Merge branch 'acl-args' into acl

diff --combined src/src/acl.c
index 84b0609cff4e7ff51d57ee386856b4f64958febc,45be2fd3604f8a52f05b69edc7cafe5caed42b68..5101267c217dc6fdad67c55b5705c0b6e00b662a
--- 1/src/src/acl.c
--- 2/src/src/acl.c
+++ b/src/src/acl.c
@@@ -236,7 -236,7 +236,7 @@@ at the outer level. In the other cases
  checking functions. */
  
  static uschar cond_expand_at_top[] = {
-   TRUE,    /* acl */
+   FALSE,   /* acl */
    TRUE,    /* add_header */
    FALSE,   /* authenticated */
  #ifdef EXPERIMENTAL_BRIGHTMAIL
@@@ -2785,13 -2785,40 +2785,40 @@@ for (; cb != NULL; cb = cb->next
      "discard" verb. */
  
      case ACLC_ACL:
-     rc = acl_check_internal(where, addr, arg, level+1, user_msgptr, log_msgptr);
-     if (rc == DISCARD && verb != ACL_ACCEPT && verb != ACL_DISCARD)
        {
-       *log_msgptr = string_sprintf("nested ACL returned \"discard\" for "
-         "\"%s\" command (only allowed with \"accept\" or \"discard\")",
-         verbs[verb]);
-       return ERROR;
+       uschar * cp = arg;
+       uschar * tmp;
+       uschar * name;
+ 
+       if (!(tmp = string_dequote(&cp)) || !(name = expand_string(tmp)))
+         {
+         if (expand_string_forcedfail) continue;
+         *log_msgptr = string_sprintf("failed to expand ACL string \"%s\": %s",
+           tmp, expand_string_message);
+         return search_find_defer? DEFER : ERROR;
+         }
+ 
+       for (acl_narg = 0; acl_narg < sizeof(acl_arg)/sizeof(*acl_arg); acl_narg++)
+         {
+       while (*cp && isspace(*cp)) cp++;
+       if (!*cp) break;
+       if (!(tmp = string_dequote(&cp)) || !(acl_arg[acl_narg] = expand_string(tmp)))
+           {
+           if (expand_string_forcedfail) continue;
+           *log_msgptr = string_sprintf("failed to expand ACL string \"%s\": %s",
+             arg, expand_string_message);
+           return search_find_defer? DEFER : ERROR;
+           }
+       }
+ 
+       rc = acl_check_internal(where, addr, name, level+1, user_msgptr, log_msgptr);
+       if (rc == DISCARD && verb != ACL_ACCEPT && verb != ACL_DISCARD)
+         {
+         *log_msgptr = string_sprintf("nested ACL returned \"discard\" for "
+           "\"%s\" command (only allowed with \"accept\" or \"discard\")",
+           verbs[verb]);
+         return ERROR;
+         }
        }
      break;
  
@@@ -3863,43 -3890,6 +3890,43 @@@ return FAIL
  }
  
  
 +
 +
 +/* Same args as acl_check_internal() above, but the string s is
 +the name of an ACL followed optionally by up to 9 space-separated arguments.
 +The name and args are separately expanded.  Args go into $acl_arg globals. */
 +int
 +acl_check_args(int where, address_item *addr, uschar *s, int level,
 +  uschar **user_msgptr, uschar **log_msgptr)
 +{
 +uschar * tmp;
 +uschar * name;
 +
 +if (!(tmp = string_dequote(&s)) || !(name = expand_string(tmp)))
 +  goto bad;
 +
 +for (acl_narg = 0; acl_narg < sizeof(acl_arg)/sizeof(*acl_arg); acl_narg++)
 +  {
 +  while (*s && isspace(*s)) s++;
 +  if (!*s) break;
 +  if (!(tmp = string_dequote(&s)) || !(acl_arg[acl_narg] = expand_string(tmp)))
 +    {
 +    tmp = name;
 +    goto bad;
 +    }
 +  }
 +
 +return acl_check_internal(where, addr, name, level+1, user_msgptr, log_msgptr);
 +
 +bad:
 +if (expand_string_forcedfail) return ERROR;
 +*log_msgptr = string_sprintf("failed to expand ACL string \"%s\": %s",
 +  tmp, expand_string_message);
 +return search_find_defer?DEFER:ERROR;
 +}
 +
 +
 +
  /*************************************************
  *        Check access using an ACL               *
  *************************************************/