void cleanup_post_jail(char *unused_name, char **unused_argv) { /* * Optionally set the file size resource limit. XXX This limits the * message content to somewhat less than requested, because the total * queue file size also includes envelope information. Unless people set * really low limit, the difference is going to matter only when a queue * file has lots of recipients. */ if (var_message_limit > 0) set_file_limit((off_t) var_message_limit); /* * Control how unmatched extensions are propagated. */ cleanup_ext_prop_mask = ext_prop_mask(VAR_PROP_EXTENSION, var_prop_extension); /* * Setup the filters for characters that should be rejected, and for * characters that should be removed. */ if (*var_msg_reject_chars) { cleanup_reject_chars = vstring_alloc(strlen(var_msg_reject_chars)); unescape(cleanup_reject_chars, var_msg_reject_chars); } if (*var_msg_strip_chars) { cleanup_strip_chars = vstring_alloc(strlen(var_msg_strip_chars)); unescape(cleanup_strip_chars, var_msg_strip_chars); } }
static void local_mask_init(void) { static const NAME_MASK file_mask[] = { "alias", EXPAND_TYPE_ALIAS, "forward", EXPAND_TYPE_FWD, "include", EXPAND_TYPE_INCL, 0, }; static const NAME_MASK command_mask[] = { "alias", EXPAND_TYPE_ALIAS, "forward", EXPAND_TYPE_FWD, "include", EXPAND_TYPE_INCL, 0, }; static const NAME_MASK deliver_mask[] = { "command", DELIVER_HDR_CMD, "file", DELIVER_HDR_FILE, "forward", DELIVER_HDR_FWD, 0, }; local_file_deliver_mask = name_mask(VAR_ALLOW_FILES, file_mask, var_allow_files); local_cmd_deliver_mask = name_mask(VAR_ALLOW_COMMANDS, command_mask, var_allow_commands); local_ext_prop_mask = ext_prop_mask(VAR_PROP_EXTENSION, var_prop_extension); local_deliver_hdr_mask = name_mask(VAR_DELIVER_HDR, deliver_mask, var_deliver_hdr); local_mbox_lock_mask = mbox_lock_mask(var_mailbox_lock); if (var_mailtool_compat) { msg_warn("%s: deprecated parameter, use \"%s = dotlock\" instead", VAR_MAILTOOL_COMPAT, VAR_MAILBOX_LOCK); local_mbox_lock_mask &= MBOX_DOT_LOCK; } if (local_mbox_lock_mask == 0) msg_fatal("parameter %s specifies no applicable mailbox locking method", VAR_MAILBOX_LOCK); }
static void pre_init(char *unused_name, char **unused_argv) { int use_tls; static const NAME_CODE addr_pref_map[] = { INET_PROTO_NAME_IPV6, SMTP_MISC_FLAG_PREF_IPV6, INET_PROTO_NAME_IPV4, SMTP_MISC_FLAG_PREF_IPV4, INET_PROTO_NAME_ANY, 0, 0, -1, }; /* * Turn on per-peer debugging. */ debug_peer_init(); /* * SASL initialization. */ if (var_smtp_sasl_enable) #ifdef USE_SASL_AUTH smtp_sasl_initialize(); #else msg_warn("%s is true, but SASL support is not compiled in", VAR_SMTP_SASL_ENABLE); #endif if (*var_smtp_tls_level != 0) switch (tls_level_lookup(var_smtp_tls_level)) { case TLS_LEV_SECURE: case TLS_LEV_VERIFY: case TLS_LEV_FPRINT: case TLS_LEV_ENCRYPT: var_smtp_use_tls = var_smtp_enforce_tls = 1; break; case TLS_LEV_MAY: var_smtp_use_tls = 1; var_smtp_enforce_tls = 0; break; case TLS_LEV_NONE: var_smtp_use_tls = var_smtp_enforce_tls = 0; break; default: /* tls_level_lookup() logs no warning. */ /* session_tls_init() assumes that var_smtp_tls_level is sane. */ msg_fatal("Invalid TLS level \"%s\"", var_smtp_tls_level); } use_tls = (var_smtp_use_tls || var_smtp_enforce_tls); /* * Initialize the TLS data before entering the chroot jail */ if (use_tls || var_smtp_tls_per_site[0] || var_smtp_tls_policy[0]) { #ifdef USE_TLS TLS_CLIENT_INIT_PROPS props; int using_smtp = (strcmp(var_procname, "smtp") == 0); /* * We get stronger type safety and a cleaner interface by combining * the various parameters into a single tls_client_props structure. * * Large parameter lists are error-prone, so we emulate a language * feature that C does not have natively: named parameter lists. */ smtp_tls_ctx = TLS_CLIENT_INIT(&props, log_param = using_smtp ? VAR_SMTP_TLS_LOGLEVEL : VAR_LMTP_TLS_LOGLEVEL, log_level = var_smtp_tls_loglevel, verifydepth = var_smtp_tls_scert_vd, cache_type = using_smtp ? TLS_MGR_SCACHE_SMTP : TLS_MGR_SCACHE_LMTP, cert_file = var_smtp_tls_cert_file, key_file = var_smtp_tls_key_file, dcert_file = var_smtp_tls_dcert_file, dkey_file = var_smtp_tls_dkey_file, eccert_file = var_smtp_tls_eccert_file, eckey_file = var_smtp_tls_eckey_file, CAfile = var_smtp_tls_CAfile, CApath = var_smtp_tls_CApath, fpt_dgst = var_smtp_tls_fpt_dgst); smtp_tls_list_init(); #else msg_warn("TLS has been selected, but TLS support is not compiled in"); #endif } /* * Flush client. */ flush_init(); /* * Session cache domain list. */ if (*var_smtp_cache_dest) smtp_cache_dest = string_list_init(MATCH_FLAG_RETURN, var_smtp_cache_dest); /* * EHLO keyword filter. */ if (*var_smtp_ehlo_dis_maps) smtp_ehlo_dis_maps = maps_create(VAR_SMTP_EHLO_DIS_MAPS, var_smtp_ehlo_dis_maps, DICT_FLAG_LOCK); /* * PIX bug workarounds. */ if (*var_smtp_pix_bug_maps) smtp_pix_bug_maps = maps_create(VAR_SMTP_PIX_BUG_MAPS, var_smtp_pix_bug_maps, DICT_FLAG_LOCK); /* * Generic maps. */ if (*var_prop_extension) smtp_ext_prop_mask = ext_prop_mask(VAR_PROP_EXTENSION, var_prop_extension); if (*var_smtp_generic_maps) smtp_generic_maps = maps_create(VAR_SMTP_GENERIC_MAPS, var_smtp_generic_maps, DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX); /* * Header/body checks. */ smtp_header_checks = hbc_header_checks_create( VAR_SMTP_HEAD_CHKS, var_smtp_head_chks, VAR_SMTP_MIME_CHKS, var_smtp_mime_chks, VAR_SMTP_NEST_CHKS, var_smtp_nest_chks, smtp_hbc_callbacks); smtp_body_checks = hbc_body_checks_create( VAR_SMTP_BODY_CHKS, var_smtp_body_chks, smtp_hbc_callbacks); /* * Server reply filter. */ if (*var_smtp_resp_filter) smtp_chat_resp_filter = dict_open(var_smtp_resp_filter, O_RDONLY, DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX); /* * Address family preference. */ if (*var_smtp_addr_pref) { smtp_addr_pref = name_code(addr_pref_map, NAME_CODE_FLAG_NONE, var_smtp_addr_pref); if (smtp_addr_pref < 0) msg_fatal("bad %s value: %s", VAR_SMTP_ADDR_PREF, var_smtp_addr_pref); } }