5c0c22f53ea9c39f82ba7f48ab4b7c8520df0e71
[exim.git] / src / src / readconf.c
1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
4
5 /* Copyright (c) University of Cambridge 1995 - 2016 */
6 /* See the file NOTICE for conditions of use and distribution. */
7
8 /* Functions for reading the configuration file, and for displaying
9 overall configuration values. Thanks to Brian Candler for the original
10 implementation of the conditional .ifdef etc. */
11
12 #include "exim.h"
13
14 extern char **environ;
15
16 static void fn_smtp_receive_timeout(const uschar * name, const uschar * str);
17 static void save_config_line(const uschar* line);
18 static void save_config_position(const uschar *file, int line);
19 static void print_config(BOOL admin, BOOL terse);
20 static void readconf_options_auths(void);
21
22
23 #define CSTATE_STACK_SIZE 10
24
25
26 /* Structure for chain (stack) of .included files */
27
28 typedef struct config_file_item {
29 struct config_file_item *next;
30 uschar *filename;
31 FILE *file;
32 int lineno;
33 } config_file_item;
34
35 /* Structure for chain of configuration lines (-bP config) */
36
37 typedef struct config_line_item {
38 struct config_line_item *next;
39 uschar *line;
40 } config_line_item;
41
42 static config_line_item* config_lines;
43
44 /* Structure of table of conditional words and their state transitions */
45
46 typedef struct cond_item {
47 uschar *name;
48 int namelen;
49 int action1;
50 int action2;
51 int pushpop;
52 } cond_item;
53
54 /* Structure of table of syslog facility names and values */
55
56 typedef struct syslog_fac_item {
57 uschar *name;
58 int value;
59 } syslog_fac_item;
60
61 /* constants */
62 static const char * const hidden = "<value not displayable>";
63
64 /* Static variables */
65
66 static config_file_item *config_file_stack = NULL; /* For includes */
67
68 static uschar *syslog_facility_str = NULL;
69 static uschar next_section[24];
70 static uschar time_buffer[24];
71
72 /* State variables for conditional loading (.ifdef / .else / .endif) */
73
74 static int cstate = 0;
75 static int cstate_stack_ptr = -1;
76 static int cstate_stack[CSTATE_STACK_SIZE];
77
78 /* Table of state transitions for handling conditional inclusions. There are
79 four possible state transitions:
80
81 .ifdef true
82 .ifdef false
83 .elifdef true (or .else)
84 .elifdef false
85
86 .endif just causes the previous cstate to be popped off the stack */
87
88 static int next_cstate[3][4] =
89 {
90 /* State 0: reading from file, or reading until next .else or .endif */
91 { 0, 1, 2, 2 },
92 /* State 1: condition failed, skipping until next .else or .endif */
93 { 2, 2, 0, 1 },
94 /* State 2: skipping until .endif */
95 { 2, 2, 2, 2 },
96 };
97
98 /* Table of conditionals and the states to set. For each name, there are four
99 values: the length of the name (to save computing it each time), the state to
100 set if a macro was found in the line, the state to set if a macro was not found
101 in the line, and a stack manipulation setting which is:
102
103 -1 pull state value off the stack
104 0 don't alter the stack
105 +1 push value onto stack, before setting new state
106 */
107
108 static cond_item cond_list[] = {
109 { US"ifdef", 5, 0, 1, 1 },
110 { US"ifndef", 6, 1, 0, 1 },
111 { US"elifdef", 7, 2, 3, 0 },
112 { US"elifndef", 8, 3, 2, 0 },
113 { US"else", 4, 2, 2, 0 },
114 { US"endif", 5, 0, 0, -1 }
115 };
116
117 static int cond_list_size = sizeof(cond_list)/sizeof(cond_item);
118
119 /* Table of syslog facility names and their values */
120
121 static syslog_fac_item syslog_list[] = {
122 { US"mail", LOG_MAIL },
123 { US"user", LOG_USER },
124 { US"news", LOG_NEWS },
125 { US"uucp", LOG_UUCP },
126 { US"local0", LOG_LOCAL0 },
127 { US"local1", LOG_LOCAL1 },
128 { US"local2", LOG_LOCAL2 },
129 { US"local3", LOG_LOCAL3 },
130 { US"local4", LOG_LOCAL4 },
131 { US"local5", LOG_LOCAL5 },
132 { US"local6", LOG_LOCAL6 },
133 { US"local7", LOG_LOCAL7 },
134 { US"daemon", LOG_DAEMON }
135 };
136
137 static int syslog_list_size = sizeof(syslog_list)/sizeof(syslog_fac_item);
138
139
140
141
142 /*************************************************
143 * Main configuration options *
144 *************************************************/
145
146 /* The list of options that can be set in the main configuration file. This
147 must be in alphabetic order because it is searched by binary chop. */
148
149 static optionlist optionlist_config[] = {
150 { "*set_exim_group", opt_bool|opt_hidden, &exim_gid_set },
151 { "*set_exim_user", opt_bool|opt_hidden, &exim_uid_set },
152 { "*set_system_filter_group", opt_bool|opt_hidden, &system_filter_gid_set },
153 { "*set_system_filter_user", opt_bool|opt_hidden, &system_filter_uid_set },
154 { "accept_8bitmime", opt_bool, &accept_8bitmime },
155 { "acl_not_smtp", opt_stringptr, &acl_not_smtp },
156 #ifdef WITH_CONTENT_SCAN
157 { "acl_not_smtp_mime", opt_stringptr, &acl_not_smtp_mime },
158 #endif
159 { "acl_not_smtp_start", opt_stringptr, &acl_not_smtp_start },
160 { "acl_smtp_auth", opt_stringptr, &acl_smtp_auth },
161 { "acl_smtp_connect", opt_stringptr, &acl_smtp_connect },
162 { "acl_smtp_data", opt_stringptr, &acl_smtp_data },
163 #ifndef DISABLE_PRDR
164 { "acl_smtp_data_prdr", opt_stringptr, &acl_smtp_data_prdr },
165 #endif
166 #ifndef DISABLE_DKIM
167 { "acl_smtp_dkim", opt_stringptr, &acl_smtp_dkim },
168 #endif
169 { "acl_smtp_etrn", opt_stringptr, &acl_smtp_etrn },
170 { "acl_smtp_expn", opt_stringptr, &acl_smtp_expn },
171 { "acl_smtp_helo", opt_stringptr, &acl_smtp_helo },
172 { "acl_smtp_mail", opt_stringptr, &acl_smtp_mail },
173 { "acl_smtp_mailauth", opt_stringptr, &acl_smtp_mailauth },
174 #ifdef WITH_CONTENT_SCAN
175 { "acl_smtp_mime", opt_stringptr, &acl_smtp_mime },
176 #endif
177 { "acl_smtp_notquit", opt_stringptr, &acl_smtp_notquit },
178 { "acl_smtp_predata", opt_stringptr, &acl_smtp_predata },
179 { "acl_smtp_quit", opt_stringptr, &acl_smtp_quit },
180 { "acl_smtp_rcpt", opt_stringptr, &acl_smtp_rcpt },
181 #ifdef SUPPORT_TLS
182 { "acl_smtp_starttls", opt_stringptr, &acl_smtp_starttls },
183 #endif
184 { "acl_smtp_vrfy", opt_stringptr, &acl_smtp_vrfy },
185 { "add_environment", opt_stringptr, &add_environment },
186 { "admin_groups", opt_gidlist, &admin_groups },
187 { "allow_domain_literals", opt_bool, &allow_domain_literals },
188 { "allow_mx_to_ip", opt_bool, &allow_mx_to_ip },
189 { "allow_utf8_domains", opt_bool, &allow_utf8_domains },
190 { "auth_advertise_hosts", opt_stringptr, &auth_advertise_hosts },
191 { "auto_thaw", opt_time, &auto_thaw },
192 #ifdef WITH_CONTENT_SCAN
193 { "av_scanner", opt_stringptr, &av_scanner },
194 #endif
195 { "bi_command", opt_stringptr, &bi_command },
196 #ifdef EXPERIMENTAL_BRIGHTMAIL
197 { "bmi_config_file", opt_stringptr, &bmi_config_file },
198 #endif
199 { "bounce_message_file", opt_stringptr, &bounce_message_file },
200 { "bounce_message_text", opt_stringptr, &bounce_message_text },
201 { "bounce_return_body", opt_bool, &bounce_return_body },
202 { "bounce_return_linesize_limit", opt_mkint, &bounce_return_linesize_limit },
203 { "bounce_return_message", opt_bool, &bounce_return_message },
204 { "bounce_return_size_limit", opt_mkint, &bounce_return_size_limit },
205 { "bounce_sender_authentication",opt_stringptr,&bounce_sender_authentication },
206 { "callout_domain_negative_expire", opt_time, &callout_cache_domain_negative_expire },
207 { "callout_domain_positive_expire", opt_time, &callout_cache_domain_positive_expire },
208 { "callout_negative_expire", opt_time, &callout_cache_negative_expire },
209 { "callout_positive_expire", opt_time, &callout_cache_positive_expire },
210 { "callout_random_local_part",opt_stringptr, &callout_random_local_part },
211 { "check_log_inodes", opt_int, &check_log_inodes },
212 { "check_log_space", opt_Kint, &check_log_space },
213 { "check_rfc2047_length", opt_bool, &check_rfc2047_length },
214 { "check_spool_inodes", opt_int, &check_spool_inodes },
215 { "check_spool_space", opt_Kint, &check_spool_space },
216 { "chunking_advertise_hosts", opt_stringptr, &chunking_advertise_hosts },
217 { "daemon_smtp_port", opt_stringptr|opt_hidden, &daemon_smtp_port },
218 { "daemon_smtp_ports", opt_stringptr, &daemon_smtp_port },
219 { "daemon_startup_retries", opt_int, &daemon_startup_retries },
220 { "daemon_startup_sleep", opt_time, &daemon_startup_sleep },
221 #ifdef EXPERIMENTAL_DCC
222 { "dcc_direct_add_header", opt_bool, &dcc_direct_add_header },
223 { "dccifd_address", opt_stringptr, &dccifd_address },
224 { "dccifd_options", opt_stringptr, &dccifd_options },
225 #endif
226 { "delay_warning", opt_timelist, &delay_warning },
227 { "delay_warning_condition", opt_stringptr, &delay_warning_condition },
228 { "deliver_drop_privilege", opt_bool, &deliver_drop_privilege },
229 { "deliver_queue_load_max", opt_fixed, &deliver_queue_load_max },
230 { "delivery_date_remove", opt_bool, &delivery_date_remove },
231 #ifdef ENABLE_DISABLE_FSYNC
232 { "disable_fsync", opt_bool, &disable_fsync },
233 #endif
234 { "disable_ipv6", opt_bool, &disable_ipv6 },
235 #ifndef DISABLE_DKIM
236 { "dkim_verify_signers", opt_stringptr, &dkim_verify_signers },
237 #endif
238 #ifdef EXPERIMENTAL_DMARC
239 { "dmarc_forensic_sender", opt_stringptr, &dmarc_forensic_sender },
240 { "dmarc_history_file", opt_stringptr, &dmarc_history_file },
241 { "dmarc_tld_file", opt_stringptr, &dmarc_tld_file },
242 #endif
243 { "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist },
244 { "dns_check_names_pattern", opt_stringptr, &check_dns_names_pattern },
245 { "dns_csa_search_limit", opt_int, &dns_csa_search_limit },
246 { "dns_csa_use_reverse", opt_bool, &dns_csa_use_reverse },
247 { "dns_dnssec_ok", opt_int, &dns_dnssec_ok },
248 { "dns_ipv4_lookup", opt_stringptr, &dns_ipv4_lookup },
249 { "dns_retrans", opt_time, &dns_retrans },
250 { "dns_retry", opt_int, &dns_retry },
251 { "dns_trust_aa", opt_stringptr, &dns_trust_aa },
252 { "dns_use_edns0", opt_int, &dns_use_edns0 },
253 /* This option is now a no-op, retained for compability */
254 { "drop_cr", opt_bool, &drop_cr },
255 /*********************************************************/
256 { "dsn_advertise_hosts", opt_stringptr, &dsn_advertise_hosts },
257 { "dsn_from", opt_stringptr, &dsn_from },
258 { "envelope_to_remove", opt_bool, &envelope_to_remove },
259 { "errors_copy", opt_stringptr, &errors_copy },
260 { "errors_reply_to", opt_stringptr, &errors_reply_to },
261 #ifndef DISABLE_EVENT
262 { "event_action", opt_stringptr, &event_action },
263 #endif
264 { "exim_group", opt_gid, &exim_gid },
265 { "exim_path", opt_stringptr, &exim_path },
266 { "exim_user", opt_uid, &exim_uid },
267 { "extra_local_interfaces", opt_stringptr, &extra_local_interfaces },
268 { "extract_addresses_remove_arguments", opt_bool, &extract_addresses_remove_arguments },
269 { "finduser_retries", opt_int, &finduser_retries },
270 { "freeze_tell", opt_stringptr, &freeze_tell },
271 { "gecos_name", opt_stringptr, &gecos_name },
272 { "gecos_pattern", opt_stringptr, &gecos_pattern },
273 #ifdef SUPPORT_TLS
274 { "gnutls_allow_auto_pkcs11", opt_bool, &gnutls_allow_auto_pkcs11 },
275 { "gnutls_compat_mode", opt_bool, &gnutls_compat_mode },
276 #endif
277 { "header_line_maxsize", opt_int, &header_line_maxsize },
278 { "header_maxsize", opt_int, &header_maxsize },
279 { "headers_charset", opt_stringptr, &headers_charset },
280 { "helo_accept_junk_hosts", opt_stringptr, &helo_accept_junk_hosts },
281 { "helo_allow_chars", opt_stringptr, &helo_allow_chars },
282 { "helo_lookup_domains", opt_stringptr, &helo_lookup_domains },
283 { "helo_try_verify_hosts", opt_stringptr, &helo_try_verify_hosts },
284 { "helo_verify_hosts", opt_stringptr, &helo_verify_hosts },
285 { "hold_domains", opt_stringptr, &hold_domains },
286 { "host_lookup", opt_stringptr, &host_lookup },
287 { "host_lookup_order", opt_stringptr, &host_lookup_order },
288 { "host_reject_connection", opt_stringptr, &host_reject_connection },
289 { "hosts_connection_nolog", opt_stringptr, &hosts_connection_nolog },
290 #ifdef SUPPORT_PROXY
291 { "hosts_proxy", opt_stringptr, &hosts_proxy },
292 #endif
293 { "hosts_treat_as_local", opt_stringptr, &hosts_treat_as_local },
294 #ifdef LOOKUP_IBASE
295 { "ibase_servers", opt_stringptr, &ibase_servers },
296 #endif
297 { "ignore_bounce_errors_after", opt_time, &ignore_bounce_errors_after },
298 { "ignore_fromline_hosts", opt_stringptr, &ignore_fromline_hosts },
299 { "ignore_fromline_local", opt_bool, &ignore_fromline_local },
300 { "keep_environment", opt_stringptr, &keep_environment },
301 { "keep_malformed", opt_time, &keep_malformed },
302 #ifdef LOOKUP_LDAP
303 { "ldap_ca_cert_dir", opt_stringptr, &eldap_ca_cert_dir },
304 { "ldap_ca_cert_file", opt_stringptr, &eldap_ca_cert_file },
305 { "ldap_cert_file", opt_stringptr, &eldap_cert_file },
306 { "ldap_cert_key", opt_stringptr, &eldap_cert_key },
307 { "ldap_cipher_suite", opt_stringptr, &eldap_cipher_suite },
308 { "ldap_default_servers", opt_stringptr, &eldap_default_servers },
309 { "ldap_require_cert", opt_stringptr, &eldap_require_cert },
310 { "ldap_start_tls", opt_bool, &eldap_start_tls },
311 { "ldap_version", opt_int, &eldap_version },
312 #endif
313 { "local_from_check", opt_bool, &local_from_check },
314 { "local_from_prefix", opt_stringptr, &local_from_prefix },
315 { "local_from_suffix", opt_stringptr, &local_from_suffix },
316 { "local_interfaces", opt_stringptr, &local_interfaces },
317 { "local_scan_timeout", opt_time, &local_scan_timeout },
318 { "local_sender_retain", opt_bool, &local_sender_retain },
319 { "localhost_number", opt_stringptr, &host_number_string },
320 { "log_file_path", opt_stringptr, &log_file_path },
321 { "log_selector", opt_stringptr, &log_selector_string },
322 { "log_timezone", opt_bool, &log_timezone },
323 { "lookup_open_max", opt_int, &lookup_open_max },
324 { "max_username_length", opt_int, &max_username_length },
325 { "message_body_newlines", opt_bool, &message_body_newlines },
326 { "message_body_visible", opt_mkint, &message_body_visible },
327 { "message_id_header_domain", opt_stringptr, &message_id_domain },
328 { "message_id_header_text", opt_stringptr, &message_id_text },
329 { "message_logs", opt_bool, &message_logs },
330 { "message_size_limit", opt_stringptr, &message_size_limit },
331 #ifdef SUPPORT_MOVE_FROZEN_MESSAGES
332 { "move_frozen_messages", opt_bool, &move_frozen_messages },
333 #endif
334 { "mua_wrapper", opt_bool, &mua_wrapper },
335 #ifdef LOOKUP_MYSQL
336 { "mysql_servers", opt_stringptr, &mysql_servers },
337 #endif
338 { "never_users", opt_uidlist, &never_users },
339 #ifdef SUPPORT_TLS
340 { "openssl_options", opt_stringptr, &openssl_options },
341 #endif
342 #ifdef LOOKUP_ORACLE
343 { "oracle_servers", opt_stringptr, &oracle_servers },
344 #endif
345 { "percent_hack_domains", opt_stringptr, &percent_hack_domains },
346 #ifdef EXIM_PERL
347 { "perl_at_start", opt_bool, &opt_perl_at_start },
348 { "perl_startup", opt_stringptr, &opt_perl_startup },
349 { "perl_taintmode", opt_bool, &opt_perl_taintmode },
350 #endif
351 #ifdef LOOKUP_PGSQL
352 { "pgsql_servers", opt_stringptr, &pgsql_servers },
353 #endif
354 { "pid_file_path", opt_stringptr, &pid_file_path },
355 { "pipelining_advertise_hosts", opt_stringptr, &pipelining_advertise_hosts },
356 #ifndef DISABLE_PRDR
357 { "prdr_enable", opt_bool, &prdr_enable },
358 #endif
359 { "preserve_message_logs", opt_bool, &preserve_message_logs },
360 { "primary_hostname", opt_stringptr, &primary_hostname },
361 { "print_topbitchars", opt_bool, &print_topbitchars },
362 { "process_log_path", opt_stringptr, &process_log_path },
363 { "prod_requires_admin", opt_bool, &prod_requires_admin },
364 { "qualify_domain", opt_stringptr, &qualify_domain_sender },
365 { "qualify_recipient", opt_stringptr, &qualify_domain_recipient },
366 { "queue_domains", opt_stringptr, &queue_domains },
367 { "queue_list_requires_admin",opt_bool, &queue_list_requires_admin },
368 { "queue_only", opt_bool, &queue_only },
369 { "queue_only_file", opt_stringptr, &queue_only_file },
370 { "queue_only_load", opt_fixed, &queue_only_load },
371 { "queue_only_load_latch", opt_bool, &queue_only_load_latch },
372 { "queue_only_override", opt_bool, &queue_only_override },
373 { "queue_run_in_order", opt_bool, &queue_run_in_order },
374 { "queue_run_max", opt_stringptr, &queue_run_max },
375 { "queue_smtp_domains", opt_stringptr, &queue_smtp_domains },
376 { "receive_timeout", opt_time, &receive_timeout },
377 { "received_header_text", opt_stringptr, &received_header_text },
378 { "received_headers_max", opt_int, &received_headers_max },
379 { "recipient_unqualified_hosts", opt_stringptr, &recipient_unqualified_hosts },
380 { "recipients_max", opt_int, &recipients_max },
381 { "recipients_max_reject", opt_bool, &recipients_max_reject },
382 #ifdef LOOKUP_REDIS
383 { "redis_servers", opt_stringptr, &redis_servers },
384 #endif
385 { "remote_max_parallel", opt_int, &remote_max_parallel },
386 { "remote_sort_domains", opt_stringptr, &remote_sort_domains },
387 { "retry_data_expire", opt_time, &retry_data_expire },
388 { "retry_interval_max", opt_time, &retry_interval_max },
389 { "return_path_remove", opt_bool, &return_path_remove },
390 { "return_size_limit", opt_mkint|opt_hidden, &bounce_return_size_limit },
391 { "rfc1413_hosts", opt_stringptr, &rfc1413_hosts },
392 { "rfc1413_query_timeout", opt_time, &rfc1413_query_timeout },
393 { "sender_unqualified_hosts", opt_stringptr, &sender_unqualified_hosts },
394 { "slow_lookup_log", opt_int, &slow_lookup_log },
395 { "smtp_accept_keepalive", opt_bool, &smtp_accept_keepalive },
396 { "smtp_accept_max", opt_int, &smtp_accept_max },
397 { "smtp_accept_max_nonmail", opt_int, &smtp_accept_max_nonmail },
398 { "smtp_accept_max_nonmail_hosts", opt_stringptr, &smtp_accept_max_nonmail_hosts },
399 { "smtp_accept_max_per_connection", opt_int, &smtp_accept_max_per_connection },
400 { "smtp_accept_max_per_host", opt_stringptr, &smtp_accept_max_per_host },
401 { "smtp_accept_queue", opt_int, &smtp_accept_queue },
402 { "smtp_accept_queue_per_connection", opt_int, &smtp_accept_queue_per_connection },
403 { "smtp_accept_reserve", opt_int, &smtp_accept_reserve },
404 { "smtp_active_hostname", opt_stringptr, &raw_active_hostname },
405 { "smtp_banner", opt_stringptr, &smtp_banner },
406 { "smtp_check_spool_space", opt_bool, &smtp_check_spool_space },
407 { "smtp_connect_backlog", opt_int, &smtp_connect_backlog },
408 { "smtp_enforce_sync", opt_bool, &smtp_enforce_sync },
409 { "smtp_etrn_command", opt_stringptr, &smtp_etrn_command },
410 { "smtp_etrn_serialize", opt_bool, &smtp_etrn_serialize },
411 { "smtp_load_reserve", opt_fixed, &smtp_load_reserve },
412 { "smtp_max_synprot_errors", opt_int, &smtp_max_synprot_errors },
413 { "smtp_max_unknown_commands",opt_int, &smtp_max_unknown_commands },
414 { "smtp_ratelimit_hosts", opt_stringptr, &smtp_ratelimit_hosts },
415 { "smtp_ratelimit_mail", opt_stringptr, &smtp_ratelimit_mail },
416 { "smtp_ratelimit_rcpt", opt_stringptr, &smtp_ratelimit_rcpt },
417 { "smtp_receive_timeout", opt_func, &fn_smtp_receive_timeout },
418 { "smtp_reserve_hosts", opt_stringptr, &smtp_reserve_hosts },
419 { "smtp_return_error_details",opt_bool, &smtp_return_error_details },
420 #ifdef SUPPORT_I18N
421 { "smtputf8_advertise_hosts", opt_stringptr, &smtputf8_advertise_hosts },
422 #endif
423 #ifdef WITH_CONTENT_SCAN
424 { "spamd_address", opt_stringptr, &spamd_address },
425 #endif
426 #ifdef EXPERIMENTAL_SPF
427 { "spf_guess", opt_stringptr, &spf_guess },
428 #endif
429 { "split_spool_directory", opt_bool, &split_spool_directory },
430 { "spool_directory", opt_stringptr, &spool_directory },
431 #ifdef LOOKUP_SQLITE
432 { "sqlite_lock_timeout", opt_int, &sqlite_lock_timeout },
433 #endif
434 #ifdef EXPERIMENTAL_SRS
435 { "srs_config", opt_stringptr, &srs_config },
436 { "srs_hashlength", opt_int, &srs_hashlength },
437 { "srs_hashmin", opt_int, &srs_hashmin },
438 { "srs_maxage", opt_int, &srs_maxage },
439 { "srs_secrets", opt_stringptr, &srs_secrets },
440 { "srs_usehash", opt_bool, &srs_usehash },
441 { "srs_usetimestamp", opt_bool, &srs_usetimestamp },
442 #endif
443 { "strict_acl_vars", opt_bool, &strict_acl_vars },
444 { "strip_excess_angle_brackets", opt_bool, &strip_excess_angle_brackets },
445 { "strip_trailing_dot", opt_bool, &strip_trailing_dot },
446 { "syslog_duplication", opt_bool, &syslog_duplication },
447 { "syslog_facility", opt_stringptr, &syslog_facility_str },
448 { "syslog_processname", opt_stringptr, &syslog_processname },
449 { "syslog_timestamp", opt_bool, &syslog_timestamp },
450 { "system_filter", opt_stringptr, &system_filter },
451 { "system_filter_directory_transport", opt_stringptr,&system_filter_directory_transport },
452 { "system_filter_file_transport",opt_stringptr,&system_filter_file_transport },
453 { "system_filter_group", opt_gid, &system_filter_gid },
454 { "system_filter_pipe_transport",opt_stringptr,&system_filter_pipe_transport },
455 { "system_filter_reply_transport",opt_stringptr,&system_filter_reply_transport },
456 { "system_filter_user", opt_uid, &system_filter_uid },
457 { "tcp_nodelay", opt_bool, &tcp_nodelay },
458 #ifdef USE_TCP_WRAPPERS
459 { "tcp_wrappers_daemon_name", opt_stringptr, &tcp_wrappers_daemon_name },
460 #endif
461 { "timeout_frozen_after", opt_time, &timeout_frozen_after },
462 { "timezone", opt_stringptr, &timezone_string },
463 { "tls_advertise_hosts", opt_stringptr, &tls_advertise_hosts },
464 #ifdef SUPPORT_TLS
465 { "tls_certificate", opt_stringptr, &tls_certificate },
466 { "tls_crl", opt_stringptr, &tls_crl },
467 { "tls_dh_max_bits", opt_int, &tls_dh_max_bits },
468 { "tls_dhparam", opt_stringptr, &tls_dhparam },
469 { "tls_eccurve", opt_stringptr, &tls_eccurve },
470 # ifndef DISABLE_OCSP
471 { "tls_ocsp_file", opt_stringptr, &tls_ocsp_file },
472 # endif
473 { "tls_on_connect_ports", opt_stringptr, &tls_in.on_connect_ports },
474 { "tls_privatekey", opt_stringptr, &tls_privatekey },
475 { "tls_remember_esmtp", opt_bool, &tls_remember_esmtp },
476 { "tls_require_ciphers", opt_stringptr, &tls_require_ciphers },
477 { "tls_try_verify_hosts", opt_stringptr, &tls_try_verify_hosts },
478 { "tls_verify_certificates", opt_stringptr, &tls_verify_certificates },
479 { "tls_verify_hosts", opt_stringptr, &tls_verify_hosts },
480 #endif
481 { "trusted_groups", opt_gidlist, &trusted_groups },
482 { "trusted_users", opt_uidlist, &trusted_users },
483 { "unknown_login", opt_stringptr, &unknown_login },
484 { "unknown_username", opt_stringptr, &unknown_username },
485 { "untrusted_set_sender", opt_stringptr, &untrusted_set_sender },
486 { "uucp_from_pattern", opt_stringptr, &uucp_from_pattern },
487 { "uucp_from_sender", opt_stringptr, &uucp_from_sender },
488 { "warn_message_file", opt_stringptr, &warn_message_file },
489 { "write_rejectlog", opt_bool, &write_rejectlog }
490 };
491
492 static int optionlist_config_size = nelem(optionlist_config);
493
494
495
496 /*************************************************
497 * Find the name of an option *
498 *************************************************/
499
500 /* This function is to aid debugging. Various functions take arguments that are
501 pointer variables in the options table or in option tables for various drivers.
502 For debugging output, it is useful to be able to find the name of the option
503 which is currently being processed. This function finds it, if it exists, by
504 searching the table(s).
505
506 Arguments: a value that is presumed to be in the table above
507 Returns: the option name, or an empty string
508 */
509
510 uschar *
511 readconf_find_option(void *p)
512 {
513 int i;
514 router_instance *r;
515 transport_instance *t;
516
517 for (i = 0; i < nelem(optionlist_config); i++)
518 if (p == optionlist_config[i].value) return US optionlist_config[i].name;
519
520 for (r = routers; r; r = r->next)
521 {
522 router_info *ri = r->info;
523 for (i = 0; i < *ri->options_count; i++)
524 {
525 if ((ri->options[i].type & opt_mask) != opt_stringptr) continue;
526 if (p == (char *)(r->options_block) + (long int)(ri->options[i].value))
527 return US ri->options[i].name;
528 }
529 }
530
531 for (t = transports; t; t = t->next)
532 {
533 transport_info *ti = t->info;
534 for (i = 0; i < *ti->options_count; i++)
535 {
536 optionlist * op = &ti->options[i];
537 if ((op->type & opt_mask) != opt_stringptr) continue;
538 if (p == ( op->type & opt_public
539 ? (char *)t
540 : (char *)t->options_block
541 )
542 + (long int)op->value)
543 return US op->name;
544 }
545 }
546
547 return US"";
548 }
549
550
551
552
553 /*************************************************
554 * Deal with an assignment to a macro *
555 *************************************************/
556
557 /* We have a new definition. The macro_item structure includes a final vector
558 called "name" which is one byte long. Thus, adding "namelen" gives us enough
559 room to store the "name" string.
560 If a builtin macro we place at head of list, else tail. This lets us lazy-create
561 builtins. */
562
563 macro_item *
564 macro_create(const uschar * name, const uschar * val,
565 BOOL command_line, BOOL builtin)
566 {
567 unsigned namelen = Ustrlen(name);
568 macro_item * m = store_get(sizeof(macro_item) + namelen);
569
570 if (!macros)
571 {
572 macros = m;
573 mlast = m;
574 m->next = NULL;
575 }
576 else if (builtin)
577 {
578 m->next = macros;
579 macros = m;
580 }
581 else
582 {
583 mlast->next = m;
584 mlast = m;
585 m->next = NULL;
586 }
587 m->command_line = command_line;
588 m->namelen = namelen;
589 m->replacement = string_copy(val);
590 Ustrcpy(m->name, name);
591 return m;
592 }
593
594
595 /* This function is called when a line that starts with an upper case letter is
596 encountered. The argument "line" should contain a complete logical line, and
597 start with the first letter of the macro name. The macro name and the
598 replacement text are extracted and stored. Redefinition of existing,
599 non-command line, macros is permitted using '==' instead of '='.
600
601 Arguments:
602 s points to the start of the logical line
603
604 Returns: nothing
605 */
606
607 static void
608 read_macro_assignment(uschar *s)
609 {
610 uschar name[64];
611 int namelen = 0;
612 BOOL redef = FALSE;
613 macro_item *m;
614
615 while (isalnum(*s) || *s == '_')
616 {
617 if (namelen >= sizeof(name) - 1)
618 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
619 "macro name too long (maximum is " SIZE_T_FMT " characters)", sizeof(name) - 1);
620 name[namelen++] = *s++;
621 }
622 name[namelen] = 0;
623
624 while (isspace(*s)) s++;
625 if (*s++ != '=')
626 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "malformed macro definition");
627
628 if (*s == '=')
629 {
630 redef = TRUE;
631 s++;
632 }
633 while (isspace(*s)) s++;
634
635 /* If an existing macro of the same name was defined on the command line, we
636 just skip this definition. It's an error to attempt to redefine a macro without
637 redef set to TRUE, or to redefine a macro when it hasn't been defined earlier.
638 It is also an error to define a macro whose name begins with the name of a
639 previously defined macro. This is the requirement that make using a tree
640 for macros hard; we must check all macros for the substring. Perhaps a
641 sorted list, and a bsearch, would work?
642 Note: it is documented that the other way round works. */
643
644 for (m = macros; m; m = m->next)
645 {
646 if (Ustrcmp(m->name, name) == 0)
647 {
648 if (!m->command_line && !redef)
649 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "macro \"%s\" is already "
650 "defined (use \"==\" if you want to redefine it", name);
651 break;
652 }
653
654 if (m->namelen < namelen && Ustrstr(name, m->name) != NULL)
655 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
656 "a macro because previously defined macro \"%s\" is a substring",
657 name, m->name);
658
659 /* We cannot have this test, because it is documented that a substring
660 macro is permitted (there is even an example).
661 *
662 * if (m->namelen > namelen && Ustrstr(m->name, name) != NULL)
663 * log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
664 * "a macro because it is a substring of previously defined macro \"%s\"",
665 * name, m->name);
666 */
667 }
668
669 /* Check for an overriding command-line definition. */
670
671 if (m && m->command_line) return;
672
673 /* Redefinition must refer to an existing macro. */
674
675 if (redef)
676 if (m)
677 m->replacement = string_copy(s);
678 else
679 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "can't redefine an undefined macro "
680 "\"%s\"", name);
681
682 /* We have a new definition. */
683 else
684 (void) macro_create(name, s, FALSE, FALSE);
685 }
686
687
688
689
690
691 /*************************************************/
692 /* Create compile-time feature macros */
693 static void
694 readconf_features(void)
695 {
696 /* Probably we could work out a static initialiser for wherever
697 macros are stored, but this will do for now. Some names are awkward
698 due to conflicts with other common macros. */
699
700 #ifdef SUPPORT_CRYPTEQ
701 macro_create(US"_HAVE_CRYPTEQ", US"y", FALSE, TRUE);
702 #endif
703 #if HAVE_ICONV
704 macro_create(US"_HAVE_ICONV", US"y", FALSE, TRUE);
705 #endif
706 #if HAVE_IPV6
707 macro_create(US"_HAVE_IPV6", US"y", FALSE, TRUE);
708 #endif
709 #ifdef HAVE_SETCLASSRESOURCES
710 macro_create(US"_HAVE_SETCLASSRESOURCES", US"y", FALSE, TRUE);
711 #endif
712 #ifdef SUPPORT_PAM
713 macro_create(US"_HAVE_PAM", US"y", FALSE, TRUE);
714 #endif
715 #ifdef EXIM_PERL
716 macro_create(US"_HAVE_PERL", US"y", FALSE, TRUE);
717 #endif
718 #ifdef EXPAND_DLFUNC
719 macro_create(US"_HAVE_DLFUNC", US"y", FALSE, TRUE);
720 #endif
721 #ifdef USE_TCP_WRAPPERS
722 macro_create(US"_HAVE_TCPWRAPPERS", US"y", FALSE, TRUE);
723 #endif
724 #ifdef SUPPORT_TLS
725 macro_create(US"_HAVE_TLS", US"y", FALSE, TRUE);
726 # ifdef USE_GNUTLS
727 macro_create(US"_HAVE_GNUTLS", US"y", FALSE, TRUE);
728 # else
729 macro_create(US"_HAVE_OPENSSL", US"y", FALSE, TRUE);
730 # endif
731 #endif
732 #ifdef SUPPORT_TRANSLATE_IP_ADDRESS
733 macro_create(US"_HAVE_TRANSLATE_IP_ADDRESS", US"y", FALSE, TRUE);
734 #endif
735 #ifdef SUPPORT_MOVE_FROZEN_MESSAGES
736 macro_create(US"_HAVE_MOVE_FROZEN_MESSAGES", US"y", FALSE, TRUE);
737 #endif
738 #ifdef WITH_CONTENT_SCAN
739 macro_create(US"_HAVE_CONTENT_SCANNING", US"y", FALSE, TRUE);
740 #endif
741 #ifndef DISABLE_DKIM
742 macro_create(US"_HAVE_DKIM", US"y", FALSE, TRUE);
743 #endif
744 #ifndef DISABLE_DNSSEC
745 macro_create(US"_HAVE_DNSSEC", US"y", FALSE, TRUE);
746 #endif
747 #ifndef DISABLE_EVENT
748 macro_create(US"_HAVE_EVENT", US"y", FALSE, TRUE);
749 #endif
750 #ifdef SUPPORT_I18N
751 macro_create(US"_HAVE_I18N", US"y", FALSE, TRUE);
752 #endif
753 #ifndef DISABLE_OCSP
754 macro_create(US"_HAVE_OCSP", US"y", FALSE, TRUE);
755 #endif
756 #ifndef DISABLE_PRDR
757 macro_create(US"_HAVE_PRDR", US"y", FALSE, TRUE);
758 #endif
759 #ifdef SUPPORT_PROXY
760 macro_create(US"_HAVE_PROXY", US"y", FALSE, TRUE);
761 #endif
762 #ifdef SUPPORT_SOCKS
763 macro_create(US"_HAVE_SOCKS", US"y", FALSE, TRUE);
764 #endif
765 #ifdef EXPERIMENTAL_LMDB
766 macro_create(US"_HAVE_LMDB", US"y", FALSE, TRUE);
767 #endif
768 #ifdef EXPERIMENTAL_SPF
769 macro_create(US"_HAVE_SPF", US"y", FALSE, TRUE);
770 #endif
771 #ifdef EXPERIMENTAL_SRS
772 macro_create(US"_HAVE_SRS", US"y", FALSE, TRUE);
773 #endif
774 #ifdef EXPERIMENTAL_BRIGHTMAIL
775 macro_create(US"_HAVE_BRIGHTMAIL", US"y", FALSE, TRUE);
776 #endif
777 #ifdef EXPERIMENTAL_DANE
778 macro_create(US"_HAVE_DANE", US"y", FALSE, TRUE);
779 #endif
780 #ifdef EXPERIMENTAL_DCC
781 macro_create(US"_HAVE_DCC", US"y", FALSE, TRUE);
782 #endif
783 #ifdef EXPERIMENTAL_DMARC
784 macro_create(US"_HAVE_DMARC", US"y", FALSE, TRUE);
785 #endif
786 #ifdef EXPERIMENTAL_DSN_INFO
787 macro_create(US"_HAVE_DSN_INFO", US"y", FALSE, TRUE);
788 #endif
789
790 #ifdef LOOKUP_LSEARCH
791 macro_create(US"_HAVE_LKUP_LSEARCH", US"y", FALSE, TRUE);
792 #endif
793 #ifdef LOOKUP_CDB
794 macro_create(US"_HAVE_LKUP_CDB", US"y", FALSE, TRUE);
795 #endif
796 #ifdef LOOKUP_DBM
797 macro_create(US"_HAVE_LKUP_DBM", US"y", FALSE, TRUE);
798 #endif
799 #ifdef LOOKUP_DNSDB
800 macro_create(US"_HAVE_LKUP_DNSDB", US"y", FALSE, TRUE);
801 #endif
802 #ifdef LOOKUP_DSEARCH
803 macro_create(US"_HAVE_LKUP_DSEARCH", US"y", FALSE, TRUE);
804 #endif
805 #ifdef LOOKUP_IBASE
806 macro_create(US"_HAVE_LKUP_IBASE", US"y", FALSE, TRUE);
807 #endif
808 #ifdef LOOKUP_LDAP
809 macro_create(US"_HAVE_LKUP_LDAP", US"y", FALSE, TRUE);
810 #endif
811 #ifdef EXPERIMENTAL_LMDB
812 macro_create(US"_HAVE_LKUP_LMDB", US"y", FALSE, TRUE);
813 #endif
814 #ifdef LOOKUP_MYSQL
815 macro_create(US"_HAVE_LKUP_MYSQL", US"y", FALSE, TRUE);
816 #endif
817 #ifdef LOOKUP_NIS
818 macro_create(US"_HAVE_LKUP_NIS", US"y", FALSE, TRUE);
819 #endif
820 #ifdef LOOKUP_NISPLUS
821 macro_create(US"_HAVE_LKUP_NISPLUS", US"y", FALSE, TRUE);
822 #endif
823 #ifdef LOOKUP_ORACLE
824 macro_create(US"_HAVE_LKUP_ORACLE", US"y", FALSE, TRUE);
825 #endif
826 #ifdef LOOKUP_PASSWD
827 macro_create(US"_HAVE_LKUP_PASSWD", US"y", FALSE, TRUE);
828 #endif
829 #ifdef LOOKUP_PGSQL
830 macro_create(US"_HAVE_LKUP_PGSQL", US"y", FALSE, TRUE);
831 #endif
832 #ifdef LOOKUP_REDIS
833 macro_create(US"_HAVE_LKUP_REDIS", US"y", FALSE, TRUE);
834 #endif
835 #ifdef LOOKUP_SQLITE
836 macro_create(US"_HAVE_LKUP_SQLITE", US"y", FALSE, TRUE);
837 #endif
838 #ifdef LOOKUP_TESTDB
839 macro_create(US"_HAVE_LKUP_TESTDB", US"y", FALSE, TRUE);
840 #endif
841 #ifdef LOOKUP_WHOSON
842 macro_create(US"_HAVE_LKUP_WHOSON", US"y", FALSE, TRUE);
843 #endif
844
845 #ifdef TRANSPORT_APPENDFILE
846 # ifdef SUPPORT_MAILDIR
847 macro_create(US"_HAVE_TPT_APPEND_MAILDR", US"y", FALSE, TRUE);
848 # endif
849 # ifdef SUPPORT_MAILSTORE
850 macro_create(US"_HAVE_TPT_APPEND_MAILSTORE", US"y", FALSE, TRUE);
851 # endif
852 # ifdef SUPPORT_MBX
853 macro_create(US"_HAVE_TPT_APPEND_MBX", US"y", FALSE, TRUE);
854 # endif
855 #endif
856 }
857
858
859 void
860 readconf_options_from_list(optionlist * opts, unsigned nopt, uschar * group)
861 {
862 int i;
863 const uschar * s;
864
865 /* Walk the array backwards to get substring-conflict names */
866 for (i = nopt-1; i >= 0; i--) if (*(s = opts[i].name) && *s != '*')
867 macro_create(string_sprintf("_OPT_%T_%T", group, s), US"y", FALSE, TRUE);
868 }
869
870
871 static void
872 readconf_options(void)
873 {
874 readconf_options_from_list(optionlist_config, nelem(optionlist_config), US"MAIN");
875 readconf_options_routers();
876 readconf_options_transports();
877 readconf_options_auths();
878 }
879
880 static void
881 macros_create_builtin(void)
882 {
883 readconf_features();
884 readconf_options();
885 macros_builtin_created = TRUE;
886 }
887
888
889 /*************************************************
890 * Read configuration line *
891 *************************************************/
892
893 /* A logical line of text is read from the configuration file into the big
894 buffer, taking account of macros, .includes, and continuations. The size of
895 big_buffer is increased if necessary. The count of configuration lines is
896 maintained. Physical input lines starting with # (ignoring leading white space,
897 and after macro replacement) and empty logical lines are always ignored.
898 Leading and trailing spaces are removed.
899
900 If we hit a line of the form "begin xxxx", the xxxx is placed in the
901 next_section vector, and the function returns NULL, indicating the end of a
902 configuration section. On end-of-file, NULL is returned with next_section
903 empty.
904
905 Arguments: none
906
907 Returns: a pointer to the first non-blank in the line,
908 or NULL if eof or end of section is reached
909 */
910
911 static uschar *
912 get_config_line(void)
913 {
914 int startoffset = 0; /* To first non-blank char in logical line */
915 int len = 0; /* Of logical line so far */
916 int newlen;
917 uschar *s, *ss;
918 macro_item *m;
919 BOOL macro_found;
920
921 /* Loop for handling continuation lines, skipping comments, and dealing with
922 .include files. */
923
924 for (;;)
925 {
926 if (Ufgets(big_buffer+len, big_buffer_size-len, config_file) == NULL)
927 {
928 if (config_file_stack != NULL) /* EOF inside .include */
929 {
930 (void)fclose(config_file);
931 config_file = config_file_stack->file;
932 config_filename = config_file_stack->filename;
933 config_lineno = config_file_stack->lineno;
934 config_file_stack = config_file_stack->next;
935 if (config_lines)
936 save_config_position(config_filename, config_lineno);
937 continue;
938 }
939
940 /* EOF at top level */
941
942 if (cstate_stack_ptr >= 0)
943 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
944 "Unexpected end of configuration file: .endif missing");
945
946 if (len != 0) break; /* EOF after continuation */
947 next_section[0] = 0; /* EOF at start of logical line */
948 return NULL;
949 }
950
951 config_lineno++;
952 newlen = len + Ustrlen(big_buffer + len);
953
954 if (config_lines && config_lineno == 1)
955 save_config_position(config_filename, config_lineno);
956
957 /* Handle pathologically long physical lines - yes, it did happen - by
958 extending big_buffer at this point. The code also copes with very long
959 logical lines. */
960
961 while (newlen == big_buffer_size - 1 && big_buffer[newlen - 1] != '\n')
962 {
963 uschar *newbuffer;
964 big_buffer_size += BIG_BUFFER_SIZE;
965 newbuffer = store_malloc(big_buffer_size);
966
967 /* This use of strcpy is OK because we know that the string in the old
968 buffer is shorter than the new buffer. */
969
970 Ustrcpy(newbuffer, big_buffer);
971 store_free(big_buffer);
972 big_buffer = newbuffer;
973 if (Ufgets(big_buffer+newlen, big_buffer_size-newlen, config_file) == NULL)
974 break;
975 newlen += Ustrlen(big_buffer + newlen);
976 }
977
978 /* Find the true start of the physical line - leading spaces are always
979 ignored. */
980
981 ss = big_buffer + len;
982 while (isspace(*ss)) ss++;
983
984 /* Process the physical line for macros. If this is the start of the logical
985 line, skip over initial text at the start of the line if it starts with an
986 upper case character followed by a sequence of name characters and an equals
987 sign, because that is the definition of a new macro, and we don't do
988 replacement therein. */
989
990 s = ss;
991 if (len == 0 && isupper(*s))
992 {
993 while (isalnum(*s) || *s == '_') s++;
994 while (isspace(*s)) s++;
995 if (*s != '=') s = ss; /* Not a macro definition */
996 }
997
998 /* If the builtin macros are not yet defined, and the line contains an
999 underscrore followed by an one of the three possible chars used by
1000 builtins, create them. */
1001
1002 if (!macros_builtin_created)
1003 {
1004 const uschar * t, * p;
1005 uschar c;
1006 for (t = s; (p = CUstrchr(t, '_')); t = p+1)
1007 if (c = p[1], c == 'O' || c == 'D' || c == 'H')
1008 {
1009 macros_create_builtin();
1010 break;
1011 }
1012 }
1013
1014 /* For each defined macro, scan the line (from after XXX= if present),
1015 replacing all occurrences of the macro. */
1016
1017 macro_found = FALSE;
1018 for (m = macros; m; m = m->next)
1019 {
1020 uschar *p, *pp;
1021 uschar *t = s;
1022
1023 while ((p = Ustrstr(t, m->name)) != NULL)
1024 {
1025 int moveby;
1026 int replen = Ustrlen(m->replacement);
1027
1028 /* Expand the buffer if necessary */
1029
1030 while (newlen - m->namelen + replen + 1 > big_buffer_size)
1031 {
1032 int newsize = big_buffer_size + BIG_BUFFER_SIZE;
1033 uschar *newbuffer = store_malloc(newsize);
1034 memcpy(newbuffer, big_buffer, newlen + 1);
1035 p = newbuffer + (p - big_buffer);
1036 s = newbuffer + (s - big_buffer);
1037 ss = newbuffer + (ss - big_buffer);
1038 t = newbuffer + (t - big_buffer);
1039 big_buffer_size = newsize;
1040 store_free(big_buffer);
1041 big_buffer = newbuffer;
1042 }
1043
1044 /* Shuffle the remaining characters up or down in the buffer before
1045 copying in the replacement text. Don't rescan the replacement for this
1046 same macro. */
1047
1048 pp = p + m->namelen;
1049 if ((moveby = replen - m->namelen) != 0)
1050 {
1051 memmove(p + replen, pp, (big_buffer + newlen) - pp + 1);
1052 newlen += moveby;
1053 }
1054 Ustrncpy(p, m->replacement, replen);
1055 t = p + replen;
1056 macro_found = TRUE;
1057 }
1058 }
1059
1060 /* An empty macro replacement at the start of a line could mean that ss no
1061 longer points to the first non-blank character. */
1062
1063 while (isspace(*ss)) ss++;
1064
1065 /* Check for comment lines - these are physical lines. */
1066
1067 if (*ss == '#') continue;
1068
1069 /* Handle conditionals, which are also applied to physical lines. Conditions
1070 are of the form ".ifdef ANYTEXT" and are treated as true if any macro
1071 expansion occured on the rest of the line. A preliminary test for the leading
1072 '.' saves effort on most lines. */
1073
1074 if (*ss == '.')
1075 {
1076 int i;
1077
1078 /* Search the list of conditional directives */
1079
1080 for (i = 0; i < cond_list_size; i++)
1081 {
1082 int n;
1083 cond_item *c = cond_list+i;
1084 if (Ustrncmp(ss+1, c->name, c->namelen) != 0) continue;
1085
1086 /* The following character must be white space or end of string */
1087
1088 n = ss[1 + c->namelen];
1089 if (n != ' ' && n != 't' && n != '\n' && n != 0) break;
1090
1091 /* .ifdef and .ifndef push the current state onto the stack, then set
1092 a new one from the table. Stack overflow is an error */
1093
1094 if (c->pushpop > 0)
1095 {
1096 if (cstate_stack_ptr >= CSTATE_STACK_SIZE - 1)
1097 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1098 ".%s nested too deeply", c->name);
1099 cstate_stack[++cstate_stack_ptr] = cstate;
1100 cstate = next_cstate[cstate][macro_found? c->action1 : c->action2];
1101 }
1102
1103 /* For any of the others, stack underflow is an error. The next state
1104 comes either from the stack (.endif) or from the table. */
1105
1106 else
1107 {
1108 if (cstate_stack_ptr < 0)
1109 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1110 ".%s without matching .ifdef", c->name);
1111 cstate = (c->pushpop < 0)? cstate_stack[cstate_stack_ptr--] :
1112 next_cstate[cstate][macro_found? c->action1 : c->action2];
1113 }
1114
1115 /* Having dealt with a directive, break the loop */
1116
1117 break;
1118 }
1119
1120 /* If we have handled a conditional directive, continue with the next
1121 physical line. Otherwise, fall through. */
1122
1123 if (i < cond_list_size) continue;
1124 }
1125
1126 /* If the conditional state is not 0 (actively using these lines), ignore
1127 this input line. */
1128
1129 if (cstate != 0) continue; /* Conditional skip */
1130
1131 /* Handle .include lines - these are also physical lines. */
1132
1133 if (Ustrncmp(ss, ".include", 8) == 0 &&
1134 (isspace(ss[8]) ||
1135 (Ustrncmp(ss+8, "_if_exists", 10) == 0 && isspace(ss[18]))))
1136 {
1137 uschar *t;
1138 int include_if_exists = isspace(ss[8])? 0 : 10;
1139 config_file_item *save;
1140 struct stat statbuf;
1141
1142 ss += 9 + include_if_exists;
1143 while (isspace(*ss)) ss++;
1144 t = ss + Ustrlen(ss);
1145 while (t > ss && isspace(t[-1])) t--;
1146 if (*ss == '\"' && t[-1] == '\"')
1147 {
1148 ss++;
1149 t--;
1150 }
1151 *t = 0;
1152
1153 if (*ss != '/')
1154 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, ".include specifies a non-"
1155 "absolute path \"%s\"", ss);
1156
1157 if (include_if_exists != 0 && (Ustat(ss, &statbuf) != 0)) continue;
1158
1159 if (config_lines)
1160 save_config_position(config_filename, config_lineno);
1161 save = store_get(sizeof(config_file_item));
1162 save->next = config_file_stack;
1163 config_file_stack = save;
1164 save->file = config_file;
1165 save->filename = config_filename;
1166 save->lineno = config_lineno;
1167
1168 if (!(config_file = Ufopen(ss, "rb")))
1169 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to open included "
1170 "configuration file %s", ss);
1171
1172 config_filename = string_copy(ss);
1173 config_lineno = 0;
1174 continue;
1175 }
1176
1177 /* If this is the start of the logical line, remember where the non-blank
1178 data starts. Otherwise shuffle down continuation lines to remove leading
1179 white space. */
1180
1181 if (len == 0)
1182 startoffset = ss - big_buffer;
1183 else
1184 {
1185 s = big_buffer + len;
1186 if (ss > s)
1187 {
1188 memmove(s, ss, (newlen - len) - (ss - s) + 1);
1189 newlen -= ss - s;
1190 }
1191 }
1192
1193 /* Accept the new addition to the line. Remove trailing white space. */
1194
1195 len = newlen;
1196 while (len > 0 && isspace(big_buffer[len-1])) len--;
1197 big_buffer[len] = 0;
1198
1199 /* We are done if the line does not end in backslash and contains some data.
1200 Empty logical lines are ignored. For continuations, remove the backslash and
1201 go round the loop to read the continuation line. */
1202
1203 if (len > 0)
1204 {
1205 if (big_buffer[len-1] != '\\') break; /* End of logical line */
1206 big_buffer[--len] = 0; /* Remove backslash */
1207 }
1208 } /* Loop for reading multiple physical lines */
1209
1210 /* We now have a logical line. Test for the end of a configuration section (or,
1211 more accurately, for the start of the next section). Place the name of the next
1212 section in next_section, and return NULL. If the name given is longer than
1213 next_section, truncate it. It will be unrecognized later, because all the known
1214 section names do fit. Leave space for pluralizing. */
1215
1216 s = big_buffer + startoffset; /* First non-space character */
1217
1218 if (config_lines)
1219 save_config_line(s);
1220
1221 if (strncmpic(s, US"begin ", 6) == 0)
1222 {
1223 s += 6;
1224 while (isspace(*s)) s++;
1225 if (big_buffer + len - s > sizeof(next_section) - 2)
1226 s[sizeof(next_section) - 2] = 0;
1227 Ustrcpy(next_section, s);
1228 return NULL;
1229 }
1230
1231 /* Return the first non-blank character. */
1232
1233 return s;
1234 }
1235
1236
1237
1238 /*************************************************
1239 * Read a name *
1240 *************************************************/
1241
1242 /* The yield is the pointer to the next uschar. Names longer than the
1243 output space are silently truncated. This function is also used from acl.c when
1244 parsing ACLs.
1245
1246 Arguments:
1247 name where to put the name
1248 len length of name
1249 s input pointer
1250
1251 Returns: new input pointer
1252 */
1253
1254 uschar *
1255 readconf_readname(uschar *name, int len, uschar *s)
1256 {
1257 int p = 0;
1258 while (isspace(*s)) s++;
1259 if (isalpha(*s))
1260 {
1261 while (isalnum(*s) || *s == '_')
1262 {
1263 if (p < len-1) name[p++] = *s;
1264 s++;
1265 }
1266 }
1267 name[p] = 0;
1268 while (isspace(*s)) s++;
1269 return s;
1270 }
1271
1272
1273
1274
1275 /*************************************************
1276 * Read a time value *
1277 *************************************************/
1278
1279 /* This function is also called from outside, to read argument
1280 time values. The format of a time value is:
1281
1282 [<n>w][<n>d][<n>h][<n>m][<n>s]
1283
1284 as long as at least one is present. If a format error is encountered,
1285 return a negative value. The value must be terminated by the given
1286 terminator.
1287
1288 Arguments:
1289 s input pointer
1290 terminator required terminating character
1291 return_msec if TRUE, allow fractional seconds and return milliseconds
1292
1293 Returns: the time value, or -1 on syntax error
1294 value is seconds if return_msec is FALSE
1295 value is milliseconds if return_msec is TRUE
1296 */
1297
1298 int
1299 readconf_readtime(const uschar *s, int terminator, BOOL return_msec)
1300 {
1301 int yield = 0;
1302 for (;;)
1303 {
1304 int value, count;
1305 double fraction;
1306
1307 if (!isdigit(*s)) return -1;
1308 (void)sscanf(CCS s, "%d%n", &value, &count);
1309 s += count;
1310
1311 switch (*s)
1312 {
1313 case 'w': value *= 7;
1314 case 'd': value *= 24;
1315 case 'h': value *= 60;
1316 case 'm': value *= 60;
1317 case 's': s++;
1318 break;
1319
1320 case '.':
1321 if (!return_msec) return -1;
1322 (void)sscanf(CCS s, "%lf%n", &fraction, &count);
1323 s += count;
1324 if (*s++ != 's') return -1;
1325 yield += (int)(fraction * 1000.0);
1326 break;
1327
1328 default: return -1;
1329 }
1330
1331 if (return_msec) value *= 1000;
1332 yield += value;
1333 if (*s == terminator) return yield;
1334 }
1335 /* Control never reaches here. */
1336 }
1337
1338
1339
1340 /*************************************************
1341 * Read a fixed point value *
1342 *************************************************/
1343
1344 /* The value is returned *1000
1345
1346 Arguments:
1347 s input pointer
1348 terminator required terminator
1349
1350 Returns: the value, or -1 on error
1351 */
1352
1353 static int
1354 readconf_readfixed(const uschar *s, int terminator)
1355 {
1356 int yield = 0;
1357 int value, count;
1358 if (!isdigit(*s)) return -1;
1359 (void)sscanf(CS s, "%d%n", &value, &count);
1360 s += count;
1361 yield = value * 1000;
1362 if (*s == '.')
1363 {
1364 int m = 100;
1365 while (isdigit((*(++s))))
1366 {
1367 yield += (*s - '0') * m;
1368 m /= 10;
1369 }
1370 }
1371
1372 return (*s == terminator)? yield : (-1);
1373 }
1374
1375
1376
1377 /*************************************************
1378 * Find option in list *
1379 *************************************************/
1380
1381 /* The lists are always in order, so binary chop can be used.
1382
1383 Arguments:
1384 name the option name to search for
1385 ol the first entry in the option list
1386 last one more than the offset of the last entry in the option list
1387
1388 Returns: pointer to an option entry, or NULL if not found
1389 */
1390
1391 static optionlist *
1392 find_option(uschar *name, optionlist *ol, int last)
1393 {
1394 int first = 0;
1395 while (last > first)
1396 {
1397 int middle = (first + last)/2;
1398 int c = Ustrcmp(name, ol[middle].name);
1399
1400 if (c == 0) return ol + middle;
1401 else if (c > 0) first = middle + 1;
1402 else last = middle;
1403 }
1404 return NULL;
1405 }
1406
1407
1408
1409 /*************************************************
1410 * Find a set flag in option list *
1411 *************************************************/
1412
1413 /* Because some versions of Unix make no restrictions on the values of uids and
1414 gids (even negative ones), we cannot represent "unset" by a special value.
1415 There is therefore a separate boolean variable for each one indicating whether
1416 a value is set or not. This function returns a pointer to the boolean, given
1417 the original option name. It is a major disaster if the flag cannot be found.
1418
1419 Arguments:
1420 name the name of the uid or gid option
1421 oltop points to the start of the relevant option list
1422 last one more than the offset of the last item in the option list
1423 data_block NULL when reading main options => data values in the option
1424 list are absolute addresses; otherwise they are byte offsets
1425 in data_block (used for driver options)
1426
1427 Returns: a pointer to the boolean flag.
1428 */
1429
1430 static BOOL *
1431 get_set_flag(uschar *name, optionlist *oltop, int last, void *data_block)
1432 {
1433 optionlist *ol;
1434 uschar name2[64];
1435 sprintf(CS name2, "*set_%.50s", name);
1436 ol = find_option(name2, oltop, last);
1437 if (ol == NULL) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
1438 "Exim internal error: missing set flag for %s", name);
1439 return (data_block == NULL)? (BOOL *)(ol->value) :
1440 (BOOL *)((uschar *)data_block + (long int)(ol->value));
1441 }
1442
1443
1444
1445
1446 /*************************************************
1447 * Output extra characters message and die *
1448 *************************************************/
1449
1450 /* Called when an option line has junk on the end. Sometimes this is because
1451 the sysadmin thinks comments are permitted.
1452
1453 Arguments:
1454 s points to the extra characters
1455 t1..t3 strings to insert in the log message
1456
1457 Returns: doesn't return; dies
1458 */
1459
1460 static void
1461 extra_chars_error(const uschar *s, const uschar *t1, const uschar *t2, const uschar *t3)
1462 {
1463 uschar *comment = US"";
1464 if (*s == '#') comment = US" (# is comment only at line start)";
1465 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1466 "extra characters follow %s%s%s%s", t1, t2, t3, comment);
1467 }
1468
1469
1470
1471 /*************************************************
1472 * Read rewrite information *
1473 *************************************************/
1474
1475 /* Each line of rewrite information contains:
1476
1477 . A complete address in the form user@domain, possibly with
1478 leading * for each part; or alternatively, a regex.
1479
1480 . A replacement string (which will be expanded).
1481
1482 . An optional sequence of one-letter flags, indicating which
1483 headers etc. to apply this rule to.
1484
1485 All this is decoded and placed into a control block. The OR of the flags is
1486 maintained in a common word.
1487
1488 Arguments:
1489 p points to the string that makes up the rule
1490 existflags points to the overall flag word
1491 isglobal TRUE if reading global rewrite rules
1492
1493 Returns: the control block for the parsed rule.
1494 */
1495
1496 static rewrite_rule *
1497 readconf_one_rewrite(const uschar *p, int *existflags, BOOL isglobal)
1498 {
1499 rewrite_rule *next = store_get(sizeof(rewrite_rule));
1500
1501 next->next = NULL;
1502 next->key = string_dequote(&p);
1503
1504 while (isspace(*p)) p++;
1505 if (*p == 0)
1506 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1507 "missing rewrite replacement string");
1508
1509 next->flags = 0;
1510 next->replacement = string_dequote(&p);
1511
1512 while (*p != 0) switch (*p++)
1513 {
1514 case ' ': case '\t': break;
1515
1516 case 'q': next->flags |= rewrite_quit; break;
1517 case 'w': next->flags |= rewrite_whole; break;
1518
1519 case 'h': next->flags |= rewrite_all_headers; break;
1520 case 's': next->flags |= rewrite_sender; break;
1521 case 'f': next->flags |= rewrite_from; break;
1522 case 't': next->flags |= rewrite_to; break;
1523 case 'c': next->flags |= rewrite_cc; break;
1524 case 'b': next->flags |= rewrite_bcc; break;
1525 case 'r': next->flags |= rewrite_replyto; break;
1526
1527 case 'E': next->flags |= rewrite_all_envelope; break;
1528 case 'F': next->flags |= rewrite_envfrom; break;
1529 case 'T': next->flags |= rewrite_envto; break;
1530
1531 case 'Q': next->flags |= rewrite_qualify; break;
1532 case 'R': next->flags |= rewrite_repeat; break;
1533
1534 case 'S':
1535 next->flags |= rewrite_smtp;
1536 if (next->key[0] != '^' && Ustrncmp(next->key, "\\N^", 3) != 0)
1537 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1538 "rewrite rule has the S flag but is not a regular expression");
1539 break;
1540
1541 default:
1542 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1543 "unknown rewrite flag character '%c' "
1544 "(could be missing quotes round replacement item)", p[-1]);
1545 break;
1546 }
1547
1548 /* If no action flags are set, set all the "normal" rewrites. */
1549
1550 if ((next->flags & (rewrite_all | rewrite_smtp)) == 0)
1551 next->flags |= isglobal? rewrite_all : rewrite_all_headers;
1552
1553 /* Remember which exist, for optimization, and return the rule */
1554
1555 *existflags |= next->flags;
1556 return next;
1557 }
1558
1559
1560
1561
1562 /*************************************************
1563 * Read global rewrite information *
1564 *************************************************/
1565
1566 /* Each line is a single rewrite rule; it is parsed into a control block
1567 by readconf_one_rewrite(), and its flags are ORed into the global flag
1568 word rewrite_existflags. */
1569
1570 void
1571 readconf_rewrites(void)
1572 {
1573 rewrite_rule **chain = &global_rewrite_rules;
1574 uschar *p;
1575
1576 while ((p = get_config_line()) != NULL)
1577 {
1578 rewrite_rule *next = readconf_one_rewrite(p, &rewrite_existflags, TRUE);
1579 *chain = next;
1580 chain = &(next->next);
1581 }
1582 }
1583
1584
1585
1586 /*************************************************
1587 * Read a string *
1588 *************************************************/
1589
1590 /* Strings are read into the normal store pool. As long we aren't too
1591 near the end of the current block, the string will just use what is necessary
1592 on the top of the stacking pool, because string_cat() uses the extension
1593 mechanism.
1594
1595 Argument:
1596 s the rest of the input line
1597 name the option name (for errors)
1598
1599 Returns: pointer to the string
1600 */
1601
1602 static uschar *
1603 read_string(const uschar *s, const uschar *name)
1604 {
1605 uschar *yield;
1606 const uschar *ss;
1607
1608 if (*s != '\"') return string_copy(s);
1609
1610 ss = s;
1611 yield = string_dequote(&s);
1612
1613 if (s == ss+1 || s[-1] != '\"')
1614 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1615 "missing quote at end of string value for %s", name);
1616
1617 if (*s != 0) extra_chars_error(s, US"string value for ", name, US"");
1618
1619 return yield;
1620 }
1621
1622
1623 /*************************************************
1624 * Custom-handler options *
1625 *************************************************/
1626 static void
1627 fn_smtp_receive_timeout(const uschar * name, const uschar * str)
1628 {
1629 if (*str == '$')
1630 smtp_receive_timeout_s = string_copy(str);
1631 else
1632 {
1633 /* "smtp_receive_timeout", opt_time, &smtp_receive_timeout */
1634 smtp_receive_timeout = readconf_readtime(str, 0, FALSE);
1635 if (smtp_receive_timeout < 0)
1636 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
1637 name);
1638 }
1639 }
1640
1641 /*************************************************
1642 * Handle option line *
1643 *************************************************/
1644
1645 /* This function is called from several places to process a line containing the
1646 setting of an option. The first argument is the line to be decoded; it has been
1647 checked not to be empty and not to start with '#'. Trailing newlines and white
1648 space have been removed. The second argument is a pointer to the list of
1649 variable names that are to be recognized, together with their types and
1650 locations, and the third argument gives the number of entries in the list.
1651
1652 The fourth argument is a pointer to a data block. If it is NULL, then the data
1653 values in the options list are absolute addresses. Otherwise, they are byte
1654 offsets in the data block.
1655
1656 String option data may continue onto several lines; this function reads further
1657 data from config_file if necessary.
1658
1659 The yield of this function is normally zero. If a string continues onto
1660 multiple lines, then the data value is permitted to be followed by a comma
1661 or a semicolon (for use in drivers) and the yield is that character.
1662
1663 Arguments:
1664 buffer contains the configuration line to be handled
1665 oltop points to the start of the relevant option list
1666 last one more than the offset of the last item in the option list
1667 data_block NULL when reading main options => data values in the option
1668 list are absolute addresses; otherwise they are byte offsets
1669 in data_block when they have opt_public set; otherwise
1670 they are byte offsets in data_block->options_block.
1671 unknown_txt format string to use in panic message for unknown option;
1672 must contain %s for option name
1673 if given as NULL, don't panic on unknown option
1674
1675 Returns: TRUE if an option was read successfully,
1676 FALSE false for an unknown option if unknown_txt == NULL,
1677 otherwise panic and die on an unknown option
1678 */
1679
1680 static BOOL
1681 readconf_handle_option(uschar *buffer, optionlist *oltop, int last,
1682 void *data_block, uschar *unknown_txt)
1683 {
1684 int ptr = 0;
1685 int offset = 0;
1686 int n, count, type, value;
1687 int issecure = 0;
1688 uid_t uid;
1689 gid_t gid;
1690 BOOL boolvalue = TRUE;
1691 BOOL freesptr = TRUE;
1692 optionlist *ol, *ol2;
1693 struct passwd *pw;
1694 void *reset_point;
1695 int intbase = 0;
1696 uschar *inttype = US"";
1697 uschar *sptr;
1698 uschar *s = buffer;
1699 uschar **str_target;
1700 uschar name[64];
1701 uschar name2[64];
1702
1703 /* There may be leading spaces; thereafter, we expect an option name starting
1704 with a letter. */
1705
1706 while (isspace(*s)) s++;
1707 if (!isalpha(*s))
1708 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "option setting expected: %s", s);
1709
1710 /* Read the name of the option, and skip any subsequent white space. If
1711 it turns out that what we read was "hide", set the flag indicating that
1712 this is a secure option, and loop to read the next word. */
1713
1714 for (n = 0; n < 2; n++)
1715 {
1716 while (isalnum(*s) || *s == '_')
1717 {
1718 if (ptr < sizeof(name)-1) name[ptr++] = *s;
1719 s++;
1720 }
1721 name[ptr] = 0;
1722 while (isspace(*s)) s++;
1723 if (Ustrcmp(name, "hide") != 0) break;
1724 issecure = opt_secure;
1725 ptr = 0;
1726 }
1727
1728 /* Deal with "no_" or "not_" here for booleans */
1729
1730 if (Ustrncmp(name, "no_", 3) == 0)
1731 {
1732 boolvalue = FALSE;
1733 offset = 3;
1734 }
1735
1736 if (Ustrncmp(name, "not_", 4) == 0)
1737 {
1738 boolvalue = FALSE;
1739 offset = 4;
1740 }
1741
1742 /* Search the list for the given name. A non-existent name, or an option that
1743 is set twice, is a disaster. */
1744
1745 if (!(ol = find_option(name + offset, oltop, last)))
1746 {
1747 if (unknown_txt == NULL) return FALSE;
1748 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, CS unknown_txt, name);
1749 }
1750
1751 if ((ol->type & opt_set) && !(ol->type & (opt_rep_con | opt_rep_str)))
1752 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1753 "\"%s\" option set for the second time", name);
1754
1755 ol->type |= opt_set | issecure;
1756 type = ol->type & opt_mask;
1757
1758 /* Types with data values must be followed by '='; the "no[t]_" prefix
1759 applies only to boolean values. */
1760
1761 if (type < opt_bool || type > opt_bool_last)
1762 {
1763 if (offset != 0)
1764 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1765 "negation prefix applied to a non-boolean option");
1766 if (*s == 0)
1767 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1768 "unexpected end of line (data missing) after %s", name);
1769 if (*s != '=')
1770 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "missing \"=\" after %s", name);
1771 }
1772
1773 /* If a boolean wasn't preceded by "no[t]_" it can be followed by = and
1774 true/false/yes/no, or, in the case of opt_expand_bool, a general string that
1775 ultimately expands to one of those values. */
1776
1777 else if (*s != 0 && (offset != 0 || *s != '='))
1778 extra_chars_error(s, US"boolean option ", name, US"");
1779
1780 /* Skip white space after = */
1781
1782 if (*s == '=') while (isspace((*(++s))));
1783
1784 /* If there is a data block and the opt_public flag is not set, change
1785 the data block pointer to the private options block. */
1786
1787 if (data_block != NULL && (ol->type & opt_public) == 0)
1788 data_block = (void *)(((driver_instance *)data_block)->options_block);
1789
1790 /* Now get the data according to the type. */
1791
1792 switch (type)
1793 {
1794 /* If a string value is not enclosed in quotes, it consists of
1795 the rest of the current line, verbatim. Otherwise, string escapes
1796 are processed.
1797
1798 A transport is specified as a string, which is then looked up in the
1799 list of transports. A search type is specified as one of a number of
1800 known strings.
1801
1802 A set or rewrite rules for a driver is specified as a string, which is
1803 then parsed into a suitable chain of control blocks.
1804
1805 Uids and gids are specified as strings which are then looked up in the
1806 passwd file. Lists of uids and gids are similarly specified as colon-
1807 separated strings. */
1808
1809 case opt_stringptr:
1810 case opt_uid:
1811 case opt_gid:
1812 case opt_expand_uid:
1813 case opt_expand_gid:
1814 case opt_uidlist:
1815 case opt_gidlist:
1816 case opt_rewrite:
1817
1818 reset_point = sptr = read_string(s, name);
1819
1820 /* Having read a string, we now have several different ways of using it,
1821 depending on the data type, so do another switch. If keeping the actual
1822 string is not required (because it is interpreted), freesptr is set TRUE,
1823 and at the end we reset the pool. */
1824
1825 switch (type)
1826 {
1827 /* If this was a string, set the variable to point to the new string,
1828 and set the flag so its store isn't reclaimed. If it was a list of rewrite
1829 rules, we still keep the string (for printing), and parse the rules into a
1830 control block and flags word. */
1831
1832 case opt_stringptr:
1833 str_target = data_block ? USS (US data_block + (long int)(ol->value))
1834 : USS (ol->value);
1835 if (ol->type & opt_rep_con)
1836 {
1837 uschar * saved_condition;
1838 /* We already have a condition, we're conducting a crude hack to let
1839 multiple condition rules be chained together, despite storing them in
1840 text form. */
1841 *str_target = string_copy_malloc( (saved_condition = *str_target)
1842 ? string_sprintf("${if and{{bool_lax{%s}}{bool_lax{%s}}}}",
1843 saved_condition, sptr)
1844 : sptr);
1845 /* TODO(pdp): there is a memory leak here and just below
1846 when we set 3 or more conditions; I still don't
1847 understand the store mechanism enough to know
1848 what's the safe way to free content from an earlier store.
1849 AFAICT, stores stack, so freeing an early stored item also stores
1850 all data alloc'd after it. If we knew conditions were adjacent,
1851 we could survive that, but we don't. So I *think* we need to take
1852 another bit from opt_type to indicate "malloced"; this seems like
1853 quite a hack, especially for this one case. It also means that
1854 we can't ever reclaim the store from the *first* condition.
1855
1856 Because we only do this once, near process start-up, I'm prepared to
1857 let this slide for the time being, even though it rankles. */
1858 }
1859 else if (ol->type & opt_rep_str)
1860 {
1861 uschar sep_o = Ustrncmp(name, "headers_add", 11)==0 ? '\n' : ':';
1862 int sep_i = -(int)sep_o;
1863 const uschar * list = sptr;
1864 uschar * s;
1865 uschar * list_o = *str_target;
1866
1867 while ((s = string_nextinlist(&list, &sep_i, NULL, 0)))
1868 list_o = string_append_listele(list_o, sep_o, s);
1869 if (list_o)
1870 *str_target = string_copy_malloc(list_o);
1871 }
1872 else
1873 {
1874 *str_target = sptr;
1875 freesptr = FALSE;
1876 }
1877 break;
1878
1879 case opt_rewrite:
1880 if (data_block)
1881 *USS (US data_block + (long int)(ol->value)) = sptr;
1882 else
1883 *USS (ol->value) = sptr;
1884 freesptr = FALSE;
1885 if (type == opt_rewrite)
1886 {
1887 int sep = 0;
1888 int *flagptr;
1889 uschar *p = sptr;
1890 rewrite_rule **chain;
1891 optionlist *ol3;
1892
1893 sprintf(CS name2, "*%.50s_rules", name);
1894 ol2 = find_option(name2, oltop, last);
1895 sprintf(CS name2, "*%.50s_flags", name);
1896 ol3 = find_option(name2, oltop, last);
1897
1898 if (ol2 == NULL || ol3 == NULL)
1899 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1900 "rewrite rules not available for driver");
1901
1902 if (data_block == NULL)
1903 {
1904 chain = (rewrite_rule **)(ol2->value);
1905 flagptr = (int *)(ol3->value);
1906 }
1907 else
1908 {
1909 chain = (rewrite_rule **)((uschar *)data_block + (long int)(ol2->value));
1910 flagptr = (int *)((uschar *)data_block + (long int)(ol3->value));
1911 }
1912
1913 while ((p = string_nextinlist(CUSS &sptr, &sep, big_buffer, BIG_BUFFER_SIZE)))
1914 {
1915 rewrite_rule *next = readconf_one_rewrite(p, flagptr, FALSE);
1916 *chain = next;
1917 chain = &(next->next);
1918 }
1919
1920 if ((*flagptr & (rewrite_all_envelope | rewrite_smtp)) != 0)
1921 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "rewrite rule specifies a "
1922 "non-header rewrite - not allowed at transport time -");
1923 }
1924 break;
1925
1926 /* If it was an expanded uid, see if there is any expansion to be
1927 done by checking for the presence of a $ character. If there is, save it
1928 in the corresponding *expand_user option field. Otherwise, fall through
1929 to treat it as a fixed uid. Ensure mutual exclusivity of the two kinds
1930 of data. */
1931
1932 case opt_expand_uid:
1933 sprintf(CS name2, "*expand_%.50s", name);
1934 ol2 = find_option(name2, oltop, last);
1935 if (ol2 != NULL)
1936 {
1937 uschar *ss = (Ustrchr(sptr, '$') != NULL)? sptr : NULL;
1938
1939 if (data_block == NULL)
1940 *((uschar **)(ol2->value)) = ss;
1941 else
1942 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = ss;
1943
1944 if (ss != NULL)
1945 {
1946 *(get_set_flag(name, oltop, last, data_block)) = FALSE;
1947 freesptr = FALSE;
1948 break;
1949 }
1950 }
1951
1952 /* Look up a fixed uid, and also make use of the corresponding gid
1953 if a passwd entry is returned and the gid has not been set. */
1954
1955 case opt_uid:
1956 if (!route_finduser(sptr, &pw, &uid))
1957 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "user %s was not found", sptr);
1958 if (data_block == NULL)
1959 *((uid_t *)(ol->value)) = uid;
1960 else
1961 *((uid_t *)((uschar *)data_block + (long int)(ol->value))) = uid;
1962
1963 /* Set the flag indicating a fixed value is set */
1964
1965 *(get_set_flag(name, oltop, last, data_block)) = TRUE;
1966
1967 /* Handle matching gid if we have a passwd entry: done by finding the
1968 same name with terminating "user" changed to "group"; if not found,
1969 ignore. Also ignore if the value is already set. */
1970
1971 if (pw == NULL) break;
1972 Ustrcpy(name+Ustrlen(name)-4, "group");
1973 ol2 = find_option(name, oltop, last);
1974 if (ol2 != NULL && ((ol2->type & opt_mask) == opt_gid ||
1975 (ol2->type & opt_mask) == opt_expand_gid))
1976 {
1977 BOOL *set_flag = get_set_flag(name, oltop, last, data_block);
1978 if (! *set_flag)
1979 {
1980 if (data_block == NULL)
1981 *((gid_t *)(ol2->value)) = pw->pw_gid;
1982 else
1983 *((gid_t *)((uschar *)data_block + (long int)(ol2->value))) = pw->pw_gid;
1984 *set_flag = TRUE;
1985 }
1986 }
1987 break;
1988
1989 /* If it was an expanded gid, see if there is any expansion to be
1990 done by checking for the presence of a $ character. If there is, save it
1991 in the corresponding *expand_user option field. Otherwise, fall through
1992 to treat it as a fixed gid. Ensure mutual exclusivity of the two kinds
1993 of data. */
1994
1995 case opt_expand_gid:
1996 sprintf(CS name2, "*expand_%.50s", name);
1997 ol2 = find_option(name2, oltop, last);
1998 if (ol2 != NULL)
1999 {
2000 uschar *ss = (Ustrchr(sptr, '$') != NULL)? sptr : NULL;
2001
2002 if (data_block == NULL)
2003 *((uschar **)(ol2->value)) = ss;
2004 else
2005 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = ss;
2006
2007 if (ss != NULL)
2008 {
2009 *(get_set_flag(name, oltop, last, data_block)) = FALSE;
2010 freesptr = FALSE;
2011 break;
2012 }
2013 }
2014
2015 /* Handle freestanding gid */
2016
2017 case opt_gid:
2018 if (!route_findgroup(sptr, &gid))
2019 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "group %s was not found", sptr);
2020 if (data_block == NULL)
2021 *((gid_t *)(ol->value)) = gid;
2022 else
2023 *((gid_t *)((uschar *)data_block + (long int)(ol->value))) = gid;
2024 *(get_set_flag(name, oltop, last, data_block)) = TRUE;
2025 break;
2026
2027 /* If it was a uid list, look up each individual entry, and build
2028 a vector of uids, with a count in the first element. Put the vector
2029 in malloc store so we can free the string. (We are reading into
2030 permanent store already.) */
2031
2032 case opt_uidlist:
2033 {
2034 int count = 1;
2035 uid_t *list;
2036 int ptr = 0;
2037 const uschar *p;
2038 const uschar *op = expand_string (sptr);
2039
2040 if (op == NULL)
2041 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s",
2042 name, expand_string_message);
2043
2044 p = op;
2045 if (*p != 0) count++;
2046 while (*p != 0) if (*p++ == ':' && *p != 0) count++;
2047 list = store_malloc(count*sizeof(uid_t));
2048 list[ptr++] = (uid_t)(count - 1);
2049
2050 if (data_block == NULL)
2051 *((uid_t **)(ol->value)) = list;
2052 else
2053 *((uid_t **)((uschar *)data_block + (long int)(ol->value))) = list;
2054
2055 p = op;
2056 while (count-- > 1)
2057 {
2058 int sep = 0;
2059 (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
2060 if (!route_finduser(big_buffer, NULL, &uid))
2061 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "user %s was not found",
2062 big_buffer);
2063 list[ptr++] = uid;
2064 }
2065 }
2066 break;
2067
2068 /* If it was a gid list, look up each individual entry, and build
2069 a vector of gids, with a count in the first element. Put the vector
2070 in malloc store so we can free the string. (We are reading into permanent
2071 store already.) */
2072
2073 case opt_gidlist:
2074 {
2075 int count = 1;
2076 gid_t *list;
2077 int ptr = 0;
2078 const uschar *p;
2079 const uschar *op = expand_string (sptr);
2080
2081 if (op == NULL)
2082 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s",
2083 name, expand_string_message);
2084
2085 p = op;
2086 if (*p != 0) count++;
2087 while (*p != 0) if (*p++ == ':' && *p != 0) count++;
2088 list = store_malloc(count*sizeof(gid_t));
2089 list[ptr++] = (gid_t)(count - 1);
2090
2091 if (data_block == NULL)
2092 *((gid_t **)(ol->value)) = list;
2093 else
2094 *((gid_t **)((uschar *)data_block + (long int)(ol->value))) = list;
2095
2096 p = op;
2097 while (count-- > 1)
2098 {
2099 int sep = 0;
2100 (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
2101 if (!route_findgroup(big_buffer, &gid))
2102 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "group %s was not found",
2103 big_buffer);
2104 list[ptr++] = gid;
2105 }
2106 }
2107 break;
2108 }
2109
2110 /* Release store if the value of the string doesn't need to be kept. */
2111
2112 if (freesptr) store_reset(reset_point);
2113 break;
2114
2115 /* Expanded boolean: if no characters follow, or if there are no dollar
2116 characters, this is a fixed-valued boolean, and we fall through. Otherwise,
2117 save the string for later expansion in the alternate place. */
2118
2119 case opt_expand_bool:
2120 if (*s != 0 && Ustrchr(s, '$') != 0)
2121 {
2122 sprintf(CS name2, "*expand_%.50s", name);
2123 ol2 = find_option(name2, oltop, last);
2124 if (ol2 != NULL)
2125 {
2126 reset_point = sptr = read_string(s, name);
2127 if (data_block == NULL)
2128 *((uschar **)(ol2->value)) = sptr;
2129 else
2130 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = sptr;
2131 freesptr = FALSE;
2132 break;
2133 }
2134 }
2135 /* Fall through */
2136
2137 /* Boolean: if no characters follow, the value is boolvalue. Otherwise
2138 look for yes/not/true/false. Some booleans are stored in a single bit in
2139 a single int. There's a special fudge for verify settings; without a suffix
2140 they set both xx_sender and xx_recipient. The table points to the sender
2141 value; search subsequently for the recipient. There's another special case:
2142 opt_bool_set also notes when a boolean has been set. */
2143
2144 case opt_bool:
2145 case opt_bit:
2146 case opt_bool_verify:
2147 case opt_bool_set:
2148 if (*s != 0)
2149 {
2150 s = readconf_readname(name2, 64, s);
2151 if (strcmpic(name2, US"true") == 0 || strcmpic(name2, US"yes") == 0)
2152 boolvalue = TRUE;
2153 else if (strcmpic(name2, US"false") == 0 || strcmpic(name2, US"no") == 0)
2154 boolvalue = FALSE;
2155 else log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2156 "\"%s\" is not a valid value for the \"%s\" option", name2, name);
2157 if (*s != 0) extra_chars_error(s, string_sprintf("\"%s\" ", name2),
2158 US"for boolean option ", name);
2159 }
2160
2161 /* Handle single-bit type. */
2162
2163 if (type == opt_bit)
2164 {
2165 int bit = 1 << ((ol->type >> 16) & 31);
2166 int *ptr = (data_block == NULL)?
2167 (int *)(ol->value) :
2168 (int *)((uschar *)data_block + (long int)ol->value);
2169 if (boolvalue) *ptr |= bit; else *ptr &= ~bit;
2170 break;
2171 }
2172
2173 /* Handle full BOOL types */
2174
2175 if (data_block == NULL)
2176 *((BOOL *)(ol->value)) = boolvalue;
2177 else
2178 *((BOOL *)((uschar *)data_block + (long int)(ol->value))) = boolvalue;
2179
2180 /* Verify fudge */
2181
2182 if (type == opt_bool_verify)
2183 {
2184 sprintf(CS name2, "%.50s_recipient", name + offset);
2185 ol2 = find_option(name2, oltop, last);
2186 if (ol2 != NULL)
2187 {
2188 if (data_block == NULL)
2189 *((BOOL *)(ol2->value)) = boolvalue;
2190 else
2191 *((BOOL *)((uschar *)data_block + (long int)(ol2->value))) = boolvalue;
2192 }
2193 }
2194
2195 /* Note that opt_bool_set type is set, if there is somewhere to do so */
2196
2197 else if (type == opt_bool_set)
2198 {
2199 sprintf(CS name2, "*set_%.50s", name + offset);
2200 ol2 = find_option(name2, oltop, last);
2201 if (ol2 != NULL)
2202 {
2203 if (data_block == NULL)
2204 *((BOOL *)(ol2->value)) = TRUE;
2205 else
2206 *((BOOL *)((uschar *)data_block + (long int)(ol2->value))) = TRUE;
2207 }
2208 }
2209 break;
2210
2211 /* Octal integer */
2212
2213 case opt_octint:
2214 intbase = 8;
2215 inttype = US"octal ";
2216
2217 /* Integer: a simple(ish) case; allow octal and hex formats, and
2218 suffixes K, M and G. The different types affect output, not input. */
2219
2220 case opt_mkint:
2221 case opt_int:
2222 {
2223 uschar *endptr;
2224 long int lvalue;
2225
2226 errno = 0;
2227 lvalue = strtol(CS s, CSS &endptr, intbase);
2228
2229 if (endptr == s)
2230 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
2231 inttype, name);
2232
2233 if (errno != ERANGE)
2234 if (tolower(*endptr) == 'k')
2235 {
2236 if (lvalue > INT_MAX/1024 || lvalue < INT_MIN/1024) errno = ERANGE;
2237 else lvalue *= 1024;
2238 endptr++;
2239 }
2240 else if (tolower(*endptr) == 'm')
2241 {
2242 if (lvalue > INT_MAX/(1024*1024) || lvalue < INT_MIN/(1024*1024))
2243 errno = ERANGE;
2244 else lvalue *= 1024*1024;
2245 endptr++;
2246 }
2247 else if (tolower(*endptr) == 'g')
2248 {
2249 if (lvalue > INT_MAX/(1024*1024*1024) || lvalue < INT_MIN/(1024*1024*1024))
2250 errno = ERANGE;
2251 else lvalue *= 1024*1024*1024;
2252 endptr++;
2253 }
2254
2255 if (errno == ERANGE || lvalue > INT_MAX || lvalue < INT_MIN)
2256 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2257 "absolute value of integer \"%s\" is too large (overflow)", s);
2258
2259 while (isspace(*endptr)) endptr++;
2260 if (*endptr != 0)
2261 extra_chars_error(endptr, inttype, US"integer value for ", name);
2262
2263 value = (int)lvalue;
2264 }
2265
2266 if (data_block == NULL)
2267 *((int *)(ol->value)) = value;
2268 else
2269 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2270 break;
2271
2272 /* Integer held in K: again, allow octal and hex formats, and suffixes K, M
2273 and G. */
2274 /*XXX consider moving to int_eximarith_t (but mind the overflow test 0415) */
2275
2276 case opt_Kint:
2277 {
2278 uschar *endptr;
2279 errno = 0;
2280 value = strtol(CS s, CSS &endptr, intbase);
2281
2282 if (endptr == s)
2283 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
2284 inttype, name);
2285
2286 if (errno != ERANGE)
2287 if (tolower(*endptr) == 'g')
2288 {
2289 if (value > INT_MAX/(1024*1024) || value < INT_MIN/(1024*1024))
2290 errno = ERANGE;
2291 else
2292 value *= 1024*1024;
2293 endptr++;
2294 }
2295 else if (tolower(*endptr) == 'm')
2296 {
2297 if (value > INT_MAX/1024 || value < INT_MIN/1024)
2298 errno = ERANGE;
2299 else
2300 value *= 1024;
2301 endptr++;
2302 }
2303 else if (tolower(*endptr) == 'k')
2304 endptr++;
2305 else
2306 value = (value + 512)/1024;
2307
2308 if (errno == ERANGE) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2309 "absolute value of integer \"%s\" is too large (overflow)", s);
2310
2311 while (isspace(*endptr)) endptr++;
2312 if (*endptr != 0)
2313 extra_chars_error(endptr, inttype, US"integer value for ", name);
2314 }
2315
2316 if (data_block == NULL)
2317 *((int *)(ol->value)) = value;
2318 else
2319 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2320 break;
2321
2322 /* Fixed-point number: held to 3 decimal places. */
2323
2324 case opt_fixed:
2325 if (sscanf(CS s, "%d%n", &value, &count) != 1)
2326 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2327 "fixed-point number expected for %s", name);
2328
2329 if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2330 "integer \"%s\" is too large (overflow)", s);
2331
2332 value *= 1000;
2333
2334 if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2335 "integer \"%s\" is too large (overflow)", s);
2336
2337 if (s[count] == '.')
2338 {
2339 int d = 100;
2340 while (isdigit(s[++count]))
2341 {
2342 value += (s[count] - '0') * d;
2343 d /= 10;
2344 }
2345 }
2346
2347 while (isspace(s[count])) count++;
2348
2349 if (s[count] != 0)
2350 extra_chars_error(s+count, US"fixed-point value for ", name, US"");
2351
2352 if (data_block == NULL)
2353 *((int *)(ol->value)) = value;
2354 else
2355 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2356 break;
2357
2358 /* There's a special routine to read time values. */
2359
2360 case opt_time:
2361 value = readconf_readtime(s, 0, FALSE);
2362 if (value < 0)
2363 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
2364 name);
2365 if (data_block == NULL)
2366 *((int *)(ol->value)) = value;
2367 else
2368 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2369 break;
2370
2371 /* A time list is a list of colon-separated times, with the first
2372 element holding the size of the list and the second the number of
2373 entries used. */
2374
2375 case opt_timelist:
2376 {
2377 int count = 0;
2378 int *list = (data_block == NULL)?
2379 (int *)(ol->value) :
2380 (int *)((uschar *)data_block + (long int)(ol->value));
2381
2382 if (*s != 0) for (count = 1; count <= list[0] - 2; count++)
2383 {
2384 int terminator = 0;
2385 uschar *snext = Ustrchr(s, ':');
2386 if (snext != NULL)
2387 {
2388 uschar *ss = snext;
2389 while (ss > s && isspace(ss[-1])) ss--;
2390 terminator = *ss;
2391 }
2392 value = readconf_readtime(s, terminator, FALSE);
2393 if (value < 0)
2394 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
2395 name);
2396 if (count > 1 && value <= list[count])
2397 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2398 "time value out of order for %s", name);
2399 list[count+1] = value;
2400 if (snext == NULL) break;
2401 s = snext + 1;
2402 while (isspace(*s)) s++;
2403 }
2404
2405 if (count > list[0] - 2)
2406 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "too many time values for %s",
2407 name);
2408 if (count > 0 && list[2] == 0) count = 0;
2409 list[1] = count;
2410 break;
2411 }
2412
2413 case opt_func:
2414 {
2415 void (*fn)() = ol->value;
2416 fn(name, s);
2417 break;
2418 }
2419 }
2420
2421 return TRUE;
2422 }
2423
2424
2425
2426 /*************************************************
2427 * Print a time value *
2428 *************************************************/
2429
2430 /*
2431 Argument: a time value in seconds
2432 Returns: pointer to a fixed buffer containing the time as a string,
2433 in readconf_readtime() format
2434 */
2435
2436 uschar *
2437 readconf_printtime(int t)
2438 {
2439 int s, m, h, d, w;
2440 uschar *p = time_buffer;
2441
2442 if (t < 0)
2443 {
2444 *p++ = '-';
2445 t = -t;
2446 }
2447
2448 s = t % 60;
2449 t /= 60;
2450 m = t % 60;
2451 t /= 60;
2452 h = t % 24;
2453 t /= 24;
2454 d = t % 7;
2455 w = t/7;
2456
2457 if (w > 0) { sprintf(CS p, "%dw", w); while (*p) p++; }
2458 if (d > 0) { sprintf(CS p, "%dd", d); while (*p) p++; }
2459 if (h > 0) { sprintf(CS p, "%dh", h); while (*p) p++; }
2460 if (m > 0) { sprintf(CS p, "%dm", m); while (*p) p++; }
2461 if (s > 0 || p == time_buffer) sprintf(CS p, "%ds", s);
2462
2463 return time_buffer;
2464 }
2465
2466
2467
2468 /*************************************************
2469 * Print an individual option value *
2470 *************************************************/
2471
2472 /* This is used by the -bP option, so prints to the standard output.
2473 The entire options list is passed in as an argument, because some options come
2474 in pairs - typically uid/gid settings, which can either be explicit numerical
2475 values, or strings to be expanded later. If the numerical value is unset,
2476 search for "*expand_<name>" to see if there is a string equivalent.
2477
2478 Arguments:
2479 ol option entry, or NULL for an unknown option
2480 name option name
2481 options_block NULL for main configuration options; otherwise points to
2482 a driver block; if the option doesn't have opt_public
2483 set, then options_block->options_block is where the item
2484 resides.
2485 oltop points to the option list in which ol exists
2486 last one more than the offset of the last entry in optop
2487 no_labels do not show "foo = " at the start.
2488
2489 Returns: nothing
2490 */
2491
2492 static void
2493 print_ol(optionlist *ol, uschar *name, void *options_block,
2494 optionlist *oltop, int last, BOOL no_labels)
2495 {
2496 struct passwd *pw;
2497 struct group *gr;
2498 optionlist *ol2;
2499 void *value;
2500 uid_t *uidlist;
2501 gid_t *gidlist;
2502 uschar *s;
2503 uschar name2[64];
2504
2505 if (ol == NULL)
2506 {
2507 printf("%s is not a known option\n", name);
2508 return;
2509 }
2510
2511 /* Non-admin callers cannot see options that have been flagged secure by the
2512 "hide" prefix. */
2513
2514 if (!admin_user && (ol->type & opt_secure) != 0)
2515 {
2516 if (no_labels)
2517 printf("%s\n", hidden);
2518 else
2519 printf("%s = %s\n", name, hidden);
2520 return;
2521 }
2522
2523 /* Else show the value of the option */
2524
2525 value = ol->value;
2526 if (options_block != NULL)
2527 {
2528 if ((ol->type & opt_public) == 0)
2529 options_block = (void *)(((driver_instance *)options_block)->options_block);
2530 value = (void *)((uschar *)options_block + (long int)value);
2531 }
2532
2533 switch(ol->type & opt_mask)
2534 {
2535 case opt_stringptr:
2536 case opt_rewrite: /* Show the text value */
2537 s = *((uschar **)value);
2538 if (!no_labels) printf("%s = ", name);
2539 printf("%s\n", (s == NULL)? US"" : string_printing2(s, FALSE));
2540 break;
2541
2542 case opt_int:
2543 if (!no_labels) printf("%s = ", name);
2544 printf("%d\n", *((int *)value));
2545 break;
2546
2547 case opt_mkint:
2548 {
2549 int x = *((int *)value);
2550 if (x != 0 && (x & 1023) == 0)
2551 {
2552 int c = 'K';
2553 x >>= 10;
2554 if ((x & 1023) == 0)
2555 {
2556 c = 'M';
2557 x >>= 10;
2558 }
2559 if (!no_labels) printf("%s = ", name);
2560 printf("%d%c\n", x, c);
2561 }
2562 else
2563 {
2564 if (!no_labels) printf("%s = ", name);
2565 printf("%d\n", x);
2566 }
2567 }
2568 break;
2569
2570 case opt_Kint:
2571 {
2572 int x = *((int *)value);
2573 if (!no_labels) printf("%s = ", name);
2574 if (x == 0) printf("0\n");
2575 else if ((x & 1023) == 0) printf("%dM\n", x >> 10);
2576 else printf("%dK\n", x);
2577 }
2578 break;
2579
2580 case opt_octint:
2581 if (!no_labels) printf("%s = ", name);
2582 printf("%#o\n", *((int *)value));
2583 break;
2584
2585 /* Can be negative only when "unset", in which case integer */
2586
2587 case opt_fixed:
2588 {
2589 int x = *((int *)value);
2590 int f = x % 1000;
2591 int d = 100;
2592 if (x < 0) printf("%s =\n", name); else
2593 {
2594 if (!no_labels) printf("%s = ", name);
2595 printf("%d.", x/1000);
2596 do
2597 {
2598 printf("%d", f/d);
2599 f %= d;
2600 d /= 10;
2601 }
2602 while (f != 0);
2603 printf("\n");
2604 }
2605 }
2606 break;
2607
2608 /* If the numerical value is unset, try for the string value */
2609
2610 case opt_expand_uid:
2611 if (! *get_set_flag(name, oltop, last, options_block))
2612 {
2613 sprintf(CS name2, "*expand_%.50s", name);
2614 ol2 = find_option(name2, oltop, last);
2615 if (ol2 != NULL)
2616 {
2617 void *value2 = ol2->value;
2618 if (options_block != NULL)
2619 value2 = (void *)((uschar *)options_block + (long int)value2);
2620 s = *((uschar **)value2);
2621 if (!no_labels) printf("%s = ", name);
2622 printf("%s\n", (s == NULL)? US"" : string_printing(s));
2623 break;
2624 }
2625 }
2626
2627 /* Else fall through */
2628
2629 case opt_uid:
2630 if (!no_labels) printf("%s = ", name);
2631 if (! *get_set_flag(name, oltop, last, options_block))
2632 printf("\n");
2633 else
2634 {
2635 pw = getpwuid(*((uid_t *)value));
2636 if (pw == NULL)
2637 printf("%ld\n", (long int)(*((uid_t *)value)));
2638 else printf("%s\n", pw->pw_name);
2639 }
2640 break;
2641
2642 /* If the numerical value is unset, try for the string value */
2643
2644 case opt_expand_gid:
2645 if (! *get_set_flag(name, oltop, last, options_block))
2646 {
2647 sprintf(CS name2, "*expand_%.50s", name);
2648 ol2 = find_option(name2, oltop, last);
2649 if (ol2 != NULL && (ol2->type & opt_mask) == opt_stringptr)
2650 {
2651 void *value2 = ol2->value;
2652 if (options_block != NULL)
2653 value2 = (void *)((uschar *)options_block + (long int)value2);
2654 s = *((uschar **)value2);
2655 if (!no_labels) printf("%s = ", name);
2656 printf("%s\n", (s == NULL)? US"" : string_printing(s));
2657 break;
2658 }
2659 }
2660
2661 /* Else fall through */
2662
2663 case opt_gid:
2664 if (!no_labels) printf("%s = ", name);
2665 if (! *get_set_flag(name, oltop, last, options_block))
2666 printf("\n");
2667 else
2668 {
2669 gr = getgrgid(*((int *)value));
2670 if (gr == NULL)
2671 printf("%ld\n", (long int)(*((int *)value)));
2672 else printf("%s\n", gr->gr_name);
2673 }
2674 break;
2675
2676 case opt_uidlist:
2677 uidlist = *((uid_t **)value);
2678 if (!no_labels) printf("%s =", name);
2679 if (uidlist != NULL)
2680 {
2681 int i;
2682 uschar sep = ' ';
2683 if (no_labels) sep = '\0';
2684 for (i = 1; i <= (int)(uidlist[0]); i++)
2685 {
2686 uschar *name = NULL;
2687 pw = getpwuid(uidlist[i]);
2688 if (pw != NULL) name = US pw->pw_name;
2689 if (sep != '\0') printf("%c", sep);
2690 if (name != NULL) printf("%s", name);
2691 else printf("%ld", (long int)(uidlist[i]));
2692 sep = ':';
2693 }
2694 }
2695 printf("\n");
2696 break;
2697
2698 case opt_gidlist:
2699 gidlist = *((gid_t **)value);
2700 if (!no_labels) printf("%s =", name);
2701 if (gidlist != NULL)
2702 {
2703 int i;
2704 uschar sep = ' ';
2705 if (no_labels) sep = '\0';
2706 for (i = 1; i <= (int)(gidlist[0]); i++)
2707 {
2708 uschar *name = NULL;
2709 gr = getgrgid(gidlist[i]);
2710 if (gr != NULL) name = US gr->gr_name;
2711 if (sep != '\0') printf("%c", sep);
2712 if (name != NULL) printf("%s", name);
2713 else printf("%ld", (long int)(gidlist[i]));
2714 sep = ':';
2715 }
2716 }
2717 printf("\n");
2718 break;
2719
2720 case opt_time:
2721 if (!no_labels) printf("%s = ", name);
2722 printf("%s\n", readconf_printtime(*((int *)value)));
2723 break;
2724
2725 case opt_timelist:
2726 {
2727 int i;
2728 int *list = (int *)value;
2729 if (!no_labels) printf("%s = ", name);
2730 for (i = 0; i < list[1]; i++)
2731 printf("%s%s", (i == 0)? "" : ":", readconf_printtime(list[i+2]));
2732 printf("\n");
2733 }
2734 break;
2735
2736 case opt_bit:
2737 printf("%s%s\n", ((*((int *)value)) & (1 << ((ol->type >> 16) & 31)))?
2738 "" : "no_", name);
2739 break;
2740
2741 case opt_expand_bool:
2742 sprintf(CS name2, "*expand_%.50s", name);
2743 ol2 = find_option(name2, oltop, last);
2744 if (ol2 != NULL && ol2->value != NULL)
2745 {
2746 void *value2 = ol2->value;
2747 if (options_block != NULL)
2748 value2 = (void *)((uschar *)options_block + (long int)value2);
2749 s = *((uschar **)value2);
2750 if (s != NULL)
2751 {
2752 if (!no_labels) printf("%s = ", name);
2753 printf("%s\n", string_printing(s));
2754 break;
2755 }
2756 /* s == NULL => string not set; fall through */
2757 }
2758
2759 /* Fall through */
2760
2761 case opt_bool:
2762 case opt_bool_verify:
2763 case opt_bool_set:
2764 printf("%s%s\n", (*((BOOL *)value))? "" : "no_", name);
2765 break;
2766 }
2767 }
2768
2769
2770
2771 /*************************************************
2772 * Print value from main configuration *
2773 *************************************************/
2774
2775 /* This function, called as a result of encountering the -bP option,
2776 causes the value of any main configuration variable to be output if the
2777 second argument is NULL. There are some special values:
2778
2779 all print all main configuration options
2780 config_file print the name of the configuration file
2781 (configure_file will still work, for backward
2782 compatibility)
2783 routers print the routers' configurations
2784 transports print the transports' configuration
2785 authenticators print the authenticators' configuration
2786 macros print the macros' configuration
2787 router_list print a list of router names
2788 transport_list print a list of transport names
2789 authenticator_list print a list of authentication mechanism names
2790 macro_list print a list of macro names
2791 +name print a named list item
2792 local_scan print the local_scan options
2793 config print the configuration as it is parsed
2794 environment print the used execution environment
2795
2796 If the second argument is not NULL, it must be one of "router", "transport",
2797 "authenticator" or "macro" in which case the first argument identifies the
2798 driver whose options are to be printed.
2799
2800 Arguments:
2801 name option name if type == NULL; else driver name
2802 type NULL or driver type name, as described above
2803 no_labels avoid the "foo = " at the start of an item
2804
2805 Returns: nothing
2806 */
2807
2808 void
2809 readconf_print(uschar *name, uschar *type, BOOL no_labels)
2810 {
2811 BOOL names_only = FALSE;
2812 optionlist *ol;
2813 optionlist *ol2 = NULL;
2814 driver_instance *d = NULL;
2815 macro_item *m;
2816 int size = 0;
2817
2818 if (type == NULL)
2819 {
2820 if (*name == '+')
2821 {
2822 int i;
2823 tree_node *t;
2824 BOOL found = FALSE;
2825 static uschar *types[] = { US"address", US"domain", US"host",
2826 US"localpart" };
2827 static tree_node **anchors[] = { &addresslist_anchor, &domainlist_anchor,
2828 &hostlist_anchor, &localpartlist_anchor };
2829
2830 for (i = 0; i < 4; i++)
2831 {
2832 t = tree_search(*(anchors[i]), name+1);
2833 if (t != NULL)
2834 {
2835 found = TRUE;
2836 if (no_labels)
2837 printf("%s\n", ((namedlist_block *)(t->data.ptr))->string);
2838 else
2839 printf("%slist %s = %s\n", types[i], name+1,
2840 ((namedlist_block *)(t->data.ptr))->string);
2841 }
2842 }
2843
2844 if (!found)
2845 printf("no address, domain, host, or local part list called \"%s\" "
2846 "exists\n", name+1);
2847
2848 return;
2849 }
2850
2851 if ( Ustrcmp(name, "configure_file") == 0
2852 || Ustrcmp(name, "config_file") == 0)
2853 {
2854 printf("%s\n", CS config_main_filename);
2855 return;
2856 }
2857
2858 if (Ustrcmp(name, "all") == 0)
2859 {
2860 for (ol = optionlist_config;
2861 ol < optionlist_config + nelem(optionlist_config); ol++)
2862 {
2863 if ((ol->type & opt_hidden) == 0)
2864 print_ol(ol, US ol->name, NULL,
2865 optionlist_config, nelem(optionlist_config),
2866 no_labels);
2867 }
2868 return;
2869 }
2870
2871 if (Ustrcmp(name, "local_scan") == 0)
2872 {
2873 #ifndef LOCAL_SCAN_HAS_OPTIONS
2874 printf("local_scan() options are not supported\n");
2875 #else
2876 for (ol = local_scan_options;
2877 ol < local_scan_options + local_scan_options_count; ol++)
2878 {
2879 print_ol(ol, US ol->name, NULL, local_scan_options,
2880 local_scan_options_count, no_labels);
2881 }
2882 #endif
2883 return;
2884 }
2885
2886 if (Ustrcmp(name, "config") == 0)
2887 {
2888 print_config(admin_user, no_labels);
2889 return;
2890 }
2891
2892 if (Ustrcmp(name, "routers") == 0)
2893 {
2894 type = US"router";
2895 name = NULL;
2896 }
2897 else if (Ustrcmp(name, "transports") == 0)
2898 {
2899 type = US"transport";
2900 name = NULL;
2901 }
2902
2903 else if (Ustrcmp(name, "authenticators") == 0)
2904 {
2905 type = US"authenticator";
2906 name = NULL;
2907 }
2908
2909 else if (Ustrcmp(name, "macros") == 0)
2910 {
2911 type = US"macro";
2912 name = NULL;
2913 }
2914
2915 else if (Ustrcmp(name, "router_list") == 0)
2916 {
2917 type = US"router";
2918 name = NULL;
2919 names_only = TRUE;
2920 }
2921
2922 else if (Ustrcmp(name, "transport_list") == 0)
2923 {
2924 type = US"transport";
2925 name = NULL;
2926 names_only = TRUE;
2927 }
2928
2929 else if (Ustrcmp(name, "authenticator_list") == 0)
2930 {
2931 type = US"authenticator";
2932 name = NULL;
2933 names_only = TRUE;
2934 }
2935
2936 else if (Ustrcmp(name, "macro_list") == 0)
2937 {
2938 type = US"macro";
2939 name = NULL;
2940 names_only = TRUE;
2941 }
2942
2943 else if (Ustrcmp(name, "environment") == 0)
2944 {
2945 if (environ)
2946 {
2947 uschar ** p;
2948 for (p = USS environ; *p; p++) ;
2949 qsort(environ, p - USS environ, sizeof(*p), string_compare_by_pointer);
2950
2951 for (p = USS environ; *p; p++)
2952 {
2953 uschar * q;
2954 if (no_labels && (q = Ustrchr(*p, '='))) *q = '\0';
2955 puts(CS *p);
2956 }
2957 }
2958 return;
2959 }
2960
2961 else
2962 {
2963 print_ol(find_option(name, optionlist_config, nelem(optionlist_config)),
2964 name, NULL, optionlist_config, nelem(optionlist_config), no_labels);
2965 return;
2966 }
2967 }
2968
2969 /* Handle the options for a router or transport. Skip options that are flagged
2970 as hidden. Some of these are options with names starting with '*', used for
2971 internal alternative representations of other options (which the printing
2972 function will sort out). Others are synonyms kept for backward compatibility.
2973 */
2974
2975 if (Ustrcmp(type, "router") == 0)
2976 {
2977 d = (driver_instance *)routers;
2978 ol2 = optionlist_routers;
2979 size = optionlist_routers_size;
2980 }
2981 else if (Ustrcmp(type, "transport") == 0)
2982 {
2983 d = (driver_instance *)transports;
2984 ol2 = optionlist_transports;
2985 size = optionlist_transports_size;
2986 }
2987 else if (Ustrcmp(type, "authenticator") == 0)
2988 {
2989 d = (driver_instance *)auths;
2990 ol2 = optionlist_auths;
2991 size = optionlist_auths_size;
2992 }
2993
2994 else if (Ustrcmp(type, "macro") == 0)
2995 {
2996 /* People store passwords in macros and they were previously not available
2997 for printing. So we have an admin_users restriction. */
2998 if (!admin_user)
2999 {
3000 fprintf(stderr, "exim: permission denied\n");
3001 exit(EXIT_FAILURE);
3002 }
3003 if (!macros_builtin_created) macros_create_builtin();
3004 for (m = macros; m; m = m->next)
3005 if (!name || Ustrcmp(name, m->name) == 0)
3006 {
3007 if (names_only)
3008 printf("%s\n", CS m->name);
3009 else
3010 printf("%s=%s\n", CS m->name, CS m->replacement);
3011 if (name)
3012 return;
3013 }
3014 if (name)
3015 printf("%s %s not found\n", type, name);
3016 return;
3017 }
3018
3019 if (names_only)
3020 {
3021 for (; d != NULL; d = d->next) printf("%s\n", CS d->name);
3022 return;
3023 }
3024
3025 /* Either search for a given driver, or print all of them */
3026
3027 for (; d != NULL; d = d->next)
3028 {
3029 if (name == NULL)
3030 printf("\n%s %s:\n", d->name, type);
3031 else if (Ustrcmp(d->name, name) != 0) continue;
3032
3033 for (ol = ol2; ol < ol2 + size; ol++)
3034 {
3035 if ((ol->type & opt_hidden) == 0)
3036 print_ol(ol, US ol->name, d, ol2, size, no_labels);
3037 }
3038
3039 for (ol = d->info->options;
3040 ol < d->info->options + *(d->info->options_count); ol++)
3041 {
3042 if ((ol->type & opt_hidden) == 0)
3043 print_ol(ol, US ol->name, d, d->info->options, *(d->info->options_count), no_labels);
3044 }
3045 if (name != NULL) return;
3046 }
3047 if (name != NULL) printf("%s %s not found\n", type, name);
3048 }
3049
3050
3051
3052 /*************************************************
3053 * Read a named list item *
3054 *************************************************/
3055
3056 /* This function reads a name and a list (i.e. string). The name is used to
3057 save the list in a tree, sorted by its name. Each entry also has a number,
3058 which can be used for caching tests, but if the string contains any expansion
3059 items other than $key, the number is set negative to inhibit caching. This
3060 mechanism is used for domain, host, and address lists that are referenced by
3061 the "+name" syntax.
3062
3063 Arguments:
3064 anchorp points to the tree anchor
3065 numberp points to the current number for this tree
3066 max the maximum number permitted
3067 s the text of the option line, starting immediately after the name
3068 of the list type
3069 tname the name of the list type, for messages
3070
3071 Returns: nothing
3072 */
3073
3074 static void
3075 read_named_list(tree_node **anchorp, int *numberp, int max, uschar *s,
3076 uschar *tname)
3077 {
3078 BOOL forcecache = FALSE;
3079 uschar *ss;
3080 tree_node *t;
3081 namedlist_block *nb = store_get(sizeof(namedlist_block));
3082
3083 if (Ustrncmp(s, "_cache", 6) == 0)
3084 {
3085 forcecache = TRUE;
3086 s += 6;
3087 }
3088
3089 if (!isspace(*s))
3090 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "unrecognized configuration line");
3091
3092 if (*numberp >= max)
3093 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "too many named %ss (max is %d)\n",
3094 tname, max);
3095
3096 while (isspace(*s)) s++;
3097 ss = s;
3098 while (isalnum(*s) || *s == '_') s++;
3099 t = store_get(sizeof(tree_node) + s-ss);
3100 Ustrncpy(t->name, ss, s-ss);
3101 t->name[s-ss] = 0;
3102 while (isspace(*s)) s++;
3103
3104 if (!tree_insertnode(anchorp, t))
3105 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3106 "duplicate name \"%s\" for a named %s", t->name, tname);
3107
3108 t->data.ptr = nb;
3109 nb->number = *numberp;
3110 *numberp += 1;
3111
3112 if (*s++ != '=') log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3113 "missing '=' after \"%s\"", t->name);
3114 while (isspace(*s)) s++;
3115 nb->string = read_string(s, t->name);
3116 nb->cache_data = NULL;
3117
3118 /* Check the string for any expansions; if any are found, mark this list
3119 uncacheable unless the user has explicited forced caching. */
3120
3121 if (!forcecache && Ustrchr(nb->string, '$') != NULL) nb->number = -1;
3122 }
3123
3124
3125
3126
3127 /*************************************************
3128 * Unpick data for a rate limit *
3129 *************************************************/
3130
3131 /* This function is called to unpick smtp_ratelimit_{mail,rcpt} into four
3132 separate values.
3133
3134 Arguments:
3135 s string, in the form t,b,f,l
3136 where t is the threshold (integer)
3137 b is the initial delay (time)
3138 f is the multiplicative factor (fixed point)
3139 k is the maximum time (time)
3140 threshold where to store threshold
3141 base where to store base in milliseconds
3142 factor where to store factor in milliseconds
3143 limit where to store limit
3144
3145 Returns: nothing (panics on error)
3146 */
3147
3148 static void
3149 unpick_ratelimit(uschar *s, int *threshold, int *base, double *factor,
3150 int *limit)
3151 {
3152 uschar bstring[16], lstring[16];
3153
3154 if (sscanf(CS s, "%d, %15[0123456789smhdw.], %lf, %15s", threshold, bstring,
3155 factor, lstring) == 4)
3156 {
3157 *base = readconf_readtime(bstring, 0, TRUE);
3158 *limit = readconf_readtime(lstring, 0, TRUE);
3159 if (*base >= 0 && *limit >= 0) return;
3160 }
3161 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "malformed ratelimit data: %s", s);
3162 }
3163
3164
3165
3166
3167 /*************************************************
3168 * Drop privs for checking TLS config *
3169 *************************************************/
3170
3171 /* We want to validate TLS options during readconf, but do not want to be
3172 root when we call into the TLS library, in case of library linkage errors
3173 which cause segfaults; before this check, those were always done as the Exim
3174 runtime user and it makes sense to continue with that.
3175
3176 Assumes: tls_require_ciphers has been set, if it will be
3177 exim_user has been set, if it will be
3178 exim_group has been set, if it will be
3179
3180 Returns: bool for "okay"; false will cause caller to immediately exit.
3181 */
3182
3183 #ifdef SUPPORT_TLS
3184 static BOOL
3185 tls_dropprivs_validate_require_cipher(BOOL nowarn)
3186 {
3187 const uschar *errmsg;
3188 pid_t pid;
3189 int rc, status;
3190 void (*oldsignal)(int);
3191
3192 /* If TLS will never be used, no point checking ciphers */
3193
3194 if ( !tls_advertise_hosts
3195 || !*tls_advertise_hosts
3196 || Ustrcmp(tls_advertise_hosts, ":") == 0
3197 )
3198 return TRUE;
3199 else if (!nowarn && !tls_certificate)
3200 log_write(0, LOG_MAIN,
3201 "Warning: No server certificate defined; will use a selfsigned one.\n"
3202 " Suggested action: either install a certificate or change tls_advertise_hosts option");
3203
3204 oldsignal = signal(SIGCHLD, SIG_DFL);
3205
3206 fflush(NULL);
3207 if ((pid = fork()) < 0)
3208 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "fork failed for TLS check");
3209
3210 if (pid == 0)
3211 {
3212 /* in some modes, will have dropped privilege already */
3213 if (!geteuid())
3214 exim_setugid(exim_uid, exim_gid, FALSE,
3215 US"calling tls_validate_require_cipher");
3216
3217 errmsg = tls_validate_require_cipher();
3218 if (errmsg)
3219 {
3220 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3221 "tls_require_ciphers invalid: %s", errmsg);
3222 }
3223 fflush(NULL);
3224 _exit(0);
3225 }
3226
3227 do {
3228 rc = waitpid(pid, &status, 0);
3229 } while (rc < 0 && errno == EINTR);
3230
3231 DEBUG(D_tls)
3232 debug_printf("tls_validate_require_cipher child %d ended: status=0x%x\n",
3233 (int)pid, status);
3234
3235 signal(SIGCHLD, oldsignal);
3236
3237 return status == 0;
3238 }
3239 #endif /* SUPPORT_TLS */
3240
3241
3242
3243
3244 /*************************************************
3245 * Read main configuration options *
3246 *************************************************/
3247
3248 /* This function is the first to be called for configuration reading. It
3249 opens the configuration file and reads general configuration settings until
3250 it reaches the end of the configuration section. The file is then left open so
3251 that the remaining configuration data can subsequently be read if needed for
3252 this run of Exim.
3253
3254 The configuration file must be owned either by root or exim, and be writeable
3255 only by root or uid/gid exim. The values for Exim's uid and gid can be changed
3256 in the config file, so the test is done on the compiled in values. A slight
3257 anomaly, to be carefully documented.
3258
3259 The name of the configuration file is taken from a list that is included in the
3260 binary of Exim. It can be altered from the command line, but if that is done,
3261 root privilege is immediately withdrawn unless the caller is root or exim.
3262 The first file on the list that exists is used.
3263
3264 For use on multiple systems that share file systems, first look for a
3265 configuration file whose name has the current node name on the end. If that is
3266 not found, try the generic name. For really contorted configurations, that run
3267 multiple Exims with different uid settings, first try adding the effective uid
3268 before the node name. These complications are going to waste resources on most
3269 systems. Therefore they are available only when requested by compile-time
3270 options. */
3271
3272 void
3273 readconf_main(BOOL nowarn)
3274 {
3275 int sep = 0;
3276 struct stat statbuf;
3277 uschar *s, *filename;
3278 const uschar *list = config_main_filelist;
3279
3280 /* Loop through the possible file names */
3281
3282 while((filename = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)))
3283 {
3284
3285 /* Cut out all the fancy processing unless specifically wanted */
3286
3287 #if defined(CONFIGURE_FILE_USE_NODE) || defined(CONFIGURE_FILE_USE_EUID)
3288 uschar *suffix = filename + Ustrlen(filename);
3289
3290 /* Try for the node-specific file if a node name exists */
3291
3292 #ifdef CONFIGURE_FILE_USE_NODE
3293 struct utsname uts;
3294 if (uname(&uts) >= 0)
3295 {
3296 #ifdef CONFIGURE_FILE_USE_EUID
3297 sprintf(CS suffix, ".%ld.%.256s", (long int)original_euid, uts.nodename);
3298 config_file = Ufopen(filename, "rb");
3299 if (config_file == NULL)
3300 #endif /* CONFIGURE_FILE_USE_EUID */
3301 {
3302 sprintf(CS suffix, ".%.256s", uts.nodename);
3303 config_file = Ufopen(filename, "rb");
3304 }
3305 }
3306 #endif /* CONFIGURE_FILE_USE_NODE */
3307
3308 /* Otherwise, try the generic name, possibly with the euid added */
3309
3310 #ifdef CONFIGURE_FILE_USE_EUID
3311 if (config_file == NULL)
3312 {
3313 sprintf(CS suffix, ".%ld", (long int)original_euid);
3314 config_file = Ufopen(filename, "rb");
3315 }
3316 #endif /* CONFIGURE_FILE_USE_EUID */
3317
3318 /* Finally, try the unadorned name */
3319
3320 if (config_file == NULL)
3321 {
3322 *suffix = 0;
3323 config_file = Ufopen(filename, "rb");
3324 }
3325 #else /* if neither defined */
3326
3327 /* This is the common case when the fancy processing is not included. */
3328
3329 config_file = Ufopen(filename, "rb");
3330 #endif
3331
3332 /* If the file does not exist, continue to try any others. For any other
3333 error, break out (and die). */
3334
3335 if (config_file != NULL || errno != ENOENT) break;
3336 }
3337
3338 /* Now, once we found and opened our configuration file, we change the directory
3339 to a safe place. Later we change to $spool_directory. */
3340
3341 if (Uchdir("/") < 0)
3342 {
3343 perror("exim: chdir `/': ");
3344 exit(EXIT_FAILURE);
3345 }
3346
3347 /* On success, save the name for verification; config_filename is used when
3348 logging configuration errors (it changes for .included files) whereas
3349 config_main_filename is the name shown by -bP. Failure to open a configuration
3350 file is a serious disaster. */
3351
3352 if (config_file != NULL)
3353 {
3354 uschar *p;
3355 config_filename = config_main_filename = string_copy(filename);
3356
3357 p = Ustrrchr(filename, '/');
3358 config_main_directory = p ? string_copyn(filename, p - filename)
3359 : string_copy(US".");
3360 }
3361 else
3362 {
3363 if (filename == NULL)
3364 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "non-existent configuration file(s): "
3365 "%s", config_main_filelist);
3366 else
3367 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", string_open_failed(errno,
3368 "configuration file %s", filename));
3369 }
3370
3371 /* Check the status of the file we have opened, if we have retained root
3372 privileges and the file isn't /dev/null (which *should* be 0666). */
3373
3374 if (trusted_config && Ustrcmp(filename, US"/dev/null"))
3375 {
3376 if (fstat(fileno(config_file), &statbuf) != 0)
3377 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to stat configuration file %s",
3378 big_buffer);
3379
3380 if ((statbuf.st_uid != root_uid /* owner not root */
3381 #ifdef CONFIGURE_OWNER
3382 && statbuf.st_uid != config_uid /* owner not the special one */
3383 #endif
3384 ) || /* or */
3385 (statbuf.st_gid != root_gid /* group not root & */
3386 #ifdef CONFIGURE_GROUP
3387 && statbuf.st_gid != config_gid /* group not the special one */
3388 #endif
3389 && (statbuf.st_mode & 020) != 0) || /* group writeable */
3390 /* or */
3391 ((statbuf.st_mode & 2) != 0)) /* world writeable */
3392
3393 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Exim configuration file %s has the "
3394 "wrong owner, group, or mode", big_buffer);
3395 }
3396
3397 /* Process the main configuration settings. They all begin with a lower case
3398 letter. If we see something starting with an upper case letter, it is taken as
3399 a macro definition. */
3400
3401 while ((s = get_config_line()) != NULL)
3402 {
3403 if (isupper(s[0])) read_macro_assignment(s);
3404
3405 else if (Ustrncmp(s, "domainlist", 10) == 0)
3406 read_named_list(&domainlist_anchor, &domainlist_count,
3407 MAX_NAMED_LIST, s+10, US"domain list");
3408
3409 else if (Ustrncmp(s, "hostlist", 8) == 0)
3410 read_named_list(&hostlist_anchor, &hostlist_count,
3411 MAX_NAMED_LIST, s+8, US"host list");
3412
3413 else if (Ustrncmp(s, US"addresslist", 11) == 0)
3414 read_named_list(&addresslist_anchor, &addresslist_count,
3415 MAX_NAMED_LIST, s+11, US"address list");
3416
3417 else if (Ustrncmp(s, US"localpartlist", 13) == 0)
3418 read_named_list(&localpartlist_anchor, &localpartlist_count,
3419 MAX_NAMED_LIST, s+13, US"local part list");
3420
3421 else
3422 (void) readconf_handle_option(s, optionlist_config, optionlist_config_size,
3423 NULL, US"main option \"%s\" unknown");
3424 }
3425
3426
3427 /* If local_sender_retain is set, local_from_check must be unset. */
3428
3429 if (local_sender_retain && local_from_check)
3430 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "both local_from_check and "
3431 "local_sender_retain are set; this combination is not allowed");
3432
3433 /* If the timezone string is empty, set it to NULL, implying no TZ variable
3434 wanted. */
3435
3436 if (timezone_string != NULL && *timezone_string == 0) timezone_string = NULL;
3437
3438 /* The max retry interval must not be greater than 24 hours. */
3439
3440 if (retry_interval_max > 24*60*60) retry_interval_max = 24*60*60;
3441
3442 /* remote_max_parallel must be > 0 */
3443
3444 if (remote_max_parallel <= 0) remote_max_parallel = 1;
3445
3446 /* Save the configured setting of freeze_tell, so we can re-instate it at the
3447 start of a new SMTP message. */
3448
3449 freeze_tell_config = freeze_tell;
3450
3451 /* The primary host name may be required for expansion of spool_directory
3452 and log_file_path, so make sure it is set asap. It is obtained from uname(),
3453 but if that yields an unqualified value, make a FQDN by using gethostbyname to
3454 canonize it. Some people like upper case letters in their host names, so we
3455 don't force the case. */
3456
3457 if (primary_hostname == NULL)
3458 {
3459 const uschar *hostname;
3460 struct utsname uts;
3461 if (uname(&uts) < 0)
3462 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "uname() failed to yield host name");
3463 hostname = US uts.nodename;
3464
3465 if (Ustrchr(hostname, '.') == NULL)
3466 {
3467 int af = AF_INET;
3468 struct hostent *hostdata;
3469
3470 #if HAVE_IPV6
3471 if (!disable_ipv6 && (dns_ipv4_lookup == NULL ||
3472 match_isinlist(hostname, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
3473 MCL_DOMAIN, TRUE, NULL) != OK))
3474 af = AF_INET6;
3475 #else
3476 af = AF_INET;
3477 #endif
3478
3479 for (;;)
3480 {
3481 #if HAVE_IPV6
3482 #if HAVE_GETIPNODEBYNAME
3483 int error_num;
3484 hostdata = getipnodebyname(CS hostname, af, 0, &error_num);
3485 #else
3486 hostdata = gethostbyname2(CS hostname, af);
3487 #endif
3488 #else
3489 hostdata = gethostbyname(CS hostname);
3490 #endif
3491
3492 if (hostdata != NULL)
3493 {
3494 hostname = US hostdata->h_name;
3495 break;
3496 }
3497
3498 if (af == AF_INET) break;
3499 af = AF_INET;
3500 }
3501 }
3502
3503 primary_hostname = string_copy(hostname);
3504 }
3505
3506 /* Set up default value for smtp_active_hostname */
3507
3508 smtp_active_hostname = primary_hostname;
3509
3510 /* If spool_directory wasn't set in the build-time configuration, it must have
3511 got set above. Of course, writing to the log may not work if log_file_path is
3512 not set, but it will at least get to syslog or somewhere, with any luck. */
3513
3514 if (*spool_directory == 0)
3515 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "spool_directory undefined: cannot "
3516 "proceed");
3517
3518 /* Expand the spool directory name; it may, for example, contain the primary
3519 host name. Same comment about failure. */
3520
3521 s = expand_string(spool_directory);
3522 if (s == NULL)
3523 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand spool_directory "
3524 "\"%s\": %s", spool_directory, expand_string_message);
3525 spool_directory = s;
3526
3527 /* Expand log_file_path, which must contain "%s" in any component that isn't
3528 the null string or "syslog". It is also allowed to contain one instance of %D
3529 or %M. However, it must NOT contain % followed by anything else. */
3530
3531 if (*log_file_path != 0)
3532 {
3533 const uschar *ss, *sss;
3534 int sep = ':'; /* Fixed for log file path */
3535 s = expand_string(log_file_path);
3536 if (s == NULL)
3537 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand log_file_path "
3538 "\"%s\": %s", log_file_path, expand_string_message);
3539
3540 ss = s;
3541 while ((sss = string_nextinlist(&ss,&sep,big_buffer,big_buffer_size)) != NULL)
3542 {
3543 uschar *t;
3544 if (sss[0] == 0 || Ustrcmp(sss, "syslog") == 0) continue;
3545 t = Ustrstr(sss, "%s");
3546 if (t == NULL)
3547 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" does not "
3548 "contain \"%%s\"", sss);
3549 *t = 'X';
3550 t = Ustrchr(sss, '%');
3551 if (t != NULL)
3552 {
3553 if ((t[1] != 'D' && t[1] != 'M') || Ustrchr(t+2, '%') != NULL)
3554 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" contains "
3555 "unexpected \"%%\" character", s);
3556 }
3557 }
3558
3559 log_file_path = s;
3560 }
3561
3562 /* Interpret syslog_facility into an integer argument for 'ident' param to
3563 openlog(). Default is LOG_MAIL set in globals.c. Allow the user to omit the
3564 leading "log_". */
3565
3566 if (syslog_facility_str != NULL)
3567 {
3568 int i;
3569 uschar *s = syslog_facility_str;
3570
3571 if ((Ustrlen(syslog_facility_str) >= 4) &&
3572 (strncmpic(syslog_facility_str, US"log_", 4) == 0))
3573 s += 4;
3574
3575 for (i = 0; i < syslog_list_size; i++)
3576 {
3577 if (strcmpic(s, syslog_list[i].name) == 0)
3578 {
3579 syslog_facility = syslog_list[i].value;
3580 break;
3581 }
3582 }
3583
3584 if (i >= syslog_list_size)
3585 {
3586 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3587 "failed to interpret syslog_facility \"%s\"", syslog_facility_str);
3588 }
3589 }
3590
3591 /* Expand pid_file_path */
3592
3593 if (*pid_file_path != 0)
3594 {
3595 s = expand_string(pid_file_path);
3596 if (s == NULL)
3597 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand pid_file_path "
3598 "\"%s\": %s", pid_file_path, expand_string_message);
3599 pid_file_path = s;
3600 }
3601
3602 /* Set default value of process_log_path */
3603
3604 if (process_log_path == NULL || *process_log_path =='\0')
3605 process_log_path = string_sprintf("%s/exim-process.info", spool_directory);
3606
3607 /* Compile the regex for matching a UUCP-style "From_" line in an incoming
3608 message. */
3609
3610 regex_From = regex_must_compile(uucp_from_pattern, FALSE, TRUE);
3611
3612 /* Unpick the SMTP rate limiting options, if set */
3613
3614 if (smtp_ratelimit_mail != NULL)
3615 {
3616 unpick_ratelimit(smtp_ratelimit_mail, &smtp_rlm_threshold,
3617 &smtp_rlm_base, &smtp_rlm_factor, &smtp_rlm_limit);
3618 }
3619
3620 if (smtp_ratelimit_rcpt != NULL)
3621 {
3622 unpick_ratelimit(smtp_ratelimit_rcpt, &smtp_rlr_threshold,
3623 &smtp_rlr_base, &smtp_rlr_factor, &smtp_rlr_limit);
3624 }
3625
3626 /* The qualify domains default to the primary host name */
3627
3628 if (qualify_domain_sender == NULL)
3629 qualify_domain_sender = primary_hostname;
3630 if (qualify_domain_recipient == NULL)
3631 qualify_domain_recipient = qualify_domain_sender;
3632
3633 /* Setting system_filter_user in the configuration sets the gid as well if a
3634 name is given, but a numerical value does not. */
3635
3636 if (system_filter_uid_set && !system_filter_gid_set)
3637 {
3638 struct passwd *pw = getpwuid(system_filter_uid);
3639 if (pw == NULL)
3640 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Failed to look up uid %ld",
3641 (long int)system_filter_uid);
3642 system_filter_gid = pw->pw_gid;
3643 system_filter_gid_set = TRUE;
3644 }
3645
3646 /* If the errors_reply_to field is set, check that it is syntactically valid
3647 and ensure it contains a domain. */
3648
3649 if (errors_reply_to != NULL)
3650 {
3651 uschar *errmess;
3652 int start, end, domain;
3653 uschar *recipient = parse_extract_address(errors_reply_to, &errmess,
3654 &start, &end, &domain, FALSE);
3655
3656 if (recipient == NULL)
3657 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3658 "error in errors_reply_to (%s): %s", errors_reply_to, errmess);
3659
3660 if (domain == 0)
3661 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3662 "errors_reply_to (%s) does not contain a domain", errors_reply_to);
3663 }
3664
3665 /* If smtp_accept_queue or smtp_accept_max_per_host is set, then
3666 smtp_accept_max must also be set. */
3667
3668 if (smtp_accept_max == 0 &&
3669 (smtp_accept_queue > 0 || smtp_accept_max_per_host != NULL))
3670 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3671 "smtp_accept_max must be set if smtp_accept_queue or "
3672 "smtp_accept_max_per_host is set");
3673
3674 /* Set up the host number if anything is specified. It is an expanded string
3675 so that it can be computed from the host name, for example. We do this last
3676 so as to ensure that everything else is set up before the expansion. */
3677
3678 if (host_number_string != NULL)
3679 {
3680 long int n;
3681 uschar *end;
3682 uschar *s = expand_string(host_number_string);
3683 if (s == NULL)
3684 log_write(0, LOG_MAIN|LOG_PANIC_DIE,
3685 "failed to expand localhost_number \"%s\": %s",
3686 host_number_string, expand_string_message);
3687 n = Ustrtol(s, &end, 0);
3688 while (isspace(*end)) end++;
3689 if (*end != 0)
3690 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3691 "localhost_number value is not a number: %s", s);
3692 if (n > LOCALHOST_MAX)
3693 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3694 "localhost_number is greater than the maximum allowed value (%d)",
3695 LOCALHOST_MAX);
3696 host_number = n;
3697 }
3698
3699 #ifdef SUPPORT_TLS
3700 /* If tls_verify_hosts is set, tls_verify_certificates must also be set */
3701
3702 if ((tls_verify_hosts != NULL || tls_try_verify_hosts != NULL) &&
3703 tls_verify_certificates == NULL)
3704 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3705 "tls_%sverify_hosts is set, but tls_verify_certificates is not set",
3706 (tls_verify_hosts != NULL)? "" : "try_");
3707
3708 /* This also checks that the library linkage is working and we can call
3709 routines in it, so call even if tls_require_ciphers is unset */
3710 if (!tls_dropprivs_validate_require_cipher(nowarn))
3711 exit(1);
3712
3713 /* Magic number: at time of writing, 1024 has been the long-standing value
3714 used by so many clients, and what Exim used to use always, that it makes
3715 sense to just min-clamp this max-clamp at that. */
3716 if (tls_dh_max_bits < 1024)
3717 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3718 "tls_dh_max_bits is too small, must be at least 1024 for interop");
3719
3720 /* If openssl_options is set, validate it */
3721 if (openssl_options != NULL)
3722 {
3723 # ifdef USE_GNUTLS
3724 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3725 "openssl_options is set but we're using GnuTLS");
3726 # else
3727 long dummy;
3728 if (!(tls_openssl_options_parse(openssl_options, &dummy)))
3729 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3730 "openssl_options parse error: %s", openssl_options);
3731 # endif
3732 }
3733 #endif /*SUPPORT_TLS*/
3734
3735 if (!nowarn && !keep_environment && environ && *environ)
3736 log_write(0, LOG_MAIN,
3737 "Warning: purging the environment.\n"
3738 " Suggested action: use keep_environment.");
3739 }
3740
3741
3742
3743 /*************************************************
3744 * Initialize one driver *
3745 *************************************************/
3746
3747 /* This is called once the driver's generic options, if any, have been read.
3748 We can now find the driver, set up defaults for the private options, and
3749 unset any "set" bits in the private options table (which might have been
3750 set by another incarnation of the same driver).
3751
3752 Arguments:
3753 d pointer to driver instance block, with generic
3754 options filled in
3755 drivers_available vector of available drivers
3756 size_of_info size of each block in drivers_available
3757 class class of driver, for error message
3758
3759 Returns: pointer to the driver info block
3760 */
3761
3762 static driver_info *
3763 init_driver(driver_instance *d, driver_info *drivers_available,
3764 int size_of_info, uschar *class)
3765 {
3766 driver_info *dd;
3767
3768 for (dd = drivers_available; dd->driver_name[0] != 0;
3769 dd = (driver_info *)(((uschar *)dd) + size_of_info))
3770 {
3771 if (Ustrcmp(d->driver_name, dd->driver_name) == 0)
3772 {
3773 int i;
3774 int len = dd->options_len;
3775 d->info = dd;
3776 d->options_block = store_get(len);
3777 memcpy(d->options_block, dd->options_block, len);
3778 for (i = 0; i < *(dd->options_count); i++)
3779 dd->options[i].type &= ~opt_set;
3780 return dd;
3781 }
3782 }
3783
3784 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3785 "%s %s: cannot find %s driver \"%s\"", class, d->name, class, d->driver_name);
3786
3787 return NULL; /* never obeyed */
3788 }
3789
3790
3791
3792
3793 /*************************************************
3794 * Initialize driver list *
3795 *************************************************/
3796
3797 /* This function is called for routers, transports, and authentication
3798 mechanisms. It reads the data from the current point in the configuration file
3799 up to the end of the section, and sets up a chain of instance blocks according
3800 to the file's contents. The file will already have been opened by a call to
3801 readconf_main, and must be left open for subsequent reading of further data.
3802
3803 Any errors cause a panic crash. Note that the blocks with names driver_info and
3804 driver_instance must map the first portions of all the _info and _instance
3805 blocks for this shared code to work.
3806
3807 Arguments:
3808 class "router", "transport", or "authenticator"
3809 anchor &routers, &transports, &auths
3810 drivers_available available drivers