Add observability variables and provision for avoiding OCSP conflicts

[exim.git] / src / src / expand.c

diff --git a/src/src/expand.c b/src/src/expand.c
index 88a5ee399db9c15c2a94cd95aae6f364afab3249..ba2c6f7cdc61fdb6de6de9b43ff1db5878f1438b 100644 (file)
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -14,6 +14,7 @@
 /* Recursively called function */
 
 static uschar *expand_string_internal(uschar *, BOOL, uschar **, BOOL, BOOL, BOOL *);
+static int_eximarith_t expanded_string_integer(uschar *, BOOL);
 
 #ifdef STAND_ALONE
 #ifndef SUPPORT_CRYPTEQ
@@ -683,6 +684,9 @@ static var_entry var_table[] = {
   { "tls_out_bits",        vtype_int,         &tls_out.bits },
   { "tls_out_certificate_verified", vtype_int,&tls_out.certificate_verified },
   { "tls_out_cipher",      vtype_stringptr,   &tls_out.cipher },
+#ifdef EXPERIMENTAL_DANE
+  { "tls_out_dane",        vtype_bool,        &tls_out.dane_verified },
+#endif
   { "tls_out_ocsp",        vtype_int,         &tls_out.ocsp },
   { "tls_out_ourcert",     vtype_cert,        &tls_out.ourcert },
   { "tls_out_peercert",    vtype_cert,        &tls_out.peercert },
@@ -690,6 +694,9 @@ static var_entry var_table[] = {
 #if defined(SUPPORT_TLS)
   { "tls_out_sni",         vtype_stringptr,   &tls_out.sni },
 #endif
+#ifdef EXPERIMENTAL_DANE
+  { "tls_out_tlsa_usage",  vtype_int,         &tls_out.tlsa_usage },
+#endif
 
   { "tls_peerdn",          vtype_stringptr,   &tls_in.peerdn },        /* mind the alphabetical order! */
 #if defined(SUPPORT_TLS)
@@ -1878,6 +1885,8 @@ switch (vp->type)
   #endif
 
   }
+
+return NULL;  /* Unknown variable. Silences static checkers. */
 }
 
 
@@ -2445,7 +2454,7 @@ switch(cond_type)
         }
       else
         {
-        num[i] = expand_string_integer(sub[i], FALSE);
+        num[i] = expanded_string_integer(sub[i], FALSE);
         if (expand_string_message != NULL) return NULL;
         }
       }
@@ -6365,14 +6374,14 @@ while (*s != 0)
 
       case EOP_UTF8CLEAN:
         {
-        int seq_len, index = 0;
+        int seq_len = 0, index = 0;
         int bytes_left = 0;
         uschar seq_buff[4];                    /* accumulate utf-8 here */
         
         while (*sub != 0)
          {
          int complete;
-         long codepoint;
+         long codepoint = 0;
          uschar c;
 
          complete = 0;
@@ -6679,7 +6688,7 @@ while (*s != 0)
         int_eximarith_t max;
         uschar *s;
 
-        max = expand_string_integer(sub, TRUE);
+        max = expanded_string_integer(sub, TRUE);
         if (expand_string_message != NULL)
           goto EXPAND_FAILED;
         s = string_sprintf("%d", vaguely_random_number((int)max));
@@ -6879,8 +6888,32 @@ Returns:  the integer value, or
 int_eximarith_t
 expand_string_integer(uschar *string, BOOL isplus)
 {
+return expanded_string_integer(expand_string(string), isplus);
+}
+
+
+/*************************************************
+ *         Interpret string as an integer        *
+ *************************************************/
+
+/* Convert a string (that has already been expanded) into an integer.
+
+This function is used inside the expansion code.
+
+Arguments:
+  s       the string to be expanded
+  isplus  TRUE if a non-negative number is expected
+
+Returns:  the integer value, or
+          -1 if string is NULL (which implies an expansion error)
+          -2 for an integer interpretation error
+          expand_string_message is set NULL for an OK integer
+*/
+
+static int_eximarith_t
+expanded_string_integer(uschar *s, BOOL isplus)
+{
 int_eximarith_t value;
-uschar *s = expand_string(string);
 uschar *msg = US"invalid integer \"%s\"";
 uschar *endptr;