diff options
| author | Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> | 2020-10-04 12:22:01 +0200 |
|---|---|---|
| committer | Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> | 2020-10-05 10:46:49 +0200 |
| commit | 4c7f095f4f32a2259017fa5acab6b1278af9e702 (patch) | |
| tree | 907d039c457ae1f6cf1064e546c6f2e57db4fd25 /src | |
| parent | d0de84b2d250e2f066286db3a3f5400a0f931b67 (diff) | |
Add proxy_protocol_timeout main config option.
Diffstat (limited to 'src')
| -rw-r--r-- | src/src/globals.c | 1 | ||||
| -rw-r--r-- | src/src/globals.h | 1 | ||||
| -rw-r--r-- | src/src/macros.h | 9 | ||||
| -rw-r--r-- | src/src/readconf.c | 3 | ||||
| -rw-r--r-- | src/src/smtp_in.c | 2 |
5 files changed, 7 insertions, 9 deletions
diff --git a/src/src/globals.c b/src/src/globals.c index 240c2eb80..d029f7540 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -1204,6 +1204,7 @@ uschar *proxy_external_address = NULL; int proxy_external_port = 0; uschar *proxy_local_address = NULL; int proxy_local_port = 0; +int proxy_protocol_timeout = 3; #endif uschar *prvscheck_address = NULL; diff --git a/src/src/globals.h b/src/src/globals.h index 8fbb14136..41705fb4b 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -788,6 +788,7 @@ extern uschar *proxy_external_address; /* IP of remote interface of proxy */ extern int proxy_external_port; /* Port on remote interface of proxy */ extern uschar *proxy_local_address; /* IP of local interface of proxy */ extern int proxy_local_port; /* Port on local interface of proxy */ +extern int proxy_protocol_timeout; /* Timeout for proxy negotiation */ extern BOOL proxy_session; /* TRUE if receiving mail from valid proxy */ #endif diff --git a/src/src/macros.h b/src/src/macros.h index c3f1c5d43..62b6290eb 100644 --- a/src/src/macros.h +++ b/src/src/macros.h @@ -196,13 +196,6 @@ record. */ #define WAIT_NAME_MAX 50 -/* Wait this long before determining that a Proxy Protocol configured -host isn't speaking the protocol, and so is disallowed. Can be moved to -runtime configuration if per site settings become needed. */ -#ifdef SUPPORT_PROXY -#define PROXY_NEGOTIATION_TIMEOUT_SEC 3 -#endif - /* Fixed option values for all PCRE functions */ #define PCRE_COPT 0 /* compile */ @@ -887,7 +880,7 @@ enum { /* Options for smtp_write_command */ -enum { +enum { SCMD_FLUSH = 0, /* write to kernel */ SCMD_MORE, /* write to kernel, but likely more soon */ SCMD_BUFFER /* stash in application cmd output buffer */ diff --git a/src/src/readconf.c b/src/src/readconf.c index dabe86348..0b78a88b9 100644 --- a/src/src/readconf.c +++ b/src/src/readconf.c @@ -259,6 +259,9 @@ static optionlist optionlist_config[] = { { "print_topbitchars", opt_bool, {&print_topbitchars} }, { "process_log_path", opt_stringptr, {&process_log_path} }, { "prod_requires_admin", opt_bool, {&prod_requires_admin} }, +#ifdef SUPPORT_PROXY + { "proxy_protocol_timeout", opt_time, {&proxy_protocol_timeout} }, +#endif { "qualify_domain", opt_stringptr, {&qualify_domain_sender} }, { "qualify_recipient", opt_stringptr, {&qualify_domain_recipient} }, { "queue_domains", opt_stringptr, {&queue_domains} }, diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index 69eae3cb4..da6d23602 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -1219,7 +1219,7 @@ socklen_t vslen = sizeof(struct timeval); BOOL yield = FALSE; os_non_restarting_signal(SIGALRM, command_timeout_handler); -ALARM(PROXY_NEGOTIATION_TIMEOUT_SEC); +ALARM(proxy_protocol_timeout); do { |