PIPE_CONNECT: promote from experimental

[exim.git] / src / src / globals.h

diff --git a/src/src/globals.h b/src/src/globals.h
index 12cc1af568627138f884fd0382898642bd006ca3..83d29ba9b12e22bd285a0f5029c865482c463375 100644 (file)
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -103,11 +103,17 @@ typedef struct {
     OCSP_FAILED,               /* verify failed */
     OCSP_VFIED                 /* verified */
     }     ocsp;                      /* Stapled OCSP status */
+#ifdef EXPERIMENTAL_TLS_RESUME
+  unsigned resumption;         /* Session resumption */
+  BOOL   host_resumable:1;
+  BOOL   ticket_received:1;
+#endif
+  BOOL   verify_override:1;    /* certificate_verified only due to tls_try_verify_hosts */
 } tls_support;
 extern tls_support tls_in;
 extern tls_support tls_out;
 
-#ifdef SUPPORT_TLS
+#ifndef DISABLE_TLS
 extern BOOL    gnutls_compat_mode;     /* Less security, more compatibility */
 extern BOOL    gnutls_allow_auto_pkcs11; /* Let GnuTLS autoload PKCS11 modules */
 extern uschar *openssl_options;        /* OpenSSL compatibility options */
@@ -122,13 +128,11 @@ extern uschar *tls_eccurve;            /* EC curve */
 extern uschar *tls_ocsp_file;          /* OCSP stapling proof file */
 # endif
 extern uschar *tls_privatekey;         /* Private key file */
-# ifdef EXPERIMENTAL_REQUIRETLS
-extern uschar  tls_requiretls;         /* REQUIRETLS active for this message */
-extern uschar *tls_advertise_requiretls; /* hosts for which REQUIRETLS adv */
-extern const pcre *regex_REQUIRETLS;   /* for recognising the command */
-# endif
 extern BOOL    tls_remember_esmtp;     /* For YAEB */
 extern uschar *tls_require_ciphers;    /* So some can be avoided */
+# ifdef EXPERIMENTAL_TLS_RESUME
+extern uschar *tls_resumption_hosts;   /* TLS session resumption */
+# endif
 extern uschar *tls_try_verify_hosts;   /* Optional client verification */
 extern uschar *tls_verify_certificates;/* Path for certificates to check */
 extern uschar *tls_verify_hosts;       /* Mandatory client verification */
@@ -253,7 +257,7 @@ extern struct global_flags {
  BOOL   sender_name_forced             :1; /* Set by -F */
  BOOL   sender_set_untrusted           :1; /* Sender set by untrusted caller */
  BOOL   smtp_authenticated             :1; /* Sending client has authenticated */
-#ifdef EXPERIMENTAL_PIPE_CONNECT
+#ifdef SUPPORT_PIPE_CONNECT
  BOOL   smtp_in_early_pipe_advertised  :1; /* server advertised PIPE_CONNECT */
  BOOL  smtp_in_early_pipe_no_auth      :1; /* too many authenticator names */
  BOOL   smtp_in_early_pipe_used                :1; /* client did send early data */
@@ -742,7 +746,7 @@ extern uschar *override_pid_file_path; /* Value of -oP argument */
 
 extern uschar *percent_hack_domains;   /* Local domains for which '% operates */
 extern uschar *pid_file_path;          /* For writing daemon pids */
-#ifdef EXPERIMENTAL_PIPE_CONNECT
+#ifdef SUPPORT_PIPE_CONNECT
 extern uschar *pipe_connect_advertise_hosts; /* for banner/EHLO pipelining */
 #endif
 extern uschar *pipelining_advertise_hosts; /* As it says */
@@ -824,7 +828,7 @@ extern const pcre  *regex_CHUNKING;    /* For recognizing CHUNKING (RFC 3030) */
 extern const pcre  *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA (LMTP) */
 extern const pcre  *regex_PIPELINING;  /* For recognizing PIPELINING */
 extern const pcre  *regex_SIZE;        /* For recognizing SIZE settings */
-#ifdef EXPERIMENTAL_PIPE_CONNECT
+#ifdef SUPPORT_PIPE_CONNECT
 extern const pcre  *regex_EARLY_PIPE;  /* For recognizing PIPE_CONNCT */
 #endif
 extern const pcre  *regex_ismsgid;     /* Compiled r.e. for message it */