1 /* 2 * Copyright (c) 1998-2006, 2008 Proofpoint, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 */ 13 14 #include <sendmail.h> 15 16 SM_RCSID("@(#)$Id: collect.c,v 8.287 2013-11-22 20:51:55 ca Exp $") 17 18 #include <sm/sendmail.h> 19 20 static void eatfrom __P((char *volatile, ENVELOPE *)); 21 static void collect_doheader __P((ENVELOPE *)); 22 static SM_FILE_T *collect_dfopen __P((ENVELOPE *)); 23 static SM_FILE_T *collect_eoh __P((ENVELOPE *, int, int)); 24 25 /* 26 ** COLLECT_EOH -- end-of-header processing in collect() 27 ** 28 ** Called by collect() when it encounters the blank line 29 ** separating the header from the message body, or when it 30 ** encounters EOF in a message that contains only a header. 31 ** 32 ** Parameters: 33 ** e -- envelope 34 ** numhdrs -- number of headers 35 ** hdrslen -- length of headers 36 ** 37 ** Results: 38 ** NULL, or handle to open data file 39 ** 40 ** Side Effects: 41 ** end-of-header check ruleset is invoked. 42 ** envelope state is updated. 43 ** headers may be added and deleted. 44 ** selects the queue. 45 ** opens the data file. 46 */ 47 48 static SM_FILE_T * 49 collect_eoh(e, numhdrs, hdrslen) 50 ENVELOPE *e; 51 int numhdrs; 52 int hdrslen; 53 { 54 char hnum[16]; 55 char hsize[16]; 56 57 /* call the end-of-header check ruleset */ 58 (void) sm_snprintf(hnum, sizeof(hnum), "%d", numhdrs); 59 (void) sm_snprintf(hsize, sizeof(hsize), "%d", hdrslen); 60 if (tTd(30, 10)) 61 sm_dprintf("collect: rscheck(\"check_eoh\", \"%s $| %s\")\n", 62 hnum, hsize); 63 (void) rscheck("check_eoh", hnum, hsize, e, RSF_UNSTRUCTURED|RSF_COUNT, 64 3, NULL, e->e_id, NULL, NULL); 65 66 /* 67 ** Process the header, 68 ** select the queue, open the data file. 69 */ 70 71 collect_doheader(e); 72 return collect_dfopen(e); 73 } 74 75 /* 76 ** COLLECT_DOHEADER -- process header in collect() 77 ** 78 ** Called by collect() after it has finished parsing the header, 79 ** but before it selects the queue and creates the data file. 80 ** The results of processing the header will affect queue selection. 81 ** 82 ** Parameters: 83 ** e -- envelope 84 ** 85 ** Results: 86 ** none. 87 ** 88 ** Side Effects: 89 ** envelope state is updated. 90 ** headers may be added and deleted. 91 */ 92 93 static void 94 collect_doheader(e) 95 ENVELOPE *e; 96 { 97 /* 98 ** Find out some information from the headers. 99 ** Examples are who is the from person & the date. 100 */ 101 102 eatheader(e, true, false); 103 104 if (GrabTo && e->e_sendqueue == NULL) 105 usrerr("No recipient addresses found in header"); 106 107 /* 108 ** If we have a Return-Receipt-To:, turn it into a DSN. 109 */ 110 111 if (RrtImpliesDsn && hvalue("return-receipt-to", e->e_header) != NULL) 112 { 113 ADDRESS *q; 114 115 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 116 if (!bitset(QHASNOTIFY, q->q_flags)) 117 q->q_flags |= QHASNOTIFY|QPINGONSUCCESS; 118 } 119 120 /* 121 ** Add an appropriate recipient line if we have none. 122 */ 123 124 if (hvalue("to", e->e_header) != NULL || 125 hvalue("cc", e->e_header) != NULL || 126 hvalue("apparently-to", e->e_header) != NULL) 127 { 128 /* have a valid recipient header -- delete Bcc: headers */ 129 e->e_flags |= EF_DELETE_BCC; 130 } 131 else if (hvalue("bcc", e->e_header) == NULL) 132 { 133 /* no valid recipient headers */ 134 register ADDRESS *q; 135 char *hdr = NULL; 136 137 /* create a recipient field */ 138 switch (NoRecipientAction) 139 { 140 case NRA_ADD_APPARENTLY_TO: 141 hdr = "Apparently-To"; 142 break; 143 144 case NRA_ADD_TO: 145 hdr = "To"; 146 break; 147 148 case NRA_ADD_BCC: 149 addheader("Bcc", " ", 0, e, true); 150 break; 151 152 case NRA_ADD_TO_UNDISCLOSED: 153 addheader("To", "undisclosed-recipients:;", 0, e, true); 154 break; 155 } 156 157 if (hdr != NULL) 158 { 159 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 160 { 161 if (q->q_alias != NULL) 162 continue; 163 if (tTd(30, 3)) 164 sm_dprintf("Adding %s: %s\n", 165 hdr, q->q_paddr); 166 addheader(hdr, q->q_paddr, 0, e, true); 167 } 168 } 169 } 170 } 171 172 /* 173 ** COLLECT_DFOPEN -- open the message data file 174 ** 175 ** Called by collect() after it has finished processing the header. 176 ** Queue selection occurs at this point, possibly based on the 177 ** envelope's recipient list and on header information. 178 ** 179 ** Parameters: 180 ** e -- envelope 181 ** 182 ** Results: 183 ** NULL, or a pointer to an open data file, 184 ** into which the message body will be written by collect(). 185 ** 186 ** Side Effects: 187 ** Calls syserr, sets EF_FATALERRS and returns NULL 188 ** if there is insufficient disk space. 189 ** Aborts process if data file could not be opened. 190 ** Otherwise, the queue is selected, 191 ** e->e_{dfino,dfdev,msgsize,flags} are updated, 192 ** and a pointer to an open data file is returned. 193 */ 194 195 static SM_FILE_T * 196 collect_dfopen(e) 197 ENVELOPE *e; 198 { 199 MODE_T oldumask = 0; 200 int dfd; 201 struct stat stbuf; 202 SM_FILE_T *df; 203 char *dfname; 204 205 if (!setnewqueue(e)) 206 return NULL; 207 208 dfname = queuename(e, DATAFL_LETTER); 209 if (bitset(S_IWGRP, QueueFileMode)) 210 oldumask = umask(002); 211 df = bfopen(dfname, QueueFileMode, DataFileBufferSize, 212 SFF_OPENASROOT); 213 if (bitset(S_IWGRP, QueueFileMode)) 214 (void) umask(oldumask); 215 if (df == NULL) 216 { 217 syserr("@Cannot create %s", dfname); 218 e->e_flags |= EF_NO_BODY_RETN; 219 flush_errors(true); 220 finis(false, true, ExitStat); 221 /* NOTREACHED */ 222 } 223 dfd = sm_io_getinfo(df, SM_IO_WHAT_FD, NULL); 224 if (dfd < 0 || fstat(dfd, &stbuf) < 0) 225 e->e_dfino = -1; 226 else 227 { 228 e->e_dfdev = stbuf.st_dev; 229 e->e_dfino = stbuf.st_ino; 230 } 231 e->e_flags |= EF_HAS_DF; 232 return df; 233 } 234 235 /* 236 ** COLLECT -- read & parse message header & make temp file. 237 ** 238 ** Creates a temporary file name and copies the standard 239 ** input to that file. Leading UNIX-style "From" lines are 240 ** stripped off (after important information is extracted). 241 ** 242 ** Parameters: 243 ** fp -- file to read. 244 ** smtpmode -- if set, we are running SMTP: give an RFC821 245 ** style message to say we are ready to collect 246 ** input, and never ignore a single dot to mean 247 ** end of message. 248 ** hdrp -- the location to stash the header. 249 ** e -- the current envelope. 250 ** rsetsize -- reset e_msgsize? 251 ** 252 ** Returns: 253 ** none. 254 ** 255 ** Side Effects: 256 ** If successful, 257 ** - Data file is created and filled, and e->e_dfp is set. 258 ** - The from person may be set. 259 ** If the "enough disk space" check fails, 260 ** - syserr is called. 261 ** - e->e_dfp is NULL. 262 ** - e->e_flags & EF_FATALERRS is set. 263 ** - collect() returns. 264 ** If data file cannot be created, the process is terminated. 265 */ 266 267 /* values for input state machine */ 268 #define IS_NORM 0 /* middle of line */ 269 #define IS_BOL 1 /* beginning of line */ 270 #define IS_DOT 2 /* read a dot at beginning of line */ 271 #define IS_DOTCR 3 /* read ".\r" at beginning of line */ 272 #define IS_CR 4 /* read a carriage return */ 273 274 /* values for message state machine */ 275 #define MS_UFROM 0 /* reading Unix from line */ 276 #define MS_HEADER 1 /* reading message header */ 277 #define MS_BODY 2 /* reading message body */ 278 #define MS_DISCARD 3 /* discarding rest of message */ 279 280 void 281 collect(fp, smtpmode, hdrp, e, rsetsize) 282 SM_FILE_T *fp; 283 bool smtpmode; 284 HDR **hdrp; 285 register ENVELOPE *e; 286 bool rsetsize; 287 { 288 register SM_FILE_T *df; 289 bool ignrdot; 290 int dbto; 291 register char *bp; 292 int c; 293 bool inputerr; 294 bool headeronly; 295 char *buf; 296 int buflen; 297 int istate; 298 int mstate; 299 int hdrslen; 300 int numhdrs; 301 int afd; 302 int old_rd_tmo; 303 unsigned char *pbp; 304 unsigned char peekbuf[8]; 305 char bufbuf[MAXLINE]; 306 #if _FFR_REJECT_NUL_BYTE 307 bool hasNUL; /* has at least one NUL input byte */ 308 #endif 309 310 df = NULL; 311 ignrdot = smtpmode ? false : IgnrDot; 312 313 /* timeout for I/O functions is in milliseconds */ 314 dbto = smtpmode ? ((int) TimeOuts.to_datablock * 1000) 315 : SM_TIME_FOREVER; 316 sm_io_setinfo(fp, SM_IO_WHAT_TIMEOUT, &dbto); 317 old_rd_tmo = set_tls_rd_tmo(TimeOuts.to_datablock); 318 c = SM_IO_EOF; 319 inputerr = false; 320 headeronly = hdrp != NULL; 321 hdrslen = 0; 322 numhdrs = 0; 323 HasEightBits = false; 324 #if _FFR_REJECT_NUL_BYTE 325 hasNUL = false; 326 #endif 327 buf = bp = bufbuf; 328 buflen = sizeof(bufbuf); 329 pbp = peekbuf; 330 istate = IS_BOL; 331 mstate = SaveFrom ? MS_HEADER : MS_UFROM; 332 333 /* 334 ** Tell ARPANET to go ahead. 335 */ 336 337 if (smtpmode) 338 message("354 Enter mail, end with \".\" on a line by itself"); 339 340 /* simulate an I/O timeout when used as sink */ 341 if (tTd(83, 101)) 342 sleep(319); 343 344 if (tTd(30, 2)) 345 sm_dprintf("collect\n"); 346 347 /* 348 ** Read the message. 349 ** 350 ** This is done using two interleaved state machines. 351 ** The input state machine is looking for things like 352 ** hidden dots; the message state machine is handling 353 ** the larger picture (e.g., header versus body). 354 */ 355 356 if (rsetsize) 357 e->e_msgsize = 0; 358 for (;;) 359 { 360 if (tTd(30, 35)) 361 sm_dprintf("top, istate=%d, mstate=%d\n", istate, 362 mstate); 363 for (;;) 364 { 365 if (pbp > peekbuf) 366 c = *--pbp; 367 else 368 { 369 while (!sm_io_eof(fp) && !sm_io_error(fp)) 370 { 371 errno = 0; 372 c = sm_io_getc(fp, SM_TIME_DEFAULT); 373 if (c == SM_IO_EOF && errno == EINTR) 374 { 375 /* Interrupted, retry */ 376 sm_io_clearerr(fp); 377 continue; 378 } 379 380 /* timeout? */ 381 if (c == SM_IO_EOF && errno == EAGAIN 382 && smtpmode) 383 { 384 /* 385 ** Override e_message in 386 ** usrerr() as this is the 387 ** reason for failure that 388 ** should be logged for 389 ** undelivered recipients. 390 */ 391 392 e->e_message = NULL; 393 errno = 0; 394 inputerr = true; 395 goto readabort; 396 } 397 break; 398 } 399 if (TrafficLogFile != NULL && !headeronly) 400 { 401 if (istate == IS_BOL) 402 (void) sm_io_fprintf(TrafficLogFile, 403 SM_TIME_DEFAULT, 404 "%05d <<< ", 405 (int) CurrentPid); 406 if (c == SM_IO_EOF) 407 (void) sm_io_fprintf(TrafficLogFile, 408 SM_TIME_DEFAULT, 409 "[EOF]\n"); 410 else 411 (void) sm_io_putc(TrafficLogFile, 412 SM_TIME_DEFAULT, 413 c); 414 } 415 #if _FFR_REJECT_NUL_BYTE 416 if (c == '\0') 417 hasNUL = true; 418 #endif 419 if (c == SM_IO_EOF) 420 goto readerr; 421 if (SevenBitInput) 422 c &= 0x7f; 423 else 424 HasEightBits |= bitset(0x80, c); 425 } 426 if (tTd(30, 94)) 427 sm_dprintf("istate=%d, c=%c (0x%x)\n", 428 istate, (char) c, c); 429 switch (istate) 430 { 431 case IS_BOL: 432 if (c == '.') 433 { 434 istate = IS_DOT; 435 continue; 436 } 437 break; 438 439 case IS_DOT: 440 if (c == '\n' && !ignrdot) 441 goto readerr; 442 else if (c == '\r') 443 { 444 istate = IS_DOTCR; 445 continue; 446 } 447 else if (ignrdot || 448 (c != '.' && 449 OpMode != MD_SMTP && 450 OpMode != MD_DAEMON && 451 OpMode != MD_ARPAFTP)) 452 453 { 454 SM_ASSERT(pbp < peekbuf + 455 sizeof(peekbuf)); 456 *pbp++ = c; 457 c = '.'; 458 } 459 break; 460 461 case IS_DOTCR: 462 if (c == '\n' && !ignrdot) 463 goto readerr; 464 else 465 { 466 /* push back the ".\rx" */ 467 SM_ASSERT(pbp < peekbuf + 468 sizeof(peekbuf)); 469 *pbp++ = c; 470 if (OpMode != MD_SMTP && 471 OpMode != MD_DAEMON && 472 OpMode != MD_ARPAFTP) 473 { 474 SM_ASSERT(pbp < peekbuf + 475 sizeof(peekbuf)); 476 *pbp++ = '\r'; 477 c = '.'; 478 } 479 else 480 c = '\r'; 481 } 482 break; 483 484 case IS_CR: 485 if (c == '\n') 486 istate = IS_BOL; 487 else 488 { 489 (void) sm_io_ungetc(fp, SM_TIME_DEFAULT, 490 c); 491 c = '\r'; 492 istate = IS_NORM; 493 } 494 goto bufferchar; 495 } 496 497 if (c == '\r') 498 { 499 istate = IS_CR; 500 continue; 501 } 502 else if (c == '\n') 503 istate = IS_BOL; 504 else 505 istate = IS_NORM; 506 507 bufferchar: 508 if (!headeronly) 509 { 510 /* no overflow? */ 511 if (e->e_msgsize >= 0) 512 { 513 e->e_msgsize++; 514 if (MaxMessageSize > 0 && 515 !bitset(EF_TOOBIG, e->e_flags) && 516 e->e_msgsize > MaxMessageSize) 517 e->e_flags |= EF_TOOBIG; 518 } 519 } 520 switch (mstate) 521 { 522 case MS_BODY: 523 /* just put the character out */ 524 if (!bitset(EF_TOOBIG, e->e_flags)) 525 (void) sm_io_putc(df, SM_TIME_DEFAULT, 526 c); 527 528 /* FALLTHROUGH */ 529 530 case MS_DISCARD: 531 continue; 532 } 533 534 SM_ASSERT(mstate == MS_UFROM || mstate == MS_HEADER); 535 536 /* header -- buffer up */ 537 if (bp >= &buf[buflen - 2]) 538 { 539 char *obuf; 540 541 /* out of space for header */ 542 obuf = buf; 543 if (buflen < MEMCHUNKSIZE) 544 buflen *= 2; 545 else 546 buflen += MEMCHUNKSIZE; 547 if (buflen <= 0) 548 { 549 sm_syslog(LOG_NOTICE, e->e_id, 550 "header overflow from %s during message collect", 551 CURHOSTNAME); 552 errno = 0; 553 e->e_flags |= EF_CLRQUEUE; 554 e->e_status = "5.6.0"; 555 usrerrenh(e->e_status, 556 "552 Headers too large"); 557 goto discard; 558 } 559 buf = xalloc(buflen); 560 memmove(buf, obuf, bp - obuf); 561 bp = &buf[bp - obuf]; 562 if (obuf != bufbuf) 563 sm_free(obuf); /* XXX */ 564 } 565 566 if (c != '\0') 567 { 568 *bp++ = c; 569 ++hdrslen; 570 if (!headeronly && 571 MaxHeadersLength > 0 && 572 hdrslen > MaxHeadersLength) 573 { 574 sm_syslog(LOG_NOTICE, e->e_id, 575 "headers too large (%d max) from %s during message collect", 576 MaxHeadersLength, 577 CURHOSTNAME); 578 errno = 0; 579 e->e_flags |= EF_CLRQUEUE; 580 e->e_status = "5.6.0"; 581 usrerrenh(e->e_status, 582 "552 Headers too large (%d max)", 583 MaxHeadersLength); 584 discard: 585 mstate = MS_DISCARD; 586 } 587 } 588 if (istate == IS_BOL) 589 break; 590 } 591 *bp = '\0'; 592 593 nextstate: 594 if (tTd(30, 35)) 595 sm_dprintf("nextstate, istate=%d, mstate=%d, line=\"%s\"\n", 596 istate, mstate, buf); 597 switch (mstate) 598 { 599 case MS_UFROM: 600 mstate = MS_HEADER; 601 #ifndef NOTUNIX 602 if (strncmp(buf, "From ", 5) == 0) 603 { 604 bp = buf; 605 eatfrom(buf, e); 606 continue; 607 } 608 #endif /* ! NOTUNIX */ 609 /* FALLTHROUGH */ 610 611 case MS_HEADER: 612 if (!isheader(buf)) 613 { 614 mstate = MS_BODY; 615 goto nextstate; 616 } 617 618 /* check for possible continuation line */ 619 do 620 { 621 sm_io_clearerr(fp); 622 errno = 0; 623 c = sm_io_getc(fp, SM_TIME_DEFAULT); 624 625 /* timeout? */ 626 if (c == SM_IO_EOF && errno == EAGAIN 627 && smtpmode) 628 { 629 /* 630 ** Override e_message in 631 ** usrerr() as this is the 632 ** reason for failure that 633 ** should be logged for 634 ** undelivered recipients. 635 */ 636 637 e->e_message = NULL; 638 errno = 0; 639 inputerr = true; 640 goto readabort; 641 } 642 } while (c == SM_IO_EOF && errno == EINTR); 643 if (c != SM_IO_EOF) 644 (void) sm_io_ungetc(fp, SM_TIME_DEFAULT, c); 645 if (c == ' ' || c == '\t') 646 { 647 /* yep -- defer this */ 648 continue; 649 } 650 651 SM_ASSERT(bp > buf); 652 653 /* guaranteed by isheader(buf) */ 654 SM_ASSERT(*(bp - 1) != '\n' || bp > buf + 1); 655 656 /* trim off trailing CRLF or NL */ 657 if (*--bp != '\n' || *--bp != '\r') 658 bp++; 659 *bp = '\0'; 660 661 if (bitset(H_EOH, chompheader(buf, 662 CHHDR_CHECK | CHHDR_USER, 663 hdrp, e))) 664 { 665 mstate = MS_BODY; 666 goto nextstate; 667 } 668 numhdrs++; 669 break; 670 671 case MS_BODY: 672 if (tTd(30, 1)) 673 sm_dprintf("EOH\n"); 674 675 if (headeronly) 676 goto readerr; 677 678 df = collect_eoh(e, numhdrs, hdrslen); 679 if (df == NULL) 680 e->e_flags |= EF_TOOBIG; 681 682 bp = buf; 683 684 /* toss blank line */ 685 if ((bp[0] == '\r' && bp[1] == '\n') || 686 (bp[0] == '\n')) 687 { 688 break; 689 } 690 691 /* if not a blank separator, write it out */ 692 if (!bitset(EF_TOOBIG, e->e_flags)) 693 { 694 while (*bp != '\0') 695 (void) sm_io_putc(df, SM_TIME_DEFAULT, 696 *bp++); 697 } 698 break; 699 } 700 bp = buf; 701 } 702 703 readerr: 704 if ((sm_io_eof(fp) && smtpmode) || sm_io_error(fp)) 705 { 706 const char *errmsg; 707 708 if (sm_io_eof(fp)) 709 errmsg = "unexpected close"; 710 else 711 errmsg = sm_errstring(errno); 712 if (tTd(30, 1)) 713 sm_dprintf("collect: premature EOM: %s\n", errmsg); 714 if (LogLevel > 1) 715 sm_syslog(LOG_WARNING, e->e_id, 716 "collect: premature EOM: %s", errmsg); 717 inputerr = true; 718 } 719 720 if (headeronly) 721 goto end; 722 723 if (mstate != MS_BODY) 724 { 725 /* no body or discard, so we never opened the data file */ 726 SM_ASSERT(df == NULL); 727 df = collect_eoh(e, numhdrs, hdrslen); 728 } 729 730 if (df == NULL) 731 { 732 /* skip next few clauses */ 733 /* EMPTY */ 734 } 735 else if (sm_io_flush(df, SM_TIME_DEFAULT) != 0 || sm_io_error(df)) 736 { 737 dferror(df, "sm_io_flush||sm_io_error", e); 738 flush_errors(true); 739 finis(true, true, ExitStat); 740 /* NOTREACHED */ 741 } 742 else if (SuperSafe == SAFE_NO || 743 SuperSafe == SAFE_INTERACTIVE || 744 (SuperSafe == SAFE_REALLY_POSTMILTER && smtpmode)) 745 { 746 /* skip next few clauses */ 747 /* EMPTY */ 748 /* Note: updfs() is not called in this case! */ 749 } 750 else if (sm_io_setinfo(df, SM_BF_COMMIT, NULL) < 0 && errno != EINVAL) 751 { 752 int save_errno = errno; 753 754 if (save_errno == EEXIST) 755 { 756 char *dfile; 757 struct stat st; 758 int dfd; 759 760 dfile = queuename(e, DATAFL_LETTER); 761 if (stat(dfile, &st) < 0) 762 st.st_size = -1; 763 errno = EEXIST; 764 syserr("@collect: bfcommit(%s): already on disk, size=%ld", 765 dfile, (long) st.st_size); 766 dfd = sm_io_getinfo(df, SM_IO_WHAT_FD, NULL); 767 if (dfd >= 0) 768 dumpfd(dfd, true, true); 769 } 770 errno = save_errno; 771 dferror(df, "bfcommit", e); 772 flush_errors(true); 773 finis(save_errno != EEXIST, true, ExitStat); 774 } 775 else if ((afd = sm_io_getinfo(df, SM_IO_WHAT_FD, NULL)) < 0) 776 { 777 dferror(df, "sm_io_getinfo", e); 778 flush_errors(true); 779 finis(true, true, ExitStat); 780 /* NOTREACHED */ 781 } 782 else if (fsync(afd) < 0) 783 { 784 dferror(df, "fsync", e); 785 flush_errors(true); 786 finis(true, true, ExitStat); 787 /* NOTREACHED */ 788 } 789 else if (sm_io_close(df, SM_TIME_DEFAULT) < 0) 790 { 791 dferror(df, "sm_io_close", e); 792 flush_errors(true); 793 finis(true, true, ExitStat); 794 /* NOTREACHED */ 795 } 796 else 797 { 798 /* everything is happily flushed to disk */ 799 df = NULL; 800 801 /* remove from available space in filesystem */ 802 updfs(e, 0, 1, "collect"); 803 } 804 805 /* An EOF when running SMTP is an error */ 806 readabort: 807 if (inputerr && (OpMode == MD_SMTP || OpMode == MD_DAEMON)) 808 { 809 char *host; 810 char *problem; 811 ADDRESS *q; 812 813 host = RealHostName; 814 if (host == NULL) 815 host = "localhost"; 816 817 if (sm_io_eof(fp)) 818 problem = "unexpected close"; 819 else if (sm_io_error(fp)) 820 problem = "I/O error"; 821 else 822 problem = "read timeout"; 823 if (LogLevel > 0 && sm_io_eof(fp)) 824 sm_syslog(LOG_NOTICE, e->e_id, 825 "collect: %s on connection from %.100s, sender=%s", 826 problem, host, 827 shortenstring(e->e_from.q_paddr, MAXSHORTSTR)); 828 if (sm_io_eof(fp)) 829 usrerr("421 4.4.1 collect: %s on connection from %s, from=%s", 830 problem, host, 831 shortenstring(e->e_from.q_paddr, MAXSHORTSTR)); 832 else 833 syserr("421 4.4.1 collect: %s on connection from %s, from=%s", 834 problem, host, 835 shortenstring(e->e_from.q_paddr, MAXSHORTSTR)); 836 flush_errors(true); 837 838 /* don't return an error indication */ 839 e->e_to = NULL; 840 e->e_flags &= ~EF_FATALERRS; 841 e->e_flags |= EF_CLRQUEUE; 842 843 /* Don't send any message notification to sender */ 844 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 845 { 846 if (QS_IS_DEAD(q->q_state)) 847 continue; 848 q->q_state = QS_FATALERR; 849 } 850 851 SM_CLOSE_FP(df); 852 finis(true, true, ExitStat); 853 /* NOTREACHED */ 854 } 855 856 /* Log collection information. */ 857 if (tTd(92, 2)) 858 sm_dprintf("collect: e_id=%s, EF_LOGSENDER=%d, LogLevel=%d\n", 859 e->e_id, bitset(EF_LOGSENDER, e->e_flags), LogLevel); 860 if (bitset(EF_LOGSENDER, e->e_flags) && LogLevel > 4) 861 { 862 logsender(e, e->e_msgid); 863 e->e_flags &= ~EF_LOGSENDER; 864 } 865 866 /* check for message too large */ 867 if (bitset(EF_TOOBIG, e->e_flags)) 868 { 869 e->e_flags |= EF_NO_BODY_RETN|EF_CLRQUEUE; 870 if (!bitset(EF_FATALERRS, e->e_flags)) 871 { 872 e->e_status = "5.2.3"; 873 usrerrenh(e->e_status, 874 "552 Message exceeds maximum fixed size (%ld)", 875 MaxMessageSize); 876 if (LogLevel > 6) 877 sm_syslog(LOG_NOTICE, e->e_id, 878 "message size (%ld) exceeds maximum (%ld)", 879 PRT_NONNEGL(e->e_msgsize), 880 MaxMessageSize); 881 } 882 } 883 884 /* check for illegal 8-bit data */ 885 if (HasEightBits) 886 { 887 e->e_flags |= EF_HAS8BIT; 888 if (!bitset(MM_PASS8BIT|MM_MIME8BIT, MimeMode) && 889 !bitset(EF_IS_MIME, e->e_flags)) 890 { 891 e->e_status = "5.6.1"; 892 usrerrenh(e->e_status, "554 Eight bit data not allowed"); 893 } 894 } 895 else 896 { 897 /* if it claimed to be 8 bits, well, it lied.... */ 898 if (e->e_bodytype != NULL && 899 SM_STRCASEEQ(e->e_bodytype, "8bitmime")) 900 e->e_bodytype = "7BIT"; 901 } 902 903 #if _FFR_REJECT_NUL_BYTE 904 if (hasNUL && RejectNUL) 905 { 906 e->e_status = "5.6.1"; 907 usrerrenh(e->e_status, "554 NUL byte not allowed"); 908 } 909 #endif /* _FFR_REJECT_NUL_BYTE */ 910 911 if (SuperSafe == SAFE_REALLY && !bitset(EF_FATALERRS, e->e_flags)) 912 { 913 char *dfname = queuename(e, DATAFL_LETTER); 914 if ((e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, dfname, 915 SM_IO_RDONLY_B, NULL)) == NULL) 916 { 917 /* we haven't acked receipt yet, so just chuck this */ 918 syserr("@Cannot reopen %s", dfname); 919 finis(true, true, ExitStat); 920 /* NOTREACHED */ 921 } 922 } 923 else 924 e->e_dfp = df; 925 926 /* collect statistics */ 927 if (OpMode != MD_VERIFY) 928 { 929 /* 930 ** Recalculate e_msgpriority, it is done at in eatheader() 931 ** which is called (in 8.12) after the header is collected, 932 ** hence e_msgsize is (most likely) incorrect. 933 */ 934 935 e->e_msgpriority = e->e_msgsize 936 - e->e_class * WkClassFact 937 + e->e_nrcpts * WkRecipFact; 938 markstats(e, (ADDRESS *) NULL, STATS_NORMAL); 939 } 940 941 end: 942 (void) set_tls_rd_tmo(old_rd_tmo); 943 if (buf != bufbuf) 944 SM_FREE(buf); 945 } 946 947 /* 948 ** DFERROR -- signal error on writing the data file. 949 ** 950 ** Called by collect(). Collect() always terminates the process 951 ** immediately after calling dferror(), which means that the SMTP 952 ** session will be terminated, which means that any error message 953 ** issued by dferror must be a 421 error, as per RFC 821. 954 ** 955 ** Parameters: 956 ** df -- the file pointer for the data file. 957 ** msg -- detailed message. 958 ** e -- the current envelope. 959 ** 960 ** Returns: 961 ** none. 962 ** 963 ** Side Effects: 964 ** Gives an error message. 965 ** Arranges for following output to go elsewhere. 966 */ 967 968 void 969 dferror(df, msg, e) 970 SM_FILE_T *volatile df; 971 char *msg; 972 register ENVELOPE *e; 973 { 974 char *dfname; 975 976 dfname = queuename(e, DATAFL_LETTER); 977 setstat(EX_IOERR); 978 if (errno == ENOSPC) 979 { 980 #if STAT64 > 0 981 struct stat64 st; 982 #else 983 struct stat st; 984 #endif 985 long avail; 986 long bsize; 987 988 e->e_flags |= EF_NO_BODY_RETN; 989 990 if ( 991 #if STAT64 > 0 992 fstat64(sm_io_getinfo(df, SM_IO_WHAT_FD, NULL), &st) 993 #else 994 fstat(sm_io_getinfo(df, SM_IO_WHAT_FD, NULL), &st) 995 #endif 996 < 0) 997 st.st_size = 0; 998 (void) sm_io_reopen(SmFtStdio, SM_TIME_DEFAULT, dfname, 999 SM_IO_WRONLY_B, NULL, df); 1000 if (st.st_size <= 0) 1001 (void) sm_io_fprintf(df, SM_TIME_DEFAULT, 1002 "\n*** Mail could not be accepted"); 1003 else 1004 (void) sm_io_fprintf(df, SM_TIME_DEFAULT, 1005 "\n*** Mail of at least %llu bytes could not be accepted\n", 1006 (ULONGLONG_T) st.st_size); 1007 (void) sm_io_fprintf(df, SM_TIME_DEFAULT, 1008 "*** at %s due to lack of disk space for temp file.\n", 1009 MyHostName); 1010 avail = freediskspace(qid_printqueue(e->e_qgrp, e->e_qdir), 1011 &bsize); 1012 if (avail > 0) 1013 { 1014 if (bsize > 1024) 1015 avail *= bsize / 1024; 1016 else if (bsize < 1024) 1017 avail /= 1024 / bsize; 1018 (void) sm_io_fprintf(df, SM_TIME_DEFAULT, 1019 "*** Currently, %ld kilobytes are available for mail temp files.\n", 1020 avail); 1021 } 1022 #if 0 1023 /* Wrong response code; should be 421. */ 1024 e->e_status = "4.3.1"; 1025 usrerrenh(e->e_status, "452 Out of disk space for temp file"); 1026 #else /* 0 */ 1027 syserr("421 4.3.1 Out of disk space for temp file"); 1028 #endif /* 0 */ 1029 } 1030 else 1031 syserr("421 4.3.0 collect: Cannot write %s (%s, uid=%ld, gid=%ld)", 1032 dfname, msg, (long) geteuid(), (long) getegid()); 1033 if (sm_io_reopen(SmFtStdio, SM_TIME_DEFAULT, SM_PATH_DEVNULL, 1034 SM_IO_WRONLY, NULL, df) == NULL) 1035 sm_syslog(LOG_ERR, e->e_id, 1036 "dferror: sm_io_reopen(\"/dev/null\") failed: %s", 1037 sm_errstring(errno)); 1038 } 1039 /* 1040 ** EATFROM -- chew up a UNIX style from line and process 1041 ** 1042 ** This does indeed make some assumptions about the format 1043 ** of UNIX messages. 1044 ** 1045 ** Parameters: 1046 ** fm -- the from line. 1047 ** e -- envelope 1048 ** 1049 ** Returns: 1050 ** none. 1051 ** 1052 ** Side Effects: 1053 ** extracts what information it can from the header, 1054 ** such as the date. 1055 */ 1056 1057 #ifndef NOTUNIX 1058 1059 static char *DowList[] = 1060 { 1061 "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat", NULL 1062 }; 1063 1064 static char *MonthList[] = 1065 { 1066 "Jan", "Feb", "Mar", "Apr", "May", "Jun", 1067 "Jul", "Aug", "Sep", "Oct", "Nov", "Dec", 1068 NULL 1069 }; 1070 1071 static void 1072 eatfrom(fm, e) 1073 char *volatile fm; 1074 register ENVELOPE *e; 1075 { 1076 register char *p; 1077 register char **dt; 1078 1079 if (tTd(30, 2)) 1080 sm_dprintf("eatfrom(%s)\n", fm); 1081 1082 /* find the date part */ 1083 p = fm; 1084 while (*p != '\0') 1085 { 1086 /* skip a word */ 1087 while (*p != '\0' && *p != ' ') 1088 p++; 1089 while (*p == ' ') 1090 p++; 1091 if (strlen(p) < 17) 1092 { 1093 /* no room for the date */ 1094 return; 1095 } 1096 if (!(isascii(*p) && isupper(*p)) || 1097 p[3] != ' ' || p[13] != ':' || p[16] != ':') 1098 continue; 1099 1100 /* we have a possible date */ 1101 for (dt = DowList; *dt != NULL; dt++) 1102 if (strncmp(*dt, p, 3) == 0) 1103 break; 1104 if (*dt == NULL) 1105 continue; 1106 1107 for (dt = MonthList; *dt != NULL; dt++) 1108 { 1109 if (strncmp(*dt, &p[4], 3) == 0) 1110 break; 1111 } 1112 if (*dt != NULL) 1113 break; 1114 } 1115 1116 if (*p != '\0') 1117 { 1118 char *q, buf[25]; 1119 1120 /* we have found a date */ 1121 (void) sm_strlcpy(buf, p, sizeof(buf)); 1122 q = arpadate(buf); 1123 macdefine(&e->e_macro, A_TEMP, 'a', q); 1124 } 1125 } 1126 #endif /* ! NOTUNIX */ 1127