* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2015 */
+/* Copyright (c) University of Cambridge 1995 - 2016 */
/* See the file NOTICE for conditions of use and distribution. */
/* Functions for reading the configuration file, and for displaying
#include "exim.h"
+extern char **environ;
+
static void fn_smtp_receive_timeout(const uschar * name, const uschar * str);
static void save_config_line(const uschar* line);
static void save_config_position(const uschar *file, int line);
-static void print_config(BOOL admin);
+static void print_config(BOOL admin, BOOL terse);
+static void readconf_options_auths(void);
+
#define CSTATE_STACK_SIZE 10
+const uschar *config_directory = NULL;
+
/* Structure for chain (stack) of .included files */
typedef struct config_file_item {
struct config_file_item *next;
- uschar *filename;
+ const uschar *filename;
+ const uschar *directory;
FILE *file;
int lineno;
} config_file_item;
{ "acl_smtp_starttls", opt_stringptr, &acl_smtp_starttls },
#endif
{ "acl_smtp_vrfy", opt_stringptr, &acl_smtp_vrfy },
+ { "add_environment", opt_stringptr, &add_environment },
{ "admin_groups", opt_gidlist, &admin_groups },
{ "allow_domain_literals", opt_bool, &allow_domain_literals },
{ "allow_mx_to_ip", opt_bool, &allow_mx_to_ip },
{ "bounce_message_file", opt_stringptr, &bounce_message_file },
{ "bounce_message_text", opt_stringptr, &bounce_message_text },
{ "bounce_return_body", opt_bool, &bounce_return_body },
+ { "bounce_return_linesize_limit", opt_mkint, &bounce_return_linesize_limit },
{ "bounce_return_message", opt_bool, &bounce_return_message },
{ "bounce_return_size_limit", opt_mkint, &bounce_return_size_limit },
{ "bounce_sender_authentication",opt_stringptr,&bounce_sender_authentication },
{ "check_rfc2047_length", opt_bool, &check_rfc2047_length },
{ "check_spool_inodes", opt_int, &check_spool_inodes },
{ "check_spool_space", opt_Kint, &check_spool_space },
+ { "chunking_advertise_hosts", opt_stringptr, &chunking_advertise_hosts },
{ "daemon_smtp_port", opt_stringptr|opt_hidden, &daemon_smtp_port },
{ "daemon_smtp_ports", opt_stringptr, &daemon_smtp_port },
{ "daemon_startup_retries", opt_int, &daemon_startup_retries },
{ "dccifd_address", opt_stringptr, &dccifd_address },
{ "dccifd_options", opt_stringptr, &dccifd_options },
#endif
+ { "debug_store", opt_bool, &debug_store },
{ "delay_warning", opt_timelist, &delay_warning },
{ "delay_warning_condition", opt_stringptr, &delay_warning_condition },
{ "deliver_drop_privilege", opt_bool, &deliver_drop_privilege },
{ "dns_retry", opt_int, &dns_retry },
{ "dns_trust_aa", opt_stringptr, &dns_trust_aa },
{ "dns_use_edns0", opt_int, &dns_use_edns0 },
- /* This option is now a no-op, retained for compability */
+ /* This option is now a no-op, retained for compatibility */
{ "drop_cr", opt_bool, &drop_cr },
/*********************************************************/
{ "dsn_advertise_hosts", opt_stringptr, &dsn_advertise_hosts },
#ifdef SUPPORT_TLS
{ "gnutls_allow_auto_pkcs11", opt_bool, &gnutls_allow_auto_pkcs11 },
{ "gnutls_compat_mode", opt_bool, &gnutls_compat_mode },
- /* These three gnutls_require_* options stopped working in Exim 4.80 */
- /* From 4.83 we log a warning; a future relase will remove them */
- { "gnutls_require_kx", opt_stringptr, &gnutls_require_kx },
- { "gnutls_require_mac", opt_stringptr, &gnutls_require_mac },
- { "gnutls_require_protocols", opt_stringptr, &gnutls_require_proto },
#endif
{ "header_line_maxsize", opt_int, &header_line_maxsize },
{ "header_maxsize", opt_int, &header_maxsize },
{ "ignore_bounce_errors_after", opt_time, &ignore_bounce_errors_after },
{ "ignore_fromline_hosts", opt_stringptr, &ignore_fromline_hosts },
{ "ignore_fromline_local", opt_bool, &ignore_fromline_local },
+ { "keep_environment", opt_stringptr, &keep_environment },
{ "keep_malformed", opt_time, &keep_malformed },
#ifdef LOOKUP_LDAP
{ "ldap_ca_cert_dir", opt_stringptr, &eldap_ca_cert_dir },
#ifdef EXIM_PERL
{ "perl_at_start", opt_bool, &opt_perl_at_start },
{ "perl_startup", opt_stringptr, &opt_perl_startup },
+ { "perl_taintmode", opt_bool, &opt_perl_taintmode },
#endif
#ifdef LOOKUP_PGSQL
{ "pgsql_servers", opt_stringptr, &pgsql_servers },
{ "queue_only_load_latch", opt_bool, &queue_only_load_latch },
{ "queue_only_override", opt_bool, &queue_only_override },
{ "queue_run_in_order", opt_bool, &queue_run_in_order },
- { "queue_run_max", opt_int, &queue_run_max },
+ { "queue_run_max", opt_stringptr, &queue_run_max },
{ "queue_smtp_domains", opt_stringptr, &queue_smtp_domains },
{ "receive_timeout", opt_time, &receive_timeout },
{ "received_header_text", opt_stringptr, &received_header_text },
#endif
{ "split_spool_directory", opt_bool, &split_spool_directory },
{ "spool_directory", opt_stringptr, &spool_directory },
+ { "spool_wireformat", opt_bool, &spool_wireformat },
#ifdef LOOKUP_SQLITE
{ "sqlite_lock_timeout", opt_int, &sqlite_lock_timeout },
#endif
{ "strip_trailing_dot", opt_bool, &strip_trailing_dot },
{ "syslog_duplication", opt_bool, &syslog_duplication },
{ "syslog_facility", opt_stringptr, &syslog_facility_str },
+ { "syslog_pid", opt_bool, &syslog_pid },
{ "syslog_processname", opt_stringptr, &syslog_processname },
{ "syslog_timestamp", opt_bool, &syslog_timestamp },
{ "system_filter", opt_stringptr, &system_filter },
{ "write_rejectlog", opt_bool, &write_rejectlog }
};
-static int optionlist_config_size =
- sizeof(optionlist_config)/sizeof(optionlist);
+static int optionlist_config_size = nelem(optionlist_config);
router_instance *r;
transport_instance *t;
-for (i = 0; i < optionlist_config_size; i++)
+for (i = 0; i < nelem(optionlist_config); i++)
if (p == optionlist_config[i].value) return US optionlist_config[i].name;
-for (r = routers; r != NULL; r = r->next)
+for (r = routers; r; r = r->next)
{
router_info *ri = r->info;
for (i = 0; i < *ri->options_count; i++)
}
}
-for (t = transports; t != NULL; t = t->next)
+for (t = transports; t; t = t->next)
{
transport_info *ti = t->info;
for (i = 0; i < *ti->options_count; i++)
* Deal with an assignment to a macro *
*************************************************/
+/* We have a new definition. The macro_item structure includes a final vector
+called "name" which is one byte long. Thus, adding "namelen" gives us enough
+room to store the "name" string.
+If a builtin macro we place at head of list, else tail. This lets us lazy-create
+builtins. */
+
+macro_item *
+macro_create(const uschar * name, const uschar * val,
+ BOOL command_line, BOOL builtin)
+{
+unsigned namelen = Ustrlen(name);
+macro_item * m = store_get(sizeof(macro_item) + namelen);
+
+/* fprintf(stderr, "%s: '%s' '%s'\n", __FUNCTION__, name, val) */
+if (!macros)
+ {
+ macros = m;
+ mlast = m;
+ m->next = NULL;
+ }
+else if (builtin)
+ {
+ m->next = macros;
+ macros = m;
+ }
+else
+ {
+ mlast->next = m;
+ mlast = m;
+ m->next = NULL;
+ }
+m->command_line = command_line;
+m->namelen = namelen;
+m->replacement = string_copy(val);
+Ustrcpy(m->name, name);
+return m;
+}
+
+
/* This function is called when a line that starts with an upper case letter is
encountered. The argument "line" should contain a complete logical line, and
start with the first letter of the macro name. The macro name and the
int namelen = 0;
BOOL redef = FALSE;
macro_item *m;
-macro_item *mlast = NULL;
while (isalnum(*s) || *s == '_')
{
just skip this definition. It's an error to attempt to redefine a macro without
redef set to TRUE, or to redefine a macro when it hasn't been defined earlier.
It is also an error to define a macro whose name begins with the name of a
-previously defined macro. Note: it is documented that the other way round
-works. */
+previously defined macro. This is the requirement that make using a tree
+for macros hard; we must check all macros for the substring. Perhaps a
+sorted list, and a bsearch, would work?
+Note: it is documented that the other way round works. */
-for (m = macros; m != NULL; m = m->next)
+for (m = macros; m; m = m->next)
{
- int len = Ustrlen(m->name);
-
if (Ustrcmp(m->name, name) == 0)
{
if (!m->command_line && !redef)
break;
}
- if (len < namelen && Ustrstr(name, m->name) != NULL)
+ if (m->namelen < namelen && Ustrstr(name, m->name) != NULL)
log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
"a macro because previously defined macro \"%s\" is a substring",
name, m->name);
/* We cannot have this test, because it is documented that a substring
macro is permitted (there is even an example).
*
- * if (len > namelen && Ustrstr(m->name, name) != NULL)
+ * if (m->namelen > namelen && Ustrstr(m->name, name) != NULL)
* log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
* "a macro because it is a substring of previously defined macro \"%s\"",
* name, m->name);
*/
-
- mlast = m;
}
/* Check for an overriding command-line definition. */
-if (m != NULL && m->command_line) return;
+if (m && m->command_line) return;
/* Redefinition must refer to an existing macro. */
if (redef)
- {
- if (m == NULL)
+ if (m)
+ m->replacement = string_copy(s);
+ else
log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "can't redefine an undefined macro "
"\"%s\"", name);
- }
-
-/* We have a new definition. The macro_item structure includes a final vector
-called "name" which is one byte long. Thus, adding "namelen" gives us enough
-room to store the "name" string. */
+/* We have a new definition. */
else
- {
- m = store_get(sizeof(macro_item) + namelen);
- if (macros == NULL) macros = m; else mlast->next = m;
- Ustrncpy(m->name, name, namelen);
- m->name[namelen] = 0;
- m->next = NULL;
- m->command_line = FALSE;
- }
+ (void) macro_create(name, s, FALSE, FALSE);
+}
+
+
+
+
+
+/*************************************************/
+/* Create compile-time feature macros */
+static void
+readconf_features(void)
+{
+/* Probably we could work out a static initialiser for wherever
+macros are stored, but this will do for now. Some names are awkward
+due to conflicts with other common macros. */
-/* Set the value of the new or redefined macro */
+#ifdef SUPPORT_CRYPTEQ
+ macro_create(US"_HAVE_CRYPTEQ", US"y", FALSE, TRUE);
+#endif
+#if HAVE_ICONV
+ macro_create(US"_HAVE_ICONV", US"y", FALSE, TRUE);
+#endif
+#if HAVE_IPV6
+ macro_create(US"_HAVE_IPV6", US"y", FALSE, TRUE);
+#endif
+#ifdef HAVE_SETCLASSRESOURCES
+ macro_create(US"_HAVE_SETCLASSRESOURCES", US"y", FALSE, TRUE);
+#endif
+#ifdef SUPPORT_PAM
+ macro_create(US"_HAVE_PAM", US"y", FALSE, TRUE);
+#endif
+#ifdef EXIM_PERL
+ macro_create(US"_HAVE_PERL", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPAND_DLFUNC
+ macro_create(US"_HAVE_DLFUNC", US"y", FALSE, TRUE);
+#endif
+#ifdef USE_TCP_WRAPPERS
+ macro_create(US"_HAVE_TCPWRAPPERS", US"y", FALSE, TRUE);
+#endif
+#ifdef SUPPORT_TLS
+ macro_create(US"_HAVE_TLS", US"y", FALSE, TRUE);
+# ifdef USE_GNUTLS
+ macro_create(US"_HAVE_GNUTLS", US"y", FALSE, TRUE);
+# else
+ macro_create(US"_HAVE_OPENSSL", US"y", FALSE, TRUE);
+# endif
+#endif
+#ifdef SUPPORT_TRANSLATE_IP_ADDRESS
+ macro_create(US"_HAVE_TRANSLATE_IP_ADDRESS", US"y", FALSE, TRUE);
+#endif
+#ifdef SUPPORT_MOVE_FROZEN_MESSAGES
+ macro_create(US"_HAVE_MOVE_FROZEN_MESSAGES", US"y", FALSE, TRUE);
+#endif
+#ifdef WITH_CONTENT_SCAN
+ macro_create(US"_HAVE_CONTENT_SCANNING", US"y", FALSE, TRUE);
+#endif
+#ifndef DISABLE_DKIM
+ macro_create(US"_HAVE_DKIM", US"y", FALSE, TRUE);
+#endif
+#ifndef DISABLE_DNSSEC
+ macro_create(US"_HAVE_DNSSEC", US"y", FALSE, TRUE);
+#endif
+#ifndef DISABLE_EVENT
+ macro_create(US"_HAVE_EVENT", US"y", FALSE, TRUE);
+#endif
+#ifdef SUPPORT_I18N
+ macro_create(US"_HAVE_I18N", US"y", FALSE, TRUE);
+#endif
+#ifndef DISABLE_OCSP
+ macro_create(US"_HAVE_OCSP", US"y", FALSE, TRUE);
+#endif
+#ifndef DISABLE_PRDR
+ macro_create(US"_HAVE_PRDR", US"y", FALSE, TRUE);
+#endif
+#ifdef SUPPORT_PROXY
+ macro_create(US"_HAVE_PROXY", US"y", FALSE, TRUE);
+#endif
+#ifdef SUPPORT_SOCKS
+ macro_create(US"_HAVE_SOCKS", US"y", FALSE, TRUE);
+#endif
+#ifdef TCP_FASTOPEN
+ macro_create(US"_HAVE_TCP_FASTOPEN", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPERIMENTAL_LMDB
+ macro_create(US"_HAVE_LMDB", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPERIMENTAL_SPF
+ macro_create(US"_HAVE_SPF", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPERIMENTAL_SRS
+ macro_create(US"_HAVE_SRS", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPERIMENTAL_BRIGHTMAIL
+ macro_create(US"_HAVE_BRIGHTMAIL", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPERIMENTAL_DANE
+ macro_create(US"_HAVE_DANE", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPERIMENTAL_DCC
+ macro_create(US"_HAVE_DCC", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPERIMENTAL_DMARC
+ macro_create(US"_HAVE_DMARC", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPERIMENTAL_DSN_INFO
+ macro_create(US"_HAVE_DSN_INFO", US"y", FALSE, TRUE);
+#endif
-m->replacement = string_copy(s);
+#ifdef LOOKUP_LSEARCH
+ macro_create(US"_HAVE_LOOKUP_LSEARCH", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_CDB
+ macro_create(US"_HAVE_LOOKUP_CDB", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_DBM
+ macro_create(US"_HAVE_LOOKUP_DBM", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_DNSDB
+ macro_create(US"_HAVE_LOOKUP_DNSDB", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_DSEARCH
+ macro_create(US"_HAVE_LOOKUP_DSEARCH", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_IBASE
+ macro_create(US"_HAVE_LOOKUP_IBASE", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_LDAP
+ macro_create(US"_HAVE_LOOKUP_LDAP", US"y", FALSE, TRUE);
+#endif
+#ifdef EXPERIMENTAL_LMDB
+ macro_create(US"_HAVE_LOOKUP_LMDB", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_MYSQL
+ macro_create(US"_HAVE_LOOKUP_MYSQL", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_NIS
+ macro_create(US"_HAVE_LOOKUP_NIS", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_NISPLUS
+ macro_create(US"_HAVE_LOOKUP_NISPLUS", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_ORACLE
+ macro_create(US"_HAVE_LOOKUP_ORACLE", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_PASSWD
+ macro_create(US"_HAVE_LOOKUP_PASSWD", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_PGSQL
+ macro_create(US"_HAVE_LOOKUP_PGSQL", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_REDIS
+ macro_create(US"_HAVE_LOOKUP_REDIS", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_SQLITE
+ macro_create(US"_HAVE_LOOKUP_SQLITE", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_TESTDB
+ macro_create(US"_HAVE_LOOKUP_TESTDB", US"y", FALSE, TRUE);
+#endif
+#ifdef LOOKUP_WHOSON
+ macro_create(US"_HAVE_LOOKUP_WHOSON", US"y", FALSE, TRUE);
+#endif
+
+#ifdef TRANSPORT_APPENDFILE
+# ifdef SUPPORT_MAILDIR
+ macro_create(US"_HAVE_TRANSPORT_APPEND_MAILDIR", US"y", FALSE, TRUE);
+# endif
+# ifdef SUPPORT_MAILSTORE
+ macro_create(US"_HAVE_TRANSPORT_APPEND_MAILSTORE", US"y", FALSE, TRUE);
+# endif
+# ifdef SUPPORT_MBX
+ macro_create(US"_HAVE_TRANSPORT_APPEND_MBX", US"y", FALSE, TRUE);
+# endif
+#endif
}
+void
+readconf_options_from_list(optionlist * opts, unsigned nopt, const uschar * section, uschar * group)
+{
+int i;
+const uschar * s;
+
+/* The 'previously-defined-substring' rule for macros in config file
+lines is done so for these builtin macros: we know that the table
+we source from is in strict alpha order, hence the builtins portion
+of the macros list is in reverse-alpha (we prepend them) - so longer
+macros that have substrings are always discovered first during
+expansion. */
+
+for (i = 0; i < nopt; i++) if (*(s = US opts[i].name) && *s != '*')
+ if (group)
+ macro_create(string_sprintf("_OPT_%T_%T_%T", section, group, s), US"y", FALSE, TRUE);
+ else
+ macro_create(string_sprintf("_OPT_%T_%T", section, s), US"y", FALSE, TRUE);
+}
+static void
+readconf_options(void)
+{
+readconf_options_from_list(optionlist_config, nelem(optionlist_config), US"MAIN", NULL);
+readconf_options_routers();
+readconf_options_transports();
+readconf_options_auths();
+}
+
+static void
+macros_create_builtin(void)
+{
+readconf_features();
+readconf_options();
+macros_builtin_created = TRUE;
+}
+
/*************************************************
* Read configuration line *
(void)fclose(config_file);
config_file = config_file_stack->file;
config_filename = config_file_stack->filename;
+ config_directory = config_file_stack->directory;
config_lineno = config_file_stack->lineno;
config_file_stack = config_file_stack->next;
if (config_lines)
if (*s != '=') s = ss; /* Not a macro definition */
}
+ /* If the builtin macros are not yet defined, and the line contains an
+ underscrore followed by an one of the three possible chars used by
+ builtins, create them. */
+
+ if (!macros_builtin_created)
+ {
+ const uschar * t, * p;
+ uschar c;
+ for (t = s; (p = CUstrchr(t, '_')); t = p+1)
+ if (c = p[1], c == 'O' || c == 'D' || c == 'H')
+ {
+/* fprintf(stderr, "%s: builtins create triggered by '%s'\n", __FUNCTION__, s); */
+ builtin_macros_create_trigger = string_copy(s);
+ macros_create_builtin();
+ break;
+ }
+ }
+
/* For each defined macro, scan the line (from after XXX= if present),
replacing all occurrences of the macro. */
macro_found = FALSE;
- for (m = macros; m != NULL; m = m->next)
+ for (m = macros; m; m = m->next)
{
uschar *p, *pp;
uschar *t = s;
while ((p = Ustrstr(t, m->name)) != NULL)
{
int moveby;
- int namelen = Ustrlen(m->name);
int replen = Ustrlen(m->replacement);
+/* fprintf(stderr, "%s: matched '%s' in '%s'\n", __FUNCTION__, m->name, t) */
/* Expand the buffer if necessary */
- while (newlen - namelen + replen + 1 > big_buffer_size)
+ while (newlen - m->namelen + replen + 1 > big_buffer_size)
{
int newsize = big_buffer_size + BIG_BUFFER_SIZE;
uschar *newbuffer = store_malloc(newsize);
copying in the replacement text. Don't rescan the replacement for this
same macro. */
- pp = p + namelen;
- moveby = replen - namelen;
- if (moveby != 0)
+ pp = p + m->namelen;
+ if ((moveby = replen - m->namelen) != 0)
{
memmove(p + replen, pp, (big_buffer + newlen) - pp + 1);
newlen += moveby;
}
*t = 0;
+ /* We allow relative file names. For security reasons currently
+ relative names not allowed with .include_if_exists. For .include_if_exists
+ we need to check the permissions/ownership of the containing folder */
if (*ss != '/')
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, ".include specifies a non-"
- "absolute path \"%s\"", ss);
+ if (include_if_exists) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, ".include specifies a non-"
+ "absolute path \"%s\"", ss);
+ else
+ {
+ int offset = 0;
+ int size = 0;
+ ss = string_append(NULL, &size, &offset, 3, config_directory, "/", ss);
+ ss[offset] = '\0'; /* string_append() does not zero terminate the string! */
+ }
if (include_if_exists != 0 && (Ustat(ss, &statbuf) != 0)) continue;
config_file_stack = save;
save->file = config_file;
save->filename = config_filename;
+ save->directory = config_directory;
save->lineno = config_lineno;
- config_file = Ufopen(ss, "rb");
- if (config_file == NULL)
+ if (!(config_file = Ufopen(ss, "rb")))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to open included "
"configuration file %s", ss);
+
config_filename = string_copy(ss);
+ config_directory = string_copyn(ss, CUstrrchr(ss, '/') - ss);
config_lineno = 0;
continue;
}
{
int middle = (first + last)/2;
int c = Ustrcmp(name, ol[middle].name);
+
if (c == 0) return ol + middle;
- else if (c > 0) first = middle + 1;
- else last = middle;
+ else if (c > 0) first = middle + 1;
+ else last = middle;
}
return NULL;
}
uschar *inttype = US"";
uschar *sptr;
uschar *s = buffer;
-uschar *saved_condition, *strtemp;
uschar **str_target;
uschar name[64];
uschar name2[64];
/* Search the list for the given name. A non-existent name, or an option that
is set twice, is a disaster. */
-ol = find_option(name + offset, oltop, last);
-
-if (ol == NULL)
+if (!(ol = find_option(name + offset, oltop, last)))
{
if (unknown_txt == NULL) return FALSE;
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, CS unknown_txt, name);
control block and flags word. */
case opt_stringptr:
- if (data_block == NULL)
- str_target = (uschar **)(ol->value);
- else
- str_target = (uschar **)((uschar *)data_block + (long int)(ol->value));
+ str_target = data_block ? USS (US data_block + (long int)(ol->value))
+ : USS (ol->value);
if (ol->type & opt_rep_con)
{
+ uschar * saved_condition;
/* We already have a condition, we're conducting a crude hack to let
multiple condition rules be chained together, despite storing them in
text form. */
- saved_condition = *str_target;
- strtemp = string_sprintf("${if and{{bool_lax{%s}}{bool_lax{%s}}}}",
- saved_condition, sptr);
- *str_target = string_copy_malloc(strtemp);
+ *str_target = string_copy_malloc( (saved_condition = *str_target)
+ ? string_sprintf("${if and{{bool_lax{%s}}{bool_lax{%s}}}}",
+ saved_condition, sptr)
+ : sptr);
/* TODO(pdp): there is a memory leak here and just below
when we set 3 or more conditions; I still don't
understand the store mechanism enough to know
break;
case opt_rewrite:
- if (data_block == NULL)
- *((uschar **)(ol->value)) = sptr;
+ if (data_block)
+ *USS (US data_block + (long int)(ol->value)) = sptr;
else
- *((uschar **)((uschar *)data_block + (long int)(ol->value))) = sptr;
+ *USS (ol->value) = sptr;
freesptr = FALSE;
if (type == opt_rewrite)
{
inttype = US"octal ";
/* Integer: a simple(ish) case; allow octal and hex formats, and
- suffixes K and M. The different types affect output, not input. */
+ suffixes K, M and G. The different types affect output, not input. */
case opt_mkint:
case opt_int:
inttype, name);
if (errno != ERANGE)
- {
if (tolower(*endptr) == 'k')
{
if (lvalue > INT_MAX/1024 || lvalue < INT_MIN/1024) errno = ERANGE;
else lvalue *= 1024*1024;
endptr++;
}
- }
+ else if (tolower(*endptr) == 'g')
+ {
+ if (lvalue > INT_MAX/(1024*1024*1024) || lvalue < INT_MIN/(1024*1024*1024))
+ errno = ERANGE;
+ else lvalue *= 1024*1024*1024;
+ endptr++;
+ }
if (errno == ERANGE || lvalue > INT_MAX || lvalue < INT_MIN)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
*((int *)((uschar *)data_block + (long int)(ol->value))) = value;
break;
- /* Integer held in K: again, allow octal and hex formats, and suffixes K and
- M. */
+ /* Integer held in K: again, allow octal and hex formats, and suffixes K, M
+ and G. */
+ /*XXX consider moving to int_eximarith_t (but mind the overflow test 0415) */
case opt_Kint:
{
inttype, name);
if (errno != ERANGE)
- {
- if (tolower(*endptr) == 'm')
+ if (tolower(*endptr) == 'g')
{
- if (value > INT_MAX/1024 || value < INT_MIN/1024) errno = ERANGE;
- else value *= 1024;
+ if (value > INT_MAX/(1024*1024) || value < INT_MIN/(1024*1024))
+ errno = ERANGE;
+ else
+ value *= 1024*1024;
endptr++;
}
- else if (tolower(*endptr) == 'k')
+ else if (tolower(*endptr) == 'm')
{
+ if (value > INT_MAX/1024 || value < INT_MIN/1024)
+ errno = ERANGE;
+ else
+ value *= 1024;
endptr++;
}
+ else if (tolower(*endptr) == 'k')
+ endptr++;
else
- {
value = (value + 512)/1024;
- }
- }
if (errno == ERANGE) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
"absolute value of integer \"%s\" is too large (overflow)", s);
if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
"integer \"%s\" is too large (overflow)", s);
+ /* We get a coverity error here for using count, as it derived
+ from the tainted buffer pointed to by s, as parsed by sscanf().
+ By the definition of sscanf we must be accessing between start
+ and end of s (assuming it is nul-terminated...) so ignore the error. */
+ /* coverity[tainted_data] */
if (s[count] == '.')
{
int d = 100;
+name print a named list item
local_scan print the local_scan options
config print the configuration as it is parsed
+ environment print the used execution environment
If the second argument is not NULL, it must be one of "router", "transport",
"authenticator" or "macro" in which case the first argument identifies the
return;
}
- if ( Ustrcmp(name, "configure_file") == 0
- ||Ustrcmp(name, "config_file") == 0)
+ if ( Ustrcmp(name, "configure_file") == 0
+ || Ustrcmp(name, "config_file") == 0)
{
printf("%s\n", CS config_main_filename);
return;
if (Ustrcmp(name, "all") == 0)
{
for (ol = optionlist_config;
- ol < optionlist_config + optionlist_config_size; ol++)
+ ol < optionlist_config + nelem(optionlist_config); ol++)
{
if ((ol->type & opt_hidden) == 0)
print_ol(ol, US ol->name, NULL,
- optionlist_config, optionlist_config_size,
+ optionlist_config, nelem(optionlist_config),
no_labels);
}
return;
if (Ustrcmp(name, "config") == 0)
{
- print_config(admin_user);
+ print_config(admin_user, no_labels);
return;
}
names_only = TRUE;
}
+ else if (Ustrcmp(name, "environment") == 0)
+ {
+ if (environ)
+ {
+ uschar ** p;
+ for (p = USS environ; *p; p++) ;
+ qsort(environ, p - USS environ, sizeof(*p), string_compare_by_pointer);
+
+ for (p = USS environ; *p; p++)
+ {
+ uschar * q;
+ if (no_labels && (q = Ustrchr(*p, '='))) *q = '\0';
+ puts(CS *p);
+ }
+ }
+ return;
+ }
+
else
{
- print_ol(find_option(name, optionlist_config, optionlist_config_size),
- name, NULL, optionlist_config, optionlist_config_size, no_labels);
+ print_ol(find_option(name, optionlist_config, nelem(optionlist_config)),
+ name, NULL, optionlist_config, nelem(optionlist_config), no_labels);
return;
}
}
fprintf(stderr, "exim: permission denied\n");
exit(EXIT_FAILURE);
}
- for (m = macros; m != NULL; m = m->next)
- {
- if (name == NULL || Ustrcmp(name, m->name) == 0)
+ if (!macros_builtin_created) macros_create_builtin();
+ for (m = macros; m; m = m->next)
+ if (!name || Ustrcmp(name, m->name) == 0)
{
if (names_only)
printf("%s\n", CS m->name);
else
printf("%s=%s\n", CS m->name, CS m->replacement);
- if (name != NULL)
+ if (name)
return;
}
- }
- if (name != NULL)
+ if (name)
printf("%s %s not found\n", type, name);
return;
}
#ifdef SUPPORT_TLS
static BOOL
-tls_dropprivs_validate_require_cipher(void)
+tls_dropprivs_validate_require_cipher(BOOL nowarn)
{
const uschar *errmsg;
pid_t pid;
|| Ustrcmp(tls_advertise_hosts, ":") == 0
)
return TRUE;
-else if (!tls_certificate)
- log_write(0, LOG_MAIN|LOG_PANIC,
- "Warning: No server certificate defined; TLS connections will fail.\n"
+else if (!nowarn && !tls_certificate)
+ log_write(0, LOG_MAIN,
+ "Warning: No server certificate defined; will use a selfsigned one.\n"
" Suggested action: either install a certificate or change tls_advertise_hosts option");
oldsignal = signal(SIGCHLD, SIG_DFL);
exim_setugid(exim_uid, exim_gid, FALSE,
US"calling tls_validate_require_cipher");
- errmsg = tls_validate_require_cipher();
- if (errmsg)
- {
+ if ((errmsg = tls_validate_require_cipher()))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"tls_require_ciphers invalid: %s", errmsg);
- }
fflush(NULL);
_exit(0);
}
options. */
void
-readconf_main(void)
+readconf_main(BOOL nowarn)
{
int sep = 0;
struct stat statbuf;
/* Loop through the possible file names */
-while((filename = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))
- != NULL)
+while((filename = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)))
{
+
/* Cut out all the fancy processing unless specifically wanted */
#if defined(CONFIGURE_FILE_USE_NODE) || defined(CONFIGURE_FILE_USE_EUID)
config_main_filename is the name shown by -bP. Failure to open a configuration
file is a serious disaster. */
-if (config_file != NULL)
+if (config_file)
{
- uschar *p;
+ uschar *last_slash = Ustrrchr(filename, '/');
config_filename = config_main_filename = string_copy(filename);
- p = Ustrrchr(filename, '/');
- config_main_directory = p ? string_copyn(filename, p - filename)
- : string_copy(US".");
+ /* The config_main_directory we need for the $config_dir expansion.
+ config_main_filename we need for $config_file expansion.
+ And config_dir is the directory of the current configuration, used for
+ relative .includes. We do need to know it's name, as we change our working
+ directory later. */
+
+ if (filename[0] == '/')
+ config_main_directory = last_slash == filename ? US"/" : string_copyn(filename, last_slash - filename);
+ else
+ {
+ /* relative configuration file name: working dir + / + basename(filename) */
+
+ uschar buf[PATH_MAX];
+ int offset = 0;
+ int size = 0;
+
+ if (os_getcwd(buf, PATH_MAX) == NULL)
+ {
+ perror("exim: getcwd");
+ exit(EXIT_FAILURE);
+ }
+ config_main_directory = string_cat(NULL, &size, &offset, buf);
+
+ /* If the dir does not end with a "/", append one */
+ if (config_main_directory[offset-1] != '/')
+ config_main_directory = string_catn(config_main_directory, &size, &offset, US"/", 1);
+
+ /* If the config file contains a "/", extract the directory part */
+ if (last_slash)
+ config_main_directory = string_catn(config_main_directory, &size, &offset, filename, last_slash - filename);
+
+ config_main_directory[offset] = '\0';
+ }
+ config_directory = config_main_directory;
}
else
{
"configuration file %s", filename));
}
+/* Now, once we found and opened our configuration file, we change the directory
+to a safe place. Later we change to $spool_directory. */
+
+if (Uchdir("/") < 0)
+ {
+ perror("exim: chdir `/': ");
+ exit(EXIT_FAILURE);
+ }
+
/* Check the status of the file we have opened, if we have retained root
privileges and the file isn't /dev/null (which *should* be 0666). */
/* This also checks that the library linkage is working and we can call
routines in it, so call even if tls_require_ciphers is unset */
-if (!tls_dropprivs_validate_require_cipher())
+if (!tls_dropprivs_validate_require_cipher(nowarn))
exit(1);
/* Magic number: at time of writing, 1024 has been the long-standing value
"tls_dh_max_bits is too small, must be at least 1024 for interop");
/* If openssl_options is set, validate it */
-if (openssl_options != NULL)
+if (openssl_options)
{
# ifdef USE_GNUTLS
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"openssl_options is set but we're using GnuTLS");
# else
long dummy;
- if (!(tls_openssl_options_parse(openssl_options, &dummy)))
+ if (!tls_openssl_options_parse(openssl_options, &dummy))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"openssl_options parse error: %s", openssl_options);
# endif
}
-
-if (gnutls_require_kx || gnutls_require_mac || gnutls_require_proto)
- log_write(0, LOG_MAIN, "WARNING: main options"
- " gnutls_require_kx, gnutls_require_mac and gnutls_require_protocols"
- " are obsolete\n");
#endif /*SUPPORT_TLS*/
+
+if (!nowarn && !keep_environment && environ && *environ)
+ log_write(0, LOG_MAIN,
+ "Warning: purging the environment.\n"
+ " Suggested action: use keep_environment.");
}
if (isupper(*name) && *s == '=')
{
- if (d != NULL)
+ if (d)
{
- if (d->driver_name == NULL)
+ if (!d->driver_name)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"no driver defined for %s \"%s\"", class, d->name);
(d->info->init)(d);
/* Finish off initializing the previous driver. */
- if (d != NULL)
+ if (d)
{
- if (d->driver_name == NULL)
+ if (!d->driver_name)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"no driver defined for %s \"%s\"", class, d->name);
(d->info->init)(d);
/* Check that we haven't already got a driver of this name */
- for (d = *anchor; d != NULL; d = d->next)
+ for (d = *anchor; d; d = d->next)
if (Ustrcmp(name, d->name) == 0)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"there are two %ss called \"%s\"", class, name);
d = store_get(instance_size);
memcpy(d, instance_default, instance_size);
*p = d;
- p = &(d->next);
+ p = &d->next;
d->name = string_copy(name);
/* Clear out the "set" bits in the generic options */
/* Not the start of a new driver. Give an error if we have not set up a
current driver yet. */
- if (d == NULL) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
- "%s name missing", class);
+ if (!d)
+ log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%s name missing", class);
/* First look to see if this is a generic option; if it is "driver",
initialize the driver. If is it not a generic option, we can look for a
if (readconf_handle_option(buffer, driver_optionlist,
driver_optionlist_count, d, NULL))
{
- if (d->info == NULL && d->driver_name != NULL)
+ if (!d->info && d->driver_name)
init_driver(d, drivers_available, size_of_info, class);
}
live therein. A flag with each option indicates if it is in the public
block. */
- else if (d->info != NULL)
- {
+ else if (d->info)
readconf_handle_option(buffer, d->info->options,
*(d->info->options_count), d, US"option \"%s\" unknown");
- }
/* The option is not generic and the driver name has not yet been given. */
/* Run the initialization function for the final driver. */
-if (d != NULL)
+if (d)
{
- if (d->driver_name == NULL)
+ if (!d->driver_name)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"no driver defined for %s \"%s\"", class, d->name);
(d->info->init)(d);
* Initialize authenticators *
*************************************************/
+static void
+readconf_options_auths(void)
+{
+struct auth_info * ai;
+
+readconf_options_from_list(optionlist_auths, optionlist_auths_size, US"AUTHENTICATORS", NULL);
+
+for (ai = auths_available; ai->driver_name[0]; ai++)
+ {
+ macro_create(string_sprintf("_DRIVER_AUTHENTICATOR_%T", ai->driver_name), US"y", FALSE, TRUE);
+ readconf_options_from_list(ai->options, (unsigned)*ai->options_count, US"AUTHENTICATOR", ai->driver_name);
+ }
+}
+
+
/* Read the authenticators section of the configuration file.
Arguments: none
auths_init(void)
{
auth_instance *au, *bu;
+
readconf_driver_init(US"authenticator",
(driver_instance **)(&auths), /* chain anchor */
(driver_info *)auths_available, /* available drivers */
optionlist_auths, /* generic options */
optionlist_auths_size);
-for (au = auths; au != NULL; au = au->next)
+for (au = auths; au; au = au->next)
{
- if (au->public_name == NULL)
+ if (!au->public_name)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "no public name specified for "
"the %s authenticator", au->name);
- for (bu = au->next; bu != NULL; bu = bu->next)
- {
+
+ for (bu = au->next; bu; bu = bu->next)
if (strcmpic(au->public_name, bu->public_name) == 0)
- {
if ((au->client && bu->client) || (au->server && bu->server))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "two %s authenticators "
"(%s and %s) have the same public name (%s)",
- (au->client)? US"client" : US"server", au->name, bu->name,
+ au->client ? US"client" : US"server", au->name, bu->name,
au->public_name);
- }
- }
}
}
/* List the parsed config lines, care about nice formatting and
hide the <hide> values unless we're the admin user */
void
-print_config(BOOL admin)
+print_config(BOOL admin, BOOL terse)
{
config_line_item *i;
-const int TS = 2;
+const int TS = terse ? 0 : 2;
int indent = 0;
for (i = config_lines; i; i = i->next)
;
if (next - p > 1)
- memmove(p+1, next, strlen(next)+1);
+ memmove(p+1, next, Ustrlen(next)+1);
if (*next == '"' || *next == '\'' || *next == '$')
break;
/* begin lines are left aligned */
else if (Ustrncmp(current, "begin", 5) == 0 && isspace(current[5]))
{
- puts("");
+ if (!terse) puts("");
puts(CCS current);
indent = TS;
}
/* router/acl/transport block names */
else if (current[Ustrlen(current)-1] == ':' && !Ustrchr(current, '='))
{
- printf("\n%*s%s\n", TS, "", current);
+ if (!terse) puts("");
+ printf("%*s%s\n", TS, "", current);
indent = 2 * TS;
}