US"rxquote",
US"s",
US"sha1",
+ US"sha256",
US"stat",
US"str2b64",
US"strlen",
EOP_RXQUOTE,
EOP_S,
EOP_SHA1,
+ EOP_SHA256,
EOP_STAT,
EOP_STR2B64,
EOP_STRLEN,
#ifdef SUPPORT_TLS
case EITEM_CERTEXTRACT:
{
- int i;
- int field_number = 1;
uschar *save_lookup_value = lookup_value;
uschar *sub[2];
int save_expand_nmax =
/* strip spaces fore & aft */
{
int len;
- int x = 0;
uschar *p = sub[0];
while (isspace(*p)) p++;
int c;
uschar *arg = NULL;
uschar *sub;
- var_entry *vp;
+ var_entry *vp = NULL;
/* Owing to an historical mis-design, an underscore may be part of the
operator name, or it may introduce arguments. We therefore first scan the
as we do not want to do the usual expansion. For most, expand the string.*/
switch(c)
{
- case EOP_SHA1:
+#ifdef SUPPORT_TLS
case EOP_MD5:
+ case EOP_SHA1:
+ case EOP_SHA256:
if (s[1] == '$')
{
uschar * s1 = s;
break;
}
}
- vp = NULL;
/*FALLTHROUGH*/
+#endif
default:
sub = expand_string_internal(s+1, TRUE, &s, skipping, TRUE, &resetok);
if (!sub) goto EXPAND_FAILED;
}
case EOP_MD5:
+#ifdef SUPPORT_TLS
if (vp && *(void **)vp->value)
{
uschar * cp = tls_cert_fprt_md5(*(void **)vp->value);
- yield = string_cat(yield, &size, &ptr, cp, (int)strlen(cp));
+ yield = string_cat(yield, &size, &ptr, cp, Ustrlen(cp));
}
else
+#endif
{
md5 base;
uschar digest[16];
continue;
case EOP_SHA1:
+#ifdef SUPPORT_TLS
if (vp && *(void **)vp->value)
{
uschar * cp = tls_cert_fprt_sha1(*(void **)vp->value);
- yield = string_cat(yield, &size, &ptr, cp, (int)strlen(cp));
+ yield = string_cat(yield, &size, &ptr, cp, Ustrlen(cp));
}
else
+#endif
{
sha1 base;
uschar digest[20];
}
continue;
+ case EOP_SHA256:
+#ifdef SUPPORT_TLS
+ if (vp && *(void **)vp->value)
+ {
+ uschar * cp = tls_cert_fprt_sha256(*(void **)vp->value);
+ yield = string_cat(yield, &size, &ptr, cp, (int)strlen(cp));
+ }
+ else
+#endif
+ expand_string_message = US"sha256 only supported for certificates";
+ continue;
+
/* Convert hex encoding to base64 encoding */
case EOP_HEX2B64:
case EOP_UTF8CLEAN:
{
int seq_len, index = 0;
- int bytes_left = 0;
+ int bytes_left = 0;
uschar seq_buff[4]; /* accumulate utf-8 here */
while (*sub != 0)
complete = 0;
c = *sub++;
- if(bytes_left)
+ if (bytes_left)
{
if ((c & 0xc0) != 0x80)
{