git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
PIPE_CONNECT: promote from experimental
[exim.git]
/
src
/
src
/
deliver.c
diff --git
a/src/src/deliver.c
b/src/src/deliver.c
index 1baf7d371fe0adfa06d70fdb1e9a2cb7c5a7915b..b26e5dbd407a778ac0e57595e04bb70b12e0aef3 100644
(file)
--- a/
src/src/deliver.c
+++ b/
src/src/deliver.c
@@
-347,7
+347,7
@@
for (int i = 2; i > 0; i--)
#ifndef O_CLOEXEC
(void)fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC);
#endif
#ifndef O_CLOEXEC
(void)fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC);
#endif
- if (
fchown(fd, exim_uid, exim_gid
) < 0)
+ if (
exim_fchown(fd, exim_uid, exim_gid, filename
) < 0)
{
*error = US"chown";
return -1;
{
*error = US"chown";
return -1;
@@
-367,7
+367,7
@@
for (int i = 2; i > 0; i--)
MSGLOG_DIRECTORY_MODE, TRUE);
}
MSGLOG_DIRECTORY_MODE, TRUE);
}
-*error = US"create";
+*error = US"create
or open
";
return -1;
}
return -1;
}
@@
-758,7
+758,7
@@
if (LOGGING(incoming_interface) && LOGGING(outgoing_interface)
{
g = string_fmt_append(g, " I=[%s]", sending_ip_address);
if (LOGGING(outgoing_port))
{
g = string_fmt_append(g, " I=[%s]", sending_ip_address);
if (LOGGING(outgoing_port))
- g = string_fmt_append(g, "%d", sending_port);
+ g = string_fmt_append(g, "
:
%d", sending_port);
}
return g;
}
}
return g;
}
@@
-801,14
+801,20
@@
return g;
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
static gstring *
static gstring *
-d_tlslog(gstring *
s
, address_item * addr)
+d_tlslog(gstring *
g
, address_item * addr)
{
if (LOGGING(tls_cipher) && addr->cipher)
{
if (LOGGING(tls_cipher) && addr->cipher)
- s = string_append(s, 2, US" X=", addr->cipher);
+ {
+ g = string_append(g, 2, US" X=", addr->cipher);
+#ifdef EXPERIMENTAL_TLS_RESUME
+ if (LOGGING(tls_resumption) && testflag(addr, af_tls_resume))
+ g = string_catn(g, US"*", 1);
+#endif
+ }
if (LOGGING(tls_certificate_verified) && addr->cipher)
if (LOGGING(tls_certificate_verified) && addr->cipher)
-
s = string_append(s
, 2, US" CV=",
+
g = string_append(g
, 2, US" CV=",
testflag(addr, af_cert_verified)
?
#ifdef SUPPORT_DANE
testflag(addr, af_cert_verified)
?
#ifdef SUPPORT_DANE
@@
-819,8
+825,8
@@
if (LOGGING(tls_certificate_verified) && addr->cipher)
"yes"
: "no");
if (LOGGING(tls_peerdn) && addr->peerdn)
"yes"
: "no");
if (LOGGING(tls_peerdn) && addr->peerdn)
-
s = string_append(s
, 3, US" DN=\"", string_printing(addr->peerdn), US"\"");
-return
s
;
+
g = string_append(g
, 3, US" DN=\"", string_printing(addr->peerdn), US"\"");
+return
g
;
}
#endif
}
#endif
@@
-856,6
+862,7
@@
if (action)
{
DEBUG(D_deliver)
debug_printf("Event(%s): event_action returned \"%s\"\n", event, s);
{
DEBUG(D_deliver)
debug_printf("Event(%s): event_action returned \"%s\"\n", event, s);
+ errno = ERRNO_EVENT;
return s;
}
}
return s;
}
}
@@
-1224,7
+1231,7
@@
else
#endif
}
#endif
}
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
g = d_tlslog(g, addr);
#endif
g = d_tlslog(g, addr);
#endif
@@
-1243,7
+1250,7
@@
else
{
if (testflag(addr, af_pipelining))
g = string_catn(g, US" L", 2);
{
if (testflag(addr, af_pipelining))
g = string_catn(g, US" L", 2);
-#ifdef
EXPERIMENTAL
_PIPE_CONNECT
+#ifdef
SUPPORT
_PIPE_CONNECT
if (testflag(addr, af_early_pipe))
g = string_catn(g, US"*", 1);
#endif
if (testflag(addr, af_early_pipe))
g = string_catn(g, US"*", 1);
#endif
@@
-1428,7
+1435,7
@@
if (addr->transport)
if (addr->host_used)
g = d_hostlog(g, addr);
if (addr->host_used)
g = d_hostlog(g, addr);
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
g = d_tlslog(g, addr);
#endif
g = d_tlslog(g, addr);
#endif
@@
-1628,7
+1635,7
@@
if (result == OK)
}
/* Certificates for logging (via events) */
}
/* Certificates for logging (via events) */
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
tls_out.ourcert = addr->ourcert;
addr->ourcert = NULL;
tls_out.peercert = addr->peercert;
tls_out.ourcert = addr->ourcert;
addr->ourcert = NULL;
tls_out.peercert = addr->peercert;
@@
-1644,7
+1651,7
@@
if (result == OK)
delivery_log(LOG_MAIN, addr, logchar, NULL);
delivery_log(LOG_MAIN, addr, logchar, NULL);
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
tls_free_cert(&tls_out.ourcert);
tls_free_cert(&tls_out.peercert);
tls_out.cipher = NULL;
tls_free_cert(&tls_out.ourcert);
tls_free_cert(&tls_out.peercert);
tls_out.cipher = NULL;
@@
-2899,7
+2906,7
@@
while (addr_local)
of these checks, rather than for all local deliveries, because some local
deliveries (e.g. to pipes) can take a substantial time. */
of these checks, rather than for all local deliveries, because some local
deliveries (e.g. to pipes) can take a substantial time. */
- if (!(dbm_file = dbfn_open(US"retry", O_RDONLY, &dbblock, FALSE)))
+ if (!(dbm_file = dbfn_open(US"retry", O_RDONLY, &dbblock, FALSE
, TRUE
)))
{
DEBUG(D_deliver|D_retry|D_hints_lookup)
debug_printf("no retry data available\n");
{
DEBUG(D_deliver|D_retry|D_hints_lookup)
debug_printf("no retry data available\n");
@@
-3103,12
+3110,7
@@
while (addr_local)
DEBUG(D_deliver|D_transport)
debug_printf("%s shadow transport returned %s for %s\n",
DEBUG(D_deliver|D_transport)
debug_printf("%s shadow transport returned %s for %s\n",
- stp->name,
- sresult == OK ? "OK" :
- sresult == DEFER ? "DEFER" :
- sresult == FAIL ? "FAIL" :
- sresult == PANIC ? "PANIC" : "?",
- shadow_addr->address);
+ stp->name, rc_to_string(sresult), shadow_addr->address);
}
DEBUG(D_deliver|D_transport)
}
DEBUG(D_deliver|D_transport)
@@
-3137,12
+3139,7
@@
while (addr_local)
DEBUG(D_deliver|D_transport)
debug_printf("%s transport returned %s for %s\n",
DEBUG(D_deliver|D_transport)
debug_printf("%s transport returned %s for %s\n",
- tp->name,
- result == OK ? "OK" :
- result == DEFER ? "DEFER" :
- result == FAIL ? "FAIL" :
- result == PANIC ? "PANIC" : "?",
- addr2->address);
+ tp->name, rc_to_string(result), addr2->address);
/* If there is a retry_record, or if delivery is deferred, build a retry
item for setting a new retry time or deleting the old retry record from
/* If there is a retry_record, or if delivery is deferred, build a retry
item for setting a new retry time or deleting the old retry record from
@@
-3508,7
+3505,7
@@
while (!done)
it in with the other info, in order to keep each message short enough to
guarantee it won't be split in the pipe. */
it in with the other info, in order to keep each message short enough to
guarantee it won't be split in the pipe. */
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
case 'X':
if (!addr) goto ADDR_MISMATCH; /* Below, in 'A' handler */
switch (*subid)
case 'X':
if (!addr) goto ADDR_MISMATCH; /* Below, in 'A' handler */
switch (*subid)
@@
-3546,7
+3543,7
@@
while (!done)
}
while (*ptr++);
break;
}
while (*ptr++);
break;
-#endif /*
SUPPORT
_TLS*/
+#endif /*
DISABLE
_TLS*/
case 'C': /* client authenticator information */
switch (*subid)
case 'C': /* client authenticator information */
switch (*subid)
@@
-3567,7
+3564,7
@@
while (!done)
case 'L':
switch (*subid)
{
case 'L':
switch (*subid)
{
-#ifdef
EXPERIMENTAL
_PIPE_CONNECT
+#ifdef
SUPPORT
_PIPE_CONNECT
case 2: setflag(addr, af_early_pipe); /*FALLTHROUGH*/
#endif
case 1: setflag(addr, af_pipelining); break;
case 2: setflag(addr, af_early_pipe); /*FALLTHROUGH*/
#endif
case 1: setflag(addr, af_pipelining); break;
@@
-4803,9
+4800,12
@@
all pipes, so I do not see a reason to use non-blocking IO here
#ifdef SUPPORT_DANE
if (tls_out.dane_verified) setflag(addr, af_dane_verified);
#endif
#ifdef SUPPORT_DANE
if (tls_out.dane_verified) setflag(addr, af_dane_verified);
#endif
+# ifdef EXPERIMENTAL_TLS_RESUME
+ if (tls_out.resumption & RESUME_USED) setflag(addr, af_tls_resume);
+# endif
/* Use an X item only if there's something to send */
/* Use an X item only if there's something to send */
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
if (addr->cipher)
{
ptr = big_buffer + sprintf(CS big_buffer, "%.128s", addr->cipher) + 1;
if (addr->cipher)
{
ptr = big_buffer + sprintf(CS big_buffer, "%.128s", addr->cipher) + 1;
@@
-4848,7
+4848,7
@@
all pipes, so I do not see a reason to use non-blocking IO here
rmt_dlv_checked_write(fd, 'X', '4', big_buffer, ptr - big_buffer);
}
# endif
rmt_dlv_checked_write(fd, 'X', '4', big_buffer, ptr - big_buffer);
}
# endif
-#endif /*
SUPPORT
_TLS*/
+#endif /*
DISABLE
_TLS*/
if (client_authenticator)
{
if (client_authenticator)
{
@@
-4872,7
+4872,7
@@
all pipes, so I do not see a reason to use non-blocking IO here
#endif
if (testflag(addr, af_pipelining))
#endif
if (testflag(addr, af_pipelining))
-#ifdef
EXPERIMENTAL
_PIPE_CONNECT
+#ifdef
SUPPORT
_PIPE_CONNECT
if (testflag(addr, af_early_pipe))
rmt_dlv_checked_write(fd, 'L', '2', NULL, 0);
else
if (testflag(addr, af_early_pipe))
rmt_dlv_checked_write(fd, 'L', '2', NULL, 0);
else
@@
-5012,7
+5012,7
@@
all pipes, so I do not see a reason to use non-blocking IO here
if (cutthrough.cctx.sock >= 0 && cutthrough.callout_hold_only)
{
if (cutthrough.cctx.sock >= 0 && cutthrough.callout_hold_only)
{
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
if (cutthrough.is_tls)
tls_close(cutthrough.cctx.tls_ctx, TLS_NO_SHUTDOWN);
#endif
if (cutthrough.is_tls)
tls_close(cutthrough.cctx.tls_ctx, TLS_NO_SHUTDOWN);
#endif
@@
-6330,7
+6330,7
@@
while (addr_new) /* Loop until all addresses dealt with */
/* Failure to open the retry database is treated the same as if it does
not exist. In both cases, dbm_file is NULL. */
/* Failure to open the retry database is treated the same as if it does
not exist. In both cases, dbm_file is NULL. */
- if (!(dbm_file = dbfn_open(US"retry", O_RDONLY, &dbblock, FALSE)))
+ if (!(dbm_file = dbfn_open(US"retry", O_RDONLY, &dbblock, FALSE
, TRUE
)))
DEBUG(D_deliver|D_retry|D_route|D_hints_lookup)
debug_printf("no retry data available\n");
DEBUG(D_deliver|D_retry|D_route|D_hints_lookup)
debug_printf("no retry data available\n");
@@
-7081,7
+7081,7
@@
if (addr_local || addr_remote)
that the mode is correct - the group setting doesn't always seem to get
set automatically. */
that the mode is correct - the group setting doesn't always seem to get
set automatically. */
- if(
fchown(journal_fd, exim_uid, exim_gid
)
+ if(
exim_fchown(journal_fd, exim_uid, exim_gid, fname
)
|| fchmod(journal_fd, SPOOL_MODE)
#ifndef O_CLOEXEC
|| fcntl(journal_fd, F_SETFD, fcntl(journal_fd, F_GETFD) | FD_CLOEXEC)
|| fchmod(journal_fd, SPOOL_MODE)
#ifndef O_CLOEXEC
|| fcntl(journal_fd, F_SETFD, fcntl(journal_fd, F_GETFD) | FD_CLOEXEC)
@@
-7410,7
+7410,7
@@
if (addr_senddsn)
tctx.u.fd = fd;
tctx.options = topt_add_return_path | topt_no_body;
tctx.u.fd = fd;
tctx.options = topt_add_return_path | topt_no_body;
- /*XXX hmm, retval ignored.
+ /*XXX hmm,
FALSE(fail)
retval ignored.
Could error for any number of reasons, and they are not handled. */
transport_write_message(&tctx, 0);
fflush(f);
Could error for any number of reasons, and they are not handled. */
transport_write_message(&tctx, 0);
fflush(f);
@@
-8513,14
+8513,9
@@
if (!regex_SIZE) regex_SIZE =
if (!regex_AUTH) regex_AUTH =
regex_must_compile(AUTHS_REGEX, FALSE, TRUE);
if (!regex_AUTH) regex_AUTH =
regex_must_compile(AUTHS_REGEX, FALSE, TRUE);
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
if (!regex_STARTTLS) regex_STARTTLS =
regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE);
if (!regex_STARTTLS) regex_STARTTLS =
regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE);
-
-# ifdef EXPERIMENTAL_REQUIRETLS
-if (!regex_REQUIRETLS) regex_REQUIRETLS =
- regex_must_compile(US"\\n250[\\s\\-]REQUIRETLS(\\s|\\n|$)", FALSE, TRUE);
-# endif
#endif
if (!regex_CHUNKING) regex_CHUNKING =
#endif
if (!regex_CHUNKING) regex_CHUNKING =
@@
-8542,7
+8537,7
@@
if (!regex_DSN) regex_DSN =
if (!regex_IGNOREQUOTA) regex_IGNOREQUOTA =
regex_must_compile(US"\\n250[\\s\\-]IGNOREQUOTA(\\s|\\n|$)", FALSE, TRUE);
if (!regex_IGNOREQUOTA) regex_IGNOREQUOTA =
regex_must_compile(US"\\n250[\\s\\-]IGNOREQUOTA(\\s|\\n|$)", FALSE, TRUE);
-#ifdef
EXPERIMENTAL
_PIPE_CONNECT
+#ifdef
SUPPORT
_PIPE_CONNECT
if (!regex_EARLY_PIPE) regex_EARLY_PIPE =
regex_must_compile(US"\\n250[\\s\\-]" EARLY_PIPE_FEATURE_NAME "(\\s|\\n|$)", FALSE, TRUE);
#endif
if (!regex_EARLY_PIPE) regex_EARLY_PIPE =
regex_must_compile(US"\\n250[\\s\\-]" EARLY_PIPE_FEATURE_NAME "(\\s|\\n|$)", FALSE, TRUE);
#endif
@@
-8608,7
+8603,7
@@
if (cutthrough.cctx.sock >= 0 && cutthrough.callout_hold_only)
smtp_peer_options = cutthrough.peer_options;
continue_sequence = 0;
smtp_peer_options = cutthrough.peer_options;
continue_sequence = 0;
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
if (cutthrough.is_tls)
{
int pfd[2], pid;
if (cutthrough.is_tls)
{
int pfd[2], pid;
@@
-8651,7
+8646,7
@@
else
}
return; /* compiler quietening; control does not reach here. */
}
return; /* compiler quietening; control does not reach here. */
-#if
def SUPPORT
_TLS
+#if
ndef DISABLE
_TLS
fail:
log_write(0,
LOG_MAIN | (exec_type == CEE_EXEC_EXIT ? LOG_PANIC : LOG_PANIC_DIE),
fail:
log_write(0,
LOG_MAIN | (exec_type == CEE_EXEC_EXIT ? LOG_PANIC : LOG_PANIC_DIE),