X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/9883af7240d3c25b7a8a859c9e8482caacd5f1aa..ff9663026d1a318d385730c4a2c3e85508b4b00b:/src/src/globals.c diff --git a/src/src/globals.c b/src/src/globals.c index f52ae92ce..458ab487e 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -16,23 +16,23 @@ data blocks and hence have the opt_public flag set. */ optionlist optionlist_auths[] = { { "client_condition", opt_stringptr | opt_public, - (void *)(offsetof(auth_instance, client_condition)) }, + OPT_OFF(auth_instance, client_condition) }, { "client_set_id", opt_stringptr | opt_public, - (void *)(offsetof(auth_instance, set_client_id)) }, + OPT_OFF(auth_instance, set_client_id) }, { "driver", opt_stringptr | opt_public, - (void *)(offsetof(auth_instance, driver_name)) }, + OPT_OFF(auth_instance, driver_name) }, { "public_name", opt_stringptr | opt_public, - (void *)(offsetof(auth_instance, public_name)) }, + OPT_OFF(auth_instance, public_name) }, { "server_advertise_condition", opt_stringptr | opt_public, - (void *)(offsetof(auth_instance, advertise_condition))}, + OPT_OFF(auth_instance, advertise_condition)}, { "server_condition", opt_stringptr | opt_public, - (void *)(offsetof(auth_instance, server_condition)) }, + OPT_OFF(auth_instance, server_condition) }, { "server_debug_print", opt_stringptr | opt_public, - (void *)(offsetof(auth_instance, server_debug_string)) }, + OPT_OFF(auth_instance, server_debug_string) }, { "server_mail_auth_condition", opt_stringptr | opt_public, - (void *)(offsetof(auth_instance, mail_auth_condition)) }, + OPT_OFF(auth_instance, mail_auth_condition) }, { "server_set_id", opt_stringptr | opt_public, - (void *)(offsetof(auth_instance, set_id)) } + OPT_OFF(auth_instance, set_id) } }; int optionlist_auths_size = nelem(optionlist_auths); @@ -102,38 +102,12 @@ them. Also, the tls_ variables are now always visible. Note that these are only used for smtp connections, not for service-daemon access. */ tls_support tls_in = { - .active = {.sock = -1}, - .bits = 0, - .certificate_verified = FALSE, -#ifdef SUPPORT_DANE - .dane_verified = FALSE, - .tlsa_usage = 0, -#endif - .cipher = NULL, - .on_connect = FALSE, - .on_connect_ports = NULL, - .ourcert = NULL, - .peercert = NULL, - .peerdn = NULL, - .sni = NULL, - .ocsp = OCSP_NOT_REQ + .active = {.sock = -1} + /* all other elements zero */ }; tls_support tls_out = { .active = {.sock = -1}, - .bits = 0, - .certificate_verified = FALSE, -#ifdef SUPPORT_DANE - .dane_verified = FALSE, - .tlsa_usage = 0, -#endif - .cipher = NULL, - .on_connect = FALSE, - .on_connect_ports = NULL, - .ourcert = NULL, - .peercert = NULL, - .peerdn = NULL, - .sni = NULL, - .ocsp = OCSP_NOT_REQ + /* all other elements zero */ }; uschar *dsn_envid = NULL; @@ -141,7 +115,7 @@ int dsn_ret = 0; const pcre *regex_DSN = NULL; uschar *dsn_advertise_hosts = NULL; -#ifdef SUPPORT_TLS +#ifndef DISABLE_TLS BOOL gnutls_compat_mode = FALSE; BOOL gnutls_allow_auto_pkcs11 = FALSE; uschar *openssl_options = NULL; @@ -161,10 +135,13 @@ uschar *tls_ocsp_file = NULL; uschar *tls_privatekey = NULL; BOOL tls_remember_esmtp = FALSE; uschar *tls_require_ciphers = NULL; +# ifdef EXPERIMENTAL_TLS_RESUME +uschar *tls_resumption_hosts = NULL; +# endif uschar *tls_try_verify_hosts = NULL; uschar *tls_verify_certificates= US"system"; uschar *tls_verify_hosts = NULL; -#else /*!SUPPORT_TLS*/ +#else /*DISABLE_TLS*/ uschar *tls_advertise_hosts = NULL; #endif @@ -261,8 +238,9 @@ struct global_flags f = .disable_logging = FALSE, #ifndef DISABLE_DKIM .dkim_disable_verify = FALSE, + .dkim_init_done = FALSE, #endif -#ifdef EXPERIMENTAL_DMARC +#ifdef SUPPORT_DMARC .dmarc_has_been_checked = FALSE, .dmarc_disable_verify = FALSE, .dmarc_enable_forensic = FALSE, @@ -320,7 +298,7 @@ struct global_flags f = .sender_name_forced = FALSE, .sender_set_untrusted = FALSE, .smtp_authenticated = FALSE, -#ifdef EXPERIMENTAL_PIPE_CONNECT +#ifndef DISABLE_PIPE_CONNECT .smtp_in_early_pipe_advertised = FALSE, .smtp_in_early_pipe_no_auth = FALSE, .smtp_in_early_pipe_used = FALSE, @@ -334,6 +312,8 @@ struct global_flags f = .synchronous_delivery = FALSE, .system_filtering = FALSE, + .taint_check_slow = FALSE, + .testsuite_delays = TRUE, .tcp_fastopen_ok = FALSE, .tcp_in_fastopen = FALSE, .tcp_in_fastopen_data = FALSE, @@ -400,6 +380,9 @@ BOOL prod_requires_admin = TRUE; BOOL proxy_session = FALSE; #endif +#ifdef EXPERIMENTAL_QUEUE_RAMP +BOOL queue_fast_ramp = FALSE; +#endif BOOL queue_list_requires_admin = TRUE; BOOL queue_only = FALSE; BOOL queue_only_load_latch = TRUE; @@ -571,7 +554,7 @@ address_item address_defaults = { .return_filename = NULL, .self_hostname = NULL, .shadow_message = NULL, -#ifdef SUPPORT_TLS +#ifndef DISABLE_TLS .cipher = NULL, .ourcert = NULL, .peercert = NULL, @@ -595,7 +578,7 @@ address_item address_defaults = { .localpart_cache = { 0 }, /* localpart_cache - ditto */ .mode = -1, .more_errno = 0, - .delivery_usec = 0, + .delivery_time = {.tv_sec = 0, .tv_usec = 0}, .basic_errno = ERRNO_UNKNOWNERROR, .child_count = 0, .return_file = -1, @@ -608,6 +591,7 @@ address_item address_defaults = { .errors_address = NULL, .extra_headers = NULL, .remove_headers = NULL, + .variables = NULL, #ifdef EXPERIMENTAL_SRS .srs_sender = NULL, #endif @@ -756,6 +740,9 @@ cut_t cutthrough = { .nrcpt = 0, /* number of addresses */ }; +#ifdef EXPERIMENTAL_QUEUE_RAMP +int daemon_notifier_fd = -1; +#endif uschar *daemon_smtp_port = US"smtp"; int daemon_startup_retries = 9; int daemon_startup_sleep = 30; @@ -838,6 +825,7 @@ uschar *deliver_localpart_orig = NULL; uschar *deliver_localpart_parent = NULL; uschar *deliver_localpart_prefix = NULL; uschar *deliver_localpart_suffix = NULL; +uschar *deliver_localpart_verified = NULL; uschar *deliver_out_buffer = NULL; int deliver_queue_load_max = -1; address_item *deliver_recipients = NULL; @@ -852,12 +840,15 @@ void *dkim_signatures = NULL; uschar *dkim_signers = NULL; uschar *dkim_signing_domain = NULL; uschar *dkim_signing_selector = NULL; +uschar *dkim_verify_hashes = US"sha256:sha512"; +uschar *dkim_verify_keytypes = US"ed25519:rsa"; +BOOL dkim_verify_minimal = FALSE; uschar *dkim_verify_overall = NULL; uschar *dkim_verify_signers = US"$dkim_signers"; uschar *dkim_verify_status = NULL; uschar *dkim_verify_reason = NULL; #endif -#ifdef EXPERIMENTAL_DMARC +#ifdef SUPPORT_DMARC uschar *dmarc_domain_policy = NULL; uschar *dmarc_forensic_sender = NULL; uschar *dmarc_history_file = NULL; @@ -1047,7 +1038,8 @@ uschar *log_file_path = US LOG_FILE_PATH int log_notall[] = { -1 }; -bit_table log_options[] = { /* must be in alphabetical order */ +bit_table log_options[] = { /* must be in alphabetical order, + with definitions from enum logbit. */ BIT_TABLE(L, 8bitmime), BIT_TABLE(L, acl_warn_skipped), BIT_TABLE(L, address_rewrite), @@ -1105,6 +1097,7 @@ bit_table log_options[] = { /* must be in alphabetical order */ BIT_TABLE(L, tls_certificate_verified), BIT_TABLE(L, tls_cipher), BIT_TABLE(L, tls_peerdn), + BIT_TABLE(L, tls_resumption), BIT_TABLE(L, tls_sni), BIT_TABLE(L, unknown_in_list), }; @@ -1184,12 +1177,12 @@ uschar *override_pid_file_path = NULL; uschar *percent_hack_domains = NULL; uschar *pid_file_path = US PID_FILE_PATH "\0<--------------Space to patch pid_file_path->"; -#ifdef EXPERIMENTAL_PIPE_CONNECT +#ifndef DISABLE_PIPE_CONNECT uschar *pipe_connect_advertise_hosts = US"*"; #endif uschar *pipelining_advertise_hosts = US"*"; uschar *primary_hostname = NULL; -uschar process_info[PROCESS_INFO_SIZE]; +uschar *process_info; int process_info_len = 0; uschar *process_log_path = NULL; @@ -1211,6 +1204,7 @@ uschar *qualify_domain_sender = NULL; uschar *queue_domains = NULL; int queue_interval = -1; uschar *queue_name = US""; +uschar *queue_name_dest = NULL; uschar *queue_only_file = NULL; int queue_only_load = -1; uschar *queue_run_max = US"5"; @@ -1248,7 +1242,8 @@ uschar *received_header_text = US "${if def:sender_helo_name {(helo=$sender_helo_name)\n\t}}}}" "by $primary_hostname " "${if def:received_protocol {with $received_protocol }}" -#ifdef SUPPORT_TLS +#ifndef DISABLE_TLS + "${if def:tls_in_ver { ($tls_in_ver)}}" "${if def:tls_in_cipher_std { tls $tls_in_cipher_std\n\t}}" #endif "(Exim $version_number)\n\t" @@ -1274,7 +1269,7 @@ const pcre *regex_From = NULL; const pcre *regex_IGNOREQUOTA = NULL; const pcre *regex_PIPELINING = NULL; const pcre *regex_SIZE = NULL; -#ifdef EXPERIMENTAL_PIPE_CONNECT +#ifndef DISABLE_PIPE_CONNECT const pcre *regex_EARLY_PIPE = NULL; #endif const pcre *regex_ismsgid = NULL; @@ -1361,6 +1356,7 @@ router_instance router_defaults = { .retry_use_local_part = TRUE_UNSET, .same_domain_copy_routing = FALSE, .self_rewrite = FALSE, + .set = NULL, .suffix_optional = FALSE, .verify_only = FALSE, .verify_recipient = TRUE, @@ -1378,10 +1374,11 @@ router_instance router_defaults = { .pass_router = NULL, .redirect_router = NULL, - .dnssec = { NULL, NULL }, /* dnssec_domains {require,request} */ + .dnssec = { .request= US"*", .require=NULL }, }; uschar *router_name = NULL; +tree_node *router_var = NULL; ip_address_item *running_interfaces = NULL; @@ -1512,6 +1509,9 @@ uschar *srs_recipient = NULL; uschar *srs_secrets = NULL; uschar *srs_status = NULL; #endif +#ifdef EXPERIMENTAL_SRS_NATIVE +uschar *srs_recipient = NULL; +#endif int string_datestamp_offset= -1; int string_datestamp_length= 0; int string_datestamp_type = -1; @@ -1537,6 +1537,9 @@ uschar *tcp_wrappers_daemon_name = US TCP_WRAPPERS_DAEMON_NAME; int test_harness_load_avg = 0; int thismessage_size_limit = 0; int timeout_frozen_after = 0; +#ifdef MEASURE_TIMING +struct timeval timestamp_startup; +#endif transport_instance *transports = NULL;