1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) University of Cambridge 1995 - 2016 */
6 /* See the file NOTICE for conditions of use and distribution. */
8 /* Functions for reading the configuration file, and for displaying
9 overall configuration values. Thanks to Brian Candler for the original
10 implementation of the conditional .ifdef etc. */
14 extern char **environ;
16 static void fn_smtp_receive_timeout(const uschar * name, const uschar * str);
17 static void save_config_line(const uschar* line);
18 static void save_config_position(const uschar *file, int line);
19 static void print_config(BOOL admin, BOOL terse);
20 static void readconf_options_auths(void);
23 #define CSTATE_STACK_SIZE 10
26 /* Structure for chain (stack) of .included files */
28 typedef struct config_file_item {
29 struct config_file_item *next;
35 /* Structure for chain of configuration lines (-bP config) */
37 typedef struct config_line_item {
38 struct config_line_item *next;
42 static config_line_item* config_lines;
44 /* Structure of table of conditional words and their state transitions */
46 typedef struct cond_item {
54 /* Structure of table of syslog facility names and values */
56 typedef struct syslog_fac_item {
62 static const char * const hidden = "<value not displayable>";
64 /* Static variables */
66 static config_file_item *config_file_stack = NULL; /* For includes */
68 static uschar *syslog_facility_str = NULL;
69 static uschar next_section[24];
70 static uschar time_buffer[24];
72 /* State variables for conditional loading (.ifdef / .else / .endif) */
74 static int cstate = 0;
75 static int cstate_stack_ptr = -1;
76 static int cstate_stack[CSTATE_STACK_SIZE];
78 /* Table of state transitions for handling conditional inclusions. There are
79 four possible state transitions:
83 .elifdef true (or .else)
86 .endif just causes the previous cstate to be popped off the stack */
88 static int next_cstate[3][4] =
90 /* State 0: reading from file, or reading until next .else or .endif */
92 /* State 1: condition failed, skipping until next .else or .endif */
94 /* State 2: skipping until .endif */
98 /* Table of conditionals and the states to set. For each name, there are four
99 values: the length of the name (to save computing it each time), the state to
100 set if a macro was found in the line, the state to set if a macro was not found
101 in the line, and a stack manipulation setting which is:
103 -1 pull state value off the stack
104 0 don't alter the stack
105 +1 push value onto stack, before setting new state
108 static cond_item cond_list[] = {
109 { US"ifdef", 5, 0, 1, 1 },
110 { US"ifndef", 6, 1, 0, 1 },
111 { US"elifdef", 7, 2, 3, 0 },
112 { US"elifndef", 8, 3, 2, 0 },
113 { US"else", 4, 2, 2, 0 },
114 { US"endif", 5, 0, 0, -1 }
117 static int cond_list_size = sizeof(cond_list)/sizeof(cond_item);
119 /* Table of syslog facility names and their values */
121 static syslog_fac_item syslog_list[] = {
122 { US"mail", LOG_MAIL },
123 { US"user", LOG_USER },
124 { US"news", LOG_NEWS },
125 { US"uucp", LOG_UUCP },
126 { US"local0", LOG_LOCAL0 },
127 { US"local1", LOG_LOCAL1 },
128 { US"local2", LOG_LOCAL2 },
129 { US"local3", LOG_LOCAL3 },
130 { US"local4", LOG_LOCAL4 },
131 { US"local5", LOG_LOCAL5 },
132 { US"local6", LOG_LOCAL6 },
133 { US"local7", LOG_LOCAL7 },
134 { US"daemon", LOG_DAEMON }
137 static int syslog_list_size = sizeof(syslog_list)/sizeof(syslog_fac_item);
142 /*************************************************
143 * Main configuration options *
144 *************************************************/
146 /* The list of options that can be set in the main configuration file. This
147 must be in alphabetic order because it is searched by binary chop. */
149 static optionlist optionlist_config[] = {
150 { "*set_exim_group", opt_bool|opt_hidden, &exim_gid_set },
151 { "*set_exim_user", opt_bool|opt_hidden, &exim_uid_set },
152 { "*set_system_filter_group", opt_bool|opt_hidden, &system_filter_gid_set },
153 { "*set_system_filter_user", opt_bool|opt_hidden, &system_filter_uid_set },
154 { "accept_8bitmime", opt_bool, &accept_8bitmime },
155 { "acl_not_smtp", opt_stringptr, &acl_not_smtp },
156 #ifdef WITH_CONTENT_SCAN
157 { "acl_not_smtp_mime", opt_stringptr, &acl_not_smtp_mime },
159 { "acl_not_smtp_start", opt_stringptr, &acl_not_smtp_start },
160 { "acl_smtp_auth", opt_stringptr, &acl_smtp_auth },
161 { "acl_smtp_connect", opt_stringptr, &acl_smtp_connect },
162 { "acl_smtp_data", opt_stringptr, &acl_smtp_data },
164 { "acl_smtp_data_prdr", opt_stringptr, &acl_smtp_data_prdr },
167 { "acl_smtp_dkim", opt_stringptr, &acl_smtp_dkim },
169 { "acl_smtp_etrn", opt_stringptr, &acl_smtp_etrn },
170 { "acl_smtp_expn", opt_stringptr, &acl_smtp_expn },
171 { "acl_smtp_helo", opt_stringptr, &acl_smtp_helo },
172 { "acl_smtp_mail", opt_stringptr, &acl_smtp_mail },
173 { "acl_smtp_mailauth", opt_stringptr, &acl_smtp_mailauth },
174 #ifdef WITH_CONTENT_SCAN
175 { "acl_smtp_mime", opt_stringptr, &acl_smtp_mime },
177 { "acl_smtp_notquit", opt_stringptr, &acl_smtp_notquit },
178 { "acl_smtp_predata", opt_stringptr, &acl_smtp_predata },
179 { "acl_smtp_quit", opt_stringptr, &acl_smtp_quit },
180 { "acl_smtp_rcpt", opt_stringptr, &acl_smtp_rcpt },
182 { "acl_smtp_starttls", opt_stringptr, &acl_smtp_starttls },
184 { "acl_smtp_vrfy", opt_stringptr, &acl_smtp_vrfy },
185 { "add_environment", opt_stringptr, &add_environment },
186 { "admin_groups", opt_gidlist, &admin_groups },
187 { "allow_domain_literals", opt_bool, &allow_domain_literals },
188 { "allow_mx_to_ip", opt_bool, &allow_mx_to_ip },
189 { "allow_utf8_domains", opt_bool, &allow_utf8_domains },
190 { "auth_advertise_hosts", opt_stringptr, &auth_advertise_hosts },
191 { "auto_thaw", opt_time, &auto_thaw },
192 #ifdef WITH_CONTENT_SCAN
193 { "av_scanner", opt_stringptr, &av_scanner },
195 { "bi_command", opt_stringptr, &bi_command },
196 #ifdef EXPERIMENTAL_BRIGHTMAIL
197 { "bmi_config_file", opt_stringptr, &bmi_config_file },
199 { "bounce_message_file", opt_stringptr, &bounce_message_file },
200 { "bounce_message_text", opt_stringptr, &bounce_message_text },
201 { "bounce_return_body", opt_bool, &bounce_return_body },
202 { "bounce_return_linesize_limit", opt_mkint, &bounce_return_linesize_limit },
203 { "bounce_return_message", opt_bool, &bounce_return_message },
204 { "bounce_return_size_limit", opt_mkint, &bounce_return_size_limit },
205 { "bounce_sender_authentication",opt_stringptr,&bounce_sender_authentication },
206 { "callout_domain_negative_expire", opt_time, &callout_cache_domain_negative_expire },
207 { "callout_domain_positive_expire", opt_time, &callout_cache_domain_positive_expire },
208 { "callout_negative_expire", opt_time, &callout_cache_negative_expire },
209 { "callout_positive_expire", opt_time, &callout_cache_positive_expire },
210 { "callout_random_local_part",opt_stringptr, &callout_random_local_part },
211 { "check_log_inodes", opt_int, &check_log_inodes },
212 { "check_log_space", opt_Kint, &check_log_space },
213 { "check_rfc2047_length", opt_bool, &check_rfc2047_length },
214 { "check_spool_inodes", opt_int, &check_spool_inodes },
215 { "check_spool_space", opt_Kint, &check_spool_space },
216 { "chunking_advertise_hosts", opt_stringptr, &chunking_advertise_hosts },
217 { "daemon_smtp_port", opt_stringptr|opt_hidden, &daemon_smtp_port },
218 { "daemon_smtp_ports", opt_stringptr, &daemon_smtp_port },
219 { "daemon_startup_retries", opt_int, &daemon_startup_retries },
220 { "daemon_startup_sleep", opt_time, &daemon_startup_sleep },
221 #ifdef EXPERIMENTAL_DCC
222 { "dcc_direct_add_header", opt_bool, &dcc_direct_add_header },
223 { "dccifd_address", opt_stringptr, &dccifd_address },
224 { "dccifd_options", opt_stringptr, &dccifd_options },
226 { "delay_warning", opt_timelist, &delay_warning },
227 { "delay_warning_condition", opt_stringptr, &delay_warning_condition },
228 { "deliver_drop_privilege", opt_bool, &deliver_drop_privilege },
229 { "deliver_queue_load_max", opt_fixed, &deliver_queue_load_max },
230 { "delivery_date_remove", opt_bool, &delivery_date_remove },
231 #ifdef ENABLE_DISABLE_FSYNC
232 { "disable_fsync", opt_bool, &disable_fsync },
234 { "disable_ipv6", opt_bool, &disable_ipv6 },
236 { "dkim_verify_signers", opt_stringptr, &dkim_verify_signers },
238 #ifdef EXPERIMENTAL_DMARC
239 { "dmarc_forensic_sender", opt_stringptr, &dmarc_forensic_sender },
240 { "dmarc_history_file", opt_stringptr, &dmarc_history_file },
241 { "dmarc_tld_file", opt_stringptr, &dmarc_tld_file },
243 { "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist },
244 { "dns_check_names_pattern", opt_stringptr, &check_dns_names_pattern },
245 { "dns_csa_search_limit", opt_int, &dns_csa_search_limit },
246 { "dns_csa_use_reverse", opt_bool, &dns_csa_use_reverse },
247 { "dns_dnssec_ok", opt_int, &dns_dnssec_ok },
248 { "dns_ipv4_lookup", opt_stringptr, &dns_ipv4_lookup },
249 { "dns_retrans", opt_time, &dns_retrans },
250 { "dns_retry", opt_int, &dns_retry },
251 { "dns_trust_aa", opt_stringptr, &dns_trust_aa },
252 { "dns_use_edns0", opt_int, &dns_use_edns0 },
253 /* This option is now a no-op, retained for compability */
254 { "drop_cr", opt_bool, &drop_cr },
255 /*********************************************************/
256 { "dsn_advertise_hosts", opt_stringptr, &dsn_advertise_hosts },
257 { "dsn_from", opt_stringptr, &dsn_from },
258 { "envelope_to_remove", opt_bool, &envelope_to_remove },
259 { "errors_copy", opt_stringptr, &errors_copy },
260 { "errors_reply_to", opt_stringptr, &errors_reply_to },
261 #ifndef DISABLE_EVENT
262 { "event_action", opt_stringptr, &event_action },
264 { "exim_group", opt_gid, &exim_gid },
265 { "exim_path", opt_stringptr, &exim_path },
266 { "exim_user", opt_uid, &exim_uid },
267 { "extra_local_interfaces", opt_stringptr, &extra_local_interfaces },
268 { "extract_addresses_remove_arguments", opt_bool, &extract_addresses_remove_arguments },
269 { "finduser_retries", opt_int, &finduser_retries },
270 { "freeze_tell", opt_stringptr, &freeze_tell },
271 { "gecos_name", opt_stringptr, &gecos_name },
272 { "gecos_pattern", opt_stringptr, &gecos_pattern },
274 { "gnutls_allow_auto_pkcs11", opt_bool, &gnutls_allow_auto_pkcs11 },
275 { "gnutls_compat_mode", opt_bool, &gnutls_compat_mode },
277 { "header_line_maxsize", opt_int, &header_line_maxsize },
278 { "header_maxsize", opt_int, &header_maxsize },
279 { "headers_charset", opt_stringptr, &headers_charset },
280 { "helo_accept_junk_hosts", opt_stringptr, &helo_accept_junk_hosts },
281 { "helo_allow_chars", opt_stringptr, &helo_allow_chars },
282 { "helo_lookup_domains", opt_stringptr, &helo_lookup_domains },
283 { "helo_try_verify_hosts", opt_stringptr, &helo_try_verify_hosts },
284 { "helo_verify_hosts", opt_stringptr, &helo_verify_hosts },
285 { "hold_domains", opt_stringptr, &hold_domains },
286 { "host_lookup", opt_stringptr, &host_lookup },
287 { "host_lookup_order", opt_stringptr, &host_lookup_order },
288 { "host_reject_connection", opt_stringptr, &host_reject_connection },
289 { "hosts_connection_nolog", opt_stringptr, &hosts_connection_nolog },
291 { "hosts_proxy", opt_stringptr, &hosts_proxy },
293 { "hosts_treat_as_local", opt_stringptr, &hosts_treat_as_local },
295 { "ibase_servers", opt_stringptr, &ibase_servers },
297 { "ignore_bounce_errors_after", opt_time, &ignore_bounce_errors_after },
298 { "ignore_fromline_hosts", opt_stringptr, &ignore_fromline_hosts },
299 { "ignore_fromline_local", opt_bool, &ignore_fromline_local },
300 { "keep_environment", opt_stringptr, &keep_environment },
301 { "keep_malformed", opt_time, &keep_malformed },
303 { "ldap_ca_cert_dir", opt_stringptr, &eldap_ca_cert_dir },
304 { "ldap_ca_cert_file", opt_stringptr, &eldap_ca_cert_file },
305 { "ldap_cert_file", opt_stringptr, &eldap_cert_file },
306 { "ldap_cert_key", opt_stringptr, &eldap_cert_key },
307 { "ldap_cipher_suite", opt_stringptr, &eldap_cipher_suite },
308 { "ldap_default_servers", opt_stringptr, &eldap_default_servers },
309 { "ldap_require_cert", opt_stringptr, &eldap_require_cert },
310 { "ldap_start_tls", opt_bool, &eldap_start_tls },
311 { "ldap_version", opt_int, &eldap_version },
313 { "local_from_check", opt_bool, &local_from_check },
314 { "local_from_prefix", opt_stringptr, &local_from_prefix },
315 { "local_from_suffix", opt_stringptr, &local_from_suffix },
316 { "local_interfaces", opt_stringptr, &local_interfaces },
317 { "local_scan_timeout", opt_time, &local_scan_timeout },
318 { "local_sender_retain", opt_bool, &local_sender_retain },
319 { "localhost_number", opt_stringptr, &host_number_string },
320 { "log_file_path", opt_stringptr, &log_file_path },
321 { "log_selector", opt_stringptr, &log_selector_string },
322 { "log_timezone", opt_bool, &log_timezone },
323 { "lookup_open_max", opt_int, &lookup_open_max },
324 { "max_username_length", opt_int, &max_username_length },
325 { "message_body_newlines", opt_bool, &message_body_newlines },
326 { "message_body_visible", opt_mkint, &message_body_visible },
327 { "message_id_header_domain", opt_stringptr, &message_id_domain },
328 { "message_id_header_text", opt_stringptr, &message_id_text },
329 { "message_logs", opt_bool, &message_logs },
330 { "message_size_limit", opt_stringptr, &message_size_limit },
331 #ifdef SUPPORT_MOVE_FROZEN_MESSAGES
332 { "move_frozen_messages", opt_bool, &move_frozen_messages },
334 { "mua_wrapper", opt_bool, &mua_wrapper },
336 { "mysql_servers", opt_stringptr, &mysql_servers },
338 { "never_users", opt_uidlist, &never_users },
340 { "openssl_options", opt_stringptr, &openssl_options },
343 { "oracle_servers", opt_stringptr, &oracle_servers },
345 { "percent_hack_domains", opt_stringptr, &percent_hack_domains },
347 { "perl_at_start", opt_bool, &opt_perl_at_start },
348 { "perl_startup", opt_stringptr, &opt_perl_startup },
349 { "perl_taintmode", opt_bool, &opt_perl_taintmode },
352 { "pgsql_servers", opt_stringptr, &pgsql_servers },
354 { "pid_file_path", opt_stringptr, &pid_file_path },
355 { "pipelining_advertise_hosts", opt_stringptr, &pipelining_advertise_hosts },
357 { "prdr_enable", opt_bool, &prdr_enable },
359 { "preserve_message_logs", opt_bool, &preserve_message_logs },
360 { "primary_hostname", opt_stringptr, &primary_hostname },
361 { "print_topbitchars", opt_bool, &print_topbitchars },
362 { "process_log_path", opt_stringptr, &process_log_path },
363 { "prod_requires_admin", opt_bool, &prod_requires_admin },
364 { "qualify_domain", opt_stringptr, &qualify_domain_sender },
365 { "qualify_recipient", opt_stringptr, &qualify_domain_recipient },
366 { "queue_domains", opt_stringptr, &queue_domains },
367 { "queue_list_requires_admin",opt_bool, &queue_list_requires_admin },
368 { "queue_only", opt_bool, &queue_only },
369 { "queue_only_file", opt_stringptr, &queue_only_file },
370 { "queue_only_load", opt_fixed, &queue_only_load },
371 { "queue_only_load_latch", opt_bool, &queue_only_load_latch },
372 { "queue_only_override", opt_bool, &queue_only_override },
373 { "queue_run_in_order", opt_bool, &queue_run_in_order },
374 { "queue_run_max", opt_stringptr, &queue_run_max },
375 { "queue_smtp_domains", opt_stringptr, &queue_smtp_domains },
376 { "receive_timeout", opt_time, &receive_timeout },
377 { "received_header_text", opt_stringptr, &received_header_text },
378 { "received_headers_max", opt_int, &received_headers_max },
379 { "recipient_unqualified_hosts", opt_stringptr, &recipient_unqualified_hosts },
380 { "recipients_max", opt_int, &recipients_max },
381 { "recipients_max_reject", opt_bool, &recipients_max_reject },
383 { "redis_servers", opt_stringptr, &redis_servers },
385 { "remote_max_parallel", opt_int, &remote_max_parallel },
386 { "remote_sort_domains", opt_stringptr, &remote_sort_domains },
387 { "retry_data_expire", opt_time, &retry_data_expire },
388 { "retry_interval_max", opt_time, &retry_interval_max },
389 { "return_path_remove", opt_bool, &return_path_remove },
390 { "return_size_limit", opt_mkint|opt_hidden, &bounce_return_size_limit },
391 { "rfc1413_hosts", opt_stringptr, &rfc1413_hosts },
392 { "rfc1413_query_timeout", opt_time, &rfc1413_query_timeout },
393 { "sender_unqualified_hosts", opt_stringptr, &sender_unqualified_hosts },
394 { "slow_lookup_log", opt_int, &slow_lookup_log },
395 { "smtp_accept_keepalive", opt_bool, &smtp_accept_keepalive },
396 { "smtp_accept_max", opt_int, &smtp_accept_max },
397 { "smtp_accept_max_nonmail", opt_int, &smtp_accept_max_nonmail },
398 { "smtp_accept_max_nonmail_hosts", opt_stringptr, &smtp_accept_max_nonmail_hosts },
399 { "smtp_accept_max_per_connection", opt_int, &smtp_accept_max_per_connection },
400 { "smtp_accept_max_per_host", opt_stringptr, &smtp_accept_max_per_host },
401 { "smtp_accept_queue", opt_int, &smtp_accept_queue },
402 { "smtp_accept_queue_per_connection", opt_int, &smtp_accept_queue_per_connection },
403 { "smtp_accept_reserve", opt_int, &smtp_accept_reserve },
404 { "smtp_active_hostname", opt_stringptr, &raw_active_hostname },
405 { "smtp_banner", opt_stringptr, &smtp_banner },
406 { "smtp_check_spool_space", opt_bool, &smtp_check_spool_space },
407 { "smtp_connect_backlog", opt_int, &smtp_connect_backlog },
408 { "smtp_enforce_sync", opt_bool, &smtp_enforce_sync },
409 { "smtp_etrn_command", opt_stringptr, &smtp_etrn_command },
410 { "smtp_etrn_serialize", opt_bool, &smtp_etrn_serialize },
411 { "smtp_load_reserve", opt_fixed, &smtp_load_reserve },
412 { "smtp_max_synprot_errors", opt_int, &smtp_max_synprot_errors },
413 { "smtp_max_unknown_commands",opt_int, &smtp_max_unknown_commands },
414 { "smtp_ratelimit_hosts", opt_stringptr, &smtp_ratelimit_hosts },
415 { "smtp_ratelimit_mail", opt_stringptr, &smtp_ratelimit_mail },
416 { "smtp_ratelimit_rcpt", opt_stringptr, &smtp_ratelimit_rcpt },
417 { "smtp_receive_timeout", opt_func, &fn_smtp_receive_timeout },
418 { "smtp_reserve_hosts", opt_stringptr, &smtp_reserve_hosts },
419 { "smtp_return_error_details",opt_bool, &smtp_return_error_details },
421 { "smtputf8_advertise_hosts", opt_stringptr, &smtputf8_advertise_hosts },
423 #ifdef WITH_CONTENT_SCAN
424 { "spamd_address", opt_stringptr, &spamd_address },
426 #ifdef EXPERIMENTAL_SPF
427 { "spf_guess", opt_stringptr, &spf_guess },
429 { "split_spool_directory", opt_bool, &split_spool_directory },
430 { "spool_directory", opt_stringptr, &spool_directory },
432 { "sqlite_lock_timeout", opt_int, &sqlite_lock_timeout },
434 #ifdef EXPERIMENTAL_SRS
435 { "srs_config", opt_stringptr, &srs_config },
436 { "srs_hashlength", opt_int, &srs_hashlength },
437 { "srs_hashmin", opt_int, &srs_hashmin },
438 { "srs_maxage", opt_int, &srs_maxage },
439 { "srs_secrets", opt_stringptr, &srs_secrets },
440 { "srs_usehash", opt_bool, &srs_usehash },
441 { "srs_usetimestamp", opt_bool, &srs_usetimestamp },
443 { "strict_acl_vars", opt_bool, &strict_acl_vars },
444 { "strip_excess_angle_brackets", opt_bool, &strip_excess_angle_brackets },
445 { "strip_trailing_dot", opt_bool, &strip_trailing_dot },
446 { "syslog_duplication", opt_bool, &syslog_duplication },
447 { "syslog_facility", opt_stringptr, &syslog_facility_str },
448 { "syslog_processname", opt_stringptr, &syslog_processname },
449 { "syslog_timestamp", opt_bool, &syslog_timestamp },
450 { "system_filter", opt_stringptr, &system_filter },
451 { "system_filter_directory_transport", opt_stringptr,&system_filter_directory_transport },
452 { "system_filter_file_transport",opt_stringptr,&system_filter_file_transport },
453 { "system_filter_group", opt_gid, &system_filter_gid },
454 { "system_filter_pipe_transport",opt_stringptr,&system_filter_pipe_transport },
455 { "system_filter_reply_transport",opt_stringptr,&system_filter_reply_transport },
456 { "system_filter_user", opt_uid, &system_filter_uid },
457 { "tcp_nodelay", opt_bool, &tcp_nodelay },
458 #ifdef USE_TCP_WRAPPERS
459 { "tcp_wrappers_daemon_name", opt_stringptr, &tcp_wrappers_daemon_name },
461 { "timeout_frozen_after", opt_time, &timeout_frozen_after },
462 { "timezone", opt_stringptr, &timezone_string },
463 { "tls_advertise_hosts", opt_stringptr, &tls_advertise_hosts },
465 { "tls_certificate", opt_stringptr, &tls_certificate },
466 { "tls_crl", opt_stringptr, &tls_crl },
467 { "tls_dh_max_bits", opt_int, &tls_dh_max_bits },
468 { "tls_dhparam", opt_stringptr, &tls_dhparam },
469 { "tls_eccurve", opt_stringptr, &tls_eccurve },
470 # ifndef DISABLE_OCSP
471 { "tls_ocsp_file", opt_stringptr, &tls_ocsp_file },
473 { "tls_on_connect_ports", opt_stringptr, &tls_in.on_connect_ports },
474 { "tls_privatekey", opt_stringptr, &tls_privatekey },
475 { "tls_remember_esmtp", opt_bool, &tls_remember_esmtp },
476 { "tls_require_ciphers", opt_stringptr, &tls_require_ciphers },
477 { "tls_try_verify_hosts", opt_stringptr, &tls_try_verify_hosts },
478 { "tls_verify_certificates", opt_stringptr, &tls_verify_certificates },
479 { "tls_verify_hosts", opt_stringptr, &tls_verify_hosts },
481 { "trusted_groups", opt_gidlist, &trusted_groups },
482 { "trusted_users", opt_uidlist, &trusted_users },
483 { "unknown_login", opt_stringptr, &unknown_login },
484 { "unknown_username", opt_stringptr, &unknown_username },
485 { "untrusted_set_sender", opt_stringptr, &untrusted_set_sender },
486 { "uucp_from_pattern", opt_stringptr, &uucp_from_pattern },
487 { "uucp_from_sender", opt_stringptr, &uucp_from_sender },
488 { "warn_message_file", opt_stringptr, &warn_message_file },
489 { "write_rejectlog", opt_bool, &write_rejectlog }
492 static int optionlist_config_size = nelem(optionlist_config);
496 /*************************************************
497 * Find the name of an option *
498 *************************************************/
500 /* This function is to aid debugging. Various functions take arguments that are
501 pointer variables in the options table or in option tables for various drivers.
502 For debugging output, it is useful to be able to find the name of the option
503 which is currently being processed. This function finds it, if it exists, by
504 searching the table(s).
506 Arguments: a value that is presumed to be in the table above
507 Returns: the option name, or an empty string
511 readconf_find_option(void *p)
515 transport_instance *t;
517 for (i = 0; i < nelem(optionlist_config); i++)
518 if (p == optionlist_config[i].value) return US optionlist_config[i].name;
520 for (r = routers; r; r = r->next)
522 router_info *ri = r->info;
523 for (i = 0; i < *ri->options_count; i++)
525 if ((ri->options[i].type & opt_mask) != opt_stringptr) continue;
526 if (p == (char *)(r->options_block) + (long int)(ri->options[i].value))
527 return US ri->options[i].name;
531 for (t = transports; t; t = t->next)
533 transport_info *ti = t->info;
534 for (i = 0; i < *ti->options_count; i++)
536 optionlist * op = &ti->options[i];
537 if ((op->type & opt_mask) != opt_stringptr) continue;
538 if (p == ( op->type & opt_public
540 : (char *)t->options_block
542 + (long int)op->value)
553 /*************************************************
554 * Deal with an assignment to a macro *
555 *************************************************/
557 /* We have a new definition. The macro_item structure includes a final vector
558 called "name" which is one byte long. Thus, adding "namelen" gives us enough
559 room to store the "name" string.
560 If a builtin macro we place at head of list, else tail. This lets us lazy-create
564 macro_create(const uschar * name, const uschar * val,
565 BOOL command_line, BOOL builtin)
567 unsigned namelen = Ustrlen(name);
568 macro_item * m = store_get(sizeof(macro_item) + namelen);
570 /* fprintf(stderr, "%s: '%s' '%s'\n", __FUNCTION__, name, val) */
588 m->command_line = command_line;
589 m->namelen = namelen;
590 m->replacement = string_copy(val);
591 Ustrcpy(m->name, name);
596 /* This function is called when a line that starts with an upper case letter is
597 encountered. The argument "line" should contain a complete logical line, and
598 start with the first letter of the macro name. The macro name and the
599 replacement text are extracted and stored. Redefinition of existing,
600 non-command line, macros is permitted using '==' instead of '='.
603 s points to the start of the logical line
609 read_macro_assignment(uschar *s)
616 while (isalnum(*s) || *s == '_')
618 if (namelen >= sizeof(name) - 1)
619 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
620 "macro name too long (maximum is " SIZE_T_FMT " characters)", sizeof(name) - 1);
621 name[namelen++] = *s++;
625 while (isspace(*s)) s++;
627 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "malformed macro definition");
634 while (isspace(*s)) s++;
636 /* If an existing macro of the same name was defined on the command line, we
637 just skip this definition. It's an error to attempt to redefine a macro without
638 redef set to TRUE, or to redefine a macro when it hasn't been defined earlier.
639 It is also an error to define a macro whose name begins with the name of a
640 previously defined macro. This is the requirement that make using a tree
641 for macros hard; we must check all macros for the substring. Perhaps a
642 sorted list, and a bsearch, would work?
643 Note: it is documented that the other way round works. */
645 for (m = macros; m; m = m->next)
647 if (Ustrcmp(m->name, name) == 0)
649 if (!m->command_line && !redef)
650 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "macro \"%s\" is already "
651 "defined (use \"==\" if you want to redefine it", name);
655 if (m->namelen < namelen && Ustrstr(name, m->name) != NULL)
656 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
657 "a macro because previously defined macro \"%s\" is a substring",
660 /* We cannot have this test, because it is documented that a substring
661 macro is permitted (there is even an example).
663 * if (m->namelen > namelen && Ustrstr(m->name, name) != NULL)
664 * log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
665 * "a macro because it is a substring of previously defined macro \"%s\"",
670 /* Check for an overriding command-line definition. */
672 if (m && m->command_line) return;
674 /* Redefinition must refer to an existing macro. */
678 m->replacement = string_copy(s);
680 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "can't redefine an undefined macro "
683 /* We have a new definition. */
685 (void) macro_create(name, s, FALSE, FALSE);
692 /*************************************************/
693 /* Create compile-time feature macros */
695 readconf_features(void)
697 /* Probably we could work out a static initialiser for wherever
698 macros are stored, but this will do for now. Some names are awkward
699 due to conflicts with other common macros. */
701 #ifdef SUPPORT_CRYPTEQ
702 macro_create(US"_HAVE_CRYPTEQ", US"y", FALSE, TRUE);
705 macro_create(US"_HAVE_ICONV", US"y", FALSE, TRUE);
708 macro_create(US"_HAVE_IPV6", US"y", FALSE, TRUE);
710 #ifdef HAVE_SETCLASSRESOURCES
711 macro_create(US"_HAVE_SETCLASSRESOURCES", US"y", FALSE, TRUE);
714 macro_create(US"_HAVE_PAM", US"y", FALSE, TRUE);
717 macro_create(US"_HAVE_PERL", US"y", FALSE, TRUE);
720 macro_create(US"_HAVE_DLFUNC", US"y", FALSE, TRUE);
722 #ifdef USE_TCP_WRAPPERS
723 macro_create(US"_HAVE_TCPWRAPPERS", US"y", FALSE, TRUE);
726 macro_create(US"_HAVE_TLS", US"y", FALSE, TRUE);
728 macro_create(US"_HAVE_GNUTLS", US"y", FALSE, TRUE);
730 macro_create(US"_HAVE_OPENSSL", US"y", FALSE, TRUE);
733 #ifdef SUPPORT_TRANSLATE_IP_ADDRESS
734 macro_create(US"_HAVE_TRANSLATE_IP_ADDRESS", US"y", FALSE, TRUE);
736 #ifdef SUPPORT_MOVE_FROZEN_MESSAGES
737 macro_create(US"_HAVE_MOVE_FROZEN_MESSAGES", US"y", FALSE, TRUE);
739 #ifdef WITH_CONTENT_SCAN
740 macro_create(US"_HAVE_CONTENT_SCANNING", US"y", FALSE, TRUE);
743 macro_create(US"_HAVE_DKIM", US"y", FALSE, TRUE);
745 #ifndef DISABLE_DNSSEC
746 macro_create(US"_HAVE_DNSSEC", US"y", FALSE, TRUE);
748 #ifndef DISABLE_EVENT
749 macro_create(US"_HAVE_EVENT", US"y", FALSE, TRUE);
752 macro_create(US"_HAVE_I18N", US"y", FALSE, TRUE);
755 macro_create(US"_HAVE_OCSP", US"y", FALSE, TRUE);
758 macro_create(US"_HAVE_PRDR", US"y", FALSE, TRUE);
761 macro_create(US"_HAVE_PROXY", US"y", FALSE, TRUE);
764 macro_create(US"_HAVE_SOCKS", US"y", FALSE, TRUE);
767 macro_create(US"_HAVE_TCP_FASTOPEN", US"y", FALSE, TRUE);
769 #ifdef EXPERIMENTAL_LMDB
770 macro_create(US"_HAVE_LMDB", US"y", FALSE, TRUE);
772 #ifdef EXPERIMENTAL_SPF
773 macro_create(US"_HAVE_SPF", US"y", FALSE, TRUE);
775 #ifdef EXPERIMENTAL_SRS
776 macro_create(US"_HAVE_SRS", US"y", FALSE, TRUE);
778 #ifdef EXPERIMENTAL_BRIGHTMAIL
779 macro_create(US"_HAVE_BRIGHTMAIL", US"y", FALSE, TRUE);
781 #ifdef EXPERIMENTAL_DANE
782 macro_create(US"_HAVE_DANE", US"y", FALSE, TRUE);
784 #ifdef EXPERIMENTAL_DCC
785 macro_create(US"_HAVE_DCC", US"y", FALSE, TRUE);
787 #ifdef EXPERIMENTAL_DMARC
788 macro_create(US"_HAVE_DMARC", US"y", FALSE, TRUE);
790 #ifdef EXPERIMENTAL_DSN_INFO
791 macro_create(US"_HAVE_DSN_INFO", US"y", FALSE, TRUE);
794 #ifdef LOOKUP_LSEARCH
795 macro_create(US"_HAVE_LKUP_LSEARCH", US"y", FALSE, TRUE);
798 macro_create(US"_HAVE_LKUP_CDB", US"y", FALSE, TRUE);
801 macro_create(US"_HAVE_LKUP_DBM", US"y", FALSE, TRUE);
804 macro_create(US"_HAVE_LKUP_DNSDB", US"y", FALSE, TRUE);
806 #ifdef LOOKUP_DSEARCH
807 macro_create(US"_HAVE_LKUP_DSEARCH", US"y", FALSE, TRUE);
810 macro_create(US"_HAVE_LKUP_IBASE", US"y", FALSE, TRUE);
813 macro_create(US"_HAVE_LKUP_LDAP", US"y", FALSE, TRUE);
815 #ifdef EXPERIMENTAL_LMDB
816 macro_create(US"_HAVE_LKUP_LMDB", US"y", FALSE, TRUE);
819 macro_create(US"_HAVE_LKUP_MYSQL", US"y", FALSE, TRUE);
822 macro_create(US"_HAVE_LKUP_NIS", US"y", FALSE, TRUE);
824 #ifdef LOOKUP_NISPLUS
825 macro_create(US"_HAVE_LKUP_NISPLUS", US"y", FALSE, TRUE);
828 macro_create(US"_HAVE_LKUP_ORACLE", US"y", FALSE, TRUE);
831 macro_create(US"_HAVE_LKUP_PASSWD", US"y", FALSE, TRUE);
834 macro_create(US"_HAVE_LKUP_PGSQL", US"y", FALSE, TRUE);
837 macro_create(US"_HAVE_LKUP_REDIS", US"y", FALSE, TRUE);
840 macro_create(US"_HAVE_LKUP_SQLITE", US"y", FALSE, TRUE);
843 macro_create(US"_HAVE_LKUP_TESTDB", US"y", FALSE, TRUE);
846 macro_create(US"_HAVE_LKUP_WHOSON", US"y", FALSE, TRUE);
849 #ifdef TRANSPORT_APPENDFILE
850 # ifdef SUPPORT_MAILDIR
851 macro_create(US"_HAVE_TPT_APPEND_MAILDR", US"y", FALSE, TRUE);
853 # ifdef SUPPORT_MAILSTORE
854 macro_create(US"_HAVE_TPT_APPEND_MAILSTORE", US"y", FALSE, TRUE);
857 macro_create(US"_HAVE_TPT_APPEND_MBX", US"y", FALSE, TRUE);
864 readconf_options_from_list(optionlist * opts, unsigned nopt, uschar * group)
869 /* The 'previously-defined-substring' rule for macros in config file
870 lines is done so for these builtin macros: we know that the table
871 we source from is in strict alpha order, hence the builtins portion
872 of the macros list is in reverse-alpha (we prepend them) - so longer
873 macros that have substrings are always discovered first during
876 for (i = 0; i < nopt; i++) if (*(s = opts[i].name) && *s != '*')
877 macro_create(string_sprintf("_OPT_%T_%T", group, s), US"y", FALSE, TRUE);
882 readconf_options(void)
884 readconf_options_from_list(optionlist_config, nelem(optionlist_config), US"MAIN");
885 readconf_options_routers();
886 readconf_options_transports();
887 readconf_options_auths();
891 macros_create_builtin(void)
895 macros_builtin_created = TRUE;
899 /*************************************************
900 * Read configuration line *
901 *************************************************/
903 /* A logical line of text is read from the configuration file into the big
904 buffer, taking account of macros, .includes, and continuations. The size of
905 big_buffer is increased if necessary. The count of configuration lines is
906 maintained. Physical input lines starting with # (ignoring leading white space,
907 and after macro replacement) and empty logical lines are always ignored.
908 Leading and trailing spaces are removed.
910 If we hit a line of the form "begin xxxx", the xxxx is placed in the
911 next_section vector, and the function returns NULL, indicating the end of a
912 configuration section. On end-of-file, NULL is returned with next_section
917 Returns: a pointer to the first non-blank in the line,
918 or NULL if eof or end of section is reached
922 get_config_line(void)
924 int startoffset = 0; /* To first non-blank char in logical line */
925 int len = 0; /* Of logical line so far */
931 /* Loop for handling continuation lines, skipping comments, and dealing with
936 if (Ufgets(big_buffer+len, big_buffer_size-len, config_file) == NULL)
938 if (config_file_stack != NULL) /* EOF inside .include */
940 (void)fclose(config_file);
941 config_file = config_file_stack->file;
942 config_filename = config_file_stack->filename;
943 config_lineno = config_file_stack->lineno;
944 config_file_stack = config_file_stack->next;
946 save_config_position(config_filename, config_lineno);
950 /* EOF at top level */
952 if (cstate_stack_ptr >= 0)
953 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
954 "Unexpected end of configuration file: .endif missing");
956 if (len != 0) break; /* EOF after continuation */
957 next_section[0] = 0; /* EOF at start of logical line */
962 newlen = len + Ustrlen(big_buffer + len);
964 if (config_lines && config_lineno == 1)
965 save_config_position(config_filename, config_lineno);
967 /* Handle pathologically long physical lines - yes, it did happen - by
968 extending big_buffer at this point. The code also copes with very long
971 while (newlen == big_buffer_size - 1 && big_buffer[newlen - 1] != '\n')
974 big_buffer_size += BIG_BUFFER_SIZE;
975 newbuffer = store_malloc(big_buffer_size);
977 /* This use of strcpy is OK because we know that the string in the old
978 buffer is shorter than the new buffer. */
980 Ustrcpy(newbuffer, big_buffer);
981 store_free(big_buffer);
982 big_buffer = newbuffer;
983 if (Ufgets(big_buffer+newlen, big_buffer_size-newlen, config_file) == NULL)
985 newlen += Ustrlen(big_buffer + newlen);
988 /* Find the true start of the physical line - leading spaces are always
991 ss = big_buffer + len;
992 while (isspace(*ss)) ss++;
994 /* Process the physical line for macros. If this is the start of the logical
995 line, skip over initial text at the start of the line if it starts with an
996 upper case character followed by a sequence of name characters and an equals
997 sign, because that is the definition of a new macro, and we don't do
998 replacement therein. */
1001 if (len == 0 && isupper(*s))
1003 while (isalnum(*s) || *s == '_') s++;
1004 while (isspace(*s)) s++;
1005 if (*s != '=') s = ss; /* Not a macro definition */
1008 /* If the builtin macros are not yet defined, and the line contains an
1009 underscrore followed by an one of the three possible chars used by
1010 builtins, create them. */
1012 if (!macros_builtin_created)
1014 const uschar * t, * p;
1016 for (t = s; (p = CUstrchr(t, '_')); t = p+1)
1017 if (c = p[1], c == 'O' || c == 'D' || c == 'H')
1019 /* fprintf(stderr, "%s: builtins create triggered by '%s'\n", __FUNCTION__, s); */
1020 macros_create_builtin();
1025 /* For each defined macro, scan the line (from after XXX= if present),
1026 replacing all occurrences of the macro. */
1028 macro_found = FALSE;
1029 for (m = macros; m; m = m->next)
1034 while ((p = Ustrstr(t, m->name)) != NULL)
1037 int replen = Ustrlen(m->replacement);
1039 /* fprintf(stderr, "%s: matched '%s' in '%s'\n", __FUNCTION__, m->name, t) */
1040 /* Expand the buffer if necessary */
1042 while (newlen - m->namelen + replen + 1 > big_buffer_size)
1044 int newsize = big_buffer_size + BIG_BUFFER_SIZE;
1045 uschar *newbuffer = store_malloc(newsize);
1046 memcpy(newbuffer, big_buffer, newlen + 1);
1047 p = newbuffer + (p - big_buffer);
1048 s = newbuffer + (s - big_buffer);
1049 ss = newbuffer + (ss - big_buffer);
1050 t = newbuffer + (t - big_buffer);
1051 big_buffer_size = newsize;
1052 store_free(big_buffer);
1053 big_buffer = newbuffer;
1056 /* Shuffle the remaining characters up or down in the buffer before
1057 copying in the replacement text. Don't rescan the replacement for this
1060 pp = p + m->namelen;
1061 if ((moveby = replen - m->namelen) != 0)
1063 memmove(p + replen, pp, (big_buffer + newlen) - pp + 1);
1066 Ustrncpy(p, m->replacement, replen);
1072 /* An empty macro replacement at the start of a line could mean that ss no
1073 longer points to the first non-blank character. */
1075 while (isspace(*ss)) ss++;
1077 /* Check for comment lines - these are physical lines. */
1079 if (*ss == '#') continue;
1081 /* Handle conditionals, which are also applied to physical lines. Conditions
1082 are of the form ".ifdef ANYTEXT" and are treated as true if any macro
1083 expansion occured on the rest of the line. A preliminary test for the leading
1084 '.' saves effort on most lines. */
1090 /* Search the list of conditional directives */
1092 for (i = 0; i < cond_list_size; i++)
1095 cond_item *c = cond_list+i;
1096 if (Ustrncmp(ss+1, c->name, c->namelen) != 0) continue;
1098 /* The following character must be white space or end of string */
1100 n = ss[1 + c->namelen];
1101 if (n != ' ' && n != 't' && n != '\n' && n != 0) break;
1103 /* .ifdef and .ifndef push the current state onto the stack, then set
1104 a new one from the table. Stack overflow is an error */
1108 if (cstate_stack_ptr >= CSTATE_STACK_SIZE - 1)
1109 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1110 ".%s nested too deeply", c->name);
1111 cstate_stack[++cstate_stack_ptr] = cstate;
1112 cstate = next_cstate[cstate][macro_found? c->action1 : c->action2];
1115 /* For any of the others, stack underflow is an error. The next state
1116 comes either from the stack (.endif) or from the table. */
1120 if (cstate_stack_ptr < 0)
1121 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1122 ".%s without matching .ifdef", c->name);
1123 cstate = (c->pushpop < 0)? cstate_stack[cstate_stack_ptr--] :
1124 next_cstate[cstate][macro_found? c->action1 : c->action2];
1127 /* Having dealt with a directive, break the loop */
1132 /* If we have handled a conditional directive, continue with the next
1133 physical line. Otherwise, fall through. */
1135 if (i < cond_list_size) continue;
1138 /* If the conditional state is not 0 (actively using these lines), ignore
1141 if (cstate != 0) continue; /* Conditional skip */
1143 /* Handle .include lines - these are also physical lines. */
1145 if (Ustrncmp(ss, ".include", 8) == 0 &&
1147 (Ustrncmp(ss+8, "_if_exists", 10) == 0 && isspace(ss[18]))))
1150 int include_if_exists = isspace(ss[8])? 0 : 10;
1151 config_file_item *save;
1152 struct stat statbuf;
1154 ss += 9 + include_if_exists;
1155 while (isspace(*ss)) ss++;
1156 t = ss + Ustrlen(ss);
1157 while (t > ss && isspace(t[-1])) t--;
1158 if (*ss == '\"' && t[-1] == '\"')
1166 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, ".include specifies a non-"
1167 "absolute path \"%s\"", ss);
1169 if (include_if_exists != 0 && (Ustat(ss, &statbuf) != 0)) continue;
1172 save_config_position(config_filename, config_lineno);
1173 save = store_get(sizeof(config_file_item));
1174 save->next = config_file_stack;
1175 config_file_stack = save;
1176 save->file = config_file;
1177 save->filename = config_filename;
1178 save->lineno = config_lineno;
1180 if (!(config_file = Ufopen(ss, "rb")))
1181 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to open included "
1182 "configuration file %s", ss);
1184 config_filename = string_copy(ss);
1189 /* If this is the start of the logical line, remember where the non-blank
1190 data starts. Otherwise shuffle down continuation lines to remove leading
1194 startoffset = ss - big_buffer;
1197 s = big_buffer + len;
1200 memmove(s, ss, (newlen - len) - (ss - s) + 1);
1205 /* Accept the new addition to the line. Remove trailing white space. */
1208 while (len > 0 && isspace(big_buffer[len-1])) len--;
1209 big_buffer[len] = 0;
1211 /* We are done if the line does not end in backslash and contains some data.
1212 Empty logical lines are ignored. For continuations, remove the backslash and
1213 go round the loop to read the continuation line. */
1217 if (big_buffer[len-1] != '\\') break; /* End of logical line */
1218 big_buffer[--len] = 0; /* Remove backslash */
1220 } /* Loop for reading multiple physical lines */
1222 /* We now have a logical line. Test for the end of a configuration section (or,
1223 more accurately, for the start of the next section). Place the name of the next
1224 section in next_section, and return NULL. If the name given is longer than
1225 next_section, truncate it. It will be unrecognized later, because all the known
1226 section names do fit. Leave space for pluralizing. */
1228 s = big_buffer + startoffset; /* First non-space character */
1231 save_config_line(s);
1233 if (strncmpic(s, US"begin ", 6) == 0)
1236 while (isspace(*s)) s++;
1237 if (big_buffer + len - s > sizeof(next_section) - 2)
1238 s[sizeof(next_section) - 2] = 0;
1239 Ustrcpy(next_section, s);
1243 /* Return the first non-blank character. */
1250 /*************************************************
1252 *************************************************/
1254 /* The yield is the pointer to the next uschar. Names longer than the
1255 output space are silently truncated. This function is also used from acl.c when
1259 name where to put the name
1263 Returns: new input pointer
1267 readconf_readname(uschar *name, int len, uschar *s)
1270 while (isspace(*s)) s++;
1273 while (isalnum(*s) || *s == '_')
1275 if (p < len-1) name[p++] = *s;
1280 while (isspace(*s)) s++;
1287 /*************************************************
1288 * Read a time value *
1289 *************************************************/
1291 /* This function is also called from outside, to read argument
1292 time values. The format of a time value is:
1294 [<n>w][<n>d][<n>h][<n>m][<n>s]
1296 as long as at least one is present. If a format error is encountered,
1297 return a negative value. The value must be terminated by the given
1302 terminator required terminating character
1303 return_msec if TRUE, allow fractional seconds and return milliseconds
1305 Returns: the time value, or -1 on syntax error
1306 value is seconds if return_msec is FALSE
1307 value is milliseconds if return_msec is TRUE
1311 readconf_readtime(const uschar *s, int terminator, BOOL return_msec)
1319 if (!isdigit(*s)) return -1;
1320 (void)sscanf(CCS s, "%d%n", &value, &count);
1325 case 'w': value *= 7;
1326 case 'd': value *= 24;
1327 case 'h': value *= 60;
1328 case 'm': value *= 60;
1333 if (!return_msec) return -1;
1334 (void)sscanf(CCS s, "%lf%n", &fraction, &count);
1336 if (*s++ != 's') return -1;
1337 yield += (int)(fraction * 1000.0);
1343 if (return_msec) value *= 1000;
1345 if (*s == terminator) return yield;
1347 /* Control never reaches here. */
1352 /*************************************************
1353 * Read a fixed point value *
1354 *************************************************/
1356 /* The value is returned *1000
1360 terminator required terminator
1362 Returns: the value, or -1 on error
1366 readconf_readfixed(const uschar *s, int terminator)
1370 if (!isdigit(*s)) return -1;
1371 (void)sscanf(CS s, "%d%n", &value, &count);
1373 yield = value * 1000;
1377 while (isdigit((*(++s))))
1379 yield += (*s - '0') * m;
1384 return (*s == terminator)? yield : (-1);
1389 /*************************************************
1390 * Find option in list *
1391 *************************************************/
1393 /* The lists are always in order, so binary chop can be used.
1396 name the option name to search for
1397 ol the first entry in the option list
1398 last one more than the offset of the last entry in the option list
1400 Returns: pointer to an option entry, or NULL if not found
1404 find_option(uschar *name, optionlist *ol, int last)
1407 while (last > first)
1409 int middle = (first + last)/2;
1410 int c = Ustrcmp(name, ol[middle].name);
1412 if (c == 0) return ol + middle;
1413 else if (c > 0) first = middle + 1;
1421 /*************************************************
1422 * Find a set flag in option list *
1423 *************************************************/
1425 /* Because some versions of Unix make no restrictions on the values of uids and
1426 gids (even negative ones), we cannot represent "unset" by a special value.
1427 There is therefore a separate boolean variable for each one indicating whether
1428 a value is set or not. This function returns a pointer to the boolean, given
1429 the original option name. It is a major disaster if the flag cannot be found.
1432 name the name of the uid or gid option
1433 oltop points to the start of the relevant option list
1434 last one more than the offset of the last item in the option list
1435 data_block NULL when reading main options => data values in the option
1436 list are absolute addresses; otherwise they are byte offsets
1437 in data_block (used for driver options)
1439 Returns: a pointer to the boolean flag.
1443 get_set_flag(uschar *name, optionlist *oltop, int last, void *data_block)
1447 sprintf(CS name2, "*set_%.50s", name);
1448 ol = find_option(name2, oltop, last);
1449 if (ol == NULL) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
1450 "Exim internal error: missing set flag for %s", name);
1451 return (data_block == NULL)? (BOOL *)(ol->value) :
1452 (BOOL *)((uschar *)data_block + (long int)(ol->value));
1458 /*************************************************
1459 * Output extra characters message and die *
1460 *************************************************/
1462 /* Called when an option line has junk on the end. Sometimes this is because
1463 the sysadmin thinks comments are permitted.
1466 s points to the extra characters
1467 t1..t3 strings to insert in the log message
1469 Returns: doesn't return; dies
1473 extra_chars_error(const uschar *s, const uschar *t1, const uschar *t2, const uschar *t3)
1475 uschar *comment = US"";
1476 if (*s == '#') comment = US" (# is comment only at line start)";
1477 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1478 "extra characters follow %s%s%s%s", t1, t2, t3, comment);
1483 /*************************************************
1484 * Read rewrite information *
1485 *************************************************/
1487 /* Each line of rewrite information contains:
1489 . A complete address in the form user@domain, possibly with
1490 leading * for each part; or alternatively, a regex.
1492 . A replacement string (which will be expanded).
1494 . An optional sequence of one-letter flags, indicating which
1495 headers etc. to apply this rule to.
1497 All this is decoded and placed into a control block. The OR of the flags is
1498 maintained in a common word.
1501 p points to the string that makes up the rule
1502 existflags points to the overall flag word
1503 isglobal TRUE if reading global rewrite rules
1505 Returns: the control block for the parsed rule.
1508 static rewrite_rule *
1509 readconf_one_rewrite(const uschar *p, int *existflags, BOOL isglobal)
1511 rewrite_rule *next = store_get(sizeof(rewrite_rule));
1514 next->key = string_dequote(&p);
1516 while (isspace(*p)) p++;
1518 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1519 "missing rewrite replacement string");
1522 next->replacement = string_dequote(&p);
1524 while (*p != 0) switch (*p++)
1526 case ' ': case '\t': break;
1528 case 'q': next->flags |= rewrite_quit; break;
1529 case 'w': next->flags |= rewrite_whole; break;
1531 case 'h': next->flags |= rewrite_all_headers; break;
1532 case 's': next->flags |= rewrite_sender; break;
1533 case 'f': next->flags |= rewrite_from; break;
1534 case 't': next->flags |= rewrite_to; break;
1535 case 'c': next->flags |= rewrite_cc; break;
1536 case 'b': next->flags |= rewrite_bcc; break;
1537 case 'r': next->flags |= rewrite_replyto; break;
1539 case 'E': next->flags |= rewrite_all_envelope; break;
1540 case 'F': next->flags |= rewrite_envfrom; break;
1541 case 'T': next->flags |= rewrite_envto; break;
1543 case 'Q': next->flags |= rewrite_qualify; break;
1544 case 'R': next->flags |= rewrite_repeat; break;
1547 next->flags |= rewrite_smtp;
1548 if (next->key[0] != '^' && Ustrncmp(next->key, "\\N^", 3) != 0)
1549 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1550 "rewrite rule has the S flag but is not a regular expression");
1554 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1555 "unknown rewrite flag character '%c' "
1556 "(could be missing quotes round replacement item)", p[-1]);
1560 /* If no action flags are set, set all the "normal" rewrites. */
1562 if ((next->flags & (rewrite_all | rewrite_smtp)) == 0)
1563 next->flags |= isglobal? rewrite_all : rewrite_all_headers;
1565 /* Remember which exist, for optimization, and return the rule */
1567 *existflags |= next->flags;
1574 /*************************************************
1575 * Read global rewrite information *
1576 *************************************************/
1578 /* Each line is a single rewrite rule; it is parsed into a control block
1579 by readconf_one_rewrite(), and its flags are ORed into the global flag
1580 word rewrite_existflags. */
1583 readconf_rewrites(void)
1585 rewrite_rule **chain = &global_rewrite_rules;
1588 while ((p = get_config_line()) != NULL)
1590 rewrite_rule *next = readconf_one_rewrite(p, &rewrite_existflags, TRUE);
1592 chain = &(next->next);
1598 /*************************************************
1600 *************************************************/
1602 /* Strings are read into the normal store pool. As long we aren't too
1603 near the end of the current block, the string will just use what is necessary
1604 on the top of the stacking pool, because string_cat() uses the extension
1608 s the rest of the input line
1609 name the option name (for errors)
1611 Returns: pointer to the string
1615 read_string(const uschar *s, const uschar *name)
1620 if (*s != '\"') return string_copy(s);
1623 yield = string_dequote(&s);
1625 if (s == ss+1 || s[-1] != '\"')
1626 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1627 "missing quote at end of string value for %s", name);
1629 if (*s != 0) extra_chars_error(s, US"string value for ", name, US"");
1635 /*************************************************
1636 * Custom-handler options *
1637 *************************************************/
1639 fn_smtp_receive_timeout(const uschar * name, const uschar * str)
1642 smtp_receive_timeout_s = string_copy(str);
1645 /* "smtp_receive_timeout", opt_time, &smtp_receive_timeout */
1646 smtp_receive_timeout = readconf_readtime(str, 0, FALSE);
1647 if (smtp_receive_timeout < 0)
1648 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
1653 /*************************************************
1654 * Handle option line *
1655 *************************************************/
1657 /* This function is called from several places to process a line containing the
1658 setting of an option. The first argument is the line to be decoded; it has been
1659 checked not to be empty and not to start with '#'. Trailing newlines and white
1660 space have been removed. The second argument is a pointer to the list of
1661 variable names that are to be recognized, together with their types and
1662 locations, and the third argument gives the number of entries in the list.
1664 The fourth argument is a pointer to a data block. If it is NULL, then the data
1665 values in the options list are absolute addresses. Otherwise, they are byte
1666 offsets in the data block.
1668 String option data may continue onto several lines; this function reads further
1669 data from config_file if necessary.
1671 The yield of this function is normally zero. If a string continues onto
1672 multiple lines, then the data value is permitted to be followed by a comma
1673 or a semicolon (for use in drivers) and the yield is that character.
1676 buffer contains the configuration line to be handled
1677 oltop points to the start of the relevant option list
1678 last one more than the offset of the last item in the option list
1679 data_block NULL when reading main options => data values in the option
1680 list are absolute addresses; otherwise they are byte offsets
1681 in data_block when they have opt_public set; otherwise
1682 they are byte offsets in data_block->options_block.
1683 unknown_txt format string to use in panic message for unknown option;
1684 must contain %s for option name
1685 if given as NULL, don't panic on unknown option
1687 Returns: TRUE if an option was read successfully,
1688 FALSE false for an unknown option if unknown_txt == NULL,
1689 otherwise panic and die on an unknown option
1693 readconf_handle_option(uschar *buffer, optionlist *oltop, int last,
1694 void *data_block, uschar *unknown_txt)
1698 int n, count, type, value;
1702 BOOL boolvalue = TRUE;
1703 BOOL freesptr = TRUE;
1704 optionlist *ol, *ol2;
1708 uschar *inttype = US"";
1711 uschar **str_target;
1715 /* There may be leading spaces; thereafter, we expect an option name starting
1718 while (isspace(*s)) s++;
1720 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "option setting expected: %s", s);
1722 /* Read the name of the option, and skip any subsequent white space. If
1723 it turns out that what we read was "hide", set the flag indicating that
1724 this is a secure option, and loop to read the next word. */
1726 for (n = 0; n < 2; n++)
1728 while (isalnum(*s) || *s == '_')
1730 if (ptr < sizeof(name)-1) name[ptr++] = *s;
1734 while (isspace(*s)) s++;
1735 if (Ustrcmp(name, "hide") != 0) break;
1736 issecure = opt_secure;
1740 /* Deal with "no_" or "not_" here for booleans */
1742 if (Ustrncmp(name, "no_", 3) == 0)
1748 if (Ustrncmp(name, "not_", 4) == 0)
1754 /* Search the list for the given name. A non-existent name, or an option that
1755 is set twice, is a disaster. */
1757 if (!(ol = find_option(name + offset, oltop, last)))
1759 if (unknown_txt == NULL) return FALSE;
1760 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, CS unknown_txt, name);
1763 if ((ol->type & opt_set) && !(ol->type & (opt_rep_con | opt_rep_str)))
1764 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1765 "\"%s\" option set for the second time", name);
1767 ol->type |= opt_set | issecure;
1768 type = ol->type & opt_mask;
1770 /* Types with data values must be followed by '='; the "no[t]_" prefix
1771 applies only to boolean values. */
1773 if (type < opt_bool || type > opt_bool_last)
1776 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1777 "negation prefix applied to a non-boolean option");
1779 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1780 "unexpected end of line (data missing) after %s", name);
1782 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "missing \"=\" after %s", name);
1785 /* If a boolean wasn't preceded by "no[t]_" it can be followed by = and
1786 true/false/yes/no, or, in the case of opt_expand_bool, a general string that
1787 ultimately expands to one of those values. */
1789 else if (*s != 0 && (offset != 0 || *s != '='))
1790 extra_chars_error(s, US"boolean option ", name, US"");
1792 /* Skip white space after = */
1794 if (*s == '=') while (isspace((*(++s))));
1796 /* If there is a data block and the opt_public flag is not set, change
1797 the data block pointer to the private options block. */
1799 if (data_block != NULL && (ol->type & opt_public) == 0)
1800 data_block = (void *)(((driver_instance *)data_block)->options_block);
1802 /* Now get the data according to the type. */
1806 /* If a string value is not enclosed in quotes, it consists of
1807 the rest of the current line, verbatim. Otherwise, string escapes
1810 A transport is specified as a string, which is then looked up in the
1811 list of transports. A search type is specified as one of a number of
1814 A set or rewrite rules for a driver is specified as a string, which is
1815 then parsed into a suitable chain of control blocks.
1817 Uids and gids are specified as strings which are then looked up in the
1818 passwd file. Lists of uids and gids are similarly specified as colon-
1819 separated strings. */
1824 case opt_expand_uid:
1825 case opt_expand_gid:
1830 reset_point = sptr = read_string(s, name);
1832 /* Having read a string, we now have several different ways of using it,
1833 depending on the data type, so do another switch. If keeping the actual
1834 string is not required (because it is interpreted), freesptr is set TRUE,
1835 and at the end we reset the pool. */
1839 /* If this was a string, set the variable to point to the new string,
1840 and set the flag so its store isn't reclaimed. If it was a list of rewrite
1841 rules, we still keep the string (for printing), and parse the rules into a
1842 control block and flags word. */
1845 str_target = data_block ? USS (US data_block + (long int)(ol->value))
1847 if (ol->type & opt_rep_con)
1849 uschar * saved_condition;
1850 /* We already have a condition, we're conducting a crude hack to let
1851 multiple condition rules be chained together, despite storing them in
1853 *str_target = string_copy_malloc( (saved_condition = *str_target)
1854 ? string_sprintf("${if and{{bool_lax{%s}}{bool_lax{%s}}}}",
1855 saved_condition, sptr)
1857 /* TODO(pdp): there is a memory leak here and just below
1858 when we set 3 or more conditions; I still don't
1859 understand the store mechanism enough to know
1860 what's the safe way to free content from an earlier store.
1861 AFAICT, stores stack, so freeing an early stored item also stores
1862 all data alloc'd after it. If we knew conditions were adjacent,
1863 we could survive that, but we don't. So I *think* we need to take
1864 another bit from opt_type to indicate "malloced"; this seems like
1865 quite a hack, especially for this one case. It also means that
1866 we can't ever reclaim the store from the *first* condition.
1868 Because we only do this once, near process start-up, I'm prepared to
1869 let this slide for the time being, even though it rankles. */
1871 else if (ol->type & opt_rep_str)
1873 uschar sep_o = Ustrncmp(name, "headers_add", 11)==0 ? '\n' : ':';
1874 int sep_i = -(int)sep_o;
1875 const uschar * list = sptr;
1877 uschar * list_o = *str_target;
1879 while ((s = string_nextinlist(&list, &sep_i, NULL, 0)))
1880 list_o = string_append_listele(list_o, sep_o, s);
1882 *str_target = string_copy_malloc(list_o);
1893 *USS (US data_block + (long int)(ol->value)) = sptr;
1895 *USS (ol->value) = sptr;
1897 if (type == opt_rewrite)
1902 rewrite_rule **chain;
1905 sprintf(CS name2, "*%.50s_rules", name);
1906 ol2 = find_option(name2, oltop, last);
1907 sprintf(CS name2, "*%.50s_flags", name);
1908 ol3 = find_option(name2, oltop, last);
1910 if (ol2 == NULL || ol3 == NULL)
1911 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1912 "rewrite rules not available for driver");
1914 if (data_block == NULL)
1916 chain = (rewrite_rule **)(ol2->value);
1917 flagptr = (int *)(ol3->value);
1921 chain = (rewrite_rule **)((uschar *)data_block + (long int)(ol2->value));
1922 flagptr = (int *)((uschar *)data_block + (long int)(ol3->value));
1925 while ((p = string_nextinlist(CUSS &sptr, &sep, big_buffer, BIG_BUFFER_SIZE)))
1927 rewrite_rule *next = readconf_one_rewrite(p, flagptr, FALSE);
1929 chain = &(next->next);
1932 if ((*flagptr & (rewrite_all_envelope | rewrite_smtp)) != 0)
1933 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "rewrite rule specifies a "
1934 "non-header rewrite - not allowed at transport time -");
1938 /* If it was an expanded uid, see if there is any expansion to be
1939 done by checking for the presence of a $ character. If there is, save it
1940 in the corresponding *expand_user option field. Otherwise, fall through
1941 to treat it as a fixed uid. Ensure mutual exclusivity of the two kinds
1944 case opt_expand_uid:
1945 sprintf(CS name2, "*expand_%.50s", name);
1946 ol2 = find_option(name2, oltop, last);
1949 uschar *ss = (Ustrchr(sptr, '$') != NULL)? sptr : NULL;
1951 if (data_block == NULL)
1952 *((uschar **)(ol2->value)) = ss;
1954 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = ss;
1958 *(get_set_flag(name, oltop, last, data_block)) = FALSE;
1964 /* Look up a fixed uid, and also make use of the corresponding gid
1965 if a passwd entry is returned and the gid has not been set. */
1968 if (!route_finduser(sptr, &pw, &uid))
1969 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "user %s was not found", sptr);
1970 if (data_block == NULL)
1971 *((uid_t *)(ol->value)) = uid;
1973 *((uid_t *)((uschar *)data_block + (long int)(ol->value))) = uid;
1975 /* Set the flag indicating a fixed value is set */
1977 *(get_set_flag(name, oltop, last, data_block)) = TRUE;
1979 /* Handle matching gid if we have a passwd entry: done by finding the
1980 same name with terminating "user" changed to "group"; if not found,
1981 ignore. Also ignore if the value is already set. */
1983 if (pw == NULL) break;
1984 Ustrcpy(name+Ustrlen(name)-4, "group");
1985 ol2 = find_option(name, oltop, last);
1986 if (ol2 != NULL && ((ol2->type & opt_mask) == opt_gid ||
1987 (ol2->type & opt_mask) == opt_expand_gid))
1989 BOOL *set_flag = get_set_flag(name, oltop, last, data_block);
1992 if (data_block == NULL)
1993 *((gid_t *)(ol2->value)) = pw->pw_gid;
1995 *((gid_t *)((uschar *)data_block + (long int)(ol2->value))) = pw->pw_gid;
2001 /* If it was an expanded gid, see if there is any expansion to be
2002 done by checking for the presence of a $ character. If there is, save it
2003 in the corresponding *expand_user option field. Otherwise, fall through
2004 to treat it as a fixed gid. Ensure mutual exclusivity of the two kinds
2007 case opt_expand_gid:
2008 sprintf(CS name2, "*expand_%.50s", name);
2009 ol2 = find_option(name2, oltop, last);
2012 uschar *ss = (Ustrchr(sptr, '$') != NULL)? sptr : NULL;
2014 if (data_block == NULL)
2015 *((uschar **)(ol2->value)) = ss;
2017 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = ss;
2021 *(get_set_flag(name, oltop, last, data_block)) = FALSE;
2027 /* Handle freestanding gid */
2030 if (!route_findgroup(sptr, &gid))
2031 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "group %s was not found", sptr);
2032 if (data_block == NULL)
2033 *((gid_t *)(ol->value)) = gid;
2035 *((gid_t *)((uschar *)data_block + (long int)(ol->value))) = gid;
2036 *(get_set_flag(name, oltop, last, data_block)) = TRUE;
2039 /* If it was a uid list, look up each individual entry, and build
2040 a vector of uids, with a count in the first element. Put the vector
2041 in malloc store so we can free the string. (We are reading into
2042 permanent store already.) */
2050 const uschar *op = expand_string (sptr);
2053 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s",
2054 name, expand_string_message);
2057 if (*p != 0) count++;
2058 while (*p != 0) if (*p++ == ':' && *p != 0) count++;
2059 list = store_malloc(count*sizeof(uid_t));
2060 list[ptr++] = (uid_t)(count - 1);
2062 if (data_block == NULL)
2063 *((uid_t **)(ol->value)) = list;
2065 *((uid_t **)((uschar *)data_block + (long int)(ol->value))) = list;
2071 (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
2072 if (!route_finduser(big_buffer, NULL, &uid))
2073 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "user %s was not found",
2080 /* If it was a gid list, look up each individual entry, and build
2081 a vector of gids, with a count in the first element. Put the vector
2082 in malloc store so we can free the string. (We are reading into permanent
2091 const uschar *op = expand_string (sptr);
2094 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s",
2095 name, expand_string_message);
2098 if (*p != 0) count++;
2099 while (*p != 0) if (*p++ == ':' && *p != 0) count++;
2100 list = store_malloc(count*sizeof(gid_t));
2101 list[ptr++] = (gid_t)(count - 1);
2103 if (data_block == NULL)
2104 *((gid_t **)(ol->value)) = list;
2106 *((gid_t **)((uschar *)data_block + (long int)(ol->value))) = list;
2112 (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
2113 if (!route_findgroup(big_buffer, &gid))
2114 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "group %s was not found",
2122 /* Release store if the value of the string doesn't need to be kept. */
2124 if (freesptr) store_reset(reset_point);
2127 /* Expanded boolean: if no characters follow, or if there are no dollar
2128 characters, this is a fixed-valued boolean, and we fall through. Otherwise,
2129 save the string for later expansion in the alternate place. */
2131 case opt_expand_bool:
2132 if (*s != 0 && Ustrchr(s, '$') != 0)
2134 sprintf(CS name2, "*expand_%.50s", name);
2135 ol2 = find_option(name2, oltop, last);
2138 reset_point = sptr = read_string(s, name);
2139 if (data_block == NULL)
2140 *((uschar **)(ol2->value)) = sptr;
2142 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = sptr;
2149 /* Boolean: if no characters follow, the value is boolvalue. Otherwise
2150 look for yes/not/true/false. Some booleans are stored in a single bit in
2151 a single int. There's a special fudge for verify settings; without a suffix
2152 they set both xx_sender and xx_recipient. The table points to the sender
2153 value; search subsequently for the recipient. There's another special case:
2154 opt_bool_set also notes when a boolean has been set. */
2158 case opt_bool_verify:
2162 s = readconf_readname(name2, 64, s);
2163 if (strcmpic(name2, US"true") == 0 || strcmpic(name2, US"yes") == 0)
2165 else if (strcmpic(name2, US"false") == 0 || strcmpic(name2, US"no") == 0)
2167 else log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2168 "\"%s\" is not a valid value for the \"%s\" option", name2, name);
2169 if (*s != 0) extra_chars_error(s, string_sprintf("\"%s\" ", name2),
2170 US"for boolean option ", name);
2173 /* Handle single-bit type. */
2175 if (type == opt_bit)
2177 int bit = 1 << ((ol->type >> 16) & 31);
2178 int *ptr = (data_block == NULL)?
2179 (int *)(ol->value) :
2180 (int *)((uschar *)data_block + (long int)ol->value);
2181 if (boolvalue) *ptr |= bit; else *ptr &= ~bit;
2185 /* Handle full BOOL types */
2187 if (data_block == NULL)
2188 *((BOOL *)(ol->value)) = boolvalue;
2190 *((BOOL *)((uschar *)data_block + (long int)(ol->value))) = boolvalue;
2194 if (type == opt_bool_verify)
2196 sprintf(CS name2, "%.50s_recipient", name + offset);
2197 ol2 = find_option(name2, oltop, last);
2200 if (data_block == NULL)
2201 *((BOOL *)(ol2->value)) = boolvalue;
2203 *((BOOL *)((uschar *)data_block + (long int)(ol2->value))) = boolvalue;
2207 /* Note that opt_bool_set type is set, if there is somewhere to do so */
2209 else if (type == opt_bool_set)
2211 sprintf(CS name2, "*set_%.50s", name + offset);
2212 ol2 = find_option(name2, oltop, last);
2215 if (data_block == NULL)
2216 *((BOOL *)(ol2->value)) = TRUE;
2218 *((BOOL *)((uschar *)data_block + (long int)(ol2->value))) = TRUE;
2227 inttype = US"octal ";
2229 /* Integer: a simple(ish) case; allow octal and hex formats, and
2230 suffixes K, M and G. The different types affect output, not input. */
2239 lvalue = strtol(CS s, CSS &endptr, intbase);
2242 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
2245 if (errno != ERANGE)
2246 if (tolower(*endptr) == 'k')
2248 if (lvalue > INT_MAX/1024 || lvalue < INT_MIN/1024) errno = ERANGE;
2249 else lvalue *= 1024;
2252 else if (tolower(*endptr) == 'm')
2254 if (lvalue > INT_MAX/(1024*1024) || lvalue < INT_MIN/(1024*1024))
2256 else lvalue *= 1024*1024;
2259 else if (tolower(*endptr) == 'g')
2261 if (lvalue > INT_MAX/(1024*1024*1024) || lvalue < INT_MIN/(1024*1024*1024))
2263 else lvalue *= 1024*1024*1024;
2267 if (errno == ERANGE || lvalue > INT_MAX || lvalue < INT_MIN)
2268 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2269 "absolute value of integer \"%s\" is too large (overflow)", s);
2271 while (isspace(*endptr)) endptr++;
2273 extra_chars_error(endptr, inttype, US"integer value for ", name);
2275 value = (int)lvalue;
2278 if (data_block == NULL)
2279 *((int *)(ol->value)) = value;
2281 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2284 /* Integer held in K: again, allow octal and hex formats, and suffixes K, M
2286 /*XXX consider moving to int_eximarith_t (but mind the overflow test 0415) */
2292 value = strtol(CS s, CSS &endptr, intbase);
2295 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
2298 if (errno != ERANGE)
2299 if (tolower(*endptr) == 'g')
2301 if (value > INT_MAX/(1024*1024) || value < INT_MIN/(1024*1024))
2307 else if (tolower(*endptr) == 'm')
2309 if (value > INT_MAX/1024 || value < INT_MIN/1024)
2315 else if (tolower(*endptr) == 'k')
2318 value = (value + 512)/1024;
2320 if (errno == ERANGE) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2321 "absolute value of integer \"%s\" is too large (overflow)", s);
2323 while (isspace(*endptr)) endptr++;
2325 extra_chars_error(endptr, inttype, US"integer value for ", name);
2328 if (data_block == NULL)
2329 *((int *)(ol->value)) = value;
2331 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2334 /* Fixed-point number: held to 3 decimal places. */
2337 if (sscanf(CS s, "%d%n", &value, &count) != 1)
2338 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2339 "fixed-point number expected for %s", name);
2341 if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2342 "integer \"%s\" is too large (overflow)", s);
2346 if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2347 "integer \"%s\" is too large (overflow)", s);
2349 /* We get a coverity error here for using count, as it derived
2350 from the tainted buffer pointed to by s, as parsed by sscanf().
2351 By the definition of sscanf we must be aceessing between start
2352 and end of s (assuming it is nul-terminated...) so ignore the error. */
2353 /* coverity[tainted_data] */
2354 if (s[count] == '.')
2357 while (isdigit(s[++count]))
2359 value += (s[count] - '0') * d;
2364 while (isspace(s[count])) count++;
2367 extra_chars_error(s+count, US"fixed-point value for ", name, US"");
2369 if (data_block == NULL)
2370 *((int *)(ol->value)) = value;
2372 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2375 /* There's a special routine to read time values. */
2378 value = readconf_readtime(s, 0, FALSE);
2380 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
2382 if (data_block == NULL)
2383 *((int *)(ol->value)) = value;
2385 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2388 /* A time list is a list of colon-separated times, with the first
2389 element holding the size of the list and the second the number of
2395 int *list = (data_block == NULL)?
2396 (int *)(ol->value) :
2397 (int *)((uschar *)data_block + (long int)(ol->value));
2399 if (*s != 0) for (count = 1; count <= list[0] - 2; count++)
2402 uschar *snext = Ustrchr(s, ':');
2406 while (ss > s && isspace(ss[-1])) ss--;
2409 value = readconf_readtime(s, terminator, FALSE);
2411 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
2413 if (count > 1 && value <= list[count])
2414 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2415 "time value out of order for %s", name);
2416 list[count+1] = value;
2417 if (snext == NULL) break;
2419 while (isspace(*s)) s++;
2422 if (count > list[0] - 2)
2423 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "too many time values for %s",
2425 if (count > 0 && list[2] == 0) count = 0;
2432 void (*fn)() = ol->value;
2443 /*************************************************
2444 * Print a time value *
2445 *************************************************/
2448 Argument: a time value in seconds
2449 Returns: pointer to a fixed buffer containing the time as a string,
2450 in readconf_readtime() format
2454 readconf_printtime(int t)
2457 uschar *p = time_buffer;
2474 if (w > 0) { sprintf(CS p, "%dw", w); while (*p) p++; }
2475 if (d > 0) { sprintf(CS p, "%dd", d); while (*p) p++; }
2476 if (h > 0) { sprintf(CS p, "%dh", h); while (*p) p++; }
2477 if (m > 0) { sprintf(CS p, "%dm", m); while (*p) p++; }
2478 if (s > 0 || p == time_buffer) sprintf(CS p, "%ds", s);
2485 /*************************************************
2486 * Print an individual option value *
2487 *************************************************/
2489 /* This is used by the -bP option, so prints to the standard output.
2490 The entire options list is passed in as an argument, because some options come
2491 in pairs - typically uid/gid settings, which can either be explicit numerical
2492 values, or strings to be expanded later. If the numerical value is unset,
2493 search for "*expand_<name>" to see if there is a string equivalent.
2496 ol option entry, or NULL for an unknown option
2498 options_block NULL for main configuration options; otherwise points to
2499 a driver block; if the option doesn't have opt_public
2500 set, then options_block->options_block is where the item
2502 oltop points to the option list in which ol exists
2503 last one more than the offset of the last entry in optop
2504 no_labels do not show "foo = " at the start.
2510 print_ol(optionlist *ol, uschar *name, void *options_block,
2511 optionlist *oltop, int last, BOOL no_labels)
2524 printf("%s is not a known option\n", name);
2528 /* Non-admin callers cannot see options that have been flagged secure by the
2531 if (!admin_user && (ol->type & opt_secure) != 0)
2534 printf("%s\n", hidden);
2536 printf("%s = %s\n", name, hidden);
2540 /* Else show the value of the option */
2543 if (options_block != NULL)
2545 if ((ol->type & opt_public) == 0)
2546 options_block = (void *)(((driver_instance *)options_block)->options_block);
2547 value = (void *)((uschar *)options_block + (long int)value);
2550 switch(ol->type & opt_mask)
2553 case opt_rewrite: /* Show the text value */
2554 s = *((uschar **)value);
2555 if (!no_labels) printf("%s = ", name);
2556 printf("%s\n", (s == NULL)? US"" : string_printing2(s, FALSE));
2560 if (!no_labels) printf("%s = ", name);
2561 printf("%d\n", *((int *)value));
2566 int x = *((int *)value);
2567 if (x != 0 && (x & 1023) == 0)
2571 if ((x & 1023) == 0)
2576 if (!no_labels) printf("%s = ", name);
2577 printf("%d%c\n", x, c);
2581 if (!no_labels) printf("%s = ", name);
2589 int x = *((int *)value);
2590 if (!no_labels) printf("%s = ", name);
2591 if (x == 0) printf("0\n");
2592 else if ((x & 1023) == 0) printf("%dM\n", x >> 10);
2593 else printf("%dK\n", x);
2598 if (!no_labels) printf("%s = ", name);
2599 printf("%#o\n", *((int *)value));
2602 /* Can be negative only when "unset", in which case integer */
2606 int x = *((int *)value);
2609 if (x < 0) printf("%s =\n", name); else
2611 if (!no_labels) printf("%s = ", name);
2612 printf("%d.", x/1000);
2625 /* If the numerical value is unset, try for the string value */
2627 case opt_expand_uid:
2628 if (! *get_set_flag(name, oltop, last, options_block))
2630 sprintf(CS name2, "*expand_%.50s", name);
2631 ol2 = find_option(name2, oltop, last);
2634 void *value2 = ol2->value;
2635 if (options_block != NULL)
2636 value2 = (void *)((uschar *)options_block + (long int)value2);
2637 s = *((uschar **)value2);
2638 if (!no_labels) printf("%s = ", name);
2639 printf("%s\n", (s == NULL)? US"" : string_printing(s));
2644 /* Else fall through */
2647 if (!no_labels) printf("%s = ", name);
2648 if (! *get_set_flag(name, oltop, last, options_block))
2652 pw = getpwuid(*((uid_t *)value));
2654 printf("%ld\n", (long int)(*((uid_t *)value)));
2655 else printf("%s\n", pw->pw_name);
2659 /* If the numerical value is unset, try for the string value */
2661 case opt_expand_gid:
2662 if (! *get_set_flag(name, oltop, last, options_block))
2664 sprintf(CS name2, "*expand_%.50s", name);
2665 ol2 = find_option(name2, oltop, last);
2666 if (ol2 != NULL && (ol2->type & opt_mask) == opt_stringptr)
2668 void *value2 = ol2->value;
2669 if (options_block != NULL)
2670 value2 = (void *)((uschar *)options_block + (long int)value2);
2671 s = *((uschar **)value2);
2672 if (!no_labels) printf("%s = ", name);
2673 printf("%s\n", (s == NULL)? US"" : string_printing(s));
2678 /* Else fall through */
2681 if (!no_labels) printf("%s = ", name);
2682 if (! *get_set_flag(name, oltop, last, options_block))
2686 gr = getgrgid(*((int *)value));
2688 printf("%ld\n", (long int)(*((int *)value)));
2689 else printf("%s\n", gr->gr_name);
2694 uidlist = *((uid_t **)value);
2695 if (!no_labels) printf("%s =", name);
2696 if (uidlist != NULL)
2700 if (no_labels) sep = '\0';
2701 for (i = 1; i <= (int)(uidlist[0]); i++)
2703 uschar *name = NULL;
2704 pw = getpwuid(uidlist[i]);
2705 if (pw != NULL) name = US pw->pw_name;
2706 if (sep != '\0') printf("%c", sep);
2707 if (name != NULL) printf("%s", name);
2708 else printf("%ld", (long int)(uidlist[i]));
2716 gidlist = *((gid_t **)value);
2717 if (!no_labels) printf("%s =", name);
2718 if (gidlist != NULL)
2722 if (no_labels) sep = '\0';
2723 for (i = 1; i <= (int)(gidlist[0]); i++)
2725 uschar *name = NULL;
2726 gr = getgrgid(gidlist[i]);
2727 if (gr != NULL) name = US gr->gr_name;
2728 if (sep != '\0') printf("%c", sep);
2729 if (name != NULL) printf("%s", name);
2730 else printf("%ld", (long int)(gidlist[i]));
2738 if (!no_labels) printf("%s = ", name);
2739 printf("%s\n", readconf_printtime(*((int *)value)));
2745 int *list = (int *)value;
2746 if (!no_labels) printf("%s = ", name);
2747 for (i = 0; i < list[1]; i++)
2748 printf("%s%s", (i == 0)? "" : ":", readconf_printtime(list[i+2]));
2754 printf("%s%s\n", ((*((int *)value)) & (1 << ((ol->type >> 16) & 31)))?
2758 case opt_expand_bool:
2759 sprintf(CS name2, "*expand_%.50s", name);
2760 ol2 = find_option(name2, oltop, last);
2761 if (ol2 != NULL && ol2->value != NULL)
2763 void *value2 = ol2->value;
2764 if (options_block != NULL)
2765 value2 = (void *)((uschar *)options_block + (long int)value2);
2766 s = *((uschar **)value2);
2769 if (!no_labels) printf("%s = ", name);
2770 printf("%s\n", string_printing(s));
2773 /* s == NULL => string not set; fall through */
2779 case opt_bool_verify:
2781 printf("%s%s\n", (*((BOOL *)value))? "" : "no_", name);
2788 /*************************************************
2789 * Print value from main configuration *
2790 *************************************************/
2792 /* This function, called as a result of encountering the -bP option,
2793 causes the value of any main configuration variable to be output if the
2794 second argument is NULL. There are some special values:
2796 all print all main configuration options
2797 config_file print the name of the configuration file
2798 (configure_file will still work, for backward
2800 routers print the routers' configurations
2801 transports print the transports' configuration
2802 authenticators print the authenticators' configuration
2803 macros print the macros' configuration
2804 router_list print a list of router names
2805 transport_list print a list of transport names
2806 authenticator_list print a list of authentication mechanism names
2807 macro_list print a list of macro names
2808 +name print a named list item
2809 local_scan print the local_scan options
2810 config print the configuration as it is parsed
2811 environment print the used execution environment
2813 If the second argument is not NULL, it must be one of "router", "transport",
2814 "authenticator" or "macro" in which case the first argument identifies the
2815 driver whose options are to be printed.
2818 name option name if type == NULL; else driver name
2819 type NULL or driver type name, as described above
2820 no_labels avoid the "foo = " at the start of an item
2826 readconf_print(uschar *name, uschar *type, BOOL no_labels)
2828 BOOL names_only = FALSE;
2830 optionlist *ol2 = NULL;
2831 driver_instance *d = NULL;
2842 static uschar *types[] = { US"address", US"domain", US"host",
2844 static tree_node **anchors[] = { &addresslist_anchor, &domainlist_anchor,
2845 &hostlist_anchor, &localpartlist_anchor };
2847 for (i = 0; i < 4; i++)
2849 t = tree_search(*(anchors[i]), name+1);
2854 printf("%s\n", ((namedlist_block *)(t->data.ptr))->string);
2856 printf("%slist %s = %s\n", types[i], name+1,
2857 ((namedlist_block *)(t->data.ptr))->string);
2862 printf("no address, domain, host, or local part list called \"%s\" "
2863 "exists\n", name+1);
2868 if ( Ustrcmp(name, "configure_file") == 0
2869 || Ustrcmp(name, "config_file") == 0)
2871 printf("%s\n", CS config_main_filename);
2875 if (Ustrcmp(name, "all") == 0)
2877 for (ol = optionlist_config;
2878 ol < optionlist_config + nelem(optionlist_config); ol++)
2880 if ((ol->type & opt_hidden) == 0)
2881 print_ol(ol, US ol->name, NULL,
2882 optionlist_config, nelem(optionlist_config),
2888 if (Ustrcmp(name, "local_scan") == 0)
2890 #ifndef LOCAL_SCAN_HAS_OPTIONS
2891 printf("local_scan() options are not supported\n");
2893 for (ol = local_scan_options;
2894 ol < local_scan_options + local_scan_options_count; ol++)
2896 print_ol(ol, US ol->name, NULL, local_scan_options,
2897 local_scan_options_count, no_labels);
2903 if (Ustrcmp(name, "config") == 0)
2905 print_config(admin_user, no_labels);
2909 if (Ustrcmp(name, "routers") == 0)
2914 else if (Ustrcmp(name, "transports") == 0)
2916 type = US"transport";
2920 else if (Ustrcmp(name, "authenticators") == 0)
2922 type = US"authenticator";
2926 else if (Ustrcmp(name, "macros") == 0)
2932 else if (Ustrcmp(name, "router_list") == 0)
2939 else if (Ustrcmp(name, "transport_list") == 0)
2941 type = US"transport";
2946 else if (Ustrcmp(name, "authenticator_list") == 0)
2948 type = US"authenticator";
2953 else if (Ustrcmp(name, "macro_list") == 0)
2960 else if (Ustrcmp(name, "environment") == 0)
2965 for (p = USS environ; *p; p++) ;
2966 qsort(environ, p - USS environ, sizeof(*p), string_compare_by_pointer);
2968 for (p = USS environ; *p; p++)
2971 if (no_labels && (q = Ustrchr(*p, '='))) *q = '\0';
2980 print_ol(find_option(name, optionlist_config, nelem(optionlist_config)),
2981 name, NULL, optionlist_config, nelem(optionlist_config), no_labels);
2986 /* Handle the options for a router or transport. Skip options that are flagged
2987 as hidden. Some of these are options with names starting with '*', used for
2988 internal alternative representations of other options (which the printing
2989 function will sort out). Others are synonyms kept for backward compatibility.
2992 if (Ustrcmp(type, "router") == 0)
2994 d = (driver_instance *)routers;
2995 ol2 = optionlist_routers;
2996 size = optionlist_routers_size;
2998 else if (Ustrcmp(type, "transport") == 0)
3000 d = (driver_instance *)transports;
3001 ol2 = optionlist_transports;
3002 size = optionlist_transports_size;
3004 else if (Ustrcmp(type, "authenticator") == 0)
3006 d = (driver_instance *)auths;
3007 ol2 = optionlist_auths;
3008 size = optionlist_auths_size;
3011 else if (Ustrcmp(type, "macro") == 0)
3013 /* People store passwords in macros and they were previously not available
3014 for printing. So we have an admin_users restriction. */
3017 fprintf(stderr, "exim: permission denied\n");
3020 if (!macros_builtin_created) macros_create_builtin();
3021 for (m = macros; m; m = m->next)
3022 if (!name || Ustrcmp(name, m->name) == 0)
3025 printf("%s\n", CS m->name);
3027 printf("%s=%s\n", CS m->name, CS m->replacement);
3032 printf("%s %s not found\n", type, name);
3038 for (; d != NULL; d = d->next) printf("%s\n", CS d->name);
3042 /* Either search for a given driver, or print all of them */
3044 for (; d != NULL; d = d->next)
3047 printf("\n%s %s:\n", d->name, type);
3048 else if (Ustrcmp(d->name, name) != 0) continue;
3050 for (ol = ol2; ol < ol2 + size; ol++)
3052 if ((ol->type & opt_hidden) == 0)
3053 print_ol(ol, US ol->name, d, ol2, size, no_labels);
3056 for (ol = d->info->options;
3057 ol < d->info->options + *(d->info->options_count); ol++)
3059 if ((ol->type & opt_hidden) == 0)
3060 print_ol(ol, US ol->name, d, d->info->options, *(d->info->options_count), no_labels);
3062 if (name != NULL) return;
3064 if (name != NULL) printf("%s %s not found\n", type, name);
3069 /*************************************************
3070 * Read a named list item *
3071 *************************************************/
3073 /* This function reads a name and a list (i.e. string). The name is used to
3074 save the list in a tree, sorted by its name. Each entry also has a number,
3075 which can be used for caching tests, but if the string contains any expansion
3076 items other than $key, the number is set negative to inhibit caching. This
3077 mechanism is used for domain, host, and address lists that are referenced by
3081 anchorp points to the tree anchor
3082 numberp points to the current number for this tree
3083 max the maximum number permitted
3084 s the text of the option line, starting immediately after the name
3086 tname the name of the list type, for messages
3092 read_named_list(tree_node **anchorp, int *numberp, int max, uschar *s,
3095 BOOL forcecache = FALSE;
3098 namedlist_block *nb = store_get(sizeof(namedlist_block));
3100 if (Ustrncmp(s, "_cache", 6) == 0)
3107 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "unrecognized configuration line");
3109 if (*numberp >= max)
3110 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "too many named %ss (max is %d)\n",
3113 while (isspace(*s)) s++;
3115 while (isalnum(*s) || *s == '_') s++;
3116 t = store_get(sizeof(tree_node) + s-ss);
3117 Ustrncpy(t->name, ss, s-ss);
3119 while (isspace(*s)) s++;
3121 if (!tree_insertnode(anchorp, t))
3122 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3123 "duplicate name \"%s\" for a named %s", t->name, tname);
3126 nb->number = *numberp;
3129 if (*s++ != '=') log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3130 "missing '=' after \"%s\"", t->name);
3131 while (isspace(*s)) s++;
3132 nb->string = read_string(s, t->name);
3133 nb->cache_data = NULL;
3135 /* Check the string for any expansions; if any are found, mark this list
3136 uncacheable unless the user has explicited forced caching. */
3138 if (!forcecache && Ustrchr(nb->string, '$') != NULL) nb->number = -1;
3144 /*************************************************
3145 * Unpick data for a rate limit *
3146 *************************************************/
3148 /* This function is called to unpick smtp_ratelimit_{mail,rcpt} into four
3152 s string, in the form t,b,f,l
3153 where t is the threshold (integer)
3154 b is the initial delay (time)
3155 f is the multiplicative factor (fixed point)
3156 k is the maximum time (time)
3157 threshold where to store threshold
3158 base where to store base in milliseconds
3159 factor where to store factor in milliseconds
3160 limit where to store limit
3162 Returns: nothing (panics on error)
3166 unpick_ratelimit(uschar *s, int *threshold, int *base, double *factor,
3169 uschar bstring[16], lstring[16];
3171 if (sscanf(CS s, "%d, %15[0123456789smhdw.], %lf, %15s", threshold, bstring,
3172 factor, lstring) == 4)
3174 *base = readconf_readtime(bstring, 0, TRUE);
3175 *limit = readconf_readtime(lstring, 0, TRUE);
3176 if (*base >= 0 && *limit >= 0) return;
3178 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "malformed ratelimit data: %s", s);
3184 /*************************************************
3185 * Drop privs for checking TLS config *
3186 *************************************************/
3188 /* We want to validate TLS options during readconf, but do not want to be
3189 root when we call into the TLS library, in case of library linkage errors
3190 which cause segfaults; before this check, those were always done as the Exim
3191 runtime user and it makes sense to continue with that.
3193 Assumes: tls_require_ciphers has been set, if it will be
3194 exim_user has been set, if it will be
3195 exim_group has been set, if it will be
3197 Returns: bool for "okay"; false will cause caller to immediately exit.
3202 tls_dropprivs_validate_require_cipher(BOOL nowarn)
3204 const uschar *errmsg;
3207 void (*oldsignal)(int);
3209 /* If TLS will never be used, no point checking ciphers */
3211 if ( !tls_advertise_hosts
3212 || !*tls_advertise_hosts
3213 || Ustrcmp(tls_advertise_hosts, ":") == 0
3216 else if (!nowarn && !tls_certificate)
3217 log_write(0, LOG_MAIN,
3218 "Warning: No server certificate defined; will use a selfsigned one.\n"
3219 " Suggested action: either install a certificate or change tls_advertise_hosts option");
3221 oldsignal = signal(SIGCHLD, SIG_DFL);
3224 if ((pid = fork()) < 0)
3225 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "fork failed for TLS check");
3229 /* in some modes, will have dropped privilege already */
3231 exim_setugid(exim_uid, exim_gid, FALSE,
3232 US"calling tls_validate_require_cipher");
3234 errmsg = tls_validate_require_cipher();
3237 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3238 "tls_require_ciphers invalid: %s", errmsg);
3245 rc = waitpid(pid, &status, 0);
3246 } while (rc < 0 && errno == EINTR);
3249 debug_printf("tls_validate_require_cipher child %d ended: status=0x%x\n",
3252 signal(SIGCHLD, oldsignal);
3256 #endif /* SUPPORT_TLS */
3261 /*************************************************
3262 * Read main configuration options *
3263 *************************************************/
3265 /* This function is the first to be called for configuration reading. It
3266 opens the configuration file and reads general configuration settings until
3267 it reaches the end of the configuration section. The file is then left open so
3268 that the remaining configuration data can subsequently be read if needed for
3271 The configuration file must be owned either by root or exim, and be writeable
3272 only by root or uid/gid exim. The values for Exim's uid and gid can be changed
3273 in the config file, so the test is done on the compiled in values. A slight
3274 anomaly, to be carefully documented.
3276 The name of the configuration file is taken from a list that is included in the
3277 binary of Exim. It can be altered from the command line, but if that is done,
3278 root privilege is immediately withdrawn unless the caller is root or exim.
3279 The first file on the list that exists is used.
3281 For use on multiple systems that share file systems, first look for a
3282 configuration file whose name has the current node name on the end. If that is
3283 not found, try the generic name. For really contorted configurations, that run
3284 multiple Exims with different uid settings, first try adding the effective uid
3285 before the node name. These complications are going to waste resources on most
3286 systems. Therefore they are available only when requested by compile-time
3290 readconf_main(BOOL nowarn)
3293 struct stat statbuf;
3294 uschar *s, *filename;
3295 const uschar *list = config_main_filelist;
3297 /* Loop through the possible file names */
3299 while((filename = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)))
3302 /* Cut out all the fancy processing unless specifically wanted */
3304 #if defined(CONFIGURE_FILE_USE_NODE) || defined(CONFIGURE_FILE_USE_EUID)
3305 uschar *suffix = filename + Ustrlen(filename);
3307 /* Try for the node-specific file if a node name exists */
3309 #ifdef CONFIGURE_FILE_USE_NODE
3311 if (uname(&uts) >= 0)
3313 #ifdef CONFIGURE_FILE_USE_EUID
3314 sprintf(CS suffix, ".%ld.%.256s", (long int)original_euid, uts.nodename);
3315 config_file = Ufopen(filename, "rb");
3316 if (config_file == NULL)
3317 #endif /* CONFIGURE_FILE_USE_EUID */
3319 sprintf(CS suffix, ".%.256s", uts.nodename);
3320 config_file = Ufopen(filename, "rb");
3323 #endif /* CONFIGURE_FILE_USE_NODE */
3325 /* Otherwise, try the generic name, possibly with the euid added */
3327 #ifdef CONFIGURE_FILE_USE_EUID
3328 if (config_file == NULL)
3330 sprintf(CS suffix, ".%ld", (long int)original_euid);
3331 config_file = Ufopen(filename, "rb");
3333 #endif /* CONFIGURE_FILE_USE_EUID */
3335 /* Finally, try the unadorned name */
3337 if (config_file == NULL)
3340 config_file = Ufopen(filename, "rb");
3342 #else /* if neither defined */
3344 /* This is the common case when the fancy processing is not included. */
3346 config_file = Ufopen(filename, "rb");
3349 /* If the file does not exist, continue to try any others. For any other
3350 error, break out (and die). */
3352 if (config_file != NULL || errno != ENOENT) break;
3355 /* Now, once we found and opened our configuration file, we change the directory
3356 to a safe place. Later we change to $spool_directory. */
3358 if (Uchdir("/") < 0)
3360 perror("exim: chdir `/': ");
3364 /* On success, save the name for verification; config_filename is used when
3365 logging configuration errors (it changes for .included files) whereas
3366 config_main_filename is the name shown by -bP. Failure to open a configuration
3367 file is a serious disaster. */
3369 if (config_file != NULL)
3372 config_filename = config_main_filename = string_copy(filename);
3374 p = Ustrrchr(filename, '/');
3375 config_main_directory = p ? string_copyn(filename, p - filename)
3376 : string_copy(US".");
3380 if (filename == NULL)
3381 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "non-existent configuration file(s): "
3382 "%s", config_main_filelist);
3384 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", string_open_failed(errno,
3385 "configuration file %s", filename));
3388 /* Check the status of the file we have opened, if we have retained root
3389 privileges and the file isn't /dev/null (which *should* be 0666). */
3391 if (trusted_config && Ustrcmp(filename, US"/dev/null"))
3393 if (fstat(fileno(config_file), &statbuf) != 0)
3394 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to stat configuration file %s",
3397 if ((statbuf.st_uid != root_uid /* owner not root */
3398 #ifdef CONFIGURE_OWNER
3399 && statbuf.st_uid != config_uid /* owner not the special one */
3402 (statbuf.st_gid != root_gid /* group not root & */
3403 #ifdef CONFIGURE_GROUP
3404 && statbuf.st_gid != config_gid /* group not the special one */
3406 && (statbuf.st_mode & 020) != 0) || /* group writeable */
3408 ((statbuf.st_mode & 2) != 0)) /* world writeable */
3410 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Exim configuration file %s has the "
3411 "wrong owner, group, or mode", big_buffer);
3414 /* Process the main configuration settings. They all begin with a lower case
3415 letter. If we see something starting with an upper case letter, it is taken as
3416 a macro definition. */
3418 while ((s = get_config_line()) != NULL)
3420 if (isupper(s[0])) read_macro_assignment(s);
3422 else if (Ustrncmp(s, "domainlist", 10) == 0)
3423 read_named_list(&domainlist_anchor, &domainlist_count,
3424 MAX_NAMED_LIST, s+10, US"domain list");
3426 else if (Ustrncmp(s, "hostlist", 8) == 0)
3427 read_named_list(&hostlist_anchor, &hostlist_count,
3428 MAX_NAMED_LIST, s+8, US"host list");
3430 else if (Ustrncmp(s, US"addresslist", 11) == 0)
3431 read_named_list(&addresslist_anchor, &addresslist_count,
3432 MAX_NAMED_LIST, s+11, US"address list");
3434 else if (Ustrncmp(s, US"localpartlist", 13) == 0)
3435 read_named_list(&localpartlist_anchor, &localpartlist_count,
3436 MAX_NAMED_LIST, s+13, US"local part list");
3439 (void) readconf_handle_option(s, optionlist_config, optionlist_config_size,
3440 NULL, US"main option \"%s\" unknown");
3444 /* If local_sender_retain is set, local_from_check must be unset. */
3446 if (local_sender_retain && local_from_check)
3447 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "both local_from_check and "
3448 "local_sender_retain are set; this combination is not allowed");
3450 /* If the timezone string is empty, set it to NULL, implying no TZ variable
3453 if (timezone_string != NULL && *timezone_string == 0) timezone_string = NULL;
3455 /* The max retry interval must not be greater than 24 hours. */
3457 if (retry_interval_max > 24*60*60) retry_interval_max = 24*60*60;
3459 /* remote_max_parallel must be > 0 */
3461 if (remote_max_parallel <= 0) remote_max_parallel = 1;
3463 /* Save the configured setting of freeze_tell, so we can re-instate it at the
3464 start of a new SMTP message. */
3466 freeze_tell_config = freeze_tell;
3468 /* The primary host name may be required for expansion of spool_directory
3469 and log_file_path, so make sure it is set asap. It is obtained from uname(),
3470 but if that yields an unqualified value, make a FQDN by using gethostbyname to
3471 canonize it. Some people like upper case letters in their host names, so we
3472 don't force the case. */
3474 if (primary_hostname == NULL)
3476 const uschar *hostname;
3478 if (uname(&uts) < 0)
3479 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "uname() failed to yield host name");
3480 hostname = US uts.nodename;
3482 if (Ustrchr(hostname, '.') == NULL)
3485 struct hostent *hostdata;
3488 if (!disable_ipv6 && (dns_ipv4_lookup == NULL ||
3489 match_isinlist(hostname, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
3490 MCL_DOMAIN, TRUE, NULL) != OK))
3499 #if HAVE_GETIPNODEBYNAME
3501 hostdata = getipnodebyname(CS hostname, af, 0, &error_num);
3503 hostdata = gethostbyname2(CS hostname, af);
3506 hostdata = gethostbyname(CS hostname);
3509 if (hostdata != NULL)
3511 hostname = US hostdata->h_name;
3515 if (af == AF_INET) break;
3520 primary_hostname = string_copy(hostname);
3523 /* Set up default value for smtp_active_hostname */
3525 smtp_active_hostname = primary_hostname;
3527 /* If spool_directory wasn't set in the build-time configuration, it must have
3528 got set above. Of course, writing to the log may not work if log_file_path is
3529 not set, but it will at least get to syslog or somewhere, with any luck. */
3531 if (*spool_directory == 0)
3532 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "spool_directory undefined: cannot "
3535 /* Expand the spool directory name; it may, for example, contain the primary
3536 host name. Same comment about failure. */
3538 s = expand_string(spool_directory);
3540 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand spool_directory "
3541 "\"%s\": %s", spool_directory, expand_string_message);
3542 spool_directory = s;
3544 /* Expand log_file_path, which must contain "%s" in any component that isn't
3545 the null string or "syslog". It is also allowed to contain one instance of %D
3546 or %M. However, it must NOT contain % followed by anything else. */
3548 if (*log_file_path != 0)
3550 const uschar *ss, *sss;
3551 int sep = ':'; /* Fixed for log file path */
3552 s = expand_string(log_file_path);
3554 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand log_file_path "
3555 "\"%s\": %s", log_file_path, expand_string_message);
3558 while ((sss = string_nextinlist(&ss,&sep,big_buffer,big_buffer_size)) != NULL)
3561 if (sss[0] == 0 || Ustrcmp(sss, "syslog") == 0) continue;
3562 t = Ustrstr(sss, "%s");
3564 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" does not "
3565 "contain \"%%s\"", sss);
3567 t = Ustrchr(sss, '%');
3570 if ((t[1] != 'D' && t[1] != 'M') || Ustrchr(t+2, '%') != NULL)
3571 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" contains "
3572 "unexpected \"%%\" character", s);
3579 /* Interpret syslog_facility into an integer argument for 'ident' param to
3580 openlog(). Default is LOG_MAIL set in globals.c. Allow the user to omit the
3583 if (syslog_facility_str != NULL)
3586 uschar *s = syslog_facility_str;
3588 if ((Ustrlen(syslog_facility_str) >= 4) &&
3589 (strncmpic(syslog_facility_str, US"log_", 4) == 0))
3592 for (i = 0; i < syslog_list_size; i++)
3594 if (strcmpic(s, syslog_list[i].name) == 0)
3596 syslog_facility = syslog_list[i].value;
3601 if (i >= syslog_list_size)
3603 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3604 "failed to interpret syslog_facility \"%s\"", syslog_facility_str);
3608 /* Expand pid_file_path */
3610 if (*pid_file_path != 0)
3612 s = expand_string(pid_file_path);
3614 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand pid_file_path "
3615 "\"%s\": %s", pid_file_path, expand_string_message);
3619 /* Set default value of process_log_path */
3621 if (process_log_path == NULL || *process_log_path =='\0')
3622 process_log_path = string_sprintf("%s/exim-process.info", spool_directory);
3624 /* Compile the regex for matching a UUCP-style "From_" line in an incoming
3627 regex_From = regex_must_compile(uucp_from_pattern, FALSE, TRUE);
3629 /* Unpick the SMTP rate limiting options, if set */
3631 if (smtp_ratelimit_mail != NULL)
3633 unpick_ratelimit(smtp_ratelimit_mail, &smtp_rlm_threshold,
3634 &smtp_rlm_base, &smtp_rlm_factor, &smtp_rlm_limit);
3637 if (smtp_ratelimit_rcpt != NULL)
3639 unpick_ratelimit(smtp_ratelimit_rcpt, &smtp_rlr_threshold,
3640 &smtp_rlr_base, &smtp_rlr_factor, &smtp_rlr_limit);
3643 /* The qualify domains default to the primary host name */
3645 if (qualify_domain_sender == NULL)
3646 qualify_domain_sender = primary_hostname;
3647 if (qualify_domain_recipient == NULL)
3648 qualify_domain_recipient = qualify_domain_sender;
3650 /* Setting system_filter_user in the configuration sets the gid as well if a
3651 name is given, but a numerical value does not. */
3653 if (system_filter_uid_set && !system_filter_gid_set)
3655 struct passwd *pw = getpwuid(system_filter_uid);
3657 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Failed to look up uid %ld",
3658 (long int)system_filter_uid);
3659 system_filter_gid = pw->pw_gid;
3660 system_filter_gid_set = TRUE;
3663 /* If the errors_reply_to field is set, check that it is syntactically valid
3664 and ensure it contains a domain. */
3666 if (errors_reply_to != NULL)
3669 int start, end, domain;
3670 uschar *recipient = parse_extract_address(errors_reply_to, &errmess,
3671 &start, &end, &domain, FALSE);
3673 if (recipient == NULL)
3674 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3675 "error in errors_reply_to (%s): %s", errors_reply_to, errmess);
3678 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3679 "errors_reply_to (%s) does not contain a domain", errors_reply_to);
3682 /* If smtp_accept_queue or smtp_accept_max_per_host is set, then
3683 smtp_accept_max must also be set. */
3685 if (smtp_accept_max == 0 &&
3686 (smtp_accept_queue > 0 || smtp_accept_max_per_host != NULL))
3687 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3688 "smtp_accept_max must be set if smtp_accept_queue or "
3689 "smtp_accept_max_per_host is set");
3691 /* Set up the host number if anything is specified. It is an expanded string
3692 so that it can be computed from the host name, for example. We do this last
3693 so as to ensure that everything else is set up before the expansion. */
3695 if (host_number_string != NULL)
3699 uschar *s = expand_string(host_number_string);
3701 log_write(0, LOG_MAIN|LOG_PANIC_DIE,
3702 "failed to expand localhost_number \"%s\": %s",
3703 host_number_string, expand_string_message);
3704 n = Ustrtol(s, &end, 0);
3705 while (isspace(*end)) end++;
3707 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3708 "localhost_number value is not a number: %s", s);
3709 if (n > LOCALHOST_MAX)
3710 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3711 "localhost_number is greater than the maximum allowed value (%d)",
3717 /* If tls_verify_hosts is set, tls_verify_certificates must also be set */
3719 if ((tls_verify_hosts != NULL || tls_try_verify_hosts != NULL) &&
3720 tls_verify_certificates == NULL)
3721 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3722 "tls_%sverify_hosts is set, but tls_verify_certificates is not set",
3723 (tls_verify_hosts != NULL)? "" : "try_");
3725 /* This also checks that the library linkage is working and we can call
3726 routines in it, so call even if tls_require_ciphers is unset */
3727 if (!tls_dropprivs_validate_require_cipher(nowarn))
3730 /* Magic number: at time of writing, 1024 has been the long-standing value
3731 used by so many clients, and what Exim used to use always, that it makes
3732 sense to just min-clamp this max-clamp at that. */
3733 if (tls_dh_max_bits < 1024)
3734 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3735 "tls_dh_max_bits is too small, must be at least 1024 for interop");
3737 /* If openssl_options is set, validate it */
3738 if (openssl_options != NULL)
3741 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3742 "openssl_options is set but we're using GnuTLS");
3745 if (!(tls_openssl_options_parse(openssl_options, &dummy)))
3746 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3747 "openssl_options parse error: %s", openssl_options);
3750 #endif /*SUPPORT_TLS*/
3752 if (!nowarn && !keep_environment && environ && *environ)
3753 log_write(0, LOG_MAIN,
3754 "Warning: purging the environment.\n"
3755 " Suggested action: use keep_environment.");
3760 /*************************************************
3761 * Initialize one driver *
3762 *************************************************/
3764 /* This is called once the driver's generic options, if any, have been read.
3765 We can now find the driver, set up defaults for the private options, and
3766 unset any "set" bits in the private options table (which might have been
3767 set by another incarnation of the same driver).
3770 d pointer to driver instance block, with generic
3772 drivers_available vector of available drivers
3773 size_of_info size of each block in drivers_available
3774 class class of driver, for error message
3776 Returns: pointer to the driver info block
3779 static driver_info *
3780 init_driver(driver_instance *d, driver_info *drivers_available,
3781 int size_of_info, uschar *class)
3785 for (dd = drivers_available; dd->driver_name[0] != 0;
3786 dd = (driver_info *)(((uschar *)dd) + size_of_info))
3788 if (Ustrcmp(d->driver_name, dd->driver_name) == 0)
3791 int len = dd->options_len;
3793 d->options_block = store_get(len);
3794 memcpy(d->options_block, dd->options_block, len);
3795 for (i = 0; i < *(dd->options_count); i++)
3796 dd->options[i].type &= ~opt_set;
3801 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3802 "%s %s: cannot find %s driver \"%s\"", class, d->name, class, d->driver_name);
3804 return NULL; /* never obeyed */
3810 /*************************************************
3811 * Initialize driver list *
3812 *************************************************/
3814 /* This function is called for routers, transports, and authentication
3815 mechanisms. It reads the data from the current point in the configuration file
3816 up to the end of the section, and sets up a chain of instance blocks according
3817 to the file's contents. The file will already have been opened by a call to
3818 readconf_main, and must be left open for subsequent reading of further data.
3820 Any errors cause a panic crash. Note that the blocks with names driver_info and
3821 driver_instance must map the first portions of all the _info and _instance
3822 blocks for this shared code to work.
3825 class "router", "transport", or "authenticator"
3826 anchor &routers, &transports, &auths
3827 drivers_available available drivers
3828 size_of_info size of each info block
3829 instance_default points to default data for an instance
3830 instance_size size of instance block
3831 driver_optionlist generic option list
3832 driver_optionlist_count count of generic option list
3838 readconf_driver_init(
3840 driver_instance **anchor,
3841 driver_info *drivers_available,
3843 void *instance_default,
3845 optionlist *driver_optionlist,
3846 int driver_optionlist_count)
3848 driver_instance **p = anchor;
3849 driver_instance *d = NULL;
3852 while ((buffer = get_config_line()) != NULL)
3857 /* Read the first name on the line and test for the start of a new driver. A
3858 macro definition indicates the end of the previous driver. If this isn't the
3859 start of a new driver, the line will be re-read. */
3861 s = readconf_readname(name, sizeof(name), buffer);
3863 /* Handle macro definition, first finishing off the initialization of the
3864 previous driver, if any. */
3866 if (isupper(*name) && *s == '=')
3870 if (!d->driver_name)
3871 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3872 "no driver defined for %s \"%s\"", class, d->name);
3876 read_macro_assignment(buffer);
3880 /* If the line starts with a name terminated by a colon, we are at the
3881 start of the definition of a new driver. The rest of the line must be
3888 /* Finish off initializing the previous driver. */
3892 if (!d->driver_name)
3893 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3894 "no driver defined for %s \"%s\"", class, d->name);
3898 /* Check that we haven't already got a driver of this name */
3900 for (d = *anchor; d; d = d->next)
3901 if (Ustrcmp(name, d->name) == 0)
3902 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3903 "there are two %ss called \"%s\"", class, name);
3905 /* Set up a new driver instance data block on the chain, with
3906 its default values installed. */
3908 d = store_get(instance_size);
3909 memcpy(d, instance_default, instance_size);
3912 d->name = string_copy(name);
3914 /* Clear out the "set" bits in the generic options */
3916 for (i = 0; i < driver_optionlist_count; i++)
3917 driver_optionlist[i].type &= ~opt_set;
3919 /* Check nothing more on this line, then do the next loop iteration. */
3921 while (isspace(*s)) s++;
3922 if (*s != 0) extra_chars_error(s, US"driver name ", name, US"");
3926 /* Not the start of a new driver. Give an error if we have not set up a
3927 current driver yet. */
3930 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%s name missing", class);
3932 /* First look to see if this is a generic option; if it is "driver",
3933 initialize the driver. If is it not a generic option, we can look for a
3934 private option provided that the driver has been previously set up. */
3936 if (readconf_handle_option(buffer, driver_optionlist,
3937 driver_optionlist_count, d, NULL))
3939 if (!d->info && d->driver_name)
3940 init_driver(d, drivers_available, size_of_info, class);
3943 /* Handle private options - pass the generic block because some may
3944 live therein. A flag with each option indicates if it is in the public
3948 readconf_handle_option(buffer, d->info->options,
3949 *(d->info->options_count), d, US"option \"%s\" unknown");
3951 /* The option is not generic and the driver name has not yet been given. */
3953 else log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "option \"%s\" unknown "
3954 "(\"driver\" must be specified before any private options)", name);
3957 /* Run the initialization function for the final driver. */
3961 if (!d->driver_name)
3962 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3963 "no driver defined for %s \"%s\"", class, d->name);
3970 /*************************************************
3971 * Check driver dependency *
3972 *************************************************/
3974 /* This function is passed a driver instance and a string. It checks whether
3975 any of the string options for the driver contains the given string as an
3979 d points to a driver instance block
3980 s the string to search for
3982 Returns: TRUE if a dependency is found
3986 readconf_depends(driver_instance *d, uschar *s)
3988 int count = *(d->info->options_count);
3992 for (ol = d->info->options; ol < d->info->options + count; ol++)
3994 void *options_block;
3996 int type = ol->type & opt_mask;
3997 if (type != opt_stringptr) continue;
3998 options_block = ((ol->type & opt_public) == 0)? d->options_block : (void *)d;
3999 value = *(uschar **)((uschar *)options_block + (long int)(ol->value));
4000 if (value != NULL && (ss = Ustrstr(value, s)) != NULL)
4002 if (ss <= value || (ss[-1] != '$' && ss[-1] != '{') ||
4003 isalnum(ss[Ustrlen(s)])) continue;
4004 DEBUG(D_transport) debug_printf("driver %s: \"%s\" option depends on %s\n",
4005 d->name, ol->name, s);
4010 DEBUG(D_transport) debug_printf("driver %s does not depend on %s\n", d->name, s);
4017 /*************************************************
4018 * Decode an error type for retries *
4019 *************************************************/
4021 /* This function is global because it is also called from the main
4022 program when testing retry information. It decodes strings such as "quota_7d"
4023 into numerical error codes.
4026 pp points to start of text
4027 p points past end of text
4028 basic_errno points to an int to receive the main error number
4029 more_errno points to an int to receive the secondary error data
4031 Returns: NULL if decoded correctly; else points to error text
4035 readconf_retry_error(const uschar *pp, const uschar *p,
4036 int *basic_errno, int *more_errno)
4039 const uschar *q = pp;
4040 while (q < p && *q != '_') q++;
4043 if (len == 5 && strncmpic(pp, US"quota", len) == 0)
4045 *basic_errno = ERRNO_EXIMQUOTA;
4046 if (q != p && (*more_errno = readconf_readtime(q+1, *p, FALSE)) < 0)
4047 return US"bad time value";
4050 else if (len == 7 && strncmpic(pp, US"refused", len) == 0)
4052 *basic_errno = ECONNREFUSED;
4055 if (strncmpic(q+1, US"MX", p-q-1) == 0) *more_errno = 'M';
4056 else if (strncmpic(q+1, US"A", p-q-1) == 0) *more_errno = 'A';
4057 else return US"A or MX expected after \"refused\"";
4061 else if (len == 7 && strncmpic(pp, US"timeout", len) == 0)
4063 *basic_errno = ETIMEDOUT;
4067 int xlen = p - q - 1;
4068 const uschar *x = q + 1;
4070 static uschar *extras[] =
4071 { US"A", US"MX", US"connect", US"connect_A", US"connect_MX" };
4072 static int values[] =
4073 { 'A', 'M', RTEF_CTOUT, RTEF_CTOUT|'A', RTEF_CTOUT|'M' };
4075 for (i = 0; i < sizeof(extras)/sizeof(uschar *); i++)
4076 if (strncmpic(x, extras[i], xlen) == 0)
4078 *more_errno = values[i];
4082 if (i >= sizeof(extras)/sizeof(uschar *))
4083 if (strncmpic(x, US"DNS", xlen) == 0)
4084 log_write(0, LOG_MAIN|LOG_PANIC, "\"timeout_dns\" is no longer "
4085 "available in retry rules (it has never worked) - treated as "
4088 return US"\"A\", \"MX\", or \"connect\" expected after \"timeout\"";
4092 else if (strncmpic(pp, US"mail_4", 6) == 0 ||
4093 strncmpic(pp, US"rcpt_4", 6) == 0 ||
4094 strncmpic(pp, US"data_4", 6) == 0)
4097 int x = 255; /* means "any 4xx code" */
4098 if (p != pp + 8) bad = TRUE; else
4100 int a = pp[6], b = pp[7];
4104 if (isdigit(b)) x += b - '0';
4105 else if (b == 'x') x += 100;
4108 else if (a != 'x' || b != 'x') bad = TRUE;
4112 return string_sprintf("%.4s_4 must be followed by xx, dx, or dd, where "
4113 "x is literal and d is any digit", pp);
4115 *basic_errno = *pp == 'm' ? ERRNO_MAIL4XX :
4116 *pp == 'r' ? ERRNO_RCPT4XX : ERRNO_DATA4XX;
4117 *more_errno = x << 8;
4120 else if (len == 4 && strncmpic(pp, US"auth", len) == 0 &&
4121 strncmpic(q+1, US"failed", p-q-1) == 0)
4122 *basic_errno = ERRNO_AUTHFAIL;
4124 else if (strncmpic(pp, US"lost_connection", p - pp) == 0)
4125 *basic_errno = ERRNO_SMTPCLOSED;
4127 else if (strncmpic(pp, US"tls_required", p - pp) == 0)
4128 *basic_errno = ERRNO_TLSREQUIRED;
4130 else if (strncmpic(pp, US"lookup", p - pp) == 0)
4131 *basic_errno = ERRNO_UNKNOWNHOST;
4133 else if (len != 1 || Ustrncmp(pp, "*", 1) != 0)
4134 return string_sprintf("unknown or malformed retry error \"%.*s\"", (int) (p-pp), pp);
4142 /*************************************************
4143 * Read retry information *
4144 *************************************************/
4146 /* Each line of retry information contains:
4148 . A domain name pattern or an address pattern;
4150 . An error name, possibly with additional data, or *;
4152 . An optional sequence of retry items, each consisting of an identifying
4153 letter, a cutoff time, and optional parameters.
4155 All this is decoded and placed into a control block. */
4158 /* Subroutine to read an argument, preceded by a comma and terminated
4159 by comma, semicolon, whitespace, or newline. The types are: 0 = time value,
4160 1 = fixed point number (returned *1000).
4163 paddr pointer to pointer to current character; updated
4164 type 0 => read a time; 1 => read a fixed point number
4166 Returns: time in seconds or fixed point number * 1000
4170 retry_arg(const uschar **paddr, int type)
4172 const uschar *p = *paddr;
4175 if (*p++ != ',') log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "comma expected");
4177 while (isspace(*p)) p++;
4179 while (isalnum(*p) || (type == 1 && *p == '.')) p++;
4181 if (*p != 0 && !isspace(*p) && *p != ',' && *p != ';')
4182 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "comma or semicolon expected");
4187 case 0: return readconf_readtime(pp, *p, FALSE);
4188 case 1: return readconf_readfixed(pp, *p);
4190 return 0; /* Keep picky compilers happy */
4193 /* The function proper */
4196 readconf_retries(void)
4198 retry_config **chain = &retries;
4202 while ((p = get_config_line()))
4204 retry_rule **rchain;
4208 next = store_get(sizeof(retry_config));
4211 chain = &(next->next);
4212 next->basic_errno = next->more_errno = 0;
4213 next->senders = NULL;
4215 rchain = &(next->rules);
4217 next->pattern = string_dequote(&p);
4218 while (isspace(*p)) p++;
4220 while (mac_isgraph(*p)) p++;
4221 if (p - pp <= 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
4222 "missing error type in retry rule");
4224 /* Test error names for things we understand. */
4226 if ((error = readconf_retry_error(pp, p, &next->basic_errno,
4227 &next->more_errno)))
4228 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%s", error);
4230 /* There may be an optional address list of senders to be used as another
4231 constraint on the rule. This was added later, so the syntax is a bit of a
4232 fudge. Anything that is not a retry rule starting "F," or "G," is treated as
4235 while (isspace(*p)) p++;
4236 if (Ustrncmp(p, "senders", 7) == 0)
4239 while (isspace(*p)) p++;
4240 if (*p++ != '=') log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
4241 "\"=\" expected after \"senders\" in retry rule");
4242 while (isspace(*p)) p++;
4243 next->senders = string_dequote(&p);
4246 /* Now the retry rules. Keep the maximum timeout encountered. */
4248 while (isspace(*p)) p++;
4252 retry_rule *rule = store_get(sizeof(retry_rule));
4254 rchain = &(rule->next);
4256 rule->rule = toupper(*p++);
4257 rule->timeout = retry_arg(&p, 0);
4258 if (rule->timeout > retry_maximum_timeout)
4259 retry_maximum_timeout = rule->timeout;
4263 case 'F': /* Fixed interval */
4264 rule->p1 = retry_arg(&p, 0);
4267 case 'G': /* Geometrically increasing intervals */
4268 case 'H': /* Ditto, but with randomness */
4269 rule->p1 = retry_arg(&p, 0);
4270 rule->p2 = retry_arg(&p, 1);
4274 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "unknown retry rule letter");
4278 if (rule->timeout <= 0 || rule->p1 <= 0 ||
4279 (rule->rule != 'F' && rule->p2 < 1000))
4280 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
4281 "bad parameters for retry rule");
4283 while (isspace(*p)) p++;
4287 while (isspace(*p)) p++;
4290 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "semicolon expected");
4297 /*************************************************
4298 * Initialize authenticators *
4299 *************************************************/
4302 readconf_options_auths(void)
4304 struct auth_info * ai;
4306 readconf_options_from_list(optionlist_auths, optionlist_auths_size, US"AU");
4308 for (ai = auths_available; ai->driver_name[0]; ai++)
4310 macro_create(string_sprintf("_DRVR_AUTH_%T", ai->driver_name), US"y", FALSE, TRUE);
4311 readconf_options_from_list(ai->options, (unsigned)*ai->options_count, ai->driver_name);
4316 /* Read the authenticators section of the configuration file.
4325 auth_instance *au, *bu;
4327 readconf_driver_init(US"authenticator",
4328 (driver_instance **)(&auths), /* chain anchor */
4329 (driver_info *)auths_available, /* available drivers */
4330 sizeof(auth_info), /* size of info block */
4331 &auth_defaults, /* default values for generic options */
4332 sizeof(auth_instance), /* size of instance block */
4333 optionlist_auths, /* generic options */
4334 optionlist_auths_size);
4336 for (au = auths; au; au = au->next)
4338 if (!au->public_name)
4339 log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "no public name specified for "
4340 "the %s authenticator", au->name);
4342 for (bu = au->next; bu; bu = bu->next)
4343 if (strcmpic(au->public_name, bu->public_name) == 0)
4344 if ((au->client && bu->client) || (au->server && bu->server))
4345 log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "two %s authenticators "
4346 "(%s and %s) have the same public name (%s)",
4347 au->client ? US"client" : US"server", au->name, bu->name,
4355 /*************************************************
4356 * Read ACL information *
4357 *************************************************/
4359 /* If this run of Exim is not doing something that involves receiving a
4360 message, we can just skip over the ACL information. No need to parse it.
4362 First, we have a function for acl_read() to call back to get the next line. We
4363 need to remember the line we passed, because at the end it will contain the
4364 name of the next ACL. */
4366 static uschar *acl_line;
4371 acl_line = get_config_line();
4376 /* Now the main function:
4387 /* Read each ACL and add it into the tree. Macro (re)definitions are allowed
4390 acl_line = get_config_line();
4392 while(acl_line != NULL)
4398 p = readconf_readname(name, sizeof(name), acl_line);
4399 if (isupper(*name) && *p == '=')
4401 read_macro_assignment(acl_line);
4402 acl_line = get_config_line();
4406 if (*p != ':' || name[0] == 0)
4407 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "missing or malformed ACL name");
4409 node = store_get(sizeof(tree_node) + Ustrlen(name));
4410 Ustrcpy(node->name, name);
4411 if (!tree_insertnode(&acl_anchor, node))
4412 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
4413 "there are two ACLs called \"%s\"", name);
4415 node->data.ptr = acl_read(acl_callback, &error);
4417 if (node->data.ptr == NULL && error != NULL)
4418 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "error in ACL: %s", error);
4424 /*************************************************
4425 * Read configuration for local_scan() *
4426 *************************************************/
4428 /* This function is called after "begin local_scan" is encountered in the
4429 configuration file. If the local_scan() function allows for configuration
4430 options, we can process them. Otherwise, we expire in a panic.
4437 local_scan_init(void)
4439 #ifndef LOCAL_SCAN_HAS_OPTIONS
4440 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "local_scan() options not supported: "
4441 "(LOCAL_SCAN_HAS_OPTIONS not defined in Local/Makefile)");
4445 while ((p = get_config_line()) != NULL)
4447 (void) readconf_handle_option(p, local_scan_options, local_scan_options_count,
4448 NULL, US"local_scan option \"%s\" unknown");
4455 /*************************************************
4456 * Read rest of configuration (after main) *
4457 *************************************************/
4459 /* This function reads the rest of the runtime configuration, after the main
4460 configuration. It is called only when actually needed. Each subsequent section
4461 of the configuration starts with a line of the form
4465 where the name is "routers", "transports", etc. A section is terminated by
4466 hitting the next "begin" line, and the next name is left in next_section.
4467 Because it may confuse people as to whether the names are singular or plural,
4468 we add "s" if it's missing. There is always enough room in next_section for
4469 this. This function is basically just a switch.
4475 static uschar *section_list[] = {
4489 while(next_section[0] != 0)
4493 int last = sizeof(section_list) / sizeof(uschar *);
4495 int n = Ustrlen(next_section);
4497 if (tolower(next_section[n-1]) != 's') Ustrcpy(next_section+n, "s");
4501 int c = strcmpic(next_section, section_list[mid]);
4503 if (c > 0) first = mid + 1; else last = mid;
4505 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
4506 "\"%.*s\" is not a known configuration section name", n, next_section);
4507 mid = (last + first)/2;
4511 if (((had ^= bit) & bit) == 0)
4512 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
4513 "\"%.*s\" section is repeated in the configuration file", n,
4518 case 0: readconf_acl(); break;
4519 case 1: auths_init(); break;
4520 case 2: local_scan_init(); break;
4521 case 3: readconf_retries(); break;
4522 case 4: readconf_rewrites(); break;
4523 case 5: route_init(); break;
4524 case 6: transport_init(); break;
4528 (void)fclose(config_file);
4531 /* Init the storage for the pre-parsed config lines */
4533 readconf_save_config(const uschar *s)
4535 save_config_line(string_sprintf("# Exim Configuration (%s)",
4536 running_in_test_harness ? US"X" : s));
4540 save_config_position(const uschar *file, int line)
4542 save_config_line(string_sprintf("# %d \"%s\"", line, file));
4545 /* Append a pre-parsed logical line to the config lines store,
4546 this operates on a global (static) list that holds all the pre-parsed
4547 config lines, we do no further processing here, output formatting and
4548 honouring of <hide> or macros will be done during output */
4550 save_config_line(const uschar* line)
4552 static config_line_item *current;
4553 config_line_item *next;
4555 next = (config_line_item*) store_get(sizeof(config_line_item));
4556 next->line = string_copy(line);
4559 if (!config_lines) config_lines = next;
4560 else current->next = next;
4565 /* List the parsed config lines, care about nice formatting and
4566 hide the <hide> values unless we're the admin user */
4568 print_config(BOOL admin, BOOL terse)
4570 config_line_item *i;
4571 const int TS = terse ? 0 : 2;
4574 for (i = config_lines; i; i = i->next)
4579 /* skip over to the first non-space */
4580 for (current = i->line; *current && isspace(*current); ++current)
4583 if (*current == '\0')
4586 /* Collapse runs of spaces. We stop this if we encounter one of the
4587 * following characters: "'$, as this may indicate careful formatting */
4588 for (p = current; *p; ++p)
4591 if (!isspace(*p)) continue;
4592 if (*p != ' ') *p = ' ';
4594 for (next = p; isspace(*next); ++next)
4598 memmove(p+1, next, Ustrlen(next)+1);
4600 if (*next == '"' || *next == '\'' || *next == '$')
4605 if (current[0] == '#')
4608 /* begin lines are left aligned */
4609 else if (Ustrncmp(current, "begin", 5) == 0 && isspace(current[5]))
4611 if (!terse) puts("");
4616 /* router/acl/transport block names */
4617 else if (current[Ustrlen(current)-1] == ':' && !Ustrchr(current, '='))
4619 if (!terse) puts("");
4620 printf("%*s%s\n", TS, "", current);
4624 /* hidden lines (all MACROS or lines prefixed with "hide") */
4626 && ( isupper(*current)
4627 || Ustrncmp(current, "hide", 4) == 0 && isspace(current[4])
4631 if ((p = Ustrchr(current, '=')))
4634 printf("%*s%s= %s\n", indent, "", current, hidden);
4636 /* e.g.: hide split_spool_directory */
4638 printf("%*s\n", indent, hidden);
4642 /* rest is public */
4643 printf("%*s%s\n", indent, "", current);
4649 /* End of readconf.c */