X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/0a49a7a4f1090b6f1ce1d0f9d969804c9226b53e..cafbabb774a4721e4ae7de7746ec0fc27d90d8b1:/src/src/globals.c diff --git a/src/src/globals.c b/src/src/globals.c index 3e1e76cff..d3f99877c 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -1,10 +1,8 @@ -/* $Cambridge: exim/src/src/globals.c,v 1.86 2009/11/16 19:50:37 nm4 Exp $ */ - /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2009 */ +/* Copyright (c) University of Cambridge 1995 - 2014 */ /* See the file NOTICE for conditions of use and distribution. */ /* All the global variables are defined together in this one module, so @@ -13,27 +11,14 @@ that they are easy to find. */ #include "exim.h" -/* The OSF1 linker puts out a worrying warning if any sections contain no -executable code. It says - -Warning: Linking some objects which contain exception information sections - and some which do not. This may cause fatal runtime exception handling - problems. - -As this may cause people to worry needlessly, include a dummy function here -to stop the message from appearing. Make it reference itself to stop picky -compilers complaining that it is unused, and put in a dummy argument to stop -even pickier compilers complaining about infinite loops. */ - -static void dummy(int x) { dummy(x-1); } - - /* Generic options for auths, all of which live inside auth_instance data blocks and hence have the opt_public flag set. */ optionlist optionlist_auths[] = { { "client_condition", opt_stringptr | opt_public, (void *)(offsetof(auth_instance, client_condition)) }, + { "client_set_id", opt_stringptr | opt_public, + (void *)(offsetof(auth_instance, set_client_id)) }, { "driver", opt_stringptr | opt_public, (void *)(offsetof(auth_instance, driver_name)) }, { "public_name", opt_stringptr | opt_public, @@ -75,8 +60,15 @@ uschar *ibase_servers = NULL; #endif #ifdef LOOKUP_LDAP +uschar *eldap_ca_cert_dir = NULL; +uschar *eldap_ca_cert_file = NULL; +uschar *eldap_cert_file = NULL; +uschar *eldap_cert_key = NULL; +uschar *eldap_cipher_suite = NULL; uschar *eldap_default_servers = NULL; +uschar *eldap_require_cert = NULL; int eldap_version = -1; +BOOL eldap_start_tls = FALSE; #endif #ifdef LOOKUP_MYSQL @@ -91,6 +83,10 @@ uschar *oracle_servers = NULL; uschar *pgsql_servers = NULL; #endif +#ifdef EXPERIMENTAL_REDIS +uschar *redis_servers = NULL; +#endif + #ifdef LOOKUP_SQLITE int sqlite_lock_timeout = 5; #endif @@ -103,23 +99,60 @@ BOOL move_frozen_messages = FALSE; cluttered in several places (e.g. during logging) if we can always refer to them. Also, the tls_ variables are now always visible. */ -BOOL tls_active = -1; -BOOL tls_certificate_verified = FALSE; -uschar *tls_cipher = NULL; -BOOL tls_on_connect = FALSE; -uschar *tls_on_connect_ports = NULL; -uschar *tls_peerdn = NULL; +tls_support tls_in = { + -1, /* tls_active */ + 0, /* tls_bits */ + FALSE,/* tls_certificate_verified */ + NULL, /* tls_cipher */ + FALSE,/* tls_on_connect */ + NULL, /* tls_on_connect_ports */ + NULL, /* tls_ourcert */ + NULL, /* tls_peercert */ + NULL, /* tls_peerdn */ + NULL, /* tls_sni */ + 0 /* tls_ocsp */ +}; +tls_support tls_out = { + -1, /* tls_active */ + 0, /* tls_bits */ + FALSE,/* tls_certificate_verified */ + NULL, /* tls_cipher */ + FALSE,/* tls_on_connect */ + NULL, /* tls_on_connect_ports */ + NULL, /* tls_ourcert */ + NULL, /* tls_peercert */ + NULL, /* tls_peerdn */ + NULL, /* tls_sni */ + 0 /* tls_ocsp */ +}; + +#ifdef EXPERIMENTAL_DSN +uschar *dsn_envid = NULL; +int dsn_ret = 0; +const pcre *regex_DSN = NULL; +BOOL smtp_use_dsn = FALSE; +uschar *dsn_advertise_hosts = NULL; +#endif #ifdef SUPPORT_TLS BOOL gnutls_compat_mode = FALSE; +BOOL gnutls_allow_auto_pkcs11 = FALSE; uschar *gnutls_require_mac = NULL; uschar *gnutls_require_kx = NULL; uschar *gnutls_require_proto = NULL; +uschar *openssl_options = NULL; const pcre *regex_STARTTLS = NULL; uschar *tls_advertise_hosts = NULL; /* This is deliberate */ uschar *tls_certificate = NULL; uschar *tls_crl = NULL; +/* This default matches NSS DH_MAX_P_BITS value at current time (2012), because +that's the interop problem which has been observed: GnuTLS suggesting a higher +bit-count as "NORMAL" (2432) and Thunderbird dropping connection. */ +int tls_dh_max_bits = 2236; uschar *tls_dhparam = NULL; +#ifndef DISABLE_OCSP +uschar *tls_ocsp_file = NULL; +#endif BOOL tls_offered = FALSE; uschar *tls_privatekey = NULL; BOOL tls_remember_esmtp = FALSE; @@ -129,6 +162,12 @@ uschar *tls_verify_certificates= NULL; uschar *tls_verify_hosts = NULL; #endif +#ifndef DISABLE_PRDR +/* Per Recipient Data Response variables */ +BOOL prdr_enable = FALSE; +BOOL prdr_requested = FALSE; +const pcre *regex_PRDR = NULL; +#endif /* Input-reading functions for messages, so we can use special ones for incoming TCP/IP. The defaults use stdin. We never need these for any @@ -173,16 +212,22 @@ int address_expansions_count = sizeof(address_expansions)/sizeof(uschar **); header_line *acl_added_headers = NULL; tree_node *acl_anchor = NULL; +uschar *acl_arg[9] = {NULL, NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL}; +int acl_narg = 0; uschar *acl_not_smtp = NULL; #ifdef WITH_CONTENT_SCAN uschar *acl_not_smtp_mime = NULL; #endif uschar *acl_not_smtp_start = NULL; - +uschar *acl_removed_headers = NULL; uschar *acl_smtp_auth = NULL; uschar *acl_smtp_connect = NULL; uschar *acl_smtp_data = NULL; +#ifndef DISABLE_PRDR +uschar *acl_smtp_data_prdr = NULL; +#endif #ifndef DISABLE_DKIM uschar *acl_smtp_dkim = NULL; #endif @@ -216,6 +261,9 @@ uschar *acl_wherenames[] = { US"RCPT", US"MIME", US"DKIM", US"DATA", +#ifndef DISABLE_PRDR + US"PRDR", +#endif US"non-SMTP", US"AUTH", US"connection", @@ -227,7 +275,9 @@ uschar *acl_wherenames[] = { US"RCPT", US"NOTQUIT", US"QUIT", US"STARTTLS", - US"VRFY" + US"VRFY", + US"delivery", + US"unknown" }; uschar *acl_wherecodes[] = { US"550", /* RCPT */ @@ -236,6 +286,9 @@ uschar *acl_wherecodes[] = { US"550", /* RCPT */ US"550", /* MIME */ US"550", /* DKIM */ US"550", /* DATA */ +#ifndef DISABLE_PRDR + US"550", /* RCPT PRDR */ +#endif US"0", /* not SMTP; not relevant */ US"503", /* AUTH */ US"550", /* connect */ @@ -247,12 +300,15 @@ uschar *acl_wherecodes[] = { US"550", /* RCPT */ US"0", /* NOTQUIT; not relevant */ US"0", /* QUIT; not relevant */ US"550", /* STARTTLS */ - US"252" /* VRFY */ + US"252", /* VRFY */ + US"0", /* delivery; not relevant */ + US"0" /* unknown; not relevant */ }; BOOL active_local_from_check = FALSE; BOOL active_local_sender_retain = FALSE; -BOOL accept_8bitmime = FALSE; +int body_8bitmime = 0; +BOOL accept_8bitmime = TRUE; /* deliberately not RFC compliant */ address_item *addr_duplicate = NULL; address_item address_defaults = { @@ -289,7 +345,18 @@ address_item address_defaults = { NULL, /* shadow_message */ #ifdef SUPPORT_TLS NULL, /* cipher */ + NULL, /* ourcert */ + NULL, /* peercert */ NULL, /* peerdn */ + OCSP_NOT_REQ, /* ocsp */ + #endif + NULL, /* authenticator */ + NULL, /* auth_id */ + NULL, /* auth_sndr */ + #ifdef EXPERIMENTAL_DSN + NULL, /* dsn_orcpt */ + 0, /* dsn_flags */ + 0, /* dsn_aware */ #endif (uid_t)(-1), /* uid */ (gid_t)(-1), /* gid */ @@ -329,6 +396,7 @@ BOOL allow_mx_to_ip = FALSE; BOOL allow_unqualified_recipient = TRUE; /* For local messages */ BOOL allow_unqualified_sender = TRUE; /* Reset for SMTP */ BOOL allow_utf8_domains = FALSE; +uschar *authenticated_fail_id = NULL; uschar *authenticated_id = NULL; uschar *authenticated_sender = NULL; BOOL authentication_failed = FALSE; @@ -344,6 +412,7 @@ auth_instance auth_defaults = { NULL, /* client_condition */ NULL, /* public_name */ NULL, /* set_id */ + NULL, /* set_client_id */ NULL, /* server_mail_auth_condition */ NULL, /* server_debug_string */ NULL, /* server_condition */ @@ -357,6 +426,7 @@ uschar *auth_defer_user_msg = US""; uschar *auth_vars[AUTH_VARS]; int auto_thaw = 0; #ifdef WITH_CONTENT_SCAN +BOOL av_failed = FALSE; uschar *av_scanner = US"sophie:/var/run/sophie"; /* AV scanner */ #endif @@ -403,6 +473,9 @@ int check_log_space = 0; BOOL check_rfc2047_length = TRUE; int check_spool_inodes = 0; int check_spool_space = 0; +uschar *client_authenticator = NULL; +uschar *client_authenticated_id = NULL; +uschar *client_authenticated_sender = NULL; int clmacro_count = 0; uschar *clmacros[MAX_CLMACROS]; BOOL config_changed = FALSE; @@ -428,6 +501,8 @@ int continue_sequence = 1; uschar *continue_transport = NULL; uschar *csa_status = NULL; +BOOL cutthrough_delivery = FALSE; +int cutthrough_fd = -1; BOOL daemon_listen = FALSE; uschar *daemon_smtp_port = US"smtp"; @@ -498,7 +573,7 @@ BOOL deliver_drop_privilege = FALSE; BOOL deliver_firsttime = FALSE; BOOL deliver_force = FALSE; BOOL deliver_freeze = FALSE; -int deliver_frozen_at = 0; +time_t deliver_frozen_at = 0; uschar *deliver_home = NULL; uschar *deliver_host = NULL; uschar *deliver_host_address = NULL; @@ -541,6 +616,19 @@ uschar *dkim_verify_signers = US"$dkim_signers"; BOOL dkim_collect_input = FALSE; BOOL dkim_disable_verify = FALSE; #endif +#ifdef EXPERIMENTAL_DMARC +BOOL dmarc_has_been_checked = FALSE; +uschar *dmarc_ar_header = NULL; +uschar *dmarc_domain_policy = NULL; +uschar *dmarc_forensic_sender = NULL; +uschar *dmarc_history_file = NULL; +uschar *dmarc_status = NULL; +uschar *dmarc_status_text = NULL; +uschar *dmarc_tld_file = NULL; +uschar *dmarc_used_domain = NULL; +BOOL dmarc_disable_verify = FALSE; +BOOL dmarc_enable_forensic = FALSE; +#endif uschar *dns_again_means_nonexist = NULL; int dns_csa_search_limit = 5; @@ -548,6 +636,8 @@ BOOL dns_csa_use_reverse = TRUE; uschar *dns_ipv4_lookup = NULL; int dns_retrans = 0; int dns_retry = 0; +int dns_dnssec_ok = -1; /* <0 = not coerced */ +int dns_use_edns0 = -1; /* <0 = not coerced */ uschar *dnslist_domain = NULL; uschar *dnslist_matched = NULL; uschar *dnslist_text = NULL; @@ -640,7 +730,7 @@ uschar *helo_try_verify_hosts = NULL; BOOL helo_verified = FALSE; BOOL helo_verify_failed = FALSE; uschar *helo_verify_hosts = NULL; -uschar *hex_digits = US"0123456789abcdef"; +const uschar *hex_digits = CUS"0123456789abcdef"; uschar *hold_domains = NULL; BOOL host_checking = FALSE; BOOL host_checking_callout = FALSE; @@ -662,6 +752,8 @@ uschar *hosts_connection_nolog = NULL; int ignore_bounce_errors_after = 10*7*24*60*60; /* 10 weeks */ BOOL ignore_fromline_local = FALSE; uschar *ignore_fromline_hosts = NULL; +BOOL inetd_wait_mode = FALSE; +int inetd_wait_timeout = -1; uschar *interface_address = NULL; int interface_port = -1; BOOL is_inetd = FALSE; @@ -700,7 +792,7 @@ uschar *log_file_path = US LOG_FILE_PATH /* Those log options with L_xxx identifiers have values less than 0x800000 and are the ones that get put into log_write_selector. They can be used in calls to log_write() to test for the bit. The options with LX_xxx identifiers have -values greater than 0x80000000 and are put int log_extra_selector (without the +values greater than 0x80000000 and are put into log_extra_selector (without the top bit). They are never used in calls to log_write(), but are tested independently. This separation became necessary when the number of log selectors was getting close to filling a 32-bit word. */ @@ -708,6 +800,7 @@ selectors was getting close to filling a 32-bit word. */ /* Note that this list must be in alphabetical order. */ bit_table log_options[] = { + { US"8bitmime", LX_8bitmime }, { US"acl_warn_skipped", LX_acl_warn_skipped }, { US"address_rewrite", L_address_rewrite }, { US"all", L_all }, @@ -726,6 +819,9 @@ bit_table log_options[] = { { US"lost_incoming_connection", L_lost_incoming_connection }, { US"outgoing_port", LX_outgoing_port }, { US"pid", LX_pid }, +#ifdef EXPERIMENTAL_PROXY + { US"proxy", LX_proxy }, +#endif { US"queue_run", L_queue_run }, { US"queue_time", LX_queue_time }, { US"queue_time_overall", LX_queue_time_overall }, @@ -742,6 +838,7 @@ bit_table log_options[] = { { US"smtp_confirmation", LX_smtp_confirmation }, { US"smtp_connection", L_smtp_connection }, { US"smtp_incomplete_transaction", L_smtp_incomplete_transaction }, + { US"smtp_mailauth", LX_smtp_mailauth }, { US"smtp_no_mail", LX_smtp_no_mail }, { US"smtp_protocol_error", L_smtp_protocol_error }, { US"smtp_syntax_error", L_smtp_syntax_error }, @@ -749,6 +846,7 @@ bit_table log_options[] = { { US"tls_certificate_verified", LX_tls_certificate_verified }, { US"tls_cipher", LX_tls_cipher }, { US"tls_peerdn", LX_tls_peerdn }, + { US"tls_sni", LX_tls_sni }, { US"unknown_in_list", LX_unknown_in_list } }; @@ -760,6 +858,7 @@ BOOL log_testing_mode = FALSE; BOOL log_timezone = FALSE; unsigned int log_write_selector= L_default; uschar *login_sender_address = NULL; +uschar *lookup_dnssec_authenticated = NULL; int lookup_open_max = 25; uschar *lookup_value = NULL; @@ -794,7 +893,7 @@ uschar *message_reference = NULL; /* MIME ACL expandables */ #ifdef WITH_CONTENT_SCAN int mime_anomaly_level = 0; -uschar *mime_anomaly_text = NULL; +const uschar *mime_anomaly_text = NULL; uschar *mime_boundary = NULL; uschar *mime_charset = NULL; uschar *mime_content_description = NULL; @@ -838,8 +937,20 @@ BOOL preserve_message_logs = FALSE; uschar *primary_hostname = NULL; BOOL print_topbitchars = FALSE; uschar process_info[PROCESS_INFO_SIZE]; +int process_info_len = 0; uschar *process_log_path = NULL; BOOL prod_requires_admin = TRUE; + +#ifdef EXPERIMENTAL_PROXY +uschar *proxy_host_address = US""; +int proxy_host_port = 0; +uschar *proxy_required_hosts = US""; +BOOL proxy_session = FALSE; +BOOL proxy_session_failed = FALSE; +uschar *proxy_target_address = US""; +int proxy_target_port = 0; +#endif + uschar *prvscheck_address = NULL; uschar *prvscheck_keynum = NULL; uschar *prvscheck_result = NULL; @@ -929,6 +1040,9 @@ const pcre *regex_PIPELINING = NULL; const pcre *regex_SIZE = NULL; const pcre *regex_smtp_code = NULL; const pcre *regex_ismsgid = NULL; +#ifdef WHITELIST_D_MACROS +const pcre *regex_whitelisted_macro = NULL; +#endif #ifdef WITH_CONTENT_SCAN uschar *regex_match_string = NULL; #endif @@ -945,6 +1059,7 @@ int rewrite_existflags = 0; uschar *rfc1413_hosts = US"*"; int rfc1413_query_timeout = 5; /* BOOL rfc821_domains = FALSE; <<< on the way out */ +uid_t root_gid = ROOT_GID; uid_t root_uid = ROOT_UID; router_instance *routers = NULL; @@ -1014,6 +1129,9 @@ router_instance router_defaults = { TRUE, /* verify_sender */ FALSE, /* uid_set */ FALSE, /* unseen */ +#ifdef EXPERIMENTAL_DSN + FALSE, /* dsn_lasthop */ +#endif self_freeze, /* self_code */ (uid_t)(-1), /* uid */ @@ -1025,6 +1143,8 @@ router_instance router_defaults = { NULL /* redirect_router */ }; +uschar *router_name = NULL; + ip_address_item *running_interfaces = NULL; BOOL running_in_test_harness = FALSE; @@ -1056,6 +1176,7 @@ uschar **sender_host_aliases = &no_aliases; uschar *sender_host_address = NULL; uschar *sender_host_authenticated = NULL; unsigned int sender_host_cache[(MAX_NAMED_LIST * 2)/32]; +BOOL sender_host_dnssec = FALSE; uschar *sender_host_name = NULL; int sender_host_port = 0; BOOL sender_host_notsocket = FALSE; @@ -1076,7 +1197,7 @@ int sender_verified_rc = -1; BOOL sender_verified_responded = FALSE; uschar *sending_ip_address = NULL; int sending_port = -1; -volatile BOOL sigalrm_seen = FALSE; +SIGNAL_BOOL sigalrm_seen = FALSE; uschar **sighup_argv = NULL; int smtp_accept_count = 0; BOOL smtp_accept_keepalive = TRUE; @@ -1167,12 +1288,15 @@ BOOL srs_usetimestamp = TRUE; #endif BOOL strict_acl_vars = FALSE; int string_datestamp_offset= -1; +int string_datestamp_length= 0; +int string_datestamp_type = -1; BOOL strip_excess_angle_brackets = FALSE; BOOL strip_trailing_dot = FALSE; uschar *submission_domain = NULL; BOOL submission_mode = FALSE; uschar *submission_name = NULL; BOOL suppress_local_fixups = FALSE; +BOOL suppress_local_fixups_default = FALSE; BOOL synchronous_delivery = FALSE; BOOL syslog_duplication = TRUE; int syslog_facility = LOG_MAIL; @@ -1187,16 +1311,30 @@ uschar *system_filter_reply_transport = NULL; gid_t system_filter_gid = 0; BOOL system_filter_gid_set = FALSE; -uid_t system_filter_uid = 0; +uid_t system_filter_uid = (uid_t)-1; BOOL system_filter_uid_set = FALSE; BOOL system_filtering = FALSE; BOOL tcp_nodelay = TRUE; +#ifdef USE_TCP_WRAPPERS +uschar *tcp_wrappers_daemon_name = US TCP_WRAPPERS_DAEMON_NAME; +#endif int test_harness_load_avg = 0; int thismessage_size_limit = 0; int timeout_frozen_after = 0; BOOL timestamps_utc = FALSE; +#ifdef EXPERIMENTAL_TPDA +int tpda_defer_errno = 0; +uschar *tpda_defer_errstr = NULL; +uschar *tpda_delivery_ip = NULL; +int tpda_delivery_port = 0; +uschar *tpda_delivery_fqdn = NULL; +uschar *tpda_delivery_local_part= NULL; +uschar *tpda_delivery_domain = NULL; +uschar *tpda_delivery_confirmation = NULL; +#endif + transport_instance *transports = NULL; transport_instance transport_defaults = { @@ -1249,9 +1387,14 @@ transport_instance transport_defaults = { FALSE, /* log_defer_output */ TRUE_UNSET /* retry_use_local_part: BOOL, but set neither 1 nor 0 so can detect unset */ +#ifdef EXPERIMENTAL_TPDA + ,NULL /* tpda_delivery_action */ +#endif }; int transport_count; +uschar *transport_name = NULL; +int transport_newlines; uschar **transport_filter_argv = NULL; int transport_filter_timeout; BOOL transport_filter_timed_out = FALSE; @@ -1263,6 +1406,7 @@ tree_node *tree_nonrecipients = NULL; tree_node *tree_unusable = NULL; BOOL trusted_caller = FALSE; +BOOL trusted_config = TRUE; gid_t *trusted_groups = NULL; uid_t *trusted_users = NULL; uschar *timezone_string = US TIMEZONE_DEFAULT; @@ -1301,7 +1445,9 @@ uschar *warnmsg_delay = NULL; uschar *warnmsg_recipients = NULL; BOOL write_rejectlog = TRUE; -uschar *version_copyright = US"Copyright (c) University of Cambridge, 1995 - 2007"; +uschar *version_copyright = + US"Copyright (c) University of Cambridge, 1995 - 2014\n" + "(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2014"; uschar *version_date = US"?"; uschar *version_cnumber = US"????"; uschar *version_string = US"?";