summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>2016-03-26 01:13:29 +0100
committerHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>2016-03-31 21:45:34 +0200
commit34e86e2003d0eba915735853cf48c56e71d7a4ea (patch)
treed249935c1f0e9db848fa03e3756488019fe10234 /src
parent85ffcba677df89c58014ec6258a1984a8f63f95a (diff)
Supress TLS/Env warnings in checking and listing mode
Diffstat (limited to 'src')
-rw-r--r--src/src/exim.c30
-rw-r--r--src/src/functions.h2
-rw-r--r--src/src/readconf.c12
3 files changed, 31 insertions, 13 deletions
diff --git a/src/src/exim.c b/src/src/exim.c
index 6a4fb5af3..cc3172dc0 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -1999,7 +1999,7 @@ for (i = 1; i < argc; i++)
else if (*argrest == 'F')
{
- filter_test |= FTEST_SYSTEM;
+ filter_test |= checking = FTEST_SYSTEM;
if (*(++argrest) != 0) { badarg = TRUE; break; }
if (++i < argc) filter_test_sfile = argv[i]; else
{
@@ -2019,7 +2019,7 @@ for (i = 1; i < argc; i++)
{
if (*(++argrest) == 0)
{
- filter_test |= FTEST_USER;
+ filter_test |= checking = FTEST_USER;
if (++i < argc) filter_test_ufile = argv[i]; else
{
fprintf(stderr, "exim: file name expected after %s\n", argv[i-1]);
@@ -2094,6 +2094,7 @@ for (i = 1; i < argc; i++)
else if (Ustrcmp(argrest, "malware") == 0)
{
if (++i >= argc) { badarg = TRUE; break; }
+ checking = TRUE;
malware_test_file = argv[i];
}
@@ -2175,6 +2176,7 @@ for (i = 1; i < argc; i++)
else if (Ustrcmp(argrest, "rt") == 0)
{
+ checking = TRUE;
test_retry_arg = i + 1;
goto END_ARG;
}
@@ -2183,6 +2185,7 @@ for (i = 1; i < argc; i++)
else if (Ustrcmp(argrest, "rw") == 0)
{
+ checking = TRUE;
test_rewrite_arg = i + 1;
goto END_ARG;
}
@@ -3754,7 +3757,23 @@ if ((initial_cwd = os_getcwd(NULL, 0)) == NULL)
exit(EXIT_FAILURE);
}
-readconf_main();
+/* checking:
+ -be[m] expansion test -
+ -b[fF] filter test new
+ -bh[c] host test -
+ -bmalware malware_test_file new
+ -brt retry test new
+ -brw rewrite test new
+ -bt address test -
+ -bv[s] address verify -
+ list_options:
+ -bP <option> (except -bP config, which sets list_config)
+
+If any of these options is set, we suppress warnings about configuration
+issues (currently about tls_advertise_hosts and keep_environment not being
+defined) */
+
+readconf_main(checking || list_options);
/* Now in directory "/" */
@@ -4184,7 +4203,7 @@ real, but are permitted when checking things (-be, -bv, -bt, -bh, -bf, -bF).
Note that authority for performing certain actions on messages is tested in the
queue_action() function. */
-if (!trusted_caller && !checking && filter_test == FTEST_NONE)
+if (!trusted_caller && !checking)
{
sender_host_name = sender_host_address = interface_address =
sender_ident = received_protocol = NULL;
@@ -4837,8 +4856,7 @@ if ((!smtp_input && sender_address == NULL) ||
if (sender_address == NULL /* No sender_address set */
|| /* OR */
(sender_address[0] != 0 && /* Non-empty sender address, AND */
- !checking && /* Not running tests, AND */
- filter_test == FTEST_NONE)) /* Not testing a filter */
+ !checking)) /* Not running tests, including filter tests */
{
sender_address = originator_login;
sender_address_forced = FALSE;
diff --git a/src/src/functions.h b/src/src/functions.h
index 878ae42a7..71c276bc7 100644
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -313,7 +313,7 @@ extern BOOL readconf_depends(driver_instance *, uschar *);
extern void readconf_driver_init(uschar *, driver_instance **,
driver_info *, int, void *, int, optionlist *, int);
extern uschar *readconf_find_option(void *);
-extern void readconf_main(void);
+extern void readconf_main(BOOL);
extern void readconf_print(uschar *, uschar *, BOOL no_labels);
extern uschar *readconf_printtime(int);
extern uschar *readconf_readname(uschar *, int, uschar *);
diff --git a/src/src/readconf.c b/src/src/readconf.c
index 0f696cbf5..c547c78b7 100644
--- a/src/src/readconf.c
+++ b/src/src/readconf.c
@@ -2947,7 +2947,7 @@ Returns: bool for "okay"; false will cause caller to immediately exit.
#ifdef SUPPORT_TLS
static BOOL
-tls_dropprivs_validate_require_cipher(void)
+tls_dropprivs_validate_require_cipher(BOOL nowarn)
{
const uschar *errmsg;
pid_t pid;
@@ -2961,7 +2961,7 @@ if ( !tls_advertise_hosts
|| Ustrcmp(tls_advertise_hosts, ":") == 0
)
return TRUE;
-else if (!tls_certificate)
+else if (!nowarn && !tls_certificate)
log_write(0, LOG_MAIN|LOG_PANIC,
"Warning: No server certificate defined; TLS connections will fail.\n"
" Suggested action: either install a certificate or change tls_advertise_hosts option");
@@ -3035,7 +3035,7 @@ systems. Therefore they are available only when requested by compile-time
options. */
void
-readconf_main(void)
+readconf_main(BOOL nowarn)
{
int sep = 0;
struct stat statbuf;
@@ -3473,7 +3473,7 @@ if ((tls_verify_hosts != NULL || tls_try_verify_hosts != NULL) &&
/* This also checks that the library linkage is working and we can call
routines in it, so call even if tls_require_ciphers is unset */
-if (!tls_dropprivs_validate_require_cipher())
+if (!tls_dropprivs_validate_require_cipher(nowarn))
exit(1);
/* Magic number: at time of writing, 1024 has been the long-standing value
@@ -3497,13 +3497,13 @@ if (openssl_options != NULL)
# endif
}
-if (gnutls_require_kx || gnutls_require_mac || gnutls_require_proto)
+if (!nowarn && (gnutls_require_kx || gnutls_require_mac || gnutls_require_proto))
log_write(0, LOG_MAIN, "WARNING: main options"
" gnutls_require_kx, gnutls_require_mac and gnutls_require_protocols"
" are obsolete\n");
#endif /*SUPPORT_TLS*/
-if (!keep_environment && environ && *environ)
+if (!nowarn && !keep_environment && environ && *environ)
log_write(0, LOG_MAIN,
"Warning: purging the environment.\n"
" Suggested action: use keep_environment.");