* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/* Almost all the global variables are defined together in this one header, so
that they are easy to find. However, those that are visible during the
OCSP_VFIED /* verified */
} ocsp; /* Stapled OCSP status */
#ifndef DISABLE_TLS_RESUME
+ hctx resume_hctx; /* session lookup key accumulation */
+ const uschar * resume_index; /* session lookup key */
+
unsigned resumption; /* Session resumption */
BOOL host_resumable:1;
BOOL ticket_received:1;
#endif
BOOL verify_override:1; /* certificate_verified only due to tls_try_verify_hosts */
BOOL ext_master_secret:1; /* extended-master-secret was used */
+ BOOL channelbind_exporter:1; /* channelbinding is EXPORTER not UNIQUE */
} tls_support;
extern tls_support tls_in;
extern tls_support tls_out;
#ifndef DISABLE_TLS
extern BOOL gnutls_compat_mode; /* Less security, more compatibility */
extern BOOL gnutls_allow_auto_pkcs11; /* Let GnuTLS autoload PKCS11 modules */
+extern uschar *hosts_require_alpn; /* Mandatory ALPN successful nogitiation */
extern uschar *openssl_options; /* OpenSSL compatibility options */
-extern const pcre *regex_STARTTLS; /* For recognizing STARTTLS settings */
+extern const pcre2_code *regex_STARTTLS; /* For recognizing STARTTLS settings */
+extern uschar *tls_alpn; /* ALPN names acceptable */
extern uschar *tls_certificate; /* Certificate file */
extern uschar *tls_crl; /* CRL File */
extern int tls_dh_max_bits; /* don't accept higher lib suggestions */
extern uschar *tls_try_verify_hosts; /* Optional client verification */
extern uschar *tls_verify_certificates;/* Path for certificates to check */
extern uschar *tls_verify_hosts; /* Mandatory client verification */
+extern int tls_watch_fd; /* for inotify of creds files */
+extern time_t tls_watch_trigger_time; /* non-0: triggered */
#endif
extern uschar *tls_advertise_hosts; /* host for which TLS is advertised */
extern uschar *dsn_envid; /* DSN envid string */
extern int dsn_ret; /* DSN ret type*/
-extern const pcre *regex_DSN; /* For recognizing DSN settings */
+extern const pcre2_code *regex_DSN; /* For recognizing DSN settings */
extern uschar *dsn_advertise_hosts; /* host for which TLS is advertised */
/* Input-reading functions for messages, so we can use special ones for
extern int (*lwr_receive_getc)(unsigned);
extern uschar * (*lwr_receive_getbuf)(unsigned *);
+extern BOOL (*lwr_receive_hasc)(void);
extern int (*lwr_receive_ungetc)(int);
+
extern int (*receive_getc)(unsigned);
extern uschar * (*receive_getbuf)(unsigned *);
-extern void (*receive_get_cache)(void);
+extern BOOL (*receive_hasc)(void);
+extern void (*receive_get_cache)(unsigned);
extern int (*receive_ungetc)(int);
extern int (*receive_feof)(void);
extern int (*receive_ferror)(void);
-extern BOOL (*receive_smtp_buffered)(void);
/* For clearing, saving, restoring address expansion variables. We have to have
BOOL authentication_local :1; /* TRUE if non-smtp (implicit authentication) */
BOOL background_daemon :1; /* Set FALSE to keep in foreground */
+ BOOL bdat_readers_wanted :1; /* BDAT-handling to be pushed on readfunc stack */
BOOL chunking_offered :1;
BOOL config_changed :1; /* True if -C used */
BOOL continue_more :1; /* Flag more addresses waiting */
BOOL daemon_listen :1; /* True if listening required */
+ BOOL daemon_scion :1; /* Ancestor proc is daemon, and not re-exec'd */
BOOL debug_daemon :1; /* Debug the daemon process only */
BOOL deliver_firsttime :1; /* True for first delivery attempt */
BOOL deliver_force :1; /* TRUE if delivery was forced */
BOOL sender_set_untrusted :1; /* Sender set by untrusted caller */
BOOL smtp_authenticated :1; /* Sending client has authenticated */
#ifndef DISABLE_PIPE_CONNECT
- BOOL smtp_in_early_pipe_advertised :1; /* server advertised PIPE_CONNECT */
+ BOOL smtp_in_early_pipe_advertised :1; /* server advertised PIPECONNECT */
BOOL smtp_in_early_pipe_no_auth :1; /* too many authenticator names */
BOOL smtp_in_early_pipe_used :1; /* client did send early data */
#endif
BOOL smtp_in_pipelining_advertised :1; /* server advertised PIPELINING */
BOOL smtp_in_pipelining_used :1; /* server noted client using PIPELINING */
+ BOOL smtp_in_quit :1; /* server noted QUIT command */
BOOL spool_file_wireformat :1; /* current -D file has CRLF rather than NL */
BOOL submission_mode :1; /* Can be forced from ACL */
BOOL suppress_local_fixups :1; /* Can be forced from ACL */
extern uschar *acl_smtp_data; /* ACL run after DATA received */
#ifndef DISABLE_PRDR
extern uschar *acl_smtp_data_prdr; /* ACL run after DATA received if in PRDR mode*/
-const extern pcre *regex_PRDR; /* For recognizing PRDR settings */
+const extern pcre2_code *regex_PRDR; /* For recognizing PRDR settings */
#endif
#ifndef DISABLE_DKIM
extern uschar *acl_smtp_dkim; /* ACL run for DKIM signatures / domains */
extern uschar *authenticated_id; /* ID that was authenticated */
extern uschar *authenticated_sender; /* From AUTH on MAIL */
extern BOOL authentication_failed; /* TRUE if AUTH was tried and failed */
+extern uschar *authenticator_name; /* for debug and error messages */
extern uschar *auth_advertise_hosts; /* Only advertise to these */
extern auth_info auths_available[]; /* Vector of available auth mechanisms */
extern auth_instance *auths; /* Chain of instantiated auths */
extern auth_instance auth_defaults; /* Default values */
extern uschar *auth_defer_msg; /* Error message for log */
extern uschar *auth_defer_user_msg; /* Error message for user */
-extern uschar *auth_vars[]; /* $authn variables */
+extern const uschar *auth_vars[]; /* $authn variables */
extern int auto_thaw; /* Auto-thaw interval */
#ifdef WITH_CONTENT_SCAN
extern int av_failed; /* TRUE if the AV process failed */
extern uschar *client_authenticator; /* Authenticator name used for smtp delivery */
extern uschar *client_authenticated_id; /* "login" name used for SMTP AUTH */
extern uschar *client_authenticated_sender; /* AUTH option to SMTP MAIL FROM (not yet used) */
+#ifndef DISABLE_CLIENT_CMD_LOG
+extern gstring *client_cmd_log; /* debug log of client cmds & responses */
+#endif
extern int clmacro_count; /* Number of command line macros */
extern uschar *clmacros[]; /* Copy of them, for re-exec */
extern BOOL commandline_checks_require_admin; /* belt and braces for insecure setups */
extern uschar *config_main_directory; /* Directory where the main config file was found */
extern uid_t config_uid; /* Additional owner */
extern uschar *continue_proxy_cipher; /* TLS cipher for proxied continued delivery */
+extern BOOL continue_proxy_dane; /* proxied conn is DANE */
+extern uschar *continue_proxy_sni; /* proxied conn SNI */
extern uschar *continue_hostname; /* Host for continued delivery */
extern uschar *continue_host_address; /* IP address for ditto */
extern int continue_sequence; /* Sequence num for continued delivery */
extern uschar *continue_transport; /* Transport for continued delivery */
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+extern unsigned continue_limit_mail; /* Peer advertised limit */
+extern unsigned continue_limit_rcpt;
+extern unsigned continue_limit_rcptdom;
+#endif
+
extern uschar *csa_status; /* Client SMTP Authorization result */
extern int debug_notall[]; /* Debug options excluded from +all */
extern bit_table debug_options[]; /* Table of debug options */
extern int debug_options_count; /* Size of table */
+extern unsigned debug_pretrigger_bsize;
+extern uschar *debug_pretrigger_buf; /* circular buffer for precapture */
extern BOOL debug_store; /* Do extra checks on store_reset */
+extern uschar debuglog_name[LOG_NAME_SIZE]; /* ACL-init debug */
+
extern int delay_warning[]; /* Times between warnings */
extern uschar *delay_warning_condition; /* Condition string for warnings */
extern BOOL delivery_date_remove; /* Remove delivery-date headers */
extern uschar *dkim_verify_hashes; /* Preference order for signatures */
extern uschar *dkim_verify_keytypes; /* Preference order for signatures */
extern uschar *dkim_verify_min_keysizes; /* list of minimum key sizes, keyed by algo */
-extern BOOL dkim_verify_minimal; /* Shortcircuit signture verification */
+extern BOOL dkim_verify_minimal; /* Shortcircuit signature verification */
extern uschar *dkim_verify_overall; /* First successful domain verified, or null */
extern uschar *dkim_verify_signers; /* Colon-separated list of domains for each of which we call the DKIM ACL */
extern uschar *dkim_verify_status; /* result for this signature */
extern int dns_retrans; /* Retransmission time setting */
extern int dns_retry; /* Number of retries */
extern int dns_dnssec_ok; /* When constructing DNS query, set DO flag */
+extern const uschar * dns_rc_names[]; /* Mostly for debug output */
extern uschar *dns_trust_aa; /* DNSSEC trust AA as AD */
extern int dns_use_edns0; /* Coerce EDNS0 support on/off in resolver. */
extern uschar *dnslist_domain; /* DNS (black) list domain */
/* This option is now a no-opt, retained for compatibility */
extern BOOL drop_cr; /* For broken local MUAs */
+extern const uschar *driver_srcfile; /* For debug & errors */
+extern int driver_srcline; /* For debug & errors */
+
+extern unsigned int dtrigger_selector; /* when to start debug */
extern uschar *dsn_from; /* From: string for DSNs */
extern int expand_forbid; /* RDO flags for forbidding things */
extern int expand_nlength[]; /* Lengths of numbered strings */
extern int expand_nmax; /* Max numerical value */
-extern uschar *expand_nstring[]; /* Numbered strings */
+extern const uschar *expand_nstring[]; /* Numbered strings */
extern BOOL extract_addresses_remove_arguments; /* Controls -t behaviour */
extern uschar *extra_local_interfaces; /* Local, non-listen interfaces */
extern uschar *host_lookup_msg; /* Text for why it failed */
extern int host_number; /* For sharing spools */
extern uschar *host_number_string; /* For expanding */
+extern uschar *hosts_require_helo; /* check for HELO/EHLO before MAIL */
extern uschar *host_reject_connection; /* Reject these hosts */
extern tree_node *hostlist_anchor; /* Tree of defined host lists */
extern int hostlist_count; /* Number defined */
extern int keep_malformed; /* Time to keep malformed messages */
extern uschar *eldap_dn; /* Where LDAP DNs are left */
+extern const uschar *letter_digit_hyphen_dot; /* Legitimate DNS host name chars */
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+extern uschar *limits_advertise_hosts; /* for banner/EHLO pipelining */
+#endif
extern int load_average; /* Most recently read load average */
extern BOOL local_from_check; /* For adding Sender: (global value) */
extern uschar *local_from_prefix; /* Permitted prefixes */
extern uschar *message_id_external; /* External form of following */
extern uschar *message_id_domain; /* Expanded to form domain-part of message_id */
extern uschar *message_id_text; /* Expanded to form message_id */
-extern struct timeval message_id_tv; /* Time used to create last message_id */
extern int message_linecount; /* As it says */
extern BOOL message_logs; /* TRUE to write message logs */
extern int message_size; /* Size of message */
#ifdef SUPPORT_I18N
extern BOOL message_smtputf8; /* Internationalized mail handling */
extern int message_utf8_downconvert; /* convert from utf8 */
-const extern pcre *regex_UTF8; /* For recognizing SMTPUTF8 settings */
+const extern pcre2_code *regex_UTF8; /* For recognizing SMTPUTF8 settings */
#endif
extern uschar message_subdir[]; /* Subdirectory for messages */
extern uschar *message_reference; /* Reference for error messages */
extern uschar *override_local_interfaces; /* Value of -oX argument */
extern uschar *override_pid_file_path; /* Value of -oP argument */
+extern BOOL panic_coredump; /* SEGV rather than exit, on LOG_PANIC_DIE */
+extern pcre2_general_context * pcre_gen_ctx; /* pcre memory management */
+extern pcre2_compile_context * pcre_gen_cmp_ctx;
+extern pcre2_match_context * pcre_gen_mtc_ctx;
+extern pcre2_general_context * pcre_mlc_ctx;
+extern pcre2_compile_context * pcre_mlc_cmp_ctx;
+
extern uschar *percent_hack_domains; /* Local domains for which '% operates */
extern uschar *pid_file_path; /* For writing daemon pids */
#ifndef DISABLE_PIPE_CONNECT
extern int proxy_external_port; /* Port on remote interface of proxy */
extern uschar *proxy_local_address; /* IP of local interface of proxy */
extern int proxy_local_port; /* Port on local interface of proxy */
+extern int proxy_protocol_timeout; /* Timeout for proxy negotiation */
extern BOOL proxy_session; /* TRUE if receiving mail from valid proxy */
#endif
extern uschar *received_for; /* For "for" field */
extern uschar *received_header_text; /* Definition of Received: header */
extern int received_headers_max; /* Max count of Received: headers */
-extern struct timeval received_time; /* Time the message was received */
-extern struct timeval received_time_taken; /* Interval the message took to be received */
+extern struct timeval received_time; /* Time the message started to be received */
+extern struct timeval received_time_complete; /* Time the message completed reception */
extern uschar *recipient_data; /* lookup data for recipients */
extern uschar *recipient_unqualified_hosts; /* Permitted unqualified recipients */
extern uschar *recipient_verify_failure; /* What went wrong */
extern int recipients_list_max; /* Maximum number fitting in list */
extern int recipients_max; /* Max permitted */
extern BOOL recipients_max_reject; /* If TRUE, reject whole message */
-extern const pcre *regex_AUTH; /* For recognizing AUTH settings */
-extern const pcre *regex_check_dns_names; /* For DNS name checking */
-extern const pcre *regex_From; /* For recognizing "From_" lines */
-extern const pcre *regex_CHUNKING; /* For recognizing CHUNKING (RFC 3030) */
-extern const pcre *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA (LMTP) */
-extern const pcre *regex_PIPELINING; /* For recognizing PIPELINING */
-extern const pcre *regex_SIZE; /* For recognizing SIZE settings */
+extern const pcre2_code *regex_AUTH; /* For recognizing AUTH settings */
+extern const pcre2_code *regex_check_dns_names; /* For DNS name checking */
+extern const pcre2_code *regex_From; /* For recognizing "From_" lines */
+extern const pcre2_code *regex_CHUNKING; /* For recognizing CHUNKING (RFC 3030) */
+extern const pcre2_code *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA (LMTP) */
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+extern const pcre2_code *regex_LIMITS; /* For recognizing LIMITS */
+#endif
+extern const pcre2_code *regex_PIPELINING; /* For recognizing PIPELINING */
+extern const pcre2_code *regex_SIZE; /* For recognizing SIZE settings */
#ifndef DISABLE_PIPE_CONNECT
-extern const pcre *regex_EARLY_PIPE; /* For recognizing PIPE_CONNCT */
+extern const pcre2_code *regex_EARLY_PIPE; /* For recognizing PIPE_CONNCT */
#endif
-extern const pcre *regex_ismsgid; /* Compiled r.e. for message it */
-extern const pcre *regex_smtp_code; /* For recognizing SMTP codes */
-extern uschar *regex_vars[]; /* $regexN variables */
+extern int regex_cachesize; /* number of entries */
+extern const pcre2_code *regex_ismsgid; /* Compiled r.e. for message ID */
+extern const pcre2_code *regex_smtp_code; /* For recognizing SMTP codes */
#ifdef WHITELIST_D_MACROS
-extern const pcre *regex_whitelisted_macro; /* For -D macro values */
+extern const pcre2_code *regex_whitelisted_macro; /* For -D macro values */
#endif
#ifdef WITH_CONTENT_SCAN
extern uschar *regex_match_string; /* regex that matched a line (regex ACL condition) */
+extern const uschar *regex_vars[];
#endif
extern int remote_delivery_count; /* Number of remote addresses */
extern int remote_max_parallel; /* Maximum parallel delivery */
extern int smtp_accept_max; /* Max SMTP connections */
extern int smtp_accept_max_nonmail;/* Max non-mail commands in one con */
extern uschar *smtp_accept_max_nonmail_hosts; /* Limit non-mail cmds from these hosts */
-extern int smtp_accept_max_per_connection; /* Max msgs per connection */
+extern uschar *smtp_accept_max_per_connection; /* Max msgs per connection */
extern uschar *smtp_accept_max_per_host; /* Max SMTP cons from one IP addr */
extern int smtp_accept_queue; /* Queue after so many connections */
extern int smtp_accept_queue_per_connection; /* Queue after so many msgs */
extern int smtp_accept_reserve; /* Reserve these SMTP connections */
extern uschar *smtp_active_hostname; /* Hostname for this message */
+extern int smtp_backlog_monitor; /* listen backlog level to log */
extern uschar *smtp_banner; /* Banner string (to be expanded) */
extern BOOL smtp_check_spool_space; /* TRUE to check SMTP SIZE value */
extern int smtp_ch_index; /* Index in smtp_connection_had */
extern uschar *smtp_etrn_command; /* Command to run */
extern BOOL smtp_etrn_serialize; /* Only one at once */
extern FILE *smtp_in; /* Incoming SMTP input file */
+extern int smtp_listen_backlog; /* Current listener socket backlog, if monitored */
extern int smtp_load_reserve; /* Only from reserved if load > this */
extern int smtp_mailcmd_count; /* Count of MAIL commands */
+extern int smtp_mailcmd_max; /* Limit for MAIL commands */
extern int smtp_max_synprot_errors;/* Max syntax/protocol errors */
extern int smtp_max_unknown_commands; /* As it says */
extern uschar *smtp_names[]; /* decode for command codes */
extern FILE *spool_data_file; /* handle for -D file */
extern uschar *spool_directory; /* Name of spool directory */
extern BOOL spool_wireformat; /* can write wireformat -D files */
-#ifdef EXPERIMENTAL_SRS_ALT
-extern uschar *srs_config; /* SRS config secret:max age:hash length:use timestamp:use hash */
-extern uschar *srs_db_address; /* SRS db address */
-extern uschar *srs_db_key; /* SRS db key */
-extern int srs_hashlength; /* SRS hash length */
-extern int srs_hashmin; /* SRS minimum hash length */
-extern int srs_maxage; /* SRS max age */
-extern uschar *srs_orig_sender; /* SRS original sender */
-extern uschar *srs_orig_recipient; /* SRS original recipient */
-extern uschar *srs_recipient; /* SRS recipient */
-extern uschar *srs_secrets; /* SRS secrets list */
-extern uschar *srs_status; /* SRS staus */
-extern BOOL srs_usehash; /* SRS use hash flag */
-extern BOOL srs_usetimestamp; /* SRS use timestamp flag */
-#endif
#ifdef SUPPORT_SRS
extern uschar *srs_recipient; /* SRS recipient */
#endif
extern int string_datestamp_type; /* After insertion by string_format */
extern BOOL strip_excess_angle_brackets; /* Surrounding route-addrs */
extern BOOL strip_trailing_dot; /* Remove dots at ends of domains */
-extern uschar *submission_domain; /* Domain for submission mode */
-extern uschar *submission_name; /* User name set from ACL */
+extern const uschar *submission_domain;/* Domain for submission mode */
+extern const uschar *submission_name; /* User name set from ACL */
extern BOOL syslog_duplication; /* FALSE => no duplicate logging */
extern int syslog_facility; /* As defined by Syslog.h */
extern BOOL syslog_pid; /* TRUE if PID on syslogs */