X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Fsrc%2Fglobals.h;h=0466da5001c18900d23f019bf535b292f0c26ec7;hb=b4a15239139c285af7009b4fcc23e1933b19173b;hp=bdf03606e99361d0ceac92a46465cf6bc07c16cf;hpb=8768d5483a5894400ae1f70cda1beb44ed9b087c;p=exim.git diff --git a/src/src/globals.h b/src/src/globals.h index bdf03606e..0466da500 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -88,6 +88,8 @@ typedef struct { int tlsa_usage; /* TLSA record(s) usage */ #endif uschar *cipher; /* Cipher used */ + const uschar *cipher_stdname; /* Cipher used, RFC version */ + BOOL on_connect; /* For older MTAs that don't STARTTLS */ uschar *on_connect_ports; /* Ports always tls-on-connect */ void *ourcert; /* Certificate we presented, binary */ @@ -101,11 +103,17 @@ typedef struct { OCSP_FAILED, /* verify failed */ OCSP_VFIED /* verified */ } ocsp; /* Stapled OCSP status */ +#ifdef EXPERIMENTAL_TLS_RESUME + unsigned resumption; /* Session resumption */ + BOOL host_resumable:1; + BOOL ticket_received:1; +#endif + BOOL verify_override:1; /* certificate_verified only due to tls_try_verify_hosts */ } tls_support; extern tls_support tls_in; extern tls_support tls_out; -#ifdef SUPPORT_TLS +#ifndef DISABLE_TLS extern BOOL gnutls_compat_mode; /* Less security, more compatibility */ extern BOOL gnutls_allow_auto_pkcs11; /* Let GnuTLS autoload PKCS11 modules */ extern uschar *openssl_options; /* OpenSSL compatibility options */ @@ -120,13 +128,11 @@ extern uschar *tls_eccurve; /* EC curve */ extern uschar *tls_ocsp_file; /* OCSP stapling proof file */ # endif extern uschar *tls_privatekey; /* Private key file */ -# ifdef EXPERIMENTAL_REQUIRETLS -extern uschar tls_requiretls; /* REQUIRETLS active for this message */ -extern uschar *tls_advertise_requiretls; /* hosts for which REQUIRETLS adv */ -extern const pcre *regex_REQUIRETLS; /* for recognising the command */ -# endif extern BOOL tls_remember_esmtp; /* For YAEB */ extern uschar *tls_require_ciphers; /* So some can be avoided */ +# ifdef EXPERIMENTAL_TLS_RESUME +extern uschar *tls_resumption_hosts; /* TLS session resumption */ +# endif extern uschar *tls_try_verify_hosts; /* Optional client verification */ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ @@ -193,7 +199,7 @@ extern struct global_flags { #ifndef DISABLE_DKIM BOOL dkim_disable_verify :1; /* Set via ACL control statement. When set, DKIM verification is disabled for the current message */ #endif -#ifdef EXPERIMENTAL_DMARC +#ifdef SUPPORT_DMARC BOOL dmarc_has_been_checked :1; /* Global variable to check if test has been called yet */ BOOL dmarc_disable_verify :1; /* Set via ACL control statement. When set, DMARC verification is disabled for the current message */ BOOL dmarc_enable_forensic :1; /* Set via ACL control statement. When set, DMARC forensic reports are enabled for the current message */ @@ -251,6 +257,11 @@ extern struct global_flags { BOOL sender_name_forced :1; /* Set by -F */ BOOL sender_set_untrusted :1; /* Sender set by untrusted caller */ BOOL smtp_authenticated :1; /* Sending client has authenticated */ +#ifdef SUPPORT_PIPE_CONNECT + BOOL smtp_in_early_pipe_advertised :1; /* server advertised PIPE_CONNECT */ + BOOL smtp_in_early_pipe_no_auth :1; /* too many authenticator names */ + BOOL smtp_in_early_pipe_used :1; /* client did send early data */ +#endif BOOL smtp_in_pipelining_advertised :1; /* server advertised PIPELINING */ BOOL smtp_in_pipelining_used :1; /* server noted client using PIPELINING */ BOOL spool_file_wireformat :1; /* current -D file has CRLF rather than NL */ @@ -262,6 +273,7 @@ extern struct global_flags { BOOL tcp_fastopen_ok :1; /* appears to be supported by kernel */ BOOL tcp_in_fastopen :1; /* conn usefully used fastopen */ + BOOL tcp_in_fastopen_data :1; /* fastopen carried data */ BOOL tcp_in_fastopen_logged :1; /* one-time logging */ BOOL tcp_out_fastopen_logged :1; /* one-time logging */ BOOL timestamps_utc :1; /* Use UTC for all times */ @@ -382,10 +394,10 @@ extern int callout_cache_negative_expire; /* Time for negative callout cache extern uschar *callout_random_local_part; /* Local part to be used to check if server called will accept any local part */ extern uschar *check_dns_names_pattern;/* Regex for syntax check */ extern int check_log_inodes; /* Minimum for message acceptance */ -extern int check_log_space; /* Minimum for message acceptance */ +extern int_eximarith_t check_log_space; /* Minimum for message acceptance */ extern BOOL check_rfc2047_length; /* Check RFC 2047 encoded string length */ extern int check_spool_inodes; /* Minimum for message acceptance */ -extern int check_spool_space; /* Minimum for message acceptance */ +extern int_eximarith_t check_spool_space; /* Minimum for message acceptance */ extern uschar *chunking_advertise_hosts; /* RFC 3030 CHUNKING */ extern unsigned chunking_datasize; extern unsigned chunking_data_left; @@ -484,19 +496,22 @@ extern BOOL disable_fsync; /* Not for normal use */ extern BOOL disable_ipv6; /* Don't do any IPv6 things */ #ifndef DISABLE_DKIM -extern unsigned dkim_collect_input; /* Runtime count of dkim signtures; tracks wether SMTP input is fed to DKIM validation */ +extern unsigned dkim_collect_input; /* Runtime count of dkim signtures; tracks whether SMTP input is fed to DKIM validation */ extern uschar *dkim_cur_signer; /* Expansion variable, holds the current "signer" domain or identity during a acl_smtp_dkim run */ extern int dkim_key_length; /* Expansion variable, length of signing key in bits */ extern void *dkim_signatures; /* Actually a (pdkim_signature *) but most files do not need to know */ extern uschar *dkim_signers; /* Expansion variable, holds colon-separated list of domains and identities that have signed a message */ extern uschar *dkim_signing_domain; /* Expansion variable, domain used for signing a message. */ extern uschar *dkim_signing_selector; /* Expansion variable, selector used for signing a message. */ +extern uschar *dkim_verify_hashes; /* Preference order for signatures */ +extern uschar *dkim_verify_keytypes; /* Preference order for signatures */ +extern BOOL dkim_verify_minimal; /* Shortcircuit signture verification */ extern uschar *dkim_verify_overall; /* First successful domain verified, or null */ extern uschar *dkim_verify_signers; /* Colon-separated list of domains for each of which we call the DKIM ACL */ extern uschar *dkim_verify_status; /* result for this signature */ extern uschar *dkim_verify_reason; /* result for this signature */ #endif -#ifdef EXPERIMENTAL_DMARC +#ifdef SUPPORT_DMARC extern uschar *dmarc_domain_policy; /* Expansion for declared policy of used domain */ extern uschar *dmarc_forensic_sender; /* Set sender address for forensic reports */ extern uschar *dmarc_history_file; /* Expansion variable, file to store dmarc results */ @@ -734,6 +749,9 @@ extern uschar *override_pid_file_path; /* Value of -oP argument */ extern uschar *percent_hack_domains; /* Local domains for which '% operates */ extern uschar *pid_file_path; /* For writing daemon pids */ +#ifdef SUPPORT_PIPE_CONNECT +extern uschar *pipe_connect_advertise_hosts; /* for banner/EHLO pipelining */ +#endif extern uschar *pipelining_advertise_hosts; /* As it says */ #ifndef DISABLE_PRDR extern BOOL prdr_enable; /* As it says */ @@ -742,7 +760,7 @@ extern BOOL prdr_requested; /* Connecting mail server wants PRDR */ extern BOOL preserve_message_logs; /* Save msglog files */ extern uschar *primary_hostname; /* Primary name of this computer */ extern BOOL print_topbitchars; /* Topbit chars are printing chars */ -extern uschar process_info[]; /* For SIGUSR1 output */ +extern uschar *process_info; /* For SIGUSR1 output */ extern int process_info_len; extern uschar *process_log_path; /* Alternate path */ extern BOOL prod_requires_admin; /* TRUE if prodding requires admin */ @@ -769,6 +787,7 @@ extern pid_t queue_run_pid; /* PID of the queue running process or 0 extern int queue_run_pipe; /* Pipe for synchronizing */ extern int queue_interval; /* Queue running interval */ extern uschar *queue_name; /* Name of queue, if nondefault spooling */ +extern uschar *queue_name_dest; /* Destination queue, for moving messages */ extern BOOL queue_only; /* TRUE to disable immediate delivery */ extern int queue_only_load; /* Max load before auto-queue */ extern BOOL queue_only_load_latch; /* Latch queue_only_load TRUE */ @@ -786,6 +805,7 @@ extern uschar *raw_active_hostname; /* Pre-expansion */ extern uschar *raw_sender; /* Before rewriting */ extern uschar **raw_recipients; /* Before rewriting */ extern int raw_recipients_count; +extern const uschar * rc_names[]; /* Mostly for debug output */ extern int rcpt_count; /* Count of RCPT commands in a message */ extern int rcpt_fail_count; /* Those that got 5xx */ extern int rcpt_defer_count; /* Those that got 4xx */ @@ -813,6 +833,9 @@ extern const pcre *regex_CHUNKING; /* For recognizing CHUNKING (RFC 3030) */ extern const pcre *regex_IGNOREQUOTA; /* For recognizing IGNOREQUOTA (LMTP) */ extern const pcre *regex_PIPELINING; /* For recognizing PIPELINING */ extern const pcre *regex_SIZE; /* For recognizing SIZE settings */ +#ifdef SUPPORT_PIPE_CONNECT +extern const pcre *regex_EARLY_PIPE; /* For recognizing PIPE_CONNCT */ +#endif extern const pcre *regex_ismsgid; /* Compiled r.e. for message it */ extern const pcre *regex_smtp_code; /* For recognizing SMTP codes */ extern uschar *regex_vars[]; /* $regexN variables */ @@ -841,6 +864,7 @@ extern router_info routers_available[];/* Vector of available routers */ extern router_instance *routers; /* Chain of instantiated routers */ extern router_instance router_defaults;/* Default values */ extern uschar *router_name; /* Name of router last started */ +extern tree_node *router_var; /* Variables set by router */ extern ip_address_item *running_interfaces; /* Host's running interfaces */ extern uschar *running_status; /* Flag string for testing */ extern int runrc; /* rc from ${run} */ @@ -871,6 +895,7 @@ extern address_item *sender_verified_failed; /* The one that caused denial */ extern uschar *sending_ip_address; /* Address of outgoing (SMTP) interface */ extern int sending_port; /* Port of outgoing interface */ extern SIGNAL_BOOL sigalrm_seen; /* Flag for sigalrm_handler */ +extern const uschar *sigalarm_setter; /* For debug, set to callpoint of alarm() */ extern uschar **sighup_argv; /* Args for re-execing after SIGHUP */ extern int slow_lookup_log; /* Log DNS lookups taking longer than N millisecs */ extern int smtp_accept_count; /* Count of connections */ @@ -988,13 +1013,16 @@ extern BOOL system_filter_uid_set; /* TRUE if uid set */ extern blob tcp_fastopen_nodata; /* for zero-data TFO connect requests */ extern BOOL tcp_nodelay; /* Controls TCP_NODELAY on daemon */ -extern int tcp_out_fastopen; /* 0: no 1: conn used 2: useful */ +extern tfo_state_t tcp_out_fastopen; /* TCP fast open */ #ifdef USE_TCP_WRAPPERS extern uschar *tcp_wrappers_daemon_name; /* tcpwrappers daemon lookup name */ #endif extern int test_harness_load_avg; /* For use when testing */ extern int thismessage_size_limit; /* Limit for this message */ extern int timeout_frozen_after; /* Max time to keep frozen messages */ +#ifdef MEASURE_TIMING +extern struct timeval timestamp_startup; /* For development measurements */ +#endif extern uschar *transport_name; /* Name of transport last started */ extern int transport_count; /* Count of bytes transported */