X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/332f5cf3ddb43e1a85d70039211e73aa1a753ebd..a7538db17824b7fd70c12ef7561a67b85d6f247e:/src/src/globals.h diff --git a/src/src/globals.h b/src/src/globals.h index b0c26c425..f0a3091df 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -1,10 +1,8 @@ -/* $Cambridge: exim/src/src/globals.h,v 1.69 2010/06/12 15:21:26 jetmore Exp $ */ - /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2009 */ +/* Copyright (c) University of Cambridge 1995 - 2014 */ /* See the file NOTICE for conditions of use and distribution. */ /* Almost all the global variables are defined together in this one header, so @@ -64,6 +62,10 @@ extern uschar *oracle_servers; /* List of servers and connect info */ extern uschar *pgsql_servers; /* List of servers and connect info */ #endif +#ifdef EXPERIMENTAL_REDIS +extern uschar *redis_servers; /* List of servers and connect info */ +#endif + #ifdef LOOKUP_SQLITE extern int sqlite_lock_timeout; /* Internal lock waiting timeout */ #endif @@ -76,15 +78,31 @@ extern BOOL move_frozen_messages; /* Get them out of the normal directory * cluttered in several places (e.g. during logging) if we can always refer to them. Also, the tls_ variables are now always visible. */ -extern int tls_active; /* fd/socket when in a TLS session */ -extern BOOL tls_certificate_verified; /* Client certificate verified */ -extern uschar *tls_cipher; /* Cipher used */ -extern BOOL tls_on_connect; /* For older MTAs that don't STARTTLS */ -extern uschar *tls_on_connect_ports; /* Ports always tls-on-connect */ -extern uschar *tls_peerdn; /* DN from peer */ +typedef struct { + int active; /* fd/socket when in a TLS session */ + int bits; /* bits used in TLS session */ + BOOL certificate_verified; /* Client certificate verified */ + uschar *cipher; /* Cipher used */ + BOOL on_connect; /* For older MTAs that don't STARTTLS */ + uschar *on_connect_ports; /* Ports always tls-on-connect */ + void *ourcert; /* Certificate we presented, binary */ + void *peercert; /* Certificate of peer, binary */ + uschar *peerdn; /* DN from peer */ + uschar *sni; /* Server Name Indication */ + enum { + OCSP_NOT_REQ=0, /* not requested */ + OCSP_NOT_RESP, /* no response to request */ + OCSP_VFY_NOT_TRIED, /* response not verified */ + OCSP_FAILED, /* verify failed */ + OCSP_VFIED /* verified */ + } ocsp; /* Stapled OCSP status */ +} tls_support; +extern tls_support tls_in; +extern tls_support tls_out; #ifdef SUPPORT_TLS extern BOOL gnutls_compat_mode; /* Less security, more compatibility */ +extern BOOL gnutls_allow_auto_pkcs11; /* Let GnuTLS autoload PKCS11 modules */ extern uschar *gnutls_require_mac; /* So some can be avoided */ extern uschar *gnutls_require_kx; /* So some can be avoided */ extern uschar *gnutls_require_proto; /* So some can be avoided */ @@ -92,8 +110,13 @@ extern uschar *openssl_options; /* OpenSSL compatibility options */ extern const pcre *regex_STARTTLS; /* For recognizing STARTTLS settings */ extern uschar *tls_advertise_hosts; /* host for which TLS is advertised */ extern uschar *tls_certificate; /* Certificate file */ +extern uschar *tls_channelbinding_b64; /* string of base64 channel binding */ extern uschar *tls_crl; /* CRL File */ +extern int tls_dh_max_bits; /* don't accept higher lib suggestions */ extern uschar *tls_dhparam; /* DH param file */ +#ifndef DISABLE_OCSP +extern uschar *tls_ocsp_file; /* OCSP stapling proof file */ +#endif extern BOOL tls_offered; /* Server offered TLS */ extern uschar *tls_privatekey; /* Private key file */ extern BOOL tls_remember_esmtp; /* For YAEB */ @@ -103,6 +126,13 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif +#ifdef EXPERIMENTAL_DSN +extern uschar *dsn_envid; /* DSN envid string */ +extern int dsn_ret; /* DSN ret type*/ +extern const pcre *regex_DSN; /* For recognizing DSN settings */ +extern BOOL smtp_use_dsn; /* Global for passed connections */ +extern uschar *dsn_advertise_hosts; /* host for which TLS is advertised */ +#endif /* Input-reading functions for messages, so we can use special ones for incoming TCP/IP. */ @@ -123,16 +153,24 @@ extern uschar **address_expansions[ADDRESS_EXPANSIONS_COUNT]; /* General global variables */ extern BOOL accept_8bitmime; /* Allow *BITMIME incoming */ +extern int body_8bitmime; /* sender declared BODY= ; 7=7BIT, 8=8BITMIME */ extern header_line *acl_added_headers; /* Headers added by an ACL */ extern tree_node *acl_anchor; /* Tree of named ACLs */ +extern uschar *acl_arg[9]; /* Argument to ACL call */ +extern int acl_narg; /* Number of arguments to ACL call */ extern uschar *acl_not_smtp; /* ACL run for non-SMTP messages */ #ifdef WITH_CONTENT_SCAN extern uschar *acl_not_smtp_mime; /* For MIME parts of ditto */ #endif extern uschar *acl_not_smtp_start; /* ACL run at the beginning of a non-SMTP session */ +extern uschar *acl_removed_headers; /* Headers deleted by an ACL */ extern uschar *acl_smtp_auth; /* ACL run for AUTH */ extern uschar *acl_smtp_connect; /* ACL run on SMTP connection */ extern uschar *acl_smtp_data; /* ACL run after DATA received */ +#ifndef DISABLE_PRDR +extern uschar *acl_smtp_data_prdr; /* ACL run after DATA received if in PRDR mode*/ +const extern pcre *regex_PRDR; /* For recognizing PRDR settings */ +#endif #ifndef DISABLE_DKIM extern uschar *acl_smtp_dkim; /* ACL run for DKIM signatures / domains */ #endif @@ -174,6 +212,7 @@ extern BOOL allow_mx_to_ip; /* Allow MX records to -> ip address */ extern BOOL allow_unqualified_recipient; /* As it says */ extern BOOL allow_unqualified_sender; /* Ditto */ extern BOOL allow_utf8_domains; /* For experimenting */ +extern uschar *authenticated_fail_id; /* ID that failed authentication */ extern uschar *authenticated_id; /* ID that was authenticated */ extern uschar *authenticated_sender; /* From AUTH on MAIL */ extern BOOL authentication_failed; /* TRUE if AUTH was tried and failed */ @@ -186,6 +225,7 @@ extern uschar *auth_defer_user_msg; /* Error message for user */ extern uschar *auth_vars[]; /* $authn variables */ extern int auto_thaw; /* Auto-thaw interval */ #ifdef WITH_CONTENT_SCAN +extern BOOL av_failed; /* TRUE if the AV process failed */ extern uschar *av_scanner; /* AntiVirus scanner to use for the malware condition */ #endif @@ -223,6 +263,9 @@ extern int check_log_space; /* Minimum for message acceptance */ extern BOOL check_rfc2047_length; /* Check RFC 2047 encoded string length */ extern int check_spool_inodes; /* Minimum for message acceptance */ extern int check_spool_space; /* Minimum for message acceptance */ +extern uschar *client_authenticator; /* Authenticator name used for smtp delivery */ +extern uschar *client_authenticated_id; /* "login" name used for SMTP AUTH */ +extern uschar *client_authenticated_sender; /* AUTH option to SMTP MAIL FROM (not yet used) */ extern int clmacro_count; /* Number of command line macros */ extern uschar *clmacros[]; /* Copy of them, for re-exec */ extern int connection_max_messages;/* Max down one SMTP connection */ @@ -245,6 +288,8 @@ extern int continue_sequence; /* Sequence num for continued delivery */ extern uschar *continue_transport; /* Transport for continued delivery */ extern uschar *csa_status; /* Client SMTP Authorization result */ +extern BOOL cutthrough_delivery; /* Deliver in foreground */ +extern int cutthrough_fd; /* Connection for ditto */ extern BOOL daemon_listen; /* True if listening required */ extern uschar *daemon_smtp_port; /* Can be a list of ports */ @@ -278,11 +323,12 @@ extern BOOL deliver_drop_privilege; /* TRUE for unprivileged delivery */ extern BOOL deliver_firsttime; /* True for first delivery attempt */ extern BOOL deliver_force; /* TRUE if delivery was forced */ extern BOOL deliver_freeze; /* TRUE if delivery is frozen */ -extern int deliver_frozen_at; /* Time of freezing */ +extern time_t deliver_frozen_at; /* Time of freezing */ extern uschar *deliver_home; /* Home directory for pipes */ extern uschar *deliver_host; /* (First) host for routed local deliveries */ /* Remote host for filter */ extern uschar *deliver_host_address; /* Address for remote delivery filter */ +extern int deliver_host_port; /* Address for remote delivery filter */ extern uschar *deliver_in_buffer; /* Buffer for copying file */ extern ino_t deliver_inode; /* Inode for appendfile */ extern uschar *deliver_localpart; /* The local part for delivery */ @@ -322,6 +368,19 @@ extern uschar *dkim_verify_signers; /* Colon-separated list of domains for ea extern BOOL dkim_collect_input; /* Runtime flag that tracks wether SMTP input is fed to DKIM validation */ extern BOOL dkim_disable_verify; /* Set via ACL control statement. When set, DKIM verification is disabled for the current message */ #endif +#ifdef EXPERIMENTAL_DMARC +extern BOOL dmarc_has_been_checked; /* Global variable to check if test has been called yet */ +extern uschar *dmarc_ar_header; /* Expansion variable, suggested header for dmarc auth results */ +extern uschar *dmarc_domain_policy; /* Expansion for declared policy of used domain */ +extern uschar *dmarc_forensic_sender; /* Set sender address for forensic reports */ +extern uschar *dmarc_history_file; /* Expansion variable, file to store dmarc results */ +extern uschar *dmarc_status; /* Expansion variable, one word value */ +extern uschar *dmarc_status_text; /* Expansion variable, human readable value */ +extern uschar *dmarc_tld_file; /* Mozilla TLDs text file */ +extern uschar *dmarc_used_domain; /* Expansion variable, domain libopendmarc chose for DMARC policy lookup */ +extern BOOL dmarc_disable_verify; /* Set via ACL control statement. When set, DMARC verification is disabled for the current message */ +extern BOOL dmarc_enable_forensic; /* Set via ACL control statement. When set, DMARC forensic reports are enabled for the current message */ +#endif extern uschar *dns_again_means_nonexist; /* Domains that are badly set up */ extern int dns_csa_search_limit; /* How deep to search for CSA SRV records */ @@ -329,6 +388,8 @@ extern BOOL dns_csa_use_reverse; /* Check CSA in reverse DNS? (non-standar extern uschar *dns_ipv4_lookup; /* For these domains, don't look for AAAA (or A6) */ extern int dns_retrans; /* Retransmission time setting */ extern int dns_retry; /* Number of retries */ +extern int dns_dnssec_ok; /* When constructing DNS query, set DO flag */ +extern int dns_use_edns0; /* Coerce EDNS0 support on/off in resolver. */ extern uschar *dnslist_domain; /* DNS (black) list domain */ extern uschar *dnslist_matched; /* DNS (black) list matched key */ extern uschar *dnslist_text; /* DNS (black) list text message */ @@ -353,6 +414,7 @@ extern int errors_sender_rc; /* Return after message to sender*/ extern gid_t exim_gid; /* To be used with exim_uid */ extern BOOL exim_gid_set; /* TRUE if exim_gid set */ extern uschar *exim_path; /* Path to exec exim */ +extern const uschar *exim_sieve_extension_list[]; /* list of sieve extensions */ extern uid_t exim_uid; /* Non-root uid for exim */ extern BOOL exim_uid_set; /* TRUE if exim_uid set */ extern int expand_forbid; /* RDO flags for forbidding things */ @@ -398,7 +460,7 @@ extern uschar *helo_try_verify_hosts; /* Soft check HELO argument for these */ extern BOOL helo_verified; /* True if HELO verified */ extern BOOL helo_verify_failed; /* True if attempt failed */ extern uschar *helo_verify_hosts; /* Hard check HELO argument for these */ -extern uschar *hex_digits; /* Used in several places */ +extern const uschar *hex_digits; /* Used in several places */ extern uschar *hold_domains; /* Hold up deliveries to these */ extern BOOL host_find_failed_syntax;/* DNS syntax check failure */ extern BOOL host_checking_callout; /* TRUE if real callout wanted */ @@ -419,6 +481,8 @@ extern uschar *hosts_treat_as_local; /* For routing */ extern int ignore_bounce_errors_after; /* Keep them for this time. */ extern BOOL ignore_fromline_local; /* Local SMTP ignore fromline */ extern uschar *ignore_fromline_hosts; /* Hosts permitted to send "From " */ +extern BOOL inetd_wait_mode; /* Whether running in inetd wait mode */ +extern int inetd_wait_timeout; /* Timeout for inetd wait mode */ extern BOOL is_inetd; /* True for inetd calls */ extern uschar *iterate_item; /* Item from iterate list */ @@ -456,6 +520,7 @@ extern unsigned int log_write_selector;/* Bit map of logging options for log_wri extern uschar *login_sender_address; /* The actual sender address */ extern lookup_info **lookup_list; /* Array of pointers to available lookups */ extern int lookup_list_count; /* Number of entries in the list */ +extern uschar *lookup_dnssec_authenticated; /* AD status of dns lookup */ extern int lookup_open_max; /* Max lookup files to cache */ extern uschar *lookup_value; /* Value looked up from file */ @@ -489,7 +554,7 @@ extern uschar *message_reference; /* Reference for error messages */ /* MIME ACL expandables */ #ifdef WITH_CONTENT_SCAN extern int mime_anomaly_level; -extern uschar *mime_anomaly_text; +extern const uschar *mime_anomaly_text; extern uschar *mime_boundary; extern uschar *mime_charset; extern uschar *mime_content_description; @@ -535,12 +600,28 @@ extern uschar *percent_hack_domains; /* Local domains for which '% operates */ extern uschar *pid_file_path; /* For writing daemon pids */ extern uschar *pipelining_advertise_hosts; /* As it says */ extern BOOL pipelining_enable; /* As it says */ +#ifndef DISABLE_PRDR +extern BOOL prdr_enable; /* As it says */ +extern BOOL prdr_requested; /* Connecting mail server wants PRDR */ +#endif extern BOOL preserve_message_logs; /* Save msglog files */ extern uschar *primary_hostname; /* Primary name of this computer */ extern BOOL print_topbitchars; /* Topbit chars are printing chars */ extern uschar process_info[]; /* For SIGUSR1 output */ +extern int process_info_len; extern uschar *process_log_path; /* Alternate path */ extern BOOL prod_requires_admin; /* TRUE if prodding requires admin */ + +#ifdef EXPERIMENTAL_PROXY +extern uschar *proxy_host_address; /* IP of host being proxied */ +extern int proxy_host_port; /* Port of host being proxied */ +extern uschar *proxy_required_hosts; /* Hostlist which (require) use proxy protocol */ +extern BOOL proxy_session; /* TRUE if receiving mail from valid proxy */ +extern BOOL proxy_session_failed; /* TRUE if required proxy negotiation failed */ +extern uschar *proxy_target_address; /* IP of proxy server inbound */ +extern int proxy_target_port; /* Port of proxy server inbound */ +#endif + extern uschar *prvscheck_address; /* Set during prvscheck expansion item */ extern uschar *prvscheck_keynum; /* Set during prvscheck expansion item */ extern uschar *prvscheck_result; /* Set during prvscheck expansion item */ @@ -631,6 +712,7 @@ extern uid_t root_uid; /* The uid for root */ extern router_info routers_available[];/* Vector of available routers */ extern router_instance *routers; /* Chain of instantiated routers */ extern router_instance router_defaults;/* Default values */ +extern uschar *router_name; /* Name of router last started */ extern BOOL running_in_test_harness; /*TRUE when running_status is patched */ extern ip_address_item *running_interfaces; /* Host's running interfaces */ extern uschar *running_status; /* Flag string for testing */ @@ -649,6 +731,7 @@ extern uschar *sender_fullhost; /* Sender host name + address */ extern uschar *sender_helo_name; /* Host name from HELO/EHLO */ extern uschar **sender_host_aliases; /* Points to list of alias names */ extern unsigned int sender_host_cache[(MAX_NAMED_LIST * 2)/32]; /* Cache bits for incoming host */ +extern BOOL sender_host_dnssec; /* true if sender_host_name verified in DNSSEC */ extern BOOL sender_host_notsocket; /* Set for -bs and -bS */ extern BOOL sender_host_unknown; /* TRUE for -bs and -bS except inetd */ extern uschar *sender_ident; /* Sender identity via RFC 1413 */ @@ -758,6 +841,7 @@ extern uschar *submission_domain; /* Domain for submission mode */ extern BOOL submission_mode; /* Can be forced from ACL */ extern uschar *submission_name; /* User name set from ACL */ extern BOOL suppress_local_fixups; /* Can be forced from ACL */ +extern BOOL suppress_local_fixups_default; /* former is reset to this; override with -G */ extern BOOL synchronous_delivery; /* TRUE if -odi is set */ extern BOOL syslog_duplication; /* FALSE => no duplicate logging */ extern int syslog_facility; /* As defined by Syslog.h */ @@ -784,6 +868,14 @@ extern int test_harness_load_avg; /* For use when testing */ extern int thismessage_size_limit; /* Limit for this message */ extern int timeout_frozen_after; /* Max time to keep frozen messages */ extern BOOL timestamps_utc; /* Use UTC for all times */ + +#ifdef EXPERIMENTAL_TPDA +extern int tpda_defer_errno; /* error number set when a remote delivery is deferred with a host error */ +extern uschar *tpda_event; /* event classification */ +extern uschar *tpda_data;; /* event data */ +#endif + +extern uschar *transport_name; /* Name of transport last started */ extern int transport_count; /* Count of bytes transported */ extern int transport_newlines; /* Accurate count of number of newline chars transported */ extern uschar **transport_filter_argv; /* For on-the-fly filtering */