1 /* 2 * Copyright (c) 1998-2003, 2006 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 */ 13 14 #include <sendmail.h> 15 16 SM_RCSID("@(#)$Id: envelope.c,v 8.304 2007/04/18 17:15:49 ca Exp $") 17 18 /* 19 ** CLRSESSENVELOPE -- clear session oriented data in an envelope 20 ** 21 ** Parameters: 22 ** e -- the envelope to clear. 23 ** 24 ** Returns: 25 ** none. 26 */ 27 28 void 29 clrsessenvelope(e) 30 ENVELOPE *e; 31 { 32 #if SASL 33 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), ""); 34 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), ""); 35 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), ""); 36 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), ""); 37 #endif /* SASL */ 38 #if STARTTLS 39 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), ""); 40 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), ""); 41 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), ""); 42 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), ""); 43 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), ""); 44 macdefine(&e->e_macro, A_PERM, macid("{verify}"), ""); 45 # if _FFR_TLS_1 46 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), ""); 47 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), ""); 48 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), ""); 49 # endif /* _FFR_TLS_1 */ 50 #endif /* STARTTLS */ 51 } 52 53 /* 54 ** NEWENVELOPE -- fill in a new envelope 55 ** 56 ** Supports inheritance. 57 ** 58 ** Parameters: 59 ** e -- the new envelope to fill in. 60 ** parent -- the envelope to be the parent of e. 61 ** rpool -- either NULL, or a pointer to a resource pool 62 ** from which envelope memory is allocated, and 63 ** to which envelope resources are attached. 64 ** 65 ** Returns: 66 ** e. 67 ** 68 ** Side Effects: 69 ** none. 70 */ 71 72 ENVELOPE * 73 newenvelope(e, parent, rpool) 74 register ENVELOPE *e; 75 register ENVELOPE *parent; 76 SM_RPOOL_T *rpool; 77 { 78 int sendmode, dm; 79 80 /* 81 ** This code used to read: 82 ** if (e == parent && e->e_parent != NULL) 83 ** parent = e->e_parent; 84 ** So if e == parent && e->e_parent == NULL then we would 85 ** set e->e_parent = e, which creates a loop in the e_parent chain. 86 ** This meant macvalue() could go into an infinite loop. 87 */ 88 89 dm = DM_NOTSET; 90 if (parent != NULL) 91 { 92 char *str; 93 94 sendmode = parent->e_sendmode; 95 str = macvalue(macid("{deliveryMode}"), parent); 96 if (str != NULL) 97 dm = (int) str[0]; 98 } 99 else 100 sendmode = DM_NOTSET; 101 102 if (e == parent) 103 parent = e->e_parent; 104 clearenvelope(e, true, rpool); 105 if (e == CurEnv) 106 memmove((char *) &e->e_from, 107 (char *) &NullAddress, 108 sizeof(e->e_from)); 109 else 110 memmove((char *) &e->e_from, 111 (char *) &CurEnv->e_from, 112 sizeof(e->e_from)); 113 e->e_parent = parent; 114 assign_queueid(e); 115 e->e_ctime = curtime(); 116 #if _FFR_SESSID 117 e->e_sessid = e->e_id; 118 #endif /* _FFR_SESSID */ 119 if (parent != NULL) 120 { 121 e->e_msgpriority = parent->e_msgsize; 122 #if _FFR_SESSID 123 if (parent->e_sessid != NULL) 124 e->e_sessid = sm_rpool_strdup_x(rpool, 125 parent->e_sessid); 126 #endif /* _FFR_SESSID */ 127 128 if (parent->e_quarmsg == NULL) 129 { 130 e->e_quarmsg = NULL; 131 macdefine(&e->e_macro, A_PERM, 132 macid("{quarantine}"), ""); 133 } 134 else 135 { 136 e->e_quarmsg = sm_rpool_strdup_x(rpool, 137 parent->e_quarmsg); 138 macdefine(&e->e_macro, A_PERM, 139 macid("{quarantine}"), e->e_quarmsg); 140 } 141 } 142 e->e_puthdr = putheader; 143 e->e_putbody = putbody; 144 if (CurEnv->e_xfp != NULL) 145 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT); 146 if (sendmode != DM_NOTSET) 147 e->e_sendmode = sendmode; 148 if (dm != DM_NOTSET) 149 set_delivery_mode(dm, e); 150 151 return e; 152 } 153 154 /* values for msg_timeout, see also IS_* below for usage (bit layout) */ 155 #define MSG_T_O 0x01 /* normal timeout */ 156 #define MSG_T_O_NOW 0x02 /* NOW timeout */ 157 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */ 158 #define MSG_WARN 0x10 /* normal queue warning */ 159 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */ 160 161 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */ 162 163 /* immediate return */ 164 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0) 165 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */ 166 167 /* 168 ** DROPENVELOPE -- deallocate an envelope. 169 ** 170 ** Parameters: 171 ** e -- the envelope to deallocate. 172 ** fulldrop -- if set, do return receipts. 173 ** split -- if true, split by recipient if message is queued up 174 ** 175 ** Returns: 176 ** none. 177 ** 178 ** Side Effects: 179 ** housekeeping necessary to dispose of an envelope. 180 ** Unlocks this queue file. 181 */ 182 183 void 184 dropenvelope(e, fulldrop, split) 185 register ENVELOPE *e; 186 bool fulldrop; 187 bool split; 188 { 189 bool panic = false; 190 bool queueit = false; 191 int msg_timeout = 0; 192 bool failure_return = false; 193 bool delay_return = false; 194 bool success_return = false; 195 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags); 196 bool done = false; 197 register ADDRESS *q; 198 char *id = e->e_id; 199 time_t now; 200 char buf[MAXLINE]; 201 202 if (tTd(50, 1)) 203 { 204 sm_dprintf("dropenvelope %p: id=", e); 205 xputs(sm_debug_file(), e->e_id); 206 sm_dprintf(", flags="); 207 printenvflags(e); 208 if (tTd(50, 10)) 209 { 210 sm_dprintf("sendq="); 211 printaddr(sm_debug_file(), e->e_sendqueue, true); 212 } 213 } 214 215 if (LogLevel > 84) 216 sm_syslog(LOG_DEBUG, id, 217 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d", 218 e->e_flags, OpMode, (int) CurrentPid); 219 220 /* we must have an id to remove disk files */ 221 if (id == NULL) 222 return; 223 224 /* if verify-only mode, we can skip most of this */ 225 if (OpMode == MD_VERIFY) 226 goto simpledrop; 227 228 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags)) 229 logsender(e, NULL); 230 e->e_flags &= ~EF_LOGSENDER; 231 232 /* post statistics */ 233 poststats(StatFile); 234 235 /* 236 ** Extract state information from dregs of send list. 237 */ 238 239 now = curtime(); 240 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass]) 241 msg_timeout = MSG_T_O; 242 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 && 243 now >= e->e_ctime + e->e_deliver_by && 244 !bitset(EF_RESPONSE, e->e_flags)) 245 { 246 msg_timeout = MSG_NOT_BY; 247 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 248 } 249 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW && 250 !bitset(EF_RESPONSE, e->e_flags)) 251 { 252 msg_timeout = MSG_T_O_NOW; 253 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 254 } 255 256 e->e_flags &= ~EF_QUEUERUN; 257 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 258 { 259 if (QS_IS_UNDELIVERED(q->q_state)) 260 queueit = true; 261 262 /* see if a notification is needed */ 263 if (bitset(QPINGONFAILURE, q->q_flags) && 264 ((IS_MSG_ERR(msg_timeout) && 265 QS_IS_UNDELIVERED(q->q_state)) || 266 QS_IS_BADADDR(q->q_state) || 267 IS_IMM_RET(msg_timeout))) 268 { 269 failure_return = true; 270 if (!done && q->q_owner == NULL && 271 !emptyaddr(&e->e_from)) 272 { 273 (void) sendtolist(e->e_from.q_paddr, NULLADDR, 274 &e->e_errorqueue, 0, e); 275 done = true; 276 } 277 } 278 else if ((bitset(QPINGONSUCCESS, q->q_flags) && 279 ((QS_IS_SENT(q->q_state) && 280 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) || 281 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) || 282 bitset(QBYTRACE, q->q_flags) || 283 bitset(QBYNRELAY, q->q_flags)) 284 { 285 success_return = true; 286 } 287 } 288 289 if (e->e_class < 0) 290 e->e_flags |= EF_NO_BODY_RETN; 291 292 /* 293 ** See if the message timed out. 294 */ 295 296 if (!queueit) 297 /* EMPTY */ 298 /* nothing to do */ ; 299 else if (IS_MSG_ERR(msg_timeout)) 300 { 301 if (failure_return) 302 { 303 if (msg_timeout == MSG_NOT_BY) 304 { 305 (void) sm_snprintf(buf, sizeof(buf), 306 "delivery time expired %lds", 307 e->e_deliver_by); 308 } 309 else 310 { 311 (void) sm_snprintf(buf, sizeof(buf), 312 "Cannot send message for %s", 313 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 314 false)); 315 } 316 317 /* don't free, allocated from e_rpool */ 318 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf); 319 message(buf); 320 e->e_flags |= EF_CLRQUEUE; 321 } 322 if (msg_timeout == MSG_NOT_BY) 323 { 324 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 325 "Delivery time (%lds) expired\n", 326 e->e_deliver_by); 327 } 328 else 329 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 330 "Message could not be delivered for %s\n", 331 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 332 false)); 333 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 334 "Message will be deleted from queue\n"); 335 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 336 { 337 if (QS_IS_UNDELIVERED(q->q_state)) 338 { 339 q->q_state = QS_BADADDR; 340 if (msg_timeout == MSG_NOT_BY) 341 q->q_status = "5.4.7"; 342 else 343 q->q_status = "4.4.7"; 344 } 345 } 346 } 347 else 348 { 349 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 && 350 now >= e->e_ctime + 351 TimeOuts.to_q_warning[e->e_timeoutclass]) 352 msg_timeout = MSG_WARN; 353 else if (IS_DLVR_NOTIFY(e) && 354 e->e_deliver_by > 0 && 355 now >= e->e_ctime + e->e_deliver_by) 356 msg_timeout = MSG_WARN_BY; 357 358 if (IS_MSG_WARN(msg_timeout)) 359 { 360 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) && 361 e->e_class >= 0 && 362 e->e_from.q_paddr != NULL && 363 strcmp(e->e_from.q_paddr, "<>") != 0 && 364 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 && 365 (strlen(e->e_from.q_paddr) <= 8 || 366 sm_strcasecmp(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8], 367 "-request") != 0)) 368 { 369 for (q = e->e_sendqueue; q != NULL; 370 q = q->q_next) 371 { 372 if (QS_IS_UNDELIVERED(q->q_state) 373 #if _FFR_NODELAYDSN_ON_HOLD 374 && !bitnset(M_HOLD, 375 q->q_mailer->m_flags) 376 #endif /* _FFR_NODELAYDSN_ON_HOLD */ 377 ) 378 { 379 if (msg_timeout == 380 MSG_WARN_BY && 381 (bitset(QPINGONDELAY, 382 q->q_flags) || 383 !bitset(QHASNOTIFY, 384 q->q_flags)) 385 ) 386 { 387 q->q_flags |= QBYNDELAY; 388 delay_return = true; 389 } 390 if (bitset(QPINGONDELAY, 391 q->q_flags)) 392 { 393 q->q_flags |= QDELAYED; 394 delay_return = true; 395 } 396 } 397 } 398 } 399 if (delay_return) 400 { 401 if (msg_timeout == MSG_WARN_BY) 402 { 403 (void) sm_snprintf(buf, sizeof(buf), 404 "Warning: Delivery time (%lds) exceeded", 405 e->e_deliver_by); 406 } 407 else 408 (void) sm_snprintf(buf, sizeof(buf), 409 "Warning: could not send message for past %s", 410 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 411 false)); 412 413 /* don't free, allocated from e_rpool */ 414 e->e_message = sm_rpool_strdup_x(e->e_rpool, 415 buf); 416 message(buf); 417 e->e_flags |= EF_WARNING; 418 } 419 if (msg_timeout == MSG_WARN_BY) 420 { 421 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 422 "Warning: Delivery time (%lds) exceeded\n", 423 e->e_deliver_by); 424 } 425 else 426 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 427 "Warning: message still undelivered after %s\n", 428 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 429 false)); 430 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 431 "Will keep trying until message is %s old\n", 432 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 433 false)); 434 } 435 } 436 437 if (tTd(50, 2)) 438 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n", 439 failure_return, delay_return, success_return, queueit); 440 441 /* 442 ** If we had some fatal error, but no addresses are marked as 443 ** bad, mark them _all_ as bad. 444 */ 445 446 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return) 447 { 448 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 449 { 450 if ((QS_IS_OK(q->q_state) || 451 QS_IS_VERIFIED(q->q_state)) && 452 bitset(QPINGONFAILURE, q->q_flags)) 453 { 454 failure_return = true; 455 q->q_state = QS_BADADDR; 456 } 457 } 458 } 459 460 /* 461 ** Send back return receipts as requested. 462 */ 463 464 if (success_return && !failure_return && !delay_return && fulldrop && 465 !bitset(PRIV_NORECEIPTS, PrivacyFlags) && 466 strcmp(e->e_from.q_paddr, "<>") != 0) 467 { 468 auto ADDRESS *rlist = NULL; 469 470 if (tTd(50, 8)) 471 sm_dprintf("dropenvelope(%s): sending return receipt\n", 472 id); 473 e->e_flags |= EF_SENDRECEIPT; 474 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e); 475 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e); 476 } 477 e->e_flags &= ~EF_SENDRECEIPT; 478 479 /* 480 ** Arrange to send error messages if there are fatal errors. 481 */ 482 483 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET) 484 { 485 if (tTd(50, 8)) 486 sm_dprintf("dropenvelope(%s): saving mail\n", id); 487 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags)); 488 } 489 490 /* 491 ** Arrange to send warning messages to postmaster as requested. 492 */ 493 494 if ((failure_return || pmnotify) && 495 PostMasterCopy != NULL && 496 !bitset(EF_RESPONSE, e->e_flags) && 497 e->e_class >= 0) 498 { 499 auto ADDRESS *rlist = NULL; 500 char pcopy[MAXNAME]; 501 502 if (failure_return) 503 { 504 expand(PostMasterCopy, pcopy, sizeof(pcopy), e); 505 506 if (tTd(50, 8)) 507 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n", 508 id, pcopy); 509 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e); 510 } 511 if (pmnotify) 512 (void) sendtolist("postmaster", NULLADDR, 513 &rlist, 0, e); 514 (void) returntosender(e->e_message, rlist, 515 RTSF_PM_BOUNCE|RTSF_NO_BODY, e); 516 } 517 518 /* 519 ** Instantiate or deinstantiate the queue. 520 */ 521 522 simpledrop: 523 if (tTd(50, 8)) 524 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n", 525 id, queueit); 526 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags)) 527 { 528 if (tTd(50, 1)) 529 { 530 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=", 531 e->e_id, queueit); 532 printenvflags(e); 533 } 534 if (!panic) 535 { 536 if (e->e_dfp != NULL) 537 { 538 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 539 e->e_dfp = NULL; 540 } 541 (void) xunlink(queuename(e, DATAFL_LETTER)); 542 } 543 if (panic && QueueMode == QM_LOST) 544 { 545 /* 546 ** leave the Qf file behind as 547 ** the delivery attempt failed. 548 */ 549 550 /* EMPTY */ 551 } 552 else 553 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0) 554 { 555 /* add to available space in filesystem */ 556 updfs(e, -1, panic ? 0 : -1, "dropenvelope"); 557 } 558 559 if (e->e_ntries > 0 && LogLevel > 9) 560 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d", 561 pintvl(curtime() - e->e_ctime, true), 562 e->e_ntries); 563 } 564 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 565 { 566 if (!split) 567 queueup(e, false, true); 568 else 569 { 570 ENVELOPE *oldsib; 571 ENVELOPE *ee; 572 573 /* 574 ** Save old sibling and set it to NULL to avoid 575 ** queueing up the same envelopes again. 576 ** This requires that envelopes in that list have 577 ** been take care of before (or at some other place). 578 */ 579 580 oldsib = e->e_sibling; 581 e->e_sibling = NULL; 582 if (!split_by_recipient(e) && 583 bitset(EF_FATALERRS, e->e_flags)) 584 { 585 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%d", 586 e->e_id, queuename(e, DATAFL_LETTER), 587 (int) geteuid()); 588 } 589 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 590 queueup(ee, false, true); 591 queueup(e, false, true); 592 593 /* clean up */ 594 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 595 { 596 /* now unlock the job */ 597 if (tTd(50, 8)) 598 sm_dprintf("dropenvelope(%s): unlocking job\n", 599 ee->e_id); 600 closexscript(ee); 601 unlockqueue(ee); 602 603 /* this envelope is marked unused */ 604 if (ee->e_dfp != NULL) 605 { 606 (void) sm_io_close(ee->e_dfp, 607 SM_TIME_DEFAULT); 608 ee->e_dfp = NULL; 609 } 610 ee->e_id = NULL; 611 ee->e_flags &= ~EF_HAS_DF; 612 } 613 e->e_sibling = oldsib; 614 } 615 } 616 617 /* now unlock the job */ 618 if (tTd(50, 8)) 619 sm_dprintf("dropenvelope(%s): unlocking job\n", id); 620 closexscript(e); 621 unlockqueue(e); 622 623 /* make sure that this envelope is marked unused */ 624 if (e->e_dfp != NULL) 625 { 626 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 627 e->e_dfp = NULL; 628 } 629 e->e_id = NULL; 630 e->e_flags &= ~EF_HAS_DF; 631 } 632 /* 633 ** CLEARENVELOPE -- clear an envelope without unlocking 634 ** 635 ** This is normally used by a child process to get a clean 636 ** envelope without disturbing the parent. 637 ** 638 ** Parameters: 639 ** e -- the envelope to clear. 640 ** fullclear - if set, the current envelope is total 641 ** garbage and should be ignored; otherwise, 642 ** release any resources it may indicate. 643 ** rpool -- either NULL, or a pointer to a resource pool 644 ** from which envelope memory is allocated, and 645 ** to which envelope resources are attached. 646 ** 647 ** Returns: 648 ** none. 649 ** 650 ** Side Effects: 651 ** Closes files associated with the envelope. 652 ** Marks the envelope as unallocated. 653 */ 654 655 void 656 clearenvelope(e, fullclear, rpool) 657 register ENVELOPE *e; 658 bool fullclear; 659 SM_RPOOL_T *rpool; 660 { 661 register HDR *bh; 662 register HDR **nhp; 663 extern ENVELOPE BlankEnvelope; 664 char **p; 665 666 if (!fullclear) 667 { 668 /* clear out any file information */ 669 if (e->e_xfp != NULL) 670 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 671 if (e->e_dfp != NULL) 672 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 673 e->e_xfp = e->e_dfp = NULL; 674 } 675 676 /* 677 ** Copy BlankEnvelope into *e. 678 ** It is not safe to simply copy pointers to strings; 679 ** the strings themselves must be copied (or set to NULL). 680 ** The problem is that when we assign a new string value to 681 ** a member of BlankEnvelope, we free the old string. 682 ** We did not need to do this copying in sendmail 8.11 :-( 683 ** and it is a potential performance hit. Reference counted 684 ** strings are one way out. 685 */ 686 687 *e = BlankEnvelope; 688 e->e_message = NULL; 689 e->e_qfletter = '\0'; 690 e->e_quarmsg = NULL; 691 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), ""); 692 693 /* 694 ** Copy the macro table. 695 ** We might be able to avoid this by zeroing the macro table 696 ** and always searching BlankEnvelope.e_macro after e->e_macro 697 ** in macvalue(). 698 */ 699 700 for (p = &e->e_macro.mac_table[0]; 701 p <= &e->e_macro.mac_table[MAXMACROID]; 702 ++p) 703 { 704 if (*p != NULL) 705 *p = sm_rpool_strdup_x(rpool, *p); 706 } 707 708 /* 709 ** XXX There are many strings in the envelope structure 710 ** XXX that we are not attempting to copy here. 711 ** XXX Investigate this further. 712 */ 713 714 e->e_rpool = rpool; 715 e->e_macro.mac_rpool = rpool; 716 if (Verbose) 717 set_delivery_mode(SM_DELIVER, e); 718 bh = BlankEnvelope.e_header; 719 nhp = &e->e_header; 720 while (bh != NULL) 721 { 722 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof(*bh)); 723 memmove((char *) *nhp, (char *) bh, sizeof(*bh)); 724 bh = bh->h_link; 725 nhp = &(*nhp)->h_link; 726 } 727 } 728 /* 729 ** INITSYS -- initialize instantiation of system 730 ** 731 ** In Daemon mode, this is done in the child. 732 ** 733 ** Parameters: 734 ** e -- the envelope to use. 735 ** 736 ** Returns: 737 ** none. 738 ** 739 ** Side Effects: 740 ** Initializes the system macros, some global variables, 741 ** etc. In particular, the current time in various 742 ** forms is set. 743 */ 744 745 void 746 initsys(e) 747 register ENVELOPE *e; 748 { 749 char buf[10]; 750 #ifdef TTYNAME 751 static char ybuf[60]; /* holds tty id */ 752 register char *p; 753 extern char *ttyname(); 754 #endif /* TTYNAME */ 755 756 /* 757 ** Give this envelope a reality. 758 ** I.e., an id, a transcript, and a creation time. 759 ** We don't select the queue until all of the recipients are known. 760 */ 761 762 openxscript(e); 763 e->e_ctime = curtime(); 764 e->e_qfletter = '\0'; 765 766 /* 767 ** Set OutChannel to something useful if stdout isn't it. 768 ** This arranges that any extra stuff the mailer produces 769 ** gets sent back to the user on error (because it is 770 ** tucked away in the transcript). 771 */ 772 773 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) && 774 e->e_xfp != NULL) 775 OutChannel = e->e_xfp; 776 777 /* 778 ** Set up some basic system macros. 779 */ 780 781 /* process id */ 782 (void) sm_snprintf(buf, sizeof(buf), "%d", (int) CurrentPid); 783 macdefine(&e->e_macro, A_TEMP, 'p', buf); 784 785 /* hop count */ 786 (void) sm_snprintf(buf, sizeof(buf), "%d", e->e_hopcount); 787 macdefine(&e->e_macro, A_TEMP, 'c', buf); 788 789 /* time as integer, unix time, arpa time */ 790 settime(e); 791 792 /* Load average */ 793 sm_getla(); 794 795 #ifdef TTYNAME 796 /* tty name */ 797 if (macvalue('y', e) == NULL) 798 { 799 p = ttyname(2); 800 if (p != NULL) 801 { 802 if (strrchr(p, '/') != NULL) 803 p = strrchr(p, '/') + 1; 804 (void) sm_strlcpy(ybuf, sizeof(ybuf), p); 805 macdefine(&e->e_macro, A_PERM, 'y', ybuf); 806 } 807 } 808 #endif /* TTYNAME */ 809 } 810 /* 811 ** SETTIME -- set the current time. 812 ** 813 ** Parameters: 814 ** e -- the envelope in which the macros should be set. 815 ** 816 ** Returns: 817 ** none. 818 ** 819 ** Side Effects: 820 ** Sets the various time macros -- $a, $b, $d, $t. 821 */ 822 823 void 824 settime(e) 825 register ENVELOPE *e; 826 { 827 register char *p; 828 auto time_t now; 829 char buf[30]; 830 register struct tm *tm; 831 832 now = curtime(); 833 (void) sm_snprintf(buf, sizeof(buf), "%ld", (long) now); 834 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf); 835 tm = gmtime(&now); 836 (void) sm_snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d", 837 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 838 tm->tm_hour, tm->tm_min); 839 macdefine(&e->e_macro, A_TEMP, 't', buf); 840 (void) sm_strlcpy(buf, ctime(&now), sizeof(buf)); 841 p = strchr(buf, '\n'); 842 if (p != NULL) 843 *p = '\0'; 844 macdefine(&e->e_macro, A_TEMP, 'd', buf); 845 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf)); 846 if (macvalue('a', e) == NULL) 847 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e)); 848 } 849 /* 850 ** OPENXSCRIPT -- Open transcript file 851 ** 852 ** Creates a transcript file for possible eventual mailing or 853 ** sending back. 854 ** 855 ** Parameters: 856 ** e -- the envelope to create the transcript in/for. 857 ** 858 ** Returns: 859 ** none 860 ** 861 ** Side Effects: 862 ** Creates the transcript file. 863 */ 864 865 #ifndef O_APPEND 866 # define O_APPEND 0 867 #endif /* ! O_APPEND */ 868 869 void 870 openxscript(e) 871 register ENVELOPE *e; 872 { 873 register char *p; 874 875 if (e->e_xfp != NULL) 876 return; 877 878 #if 0 879 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags)) 880 syserr("openxscript: job not locked"); 881 #endif /* 0 */ 882 883 p = queuename(e, XSCRPT_LETTER); 884 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize, 885 SFF_NOTEXCL|SFF_OPENASROOT); 886 887 if (e->e_xfp == NULL) 888 { 889 syserr("Can't create transcript file %s", p); 890 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, 891 SM_PATH_DEVNULL, SM_IO_RDWR, NULL); 892 if (e->e_xfp == NULL) 893 syserr("!Can't open %s", SM_PATH_DEVNULL); 894 } 895 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0); 896 if (tTd(46, 9)) 897 { 898 sm_dprintf("openxscript(%s):\n ", p); 899 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true, 900 false); 901 } 902 } 903 /* 904 ** CLOSEXSCRIPT -- close the transcript file. 905 ** 906 ** Parameters: 907 ** e -- the envelope containing the transcript to close. 908 ** 909 ** Returns: 910 ** none. 911 ** 912 ** Side Effects: 913 ** none. 914 */ 915 916 void 917 closexscript(e) 918 register ENVELOPE *e; 919 { 920 if (e->e_xfp == NULL) 921 return; 922 #if 0 923 if (e->e_lockfp == NULL) 924 syserr("closexscript: job not locked"); 925 #endif /* 0 */ 926 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 927 e->e_xfp = NULL; 928 } 929 /* 930 ** SETSENDER -- set the person who this message is from 931 ** 932 ** Under certain circumstances allow the user to say who 933 ** s/he is (using -f or -r). These are: 934 ** 1. The user's uid is zero (root). 935 ** 2. The user's login name is in an approved list (typically 936 ** from a network server). 937 ** 3. The address the user is trying to claim has a 938 ** "!" character in it (since #2 doesn't do it for 939 ** us if we are dialing out for UUCP). 940 ** A better check to replace #3 would be if the 941 ** effective uid is "UUCP" -- this would require me 942 ** to rewrite getpwent to "grab" uucp as it went by, 943 ** make getname more nasty, do another passwd file 944 ** scan, or compile the UID of "UUCP" into the code, 945 ** all of which are reprehensible. 946 ** 947 ** Assuming all of these fail, we figure out something 948 ** ourselves. 949 ** 950 ** Parameters: 951 ** from -- the person we would like to believe this message 952 ** is from, as specified on the command line. 953 ** e -- the envelope in which we would like the sender set. 954 ** delimptr -- if non-NULL, set to the location of the 955 ** trailing delimiter. 956 ** delimchar -- the character that will delimit the sender 957 ** address. 958 ** internal -- set if this address is coming from an internal 959 ** source such as an owner alias. 960 ** 961 ** Returns: 962 ** none. 963 ** 964 ** Side Effects: 965 ** sets sendmail's notion of who the from person is. 966 */ 967 968 void 969 setsender(from, e, delimptr, delimchar, internal) 970 char *from; 971 register ENVELOPE *e; 972 char **delimptr; 973 int delimchar; 974 bool internal; 975 { 976 register char **pvp; 977 char *realname = NULL; 978 char *bp; 979 char buf[MAXNAME + 2]; 980 char pvpbuf[PSBUFSIZE]; 981 extern char *FullName; 982 983 if (tTd(45, 1)) 984 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from); 985 986 /* may be set from earlier calls */ 987 macdefine(&e->e_macro, A_PERM, 'x', ""); 988 989 /* 990 ** Figure out the real user executing us. 991 ** Username can return errno != 0 on non-errors. 992 */ 993 994 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP || 995 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON) 996 realname = from; 997 if (realname == NULL || realname[0] == '\0') 998 realname = username(); 999 1000 if (ConfigLevel < 2) 1001 SuprErrs = true; 1002 1003 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 1004 1005 /* preset state for then clause in case from == NULL */ 1006 e->e_from.q_state = QS_BADADDR; 1007 e->e_from.q_flags = 0; 1008 if (from == NULL || 1009 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR, 1010 delimchar, delimptr, e, false) == NULL || 1011 QS_IS_BADADDR(e->e_from.q_state) || 1012 e->e_from.q_mailer == ProgMailer || 1013 e->e_from.q_mailer == FileMailer || 1014 e->e_from.q_mailer == InclMailer) 1015 { 1016 /* log garbage addresses for traceback */ 1017 if (from != NULL && LogLevel > 2) 1018 { 1019 char *p; 1020 char ebuf[MAXNAME * 2 + 2]; 1021 1022 p = macvalue('_', e); 1023 if (p == NULL) 1024 { 1025 char *host = RealHostName; 1026 1027 if (host == NULL) 1028 host = MyHostName; 1029 (void) sm_snprintf(ebuf, sizeof(ebuf), 1030 "%.*s@%.*s", MAXNAME, 1031 realname, MAXNAME, host); 1032 p = ebuf; 1033 } 1034 sm_syslog(LOG_NOTICE, e->e_id, 1035 "setsender: %s: invalid or unparsable, received from %s", 1036 shortenstring(from, 83), p); 1037 } 1038 if (from != NULL) 1039 { 1040 if (!QS_IS_BADADDR(e->e_from.q_state)) 1041 { 1042 /* it was a bogus mailer in the from addr */ 1043 e->e_status = "5.1.7"; 1044 usrerrenh(e->e_status, 1045 "553 Invalid sender address"); 1046 } 1047 SuprErrs = true; 1048 } 1049 if (from == realname || 1050 parseaddr(from = realname, 1051 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ', 1052 NULL, e, false) == NULL) 1053 { 1054 char nbuf[100]; 1055 1056 SuprErrs = true; 1057 expand("\201n", nbuf, sizeof(nbuf), e); 1058 from = sm_rpool_strdup_x(e->e_rpool, nbuf); 1059 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ', 1060 NULL, e, false) == NULL && 1061 parseaddr(from = "postmaster", &e->e_from, 1062 RF_COPYALL, ' ', NULL, e, false) == NULL) 1063 syserr("553 5.3.0 setsender: can't even parse postmaster!"); 1064 } 1065 } 1066 else 1067 FromFlag = true; 1068 e->e_from.q_state = QS_SENDER; 1069 if (tTd(45, 5)) 1070 { 1071 sm_dprintf("setsender: QS_SENDER "); 1072 printaddr(sm_debug_file(), &e->e_from, false); 1073 } 1074 SuprErrs = false; 1075 1076 #if USERDB 1077 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags)) 1078 { 1079 register char *p; 1080 1081 p = udbsender(e->e_from.q_user, e->e_rpool); 1082 if (p != NULL) 1083 from = p; 1084 } 1085 #endif /* USERDB */ 1086 1087 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags)) 1088 { 1089 SM_MBDB_T user; 1090 1091 if (!internal) 1092 { 1093 /* if the user already given fullname don't redefine */ 1094 if (FullName == NULL) 1095 FullName = macvalue('x', e); 1096 if (FullName != NULL) 1097 { 1098 if (FullName[0] == '\0') 1099 FullName = NULL; 1100 else 1101 FullName = newstr(FullName); 1102 } 1103 } 1104 1105 if (e->e_from.q_user[0] != '\0' && 1106 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK) 1107 { 1108 /* 1109 ** Process passwd file entry. 1110 */ 1111 1112 /* extract home directory */ 1113 if (*user.mbdb_homedir == '\0') 1114 e->e_from.q_home = NULL; 1115 else if (strcmp(user.mbdb_homedir, "/") == 0) 1116 e->e_from.q_home = ""; 1117 else 1118 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool, 1119 user.mbdb_homedir); 1120 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home); 1121 1122 /* extract user and group id */ 1123 if (user.mbdb_uid != SM_NO_UID) 1124 { 1125 e->e_from.q_uid = user.mbdb_uid; 1126 e->e_from.q_gid = user.mbdb_gid; 1127 e->e_from.q_flags |= QGOODUID; 1128 } 1129 1130 /* extract full name from passwd file */ 1131 if (FullName == NULL && !internal && 1132 user.mbdb_fullname[0] != '\0' && 1133 strcmp(user.mbdb_name, e->e_from.q_user) == 0) 1134 { 1135 FullName = newstr(user.mbdb_fullname); 1136 } 1137 } 1138 else 1139 { 1140 e->e_from.q_home = NULL; 1141 } 1142 if (FullName != NULL && !internal) 1143 macdefine(&e->e_macro, A_TEMP, 'x', FullName); 1144 } 1145 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP) 1146 { 1147 if (e->e_from.q_home == NULL) 1148 { 1149 e->e_from.q_home = getenv("HOME"); 1150 if (e->e_from.q_home != NULL) 1151 { 1152 if (*e->e_from.q_home == '\0') 1153 e->e_from.q_home = NULL; 1154 else if (strcmp(e->e_from.q_home, "/") == 0) 1155 e->e_from.q_home++; 1156 } 1157 } 1158 e->e_from.q_uid = RealUid; 1159 e->e_from.q_gid = RealGid; 1160 e->e_from.q_flags |= QGOODUID; 1161 } 1162 1163 /* 1164 ** Rewrite the from person to dispose of possible implicit 1165 ** links in the net. 1166 */ 1167 1168 pvp = prescan(from, delimchar, pvpbuf, sizeof(pvpbuf), NULL, 1169 IntTokenTab, false); 1170 if (pvp == NULL) 1171 { 1172 /* don't need to give error -- prescan did that already */ 1173 if (LogLevel > 2) 1174 sm_syslog(LOG_NOTICE, e->e_id, 1175 "cannot prescan from (%s)", 1176 shortenstring(from, MAXSHORTSTR)); 1177 finis(true, true, ExitStat); 1178 } 1179 (void) REWRITE(pvp, 3, e); 1180 (void) REWRITE(pvp, 1, e); 1181 (void) REWRITE(pvp, 4, e); 1182 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1183 bp = buf + 1; 1184 cataddr(pvp, NULL, bp, sizeof(buf) - 2, '\0', false); 1185 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags)) 1186 { 1187 /* heuristic: route-addr: add angle brackets */ 1188 (void) sm_strlcat(bp, ">", sizeof(buf) - 1); 1189 *--bp = '<'; 1190 } 1191 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp); 1192 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender); 1193 1194 /* save the domain spec if this mailer wants it */ 1195 if (e->e_from.q_mailer != NULL && 1196 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags)) 1197 { 1198 char **lastat; 1199 1200 /* get rid of any pesky angle brackets */ 1201 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 1202 (void) REWRITE(pvp, 3, e); 1203 (void) REWRITE(pvp, 1, e); 1204 (void) REWRITE(pvp, 4, e); 1205 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1206 1207 /* strip off to the last "@" sign */ 1208 for (lastat = NULL; *pvp != NULL; pvp++) 1209 { 1210 if (strcmp(*pvp, "@") == 0) 1211 lastat = pvp; 1212 } 1213 if (lastat != NULL) 1214 { 1215 e->e_fromdomain = copyplist(lastat, true, e->e_rpool); 1216 if (tTd(45, 3)) 1217 { 1218 sm_dprintf("Saving from domain: "); 1219 printav(sm_debug_file(), e->e_fromdomain); 1220 } 1221 } 1222 } 1223 } 1224 /* 1225 ** PRINTENVFLAGS -- print envelope flags for debugging 1226 ** 1227 ** Parameters: 1228 ** e -- the envelope with the flags to be printed. 1229 ** 1230 ** Returns: 1231 ** none. 1232 */ 1233 1234 struct eflags 1235 { 1236 char *ef_name; 1237 unsigned long ef_bit; 1238 }; 1239 1240 static struct eflags EnvelopeFlags[] = 1241 { 1242 { "OLDSTYLE", EF_OLDSTYLE }, 1243 { "INQUEUE", EF_INQUEUE }, 1244 { "NO_BODY_RETN", EF_NO_BODY_RETN }, 1245 { "CLRQUEUE", EF_CLRQUEUE }, 1246 { "SENDRECEIPT", EF_SENDRECEIPT }, 1247 { "FATALERRS", EF_FATALERRS }, 1248 { "DELETE_BCC", EF_DELETE_BCC }, 1249 { "RESPONSE", EF_RESPONSE }, 1250 { "RESENT", EF_RESENT }, 1251 { "VRFYONLY", EF_VRFYONLY }, 1252 { "WARNING", EF_WARNING }, 1253 { "QUEUERUN", EF_QUEUERUN }, 1254 { "GLOBALERRS", EF_GLOBALERRS }, 1255 { "PM_NOTIFY", EF_PM_NOTIFY }, 1256 { "METOO", EF_METOO }, 1257 { "LOGSENDER", EF_LOGSENDER }, 1258 { "NORECEIPT", EF_NORECEIPT }, 1259 { "HAS8BIT", EF_HAS8BIT }, 1260 { "NL_NOT_EOL", EF_NL_NOT_EOL }, 1261 { "CRLF_NOT_EOL", EF_CRLF_NOT_EOL }, 1262 { "RET_PARAM", EF_RET_PARAM }, 1263 { "HAS_DF", EF_HAS_DF }, 1264 { "IS_MIME", EF_IS_MIME }, 1265 { "DONT_MIME", EF_DONT_MIME }, 1266 { "DISCARD", EF_DISCARD }, 1267 { "TOOBIG", EF_TOOBIG }, 1268 { "SPLIT", EF_SPLIT }, 1269 { "UNSAFE", EF_UNSAFE }, 1270 { NULL, 0 } 1271 }; 1272 1273 void 1274 printenvflags(e) 1275 register ENVELOPE *e; 1276 { 1277 register struct eflags *ef; 1278 bool first = true; 1279 1280 sm_dprintf("%lx", e->e_flags); 1281 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++) 1282 { 1283 if (!bitset(ef->ef_bit, e->e_flags)) 1284 continue; 1285 if (first) 1286 sm_dprintf("<%s", ef->ef_name); 1287 else 1288 sm_dprintf(",%s", ef->ef_name); 1289 first = false; 1290 } 1291 if (!first) 1292 sm_dprintf(">\n"); 1293 } 1294