* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2017 */
+/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
/* Functions for reading the configuration file, and for displaying
# include "macro_predef.h"
#endif
+#define READCONF_DEBUG if (FALSE) /* Change to TRUE to enable */
+
+
static uschar * syslog_facility_str;
-static void fn_smtp_receive_timeout(const uschar *, const uschar *);
+static void fn_smtp_receive_timeout(const uschar *, const uschar *, unsigned);
/*************************************************
* Main configuration options *
{ "acl_smtp_predata", opt_stringptr, &acl_smtp_predata },
{ "acl_smtp_quit", opt_stringptr, &acl_smtp_quit },
{ "acl_smtp_rcpt", opt_stringptr, &acl_smtp_rcpt },
-#ifdef SUPPORT_TLS
+#ifndef DISABLE_TLS
{ "acl_smtp_starttls", opt_stringptr, &acl_smtp_starttls },
#endif
{ "acl_smtp_vrfy", opt_stringptr, &acl_smtp_vrfy },
#endif
{ "disable_ipv6", opt_bool, &disable_ipv6 },
#ifndef DISABLE_DKIM
+ { "dkim_verify_hashes", opt_stringptr, &dkim_verify_hashes },
+ { "dkim_verify_keytypes", opt_stringptr, &dkim_verify_keytypes },
+ { "dkim_verify_minimal", opt_bool, &dkim_verify_minimal },
{ "dkim_verify_signers", opt_stringptr, &dkim_verify_signers },
#endif
-#ifdef EXPERIMENTAL_DMARC
+#ifdef SUPPORT_DMARC
{ "dmarc_forensic_sender", opt_stringptr, &dmarc_forensic_sender },
{ "dmarc_history_file", opt_stringptr, &dmarc_history_file },
{ "dmarc_tld_file", opt_stringptr, &dmarc_tld_file },
#endif
{ "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist },
{ "dns_check_names_pattern", opt_stringptr, &check_dns_names_pattern },
+ { "dns_cname_loops", opt_int, &dns_cname_loops },
{ "dns_csa_search_limit", opt_int, &dns_csa_search_limit },
{ "dns_csa_use_reverse", opt_bool, &dns_csa_use_reverse },
{ "dns_dnssec_ok", opt_int, &dns_dnssec_ok },
{ "exim_group", opt_gid, &exim_gid },
{ "exim_path", opt_stringptr, &exim_path },
{ "exim_user", opt_uid, &exim_uid },
+ { "exim_version", opt_stringptr, &version_string },
{ "extra_local_interfaces", opt_stringptr, &extra_local_interfaces },
{ "extract_addresses_remove_arguments", opt_bool, &extract_addresses_remove_arguments },
{ "finduser_retries", opt_int, &finduser_retries },
{ "freeze_tell", opt_stringptr, &freeze_tell },
{ "gecos_name", opt_stringptr, &gecos_name },
{ "gecos_pattern", opt_stringptr, &gecos_pattern },
-#ifdef SUPPORT_TLS
+#ifndef DISABLE_TLS
{ "gnutls_allow_auto_pkcs11", opt_bool, &gnutls_allow_auto_pkcs11 },
{ "gnutls_compat_mode", opt_bool, &gnutls_compat_mode },
#endif
{ "local_from_prefix", opt_stringptr, &local_from_prefix },
{ "local_from_suffix", opt_stringptr, &local_from_suffix },
{ "local_interfaces", opt_stringptr, &local_interfaces },
+#ifdef HAVE_LOCAL_SCAN
{ "local_scan_timeout", opt_time, &local_scan_timeout },
+#endif
{ "local_sender_retain", opt_bool, &local_sender_retain },
{ "localhost_number", opt_stringptr, &host_number_string },
{ "log_file_path", opt_stringptr, &log_file_path },
{ "mysql_servers", opt_stringptr, &mysql_servers },
#endif
{ "never_users", opt_uidlist, &never_users },
-#ifdef SUPPORT_TLS
+#ifndef DISABLE_TLS
{ "openssl_options", opt_stringptr, &openssl_options },
#endif
#ifdef LOOKUP_ORACLE
#endif
{ "pid_file_path", opt_stringptr, &pid_file_path },
{ "pipelining_advertise_hosts", opt_stringptr, &pipelining_advertise_hosts },
+#ifndef DISABLE_PIPE_CONNECT
+ { "pipelining_connect_advertise_hosts", opt_stringptr,
+ &pipe_connect_advertise_hosts },
+#endif
#ifndef DISABLE_PRDR
{ "prdr_enable", opt_bool, &prdr_enable },
#endif
{ "smtp_ratelimit_hosts", opt_stringptr, &smtp_ratelimit_hosts },
{ "smtp_ratelimit_mail", opt_stringptr, &smtp_ratelimit_mail },
{ "smtp_ratelimit_rcpt", opt_stringptr, &smtp_ratelimit_rcpt },
- { "smtp_receive_timeout", opt_func, &fn_smtp_receive_timeout },
+ { "smtp_receive_timeout", opt_func, (void *) &fn_smtp_receive_timeout },
{ "smtp_reserve_hosts", opt_stringptr, &smtp_reserve_hosts },
{ "smtp_return_error_details",opt_bool, &smtp_return_error_details },
#ifdef SUPPORT_I18N
{ "timeout_frozen_after", opt_time, &timeout_frozen_after },
{ "timezone", opt_stringptr, &timezone_string },
{ "tls_advertise_hosts", opt_stringptr, &tls_advertise_hosts },
-#ifdef SUPPORT_TLS
+#ifndef DISABLE_TLS
{ "tls_certificate", opt_stringptr, &tls_certificate },
{ "tls_crl", opt_stringptr, &tls_crl },
{ "tls_dh_max_bits", opt_int, &tls_dh_max_bits },
{ "tls_privatekey", opt_stringptr, &tls_privatekey },
{ "tls_remember_esmtp", opt_bool, &tls_remember_esmtp },
{ "tls_require_ciphers", opt_stringptr, &tls_require_ciphers },
+# ifdef EXPERIMENTAL_TLS_RESUME
+ { "tls_resumption_hosts", opt_stringptr, &tls_resumption_hosts },
+# endif
{ "tls_try_verify_hosts", opt_stringptr, &tls_try_verify_hosts },
{ "tls_verify_certificates", opt_stringptr, &tls_verify_certificates },
{ "tls_verify_hosts", opt_stringptr, &tls_verify_hosts },
#ifdef MACRO_PREDEF
-static void fn_smtp_receive_timeout(const uschar * name, const uschar * str) {/*Dummy*/}
+static void
+fn_smtp_receive_timeout(const uschar * name, const uschar * str, unsigned flags) {/*Dummy*/}
void
options_main(void)
void
options_auths(void)
{
-struct auth_info * ai;
uschar buf[64];
options_from_list(optionlist_auths, optionlist_auths_size, US"AUTHENTICATORS", NULL);
-for (ai = auths_available; ai->driver_name[0]; ai++)
+for (struct auth_info * ai = auths_available; ai->driver_name[0]; ai++)
{
spf(buf, sizeof(buf), US"_DRIVER_AUTHENTICATOR_%T", ai->driver_name);
builtin_macro_create(buf);
options_from_list(ai->options, (unsigned)*ai->options_count, US"AUTHENTICATOR", ai->driver_name);
+
+ if (ai->macros_create) (ai->macros_create)();
+ }
+}
+
+void
+options_logging(void)
+{
+uschar buf[64];
+
+for (bit_table * bp = log_options; bp < log_options + log_options_count; bp++)
+ {
+ spf(buf, sizeof(buf), US"_LOG_%T", bp->name);
+ builtin_macro_create(buf);
}
}
static int syslog_list_size = sizeof(syslog_list)/sizeof(syslog_fac_item);
+#define opt_fn_print BIT(0)
+#define opt_fn_print_label BIT(1)
/*************************************************
uschar *
readconf_find_option(void *p)
{
-int i;
-router_instance *r;
-transport_instance *t;
-
-for (i = 0; i < nelem(optionlist_config); i++)
+for (int i = 0; i < nelem(optionlist_config); i++)
if (p == optionlist_config[i].value) return US optionlist_config[i].name;
-for (r = routers; r; r = r->next)
+for (router_instance * r = routers; r; r = r->next)
{
router_info *ri = r->info;
- for (i = 0; i < *ri->options_count; i++)
+ for (int i = 0; i < *ri->options_count; i++)
{
if ((ri->options[i].type & opt_mask) != opt_stringptr) continue;
if (p == CS (r->options_block) + (long int)(ri->options[i].value))
}
}
-for (t = transports; t; t = t->next)
+for (transport_instance * t = transports; t; t = t->next)
{
transport_info *ti = t->info;
- for (i = 0; i < *ti->options_count; i++)
+ for (int i = 0; i < *ti->options_count; i++)
{
optionlist * op = &ti->options[i];
if ((op->type & opt_mask) != opt_stringptr) continue;
+/*************************************************
+* Deal with an assignment to a macro *
+*************************************************/
+
+/* We have a new definition; append to the list.
+
+Args:
+ name Name of the macro; will be copied
+ val Expansion result for the macro; will be copied
+*/
+
+macro_item *
+macro_create(const uschar * name, const uschar * val, BOOL command_line)
+{
+macro_item * m = store_get(sizeof(macro_item), FALSE);
+
+READCONF_DEBUG fprintf(stderr, "%s: '%s' '%s'\n", __FUNCTION__, name, val);
+m->next = NULL;
+m->command_line = command_line;
+m->namelen = Ustrlen(name);
+m->replen = Ustrlen(val);
+m->name = string_copy(name);
+m->replacement = string_copy(val);
+if (mlast)
+ mlast->next = m;
+else
+ macros = m;
+mlast = m;
+if (!macros_user)
+ macros_user = m;
+return m;
+}
+
+
/* This function is called when a line that starts with an upper case letter is
encountered. The argument "line" should contain a complete logical line, and
start with the first letter of the macro name. The macro name and the
just skip this definition. It's an error to attempt to redefine a macro without
redef set to TRUE, or to redefine a macro when it hasn't been defined earlier.
It is also an error to define a macro whose name begins with the name of a
-previously defined macro.
+previously defined macro. This is the requirement that make using a tree
+for macros hard; we must check all macros for the substring. Perhaps a
+sorted list, and a bsearch, would work?
Note: it is documented that the other way round works. */
-if ((m = macro_search_prefix(name)))
+for (m = macros; m; m = m->next)
{
- if (m->namelen < namelen) /* substring match */
+ if (Ustrcmp(m->name, name) == 0)
{
- log_write(0, LOG_CONFIG|LOG_PANIC, "\"%s\" cannot be defined as "
- "a macro because previously defined macro \"%s\" is a substring",
- name, m->tnode.name);
- return FALSE;
+ if (!m->command_line && !redef)
+ {
+ log_write(0, LOG_CONFIG|LOG_PANIC, "macro \"%s\" is already "
+ "defined (use \"==\" if you want to redefine it)", name);
+ return FALSE;
+ }
+ break;
}
- /* exact match */
- if (!m->command_line && !redef)
+
+ if (m->namelen < namelen && Ustrstr(name, m->name) != NULL)
{
- log_write(0, LOG_CONFIG|LOG_PANIC, "macro \"%s\" is already "
- "defined (use \"==\" if you want to redefine it", name);
+ log_write(0, LOG_CONFIG|LOG_PANIC, "\"%s\" cannot be defined as "
+ "a macro because previously defined macro \"%s\" is a substring",
+ name, m->name);
return FALSE;
}
- if (m->command_line) /* overriding cmdline definition */
- return TRUE;
+ /* We cannot have this test, because it is documented that a substring
+ macro is permitted (there is even an example).
+ *
+ * if (m->namelen > namelen && Ustrstr(m->name, name) != NULL)
+ * log_write(0, LOG_CONFIG|LOG_PANIC_DIE, "\"%s\" cannot be defined as "
+ * "a macro because it is a substring of previously defined macro \"%s\"",
+ * name, m->name);
+ */
}
+/* Check for an overriding command-line definition. */
+
+if (m && m->command_line) return TRUE;
+
/* Redefinition must refer to an existing macro. */
if (redef)
if (m)
{
m->replen = Ustrlen(s);
- m->tnode.data.ptr = string_copy(s);
+ m->replacement = string_copy(s);
}
else
{
/* Process line for macros. The line is in big_buffer starting at offset len.
Expand big_buffer if needed. Handle definitions of new macros, and
-imacro expansions, rewriting the line in thw buffer.
+macro expansions, rewriting the line in the buffer.
Arguments:
len Offset in buffer of start of line
if (*s != '=') s = ss; /* Not a macro definition */
}
-/* Scan the line (from after XXX= if present), replacing any macros. Rescan
-after replacement for any later-defined macros. */
+/* Skip leading chars which cannot start a macro name, to avoid multiple
+pointless rescans in Ustrstr calls. */
+
+while (*s && !isupper(*s) && !(*s == '_' && isupper(s[1]))) s++;
+
+/* For each defined macro, scan the line (from after XXX= if present),
+replacing all occurrences of the macro. */
*macro_found = FALSE;
-while (*s)
+if (*s) for (macro_item * m = *s == '_' ? macros : macros_user; m; m = m->next)
{
- if (isupper(*s) || *s == '_' && isupper(s[1]))
- {
- macro_item * m;
- unsigned mnum = 0;
+ uschar * p, *pp;
+ uschar * t;
- while ((m = macro_search_largest_prefix(s)) && m->m_number > mnum)
- {
- uschar * pp;
- int moveby;
+ while (*s && !isupper(*s) && !(*s == '_' && isupper(s[1]))) s++;
+ if (!*s) break;
- /* Expand the buffer if necessary */
+ t = s;
+ while ((p = Ustrstr(t, m->name)) != NULL)
+ {
+ int moveby;
- while (*newlen - m->namelen + m->replen + 1 > big_buffer_size)
- {
- int newsize = big_buffer_size + BIG_BUFFER_SIZE;
- uschar *newbuffer = store_malloc(newsize);
- memcpy(newbuffer, big_buffer, *newlen + 1);
- s = newbuffer + (s - big_buffer);
- ss = newbuffer + (ss - big_buffer);
- big_buffer_size = newsize;
- store_free(big_buffer);
- big_buffer = newbuffer;
- }
+ READCONF_DEBUG fprintf(stderr, "%s: matched '%s' in '%.*s'\n", __FUNCTION__,
+ m->name, (int) Ustrlen(ss)-1, ss);
+ /* Expand the buffer if necessary */
+
+ while (*newlen - m->namelen + m->replen + 1 > big_buffer_size)
+ {
+ int newsize = big_buffer_size + BIG_BUFFER_SIZE;
+ uschar *newbuffer = store_malloc(newsize);
+ memcpy(newbuffer, big_buffer, *newlen + 1);
+ p = newbuffer + (p - big_buffer);
+ s = newbuffer + (s - big_buffer);
+ ss = newbuffer + (ss - big_buffer);
+ t = newbuffer + (t - big_buffer);
+ big_buffer_size = newsize;
+ store_free(big_buffer);
+ big_buffer = newbuffer;
+ }
- /* Shuffle the remaining characters up or down in the buffer before
- copying in the replacement text. Don't rescan the replacement for this
- same macro. */
+ /* Shuffle the remaining characters up or down in the buffer before
+ copying in the replacement text. Don't rescan the replacement for this
+ same macro. */
- pp = s + m->namelen;
- if ((moveby = m->replen - m->namelen) != 0)
- {
- memmove(s + m->replen, pp, (big_buffer + *newlen) - pp + 1);
- *newlen += moveby;
- }
- Ustrncpy(s, m->tnode.data.ptr, m->replen);
- *macro_found = TRUE;
- mnum = m->m_number;
+ pp = p + m->namelen;
+ if ((moveby = m->replen - m->namelen) != 0)
+ {
+ memmove(p + m->replen, pp, (big_buffer + *newlen) - pp + 1);
+ *newlen += moveby;
}
+ Ustrncpy(p, m->replacement, m->replen);
+ t = p + m->replen;
+ while (*t && !isupper(*t) && !(*t == '_' && isupper(t[1]))) t++;
+ *macro_found = TRUE;
}
- s++;
}
/* An empty macro replacement at the start of a line could mean that ss no
/* Handle conditionals, which are also applied to physical lines. Conditions
are of the form ".ifdef ANYTEXT" and are treated as true if any macro
- expansion occured on the rest of the line. A preliminary test for the leading
+ expansion occurred on the rest of the line. A preliminary test for the leading
'.' saves effort on most lines. */
if (*ss == '.')
if (config_lines)
save_config_position(config_filename, config_lineno);
- save = store_get(sizeof(config_file_item));
+ save = store_get(sizeof(config_file_item), FALSE);
save->next = config_file_stack;
config_file_stack = save;
save->file = config_file;
static rewrite_rule *
readconf_one_rewrite(const uschar *p, int *existflags, BOOL isglobal)
{
-rewrite_rule *next = store_get(sizeof(rewrite_rule));
+rewrite_rule *next = store_get(sizeof(rewrite_rule), FALSE);
next->next = NULL;
next->key = string_dequote(&p);
* Custom-handler options *
*************************************************/
static void
-fn_smtp_receive_timeout(const uschar * name, const uschar * str)
+fn_smtp_receive_timeout(const uschar * name, const uschar * str, unsigned flags)
{
-if (*str == '$')
+if (flags & opt_fn_print)
+ {
+ if (flags & opt_fn_print_label) printf("%s = ", name);
+ printf("%s\n", smtp_receive_timeout_s
+ ? string_printing2(smtp_receive_timeout_s, FALSE)
+ : readconf_printtime(smtp_receive_timeout));
+ }
+else if (*str == '$')
smtp_receive_timeout_s = string_copy(str);
else
{
{
int ptr = 0;
int offset = 0;
-int n, count, type, value;
+int count, type, value;
int issecure = 0;
uid_t uid;
gid_t gid;
BOOL freesptr = TRUE;
optionlist *ol, *ol2;
struct passwd *pw;
-void *reset_point;
+rmark reset_point;
int intbase = 0;
uschar *inttype = US"";
uschar *sptr;
it turns out that what we read was "hide", set the flag indicating that
this is a secure option, and loop to read the next word. */
-for (n = 0; n < 2; n++)
+for (int n = 0; n < 2; n++)
{
while (isalnum(*s) || *s == '_')
{
case opt_gidlist:
case opt_rewrite:
- reset_point = sptr = read_string(s, name);
+ reset_point = store_mark();
+ sptr = read_string(s, name);
/* Having read a string, we now have several different ways of using it,
depending on the data type, so do another switch. If keeping the actual
/* We already have a condition, we're conducting a crude hack to let
multiple condition rules be chained together, despite storing them in
text form. */
- *str_target = string_copy_malloc( (saved_condition = *str_target)
+ *str_target = string_copy_perm( (saved_condition = *str_target)
? string_sprintf("${if and{{bool_lax{%s}}{bool_lax{%s}}}}",
saved_condition, sptr)
- : sptr);
+ : sptr,
+ FALSE);
/* TODO(pdp): there is a memory leak here and just below
when we set 3 or more conditions; I still don't
understand the store mechanism enough to know
}
else if (ol->type & opt_rep_str)
{
- uschar sep_o = Ustrncmp(name, "headers_add", 11)==0 ? '\n' : ':';
+ uschar sep_o =
+ Ustrncmp(name, "headers_add", 11) == 0 ? '\n'
+ : Ustrncmp(name, "set", 3) == 0 ? ';'
+ : ':';
int sep_i = -(int)sep_o;
const uschar * list = sptr;
uschar * s;
list_o = string_append_listele(list_o, sep_o, s);
if (list_o)
- *str_target = string_copy_malloc(string_from_gstring(list_o));
+ *str_target = string_copy_perm(string_from_gstring(list_o), FALSE);
}
else
{
ignore. Also ignore if the value is already set. */
if (pw == NULL) break;
- Ustrcpy(name+Ustrlen(name)-4, "group");
+ Ustrcpy(name+Ustrlen(name)-4, US"group");
ol2 = find_option(name, oltop, last);
if (ol2 != NULL && ((ol2->type & opt_mask) == opt_gid ||
(ol2->type & opt_mask) == opt_expand_gid))
/* Release store if the value of the string doesn't need to be kept. */
- if (freesptr) store_reset(reset_point);
+ if (freesptr) reset_point = store_reset(reset_point);
break;
/* Expanded boolean: if no characters follow, or if there are no dollar
if (*s != 0 && Ustrchr(s, '$') != 0)
{
sprintf(CS name2, "*expand_%.50s", name);
- ol2 = find_option(name2, oltop, last);
- if (ol2 != NULL)
+ if ((ol2 = find_option(name2, oltop, last)))
{
- reset_point = sptr = read_string(s, name);
+ reset_point = store_mark();
+ sptr = read_string(s, name);
if (data_block == NULL)
*((uschar **)(ol2->value)) = sptr;
else
inttype = US"octal ";
/* Integer: a simple(ish) case; allow octal and hex formats, and
- suffixes K, M and G. The different types affect output, not input. */
+ suffixes K, M, G, and T. The different types affect output, not input. */
case opt_mkint:
case opt_int:
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
inttype, name);
- if (errno != ERANGE)
- if (tolower(*endptr) == 'k')
- {
- if (lvalue > INT_MAX/1024 || lvalue < INT_MIN/1024) errno = ERANGE;
- else lvalue *= 1024;
- endptr++;
- }
- else if (tolower(*endptr) == 'm')
- {
- if (lvalue > INT_MAX/(1024*1024) || lvalue < INT_MIN/(1024*1024))
- errno = ERANGE;
- else lvalue *= 1024*1024;
- endptr++;
- }
- else if (tolower(*endptr) == 'g')
- {
- if (lvalue > INT_MAX/(1024*1024*1024) || lvalue < INT_MIN/(1024*1024*1024))
- errno = ERANGE;
- else lvalue *= 1024*1024*1024;
- endptr++;
- }
+ if (errno != ERANGE && *endptr)
+ {
+ uschar * mp = US"TtGgMmKk\0"; /* YyZzEePpTtGgMmKk */
+
+ if ((mp = Ustrchr(mp, *endptr)))
+ {
+ endptr++;
+ do
+ {
+ if (lvalue > INT_MAX/1024 || lvalue < INT_MIN/1024)
+ {
+ errno = ERANGE;
+ break;
+ }
+ lvalue *= 1024;
+ }
+ while (*(mp += 2));
+ }
+ }
if (errno == ERANGE || lvalue > INT_MAX || lvalue < INT_MIN)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
"absolute value of integer \"%s\" is too large (overflow)", s);
while (isspace(*endptr)) endptr++;
- if (*endptr != 0)
+ if (*endptr)
extra_chars_error(endptr, inttype, US"integer value for ", name);
value = (int)lvalue;
}
- if (data_block == NULL)
- *((int *)(ol->value)) = value;
+ if (data_block)
+ *(int *)(US data_block + (long int)ol->value) = value;
else
- *((int *)(US data_block + (long int)(ol->value))) = value;
+ *(int *)ol->value = value;
break;
- /* Integer held in K: again, allow octal and hex formats, and suffixes K, M
- and G. */
- /*XXX consider moving to int_eximarith_t (but mind the overflow test 0415) */
+ /* Integer held in K: again, allow formats and suffixes as above. */
case opt_Kint:
{
uschar *endptr;
errno = 0;
- value = strtol(CS s, CSS &endptr, intbase);
+ int_eximarith_t lvalue = strtol(CS s, CSS &endptr, intbase);
if (endptr == s)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "%sinteger expected for %s",
inttype, name);
- if (errno != ERANGE)
- if (tolower(*endptr) == 'g')
- {
- if (value > INT_MAX/(1024*1024) || value < INT_MIN/(1024*1024))
- errno = ERANGE;
- else
- value *= 1024*1024;
- endptr++;
- }
- else if (tolower(*endptr) == 'm')
- {
- if (value > INT_MAX/1024 || value < INT_MIN/1024)
- errno = ERANGE;
- else
- value *= 1024;
- endptr++;
- }
- else if (tolower(*endptr) == 'k')
- endptr++;
+ if (errno != ERANGE && *endptr)
+ {
+ uschar * mp = US"ZzEePpTtGgMmKk\0"; /* YyZzEePpTtGgMmKk */
+
+ if ((mp = Ustrchr(mp, *endptr)))
+ {
+ endptr++;
+ while (*(mp += 2))
+ {
+ if (lvalue > EXIM_ARITH_MAX/1024 || lvalue < EXIM_ARITH_MIN/1024)
+ {
+ errno = ERANGE;
+ break;
+ }
+ lvalue *= 1024;
+ }
+ }
else
- value = (value + 512)/1024;
+ lvalue = (lvalue + 512)/1024;
+ }
if (errno == ERANGE) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
"absolute value of integer \"%s\" is too large (overflow)", s);
while (isspace(*endptr)) endptr++;
if (*endptr != 0)
extra_chars_error(endptr, inttype, US"integer value for ", name);
- }
- if (data_block == NULL)
- *((int *)(ol->value)) = value;
- else
- *((int *)(US data_block + (long int)(ol->value))) = value;
- break;
+ if (data_block)
+ *(int_eximarith_t *)(US data_block + (long int)ol->value) = lvalue;
+ else
+ *(int_eximarith_t *)ol->value = lvalue;
+ break;
+ }
/* Fixed-point number: held to 3 decimal places. */
case opt_func:
{
void (*fn)() = ol->value;
- fn(name, s);
+ fn(name, s, 0);
break;
}
}
/* Non-admin callers cannot see options that have been flagged secure by the
"hide" prefix. */
-if (!admin_user && ol->type & opt_secure)
+if (!f.admin_user && ol->type & opt_secure)
{
if (no_labels)
printf("%s\n", hidden);
case opt_Kint:
{
- int x = *((int *)value);
+ int_eximarith_t x = *((int_eximarith_t *)value);
if (!no_labels) printf("%s = ", name);
if (x == 0) printf("0\n");
- else if ((x & 1023) == 0) printf("%dM\n", x >> 10);
- else printf("%dK\n", x);
+ else if ((x & ((1<<30)-1)) == 0) printf(PR_EXIM_ARITH "T\n", x >> 30);
+ else if ((x & ((1<<20)-1)) == 0) printf(PR_EXIM_ARITH "G\n", x >> 20);
+ else if ((x & ((1<<10)-1)) == 0) printf(PR_EXIM_ARITH "M\n", x >> 10);
+ else printf(PR_EXIM_ARITH "K\n", x);
}
break;
if (!no_labels) printf("%s =", name);
if (uidlist)
{
- int i;
uschar sep = no_labels ? '\0' : ' ';
- for (i = 1; i <= (int)(uidlist[0]); i++)
+ for (int i = 1; i <= (int)(uidlist[0]); i++)
{
uschar *name = NULL;
if ((pw = getpwuid(uidlist[i]))) name = US pw->pw_name;
if (!no_labels) printf("%s =", name);
if (gidlist)
{
- int i;
uschar sep = no_labels ? '\0' : ' ';
- for (i = 1; i <= (int)(gidlist[0]); i++)
+ for (int i = 1; i <= (int)(gidlist[0]); i++)
{
uschar *name = NULL;
if ((gr = getgrgid(gidlist[i]))) name = US gr->gr_name;
case opt_timelist:
{
- int i;
int *list = (int *)value;
if (!no_labels) printf("%s = ", name);
- for (i = 0; i < list[1]; i++)
+ for (int i = 0; i < list[1]; i++)
printf("%s%s", i == 0 ? "" : ":", readconf_printtime(list[i+2]));
printf("\n");
}
case opt_bool_set:
printf("%s%s\n", (*((BOOL *)value))? "" : "no_", name);
break;
+
+ case opt_func:
+ {
+ void (*fn)() = ol->value;
+ fn(name, NULL, no_labels ? opt_fn_print : opt_fn_print|opt_fn_print_label);
+ break;
+ }
}
return TRUE;
}
readconf_print(uschar *name, uschar *type, BOOL no_labels)
{
BOOL names_only = FALSE;
-optionlist *ol;
optionlist *ol2 = NULL;
driver_instance *d = NULL;
-macro_item *m;
int size = 0;
if (!type)
{
if (*name == '+')
{
- int i;
tree_node *t;
BOOL found = FALSE;
static uschar *types[] = { US"address", US"domain", US"host",
static tree_node **anchors[] = { &addresslist_anchor, &domainlist_anchor,
&hostlist_anchor, &localpartlist_anchor };
- for (i = 0; i < 4; i++)
+ for (int i = 0; i < 4; i++)
if ((t = tree_search(*(anchors[i]), name+1)))
{
found = TRUE;
if (Ustrcmp(name, "all") == 0)
{
- for (ol = optionlist_config;
+ for (optionlist * ol = optionlist_config;
ol < optionlist_config + nelem(optionlist_config); ol++)
if (!(ol->type & opt_hidden))
(void) print_ol(ol, US ol->name, NULL,
printf("local_scan() options are not supported\n");
return FALSE;
#else
- for (ol = local_scan_options;
+ for (optionlist * ol = local_scan_options;
ol < local_scan_options + local_scan_options_count; ol++)
(void) print_ol(ol, US ol->name, NULL, local_scan_options,
local_scan_options_count, no_labels);
if (Ustrcmp(name, "config") == 0)
{
- print_config(admin_user, no_labels);
+ print_config(f.admin_user, no_labels);
return TRUE;
}
{
/* People store passwords in macros and they were previously not available
for printing. So we have an admin_users restriction. */
- if (!admin_user)
+ if (!f.admin_user)
{
fprintf(stderr, "exim: permission denied\n");
return FALSE;
}
-
- if (name)
- if ((m = macro_search(name)))
- macro_print(m->tnode.name, m->tnode.data.ptr, (void *)(long)names_only);
- else
+ for (macro_item * m = macros; m; m = m->next)
+ if (!name || Ustrcmp(name, m->name) == 0)
{
- printf("%s %s not found\n", type, name);
- return FALSE;
+ if (names_only)
+ printf("%s\n", CS m->name);
+ else if (no_labels)
+ printf("%s\n", CS m->replacement);
+ else
+ printf("%s=%s\n", CS m->name, CS m->replacement);
+ if (name)
+ return TRUE;
}
- else
- tree_walk(tree_macros, macro_print, (void *)(long)names_only);
+ if (!name) return TRUE;
- return TRUE;
+ printf("%s %s not found\n", type, name);
+ return FALSE;
}
if (names_only)
{
for (; d; d = d->next) printf("%s\n", CS d->name);
- return TRUE;;
+ return TRUE;
}
/* Either search for a given driver, or print all of them */
BOOL rc = FALSE;
if (!name)
printf("\n%s %s:\n", d->name, type);
- else if (Ustrcmp(d->name, name) != 0)
- continue;
+ else if (Ustrcmp(d->name, name) != 0) continue;
- for (ol = ol2; ol < ol2 + size; ol++)
+ for (optionlist * ol = ol2; ol < ol2 + size; ol++)
if (!(ol->type & opt_hidden))
rc |= print_ol(ol, US ol->name, d, ol2, size, no_labels);
- for (ol = d->info->options;
+ for (optionlist * ol = d->info->options;
ol < d->info->options + *(d->info->options_count); ol++)
if (!(ol->type & opt_hidden))
rc |= print_ol(ol, US ol->name, d, d->info->options,
BOOL forcecache = FALSE;
uschar *ss;
tree_node *t;
-namedlist_block *nb = store_get(sizeof(namedlist_block));
+namedlist_block *nb = store_get(sizeof(namedlist_block), FALSE);
if (Ustrncmp(s, "_cache", 6) == 0)
{
while (isspace(*s)) s++;
ss = s;
while (isalnum(*s) || *s == '_') s++;
-t = store_get(sizeof(tree_node) + s-ss);
+t = store_get(sizeof(tree_node) + s-ss, is_tainted(ss));
Ustrncpy(t->name, ss, s-ss);
t->name[s-ss] = 0;
while (isspace(*s)) s++;
-/*************************************************
-* Drop privs for checking TLS config *
-*************************************************/
-
-/* We want to validate TLS options during readconf, but do not want to be
-root when we call into the TLS library, in case of library linkage errors
-which cause segfaults; before this check, those were always done as the Exim
-runtime user and it makes sense to continue with that.
-
-Assumes: tls_require_ciphers has been set, if it will be
- exim_user has been set, if it will be
- exim_group has been set, if it will be
-
-Returns: bool for "okay"; false will cause caller to immediately exit.
-*/
-
-#ifdef SUPPORT_TLS
-static BOOL
-tls_dropprivs_validate_require_cipher(BOOL nowarn)
-{
-const uschar *errmsg;
-pid_t pid;
-int rc, status;
-void (*oldsignal)(int);
-
-/* If TLS will never be used, no point checking ciphers */
-
-if ( !tls_advertise_hosts
- || !*tls_advertise_hosts
- || Ustrcmp(tls_advertise_hosts, ":") == 0
- )
- return TRUE;
-else if (!nowarn && !tls_certificate)
- log_write(0, LOG_MAIN,
- "Warning: No server certificate defined; will use a selfsigned one.\n"
- " Suggested action: either install a certificate or change tls_advertise_hosts option");
-
-oldsignal = signal(SIGCHLD, SIG_DFL);
-
-fflush(NULL);
-if ((pid = fork()) < 0)
- log_write(0, LOG_MAIN|LOG_PANIC_DIE, "fork failed for TLS check");
-
-if (pid == 0)
- {
- /* in some modes, will have dropped privilege already */
- if (!geteuid())
- exim_setugid(exim_uid, exim_gid, FALSE,
- US"calling tls_validate_require_cipher");
-
- if ((errmsg = tls_validate_require_cipher()))
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
- "tls_require_ciphers invalid: %s", errmsg);
- fflush(NULL);
- _exit(0);
- }
-
-do {
- rc = waitpid(pid, &status, 0);
-} while (rc < 0 && errno == EINTR);
-
-DEBUG(D_tls)
- debug_printf("tls_validate_require_cipher child %d ended: status=0x%x\n",
- (int)pid, status);
-
-signal(SIGCHLD, oldsignal);
-
-return status == 0;
-}
-#endif /* SUPPORT_TLS */
-
-
-
-
/*************************************************
* Read main configuration options *
*************************************************/
/* Check the status of the file we have opened, if we have retained root
privileges and the file isn't /dev/null (which *should* be 0666). */
-if (trusted_config && Ustrcmp(filename, US"/dev/null"))
+if (f.trusted_config && Ustrcmp(filename, US"/dev/null"))
{
if (fstat(fileno(config_file), &statbuf) != 0)
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to stat configuration file %s",
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Exim configuration file %s has the "
"wrong owner, group, or mode", big_buffer);
+
+ /* Do a dummy store-allocation of a size related to the (toplevel) file size.
+ This assumes we will need this much storage to handle all the allocations
+ during startup; it won't help when .include is being used. When it does, it
+ will cut down on the number of store blocks (and malloc calls, and sbrk
+ syscalls). It also assume we're on the relevant pool. */
+
+ if (statbuf.st_size > 8192)
+ {
+ rmark r = store_mark();
+ void * dummy = store_get((int)statbuf.st_size, FALSE);
+ store_reset(r);
+ }
}
/* Process the main configuration settings. They all begin with a lower case
got set above. Of course, writing to the log may not work if log_file_path is
not set, but it will at least get to syslog or somewhere, with any luck. */
-if (*spool_directory == 0)
+if (!*spool_directory)
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "spool_directory undefined: cannot "
"proceed");
/* Expand the spool directory name; it may, for example, contain the primary
host name. Same comment about failure. */
-s = expand_string(spool_directory);
-if (s == NULL)
+if (!(s = expand_string(spool_directory)))
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand spool_directory "
"\"%s\": %s", spool_directory, expand_string_message);
spool_directory = s;
the null string or "syslog". It is also allowed to contain one instance of %D
or %M. However, it must NOT contain % followed by anything else. */
-if (*log_file_path != 0)
+if (*log_file_path)
{
const uschar *ss, *sss;
int sep = ':'; /* Fixed for log file path */
- s = expand_string(log_file_path);
- if (s == NULL)
+ if (!(s = expand_string(log_file_path)))
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to expand log_file_path "
"\"%s\": %s", log_file_path, expand_string_message);
ss = s;
- while ((sss = string_nextinlist(&ss,&sep,big_buffer,big_buffer_size)) != NULL)
+ while ((sss = string_nextinlist(&ss, &sep, big_buffer, big_buffer_size)))
{
uschar *t;
if (sss[0] == 0 || Ustrcmp(sss, "syslog") == 0) continue;
- t = Ustrstr(sss, "%s");
- if (t == NULL)
+ if (!(t = Ustrstr(sss, "%s")))
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" does not "
"contain \"%%s\"", sss);
*t = 'X';
- t = Ustrchr(sss, '%');
- if (t != NULL)
- {
+ if ((t = Ustrchr(sss, '%')))
if ((t[1] != 'D' && t[1] != 'M') || Ustrchr(t+2, '%') != NULL)
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_file_path \"%s\" contains "
"unexpected \"%%\" character", s);
- }
}
log_file_path = s;
host_number = n;
}
-#ifdef SUPPORT_TLS
+#ifndef DISABLE_TLS
/* If tls_verify_hosts is set, tls_verify_certificates must also be set */
if ((tls_verify_hosts || tls_try_verify_hosts) && !tls_verify_certificates)
"tls_%sverify_hosts is set, but tls_verify_certificates is not set",
tls_verify_hosts ? "" : "try_");
-/* This also checks that the library linkage is working and we can call
-routines in it, so call even if tls_require_ciphers is unset */
-if (!tls_dropprivs_validate_require_cipher(nowarn))
- exit(1);
-
/* Magic number: at time of writing, 1024 has been the long-standing value
used by so many clients, and what Exim used to use always, that it makes
sense to just min-clamp this max-clamp at that. */
"openssl_options parse error: %s", openssl_options);
# endif
}
-#endif /*SUPPORT_TLS*/
+#endif /*DISABLE_TLS*/
if (!nowarn && !keep_environment && environ && *environ)
log_write(0, LOG_MAIN,
init_driver(driver_instance *d, driver_info *drivers_available,
int size_of_info, uschar *class)
{
-driver_info *dd;
-
-for (dd = drivers_available; dd->driver_name[0] != 0;
+for (driver_info * dd = drivers_available; dd->driver_name[0] != 0;
dd = (driver_info *)((US dd) + size_of_info))
- {
if (Ustrcmp(d->driver_name, dd->driver_name) == 0)
{
- int i;
int len = dd->options_len;
d->info = dd;
- d->options_block = store_get(len);
+ d->options_block = store_get(len, FALSE);
memcpy(d->options_block, dd->options_block, len);
- for (i = 0; i < *(dd->options_count); i++)
+ for (int i = 0; i < *(dd->options_count); i++)
dd->options[i].type &= ~opt_set;
return dd;
}
- }
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
"%s %s: cannot find %s driver \"%s\"", class, d->name, class, d->driver_name);
if (*s++ == ':')
{
- int i;
-
/* Finish off initializing the previous driver. */
if (d)
/* Set up a new driver instance data block on the chain, with
its default values installed. */
- d = store_get(instance_size);
+ d = store_get(instance_size, FALSE);
memcpy(d, instance_default, instance_size);
*p = d;
p = &d->next;
/* Clear out the "set" bits in the generic options */
- for (i = 0; i < driver_optionlist_count; i++)
+ for (int i = 0; i < driver_optionlist_count; i++)
driver_optionlist[i].type &= ~opt_set;
/* Check nothing more on this line, then do the next loop iteration. */
readconf_depends(driver_instance *d, uschar *s)
{
int count = *(d->info->options_count);
-optionlist *ol;
uschar *ss;
-for (ol = d->info->options; ol < d->info->options + count; ol++)
+for (optionlist * ol = d->info->options; ol < d->info->options + count; ol++)
{
void *options_block;
uschar *value;
const uschar *pp;
uschar *error;
- next = store_get(sizeof(retry_config));
+ next = store_get(sizeof(retry_config), FALSE);
next->next = NULL;
*chain = next;
chain = &(next->next);
while (*p != 0)
{
- retry_rule *rule = store_get(sizeof(retry_rule));
+ retry_rule *rule = store_get(sizeof(retry_rule), FALSE);
*rchain = rule;
rchain = &(rule->next);
rule->next = NULL;
static void
auths_init(void)
{
-auth_instance *au, *bu;
+#ifndef DISABLE_PIPE_CONNECT
+int nauths = 0;
+#endif
readconf_driver_init(US"authenticator",
(driver_instance **)(&auths), /* chain anchor */
optionlist_auths, /* generic options */
optionlist_auths_size);
-for (au = auths; au; au = au->next)
+for (auth_instance * au = auths; au; au = au->next)
{
if (!au->public_name)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "no public name specified for "
"the %s authenticator", au->name);
- for (bu = au->next; bu; bu = bu->next)
+ for (auth_instance * bu = au->next; bu; bu = bu->next)
if (strcmpic(au->public_name, bu->public_name) == 0)
if ((au->client && bu->client) || (au->server && bu->server))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "two %s authenticators "
"(%s and %s) have the same public name (%s)",
au->client ? US"client" : US"server", au->name, bu->name,
au->public_name);
+#ifndef DISABLE_PIPE_CONNECT
+ nauths++;
+#endif
}
+#ifndef DISABLE_PIPE_CONNECT
+f.smtp_in_early_pipe_no_auth = nauths > 16;
+#endif
}
if (*p != ':' || name[0] == 0)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, "missing or malformed ACL name");
- node = store_get(sizeof(tree_node) + Ustrlen(name));
+ node = store_get(sizeof(tree_node) + Ustrlen(name), is_tainted(name));
Ustrcpy(node->name, name);
if (!tree_insertnode(&acl_anchor, node))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
int mid = last/2;
int n = Ustrlen(next_section);
- if (tolower(next_section[n-1]) != 's') Ustrcpy(next_section+n, "s");
+ if (tolower(next_section[n-1]) != 's') Ustrcpy(next_section+n, US"s");
for (;;)
{
readconf_save_config(const uschar *s)
{
save_config_line(string_sprintf("# Exim Configuration (%s)",
- running_in_test_harness ? US"X" : s));
+ f.running_in_test_harness ? US"X" : s));
}
static void
static config_line_item *current;
config_line_item *next;
-next = (config_line_item*) store_get(sizeof(config_line_item));
+next = (config_line_item*) store_get(sizeof(config_line_item), FALSE);
next->line = string_copy(line);
next->next = NULL;
void
print_config(BOOL admin, BOOL terse)
{
-config_line_item *i;
const int TS = terse ? 0 : 2;
int indent = 0;
-for (i = config_lines; i; i = i->next)
+for (config_line_item * i = config_lines; i; i = i->next)
{
uschar *current;
uschar *p;
projects / exim.git / blobdiff