Support REQUIRETLS

[exim.git] / src / src / globals.c

diff --git a/src/src/globals.c b/src/src/globals.c
index 16a5ab42e9c292b23e3d719b6bd3550ca04f0b7c..10045f482d43040b0f5885f97dff6f3f3c91ebe2 100644 (file)
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -98,10 +98,11 @@ BOOL    move_frozen_messages   = FALSE;
 
 /* These variables are outside the #ifdef because it keeps the code less
 cluttered in several places (e.g. during logging) if we can always refer to
-them. Also, the tls_ variables are now always visible. */
+them. Also, the tls_ variables are now always visible.  Note that these are
+only used for smtp connections, not for service-daemon access. */
 
 tls_support tls_in = {
- .active =             -1,
+ .active =             {.sock = -1},
  .bits =               0,
  .certificate_verified = FALSE,
 #ifdef SUPPORT_DANE
@@ -118,7 +119,7 @@ tls_support tls_in = {
  .ocsp =               OCSP_NOT_REQ
 };
 tls_support tls_out = {
- .active =             -1,
+ .active =             {.sock = -1},
  .bits =               0,
  .certificate_verified = FALSE,
 #ifdef SUPPORT_DANE
@@ -160,6 +161,11 @@ uschar *tls_ocsp_file          = NULL;
 uschar *tls_privatekey         = NULL;
 BOOL    tls_remember_esmtp     = FALSE;
 uschar *tls_require_ciphers    = NULL;
+# ifdef EXPERIMENTAL_REQUIRETLS
+uschar  tls_requiretls         = 0;    /* REQUIRETLS_MSG etc. bit #defines */
+uschar *tls_advertise_requiretls = US"*";
+const pcre *regex_REQUIRETLS   = NULL;
+# endif
 uschar *tls_try_verify_hosts   = NULL;
 uschar *tls_verify_certificates= US"system";
 uschar *tls_verify_hosts       = NULL;
@@ -434,6 +440,7 @@ uschar *authenticated_fail_id  = NULL;
 uschar *authenticated_id       = NULL;
 uschar *authenticated_sender   = NULL;
 BOOL    authentication_failed  = FALSE;
+BOOL    authentication_local   = FALSE;
 auth_instance  *auths          = NULL;
 uschar *auth_advertise_hosts   = US"*";
 auth_instance auth_defaults    = {
@@ -558,7 +565,7 @@ cut_t   cutthrough = {
   .delivery =          FALSE,                          /* when to attempt */
   .defer_pass =                FALSE,                          /* on defer: spool locally */
   .is_tls =            FALSE,                          /* not a TLS conn yet */
-  .fd =                        -1,                             /* open connection */
+  .cctx =              {.sock = -1},                   /* open connection */
   .nrcpt =             0,                              /* number of addresses */
 };
 
@@ -668,7 +675,7 @@ BOOL    disable_ipv6           = FALSE;
 BOOL    disable_logging        = FALSE;
 
 #ifndef DISABLE_DKIM
-BOOL    dkim_collect_input       = FALSE;
+unsigned dkim_collect_input      = 0;
 uschar *dkim_cur_signer          = NULL;
 BOOL    dkim_disable_verify      = FALSE;
 int     dkim_key_length          = 0;
@@ -683,7 +690,6 @@ uschar *dkim_verify_reason   = NULL;
 #endif
 #ifdef EXPERIMENTAL_DMARC
 BOOL    dmarc_has_been_checked  = FALSE;
-uschar *dmarc_ar_header         = NULL;
 uschar *dmarc_domain_policy     = NULL;
 uschar *dmarc_forensic_sender   = NULL;
 uschar *dmarc_history_file      = NULL;
@@ -698,6 +704,7 @@ BOOL    dmarc_enable_forensic   = FALSE;
 uschar *dns_again_means_nonexist = NULL;
 int     dns_csa_search_limit   = 5;
 BOOL    dns_csa_use_reverse    = TRUE;
+int    dns_cname_loops        = 1;
 #ifdef SUPPORT_DANE
 int     dns_dane_ok            = -1;
 #endif
@@ -1390,10 +1397,12 @@ uschar *spf_guess              = US"v=spf1 a/24 mx/24 ptr ?all";
 uschar *spf_header_comment     = NULL;
 uschar *spf_received           = NULL;
 uschar *spf_result             = NULL;
+BOOL    spf_result_guessed     = FALSE;
 uschar *spf_smtp_comment       = NULL;
 #endif
 
 BOOL    split_spool_directory  = FALSE;
+FILE   *spool_data_file               = NULL;
 uschar *spool_directory        = US SPOOL_DIRECTORY
                            "\0<--------------Space to patch spool_directory->";
 BOOL    spool_file_wireformat  = FALSE;
@@ -1568,7 +1577,7 @@ uschar *uucp_from_sender       = US"$1";
 uschar *verify_mode           = NULL;
 uschar *version_copyright      =
  US"Copyright (c) University of Cambridge, 1995 - 2018\n"
-   "(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2017";
+   "(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2018";
 uschar *version_date           = US"?";
 uschar *version_cnumber        = US"????";
 uschar *version_string         = US"?";