-/* $Cambridge: exim/src/src/expand.c,v 1.102 2009/10/15 08:06:23 tom Exp $ */
+/* $Cambridge: exim/src/src/expand.c,v 1.105 2009/11/16 19:50:36 nm4 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2007 */
+/* Copyright (c) University of Cambridge 1995 - 2009 */
/* See the file NOTICE for conditions of use and distribution. */
US"nh",
US"nhash",
US"quote",
+ US"randint",
US"rfc2047",
US"rfc2047d",
US"rxquote",
EOP_NH,
EOP_NHASH,
EOP_QUOTE,
+ EOP_RANDINT,
EOP_RFC2047,
EOP_RFC2047D,
EOP_RXQUOTE,
{ "dkim_canon_headers", vtype_dkim, (void *)DKIM_CANON_HEADERS },
{ "dkim_copiedheaders", vtype_dkim, (void *)DKIM_COPIEDHEADERS },
{ "dkim_created", vtype_dkim, (void *)DKIM_CREATED },
+ { "dkim_cur_signer", vtype_stringptr, &dkim_cur_signer },
{ "dkim_domain", vtype_stringptr, &dkim_signing_domain },
{ "dkim_expires", vtype_dkim, (void *)DKIM_EXPIRES },
{ "dkim_headernames", vtype_dkim, (void *)DKIM_HEADERNAMES },
+/*************************************************
+* Pseudo-random number generation *
+*************************************************/
+
+/* Pseudo-random number generation. The result is not "expected" to be
+cryptographically strong but not so weak that someone will shoot themselves
+in the foot using it as a nonce in some email header scheme or whatever
+weirdness they'll twist this into. The result should ideally handle fork().
+
+However, if we're stuck unable to provide this, then we'll fall back to
+appallingly bad randomness.
+
+If SUPPORT_TLS is defined and OpenSSL is used, then this will not be used.
+The GNUTLS randomness functions found do not seem amenable to extracting
+random numbers outside of a TLS context. Any volunteers?
+
+Arguments:
+ max range maximum
+Returns a random number in range [0, max-1]
+*/
+
+#if !defined(SUPPORT_TLS) || defined(USE_GNUTLS)
+int
+pseudo_random_number(int max)
+{
+ static pid_t pid = 0;
+ pid_t p2;
+#if defined(HAVE_SRANDOM) && !defined(HAVE_SRANDOMDEV)
+ struct timeval tv;
+#endif
+
+ p2 = getpid();
+ if (p2 != pid)
+ {
+ if (pid != 0)
+ {
+
+#ifdef HAVE_ARC4RANDOM
+ /* cryptographically strong randomness, common on *BSD platforms, not
+ so much elsewhere. Alas. */
+ arc4random_stir();
+#elif defined(HAVE_SRANDOM) || defined(HAVE_SRANDOMDEV)
+#ifdef HAVE_SRANDOMDEV
+ /* uses random(4) for seeding */
+ srandomdev();
+#else
+ gettimeofday(&tv, NULL);
+ srandom(tv.tv_sec | tv.tv_usec | getpid());
+#endif
+#else
+ /* Poor randomness and no seeding here */
+#endif
+
+ }
+ pid = p2;
+ }
+
+#ifdef HAVE_ARC4RANDOM
+ return arc4random() % max;
+#elif defined(HAVE_SRANDOM) || defined(HAVE_SRANDOMDEV)
+ return random() % max;
+#else
+ /* This one returns a 16-bit number, definitely not crypto-strong */
+ return random_number(max);
+#endif
+}
+
+#endif
+
/*************************************************
* Pick out a name from a string *
*************************************************/
continue;
}
+ /* pseudo-random number less than N */
+
+ case EOP_RANDINT:
+ {
+ int max;
+ uschar *s;
+
+ max = expand_string_integer(sub, TRUE);
+ if (expand_string_message != NULL)
+ goto EXPAND_FAILED;
+ s = string_sprintf("%d", pseudo_random_number(max));
+ yield = string_cat(yield, &size, &ptr, s, Ustrlen(s));
+ continue;
+ }
+
/* Unknown operator */
default: