X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/fd98a5c6771f3a5a686e54370b0525dcc3dca2f9..bd4ece7debfe8926fe99608da6cfe5aaac6a550b:/src/src/readconf.c diff --git a/src/src/readconf.c b/src/src/readconf.c index bba532594..e2d3c518f 100644 --- a/src/src/readconf.c +++ b/src/src/readconf.c @@ -2,7 +2,7 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2012 */ +/* Copyright (c) University of Cambridge 1995 - 2014 */ /* See the file NOTICE for conditions of use and distribution. */ /* Functions for reading the configuration file, and for displaying @@ -11,6 +11,9 @@ implementation of the conditional .ifdef etc. */ #include "exim.h" +static void fn_smtp_receive_timeout(const uschar * name, const uschar * str); + + #define CSTATE_STACK_SIZE 10 @@ -140,7 +143,7 @@ static optionlist optionlist_config[] = { { "acl_smtp_auth", opt_stringptr, &acl_smtp_auth }, { "acl_smtp_connect", opt_stringptr, &acl_smtp_connect }, { "acl_smtp_data", opt_stringptr, &acl_smtp_data }, -#ifdef EXPERIMENTAL_PRDR +#ifndef DISABLE_PRDR { "acl_smtp_data_prdr", opt_stringptr, &acl_smtp_data_prdr }, #endif #ifndef DISABLE_DKIM @@ -211,23 +214,32 @@ static optionlist optionlist_config[] = { { "disable_ipv6", opt_bool, &disable_ipv6 }, #ifndef DISABLE_DKIM { "dkim_verify_signers", opt_stringptr, &dkim_verify_signers }, +#endif +#ifdef EXPERIMENTAL_DMARC + { "dmarc_forensic_sender", opt_stringptr, &dmarc_forensic_sender }, + { "dmarc_history_file", opt_stringptr, &dmarc_history_file }, + { "dmarc_tld_file", opt_stringptr, &dmarc_tld_file }, #endif { "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist }, { "dns_check_names_pattern", opt_stringptr, &check_dns_names_pattern }, { "dns_csa_search_limit", opt_int, &dns_csa_search_limit }, { "dns_csa_use_reverse", opt_bool, &dns_csa_use_reverse }, + { "dns_dnssec_ok", opt_int, &dns_dnssec_ok }, { "dns_ipv4_lookup", opt_stringptr, &dns_ipv4_lookup }, { "dns_retrans", opt_time, &dns_retrans }, { "dns_retry", opt_int, &dns_retry }, - { "dns_use_dnssec", opt_int, &dns_use_dnssec }, { "dns_use_edns0", opt_int, &dns_use_edns0 }, /* This option is now a no-op, retained for compability */ { "drop_cr", opt_bool, &drop_cr }, /*********************************************************/ + { "dsn_advertise_hosts", opt_stringptr, &dsn_advertise_hosts }, { "dsn_from", opt_stringptr, &dsn_from }, { "envelope_to_remove", opt_bool, &envelope_to_remove }, { "errors_copy", opt_stringptr, &errors_copy }, { "errors_reply_to", opt_stringptr, &errors_reply_to }, +#ifdef EXPERIMENTAL_EVENT + { "event_action", opt_stringptr, &event_action }, +#endif { "exim_group", opt_gid, &exim_gid }, { "exim_path", opt_stringptr, &exim_path }, { "exim_user", opt_uid, &exim_uid }, @@ -238,9 +250,10 @@ static optionlist optionlist_config[] = { { "gecos_name", opt_stringptr, &gecos_name }, { "gecos_pattern", opt_stringptr, &gecos_pattern }, #ifdef SUPPORT_TLS + { "gnutls_allow_auto_pkcs11", opt_bool, &gnutls_allow_auto_pkcs11 }, { "gnutls_compat_mode", opt_bool, &gnutls_compat_mode }, - { "gnutls_enable_pkcs11", opt_bool, &gnutls_enable_pkcs11 }, /* These three gnutls_require_* options stopped working in Exim 4.80 */ + /* From 4.83 we log a warning; a future relase will remove them */ { "gnutls_require_kx", opt_stringptr, &gnutls_require_kx }, { "gnutls_require_mac", opt_stringptr, &gnutls_require_mac }, { "gnutls_require_protocols", opt_stringptr, &gnutls_require_proto }, @@ -319,7 +332,7 @@ static optionlist optionlist_config[] = { #endif { "pid_file_path", opt_stringptr, &pid_file_path }, { "pipelining_advertise_hosts", opt_stringptr, &pipelining_advertise_hosts }, -#ifdef EXPERIMENTAL_PRDR +#ifndef DISABLE_PRDR { "prdr_enable", opt_bool, &prdr_enable }, #endif { "preserve_message_logs", opt_bool, &preserve_message_logs }, @@ -327,6 +340,9 @@ static optionlist optionlist_config[] = { { "print_topbitchars", opt_bool, &print_topbitchars }, { "process_log_path", opt_stringptr, &process_log_path }, { "prod_requires_admin", opt_bool, &prod_requires_admin }, +#ifdef EXPERIMENTAL_PROXY + { "proxy_required_hosts", opt_stringptr, &proxy_required_hosts }, +#endif { "qualify_domain", opt_stringptr, &qualify_domain_sender }, { "qualify_recipient", opt_stringptr, &qualify_domain_recipient }, { "queue_domains", opt_stringptr, &queue_domains }, @@ -345,6 +361,9 @@ static optionlist optionlist_config[] = { { "recipient_unqualified_hosts", opt_stringptr, &recipient_unqualified_hosts }, { "recipients_max", opt_int, &recipients_max }, { "recipients_max_reject", opt_bool, &recipients_max_reject }, +#ifdef EXPERIMENTAL_REDIS + { "redis_servers", opt_stringptr, &redis_servers }, +#endif { "remote_max_parallel", opt_int, &remote_max_parallel }, { "remote_sort_domains", opt_stringptr, &remote_sort_domains }, { "retry_data_expire", opt_time, &retry_data_expire }, @@ -376,7 +395,7 @@ static optionlist optionlist_config[] = { { "smtp_ratelimit_hosts", opt_stringptr, &smtp_ratelimit_hosts }, { "smtp_ratelimit_mail", opt_stringptr, &smtp_ratelimit_mail }, { "smtp_ratelimit_rcpt", opt_stringptr, &smtp_ratelimit_rcpt }, - { "smtp_receive_timeout", opt_time, &smtp_receive_timeout }, + { "smtp_receive_timeout", opt_func, &fn_smtp_receive_timeout }, { "smtp_reserve_hosts", opt_stringptr, &smtp_reserve_hosts }, { "smtp_return_error_details",opt_bool, &smtp_return_error_details }, #ifdef WITH_CONTENT_SCAN @@ -425,7 +444,7 @@ static optionlist optionlist_config[] = { { "tls_crl", opt_stringptr, &tls_crl }, { "tls_dh_max_bits", opt_int, &tls_dh_max_bits }, { "tls_dhparam", opt_stringptr, &tls_dhparam }, -# if defined(EXPERIMENTAL_OCSP) && !defined(USE_GNUTLS) +# ifndef DISABLE_OCSP { "tls_ocsp_file", opt_stringptr, &tls_ocsp_file }, # endif { "tls_on_connect_ports", opt_stringptr, &tls_in.on_connect_ports }, @@ -479,7 +498,7 @@ for (i = 0; i < optionlist_config_size; i++) for (r = routers; r != NULL; r = r->next) { router_info *ri = r->info; - for (i = 0; i < ri->options_count[0]; i++) + for (i = 0; i < *ri->options_count; i++) { if ((ri->options[i].type & opt_mask) != opt_stringptr) continue; if (p == (char *)(r->options_block) + (long int)(ri->options[i].value)) @@ -490,11 +509,16 @@ for (r = routers; r != NULL; r = r->next) for (t = transports; t != NULL; t = t->next) { transport_info *ti = t->info; - for (i = 0; i < ti->options_count[0]; i++) + for (i = 0; i < *ti->options_count; i++) { - if ((ti->options[i].type & opt_mask) != opt_stringptr) continue; - if (p == (char *)(t->options_block) + (long int)(ti->options[i].value)) - return US ti->options[i].name; + optionlist * op = &ti->options[i]; + if ((op->type & opt_mask) != opt_stringptr) continue; + if (p == ( op->type & opt_public + ? (char *)t + : (char *)t->options_block + ) + + (long int)op->value) + return US op->name; } } @@ -1006,7 +1030,7 @@ Returns: the time value, or -1 on syntax error */ int -readconf_readtime(uschar *s, int terminator, BOOL return_msec) +readconf_readtime(const uschar *s, int terminator, BOOL return_msec) { int yield = 0; for (;;) @@ -1015,7 +1039,7 @@ for (;;) double fraction; if (!isdigit(*s)) return -1; - (void)sscanf(CS s, "%d%n", &value, &count); + (void)sscanf(CCS s, "%d%n", &value, &count); s += count; switch (*s) @@ -1029,7 +1053,7 @@ for (;;) case '.': if (!return_msec) return -1; - (void)sscanf(CS s, "%lf%n", &fraction, &count); + (void)sscanf(CCS s, "%lf%n", &fraction, &count); s += count; if (*s++ != 's') return -1; yield += (int)(fraction * 1000.0); @@ -1061,7 +1085,7 @@ Returns: the value, or -1 on error */ static int -readconf_readfixed(uschar *s, int terminator) +readconf_readfixed(const uschar *s, int terminator) { int yield = 0; int value, count; @@ -1167,7 +1191,7 @@ Returns: doesn't return; dies */ static void -extra_chars_error(uschar *s, uschar *t1, uschar *t2, uschar *t3) +extra_chars_error(const uschar *s, const uschar *t1, const uschar *t2, const uschar *t3) { uschar *comment = US""; if (*s == '#') comment = US" (# is comment only at line start)"; @@ -1203,7 +1227,7 @@ Returns: the control block for the parsed rule. */ static rewrite_rule * -readconf_one_rewrite(uschar *p, int *existflags, BOOL isglobal) +readconf_one_rewrite(const uschar *p, int *existflags, BOOL isglobal) { rewrite_rule *next = store_get(sizeof(rewrite_rule)); @@ -1309,10 +1333,10 @@ Returns: pointer to the string */ static uschar * -read_string(uschar *s, uschar *name) +read_string(const uschar *s, const uschar *name) { uschar *yield; -uschar *ss; +const uschar *ss; if (*s != '\"') return string_copy(s); @@ -1329,6 +1353,24 @@ return yield; } +/************************************************* +* Custom-handler options * +*************************************************/ +static void +fn_smtp_receive_timeout(const uschar * name, const uschar * str) +{ +if (*str == '$') + smtp_receive_timeout_s = string_copy(str); +else + { + /* "smtp_receive_timeout", opt_time, &smtp_receive_timeout */ + smtp_receive_timeout = readconf_readtime(str, 0, FALSE); + if (smtp_receive_timeout < 0) + log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s", + name); + } +} + /************************************************* * Handle option line * *************************************************/ @@ -1465,7 +1507,7 @@ if (type < opt_bool || type > opt_bool_last) } /* If a boolean wasn't preceded by "no[t]_" it can be followed by = and -true/false/yes/no, or, in the case of opt_expanded_bool, a general string that +true/false/yes/no, or, in the case of opt_expand_bool, a general string that ultimately expands to one of those values. */ else if (*s != 0 && (offset != 0 || *s != '=')) @@ -1551,15 +1593,19 @@ switch (type) Because we only do this once, near process start-up, I'm prepared to let this slide for the time being, even though it rankles. */ } - else if (*str_target && (ol->type & opt_rep_str)) - { - uschar sep = Ustrncmp(name, "headers_add", 11)==0 ? '\n' : ':'; - saved_condition = *str_target; - strtemp = saved_condition + Ustrlen(saved_condition)-1; - if (*strtemp == sep) *strtemp = 0; /* eliminate trailing list-sep */ - strtemp = string_sprintf("%s%c%s", saved_condition, sep, sptr); - *str_target = string_copy_malloc(strtemp); - } + else if (ol->type & opt_rep_str) + { + uschar sep_o = Ustrncmp(name, "headers_add", 11)==0 ? '\n' : ':'; + int sep_i = -(int)sep_o; + const uschar * list = sptr; + uschar * s; + uschar * list_o = *str_target; + + while ((s = string_nextinlist(&list, &sep_i, NULL, 0))) + list_o = string_append_listele(list_o, sep_o, s); + if (list_o) + *str_target = string_copy_malloc(list_o); + } else { *str_target = sptr; @@ -1601,8 +1647,7 @@ switch (type) flagptr = (int *)((uschar *)data_block + (long int)(ol3->value)); } - while ((p = string_nextinlist(&sptr, &sep, big_buffer, BIG_BUFFER_SIZE)) - != NULL) + while ((p = string_nextinlist(CUSS &sptr, &sep, big_buffer, BIG_BUFFER_SIZE))) { rewrite_rule *next = readconf_one_rewrite(p, flagptr, FALSE); *chain = next; @@ -1726,8 +1771,8 @@ switch (type) int count = 1; uid_t *list; int ptr = 0; - uschar *p; - uschar *op = expand_string (sptr); + const uschar *p; + const uschar *op = expand_string (sptr); if (op == NULL) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s", @@ -1767,8 +1812,8 @@ switch (type) int count = 1; gid_t *list; int ptr = 0; - uschar *p; - uschar *op = expand_string (sptr); + const uschar *p; + const uschar *op = expand_string (sptr); if (op == NULL) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s", @@ -2089,9 +2134,15 @@ switch (type) name); if (count > 0 && list[2] == 0) count = 0; list[1] = count; + break; } - break; + case opt_func: + { + void (*fn)() = ol->value; + fn(name, s); + break; + } } return TRUE; @@ -2912,7 +2963,7 @@ readconf_main(void) int sep = 0; struct stat statbuf; uschar *s, *filename; -uschar *list = config_main_filelist; +const uschar *list = config_main_filelist; /* Loop through the possible file names */ @@ -2979,7 +3030,12 @@ file is a serious disaster. */ if (config_file != NULL) { + uschar *p; config_filename = config_main_filename = string_copy(filename); + + p = Ustrrchr(filename, '/'); + config_main_directory = p ? string_copyn(filename, p - filename) + : string_copy(US"."); } else { @@ -3079,7 +3135,7 @@ don't force the case. */ if (primary_hostname == NULL) { - uschar *hostname; + const uschar *hostname; struct utsname uts; if (uname(&uts) < 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "uname() failed to yield host name"); @@ -3092,8 +3148,8 @@ if (primary_hostname == NULL) #if HAVE_IPV6 if (!disable_ipv6 && (dns_ipv4_lookup == NULL || - match_isinlist(hostname, &dns_ipv4_lookup, 0, NULL, NULL, MCL_DOMAIN, - TRUE, NULL) != OK)) + match_isinlist(hostname, CUSS &dns_ipv4_lookup, 0, NULL, NULL, + MCL_DOMAIN, TRUE, NULL) != OK)) af = AF_INET6; #else af = AF_INET; @@ -3153,7 +3209,7 @@ or %M. However, it must NOT contain % followed by anything else. */ if (*log_file_path != 0) { - uschar *ss, *sss; + const uschar *ss, *sss; int sep = ':'; /* Fixed for log file path */ s = expand_string(log_file_path); if (s == NULL) @@ -3353,7 +3409,12 @@ if (openssl_options != NULL) "openssl_options parse error: %s", openssl_options); # endif } -#endif + +if (gnutls_require_kx || gnutls_require_mac || gnutls_require_proto) + log_write(0, LOG_MAIN, "WARNING: main options" + " gnutls_require_kx, gnutls_require_mac and gnutls_require_protocols" + " are obsolete\n"); +#endif /*SUPPORT_TLS*/ } @@ -3635,10 +3696,11 @@ Returns: NULL if decoded correctly; else points to error text */ uschar * -readconf_retry_error(uschar *pp, uschar *p, int *basic_errno, int *more_errno) +readconf_retry_error(const uschar *pp, const uschar *p, + int *basic_errno, int *more_errno) { int len; -uschar *q = pp; +const uschar *q = pp; while (q < p && *q != '_') q++; len = q - pp; @@ -3667,7 +3729,7 @@ else if (len == 7 && strncmpic(pp, US"timeout", len) == 0) { int i; int xlen = p - q - 1; - uschar *x = q + 1; + const uschar *x = q + 1; static uschar *extras[] = { US"A", US"MX", US"connect", US"connect_A", US"connect_MX" }; @@ -3675,24 +3737,19 @@ else if (len == 7 && strncmpic(pp, US"timeout", len) == 0) { 'A', 'M', RTEF_CTOUT, RTEF_CTOUT|'A', RTEF_CTOUT|'M' }; for (i = 0; i < sizeof(extras)/sizeof(uschar *); i++) - { if (strncmpic(x, extras[i], xlen) == 0) { *more_errno = values[i]; break; } - } if (i >= sizeof(extras)/sizeof(uschar *)) - { if (strncmpic(x, US"DNS", xlen) == 0) - { log_write(0, LOG_MAIN|LOG_PANIC, "\"timeout_dns\" is no longer " "available in retry rules (it has never worked) - treated as " "\"timeout\""); - } - else return US"\"A\", \"MX\", or \"connect\" expected after \"timeout\""; - } + else + return US"\"A\", \"MX\", or \"connect\" expected after \"timeout\""; } } @@ -3719,8 +3776,8 @@ else if (strncmpic(pp, US"mail_4", 6) == 0 || return string_sprintf("%.4s_4 must be followed by xx, dx, or dd, where " "x is literal and d is any digit", pp); - *basic_errno = (*pp == 'm')? ERRNO_MAIL4XX : - (*pp == 'r')? ERRNO_RCPT4XX : ERRNO_DATA4XX; + *basic_errno = *pp == 'm' ? ERRNO_MAIL4XX : + *pp == 'r' ? ERRNO_RCPT4XX : ERRNO_DATA4XX; *more_errno = x << 8; } @@ -3734,6 +3791,9 @@ else if (strncmpic(pp, US"lost_connection", p - pp) == 0) else if (strncmpic(pp, US"tls_required", p - pp) == 0) *basic_errno = ERRNO_TLSREQUIRED; +else if (strncmpic(pp, US"lookup", p - pp) == 0) + *basic_errno = ERRNO_UNKNOWNHOST; + else if (len != 1 || Ustrncmp(pp, "*", 1) != 0) return string_sprintf("unknown or malformed retry error \"%.*s\"", (int) (p-pp), pp); @@ -3771,10 +3831,10 @@ Returns: time in seconds or fixed point number * 1000 */ static int -retry_arg(uschar **paddr, int type) +retry_arg(const uschar **paddr, int type) { -uschar *p = *paddr; -uschar *pp; +const uschar *p = *paddr; +const uschar *pp; if (*p++ != ',') log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "comma expected"); @@ -3788,10 +3848,8 @@ if (*p != 0 && !isspace(*p) && *p != ',' && *p != ';') *paddr = p; switch (type) { - case 0: - return readconf_readtime(pp, *p, FALSE); - case 1: - return readconf_readfixed(pp, *p); + case 0: return readconf_readtime(pp, *p, FALSE); + case 1: return readconf_readfixed(pp, *p); } return 0; /* Keep picky compilers happy */ } @@ -3803,12 +3861,13 @@ readconf_retries(void) { retry_config **chain = &retries; retry_config *next; -uschar *p; +const uschar *p; -while ((p = get_config_line()) != NULL) +while ((p = get_config_line())) { retry_rule **rchain; - uschar *pp, *error; + const uschar *pp; + uschar *error; next = store_get(sizeof(retry_config)); next->next = NULL; @@ -3824,12 +3883,12 @@ while ((p = get_config_line()) != NULL) pp = p; while (mac_isgraph(*p)) p++; if (p - pp <= 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, - "missing error type"); + "missing error type in retry rule"); /* Test error names for things we understand. */ - if ((error = readconf_retry_error(pp, p, &(next->basic_errno), - &(next->more_errno))) != NULL) + if ((error = readconf_retry_error(pp, p, &next->basic_errno, + &next->more_errno))) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%s", error); /* There may be an optional address list of senders to be used as another @@ -3866,18 +3925,18 @@ while ((p = get_config_line()) != NULL) switch (rule->rule) { case 'F': /* Fixed interval */ - rule->p1 = retry_arg(&p, 0); - break; + rule->p1 = retry_arg(&p, 0); + break; case 'G': /* Geometrically increasing intervals */ case 'H': /* Ditto, but with randomness */ - rule->p1 = retry_arg(&p, 0); - rule->p2 = retry_arg(&p, 1); - break; + rule->p1 = retry_arg(&p, 0); + rule->p2 = retry_arg(&p, 1); + break; default: - log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "unknown retry rule letter"); - break; + log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "unknown retry rule letter"); + break; } if (rule->timeout <= 0 || rule->p1 <= 0 || @@ -3967,27 +4026,15 @@ return acl_line; /* Now the main function: -Arguments: - skip TRUE when this Exim process is doing something that will - not need the ACL data - +Arguments: none Returns: nothing */ static void -readconf_acl(BOOL skip) +readconf_acl(void) { uschar *p; -/* Not receiving messages, don't need to parse the ACL data */ - -if (skip) - { - DEBUG(D_acl) debug_printf("skipping ACL configuration - not needed\n"); - while ((p = get_config_line()) != NULL); - return; - } - /* Read each ACL and add it into the tree. Macro (re)definitions are allowed between ACLs. */ @@ -4072,9 +4119,7 @@ Because it may confuse people as to whether the names are singular or plural, we add "s" if it's missing. There is always enough room in next_section for this. This function is basically just a switch. -Arguments: - skip_acl TRUE if ACL information is not needed - +Arguments: none Returns: nothing */ @@ -4088,7 +4133,7 @@ static uschar *section_list[] = { US"transports"}; void -readconf_rest(BOOL skip_acl) +readconf_rest(void) { int had = 0; @@ -4121,7 +4166,7 @@ while(next_section[0] != 0) switch(mid) { - case 0: readconf_acl(skip_acl); break; + case 0: readconf_acl(); break; case 1: auths_init(); break; case 2: local_scan_init(); break; case 3: readconf_retries(); break; @@ -4134,4 +4179,6 @@ while(next_section[0] != 0) (void)fclose(config_file); } +/* vi: aw ai sw=2 +*/ /* End of readconf.c */