X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/b4757e3611c457affce455100c7c7c43784ccfea..8ac90765750f87c573300b9e953af3d8090cab8b:/src/src/globals.c

diff --git a/src/src/globals.c b/src/src/globals.c
index d17f9a9dc..10045f482 100644
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -98,10 +98,11 @@ BOOL    move_frozen_messages   = FALSE;
 
 /* These variables are outside the #ifdef because it keeps the code less
 cluttered in several places (e.g. during logging) if we can always refer to
-them. Also, the tls_ variables are now always visible. */
+them. Also, the tls_ variables are now always visible.  Note that these are
+only used for smtp connections, not for service-daemon access. */
 
 tls_support tls_in = {
- .active =		-1,
+ .active =		{.sock = -1},
  .bits =		0,
  .certificate_verified = FALSE,
 #ifdef SUPPORT_DANE
@@ -118,7 +119,7 @@ tls_support tls_in = {
  .ocsp =		OCSP_NOT_REQ
 };
 tls_support tls_out = {
- .active =		-1,
+ .active =		{.sock = -1},
  .bits =		0,
  .certificate_verified = FALSE,
 #ifdef SUPPORT_DANE
@@ -160,6 +161,11 @@ uschar *tls_ocsp_file          = NULL;
 uschar *tls_privatekey         = NULL;
 BOOL    tls_remember_esmtp     = FALSE;
 uschar *tls_require_ciphers    = NULL;
+# ifdef EXPERIMENTAL_REQUIRETLS
+uschar  tls_requiretls         = 0;	/* REQUIRETLS_MSG etc. bit #defines */
+uschar *tls_advertise_requiretls = US"*";
+const pcre *regex_REQUIRETLS   = NULL;
+# endif
 uschar *tls_try_verify_hosts   = NULL;
 uschar *tls_verify_certificates= US"system";
 uschar *tls_verify_hosts       = NULL;
@@ -559,7 +565,7 @@ cut_t   cutthrough = {
   .delivery =		FALSE,				/* when to attempt */
   .defer_pass =		FALSE,				/* on defer: spool locally */
   .is_tls =		FALSE,				/* not a TLS conn yet */
-  .fd =			-1,				/* open connection */
+  .cctx =		{.sock = -1},			/* open connection */
   .nrcpt =		0,				/* number of addresses */
 };
 
@@ -669,7 +675,7 @@ BOOL    disable_ipv6           = FALSE;
 BOOL    disable_logging        = FALSE;
 
 #ifndef DISABLE_DKIM
-BOOL    dkim_collect_input       = FALSE;
+unsigned dkim_collect_input      = 0;
 uschar *dkim_cur_signer          = NULL;
 BOOL    dkim_disable_verify      = FALSE;
 int     dkim_key_length          = 0;
@@ -698,6 +704,7 @@ BOOL    dmarc_enable_forensic   = FALSE;
 uschar *dns_again_means_nonexist = NULL;
 int     dns_csa_search_limit   = 5;
 BOOL    dns_csa_use_reverse    = TRUE;
+int	dns_cname_loops	       = 1;
 #ifdef SUPPORT_DANE
 int     dns_dane_ok            = -1;
 #endif
@@ -1395,6 +1402,7 @@ uschar *spf_smtp_comment       = NULL;
 #endif
 
 BOOL    split_spool_directory  = FALSE;
+FILE   *spool_data_file	       = NULL;
 uschar *spool_directory        = US SPOOL_DIRECTORY
                            "\0<--------------Space to patch spool_directory->";
 BOOL    spool_file_wireformat  = FALSE;