for cases */
2594(void)string_format(days, 32, TIME_T_FMT, /* where TIME_T_FMT is %lld */
1549ea3b 2595 (time(NULL) + day_offset*86400)/86400);
e169f567 2596return (Ustrlen(days) >= 3) ? &days[Ustrlen(days)-3] : US"100";
1549ea3b
PH
2597}
2598
2599
2600
2601/********************************************************
2602* prvs: perform HMAC-SHA1 computation of prvs bits *
2603********************************************************/
2604
2605/* This is needed to implement the "prvs" BATV reverse
2606 path signing scheme
2607
2608Arguments:
2609 address RFC2821 Address to use
2610 key The key to use (must be less than 64 characters
2611 in size)
2612 key_num Single-digit key number to use. Defaults to
2613 '0' when NULL.
2614
2615Returns: pointer to string containing the first three
2616 bytes of the final hash in hex format, NULL if
2617 there was an error in the process.
2618*/
2619
2620static uschar *
2621prvs_hmac_sha1(uschar *address, uschar *key, uschar *key_num, uschar *daystamp)
2622{
2623uschar *hash_source, *p;
2624int size = 0,offset = 0,i;
2625sha1 sha1_base;
2626void *use_base = &sha1_base;
2627uschar innerhash[20];
2628uschar finalhash[20];
2629uschar innerkey[64];
2630uschar outerkey[64];
2631uschar *finalhash_hex = store_get(40);
2632
2633if (key_num == NULL)
2634 key_num = US"0";
2635
2636if (Ustrlen(key) > 64)
2637 return NULL;
2638
2639hash_source = string_cat(NULL,&size,&offset,key_num,1);
2640string_cat(hash_source,&size,&offset,daystamp,3);
2641string_cat(hash_source,&size,&offset,address,Ustrlen(address));
2642hash_source[offset] = '\0';
2643
2644DEBUG(D_expand) debug_printf("prvs: hash source is '%s'\n", hash_source);
2645
2646memset(innerkey, 0x36, 64);
2647memset(outerkey, 0x5c, 64);
2648
2649for (i = 0; i < Ustrlen(key); i++)
2650 {
2651 innerkey[i] ^= key[i];
2652 outerkey[i] ^= key[i];
2653 }
2654
2655chash_start(HMAC_SHA1, use_base);
2656chash_mid(HMAC_SHA1, use_base, innerkey);
2657chash_end(HMAC_SHA1, use_base, hash_source, offset, innerhash);
2658
2659chash_start(HMAC_SHA1, use_base);
2660chash_mid(HMAC_SHA1, use_base, outerkey);
2661chash_end(HMAC_SHA1, use_base, innerhash, 20, finalhash);
2662
2663p = finalhash_hex;
2664for (i = 0; i < 3; i++)
2665 {
2666 *p++ = hex_digits[(finalhash[i] & 0xf0) >> 4];
2667 *p++ = hex_digits[finalhash[i] & 0x0f];
2668 }
2669*p = '\0';
2670
2671return finalhash_hex;
2672}
2673
2674
2675
2676
059ec3d9
PH
2677/*************************************************
2678* Join a file onto the output string *
2679*************************************************/
2680
2681/* This is used for readfile and after a run expansion. It joins the contents
2682of a file onto the output string, globally replacing newlines with a given
2683string (optionally). The file is closed at the end.
2684
2685Arguments:
2686 f the FILE
2687 yield pointer to the expandable string
2688 sizep pointer to the current size
2689 ptrp pointer to the current position
2690 eol newline replacement string, or NULL
2691
2692Returns: new value of string pointer
2693*/
2694
2695static uschar *
2696cat_file(FILE *f, uschar *yield, int *sizep, int *ptrp, uschar *eol)
2697{
2698int eollen;
2699uschar buffer[1024];
2700
2701eollen = (eol == NULL)? 0 : Ustrlen(eol);
2702
2703while (Ufgets(buffer, sizeof(buffer), f) != NULL)
2704 {
2705 int len = Ustrlen(buffer);
2706 if (eol != NULL && buffer[len-1] == '\n') len--;
2707 yield = string_cat(yield, sizep, ptrp, buffer, len);
2708 if (buffer[len] != 0)
2709 yield = string_cat(yield, sizep, ptrp, eol, eollen);
2710 }
2711
2712if (yield != NULL) yield[*ptrp] = 0;
2713
2714return yield;
2715}
2716
2717
2718
2719
2720/*************************************************
2721* Evaluate numeric expression *
2722*************************************************/
2723
af561417
PH
2724/* This is a set of mutually recursive functions that evaluate an arithmetic
2725expression involving + - * / % & | ^ ~ << >> and parentheses. The only one of
2726these functions that is called from elsewhere is eval_expr, whose interface is:
059ec3d9
PH
2727
2728Arguments:
af561417
PH
2729 sptr pointer to the pointer to the string - gets updated
2730 decimal TRUE if numbers are to be assumed decimal
2731 error pointer to where to put an error message - must be NULL on input
2732 endket TRUE if ')' must terminate - FALSE for external call
059ec3d9 2733
af561417
PH
2734Returns: on success: the value of the expression, with *error still NULL
2735 on failure: an undefined value, with *error = a message
059ec3d9
PH
2736*/
2737
af561417
PH
2738static int eval_op_or(uschar **, BOOL, uschar **);
2739
059ec3d9
PH
2740
2741static int
2742eval_expr(uschar **sptr, BOOL decimal, uschar **error, BOOL endket)
2743{
2744uschar *s = *sptr;
af561417 2745int x = eval_op_or(&s, decimal, error);
059ec3d9
PH
2746if (*error == NULL)
2747 {
af561417 2748 if (endket)
059ec3d9 2749 {
af561417
PH
2750 if (*s != ')')
2751 *error = US"expecting closing parenthesis";
2752 else
2753 while (isspace(*(++s)));
059ec3d9 2754 }
af561417 2755 else if (*s != 0) *error = US"expecting operator";
059ec3d9 2756 }
059ec3d9
PH
2757*sptr = s;
2758return x;
2759}
2760
af561417 2761
059ec3d9 2762static int
af561417 2763eval_number(uschar **sptr, BOOL decimal, uschar **error)
059ec3d9
PH
2764{
2765register int c;
2766int n;
2767uschar *s = *sptr;
2768while (isspace(*s)) s++;
2769c = *s;
af561417 2770if (isdigit(c))
059ec3d9
PH
2771 {
2772 int count;
2773 (void)sscanf(CS s, (decimal? "%d%n" : "%i%n"), &n, &count);
2774 s += count;
2775 if (tolower(*s) == 'k') { n *= 1024; s++; }
2776 else if (tolower(*s) == 'm') { n *= 1024*1024; s++; }
2777 while (isspace (*s)) s++;
2778 }
2779else if (c == '(')
2780 {
2781 s++;
2782 n = eval_expr(&s, decimal, error, 1);
2783 }
2784else
2785 {
2786 *error = US"expecting number or opening parenthesis";
2787 n = 0;
2788 }
2789*sptr = s;
2790return n;
2791}
2792
af561417
PH
2793
2794static int eval_op_unary(uschar **sptr, BOOL decimal, uschar **error)
2795{
2796uschar *s = *sptr;
2797int x;
2798while (isspace(*s)) s++;
2799if (*s == '+' || *s == '-' || *s == '~')
2800 {
2801 int op = *s++;
2802 x = eval_op_unary(&s, decimal, error);
2803 if (op == '-') x = -x;
2804 else if (op == '~') x = ~x;
2805 }
2806else
2807 {
2808 x = eval_number(&s, decimal, error);
2809 }
2810*sptr = s;
2811return x;
2812}
2813
2814
2815static int eval_op_mult(uschar **sptr, BOOL decimal, uschar **error)
059ec3d9
PH
2816{
2817uschar *s = *sptr;
af561417 2818int x = eval_op_unary(&s, decimal, error);
059ec3d9
PH
2819if (*error == NULL)
2820 {
5591031b 2821 while (*s == '*' || *s == '/' || *s == '%')
059ec3d9
PH
2822 {
2823 int op = *s++;
af561417 2824 int y = eval_op_unary(&s, decimal, error);
059ec3d9 2825 if (*error != NULL) break;
5591031b
PH
2826 if (op == '*') x *= y;
2827 else if (op == '/') x /= y;
2828 else x %= y;
059ec3d9
PH
2829 }
2830 }
2831*sptr = s;
2832return x;
2833}
2834
2835
af561417
PH
2836static int eval_op_sum(uschar **sptr, BOOL decimal, uschar **error)
2837{
2838uschar *s = *sptr;
2839int x = eval_op_mult(&s, decimal, error);
2840if (*error == NULL)
2841 {
2842 while (*s == '+' || *s == '-')
2843 {
2844 int op = *s++;
2845 int y = eval_op_mult(&s, decimal, error);
2846 if (*error != NULL) break;
2847 if (op == '+') x += y; else x -= y;
2848 }
2849 }
2850*sptr = s;
2851return x;
2852}
2853
2854
2855static int eval_op_shift(uschar **sptr, BOOL decimal, uschar **error)
2856{
2857uschar *s = *sptr;
2858int x = eval_op_sum(&s, decimal, error);
2859if (*error == NULL)
2860 {
2861 while ((*s == '<' || *s == '>') && s[1] == s[0])
2862 {
2863 int y;
2864 int op = *s++;
2865 s++;
2866 y = eval_op_sum(&s, decimal, error);
2867 if (*error != NULL) break;
2868 if (op == '<') x <<= y; else x >>= y;
2869 }
2870 }
2871*sptr = s;
2872return x;
2873}
2874
2875
2876static int eval_op_and(uschar **sptr, BOOL decimal, uschar **error)
2877{
2878uschar *s = *sptr;
2879int x = eval_op_shift(&s, decimal, error);
2880if (*error == NULL)
2881 {
2882 while (*s == '&')
2883 {
2884 int y;
2885 s++;
2886 y = eval_op_shift(&s, decimal, error);
2887 if (*error != NULL) break;
2888 x &= y;
2889 }
2890 }
2891*sptr = s;
2892return x;
2893}
2894
2895
2896static int eval_op_xor(uschar **sptr, BOOL decimal, uschar **error)
2897{
2898uschar *s = *sptr;
2899int x = eval_op_and(&s, decimal, error);
2900if (*error == NULL)
2901 {
2902 while (*s == '^')
2903 {
2904 int y;
2905 s++;
2906 y = eval_op_and(&s, decimal, error);
2907 if (*error != NULL) break;
2908 x ^= y;
2909 }
2910 }
2911*sptr = s;
2912return x;
2913}
2914
2915
2916static int eval_op_or(uschar **sptr, BOOL decimal, uschar **error)
2917{
2918uschar *s = *sptr;
2919int x = eval_op_xor(&s, decimal, error);
2920if (*error == NULL)
2921 {
2922 while (*s == '|')
2923 {
2924 int y;
2925 s++;
2926 y = eval_op_xor(&s, decimal, error);
2927 if (*error != NULL) break;
2928 x |= y;
2929 }
2930 }
2931*sptr = s;
2932return x;
2933}
2934
059ec3d9
PH
2935
2936
2937/*************************************************
2938* Expand string *
2939*************************************************/
2940
2941/* Returns either an unchanged string, or the expanded string in stacking pool
2942store. Interpreted sequences are:
2943
2944 \... normal escaping rules
2945 $name substitutes the variable
2946 ${name} ditto
2947 ${op:string} operates on the expanded string value
2948 ${item{arg1}{arg2}...} expands the args and then does the business
2949 some literal args are not enclosed in {}
2950
2951There are now far too many operators and item types to make it worth listing
2952them here in detail any more.
2953
2954We use an internal routine recursively to handle embedded substrings. The
2955external function follows. The yield is NULL if the expansion failed, and there
2956are two cases: if something collapsed syntactically, or if "fail" was given
2957as the action on a lookup failure. These can be distinguised by looking at the
2958variable expand_string_forcedfail, which is TRUE in the latter case.
2959
2960The skipping flag is set true when expanding a substring that isn't actually
2961going to be used (after "if" or "lookup") and it prevents lookups from
2962happening lower down.
2963
2964Store usage: At start, a store block of the length of the input plus 64
2965is obtained. This is expanded as necessary by string_cat(), which might have to
2966get a new block, or might be able to expand the original. At the end of the
2967function we can release any store above that portion of the yield block that
2968was actually used. In many cases this will be optimal.
2969
2970However: if the first item in the expansion is a variable name or header name,
2971we reset the store before processing it; if the result is in fresh store, we
2972use that without copying. This is helpful for expanding strings like
2973$message_headers which can get very long.
2974
2975Arguments:
2976 string the string to be expanded
2977 ket_ends true if expansion is to stop at }
2978 left if not NULL, a pointer to the first character after the
2979 expansion is placed here (typically used with ket_ends)
2980 skipping TRUE for recursive calls when the value isn't actually going
2981 to be used (to allow for optimisation)
2982
2983Returns: NULL if expansion fails:
2984 expand_string_forcedfail is set TRUE if failure was forced
2985 expand_string_message contains a textual error message
2986 a pointer to the expanded string on success
2987*/
2988
2989static uschar *
2990expand_string_internal(uschar *string, BOOL ket_ends, uschar **left,
2991 BOOL skipping)
2992{
2993int ptr = 0;
2994int size = Ustrlen(string)+ 64;
2995int item_type;
2996uschar *yield = store_get(size);
2997uschar *s = string;
2998uschar *save_expand_nstring[EXPAND_MAXN+1];
2999int save_expand_nlength[EXPAND_MAXN+1];
3000
3001expand_string_forcedfail = FALSE;
3002expand_string_message = US"";
3003
3004while (*s != 0)
3005 {
3006 uschar *value;
3007 uschar name[256];
3008
3009 /* \ escapes the next character, which must exist, or else
3010 the expansion fails. There's a special escape, \N, which causes
3011 copying of the subject verbatim up to the next \N. Otherwise,
3012 the escapes are the standard set. */
3013
3014 if (*s == '\\')
3015 {
3016 if (s[1] == 0)
3017 {
3018 expand_string_message = US"\\ at end of string";
3019 goto EXPAND_FAILED;
3020 }
3021
3022 if (s[1] == 'N')
3023 {
3024 uschar *t = s + 2;
3025 for (s = t; *s != 0; s++) if (*s == '\\' && s[1] == 'N') break;
3026 yield = string_cat(yield, &size, &ptr, t, s - t);
3027 if (*s != 0) s += 2;
3028 }
3029
3030 else
3031 {
3032 uschar ch[1];
3033 ch[0] = string_interpret_escape(&s);
3034 s++;
3035 yield = string_cat(yield, &size, &ptr, ch, 1);
3036 }
3037
3038 continue;
3039 }
3040
3041 /* Anything other than $ is just copied verbatim, unless we are
3042 looking for a terminating } character. */
3043
3044 if (ket_ends && *s == '}') break;
3045
3046 if (*s != '$')
3047 {
3048 yield = string_cat(yield, &size, &ptr, s++, 1);
3049 continue;
3050 }
3051
3052 /* No { after the $ - must be a plain name or a number for string
3053 match variable. There has to be a fudge for variables that are the
3054 names of header fields preceded by "$header_" because header field
3055 names can contain any printing characters except space and colon.
3056 For those that don't like typing this much, "$h_" is a synonym for
3057 "$header_". A non-existent header yields a NULL value; nothing is
3058 inserted. */
3059
3060 if (isalpha((*(++s))))
3061 {
3062 int len;
3063 int newsize = 0;
3064
3065 s = read_name(name, sizeof(name), s, US"_");
3066
3067 /* If this is the first thing to be expanded, release the pre-allocated
3068 buffer. */
3069
3070 if (ptr == 0 && yield != NULL)
3071 {
3072 store_reset(yield);
3073 yield = NULL;
3074 size = 0;
3075 }
3076
3077 /* Header */
3078
3079 if (Ustrncmp(name, "h_", 2) == 0 ||
3080 Ustrncmp(name, "rh_", 3) == 0 ||
3081 Ustrncmp(name, "bh_", 3) == 0 ||
3082 Ustrncmp(name, "header_", 7) == 0 ||
3083 Ustrncmp(name, "rheader_", 8) == 0 ||
3084 Ustrncmp(name, "bheader_", 8) == 0)
3085 {
3086 BOOL want_raw = (name[0] == 'r')? TRUE : FALSE;
3087 uschar *charset = (name[0] == 'b')? NULL : headers_charset;
3088 s = read_header_name(name, sizeof(name), s);
3089 value = find_header(name, FALSE, &newsize, want_raw, charset);
3090
3091 /* If we didn't find the header, and the header contains a closing brace
0d85fa3f 3092 character, this may be a user error where the terminating colon
059ec3d9
PH
3093 has been omitted. Set a flag to adjust the error message in this case.
3094 But there is no error here - nothing gets inserted. */
3095
3096 if (value == NULL)
3097 {
3098 if (Ustrchr(name, '}') != NULL) malformed_header = TRUE;
3099 continue;
3100 }
3101 }
3102
3103 /* Variable */
3104
3105 else
3106 {
3107 value = find_variable(name, FALSE, skipping, &newsize);
3108 if (value == NULL)
3109 {
3110 expand_string_message =
3111 string_sprintf("unknown variable name \"%s\"", name);
641cb756 3112 check_variable_error_message(name);
059ec3d9
PH
3113 goto EXPAND_FAILED;
3114 }
3115 }
3116
3117 /* If the data is known to be in a new buffer, newsize will be set to the
3118 size of that buffer. If this is the first thing in an expansion string,
3119 yield will be NULL; just point it at the new store instead of copying. Many
3120 expansion strings contain just one reference, so this is a useful
3121 optimization, especially for humungous headers. */
3122
3123 len = Ustrlen(value);
3124 if (yield == NULL && newsize != 0)
3125 {
3126 yield = value;
3127 size = newsize;
3128 ptr = len;
3129 }
3130 else yield = string_cat(yield, &size, &ptr, value, len);
3131
3132 continue;
3133 }
3134
3135 if (isdigit(*s))
3136 {
3137 int n;
3138 s = read_number(&n, s);
3139 if (n >= 0 && n <= expand_nmax)
3140 yield = string_cat(yield, &size, &ptr, expand_nstring[n],
3141 expand_nlength[n]);
3142 continue;
3143 }
3144
3145 /* Otherwise, if there's no '{' after $ it's an error. */
3146
3147 if (*s != '{')
3148 {
3149 expand_string_message = US"$ not followed by letter, digit, or {";
3150 goto EXPAND_FAILED;
3151 }
3152
3153 /* After { there can be various things, but they all start with
3154 an initial word, except for a number for a string match variable. */
3155
3156 if (isdigit((*(++s))))
3157 {
3158 int n;
3159 s = read_number(&n, s);
3160 if (*s++ != '}')
3161 {
3162 expand_string_message = US"} expected after number";
3163 goto EXPAND_FAILED;
3164 }
3165 if (n >= 0 && n <= expand_nmax)
3166 yield = string_cat(yield, &size, &ptr, expand_nstring[n],
3167 expand_nlength[n]);
3168 continue;
3169 }
3170
3171 if (!isalpha(*s))
3172 {
3173 expand_string_message = US"letter or digit expected after ${";
3174 goto EXPAND_FAILED;
3175 }
3176
3177 /* Allow "-" in names to cater for substrings with negative
3178 arguments. Since we are checking for known names after { this is
3179 OK. */
3180
3181 s = read_name(name, sizeof(name), s, US"_-");
3182 item_type = chop_match(name, item_table, sizeof(item_table)/sizeof(uschar *));
3183
3184 switch(item_type)
3185 {
3186 /* Handle conditionals - preserve the values of the numerical expansion
3187 variables in case they get changed by a regular expression match in the
3188 condition. If not, they retain their external settings. At the end
3189 of this "if" section, they get restored to their previous values. */
3190
3191 case EITEM_IF:
3192 {
3193 BOOL cond = FALSE;
3194 uschar *next_s;
3195 int save_expand_nmax =
3196 save_expand_strings(save_expand_nstring, save_expand_nlength);
3197
3198 while (isspace(*s)) s++;
3199 next_s = eval_condition(s, skipping? NULL : &cond);
3200 if (next_s == NULL) goto EXPAND_FAILED; /* message already set */
3201
3202 DEBUG(D_expand)
3203 debug_printf("condition: %.*s\n result: %s\n", (int)(next_s - s), s,
3204 cond? "true" : "false");
3205
3206 s = next_s;
3207
3208 /* The handling of "yes" and "no" result strings is now in a separate
3209 function that is also used by ${lookup} and ${extract} and ${run}. */
3210
3211 switch(process_yesno(
3212 skipping, /* were previously skipping */
3213 cond, /* success/failure indicator */
3214 lookup_value, /* value to reset for string2 */
3215 &s, /* input pointer */
3216 &yield, /* output pointer */
3217 &size, /* output size */
3218 &ptr, /* output current point */
3219 US"if")) /* condition type */
3220 {
3221 case 1: goto EXPAND_FAILED; /* when all is well, the */
3222 case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
3223 }
3224
3225 /* Restore external setting of expansion variables for continuation
3226 at this level. */
3227
3228 restore_expand_strings(save_expand_nmax, save_expand_nstring,
3229 save_expand_nlength);
3230 continue;
3231 }
3232
3233 /* Handle database lookups unless locked out. If "skipping" is TRUE, we are
3234 expanding an internal string that isn't actually going to be used. All we
3235 need to do is check the syntax, so don't do a lookup at all. Preserve the
3236 values of the numerical expansion variables in case they get changed by a
3237 partial lookup. If not, they retain their external settings. At the end
3238 of this "lookup" section, they get restored to their previous values. */
3239
3240 case EITEM_LOOKUP:
3241 {
3242 int stype, partial, affixlen, starflags;
3243 int expand_setup = 0;
3244 int nameptr = 0;
3245 uschar *key, *filename, *affix;
3246 uschar *save_lookup_value = lookup_value;
3247 int save_expand_nmax =
3248 save_expand_strings(save_expand_nstring, save_expand_nlength);
3249
3250 if ((expand_forbid & RDO_LOOKUP) != 0)
3251 {
3252 expand_string_message = US"lookup expansions are not permitted";
3253 goto EXPAND_FAILED;
3254 }
3255
3256 /* Get the key we are to look up for single-key+file style lookups.
3257 Otherwise set the key NULL pro-tem. */
3258
3259 while (isspace(*s)) s++;
3260 if (*s == '{')
3261 {
3262 key = expand_string_internal(s+1, TRUE, &s, skipping);
3263 if (key == NULL) goto EXPAND_FAILED;
3264 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3265 while (isspace(*s)) s++;
3266 }
3267 else key = NULL;
3268
3269 /* Find out the type of database */
3270
3271 if (!isalpha(*s))
3272 {
3273 expand_string_message = US"missing lookup type";
3274 goto EXPAND_FAILED;
3275 }
3276
3277 /* The type is a string that may contain special characters of various
3278 kinds. Allow everything except space or { to appear; the actual content
3279 is checked by search_findtype_partial. */
3280
3281 while (*s != 0 && *s != '{' && !isspace(*s))
3282 {
3283 if (nameptr < sizeof(name) - 1) name[nameptr++] = *s;
3284 s++;
3285 }
3286 name[nameptr] = 0;
3287 while (isspace(*s)) s++;
3288
3289 /* Now check for the individual search type and any partial or default
3290 options. Only those types that are actually in the binary are valid. */
3291
3292 stype = search_findtype_partial(name, &partial, &affix, &affixlen,
3293 &starflags);
3294 if (stype < 0)
3295 {
3296 expand_string_message = search_error_message;
3297 goto EXPAND_FAILED;
3298 }
3299
3300 /* Check that a key was provided for those lookup types that need it,
3301 and was not supplied for those that use the query style. */
3302
13b685f9 3303 if (!mac_islookup(stype, lookup_querystyle|lookup_absfilequery))
059ec3d9
PH
3304 {
3305 if (key == NULL)
3306 {
3307 expand_string_message = string_sprintf("missing {key} for single-"
3308 "key \"%s\" lookup", name);
3309 goto EXPAND_FAILED;
3310 }
3311 }
3312 else
3313 {
3314 if (key != NULL)
3315 {
3316 expand_string_message = string_sprintf("a single key was given for "
3317 "lookup type \"%s\", which is not a single-key lookup type", name);
3318 goto EXPAND_FAILED;
3319 }
3320 }
3321
3322 /* Get the next string in brackets and expand it. It is the file name for
13b685f9
PH
3323 single-key+file lookups, and the whole query otherwise. In the case of
3324 queries that also require a file name (e.g. sqlite), the file name comes
3325 first. */
059ec3d9
PH
3326
3327 if (*s != '{') goto EXPAND_FAILED_CURLY;
3328 filename = expand_string_internal(s+1, TRUE, &s, skipping);
3329 if (filename == NULL) goto EXPAND_FAILED;
3330 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3331 while (isspace(*s)) s++;
3332
3333 /* If this isn't a single-key+file lookup, re-arrange the variables
13b685f9
PH
3334 to be appropriate for the search_ functions. For query-style lookups,
3335 there is just a "key", and no file name. For the special query-style +
3336 file types, the query (i.e. "key") starts with a file name. */
059ec3d9
PH
3337
3338 if (key == NULL)
3339 {
13b685f9 3340 while (isspace(*filename)) filename++;
059ec3d9 3341 key = filename;
13b685f9
PH
3342
3343 if (mac_islookup(stype, lookup_querystyle))
3344 {
3345 filename = NULL;
3346 }
3347 else
3348 {
3349 if (*filename != '/')
3350 {
3351 expand_string_message = string_sprintf(
3352 "absolute file name expected for \"%s\" lookup", name);
3353 goto EXPAND_FAILED;
3354 }
3355 while (*key != 0 && !isspace(*key)) key++;
3356 if (*key != 0) *key++ = 0;
3357 }
059ec3d9
PH
3358 }
3359
3360 /* If skipping, don't do the next bit - just lookup_value == NULL, as if
3361 the entry was not found. Note that there is no search_close() function.
3362 Files are left open in case of re-use. At suitable places in higher logic,
3363 search_tidyup() is called to tidy all open files. This can save opening
3364 the same file several times. However, files may also get closed when
3365 others are opened, if too many are open at once. The rule is that a
3366 handle should not be used after a second search_open().
3367
3368 Request that a partial search sets up $1 and maybe $2 by passing
3369 expand_setup containing zero. If its value changes, reset expand_nmax,
3370 since new variables will have been set. Note that at the end of this
3371 "lookup" section, the old numeric variables are restored. */
3372
3373 if (skipping)
3374 lookup_value = NULL;
3375 else
3376 {
3377 void *handle = search_open(filename, stype, 0, NULL, NULL);
3378 if (handle == NULL)
3379 {
3380 expand_string_message = search_error_message;
3381 goto EXPAND_FAILED;
3382 }
3383 lookup_value = search_find(handle, filename, key, partial, affix,
3384 affixlen, starflags, &expand_setup);
3385 if (search_find_defer)
3386 {
3387 expand_string_message =
3388 string_sprintf("lookup of \"%s\" gave DEFER: %s", key,
3389 search_error_message);
3390 goto EXPAND_FAILED;
3391 }
3392 if (expand_setup > 0) expand_nmax = expand_setup;
3393 }
3394
3395 /* The handling of "yes" and "no" result strings is now in a separate
3396 function that is also used by ${if} and ${extract}. */
3397
3398 switch(process_yesno(
3399 skipping, /* were previously skipping */
3400 lookup_value != NULL, /* success/failure indicator */
3401 save_lookup_value, /* value to reset for string2 */
3402 &s, /* input pointer */
3403 &yield, /* output pointer */
3404 &size, /* output size */
3405 &ptr, /* output current point */
3406 US"lookup")) /* condition type */
3407 {
3408 case 1: goto EXPAND_FAILED; /* when all is well, the */
3409 case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
3410 }
3411
3412 /* Restore external setting of expansion variables for carrying on
3413 at this level, and continue. */
3414
3415 restore_expand_strings(save_expand_nmax, save_expand_nstring,
3416 save_expand_nlength);
3417 continue;
3418 }
3419
3420 /* If Perl support is configured, handle calling embedded perl subroutines,
3421 unless locked out at this time. Syntax is ${perl{sub}} or ${perl{sub}{arg}}
3422 or ${perl{sub}{arg1}{arg2}} or up to a maximum of EXIM_PERL_MAX_ARGS
3423 arguments (defined below). */
3424
059ec3d9
PH
3425 #define EXIM_PERL_MAX_ARGS 8
3426
3427 case EITEM_PERL:
1a46a8c5
PH
3428 #ifndef EXIM_PERL
3429 expand_string_message = US"\"${perl\" encountered, but this facility "
3430 "is not included in this binary";
3431 goto EXPAND_FAILED;
3432
3433 #else /* EXIM_PERL */
059ec3d9
PH
3434 {
3435 uschar *sub_arg[EXIM_PERL_MAX_ARGS + 2];
3436 uschar *new_yield;
3437
3438 if ((expand_forbid & RDO_PERL) != 0)
3439 {
3440 expand_string_message = US"Perl calls are not permitted";
3441 goto EXPAND_FAILED;
3442 }
3443
3444 switch(read_subs(sub_arg, EXIM_PERL_MAX_ARGS + 1, 1, &s, skipping, TRUE,
3445 US"perl"))
3446 {
3447 case 1: goto EXPAND_FAILED_CURLY;
3448 case 2:
3449 case 3: goto EXPAND_FAILED;
3450 }
3451
3452 /* If skipping, we don't actually do anything */
3453
3454 if (skipping) continue;
3455
3456 /* Start the interpreter if necessary */
3457
3458 if (!opt_perl_started)
3459 {
3460 uschar *initerror;
3461 if (opt_perl_startup == NULL)
3462 {
3463 expand_string_message = US"A setting of perl_startup is needed when "
3464 "using the Perl interpreter";
3465 goto EXPAND_FAILED;
3466 }
3467 DEBUG(D_any) debug_printf("Starting Perl interpreter\n");
3468 initerror = init_perl(opt_perl_startup);
3469 if (initerror != NULL)
3470 {
3471 expand_string_message =
3472 string_sprintf("error in perl_startup code: %s\n", initerror);
3473 goto EXPAND_FAILED;
3474 }
3475 opt_perl_started = TRUE;
3476 }
3477
3478 /* Call the function */
3479
3480 sub_arg[EXIM_PERL_MAX_ARGS + 1] = NULL;
3481 new_yield = call_perl_cat(yield, &size, &ptr, &expand_string_message,
3482 sub_arg[0], sub_arg + 1);
3483
3484 /* NULL yield indicates failure; if the message pointer has been set to
3485 NULL, the yield was undef, indicating a forced failure. Otherwise the
3486 message will indicate some kind of Perl error. */
3487
3488 if (new_yield == NULL)
3489 {
3490 if (expand_string_message == NULL)
3491 {
3492 expand_string_message =
3493 string_sprintf("Perl subroutine \"%s\" returned undef to force "
3494 "failure", sub_arg[0]);
3495 expand_string_forcedfail = TRUE;
3496 }
3497 goto EXPAND_FAILED;
3498 }
3499
3500 /* Yield succeeded. Ensure forcedfail is unset, just in case it got
3501 set during a callback from Perl. */
3502
3503 expand_string_forcedfail = FALSE;
3504 yield = new_yield;
3505 continue;
3506 }
3507 #endif /* EXIM_PERL */
3508
fffda43a
TK
3509 /* Transform email address to "prvs" scheme to use
3510 as BATV-signed return path */
3511
3512 case EITEM_PRVS:
3513 {
3514 uschar *sub_arg[3];
3515 uschar *p,*domain;
3516
3517 switch(read_subs(sub_arg, 3, 2, &s, skipping, TRUE, US"prvs"))
3518 {
3519 case 1: goto EXPAND_FAILED_CURLY;
3520 case 2:
3521 case 3: goto EXPAND_FAILED;
3522 }
3523
3524 /* If skipping, we don't actually do anything */
3525 if (skipping) continue;
3526
3527 /* sub_arg[0] is the address */
3528 domain = Ustrrchr(sub_arg[0],'@');
3529 if ( (domain == NULL) || (domain == sub_arg[0]) || (Ustrlen(domain) == 1) )
3530 {
cb9328de
PH
3531 expand_string_message = US"prvs first argument must be a qualified email address";
3532 goto EXPAND_FAILED;
3533 }
3534
3535 /* Calculate the hash. The second argument must be a single-digit
3536 key number, or unset. */
3537
3538 if (sub_arg[2] != NULL &&
3539 (!isdigit(sub_arg[2][0]) || sub_arg[2][1] != 0))
3540 {
3541 expand_string_message = US"prvs second argument must be a single digit";
fffda43a
TK
3542 goto EXPAND_FAILED;
3543 }
3544
fffda43a
TK
3545 p = prvs_hmac_sha1(sub_arg[0],sub_arg[1],sub_arg[2],prvs_daystamp(7));
3546 if (p == NULL)
3547 {
cb9328de 3548 expand_string_message = US"prvs hmac-sha1 conversion failed";
fffda43a
TK
3549 goto EXPAND_FAILED;
3550 }
3551
3552 /* Now separate the domain from the local part */
3553 *domain++ = '\0';
3554
3555 yield = string_cat(yield,&size,&ptr,US"prvs=",5);
3556 string_cat(yield,&size,&ptr,sub_arg[0],Ustrlen(sub_arg[0]));
3557 string_cat(yield,&size,&ptr,US"/",1);
3558 string_cat(yield,&size,&ptr,(sub_arg[2] != NULL) ? sub_arg[2] : US"0", 1);
3559 string_cat(yield,&size,&ptr,prvs_daystamp(7),3);
3560 string_cat(yield,&size,&ptr,p,6);
3561 string_cat(yield,&size,&ptr,US"@",1);
3562 string_cat(yield,&size,&ptr,domain,Ustrlen(domain));
3563
3564 continue;
3565 }
3566
3567 /* Check a prvs-encoded address for validity */
3568
3569 case EITEM_PRVSCHECK:
3570 {
3571 uschar *sub_arg[3];
3572 int mysize = 0, myptr = 0;
3573 const pcre *re;
3574 uschar *p;
72fdd6ae
PH
3575
3576 /* TF: Ugliness: We want to expand parameter 1 first, then set
fffda43a
TK
3577 up expansion variables that are used in the expansion of
3578 parameter 2. So we clone the string for the first
72fdd6ae
PH
3579 expansion, where we only expand parameter 1.
3580
3581 PH: Actually, that isn't necessary. The read_subs() function is
3582 designed to work this way for the ${if and ${lookup expansions. I've
3583 tidied the code.
3584 */
fffda43a
TK
3585
3586 /* Reset expansion variables */
3587 prvscheck_result = NULL;
3588 prvscheck_address = NULL;
3589 prvscheck_keynum = NULL;
3590
72fdd6ae 3591 switch(read_subs(sub_arg, 1, 1, &s, skipping, FALSE, US"prvs"))
fffda43a
TK
3592 {
3593 case 1: goto EXPAND_FAILED_CURLY;
3594 case 2:
3595 case 3: goto EXPAND_FAILED;
3596 }
3597
3598 re = regex_must_compile(US"^prvs\\=(.+)\\/([0-9])([0-9]{3})([A-F0-9]{6})\\@(.+)$",
3599 TRUE,FALSE);
3600
72fdd6ae
PH
3601 if (regex_match_and_setup(re,sub_arg[0],0,-1))
3602 {
fffda43a
TK
3603 uschar *local_part = string_copyn(expand_nstring[1],expand_nlength[1]);
3604 uschar *key_num = string_copyn(expand_nstring[2],expand_nlength[2]);
3605 uschar *daystamp = string_copyn(expand_nstring[3],expand_nlength[3]);
3606 uschar *hash = string_copyn(expand_nstring[4],expand_nlength[4]);
3607 uschar *domain = string_copyn(expand_nstring[5],expand_nlength[5]);
3608
3609 DEBUG(D_expand) debug_printf("prvscheck localpart: %s\n", local_part);
3610 DEBUG(D_expand) debug_printf("prvscheck key number: %s\n", key_num);
3611 DEBUG(D_expand) debug_printf("prvscheck daystamp: %s\n", daystamp);
3612 DEBUG(D_expand) debug_printf("prvscheck hash: %s\n", hash);
3613 DEBUG(D_expand) debug_printf("prvscheck domain: %s\n", domain);
3614
3615 /* Set up expansion variables */
3616 prvscheck_address = string_cat(NULL, &mysize, &myptr, local_part, Ustrlen(local_part));
2740a2ca 3617 string_cat(prvscheck_address,&mysize,&myptr,US"@",1);
fffda43a
TK
3618 string_cat(prvscheck_address,&mysize,&myptr,domain,Ustrlen(domain));
3619 prvscheck_address[myptr] = '\0';
3620 prvscheck_keynum = string_copy(key_num);
3621
72fdd6ae
PH
3622 /* Now expand the second argument */
3623 switch(read_subs(sub_arg, 1, 1, &s, skipping, FALSE, US"prvs"))
fffda43a
TK
3624 {
3625 case 1: goto EXPAND_FAILED_CURLY;
3626 case 2:
3627 case 3: goto EXPAND_FAILED;
3628 }
3629
fffda43a 3630 /* Now we have the key and can check the address. */
72fdd6ae
PH
3631
3632 p = prvs_hmac_sha1(prvscheck_address, sub_arg[0], prvscheck_keynum,
3633 daystamp);
3634
fffda43a
TK
3635 if (p == NULL)
3636 {
3637 expand_string_message = US"hmac-sha1 conversion failed";
3638 goto EXPAND_FAILED;
3639 }
3640
3641 DEBUG(D_expand) debug_printf("prvscheck: received hash is %s\n", hash);
3642 DEBUG(D_expand) debug_printf("prvscheck: own hash is %s\n", p);
72fdd6ae 3643
fffda43a
TK
3644 if (Ustrcmp(p,hash) == 0)
3645 {
3646 /* Success, valid BATV address. Now check the expiry date. */
3647 uschar *now = prvs_daystamp(0);
3648 unsigned int inow = 0,iexpire = 1;
3649
ff790e47
PH
3650 (void)sscanf(CS now,"%u",&inow);
3651 (void)sscanf(CS daystamp,"%u",&iexpire);
fffda43a
TK
3652
3653 /* When "iexpire" is < 7, a "flip" has occured.
3654 Adjust "inow" accordingly. */
3655 if ( (iexpire < 7) && (inow >= 993) ) inow = 0;
3656
3657 if (iexpire > inow)
3658 {
3659 prvscheck_result = US"1";
3660 DEBUG(D_expand) debug_printf("prvscheck: success, $pvrs_result set to 1\n");
3661 }
3662 else
3663 {
3664 prvscheck_result = NULL;
3665 DEBUG(D_expand) debug_printf("prvscheck: signature expired, $pvrs_result unset\n");
3666 }
3667 }
3668 else
3669 {
3670 prvscheck_result = NULL;
3671 DEBUG(D_expand) debug_printf("prvscheck: hash failure, $pvrs_result unset\n");
3672 }
72fdd6ae
PH
3673
3674 /* Now expand the final argument. We leave this till now so that
3675 it can include $prvscheck_result. */
3676
3677 switch(read_subs(sub_arg, 1, 0, &s, skipping, TRUE, US"prvs"))
3678 {
3679 case 1: goto EXPAND_FAILED_CURLY;
3680 case 2:
3681 case 3: goto EXPAND_FAILED;
3682 }
3683
3684 if (sub_arg[0] == NULL || *sub_arg[0] == '\0')
3685 yield = string_cat(yield,&size,&ptr,prvscheck_address,Ustrlen(prvscheck_address));
3686 else
3687 yield = string_cat(yield,&size,&ptr,sub_arg[0],Ustrlen(sub_arg[0]));
3688
3689 /* Reset the "internal" variables afterwards, because they are in
3690 dynamic store that will be reclaimed if the expansion succeeded. */
3691
3692 prvscheck_address = NULL;
3693 prvscheck_keynum = NULL;
3694 }
fffda43a
TK
3695 else
3696 {
3697 /* Does not look like a prvs encoded address, return the empty string.
72fdd6ae
PH
3698 We need to make sure all subs are expanded first, so as to skip over
3699 the entire item. */
3700
5a03bd24 3701 switch(read_subs(sub_arg, 2, 1, &s, skipping, TRUE, US"prvs"))
fffda43a
TK
3702 {
3703 case 1: goto EXPAND_FAILED_CURLY;
3704 case 2:
3705 case 3: goto EXPAND_FAILED;
3706 }
3707 }
3708
3709 continue;
3710 }
3711
059ec3d9
PH
3712 /* Handle "readfile" to insert an entire file */
3713
3714 case EITEM_READFILE:
3715 {
3716 FILE *f;
3717 uschar *sub_arg[2];
3718
3719 if ((expand_forbid & RDO_READFILE) != 0)
3720 {
3721 expand_string_message = US"file insertions are not permitted";
3722 goto EXPAND_FAILED;
3723 }
3724
3725 switch(read_subs(sub_arg, 2, 1, &s, skipping, TRUE, US"readfile"))
3726 {
3727 case 1: goto EXPAND_FAILED_CURLY;
3728 case 2:
3729 case 3: goto EXPAND_FAILED;
3730 }
3731
3732 /* If skipping, we don't actually do anything */
3733
3734 if (skipping) continue;
3735
3736 /* Open the file and read it */
3737
3738 f = Ufopen(sub_arg[0], "rb");
3739 if (f == NULL)
3740 {
3741 expand_string_message = string_open_failed(errno, "%s", sub_arg[0]);
3742 goto EXPAND_FAILED;
3743 }
3744
3745 yield = cat_file(f, yield, &size, &ptr, sub_arg[1]);
f1e894f3 3746 (void)fclose(f);
059ec3d9
PH
3747 continue;
3748 }
3749
3750 /* Handle "readsocket" to insert data from a Unix domain socket */
3751
3752 case EITEM_READSOCK:
3753 {
3754 int fd;
3755 int timeout = 5;
3756 int save_ptr = ptr;
3757 FILE *f;
3758 struct sockaddr_un sockun; /* don't call this "sun" ! */
3759 uschar *arg;
3760 uschar *sub_arg[4];
3761
3762 if ((expand_forbid & RDO_READSOCK) != 0)
3763 {
3764 expand_string_message = US"socket insertions are not permitted";
3765 goto EXPAND_FAILED;
3766 }
3767
3768 /* Read up to 4 arguments, but don't do the end of item check afterwards,
3769 because there may be a string for expansion on failure. */
3770
3771 switch(read_subs(sub_arg, 4, 2, &s, skipping, FALSE, US"readsocket"))
3772 {
3773 case 1: goto EXPAND_FAILED_CURLY;
3774 case 2: /* Won't occur: no end check */
3775 case 3: goto EXPAND_FAILED;
3776 }
3777
3778 /* Sort out timeout, if given */
3779
3780 if (sub_arg[2] != NULL)
3781 {
3782 timeout = readconf_readtime(sub_arg[2], 0, FALSE);
3783 if (timeout < 0)
3784 {
3785 expand_string_message = string_sprintf("bad time value %s",
3786 sub_arg[2]);
3787 goto EXPAND_FAILED;
3788 }
3789 }
3790 else sub_arg[3] = NULL; /* No eol if no timeout */
3791
1cce3af8
PH
3792 /* If skipping, we don't actually do anything. Otherwise, arrange to
3793 connect to either an IP or a Unix socket. */
059ec3d9
PH
3794
3795 if (!skipping)
3796 {
1cce3af8 3797 /* Handle an IP (internet) domain */
059ec3d9 3798
91ecef39 3799 if (Ustrncmp(sub_arg[0], "inet:", 5) == 0)
059ec3d9 3800 {
1cce3af8
PH
3801 BOOL connected = FALSE;
3802 int namelen, port;
3803 host_item shost;
3804 host_item *h;
3805 uschar *server_name = sub_arg[0] + 5;
3806 uschar *port_name = Ustrrchr(server_name, ':');
3807
3808 /* Sort out the port */
3809
3810 if (port_name == NULL)
3811 {
3812 expand_string_message =
3813 string_sprintf("missing port for readsocket %s", sub_arg[0]);
3814 goto EXPAND_FAILED;
3815 }
3816 *port_name++ = 0; /* Terminate server name */
3817
3818 if (isdigit(*port_name))
3819 {
3820 uschar *end;
3821 port = Ustrtol(port_name, &end, 0);
3822 if (end != port_name + Ustrlen(port_name))
3823 {
3824 expand_string_message =
3825 string_sprintf("invalid port number %s", port_name);
3826 goto EXPAND_FAILED;
3827 }
3828 }
3829 else
3830 {
3831 struct servent *service_info = getservbyname(CS port_name, "tcp");
3832 if (service_info == NULL)
3833 {
3834 expand_string_message = string_sprintf("unknown port \"%s\"",
3835 port_name);
3836 goto EXPAND_FAILED;
3837 }
3838 port = ntohs(service_info->s_port);
3839 }
3840
3841 /* Sort out the server. */
3842
3843 shost.next = NULL;
3844 shost.address = NULL;
3845 shost.port = port;
3846 shost.mx = -1;
3847
3848 namelen = Ustrlen(server_name);
3849
3850 /* Anything enclosed in [] must be an IP address. */
3851
3852 if (server_name[0] == '[' &&
3853 server_name[namelen - 1] == ']')
3854 {
3855 server_name[namelen - 1] = 0;
3856 server_name++;
3857 if (string_is_ip_address(server_name, NULL) == 0)
3858 {
3859 expand_string_message =
3860 string_sprintf("malformed IP address \"%s\"", server_name);
3861 goto EXPAND_FAILED;
3862 }
3863 shost.name = shost.address = server_name;
3864 }
3865
3866 /* Otherwise check for an unadorned IP address */
3867
3868 else if (string_is_ip_address(server_name, NULL) != 0)
3869 shost.name = shost.address = server_name;
3870
3871 /* Otherwise lookup IP address(es) from the name */
3872
3873 else
3874 {
3875 shost.name = server_name;
322050c2
PH
3876 if (host_find_byname(&shost, NULL, HOST_FIND_QUALIFY_SINGLE, NULL,
3877 FALSE) != HOST_FOUND)
1cce3af8
PH
3878 {
3879 expand_string_message =
3880 string_sprintf("no IP address found for host %s", shost.name);
3881 goto EXPAND_FAILED;
3882 }
3883 }
3884
3885 /* Try to connect to the server - test each IP till one works */
3886
3887 for (h = &shost; h != NULL; h = h->next)
3888 {
3889 int af = (Ustrchr(h->address, ':') != 0)? AF_INET6 : AF_INET;
3890 if ((fd = ip_socket(SOCK_STREAM, af)) == -1)
3891 {
3892 expand_string_message = string_sprintf("failed to create socket: "
3893 "%s", strerror(errno));
3894 goto SOCK_FAIL;
3895 }
3896
3897 if (ip_connect(fd, af, h->address, port, timeout) == 0)
3898 {
3899 connected = TRUE;
3900 break;
3901 }
3902 }
3903
3904 if (!connected)
3905 {
3906 expand_string_message = string_sprintf("failed to connect to "
3907 "socket %s: couldn't connect to any host", sub_arg[0],
3908 strerror(errno));
3909 goto SOCK_FAIL;
3910 }
059ec3d9
PH
3911 }
3912
1cce3af8
PH
3913 /* Handle a Unix domain socket */
3914
3915 else
059ec3d9 3916 {
a401ddaa 3917 int rc;
1cce3af8
PH
3918 if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
3919 {
3920 expand_string_message = string_sprintf("failed to create socket: %s",
3921 strerror(errno));
3922 goto SOCK_FAIL;
3923 }
3924
3925 sockun.sun_family = AF_UNIX;
3926 sprintf(sockun.sun_path, "%.*s", (int)(sizeof(sockun.sun_path)-1),
3927 sub_arg[0]);
a401ddaa
PH
3928
3929 sigalrm_seen = FALSE;
3930 alarm(timeout);
3931 rc = connect(fd, (struct sockaddr *)(&sockun), sizeof(sockun));
3932 alarm(0);
734e1499 3933 if (sigalrm_seen)
1cce3af8 3934 {
734e1499 3935 expand_string_message = US "socket connect timed out";
1cce3af8
PH
3936 goto SOCK_FAIL;
3937 }
734e1499 3938 if (rc < 0)
a401ddaa 3939 {
734e1499
PH
3940 expand_string_message = string_sprintf("failed to connect to socket "
3941 "%s: %s", sub_arg[0], strerror(errno));
a401ddaa
PH
3942 goto SOCK_FAIL;
3943 }
059ec3d9 3944 }
1cce3af8 3945
059ec3d9
PH
3946 DEBUG(D_expand) debug_printf("connected to socket %s\n", sub_arg[0]);
3947
3948 /* Write the request string, if not empty */
3949
3950 if (sub_arg[1][0] != 0)
3951 {
3952 int len = Ustrlen(sub_arg[1]);
3953 DEBUG(D_expand) debug_printf("writing \"%s\" to socket\n",
3954 sub_arg[1]);
3955 if (write(fd, sub_arg[1], len) != len)
3956 {
3957 expand_string_message = string_sprintf("request write to socket "
3958 "failed: %s", strerror(errno));
3959 goto SOCK_FAIL;
3960 }
3961 }
3962
c1114884
PH
3963 /* Shut down the sending side of the socket. This helps some servers to
3964 recognise that it is their turn to do some work. Just in case some
3965 system doesn't have this function, make it conditional. */
3966
3967 #ifdef SHUT_WR
3968 shutdown(fd, SHUT_WR);
3969 #endif
3970
059ec3d9
PH
3971 /* Now we need to read from the socket, under a timeout. The function
3972 that reads a file can be used. */
3973
3974 f = fdopen(fd, "rb");
3975 sigalrm_seen = FALSE;
3976 alarm(timeout);
3977 yield = cat_file(f, yield, &size, &ptr, sub_arg[3]);
3978 alarm(0);
f1e894f3 3979 (void)fclose(f);
059ec3d9
PH
3980
3981 /* After a timeout, we restore the pointer in the result, that is,
3982 make sure we add nothing from the socket. */
3983
3984 if (sigalrm_seen)
3985 {
3986 ptr = save_ptr;
1cce3af8 3987 expand_string_message = US "socket read timed out";
059ec3d9
PH
3988 goto SOCK_FAIL;
3989 }
3990 }
3991
3992 /* The whole thing has worked (or we were skipping). If there is a
3993 failure string following, we need to skip it. */
3994
3995 if (*s == '{')
3996 {
3997 if (expand_string_internal(s+1, TRUE, &s, TRUE) == NULL)
3998 goto EXPAND_FAILED;
3999 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
4000 while (isspace(*s)) s++;
4001 }
4002 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
4003 continue;
4004
4005 /* Come here on failure to create socket, connect socket, write to the
4006 socket, or timeout on reading. If another substring follows, expand and
4007 use it. Otherwise, those conditions give expand errors. */
4008
4009 SOCK_FAIL:
4010 if (*s != '{') goto EXPAND_FAILED;
4011 DEBUG(D_any) debug_printf("%s\n", expand_string_message);
4012 arg = expand_string_internal(s+1, TRUE, &s, FALSE);
4013 if (arg == NULL) goto EXPAND_FAILED;
4014 yield = string_cat(yield, &size, &ptr, arg, Ustrlen(arg));
4015 if (*