sendmail/src/deliver.c

c2aa98e2SPeter Wemm/*
602a2b1bSGregory Neil Shapiro * Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers.
06f25ae9SGregory Neil Shapiro *	All rights reserved.
c2aa98e2SPeter Wemm * Copyright (c) 1983, 1995-1997 Eric P. Allman.  All rights reserved.
c2aa98e2SPeter Wemm * Copyright (c) 1988, 1993
c2aa98e2SPeter Wemm *	The Regents of the University of California.  All rights reserved.
c2aa98e2SPeter Wemm *
c2aa98e2SPeter Wemm * By using this file, you agree to the terms and conditions set
c2aa98e2SPeter Wemm * forth in the LICENSE file which can be found at the top level of
c2aa98e2SPeter Wemm * the sendmail distribution.
c2aa98e2SPeter Wemm *
c2aa98e2SPeter Wemm */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#ifndef lint
602a2b1bSGregory Neil Shapirostatic char id[] = "@(#)$Id: deliver.c,v 8.600.2.1.2.66 2001/02/25 23:30:35 gshapiro Exp $";
06f25ae9SGregory Neil Shapiro#endif /* ! lint */
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro#include <sendmail.h>
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if HASSETUSERCONTEXT
c2aa98e2SPeter Wemm# include <login_cap.h>
06f25ae9SGregory Neil Shapiro#endif /* HASSETUSERCONTEXT */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro#if STARTTLS || (SASL && SFIO)
06f25ae9SGregory Neil Shapiro# include "sfsasl.h"
06f25ae9SGregory Neil Shapiro#endif /* STARTTLS || (SASL && SFIO) */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapirostatic int	deliver __P((ENVELOPE *, ADDRESS *));
06f25ae9SGregory Neil Shapirostatic void	dup_queue_file __P((ENVELOPE *, ENVELOPE *, int));
06f25ae9SGregory Neil Shapirostatic void	mailfiletimeout __P((void));
06f25ae9SGregory Neil Shapirostatic void	markfailure __P((ENVELOPE *, ADDRESS *, MCI *, int, bool));
06f25ae9SGregory Neil Shapirostatic int	parse_hostsignature __P((char *, char **, MAILER *));
06f25ae9SGregory Neil Shapirostatic void	sendenvelope __P((ENVELOPE *, int));
06f25ae9SGregory Neil Shapirostatic char	*hostsignature __P((MAILER *, char *));
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if SMTP
06f25ae9SGregory Neil Shapiro# if STARTTLS
06f25ae9SGregory Neil Shapirostatic int	starttls __P((MAILER *, MCI *, ENVELOPE *));
06f25ae9SGregory Neil Shapiro# endif /* STARTTLS */
06f25ae9SGregory Neil Shapiro#endif /* SMTP */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  SENDALL -- actually send all the messages.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		e -- the envelope to send.
c2aa98e2SPeter Wemm**		mode -- the delivery mode to use.  If SM_DEFAULT, use
c2aa98e2SPeter Wemm**			the current e->e_sendmode.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		none.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		Scans the send lists and sends everything it finds.
c2aa98e2SPeter Wemm**		Delivers any appropriate error messages.
c2aa98e2SPeter Wemm**		If we are running in a non-interactive mode, takes the
c2aa98e2SPeter Wemm**			appropriate action.
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmvoid
c2aa98e2SPeter Wemmsendall(e, mode)
c2aa98e2SPeter Wemm	ENVELOPE *e;
c2aa98e2SPeter Wemm	int mode;
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	register ADDRESS *q;
c2aa98e2SPeter Wemm	char *owner;
c2aa98e2SPeter Wemm	int otherowners;
06f25ae9SGregory Neil Shapiro	int save_errno;
c2aa98e2SPeter Wemm	register ENVELOPE *ee;
c2aa98e2SPeter Wemm	ENVELOPE *splitenv = NULL;
c2aa98e2SPeter Wemm	int oldverbose = Verbose;
c2aa98e2SPeter Wemm	bool somedeliveries = FALSE, expensive = FALSE;
c2aa98e2SPeter Wemm	pid_t pid;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  If this message is to be discarded, don't bother sending
c2aa98e2SPeter Wemm	**  the message at all.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (bitset(EF_DISCARD, e->e_flags))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		if (tTd(13, 1))
06f25ae9SGregory Neil Shapiro			dprintf("sendall: discarding id %s\n", e->e_id);
c2aa98e2SPeter Wemm		e->e_flags |= EF_CLRQUEUE;
c2aa98e2SPeter Wemm		if (LogLevel > 4)
c2aa98e2SPeter Wemm			sm_syslog(LOG_INFO, e->e_id, "discarded");
c2aa98e2SPeter Wemm		markstats(e, NULL, TRUE);
c2aa98e2SPeter Wemm		return;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  If we have had global, fatal errors, don't bother sending
c2aa98e2SPeter Wemm	**  the message at all if we are in SMTP mode.  Local errors
c2aa98e2SPeter Wemm	**  (e.g., a single address failing) will still cause the other
c2aa98e2SPeter Wemm	**  addresses to be sent.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (bitset(EF_FATALERRS, e->e_flags) &&
c2aa98e2SPeter Wemm	    (OpMode == MD_SMTP || OpMode == MD_DAEMON))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		e->e_flags |= EF_CLRQUEUE;
c2aa98e2SPeter Wemm		return;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* determine actual delivery mode */
c2aa98e2SPeter Wemm	if (mode == SM_DEFAULT)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		mode = e->e_sendmode;
c2aa98e2SPeter Wemm		if (mode != SM_VERIFY && mode != SM_DEFER &&
c2aa98e2SPeter Wemm		    shouldqueue(e->e_msgpriority, e->e_ctime))
c2aa98e2SPeter Wemm			mode = SM_QUEUE;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(13, 1))
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		dprintf("\n===== SENDALL: mode %c, id %s, e_from ",
c2aa98e2SPeter Wemm			mode, e->e_id);
c2aa98e2SPeter Wemm		printaddr(&e->e_from, FALSE);
06f25ae9SGregory Neil Shapiro		dprintf("\te_flags = ");
c2aa98e2SPeter Wemm		printenvflags(e);
06f25ae9SGregory Neil Shapiro		dprintf("sendqueue:\n");
c2aa98e2SPeter Wemm		printaddr(e->e_sendqueue, TRUE);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Do any preprocessing necessary for the mode we are running.
c2aa98e2SPeter Wemm	**	Check to make sure the hop count is reasonable.
c2aa98e2SPeter Wemm	**	Delete sends to the sender in mailing lists.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	CurEnv = e;
c2aa98e2SPeter Wemm	if (tTd(62, 1))
c2aa98e2SPeter Wemm		checkfds(NULL);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (e->e_hopcount > MaxHopCount)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		errno = 0;
c2aa98e2SPeter Wemm#if QUEUE
c2aa98e2SPeter Wemm		queueup(e, mode == SM_QUEUE || mode == SM_DEFER);
06f25ae9SGregory Neil Shapiro#endif /* QUEUE */
c2aa98e2SPeter Wemm		e->e_flags |= EF_FATALERRS|EF_PM_NOTIFY|EF_CLRQUEUE;
06f25ae9SGregory Neil Shapiro		ExitStat = EX_UNAVAILABLE;
06f25ae9SGregory Neil Shapiro		syserr("554 5.0.0 Too many hops %d (%d max): from %s via %s, to %s",
c2aa98e2SPeter Wemm			e->e_hopcount, MaxHopCount, e->e_from.q_paddr,
c2aa98e2SPeter Wemm			RealHostName == NULL ? "localhost" : RealHostName,
c2aa98e2SPeter Wemm			e->e_sendqueue->q_paddr);
06f25ae9SGregory Neil Shapiro		for (q = e->e_sendqueue; q != NULL; q = q->q_next)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			if (QS_IS_DEAD(q->q_state))
06f25ae9SGregory Neil Shapiro				continue;
06f25ae9SGregory Neil Shapiro			q->q_state = QS_BADADDR;
06f25ae9SGregory Neil Shapiro			q->q_status = "5.4.6";
06f25ae9SGregory Neil Shapiro		}
c2aa98e2SPeter Wemm		return;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Do sender deletion.
c2aa98e2SPeter Wemm	**
06f25ae9SGregory Neil Shapiro	**	If the sender should be queued up, skip this.
c2aa98e2SPeter Wemm	**	This can happen if the name server is hosed when you
c2aa98e2SPeter Wemm	**	are trying to send mail.  The result is that the sender
c2aa98e2SPeter Wemm	**	is instantiated in the queue as a recipient.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (!bitset(EF_METOO, e->e_flags) &&
06f25ae9SGregory Neil Shapiro	    !QS_IS_QUEUEUP(e->e_from.q_state))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		if (tTd(13, 5))
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			dprintf("sendall: QS_SENDER ");
c2aa98e2SPeter Wemm			printaddr(&e->e_from, FALSE);
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro		e->e_from.q_state = QS_SENDER;
c2aa98e2SPeter Wemm		(void) recipient(&e->e_from, &e->e_sendqueue, 0, e);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Handle alias owners.
c2aa98e2SPeter Wemm	**
c2aa98e2SPeter Wemm	**	We scan up the q_alias chain looking for owners.
c2aa98e2SPeter Wemm	**	We discard owners that are the same as the return path.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	for (q = e->e_sendqueue; q != NULL; q = q->q_next)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		register struct address *a;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		for (a = q; a != NULL && a->q_owner == NULL; a = a->q_alias)
c2aa98e2SPeter Wemm			continue;
c2aa98e2SPeter Wemm		if (a != NULL)
c2aa98e2SPeter Wemm			q->q_owner = a->q_owner;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (q->q_owner != NULL &&
06f25ae9SGregory Neil Shapiro		    !QS_IS_DEAD(q->q_state) &&
c2aa98e2SPeter Wemm		    strcmp(q->q_owner, e->e_from.q_paddr) == 0)
c2aa98e2SPeter Wemm			q->q_owner = NULL;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(13, 25))
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		dprintf("\nAfter first owner pass, sendq =\n");
c2aa98e2SPeter Wemm		printaddr(e->e_sendqueue, TRUE);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	owner = "";
c2aa98e2SPeter Wemm	otherowners = 1;
c2aa98e2SPeter Wemm	while (owner != NULL && otherowners > 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		if (tTd(13, 28))
06f25ae9SGregory Neil Shapiro			dprintf("owner = \"%s\", otherowners = %d\n",
c2aa98e2SPeter Wemm				owner, otherowners);
c2aa98e2SPeter Wemm		owner = NULL;
c2aa98e2SPeter Wemm		otherowners = bitset(EF_SENDRECEIPT, e->e_flags) ? 1 : 0;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		for (q = e->e_sendqueue; q != NULL; q = q->q_next)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (tTd(13, 30))
c2aa98e2SPeter Wemm			{
06f25ae9SGregory Neil Shapiro				dprintf("Checking ");
c2aa98e2SPeter Wemm				printaddr(q, FALSE);
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro			if (QS_IS_DEAD(q->q_state))
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (tTd(13, 30))
06f25ae9SGregory Neil Shapiro					dprintf("    ... QS_IS_DEAD\n");
c2aa98e2SPeter Wemm				continue;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			if (tTd(13, 29) && !tTd(13, 30))
c2aa98e2SPeter Wemm			{
06f25ae9SGregory Neil Shapiro				dprintf("Checking ");
c2aa98e2SPeter Wemm				printaddr(q, FALSE);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			if (q->q_owner != NULL)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (owner == NULL)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					if (tTd(13, 40))
06f25ae9SGregory Neil Shapiro						dprintf("    ... First owner = \"%s\"\n",
c2aa98e2SPeter Wemm							q->q_owner);
c2aa98e2SPeter Wemm					owner = q->q_owner;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				else if (owner != q->q_owner)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					if (strcmp(owner, q->q_owner) == 0)
c2aa98e2SPeter Wemm					{
c2aa98e2SPeter Wemm						if (tTd(13, 40))
06f25ae9SGregory Neil Shapiro							dprintf("    ... Same owner = \"%s\"\n",
c2aa98e2SPeter Wemm								owner);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm						/* make future comparisons cheap */
c2aa98e2SPeter Wemm						q->q_owner = owner;
c2aa98e2SPeter Wemm					}
c2aa98e2SPeter Wemm					else
c2aa98e2SPeter Wemm					{
c2aa98e2SPeter Wemm						if (tTd(13, 40))
06f25ae9SGregory Neil Shapiro							dprintf("    ... Another owner \"%s\"\n",
c2aa98e2SPeter Wemm								q->q_owner);
c2aa98e2SPeter Wemm						otherowners++;
c2aa98e2SPeter Wemm					}
c2aa98e2SPeter Wemm					owner = q->q_owner;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				else if (tTd(13, 40))
06f25ae9SGregory Neil Shapiro					dprintf("    ... Same owner = \"%s\"\n",
c2aa98e2SPeter Wemm						owner);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (tTd(13, 40))
06f25ae9SGregory Neil Shapiro					dprintf("    ... Null owner\n");
c2aa98e2SPeter Wemm				otherowners++;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro			if (QS_IS_BADADDR(q->q_state))
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				if (tTd(13, 30))
06f25ae9SGregory Neil Shapiro					dprintf("    ... QS_IS_BADADDR\n");
06f25ae9SGregory Neil Shapiro				continue;
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			if (QS_IS_QUEUEUP(q->q_state))
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				MAILER *m = q->q_mailer;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				/*
06f25ae9SGregory Neil Shapiro				**  If we have temporary address failures
06f25ae9SGregory Neil Shapiro				**  (e.g., dns failure) and a fallback MX is
06f25ae9SGregory Neil Shapiro				**  set, send directly to the fallback MX host.
06f25ae9SGregory Neil Shapiro				*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				if (FallBackMX != NULL &&
06f25ae9SGregory Neil Shapiro				    !wordinclass(FallBackMX, 'w') &&
06f25ae9SGregory Neil Shapiro				    mode != SM_VERIFY &&
06f25ae9SGregory Neil Shapiro				    (strcmp(m->m_mailer, "[IPC]") == 0 ||
06f25ae9SGregory Neil Shapiro				     strcmp(m->m_mailer, "[TCP]") == 0) &&
06f25ae9SGregory Neil Shapiro				    m->m_argv[0] != NULL &&
06f25ae9SGregory Neil Shapiro				    (strcmp(m->m_argv[0], "TCP") == 0 ||
06f25ae9SGregory Neil Shapiro				     strcmp(m->m_argv[0], "IPC") == 0))
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					int len;
06f25ae9SGregory Neil Shapiro					char *p;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro					if (tTd(13, 30))
06f25ae9SGregory Neil Shapiro						dprintf("    ... FallBackMX\n");
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro					len = strlen(FallBackMX) + 3;
06f25ae9SGregory Neil Shapiro					p = xalloc(len);
06f25ae9SGregory Neil Shapiro					snprintf(p, len, "[%s]", FallBackMX);
06f25ae9SGregory Neil Shapiro					q->q_state = QS_OK;
06f25ae9SGregory Neil Shapiro					q->q_host = p;
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro				else
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					if (tTd(13, 30))
06f25ae9SGregory Neil Shapiro						dprintf("    ... QS_IS_QUEUEUP\n");
06f25ae9SGregory Neil Shapiro					continue;
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm			/*
c2aa98e2SPeter Wemm			**  If this mailer is expensive, and if we don't
c2aa98e2SPeter Wemm			**  want to make connections now, just mark these
c2aa98e2SPeter Wemm			**  addresses and return.  This is useful if we
c2aa98e2SPeter Wemm			**  want to batch connections to reduce load.  This
c2aa98e2SPeter Wemm			**  will cause the messages to be queued up, and a
c2aa98e2SPeter Wemm			**  daemon will come along to send the messages later.
c2aa98e2SPeter Wemm			*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			if (NoConnect && !Verbose &&
c2aa98e2SPeter Wemm			    bitnset(M_EXPENSIVE, q->q_mailer->m_flags))
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (tTd(13, 30))
06f25ae9SGregory Neil Shapiro					dprintf("    ... expensive\n");
06f25ae9SGregory Neil Shapiro				q->q_state = QS_QUEUEUP;
06f25ae9SGregory Neil Shapiro				expensive = TRUE;
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			else if (bitnset(M_HOLD, q->q_mailer->m_flags) &&
06f25ae9SGregory Neil Shapiro				 QueueLimitId == NULL &&
06f25ae9SGregory Neil Shapiro				 QueueLimitSender == NULL &&
06f25ae9SGregory Neil Shapiro				 QueueLimitRecipient == NULL)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				if (tTd(13, 30))
06f25ae9SGregory Neil Shapiro					dprintf("    ... hold\n");
06f25ae9SGregory Neil Shapiro				q->q_state = QS_QUEUEUP;
c2aa98e2SPeter Wemm				expensive = TRUE;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (tTd(13, 30))
06f25ae9SGregory Neil Shapiro					dprintf("    ... deliverable\n");
c2aa98e2SPeter Wemm				somedeliveries = TRUE;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (owner != NULL && otherowners > 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/*
c2aa98e2SPeter Wemm			**  Split this envelope into two.
c2aa98e2SPeter Wemm			*/
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro			ee = (ENVELOPE *) xalloc(sizeof *ee);
c2aa98e2SPeter Wemm			*ee = *e;
06f25ae9SGregory Neil Shapiro			ee->e_message = NULL;
c2aa98e2SPeter Wemm			ee->e_id = NULL;
06f25ae9SGregory Neil Shapiro			assign_queueid(ee);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			if (tTd(13, 1))
06f25ae9SGregory Neil Shapiro				dprintf("sendall: split %s into %s, owner = \"%s\", otherowners = %d\n",
c2aa98e2SPeter Wemm					e->e_id, ee->e_id, owner, otherowners);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			ee->e_header = copyheader(e->e_header);
c2aa98e2SPeter Wemm			ee->e_sendqueue = copyqueue(e->e_sendqueue);
c2aa98e2SPeter Wemm			ee->e_errorqueue = copyqueue(e->e_errorqueue);
c2aa98e2SPeter Wemm			ee->e_flags = e->e_flags & ~(EF_INQUEUE|EF_CLRQUEUE|EF_FATALERRS|EF_SENDRECEIPT|EF_RET_PARAM);
c2aa98e2SPeter Wemm			ee->e_flags |= EF_NORECEIPT;
c2aa98e2SPeter Wemm			setsender(owner, ee, NULL, '\0', TRUE);
c2aa98e2SPeter Wemm			if (tTd(13, 5))
c2aa98e2SPeter Wemm			{
06f25ae9SGregory Neil Shapiro				dprintf("sendall(split): QS_SENDER ");
c2aa98e2SPeter Wemm				printaddr(&ee->e_from, FALSE);
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro			ee->e_from.q_state = QS_SENDER;
c2aa98e2SPeter Wemm			ee->e_dfp = NULL;
06f25ae9SGregory Neil Shapiro			ee->e_lockfp = NULL;
c2aa98e2SPeter Wemm			ee->e_xfp = NULL;
06f25ae9SGregory Neil Shapiro			ee->e_queuedir = e->e_queuedir;
c2aa98e2SPeter Wemm			ee->e_errormode = EM_MAIL;
c2aa98e2SPeter Wemm			ee->e_sibling = splitenv;
06f25ae9SGregory Neil Shapiro			ee->e_statmsg = NULL;
c2aa98e2SPeter Wemm			splitenv = ee;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			for (q = e->e_sendqueue; q != NULL; q = q->q_next)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (q->q_owner == owner)
c2aa98e2SPeter Wemm				{
06f25ae9SGregory Neil Shapiro					q->q_state = QS_CLONED;
c2aa98e2SPeter Wemm					if (tTd(13, 6))
06f25ae9SGregory Neil Shapiro						dprintf("\t... stripping %s from original envelope\n",
c2aa98e2SPeter Wemm							q->q_paddr);
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			for (q = ee->e_sendqueue; q != NULL; q = q->q_next)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (q->q_owner != owner)
c2aa98e2SPeter Wemm				{
06f25ae9SGregory Neil Shapiro					q->q_state = QS_CLONED;
c2aa98e2SPeter Wemm					if (tTd(13, 6))
06f25ae9SGregory Neil Shapiro						dprintf("\t... dropping %s from cloned envelope\n",
c2aa98e2SPeter Wemm							q->q_paddr);
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					/* clear DSN parameters */
c2aa98e2SPeter Wemm					q->q_flags &= ~(QHASNOTIFY|Q_PINGFLAGS);
c2aa98e2SPeter Wemm					q->q_flags |= DefaultNotify & ~QPINGONSUCCESS;
c2aa98e2SPeter Wemm					if (tTd(13, 6))
06f25ae9SGregory Neil Shapiro						dprintf("\t... moving %s to cloned envelope\n",
c2aa98e2SPeter Wemm							q->q_paddr);
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			if (mode != SM_VERIFY && bitset(EF_HAS_DF, e->e_flags))
c2aa98e2SPeter Wemm				dup_queue_file(e, ee, 'd');
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			/*
06f25ae9SGregory Neil Shapiro			**  Give the split envelope access to the parent
06f25ae9SGregory Neil Shapiro			**  transcript file for errors obtained while
06f25ae9SGregory Neil Shapiro			**  processing the recipients (done before the
06f25ae9SGregory Neil Shapiro			**  envelope splitting).
06f25ae9SGregory Neil Shapiro			*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			if (e->e_xfp != NULL)
06f25ae9SGregory Neil Shapiro				ee->e_xfp = bfdup(e->e_xfp);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			/* failed to dup e->e_xfp, start a new transcript */
06f25ae9SGregory Neil Shapiro			if (ee->e_xfp == NULL)
c2aa98e2SPeter Wemm				openxscript(ee);
06f25ae9SGregory Neil Shapiro
065a643dSPeter Wemm			if (mode != SM_VERIFY && LogLevel > 4)
c2aa98e2SPeter Wemm				sm_syslog(LOG_INFO, ee->e_id,
c2aa98e2SPeter Wemm					  "clone %s, owner=%s",
c2aa98e2SPeter Wemm					  e->e_id, owner);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (owner != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		setsender(owner, e, NULL, '\0', TRUE);
c2aa98e2SPeter Wemm		if (tTd(13, 5))
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			dprintf("sendall(owner): QS_SENDER ");
c2aa98e2SPeter Wemm			printaddr(&e->e_from, FALSE);
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro		e->e_from.q_state = QS_SENDER;
c2aa98e2SPeter Wemm		e->e_errormode = EM_MAIL;
c2aa98e2SPeter Wemm		e->e_flags |= EF_NORECEIPT;
c2aa98e2SPeter Wemm		e->e_flags &= ~EF_FATALERRS;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* if nothing to be delivered, just queue up everything */
c2aa98e2SPeter Wemm	if (!somedeliveries && mode != SM_QUEUE && mode != SM_DEFER &&
c2aa98e2SPeter Wemm	    mode != SM_VERIFY)
c2aa98e2SPeter Wemm	{
193538b7SGregory Neil Shapiro		time_t now = curtime();
193538b7SGregory Neil Shapiro
c2aa98e2SPeter Wemm		if (tTd(13, 29))
06f25ae9SGregory Neil Shapiro			dprintf("No deliveries: auto-queuing\n");
c2aa98e2SPeter Wemm		mode = SM_QUEUE;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* treat this as a delivery in terms of counting tries */
193538b7SGregory Neil Shapiro		e->e_dtime = now;
c2aa98e2SPeter Wemm		if (!expensive)
c2aa98e2SPeter Wemm			e->e_ntries++;
c2aa98e2SPeter Wemm		for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
c2aa98e2SPeter Wemm		{
193538b7SGregory Neil Shapiro			ee->e_dtime = now;
c2aa98e2SPeter Wemm			if (!expensive)
c2aa98e2SPeter Wemm				ee->e_ntries++;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if QUEUE
c2aa98e2SPeter Wemm	if ((mode == SM_QUEUE || mode == SM_DEFER || mode == SM_FORK ||
c2aa98e2SPeter Wemm	     (mode != SM_VERIFY && SuperSafe)) &&
c2aa98e2SPeter Wemm	    (!bitset(EF_INQUEUE, e->e_flags) || splitenv != NULL))
c2aa98e2SPeter Wemm	{
42e5d165SGregory Neil Shapiro		/*
42e5d165SGregory Neil Shapiro		**  Be sure everything is instantiated in the queue.
42e5d165SGregory Neil Shapiro		**  Split envelopes first in case the machine crashes.
42e5d165SGregory Neil Shapiro		**  If the original were done first, we may lose
42e5d165SGregory Neil Shapiro		**  recipients.
42e5d165SGregory Neil Shapiro		*/
42e5d165SGregory Neil Shapiro
c2aa98e2SPeter Wemm		for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
c2aa98e2SPeter Wemm			queueup(ee, mode == SM_QUEUE || mode == SM_DEFER);
42e5d165SGregory Neil Shapiro		queueup(e, mode == SM_QUEUE || mode == SM_DEFER);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm#endif /* QUEUE */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(62, 10))
c2aa98e2SPeter Wemm		checkfds("after envelope splitting");
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  If we belong in background, fork now.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(13, 20))
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		dprintf("sendall: final mode = %c\n", mode);
c2aa98e2SPeter Wemm		if (tTd(13, 21))
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			dprintf("\n================ Final Send Queue(s) =====================\n");
06f25ae9SGregory Neil Shapiro			dprintf("\n  *** Envelope %s, e_from=%s ***\n",
c2aa98e2SPeter Wemm				e->e_id, e->e_from.q_paddr);
c2aa98e2SPeter Wemm			printaddr(e->e_sendqueue, TRUE);
c2aa98e2SPeter Wemm			for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
c2aa98e2SPeter Wemm			{
06f25ae9SGregory Neil Shapiro				dprintf("\n  *** Envelope %s, e_from=%s ***\n",
c2aa98e2SPeter Wemm					ee->e_id, ee->e_from.q_paddr);
c2aa98e2SPeter Wemm				printaddr(ee->e_sendqueue, TRUE);
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro			dprintf("==========================================================\n\n");
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	switch (mode)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm	  case SM_VERIFY:
c2aa98e2SPeter Wemm		Verbose = 2;
c2aa98e2SPeter Wemm		break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	  case SM_QUEUE:
c2aa98e2SPeter Wemm	  case SM_DEFER:
c2aa98e2SPeter Wemm#if HASFLOCK
c2aa98e2SPeter Wemm  queueonly:
06f25ae9SGregory Neil Shapiro#endif /* HASFLOCK */
c2aa98e2SPeter Wemm		if (e->e_nrcpts > 0)
c2aa98e2SPeter Wemm			e->e_flags |= EF_INQUEUE;
c2aa98e2SPeter Wemm		dropenvelope(e, splitenv != NULL);
c2aa98e2SPeter Wemm		for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (ee->e_nrcpts > 0)
c2aa98e2SPeter Wemm				ee->e_flags |= EF_INQUEUE;
c2aa98e2SPeter Wemm			dropenvelope(ee, FALSE);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		return;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	  case SM_FORK:
c2aa98e2SPeter Wemm		if (e->e_xfp != NULL)
c2aa98e2SPeter Wemm			(void) fflush(e->e_xfp);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if !HASFLOCK
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Since fcntl locking has the interesting semantic that
c2aa98e2SPeter Wemm		**  the lock is owned by a process, not by an open file
c2aa98e2SPeter Wemm		**  descriptor, we have to flush this to the queue, and
c2aa98e2SPeter Wemm		**  then restart from scratch in the child.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* save id for future use */
c2aa98e2SPeter Wemm			char *qid = e->e_id;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* now drop the envelope in the parent */
c2aa98e2SPeter Wemm			e->e_flags |= EF_INQUEUE;
c2aa98e2SPeter Wemm			dropenvelope(e, splitenv != NULL);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* arrange to reacquire lock after fork */
c2aa98e2SPeter Wemm			e->e_id = qid;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* save id for future use */
c2aa98e2SPeter Wemm			char *qid = ee->e_id;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* drop envelope in parent */
c2aa98e2SPeter Wemm			ee->e_flags |= EF_INQUEUE;
c2aa98e2SPeter Wemm			dropenvelope(ee, FALSE);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* and save qid for reacquisition */
c2aa98e2SPeter Wemm			ee->e_id = qid;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#endif /* !HASFLOCK */
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		/*
06f25ae9SGregory Neil Shapiro		**  Since the delivery may happen in a child and the parent
06f25ae9SGregory Neil Shapiro		**  does not wait, the parent may close the maps thereby
06f25ae9SGregory Neil Shapiro		**  removing any shared memory used by the map.  Therefore,
06f25ae9SGregory Neil Shapiro		**  close the maps now so the child will dynamically open
06f25ae9SGregory Neil Shapiro		**  them if necessary.
06f25ae9SGregory Neil Shapiro		*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		closemaps();
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		pid = fork();
c2aa98e2SPeter Wemm		if (pid < 0)
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			syserr("deliver: fork 1");
c2aa98e2SPeter Wemm#if HASFLOCK
c2aa98e2SPeter Wemm			goto queueonly;
06f25ae9SGregory Neil Shapiro#else /* HASFLOCK */
c2aa98e2SPeter Wemm			e->e_id = NULL;
c2aa98e2SPeter Wemm			for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
c2aa98e2SPeter Wemm				ee->e_id = NULL;
c2aa98e2SPeter Wemm			return;
c2aa98e2SPeter Wemm#endif /* HASFLOCK */
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		else if (pid > 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm#if HASFLOCK
c2aa98e2SPeter Wemm			/* be sure we leave the temp files to our child */
c2aa98e2SPeter Wemm			/* close any random open files in the envelope */
c2aa98e2SPeter Wemm			closexscript(e);
c2aa98e2SPeter Wemm			if (e->e_dfp != NULL)
06f25ae9SGregory Neil Shapiro				(void) bfclose(e->e_dfp);
c2aa98e2SPeter Wemm			e->e_dfp = NULL;
c2aa98e2SPeter Wemm			e->e_flags &= ~EF_HAS_DF;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* can't call unlockqueue to avoid unlink of xfp */
c2aa98e2SPeter Wemm			if (e->e_lockfp != NULL)
06f25ae9SGregory Neil Shapiro				(void) fclose(e->e_lockfp);
06f25ae9SGregory Neil Shapiro			else
06f25ae9SGregory Neil Shapiro				syserr("%s: sendall: null lockfp", e->e_id);
c2aa98e2SPeter Wemm			e->e_lockfp = NULL;
06f25ae9SGregory Neil Shapiro#endif /* HASFLOCK */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* make sure the parent doesn't own the envelope */
c2aa98e2SPeter Wemm			e->e_id = NULL;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* catch intermediate zombie */
c2aa98e2SPeter Wemm			(void) waitfor(pid);
c2aa98e2SPeter Wemm			return;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
42e5d165SGregory Neil Shapiro		/*
42e5d165SGregory Neil Shapiro		**  Since we have accepted responsbility for the message,
42e5d165SGregory Neil Shapiro		**  change the SIGTERM handler.  intsig() (the old handler)
42e5d165SGregory Neil Shapiro		**  would remove the envelope if this was a command line
42e5d165SGregory Neil Shapiro		**  message submission.
42e5d165SGregory Neil Shapiro		*/
42e5d165SGregory Neil Shapiro
42e5d165SGregory Neil Shapiro		(void) setsignal(SIGTERM, SIG_DFL);
42e5d165SGregory Neil Shapiro
c2aa98e2SPeter Wemm		/* double fork to avoid zombies */
c2aa98e2SPeter Wemm		pid = fork();
c2aa98e2SPeter Wemm		if (pid > 0)
c2aa98e2SPeter Wemm			exit(EX_OK);
06f25ae9SGregory Neil Shapiro		save_errno = errno;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* be sure we are immune from the terminal */
c2aa98e2SPeter Wemm		disconnect(2, e);
06f25ae9SGregory Neil Shapiro		clearstats();
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* prevent parent from waiting if there was an error */
c2aa98e2SPeter Wemm		if (pid < 0)
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			errno = save_errno;
06f25ae9SGregory Neil Shapiro			syserr("deliver: fork 2");
c2aa98e2SPeter Wemm#if HASFLOCK
c2aa98e2SPeter Wemm			e->e_flags |= EF_INQUEUE;
06f25ae9SGregory Neil Shapiro#else /* HASFLOCK */
c2aa98e2SPeter Wemm			e->e_id = NULL;
c2aa98e2SPeter Wemm#endif /* HASFLOCK */
065a643dSPeter Wemm			finis(TRUE, ExitStat);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* be sure to give error messages in child */
c2aa98e2SPeter Wemm		QuickAbort = FALSE;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Close any cached connections.
c2aa98e2SPeter Wemm		**
c2aa98e2SPeter Wemm		**	We don't send the QUIT protocol because the parent
c2aa98e2SPeter Wemm		**	still knows about the connection.
c2aa98e2SPeter Wemm		**
c2aa98e2SPeter Wemm		**	This should only happen when delivering an error
c2aa98e2SPeter Wemm		**	message.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		mci_flush(FALSE, NULL);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if HASFLOCK
c2aa98e2SPeter Wemm		break;
06f25ae9SGregory Neil Shapiro#else /* HASFLOCK */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Now reacquire and run the various queue files.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			ENVELOPE *sibling = ee->e_sibling;
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro			(void) dowork(ee->e_queuedir, ee->e_id,
06f25ae9SGregory Neil Shapiro				      FALSE, FALSE, ee);
c2aa98e2SPeter Wemm			ee->e_sibling = sibling;
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro		(void) dowork(e->e_queuedir, e->e_id,
06f25ae9SGregory Neil Shapiro			      FALSE, FALSE, e);
065a643dSPeter Wemm		finis(TRUE, ExitStat);
06f25ae9SGregory Neil Shapiro#endif /* HASFLOCK */
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	sendenvelope(e, mode);
c2aa98e2SPeter Wemm	dropenvelope(e, TRUE);
c2aa98e2SPeter Wemm	for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		CurEnv = ee;
c2aa98e2SPeter Wemm		if (mode != SM_VERIFY)
c2aa98e2SPeter Wemm			openxscript(ee);
c2aa98e2SPeter Wemm		sendenvelope(ee, mode);
c2aa98e2SPeter Wemm		dropenvelope(ee, TRUE);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	CurEnv = e;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	Verbose = oldverbose;
c2aa98e2SPeter Wemm	if (mode == SM_FORK)
065a643dSPeter Wemm		finis(TRUE, ExitStat);
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapirostatic void
c2aa98e2SPeter Wemmsendenvelope(e, mode)
c2aa98e2SPeter Wemm	register ENVELOPE *e;
c2aa98e2SPeter Wemm	int mode;
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	register ADDRESS *q;
c2aa98e2SPeter Wemm	bool didany;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(13, 10))
06f25ae9SGregory Neil Shapiro		dprintf("sendenvelope(%s) e_flags=0x%lx\n",
c2aa98e2SPeter Wemm			e->e_id == NULL ? "[NOQUEUE]" : e->e_id,
c2aa98e2SPeter Wemm			e->e_flags);
c2aa98e2SPeter Wemm	if (LogLevel > 80)
c2aa98e2SPeter Wemm		sm_syslog(LOG_DEBUG, e->e_id,
06f25ae9SGregory Neil Shapiro			  "sendenvelope, flags=0x%lx",
c2aa98e2SPeter Wemm			  e->e_flags);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  If we have had global, fatal errors, don't bother sending
c2aa98e2SPeter Wemm	**  the message at all if we are in SMTP mode.  Local errors
c2aa98e2SPeter Wemm	**  (e.g., a single address failing) will still cause the other
c2aa98e2SPeter Wemm	**  addresses to be sent.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (bitset(EF_FATALERRS, e->e_flags) &&
c2aa98e2SPeter Wemm	    (OpMode == MD_SMTP || OpMode == MD_DAEMON))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		e->e_flags |= EF_CLRQUEUE;
c2aa98e2SPeter Wemm		return;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	/* Don't attempt deliveries if we want to bounce now */
06f25ae9SGregory Neil Shapiro	if (!bitset(EF_RESPONSE, e->e_flags) &&
06f25ae9SGregory Neil Shapiro	    TimeOuts.to_q_return[e->e_timeoutclass] == NOW)
06f25ae9SGregory Neil Shapiro		return;
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Run through the list and send everything.
c2aa98e2SPeter Wemm	**
c2aa98e2SPeter Wemm	**	Set EF_GLOBALERRS so that error messages during delivery
c2aa98e2SPeter Wemm	**	result in returned mail.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	e->e_nsent = 0;
c2aa98e2SPeter Wemm	e->e_flags |= EF_GLOBALERRS;
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	define(macid("{envid}", NULL), e->e_envid, e);
c2aa98e2SPeter Wemm	define(macid("{bodytype}", NULL), e->e_bodytype, e);
c2aa98e2SPeter Wemm	didany = FALSE;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* now run through the queue */
c2aa98e2SPeter Wemm	for (q = e->e_sendqueue; q != NULL; q = q->q_next)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm#if XDEBUG
c2aa98e2SPeter Wemm		char wbuf[MAXNAME + 20];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		(void) snprintf(wbuf, sizeof wbuf, "sendall(%.*s)",
c2aa98e2SPeter Wemm			MAXNAME, q->q_paddr);
c2aa98e2SPeter Wemm		checkfd012(wbuf);
06f25ae9SGregory Neil Shapiro#endif /* XDEBUG */
c2aa98e2SPeter Wemm		if (mode == SM_VERIFY)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			e->e_to = q->q_paddr;
06f25ae9SGregory Neil Shapiro			if (QS_IS_SENDABLE(q->q_state))
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (q->q_host != NULL && q->q_host[0] != '\0')
c2aa98e2SPeter Wemm					message("deliverable: mailer %s, host %s, user %s",
c2aa98e2SPeter Wemm						q->q_mailer->m_name,
c2aa98e2SPeter Wemm						q->q_host,
c2aa98e2SPeter Wemm						q->q_user);
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm					message("deliverable: mailer %s, user %s",
c2aa98e2SPeter Wemm						q->q_mailer->m_name,
c2aa98e2SPeter Wemm						q->q_user);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro		else if (QS_IS_OK(q->q_state))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm#if QUEUE
c2aa98e2SPeter Wemm			/*
c2aa98e2SPeter Wemm			**  Checkpoint the send list every few addresses
c2aa98e2SPeter Wemm			*/
c2aa98e2SPeter Wemm
42e5d165SGregory Neil Shapiro			if (CheckpointInterval > 0 &&
42e5d165SGregory Neil Shapiro			    e->e_nsent >= CheckpointInterval)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				queueup(e, FALSE);
c2aa98e2SPeter Wemm				e->e_nsent = 0;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm#endif /* QUEUE */
c2aa98e2SPeter Wemm			(void) deliver(e, q);
c2aa98e2SPeter Wemm			didany = TRUE;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	if (didany)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		e->e_dtime = curtime();
c2aa98e2SPeter Wemm		e->e_ntries++;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if XDEBUG
c2aa98e2SPeter Wemm	checkfd012("end of sendenvelope");
06f25ae9SGregory Neil Shapiro#endif /* XDEBUG */
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  DUP_QUEUE_FILE -- duplicate a queue file into a split queue
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		e -- the existing envelope
c2aa98e2SPeter Wemm**		ee -- the new envelope
c2aa98e2SPeter Wemm**		type -- the queue file type (e.g., 'd')
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		none
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapirostatic void
c2aa98e2SPeter Wemmdup_queue_file(e, ee, type)
c2aa98e2SPeter Wemm	struct envelope *e, *ee;
c2aa98e2SPeter Wemm	int type;
c2aa98e2SPeter Wemm{
06f25ae9SGregory Neil Shapiro	char f1buf[MAXPATHLEN], f2buf[MAXPATHLEN];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	ee->e_dfp = NULL;
c2aa98e2SPeter Wemm	ee->e_xfp = NULL;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/*
06f25ae9SGregory Neil Shapiro	**  Make sure both are in the same directory.
06f25ae9SGregory Neil Shapiro	*/
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	snprintf(f1buf, sizeof f1buf, "%s", queuename(e, type));
c2aa98e2SPeter Wemm	snprintf(f2buf, sizeof f2buf, "%s", queuename(ee, type));
c2aa98e2SPeter Wemm	if (link(f1buf, f2buf) < 0)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		int save_errno = errno;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		syserr("sendall: link(%s, %s)", f1buf, f2buf);
06f25ae9SGregory Neil Shapiro		if (save_errno == EEXIST)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (unlink(f2buf) < 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				syserr("!sendall: unlink(%s): permanent",
c2aa98e2SPeter Wemm					f2buf);
c2aa98e2SPeter Wemm				/* NOTREACHED */
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			if (link(f1buf, f2buf) < 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				syserr("!sendall: link(%s, %s): permanent",
c2aa98e2SPeter Wemm					f1buf, f2buf);
c2aa98e2SPeter Wemm				/* NOTREACHED */
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  DOFORK -- do a fork, retrying a couple of times on failure.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	This MUST be a macro, since after a vfork we are running
c2aa98e2SPeter Wemm**	two processes on the same stack!!!
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		none.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		From a macro???  You've got to be kidding!
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		Modifies the ==> LOCAL <== variable 'pid', leaving:
c2aa98e2SPeter Wemm**			pid of child in parent, zero in child.
c2aa98e2SPeter Wemm**			-1 on unrecoverable error.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Notes:
c2aa98e2SPeter Wemm**		I'm awfully sorry this looks so awful.  That's
c2aa98e2SPeter Wemm**		vfork for you.....
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#define NFORKTRIES	5
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#ifndef FORK
c2aa98e2SPeter Wemm# define FORK	fork
06f25ae9SGregory Neil Shapiro#endif /* ! FORK */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#define DOFORK(fORKfN) \
c2aa98e2SPeter Wemm{\
c2aa98e2SPeter Wemm	register int i;\
c2aa98e2SPeter Wemm\
c2aa98e2SPeter Wemm	for (i = NFORKTRIES; --i >= 0; )\
c2aa98e2SPeter Wemm	{\
c2aa98e2SPeter Wemm		pid = fORKfN();\
c2aa98e2SPeter Wemm		if (pid >= 0)\
c2aa98e2SPeter Wemm			break;\
c2aa98e2SPeter Wemm		if (i > 0)\
06f25ae9SGregory Neil Shapiro			(void) sleep((unsigned) NFORKTRIES - i);\
c2aa98e2SPeter Wemm	}\
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  DOFORK -- simple fork interface to DOFORK.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		none.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		pid of child in parent.
c2aa98e2SPeter Wemm**		zero in child.
c2aa98e2SPeter Wemm**		-1 on error.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		returns twice, once in parent and once in child.
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmint
c2aa98e2SPeter Wemmdofork()
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	register pid_t pid = -1;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	DOFORK(fork);
06f25ae9SGregory Neil Shapiro	return pid;
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  DELIVER -- Deliver a message to a list of addresses.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	This routine delivers to everyone on the same host as the
c2aa98e2SPeter Wemm**	user on the head of the list.  It is clever about mailers
c2aa98e2SPeter Wemm**	that don't handle multiple users.  It is NOT guaranteed
c2aa98e2SPeter Wemm**	that it will deliver to all these addresses however -- so
c2aa98e2SPeter Wemm**	deliver should be called once for each address on the
c2aa98e2SPeter Wemm**	list.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		e -- the envelope to deliver.
c2aa98e2SPeter Wemm**		firstto -- head of the address list to deliver to.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		zero -- successfully delivered.
c2aa98e2SPeter Wemm**		else -- some failure, see ExitStat for more info.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		The standard input is passed off to someone.
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#ifndef NO_UID
c2aa98e2SPeter Wemm# define NO_UID		-1
06f25ae9SGregory Neil Shapiro#endif /* ! NO_UID */
c2aa98e2SPeter Wemm#ifndef NO_GID
c2aa98e2SPeter Wemm# define NO_GID		-1
06f25ae9SGregory Neil Shapiro#endif /* ! NO_GID */
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapirostatic int
c2aa98e2SPeter Wemmdeliver(e, firstto)
c2aa98e2SPeter Wemm	register ENVELOPE *e;
c2aa98e2SPeter Wemm	ADDRESS *firstto;
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	char *host;			/* host being sent to */
c2aa98e2SPeter Wemm	char *user;			/* user being sent to */
c2aa98e2SPeter Wemm	char **pvp;
c2aa98e2SPeter Wemm	register char **mvp;
c2aa98e2SPeter Wemm	register char *p;
c2aa98e2SPeter Wemm	register MAILER *m;		/* mailer for this recipient */
c2aa98e2SPeter Wemm	ADDRESS *volatile ctladdr;
c2aa98e2SPeter Wemm	ADDRESS *volatile contextaddr = NULL;
c2aa98e2SPeter Wemm	register MCI *volatile mci;
c2aa98e2SPeter Wemm	register ADDRESS *to = firstto;
c2aa98e2SPeter Wemm	volatile bool clever = FALSE;	/* running user smtp to this mailer */
c2aa98e2SPeter Wemm	ADDRESS *volatile tochain = NULL; /* users chain in this mailer call */
c2aa98e2SPeter Wemm	int rcode;			/* response code */
c2aa98e2SPeter Wemm	int lmtp_rcode = EX_OK;
06f25ae9SGregory Neil Shapiro	int nummxhosts = 0;		/* number of MX hosts available */
06f25ae9SGregory Neil Shapiro	int hostnum = 0;		/* current MX host index */
c2aa98e2SPeter Wemm	char *firstsig;			/* signature of firstto */
c2aa98e2SPeter Wemm	pid_t pid = -1;
c2aa98e2SPeter Wemm	char *volatile curhost;
c2aa98e2SPeter Wemm	register u_short port = 0;
06f25ae9SGregory Neil Shapiro#if NETUNIX
06f25ae9SGregory Neil Shapiro	char *mux_path = NULL;		/* path to UNIX domain socket */
06f25ae9SGregory Neil Shapiro#endif /* NETUNIX */
c2aa98e2SPeter Wemm	time_t xstart;
c2aa98e2SPeter Wemm	bool suidwarn;
c2aa98e2SPeter Wemm	bool anyok;			/* at least one address was OK */
c2aa98e2SPeter Wemm	bool goodmxfound = FALSE;	/* at least one MX was OK */
06f25ae9SGregory Neil Shapiro	bool ovr;
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro	int strsize;
06f25ae9SGregory Neil Shapiro	int rcptcount;
06f25ae9SGregory Neil Shapiro	static int tobufsize = 0;
06f25ae9SGregory Neil Shapiro	static char *tobuf = NULL;
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
06f25ae9SGregory Neil Shapiro	char tobuf[TOBUFSIZE];		/* text line of to people */
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm	int mpvect[2];
c2aa98e2SPeter Wemm	int rpvect[2];
06f25ae9SGregory Neil Shapiro	char *mxhosts[MAXMXHOSTS + 1];
c2aa98e2SPeter Wemm	char *pv[MAXPV + 1];
c2aa98e2SPeter Wemm	char buf[MAXNAME + 1];
c2aa98e2SPeter Wemm	char rpathbuf[MAXNAME + 1];	/* translated return path */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	errno = 0;
06f25ae9SGregory Neil Shapiro	if (!QS_IS_OK(to->q_state))
06f25ae9SGregory Neil Shapiro		return 0;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	suidwarn = geteuid() == 0;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	m = to->q_mailer;
c2aa98e2SPeter Wemm	host = to->q_host;
c2aa98e2SPeter Wemm	CurEnv = e;			/* just in case */
c2aa98e2SPeter Wemm	e->e_statmsg = NULL;
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm	SmtpError[0] = '\0';
06f25ae9SGregory Neil Shapiro#endif /* SMTP */
c2aa98e2SPeter Wemm	xstart = curtime();
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(10, 1))
06f25ae9SGregory Neil Shapiro		dprintf("\n--deliver, id=%s, mailer=%s, host=`%s', first user=`%s'\n",
c2aa98e2SPeter Wemm			e->e_id, m->m_name, host, to->q_user);
c2aa98e2SPeter Wemm	if (tTd(10, 100))
c2aa98e2SPeter Wemm		printopenfds(FALSE);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Clear $&{client_*} macros if this is a bounce message to
c2aa98e2SPeter Wemm	**  prevent rejection by check_compat ruleset.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (bitset(EF_RESPONSE, e->e_flags))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		define(macid("{client_name}", NULL), "", e);
c2aa98e2SPeter Wemm		define(macid("{client_addr}", NULL), "", e);
c2aa98e2SPeter Wemm		define(macid("{client_port}", NULL), "", e);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Do initial argv setup.
c2aa98e2SPeter Wemm	**	Insert the mailer name.  Notice that $x expansion is
c2aa98e2SPeter Wemm	**	NOT done on the mailer name.  Then, if the mailer has
c2aa98e2SPeter Wemm	**	a picky -f flag, we insert it as appropriate.  This
c2aa98e2SPeter Wemm	**	code does not check for 'pv' overflow; this places a
c2aa98e2SPeter Wemm	**	manifest lower limit of 4 for MAXPV.
c2aa98e2SPeter Wemm	**		The from address rewrite is expected to make
c2aa98e2SPeter Wemm	**		the address relative to the other end.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* rewrite from address, using rewriting rules */
c2aa98e2SPeter Wemm	rcode = EX_OK;
c2aa98e2SPeter Wemm	if (bitnset(M_UDBENVELOPE, e->e_from.q_mailer->m_flags))
c2aa98e2SPeter Wemm		p = e->e_sender;
c2aa98e2SPeter Wemm	else
c2aa98e2SPeter Wemm		p = e->e_from.q_paddr;
c2aa98e2SPeter Wemm	p = remotename(p, m, RF_SENDERADDR|RF_CANONICAL, &rcode, e);
c2aa98e2SPeter Wemm	if (strlen(p) >= (SIZE_T) sizeof rpathbuf)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		p = shortenstring(p, MAXSHORTSTR);
c2aa98e2SPeter Wemm		syserr("remotename: huge return %s", p);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	snprintf(rpathbuf, sizeof rpathbuf, "%s", p);
c2aa98e2SPeter Wemm	define('g', rpathbuf, e);		/* translated return path */
c2aa98e2SPeter Wemm	define('h', host, e);			/* to host */
c2aa98e2SPeter Wemm	Errors = 0;
c2aa98e2SPeter Wemm	pvp = pv;
c2aa98e2SPeter Wemm	*pvp++ = m->m_argv[0];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* insert -f or -r flag as appropriate */
06f25ae9SGregory Neil Shapiro	if (FromFlag &&
06f25ae9SGregory Neil Shapiro	    (bitnset(M_FOPT, m->m_flags) ||
06f25ae9SGregory Neil Shapiro	     bitnset(M_ROPT, m->m_flags)))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		if (bitnset(M_FOPT, m->m_flags))
c2aa98e2SPeter Wemm			*pvp++ = "-f";
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm			*pvp++ = "-r";
c2aa98e2SPeter Wemm		*pvp++ = newstr(rpathbuf);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Append the other fixed parts of the argv.  These run
c2aa98e2SPeter Wemm	**  up to the first entry containing "$u".  There can only
c2aa98e2SPeter Wemm	**  be one of these, and there are only a few more slots
c2aa98e2SPeter Wemm	**  in the pv after it.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	for (mvp = m->m_argv; (p = *++mvp) != NULL; )
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* can't use strchr here because of sign extension problems */
c2aa98e2SPeter Wemm		while (*p != '\0')
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if ((*p++ & 0377) == MACROEXPAND)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (*p == 'u')
c2aa98e2SPeter Wemm					break;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (*p != '\0')
c2aa98e2SPeter Wemm			break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* this entry is safe -- go ahead and process it */
c2aa98e2SPeter Wemm		expand(*mvp, buf, sizeof buf, e);
c2aa98e2SPeter Wemm		*pvp++ = newstr(buf);
c2aa98e2SPeter Wemm		if (pvp >= &pv[MAXPV - 3])
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			syserr("554 5.3.5 Too many parameters to %s before $u",
06f25ae9SGregory Neil Shapiro			       pv[0]);
06f25ae9SGregory Neil Shapiro			return -1;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  If we have no substitution for the user name in the argument
c2aa98e2SPeter Wemm	**  list, we know that we must supply the names otherwise -- and
c2aa98e2SPeter Wemm	**  SMTP is the answer!!
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (*mvp == NULL)
c2aa98e2SPeter Wemm	{
602a2b1bSGregory Neil Shapiro		/* running LMTP or SMTP */
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm		clever = TRUE;
c2aa98e2SPeter Wemm		*pvp = NULL;
c2aa98e2SPeter Wemm#else /* SMTP */
c2aa98e2SPeter Wemm		/* oops!  we don't implement SMTP */
06f25ae9SGregory Neil Shapiro		syserr("554 5.3.5 SMTP style mailer not implemented");
06f25ae9SGregory Neil Shapiro		return EX_SOFTWARE;
c2aa98e2SPeter Wemm#endif /* SMTP */
c2aa98e2SPeter Wemm	}
602a2b1bSGregory Neil Shapiro	else if (bitnset(M_LMTP, m->m_flags))
602a2b1bSGregory Neil Shapiro	{
602a2b1bSGregory Neil Shapiro		/* not running LMTP */
602a2b1bSGregory Neil Shapiro		sm_syslog(LOG_ERR, NULL,
602a2b1bSGregory Neil Shapiro			  "Warning: mailer %s: LMTP flag (F=z) turned off",
602a2b1bSGregory Neil Shapiro			  m->m_name);
602a2b1bSGregory Neil Shapiro		clrbitn(M_LMTP, m->m_flags);
602a2b1bSGregory Neil Shapiro	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  At this point *mvp points to the argument with $u.  We
c2aa98e2SPeter Wemm	**  run through our address list and append all the addresses
c2aa98e2SPeter Wemm	**  we can.  If we run out of space, do not fret!  We can
c2aa98e2SPeter Wemm	**  always send another copy later.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro	e->e_to = NULL;
06f25ae9SGregory Neil Shapiro	strsize = 2;
06f25ae9SGregory Neil Shapiro	rcptcount = 0;
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm	tobuf[0] = '\0';
c2aa98e2SPeter Wemm	e->e_to = tobuf;
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	ctladdr = NULL;
06f25ae9SGregory Neil Shapiro	firstsig = hostsignature(firstto->q_mailer, firstto->q_host);
c2aa98e2SPeter Wemm	for (; to != NULL; to = to->q_next)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* avoid sending multiple recipients to dumb mailers */
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro		if (tochain != NULL && !bitnset(M_MUSER, m->m_flags))
06f25ae9SGregory Neil Shapiro			break;
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm		if (tobuf[0] != '\0' && !bitnset(M_MUSER, m->m_flags))
c2aa98e2SPeter Wemm			break;
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* if already sent or not for this host, don't send */
06f25ae9SGregory Neil Shapiro		if (!QS_IS_OK(to->q_state) ||
c2aa98e2SPeter Wemm		    to->q_mailer != firstto->q_mailer ||
06f25ae9SGregory Neil Shapiro		    strcmp(hostsignature(to->q_mailer, to->q_host),
06f25ae9SGregory Neil Shapiro			   firstsig) != 0)
c2aa98e2SPeter Wemm			continue;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* avoid overflowing tobuf */
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro		strsize += strlen(to->q_paddr) + 1;
06f25ae9SGregory Neil Shapiro		if (!clever && strsize > TOBUFSIZE)
06f25ae9SGregory Neil Shapiro			break;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (++rcptcount > to->q_mailer->m_maxrcpt)
06f25ae9SGregory Neil Shapiro			break;
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm		if (sizeof tobuf < (strlen(to->q_paddr) + strlen(tobuf) + 2))
c2aa98e2SPeter Wemm			break;
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (tTd(10, 1))
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			dprintf("\nsend to ");
c2aa98e2SPeter Wemm			printaddr(to, FALSE);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* compute effective uid/gid when sending */
c2aa98e2SPeter Wemm		if (bitnset(M_RUNASRCPT, to->q_mailer->m_flags))
c2aa98e2SPeter Wemm			contextaddr = ctladdr = getctladdr(to);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (tTd(10, 2))
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			dprintf("ctladdr=");
c2aa98e2SPeter Wemm			printaddr(ctladdr, FALSE);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		user = to->q_user;
c2aa98e2SPeter Wemm		e->e_to = to->q_paddr;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Check to see that these people are allowed to
c2aa98e2SPeter Wemm		**  talk to each other.
42e5d165SGregory Neil Shapiro		**  Check also for overflow of e_msgsize.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
42e5d165SGregory Neil Shapiro		if (m->m_maxsize != 0 &&
42e5d165SGregory Neil Shapiro		    (e->e_msgsize > m->m_maxsize || e->e_msgsize < 0))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			e->e_flags |= EF_NO_BODY_RETN;
c2aa98e2SPeter Wemm			if (bitnset(M_LOCALMAILER, to->q_mailer->m_flags))
c2aa98e2SPeter Wemm				to->q_status = "5.2.3";
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm				to->q_status = "5.3.4";
06f25ae9SGregory Neil Shapiro			/* set to->q_rstatus = NULL; or to the following? */
06f25ae9SGregory Neil Shapiro			usrerrenh(to->q_status,
06f25ae9SGregory Neil Shapiro				  "552 Message is too large; %ld bytes max",
06f25ae9SGregory Neil Shapiro				  m->m_maxsize);
06f25ae9SGregory Neil Shapiro			markfailure(e, to, NULL, EX_UNAVAILABLE, FALSE);
06f25ae9SGregory Neil Shapiro			giveresponse(EX_UNAVAILABLE, to->q_status, m,
06f25ae9SGregory Neil Shapiro				     NULL, ctladdr, xstart, e);
c2aa98e2SPeter Wemm			continue;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm#if NAMED_BIND
602a2b1bSGregory Neil Shapiro		SM_SET_H_ERRNO(0);
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		ovr = TRUE;
c2aa98e2SPeter Wemm		/* do config file checking of compatibility */
06f25ae9SGregory Neil Shapiro		rcode = rscheck("check_compat", e->e_from.q_paddr, to->q_paddr,
193538b7SGregory Neil Shapiro				e, TRUE, TRUE, 4, NULL);
c2aa98e2SPeter Wemm		if (rcode == EX_OK)
c2aa98e2SPeter Wemm		{
065a643dSPeter Wemm			/* do in-code checking if not discarding */
065a643dSPeter Wemm			if (!bitset(EF_DISCARD, e->e_flags))
06f25ae9SGregory Neil Shapiro			{
c2aa98e2SPeter Wemm				rcode = checkcompat(to, e);
06f25ae9SGregory Neil Shapiro				ovr = FALSE;
06f25ae9SGregory Neil Shapiro			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		if (rcode != EX_OK)
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			markfailure(e, to, NULL, rcode, ovr);
06f25ae9SGregory Neil Shapiro			giveresponse(rcode, to->q_status, m,
06f25ae9SGregory Neil Shapiro				     NULL, ctladdr, xstart, e);
c2aa98e2SPeter Wemm			continue;
c2aa98e2SPeter Wemm		}
065a643dSPeter Wemm		if (bitset(EF_DISCARD, e->e_flags))
065a643dSPeter Wemm		{
065a643dSPeter Wemm			if (tTd(10, 5))
065a643dSPeter Wemm			{
06f25ae9SGregory Neil Shapiro				dprintf("deliver: discarding recipient ");
065a643dSPeter Wemm				printaddr(to, FALSE);
065a643dSPeter Wemm			}
065a643dSPeter Wemm
06f25ae9SGregory Neil Shapiro			/* pretend the message was sent */
06f25ae9SGregory Neil Shapiro			/* XXX should we log something here? */
06f25ae9SGregory Neil Shapiro			to->q_state = QS_DISCARDED;
06f25ae9SGregory Neil Shapiro
065a643dSPeter Wemm			/*
065a643dSPeter Wemm			**  Remove discard bit to prevent discard of
06f25ae9SGregory Neil Shapiro			**  future recipients.  This is safe because the
06f25ae9SGregory Neil Shapiro			**  true "global discard" has been handled before
06f25ae9SGregory Neil Shapiro			**  we get here.
065a643dSPeter Wemm			*/
065a643dSPeter Wemm
06f25ae9SGregory Neil Shapiro			e->e_flags &= ~EF_DISCARD;
065a643dSPeter Wemm			continue;
065a643dSPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Strip quote bits from names if the mailer is dumb
c2aa98e2SPeter Wemm		**	about them.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (bitnset(M_STRIPQ, m->m_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			stripquotes(user);
c2aa98e2SPeter Wemm			stripquotes(host);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* hack attack -- delivermail compatibility */
c2aa98e2SPeter Wemm		if (m == ProgMailer && *user == '|')
c2aa98e2SPeter Wemm			user++;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  If an error message has already been given, don't
c2aa98e2SPeter Wemm		**	bother to send to this address.
c2aa98e2SPeter Wemm		**
c2aa98e2SPeter Wemm		**	>>>>>>>>>> This clause assumes that the local mailer
c2aa98e2SPeter Wemm		**	>> NOTE >> cannot do any further aliasing; that
c2aa98e2SPeter Wemm		**	>>>>>>>>>> function is subsumed by sendmail.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		if (!QS_IS_OK(to->q_state))
c2aa98e2SPeter Wemm			continue;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  See if this user name is "special".
c2aa98e2SPeter Wemm		**	If the user name has a slash in it, assume that this
c2aa98e2SPeter Wemm		**	is a file -- send it off without further ado.  Note
c2aa98e2SPeter Wemm		**	that this type of addresses is not processed along
c2aa98e2SPeter Wemm		**	with the others, so we fudge on the To person.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (strcmp(m->m_mailer, "[FILE]") == 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			define('u', user, e);	/* to user */
c2aa98e2SPeter Wemm			p = to->q_home;
c2aa98e2SPeter Wemm			if (p == NULL && ctladdr != NULL)
c2aa98e2SPeter Wemm				p = ctladdr->q_home;
c2aa98e2SPeter Wemm			define('z', p, e);	/* user's home */
c2aa98e2SPeter Wemm			expand(m->m_argv[1], buf, sizeof buf, e);
c2aa98e2SPeter Wemm			if (strlen(buf) > 0)
c2aa98e2SPeter Wemm				rcode = mailfile(buf, m, ctladdr, SFF_CREAT, e);
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				syserr("empty filename specification for mailer %s",
c2aa98e2SPeter Wemm				       m->m_name);
c2aa98e2SPeter Wemm				rcode = EX_CONFIG;
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro			giveresponse(rcode, to->q_status, m, NULL,
06f25ae9SGregory Neil Shapiro				     ctladdr, xstart, e);
06f25ae9SGregory Neil Shapiro			markfailure(e, to, NULL, rcode, TRUE);
c2aa98e2SPeter Wemm			e->e_nsent++;
c2aa98e2SPeter Wemm			if (rcode == EX_OK)
c2aa98e2SPeter Wemm			{
06f25ae9SGregory Neil Shapiro				to->q_state = QS_SENT;
c2aa98e2SPeter Wemm				if (bitnset(M_LOCALMAILER, m->m_flags) &&
c2aa98e2SPeter Wemm				    bitset(QPINGONSUCCESS, to->q_flags))
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					to->q_flags |= QDELIVERED;
c2aa98e2SPeter Wemm					to->q_status = "2.1.5";
c2aa98e2SPeter Wemm					fprintf(e->e_xfp, "%s... Successfully delivered\n",
c2aa98e2SPeter Wemm						to->q_paddr);
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			to->q_statdate = curtime();
c2aa98e2SPeter Wemm			markstats(e, to, FALSE);
c2aa98e2SPeter Wemm			continue;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Address is verified -- add this user to mailer
c2aa98e2SPeter Wemm		**  argv, and add it to the print list of recipients.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* link together the chain of recipients */
c2aa98e2SPeter Wemm		to->q_tchain = tochain;
c2aa98e2SPeter Wemm		tochain = to;
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro		e->e_to = "[CHAIN]";
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm		/* create list of users for error messages */
06f25ae9SGregory Neil Shapiro		(void) strlcat(tobuf, ",", sizeof tobuf);
06f25ae9SGregory Neil Shapiro		(void) strlcat(tobuf, to->q_paddr, sizeof tobuf);
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		define('u', user, e);		/* to user */
c2aa98e2SPeter Wemm		p = to->q_home;
c2aa98e2SPeter Wemm		if (p == NULL && ctladdr != NULL)
c2aa98e2SPeter Wemm			p = ctladdr->q_home;
c2aa98e2SPeter Wemm		define('z', p, e);	/* user's home */
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		/* set the ${dsn_notify} macro if applicable */
06f25ae9SGregory Neil Shapiro		if (bitset(QHASNOTIFY, to->q_flags))
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			char notify[MAXLINE];
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			notify[0] = '\0';
06f25ae9SGregory Neil Shapiro			if (bitset(QPINGONSUCCESS, to->q_flags))
06f25ae9SGregory Neil Shapiro				(void) strlcat(notify, "SUCCESS,",
06f25ae9SGregory Neil Shapiro					       sizeof notify);
06f25ae9SGregory Neil Shapiro			if (bitset(QPINGONFAILURE, to->q_flags))
06f25ae9SGregory Neil Shapiro				(void) strlcat(notify, "FAILURE,",
06f25ae9SGregory Neil Shapiro					       sizeof notify);
06f25ae9SGregory Neil Shapiro			if (bitset(QPINGONDELAY, to->q_flags))
06f25ae9SGregory Neil Shapiro				(void) strlcat(notify, "DELAY,", sizeof notify);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			/* Set to NEVER or drop trailing comma */
06f25ae9SGregory Neil Shapiro			if (notify[0] == '\0')
06f25ae9SGregory Neil Shapiro				(void) strlcat(notify, "NEVER", sizeof notify);
06f25ae9SGregory Neil Shapiro			else
06f25ae9SGregory Neil Shapiro				notify[strlen(notify) - 1] = '\0';
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			define(macid("{dsn_notify}", NULL), newstr(notify), e);
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro			define(macid("{dsn_notify}", NULL), NULL, e);
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Expand out this user into argument list.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (!clever)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			expand(*mvp, buf, sizeof buf, e);
c2aa98e2SPeter Wemm			*pvp++ = newstr(buf);
c2aa98e2SPeter Wemm			if (pvp >= &pv[MAXPV - 2])
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				/* allow some space for trailing parms */
c2aa98e2SPeter Wemm				break;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* see if any addresses still exist */
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro	if (tochain == NULL)
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm	if (tobuf[0] == '\0')
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		define('g', (char *) NULL, e);
06f25ae9SGregory Neil Shapiro		e->e_to = NULL;
06f25ae9SGregory Neil Shapiro		return 0;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* print out messages as full list */
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		int l = 1;
06f25ae9SGregory Neil Shapiro		char *tobufptr;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		for (to = tochain; to != NULL; to = to->q_tchain)
06f25ae9SGregory Neil Shapiro			l += strlen(to->q_paddr) + 1;
06f25ae9SGregory Neil Shapiro		if (l < TOBUFSIZE)
06f25ae9SGregory Neil Shapiro			l = TOBUFSIZE;
06f25ae9SGregory Neil Shapiro		if (l > tobufsize)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			if (tobuf != NULL)
06f25ae9SGregory Neil Shapiro				free(tobuf);
06f25ae9SGregory Neil Shapiro			tobufsize = l;
06f25ae9SGregory Neil Shapiro			tobuf = xalloc(tobufsize);
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		tobufptr = tobuf;
06f25ae9SGregory Neil Shapiro		*tobufptr = '\0';
06f25ae9SGregory Neil Shapiro		for (to = tochain; to != NULL; to = to->q_tchain)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			snprintf(tobufptr, tobufsize - (tobufptr - tobuf),
06f25ae9SGregory Neil Shapiro				 ",%s", to->q_paddr);
06f25ae9SGregory Neil Shapiro			tobufptr += strlen(tobufptr);
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm	e->e_to = tobuf + 1;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Fill out any parameters after the $u parameter.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	while (!clever && *++mvp != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		expand(*mvp, buf, sizeof buf, e);
c2aa98e2SPeter Wemm		*pvp++ = newstr(buf);
c2aa98e2SPeter Wemm		if (pvp >= &pv[MAXPV])
06f25ae9SGregory Neil Shapiro			syserr("554 5.3.0 deliver: pv overflow after $u for %s",
06f25ae9SGregory Neil Shapiro			       pv[0]);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	*pvp++ = NULL;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Call the mailer.
c2aa98e2SPeter Wemm	**	The argument vector gets built, pipes
c2aa98e2SPeter Wemm	**	are created as necessary, and we fork & exec as
c2aa98e2SPeter Wemm	**	appropriate.
c2aa98e2SPeter Wemm	**	If we are running SMTP, we just need to clean up.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* XXX this seems a bit wierd */
c2aa98e2SPeter Wemm	if (ctladdr == NULL && m != ProgMailer && m != FileMailer &&
c2aa98e2SPeter Wemm	    bitset(QGOODUID, e->e_from.q_flags))
c2aa98e2SPeter Wemm		ctladdr = &e->e_from;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if NAMED_BIND
c2aa98e2SPeter Wemm	if (ConfigLevel < 2)
c2aa98e2SPeter Wemm		_res.options &= ~(RES_DEFNAMES | RES_DNSRCH);	/* XXX */
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(11, 1))
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		dprintf("openmailer:");
c2aa98e2SPeter Wemm		printav(pv);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	errno = 0;
c2aa98e2SPeter Wemm#if NAMED_BIND
602a2b1bSGregory Neil Shapiro	SM_SET_H_ERRNO(0);
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	CurHostName = NULL;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Deal with the special case of mail handled through an IPC
c2aa98e2SPeter Wemm	**  connection.
c2aa98e2SPeter Wemm	**	In this case we don't actually fork.  We must be
c2aa98e2SPeter Wemm	**	running SMTP for this to work.  We will return a
c2aa98e2SPeter Wemm	**	zero pid to indicate that we are running IPC.
c2aa98e2SPeter Wemm	**  We also handle a debug version that just talks to stdin/out.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	curhost = NULL;
c2aa98e2SPeter Wemm	SmtpPhase = NULL;
c2aa98e2SPeter Wemm	mci = NULL;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if XDEBUG
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		char wbuf[MAXLINE];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* make absolutely certain 0, 1, and 2 are in use */
c2aa98e2SPeter Wemm		snprintf(wbuf, sizeof wbuf, "%s... openmailer(%s)",
c2aa98e2SPeter Wemm			shortenstring(e->e_to, MAXSHORTSTR), m->m_name);
c2aa98e2SPeter Wemm		checkfd012(wbuf);
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro#endif /* XDEBUG */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* check for 8-bit available */
c2aa98e2SPeter Wemm	if (bitset(EF_HAS8BIT, e->e_flags) &&
c2aa98e2SPeter Wemm	    bitnset(M_7BITS, m->m_flags) &&
c2aa98e2SPeter Wemm	    (bitset(EF_DONT_MIME, e->e_flags) ||
c2aa98e2SPeter Wemm	     !(bitset(MM_MIME8BIT, MimeMode) ||
c2aa98e2SPeter Wemm	       (bitset(EF_IS_MIME, e->e_flags) &&
c2aa98e2SPeter Wemm		bitset(MM_CVTMIME, MimeMode)))))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		e->e_status = "5.6.3";
06f25ae9SGregory Neil Shapiro		usrerrenh(e->e_status,
06f25ae9SGregory Neil Shapiro		       "554 Cannot send 8-bit data to 7-bit destination");
06f25ae9SGregory Neil Shapiro		rcode = EX_DATAERR;
c2aa98e2SPeter Wemm		goto give_up;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(62, 8))
c2aa98e2SPeter Wemm		checkfds("before delivery");
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* check for Local Person Communication -- not for mortals!!! */
c2aa98e2SPeter Wemm	if (strcmp(m->m_mailer, "[LPC]") == 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		mci = (MCI *) xalloc(sizeof *mci);
06f25ae9SGregory Neil Shapiro		memset((char *) mci, '\0', sizeof *mci);
c2aa98e2SPeter Wemm		mci->mci_in = stdin;
c2aa98e2SPeter Wemm		mci->mci_out = stdout;
c2aa98e2SPeter Wemm		mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN;
c2aa98e2SPeter Wemm		mci->mci_mailer = m;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else if (strcmp(m->m_mailer, "[IPC]") == 0 ||
c2aa98e2SPeter Wemm		 strcmp(m->m_mailer, "[TCP]") == 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm#if DAEMON
c2aa98e2SPeter Wemm		register int i;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (pv[0] == NULL || pv[1] == NULL || pv[1][0] == '\0')
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			syserr("null destination for %s mailer", m->m_mailer);
c2aa98e2SPeter Wemm			rcode = EX_CONFIG;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro# if NETUNIX
06f25ae9SGregory Neil Shapiro		if (strcmp(pv[0], "FILE") == 0)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			curhost = CurHostName = "localhost";
06f25ae9SGregory Neil Shapiro			mux_path = pv[1];
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro# endif /* NETUNIX */
06f25ae9SGregory Neil Shapiro		{
c2aa98e2SPeter Wemm			CurHostName = pv[1];
06f25ae9SGregory Neil Shapiro			curhost = hostsignature(m, pv[1]);
06f25ae9SGregory Neil Shapiro		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (curhost == NULL || curhost[0] == '\0')
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			syserr("null host signature for %s", pv[1]);
c2aa98e2SPeter Wemm			rcode = EX_CONFIG;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (!clever)
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			syserr("554 5.3.5 non-clever IPC");
c2aa98e2SPeter Wemm			rcode = EX_CONFIG;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro		if (pv[2] != NULL
06f25ae9SGregory Neil Shapiro# if NETUNIX
06f25ae9SGregory Neil Shapiro		    && mux_path == NULL
06f25ae9SGregory Neil Shapiro# endif /* NETUNIX */
06f25ae9SGregory Neil Shapiro		    )
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			port = htons((u_short)atoi(pv[2]));
c2aa98e2SPeter Wemm			if (port == 0)
c2aa98e2SPeter Wemm			{
06f25ae9SGregory Neil Shapiro# ifdef NO_GETSERVBYNAME
06f25ae9SGregory Neil Shapiro				syserr("Invalid port number: %s", pv[2]);
06f25ae9SGregory Neil Shapiro# else /* NO_GETSERVBYNAME */
c2aa98e2SPeter Wemm				struct servent *sp = getservbyname(pv[2], "tcp");
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				if (sp == NULL)
c2aa98e2SPeter Wemm					syserr("Service %s unknown", pv[2]);
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm					port = sp->s_port;
06f25ae9SGregory Neil Shapiro# endif /* NO_GETSERVBYNAME */
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		nummxhosts = parse_hostsignature(curhost, mxhosts, m);
06f25ae9SGregory Neil Shapirotryhost:
06f25ae9SGregory Neil Shapiro		while (hostnum < nummxhosts)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			char sep = ':';
06f25ae9SGregory Neil Shapiro			char *endp;
06f25ae9SGregory Neil Shapiro			static char hostbuf[MAXNAME + 1];
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro# if NETINET6
06f25ae9SGregory Neil Shapiro			if (*mxhosts[hostnum] == '[')
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				endp = strchr(mxhosts[hostnum] + 1, ']');
06f25ae9SGregory Neil Shapiro				if (endp != NULL)
06f25ae9SGregory Neil Shapiro					endp = strpbrk(endp + 1, ":,");
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			else
06f25ae9SGregory Neil Shapiro				endp = strpbrk(mxhosts[hostnum], ":,");
06f25ae9SGregory Neil Shapiro# else /* NETINET6 */
06f25ae9SGregory Neil Shapiro			endp = strpbrk(mxhosts[hostnum], ":,");
06f25ae9SGregory Neil Shapiro# endif /* NETINET6 */
06f25ae9SGregory Neil Shapiro			if (endp != NULL)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				sep = *endp;
06f25ae9SGregory Neil Shapiro				*endp = '\0';
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			if (*mxhosts[hostnum] == '\0')
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				syserr("deliver: null host name in signature");
06f25ae9SGregory Neil Shapiro				hostnum++;
06f25ae9SGregory Neil Shapiro				if (endp != NULL)
06f25ae9SGregory Neil Shapiro					*endp = sep;
c2aa98e2SPeter Wemm				continue;
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro			(void) strlcpy(hostbuf, mxhosts[hostnum],
06f25ae9SGregory Neil Shapiro				       sizeof hostbuf);
06f25ae9SGregory Neil Shapiro			hostnum++;
06f25ae9SGregory Neil Shapiro			if (endp != NULL)
06f25ae9SGregory Neil Shapiro				*endp = sep;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* see if we already know that this host is fried */
c2aa98e2SPeter Wemm			CurHostName = hostbuf;
c2aa98e2SPeter Wemm			mci = mci_get(hostbuf, m);
c2aa98e2SPeter Wemm			if (mci->mci_state != MCIS_CLOSED)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (tTd(11, 1))
c2aa98e2SPeter Wemm				{
06f25ae9SGregory Neil Shapiro					dprintf("openmailer: ");
c2aa98e2SPeter Wemm					mci_dump(mci, FALSE);
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				CurHostName = mci->mci_host;
c2aa98e2SPeter Wemm				message("Using cached %sSMTP connection to %s via %s...",
c2aa98e2SPeter Wemm					bitset(MCIF_ESMTP, mci->mci_flags) ? "E" : "",
c2aa98e2SPeter Wemm					hostbuf, m->m_name);
06f25ae9SGregory Neil Shapiro				mci->mci_deliveries++;
c2aa98e2SPeter Wemm				break;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			mci->mci_mailer = m;
c2aa98e2SPeter Wemm			if (mci->mci_exitstat != EX_OK)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (mci->mci_exitstat == EX_TEMPFAIL)
c2aa98e2SPeter Wemm					goodmxfound = TRUE;
c2aa98e2SPeter Wemm				continue;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			if (mci_lock_host(mci) != EX_OK)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				mci_setstat(mci, EX_TEMPFAIL, "4.4.5", NULL);
c2aa98e2SPeter Wemm				goodmxfound = TRUE;
c2aa98e2SPeter Wemm				continue;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* try the connection */
06f25ae9SGregory Neil Shapiro			sm_setproctitle(TRUE, e, "%s %s: %s",
06f25ae9SGregory Neil Shapiro					qid_printname(e),
06f25ae9SGregory Neil Shapiro					hostbuf, "user open");
06f25ae9SGregory Neil Shapiro# if NETUNIX
06f25ae9SGregory Neil Shapiro			if (mux_path != NULL)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				message("Connecting to %s via %s...",
06f25ae9SGregory Neil Shapiro					mux_path, m->m_name);
06f25ae9SGregory Neil Shapiro				i = makeconnection_ds(mux_path, mci);
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			else
06f25ae9SGregory Neil Shapiro# endif /* NETUNIX */
06f25ae9SGregory Neil Shapiro			{
c2aa98e2SPeter Wemm				if (port == 0)
c2aa98e2SPeter Wemm					message("Connecting to %s via %s...",
c2aa98e2SPeter Wemm						hostbuf, m->m_name);
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm					message("Connecting to %s port %d via %s...",
06f25ae9SGregory Neil Shapiro						hostbuf, ntohs(port),
06f25ae9SGregory Neil Shapiro						m->m_name);
c2aa98e2SPeter Wemm				i = makeconnection(hostbuf, port, mci, e);
06f25ae9SGregory Neil Shapiro			}
c2aa98e2SPeter Wemm			mci->mci_lastuse = curtime();
06f25ae9SGregory Neil Shapiro			mci->mci_deliveries = 0;
c2aa98e2SPeter Wemm			mci->mci_exitstat = i;
c2aa98e2SPeter Wemm			mci->mci_errno = errno;
c2aa98e2SPeter Wemm# if NAMED_BIND
c2aa98e2SPeter Wemm			mci->mci_herrno = h_errno;
06f25ae9SGregory Neil Shapiro# endif /* NAMED_BIND */
c2aa98e2SPeter Wemm			if (i == EX_OK)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				goodmxfound = TRUE;
c2aa98e2SPeter Wemm				mci->mci_state = MCIS_OPENING;
c2aa98e2SPeter Wemm				mci_cache(mci);
c2aa98e2SPeter Wemm				if (TrafficLogFile != NULL)
c2aa98e2SPeter Wemm					fprintf(TrafficLogFile, "%05d === CONNECT %s\n",
c2aa98e2SPeter Wemm						(int) getpid(), hostbuf);
c2aa98e2SPeter Wemm				break;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (tTd(11, 1))
06f25ae9SGregory Neil Shapiro					dprintf("openmailer: makeconnection => stat=%d, errno=%d\n",
c2aa98e2SPeter Wemm						i, errno);
c2aa98e2SPeter Wemm				if (i == EX_TEMPFAIL)
c2aa98e2SPeter Wemm					goodmxfound = TRUE;
c2aa98e2SPeter Wemm				mci_unlock_host(mci);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* enter status of this host */
c2aa98e2SPeter Wemm			setstat(i);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* should print some message here for -v mode */
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		if (mci == NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			syserr("deliver: no host name");
c2aa98e2SPeter Wemm			rcode = EX_SOFTWARE;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		mci->mci_pid = 0;
06f25ae9SGregory Neil Shapiro#else /* DAEMON */
06f25ae9SGregory Neil Shapiro		syserr("554 5.3.5 openmailer: no IPC");
c2aa98e2SPeter Wemm		if (tTd(11, 1))
06f25ae9SGregory Neil Shapiro			dprintf("openmailer: NULL\n");
c2aa98e2SPeter Wemm		rcode = EX_UNAVAILABLE;
c2aa98e2SPeter Wemm		goto give_up;
c2aa98e2SPeter Wemm#endif /* DAEMON */
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* flush any expired connections */
c2aa98e2SPeter Wemm		(void) mci_scan(NULL);
c2aa98e2SPeter Wemm		mci = NULL;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm		if (bitnset(M_LMTP, m->m_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* try to get a cached connection */
c2aa98e2SPeter Wemm			mci = mci_get(m->m_name, m);
c2aa98e2SPeter Wemm			if (mci->mci_host == NULL)
c2aa98e2SPeter Wemm				mci->mci_host = m->m_name;
c2aa98e2SPeter Wemm			CurHostName = mci->mci_host;
c2aa98e2SPeter Wemm			if (mci->mci_state != MCIS_CLOSED)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				message("Using cached LMTP connection for %s...",
c2aa98e2SPeter Wemm					m->m_name);
06f25ae9SGregory Neil Shapiro				mci->mci_deliveries++;
c2aa98e2SPeter Wemm				goto do_transfer;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro#endif /* SMTP */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* announce the connection to verbose listeners */
c2aa98e2SPeter Wemm		if (host == NULL || host[0] == '\0')
c2aa98e2SPeter Wemm			message("Connecting to %s...", m->m_name);
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm			message("Connecting to %s via %s...", host, m->m_name);
c2aa98e2SPeter Wemm		if (TrafficLogFile != NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			char **av;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			fprintf(TrafficLogFile, "%05d === EXEC", (int) getpid());
c2aa98e2SPeter Wemm			for (av = pv; *av != NULL; av++)
c2aa98e2SPeter Wemm				fprintf(TrafficLogFile, " %s", *av);
c2aa98e2SPeter Wemm			fprintf(TrafficLogFile, "\n");
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if XDEBUG
c2aa98e2SPeter Wemm		checkfd012("before creating mail pipe");
06f25ae9SGregory Neil Shapiro#endif /* XDEBUG */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* create a pipe to shove the mail through */
c2aa98e2SPeter Wemm		if (pipe(mpvect) < 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			syserr("%s... openmailer(%s): pipe (to mailer)",
c2aa98e2SPeter Wemm				shortenstring(e->e_to, MAXSHORTSTR), m->m_name);
c2aa98e2SPeter Wemm			if (tTd(11, 1))
06f25ae9SGregory Neil Shapiro				dprintf("openmailer: NULL\n");
c2aa98e2SPeter Wemm			rcode = EX_OSERR;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if XDEBUG
c2aa98e2SPeter Wemm		/* make sure we didn't get one of the standard I/O files */
c2aa98e2SPeter Wemm		if (mpvect[0] < 3 || mpvect[1] < 3)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			syserr("%s... openmailer(%s): bogus mpvect %d %d",
c2aa98e2SPeter Wemm				shortenstring(e->e_to, MAXSHORTSTR), m->m_name,
c2aa98e2SPeter Wemm				mpvect[0], mpvect[1]);
c2aa98e2SPeter Wemm			printopenfds(TRUE);
c2aa98e2SPeter Wemm			if (tTd(11, 1))
06f25ae9SGregory Neil Shapiro				dprintf("openmailer: NULL\n");
c2aa98e2SPeter Wemm			rcode = EX_OSERR;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* make sure system call isn't dead meat */
c2aa98e2SPeter Wemm		checkfdopen(mpvect[0], "mpvect[0]");
c2aa98e2SPeter Wemm		checkfdopen(mpvect[1], "mpvect[1]");
c2aa98e2SPeter Wemm		if (mpvect[0] == mpvect[1] ||
c2aa98e2SPeter Wemm		    (e->e_lockfp != NULL &&
c2aa98e2SPeter Wemm		     (mpvect[0] == fileno(e->e_lockfp) ||
c2aa98e2SPeter Wemm		      mpvect[1] == fileno(e->e_lockfp))))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (e->e_lockfp == NULL)
c2aa98e2SPeter Wemm				syserr("%s... openmailer(%s): overlapping mpvect %d %d",
c2aa98e2SPeter Wemm					shortenstring(e->e_to, MAXSHORTSTR),
c2aa98e2SPeter Wemm					m->m_name, mpvect[0], mpvect[1]);
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm				syserr("%s... openmailer(%s): overlapping mpvect %d %d, lockfp = %d",
c2aa98e2SPeter Wemm					shortenstring(e->e_to, MAXSHORTSTR),
c2aa98e2SPeter Wemm					m->m_name, mpvect[0], mpvect[1],
c2aa98e2SPeter Wemm					fileno(e->e_lockfp));
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro#endif /* XDEBUG */
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		/* create a return pipe */
c2aa98e2SPeter Wemm		if (pipe(rpvect) < 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			syserr("%s... openmailer(%s): pipe (from mailer)",
c2aa98e2SPeter Wemm				shortenstring(e->e_to, MAXSHORTSTR),
c2aa98e2SPeter Wemm				m->m_name);
c2aa98e2SPeter Wemm			(void) close(mpvect[0]);
c2aa98e2SPeter Wemm			(void) close(mpvect[1]);
c2aa98e2SPeter Wemm			if (tTd(11, 1))
06f25ae9SGregory Neil Shapiro				dprintf("openmailer: NULL\n");
c2aa98e2SPeter Wemm			rcode = EX_OSERR;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm#if XDEBUG
c2aa98e2SPeter Wemm		checkfdopen(rpvect[0], "rpvect[0]");
c2aa98e2SPeter Wemm		checkfdopen(rpvect[1], "rpvect[1]");
06f25ae9SGregory Neil Shapiro#endif /* XDEBUG */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Actually fork the mailer process.
c2aa98e2SPeter Wemm		**	DOFORK is clever about retrying.
c2aa98e2SPeter Wemm		**
c2aa98e2SPeter Wemm		**	Dispose of SIGCHLD signal catchers that may be laying
06f25ae9SGregory Neil Shapiro		**	around so that endmailer will get it.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (e->e_xfp != NULL)
c2aa98e2SPeter Wemm			(void) fflush(e->e_xfp);	/* for debugging */
c2aa98e2SPeter Wemm		(void) fflush(stdout);
c2aa98e2SPeter Wemm		(void) setsignal(SIGCHLD, SIG_DFL);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		DOFORK(FORK);
c2aa98e2SPeter Wemm		/* pid is set by DOFORK */
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		if (pid < 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* failure */
c2aa98e2SPeter Wemm			syserr("%s... openmailer(%s): cannot fork",
c2aa98e2SPeter Wemm				shortenstring(e->e_to, MAXSHORTSTR), m->m_name);
c2aa98e2SPeter Wemm			(void) close(mpvect[0]);
c2aa98e2SPeter Wemm			(void) close(mpvect[1]);
c2aa98e2SPeter Wemm			(void) close(rpvect[0]);
c2aa98e2SPeter Wemm			(void) close(rpvect[1]);
c2aa98e2SPeter Wemm			if (tTd(11, 1))
06f25ae9SGregory Neil Shapiro				dprintf("openmailer: NULL\n");
c2aa98e2SPeter Wemm			rcode = EX_OSERR;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		else if (pid == 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			int i;
06f25ae9SGregory Neil Shapiro			int save_errno;
c2aa98e2SPeter Wemm			int new_euid = NO_UID;
c2aa98e2SPeter Wemm			int new_ruid = NO_UID;
c2aa98e2SPeter Wemm			int new_gid = NO_GID;
c2aa98e2SPeter Wemm			struct stat stb;
c2aa98e2SPeter Wemm			extern int DtableSize;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			if (e->e_lockfp != NULL)
c2aa98e2SPeter Wemm				(void) close(fileno(e->e_lockfp));
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* child -- set up input & exec mailer */
c2aa98e2SPeter Wemm			(void) setsignal(SIGINT, SIG_IGN);
c2aa98e2SPeter Wemm			(void) setsignal(SIGHUP, SIG_IGN);
c2aa98e2SPeter Wemm			(void) setsignal(SIGTERM, SIG_DFL);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			if (m != FileMailer || stat(tochain->q_user, &stb) < 0)
c2aa98e2SPeter Wemm				stb.st_mode = 0;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm# if HASSETUSERCONTEXT
c2aa98e2SPeter Wemm			/*
c2aa98e2SPeter Wemm			**  Set user resources.
c2aa98e2SPeter Wemm			*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			if (contextaddr != NULL)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				struct passwd *pwd;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				if (contextaddr->q_ruser != NULL)
c2aa98e2SPeter Wemm					pwd = sm_getpwnam(contextaddr->q_ruser);
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm					pwd = sm_getpwnam(contextaddr->q_user);
c2aa98e2SPeter Wemm				if (pwd != NULL)
c2aa98e2SPeter Wemm					(void) setusercontext(NULL,
c2aa98e2SPeter Wemm						pwd, pwd->pw_uid,
c2aa98e2SPeter Wemm						LOGIN_SETRESOURCES|LOGIN_SETPRIORITY);
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro# endif /* HASSETUSERCONTEXT */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* tweak niceness */
c2aa98e2SPeter Wemm			if (m->m_nice != 0)
06f25ae9SGregory Neil Shapiro				(void) nice(m->m_nice);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* reset group id */
c2aa98e2SPeter Wemm			if (bitnset(M_SPECIFIC_UID, m->m_flags))
c2aa98e2SPeter Wemm				new_gid = m->m_gid;
c2aa98e2SPeter Wemm			else if (bitset(S_ISGID, stb.st_mode))
c2aa98e2SPeter Wemm				new_gid = stb.st_gid;
c2aa98e2SPeter Wemm			else if (ctladdr != NULL && ctladdr->q_gid != 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (!DontInitGroups)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					char *u = ctladdr->q_ruser;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm					if (u == NULL)
c2aa98e2SPeter Wemm						u = ctladdr->q_user;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm					if (initgroups(u, ctladdr->q_gid) == -1 && suidwarn)
06f25ae9SGregory Neil Shapiro					{
c2aa98e2SPeter Wemm						syserr("openmailer: initgroups(%s, %d) failed",
c2aa98e2SPeter Wemm							u, ctladdr->q_gid);
06f25ae9SGregory Neil Shapiro						exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro					}
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					GIDSET_T gidset[1];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm					gidset[0] = ctladdr->q_gid;
c2aa98e2SPeter Wemm					if (setgroups(1, gidset) == -1 && suidwarn)
06f25ae9SGregory Neil Shapiro					{
c2aa98e2SPeter Wemm						syserr("openmailer: setgroups() failed");
06f25ae9SGregory Neil Shapiro						exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro					}
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				new_gid = ctladdr->q_gid;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (!DontInitGroups)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					if (initgroups(DefUser, DefGid) == -1 && suidwarn)
06f25ae9SGregory Neil Shapiro					{
c2aa98e2SPeter Wemm						syserr("openmailer: initgroups(%s, %d) failed",
c2aa98e2SPeter Wemm							DefUser, DefGid);
06f25ae9SGregory Neil Shapiro						exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro					}
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					GIDSET_T gidset[1];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm					gidset[0] = DefGid;
c2aa98e2SPeter Wemm					if (setgroups(1, gidset) == -1 && suidwarn)
06f25ae9SGregory Neil Shapiro					{
c2aa98e2SPeter Wemm						syserr("openmailer: setgroups() failed");
06f25ae9SGregory Neil Shapiro						exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro					}
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				if (m->m_gid == 0)
c2aa98e2SPeter Wemm					new_gid = DefGid;
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm					new_gid = m->m_gid;
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro			if (new_gid != NO_GID)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				if (RunAsUid != 0 &&
06f25ae9SGregory Neil Shapiro				    bitnset(M_SPECIFIC_UID, m->m_flags) &&
06f25ae9SGregory Neil Shapiro				    new_gid != getgid() &&
06f25ae9SGregory Neil Shapiro				    new_gid != getegid())
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					/* Only root can change the gid */
06f25ae9SGregory Neil Shapiro					syserr("openmailer: insufficient privileges to change gid");
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				if (setgid(new_gid) < 0 && suidwarn)
06f25ae9SGregory Neil Shapiro				{
c2aa98e2SPeter Wemm					syserr("openmailer: setgid(%ld) failed",
c2aa98e2SPeter Wemm					       (long) new_gid);
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			/* change root to some "safe" directory */
06f25ae9SGregory Neil Shapiro			if (m->m_rootdir != NULL)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				expand(m->m_rootdir, buf, sizeof buf, e);
06f25ae9SGregory Neil Shapiro				if (tTd(11, 20))
06f25ae9SGregory Neil Shapiro					dprintf("openmailer: chroot %s\n",
06f25ae9SGregory Neil Shapiro						buf);
06f25ae9SGregory Neil Shapiro				if (chroot(buf) < 0)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					syserr("openmailer: Cannot chroot(%s)",
06f25ae9SGregory Neil Shapiro					       buf);
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro				if (chdir("/") < 0)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					syserr("openmailer: cannot chdir(/)");
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* reset user id */
c2aa98e2SPeter Wemm			endpwent();
c2aa98e2SPeter Wemm			if (bitnset(M_SPECIFIC_UID, m->m_flags))
c2aa98e2SPeter Wemm				new_euid = m->m_uid;
c2aa98e2SPeter Wemm			else if (bitset(S_ISUID, stb.st_mode))
c2aa98e2SPeter Wemm				new_ruid = stb.st_uid;
c2aa98e2SPeter Wemm			else if (ctladdr != NULL && ctladdr->q_uid != 0)
c2aa98e2SPeter Wemm				new_ruid = ctladdr->q_uid;
c2aa98e2SPeter Wemm			else if (m->m_uid != 0)
c2aa98e2SPeter Wemm				new_ruid = m->m_uid;
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm				new_ruid = DefUid;
c2aa98e2SPeter Wemm			if (new_euid != NO_UID)
c2aa98e2SPeter Wemm			{
06f25ae9SGregory Neil Shapiro				if (RunAsUid != 0 && new_euid != RunAsUid)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					/* Only root can change the uid */
06f25ae9SGregory Neil Shapiro					syserr("openmailer: insufficient privileges to change uid");
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm				vendor_set_uid(new_euid);
06f25ae9SGregory Neil Shapiro# if MAILER_SETUID_METHOD == USE_SETEUID
c2aa98e2SPeter Wemm				if (seteuid(new_euid) < 0 && suidwarn)
06f25ae9SGregory Neil Shapiro				{
c2aa98e2SPeter Wemm					syserr("openmailer: seteuid(%ld) failed",
c2aa98e2SPeter Wemm						(long) new_euid);
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro# endif /* MAILER_SETUID_METHOD == USE_SETEUID */
06f25ae9SGregory Neil Shapiro# if MAILER_SETUID_METHOD == USE_SETREUID
c2aa98e2SPeter Wemm				if (setreuid(new_ruid, new_euid) < 0 && suidwarn)
06f25ae9SGregory Neil Shapiro				{
c2aa98e2SPeter Wemm					syserr("openmailer: setreuid(%ld, %ld) failed",
c2aa98e2SPeter Wemm						(long) new_ruid, (long) new_euid);
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro# endif /* MAILER_SETUID_METHOD == USE_SETREUID */
06f25ae9SGregory Neil Shapiro# if MAILER_SETUID_METHOD == USE_SETUID
c2aa98e2SPeter Wemm				if (new_euid != geteuid() && setuid(new_euid) < 0 && suidwarn)
06f25ae9SGregory Neil Shapiro				{
c2aa98e2SPeter Wemm					syserr("openmailer: setuid(%ld) failed",
c2aa98e2SPeter Wemm						(long) new_euid);
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro# endif /* MAILER_SETUID_METHOD == USE_SETUID */
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else if (new_ruid != NO_UID)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				vendor_set_uid(new_ruid);
c2aa98e2SPeter Wemm				if (setuid(new_ruid) < 0 && suidwarn)
06f25ae9SGregory Neil Shapiro				{
c2aa98e2SPeter Wemm					syserr("openmailer: setuid(%ld) failed",
c2aa98e2SPeter Wemm						(long) new_ruid);
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			if (tTd(11, 2))
06f25ae9SGregory Neil Shapiro				dprintf("openmailer: running as r/euid=%d/%d, r/egid=%d/%d\n",
06f25ae9SGregory Neil Shapiro					(int) getuid(), (int) geteuid(),
06f25ae9SGregory Neil Shapiro					(int) getgid(), (int) getegid());
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* move into some "safe" directory */
c2aa98e2SPeter Wemm			if (m->m_execdir != NULL)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				char *q;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				for (p = m->m_execdir; p != NULL; p = q)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					q = strchr(p, ':');
c2aa98e2SPeter Wemm					if (q != NULL)
c2aa98e2SPeter Wemm						*q = '\0';
c2aa98e2SPeter Wemm					expand(p, buf, sizeof buf, e);
c2aa98e2SPeter Wemm					if (q != NULL)
c2aa98e2SPeter Wemm						*q++ = ':';
c2aa98e2SPeter Wemm					if (tTd(11, 20))
06f25ae9SGregory Neil Shapiro						dprintf("openmailer: trydir %s\n",
c2aa98e2SPeter Wemm							buf);
c2aa98e2SPeter Wemm					if (buf[0] != '\0' && chdir(buf) >= 0)
c2aa98e2SPeter Wemm						break;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* arrange to filter std & diag output of command */
c2aa98e2SPeter Wemm			(void) close(rpvect[0]);
c2aa98e2SPeter Wemm			if (dup2(rpvect[1], STDOUT_FILENO) < 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				syserr("%s... openmailer(%s): cannot dup pipe %d for stdout",
c2aa98e2SPeter Wemm				       shortenstring(e->e_to, MAXSHORTSTR),
c2aa98e2SPeter Wemm				       m->m_name, rpvect[1]);
c2aa98e2SPeter Wemm				_exit(EX_OSERR);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			(void) close(rpvect[1]);
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm			if (dup2(STDOUT_FILENO, STDERR_FILENO) < 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				syserr("%s... openmailer(%s): cannot dup stdout for stderr",
c2aa98e2SPeter Wemm					shortenstring(e->e_to, MAXSHORTSTR),
c2aa98e2SPeter Wemm					m->m_name);
c2aa98e2SPeter Wemm				_exit(EX_OSERR);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* arrange to get standard input */
c2aa98e2SPeter Wemm			(void) close(mpvect[1]);
c2aa98e2SPeter Wemm			if (dup2(mpvect[0], STDIN_FILENO) < 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				syserr("%s... openmailer(%s): cannot dup pipe %d for stdin",
c2aa98e2SPeter Wemm					shortenstring(e->e_to, MAXSHORTSTR),
c2aa98e2SPeter Wemm					m->m_name, mpvect[0]);
c2aa98e2SPeter Wemm				_exit(EX_OSERR);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			(void) close(mpvect[0]);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* arrange for all the files to be closed */
c2aa98e2SPeter Wemm			for (i = 3; i < DtableSize; i++)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				register int j;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				if ((j = fcntl(i, F_GETFD, 0)) != -1)
06f25ae9SGregory Neil Shapiro					(void) fcntl(i, F_SETFD,
06f25ae9SGregory Neil Shapiro						     j | FD_CLOEXEC);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* run disconnected from terminal */
c2aa98e2SPeter Wemm			(void) setsid();
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* try to execute the mailer */
06f25ae9SGregory Neil Shapiro			(void) execve(m->m_mailer, (ARGV_T) pv,
06f25ae9SGregory Neil Shapiro				      (ARGV_T) UserEnviron);
06f25ae9SGregory Neil Shapiro			save_errno = errno;
c2aa98e2SPeter Wemm			syserr("Cannot exec %s", m->m_mailer);
c2aa98e2SPeter Wemm			if (bitnset(M_LOCALMAILER, m->m_flags) ||
06f25ae9SGregory Neil Shapiro			    transienterror(save_errno))
c2aa98e2SPeter Wemm				_exit(EX_OSERR);
c2aa98e2SPeter Wemm			_exit(EX_UNAVAILABLE);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Set up return value.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (mci == NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			mci = (MCI *) xalloc(sizeof *mci);
06f25ae9SGregory Neil Shapiro			memset((char *) mci, '\0', sizeof *mci);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		mci->mci_mailer = m;
c2aa98e2SPeter Wemm		if (clever)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			mci->mci_state = MCIS_OPENING;
c2aa98e2SPeter Wemm			mci_cache(mci);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			mci->mci_state = MCIS_OPEN;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		mci->mci_pid = pid;
c2aa98e2SPeter Wemm		(void) close(mpvect[0]);
c2aa98e2SPeter Wemm		mci->mci_out = fdopen(mpvect[1], "w");
c2aa98e2SPeter Wemm		if (mci->mci_out == NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			syserr("deliver: cannot create mailer output channel, fd=%d",
c2aa98e2SPeter Wemm				mpvect[1]);
c2aa98e2SPeter Wemm			(void) close(mpvect[1]);
c2aa98e2SPeter Wemm			(void) close(rpvect[0]);
c2aa98e2SPeter Wemm			(void) close(rpvect[1]);
c2aa98e2SPeter Wemm			rcode = EX_OSERR;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		(void) close(rpvect[1]);
c2aa98e2SPeter Wemm		mci->mci_in = fdopen(rpvect[0], "r");
c2aa98e2SPeter Wemm		if (mci->mci_in == NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			syserr("deliver: cannot create mailer input channel, fd=%d",
c2aa98e2SPeter Wemm			       mpvect[1]);
c2aa98e2SPeter Wemm			(void) close(rpvect[0]);
06f25ae9SGregory Neil Shapiro			(void) fclose(mci->mci_out);
c2aa98e2SPeter Wemm			mci->mci_out = NULL;
c2aa98e2SPeter Wemm			rcode = EX_OSERR;
c2aa98e2SPeter Wemm			goto give_up;
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		/* Don't cache non-clever connections */
06f25ae9SGregory Neil Shapiro		if (!clever)
c2aa98e2SPeter Wemm			mci->mci_flags |= MCIF_TEMP;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  If we are in SMTP opening state, send initial protocol.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (bitnset(M_7BITS, m->m_flags) &&
c2aa98e2SPeter Wemm	    (!clever || mci->mci_state == MCIS_OPENING))
c2aa98e2SPeter Wemm		mci->mci_flags |= MCIF_7BIT;
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm	if (clever && mci->mci_state != MCIS_CLOSED)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro# if SASL && SFIO
193538b7SGregory Neil Shapiro#  define DONE_AUTH(f)		bitset(MCIF_AUTHACT, f)
06f25ae9SGregory Neil Shapiro# endif /* SASL && SFIO */
06f25ae9SGregory Neil Shapiro# if STARTTLS
193538b7SGregory Neil Shapiro#  define DONE_STARTTLS(f)	bitset(MCIF_TLSACT, f)
06f25ae9SGregory Neil Shapiro# endif /* STARTTLS */
193538b7SGregory Neil Shapiro# define ONLY_HELO(f)		bitset(MCIF_ONLY_EHLO, f)
193538b7SGregory Neil Shapiro# define SET_HELO(f)		f |= MCIF_ONLY_EHLO
193538b7SGregory Neil Shapiro# define CLR_HELO(f)		f &= ~MCIF_ONLY_EHLO
c2aa98e2SPeter Wemm
193538b7SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro# if STARTTLS || (SASL && SFIO)
06f25ae9SGregory Neil Shapiroreconnect:	/* after switching to an authenticated connection */
06f25ae9SGregory Neil Shapiro# endif /* STARTTLS || (SASL && SFIO) */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro# if SASL
06f25ae9SGregory Neil Shapiro		mci->mci_saslcap = NULL;
06f25ae9SGregory Neil Shapiro# endif /* SASL */
193538b7SGregory Neil Shapiro		smtpinit(m, mci, e, ONLY_HELO(mci->mci_flags));
193538b7SGregory Neil Shapiro		CLR_HELO(mci->mci_flags);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro# if STARTTLS
06f25ae9SGregory Neil Shapiro		/* first TLS then AUTH to provide a security layer */
193538b7SGregory Neil Shapiro		if (mci->mci_state != MCIS_CLOSED &&
193538b7SGregory Neil Shapiro		    !DONE_STARTTLS(mci->mci_flags))
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			int olderrors;
602a2b1bSGregory Neil Shapiro			int dotpos;
06f25ae9SGregory Neil Shapiro			bool usetls;
06f25ae9SGregory Neil Shapiro			bool saveQuickAbort = QuickAbort;
06f25ae9SGregory Neil Shapiro			bool saveSuprErrs = SuprErrs;
193538b7SGregory Neil Shapiro			char *host = NULL;
42e5d165SGregory Neil Shapiro#  if _FFR_TLS_CLT1
42e5d165SGregory Neil Shapiro			char *p;
42e5d165SGregory Neil Shapiro#  endif /* _FFR_TLS_CLT1 */
602a2b1bSGregory Neil Shapiro			char *srvname;
06f25ae9SGregory Neil Shapiro			extern SOCKADDR CurHostAddr;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			rcode = EX_OK;
06f25ae9SGregory Neil Shapiro			usetls = bitset(MCIF_TLS, mci->mci_flags);
42e5d165SGregory Neil Shapiro#  if _FFR_TLS_CLT1
42e5d165SGregory Neil Shapiro			if (usetls &&
42e5d165SGregory Neil Shapiro			    (p = macvalue(macid("{client_flags}", NULL), e))
42e5d165SGregory Neil Shapiro			    != NULL)
42e5d165SGregory Neil Shapiro			{
42e5d165SGregory Neil Shapiro				for (; *p != '\0'; p++)
42e5d165SGregory Neil Shapiro				{
42e5d165SGregory Neil Shapiro					/* look for just this one flag */
42e5d165SGregory Neil Shapiro					if (*p == D_CLTNOTLS)
42e5d165SGregory Neil Shapiro					{
42e5d165SGregory Neil Shapiro						usetls = FALSE;
42e5d165SGregory Neil Shapiro						break;
42e5d165SGregory Neil Shapiro					}
42e5d165SGregory Neil Shapiro				}
42e5d165SGregory Neil Shapiro			}
42e5d165SGregory Neil Shapiro#  endif /* _FFR_TLS_CLT1 */
42e5d165SGregory Neil Shapiro
602a2b1bSGregory Neil Shapiro			if (mci->mci_host != NULL)
602a2b1bSGregory Neil Shapiro			{
602a2b1bSGregory Neil Shapiro				srvname = mci->mci_host;
602a2b1bSGregory Neil Shapiro				dotpos = strlen(srvname) - 1;
602a2b1bSGregory Neil Shapiro				if (dotpos >= 0)
602a2b1bSGregory Neil Shapiro				{
602a2b1bSGregory Neil Shapiro					if (srvname[dotpos] == '.')
602a2b1bSGregory Neil Shapiro						srvname[dotpos] = '\0';
602a2b1bSGregory Neil Shapiro					else
602a2b1bSGregory Neil Shapiro						dotpos = -1;
602a2b1bSGregory Neil Shapiro				}
602a2b1bSGregory Neil Shapiro			}
602a2b1bSGregory Neil Shapiro			else
602a2b1bSGregory Neil Shapiro			{
602a2b1bSGregory Neil Shapiro				srvname = "";
602a2b1bSGregory Neil Shapiro				dotpos = -1;
602a2b1bSGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			define(macid("{server_name}", NULL),
602a2b1bSGregory Neil Shapiro			       newstr(srvname), e);
06f25ae9SGregory Neil Shapiro			if (CurHostAddr.sa.sa_family != 0)
06f25ae9SGregory Neil Shapiro				define(macid("{server_addr}", NULL),
06f25ae9SGregory Neil Shapiro				       newstr(anynet_ntoa(&CurHostAddr)), e);
06f25ae9SGregory Neil Shapiro			else
06f25ae9SGregory Neil Shapiro				define(macid("{server_addr}", NULL), NULL, e);
06f25ae9SGregory Neil Shapiro			if (usetls)
06f25ae9SGregory Neil Shapiro			{
193538b7SGregory Neil Shapiro				host = macvalue(macid("{server_name}", NULL),
193538b7SGregory Neil Shapiro						e);
193538b7SGregory Neil Shapiro#  if _FFR_TLS_O_T
06f25ae9SGregory Neil Shapiro				olderrors = Errors;
06f25ae9SGregory Neil Shapiro				QuickAbort = FALSE;
06f25ae9SGregory Neil Shapiro				SuprErrs = TRUE;
602a2b1bSGregory Neil Shapiro				if (rscheck("try_tls", srvname, NULL,
193538b7SGregory Neil Shapiro					    e, TRUE, FALSE, 8, host) != EX_OK
06f25ae9SGregory Neil Shapiro				    || Errors > olderrors)
06f25ae9SGregory Neil Shapiro					usetls = FALSE;
06f25ae9SGregory Neil Shapiro				SuprErrs = saveSuprErrs;
06f25ae9SGregory Neil Shapiro				QuickAbort = saveQuickAbort;
06f25ae9SGregory Neil Shapiro#  endif /* _FFR_TLS_O_T */
193538b7SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro
602a2b1bSGregory Neil Shapiro			/* undo change of srvname */
602a2b1bSGregory Neil Shapiro			if (dotpos >= 0)
602a2b1bSGregory Neil Shapiro				srvname[dotpos] = '.';
06f25ae9SGregory Neil Shapiro			if (usetls)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				if ((rcode = starttls(m, mci, e)) == EX_OK)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					/* start again without STARTTLS */
06f25ae9SGregory Neil Shapiro					mci->mci_flags |= MCIF_TLSACT;
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro				else
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					char *s;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro					/*
06f25ae9SGregory Neil Shapiro					**  TLS negotation failed, what to do?
06f25ae9SGregory Neil Shapiro					**  fall back to unencrypted connection
06f25ae9SGregory Neil Shapiro					**  or abort? How to decide?
06f25ae9SGregory Neil Shapiro					**  set a macro and call a ruleset.
06f25ae9SGregory Neil Shapiro					*/
06f25ae9SGregory Neil Shapiro					mci->mci_flags &= ~MCIF_TLS;
06f25ae9SGregory Neil Shapiro					switch (rcode)
06f25ae9SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro					  case EX_TEMPFAIL:
06f25ae9SGregory Neil Shapiro						s = "TEMP";
06f25ae9SGregory Neil Shapiro						break;
06f25ae9SGregory Neil Shapiro					  case EX_USAGE:
06f25ae9SGregory Neil Shapiro						s = "USAGE";
06f25ae9SGregory Neil Shapiro						break;
06f25ae9SGregory Neil Shapiro					  case EX_PROTOCOL:
06f25ae9SGregory Neil Shapiro						s = "PROTOCOL";
06f25ae9SGregory Neil Shapiro						break;
06f25ae9SGregory Neil Shapiro					  case EX_SOFTWARE:
06f25ae9SGregory Neil Shapiro						s = "SOFTWARE";
06f25ae9SGregory Neil Shapiro						break;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro					  /* everything else is a failure */
06f25ae9SGregory Neil Shapiro					  default:
06f25ae9SGregory Neil Shapiro						s = "FAILURE";
06f25ae9SGregory Neil Shapiro						rcode = EX_TEMPFAIL;
06f25ae9SGregory Neil Shapiro					}
06f25ae9SGregory Neil Shapiro					define(macid("{verify}", NULL),
06f25ae9SGregory Neil Shapiro					       newstr(s), e);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro			}
193538b7SGregory Neil Shapiro			else if (mci->mci_ssl != NULL)
193538b7SGregory Neil Shapiro			{
193538b7SGregory Neil Shapiro				/* active TLS connection, use that data */
193538b7SGregory Neil Shapiro				(void) tls_get_info(mci->mci_ssl, e, FALSE,
193538b7SGregory Neil Shapiro						    mci->mci_host, FALSE);
193538b7SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			else
06f25ae9SGregory Neil Shapiro				define(macid("{verify}", NULL), "NONE", e);
06f25ae9SGregory Neil Shapiro			olderrors = Errors;
06f25ae9SGregory Neil Shapiro			QuickAbort = FALSE;
06f25ae9SGregory Neil Shapiro			SuprErrs = TRUE;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			/*
06f25ae9SGregory Neil Shapiro			**  rcode == EX_SOFTWARE is special:
06f25ae9SGregory Neil Shapiro			**  the TLS negotation failed
06f25ae9SGregory Neil Shapiro			**  we have to drop the connection no matter what
06f25ae9SGregory Neil Shapiro			**  However, we call tls_server to give it the chance
06f25ae9SGregory Neil Shapiro			**  to log the problem and return an appropriate
06f25ae9SGregory Neil Shapiro			**  error code.
06f25ae9SGregory Neil Shapiro			*/
06f25ae9SGregory Neil Shapiro			if (rscheck("tls_server",
06f25ae9SGregory Neil Shapiro				     macvalue(macid("{verify}", NULL), e),
193538b7SGregory Neil Shapiro				     NULL, e, TRUE, TRUE, 6, host) != EX_OK ||
06f25ae9SGregory Neil Shapiro			    Errors > olderrors ||
06f25ae9SGregory Neil Shapiro			    rcode == EX_SOFTWARE)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				char enhsc[ENHSCLEN];
06f25ae9SGregory Neil Shapiro				extern char MsgBuf[];
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				if (ISSMTPCODE(MsgBuf) &&
06f25ae9SGregory Neil Shapiro				    extenhsc(MsgBuf + 4, ' ', enhsc) > 0)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					p = newstr(MsgBuf);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro				else
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					p = "403 4.7.0 server not authenticated.";
06f25ae9SGregory Neil Shapiro					(void) strlcpy(enhsc, "4.7.0",
06f25ae9SGregory Neil Shapiro						       sizeof enhsc);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro				SuprErrs = saveSuprErrs;
06f25ae9SGregory Neil Shapiro				QuickAbort = saveQuickAbort;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				if (rcode == EX_SOFTWARE)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					/* drop the connection */
06f25ae9SGregory Neil Shapiro					mci->mci_state = MCIS_QUITING;
06f25ae9SGregory Neil Shapiro					if (mci->mci_in != NULL)
06f25ae9SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro						(void) fclose(mci->mci_in);
06f25ae9SGregory Neil Shapiro						mci->mci_in = NULL;
06f25ae9SGregory Neil Shapiro					}
06f25ae9SGregory Neil Shapiro					mci->mci_flags &= ~MCIF_TLSACT;
06f25ae9SGregory Neil Shapiro					(void) endmailer(mci, e, pv);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro				else
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					/* abort transfer */
06f25ae9SGregory Neil Shapiro					smtpquit(m, mci, e);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro
193538b7SGregory Neil Shapiro				/* avoid bogus error msg */
193538b7SGregory Neil Shapiro				mci->mci_errno = 0;
193538b7SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				/* temp or permanent failure? */
06f25ae9SGregory Neil Shapiro				rcode = (*p == '4') ? EX_TEMPFAIL
06f25ae9SGregory Neil Shapiro						    : EX_UNAVAILABLE;
06f25ae9SGregory Neil Shapiro				mci_setstat(mci, rcode, newstr(enhsc), p);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				/*
06f25ae9SGregory Neil Shapiro				**  hack to get the error message into
06f25ae9SGregory Neil Shapiro				**  the envelope (done in giveresponse())
06f25ae9SGregory Neil Shapiro				*/
06f25ae9SGregory Neil Shapiro				(void) strlcpy(SmtpError, p, sizeof SmtpError);
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			QuickAbort = saveQuickAbort;
06f25ae9SGregory Neil Shapiro			SuprErrs = saveSuprErrs;
193538b7SGregory Neil Shapiro			if (DONE_STARTTLS(mci->mci_flags) &&
193538b7SGregory Neil Shapiro			    mci->mci_state != MCIS_CLOSED)
06f25ae9SGregory Neil Shapiro			{
193538b7SGregory Neil Shapiro				SET_HELO(mci->mci_flags);
06f25ae9SGregory Neil Shapiro				mci->mci_flags &= ~MCIF_EXTENS;
06f25ae9SGregory Neil Shapiro				goto reconnect;
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro		}
193538b7SGregory Neil Shapiro		else if (mci->mci_ssl != NULL)
193538b7SGregory Neil Shapiro		{
193538b7SGregory Neil Shapiro			/* active TLS connection, use that data */
193538b7SGregory Neil Shapiro			(void) tls_get_info(mci->mci_ssl, e, FALSE,
193538b7SGregory Neil Shapiro					    mci->mci_host, FALSE);
193538b7SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro# endif /* STARTTLS */
06f25ae9SGregory Neil Shapiro# if SASL
06f25ae9SGregory Neil Shapiro		/* if other server supports authentication let's authenticate */
06f25ae9SGregory Neil Shapiro		if (mci->mci_state != MCIS_CLOSED &&
06f25ae9SGregory Neil Shapiro		    mci->mci_saslcap != NULL &&
06f25ae9SGregory Neil Shapiro#  if SFIO
193538b7SGregory Neil Shapiro		    !DONE_AUTH(mci->mci_flags) &&
06f25ae9SGregory Neil Shapiro#  endif /* SFIO */
06f25ae9SGregory Neil Shapiro		    SASLInfo != NULL)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			/*
06f25ae9SGregory Neil Shapiro			**  should we require some minimum authentication?
06f25ae9SGregory Neil Shapiro			**  XXX ignore result?
06f25ae9SGregory Neil Shapiro			*/
06f25ae9SGregory Neil Shapiro			if (smtpauth(m, mci, e) == EX_OK)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro#  if SFIO
06f25ae9SGregory Neil Shapiro				int result;
06f25ae9SGregory Neil Shapiro				sasl_ssf_t *ssf;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				/* get security strength (features) */
06f25ae9SGregory Neil Shapiro				result = sasl_getprop(mci->mci_conn, SASL_SSF,
06f25ae9SGregory Neil Shapiro						      (void **) &ssf);
06f25ae9SGregory Neil Shapiro				if (LogLevel > 9)
06f25ae9SGregory Neil Shapiro					sm_syslog(LOG_INFO, NOQID,
06f25ae9SGregory Neil Shapiro						  "SASL: outgoing connection to %.64s: mech=%.16s, bits=%d",
06f25ae9SGregory Neil Shapiro						  mci->mci_host,
06f25ae9SGregory Neil Shapiro						  macvalue(macid("{auth_type}",
06f25ae9SGregory Neil Shapiro								 NULL), e),
06f25ae9SGregory Neil Shapiro						  *ssf);
06f25ae9SGregory Neil Shapiro				/*
06f25ae9SGregory Neil Shapiro				**  only switch to encrypted connection
06f25ae9SGregory Neil Shapiro				**  if a security layer has been negotiated
06f25ae9SGregory Neil Shapiro				*/
06f25ae9SGregory Neil Shapiro				if (result == SASL_OK && *ssf > 0)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					/*
06f25ae9SGregory Neil Shapiro					**  convert sfio stuff to use SASL
06f25ae9SGregory Neil Shapiro					**  check return values
06f25ae9SGregory Neil Shapiro					**  if the call fails,
06f25ae9SGregory Neil Shapiro					**  fall back to unencrypted version
06f25ae9SGregory Neil Shapiro					**  unless some cf option requires
06f25ae9SGregory Neil Shapiro					**  encryption then the connection must
06f25ae9SGregory Neil Shapiro					**  be aborted
06f25ae9SGregory Neil Shapiro					*/
06f25ae9SGregory Neil Shapiro					if (sfdcsasl(mci->mci_in, mci->mci_out,
06f25ae9SGregory Neil Shapiro						     mci->mci_conn) == 0)
06f25ae9SGregory Neil Shapiro					{
193538b7SGregory Neil Shapiro						SET_HELO(mci->mci_flags);
06f25ae9SGregory Neil Shapiro						mci->mci_flags &= ~MCIF_EXTENS;
06f25ae9SGregory Neil Shapiro						mci->mci_flags |= MCIF_AUTHACT;
06f25ae9SGregory Neil Shapiro						goto reconnect;
06f25ae9SGregory Neil Shapiro					}
06f25ae9SGregory Neil Shapiro					syserr("SASL TLS switch failed in client");
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro				/* else? XXX */
06f25ae9SGregory Neil Shapiro#  endif /* SFIO */
06f25ae9SGregory Neil Shapiro				mci->mci_flags |= MCIF_AUTHACT;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro# endif /* SASL */
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro#endif /* SMTP */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmdo_transfer:
c2aa98e2SPeter Wemm	/* clear out per-message flags from connection structure */
c2aa98e2SPeter Wemm	mci->mci_flags &= ~(MCIF_CVT7TO8|MCIF_CVT8TO7);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (bitset(EF_HAS8BIT, e->e_flags) &&
c2aa98e2SPeter Wemm	    !bitset(EF_DONT_MIME, e->e_flags) &&
c2aa98e2SPeter Wemm	    bitnset(M_7BITS, m->m_flags))
c2aa98e2SPeter Wemm		mci->mci_flags |= MCIF_CVT8TO7;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if MIME7TO8
c2aa98e2SPeter Wemm	if (bitnset(M_MAKE8BIT, m->m_flags) &&
c2aa98e2SPeter Wemm	    !bitset(MCIF_7BIT, mci->mci_flags) &&
c2aa98e2SPeter Wemm	    (p = hvalue("Content-Transfer-Encoding", e->e_header)) != NULL &&
c2aa98e2SPeter Wemm	     (strcasecmp(p, "quoted-printable") == 0 ||
c2aa98e2SPeter Wemm	      strcasecmp(p, "base64") == 0) &&
c2aa98e2SPeter Wemm	    (p = hvalue("Content-Type", e->e_header)) != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* may want to convert 7 -> 8 */
c2aa98e2SPeter Wemm		/* XXX should really parse it here -- and use a class XXX */
c2aa98e2SPeter Wemm		if (strncasecmp(p, "text/plain", 10) == 0 &&
c2aa98e2SPeter Wemm		    (p[10] == '\0' || p[10] == ' ' || p[10] == ';'))
c2aa98e2SPeter Wemm			mci->mci_flags |= MCIF_CVT7TO8;
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro#endif /* MIME7TO8 */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(11, 1))
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		dprintf("openmailer: ");
c2aa98e2SPeter Wemm		mci_dump(mci, FALSE);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (mci->mci_state != MCIS_OPEN)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* couldn't open the mailer */
c2aa98e2SPeter Wemm		rcode = mci->mci_exitstat;
c2aa98e2SPeter Wemm		errno = mci->mci_errno;
c2aa98e2SPeter Wemm#if NAMED_BIND
602a2b1bSGregory Neil Shapiro		SM_SET_H_ERRNO(mci->mci_herrno);
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
c2aa98e2SPeter Wemm		if (rcode == EX_OK)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* shouldn't happen */
06f25ae9SGregory Neil Shapiro			syserr("554 5.3.5 deliver: mci=%lx rcode=%d errno=%d state=%d sig=%s",
06f25ae9SGregory Neil Shapiro				(u_long) mci, rcode, errno, mci->mci_state,
c2aa98e2SPeter Wemm				firstsig);
c2aa98e2SPeter Wemm			mci_dump_all(TRUE);
c2aa98e2SPeter Wemm			rcode = EX_SOFTWARE;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm#if DAEMON
06f25ae9SGregory Neil Shapiro		else if (nummxhosts > hostnum)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* try next MX site */
c2aa98e2SPeter Wemm			goto tryhost;
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro#endif /* DAEMON */
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else if (!clever)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Format and send message.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		putfromline(mci, e);
2e43090eSPeter Wemm		(*e->e_puthdr)(mci, e->e_header, e, M87F_OUTER);
c2aa98e2SPeter Wemm		(*e->e_putbody)(mci, e, NULL);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* get the exit status */
c2aa98e2SPeter Wemm		rcode = endmailer(mci, e, pv);
602a2b1bSGregory Neil Shapiro		if (rcode == EX_TEMPFAIL &&
602a2b1bSGregory Neil Shapiro		    SmtpError[0] == '\0')
602a2b1bSGregory Neil Shapiro		{
602a2b1bSGregory Neil Shapiro			/*
602a2b1bSGregory Neil Shapiro			**  Need an e_message for mailq display.
602a2b1bSGregory Neil Shapiro			**  We set SmtpError as
602a2b1bSGregory Neil Shapiro			*/
602a2b1bSGregory Neil Shapiro
602a2b1bSGregory Neil Shapiro			snprintf(SmtpError, sizeof SmtpError,
602a2b1bSGregory Neil Shapiro				 "%s mailer (%s) exited with EX_TEMPFAIL",
602a2b1bSGregory Neil Shapiro				 m->m_name, m->m_mailer);
602a2b1bSGregory Neil Shapiro		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Send the MAIL FROM: protocol
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		rcode = smtpmailfrom(m, mci, e);
c2aa98e2SPeter Wemm		if (rcode == EX_OK)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			register char *t = tobuf;
c2aa98e2SPeter Wemm			register int i;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* send the recipient list */
c2aa98e2SPeter Wemm			tobuf[0] = '\0';
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm			for (to = tochain; to != NULL; to = to->q_tchain)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				e->e_to = to->q_paddr;
06f25ae9SGregory Neil Shapiro#if !_FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro				if (strlen(to->q_paddr) +
06f25ae9SGregory Neil Shapiro				    (t - tobuf) + 2 > sizeof tobuf)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					/* not enough room */
c2aa98e2SPeter Wemm					continue;
c2aa98e2SPeter Wemm				}
06f25ae9SGregory Neil Shapiro#endif /* !_FFR_DYNAMIC_TOBUF */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro# if STARTTLS
06f25ae9SGregory Neil Shapiro#  if _FFR_TLS_RCPT
06f25ae9SGregory Neil Shapiro				i = rscheck("tls_rcpt", to->q_user, NULL, e,
193538b7SGregory Neil Shapiro					    TRUE, TRUE, 4, mci->mci_host);
06f25ae9SGregory Neil Shapiro				if (i != EX_OK)
c2aa98e2SPeter Wemm				{
193538b7SGregory Neil Shapiro					/* avoid bogus error msg */
193538b7SGregory Neil Shapiro					errno = 0;
06f25ae9SGregory Neil Shapiro					markfailure(e, to, mci, i, FALSE);
06f25ae9SGregory Neil Shapiro					giveresponse(i, to->q_status,  m,
06f25ae9SGregory Neil Shapiro						     mci, ctladdr, xstart, e);
06f25ae9SGregory Neil Shapiro					continue;
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro#  endif /* _FFR_TLS_RCPT */
06f25ae9SGregory Neil Shapiro# endif /* STARTTLS */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				if ((i = smtprcpt(to, m, mci, e)) != EX_OK)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					markfailure(e, to, mci, i, FALSE);
06f25ae9SGregory Neil Shapiro					giveresponse(i, to->q_status,  m,
06f25ae9SGregory Neil Shapiro						     mci, ctladdr, xstart, e);
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					*t++ = ',';
c2aa98e2SPeter Wemm					for (p = to->q_paddr; *p; *t++ = *p++)
c2aa98e2SPeter Wemm						continue;
c2aa98e2SPeter Wemm					*t = '\0';
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* now send the data */
c2aa98e2SPeter Wemm			if (tobuf[0] == '\0')
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				rcode = EX_OK;
c2aa98e2SPeter Wemm				e->e_to = NULL;
c2aa98e2SPeter Wemm				if (bitset(MCIF_CACHED, mci->mci_flags))
c2aa98e2SPeter Wemm					smtprset(m, mci, e);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				e->e_to = tobuf + 1;
c2aa98e2SPeter Wemm				rcode = smtpdata(m, mci, e);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm# if DAEMON
06f25ae9SGregory Neil Shapiro		if (rcode == EX_TEMPFAIL && nummxhosts > hostnum)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* try next MX site */
c2aa98e2SPeter Wemm			goto tryhost;
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro# endif /* DAEMON */
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro#else /* SMTP */
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		syserr("554 5.3.5 deliver: need SMTP compiled to use clever mailer");
c2aa98e2SPeter Wemm		rcode = EX_CONFIG;
c2aa98e2SPeter Wemm		goto give_up;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm#endif /* SMTP */
c2aa98e2SPeter Wemm#if NAMED_BIND
c2aa98e2SPeter Wemm	if (ConfigLevel < 2)
c2aa98e2SPeter Wemm		_res.options |= RES_DEFNAMES | RES_DNSRCH;	/* XXX */
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(62, 1))
c2aa98e2SPeter Wemm		checkfds("after delivery");
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Do final status disposal.
c2aa98e2SPeter Wemm	**	We check for something in tobuf for the SMTP case.
c2aa98e2SPeter Wemm	**	If we got a temporary failure, arrange to queue the
c2aa98e2SPeter Wemm	**		addressees.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm  give_up:
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm	if (bitnset(M_LMTP, m->m_flags))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		lmtp_rcode = rcode;
c2aa98e2SPeter Wemm		tobuf[0] = '\0';
c2aa98e2SPeter Wemm		anyok = FALSE;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else
06f25ae9SGregory Neil Shapiro#endif /* SMTP */
c2aa98e2SPeter Wemm		anyok = rcode == EX_OK;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	for (to = tochain; to != NULL; to = to->q_tchain)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* see if address already marked */
06f25ae9SGregory Neil Shapiro		if (!QS_IS_OK(to->q_state))
c2aa98e2SPeter Wemm			continue;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm		/* if running LMTP, get the status for each address */
c2aa98e2SPeter Wemm		if (bitnset(M_LMTP, m->m_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (lmtp_rcode == EX_OK)
c2aa98e2SPeter Wemm				rcode = smtpgetstat(m, mci, e);
c2aa98e2SPeter Wemm			if (rcode == EX_OK)
c2aa98e2SPeter Wemm			{
42e5d165SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
42e5d165SGregory Neil Shapiro				(void) strlcat(tobuf, ",", tobufsize);
42e5d165SGregory Neil Shapiro				(void) strlcat(tobuf, to->q_paddr, tobufsize);
42e5d165SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
06f25ae9SGregory Neil Shapiro				if (strlen(to->q_paddr) +
06f25ae9SGregory Neil Shapiro				    strlen(tobuf) + 2 > sizeof tobuf)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					syserr("LMTP tobuf overflow");
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm				{
06f25ae9SGregory Neil Shapiro					(void) strlcat(tobuf, ",",
06f25ae9SGregory Neil Shapiro						       sizeof tobuf);
06f25ae9SGregory Neil Shapiro					(void) strlcat(tobuf, to->q_paddr,
06f25ae9SGregory Neil Shapiro						       sizeof tobuf);
c2aa98e2SPeter Wemm				}
42e5d165SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm				anyok = TRUE;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				e->e_to = to->q_paddr;
06f25ae9SGregory Neil Shapiro				markfailure(e, to, mci, rcode, TRUE);
06f25ae9SGregory Neil Shapiro				giveresponse(rcode, to->q_status, m, mci,
06f25ae9SGregory Neil Shapiro					     ctladdr, xstart, e);
c2aa98e2SPeter Wemm				e->e_to = tobuf + 1;
c2aa98e2SPeter Wemm				continue;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		else
06f25ae9SGregory Neil Shapiro#endif /* SMTP */
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* mark bad addresses */
c2aa98e2SPeter Wemm			if (rcode != EX_OK)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (goodmxfound && rcode == EX_NOHOST)
c2aa98e2SPeter Wemm					rcode = EX_TEMPFAIL;
06f25ae9SGregory Neil Shapiro				markfailure(e, to, mci, rcode, TRUE);
c2aa98e2SPeter Wemm				continue;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* successful delivery */
06f25ae9SGregory Neil Shapiro		to->q_state = QS_SENT;
c2aa98e2SPeter Wemm		to->q_statdate = curtime();
c2aa98e2SPeter Wemm		e->e_nsent++;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro#if QUEUE
06f25ae9SGregory Neil Shapiro		/*
06f25ae9SGregory Neil Shapiro		**  Checkpoint the send list every few addresses
06f25ae9SGregory Neil Shapiro		*/
06f25ae9SGregory Neil Shapiro
42e5d165SGregory Neil Shapiro		if (CheckpointInterval > 0 && e->e_nsent >= CheckpointInterval)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			queueup(e, FALSE);
06f25ae9SGregory Neil Shapiro			e->e_nsent = 0;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro#endif /* QUEUE */
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		if (bitnset(M_LOCALMAILER, m->m_flags) &&
c2aa98e2SPeter Wemm		    bitset(QPINGONSUCCESS, to->q_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			to->q_flags |= QDELIVERED;
c2aa98e2SPeter Wemm			to->q_status = "2.1.5";
c2aa98e2SPeter Wemm			fprintf(e->e_xfp, "%s... Successfully delivered\n",
c2aa98e2SPeter Wemm				to->q_paddr);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		else if (bitset(QPINGONSUCCESS, to->q_flags) &&
c2aa98e2SPeter Wemm			 bitset(QPRIMARY, to->q_flags) &&
c2aa98e2SPeter Wemm			 !bitset(MCIF_DSN, mci->mci_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			to->q_flags |= QRELAYED;
c2aa98e2SPeter Wemm			fprintf(e->e_xfp, "%s... relayed; expect no further notifications\n",
c2aa98e2SPeter Wemm				to->q_paddr);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm	if (bitnset(M_LMTP, m->m_flags))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Global information applies to the last recipient only;
c2aa98e2SPeter Wemm		**  clear it out to avoid bogus errors.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		rcode = EX_OK;
c2aa98e2SPeter Wemm		e->e_statmsg = NULL;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* reset the mci state for the next transaction */
c2aa98e2SPeter Wemm		if (mci != NULL && mci->mci_state == MCIS_ACTIVE)
c2aa98e2SPeter Wemm			mci->mci_state = MCIS_OPEN;
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro#endif /* SMTP */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tobuf[0] != '\0')
06f25ae9SGregory Neil Shapiro		giveresponse(rcode, NULL, m, mci, ctladdr, xstart, e);
c2aa98e2SPeter Wemm	if (anyok)
c2aa98e2SPeter Wemm		markstats(e, tochain, FALSE);
c2aa98e2SPeter Wemm	mci_store_persistent(mci);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm	/* now close the connection */
c2aa98e2SPeter Wemm	if (clever && mci != NULL && mci->mci_state != MCIS_CLOSED &&
c2aa98e2SPeter Wemm	    !bitset(MCIF_CACHED, mci->mci_flags))
c2aa98e2SPeter Wemm		smtpquit(m, mci, e);
06f25ae9SGregory Neil Shapiro#endif /* SMTP */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Restore state and return.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if XDEBUG
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		char wbuf[MAXLINE];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* make absolutely certain 0, 1, and 2 are in use */
c2aa98e2SPeter Wemm		snprintf(wbuf, sizeof wbuf, "%s... end of deliver(%s)",
c2aa98e2SPeter Wemm			e->e_to == NULL ? "NO-TO-LIST"
c2aa98e2SPeter Wemm					: shortenstring(e->e_to, MAXSHORTSTR),
c2aa98e2SPeter Wemm			m->m_name);
c2aa98e2SPeter Wemm		checkfd012(wbuf);
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro#endif /* XDEBUG */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	errno = 0;
c2aa98e2SPeter Wemm	define('g', (char *) NULL, e);
06f25ae9SGregory Neil Shapiro	e->e_to = NULL;
06f25ae9SGregory Neil Shapiro	return rcode;
c2aa98e2SPeter Wemm}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  MARKFAILURE -- mark a failure on a specific address.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		e -- the envelope we are sending.
c2aa98e2SPeter Wemm**		q -- the address to mark.
c2aa98e2SPeter Wemm**		mci -- mailer connection information.
c2aa98e2SPeter Wemm**		rcode -- the code signifying the particular failure.
06f25ae9SGregory Neil Shapiro**		ovr -- override an existing code?
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		none.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		marks the address (and possibly the envelope) with the
c2aa98e2SPeter Wemm**			failure so that an error will be returned or
c2aa98e2SPeter Wemm**			the message will be queued, as appropriate.
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapirostatic void
06f25ae9SGregory Neil Shapiromarkfailure(e, q, mci, rcode, ovr)
c2aa98e2SPeter Wemm	register ENVELOPE *e;
c2aa98e2SPeter Wemm	register ADDRESS *q;
c2aa98e2SPeter Wemm	register MCI *mci;
c2aa98e2SPeter Wemm	int rcode;
06f25ae9SGregory Neil Shapiro	bool ovr;
c2aa98e2SPeter Wemm{
06f25ae9SGregory Neil Shapiro	char *status = NULL;
06f25ae9SGregory Neil Shapiro	char *rstatus = NULL;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	switch (rcode)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm	  case EX_OK:
c2aa98e2SPeter Wemm		break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	  case EX_TEMPFAIL:
c2aa98e2SPeter Wemm	  case EX_IOERR:
c2aa98e2SPeter Wemm	  case EX_OSERR:
06f25ae9SGregory Neil Shapiro		q->q_state = QS_QUEUEUP;
c2aa98e2SPeter Wemm		break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	  default:
06f25ae9SGregory Neil Shapiro		q->q_state = QS_BADADDR;
c2aa98e2SPeter Wemm		break;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* find most specific error code possible */
c2aa98e2SPeter Wemm	if (mci != NULL && mci->mci_status != NULL)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		status = mci->mci_status;
c2aa98e2SPeter Wemm		if (mci->mci_rstatus != NULL)
06f25ae9SGregory Neil Shapiro			rstatus = newstr(mci->mci_rstatus);
c2aa98e2SPeter Wemm		else
06f25ae9SGregory Neil Shapiro			rstatus = NULL;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else if (e->e_status != NULL)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		status = e->e_status;
06f25ae9SGregory Neil Shapiro		rstatus = NULL;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		switch (rcode)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm		  case EX_USAGE:
06f25ae9SGregory Neil Shapiro			status = "5.5.4";
c2aa98e2SPeter Wemm			break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		  case EX_DATAERR:
06f25ae9SGregory Neil Shapiro			status = "5.5.2";
c2aa98e2SPeter Wemm			break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		  case EX_NOUSER:
06f25ae9SGregory Neil Shapiro			status = "5.1.1";
c2aa98e2SPeter Wemm			break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		  case EX_NOHOST:
06f25ae9SGregory Neil Shapiro			status = "5.1.2";
c2aa98e2SPeter Wemm			break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		  case EX_NOINPUT:
c2aa98e2SPeter Wemm		  case EX_CANTCREAT:
c2aa98e2SPeter Wemm		  case EX_NOPERM:
06f25ae9SGregory Neil Shapiro			status = "5.3.0";
c2aa98e2SPeter Wemm			break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		  case EX_UNAVAILABLE:
c2aa98e2SPeter Wemm		  case EX_SOFTWARE:
c2aa98e2SPeter Wemm		  case EX_OSFILE:
c2aa98e2SPeter Wemm		  case EX_PROTOCOL:
c2aa98e2SPeter Wemm		  case EX_CONFIG:
06f25ae9SGregory Neil Shapiro			status = "5.5.0";
c2aa98e2SPeter Wemm			break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		  case EX_OSERR:
c2aa98e2SPeter Wemm		  case EX_IOERR:
06f25ae9SGregory Neil Shapiro			status = "4.5.0";
c2aa98e2SPeter Wemm			break;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		  case EX_TEMPFAIL:
06f25ae9SGregory Neil Shapiro			status = "4.2.0";
c2aa98e2SPeter Wemm			break;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	/* new status? */
06f25ae9SGregory Neil Shapiro	if (status != NULL && *status != '\0' && (ovr || q->q_status == NULL ||
06f25ae9SGregory Neil Shapiro	    *q->q_status == '\0' || *q->q_status < *status))
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		q->q_status = status;
06f25ae9SGregory Neil Shapiro		q->q_rstatus = rstatus;
06f25ae9SGregory Neil Shapiro	}
c2aa98e2SPeter Wemm	if (rcode != EX_OK && q->q_rstatus == NULL &&
c2aa98e2SPeter Wemm	    q->q_mailer != NULL && q->q_mailer->m_diagtype != NULL &&
06f25ae9SGregory Neil Shapiro	    strcasecmp(q->q_mailer->m_diagtype, "X-UNIX") == 0)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		char buf[16];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		(void) snprintf(buf, sizeof buf, "%d", rcode);
c2aa98e2SPeter Wemm		q->q_rstatus = newstr(buf);
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	q->q_statdate = curtime();
06f25ae9SGregory Neil Shapiro	if (CurHostName != NULL && CurHostName[0] != '\0' &&
06f25ae9SGregory Neil Shapiro	    mci != NULL && !bitset(M_LOCALMAILER, mci->mci_flags))
06f25ae9SGregory Neil Shapiro		q->q_statmta = newstr(CurHostName);
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  ENDMAILER -- Wait for mailer to terminate.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	We should never get fatal errors (e.g., segmentation
c2aa98e2SPeter Wemm**	violation), so we report those specially.  For other
c2aa98e2SPeter Wemm**	errors, we choose a status message (into statmsg),
c2aa98e2SPeter Wemm**	and if it represents an error, we print it.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		pid -- pid of mailer.
c2aa98e2SPeter Wemm**		e -- the current envelope.
c2aa98e2SPeter Wemm**		pv -- the parameter vector that invoked the mailer
c2aa98e2SPeter Wemm**			(for error messages).
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		exit code of mailer.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		none.
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapirostatic jmp_buf	EndWaitTimeout;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapirostatic void
06f25ae9SGregory Neil Shapiroendwaittimeout()
06f25ae9SGregory Neil Shapiro{
06f25ae9SGregory Neil Shapiro	errno = ETIMEDOUT;
06f25ae9SGregory Neil Shapiro	longjmp(EndWaitTimeout, 1);
06f25ae9SGregory Neil Shapiro}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemmint
c2aa98e2SPeter Wemmendmailer(mci, e, pv)
c2aa98e2SPeter Wemm	register MCI *mci;
c2aa98e2SPeter Wemm	register ENVELOPE *e;
c2aa98e2SPeter Wemm	char **pv;
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	int st;
06f25ae9SGregory Neil Shapiro	int save_errno = errno;
06f25ae9SGregory Neil Shapiro	char buf[MAXLINE];
06f25ae9SGregory Neil Shapiro	EVENT *ev = NULL;
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	mci_unlock_host(mci);
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro#if SASL
06f25ae9SGregory Neil Shapiro	/* shutdown SASL */
06f25ae9SGregory Neil Shapiro	if (bitset(MCIF_AUTHACT, mci->mci_flags))
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		sasl_dispose(&mci->mci_conn);
06f25ae9SGregory Neil Shapiro		mci->mci_flags &= ~MCIF_AUTHACT;
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro#endif /* SASL */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro#if STARTTLS
06f25ae9SGregory Neil Shapiro	/* shutdown TLS */
06f25ae9SGregory Neil Shapiro	(void) endtlsclt(mci);
06f25ae9SGregory Neil Shapiro#endif /* STARTTLS */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* close output to mailer */
c2aa98e2SPeter Wemm	if (mci->mci_out != NULL)
06f25ae9SGregory Neil Shapiro		(void) fclose(mci->mci_out);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* copy any remaining input to transcript */
06f25ae9SGregory Neil Shapiro	if (mci->mci_in != NULL && mci->mci_state != MCIS_ERROR &&
06f25ae9SGregory Neil Shapiro	    e->e_xfp != NULL)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		while (sfgets(buf, sizeof buf, mci->mci_in,
06f25ae9SGregory Neil Shapiro		       TimeOuts.to_quit, "Draining Input") != NULL)
06f25ae9SGregory Neil Shapiro			(void) fputs(buf, e->e_xfp);
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* now close the input */
06f25ae9SGregory Neil Shapiro	if (mci->mci_in != NULL)
06f25ae9SGregory Neil Shapiro		(void) fclose(mci->mci_in);
c2aa98e2SPeter Wemm	mci->mci_in = mci->mci_out = NULL;
c2aa98e2SPeter Wemm	mci->mci_state = MCIS_CLOSED;
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	errno = save_errno;
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	/* in the IPC case there is nothing to wait for */
c2aa98e2SPeter Wemm	if (mci->mci_pid == 0)
06f25ae9SGregory Neil Shapiro		return EX_OK;
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	/* put a timeout around the wait */
06f25ae9SGregory Neil Shapiro	if (mci->mci_mailer->m_wait > 0)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		if (setjmp(EndWaitTimeout) == 0)
06f25ae9SGregory Neil Shapiro			ev = setevent(mci->mci_mailer->m_wait,
06f25ae9SGregory Neil Shapiro				      endwaittimeout, 0);
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro		{
42e5d165SGregory Neil Shapiro			syserr("endmailer %s: wait timeout (%ld)",
06f25ae9SGregory Neil Shapiro			       mci->mci_mailer->m_name,
42e5d165SGregory Neil Shapiro			       (long) mci->mci_mailer->m_wait);
06f25ae9SGregory Neil Shapiro			return EX_TEMPFAIL;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro	}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	/* wait for the mailer process, collect status */
c2aa98e2SPeter Wemm	st = waitfor(mci->mci_pid);
06f25ae9SGregory Neil Shapiro	save_errno = errno;
06f25ae9SGregory Neil Shapiro	if (ev != NULL)
06f25ae9SGregory Neil Shapiro		clrevent(ev);
06f25ae9SGregory Neil Shapiro	errno = save_errno;
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	if (st == -1)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		syserr("endmailer %s: wait", mci->mci_mailer->m_name);
06f25ae9SGregory Neil Shapiro		return EX_SOFTWARE;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (WIFEXITED(st))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* normal death -- return status */
c2aa98e2SPeter Wemm		return (WEXITSTATUS(st));
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* it died a horrid death */
06f25ae9SGregory Neil Shapiro	syserr("451 4.3.0 mailer %s died with signal %d%s",
06f25ae9SGregory Neil Shapiro		mci->mci_mailer->m_name, WTERMSIG(st),
06f25ae9SGregory Neil Shapiro		WCOREDUMP(st) ? " (core dumped)" :
06f25ae9SGregory Neil Shapiro		(WIFSTOPPED(st) ? " (stopped)" : ""));
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* log the arguments */
c2aa98e2SPeter Wemm	if (pv != NULL && e->e_xfp != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		register char **av;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		fprintf(e->e_xfp, "Arguments:");
c2aa98e2SPeter Wemm		for (av = pv; *av != NULL; av++)
c2aa98e2SPeter Wemm			fprintf(e->e_xfp, " %s", *av);
c2aa98e2SPeter Wemm		fprintf(e->e_xfp, "\n");
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	ExitStat = EX_TEMPFAIL;
06f25ae9SGregory Neil Shapiro	return EX_TEMPFAIL;
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  GIVERESPONSE -- Interpret an error response from a mailer
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
06f25ae9SGregory Neil Shapiro**		status -- the status code from the mailer (high byte
c2aa98e2SPeter Wemm**			only; core dumps must have been taken care of
c2aa98e2SPeter Wemm**			already).
06f25ae9SGregory Neil Shapiro**		dsn -- the DSN associated with the address, if any.
c2aa98e2SPeter Wemm**		m -- the mailer info for this mailer.
c2aa98e2SPeter Wemm**		mci -- the mailer connection info -- can be NULL if the
c2aa98e2SPeter Wemm**			response is given before the connection is made.
c2aa98e2SPeter Wemm**		ctladdr -- the controlling address for the recipient
c2aa98e2SPeter Wemm**			address(es).
c2aa98e2SPeter Wemm**		xstart -- the transaction start time, for computing
c2aa98e2SPeter Wemm**			transaction delays.
c2aa98e2SPeter Wemm**		e -- the current envelope.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		none.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		Errors may be incremented.
c2aa98e2SPeter Wemm**		ExitStat may be set.
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmvoid
06f25ae9SGregory Neil Shapirogiveresponse(status, dsn, m, mci, ctladdr, xstart, e)
06f25ae9SGregory Neil Shapiro	int status;
06f25ae9SGregory Neil Shapiro	char *dsn;
c2aa98e2SPeter Wemm	register MAILER *m;
c2aa98e2SPeter Wemm	register MCI *mci;
c2aa98e2SPeter Wemm	ADDRESS *ctladdr;
c2aa98e2SPeter Wemm	time_t xstart;
c2aa98e2SPeter Wemm	ENVELOPE *e;
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	register const char *statmsg;
c2aa98e2SPeter Wemm	extern char *SysExMsg[];
c2aa98e2SPeter Wemm	register int i;
06f25ae9SGregory Neil Shapiro	int errnum = errno;
06f25ae9SGregory Neil Shapiro	int off = 4;
c2aa98e2SPeter Wemm	extern int N_SysEx;
06f25ae9SGregory Neil Shapiro	char dsnbuf[ENHSCLEN];
c2aa98e2SPeter Wemm	char buf[MAXLINE];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (e == NULL)
c2aa98e2SPeter Wemm		syserr("giveresponse: null envelope");
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Compute status message from code.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	i = status - EX__BASE;
06f25ae9SGregory Neil Shapiro	if (status == 0)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		statmsg = "250 2.0.0 Sent";
c2aa98e2SPeter Wemm		if (e->e_statmsg != NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			(void) snprintf(buf, sizeof buf, "%s (%s)",
06f25ae9SGregory Neil Shapiro					statmsg,
06f25ae9SGregory Neil Shapiro					shortenstring(e->e_statmsg, 403));
c2aa98e2SPeter Wemm			statmsg = buf;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else if (i < 0 || i >= N_SysEx)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		(void) snprintf(buf, sizeof buf,
06f25ae9SGregory Neil Shapiro				"554 5.3.0 unknown mailer error %d",
06f25ae9SGregory Neil Shapiro				status);
06f25ae9SGregory Neil Shapiro		status = EX_UNAVAILABLE;
c2aa98e2SPeter Wemm		statmsg = buf;
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro	else if (status == EX_TEMPFAIL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		char *bp = buf;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		snprintf(bp, SPACELEFT(buf, bp), "%s", SysExMsg[i] + 1);
c2aa98e2SPeter Wemm		bp += strlen(bp);
c2aa98e2SPeter Wemm#if NAMED_BIND
c2aa98e2SPeter Wemm		if (h_errno == TRY_AGAIN)
c2aa98e2SPeter Wemm			statmsg = errstring(h_errno+E_DNSBASE);
c2aa98e2SPeter Wemm		else
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			if (errnum != 0)
06f25ae9SGregory Neil Shapiro				statmsg = errstring(errnum);
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm#if SMTP
c2aa98e2SPeter Wemm				statmsg = SmtpError;
c2aa98e2SPeter Wemm#else /* SMTP */
c2aa98e2SPeter Wemm				statmsg = NULL;
c2aa98e2SPeter Wemm#endif /* SMTP */
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		if (statmsg != NULL && statmsg[0] != '\0')
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			switch (errnum)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro#ifdef ENETDOWN
06f25ae9SGregory Neil Shapiro			  case ENETDOWN:	/* Network is down */
06f25ae9SGregory Neil Shapiro#endif /* ENETDOWN */
06f25ae9SGregory Neil Shapiro#ifdef ENETUNREACH
06f25ae9SGregory Neil Shapiro			  case ENETUNREACH:	/* Network is unreachable */
06f25ae9SGregory Neil Shapiro#endif /* ENETUNREACH */
06f25ae9SGregory Neil Shapiro#ifdef ENETRESET
06f25ae9SGregory Neil Shapiro			  case ENETRESET:	/* Network dropped connection on reset */
06f25ae9SGregory Neil Shapiro#endif /* ENETRESET */
06f25ae9SGregory Neil Shapiro#ifdef ECONNABORTED
06f25ae9SGregory Neil Shapiro			  case ECONNABORTED:	/* Software caused connection abort */
06f25ae9SGregory Neil Shapiro#endif /* ECONNABORTED */
06f25ae9SGregory Neil Shapiro#ifdef EHOSTDOWN
06f25ae9SGregory Neil Shapiro			  case EHOSTDOWN:	/* Host is down */
06f25ae9SGregory Neil Shapiro#endif /* EHOSTDOWN */
06f25ae9SGregory Neil Shapiro#ifdef EHOSTUNREACH
06f25ae9SGregory Neil Shapiro			  case EHOSTUNREACH:	/* No route to host */
06f25ae9SGregory Neil Shapiro#endif /* EHOSTUNREACH */
06f25ae9SGregory Neil Shapiro				if (mci->mci_host != NULL)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					snprintf(bp, SPACELEFT(buf, bp),
06f25ae9SGregory Neil Shapiro						 ": %s", mci->mci_host);
06f25ae9SGregory Neil Shapiro					bp += strlen(bp);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro				break;
06f25ae9SGregory Neil Shapiro			}
c2aa98e2SPeter Wemm			snprintf(bp, SPACELEFT(buf, bp), ": %s", statmsg);
06f25ae9SGregory Neil Shapiro		}
c2aa98e2SPeter Wemm		statmsg = buf;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm#if NAMED_BIND
06f25ae9SGregory Neil Shapiro	else if (status == EX_NOHOST && h_errno != 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		statmsg = errstring(h_errno + E_DNSBASE);
c2aa98e2SPeter Wemm		(void) snprintf(buf, sizeof buf, "%s (%s)",
c2aa98e2SPeter Wemm			SysExMsg[i] + 1, statmsg);
c2aa98e2SPeter Wemm		statmsg = buf;
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
c2aa98e2SPeter Wemm	else
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		statmsg = SysExMsg[i];
06f25ae9SGregory Neil Shapiro		if (*statmsg++ == ':' && errnum != 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			(void) snprintf(buf, sizeof buf, "%s: %s",
06f25ae9SGregory Neil Shapiro				statmsg, errstring(errnum));
c2aa98e2SPeter Wemm			statmsg = buf;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Print the message as appropriate
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	if (status == EX_OK || status == EX_TEMPFAIL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		extern char MsgBuf[];
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		if ((off = isenhsc(statmsg + 4, ' ')) > 0)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			if (dsn == NULL)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				snprintf(dsnbuf, sizeof dsnbuf,
06f25ae9SGregory Neil Shapiro					 "%.*s", off, statmsg + 4);
06f25ae9SGregory Neil Shapiro				dsn = dsnbuf;
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			off += 5;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			off = 4;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		message("%s", statmsg + off);
06f25ae9SGregory Neil Shapiro		if (status == EX_TEMPFAIL && e->e_xfp != NULL)
c2aa98e2SPeter Wemm			fprintf(e->e_xfp, "%s\n", &MsgBuf[4]);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		char mbuf[ENHSCLEN + 4];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		Errors++;
06f25ae9SGregory Neil Shapiro		if ((off = isenhsc(statmsg + 4, ' ')) > 0 &&
06f25ae9SGregory Neil Shapiro		    off < sizeof mbuf - 4)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			if (dsn == NULL)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				snprintf(dsnbuf, sizeof dsnbuf,
06f25ae9SGregory Neil Shapiro					 "%.*s", off, statmsg + 4);
06f25ae9SGregory Neil Shapiro				dsn = dsnbuf;
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			off += 5;
06f25ae9SGregory Neil Shapiro			(void) strlcpy(mbuf, statmsg, off);
06f25ae9SGregory Neil Shapiro			(void) strlcat(mbuf, " %s", sizeof mbuf);
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			dsnbuf[0] = '\0';
06f25ae9SGregory Neil Shapiro			(void) snprintf(mbuf, sizeof mbuf, "%.3s %%s", statmsg);
06f25ae9SGregory Neil Shapiro			off = 4;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		usrerr(mbuf, &statmsg[off]);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Final cleanup.
c2aa98e2SPeter Wemm	**	Log a record of the transaction.  Compute the new
c2aa98e2SPeter Wemm	**	ExitStat -- if we already had an error, stick with
c2aa98e2SPeter Wemm	**	that.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (OpMode != MD_VERIFY && !bitset(EF_VRFYONLY, e->e_flags) &&
06f25ae9SGregory Neil Shapiro	    LogLevel > ((status == EX_TEMPFAIL) ? 8 : (status == EX_OK) ? 7 : 6))
06f25ae9SGregory Neil Shapiro		logdelivery(m, mci, dsn, statmsg + off, ctladdr, xstart, e);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(11, 2))
06f25ae9SGregory Neil Shapiro		dprintf("giveresponse: status=%d, dsn=%s, e->e_message=%s\n",
06f25ae9SGregory Neil Shapiro			status,
06f25ae9SGregory Neil Shapiro			dsn == NULL ? "<NULL>" : dsn,
06f25ae9SGregory Neil Shapiro			e->e_message == NULL ? "<NULL>" : e->e_message);
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	if (status != EX_TEMPFAIL)
06f25ae9SGregory Neil Shapiro		setstat(status);
06f25ae9SGregory Neil Shapiro	if (status != EX_OK && (status != EX_TEMPFAIL || e->e_message == NULL))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		if (e->e_message != NULL)
c2aa98e2SPeter Wemm			free(e->e_message);
06f25ae9SGregory Neil Shapiro		e->e_message = newstr(statmsg + off);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	errno = 0;
c2aa98e2SPeter Wemm#if NAMED_BIND
602a2b1bSGregory Neil Shapiro	SM_SET_H_ERRNO(0);
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  LOGDELIVERY -- log the delivery in the system log
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Care is taken to avoid logging lines that are too long, because
c2aa98e2SPeter Wemm**	some versions of syslog have an unfortunate proclivity for core
c2aa98e2SPeter Wemm**	dumping.  This is a hack, to be sure, that is at best empirical.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		m -- the mailer info.  Can be NULL for initial queue.
c2aa98e2SPeter Wemm**		mci -- the mailer connection info -- can be NULL if the
06f25ae9SGregory Neil Shapiro**			log is occurring when no connection is active.
06f25ae9SGregory Neil Shapiro**		dsn -- the DSN attached to the status.
06f25ae9SGregory Neil Shapiro**		status -- the message to print for the status.
c2aa98e2SPeter Wemm**		ctladdr -- the controlling address for the to list.
c2aa98e2SPeter Wemm**		xstart -- the transaction start time, used for
c2aa98e2SPeter Wemm**			computing transaction delay.
c2aa98e2SPeter Wemm**		e -- the current envelope.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		none
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		none
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmvoid
06f25ae9SGregory Neil Shapirologdelivery(m, mci, dsn, status, ctladdr, xstart, e)
c2aa98e2SPeter Wemm	MAILER *m;
c2aa98e2SPeter Wemm	register MCI *mci;
06f25ae9SGregory Neil Shapiro	char *dsn;
06f25ae9SGregory Neil Shapiro	const char *status;
c2aa98e2SPeter Wemm	ADDRESS *ctladdr;
c2aa98e2SPeter Wemm	time_t xstart;
c2aa98e2SPeter Wemm	register ENVELOPE *e;
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	register char *bp;
c2aa98e2SPeter Wemm	register char *p;
c2aa98e2SPeter Wemm	int l;
193538b7SGregory Neil Shapiro	time_t now;
c2aa98e2SPeter Wemm	char buf[1024];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if (SYSLOG_BUFSIZE) >= 256
c2aa98e2SPeter Wemm	/* ctladdr: max 106 bytes */
c2aa98e2SPeter Wemm	bp = buf;
c2aa98e2SPeter Wemm	if (ctladdr != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		snprintf(bp, SPACELEFT(buf, bp), ", ctladdr=%s",
c2aa98e2SPeter Wemm			 shortenstring(ctladdr->q_paddr, 83));
c2aa98e2SPeter Wemm		bp += strlen(bp);
c2aa98e2SPeter Wemm		if (bitset(QGOODUID, ctladdr->q_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			(void) snprintf(bp, SPACELEFT(buf, bp), " (%d/%d)",
06f25ae9SGregory Neil Shapiro					(int) ctladdr->q_uid,
06f25ae9SGregory Neil Shapiro					(int) ctladdr->q_gid);
c2aa98e2SPeter Wemm			bp += strlen(bp);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* delay & xdelay: max 41 bytes */
193538b7SGregory Neil Shapiro	now = curtime();
c2aa98e2SPeter Wemm	snprintf(bp, SPACELEFT(buf, bp), ", delay=%s",
193538b7SGregory Neil Shapiro		 pintvl(now - e->e_ctime, TRUE));
c2aa98e2SPeter Wemm	bp += strlen(bp);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (xstart != (time_t) 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		snprintf(bp, SPACELEFT(buf, bp), ", xdelay=%s",
193538b7SGregory Neil Shapiro			 pintvl(now - xstart, TRUE));
c2aa98e2SPeter Wemm		bp += strlen(bp);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* mailer: assume about 19 bytes (max 10 byte mailer name) */
c2aa98e2SPeter Wemm	if (m != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		snprintf(bp, SPACELEFT(buf, bp), ", mailer=%s", m->m_name);
c2aa98e2SPeter Wemm		bp += strlen(bp);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	/* pri: changes with each delivery attempt */
06f25ae9SGregory Neil Shapiro	snprintf(bp, SPACELEFT(buf, bp), ", pri=%ld", e->e_msgpriority);
06f25ae9SGregory Neil Shapiro	bp += strlen(bp);
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	/* relay: max 66 bytes for IPv4 addresses */
c2aa98e2SPeter Wemm	if (mci != NULL && mci->mci_host != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm# if DAEMON
c2aa98e2SPeter Wemm		extern SOCKADDR CurHostAddr;
06f25ae9SGregory Neil Shapiro# endif /* DAEMON */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		snprintf(bp, SPACELEFT(buf, bp), ", relay=%s",
c2aa98e2SPeter Wemm			 shortenstring(mci->mci_host, 40));
c2aa98e2SPeter Wemm		bp += strlen(bp);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm# if DAEMON
c2aa98e2SPeter Wemm		if (CurHostAddr.sa.sa_family != 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			snprintf(bp, SPACELEFT(buf, bp), " [%s]",
c2aa98e2SPeter Wemm				 anynet_ntoa(&CurHostAddr));
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro# endif /* DAEMON */
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro	else if (strcmp(status, "queued") != 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		p = macvalue('h', e);
c2aa98e2SPeter Wemm		if (p != NULL && p[0] != '\0')
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			snprintf(bp, SPACELEFT(buf, bp), ", relay=%s",
c2aa98e2SPeter Wemm				 shortenstring(p, 40));
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	bp += strlen(bp);
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	/* dsn */
06f25ae9SGregory Neil Shapiro	if (dsn != NULL && *dsn != '\0')
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		snprintf(bp, SPACELEFT(buf, bp), ", dsn=%s",
06f25ae9SGregory Neil Shapiro			 shortenstring(dsn, ENHSCLEN));
06f25ae9SGregory Neil Shapiro		bp += strlen(bp);
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm# define STATLEN		(((SYSLOG_BUFSIZE) - 100) / 4)
c2aa98e2SPeter Wemm# if (STATLEN) < 63
c2aa98e2SPeter Wemm#  undef STATLEN
c2aa98e2SPeter Wemm#  define STATLEN	63
06f25ae9SGregory Neil Shapiro# endif /* (STATLEN) < 63 */
c2aa98e2SPeter Wemm# if (STATLEN) > 203
c2aa98e2SPeter Wemm#  undef STATLEN
c2aa98e2SPeter Wemm#  define STATLEN	203
06f25ae9SGregory Neil Shapiro# endif /* (STATLEN) > 203 */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* stat: max 210 bytes */
c2aa98e2SPeter Wemm	if ((bp - buf) > (sizeof buf - ((STATLEN) + 20)))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* desperation move -- truncate data */
c2aa98e2SPeter Wemm		bp = buf + sizeof buf - ((STATLEN) + 17);
06f25ae9SGregory Neil Shapiro		(void) strlcpy(bp, "...", SPACELEFT(buf, bp));
c2aa98e2SPeter Wemm		bp += 3;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	(void) strlcpy(bp, ", stat=", SPACELEFT(buf, bp));
c2aa98e2SPeter Wemm	bp += strlen(bp);
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	(void) strlcpy(bp, shortenstring(status, STATLEN), SPACELEFT(buf, bp));
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* id, to: max 13 + TOBUFSIZE bytes */
c2aa98e2SPeter Wemm	l = SYSLOG_BUFSIZE - 100 - strlen(buf);
06f25ae9SGregory Neil Shapiro	p = e->e_to == NULL ? "NO-TO-LIST" : e->e_to;
c2aa98e2SPeter Wemm	while (strlen(p) >= (SIZE_T) l)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		register char *q;
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro		for (q = p + l; q > p; q--)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			if (*q == ',')
06f25ae9SGregory Neil Shapiro				break;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		if (p == q)
06f25ae9SGregory Neil Shapiro			break;
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
06f25ae9SGregory Neil Shapiro		q = strchr(p + l, ',');
c2aa98e2SPeter Wemm		if (q == NULL)
c2aa98e2SPeter Wemm			break;
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		sm_syslog(LOG_INFO, e->e_id,
c2aa98e2SPeter Wemm			  "to=%.*s [more]%s",
42e5d165SGregory Neil Shapiro			  (int) (++q - p), p, buf);
c2aa98e2SPeter Wemm		p = q;
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro	sm_syslog(LOG_INFO, e->e_id, "to=%.*s%s", l, p, buf);
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm	sm_syslog(LOG_INFO, e->e_id, "to=%s%s", p, buf);
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro#else /* (SYSLOG_BUFSIZE) >= 256 */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	l = SYSLOG_BUFSIZE - 85;
06f25ae9SGregory Neil Shapiro	p = e->e_to == NULL ? "NO-TO-LIST" : e->e_to;
c2aa98e2SPeter Wemm	while (strlen(p) >= (SIZE_T) l)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		register char *q;
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro		for (q = p + l; q > p; q--)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			if (*q == ',')
06f25ae9SGregory Neil Shapiro				break;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		if (p == q)
06f25ae9SGregory Neil Shapiro			break;
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
06f25ae9SGregory Neil Shapiro		q = strchr(p + l, ',');
c2aa98e2SPeter Wemm		if (q == NULL)
c2aa98e2SPeter Wemm			break;
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		sm_syslog(LOG_INFO, e->e_id,
c2aa98e2SPeter Wemm			  "to=%.*s [more]",
42e5d165SGregory Neil Shapiro			  (int) (++q - p), p);
c2aa98e2SPeter Wemm		p = q;
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro#if _FFR_DYNAMIC_TOBUF
06f25ae9SGregory Neil Shapiro	sm_syslog(LOG_INFO, e->e_id, "to=%.*s", l, p);
06f25ae9SGregory Neil Shapiro#else /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm	sm_syslog(LOG_INFO, e->e_id, "to=%s", p);
06f25ae9SGregory Neil Shapiro#endif /* _FFR_DYNAMIC_TOBUF */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (ctladdr != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		bp = buf;
c2aa98e2SPeter Wemm		snprintf(bp, SPACELEFT(buf, bp), "ctladdr=%s",
c2aa98e2SPeter Wemm			 shortenstring(ctladdr->q_paddr, 83));
c2aa98e2SPeter Wemm		bp += strlen(bp);
c2aa98e2SPeter Wemm		if (bitset(QGOODUID, ctladdr->q_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			(void) snprintf(bp, SPACELEFT(buf, bp), " (%d/%d)",
c2aa98e2SPeter Wemm					ctladdr->q_uid, ctladdr->q_gid);
c2aa98e2SPeter Wemm			bp += strlen(bp);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		sm_syslog(LOG_INFO, e->e_id, "%s", buf);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	bp = buf;
c2aa98e2SPeter Wemm	snprintf(bp, SPACELEFT(buf, bp), "delay=%s",
193538b7SGregory Neil Shapiro		 pintvl(now - e->e_ctime, TRUE));
c2aa98e2SPeter Wemm	bp += strlen(bp);
c2aa98e2SPeter Wemm	if (xstart != (time_t) 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		snprintf(bp, SPACELEFT(buf, bp), ", xdelay=%s",
193538b7SGregory Neil Shapiro			 pintvl(now - xstart, TRUE));
c2aa98e2SPeter Wemm		bp += strlen(bp);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (m != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		snprintf(bp, SPACELEFT(buf, bp), ", mailer=%s", m->m_name);
c2aa98e2SPeter Wemm		bp += strlen(bp);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	sm_syslog(LOG_INFO, e->e_id, "%.1000s", buf);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	buf[0] = '\0';
c2aa98e2SPeter Wemm	bp = buf;
c2aa98e2SPeter Wemm	if (mci != NULL && mci->mci_host != NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm# if DAEMON
c2aa98e2SPeter Wemm		extern SOCKADDR CurHostAddr;
06f25ae9SGregory Neil Shapiro# endif /* DAEMON */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		snprintf(bp, SPACELEFT(buf, bp), "relay=%.100s", mci->mci_host);
c2aa98e2SPeter Wemm		bp += strlen(bp);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm# if DAEMON
c2aa98e2SPeter Wemm		if (CurHostAddr.sa.sa_family != 0)
c2aa98e2SPeter Wemm			snprintf(bp, SPACELEFT(buf, bp), " [%.100s]",
c2aa98e2SPeter Wemm				anynet_ntoa(&CurHostAddr));
06f25ae9SGregory Neil Shapiro# endif /* DAEMON */
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro	else if (strcmp(status, "queued") != 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		p = macvalue('h', e);
c2aa98e2SPeter Wemm		if (p != NULL && p[0] != '\0')
c2aa98e2SPeter Wemm			snprintf(buf, sizeof buf, "relay=%.100s", p);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	if (buf[0] != '\0')
c2aa98e2SPeter Wemm		sm_syslog(LOG_INFO, e->e_id, "%.1000s", buf);
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro	sm_syslog(LOG_INFO, e->e_id, "stat=%s", shortenstring(status, 63));
06f25ae9SGregory Neil Shapiro#endif /* (SYSLOG_BUFSIZE) >= 256 */
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  PUTFROMLINE -- output a UNIX-style from line (or whatever)
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	This can be made an arbitrary message separator by changing $l
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	One of the ugliest hacks seen by human eyes is contained herein:
c2aa98e2SPeter Wemm**	UUCP wants those stupid "remote from <host>" lines.  Why oh why
c2aa98e2SPeter Wemm**	does a well-meaning programmer such as myself have to deal with
c2aa98e2SPeter Wemm**	this kind of antique garbage????
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		mci -- the connection information.
c2aa98e2SPeter Wemm**		e -- the envelope.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		none
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		outputs some text to fp.
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmvoid
c2aa98e2SPeter Wemmputfromline(mci, e)
c2aa98e2SPeter Wemm	register MCI *mci;
c2aa98e2SPeter Wemm	ENVELOPE *e;
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	char *template = UnixFromLine;
c2aa98e2SPeter Wemm	char buf[MAXLINE];
c2aa98e2SPeter Wemm	char xbuf[MAXLINE];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (bitnset(M_NHDR, mci->mci_mailer->m_flags))
c2aa98e2SPeter Wemm		return;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	mci->mci_flags |= MCIF_INHEADER;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (bitnset(M_UGLYUUCP, mci->mci_mailer->m_flags))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		char *bang;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		expand("\201g", buf, sizeof buf, e);
c2aa98e2SPeter Wemm		bang = strchr(buf, '!');
c2aa98e2SPeter Wemm		if (bang == NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			char *at;
c2aa98e2SPeter Wemm			char hname[MAXNAME];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/*
c2aa98e2SPeter Wemm			**  If we can construct a UUCP path, do so
c2aa98e2SPeter Wemm			*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			at = strrchr(buf, '@');
c2aa98e2SPeter Wemm			if (at == NULL)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				expand("\201k", hname, sizeof hname, e);
c2aa98e2SPeter Wemm				at = hname;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm				*at++ = '\0';
c2aa98e2SPeter Wemm			(void) snprintf(xbuf, sizeof xbuf,
c2aa98e2SPeter Wemm				"From %.800s  \201d remote from %.100s\n",
c2aa98e2SPeter Wemm				buf, at);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			*bang++ = '\0';
c2aa98e2SPeter Wemm			(void) snprintf(xbuf, sizeof xbuf,
c2aa98e2SPeter Wemm				"From %.800s  \201d remote from %.100s\n",
c2aa98e2SPeter Wemm				bang, buf);
c2aa98e2SPeter Wemm			template = xbuf;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	expand(template, buf, sizeof buf, e);
c2aa98e2SPeter Wemm	putxline(buf, strlen(buf), mci, PXLF_HEADER);
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  PUTBODY -- put the body of a message.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		mci -- the connection information.
c2aa98e2SPeter Wemm**		e -- the envelope to put out.
c2aa98e2SPeter Wemm**		separator -- if non-NULL, a message separator that must
c2aa98e2SPeter Wemm**			not be permitted in the resulting message.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		none.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		The message is written onto fp.
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm/* values for output state variable */
c2aa98e2SPeter Wemm#define OS_HEAD		0	/* at beginning of line */
c2aa98e2SPeter Wemm#define OS_CR		1	/* read a carriage return */
c2aa98e2SPeter Wemm#define OS_INLINE	2	/* putting rest of line */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmvoid
c2aa98e2SPeter Wemmputbody(mci, e, separator)
c2aa98e2SPeter Wemm	register MCI *mci;
c2aa98e2SPeter Wemm	register ENVELOPE *e;
c2aa98e2SPeter Wemm	char *separator;
c2aa98e2SPeter Wemm{
06f25ae9SGregory Neil Shapiro	bool dead = FALSE;
c2aa98e2SPeter Wemm	char buf[MAXLINE];
065a643dSPeter Wemm	char *boundaries[MAXMIMENESTING + 1];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Output the body of the message
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (e->e_dfp == NULL && bitset(EF_HAS_DF, e->e_flags))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		char *df = queuename(e, 'd');
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		e->e_dfp = fopen(df, "r");
c2aa98e2SPeter Wemm		if (e->e_dfp == NULL)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			char *msg = "!putbody: Cannot open %s for %s from %s";
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			if (errno == ENOENT)
06f25ae9SGregory Neil Shapiro				msg++;
06f25ae9SGregory Neil Shapiro			syserr(msg, df, e->e_to, e->e_from.q_paddr);
06f25ae9SGregory Neil Shapiro		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	if (e->e_dfp == NULL)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		if (bitset(MCIF_INHEADER, mci->mci_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			putline("", mci);
c2aa98e2SPeter Wemm			mci->mci_flags &= ~MCIF_INHEADER;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		putline("<<< No Message Collected >>>", mci);
c2aa98e2SPeter Wemm		goto endofmessage;
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	if (e->e_dfino == (ino_t) 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		struct stat stbuf;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (fstat(fileno(e->e_dfp), &stbuf) < 0)
c2aa98e2SPeter Wemm			e->e_dfino = -1;
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			e->e_dfdev = stbuf.st_dev;
c2aa98e2SPeter Wemm			e->e_dfino = stbuf.st_ino;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* paranoia: the df file should always be in a rewound state */
06f25ae9SGregory Neil Shapiro	(void) bfrewind(e->e_dfp);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if MIME8TO7
c2aa98e2SPeter Wemm	if (bitset(MCIF_CVT8TO7, mci->mci_flags))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/*
c2aa98e2SPeter Wemm		**  Do 8 to 7 bit MIME conversion.
c2aa98e2SPeter Wemm		*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* make sure it looks like a MIME message */
c2aa98e2SPeter Wemm		if (hvalue("MIME-Version", e->e_header) == NULL)
c2aa98e2SPeter Wemm			putline("MIME-Version: 1.0", mci);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (hvalue("Content-Type", e->e_header) == NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			snprintf(buf, sizeof buf,
c2aa98e2SPeter Wemm				"Content-Type: text/plain; charset=%s",
c2aa98e2SPeter Wemm				defcharset(e));
c2aa98e2SPeter Wemm			putline(buf, mci);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* now do the hard work */
c2aa98e2SPeter Wemm		boundaries[0] = NULL;
c2aa98e2SPeter Wemm		mci->mci_flags |= MCIF_INHEADER;
06f25ae9SGregory Neil Shapiro		(void) mime8to7(mci, e->e_header, e, boundaries, M87F_OUTER);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm# if MIME7TO8
c2aa98e2SPeter Wemm	else if (bitset(MCIF_CVT7TO8, mci->mci_flags))
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		(void) mime7to8(mci, e->e_header, e);
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro# endif /* MIME7TO8 */
065a643dSPeter Wemm	else if (MaxMimeHeaderLength > 0 || MaxMimeFieldLength > 0)
065a643dSPeter Wemm	{
06f25ae9SGregory Neil Shapiro		bool oldsuprerrs = SuprErrs;
06f25ae9SGregory Neil Shapiro
065a643dSPeter Wemm		/* Use mime8to7 to check multipart for MIME header overflows */
065a643dSPeter Wemm		boundaries[0] = NULL;
065a643dSPeter Wemm		mci->mci_flags |= MCIF_INHEADER;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		/*
06f25ae9SGregory Neil Shapiro		**  If EF_DONT_MIME is set, we have a broken MIME message
06f25ae9SGregory Neil Shapiro		**  and don't want to generate a new bounce message whose
06f25ae9SGregory Neil Shapiro		**  body propagates the broken MIME.  We can't just not call
06f25ae9SGregory Neil Shapiro		**  mime8to7() as is done above since we need the security
06f25ae9SGregory Neil Shapiro		**  checks.  The best we can do is suppress the errors.
06f25ae9SGregory Neil Shapiro		*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (bitset(EF_DONT_MIME, e->e_flags))
06f25ae9SGregory Neil Shapiro			SuprErrs = TRUE;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		(void) mime8to7(mci, e->e_header, e, boundaries,
06f25ae9SGregory Neil Shapiro				M87F_OUTER|M87F_NO8TO7);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		/* restore SuprErrs */
06f25ae9SGregory Neil Shapiro		SuprErrs = oldsuprerrs;
065a643dSPeter Wemm	}
c2aa98e2SPeter Wemm	else
06f25ae9SGregory Neil Shapiro#endif /* MIME8TO7 */
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		int ostate;
c2aa98e2SPeter Wemm		register char *bp;
c2aa98e2SPeter Wemm		register char *pbp;
c2aa98e2SPeter Wemm		register int c;
c2aa98e2SPeter Wemm		register char *xp;
c2aa98e2SPeter Wemm		int padc;
c2aa98e2SPeter Wemm		char *buflim;
c2aa98e2SPeter Wemm		int pos = 0;
06f25ae9SGregory Neil Shapiro		char peekbuf[12];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (bitset(MCIF_INHEADER, mci->mci_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			putline("", mci);
c2aa98e2SPeter Wemm			mci->mci_flags &= ~MCIF_INHEADER;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* determine end of buffer; allow for short mailer lines */
c2aa98e2SPeter Wemm		buflim = &buf[sizeof buf - 1];
c2aa98e2SPeter Wemm		if (mci->mci_mailer->m_linelimit > 0 &&
c2aa98e2SPeter Wemm		    mci->mci_mailer->m_linelimit < sizeof buf - 1)
c2aa98e2SPeter Wemm			buflim = &buf[mci->mci_mailer->m_linelimit - 1];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* copy temp file to output with mapping */
c2aa98e2SPeter Wemm		ostate = OS_HEAD;
c2aa98e2SPeter Wemm		bp = buf;
c2aa98e2SPeter Wemm		pbp = peekbuf;
06f25ae9SGregory Neil Shapiro		while (!ferror(mci->mci_out) && !dead)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (pbp > peekbuf)
c2aa98e2SPeter Wemm				c = *--pbp;
c2aa98e2SPeter Wemm			else if ((c = getc(e->e_dfp)) == EOF)
c2aa98e2SPeter Wemm				break;
c2aa98e2SPeter Wemm			if (bitset(MCIF_7BIT, mci->mci_flags))
c2aa98e2SPeter Wemm				c &= 0x7f;
c2aa98e2SPeter Wemm			switch (ostate)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm			  case OS_HEAD:
c2aa98e2SPeter Wemm#if _FFR_NONULLS
c2aa98e2SPeter Wemm				if (c == '\0' &&
c2aa98e2SPeter Wemm				    bitnset(M_NONULLS, mci->mci_mailer->m_flags))
c2aa98e2SPeter Wemm					break;
06f25ae9SGregory Neil Shapiro#endif /* _FFR_NONULLS */
c2aa98e2SPeter Wemm				if (c != '\r' && c != '\n' && bp < buflim)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					*bp++ = c;
c2aa98e2SPeter Wemm					break;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				/* check beginning of line for special cases */
c2aa98e2SPeter Wemm				*bp = '\0';
c2aa98e2SPeter Wemm				pos = 0;
c2aa98e2SPeter Wemm				padc = EOF;
c2aa98e2SPeter Wemm				if (buf[0] == 'F' &&
c2aa98e2SPeter Wemm				    bitnset(M_ESCFROM, mci->mci_mailer->m_flags) &&
c2aa98e2SPeter Wemm				    strncmp(buf, "From ", 5) == 0)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					padc = '>';
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				if (buf[0] == '-' && buf[1] == '-' &&
c2aa98e2SPeter Wemm				    separator != NULL)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					/* possible separator */
c2aa98e2SPeter Wemm					int sl = strlen(separator);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm					if (strncmp(&buf[2], separator, sl) == 0)
c2aa98e2SPeter Wemm						padc = ' ';
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				if (buf[0] == '.' &&
c2aa98e2SPeter Wemm				    bitnset(M_XDOT, mci->mci_mailer->m_flags))
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					padc = '.';
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				/* now copy out saved line */
c2aa98e2SPeter Wemm				if (TrafficLogFile != NULL)
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					fprintf(TrafficLogFile, "%05d >>> ",
c2aa98e2SPeter Wemm						(int) getpid());
c2aa98e2SPeter Wemm					if (padc != EOF)
06f25ae9SGregory Neil Shapiro						(void) putc(padc,
06f25ae9SGregory Neil Shapiro							    TrafficLogFile);
c2aa98e2SPeter Wemm					for (xp = buf; xp < bp; xp++)
06f25ae9SGregory Neil Shapiro						(void) putc((unsigned char) *xp,
06f25ae9SGregory Neil Shapiro							    TrafficLogFile);
c2aa98e2SPeter Wemm					if (c == '\n')
06f25ae9SGregory Neil Shapiro						(void) fputs(mci->mci_mailer->m_eol,
c2aa98e2SPeter Wemm						      TrafficLogFile);
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				if (padc != EOF)
c2aa98e2SPeter Wemm				{
06f25ae9SGregory Neil Shapiro					if (putc(padc, mci->mci_out) == EOF)
06f25ae9SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro						dead = TRUE;
06f25ae9SGregory Neil Shapiro						continue;
06f25ae9SGregory Neil Shapiro					}
193538b7SGregory Neil Shapiro					else
193538b7SGregory Neil Shapiro					{
193538b7SGregory Neil Shapiro						/* record progress for DATA timeout */
193538b7SGregory Neil Shapiro						DataProgress = TRUE;
193538b7SGregory Neil Shapiro					}
c2aa98e2SPeter Wemm					pos++;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				for (xp = buf; xp < bp; xp++)
c2aa98e2SPeter Wemm				{
06f25ae9SGregory Neil Shapiro					if (putc((unsigned char) *xp,
06f25ae9SGregory Neil Shapiro						 mci->mci_out) == EOF)
06f25ae9SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro						dead = TRUE;
06f25ae9SGregory Neil Shapiro						break;
c2aa98e2SPeter Wemm					}
193538b7SGregory Neil Shapiro					else
193538b7SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro						/* record progress for DATA timeout */
06f25ae9SGregory Neil Shapiro						DataProgress = TRUE;
06f25ae9SGregory Neil Shapiro					}
193538b7SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro				if (dead)
06f25ae9SGregory Neil Shapiro					continue;
c2aa98e2SPeter Wemm				if (c == '\n')
c2aa98e2SPeter Wemm				{
06f25ae9SGregory Neil Shapiro					if (fputs(mci->mci_mailer->m_eol,
06f25ae9SGregory Neil Shapiro						  mci->mci_out) == EOF)
06f25ae9SGregory Neil Shapiro						break;
193538b7SGregory Neil Shapiro					else
193538b7SGregory Neil Shapiro					{
193538b7SGregory Neil Shapiro						/* record progress for DATA timeout */
193538b7SGregory Neil Shapiro						DataProgress = TRUE;
193538b7SGregory Neil Shapiro					}
c2aa98e2SPeter Wemm					pos = 0;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					pos += bp - buf;
c2aa98e2SPeter Wemm					if (c != '\r')
c2aa98e2SPeter Wemm						*pbp++ = c;
c2aa98e2SPeter Wemm				}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm				bp = buf;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				/* determine next state */
c2aa98e2SPeter Wemm				if (c == '\n')
c2aa98e2SPeter Wemm					ostate = OS_HEAD;
c2aa98e2SPeter Wemm				else if (c == '\r')
c2aa98e2SPeter Wemm					ostate = OS_CR;
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm					ostate = OS_INLINE;
c2aa98e2SPeter Wemm				continue;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			  case OS_CR:
c2aa98e2SPeter Wemm				if (c == '\n')
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					/* got CRLF */
06f25ae9SGregory Neil Shapiro					if (fputs(mci->mci_mailer->m_eol,
06f25ae9SGregory Neil Shapiro						  mci->mci_out) == EOF)
06f25ae9SGregory Neil Shapiro						continue;
193538b7SGregory Neil Shapiro					else
193538b7SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro						/* record progress for DATA timeout */
06f25ae9SGregory Neil Shapiro						DataProgress = TRUE;
193538b7SGregory Neil Shapiro					}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm					if (TrafficLogFile != NULL)
c2aa98e2SPeter Wemm					{
06f25ae9SGregory Neil Shapiro						(void) fputs(mci->mci_mailer->m_eol,
c2aa98e2SPeter Wemm							     TrafficLogFile);
c2aa98e2SPeter Wemm					}
c2aa98e2SPeter Wemm					ostate = OS_HEAD;
c2aa98e2SPeter Wemm					continue;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				/* had a naked carriage return */
c2aa98e2SPeter Wemm				*pbp++ = c;
c2aa98e2SPeter Wemm				c = '\r';
c2aa98e2SPeter Wemm				ostate = OS_INLINE;
c2aa98e2SPeter Wemm				goto putch;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			  case OS_INLINE:
c2aa98e2SPeter Wemm				if (c == '\r')
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					ostate = OS_CR;
c2aa98e2SPeter Wemm					continue;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm#if _FFR_NONULLS
c2aa98e2SPeter Wemm				if (c == '\0' &&
c2aa98e2SPeter Wemm				    bitnset(M_NONULLS, mci->mci_mailer->m_flags))
c2aa98e2SPeter Wemm					break;
06f25ae9SGregory Neil Shapiro#endif /* _FFR_NONULLS */
c2aa98e2SPeter Wemmputch:
c2aa98e2SPeter Wemm				if (mci->mci_mailer->m_linelimit > 0 &&
06f25ae9SGregory Neil Shapiro				    pos >= mci->mci_mailer->m_linelimit - 1 &&
c2aa98e2SPeter Wemm				    c != '\n')
c2aa98e2SPeter Wemm				{
06f25ae9SGregory Neil Shapiro					int d;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro					/* check next character for EOL */
06f25ae9SGregory Neil Shapiro					if (pbp > peekbuf)
06f25ae9SGregory Neil Shapiro						d = *(pbp - 1);
06f25ae9SGregory Neil Shapiro					else if ((d = getc(e->e_dfp)) != EOF)
06f25ae9SGregory Neil Shapiro						*pbp++ = d;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro					if (d == '\n' || d == EOF)
06f25ae9SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro						if (TrafficLogFile != NULL)
06f25ae9SGregory Neil Shapiro							(void) putc((unsigned char) c,
06f25ae9SGregory Neil Shapiro							    TrafficLogFile);
06f25ae9SGregory Neil Shapiro						if (putc((unsigned char) c,
06f25ae9SGregory Neil Shapiro							 mci->mci_out) == EOF)
06f25ae9SGregory Neil Shapiro						{
06f25ae9SGregory Neil Shapiro							dead = TRUE;
06f25ae9SGregory Neil Shapiro							continue;
06f25ae9SGregory Neil Shapiro						}
193538b7SGregory Neil Shapiro						else
193538b7SGregory Neil Shapiro						{
193538b7SGregory Neil Shapiro							/* record progress for DATA timeout */
193538b7SGregory Neil Shapiro							DataProgress = TRUE;
193538b7SGregory Neil Shapiro						}
06f25ae9SGregory Neil Shapiro						pos++;
06f25ae9SGregory Neil Shapiro						continue;
06f25ae9SGregory Neil Shapiro					}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro					if (putc('!', mci->mci_out) == EOF ||
06f25ae9SGregory Neil Shapiro					    fputs(mci->mci_mailer->m_eol,
06f25ae9SGregory Neil Shapiro						  mci->mci_out) == EOF)
06f25ae9SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro						dead = TRUE;
06f25ae9SGregory Neil Shapiro						continue;
06f25ae9SGregory Neil Shapiro					}
193538b7SGregory Neil Shapiro					else
193538b7SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro						/* record progress for DATA timeout */
06f25ae9SGregory Neil Shapiro						DataProgress = TRUE;
193538b7SGregory Neil Shapiro					}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm					if (TrafficLogFile != NULL)
c2aa98e2SPeter Wemm					{
c2aa98e2SPeter Wemm						fprintf(TrafficLogFile, "!%s",
c2aa98e2SPeter Wemm							mci->mci_mailer->m_eol);
c2aa98e2SPeter Wemm					}
c2aa98e2SPeter Wemm					ostate = OS_HEAD;
c2aa98e2SPeter Wemm					*pbp++ = c;
c2aa98e2SPeter Wemm					continue;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				if (c == '\n')
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					if (TrafficLogFile != NULL)
06f25ae9SGregory Neil Shapiro						(void) fputs(mci->mci_mailer->m_eol,
c2aa98e2SPeter Wemm						      TrafficLogFile);
06f25ae9SGregory Neil Shapiro					if (fputs(mci->mci_mailer->m_eol,
06f25ae9SGregory Neil Shapiro						  mci->mci_out) == EOF)
06f25ae9SGregory Neil Shapiro						continue;
193538b7SGregory Neil Shapiro					else
193538b7SGregory Neil Shapiro					{
193538b7SGregory Neil Shapiro						/* record progress for DATA timeout */
193538b7SGregory Neil Shapiro						DataProgress = TRUE;
193538b7SGregory Neil Shapiro					}
c2aa98e2SPeter Wemm					pos = 0;
c2aa98e2SPeter Wemm					ostate = OS_HEAD;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm				{
c2aa98e2SPeter Wemm					if (TrafficLogFile != NULL)
06f25ae9SGregory Neil Shapiro						(void) putc((unsigned char) c,
06f25ae9SGregory Neil Shapiro							    TrafficLogFile);
06f25ae9SGregory Neil Shapiro					if (putc((unsigned char) c,
06f25ae9SGregory Neil Shapiro						 mci->mci_out) == EOF)
06f25ae9SGregory Neil Shapiro					{
06f25ae9SGregory Neil Shapiro						dead = TRUE;
06f25ae9SGregory Neil Shapiro						continue;
06f25ae9SGregory Neil Shapiro					}
193538b7SGregory Neil Shapiro					else
193538b7SGregory Neil Shapiro					{
193538b7SGregory Neil Shapiro						/* record progress for DATA timeout */
193538b7SGregory Neil Shapiro						DataProgress = TRUE;
193538b7SGregory Neil Shapiro					}
c2aa98e2SPeter Wemm					pos++;
c2aa98e2SPeter Wemm					ostate = OS_INLINE;
c2aa98e2SPeter Wemm				}
c2aa98e2SPeter Wemm				break;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* make sure we are at the beginning of a line */
c2aa98e2SPeter Wemm		if (bp > buf)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (TrafficLogFile != NULL)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				for (xp = buf; xp < bp; xp++)
06f25ae9SGregory Neil Shapiro					(void) putc((unsigned char) *xp,
06f25ae9SGregory Neil Shapiro						    TrafficLogFile);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			for (xp = buf; xp < bp; xp++)
c2aa98e2SPeter Wemm			{
06f25ae9SGregory Neil Shapiro				if (putc((unsigned char) *xp, mci->mci_out) ==
06f25ae9SGregory Neil Shapiro				    EOF)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					dead = TRUE;
06f25ae9SGregory Neil Shapiro					break;
06f25ae9SGregory Neil Shapiro				}
193538b7SGregory Neil Shapiro				else
193538b7SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					/* record progress for DATA timeout */
06f25ae9SGregory Neil Shapiro					DataProgress = TRUE;
c2aa98e2SPeter Wemm				}
193538b7SGregory Neil Shapiro			}
c2aa98e2SPeter Wemm			pos += bp - buf;
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro		if (!dead && pos > 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (TrafficLogFile != NULL)
06f25ae9SGregory Neil Shapiro				(void) fputs(mci->mci_mailer->m_eol,
06f25ae9SGregory Neil Shapiro					     TrafficLogFile);
06f25ae9SGregory Neil Shapiro			(void) fputs(mci->mci_mailer->m_eol, mci->mci_out);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			/* record progress for DATA timeout */
06f25ae9SGregory Neil Shapiro			DataProgress = TRUE;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (ferror(e->e_dfp))
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		syserr("putbody: %s/df%s: read error",
06f25ae9SGregory Neil Shapiro		       qid_printqueue(e->e_queuedir), e->e_id);
c2aa98e2SPeter Wemm		ExitStat = EX_IOERR;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmendofmessage:
06f25ae9SGregory Neil Shapiro	/*
06f25ae9SGregory Neil Shapiro	**  Since mailfile() uses e_dfp in a child process,
06f25ae9SGregory Neil Shapiro	**  the file offset in the stdio library for the
06f25ae9SGregory Neil Shapiro	**  parent process will not agree with the in-kernel
06f25ae9SGregory Neil Shapiro	**  file offset since the file descriptor is shared
06f25ae9SGregory Neil Shapiro	**  between the processes.  Therefore, it is vital
06f25ae9SGregory Neil Shapiro	**  that the file always be rewound.  This forces the
06f25ae9SGregory Neil Shapiro	**  kernel offset (lseek) and stdio library (ftell)
06f25ae9SGregory Neil Shapiro	**  offset to match.
06f25ae9SGregory Neil Shapiro	*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	if (e->e_dfp != NULL)
06f25ae9SGregory Neil Shapiro		(void) bfrewind(e->e_dfp);
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	/* some mailers want extra blank line at end of message */
06f25ae9SGregory Neil Shapiro	if (!dead && bitnset(M_BLANKEND, mci->mci_mailer->m_flags) &&
c2aa98e2SPeter Wemm	    buf[0] != '\0' && buf[0] != '\n')
c2aa98e2SPeter Wemm		putline("", mci);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	(void) fflush(mci->mci_out);
c2aa98e2SPeter Wemm	if (ferror(mci->mci_out) && errno != EPIPE)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		syserr("putbody: write error");
c2aa98e2SPeter Wemm		ExitStat = EX_IOERR;
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm	errno = 0;
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  MAILFILE -- Send a message to a file.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	If the file has the setuid/setgid bits set, but NO execute
c2aa98e2SPeter Wemm**	bits, sendmail will try to become the owner of that file
c2aa98e2SPeter Wemm**	rather than the real user.  Obviously, this only works if
c2aa98e2SPeter Wemm**	sendmail runs as root.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	This could be done as a subordinate mailer, except that it
c2aa98e2SPeter Wemm**	is used implicitly to save messages in ~/dead.letter.  We
c2aa98e2SPeter Wemm**	view this as being sufficiently important as to include it
c2aa98e2SPeter Wemm**	here.  For example, if the system is dying, we shouldn't have
c2aa98e2SPeter Wemm**	to create another process plus some pipes to save the message.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		filename -- the name of the file to send to.
c2aa98e2SPeter Wemm**		mailer -- mailer definition for recipient -- if NULL,
c2aa98e2SPeter Wemm**			use FileMailer.
c2aa98e2SPeter Wemm**		ctladdr -- the controlling address header -- includes
c2aa98e2SPeter Wemm**			the userid/groupid to be when sending.
c2aa98e2SPeter Wemm**		sfflags -- flags for opening.
c2aa98e2SPeter Wemm**		e -- the current envelope.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		The exit code associated with the operation.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		none.
c2aa98e2SPeter Wemm*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmstatic jmp_buf	CtxMailfileTimeout;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmint
c2aa98e2SPeter Wemmmailfile(filename, mailer, ctladdr, sfflags, e)
c2aa98e2SPeter Wemm	char *volatile filename;
c2aa98e2SPeter Wemm	MAILER *volatile mailer;
c2aa98e2SPeter Wemm	ADDRESS *ctladdr;
06f25ae9SGregory Neil Shapiro	volatile long sfflags;
c2aa98e2SPeter Wemm	register ENVELOPE *e;
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	register FILE *f;
c2aa98e2SPeter Wemm	register pid_t pid = -1;
06f25ae9SGregory Neil Shapiro	volatile int mode;
06f25ae9SGregory Neil Shapiro	int len;
06f25ae9SGregory Neil Shapiro	off_t curoff;
c2aa98e2SPeter Wemm	bool suidwarn = geteuid() == 0;
c2aa98e2SPeter Wemm	char *p;
06f25ae9SGregory Neil Shapiro	char *volatile realfile;
c2aa98e2SPeter Wemm	EVENT *ev;
06f25ae9SGregory Neil Shapiro	char buf[MAXLINE + 1];
06f25ae9SGregory Neil Shapiro	char targetfile[MAXPATHLEN + 1];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (tTd(11, 1))
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro		dprintf("mailfile %s\n  ctladdr=", filename);
c2aa98e2SPeter Wemm		printaddr(ctladdr, FALSE);
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (mailer == NULL)
c2aa98e2SPeter Wemm		mailer = FileMailer;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (e->e_xfp != NULL)
06f25ae9SGregory Neil Shapiro		(void) fflush(e->e_xfp);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Special case /dev/null.  This allows us to restrict file
c2aa98e2SPeter Wemm	**  delivery to regular files only.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (strcmp(filename, "/dev/null") == 0)
c2aa98e2SPeter Wemm		return EX_OK;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/* check for 8-bit available */
c2aa98e2SPeter Wemm	if (bitset(EF_HAS8BIT, e->e_flags) &&
c2aa98e2SPeter Wemm	    bitnset(M_7BITS, mailer->m_flags) &&
c2aa98e2SPeter Wemm	    (bitset(EF_DONT_MIME, e->e_flags) ||
c2aa98e2SPeter Wemm	     !(bitset(MM_MIME8BIT, MimeMode) ||
c2aa98e2SPeter Wemm	       (bitset(EF_IS_MIME, e->e_flags) &&
c2aa98e2SPeter Wemm		bitset(MM_CVTMIME, MimeMode)))))
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		e->e_status = "5.6.3";
06f25ae9SGregory Neil Shapiro		usrerrenh(e->e_status,
06f25ae9SGregory Neil Shapiro		       "554 Cannot send 8-bit data to 7-bit destination");
06f25ae9SGregory Neil Shapiro		return EX_DATAERR;
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* Find the actual file */
06f25ae9SGregory Neil Shapiro	if (SafeFileEnv != NULL && SafeFileEnv[0] != '\0')
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		len = strlen(SafeFileEnv);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (strncmp(SafeFileEnv, filename, len) == 0)
06f25ae9SGregory Neil Shapiro			filename += len;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (len + strlen(filename) + 1 > MAXPATHLEN)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			syserr("mailfile: filename too long (%s/%s)",
06f25ae9SGregory Neil Shapiro			       SafeFileEnv, filename);
06f25ae9SGregory Neil Shapiro			return EX_CANTCREAT;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		(void) strlcpy(targetfile, SafeFileEnv, sizeof targetfile);
06f25ae9SGregory Neil Shapiro		realfile = targetfile + len;
06f25ae9SGregory Neil Shapiro		if (targetfile[len - 1] != '/')
06f25ae9SGregory Neil Shapiro			(void) strlcat(targetfile, "/", sizeof targetfile);
06f25ae9SGregory Neil Shapiro		if (*filename == '/')
06f25ae9SGregory Neil Shapiro			filename++;
06f25ae9SGregory Neil Shapiro		(void) strlcat(targetfile, filename, sizeof targetfile);
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro	else if (mailer->m_rootdir != NULL)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		expand(mailer->m_rootdir, targetfile, sizeof targetfile, e);
06f25ae9SGregory Neil Shapiro		len = strlen(targetfile);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (strncmp(targetfile, filename, len) == 0)
06f25ae9SGregory Neil Shapiro			filename += len;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (len + strlen(filename) + 1 > MAXPATHLEN)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			syserr("mailfile: filename too long (%s/%s)",
06f25ae9SGregory Neil Shapiro			       targetfile, filename);
06f25ae9SGregory Neil Shapiro			return EX_CANTCREAT;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		realfile = targetfile + len;
06f25ae9SGregory Neil Shapiro		if (targetfile[len - 1] != '/')
06f25ae9SGregory Neil Shapiro			(void) strlcat(targetfile, "/", sizeof targetfile);
06f25ae9SGregory Neil Shapiro		if (*filename == '/')
06f25ae9SGregory Neil Shapiro			(void) strlcat(targetfile, filename + 1,
06f25ae9SGregory Neil Shapiro				       sizeof targetfile);
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro			(void) strlcat(targetfile, filename, sizeof targetfile);
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro	else
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		if (strlen(filename) > MAXPATHLEN)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			syserr("mailfile: filename too long (%s)", filename);
06f25ae9SGregory Neil Shapiro			return EX_CANTCREAT;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		(void) strlcpy(targetfile, filename, sizeof targetfile);
06f25ae9SGregory Neil Shapiro		realfile = targetfile;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Fork so we can change permissions here.
c2aa98e2SPeter Wemm	**	Note that we MUST use fork, not vfork, because of
c2aa98e2SPeter Wemm	**	the complications of calling subroutines, etc.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	DOFORK(fork);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	if (pid < 0)
06f25ae9SGregory Neil Shapiro		return EX_OSERR;
c2aa98e2SPeter Wemm	else if (pid == 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* child -- actually write to file */
c2aa98e2SPeter Wemm		struct stat stb;
c2aa98e2SPeter Wemm		MCI mcibuf;
065a643dSPeter Wemm		int err;
c2aa98e2SPeter Wemm		volatile int oflags = O_WRONLY|O_APPEND;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (e->e_lockfp != NULL)
c2aa98e2SPeter Wemm			(void) close(fileno(e->e_lockfp));
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		(void) setsignal(SIGINT, SIG_DFL);
c2aa98e2SPeter Wemm		(void) setsignal(SIGHUP, SIG_DFL);
c2aa98e2SPeter Wemm		(void) setsignal(SIGTERM, SIG_DFL);
c2aa98e2SPeter Wemm		(void) umask(OldUmask);
c2aa98e2SPeter Wemm		e->e_to = filename;
c2aa98e2SPeter Wemm		ExitStat = EX_OK;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (setjmp(CtxMailfileTimeout) != 0)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			exit(EX_TEMPFAIL);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (TimeOuts.to_fileopen > 0)
c2aa98e2SPeter Wemm			ev = setevent(TimeOuts.to_fileopen, mailfiletimeout, 0);
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm			ev = NULL;
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		/* check file mode to see if setuid */
06f25ae9SGregory Neil Shapiro		if (stat(targetfile, &stb) < 0)
c2aa98e2SPeter Wemm			mode = FileMode;
06f25ae9SGregory Neil Shapiro		else
c2aa98e2SPeter Wemm			mode = stb.st_mode;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* limit the errors to those actually caused in the child */
c2aa98e2SPeter Wemm		errno = 0;
c2aa98e2SPeter Wemm		ExitStat = EX_OK;
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		/* Allow alias expansions to use the S_IS{U,G}ID bits */
06f25ae9SGregory Neil Shapiro		if ((ctladdr != NULL && !bitset(QALIAS, ctladdr->q_flags)) ||
06f25ae9SGregory Neil Shapiro		    bitset(SFF_RUNASREALUID, sfflags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* ignore setuid and setgid bits */
c2aa98e2SPeter Wemm			mode &= ~(S_ISGID|S_ISUID);
06f25ae9SGregory Neil Shapiro			if (tTd(11, 20))
06f25ae9SGregory Neil Shapiro				dprintf("mailfile: ignoring setuid/setgid bits\n");
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* we have to open the dfile BEFORE setuid */
c2aa98e2SPeter Wemm		if (e->e_dfp == NULL && bitset(EF_HAS_DF, e->e_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			char *df = queuename(e, 'd');
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			e->e_dfp = fopen(df, "r");
c2aa98e2SPeter Wemm			if (e->e_dfp == NULL)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				syserr("mailfile: Cannot open %s for %s from %s",
c2aa98e2SPeter Wemm					df, e->e_to, e->e_from.q_paddr);
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* select a new user to run as */
c2aa98e2SPeter Wemm		if (!bitset(SFF_RUNASREALUID, sfflags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (bitnset(M_SPECIFIC_UID, mailer->m_flags))
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				RealUserName = NULL;
c2aa98e2SPeter Wemm				RealUid = mailer->m_uid;
06f25ae9SGregory Neil Shapiro				if (RunAsUid != 0 && RealUid != RunAsUid)
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					/* Only root can change the uid */
06f25ae9SGregory Neil Shapiro					syserr("mailfile: insufficient privileges to change uid");
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else if (bitset(S_ISUID, mode))
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				RealUserName = NULL;
c2aa98e2SPeter Wemm				RealUid = stb.st_uid;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else if (ctladdr != NULL && ctladdr->q_uid != 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				if (ctladdr->q_ruser != NULL)
c2aa98e2SPeter Wemm					RealUserName = ctladdr->q_ruser;
c2aa98e2SPeter Wemm				else
c2aa98e2SPeter Wemm					RealUserName = ctladdr->q_user;
c2aa98e2SPeter Wemm				RealUid = ctladdr->q_uid;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else if (mailer != NULL && mailer->m_uid != 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				RealUserName = DefUser;
c2aa98e2SPeter Wemm				RealUid = mailer->m_uid;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				RealUserName = DefUser;
c2aa98e2SPeter Wemm				RealUid = DefUid;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			/* select a new group to run as */
c2aa98e2SPeter Wemm			if (bitnset(M_SPECIFIC_UID, mailer->m_flags))
06f25ae9SGregory Neil Shapiro			{
c2aa98e2SPeter Wemm				RealGid = mailer->m_gid;
06f25ae9SGregory Neil Shapiro				if (RunAsUid != 0 &&
06f25ae9SGregory Neil Shapiro				    (RealGid != getgid() ||
06f25ae9SGregory Neil Shapiro				     RealGid != getegid()))
06f25ae9SGregory Neil Shapiro				{
06f25ae9SGregory Neil Shapiro					/* Only root can change the gid */
06f25ae9SGregory Neil Shapiro					syserr("mailfile: insufficient privileges to change gid");
06f25ae9SGregory Neil Shapiro					exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro				}
06f25ae9SGregory Neil Shapiro			}
c2aa98e2SPeter Wemm			else if (bitset(S_ISGID, mode))
c2aa98e2SPeter Wemm				RealGid = stb.st_gid;
06f25ae9SGregory Neil Shapiro			else if (ctladdr != NULL &&
06f25ae9SGregory Neil Shapiro				 ctladdr->q_uid == DefUid &&
06f25ae9SGregory Neil Shapiro				 ctladdr->q_gid == 0)
193538b7SGregory Neil Shapiro			{
193538b7SGregory Neil Shapiro				/*
193538b7SGregory Neil Shapiro				**  Special case:  This means it is an
193538b7SGregory Neil Shapiro				**  alias and we should act as DefaultUser.
193538b7SGregory Neil Shapiro				**  See alias()'s comments.
193538b7SGregory Neil Shapiro				*/
193538b7SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				RealGid = DefGid;
193538b7SGregory Neil Shapiro				RealUserName = DefUser;
193538b7SGregory Neil Shapiro			}
193538b7SGregory Neil Shapiro			else if (ctladdr != NULL && ctladdr->q_uid != 0)
193538b7SGregory Neil Shapiro				RealGid = ctladdr->q_gid;
c2aa98e2SPeter Wemm			else if (mailer != NULL && mailer->m_gid != 0)
c2aa98e2SPeter Wemm				RealGid = mailer->m_gid;
c2aa98e2SPeter Wemm			else
c2aa98e2SPeter Wemm				RealGid = DefGid;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* last ditch */
c2aa98e2SPeter Wemm		if (!bitset(SFF_ROOTOK, sfflags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (RealUid == 0)
c2aa98e2SPeter Wemm				RealUid = DefUid;
c2aa98e2SPeter Wemm			if (RealGid == 0)
c2aa98e2SPeter Wemm				RealGid = DefGid;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* set group id list (needs /etc/group access) */
c2aa98e2SPeter Wemm		if (RealUserName != NULL && !DontInitGroups)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			if (initgroups(RealUserName, RealGid) == -1 && suidwarn)
06f25ae9SGregory Neil Shapiro			{
c2aa98e2SPeter Wemm				syserr("mailfile: initgroups(%s, %d) failed",
c2aa98e2SPeter Wemm					RealUserName, RealGid);
06f25ae9SGregory Neil Shapiro				exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			GIDSET_T gidset[1];
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			gidset[0] = RealGid;
c2aa98e2SPeter Wemm			if (setgroups(1, gidset) == -1 && suidwarn)
06f25ae9SGregory Neil Shapiro			{
c2aa98e2SPeter Wemm				syserr("mailfile: setgroups() failed");
06f25ae9SGregory Neil Shapiro				exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		/*
06f25ae9SGregory Neil Shapiro		**  If you have a safe environment, go into it.
06f25ae9SGregory Neil Shapiro		*/
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		if (realfile != targetfile)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			*realfile = '\0';
06f25ae9SGregory Neil Shapiro			if (tTd(11, 20))
06f25ae9SGregory Neil Shapiro				dprintf("mailfile: chroot %s\n", targetfile);
06f25ae9SGregory Neil Shapiro			if (chroot(targetfile) < 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				syserr("mailfile: Cannot chroot(%s)",
06f25ae9SGregory Neil Shapiro				       targetfile);
c2aa98e2SPeter Wemm				exit(EX_CANTCREAT);
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro			*realfile = '/';
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (tTd(11, 40))
06f25ae9SGregory Neil Shapiro			dprintf("mailfile: deliver to %s\n", realfile);
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		if (chdir("/") < 0)
06f25ae9SGregory Neil Shapiro		{
c2aa98e2SPeter Wemm			syserr("mailfile: cannot chdir(/)");
06f25ae9SGregory Neil Shapiro			exit(EX_CANTCREAT);
06f25ae9SGregory Neil Shapiro		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* now reset the group and user ids */
c2aa98e2SPeter Wemm		endpwent();
c2aa98e2SPeter Wemm		if (setgid(RealGid) < 0 && suidwarn)
06f25ae9SGregory Neil Shapiro		{
c2aa98e2SPeter Wemm			syserr("mailfile: setgid(%ld) failed", (long) RealGid);
06f25ae9SGregory Neil Shapiro			exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro		}
c2aa98e2SPeter Wemm		vendor_set_uid(RealUid);
c2aa98e2SPeter Wemm		if (setuid(RealUid) < 0 && suidwarn)
06f25ae9SGregory Neil Shapiro		{
c2aa98e2SPeter Wemm			syserr("mailfile: setuid(%ld) failed", (long) RealUid);
06f25ae9SGregory Neil Shapiro			exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (tTd(11, 2))
06f25ae9SGregory Neil Shapiro			dprintf("mailfile: running as r/euid=%d/%d, r/egid=%d/%d\n",
06f25ae9SGregory Neil Shapiro				(int) getuid(), (int) geteuid(),
06f25ae9SGregory Neil Shapiro				(int) getgid(), (int) getegid());
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* move into some "safe" directory */
c2aa98e2SPeter Wemm		if (mailer->m_execdir != NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			char *q;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm			for (p = mailer->m_execdir; p != NULL; p = q)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				q = strchr(p, ':');
c2aa98e2SPeter Wemm				if (q != NULL)
c2aa98e2SPeter Wemm					*q = '\0';
c2aa98e2SPeter Wemm				expand(p, buf, sizeof buf, e);
c2aa98e2SPeter Wemm				if (q != NULL)
c2aa98e2SPeter Wemm					*q++ = ':';
c2aa98e2SPeter Wemm				if (tTd(11, 20))
06f25ae9SGregory Neil Shapiro					dprintf("mailfile: trydir %s\n", buf);
c2aa98e2SPeter Wemm				if (buf[0] != '\0' && chdir(buf) >= 0)
c2aa98e2SPeter Wemm					break;
c2aa98e2SPeter Wemm			}
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		/*
06f25ae9SGregory Neil Shapiro		**  Recheck the file after we have assumed the ID of the
06f25ae9SGregory Neil Shapiro		**  delivery user to make sure we can deliver to it as
06f25ae9SGregory Neil Shapiro		**  that user.  This is necessary if sendmail is running
06f25ae9SGregory Neil Shapiro		**  as root and the file is on an NFS mount which treats
06f25ae9SGregory Neil Shapiro		**  root as nobody.
06f25ae9SGregory Neil Shapiro		*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro#if HASLSTAT
06f25ae9SGregory Neil Shapiro		if (bitnset(DBS_FILEDELIVERYTOSYMLINK, DontBlameSendmail))
06f25ae9SGregory Neil Shapiro			err = stat(realfile, &stb);
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro			err = lstat(realfile, &stb);
06f25ae9SGregory Neil Shapiro#else /* HASLSTAT */
06f25ae9SGregory Neil Shapiro		err = stat(realfile, &stb);
06f25ae9SGregory Neil Shapiro#endif /* HASLSTAT */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (err < 0)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			stb.st_mode = ST_MODE_NOFILE;
06f25ae9SGregory Neil Shapiro			mode = FileMode;
06f25ae9SGregory Neil Shapiro			oflags |= O_CREAT|O_EXCL;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		else if (bitset(S_IXUSR|S_IXGRP|S_IXOTH, mode) ||
06f25ae9SGregory Neil Shapiro			 (!bitnset(DBS_FILEDELIVERYTOHARDLINK,
06f25ae9SGregory Neil Shapiro				   DontBlameSendmail) &&
06f25ae9SGregory Neil Shapiro			  stb.st_nlink != 1) ||
06f25ae9SGregory Neil Shapiro			 (realfile != targetfile && !S_ISREG(mode)))
06f25ae9SGregory Neil Shapiro			exit(EX_CANTCREAT);
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro			mode = stb.st_mode;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (!bitnset(DBS_FILEDELIVERYTOSYMLINK, DontBlameSendmail))
c2aa98e2SPeter Wemm			sfflags |= SFF_NOSLINK;
06f25ae9SGregory Neil Shapiro		if (!bitnset(DBS_FILEDELIVERYTOHARDLINK, DontBlameSendmail))
c2aa98e2SPeter Wemm			sfflags |= SFF_NOHLINK;
c2aa98e2SPeter Wemm		sfflags &= ~SFF_OPENASROOT;
06f25ae9SGregory Neil Shapiro		f = safefopen(realfile, oflags, mode, sfflags);
c2aa98e2SPeter Wemm		if (f == NULL)
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			if (transienterror(errno))
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				usrerr("454 4.3.0 cannot open %s: %s",
06f25ae9SGregory Neil Shapiro				       shortenstring(realfile, MAXSHORTSTR),
06f25ae9SGregory Neil Shapiro				       errstring(errno));
06f25ae9SGregory Neil Shapiro				exit(EX_TEMPFAIL);
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			else
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				usrerr("554 5.3.0 cannot open %s: %s",
06f25ae9SGregory Neil Shapiro				       shortenstring(realfile, MAXSHORTSTR),
c2aa98e2SPeter Wemm				       errstring(errno));
c2aa98e2SPeter Wemm				exit(EX_CANTCREAT);
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		if (filechanged(realfile, fileno(f), &stb))
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			syserr("554 5.3.0 file changed after open");
c2aa98e2SPeter Wemm			exit(EX_CANTCREAT);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		if (fstat(fileno(f), &stb) < 0)
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			syserr("554 5.3.0 cannot fstat %s", errstring(errno));
c2aa98e2SPeter Wemm			exit(EX_CANTCREAT);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		curoff = stb.st_size;
06f25ae9SGregory Neil Shapiro
c2aa98e2SPeter Wemm		if (ev != NULL)
c2aa98e2SPeter Wemm			clrevent(ev);
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro		memset(&mcibuf, '\0', sizeof mcibuf);
c2aa98e2SPeter Wemm		mcibuf.mci_mailer = mailer;
c2aa98e2SPeter Wemm		mcibuf.mci_out = f;
c2aa98e2SPeter Wemm		if (bitnset(M_7BITS, mailer->m_flags))
c2aa98e2SPeter Wemm			mcibuf.mci_flags |= MCIF_7BIT;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* clear out per-message flags from connection structure */
c2aa98e2SPeter Wemm		mcibuf.mci_flags &= ~(MCIF_CVT7TO8|MCIF_CVT8TO7);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (bitset(EF_HAS8BIT, e->e_flags) &&
c2aa98e2SPeter Wemm		    !bitset(EF_DONT_MIME, e->e_flags) &&
c2aa98e2SPeter Wemm		    bitnset(M_7BITS, mailer->m_flags))
c2aa98e2SPeter Wemm			mcibuf.mci_flags |= MCIF_CVT8TO7;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if MIME7TO8
c2aa98e2SPeter Wemm		if (bitnset(M_MAKE8BIT, mailer->m_flags) &&
c2aa98e2SPeter Wemm		    !bitset(MCIF_7BIT, mcibuf.mci_flags) &&
c2aa98e2SPeter Wemm		    (p = hvalue("Content-Transfer-Encoding", e->e_header)) != NULL &&
c2aa98e2SPeter Wemm		    (strcasecmp(p, "quoted-printable") == 0 ||
c2aa98e2SPeter Wemm		     strcasecmp(p, "base64") == 0) &&
c2aa98e2SPeter Wemm		    (p = hvalue("Content-Type", e->e_header)) != NULL)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* may want to convert 7 -> 8 */
c2aa98e2SPeter Wemm			/* XXX should really parse it here -- and use a class XXX */
c2aa98e2SPeter Wemm			if (strncasecmp(p, "text/plain", 10) == 0 &&
c2aa98e2SPeter Wemm			    (p[10] == '\0' || p[10] == ' ' || p[10] == ';'))
c2aa98e2SPeter Wemm				mcibuf.mci_flags |= MCIF_CVT7TO8;
c2aa98e2SPeter Wemm		}
06f25ae9SGregory Neil Shapiro#endif /* MIME7TO8 */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		putfromline(&mcibuf, e);
2e43090eSPeter Wemm		(*e->e_puthdr)(&mcibuf, e->e_header, e, M87F_OUTER);
c2aa98e2SPeter Wemm		(*e->e_putbody)(&mcibuf, e, NULL);
c2aa98e2SPeter Wemm		putline("\n", &mcibuf);
06f25ae9SGregory Neil Shapiro		if (fflush(f) < 0 ||
06f25ae9SGregory Neil Shapiro		    (SuperSafe && fsync(fileno(f)) < 0) ||
06f25ae9SGregory Neil Shapiro		    ferror(f))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			setstat(EX_IOERR);
06f25ae9SGregory Neil Shapiro#if !NOFTRUNCATE
06f25ae9SGregory Neil Shapiro			(void) ftruncate(fileno(f), curoff);
06f25ae9SGregory Neil Shapiro#endif /* !NOFTRUNCATE */
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		/* reset ISUID & ISGID bits for paranoid systems */
c2aa98e2SPeter Wemm#if HASFCHMOD
06f25ae9SGregory Neil Shapiro		(void) fchmod(fileno(f), (MODE_T) mode);
06f25ae9SGregory Neil Shapiro#else /* HASFCHMOD */
06f25ae9SGregory Neil Shapiro		(void) chmod(filename, (MODE_T) mode);
06f25ae9SGregory Neil Shapiro#endif /* HASFCHMOD */
06f25ae9SGregory Neil Shapiro		if (fclose(f) < 0)
06f25ae9SGregory Neil Shapiro			setstat(EX_IOERR);
c2aa98e2SPeter Wemm		(void) fflush(stdout);
06f25ae9SGregory Neil Shapiro		(void) setuid(RealUid);
c2aa98e2SPeter Wemm		exit(ExitStat);
c2aa98e2SPeter Wemm		/* NOTREACHED */
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	else
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* parent -- wait for exit status */
c2aa98e2SPeter Wemm		int st;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		st = waitfor(pid);
c2aa98e2SPeter Wemm		if (st == -1)
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			syserr("mailfile: %s: wait", mailer->m_name);
06f25ae9SGregory Neil Shapiro			return EX_SOFTWARE;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		if (WIFEXITED(st))
c2aa98e2SPeter Wemm			return (WEXITSTATUS(st));
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			syserr("mailfile: %s: child died on signal %d",
c2aa98e2SPeter Wemm			       mailer->m_name, st);
06f25ae9SGregory Neil Shapiro			return EX_UNAVAILABLE;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		/* NOTREACHED */
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	return EX_UNAVAILABLE;	/* avoid compiler warning on IRIX */
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemmstatic void
c2aa98e2SPeter Wemmmailfiletimeout()
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	longjmp(CtxMailfileTimeout, 1);
c2aa98e2SPeter Wemm}
c2aa98e2SPeter Wemm/*
c2aa98e2SPeter Wemm**  HOSTSIGNATURE -- return the "signature" for a host.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	The signature describes how we are going to send this -- it
c2aa98e2SPeter Wemm**	can be just the hostname (for non-Internet hosts) or can be
c2aa98e2SPeter Wemm**	an ordered list of MX hosts.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Parameters:
c2aa98e2SPeter Wemm**		m -- the mailer describing this host.
c2aa98e2SPeter Wemm**		host -- the host name.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Returns:
c2aa98e2SPeter Wemm**		The signature for this host.
c2aa98e2SPeter Wemm**
c2aa98e2SPeter Wemm**	Side Effects:
c2aa98e2SPeter Wemm**		Can tweak the symbol table.
c2aa98e2SPeter Wemm*/
06f25ae9SGregory Neil Shapiro#define MAXHOSTSIGNATURE	8192	/* max len of hostsignature */
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapirostatic char *
06f25ae9SGregory Neil Shapirohostsignature(m, host)
c2aa98e2SPeter Wemm	register MAILER *m;
c2aa98e2SPeter Wemm	char *host;
c2aa98e2SPeter Wemm{
c2aa98e2SPeter Wemm	register char *p;
c2aa98e2SPeter Wemm	register STAB *s;
06f25ae9SGregory Neil Shapiro#if NAMED_BIND
06f25ae9SGregory Neil Shapiro	char sep = ':';
06f25ae9SGregory Neil Shapiro	char prevsep = ':';
c2aa98e2SPeter Wemm	int i;
c2aa98e2SPeter Wemm	int len;
c2aa98e2SPeter Wemm	int nmx;
06f25ae9SGregory Neil Shapiro	int hl;
193538b7SGregory Neil Shapiro	time_t now;
c2aa98e2SPeter Wemm	char *hp;
c2aa98e2SPeter Wemm	char *endp;
c2aa98e2SPeter Wemm	int oldoptions = _res.options;
c2aa98e2SPeter Wemm	char *mxhosts[MAXMXHOSTS + 1];
06f25ae9SGregory Neil Shapiro	u_short mxprefs[MAXMXHOSTS + 1];
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	if (tTd(17, 3))
06f25ae9SGregory Neil Shapiro		dprintf("hostsignature(%s)\n", host);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/*
06f25ae9SGregory Neil Shapiro	**  If local delivery, just return a constant.
06f25ae9SGregory Neil Shapiro	*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	if (bitnset(M_LOCALMAILER, m->m_flags))
06f25ae9SGregory Neil Shapiro		return "localhost";
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Check to see if this uses IPC -- if not, it can't have MX records.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	p = m->m_mailer;
06f25ae9SGregory Neil Shapiro	if (strcmp(p, "[IPC]") != 0 &&
06f25ae9SGregory Neil Shapiro	    strcmp(p, "[TCP]") != 0)
c2aa98e2SPeter Wemm	{
c2aa98e2SPeter Wemm		/* just an ordinary mailer */
c2aa98e2SPeter Wemm		return host;
c2aa98e2SPeter Wemm	}
06f25ae9SGregory Neil Shapiro#if NETUNIX
06f25ae9SGregory Neil Shapiro	else if (m->m_argv[0] != NULL &&
06f25ae9SGregory Neil Shapiro		 strcmp(m->m_argv[0], "FILE") == 0)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		/* rendezvous in the file system, no MX records */
06f25ae9SGregory Neil Shapiro		return host;
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro#endif /* NETUNIX */
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Look it up in the symbol table.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	s = stab(host, ST_HOSTSIG, ST_ENTER);
c2aa98e2SPeter Wemm	if (s->s_hostsig != NULL)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		if (tTd(17, 3))
06f25ae9SGregory Neil Shapiro			dprintf("hostsignature(): stab(%s) found %s\n", host,
06f25ae9SGregory Neil Shapiro				s->s_hostsig);
c2aa98e2SPeter Wemm		return s->s_hostsig;
06f25ae9SGregory Neil Shapiro	}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm	/*
c2aa98e2SPeter Wemm	**  Not already there -- create a signature.
c2aa98e2SPeter Wemm	*/
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm#if NAMED_BIND
c2aa98e2SPeter Wemm	if (ConfigLevel < 2)
c2aa98e2SPeter Wemm		_res.options &= ~(RES_DEFNAMES | RES_DNSRCH);	/* XXX */
c2aa98e2SPeter Wemm
193538b7SGregory Neil Shapiro	now = curtime();
c2aa98e2SPeter Wemm	for (hp = host; hp != NULL; hp = endp)
c2aa98e2SPeter Wemm	{
06f25ae9SGregory Neil Shapiro#if NETINET6
06f25ae9SGregory Neil Shapiro		if (*hp == '[')
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			endp = strchr(hp + 1, ']');
c2aa98e2SPeter Wemm			if (endp != NULL)
06f25ae9SGregory Neil Shapiro				endp = strpbrk(endp + 1, ":,");
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro			endp = strpbrk(hp, ":,");
06f25ae9SGregory Neil Shapiro#else /* NETINET6 */
06f25ae9SGregory Neil Shapiro		endp = strpbrk(hp, ":,");
06f25ae9SGregory Neil Shapiro#endif /* NETINET6 */
06f25ae9SGregory Neil Shapiro		if (endp != NULL)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			sep = *endp;
c2aa98e2SPeter Wemm			*endp = '\0';
06f25ae9SGregory Neil Shapiro		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		if (bitnset(M_NOMX, m->m_flags))
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			/* skip MX lookups */
c2aa98e2SPeter Wemm			nmx = 1;
c2aa98e2SPeter Wemm			mxhosts[0] = hp;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm		{
c2aa98e2SPeter Wemm			auto int rcode;
c2aa98e2SPeter Wemm
06f25ae9SGregory Neil Shapiro			nmx = getmxrr(hp, mxhosts, mxprefs, TRUE, &rcode);
c2aa98e2SPeter Wemm			if (nmx <= 0)
c2aa98e2SPeter Wemm			{
c2aa98e2SPeter Wemm				register MCI *mci;
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				/* update the connection info for this host */
c2aa98e2SPeter Wemm				mci = mci_get(hp, m);
c2aa98e2SPeter Wemm				mci->mci_errno = errno;
c2aa98e2SPeter Wemm				mci->mci_herrno = h_errno;
193538b7SGregory Neil Shapiro				mci->mci_lastuse = now;
06f25ae9SGregory Neil Shapiro				if (rcode == EX_NOHOST)
06f25ae9SGregory Neil Shapiro					mci_setstat(mci, rcode, "5.1.2",
06f25ae9SGregory Neil Shapiro						"550 Host unknown");
06f25ae9SGregory Neil Shapiro				else
c2aa98e2SPeter Wemm					mci_setstat(mci, rcode, NULL, NULL);
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm				/* use the original host name as signature */
c2aa98e2SPeter Wemm				nmx = 1;
c2aa98e2SPeter Wemm				mxhosts[0] = hp;
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro			if (tTd(17, 3))
06f25ae9SGregory Neil Shapiro				dprintf("hostsignature(): getmxrr() returned %d, mxhosts[0]=%s\n",
06f25ae9SGregory Neil Shapiro					nmx, mxhosts[0]);
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm
c2aa98e2SPeter Wemm		len = 0;
c2aa98e2SPeter Wemm		for (i = 0; i < nmx; i++)
c2aa98e2SPeter Wemm			len += strlen(mxhosts[i]) + 1;
c2aa98e2SPeter Wemm		if (s->s_hostsig != NULL)
c2aa98e2SPeter Wemm			len += strlen(s->s_hostsig) + 1;
06f25ae9SGregory Neil Shapiro		if (len >= MAXHOSTSIGNATURE)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			sm_syslog(LOG_WARNING, NOQID, "hostsignature for host '%s' exceeds maxlen (%d): %d",
06f25ae9SGregory Neil Shapiro				  host, MAXHOSTSIGNATURE, len);
06f25ae9SGregory Neil Shapiro			len = MAXHOSTSIGNATURE;
06f25ae9SGregory Neil Shapiro		}
c2aa98e2SPeter Wemm		p = xalloc(len);
c2aa98e2SPeter Wemm		if (s->s_hostsig != NULL)
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			(void) strlcpy(p, s->s_hostsig, len);
c2aa98e2SPeter Wemm			free(s->s_hostsig);
c2aa98e2SPeter Wemm			s->s_hostsig = p;
06f25ae9SGregory Neil Shapiro			hl = strlen(p);
06f25ae9SGregory Neil Shapiro			p += hl;
06f25ae9SGregory Neil Shapiro			*p++ = prevsep;
06f25ae9SGregory Neil Shapiro			len -= hl + 1;
c2aa98e2SPeter Wemm		}
c2aa98e2SPeter Wemm		else
c2aa98e2SPeter Wemm			s->s_hostsig = p;
c2aa98e2SPeter Wemm		for (i = 0; i < nmx; i++)
c2aa98e2SPeter Wemm		{
06f25ae9SGregory Neil Shapiro			hl = strlen(mxhosts[i]);
06f25ae9SGregory Neil Shapiro			if (len - 1 < hl || len <= 1)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				/* force to drop out of outer loop */
06f25ae9SGregory Neil Shapiro				len = -1;
06f25ae9SGregory Neil Shapiro				break;
c2aa98e2SPeter Wemm			}
06f25ae9SGregory Neil Shapiro			if (i != 0)
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				if (mxprefs[i] == mxprefs[i - 1])
06f25ae9SGregory Neil Shapiro					*p++ = ',';
06f25ae9SGregory Neil Shapiro				else
06f25ae9SGregory Neil Shapiro					*p++ = ':';
06f25ae9SGregory Neil Shapiro				len--;
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro			(void) strlcpy(p, mxhosts[i], len);
06f25ae9SGregory Neil Shapiro			p += hl;
06f25ae9SGregory Neil Shapiro			len -= hl;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		/*
06f25ae9SGregory Neil Shapiro		**  break out of loop if len exceeded MAXHOSTSIGNATURE
06f25ae9SGregory Neil Shapiro		**  because we won't have more space for further hosts
06f25ae9SGregory Neil Shapiro		**  anyway (separated by : in the .cf file).
06f25ae9SGregory Neil Shapiro		*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (len < 0)
06f25ae9SGregory Neil Shapiro			break;
c2aa98e2SPeter Wemm		if (endp != NULL)
06f25ae9SGregory Neil Shapiro			*endp++ = sep;
06f25ae9SGregory Neil Shapiro		prevsep = sep;
c2aa98e2SPeter Wemm	}
c2aa98e2SPeter Wemm	makelower(s->s_hostsig);
c2aa98e2SPeter Wemm	if (ConfigLevel < 2)
c2aa98e2SPeter Wemm		_res.options = oldoptions;
06f25ae9SGregory Neil Shapiro#else /* NAMED_BIND */
c2aa98e2SPeter Wemm	/* not using BIND -- the signature is just the host name */
c2aa98e2SPeter Wemm	s->s_hostsig = host;
06f25ae9SGregory Neil Shapiro#endif /* NAMED_BIND */
c2aa98e2SPeter Wemm	if (tTd(17, 1))
06f25ae9SGregory Neil Shapiro		dprintf("hostsignature(%s) = %s\n", host, s->s_hostsig);
c2aa98e2SPeter Wemm	return s->s_hostsig;
c2aa98e2SPeter Wemm}
06f25ae9SGregory Neil Shapiro/*
06f25ae9SGregory Neil Shapiro**  PARSE_HOSTSIGNATURE -- parse the "signature" and return MX host array.
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	The signature describes how we are going to send this -- it
06f25ae9SGregory Neil Shapiro**	can be just the hostname (for non-Internet hosts) or can be
06f25ae9SGregory Neil Shapiro**	an ordered list of MX hosts which must be randomized for equal
06f25ae9SGregory Neil Shapiro**	MX preference values.
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Parameters:
06f25ae9SGregory Neil Shapiro**		sig -- the host signature.
06f25ae9SGregory Neil Shapiro**		mxhosts -- array to populate.
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Returns:
06f25ae9SGregory Neil Shapiro**		The number of hosts inserted into mxhosts array.
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Side Effects:
06f25ae9SGregory Neil Shapiro**		Randomizes equal MX preference hosts in mxhosts.
06f25ae9SGregory Neil Shapiro*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapirostatic int
06f25ae9SGregory Neil Shapiroparse_hostsignature(sig, mxhosts, mailer)
06f25ae9SGregory Neil Shapiro	char *sig;
06f25ae9SGregory Neil Shapiro	char **mxhosts;
06f25ae9SGregory Neil Shapiro	MAILER *mailer;
06f25ae9SGregory Neil Shapiro{
06f25ae9SGregory Neil Shapiro	int nmx = 0;
06f25ae9SGregory Neil Shapiro	int curpref = 0;
06f25ae9SGregory Neil Shapiro	int i, j;
06f25ae9SGregory Neil Shapiro	char *hp, *endp;
06f25ae9SGregory Neil Shapiro	u_short prefer[MAXMXHOSTS];
06f25ae9SGregory Neil Shapiro	long rndm[MAXMXHOSTS];
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	for (hp = sig; hp != NULL; hp = endp)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		char sep = ':';
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro#if NETINET6
06f25ae9SGregory Neil Shapiro		if (*hp == '[')
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			endp = strchr(hp + 1, ']');
06f25ae9SGregory Neil Shapiro			if (endp != NULL)
06f25ae9SGregory Neil Shapiro				endp = strpbrk(endp + 1, ":,");
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro			endp = strpbrk(hp, ":,");
06f25ae9SGregory Neil Shapiro#else /* NETINET6 */
06f25ae9SGregory Neil Shapiro		endp = strpbrk(hp, ":,");
06f25ae9SGregory Neil Shapiro#endif /* NETINET6 */
06f25ae9SGregory Neil Shapiro		if (endp != NULL)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			sep = *endp;
06f25ae9SGregory Neil Shapiro			*endp = '\0';
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		mxhosts[nmx] = hp;
06f25ae9SGregory Neil Shapiro		prefer[nmx] = curpref;
06f25ae9SGregory Neil Shapiro		if (mci_match(hp, mailer))
06f25ae9SGregory Neil Shapiro			rndm[nmx] = 0;
06f25ae9SGregory Neil Shapiro		else
06f25ae9SGregory Neil Shapiro			rndm[nmx] = get_random();
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if (endp != NULL)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			/*
06f25ae9SGregory Neil Shapiro			**  Since we don't have the original MX prefs,
06f25ae9SGregory Neil Shapiro			**  make our own.  If the separator is a ':', that
06f25ae9SGregory Neil Shapiro			**  means the preference for the next host will be
06f25ae9SGregory Neil Shapiro			**  higher than this one, so simply increment curpref.
06f25ae9SGregory Neil Shapiro			*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			if (sep == ':')
06f25ae9SGregory Neil Shapiro				curpref++;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			*endp++ = sep;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		if (++nmx >= MAXMXHOSTS)
06f25ae9SGregory Neil Shapiro			break;
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* sort the records using the random factor for equal preferences */
06f25ae9SGregory Neil Shapiro	for (i = 0; i < nmx; i++)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		for (j = i + 1; j < nmx; j++)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			/*
06f25ae9SGregory Neil Shapiro			**  List is already sorted by MX preference, only
06f25ae9SGregory Neil Shapiro			**  need to look for equal preference MX records
06f25ae9SGregory Neil Shapiro			*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			if (prefer[i] < prefer[j])
06f25ae9SGregory Neil Shapiro				break;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro			if (prefer[i] > prefer[j] ||
06f25ae9SGregory Neil Shapiro			    (prefer[i] == prefer[j] && rndm[i] > rndm[j]))
06f25ae9SGregory Neil Shapiro			{
06f25ae9SGregory Neil Shapiro				register u_short tempp;
06f25ae9SGregory Neil Shapiro				register long tempr;
06f25ae9SGregory Neil Shapiro				register char *temp1;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro				tempp = prefer[i];
06f25ae9SGregory Neil Shapiro				prefer[i] = prefer[j];
06f25ae9SGregory Neil Shapiro				prefer[j] = tempp;
06f25ae9SGregory Neil Shapiro				temp1 = mxhosts[i];
06f25ae9SGregory Neil Shapiro				mxhosts[i] = mxhosts[j];
06f25ae9SGregory Neil Shapiro				mxhosts[j] = temp1;
06f25ae9SGregory Neil Shapiro				tempr = rndm[i];
06f25ae9SGregory Neil Shapiro				rndm[i] = rndm[j];
06f25ae9SGregory Neil Shapiro				rndm[j] = tempr;
06f25ae9SGregory Neil Shapiro			}
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro	return nmx;
06f25ae9SGregory Neil Shapiro}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro#if SMTP
06f25ae9SGregory Neil Shapiro# if STARTTLS
06f25ae9SGregory Neil Shapirostatic SSL_CTX	*clt_ctx = NULL;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro/*
06f25ae9SGregory Neil Shapiro**  INITCLTTLS -- initialize client side TLS
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Parameters:
06f25ae9SGregory Neil Shapiro**		none.
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Returns:
06f25ae9SGregory Neil Shapiro**		succeeded?
06f25ae9SGregory Neil Shapiro*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapirobool
06f25ae9SGregory Neil Shapiroinitclttls()
06f25ae9SGregory Neil Shapiro{
06f25ae9SGregory Neil Shapiro	if (clt_ctx != NULL)
06f25ae9SGregory Neil Shapiro		return TRUE;	/* already done */
06f25ae9SGregory Neil Shapiro	return inittls(&clt_ctx, TLS_I_CLT, FALSE, CltCERTfile, Cltkeyfile,
06f25ae9SGregory Neil Shapiro		       CACERTpath, CACERTfile, DHParams);
06f25ae9SGregory Neil Shapiro}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro/*
06f25ae9SGregory Neil Shapiro**  STARTTLS -- try to start secure connection (client side)
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Parameters:
06f25ae9SGregory Neil Shapiro**		m -- the mailer.
06f25ae9SGregory Neil Shapiro**		mci -- the mailer connection info.
06f25ae9SGregory Neil Shapiro**		e -- the envelope.
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Returns:
06f25ae9SGregory Neil Shapiro**		success?
06f25ae9SGregory Neil Shapiro**		(maybe this should be some other code than EX_
06f25ae9SGregory Neil Shapiro**		that denotes which stage failed.)
06f25ae9SGregory Neil Shapiro*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapirostatic int
06f25ae9SGregory Neil Shapirostarttls(m, mci, e)
06f25ae9SGregory Neil Shapiro	MAILER *m;
06f25ae9SGregory Neil Shapiro	MCI *mci;
06f25ae9SGregory Neil Shapiro	ENVELOPE *e;
06f25ae9SGregory Neil Shapiro{
06f25ae9SGregory Neil Shapiro	int smtpresult;
42e5d165SGregory Neil Shapiro	int result = 0;
42e5d165SGregory Neil Shapiro	int rfd, wfd;
06f25ae9SGregory Neil Shapiro	SSL *clt_ssl = NULL;
06f25ae9SGregory Neil Shapiro
42e5d165SGregory Neil Shapiro	if (clt_ctx == NULL && !initclttls())
42e5d165SGregory Neil Shapiro		return EX_TEMPFAIL;
06f25ae9SGregory Neil Shapiro	smtpmessage("STARTTLS", m, mci);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* get the reply */
06f25ae9SGregory Neil Shapiro	smtpresult = reply(m, mci, e, TimeOuts.to_datafinal, NULL, NULL);
06f25ae9SGregory Neil Shapiro	/* which timeout? XXX */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* check return code from server */
06f25ae9SGregory Neil Shapiro	if (smtpresult == 454)
06f25ae9SGregory Neil Shapiro		return EX_TEMPFAIL;
06f25ae9SGregory Neil Shapiro	if (smtpresult == 501)
06f25ae9SGregory Neil Shapiro		return EX_USAGE;
06f25ae9SGregory Neil Shapiro	if (smtpresult == -1)
06f25ae9SGregory Neil Shapiro		return smtpresult;
06f25ae9SGregory Neil Shapiro	if (smtpresult != 220)
06f25ae9SGregory Neil Shapiro		return EX_PROTOCOL;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	if (LogLevel > 13)
06f25ae9SGregory Neil Shapiro		sm_syslog(LOG_INFO, e->e_id, "TLS: start client");
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* start connection */
06f25ae9SGregory Neil Shapiro	if ((clt_ssl = SSL_new(clt_ctx)) == NULL)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		if (LogLevel > 5)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			sm_syslog(LOG_ERR, e->e_id,
06f25ae9SGregory Neil Shapiro				  "TLS: error: client: SSL_new failed");
06f25ae9SGregory Neil Shapiro			if (LogLevel > 9)
06f25ae9SGregory Neil Shapiro				tlslogerr();
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		return EX_SOFTWARE;
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro
42e5d165SGregory Neil Shapiro	rfd = fileno(mci->mci_in);
42e5d165SGregory Neil Shapiro	wfd = fileno(mci->mci_out);
42e5d165SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* SSL_clear(clt_ssl); ? */
42e5d165SGregory Neil Shapiro	if (rfd < 0 || wfd < 0 ||
42e5d165SGregory Neil Shapiro	    (result = SSL_set_rfd(clt_ssl, rfd)) <= 0 ||
42e5d165SGregory Neil Shapiro	    (result = SSL_set_wfd(clt_ssl, wfd)) <= 0)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		if (LogLevel > 5)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			sm_syslog(LOG_ERR, e->e_id,
06f25ae9SGregory Neil Shapiro				  "TLS: error: SSL_set_xfd failed=%d", result);
06f25ae9SGregory Neil Shapiro			if (LogLevel > 9)
06f25ae9SGregory Neil Shapiro				tlslogerr();
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		return EX_SOFTWARE;
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro	SSL_set_connect_state(clt_ssl);
06f25ae9SGregory Neil Shapiro	if ((result = SSL_connect(clt_ssl)) <= 0)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		int i;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		/* what to do in this case? */
06f25ae9SGregory Neil Shapiro		i = SSL_get_error(clt_ssl, result);
06f25ae9SGregory Neil Shapiro		if (LogLevel > 5)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			sm_syslog(LOG_ERR, e->e_id,
06f25ae9SGregory Neil Shapiro				  "TLS: error: SSL_connect failed=%d (%d)",
06f25ae9SGregory Neil Shapiro				  result, i);
06f25ae9SGregory Neil Shapiro			if (LogLevel > 9)
06f25ae9SGregory Neil Shapiro				tlslogerr();
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		SSL_free(clt_ssl);
06f25ae9SGregory Neil Shapiro		clt_ssl = NULL;
06f25ae9SGregory Neil Shapiro		return EX_SOFTWARE;
06f25ae9SGregory Neil Shapiro	}
06f25ae9SGregory Neil Shapiro	mci->mci_ssl = clt_ssl;
193538b7SGregory Neil Shapiro	result = tls_get_info(clt_ssl, e, FALSE, mci->mci_host, TRUE);
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* switch to use SSL... */
06f25ae9SGregory Neil Shapiro#if SFIO
06f25ae9SGregory Neil Shapiro	if (sfdctls(mci->mci_in, mci->mci_out, mci->mci_ssl) == 0)
06f25ae9SGregory Neil Shapiro		return EX_OK;
06f25ae9SGregory Neil Shapiro#else /* SFIO */
06f25ae9SGregory Neil Shapiro# if _FFR_TLS_TOREK
06f25ae9SGregory Neil Shapiro	if (sfdctls(&mci->mci_in, &mci->mci_out, mci->mci_ssl) == 0)
06f25ae9SGregory Neil Shapiro		return EX_OK;
06f25ae9SGregory Neil Shapiro# endif /* _FFR_TLS_TOREK */
06f25ae9SGregory Neil Shapiro#endif /* SFIO */
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	/* failure */
06f25ae9SGregory Neil Shapiro	SSL_free(clt_ssl);
06f25ae9SGregory Neil Shapiro	clt_ssl = NULL;
06f25ae9SGregory Neil Shapiro	return EX_SOFTWARE;
06f25ae9SGregory Neil Shapiro}
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro/*
06f25ae9SGregory Neil Shapiro**  ENDTLSCLT -- shutdown secure connection (client side)
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Parameters:
06f25ae9SGregory Neil Shapiro**		mci -- the mailer connection info.
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Returns:
06f25ae9SGregory Neil Shapiro**		success?
06f25ae9SGregory Neil Shapiro*/
06f25ae9SGregory Neil Shapiroint
06f25ae9SGregory Neil Shapiroendtlsclt(mci)
06f25ae9SGregory Neil Shapiro	MCI *mci;
06f25ae9SGregory Neil Shapiro{
06f25ae9SGregory Neil Shapiro	int r;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	if (!bitset(MCIF_TLSACT, mci->mci_flags))
06f25ae9SGregory Neil Shapiro		return EX_OK;
06f25ae9SGregory Neil Shapiro	r = endtls(mci->mci_ssl, "client");
06f25ae9SGregory Neil Shapiro	mci->mci_flags &= ~MCIF_TLSACT;
06f25ae9SGregory Neil Shapiro	return r;
06f25ae9SGregory Neil Shapiro}
06f25ae9SGregory Neil Shapiro/*
06f25ae9SGregory Neil Shapiro**  ENDTLS -- shutdown secure connection
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Parameters:
06f25ae9SGregory Neil Shapiro**		ssl -- SSL connection information.
06f25ae9SGregory Neil Shapiro**		side -- srv/clt (for logging).
06f25ae9SGregory Neil Shapiro**
06f25ae9SGregory Neil Shapiro**	Returns:
06f25ae9SGregory Neil Shapiro**		success?
06f25ae9SGregory Neil Shapiro*/
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiroint
06f25ae9SGregory Neil Shapiroendtls(ssl, side)
06f25ae9SGregory Neil Shapiro	SSL *ssl;
06f25ae9SGregory Neil Shapiro	char *side;
06f25ae9SGregory Neil Shapiro{
602a2b1bSGregory Neil Shapiro	int ret = EX_OK;
602a2b1bSGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro	if (ssl != NULL)
06f25ae9SGregory Neil Shapiro	{
06f25ae9SGregory Neil Shapiro		int r;
06f25ae9SGregory Neil Shapiro
06f25ae9SGregory Neil Shapiro		if ((r = SSL_shutdown(ssl)) < 0)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			if (LogLevel > 11)
06f25ae9SGregory Neil Shapiro				sm_syslog(LOG_WARNING, NOQID,
06f25ae9SGregory Neil Shapiro					  "SSL_shutdown %s failed: %d",
06f25ae9SGregory Neil Shapiro					  side, r);
602a2b1bSGregory Neil Shapiro			ret = EX_SOFTWARE;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		else if (r == 0)
06f25ae9SGregory Neil Shapiro		{
06f25ae9SGregory Neil Shapiro			if (LogLevel > 13)
06f25ae9SGregory Neil Shapiro				sm_syslog(LOG_WARNING, NOQID,
06f25ae9SGregory Neil Shapiro					  "SSL_shutdown %s not done",
06f25ae9SGregory Neil Shapiro					  side);
602a2b1bSGregory Neil Shapiro			ret = EX_SOFTWARE;
06f25ae9SGregory Neil Shapiro		}
06f25ae9SGregory Neil Shapiro		SSL_free(ssl);
06f25ae9SGregory Neil Shapiro		ssl = NULL;
06f25ae9SGregory Neil Shapiro	}
602a2b1bSGregory Neil Shapiro	return ret;
06f25ae9SGregory Neil Shapiro}
06f25ae9SGregory Neil Shapiro# endif /* STARTTLS */
06f25ae9SGregory Neil Shapiro#endif /* SMTP */