X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;ds=sidebyside;f=src%2Fsrc%2Fexpand.c;h=1508dcfd8cfaef914e44ffaaf2cb5fb58ce903a8;hb=966e829c812abf574896810d3313247348a6532c;hp=596fb240494f46184121d75240d442b472609b38;hpb=afdb5e9cf07fa49e26e128d8d5d2e3cab7a5fe42;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/src/src/expand.c b/src/src/expand.c index 596fb2404..1508dcfd8 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -660,6 +660,9 @@ static var_entry var_table[] = { { "regex_match_string", vtype_stringptr, ®ex_match_string }, #endif { "reply_address", vtype_reply, NULL }, +#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS) + { "requiretls", vtype_bool, &tls_requiretls }, +#endif { "return_path", vtype_stringptr, &return_path }, { "return_size_limit", vtype_int, &bounce_return_size_limit }, { "router_name", vtype_stringptr, &router_name }, @@ -1680,7 +1683,7 @@ else if (host_lookup_deferred) g = string_catn(g, US";\n\tiprev=temperror", 19); else if (host_lookup_failed) g = string_catn(g, US";\n\tiprev=fail", 13); -else +else return g; if (sender_host_address) @@ -4826,10 +4829,8 @@ while (*s != 0) uschar * server_name = NULL; host_item host; BOOL do_shutdown = TRUE; -#ifdef SUPPORT_TLS - BOOL do_tls = FALSE; - void * tls_ctx = NULL; -#endif + BOOL do_tls = FALSE; /* Only set under SUPPORT_TLS */ + void * tls_ctx = NULL; /* ditto */ blob reqstr; if (expand_forbid & RDO_READSOCK) @@ -4934,8 +4935,9 @@ while (*s != 0) do_tls ? NULL : &reqstr); callout_address = NULL; if (fd < 0) - goto SOCK_FAIL; - if (!do_tls) reqstr.len = 0; + goto SOCK_FAIL; + if (!do_tls) + reqstr.len = 0; } /* Handle a Unix domain socket */ @@ -4981,10 +4983,13 @@ while (*s != 0) #ifdef SUPPORT_TLS if (do_tls) { - tls_support tls_dummy = {0}; + tls_support tls_dummy = {.sni=NULL}; uschar * errstr; - if (!(tls_ctx = tls_client_start(fd, &host, NULL, NULL, NULL, + if (!(tls_ctx = tls_client_start(fd, &host, NULL, NULL, +# ifdef SUPPORT_DANE + NULL, +# endif &tls_dummy, &errstr))) { expand_string_message = string_sprintf("TLS connect failed: %s", errstr); @@ -7138,12 +7143,13 @@ while (*s != 0) { int seq_len = 0, index = 0; int bytes_left = 0; - long codepoint = -1; + long codepoint = -1; + int complete; uschar seq_buff[4]; /* accumulate utf-8 here */ while (*sub != 0) { - int complete = 0; + complete = 0; uschar c = *sub++; if (bytes_left) @@ -7208,6 +7214,13 @@ while (*s != 0) /* ASCII character follows incomplete sequence */ yield = string_catn(yield, &c, 1); } + /* If given a sequence truncated mid-character, we also want to report ? + * Eg, ${length_1:フィル} is one byte, not one character, so we expect + * ${utf8clean:${length_1:フィル}} to yield '?' */ + if (bytes_left != 0) + { + yield = string_catn(yield, UTF8_REPLACEMENT_CHAR, 1); + } continue; } @@ -7949,7 +7962,7 @@ expand_hide_passwords(uschar * s) { return ( ( Ustrstr(s, "failed to expand") != NULL || Ustrstr(s, "expansion of ") != NULL - ) + ) && ( Ustrstr(s, "mysql") != NULL || Ustrstr(s, "pgsql") != NULL || Ustrstr(s, "redis") != NULL @@ -7959,7 +7972,7 @@ return ( ( Ustrstr(s, "failed to expand") != NULL || Ustrstr(s, "ldapi:") != NULL || Ustrstr(s, "ldapdn:") != NULL || Ustrstr(s, "ldapm:") != NULL - ) ) + ) ) ? US"Temporary internal error" : s; }