sendmail/src/readcf.c

38032Speter/*
261194Sgshapiro * Copyright (c) 1998-2006, 2008-2010, 2013 Proofpoint, Inc. and its suppliers.
64562Sgshapiro *	All rights reserved.
38032Speter * Copyright (c) 1983, 1995-1997 Eric P. Allman.  All rights reserved.
38032Speter * Copyright (c) 1988, 1993
38032Speter *	The Regents of the University of California.  All rights reserved.
38032Speter *
38032Speter * By using this file, you agree to the terms and conditions set
38032Speter * forth in the LICENSE file which can be found at the top level of
38032Speter * the sendmail distribution.
38032Speter *
38032Speter */
38032Speter
64562Sgshapiro#include <sendmail.h>
168515Sgshapiro#include <sm/sendmail.h>
363466Sgshapiro#if STARTTLS
363466Sgshapiro# include <tls.h>
363466Sgshapiro#endif
363466Sgshapiro#if DNSSEC_TEST
363466Sgshapiro# include <sm_resolve.h>
363466Sgshapiro#endif
38032Speter
266527SgshapiroSM_RCSID("@(#)$Id: readcf.c,v 8.692 2013-11-22 20:51:56 ca Exp $")
64562Sgshapiro
64562Sgshapiro#if NETINET || NETINET6
64562Sgshapiro# include <arpa/inet.h>
363466Sgshapiro#endif
64562Sgshapiro
223067Sgshapiro
64562Sgshapiro#define SECONDS
64562Sgshapiro#define MINUTES	* 60
64562Sgshapiro#define HOUR	* 3600
64562Sgshapiro#define HOURS	HOUR
64562Sgshapiro
94334Sgshapirostatic void	fileclass __P((int, char *, char *, bool, bool, bool));
64562Sgshapirostatic char	**makeargv __P((char *));
64562Sgshapirostatic void	settimeout __P((char *, char *, bool));
64562Sgshapirostatic void	toomany __P((int, int));
90792Sgshapirostatic char	*extrquotstr __P((char *, char **, char *, bool *));
141858Sgshapirostatic void	parse_class_words __P((int, char *));
64562Sgshapiro
285229Sgshapiro
285229Sgshapiro#if _FFR_BOUNCE_QUEUE
285229Sgshapirostatic char *bouncequeue = NULL;
285229Sgshapirostatic void initbouncequeue __P((void));
285229Sgshapiro
38032Speter/*
285229Sgshapiro**  INITBOUNCEQUEUE -- determine BounceQueue if option is set.
285229Sgshapiro**
285229Sgshapiro**	Parameters:
285229Sgshapiro**		none.
285229Sgshapiro**
285229Sgshapiro**	Returns:
285229Sgshapiro**		none.
285229Sgshapiro**
285229Sgshapiro**	Side Effects:
285229Sgshapiro**		sets BounceQueue
285229Sgshapiro*/
285229Sgshapiro
285229Sgshapirostatic void
285229Sgshapiroinitbouncequeue()
285229Sgshapiro{
285229Sgshapiro	STAB *s;
285229Sgshapiro
285229Sgshapiro	BounceQueue = NOQGRP;
285229Sgshapiro	if (bouncequeue == NULL || bouncequeue[0] == '\0')
285229Sgshapiro		return;
285229Sgshapiro
285229Sgshapiro	s = stab(bouncequeue, ST_QUEUE, ST_FIND);
285229Sgshapiro	if (s == NULL)
285229Sgshapiro	{
285229Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
285229Sgshapiro			"Warning: option BounceQueue: unknown queue group %s\n",
285229Sgshapiro			bouncequeue);
285229Sgshapiro	}
285229Sgshapiro	else
285229Sgshapiro		BounceQueue = s->s_quegrp->qg_index;
285229Sgshapiro}
285229Sgshapiro#endif /* _FFR_BOUNCE_QUEUE */
285229Sgshapiro
285229Sgshapiro#if _FFR_RCPTFLAGS
285229Sgshapirovoid setupdynmailers __P((void));
285229Sgshapiro#else
285229Sgshapiro#define setupdynmailers()
285229Sgshapiro#endif
285229Sgshapiro
285229Sgshapiro/*
38032Speter**  READCF -- read configuration file.
38032Speter**
38032Speter**	This routine reads the configuration file and builds the internal
38032Speter**	form.
38032Speter**
38032Speter**	The file is formatted as a sequence of lines, each taken
38032Speter**	atomically.  The first character of each line describes how
38032Speter**	the line is to be interpreted.  The lines are:
38032Speter**		Dxval		Define macro x to have value val.
38032Speter**		Cxword		Put word into class x.
38032Speter**		Fxfile [fmt]	Read file for lines to put into
38032Speter**				class x.  Use scanf string 'fmt'
38032Speter**				or "%s" if not present.  Fmt should
38032Speter**				only produce one string-valued result.
38032Speter**		Hname: value	Define header with field-name 'name'
38032Speter**				and value as specified; this will be
38032Speter**				macro expanded immediately before
38032Speter**				use.
38032Speter**		Sn		Use rewriting set n.
38032Speter**		Rlhs rhs	Rewrite addresses that match lhs to
38032Speter**				be rhs.
38032Speter**		Mn arg=val...	Define mailer.  n is the internal name.
38032Speter**				Args specify mailer parameters.
38032Speter**		Oxvalue		Set option x to value.
90792Sgshapiro**		O option value	Set option (long name) to value.
38032Speter**		Pname=value	Set precedence name to value.
90792Sgshapiro**		Qn arg=val...	Define queue groups.  n is the internal name.
90792Sgshapiro**				Args specify queue parameters.
38032Speter**		Vversioncode[/vendorcode]
38032Speter**				Version level/vendor name of
38032Speter**				configuration syntax.
38032Speter**		Kmapname mapclass arguments....
38032Speter**				Define keyed lookup of a given class.
38032Speter**				Arguments are class dependent.
38032Speter**		Eenvar=value	Set the environment value to the given value.
38032Speter**
38032Speter**	Parameters:
38032Speter**		cfname -- configuration file name.
90792Sgshapiro**		safe -- true if this is the system config file;
90792Sgshapiro**			false otherwise.
38032Speter**		e -- the main envelope.
38032Speter**
38032Speter**	Returns:
38032Speter**		none.
38032Speter**
38032Speter**	Side Effects:
38032Speter**		Builds several internal tables.
38032Speter*/
38032Speter
38032Spetervoid
38032Speterreadcf(cfname, safe, e)
38032Speter	char *cfname;
38032Speter	bool safe;
38032Speter	register ENVELOPE *e;
38032Speter{
90792Sgshapiro	SM_FILE_T *cf;
64562Sgshapiro	int ruleset = -1;
38032Speter	char *q;
38032Speter	struct rewrite *rwp = NULL;
38032Speter	char *bp;
38032Speter	auto char *ep;
38032Speter	int nfuzzy;
38032Speter	char *file;
38032Speter	bool optional;
90792Sgshapiro	bool ok;
94334Sgshapiro	bool ismap;
38032Speter	int mid;
38032Speter	register char *p;
64562Sgshapiro	long sff = SFF_OPENASROOT;
38032Speter	struct stat statb;
38032Speter	char buf[MAXLINE];
168515Sgshapiro	int bufsize;
38032Speter	char exbuf[MAXLINE];
38032Speter	char pvpbuf[MAXLINE + MAXATOM];
38032Speter	static char *null_list[1] = { NULL };
90792Sgshapiro	extern unsigned char TokTypeNoC[];
38032Speter
38032Speter	FileName = cfname;
38032Speter	LineNumber = 0;
38032Speter
38032Speter	if (DontLockReadFiles)
38032Speter		sff |= SFF_NOLOCK;
38032Speter	cf = safefopen(cfname, O_RDONLY, 0444, sff);
38032Speter	if (cf == NULL)
38032Speter	{
38032Speter		syserr("cannot open");
90792Sgshapiro		finis(false, true, EX_OSFILE);
38032Speter	}
38032Speter
90792Sgshapiro	if (fstat(sm_io_getinfo(cf, SM_IO_WHAT_FD, NULL), &statb) < 0)
38032Speter	{
38032Speter		syserr("cannot fstat");
90792Sgshapiro		finis(false, true, EX_OSFILE);
38032Speter	}
38032Speter
38032Speter	if (!S_ISREG(statb.st_mode))
38032Speter	{
38032Speter		syserr("not a plain file");
90792Sgshapiro		finis(false, true, EX_OSFILE);
38032Speter	}
38032Speter
38032Speter	if (OpMode != MD_TEST && bitset(S_IWGRP|S_IWOTH, statb.st_mode))
38032Speter	{
203004Sgshapiro		if (OpMode == MD_DAEMON || OpMode == MD_INITALIAS || OpMode == MD_CHECKCONFIG)
90792Sgshapiro			(void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
90792Sgshapiro					     "%s: WARNING: dangerous write permissions\n",
90792Sgshapiro					     FileName);
38032Speter		if (LogLevel > 0)
38032Speter			sm_syslog(LOG_CRIT, NOQID,
64562Sgshapiro				  "%s: WARNING: dangerous write permissions",
64562Sgshapiro				  FileName);
38032Speter	}
38032Speter
90792Sgshapiro#if XLA
38032Speter	xla_zero();
363466Sgshapiro#endif
38032Speter
168515Sgshapiro	while (bufsize = sizeof(buf),
168515Sgshapiro	       (bp = fgetfolded(buf, &bufsize, cf)) != NULL)
38032Speter	{
168515Sgshapiro		char *nbp;
168515Sgshapiro
38032Speter		if (bp[0] == '#')
38032Speter		{
38032Speter			if (bp != buf)
90792Sgshapiro				sm_free(bp); /* XXX */
38032Speter			continue;
38032Speter		}
38032Speter
38032Speter		/* do macro expansion mappings */
168515Sgshapiro		nbp = translate_dollars(bp, bp, &bufsize);
168515Sgshapiro		if (nbp != bp && bp != buf)
168515Sgshapiro			sm_free(bp);
168515Sgshapiro		bp = nbp;
38032Speter
38032Speter		/* interpret this line */
38032Speter		errno = 0;
38032Speter		switch (bp[0])
38032Speter		{
38032Speter		  case '\0':
38032Speter		  case '#':		/* comment */
38032Speter			break;
38032Speter
38032Speter		  case 'R':		/* rewriting rule */
64562Sgshapiro			if (ruleset < 0)
64562Sgshapiro			{
64562Sgshapiro				syserr("missing valid ruleset for \"%s\"", bp);
64562Sgshapiro				break;
64562Sgshapiro			}
38032Speter			for (p = &bp[1]; *p != '\0' && *p != '\t'; p++)
38032Speter				continue;
38032Speter
38032Speter			if (*p == '\0')
38032Speter			{
38032Speter				syserr("invalid rewrite line \"%s\" (tab expected)", bp);
38032Speter				break;
38032Speter			}
38032Speter
38032Speter			/* allocate space for the rule header */
38032Speter			if (rwp == NULL)
38032Speter			{
38032Speter				RewriteRules[ruleset] = rwp =
168515Sgshapiro					(struct rewrite *) xalloc(sizeof(*rwp));
38032Speter			}
38032Speter			else
38032Speter			{
168515Sgshapiro				rwp->r_next = (struct rewrite *) xalloc(sizeof(*rwp));
38032Speter				rwp = rwp->r_next;
38032Speter			}
38032Speter			rwp->r_next = NULL;
38032Speter
38032Speter			/* expand and save the LHS */
38032Speter			*p = '\0';
168515Sgshapiro			expand(&bp[1], exbuf, sizeof(exbuf), e);
38032Speter			rwp->r_lhs = prescan(exbuf, '\t', pvpbuf,
168515Sgshapiro					     sizeof(pvpbuf), NULL,
168515Sgshapiro					     ConfigLevel >= 9 ? TokTypeNoC : IntTokenTab,
132943Sgshapiro					     true);
38032Speter			nfuzzy = 0;
38032Speter			if (rwp->r_lhs != NULL)
38032Speter			{
38032Speter				register char **ap;
38032Speter
90792Sgshapiro				rwp->r_lhs = copyplist(rwp->r_lhs, true, NULL);
38032Speter
38032Speter				/* count the number of fuzzy matches in LHS */
38032Speter				for (ap = rwp->r_lhs; *ap != NULL; ap++)
38032Speter				{
38032Speter					char *botch;
38032Speter
38032Speter					botch = NULL;
168515Sgshapiro					switch (ap[0][0] & 0377)
38032Speter					{
38032Speter					  case MATCHZANY:
38032Speter					  case MATCHANY:
38032Speter					  case MATCHONE:
38032Speter					  case MATCHCLASS:
38032Speter					  case MATCHNCLASS:
38032Speter						nfuzzy++;
38032Speter						break;
38032Speter
38032Speter					  case MATCHREPL:
168515Sgshapiro						botch = "$1-$9";
38032Speter						break;
38032Speter
38032Speter					  case CANONUSER:
38032Speter						botch = "$:";
38032Speter						break;
38032Speter
38032Speter					  case CALLSUBR:
38032Speter						botch = "$>";
38032Speter						break;
38032Speter
38032Speter					  case CONDIF:
38032Speter						botch = "$?";
38032Speter						break;
38032Speter
38032Speter					  case CONDFI:
38032Speter						botch = "$.";
38032Speter						break;
38032Speter
38032Speter					  case HOSTBEGIN:
38032Speter						botch = "$[";
38032Speter						break;
38032Speter
38032Speter					  case HOSTEND:
38032Speter						botch = "$]";
38032Speter						break;
38032Speter
38032Speter					  case LOOKUPBEGIN:
38032Speter						botch = "$(";
38032Speter						break;
38032Speter
38032Speter					  case LOOKUPEND:
38032Speter						botch = "$)";
38032Speter						break;
38032Speter					}
38032Speter					if (botch != NULL)
38032Speter						syserr("Inappropriate use of %s on LHS",
38032Speter							botch);
38032Speter				}
64562Sgshapiro				rwp->r_line = LineNumber;
38032Speter			}
38032Speter			else
38032Speter			{
38032Speter				syserr("R line: null LHS");
38032Speter				rwp->r_lhs = null_list;
38032Speter			}
82017Sgshapiro			if (nfuzzy > MAXMATCH)
82017Sgshapiro			{
82017Sgshapiro				syserr("R line: too many wildcards");
82017Sgshapiro				rwp->r_lhs = null_list;
82017Sgshapiro			}
38032Speter
38032Speter			/* expand and save the RHS */
38032Speter			while (*++p == '\t')
38032Speter				continue;
38032Speter			q = p;
38032Speter			while (*p != '\0' && *p != '\t')
38032Speter				p++;
38032Speter			*p = '\0';
168515Sgshapiro			expand(q, exbuf, sizeof(exbuf), e);
38032Speter			rwp->r_rhs = prescan(exbuf, '\t', pvpbuf,
168515Sgshapiro					     sizeof(pvpbuf), NULL,
168515Sgshapiro					     ConfigLevel >= 9 ? TokTypeNoC : IntTokenTab,
132943Sgshapiro					     true);
38032Speter			if (rwp->r_rhs != NULL)
38032Speter			{
38032Speter				register char **ap;
120256Sgshapiro				int args, endtoken;
120256Sgshapiro#if _FFR_EXTRA_MAP_CHECK
120256Sgshapiro				int nexttoken;
363466Sgshapiro#endif
120256Sgshapiro				bool inmap;
38032Speter
90792Sgshapiro				rwp->r_rhs = copyplist(rwp->r_rhs, true, NULL);
38032Speter
38032Speter				/* check no out-of-bounds replacements */
38032Speter				nfuzzy += '0';
120256Sgshapiro				inmap = false;
120256Sgshapiro				args = 0;
120256Sgshapiro				endtoken = 0;
38032Speter				for (ap = rwp->r_rhs; *ap != NULL; ap++)
38032Speter				{
38032Speter					char *botch;
38032Speter
38032Speter					botch = NULL;
168515Sgshapiro					switch (ap[0][0] & 0377)
38032Speter					{
38032Speter					  case MATCHREPL:
168515Sgshapiro						if (ap[0][1] <= '0' ||
168515Sgshapiro						    ap[0][1] > nfuzzy)
38032Speter						{
38032Speter							syserr("replacement $%c out of bounds",
168515Sgshapiro								ap[0][1]);
38032Speter						}
38032Speter						break;
38032Speter
38032Speter					  case MATCHZANY:
38032Speter						botch = "$*";
38032Speter						break;
38032Speter
38032Speter					  case MATCHANY:
38032Speter						botch = "$+";
38032Speter						break;
38032Speter
38032Speter					  case MATCHONE:
38032Speter						botch = "$-";
38032Speter						break;
38032Speter
38032Speter					  case MATCHCLASS:
38032Speter						botch = "$=";
38032Speter						break;
38032Speter
38032Speter					  case MATCHNCLASS:
38032Speter						botch = "$~";
38032Speter						break;
90792Sgshapiro
120256Sgshapiro					  case CANONHOST:
120256Sgshapiro						if (!inmap)
120256Sgshapiro							break;
120256Sgshapiro						if (++args >= MAX_MAP_ARGS)
120256Sgshapiro							syserr("too many arguments for map lookup");
120256Sgshapiro						break;
120256Sgshapiro
120256Sgshapiro					  case HOSTBEGIN:
120256Sgshapiro						endtoken = HOSTEND;
120256Sgshapiro						/* FALLTHROUGH */
120256Sgshapiro					  case LOOKUPBEGIN:
120256Sgshapiro						/* see above... */
168515Sgshapiro						if ((ap[0][0] & 0377) == LOOKUPBEGIN)
120256Sgshapiro							endtoken = LOOKUPEND;
120256Sgshapiro						if (inmap)
120256Sgshapiro							syserr("cannot nest map lookups");
120256Sgshapiro						inmap = true;
120256Sgshapiro						args = 0;
120256Sgshapiro#if _FFR_EXTRA_MAP_CHECK
168515Sgshapiro						if (ap[1] == NULL)
120256Sgshapiro						{
120256Sgshapiro							syserr("syntax error in map lookup");
120256Sgshapiro							break;
120256Sgshapiro						}
168515Sgshapiro						nexttoken = ap[1][0] & 0377;
120256Sgshapiro						if (nexttoken == CANONHOST ||
120256Sgshapiro						    nexttoken == CANONUSER ||
363466Sgshapiro						    nexttoken == endtoken)
120256Sgshapiro						{
120256Sgshapiro							syserr("missing map name for lookup");
120256Sgshapiro							break;
120256Sgshapiro						}
168515Sgshapiro						if (ap[2] == NULL)
120256Sgshapiro						{
120256Sgshapiro							syserr("syntax error in map lookup");
120256Sgshapiro							break;
120256Sgshapiro						}
363466Sgshapiro						if ((unsigned char) ap[0][0] == HOSTBEGIN)
120256Sgshapiro							break;
168515Sgshapiro						nexttoken = ap[2][0] & 0377;
120256Sgshapiro						if (nexttoken == CANONHOST ||
120256Sgshapiro						    nexttoken == CANONUSER ||
120256Sgshapiro						    nexttoken == endtoken)
120256Sgshapiro						{
120256Sgshapiro							syserr("missing key name for lookup");
120256Sgshapiro							break;
120256Sgshapiro						}
120256Sgshapiro#endif /* _FFR_EXTRA_MAP_CHECK */
120256Sgshapiro						break;
120256Sgshapiro
120256Sgshapiro					  case HOSTEND:
120256Sgshapiro					  case LOOKUPEND:
168515Sgshapiro						if ((ap[0][0] & 0377) != endtoken)
120256Sgshapiro							break;
120256Sgshapiro						inmap = false;
120256Sgshapiro						endtoken = 0;
120256Sgshapiro						break;
120256Sgshapiro
120256Sgshapiro
90792Sgshapiro#if 0
90792Sgshapiro/*
90792Sgshapiro**  This doesn't work yet as there are maps defined *after* the cf
90792Sgshapiro**  is read such as host, user, and alias.  So for now, it's removed.
90792Sgshapiro**  When it comes back, the RELEASE_NOTES entry will be:
90792Sgshapiro**	Emit warnings for unknown maps when reading the .cf file.  Based on
90792Sgshapiro**		patch from Robert Harker of Harker Systems.
90792Sgshapiro*/
90792Sgshapiro
90792Sgshapiro					  case LOOKUPBEGIN:
90792Sgshapiro						/*
90792Sgshapiro						**  Got a database lookup,
90792Sgshapiro						**  check if map is defined.
90792Sgshapiro						*/
90792Sgshapiro
168515Sgshapiro						ep = ap[1];
168515Sgshapiro						if ((ep[0] & 0377) != MACRODEXPAND &&
168515Sgshapiro						    stab(ep, ST_MAP, ST_FIND) == NULL)
90792Sgshapiro						{
90792Sgshapiro							(void) sm_io_fprintf(smioout,
90792Sgshapiro									     SM_TIME_DEFAULT,
90792Sgshapiro									     "Warning: %s: line %d: map %s not found\n",
90792Sgshapiro									     FileName,
90792Sgshapiro									     LineNumber,
90792Sgshapiro									     ep);
90792Sgshapiro						}
90792Sgshapiro						break;
90792Sgshapiro#endif /* 0 */
38032Speter					}
38032Speter					if (botch != NULL)
38032Speter						syserr("Inappropriate use of %s on RHS",
38032Speter							botch);
38032Speter				}
120256Sgshapiro				if (inmap)
120256Sgshapiro					syserr("missing map closing token");
38032Speter			}
38032Speter			else
38032Speter			{
38032Speter				syserr("R line: null RHS");
38032Speter				rwp->r_rhs = null_list;
38032Speter			}
38032Speter			break;
38032Speter
38032Speter		  case 'S':		/* select rewriting set */
168515Sgshapiro			expand(&bp[1], exbuf, sizeof(exbuf), e);
38032Speter			ruleset = strtorwset(exbuf, NULL, ST_ENTER);
38032Speter			if (ruleset < 0)
38032Speter				break;
64562Sgshapiro
38032Speter			rwp = RewriteRules[ruleset];
38032Speter			if (rwp != NULL)
38032Speter			{
203004Sgshapiro				if (OpMode == MD_TEST || OpMode == MD_CHECKCONFIG)
90792Sgshapiro					(void) sm_io_fprintf(smioout,
90792Sgshapiro							     SM_TIME_DEFAULT,
90792Sgshapiro							     "WARNING: Ruleset %s has multiple definitions\n",
90792Sgshapiro							    &bp[1]);
64562Sgshapiro				if (tTd(37, 1))
90792Sgshapiro					sm_dprintf("WARNING: Ruleset %s has multiple definitions\n",
90792Sgshapiro						   &bp[1]);
38032Speter				while (rwp->r_next != NULL)
38032Speter					rwp = rwp->r_next;
38032Speter			}
38032Speter			break;
38032Speter
38032Speter		  case 'D':		/* macro definition */
90792Sgshapiro			mid = macid_parse(&bp[1], &ep);
71345Sgshapiro			if (mid == 0)
71345Sgshapiro				break;
38032Speter			p = munchstring(ep, NULL, '\0');
90792Sgshapiro			macdefine(&e->e_macro, A_TEMP, mid, p);
38032Speter			break;
38032Speter
38032Speter		  case 'H':		/* required header line */
64562Sgshapiro			(void) chompheader(&bp[1], CHHDR_DEF, NULL, e);
38032Speter			break;
38032Speter
38032Speter		  case 'C':		/* word class */
38032Speter		  case 'T':		/* trusted user (set class `t') */
38032Speter			if (bp[0] == 'C')
38032Speter			{
90792Sgshapiro				mid = macid_parse(&bp[1], &ep);
71345Sgshapiro				if (mid == 0)
71345Sgshapiro					break;
168515Sgshapiro				expand(ep, exbuf, sizeof(exbuf), e);
38032Speter				p = exbuf;
38032Speter			}
38032Speter			else
38032Speter			{
38032Speter				mid = 't';
38032Speter				p = &bp[1];
38032Speter			}
38032Speter			while (*p != '\0')
38032Speter			{
38032Speter				register char *wd;
38032Speter				char delim;
38032Speter
363466Sgshapiro				while (*p != '\0' && SM_ISSPACE(*p))
38032Speter					p++;
38032Speter				wd = p;
363466Sgshapiro				while (*p != '\0' && !(SM_ISSPACE(*p)))
38032Speter					p++;
38032Speter				delim = *p;
38032Speter				*p = '\0';
38032Speter				if (wd[0] != '\0')
38032Speter					setclass(mid, wd);
38032Speter				*p = delim;
38032Speter			}
38032Speter			break;
38032Speter
38032Speter		  case 'F':		/* word class from file */
90792Sgshapiro			mid = macid_parse(&bp[1], &ep);
71345Sgshapiro			if (mid == 0)
71345Sgshapiro				break;
363466Sgshapiro			for (p = ep; SM_ISSPACE(*p); )
38032Speter				p++;
38032Speter			if (p[0] == '-' && p[1] == 'o')
38032Speter			{
90792Sgshapiro				optional = true;
90792Sgshapiro				while (*p != '\0' &&
363466Sgshapiro				       !(SM_ISSPACE(*p)))
38032Speter					p++;
363466Sgshapiro				while (SM_ISSPACE(*p))
38032Speter					p++;
38032Speter			}
38032Speter			else
90792Sgshapiro				optional = false;
64562Sgshapiro
94334Sgshapiro			/* check if [key]@map:spec */
94334Sgshapiro			ismap = false;
94334Sgshapiro			if (!SM_IS_DIR_DELIM(*p) &&
94334Sgshapiro			    *p != '|' &&
94334Sgshapiro			    (q = strchr(p, '@')) != NULL)
90792Sgshapiro			{
94334Sgshapiro				q++;
94334Sgshapiro
94334Sgshapiro				/* look for @LDAP or @map: in string */
94334Sgshapiro				if (strcmp(q, "LDAP") == 0 ||
94334Sgshapiro				    (*q != ':' &&
94334Sgshapiro				     strchr(q, ':') != NULL))
94334Sgshapiro					ismap = true;
94334Sgshapiro			}
94334Sgshapiro
94334Sgshapiro			if (ismap)
94334Sgshapiro			{
90792Sgshapiro				/* use entire spec */
90792Sgshapiro				file = p;
90792Sgshapiro			}
90792Sgshapiro			else
90792Sgshapiro			{
90792Sgshapiro				file = extrquotstr(p, &q, " ", &ok);
90792Sgshapiro				if (!ok)
90792Sgshapiro				{
90792Sgshapiro					syserr("illegal filename '%s'", p);
90792Sgshapiro					break;
90792Sgshapiro				}
90792Sgshapiro			}
90792Sgshapiro
94334Sgshapiro			if (*file == '|' || ismap)
38032Speter				p = "%s";
38032Speter			else
38032Speter			{
64562Sgshapiro				p = q;
38032Speter				if (*p == '\0')
38032Speter					p = "%s";
38032Speter				else
38032Speter				{
38032Speter					*p = '\0';
38032Speter					while (isascii(*++p) && isspace(*p))
38032Speter						continue;
38032Speter				}
38032Speter			}
94334Sgshapiro			fileclass(mid, file, p, ismap, safe, optional);
38032Speter			break;
38032Speter
90792Sgshapiro#if XLA
38032Speter		  case 'L':		/* extended load average description */
38032Speter			xla_init(&bp[1]);
38032Speter			break;
363466Sgshapiro#endif
38032Speter
38032Speter#if defined(SUN_EXTENSIONS) && defined(SUN_LOOKUP_MACRO)
38032Speter		  case 'L':		/* lookup macro */
38032Speter		  case 'G':		/* lookup class */
38032Speter			/* reserved for Sun -- NIS+ database lookup */
38032Speter			if (VendorCode != VENDOR_SUN)
38032Speter				goto badline;
38032Speter			sun_lg_config_line(bp, e);
38032Speter			break;
64562Sgshapiro#endif /* defined(SUN_EXTENSIONS) && defined(SUN_LOOKUP_MACRO) */
38032Speter
38032Speter		  case 'M':		/* define mailer */
38032Speter			makemailer(&bp[1]);
38032Speter			break;
38032Speter
38032Speter		  case 'O':		/* set option */
90792Sgshapiro			setoption(bp[1], &bp[2], safe, false, e);
38032Speter			break;
38032Speter
38032Speter		  case 'P':		/* set precedence */
38032Speter			if (NumPriorities >= MAXPRIORITIES)
38032Speter			{
38032Speter				toomany('P', MAXPRIORITIES);
38032Speter				break;
38032Speter			}
38032Speter			for (p = &bp[1]; *p != '\0' && *p != '='; p++)
38032Speter				continue;
38032Speter			if (*p == '\0')
38032Speter				goto badline;
38032Speter			*p = '\0';
38032Speter			Priorities[NumPriorities].pri_name = newstr(&bp[1]);
38032Speter			Priorities[NumPriorities].pri_val = atoi(++p);
38032Speter			NumPriorities++;
38032Speter			break;
38032Speter
90792Sgshapiro		  case 'Q':		/* define queue */
90792Sgshapiro			makequeue(&bp[1], true);
90792Sgshapiro			break;
90792Sgshapiro
38032Speter		  case 'V':		/* configuration syntax version */
363466Sgshapiro			for (p = &bp[1]; SM_ISSPACE(*p); p++)
38032Speter				continue;
38032Speter			if (!isascii(*p) || !isdigit(*p))
38032Speter			{
64562Sgshapiro				syserr("invalid argument to V line: \"%.20s\"",
38032Speter					&bp[1]);
38032Speter				break;
38032Speter			}
38032Speter			ConfigLevel = strtol(p, &ep, 10);
38032Speter
38032Speter			/*
38032Speter			**  Do heuristic tweaking for back compatibility.
38032Speter			*/
38032Speter
38032Speter			if (ConfigLevel >= 5)
38032Speter			{
38032Speter				/* level 5 configs have short name in $w */
38032Speter				p = macvalue('w', e);
38032Speter				if (p != NULL && (p = strchr(p, '.')) != NULL)
90792Sgshapiro				{
38032Speter					*p = '\0';
90792Sgshapiro					macdefine(&e->e_macro, A_TEMP, 'w',
90792Sgshapiro						  macvalue('w', e));
90792Sgshapiro				}
38032Speter			}
38032Speter			if (ConfigLevel >= 6)
38032Speter			{
90792Sgshapiro				ColonOkInAddr = false;
38032Speter			}
38032Speter
38032Speter			/*
38032Speter			**  Look for vendor code.
38032Speter			*/
38032Speter
38032Speter			if (*ep++ == '/')
38032Speter			{
38032Speter				/* extract vendor code */
38032Speter				for (p = ep; isascii(*p) && isalpha(*p); )
38032Speter					p++;
38032Speter				*p = '\0';
38032Speter
38032Speter				if (!setvendor(ep))
38032Speter					syserr("invalid V line vendor code: \"%s\"",
38032Speter						ep);
38032Speter			}
38032Speter			break;
38032Speter
38032Speter		  case 'K':
168515Sgshapiro			expand(&bp[1], exbuf, sizeof(exbuf), e);
38032Speter			(void) makemapentry(exbuf);
38032Speter			break;
38032Speter
38032Speter		  case 'E':
38032Speter			p = strchr(bp, '=');
38032Speter			if (p != NULL)
38032Speter				*p++ = '\0';
157001Sgshapiro			sm_setuserenv(&bp[1], p);
38032Speter			break;
38032Speter
64562Sgshapiro		  case 'X':		/* mail filter */
90792Sgshapiro#if MILTER
64562Sgshapiro			milter_setup(&bp[1]);
90792Sgshapiro#else /* MILTER */
90792Sgshapiro			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro					     "Warning: Filter usage ('X') requires Milter support (-DMILTER)\n");
90792Sgshapiro#endif /* MILTER */
64562Sgshapiro			break;
64562Sgshapiro
38032Speter		  default:
38032Speter		  badline:
38032Speter			syserr("unknown configuration line \"%s\"", bp);
38032Speter		}
38032Speter		if (bp != buf)
90792Sgshapiro			sm_free(bp); /* XXX */
38032Speter	}
90792Sgshapiro	if (sm_io_error(cf))
38032Speter	{
38032Speter		syserr("I/O read error");
90792Sgshapiro		finis(false, true, EX_OSFILE);
38032Speter	}
90792Sgshapiro	(void) sm_io_close(cf, SM_TIME_DEFAULT);
38032Speter	FileName = NULL;
38032Speter
285229Sgshapiro#if _FFR_BOUNCE_QUEUE
285229Sgshapiro	initbouncequeue();
285229Sgshapiro#endif
285229Sgshapiro
38032Speter	/* initialize host maps from local service tables */
38032Speter	inithostmaps();
38032Speter
64562Sgshapiro	/* initialize daemon (if not defined yet) */
64562Sgshapiro	initdaemon();
64562Sgshapiro
38032Speter	/* determine if we need to do special name-server frotz */
38032Speter	{
38032Speter		int nmaps;
38032Speter		char *maptype[MAXMAPSTACK];
38032Speter		short mapreturn[MAXMAPACTIONS];
38032Speter
38032Speter		nmaps = switch_map_find("hosts", maptype, mapreturn);
90792Sgshapiro		UseNameServer = false;
38032Speter		if (nmaps > 0 && nmaps <= MAXMAPSTACK)
38032Speter		{
38032Speter			register int mapno;
38032Speter
90792Sgshapiro			for (mapno = 0; mapno < nmaps && !UseNameServer;
90792Sgshapiro			     mapno++)
38032Speter			{
38032Speter				if (strcmp(maptype[mapno], "dns") == 0)
90792Sgshapiro					UseNameServer = true;
38032Speter			}
38032Speter		}
38032Speter	}
285229Sgshapiro	setupdynmailers();
38032Speter}
168515Sgshapiro
90792Sgshapiro/*
38032Speter**  TRANSLATE_DOLLARS -- convert $x into internal form
38032Speter**
38032Speter**	Actually does all appropriate pre-processing of a config line
38032Speter**	to turn it into internal form.
38032Speter**
38032Speter**	Parameters:
168515Sgshapiro**		ibp -- the buffer to translate.
168515Sgshapiro**		obp -- where to put the translation; may be the same as obp
168515Sgshapiro**		bsp -- a pointer to the size of obp; will be updated if
168515Sgshapiro**			the buffer needs to be replaced.
38032Speter**
38032Speter**	Returns:
168515Sgshapiro**		The buffer pointer; may differ from obp if the expansion
168515Sgshapiro**		is larger then *bsp, in which case this will point to
168515Sgshapiro**		malloc()ed memory which must be free()d by the caller.
38032Speter*/
38032Speter
168515Sgshapirochar *
168515Sgshapirotranslate_dollars(ibp, obp, bsp)
168515Sgshapiro	char *ibp;
168515Sgshapiro	char *obp;
168515Sgshapiro	int *bsp;
38032Speter{
38032Speter	register char *p;
38032Speter	auto char *ep;
168515Sgshapiro	char *bp;
38032Speter
168515Sgshapiro	if (tTd(37, 53))
168515Sgshapiro	{
168515Sgshapiro		sm_dprintf("translate_dollars(");
168515Sgshapiro		xputs(sm_debug_file(), ibp);
168515Sgshapiro		sm_dprintf(")\n");
168515Sgshapiro	}
168515Sgshapiro
168515Sgshapiro	bp = quote_internal_chars(ibp, obp, bsp);
168515Sgshapiro
38032Speter	for (p = bp; *p != '\0'; p++)
38032Speter	{
38032Speter		if (*p == '#' && p > bp && ConfigLevel >= 3)
38032Speter		{
38032Speter			register char *e;
38032Speter
38032Speter			switch (*--p & 0377)
38032Speter			{
38032Speter			  case MACROEXPAND:
38032Speter				/* it's from $# -- let it go through */
38032Speter				p++;
38032Speter				break;
38032Speter
38032Speter			  case '\\':
38032Speter				/* it's backslash escaped */
90792Sgshapiro				(void) sm_strlcpy(p, p + 1, strlen(p));
38032Speter				break;
38032Speter
38032Speter			  default:
64562Sgshapiro				/* delete leading white space */
363466Sgshapiro				while (SM_ISSPACE(*p) &&
38032Speter				       *p != '\n' && p > bp)
168515Sgshapiro				{
38032Speter					p--;
168515Sgshapiro				}
38032Speter				if ((e = strchr(++p, '\n')) != NULL)
90792Sgshapiro					(void) sm_strlcpy(p, e, strlen(p));
38032Speter				else
38032Speter					*p-- = '\0';
38032Speter				break;
38032Speter			}
38032Speter			continue;
38032Speter		}
38032Speter
38032Speter		if (*p != '$' || p[1] == '\0')
38032Speter			continue;
38032Speter
38032Speter		if (p[1] == '$')
38032Speter		{
38032Speter			/* actual dollar sign.... */
90792Sgshapiro			(void) sm_strlcpy(p, p + 1, strlen(p));
38032Speter			continue;
38032Speter		}
38032Speter
38032Speter		/* convert to macro expansion character */
38032Speter		*p++ = MACROEXPAND;
38032Speter
38032Speter		/* special handling for $=, $~, $&, and $? */
38032Speter		if (*p == '=' || *p == '~' || *p == '&' || *p == '?')
38032Speter			p++;
38032Speter
38032Speter		/* convert macro name to code */
90792Sgshapiro		*p = macid_parse(p, &ep);
64562Sgshapiro		if (ep != p + 1)
90792Sgshapiro			(void) sm_strlcpy(p + 1, ep, strlen(p + 1));
38032Speter	}
38032Speter
38032Speter	/* strip trailing white space from the line */
363466Sgshapiro	while (--p > bp && SM_ISSPACE(*p))
38032Speter		*p = '\0';
168515Sgshapiro
168515Sgshapiro	if (tTd(37, 53))
168515Sgshapiro	{
168515Sgshapiro		sm_dprintf("  translate_dollars => ");
168515Sgshapiro		xputs(sm_debug_file(), bp);
168515Sgshapiro		sm_dprintf("\n");
168515Sgshapiro	}
168515Sgshapiro
168515Sgshapiro	return bp;
38032Speter}
90792Sgshapiro/*
38032Speter**  TOOMANY -- signal too many of some option
38032Speter**
38032Speter**	Parameters:
38032Speter**		id -- the id of the error line
38032Speter**		maxcnt -- the maximum possible values
38032Speter**
38032Speter**	Returns:
38032Speter**		none.
38032Speter**
38032Speter**	Side Effects:
38032Speter**		gives a syserr.
38032Speter*/
38032Speter
64562Sgshapirostatic void
38032Spetertoomany(id, maxcnt)
38032Speter	int id;
38032Speter	int maxcnt;
38032Speter{
38032Speter	syserr("too many %c lines, %d max", id, maxcnt);
38032Speter}
90792Sgshapiro/*
38032Speter**  FILECLASS -- read members of a class from a file
38032Speter**
38032Speter**	Parameters:
38032Speter**		class -- class to define.
38032Speter**		filename -- name of file to read.
38032Speter**		fmt -- scanf string to use for match.
94334Sgshapiro**		ismap -- if set, this is a map lookup.
38032Speter**		safe -- if set, this is a safe read.
38032Speter**		optional -- if set, it is not an error for the file to
38032Speter**			not exist.
38032Speter**
38032Speter**	Returns:
38032Speter**		none
38032Speter**
38032Speter**	Side Effects:
38032Speter**		puts all lines in filename that match a scanf into
38032Speter**			the named class.
38032Speter*/
38032Speter
90792Sgshapiro/*
90792Sgshapiro**  Break up the match into words and add to class.
90792Sgshapiro*/
90792Sgshapiro
64562Sgshapirostatic void
90792Sgshapiroparse_class_words(class, line)
90792Sgshapiro	int class;
90792Sgshapiro	char *line;
90792Sgshapiro{
90792Sgshapiro	while (line != NULL && *line != '\0')
90792Sgshapiro	{
90792Sgshapiro		register char *q;
90792Sgshapiro
90792Sgshapiro		/* strip leading spaces */
363466Sgshapiro		while (SM_ISSPACE(*line))
90792Sgshapiro			line++;
90792Sgshapiro		if (*line == '\0')
90792Sgshapiro			break;
90792Sgshapiro
90792Sgshapiro		/* find the end of the word */
90792Sgshapiro		q = line;
363466Sgshapiro		while (*line != '\0' && !(SM_ISSPACE(*line)))
90792Sgshapiro			line++;
90792Sgshapiro		if (*line != '\0')
90792Sgshapiro			*line++ = '\0';
90792Sgshapiro
90792Sgshapiro		/* enter the word in the symbol table */
90792Sgshapiro		setclass(class, q);
90792Sgshapiro	}
90792Sgshapiro}
90792Sgshapiro
90792Sgshapirostatic void
94334Sgshapirofileclass(class, filename, fmt, ismap, safe, optional)
38032Speter	int class;
38032Speter	char *filename;
38032Speter	char *fmt;
94334Sgshapiro	bool ismap;
38032Speter	bool safe;
38032Speter	bool optional;
38032Speter{
90792Sgshapiro	SM_FILE_T *f;
64562Sgshapiro	long sff;
38032Speter	pid_t pid;
38032Speter	register char *p;
38032Speter	char buf[MAXLINE];
38032Speter
38032Speter	if (tTd(37, 2))
90792Sgshapiro		sm_dprintf("fileclass(%s, fmt=%s)\n", filename, fmt);
38032Speter
90792Sgshapiro	if (*filename == '\0')
38032Speter	{
90792Sgshapiro		syserr("fileclass: missing file name");
90792Sgshapiro		return;
90792Sgshapiro	}
94334Sgshapiro	else if (ismap)
90792Sgshapiro	{
90792Sgshapiro		int status = 0;
90792Sgshapiro		char *key;
90792Sgshapiro		char *mn;
90792Sgshapiro		char *cl, *spec;
90792Sgshapiro		STAB *mapclass;
90792Sgshapiro		MAP map;
90792Sgshapiro
90792Sgshapiro		mn = newstr(macname(class));
90792Sgshapiro
90792Sgshapiro		key = filename;
90792Sgshapiro
94334Sgshapiro		/* skip past key */
94334Sgshapiro		if ((p = strchr(filename, '@')) == NULL)
94334Sgshapiro		{
94334Sgshapiro			/* should not happen */
94334Sgshapiro			syserr("fileclass: bogus map specification");
94334Sgshapiro			sm_free(mn);
94334Sgshapiro			return;
94334Sgshapiro		}
94334Sgshapiro
90792Sgshapiro		/* skip past '@' */
90792Sgshapiro		*p++ = '\0';
90792Sgshapiro		cl = p;
90792Sgshapiro
120256Sgshapiro#if LDAPMAP
90792Sgshapiro		if (strcmp(cl, "LDAP") == 0)
90792Sgshapiro		{
90792Sgshapiro			int n;
90792Sgshapiro			char *lc;
90792Sgshapiro			char jbuf[MAXHOSTNAMELEN];
90792Sgshapiro			char lcbuf[MAXLINE];
90792Sgshapiro
90792Sgshapiro			/* Get $j */
168515Sgshapiro			expand("\201j", jbuf, sizeof(jbuf), &BlankEnvelope);
90792Sgshapiro			if (jbuf[0] == '\0')
90792Sgshapiro			{
90792Sgshapiro				(void) sm_strlcpy(jbuf, "localhost",
168515Sgshapiro						  sizeof(jbuf));
90792Sgshapiro			}
90792Sgshapiro
90792Sgshapiro			/* impose the default schema */
90792Sgshapiro			lc = macvalue(macid("{sendmailMTACluster}"), CurEnv);
90792Sgshapiro			if (lc == NULL)
90792Sgshapiro				lc = "";
90792Sgshapiro			else
90792Sgshapiro			{
168515Sgshapiro				expand(lc, lcbuf, sizeof(lcbuf), CurEnv);
90792Sgshapiro				lc = lcbuf;
90792Sgshapiro			}
90792Sgshapiro
90792Sgshapiro			cl = "ldap";
168515Sgshapiro			n = sm_snprintf(buf, sizeof(buf),
132943Sgshapiro					"-k (&(objectClass=sendmailMTAClass)(sendmailMTAClassName=%s)(|(sendmailMTACluster=%s)(sendmailMTAHost=%s))) -v sendmailMTAClassValue,sendmailMTAClassSearch:FILTER:sendmailMTAClass,sendmailMTAClassURL:URL:sendmailMTAClass",
90792Sgshapiro					mn, lc, jbuf);
168515Sgshapiro			if (n >= sizeof(buf))
90792Sgshapiro			{
90792Sgshapiro				syserr("fileclass: F{%s}: Default LDAP string too long",
90792Sgshapiro				       mn);
90792Sgshapiro				sm_free(mn);
90792Sgshapiro				return;
90792Sgshapiro			}
90792Sgshapiro			spec = buf;
90792Sgshapiro		}
90792Sgshapiro		else
120256Sgshapiro#endif /* LDAPMAP */
90792Sgshapiro		{
90792Sgshapiro			if ((spec = strchr(cl, ':')) == NULL)
90792Sgshapiro			{
90792Sgshapiro				syserr("fileclass: F{%s}: missing map class",
90792Sgshapiro				       mn);
90792Sgshapiro				sm_free(mn);
90792Sgshapiro				return;
90792Sgshapiro			}
90792Sgshapiro			*spec++ ='\0';
90792Sgshapiro		}
90792Sgshapiro
90792Sgshapiro		/* set up map structure */
90792Sgshapiro		mapclass = stab(cl, ST_MAPCLASS, ST_FIND);
90792Sgshapiro		if (mapclass == NULL)
90792Sgshapiro		{
90792Sgshapiro			syserr("fileclass: F{%s}: class %s not available",
90792Sgshapiro			       mn, cl);
90792Sgshapiro			sm_free(mn);
90792Sgshapiro			return;
90792Sgshapiro		}
168515Sgshapiro		memset(&map, '\0', sizeof(map));
90792Sgshapiro		map.map_class = &mapclass->s_mapclass;
90792Sgshapiro		map.map_mname = mn;
90792Sgshapiro		map.map_mflags |= MF_FILECLASS;
90792Sgshapiro
94334Sgshapiro		if (tTd(37, 5))
94334Sgshapiro			sm_dprintf("fileclass: F{%s}: map class %s, key %s, spec %s\n",
94334Sgshapiro				   mn, cl, key, spec);
94334Sgshapiro
94334Sgshapiro
90792Sgshapiro		/* parse map spec */
90792Sgshapiro		if (!map.map_class->map_parse(&map, spec))
90792Sgshapiro		{
90792Sgshapiro			/* map_parse() showed the error already */
90792Sgshapiro			sm_free(mn);
90792Sgshapiro			return;
90792Sgshapiro		}
90792Sgshapiro		map.map_mflags |= MF_VALID;
90792Sgshapiro
90792Sgshapiro		/* open map */
90792Sgshapiro		if (map.map_class->map_open(&map, O_RDONLY))
90792Sgshapiro		{
90792Sgshapiro			map.map_mflags |= MF_OPEN;
90792Sgshapiro			map.map_pid = getpid();
90792Sgshapiro		}
90792Sgshapiro		else
90792Sgshapiro		{
90792Sgshapiro			if (!optional &&
90792Sgshapiro			    !bitset(MF_OPTIONAL, map.map_mflags))
90792Sgshapiro				syserr("fileclass: F{%s}: map open failed",
90792Sgshapiro				       mn);
90792Sgshapiro			sm_free(mn);
90792Sgshapiro			return;
90792Sgshapiro		}
90792Sgshapiro
90792Sgshapiro		/* lookup */
90792Sgshapiro		p = (*map.map_class->map_lookup)(&map, key, NULL, &status);
90792Sgshapiro		if (status != EX_OK && status != EX_NOTFOUND)
90792Sgshapiro		{
90792Sgshapiro			if (!optional)
90792Sgshapiro				syserr("fileclass: F{%s}: map lookup failed",
90792Sgshapiro				       mn);
90792Sgshapiro			p = NULL;
90792Sgshapiro		}
90792Sgshapiro
90792Sgshapiro		/* use the results */
90792Sgshapiro		if (p != NULL)
90792Sgshapiro			parse_class_words(class, p);
90792Sgshapiro
90792Sgshapiro		/* close map */
90792Sgshapiro		map.map_mflags |= MF_CLOSING;
90792Sgshapiro		map.map_class->map_close(&map);
90792Sgshapiro		map.map_mflags &= ~(MF_OPEN|MF_WRITABLE|MF_CLOSING);
90792Sgshapiro		sm_free(mn);
90792Sgshapiro		return;
90792Sgshapiro	}
90792Sgshapiro	else if (filename[0] == '|')
90792Sgshapiro	{
38032Speter		auto int fd;
38032Speter		int i;
38032Speter		char *argv[MAXPV + 1];
38032Speter
38032Speter		i = 0;
90792Sgshapiro		for (p = strtok(&filename[1], " \t");
90792Sgshapiro		     p != NULL && i < MAXPV;
90792Sgshapiro		     p = strtok(NULL, " \t"))
38032Speter			argv[i++] = p;
38032Speter		argv[i] = NULL;
38032Speter		pid = prog_open(argv, &fd, CurEnv);
38032Speter		if (pid < 0)
38032Speter			f = NULL;
38032Speter		else
90792Sgshapiro			f = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
90792Sgshapiro				       (void *) &fd, SM_IO_RDONLY, NULL);
38032Speter	}
38032Speter	else
38032Speter	{
38032Speter		pid = -1;
38032Speter		sff = SFF_REGONLY;
64562Sgshapiro		if (!bitnset(DBS_CLASSFILEINUNSAFEDIRPATH, DontBlameSendmail))
38032Speter			sff |= SFF_SAFEDIRPATH;
64562Sgshapiro		if (!bitnset(DBS_LINKEDCLASSFILEINWRITABLEDIR,
64562Sgshapiro			     DontBlameSendmail))
38032Speter			sff |= SFF_NOWLINK;
38032Speter		if (safe)
38032Speter			sff |= SFF_OPENASROOT;
90792Sgshapiro		else if (RealUid == 0)
90792Sgshapiro			sff |= SFF_ROOTOK;
38032Speter		if (DontLockReadFiles)
38032Speter			sff |= SFF_NOLOCK;
38032Speter		f = safefopen(filename, O_RDONLY, 0, sff);
38032Speter	}
38032Speter	if (f == NULL)
38032Speter	{
38032Speter		if (!optional)
64562Sgshapiro			syserr("fileclass: cannot open '%s'", filename);
38032Speter		return;
38032Speter	}
38032Speter
249729Sgshapiro	while (sm_io_fgets(f, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0)
38032Speter	{
64562Sgshapiro#if SCANF
38032Speter		char wordbuf[MAXLINE + 1];
363466Sgshapiro#endif
38032Speter
38032Speter		if (buf[0] == '#')
38032Speter			continue;
64562Sgshapiro#if SCANF
90792Sgshapiro		if (sm_io_sscanf(buf, fmt, wordbuf) != 1)
38032Speter			continue;
38032Speter		p = wordbuf;
64562Sgshapiro#else /* SCANF */
38032Speter		p = buf;
64562Sgshapiro#endif /* SCANF */
38032Speter
90792Sgshapiro		parse_class_words(class, p);
90792Sgshapiro
38032Speter		/*
90792Sgshapiro		**  If anything else is added here,
90792Sgshapiro		**  check if the '@' map case above
90792Sgshapiro		**  needs the code as well.
38032Speter		*/
38032Speter	}
38032Speter
90792Sgshapiro	(void) sm_io_close(f, SM_TIME_DEFAULT);
38032Speter	if (pid > 0)
38032Speter		(void) waitfor(pid);
38032Speter}
285229Sgshapiro
285229Sgshapiro#if _FFR_RCPTFLAGS
285229Sgshapiro/* first character for dynamically created mailers */
285229Sgshapirostatic char dynmailerp = ' ';
285229Sgshapiro
285229Sgshapiro/* list of first characters for cf defined mailers */
285229Sgshapirostatic char frst[MAXMAILERS + 1];
285229Sgshapiro
90792Sgshapiro/*
285229Sgshapiro**  SETUPDYNMAILERS -- find a char that isn't used as first element of any
285229Sgshapiro**		mailer name.
285229Sgshapiro**
285229Sgshapiro**	Parameters:
285229Sgshapiro**		none
285229Sgshapiro**
285229Sgshapiro**	Returns:
285229Sgshapiro**		none
363466Sgshapiro**
285229Sgshapiro**	Note: space is not valid in cf defined mailers hence the function
285229Sgshapiro**		will always find a char. It's not nice, but this is for
285229Sgshapiro**		internal names only.
285229Sgshapiro*/
285229Sgshapiro
285229Sgshapirovoid
285229Sgshapirosetupdynmailers()
285229Sgshapiro{
285229Sgshapiro	int i;
285229Sgshapiro	char pp[] = "YXZ0123456789ABCDEFGHIJKLMNOPQRSTUVWyxzabcfghijkmnoqtuvw ";
285229Sgshapiro
285229Sgshapiro	frst[MAXMAILERS] = '\0';
285229Sgshapiro	for (i = 0; i < strlen(pp); i++)
285229Sgshapiro	{
285229Sgshapiro		if (strchr(frst, pp[i]) == NULL)
285229Sgshapiro		{
285229Sgshapiro			dynmailerp = pp[i];
285229Sgshapiro			if (tTd(25, 8))
285229Sgshapiro				sm_dprintf("dynmailerp=%c\n", dynmailerp);
285229Sgshapiro			return;
285229Sgshapiro		}
285229Sgshapiro	}
285229Sgshapiro
285229Sgshapiro	/* NOTREACHED */
285229Sgshapiro	SM_ASSERT(0);
285229Sgshapiro}
285229Sgshapiro
285229Sgshapiro/*
285229Sgshapiro**  NEWMODMAILER -- Create a new mailer with modifications
285229Sgshapiro**
285229Sgshapiro**	Parameters:
285229Sgshapiro**		rcpt -- current RCPT
285229Sgshapiro**		fl -- flag to set
285229Sgshapiro**
285229Sgshapiro**	Returns:
285229Sgshapiro**		true iff successful.
285229Sgshapiro**
285229Sgshapiro**	Note: this creates a copy of the mailer for the rcpt and
285229Sgshapiro**		modifies exactly one flag.  It does not work
285229Sgshapiro**		for multiple flags!
285229Sgshapiro*/
285229Sgshapiro
285229Sgshapirobool
285229Sgshapironewmodmailer(rcpt, fl)
285229Sgshapiro	ADDRESS *rcpt;
285229Sgshapiro	int fl;
285229Sgshapiro{
285229Sgshapiro	int idx;
285229Sgshapiro	struct mailer *m;
285229Sgshapiro	STAB *s;
285229Sgshapiro	char mname[256];
285229Sgshapiro
285229Sgshapiro	SM_REQUIRE(rcpt != NULL);
285229Sgshapiro	if (rcpt->q_mailer == NULL)
285229Sgshapiro		return false;
285229Sgshapiro	if (tTd(25, 8))
285229Sgshapiro		sm_dprintf("newmodmailer: rcpt=%s\n", rcpt->q_paddr);
285229Sgshapiro	SM_REQUIRE(rcpt->q_mailer->m_name != NULL);
285229Sgshapiro	SM_REQUIRE(rcpt->q_mailer->m_name[0] != '\0');
285229Sgshapiro	sm_strlcpy(mname, rcpt->q_mailer->m_name, sizeof(mname));
285229Sgshapiro	mname[0] = dynmailerp;
285229Sgshapiro	if (tTd(25, 8))
285229Sgshapiro		sm_dprintf("newmodmailer: name=%s\n", mname);
285229Sgshapiro	s = stab(mname, ST_MAILER, ST_ENTER);
285229Sgshapiro	if (s->s_mailer != NULL)
285229Sgshapiro	{
285229Sgshapiro		idx = s->s_mailer->m_mno;
285229Sgshapiro		if (tTd(25, 6))
285229Sgshapiro			sm_dprintf("newmodmailer: found idx=%d\n", idx);
285229Sgshapiro	}
285229Sgshapiro	else
285229Sgshapiro	{
285229Sgshapiro		idx = rcpt->q_mailer->m_mno;
285229Sgshapiro		idx += MAXMAILERS;
285229Sgshapiro		if (tTd(25, 6))
285229Sgshapiro			sm_dprintf("newmodmailer: idx=%d\n", idx);
285229Sgshapiro		if (idx > SM_ARRAY_SIZE(Mailer))
285229Sgshapiro			return false;
285229Sgshapiro	}
285229Sgshapiro
285229Sgshapiro	m = Mailer[idx];
285229Sgshapiro	if (m == NULL)
285229Sgshapiro		m = (struct mailer *) xalloc(sizeof(*m));
285229Sgshapiro	memset((char *) m, '\0', sizeof(*m));
285229Sgshapiro	STRUCTCOPY(*rcpt->q_mailer, *m);
285229Sgshapiro	Mailer[idx] = m;
285229Sgshapiro
285229Sgshapiro	/* "modify" the mailer */
285229Sgshapiro	setbitn(bitidx(fl), m->m_flags);
285229Sgshapiro	rcpt->q_mailer = m;
285229Sgshapiro	m->m_mno = idx;
285229Sgshapiro	m->m_name = newstr(mname);
285229Sgshapiro	if (tTd(25, 1))
285229Sgshapiro		sm_dprintf("newmodmailer: mailer[%d]=%s %p\n",
285229Sgshapiro			idx, Mailer[idx]->m_name, Mailer[idx]);
285229Sgshapiro
285229Sgshapiro	return true;
285229Sgshapiro}
285229Sgshapiro
285229Sgshapiro#endif /* _FFR_RCPTFLAGS */
285229Sgshapiro
285229Sgshapiro/*
38032Speter**  MAKEMAILER -- define a new mailer.
38032Speter**
38032Speter**	Parameters:
38032Speter**		line -- description of mailer.  This is in labeled
38032Speter**			fields.  The fields are:
38032Speter**			   A -- the argv for this mailer
38032Speter**			   C -- the character set for MIME conversions
38032Speter**			   D -- the directory to run in
38032Speter**			   E -- the eol string
38032Speter**			   F -- the flags associated with the mailer
38032Speter**			   L -- the maximum line length
38032Speter**			   M -- the maximum message size
38032Speter**			   N -- the niceness at which to run
38032Speter**			   P -- the path to the mailer
90792Sgshapiro**			   Q -- the queue group for the mailer
38032Speter**			   R -- the recipient rewriting set
38032Speter**			   S -- the sender rewriting set
38032Speter**			   T -- the mailer type (for DSNs)
38032Speter**			   U -- the uid to run as
64562Sgshapiro**			   W -- the time to wait at the end
73188Sgshapiro**			   m -- maximum messages per connection
90792Sgshapiro**			   r -- maximum number of recipients per message
73188Sgshapiro**			   / -- new root directory
38032Speter**			The first word is the canonical name of the mailer.
38032Speter**
38032Speter**	Returns:
38032Speter**		none.
38032Speter**
38032Speter**	Side Effects:
38032Speter**		enters the mailer into the mailer table.
38032Speter*/
38032Speter
285229Sgshapiro
38032Spetervoid
38032Spetermakemailer(line)
38032Speter	char *line;
38032Speter{
38032Speter	register char *p;
38032Speter	register struct mailer *m;
38032Speter	register STAB *s;
38032Speter	int i;
38032Speter	char fcode;
38032Speter	auto char *endp;
90792Sgshapiro	static int nextmailer = 0;	/* "free" index into Mailer struct */
38032Speter
38032Speter	/* allocate a mailer and set up defaults */
168515Sgshapiro	m = (struct mailer *) xalloc(sizeof(*m));
168515Sgshapiro	memset((char *) m, '\0', sizeof(*m));
90792Sgshapiro	errno = 0; /* avoid bogus error text */
38032Speter
38032Speter	/* collect the mailer name */
90792Sgshapiro	for (p = line;
363466Sgshapiro	     *p != '\0' && *p != ',' && !(SM_ISSPACE(*p));
90792Sgshapiro	     p++)
38032Speter		continue;
38032Speter	if (*p != '\0')
38032Speter		*p++ = '\0';
38032Speter	if (line[0] == '\0')
71345Sgshapiro	{
38032Speter		syserr("name required for mailer");
71345Sgshapiro		return;
71345Sgshapiro	}
38032Speter	m->m_name = newstr(line);
285229Sgshapiro#if _FFR_RCPTFLAGS
285229Sgshapiro	frst[nextmailer] = line[0];
285229Sgshapiro#endif
94334Sgshapiro	m->m_qgrp = NOQGRP;
132943Sgshapiro	m->m_uid = NO_UID;
132943Sgshapiro	m->m_gid = NO_GID;
38032Speter
38032Speter	/* now scan through and assign info from the fields */
38032Speter	while (*p != '\0')
38032Speter	{
38032Speter		auto char *delimptr;
38032Speter
90792Sgshapiro		while (*p != '\0' &&
363466Sgshapiro		       (*p == ',' || (SM_ISSPACE(*p))))
38032Speter			p++;
38032Speter
38032Speter		/* p now points to field code */
38032Speter		fcode = *p;
38032Speter		while (*p != '\0' && *p != '=' && *p != ',')
38032Speter			p++;
38032Speter		if (*p++ != '=')
38032Speter		{
38032Speter			syserr("mailer %s: `=' expected", m->m_name);
38032Speter			return;
38032Speter		}
363466Sgshapiro		while (SM_ISSPACE(*p))
38032Speter			p++;
38032Speter
38032Speter		/* p now points to the field body */
38032Speter		p = munchstring(p, &delimptr, ',');
38032Speter
38032Speter		/* install the field into the mailer struct */
38032Speter		switch (fcode)
38032Speter		{
38032Speter		  case 'P':		/* pathname */
90792Sgshapiro			if (*p != '\0')	/* error is issued below */
71345Sgshapiro				m->m_mailer = newstr(p);
38032Speter			break;
38032Speter
38032Speter		  case 'F':		/* flags */
38032Speter			for (; *p != '\0'; p++)
90792Sgshapiro			{
363466Sgshapiro				if (!(SM_ISSPACE(*p)))
90792Sgshapiro				{
90792Sgshapiro					if (*p == M_INTERNAL)
90792Sgshapiro						sm_syslog(LOG_WARNING, NOQID,
90792Sgshapiro							  "WARNING: mailer=%s, flag=%c deprecated",
90792Sgshapiro							  m->m_name, *p);
71345Sgshapiro					setbitn(bitidx(*p), m->m_flags);
90792Sgshapiro				}
90792Sgshapiro			}
38032Speter			break;
38032Speter
38032Speter		  case 'S':		/* sender rewriting ruleset */
38032Speter		  case 'R':		/* recipient rewriting ruleset */
38032Speter			i = strtorwset(p, &endp, ST_ENTER);
38032Speter			if (i < 0)
38032Speter				return;
38032Speter			if (fcode == 'S')
38032Speter				m->m_sh_rwset = m->m_se_rwset = i;
38032Speter			else
38032Speter				m->m_rh_rwset = m->m_re_rwset = i;
38032Speter
38032Speter			p = endp;
38032Speter			if (*p++ == '/')
38032Speter			{
38032Speter				i = strtorwset(p, NULL, ST_ENTER);
38032Speter				if (i < 0)
38032Speter					return;
38032Speter				if (fcode == 'S')
38032Speter					m->m_sh_rwset = i;
38032Speter				else
38032Speter					m->m_rh_rwset = i;
38032Speter			}
38032Speter			break;
38032Speter
38032Speter		  case 'E':		/* end of line string */
38032Speter			if (*p == '\0')
38032Speter				syserr("mailer %s: null end-of-line string",
38032Speter					m->m_name);
71345Sgshapiro			else
71345Sgshapiro				m->m_eol = newstr(p);
38032Speter			break;
38032Speter
38032Speter		  case 'A':		/* argument vector */
90792Sgshapiro			if (*p != '\0')	/* error is issued below */
71345Sgshapiro				m->m_argv = makeargv(p);
38032Speter			break;
38032Speter
38032Speter		  case 'M':		/* maximum message size */
38032Speter			m->m_maxsize = atol(p);
38032Speter			break;
38032Speter
64562Sgshapiro		  case 'm':		/* maximum messages per connection */
64562Sgshapiro			m->m_maxdeliveries = atoi(p);
64562Sgshapiro			break;
64562Sgshapiro
64562Sgshapiro		  case 'r':		/* max recipient per envelope */
64562Sgshapiro			m->m_maxrcpt = atoi(p);
64562Sgshapiro			break;
64562Sgshapiro
38032Speter		  case 'L':		/* maximum line length */
38032Speter			m->m_linelimit = atoi(p);
38032Speter			if (m->m_linelimit < 0)
38032Speter				m->m_linelimit = 0;
38032Speter			break;
38032Speter
38032Speter		  case 'N':		/* run niceness */
38032Speter			m->m_nice = atoi(p);
38032Speter			break;
38032Speter
38032Speter		  case 'D':		/* working directory */
38032Speter			if (*p == '\0')
38032Speter				syserr("mailer %s: null working directory",
38032Speter					m->m_name);
71345Sgshapiro			else
71345Sgshapiro				m->m_execdir = newstr(p);
38032Speter			break;
38032Speter
38032Speter		  case 'C':		/* default charset */
38032Speter			if (*p == '\0')
38032Speter				syserr("mailer %s: null charset", m->m_name);
71345Sgshapiro			else
71345Sgshapiro				m->m_defcharset = newstr(p);
38032Speter			break;
38032Speter
90792Sgshapiro		  case 'Q':		/* queue for this mailer */
90792Sgshapiro			if (*p == '\0')
90792Sgshapiro			{
90792Sgshapiro				syserr("mailer %s: null queue", m->m_name);
90792Sgshapiro				break;
90792Sgshapiro			}
90792Sgshapiro			s = stab(p, ST_QUEUE, ST_FIND);
90792Sgshapiro			if (s == NULL)
90792Sgshapiro				syserr("mailer %s: unknown queue %s",
90792Sgshapiro					m->m_name, p);
90792Sgshapiro			else
90792Sgshapiro				m->m_qgrp = s->s_quegrp->qg_index;
90792Sgshapiro			break;
90792Sgshapiro
38032Speter		  case 'T':		/* MTA-Name/Address/Diagnostic types */
38032Speter			/* extract MTA name type; default to "dns" */
38032Speter			m->m_mtatype = newstr(p);
38032Speter			p = strchr(m->m_mtatype, '/');
38032Speter			if (p != NULL)
38032Speter			{
38032Speter				*p++ = '\0';
38032Speter				if (*p == '\0')
38032Speter					p = NULL;
38032Speter			}
38032Speter			if (*m->m_mtatype == '\0')
38032Speter				m->m_mtatype = "dns";
38032Speter
38032Speter			/* extract address type; default to "rfc822" */
38032Speter			m->m_addrtype = p;
38032Speter			if (p != NULL)
38032Speter				p = strchr(p, '/');
38032Speter			if (p != NULL)
38032Speter			{
38032Speter				*p++ = '\0';
38032Speter				if (*p == '\0')
38032Speter					p = NULL;
38032Speter			}
38032Speter			if (m->m_addrtype == NULL || *m->m_addrtype == '\0')
38032Speter				m->m_addrtype = "rfc822";
38032Speter
38032Speter			/* extract diagnostic type; default to "smtp" */
38032Speter			m->m_diagtype = p;
38032Speter			if (m->m_diagtype == NULL || *m->m_diagtype == '\0')
38032Speter				m->m_diagtype = "smtp";
38032Speter			break;
38032Speter
38032Speter		  case 'U':		/* user id */
38032Speter			if (isascii(*p) && !isdigit(*p))
38032Speter			{
38032Speter				char *q = p;
38032Speter				struct passwd *pw;
38032Speter
38032Speter				while (*p != '\0' && isascii(*p) &&
285229Sgshapiro# if _FFR_DOTTED_USERNAMES
285229Sgshapiro				       (isalnum(*p) || strchr(SM_PWN_CHARS, *p) != NULL))
363466Sgshapiro# else
38032Speter				       (isalnum(*p) || strchr("-_", *p) != NULL))
363466Sgshapiro# endif
38032Speter					p++;
363466Sgshapiro				while (SM_ISSPACE(*p))
38032Speter					*p++ = '\0';
38032Speter				if (*p != '\0')
38032Speter					*p++ = '\0';
38032Speter				if (*q == '\0')
71345Sgshapiro				{
38032Speter					syserr("mailer %s: null user name",
38032Speter						m->m_name);
71345Sgshapiro					break;
71345Sgshapiro				}
38032Speter				pw = sm_getpwnam(q);
38032Speter				if (pw == NULL)
71345Sgshapiro				{
38032Speter					syserr("readcf: mailer U= flag: unknown user %s", q);
71345Sgshapiro					break;
71345Sgshapiro				}
38032Speter				else
38032Speter				{
38032Speter					m->m_uid = pw->pw_uid;
38032Speter					m->m_gid = pw->pw_gid;
38032Speter				}
38032Speter			}
38032Speter			else
38032Speter			{
38032Speter				auto char *q;
38032Speter
38032Speter				m->m_uid = strtol(p, &q, 0);
38032Speter				p = q;
363466Sgshapiro				while (SM_ISSPACE(*p))
38032Speter					p++;
38032Speter				if (*p != '\0')
38032Speter					p++;
38032Speter			}
363466Sgshapiro			while (SM_ISSPACE(*p))
38032Speter				p++;
38032Speter			if (*p == '\0')
38032Speter				break;
38032Speter			if (isascii(*p) && !isdigit(*p))
38032Speter			{
38032Speter				char *q = p;
38032Speter				struct group *gr;
38032Speter
285229Sgshapiro				while (isascii(*p) &&
285229Sgshapiro				       (isalnum(*p) || strchr(SM_PWN_CHARS, *p) != NULL))
38032Speter					p++;
38032Speter				*p++ = '\0';
38032Speter				if (*q == '\0')
71345Sgshapiro				{
38032Speter					syserr("mailer %s: null group name",
38032Speter						m->m_name);
71345Sgshapiro					break;
71345Sgshapiro				}
38032Speter				gr = getgrnam(q);
38032Speter				if (gr == NULL)
71345Sgshapiro				{
38032Speter					syserr("readcf: mailer U= flag: unknown group %s", q);
71345Sgshapiro					break;
71345Sgshapiro				}
38032Speter				else
38032Speter					m->m_gid = gr->gr_gid;
38032Speter			}
38032Speter			else
38032Speter			{
38032Speter				m->m_gid = strtol(p, NULL, 0);
38032Speter			}
38032Speter			break;
64562Sgshapiro
64562Sgshapiro		  case 'W':		/* wait timeout */
64562Sgshapiro			m->m_wait = convtime(p, 's');
64562Sgshapiro			break;
64562Sgshapiro
64562Sgshapiro		  case '/':		/* new root directory */
64562Sgshapiro			if (*p == '\0')
64562Sgshapiro				syserr("mailer %s: null root directory",
64562Sgshapiro					m->m_name);
64562Sgshapiro			else
64562Sgshapiro				m->m_rootdir = newstr(p);
64562Sgshapiro			break;
64562Sgshapiro
64562Sgshapiro		  default:
64562Sgshapiro			syserr("M%s: unknown mailer equate %c=",
64562Sgshapiro			       m->m_name, fcode);
64562Sgshapiro			break;
38032Speter		}
38032Speter
38032Speter		p = delimptr;
38032Speter	}
38032Speter
90792Sgshapiro#if !HASRRESVPORT
90792Sgshapiro	if (bitnset(M_SECURE_PORT, m->m_flags))
90792Sgshapiro	{
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "M%s: Warning: F=%c set on system that doesn't support rresvport()\n",
90792Sgshapiro				     m->m_name, M_SECURE_PORT);
90792Sgshapiro	}
90792Sgshapiro#endif /* !HASRRESVPORT */
90792Sgshapiro
90792Sgshapiro#if !HASNICE
90792Sgshapiro	if (m->m_nice != 0)
90792Sgshapiro	{
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "M%s: Warning: N= set on system that doesn't support nice()\n",
90792Sgshapiro				     m->m_name);
90792Sgshapiro	}
90792Sgshapiro#endif /* !HASNICE */
90792Sgshapiro
38032Speter	/* do some rationality checking */
38032Speter	if (m->m_argv == NULL)
38032Speter	{
38032Speter		syserr("M%s: A= argument required", m->m_name);
38032Speter		return;
38032Speter	}
38032Speter	if (m->m_mailer == NULL)
38032Speter	{
38032Speter		syserr("M%s: P= argument required", m->m_name);
38032Speter		return;
38032Speter	}
38032Speter
90792Sgshapiro	if (nextmailer >= MAXMAILERS)
38032Speter	{
38032Speter		syserr("too many mailers defined (%d max)", MAXMAILERS);
38032Speter		return;
38032Speter	}
38032Speter
64562Sgshapiro	if (m->m_maxrcpt <= 0)
64562Sgshapiro		m->m_maxrcpt = DEFAULT_MAX_RCPT;
64562Sgshapiro
38032Speter	/* do some heuristic cleanup for back compatibility */
38032Speter	if (bitnset(M_LIMITS, m->m_flags))
38032Speter	{
38032Speter		if (m->m_linelimit == 0)
38032Speter			m->m_linelimit = SMTPLINELIM;
38032Speter		if (ConfigLevel < 2)
38032Speter			setbitn(M_7BITS, m->m_flags);
38032Speter	}
38032Speter
64562Sgshapiro	if (strcmp(m->m_mailer, "[TCP]") == 0)
38032Speter	{
90792Sgshapiro		syserr("M%s: P=[TCP] must be replaced by P=[IPC]", m->m_name);
71345Sgshapiro		return;
38032Speter	}
38032Speter
90792Sgshapiro	if (strcmp(m->m_mailer, "[IPC]") == 0)
38032Speter	{
64562Sgshapiro		/* Use the second argument for host or path to socket */
64562Sgshapiro		if (m->m_argv[0] == NULL || m->m_argv[1] == NULL ||
64562Sgshapiro		    m->m_argv[1][0] == '\0')
64562Sgshapiro		{
64562Sgshapiro			syserr("M%s: too few parameters for %s mailer",
64562Sgshapiro			       m->m_name, m->m_mailer);
71345Sgshapiro			return;
64562Sgshapiro		}
66494Sgshapiro		if (strcmp(m->m_argv[0], "TCP") != 0
64562Sgshapiro#if NETUNIX
66494Sgshapiro		    && strcmp(m->m_argv[0], "FILE") != 0
363466Sgshapiro#endif
64562Sgshapiro		    )
64562Sgshapiro		{
90792Sgshapiro			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro					     "M%s: Warning: first argument in %s mailer must be %s\n",
90792Sgshapiro					     m->m_name, m->m_mailer,
64562Sgshapiro#if NETUNIX
90792Sgshapiro					     "TCP or FILE"
363466Sgshapiro#else
90792Sgshapiro					     "TCP"
363466Sgshapiro#endif
90792Sgshapiro				     );
64562Sgshapiro		}
90792Sgshapiro		if (m->m_mtatype == NULL)
90792Sgshapiro			m->m_mtatype = "dns";
90792Sgshapiro		if (m->m_addrtype == NULL)
90792Sgshapiro			m->m_addrtype = "rfc822";
90792Sgshapiro		if (m->m_diagtype == NULL)
90792Sgshapiro		{
90792Sgshapiro			if (m->m_argv[0] != NULL &&
90792Sgshapiro			    strcmp(m->m_argv[0], "FILE") == 0)
90792Sgshapiro				m->m_diagtype = "x-unix";
90792Sgshapiro			else
90792Sgshapiro				m->m_diagtype = "smtp";
90792Sgshapiro		}
64562Sgshapiro	}
64562Sgshapiro	else if (strcmp(m->m_mailer, "[FILE]") == 0)
64562Sgshapiro	{
38032Speter		/* Use the second argument for filename */
38032Speter		if (m->m_argv[0] == NULL || m->m_argv[1] == NULL ||
38032Speter		    m->m_argv[2] != NULL)
38032Speter		{
38032Speter			syserr("M%s: too %s parameters for [FILE] mailer",
38032Speter			       m->m_name,
38032Speter			       (m->m_argv[0] == NULL ||
38032Speter				m->m_argv[1] == NULL) ? "few" : "many");
71345Sgshapiro			return;
38032Speter		}
38032Speter		else if (strcmp(m->m_argv[0], "FILE") != 0)
38032Speter		{
38032Speter			syserr("M%s: first argument in [FILE] mailer must be FILE",
38032Speter			       m->m_name);
71345Sgshapiro			return;
38032Speter		}
38032Speter	}
38032Speter
38032Speter	if (m->m_eol == NULL)
38032Speter	{
38032Speter		char **pp;
38032Speter
38032Speter		/* default for SMTP is \r\n; use \n for local delivery */
38032Speter		for (pp = m->m_argv; *pp != NULL; pp++)
38032Speter		{
38032Speter			for (p = *pp; *p != '\0'; )
38032Speter			{
38032Speter				if ((*p++ & 0377) == MACROEXPAND && *p == 'u')
38032Speter					break;
38032Speter			}
38032Speter			if (*p != '\0')
38032Speter				break;
38032Speter		}
38032Speter		if (*pp == NULL)
38032Speter			m->m_eol = "\r\n";
38032Speter		else
38032Speter			m->m_eol = "\n";
38032Speter	}
38032Speter
38032Speter	/* enter the mailer into the symbol table */
38032Speter	s = stab(m->m_name, ST_MAILER, ST_ENTER);
38032Speter	if (s->s_mailer != NULL)
38032Speter	{
38032Speter		i = s->s_mailer->m_mno;
90792Sgshapiro		sm_free(s->s_mailer); /* XXX */
38032Speter	}
38032Speter	else
38032Speter	{
90792Sgshapiro		i = nextmailer++;
38032Speter	}
38032Speter	Mailer[i] = s->s_mailer = m;
38032Speter	m->m_mno = i;
38032Speter}
90792Sgshapiro/*
38032Speter**  MUNCHSTRING -- translate a string into internal form.
38032Speter**
38032Speter**	Parameters:
38032Speter**		p -- the string to munch.
38032Speter**		delimptr -- if non-NULL, set to the pointer of the
38032Speter**			field delimiter character.
38032Speter**		delim -- the delimiter for the field.
38032Speter**
38032Speter**	Returns:
38032Speter**		the munched string.
64562Sgshapiro**
64562Sgshapiro**	Side Effects:
64562Sgshapiro**		the munched string is a local static buffer.
64562Sgshapiro**		it must be copied before the function is called again.
38032Speter*/
38032Speter
38032Speterchar *
38032Spetermunchstring(p, delimptr, delim)
38032Speter	register char *p;
38032Speter	char **delimptr;
38032Speter	int delim;
38032Speter{
38032Speter	register char *q;
90792Sgshapiro	bool backslash = false;
90792Sgshapiro	bool quotemode = false;
38032Speter	static char buf[MAXLINE];
38032Speter
168515Sgshapiro	for (q = buf; *p != '\0' && q < &buf[sizeof(buf) - 1]; p++)
38032Speter	{
38032Speter		if (backslash)
38032Speter		{
38032Speter			/* everything is roughly literal */
90792Sgshapiro			backslash = false;
38032Speter			switch (*p)
38032Speter			{
38032Speter			  case 'r':		/* carriage return */
38032Speter				*q++ = '\r';
38032Speter				continue;
38032Speter
38032Speter			  case 'n':		/* newline */
38032Speter				*q++ = '\n';
38032Speter				continue;
38032Speter
38032Speter			  case 'f':		/* form feed */
38032Speter				*q++ = '\f';
38032Speter				continue;
38032Speter
38032Speter			  case 'b':		/* backspace */
38032Speter				*q++ = '\b';
38032Speter				continue;
38032Speter			}
38032Speter			*q++ = *p;
38032Speter		}
38032Speter		else
38032Speter		{
38032Speter			if (*p == '\\')
90792Sgshapiro				backslash = true;
38032Speter			else if (*p == '"')
38032Speter				quotemode = !quotemode;
38032Speter			else if (quotemode || *p != delim)
38032Speter				*q++ = *p;
38032Speter			else
38032Speter				break;
38032Speter		}
38032Speter	}
38032Speter
38032Speter	if (delimptr != NULL)
38032Speter		*delimptr = p;
38032Speter	*q++ = '\0';
64562Sgshapiro	return buf;
38032Speter}
90792Sgshapiro/*
90792Sgshapiro**  EXTRQUOTSTR -- extract a (quoted) string.
90792Sgshapiro**
90792Sgshapiro**	This routine deals with quoted (") strings and escaped
90792Sgshapiro**	spaces (\\ ).
90792Sgshapiro**
90792Sgshapiro**	Parameters:
90792Sgshapiro**		p -- source string.
90792Sgshapiro**		delimptr -- if non-NULL, set to the pointer of the
90792Sgshapiro**			field delimiter character.
90792Sgshapiro**		delimbuf -- delimiters for the field.
90792Sgshapiro**		st -- if non-NULL, store the return value (whether the
90792Sgshapiro**			string was correctly quoted) here.
90792Sgshapiro**
90792Sgshapiro**	Returns:
90792Sgshapiro**		the extracted string.
90792Sgshapiro**
90792Sgshapiro**	Side Effects:
90792Sgshapiro**		the returned string is a local static buffer.
90792Sgshapiro**		it must be copied before the function is called again.
90792Sgshapiro*/
90792Sgshapiro
90792Sgshapirostatic char *
90792Sgshapiroextrquotstr(p, delimptr, delimbuf, st)
90792Sgshapiro	register char *p;
90792Sgshapiro	char **delimptr;
90792Sgshapiro	char *delimbuf;
90792Sgshapiro	bool *st;
90792Sgshapiro{
90792Sgshapiro	register char *q;
90792Sgshapiro	bool backslash = false;
90792Sgshapiro	bool quotemode = false;
90792Sgshapiro	static char buf[MAXLINE];
90792Sgshapiro
168515Sgshapiro	for (q = buf; *p != '\0' && q < &buf[sizeof(buf) - 1]; p++)
90792Sgshapiro	{
90792Sgshapiro		if (backslash)
90792Sgshapiro		{
90792Sgshapiro			backslash = false;
90792Sgshapiro			if (*p != ' ')
90792Sgshapiro				*q++ = '\\';
90792Sgshapiro		}
90792Sgshapiro		if (*p == '\\')
90792Sgshapiro			backslash = true;
90792Sgshapiro		else if (*p == '"')
90792Sgshapiro			quotemode = !quotemode;
90792Sgshapiro		else if (quotemode ||
90792Sgshapiro			 strchr(delimbuf, (int) *p) == NULL)
90792Sgshapiro			*q++ = *p;
90792Sgshapiro		else
90792Sgshapiro			break;
90792Sgshapiro	}
90792Sgshapiro
90792Sgshapiro	if (delimptr != NULL)
90792Sgshapiro		*delimptr = p;
90792Sgshapiro	*q++ = '\0';
90792Sgshapiro	if (st != NULL)
90792Sgshapiro		*st = !(quotemode || backslash);
90792Sgshapiro	return buf;
90792Sgshapiro}
90792Sgshapiro/*
38032Speter**  MAKEARGV -- break up a string into words
38032Speter**
38032Speter**	Parameters:
38032Speter**		p -- the string to break up.
38032Speter**
38032Speter**	Returns:
38032Speter**		a char **argv (dynamically allocated)
38032Speter**
38032Speter**	Side Effects:
38032Speter**		munges p.
38032Speter*/
38032Speter
64562Sgshapirostatic char **
38032Spetermakeargv(p)
38032Speter	register char *p;
38032Speter{
38032Speter	char *q;
38032Speter	int i;
38032Speter	char **avp;
38032Speter	char *argv[MAXPV + 1];
38032Speter
38032Speter	/* take apart the words */
38032Speter	i = 0;
38032Speter	while (*p != '\0' && i < MAXPV)
38032Speter	{
38032Speter		q = p;
363466Sgshapiro		while (*p != '\0' && !(SM_ISSPACE(*p)))
38032Speter			p++;
363466Sgshapiro		while (SM_ISSPACE(*p))
38032Speter			*p++ = '\0';
38032Speter		argv[i++] = newstr(q);
38032Speter	}
38032Speter	argv[i++] = NULL;
38032Speter
38032Speter	/* now make a copy of the argv */
168515Sgshapiro	avp = (char **) xalloc(sizeof(*avp) * i);
168515Sgshapiro	memmove((char *) avp, (char *) argv, sizeof(*avp) * i);
38032Speter
64562Sgshapiro	return avp;
38032Speter}
90792Sgshapiro/*
38032Speter**  PRINTRULES -- print rewrite rules (for debugging)
38032Speter**
38032Speter**	Parameters:
38032Speter**		none.
38032Speter**
38032Speter**	Returns:
38032Speter**		none.
38032Speter**
38032Speter**	Side Effects:
38032Speter**		prints rewrite rules.
38032Speter*/
38032Speter
38032Spetervoid
38032Speterprintrules()
38032Speter{
38032Speter	register struct rewrite *rwp;
38032Speter	register int ruleset;
38032Speter
38032Speter	for (ruleset = 0; ruleset < 10; ruleset++)
38032Speter	{
38032Speter		if (RewriteRules[ruleset] == NULL)
38032Speter			continue;
132943Sgshapiro		sm_dprintf("\n----Rule Set %d:", ruleset);
38032Speter
38032Speter		for (rwp = RewriteRules[ruleset]; rwp != NULL; rwp = rwp->r_next)
38032Speter		{
132943Sgshapiro			sm_dprintf("\nLHS:");
132943Sgshapiro			printav(sm_debug_file(), rwp->r_lhs);
132943Sgshapiro			sm_dprintf("RHS:");
132943Sgshapiro			printav(sm_debug_file(), rwp->r_rhs);
38032Speter		}
38032Speter	}
38032Speter}
90792Sgshapiro/*
38032Speter**  PRINTMAILER -- print mailer structure (for debugging)
38032Speter**
38032Speter**	Parameters:
132943Sgshapiro**		fp -- output file
38032Speter**		m -- the mailer to print
38032Speter**
38032Speter**	Returns:
38032Speter**		none.
38032Speter*/
38032Speter
38032Spetervoid
132943Sgshapiroprintmailer(fp, m)
132943Sgshapiro	SM_FILE_T *fp;
38032Speter	register MAILER *m;
38032Speter{
38032Speter	int j;
38032Speter
132943Sgshapiro	(void) sm_io_fprintf(fp, SM_TIME_DEFAULT,
90792Sgshapiro			     "mailer %d (%s): P=%s S=", m->m_mno, m->m_name,
90792Sgshapiro			     m->m_mailer);
64562Sgshapiro	if (RuleSetNames[m->m_se_rwset] == NULL)
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%d/",
90792Sgshapiro				     m->m_se_rwset);
64562Sgshapiro	else
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s/",
90792Sgshapiro				     RuleSetNames[m->m_se_rwset]);
64562Sgshapiro	if (RuleSetNames[m->m_sh_rwset] == NULL)
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%d R=",
90792Sgshapiro				     m->m_sh_rwset);
64562Sgshapiro	else
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s R=",
90792Sgshapiro				     RuleSetNames[m->m_sh_rwset]);
64562Sgshapiro	if (RuleSetNames[m->m_re_rwset] == NULL)
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%d/",
90792Sgshapiro				     m->m_re_rwset);
64562Sgshapiro	else
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s/",
90792Sgshapiro				     RuleSetNames[m->m_re_rwset]);
64562Sgshapiro	if (RuleSetNames[m->m_rh_rwset] == NULL)
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%d ",
90792Sgshapiro				     m->m_rh_rwset);
64562Sgshapiro	else
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s ",
90792Sgshapiro				     RuleSetNames[m->m_rh_rwset]);
132943Sgshapiro	(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "M=%ld U=%d:%d F=",
90792Sgshapiro			     m->m_maxsize, (int) m->m_uid, (int) m->m_gid);
38032Speter	for (j = '\0'; j <= '\177'; j++)
38032Speter		if (bitnset(j, m->m_flags))
132943Sgshapiro			(void) sm_io_putc(fp, SM_TIME_DEFAULT, j);
132943Sgshapiro	(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " L=%d E=",
90792Sgshapiro			     m->m_linelimit);
132943Sgshapiro	xputs(fp, m->m_eol);
38032Speter	if (m->m_defcharset != NULL)
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " C=%s",
90792Sgshapiro				     m->m_defcharset);
132943Sgshapiro	(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " T=%s/%s/%s",
90792Sgshapiro			     m->m_mtatype == NULL
90792Sgshapiro				? "<undefined>" : m->m_mtatype,
90792Sgshapiro			     m->m_addrtype == NULL
90792Sgshapiro				? "<undefined>" : m->m_addrtype,
90792Sgshapiro			     m->m_diagtype == NULL
90792Sgshapiro				? "<undefined>" : m->m_diagtype);
132943Sgshapiro	(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " r=%d", m->m_maxrcpt);
38032Speter	if (m->m_argv != NULL)
38032Speter	{
38032Speter		char **a = m->m_argv;
38032Speter
132943Sgshapiro		(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " A=");
38032Speter		while (*a != NULL)
38032Speter		{
38032Speter			if (a != m->m_argv)
132943Sgshapiro				(void) sm_io_fprintf(fp, SM_TIME_DEFAULT,
90792Sgshapiro						     " ");
132943Sgshapiro			xputs(fp, *a++);
38032Speter		}
38032Speter	}
132943Sgshapiro	(void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "\n");
38032Speter}
285229Sgshapiro
285229Sgshapiro#if STARTTLS
285229Sgshapirostatic struct ssl_options
285229Sgshapiro{
285229Sgshapiro	const char	*sslopt_name;	/* name of the flag */
285229Sgshapiro	long		sslopt_bits;	/* bits to set/clear */
285229Sgshapiro} SSL_Option[] =
285229Sgshapiro{
285229Sgshapiro/* Workaround for bugs are turned on by default (as well as some others) */
285229Sgshapiro#ifdef SSL_OP_MICROSOFT_SESS_ID_BUG
285229Sgshapiro	{ "SSL_OP_MICROSOFT_SESS_ID_BUG",	SSL_OP_MICROSOFT_SESS_ID_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NETSCAPE_CHALLENGE_BUG
285229Sgshapiro	{ "SSL_OP_NETSCAPE_CHALLENGE_BUG",	SSL_OP_NETSCAPE_CHALLENGE_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_LEGACY_SERVER_CONNECT
285229Sgshapiro	{ "SSL_OP_LEGACY_SERVER_CONNECT",	SSL_OP_LEGACY_SERVER_CONNECT	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
285229Sgshapiro	{ "SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG",	SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
285229Sgshapiro	{ "SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG",	SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
285229Sgshapiro	{ "SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER",	SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
285229Sgshapiro	{ "SSL_OP_MSIE_SSLV2_RSA_PADDING",	SSL_OP_MSIE_SSLV2_RSA_PADDING	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG
285229Sgshapiro	{ "SSL_OP_SSLEAY_080_CLIENT_DH_BUG",	SSL_OP_SSLEAY_080_CLIENT_DH_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_TLS_D5_BUG
285229Sgshapiro	{ "SSL_OP_TLS_D5_BUG",	SSL_OP_TLS_D5_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_TLS_BLOCK_PADDING_BUG
285229Sgshapiro	{ "SSL_OP_TLS_BLOCK_PADDING_BUG",	SSL_OP_TLS_BLOCK_PADDING_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
285229Sgshapiro	{ "SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS",	SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_ALL
285229Sgshapiro	{ "SSL_OP_ALL",	SSL_OP_ALL	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NO_QUERY_MTU
285229Sgshapiro	{ "SSL_OP_NO_QUERY_MTU",	SSL_OP_NO_QUERY_MTU	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_COOKIE_EXCHANGE
285229Sgshapiro	{ "SSL_OP_COOKIE_EXCHANGE",	SSL_OP_COOKIE_EXCHANGE	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NO_TICKET
285229Sgshapiro	{ "SSL_OP_NO_TICKET",	SSL_OP_NO_TICKET	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_CISCO_ANYCONNECT
285229Sgshapiro	{ "SSL_OP_CISCO_ANYCONNECT",	SSL_OP_CISCO_ANYCONNECT	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
285229Sgshapiro	{ "SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION",	SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NO_COMPRESSION
285229Sgshapiro	{ "SSL_OP_NO_COMPRESSION",	SSL_OP_NO_COMPRESSION	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
285229Sgshapiro	{ "SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION",	SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_SINGLE_ECDH_USE
285229Sgshapiro	{ "SSL_OP_SINGLE_ECDH_USE",	SSL_OP_SINGLE_ECDH_USE	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_SINGLE_DH_USE
285229Sgshapiro	{ "SSL_OP_SINGLE_DH_USE",	SSL_OP_SINGLE_DH_USE	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_EPHEMERAL_RSA
285229Sgshapiro	{ "SSL_OP_EPHEMERAL_RSA",	SSL_OP_EPHEMERAL_RSA	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
285229Sgshapiro	{ "SSL_OP_CIPHER_SERVER_PREFERENCE",	SSL_OP_CIPHER_SERVER_PREFERENCE	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_TLS_ROLLBACK_BUG
285229Sgshapiro	{ "SSL_OP_TLS_ROLLBACK_BUG",	SSL_OP_TLS_ROLLBACK_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NO_SSLv2
285229Sgshapiro	{ "SSL_OP_NO_SSLv2",	SSL_OP_NO_SSLv2	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NO_SSLv3
285229Sgshapiro	{ "SSL_OP_NO_SSLv3",	SSL_OP_NO_SSLv3	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NO_TLSv1
285229Sgshapiro	{ "SSL_OP_NO_TLSv1",	SSL_OP_NO_TLSv1	},
285229Sgshapiro#endif
363466Sgshapiro#ifdef SSL_OP_NO_TLSv1_3
363466Sgshapiro	{ "SSL_OP_NO_TLSv1_3",	SSL_OP_NO_TLSv1_3	},
363466Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NO_TLSv1_2
285229Sgshapiro	{ "SSL_OP_NO_TLSv1_2",	SSL_OP_NO_TLSv1_2	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NO_TLSv1_1
285229Sgshapiro	{ "SSL_OP_NO_TLSv1_1",	SSL_OP_NO_TLSv1_1	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_PKCS1_CHECK_1
285229Sgshapiro	{ "SSL_OP_PKCS1_CHECK_1",	SSL_OP_PKCS1_CHECK_1	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_PKCS1_CHECK_2
285229Sgshapiro	{ "SSL_OP_PKCS1_CHECK_2",	SSL_OP_PKCS1_CHECK_2	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NETSCAPE_CA_DN_BUG
285229Sgshapiro	{ "SSL_OP_NETSCAPE_CA_DN_BUG",	SSL_OP_NETSCAPE_CA_DN_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
285229Sgshapiro	{ "SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG",	SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_CRYPTOPRO_TLSEXT_BUG
285229Sgshapiro	{ "SSL_OP_CRYPTOPRO_TLSEXT_BUG",	SSL_OP_CRYPTOPRO_TLSEXT_BUG	},
285229Sgshapiro#endif
285229Sgshapiro#ifdef SSL_OP_TLSEXT_PADDING
285229Sgshapiro	{ "SSL_OP_TLSEXT_PADDING",	SSL_OP_TLSEXT_PADDING	},
285229Sgshapiro#endif
363466Sgshapiro#ifdef SSL_OP_NO_RENEGOTIATION
363466Sgshapiro	{ "SSL_OP_NO_RENEGOTIATION",    SSL_OP_NO_RENEGOTIATION },
363466Sgshapiro#endif
363466Sgshapiro#ifdef SSL_OP_NO_ANTI_REPLAY
363466Sgshapiro	{ "SSL_OP_NO_ANTI_REPLAY",	SSL_OP_NO_ANTI_REPLAY },
363466Sgshapiro#endif
363466Sgshapiro#ifdef SSL_OP_ALLOW_NO_DHE_KEX
363466Sgshapiro	{ "SSL_OP_ALLOW_NO_DHE_KEX",	SSL_OP_ALLOW_NO_DHE_KEX },
363466Sgshapiro#endif
363466Sgshapiro#ifdef SSL_OP_NO_ENCRYPT_THEN_MAC
363466Sgshapiro	{ "SSL_OP_NO_ENCRYPT_THEN_MAC",	SSL_OP_NO_ENCRYPT_THEN_MAC },
363466Sgshapiro#endif
363466Sgshapiro#ifdef SSL_OP_ENABLE_MIDDLEBOX_COMPAT
363466Sgshapiro	{ "SSL_OP_ENABLE_MIDDLEBOX_COMPAT",	SSL_OP_ENABLE_MIDDLEBOX_COMPAT },
363466Sgshapiro#endif
363466Sgshapiro#ifdef SSL_OP_PRIORITIZE_CHACHA
363466Sgshapiro	{ "SSL_OP_PRIORITIZE_CHACHA",	SSL_OP_PRIORITIZE_CHACHA },
363466Sgshapiro#endif
285229Sgshapiro	{ NULL,		0		}
285229Sgshapiro};
285229Sgshapiro
90792Sgshapiro/*
285229Sgshapiro** READSSLOPTIONS  -- read SSL_OP_* values
285229Sgshapiro**
285229Sgshapiro**	Parameters:
285229Sgshapiro**		opt -- name of option (can be NULL)
285229Sgshapiro**		val -- string with SSL_OP_* values or hex value
285229Sgshapiro**		delim -- end of string (e.g., '\0' or ';')
285229Sgshapiro**		pssloptions -- return value (output)
285229Sgshapiro**
285229Sgshapiro**	Returns:
285229Sgshapiro**		0 on success.
285229Sgshapiro*/
285229Sgshapiro
285229Sgshapiro#define SSLOPERR_NAN	1
285229Sgshapiro#define SSLOPERR_NOTFOUND	2
285229Sgshapiro
363466Sgshapirostatic int readssloptions __P((char *, char *, unsigned long *, int ));
363466Sgshapiro
285229Sgshapirostatic int
285229Sgshapiroreadssloptions(opt, val, pssloptions, delim)
285229Sgshapiro	char *opt;
285229Sgshapiro	char *val;
285229Sgshapiro	unsigned long *pssloptions;
285229Sgshapiro	int delim;
285229Sgshapiro{
285229Sgshapiro	char *p;
285229Sgshapiro	int ret;
285229Sgshapiro
285229Sgshapiro	ret = 0;
285229Sgshapiro	for (p = val; *p != '\0' && *p != delim; )
285229Sgshapiro	{
285229Sgshapiro		bool clearmode;
285229Sgshapiro		char *q;
285229Sgshapiro		unsigned long sslopt_val;
285229Sgshapiro		struct ssl_options *sslopts;
285229Sgshapiro
285229Sgshapiro		while (*p == ' ')
285229Sgshapiro			p++;
285229Sgshapiro		if (*p == '\0')
285229Sgshapiro			break;
285229Sgshapiro		clearmode = false;
285229Sgshapiro		if (*p == '-' || *p == '+')
285229Sgshapiro			clearmode = *p++ == '-';
285229Sgshapiro		q = p;
285229Sgshapiro		while (*p != '\0' && !(SM_ISSPACE(*p)) && *p != ',')
285229Sgshapiro			p++;
285229Sgshapiro		if (*p != '\0')
285229Sgshapiro			*p++ = '\0';
285229Sgshapiro		sslopt_val = 0;
285229Sgshapiro		if (isdigit(*q))
285229Sgshapiro		{
285229Sgshapiro			char *end;
285229Sgshapiro
285229Sgshapiro			sslopt_val = strtoul(q, &end, 0);
285229Sgshapiro
285229Sgshapiro			/* not a complete "syntax" check but good enough */
285229Sgshapiro			if (end == q)
285229Sgshapiro			{
285229Sgshapiro				errno = 0;
285229Sgshapiro				ret = SSLOPERR_NAN;
285229Sgshapiro				if (opt != NULL)
285229Sgshapiro					syserr("readcf: %s option value %s not a number",
285229Sgshapiro						opt, q);
285229Sgshapiro				sslopt_val = 0;
285229Sgshapiro			}
285229Sgshapiro		}
285229Sgshapiro		else
285229Sgshapiro		{
285229Sgshapiro			for (sslopts = SSL_Option;
285229Sgshapiro			     sslopts->sslopt_name != NULL; sslopts++)
285229Sgshapiro			{
285229Sgshapiro				if (sm_strcasecmp(q, sslopts->sslopt_name) == 0)
285229Sgshapiro				{
285229Sgshapiro					sslopt_val = sslopts->sslopt_bits;
285229Sgshapiro					break;
285229Sgshapiro				}
285229Sgshapiro			}
285229Sgshapiro			if (sslopts->sslopt_name == NULL)
285229Sgshapiro			{
285229Sgshapiro				errno = 0;
285229Sgshapiro				ret = SSLOPERR_NOTFOUND;
285229Sgshapiro				if (opt != NULL)
285229Sgshapiro					syserr("readcf: %s option value %s unrecognized",
285229Sgshapiro						opt, q);
285229Sgshapiro			}
285229Sgshapiro		}
285229Sgshapiro		if (sslopt_val != 0)
285229Sgshapiro		{
285229Sgshapiro			if (clearmode)
285229Sgshapiro				*pssloptions &= ~sslopt_val;
285229Sgshapiro			else
285229Sgshapiro				*pssloptions |= sslopt_val;
285229Sgshapiro		}
285229Sgshapiro	}
285229Sgshapiro	return ret;
285229Sgshapiro}
285229Sgshapiro
285229Sgshapiro/*
285229Sgshapiro** GET_TLS_SE_OPTIONS -- get TLS session options (from ruleset)
285229Sgshapiro**
285229Sgshapiro**	Parameters:
285229Sgshapiro**		e -- envelope
285229Sgshapiro**		ssl -- TLS session context
363466Sgshapiro**		tlsi_ctx -- TLS info context
285229Sgshapiro**		srv -- server?
285229Sgshapiro**
285229Sgshapiro**	Returns:
285229Sgshapiro**		0 on success.
285229Sgshapiro*/
285229Sgshapiro
285229Sgshapiroint
363466Sgshapiroget_tls_se_options(e, ssl, tlsi_ctx, srv)
285229Sgshapiro	ENVELOPE *e;
285229Sgshapiro	SSL *ssl;
363466Sgshapiro	tlsi_ctx_T *tlsi_ctx;
285229Sgshapiro	bool srv;
285229Sgshapiro{
285229Sgshapiro	bool saveQuickAbort, saveSuprErrs, ok;
285229Sgshapiro	char *optionlist, *opt, *val;
285229Sgshapiro	char *keyfile, *certfile;
285229Sgshapiro	size_t len, i;
285229Sgshapiro	int ret;
285229Sgshapiro
285229Sgshapiro#  define who (srv ? "server" : "client")
285229Sgshapiro#  define NAME_C_S macvalue(macid(srv ? "{client_name}" : "{server_name}"), e)
285229Sgshapiro#  define ADDR_C_S macvalue(macid(srv ? "{client_addr}" : "{server_addr}"), e)
285229Sgshapiro#  define WHICH srv ? "srv" : "clt"
285229Sgshapiro
285229Sgshapiro	ret = 0;
285229Sgshapiro	keyfile = certfile = opt = val = NULL;
285229Sgshapiro	saveQuickAbort = QuickAbort;
285229Sgshapiro	saveSuprErrs = SuprErrs;
285229Sgshapiro	SuprErrs = true;
285229Sgshapiro	QuickAbort = false;
285229Sgshapiro
285229Sgshapiro	optionlist = NULL;
285229Sgshapiro	ok = rscheck(srv ? "tls_srv_features" : "tls_clt_features",
285229Sgshapiro		     NAME_C_S, ADDR_C_S, e,
285229Sgshapiro		     RSF_RMCOMM|RSF_ADDR|RSF_STRING,
285229Sgshapiro		     5, NULL, NOQID, NULL, &optionlist) == EX_OK;
285229Sgshapiro	if (!ok && LogLevel > 8)
285229Sgshapiro	{
285229Sgshapiro		sm_syslog(LOG_NOTICE, NOQID,
285229Sgshapiro			  "rscheck(tls_%s_features)=failed, relay=%s [%s], errors=%d",
285229Sgshapiro			  WHICH, NAME_C_S, ADDR_C_S,
285229Sgshapiro			  Errors);
285229Sgshapiro	}
285229Sgshapiro	QuickAbort = saveQuickAbort;
285229Sgshapiro	SuprErrs = saveSuprErrs;
285229Sgshapiro	if (ok && LogLevel > 9)
285229Sgshapiro	{
285229Sgshapiro		sm_syslog(LOG_INFO, NOQID,
285229Sgshapiro			  "tls_%s_features=%s, relay=%s [%s]",
285229Sgshapiro			  WHICH, optionlist, NAME_C_S, ADDR_C_S);
285229Sgshapiro	}
285229Sgshapiro	if (!ok || optionlist == NULL || (len = strlen(optionlist)) < 2)
285229Sgshapiro	{
285229Sgshapiro		if (LogLevel > 9)
285229Sgshapiro			sm_syslog(LOG_INFO, NOQID,
285229Sgshapiro				  "tls_%s_features=empty, relay=%s [%s]",
363466Sgshapiro				  WHICH, NAME_C_S, ADDR_C_S);
285229Sgshapiro
285229Sgshapiro		return ok ? 0 : 1;
285229Sgshapiro	}
285229Sgshapiro
285229Sgshapiro	i = 0;
285229Sgshapiro	if (optionlist[0] == '"' && optionlist[len - 1] == '"')
285229Sgshapiro	{
285229Sgshapiro		optionlist[0] = ' ';
285229Sgshapiro		optionlist[--len] = '\0';
285229Sgshapiro		if (len <= 2)
285229Sgshapiro		{
285229Sgshapiro			if (LogLevel > 9 && len > 1)
285229Sgshapiro				sm_syslog(LOG_INFO, NOQID,
285229Sgshapiro				  "tls_%s_features=too_short, relay=%s [%s]",
363466Sgshapiro				  WHICH, NAME_C_S, ADDR_C_S);
285229Sgshapiro
285229Sgshapiro			/* this is not treated as error! */
285229Sgshapiro			return 0;
285229Sgshapiro		}
285229Sgshapiro		i = 1;
285229Sgshapiro	}
285229Sgshapiro
285229Sgshapiro#  define INVALIDSYNTAX	\
285229Sgshapiro	do {	\
285229Sgshapiro		if (LogLevel > 7)	\
285229Sgshapiro			sm_syslog(LOG_INFO, NOQID,	\
285229Sgshapiro				  "tls_%s_features=invalid_syntax, opt=%s, relay=%s [%s]",	\
363466Sgshapiro				  WHICH, opt, NAME_C_S, ADDR_C_S);	\
285229Sgshapiro		return -1;	\
285229Sgshapiro	} while (0)
285229Sgshapiro
285229Sgshapiro#  define CHECKLEN	\
285229Sgshapiro	do {	\
285229Sgshapiro		if (i >= len)	\
285229Sgshapiro			INVALIDSYNTAX;	\
285229Sgshapiro	} while (0)
285229Sgshapiro
285229Sgshapiro#  define SKIPWS	\
285229Sgshapiro	do {	\
285229Sgshapiro		while (i < len && SM_ISSPACE(optionlist[i]))	\
285229Sgshapiro			++i;	\
285229Sgshapiro		CHECKLEN;	\
285229Sgshapiro	} while (0)
285229Sgshapiro
285229Sgshapiro	/* parse and handle opt=val; */
285229Sgshapiro	do {
285229Sgshapiro		char sep;
285229Sgshapiro
285229Sgshapiro		SKIPWS;
285229Sgshapiro		opt = optionlist + i;
285229Sgshapiro		sep = '=';
285229Sgshapiro		while (i < len && optionlist[i] != sep
285229Sgshapiro			&& optionlist[i] != '\0' && !SM_ISSPACE(optionlist[i]))
285229Sgshapiro			++i;
285229Sgshapiro		CHECKLEN;
285229Sgshapiro		while (i < len && SM_ISSPACE(optionlist[i]))
285229Sgshapiro			optionlist[i++] = '\0';
285229Sgshapiro		CHECKLEN;
285229Sgshapiro		if (optionlist[i] != sep)
285229Sgshapiro			INVALIDSYNTAX;
285229Sgshapiro		optionlist[i++] = '\0';
285229Sgshapiro
285229Sgshapiro		SKIPWS;
285229Sgshapiro		val = optionlist + i;
285229Sgshapiro		sep = ';';
285229Sgshapiro		while (i < len && optionlist[i] != sep && optionlist[i] != '\0')
285229Sgshapiro			++i;
285229Sgshapiro		if (optionlist[i] != '\0')
285229Sgshapiro		{
285229Sgshapiro			CHECKLEN;
285229Sgshapiro			optionlist[i++] = '\0';
285229Sgshapiro		}
285229Sgshapiro
285229Sgshapiro		if (LogLevel > 13)
285229Sgshapiro			sm_syslog(LOG_DEBUG, NOQID,
285229Sgshapiro				  "tls_%s_features=parsed, %s=%s, relay=%s [%s]",
285229Sgshapiro				  WHICH, opt, val, NAME_C_S, ADDR_C_S);
285229Sgshapiro
285229Sgshapiro		if (sm_strcasecmp(opt, "options") == 0)
285229Sgshapiro		{
285229Sgshapiro			unsigned long ssloptions;
285229Sgshapiro
285229Sgshapiro			ssloptions = 0;
285229Sgshapiro			ret = readssloptions(NULL, val, &ssloptions, ';');
285229Sgshapiro			if (ret == 0)
285229Sgshapiro				(void) SSL_set_options(ssl, (long) ssloptions);
285229Sgshapiro			else if (LogLevel > 8)
285229Sgshapiro			{
285229Sgshapiro				sm_syslog(LOG_WARNING, NOQID,
285229Sgshapiro					  "tls_%s_features=%s, error=%s, relay=%s [%s]",
285229Sgshapiro					  WHICH, val,
285229Sgshapiro					  (ret == SSLOPERR_NAN) ? "not a number" :
285229Sgshapiro					  ((ret == SSLOPERR_NOTFOUND) ? "SSL_OP not found" :
285229Sgshapiro					  "unknown"),
285229Sgshapiro					  NAME_C_S, ADDR_C_S);
285229Sgshapiro			}
285229Sgshapiro		}
285229Sgshapiro		else if (sm_strcasecmp(opt, "cipherlist") == 0)
285229Sgshapiro		{
285229Sgshapiro			if (SSL_set_cipher_list(ssl, val) <= 0)
285229Sgshapiro			{
285229Sgshapiro				ret = 1;
285229Sgshapiro				if (LogLevel > 7)
285229Sgshapiro				{
285229Sgshapiro					sm_syslog(LOG_WARNING, NOQID,
285229Sgshapiro						  "STARTTLS=%s, error: SSL_set_cipher_list(%s) failed",
285229Sgshapiro						  who, val);
285229Sgshapiro
363466Sgshapiro					tlslogerr(LOG_WARNING, 9, who);
285229Sgshapiro				}
285229Sgshapiro			}
285229Sgshapiro		}
363466Sgshapiro		else if (sm_strcasecmp(opt, "flags") == 0)
363466Sgshapiro		{
363466Sgshapiro			char *p;
363466Sgshapiro
363466Sgshapiro			for (p = val; *p != '\0'; p++)
363466Sgshapiro			{
363466Sgshapiro				if (isascii(*p) && isalnum(*p))
363466Sgshapiro					setbitn(bitidx(*p), tlsi_ctx->tlsi_flags);
363466Sgshapiro			}
363466Sgshapiro		}
285229Sgshapiro		else if (sm_strcasecmp(opt, "keyfile") == 0)
285229Sgshapiro			keyfile = val;
285229Sgshapiro		else if (sm_strcasecmp(opt, "certfile") == 0)
285229Sgshapiro			certfile = val;
285229Sgshapiro		else
285229Sgshapiro		{
285229Sgshapiro			ret = 1;
285229Sgshapiro			if (LogLevel > 7)
285229Sgshapiro			{
285229Sgshapiro				sm_syslog(LOG_INFO, NOQID,
285229Sgshapiro					  "tls_%s_features=unknown_option, opt=%s, relay=%s [%s]",
363466Sgshapiro					  WHICH, opt, NAME_C_S, ADDR_C_S);
285229Sgshapiro			}
285229Sgshapiro		}
285229Sgshapiro
285229Sgshapiro	} while (optionlist[i] != '\0' && i < len);
285229Sgshapiro
285229Sgshapiro	/* need cert and key before we can use the options */
285229Sgshapiro	/* does not implement the "," hack for 2nd cert/key pair */
285229Sgshapiro	if (keyfile != NULL && certfile != NULL)
285229Sgshapiro	{
285229Sgshapiro		load_certkey(ssl, srv, certfile, keyfile);
285229Sgshapiro		keyfile = certfile = NULL;
285229Sgshapiro	}
285229Sgshapiro	else if (keyfile != NULL || certfile != NULL)
285229Sgshapiro	{
285229Sgshapiro		ret = 1;
285229Sgshapiro		if (LogLevel > 7)
285229Sgshapiro		{
285229Sgshapiro			sm_syslog(LOG_INFO, NOQID,
285229Sgshapiro				  "tls_%s_features=only_one_of_CertFile/KeyFile_specified, relay=%s [%s]",
363466Sgshapiro				  WHICH, NAME_C_S, ADDR_C_S);
285229Sgshapiro		}
285229Sgshapiro	}
285229Sgshapiro
285229Sgshapiro	return ret;
285229Sgshapiro#  undef who
285229Sgshapiro#  undef NAME_C_S
285229Sgshapiro#  undef ADDR_C_S
285229Sgshapiro#  undef WHICH
285229Sgshapiro}
285229Sgshapiro#endif /* STARTTLS */
285229Sgshapiro
285229Sgshapiro/*
38032Speter**  SETOPTION -- set global processing option
38032Speter**
38032Speter**	Parameters:
38032Speter**		opt -- option name.
38032Speter**		val -- option value (as a text string).
38032Speter**		safe -- set if this came from a configuration file.
38032Speter**			Some options (if set from the command line) will
38032Speter**			reset the user id to avoid security problems.
38032Speter**		sticky -- if set, don't let other setoptions override
38032Speter**			this value.
38032Speter**		e -- the main envelope.
38032Speter**
38032Speter**	Returns:
38032Speter**		none.
38032Speter**
38032Speter**	Side Effects:
38032Speter**		Sets options as implied by the arguments.
38032Speter*/
38032Speter
64562Sgshapirostatic BITMAP256	StickyOpt;		/* set if option is stuck */
38032Speter
38032Speter#if NAMED_BIND
38032Speter
64562Sgshapirostatic struct resolverflags
38032Speter{
38032Speter	char	*rf_name;	/* name of the flag */
38032Speter	long	rf_bits;	/* bits to set/clear */
38032Speter} ResolverFlags[] =
38032Speter{
38032Speter	{ "debug",	RES_DEBUG	},
38032Speter	{ "aaonly",	RES_AAONLY	},
38032Speter	{ "usevc",	RES_USEVC	},
38032Speter	{ "primary",	RES_PRIMARY	},
38032Speter	{ "igntc",	RES_IGNTC	},
38032Speter	{ "recurse",	RES_RECURSE	},
38032Speter	{ "defnames",	RES_DEFNAMES	},
38032Speter	{ "stayopen",	RES_STAYOPEN	},
38032Speter	{ "dnsrch",	RES_DNSRCH	},
90792Sgshapiro# ifdef RES_USE_INET6
90792Sgshapiro	{ "use_inet6",	RES_USE_INET6	},
363466Sgshapiro# endif
363466Sgshapiro# ifdef RES_USE_EDNS0
363466Sgshapiro	{ "use_edns0",	RES_USE_EDNS0	},
363466Sgshapiro# endif
363466Sgshapiro# ifdef RES_USE_DNSSEC
363466Sgshapiro	{ "use_dnssec",	RES_USE_DNSSEC	},
363466Sgshapiro# endif
363466Sgshapiro# if RES_TRUSTAD
363466Sgshapiro	{ "trustad",	RES_TRUSTAD	},
363466Sgshapiro# endif
38032Speter	{ "true",	0		},	/* avoid error on old syntax */
363466Sgshapiro	{ "true",	0		},	/* avoid error on old syntax */
38032Speter	{ NULL,		0		}
38032Speter};
38032Speter
64562Sgshapiro#endif /* NAMED_BIND */
38032Speter
64562Sgshapiro#define OI_NONE		0	/* no special treatment */
64562Sgshapiro#define OI_SAFE		0x0001	/* safe for random people to use */
64562Sgshapiro#define OI_SUBOPT	0x0002	/* option has suboptions */
64562Sgshapiro
64562Sgshapirostatic struct optioninfo
38032Speter{
90792Sgshapiro	char		*o_name;	/* long name of option */
90792Sgshapiro	unsigned char	o_code;		/* short name of option */
90792Sgshapiro	unsigned short	o_flags;	/* option flags */
38032Speter} OptionTab[] =
38032Speter{
64562Sgshapiro#if defined(SUN_EXTENSIONS) && defined(REMOTE_MODE)
64562Sgshapiro	{ "RemoteMode",			'>',		OI_NONE	},
363466Sgshapiro#endif
64562Sgshapiro	{ "SevenBitInput",		'7',		OI_SAFE	},
64562Sgshapiro	{ "EightBitMode",		'8',		OI_SAFE	},
64562Sgshapiro	{ "AliasFile",			'A',		OI_NONE	},
64562Sgshapiro	{ "AliasWait",			'a',		OI_NONE	},
64562Sgshapiro	{ "BlankSub",			'B',		OI_NONE	},
64562Sgshapiro	{ "MinFreeBlocks",		'b',		OI_SAFE	},
64562Sgshapiro	{ "CheckpointInterval",		'C',		OI_SAFE	},
64562Sgshapiro	{ "HoldExpensive",		'c',		OI_NONE	},
64562Sgshapiro	{ "DeliveryMode",		'd',		OI_SAFE	},
64562Sgshapiro	{ "ErrorHeader",		'E',		OI_NONE	},
64562Sgshapiro	{ "ErrorMode",			'e',		OI_SAFE	},
64562Sgshapiro	{ "TempFileMode",		'F',		OI_NONE	},
64562Sgshapiro	{ "SaveFromLine",		'f',		OI_NONE	},
64562Sgshapiro	{ "MatchGECOS",			'G',		OI_NONE	},
90792Sgshapiro
90792Sgshapiro	/* no long name, just here to avoid problems in setoption */
90792Sgshapiro	{ "",				'g',		OI_NONE	},
64562Sgshapiro	{ "HelpFile",			'H',		OI_NONE	},
64562Sgshapiro	{ "MaxHopCount",		'h',		OI_NONE	},
64562Sgshapiro	{ "ResolverOptions",		'I',		OI_NONE	},
64562Sgshapiro	{ "IgnoreDots",			'i',		OI_SAFE	},
64562Sgshapiro	{ "ForwardPath",		'J',		OI_NONE	},
64562Sgshapiro	{ "SendMimeErrors",		'j',		OI_SAFE	},
64562Sgshapiro	{ "ConnectionCacheSize",	'k',		OI_NONE	},
64562Sgshapiro	{ "ConnectionCacheTimeout",	'K',		OI_NONE	},
64562Sgshapiro	{ "UseErrorsTo",		'l',		OI_NONE	},
64562Sgshapiro	{ "LogLevel",			'L',		OI_SAFE	},
64562Sgshapiro	{ "MeToo",			'm',		OI_SAFE	},
90792Sgshapiro
90792Sgshapiro	/* no long name, just here to avoid problems in setoption */
90792Sgshapiro	{ "",				'M',		OI_NONE	},
64562Sgshapiro	{ "CheckAliases",		'n',		OI_NONE	},
64562Sgshapiro	{ "OldStyleHeaders",		'o',		OI_SAFE	},
64562Sgshapiro	{ "DaemonPortOptions",		'O',		OI_NONE	},
64562Sgshapiro	{ "PrivacyOptions",		'p',		OI_SAFE	},
64562Sgshapiro	{ "PostmasterCopy",		'P',		OI_NONE	},
64562Sgshapiro	{ "QueueFactor",		'q',		OI_NONE	},
64562Sgshapiro	{ "QueueDirectory",		'Q',		OI_NONE	},
64562Sgshapiro	{ "DontPruneRoutes",		'R',		OI_NONE	},
64562Sgshapiro	{ "Timeout",			'r',		OI_SUBOPT },
64562Sgshapiro	{ "StatusFile",			'S',		OI_NONE	},
64562Sgshapiro	{ "SuperSafe",			's',		OI_SAFE	},
64562Sgshapiro	{ "QueueTimeout",		'T',		OI_NONE	},
64562Sgshapiro	{ "TimeZoneSpec",		't',		OI_NONE	},
64562Sgshapiro	{ "UserDatabaseSpec",		'U',		OI_NONE	},
64562Sgshapiro	{ "DefaultUser",		'u',		OI_NONE	},
64562Sgshapiro	{ "FallbackMXhost",		'V',		OI_NONE	},
64562Sgshapiro	{ "Verbose",			'v',		OI_SAFE	},
64562Sgshapiro	{ "TryNullMXList",		'w',		OI_NONE	},
64562Sgshapiro	{ "QueueLA",			'x',		OI_NONE	},
64562Sgshapiro	{ "RefuseLA",			'X',		OI_NONE	},
64562Sgshapiro	{ "RecipientFactor",		'y',		OI_NONE	},
64562Sgshapiro	{ "ForkEachJob",		'Y',		OI_NONE	},
64562Sgshapiro	{ "ClassFactor",		'z',		OI_NONE	},
64562Sgshapiro	{ "RetryFactor",		'Z',		OI_NONE	},
38032Speter#define O_QUEUESORTORD	0x81
64562Sgshapiro	{ "QueueSortOrder",		O_QUEUESORTORD,	OI_SAFE	},
38032Speter#define O_HOSTSFILE	0x82
64562Sgshapiro	{ "HostsFile",			O_HOSTSFILE,	OI_NONE	},
38032Speter#define O_MQA		0x83
64562Sgshapiro	{ "MinQueueAge",		O_MQA,		OI_SAFE	},
38032Speter#define O_DEFCHARSET	0x85
64562Sgshapiro	{ "DefaultCharSet",		O_DEFCHARSET,	OI_SAFE	},
38032Speter#define O_SSFILE	0x86
64562Sgshapiro	{ "ServiceSwitchFile",		O_SSFILE,	OI_NONE	},
38032Speter#define O_DIALDELAY	0x87
64562Sgshapiro	{ "DialDelay",			O_DIALDELAY,	OI_SAFE	},
38032Speter#define O_NORCPTACTION	0x88
64562Sgshapiro	{ "NoRecipientAction",		O_NORCPTACTION,	OI_SAFE	},
38032Speter#define O_SAFEFILEENV	0x89
64562Sgshapiro	{ "SafeFileEnvironment",	O_SAFEFILEENV,	OI_NONE	},
38032Speter#define O_MAXMSGSIZE	0x8a
64562Sgshapiro	{ "MaxMessageSize",		O_MAXMSGSIZE,	OI_NONE	},
38032Speter#define O_COLONOKINADDR	0x8b
64562Sgshapiro	{ "ColonOkInAddr",		O_COLONOKINADDR, OI_SAFE },
38032Speter#define O_MAXQUEUERUN	0x8c
64562Sgshapiro	{ "MaxQueueRunSize",		O_MAXQUEUERUN,	OI_SAFE	},
38032Speter#define O_MAXCHILDREN	0x8d
64562Sgshapiro	{ "MaxDaemonChildren",		O_MAXCHILDREN,	OI_NONE	},
38032Speter#define O_KEEPCNAMES	0x8e
64562Sgshapiro	{ "DontExpandCnames",		O_KEEPCNAMES,	OI_NONE	},
38032Speter#define O_MUSTQUOTE	0x8f
64562Sgshapiro	{ "MustQuoteChars",		O_MUSTQUOTE,	OI_NONE	},
38032Speter#define O_SMTPGREETING	0x90
64562Sgshapiro	{ "SmtpGreetingMessage",	O_SMTPGREETING,	OI_NONE	},
38032Speter#define O_UNIXFROM	0x91
64562Sgshapiro	{ "UnixFromLine",		O_UNIXFROM,	OI_NONE	},
38032Speter#define O_OPCHARS	0x92
64562Sgshapiro	{ "OperatorChars",		O_OPCHARS,	OI_NONE	},
38032Speter#define O_DONTINITGRPS	0x93
64562Sgshapiro	{ "DontInitGroups",		O_DONTINITGRPS,	OI_NONE	},
38032Speter#define O_SLFH		0x94
64562Sgshapiro	{ "SingleLineFromHeader",	O_SLFH,		OI_SAFE	},
38032Speter#define O_ABH		0x95
64562Sgshapiro	{ "AllowBogusHELO",		O_ABH,		OI_SAFE	},
38032Speter#define O_CONNTHROT	0x97
64562Sgshapiro	{ "ConnectionRateThrottle",	O_CONNTHROT,	OI_NONE	},
38032Speter#define O_UGW		0x99
64562Sgshapiro	{ "UnsafeGroupWrites",		O_UGW,		OI_NONE	},
38032Speter#define O_DBLBOUNCE	0x9a
64562Sgshapiro	{ "DoubleBounceAddress",	O_DBLBOUNCE,	OI_NONE	},
38032Speter#define O_HSDIR		0x9b
64562Sgshapiro	{ "HostStatusDirectory",	O_HSDIR,	OI_NONE	},
38032Speter#define O_SINGTHREAD	0x9c
64562Sgshapiro	{ "SingleThreadDelivery",	O_SINGTHREAD,	OI_NONE	},
38032Speter#define O_RUNASUSER	0x9d
64562Sgshapiro	{ "RunAsUser",			O_RUNASUSER,	OI_NONE	},
38032Speter#define O_DSN_RRT	0x9e
64562Sgshapiro	{ "RrtImpliesDsn",		O_DSN_RRT,	OI_NONE	},
38032Speter#define O_PIDFILE	0x9f
64562Sgshapiro	{ "PidFile",			O_PIDFILE,	OI_NONE	},
38032Speter#define O_DONTBLAMESENDMAIL	0xa0
64562Sgshapiro	{ "DontBlameSendmail",		O_DONTBLAMESENDMAIL,	OI_NONE	},
38032Speter#define O_DPI		0xa1
64562Sgshapiro	{ "DontProbeInterfaces",	O_DPI,		OI_NONE	},
38032Speter#define O_MAXRCPT	0xa2
64562Sgshapiro	{ "MaxRecipientsPerMessage",	O_MAXRCPT,	OI_SAFE	},
38032Speter#define O_DEADLETTER	0xa3
64562Sgshapiro	{ "DeadLetterDrop",		O_DEADLETTER,	OI_NONE	},
38032Speter#if _FFR_DONTLOCKFILESFORREAD_OPTION
64562Sgshapiro# define O_DONTLOCK	0xa4
64562Sgshapiro	{ "DontLockFilesForRead",	O_DONTLOCK,	OI_NONE	},
363466Sgshapiro#endif
38032Speter#define O_MAXALIASRCSN	0xa5
64562Sgshapiro	{ "MaxAliasRecursion",		O_MAXALIASRCSN,	OI_NONE	},
38032Speter#define O_CNCTONLYTO	0xa6
64562Sgshapiro	{ "ConnectOnlyTo",		O_CNCTONLYTO,	OI_NONE	},
42575Speter#define O_TRUSTUSER	0xa7
64562Sgshapiro	{ "TrustedUser",		O_TRUSTUSER,	OI_NONE	},
42575Speter#define O_MAXMIMEHDRLEN	0xa8
64562Sgshapiro	{ "MaxMimeHeaderLength",	O_MAXMIMEHDRLEN,	OI_NONE	},
42575Speter#define O_CONTROLSOCKET	0xa9
64562Sgshapiro	{ "ControlSocketName",		O_CONTROLSOCKET,	OI_NONE	},
43730Speter#define O_MAXHDRSLEN	0xaa
64562Sgshapiro	{ "MaxHeadersLength",		O_MAXHDRSLEN,	OI_NONE	},
64562Sgshapiro#if _FFR_MAX_FORWARD_ENTRIES
64562Sgshapiro# define O_MAXFORWARD	0xab
64562Sgshapiro	{ "MaxForwardEntries",		O_MAXFORWARD,	OI_NONE	},
363466Sgshapiro#endif
64562Sgshapiro#define O_PROCTITLEPREFIX	0xac
64562Sgshapiro	{ "ProcessTitlePrefix",		O_PROCTITLEPREFIX,	OI_NONE	},
64562Sgshapiro#define O_SASLINFO	0xad
64562Sgshapiro#if _FFR_ALLOW_SASLINFO
64562Sgshapiro	{ "DefaultAuthInfo",		O_SASLINFO,	OI_SAFE	},
363466Sgshapiro#else
64562Sgshapiro	{ "DefaultAuthInfo",		O_SASLINFO,	OI_NONE	},
363466Sgshapiro#endif
64562Sgshapiro#define O_SASLMECH	0xae
64562Sgshapiro	{ "AuthMechanisms",		O_SASLMECH,	OI_NONE	},
64562Sgshapiro#define O_CLIENTPORT	0xaf
64562Sgshapiro	{ "ClientPortOptions",		O_CLIENTPORT,	OI_NONE	},
64562Sgshapiro#define O_DF_BUFSIZE	0xb0
64562Sgshapiro	{ "DataFileBufferSize",		O_DF_BUFSIZE,	OI_NONE	},
64562Sgshapiro#define O_XF_BUFSIZE	0xb1
64562Sgshapiro	{ "XscriptFileBufferSize",	O_XF_BUFSIZE,	OI_NONE	},
90792Sgshapiro#define O_LDAPDEFAULTSPEC	0xb2
64562Sgshapiro	{ "LDAPDefaultSpec",		O_LDAPDEFAULTSPEC,	OI_NONE	},
90792Sgshapiro#define O_SRVCERTFILE	0xb4
64562Sgshapiro	{ "ServerCertFile",		O_SRVCERTFILE,	OI_NONE	},
90792Sgshapiro#define O_SRVKEYFILE	0xb5
102528Sgshapiro	{ "ServerKeyFile",		O_SRVKEYFILE,	OI_NONE	},
90792Sgshapiro#define O_CLTCERTFILE	0xb6
64562Sgshapiro	{ "ClientCertFile",		O_CLTCERTFILE,	OI_NONE	},
90792Sgshapiro#define O_CLTKEYFILE	0xb7
102528Sgshapiro	{ "ClientKeyFile",		O_CLTKEYFILE,	OI_NONE	},
90792Sgshapiro#define O_CACERTFILE	0xb8
110560Sgshapiro	{ "CACertFile",			O_CACERTFILE,	OI_NONE	},
90792Sgshapiro#define O_CACERTPATH	0xb9
110560Sgshapiro	{ "CACertPath",			O_CACERTPATH,	OI_NONE	},
90792Sgshapiro#define O_DHPARAMS	0xba
64562Sgshapiro	{ "DHParameters",		O_DHPARAMS,	OI_NONE	},
64562Sgshapiro#define O_INPUTMILTER	0xbb
64562Sgshapiro	{ "InputMailFilters",		O_INPUTMILTER,	OI_NONE	},
64562Sgshapiro#define O_MILTER	0xbc
64562Sgshapiro	{ "Milter",			O_MILTER,	OI_SUBOPT	},
64562Sgshapiro#define O_SASLOPTS	0xbd
64562Sgshapiro	{ "AuthOptions",		O_SASLOPTS,	OI_NONE	},
64562Sgshapiro#define O_QUEUE_FILE_MODE	0xbe
64562Sgshapiro	{ "QueueFileMode",		O_QUEUE_FILE_MODE, OI_NONE	},
285229Sgshapiro#define O_DIG_ALG	0xbf
285229Sgshapiro	{ "CertFingerprintAlgorithm",		O_DIG_ALG,	OI_NONE	},
285229Sgshapiro#define O_CIPHERLIST	0xc0
64562Sgshapiro	{ "CipherList",			O_CIPHERLIST,	OI_NONE	},
90792Sgshapiro#define O_RANDFILE	0xc1
64562Sgshapiro	{ "RandFile",			O_RANDFILE,	OI_NONE	},
90792Sgshapiro#define O_TLS_SRV_OPTS	0xc2
90792Sgshapiro	{ "TLSSrvOptions",		O_TLS_SRV_OPTS,	OI_NONE	},
90792Sgshapiro#define O_RCPTTHROT	0xc3
90792Sgshapiro	{ "BadRcptThrottle",		O_RCPTTHROT,	OI_SAFE	},
90792Sgshapiro#define O_DLVR_MIN	0xc4
90792Sgshapiro	{ "DeliverByMin",		O_DLVR_MIN,	OI_NONE	},
90792Sgshapiro#define O_MAXQUEUECHILDREN	0xc5
90792Sgshapiro	{ "MaxQueueChildren",		O_MAXQUEUECHILDREN,	OI_NONE	},
90792Sgshapiro#define O_MAXRUNNERSPERQUEUE	0xc6
90792Sgshapiro	{ "MaxRunnersPerQueue",		O_MAXRUNNERSPERQUEUE,	OI_NONE },
90792Sgshapiro#define O_DIRECTSUBMODIFIERS	0xc7
90792Sgshapiro	{ "DirectSubmissionModifiers",	O_DIRECTSUBMODIFIERS,	OI_NONE },
90792Sgshapiro#define O_NICEQUEUERUN	0xc8
90792Sgshapiro	{ "NiceQueueRun",		O_NICEQUEUERUN,	OI_NONE	},
90792Sgshapiro#define O_SHMKEY	0xc9
90792Sgshapiro	{ "SharedMemoryKey",		O_SHMKEY,	OI_NONE	},
90792Sgshapiro#define O_SASLBITS	0xca
90792Sgshapiro	{ "AuthMaxBits",		O_SASLBITS,	OI_NONE	},
90792Sgshapiro#define O_MBDB		0xcb
90792Sgshapiro	{ "MailboxDatabase",		O_MBDB,		OI_NONE	},
90792Sgshapiro#define O_MSQ		0xcc
90792Sgshapiro	{ "UseMSP",	O_MSQ,		OI_NONE	},
90792Sgshapiro#define O_DELAY_LA	0xcd
90792Sgshapiro	{ "DelayLA",	O_DELAY_LA,	OI_NONE	},
90792Sgshapiro#define O_FASTSPLIT	0xce
90792Sgshapiro	{ "FastSplit",	O_FASTSPLIT,	OI_NONE	},
168515Sgshapiro#define O_SOFTBOUNCE	0xcf
90792Sgshapiro	{ "SoftBounce",	O_SOFTBOUNCE,	OI_NONE	},
168515Sgshapiro#define O_SHMKEYFILE	0xd0
94334Sgshapiro	{ "SharedMemoryKeyFile",	O_SHMKEYFILE,	OI_NONE	},
132943Sgshapiro#define O_REJECTLOGINTERVAL	0xd1
110560Sgshapiro	{ "RejectLogInterval",	O_REJECTLOGINTERVAL,	OI_NONE	},
132943Sgshapiro#define O_REQUIRES_DIR_FSYNC	0xd2
110560Sgshapiro	{ "RequiresDirfsync",	O_REQUIRES_DIR_FSYNC,	OI_NONE	},
132943Sgshapiro#define O_CONNECTION_RATE_WINDOW_SIZE	0xd3
132943Sgshapiro	{ "ConnectionRateWindowSize", O_CONNECTION_RATE_WINDOW_SIZE, OI_NONE },
132943Sgshapiro#define O_CRLFILE	0xd4
132943Sgshapiro	{ "CRLFile",		O_CRLFILE,	OI_NONE	},
132943Sgshapiro#define O_FALLBACKSMARTHOST	0xd5
132943Sgshapiro	{ "FallbackSmartHost",		O_FALLBACKSMARTHOST,	OI_NONE	},
132943Sgshapiro#define O_SASLREALM	0xd6
132943Sgshapiro	{ "AuthRealm",		O_SASLREALM,	OI_NONE	},
363466Sgshapiro#define O_CRLPATH	0xd7
132943Sgshapiro	{ "CRLPath",		O_CRLPATH,	OI_NONE	},
168515Sgshapiro#define O_HELONAME 0xd8
132943Sgshapiro	{ "HeloName",   O_HELONAME,     OI_NONE },
157001Sgshapiro#if _FFR_MEMSTAT
157001Sgshapiro# define O_REFUSELOWMEM	0xd9
157001Sgshapiro	{ "RefuseLowMem",	O_REFUSELOWMEM,	OI_NONE },
157001Sgshapiro# define O_QUEUELOWMEM	0xda
157001Sgshapiro	{ "QueueLowMem",	O_QUEUELOWMEM,	OI_NONE },
157001Sgshapiro# define O_MEMRESOURCE	0xdb
157001Sgshapiro	{ "MemoryResource",	O_MEMRESOURCE,	OI_NONE },
157001Sgshapiro#endif /* _FFR_MEMSTAT */
168515Sgshapiro#define O_MAXNOOPCOMMANDS 0xdc
157001Sgshapiro	{ "MaxNOOPCommands",	O_MAXNOOPCOMMANDS,	OI_NONE },
157001Sgshapiro#if _FFR_MSG_ACCEPT
157001Sgshapiro# define O_MSG_ACCEPT 0xdd
157001Sgshapiro	{ "MessageAccept",	O_MSG_ACCEPT,	OI_NONE },
363466Sgshapiro#endif
157001Sgshapiro#if _FFR_QUEUE_RUN_PARANOIA
157001Sgshapiro# define O_CHK_Q_RUNNERS 0xde
157001Sgshapiro	{ "CheckQueueRunners",	O_CHK_Q_RUNNERS,	OI_NONE },
363466Sgshapiro#endif
168515Sgshapiro#if _FFR_EIGHT_BIT_ADDR_OK
168515Sgshapiro# if !ALLOW_255
168515Sgshapiro#  ERROR FFR_EIGHT_BIT_ADDR_OK requires _ALLOW_255
363466Sgshapiro# endif
168515Sgshapiro# define O_EIGHT_BIT_ADDR_OK	0xdf
168515Sgshapiro	{ "EightBitAddrOK",	O_EIGHT_BIT_ADDR_OK,	OI_NONE },
168515Sgshapiro#endif /* _FFR_EIGHT_BIT_ADDR_OK */
173340Sgshapiro#if _FFR_ADDR_TYPE_MODES
173340Sgshapiro# define O_ADDR_TYPE_MODES	0xe0
173340Sgshapiro	{ "AddrTypeModes",	O_ADDR_TYPE_MODES,	OI_NONE },
363466Sgshapiro#endif
182352Sgshapiro#if _FFR_BADRCPT_SHUTDOWN
182352Sgshapiro# define O_RCPTSHUTD	0xe1
182352Sgshapiro	{ "BadRcptShutdown",		O_RCPTSHUTD,	OI_SAFE },
182352Sgshapiro# define O_RCPTSHUTDG	0xe2
182352Sgshapiro	{ "BadRcptShutdownGood",	O_RCPTSHUTDG,	OI_SAFE	},
182352Sgshapiro#endif /* _FFR_BADRCPT_SHUTDOWN */
285229Sgshapiro#define O_SRV_SSL_OPTIONS	0xe3
203004Sgshapiro	{ "ServerSSLOptions",		O_SRV_SSL_OPTIONS,	OI_NONE	},
285229Sgshapiro#define O_CLT_SSL_OPTIONS	0xe4
203004Sgshapiro	{ "ClientSSLOptions",		O_CLT_SSL_OPTIONS,	OI_NONE	},
285229Sgshapiro#define O_MAX_QUEUE_AGE	0xe5
203004Sgshapiro	{ "MaxQueueAge",	O_MAX_QUEUE_AGE,	OI_NONE },
203004Sgshapiro#if _FFR_RCPTTHROTDELAY
203004Sgshapiro# define O_RCPTTHROTDELAY	0xe6
203004Sgshapiro	{ "BadRcptThrottleDelay",	O_RCPTTHROTDELAY,	OI_SAFE	},
363466Sgshapiro#endif
223067Sgshapiro#if 0 && _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
223067Sgshapiro# define O_INETQOS	0xe7	/* reserved for FFR_QOS */
223067Sgshapiro	{ "InetQoS",			O_INETQOS,	OI_NONE },
223067Sgshapiro#endif
249729Sgshapiro#if STARTTLS && _FFR_FIPSMODE
249729Sgshapiro# define O_FIPSMODE	0xe8
249729Sgshapiro	{ "FIPSMode",		O_FIPSMODE,	OI_NONE	},
363466Sgshapiro#endif
249729Sgshapiro#if _FFR_REJECT_NUL_BYTE
249729Sgshapiro# define O_REJECTNUL	0xe9
249729Sgshapiro	{ "RejectNUL",	O_REJECTNUL,	OI_SAFE	},
363466Sgshapiro#endif
285229Sgshapiro#if _FFR_BOUNCE_QUEUE
285229Sgshapiro# define O_BOUNCEQUEUE 0xea
285229Sgshapiro	{ "BounceQueue",		O_BOUNCEQUEUE,	OI_NONE },
363466Sgshapiro#endif
285229Sgshapiro#if _FFR_ADD_BCC
285229Sgshapiro# define O_ADDBCC 0xeb
285229Sgshapiro	{ "AddBcc",			O_ADDBCC,	OI_NONE },
285229Sgshapiro#endif
285229Sgshapiro#define O_USECOMPRESSEDIPV6ADDRESSES 0xec
285229Sgshapiro	{ "UseCompressedIPv6Addresses",	O_USECOMPRESSEDIPV6ADDRESSES, OI_NONE },
363466Sgshapiro#if STARTTLS
363466Sgshapiro# define O_SSLENGINE	0xed
363466Sgshapiro	{ "SSLEngine",		O_SSLENGINE,	OI_NONE	},
363466Sgshapiro# define O_SSLENGINEPATH	0xee
363466Sgshapiro	{ "SSLEnginePath",	O_SSLENGINEPATH,	OI_NONE	},
363466Sgshapiro# define O_TLSFB2CLEAR		0xef
363466Sgshapiro	{ "TLSFallbacktoClear",	O_TLSFB2CLEAR,	OI_NONE	},
363466Sgshapiro#endif
363466Sgshapiro#if DNSSEC_TEST
363466Sgshapiro# define O_NSPORTIP		0xf0
363466Sgshapiro	{ "NameServer",	O_NSPORTIP,	OI_NONE	},
363466Sgshapiro#endif
363466Sgshapiro#if DANE
363466Sgshapiro# define O_DANE		0xf1
363466Sgshapiro	{ "DANE",	O_DANE,	OI_NONE	},
363466Sgshapiro#endif
363466Sgshapiro#if DNSSEC_TEST
363466Sgshapiro# define O_NSSRCHLIST		0xf2
363466Sgshapiro	{ "NameSearchList",	O_NSSRCHLIST,	OI_NONE	},
363466Sgshapiro#endif
363466Sgshapiro#if _FFR_BLANKENV_MACV
363466Sgshapiro# define O_HACKS	0xf4
363466Sgshapiro	{ "Hacks",		O_HACKS,	OI_NONE	},
363466Sgshapiro#endif
363466Sgshapiro#if _FFR_KEEPBCC
363466Sgshapiro# define O_KEEPBCC	0xf3
363466Sgshapiro	{ "KeepBcc",		O_KEEPBCC,	OI_NONE	},
363466Sgshapiro#endif
132943Sgshapiro
363466Sgshapiro#if _FFR_CLIENTCA
363466Sgshapiro#define O_CLTCACERTFILE	0xf5
363466Sgshapiro	{ "ClientCACertFile",			O_CLTCACERTFILE, OI_NONE },
363466Sgshapiro#define O_CLTCACERTPATH	0xf6
363466Sgshapiro	{ "ClientCACertPath",			O_CLTCACERTPATH, OI_NONE },
363466Sgshapiro#endif
363466Sgshapiro#if _FFR_TLS_ALTNAMES
363466Sgshapiro# define O_CHECKALTNAMES 0xf7
363466Sgshapiro	{ "SetCertAltnames",			O_CHECKALTNAMES, OI_NONE },
363466Sgshapiro#endif
363466Sgshapiro
64562Sgshapiro	{ NULL,				'\0',		OI_NONE	}
38032Speter};
38032Speter
90792Sgshapiro# define CANONIFY(val)
90792Sgshapiro
90792Sgshapiro# define SET_OPT_DEFAULT(opt, val)	opt = val
90792Sgshapiro
90792Sgshapiro/* set a string option by expanding the value and assigning it */
90792Sgshapiro/* WARNING this belongs ONLY into a case statement! */
90792Sgshapiro#define SET_STRING_EXP(str)	\
168515Sgshapiro		expand(val, exbuf, sizeof(exbuf), e);	\
90792Sgshapiro		newval = sm_pstrdup_x(exbuf);		\
90792Sgshapiro		if (str != NULL)	\
90792Sgshapiro			sm_free(str);	\
90792Sgshapiro		CANONIFY(newval);	\
90792Sgshapiro		str = newval;		\
90792Sgshapiro		break
90792Sgshapiro
90792Sgshapiro#define OPTNAME	o->o_name == NULL ? "<unknown>" : o->o_name
90792Sgshapiro
38032Spetervoid
38032Spetersetoption(opt, val, safe, sticky, e)
38032Speter	int opt;
38032Speter	char *val;
38032Speter	bool safe;
38032Speter	bool sticky;
38032Speter	register ENVELOPE *e;
38032Speter{
38032Speter	register char *p;
38032Speter	register struct optioninfo *o;
38032Speter	char *subopt;
363466Sgshapiro	int i;
38032Speter	bool can_setuid = RunAsUid == 0;
38032Speter	auto char *ep;
38032Speter	char buf[50];
38032Speter	extern bool Warn_Q_option;
64562Sgshapiro#if _FFR_ALLOW_SASLINFO
90792Sgshapiro	extern unsigned int SubmitMode;
363466Sgshapiro#endif
168515Sgshapiro#if STARTTLS || SM_CONF_SHM
90792Sgshapiro	char *newval;
90792Sgshapiro	char exbuf[MAXLINE];
363466Sgshapiro#endif
285229Sgshapiro#if STARTTLS
285229Sgshapiro	unsigned long *pssloptions = NULL;
285229Sgshapiro#endif
38032Speter
38032Speter	errno = 0;
38032Speter	if (opt == ' ')
38032Speter	{
38032Speter		/* full word options */
38032Speter		struct optioninfo *sel;
38032Speter
38032Speter		p = strchr(val, '=');
38032Speter		if (p == NULL)
38032Speter			p = &val[strlen(val)];
38032Speter		while (*--p == ' ')
38032Speter			continue;
38032Speter		while (*++p == ' ')
38032Speter			*p = '\0';
38032Speter		if (p == val)
38032Speter		{
38032Speter			syserr("readcf: null option name");
38032Speter			return;
38032Speter		}
38032Speter		if (*p == '=')
38032Speter			*p++ = '\0';
38032Speter		while (*p == ' ')
38032Speter			p++;
38032Speter		subopt = strchr(val, '.');
38032Speter		if (subopt != NULL)
38032Speter			*subopt++ = '\0';
38032Speter		sel = NULL;
38032Speter		for (o = OptionTab; o->o_name != NULL; o++)
38032Speter		{
90792Sgshapiro			if (sm_strncasecmp(o->o_name, val, strlen(val)) != 0)
38032Speter				continue;
38032Speter			if (strlen(o->o_name) == strlen(val))
38032Speter			{
38032Speter				/* completely specified -- this must be it */
38032Speter				sel = NULL;
38032Speter				break;
38032Speter			}
38032Speter			if (sel != NULL)
38032Speter				break;
38032Speter			sel = o;
38032Speter		}
38032Speter		if (sel != NULL && o->o_name == NULL)
38032Speter			o = sel;
38032Speter		else if (o->o_name == NULL)
38032Speter		{
38032Speter			syserr("readcf: unknown option name %s", val);
38032Speter			return;
38032Speter		}
38032Speter		else if (sel != NULL)
38032Speter		{
38032Speter			syserr("readcf: ambiguous option name %s (matches %s and %s)",
38032Speter				val, sel->o_name, o->o_name);
38032Speter			return;
38032Speter		}
38032Speter		if (strlen(val) != strlen(o->o_name))
38032Speter		{
38032Speter			int oldVerbose = Verbose;
38032Speter
38032Speter			Verbose = 1;
38032Speter			message("Option %s used as abbreviation for %s",
38032Speter				val, o->o_name);
38032Speter			Verbose = oldVerbose;
38032Speter		}
38032Speter		opt = o->o_code;
38032Speter		val = p;
38032Speter	}
38032Speter	else
38032Speter	{
38032Speter		for (o = OptionTab; o->o_name != NULL; o++)
38032Speter		{
38032Speter			if (o->o_code == opt)
38032Speter				break;
38032Speter		}
90792Sgshapiro		if (o->o_name == NULL)
90792Sgshapiro		{
90792Sgshapiro			syserr("readcf: unknown option name 0x%x", opt & 0xff);
90792Sgshapiro			return;
90792Sgshapiro		}
38032Speter		subopt = NULL;
38032Speter	}
38032Speter
64562Sgshapiro	if (subopt != NULL && !bitset(OI_SUBOPT, o->o_flags))
64562Sgshapiro	{
64562Sgshapiro		if (tTd(37, 1))
90792Sgshapiro			sm_dprintf("setoption: %s does not support suboptions, ignoring .%s\n",
90792Sgshapiro				   OPTNAME, subopt);
64562Sgshapiro		subopt = NULL;
64562Sgshapiro	}
64562Sgshapiro
38032Speter	if (tTd(37, 1))
38032Speter	{
90792Sgshapiro		sm_dprintf(isascii(opt) && isprint(opt) ?
90792Sgshapiro			   "setoption %s (%c)%s%s=" :
90792Sgshapiro			   "setoption %s (0x%x)%s%s=",
90792Sgshapiro			   OPTNAME, opt, subopt == NULL ? "" : ".",
90792Sgshapiro			   subopt == NULL ? "" : subopt);
132943Sgshapiro		xputs(sm_debug_file(), val);
38032Speter	}
38032Speter
38032Speter	/*
38032Speter	**  See if this option is preset for us.
38032Speter	*/
38032Speter
38032Speter	if (!sticky && bitnset(opt, StickyOpt))
38032Speter	{
38032Speter		if (tTd(37, 1))
90792Sgshapiro			sm_dprintf(" (ignored)\n");
38032Speter		return;
38032Speter	}
38032Speter
38032Speter	/*
38032Speter	**  Check to see if this option can be specified by this user.
38032Speter	*/
38032Speter
38032Speter	if (!safe && RealUid == 0)
90792Sgshapiro		safe = true;
64562Sgshapiro	if (!safe && !bitset(OI_SAFE, o->o_flags))
38032Speter	{
38032Speter		if (opt != 'M' || (val[0] != 'r' && val[0] != 's'))
38032Speter		{
64562Sgshapiro			int dp;
64562Sgshapiro
38032Speter			if (tTd(37, 1))
90792Sgshapiro				sm_dprintf(" (unsafe)");
90792Sgshapiro			dp = drop_privileges(true);
64562Sgshapiro			setstat(dp);
38032Speter		}
38032Speter	}
38032Speter	if (tTd(37, 1))
90792Sgshapiro		sm_dprintf("\n");
38032Speter
38032Speter	switch (opt & 0xff)
38032Speter	{
38032Speter	  case '7':		/* force seven-bit input */
38032Speter		SevenBitInput = atobool(val);
38032Speter		break;
38032Speter
77349Sgshapiro	  case '8':		/* handling of 8-bit input */
38032Speter#if MIME8TO7
38032Speter		switch (*val)
38032Speter		{
90792Sgshapiro		  case 'p':		/* pass 8 bit, convert MIME */
90792Sgshapiro			MimeMode = MM_CVTMIME|MM_PASS8BIT;
90792Sgshapiro			break;
90792Sgshapiro
38032Speter		  case 'm':		/* convert 8-bit, convert MIME */
38032Speter			MimeMode = MM_CVTMIME|MM_MIME8BIT;
38032Speter			break;
38032Speter
38032Speter		  case 's':		/* strict adherence */
38032Speter			MimeMode = MM_CVTMIME;
38032Speter			break;
38032Speter
64562Sgshapiro# if 0
38032Speter		  case 'r':		/* reject 8-bit, don't convert MIME */
38032Speter			MimeMode = 0;
38032Speter			break;
38032Speter
38032Speter		  case 'j':		/* "just send 8" */
38032Speter			MimeMode = MM_PASS8BIT;
38032Speter			break;
38032Speter
38032Speter		  case 'a':		/* encode 8 bit if available */
38032Speter			MimeMode = MM_MIME8BIT|MM_PASS8BIT|MM_CVTMIME;
38032Speter			break;
38032Speter
38032Speter		  case 'c':		/* convert 8 bit to MIME, never 7 bit */
38032Speter			MimeMode = MM_MIME8BIT;
38032Speter			break;
64562Sgshapiro# endif /* 0 */
38032Speter
38032Speter		  default:
38032Speter			syserr("Unknown 8-bit mode %c", *val);
90792Sgshapiro			finis(false, true, EX_USAGE);
38032Speter		}
77349Sgshapiro#else /* MIME8TO7 */
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "Warning: Option: %s requires MIME8TO7 support\n",
90792Sgshapiro				     OPTNAME);
77349Sgshapiro#endif /* MIME8TO7 */
38032Speter		break;
38032Speter
38032Speter	  case 'A':		/* set default alias file */
38032Speter		if (val[0] == '\0')
90792Sgshapiro		{
90792Sgshapiro			char *al;
90792Sgshapiro
90792Sgshapiro			SET_OPT_DEFAULT(al, "aliases");
90792Sgshapiro			setalias(al);
90792Sgshapiro		}
38032Speter		else
38032Speter			setalias(val);
38032Speter		break;
38032Speter
38032Speter	  case 'a':		/* look N minutes for "@:@" in alias file */
38032Speter		if (val[0] == '\0')
90792Sgshapiro			SafeAlias = 5 MINUTES;
38032Speter		else
38032Speter			SafeAlias = convtime(val, 'm');
38032Speter		break;
38032Speter
38032Speter	  case 'B':		/* substitution for blank character */
38032Speter		SpaceSub = val[0];
38032Speter		if (SpaceSub == '\0')
38032Speter			SpaceSub = ' ';
38032Speter		break;
38032Speter
38032Speter	  case 'b':		/* min blocks free on queue fs/max msg size */
38032Speter		p = strchr(val, '/');
38032Speter		if (p != NULL)
38032Speter		{
38032Speter			*p++ = '\0';
38032Speter			MaxMessageSize = atol(p);
38032Speter		}
38032Speter		MinBlocksFree = atol(val);
38032Speter		break;
38032Speter
38032Speter	  case 'c':		/* don't connect to "expensive" mailers */
38032Speter		NoConnect = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case 'C':		/* checkpoint every N addresses */
132943Sgshapiro		if (safe || CheckpointInterval > atoi(val))
132943Sgshapiro			CheckpointInterval = atoi(val);
38032Speter		break;
38032Speter
38032Speter	  case 'd':		/* delivery mode */
38032Speter		switch (*val)
38032Speter		{
38032Speter		  case '\0':
64562Sgshapiro			set_delivery_mode(SM_DELIVER, e);
38032Speter			break;
38032Speter
38032Speter		  case SM_QUEUE:	/* queue only */
38032Speter		  case SM_DEFER:	/* queue only and defer map lookups */
38032Speter		  case SM_DELIVER:	/* do everything */
38032Speter		  case SM_FORK:		/* fork after verification */
157001Sgshapiro#if _FFR_DM_ONE
157001Sgshapiro		/* deliver first TA in background, then queue */
157001Sgshapiro		  case SM_DM_ONE:
363466Sgshapiro#endif
64562Sgshapiro			set_delivery_mode(*val, e);
38032Speter			break;
38032Speter
285229Sgshapiro#if _FFR_PROXY
285229Sgshapiro		  case SM_PROXY_REQ:
285229Sgshapiro			set_delivery_mode(*val, e);
285229Sgshapiro			break;
285229Sgshapiro#endif /* _FFR_PROXY */
223067Sgshapiro
38032Speter		  default:
38032Speter			syserr("Unknown delivery mode %c", *val);
90792Sgshapiro			finis(false, true, EX_USAGE);
38032Speter		}
38032Speter		break;
38032Speter
38032Speter	  case 'E':		/* error message header/header file */
38032Speter		if (*val != '\0')
38032Speter			ErrMsgFile = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case 'e':		/* set error processing mode */
38032Speter		switch (*val)
38032Speter		{
38032Speter		  case EM_QUIET:	/* be silent about it */
38032Speter		  case EM_MAIL:		/* mail back */
38032Speter		  case EM_BERKNET:	/* do berknet error processing */
38032Speter		  case EM_WRITE:	/* write back (or mail) */
38032Speter		  case EM_PRINT:	/* print errors normally (default) */
38032Speter			e->e_errormode = *val;
38032Speter			break;
38032Speter		}
38032Speter		break;
38032Speter
38032Speter	  case 'F':		/* file mode */
38032Speter		FileMode = atooct(val) & 0777;
38032Speter		break;
38032Speter
38032Speter	  case 'f':		/* save Unix-style From lines on front */
38032Speter		SaveFrom = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case 'G':		/* match recipients against GECOS field */
38032Speter		MatchGecos = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case 'g':		/* default gid */
38032Speter  g_opt:
38032Speter		if (isascii(*val) && isdigit(*val))
38032Speter			DefGid = atoi(val);
38032Speter		else
38032Speter		{
38032Speter			register struct group *gr;
38032Speter
38032Speter			DefGid = -1;
38032Speter			gr = getgrnam(val);
38032Speter			if (gr == NULL)
38032Speter				syserr("readcf: option %c: unknown group %s",
38032Speter					opt, val);
38032Speter			else
38032Speter				DefGid = gr->gr_gid;
38032Speter		}
38032Speter		break;
38032Speter
38032Speter	  case 'H':		/* help file */
38032Speter		if (val[0] == '\0')
90792Sgshapiro		{
90792Sgshapiro			SET_OPT_DEFAULT(HelpFile, "helpfile");
90792Sgshapiro		}
38032Speter		else
73188Sgshapiro		{
90792Sgshapiro			CANONIFY(val);
38032Speter			HelpFile = newstr(val);
73188Sgshapiro		}
38032Speter		break;
38032Speter
38032Speter	  case 'h':		/* maximum hop count */
38032Speter		MaxHopCount = atoi(val);
38032Speter		break;
38032Speter
38032Speter	  case 'I':		/* use internet domain name server */
38032Speter#if NAMED_BIND
38032Speter		for (p = val; *p != 0; )
38032Speter		{
38032Speter			bool clearmode;
38032Speter			char *q;
38032Speter			struct resolverflags *rfp;
38032Speter
38032Speter			while (*p == ' ')
38032Speter				p++;
38032Speter			if (*p == '\0')
38032Speter				break;
90792Sgshapiro			clearmode = false;
38032Speter			if (*p == '-')
90792Sgshapiro				clearmode = true;
38032Speter			else if (*p != '+')
38032Speter				p--;
38032Speter			p++;
38032Speter			q = p;
363466Sgshapiro			while (*p != '\0' && !(SM_ISSPACE(*p)))
38032Speter				p++;
38032Speter			if (*p != '\0')
38032Speter				*p++ = '\0';
90792Sgshapiro			if (sm_strcasecmp(q, "HasWildcardMX") == 0)
38032Speter			{
38032Speter				HasWildcardMX = !clearmode;
38032Speter				continue;
38032Speter			}
73188Sgshapiro			if (sm_strcasecmp(q, "WorkAroundBrokenAAAA") == 0)
73188Sgshapiro			{
73188Sgshapiro				WorkAroundBrokenAAAA = !clearmode;
73188Sgshapiro				continue;
73188Sgshapiro			}
38032Speter			for (rfp = ResolverFlags; rfp->rf_name != NULL; rfp++)
38032Speter			{
90792Sgshapiro				if (sm_strcasecmp(q, rfp->rf_name) == 0)
38032Speter					break;
38032Speter			}
38032Speter			if (rfp->rf_name == NULL)
38032Speter				syserr("readcf: I option value %s unrecognized", q);
38032Speter			else if (clearmode)
38032Speter				_res.options &= ~rfp->rf_bits;
38032Speter			else
38032Speter				_res.options |= rfp->rf_bits;
38032Speter		}
38032Speter		if (tTd(8, 2))
90792Sgshapiro			sm_dprintf("_res.options = %x, HasWildcardMX = %d\n",
90792Sgshapiro				   (unsigned int) _res.options, HasWildcardMX);
64562Sgshapiro#else /* NAMED_BIND */
38032Speter		usrerr("name server (I option) specified but BIND not compiled in");
64562Sgshapiro#endif /* NAMED_BIND */
38032Speter		break;
38032Speter
38032Speter	  case 'i':		/* ignore dot lines in message */
38032Speter		IgnrDot = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case 'j':		/* send errors in MIME (RFC 1341) format */
38032Speter		SendMIMEErrors = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case 'J':		/* .forward search path */
90792Sgshapiro		CANONIFY(val);
38032Speter		ForwardPath = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case 'k':		/* connection cache size */
38032Speter		MaxMciCache = atoi(val);
38032Speter		if (MaxMciCache < 0)
38032Speter			MaxMciCache = 0;
38032Speter		break;
38032Speter
38032Speter	  case 'K':		/* connection cache timeout */
38032Speter		MciCacheTimeout = convtime(val, 'm');
38032Speter		break;
38032Speter
38032Speter	  case 'l':		/* use Errors-To: header */
38032Speter		UseErrorsTo = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case 'L':		/* log level */
38032Speter		if (safe || LogLevel < atoi(val))
38032Speter			LogLevel = atoi(val);
38032Speter		break;
38032Speter
38032Speter	  case 'M':		/* define macro */
90792Sgshapiro		sticky = false;
363466Sgshapiro		i = macid_parse(val, &ep);
363466Sgshapiro		if (i == 0)
71345Sgshapiro			break;
38032Speter		p = newstr(ep);
38032Speter		if (!safe)
120256Sgshapiro			cleanstrcpy(p, p, strlen(p) + 1);
363466Sgshapiro		macdefine(&CurEnv->e_macro, A_TEMP, i, p);
38032Speter		break;
38032Speter
38032Speter	  case 'm':		/* send to me too */
38032Speter		MeToo = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case 'n':		/* validate RHS in newaliases */
38032Speter		CheckAliases = atobool(val);
38032Speter		break;
38032Speter
38032Speter	    /* 'N' available -- was "net name" */
38032Speter
38032Speter	  case 'O':		/* daemon options */
64562Sgshapiro		if (!setdaemonoptions(val))
64562Sgshapiro			syserr("too many daemons defined (%d max)", MAXDAEMONS);
38032Speter		break;
38032Speter
38032Speter	  case 'o':		/* assume old style headers */
38032Speter		if (atobool(val))
38032Speter			CurEnv->e_flags |= EF_OLDSTYLE;
38032Speter		else
38032Speter			CurEnv->e_flags &= ~EF_OLDSTYLE;
38032Speter		break;
38032Speter
38032Speter	  case 'p':		/* select privacy level */
38032Speter		p = val;
38032Speter		for (;;)
38032Speter		{
38032Speter			register struct prival *pv;
38032Speter			extern struct prival PrivacyValues[];
38032Speter
38032Speter			while (isascii(*p) && (isspace(*p) || ispunct(*p)))
38032Speter				p++;
38032Speter			if (*p == '\0')
38032Speter				break;
38032Speter			val = p;
38032Speter			while (isascii(*p) && isalnum(*p))
38032Speter				p++;
38032Speter			if (*p != '\0')
38032Speter				*p++ = '\0';
38032Speter
38032Speter			for (pv = PrivacyValues; pv->pv_name != NULL; pv++)
38032Speter			{
90792Sgshapiro				if (sm_strcasecmp(val, pv->pv_name) == 0)
38032Speter					break;
38032Speter			}
38032Speter			if (pv->pv_name == NULL)
38032Speter				syserr("readcf: Op line: %s unrecognized", val);
71345Sgshapiro			else
71345Sgshapiro				PrivacyFlags |= pv->pv_flag;
38032Speter		}
90792Sgshapiro		sticky = false;
38032Speter		break;
38032Speter
38032Speter	  case 'P':		/* postmaster copy address for returned mail */
38032Speter		PostMasterCopy = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case 'q':		/* slope of queue only function */
38032Speter		QueueFactor = atoi(val);
38032Speter		break;
38032Speter
38032Speter	  case 'Q':		/* queue directory */
38032Speter		if (val[0] == '\0')
66494Sgshapiro		{
38032Speter			QueueDir = "mqueue";
66494Sgshapiro		}
38032Speter		else
66494Sgshapiro		{
38032Speter			QueueDir = newstr(val);
66494Sgshapiro		}
38032Speter		if (RealUid != 0 && !safe)
90792Sgshapiro			Warn_Q_option = true;
38032Speter		break;
38032Speter
38032Speter	  case 'R':		/* don't prune routes */
38032Speter		DontPruneRoutes = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case 'r':		/* read timeout */
38032Speter		if (subopt == NULL)
64562Sgshapiro			inittimeouts(val, sticky);
38032Speter		else
64562Sgshapiro			settimeout(subopt, val, sticky);
38032Speter		break;
38032Speter
38032Speter	  case 'S':		/* status file */
38032Speter		if (val[0] == '\0')
90792Sgshapiro		{
90792Sgshapiro			SET_OPT_DEFAULT(StatFile, "statistics");
90792Sgshapiro		}
38032Speter		else
73188Sgshapiro		{
90792Sgshapiro			CANONIFY(val);
38032Speter			StatFile = newstr(val);
73188Sgshapiro		}
38032Speter		break;
38032Speter
38032Speter	  case 's':		/* be super safe, even if expensive */
90792Sgshapiro		if (tolower(*val) == 'i')
90792Sgshapiro			SuperSafe = SAFE_INTERACTIVE;
132943Sgshapiro		else if (tolower(*val) == 'p')
132943Sgshapiro#if MILTER
132943Sgshapiro			SuperSafe = SAFE_REALLY_POSTMILTER;
132943Sgshapiro#else /* MILTER */
132943Sgshapiro			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
132943Sgshapiro				"Warning: SuperSafe=PostMilter requires Milter support (-DMILTER)\n");
132943Sgshapiro#endif /* MILTER */
90792Sgshapiro		else
90792Sgshapiro			SuperSafe = atobool(val) ? SAFE_REALLY : SAFE_NO;
38032Speter		break;
38032Speter
38032Speter	  case 'T':		/* queue timeout */
38032Speter		p = strchr(val, '/');
38032Speter		if (p != NULL)
38032Speter		{
38032Speter			*p++ = '\0';
64562Sgshapiro			settimeout("queuewarn", p, sticky);
38032Speter		}
64562Sgshapiro		settimeout("queuereturn", val, sticky);
38032Speter		break;
38032Speter
38032Speter	  case 't':		/* time zone name */
38032Speter		TimeZoneSpec = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case 'U':		/* location of user database */
38032Speter		UdbSpec = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case 'u':		/* set default uid */
38032Speter		for (p = val; *p != '\0'; p++)
38032Speter		{
94334Sgshapiro# if _FFR_DOTTED_USERNAMES
90792Sgshapiro			if (*p == '/' || *p == ':')
363466Sgshapiro# else
38032Speter			if (*p == '.' || *p == '/' || *p == ':')
363466Sgshapiro# endif
38032Speter			{
38032Speter				*p++ = '\0';
38032Speter				break;
38032Speter			}
38032Speter		}
38032Speter		if (isascii(*val) && isdigit(*val))
38032Speter		{
38032Speter			DefUid = atoi(val);
38032Speter			setdefuser();
38032Speter		}
38032Speter		else
38032Speter		{
38032Speter			register struct passwd *pw;
38032Speter
38032Speter			DefUid = -1;
38032Speter			pw = sm_getpwnam(val);
38032Speter			if (pw == NULL)
71345Sgshapiro			{
38032Speter				syserr("readcf: option u: unknown user %s", val);
71345Sgshapiro				break;
71345Sgshapiro			}
38032Speter			else
38032Speter			{
38032Speter				DefUid = pw->pw_uid;
38032Speter				DefGid = pw->pw_gid;
38032Speter				DefUser = newstr(pw->pw_name);
38032Speter			}
38032Speter		}
38032Speter
90792Sgshapiro# ifdef UID_MAX
38032Speter		if (DefUid > UID_MAX)
38032Speter		{
38032Speter			syserr("readcf: option u: uid value (%ld) > UID_MAX (%ld); ignored",
90792Sgshapiro				(long)DefUid, (long)UID_MAX);
71345Sgshapiro			break;
38032Speter		}
90792Sgshapiro# endif /* UID_MAX */
38032Speter
38032Speter		/* handle the group if it is there */
38032Speter		if (*p == '\0')
38032Speter			break;
38032Speter		val = p;
38032Speter		goto g_opt;
38032Speter
38032Speter	  case 'V':		/* fallback MX host */
38032Speter		if (val[0] != '\0')
132943Sgshapiro			FallbackMX = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case 'v':		/* run in verbose mode */
38032Speter		Verbose = atobool(val) ? 1 : 0;
38032Speter		break;
38032Speter
38032Speter	  case 'w':		/* if we are best MX, try host directly */
38032Speter		TryNullMXList = atobool(val);
38032Speter		break;
38032Speter
38032Speter	    /* 'W' available -- was wizard password */
38032Speter
38032Speter	  case 'x':		/* load avg at which to auto-queue msgs */
38032Speter		QueueLA = atoi(val);
38032Speter		break;
38032Speter
90792Sgshapiro	  case 'X':	/* load avg at which to auto-reject connections */
38032Speter		RefuseLA = atoi(val);
38032Speter		break;
38032Speter
90792Sgshapiro	  case O_DELAY_LA:	/* load avg at which to delay connections */
90792Sgshapiro		DelayLA = atoi(val);
90792Sgshapiro		break;
90792Sgshapiro
38032Speter	  case 'y':		/* work recipient factor */
38032Speter		WkRecipFact = atoi(val);
38032Speter		break;
38032Speter
38032Speter	  case 'Y':		/* fork jobs during queue runs */
38032Speter		ForkQueueRuns = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case 'z':		/* work message class factor */
38032Speter		WkClassFact = atoi(val);
38032Speter		break;
38032Speter
38032Speter	  case 'Z':		/* work time factor */
38032Speter		WkTimeFact = atoi(val);
38032Speter		break;
38032Speter
64562Sgshapiro
94334Sgshapiro#if _FFR_QUEUE_GROUP_SORTORDER
94334Sgshapiro	/* coordinate this with makequeue() */
363466Sgshapiro#endif
38032Speter	  case O_QUEUESORTORD:	/* queue sorting order */
38032Speter		switch (*val)
38032Speter		{
90792Sgshapiro		  case 'f':	/* File Name */
90792Sgshapiro		  case 'F':
90792Sgshapiro			QueueSortOrder = QSO_BYFILENAME;
90792Sgshapiro			break;
90792Sgshapiro
38032Speter		  case 'h':	/* Host first */
38032Speter		  case 'H':
64562Sgshapiro			QueueSortOrder = QSO_BYHOST;
38032Speter			break;
38032Speter
90792Sgshapiro		  case 'm':	/* Modification time */
90792Sgshapiro		  case 'M':
90792Sgshapiro			QueueSortOrder = QSO_BYMODTIME;
90792Sgshapiro			break;
90792Sgshapiro
38032Speter		  case 'p':	/* Priority order */
38032Speter		  case 'P':
64562Sgshapiro			QueueSortOrder = QSO_BYPRIORITY;
38032Speter			break;
38032Speter
38032Speter		  case 't':	/* Submission time */
38032Speter		  case 'T':
64562Sgshapiro			QueueSortOrder = QSO_BYTIME;
38032Speter			break;
38032Speter
90792Sgshapiro		  case 'r':	/* Random */
90792Sgshapiro		  case 'R':
90792Sgshapiro			QueueSortOrder = QSO_RANDOM;
64562Sgshapiro			break;
64562Sgshapiro
90792Sgshapiro#if _FFR_RHS
90792Sgshapiro		  case 's':	/* Shuffled host name */
90792Sgshapiro		  case 'S':
90792Sgshapiro			QueueSortOrder = QSO_BYSHUFFLE;
90792Sgshapiro			break;
90792Sgshapiro#endif /* _FFR_RHS */
90792Sgshapiro
132943Sgshapiro		  case 'n':	/* none */
132943Sgshapiro		  case 'N':
132943Sgshapiro			QueueSortOrder = QSO_NONE;
64562Sgshapiro			break;
64562Sgshapiro
64562Sgshapiro		  default:
132943Sgshapiro			syserr("Invalid queue sort order \"%s\"", val);
64562Sgshapiro		}
64562Sgshapiro		break;
64562Sgshapiro
38032Speter	  case O_HOSTSFILE:	/* pathname of /etc/hosts file */
90792Sgshapiro		CANONIFY(val);
38032Speter		HostsFile = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case O_MQA:		/* minimum queue age between deliveries */
38032Speter		MinQueueAge = convtime(val, 'm');
38032Speter		break;
38032Speter
203004Sgshapiro	  case O_MAX_QUEUE_AGE:
203004Sgshapiro		MaxQueueAge = convtime(val, 'm');
203004Sgshapiro		break;
203004Sgshapiro
38032Speter	  case O_DEFCHARSET:	/* default character set for mimefying */
90792Sgshapiro		DefaultCharSet = newstr(denlstring(val, true, true));
38032Speter		break;
38032Speter
38032Speter	  case O_SSFILE:	/* service switch file */
90792Sgshapiro		CANONIFY(val);
38032Speter		ServiceSwitchFile = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case O_DIALDELAY:	/* delay for dial-on-demand operation */
38032Speter		DialDelay = convtime(val, 's');
38032Speter		break;
38032Speter
38032Speter	  case O_NORCPTACTION:	/* what to do if no recipient */
90792Sgshapiro		if (sm_strcasecmp(val, "none") == 0)
38032Speter			NoRecipientAction = NRA_NO_ACTION;
90792Sgshapiro		else if (sm_strcasecmp(val, "add-to") == 0)
38032Speter			NoRecipientAction = NRA_ADD_TO;
90792Sgshapiro		else if (sm_strcasecmp(val, "add-apparently-to") == 0)
38032Speter			NoRecipientAction = NRA_ADD_APPARENTLY_TO;
90792Sgshapiro		else if (sm_strcasecmp(val, "add-bcc") == 0)
38032Speter			NoRecipientAction = NRA_ADD_BCC;
90792Sgshapiro		else if (sm_strcasecmp(val, "add-to-undisclosed") == 0)
38032Speter			NoRecipientAction = NRA_ADD_TO_UNDISCLOSED;
38032Speter		else
38032Speter			syserr("Invalid NoRecipientAction: %s", val);
38032Speter		break;
38032Speter
38032Speter	  case O_SAFEFILEENV:	/* chroot() environ for writing to files */
94334Sgshapiro		if (*val == '\0')
94334Sgshapiro			break;
94334Sgshapiro
94334Sgshapiro		/* strip trailing slashes */
94334Sgshapiro		p = val + strlen(val) - 1;
94334Sgshapiro		while (p >= val && *p == '/')
94334Sgshapiro			*p-- = '\0';
94334Sgshapiro
94334Sgshapiro		if (*val == '\0')
94334Sgshapiro			break;
94334Sgshapiro
38032Speter		SafeFileEnv = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case O_MAXMSGSIZE:	/* maximum message size */
38032Speter		MaxMessageSize = atol(val);
38032Speter		break;
38032Speter
38032Speter	  case O_COLONOKINADDR:	/* old style handling of colon addresses */
38032Speter		ColonOkInAddr = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case O_MAXQUEUERUN:	/* max # of jobs in a single queue run */
90792Sgshapiro		MaxQueueRun = atoi(val);
38032Speter		break;
38032Speter
38032Speter	  case O_MAXCHILDREN:	/* max # of children of daemon */
38032Speter		MaxChildren = atoi(val);
38032Speter		break;
38032Speter
90792Sgshapiro	  case O_MAXQUEUECHILDREN: /* max # of children of daemon */
90792Sgshapiro		MaxQueueChildren = atoi(val);
90792Sgshapiro		break;
90792Sgshapiro
90792Sgshapiro	  case O_MAXRUNNERSPERQUEUE: /* max # runners in a queue group */
90792Sgshapiro		MaxRunnersPerQueue = atoi(val);
90792Sgshapiro		break;
90792Sgshapiro
90792Sgshapiro	  case O_NICEQUEUERUN:		/* nice queue runs */
90792Sgshapiro#if !HASNICE
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "Warning: NiceQueueRun set on system that doesn't support nice()\n");
363466Sgshapiro#endif
90792Sgshapiro
90792Sgshapiro		/* XXX do we want to check the range? > 0 ? */
90792Sgshapiro		NiceQueueRun = atoi(val);
90792Sgshapiro		break;
90792Sgshapiro
94334Sgshapiro	  case O_SHMKEY:		/* shared memory key */
90792Sgshapiro#if SM_CONF_SHM
90792Sgshapiro		ShmKey = atol(val);
90792Sgshapiro#else /* SM_CONF_SHM */
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "Warning: Option: %s requires shared memory support (-DSM_CONF_SHM)\n",
90792Sgshapiro				     OPTNAME);
90792Sgshapiro#endif /* SM_CONF_SHM */
90792Sgshapiro		break;
90792Sgshapiro
94334Sgshapiro	  case O_SHMKEYFILE:		/* shared memory key file */
168515Sgshapiro#if SM_CONF_SHM
98841Sgshapiro		SET_STRING_EXP(ShmKeyFile);
168515Sgshapiro#else /* SM_CONF_SHM */
94334Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
94334Sgshapiro				     "Warning: Option: %s requires shared memory support (-DSM_CONF_SHM)\n",
94334Sgshapiro				     OPTNAME);
98841Sgshapiro		break;
168515Sgshapiro#endif /* SM_CONF_SHM */
94334Sgshapiro
64562Sgshapiro#if _FFR_MAX_FORWARD_ENTRIES
64562Sgshapiro	  case O_MAXFORWARD:	/* max # of forward entries */
64562Sgshapiro		MaxForwardEntries = atoi(val);
64562Sgshapiro		break;
363466Sgshapiro#endif
64562Sgshapiro
38032Speter	  case O_KEEPCNAMES:	/* don't expand CNAME records */
38032Speter		DontExpandCnames = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case O_MUSTQUOTE:	/* must quote these characters in phrases */
168515Sgshapiro		(void) sm_strlcpy(buf, "@,;:\\()[]", sizeof(buf));
168515Sgshapiro		if (strlen(val) < sizeof(buf) - 10)
168515Sgshapiro			(void) sm_strlcat(buf, val, sizeof(buf));
64562Sgshapiro		else
90792Sgshapiro			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro					     "Warning: MustQuoteChars too long, ignored.\n");
38032Speter		MustQuoteChars = newstr(buf);
38032Speter		break;
38032Speter
38032Speter	  case O_SMTPGREETING:	/* SMTP greeting message (old $e macro) */
38032Speter		SmtpGreeting = newstr(munchstring(val, NULL, '\0'));
38032Speter		break;
38032Speter
38032Speter	  case O_UNIXFROM:	/* UNIX From_ line (old $l macro) */
38032Speter		UnixFromLine = newstr(munchstring(val, NULL, '\0'));
38032Speter		break;
38032Speter
38032Speter	  case O_OPCHARS:	/* operator characters (old $o macro) */
64562Sgshapiro		if (OperatorChars != NULL)
90792Sgshapiro			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro					     "Warning: OperatorChars is being redefined.\n         It should only be set before ruleset definitions.\n");
38032Speter		OperatorChars = newstr(munchstring(val, NULL, '\0'));
38032Speter		break;
38032Speter
38032Speter	  case O_DONTINITGRPS:	/* don't call initgroups(3) */
38032Speter		DontInitGroups = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case O_SLFH:		/* make sure from fits on one line */
38032Speter		SingleLineFromHeader = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case O_ABH:		/* allow HELO commands with syntax errors */
38032Speter		AllowBogusHELO = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case O_CONNTHROT:	/* connection rate throttle */
38032Speter		ConnRateThrottle = atoi(val);
38032Speter		break;
38032Speter
38032Speter	  case O_UGW:		/* group writable files are unsafe */
38032Speter		if (!atobool(val))
64562Sgshapiro		{
64562Sgshapiro			setbitn(DBS_GROUPWRITABLEFORWARDFILESAFE,
64562Sgshapiro				DontBlameSendmail);
64562Sgshapiro			setbitn(DBS_GROUPWRITABLEINCLUDEFILESAFE,
64562Sgshapiro				DontBlameSendmail);
64562Sgshapiro		}
38032Speter		break;
38032Speter
38032Speter	  case O_DBLBOUNCE:	/* address to which to send double bounces */
90792Sgshapiro		DoubleBounceAddr = newstr(val);
38032Speter		break;
38032Speter
38032Speter	  case O_HSDIR:		/* persistent host status directory */
38032Speter		if (val[0] != '\0')
73188Sgshapiro		{
90792Sgshapiro			CANONIFY(val);
38032Speter			HostStatDir = newstr(val);
73188Sgshapiro		}
38032Speter		break;
38032Speter
38032Speter	  case O_SINGTHREAD:	/* single thread deliveries (requires hsdir) */
38032Speter		SingleThreadDelivery = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case O_RUNASUSER:	/* run bulk of code as this user */
38032Speter		for (p = val; *p != '\0'; p++)
38032Speter		{
94334Sgshapiro# if _FFR_DOTTED_USERNAMES
90792Sgshapiro			if (*p == '/' || *p == ':')
363466Sgshapiro# else
38032Speter			if (*p == '.' || *p == '/' || *p == ':')
363466Sgshapiro# endif
38032Speter			{
38032Speter				*p++ = '\0';
38032Speter				break;
38032Speter			}
38032Speter		}
38032Speter		if (isascii(*val) && isdigit(*val))
38032Speter		{
38032Speter			if (can_setuid)
38032Speter				RunAsUid = atoi(val);
38032Speter		}
38032Speter		else
38032Speter		{
38032Speter			register struct passwd *pw;
38032Speter
38032Speter			pw = sm_getpwnam(val);
38032Speter			if (pw == NULL)
71345Sgshapiro			{
38032Speter				syserr("readcf: option RunAsUser: unknown user %s", val);
71345Sgshapiro				break;
71345Sgshapiro			}
38032Speter			else if (can_setuid)
38032Speter			{
38032Speter				if (*p == '\0')
38032Speter					RunAsUserName = newstr(val);
38032Speter				RunAsUid = pw->pw_uid;
38032Speter				RunAsGid = pw->pw_gid;
38032Speter			}
90792Sgshapiro			else if (EffGid == pw->pw_gid)
90792Sgshapiro				RunAsGid = pw->pw_gid;
90792Sgshapiro			else if (UseMSP && *p == '\0')
90792Sgshapiro				(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
285229Sgshapiro						     "WARNING: RunAsUser for MSP ignored, check group ids (egid=%ld, want=%ld)\n",
285229Sgshapiro						     (long) EffGid,
285229Sgshapiro						     (long) pw->pw_gid);
38032Speter		}
90792Sgshapiro# ifdef UID_MAX
38032Speter		if (RunAsUid > UID_MAX)
38032Speter		{
38032Speter			syserr("readcf: option RunAsUser: uid value (%ld) > UID_MAX (%ld); ignored",
71345Sgshapiro				(long) RunAsUid, (long) UID_MAX);
71345Sgshapiro			break;
38032Speter		}
90792Sgshapiro# endif /* UID_MAX */
38032Speter		if (*p != '\0')
38032Speter		{
38032Speter			if (isascii(*p) && isdigit(*p))
38032Speter			{
90792Sgshapiro				gid_t runasgid;
90792Sgshapiro
90792Sgshapiro				runasgid = (gid_t) atoi(p);
90792Sgshapiro				if (can_setuid || EffGid == runasgid)
90792Sgshapiro					RunAsGid = runasgid;
90792Sgshapiro				else if (UseMSP)
90792Sgshapiro					(void) sm_io_fprintf(smioout,
90792Sgshapiro							     SM_TIME_DEFAULT,
285229Sgshapiro							     "WARNING: RunAsUser for MSP ignored, check group ids (egid=%ld, want=%ld)\n",
285229Sgshapiro							     (long) EffGid,
285229Sgshapiro							     (long) runasgid);
38032Speter			}
38032Speter			else
38032Speter			{
38032Speter				register struct group *gr;
64562Sgshapiro
38032Speter				gr = getgrnam(p);
38032Speter				if (gr == NULL)
38032Speter					syserr("readcf: option RunAsUser: unknown group %s",
38032Speter						p);
90792Sgshapiro				else if (can_setuid || EffGid == gr->gr_gid)
38032Speter					RunAsGid = gr->gr_gid;
90792Sgshapiro				else if (UseMSP)
90792Sgshapiro					(void) sm_io_fprintf(smioout,
90792Sgshapiro							     SM_TIME_DEFAULT,
285229Sgshapiro							     "WARNING: RunAsUser for MSP ignored, check group ids (egid=%ld, want=%ld)\n",
285229Sgshapiro							     (long) EffGid,
285229Sgshapiro							     (long) gr->gr_gid);
38032Speter			}
38032Speter		}
38032Speter		if (tTd(47, 5))
90792Sgshapiro			sm_dprintf("readcf: RunAsUser = %d:%d\n",
90792Sgshapiro				   (int) RunAsUid, (int) RunAsGid);
38032Speter		break;
38032Speter
38032Speter	  case O_DSN_RRT:
38032Speter		RrtImpliesDsn = atobool(val);
38032Speter		break;
38032Speter
38032Speter	  case O_PIDFILE:
90792Sgshapiro		PSTRSET(PidFile, val);
38032Speter		break;
38032Speter
90792Sgshapiro	  case O_DONTBLAMESENDMAIL:
38032Speter		p = val;
38032Speter		for (;;)
38032Speter		{
38032Speter			register struct dbsval *dbs;
38032Speter			extern struct dbsval DontBlameSendmailValues[];
38032Speter
38032Speter			while (isascii(*p) && (isspace(*p) || ispunct(*p)))
38032Speter				p++;
38032Speter			if (*p == '\0')
38032Speter				break;
38032Speter			val = p;
38032Speter			while (isascii(*p) && isalnum(*p))
38032Speter				p++;
38032Speter			if (*p != '\0')
38032Speter				*p++ = '\0';
38032Speter
38032Speter			for (dbs = DontBlameSendmailValues;
38032Speter			     dbs->dbs_name != NULL; dbs++)
38032Speter			{
90792Sgshapiro				if (sm_strcasecmp(val, dbs->dbs_name) == 0)
38032Speter					break;
38032Speter			}
38032Speter			if (dbs->dbs_name == NULL)
38032Speter				syserr("readcf: DontBlameSendmail option: %s unrecognized", val);
38032Speter			else if (dbs->dbs_flag == DBS_SAFE)
64562Sgshapiro				clrbitmap(DontBlameSendmail);
38032Speter			else
64562Sgshapiro				setbitn(dbs->dbs_flag, DontBlameSendmail);
38032Speter		}
90792Sgshapiro		sticky = false;
38032Speter		break;
38032Speter
38032Speter	  case O_DPI:
90792Sgshapiro		if (sm_strcasecmp(val, "loopback") == 0)
90792Sgshapiro			DontProbeInterfaces = DPI_SKIPLOOPBACK;
90792Sgshapiro		else if (atobool(val))
90792Sgshapiro			DontProbeInterfaces = DPI_PROBENONE;
90792Sgshapiro		else
90792Sgshapiro			DontProbeInterfaces = DPI_PROBEALL;
38032Speter		break;
38032Speter
38032Speter	  case O_MAXRCPT:
38032Speter		MaxRcptPerMsg = atoi(val);
38032Speter		break;
38032Speter
90792Sgshapiro	  case O_RCPTTHROT:
90792Sgshapiro		BadRcptThrottle = atoi(val);
90792Sgshapiro		break;
90792Sgshapiro
203004Sgshapiro#if _FFR_RCPTTHROTDELAY
203004Sgshapiro	  case O_RCPTTHROTDELAY:
203004Sgshapiro		BadRcptThrottleDelay = atoi(val);
203004Sgshapiro		break;
363466Sgshapiro#endif
203004Sgshapiro
38032Speter	  case O_DEADLETTER:
90792Sgshapiro		CANONIFY(val);
90792Sgshapiro		PSTRSET(DeadLetterDrop, val);
38032Speter		break;
38032Speter
38032Speter#if _FFR_DONTLOCKFILESFORREAD_OPTION
38032Speter	  case O_DONTLOCK:
38032Speter		DontLockReadFiles = atobool(val);
38032Speter		break;
363466Sgshapiro#endif
38032Speter
38032Speter	  case O_MAXALIASRCSN:
38032Speter		MaxAliasRecursion = atoi(val);
38032Speter		break;
38032Speter
38032Speter	  case O_CNCTONLYTO:
38032Speter		/* XXX should probably use gethostbyname */
64562Sgshapiro#if NETINET || NETINET6
363466Sgshapiro		i = 0;
363466Sgshapiro		if ((subopt = strchr(val, '@')) != NULL)
363466Sgshapiro		{
363466Sgshapiro			*subopt = '\0';
363466Sgshapiro			i = (int) strtoul(val, NULL, 0);
363466Sgshapiro
363466Sgshapiro			/* stricter checks? probably not useful. */
363466Sgshapiro			if (i > USHRT_MAX)
363466Sgshapiro			{
363466Sgshapiro				syserr("readcf: option ConnectOnlyTo: invalid port %s",
363466Sgshapiro					val);
363466Sgshapiro				break;
363466Sgshapiro			}
363466Sgshapiro			val = subopt + 1;
363466Sgshapiro		}
90792Sgshapiro		ConnectOnlyTo.sa.sa_family = AF_UNSPEC;
64562Sgshapiro# if NETINET6
90792Sgshapiro		if (anynet_pton(AF_INET6, val,
223067Sgshapiro				&ConnectOnlyTo.sin6.sin6_addr) == 1)
363466Sgshapiro		{
64562Sgshapiro			ConnectOnlyTo.sa.sa_family = AF_INET6;
363466Sgshapiro			if (i != 0)
363466Sgshapiro				ConnectOnlyTo.sin6.sin6_port = htons(i);
363466Sgshapiro		}
64562Sgshapiro		else
64562Sgshapiro# endif /* NETINET6 */
90792Sgshapiro# if NETINET
64562Sgshapiro		{
64562Sgshapiro			ConnectOnlyTo.sin.sin_addr.s_addr = inet_addr(val);
90792Sgshapiro			if (ConnectOnlyTo.sin.sin_addr.s_addr != INADDR_NONE)
90792Sgshapiro				ConnectOnlyTo.sa.sa_family = AF_INET;
363466Sgshapiro			if (i != 0)
363466Sgshapiro				ConnectOnlyTo.sin.sin_port = htons(i);
64562Sgshapiro		}
90792Sgshapiro
90792Sgshapiro# endif /* NETINET */
90792Sgshapiro		if (ConnectOnlyTo.sa.sa_family == AF_UNSPEC)
90792Sgshapiro		{
90792Sgshapiro			syserr("readcf: option ConnectOnlyTo: invalid IP address %s",
90792Sgshapiro			       val);
90792Sgshapiro			break;
90792Sgshapiro		}
64562Sgshapiro#endif /* NETINET || NETINET6 */
38032Speter		break;
38032Speter
42575Speter	  case O_TRUSTUSER:
90792Sgshapiro# if !HASFCHOWN && !defined(_FFR_DROP_TRUSTUSER_WARNING)
90792Sgshapiro		if (!UseMSP)
90792Sgshapiro			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro					     "readcf: option TrustedUser may cause problems on systems\n        which do not support fchown() if UseMSP is not set.\n");
90792Sgshapiro# endif /* !HASFCHOWN && !defined(_FFR_DROP_TRUSTUSER_WARNING) */
38032Speter		if (isascii(*val) && isdigit(*val))
42575Speter			TrustedUid = atoi(val);
38032Speter		else
38032Speter		{
38032Speter			register struct passwd *pw;
38032Speter
42575Speter			TrustedUid = 0;
38032Speter			pw = sm_getpwnam(val);
38032Speter			if (pw == NULL)
71345Sgshapiro			{
42575Speter				syserr("readcf: option TrustedUser: unknown user %s", val);
71345Sgshapiro				break;
71345Sgshapiro			}
38032Speter			else
42575Speter				TrustedUid = pw->pw_uid;
38032Speter		}
38032Speter
64562Sgshapiro# ifdef UID_MAX
42575Speter		if (TrustedUid > UID_MAX)
38032Speter		{
42575Speter			syserr("readcf: option TrustedUser: uid value (%ld) > UID_MAX (%ld)",
71345Sgshapiro				(long) TrustedUid, (long) UID_MAX);
42575Speter			TrustedUid = 0;
38032Speter		}
64562Sgshapiro# endif /* UID_MAX */
38032Speter		break;
38032Speter
42575Speter	  case O_MAXMIMEHDRLEN:
42575Speter		p = strchr(val, '/');
42575Speter		if (p != NULL)
42575Speter			*p++ = '\0';
42575Speter		MaxMimeHeaderLength = atoi(val);
42575Speter		if (p != NULL && *p != '\0')
42575Speter			MaxMimeFieldLength = atoi(p);
42575Speter		else
42575Speter			MaxMimeFieldLength = MaxMimeHeaderLength / 2;
42575Speter
120256Sgshapiro		if (MaxMimeHeaderLength <= 0)
42575Speter			MaxMimeHeaderLength = 0;
42575Speter		else if (MaxMimeHeaderLength < 128)
90792Sgshapiro			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro					     "Warning: MaxMimeHeaderLength: header length limit set lower than 128\n");
42575Speter
120256Sgshapiro		if (MaxMimeFieldLength <= 0)
42575Speter			MaxMimeFieldLength = 0;
42575Speter		else if (MaxMimeFieldLength < 40)
90792Sgshapiro			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro					     "Warning: MaxMimeHeaderLength: field length limit set lower than 40\n");
168515Sgshapiro
168515Sgshapiro		/*
168515Sgshapiro		**  Headers field values now include leading space, so let's
168515Sgshapiro		**  adjust the values to be "backward compatible".
168515Sgshapiro		*/
168515Sgshapiro
168515Sgshapiro		if (MaxMimeHeaderLength > 0)
168515Sgshapiro			MaxMimeHeaderLength++;
168515Sgshapiro		if (MaxMimeFieldLength > 0)
168515Sgshapiro			MaxMimeFieldLength++;
42575Speter		break;
42575Speter
42575Speter	  case O_CONTROLSOCKET:
90792Sgshapiro		PSTRSET(ControlSocketName, val);
42575Speter		break;
42575Speter
43730Speter	  case O_MAXHDRSLEN:
43730Speter		MaxHeadersLength = atoi(val);
43148Speter
43730Speter		if (MaxHeadersLength > 0 &&
43730Speter		    MaxHeadersLength < (MAXHDRSLEN / 2))
90792Sgshapiro			(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro					     "Warning: MaxHeadersLength: headers length limit set lower than %d\n",
90792Sgshapiro					     (MAXHDRSLEN / 2));
43148Speter		break;
43148Speter
64562Sgshapiro	  case O_PROCTITLEPREFIX:
90792Sgshapiro		PSTRSET(ProcTitlePrefix, val);
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro#if SASL
64562Sgshapiro	  case O_SASLINFO:
90792Sgshapiro# if _FFR_ALLOW_SASLINFO
64562Sgshapiro		/*
90792Sgshapiro		**  Allow users to select their own authinfo file
90792Sgshapiro		**  under certain circumstances, otherwise just ignore
90792Sgshapiro		**  the option.  If the option isn't ignored, several
90792Sgshapiro		**  commands don't work very well, e.g., mailq.
64562Sgshapiro		**  However, this is not a "perfect" solution.
64562Sgshapiro		**  If mail is queued, the authentication info
64562Sgshapiro		**  will not be used in subsequent delivery attempts.
64562Sgshapiro		**  If we really want to support this, then it has
64562Sgshapiro		**  to be stored in the queue file.
64562Sgshapiro		*/
64562Sgshapiro		if (!bitset(SUBMIT_MSA, SubmitMode) && RealUid != 0 &&
64562Sgshapiro		    RunAsUid != RealUid)
64562Sgshapiro			break;
90792Sgshapiro# endif /* _FFR_ALLOW_SASLINFO */
90792Sgshapiro		PSTRSET(SASLInfo, val);
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case O_SASLMECH:
64562Sgshapiro		if (AuthMechanisms != NULL)
90792Sgshapiro			sm_free(AuthMechanisms); /* XXX */
64562Sgshapiro		if (*val != '\0')
64562Sgshapiro			AuthMechanisms = newstr(val);
64562Sgshapiro		else
64562Sgshapiro			AuthMechanisms = NULL;
64562Sgshapiro		break;
64562Sgshapiro
132943Sgshapiro	  case O_SASLREALM:
132943Sgshapiro		if (AuthRealm != NULL)
132943Sgshapiro			sm_free(AuthRealm);
132943Sgshapiro		if (*val != '\0')
132943Sgshapiro			AuthRealm = newstr(val);
132943Sgshapiro		else
132943Sgshapiro			AuthRealm = NULL;
132943Sgshapiro		break;
132943Sgshapiro
64562Sgshapiro	  case O_SASLOPTS:
64562Sgshapiro		while (val != NULL && *val != '\0')
64562Sgshapiro		{
90792Sgshapiro			switch (*val)
64562Sgshapiro			{
64562Sgshapiro			  case 'A':
64562Sgshapiro				SASLOpts |= SASL_AUTH_AUTH;
64562Sgshapiro				break;
110560Sgshapiro
64562Sgshapiro			  case 'a':
64562Sgshapiro				SASLOpts |= SASL_SEC_NOACTIVE;
64562Sgshapiro				break;
110560Sgshapiro
64562Sgshapiro			  case 'c':
64562Sgshapiro				SASLOpts |= SASL_SEC_PASS_CREDENTIALS;
64562Sgshapiro				break;
110560Sgshapiro
64562Sgshapiro			  case 'd':
64562Sgshapiro				SASLOpts |= SASL_SEC_NODICTIONARY;
64562Sgshapiro				break;
110560Sgshapiro
64562Sgshapiro			  case 'f':
64562Sgshapiro				SASLOpts |= SASL_SEC_FORWARD_SECRECY;
64562Sgshapiro				break;
110560Sgshapiro
98121Sgshapiro#  if SASL >= 20101
98121Sgshapiro			  case 'm':
98121Sgshapiro				SASLOpts |= SASL_SEC_MUTUAL_AUTH;
98121Sgshapiro				break;
98121Sgshapiro#  endif /* SASL >= 20101 */
110560Sgshapiro
64562Sgshapiro			  case 'p':
64562Sgshapiro				SASLOpts |= SASL_SEC_NOPLAINTEXT;
64562Sgshapiro				break;
110560Sgshapiro
64562Sgshapiro			  case 'y':
64562Sgshapiro				SASLOpts |= SASL_SEC_NOANONYMOUS;
64562Sgshapiro				break;
110560Sgshapiro
90792Sgshapiro			  case ' ':	/* ignore */
90792Sgshapiro			  case '\t':	/* ignore */
90792Sgshapiro			  case ',':	/* ignore */
90792Sgshapiro				break;
110560Sgshapiro
64562Sgshapiro			  default:
90792Sgshapiro				(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro						     "Warning: Option: %s unknown parameter '%c'\n",
90792Sgshapiro						     OPTNAME,
90792Sgshapiro						     (isascii(*val) &&
90792Sgshapiro							isprint(*val))
90792Sgshapiro							? *val : '?');
64562Sgshapiro				break;
64562Sgshapiro			}
64562Sgshapiro			++val;
64562Sgshapiro			val = strpbrk(val, ", \t");
64562Sgshapiro			if (val != NULL)
64562Sgshapiro				++val;
64562Sgshapiro		}
64562Sgshapiro		break;
110560Sgshapiro
90792Sgshapiro	  case O_SASLBITS:
90792Sgshapiro		MaxSLBits = atoi(val);
90792Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro#else /* SASL */
64562Sgshapiro	  case O_SASLINFO:
64562Sgshapiro	  case O_SASLMECH:
132943Sgshapiro	  case O_SASLREALM:
64562Sgshapiro	  case O_SASLOPTS:
90792Sgshapiro	  case O_SASLBITS:
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "Warning: Option: %s requires SASL support (-DSASL)\n",
90792Sgshapiro				     OPTNAME);
64562Sgshapiro		break;
64562Sgshapiro#endif /* SASL */
64562Sgshapiro
64562Sgshapiro#if STARTTLS
363466Sgshapiro	  case O_TLSFB2CLEAR:
363466Sgshapiro		TLSFallbacktoClear = atobool(val);
363466Sgshapiro		break;
64562Sgshapiro	  case O_SRVCERTFILE:
110560Sgshapiro		SET_STRING_EXP(SrvCertFile);
64562Sgshapiro	  case O_SRVKEYFILE:
110560Sgshapiro		SET_STRING_EXP(SrvKeyFile);
64562Sgshapiro	  case O_CLTCERTFILE:
110560Sgshapiro		SET_STRING_EXP(CltCertFile);
64562Sgshapiro	  case O_CLTKEYFILE:
110560Sgshapiro		SET_STRING_EXP(CltKeyFile);
64562Sgshapiro	  case O_CACERTFILE:
110560Sgshapiro		SET_STRING_EXP(CACertFile);
64562Sgshapiro	  case O_CACERTPATH:
110560Sgshapiro		SET_STRING_EXP(CACertPath);
363466Sgshapiro#if _FFR_CLIENTCA
363466Sgshapiro	  case O_CLTCACERTFILE:
363466Sgshapiro		SET_STRING_EXP(CltCACertFile);
363466Sgshapiro	  case O_CLTCACERTPATH:
363466Sgshapiro		SET_STRING_EXP(CltCACertPath);
363466Sgshapiro#endif
64562Sgshapiro	  case O_DHPARAMS:
90792Sgshapiro		SET_STRING_EXP(DHParams);
90792Sgshapiro	  case O_CIPHERLIST:
90792Sgshapiro		SET_STRING_EXP(CipherList);
285229Sgshapiro	  case O_DIG_ALG:
285229Sgshapiro		SET_STRING_EXP(CertFingerprintAlgorithm);
363466Sgshapiro	  case O_SSLENGINEPATH:
363466Sgshapiro		SET_STRING_EXP(SSLEnginePath);
363466Sgshapiro	  case O_SSLENGINE:
363466Sgshapiro		newval = sm_pstrdup_x(val);
363466Sgshapiro		if (SSLEngine != NULL)
363466Sgshapiro			sm_free(SSLEngine);
363466Sgshapiro		SSLEngine = newval;
363466Sgshapiro
363466Sgshapiro		/*
363466Sgshapiro		**  Which engines need to be initialized before fork()?
363466Sgshapiro		**  XXX hack, should be an option?
363466Sgshapiro		*/
363466Sgshapiro
363466Sgshapiro		if (strcmp(SSLEngine, "chil") == 0)
363466Sgshapiro			SSLEngineprefork = true;
363466Sgshapiro		break;
203004Sgshapiro	  case O_SRV_SSL_OPTIONS:
203004Sgshapiro		pssloptions = &Srv_SSL_Options;
203004Sgshapiro	  case O_CLT_SSL_OPTIONS:
203004Sgshapiro		if (pssloptions == NULL)
203004Sgshapiro			pssloptions = &Clt_SSL_Options;
285229Sgshapiro		(void) readssloptions(o->o_name, val, pssloptions, '\0');
285229Sgshapiro		if (tTd(37, 8))
285229Sgshapiro			sm_dprintf("ssloptions=%#lx\n", *pssloptions);
203004Sgshapiro
203004Sgshapiro		pssloptions = NULL;
203004Sgshapiro		break;
203004Sgshapiro
132943Sgshapiro	  case O_CRLFILE:
132943Sgshapiro		SET_STRING_EXP(CRLFile);
132943Sgshapiro		break;
64562Sgshapiro
132943Sgshapiro	  case O_CRLPATH:
132943Sgshapiro		SET_STRING_EXP(CRLPath);
132943Sgshapiro		break;
132943Sgshapiro
90792Sgshapiro	/*
90792Sgshapiro	**  XXX How about options per daemon/client instead of globally?
90792Sgshapiro	**  This doesn't work well for some options, e.g., no server cert,
90792Sgshapiro	**  but fine for others.
90792Sgshapiro	**
90792Sgshapiro	**  XXX Some people may want different certs per server.
90792Sgshapiro	**
90792Sgshapiro	**  See also srvfeatures()
90792Sgshapiro	*/
90792Sgshapiro
90792Sgshapiro	  case O_TLS_SRV_OPTS:
90792Sgshapiro		while (val != NULL && *val != '\0')
90792Sgshapiro		{
90792Sgshapiro			switch (*val)
90792Sgshapiro			{
90792Sgshapiro			  case 'V':
90792Sgshapiro				TLS_Srv_Opts |= TLS_I_NO_VRFY;
90792Sgshapiro				break;
90792Sgshapiro			/*
90792Sgshapiro			**  Server without a cert? That works only if
90792Sgshapiro			**  AnonDH is enabled as cipher, which is not in the
90792Sgshapiro			**  default list. Hence the CipherList option must
90792Sgshapiro			**  be available. Moreover: which clients support this
90792Sgshapiro			**  besides sendmail with this setting?
90792Sgshapiro			*/
90792Sgshapiro
90792Sgshapiro			  case 'C':
90792Sgshapiro				TLS_Srv_Opts &= ~TLS_I_SRV_CERT;
90792Sgshapiro				break;
90792Sgshapiro			  case ' ':	/* ignore */
90792Sgshapiro			  case '\t':	/* ignore */
90792Sgshapiro			  case ',':	/* ignore */
90792Sgshapiro				break;
90792Sgshapiro			  default:
90792Sgshapiro				(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro						     "Warning: Option: %s unknown parameter '%c'\n",
90792Sgshapiro						     OPTNAME,
90792Sgshapiro						     (isascii(*val) &&
90792Sgshapiro							isprint(*val))
90792Sgshapiro							? *val : '?');
90792Sgshapiro				break;
90792Sgshapiro			}
90792Sgshapiro			++val;
90792Sgshapiro			val = strpbrk(val, ", \t");
90792Sgshapiro			if (val != NULL)
90792Sgshapiro				++val;
90792Sgshapiro		}
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case O_RANDFILE:
90792Sgshapiro		PSTRSET(RandFile, val);
64562Sgshapiro		break;
64562Sgshapiro
90792Sgshapiro#else /* STARTTLS */
64562Sgshapiro	  case O_SRVCERTFILE:
64562Sgshapiro	  case O_SRVKEYFILE:
64562Sgshapiro	  case O_CLTCERTFILE:
64562Sgshapiro	  case O_CLTKEYFILE:
64562Sgshapiro	  case O_CACERTFILE:
64562Sgshapiro	  case O_CACERTPATH:
363466Sgshapiro#if _FFR_CLIENTCA
363466Sgshapiro	  case O_CLTCACERTFILE:
363466Sgshapiro	  case O_CLTCACERTPATH:
363466Sgshapiro#endif
64562Sgshapiro	  case O_DHPARAMS:
285229Sgshapiro	  case O_SRV_SSL_OPTIONS:
285229Sgshapiro	  case O_CLT_SSL_OPTIONS:
64562Sgshapiro	  case O_CIPHERLIST:
363466Sgshapiro	  case O_DIG_ALG:
132943Sgshapiro	  case O_CRLFILE:
132943Sgshapiro	  case O_CRLPATH:
64562Sgshapiro	  case O_RANDFILE:
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "Warning: Option: %s requires TLS support\n",
90792Sgshapiro				     OPTNAME);
64562Sgshapiro		break;
64562Sgshapiro
90792Sgshapiro#endif /* STARTTLS */
249729Sgshapiro#if STARTTLS && _FFR_FIPSMODE
249729Sgshapiro	  case O_FIPSMODE:
249729Sgshapiro		FipsMode = atobool(val);
249729Sgshapiro		break;
363466Sgshapiro#endif
64562Sgshapiro
64562Sgshapiro	  case O_CLIENTPORT:
64562Sgshapiro		setclientoptions(val);
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case O_DF_BUFSIZE:
64562Sgshapiro		DataFileBufferSize = atoi(val);
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case O_XF_BUFSIZE:
64562Sgshapiro		XscriptFileBufferSize = atoi(val);
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case O_LDAPDEFAULTSPEC:
90792Sgshapiro#if LDAPMAP
64562Sgshapiro		ldapmap_set_defaults(val);
64562Sgshapiro#else /* LDAPMAP */
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "Warning: Option: %s requires LDAP support (-DLDAPMAP)\n",
90792Sgshapiro				     OPTNAME);
64562Sgshapiro#endif /* LDAPMAP */
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case O_INPUTMILTER:
90792Sgshapiro#if MILTER
64562Sgshapiro		InputFilterList = newstr(val);
90792Sgshapiro#else /* MILTER */
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "Warning: Option: %s requires Milter support (-DMILTER)\n",
90792Sgshapiro				     OPTNAME);
90792Sgshapiro#endif /* MILTER */
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case O_MILTER:
90792Sgshapiro#if MILTER
64562Sgshapiro		milter_set_option(subopt, val, sticky);
90792Sgshapiro#else /* MILTER */
90792Sgshapiro		(void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
90792Sgshapiro				     "Warning: Option: %s requires Milter support (-DMILTER)\n",
90792Sgshapiro				     OPTNAME);
90792Sgshapiro#endif /* MILTER */
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case O_QUEUE_FILE_MODE:	/* queue file mode */
64562Sgshapiro		QueueFileMode = atooct(val) & 0777;
64562Sgshapiro		break;
64562Sgshapiro
90792Sgshapiro	  case O_DLVR_MIN:	/* deliver by minimum time */
90792Sgshapiro		DeliverByMin = convtime(val, 's');
90792Sgshapiro		break;
90792Sgshapiro
90792Sgshapiro	  /* modifiers {daemon_flags} for direct submissions */
90792Sgshapiro	  case O_DIRECTSUBMODIFIERS:
90792Sgshapiro		{
90792Sgshapiro			BITMAP256 m;	/* ignored */
90792Sgshapiro			extern ENVELOPE BlankEnvelope;
90792Sgshapiro
90792Sgshapiro			macdefine(&BlankEnvelope.e_macro, A_PERM,
90792Sgshapiro				  macid("{daemon_flags}"),
90792Sgshapiro				  getmodifiers(val, m));
90792Sgshapiro		}
90792Sgshapiro		break;
90792Sgshapiro
90792Sgshapiro	  case O_FASTSPLIT:
90792Sgshapiro		FastSplit = atoi(val);
90792Sgshapiro		break;
90792Sgshapiro
90792Sgshapiro	  case O_MBDB:
90792Sgshapiro		Mbdb = newstr(val);
90792Sgshapiro		break;
90792Sgshapiro
90792Sgshapiro	  case O_MSQ:
90792Sgshapiro		UseMSP = atobool(val);
90792Sgshapiro		break;
90792Sgshapiro
90792Sgshapiro	  case O_SOFTBOUNCE:
90792Sgshapiro		SoftBounce = atobool(val);
90792Sgshapiro		break;
90792Sgshapiro
110560Sgshapiro	  case O_REJECTLOGINTERVAL:	/* time btwn log msgs while refusing */
110560Sgshapiro		RejectLogInterval = convtime(val, 'h');
110560Sgshapiro		break;
110560Sgshapiro
110560Sgshapiro	  case O_REQUIRES_DIR_FSYNC:
132943Sgshapiro#if REQUIRES_DIR_FSYNC
110560Sgshapiro		RequiresDirfsync = atobool(val);
363466Sgshapiro#else
110560Sgshapiro		/* silently ignored... required for cf file option */
363466Sgshapiro#endif
110560Sgshapiro		break;
110560Sgshapiro
132943Sgshapiro	  case O_CONNECTION_RATE_WINDOW_SIZE:
132943Sgshapiro		ConnectionRateWindowSize = convtime(val, 's');
132943Sgshapiro		break;
132943Sgshapiro
132943Sgshapiro	  case O_FALLBACKSMARTHOST:	/* fallback smart host */
132943Sgshapiro		if (val[0] != '\0')
132943Sgshapiro			FallbackSmartHost = newstr(val);
132943Sgshapiro		break;
132943Sgshapiro
132943Sgshapiro	  case O_HELONAME:
157001Sgshapiro		HeloName = newstr(val);
157001Sgshapiro		break;
168515Sgshapiro
157001Sgshapiro#if _FFR_MEMSTAT
157001Sgshapiro	  case O_REFUSELOWMEM:
157001Sgshapiro		RefuseLowMem = atoi(val);
157001Sgshapiro		break;
157001Sgshapiro	  case O_QUEUELOWMEM:
157001Sgshapiro		QueueLowMem = atoi(val);
157001Sgshapiro		break;
157001Sgshapiro	  case O_MEMRESOURCE:
157001Sgshapiro		MemoryResource = newstr(val);
157001Sgshapiro		break;
157001Sgshapiro#endif /* _FFR_MEMSTAT */
132943Sgshapiro
157001Sgshapiro	  case O_MAXNOOPCOMMANDS:
157001Sgshapiro		MaxNOOPCommands = atoi(val);
157001Sgshapiro		break;
157001Sgshapiro
157001Sgshapiro#if _FFR_MSG_ACCEPT
157001Sgshapiro	  case O_MSG_ACCEPT:
157001Sgshapiro		MessageAccept = newstr(val);
157001Sgshapiro		break;
363466Sgshapiro#endif
157001Sgshapiro
157001Sgshapiro#if _FFR_QUEUE_RUN_PARANOIA
157001Sgshapiro	  case O_CHK_Q_RUNNERS:
157001Sgshapiro		CheckQueueRunners = atoi(val);
157001Sgshapiro		break;
363466Sgshapiro#endif
157001Sgshapiro
168515Sgshapiro#if _FFR_EIGHT_BIT_ADDR_OK
168515Sgshapiro	  case O_EIGHT_BIT_ADDR_OK:
168515Sgshapiro		EightBitAddrOK = atobool(val);
168515Sgshapiro		break;
363466Sgshapiro#endif
168515Sgshapiro
173340Sgshapiro#if _FFR_ADDR_TYPE_MODES
173340Sgshapiro	  case O_ADDR_TYPE_MODES:
173340Sgshapiro		AddrTypeModes = atobool(val);
173340Sgshapiro		break;
363466Sgshapiro#endif
173340Sgshapiro
182352Sgshapiro#if _FFR_BADRCPT_SHUTDOWN
182352Sgshapiro	  case O_RCPTSHUTD:
182352Sgshapiro		BadRcptShutdown = atoi(val);
182352Sgshapiro		break;
182352Sgshapiro
182352Sgshapiro	  case O_RCPTSHUTDG:
182352Sgshapiro		BadRcptShutdownGood = atoi(val);
182352Sgshapiro		break;
182352Sgshapiro#endif /* _FFR_BADRCPT_SHUTDOWN */
182352Sgshapiro
249729Sgshapiro#if _FFR_REJECT_NUL_BYTE
249729Sgshapiro	  case O_REJECTNUL:
249729Sgshapiro		RejectNUL = atobool(val);
249729Sgshapiro		break;
363466Sgshapiro#endif
249729Sgshapiro
285229Sgshapiro#if _FFR_BOUNCE_QUEUE
285229Sgshapiro	  case O_BOUNCEQUEUE:
285229Sgshapiro		bouncequeue = newstr(val);
285229Sgshapiro		break;
363466Sgshapiro#endif
285229Sgshapiro
285229Sgshapiro#if _FFR_ADD_BCC
285229Sgshapiro	  case O_ADDBCC:
285229Sgshapiro		AddBcc = atobool(val);
285229Sgshapiro		break;
285229Sgshapiro#endif
285229Sgshapiro	  case O_USECOMPRESSEDIPV6ADDRESSES:
285229Sgshapiro		UseCompressedIPv6Addresses = atobool(val);
285229Sgshapiro		break;
285229Sgshapiro
363466Sgshapiro#if DNSSEC_TEST
363466Sgshapiro	  case O_NSPORTIP:
363466Sgshapiro		nsportip(val);
363466Sgshapiro		break;
363466Sgshapiro	  case O_NSSRCHLIST:
363466Sgshapiro		NameSearchList = sm_strdup(val);
363466Sgshapiro		break;
363466Sgshapiro#endif
363466Sgshapiro
363466Sgshapiro#if DANE
363466Sgshapiro	  case O_DANE:
363466Sgshapiro		if (sm_strcasecmp(val, "always") == 0)
363466Sgshapiro			Dane = DANE_ALWAYS;
363466Sgshapiro		else
363466Sgshapiro			Dane = atobool(val) ? DANE_SECURE : DANE_NEVER;
363466Sgshapiro		break;
363466Sgshapiro#endif
363466Sgshapiro
363466Sgshapiro#if _FFR_BLANKENV_MACV
363466Sgshapiro	  case O_HACKS:
363466Sgshapiro		Hacks = (int) strtol(val, NULL, 0);
363466Sgshapiro		break;
363466Sgshapiro#endif
363466Sgshapiro
363466Sgshapiro#if _FFR_KEEPBCC
363466Sgshapiro	  case O_KEEPBCC:
363466Sgshapiro		KeepBcc = atobool(val);
363466Sgshapiro		break;
363466Sgshapiro#endif
363466Sgshapiro
363466Sgshapiro# if _FFR_TLS_ALTNAMES
363466Sgshapiro	  case O_CHECKALTNAMES:
363466Sgshapiro		SetCertAltnames = atobool(val);
363466Sgshapiro		break;
363466Sgshapiro# endif
363466Sgshapiro
38032Speter	  default:
38032Speter		if (tTd(37, 1))
38032Speter		{
38032Speter			if (isascii(opt) && isprint(opt))
90792Sgshapiro				sm_dprintf("Warning: option %c unknown\n", opt);
38032Speter			else
90792Sgshapiro				sm_dprintf("Warning: option 0x%x unknown\n", opt);
38032Speter		}
38032Speter		break;
38032Speter	}
64562Sgshapiro
64562Sgshapiro	/*
64562Sgshapiro	**  Options with suboptions are responsible for taking care
64562Sgshapiro	**  of sticky-ness (e.g., that a command line setting is kept
64562Sgshapiro	**  when reading in the sendmail.cf file).  This has to be done
64562Sgshapiro	**  when the suboptions are parsed since each suboption must be
64562Sgshapiro	**  sticky, not the root option.
64562Sgshapiro	*/
64562Sgshapiro
64562Sgshapiro	if (sticky && !bitset(OI_SUBOPT, o->o_flags))
38032Speter		setbitn(opt, StickyOpt);
38032Speter}
90792Sgshapiro/*
38032Speter**  SETCLASS -- set a string into a class
38032Speter**
38032Speter**	Parameters:
38032Speter**		class -- the class to put the string in.
38032Speter**		str -- the string to enter
38032Speter**
38032Speter**	Returns:
38032Speter**		none.
38032Speter**
38032Speter**	Side Effects:
38032Speter**		puts the word into the symbol table.
38032Speter*/
38032Speter
38032Spetervoid
38032Spetersetclass(class, str)
38032Speter	int class;
38032Speter	char *str;
38032Speter{
38032Speter	register STAB *s;
38032Speter
168515Sgshapiro	if ((str[0] & 0377) == MATCHCLASS)
64562Sgshapiro	{
64562Sgshapiro		int mid;
64562Sgshapiro
64562Sgshapiro		str++;
90792Sgshapiro		mid = macid(str);
71345Sgshapiro		if (mid == 0)
64562Sgshapiro			return;
64562Sgshapiro
64562Sgshapiro		if (tTd(37, 8))
90792Sgshapiro			sm_dprintf("setclass(%s, $=%s)\n",
90792Sgshapiro				   macname(class), macname(mid));
64562Sgshapiro		copy_class(mid, class);
64562Sgshapiro	}
64562Sgshapiro	else
64562Sgshapiro	{
64562Sgshapiro		if (tTd(37, 8))
90792Sgshapiro			sm_dprintf("setclass(%s, %s)\n", macname(class), str);
64562Sgshapiro
64562Sgshapiro		s = stab(str, ST_CLASS, ST_ENTER);
71345Sgshapiro		setbitn(bitidx(class), s->s_class);
64562Sgshapiro	}
38032Speter}
90792Sgshapiro/*
38032Speter**  MAKEMAPENTRY -- create a map entry
38032Speter**
38032Speter**	Parameters:
38032Speter**		line -- the config file line
38032Speter**
38032Speter**	Returns:
38032Speter**		A pointer to the map that has been created.
38032Speter**		NULL if there was a syntax error.
38032Speter**
38032Speter**	Side Effects:
38032Speter**		Enters the map into the dictionary.
38032Speter*/
38032Speter
38032SpeterMAP *
38032Spetermakemapentry(line)
38032Speter	char *line;
38032Speter{
38032Speter	register char *p;
38032Speter	char *mapname;
38032Speter	char *classname;
38032Speter	register STAB *s;
38032Speter	STAB *class;
38032Speter
363466Sgshapiro	for (p = line; SM_ISSPACE(*p); p++)
38032Speter		continue;
38032Speter	if (!(isascii(*p) && isalnum(*p)))
38032Speter	{
38032Speter		syserr("readcf: config K line: no map name");
38032Speter		return NULL;
38032Speter	}
38032Speter
38032Speter	mapname = p;
38032Speter	while ((isascii(*++p) && isalnum(*p)) || *p == '_' || *p == '.')
38032Speter		continue;
38032Speter	if (*p != '\0')
38032Speter		*p++ = '\0';
363466Sgshapiro	while (SM_ISSPACE(*p))
38032Speter		p++;
38032Speter	if (!(isascii(*p) && isalnum(*p)))
38032Speter	{
38032Speter		syserr("readcf: config K line, map %s: no map class", mapname);
38032Speter		return NULL;
38032Speter	}
38032Speter	classname = p;
38032Speter	while (isascii(*++p) && isalnum(*p))
38032Speter		continue;
38032Speter	if (*p != '\0')
38032Speter		*p++ = '\0';
363466Sgshapiro	while (SM_ISSPACE(*p))
38032Speter		p++;
38032Speter
38032Speter	/* look up the class */
38032Speter	class = stab(classname, ST_MAPCLASS, ST_FIND);
38032Speter	if (class == NULL)
38032Speter	{
90792Sgshapiro		syserr("readcf: map %s: class %s not available", mapname,
90792Sgshapiro			classname);
38032Speter		return NULL;
38032Speter	}
38032Speter
38032Speter	/* enter the map */
38032Speter	s = stab(mapname, ST_MAP, ST_ENTER);
38032Speter	s->s_map.map_class = &class->s_mapclass;
38032Speter	s->s_map.map_mname = newstr(mapname);
38032Speter
38032Speter	if (class->s_mapclass.map_parse(&s->s_map, p))
38032Speter		s->s_map.map_mflags |= MF_VALID;
38032Speter
38032Speter	if (tTd(37, 5))
38032Speter	{
90792Sgshapiro		sm_dprintf("map %s, class %s, flags %lx, file %s,\n",
90792Sgshapiro			   s->s_map.map_mname, s->s_map.map_class->map_cname,
90792Sgshapiro			   s->s_map.map_mflags, s->s_map.map_file);
90792Sgshapiro		sm_dprintf("\tapp %s, domain %s, rebuild %s\n",
90792Sgshapiro			   s->s_map.map_app, s->s_map.map_domain,
90792Sgshapiro			   s->s_map.map_rebuild);
38032Speter	}
38032Speter	return &s->s_map;
38032Speter}
90792Sgshapiro/*
38032Speter**  STRTORWSET -- convert string to rewriting set number
38032Speter**
38032Speter**	Parameters:
38032Speter**		p -- the pointer to the string to decode.
38032Speter**		endp -- if set, store the trailing delimiter here.
38032Speter**		stabmode -- ST_ENTER to create this entry, ST_FIND if
38032Speter**			it must already exist.
38032Speter**
38032Speter**	Returns:
38032Speter**		The appropriate ruleset number.
38032Speter**		-1 if it is not valid (error already printed)
38032Speter*/
38032Speter
38032Speterint
38032Speterstrtorwset(p, endp, stabmode)
38032Speter	char *p;
38032Speter	char **endp;
38032Speter	int stabmode;
38032Speter{
38032Speter	int ruleset;
38032Speter	static int nextruleset = MAXRWSETS;
38032Speter
363466Sgshapiro	while (SM_ISSPACE(*p))
38032Speter		p++;
38032Speter	if (!isascii(*p))
38032Speter	{
38032Speter		syserr("invalid ruleset name: \"%.20s\"", p);
38032Speter		return -1;
38032Speter	}
38032Speter	if (isdigit(*p))
38032Speter	{
38032Speter		ruleset = strtol(p, endp, 10);
38032Speter		if (ruleset >= MAXRWSETS / 2 || ruleset < 0)
38032Speter		{
38032Speter			syserr("bad ruleset %d (%d max)",
38032Speter				ruleset, MAXRWSETS / 2);
38032Speter			ruleset = -1;
38032Speter		}
38032Speter	}
38032Speter	else
38032Speter	{
38032Speter		STAB *s;
38032Speter		char delim;
64562Sgshapiro		char *q = NULL;
38032Speter
38032Speter		q = p;
203004Sgshapiro		while (*p != '\0' && isascii(*p) && (isalnum(*p) || *p == '_'))
38032Speter			p++;
38032Speter		if (q == p || !(isascii(*q) && isalpha(*q)))
38032Speter		{
38032Speter			/* no valid characters */
38032Speter			syserr("invalid ruleset name: \"%.20s\"", q);
38032Speter			return -1;
38032Speter		}
363466Sgshapiro		while (SM_ISSPACE(*p))
38032Speter			*p++ = '\0';
38032Speter		delim = *p;
38032Speter		if (delim != '\0')
38032Speter			*p = '\0';
38032Speter		s = stab(q, ST_RULESET, stabmode);
38032Speter		if (delim != '\0')
38032Speter			*p = delim;
38032Speter
38032Speter		if (s == NULL)
38032Speter			return -1;
38032Speter
38032Speter		if (stabmode == ST_ENTER && delim == '=')
38032Speter		{
38032Speter			while (isascii(*++p) && isspace(*p))
38032Speter				continue;
38032Speter			if (!(isascii(*p) && isdigit(*p)))
38032Speter			{
38032Speter				syserr("bad ruleset definition \"%s\" (number required after `=')", q);
38032Speter				ruleset = -1;
38032Speter			}
38032Speter			else
38032Speter			{
38032Speter				ruleset = strtol(p, endp, 10);
38032Speter				if (ruleset >= MAXRWSETS / 2 || ruleset < 0)
38032Speter				{
38032Speter					syserr("bad ruleset number %d in \"%s\" (%d max)",
38032Speter						ruleset, q, MAXRWSETS / 2);
38032Speter					ruleset = -1;
38032Speter				}
38032Speter			}
38032Speter		}
38032Speter		else
38032Speter		{
38032Speter			if (endp != NULL)
38032Speter				*endp = p;
64562Sgshapiro			if (s->s_ruleset >= 0)
38032Speter				ruleset = s->s_ruleset;
38032Speter			else if ((ruleset = --nextruleset) < MAXRWSETS / 2)
38032Speter			{
38032Speter				syserr("%s: too many named rulesets (%d max)",
38032Speter					q, MAXRWSETS / 2);
38032Speter				ruleset = -1;
38032Speter			}
38032Speter		}
64562Sgshapiro		if (s->s_ruleset >= 0 &&
64562Sgshapiro		    ruleset >= 0 &&
64562Sgshapiro		    ruleset != s->s_ruleset)
38032Speter		{
38032Speter			syserr("%s: ruleset changed value (old %d, new %d)",
38032Speter				q, s->s_ruleset, ruleset);
38032Speter			ruleset = s->s_ruleset;
38032Speter		}
64562Sgshapiro		else if (ruleset >= 0)
38032Speter		{
38032Speter			s->s_ruleset = ruleset;
38032Speter		}
71345Sgshapiro		if (stabmode == ST_ENTER && ruleset >= 0)
64562Sgshapiro		{
64562Sgshapiro			char *h = NULL;
64562Sgshapiro
64562Sgshapiro			if (RuleSetNames[ruleset] != NULL)
90792Sgshapiro				sm_free(RuleSetNames[ruleset]); /* XXX */
64562Sgshapiro			if (delim != '\0' && (h = strchr(q, delim)) != NULL)
64562Sgshapiro				*h = '\0';
64562Sgshapiro			RuleSetNames[ruleset] = newstr(q);
64562Sgshapiro			if (delim == '/' && h != NULL)
64562Sgshapiro				*h = delim;	/* put back delim */
64562Sgshapiro		}
38032Speter	}
38032Speter	return ruleset;
38032Speter}
90792Sgshapiro/*
64562Sgshapiro**  SETTIMEOUT -- set an individual timeout
64562Sgshapiro**
64562Sgshapiro**	Parameters:
64562Sgshapiro**		name -- the name of the timeout.
64562Sgshapiro**		val -- the value of the timeout.
64562Sgshapiro**		sticky -- if set, don't let other setoptions override
64562Sgshapiro**			this value.
64562Sgshapiro**
64562Sgshapiro**	Returns:
64562Sgshapiro**		none.
64562Sgshapiro*/
64562Sgshapiro
64562Sgshapiro/* set if Timeout sub-option is stuck */
64562Sgshapirostatic BITMAP256	StickyTimeoutOpt;
64562Sgshapiro
64562Sgshapirostatic struct timeoutinfo
64562Sgshapiro{
90792Sgshapiro	char		*to_name;	/* long name of timeout */
90792Sgshapiro	unsigned char	to_code;	/* code for option */
64562Sgshapiro} TimeOutTab[] =
64562Sgshapiro{
64562Sgshapiro#define TO_INITIAL			0x01
64562Sgshapiro	{ "initial",			TO_INITIAL			},
64562Sgshapiro#define TO_MAIL				0x02
64562Sgshapiro	{ "mail",			TO_MAIL				},
64562Sgshapiro#define TO_RCPT				0x03
64562Sgshapiro	{ "rcpt",			TO_RCPT				},
64562Sgshapiro#define TO_DATAINIT			0x04
64562Sgshapiro	{ "datainit",			TO_DATAINIT			},
64562Sgshapiro#define TO_DATABLOCK			0x05
64562Sgshapiro	{ "datablock",			TO_DATABLOCK			},
64562Sgshapiro#define TO_DATAFINAL			0x06
64562Sgshapiro	{ "datafinal",			TO_DATAFINAL			},
64562Sgshapiro#define TO_COMMAND			0x07
64562Sgshapiro	{ "command",			TO_COMMAND			},
64562Sgshapiro#define TO_RSET				0x08
64562Sgshapiro	{ "rset",			TO_RSET				},
64562Sgshapiro#define TO_HELO				0x09
64562Sgshapiro	{ "helo",			TO_HELO				},
64562Sgshapiro#define TO_QUIT				0x0A
64562Sgshapiro	{ "quit",			TO_QUIT				},
64562Sgshapiro#define TO_MISC				0x0B
64562Sgshapiro	{ "misc",			TO_MISC				},
64562Sgshapiro#define TO_IDENT			0x0C
64562Sgshapiro	{ "ident",			TO_IDENT			},
64562Sgshapiro#define TO_FILEOPEN			0x0D
64562Sgshapiro	{ "fileopen",			TO_FILEOPEN			},
64562Sgshapiro#define TO_CONNECT			0x0E
64562Sgshapiro	{ "connect",			TO_CONNECT			},
64562Sgshapiro#define TO_ICONNECT			0x0F
64562Sgshapiro	{ "iconnect",			TO_ICONNECT			},
64562Sgshapiro#define TO_QUEUEWARN			0x10
64562Sgshapiro	{ "queuewarn",			TO_QUEUEWARN			},
64562Sgshapiro	{ "queuewarn.*",		TO_QUEUEWARN			},
64562Sgshapiro#define TO_QUEUEWARN_NORMAL		0x11
64562Sgshapiro	{ "queuewarn.normal",		TO_QUEUEWARN_NORMAL		},
64562Sgshapiro#define TO_QUEUEWARN_URGENT		0x12
64562Sgshapiro	{ "queuewarn.urgent",		TO_QUEUEWARN_URGENT		},
64562Sgshapiro#define TO_QUEUEWARN_NON_URGENT		0x13
64562Sgshapiro	{ "queuewarn.non-urgent",	TO_QUEUEWARN_NON_URGENT		},
64562Sgshapiro#define TO_QUEUERETURN			0x14
64562Sgshapiro	{ "queuereturn",		TO_QUEUERETURN			},
64562Sgshapiro	{ "queuereturn.*",		TO_QUEUERETURN			},
64562Sgshapiro#define TO_QUEUERETURN_NORMAL		0x15
64562Sgshapiro	{ "queuereturn.normal",		TO_QUEUERETURN_NORMAL		},
64562Sgshapiro#define TO_QUEUERETURN_URGENT		0x16
64562Sgshapiro	{ "queuereturn.urgent",		TO_QUEUERETURN_URGENT		},
64562Sgshapiro#define TO_QUEUERETURN_NON_URGENT	0x17
64562Sgshapiro	{ "queuereturn.non-urgent",	TO_QUEUERETURN_NON_URGENT	},
64562Sgshapiro#define TO_HOSTSTATUS			0x18
64562Sgshapiro	{ "hoststatus",			TO_HOSTSTATUS			},
64562Sgshapiro#define TO_RESOLVER_RETRANS		0x19
64562Sgshapiro	{ "resolver.retrans",		TO_RESOLVER_RETRANS		},
64562Sgshapiro#define TO_RESOLVER_RETRANS_NORMAL	0x1A
64562Sgshapiro	{ "resolver.retrans.normal",	TO_RESOLVER_RETRANS_NORMAL	},
64562Sgshapiro#define TO_RESOLVER_RETRANS_FIRST	0x1B
64562Sgshapiro	{ "resolver.retrans.first",	TO_RESOLVER_RETRANS_FIRST	},
64562Sgshapiro#define TO_RESOLVER_RETRY		0x1C
64562Sgshapiro	{ "resolver.retry",		TO_RESOLVER_RETRY		},
64562Sgshapiro#define TO_RESOLVER_RETRY_NORMAL	0x1D
64562Sgshapiro	{ "resolver.retry.normal",	TO_RESOLVER_RETRY_NORMAL	},
64562Sgshapiro#define TO_RESOLVER_RETRY_FIRST		0x1E
64562Sgshapiro	{ "resolver.retry.first",	TO_RESOLVER_RETRY_FIRST		},
64562Sgshapiro#define TO_CONTROL			0x1F
64562Sgshapiro	{ "control",			TO_CONTROL			},
90792Sgshapiro#define TO_LHLO				0x20
90792Sgshapiro	{ "lhlo",			TO_LHLO				},
90792Sgshapiro#define TO_AUTH				0x21
90792Sgshapiro	{ "auth",			TO_AUTH				},
90792Sgshapiro#define TO_STARTTLS			0x22
90792Sgshapiro	{ "starttls",			TO_STARTTLS			},
90792Sgshapiro#define TO_ACONNECT			0x23
90792Sgshapiro	{ "aconnect",			TO_ACONNECT			},
132943Sgshapiro#define TO_QUEUEWARN_DSN		0x24
112810Sgshapiro	{ "queuewarn.dsn",		TO_QUEUEWARN_DSN		},
132943Sgshapiro#define TO_QUEUERETURN_DSN		0x25
112810Sgshapiro	{ "queuereturn.dsn",		TO_QUEUERETURN_DSN		},
64562Sgshapiro	{ NULL,				0				},
64562Sgshapiro};
64562Sgshapiro
64562Sgshapiro
64562Sgshapirostatic void
64562Sgshapirosettimeout(name, val, sticky)
64562Sgshapiro	char *name;
64562Sgshapiro	char *val;
64562Sgshapiro	bool sticky;
64562Sgshapiro{
64562Sgshapiro	register struct timeoutinfo *to;
90792Sgshapiro	int i, addopts;
64562Sgshapiro	time_t toval;
64562Sgshapiro
64562Sgshapiro	if (tTd(37, 2))
90792Sgshapiro		sm_dprintf("settimeout(%s = %s)", name, val);
64562Sgshapiro
64562Sgshapiro	for (to = TimeOutTab; to->to_name != NULL; to++)
64562Sgshapiro	{
90792Sgshapiro		if (sm_strcasecmp(to->to_name, name) == 0)
64562Sgshapiro			break;
64562Sgshapiro	}
64562Sgshapiro
64562Sgshapiro	if (to->to_name == NULL)
71345Sgshapiro	{
71345Sgshapiro		errno = 0; /* avoid bogus error text */
64562Sgshapiro		syserr("settimeout: invalid timeout %s", name);
71345Sgshapiro		return;
71345Sgshapiro	}
64562Sgshapiro
64562Sgshapiro	/*
64562Sgshapiro	**  See if this option is preset for us.
64562Sgshapiro	*/
64562Sgshapiro
64562Sgshapiro	if (!sticky && bitnset(to->to_code, StickyTimeoutOpt))
64562Sgshapiro	{
64562Sgshapiro		if (tTd(37, 2))
90792Sgshapiro			sm_dprintf(" (ignored)\n");
64562Sgshapiro		return;
64562Sgshapiro	}
64562Sgshapiro
64562Sgshapiro	if (tTd(37, 2))
90792Sgshapiro		sm_dprintf("\n");
64562Sgshapiro
64562Sgshapiro	toval = convtime(val, 'm');
80785Sgshapiro	addopts = 0;
64562Sgshapiro
64562Sgshapiro	switch (to->to_code)
64562Sgshapiro	{
64562Sgshapiro	  case TO_INITIAL:
64562Sgshapiro		TimeOuts.to_initial = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_MAIL:
64562Sgshapiro		TimeOuts.to_mail = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_RCPT:
64562Sgshapiro		TimeOuts.to_rcpt = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_DATAINIT:
64562Sgshapiro		TimeOuts.to_datainit = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_DATABLOCK:
64562Sgshapiro		TimeOuts.to_datablock = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_DATAFINAL:
64562Sgshapiro		TimeOuts.to_datafinal = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_COMMAND:
64562Sgshapiro		TimeOuts.to_nextcommand = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_RSET:
64562Sgshapiro		TimeOuts.to_rset = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_HELO:
64562Sgshapiro		TimeOuts.to_helo = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_QUIT:
64562Sgshapiro		TimeOuts.to_quit = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_MISC:
64562Sgshapiro		TimeOuts.to_miscshort = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_IDENT:
64562Sgshapiro		TimeOuts.to_ident = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_FILEOPEN:
64562Sgshapiro		TimeOuts.to_fileopen = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_CONNECT:
64562Sgshapiro		TimeOuts.to_connect = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_ICONNECT:
64562Sgshapiro		TimeOuts.to_iconnect = toval;
64562Sgshapiro		break;
64562Sgshapiro
90792Sgshapiro	  case TO_ACONNECT:
90792Sgshapiro		TimeOuts.to_aconnect = toval;
90792Sgshapiro		break;
90792Sgshapiro
64562Sgshapiro	  case TO_QUEUEWARN:
64562Sgshapiro		toval = convtime(val, 'h');
64562Sgshapiro		TimeOuts.to_q_warning[TOC_NORMAL] = toval;
64562Sgshapiro		TimeOuts.to_q_warning[TOC_URGENT] = toval;
64562Sgshapiro		TimeOuts.to_q_warning[TOC_NONURGENT] = toval;
112810Sgshapiro		TimeOuts.to_q_warning[TOC_DSN] = toval;
80785Sgshapiro		addopts = 2;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_QUEUEWARN_NORMAL:
64562Sgshapiro		toval = convtime(val, 'h');
64562Sgshapiro		TimeOuts.to_q_warning[TOC_NORMAL] = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_QUEUEWARN_URGENT:
64562Sgshapiro		toval = convtime(val, 'h');
64562Sgshapiro		TimeOuts.to_q_warning[TOC_URGENT] = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_QUEUEWARN_NON_URGENT:
64562Sgshapiro		toval = convtime(val, 'h');
64562Sgshapiro		TimeOuts.to_q_warning[TOC_NONURGENT] = toval;
64562Sgshapiro		break;
64562Sgshapiro
112810Sgshapiro	  case TO_QUEUEWARN_DSN:
112810Sgshapiro		toval = convtime(val, 'h');
112810Sgshapiro		TimeOuts.to_q_warning[TOC_DSN] = toval;
112810Sgshapiro		break;
112810Sgshapiro
64562Sgshapiro	  case TO_QUEUERETURN:
64562Sgshapiro		toval = convtime(val, 'd');
64562Sgshapiro		TimeOuts.to_q_return[TOC_NORMAL] = toval;
64562Sgshapiro		TimeOuts.to_q_return[TOC_URGENT] = toval;
64562Sgshapiro		TimeOuts.to_q_return[TOC_NONURGENT] = toval;
112810Sgshapiro		TimeOuts.to_q_return[TOC_DSN] = toval;
80785Sgshapiro		addopts = 2;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_QUEUERETURN_NORMAL:
64562Sgshapiro		toval = convtime(val, 'd');
64562Sgshapiro		TimeOuts.to_q_return[TOC_NORMAL] = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_QUEUERETURN_URGENT:
64562Sgshapiro		toval = convtime(val, 'd');
64562Sgshapiro		TimeOuts.to_q_return[TOC_URGENT] = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_QUEUERETURN_NON_URGENT:
64562Sgshapiro		toval = convtime(val, 'd');
64562Sgshapiro		TimeOuts.to_q_return[TOC_NONURGENT] = toval;
64562Sgshapiro		break;
64562Sgshapiro
112810Sgshapiro	  case TO_QUEUERETURN_DSN:
112810Sgshapiro		toval = convtime(val, 'd');
112810Sgshapiro		TimeOuts.to_q_return[TOC_DSN] = toval;
112810Sgshapiro		break;
112810Sgshapiro
64562Sgshapiro	  case TO_HOSTSTATUS:
64562Sgshapiro		MciInfoTimeout = toval;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_RESOLVER_RETRANS:
64562Sgshapiro		toval = convtime(val, 's');
64562Sgshapiro		TimeOuts.res_retrans[RES_TO_DEFAULT] = toval;
64562Sgshapiro		TimeOuts.res_retrans[RES_TO_FIRST] = toval;
64562Sgshapiro		TimeOuts.res_retrans[RES_TO_NORMAL] = toval;
80785Sgshapiro		addopts = 2;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_RESOLVER_RETRY:
64562Sgshapiro		i = atoi(val);
64562Sgshapiro		TimeOuts.res_retry[RES_TO_DEFAULT] = i;
64562Sgshapiro		TimeOuts.res_retry[RES_TO_FIRST] = i;
64562Sgshapiro		TimeOuts.res_retry[RES_TO_NORMAL] = i;
80785Sgshapiro		addopts = 2;
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_RESOLVER_RETRANS_NORMAL:
64562Sgshapiro		TimeOuts.res_retrans[RES_TO_NORMAL] = convtime(val, 's');
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_RESOLVER_RETRY_NORMAL:
64562Sgshapiro		TimeOuts.res_retry[RES_TO_NORMAL] = atoi(val);
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_RESOLVER_RETRANS_FIRST:
64562Sgshapiro		TimeOuts.res_retrans[RES_TO_FIRST] = convtime(val, 's');
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_RESOLVER_RETRY_FIRST:
64562Sgshapiro		TimeOuts.res_retry[RES_TO_FIRST] = atoi(val);
64562Sgshapiro		break;
64562Sgshapiro
64562Sgshapiro	  case TO_CONTROL:
64562Sgshapiro		TimeOuts.to_control = toval;
64562Sgshapiro		break;
64562Sgshapiro
90792Sgshapiro	  case TO_LHLO:
90792Sgshapiro		TimeOuts.to_lhlo = toval;
90792Sgshapiro		break;
90792Sgshapiro
90792Sgshapiro#if SASL
90792Sgshapiro	  case TO_AUTH:
90792Sgshapiro		TimeOuts.to_auth = toval;
90792Sgshapiro		break;
363466Sgshapiro#endif
90792Sgshapiro
90792Sgshapiro#if STARTTLS
90792Sgshapiro	  case TO_STARTTLS:
90792Sgshapiro		TimeOuts.to_starttls = toval;
90792Sgshapiro		break;
363466Sgshapiro#endif
90792Sgshapiro
64562Sgshapiro	  default:
64562Sgshapiro		syserr("settimeout: invalid timeout %s", name);
64562Sgshapiro		break;
64562Sgshapiro	}
64562Sgshapiro
64562Sgshapiro	if (sticky)
80785Sgshapiro	{
80785Sgshapiro		for (i = 0; i <= addopts; i++)
80785Sgshapiro			setbitn(to->to_code + i, StickyTimeoutOpt);
80785Sgshapiro	}
64562Sgshapiro}
90792Sgshapiro/*
38032Speter**  INITTIMEOUTS -- parse and set timeout values
38032Speter**
38032Speter**	Parameters:
38032Speter**		val -- a pointer to the values.  If NULL, do initial
38032Speter**			settings.
64562Sgshapiro**		sticky -- if set, don't let other setoptions override
64562Sgshapiro**			this suboption value.
38032Speter**
38032Speter**	Returns:
38032Speter**		none.
38032Speter**
38032Speter**	Side Effects:
38032Speter**		Initializes the TimeOuts structure
38032Speter*/
38032Speter
38032Spetervoid
64562Sgshapiroinittimeouts(val, sticky)
38032Speter	register char *val;
64562Sgshapiro	bool sticky;
38032Speter{
38032Speter	register char *p;
38032Speter
38032Speter	if (tTd(37, 2))
90792Sgshapiro		sm_dprintf("inittimeouts(%s)\n", val == NULL ? "<NULL>" : val);
38032Speter	if (val == NULL)
38032Speter	{
38032Speter		TimeOuts.to_connect = (time_t) 0 SECONDS;
90792Sgshapiro		TimeOuts.to_aconnect = (time_t) 0 SECONDS;
94334Sgshapiro		TimeOuts.to_iconnect = (time_t) 0 SECONDS;
38032Speter		TimeOuts.to_initial = (time_t) 5 MINUTES;
38032Speter		TimeOuts.to_helo = (time_t) 5 MINUTES;
38032Speter		TimeOuts.to_mail = (time_t) 10 MINUTES;
38032Speter		TimeOuts.to_rcpt = (time_t) 1 HOUR;
38032Speter		TimeOuts.to_datainit = (time_t) 5 MINUTES;
38032Speter		TimeOuts.to_datablock = (time_t) 1 HOUR;
38032Speter		TimeOuts.to_datafinal = (time_t) 1 HOUR;
38032Speter		TimeOuts.to_rset = (time_t) 5 MINUTES;
38032Speter		TimeOuts.to_quit = (time_t) 2 MINUTES;
38032Speter		TimeOuts.to_nextcommand = (time_t) 1 HOUR;
38032Speter		TimeOuts.to_miscshort = (time_t) 2 MINUTES;
38032Speter#if IDENTPROTO
64562Sgshapiro		TimeOuts.to_ident = (time_t) 5 SECONDS;
363466Sgshapiro#else
38032Speter		TimeOuts.to_ident = (time_t) 0 SECONDS;
363466Sgshapiro#endif
38032Speter		TimeOuts.to_fileopen = (time_t) 60 SECONDS;
64562Sgshapiro		TimeOuts.to_control = (time_t) 2 MINUTES;
90792Sgshapiro		TimeOuts.to_lhlo = (time_t) 2 MINUTES;
90792Sgshapiro#if SASL
90792Sgshapiro		TimeOuts.to_auth = (time_t) 10 MINUTES;
363466Sgshapiro#endif
90792Sgshapiro#if STARTTLS
90792Sgshapiro		TimeOuts.to_starttls = (time_t) 1 HOUR;
363466Sgshapiro#endif
38032Speter		if (tTd(37, 5))
38032Speter		{
90792Sgshapiro			sm_dprintf("Timeouts:\n");
90792Sgshapiro			sm_dprintf("  connect = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_connect);
90792Sgshapiro			sm_dprintf("  aconnect = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_aconnect);
90792Sgshapiro			sm_dprintf("  initial = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_initial);
90792Sgshapiro			sm_dprintf("  helo = %ld\n", (long) TimeOuts.to_helo);
90792Sgshapiro			sm_dprintf("  mail = %ld\n", (long) TimeOuts.to_mail);
90792Sgshapiro			sm_dprintf("  rcpt = %ld\n", (long) TimeOuts.to_rcpt);
90792Sgshapiro			sm_dprintf("  datainit = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_datainit);
90792Sgshapiro			sm_dprintf("  datablock = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_datablock);
90792Sgshapiro			sm_dprintf("  datafinal = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_datafinal);
90792Sgshapiro			sm_dprintf("  rset = %ld\n", (long) TimeOuts.to_rset);
90792Sgshapiro			sm_dprintf("  quit = %ld\n", (long) TimeOuts.to_quit);
90792Sgshapiro			sm_dprintf("  nextcommand = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_nextcommand);
90792Sgshapiro			sm_dprintf("  miscshort = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_miscshort);
90792Sgshapiro			sm_dprintf("  ident = %ld\n", (long) TimeOuts.to_ident);
90792Sgshapiro			sm_dprintf("  fileopen = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_fileopen);
90792Sgshapiro			sm_dprintf("  lhlo = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_lhlo);
90792Sgshapiro			sm_dprintf("  control = %ld\n",
90792Sgshapiro				   (long) TimeOuts.to_control);
38032Speter		}
38032Speter		return;
38032Speter	}
38032Speter
38032Speter	for (;; val = p)
38032Speter	{
363466Sgshapiro		while (SM_ISSPACE(*val))
38032Speter			val++;
38032Speter		if (*val == '\0')
38032Speter			break;
38032Speter		for (p = val; *p != '\0' && *p != ','; p++)
38032Speter			continue;
38032Speter		if (*p != '\0')
38032Speter			*p++ = '\0';
38032Speter
38032Speter		if (isascii(*val) && isdigit(*val))
38032Speter		{
38032Speter			/* old syntax -- set everything */
38032Speter			TimeOuts.to_mail = convtime(val, 'm');
38032Speter			TimeOuts.to_rcpt = TimeOuts.to_mail;
38032Speter			TimeOuts.to_datainit = TimeOuts.to_mail;
38032Speter			TimeOuts.to_datablock = TimeOuts.to_mail;
38032Speter			TimeOuts.to_datafinal = TimeOuts.to_mail;
38032Speter			TimeOuts.to_nextcommand = TimeOuts.to_mail;
64562Sgshapiro			if (sticky)
64562Sgshapiro			{
64562Sgshapiro				setbitn(TO_MAIL, StickyTimeoutOpt);
64562Sgshapiro				setbitn(TO_RCPT, StickyTimeoutOpt);
64562Sgshapiro				setbitn(TO_DATAINIT, StickyTimeoutOpt);
64562Sgshapiro				setbitn(TO_DATABLOCK, StickyTimeoutOpt);
64562Sgshapiro				setbitn(TO_DATAFINAL, StickyTimeoutOpt);
64562Sgshapiro				setbitn(TO_COMMAND, StickyTimeoutOpt);
64562Sgshapiro			}
38032Speter			continue;
38032Speter		}
38032Speter		else
38032Speter		{
38032Speter			register char *q = strchr(val, ':');
38032Speter
38032Speter			if (q == NULL && (q = strchr(val, '=')) == NULL)
38032Speter			{
38032Speter				/* syntax error */
38032Speter				continue;
38032Speter			}
38032Speter			*q++ = '\0';
64562Sgshapiro			settimeout(val, q, sticky);
38032Speter		}
38032Speter	}
38032Speter}