* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2014 */
+/* Copyright (c) University of Cambridge 1995 - 2015 */
/* See the file NOTICE for conditions of use and distribution. */
US"acl",
US"certextract",
US"dlfunc",
+ US"env",
US"extract",
US"filter",
US"hash",
US"hmac",
US"if",
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
US"imapfolder",
#endif
US"length",
EITEM_ACL,
EITEM_CERTEXTRACT,
EITEM_DLFUNC,
+ EITEM_ENV,
EITEM_EXTRACT,
EITEM_FILTER,
EITEM_HASH,
EITEM_HMAC,
EITEM_IF,
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
EITEM_IMAPFOLDER,
#endif
EITEM_LENGTH,
US"reverse_ip",
US"time_eval",
US"time_interval"
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
,US"utf8_domain_from_alabel",
US"utf8_domain_to_alabel",
US"utf8_localpart_from_alabel",
EOP_REVERSE_IP,
EOP_TIME_EVAL,
EOP_TIME_INTERVAL
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
,EOP_UTF8_DOMAIN_FROM_ALABEL,
EOP_UTF8_DOMAIN_TO_ALABEL,
EOP_UTF8_LOCALPART_FROM_ALABEL,
US"addresses",
US"base62",
US"base62d",
+ US"base64",
+ US"base64d",
US"domain",
US"escape",
US"eval",
US"hash",
US"hex2b64",
US"hexquote",
+ US"ipv6denorm",
+ US"ipv6norm",
US"l",
US"lc",
US"length",
EOP_ADDRESSES,
EOP_BASE62,
EOP_BASE62D,
+ EOP_BASE64,
+ EOP_BASE64D,
EOP_DOMAIN,
EOP_ESCAPE,
EOP_EVAL,
EOP_HASH,
EOP_HEX2B64,
EOP_HEXQUOTE,
+ EOP_IPV6DENORM,
+ EOP_IPV6NORM,
EOP_L,
EOP_LC,
EOP_LENGTH,
{ "bounce_return_size_limit", vtype_int, &bounce_return_size_limit },
{ "caller_gid", vtype_gid, &real_gid },
{ "caller_uid", vtype_uid, &real_uid },
+ { "callout_address", vtype_stringptr, &callout_address },
{ "compile_date", vtype_stringptr, &version_date },
{ "compile_number", vtype_stringptr, &version_cnumber },
{ "config_dir", vtype_stringptr, &config_main_directory },
{ "dkim_headernames", vtype_dkim, (void *)DKIM_HEADERNAMES },
{ "dkim_identity", vtype_dkim, (void *)DKIM_IDENTITY },
{ "dkim_key_granularity",vtype_dkim, (void *)DKIM_KEY_GRANULARITY },
+ { "dkim_key_length", vtype_int, &dkim_key_length },
{ "dkim_key_nosubdomains",vtype_dkim, (void *)DKIM_NOSUBDOMAINS },
{ "dkim_key_notes", vtype_dkim, (void *)DKIM_KEY_NOTES },
{ "dkim_key_srvtype", vtype_dkim, (void *)DKIM_KEY_SRVTYPE },
{ "dnslist_value", vtype_stringptr, &dnslist_value },
{ "domain", vtype_stringptr, &deliver_domain },
{ "domain_data", vtype_stringptr, &deliver_domain_data },
-#ifdef EXPERIMENTAL_EVENT
+#ifndef DISABLE_EVENT
{ "event_data", vtype_stringptr, &event_data },
/*XXX want to use generic vars for as many of these as possible*/
{ "message_id", vtype_stringptr, &message_id },
{ "message_linecount", vtype_int, &message_linecount },
{ "message_size", vtype_int, &message_size },
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
{ "message_smtputf8", vtype_bool, &message_smtputf8 },
#endif
#ifdef WITH_CONTENT_SCAN
{ "parent_domain", vtype_stringptr, &deliver_domain_parent },
{ "parent_local_part", vtype_stringptr, &deliver_localpart_parent },
{ "pid", vtype_pid, NULL },
+#ifndef DISABLE_PRDR
+ { "prdr_requested", vtype_bool, &prdr_requested },
+#endif
{ "primary_hostname", vtype_stringptr, &primary_hostname },
-#ifdef EXPERIMENTAL_PROXY
- { "proxy_host_address", vtype_stringptr, &proxy_host_address },
- { "proxy_host_port", vtype_int, &proxy_host_port },
+#if defined(SUPPORT_PROXY) || defined(SUPPORT_SOCKS)
+ { "proxy_external_address",vtype_stringptr, &proxy_external_address },
+ { "proxy_external_port", vtype_int, &proxy_external_port },
+ { "proxy_local_address", vtype_stringptr, &proxy_local_address },
+ { "proxy_local_port", vtype_int, &proxy_local_port },
{ "proxy_session", vtype_bool, &proxy_session },
- { "proxy_target_address",vtype_stringptr, &proxy_target_address },
- { "proxy_target_port", vtype_int, &proxy_target_port },
#endif
{ "prvscheck_address", vtype_stringptr, &prvscheck_address },
{ "prvscheck_keynum", vtype_stringptr, &prvscheck_keynum },
if (!(vp = find_var_ent(certvar)))
{
- expand_string_message =
+ expand_string_message =
string_sprintf("no variable named \"%s\"", certvar);
return NULL; /* Unknown variable name */
}
want to do that in future */
if (vp->type != vtype_cert)
{
- expand_string_message =
+ expand_string_message =
string_sprintf("\"%s\" is not a certificate", certvar);
return NULL; /* Unknown variable name */
}
return (*cp->getfn)( *(void **)vp->value, modifier );
}
-expand_string_message =
+expand_string_message =
string_sprintf("bad field selector \"%s\" for certextract", field);
return NULL;
}
uschar *endptr;
int n = Ustrtoul(name + 4, &endptr, 10);
if (*endptr == 0 && n != 0 && n <= AUTH_VARS)
- return (auth_vars[n-1] == NULL)? US"" : auth_vars[n-1];
+ return !auth_vars[n-1] ? US"" : auth_vars[n-1];
+ }
+else if (Ustrncmp(name, "regex", 5) == 0)
+ {
+ uschar *endptr;
+ int n = Ustrtoul(name + 5, &endptr, 10);
+ if (*endptr == 0 && n != 0 && n <= REGEX_VARS)
+ return !regex_vars[n-1] ? US"" : regex_vars[n-1];
}
/* For all other variables, search the table */
if (sublen == 24)
{
- uschar *coded = auth_b64encode((uschar *)digest, 16);
+ uschar *coded = b64encode((uschar *)digest, 16);
DEBUG(D_auth) debug_printf("crypteq: using MD5+B64 hashing\n"
" subject=%s\n crypted=%s\n", coded, sub[1]+5);
tempcond = (Ustrcmp(coded, sub[1]+5) == 0);
if (sublen == 28)
{
- uschar *coded = auth_b64encode((uschar *)digest, 20);
+ uschar *coded = b64encode((uschar *)digest, 20);
DEBUG(D_auth) debug_printf("crypteq: using SHA1+B64 hashing\n"
" subject=%s\n crypted=%s\n", coded, sub[1]+6);
tempcond = (Ustrcmp(coded, sub[1]+6) == 0);
#define XSTR(s) STR(s)
DEBUG(D_auth) debug_printf("crypteq: using %s()\n"
" subject=%s\n crypted=%s\n",
- (which == 0)? XSTR(DEFAULT_CRYPT) : (which == 1)? "crypt" : "crypt16",
+ which == 0 ? XSTR(DEFAULT_CRYPT) : which == 1 ? "crypt" : "crypt16",
coded, sub[1]);
#undef STR
#undef XSTR
salt), force failure. Otherwise we get false positives: with an empty
string the yield of crypt() is an empty string! */
- tempcond = (Ustrlen(sub[1]) < 2)? FALSE :
- (Ustrcmp(coded, sub[1]) == 0);
+ if (coded)
+ tempcond = Ustrlen(sub[1]) < 2 ? FALSE : Ustrcmp(coded, sub[1]) == 0;
+ else if (errno == EINVAL)
+ tempcond = FALSE;
+ else
+ {
+ expand_string_message = string_sprintf("crypt error: %s\n",
+ US strerror(errno));
+ return NULL;
+ }
}
break;
#endif /* SUPPORT_CRYPTEQ */
uschar *sub[10]; /* name + arg1-arg9 (which must match number of acl_arg[]) */
uschar *user_msg;
- switch(read_subs(sub, 10, 1, &s, skipping, TRUE, US"acl", &resetok))
+ switch(read_subs(sub, nelem(sub), 1, &s, skipping, TRUE, US"acl",
+ &resetok))
{
case 1: goto EXPAND_FAILED_CURLY;
case 2:
continue;
}
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
case EITEM_IMAPFOLDER:
{ /* ${imapfolder {name}{sep]{specials}} */
uschar *sub_arg[3];
}
else if (Ustrlen(sub_arg[1]) != 1)
{
- expand_string_message =
+ expand_string_message =
string_sprintf(
- "IMAP folder separator must be one character, found \"%s\"",
+ "IMAP folder separator must be one character, found \"%s\"",
sub_arg[1]);
goto EXPAND_FAILED;
}
#define EXPAND_DLFUNC_MAX_ARGS 8
case EITEM_DLFUNC:
- #ifndef EXPAND_DLFUNC
- expand_string_message = US"\"${dlfunc\" encountered, but this facility " /*}*/
- "is not included in this binary";
- goto EXPAND_FAILED;
+#ifndef EXPAND_DLFUNC
+ expand_string_message = US"\"${dlfunc\" encountered, but this facility " /*}*/
+ "is not included in this binary";
+ goto EXPAND_FAILED;
- #else /* EXPAND_DLFUNC */
+#else /* EXPAND_DLFUNC */
{
tree_node *t;
exim_dlfunc_t *func;
goto EXPAND_FAILED;
}
}
- #endif /* EXPAND_DLFUNC */
+#endif /* EXPAND_DLFUNC */
+
+ case EITEM_ENV: /* ${env {name} {val_if_found} {val_if_unfound}} */
+ {
+ uschar * key;
+ uschar *save_lookup_value = lookup_value;
+
+ while (isspace(*s)) s++;
+ if (*s != '{') /*}*/
+ goto EXPAND_FAILED;
+
+ key = expand_string_internal(s+1, TRUE, &s, skipping, TRUE, &resetok);
+ if (!key) goto EXPAND_FAILED; /*{*/
+ if (*s++ != '}') goto EXPAND_FAILED_CURLY;
+
+ lookup_value = US getenv(CS key);
+
+ switch(process_yesno(
+ skipping, /* were previously skipping */
+ lookup_value != NULL, /* success/failure indicator */
+ save_lookup_value, /* value to reset for string2 */
+ &s, /* input pointer */
+ &yield, /* output pointer */
+ &size, /* output size */
+ &ptr, /* output current point */
+ US"env", /* condition type */
+ &resetok))
+ {
+ case 1: goto EXPAND_FAILED; /* when all is well, the */
+ case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
+ }
+ continue;
+ }
} /* EITEM_* switch */
/* Control reaches here if the name is not recognized as one of the more
case EOP_MD5:
case EOP_SHA1:
case EOP_SHA256:
+ case EOP_BASE64:
if (s[1] == '$')
{
const uschar * s1 = s;
}
}
- enc = auth_b64encode(sub, out - sub);
+ enc = b64encode(sub, out - sub);
yield = string_cat(yield, &size, &ptr, enc, Ustrlen(enc));
continue;
}
continue;
}
+ case EOP_IPV6NORM:
+ case EOP_IPV6DENORM:
+ {
+ int type = string_is_ip_address(sub, NULL);
+ int binary[4];
+ uschar buffer[44];
+
+ switch (type)
+ {
+ case 6:
+ (void) host_aton(sub, binary);
+ break;
+
+ case 4: /* convert to IPv4-mapped IPv6 */
+ binary[0] = binary[1] = 0;
+ binary[2] = 0x0000ffff;
+ (void) host_aton(sub, binary+3);
+ break;
+
+ case 0:
+ expand_string_message =
+ string_sprintf("\"%s\" is not an IP address", sub);
+ goto EXPAND_FAILED;
+ }
+
+ yield = string_cat(yield, &size, &ptr, buffer,
+ c == EOP_IPV6NORM
+ ? ipv6_nmtoa(binary, buffer)
+ : host_nmtoa(4, binary, -1, buffer, ':')
+ );
+ continue;
+ }
+
case EOP_ADDRESS:
case EOP_LOCAL_PART:
case EOP_DOMAIN:
}
/* replace illegal UTF-8 sequences by replacement character */
-
+
#define UTF8_REPLACEMENT_CHAR US"?"
case EOP_UTF8CLEAN:
int bytes_left = 0;
long codepoint = -1;
uschar seq_buff[4]; /* accumulate utf-8 here */
-
+
while (*sub != 0)
{
int complete = 0;
continue;
}
-#ifdef EXPERIMENTAL_INTERNATIONAL
+#ifdef SUPPORT_I18N
case EOP_UTF8_DOMAIN_TO_ALABEL:
{
uschar * error = NULL;
/* Convert string to base64 encoding */
case EOP_STR2B64:
+ case EOP_BASE64:
+ {
+#ifdef SUPPORT_TLS
+ uschar * s = vp && *(void **)vp->value
+ ? tls_cert_der_b64(*(void **)vp->value)
+ : b64encode(sub, Ustrlen(sub));
+#else
+ uschar * s = b64encode(sub, Ustrlen(sub));
+#endif
+ yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
+ continue;
+ }
+
+ case EOP_BASE64D:
{
- uschar *encstr = auth_b64encode(sub, Ustrlen(sub));
- yield = string_cat(yield, &size, &ptr, encstr, Ustrlen(encstr));
+ uschar * s;
+ int len = b64decode(sub, &s);
+ if (len < 0)
+ {
+ expand_string_message = string_sprintf("string \"%s\" is not "
+ "well-formed for \"%s\" operator", sub, name);
+ goto EXPAND_FAILED;
+ }
+ yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
continue;
}
if (Ustrspn(argv[i], "abcdefghijklmnopqrtsuvwxyz0123456789-.:/") ==
Ustrlen(argv[i]))
{
- #ifdef LOOKUP_LDAP
+#ifdef LOOKUP_LDAP
eldap_default_servers = argv[i];
- #endif
- #ifdef LOOKUP_MYSQL
+#endif
+#ifdef LOOKUP_MYSQL
mysql_servers = argv[i];
- #endif
- #ifdef LOOKUP_PGSQL
+#endif
+#ifdef LOOKUP_PGSQL
pgsql_servers = argv[i];
- #endif
- #ifdef EXPERIMENTAL_REDIS
+#endif
+#ifdef LOOKUP_REDIS
redis_servers = argv[i];
- #endif
+#endif
}
- #ifdef EXIM_PERL
+#ifdef EXIM_PERL
else opt_perl_startup = argv[i];
- #endif
+#endif
}
printf("Testing string expansion: debug_level = %d\n\n", debug_level);