WIP: allow_insecure_tainted_data

[users/heiko/exim.git] / src / src / globals.h

diff --git a/src/src/globals.h b/src/src/globals.h
index 962da137f811b536a50fd570336159a4e2ad5dfb..7924c12825358fbff2365a9df29d808086808511 100644 (file)
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -77,6 +77,10 @@ extern int     sqlite_lock_timeout;    /* Internal lock waiting timeout */
 extern BOOL    move_frozen_messages;   /* Get them out of the normal directory */
 #endif
 
+#ifdef ALLOW_INSECURE_TAINTED_DATA
+extern BOOL    allow_insecure_tainted_data;
+#endif
+
 /* These variables are outside the #ifdef because it keeps the code less
 cluttered in several places (e.g. during logging) if we can always refer to
 them. Also, the tls_ variables are now always visible. */
@@ -140,6 +144,8 @@ extern uschar *tls_resumption_hosts;   /* TLS session resumption */
 extern uschar *tls_try_verify_hosts;   /* Optional client verification */
 extern uschar *tls_verify_certificates;/* Path for certificates to check */
 extern uschar *tls_verify_hosts;       /* Mandatory client verification */
+extern int     tls_watch_fd;          /* for inotify of creds files */
+extern time_t  tls_watch_trigger_time; /* non-0: triggered */
 #endif
 extern uschar *tls_advertise_hosts;    /* host for which TLS is advertised */
 
@@ -426,6 +432,8 @@ extern uschar *config_main_filename;   /* File name actually used */
 extern uschar *config_main_directory;  /* Directory where the main config file was found */
 extern uid_t   config_uid;             /* Additional owner */
 extern uschar *continue_proxy_cipher;  /* TLS cipher for proxied continued delivery */
+extern BOOL    continue_proxy_dane;    /* proxied conn is DANE */
+extern uschar *continue_proxy_sni;     /* proxied conn SNI */
 extern uschar *continue_hostname;      /* Host for continued delivery */
 extern uschar *continue_host_address;  /* IP address for ditto */
 extern int     continue_sequence;      /* Sequence num for continued delivery */
@@ -544,6 +552,7 @@ extern int     dns_dane_ok;            /* Ok to use DANE when checking TLS authe
 extern int     dns_retrans;            /* Retransmission time setting */
 extern int     dns_retry;              /* Number of retries */
 extern int     dns_dnssec_ok;          /* When constructing DNS query, set DO flag */
+extern const uschar * dns_rc_names[];  /* Mostly for debug output */
 extern uschar *dns_trust_aa;           /* DNSSEC trust AA as AD */
 extern int     dns_use_edns0;          /* Coerce EDNS0 support on/off in resolver. */
 extern uschar *dnslist_domain;         /* DNS (black) list domain */
@@ -783,6 +792,7 @@ extern uschar *proxy_external_address; /* IP of remote interface of proxy */
 extern int     proxy_external_port;    /* Port on remote interface of proxy */
 extern uschar *proxy_local_address;    /* IP of local interface of proxy */
 extern int     proxy_local_port;       /* Port on local interface of proxy */
+extern int     proxy_protocol_timeout; /* Timeout for proxy negotiation */
 extern BOOL    proxy_session;          /* TRUE if receiving mail from valid proxy  */
 #endif
 
@@ -920,7 +930,7 @@ extern BOOL    smtp_accept_keepalive;  /* Set keepalive on incoming */
 extern int     smtp_accept_max;        /* Max SMTP connections */
 extern int     smtp_accept_max_nonmail;/* Max non-mail commands in one con */
 extern uschar *smtp_accept_max_nonmail_hosts; /* Limit non-mail cmds from these hosts */
-extern int     smtp_accept_max_per_connection; /* Max msgs per connection */
+extern uschar *smtp_accept_max_per_connection; /* Max msgs per connection */
 extern uschar *smtp_accept_max_per_host; /* Max SMTP cons from one IP addr */
 extern int     smtp_accept_queue;      /* Queue after so many connections */
 extern int     smtp_accept_queue_per_connection; /* Queue after so many msgs */