#define CSTATE_STACK_SIZE 10
+const uschar *config_directory = NULL;
+
/* Structure for chain (stack) of .included files */
typedef struct config_file_item {
struct config_file_item *next;
- uschar *filename;
+ const uschar *filename;
+ const uschar *directory;
FILE *file;
int lineno;
} config_file_item;
{ "check_spool_inodes", opt_int, &check_spool_inodes },
{ "check_spool_space", opt_Kint, &check_spool_space },
{ "chunking_advertise_hosts", opt_stringptr, &chunking_advertise_hosts },
+ { "commandline_checks_require_admin", opt_bool,&commandline_checks_require_admin },
{ "daemon_smtp_port", opt_stringptr|opt_hidden, &daemon_smtp_port },
{ "daemon_smtp_ports", opt_stringptr, &daemon_smtp_port },
{ "daemon_startup_retries", opt_int, &daemon_startup_retries },
{ "dccifd_address", opt_stringptr, &dccifd_address },
{ "dccifd_options", opt_stringptr, &dccifd_options },
#endif
+ { "debug_store", opt_bool, &debug_store },
{ "delay_warning", opt_timelist, &delay_warning },
{ "delay_warning_condition", opt_stringptr, &delay_warning_condition },
{ "deliver_drop_privilege", opt_bool, &deliver_drop_privilege },
{ "dns_retry", opt_int, &dns_retry },
{ "dns_trust_aa", opt_stringptr, &dns_trust_aa },
{ "dns_use_edns0", opt_int, &dns_use_edns0 },
- /* This option is now a no-op, retained for compability */
+ /* This option is now a no-op, retained for compatibility */
{ "drop_cr", opt_bool, &drop_cr },
/*********************************************************/
{ "dsn_advertise_hosts", opt_stringptr, &dsn_advertise_hosts },
#endif
{ "split_spool_directory", opt_bool, &split_spool_directory },
{ "spool_directory", opt_stringptr, &spool_directory },
+ { "spool_wireformat", opt_bool, &spool_wireformat },
#ifdef LOOKUP_SQLITE
{ "sqlite_lock_timeout", opt_int, &sqlite_lock_timeout },
#endif
{ "strip_trailing_dot", opt_bool, &strip_trailing_dot },
{ "syslog_duplication", opt_bool, &syslog_duplication },
{ "syslog_facility", opt_stringptr, &syslog_facility_str },
+ { "syslog_pid", opt_bool, &syslog_pid },
{ "syslog_processname", opt_stringptr, &syslog_processname },
{ "syslog_timestamp", opt_bool, &syslog_timestamp },
{ "system_filter", opt_stringptr, &system_filter },
unsigned namelen = Ustrlen(name);
macro_item * m = store_get(sizeof(macro_item) + namelen);
+/* fprintf(stderr, "%s: '%s' '%s'\n", __FUNCTION__, name, val) */
if (!macros)
{
macros = m;
#endif
#ifdef LOOKUP_LSEARCH
- macro_create(US"_HAVE_LKUP_LSEARCH", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_LSEARCH", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_CDB
- macro_create(US"_HAVE_LKUP_CDB", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_CDB", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_DBM
- macro_create(US"_HAVE_LKUP_DBM", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_DBM", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_DNSDB
- macro_create(US"_HAVE_LKUP_DNSDB", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_DNSDB", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_DSEARCH
- macro_create(US"_HAVE_LKUP_DSEARCH", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_DSEARCH", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_IBASE
- macro_create(US"_HAVE_LKUP_IBASE", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_IBASE", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_LDAP
- macro_create(US"_HAVE_LKUP_LDAP", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_LDAP", US"y", FALSE, TRUE);
#endif
#ifdef EXPERIMENTAL_LMDB
- macro_create(US"_HAVE_LKUP_LMDB", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_LMDB", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_MYSQL
- macro_create(US"_HAVE_LKUP_MYSQL", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_MYSQL", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_NIS
- macro_create(US"_HAVE_LKUP_NIS", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_NIS", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_NISPLUS
- macro_create(US"_HAVE_LKUP_NISPLUS", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_NISPLUS", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_ORACLE
- macro_create(US"_HAVE_LKUP_ORACLE", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_ORACLE", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_PASSWD
- macro_create(US"_HAVE_LKUP_PASSWD", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_PASSWD", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_PGSQL
- macro_create(US"_HAVE_LKUP_PGSQL", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_PGSQL", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_REDIS
- macro_create(US"_HAVE_LKUP_REDIS", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_REDIS", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_SQLITE
- macro_create(US"_HAVE_LKUP_SQLITE", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_SQLITE", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_TESTDB
- macro_create(US"_HAVE_LKUP_TESTDB", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_TESTDB", US"y", FALSE, TRUE);
#endif
#ifdef LOOKUP_WHOSON
- macro_create(US"_HAVE_LKUP_WHOSON", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_LOOKUP_WHOSON", US"y", FALSE, TRUE);
#endif
#ifdef TRANSPORT_APPENDFILE
# ifdef SUPPORT_MAILDIR
- macro_create(US"_HAVE_TPT_APPEND_MAILDR", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_TRANSPORT_APPEND_MAILDIR", US"y", FALSE, TRUE);
# endif
# ifdef SUPPORT_MAILSTORE
- macro_create(US"_HAVE_TPT_APPEND_MAILSTORE", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_TRANSPORT_APPEND_MAILSTORE", US"y", FALSE, TRUE);
# endif
# ifdef SUPPORT_MBX
- macro_create(US"_HAVE_TPT_APPEND_MBX", US"y", FALSE, TRUE);
+ macro_create(US"_HAVE_TRANSPORT_APPEND_MBX", US"y", FALSE, TRUE);
# endif
#endif
}
void
-readconf_options_from_list(optionlist * opts, unsigned nopt, uschar * group)
+readconf_options_from_list(optionlist * opts, unsigned nopt, const uschar * section, uschar * group)
{
int i;
const uschar * s;
-/* Walk the array backwards to get substring-conflict names */
-for (i = nopt-1; i >= 0; i--) if (*(s = opts[i].name) && *s != '*')
- macro_create(string_sprintf("_OPT_%T_%T", group, s), US"y", FALSE, TRUE);
+/* The 'previously-defined-substring' rule for macros in config file
+lines is done so for these builtin macros: we know that the table
+we source from is in strict alpha order, hence the builtins portion
+of the macros list is in reverse-alpha (we prepend them) - so longer
+macros that have substrings are always discovered first during
+expansion. */
+
+for (i = 0; i < nopt; i++) if (*(s = US opts[i].name) && *s != '*')
+ if (group)
+ macro_create(string_sprintf("_OPT_%T_%T_%T", section, group, s), US"y", FALSE, TRUE);
+ else
+ macro_create(string_sprintf("_OPT_%T_%T", section, s), US"y", FALSE, TRUE);
}
static void
readconf_options(void)
{
-readconf_options_from_list(optionlist_config, nelem(optionlist_config), US"MAIN");
+readconf_options_from_list(optionlist_config, nelem(optionlist_config), US"MAIN", NULL);
readconf_options_routers();
readconf_options_transports();
readconf_options_auths();
(void)fclose(config_file);
config_file = config_file_stack->file;
config_filename = config_file_stack->filename;
+ config_directory = config_file_stack->directory;
config_lineno = config_file_stack->lineno;
config_file_stack = config_file_stack->next;
if (config_lines)
for (t = s; (p = CUstrchr(t, '_')); t = p+1)
if (c = p[1], c == 'O' || c == 'D' || c == 'H')
{
+/* fprintf(stderr, "%s: builtins create triggered by '%s'\n", __FUNCTION__, s); */
+ builtin_macros_create_trigger = string_copy(s);
macros_create_builtin();
break;
}
int moveby;
int replen = Ustrlen(m->replacement);
+/* fprintf(stderr, "%s: matched '%s' in '%s'\n", __FUNCTION__, m->name, t) */
/* Expand the buffer if necessary */
while (newlen - m->namelen + replen + 1 > big_buffer_size)
}
*t = 0;
+ /* We allow relative file names. For security reasons currently
+ relative names not allowed with .include_if_exists. For .include_if_exists
+ we need to check the permissions/ownership of the containing folder */
if (*ss != '/')
- log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, ".include specifies a non-"
- "absolute path \"%s\"", ss);
+ if (include_if_exists) log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN, ".include specifies a non-"
+ "absolute path \"%s\"", ss);
+ else
+ {
+ int offset = 0;
+ int size = 0;
+ ss = string_append(NULL, &size, &offset, 3, config_directory, "/", ss);
+ ss[offset] = '\0'; /* string_append() does not zero terminate the string! */
+ }
if (include_if_exists != 0 && (Ustat(ss, &statbuf) != 0)) continue;
config_file_stack = save;
save->file = config_file;
save->filename = config_filename;
+ save->directory = config_directory;
save->lineno = config_lineno;
if (!(config_file = Ufopen(ss, "rb")))
"configuration file %s", ss);
config_filename = string_copy(ss);
+ config_directory = string_copyn(ss, CUstrrchr(ss, '/') - ss);
config_lineno = 0;
continue;
}
/* We get a coverity error here for using count, as it derived
from the tainted buffer pointed to by s, as parsed by sscanf().
- By the definition of sscanf we must be aceessing between start
+ By the definition of sscanf we must be accessing between start
and end of s (assuming it is nul-terminated...) so ignore the error. */
/* coverity[tainted_data] */
if (s[count] == '.')
exim_setugid(exim_uid, exim_gid, FALSE,
US"calling tls_validate_require_cipher");
- errmsg = tls_validate_require_cipher();
- if (errmsg)
- {
+ if ((errmsg = tls_validate_require_cipher()))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"tls_require_ciphers invalid: %s", errmsg);
- }
fflush(NULL);
_exit(0);
}
if (config_file != NULL || errno != ENOENT) break;
}
-/* Now, once we found and opened our configuration file, we change the directory
-to a safe place. Later we change to $spool_directory. */
-
-if (Uchdir("/") < 0)
- {
- perror("exim: chdir `/': ");
- exit(EXIT_FAILURE);
- }
-
/* On success, save the name for verification; config_filename is used when
logging configuration errors (it changes for .included files) whereas
config_main_filename is the name shown by -bP. Failure to open a configuration
file is a serious disaster. */
-if (config_file != NULL)
+if (config_file)
{
- uschar *p;
+ uschar *last_slash = Ustrrchr(filename, '/');
config_filename = config_main_filename = string_copy(filename);
- p = Ustrrchr(filename, '/');
- config_main_directory = p ? string_copyn(filename, p - filename)
- : string_copy(US".");
+ /* The config_main_directory we need for the $config_dir expansion.
+ config_main_filename we need for $config_file expansion.
+ And config_dir is the directory of the current configuration, used for
+ relative .includes. We do need to know it's name, as we change our working
+ directory later. */
+
+ if (filename[0] == '/')
+ config_main_directory = last_slash == filename ? US"/" : string_copyn(filename, last_slash - filename);
+ else
+ {
+ /* relative configuration file name: working dir + / + basename(filename) */
+
+ uschar buf[PATH_MAX];
+ int offset = 0;
+ int size = 0;
+
+ if (os_getcwd(buf, PATH_MAX) == NULL)
+ {
+ perror("exim: getcwd");
+ exit(EXIT_FAILURE);
+ }
+ config_main_directory = string_cat(NULL, &size, &offset, buf);
+
+ /* If the dir does not end with a "/", append one */
+ if (config_main_directory[offset-1] != '/')
+ config_main_directory = string_catn(config_main_directory, &size, &offset, US"/", 1);
+
+ /* If the config file contains a "/", extract the directory part */
+ if (last_slash)
+ config_main_directory = string_catn(config_main_directory, &size, &offset, filename, last_slash - filename);
+
+ config_main_directory[offset] = '\0';
+ }
+ config_directory = config_main_directory;
}
else
{
"configuration file %s", filename));
}
+/* Now, once we found and opened our configuration file, we change the directory
+to a safe place. Later we change to $spool_directory. */
+
+if (Uchdir("/") < 0)
+ {
+ perror("exim: chdir `/': ");
+ exit(EXIT_FAILURE);
+ }
+
/* Check the status of the file we have opened, if we have retained root
privileges and the file isn't /dev/null (which *should* be 0666). */
while ((s = get_config_line()) != NULL)
{
+
+ if (config_lineno == 1 && Ustrstr(s, "\xef\xbb\xbf") == s)
+ log_write(0, LOG_PANIC_DIE|LOG_CONFIG_IN,
+ "found unexpected BOM (Byte Order Mark)");
+
if (isupper(s[0])) read_macro_assignment(s);
else if (Ustrncmp(s, "domainlist", 10) == 0)
"tls_dh_max_bits is too small, must be at least 1024 for interop");
/* If openssl_options is set, validate it */
-if (openssl_options != NULL)
+if (openssl_options)
{
# ifdef USE_GNUTLS
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"openssl_options is set but we're using GnuTLS");
# else
long dummy;
- if (!(tls_openssl_options_parse(openssl_options, &dummy)))
+ if (!tls_openssl_options_parse(openssl_options, &dummy))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
"openssl_options parse error: %s", openssl_options);
# endif
{
struct auth_info * ai;
-readconf_options_from_list(optionlist_auths, optionlist_auths_size, US"AU");
+readconf_options_from_list(optionlist_auths, optionlist_auths_size, US"AUTHENTICATORS", NULL);
for (ai = auths_available; ai->driver_name[0]; ai++)
{
- macro_create(string_sprintf("_DRVR_AUTH_%T", ai->driver_name), US"y", FALSE, TRUE);
- readconf_options_from_list(ai->options, (unsigned)*ai->options_count, ai->driver_name);
+ macro_create(string_sprintf("_DRIVER_AUTHENTICATOR_%T", ai->driver_name), US"y", FALSE, TRUE);
+ readconf_options_from_list(ai->options, (unsigned)*ai->options_count, US"AUTHENTICATOR", ai->driver_name);
}
}
projects / exim.git / blobdiff