e0f9d2ddc8d604150aad77977001cdfcf48c7ae2
[exim.git] / src / src / readconf.c
1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
4
5 /* Copyright (c) University of Cambridge 1995 - 2016 */
6 /* See the file NOTICE for conditions of use and distribution. */
7
8 /* Functions for reading the configuration file, and for displaying
9 overall configuration values. Thanks to Brian Candler for the original
10 implementation of the conditional .ifdef etc. */
11
12 #include "exim.h"
13
14 extern char **environ;
15
16 static void fn_smtp_receive_timeout(const uschar * name, const uschar * str);
17 static void save_config_line(const uschar* line);
18 static void save_config_position(const uschar *file, int line);
19 static void print_config(BOOL admin, BOOL terse);
20 static void readconf_options_auths(void);
21
22
23 #define CSTATE_STACK_SIZE 10
24
25 const uschar *config_directory = NULL;
26
27
28 /* Structure for chain (stack) of .included files */
29
30 typedef struct config_file_item {
31 struct config_file_item *next;
32 const uschar *filename;
33 const uschar *directory;
34 FILE *file;
35 int lineno;
36 } config_file_item;
37
38 /* Structure for chain of configuration lines (-bP config) */
39
40 typedef struct config_line_item {
41 struct config_line_item *next;
42 uschar *line;
43 } config_line_item;
44
45 static config_line_item* config_lines;
46
47 /* Structure of table of conditional words and their state transitions */
48
49 typedef struct cond_item {
50 uschar *name;
51 int namelen;
52 int action1;
53 int action2;
54 int pushpop;
55 } cond_item;
56
57 /* Structure of table of syslog facility names and values */
58
59 typedef struct syslog_fac_item {
60 uschar *name;
61 int value;
62 } syslog_fac_item;
63
64 /* constants */
65 static const char * const hidden = "<value not displayable>";
66
67 /* Static variables */
68
69 static config_file_item *config_file_stack = NULL; /* For includes */
70
71 static uschar *syslog_facility_str = NULL;
72 static uschar next_section[24];
73 static uschar time_buffer[24];
74
75 /* State variables for conditional loading (.ifdef / .else / .endif) */
76
77 static int cstate = 0;
78 static int cstate_stack_ptr = -1;
79 static int cstate_stack[CSTATE_STACK_SIZE];
80
81 /* Table of state transitions for handling conditional inclusions. There are
82 four possible state transitions:
83
84 .ifdef true
85 .ifdef false
86 .elifdef true (or .else)
87 .elifdef false
88
89 .endif just causes the previous cstate to be popped off the stack */
90
91 static int next_cstate[3][4] =
92 {
93 /* State 0: reading from file, or reading until next .else or .endif */
94 { 0, 1, 2, 2 },
95 /* State 1: condition failed, skipping until next .else or .endif */
96 { 2, 2, 0, 1 },
97 /* State 2: skipping until .endif */
98 { 2, 2, 2, 2 },
99 };
100
101 /* Table of conditionals and the states to set. For each name, there are four
102 values: the length of the name (to save computing it each time), the state to
103 set if a macro was found in the line, the state to set if a macro was not found
104 in the line, and a stack manipulation setting which is:
105
106 -1 pull state value off the stack
107 0 don't alter the stack
108 +1 push value onto stack, before setting new state
109 */
110
111 static cond_item cond_list[] = {
112 { US"ifdef", 5, 0, 1, 1 },
113 { US"ifndef", 6, 1, 0, 1 },
114 { US"elifdef", 7, 2, 3, 0 },
115 { US"elifndef", 8, 3, 2, 0 },
116 { US"else", 4, 2, 2, 0 },
117 { US"endif", 5, 0, 0, -1 }
118 };
119
120 static int cond_list_size = sizeof(cond_list)/sizeof(cond_item);
121
122 /* Table of syslog facility names and their values */
123
124 static syslog_fac_item syslog_list[] = {
125 { US"mail", LOG_MAIL },
126 { US"user", LOG_USER },
127 { US"news", LOG_NEWS },
128 { US"uucp", LOG_UUCP },
129 { US"local0", LOG_LOCAL0 },
130 { US"local1", LOG_LOCAL1 },
131 { US"local2", LOG_LOCAL2 },
132 { US"local3", LOG_LOCAL3 },
133 { US"local4", LOG_LOCAL4 },
134 { US"local5", LOG_LOCAL5 },
135 { US"local6", LOG_LOCAL6 },
136 { US"local7", LOG_LOCAL7 },
137 { US"daemon", LOG_DAEMON }
138 };
139
140 static int syslog_list_size = sizeof(syslog_list)/sizeof(syslog_fac_item);
141
142
143
144
145 /*************************************************
146 * Main configuration options *
147 *************************************************/
148
149 /* The list of options that can be set in the main configuration file. This
150 must be in alphabetic order because it is searched by binary chop. */
151
152 static optionlist optionlist_config[] = {
153 { "*set_exim_group", opt_bool|opt_hidden, &exim_gid_set },
154 { "*set_exim_user", opt_bool|opt_hidden, &exim_uid_set },
155 { "*set_system_filter_group", opt_bool|opt_hidden, &system_filter_gid_set },
156 { "*set_system_filter_user", opt_bool|opt_hidden, &system_filter_uid_set },
157 { "accept_8bitmime", opt_bool, &accept_8bitmime },
158 { "acl_not_smtp", opt_stringptr, &acl_not_smtp },
159 #ifdef WITH_CONTENT_SCAN
160 { "acl_not_smtp_mime", opt_stringptr, &acl_not_smtp_mime },
161 #endif
162 { "acl_not_smtp_start", opt_stringptr, &acl_not_smtp_start },
163 { "acl_smtp_auth", opt_stringptr, &acl_smtp_auth },
164 { "acl_smtp_connect", opt_stringptr, &acl_smtp_connect },
165 { "acl_smtp_data", opt_stringptr, &acl_smtp_data },
166 #ifndef DISABLE_PRDR
167 { "acl_smtp_data_prdr", opt_stringptr, &acl_smtp_data_prdr },
168 #endif
169 #ifndef DISABLE_DKIM
170 { "acl_smtp_dkim", opt_stringptr, &acl_smtp_dkim },
171 #endif
172 { "acl_smtp_etrn", opt_stringptr, &acl_smtp_etrn },
173 { "acl_smtp_expn", opt_stringptr, &acl_smtp_expn },
174 { "acl_smtp_helo", opt_stringptr, &acl_smtp_helo },
175 { "acl_smtp_mail", opt_stringptr, &acl_smtp_mail },
176 { "acl_smtp_mailauth", opt_stringptr, &acl_smtp_mailauth },
177 #ifdef WITH_CONTENT_SCAN
178 { "acl_smtp_mime", opt_stringptr, &acl_smtp_mime },
179 #endif
180 { "acl_smtp_notquit", opt_stringptr, &acl_smtp_notquit },
181 { "acl_smtp_predata", opt_stringptr, &acl_smtp_predata },
182 { "acl_smtp_quit", opt_stringptr, &acl_smtp_quit },
183 { "acl_smtp_rcpt", opt_stringptr, &acl_smtp_rcpt },
184 #ifdef SUPPORT_TLS
185 { "acl_smtp_starttls", opt_stringptr, &acl_smtp_starttls },
186 #endif
187 { "acl_smtp_vrfy", opt_stringptr, &acl_smtp_vrfy },
188 { "add_environment", opt_stringptr, &add_environment },
189 { "admin_groups", opt_gidlist, &admin_groups },
190 { "allow_domain_literals", opt_bool, &allow_domain_literals },
191 { "allow_mx_to_ip", opt_bool, &allow_mx_to_ip },
192 { "allow_utf8_domains", opt_bool, &allow_utf8_domains },
193 { "auth_advertise_hosts", opt_stringptr, &auth_advertise_hosts },
194 { "auto_thaw", opt_time, &auto_thaw },
195 #ifdef WITH_CONTENT_SCAN
196 { "av_scanner", opt_stringptr, &av_scanner },
197 #endif
198 { "bi_command", opt_stringptr, &bi_command },
199 #ifdef EXPERIMENTAL_BRIGHTMAIL
200 { "bmi_config_file", opt_stringptr, &bmi_config_file },
201 #endif
202 { "bounce_message_file", opt_stringptr, &bounce_message_file },
203 { "bounce_message_text", opt_stringptr, &bounce_message_text },
204 { "bounce_return_body", opt_bool, &bounce_return_body },
205 { "bounce_return_linesize_limit", opt_mkint, &bounce_return_linesize_limit },
206 { "bounce_return_message", opt_bool, &bounce_return_message },
207 { "bounce_return_size_limit", opt_mkint, &bounce_return_size_limit },
208 { "bounce_sender_authentication",opt_stringptr,&bounce_sender_authentication },
209 { "callout_domain_negative_expire", opt_time, &callout_cache_domain_negative_expire },
210 { "callout_domain_positive_expire", opt_time, &callout_cache_domain_positive_expire },
211 { "callout_negative_expire", opt_time, &callout_cache_negative_expire },
212 { "callout_positive_expire", opt_time, &callout_cache_positive_expire },
213 { "callout_random_local_part",opt_stringptr, &callout_random_local_part },
214 { "check_log_inodes", opt_int, &check_log_inodes },
215 { "check_log_space", opt_Kint, &check_log_space },
216 { "check_rfc2047_length", opt_bool, &check_rfc2047_length },
217 { "check_spool_inodes", opt_int, &check_spool_inodes },
218 { "check_spool_space", opt_Kint, &check_spool_space },
219 { "chunking_advertise_hosts", opt_stringptr, &chunking_advertise_hosts },
220 { "commandline_checks_require_admin", opt_bool,&commandline_checks_require_admin },
221 { "daemon_smtp_port", opt_stringptr|opt_hidden, &daemon_smtp_port },
222 { "daemon_smtp_ports", opt_stringptr, &daemon_smtp_port },
223 { "daemon_startup_retries", opt_int, &daemon_startup_retries },
224 { "daemon_startup_sleep", opt_time, &daemon_startup_sleep },
225 #ifdef EXPERIMENTAL_DCC
226 { "dcc_direct_add_header", opt_bool, &dcc_direct_add_header },
227 { "dccifd_address", opt_stringptr, &dccifd_address },
228 { "dccifd_options", opt_stringptr, &dccifd_options },
229 #endif
230 { "debug_store", opt_bool, &debug_store },
231 { "delay_warning", opt_timelist, &delay_warning },
232 { "delay_warning_condition", opt_stringptr, &delay_warning_condition },
233 { "deliver_drop_privilege", opt_bool, &deliver_drop_privilege },
234 { "deliver_queue_load_max", opt_fixed, &deliver_queue_load_max },
235 { "delivery_date_remove", opt_bool, &delivery_date_remove },
236 #ifdef ENABLE_DISABLE_FSYNC
237 { "disable_fsync", opt_bool, &disable_fsync },
238 #endif
239 { "disable_ipv6", opt_bool, &disable_ipv6 },
240 #ifndef DISABLE_DKIM
241 { "dkim_verify_signers", opt_stringptr, &dkim_verify_signers },
242 #endif
243 #ifdef EXPERIMENTAL_DMARC
244 { "dmarc_forensic_sender", opt_stringptr, &dmarc_forensic_sender },
245 { "dmarc_history_file", opt_stringptr, &dmarc_history_file },
246 { "dmarc_tld_file", opt_stringptr, &dmarc_tld_file },
247 #endif
248 { "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist },
249 { "dns_check_names_pattern", opt_stringptr, &check_dns_names_pattern },
250 { "dns_csa_search_limit", opt_int, &dns_csa_search_limit },
251 { "dns_csa_use_reverse", opt_bool, &dns_csa_use_reverse },
252 { "dns_dnssec_ok", opt_int, &dns_dnssec_ok },
253 { "dns_ipv4_lookup", opt_stringptr, &dns_ipv4_lookup },
254 { "dns_retrans", opt_time, &dns_retrans },
255 { "dns_retry", opt_int, &dns_retry },
256 { "dns_trust_aa", opt_stringptr, &dns_trust_aa },
257 { "dns_use_edns0", opt_int, &dns_use_edns0 },
258 /* This option is now a no-op, retained for compatibility */
259 { "drop_cr", opt_bool, &drop_cr },
260 /*********************************************************/
261 { "dsn_advertise_hosts", opt_stringptr, &dsn_advertise_hosts },
262 { "dsn_from", opt_stringptr, &dsn_from },
263 { "envelope_to_remove", opt_bool, &envelope_to_remove },
264 { "errors_copy", opt_stringptr, &errors_copy },
265 { "errors_reply_to", opt_stringptr, &errors_reply_to },
266 #ifndef DISABLE_EVENT
267 { "event_action", opt_stringptr, &event_action },
268 #endif
269 { "exim_group", opt_gid, &exim_gid },
270 { "exim_path", opt_stringptr, &exim_path },
271 { "exim_user", opt_uid, &exim_uid },
272 { "extra_local_interfaces", opt_stringptr, &extra_local_interfaces },
273 { "extract_addresses_remove_arguments", opt_bool, &extract_addresses_remove_arguments },
274 { "finduser_retries", opt_int, &finduser_retries },
275 { "freeze_tell", opt_stringptr, &freeze_tell },
276 { "gecos_name", opt_stringptr, &gecos_name },
277 { "gecos_pattern", opt_stringptr, &gecos_pattern },
278 #ifdef SUPPORT_TLS
279 { "gnutls_allow_auto_pkcs11", opt_bool, &gnutls_allow_auto_pkcs11 },
280 { "gnutls_compat_mode", opt_bool, &gnutls_compat_mode },
281 #endif
282 { "header_line_maxsize", opt_int, &header_line_maxsize },
283 { "header_maxsize", opt_int, &header_maxsize },
284 { "headers_charset", opt_stringptr, &headers_charset },
285 { "helo_accept_junk_hosts", opt_stringptr, &helo_accept_junk_hosts },
286 { "helo_allow_chars", opt_stringptr, &helo_allow_chars },
287 { "helo_lookup_domains", opt_stringptr, &helo_lookup_domains },
288 { "helo_try_verify_hosts", opt_stringptr, &helo_try_verify_hosts },
289 { "helo_verify_hosts", opt_stringptr, &helo_verify_hosts },
290 { "hold_domains", opt_stringptr, &hold_domains },
291 { "host_lookup", opt_stringptr, &host_lookup },
292 { "host_lookup_order", opt_stringptr, &host_lookup_order },
293 { "host_reject_connection", opt_stringptr, &host_reject_connection },
294 { "hosts_connection_nolog", opt_stringptr, &hosts_connection_nolog },
295 #ifdef SUPPORT_PROXY
296 { "hosts_proxy", opt_stringptr, &hosts_proxy },
297 #endif
298 { "hosts_treat_as_local", opt_stringptr, &hosts_treat_as_local },
299 #ifdef LOOKUP_IBASE
300 { "ibase_servers", opt_stringptr, &ibase_servers },
301 #endif
302 { "ignore_bounce_errors_after", opt_time, &ignore_bounce_errors_after },
303 { "ignore_fromline_hosts", opt_stringptr, &ignore_fromline_hosts },
304 { "ignore_fromline_local", opt_bool, &ignore_fromline_local },
305 { "keep_environment", opt_stringptr, &keep_environment },
306 { "keep_malformed", opt_time, &keep_malformed },
307 #ifdef LOOKUP_LDAP
308 { "ldap_ca_cert_dir", opt_stringptr, &eldap_ca_cert_dir },
309 { "ldap_ca_cert_file", opt_stringptr, &eldap_ca_cert_file },
310 { "ldap_cert_file", opt_stringptr, &eldap_cert_file },
311 { "ldap_cert_key", opt_stringptr, &eldap_cert_key },
312 { "ldap_cipher_suite", opt_stringptr, &eldap_cipher_suite },
313 { "ldap_default_servers", opt_stringptr, &eldap_default_servers },
314 { "ldap_require_cert", opt_stringptr, &eldap_require_cert },
315 { "ldap_start_tls", opt_bool, &eldap_start_tls },
316 { "ldap_version", opt_int, &eldap_version },
317 #endif
318 { "local_from_check", opt_bool, &local_from_check },
319 { "local_from_prefix", opt_stringptr, &local_from_prefix },
320 { "local_from_suffix", opt_stringptr, &local_from_suffix },
321 { "local_interfaces", opt_stringptr, &local_interfaces },
322 { "local_scan_timeout", opt_time, &local_scan_timeout },
323 { "local_sender_retain", opt_bool, &local_sender_retain },
324 { "localhost_number", opt_stringptr, &host_number_string },
325 { "log_file_path", opt_stringptr, &log_file_path },
326 { "log_selector", opt_stringptr, &log_selector_string },
327 { "log_timezone", opt_bool, &log_timezone },
328 { "lookup_open_max", opt_int, &lookup_open_max },
329 { "max_username_length", opt_int, &max_username_length },
330 { "message_body_newlines", opt_bool, &message_body_newlines },
331 { "message_body_visible", opt_mkint, &message_body_visible },
332 { "message_id_header_domain", opt_stringptr, &message_id_domain },
333 { "message_id_header_text", opt_stringptr, &message_id_text },
334 { "message_logs", opt_bool, &message_logs },
335 { "message_size_limit", opt_stringptr, &message_size_limit },
336 #ifdef SUPPORT_MOVE_FROZEN_MESSAGES
337 { "move_frozen_messages", opt_bool, &move_frozen_messages },
338 #endif
339 { "mua_wrapper", opt_bool, &mua_wrapper },
340 #ifdef LOOKUP_MYSQL
341 { "mysql_servers", opt_stringptr, &mysql_servers },
342 #endif
343 { "never_users", opt_uidlist, &never_users },
344 #ifdef SUPPORT_TLS
345 { "openssl_options", opt_stringptr, &openssl_options },
346 #endif
347 #ifdef LOOKUP_ORACLE
348 { "oracle_servers", opt_stringptr, &oracle_servers },
349 #endif
350 { "percent_hack_domains", opt_stringptr, &percent_hack_domains },
351 #ifdef EXIM_PERL
352 { "perl_at_start", opt_bool, &opt_perl_at_start },
353 { "perl_startup", opt_stringptr, &opt_perl_startup },
354 { "perl_taintmode", opt_bool, &opt_perl_taintmode },
355 #endif
356 #ifdef LOOKUP_PGSQL
357 { "pgsql_servers", opt_stringptr, &pgsql_servers },
358 #endif
359 { "pid_file_path", opt_stringptr, &pid_file_path },
360 { "pipelining_advertise_hosts", opt_stringptr, &pipelining_advertise_hosts },
361 #ifndef DISABLE_PRDR
362 { "prdr_enable", opt_bool, &prdr_enable },
363 #endif
364 { "preserve_message_logs", opt_bool, &preserve_message_logs },
365 { "primary_hostname", opt_stringptr, &primary_hostname },
366 { "print_topbitchars", opt_bool, &print_topbitchars },
367 { "process_log_path", opt_stringptr, &process_log_path },
368 { "prod_requires_admin", opt_bool, &prod_requires_admin },
369 { "qualify_domain", opt_stringptr, &qualify_domain_sender },
370 { "qualify_recipient", opt_stringptr, &qualify_domain_recipient },
371 { "queue_domains", opt_stringptr, &queue_domains },
372 { "queue_list_requires_admin",opt_bool, &queue_list_requires_admin },
373 { "queue_only", opt_bool, &queue_only },
374 { "queue_only_file", opt_stringptr, &queue_only_file },
375 { "queue_only_load", opt_fixed, &queue_only_load },
376 { "queue_only_load_latch", opt_bool, &queue_only_load_latch },
377 { "queue_only_override", opt_bool, &queue_only_override },
378 { "queue_run_in_order", opt_bool, &queue_run_in_order },
379 { "queue_run_max", opt_stringptr, &queue_run_max },
380 { "queue_smtp_domains", opt_stringptr, &queue_smtp_domains },
381 { "receive_timeout", opt_time, &receive_timeout },
382 { "received_header_text", opt_stringptr, &received_header_text },
383 { "received_headers_max", opt_int, &received_headers_max },
384 { "recipient_unqualified_hosts", opt_stringptr, &recipient_unqualified_hosts },
385 { "recipients_max", opt_int, &recipients_max },
386 { "recipients_max_reject", opt_bool, &recipients_max_reject },
387 #ifdef LOOKUP_REDIS
388 { "redis_servers", opt_stringptr, &redis_servers },
389 #endif
390 { "remote_max_parallel", opt_int, &remote_max_parallel },
391 { "remote_sort_domains", opt_stringptr, &remote_sort_domains },
392 { "retry_data_expire", opt_time, &retry_data_expire },
393 { "retry_interval_max", opt_time, &retry_interval_max },
394 { "return_path_remove", opt_bool, &return_path_remove },
395 { "return_size_limit", opt_mkint|opt_hidden, &bounce_return_size_limit },
396 { "rfc1413_hosts", opt_stringptr, &rfc1413_hosts },
397 { "rfc1413_query_timeout", opt_time, &rfc1413_query_timeout },
398 { "sender_unqualified_hosts", opt_stringptr, &sender_unqualified_hosts },
399 { "slow_lookup_log", opt_int, &slow_lookup_log },
400 { "smtp_accept_keepalive", opt_bool, &smtp_accept_keepalive },
401 { "smtp_accept_max", opt_int, &smtp_accept_max },
402 { "smtp_accept_max_nonmail", opt_int, &smtp_accept_max_nonmail },
403 { "smtp_accept_max_nonmail_hosts", opt_stringptr, &smtp_accept_max_nonmail_hosts },
404 { "smtp_accept_max_per_connection", opt_int, &smtp_accept_max_per_connection },
405 { "smtp_accept_max_per_host", opt_stringptr, &smtp_accept_max_per_host },
406 { "smtp_accept_queue", opt_int, &smtp_accept_queue },
407 { "smtp_accept_queue_per_connection", opt_int, &smtp_accept_queue_per_connection },
408 { "smtp_accept_reserve", opt_int, &smtp_accept_reserve },
409 { "smtp_active_hostname", opt_stringptr, &raw_active_hostname },
410 { "smtp_banner", opt_stringptr, &smtp_banner },
411 { "smtp_check_spool_space", opt_bool, &smtp_check_spool_space },
412 { "smtp_connect_backlog", opt_int, &smtp_connect_backlog },
413 { "smtp_enforce_sync", opt_bool, &smtp_enforce_sync },
414 { "smtp_etrn_command", opt_stringptr, &smtp_etrn_command },
415 { "smtp_etrn_serialize", opt_bool, &smtp_etrn_serialize },
416 { "smtp_load_reserve", opt_fixed, &smtp_load_reserve },
417 { "smtp_max_synprot_errors", opt_int, &smtp_max_synprot_errors },
418 { "smtp_max_unknown_commands",opt_int, &smtp_max_unknown_commands },
419 { "smtp_ratelimit_hosts", opt_stringptr, &smtp_ratelimit_hosts },
420 { "smtp_ratelimit_mail", opt_stringptr, &smtp_ratelimit_mail },
421 { "smtp_ratelimit_rcpt", opt_stringptr, &smtp_ratelimit_rcpt },
422 { "smtp_receive_timeout", opt_func, &fn_smtp_receive_timeout },
423 { "smtp_reserve_hosts", opt_stringptr, &smtp_reserve_hosts },
424 { "smtp_return_error_details",opt_bool, &smtp_return_error_details },
425 #ifdef SUPPORT_I18N
426 { "smtputf8_advertise_hosts", opt_stringptr, &smtputf8_advertise_hosts },
427 #endif
428 #ifdef WITH_CONTENT_SCAN
429 { "spamd_address", opt_stringptr, &spamd_address },
430 #endif
431 #ifdef EXPERIMENTAL_SPF
432 { "spf_guess", opt_stringptr, &spf_guess },
433 #endif
434 { "split_spool_directory", opt_bool, &split_spool_directory },
435 { "spool_directory", opt_stringptr, &spool_directory },
436 { "spool_wireformat", opt_bool, &spool_wireformat },
437 #ifdef LOOKUP_SQLITE
438 { "sqlite_lock_timeout", opt_int, &sqlite_lock_timeout },
439 #endif
440 #ifdef EXPERIMENTAL_SRS
441 { "srs_config", opt_stringptr, &srs_config },
442 { "srs_hashlength", opt_int, &srs_hashlength },
443 { "srs_hashmin", opt_int, &srs_hashmin },
444 { "srs_maxage", opt_int, &srs_maxage },
445 { "srs_secrets", opt_stringptr, &srs_secrets },
446 { "srs_usehash", opt_bool, &srs_usehash },
447 { "srs_usetimestamp", opt_bool, &srs_usetimestamp },
448 #endif
449 { "strict_acl_vars", opt_bool, &strict_acl_vars },
450 { "strip_excess_angle_brackets", opt_bool, &strip_excess_angle_brackets },
451 { "strip_trailing_dot", opt_bool, &strip_trailing_dot },
452 { "syslog_duplication", opt_bool, &syslog_duplication },
453 { "syslog_facility", opt_stringptr, &syslog_facility_str },
454 { "syslog_pid", opt_bool, &syslog_pid },
455 { "syslog_processname", opt_stringptr, &syslog_processname },
456 { "syslog_timestamp", opt_bool, &syslog_timestamp },
457 { "system_filter", opt_stringptr, &system_filter },
458 { "system_filter_directory_transport", opt_stringptr,&system_filter_directory_transport },
459 { "system_filter_file_transport",opt_stringptr,&system_filter_file_transport },
460 { "system_filter_group", opt_gid, &system_filter_gid },
461 { "system_filter_pipe_transport",opt_stringptr,&system_filter_pipe_transport },
462 { "system_filter_reply_transport",opt_stringptr,&system_filter_reply_transport },
463 { "system_filter_user", opt_uid, &system_filter_uid },
464 { "tcp_nodelay", opt_bool, &tcp_nodelay },
465 #ifdef USE_TCP_WRAPPERS
466 { "tcp_wrappers_daemon_name", opt_stringptr, &tcp_wrappers_daemon_name },
467 #endif
468 { "timeout_frozen_after", opt_time, &timeout_frozen_after },
469 { "timezone", opt_stringptr, &timezone_string },
470 { "tls_advertise_hosts", opt_stringptr, &tls_advertise_hosts },
471 #ifdef SUPPORT_TLS
472 { "tls_certificate", opt_stringptr, &tls_certificate },
473 { "tls_crl", opt_stringptr, &tls_crl },
474 { "tls_dh_max_bits", opt_int, &tls_dh_max_bits },
475 { "tls_dhparam", opt_stringptr, &tls_dhparam },
476 { "tls_eccurve", opt_stringptr, &tls_eccurve },
477 # ifndef DISABLE_OCSP
478 { "tls_ocsp_file", opt_stringptr, &tls_ocsp_file },
479 # endif
480 { "tls_on_connect_ports", opt_stringptr, &tls_in.on_connect_ports },
481 { "tls_privatekey", opt_stringptr, &tls_privatekey },
482 { "tls_remember_esmtp", opt_bool, &tls_remember_esmtp },
483 { "tls_require_ciphers", opt_stringptr, &tls_require_ciphers },
484 { "tls_try_verify_hosts", opt_stringptr, &tls_try_verify_hosts },
485 { "tls_verify_certificates", opt_stringptr, &tls_verify_certificates },
486 { "tls_verify_hosts", opt_stringptr, &tls_verify_hosts },
487 #endif
488 { "trusted_groups", opt_gidlist, &trusted_groups },
489 { "trusted_users", opt_uidlist, &trusted_users },
490 { "unknown_login", opt_stringptr, &unknown_login },
491 { "unknown_username", opt_stringptr, &unknown_username },
492 { "untrusted_set_sender", opt_stringptr, &untrusted_set_sender },
493 { "uucp_from_pattern", opt_stringptr, &uucp_from_pattern },
494 { "uucp_from_sender", opt_stringptr, &uucp_from_sender },
495 { "warn_message_file", opt_stringptr, &warn_message_file },
496 { "write_rejectlog", opt_bool, &write_rejectlog }
497 };
498
499 static int optionlist_config_size = nelem(optionlist_config);
500
501
502
503 /*************************************************
504 * Find the name of an option *
505 *************************************************/
506
507 /* This function is to aid debugging. Various functions take arguments that are
508 pointer variables in the options table or in option tables for various drivers.
509 For debugging output, it is useful to be able to find the name of the option
510 which is currently being processed. This function finds it, if it exists, by
511 searching the table(s).
512
513 Arguments: a value that is presumed to be in the table above
514 Returns: the option name, or an empty string
515 */
516
517 uschar *
518 readconf_find_option(void *p)
519 {
520 int i;
521 router_instance *r;
522 transport_instance *t;
523
524 for (i = 0; i < nelem(optionlist_config); i++)
525 if (p == optionlist_config[i].value) return US optionlist_config[i].name;
526
527 for (r = routers; r; r = r->next)
528 {
529 router_info *ri = r->info;
530 for (i = 0; i < *ri->options_count; i++)
531 {
532 if ((ri->options[i].type & opt_mask) != opt_stringptr) continue;
533 if (p == (char *)(r->options_block) + (long int)(ri->options[i].value))
534 return US ri->options[i].name;
535 }
536 }
537
538 for (t = transports; t; t = t->next)
539 {
540 transport_info *ti = t->info;
541 for (i = 0; i < *ti->options_count; i++)
542 {
543 optionlist * op = &ti->options[i];
544 if ((op->type & opt_mask) != opt_stringptr) continue;
545 if (p == ( op->type & opt_public
546 ? (char *)t
547 : (char *)t->options_block
548 )
549 + (long int)op->value)
550 return US op->name;
551 }
552 }
553
554 return US"";
555 }
556
557
558
559
560 /*************************************************
561 * Deal with an assignment to a macro *
562 *************************************************/
563
564 /* We have a new definition.
565 If a builtin macro we place at head of list, else tail. This lets us lazy-create
566 builtins.
567
568 Args:
569 name Name of the macro. Must be in storage persistent past the call
570 val Expansion result for the macro. Ditto persistence.
571 */
572
573 macro_item *
574 macro_create(const uschar * name, const uschar * val,
575 BOOL command_line, BOOL builtin)
576 {
577 unsigned namelen = Ustrlen(name);
578 macro_item * m = store_get(sizeof(macro_item));
579
580 /* fprintf(stderr, "%s: '%s' '%s'\n", __FUNCTION__, name, val) */
581 if (!macros)
582 {
583 macros = m;
584 mlast = m;
585 m->next = NULL;
586 }
587 else if (builtin)
588 {
589 m->next = macros;
590 macros = m;
591 }
592 else
593 {
594 mlast->next = m;
595 mlast = m;
596 m->next = NULL;
597 }
598 m->command_line = command_line;
599 m->namelen = namelen;
600 m->name = name;
601 m->replacement = val;
602 return m;
603 }
604
605
606 /* This function is called when a line that starts with an upper case letter is
607 encountered. The argument "line" should contain a complete logical line, and
608 start with the first letter of the macro name. The macro name and the
609 replacement text are extracted and stored. Redefinition of existing,
610 non-command line, macros is permitted using '==' instead of '='.
611
612 Arguments:
613 s points to the start of the logical line
614
615 Returns: nothing
616 */
617
618 static void
619 read_macro_assignment(uschar *s)
620 {
621 uschar name[64];
622 int namelen = 0;
623 BOOL redef = FALSE;
624 macro_item *m;
625
626 while (isalnum(*s) || *s == '_')
627 {
628 if (namelen >= sizeof(name) - 1)
629 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
630 "macro name too long (maximum is " SIZE_T_FMT " characters)", sizeof(name) - 1);
631 name[namelen++] = *s++;
632 }
633 name[namelen] = 0;
634
635 while (isspace(*s)) s++;
636 if (*s++ != '=')
637 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "malformed macro definition");
638
639 if (*s == '=')
640 {
641 redef = TRUE;
642 s++;
643 }
644 while (isspace(*s)) s++;
645
646 /* If an existing macro of the same name was defined on the command line, we
647 just skip this definition. It's an error to attempt to redefine a macro without
648 redef set to TRUE, or to redefine a macro when it hasn't been defined earlier.
649 It is also an error to define a macro whose name begins with the name of a
650 previously defined macro. This is the requirement that make using a tree
651 for macros hard; we must check all macros for the substring. Perhaps a
652 sorted list, and a bsearch, would work?
653 Note: it is documented that the other way round works. */
654
655 for (m = macros; m; m = m->next)
656 {
657 if (Ustrcmp(m->name, name) == 0)
658 {
659 if (!m->command_line && !redef)
660 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "macro \"%s\" is already "
661 "defined (use \"==\" if you want to redefine it", name);
662 break;
663 }
664
665 if (m->namelen < namelen && Ustrstr(name, m->name) != NULL)
666 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
667 "a macro because previously defined macro \"%s\" is a substring",
668 name, m->name);
669
670 /* We cannot have this test, because it is documented that a substring
671 macro is permitted (there is even an example).
672 *
673 * if (m->namelen > namelen && Ustrstr(m->name, name) != NULL)
674 * log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
675 * "a macro because it is a substring of previously defined macro \"%s\"",
676 * name, m->name);
677 */
678 }
679
680 /* Check for an overriding command-line definition. */
681
682 if (m && m->command_line) return;
683
684 /* Redefinition must refer to an existing macro. */
685
686 if (redef)
687 if (m)
688 m->replacement = string_copy(s);
689 else
690 log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "can't redefine an undefined macro "
691 "\"%s\"", name);
692
693 /* We have a new definition. */
694 else
695 (void) macro_create(string_copy(name), string_copy(s), FALSE, FALSE);
696 }
697
698
699
700
701
702 /*************************************************/
703 /* Create compile-time feature macros */
704 static void
705 readconf_features(void)
706 {
707 /* Probably we could work out a static initialiser for wherever
708 macros are stored, but this will do for now. Some names are awkward
709 due to conflicts with other common macros. */
710
711 #ifdef SUPPORT_CRYPTEQ
712 macro_create(US"_HAVE_CRYPTEQ", US"y", FALSE, TRUE);
713 #endif
714 #if HAVE_ICONV
715 macro_create(US"_HAVE_ICONV", US"y", FALSE, TRUE);
716 #endif
717 #if HAVE_IPV6
718 macro_create(US"_HAVE_IPV6", US"y", FALSE, TRUE);
719 #endif
720 #ifdef HAVE_SETCLASSRESOURCES
721 macro_create(US"_HAVE_SETCLASSRESOURCES", US"y", FALSE, TRUE);
722 #endif
723 #ifdef SUPPORT_PAM
724 macro_create(US"_HAVE_PAM", US"y", FALSE, TRUE);
725 #endif
726 #ifdef EXIM_PERL
727 macro_create(US"_HAVE_PERL", US"y", FALSE, TRUE);
728 #endif
729 #ifdef EXPAND_DLFUNC
730 macro_create(US"_HAVE_DLFUNC", US"y", FALSE, TRUE);
731 #endif
732 #ifdef USE_TCP_WRAPPERS
733 macro_create(US"_HAVE_TCPWRAPPERS", US"y", FALSE, TRUE);
734 #endif
735 #ifdef SUPPORT_TLS
736 macro_create(US"_HAVE_TLS", US"y", FALSE, TRUE);
737 # ifdef USE_GNUTLS
738 macro_create(US"_HAVE_GNUTLS", US"y", FALSE, TRUE);
739 # else
740 macro_create(US"_HAVE_OPENSSL", US"y", FALSE, TRUE);
741 # endif
742 #endif
743 #ifdef SUPPORT_TRANSLATE_IP_ADDRESS
744 macro_create(US"_HAVE_TRANSLATE_IP_ADDRESS", US"y", FALSE, TRUE);
745 #endif
746 #ifdef SUPPORT_MOVE_FROZEN_MESSAGES
747 macro_create(US"_HAVE_MOVE_FROZEN_MESSAGES", US"y", FALSE, TRUE);
748 #endif
749 #ifdef WITH_CONTENT_SCAN
750 macro_create(US"_HAVE_CONTENT_SCANNING", US"y", FALSE, TRUE);
751 #endif
752 #ifndef DISABLE_DKIM
753 macro_create(US"_HAVE_DKIM", US"y", FALSE, TRUE);
754 #endif
755 #ifndef DISABLE_DNSSEC
756 macro_create(US"_HAVE_DNSSEC", US"y", FALSE, TRUE);
757 #endif
758 #ifndef DISABLE_EVENT
759 macro_create(US"_HAVE_EVENT", US"y", FALSE, TRUE);
760 #endif
761 #ifdef SUPPORT_I18N
762 macro_create(US"_HAVE_I18N", US"y", FALSE, TRUE);
763 #endif
764 #ifndef DISABLE_OCSP
765 macro_create(US"_HAVE_OCSP", US"y", FALSE, TRUE);
766 #endif
767 #ifndef DISABLE_PRDR
768 macro_create(US"_HAVE_PRDR", US"y", FALSE, TRUE);
769 #endif
770 #ifdef SUPPORT_PROXY
771 macro_create(US"_HAVE_PROXY", US"y", FALSE, TRUE);
772 #endif
773 #ifdef SUPPORT_SOCKS
774 macro_create(US"_HAVE_SOCKS", US"y", FALSE, TRUE);
775 #endif
776 #ifdef TCP_FASTOPEN
777 macro_create(US"_HAVE_TCP_FASTOPEN", US"y", FALSE, TRUE);
778 #endif
779 #ifdef EXPERIMENTAL_LMDB
780 macro_create(US"_HAVE_LMDB", US"y", FALSE, TRUE);
781 #endif
782 #ifdef EXPERIMENTAL_SPF
783 macro_create(US"_HAVE_SPF", US"y", FALSE, TRUE);
784 #endif
785 #ifdef EXPERIMENTAL_SRS
786 macro_create(US"_HAVE_SRS", US"y", FALSE, TRUE);
787 #endif
788 #ifdef EXPERIMENTAL_BRIGHTMAIL
789 macro_create(US"_HAVE_BRIGHTMAIL", US"y", FALSE, TRUE);
790 #endif
791 #ifdef EXPERIMENTAL_DANE
792 macro_create(US"_HAVE_DANE", US"y", FALSE, TRUE);
793 #endif
794 #ifdef EXPERIMENTAL_DCC
795 macro_create(US"_HAVE_DCC", US"y", FALSE, TRUE);
796 #endif
797 #ifdef EXPERIMENTAL_DMARC
798 macro_create(US"_HAVE_DMARC", US"y", FALSE, TRUE);
799 #endif
800 #ifdef EXPERIMENTAL_DSN_INFO
801 macro_create(US"_HAVE_DSN_INFO", US"y", FALSE, TRUE);
802 #endif
803
804 #ifdef LOOKUP_LSEARCH
805 macro_create(US"_HAVE_LOOKUP_LSEARCH", US"y", FALSE, TRUE);
806 #endif
807 #ifdef LOOKUP_CDB
808 macro_create(US"_HAVE_LOOKUP_CDB", US"y", FALSE, TRUE);
809 #endif
810 #ifdef LOOKUP_DBM
811 macro_create(US"_HAVE_LOOKUP_DBM", US"y", FALSE, TRUE);
812 #endif
813 #ifdef LOOKUP_DNSDB
814 macro_create(US"_HAVE_LOOKUP_DNSDB", US"y", FALSE, TRUE);
815 #endif
816 #ifdef LOOKUP_DSEARCH
817 macro_create(US"_HAVE_LOOKUP_DSEARCH", US"y", FALSE, TRUE);
818 #endif
819 #ifdef LOOKUP_IBASE
820 macro_create(US"_HAVE_LOOKUP_IBASE", US"y", FALSE, TRUE);
821 #endif
822 #ifdef LOOKUP_LDAP
823 macro_create(US"_HAVE_LOOKUP_LDAP", US"y", FALSE, TRUE);
824 #endif
825 #ifdef EXPERIMENTAL_LMDB
826 macro_create(US"_HAVE_LOOKUP_LMDB", US"y", FALSE, TRUE);
827 #endif
828 #ifdef LOOKUP_MYSQL
829 macro_create(US"_HAVE_LOOKUP_MYSQL", US"y", FALSE, TRUE);
830 #endif
831 #ifdef LOOKUP_NIS
832 macro_create(US"_HAVE_LOOKUP_NIS", US"y", FALSE, TRUE);
833 #endif
834 #ifdef LOOKUP_NISPLUS
835 macro_create(US"_HAVE_LOOKUP_NISPLUS", US"y", FALSE, TRUE);
836 #endif
837 #ifdef LOOKUP_ORACLE
838 macro_create(US"_HAVE_LOOKUP_ORACLE", US"y", FALSE, TRUE);
839 #endif
840 #ifdef LOOKUP_PASSWD
841 macro_create(US"_HAVE_LOOKUP_PASSWD", US"y", FALSE, TRUE);
842 #endif
843 #ifdef LOOKUP_PGSQL
844 macro_create(US"_HAVE_LOOKUP_PGSQL", US"y", FALSE, TRUE);
845 #endif
846 #ifdef LOOKUP_REDIS
847 macro_create(US"_HAVE_LOOKUP_REDIS", US"y", FALSE, TRUE);
848 #endif
849 #ifdef LOOKUP_SQLITE
850 macro_create(US"_HAVE_LOOKUP_SQLITE", US"y", FALSE, TRUE);
851 #endif
852 #ifdef LOOKUP_TESTDB
853 macro_create(US"_HAVE_LOOKUP_TESTDB", US"y", FALSE, TRUE);
854 #endif
855 #ifdef LOOKUP_WHOSON
856 macro_create(US"_HAVE_LOOKUP_WHOSON", US"y", FALSE, TRUE);
857 #endif
858
859 #ifdef TRANSPORT_APPENDFILE
860 # ifdef SUPPORT_MAILDIR
861 macro_create(US"_HAVE_TRANSPORT_APPEND_MAILDIR", US"y", FALSE, TRUE);
862 # endif
863 # ifdef SUPPORT_MAILSTORE
864 macro_create(US"_HAVE_TRANSPORT_APPEND_MAILSTORE", US"y", FALSE, TRUE);
865 # endif
866 # ifdef SUPPORT_MBX
867 macro_create(US"_HAVE_TRANSPORT_APPEND_MBX", US"y", FALSE, TRUE);
868 # endif
869 #endif
870 }
871
872
873 void
874 readconf_options_from_list(optionlist * opts, unsigned nopt, const uschar * section, uschar * group)
875 {
876 int i;
877 const uschar * s;
878
879 /* The 'previously-defined-substring' rule for macros in config file
880 lines is done so for these builtin macros: we know that the table
881 we source from is in strict alpha order, hence the builtins portion
882 of the macros list is in reverse-alpha (we prepend them) - so longer
883 macros that have substrings are always discovered first during
884 expansion. */
885
886 for (i = 0; i < nopt; i++) if (*(s = US opts[i].name) && *s != '*')
887 if (group)
888 macro_create(string_sprintf("_OPT_%T_%T_%T", section, group, s), US"y", FALSE, TRUE);
889 else
890 macro_create(string_sprintf("_OPT_%T_%T", section, s), US"y", FALSE, TRUE);
891 }
892
893
894 static void
895 readconf_options(void)
896 {
897 readconf_options_from_list(optionlist_config, nelem(optionlist_config), US"MAIN", NULL);
898 readconf_options_routers();
899 readconf_options_transports();
900 readconf_options_auths();
901 }
902
903 static void
904 macros_create_builtin(void)
905 {
906 readconf_features();
907 readconf_options();
908 macros_builtin_created = TRUE;
909 }
910
911
912 /*************************************************
913 * Read configuration line *
914 *************************************************/
915
916 /* A logical line of text is read from the configuration file into the big
917 buffer, taking account of macros, .includes, and continuations. The size of
918 big_buffer is increased if necessary. The count of configuration lines is
919 maintained. Physical input lines starting with # (ignoring leading white space,
920 and after macro replacement) and empty logical lines are always ignored.
921 Leading and trailing spaces are removed.
922
923 If we hit a line of the form "begin xxxx", the xxxx is placed in the
924 next_section vector, and the function returns NULL, indicating the end of a
925 configuration section. On end-of-file, NULL is returned with next_section
926 empty.
927
928 Arguments: none
929
930 Returns: a pointer to the first non-blank in the line,
931 or NULL if eof or end of section is reached
932 */
933
934 static uschar *
935 get_config_line(void)
936 {
937 int startoffset = 0; /* To first non-blank char in logical line */
938 int len = 0; /* Of logical line so far */
939 int newlen;
940 uschar *s, *ss;
941 macro_item *m;
942 BOOL macro_found;
943
944 /* Loop for handling continuation lines, skipping comments, and dealing with
945 .include files. */
946
947 for (;;)
948 {
949 if (Ufgets(big_buffer+len, big_buffer_size-len, config_file) == NULL)
950 {
951 if (config_file_stack != NULL) /* EOF inside .include */
952 {
953 (void)fclose(config_file);
954 config_file = config_file_stack->file;
955 config_filename = config_file_stack->filename;
956 config_directory = config_file_stack->directory;
957 config_lineno = config_file_stack->lineno;
958 config_file_stack = config_file_stack->next;
959 if (config_lines)
960 save_config_position(config_filename, config_lineno);
961 continue;
962 }
963
964 /* EOF at top level */
965
966 if (cstate_stack_ptr >= 0)
967 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
968 "Unexpected end of configuration file: .endif missing");
969
970 if (len != 0) break; /* EOF after continuation */
971 next_section[0] = 0; /* EOF at start of logical line */
972 return NULL;
973 }
974
975 config_lineno++;
976 newlen = len + Ustrlen(big_buffer + len);
977
978 if (config_lines && config_lineno == 1)
979 save_config_position(config_filename, config_lineno);
980
981 /* Handle pathologically long physical lines - yes, it did happen - by
982 extending big_buffer at this point. The code also copes with very long
983 logical lines. */
984
985 while (newlen == big_buffer_size - 1 && big_buffer[newlen - 1] != '\n')
986 {
987 uschar *newbuffer;
988 big_buffer_size += BIG_BUFFER_SIZE;
989 newbuffer = store_malloc(big_buffer_size);
990
991 /* This use of strcpy is OK because we know that the string in the old
992 buffer is shorter than the new buffer. */
993
994 Ustrcpy(newbuffer, big_buffer);
995 store_free(big_buffer);
996 big_buffer = newbuffer;
997 if (Ufgets(big_buffer+newlen, big_buffer_size-newlen, config_file) == NULL)
998 break;
999 newlen += Ustrlen(big_buffer + newlen);
1000 }
1001
1002 /* Find the true start of the physical line - leading spaces are always
1003 ignored. */
1004
1005 ss = big_buffer + len;
1006 while (isspace(*ss)) ss++;
1007
1008 /* Process the physical line for macros. If this is the start of the logical
1009 line, skip over initial text at the start of the line if it starts with an
1010 upper case character followed by a sequence of name characters and an equals
1011 sign, because that is the definition of a new macro, and we don't do
1012 replacement therein. */
1013
1014 s = ss;
1015 if (len == 0 && isupper(*s))
1016 {
1017 while (isalnum(*s) || *s == '_') s++;
1018 while (isspace(*s)) s++;
1019 if (*s != '=') s = ss; /* Not a macro definition */
1020 }
1021
1022 /* If the builtin macros are not yet defined, and the line contains an
1023 underscrore followed by an one of the three possible chars used by
1024 builtins, create them. */
1025
1026 if (!macros_builtin_created)
1027 {
1028 const uschar * t, * p;
1029 uschar c;
1030 for (t = s; (p = CUstrchr(t, '_')); t = p+1)
1031 if (c = p[1], c == 'O' || c == 'D' || c == 'H')
1032 {
1033 /* fprintf(stderr, "%s: builtins create triggered by '%s'\n", __FUNCTION__, s); */
1034 builtin_macros_create_trigger = string_copy(s);
1035 macros_create_builtin();
1036 break;
1037 }
1038 }
1039
1040 /* For each defined macro, scan the line (from after XXX= if present),
1041 replacing all occurrences of the macro. */
1042
1043 macro_found = FALSE;
1044 for (m = macros; m; m = m->next)
1045 {
1046 uschar *p, *pp;
1047 uschar *t = s;
1048
1049 while ((p = Ustrstr(t, m->name)) != NULL)
1050 {
1051 int moveby;
1052 int replen = Ustrlen(m->replacement);
1053
1054 /* fprintf(stderr, "%s: matched '%s' in '%s'\n", __FUNCTION__, m->name, t) */
1055 /* Expand the buffer if necessary */
1056
1057 while (newlen - m->namelen + replen + 1 > big_buffer_size)
1058 {
1059 int newsize = big_buffer_size + BIG_BUFFER_SIZE;
1060 uschar *newbuffer = store_malloc(newsize);
1061 memcpy(newbuffer, big_buffer, newlen + 1);
1062 p = newbuffer + (p - big_buffer);
1063 s = newbuffer + (s - big_buffer);
1064 ss = newbuffer + (ss - big_buffer);
1065 t = newbuffer + (t - big_buffer);
1066 big_buffer_size = newsize;
1067 store_free(big_buffer);
1068 big_buffer = newbuffer;
1069 }
1070
1071 /* Shuffle the remaining characters up or down in the buffer before
1072 copying in the replacement text. Don't rescan the replacement for this
1073 same macro. */
1074
1075 pp = p + m->namelen;
1076 if ((moveby = replen - m->namelen) != 0)
1077 {
1078 memmove(p + replen, pp, (big_buffer + newlen) - pp + 1);
1079 newlen += moveby;
1080 }
1081 Ustrncpy(p, m->replacement, replen);
1082 t = p + replen;
1083 macro_found = TRUE;
1084 }
1085 }
1086
1087 /* An empty macro replacement at the start of a line could mean that ss no
1088 longer points to the first non-blank character. */
1089
1090 while (isspace(*ss)) ss++;
1091
1092 /* Check for comment lines - these are physical lines. */
1093
1094 if (*ss == '#') continue;
1095
1096 /* Handle conditionals, which are also applied to physical lines. Conditions
1097 are of the form ".ifdef ANYTEXT" and are treated as true if any macro
1098 expansion occured on the rest of the line. A preliminary test for the leading
1099 '.' saves effort on most lines. */
1100
1101 if (*ss == '.')
1102 {
1103 int i;
1104
1105 /* Search the list of conditional directives */
1106
1107 for (i = 0; i < cond_list_size; i++)
1108 {
1109 int n;
1110 cond_item *c = cond_list+i;
1111 if (Ustrncmp(ss+1, c->name, c->namelen) != 0) continue;
1112
1113 /* The following character must be white space or end of string */
1114
1115 n = ss[1 + c->namelen];
1116 if (n != ' ' && n != 't' && n != '\n' && n != 0) break;
1117
1118 /* .ifdef and .ifndef push the current state onto the stack, then set
1119 a new one from the table. Stack overflow is an error */
1120
1121 if (c->pushpop > 0)
1122 {
1123 if (cstate_stack_ptr >= CSTATE_STACK_SIZE - 1)
1124 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1125 ".%s nested too deeply", c->name);
1126 cstate_stack[++cstate_stack_ptr] = cstate;
1127 cstate = next_cstate[cstate][macro_found? c->action1 : c->action2];
1128 }
1129
1130 /* For any of the others, stack underflow is an error. The next state
1131 comes either from the stack (.endif) or from the table. */
1132
1133 else
1134 {
1135 if (cstate_stack_ptr < 0)
1136 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1137 ".%s without matching .ifdef", c->name);
1138 cstate = (c->pushpop < 0)? cstate_stack[cstate_stack_ptr--] :
1139 next_cstate[cstate][macro_found? c->action1 : c->action2];
1140 }
1141
1142 /* Having dealt with a directive, break the loop */
1143
1144 break;
1145 }
1146
1147 /* If we have handled a conditional directive, continue with the next
1148 physical line. Otherwise, fall through. */
1149
1150 if (i < cond_list_size) continue;
1151 }
1152
1153 /* If the conditional state is not 0 (actively using these lines), ignore
1154 this input line. */
1155
1156 if (cstate != 0) continue; /* Conditional skip */
1157
1158 /* Handle .include lines - these are also physical lines. */
1159
1160 if (Ustrncmp(ss, ".include", 8) == 0 &&
1161 (isspace(ss[8]) ||
1162 (Ustrncmp(ss+8, "_if_exists", 10) == 0 && isspace(ss[18]))))
1163 {
1164 uschar *t;
1165 int include_if_exists = isspace(ss[8])? 0 : 10;
1166 config_file_item *save;
1167 struct stat statbuf;
1168
1169 ss += 9 + include_if_exists;
1170 while (isspace(*ss)) ss++;
1171 t = ss + Ustrlen(ss);
1172 while (t > ss && isspace(t[-1])) t--;
1173 if (*ss == '\"' && t[-1] == '\"')
1174 {
1175 ss++;
1176 t--;
1177 }
1178 *t = 0;
1179
1180 /* We allow relative file names. For security reasons currently
1181 relative names not allowed with .include_if_exists. For .include_if_exists
1182 we need to check the permissions/ownership of the containing folder */
1183 if (*ss != '/')
1184 if (include_if_exists) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, ".include specifies a non-"
1185 "absolute path \"%s\"", ss);
1186 else
1187 {
1188 int offset = 0;
1189 int size = 0;
1190 ss = string_append(NULL, &size, &offset, 3, config_directory, "/", ss);
1191 ss[offset] = '\0'; /* string_append() does not zero terminate the string! */
1192 }
1193
1194 if (include_if_exists != 0 && (Ustat(ss, &statbuf) != 0)) continue;
1195
1196 if (config_lines)
1197 save_config_position(config_filename, config_lineno);
1198 save = store_get(sizeof(config_file_item));
1199 save->next = config_file_stack;
1200 config_file_stack = save;
1201 save->file = config_file;
1202 save->filename = config_filename;
1203 save->directory = config_directory;
1204 save->lineno = config_lineno;
1205
1206 if (!(config_file = Ufopen(ss, "rb")))
1207 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to open included "
1208 "configuration file %s", ss);
1209
1210 config_filename = string_copy(ss);
1211 config_directory = string_copyn(ss, CUstrrchr(ss, '/') - ss);
1212 config_lineno = 0;
1213 continue;
1214 }
1215
1216 /* If this is the start of the logical line, remember where the non-blank
1217 data starts. Otherwise shuffle down continuation lines to remove leading
1218 white space. */
1219
1220 if (len == 0)
1221 startoffset = ss - big_buffer;
1222 else
1223 {
1224 s = big_buffer + len;
1225 if (ss > s)
1226 {
1227 memmove(s, ss, (newlen - len) - (ss - s) + 1);
1228 newlen -= ss - s;
1229 }
1230 }
1231
1232 /* Accept the new addition to the line. Remove trailing white space. */
1233
1234 len = newlen;
1235 while (len > 0 && isspace(big_buffer[len-1])) len--;
1236 big_buffer[len] = 0;
1237
1238 /* We are done if the line does not end in backslash and contains some data.
1239 Empty logical lines are ignored. For continuations, remove the backslash and
1240 go round the loop to read the continuation line. */
1241
1242 if (len > 0)
1243 {
1244 if (big_buffer[len-1] != '\\') break; /* End of logical line */
1245 big_buffer[--len] = 0; /* Remove backslash */
1246 }
1247 } /* Loop for reading multiple physical lines */
1248
1249 /* We now have a logical line. Test for the end of a configuration section (or,
1250 more accurately, for the start of the next section). Place the name of the next
1251 section in next_section, and return NULL. If the name given is longer than
1252 next_section, truncate it. It will be unrecognized later, because all the known
1253 section names do fit. Leave space for pluralizing. */
1254
1255 s = big_buffer + startoffset; /* First non-space character */
1256
1257 if (config_lines)
1258 save_config_line(s);
1259
1260 if (strncmpic(s, US"begin ", 6) == 0)
1261 {
1262 s += 6;
1263 while (isspace(*s)) s++;
1264 if (big_buffer + len - s > sizeof(next_section) - 2)
1265 s[sizeof(next_section) - 2] = 0;
1266 Ustrcpy(next_section, s);
1267 return NULL;
1268 }
1269
1270 /* Return the first non-blank character. */
1271
1272 return s;
1273 }
1274
1275
1276
1277 /*************************************************
1278 * Read a name *
1279 *************************************************/
1280
1281 /* The yield is the pointer to the next uschar. Names longer than the
1282 output space are silently truncated. This function is also used from acl.c when
1283 parsing ACLs.
1284
1285 Arguments:
1286 name where to put the name
1287 len length of name
1288 s input pointer
1289
1290 Returns: new input pointer
1291 */
1292
1293 uschar *
1294 readconf_readname(uschar *name, int len, uschar *s)
1295 {
1296 int p = 0;
1297 while (isspace(*s)) s++;
1298 if (isalpha(*s))
1299 {
1300 while (isalnum(*s) || *s == '_')
1301 {
1302 if (p < len-1) name[p++] = *s;
1303 s++;
1304 }
1305 }
1306 name[p] = 0;
1307 while (isspace(*s)) s++;
1308 return s;
1309 }
1310
1311
1312
1313
1314 /*************************************************
1315 * Read a time value *
1316 *************************************************/
1317
1318 /* This function is also called from outside, to read argument
1319 time values. The format of a time value is:
1320
1321 [<n>w][<n>d][<n>h][<n>m][<n>s]
1322
1323 as long as at least one is present. If a format error is encountered,
1324 return a negative value. The value must be terminated by the given
1325 terminator.
1326
1327 Arguments:
1328 s input pointer
1329 terminator required terminating character
1330 return_msec if TRUE, allow fractional seconds and return milliseconds
1331
1332 Returns: the time value, or -1 on syntax error
1333 value is seconds if return_msec is FALSE
1334 value is milliseconds if return_msec is TRUE
1335 */
1336
1337 int
1338 readconf_readtime(const uschar *s, int terminator, BOOL return_msec)
1339 {
1340 int yield = 0;
1341 for (;;)
1342 {
1343 int value, count;
1344 double fraction;
1345
1346 if (!isdigit(*s)) return -1;
1347 (void)sscanf(CCS s, "%d%n", &value, &count);
1348 s += count;
1349
1350 switch (*s)
1351 {
1352 case 'w': value *= 7;
1353 case 'd': value *= 24;
1354 case 'h': value *= 60;
1355 case 'm': value *= 60;
1356 case 's': s++;
1357 break;
1358
1359 case '.':
1360 if (!return_msec) return -1;
1361 (void)sscanf(CCS s, "%lf%n", &fraction, &count);
1362 s += count;
1363 if (*s++ != 's') return -1;
1364 yield += (int)(fraction * 1000.0);
1365 break;
1366
1367 default: return -1;
1368 }
1369
1370 if (return_msec) value *= 1000;
1371 yield += value;
1372 if (*s == terminator) return yield;
1373 }
1374 /* Control never reaches here. */
1375 }
1376
1377
1378
1379 /*************************************************
1380 * Read a fixed point value *
1381 *************************************************/
1382
1383 /* The value is returned *1000
1384
1385 Arguments:
1386 s input pointer
1387 terminator required terminator
1388
1389 Returns: the value, or -1 on error
1390 */
1391
1392 static int
1393 readconf_readfixed(const uschar *s, int terminator)
1394 {
1395 int yield = 0;
1396 int value, count;
1397 if (!isdigit(*s)) return -1;
1398 (void)sscanf(CS s, "%d%n", &value, &count);
1399 s += count;
1400 yield = value * 1000;
1401 if (*s == '.')
1402 {
1403 int m = 100;
1404 while (isdigit((*(++s))))
1405 {
1406 yield += (*s - '0') * m;
1407 m /= 10;
1408 }
1409 }
1410
1411 return (*s == terminator)? yield : (-1);
1412 }
1413
1414
1415
1416 /*************************************************
1417 * Find option in list *
1418 *************************************************/
1419
1420 /* The lists are always in order, so binary chop can be used.
1421
1422 Arguments:
1423 name the option name to search for
1424 ol the first entry in the option list
1425 last one more than the offset of the last entry in the option list
1426
1427 Returns: pointer to an option entry, or NULL if not found
1428 */
1429
1430 static optionlist *
1431 find_option(uschar *name, optionlist *ol, int last)
1432 {
1433 int first = 0;
1434 while (last > first)
1435 {
1436 int middle = (first + last)/2;
1437 int c = Ustrcmp(name, ol[middle].name);
1438
1439 if (c == 0) return ol + middle;
1440 else if (c > 0) first = middle + 1;
1441 else last = middle;
1442 }
1443 return NULL;
1444 }
1445
1446
1447
1448 /*************************************************
1449 * Find a set flag in option list *
1450 *************************************************/
1451
1452 /* Because some versions of Unix make no restrictions on the values of uids and
1453 gids (even negative ones), we cannot represent "unset" by a special value.
1454 There is therefore a separate boolean variable for each one indicating whether
1455 a value is set or not. This function returns a pointer to the boolean, given
1456 the original option name. It is a major disaster if the flag cannot be found.
1457
1458 Arguments:
1459 name the name of the uid or gid option
1460 oltop points to the start of the relevant option list
1461 last one more than the offset of the last item in the option list
1462 data_block NULL when reading main options => data values in the option
1463 list are absolute addresses; otherwise they are byte offsets
1464 in data_block (used for driver options)
1465
1466 Returns: a pointer to the boolean flag.
1467 */
1468
1469 static BOOL *
1470 get_set_flag(uschar *name, optionlist *oltop, int last, void *data_block)
1471 {
1472 optionlist *ol;
1473 uschar name2[64];
1474 sprintf(CS name2, "*set_%.50s", name);
1475 ol = find_option(name2, oltop, last);
1476 if (ol == NULL) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
1477 "Exim internal error: missing set flag for %s", name);
1478 return (data_block == NULL)? (BOOL *)(ol->value) :
1479 (BOOL *)((uschar *)data_block + (long int)(ol->value));
1480 }
1481
1482
1483
1484
1485 /*************************************************
1486 * Output extra characters message and die *
1487 *************************************************/
1488
1489 /* Called when an option line has junk on the end. Sometimes this is because
1490 the sysadmin thinks comments are permitted.
1491
1492 Arguments:
1493 s points to the extra characters
1494 t1..t3 strings to insert in the log message
1495
1496 Returns: doesn't return; dies
1497 */
1498
1499 static void
1500 extra_chars_error(const uschar *s, const uschar *t1, const uschar *t2, const uschar *t3)
1501 {
1502 uschar *comment = US"";
1503 if (*s == '#') comment = US" (# is comment only at line start)";
1504 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1505 "extra characters follow %s%s%s%s", t1, t2, t3, comment);
1506 }
1507
1508
1509
1510 /*************************************************
1511 * Read rewrite information *
1512 *************************************************/
1513
1514 /* Each line of rewrite information contains:
1515
1516 . A complete address in the form user@domain, possibly with
1517 leading * for each part; or alternatively, a regex.
1518
1519 . A replacement string (which will be expanded).
1520
1521 . An optional sequence of one-letter flags, indicating which
1522 headers etc. to apply this rule to.
1523
1524 All this is decoded and placed into a control block. The OR of the flags is
1525 maintained in a common word.
1526
1527 Arguments:
1528 p points to the string that makes up the rule
1529 existflags points to the overall flag word
1530 isglobal TRUE if reading global rewrite rules
1531
1532 Returns: the control block for the parsed rule.
1533 */
1534
1535 static rewrite_rule *
1536 readconf_one_rewrite(const uschar *p, int *existflags, BOOL isglobal)
1537 {
1538 rewrite_rule *next = store_get(sizeof(rewrite_rule));
1539
1540 next->next = NULL;
1541 next->key = string_dequote(&p);
1542
1543 while (isspace(*p)) p++;
1544 if (*p == 0)
1545 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1546 "missing rewrite replacement string");
1547
1548 next->flags = 0;
1549 next->replacement = string_dequote(&p);
1550
1551 while (*p != 0) switch (*p++)
1552 {
1553 case ' ': case '\t': break;
1554
1555 case 'q': next->flags |= rewrite_quit; break;
1556 case 'w': next->flags |= rewrite_whole; break;
1557
1558 case 'h': next->flags |= rewrite_all_headers; break;
1559 case 's': next->flags |= rewrite_sender; break;
1560 case 'f': next->flags |= rewrite_from; break;
1561 case 't': next->flags |= rewrite_to; break;
1562 case 'c': next->flags |= rewrite_cc; break;
1563 case 'b': next->flags |= rewrite_bcc; break;
1564 case 'r': next->flags |= rewrite_replyto; break;
1565
1566 case 'E': next->flags |= rewrite_all_envelope; break;
1567 case 'F': next->flags |= rewrite_envfrom; break;
1568 case 'T': next->flags |= rewrite_envto; break;
1569
1570 case 'Q': next->flags |= rewrite_qualify; break;
1571 case 'R': next->flags |= rewrite_repeat; break;
1572
1573 case 'S':
1574 next->flags |= rewrite_smtp;
1575 if (next->key[0] != '^' && Ustrncmp(next->key, "\\N^", 3) != 0)
1576 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1577 "rewrite rule has the S flag but is not a regular expression");
1578 break;
1579
1580 default:
1581 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1582 "unknown rewrite flag character '%c' "
1583 "(could be missing quotes round replacement item)", p[-1]);
1584 break;
1585 }
1586
1587 /* If no action flags are set, set all the "normal" rewrites. */
1588
1589 if ((next->flags & (rewrite_all | rewrite_smtp)) == 0)
1590 next->flags |= isglobal? rewrite_all : rewrite_all_headers;
1591
1592 /* Remember which exist, for optimization, and return the rule */
1593
1594 *existflags |= next->flags;
1595 return next;
1596 }
1597
1598
1599
1600
1601 /*************************************************
1602 * Read global rewrite information *
1603 *************************************************/
1604
1605 /* Each line is a single rewrite rule; it is parsed into a control block
1606 by readconf_one_rewrite(), and its flags are ORed into the global flag
1607 word rewrite_existflags. */
1608
1609 void
1610 readconf_rewrites(void)
1611 {
1612 rewrite_rule **chain = &global_rewrite_rules;
1613 uschar *p;
1614
1615 while ((p = get_config_line()) != NULL)
1616 {
1617 rewrite_rule *next = readconf_one_rewrite(p, &rewrite_existflags, TRUE);
1618 *chain = next;
1619 chain = &(next->next);
1620 }
1621 }
1622
1623
1624
1625 /*************************************************
1626 * Read a string *
1627 *************************************************/
1628
1629 /* Strings are read into the normal store pool. As long we aren't too
1630 near the end of the current block, the string will just use what is necessary
1631 on the top of the stacking pool, because string_cat() uses the extension
1632 mechanism.
1633
1634 Argument:
1635 s the rest of the input line
1636 name the option name (for errors)
1637
1638 Returns: pointer to the string
1639 */
1640
1641 static uschar *
1642 read_string(const uschar *s, const uschar *name)
1643 {
1644 uschar *yield;
1645 const uschar *ss;
1646
1647 if (*s != '\"') return string_copy(s);
1648
1649 ss = s;
1650 yield = string_dequote(&s);
1651
1652 if (s == ss+1 || s[-1] != '\"')
1653 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1654 "missing quote at end of string value for %s", name);
1655
1656 if (*s != 0) extra_chars_error(s, US"string value for ", name, US"");
1657
1658 return yield;
1659 }
1660
1661
1662 /*************************************************
1663 * Custom-handler options *
1664 *************************************************/
1665 static void
1666 fn_smtp_receive_timeout(const uschar * name, const uschar * str)
1667 {
1668 if (*str == '$')
1669 smtp_receive_timeout_s = string_copy(str);
1670 else
1671 {
1672 /* "smtp_receive_timeout", opt_time, &smtp_receive_timeout */
1673 smtp_receive_timeout = readconf_readtime(str, 0, FALSE);
1674 if (smtp_receive_timeout < 0)
1675 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
1676 name);
1677 }
1678 }
1679
1680 /*************************************************
1681 * Handle option line *
1682 *************************************************/
1683
1684 /* This function is called from several places to process a line containing the
1685 setting of an option. The first argument is the line to be decoded; it has been
1686 checked not to be empty and not to start with '#'. Trailing newlines and white
1687 space have been removed. The second argument is a pointer to the list of
1688 variable names that are to be recognized, together with their types and
1689 locations, and the third argument gives the number of entries in the list.
1690
1691 The fourth argument is a pointer to a data block. If it is NULL, then the data
1692 values in the options list are absolute addresses. Otherwise, they are byte
1693 offsets in the data block.
1694
1695 String option data may continue onto several lines; this function reads further
1696 data from config_file if necessary.
1697
1698 The yield of this function is normally zero. If a string continues onto
1699 multiple lines, then the data value is permitted to be followed by a comma
1700 or a semicolon (for use in drivers) and the yield is that character.
1701
1702 Arguments:
1703 buffer contains the configuration line to be handled
1704 oltop points to the start of the relevant option list
1705 last one more than the offset of the last item in the option list
1706 data_block NULL when reading main options => data values in the option
1707 list are absolute addresses; otherwise they are byte offsets
1708 in data_block when they have opt_public set; otherwise
1709 they are byte offsets in data_block->options_block.
1710 unknown_txt format string to use in panic message for unknown option;
1711 must contain %s for option name
1712 if given as NULL, don't panic on unknown option
1713
1714 Returns: TRUE if an option was read successfully,
1715 FALSE false for an unknown option if unknown_txt == NULL,
1716 otherwise panic and die on an unknown option
1717 */
1718
1719 static BOOL
1720 readconf_handle_option(uschar *buffer, optionlist *oltop, int last,
1721 void *data_block, uschar *unknown_txt)
1722 {
1723 int ptr = 0;
1724 int offset = 0;
1725 int n, count, type, value;
1726 int issecure = 0;
1727 uid_t uid;
1728 gid_t gid;
1729 BOOL boolvalue = TRUE;
1730 BOOL freesptr = TRUE;
1731 optionlist *ol, *ol2;
1732 struct passwd *pw;
1733 void *reset_point;
1734 int intbase = 0;
1735 uschar *inttype = US"";
1736 uschar *sptr;
1737 uschar *s = buffer;
1738 uschar **str_target;
1739 uschar name[64];
1740 uschar name2[64];
1741
1742 /* There may be leading spaces; thereafter, we expect an option name starting
1743 with a letter. */
1744
1745 while (isspace(*s)) s++;
1746 if (!isalpha(*s))
1747 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "option setting expected: %s", s);
1748
1749 /* Read the name of the option, and skip any subsequent white space. If
1750 it turns out that what we read was "hide", set the flag indicating that
1751 this is a secure option, and loop to read the next word. */
1752
1753 for (n = 0; n < 2; n++)
1754 {
1755 while (isalnum(*s) || *s == '_')
1756 {
1757 if (ptr < sizeof(name)-1) name[ptr++] = *s;
1758 s++;
1759 }
1760 name[ptr] = 0;
1761 while (isspace(*s)) s++;
1762 if (Ustrcmp(name, "hide") != 0) break;
1763 issecure = opt_secure;
1764 ptr = 0;
1765 }
1766
1767 /* Deal with "no_" or "not_" here for booleans */
1768
1769 if (Ustrncmp(name, "no_", 3) == 0)
1770 {
1771 boolvalue = FALSE;
1772 offset = 3;
1773 }
1774
1775 if (Ustrncmp(name, "not_", 4) == 0)
1776 {
1777 boolvalue = FALSE;
1778 offset = 4;
1779 }
1780
1781 /* Search the list for the given name. A non-existent name, or an option that
1782 is set twice, is a disaster. */
1783
1784 if (!(ol = find_option(name + offset, oltop, last)))
1785 {
1786 if (unknown_txt == NULL) return FALSE;
1787 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, CS unknown_txt, name);
1788 }
1789
1790 if ((ol->type & opt_set) && !(ol->type & (opt_rep_con | opt_rep_str)))
1791 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1792 "\"%s\" option set for the second time", name);
1793
1794 ol->type |= opt_set | issecure;
1795 type = ol->type & opt_mask;
1796
1797 /* Types with data values must be followed by '='; the "no[t]_" prefix
1798 applies only to boolean values. */
1799
1800 if (type < opt_bool || type > opt_bool_last)
1801 {
1802 if (offset != 0)
1803 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1804 "negation prefix applied to a non-boolean option");
1805 if (*s == 0)
1806 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1807 "unexpected end of line (data missing) after %s", name);
1808 if (*s != '=')
1809 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "missing \"=\" after %s", name);
1810 }
1811
1812 /* If a boolean wasn't preceded by "no[t]_" it can be followed by = and
1813 true/false/yes/no, or, in the case of opt_expand_bool, a general string that
1814 ultimately expands to one of those values. */
1815
1816 else if (*s != 0 && (offset != 0 || *s != '='))
1817 extra_chars_error(s, US"boolean option ", name, US"");
1818
1819 /* Skip white space after = */
1820
1821 if (*s == '=') while (isspace((*(++s))));
1822
1823 /* If there is a data block and the opt_public flag is not set, change
1824 the data block pointer to the private options block. */
1825
1826 if (data_block != NULL && (ol->type & opt_public) == 0)
1827 data_block = (void *)(((driver_instance *)data_block)->options_block);
1828
1829 /* Now get the data according to the type. */
1830
1831 switch (type)
1832 {
1833 /* If a string value is not enclosed in quotes, it consists of
1834 the rest of the current line, verbatim. Otherwise, string escapes
1835 are processed.
1836
1837 A transport is specified as a string, which is then looked up in the
1838 list of transports. A search type is specified as one of a number of
1839 known strings.
1840
1841 A set or rewrite rules for a driver is specified as a string, which is
1842 then parsed into a suitable chain of control blocks.
1843
1844 Uids and gids are specified as strings which are then looked up in the
1845 passwd file. Lists of uids and gids are similarly specified as colon-
1846 separated strings. */
1847
1848 case opt_stringptr:
1849 case opt_uid:
1850 case opt_gid:
1851 case opt_expand_uid:
1852 case opt_expand_gid:
1853 case opt_uidlist:
1854 case opt_gidlist:
1855 case opt_rewrite:
1856
1857 reset_point = sptr = read_string(s, name);
1858
1859 /* Having read a string, we now have several different ways of using it,
1860 depending on the data type, so do another switch. If keeping the actual
1861 string is not required (because it is interpreted), freesptr is set TRUE,
1862 and at the end we reset the pool. */
1863
1864 switch (type)
1865 {
1866 /* If this was a string, set the variable to point to the new string,
1867 and set the flag so its store isn't reclaimed. If it was a list of rewrite
1868 rules, we still keep the string (for printing), and parse the rules into a
1869 control block and flags word. */
1870
1871 case opt_stringptr:
1872 str_target = data_block ? USS (US data_block + (long int)(ol->value))
1873 : USS (ol->value);
1874 if (ol->type & opt_rep_con)
1875 {
1876 uschar * saved_condition;
1877 /* We already have a condition, we're conducting a crude hack to let
1878 multiple condition rules be chained together, despite storing them in
1879 text form. */
1880 *str_target = string_copy_malloc( (saved_condition = *str_target)
1881 ? string_sprintf("${if and{{bool_lax{%s}}{bool_lax{%s}}}}",
1882 saved_condition, sptr)
1883 : sptr);
1884 /* TODO(pdp): there is a memory leak here and just below
1885 when we set 3 or more conditions; I still don't
1886 understand the store mechanism enough to know
1887 what's the safe way to free content from an earlier store.
1888 AFAICT, stores stack, so freeing an early stored item also stores
1889 all data alloc'd after it. If we knew conditions were adjacent,
1890 we could survive that, but we don't. So I *think* we need to take
1891 another bit from opt_type to indicate "malloced"; this seems like
1892 quite a hack, especially for this one case. It also means that
1893 we can't ever reclaim the store from the *first* condition.
1894
1895 Because we only do this once, near process start-up, I'm prepared to
1896 let this slide for the time being, even though it rankles. */
1897 }
1898 else if (ol->type & opt_rep_str)
1899 {
1900 uschar sep_o = Ustrncmp(name, "headers_add", 11)==0 ? '\n' : ':';
1901 int sep_i = -(int)sep_o;
1902 const uschar * list = sptr;
1903 uschar * s;
1904 uschar * list_o = *str_target;
1905 int size = 0, len = 0;
1906
1907 if (list_o)
1908 size = (len = Ustrlen(list_o)) + 1;
1909
1910 while ((s = string_nextinlist(&list, &sep_i, NULL, 0)))
1911 list_o = string_append_listele(list_o, &size, &len, sep_o, s);
1912 if (list_o)
1913 *str_target = string_copy_malloc(list_o);
1914 }
1915 else
1916 {
1917 *str_target = sptr;
1918 freesptr = FALSE;
1919 }
1920 break;
1921
1922 case opt_rewrite:
1923 if (data_block)
1924 *USS (US data_block + (long int)(ol->value)) = sptr;
1925 else
1926 *USS (ol->value) = sptr;
1927 freesptr = FALSE;
1928 if (type == opt_rewrite)
1929 {
1930 int sep = 0;
1931 int *flagptr;
1932 uschar *p = sptr;
1933 rewrite_rule **chain;
1934 optionlist *ol3;
1935
1936 sprintf(CS name2, "*%.50s_rules", name);
1937 ol2 = find_option(name2, oltop, last);
1938 sprintf(CS name2, "*%.50s_flags", name);
1939 ol3 = find_option(name2, oltop, last);
1940
1941 if (ol2 == NULL || ol3 == NULL)
1942 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
1943 "rewrite rules not available for driver");
1944
1945 if (data_block == NULL)
1946 {
1947 chain = (rewrite_rule **)(ol2->value);
1948 flagptr = (int *)(ol3->value);
1949 }
1950 else
1951 {
1952 chain = (rewrite_rule **)((uschar *)data_block + (long int)(ol2->value));
1953 flagptr = (int *)((uschar *)data_block + (long int)(ol3->value));
1954 }
1955
1956 while ((p = string_nextinlist(CUSS &sptr, &sep, big_buffer, BIG_BUFFER_SIZE)))
1957 {
1958 rewrite_rule *next = readconf_one_rewrite(p, flagptr, FALSE);
1959 *chain = next;
1960 chain = &(next->next);
1961 }
1962
1963 if ((*flagptr & (rewrite_all_envelope | rewrite_smtp)) != 0)
1964 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "rewrite rule specifies a "
1965 "non-header rewrite - not allowed at transport time -");
1966 }
1967 break;
1968
1969 /* If it was an expanded uid, see if there is any expansion to be
1970 done by checking for the presence of a $ character. If there is, save it
1971 in the corresponding *expand_user option field. Otherwise, fall through
1972 to treat it as a fixed uid. Ensure mutual exclusivity of the two kinds
1973 of data. */
1974
1975 case opt_expand_uid:
1976 sprintf(CS name2, "*expand_%.50s", name);
1977 ol2 = find_option(name2, oltop, last);
1978 if (ol2 != NULL)
1979 {
1980 uschar *ss = (Ustrchr(sptr, '$') != NULL)? sptr : NULL;
1981
1982 if (data_block == NULL)
1983 *((uschar **)(ol2->value)) = ss;
1984 else
1985 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = ss;
1986
1987 if (ss != NULL)
1988 {
1989 *(get_set_flag(name, oltop, last, data_block)) = FALSE;
1990 freesptr = FALSE;
1991 break;
1992 }
1993 }
1994
1995 /* Look up a fixed uid, and also make use of the corresponding gid
1996 if a passwd entry is returned and the gid has not been set. */
1997
1998 case opt_uid:
1999 if (!route_finduser(sptr, &pw, &uid))
2000 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "user %s was not found", sptr);
2001 if (data_block == NULL)
2002 *((uid_t *)(ol->value)) = uid;
2003 else
2004 *((uid_t *)((uschar *)data_block + (long int)(ol->value))) = uid;
2005
2006 /* Set the flag indicating a fixed value is set */
2007
2008 *(get_set_flag(name, oltop, last, data_block)) = TRUE;
2009
2010 /* Handle matching gid if we have a passwd entry: done by finding the
2011 same name with terminating "user" changed to "group"; if not found,
2012 ignore. Also ignore if the value is already set. */
2013
2014 if (pw == NULL) break;
2015 Ustrcpy(name+Ustrlen(name)-4, "group");
2016 ol2 = find_option(name, oltop, last);
2017 if (ol2 != NULL && ((ol2->type & opt_mask) == opt_gid ||
2018 (ol2->type & opt_mask) == opt_expand_gid))
2019 {
2020 BOOL *set_flag = get_set_flag(name, oltop, last, data_block);
2021 if (! *set_flag)
2022 {
2023 if (data_block == NULL)
2024 *((gid_t *)(ol2->value)) = pw->pw_gid;
2025 else
2026 *((gid_t *)((uschar *)data_block + (long int)(ol2->value))) = pw->pw_gid;
2027 *set_flag = TRUE;
2028 }
2029 }
2030 break;
2031
2032 /* If it was an expanded gid, see if there is any expansion to be
2033 done by checking for the presence of a $ character. If there is, save it
2034 in the corresponding *expand_user option field. Otherwise, fall through
2035 to treat it as a fixed gid. Ensure mutual exclusivity of the two kinds
2036 of data. */
2037
2038 case opt_expand_gid:
2039 sprintf(CS name2, "*expand_%.50s", name);
2040 ol2 = find_option(name2, oltop, last);
2041 if (ol2 != NULL)
2042 {
2043 uschar *ss = (Ustrchr(sptr, '$') != NULL)? sptr : NULL;
2044
2045 if (data_block == NULL)
2046 *((uschar **)(ol2->value)) = ss;
2047 else
2048 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = ss;
2049
2050 if (ss != NULL)
2051 {
2052 *(get_set_flag(name, oltop, last, data_block)) = FALSE;
2053 freesptr = FALSE;
2054 break;
2055 }
2056 }
2057
2058 /* Handle freestanding gid */
2059
2060 case opt_gid:
2061 if (!route_findgroup(sptr, &gid))
2062 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "group %s was not found", sptr);
2063 if (data_block == NULL)
2064 *((gid_t *)(ol->value)) = gid;
2065 else
2066 *((gid_t *)((uschar *)data_block + (long int)(ol->value))) = gid;
2067 *(get_set_flag(name, oltop, last, data_block)) = TRUE;
2068 break;
2069
2070 /* If it was a uid list, look up each individual entry, and build
2071 a vector of uids, with a count in the first element. Put the vector
2072 in malloc store so we can free the string. (We are reading into
2073 permanent store already.) */
2074
2075 case opt_uidlist:
2076 {
2077 int count = 1;
2078 uid_t *list;
2079 int ptr = 0;
2080 const uschar *p;
2081 const uschar *op = expand_string (sptr);
2082
2083 if (op == NULL)
2084 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s",
2085 name, expand_string_message);
2086
2087 p = op;
2088 if (*p != 0) count++;
2089 while (*p != 0) if (*p++ == ':' && *p != 0) count++;
2090 list = store_malloc(count*sizeof(uid_t));
2091 list[ptr++] = (uid_t)(count - 1);
2092
2093 if (data_block == NULL)
2094 *((uid_t **)(ol->value)) = list;
2095 else
2096 *((uid_t **)((uschar *)data_block + (long int)(ol->value))) = list;
2097
2098 p = op;
2099 while (count-- > 1)
2100 {
2101 int sep = 0;
2102 (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
2103 if (!route_finduser(big_buffer, NULL, &uid))
2104 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "user %s was not found",
2105 big_buffer);
2106 list[ptr++] = uid;
2107 }
2108 }
2109 break;
2110
2111 /* If it was a gid list, look up each individual entry, and build
2112 a vector of gids, with a count in the first element. Put the vector
2113 in malloc store so we can free the string. (We are reading into permanent
2114 store already.) */
2115
2116 case opt_gidlist:
2117 {
2118 int count = 1;
2119 gid_t *list;
2120 int ptr = 0;
2121 const uschar *p;
2122 const uschar *op = expand_string (sptr);
2123
2124 if (op == NULL)
2125 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "failed to expand %s: %s",
2126 name, expand_string_message);
2127
2128 p = op;
2129 if (*p != 0) count++;
2130 while (*p != 0) if (*p++ == ':' && *p != 0) count++;
2131 list = store_malloc(count*sizeof(gid_t));
2132 list[ptr++] = (gid_t)(count - 1);
2133
2134 if (data_block == NULL)
2135 *((gid_t **)(ol->value)) = list;
2136 else
2137 *((gid_t **)((uschar *)data_block + (long int)(ol->value))) = list;
2138
2139 p = op;
2140 while (count-- > 1)
2141 {
2142 int sep = 0;
2143 (void)string_nextinlist(&p, &sep, big_buffer, BIG_BUFFER_SIZE);
2144 if (!route_findgroup(big_buffer, &gid))
2145 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "group %s was not found",
2146 big_buffer);
2147 list[ptr++] = gid;
2148 }
2149 }
2150 break;
2151 }
2152
2153 /* Release store if the value of the string doesn't need to be kept. */
2154
2155 if (freesptr) store_reset(reset_point);
2156 break;
2157
2158 /* Expanded boolean: if no characters follow, or if there are no dollar
2159 characters, this is a fixed-valued boolean, and we fall through. Otherwise,
2160 save the string for later expansion in the alternate place. */
2161
2162 case opt_expand_bool:
2163 if (*s != 0 && Ustrchr(s, '$') != 0)
2164 {
2165 sprintf(CS name2, "*expand_%.50s", name);
2166 ol2 = find_option(name2, oltop, last);
2167 if (ol2 != NULL)
2168 {
2169 reset_point = sptr = read_string(s, name);
2170 if (data_block == NULL)
2171 *((uschar **)(ol2->value)) = sptr;
2172 else
2173 *((uschar **)((uschar *)data_block + (long int)(ol2->value))) = sptr;
2174 freesptr = FALSE;
2175 break;
2176 }
2177 }
2178 /* Fall through */
2179
2180 /* Boolean: if no characters follow, the value is boolvalue. Otherwise
2181 look for yes/not/true/false. Some booleans are stored in a single bit in
2182 a single int. There's a special fudge for verify settings; without a suffix
2183 they set both xx_sender and xx_recipient. The table points to the sender
2184 value; search subsequently for the recipient. There's another special case:
2185 opt_bool_set also notes when a boolean has been set. */
2186
2187 case opt_bool:
2188 case opt_bit:
2189 case opt_bool_verify:
2190 case opt_bool_set:
2191 if (*s != 0)
2192 {
2193 s = readconf_readname(name2, 64, s);
2194 if (strcmpic(name2, US"true") == 0 || strcmpic(name2, US"yes") == 0)
2195 boolvalue = TRUE;
2196 else if (strcmpic(name2, US"false") == 0 || strcmpic(name2, US"no") == 0)
2197 boolvalue = FALSE;
2198 else log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2199 "\"%s\" is not a valid value for the \"%s\" option", name2, name);
2200 if (*s != 0) extra_chars_error(s, string_sprintf("\"%s\" ", name2),
2201 US"for boolean option ", name);
2202 }
2203
2204 /* Handle single-bit type. */
2205
2206 if (type == opt_bit)
2207 {
2208 int bit = 1 << ((ol->type >> 16) & 31);
2209 int *ptr = (data_block == NULL)?
2210 (int *)(ol->value) :
2211 (int *)((uschar *)data_block + (long int)ol->value);
2212 if (boolvalue) *ptr |= bit; else *ptr &= ~bit;
2213 break;
2214 }
2215
2216 /* Handle full BOOL types */
2217
2218 if (data_block == NULL)
2219 *((BOOL *)(ol->value)) = boolvalue;
2220 else
2221 *((BOOL *)((uschar *)data_block + (long int)(ol->value))) = boolvalue;
2222
2223 /* Verify fudge */
2224
2225 if (type == opt_bool_verify)
2226 {
2227 sprintf(CS name2, "%.50s_recipient", name + offset);
2228 ol2 = find_option(name2, oltop, last);
2229 if (ol2 != NULL)
2230 {
2231 if (data_block == NULL)
2232 *((BOOL *)(ol2->value)) = boolvalue;
2233 else
2234 *((BOOL *)((uschar *)data_block + (long int)(ol2->value))) = boolvalue;
2235 }
2236 }
2237
2238 /* Note that opt_bool_set type is set, if there is somewhere to do so */
2239
2240 else if (type == opt_bool_set)
2241 {
2242 sprintf(CS name2, "*set_%.50s", name + offset);
2243 ol2 = find_option(name2, oltop, last);
2244 if (ol2 != NULL)
2245 {
2246 if (data_block == NULL)
2247 *((BOOL *)(ol2->value)) = TRUE;
2248 else
2249 *((BOOL *)((uschar *)data_block + (long int)(ol2->value))) = TRUE;
2250 }
2251 }
2252 break;
2253
2254 /* Octal integer */
2255
2256 case opt_octint:
2257 intbase = 8;
2258 inttype = US"octal ";
2259
2260 /* Integer: a simple(ish) case; allow octal and hex formats, and
2261 suffixes K, M and G. The different types affect output, not input. */
2262
2263 case opt_mkint:
2264 case opt_int:
2265 {
2266 uschar *endptr;
2267 long int lvalue;
2268
2269 errno = 0;
2270 lvalue = strtol(CS s, CSS &endptr, intbase);
2271
2272 if (endptr == s)
2273 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
2274 inttype, name);
2275
2276 if (errno != ERANGE)
2277 if (tolower(*endptr) == 'k')
2278 {
2279 if (lvalue > INT_MAX/1024 || lvalue < INT_MIN/1024) errno = ERANGE;
2280 else lvalue *= 1024;
2281 endptr++;
2282 }
2283 else if (tolower(*endptr) == 'm')
2284 {
2285 if (lvalue > INT_MAX/(1024*1024) || lvalue < INT_MIN/(1024*1024))
2286 errno = ERANGE;
2287 else lvalue *= 1024*1024;
2288 endptr++;
2289 }
2290 else if (tolower(*endptr) == 'g')
2291 {
2292 if (lvalue > INT_MAX/(1024*1024*1024) || lvalue < INT_MIN/(1024*1024*1024))
2293 errno = ERANGE;
2294 else lvalue *= 1024*1024*1024;
2295 endptr++;
2296 }
2297
2298 if (errno == ERANGE || lvalue > INT_MAX || lvalue < INT_MIN)
2299 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2300 "absolute value of integer \"%s\" is too large (overflow)", s);
2301
2302 while (isspace(*endptr)) endptr++;
2303 if (*endptr != 0)
2304 extra_chars_error(endptr, inttype, US"integer value for ", name);
2305
2306 value = (int)lvalue;
2307 }
2308
2309 if (data_block == NULL)
2310 *((int *)(ol->value)) = value;
2311 else
2312 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2313 break;
2314
2315 /* Integer held in K: again, allow octal and hex formats, and suffixes K, M
2316 and G. */
2317 /*XXX consider moving to int_eximarith_t (but mind the overflow test 0415) */
2318
2319 case opt_Kint:
2320 {
2321 uschar *endptr;
2322 errno = 0;
2323 value = strtol(CS s, CSS &endptr, intbase);
2324
2325 if (endptr == s)
2326 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
2327 inttype, name);
2328
2329 if (errno != ERANGE)
2330 if (tolower(*endptr) == 'g')
2331 {
2332 if (value > INT_MAX/(1024*1024) || value < INT_MIN/(1024*1024))
2333 errno = ERANGE;
2334 else
2335 value *= 1024*1024;
2336 endptr++;
2337 }
2338 else if (tolower(*endptr) == 'm')
2339 {
2340 if (value > INT_MAX/1024 || value < INT_MIN/1024)
2341 errno = ERANGE;
2342 else
2343 value *= 1024;
2344 endptr++;
2345 }
2346 else if (tolower(*endptr) == 'k')
2347 endptr++;
2348 else
2349 value = (value + 512)/1024;
2350
2351 if (errno == ERANGE) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2352 "absolute value of integer \"%s\" is too large (overflow)", s);
2353
2354 while (isspace(*endptr)) endptr++;
2355 if (*endptr != 0)
2356 extra_chars_error(endptr, inttype, US"integer value for ", name);
2357 }
2358
2359 if (data_block == NULL)
2360 *((int *)(ol->value)) = value;
2361 else
2362 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2363 break;
2364
2365 /* Fixed-point number: held to 3 decimal places. */
2366
2367 case opt_fixed:
2368 if (sscanf(CS s, "%d%n", &value, &count) != 1)
2369 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2370 "fixed-point number expected for %s", name);
2371
2372 if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2373 "integer \"%s\" is too large (overflow)", s);
2374
2375 value *= 1000;
2376
2377 if (value < 0) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2378 "integer \"%s\" is too large (overflow)", s);
2379
2380 /* We get a coverity error here for using count, as it derived
2381 from the tainted buffer pointed to by s, as parsed by sscanf().
2382 By the definition of sscanf we must be accessing between start
2383 and end of s (assuming it is nul-terminated...) so ignore the error. */
2384 /* coverity[tainted_data] */
2385 if (s[count] == '.')
2386 {
2387 int d = 100;
2388 while (isdigit(s[++count]))
2389 {
2390 value += (s[count] - '0') * d;
2391 d /= 10;
2392 }
2393 }
2394
2395 while (isspace(s[count])) count++;
2396
2397 if (s[count] != 0)
2398 extra_chars_error(s+count, US"fixed-point value for ", name, US"");
2399
2400 if (data_block == NULL)
2401 *((int *)(ol->value)) = value;
2402 else
2403 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2404 break;
2405
2406 /* There's a special routine to read time values. */
2407
2408 case opt_time:
2409 value = readconf_readtime(s, 0, FALSE);
2410 if (value < 0)
2411 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
2412 name);
2413 if (data_block == NULL)
2414 *((int *)(ol->value)) = value;
2415 else
2416 *((int *)((uschar *)data_block + (long int)(ol->value))) = value;
2417 break;
2418
2419 /* A time list is a list of colon-separated times, with the first
2420 element holding the size of the list and the second the number of
2421 entries used. */
2422
2423 case opt_timelist:
2424 {
2425 int count = 0;
2426 int *list = (data_block == NULL)?
2427 (int *)(ol->value) :
2428 (int *)((uschar *)data_block + (long int)(ol->value));
2429
2430 if (*s != 0) for (count = 1; count <= list[0] - 2; count++)
2431 {
2432 int terminator = 0;
2433 uschar *snext = Ustrchr(s, ':');
2434 if (snext != NULL)
2435 {
2436 uschar *ss = snext;
2437 while (ss > s && isspace(ss[-1])) ss--;
2438 terminator = *ss;
2439 }
2440 value = readconf_readtime(s, terminator, FALSE);
2441 if (value < 0)
2442 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "invalid time value for %s",
2443 name);
2444 if (count > 1 && value <= list[count])
2445 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
2446 "time value out of order for %s", name);
2447 list[count+1] = value;
2448 if (snext == NULL) break;
2449 s = snext + 1;
2450 while (isspace(*s)) s++;
2451 }
2452
2453 if (count > list[0] - 2)
2454 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "too many time values for %s",
2455 name);
2456 if (count > 0 && list[2] == 0) count = 0;
2457 list[1] = count;
2458 break;
2459 }
2460
2461 case opt_func:
2462 {
2463 void (*fn)() = ol->value;
2464 fn(name, s);
2465 break;
2466 }
2467 }
2468
2469 return TRUE;
2470 }
2471
2472
2473
2474 /*************************************************
2475 * Print a time value *
2476 *************************************************/
2477
2478 /*
2479 Argument: a time value in seconds
2480 Returns: pointer to a fixed buffer containing the time as a string,
2481 in readconf_readtime() format
2482 */
2483
2484 uschar *
2485 readconf_printtime(int t)
2486 {
2487 int s, m, h, d, w;
2488 uschar *p = time_buffer;
2489
2490 if (t < 0)
2491 {
2492 *p++ = '-';
2493 t = -t;
2494 }
2495
2496 s = t % 60;
2497 t /= 60;
2498 m = t % 60;
2499 t /= 60;
2500 h = t % 24;
2501 t /= 24;
2502 d = t % 7;
2503 w = t/7;
2504
2505 if (w > 0) { sprintf(CS p, "%dw", w); while (*p) p++; }
2506 if (d > 0) { sprintf(CS p, "%dd", d); while (*p) p++; }
2507 if (h > 0) { sprintf(CS p, "%dh", h); while (*p) p++; }
2508 if (m > 0) { sprintf(CS p, "%dm", m); while (*p) p++; }
2509 if (s > 0 || p == time_buffer) sprintf(CS p, "%ds", s);
2510
2511 return time_buffer;
2512 }
2513
2514
2515
2516 /*************************************************
2517 * Print an individual option value *
2518 *************************************************/
2519
2520 /* This is used by the -bP option, so prints to the standard output.
2521 The entire options list is passed in as an argument, because some options come
2522 in pairs - typically uid/gid settings, which can either be explicit numerical
2523 values, or strings to be expanded later. If the numerical value is unset,
2524 search for "*expand_<name>" to see if there is a string equivalent.
2525
2526 Arguments:
2527 ol option entry, or NULL for an unknown option
2528 name option name
2529 options_block NULL for main configuration options; otherwise points to
2530 a driver block; if the option doesn't have opt_public
2531 set, then options_block->options_block is where the item
2532 resides.
2533 oltop points to the option list in which ol exists
2534 last one more than the offset of the last entry in optop
2535 no_labels do not show "foo = " at the start.
2536
2537 Returns: nothing
2538 */
2539
2540 static void
2541 print_ol(optionlist *ol, uschar *name, void *options_block,
2542 optionlist *oltop, int last, BOOL no_labels)
2543 {
2544 struct passwd *pw;
2545 struct group *gr;
2546 optionlist *ol2;
2547 void *value;
2548 uid_t *uidlist;
2549 gid_t *gidlist;
2550 uschar *s;
2551 uschar name2[64];
2552
2553 if (ol == NULL)
2554 {
2555 printf("%s is not a known option\n", name);
2556 return;
2557 }
2558
2559 /* Non-admin callers cannot see options that have been flagged secure by the
2560 "hide" prefix. */
2561
2562 if (!admin_user && (ol->type & opt_secure) != 0)
2563 {
2564 if (no_labels)
2565 printf("%s\n", hidden);
2566 else
2567 printf("%s = %s\n", name, hidden);
2568 return;
2569 }
2570
2571 /* Else show the value of the option */
2572
2573 value = ol->value;
2574 if (options_block != NULL)
2575 {
2576 if ((ol->type & opt_public) == 0)
2577 options_block = (void *)(((driver_instance *)options_block)->options_block);
2578 value = (void *)((uschar *)options_block + (long int)value);
2579 }
2580
2581 switch(ol->type & opt_mask)
2582 {
2583 case opt_stringptr:
2584 case opt_rewrite: /* Show the text value */
2585 s = *((uschar **)value);
2586 if (!no_labels) printf("%s = ", name);
2587 printf("%s\n", (s == NULL)? US"" : string_printing2(s, FALSE));
2588 break;
2589
2590 case opt_int:
2591 if (!no_labels) printf("%s = ", name);
2592 printf("%d\n", *((int *)value));
2593 break;
2594
2595 case opt_mkint:
2596 {
2597 int x = *((int *)value);
2598 if (x != 0 && (x & 1023) == 0)
2599 {
2600 int c = 'K';
2601 x >>= 10;
2602 if ((x & 1023) == 0)
2603 {
2604 c = 'M';
2605 x >>= 10;
2606 }
2607 if (!no_labels) printf("%s = ", name);
2608 printf("%d%c\n", x, c);
2609 }
2610 else
2611 {
2612 if (!no_labels) printf("%s = ", name);
2613 printf("%d\n", x);
2614 }
2615 }
2616 break;
2617
2618 case opt_Kint:
2619 {
2620 int x = *((int *)value);
2621 if (!no_labels) printf("%s = ", name);
2622 if (x == 0) printf("0\n");
2623 else if ((x & 1023) == 0) printf("%dM\n", x >> 10);
2624 else printf("%dK\n", x);
2625 }
2626 break;
2627
2628 case opt_octint:
2629 if (!no_labels) printf("%s = ", name);
2630 printf("%#o\n", *((int *)value));
2631 break;
2632
2633 /* Can be negative only when "unset", in which case integer */
2634
2635 case opt_fixed:
2636 {
2637 int x = *((int *)value);
2638 int f = x % 1000;
2639 int d = 100;
2640 if (x < 0) printf("%s =\n", name); else
2641 {
2642 if (!no_labels) printf("%s = ", name);
2643 printf("%d.", x/1000);
2644 do
2645 {
2646 printf("%d", f/d);
2647 f %= d;
2648 d /= 10;
2649 }
2650 while (f != 0);
2651 printf("\n");
2652 }
2653 }
2654 break;
2655
2656 /* If the numerical value is unset, try for the string value */
2657
2658 case opt_expand_uid:
2659 if (! *get_set_flag(name, oltop, last, options_block))
2660 {
2661 sprintf(CS name2, "*expand_%.50s", name);
2662 ol2 = find_option(name2, oltop, last);
2663 if (ol2 != NULL)
2664 {
2665 void *value2 = ol2->value;
2666 if (options_block != NULL)
2667 value2 = (void *)((uschar *)options_block + (long int)value2);
2668 s = *((uschar **)value2);
2669 if (!no_labels) printf("%s = ", name);
2670 printf("%s\n", (s == NULL)? US"" : string_printing(s));
2671 break;
2672 }
2673 }
2674
2675 /* Else fall through */
2676
2677 case opt_uid:
2678 if (!no_labels) printf("%s = ", name);
2679 if (! *get_set_flag(name, oltop, last, options_block))
2680 printf("\n");
2681 else
2682 {
2683 pw = getpwuid(*((uid_t *)value));
2684 if (pw == NULL)
2685 printf("%ld\n", (long int)(*((uid_t *)value)));
2686 else printf("%s\n", pw->pw_name);
2687 }
2688 break;
2689
2690 /* If the numerical value is unset, try for the string value */
2691
2692 case opt_expand_gid:
2693 if (! *get_set_flag(name, oltop, last, options_block))
2694 {
2695 sprintf(CS name2, "*expand_%.50s", name);
2696 ol2 = find_option(name2, oltop, last);
2697 if (ol2 != NULL && (ol2->type & opt_mask) == opt_stringptr)
2698 {
2699 void *value2 = ol2->value;
2700 if (options_block != NULL)
2701 value2 = (void *)((uschar *)options_block + (long int)value2);
2702 s = *((uschar **)value2);
2703 if (!no_labels) printf("%s = ", name);
2704 printf("%s\n", (s == NULL)? US"" : string_printing(s));
2705 break;
2706 }
2707 }
2708
2709 /* Else fall through */
2710
2711 case opt_gid:
2712 if (!no_labels) printf("%s = ", name);
2713 if (! *get_set_flag(name, oltop, last, options_block))
2714 printf("\n");
2715 else
2716 {
2717 gr = getgrgid(*((int *)value));
2718 if (gr == NULL)
2719 printf("%ld\n", (long int)(*((int *)value)));
2720 else printf("%s\n", gr->gr_name);
2721 }
2722 break;
2723
2724 case opt_uidlist:
2725 uidlist = *((uid_t **)value);
2726 if (!no_labels) printf("%s =", name);
2727 if (uidlist != NULL)
2728 {
2729 int i;
2730 uschar sep = ' ';
2731 if (no_labels) sep = '\0';
2732 for (i = 1; i <= (int)(uidlist[0]); i++)
2733 {
2734 uschar *name = NULL;
2735 pw = getpwuid(uidlist[i]);
2736 if (pw != NULL) name = US pw->pw_name;
2737 if (sep != '\0') printf("%c", sep);
2738 if (name != NULL) printf("%s", name);
2739 else printf("%ld", (long int)(uidlist[i]));
2740 sep = ':';
2741 }
2742 }
2743 printf("\n");
2744 break;
2745
2746 case opt_gidlist:
2747 gidlist = *((gid_t **)value);
2748 if (!no_labels) printf("%s =", name);
2749 if (gidlist != NULL)
2750 {
2751 int i;
2752 uschar sep = ' ';
2753 if (no_labels) sep = '\0';
2754 for (i = 1; i <= (int)(gidlist[0]); i++)
2755 {
2756 uschar *name = NULL;
2757 gr = getgrgid(gidlist[i]);
2758 if (gr != NULL) name = US gr->gr_name;
2759 if (sep != '\0') printf("%c", sep);
2760 if (name != NULL) printf("%s", name);
2761 else printf("%ld", (long int)(gidlist[i]));
2762 sep = ':';
2763 }
2764 }
2765 printf("\n");
2766 break;
2767
2768 case opt_time:
2769 if (!no_labels) printf("%s = ", name);
2770 printf("%s\n", readconf_printtime(*((int *)value)));
2771 break;
2772
2773 case opt_timelist:
2774 {
2775 int i;
2776 int *list = (int *)value;
2777 if (!no_labels) printf("%s = ", name);
2778 for (i = 0; i < list[1]; i++)
2779 printf("%s%s", (i == 0)? "" : ":", readconf_printtime(list[i+2]));
2780 printf("\n");
2781 }
2782 break;
2783
2784 case opt_bit:
2785 printf("%s%s\n", ((*((int *)value)) & (1 << ((ol->type >> 16) & 31)))?
2786 "" : "no_", name);
2787 break;
2788
2789 case opt_expand_bool:
2790 sprintf(CS name2, "*expand_%.50s", name);
2791 ol2 = find_option(name2, oltop, last);
2792 if (ol2 != NULL && ol2->value != NULL)
2793 {
2794 void *value2 = ol2->value;
2795 if (options_block != NULL)
2796 value2 = (void *)((uschar *)options_block + (long int)value2);
2797 s = *((uschar **)value2);
2798 if (s != NULL)
2799 {
2800 if (!no_labels) printf("%s = ", name);
2801 printf("%s\n", string_printing(s));
2802 break;
2803 }
2804 /* s == NULL => string not set; fall through */
2805 }
2806
2807 /* Fall through */
2808
2809 case opt_bool:
2810 case opt_bool_verify:
2811 case opt_bool_set:
2812 printf("%s%s\n", (*((BOOL *)value))? "" : "no_", name);
2813 break;
2814 }
2815 }
2816
2817
2818
2819 /*************************************************
2820 * Print value from main configuration *
2821 *************************************************/
2822
2823 /* This function, called as a result of encountering the -bP option,
2824 causes the value of any main configuration variable to be output if the
2825 second argument is NULL. There are some special values:
2826
2827 all print all main configuration options
2828 config_file print the name of the configuration file
2829 (configure_file will still work, for backward
2830 compatibility)
2831 routers print the routers' configurations
2832 transports print the transports' configuration
2833 authenticators print the authenticators' configuration
2834 macros print the macros' configuration
2835 router_list print a list of router names
2836 transport_list print a list of transport names
2837 authenticator_list print a list of authentication mechanism names
2838 macro_list print a list of macro names
2839 +name print a named list item
2840 local_scan print the local_scan options
2841 config print the configuration as it is parsed
2842 environment print the used execution environment
2843
2844 If the second argument is not NULL, it must be one of "router", "transport",
2845 "authenticator" or "macro" in which case the first argument identifies the
2846 driver whose options are to be printed.
2847
2848 Arguments:
2849 name option name if type == NULL; else driver name
2850 type NULL or driver type name, as described above
2851 no_labels avoid the "foo = " at the start of an item
2852
2853 Returns: nothing
2854 */
2855
2856 void
2857 readconf_print(uschar *name, uschar *type, BOOL no_labels)
2858 {
2859 BOOL names_only = FALSE;
2860 optionlist *ol;
2861 optionlist *ol2 = NULL;
2862 driver_instance *d = NULL;
2863 macro_item *m;
2864 int size = 0;
2865
2866 if (type == NULL)
2867 {
2868 if (*name == '+')
2869 {
2870 int i;
2871 tree_node *t;
2872 BOOL found = FALSE;
2873 static uschar *types[] = { US"address", US"domain", US"host",
2874 US"localpart" };
2875 static tree_node **anchors[] = { &addresslist_anchor, &domainlist_anchor,
2876 &hostlist_anchor, &localpartlist_anchor };
2877
2878 for (i = 0; i < 4; i++)
2879 {
2880 t = tree_search(*(anchors[i]), name+1);
2881 if (t != NULL)
2882 {
2883 found = TRUE;
2884 if (no_labels)
2885 printf("%s\n", ((namedlist_block *)(t->data.ptr))->string);
2886 else
2887 printf("%slist %s = %s\n", types[i], name+1,
2888 ((namedlist_block *)(t->data.ptr))->string);
2889 }
2890 }
2891
2892 if (!found)
2893 printf("no address, domain, host, or local part list called \"%s\" "
2894 "exists\n", name+1);
2895
2896 return;
2897 }
2898
2899 if ( Ustrcmp(name, "configure_file") == 0
2900 || Ustrcmp(name, "config_file") == 0)
2901 {
2902 printf("%s\n", CS config_main_filename);
2903 return;
2904 }
2905
2906 if (Ustrcmp(name, "all") == 0)
2907 {
2908 for (ol = optionlist_config;
2909 ol < optionlist_config + nelem(optionlist_config); ol++)
2910 {
2911 if ((ol->type & opt_hidden) == 0)
2912 print_ol(ol, US ol->name, NULL,
2913 optionlist_config, nelem(optionlist_config),
2914 no_labels);
2915 }
2916 return;
2917 }
2918
2919 if (Ustrcmp(name, "local_scan") == 0)
2920 {
2921 #ifndef LOCAL_SCAN_HAS_OPTIONS
2922 printf("local_scan() options are not supported\n");
2923 #else
2924 for (ol = local_scan_options;
2925 ol < local_scan_options + local_scan_options_count; ol++)
2926 {
2927 print_ol(ol, US ol->name, NULL, local_scan_options,
2928 local_scan_options_count, no_labels);
2929 }
2930 #endif
2931 return;
2932 }
2933
2934 if (Ustrcmp(name, "config") == 0)
2935 {
2936 print_config(admin_user, no_labels);
2937 return;
2938 }
2939
2940 if (Ustrcmp(name, "routers") == 0)
2941 {
2942 type = US"router";
2943 name = NULL;
2944 }
2945 else if (Ustrcmp(name, "transports") == 0)
2946 {
2947 type = US"transport";
2948 name = NULL;
2949 }
2950
2951 else if (Ustrcmp(name, "authenticators") == 0)
2952 {
2953 type = US"authenticator";
2954 name = NULL;
2955 }
2956
2957 else if (Ustrcmp(name, "macros") == 0)
2958 {
2959 type = US"macro";
2960 name = NULL;
2961 }
2962
2963 else if (Ustrcmp(name, "router_list") == 0)
2964 {
2965 type = US"router";
2966 name = NULL;
2967 names_only = TRUE;
2968 }
2969
2970 else if (Ustrcmp(name, "transport_list") == 0)
2971 {
2972 type = US"transport";
2973 name = NULL;
2974 names_only = TRUE;
2975 }
2976
2977 else if (Ustrcmp(name, "authenticator_list") == 0)
2978 {
2979 type = US"authenticator";
2980 name = NULL;
2981 names_only = TRUE;
2982 }
2983
2984 else if (Ustrcmp(name, "macro_list") == 0)
2985 {
2986 type = US"macro";
2987 name = NULL;
2988 names_only = TRUE;
2989 }
2990
2991 else if (Ustrcmp(name, "environment") == 0)
2992 {
2993 if (environ)
2994 {
2995 uschar ** p;
2996 for (p = USS environ; *p; p++) ;
2997 qsort(environ, p - USS environ, sizeof(*p), string_compare_by_pointer);
2998
2999 for (p = USS environ; *p; p++)
3000 {
3001 uschar * q;
3002 if (no_labels && (q = Ustrchr(*p, '='))) *q = '\0';
3003 puts(CS *p);
3004 }
3005 }
3006 return;
3007 }
3008
3009 else
3010 {
3011 print_ol(find_option(name, optionlist_config, nelem(optionlist_config)),
3012 name, NULL, optionlist_config, nelem(optionlist_config), no_labels);
3013 return;
3014 }
3015 }
3016
3017 /* Handle the options for a router or transport. Skip options that are flagged
3018 as hidden. Some of these are options with names starting with '*', used for
3019 internal alternative representations of other options (which the printing
3020 function will sort out). Others are synonyms kept for backward compatibility.
3021 */
3022
3023 if (Ustrcmp(type, "router") == 0)
3024 {
3025 d = (driver_instance *)routers;
3026 ol2 = optionlist_routers;
3027 size = optionlist_routers_size;
3028 }
3029 else if (Ustrcmp(type, "transport") == 0)
3030 {
3031 d = (driver_instance *)transports;
3032 ol2 = optionlist_transports;
3033 size = optionlist_transports_size;
3034 }
3035 else if (Ustrcmp(type, "authenticator") == 0)
3036 {
3037 d = (driver_instance *)auths;
3038 ol2 = optionlist_auths;
3039 size = optionlist_auths_size;
3040 }
3041
3042 else if (Ustrcmp(type, "macro") == 0)
3043 {
3044 /* People store passwords in macros and they were previously not available
3045 for printing. So we have an admin_users restriction. */
3046 if (!admin_user)
3047 {
3048 fprintf(stderr, "exim: permission denied\n");
3049 exit(EXIT_FAILURE);
3050 }
3051 if (!macros_builtin_created) macros_create_builtin();
3052 for (m = macros; m; m = m->next)
3053 if (!name || Ustrcmp(name, m->name) == 0)
3054 {
3055 if (names_only)
3056 printf("%s\n", CS m->name);
3057 else
3058 printf("%s=%s\n", CS m->name, CS m->replacement);
3059 if (name)
3060 return;
3061 }
3062 if (name)
3063 printf("%s %s not found\n", type, name);
3064 return;
3065 }
3066
3067 if (names_only)
3068 {
3069 for (; d != NULL; d = d->next) printf("%s\n", CS d->name);
3070 return;
3071 }
3072
3073 /* Either search for a given driver, or print all of them */
3074
3075 for (; d != NULL; d = d->next)
3076 {
3077 if (name == NULL)
3078 printf("\n%s %s:\n", d->name, type);
3079 else if (Ustrcmp(d->name, name) != 0) continue;
3080
3081 for (ol = ol2; ol < ol2 + size; ol++)
3082 {
3083 if ((ol->type & opt_hidden) == 0)
3084 print_ol(ol, US ol->name, d, ol2, size, no_labels);
3085 }
3086
3087 for (ol = d->info->options;
3088 ol < d->info->options + *(d->info->options_count); ol++)
3089 {
3090 if ((ol->type & opt_hidden) == 0)
3091 print_ol(ol, US ol->name, d, d->info->options, *(d->info->options_count), no_labels);
3092 }
3093 if (name != NULL) return;
3094 }
3095 if (name != NULL) printf("%s %s not found\n", type, name);
3096 }
3097
3098
3099
3100 /*************************************************
3101 * Read a named list item *
3102 *************************************************/
3103
3104 /* This function reads a name and a list (i.e. string). The name is used to
3105 save the list in a tree, sorted by its name. Each entry also has a number,
3106 which can be used for caching tests, but if the string contains any expansion
3107 items other than $key, the number is set negative to inhibit caching. This
3108 mechanism is used for domain, host, and address lists that are referenced by
3109 the "+name" syntax.
3110
3111 Arguments:
3112 anchorp points to the tree anchor
3113 numberp points to the current number for this tree
3114 max the maximum number permitted
3115 s the text of the option line, starting immediately after the name
3116 of the list type
3117 tname the name of the list type, for messages
3118
3119 Returns: nothing
3120 */
3121
3122 static void
3123 read_named_list(tree_node **anchorp, int *numberp, int max, uschar *s,
3124 uschar *tname)
3125 {
3126 BOOL forcecache = FALSE;
3127 uschar *ss;
3128 tree_node *t;
3129 namedlist_block *nb = store_get(sizeof(namedlist_block));
3130
3131 if (Ustrncmp(s, "_cache", 6) == 0)
3132 {
3133 forcecache = TRUE;
3134 s += 6;
3135 }
3136
3137 if (!isspace(*s))
3138 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "unrecognized configuration line");
3139
3140 if (*numberp >= max)
3141 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "too many named %ss (max is %d)\n",
3142 tname, max);
3143
3144 while (isspace(*s)) s++;
3145 ss = s;
3146 while (isalnum(*s) || *s == '_') s++;
3147 t = store_get(sizeof(tree_node) + s-ss);
3148 Ustrncpy(t->name, ss, s-ss);
3149 t->name[s-ss] = 0;
3150 while (isspace(*s)) s++;
3151
3152 if (!tree_insertnode(anchorp, t))
3153 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3154 "duplicate name \"%s\" for a named %s", t->name, tname);
3155
3156 t->data.ptr = nb;
3157 nb->number = *numberp;
3158 *numberp += 1;
3159
3160 if (*s++ != '=') log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3161 "missing '=' after \"%s\"", t->name);
3162 while (isspace(*s)) s++;
3163 nb->string = read_string(s, t->name);
3164 nb->cache_data = NULL;
3165
3166 /* Check the string for any expansions; if any are found, mark this list
3167 uncacheable unless the user has explicited forced caching. */
3168
3169 if (!forcecache && Ustrchr(nb->string, '$') != NULL) nb->number = -1;
3170 }
3171
3172
3173
3174
3175 /*************************************************
3176 * Unpick data for a rate limit *
3177 *************************************************/
3178
3179 /* This function is called to unpick smtp_ratelimit_{mail,rcpt} into four
3180 separate values.
3181
3182 Arguments:
3183 s string, in the form t,b,f,l
3184 where t is the threshold (integer)
3185 b is the initial delay (time)
3186 f is the multiplicative factor (fixed point)
3187 k is the maximum time (time)
3188 threshold where to store threshold
3189 base where to store base in milliseconds
3190 factor where to store factor in milliseconds
3191 limit where to store limit
3192
3193 Returns: nothing (panics on error)
3194 */
3195
3196 static void
3197 unpick_ratelimit(uschar *s, int *threshold, int *base, double *factor,
3198 int *limit)
3199 {
3200 uschar bstring[16], lstring[16];
3201
3202 if (sscanf(CS s, "%d, %15[0123456789smhdw.], %lf, %15s", threshold, bstring,
3203 factor, lstring) == 4)
3204 {
3205 *base = readconf_readtime(bstring, 0, TRUE);
3206 *limit = readconf_readtime(lstring, 0, TRUE);
3207 if (*base >= 0 && *limit >= 0) return;
3208 }
3209 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "malformed ratelimit data: %s", s);
3210 }
3211
3212
3213
3214
3215 /*************************************************
3216 * Drop privs for checking TLS config *
3217 *************************************************/
3218
3219 /* We want to validate TLS options during readconf, but do not want to be
3220 root when we call into the TLS library, in case of library linkage errors
3221 which cause segfaults; before this check, those were always done as the Exim
3222 runtime user and it makes sense to continue with that.
3223
3224 Assumes: tls_require_ciphers has been set, if it will be
3225 exim_user has been set, if it will be
3226 exim_group has been set, if it will be
3227
3228 Returns: bool for "okay"; false will cause caller to immediately exit.
3229 */
3230
3231 #ifdef SUPPORT_TLS
3232 static BOOL
3233 tls_dropprivs_validate_require_cipher(BOOL nowarn)
3234 {
3235 const uschar *errmsg;
3236 pid_t pid;
3237 int rc, status;
3238 void (*oldsignal)(int);
3239
3240 /* If TLS will never be used, no point checking ciphers */
3241
3242 if ( !tls_advertise_hosts
3243 || !*tls_advertise_hosts
3244 || Ustrcmp(tls_advertise_hosts, ":") == 0
3245 )
3246 return TRUE;
3247 else if (!nowarn && !tls_certificate)
3248 log_write(0, LOG_MAIN,
3249 "Warning: No server certificate defined; will use a selfsigned one.\n"
3250 " Suggested action: either install a certificate or change tls_advertise_hosts option");
3251
3252 oldsignal = signal(SIGCHLD, SIG_DFL);
3253
3254 fflush(NULL);
3255 if ((pid = fork()) < 0)
3256 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "fork failed for TLS check");
3257
3258 if (pid == 0)
3259 {
3260 /* in some modes, will have dropped privilege already */
3261 if (!geteuid())
3262 exim_setugid(exim_uid, exim_gid, FALSE,
3263 US"calling tls_validate_require_cipher");
3264
3265 if ((errmsg = tls_validate_require_cipher()))
3266 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3267 "tls_require_ciphers invalid: %s", errmsg);
3268 fflush(NULL);
3269 _exit(0);
3270 }
3271
3272 do {
3273 rc = waitpid(pid, &status, 0);
3274 } while (rc < 0 && errno == EINTR);
3275
3276 DEBUG(D_tls)
3277 debug_printf("tls_validate_require_cipher child %d ended: status=0x%x\n",
3278 (int)pid, status);
3279
3280 signal(SIGCHLD, oldsignal);
3281
3282 return status == 0;
3283 }
3284 #endif /* SUPPORT_TLS */
3285
3286
3287
3288
3289 /*************************************************
3290 * Read main configuration options *
3291 *************************************************/
3292
3293 /* This function is the first to be called for configuration reading. It
3294 opens the configuration file and reads general configuration settings until
3295 it reaches the end of the configuration section. The file is then left open so
3296 that the remaining configuration data can subsequently be read if needed for
3297 this run of Exim.
3298
3299 The configuration file must be owned either by root or exim, and be writeable
3300 only by root or uid/gid exim. The values for Exim's uid and gid can be changed
3301 in the config file, so the test is done on the compiled in values. A slight
3302 anomaly, to be carefully documented.
3303
3304 The name of the configuration file is taken from a list that is included in the
3305 binary of Exim. It can be altered from the command line, but if that is done,
3306 root privilege is immediately withdrawn unless the caller is root or exim.
3307 The first file on the list that exists is used.
3308
3309 For use on multiple systems that share file systems, first look for a
3310 configuration file whose name has the current node name on the end. If that is
3311 not found, try the generic name. For really contorted configurations, that run
3312 multiple Exims with different uid settings, first try adding the effective uid
3313 before the node name. These complications are going to waste resources on most
3314 systems. Therefore they are available only when requested by compile-time
3315 options. */
3316
3317 void
3318 readconf_main(BOOL nowarn)
3319 {
3320 int sep = 0;
3321 struct stat statbuf;
3322 uschar *s, *filename;
3323 const uschar *list = config_main_filelist;
3324
3325 /* Loop through the possible file names */
3326
3327 while((filename = string_nextinlist(&list, &sep, big_buffer, big_buffer_size)))
3328 {
3329
3330 /* Cut out all the fancy processing unless specifically wanted */
3331
3332 #if defined(CONFIGURE_FILE_USE_NODE) || defined(CONFIGURE_FILE_USE_EUID)
3333 uschar *suffix = filename + Ustrlen(filename);
3334
3335 /* Try for the node-specific file if a node name exists */
3336
3337 #ifdef CONFIGURE_FILE_USE_NODE
3338 struct utsname uts;
3339 if (uname(&uts) >= 0)
3340 {
3341 #ifdef CONFIGURE_FILE_USE_EUID
3342 sprintf(CS suffix, ".%ld.%.256s", (long int)original_euid, uts.nodename);
3343 config_file = Ufopen(filename, "rb");
3344 if (config_file == NULL)
3345 #endif /* CONFIGURE_FILE_USE_EUID */
3346 {
3347 sprintf(CS suffix, ".%.256s", uts.nodename);
3348 config_file = Ufopen(filename, "rb");
3349 }
3350 }
3351 #endif /* CONFIGURE_FILE_USE_NODE */
3352
3353 /* Otherwise, try the generic name, possibly with the euid added */
3354
3355 #ifdef CONFIGURE_FILE_USE_EUID
3356 if (config_file == NULL)
3357 {
3358 sprintf(CS suffix, ".%ld", (long int)original_euid);
3359 config_file = Ufopen(filename, "rb");
3360 }
3361 #endif /* CONFIGURE_FILE_USE_EUID */
3362
3363 /* Finally, try the unadorned name */
3364
3365 if (config_file == NULL)
3366 {
3367 *suffix = 0;
3368 config_file = Ufopen(filename, "rb");
3369 }
3370 #else /* if neither defined */
3371
3372 /* This is the common case when the fancy processing is not included. */
3373
3374 config_file = Ufopen(filename, "rb");
3375 #endif
3376
3377 /* If the file does not exist, continue to try any others. For any other
3378 error, break out (and die). */
3379
3380 if (config_file != NULL || errno != ENOENT) break;
3381 }
3382
3383 /* On success, save the name for verification; config_filename is used when
3384 logging configuration errors (it changes for .included files) whereas
3385 config_main_filename is the name shown by -bP. Failure to open a configuration
3386 file is a serious disaster. */
3387
3388 if (config_file)
3389 {
3390 uschar *last_slash = Ustrrchr(filename, '/');
3391 config_filename = config_main_filename = string_copy(filename);
3392
3393 /* The config_main_directory we need for the $config_dir expansion.
3394 config_main_filename we need for $config_file expansion.
3395 And config_dir is the directory of the current configuration, used for
3396 relative .includes. We do need to know it's name, as we change our working
3397 directory later. */
3398
3399 if (filename[0] == '/')
3400 config_main_directory = last_slash == filename ? US"/" : string_copyn(filename, last_slash - filename);
3401 else
3402 {
3403 /* relative configuration file name: working dir + / + basename(filename) */
3404
3405 uschar buf[PATH_MAX];
3406 int offset = 0;
3407 int size = 0;
3408
3409 if (os_getcwd(buf, PATH_MAX) == NULL)
3410 {
3411 perror("exim: getcwd");
3412 exit(EXIT_FAILURE);
3413 }
3414 config_main_directory = string_cat(NULL, &size, &offset, buf);
3415
3416 /* If the dir does not end with a "/", append one */
3417 if (config_main_directory[offset-1] != '/')
3418 config_main_directory = string_catn(config_main_directory, &size, &offset, US"/", 1);
3419
3420 /* If the config file contains a "/", extract the directory part */
3421 if (last_slash)
3422 config_main_directory = string_catn(config_main_directory, &size, &offset, filename, last_slash - filename);
3423
3424 config_main_directory[offset] = '\0';
3425 }
3426 config_directory = config_main_directory;
3427 }
3428 else
3429 {
3430 if (filename == NULL)
3431 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "non-existent configuration file(s): "
3432 "%s", config_main_filelist);
3433 else
3434 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s", string_open_failed(errno,
3435 "configuration file %s", filename));
3436 }
3437
3438 /* Now, once we found and opened our configuration file, we change the directory
3439 to a safe place. Later we change to $spool_directory. */
3440
3441 if (Uchdir("/") < 0)
3442 {
3443 perror("exim: chdir `/': ");
3444 exit(EXIT_FAILURE);
3445 }
3446
3447 /* Check the status of the file we have opened, if we have retained root
3448 privileges and the file isn't /dev/null (which *should* be 0666). */
3449
3450 if (trusted_config && Ustrcmp(filename, US"/dev/null"))
3451 {
3452 if (fstat(fileno(config_file), &statbuf) != 0)
3453 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to stat configuration file %s",
3454 big_buffer);
3455
3456 if ((statbuf.st_uid != root_uid /* owner not root */
3457 #ifdef CONFIGURE_OWNER
3458 && statbuf.st_uid != config_uid /* owner not the special one */
3459 #endif
3460 ) || /* or */
3461 (statbuf.st_gid != root_gid /* group not root & */
3462 #ifdef CONFIGURE_GROUP
3463 && statbuf.st_gid != config_gid /* group not the special one */
3464 #endif
3465 && (statbuf.st_mode & 020) != 0) || /* group writeable */
3466 /* or */
3467 ((statbuf.st_mode & 2) != 0)) /* world writeable */
3468
3469 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Exim configuration file %s has the "
3470 "wrong owner, group, or mode", big_buffer);
3471 }
3472
3473 /* Process the main configuration settings. They all begin with a lower case
3474 letter. If we see something starting with an upper case letter, it is taken as
3475 a macro definition. */
3476
3477 while ((s = get_config_line()) != NULL)
3478 {
3479
3480 if (config_lineno == 1 && Ustrstr(s, "\xef\xbb\xbf") == s)
3481 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
3482 "found unexpected BOM (Byte Order Mark)");
3483
3484 if (isupper(s[0])) read_macro_assignment(s);
3485
3486 else if (Ustrncmp(s, "domainlist", 10) == 0)
3487 read_named_list(&domainlist_anchor, &domainlist_count,
3488 MAX_NAMED_LIST, s+10, US"domain list");
3489
3490 else if (Ustrncmp(s, "hostlist", 8) == 0)
3491 read_named_list(&hostlist_anchor, &hostlist_count,
3492 MAX_NAMED_LIST, s+8, US"host list");
3493
3494 else if (Ustrncmp(s, US"addresslist", 11) == 0)
3495 read_named_list(&addresslist_anchor, &addresslist_count,
3496 MAX_NAMED_LIST, s+11, US"address list");
3497
3498 else if (Ustrncmp(s, US"localpartlist", 13) == 0)
3499 read_named_list(&localpartlist_anchor, &localpartlist_count,
3500 MAX_NAMED_LIST, s+13, US"local part list");
3501
3502 else
3503 (void) readconf_handle_option(s, optionlist_config, optionlist_config_size,
3504 NULL, US"main option \"%s\" unknown");
3505 }
3506
3507
3508 /* If local_sender_retain is set, local_from_check must be unset. */
3509
3510 if (local_sender_retain && local_from_check)
3511 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "both local_from_check and "
3512 "local_sender_retain are set; this combination is not allowed");
3513
3514 /* If the timezone string is empty, set it to NULL, implying no TZ variable
3515 wanted. */
3516
3517 if (timezone_string != NULL && *timezone_string == 0) timezone_string = NULL;
3518
3519 /* The max retry interval must not be greater than 24 hours. */
3520
3521 if (retry_interval_max > 24*60*60) retry_interval_max = 24*60*60;
3522
3523 /* remote_max_parallel must be > 0 */
3524
3525 if (remote_max_parallel <= 0) remote_max_parallel = 1;
3526
3527 /* Save the configured setting of freeze_tell, so we can re-instate it at the
3528 start of a new SMTP message. */
3529
3530 freeze_tell_config = freeze_tell;
3531
3532 /* The primary host name may be required for expansion of spool_directory
3533 and log_file_path, so make sure it is set asap. It is obtained from uname(),
3534 but if that yields an unqualified value, make a FQDN by using gethostbyname to
3535 canonize it. Some people like upper case letters in their host names, so we
3536 don't force the case. */
3537
3538 if (primary_hostname == NULL)
3539 {
3540 const uschar *hostname;
3541 struct utsname uts;
3542 if (uname(&uts) < 0)
3543 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "uname() failed to yield host name");
3544 hostname = US uts.nodename;
3545
3546 if (Ustrchr(hostname, '.') == NULL)
3547 {
3548 int af = AF_INET;
3549 struct hostent *hostdata;
3550
3551 #if HAVE_IPV6
3552 if (!disable_ipv6 && (dns_ipv4_lookup == NULL ||
3553 match_isinlist(hostname, CUSS &dns_ipv4_lookup, 0, NULL, NULL,
3554 MCL_DOMAIN, TRUE, NULL) != OK))
3555 af = AF_INET6;
3556 #else
3557 af = AF_INET;
3558 #endif
3559
3560 for (;;)
3561 {
3562 #if HAVE_IPV6
3563 #if HAVE_GETIPNODEBYNAME
3564 int error_num;
3565 hostdata = getipnodebyname(CS hostname, af, 0, &error_num);
3566 #else
3567 hostdata = gethostbyname2(CS hostname, af);
3568 #endif
3569 #else
3570 hostdata = gethostbyname(CS hostname);
3571 #endif
3572
3573 if (hostdata != NULL)
3574 {
3575 hostname = US hostdata->h_name;
3576 break;
3577 }
3578
3579 if (af == AF_INET) break;
3580 af = AF_INET;
3581 }
3582 }
3583
3584 primary_hostname = string_copy(hostname);
3585 }
3586
3587 /* Set up default value for smtp_active_hostname */
3588
3589 smtp_active_hostname = primary_hostname;
3590
3591 /* If spool_directory wasn't set in the build-time configuration, it must have
3592 got set above. Of course, writing to the log may not work if log_file_path is
3593 not set, but it will at least get to syslog or somewhere, with any luck. */
3594
3595 if (*spool_directory == 0)
3596 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "spool_directory undefined: cannot "
3597 "proceed");
3598
3599 /* Expand the spool directory name; it may, for example, contain the primary
3600 host name. Same comment about failure. */
3601
3602 s = expand_string(spool_directory);
3603 if (s == NULL)
3604 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand spool_directory "
3605 "\"%s\": %s", spool_directory, expand_string_message);
3606 spool_directory = s;
3607
3608 /* Expand log_file_path, which must contain "%s" in any component that isn't
3609 the null string or "syslog". It is also allowed to contain one instance of %D
3610 or %M. However, it must NOT contain % followed by anything else. */
3611
3612 if (*log_file_path != 0)
3613 {
3614 const uschar *ss, *sss;
3615 int sep = ':'; /* Fixed for log file path */
3616 s = expand_string(log_file_path);
3617 if (s == NULL)
3618 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand log_file_path "
3619 "\"%s\": %s", log_file_path, expand_string_message);
3620
3621 ss = s;
3622 while ((sss = string_nextinlist(&ss,&sep,big_buffer,big_buffer_size)) != NULL)
3623 {
3624 uschar *t;
3625 if (sss[0] == 0 || Ustrcmp(sss, "syslog") == 0) continue;
3626 t = Ustrstr(sss, "%s");
3627 if (t == NULL)
3628 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" does not "
3629 "contain \"%%s\"", sss);
3630 *t = 'X';
3631 t = Ustrchr(sss, '%');
3632 if (t != NULL)
3633 {
3634 if ((t[1] != 'D' && t[1] != 'M') || Ustrchr(t+2, '%') != NULL)
3635 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" contains "
3636 "unexpected \"%%\" character", s);
3637 }
3638 }
3639
3640 log_file_path = s;
3641 }
3642
3643 /* Interpret syslog_facility into an integer argument for 'ident' param to
3644 openlog(). Default is LOG_MAIL set in globals.c. Allow the user to omit the
3645 leading "log_". */
3646
3647 if (syslog_facility_str != NULL)
3648 {
3649 int i;
3650 uschar *s = syslog_facility_str;
3651
3652 if ((Ustrlen(syslog_facility_str) >= 4) &&
3653 (strncmpic(syslog_facility_str, US"log_", 4) == 0))
3654 s += 4;
3655
3656 for (i = 0; i < syslog_list_size; i++)
3657 {
3658 if (strcmpic(s, syslog_list[i].name) == 0)
3659 {
3660 syslog_facility = syslog_list[i].value;
3661 break;
3662 }
3663 }
3664
3665 if (i >= syslog_list_size)
3666 {
3667 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3668 "failed to interpret syslog_facility \"%s\"", syslog_facility_str);
3669 }
3670 }
3671
3672 /* Expand pid_file_path */
3673
3674 if (*pid_file_path != 0)
3675 {
3676 s = expand_string(pid_file_path);
3677 if (s == NULL)
3678 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand pid_file_path "
3679 "\"%s\": %s", pid_file_path, expand_string_message);
3680 pid_file_path = s;
3681 }
3682
3683 /* Set default value of process_log_path */
3684
3685 if (process_log_path == NULL || *process_log_path =='\0')
3686 process_log_path = string_sprintf("%s/exim-process.info", spool_directory);
3687
3688 /* Compile the regex for matching a UUCP-style "From_" line in an incoming
3689 message. */
3690
3691 regex_From = regex_must_compile(uucp_from_pattern, FALSE, TRUE);
3692
3693 /* Unpick the SMTP rate limiting options, if set */
3694
3695 if (smtp_ratelimit_mail != NULL)
3696 {
3697 unpick_ratelimit(smtp_ratelimit_mail, &smtp_rlm_threshold,
3698 &smtp_rlm_base, &smtp_rlm_factor, &smtp_rlm_limit);
3699 }
3700
3701 if (smtp_ratelimit_rcpt != NULL)
3702 {
3703 unpick_ratelimit(smtp_ratelimit_rcpt, &smtp_rlr_threshold,
3704 &smtp_rlr_base, &smtp_rlr_factor, &smtp_rlr_limit);
3705 }
3706
3707 /* The qualify domains default to the primary host name */
3708
3709 if (qualify_domain_sender == NULL)
3710 qualify_domain_sender = primary_hostname;
3711 if (qualify_domain_recipient == NULL)
3712 qualify_domain_recipient = qualify_domain_sender;
3713
3714 /* Setting system_filter_user in the configuration sets the gid as well if a
3715 name is given, but a numerical value does not. */
3716
3717 if (system_filter_uid_set && !system_filter_gid_set)
3718 {
3719 struct passwd *pw = getpwuid(system_filter_uid);
3720 if (pw == NULL)
3721 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Failed to look up uid %ld",
3722 (long int)system_filter_uid);
3723 system_filter_gid = pw->pw_gid;
3724 system_filter_gid_set = TRUE;
3725 }
3726
3727 /* If the errors_reply_to field is set, check that it is syntactically valid
3728 and ensure it contains a domain. */
3729
3730 if (errors_reply_to != NULL)
3731 {
3732 uschar *errmess;
3733 int start, end, domain;
3734 uschar *recipient = parse_extract_address(errors_reply_to, &errmess,
3735 &start, &end, &domain, FALSE);
3736
3737 if (recipient == NULL)
3738 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3739 "error in errors_reply_to (%s): %s", errors_reply_to, errmess);
3740
3741 if (domain == 0)
3742 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3743 "errors_reply_to (%s) does not contain a domain", errors_reply_to);
3744 }
3745
3746 /* If smtp_accept_queue or smtp_accept_max_per_host is set, then
3747 smtp_accept_max must also be set. */
3748
3749 if (smtp_accept_max == 0 &&
3750 (smtp_accept_queue > 0 || smtp_accept_max_per_host != NULL))
3751 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3752 "smtp_accept_max must be set if smtp_accept_queue or "
3753 "smtp_accept_max_per_host is set");
3754
3755 /* Set up the host number if anything is specified. It is an expanded string
3756 so that it can be computed from the host name, for example. We do this last
3757 so as to ensure that everything else is set up before the expansion. */
3758
3759 if (host_number_string != NULL)
3760 {
3761 long int n;
3762 uschar *end;
3763 uschar *s = expand_string(host_number_string);
3764 if (s == NULL)
3765 log_write(0, LOG_MAIN|LOG_PANIC_DIE,
3766 "failed to expand localhost_number \"%s\": %s",
3767 host_number_string, expand_string_message);
3768 n = Ustrtol(s, &end, 0);
3769 while (isspace(*end)) end++;
3770 if (*end != 0)
3771 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3772 "localhost_number value is not a number: %s", s);
3773 if (n > LOCALHOST_MAX)
3774 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3775 "localhost_number is greater than the maximum allowed value (%d)",
3776 LOCALHOST_MAX);
3777 host_number = n;
3778 }
3779
3780 #ifdef SUPPORT_TLS
3781 /* If tls_verify_hosts is set, tls_verify_certificates must also be set */
3782
3783 if ((tls_verify_hosts != NULL || tls_try_verify_hosts != NULL) &&
3784 tls_verify_certificates == NULL)
3785 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
3786 "tls_%sverify_hosts is set, but tls_verify_certificates is not set",
3787 (tls_verify_hosts != NULL)? "" : "try_");
3788
3789 /* This also checks that the library linkage is working and we can call
3790 routines in it, so call even if tls_require_ciphers is unset */
3791 if (!tls_dropprivs_validate_require_cipher(nowarn))
3792 exit(1);
3793
3794 /* Magic number: at time of writing, 1024 has been the long-standing value
3795 used by so many clients, and what Exim used to use always, that it makes
3796 sense to just min-clamp this max-clamp at that. */
3797 if (tls_dh_max_bits < 1024)
3798 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,