1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) University of Cambridge 1995 - 2015 */
6 /* Copyright (c) The Exim Maintainers 2020 */
7 /* See the file NOTICE for conditions of use and distribution. */
9 /* A set of functions to search databases in various formats. An open
10 database is represented by a void * value which is returned from a lookup-
11 specific "open" function. These are now all held in individual modules in the
12 lookups subdirectory and the functions here form a generic interface.
14 Caching is used to improve performance. Open files are cached until a tidyup
15 function is called, and for each file the result of the last lookup is cached.
16 However, if too many files are opened, some of those that are not in use have
17 to be closed. Those open items that use real files are kept on a LRU chain to
20 All the data is held in permanent store so as to be independent of the stacking
21 pool that is reset from time to time. In fact, we use malloc'd store so that it
22 can be freed when the caches are tidied up. It isn't actually clear whether
23 this is a benefit or not, to be honest. */
28 /* Tree in which to cache open files until tidyup called. */
30 static tree_node *search_tree = NULL;
32 /* Two-way chain of open databases that use real files. This is maintained in
33 recently-used order for the purposes of closing the least recently used when
34 too many files are open. */
36 static tree_node *open_top = NULL;
37 static tree_node *open_bot = NULL;
39 /* Count of open databases that use real files */
41 static int open_filecount = 0;
43 /* Allow us to reset store used for lookups and lookup caching */
45 static rmark search_reset_point = NULL;
49 /*************************************************
50 * Validate a plain lookup type name *
51 *************************************************/
53 /* Only those names that are recognized and whose code is included in the
54 binary give an OK response. Use a binary chop search now that the list has got
58 name lookup type name - not necessarily zero terminated (e.g. dbm*)
59 len length of the name
61 Returns: +ve => valid lookup name; value is offset in lookup_list
62 -ve => invalid name; message in search_error_message.
66 search_findtype(const uschar *name, int len)
69 int top = lookup_list_count;
72 int mid = (top + bot)/2;
73 int c = Ustrncmp(name, lookup_list[mid]->name, len);
75 /* If c == 0 we have matched the incoming name with the start of the search
76 type name. However, some search types are substrings of others (e.g. nis and
77 nisplus) so we need to check that the lengths are the same. The length of the
78 type name cannot be shorter (else c would not be 0); if it is not equal it
79 must be longer, and in that case, the incoming name comes before the name we
80 are testing. By leaving c == 0 when the lengths are different, and doing a
81 > 0 test below, this all falls out correctly. */
83 if (c == 0 && Ustrlen(lookup_list[mid]->name) == len)
85 if (lookup_list[mid]->find != NULL) return mid;
86 search_error_message = string_sprintf("lookup type \"%.*s\" is not "
87 "available (not in the binary - check buildtime LOOKUP configuration)",
92 if (c > 0) bot = mid + 1; else top = mid;
95 search_error_message = string_sprintf("unknown lookup type \"%.*s\"",len,name);
101 /*************************************************
102 * Validate a full lookup type name *
103 *************************************************/
105 /* This function recognizes the "partial-" prefix and also terminating * and *@
109 name the full lookup type name
110 ptypeptr where to put the partial type
111 after subtraction of 1024 or 2048:
112 negative => no partial matching
113 non-negative => minimum number of non-wild components
114 ptypeaff where to put a pointer to the affix
115 the affix is within name if supplied therein
116 otherwise it's a literal string
117 afflen the length of the affix
118 starflags where to put the SEARCH_STAR and SEARCH_STARAT flags
119 opts where to put the options
121 Returns: +ve => valid lookup name; value is offset in lookup_list
122 -ve => invalid name; message in search_error_message.
126 search_findtype_partial(const uschar *name, int *ptypeptr, const uschar **ptypeaff,
127 int *afflen, int *starflags, const uschar ** opts)
131 const uschar *ss = name;
137 /* Check for a partial matching type. It must start with "partial", optionally
138 followed by a sequence of digits. If this is followed by "-", the affix is the
139 default "*." string. Otherwise we expect an affix in parentheses. Affixes are a
140 limited number of characters, not including parens. */
142 if (Ustrncmp(name, "partial", 7) == 0)
148 while (isdigit(*ss)) pv = pv*10 + *ss++ - '0';
150 else pv = 2; /* Default number of wild components */
155 while (ispunct(*ss) && *ss != ')') ss++;
156 if (*ss != ')') goto BAD_TYPE;
157 *afflen = ss++ - *ptypeaff;
159 else if (*ss++ == '-')
167 search_error_message = string_sprintf("format error in lookup type \"%s\"",
173 /* Now we are left with a lookup name, possibly followed by * or *@,
174 and then by options starting with a "," */
177 if ((t = Ustrchr(ss, '*')))
180 *starflags |= (t[1] == '@' ? SEARCH_STARAT : SEARCH_STAR);
185 if ((t = Ustrchr(t, ',')))
188 if (l < len) len = l;
189 *opts = string_copy(t+1);
194 /* Check for the individual search type. Only those that are actually in the
195 binary are valid. For query-style types, "partial" and default types are
198 stype = search_findtype(ss, len);
199 if (stype >= 0 && mac_islookup(stype, lookup_querystyle))
203 search_error_message = string_sprintf("\"partial\" is not permitted "
204 "for lookup type \"%s\"", ss);
207 if ((*starflags & (SEARCH_STAR|SEARCH_STARAT)) != 0)
209 search_error_message = string_sprintf("defaults using \"*\" or \"*@\" are "
210 "not permitted for lookup type \"%s\"", ss);
220 /* Set the parameters for the three different kinds of lookup.
222 search_type the search-type code
223 search the search-type string
224 query argument for the search; filename or query
225 fnamep pointer to return filename
227 Return: keyquery the search-type (for single-key) or query (for query-type)
230 search_args(int search_type, uschar * search, uschar * query, uschar ** fnamep)
232 Uskip_whitespace(&query);
233 if (mac_islookup(search_type, lookup_absfilequery))
234 { /* query-style but with file (sqlite) */
238 while (*query && !isspace(*query)) query++;
239 *fnamep = string_copyn(s, query - s);
240 Uskip_whitespace(&query);
244 return query; /* remainder after file skipped */
246 if (!mac_islookup(search_type, lookup_querystyle))
249 return search; /* modifiers important so use "keyquery" for them */
251 *fnamep = NULL; /* else query-style */
257 /*************************************************
258 * Release cached resources *
259 *************************************************/
261 /* When search_open is called it caches the "file" that it opens in
262 search_tree. The name of the tree node is a concatenation of the search type
263 with the file name. For query-style lookups, the file name is empty. Real files
264 are normally closed only when this tidyup routine is called, typically at the
265 end of sections of code where a number of lookups might occur. However, if too
266 many files are open simultaneously, some get closed beforehand. They can't be
267 removed from the tree. There is also a general tidyup function which is called
268 for the lookup driver, if it exists.
270 First, there is an internal, recursive subroutine.
272 Argument: a pointer to a search_openfile tree node
277 tidyup_subtree(tree_node *t)
279 search_cache * c = (search_cache *)(t->data.ptr);
280 if (t->left) tidyup_subtree(t->left);
281 if (t->right) tidyup_subtree(t->right);
282 if (c && c->handle && lookup_list[c->search_type]->close)
283 lookup_list[c->search_type]->close(c->handle);
287 /* The external entry point
296 int old_pool = store_pool;
298 DEBUG(D_lookup) debug_printf_indent("search_tidyup called\n");
300 /* Close individually each cached open file. */
302 store_pool = POOL_SEARCH;
305 tidyup_subtree(search_tree);
308 open_top = open_bot = NULL;
311 /* Call the general tidyup entry for any drivers that have one. */
313 for (int i = 0; i < lookup_list_count; i++) if (lookup_list[i]->tidy)
314 (lookup_list[i]->tidy)();
316 if (search_reset_point) search_reset_point = store_reset(search_reset_point);
317 store_pool = old_pool;
323 /*************************************************
324 * Open search database *
325 *************************************************/
327 /* A mode, and lists of owners and groups, are passed over for checking in
328 the cases where the database is one or more files. Return NULL, with a message
329 pointed to by message, in cases of error.
331 For search types that use a file or files, check up on the mode after
332 opening. It is tempting to do a stat before opening the file, and use it as
333 an existence check. However, doing that opens a small security loophole in
334 that the status could be changed before the file is opened. Can't quite see
335 what problems this might lead to, but you can't be too careful where security
336 is concerned. Fstat() on an open file can normally be expected to succeed,
337 but there are some NFS states where it does not.
339 There are two styles of query: (1) in the "single-key+file" style, a single
340 key string and a file name are given, for example, for linear searches, DBM
341 files, or for NIS. (2) In the "query" style, no "filename" is given; instead
342 just a single query string is passed. This applies to multiple-key lookup
345 Before opening, scan the tree of cached files to see if this file is already
346 open for the correct search type. If so, return the saved handle. If not, put
347 the handle in the tree for possible subsequent use. See search_tidyup above for
348 closing all the cached files.
350 A count of open databases which use real files is maintained, and if this
351 gets too large, we have to close a cached file. Its entry remains in the tree,
352 but is marked closed.
355 filename the name of the file for single-key+file style lookups,
356 NULL for query-style lookups
357 search_type the type of search required
358 modemask if a real single file is used, this specifies mode bits that
359 must not be set; otherwise it is ignored
360 owners if a real single file is used, this specifies the possible
361 owners of the file; otherwise it is ignored
362 owngroups if a real single file is used, this specifies the possible
363 group owners of the file; otherwise it is ignored
365 Returns: an identifying handle for the open database;
366 this is the pointer to the tree block in the
367 cache of open files; return NULL on open failure, with
368 a message in search_error_message
372 search_open(const uschar * filename, int search_type, int modemask,
373 uid_t * owners, gid_t * owngroups)
378 lookup_info *lk = lookup_list[search_type];
379 uschar keybuffer[256];
380 int old_pool = store_pool;
382 if (filename && is_tainted(filename))
384 log_write(0, LOG_MAIN|LOG_PANIC,
385 "Tainted filename for search: '%s'", filename);
389 /* Change to the search store pool and remember our reset point */
391 store_pool = POOL_SEARCH;
392 if (!search_reset_point) search_reset_point = store_mark();
394 DEBUG(D_lookup) debug_printf_indent("search_open: %s \"%s\"\n", lk->name,
395 filename ? filename : US"NULL");
397 /* See if we already have this open for this type of search, and if so,
398 pass back the tree block as the handle. The key for the tree node is the search
399 type plus '0' concatenated with the file name. There may be entries in the tree
400 with closed files if a lot of files have been opened. */
402 sprintf(CS keybuffer, "%c%.254s", search_type + '0',
403 filename ? filename : US"");
405 if ((t = tree_search(search_tree, keybuffer)))
407 if ((c = (search_cache *)t->data.ptr)->handle)
409 DEBUG(D_lookup) debug_printf_indent(" cached open\n");
410 store_pool = old_pool;
413 DEBUG(D_lookup) debug_printf_indent(" cached closed\n");
416 /* Otherwise, we need to open the file or database - each search type has its
417 own code, which is now split off into separately compiled modules. Before doing
418 this, if the search type is one that uses real files, check on the number that
419 we are holding open in the cache. If the limit is reached, close the least
420 recently used one. */
422 if (lk->type == lookup_absfile && open_filecount >= lookup_open_max)
424 log_write(0, LOG_MAIN|LOG_PANIC, "too many lookups open, but can't find "
428 search_cache *c = (search_cache *)(open_bot->data.ptr);
429 DEBUG(D_lookup) debug_printf_indent("Too many lookup files open\n closing %s\n",
431 if ((open_bot = c->up))
432 ((search_cache *)(open_bot->data.ptr))->down = NULL;
435 ((lookup_list[c->search_type])->close)(c->handle);
440 /* If opening is successful, call the file-checking function if there is one,
441 and if all is still well, enter the open database into the tree. */
443 if (!(handle = (lk->open)(filename, &search_error_message)))
445 store_pool = old_pool;
450 && !lk->check(handle, filename, modemask, owners, owngroups,
451 &search_error_message))
454 store_pool = old_pool;
458 /* If this is a search type that uses real files, keep count. */
460 if (lk->type == lookup_absfile) open_filecount++;
462 /* If we found a previously opened entry in the tree, re-use it; otherwise
463 insert a new entry. On re-use, leave any cached lookup data and the lookup
468 t = store_get(sizeof(tree_node) + Ustrlen(keybuffer), FALSE);
469 t->data.ptr = c = store_get(sizeof(search_cache), FALSE);
470 c->item_cache = NULL;
471 Ustrcpy(t->name, keybuffer);
472 tree_insertnode(&search_tree, t);
474 else c = t->data.ptr;
477 c->search_type = search_type;
478 c->up = c->down = NULL;
480 store_pool = old_pool;
488 /*************************************************
489 * Internal function: Find one item in database *
490 *************************************************/
492 /* The answer is always put into dynamic store. The last lookup for each handle
496 handle the handle from search_open; points to tree node
497 filename the filename that was handed to search_open, or
498 NULL for query-style searches
499 keystring the keystring for single-key+file lookups, or
500 the querystring for query-style lookups
501 cache_rd FALSE to avoid lookup in cache layer
502 opts type-specific options
504 Returns: a pointer to a dynamic string containing the answer,
505 or NULL if the query failed or was deferred; in the
506 latter case, search_find_defer is set TRUE; after an unusual
507 failure, there may be a message in search_error_message.
511 internal_search_find(void * handle, const uschar * filename, uschar * keystring,
512 BOOL cache_rd, const uschar * opts)
514 tree_node * t = (tree_node *)handle;
515 search_cache * c = (search_cache *)(t->data.ptr);
516 expiring_data * e = NULL; /* compiler quietening */
517 uschar * data = NULL;
518 int search_type = t->name[0] - '0';
519 int old_pool = store_pool;
521 /* Lookups that return DEFER may not always set an error message. So that
522 the callers don't have to test for NULL, set an empty string. */
524 search_error_message = US"";
525 f.search_find_defer = FALSE;
527 DEBUG(D_lookup) debug_printf_indent("internal_search_find: file=\"%s\"\n "
528 "type=%s key=\"%s\" opts=%s%s%s\n", filename,
529 lookup_list[search_type]->name, keystring,
530 opts ? "\"" : "", opts, opts ? "\"" : "");
532 /* Insurance. If the keystring is empty, just fail. */
534 if (keystring[0] == 0) return NULL;
536 /* Use the special store pool for search data */
538 store_pool = POOL_SEARCH;
540 /* Look up the data for the key, unless it is already in the cache for this
541 file. No need to check c->item_cache for NULL, tree_search will do so. Check
542 whether we want to use the cache entry last so that we can always replace it. */
544 if ( (t = tree_search(c->item_cache, keystring))
545 && (!(e = t->data.ptr)->expiry || e->expiry > time(NULL))
546 && (!opts && !e->opts || opts && e->opts && Ustrcmp(opts, e->opts) == 0)
549 { /* Data was in the cache already; set the pointer from the tree node */
551 DEBUG(D_lookup) debug_printf_indent("cached data used for lookup of %s%s%s\n",
553 filename ? US"\n in " : US"", filename ? filename : US"");
557 uint do_cache = UINT_MAX;
558 int keylength = Ustrlen(keystring);
563 debug_printf_indent("cached data found but %s; ",
564 e->expiry && e->expiry <= time(NULL) ? "out-of-date"
565 : cache_rd ? "wrong opts" : "no_rd option set");
566 debug_printf_indent("%s lookup required for %s%s%s\n",
567 filename ? US"file" : US"database",
569 filename ? US"\n in " : US"", filename ? filename : US"");
572 /* Call the code for the different kinds of search. DEFER is handled
573 like FAIL, except that search_find_defer is set so the caller can
574 distinguish if necessary. */
576 if (lookup_list[search_type]->find(c->handle, filename, keystring, keylength,
577 &data, &search_error_message, &do_cache, opts) == DEFER)
578 f.search_find_defer = TRUE;
580 /* A record that has been found is now in data, which is either NULL
581 or points to a bit of dynamic store. Cache the result of the lookup if
582 caching is permitted. Lookups can disable caching, when they did something
583 that changes their data. The mysql and pgsql lookups do this when an
584 UPDATE/INSERT query was executed. Lookups can also set a TTL for the
585 cache entry; the dnsdb lookup does.
586 Finally, the caller can request no caching by setting an option. */
590 DEBUG(D_lookup) debug_printf_indent("%s cache entry\n",
591 t ? "replacing old" : "creating new");
592 if (!t) /* No existing entry. Create new one. */
594 int len = keylength + 1;
595 e = store_get(sizeof(expiring_data) + sizeof(tree_node) + len,
596 is_tainted(keystring));
597 t = (tree_node *)(e+1);
598 memcpy(t->name, keystring, len);
600 tree_insertnode(&c->item_cache, t);
602 /* Else previous, out-of-date cache entry. Update with the */
603 /* new result and forget the old one */
604 e->expiry = do_cache == UINT_MAX ? 0 : time(NULL)+do_cache;
605 e->opts = opts ? string_copy(opts) : NULL;
609 /* If caching was disabled, empty the cache tree. We just set the cache
610 pointer to NULL here, because we cannot release the store at this stage. */
614 DEBUG(D_lookup) debug_printf_indent("lookup forced cache cleanup\n");
615 c->item_cache = NULL; /* forget all lookups on this connection */
622 debug_printf_indent("lookup yielded: %s\n", data);
623 else if (f.search_find_defer)
624 debug_printf_indent("lookup deferred: %s\n", search_error_message);
625 else debug_printf_indent("lookup failed\n");
628 /* Return it in new dynamic store in the regular pool */
630 store_pool = old_pool;
631 return data ? string_copy(data) : NULL;
637 /*************************************************
638 * Find one item in database, possibly wildcarded *
639 *************************************************/
641 /* This function calls the internal function above; once only if there
642 is no partial matching, but repeatedly when partial matching is requested.
645 handle the handle from search_open
646 filename the filename that was handed to search_open, or
647 NULL for query-style searches
648 keystring the keystring for single-key+file lookups, or
649 the querystring for query-style lookups
650 partial -1 means no partial matching;
651 otherwise it's the minimum number of components;
652 affix the affix string for partial matching
653 affixlen the length of the affix string
654 starflags SEARCH_STAR and SEARCH_STARAT flags
655 expand_setup pointer to offset for setting up expansion strings;
657 opts type-specific options
659 Returns: a pointer to a dynamic string containing the answer,
660 or NULL if the query failed or was deferred; in the
661 latter case, search_find_defer is set TRUE
665 search_find(void * handle, const uschar * filename, uschar * keystring,
666 int partial, const uschar * affix, int affixlen, int starflags,
667 int * expand_setup, const uschar * opts)
669 tree_node * t = (tree_node *)handle;
670 BOOL set_null_wild = FALSE, cache_rd = TRUE, ret_key = FALSE;
675 if (partial < 0) affixlen = 99; /* So that "NULL" prints */
676 debug_printf_indent("search_find: file=\"%s\"\n key=\"%s\" "
677 "partial=%d affix=%.*s starflags=%x opts=%s%s%s\n",
678 filename ? filename : US"NULL",
679 keystring, partial, affixlen, affix, starflags,
680 opts ? "\"" : "", opts, opts ? "\"" : "");
684 /* Parse global lookup options. Also, create a new options list with
685 the global options dropped so that the cache-modifiers are not
686 used in the cache key. */
693 for (uschar * ele; ele = string_nextinlist(&opts, &sep, NULL, 0); )
694 if (Ustrcmp(ele, "ret=key") == 0) ret_key = TRUE;
695 else if (Ustrcmp(ele, "cache=no_rd") == 0) cache_rd = FALSE;
696 else g = string_append_listele(g, ',', ele);
698 opts = string_from_gstring(g);
701 /* Arrange to put this database at the top of the LRU chain if it is a type
702 that opens real files. */
704 if ( open_top != (tree_node *)handle
705 && lookup_list[t->name[0]-'0']->type == lookup_absfile)
707 search_cache *c = (search_cache *)(t->data.ptr);
708 tree_node *up = c->up;
709 tree_node *down = c->down;
711 /* Cut it out of the list. A newly opened file will a NULL up pointer.
712 Otherwise there will be a non-NULL up pointer, since we checked above that
713 this block isn't already at the top of the list. */
717 ((search_cache *)(up->data.ptr))->down = down;
719 ((search_cache *)(down->data.ptr))->up = up;
724 /* Now put it at the head of the list. */
728 if (!open_top) open_bot = t;
729 else ((search_cache *)(open_top->data.ptr))->up = t;
735 debug_printf_indent("LRU list:\n");
736 for (tree_node *t = open_top; t; )
738 search_cache *c = (search_cache *)(t->data.ptr);
739 debug_printf_indent(" %s\n", t->name);
740 if (t == open_bot) debug_printf_indent(" End\n");
745 /* First of all, try to match the key string verbatim. If matched a complete
746 entry but could have been partial, flag to set up variables. */
748 yield = internal_search_find(handle, filename, keystring, cache_rd, opts);
749 if (f.search_find_defer) return NULL;
751 if (yield) { if (partial >= 0) set_null_wild = TRUE; }
753 /* Not matched a complete entry; handle partial lookups, but only if the full
754 search didn't defer. Don't use string_sprintf() to construct the initial key,
755 just in case the original key is too long for the string_sprintf() buffer (it
756 *has* happened!). The case of a zero-length affix has to be treated specially.
759 else if (partial >= 0)
761 int len = Ustrlen(keystring);
764 /* Try with the affix on the front, except for a zero-length affix */
766 if (affixlen == 0) keystring2 = keystring; else
768 keystring2 = store_get(len + affixlen + 1,
769 is_tainted(keystring) || is_tainted(affix));
770 Ustrncpy(keystring2, affix, affixlen);
771 Ustrcpy(keystring2 + affixlen, keystring);
772 DEBUG(D_lookup) debug_printf_indent("trying partial match %s\n", keystring2);
773 yield = internal_search_find(handle, filename, keystring2, cache_rd, opts);
774 if (f.search_find_defer) return NULL;
777 /* The key in its entirety did not match a wild entry; try chopping off
778 leading components. */
783 uschar *keystring3 = keystring2 + affixlen;
784 uschar *s = keystring3;
785 while (*s != 0) if (*s++ == '.') dotcount++;
787 while (dotcount-- >= partial)
789 while (*keystring3 != 0 && *keystring3 != '.') keystring3++;
791 /* If we get right to the end of the string (which will be the last time
792 through this loop), we've failed if the affix is null. Otherwise do one
793 last lookup for the affix itself, but if it is longer than 1 character,
794 remove the last character if it is ".". */
796 if (*keystring3 == 0)
798 if (affixlen < 1) break;
799 if (affixlen > 1 && affix[affixlen-1] == '.') affixlen--;
800 Ustrncpy(keystring2, affix, affixlen);
801 keystring2[affixlen] = 0;
802 keystring3 = keystring2;
806 keystring3 -= affixlen - 1;
807 if (affixlen > 0) Ustrncpy(keystring3, affix, affixlen);
810 DEBUG(D_lookup) debug_printf_indent("trying partial match %s\n", keystring3);
811 yield = internal_search_find(handle, filename, keystring3,
813 if (f.search_find_defer) return NULL;
816 /* First variable is the wild part; second is the fixed part. Take care
817 to get it right when keystring3 is just "*". */
819 if (expand_setup && *expand_setup >= 0)
821 int fixedlength = Ustrlen(keystring3) - affixlen;
822 int wildlength = Ustrlen(keystring) - fixedlength - 1;
824 expand_nstring[*expand_setup] = keystring;
825 expand_nlength[*expand_setup] = wildlength;
827 expand_nstring[*expand_setup] = keystring + wildlength + 1;
828 expand_nlength[*expand_setup] = (fixedlength < 0)? 0 : fixedlength;
832 keystring3 += affixlen;
836 else set_null_wild = TRUE; /* Matched a wild entry without any wild part */
839 /* If nothing has been matched, but the option to look for "*@" is set, try
840 replacing everything to the left of @ by *. After a match, the wild part
841 is set to the string to the left of the @. */
843 if (!yield && starflags & SEARCH_STARAT)
845 uschar *atat = Ustrrchr(keystring, '@');
846 if (atat != NULL && atat > keystring)
849 savechar = *(--atat);
852 DEBUG(D_lookup) debug_printf_indent("trying default match %s\n", atat);
853 yield = internal_search_find(handle, filename, atat, cache_rd, opts);
855 if (f.search_find_defer) return NULL;
857 if (yield && expand_setup && *expand_setup >= 0)
860 expand_nstring[*expand_setup] = keystring;
861 expand_nlength[*expand_setup] = atat - keystring + 1;
863 expand_nstring[*expand_setup] = keystring;
864 expand_nlength[*expand_setup] = 0;
869 /* If we still haven't matched anything, and the option to look for "*" is set,
870 try that. If we do match, the first variable (the wild part) is the whole key,
871 and the second is empty. */
873 if (!yield && starflags & (SEARCH_STAR|SEARCH_STARAT))
875 DEBUG(D_lookup) debug_printf_indent("trying to match *\n");
876 yield = internal_search_find(handle, filename, US"*", cache_rd, opts);
877 if (yield && expand_setup && *expand_setup >= 0)
880 expand_nstring[*expand_setup] = keystring;
881 expand_nlength[*expand_setup] = Ustrlen(keystring);
883 expand_nstring[*expand_setup] = keystring;
884 expand_nlength[*expand_setup] = 0;
888 /* If this was a potentially partial lookup, and we matched either a
889 complete non-wild domain entry, or we matched a wild-carded entry without
890 chopping off any of the domain components, set up the expansion variables
891 (if required) so that the first one is empty, and the second one is the
892 fixed part of the domain. The set_null_wild flag is set only when yield is not
895 if (set_null_wild && expand_setup && *expand_setup >= 0)
898 expand_nstring[*expand_setup] = keystring;
899 expand_nlength[*expand_setup] = 0;
901 expand_nstring[*expand_setup] = keystring;
902 expand_nlength[*expand_setup] = Ustrlen(keystring);
905 /* If we have a result, check the options to see if the key was wanted rather
906 than the result. Return a de-tainted version of the key on the grounds that
907 it have been validated by the lookup. */
909 if (yield && ret_key)
910 yield = string_copy_taint(keystring, FALSE);
915 /* End of search.c */