X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fexim.c;h=a30e35bcab64fb038b26fae462c1d372084299be;hb=f0fe22cbc29ee4f887aa254f2590a9e72401e237;hp=388743f8dc8a58b31e09ab0aa59ffccb0bf81696;hpb=1a2e76e1676bf405a464a233950a95012533c227;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/src/src/exim.c b/src/src/exim.c index 388743f8d..a30e35bca 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -901,7 +901,7 @@ fprintf(fp, "Support for:"); #ifndef DISABLE_OCSP fprintf(fp, " OCSP"); #endif -#ifdef SUPPORT_PIPE_CONNECT +#ifndef DISABLE_PIPE_CONNECT fprintf(fp, " PIPE_CONNECT"); #endif #ifndef DISABLE_PRDR @@ -920,7 +920,7 @@ fprintf(fp, "Support for:"); fprintf(fp, " DMARC"); #endif #ifdef TCP_FASTOPEN - deliver_init(); + tcp_init(); if (f.tcp_fastopen_ok) fprintf(fp, " TCP_Fast_Open"); #endif #ifdef EXPERIMENTAL_LMDB @@ -929,7 +929,7 @@ fprintf(fp, "Support for:"); #ifdef EXPERIMENTAL_QUEUEFILE fprintf(fp, " Experimental_QUEUEFILE"); #endif -#ifdef EXPERIMENTAL_SRS +#if defined(EXPERIMENTAL_SRS) || defined(EXPERIMENTAL_SRS_NATIVE) fprintf(fp, " Experimental_SRS"); #endif #ifdef EXPERIMENTAL_ARC @@ -1593,6 +1593,10 @@ because some OS define it in /usr/include/unistd.h. */ extern char **environ; +#ifdef MEASURE_TIMING +(void)gettimeofday(×tamp_startup, NULL); +#endif + /* If the Exim user and/or group and/or the configuration file owner/group were defined by ref:name at build time, we must now find the actual uid/gid values. This is a feature to make the lives of binary distributors easier. */ @@ -2665,7 +2669,7 @@ for (i = 1; i < argc; i++) exim_fail("exim: getsockname() failed after -MC option: %s\n", strerror(errno)); - if (f.running_in_test_harness) millisleep(500); + testharness_pause_ms(500); break; } @@ -3464,7 +3468,7 @@ if (debug_selector != 0) debug_file = stderr; debug_fd = fileno(debug_file); f.background_daemon = FALSE; - if (f.running_in_test_harness) millisleep(100); /* lets caller finish */ + testharness_pause_ms(100); /* lets caller finish */ if (debug_selector != D_v) /* -v only doesn't show this */ { debug_printf("Exim version %s uid=%ld gid=%ld pid=%d D=%x\n", @@ -3686,7 +3690,18 @@ If any of these options is set, we suppress warnings about configuration issues (currently about tls_advertise_hosts and keep_environment not being defined) */ -readconf_main(checking || list_options); + { +#ifdef MEASURE_TIMING + struct timeval t0, diff; + (void)gettimeofday(&t0, NULL); +#endif + + readconf_main(checking || list_options); + +#ifdef MEASURE_TIMING + report_time_since(&t0, US"readconf_main (delta)"); +#endif + } /* Now in directory "/" */ @@ -4294,7 +4309,18 @@ if (msg_action_arg > 0 && msg_action != MSG_DELIVER && msg_action != MSG_LOAD) Now, since the intro of the ${acl } expansion, ACL definitions may be needed in transports so we lost the optimisation. */ -readconf_rest(); + { +#ifdef MEASURE_TIMING + struct timeval t0, diff; + (void)gettimeofday(&t0, NULL); +#endif + + readconf_rest(); + +#ifdef MEASURE_TIMING + report_time_since(&t0, US"readconf_rest (delta)"); +#endif + } /* Handle the -brt option. This is for checking out retry configurations. The next three arguments are a domain name or a complete address, and @@ -4454,12 +4480,9 @@ if (list_config) } -/* Initialise subsystems as required */ -#ifndef DISABLE_DKIM -dkim_exim_init(); -#endif -deliver_init(); +/* Initialise subsystems as required. */ +tcp_init(); /* Handle a request to deliver one or more messages that are already on the queue. Values of msg_action other than MSG_DELIVER and MSG_LOAD are dealt with @@ -4654,6 +4677,23 @@ if (f.daemon_listen || f.inetd_wait_mode || queue_interval > 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Daemon cannot be run when " "mua_wrapper is set"); } + +# ifndef DISABLE_TLS + /* This also checks that the library linkage is working and we can call + routines in it, so call even if tls_require_ciphers is unset */ + { +# ifdef MEASURE_TIMING + struct timeval t0, diff; + (void)gettimeofday(&t0, NULL); +# endif + if (!tls_dropprivs_validate_require_cipher(FALSE)) + exit(1); +# ifdef MEASURE_TIMING + report_time_since(&t0, US"validate_ciphers (delta)"); +# endif + } +#endif + daemon_go(); } @@ -4769,8 +4809,9 @@ if (verify_address_mode || f.address_test_mode) { while (recipients_arg < argc) { - uschar *s = argv[recipients_arg++]; - while (*s != 0) + /* Supplied addresses are tainted since they come from a user */ + uschar * s = string_copy_taint(argv[recipients_arg++], TRUE); + while (*s) { BOOL finished = FALSE; uschar *ss = parse_find_address_end(s, FALSE); @@ -4778,16 +4819,16 @@ if (verify_address_mode || f.address_test_mode) test_address(s, flags, &exit_value); s = ss; if (!finished) - while (*(++s) != 0 && (*s == ',' || isspace(*s))); + while (*++s == ',' || isspace(*s)) ; } } } else for (;;) { - uschar *s = get_stdinput(NULL, NULL); - if (s == NULL) break; - test_address(s, flags, &exit_value); + uschar * s = get_stdinput(NULL, NULL); + if (!s) break; + test_address(string_copy_taint(s, TRUE), flags, &exit_value); } route_tidyup(); @@ -5281,13 +5322,13 @@ while (more) raw_sender = string_copy(sender_address); - /* Loop for each argument */ + /* Loop for each argument (supplied by user hence tainted) */ for (int i = 0; i < count; i++) { int start, end, domain; - uschar *errmess; - uschar *s = list[i]; + uschar * errmess; + uschar * s = string_copy_taint(list[i], TRUE); /* Loop for each comma-separated address */