Debug: indent builtin-DB operations

[user/henk/code/exim.git] / src / src / expand.c

diff --git a/src/src/expand.c b/src/src/expand.c
index 596fb240494f46184121d75240d442b472609b38..1508dcfd8cfaef914e44ffaaf2cb5fb58ce903a8 100644 (file)
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -660,6 +660,9 @@ static var_entry var_table[] = {
   { "regex_match_string",  vtype_stringptr,   &regex_match_string },
 #endif
   { "reply_address",       vtype_reply,       NULL },
+#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
+  { "requiretls",          vtype_bool,        &tls_requiretls },
+#endif
   { "return_path",         vtype_stringptr,   &return_path },
   { "return_size_limit",   vtype_int,         &bounce_return_size_limit },
   { "router_name",         vtype_stringptr,   &router_name },
@@ -1680,7 +1683,7 @@ else if (host_lookup_deferred)
   g = string_catn(g, US";\n\tiprev=temperror", 19);
 else if (host_lookup_failed)
   g = string_catn(g, US";\n\tiprev=fail", 13);
-else 
+else
   return g;
 
 if (sender_host_address)
@@ -4826,10 +4829,8 @@ while (*s != 0)
       uschar * server_name = NULL;
       host_item host;
       BOOL do_shutdown = TRUE;
-#ifdef SUPPORT_TLS
-      BOOL do_tls = FALSE;
-      void * tls_ctx = NULL;
-#endif
+      BOOL do_tls = FALSE;     /* Only set under SUPPORT_TLS */
+      void * tls_ctx = NULL;   /* ditto                      */
       blob reqstr;
 
       if (expand_forbid & RDO_READSOCK)
@@ -4934,8 +4935,9 @@ while (*s != 0)
                  do_tls ? NULL : &reqstr);
          callout_address = NULL;
          if (fd < 0)
-              goto SOCK_FAIL;
-         if (!do_tls) reqstr.len = 0;
+           goto SOCK_FAIL;
+         if (!do_tls)
+           reqstr.len = 0;
           }
 
         /* Handle a Unix domain socket */
@@ -4981,10 +4983,13 @@ while (*s != 0)
 #ifdef SUPPORT_TLS
        if (do_tls)
          {
-         tls_support tls_dummy = {0};
+         tls_support tls_dummy = {.sni=NULL};
          uschar * errstr;
 
-         if (!(tls_ctx = tls_client_start(fd, &host, NULL, NULL, NULL,
+         if (!(tls_ctx = tls_client_start(fd, &host, NULL, NULL,
+# ifdef SUPPORT_DANE
+                               NULL,
+# endif
                                &tls_dummy, &errstr)))
            {
            expand_string_message = string_sprintf("TLS connect failed: %s", errstr);
@@ -7138,12 +7143,13 @@ while (*s != 0)
         {
         int seq_len = 0, index = 0;
         int bytes_left = 0;
-       long codepoint = -1;
+        long codepoint = -1;
+        int complete;
         uschar seq_buff[4];                    /* accumulate utf-8 here */
 
         while (*sub != 0)
          {
-         int complete = 0;
+         complete = 0;
          uschar c = *sub++;
 
          if (bytes_left)
@@ -7208,6 +7214,13 @@ while (*s != 0)
                        /* ASCII character follows incomplete sequence */
              yield = string_catn(yield, &c, 1);
          }
+        /* If given a sequence truncated mid-character, we also want to report ?
+        * Eg, ${length_1:フィル} is one byte, not one character, so we expect
+        * ${utf8clean:${length_1:フィル}} to yield '?' */
+        if (bytes_left != 0)
+          {
+          yield = string_catn(yield, UTF8_REPLACEMENT_CHAR, 1);
+          }
         continue;
         }
 
@@ -7949,7 +7962,7 @@ expand_hide_passwords(uschar * s)
 {
 return (  (  Ustrstr(s, "failed to expand") != NULL
          || Ustrstr(s, "expansion of ")    != NULL
-         ) 
+         )
        && (  Ustrstr(s, "mysql")   != NULL
          || Ustrstr(s, "pgsql")   != NULL
          || Ustrstr(s, "redis")   != NULL
@@ -7959,7 +7972,7 @@ return (  (  Ustrstr(s, "failed to expand") != NULL
          || Ustrstr(s, "ldapi:")  != NULL
          || Ustrstr(s, "ldapdn:") != NULL
          || Ustrstr(s, "ldapm:")  != NULL
-       )  ) 
+       )  )
   ? US"Temporary internal error" : s;
 }