1 /* $Cambridge: exim/src/src/expand.c,v 1.22 2005/05/23 16:58:56 fanf2 Exp $ */
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
7 /* Copyright (c) University of Cambridge 1995 - 2005 */
8 /* See the file NOTICE for conditions of use and distribution. */
11 /* Functions for handling string expansion. */
17 #ifndef SUPPORT_CRYPTEQ
18 #define SUPPORT_CRYPTEQ
22 #ifdef SUPPORT_CRYPTEQ
27 extern char* crypt16(char*, char*);
32 #include "lookups/ldap.h"
37 /* Recursively called function */
39 static uschar *expand_string_internal(uschar *, BOOL, uschar **, BOOL);
43 /*************************************************
44 * Local statics and tables *
45 *************************************************/
47 /* Table of item names, and corresponding switch numbers. The names must be in
48 alphabetical order. */
50 static uschar *item_table[] = {
84 /* Tables of operator names, and corresponding switch numbers. The names must be
85 in alphabetical order. There are two tables, because underscore is used in some
86 cases to introduce arguments, whereas for other it is part of the name. This is
87 an historical mis-design. */
89 static uschar *op_table_underscore[] = {
101 static uschar *op_table_main[] = {
132 EOP_ADDRESS = sizeof(op_table_underscore)/sizeof(uschar *),
162 /* Table of condition names, and corresponding switch numbers. The names must
163 be in alphabetical order. */
165 static uschar *cond_table[] = {
169 US"==", /* Backward compatibility */
194 US"match_local_part",
216 ECOND_FIRST_DELIVERY,
232 ECOND_MATCH_LOCAL_PART,
242 /* Type for main variable table */
250 /* Type for entries pointing to address/length pairs. Not currently
258 /* Types of table entry */
261 vtype_int, /* value is address of int */
262 vtype_filter_int, /* ditto, but recognized only when filtering */
263 vtype_ino, /* value is address of ino_t (not always an int) */
264 vtype_uid, /* value is address of uid_t (not always an int) */
265 vtype_gid, /* value is address of gid_t (not always an int) */
266 vtype_stringptr, /* value is address of pointer to string */
267 vtype_msgbody, /* as stringptr, but read when first required */
268 vtype_msgbody_end, /* ditto, the end of the message */
269 vtype_msgheaders, /* the message's headers */
270 vtype_localpart, /* extract local part from string */
271 vtype_domain, /* extract domain from string */
272 vtype_recipients, /* extract recipients from recipients list */
273 /* (enabled only during system filtering */
274 vtype_todbsdin, /* value not used; generate BSD inbox tod */
275 vtype_tode, /* value not used; generate tod in epoch format */
276 vtype_todf, /* value not used; generate full tod */
277 vtype_todl, /* value not used; generate log tod */
278 vtype_todlf, /* value not used; generate log file datestamp tod */
279 vtype_todzone, /* value not used; generate time zone only */
280 vtype_todzulu, /* value not used; generate zulu tod */
281 vtype_reply, /* value not used; get reply from headers */
282 vtype_pid, /* value not used; result is pid */
283 vtype_host_lookup, /* value not used; get host name */
284 vtype_load_avg, /* value not used; result is int from os_getloadavg */
285 vtype_pspace, /* partition space; value is T/F for spool/log */
286 vtype_pinodes /* partition inodes; value is T/F for spool/log */
287 #ifdef EXPERIMENTAL_DOMAINKEYS
288 ,vtype_dk_verify /* Serve request out of DomainKeys verification structure */
292 /* This table must be kept in alphabetical order. */
294 static var_entry var_table[] = {
295 { "acl_c0", vtype_stringptr, &acl_var[0] },
296 { "acl_c1", vtype_stringptr, &acl_var[1] },
297 { "acl_c2", vtype_stringptr, &acl_var[2] },
298 { "acl_c3", vtype_stringptr, &acl_var[3] },
299 { "acl_c4", vtype_stringptr, &acl_var[4] },
300 { "acl_c5", vtype_stringptr, &acl_var[5] },
301 { "acl_c6", vtype_stringptr, &acl_var[6] },
302 { "acl_c7", vtype_stringptr, &acl_var[7] },
303 { "acl_c8", vtype_stringptr, &acl_var[8] },
304 { "acl_c9", vtype_stringptr, &acl_var[9] },
305 { "acl_m0", vtype_stringptr, &acl_var[10] },
306 { "acl_m1", vtype_stringptr, &acl_var[11] },
307 { "acl_m2", vtype_stringptr, &acl_var[12] },
308 { "acl_m3", vtype_stringptr, &acl_var[13] },
309 { "acl_m4", vtype_stringptr, &acl_var[14] },
310 { "acl_m5", vtype_stringptr, &acl_var[15] },
311 { "acl_m6", vtype_stringptr, &acl_var[16] },
312 { "acl_m7", vtype_stringptr, &acl_var[17] },
313 { "acl_m8", vtype_stringptr, &acl_var[18] },
314 { "acl_m9", vtype_stringptr, &acl_var[19] },
315 { "acl_verify_message", vtype_stringptr, &acl_verify_message },
316 { "address_data", vtype_stringptr, &deliver_address_data },
317 { "address_file", vtype_stringptr, &address_file },
318 { "address_pipe", vtype_stringptr, &address_pipe },
319 { "authenticated_id", vtype_stringptr, &authenticated_id },
320 { "authenticated_sender",vtype_stringptr, &authenticated_sender },
321 { "authentication_failed",vtype_int, &authentication_failed },
322 #ifdef EXPERIMENTAL_BRIGHTMAIL
323 { "bmi_alt_location", vtype_stringptr, &bmi_alt_location },
324 { "bmi_base64_tracker_verdict", vtype_stringptr, &bmi_base64_tracker_verdict },
325 { "bmi_base64_verdict", vtype_stringptr, &bmi_base64_verdict },
326 { "bmi_deliver", vtype_int, &bmi_deliver },
328 { "body_linecount", vtype_int, &body_linecount },
329 { "body_zerocount", vtype_int, &body_zerocount },
330 { "bounce_recipient", vtype_stringptr, &bounce_recipient },
331 { "bounce_return_size_limit", vtype_int, &bounce_return_size_limit },
332 { "caller_gid", vtype_gid, &real_gid },
333 { "caller_uid", vtype_uid, &real_uid },
334 { "compile_date", vtype_stringptr, &version_date },
335 { "compile_number", vtype_stringptr, &version_cnumber },
336 { "csa_status", vtype_stringptr, &csa_status },
337 #ifdef WITH_OLD_DEMIME
338 { "demime_errorlevel", vtype_int, &demime_errorlevel },
339 { "demime_reason", vtype_stringptr, &demime_reason },
341 #ifdef EXPERIMENTAL_DOMAINKEYS
342 { "dk_domain", vtype_stringptr, &dk_signing_domain },
343 { "dk_is_signed", vtype_dk_verify, NULL },
344 { "dk_result", vtype_dk_verify, NULL },
345 { "dk_selector", vtype_stringptr, &dk_signing_selector },
346 { "dk_sender", vtype_dk_verify, NULL },
347 { "dk_sender_domain", vtype_dk_verify, NULL },
348 { "dk_sender_local_part",vtype_dk_verify, NULL },
349 { "dk_sender_source", vtype_dk_verify, NULL },
350 { "dk_signsall", vtype_dk_verify, NULL },
351 { "dk_status", vtype_dk_verify, NULL },
352 { "dk_testing", vtype_dk_verify, NULL },
354 { "dnslist_domain", vtype_stringptr, &dnslist_domain },
355 { "dnslist_text", vtype_stringptr, &dnslist_text },
356 { "dnslist_value", vtype_stringptr, &dnslist_value },
357 { "domain", vtype_stringptr, &deliver_domain },
358 { "domain_data", vtype_stringptr, &deliver_domain_data },
359 { "exim_gid", vtype_gid, &exim_gid },
360 { "exim_path", vtype_stringptr, &exim_path },
361 { "exim_uid", vtype_uid, &exim_uid },
362 #ifdef WITH_OLD_DEMIME
363 { "found_extension", vtype_stringptr, &found_extension },
365 { "home", vtype_stringptr, &deliver_home },
366 { "host", vtype_stringptr, &deliver_host },
367 { "host_address", vtype_stringptr, &deliver_host_address },
368 { "host_data", vtype_stringptr, &host_data },
369 { "host_lookup_deferred",vtype_int, &host_lookup_deferred },
370 { "host_lookup_failed", vtype_int, &host_lookup_failed },
371 { "inode", vtype_ino, &deliver_inode },
372 { "interface_address", vtype_stringptr, &interface_address },
373 { "interface_port", vtype_int, &interface_port },
375 { "ldap_dn", vtype_stringptr, &eldap_dn },
377 { "load_average", vtype_load_avg, NULL },
378 { "local_part", vtype_stringptr, &deliver_localpart },
379 { "local_part_data", vtype_stringptr, &deliver_localpart_data },
380 { "local_part_prefix", vtype_stringptr, &deliver_localpart_prefix },
381 { "local_part_suffix", vtype_stringptr, &deliver_localpart_suffix },
382 { "local_scan_data", vtype_stringptr, &local_scan_data },
383 { "local_user_gid", vtype_gid, &local_user_gid },
384 { "local_user_uid", vtype_uid, &local_user_uid },
385 { "localhost_number", vtype_int, &host_number },
386 { "log_inodes", vtype_pinodes, (void *)FALSE },
387 { "log_space", vtype_pspace, (void *)FALSE },
388 { "mailstore_basename", vtype_stringptr, &mailstore_basename },
389 #ifdef WITH_CONTENT_SCAN
390 { "malware_name", vtype_stringptr, &malware_name },
392 { "message_age", vtype_int, &message_age },
393 { "message_body", vtype_msgbody, &message_body },
394 { "message_body_end", vtype_msgbody_end, &message_body_end },
395 { "message_body_size", vtype_int, &message_body_size },
396 { "message_headers", vtype_msgheaders, NULL },
397 { "message_id", vtype_stringptr, &message_id },
398 { "message_linecount", vtype_int, &message_linecount },
399 { "message_size", vtype_int, &message_size },
400 #ifdef WITH_CONTENT_SCAN
401 { "mime_anomaly_level", vtype_int, &mime_anomaly_level },
402 { "mime_anomaly_text", vtype_stringptr, &mime_anomaly_text },
403 { "mime_boundary", vtype_stringptr, &mime_boundary },
404 { "mime_charset", vtype_stringptr, &mime_charset },
405 { "mime_content_description", vtype_stringptr, &mime_content_description },
406 { "mime_content_disposition", vtype_stringptr, &mime_content_disposition },
407 { "mime_content_id", vtype_stringptr, &mime_content_id },
408 { "mime_content_size", vtype_int, &mime_content_size },
409 { "mime_content_transfer_encoding",vtype_stringptr, &mime_content_transfer_encoding },
410 { "mime_content_type", vtype_stringptr, &mime_content_type },
411 { "mime_decoded_filename", vtype_stringptr, &mime_decoded_filename },
412 { "mime_filename", vtype_stringptr, &mime_filename },
413 { "mime_is_coverletter", vtype_int, &mime_is_coverletter },
414 { "mime_is_multipart", vtype_int, &mime_is_multipart },
415 { "mime_is_rfc822", vtype_int, &mime_is_rfc822 },
416 { "mime_part_count", vtype_int, &mime_part_count },
418 { "n0", vtype_filter_int, &filter_n[0] },
419 { "n1", vtype_filter_int, &filter_n[1] },
420 { "n2", vtype_filter_int, &filter_n[2] },
421 { "n3", vtype_filter_int, &filter_n[3] },
422 { "n4", vtype_filter_int, &filter_n[4] },
423 { "n5", vtype_filter_int, &filter_n[5] },
424 { "n6", vtype_filter_int, &filter_n[6] },
425 { "n7", vtype_filter_int, &filter_n[7] },
426 { "n8", vtype_filter_int, &filter_n[8] },
427 { "n9", vtype_filter_int, &filter_n[9] },
428 { "original_domain", vtype_stringptr, &deliver_domain_orig },
429 { "original_local_part", vtype_stringptr, &deliver_localpart_orig },
430 { "originator_gid", vtype_gid, &originator_gid },
431 { "originator_uid", vtype_uid, &originator_uid },
432 { "parent_domain", vtype_stringptr, &deliver_domain_parent },
433 { "parent_local_part", vtype_stringptr, &deliver_localpart_parent },
434 { "pid", vtype_pid, NULL },
435 { "primary_hostname", vtype_stringptr, &primary_hostname },
436 { "qualify_domain", vtype_stringptr, &qualify_domain_sender },
437 { "qualify_recipient", vtype_stringptr, &qualify_domain_recipient },
438 { "rcpt_count", vtype_int, &rcpt_count },
439 { "rcpt_defer_count", vtype_int, &rcpt_defer_count },
440 { "rcpt_fail_count", vtype_int, &rcpt_fail_count },
441 { "received_count", vtype_int, &received_count },
442 { "received_for", vtype_stringptr, &received_for },
443 { "received_protocol", vtype_stringptr, &received_protocol },
444 { "received_time", vtype_int, &received_time },
445 { "recipient_data", vtype_stringptr, &recipient_data },
446 { "recipient_verify_failure",vtype_stringptr,&recipient_verify_failure },
447 { "recipients", vtype_recipients, NULL },
448 { "recipients_count", vtype_int, &recipients_count },
449 #ifdef WITH_CONTENT_SCAN
450 { "regex_match_string", vtype_stringptr, ®ex_match_string },
452 { "reply_address", vtype_reply, NULL },
453 { "return_path", vtype_stringptr, &return_path },
454 { "return_size_limit", vtype_int, &bounce_return_size_limit },
455 { "runrc", vtype_int, &runrc },
456 { "self_hostname", vtype_stringptr, &self_hostname },
457 { "sender_address", vtype_stringptr, &sender_address },
458 { "sender_address_data", vtype_stringptr, &sender_address_data },
459 { "sender_address_domain", vtype_domain, &sender_address },
460 { "sender_address_local_part", vtype_localpart, &sender_address },
461 { "sender_data", vtype_stringptr, &sender_data },
462 { "sender_fullhost", vtype_stringptr, &sender_fullhost },
463 { "sender_helo_name", vtype_stringptr, &sender_helo_name },
464 { "sender_host_address", vtype_stringptr, &sender_host_address },
465 { "sender_host_authenticated",vtype_stringptr, &sender_host_authenticated },
466 { "sender_host_name", vtype_host_lookup, NULL },
467 { "sender_host_port", vtype_int, &sender_host_port },
468 { "sender_ident", vtype_stringptr, &sender_ident },
469 { "sender_rate", vtype_stringptr, &sender_rate },
470 { "sender_rate_limit", vtype_stringptr, &sender_rate_limit },
471 { "sender_rate_period", vtype_stringptr, &sender_rate_period },
472 { "sender_rcvhost", vtype_stringptr, &sender_rcvhost },
473 { "sender_verify_failure",vtype_stringptr, &sender_verify_failure },
474 { "smtp_active_hostname", vtype_stringptr, &smtp_active_hostname },
475 { "smtp_command_argument", vtype_stringptr, &smtp_command_argument },
476 { "sn0", vtype_filter_int, &filter_sn[0] },
477 { "sn1", vtype_filter_int, &filter_sn[1] },
478 { "sn2", vtype_filter_int, &filter_sn[2] },
479 { "sn3", vtype_filter_int, &filter_sn[3] },
480 { "sn4", vtype_filter_int, &filter_sn[4] },
481 { "sn5", vtype_filter_int, &filter_sn[5] },
482 { "sn6", vtype_filter_int, &filter_sn[6] },
483 { "sn7", vtype_filter_int, &filter_sn[7] },
484 { "sn8", vtype_filter_int, &filter_sn[8] },
485 { "sn9", vtype_filter_int, &filter_sn[9] },
486 #ifdef WITH_CONTENT_SCAN
487 { "spam_bar", vtype_stringptr, &spam_bar },
488 { "spam_report", vtype_stringptr, &spam_report },
489 { "spam_score", vtype_stringptr, &spam_score },
490 { "spam_score_int", vtype_stringptr, &spam_score_int },
492 #ifdef EXPERIMENTAL_SPF
493 { "spf_header_comment", vtype_stringptr, &spf_header_comment },
494 { "spf_received", vtype_stringptr, &spf_received },
495 { "spf_result", vtype_stringptr, &spf_result },
496 { "spf_smtp_comment", vtype_stringptr, &spf_smtp_comment },
498 { "spool_directory", vtype_stringptr, &spool_directory },
499 { "spool_inodes", vtype_pinodes, (void *)TRUE },
500 { "spool_space", vtype_pspace, (void *)TRUE },
501 #ifdef EXPERIMENTAL_SRS
502 { "srs_db_address", vtype_stringptr, &srs_db_address },
503 { "srs_db_key", vtype_stringptr, &srs_db_key },
504 { "srs_orig_recipient", vtype_stringptr, &srs_orig_recipient },
505 { "srs_orig_sender", vtype_stringptr, &srs_orig_sender },
506 { "srs_recipient", vtype_stringptr, &srs_recipient },
507 { "srs_status", vtype_stringptr, &srs_status },
509 { "thisaddress", vtype_stringptr, &filter_thisaddress },
510 { "tls_certificate_verified", vtype_int, &tls_certificate_verified },
511 { "tls_cipher", vtype_stringptr, &tls_cipher },
512 { "tls_peerdn", vtype_stringptr, &tls_peerdn },
513 { "tod_bsdinbox", vtype_todbsdin, NULL },
514 { "tod_epoch", vtype_tode, NULL },
515 { "tod_full", vtype_todf, NULL },
516 { "tod_log", vtype_todl, NULL },
517 { "tod_logfile", vtype_todlf, NULL },
518 { "tod_zone", vtype_todzone, NULL },
519 { "tod_zulu", vtype_todzulu, NULL },
520 { "value", vtype_stringptr, &lookup_value },
521 { "version_number", vtype_stringptr, &version_string },
522 { "warn_message_delay", vtype_stringptr, &warnmsg_delay },
523 { "warn_message_recipient",vtype_stringptr, &warnmsg_recipients },
524 { "warn_message_recipients",vtype_stringptr,&warnmsg_recipients },
525 { "warnmsg_delay", vtype_stringptr, &warnmsg_delay },
526 { "warnmsg_recipient", vtype_stringptr, &warnmsg_recipients },
527 { "warnmsg_recipients", vtype_stringptr, &warnmsg_recipients }
530 static int var_table_size = sizeof(var_table)/sizeof(var_entry);
531 static uschar var_buffer[256];
532 static BOOL malformed_header;
534 /* For textual hashes */
536 static char *hashcodes = "abcdefghijklmnopqrtsuvwxyz"
537 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
540 enum { HMAC_MD5, HMAC_SHA1 };
542 /* For numeric hashes */
544 static unsigned int prime[] = {
545 2, 3, 5, 7, 11, 13, 17, 19, 23, 29,
546 31, 37, 41, 43, 47, 53, 59, 61, 67, 71,
547 73, 79, 83, 89, 97, 101, 103, 107, 109, 113};
549 /* For printing modes in symbolic form */
551 static uschar *mtable_normal[] =
552 { US"---", US"--x", US"-w-", US"-wx", US"r--", US"r-x", US"rw-", US"rwx" };
554 static uschar *mtable_setid[] =
555 { US"--S", US"--s", US"-wS", US"-ws", US"r-S", US"r-s", US"rwS", US"rws" };
557 static uschar *mtable_sticky[] =
558 { US"--T", US"--t", US"-wT", US"-wt", US"r-T", US"r-t", US"rwT", US"rwt" };
562 /*************************************************
563 * Tables for UTF-8 support *
564 *************************************************/
566 /* Table of the number of extra characters, indexed by the first character
567 masked with 0x3f. The highest number for a valid UTF-8 character is in fact
570 static uschar utf8_table1[] = {
571 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
572 1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
573 2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,
574 3,3,3,3,3,3,3,3,4,4,4,4,5,5,5,5 };
576 /* These are the masks for the data bits in the first byte of a character,
577 indexed by the number of additional bytes. */
579 static int utf8_table2[] = { 0xff, 0x1f, 0x0f, 0x07, 0x03, 0x01};
581 /* Get the next UTF-8 character, advancing the pointer. */
583 #define GETUTF8INC(c, ptr) \
585 if ((c & 0xc0) == 0xc0) \
587 int a = utf8_table1[c & 0x3f]; /* Number of additional bytes */ \
589 c = (c & utf8_table2[a]) << s; \
593 c |= (*ptr++ & 0x3f) << s; \
598 /*************************************************
599 * Binary chop search on a table *
600 *************************************************/
602 /* This is used for matching expansion items and operators.
605 name the name that is being sought
606 table the table to search
607 table_size the number of items in the table
609 Returns: the offset in the table, or -1
613 chop_match(uschar *name, uschar **table, int table_size)
615 uschar **bot = table;
616 uschar **top = table + table_size;
620 uschar **mid = bot + (top - bot)/2;
621 int c = Ustrcmp(name, *mid);
622 if (c == 0) return mid - table;
623 if (c > 0) bot = mid + 1; else top = mid;
631 /*************************************************
632 * Check a condition string *
633 *************************************************/
635 /* This function is called to expand a string, and test the result for a "true"
636 or "false" value. Failure of the expansion yields FALSE; logged unless it was a
637 forced fail or lookup defer. All store used by the function can be released on
641 condition the condition string
642 m1 text to be incorporated in panic error
645 Returns: TRUE if condition is met, FALSE if not
649 expand_check_condition(uschar *condition, uschar *m1, uschar *m2)
652 void *reset_point = store_get(0);
653 uschar *ss = expand_string(condition);
656 if (!expand_string_forcedfail && !search_find_defer)
657 log_write(0, LOG_MAIN|LOG_PANIC, "failed to expand condition \"%s\" "
658 "for %s %s: %s", condition, m1, m2, expand_string_message);
661 rc = ss[0] != 0 && Ustrcmp(ss, "0") != 0 && strcmpic(ss, US"no") != 0 &&
662 strcmpic(ss, US"false") != 0;
663 store_reset(reset_point);
669 /*************************************************
670 * Pick out a name from a string *
671 *************************************************/
673 /* If the name is too long, it is silently truncated.
676 name points to a buffer into which to put the name
677 max is the length of the buffer
678 s points to the first alphabetic character of the name
679 extras chars other than alphanumerics to permit
681 Returns: pointer to the first character after the name
683 Note: The test for *s != 0 in the while loop is necessary because
684 Ustrchr() yields non-NULL if the character is zero (which is not something
688 read_name(uschar *name, int max, uschar *s, uschar *extras)
691 while (*s != 0 && (isalnum(*s) || Ustrchr(extras, *s) != NULL))
693 if (ptr < max-1) name[ptr++] = *s;
702 /*************************************************
703 * Pick out the rest of a header name *
704 *************************************************/
706 /* A variable name starting $header_ (or just $h_ for those who like
707 abbreviations) might not be the complete header name because headers can
708 contain any printing characters in their names, except ':'. This function is
709 called to read the rest of the name, chop h[eader]_ off the front, and put ':'
710 on the end, if the name was terminated by white space.
713 name points to a buffer in which the name read so far exists
714 max is the length of the buffer
715 s points to the first character after the name so far, i.e. the
716 first non-alphameric character after $header_xxxxx
718 Returns: a pointer to the first character after the header name
722 read_header_name(uschar *name, int max, uschar *s)
724 int prelen = Ustrchr(name, '_') - name + 1;
725 int ptr = Ustrlen(name) - prelen;
726 if (ptr > 0) memmove(name, name+prelen, ptr);
727 while (mac_isgraph(*s) && *s != ':')
729 if (ptr < max-1) name[ptr++] = *s;
740 /*************************************************
741 * Pick out a number from a string *
742 *************************************************/
745 n points to an integer into which to put the number
746 s points to the first digit of the number
748 Returns: a pointer to the character after the last digit
752 read_number(int *n, uschar *s)
755 while (isdigit(*s)) *n = *n * 10 + (*s++ - '0');
761 /*************************************************
762 * Extract keyed subfield from a string *
763 *************************************************/
765 /* The yield is in dynamic store; NULL means that the key was not found.
768 key points to the name of the key
769 s points to the string from which to extract the subfield
771 Returns: NULL if the subfield was not found, or
772 a pointer to the subfield's data
776 expand_getkeyed(uschar *key, uschar *s)
778 int length = Ustrlen(key);
779 while (isspace(*s)) s++;
781 /* Loop to search for the key */
789 while (*s != 0 && *s != '=' && !isspace(*s)) s++;
790 dkeylength = s - dkey;
791 while (isspace(*s)) s++;
792 if (*s == '=') while (isspace((*(++s))));
794 data = string_dequote(&s);
795 if (length == dkeylength && strncmpic(key, dkey, length) == 0)
798 while (isspace(*s)) s++;
807 /*************************************************
808 * Extract numbered subfield from string *
809 *************************************************/
811 /* Extracts a numbered field from a string that is divided by tokens - for
812 example a line from /etc/passwd is divided by colon characters. First field is
813 numbered one. Negative arguments count from the right. Zero returns the whole
814 string. Returns NULL if there are insufficient tokens in the string
817 Modifies final argument - this is a dynamically generated string, so that's OK.
820 field number of field to be extracted,
821 first field = 1, whole string = 0, last field = -1
822 separators characters that are used to break string into tokens
823 s points to the string from which to extract the subfield
825 Returns: NULL if the field was not found,
826 a pointer to the field's data inside s (modified to add 0)
830 expand_gettokened (int field, uschar *separators, uschar *s)
835 uschar *fieldtext = NULL;
837 if (field == 0) return s;
839 /* Break the line up into fields in place; for field > 0 we stop when we have
840 done the number of fields we want. For field < 0 we continue till the end of
841 the string, counting the number of fields. */
843 count = (field > 0)? field : INT_MAX;
849 /* Previous field was the last one in the string. For a positive field
850 number, this means there are not enough fields. For a negative field number,
851 check that there are enough, and scan back to find the one that is wanted. */
855 if (field > 0 || (-field) > (INT_MAX - count - 1)) return NULL;
856 if ((-field) == (INT_MAX - count - 1)) return s;
860 while (ss[-1] != 0) ss--;
866 /* Previous field was not last in the string; save its start and put a
870 len = Ustrcspn(ss, separators);
881 /*************************************************
882 * Extract a substring from a string *
883 *************************************************/
885 /* Perform the ${substr or ${length expansion operations.
888 subject the input string
889 value1 the offset from the start of the input string to the start of
890 the output string; if negative, count from the right.
891 value2 the length of the output string, or negative (-1) for unset
892 if value1 is positive, unset means "all after"
893 if value1 is negative, unset means "all before"
894 len set to the length of the returned string
896 Returns: pointer to the output string, or NULL if there is an error
900 extract_substr(uschar *subject, int value1, int value2, int *len)
902 int sublen = Ustrlen(subject);
904 if (value1 < 0) /* count from right */
908 /* If the position is before the start, skip to the start, and adjust the
909 length. If the length ends up negative, the substring is null because nothing
910 can precede. This falls out naturally when the length is unset, meaning "all
916 if (value2 < 0) value2 = 0;
920 /* Otherwise an unset length => characters before value1 */
929 /* For a non-negative offset, if the starting position is past the end of the
930 string, the result will be the null string. Otherwise, an unset length means
931 "rest"; just set it to the maximum - it will be cut down below if necessary. */
940 else if (value2 < 0) value2 = sublen;
943 /* Cut the length down to the maximum possible for the offset value, and get
944 the required characters. */
946 if (value1 + value2 > sublen) value2 = sublen - value1;
948 return subject + value1;
954 /*************************************************
955 * Old-style hash of a string *
956 *************************************************/
958 /* Perform the ${hash expansion operation.
961 subject the input string (an expanded substring)
962 value1 the length of the output string; if greater or equal to the
963 length of the input string, the input string is returned
964 value2 the number of hash characters to use, or 26 if negative
965 len set to the length of the returned string
967 Returns: pointer to the output string, or NULL if there is an error
971 compute_hash(uschar *subject, int value1, int value2, int *len)
973 int sublen = Ustrlen(subject);
975 if (value2 < 0) value2 = 26;
976 else if (value2 > Ustrlen(hashcodes))
978 expand_string_message =
979 string_sprintf("hash count \"%d\" too big", value2);
983 /* Calculate the hash text. We know it is shorter than the original string, so
984 can safely place it in subject[] (we know that subject is always itself an
985 expanded substring). */
992 while ((c = (subject[j])) != 0)
994 int shift = (c + j++) & 7;
995 subject[i] ^= (c << shift) | (c >> (8-shift));
996 if (++i >= value1) i = 0;
998 for (i = 0; i < value1; i++)
999 subject[i] = hashcodes[(subject[i]) % value2];
1001 else value1 = sublen;
1010 /*************************************************
1011 * Numeric hash of a string *
1012 *************************************************/
1014 /* Perform the ${nhash expansion operation. The first characters of the
1015 string are treated as most important, and get the highest prime numbers.
1018 subject the input string
1019 value1 the maximum value of the first part of the result
1020 value2 the maximum value of the second part of the result,
1021 or negative to produce only a one-part result
1022 len set to the length of the returned string
1024 Returns: pointer to the output string, or NULL if there is an error.
1028 compute_nhash (uschar *subject, int value1, int value2, int *len)
1030 uschar *s = subject;
1032 unsigned long int total = 0; /* no overflow */
1036 if (i == 0) i = sizeof(prime)/sizeof(int) - 1;
1037 total += prime[i--] * (unsigned int)(*s++);
1040 /* If value2 is unset, just compute one number */
1044 s = string_sprintf("%d", total % value1);
1047 /* Otherwise do a div/mod hash */
1051 total = total % (value1 * value2);
1052 s = string_sprintf("%d/%d", total/value2, total % value2);
1063 /*************************************************
1064 * Find the value of a header or headers *
1065 *************************************************/
1067 /* Multiple instances of the same header get concatenated, and this function
1068 can also return a concatenation of all the header lines. When concatenating
1069 specific headers that contain lists of addresses, a comma is inserted between
1070 them. Otherwise we use a straight concatenation. Because some messages can have
1071 pathologically large number of lines, there is a limit on the length that is
1072 returned. Also, to avoid massive store use which would result from using
1073 string_cat() as it copies and extends strings, we do a preliminary pass to find
1074 out exactly how much store will be needed. On "normal" messages this will be
1078 name the name of the header, without the leading $header_ or $h_,
1079 or NULL if a concatenation of all headers is required
1080 exists_only TRUE if called from a def: test; don't need to build a string;
1081 just return a string that is not "" and not "0" if the header
1083 newsize return the size of memory block that was obtained; may be NULL
1084 if exists_only is TRUE
1085 want_raw TRUE if called for $rh_ or $rheader_ variables; no processing,
1086 other than concatenating, will be done on the header
1087 charset name of charset to translate MIME words to; used only if
1088 want_raw is false; if NULL, no translation is done (this is
1089 used for $bh_ and $bheader_)
1091 Returns: NULL if the header does not exist, else a pointer to a new
1096 find_header(uschar *name, BOOL exists_only, int *newsize, BOOL want_raw,
1099 BOOL found = name == NULL;
1101 int len = found? 0 : Ustrlen(name);
1103 uschar *yield = NULL;
1106 /* Loop for two passes - saves code repetition */
1108 for (i = 0; i < 2; i++)
1113 for (h = header_list; size < header_insert_maxlen && h != NULL; h = h->next)
1115 if (h->type != htype_old && h->text != NULL) /* NULL => Received: placeholder */
1117 if (name == NULL || (len <= h->slen && strncmpic(name, h->text, len) == 0))
1122 if (exists_only) return US"1"; /* don't need actual string */
1124 t = h->text + len; /* text to insert */
1125 if (!want_raw) /* unless wanted raw, */
1126 while (isspace(*t)) t++; /* remove leading white space */
1127 ilen = h->slen - (t - h->text); /* length to insert */
1129 /* Set comma = 1 if handling a single header and it's one of those
1130 that contains an address list, except when asked for raw headers. Only
1131 need to do this once. */
1133 if (!want_raw && name != NULL && comma == 0 &&
1134 Ustrchr("BCFRST", h->type) != NULL)
1137 /* First pass - compute total store needed; second pass - compute
1138 total store used, including this header. */
1140 size += ilen + comma;
1142 /* Second pass - concatentate the data, up to a maximum. Note that
1143 the loop stops when size hits the limit. */
1147 if (size > header_insert_maxlen)
1149 ilen -= size - header_insert_maxlen;
1152 Ustrncpy(ptr, t, ilen);
1154 if (comma != 0 && ilen > 0)
1164 /* At end of first pass, truncate size if necessary, and get the buffer
1165 to hold the data, returning the buffer size. */
1169 if (!found) return NULL;
1170 if (size > header_insert_maxlen) size = header_insert_maxlen;
1171 *newsize = size + 1;
1172 ptr = yield = store_get(*newsize);
1176 /* Remove a redundant added comma if present */
1178 if (comma != 0 && ptr > yield) ptr -= 2;
1180 /* That's all we do for raw header expansion. */
1187 /* Otherwise, we remove trailing whitespace, including newlines. Then we do RFC
1188 2047 decoding, translating the charset if requested. The rfc2047_decode2()
1189 function can return an error with decoded data if the charset translation
1190 fails. If decoding fails, it returns NULL. */
1194 uschar *decoded, *error;
1195 while (ptr > yield && isspace(ptr[-1])) ptr--;
1197 decoded = rfc2047_decode2(yield, TRUE, charset, '?', NULL, newsize, &error);
1200 DEBUG(D_any) debug_printf("*** error in RFC 2047 decoding: %s\n"
1201 " input was: %s\n", error, yield);
1203 if (decoded != NULL) yield = decoded;
1212 /*************************************************
1213 * Find value of a variable *
1214 *************************************************/
1216 /* The table of variables is kept in alphabetic order, so we can search it
1217 using a binary chop. The "choplen" variable is nothing to do with the binary
1221 name the name of the variable being sought
1222 exists_only TRUE if this is a def: test; passed on to find_header()
1223 skipping TRUE => skip any processing evaluation; this is not the same as
1224 exists_only because def: may test for values that are first
1226 newsize pointer to an int which is initially zero; if the answer is in
1227 a new memory buffer, *newsize is set to its size
1229 Returns: NULL if the variable does not exist, or
1230 a pointer to the variable's contents, or
1231 something non-NULL if exists_only is TRUE
1235 find_variable(uschar *name, BOOL exists_only, BOOL skipping, int *newsize)
1238 int last = var_table_size;
1240 while (last > first)
1244 int middle = (first + last)/2;
1245 int c = Ustrcmp(name, var_table[middle].name);
1247 if (c > 0) { first = middle + 1; continue; }
1248 if (c < 0) { last = middle; continue; }
1250 /* Found an existing variable. If in skipping state, the value isn't needed,
1251 and we want to avoid processing (such as looking up up the host name). */
1253 if (skipping) return US"";
1255 switch (var_table[middle].type)
1257 case vtype_filter_int:
1258 if (!filter_running) return NULL;
1261 #ifdef EXPERIMENTAL_DOMAINKEYS
1263 case vtype_dk_verify:
1264 if (dk_verify_block == NULL) return US"";
1266 if (Ustrcmp(var_table[middle].name, "dk_result") == 0)
1267 s = dk_verify_block->result_string;
1268 if (Ustrcmp(var_table[middle].name, "dk_sender") == 0)
1269 s = dk_verify_block->address;
1270 if (Ustrcmp(var_table[middle].name, "dk_sender_domain") == 0)
1271 s = dk_verify_block->domain;
1272 if (Ustrcmp(var_table[middle].name, "dk_sender_local_part") == 0)
1273 s = dk_verify_block->local_part;
1275 if (Ustrcmp(var_table[middle].name, "dk_sender_source") == 0)
1276 switch(dk_verify_block->address_source) {
1277 case DK_EXIM_ADDRESS_NONE: s = "0"; break;
1278 case DK_EXIM_ADDRESS_FROM_FROM: s = "from"; break;
1279 case DK_EXIM_ADDRESS_FROM_SENDER: s = "sender"; break;
1282 if (Ustrcmp(var_table[middle].name, "dk_status") == 0)
1283 switch(dk_verify_block->result) {
1284 case DK_EXIM_RESULT_ERR: s = "error"; break;
1285 case DK_EXIM_RESULT_BAD_FORMAT: s = "bad format"; break;
1286 case DK_EXIM_RESULT_NO_KEY: s = "no key"; break;
1287 case DK_EXIM_RESULT_NO_SIGNATURE: s = "no signature"; break;
1288 case DK_EXIM_RESULT_REVOKED: s = "revoked"; break;
1289 case DK_EXIM_RESULT_NON_PARTICIPANT: s = "non-participant"; break;
1290 case DK_EXIM_RESULT_GOOD: s = "good"; break;
1291 case DK_EXIM_RESULT_BAD: s = "bad"; break;
1294 if (Ustrcmp(var_table[middle].name, "dk_signsall") == 0)
1295 s = (dk_verify_block->signsall)? "1" : "0";
1297 if (Ustrcmp(var_table[middle].name, "dk_testing") == 0)
1298 s = (dk_verify_block->testing)? "1" : "0";
1300 if (Ustrcmp(var_table[middle].name, "dk_is_signed") == 0)
1301 s = (dk_verify_block->is_signed)? "1" : "0";
1303 return (s == NULL)? US"" : s;
1307 sprintf(CS var_buffer, "%d", *(int *)(var_table[middle].value)); /* Integer */
1311 sprintf(CS var_buffer, "%ld", (long int)(*(ino_t *)(var_table[middle].value))); /* Inode */
1315 sprintf(CS var_buffer, "%ld", (long int)(*(gid_t *)(var_table[middle].value))); /* gid */
1319 sprintf(CS var_buffer, "%ld", (long int)(*(uid_t *)(var_table[middle].value))); /* uid */
1322 case vtype_stringptr: /* Pointer to string */
1323 s = *((uschar **)(var_table[middle].value));
1324 return (s == NULL)? US"" : s;
1327 sprintf(CS var_buffer, "%d", (int)getpid()); /* pid */
1330 case vtype_load_avg:
1331 sprintf(CS var_buffer, "%d", os_getloadavg()); /* load_average */
1334 case vtype_host_lookup: /* Lookup if not done so */
1335 if (sender_host_name == NULL && sender_host_address != NULL &&
1336 !host_lookup_failed && host_name_lookup() == OK)
1337 host_build_sender_fullhost();
1338 return (sender_host_name == NULL)? US"" : sender_host_name;
1340 case vtype_localpart: /* Get local part from address */
1341 s = *((uschar **)(var_table[middle].value));
1342 if (s == NULL) return US"";
1343 domain = Ustrrchr(s, '@');
1344 if (domain == NULL) return s;
1345 if (domain - s > sizeof(var_buffer) - 1)
1346 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "local part longer than %d in "
1347 "string expansion", sizeof(var_buffer));
1348 Ustrncpy(var_buffer, s, domain - s);
1349 var_buffer[domain - s] = 0;
1352 case vtype_domain: /* Get domain from address */
1353 s = *((uschar **)(var_table[middle].value));
1354 if (s == NULL) return US"";
1355 domain = Ustrrchr(s, '@');
1356 return (domain == NULL)? US"" : domain + 1;
1358 case vtype_msgheaders:
1359 return find_header(NULL, exists_only, newsize, FALSE, NULL);
1361 case vtype_msgbody: /* Pointer to msgbody string */
1362 case vtype_msgbody_end: /* Ditto, the end of the msg */
1363 ss = (uschar **)(var_table[middle].value);
1364 if (*ss == NULL && deliver_datafile >= 0) /* Read body when needed */
1367 int start_offset = SPOOL_DATA_START_OFFSET;
1368 int len = message_body_visible;
1369 if (len > message_size) len = message_size;
1370 *ss = body = store_malloc(len+1);
1372 if (var_table[middle].type == vtype_msgbody_end)
1374 struct stat statbuf;
1375 if (fstat(deliver_datafile, &statbuf) == 0)
1377 start_offset = statbuf.st_size - len;
1378 if (start_offset < SPOOL_DATA_START_OFFSET)
1379 start_offset = SPOOL_DATA_START_OFFSET;
1382 lseek(deliver_datafile, start_offset, SEEK_SET);
1383 len = read(deliver_datafile, body, len);
1389 if (body[--len] == '\n' || body[len] == 0) body[len] = ' ';
1393 return (*ss == NULL)? US"" : *ss;
1395 case vtype_todbsdin: /* BSD inbox time of day */
1396 return tod_stamp(tod_bsdin);
1398 case vtype_tode: /* Unix epoch time of day */
1399 return tod_stamp(tod_epoch);
1401 case vtype_todf: /* Full time of day */
1402 return tod_stamp(tod_full);
1404 case vtype_todl: /* Log format time of day */
1405 return tod_stamp(tod_log_bare); /* (without timezone) */
1407 case vtype_todzone: /* Time zone offset only */
1408 return tod_stamp(tod_zone);
1410 case vtype_todzulu: /* Zulu time */
1411 return tod_stamp(tod_zulu);
1413 case vtype_todlf: /* Log file datestamp tod */
1414 return tod_stamp(tod_log_datestamp);
1416 case vtype_reply: /* Get reply address */
1417 s = find_header(US"reply-to:", exists_only, newsize, FALSE,
1419 if (s == NULL || *s == 0)
1420 s = find_header(US"from:", exists_only, newsize, FALSE, headers_charset);
1421 return (s == NULL)? US"" : s;
1423 /* A recipients list is available only during system message filtering,
1424 during ACL processing after DATA, and while expanding pipe commands
1425 generated from a system filter, but not elsewhere. */
1427 case vtype_recipients:
1428 if (!enable_dollar_recipients) return NULL; else
1433 s = store_get(size);
1434 for (i = 0; i < recipients_count; i++)
1436 if (i != 0) s = string_cat(s, &size, &ptr, US", ", 2);
1437 s = string_cat(s, &size, &ptr, recipients_list[i].address,
1438 Ustrlen(recipients_list[i].address));
1440 s[ptr] = 0; /* string_cat() leaves room */
1447 sprintf(CS var_buffer, "%d",
1448 receive_statvfs(var_table[middle].value == (void *)TRUE, &inodes));
1455 (void) receive_statvfs(var_table[middle].value == (void *)TRUE, &inodes);
1456 sprintf(CS var_buffer, "%d", inodes);
1462 return NULL; /* Unknown variable name */
1468 /*************************************************
1469 * Read and expand substrings *
1470 *************************************************/
1472 /* This function is called to read and expand argument substrings for various
1473 expansion items. Some have a minimum requirement that is less than the maximum;
1474 in these cases, the first non-present one is set to NULL.
1477 sub points to vector of pointers to set
1478 n maximum number of substrings
1480 sptr points to current string pointer
1481 skipping the skipping flag
1482 check_end if TRUE, check for final '}'
1483 name name of item, for error message
1485 Returns: 0 OK; string pointer updated
1486 1 curly bracketing error (too few arguments)
1487 2 too many arguments (only if check_end is set); message set
1488 3 other error (expansion failure)
1492 read_subs(uschar **sub, int n, int m, uschar **sptr, BOOL skipping,
1493 BOOL check_end, uschar *name)
1498 while (isspace(*s)) s++;
1499 for (i = 0; i < n; i++)
1503 if (i < m) return 1;
1507 sub[i] = expand_string_internal(s+1, TRUE, &s, skipping);
1508 if (sub[i] == NULL) return 3;
1509 if (*s++ != '}') return 1;
1510 while (isspace(*s)) s++;
1512 if (check_end && *s++ != '}')
1516 expand_string_message = string_sprintf("Too many arguments for \"%s\" "
1517 "(max is %d)", name, n);
1530 /*************************************************
1531 * Read and evaluate a condition *
1532 *************************************************/
1536 s points to the start of the condition text
1537 yield points to a BOOL to hold the result of the condition test;
1538 if NULL, we are just reading through a condition that is
1539 part of an "or" combination to check syntax, or in a state
1540 where the answer isn't required
1542 Returns: a pointer to the first character after the condition, or
1547 eval_condition(uschar *s, BOOL *yield)
1549 BOOL testfor = TRUE;
1550 BOOL tempcond, combined_cond;
1552 int i, rc, cond_type, roffset;
1554 struct stat statbuf;
1559 const uschar *rerror;
1563 while (isspace(*s)) s++;
1564 if (*s == '!') { testfor = !testfor; s++; } else break;
1567 /* Numeric comparisons are symbolic */
1569 if (*s == '=' || *s == '>' || *s == '<')
1581 /* All other conditions are named */
1583 else s = read_name(name, 256, s, US"_");
1585 /* If we haven't read a name, it means some non-alpha character is first. */
1589 expand_string_message = string_sprintf("condition name expected, "
1590 "but found \"%.16s\"", s);
1594 /* Find which condition we are dealing with, and switch on it */
1596 cond_type = chop_match(name, cond_table, sizeof(cond_table)/sizeof(uschar *));
1599 /* def: tests for a non-zero or non-NULL variable, or for an existing
1605 expand_string_message = US"\":\" expected after \"def\"";
1609 s = read_name(name, 256, s+1, US"_");
1611 /* Test for a header's existence */
1613 if (Ustrncmp(name, "h_", 2) == 0 ||
1614 Ustrncmp(name, "rh_", 3) == 0 ||
1615 Ustrncmp(name, "bh_", 3) == 0 ||
1616 Ustrncmp(name, "header_", 7) == 0 ||
1617 Ustrncmp(name, "rheader_", 8) == 0 ||
1618 Ustrncmp(name, "bheader_", 8) == 0)
1620 s = read_header_name(name, 256, s);
1621 if (yield != NULL) *yield =
1622 (find_header(name, TRUE, NULL, FALSE, NULL) != NULL) == testfor;
1625 /* Test for a variable's having a non-empty value. If yield == NULL we
1626 are in a skipping state, and don't care about the answer. */
1630 uschar *value = find_variable(name, TRUE, yield == NULL, NULL);
1633 expand_string_message = (name[0] == 0)?
1634 string_sprintf("variable name omitted after \"def:\"") :
1635 string_sprintf("unknown variable \"%s\" after \"def:\"", name);
1639 *yield = (value[0] != 0 && Ustrcmp(value, "0") != 0) == testfor;
1645 /* first_delivery tests for first delivery attempt */
1647 case ECOND_FIRST_DELIVERY:
1648 if (yield != NULL) *yield = deliver_firsttime == testfor;
1652 /* queue_running tests for any process started by a queue runner */
1654 case ECOND_QUEUE_RUNNING:
1655 if (yield != NULL) *yield = (queue_run_pid != (pid_t)0) == testfor;
1659 /* exists: tests for file existence
1660 isip: tests for any IP address
1661 isip4: tests for an IPv4 address
1662 isip6: tests for an IPv6 address
1663 pam: does PAM authentication
1664 radius: does RADIUS authentication
1665 ldapauth: does LDAP authentication
1666 pwcheck: does Cyrus SASL pwcheck authentication
1675 case ECOND_LDAPAUTH:
1678 while (isspace(*s)) s++;
1679 if (*s != '{') goto COND_FAILED_CURLY_START;
1681 sub[0] = expand_string_internal(s+1, TRUE, &s, yield == NULL);
1682 if (sub[0] == NULL) return NULL;
1683 if (*s++ != '}') goto COND_FAILED_CURLY_END;
1685 if (yield == NULL) return s; /* No need to run the test if skipping */
1690 if ((expand_forbid & RDO_EXISTS) != 0)
1692 expand_string_message = US"File existence tests are not permitted";
1695 *yield = (Ustat(sub[0], &statbuf) == 0) == testfor;
1701 rc = string_is_ip_address(sub[0], NULL);
1702 *yield = ((cond_type == ECOND_ISIP)? (rc > 0) :
1703 (cond_type == ECOND_ISIP4)? (rc == 4) : (rc == 6)) == testfor;
1706 /* Various authentication tests - all optionally compiled */
1710 rc = auth_call_pam(sub[0], &expand_string_message);
1713 goto COND_FAILED_NOT_COMPILED;
1714 #endif /* SUPPORT_PAM */
1717 #ifdef RADIUS_CONFIG_FILE
1718 rc = auth_call_radius(sub[0], &expand_string_message);
1721 goto COND_FAILED_NOT_COMPILED;
1722 #endif /* RADIUS_CONFIG_FILE */
1724 case ECOND_LDAPAUTH:
1727 /* Just to keep the interface the same */
1729 int old_pool = store_pool;
1730 store_pool = POOL_SEARCH;
1731 rc = eldapauth_find((void *)(-1), NULL, sub[0], Ustrlen(sub[0]), NULL,
1732 &expand_string_message, &do_cache);
1733 store_pool = old_pool;
1737 goto COND_FAILED_NOT_COMPILED;
1738 #endif /* LOOKUP_LDAP */
1741 #ifdef CYRUS_PWCHECK_SOCKET
1742 rc = auth_call_pwcheck(sub[0], &expand_string_message);
1745 goto COND_FAILED_NOT_COMPILED;
1746 #endif /* CYRUS_PWCHECK_SOCKET */
1748 #if defined(SUPPORT_PAM) || defined(RADIUS_CONFIG_FILE) || \
1749 defined(LOOKUP_LDAP) || defined(CYRUS_PWCHECK_SOCKET)
1751 if (rc == ERROR || rc == DEFER) return NULL;
1752 *yield = (rc == OK) == testfor;
1758 /* saslauthd: does Cyrus saslauthd authentication. Four parameters are used:
1760 ${if saslauthd {{username}{password}{service}{realm}} {yes}[no}}
1762 However, the last two are optional. That is why the whole set is enclosed
1763 in their own set or braces. */
1765 case ECOND_SASLAUTHD:
1766 #ifndef CYRUS_SASLAUTHD_SOCKET
1767 goto COND_FAILED_NOT_COMPILED;
1769 while (isspace(*s)) s++;
1770 if (*s++ != '{') goto COND_FAILED_CURLY_START;
1771 switch(read_subs(sub, 4, 2, &s, yield == NULL, TRUE, US"saslauthd"))
1773 case 1: expand_string_message = US"too few arguments or bracketing "
1774 "error for saslauthd";
1776 case 3: return NULL;
1778 if (sub[2] == NULL) sub[3] = NULL; /* realm if no service */
1782 rc = auth_call_saslauthd(sub[0], sub[1], sub[2], sub[3],
1783 &expand_string_message);
1784 if (rc == ERROR || rc == DEFER) return NULL;
1785 *yield = (rc == OK) == testfor;
1788 #endif /* CYRUS_SASLAUTHD_SOCKET */
1791 /* symbolic operators for numeric and string comparison, and a number of
1792 other operators, all requiring two arguments.
1794 match: does a regular expression match and sets up the numerical
1795 variables if it succeeds
1796 match_address: matches in an address list
1797 match_domain: matches in a domain list
1798 match_local_part: matches in a local part list
1799 crypteq: encrypts plaintext and compares against an encrypted text,
1800 using crypt(), crypt16(), MD5 or SHA-1
1804 case ECOND_MATCH_ADDRESS:
1805 case ECOND_MATCH_DOMAIN:
1806 case ECOND_MATCH_LOCAL_PART:
1809 case ECOND_NUM_L: /* Numerical comparisons */
1816 case ECOND_STR_LT: /* String comparisons */
1827 for (i = 0; i < 2; i++)
1829 while (isspace(*s)) s++;
1832 if (i == 0) goto COND_FAILED_CURLY_START;
1833 expand_string_message = string_sprintf("missing 2nd string in {} "
1834 "after \"%s\"", name);
1837 sub[i] = expand_string_internal(s+1, TRUE, &s, yield == NULL);
1838 if (sub[i] == NULL) return NULL;
1839 if (*s++ != '}') goto COND_FAILED_CURLY_END;
1841 /* Convert to numerical if required; we know that the names of all the
1842 conditions that compare numbers do not start with a letter. This just saves
1843 checking for them individually. */
1845 if (!isalpha(name[0]))
1848 num[i] = (int)Ustrtol((const uschar *)sub[i], &endptr, 10);
1849 if (tolower(*endptr) == 'k')
1854 else if (tolower(*endptr) == 'm')
1856 num[i] *= 1024*1024;
1859 while (isspace(*endptr)) endptr++;
1862 expand_string_message = string_sprintf("\"%s\" is not a number",
1869 /* Result not required */
1871 if (yield == NULL) return s;
1873 /* Do an appropriate comparison */
1879 *yield = (num[0] == num[1]) == testfor;
1883 *yield = (num[0] > num[1]) == testfor;
1887 *yield = (num[0] >= num[1]) == testfor;
1891 *yield = (num[0] < num[1]) == testfor;
1895 *yield = (num[0] <= num[1]) == testfor;
1899 *yield = (Ustrcmp(sub[0], sub[1]) < 0) == testfor;
1903 *yield = (strcmpic(sub[0], sub[1]) < 0) == testfor;
1907 *yield = (Ustrcmp(sub[0], sub[1]) <= 0) == testfor;
1911 *yield = (strcmpic(sub[0], sub[1]) <= 0) == testfor;
1915 *yield = (Ustrcmp(sub[0], sub[1]) == 0) == testfor;
1919 *yield = (strcmpic(sub[0], sub[1]) == 0) == testfor;
1923 *yield = (Ustrcmp(sub[0], sub[1]) > 0) == testfor;
1927 *yield = (strcmpic(sub[0], sub[1]) > 0) == testfor;
1931 *yield = (Ustrcmp(sub[0], sub[1]) >= 0) == testfor;
1935 *yield = (strcmpic(sub[0], sub[1]) >= 0) == testfor;
1938 case ECOND_MATCH: /* Regular expression match */
1939 re = pcre_compile(CS sub[1], PCRE_COPT, (const char **)&rerror, &roffset,
1943 expand_string_message = string_sprintf("regular expression error in "
1944 "\"%s\": %s at offset %d", sub[1], rerror, roffset);
1947 *yield = regex_match_and_setup(re, sub[0], 0, -1) == testfor;
1950 case ECOND_MATCH_ADDRESS: /* Match in an address list */
1951 rc = match_address_list(sub[0], TRUE, FALSE, &(sub[1]), NULL, -1, 0, NULL);
1952 goto MATCHED_SOMETHING;
1954 case ECOND_MATCH_DOMAIN: /* Match in a domain list */
1955 rc = match_isinlist(sub[0], &(sub[1]), 0, &domainlist_anchor, NULL,
1956 MCL_DOMAIN + MCL_NOEXPAND, TRUE, NULL);
1957 goto MATCHED_SOMETHING;
1959 case ECOND_MATCH_LOCAL_PART:
1960 rc = match_isinlist(sub[0], &(sub[1]), 0, &localpartlist_anchor, NULL,
1961 MCL_LOCALPART + MCL_NOEXPAND, TRUE, NULL);
1976 expand_string_message = string_sprintf("unable to complete match "
1977 "against \"%s\": %s", sub[1], search_error_message);
1983 /* Various "encrypted" comparisons. If the second string starts with
1984 "{" then an encryption type is given. Default to crypt() or crypt16()
1985 (build-time choice). */
1988 #ifndef SUPPORT_CRYPTEQ
1989 goto COND_FAILED_NOT_COMPILED;
1991 if (strncmpic(sub[1], US"{md5}", 5) == 0)
1993 int sublen = Ustrlen(sub[1]+5);
1998 md5_end(&base, (uschar *)sub[0], Ustrlen(sub[0]), digest);
2000 /* If the length that we are comparing against is 24, the MD5 digest
2001 is expressed as a base64 string. This is the way LDAP does it. However,
2002 some other software uses a straightforward hex representation. We assume
2003 this if the length is 32. Other lengths fail. */
2007 uschar *coded = auth_b64encode((uschar *)digest, 16);
2008 DEBUG(D_auth) debug_printf("crypteq: using MD5+B64 hashing\n"
2009 " subject=%s\n crypted=%s\n", coded, sub[1]+5);
2010 *yield = (Ustrcmp(coded, sub[1]+5) == 0) == testfor;
2012 else if (sublen == 32)
2016 for (i = 0; i < 16; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
2018 DEBUG(D_auth) debug_printf("crypteq: using MD5+hex hashing\n"
2019 " subject=%s\n crypted=%s\n", coded, sub[1]+5);
2020 *yield = (strcmpic(coded, sub[1]+5) == 0) == testfor;
2024 DEBUG(D_auth) debug_printf("crypteq: length for MD5 not 24 or 32: "
2025 "fail\n crypted=%s\n", sub[1]+5);
2030 else if (strncmpic(sub[1], US"{sha1}", 6) == 0)
2032 int sublen = Ustrlen(sub[1]+6);
2037 sha1_end(&base, (uschar *)sub[0], Ustrlen(sub[0]), digest);
2039 /* If the length that we are comparing against is 28, assume the SHA1
2040 digest is expressed as a base64 string. If the length is 40, assume a
2041 straightforward hex representation. Other lengths fail. */
2045 uschar *coded = auth_b64encode((uschar *)digest, 20);
2046 DEBUG(D_auth) debug_printf("crypteq: using SHA1+B64 hashing\n"
2047 " subject=%s\n crypted=%s\n", coded, sub[1]+6);
2048 *yield = (Ustrcmp(coded, sub[1]+6) == 0) == testfor;
2050 else if (sublen == 40)
2054 for (i = 0; i < 20; i++) sprintf(CS (coded+2*i), "%02X", digest[i]);
2056 DEBUG(D_auth) debug_printf("crypteq: using SHA1+hex hashing\n"
2057 " subject=%s\n crypted=%s\n", coded, sub[1]+6);
2058 *yield = (strcmpic(coded, sub[1]+6) == 0) == testfor;
2062 DEBUG(D_auth) debug_printf("crypteq: length for SHA-1 not 28 or 40: "
2063 "fail\n crypted=%s\n", sub[1]+6);
2068 else /* {crypt} or {crypt16} and non-{ at start */
2073 if (strncmpic(sub[1], US"{crypt}", 7) == 0)
2078 else if (strncmpic(sub[1], US"{crypt16}", 9) == 0)
2083 else if (sub[1][0] == '{')
2085 expand_string_message = string_sprintf("unknown encryption mechanism "
2086 "in \"%s\"", sub[1]);
2092 case 0: coded = US DEFAULT_CRYPT(CS sub[0], CS sub[1]); break;
2093 case 1: coded = US crypt(CS sub[0], CS sub[1]); break;
2094 default: coded = US crypt16(CS sub[0], CS sub[1]); break;
2098 #define XSTR(s) STR(s)
2099 DEBUG(D_auth) debug_printf("crypteq: using %s()\n"
2100 " subject=%s\n crypted=%s\n",
2101 (which == 0)? XSTR(DEFAULT_CRYPT) : (which == 1)? "crypt" : "crypt16",
2106 /* If the encrypted string contains fewer than two characters (for the
2107 salt), force failure. Otherwise we get false positives: with an empty
2108 string the yield of crypt() is an empty string! */
2110 *yield = (Ustrlen(sub[1]) < 2)? !testfor :
2111 (Ustrcmp(coded, sub[1]) == 0) == testfor;
2114 #endif /* SUPPORT_CRYPTEQ */
2115 } /* Switch for comparison conditions */
2117 return s; /* End of comparison conditions */
2120 /* and/or: computes logical and/or of several conditions */
2124 subcondptr = (yield == NULL)? NULL : &tempcond;
2125 combined_cond = (cond_type == ECOND_AND);
2127 while (isspace(*s)) s++;
2128 if (*s++ != '{') goto COND_FAILED_CURLY_START;
2132 while (isspace(*s)) s++;
2133 if (*s == '}') break;
2136 expand_string_message = string_sprintf("each subcondition "
2137 "inside an \"%s{...}\" condition must be in its own {}", name);
2141 s = eval_condition(s+1, subcondptr);
2144 expand_string_message = string_sprintf("%s inside \"%s{...}\" condition",
2145 expand_string_message, name);
2148 while (isspace(*s)) s++;
2152 expand_string_message = string_sprintf("missing } at end of condition "
2153 "inside \"%s\" group", name);
2159 if (cond_type == ECOND_AND)
2161 combined_cond &= tempcond;
2162 if (!combined_cond) subcondptr = NULL; /* once false, don't */
2163 } /* evaluate any more */
2166 combined_cond |= tempcond;
2167 if (combined_cond) subcondptr = NULL; /* once true, don't */
2168 } /* evaluate any more */
2172 if (yield != NULL) *yield = (combined_cond == testfor);
2176 /* Unknown condition */
2179 expand_string_message = string_sprintf("unknown condition \"%s\"", name);
2181 } /* End switch on condition type */
2183 /* Missing braces at start and end of data */
2185 COND_FAILED_CURLY_START:
2186 expand_string_message = string_sprintf("missing { after \"%s\"", name);
2189 COND_FAILED_CURLY_END:
2190 expand_string_message = string_sprintf("missing } at end of \"%s\" condition",
2194 /* A condition requires code that is not compiled */
2196 #if !defined(SUPPORT_PAM) || !defined(RADIUS_CONFIG_FILE) || \
2197 !defined(LOOKUP_LDAP) || !defined(CYRUS_PWCHECK_SOCKET) || \
2198 !defined(SUPPORT_CRYPTEQ) || !defined(CYRUS_SASLAUTHD_SOCKET)
2199 COND_FAILED_NOT_COMPILED:
2200 expand_string_message = string_sprintf("support for \"%s\" not compiled",
2209 /*************************************************
2210 * Save numerical variables *
2211 *************************************************/
2213 /* This function is called from items such as "if" that want to preserve and
2214 restore the numbered variables.
2217 save_expand_string points to an array of pointers to set
2218 save_expand_nlength points to an array of ints for the lengths
2220 Returns: the value of expand max to save
2224 save_expand_strings(uschar **save_expand_nstring, int *save_expand_nlength)
2227 for (i = 0; i <= expand_nmax; i++)
2229 save_expand_nstring[i] = expand_nstring[i];
2230 save_expand_nlength[i] = expand_nlength[i];
2237 /*************************************************
2238 * Restore numerical variables *
2239 *************************************************/
2241 /* This function restored saved values of numerical strings.
2244 save_expand_nmax the number of strings to restore
2245 save_expand_string points to an array of pointers
2246 save_expand_nlength points to an array of ints
2252 restore_expand_strings(int save_expand_nmax, uschar **save_expand_nstring,
2253 int *save_expand_nlength)
2256 expand_nmax = save_expand_nmax;
2257 for (i = 0; i <= expand_nmax; i++)
2259 expand_nstring[i] = save_expand_nstring[i];
2260 expand_nlength[i] = save_expand_nlength[i];
2268 /*************************************************
2269 * Handle yes/no substrings *
2270 *************************************************/
2272 /* This function is used by ${if}, ${lookup} and ${extract} to handle the
2273 alternative substrings that depend on whether or not the condition was true,
2274 or the lookup or extraction succeeded. The substrings always have to be
2275 expanded, to check their syntax, but "skipping" is set when the result is not
2276 needed - this avoids unnecessary nested lookups.
2279 skipping TRUE if we were skipping when this item was reached
2280 yes TRUE if the first string is to be used, else use the second
2281 save_lookup a value to put back into lookup_value before the 2nd expansion
2282 sptr points to the input string pointer
2283 yieldptr points to the output string pointer
2284 sizeptr points to the output string size
2285 ptrptr points to the output string pointer
2286 type "lookup" or "if" or "extract" or "run", for error message
2288 Returns: 0 OK; lookup_value has been reset to save_lookup
2290 2 expansion failed because of bracketing error
2294 process_yesno(BOOL skipping, BOOL yes, uschar *save_lookup, uschar **sptr,
2295 uschar **yieldptr, int *sizeptr, int *ptrptr, uschar *type)
2298 uschar *s = *sptr; /* Local value */
2299 uschar *sub1, *sub2;
2301 /* If there are no following strings, we substitute the contents of $value for
2302 lookups and for extractions in the success case. For the ${if item, the string
2303 "true" is substituted. In the fail case, nothing is substituted for all three
2306 while (isspace(*s)) s++;
2311 if (yes) *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, US"true", 4);
2315 if (yes && lookup_value != NULL)
2316 *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, lookup_value,
2317 Ustrlen(lookup_value));
2318 lookup_value = save_lookup;
2324 /* Expand the first substring. Forced failures are noticed only if we actually
2325 want this string. Set skipping in the call in the fail case (this will always
2326 be the case if we were already skipping). */
2328 sub1 = expand_string_internal(s+1, TRUE, &s, !yes);
2329 if (sub1 == NULL && (yes || !expand_string_forcedfail)) goto FAILED;
2330 expand_string_forcedfail = FALSE;
2331 if (*s++ != '}') goto FAILED_CURLY;
2333 /* If we want the first string, add it to the output */
2336 *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, sub1, Ustrlen(sub1));
2338 /* If this is called from a lookup or an extract, we want to restore $value to
2339 what it was at the start of the item, so that it has this value during the
2340 second string expansion. For the call from "if" or "run" to this function,
2341 save_lookup is set to lookup_value, so that this statement does nothing. */
2343 lookup_value = save_lookup;
2345 /* There now follows either another substring, or "fail", or nothing. This
2346 time, forced failures are noticed only if we want the second string. We must
2347 set skipping in the nested call if we don't want this string, or if we were
2348 already skipping. */
2350 while (isspace(*s)) s++;
2353 sub2 = expand_string_internal(s+1, TRUE, &s, yes || skipping);
2354 if (sub2 == NULL && (!yes || !expand_string_forcedfail)) goto FAILED;
2355 expand_string_forcedfail = FALSE;
2356 if (*s++ != '}') goto FAILED_CURLY;
2358 /* If we want the second string, add it to the output */
2361 *yieldptr = string_cat(*yieldptr, sizeptr, ptrptr, sub2, Ustrlen(sub2));
2364 /* If there is no second string, but the word "fail" is present when the use of
2365 the second string is wanted, set a flag indicating it was a forced failure
2366 rather than a syntactic error. Swallow the terminating } in case this is nested
2367 inside another lookup or if or extract. */
2372 s = read_name(name, sizeof(name), s, US"_");
2373 if (Ustrcmp(name, "fail") == 0)
2375 if (!yes && !skipping)
2377 while (isspace(*s)) s++;
2378 if (*s++ != '}') goto FAILED_CURLY;
2379 expand_string_message =
2380 string_sprintf("\"%s\" failed and \"fail\" requested", type);
2381 expand_string_forcedfail = TRUE;
2387 expand_string_message =
2388 string_sprintf("syntax error in \"%s\" item - \"fail\" expected", type);
2393 /* All we have to do now is to check on the final closing brace. */
2395 while (isspace(*s)) s++;
2396 if (*s++ == '}') goto RETURN;
2398 /* Get here if there is a bracketing failure */
2403 /* Get here for other failures */
2408 /* Update the input pointer value before returning */
2420 /*************************************************
2421 * Handle MD5 or SHA-1 computation for HMAC *
2422 *************************************************/
2424 /* These are some wrapping functions that enable the HMAC code to be a bit
2425 cleaner. A good compiler will spot the tail recursion.
2428 type HMAC_MD5 or HMAC_SHA1
2429 remaining are as for the cryptographic hash functions
2435 chash_start(int type, void *base)
2437 if (type == HMAC_MD5)
2438 md5_start((md5 *)base);
2440 sha1_start((sha1 *)base);
2444 chash_mid(int type, void *base, uschar *string)
2446 if (type == HMAC_MD5)
2447 md5_mid((md5 *)base, string);
2449 sha1_mid((sha1 *)base, string);
2453 chash_end(int type, void *base, uschar *string, int length, uschar *digest)
2455 if (type == HMAC_MD5)
2456 md5_end((md5 *)base, string, length, digest);
2458 sha1_end((sha1 *)base, string, length, digest);
2465 /*************************************************
2466 * Join a file onto the output string *
2467 *************************************************/
2469 /* This is used for readfile and after a run expansion. It joins the contents
2470 of a file onto the output string, globally replacing newlines with a given
2471 string (optionally). The file is closed at the end.
2475 yield pointer to the expandable string
2476 sizep pointer to the current size
2477 ptrp pointer to the current position
2478 eol newline replacement string, or NULL
2480 Returns: new value of string pointer
2484 cat_file(FILE *f, uschar *yield, int *sizep, int *ptrp, uschar *eol)
2487 uschar buffer[1024];
2489 eollen = (eol == NULL)? 0 : Ustrlen(eol);
2491 while (Ufgets(buffer, sizeof(buffer), f) != NULL)
2493 int len = Ustrlen(buffer);
2494 if (eol != NULL && buffer[len-1] == '\n') len--;
2495 yield = string_cat(yield, sizep, ptrp, buffer, len);
2496 if (buffer[len] != 0)
2497 yield = string_cat(yield, sizep, ptrp, eol, eollen);
2500 if (yield != NULL) yield[*ptrp] = 0;
2508 /*************************************************
2509 * Evaluate numeric expression *
2510 *************************************************/
2512 /* This is a set of mutually recursive functions that evaluate a simple
2513 arithmetic expression involving only + - * / and parentheses. The only one that
2514 is called from elsewhere is eval_expr, whose interface is:
2517 sptr pointer to the pointer to the string - gets updated
2518 decimal TRUE if numbers are to be assumed decimal
2519 error pointer to where to put an error message - must be NULL on input
2520 endket TRUE if ')' must terminate - FALSE for external call
2523 Returns: on success: the value of the expression, with *error still NULL
2524 on failure: an undefined value, with *error = a message
2527 static int eval_sumterm(uschar **, BOOL, uschar **);
2530 eval_expr(uschar **sptr, BOOL decimal, uschar **error, BOOL endket)
2533 int x = eval_sumterm(&s, decimal, error);
2536 while (*s == '+' || *s == '-')
2539 int y = eval_sumterm(&s, decimal, error);
2540 if (*error != NULL) break;
2541 if (op == '+') x += y; else x -= y;
2548 *error = US"expecting closing parenthesis";
2550 while (isspace(*(++s)));
2552 else if (*s != 0) *error = US"expecting + or -";
2561 eval_term(uschar **sptr, BOOL decimal, uschar **error)
2566 while (isspace(*s)) s++;
2568 if (isdigit(c) || ((c == '-' || c == '+') && isdigit(s[1])))
2571 (void)sscanf(CS s, (decimal? "%d%n" : "%i%n"), &n, &count);
2573 if (tolower(*s) == 'k') { n *= 1024; s++; }
2574 else if (tolower(*s) == 'm') { n *= 1024*1024; s++; }
2575 while (isspace (*s)) s++;
2580 n = eval_expr(&s, decimal, error, 1);
2584 *error = US"expecting number or opening parenthesis";
2591 static int eval_sumterm(uschar **sptr, BOOL decimal, uschar **error)
2594 int x = eval_term(&s, decimal, error);
2597 while (*s == '*' || *s == '/')
2600 int y = eval_term(&s, decimal, error);
2601 if (*error != NULL) break;
2602 if (op == '*') x *= y; else x /= y;
2612 /*************************************************
2614 *************************************************/
2616 /* Returns either an unchanged string, or the expanded string in stacking pool
2617 store. Interpreted sequences are:
2619 \... normal escaping rules
2620 $name substitutes the variable
2622 ${op:string} operates on the expanded string value
2623 ${item{arg1}{arg2}...} expands the args and then does the business
2624 some literal args are not enclosed in {}
2626 There are now far too many operators and item types to make it worth listing
2627 them here in detail any more.
2629 We use an internal routine recursively to handle embedded substrings. The
2630 external function follows. The yield is NULL if the expansion failed, and there
2631 are two cases: if something collapsed syntactically, or if "fail" was given
2632 as the action on a lookup failure. These can be distinguised by looking at the
2633 variable expand_string_forcedfail, which is TRUE in the latter case.
2635 The skipping flag is set true when expanding a substring that isn't actually
2636 going to be used (after "if" or "lookup") and it prevents lookups from
2637 happening lower down.
2639 Store usage: At start, a store block of the length of the input plus 64
2640 is obtained. This is expanded as necessary by string_cat(), which might have to
2641 get a new block, or might be able to expand the original. At the end of the
2642 function we can release any store above that portion of the yield block that
2643 was actually used. In many cases this will be optimal.
2645 However: if the first item in the expansion is a variable name or header name,
2646 we reset the store before processing it; if the result is in fresh store, we
2647 use that without copying. This is helpful for expanding strings like
2648 $message_headers which can get very long.
2651 string the string to be expanded
2652 ket_ends true if expansion is to stop at }
2653 left if not NULL, a pointer to the first character after the
2654 expansion is placed here (typically used with ket_ends)
2655 skipping TRUE for recursive calls when the value isn't actually going
2656 to be used (to allow for optimisation)
2658 Returns: NULL if expansion fails:
2659 expand_string_forcedfail is set TRUE if failure was forced
2660 expand_string_message contains a textual error message
2661 a pointer to the expanded string on success
2665 expand_string_internal(uschar *string, BOOL ket_ends, uschar **left,
2669 int size = Ustrlen(string)+ 64;
2671 uschar *yield = store_get(size);
2673 uschar *save_expand_nstring[EXPAND_MAXN+1];
2674 int save_expand_nlength[EXPAND_MAXN+1];
2676 expand_string_forcedfail = FALSE;
2677 expand_string_message = US"";
2684 /* \ escapes the next character, which must exist, or else
2685 the expansion fails. There's a special escape, \N, which causes
2686 copying of the subject verbatim up to the next \N. Otherwise,
2687 the escapes are the standard set. */
2693 expand_string_message = US"\\ at end of string";
2700 for (s = t; *s != 0; s++) if (*s == '\\' && s[1] == 'N') break;
2701 yield = string_cat(yield, &size, &ptr, t, s - t);
2702 if (*s != 0) s += 2;
2708 ch[0] = string_interpret_escape(&s);
2710 yield = string_cat(yield, &size, &ptr, ch, 1);
2716 /* Anything other than $ is just copied verbatim, unless we are
2717 looking for a terminating } character. */
2719 if (ket_ends && *s == '}') break;
2723 yield = string_cat(yield, &size, &ptr, s++, 1);
2727 /* No { after the $ - must be a plain name or a number for string
2728 match variable. There has to be a fudge for variables that are the
2729 names of header fields preceded by "$header_" because header field
2730 names can contain any printing characters except space and colon.
2731 For those that don't like typing this much, "$h_" is a synonym for
2732 "$header_". A non-existent header yields a NULL value; nothing is
2735 if (isalpha((*(++s))))
2740 s = read_name(name, sizeof(name), s, US"_");
2742 /* If this is the first thing to be expanded, release the pre-allocated
2745 if (ptr == 0 && yield != NULL)
2754 if (Ustrncmp(name, "h_", 2) == 0 ||
2755 Ustrncmp(name, "rh_", 3) == 0 ||
2756 Ustrncmp(name, "bh_", 3) == 0 ||
2757 Ustrncmp(name, "header_", 7) == 0 ||
2758 Ustrncmp(name, "rheader_", 8) == 0 ||
2759 Ustrncmp(name, "bheader_", 8) == 0)
2761 BOOL want_raw = (name[0] == 'r')? TRUE : FALSE;
2762 uschar *charset = (name[0] == 'b')? NULL : headers_charset;
2763 s = read_header_name(name, sizeof(name), s);
2764 value = find_header(name, FALSE, &newsize, want_raw, charset);
2766 /* If we didn't find the header, and the header contains a closing brace
2767 characters, this may be a user error where the terminating colon
2768 has been omitted. Set a flag to adjust the error message in this case.
2769 But there is no error here - nothing gets inserted. */
2773 if (Ustrchr(name, '}') != NULL) malformed_header = TRUE;
2782 value = find_variable(name, FALSE, skipping, &newsize);
2785 expand_string_message =
2786 string_sprintf("unknown variable name \"%s\"", name);
2791 /* If the data is known to be in a new buffer, newsize will be set to the
2792 size of that buffer. If this is the first thing in an expansion string,
2793 yield will be NULL; just point it at the new store instead of copying. Many
2794 expansion strings contain just one reference, so this is a useful
2795 optimization, especially for humungous headers. */
2797 len = Ustrlen(value);
2798 if (yield == NULL && newsize != 0)
2804 else yield = string_cat(yield, &size, &ptr, value, len);
2812 s = read_number(&n, s);
2813 if (n >= 0 && n <= expand_nmax)
2814 yield = string_cat(yield, &size, &ptr, expand_nstring[n],
2819 /* Otherwise, if there's no '{' after $ it's an error. */
2823 expand_string_message = US"$ not followed by letter, digit, or {";
2827 /* After { there can be various things, but they all start with
2828 an initial word, except for a number for a string match variable. */
2830 if (isdigit((*(++s))))
2833 s = read_number(&n, s);
2836 expand_string_message = US"} expected after number";
2839 if (n >= 0 && n <= expand_nmax)
2840 yield = string_cat(yield, &size, &ptr, expand_nstring[n],
2847 expand_string_message = US"letter or digit expected after ${";
2851 /* Allow "-" in names to cater for substrings with negative
2852 arguments. Since we are checking for known names after { this is
2855 s = read_name(name, sizeof(name), s, US"_-");
2856 item_type = chop_match(name, item_table, sizeof(item_table)/sizeof(uschar *));
2860 /* Handle conditionals - preserve the values of the numerical expansion
2861 variables in case they get changed by a regular expression match in the
2862 condition. If not, they retain their external settings. At the end
2863 of this "if" section, they get restored to their previous values. */
2869 int save_expand_nmax =
2870 save_expand_strings(save_expand_nstring, save_expand_nlength);
2872 while (isspace(*s)) s++;
2873 next_s = eval_condition(s, skipping? NULL : &cond);
2874 if (next_s == NULL) goto EXPAND_FAILED; /* message already set */
2877 debug_printf("condition: %.*s\n result: %s\n", (int)(next_s - s), s,
2878 cond? "true" : "false");
2882 /* The handling of "yes" and "no" result strings is now in a separate
2883 function that is also used by ${lookup} and ${extract} and ${run}. */
2885 switch(process_yesno(
2886 skipping, /* were previously skipping */
2887 cond, /* success/failure indicator */
2888 lookup_value, /* value to reset for string2 */
2889 &s, /* input pointer */
2890 &yield, /* output pointer */
2891 &size, /* output size */
2892 &ptr, /* output current point */
2893 US"if")) /* condition type */
2895 case 1: goto EXPAND_FAILED; /* when all is well, the */
2896 case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
2899 /* Restore external setting of expansion variables for continuation
2902 restore_expand_strings(save_expand_nmax, save_expand_nstring,
2903 save_expand_nlength);
2907 /* Handle database lookups unless locked out. If "skipping" is TRUE, we are
2908 expanding an internal string that isn't actually going to be used. All we
2909 need to do is check the syntax, so don't do a lookup at all. Preserve the
2910 values of the numerical expansion variables in case they get changed by a
2911 partial lookup. If not, they retain their external settings. At the end
2912 of this "lookup" section, they get restored to their previous values. */
2916 int stype, partial, affixlen, starflags;
2917 int expand_setup = 0;
2919 uschar *key, *filename, *affix;
2920 uschar *save_lookup_value = lookup_value;
2921 int save_expand_nmax =
2922 save_expand_strings(save_expand_nstring, save_expand_nlength);
2924 if ((expand_forbid & RDO_LOOKUP) != 0)
2926 expand_string_message = US"lookup expansions are not permitted";
2930 /* Get the key we are to look up for single-key+file style lookups.
2931 Otherwise set the key NULL pro-tem. */
2933 while (isspace(*s)) s++;
2936 key = expand_string_internal(s+1, TRUE, &s, skipping);
2937 if (key == NULL) goto EXPAND_FAILED;
2938 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
2939 while (isspace(*s)) s++;
2943 /* Find out the type of database */
2947 expand_string_message = US"missing lookup type";
2951 /* The type is a string that may contain special characters of various
2952 kinds. Allow everything except space or { to appear; the actual content
2953 is checked by search_findtype_partial. */
2955 while (*s != 0 && *s != '{' && !isspace(*s))
2957 if (nameptr < sizeof(name) - 1) name[nameptr++] = *s;
2961 while (isspace(*s)) s++;
2963 /* Now check for the individual search type and any partial or default
2964 options. Only those types that are actually in the binary are valid. */
2966 stype = search_findtype_partial(name, &partial, &affix, &affixlen,
2970 expand_string_message = search_error_message;
2974 /* Check that a key was provided for those lookup types that need it,
2975 and was not supplied for those that use the query style. */
2977 if (!mac_islookup(stype, lookup_querystyle))
2981 expand_string_message = string_sprintf("missing {key} for single-"
2982 "key \"%s\" lookup", name);
2990 expand_string_message = string_sprintf("a single key was given for "
2991 "lookup type \"%s\", which is not a single-key lookup type", name);
2996 /* Get the next string in brackets and expand it. It is the file name for
2997 single-key+file lookups, and the whole query otherwise. */
2999 if (*s != '{') goto EXPAND_FAILED_CURLY;
3000 filename = expand_string_internal(s+1, TRUE, &s, skipping);
3001 if (filename == NULL) goto EXPAND_FAILED;
3002 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3003 while (isspace(*s)) s++;
3005 /* If this isn't a single-key+file lookup, re-arrange the variables
3006 to be appropriate for the search_ functions. */
3014 /* If skipping, don't do the next bit - just lookup_value == NULL, as if
3015 the entry was not found. Note that there is no search_close() function.
3016 Files are left open in case of re-use. At suitable places in higher logic,
3017 search_tidyup() is called to tidy all open files. This can save opening
3018 the same file several times. However, files may also get closed when
3019 others are opened, if too many are open at once. The rule is that a
3020 handle should not be used after a second search_open().
3022 Request that a partial search sets up $1 and maybe $2 by passing
3023 expand_setup containing zero. If its value changes, reset expand_nmax,
3024 since new variables will have been set. Note that at the end of this
3025 "lookup" section, the old numeric variables are restored. */
3028 lookup_value = NULL;
3031 void *handle = search_open(filename, stype, 0, NULL, NULL);
3034 expand_string_message = search_error_message;
3037 lookup_value = search_find(handle, filename, key, partial, affix,
3038 affixlen, starflags, &expand_setup);
3039 if (search_find_defer)
3041 expand_string_message =
3042 string_sprintf("lookup of \"%s\" gave DEFER: %s", key,
3043 search_error_message);
3046 if (expand_setup > 0) expand_nmax = expand_setup;
3049 /* The handling of "yes" and "no" result strings is now in a separate
3050 function that is also used by ${if} and ${extract}. */
3052 switch(process_yesno(
3053 skipping, /* were previously skipping */
3054 lookup_value != NULL, /* success/failure indicator */
3055 save_lookup_value, /* value to reset for string2 */
3056 &s, /* input pointer */
3057 &yield, /* output pointer */
3058 &size, /* output size */
3059 &ptr, /* output current point */
3060 US"lookup")) /* condition type */
3062 case 1: goto EXPAND_FAILED; /* when all is well, the */
3063 case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
3066 /* Restore external setting of expansion variables for carrying on
3067 at this level, and continue. */
3069 restore_expand_strings(save_expand_nmax, save_expand_nstring,
3070 save_expand_nlength);
3074 /* If Perl support is configured, handle calling embedded perl subroutines,
3075 unless locked out at this time. Syntax is ${perl{sub}} or ${perl{sub}{arg}}
3076 or ${perl{sub}{arg1}{arg2}} or up to a maximum of EXIM_PERL_MAX_ARGS
3077 arguments (defined below). */
3079 #define EXIM_PERL_MAX_ARGS 8
3083 expand_string_message = US"\"${perl\" encountered, but this facility "
3084 "is not included in this binary";
3087 #else /* EXIM_PERL */
3089 uschar *sub_arg[EXIM_PERL_MAX_ARGS + 2];
3092 if ((expand_forbid & RDO_PERL) != 0)
3094 expand_string_message = US"Perl calls are not permitted";
3098 switch(read_subs(sub_arg, EXIM_PERL_MAX_ARGS + 1, 1, &s, skipping, TRUE,
3101 case 1: goto EXPAND_FAILED_CURLY;
3103 case 3: goto EXPAND_FAILED;
3106 /* If skipping, we don't actually do anything */
3108 if (skipping) continue;
3110 /* Start the interpreter if necessary */
3112 if (!opt_perl_started)
3115 if (opt_perl_startup == NULL)
3117 expand_string_message = US"A setting of perl_startup is needed when "
3118 "using the Perl interpreter";
3121 DEBUG(D_any) debug_printf("Starting Perl interpreter\n");
3122 initerror = init_perl(opt_perl_startup);
3123 if (initerror != NULL)
3125 expand_string_message =
3126 string_sprintf("error in perl_startup code: %s\n", initerror);
3129 opt_perl_started = TRUE;
3132 /* Call the function */
3134 sub_arg[EXIM_PERL_MAX_ARGS + 1] = NULL;
3135 new_yield = call_perl_cat(yield, &size, &ptr, &expand_string_message,
3136 sub_arg[0], sub_arg + 1);
3138 /* NULL yield indicates failure; if the message pointer has been set to
3139 NULL, the yield was undef, indicating a forced failure. Otherwise the
3140 message will indicate some kind of Perl error. */
3142 if (new_yield == NULL)
3144 if (expand_string_message == NULL)
3146 expand_string_message =
3147 string_sprintf("Perl subroutine \"%s\" returned undef to force "
3148 "failure", sub_arg[0]);
3149 expand_string_forcedfail = TRUE;
3154 /* Yield succeeded. Ensure forcedfail is unset, just in case it got
3155 set during a callback from Perl. */
3157 expand_string_forcedfail = FALSE;
3161 #endif /* EXIM_PERL */
3163 /* Handle "readfile" to insert an entire file */
3165 case EITEM_READFILE:
3170 if ((expand_forbid & RDO_READFILE) != 0)
3172 expand_string_message = US"file insertions are not permitted";
3176 switch(read_subs(sub_arg, 2, 1, &s, skipping, TRUE, US"readfile"))
3178 case 1: goto EXPAND_FAILED_CURLY;
3180 case 3: goto EXPAND_FAILED;
3183 /* If skipping, we don't actually do anything */
3185 if (skipping) continue;
3187 /* Open the file and read it */
3189 f = Ufopen(sub_arg[0], "rb");
3192 expand_string_message = string_open_failed(errno, "%s", sub_arg[0]);
3196 yield = cat_file(f, yield, &size, &ptr, sub_arg[1]);
3201 /* Handle "readsocket" to insert data from a Unix domain socket */
3203 case EITEM_READSOCK:
3209 struct sockaddr_un sockun; /* don't call this "sun" ! */
3213 if ((expand_forbid & RDO_READSOCK) != 0)
3215 expand_string_message = US"socket insertions are not permitted";
3219 /* Read up to 4 arguments, but don't do the end of item check afterwards,
3220 because there may be a string for expansion on failure. */
3222 switch(read_subs(sub_arg, 4, 2, &s, skipping, FALSE, US"readsocket"))
3224 case 1: goto EXPAND_FAILED_CURLY;
3225 case 2: /* Won't occur: no end check */
3226 case 3: goto EXPAND_FAILED;
3229 /* Sort out timeout, if given */
3231 if (sub_arg[2] != NULL)
3233 timeout = readconf_readtime(sub_arg[2], 0, FALSE);
3236 expand_string_message = string_sprintf("bad time value %s",
3241 else sub_arg[3] = NULL; /* No eol if no timeout */
3243 /* If skipping, we don't actually do anything */
3247 /* Make a connection to the socket */
3249 if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
3251 expand_string_message = string_sprintf("failed to create socket: %s",
3256 sockun.sun_family = AF_UNIX;
3257 sprintf(sockun.sun_path, "%.*s", (int)(sizeof(sockun.sun_path)-1),
3259 if(connect(fd, (struct sockaddr *)(&sockun), sizeof(sockun)) == -1)
3261 expand_string_message = string_sprintf("failed to connect to socket "
3262 "%s: %s", sub_arg[0], strerror(errno));
3265 DEBUG(D_expand) debug_printf("connected to socket %s\n", sub_arg[0]);
3267 /* Write the request string, if not empty */
3269 if (sub_arg[1][0] != 0)
3271 int len = Ustrlen(sub_arg[1]);
3272 DEBUG(D_expand) debug_printf("writing \"%s\" to socket\n",
3274 if (write(fd, sub_arg[1], len) != len)
3276 expand_string_message = string_sprintf("request write to socket "
3277 "failed: %s", strerror(errno));
3282 /* Now we need to read from the socket, under a timeout. The function
3283 that reads a file can be used. */
3285 f = fdopen(fd, "rb");
3286 sigalrm_seen = FALSE;
3288 yield = cat_file(f, yield, &size, &ptr, sub_arg[3]);
3292 /* After a timeout, we restore the pointer in the result, that is,
3293 make sure we add nothing from the socket. */
3298 expand_string_message = US"socket read timed out";
3303 /* The whole thing has worked (or we were skipping). If there is a
3304 failure string following, we need to skip it. */
3308 if (expand_string_internal(s+1, TRUE, &s, TRUE) == NULL)
3310 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3311 while (isspace(*s)) s++;
3313 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3316 /* Come here on failure to create socket, connect socket, write to the
3317 socket, or timeout on reading. If another substring follows, expand and
3318 use it. Otherwise, those conditions give expand errors. */
3321 if (*s != '{') goto EXPAND_FAILED;
3322 DEBUG(D_any) debug_printf("%s\n", expand_string_message);
3323 arg = expand_string_internal(s+1, TRUE, &s, FALSE);
3324 if (arg == NULL) goto EXPAND_FAILED;
3325 yield = string_cat(yield, &size, &ptr, arg, Ustrlen(arg));
3326 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3327 while (isspace(*s)) s++;
3328 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3332 /* Handle "run" to execute a program. */
3344 if ((expand_forbid & RDO_RUN) != 0)
3346 expand_string_message = US"running a command is not permitted";
3350 while (isspace(*s)) s++;
3351 if (*s != '{') goto EXPAND_FAILED_CURLY;
3352 arg = expand_string_internal(s+1, TRUE, &s, skipping);
3353 if (arg == NULL) goto EXPAND_FAILED;
3354 while (isspace(*s)) s++;
3355 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3357 if (skipping) /* Just pretend it worked when we're skipping */
3363 if (!transport_set_up_command(&argv, /* anchor for arg list */
3364 arg, /* raw command */
3365 FALSE, /* don't expand the arguments */
3366 0, /* not relevant when... */
3367 NULL, /* no transporting address */
3368 US"${run} expansion", /* for error messages */
3369 &expand_string_message)) /* where to put error message */
3374 /* Create the child process, making it a group leader. */
3376 pid = child_open(argv, NULL, 0077, &fd_in, &fd_out, TRUE);
3380 expand_string_message =
3381 string_sprintf("couldn't create child process: %s", strerror(errno));
3385 /* Nothing is written to the standard input. */
3389 /* Wait for the process to finish, applying the timeout, and inspect its
3390 return code for serious disasters. Simple non-zero returns are passed on.
3393 if ((runrc = child_close(pid, 60)) < 0)
3397 expand_string_message = string_sprintf("command timed out");
3398 killpg(pid, SIGKILL); /* Kill the whole process group */
3401 else if (runrc == -257)
3402 expand_string_message = string_sprintf("wait() failed: %s",
3406 expand_string_message = string_sprintf("command killed by signal %d",
3412 /* Read the pipe to get the command's output into $value (which is kept
3413 in lookup_value). */
3415 f = fdopen(fd_out, "rb");
3416 lookup_value = NULL;
3417 lookup_value = cat_file(f, lookup_value, &lsize, &lptr, NULL);
3421 /* Process the yes/no strings; $value may be useful in both cases */
3423 switch(process_yesno(
3424 skipping, /* were previously skipping */
3425 runrc == 0, /* success/failure indicator */
3426 lookup_value, /* value to reset for string2 */
3427 &s, /* input pointer */
3428 &yield, /* output pointer */
3429 &size, /* output size */
3430 &ptr, /* output current point */
3431 US"run")) /* condition type */
3433 case 1: goto EXPAND_FAILED; /* when all is well, the */
3434 case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
3440 /* Handle character translation for "tr" */
3448 switch(read_subs(sub, 3, 3, &s, skipping, TRUE, US"tr"))
3450 case 1: goto EXPAND_FAILED_CURLY;
3452 case 3: goto EXPAND_FAILED;
3455 yield = string_cat(yield, &size, &ptr, sub[0], Ustrlen(sub[0]));
3456 o2m = Ustrlen(sub[2]) - 1;
3458 if (o2m >= 0) for (; oldptr < ptr; oldptr++)
3460 uschar *m = Ustrrchr(sub[1], yield[oldptr]);
3464 yield[oldptr] = sub[2][(o < o2m)? o : o2m];
3471 /* Handle "hash", "length", "nhash", and "substr" when they are given with
3472 expanded arguments. */
3482 int val[2] = { 0, -1 };
3485 /* "length" takes only 2 arguments whereas the others take 2 or 3.
3486 Ensure that sub[2] is set in the ${length case. */
3489 switch(read_subs(sub, (item_type == EITEM_LENGTH)? 2:3, 2, &s, skipping,
3492 case 1: goto EXPAND_FAILED_CURLY;
3494 case 3: goto EXPAND_FAILED;
3497 /* Juggle the arguments if there are only two of them: always move the
3498 string to the last position and make ${length{n}{str}} equivalent to
3499 ${substr{0}{n}{str}}. See the defaults for val[] above. */
3505 if (item_type == EITEM_LENGTH)
3512 for (i = 0; i < 2; i++)
3514 if (sub[i] == NULL) continue;
3515 val[i] = (int)Ustrtol(sub[i], &ret, 10);
3516 if (*ret != 0 || (i != 0 && val[i] < 0))
3518 expand_string_message = string_sprintf("\"%s\" is not a%s number "
3519 "(in \"%s\" expansion)", sub[i], (i != 0)? " positive" : "", name);
3525 (item_type == EITEM_HASH)?
3526 compute_hash(sub[2], val[0], val[1], &len) :
3527 (item_type == EITEM_NHASH)?
3528 compute_nhash(sub[2], val[0], val[1], &len) :
3529 extract_substr(sub[2], val[0], val[1], &len);
3531 if (ret == NULL) goto EXPAND_FAILED;
3532 yield = string_cat(yield, &size, &ptr, ret, len);
3536 /* Handle HMAC computation: ${hmac{<algorithm>}{<secret>}{<text>}}
3537 This code originally contributed by Steve Haslam. It currently supports
3538 the use of MD5 and SHA-1 hashes.
3540 We need some workspace that is large enough to handle all the supported
3541 hash types. Use macros to set the sizes rather than be too elaborate. */
3543 #define MAX_HASHLEN 20
3544 #define MAX_HASHBLOCKLEN 64
3553 int hashlen; /* Number of octets for the hash algorithm's output */
3554 int hashblocklen; /* Number of octets the hash algorithm processes */
3556 unsigned int keylen;
3558 uschar keyhash[MAX_HASHLEN];
3559 uschar innerhash[MAX_HASHLEN];
3560 uschar finalhash[MAX_HASHLEN];
3561 uschar finalhash_hex[2*MAX_HASHLEN];
3562 uschar innerkey[MAX_HASHBLOCKLEN];
3563 uschar outerkey[MAX_HASHBLOCKLEN];
3565 switch (read_subs(sub, 3, 3, &s, skipping, TRUE, name))
3567 case 1: goto EXPAND_FAILED_CURLY;
3569 case 3: goto EXPAND_FAILED;
3572 if (Ustrcmp(sub[0], "md5") == 0)
3575 use_base = &md5_base;
3579 else if (Ustrcmp(sub[0], "sha1") == 0)
3582 use_base = &sha1_base;
3588 expand_string_message =
3589 string_sprintf("hmac algorithm \"%s\" is not recognised", sub[0]);
3594 keylen = Ustrlen(keyptr);
3596 /* If the key is longer than the hash block length, then hash the key
3599 if (keylen > hashblocklen)
3601 chash_start(type, use_base);
3602 chash_end(type, use_base, keyptr, keylen, keyhash);
3607 /* Now make the inner and outer key values */
3609 memset(innerkey, 0x36, hashblocklen);
3610 memset(outerkey, 0x5c, hashblocklen);
3612 for (i = 0; i < keylen; i++)
3614 innerkey[i] ^= keyptr[i];
3615 outerkey[i] ^= keyptr[i];
3618 /* Now do the hashes */
3620 chash_start(type, use_base);
3621 chash_mid(type, use_base, innerkey);
3622 chash_end(type, use_base, sub[2], Ustrlen(sub[2]), innerhash);
3624 chash_start(type, use_base);
3625 chash_mid(type, use_base, outerkey);
3626 chash_end(type, use_base, innerhash, hashlen, finalhash);
3628 /* Encode the final hash as a hex string */
3631 for (i = 0; i < hashlen; i++)
3633 *p++ = hex_digits[(finalhash[i] & 0xf0) >> 4];
3634 *p++ = hex_digits[finalhash[i] & 0x0f];
3637 DEBUG(D_any) debug_printf("HMAC[%s](%.*s,%.*s)=%.*s\n", sub[0],
3638 (int)keylen, keyptr, Ustrlen(sub[2]), sub[2], hashlen*2, finalhash_hex);
3640 yield = string_cat(yield, &size, &ptr, finalhash_hex, hashlen*2);
3645 /* Handle global substitution for "sg" - like Perl's s/xxx/yyy/g operator.
3646 We have to save the numerical variables and restore them afterwards. */
3651 int moffset, moffsetextra, slen;
3654 const uschar *rerror;
3657 int save_expand_nmax =
3658 save_expand_strings(save_expand_nstring, save_expand_nlength);
3660 switch(read_subs(sub, 3, 3, &s, skipping, TRUE, US"sg"))
3662 case 1: goto EXPAND_FAILED_CURLY;
3664 case 3: goto EXPAND_FAILED;
3667 /* Compile the regular expression */
3669 re = pcre_compile(CS sub[1], PCRE_COPT, (const char **)&rerror, &roffset,
3674 expand_string_message = string_sprintf("regular expression error in "
3675 "\"%s\": %s at offset %d", sub[1], rerror, roffset);
3679 /* Now run a loop to do the substitutions as often as necessary. It ends
3680 when there are no more matches. Take care over matches of the null string;
3681 do the same thing as Perl does. */
3684 slen = Ustrlen(sub[0]);
3685 moffset = moffsetextra = 0;
3690 int ovector[3*(EXPAND_MAXN+1)];
3691 int n = pcre_exec(re, NULL, CS subject, slen, moffset + moffsetextra,
3692 PCRE_EOPT | emptyopt, ovector, sizeof(ovector)/sizeof(int));
3696 /* No match - if we previously set PCRE_NOTEMPTY after a null match, this
3697 is not necessarily the end. We want to repeat the match from one
3698 character further along, but leaving the basic offset the same (for
3699 copying below). We can't be at the end of the string - that was checked
3700 before setting PCRE_NOTEMPTY. If PCRE_NOTEMPTY is not set, we are
3701 finished; copy the remaining string and end the loop. */
3711 yield = string_cat(yield, &size, &ptr, subject+moffset, slen-moffset);
3715 /* Match - set up for expanding the replacement. */
3717 if (n == 0) n = EXPAND_MAXN + 1;
3719 for (nn = 0; nn < n*2; nn += 2)
3721 expand_nstring[expand_nmax] = subject + ovector[nn];
3722 expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn];
3726 /* Copy the characters before the match, plus the expanded insertion. */
3728 yield = string_cat(yield, &size, &ptr, subject + moffset,
3729 ovector[0] - moffset);
3730 insert = expand_string(sub[2]);
3731 if (insert == NULL) goto EXPAND_FAILED;
3732 yield = string_cat(yield, &size, &ptr, insert, Ustrlen(insert));
3734 moffset = ovector[1];
3738 /* If we have matched an empty string, first check to see if we are at
3739 the end of the subject. If so, the loop is over. Otherwise, mimic
3740 what Perl's /g options does. This turns out to be rather cunning. First
3741 we set PCRE_NOTEMPTY and PCRE_ANCHORED and try the match a non-empty
3742 string at the same point. If this fails (picked up above) we advance to
3743 the next character. */
3745 if (ovector[0] == ovector[1])
3747 if (ovector[0] == slen) break;
3748 emptyopt = PCRE_NOTEMPTY | PCRE_ANCHORED;
3752 /* All done - restore numerical variables. */
3754 restore_expand_strings(save_expand_nmax, save_expand_nstring,
3755 save_expand_nlength);
3759 /* Handle keyed and numbered substring extraction. If the first argument
3760 consists entirely of digits, then a numerical extraction is assumed. */
3766 int field_number = 1;
3767 BOOL field_number_set = FALSE;
3768 uschar *save_lookup_value = lookup_value;
3770 int save_expand_nmax =
3771 save_expand_strings(save_expand_nstring, save_expand_nlength);
3773 /* Read the arguments */
3775 for (i = 0; i < j; i++)
3777 while (isspace(*s)) s++;
3780 sub[i] = expand_string_internal(s+1, TRUE, &s, skipping);
3781 if (sub[i] == NULL) goto EXPAND_FAILED;
3782 if (*s++ != '}') goto EXPAND_FAILED_CURLY;
3784 /* After removal of leading and trailing white space, the first
3785 argument must not be empty; if it consists entirely of digits
3786 (optionally preceded by a minus sign), this is a numerical
3787 extraction, and we expect 3 arguments. */
3795 while (isspace(*p)) p++;
3799 while (len > 0 && isspace(p[len-1])) len--;
3804 expand_string_message = US"first argument of \"expand\" must not "
3814 while (*p != 0 && isdigit(*p)) x = x * 10 + *p++ - '0';
3818 j = 3; /* Need 3 args */
3819 field_number_set = TRUE;
3823 else goto EXPAND_FAILED_CURLY;
3826 /* Extract either the numbered or the keyed substring into $value. If
3827 skipping, just pretend the extraction failed. */
3829 lookup_value = skipping? NULL : field_number_set?
3830 expand_gettokened(field_number, sub[1], sub[2]) :
3831 expand_getkeyed(sub[0], sub[1]);
3833 /* If no string follows, $value gets substituted; otherwise there can
3834 be yes/no strings, as for lookup or if. */
3836 switch(process_yesno(
3837 skipping, /* were previously skipping */
3838 lookup_value != NULL, /* success/failure indicator */
3839 save_lookup_value, /* value to reset for string2 */
3840 &s, /* input pointer */
3841 &yield, /* output pointer */
3842 &size, /* output size */
3843 &ptr, /* output current point */
3844 US"extract")) /* condition type */
3846 case 1: goto EXPAND_FAILED; /* when all is well, the */
3847 case 2: goto EXPAND_FAILED_CURLY; /* returned value is 0 */
3850 /* All done - restore numerical variables. */
3852 restore_expand_strings(save_expand_nmax, save_expand_nstring,
3853 save_expand_nlength);
3859 /* If ${dlfunc support is configured, handle calling dynamically-loaded
3860 functions, unless locked out at this time. Syntax is ${dlfunc{file}{func}}
3861 or ${dlfunc{file}{func}{arg}} or ${dlfunc{file}{func}{arg1}{arg2}} or up to
3862 a maximum of EXPAND_DLFUNC_MAX_ARGS arguments (defined below). */
3864 #define EXPAND_DLFUNC_MAX_ARGS 8
3867 #ifndef EXPAND_DLFUNC
3868 expand_string_message = US"\"${dlfunc\" encountered, but this facility "
3869 "is not included in this binary";
3872 #else /* EXPAND_DLFUNC */
3875 exim_dlfunc_t *func;
3878 uschar *argv[EXPAND_DLFUNC_MAX_ARGS + 3];
3880 if ((expand_forbid & RDO_DLFUNC) != 0)
3882 expand_string_message =
3883 US"dynamically-loaded functions are not permitted";
3887 switch(read_subs(argv, EXPAND_DLFUNC_MAX_ARGS + 2, 2, &s, skipping,
3890 case 1: goto EXPAND_FAILED_CURLY;
3892 case 3: goto EXPAND_FAILED;
3895 /* If skipping, we don't actually do anything */
3897 if (skipping) continue;
3899 /* Look up the dynamically loaded object handle in the tree. If it isn't
3900 found, dlopen() the file and put the handle in the tree for next time. */
3902 t = tree_search(dlobj_anchor, argv[0]);
3905 void *handle = dlopen(CS argv[0], RTLD_LAZY);
3908 expand_string_message = string_sprintf("dlopen \"%s\" failed: %s",
3909 argv[0], dlerror());
3910 log_write(0, LOG_MAIN|LOG_PANIC, "%s", expand_string_message);
3913 t = store_get_perm(sizeof(tree_node) + Ustrlen(argv[0]));
3914 Ustrcpy(t->name, argv[0]);
3915 t->data.ptr = handle;
3916 (void)tree_insertnode(&dlobj_anchor, t);
3919 /* Having obtained the dynamically loaded object handle, look up the
3920 function pointer. */
3922 func = (exim_dlfunc_t *)dlsym(t->data.ptr, CS argv[1]);
3925 expand_string_message = string_sprintf("dlsym \"%s\" in \"%s\" failed: "
3926 "%s", argv[1], argv[0], dlerror());
3927 log_write(0, LOG_MAIN|LOG_PANIC, "%s", expand_string_message);
3931 /* Call the function and work out what to do with the result. If it
3932 returns OK, we have a replacement string; if it returns DEFER then
3933 expansion has failed in a non-forced manner; if it returns FAIL then
3934 failure was forced; if it returns ERROR or any other value there's a
3935 problem, so panic slightly. */
3938 for (argc = 0; argv[argc] != NULL; argc++);
3939 status = func(&result, argc - 2, &argv[2]);
3942 if (result == NULL) result = US"";
3943 yield = string_cat(yield, &size, &ptr, result, Ustrlen(result));
3948 expand_string_message = result == NULL ? US"(no message)" : result;
3949 if(status == FAIL_FORCED) expand_string_forcedfail = TRUE;
3950 else if(status != FAIL)
3951 log_write(0, LOG_MAIN|LOG_PANIC, "dlfunc{%s}{%s} failed (%d): %s",
3952 argv[0], argv[1], status, expand_string_message);
3956 #endif /* EXPAND_DLFUNC */
3959 /* Control reaches here if the name is not recognized as one of the more
3960 complicated expansion items. Check for the "operator" syntax (name terminated
3961 by a colon). Some of the operators have arguments, separated by _ from the
3968 uschar *sub = expand_string_internal(s+1, TRUE, &s, skipping);
3969 if (sub == NULL) goto EXPAND_FAILED;
3972 /* Owing to an historical mis-design, an underscore may be part of the
3973 operator name, or it may introduce arguments. We therefore first scan the
3974 table of names that contain underscores. If there is no match, we cut off
3975 the arguments and then scan the main table. */
3977 c = chop_match(name, op_table_underscore,
3978 sizeof(op_table_underscore)/sizeof(uschar *));
3982 arg = Ustrchr(name, '_');
3983 if (arg != NULL) *arg = 0;
3984 c = chop_match(name, op_table_main,
3985 sizeof(op_table_main)/sizeof(uschar *));
3986 if (c >= 0) c += sizeof(op_table_underscore)/sizeof(uschar *);
3987 if (arg != NULL) *arg++ = '_'; /* Put back for error messages */
3990 /* If we are skipping, we don't need to perform the operation at all.
3991 This matters for operations like "mask", because the data may not be
3992 in the correct format when skipping. For example, the expression may test
3993 for the existence of $sender_host_address before trying to mask it. For
3994 other operations, doing them may not fail, but it is a waste of time. */
3996 if (skipping && c >= 0) continue;
3998 /* Otherwise, switch on the operator type */
4005 unsigned long int n = Ustrtoul(sub, &t, 10);
4008 expand_string_message = string_sprintf("argument for base62 "
4009 "operator is \"%s\", which is not a decimal number", sub);
4012 t = string_base62(n);
4013 yield = string_cat(yield, &size, &ptr, t, Ustrlen(t));
4021 unsigned long int n = 0;
4024 uschar *t = Ustrchr(base62_chars, *tt++);
4027 expand_string_message = string_sprintf("argument for base62d "
4028 "operator is \"%s\", which is not a base 62 number", sub);
4031 n = n * 62 + (t - base62_chars);
4033 (void)sprintf(CS buf, "%ld", n);
4034 yield = string_cat(yield, &size, &ptr, buf, Ustrlen(buf));
4040 uschar *expanded = expand_string_internal(sub, FALSE, NULL, skipping);
4041 if (expanded == NULL)
4043 expand_string_message =
4044 string_sprintf("internal expansion of \"%s\" failed: %s", sub,
4045 expand_string_message);
4048 yield = string_cat(yield, &size, &ptr, expanded, Ustrlen(expanded));
4055 uschar *t = sub - 1;
4056 while (*(++t) != 0) { *t = tolower(*t); count++; }
4057 yield = string_cat(yield, &size, &ptr, sub, count);
4064 uschar *t = sub - 1;
4065 while (*(++t) != 0) { *t = toupper(*t); count++; }
4066 yield = string_cat(yield, &size, &ptr, sub, count);
4077 md5_end(&base, sub, Ustrlen(sub), digest);
4078 for(j = 0; j < 16; j++) sprintf(st+2*j, "%02x", digest[j]);
4079 yield = string_cat(yield, &size, &ptr, US st, (int)strlen(st));
4090 sha1_end(&base, sub, Ustrlen(sub), digest);
4091 for(j = 0; j < 20; j++) sprintf(st+2*j, "%02X", digest[j]);
4092 yield = string_cat(yield, &size, &ptr, US st, (int)strlen(st));
4096 /* Convert hex encoding to base64 encoding */
4106 for (enc = sub; *enc != 0; enc++)
4108 if (!isxdigit(*enc))
4110 expand_string_message = string_sprintf("\"%s\" is not a hex "
4119 expand_string_message = string_sprintf("\"%s\" contains an odd "
4120 "number of characters", sub);
4124 while ((c = *in++) != 0)
4126 if (isdigit(c)) c -= '0';
4127 else c = toupper(c) - 'A' + 10;
4139 enc = auth_b64encode(sub, out - sub);
4140 yield = string_cat(yield, &size, &ptr, enc, Ustrlen(enc));
4144 /* mask applies a mask to an IP address; for example the result of
4145 ${mask:131.111.10.206/28} is 131.111.10.192/28. */
4152 int mask, maskoffset;
4153 int type = string_is_ip_address(sub, &maskoffset);
4158 expand_string_message = string_sprintf("\"%s\" is not an IP address",
4163 if (maskoffset == 0)
4165 expand_string_message = string_sprintf("missing mask value in \"%s\"",
4170 mask = Ustrtol(sub + maskoffset + 1, &endptr, 10);
4172 if (*endptr != 0 || mask < 0 || mask > ((type == 4)? 32 : 128))
4174 expand_string_message = string_sprintf("mask value too big in \"%s\"",
4179 /* Convert the address to binary integer(s) and apply the mask */
4181 sub[maskoffset] = 0;
4182 count = host_aton(sub, binary);
4183 host_mask(count, binary, mask);
4185 /* Convert to masked textual format and add to output. */
4187 yield = string_cat(yield, &size, &ptr, buffer,
4188 host_nmtoa(count, binary, mask, buffer, '.'));
4193 case EOP_LOCAL_PART:
4197 int start, end, domain;
4198 uschar *t = parse_extract_address(sub, &error, &start, &end, &domain,
4202 if (c != EOP_DOMAIN)
4204 if (c == EOP_LOCAL_PART && domain != 0) end = start + domain - 1;
4205 yield = string_cat(yield, &size, &ptr, sub+start, end-start);
4207 else if (domain != 0)
4210 yield = string_cat(yield, &size, &ptr, sub+domain, end-domain);
4216 /* quote puts a string in quotes if it is empty or contains anything
4217 other than alphamerics, underscore, dot, or hyphen.
4219 quote_local_part puts a string in quotes if RFC 2821/2822 requires it to
4220 be quoted in order to be a valid local part.
4222 In both cases, newlines and carriage returns are converted into \n and \r
4226 case EOP_QUOTE_LOCAL_PART:
4229 BOOL needs_quote = (*sub == 0); /* TRUE for empty string */
4230 uschar *t = sub - 1;
4234 while (!needs_quote && *(++t) != 0)
4235 needs_quote = !isalnum(*t) && !strchr("_-.", *t);
4237 else /* EOP_QUOTE_LOCAL_PART */
4239 while (!needs_quote && *(++t) != 0)
4240 needs_quote = !isalnum(*t) &&
4241 strchr("!#$%&'*+-/=?^_`{|}~", *t) == NULL &&
4242 (*t != '.' || t == sub || t[1] == 0);
4247 yield = string_cat(yield, &size, &ptr, US"\"", 1);
4252 yield = string_cat(yield, &size, &ptr, US"\\n", 2);
4253 else if (*t == '\r')
4254 yield = string_cat(yield, &size, &ptr, US"\\r", 2);
4257 if (*t == '\\' || *t == '"')
4258 yield = string_cat(yield, &size, &ptr, US"\\", 1);
4259 yield = string_cat(yield, &size, &ptr, t, 1);
4262 yield = string_cat(yield, &size, &ptr, US"\"", 1);
4264 else yield = string_cat(yield, &size, &ptr, sub, Ustrlen(sub));
4268 /* quote_lookuptype does lookup-specific quoting */
4273 uschar *opt = Ustrchr(arg, '_');
4275 if (opt != NULL) *opt++ = 0;
4277 n = search_findtype(arg, Ustrlen(arg));
4280 expand_string_message = search_error_message;
4284 if (lookup_list[n].quote != NULL)
4285 sub = (lookup_list[n].quote)(sub, opt);
4286 else if (opt != NULL) sub = NULL;
4290 expand_string_message = string_sprintf(
4291 "\"%s\" unrecognized after \"${quote_%s\"",
4296 yield = string_cat(yield, &size, &ptr, sub, Ustrlen(sub));
4300 /* rx quote sticks in \ before any non-alphameric character so that
4301 the insertion works in a regular expression. */
4305 uschar *t = sub - 1;
4309 yield = string_cat(yield, &size, &ptr, US"\\", 1);
4310 yield = string_cat(yield, &size, &ptr, t, 1);
4315 /* RFC 2047 encodes, assuming headers_charset (default ISO 8859-1) as
4316 prescribed by the RFC, if there are characters that need to be encoded */
4320 uschar buffer[2048];
4321 uschar *string = parse_quote_2047(sub, Ustrlen(sub), headers_charset,
4322 buffer, sizeof(buffer));
4323 yield = string_cat(yield, &size, &ptr, string, Ustrlen(string));
4327 /* from_utf8 converts UTF-8 to 8859-1, turning non-existent chars into
4337 if (c > 255) c = '_';
4339 yield = string_cat(yield, &size, &ptr, buff, 1);
4344 /* escape turns all non-printing characters into escape sequences. */
4348 uschar *t = string_printing(sub);
4349 yield = string_cat(yield, &size, &ptr, t, Ustrlen(t));
4353 /* Handle numeric expression evaluation */
4358 uschar *save_sub = sub;
4359 uschar *error = NULL;
4360 int n = eval_expr(&sub, (c == EOP_EVAL10), &error, FALSE);
4363 expand_string_message = string_sprintf("error in expression "
4364 "evaluation: %s (after processing \"%.*s\")", error, sub-save_sub,
4368 sprintf(CS var_buffer, "%d", n);
4369 yield = string_cat(yield, &size, &ptr, var_buffer, Ustrlen(var_buffer));
4373 /* Handle time period formating */
4375 case EOP_TIME_INTERVAL:
4378 uschar *t = read_number(&n, sub);
4379 if (*t != 0) /* Not A Number*/
4381 expand_string_message = string_sprintf("string \"%s\" is not a "
4382 "positive number in \"%s\" operator", sub, name);
4385 t = readconf_printtime(n);
4386 yield = string_cat(yield, &size, &ptr, t, Ustrlen(t));
4390 /* Convert string to base64 encoding */
4394 uschar *encstr = auth_b64encode(sub, Ustrlen(sub));
4395 yield = string_cat(yield, &size, &ptr, encstr, Ustrlen(encstr));
4399 /* strlen returns the length of the string */
4404 (void)sprintf(CS buff, "%d", Ustrlen(sub));
4405 yield = string_cat(yield, &size, &ptr, buff, Ustrlen(buff));
4409 /* length_n or l_n takes just the first n characters or the whole string,
4410 whichever is the shorter;
4412 substr_m_n, and s_m_n take n characters from offset m; negative m take
4413 from the end; l_n is synonymous with s_0_n. If n is omitted in substr it
4414 takes the rest, either to the right or to the left.
4416 hash_n or h_n makes a hash of length n from the string, yielding n
4417 characters from the set a-z; hash_n_m makes a hash of length n, but
4418 uses m characters from the set a-zA-Z0-9.
4420 nhash_n returns a single number between 0 and n-1 (in text form), while
4421 nhash_n_m returns a div/mod hash as two numbers "a/b". The first lies
4422 between 0 and n-1 and the second between 0 and m-1. */
4442 expand_string_message = string_sprintf("missing values after %s",
4447 /* "length" has only one argument, effectively being synonymous with
4450 if (c == EOP_LENGTH || c == EOP_L)
4456 /* The others have one or two arguments; for "substr" the first may be
4457 negative. The second being negative means "not supplied". */
4462 if (name[0] == 's' && *arg == '-') { sign = -1; arg++; }
4465 /* Read up to two numbers, separated by underscores */
4470 if (arg != ret && *arg == '_' && pn == &value1)
4474 if (arg[1] != 0) arg++;
4476 else if (!isdigit(*arg))
4478 expand_string_message =
4479 string_sprintf("non-digit after underscore in \"%s\"", name);
4482 else *pn = (*pn)*10 + *arg++ - '0';
4486 /* Perform the required operation */
4489 (c == EOP_HASH || c == EOP_H)?
4490 compute_hash(sub, value1, value2, &len) :
4491 (c == EOP_NHASH || c == EOP_NH)?
4492 compute_nhash(sub, value1, value2, &len) :
4493 extract_substr(sub, value1, value2, &len);
4495 if (ret == NULL) goto EXPAND_FAILED;
4496 yield = string_cat(yield, &size, &ptr, ret, len);
4506 uschar **modetable[3];
4511 if (stat(CS sub, &st) < 0)
4513 expand_string_message = string_sprintf("stat(%s) failed: %s",
4514 sub, strerror(errno));
4518 switch (mode & S_IFMT)
4520 case S_IFIFO: smode[0] = 'p'; break;
4521 case S_IFCHR: smode[0] = 'c'; break;
4522 case S_IFDIR: smode[0] = 'd'; break;
4523 case S_IFBLK: smode[0] = 'b'; break;
4524 case S_IFREG: smode[0] = '-'; break;
4525 default: smode[0] = '?'; break;
4528 modetable[0] = ((mode & 01000) == 0)? mtable_normal : mtable_sticky;
4529 modetable[1] = ((mode & 02000) == 0)? mtable_normal : mtable_setid;
4530 modetable[2] = ((mode & 04000) == 0)? mtable_normal : mtable_setid;
4532 for (i = 0; i < 3; i++)
4534 memcpy(CS(smode + 7 - i*3), CS(modetable[i][mode & 7]), 3);
4539 s = string_sprintf("mode=%04lo smode=%s inode=%ld device=%ld links=%ld "
4540 "uid=%ld gid=%ld size=%ld atime=%ld mtime=%ld ctime=%ld",
4541 (long)(st.st_mode & 077777), smode, (long)st.st_ino,
4542 (long)st.st_dev, (long)st.st_nlink, (long)st.st_uid,
4543 (long)st.st_gid, (long)st.st_size, (long)st.st_atime,
4544 (long)st.st_mtime, (long)st.st_ctime);
4545 yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
4549 /* Unknown operator */
4552 expand_string_message =
4553 string_sprintf("unknown expansion operator \"%s\"", name);
4558 /* Handle a plain name. If this is the first thing in the expansion, release
4559 the pre-allocated buffer. If the result data is known to be in a new buffer,
4560 newsize will be set to the size of that buffer, and we can just point at that
4561 store instead of copying. Many expansion strings contain just one reference,
4562 so this is a useful optimization, especially for humungous headers
4563 ($message_headers). */
4575 value = find_variable(name, FALSE, skipping, &newsize);
4578 expand_string_message =
4579 string_sprintf("unknown variable in \"${%s}\"", name);
4582 len = Ustrlen(value);
4583 if (yield == NULL && newsize != 0)
4589 else yield = string_cat(yield, &size, &ptr, value, len);
4593 /* Else there's something wrong */
4595 expand_string_message =
4596 string_sprintf("\"${%s\" is not a known operator (or a } is missing "
4597 "in a variable reference)", name);
4601 /* If we hit the end of the string when ket_ends is set, there is a missing
4602 terminating brace. */
4604 if (ket_ends && *s == 0)
4606 expand_string_message = malformed_header?
4607 US"missing } at end of string - could be header name not terminated by colon"
4609 US"missing } at end of string";
4613 /* Expansion succeeded; yield may still be NULL here if nothing was actually
4614 added to the string. If so, set up an empty string. Add a terminating zero. If
4615 left != NULL, return a pointer to the terminator. */
4617 if (yield == NULL) yield = store_get(1);
4619 if (left != NULL) *left = s;
4621 /* Any stacking store that was used above the final string is no longer needed.
4622 In many cases the final string will be the first one that was got and so there
4623 will be optimal store usage. */
4625 store_reset(yield + ptr + 1);
4628 debug_printf("expanding: %.*s\n result: %s\n", (int)(s - string), string,
4630 if (skipping) debug_printf("skipping: result is not used\n");
4634 /* This is the failure exit: easiest to program with a goto. We still need
4635 to update the pointer to the terminator, for cases of nested calls with "fail".
4638 EXPAND_FAILED_CURLY:
4639 expand_string_message = malformed_header?
4640 US"missing or misplaced { or } - could be header name not terminated by colon"
4642 US"missing or misplaced { or }";
4644 /* At one point, Exim reset the store to yield (if yield was not NULL), but
4645 that is a bad idea, because expand_string_message is in dynamic store. */
4648 if (left != NULL) *left = s;
4651 debug_printf("failed to expand: %s\n", string);
4652 debug_printf(" error message: %s\n", expand_string_message);
4653 if (expand_string_forcedfail) debug_printf("failure was forced\n");
4659 /* This is the external function call. Do a quick check for any expansion
4660 metacharacters, and if there are none, just return the input string.
4662 Argument: the string to be expanded
4663 Returns: the expanded string, or NULL if expansion failed; if failure was
4664 due to a lookup deferring, search_find_defer will be TRUE
4668 expand_string(uschar *string)
4670 search_find_defer = FALSE;
4671 malformed_header = FALSE;
4672 return (Ustrpbrk(string, "$\\") == NULL)? string :
4673 expand_string_internal(string, FALSE, NULL, FALSE);
4678 /*************************************************
4680 *************************************************/
4682 /* Now and again we want to expand a string and be sure that the result is in a
4683 new bit of store. This function does that.
4685 Argument: the string to be expanded
4686 Returns: the expanded string, always in a new bit of store, or NULL
4690 expand_string_copy(uschar *string)
4692 uschar *yield = expand_string(string);
4693 if (yield == string) yield = string_copy(string);
4699 /*************************************************
4700 * Expand and interpret as an integer *
4701 *************************************************/
4703 /* Expand a string, and convert the result into an integer.
4705 Argument: the string to be expanded
4707 Returns: the integer value, or
4708 -1 for an expansion error ) in both cases, message in
4709 -2 for an integer interpretation error ) expand_string_message
4714 expand_string_integer(uschar *string)
4717 uschar *s = expand_string(string);
4718 uschar *msg = US"invalid integer \"%s\"";
4721 if (s == NULL) return -1;
4723 /* On an overflow, strtol() returns LONG_MAX or LONG_MIN, and sets errno
4724 to ERANGE. When there isn't an overflow, errno is not changed, at least on some
4725 systems, so we set it zero ourselves. */
4728 value = strtol(CS s, CSS &endptr, 0);
4732 msg = US"integer expected but \"%s\" found";
4736 /* Ensure we can cast this down to an int */
4737 if (value > INT_MAX || value < INT_MIN) errno = ERANGE;
4739 if (errno != ERANGE)
4741 if (tolower(*endptr) == 'k')
4743 if (value > INT_MAX/1024 || value < INT_MIN/1024) errno = ERANGE;
4747 else if (tolower(*endptr) == 'm')
4749 if (value > INT_MAX/(1024*1024) || value < INT_MIN/(1024*1024))
4751 else value *= 1024*1024;
4755 if (errno == ERANGE)
4756 msg = US"absolute value of integer \"%s\" is too large (overflow)";
4759 while (isspace(*endptr)) endptr++;
4760 if (*endptr == 0) return (int)value;
4764 expand_string_message = string_sprintf(CS msg, s);
4770 /*************************************************
4771 **************************************************
4772 * Stand-alone test program *
4773 **************************************************
4774 *************************************************/
4780 regex_match_and_setup(const pcre *re, uschar *subject, int options, int setup)
4782 int ovector[3*(EXPAND_MAXN+1)];
4783 int n = pcre_exec(re, NULL, subject, Ustrlen(subject), 0, PCRE_EOPT|options,
4784 ovector, sizeof(ovector)/sizeof(int));
4785 BOOL yield = n >= 0;
4786 if (n == 0) n = EXPAND_MAXN + 1;
4790 expand_nmax = (setup < 0)? 0 : setup + 1;
4791 for (nn = (setup < 0)? 0 : 2; nn < n*2; nn += 2)
4793 expand_nstring[expand_nmax] = subject + ovector[nn];
4794 expand_nlength[expand_nmax++] = ovector[nn+1] - ovector[nn];
4802 int main(int argc, uschar **argv)
4805 uschar buffer[1024];
4807 debug_selector = D_v;
4808 debug_file = stderr;
4809 debug_fd = fileno(debug_file);
4810 big_buffer = malloc(big_buffer_size);
4812 for (i = 1; i < argc; i++)
4814 if (argv[i][0] == '+')
4816 debug_trace_memory = 2;
4819 if (isdigit(argv[i][0]))
4820 debug_selector = Ustrtol(argv[i], NULL, 0);
4822 if (Ustrspn(argv[i], "abcdefghijklmnopqrtsuvwxyz0123456789-.:/") ==
4826 eldap_default_servers = argv[i];
4829 mysql_servers = argv[i];
4832 pgsql_servers = argv[i];
4836 else opt_perl_startup = argv[i];
4840 printf("Testing string expansion: debug_level = %d\n\n", debug_level);
4842 expand_nstring[1] = US"string 1....";
4843 expand_nlength[1] = 8;
4847 if (opt_perl_startup != NULL)
4850 printf("Starting Perl interpreter\n");
4851 errstr = init_perl(opt_perl_startup);
4854 printf("** error in perl_startup code: %s\n", errstr);
4855 return EXIT_FAILURE;
4858 #endif /* EXIM_PERL */
4860 while (fgets(buffer, sizeof(buffer), stdin) != NULL)
4862 void *reset_point = store_get(0);
4863 uschar *yield = expand_string(buffer);
4866 printf("%s\n", yield);
4867 store_reset(reset_point);
4871 if (search_find_defer) printf("search_find deferred\n");
4872 printf("Failed: %s\n", expand_string_message);
4873 if (expand_string_forcedfail) printf("Forced failure\n");
4885 /* End of expand.c */
git://git.exim.org / exim.git / blob