git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Introduce main config option allow_insecure_tainted_data
[exim.git]
/
src
/
src
/
macros.h
diff --git
a/src/src/macros.h
b/src/src/macros.h
index 76913d64ed37c8f62f95e581dd224ad650172232..322ddbf5639901103ce94d6218e416f95edb6b8d 100644
(file)
--- a/
src/src/macros.h
+++ b/
src/src/macros.h
@@
-3,6
+3,7
@@
*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2018 */
*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
/* See the file NOTICE for conditions of use and distribution. */
@@
-40,9
+41,11
@@
manipulate them. */
/* For almost all calls to convert things to printing characters, we want to
/* For almost all calls to convert things to printing characters, we want to
-allow tabs. A macro just makes life a bit easier. */
+allow tabs
& spaces
. A macro just makes life a bit easier. */
-#define string_printing(s) string_printing2((s), TRUE)
+#define string_printing(s) string_printing2((s), 0)
+#define SP_TAB BIT(0)
+#define SP_SPACE BIT(1)
/* We need a special return code for "no recipients and failed to send an error
/* We need a special return code for "no recipients and failed to send an error
@@
-118,7
+121,7
@@
don't make the file descriptors two-way. */
verifying. This has to be explicit because it is referenced in more than one
source module. */
verifying. This has to be explicit because it is referenced in more than one
source module. */
-#define ADDRESS_EXPANSIONS_COUNT 1
8
+#define ADDRESS_EXPANSIONS_COUNT 1
9
/* The maximum permitted number of command-line (-D) macro definitions. We
need a limit only to make it easier to generate argument vectors for re-exec
/* The maximum permitted number of command-line (-D) macro definitions. We
need a limit only to make it easier to generate argument vectors for re-exec
@@
-137,7
+140,7
@@
changed, then the tables in expand.c for accessing them must be changed too. */
/* The size of the buffer holding the processing information string. */
/* The size of the buffer holding the processing information string. */
-#define PROCESS_INFO_SIZE
256
+#define PROCESS_INFO_SIZE
384
/* The size of buffer to get for constructing log entries. Make it big
enough to hold all the headers from a normal kind of message. */
/* The size of buffer to get for constructing log entries. Make it big
enough to hold all the headers from a normal kind of message. */
@@
-152,12
+155,19
@@
enough to hold all the headers from a normal kind of message. */
into big_buffer_size and in some circumstances increased. It should be at least
as long as the maximum path length. */
into big_buffer_size and in some circumstances increased. It should be at least
as long as the maximum path length. */
-#if defined PATH_MAX && PATH_MAX > 16384
+#ifdef AUTH_HEIMDAL_GSSAPI
+ /* RFC 4121 section 5.2, SHOULD support 64K input buffers */
+# define __BIG_BUFFER_SIZE 65536
+#else
+# define __BIG_BUFFER_SIZE 16384
+#endif
+
+#if defined PATH_MAX && PATH_MAX > __BIG_BUFFER_SIZE
# define BIG_BUFFER_SIZE PATH_MAX
# define BIG_BUFFER_SIZE PATH_MAX
-#elif defined MAXPATHLEN && MAXPATHLEN >
16384
+#elif defined MAXPATHLEN && MAXPATHLEN >
__BIG_BUFFER_SIZE
# define BIG_BUFFER_SIZE MAXPATHLEN
#else
# define BIG_BUFFER_SIZE MAXPATHLEN
#else
-# define BIG_BUFFER_SIZE
16384
+# define BIG_BUFFER_SIZE
__BIG_BUFFER_SIZE
#endif
/* header size of pipe content
#endif
/* header size of pipe content
@@
-181,9
+191,10
@@
message id with a trailing "-H" or "-D" added. */
#define SPOOL_NAME_LENGTH (MESSAGE_ID_LENGTH+2)
/* The maximum number of message ids to store in a waiting database
#define SPOOL_NAME_LENGTH (MESSAGE_ID_LENGTH+2)
/* The maximum number of message ids to store in a waiting database
-record. */
+record
, and the max number of continuation records allowed
. */
#define WAIT_NAME_MAX 50
#define WAIT_NAME_MAX 50
+#define WAIT_CONT_MAX 1000
/* Wait this long before determining that a Proxy Protocol configured
host isn't speaking the protocol, and so is disallowed. Can be moved to
/* Wait this long before determining that a Proxy Protocol configured
host isn't speaking the protocol, and so is disallowed. Can be moved to
@@
-294,6
+305,7
@@
Use rc_names[] for debug strings. */
#define CANCELLED 13 /* Authentication cancelled */
#define FAIL_SEND 14 /* send() failed in authenticator */
#define FAIL_DROP 15 /* Fail and drop connection (used in ACL) */
#define CANCELLED 13 /* Authentication cancelled */
#define FAIL_SEND 14 /* send() failed in authenticator */
#define FAIL_DROP 15 /* Fail and drop connection (used in ACL) */
+#define DANE 16 /* Deferred for domain mismatch (used in transport) */
/* Returns from the deliver_message() function */
/* Returns from the deliver_message() function */
@@
-486,6
+498,9
@@
enum logbit {
Li_smtp_mailauth,
Li_smtp_no_mail,
Li_subject,
Li_smtp_mailauth,
Li_smtp_no_mail,
Li_subject,
+#ifdef ALLOW_INSECURE_TAINTED_DATA
+ Li_tainted,
+#endif
Li_tls_certificate_verified,
Li_tls_cipher,
Li_tls_peerdn,
Li_tls_certificate_verified,
Li_tls_cipher,
Li_tls_peerdn,
@@
-550,11
+565,8
@@
table exim_errstrings[] in log.c */
#define ERRNO_DATA4XX (-46) /* DATA gave 4xx error */
#define ERRNO_PROXYFAIL (-47) /* Negotiation failed for proxy configured host */
#define ERRNO_AUTHPROB (-48) /* Authenticator "other" failure */
#define ERRNO_DATA4XX (-46) /* DATA gave 4xx error */
#define ERRNO_PROXYFAIL (-47) /* Negotiation failed for proxy configured host */
#define ERRNO_AUTHPROB (-48) /* Authenticator "other" failure */
-
-#ifdef SUPPORT_I18N
-# define ERRNO_UTF8_FWD (-49) /* target not supporting SMTPUTF8 */
-#endif
- /* -50 free for re-use */
+#define ERRNO_UTF8_FWD (-49) /* target not supporting SMTPUTF8 */
+#define ERRNO_HOST_IS_LOCAL (-50) /* Transport refuses to talk to localhost */
/* These must be last, so all retry deferments can easily be identified */
/* These must be last, so all retry deferments can easily be identified */
@@
-1062,8
+1074,8
@@
should not be one active. */
#define AUTHS_REGEX US"\\n250[\\s\\-]AUTH\\s+([\\-\\w \\t]+)(?:\\n|$)"
#define AUTHS_REGEX US"\\n250[\\s\\-]AUTH\\s+([\\-\\w \\t]+)(?:\\n|$)"
-#define EARLY_PIPE_FEATURE_NAME "
X_
PIPE_CONNECT"
-#define EARLY_PIPE_FEATURE_LEN 1
4
+#define EARLY_PIPE_FEATURE_NAME "PIPE_CONNECT"
+#define EARLY_PIPE_FEATURE_LEN 1
2
/* Flags for auth_client_item() */
/* Flags for auth_client_item() */
@@
-1096,4
+1108,8
@@
should not be one active. */
#define SVFMT_TAINT_NOCHK BIT(2)
#define SVFMT_TAINT_NOCHK BIT(2)
+#define NOTIFIER_SOCKET_NAME "exim_daemon_notify"
+#define NOTIFY_MSG_QRUN 1 /* Notify message types */
+#define NOTIFY_QUEUE_SIZE_REQ 2
+
/* End of macros.h */
/* End of macros.h */