-/* $Cambridge: exim/src/src/globals.c,v 1.88 2010/06/12 15:21:26 jetmore Exp $ */
-
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2009 */
+/* Copyright (c) University of Cambridge 1995 - 2014 */
/* See the file NOTICE for conditions of use and distribution. */
/* All the global variables are defined together in this one module, so
#include "exim.h"
-/* The OSF1 linker puts out a worrying warning if any sections contain no
-executable code. It says
-
-Warning: Linking some objects which contain exception information sections
- and some which do not. This may cause fatal runtime exception handling
- problems.
-
-As this may cause people to worry needlessly, include a dummy function here
-to stop the message from appearing. Make it reference itself to stop picky
-compilers complaining that it is unused, and put in a dummy argument to stop
-even pickier compilers complaining about infinite loops. */
-
-static void dummy(int x) { dummy(x-1); }
-
-
/* Generic options for auths, all of which live inside auth_instance
data blocks and hence have the opt_public flag set. */
optionlist optionlist_auths[] = {
{ "client_condition", opt_stringptr | opt_public,
(void *)(offsetof(auth_instance, client_condition)) },
+ { "client_set_id", opt_stringptr | opt_public,
+ (void *)(offsetof(auth_instance, set_client_id)) },
{ "driver", opt_stringptr | opt_public,
(void *)(offsetof(auth_instance, driver_name)) },
{ "public_name", opt_stringptr | opt_public,
#endif
#ifdef LOOKUP_LDAP
+uschar *eldap_ca_cert_dir = NULL;
+uschar *eldap_ca_cert_file = NULL;
+uschar *eldap_cert_file = NULL;
+uschar *eldap_cert_key = NULL;
+uschar *eldap_cipher_suite = NULL;
uschar *eldap_default_servers = NULL;
+uschar *eldap_require_cert = NULL;
int eldap_version = -1;
+BOOL eldap_start_tls = FALSE;
#endif
#ifdef LOOKUP_MYSQL
uschar *pgsql_servers = NULL;
#endif
+#ifdef EXPERIMENTAL_REDIS
+uschar *redis_servers = NULL;
+#endif
+
#ifdef LOOKUP_SQLITE
int sqlite_lock_timeout = 5;
#endif
cluttered in several places (e.g. during logging) if we can always refer to
them. Also, the tls_ variables are now always visible. */
-BOOL tls_active = -1;
-BOOL tls_certificate_verified = FALSE;
-uschar *tls_cipher = NULL;
-BOOL tls_on_connect = FALSE;
-uschar *tls_on_connect_ports = NULL;
-uschar *tls_peerdn = NULL;
+tls_support tls_in = {
+ -1, /* tls_active */
+ 0, /* tls_bits */
+ FALSE,/* tls_certificate_verified */
+#ifdef EXPERIMENTAL_DANE
+ FALSE,/* dane_verified */
+ 0, /* tlsa_usage */
+#endif
+ NULL, /* tls_cipher */
+ FALSE,/* tls_on_connect */
+ NULL, /* tls_on_connect_ports */
+ NULL, /* tls_ourcert */
+ NULL, /* tls_peercert */
+ NULL, /* tls_peerdn */
+ NULL, /* tls_sni */
+ 0 /* tls_ocsp */
+};
+tls_support tls_out = {
+ -1, /* tls_active */
+ 0, /* tls_bits */
+ FALSE,/* tls_certificate_verified */
+#ifdef EXPERIMENTAL_DANE
+ FALSE,/* dane_verified */
+ 0, /* tlsa_usage */
+#endif
+ NULL, /* tls_cipher */
+ FALSE,/* tls_on_connect */
+ NULL, /* tls_on_connect_ports */
+ NULL, /* tls_ourcert */
+ NULL, /* tls_peercert */
+ NULL, /* tls_peerdn */
+ NULL, /* tls_sni */
+ 0 /* tls_ocsp */
+};
+
+uschar *dsn_envid = NULL;
+int dsn_ret = 0;
+const pcre *regex_DSN = NULL;
+BOOL smtp_use_dsn = FALSE;
+uschar *dsn_advertise_hosts = NULL;
#ifdef SUPPORT_TLS
BOOL gnutls_compat_mode = FALSE;
+BOOL gnutls_allow_auto_pkcs11 = FALSE;
uschar *gnutls_require_mac = NULL;
uschar *gnutls_require_kx = NULL;
uschar *gnutls_require_proto = NULL;
uschar *tls_advertise_hosts = NULL; /* This is deliberate */
uschar *tls_certificate = NULL;
uschar *tls_crl = NULL;
+/* This default matches NSS DH_MAX_P_BITS value at current time (2012), because
+that's the interop problem which has been observed: GnuTLS suggesting a higher
+bit-count as "NORMAL" (2432) and Thunderbird dropping connection. */
+int tls_dh_max_bits = 2236;
uschar *tls_dhparam = NULL;
+#ifndef DISABLE_OCSP
+uschar *tls_ocsp_file = NULL;
+#endif
BOOL tls_offered = FALSE;
uschar *tls_privatekey = NULL;
BOOL tls_remember_esmtp = FALSE;
uschar *tls_require_ciphers = NULL;
uschar *tls_try_verify_hosts = NULL;
-uschar *tls_verify_certificates= NULL;
+uschar *tls_verify_certificates= US"system";
uschar *tls_verify_hosts = NULL;
#endif
+#ifndef DISABLE_PRDR
+/* Per Recipient Data Response variables */
+BOOL prdr_enable = FALSE;
+BOOL prdr_requested = FALSE;
+const pcre *regex_PRDR = NULL;
+#endif
/* Input-reading functions for messages, so we can use special ones for
incoming TCP/IP. The defaults use stdin. We never need these for any
when verifying one address while routing/verifying another. We have to have
the size explicit, because it is referenced from more than one module. */
-uschar **address_expansions[ADDRESS_EXPANSIONS_COUNT] = {
- &deliver_address_data,
- &deliver_domain,
- &deliver_domain_data,
- &deliver_domain_orig,
- &deliver_domain_parent,
- &deliver_localpart,
- &deliver_localpart_data,
- &deliver_localpart_orig,
- &deliver_localpart_parent,
- &deliver_localpart_prefix,
- &deliver_localpart_suffix,
- (uschar **)(&deliver_recipients),
- &deliver_host,
- &deliver_home,
- &address_file,
- &address_pipe,
- &self_hostname,
+const uschar **address_expansions[ADDRESS_EXPANSIONS_COUNT] = {
+ CUSS &deliver_address_data,
+ CUSS &deliver_domain,
+ CUSS &deliver_domain_data,
+ CUSS &deliver_domain_orig,
+ CUSS &deliver_domain_parent,
+ CUSS &deliver_localpart,
+ CUSS &deliver_localpart_data,
+ CUSS &deliver_localpart_orig,
+ CUSS &deliver_localpart_parent,
+ CUSS &deliver_localpart_prefix,
+ CUSS &deliver_localpart_suffix,
+ CUSS (uschar **)(&deliver_recipients),
+ CUSS &deliver_host,
+ CUSS &deliver_home,
+ CUSS &address_file,
+ CUSS &address_pipe,
+ CUSS &self_hostname,
NULL };
int address_expansions_count = sizeof(address_expansions)/sizeof(uschar **);
header_line *acl_added_headers = NULL;
tree_node *acl_anchor = NULL;
+uschar *acl_arg[9] = {NULL, NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL};
+int acl_narg = 0;
uschar *acl_not_smtp = NULL;
#ifdef WITH_CONTENT_SCAN
uschar *acl_not_smtp_mime = NULL;
#endif
uschar *acl_not_smtp_start = NULL;
-
+uschar *acl_removed_headers = NULL;
uschar *acl_smtp_auth = NULL;
uschar *acl_smtp_connect = NULL;
uschar *acl_smtp_data = NULL;
+#ifndef DISABLE_PRDR
+uschar *acl_smtp_data_prdr = US"accept";
+#endif
#ifndef DISABLE_DKIM
uschar *acl_smtp_dkim = NULL;
#endif
US"MIME",
US"DKIM",
US"DATA",
+#ifndef DISABLE_PRDR
+ US"PRDR",
+#endif
US"non-SMTP",
US"AUTH",
US"connection",
US"NOTQUIT",
US"QUIT",
US"STARTTLS",
- US"VRFY"
+ US"VRFY",
+ US"delivery",
+ US"unknown"
};
uschar *acl_wherecodes[] = { US"550", /* RCPT */
US"550", /* MIME */
US"550", /* DKIM */
US"550", /* DATA */
+#ifndef DISABLE_PRDR
+ US"550", /* RCPT PRDR */
+#endif
US"0", /* not SMTP; not relevant */
US"503", /* AUTH */
US"550", /* connect */
US"0", /* NOTQUIT; not relevant */
US"0", /* QUIT; not relevant */
US"550", /* STARTTLS */
- US"252" /* VRFY */
+ US"252", /* VRFY */
+ US"0", /* delivery; not relevant */
+ US"0" /* unknown; not relevant */
};
BOOL active_local_from_check = FALSE;
BOOL active_local_sender_retain = FALSE;
-BOOL accept_8bitmime = FALSE;
+int body_8bitmime = 0;
+BOOL accept_8bitmime = TRUE; /* deliberately not RFC compliant */
address_item *addr_duplicate = NULL;
address_item address_defaults = {
NULL, /* shadow_message */
#ifdef SUPPORT_TLS
NULL, /* cipher */
+ NULL, /* ourcert */
+ NULL, /* peercert */
NULL, /* peerdn */
+ OCSP_NOT_REQ, /* ocsp */
#endif
+ NULL, /* authenticator */
+ NULL, /* auth_id */
+ NULL, /* auth_sndr */
+ NULL, /* dsn_orcpt */
+ 0, /* dsn_flags */
+ 0, /* dsn_aware */
(uid_t)(-1), /* uid */
(gid_t)(-1), /* gid */
0, /* flags */
BOOL allow_unqualified_recipient = TRUE; /* For local messages */
BOOL allow_unqualified_sender = TRUE; /* Reset for SMTP */
BOOL allow_utf8_domains = FALSE;
+uschar *authenticated_fail_id = NULL;
uschar *authenticated_id = NULL;
uschar *authenticated_sender = NULL;
BOOL authentication_failed = FALSE;
NULL, /* client_condition */
NULL, /* public_name */
NULL, /* set_id */
+ NULL, /* set_client_id */
NULL, /* server_mail_auth_condition */
NULL, /* server_debug_string */
NULL, /* server_condition */
uschar *auth_vars[AUTH_VARS];
int auto_thaw = 0;
#ifdef WITH_CONTENT_SCAN
+BOOL av_failed = FALSE;
uschar *av_scanner = US"sophie:/var/run/sophie"; /* AV scanner */
#endif
BOOL check_rfc2047_length = TRUE;
int check_spool_inodes = 0;
int check_spool_space = 0;
+uschar *client_authenticator = NULL;
+uschar *client_authenticated_id = NULL;
+uschar *client_authenticated_sender = NULL;
int clmacro_count = 0;
uschar *clmacros[MAX_CLMACROS];
BOOL config_changed = FALSE;
uschar *config_main_filelist = US CONFIGURE_FILE
"\0<-----------Space to patch configure_filename->";
uschar *config_main_filename = NULL;
+uschar *config_main_directory = NULL;
#ifdef CONFIGURE_OWNER
uid_t config_uid = CONFIGURE_OWNER;
uschar *continue_transport = NULL;
uschar *csa_status = NULL;
+cut_t cutthrough = {
+ FALSE, /* delivery: when to attempt */
+ -1, /* fd: open connection */
+ 0, /* nrcpt: number of addresses */
+};
BOOL daemon_listen = FALSE;
uschar *daemon_smtp_port = US"smtp";
BOOL delivery_date_remove = TRUE;
uschar *deliver_address_data = NULL;
int deliver_datafile = -1;
-uschar *deliver_domain = NULL;
+const uschar *deliver_domain = NULL;
uschar *deliver_domain_data = NULL;
-uschar *deliver_domain_orig = NULL;
-uschar *deliver_domain_parent = NULL;
+const uschar *deliver_domain_orig = NULL;
+const uschar *deliver_domain_parent = NULL;
BOOL deliver_drop_privilege = FALSE;
BOOL deliver_firsttime = FALSE;
BOOL deliver_force = FALSE;
BOOL deliver_freeze = FALSE;
-int deliver_frozen_at = 0;
+time_t deliver_frozen_at = 0;
uschar *deliver_home = NULL;
-uschar *deliver_host = NULL;
-uschar *deliver_host_address = NULL;
+const uschar *deliver_host = NULL;
+const uschar *deliver_host_address = NULL;
+int deliver_host_port = 0;
uschar *deliver_in_buffer = NULL;
ino_t deliver_inode = 0;
uschar *deliver_localpart = NULL;
BOOL dkim_collect_input = FALSE;
BOOL dkim_disable_verify = FALSE;
#endif
+#ifdef EXPERIMENTAL_DMARC
+BOOL dmarc_has_been_checked = FALSE;
+uschar *dmarc_ar_header = NULL;
+uschar *dmarc_domain_policy = NULL;
+uschar *dmarc_forensic_sender = NULL;
+uschar *dmarc_history_file = NULL;
+uschar *dmarc_status = NULL;
+uschar *dmarc_status_text = NULL;
+uschar *dmarc_tld_file = NULL;
+uschar *dmarc_used_domain = NULL;
+BOOL dmarc_disable_verify = FALSE;
+BOOL dmarc_enable_forensic = FALSE;
+#endif
uschar *dns_again_means_nonexist = NULL;
int dns_csa_search_limit = 5;
BOOL dns_csa_use_reverse = TRUE;
+#ifdef EXPERIMENTAL_DANE
+int dns_dane_ok = -1;
+#endif
uschar *dns_ipv4_lookup = NULL;
int dns_retrans = 0;
int dns_retry = 0;
+int dns_dnssec_ok = -1; /* <0 = not coerced */
+int dns_use_edns0 = -1; /* <0 = not coerced */
uschar *dnslist_domain = NULL;
uschar *dnslist_matched = NULL;
uschar *dnslist_text = NULL;
int error_handling = ERRORS_SENDER;
uschar *errors_reply_to = NULL;
int errors_sender_rc = EXIT_FAILURE;
+#ifdef EXPERIMENTAL_EVENT
+uschar *event_action = NULL; /* expansion for delivery events */
+uschar *event_data = NULL; /* auxilary data variable for event */
+int event_defer_errno = 0;
+const uschar *event_name = NULL; /* event name variable */
+#endif
+
gid_t exim_gid = EXIM_GID;
BOOL exim_gid_set = TRUE; /* This gid is always set */
BOOL helo_verified = FALSE;
BOOL helo_verify_failed = FALSE;
uschar *helo_verify_hosts = NULL;
-uschar *hex_digits = US"0123456789abcdef";
+const uschar *hex_digits = CUS"0123456789abcdef";
uschar *hold_domains = NULL;
BOOL host_checking = FALSE;
BOOL host_checking_callout = FALSE;
int ignore_bounce_errors_after = 10*7*24*60*60; /* 10 weeks */
BOOL ignore_fromline_local = FALSE;
uschar *ignore_fromline_hosts = NULL;
+BOOL inetd_wait_mode = FALSE;
+int inetd_wait_timeout = -1;
uschar *interface_address = NULL;
int interface_port = -1;
BOOL is_inetd = FALSE;
/* Those log options with L_xxx identifiers have values less than 0x800000 and
are the ones that get put into log_write_selector. They can be used in calls to
log_write() to test for the bit. The options with LX_xxx identifiers have
-values greater than 0x80000000 and are put int log_extra_selector (without the
+values greater than 0x80000000 and are put into log_extra_selector (without the
top bit). They are never used in calls to log_write(), but are tested
independently. This separation became necessary when the number of log
selectors was getting close to filling a 32-bit word. */
/* Note that this list must be in alphabetical order. */
bit_table log_options[] = {
+ { US"8bitmime", LX_8bitmime },
{ US"acl_warn_skipped", LX_acl_warn_skipped },
{ US"address_rewrite", L_address_rewrite },
{ US"all", L_all },
{ US"lost_incoming_connection", L_lost_incoming_connection },
{ US"outgoing_port", LX_outgoing_port },
{ US"pid", LX_pid },
+#ifdef EXPERIMENTAL_PROXY
+ { US"proxy", LX_proxy },
+#endif
{ US"queue_run", L_queue_run },
{ US"queue_time", LX_queue_time },
{ US"queue_time_overall", LX_queue_time_overall },
{ US"smtp_confirmation", LX_smtp_confirmation },
{ US"smtp_connection", L_smtp_connection },
{ US"smtp_incomplete_transaction", L_smtp_incomplete_transaction },
+ { US"smtp_mailauth", LX_smtp_mailauth },
{ US"smtp_no_mail", LX_smtp_no_mail },
{ US"smtp_protocol_error", L_smtp_protocol_error },
{ US"smtp_syntax_error", L_smtp_syntax_error },
{ US"tls_certificate_verified", LX_tls_certificate_verified },
{ US"tls_cipher", LX_tls_cipher },
{ US"tls_peerdn", LX_tls_peerdn },
+ { US"tls_sni", LX_tls_sni },
{ US"unknown_in_list", LX_unknown_in_list }
};
BOOL log_timezone = FALSE;
unsigned int log_write_selector= L_default;
uschar *login_sender_address = NULL;
+uschar *lookup_dnssec_authenticated = NULL;
int lookup_open_max = 25;
uschar *lookup_value = NULL;
BOOL message_logs = TRUE;
int message_size = 0;
uschar *message_size_limit = US"50M";
+#ifdef EXPERIMENTAL_INTERNATIONAL
+BOOL message_smtputf8 = FALSE;
+#endif
uschar message_subdir[2] = { 0, 0 };
uschar *message_reference = NULL;
/* MIME ACL expandables */
#ifdef WITH_CONTENT_SCAN
int mime_anomaly_level = 0;
-uschar *mime_anomaly_text = NULL;
+const uschar *mime_anomaly_text = NULL;
uschar *mime_boundary = NULL;
uschar *mime_charset = NULL;
uschar *mime_content_description = NULL;
uschar *primary_hostname = NULL;
BOOL print_topbitchars = FALSE;
uschar process_info[PROCESS_INFO_SIZE];
+int process_info_len = 0;
uschar *process_log_path = NULL;
BOOL prod_requires_admin = TRUE;
+
+#ifdef EXPERIMENTAL_PROXY
+uschar *proxy_host_address = US"";
+int proxy_host_port = 0;
+uschar *proxy_required_hosts = US"";
+BOOL proxy_session = FALSE;
+BOOL proxy_session_failed = FALSE;
+uschar *proxy_target_address = US"";
+int proxy_target_port = 0;
+#endif
+
uschar *prvscheck_address = NULL;
uschar *prvscheck_keynum = NULL;
uschar *prvscheck_result = NULL;
-uschar *qualify_domain_recipient = NULL;
+const uschar *qualify_domain_recipient = NULL;
uschar *qualify_domain_sender = NULL;
BOOL queue_2stage = FALSE;
uschar *queue_domains = NULL;
const pcre *regex_SIZE = NULL;
const pcre *regex_smtp_code = NULL;
const pcre *regex_ismsgid = NULL;
+#ifdef WHITELIST_D_MACROS
+const pcre *regex_whitelisted_macro = NULL;
+#endif
#ifdef WITH_CONTENT_SCAN
uschar *regex_match_string = NULL;
#endif
uschar *return_path = NULL;
BOOL return_path_remove = TRUE;
int rewrite_existflags = 0;
-uschar *rfc1413_hosts = US"*";
-int rfc1413_query_timeout = 5;
+uschar *rfc1413_hosts = US"@[]";
+int rfc1413_query_timeout = 0;
/* BOOL rfc821_domains = FALSE; <<< on the way out */
uid_t root_gid = ROOT_GID;
uid_t root_uid = ROOT_UID;
TRUE, /* verify_sender */
FALSE, /* uid_set */
FALSE, /* unseen */
+ FALSE, /* dsn_lasthop */
self_freeze, /* self_code */
(uid_t)(-1), /* uid */
NULL /* redirect_router */
};
+uschar *router_name = NULL;
+
ip_address_item *running_interfaces = NULL;
BOOL running_in_test_harness = FALSE;
uschar *sender_host_address = NULL;
uschar *sender_host_authenticated = NULL;
unsigned int sender_host_cache[(MAX_NAMED_LIST * 2)/32];
+BOOL sender_host_dnssec = FALSE;
uschar *sender_host_name = NULL;
int sender_host_port = 0;
BOOL sender_host_notsocket = FALSE;
BOOL sender_verified_responded = FALSE;
uschar *sending_ip_address = NULL;
int sending_port = -1;
-volatile BOOL sigalrm_seen = FALSE;
+SIGNAL_BOOL sigalrm_seen = FALSE;
uschar **sighup_argv = NULL;
int smtp_accept_count = 0;
BOOL smtp_accept_keepalive = TRUE;
uschar *smtp_ratelimit_rcpt = NULL;
uschar *smtp_read_error = US"";
int smtp_receive_timeout = 5*60;
+uschar *smtp_receive_timeout_s = NULL;
uschar *smtp_reserve_hosts = NULL;
BOOL smtp_return_error_details = FALSE;
int smtp_rlm_base = 0;
int smtp_rlr_threshold = INT_MAX;
BOOL smtp_use_pipelining = FALSE;
BOOL smtp_use_size = FALSE;
+#ifdef EXPERIMENTAL_INTERNATIONAL
+uschar *smtputf8_advertise_hosts = US"*";
+#endif
#ifdef WITH_CONTENT_SCAN
uschar *spamd_address = US"127.0.0.1 783";
uschar *spam_bar = NULL;
uschar *spam_report = NULL;
+uschar *spam_action = NULL;
uschar *spam_score = NULL;
uschar *spam_score_int = NULL;
#endif
#endif
BOOL strict_acl_vars = FALSE;
int string_datestamp_offset= -1;
+int string_datestamp_length= 0;
+int string_datestamp_type = -1;
BOOL strip_excess_angle_brackets = FALSE;
BOOL strip_trailing_dot = FALSE;
uschar *submission_domain = NULL;
BOOL submission_mode = FALSE;
uschar *submission_name = NULL;
BOOL suppress_local_fixups = FALSE;
+BOOL suppress_local_fixups_default = FALSE;
BOOL synchronous_delivery = FALSE;
BOOL syslog_duplication = TRUE;
int syslog_facility = LOG_MAIL;
gid_t system_filter_gid = 0;
BOOL system_filter_gid_set = FALSE;
-uid_t system_filter_uid = 0;
+uid_t system_filter_uid = (uid_t)-1;
BOOL system_filter_uid_set = FALSE;
BOOL system_filtering = FALSE;
NULL, /* batch_id */
NULL, /* home_dir */
NULL, /* current_dir */
+ NULL, /* expand-multi-domain */
TRUE, /* multi-domain */
FALSE, /* overrides_hosts */
100, /* max_addresses */
FALSE, /* log_defer_output */
TRUE_UNSET /* retry_use_local_part: BOOL, but set neither
1 nor 0 so can detect unset */
+#ifdef EXPERIMENTAL_EVENT
+ ,NULL /* event_action */
+#endif
};
int transport_count;
-uschar **transport_filter_argv = NULL;
+uschar *transport_name = NULL;
+int transport_newlines;
+const uschar **transport_filter_argv = NULL;
int transport_filter_timeout;
BOOL transport_filter_timed_out = FALSE;
int transport_write_timeout= 0;
tree_node *tree_unusable = NULL;
BOOL trusted_caller = FALSE;
+BOOL trusted_config = TRUE;
gid_t *trusted_groups = NULL;
uid_t *trusted_users = NULL;
uschar *timezone_string = US TIMEZONE_DEFAULT;
uschar *uucp_from_sender = US"$1";
-uschar *warn_message_file = NULL;
-uschar *warnmsg_delay = NULL;
-uschar *warnmsg_recipients = NULL;
-BOOL write_rejectlog = TRUE;
-
-uschar *version_copyright = US"Copyright (c) University of Cambridge, 1995 - 2007";
+uschar *verify_mode = NULL;
+uschar *version_copyright =
+ US"Copyright (c) University of Cambridge, 1995 - 2014\n"
+ "(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2014";
uschar *version_date = US"?";
uschar *version_cnumber = US"????";
uschar *version_string = US"?";
+uschar *warn_message_file = NULL;
int warning_count = 0;
+uschar *warnmsg_delay = NULL;
+uschar *warnmsg_recipients = NULL;
+BOOL write_rejectlog = TRUE;
+
/* End of globals.c */