X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/7f83b348ccf4cd815e9758ab9ca1012e66324e9d..a1108b5118d32e969c5fe91b2110944f7483a7cb:/src/src/readconf.c

diff --git a/src/src/readconf.c b/src/src/readconf.c
index dabe86348..e8e310beb 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -200,6 +200,9 @@ static optionlist optionlist_config[] = {
   { "ldap_require_cert",        opt_stringptr,   {&eldap_require_cert} },
   { "ldap_start_tls",           opt_bool,        {&eldap_start_tls} },
   { "ldap_version",             opt_int,         {&eldap_version} },
+#endif
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+  { "limits_advertise_hosts", opt_stringptr, {&limits_advertise_hosts} },
 #endif
   { "local_from_check",         opt_bool,        {&local_from_check} },
   { "local_from_prefix",        opt_stringptr,   {&local_from_prefix} },
@@ -259,6 +262,9 @@ static optionlist optionlist_config[] = {
   { "print_topbitchars",        opt_bool,        {&print_topbitchars} },
   { "process_log_path",         opt_stringptr,   {&process_log_path} },
   { "prod_requires_admin",      opt_bool,        {&prod_requires_admin} },
+#ifdef SUPPORT_PROXY
+  { "proxy_protocol_timeout",   opt_time,        {&proxy_protocol_timeout} },
+#endif
   { "qualify_domain",           opt_stringptr,   {&qualify_domain_sender} },
   { "qualify_recipient",        opt_stringptr,   {&qualify_domain_recipient} },
   { "queue_domains",            opt_stringptr,   {&queue_domains} },
@@ -297,7 +303,7 @@ static optionlist optionlist_config[] = {
   { "smtp_accept_max",          opt_int,         {&smtp_accept_max} },
   { "smtp_accept_max_nonmail",  opt_int,         {&smtp_accept_max_nonmail} },
   { "smtp_accept_max_nonmail_hosts", opt_stringptr, {&smtp_accept_max_nonmail_hosts} },
-  { "smtp_accept_max_per_connection", opt_int,   {&smtp_accept_max_per_connection} },
+  { "smtp_accept_max_per_connection", opt_stringptr,   {&smtp_accept_max_per_connection} },
   { "smtp_accept_max_per_host", opt_stringptr,   {&smtp_accept_max_per_host} },
   { "smtp_accept_queue",        opt_int,         {&smtp_accept_queue} },
   { "smtp_accept_queue_per_connection", opt_int, {&smtp_accept_queue_per_connection} },
@@ -1845,6 +1851,7 @@ switch (type)
         flagptr = (int *)ol3->v.value;
         }
 
+      /* This will trap if sptr is tainted. Not sure if that can happen */
       while ((p = string_nextinlist(CUSS &sptr, &sep, big_buffer, BIG_BUFFER_SIZE)))
         {
         rewrite_rule *next = readconf_one_rewrite(p, flagptr, FALSE);
@@ -1989,6 +1996,7 @@ switch (type)
       while (count-- > 1)
         {
         int sep = 0;
+	/* If p is tainted we trap.  Not sure that can happen */
         (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
         if (!route_finduser(big_buffer, NULL, &uid))
           log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "user %s was not found",
@@ -2030,6 +2038,7 @@ switch (type)
       while (count-- > 1)
         {
         int sep = 0;
+	/* If p is tainted we trap.  Not sure that can happen */
         (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
         if (!route_findgroup(big_buffer, &gid))
           log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "group %s was not found",
@@ -3112,6 +3121,7 @@ const uschar *list = config_main_filelist;
 
 /* Loop through the possible file names */
 
+/* Should never be a tainted list */
 while((filename = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)))
   {
 
@@ -3343,10 +3353,11 @@ but if that yields an unqualified value, make a FQDN by using gethostbyname to
 canonize it. Some people like upper case letters in their host names, so we
 don't force the case. */
 
-if (primary_hostname == NULL)
+if (!primary_hostname)
   {
-  const uschar *hostname;
+  const uschar * hostname;
   struct utsname uts;
+
   if (uname(&uts) < 0)
     log_write(0, LOG_MAIN|LOG_PANIC_DIE, "uname() failed to yield host name");
   hostname = US uts.nodename;
@@ -3356,33 +3367,29 @@ if (primary_hostname == NULL)
     int af = AF_INET;
     struct hostent *hostdata;
 
-    #if HAVE_IPV6
-    if (!disable_ipv6 && (dns_ipv4_lookup == NULL ||
-         match_isinlist(hostname, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
+#if HAVE_IPV6
+    if (  !disable_ipv6
+       && (  !dns_ipv4_lookup
+	  || match_isinlist(hostname, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
 	    MCL_DOMAIN, TRUE, NULL) != OK))
       af = AF_INET6;
-    #else
-    af = AF_INET;
-    #endif
+#endif
 
     for (;;)
       {
-      #if HAVE_IPV6
-        #if HAVE_GETIPNODEBYNAME
+#if HAVE_IPV6
+# if HAVE_GETIPNODEBYNAME
         int error_num;
         hostdata = getipnodebyname(CS hostname, af, 0, &error_num);
         #else
         hostdata = gethostbyname2(CS hostname, af);
-        #endif
-      #else
+# endif
+#else
       hostdata = gethostbyname(CS hostname);
-      #endif
+#endif
 
-      if (hostdata != NULL)
-        {
-        hostname = US hostdata->h_name;
-        break;
-        }
+      if (hostdata)
+        { hostname = US hostdata->h_name; break; }
 
       if (af == AF_INET) break;
       af = AF_INET;
@@ -3425,6 +3432,7 @@ if (*log_file_path)
       "\"%s\": %s", log_file_path, expand_string_message);
 
   ss = s;
+  /* should never be a tainted list */
   while ((sss = string_nextinlist(&ss, &sep, big_buffer, big_buffer_size)))
     {
     uschar *t;