TLS: fix tls_verify_certificates handling of "system"

[exim.git] / src / src / transports / smtp.h

diff --git a/src/src/transports/smtp.h b/src/src/transports/smtp.h
index 1ea2a4d007ab9ad2b2fe12067a04f60e636ec038..2ce8b11c5fbf72357b60f277ade336605c4d6ac9 100644 (file)
--- a/src/src/transports/smtp.h
+++ b/src/src/transports/smtp.h
@@ -48,6 +48,7 @@ typedef struct {
   uschar       *dscp;
   uschar       *serialize_hosts;
   uschar       *hosts_try_auth;
+  uschar       *hosts_require_alpn;
   uschar       *hosts_require_auth;
   uschar       *hosts_try_chunking;
 #ifdef SUPPORT_DANE
@@ -101,6 +102,7 @@ typedef struct {
   uschar       *socks_proxy;
 #endif
 #ifndef DISABLE_TLS
+  uschar       *tls_alpn;
   uschar       *tls_certificate;
   uschar       *tls_crl;
   uschar       *tls_privatekey;
@@ -171,15 +173,25 @@ typedef struct {
   BOOL pending_BDAT:1;
   BOOL RCPT_452:1;
   BOOL good_RCPT:1;
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+  BOOL single_rcpt_domain:1;
+#endif
   BOOL completed_addr:1;
   BOOL send_rset:1;
   BOOL send_quit:1;
   BOOL send_tlsclose:1;
 
+  unsigned     peer_offered;
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+  unsigned     peer_limit_mail;
+  unsigned     peer_limit_rcpt;
+  unsigned     peer_limit_rcptdom;
+#endif
+
+  unsigned     max_mail;
   int          max_rcpt;
   int          cmd_count;
 
-  unsigned     peer_offered;
   unsigned     avoid_option;
   uschar *     igquotstr;
   uschar *     helo_data;
@@ -188,6 +200,11 @@ typedef struct {
   uschar *     helo_response;
 #endif
 #ifndef DISABLE_PIPE_CONNECT
+  /* Info about the EHLO response stored to / retrieved from cache.  When
+  operating early-pipe, we use the cached values.  For each of plaintext and
+  crypted we store bitmaps for ESMTP features and AUTH methods.  If the LIMITS
+  extension is built and usable them at least one of the limits values cached
+  is nonzero, and we use the values to constrain the connection. */
   ehlo_resp_precis     ehlo_resp;
 #endif