TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present. Bug...

[exim.git] / src / src / structs.h

diff --git a/src/src/structs.h b/src/src/structs.h
index 7d700fb72ad0333849c18a4bc020ea5851a38f85..f88d126dcec750bbbae8c5a7e329cdec0b828da1 100644 (file)
--- a/src/src/structs.h
+++ b/src/src/structs.h
@@ -3,6 +3,7 @@
 *************************************************/
 
 /* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 
@@ -79,14 +80,17 @@ typedef enum {DS_UNK=-1, DS_NO, DS_YES} dnssec_status_t;
 
 typedef struct host_item {
   struct host_item *next;
-  const uschar *name;             /* Host name */
-  const uschar *address;          /* IP address in text form */
-  int     port;                   /* port value in host order (if SRV lookup) */
-  int     mx;                     /* MX value if found via MX records */
-  int     sort_key;               /* MX*1000 plus random "fraction" */
-  int     status;                 /* Usable, unusable, or unknown */
-  int     why;                    /* Why host is unusable */
-  int     last_try;               /* Time of last try if known */
+  const uschar *name;          /* Host name */
+#ifndef DISABLE_TLS
+  const uschar *certname;      /* Name used for certificate checks */
+#endif
+  const uschar *address;       /* IP address in text form */
+  int     port;                        /* port value in host order (if SRV lookup) */
+  int     mx;                  /* MX value if found via MX records */
+  int     sort_key;            /* MX*1000 plus random "fraction" */
+  int     status;              /* Usable, unusable, or unknown */
+  int     why;                 /* Why host is unusable */
+  int     last_try;            /* Time of last try if known */
   dnssec_status_t dnssec;
 } host_item;
 
@@ -514,7 +518,7 @@ typedef struct address_item_propagated {
   uschar *remove_headers;         /* list of those to remove */
   void   *variables;             /* router-vasriables */
 
-#ifdef EXPERIMENTAL_SRS
+#ifdef EXPERIMENTAL_SRS_ALT
   uschar *srs_sender;             /* Change return path when delivering */
 #endif
   BOOL    ignore_error:1;        /* ignore delivery error */
@@ -643,7 +647,7 @@ typedef struct address_item {
 #ifdef SUPPORT_I18N
     BOOL af_utf8_downcvt:1;            /* downconvert was done for delivery */
 #endif
-#ifdef EXPERIMENTAL_TLS_RESUME
+#ifndef DISABLE_TLS_RESUME
     BOOL af_tls_resume:1;              /* TLS used a resumed session */
 #endif
   } flags;
@@ -727,14 +731,16 @@ typedef struct tree_node {
 /* Structure for holding time-limited data such as DNS returns.
 We use this rather than extending tree_node to avoid wasting
 space for most tree use (variables...) at the cost of complexity
-for the lookups cache */
+for the lookups cache.
+We also store any options used for the lookup. */
 
 typedef struct expiring_data {
-  time_t expiry;                 /* if nonzero, data invalid after this time */
+  time_t       expiry;         /* if nonzero, data invalid after this time */
+  const uschar * opts;         /* options, or NULL */
   union
     {
-    void  *ptr;                   /* pointer to data */
-    int val;                      /* or integer data */
+    void  *    ptr;            /* pointer to data */
+    int                val;            /* or integer data */
     } data;
 } expiring_data;