X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=blobdiff_plain;f=src%2Fsrc%2Fglobals.h;h=b229c1a077a655f056a9fccfe599a664e12f5fe8;hp=d267a52b7651ea2b6db857f3a73b64dbb86bc2db;hb=eb57651e8badf0b65af0371732e42f2ee5c7772c;hpb=bbaa92096a0720af1625982d024befac65d5909e diff --git a/src/src/globals.h b/src/src/globals.h index d267a52b7..b229c1a07 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -2,7 +2,7 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2009 */ +/* Copyright (c) University of Cambridge 1995 - 2013 */ /* See the file NOTICE for conditions of use and distribution. */ /* Almost all the global variables are defined together in this one header, so @@ -62,6 +62,10 @@ extern uschar *oracle_servers; /* List of servers and connect info */ extern uschar *pgsql_servers; /* List of servers and connect info */ #endif +#ifdef EXPERIMENTAL_REDIS +extern uschar *redis_servers; /* List of servers and connect info */ +#endif + #ifdef LOOKUP_SQLITE extern int sqlite_lock_timeout; /* Internal lock waiting timeout */ #endif @@ -74,16 +78,22 @@ extern BOOL move_frozen_messages; /* Get them out of the normal directory * cluttered in several places (e.g. during logging) if we can always refer to them. Also, the tls_ variables are now always visible. */ -extern int tls_active; /* fd/socket when in a TLS session */ -extern int tls_bits; /* bits used in TLS session */ -extern BOOL tls_certificate_verified; /* Client certificate verified */ -extern uschar *tls_cipher; /* Cipher used */ -extern BOOL tls_on_connect; /* For older MTAs that don't STARTTLS */ -extern uschar *tls_on_connect_ports; /* Ports always tls-on-connect */ -extern uschar *tls_peerdn; /* DN from peer */ +typedef struct { + int active; /* fd/socket when in a TLS session */ + int bits; /* bits used in TLS session */ + BOOL certificate_verified; /* Client certificate verified */ + uschar *cipher; /* Cipher used */ + BOOL on_connect; /* For older MTAs that don't STARTTLS */ + uschar *on_connect_ports; /* Ports always tls-on-connect */ + uschar *peerdn; /* DN from peer */ + uschar *sni; /* Server Name Indication */ +} tls_support; +extern tls_support tls_in; +extern tls_support tls_out; #ifdef SUPPORT_TLS extern BOOL gnutls_compat_mode; /* Less security, more compatibility */ +extern BOOL gnutls_allow_auto_pkcs11; /* Let GnuTLS autoload PKCS11 modules */ extern uschar *gnutls_require_mac; /* So some can be avoided */ extern uschar *gnutls_require_kx; /* So some can be avoided */ extern uschar *gnutls_require_proto; /* So some can be avoided */ @@ -93,14 +103,15 @@ extern uschar *tls_advertise_hosts; /* host for which TLS is advertised */ extern uschar *tls_certificate; /* Certificate file */ extern uschar *tls_channelbinding_b64; /* string of base64 channel binding */ extern uschar *tls_crl; /* CRL File */ +extern int tls_dh_max_bits; /* don't accept higher lib suggestions */ extern uschar *tls_dhparam; /* DH param file */ +#if defined(EXPERIMENTAL_OCSP) && !defined(USE_GNUTLS) +extern uschar *tls_ocsp_file; /* OCSP stapling proof file */ +#endif extern BOOL tls_offered; /* Server offered TLS */ extern uschar *tls_privatekey; /* Private key file */ extern BOOL tls_remember_esmtp; /* For YAEB */ extern uschar *tls_require_ciphers; /* So some can be avoided */ -#ifndef USE_GNUTLS -extern uschar *tls_sni; /* Server Name Indication */ -#endif extern uschar *tls_try_verify_hosts; /* Optional client verification */ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ @@ -126,16 +137,24 @@ extern uschar **address_expansions[ADDRESS_EXPANSIONS_COUNT]; /* General global variables */ extern BOOL accept_8bitmime; /* Allow *BITMIME incoming */ +extern int body_8bitmime; /* sender declared BODY= ; 7=7BIT, 8=8BITMIME */ extern header_line *acl_added_headers; /* Headers added by an ACL */ extern tree_node *acl_anchor; /* Tree of named ACLs */ +extern uschar *acl_arg[9]; /* Argument to ACL call */ +extern int acl_narg; /* Number of arguments to ACL call */ extern uschar *acl_not_smtp; /* ACL run for non-SMTP messages */ #ifdef WITH_CONTENT_SCAN extern uschar *acl_not_smtp_mime; /* For MIME parts of ditto */ #endif extern uschar *acl_not_smtp_start; /* ACL run at the beginning of a non-SMTP session */ +extern uschar *acl_removed_headers; /* Headers deleted by an ACL */ extern uschar *acl_smtp_auth; /* ACL run for AUTH */ extern uschar *acl_smtp_connect; /* ACL run on SMTP connection */ extern uschar *acl_smtp_data; /* ACL run after DATA received */ +#ifdef EXPERIMENTAL_PRDR +extern uschar *acl_smtp_data_prdr; /* ACL run after DATA received if in PRDR mode*/ +const extern pcre *regex_PRDR; /* For recognizing PRDR settings */ +#endif #ifndef DISABLE_DKIM extern uschar *acl_smtp_dkim; /* ACL run for DKIM signatures / domains */ #endif @@ -177,6 +196,7 @@ extern BOOL allow_mx_to_ip; /* Allow MX records to -> ip address */ extern BOOL allow_unqualified_recipient; /* As it says */ extern BOOL allow_unqualified_sender; /* Ditto */ extern BOOL allow_utf8_domains; /* For experimenting */ +extern uschar *authenticated_fail_id; /* ID that failed authentication */ extern uschar *authenticated_id; /* ID that was authenticated */ extern uschar *authenticated_sender; /* From AUTH on MAIL */ extern BOOL authentication_failed; /* TRUE if AUTH was tried and failed */ @@ -227,6 +247,9 @@ extern int check_log_space; /* Minimum for message acceptance */ extern BOOL check_rfc2047_length; /* Check RFC 2047 encoded string length */ extern int check_spool_inodes; /* Minimum for message acceptance */ extern int check_spool_space; /* Minimum for message acceptance */ +extern uschar *client_authenticator; /* Authenticator name used for smtp delivery */ +extern uschar *client_authenticated_id; /* "login" name used for SMTP AUTH */ +extern uschar *client_authenticated_sender; /* AUTH option to SMTP MAIL FROM (not yet used) */ extern int clmacro_count; /* Number of command line macros */ extern uschar *clmacros[]; /* Copy of them, for re-exec */ extern int connection_max_messages;/* Max down one SMTP connection */ @@ -249,6 +272,8 @@ extern int continue_sequence; /* Sequence num for continued delivery */ extern uschar *continue_transport; /* Transport for continued delivery */ extern uschar *csa_status; /* Client SMTP Authorization result */ +extern BOOL cutthrough_delivery; /* Deliver in foreground */ +extern int cutthrough_fd; /* Connection for ditto */ extern BOOL daemon_listen; /* True if listening required */ extern uschar *daemon_smtp_port; /* Can be a list of ports */ @@ -326,6 +351,19 @@ extern uschar *dkim_verify_signers; /* Colon-separated list of domains for ea extern BOOL dkim_collect_input; /* Runtime flag that tracks wether SMTP input is fed to DKIM validation */ extern BOOL dkim_disable_verify; /* Set via ACL control statement. When set, DKIM verification is disabled for the current message */ #endif +#ifdef EXPERIMENTAL_DMARC +extern BOOL dmarc_has_been_checked; /* Global variable to check if test has been called yet */ +extern uschar *dmarc_ar_header; /* Expansion variable, suggested header for dmarc auth results */ +extern uschar *dmarc_domain_policy; /* Expansion for declared policy of used domain */ +extern uschar *dmarc_forensic_sender; /* Set sender address for forensic reports */ +extern uschar *dmarc_history_file; /* Expansion variable, file to store dmarc results */ +extern uschar *dmarc_status; /* Expansion variable, one word value */ +extern uschar *dmarc_status_text; /* Expansion variable, human readable value */ +extern uschar *dmarc_tld_file; /* Mozilla TLDs text file */ +extern uschar *dmarc_used_domain; /* Expansion variable, domain libopendmarc chose for DMARC policy lookup */ +extern BOOL dmarc_disable_verify; /* Set via ACL control statement. When set, DMARC verification is disabled for the current message */ +extern BOOL dmarc_enable_forensic; /* Set via ACL control statement. When set, DMARC forensic reports are enabled for the current message */ +#endif extern uschar *dns_again_means_nonexist; /* Domains that are badly set up */ extern int dns_csa_search_limit; /* How deep to search for CSA SRV records */ @@ -333,6 +371,7 @@ extern BOOL dns_csa_use_reverse; /* Check CSA in reverse DNS? (non-standar extern uschar *dns_ipv4_lookup; /* For these domains, don't look for AAAA (or A6) */ extern int dns_retrans; /* Retransmission time setting */ extern int dns_retry; /* Number of retries */ +extern int dns_dnssec_ok; /* When constructing DNS query, set DO flag */ extern int dns_use_edns0; /* Coerce EDNS0 support on/off in resolver. */ extern uschar *dnslist_domain; /* DNS (black) list domain */ extern uschar *dnslist_matched; /* DNS (black) list matched key */ @@ -358,6 +397,7 @@ extern int errors_sender_rc; /* Return after message to sender*/ extern gid_t exim_gid; /* To be used with exim_uid */ extern BOOL exim_gid_set; /* TRUE if exim_gid set */ extern uschar *exim_path; /* Path to exec exim */ +extern const uschar *exim_sieve_extension_list[]; /* list of sieve extensions */ extern uid_t exim_uid; /* Non-root uid for exim */ extern BOOL exim_uid_set; /* TRUE if exim_uid set */ extern int expand_forbid; /* RDO flags for forbidding things */ @@ -542,6 +582,10 @@ extern uschar *percent_hack_domains; /* Local domains for which '% operates */ extern uschar *pid_file_path; /* For writing daemon pids */ extern uschar *pipelining_advertise_hosts; /* As it says */ extern BOOL pipelining_enable; /* As it says */ +#ifdef EXPERIMENTAL_PRDR +extern BOOL prdr_enable; /* As it says */ +extern BOOL prdr_requested; /* Connecting mail server wants PRDR */ +#endif extern BOOL preserve_message_logs; /* Save msglog files */ extern uschar *primary_hostname; /* Primary name of this computer */ extern BOOL print_topbitchars; /* Topbit chars are printing chars */ @@ -549,6 +593,17 @@ extern uschar process_info[]; /* For SIGUSR1 output */ extern int process_info_len; extern uschar *process_log_path; /* Alternate path */ extern BOOL prod_requires_admin; /* TRUE if prodding requires admin */ + +#ifdef EXPERIMENTAL_PROXY +extern uschar *proxy_host_address; /* IP of host being proxied */ +extern int proxy_host_port; /* Port of host being proxied */ +extern uschar *proxy_required_hosts; /* Hostlist which (require) use proxy protocol */ +extern BOOL proxy_session; /* TRUE if receiving mail from valid proxy */ +extern BOOL proxy_session_failed; /* TRUE if required proxy negotiation failed */ +extern uschar *proxy_target_address; /* IP of proxy server inbound */ +extern int proxy_target_port; /* Port of proxy server inbound */ +#endif + extern uschar *prvscheck_address; /* Set during prvscheck expansion item */ extern uschar *prvscheck_keynum; /* Set during prvscheck expansion item */ extern uschar *prvscheck_result; /* Set during prvscheck expansion item */ @@ -639,6 +694,7 @@ extern uid_t root_uid; /* The uid for root */ extern router_info routers_available[];/* Vector of available routers */ extern router_instance *routers; /* Chain of instantiated routers */ extern router_instance router_defaults;/* Default values */ +extern uschar *router_name; /* Name of router last started */ extern BOOL running_in_test_harness; /*TRUE when running_status is patched */ extern ip_address_item *running_interfaces; /* Host's running interfaces */ extern uschar *running_status; /* Flag string for testing */ @@ -657,6 +713,7 @@ extern uschar *sender_fullhost; /* Sender host name + address */ extern uschar *sender_helo_name; /* Host name from HELO/EHLO */ extern uschar **sender_host_aliases; /* Points to list of alias names */ extern unsigned int sender_host_cache[(MAX_NAMED_LIST * 2)/32]; /* Cache bits for incoming host */ +extern BOOL sender_host_dnssec; /* true if sender_host_name verified in DNSSEC */ extern BOOL sender_host_notsocket; /* Set for -bs and -bS */ extern BOOL sender_host_unknown; /* TRUE for -bs and -bS except inetd */ extern uschar *sender_ident; /* Sender identity via RFC 1413 */ @@ -766,6 +823,7 @@ extern uschar *submission_domain; /* Domain for submission mode */ extern BOOL submission_mode; /* Can be forced from ACL */ extern uschar *submission_name; /* User name set from ACL */ extern BOOL suppress_local_fixups; /* Can be forced from ACL */ +extern BOOL suppress_local_fixups_default; /* former is reset to this; override with -G */ extern BOOL synchronous_delivery; /* TRUE if -odi is set */ extern BOOL syslog_duplication; /* FALSE => no duplicate logging */ extern int syslog_facility; /* As defined by Syslog.h */ @@ -792,6 +850,19 @@ extern int test_harness_load_avg; /* For use when testing */ extern int thismessage_size_limit; /* Limit for this message */ extern int timeout_frozen_after; /* Max time to keep frozen messages */ extern BOOL timestamps_utc; /* Use UTC for all times */ + +#ifdef EXPERIMENTAL_TPDA +extern int tpda_defer_errno; /* error number set when a remote delivery is deferred with a host error */ +extern uschar *tpda_defer_errstr; /* error string set when a remote delivery is deferred with a host error */ +extern uschar *tpda_delivery_ip; /* IP of host, which has accepted delivery */ +extern int tpda_delivery_port; /* port of host, which has accepted delivery */ +extern uschar *tpda_delivery_fqdn; /* FQDN of host, which has accepted delivery */ +extern uschar *tpda_delivery_local_part;/* local part of address being delivered */ +extern uschar *tpda_delivery_domain; /* domain part of address being delivered */ +extern uschar *tpda_delivery_confirmation; /* SMTP confirmation message */ +#endif + +extern uschar *transport_name; /* Name of transport last started */ extern int transport_count; /* Count of bytes transported */ extern int transport_newlines; /* Accurate count of number of newline chars transported */ extern uschar **transport_filter_argv; /* For on-the-fly filtering */