Logging: connection_reject log selector should apply also to the connect acl
[exim.git] / src / src / readconf.c
CommitLineData
059ec3d9
PH
1/*************************************************
2* Exim - an Internet mail transport agent *
3*************************************************/
4
80fea873 5/* Copyright (c) University of Cambridge 1995 - 2016 */
059ec3d9
PH
6/* See the file NOTICE for conditions of use and distribution. */
7
8/* Functions for reading the configuration file, and for displaying
9overall configuration values. Thanks to Brian Candler for the original
10implementation of the conditional .ifdef etc. */
11
12#include "exim.h"
13
de5ba175
HSHR
14extern char **environ;
15
1ad6489e 16static void fn_smtp_receive_timeout(const uschar * name, const uschar * str);
bf3c2c6b
HSHR
17static void save_config_line(const uschar* line);
18static void save_config_position(const uschar *file, int line);
3257ed4b 19static void print_config(BOOL admin, BOOL terse);
c0b9d3e8 20static void readconf_options_auths(void);
2478dbdf 21
1ad6489e 22
059ec3d9
PH
23#define CSTATE_STACK_SIZE 10
24
25
26/* Structure for chain (stack) of .included files */
27
28typedef struct config_file_item {
29 struct config_file_item *next;
30 uschar *filename;
31 FILE *file;
32 int lineno;
33} config_file_item;
34
bf3c2c6b
HSHR
35/* Structure for chain of configuration lines (-bP config) */
36
37typedef struct config_line_item {
38 struct config_line_item *next;
39 uschar *line;
40} config_line_item;
41
42static config_line_item* config_lines;
43
059ec3d9
PH
44/* Structure of table of conditional words and their state transitions */
45
46typedef struct cond_item {
47 uschar *name;
48 int namelen;
49 int action1;
50 int action2;
51 int pushpop;
52} cond_item;
53
54/* Structure of table of syslog facility names and values */
55
56typedef struct syslog_fac_item {
57 uschar *name;
58 int value;
59} syslog_fac_item;
60
bf3c2c6b
HSHR
61/* constants */
62static const char * const hidden = "<value not displayable>";
059ec3d9
PH
63
64/* Static variables */
65
66static config_file_item *config_file_stack = NULL; /* For includes */
67
68static uschar *syslog_facility_str = NULL;
69static uschar next_section[24];
70static uschar time_buffer[24];
71
72/* State variables for conditional loading (.ifdef / .else / .endif) */
73
74static int cstate = 0;
75static int cstate_stack_ptr = -1;
76static int cstate_stack[CSTATE_STACK_SIZE];
77
78/* Table of state transitions for handling conditional inclusions. There are
79four possible state transitions:
80
81 .ifdef true
82 .ifdef false
83 .elifdef true (or .else)
84 .elifdef false
85
86.endif just causes the previous cstate to be popped off the stack */
87
88static int next_cstate[3][4] =
89 {
90 /* State 0: reading from file, or reading until next .else or .endif */
91 { 0, 1, 2, 2 },
92 /* State 1: condition failed, skipping until next .else or .endif */
93 { 2, 2, 0, 1 },
94 /* State 2: skipping until .endif */
95 { 2, 2, 2, 2 },
96 };
97
98/* Table of conditionals and the states to set. For each name, there are four
99values: the length of the name (to save computing it each time), the state to
100set if a macro was found in the line, the state to set if a macro was not found
101in the line, and a stack manipulation setting which is:
102
103 -1 pull state value off the stack
104 0 don't alter the stack
105 +1 push value onto stack, before setting new state
106*/
107
108static cond_item cond_list[] = {
109 { US"ifdef", 5, 0, 1, 1 },
110 { US"ifndef", 6, 1, 0, 1 },
111 { US"elifdef", 7, 2, 3, 0 },
112 { US"elifndef", 8, 3, 2, 0 },
113 { US"else", 4, 2, 2, 0 },
114 { US"endif", 5, 0, 0, -1 }
115};
116
117static int cond_list_size = sizeof(cond_list)/sizeof(cond_item);
118
119/* Table of syslog facility names and their values */
120
121static syslog_fac_item syslog_list[] = {
122 { US"mail", LOG_MAIL },
123 { US"user", LOG_USER },
124 { US"news", LOG_NEWS },
125 { US"uucp", LOG_UUCP },
126 { US"local0", LOG_LOCAL0 },
127 { US"local1", LOG_LOCAL1 },
128 { US"local2", LOG_LOCAL2 },
129 { US"local3", LOG_LOCAL3 },
130 { US"local4", LOG_LOCAL4 },
131 { US"local5", LOG_LOCAL5 },
132 { US"local6", LOG_LOCAL6 },
133 { US"local7", LOG_LOCAL7 },
134 { US"daemon", LOG_DAEMON }
135};
136
137static int syslog_list_size = sizeof(syslog_list)/sizeof(syslog_fac_item);
138
139
140
141
142/*************************************************
143* Main configuration options *
144*************************************************/
145
146/* The list of options that can be set in the main configuration file. This
147must be in alphabetic order because it is searched by binary chop. */
148
149static optionlist optionlist_config[] = {
150 { "*set_exim_group", opt_bool|opt_hidden, &exim_gid_set },
151 { "*set_exim_user", opt_bool|opt_hidden, &exim_uid_set },
152 { "*set_system_filter_group", opt_bool|opt_hidden, &system_filter_gid_set },
153 { "*set_system_filter_user", opt_bool|opt_hidden, &system_filter_uid_set },
154 { "accept_8bitmime", opt_bool, &accept_8bitmime },
155 { "acl_not_smtp", opt_stringptr, &acl_not_smtp },
54cdb463
PH
156#ifdef WITH_CONTENT_SCAN
157 { "acl_not_smtp_mime", opt_stringptr, &acl_not_smtp_mime },
158#endif
45b91596 159 { "acl_not_smtp_start", opt_stringptr, &acl_not_smtp_start },
059ec3d9
PH
160 { "acl_smtp_auth", opt_stringptr, &acl_smtp_auth },
161 { "acl_smtp_connect", opt_stringptr, &acl_smtp_connect },
162 { "acl_smtp_data", opt_stringptr, &acl_smtp_data },
8ccd00b1 163#ifndef DISABLE_PRDR
fd98a5c6
JH
164 { "acl_smtp_data_prdr", opt_stringptr, &acl_smtp_data_prdr },
165#endif
80a47a2c
TK
166#ifndef DISABLE_DKIM
167 { "acl_smtp_dkim", opt_stringptr, &acl_smtp_dkim },
168#endif
059ec3d9
PH
169 { "acl_smtp_etrn", opt_stringptr, &acl_smtp_etrn },
170 { "acl_smtp_expn", opt_stringptr, &acl_smtp_expn },
171 { "acl_smtp_helo", opt_stringptr, &acl_smtp_helo },
172 { "acl_smtp_mail", opt_stringptr, &acl_smtp_mail },
173 { "acl_smtp_mailauth", opt_stringptr, &acl_smtp_mailauth },
8523533c
TK
174#ifdef WITH_CONTENT_SCAN
175 { "acl_smtp_mime", opt_stringptr, &acl_smtp_mime },
176#endif
8f128379 177 { "acl_smtp_notquit", opt_stringptr, &acl_smtp_notquit },
059ec3d9
PH
178 { "acl_smtp_predata", opt_stringptr, &acl_smtp_predata },
179 { "acl_smtp_quit", opt_stringptr, &acl_smtp_quit },
180 { "acl_smtp_rcpt", opt_stringptr, &acl_smtp_rcpt },
181#ifdef SUPPORT_TLS
182 { "acl_smtp_starttls", opt_stringptr, &acl_smtp_starttls },
183#endif
184 { "acl_smtp_vrfy", opt_stringptr, &acl_smtp_vrfy },
bc3c7bb7 185 { "add_environment", opt_stringptr, &add_environment },
059ec3d9
PH
186 { "admin_groups", opt_gidlist, &admin_groups },
187 { "allow_domain_literals", opt_bool, &allow_domain_literals },
188 { "allow_mx_to_ip", opt_bool, &allow_mx_to_ip },
189 { "allow_utf8_domains", opt_bool, &allow_utf8_domains },
190 { "auth_advertise_hosts", opt_stringptr, &auth_advertise_hosts },
191 { "auto_thaw", opt_time, &auto_thaw },
8523533c
TK
192#ifdef WITH_CONTENT_SCAN
193 { "av_scanner", opt_stringptr, &av_scanner },
194#endif
059ec3d9 195 { "bi_command", opt_stringptr, &bi_command },
8523533c
TK
196#ifdef EXPERIMENTAL_BRIGHTMAIL
197 { "bmi_config_file", opt_stringptr, &bmi_config_file },
198#endif
059ec3d9
PH
199 { "bounce_message_file", opt_stringptr, &bounce_message_file },
200 { "bounce_message_text", opt_stringptr, &bounce_message_text },
201 { "bounce_return_body", opt_bool, &bounce_return_body },
62b7cd08 202 { "bounce_return_linesize_limit", opt_mkint, &bounce_return_linesize_limit },
059ec3d9
PH
203 { "bounce_return_message", opt_bool, &bounce_return_message },
204 { "bounce_return_size_limit", opt_mkint, &bounce_return_size_limit },
205 { "bounce_sender_authentication",opt_stringptr,&bounce_sender_authentication },
206 { "callout_domain_negative_expire", opt_time, &callout_cache_domain_negative_expire },
207 { "callout_domain_positive_expire", opt_time, &callout_cache_domain_positive_expire },
208 { "callout_negative_expire", opt_time, &callout_cache_negative_expire },
209 { "callout_positive_expire", opt_time, &callout_cache_positive_expire },
210 { "callout_random_local_part",opt_stringptr, &callout_random_local_part },
211 { "check_log_inodes", opt_int, &check_log_inodes },
212 { "check_log_space", opt_Kint, &check_log_space },
a0d6ba8a 213 { "check_rfc2047_length", opt_bool, &check_rfc2047_length },
059ec3d9
PH
214 { "check_spool_inodes", opt_int, &check_spool_inodes },
215 { "check_spool_space", opt_Kint, &check_spool_space },
aa368db3 216 { "chunking_advertise_hosts", opt_stringptr, &chunking_advertise_hosts },
059ec3d9
PH
217 { "daemon_smtp_port", opt_stringptr|opt_hidden, &daemon_smtp_port },
218 { "daemon_smtp_ports", opt_stringptr, &daemon_smtp_port },
4aee0225
PH
219 { "daemon_startup_retries", opt_int, &daemon_startup_retries },
220 { "daemon_startup_sleep", opt_time, &daemon_startup_sleep },
6a8f9482
TK
221#ifdef EXPERIMENTAL_DCC
222 { "dcc_direct_add_header", opt_bool, &dcc_direct_add_header },
223 { "dccifd_address", opt_stringptr, &dccifd_address },
224 { "dccifd_options", opt_stringptr, &dccifd_options },
225#endif
059ec3d9
PH
226 { "delay_warning", opt_timelist, &delay_warning },
227 { "delay_warning_condition", opt_stringptr, &delay_warning_condition },
228 { "deliver_drop_privilege", opt_bool, &deliver_drop_privilege },
229 { "deliver_queue_load_max", opt_fixed, &deliver_queue_load_max },
230 { "delivery_date_remove", opt_bool, &delivery_date_remove },
54fc8428
PH
231#ifdef ENABLE_DISABLE_FSYNC
232 { "disable_fsync", opt_bool, &disable_fsync },
233#endif
7e66e54d 234 { "disable_ipv6", opt_bool, &disable_ipv6 },
80a47a2c
TK
235#ifndef DISABLE_DKIM
236 { "dkim_verify_signers", opt_stringptr, &dkim_verify_signers },
237#endif
4840604e
TL
238#ifdef EXPERIMENTAL_DMARC
239 { "dmarc_forensic_sender", opt_stringptr, &dmarc_forensic_sender },
240 { "dmarc_history_file", opt_stringptr, &dmarc_history_file },
241 { "dmarc_tld_file", opt_stringptr, &dmarc_tld_file },
242#endif
059ec3d9
PH
243 { "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist },
244 { "dns_check_names_pattern", opt_stringptr, &check_dns_names_pattern },
e5a9dba6
PH
245 { "dns_csa_search_limit", opt_int, &dns_csa_search_limit },
246 { "dns_csa_use_reverse", opt_bool, &dns_csa_use_reverse },
83712b39 247 { "dns_dnssec_ok", opt_int, &dns_dnssec_ok },
059ec3d9
PH
248 { "dns_ipv4_lookup", opt_stringptr, &dns_ipv4_lookup },
249 { "dns_retrans", opt_time, &dns_retrans },
250 { "dns_retry", opt_int, &dns_retry },
9820a77f 251 { "dns_trust_aa", opt_stringptr, &dns_trust_aa },
e97d1f08 252 { "dns_use_edns0", opt_int, &dns_use_edns0 },
059ec3d9
PH
253 /* This option is now a no-op, retained for compability */
254 { "drop_cr", opt_bool, &drop_cr },
255/*********************************************************/
6c1c3d1d 256 { "dsn_advertise_hosts", opt_stringptr, &dsn_advertise_hosts },
0e22dfd1 257 { "dsn_from", opt_stringptr, &dsn_from },
059ec3d9
PH
258 { "envelope_to_remove", opt_bool, &envelope_to_remove },
259 { "errors_copy", opt_stringptr, &errors_copy },
260 { "errors_reply_to", opt_stringptr, &errors_reply_to },
0cbf2b82 261#ifndef DISABLE_EVENT
774ef2d7
JH
262 { "event_action", opt_stringptr, &event_action },
263#endif
059ec3d9
PH
264 { "exim_group", opt_gid, &exim_gid },
265 { "exim_path", opt_stringptr, &exim_path },
266 { "exim_user", opt_uid, &exim_uid },
267 { "extra_local_interfaces", opt_stringptr, &extra_local_interfaces },
268 { "extract_addresses_remove_arguments", opt_bool, &extract_addresses_remove_arguments },
269 { "finduser_retries", opt_int, &finduser_retries },
270 { "freeze_tell", opt_stringptr, &freeze_tell },
271 { "gecos_name", opt_stringptr, &gecos_name },
272 { "gecos_pattern", opt_stringptr, &gecos_pattern },
83da1223 273#ifdef SUPPORT_TLS
2519e60d 274 { "gnutls_allow_auto_pkcs11", opt_bool, &gnutls_allow_auto_pkcs11 },
e6060e2c 275 { "gnutls_compat_mode", opt_bool, &gnutls_compat_mode },
83da1223 276#endif
059ec3d9
PH
277 { "header_line_maxsize", opt_int, &header_line_maxsize },
278 { "header_maxsize", opt_int, &header_maxsize },
279 { "headers_charset", opt_stringptr, &headers_charset },
280 { "helo_accept_junk_hosts", opt_stringptr, &helo_accept_junk_hosts },
281 { "helo_allow_chars", opt_stringptr, &helo_allow_chars },
282 { "helo_lookup_domains", opt_stringptr, &helo_lookup_domains },
283 { "helo_try_verify_hosts", opt_stringptr, &helo_try_verify_hosts },
284 { "helo_verify_hosts", opt_stringptr, &helo_verify_hosts },
285 { "hold_domains", opt_stringptr, &hold_domains },
286 { "host_lookup", opt_stringptr, &host_lookup },
287 { "host_lookup_order", opt_stringptr, &host_lookup_order },
288 { "host_reject_connection", opt_stringptr, &host_reject_connection },
289 { "hosts_connection_nolog", opt_stringptr, &hosts_connection_nolog },
cee5f132 290#ifdef SUPPORT_PROXY
7a2fa0bc 291 { "hosts_proxy", opt_stringptr, &hosts_proxy },
cee5f132 292#endif
059ec3d9
PH
293 { "hosts_treat_as_local", opt_stringptr, &hosts_treat_as_local },
294#ifdef LOOKUP_IBASE
295 { "ibase_servers", opt_stringptr, &ibase_servers },
296#endif
297 { "ignore_bounce_errors_after", opt_time, &ignore_bounce_errors_after },
298 { "ignore_fromline_hosts", opt_stringptr, &ignore_fromline_hosts },
299 { "ignore_fromline_local", opt_bool, &ignore_fromline_local },
bc3c7bb7 300 { "keep_environment", opt_stringptr, &keep_environment },
059ec3d9
PH
301 { "keep_malformed", opt_time, &keep_malformed },
302#ifdef LOOKUP_LDAP
bc19a55b
PP
303 { "ldap_ca_cert_dir", opt_stringptr, &eldap_ca_cert_dir },
304 { "ldap_ca_cert_file", opt_stringptr, &eldap_ca_cert_file },
305 { "ldap_cert_file", opt_stringptr, &eldap_cert_file },
306 { "ldap_cert_key", opt_stringptr, &eldap_cert_key },
307 { "ldap_cipher_suite", opt_stringptr, &eldap_cipher_suite },
059ec3d9 308 { "ldap_default_servers", opt_stringptr, &eldap_default_servers },
bc19a55b
PP
309 { "ldap_require_cert", opt_stringptr, &eldap_require_cert },
310 { "ldap_start_tls", opt_bool, &eldap_start_tls },
059ec3d9
PH
311 { "ldap_version", opt_int, &eldap_version },
312#endif
313 { "local_from_check", opt_bool, &local_from_check },
314 { "local_from_prefix", opt_stringptr, &local_from_prefix },
315 { "local_from_suffix", opt_stringptr, &local_from_suffix },
316 { "local_interfaces", opt_stringptr, &local_interfaces },
317 { "local_scan_timeout", opt_time, &local_scan_timeout },
318 { "local_sender_retain", opt_bool, &local_sender_retain },
319 { "localhost_number", opt_stringptr, &host_number_string },
320 { "log_file_path", opt_stringptr, &log_file_path },
321 { "log_selector", opt_stringptr, &log_selector_string },
322 { "log_timezone", opt_bool, &log_timezone },
323 { "lookup_open_max", opt_int, &lookup_open_max },
324 { "max_username_length", opt_int, &max_username_length },
ddea74fa 325 { "message_body_newlines", opt_bool, &message_body_newlines },
059ec3d9
PH
326 { "message_body_visible", opt_mkint, &message_body_visible },
327 { "message_id_header_domain", opt_stringptr, &message_id_domain },
328 { "message_id_header_text", opt_stringptr, &message_id_text },
329 { "message_logs", opt_bool, &message_logs },
330 { "message_size_limit", opt_stringptr, &message_size_limit },
331#ifdef SUPPORT_MOVE_FROZEN_MESSAGES
332 { "move_frozen_messages", opt_bool, &move_frozen_messages },
333#endif
334 { "mua_wrapper", opt_bool, &mua_wrapper },
335#ifdef LOOKUP_MYSQL
336 { "mysql_servers", opt_stringptr, &mysql_servers },
337#endif
338 { "never_users", opt_uidlist, &never_users },
77bb000f
PP
339#ifdef SUPPORT_TLS
340 { "openssl_options", opt_stringptr, &openssl_options },
341#endif
059ec3d9
PH
342#ifdef LOOKUP_ORACLE
343 { "oracle_servers", opt_stringptr, &oracle_servers },
344#endif
345 { "percent_hack_domains", opt_stringptr, &percent_hack_domains },
346#ifdef EXIM_PERL
347 { "perl_at_start", opt_bool, &opt_perl_at_start },
348 { "perl_startup", opt_stringptr, &opt_perl_startup },
2f680c0c 349 { "perl_taintmode", opt_bool, &opt_perl_taintmode },
059ec3d9
PH
350#endif
351#ifdef LOOKUP_PGSQL
352 { "pgsql_servers", opt_stringptr, &pgsql_servers },
353#endif
354 { "pid_file_path", opt_stringptr, &pid_file_path },
355 { "pipelining_advertise_hosts", opt_stringptr, &pipelining_advertise_hosts },
8ccd00b1 356#ifndef DISABLE_PRDR
fd98a5c6
JH
357 { "prdr_enable", opt_bool, &prdr_enable },
358#endif
059ec3d9
PH
359 { "preserve_message_logs", opt_bool, &preserve_message_logs },
360 { "primary_hostname", opt_stringptr, &primary_hostname },
361 { "print_topbitchars", opt_bool, &print_topbitchars },
362 { "process_log_path", opt_stringptr, &process_log_path },
363 { "prod_requires_admin", opt_bool, &prod_requires_admin },
364 { "qualify_domain", opt_stringptr, &qualify_domain_sender },
365 { "qualify_recipient", opt_stringptr, &qualify_domain_recipient },
366 { "queue_domains", opt_stringptr, &queue_domains },
367 { "queue_list_requires_admin",opt_bool, &queue_list_requires_admin },
368 { "queue_only", opt_bool, &queue_only },
369 { "queue_only_file", opt_stringptr, &queue_only_file },
370 { "queue_only_load", opt_fixed, &queue_only_load },
8669f003 371 { "queue_only_load_latch", opt_bool, &queue_only_load_latch },
059ec3d9
PH
372 { "queue_only_override", opt_bool, &queue_only_override },
373 { "queue_run_in_order", opt_bool, &queue_run_in_order },
0cd5fd23 374 { "queue_run_max", opt_stringptr, &queue_run_max },
059ec3d9
PH
375 { "queue_smtp_domains", opt_stringptr, &queue_smtp_domains },
376 { "receive_timeout", opt_time, &receive_timeout },
377 { "received_header_text", opt_stringptr, &received_header_text },
378 { "received_headers_max", opt_int, &received_headers_max },
379 { "recipient_unqualified_hosts", opt_stringptr, &recipient_unqualified_hosts },
380 { "recipients_max", opt_int, &recipients_max },
381 { "recipients_max_reject", opt_bool, &recipients_max_reject },
de78e2d5 382#ifdef LOOKUP_REDIS
9bdd29ad
TL
383 { "redis_servers", opt_stringptr, &redis_servers },
384#endif
059ec3d9
PH
385 { "remote_max_parallel", opt_int, &remote_max_parallel },
386 { "remote_sort_domains", opt_stringptr, &remote_sort_domains },
387 { "retry_data_expire", opt_time, &retry_data_expire },
388 { "retry_interval_max", opt_time, &retry_interval_max },
389 { "return_path_remove", opt_bool, &return_path_remove },
390 { "return_size_limit", opt_mkint|opt_hidden, &bounce_return_size_limit },
391 { "rfc1413_hosts", opt_stringptr, &rfc1413_hosts },
392 { "rfc1413_query_timeout", opt_time, &rfc1413_query_timeout },
393 { "sender_unqualified_hosts", opt_stringptr, &sender_unqualified_hosts },
846430d9 394 { "slow_lookup_log", opt_int, &slow_lookup_log },
059ec3d9
PH
395 { "smtp_accept_keepalive", opt_bool, &smtp_accept_keepalive },
396 { "smtp_accept_max", opt_int, &smtp_accept_max },
397 { "smtp_accept_max_nonmail", opt_int, &smtp_accept_max_nonmail },
398 { "smtp_accept_max_nonmail_hosts", opt_stringptr, &smtp_accept_max_nonmail_hosts },
399 { "smtp_accept_max_per_connection", opt_int, &smtp_accept_max_per_connection },
400 { "smtp_accept_max_per_host", opt_stringptr, &smtp_accept_max_per_host },
401 { "smtp_accept_queue", opt_int, &smtp_accept_queue },
402 { "smtp_accept_queue_per_connection", opt_int, &smtp_accept_queue_per_connection },
403 { "smtp_accept_reserve", opt_int, &smtp_accept_reserve },
404 { "smtp_active_hostname", opt_stringptr, &raw_active_hostname },
405 { "smtp_banner", opt_stringptr, &smtp_banner },
406 { "smtp_check_spool_space", opt_bool, &smtp_check_spool_space },
407 { "smtp_connect_backlog", opt_int, &smtp_connect_backlog },
408 { "smtp_enforce_sync", opt_bool, &smtp_enforce_sync },
409 { "smtp_etrn_command", opt_stringptr, &smtp_etrn_command },
410 { "smtp_etrn_serialize", opt_bool, &smtp_etrn_serialize },
411 { "smtp_load_reserve", opt_fixed, &smtp_load_reserve },
412 { "smtp_max_synprot_errors", opt_int, &smtp_max_synprot_errors },
413 { "smtp_max_unknown_commands",opt_int, &smtp_max_unknown_commands },
414 { "smtp_ratelimit_hosts", opt_stringptr, &smtp_ratelimit_hosts },
415 { "smtp_ratelimit_mail", opt_stringptr, &smtp_ratelimit_mail },
416 { "smtp_ratelimit_rcpt", opt_stringptr, &smtp_ratelimit_rcpt },
1ad6489e 417 { "smtp_receive_timeout", opt_func, &fn_smtp_receive_timeout },
059ec3d9
PH
418 { "smtp_reserve_hosts", opt_stringptr, &smtp_reserve_hosts },
419 { "smtp_return_error_details",opt_bool, &smtp_return_error_details },
8c5d388a 420#ifdef SUPPORT_I18N
3d1451ea
JH
421 { "smtputf8_advertise_hosts", opt_stringptr, &smtputf8_advertise_hosts },
422#endif
8523533c
TK
423#ifdef WITH_CONTENT_SCAN
424 { "spamd_address", opt_stringptr, &spamd_address },
425#endif
65a7d8c3
NM
426#ifdef EXPERIMENTAL_SPF
427 { "spf_guess", opt_stringptr, &spf_guess },
428#endif
059ec3d9
PH
429 { "split_spool_directory", opt_bool, &split_spool_directory },
430 { "spool_directory", opt_stringptr, &spool_directory },
31480e42
PH
431#ifdef LOOKUP_SQLITE
432 { "sqlite_lock_timeout", opt_int, &sqlite_lock_timeout },
433#endif
8523533c
TK
434#ifdef EXPERIMENTAL_SRS
435 { "srs_config", opt_stringptr, &srs_config },
384152a6
TK
436 { "srs_hashlength", opt_int, &srs_hashlength },
437 { "srs_hashmin", opt_int, &srs_hashmin },
438 { "srs_maxage", opt_int, &srs_maxage },
439 { "srs_secrets", opt_stringptr, &srs_secrets },
440 { "srs_usehash", opt_bool, &srs_usehash },
441 { "srs_usetimestamp", opt_bool, &srs_usetimestamp },
8523533c 442#endif
38a0a95f 443 { "strict_acl_vars", opt_bool, &strict_acl_vars },
059ec3d9
PH
444 { "strip_excess_angle_brackets", opt_bool, &strip_excess_angle_brackets },
445 { "strip_trailing_dot", opt_bool, &strip_trailing_dot },
446 { "syslog_duplication", opt_bool, &syslog_duplication },
447 { "syslog_facility", opt_stringptr, &syslog_facility_str },
448 { "syslog_processname", opt_stringptr, &syslog_processname },
449 { "syslog_timestamp", opt_bool, &syslog_timestamp },
450 { "system_filter", opt_stringptr, &system_filter },
451 { "system_filter_directory_transport", opt_stringptr,&system_filter_directory_transport },
452 { "system_filter_file_transport",opt_stringptr,&system_filter_file_transport },
453 { "system_filter_group", opt_gid, &system_filter_gid },
454 { "system_filter_pipe_transport",opt_stringptr,&system_filter_pipe_transport },
455 { "system_filter_reply_transport",opt_stringptr,&system_filter_reply_transport },
456 { "system_filter_user", opt_uid, &system_filter_uid },
457 { "tcp_nodelay", opt_bool, &tcp_nodelay },
5dc43717
JJ
458#ifdef USE_TCP_WRAPPERS
459 { "tcp_wrappers_daemon_name", opt_stringptr, &tcp_wrappers_daemon_name },
460#endif
059ec3d9
PH
461 { "timeout_frozen_after", opt_time, &timeout_frozen_after },
462 { "timezone", opt_stringptr, &timezone_string },
059ec3d9 463 { "tls_advertise_hosts", opt_stringptr, &tls_advertise_hosts },
23f3dc67 464#ifdef SUPPORT_TLS
059ec3d9
PH
465 { "tls_certificate", opt_stringptr, &tls_certificate },
466 { "tls_crl", opt_stringptr, &tls_crl },
3375e053 467 { "tls_dh_max_bits", opt_int, &tls_dh_max_bits },
059ec3d9 468 { "tls_dhparam", opt_stringptr, &tls_dhparam },
10ca4f1c 469 { "tls_eccurve", opt_stringptr, &tls_eccurve },
f2de3a33 470# ifndef DISABLE_OCSP
3f7eeb86 471 { "tls_ocsp_file", opt_stringptr, &tls_ocsp_file },
817d9f57
JH
472# endif
473 { "tls_on_connect_ports", opt_stringptr, &tls_in.on_connect_ports },
059ec3d9
PH
474 { "tls_privatekey", opt_stringptr, &tls_privatekey },
475 { "tls_remember_esmtp", opt_bool, &tls_remember_esmtp },
476 { "tls_require_ciphers", opt_stringptr, &tls_require_ciphers },
477 { "tls_try_verify_hosts", opt_stringptr, &tls_try_verify_hosts },
478 { "tls_verify_certificates", opt_stringptr, &tls_verify_certificates },
479 { "tls_verify_hosts", opt_stringptr, &tls_verify_hosts },
480#endif
481 { "trusted_groups", opt_gidlist, &trusted_groups },
482 { "trusted_users", opt_uidlist, &trusted_users },
483 { "unknown_login", opt_stringptr, &unknown_login },
484 { "unknown_username", opt_stringptr, &unknown_username },
485 { "untrusted_set_sender", opt_stringptr, &untrusted_set_sender },
486 { "uucp_from_pattern", opt_stringptr, &uucp_from_pattern },
487 { "uucp_from_sender", opt_stringptr, &uucp_from_sender },
488 { "warn_message_file", opt_stringptr, &warn_message_file },
489 { "write_rejectlog", opt_bool, &write_rejectlog }
490};
491
d7bed771 492static int optionlist_config_size = nelem(optionlist_config);
059ec3d9
PH
493
494
495
496/*************************************************
497* Find the name of an option *
498*************************************************/
499
500/* This function is to aid debugging. Various functions take arguments that are
501pointer variables in the options table or in option tables for various drivers.
502For debugging output, it is useful to be able to find the name of the option
503which is currently being processed. This function finds it, if it exists, by
504searching the table(s).
505
506Arguments: a value that is presumed to be in the table above
507Returns: the option name, or an empty string
508*/
509
510uschar *
511readconf_find_option(void *p)
512{
513int i;
514router_instance *r;
515transport_instance *t;
516
c0b9d3e8 517for (i = 0; i < nelem(optionlist_config); i++)
059ec3d9
PH
518 if (p == optionlist_config[i].value) return US optionlist_config[i].name;
519
d7bed771 520for (r = routers; r; r = r->next)
059ec3d9
PH
521 {
522 router_info *ri = r->info;
c4b738a9 523 for (i = 0; i < *ri->options_count; i++)
059ec3d9
PH
524 {
525 if ((ri->options[i].type & opt_mask) != opt_stringptr) continue;
526 if (p == (char *)(r->options_block) + (long int)(ri->options[i].value))
527 return US ri->options[i].name;
528 }
529 }
530
d7bed771 531for (t = transports; t; t = t->next)
059ec3d9
PH
532 {
533 transport_info *ti = t->info;
c4b738a9 534 for (i = 0; i < *ti->options_count; i++)
059ec3d9 535 {
c4b738a9
JH
536 optionlist * op = &ti->options[i];
537 if ((op->type & opt_mask) != opt_stringptr) continue;
538 if (p == ( op->type & opt_public
539 ? (char *)t
540 : (char *)t->options_block
541 )
542 + (long int)op->value)
543 return US op->name;
059ec3d9
PH
544 }
545 }
546
547return US"";
548}
549
550
551
552
cf00dad6
PH
553/*************************************************
554* Deal with an assignment to a macro *
555*************************************************/
556
557/* This function is called when a line that starts with an upper case letter is
558encountered. The argument "line" should contain a complete logical line, and
559start with the first letter of the macro name. The macro name and the
560replacement text are extracted and stored. Redefinition of existing,
561non-command line, macros is permitted using '==' instead of '='.
562
563Arguments:
564 s points to the start of the logical line
565
566Returns: nothing
567*/
568
4945f557 569void
cf00dad6
PH
570read_macro_assignment(uschar *s)
571{
572uschar name[64];
573int namelen = 0;
574BOOL redef = FALSE;
575macro_item *m;
576macro_item *mlast = NULL;
577
578while (isalnum(*s) || *s == '_')
579 {
580 if (namelen >= sizeof(name) - 1)
581 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
ef840681 582 "macro name too long (maximum is " SIZE_T_FMT " characters)", sizeof(name) - 1);
cf00dad6
PH
583 name[namelen++] = *s++;
584 }
585name[namelen] = 0;
586
587while (isspace(*s)) s++;
588if (*s++ != '=')
589 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "malformed macro definition");
590
591if (*s == '=')
592 {
593 redef = TRUE;
594 s++;
595 }
596while (isspace(*s)) s++;
597
598/* If an existing macro of the same name was defined on the command line, we
599just skip this definition. It's an error to attempt to redefine a macro without
600redef set to TRUE, or to redefine a macro when it hasn't been defined earlier.
601It is also an error to define a macro whose name begins with the name of a
602previously defined macro. Note: it is documented that the other way round
603works. */
604
605for (m = macros; m != NULL; m = m->next)
606 {
607 int len = Ustrlen(m->name);
608
609 if (Ustrcmp(m->name, name) == 0)
610 {
611 if (!m->command_line && !redef)
612 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "macro \"%s\" is already "
613 "defined (use \"==\" if you want to redefine it", name);
614 break;
615 }
616
617 if (len < namelen && Ustrstr(name, m->name) != NULL)
618 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
619 "a macro because previously defined macro \"%s\" is a substring",
620 name, m->name);
621
622 /* We cannot have this test, because it is documented that a substring
623 macro is permitted (there is even an example).
624 *
625 * if (len > namelen && Ustrstr(m->name, name) != NULL)
626 * log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
627 * "a macro because it is a substring of previously defined macro \"%s\"",
628 * name, m->name);
629 */
630
631 mlast = m;
632 }
633
634/* Check for an overriding command-line definition. */
635
636if (m != NULL && m->command_line) return;
637
638/* Redefinition must refer to an existing macro. */
639
640if (redef)
641 {
642 if (m == NULL)
643 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "can't redefine an undefined macro "
644 "\"%s\"", name);
645 }
646
647/* We have a new definition. The macro_item structure includes a final vector
648called "name" which is one byte long. Thus, adding "namelen" gives us enough
649room to store the "name" string. */
650
651else
652 {
653 m = store_get(sizeof(macro_item) + namelen);
654 if (macros == NULL) macros = m; else mlast->next = m;
655 Ustrncpy(m->name, name, namelen);
656 m->name[namelen] = 0;
657 m->next = NULL;
658 m->command_line = FALSE;
659 }
660
661/* Set the value of the new or redefined macro */
662
663m->replacement = string_copy(s);
664}
665
666
667
668
059ec3d9
PH
669
670/*************************************************
671* Read configuration line *
672*************************************************/
673
674/* A logical line of text is read from the configuration file into the big
675buffer, taking account of macros, .includes, and continuations. The size of
676big_buffer is increased if necessary. The count of configuration lines is
677maintained. Physical input lines starting with # (ignoring leading white space,
678and after macro replacement) and empty logical lines are always ignored.
679Leading and trailing spaces are removed.
680
681If we hit a line of the form "begin xxxx", the xxxx is placed in the
682next_section vector, and the function returns NULL, indicating the end of a
683configuration section. On end-of-file, NULL is returned with next_section
684empty.
685
686Arguments: none
687
688Returns: a pointer to the first non-blank in the line,
689 or NULL if eof or end of section is reached
690*/
691
692static uschar *
693get_config_line(void)
694{
695int startoffset = 0; /* To first non-blank char in logical line */
696int len = 0; /* Of logical line so far */
697int newlen;
698uschar *s, *ss;
699macro_item *m;
700BOOL macro_found;
701
702/* Loop for handling continuation lines, skipping comments, and dealing with
703.include files. */
704
705for (;;)
706 {
707 if (Ufgets(big_buffer+len, big_buffer_size-len, config_file) == NULL)
708 {
709 if (config_file_stack != NULL) /* EOF inside .include */
710 {
f1e894f3 711 (void)fclose(config_file);
059ec3d9
PH
712 config_file = config_file_stack->file;
713 config_filename = config_file_stack->filename;
714 config_lineno = config_file_stack->lineno;
715 config_file_stack = config_file_stack->next;
bf3c2c6b
HSHR
716 if (config_lines)
717 save_config_position(config_filename, config_lineno);
059ec3d9
PH
718 continue;
719 }
720
721 /* EOF at top level */
722
723 if (cstate_stack_ptr >= 0)
724 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
725 "Unexpected end of configuration file: .endif missing");
726
727 if (len != 0) break; /* EOF after continuation */
728 next_section[0] = 0; /* EOF at start of logical line */
729 return NULL;
730 }
731
732 config_lineno++;
733 newlen = len + Ustrlen(big_buffer + len);
734
bf3c2c6b
HSHR
735 if (config_lines && config_lineno == 1)
736 save_config_position(config_filename, config_lineno);
737
059ec3d9
PH
738 /* Handle pathologically long physical lines - yes, it did happen - by
739 extending big_buffer at this point. The code also copes with very long
740 logical lines. */
741
742 while (newlen == big_buffer_size - 1 && big_buffer[newlen - 1] != '\n')
743 {
744 uschar *newbuffer;
745 big_buffer_size += BIG_BUFFER_SIZE;
746 newbuffer = store_malloc(big_buffer_size);
747
748 /* This use of strcpy is OK because we know that the string in the old
749 buffer is shorter than the new buffer. */
750
751 Ustrcpy(newbuffer, big_buffer);
752 store_free(big_buffer);
753 big_buffer = newbuffer;
754 if (Ufgets(big_buffer+newlen, big_buffer_size-newlen, config_file) == NULL)
755 break;
756 newlen += Ustrlen(big_buffer + newlen);
757 }
758
759 /* Find the true start of the physical line - leading spaces are always
760 ignored. */
761
762 ss = big_buffer + len;
763 while (isspace(*ss)) ss++;
764
765 /* Process the physical line for macros. If this is the start of the logical
766 line, skip over initial text at the start of the line if it starts with an
767 upper case character followed by a sequence of name characters and an equals
768 sign, because that is the definition of a new macro, and we don't do
769 replacement therein. */
770
771 s = ss;
772 if (len == 0 && isupper(*s))
773 {
774 while (isalnum(*s) || *s == '_') s++;
775 while (isspace(*s)) s++;
776 if (*s != '=') s = ss; /* Not a macro definition */
777 }
778
779 /* For each defined macro, scan the line (from after XXX= if present),
780 replacing all occurrences of the macro. */
781
782 macro_found = FALSE;
783 for (m = macros; m != NULL; m = m->next)
784 {
785 uschar *p, *pp;
786 uschar *t = s;
787
788 while ((p = Ustrstr(t, m->name)) != NULL)
789 {
790 int moveby;
791 int namelen = Ustrlen(m->name);
792 int replen = Ustrlen(m->replacement);
793
794 /* Expand the buffer if necessary */
795
796 while (newlen - namelen + replen + 1 > big_buffer_size)
797 {
798 int newsize = big_buffer_size + BIG_BUFFER_SIZE;
799 uschar *newbuffer = store_malloc(newsize);
800 memcpy(newbuffer, big_buffer, newlen + 1);
801 p = newbuffer + (p - big_buffer);
802 s = newbuffer + (s - big_buffer);
803 ss = newbuffer + (ss - big_buffer);
804 t = newbuffer + (t - big_buffer);
805 big_buffer_size = newsize;
806 store_free(big_buffer);
807 big_buffer = newbuffer;
808 }
809
810 /* Shuffle the remaining characters up or down in the buffer before
811 copying in the replacement text. Don't rescan the replacement for this
812 same macro. */
813
814 pp = p + namelen;
815 moveby = replen - namelen;
816 if (moveby != 0)
817 {
818 memmove(p + replen, pp, (big_buffer + newlen) - pp + 1);
819 newlen += moveby;
820 }
821 Ustrncpy(p, m->replacement, replen);
822 t = p + replen;
823 macro_found = TRUE;
824 }
825 }
826
827 /* An empty macro replacement at the start of a line could mean that ss no
828 longer points to the first non-blank character. */
829
830 while (isspace(*ss)) ss++;
831
832 /* Check for comment lines - these are physical lines. */
833
834 if (*ss == '#') continue;
835
836 /* Handle conditionals, which are also applied to physical lines. Conditions
837 are of the form ".ifdef ANYTEXT" and are treated as true if any macro
838 expansion occured on the rest of the line. A preliminary test for the leading
839 '.' saves effort on most lines. */
840
841 if (*ss == '.')
842 {
843 int i;
844
845 /* Search the list of conditional directives */
846
847 for (i = 0; i < cond_list_size; i++)
848 {
849 int n;
850 cond_item *c = cond_list+i;
851 if (Ustrncmp(ss+1, c->name, c->namelen) != 0) continue;
852
853 /* The following character must be white space or end of string */
854
855 n = ss[1 + c->namelen];
856 if (n != ' ' && n != 't' && n != '\n' && n != 0) break;
857
858 /* .ifdef and .ifndef push the current state onto the stack, then set
859 a new one from the table. Stack overflow is an error */
860
861 if (c->pushpop > 0)
862 {
863 if (cstate_stack_ptr >= CSTATE_STACK_SIZE - 1)
864 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
865 ".%s nested too deeply", c->name);
866 cstate_stack[++cstate_stack_ptr] = cstate;
867 cstate = next_cstate[cstate][macro_found? c->action1 : c->action2];
868 }
869
870 /* For any of the others, stack underflow is an error. The next state
871 comes either from the stack (.endif) or from the table. */
872
873 else
874 {
875 if (cstate_stack_ptr < 0)
876 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
877 ".%s without matching .ifdef", c->name);
878 cstate = (c->pushpop < 0)? cstate_stack[cstate_stack_ptr--] :
879 next_cstate[cstate][macro_found? c->action1 : c->action2];
880 }
881
882 /* Having dealt with a directive, break the loop */
883
884 break;
885 }
886
887 /* If we have handled a conditional directive, continue with the next
888 physical line. Otherwise, fall through. */
889
890 if (i < cond_list_size) continue;
891 }
892
893 /* If the conditional state is not 0 (actively using these lines), ignore
894 this input line. */
895
896 if (cstate != 0) continue; /* Conditional skip */
897
898 /* Handle .include lines - these are also physical lines. */
899
900 if (Ustrncmp(ss, ".include", 8) == 0 &&
901 (isspace(ss[8]) ||
902 (Ustrncmp(ss+8, "_if_exists", 10) == 0 && isspace(ss[18]))))
903 {
904 uschar *t;
905 int include_if_exists = isspace(ss[8])? 0 : 10;
906 config_file_item *save;
907 struct stat statbuf;
908
909 ss += 9 + include_if_exists;
910 while (isspace(*ss)) ss++;
911 t = ss + Ustrlen(ss);
912 while (t > ss && isspace(t[-1])) t--;
913 if (*ss == '\"' && t[-1] == '\"')
914 {
915 ss++;
916 t--;
917 }
918 *t = 0;
919
145396a6
PH
920 if (*ss != '/')
921 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, ".include specifies a non-"
922 "absolute path \"%s\"", ss);
923
059ec3d9
PH
924 if (include_if_exists != 0 && (Ustat(ss, &statbuf) != 0)) continue;
925
bf3c2c6b
HSHR
926 if (config_lines)
927 save_config_position(config_filename, config_lineno);
059ec3d9
PH
928 save = store_get(sizeof(config_file_item));
929 save->next = config_file_stack;
930 config_file_stack = save;
931 save->file = config_file;
932 save->filename = config_filename;
933 save->lineno = config_lineno;
934
10c50704 935 if (!(config_file = Ufopen(ss, "rb")))
059ec3d9
PH
936 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to open included "
937 "configuration file %s", ss);
10c50704 938
059ec3d9
PH
939 config_filename = string_copy(ss);
940 config_lineno = 0;
941 continue;
942 }
943
944 /* If this is the start of the logical line, remember where the non-blank
945 data starts. Otherwise shuffle down continuation lines to remove leading
946 white space. */
947
948 if (len == 0)
949 startoffset = ss - big_buffer;
950 else
951 {
952 s = big_buffer + len;
953 if (ss > s)
954 {
955 memmove(s, ss, (newlen - len) - (ss - s) + 1);
956 newlen -= ss - s;
957 }
958 }
959
960 /* Accept the new addition to the line. Remove trailing white space. */
961
962 len = newlen;
963 while (len > 0 && isspace(big_buffer[len-1])) len--;
964 big_buffer[len] = 0;
965
966 /* We are done if the line does not end in backslash and contains some data.
967 Empty logical lines are ignored. For continuations, remove the backslash and
968 go round the loop to read the continuation line. */
969
970 if (len > 0)
971 {
972 if (big_buffer[len-1] != '\\') break; /* End of logical line */
973 big_buffer[--len] = 0; /* Remove backslash */
974 }
975 } /* Loop for reading multiple physical lines */
976
977/* We now have a logical line. Test for the end of a configuration section (or,
978more accurately, for the start of the next section). Place the name of the next
979section in next_section, and return NULL. If the name given is longer than
980next_section, truncate it. It will be unrecognized later, because all the known
981section names do fit. Leave space for pluralizing. */
982
983s = big_buffer + startoffset; /* First non-space character */
bf3c2c6b
HSHR
984
985if (config_lines)
986 save_config_line(s);
987
059ec3d9
PH
988if (strncmpic(s, US"begin ", 6) == 0)
989 {
990 s += 6;
991 while (isspace(*s)) s++;
992 if (big_buffer + len - s > sizeof(next_section) - 2)
993 s[sizeof(next_section) - 2] = 0;
994 Ustrcpy(next_section, s);
995 return NULL;
996 }
997
998/* Return the first non-blank character. */
999
1000return s;
1001}
1002
1003
1004
1005/*************************************************
1006* Read a name *
1007*************************************************/
1008
1009/* The yield is the pointer to the next uschar. Names longer than the
1010output space are silently truncated. This function is also used from acl.c when
1011parsing ACLs.
1012
1013Arguments:
1014 name where to put the name
1015 len length of name
1016 s input pointer
1017
1018Returns: new input pointer
1019*/
1020
1021uschar *
1022readconf_readname(uschar *name, int len, uschar *s)
1023{
1024int p = 0;
1025while (isspace(*s)) s++;
1026if (isalpha(*s))
1027 {
1028 while (isalnum(*s) || *s == '_')
1029 {
1030 if (p < len-1) name[p++] = *s;
1031 s++;
1032 }
1033 }
1034name[p] = 0;
1035while (isspace(*s)) s++;
1036return s;
1037}
1038
1039
1040
1041
1042/*************************************************
1043* Read a time value *
1044*************************************************/
1045
1046/* This function is also called from outside, to read argument
1047time values. The format of a time value is:
1048
1049 [<n>w][<n>d][<n>h][<n>m][<n>s]
1050
1051as long as at least one is present. If a format error is encountered,
1052return a negative value. The value must be terminated by the given
1053terminator.
1054
1055Arguments:
1056 s input pointer
1057 terminator required terminating character
1058 return_msec if TRUE, allow fractional seconds and return milliseconds
1059
1060Returns: the time value, or -1 on syntax error
1061 value is seconds if return_msec is FALSE
1062 value is milliseconds if return_msec is TRUE
1063*/
1064
1065int
1ad6489e 1066readconf_readtime(const uschar *s, int terminator, BOOL return_msec)
059ec3d9
PH
1067{
1068int yield = 0;
1069for (;;)
1070 {
1071 int value, count;
1072 double fraction;
1073
1074 if (!isdigit(*s)) return -1;
1ad6489e 1075 (void)sscanf(CCS s, "%d%n", &value, &count);
059ec3d9
PH
1076 s += count;
1077
1078 switch (*s)
1079 {
1080 case 'w': value *= 7;
1081 case 'd': value *= 24;
1082 case 'h': value *= 60;
1083 case 'm': value *= 60;
1084 case 's': s++;
1085 break;
1086
1087 case '.':
1088 if (!return_msec) return -1;
1ad6489e 1089 (void)sscanf(CCS s, "%lf%n", &fraction, &count);
059ec3d9
PH
1090 s += count;
1091 if (*s++ != 's') return -1;
1092 yield += (int)(fraction * 1000.0);
1093 break;
1094
1095 default: return -1;
1096 }
1097
1098 if (return_msec) value *= 1000;
1099 yield += value;
1100 if (*s == terminator) return yield;
1101 }
1102/* Control never reaches here. */
1103}
1104
1105
1106
1107/*************************************************
1108* Read a fixed point value *
1109*************************************************/
1110
1111/* The value is returned *1000
1112
1113Arguments:
1114 s input pointer
1115 terminator required terminator
1116
1117Returns: the value, or -1 on error
1118*/
1119
1120static int
55414b25 1121readconf_readfixed(const uschar *s, int terminator)
059ec3d9
PH
1122{
1123int yield = 0;
1124int value, count;
1125if (!isdigit(*s)) return -1;
1126(void)sscanf(CS s, "%d%n", &value, &count);
1127s += count;
1128yield = value * 1000;
1129if (*s == '.')
1130 {
1131 int m = 100;
1132 while (isdigit((*(++s))))
1133 {
1134 yield += (*s - '0') * m;
1135 m /= 10;
1136 }
1137 }
1138
1139return (*s == terminator)? yield : (-1);
1140}
1141
1142
1143
1144/*************************************************
1145* Find option in list *
1146*************************************************/
1147
1148/* The lists are always in order, so binary chop can be used.
1149
1150Arguments:
1151 name the option name to search for
1152 ol the first entry in the option list
1153 last one more than the offset of the last entry in the option list
1154
1155Returns: pointer to an option entry, or NULL if not found
1156*/
1157
1158static optionlist *
1159find_option(uschar *name, optionlist *ol, int last)
1160{
1161int first = 0;
1162while (last > first)
1163 {
1164 int middle = (first + last)/2;
1165 int c = Ustrcmp(name, ol[middle].name);
d7bed771 1166
059ec3d9 1167 if (c == 0) return ol + middle;
d7bed771
JH
1168 else if (c > 0) first = middle + 1;
1169 else last = middle;
059ec3d9
PH
1170 }
1171return NULL;
1172}
1173
1174
1175
1176/*************************************************
1177* Find a set flag in option list *
1178*************************************************/
1179
1180/* Because some versions of Unix make no restrictions on the values of uids and
1181gids (even negative ones), we cannot represent "unset" by a special value.
1182There is therefore a separate boolean variable for each one indicating whether
1183a value is set or not. This function returns a pointer to the boolean, given
1184the original option name. It is a major disaster if the flag cannot be found.
1185
1186Arguments:
1187 name the name of the uid or gid option
1188 oltop points to the start of the relevant option list
1189 last one more than the offset of the last item in the option list
1190 data_block NULL when reading main options => data values in the option
1191 list are absolute addresses; otherwise they are byte offsets
1192 in data_block (used for driver options)
1193
1194Returns: a pointer to the boolean flag.
1195*/
1196
1197static BOOL *
1198get_set_flag(uschar *name, optionlist *oltop, int last, void *data_block)
1199{
1200optionlist *ol;
1201uschar name2[64];
1202sprintf(CS name2, "*set_%.50s", name);
1203ol = find_option(name2, oltop, last);
1204if (ol == NULL) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
1205 "Exim internal error: missing set flag for %s", name);
1206return (data_block == NULL)? (BOOL *)(ol->value) :
1207 (BOOL *)((uschar *)data_block + (long int)(ol->value));
1208}
1209
1210
1211
1212
1213/*************************************************
1214* Output extra characters message and die *
1215*************************************************/
1216
1217/* Called when an option line has junk on the end. Sometimes this is because
1218the sysadmin thinks comments are permitted.
1219
1220Arguments:
1221 s points to the extra characters
1222 t1..t3 strings to insert in the log message
1223
1224Returns: doesn't return; dies
1225*/
1226
1227static void
55414b25 1228extra_chars_error(const uschar *s, const uschar *t1, const uschar *t2, const uschar *t3)
059ec3d9
PH
1229{
1230uschar *comment = US"";
1231if (*s == '#') comment = US" (# is comment only at line start)";
1232log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1233 "extra characters follow %s%s%s%s", t1, t2, t3, comment);
1234}
1235
1236
1237
1238/*************************************************
1239* Read rewrite information *
1240*************************************************/
1241
1242/* Each line of rewrite information contains:
1243
1244. A complete address in the form user@domain, possibly with
1245 leading * for each part; or alternatively, a regex.
1246
1247. A replacement string (which will be expanded).
1248
1249. An optional sequence of one-letter flags, indicating which
1250 headers etc. to apply this rule to.
1251
1252All this is decoded and placed into a control block. The OR of the flags is
1253maintained in a common word.
1254
1255Arguments:
1256 p points to the string that makes up the rule
1257 existflags points to the overall flag word
1258 isglobal TRUE if reading global rewrite rules
1259
1260Returns: the control block for the parsed rule.
1261*/
1262
1263static rewrite_rule *
55414b25 1264readconf_one_rewrite(const uschar *p, int *existflags, BOOL isglobal)
059ec3d9
PH
1265{
1266rewrite_rule *next = store_get(sizeof(rewrite_rule));
1267
1268next->next = NULL;
1269next->key = string_dequote(&p);
1270
1271while (isspace(*p)) p++;
1272if (*p == 0)
1273 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1274 "missing rewrite replacement string");
1275
1276next->flags = 0;
1277next->replacement = string_dequote(&p);
1278
1279while (*p != 0) switch (*p++)
1280 {
1281 case ' ': case '\t': break;
1282
1283 case 'q': next->flags |= rewrite_quit; break;
1284 case 'w': next->flags |= rewrite_whole; break;
1285
1286 case 'h': next->flags |= rewrite_all_headers; break;
1287 case 's': next->flags |= rewrite_sender; break;
1288 case 'f': next->flags |= rewrite_from; break;
1289 case 't': next->flags |= rewrite_to; break;
1290 case 'c': next->flags |= rewrite_cc; break;
1291 case 'b': next->flags |= rewrite_bcc; break;
1292 case 'r': next->flags |= rewrite_replyto; break;
1293
1294 case 'E': next->flags |= rewrite_all_envelope; break;
1295 case 'F': next->flags |= rewrite_envfrom; break;
1296 case 'T': next->flags |= rewrite_envto; break;
1297
1298 case 'Q': next->flags |= rewrite_qualify; break;
1299 case 'R': next->flags |= rewrite_repeat; break;
1300
1301 case 'S':
1302 next->flags |= rewrite_smtp;
1303 if (next->key[0] != '^' && Ustrncmp(next->key, "\\N^", 3) != 0)
1304 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1305 "rewrite rule has the S flag but is not a regular expression");
1306 break;
1307
1308 default:
1309 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1310 "unknown rewrite flag character '%c' "
1311 "(could be missing quotes round replacement item)", p[-1]);
1312 break;
1313 }
1314
1315/* If no action flags are set, set all the "normal" rewrites. */
1316
1317if ((next->flags & (rewrite_all | rewrite_smtp)) == 0)
1318 next->flags |= isglobal? rewrite_all : rewrite_all_headers;
1319
1320/* Remember which exist, for optimization, and return the rule */
1321
1322*existflags |= next->flags;
1323return next;
1324}
1325
1326
1327
1328
1329/*************************************************
1330* Read global rewrite information *
1331*************************************************/
1332
1333/* Each line is a single rewrite rule; it is parsed into a control block
1334by readconf_one_rewrite(), and its flags are ORed into the global flag
1335word rewrite_existflags. */
1336
1337void
1338readconf_rewrites(void)
1339{
1340rewrite_rule **chain = &global_rewrite_rules;
1341uschar *p;
1342
1343while ((p = get_config_line()) != NULL)
1344 {
1345 rewrite_rule *next = readconf_one_rewrite(p, &rewrite_existflags, TRUE);
1346 *chain = next;
1347 chain = &(next->next);
1348 }
1349}
1350
1351
1352
1353/*************************************************
1354* Read a string *
1355*************************************************/
1356
1357/* Strings are read into the normal store pool. As long we aren't too
1358near the end of the current block, the string will just use what is necessary
1359on the top of the stacking pool, because string_cat() uses the extension
1360mechanism.
1361
1362Argument:
1363 s the rest of the input line
1364 name the option name (for errors)
1365
1366Returns: pointer to the string
1367*/
1368
1369static uschar *
55414b25 1370read_string(const uschar *s, const uschar *name)
059ec3d9
PH
1371{
1372uschar *yield;
55414b25 1373const uschar *ss;
059ec3d9
PH
1374
1375if (*s != '\"') return string_copy(s);
1376
1377ss = s;
1378yield = string_dequote(&s);
1379
1380if (s == ss+1 || s[-1] != '\"')
1381 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1382 "missing quote at end of string value for %s", name);
1383
1384if (*s != 0) extra_chars_error(s, US"string value for ", name, US"");
1385
1386return yield;
1387}
1388
1389
1390/*************************************************
1ad6489e
JH
1391* Custom-handler options *
1392*************************************************/
1393static void
1394fn_smtp_receive_timeout(const uschar * name, const uschar * str)
1395{
1ad6489e
JH
1396if (*str == '$')
1397 smtp_receive_timeout_s = string_copy(str);
1398else
1399 {
1400 /* "smtp_receive_timeout", opt_time, &smtp_receive_timeout */
1401 smtp_receive_timeout = readconf_readtime(str, 0, FALSE);
1402 if (smtp_receive_timeout < 0)
1403 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
1404 name);
1405 }
1406}
1407
1408/*************************************************
059ec3d9
PH
1409* Handle option line *
1410*************************************************/
1411
1412/* This function is called from several places to process a line containing the
1413setting of an option. The first argument is the line to be decoded; it has been
1414checked not to be empty and not to start with '#'. Trailing newlines and white
1415space have been removed. The second argument is a pointer to the list of
1416variable names that are to be recognized, together with their types and
1417locations, and the third argument gives the number of entries in the list.
1418
1419The fourth argument is a pointer to a data block. If it is NULL, then the data
1420values in the options list are absolute addresses. Otherwise, they are byte
1421offsets in the data block.
1422
1423String option data may continue onto several lines; this function reads further
1424data from config_file if necessary.
1425
1426The yield of this function is normally zero. If a string continues onto
1427multiple lines, then the data value is permitted to be followed by a comma
1428or a semicolon (for use in drivers) and the yield is that character.
1429
1430Arguments:
1431 buffer contains the configuration line to be handled
1432 oltop points to the start of the relevant option list
1433 last one more than the offset of the last item in the option list
1434 data_block NULL when reading main options => data values in the option
1435 list are absolute addresses; otherwise they are byte offsets
1436 in data_block when they have opt_public set; otherwise
1437 they are byte offsets in data_block->options_block.
1438 unknown_txt format string to use in panic message for unknown option;
1439 must contain %s for option name
1440 if given as NULL, don't panic on unknown option
1441
1442Returns: TRUE if an option was read successfully,
1443 FALSE false for an unknown option if unknown_txt == NULL,
1444 otherwise panic and die on an unknown option
1445*/
1446
1447static BOOL
1448readconf_handle_option(uschar *buffer, optionlist *oltop, int last,
1449 void *data_block, uschar *unknown_txt)
1450{
1451int ptr = 0;
1452int offset = 0;
1453int n, count, type, value;
1454int issecure = 0;
1455uid_t uid;
1456gid_t gid;
1457BOOL boolvalue = TRUE;
1458BOOL freesptr = TRUE;
1459optionlist *ol, *ol2;
1460struct passwd *pw;
1461void *reset_point;
1462int intbase = 0;
1463uschar *inttype = US"";
1464uschar *sptr;
1465uschar *s = buffer;
532be449 1466uschar **str_target;
059ec3d9
PH
1467uschar name[64];
1468uschar name2[64];
1469
1470/* There may be leading spaces; thereafter, we expect an option name starting
1471with a letter. */
1472
1473while (isspace(*s)) s++;
1474if (!isalpha(*s))
1475 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "option setting expected: %s", s);
1476
1477/* Read the name of the option, and skip any subsequent white space. If
1478it turns out that what we read was "hide", set the flag indicating that
1479this is a secure option, and loop to read the next word. */
1480
1481for (n = 0; n < 2; n++)
1482 {
1483 while (isalnum(*s) || *s == '_')
1484 {
1485 if (ptr < sizeof(name)-1) name[ptr++] = *s;
1486 s++;
1487 }
1488 name[ptr] = 0;
1489 while (isspace(*s)) s++;
1490 if (Ustrcmp(name, "hide") != 0) break;
1491 issecure = opt_secure;
1492 ptr = 0;
1493 }
1494
1495/* Deal with "no_" or "not_" here for booleans */
1496
1497if (Ustrncmp(name, "no_", 3) == 0)
1498 {
1499 boolvalue = FALSE;
1500 offset = 3;
1501 }
1502
1503if (Ustrncmp(name, "not_", 4) == 0)
1504 {
1505 boolvalue = FALSE;
1506 offset = 4;
1507 }
1508
1509/* Search the list for the given name. A non-existent name, or an option that
1510is set twice, is a disaster. */
1511
d7bed771 1512if (!(ol = find_option(name + offset, oltop, last)))
059ec3d9
PH
1513 {
1514 if (unknown_txt == NULL) return FALSE;
1515 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, CS unknown_txt, name);
1516 }
1517
846726c5
JH
1518if ((ol->type & opt_set) && !(ol->type & (opt_rep_con | opt_rep_str)))
1519 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1520 "\"%s\" option set for the second time", name);
059ec3d9
PH
1521
1522ol->type |= opt_set | issecure;
1523type = ol->type & opt_mask;
1524
1525/* Types with data values must be followed by '='; the "no[t]_" prefix
1526applies only to boolean values. */
1527
1528if (type < opt_bool || type > opt_bool_last)
1529 {
1530 if (offset != 0)
1531 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1532 "negation prefix applied to a non-boolean option");
1533 if (*s == 0)
1534 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1535 "unexpected end of line (data missing) after %s", name);
1536 if (*s != '=')
1537 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "missing \"=\" after %s", name);
1538 }
1539
1540/* If a boolean wasn't preceded by "no[t]_" it can be followed by = and
9c695f6d 1541true/false/yes/no, or, in the case of opt_expand_bool, a general string that
059ec3d9
PH
1542ultimately expands to one of those values. */
1543
1544else if (*s != 0 && (offset != 0 || *s != '='))
1545 extra_chars_error(s, US"boolean option ", name, US"");
1546
1547/* Skip white space after = */
1548
1549if (*s == '=') while (isspace((*(++s))));
1550
1551/* If there is a data block and the opt_public flag is not set, change
1552the data block pointer to the private options block. */
1553
1554if (data_block != NULL && (ol->type & opt_public) == 0)
1555 data_block = (void *)(((driver_instance *)data_block)->options_block);
1556
1557/* Now get the data according to the type. */
1558
1559switch (type)
1560 {
1561 /* If a string value is not enclosed in quotes, it consists of
1562 the rest of the current line, verbatim. Otherwise, string escapes
1563 are processed.
1564
1565 A transport is specified as a string, which is then looked up in the
1566 list of transports. A search type is specified as one of a number of
1567 known strings.
1568
1569 A set or rewrite rules for a driver is specified as a string, which is
1570 then parsed into a suitable chain of control blocks.
1571
1572 Uids and gids are specified as strings which are then looked up in the
1573 passwd file. Lists of uids and gids are similarly specified as colon-
1574 separated strings. */
1575
1576 case opt_stringptr:
1577 case opt_uid:
1578 case opt_gid:
1579 case opt_expand_uid:
1580 case opt_expand_gid:
1581 case opt_uidlist:
1582 case opt_gidlist:
1583 case opt_rewrite:
1584
1585 reset_point = sptr = read_string(s, name);
1586
1587 /* Having read a string, we now have several different ways of using it,
1588 depending on the data type, so do another switch. If keeping the actual
1589 string is not required (because it is interpreted), freesptr is set TRUE,
1590 and at the end we reset the pool. */
1591
1592 switch (type)
1593 {
1594 /* If this was a string, set the variable to point to the new string,
1595 and set the flag so its store isn't reclaimed. If it was a list of rewrite
1596 rules, we still keep the string (for printing), and parse the rules into a
1597 control block and flags word. */
1598
1599 case opt_stringptr:
adaa0e2c
JH
1600 str_target = data_block ? USS (US data_block + (long int)(ol->value))
1601 : USS (ol->value);
846726c5 1602 if (ol->type & opt_rep_con)
532be449 1603 {
adaa0e2c 1604 uschar * saved_condition;
6a8de854
PP
1605 /* We already have a condition, we're conducting a crude hack to let
1606 multiple condition rules be chained together, despite storing them in
1607 text form. */
adaa0e2c
JH
1608 *str_target = string_copy_malloc( (saved_condition = *str_target)
1609 ? string_sprintf("${if and{{bool_lax{%s}}{bool_lax{%s}}}}",
1610 saved_condition, sptr)
1611 : sptr);
846726c5
JH
1612 /* TODO(pdp): there is a memory leak here and just below
1613 when we set 3 or more conditions; I still don't
1614 understand the store mechanism enough to know
1615 what's the safe way to free content from an earlier store.
6a8de854
PP
1616 AFAICT, stores stack, so freeing an early stored item also stores
1617 all data alloc'd after it. If we knew conditions were adjacent,
1618 we could survive that, but we don't. So I *think* we need to take
1619 another bit from opt_type to indicate "malloced"; this seems like
1620 quite a hack, especially for this one case. It also means that
1621 we can't ever reclaim the store from the *first* condition.
1622
1623 Because we only do this once, near process start-up, I'm prepared to
1624 let this slide for the time being, even though it rankles. */
532be449 1625 }
76146973
JH
1626 else if (ol->type & opt_rep_str)
1627 {
2ad78978
JH
1628 uschar sep_o = Ustrncmp(name, "headers_add", 11)==0 ? '\n' : ':';
1629 int sep_i = -(int)sep_o;
55414b25 1630 const uschar * list = sptr;
2ad78978
JH
1631 uschar * s;
1632 uschar * list_o = *str_target;
1633
1634 while ((s = string_nextinlist(&list, &sep_i, NULL, 0)))
1635 list_o = string_append_listele(list_o, sep_o, s);
1636 if (list_o)
1637 *str_target = string_copy_malloc(list_o);
76146973 1638 }
532be449
PP
1639 else
1640 {
1641 *str_target = sptr;
1642 freesptr = FALSE;
1643 }
1644 break;
1645
059ec3d9 1646 case opt_rewrite:
adaa0e2c
JH
1647 if (data_block)
1648 *USS (US data_block + (long int)(ol->value)) = sptr;
059ec3d9 1649 else
adaa0e2c 1650 *USS (ol->value) = sptr;
059ec3d9
PH
1651 freesptr = FALSE;
1652 if (type == opt_rewrite)
1653 {
1654 int sep = 0;
1655 int *flagptr;
1656 uschar *p = sptr;
1657 rewrite_rule **chain;
1658 optionlist *ol3;
1659
1660 sprintf(CS name2, "*%.50s_rules", name);
1661 ol2 = find_option(name2, oltop, last);
1662 sprintf(CS name2, "*%.50s_flags", name);
1663 ol3 = find_option(name2, oltop, last);
1664
1665 if (ol2 == NULL || ol3 == NULL)
1666 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1667 "rewrite rules not available for driver");
1668
1669 if (data_block == NULL)
1670 {
1671 chain = (rewrite_rule **)(ol2->value);
1672 flagptr = (int *)(ol3->value);
1673 }
1674 else
1675 {
1676 chain = (rewrite_rule **)((uschar *)data_block + (long int)(ol2->value));
1677 flagptr = (int *)((uschar *)data_block + (long int)(ol3->value));
1678 }
1679
55414b25 1680 while ((p = string_nextinlist(CUSS &sptr, &sep, big_buffer, BIG_BUFFER_SIZE)))
059ec3d9
PH
1681 {
1682 rewrite_rule *next = readconf_one_rewrite(p, flagptr, FALSE);
1683 *chain = next;
1684 chain = &(next->next);
1685 }
1686
1687 if ((*flagptr & (rewrite_all_envelope | rewrite_smtp)) != 0)
1688 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "rewrite rule specifies a "
1689 "non-header rewrite - not allowed at transport time -");
1690 }
1691 break;
1692
1693 /* If it was an expanded uid, see if there is any expansion to be
1694 done by checking for the presence of a $ character. If there is, save it
1695 in the corresponding *expand_user option field. Otherwise, fall through
1696 to treat it as a fixed uid. Ensure mutual exclusivity of the two kinds
1697 of data. */
1698
1699 case opt_expand_uid:
1700 sprintf(CS name2, "*expand_%.50s", name);
1701 ol2 = find_option(name2, oltop, last);
1702 if (ol2 != NULL)
1703 {
1704 uschar *ss = (Ustrchr(sptr, '$') != NULL)? sptr : NULL;
1705
1706 if (data_block == NULL)
1707 *((uschar **)(ol2->value)) = ss;
1708 else
1709 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = ss;
1710
1711 if (ss != NULL)
1712 {
1713 *(get_set_flag(name, oltop, last, data_block)) = FALSE;
1714 freesptr = FALSE;
1715 break;
1716 }
1717 }
1718
1719 /* Look up a fixed uid, and also make use of the corresponding gid
1720 if a passwd entry is returned and the gid has not been set. */
1721
1722 case opt_uid:
1723 if (!route_finduser(sptr, &pw, &uid))
1724 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "user %s was not found", sptr);
1725 if (data_block == NULL)
1726 *((uid_t *)(ol->value)) = uid;
1727 else
1728 *((uid_t *)((uschar *)data_block + (long int)(ol->value))) = uid;
1729
1730 /* Set the flag indicating a fixed value is set */
1731
1732 *(get_set_flag(name, oltop, last, data_block)) = TRUE;
1733
1734 /* Handle matching gid if we have a passwd entry: done by finding the
1735 same name with terminating "user" changed to "group"; if not found,
1736 ignore. Also ignore if the value is already set. */
1737
1738 if (pw == NULL) break;
1739 Ustrcpy(name+Ustrlen(name)-4, "group");
1740 ol2 = find_option(name, oltop, last);
1741 if (ol2 != NULL && ((ol2->type & opt_mask) == opt_gid ||
1742 (ol2->type & opt_mask) == opt_expand_gid))
1743 {
1744 BOOL *set_flag = get_set_flag(name, oltop, last, data_block);
1745 if (! *set_flag)
1746 {
1747 if (data_block == NULL)
1748 *((gid_t *)(ol2->value)) = pw->pw_gid;
1749 else
1750 *((gid_t *)((uschar *)data_block + (long int)(ol2->value))) = pw->pw_gid;
1751 *set_flag = TRUE;
1752 }
1753 }
1754 break;
1755
1756 /* If it was an expanded gid, see if there is any expansion to be
1757 done by checking for the presence of a $ character. If there is, save it
1758 in the corresponding *expand_user option field. Otherwise, fall through
1759 to treat it as a fixed gid. Ensure mutual exclusivity of the two kinds
1760 of data. */
1761
1762 case opt_expand_gid:
1763 sprintf(CS name2, "*expand_%.50s", name);
1764 ol2 = find_option(name2, oltop, last);
1765 if (ol2 != NULL)
1766 {
1767 uschar *ss = (Ustrchr(sptr, '$') != NULL)? sptr : NULL;
1768
1769 if (data_block == NULL)
1770 *((uschar **)(ol2->value)) = ss;
1771 else
1772 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = ss;
1773
1774 if (ss != NULL)
1775 {
1776 *(get_set_flag(name, oltop, last, data_block)) = FALSE;
1777 freesptr = FALSE;
1778 break;
1779 }
1780 }
1781
1782 /* Handle freestanding gid */
1783
1784 case opt_gid:
1785 if (!route_findgroup(sptr, &gid))
1786 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "group %s was not found", sptr);
1787 if (data_block == NULL)
1788 *((gid_t *)(ol->value)) = gid;
1789 else
1790 *((gid_t *)((uschar *)data_block + (long int)(ol->value))) = gid;
1791 *(get_set_flag(name, oltop, last, data_block)) = TRUE;
1792 break;
1793
1794 /* If it was a uid list, look up each individual entry, and build
1795 a vector of uids, with a count in the first element. Put the vector
1796 in malloc store so we can free the string. (We are reading into
1797 permanent store already.) */
1798
1799 case opt_uidlist:
1800 {
1801 int count = 1;
1802 uid_t *list;
1803 int ptr = 0;
55414b25
JH
1804 const uschar *p;
1805 const uschar *op = expand_string (sptr);
0925ede6
PH
1806
1807 if (op == NULL)
1808 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s",
1809 name, expand_string_message);
059ec3d9 1810
0925ede6 1811 p = op;
059ec3d9 1812 if (*p != 0) count++;
0925ede6 1813 while (*p != 0) if (*p++ == ':' && *p != 0) count++;
059ec3d9
PH
1814 list = store_malloc(count*sizeof(uid_t));
1815 list[ptr++] = (uid_t)(count - 1);
1816
1817 if (data_block == NULL)
1818 *((uid_t **)(ol->value)) = list;
1819 else
1820 *((uid_t **)((uschar *)data_block + (long int)(ol->value))) = list;
1821
0925ede6 1822 p = op;
059ec3d9
PH
1823 while (count-- > 1)
1824 {
1825 int sep = 0;
1826 (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
1827 if (!route_finduser(big_buffer, NULL, &uid))
1828 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "user %s was not found",
1829 big_buffer);
1830 list[ptr++] = uid;
1831 }
1832 }
1833 break;
1834
1835 /* If it was a gid list, look up each individual entry, and build
1836 a vector of gids, with a count in the first element. Put the vector
1837 in malloc store so we can free the string. (We are reading into permanent
1838 store already.) */
1839
1840 case opt_gidlist:
1841 {
1842 int count = 1;
1843 gid_t *list;
1844 int ptr = 0;
55414b25
JH
1845 const uschar *p;
1846 const uschar *op = expand_string (sptr);
0925ede6
PH
1847
1848 if (op == NULL)
1849 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s",
1850 name, expand_string_message);
059ec3d9 1851
0925ede6 1852 p = op;
059ec3d9 1853 if (*p != 0) count++;
0925ede6 1854 while (*p != 0) if (*p++ == ':' && *p != 0) count++;
059ec3d9
PH
1855 list = store_malloc(count*sizeof(gid_t));
1856 list[ptr++] = (gid_t)(count - 1);
1857
1858 if (data_block == NULL)
1859 *((gid_t **)(ol->value)) = list;
1860 else
1861 *((gid_t **)((uschar *)data_block + (long int)(ol->value))) = list;
1862
0925ede6 1863 p = op;
059ec3d9
PH
1864 while (count-- > 1)
1865 {
1866 int sep = 0;
1867 (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
1868 if (!route_findgroup(big_buffer, &gid))
1869 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "group %s was not found",
1870 big_buffer);
1871 list[ptr++] = gid;
1872 }
1873 }
1874 break;
1875 }
1876
1877 /* Release store if the value of the string doesn't need to be kept. */
1878
1879 if (freesptr) store_reset(reset_point);
1880 break;
1881
1882 /* Expanded boolean: if no characters follow, or if there are no dollar
1883 characters, this is a fixed-valued boolean, and we fall through. Otherwise,
1884 save the string for later expansion in the alternate place. */
1885
1886 case opt_expand_bool:
1887 if (*s != 0 && Ustrchr(s, '$') != 0)
1888 {
1889 sprintf(CS name2, "*expand_%.50s", name);
1890 ol2 = find_option(name2, oltop, last);
1891 if (ol2 != NULL)
1892 {
1893 reset_point = sptr = read_string(s, name);
1894 if (data_block == NULL)
1895 *((uschar **)(ol2->value)) = sptr;
1896 else
1897 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = sptr;
1898 freesptr = FALSE;
1899 break;
1900 }
1901 }
1902 /* Fall through */
1903
1904 /* Boolean: if no characters follow, the value is boolvalue. Otherwise
1905 look for yes/not/true/false. Some booleans are stored in a single bit in
1906 a single int. There's a special fudge for verify settings; without a suffix
1907 they set both xx_sender and xx_recipient. The table points to the sender
1908 value; search subsequently for the recipient. There's another special case:
1909 opt_bool_set also notes when a boolean has been set. */
1910
1911 case opt_bool:
1912 case opt_bit:
1913 case opt_bool_verify:
1914 case opt_bool_set:
1915 if (*s != 0)
1916 {
1917 s = readconf_readname(name2, 64, s);
1918 if (strcmpic(name2, US"true") == 0 || strcmpic(name2, US"yes") == 0)
1919 boolvalue = TRUE;
1920 else if (strcmpic(name2, US"false") == 0 || strcmpic(name2, US"no") == 0)
1921 boolvalue = FALSE;
1922 else log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1923 "\"%s\" is not a valid value for the \"%s\" option", name2, name);
1924 if (*s != 0) extra_chars_error(s, string_sprintf("\"%s\" ", name2),
1925 US"for boolean option ", name);
1926 }
1927
1928 /* Handle single-bit type. */
1929
1930 if (type == opt_bit)
1931 {
1932 int bit = 1 << ((ol->type >> 16) & 31);
1933 int *ptr = (data_block == NULL)?
1934 (int *)(ol->value) :
1935 (int *)((uschar *)data_block + (long int)ol->value);
1936 if (boolvalue) *ptr |= bit; else *ptr &= ~bit;
1937 break;
1938 }
1939
1940 /* Handle full BOOL types */
1941
1942 if (data_block == NULL)
1943 *((BOOL *)(ol->value)) = boolvalue;
1944 else
1945 *((BOOL *)((uschar *)data_block + (long int)(ol->value))) = boolvalue;
1946
1947 /* Verify fudge */
1948
1949 if (type == opt_bool_verify)
1950 {
1951 sprintf(CS name2, "%.50s_recipient", name + offset);
1952 ol2 = find_option(name2, oltop, last);
1953 if (ol2 != NULL)
1954 {
1955 if (data_block == NULL)
1956 *((BOOL *)(ol2->value)) = boolvalue;
1957 else
1958 *((BOOL *)((uschar *)data_block + (long int)(ol2->value))) = boolvalue;
1959 }
1960 }
1961
1962 /* Note that opt_bool_set type is set, if there is somewhere to do so */
1963
1964 else if (type == opt_bool_set)
1965 {
1966 sprintf(CS name2, "*set_%.50s", name + offset);
1967 ol2 = find_option(name2, oltop, last);
1968 if (ol2 != NULL)
1969 {
1970 if (data_block == NULL)
1971 *((BOOL *)(ol2->value)) = TRUE;
1972 else
1973 *((BOOL *)((uschar *)data_block + (long int)(ol2->value))) = TRUE;
1974 }
1975 }
1976 break;
1977
1978 /* Octal integer */
1979
1980 case opt_octint:
1981 intbase = 8;
1982 inttype = US"octal ";
1983
1984 /* Integer: a simple(ish) case; allow octal and hex formats, and
dcb72db9 1985 suffixes K, M and G. The different types affect output, not input. */
059ec3d9
PH
1986
1987 case opt_mkint:
1988 case opt_int:
1989 {
1990 uschar *endptr;
7e8d92ba
PH
1991 long int lvalue;
1992
059ec3d9 1993 errno = 0;
7e8d92ba 1994 lvalue = strtol(CS s, CSS &endptr, intbase);
059ec3d9
PH
1995
1996 if (endptr == s)
1997 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
1998 inttype, name);
1999
2000 if (errno != ERANGE)
059ec3d9
PH
2001 if (tolower(*endptr) == 'k')
2002 {
7e8d92ba
PH
2003 if (lvalue > INT_MAX/1024 || lvalue < INT_MIN/1024) errno = ERANGE;
2004 else lvalue *= 1024;
059ec3d9
PH
2005 endptr++;
2006 }
2007 else if (tolower(*endptr) == 'm')
2008 {
7e8d92ba 2009 if (lvalue > INT_MAX/(1024*1024) || lvalue < INT_MIN/(1024*1024))
059ec3d9 2010 errno = ERANGE;
7e8d92ba 2011 else lvalue *= 1024*1024;
059ec3d9
PH
2012 endptr++;
2013 }
dcb72db9
JH
2014 else if (tolower(*endptr) == 'g')
2015 {
2016 if (lvalue > INT_MAX/(1024*1024*1024) || lvalue < INT_MIN/(1024*1024*1024))
2017 errno = ERANGE;
2018 else lvalue *= 1024*1024*1024;
2019 endptr++;
2020 }
059ec3d9 2021
7e8d92ba
PH
2022 if (errno == ERANGE || lvalue > INT_MAX || lvalue < INT_MIN)
2023 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2024 "absolute value of integer \"%s\" is too large (overflow)", s);
059ec3d9
PH
2025
2026 while (isspace(*endptr)) endptr++;
2027 if (*endptr != 0)
2028 extra_chars_error(endptr, inttype, US"integer value for ", name);
7e8d92ba
PH
2029
2030 value = (int)lvalue;
059ec3d9
PH
2031 }
2032
2033 if (data_block == NULL)
2034 *((int *)(ol->value)) = value;
2035 else
2036 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2037 break;
2038
dcb72db9
JH
2039 /* Integer held in K: again, allow octal and hex formats, and suffixes K, M
2040 and G. */
13559da6 2041 /*XXX consider moving to int_eximarith_t (but mind the overflow test 0415) */
059ec3d9
PH
2042
2043 case opt_Kint:
2044 {
2045 uschar *endptr;
2046 errno = 0;
2047 value = strtol(CS s, CSS &endptr, intbase);
2048
2049 if (endptr == s)
2050 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
2051 inttype, name);
2052
2053 if (errno != ERANGE)
dcb72db9 2054 if (tolower(*endptr) == 'g')
059ec3d9 2055 {
dcb72db9
JH
2056 if (value > INT_MAX/(1024*1024) || value < INT_MIN/(1024*1024))
2057 errno = ERANGE;
2058 else
2059 value *= 1024*1024;
059ec3d9
PH
2060 endptr++;
2061 }
dcb72db9 2062 else if (tolower(*endptr) == 'm')
059ec3d9 2063 {
dcb72db9
JH
2064 if (value > INT_MAX/1024 || value < INT_MIN/1024)
2065 errno = ERANGE;
2066 else
2067 value *= 1024;
059ec3d9
PH
2068 endptr++;
2069 }
dcb72db9
JH
2070 else if (tolower(*endptr) == 'k')
2071 endptr++;
059ec3d9 2072 else
059ec3d9 2073 value = (value + 512)/1024;
059ec3d9
PH
2074
2075 if (errno == ERANGE) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2076 "absolute value of integer \"%s\" is too large (overflow)", s);
2077
2078 while (isspace(*endptr)) endptr++;
2079 if (*endptr != 0)
2080 extra_chars_error(endptr, inttype, US"integer value for ", name);
2081 }
2082
2083 if (data_block == NULL)
2084 *((int *)(ol->value)) = value;
2085 else
2086 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2087 break;
2088
2089 /* Fixed-point number: held to 3 decimal places. */
2090
2091 case opt_fixed:
2092 if (sscanf(CS s, "%d%n", &value, &count) != 1)
2093 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2094 "fixed-point number expected for %s", name);
2095
2096 if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2097 "integer \"%s\" is too large (overflow)", s);
2098
2099 value *= 1000;
2100
2101 if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2102 "integer \"%s\" is too large (overflow)", s);
2103
2104 if (s[count] == '.')
2105 {
2106 int d = 100;
2107 while (isdigit(s[++count]))
2108 {
2109 value += (s[count] - '0') * d;
2110 d /= 10;
2111 }
2112 }
2113
2114 while (isspace(s[count])) count++;
2115
2116 if (s[count] != 0)
2117 extra_chars_error(s+count, US"fixed-point value for ", name, US"");
2118
2119 if (data_block == NULL)
2120 *((int *)(ol->value)) = value;
2121 else
2122 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2123 break;
2124
2125 /* There's a special routine to read time values. */
2126
2127 case opt_time:
2128 value = readconf_readtime(s, 0, FALSE);
2129 if (value < 0)
2130 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
2131 name);
2132 if (data_block == NULL)
2133 *((int *)(ol->value)) = value;
2134 else
2135 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2136 break;
2137
2138 /* A time list is a list of colon-separated times, with the first
2139 element holding the size of the list and the second the number of
2140 entries used. */
2141
2142 case opt_timelist:
2143 {
2144 int count = 0;
2145 int *list = (data_block == NULL)?
2146 (int *)(ol->value) :
2147 (int *)((uschar *)data_block + (long int)(ol->value));
2148
2149 if (*s != 0) for (count = 1; count <= list[0] - 2; count++)
2150 {
2151 int terminator = 0;
2152 uschar *snext = Ustrchr(s, ':');
2153 if (snext != NULL)
2154 {
2155 uschar *ss = snext;
2156 while (ss > s && isspace(ss[-1])) ss--;
2157 terminator = *ss;
2158 }
2159 value = readconf_readtime(s, terminator, FALSE);
2160 if (value < 0)
2161 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
2162 name);
2163 if (count > 1 && value <= list[count])
2164 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2165 "time value out of order for %s", name);
2166 list[count+1] = value;
2167 if (snext == NULL) break;
2168 s = snext + 1;
2169 while (isspace(*s)) s++;
2170 }
2171
2172 if (count > list[0] - 2)
2173 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "too many time values for %s",
2174 name);
2175 if (count > 0 && list[2] == 0) count = 0;
2176 list[1] = count;
1ad6489e 2177 break;
059ec3d9
PH
2178 }
2179
1ad6489e
JH
2180 case opt_func:
2181 {
2182 void (*fn)() = ol->value;
2183 fn(name, s);
2184 break;
2185 }
059ec3d9
PH
2186 }
2187
2188return TRUE;
2189}
2190
2191
2192
2193/*************************************************
2194* Print a time value *
2195*************************************************/
2196
2197/*
2198Argument: a time value in seconds
2199Returns: pointer to a fixed buffer containing the time as a string,
2200 in readconf_readtime() format
2201*/
2202
2203uschar *
2204readconf_printtime(int t)
2205{
2206int s, m, h, d, w;
2207uschar *p = time_buffer;
2208
ea49d0e1
PH
2209if (t < 0)
2210 {
2211 *p++ = '-';
2212 t = -t;
2213 }
2214
059ec3d9
PH
2215s = t % 60;
2216t /= 60;
2217m = t % 60;
2218t /= 60;
2219h = t % 24;
2220t /= 24;
2221d = t % 7;
2222w = t/7;
2223
2224if (w > 0) { sprintf(CS p, "%dw", w); while (*p) p++; }
2225if (d > 0) { sprintf(CS p, "%dd", d); while (*p) p++; }
2226if (h > 0) { sprintf(CS p, "%dh", h); while (*p) p++; }
2227if (m > 0) { sprintf(CS p, "%dm", m); while (*p) p++; }
2228if (s > 0 || p == time_buffer) sprintf(CS p, "%ds", s);
2229
2230return time_buffer;
2231}
2232
2233
2234
2235/*************************************************
2236* Print an individual option value *
2237*************************************************/
2238
2239/* This is used by the -bP option, so prints to the standard output.
2240The entire options list is passed in as an argument, because some options come
2241in pairs - typically uid/gid settings, which can either be explicit numerical
2242values, or strings to be expanded later. If the numerical value is unset,
2243search for "*expand_<name>" to see if there is a string equivalent.
2244
2245Arguments:
2246 ol option entry, or NULL for an unknown option
2247 name option name
2248 options_block NULL for main configuration options; otherwise points to
2249 a driver block; if the option doesn't have opt_public
2250 set, then options_block->options_block is where the item
2251 resides.
2252 oltop points to the option list in which ol exists
2253 last one more than the offset of the last entry in optop
12f69989 2254 no_labels do not show "foo = " at the start.
059ec3d9
PH
2255
2256Returns: nothing
2257*/
2258
2259static void
2260print_ol(optionlist *ol, uschar *name, void *options_block,
12f69989 2261 optionlist *oltop, int last, BOOL no_labels)
059ec3d9
PH
2262{
2263struct passwd *pw;
2264struct group *gr;
2265optionlist *ol2;
2266void *value;
2267uid_t *uidlist;
2268gid_t *gidlist;
2269uschar *s;
2270uschar name2[64];
2271
2272if (ol == NULL)
2273 {
2274 printf("%s is not a known option\n", name);
2275 return;
2276 }
2277
2278/* Non-admin callers cannot see options that have been flagged secure by the
2279"hide" prefix. */
2280
2281if (!admin_user && (ol->type & opt_secure) != 0)
2282 {
12f69989
PP
2283 if (no_labels)
2284 printf("%s\n", hidden);
2285 else
2286 printf("%s = %s\n", name, hidden);
059ec3d9
PH
2287 return;
2288 }
2289
2290/* Else show the value of the option */
2291
2292value = ol->value;
2293if (options_block != NULL)
2294 {
2295 if ((ol->type & opt_public) == 0)
2296 options_block = (void *)(((driver_instance *)options_block)->options_block);
2297 value = (void *)((uschar *)options_block + (long int)value);
2298 }
2299
2300switch(ol->type & opt_mask)
2301 {
2302 case opt_stringptr:
2303 case opt_rewrite: /* Show the text value */
2304 s = *((uschar **)value);
12f69989
PP
2305 if (!no_labels) printf("%s = ", name);
2306 printf("%s\n", (s == NULL)? US"" : string_printing2(s, FALSE));
059ec3d9
PH
2307 break;
2308
2309 case opt_int:
12f69989
PP
2310 if (!no_labels) printf("%s = ", name);
2311 printf("%d\n", *((int *)value));
059ec3d9
PH
2312 break;
2313
2314 case opt_mkint:
2315 {
2316 int x = *((int *)value);
2317 if (x != 0 && (x & 1023) == 0)
2318 {
2319 int c = 'K';
2320 x >>= 10;
2321 if ((x & 1023) == 0)
2322 {
2323 c = 'M';
2324 x >>= 10;
2325 }
12f69989
PP
2326 if (!no_labels) printf("%s = ", name);
2327 printf("%d%c\n", x, c);
2328 }
2329 else
2330 {
2331 if (!no_labels) printf("%s = ", name);
2332 printf("%d\n", x);
059ec3d9 2333 }
059ec3d9
PH
2334 }
2335 break;
2336
2337 case opt_Kint:
2338 {
2339 int x = *((int *)value);
12f69989
PP
2340 if (!no_labels) printf("%s = ", name);
2341 if (x == 0) printf("0\n");
2342 else if ((x & 1023) == 0) printf("%dM\n", x >> 10);
2343 else printf("%dK\n", x);
059ec3d9
PH
2344 }
2345 break;
2346
2347 case opt_octint:
12f69989
PP
2348 if (!no_labels) printf("%s = ", name);
2349 printf("%#o\n", *((int *)value));
059ec3d9
PH
2350 break;
2351
2352 /* Can be negative only when "unset", in which case integer */
2353
2354 case opt_fixed:
2355 {
2356 int x = *((int *)value);
2357 int f = x % 1000;
2358 int d = 100;
2359 if (x < 0) printf("%s =\n", name); else
2360 {
12f69989
PP
2361 if (!no_labels) printf("%s = ", name);
2362 printf("%d.", x/1000);
059ec3d9
PH
2363 do
2364 {
2365 printf("%d", f/d);
2366 f %= d;
2367 d /= 10;
2368 }
2369 while (f != 0);
2370 printf("\n");
2371 }
2372 }
2373 break;
2374
2375 /* If the numerical value is unset, try for the string value */
2376
2377 case opt_expand_uid:
2378 if (! *get_set_flag(name, oltop, last, options_block))
2379 {
2380 sprintf(CS name2, "*expand_%.50s", name);
2381 ol2 = find_option(name2, oltop, last);
2382 if (ol2 != NULL)
2383 {
2384 void *value2 = ol2->value;
2385 if (options_block != NULL)
2386 value2 = (void *)((uschar *)options_block + (long int)value2);
2387 s = *((uschar **)value2);
12f69989
PP
2388 if (!no_labels) printf("%s = ", name);
2389 printf("%s\n", (s == NULL)? US"" : string_printing(s));
059ec3d9
PH
2390 break;
2391 }
2392 }
2393
2394 /* Else fall through */
2395
2396 case opt_uid:
12f69989 2397 if (!no_labels) printf("%s = ", name);
059ec3d9 2398 if (! *get_set_flag(name, oltop, last, options_block))
12f69989 2399 printf("\n");
059ec3d9
PH
2400 else
2401 {
2402 pw = getpwuid(*((uid_t *)value));
2403 if (pw == NULL)
12f69989
PP
2404 printf("%ld\n", (long int)(*((uid_t *)value)));
2405 else printf("%s\n", pw->pw_name);
059ec3d9
PH
2406 }
2407 break;
2408
2409 /* If the numerical value is unset, try for the string value */
2410
2411 case opt_expand_gid:
2412 if (! *get_set_flag(name, oltop, last, options_block))
2413 {
2414 sprintf(CS name2, "*expand_%.50s", name);
2415 ol2 = find_option(name2, oltop, last);
2416 if (ol2 != NULL && (ol2->type & opt_mask) == opt_stringptr)
2417 {
2418 void *value2 = ol2->value;
2419 if (options_block != NULL)
2420 value2 = (void *)((uschar *)options_block + (long int)value2);
2421 s = *((uschar **)value2);
12f69989
PP
2422 if (!no_labels) printf("%s = ", name);
2423 printf("%s\n", (s == NULL)? US"" : string_printing(s));
059ec3d9
PH
2424 break;
2425 }
2426 }
2427
2428 /* Else fall through */
2429
2430 case opt_gid:
12f69989 2431 if (!no_labels) printf("%s = ", name);
059ec3d9 2432 if (! *get_set_flag(name, oltop, last, options_block))
12f69989 2433 printf("\n");
059ec3d9
PH
2434 else
2435 {
2436 gr = getgrgid(*((int *)value));
2437 if (gr == NULL)
12f69989
PP
2438 printf("%ld\n", (long int)(*((int *)value)));
2439 else printf("%s\n", gr->gr_name);
059ec3d9
PH
2440 }
2441 break;
2442
2443 case opt_uidlist:
2444 uidlist = *((uid_t **)value);
12f69989 2445 if (!no_labels) printf("%s =", name);
059ec3d9
PH
2446 if (uidlist != NULL)
2447 {
2448 int i;
2449 uschar sep = ' ';
12f69989 2450 if (no_labels) sep = '\0';
059ec3d9
PH
2451 for (i = 1; i <= (int)(uidlist[0]); i++)
2452 {
2453 uschar *name = NULL;
2454 pw = getpwuid(uidlist[i]);
2455 if (pw != NULL) name = US pw->pw_name;
12f69989
PP
2456 if (sep != '\0') printf("%c", sep);
2457 if (name != NULL) printf("%s", name);
2458 else printf("%ld", (long int)(uidlist[i]));
059ec3d9
PH
2459 sep = ':';
2460 }
2461 }
2462 printf("\n");
2463 break;
2464
2465 case opt_gidlist:
2466 gidlist = *((gid_t **)value);
12f69989 2467 if (!no_labels) printf("%s =", name);
059ec3d9
PH
2468 if (gidlist != NULL)
2469 {
2470 int i;
2471 uschar sep = ' ';
12f69989 2472 if (no_labels) sep = '\0';
059ec3d9
PH
2473 for (i = 1; i <= (int)(gidlist[0]); i++)
2474 {
2475 uschar *name = NULL;
2476 gr = getgrgid(gidlist[i]);
2477 if (gr != NULL) name = US gr->gr_name;
12f69989
PP
2478 if (sep != '\0') printf("%c", sep);
2479 if (name != NULL) printf("%s", name);
2480 else printf("%ld", (long int)(gidlist[i]));
059ec3d9
PH
2481 sep = ':';
2482 }
2483 }
2484 printf("\n");
2485 break;
2486
2487 case opt_time:
12f69989
PP
2488 if (!no_labels) printf("%s = ", name);
2489 printf("%s\n", readconf_printtime(*((int *)value)));
059ec3d9
PH
2490 break;
2491
2492 case opt_timelist:
2493 {
2494 int i;
2495 int *list = (int *)value;
12f69989 2496 if (!no_labels) printf("%s = ", name);
059ec3d9
PH
2497 for (i = 0; i < list[1]; i++)
2498 printf("%s%s", (i == 0)? "" : ":", readconf_printtime(list[i+2]));
2499 printf("\n");
2500 }
2501 break;
2502
2503 case opt_bit:
2504 printf("%s%s\n", ((*((int *)value)) & (1 << ((ol->type >> 16) & 31)))?
2505 "" : "no_", name);
2506 break;
2507
2508 case opt_expand_bool:
2509 sprintf(CS name2, "*expand_%.50s", name);
2510 ol2 = find_option(name2, oltop, last);
2511 if (ol2 != NULL && ol2->value != NULL)
2512 {
2513 void *value2 = ol2->value;
2514 if (options_block != NULL)
2515 value2 = (void *)((uschar *)options_block + (long int)value2);
2516 s = *((uschar **)value2);
2517 if (s != NULL)
2518 {
12f69989
PP
2519 if (!no_labels) printf("%s = ", name);
2520 printf("%s\n", string_printing(s));
059ec3d9
PH
2521 break;
2522 }
2523 /* s == NULL => string not set; fall through */
2524 }
2525
2526 /* Fall through */
2527
2528 case opt_bool:
2529 case opt_bool_verify:
2530 case opt_bool_set:
2531 printf("%s%s\n", (*((BOOL *)value))? "" : "no_", name);
2532 break;
2533 }
2534}
2535
2536
2537
2538/*************************************************
2539* Print value from main configuration *
2540*************************************************/
2541
2542/* This function, called as a result of encountering the -bP option,
2543causes the value of any main configuration variable to be output if the
2544second argument is NULL. There are some special values:
2545
2546 all print all main configuration options
44f6c01d
HSHR
2547 config_file print the name of the configuration file
2548 (configure_file will still work, for backward
2549 compatibility)
059ec3d9
PH
2550 routers print the routers' configurations
2551 transports print the transports' configuration
2552 authenticators print the authenticators' configuration
5d9c27ec 2553 macros print the macros' configuration
059ec3d9
PH
2554 router_list print a list of router names
2555 transport_list print a list of transport names
2556 authenticator_list print a list of authentication mechanism names
5d9c27ec 2557 macro_list print a list of macro names
059ec3d9
PH
2558 +name print a named list item
2559 local_scan print the local_scan options
bf3c2c6b 2560 config print the configuration as it is parsed
bc3c7bb7 2561 environment print the used execution environment
059ec3d9 2562
5d9c27ec
TK
2563If the second argument is not NULL, it must be one of "router", "transport",
2564"authenticator" or "macro" in which case the first argument identifies the
2565driver whose options are to be printed.
059ec3d9
PH
2566
2567Arguments:
2568 name option name if type == NULL; else driver name
2569 type NULL or driver type name, as described above
12f69989 2570 no_labels avoid the "foo = " at the start of an item
059ec3d9
PH
2571
2572Returns: nothing
2573*/
2574
2575void
12f69989 2576readconf_print(uschar *name, uschar *type, BOOL no_labels)
059ec3d9
PH
2577{
2578BOOL names_only = FALSE;
2579optionlist *ol;
2580optionlist *ol2 = NULL;
2581driver_instance *d = NULL;
5d9c27ec 2582macro_item *m;
059ec3d9
PH
2583int size = 0;
2584
2585if (type == NULL)
2586 {
2587 if (*name == '+')
2588 {
2589 int i;
2590 tree_node *t;
2591 BOOL found = FALSE;
2592 static uschar *types[] = { US"address", US"domain", US"host",
2593 US"localpart" };
2594 static tree_node **anchors[] = { &addresslist_anchor, &domainlist_anchor,
2595 &hostlist_anchor, &localpartlist_anchor };
2596
2597 for (i = 0; i < 4; i++)
2598 {
2599 t = tree_search(*(anchors[i]), name+1);
2600 if (t != NULL)
2601 {
2602 found = TRUE;
12f69989
PP
2603 if (no_labels)
2604 printf("%s\n", ((namedlist_block *)(t->data.ptr))->string);
2605 else
2606 printf("%slist %s = %s\n", types[i], name+1,
2607 ((namedlist_block *)(t->data.ptr))->string);
059ec3d9
PH
2608 }
2609 }
2610
2611 if (!found)
2612 printf("no address, domain, host, or local part list called \"%s\" "
2613 "exists\n", name+1);
2614
2615 return;
2616 }
2617
d7bed771
JH
2618 if ( Ustrcmp(name, "configure_file") == 0
2619 || Ustrcmp(name, "config_file") == 0)
059ec3d9
PH
2620 {
2621 printf("%s\n", CS config_main_filename);
2622 return;
2623 }
2624
2625 if (Ustrcmp(name, "all") == 0)
2626 {
2627 for (ol = optionlist_config;
c0b9d3e8 2628 ol < optionlist_config + nelem(optionlist_config); ol++)
059ec3d9
PH
2629 {
2630 if ((ol->type & opt_hidden) == 0)
12f69989 2631 print_ol(ol, US ol->name, NULL,
c0b9d3e8 2632 optionlist_config, nelem(optionlist_config),
12f69989 2633 no_labels);
059ec3d9
PH
2634 }
2635 return;
2636 }
2637
2638 if (Ustrcmp(name, "local_scan") == 0)
2639 {
2640 #ifndef LOCAL_SCAN_HAS_OPTIONS
2641 printf("local_scan() options are not supported\n");
2642 #else
2643 for (ol = local_scan_options;
2644 ol < local_scan_options + local_scan_options_count; ol++)
2645 {
2646 print_ol(ol, US ol->name, NULL, local_scan_options,
12f69989 2647 local_scan_options_count, no_labels);
059ec3d9
PH
2648 }
2649 #endif
2650 return;
2651 }
2652
bf3c2c6b
HSHR
2653 if (Ustrcmp(name, "config") == 0)
2654 {
3257ed4b 2655 print_config(admin_user, no_labels);
bf3c2c6b
HSHR
2656 return;
2657 }
2658
059ec3d9
PH
2659 if (Ustrcmp(name, "routers") == 0)
2660 {
2661 type = US"router";
2662 name = NULL;
2663 }
2664 else if (Ustrcmp(name, "transports") == 0)
2665 {
2666 type = US"transport";
2667 name = NULL;
2668 }
2669
2670 else if (Ustrcmp(name, "authenticators") == 0)
2671 {
2672 type = US"authenticator";
2673 name = NULL;
2674 }
2675
5d9c27ec 2676 else if (Ustrcmp(name, "macros") == 0)
059ec3d9 2677 {
5d9c27ec 2678 type = US"macro";
059ec3d9 2679 name = NULL;
059ec3d9
PH
2680 }
2681
2682 else if (Ustrcmp(name, "router_list") == 0)
2683 {
2684 type = US"router";
2685 name = NULL;
2686 names_only = TRUE;
2687 }
5d9c27ec 2688
059ec3d9
PH
2689 else if (Ustrcmp(name, "transport_list") == 0)
2690 {
2691 type = US"transport";
2692 name = NULL;
2693 names_only = TRUE;
2694 }
5d9c27ec
TK
2695
2696 else if (Ustrcmp(name, "authenticator_list") == 0)
2697 {
2698 type = US"authenticator";
2699 name = NULL;
2700 names_only = TRUE;
2701 }
2702
2703 else if (Ustrcmp(name, "macro_list") == 0)
2704 {
2705 type = US"macro";
2706 name = NULL;
2707 names_only = TRUE;
2708 }
2709
bc3c7bb7
HSHR
2710 else if (Ustrcmp(name, "environment") == 0)
2711 {
2712 if (environ)
2713 {
77560253 2714 uschar ** p;
bc3c7bb7 2715 for (p = USS environ; *p; p++) ;
84bbb4d8 2716 qsort(environ, p - USS environ, sizeof(*p), string_compare_by_pointer);
bc3c7bb7
HSHR
2717
2718 for (p = USS environ; *p; p++)
2719 {
77560253
JH
2720 uschar * q;
2721 if (no_labels && (q = Ustrchr(*p, '='))) *q = '\0';
f2cb6292 2722 puts(CS *p);
bc3c7bb7
HSHR
2723 }
2724 }
2725 return;
2726 }
2727
059ec3d9
PH
2728 else
2729 {
c0b9d3e8
JH
2730 print_ol(find_option(name, optionlist_config, nelem(optionlist_config)),
2731 name, NULL, optionlist_config, nelem(optionlist_config), no_labels);
059ec3d9
PH
2732 return;
2733 }
2734 }
2735
2736/* Handle the options for a router or transport. Skip options that are flagged
2737as hidden. Some of these are options with names starting with '*', used for
2738internal alternative representations of other options (which the printing
2739function will sort out). Others are synonyms kept for backward compatibility.
2740*/
2741
2742if (Ustrcmp(type, "router") == 0)
2743 {
2744 d = (driver_instance *)routers;
2745 ol2 = optionlist_routers;
2746 size = optionlist_routers_size;
2747 }
2748else if (Ustrcmp(type, "transport") == 0)
2749 {
2750 d = (driver_instance *)transports;
2751 ol2 = optionlist_transports;
2752 size = optionlist_transports_size;
2753 }
2754else if (Ustrcmp(type, "authenticator") == 0)
2755 {
2756 d = (driver_instance *)auths;
2757 ol2 = optionlist_auths;
2758 size = optionlist_auths_size;
2759 }
2760
5d9c27ec
TK
2761else if (Ustrcmp(type, "macro") == 0)
2762 {
2763 /* People store passwords in macros and they were previously not available
2764 for printing. So we have an admin_users restriction. */
2765 if (!admin_user)
2766 {
2767 fprintf(stderr, "exim: permission denied\n");
2768 exit(EXIT_FAILURE);
2769 }
2770 for (m = macros; m != NULL; m = m->next)
2771 {
2772 if (name == NULL || Ustrcmp(name, m->name) == 0)
2773 {
2774 if (names_only)
2775 printf("%s\n", CS m->name);
2776 else
2777 printf("%s=%s\n", CS m->name, CS m->replacement);
2778 if (name != NULL)
2779 return;
2780 }
2781 }
2782 if (name != NULL)
2783 printf("%s %s not found\n", type, name);
2784 return;
2785 }
2786
059ec3d9
PH
2787if (names_only)
2788 {
2789 for (; d != NULL; d = d->next) printf("%s\n", CS d->name);
2790 return;
2791 }
2792
2793/* Either search for a given driver, or print all of them */
2794
2795for (; d != NULL; d = d->next)
2796 {
2797 if (name == NULL)
2798 printf("\n%s %s:\n", d->name, type);
2799 else if (Ustrcmp(d->name, name) != 0) continue;
2800
2801 for (ol = ol2; ol < ol2 + size; ol++)
2802 {
2803 if ((ol->type & opt_hidden) == 0)
12f69989 2804 print_ol(ol, US ol->name, d, ol2, size, no_labels);
059ec3d9
PH
2805 }
2806
2807 for (ol = d->info->options;
2808 ol < d->info->options + *(d->info->options_count); ol++)
2809 {
2810 if ((ol->type & opt_hidden) == 0)
12f69989 2811 print_ol(ol, US ol->name, d, d->info->options, *(d->info->options_count), no_labels);
059ec3d9
PH
2812 }
2813 if (name != NULL) return;
2814 }
2815if (name != NULL) printf("%s %s not found\n", type, name);
2816}
2817
2818
2819
2820/*************************************************
2821* Read a named list item *
2822*************************************************/
2823
2824/* This function reads a name and a list (i.e. string). The name is used to
2825save the list in a tree, sorted by its name. Each entry also has a number,
2826which can be used for caching tests, but if the string contains any expansion
2827items other than $key, the number is set negative to inhibit caching. This
2828mechanism is used for domain, host, and address lists that are referenced by
2829the "+name" syntax.
2830
2831Arguments:
2832 anchorp points to the tree anchor
2833 numberp points to the current number for this tree
2834 max the maximum number permitted
2835 s the text of the option line, starting immediately after the name
2836 of the list type
2837 tname the name of the list type, for messages
2838
2839Returns: nothing
2840*/
2841
2842static void
2843read_named_list(tree_node **anchorp, int *numberp, int max, uschar *s,
2844 uschar *tname)
2845{
2846BOOL forcecache = FALSE;
2847uschar *ss;
2848tree_node *t;
2849namedlist_block *nb = store_get(sizeof(namedlist_block));
2850
2851if (Ustrncmp(s, "_cache", 6) == 0)
2852 {
2853 forcecache = TRUE;
2854 s += 6;
2855 }
2856
2857if (!isspace(*s))
2858 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "unrecognized configuration line");
2859
2860if (*numberp >= max)
2861 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "too many named %ss (max is %d)\n",
2862 tname, max);
2863
2864while (isspace(*s)) s++;
2865ss = s;
2866while (isalnum(*s) || *s == '_') s++;
2867t = store_get(sizeof(tree_node) + s-ss);
2868Ustrncpy(t->name, ss, s-ss);
2869t->name[s-ss] = 0;
2870while (isspace(*s)) s++;
2871
2872if (!tree_insertnode(anchorp, t))
2873 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2874 "duplicate name \"%s\" for a named %s", t->name, tname);
2875
2876t->data.ptr = nb;
2877nb->number = *numberp;
2878*numberp += 1;
2879
2880if (*s++ != '=') log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2881 "missing '=' after \"%s\"", t->name);
2882while (isspace(*s)) s++;
2883nb->string = read_string(s, t->name);
2884nb->cache_data = NULL;
2885
2886/* Check the string for any expansions; if any are found, mark this list
2887uncacheable unless the user has explicited forced caching. */
2888
2889if (!forcecache && Ustrchr(nb->string, '$') != NULL) nb->number = -1;
2890}
2891
2892
2893
2894
2895/*************************************************
2896* Unpick data for a rate limit *
2897*************************************************/
2898
2899/* This function is called to unpick smtp_ratelimit_{mail,rcpt} into four
2900separate values.
2901
2902Arguments:
2903 s string, in the form t,b,f,l
2904 where t is the threshold (integer)
2905 b is the initial delay (time)
2906 f is the multiplicative factor (fixed point)
2907 k is the maximum time (time)
2908 threshold where to store threshold
2909 base where to store base in milliseconds
2910 factor where to store factor in milliseconds
2911 limit where to store limit
2912
2913Returns: nothing (panics on error)
2914*/
2915
2916static void
2917unpick_ratelimit(uschar *s, int *threshold, int *base, double *factor,
2918 int *limit)
2919{
2920uschar bstring[16], lstring[16];
2921
2922if (sscanf(CS s, "%d, %15[0123456789smhdw.], %lf, %15s", threshold, bstring,
2923 factor, lstring) == 4)
2924 {
2925 *base = readconf_readtime(bstring, 0, TRUE);
2926 *limit = readconf_readtime(lstring, 0, TRUE);
2927 if (*base >= 0 && *limit >= 0) return;
2928 }
2929log_write(0, LOG_MAIN|LOG_PANIC_DIE, "malformed ratelimit data: %s", s);
2930}
2931
2932
2933
2934
2935/*************************************************
3375e053
PP
2936* Drop privs for checking TLS config *
2937*************************************************/
2938
2939/* We want to validate TLS options during readconf, but do not want to be
2940root when we call into the TLS library, in case of library linkage errors
2941which cause segfaults; before this check, those were always done as the Exim
2942runtime user and it makes sense to continue with that.
2943
2944Assumes: tls_require_ciphers has been set, if it will be
2945 exim_user has been set, if it will be
2946 exim_group has been set, if it will be
2947
2948Returns: bool for "okay"; false will cause caller to immediately exit.
2949*/
2950
2951#ifdef SUPPORT_TLS
2952static BOOL
34e86e20 2953tls_dropprivs_validate_require_cipher(BOOL nowarn)
3375e053
PP
2954{
2955const uschar *errmsg;
2956pid_t pid;
2957int rc, status;
2958void (*oldsignal)(int);
2959
23f3dc67
JH
2960/* If TLS will never be used, no point checking ciphers */
2961
2962if ( !tls_advertise_hosts
2963 || !*tls_advertise_hosts
2964 || Ustrcmp(tls_advertise_hosts, ":") == 0
2965 )
2966 return TRUE;
34e86e20 2967else if (!nowarn && !tls_certificate)
23bb6982
JH
2968 log_write(0, LOG_MAIN,
2969 "Warning: No server certificate defined; will use a selfsigned one.\n"
23f3dc67
JH
2970 " Suggested action: either install a certificate or change tls_advertise_hosts option");
2971
3375e053
PP
2972oldsignal = signal(SIGCHLD, SIG_DFL);
2973
2974fflush(NULL);
2975if ((pid = fork()) < 0)
2976 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "fork failed for TLS check");
2977
2978if (pid == 0)
2979 {
1d7a353e
PP
2980 /* in some modes, will have dropped privilege already */
2981 if (!geteuid())
2982 exim_setugid(exim_uid, exim_gid, FALSE,
2983 US"calling tls_validate_require_cipher");
3375e053
PP
2984
2985 errmsg = tls_validate_require_cipher();
2986 if (errmsg)
2987 {
2988 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
2989 "tls_require_ciphers invalid: %s", errmsg);
2990 }
2991 fflush(NULL);
2992 _exit(0);
2993 }
2994
2995do {
2996 rc = waitpid(pid, &status, 0);
2997} while (rc < 0 && errno == EINTR);
2998
9d26b8c0 2999DEBUG(D_tls)
3375e053
PP
3000 debug_printf("tls_validate_require_cipher child %d ended: status=0x%x\n",
3001 (int)pid, status);
3002
3003signal(SIGCHLD, oldsignal);
3004
3005return status == 0;
3006}
3007#endif /* SUPPORT_TLS */
3008
3009
3010
3011
fbbd45ff
JH
3012/*************************************************/
3013/* Create compile-time feature macros */
c0b9d3e8 3014void
fbbd45ff
JH
3015readconf_features(void)
3016{
3017/* Probably we could work out a static initialiser for wherever
3018macros are stored, but this will do for now. Some names are awkward
3019due to conflicts with other common macros. */
3020
3021#ifdef SUPPORT_CRYPTEQ
4dc2379a 3022 read_macro_assignment(US"_HAVE_CRYPTEQ=y");
fbbd45ff
JH
3023#endif
3024#if HAVE_ICONV
4dc2379a 3025 read_macro_assignment(US"_HAVE_ICONV=y");
fbbd45ff
JH
3026#endif
3027#if HAVE_IPV6
4dc2379a 3028 read_macro_assignment(US"_HAVE_IPV6=y");
fbbd45ff
JH
3029#endif
3030#ifdef HAVE_SETCLASSRESOURCES
4dc2379a 3031 read_macro_assignment(US"_HAVE_SETCLASSRESOURCES=y");
fbbd45ff
JH
3032#endif
3033#ifdef SUPPORT_PAM
4dc2379a 3034 read_macro_assignment(US"_HAVE_PAM=y");
fbbd45ff
JH
3035#endif
3036#ifdef EXIM_PERL
4dc2379a 3037 read_macro_assignment(US"_HAVE_PERL=y");
fbbd45ff
JH
3038#endif
3039#ifdef EXPAND_DLFUNC
4dc2379a 3040 read_macro_assignment(US"_HAVE_DLFUNC=y");
fbbd45ff
JH
3041#endif
3042#ifdef USE_TCP_WRAPPERS
4dc2379a 3043 read_macro_assignment(US"_HAVE_TCPWRAPPERS=y");
fbbd45ff
JH
3044#endif
3045#ifdef SUPPORT_TLS
4dc2379a 3046 read_macro_assignment(US"_HAVE_TLS=y");
fbbd45ff 3047# ifdef USE_GNUTLS
4dc2379a 3048 read_macro_assignment(US"_HAVE_GNUTLS=y");
fbbd45ff 3049# else
4dc2379a 3050 read_macro_assignment(US"_HAVE_OPENSSL=y");
fbbd45ff
JH
3051# endif
3052#endif
3053#ifdef SUPPORT_TRANSLATE_IP_ADDRESS
4dc2379a 3054 read_macro_assignment(US"_HAVE_TRANSLATE_IP_ADDRESS=y");
fbbd45ff
JH
3055#endif
3056#ifdef SUPPORT_MOVE_FROZEN_MESSAGES
4dc2379a 3057 read_macro_assignment(US"_HAVE_MOVE_FROZEN_MESSAGES=y");
fbbd45ff
JH
3058#endif
3059#ifdef WITH_CONTENT_SCAN
4dc2379a 3060 read_macro_assignment(US"_HAVE_CONTENT_SCANNING=y");
fbbd45ff
JH
3061#endif
3062#ifndef DISABLE_DKIM
4dc2379a 3063 read_macro_assignment(US"_HAVE_DKIM=y");
fbbd45ff
JH
3064#endif
3065#ifndef DISABLE_DNSSEC
4dc2379a 3066 read_macro_assignment(US"_HAVE_DNSSEC=y");
fbbd45ff
JH
3067#endif
3068#ifndef DISABLE_EVENT
3acf26c7 3069 read_macro_assignment(US"_HAVE_EVENT=y");
fbbd45ff
JH
3070#endif
3071#ifdef SUPPORT_I18N
4dc2379a 3072 read_macro_assignment(US"_HAVE_I18N=y");
fbbd45ff
JH
3073#endif
3074#ifndef DISABLE_OCSP
4dc2379a 3075 read_macro_assignment(US"_HAVE_OCSP=y");
fbbd45ff
JH
3076#endif
3077#ifndef DISABLE_PRDR
4dc2379a 3078 read_macro_assignment(US"_HAVE_PRDR=y");
fbbd45ff
JH
3079#endif
3080#ifdef SUPPORT_PROXY
4dc2379a 3081 read_macro_assignment(US"_HAVE_PROXY=y");
fbbd45ff
JH
3082#endif
3083#ifdef SUPPORT_SOCKS
4dc2379a 3084 read_macro_assignment(US"_HAVE_SOCKS=y");
fbbd45ff
JH
3085#endif
3086#ifdef EXPERIMENTAL_LMDB
4dc2379a 3087 read_macro_assignment(US"_HAVE_LMDB=y");
fbbd45ff
JH
3088#endif
3089#ifdef EXPERIMENTAL_SPF
4dc2379a 3090 read_macro_assignment(US"_HAVE_SPF=y");
fbbd45ff
JH
3091#endif
3092#ifdef EXPERIMENTAL_SRS
4dc2379a 3093 read_macro_assignment(US"_HAVE_SRS=y");
fbbd45ff
JH
3094#endif
3095#ifdef EXPERIMENTAL_BRIGHTMAIL
4dc2379a 3096 read_macro_assignment(US"_HAVE_BRIGHTMAIL=y");
fbbd45ff
JH
3097#endif
3098#ifdef EXPERIMENTAL_DANE
4dc2379a 3099 read_macro_assignment(US"_HAVE_DANE=y");
fbbd45ff
JH
3100#endif
3101#ifdef EXPERIMENTAL_DCC
4dc2379a 3102 read_macro_assignment(US"_HAVE_DCC=y");
fbbd45ff
JH
3103#endif
3104#ifdef EXPERIMENTAL_DMARC
4dc2379a 3105 read_macro_assignment(US"_HAVE_DMARC=y");
fbbd45ff
JH
3106#endif
3107#ifdef EXPERIMENTAL_DSN_INFO
4dc2379a 3108 read_macro_assignment(US"_HAVE_DSN_INFO=y");
fbbd45ff
JH
3109#endif
3110
3111#ifdef LOOKUP_LSEARCH
4dc2379a 3112 read_macro_assignment(US"_HAVE_LKUP_LSEARCH=y");
fbbd45ff
JH
3113#endif
3114#ifdef LOOKUP_CDB
4dc2379a 3115 read_macro_assignment(US"_HAVE_LKUP_CDB=y");
fbbd45ff
JH
3116#endif
3117#ifdef LOOKUP_DBM
4dc2379a 3118 read_macro_assignment(US"_HAVE_LKUP_DBM=y");
fbbd45ff
JH
3119#endif
3120#ifdef LOOKUP_DNSDB
4dc2379a 3121 read_macro_assignment(US"_HAVE_LKUP_DNSDB=y");
fbbd45ff
JH
3122#endif
3123#ifdef LOOKUP_DSEARCH
4dc2379a 3124 read_macro_assignment(US"_HAVE_LKUP_DSEARCH=y");
fbbd45ff
JH
3125#endif
3126#ifdef LOOKUP_IBASE
4dc2379a 3127 read_macro_assignment(US"_HAVE_LKUP_IBASE=y");
fbbd45ff
JH
3128#endif
3129#ifdef LOOKUP_LDAP
4dc2379a 3130 read_macro_assignment(US"_HAVE_LKUP_LDAP=y");
fbbd45ff
JH
3131#endif
3132#ifdef EXPERIMENTAL_LMDB
4dc2379a 3133 read_macro_assignment(US"_HAVE_LKUP_LMDB=y");
fbbd45ff
JH
3134#endif
3135#ifdef LOOKUP_MYSQL
4dc2379a 3136 read_macro_assignment(US"_HAVE_LKUP_MYSQL=y");
fbbd45ff
JH
3137#endif
3138#ifdef LOOKUP_NIS
4dc2379a 3139 read_macro_assignment(US"_HAVE_LKUP_NIS=y");
fbbd45ff
JH
3140#endif
3141#ifdef LOOKUP_NISPLUS
4dc2379a 3142 read_macro_assignment(US"_HAVE_LKUP_NISPLUS=y");
fbbd45ff
JH
3143#endif
3144#ifdef LOOKUP_ORACLE
4dc2379a 3145 read_macro_assignment(US"_HAVE_LKUP_ORACLE=y");
fbbd45ff
JH
3146#endif
3147#ifdef LOOKUP_PASSWD
4dc2379a 3148 read_macro_assignment(US"_HAVE_LKUP_PASSWD=y");
fbbd45ff
JH
3149#endif
3150#ifdef LOOKUP_PGSQL
4dc2379a 3151 read_macro_assignment(US"_HAVE_LKUP_PGSQL=y");
fbbd45ff
JH
3152#endif
3153#ifdef LOOKUP_REDIS
4dc2379a 3154 read_macro_assignment(US"_HAVE_LKUP_REDIS=y");
fbbd45ff
JH
3155#endif
3156#ifdef LOOKUP_SQLITE
4dc2379a 3157 read_macro_assignment(US"_HAVE_LKUP_SQLITE=y");
fbbd45ff
JH
3158#endif
3159#ifdef LOOKUP_TESTDB
4dc2379a 3160 read_macro_assignment(US"_HAVE_LKUP_TESTDB=y");
fbbd45ff
JH
3161#endif
3162#ifdef LOOKUP_WHOSON
4dc2379a 3163 read_macro_assignment(US"_HAVE_LKUP_WHOSON=y");
fbbd45ff
JH
3164#endif
3165
fbbd45ff 3166#ifdef TRANSPORT_APPENDFILE
fbbd45ff 3167# ifdef SUPPORT_MAILDIR
4dc2379a 3168 read_macro_assignment(US"_HAVE_TPT_APPEND_MAILDR=y");
fbbd45ff
JH
3169# endif
3170# ifdef SUPPORT_MAILSTORE
4dc2379a 3171 read_macro_assignment(US"_HAVE_TPT_APPEND_MAILSTORE=y");
fbbd45ff
JH
3172# endif
3173# ifdef SUPPORT_MBX
4dc2379a 3174 read_macro_assignment(US"_HAVE_TPT_APPEND_MBX=y");
fbbd45ff
JH
3175# endif
3176#endif
fbbd45ff
JH
3177}
3178
3179
c0b9d3e8
JH
3180void
3181readconf_options_from_list(optionlist * opts, unsigned nopt, uschar * group)
3182{
3183int i;
3184const uschar * s;
3185
3186/* Walk the array backwards to get substring-conflict names */
3187for (i = nopt-1; i >= 0; i--) if (*(s = opts[i].name) && *s != '*')
3188 read_macro_assignment(string_sprintf("_OPT_%T_%T=y", group, s));
3189}
3190
3191
3192void
3193readconf_options(void)
3194{
3195readconf_options_from_list(optionlist_config, nelem(optionlist_config), US"MAIN");
3196readconf_options_routers();
3197readconf_options_transports();
3198readconf_options_auths();
3199}
3200
3201
3375e053 3202/*************************************************
059ec3d9
PH
3203* Read main configuration options *
3204*************************************************/
3205
3206/* This function is the first to be called for configuration reading. It
3207opens the configuration file and reads general configuration settings until
3208it reaches the end of the configuration section. The file is then left open so
3209that the remaining configuration data can subsequently be read if needed for
3210this run of Exim.
3211
3212The configuration file must be owned either by root or exim, and be writeable
3213only by root or uid/gid exim. The values for Exim's uid and gid can be changed
3214in the config file, so the test is done on the compiled in values. A slight
3215anomaly, to be carefully documented.
3216
3217The name of the configuration file is taken from a list that is included in the
3218binary of Exim. It can be altered from the command line, but if that is done,
3219root privilege is immediately withdrawn unless the caller is root or exim.
3220The first file on the list that exists is used.
3221
3222For use on multiple systems that share file systems, first look for a
3223configuration file whose name has the current node name on the end. If that is
3224not found, try the generic name. For really contorted configurations, that run
3225multiple Exims with different uid settings, first try adding the effective uid
3226before the node name. These complications are going to waste resources on most
3227systems. Therefore they are available only when requested by compile-time
3228options. */
3229
3230void
34e86e20 3231readconf_main(BOOL nowarn)
059ec3d9
PH
3232{
3233int sep = 0;
3234struct stat statbuf;
3235uschar *s, *filename;
55414b25 3236const uschar *list = config_main_filelist;
059ec3d9
PH
3237
3238/* Loop through the possible file names */
3239
3240while((filename = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))
3241 != NULL)
3242 {
bc3c7bb7 3243
059ec3d9
PH
3244 /* Cut out all the fancy processing unless specifically wanted */
3245
3246 #if defined(CONFIGURE_FILE_USE_NODE) || defined(CONFIGURE_FILE_USE_EUID)
3247 uschar *suffix = filename + Ustrlen(filename);
3248
3249 /* Try for the node-specific file if a node name exists */
3250
3251 #ifdef CONFIGURE_FILE_USE_NODE
3252 struct utsname uts;
3253 if (uname(&uts) >= 0)
3254 {
3255 #ifdef CONFIGURE_FILE_USE_EUID
3256 sprintf(CS suffix, ".%ld.%.256s", (long int)original_euid, uts.nodename);
3257 config_file = Ufopen(filename, "rb");
3258 if (config_file == NULL)
3259 #endif /* CONFIGURE_FILE_USE_EUID */
3260 {
3261 sprintf(CS suffix, ".%.256s", uts.nodename);
3262 config_file = Ufopen(filename, "rb");
3263 }
3264 }
3265 #endif /* CONFIGURE_FILE_USE_NODE */
3266
3267 /* Otherwise, try the generic name, possibly with the euid added */
3268
3269 #ifdef CONFIGURE_FILE_USE_EUID
3270 if (config_file == NULL)
3271 {
3272 sprintf(CS suffix, ".%ld", (long int)original_euid);
3273 config_file = Ufopen(filename, "rb");
3274 }
3275 #endif /* CONFIGURE_FILE_USE_EUID */
3276
3277 /* Finally, try the unadorned name */
3278
3279 if (config_file == NULL)
3280 {
3281 *suffix = 0;
3282 config_file = Ufopen(filename, "rb");
3283 }
3284 #else /* if neither defined */
3285
3286 /* This is the common case when the fancy processing is not included. */
3287
3288 config_file = Ufopen(filename, "rb");
3289 #endif
3290
3291 /* If the file does not exist, continue to try any others. For any other
3292 error, break out (and die). */
3293
3294 if (config_file != NULL || errno != ENOENT) break;
3295 }
3296
3de973a2
HSHR
3297/* Now, once we found and opened our configuration file, we change the directory
3298to a safe place. Later we change to $spool_directory. */
3299
3300if (Uchdir("/") < 0)
3301 {
3302 perror("exim: chdir `/': ");
3303 exit(EXIT_FAILURE);
3304 }
3305
059ec3d9
PH
3306/* On success, save the name for verification; config_filename is used when
3307logging configuration errors (it changes for .included files) whereas
3308config_main_filename is the name shown by -bP. Failure to open a configuration
3309file is a serious disaster. */
3310
3311if (config_file != NULL)
3312 {
98b8312f 3313 uschar *p;
059ec3d9 3314 config_filename = config_main_filename = string_copy(filename);
98b8312f 3315
b6fbf22d 3316 p = Ustrrchr(filename, '/');
94431adb 3317 config_main_directory = p ? string_copyn(filename, p - filename)
b6fbf22d 3318 : string_copy(US".");
059ec3d9
PH
3319 }
3320else
3321 {
3322 if (filename == NULL)
3323 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "non-existent configuration file(s): "
3324 "%s", config_main_filelist);
3325 else
3326 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", string_open_failed(errno,
3327 "configuration file %s", filename));
3328 }
3329
e2f5dc15 3330/* Check the status of the file we have opened, if we have retained root
fea24b2e 3331privileges and the file isn't /dev/null (which *should* be 0666). */
059ec3d9 3332
fea24b2e 3333if (trusted_config && Ustrcmp(filename, US"/dev/null"))
059ec3d9
PH
3334 {
3335 if (fstat(fileno(config_file), &statbuf) != 0)
3336 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to stat configuration file %s",
3337 big_buffer);
3338
c1d94452 3339 if ((statbuf.st_uid != root_uid /* owner not root */
059ec3d9
PH
3340 #ifdef CONFIGURE_OWNER
3341 && statbuf.st_uid != config_uid /* owner not the special one */
3342 #endif
3343 ) || /* or */
c1d94452 3344 (statbuf.st_gid != root_gid /* group not root & */
35edf2ff
PH
3345 #ifdef CONFIGURE_GROUP
3346 && statbuf.st_gid != config_gid /* group not the special one */
8e669ac1 3347 #endif
35edf2ff 3348 && (statbuf.st_mode & 020) != 0) || /* group writeable */
059ec3d9
PH
3349 /* or */
3350 ((statbuf.st_mode & 2) != 0)) /* world writeable */
3351
3352 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Exim configuration file %s has the "
3353 "wrong owner, group, or mode", big_buffer);
3354 }
3355
3356/* Process the main configuration settings. They all begin with a lower case
3357letter. If we see something starting with an upper case letter, it is taken as
3358a macro definition. */
3359
3360while ((s = get_config_line()) != NULL)
3361 {
cf00dad6 3362 if (isupper(s[0])) read_macro_assignment(s);
059ec3d9
PH
3363
3364 else if (Ustrncmp(s, "domainlist", 10) == 0)
3365 read_named_list(&domainlist_anchor, &domainlist_count,
3366 MAX_NAMED_LIST, s+10, US"domain list");
3367
3368 else if (Ustrncmp(s, "hostlist", 8) == 0)
3369 read_named_list(&hostlist_anchor, &hostlist_count,
3370 MAX_NAMED_LIST, s+8, US"host list");
3371
3372 else if (Ustrncmp(s, US"addresslist", 11) == 0)
3373 read_named_list(&addresslist_anchor, &addresslist_count,
3374 MAX_NAMED_LIST, s+11, US"address list");
3375
3376 else if (Ustrncmp(s, US"localpartlist", 13) == 0)
3377 read_named_list(&localpartlist_anchor, &localpartlist_count,
3378 MAX_NAMED_LIST, s+13, US"local part list");
3379
3380 else
3381 (void) readconf_handle_option(s, optionlist_config, optionlist_config_size,
3382 NULL, US"main option \"%s\" unknown");
3383 }
3384
3385
3386/* If local_sender_retain is set, local_from_check must be unset. */
3387
3388if (local_sender_retain && local_from_check)
3389 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "both local_from_check and "
3390 "local_sender_retain are set; this combination is not allowed");
3391
3392/* If the timezone string is empty, set it to NULL, implying no TZ variable
3393wanted. */
3394
3395if (timezone_string != NULL && *timezone_string == 0) timezone_string = NULL;
3396
944a9c55
PH
3397/* The max retry interval must not be greater than 24 hours. */
3398
3399if (retry_interval_max > 24*60*60) retry_interval_max = 24*60*60;
3400
059ec3d9
PH
3401/* remote_max_parallel must be > 0 */
3402
3403if (remote_max_parallel <= 0) remote_max_parallel = 1;
3404
6a3f1455
PH
3405/* Save the configured setting of freeze_tell, so we can re-instate it at the
3406start of a new SMTP message. */
3407
3408freeze_tell_config = freeze_tell;
3409
059ec3d9
PH
3410/* The primary host name may be required for expansion of spool_directory
3411and log_file_path, so make sure it is set asap. It is obtained from uname(),
3412but if that yields an unqualified value, make a FQDN by using gethostbyname to
3413canonize it. Some people like upper case letters in their host names, so we
3414don't force the case. */
3415
3416if (primary_hostname == NULL)
3417 {
55414b25 3418 const uschar *hostname;
059ec3d9
PH
3419 struct utsname uts;
3420 if (uname(&uts) < 0)
3421 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "uname() failed to yield host name");
3422 hostname = US uts.nodename;
3423
3424 if (Ustrchr(hostname, '.') == NULL)
3425 {
3426 int af = AF_INET;
3427 struct hostent *hostdata;
3428
3429 #if HAVE_IPV6
7e66e54d 3430 if (!disable_ipv6 && (dns_ipv4_lookup == NULL ||
55414b25
JH
3431 match_isinlist(hostname, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
3432 MCL_DOMAIN, TRUE, NULL) != OK))
059ec3d9
PH
3433 af = AF_INET6;
3434 #else
3435 af = AF_INET;
3436 #endif
3437
3438 for (;;)
3439 {
3440 #if HAVE_IPV6
3441 #if HAVE_GETIPNODEBYNAME
3442 int error_num;
3443 hostdata = getipnodebyname(CS hostname, af, 0, &error_num);
3444 #else
3445 hostdata = gethostbyname2(CS hostname, af);
3446 #endif
3447 #else
3448 hostdata = gethostbyname(CS hostname);
3449 #endif
3450
3451 if (hostdata != NULL)
3452 {
3453 hostname = US hostdata->h_name;
3454 break;
3455 }
3456
3457 if (af == AF_INET) break;
3458 af = AF_INET;
3459 }
3460 }
3461
3462 primary_hostname = string_copy(hostname);
3463 }
3464
3465/* Set up default value for smtp_active_hostname */
3466
3467smtp_active_hostname = primary_hostname;
3468
3469/* If spool_directory wasn't set in the build-time configuration, it must have
3470got set above. Of course, writing to the log may not work if log_file_path is
3471not set, but it will at least get to syslog or somewhere, with any luck. */
3472
3473if (*spool_directory == 0)
3474 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "spool_directory undefined: cannot "
3475 "proceed");
3476
3477/* Expand the spool directory name; it may, for example, contain the primary
3478host name. Same comment about failure. */
3479
3480s = expand_string(spool_directory);
3481if (s == NULL)
3482 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand spool_directory "
3483 "\"%s\": %s", spool_directory, expand_string_message);
3484spool_directory = s;
3485
3486/* Expand log_file_path, which must contain "%s" in any component that isn't
f1e5fef5
PP
3487the null string or "syslog". It is also allowed to contain one instance of %D
3488or %M. However, it must NOT contain % followed by anything else. */
059ec3d9
PH
3489
3490if (*log_file_path != 0)
3491 {
55414b25 3492 const uschar *ss, *sss;
059ec3d9
PH
3493 int sep = ':'; /* Fixed for log file path */
3494 s = expand_string(log_file_path);
3495 if (s == NULL)
3496 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand log_file_path "
3497 "\"%s\": %s", log_file_path, expand_string_message);
3498
3499 ss = s;
3500 while ((sss = string_nextinlist(&ss,&sep,big_buffer,big_buffer_size)) != NULL)
3501 {
3502 uschar *t;
3503 if (sss[0] == 0 || Ustrcmp(sss, "syslog") == 0) continue;
3504 t = Ustrstr(sss, "%s");
3505 if (t == NULL)
3506 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" does not "
3507 "contain \"%%s\"", sss);
3508 *t = 'X';
3509 t = Ustrchr(sss, '%');
3510 if (t != NULL)
3511 {
f1e5fef5 3512 if ((t[1] != 'D' && t[1] != 'M') || Ustrchr(t+2, '%') != NULL)
059ec3d9
PH
3513 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" contains "
3514 "unexpected \"%%\" character", s);
3515 }
3516 }
3517
3518 log_file_path = s;
3519 }
3520
3521/* Interpret syslog_facility into an integer argument for 'ident' param to
3522openlog(). Default is LOG_MAIL set in globals.c. Allow the user to omit the
3523leading "log_". */
3524
3525if (syslog_facility_str != NULL)
3526 {
3527 int i;
3528 uschar *s = syslog_facility_str;
3529
3530 if ((Ustrlen(syslog_facility_str) >= 4) &&
3531 (strncmpic(syslog_facility_str, US"log_", 4) == 0))
3532 s += 4;
3533
3534 for (i = 0; i < syslog_list_size; i++)
3535 {
3536 if (strcmpic(s, syslog_list[i].name) == 0)
3537 {
3538 syslog_facility = syslog_list[i].value;
3539 break;
3540 }
3541 }
3542
3543 if (i >= syslog_list_size)
3544 {
3545 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3546 "failed to interpret syslog_facility \"%s\"", syslog_facility_str);
3547 }
3548 }
3549
3550/* Expand pid_file_path */
3551
3552if (*pid_file_path != 0)
3553 {
3554 s = expand_string(pid_file_path);
3555 if (s == NULL)
3556 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand pid_file_path "
3557 "\"%s\": %s", pid_file_path, expand_string_message);
3558 pid_file_path = s;
3559 }
3560
921b12ca
TF
3561/* Set default value of process_log_path */
3562
3563if (process_log_path == NULL || *process_log_path =='\0')
3564 process_log_path = string_sprintf("%s/exim-process.info", spool_directory);
3565
059ec3d9
PH
3566/* Compile the regex for matching a UUCP-style "From_" line in an incoming
3567message. */
3568
3569regex_From = regex_must_compile(uucp_from_pattern, FALSE, TRUE);
3570
3571/* Unpick the SMTP rate limiting options, if set */
3572
3573if (smtp_ratelimit_mail != NULL)
3574 {
3575 unpick_ratelimit(smtp_ratelimit_mail, &smtp_rlm_threshold,
3576 &smtp_rlm_base, &smtp_rlm_factor, &smtp_rlm_limit);
3577 }
3578
3579if (smtp_ratelimit_rcpt != NULL)
3580 {
3581 unpick_ratelimit(smtp_ratelimit_rcpt, &smtp_rlr_threshold,
3582 &smtp_rlr_base, &smtp_rlr_factor, &smtp_rlr_limit);
3583 }
3584
3585/* The qualify domains default to the primary host name */
3586
3587if (qualify_domain_sender == NULL)
3588 qualify_domain_sender = primary_hostname;
3589if (qualify_domain_recipient == NULL)
3590 qualify_domain_recipient = qualify_domain_sender;
3591
3592/* Setting system_filter_user in the configuration sets the gid as well if a
3593name is given, but a numerical value does not. */
3594
3595if (system_filter_uid_set && !system_filter_gid_set)
3596 {
3597 struct passwd *pw = getpwuid(system_filter_uid);
3598 if (pw == NULL)
3599 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Failed to look up uid %ld",
3600 (long int)system_filter_uid);
3601 system_filter_gid = pw->pw_gid;
3602 system_filter_gid_set = TRUE;
3603 }
3604
3605/* If the errors_reply_to field is set, check that it is syntactically valid
3606and ensure it contains a domain. */
3607
3608if (errors_reply_to != NULL)
3609 {
3610 uschar *errmess;
3611 int start, end, domain;
3612 uschar *recipient = parse_extract_address(errors_reply_to, &errmess,
3613 &start, &end, &domain, FALSE);
3614
3615 if (recipient == NULL)
3616 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3617 "error in errors_reply_to (%s): %s", errors_reply_to, errmess);
3618
3619 if (domain == 0)
3620 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3621 "errors_reply_to (%s) does not contain a domain", errors_reply_to);
3622 }
3623
3624/* If smtp_accept_queue or smtp_accept_max_per_host is set, then
3625smtp_accept_max must also be set. */
3626
3627if (smtp_accept_max == 0 &&
3628 (smtp_accept_queue > 0 || smtp_accept_max_per_host != NULL))
3629 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3630 "smtp_accept_max must be set if smtp_accept_queue or "
3631 "smtp_accept_max_per_host is set");
3632
3633/* Set up the host number if anything is specified. It is an expanded string
3634so that it can be computed from the host name, for example. We do this last
3635so as to ensure that everything else is set up before the expansion. */
3636
3637if (host_number_string != NULL)
3638 {
ef840681 3639 long int n;
059ec3d9
PH
3640 uschar *end;
3641 uschar *s = expand_string(host_number_string);
ef840681
PP
3642 if (s == NULL)
3643 log_write(0, LOG_MAIN|LOG_PANIC_DIE,
3644 "failed to expand localhost_number \"%s\": %s",
3645 host_number_string, expand_string_message);
3646 n = Ustrtol(s, &end, 0);
059ec3d9
PH
3647 while (isspace(*end)) end++;
3648 if (*end != 0)
3649 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3650 "localhost_number value is not a number: %s", s);
3651 if (n > LOCALHOST_MAX)
3652 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3653 "localhost_number is greater than the maximum allowed value (%d)",
3654 LOCALHOST_MAX);
3655 host_number = n;
3656 }
3657
3658#ifdef SUPPORT_TLS
3659/* If tls_verify_hosts is set, tls_verify_certificates must also be set */
3660
3661if ((tls_verify_hosts != NULL || tls_try_verify_hosts != NULL) &&
3662 tls_verify_certificates == NULL)
3663 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3664 "tls_%sverify_hosts is set, but tls_verify_certificates is not set",
3665 (tls_verify_hosts != NULL)? "" : "try_");
77bb000f 3666
3375e053
PP
3667/* This also checks that the library linkage is working and we can call
3668routines in it, so call even if tls_require_ciphers is unset */
34e86e20 3669if (!tls_dropprivs_validate_require_cipher(nowarn))
3375e053
PP
3670 exit(1);
3671
3672/* Magic number: at time of writing, 1024 has been the long-standing value
3673used by so many clients, and what Exim used to use always, that it makes
3674sense to just min-clamp this max-clamp at that. */
3675if (tls_dh_max_bits < 1024)
3676 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3677 "tls_dh_max_bits is too small, must be at least 1024 for interop");
3678
77bb000f
PP
3679/* If openssl_options is set, validate it */
3680if (openssl_options != NULL)
3681 {
3682# ifdef USE_GNUTLS
3683 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
a053d125 3684 "openssl_options is set but we're using GnuTLS");
77bb000f
PP
3685# else
3686 long dummy;
3687 if (!(tls_openssl_options_parse(openssl_options, &dummy)))
3688 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
a053d125 3689 "openssl_options parse error: %s", openssl_options);
77bb000f
PP
3690# endif
3691 }
32d07012 3692#endif /*SUPPORT_TLS*/
bc3c7bb7 3693
34e86e20 3694if (!nowarn && !keep_environment && environ && *environ)
bc3c7bb7 3695 log_write(0, LOG_MAIN,
8e58ed80
HSHR
3696 "Warning: purging the environment.\n"
3697 " Suggested action: use keep_environment.");
059ec3d9
PH
3698}
3699
3700
3701
3702/*************************************************
3703* Initialize one driver *
3704*************************************************/
3705
3706/* This is called once the driver's generic options, if any, have been read.
3707We can now find the driver, set up defaults for the private options, and
3708unset any "set" bits in the private options table (which might have been
3709set by another incarnation of the same driver).
3710
3711Arguments:
3712 d pointer to driver instance block, with generic
3713 options filled in
3714 drivers_available vector of available drivers
3715 size_of_info size of each block in drivers_available
3716 class class of driver, for error message
3717
3718Returns: pointer to the driver info block
3719*/
3720
3721static driver_info *
3722init_driver(driver_instance *d, driver_info *drivers_available,
3723 int size_of_info, uschar *class)
3724{
3725driver_info *dd;
3726
3727for (dd = drivers_available; dd->driver_name[0] != 0;
3728 dd = (driver_info *)(((uschar *)dd) + size_of_info))
3729 {
3730 if (Ustrcmp(d->driver_name, dd->driver_name) == 0)
3731 {
3732 int i;
3733 int len = dd->options_len;
3734 d->info = dd;
3735 d->options_block = store_get(len);
3736 memcpy(d->options_block, dd->options_block, len);
3737 for (i = 0; i < *(dd->options_count); i++)
3738 dd->options[i].type &= ~opt_set;
3739 return dd;
3740 }
3741 }
3742
3743log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3744 "%s %s: cannot find %s driver \"%s\"", class, d->name, class, d->driver_name);
3745
3746return NULL; /* never obeyed */
3747}
3748
3749
3750
3751
3752/*************************************************
3753* Initialize driver list *
3754*************************************************/
3755
3756/* This function is called for routers, transports, and authentication
3757mechanisms. It reads the data from the current point in the configuration file
3758up to the end of the section, and sets up a chain of instance blocks according
3759to the file's contents. The file will already have been opened by a call to
3760readconf_main, and must be left open for subsequent reading of further data.
3761
3762Any errors cause a panic crash. Note that the blocks with names driver_info and
3763driver_instance must map the first portions of all the _info and _instance
3764blocks for this shared code to work.
3765
3766Arguments:
3767 class "router", "transport", or "authenticator"
3768 anchor &routers, &transports, &auths
3769 drivers_available available drivers
3770 size_of_info size of each info block
3771 instance_default points to default data for an instance
3772 instance_size size of instance block
3773 driver_optionlist generic option list
3774 driver_optionlist_count count of generic option list
3775
3776Returns: nothing