1 /* 2 * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 */ 13 14 #include <sendmail.h> 15 16 SM_RCSID("@(#)$Id: envelope.c,v 8.293 2004/02/18 00:46:18 gshapiro Exp $") 17 18 /* 19 ** CLRSESSENVELOPE -- clear session oriented data in an envelope 20 ** 21 ** Parameters: 22 ** e -- the envelope to clear. 23 ** 24 ** Returns: 25 ** none. 26 */ 27 28 void 29 clrsessenvelope(e) 30 ENVELOPE *e; 31 { 32 #if SASL 33 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), ""); 34 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), ""); 35 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), ""); 36 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), ""); 37 #endif /* SASL */ 38 #if STARTTLS 39 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), ""); 40 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), ""); 41 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), ""); 42 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), ""); 43 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), ""); 44 macdefine(&e->e_macro, A_PERM, macid("{verify}"), ""); 45 # if _FFR_TLS_1 46 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), ""); 47 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), ""); 48 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), ""); 49 # endif /* _FFR_TLS_1 */ 50 #endif /* STARTTLS */ 51 } 52 53 /* 54 ** NEWENVELOPE -- fill in a new envelope 55 ** 56 ** Supports inheritance. 57 ** 58 ** Parameters: 59 ** e -- the new envelope to fill in. 60 ** parent -- the envelope to be the parent of e. 61 ** rpool -- either NULL, or a pointer to a resource pool 62 ** from which envelope memory is allocated, and 63 ** to which envelope resources are attached. 64 ** 65 ** Returns: 66 ** e. 67 ** 68 ** Side Effects: 69 ** none. 70 */ 71 72 ENVELOPE * 73 newenvelope(e, parent, rpool) 74 register ENVELOPE *e; 75 register ENVELOPE *parent; 76 SM_RPOOL_T *rpool; 77 { 78 /* 79 ** This code used to read: 80 ** if (e == parent && e->e_parent != NULL) 81 ** parent = e->e_parent; 82 ** So if e == parent && e->e_parent == NULL then we would 83 ** set e->e_parent = e, which creates a loop in the e_parent chain. 84 ** This meant macvalue() could go into an infinite loop. 85 */ 86 87 if (e == parent) 88 parent = e->e_parent; 89 clearenvelope(e, true, rpool); 90 if (e == CurEnv) 91 memmove((char *) &e->e_from, 92 (char *) &NullAddress, 93 sizeof e->e_from); 94 else 95 memmove((char *) &e->e_from, 96 (char *) &CurEnv->e_from, 97 sizeof e->e_from); 98 e->e_parent = parent; 99 assign_queueid(e); 100 e->e_ctime = curtime(); 101 if (parent != NULL) 102 { 103 e->e_msgpriority = parent->e_msgsize; 104 if (parent->e_quarmsg == NULL) 105 { 106 e->e_quarmsg = NULL; 107 macdefine(&e->e_macro, A_PERM, 108 macid("{quarantine}"), ""); 109 } 110 else 111 { 112 e->e_quarmsg = sm_rpool_strdup_x(rpool, 113 parent->e_quarmsg); 114 macdefine(&e->e_macro, A_PERM, 115 macid("{quarantine}"), e->e_quarmsg); 116 } 117 } 118 e->e_puthdr = putheader; 119 e->e_putbody = putbody; 120 if (CurEnv->e_xfp != NULL) 121 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT); 122 123 return e; 124 } 125 126 /* values for msg_timeout, see also IS_* below for usage (bit layout) */ 127 #define MSG_T_O 0x01 /* normal timeout */ 128 #define MSG_T_O_NOW 0x02 /* NOW timeout */ 129 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */ 130 #define MSG_WARN 0x10 /* normal queue warning */ 131 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */ 132 133 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */ 134 135 /* immediate return */ 136 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0) 137 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */ 138 139 /* 140 ** DROPENVELOPE -- deallocate an envelope. 141 ** 142 ** Parameters: 143 ** e -- the envelope to deallocate. 144 ** fulldrop -- if set, do return receipts. 145 ** split -- if true, split by recipient if message is queued up 146 ** 147 ** Returns: 148 ** none. 149 ** 150 ** Side Effects: 151 ** housekeeping necessary to dispose of an envelope. 152 ** Unlocks this queue file. 153 */ 154 155 void 156 dropenvelope(e, fulldrop, split) 157 register ENVELOPE *e; 158 bool fulldrop; 159 bool split; 160 { 161 bool panic = false; 162 bool queueit = false; 163 int msg_timeout = 0; 164 bool failure_return = false; 165 bool delay_return = false; 166 bool success_return = false; 167 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags); 168 bool done = false; 169 register ADDRESS *q; 170 char *id = e->e_id; 171 time_t now; 172 char buf[MAXLINE]; 173 174 if (tTd(50, 1)) 175 { 176 sm_dprintf("dropenvelope %p: id=", e); 177 xputs(sm_debug_file(), e->e_id); 178 sm_dprintf(", flags="); 179 printenvflags(e); 180 if (tTd(50, 10)) 181 { 182 sm_dprintf("sendq="); 183 printaddr(sm_debug_file(), e->e_sendqueue, true); 184 } 185 } 186 187 if (LogLevel > 84) 188 sm_syslog(LOG_DEBUG, id, 189 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d", 190 e->e_flags, OpMode, (int) CurrentPid); 191 192 /* we must have an id to remove disk files */ 193 if (id == NULL) 194 return; 195 196 /* if verify-only mode, we can skip most of this */ 197 if (OpMode == MD_VERIFY) 198 goto simpledrop; 199 200 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags)) 201 logsender(e, NULL); 202 e->e_flags &= ~EF_LOGSENDER; 203 204 /* post statistics */ 205 poststats(StatFile); 206 207 /* 208 ** Extract state information from dregs of send list. 209 */ 210 211 now = curtime(); 212 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass]) 213 msg_timeout = MSG_T_O; 214 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 && 215 now >= e->e_ctime + e->e_deliver_by && 216 !bitset(EF_RESPONSE, e->e_flags)) 217 { 218 msg_timeout = MSG_NOT_BY; 219 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 220 } 221 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW && 222 !bitset(EF_RESPONSE, e->e_flags)) 223 { 224 msg_timeout = MSG_T_O_NOW; 225 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 226 } 227 228 e->e_flags &= ~EF_QUEUERUN; 229 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 230 { 231 if (QS_IS_UNDELIVERED(q->q_state)) 232 queueit = true; 233 234 /* see if a notification is needed */ 235 if (bitset(QPINGONFAILURE, q->q_flags) && 236 ((IS_MSG_ERR(msg_timeout) && 237 QS_IS_UNDELIVERED(q->q_state)) || 238 QS_IS_BADADDR(q->q_state) || 239 IS_IMM_RET(msg_timeout))) 240 { 241 failure_return = true; 242 if (!done && q->q_owner == NULL && 243 !emptyaddr(&e->e_from)) 244 { 245 (void) sendtolist(e->e_from.q_paddr, NULLADDR, 246 &e->e_errorqueue, 0, e); 247 done = true; 248 } 249 } 250 else if ((bitset(QPINGONSUCCESS, q->q_flags) && 251 ((QS_IS_SENT(q->q_state) && 252 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) || 253 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) || 254 bitset(QBYTRACE, q->q_flags) || 255 bitset(QBYNRELAY, q->q_flags)) 256 { 257 success_return = true; 258 } 259 } 260 261 if (e->e_class < 0) 262 e->e_flags |= EF_NO_BODY_RETN; 263 264 /* 265 ** See if the message timed out. 266 */ 267 268 if (!queueit) 269 /* EMPTY */ 270 /* nothing to do */ ; 271 else if (IS_MSG_ERR(msg_timeout)) 272 { 273 if (failure_return) 274 { 275 if (msg_timeout == MSG_NOT_BY) 276 { 277 (void) sm_snprintf(buf, sizeof buf, 278 "delivery time expired %lds", 279 e->e_deliver_by); 280 } 281 else 282 { 283 (void) sm_snprintf(buf, sizeof buf, 284 "Cannot send message for %s", 285 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 286 false)); 287 } 288 289 /* don't free, allocated from e_rpool */ 290 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf); 291 message(buf); 292 e->e_flags |= EF_CLRQUEUE; 293 } 294 if (msg_timeout == MSG_NOT_BY) 295 { 296 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 297 "Delivery time (%lds) expired\n", 298 e->e_deliver_by); 299 } 300 else 301 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 302 "Message could not be delivered for %s\n", 303 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 304 false)); 305 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 306 "Message will be deleted from queue\n"); 307 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 308 { 309 if (QS_IS_UNDELIVERED(q->q_state)) 310 { 311 q->q_state = QS_BADADDR; 312 if (msg_timeout == MSG_NOT_BY) 313 q->q_status = "5.4.7"; 314 else 315 q->q_status = "4.4.7"; 316 } 317 } 318 } 319 else 320 { 321 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 && 322 now >= e->e_ctime + 323 TimeOuts.to_q_warning[e->e_timeoutclass]) 324 msg_timeout = MSG_WARN; 325 else if (IS_DLVR_NOTIFY(e) && 326 e->e_deliver_by > 0 && 327 now >= e->e_ctime + e->e_deliver_by) 328 msg_timeout = MSG_WARN_BY; 329 330 if (IS_MSG_WARN(msg_timeout)) 331 { 332 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) && 333 e->e_class >= 0 && 334 e->e_from.q_paddr != NULL && 335 strcmp(e->e_from.q_paddr, "<>") != 0 && 336 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 && 337 (strlen(e->e_from.q_paddr) <= 8 || 338 sm_strcasecmp(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8], 339 "-request") != 0)) 340 { 341 for (q = e->e_sendqueue; q != NULL; 342 q = q->q_next) 343 { 344 if (QS_IS_UNDELIVERED(q->q_state) 345 #if _FFR_NODELAYDSN_ON_HOLD 346 && !bitnset(M_HOLD, 347 q->q_mailer->m_flags) 348 #endif /* _FFR_NODELAYDSN_ON_HOLD */ 349 ) 350 { 351 if (msg_timeout == 352 MSG_WARN_BY && 353 (bitset(QPINGONDELAY, 354 q->q_flags) || 355 !bitset(QHASNOTIFY, 356 q->q_flags)) 357 ) 358 { 359 q->q_flags |= QBYNDELAY; 360 delay_return = true; 361 } 362 if (bitset(QPINGONDELAY, 363 q->q_flags)) 364 { 365 q->q_flags |= QDELAYED; 366 delay_return = true; 367 } 368 } 369 } 370 } 371 if (delay_return) 372 { 373 if (msg_timeout == MSG_WARN_BY) 374 { 375 (void) sm_snprintf(buf, sizeof buf, 376 "Warning: Delivery time (%lds) exceeded", 377 e->e_deliver_by); 378 } 379 else 380 (void) sm_snprintf(buf, sizeof buf, 381 "Warning: could not send message for past %s", 382 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 383 false)); 384 385 /* don't free, allocated from e_rpool */ 386 e->e_message = sm_rpool_strdup_x(e->e_rpool, 387 buf); 388 message(buf); 389 e->e_flags |= EF_WARNING; 390 } 391 if (msg_timeout == MSG_WARN_BY) 392 { 393 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 394 "Warning: Delivery time (%lds) exceeded\n", 395 e->e_deliver_by); 396 } 397 else 398 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 399 "Warning: message still undelivered after %s\n", 400 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 401 false)); 402 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 403 "Will keep trying until message is %s old\n", 404 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 405 false)); 406 } 407 } 408 409 if (tTd(50, 2)) 410 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n", 411 failure_return, delay_return, success_return, queueit); 412 413 /* 414 ** If we had some fatal error, but no addresses are marked as 415 ** bad, mark them _all_ as bad. 416 */ 417 418 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return) 419 { 420 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 421 { 422 if ((QS_IS_OK(q->q_state) || 423 QS_IS_VERIFIED(q->q_state)) && 424 bitset(QPINGONFAILURE, q->q_flags)) 425 { 426 failure_return = true; 427 q->q_state = QS_BADADDR; 428 } 429 } 430 } 431 432 /* 433 ** Send back return receipts as requested. 434 */ 435 436 if (success_return && !failure_return && !delay_return && fulldrop && 437 !bitset(PRIV_NORECEIPTS, PrivacyFlags) && 438 strcmp(e->e_from.q_paddr, "<>") != 0) 439 { 440 auto ADDRESS *rlist = NULL; 441 442 if (tTd(50, 8)) 443 sm_dprintf("dropenvelope(%s): sending return receipt\n", 444 id); 445 e->e_flags |= EF_SENDRECEIPT; 446 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e); 447 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e); 448 } 449 e->e_flags &= ~EF_SENDRECEIPT; 450 451 /* 452 ** Arrange to send error messages if there are fatal errors. 453 */ 454 455 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET) 456 { 457 if (tTd(50, 8)) 458 sm_dprintf("dropenvelope(%s): saving mail\n", id); 459 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags)); 460 } 461 462 /* 463 ** Arrange to send warning messages to postmaster as requested. 464 */ 465 466 if ((failure_return || pmnotify) && 467 PostMasterCopy != NULL && 468 !bitset(EF_RESPONSE, e->e_flags) && 469 e->e_class >= 0) 470 { 471 auto ADDRESS *rlist = NULL; 472 char pcopy[MAXNAME]; 473 474 if (failure_return) 475 { 476 expand(PostMasterCopy, pcopy, sizeof pcopy, e); 477 478 if (tTd(50, 8)) 479 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n", 480 id, pcopy); 481 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e); 482 } 483 if (pmnotify) 484 (void) sendtolist("postmaster", NULLADDR, 485 &rlist, 0, e); 486 (void) returntosender(e->e_message, rlist, 487 RTSF_PM_BOUNCE|RTSF_NO_BODY, e); 488 } 489 490 /* 491 ** Instantiate or deinstantiate the queue. 492 */ 493 494 simpledrop: 495 if (tTd(50, 8)) 496 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n", 497 id, queueit); 498 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags)) 499 { 500 if (tTd(50, 1)) 501 { 502 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=", 503 e->e_id, queueit); 504 printenvflags(e); 505 } 506 if (!panic) 507 (void) xunlink(queuename(e, DATAFL_LETTER)); 508 if (panic && QueueMode == QM_LOST) 509 { 510 /* 511 ** leave the Qf file behind as 512 ** the delivery attempt failed. 513 */ 514 515 /* EMPTY */ 516 } 517 else 518 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0) 519 { 520 /* add to available space in filesystem */ 521 updfs(e, true, !panic); 522 } 523 524 if (e->e_ntries > 0 && LogLevel > 9) 525 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d", 526 pintvl(curtime() - e->e_ctime, true), 527 e->e_ntries); 528 } 529 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 530 { 531 if (!split) 532 queueup(e, false, true); 533 else 534 { 535 ENVELOPE *oldsib; 536 ENVELOPE *ee; 537 538 /* 539 ** Save old sibling and set it to NULL to avoid 540 ** queueing up the same envelopes again. 541 ** This requires that envelopes in that list have 542 ** been take care of before (or at some other place). 543 */ 544 545 oldsib = e->e_sibling; 546 e->e_sibling = NULL; 547 if (!split_by_recipient(e) && 548 bitset(EF_FATALERRS, e->e_flags)) 549 { 550 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%d", 551 e->e_id, queuename(e, DATAFL_LETTER), 552 (int) geteuid()); 553 } 554 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 555 queueup(ee, false, true); 556 queueup(e, false, true); 557 558 /* clean up */ 559 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 560 { 561 /* now unlock the job */ 562 if (tTd(50, 8)) 563 sm_dprintf("dropenvelope(%s): unlocking job\n", 564 ee->e_id); 565 closexscript(ee); 566 unlockqueue(ee); 567 568 /* this envelope is marked unused */ 569 if (ee->e_dfp != NULL) 570 { 571 (void) sm_io_close(ee->e_dfp, 572 SM_TIME_DEFAULT); 573 ee->e_dfp = NULL; 574 } 575 ee->e_id = NULL; 576 ee->e_flags &= ~EF_HAS_DF; 577 } 578 e->e_sibling = oldsib; 579 } 580 } 581 582 /* now unlock the job */ 583 if (tTd(50, 8)) 584 sm_dprintf("dropenvelope(%s): unlocking job\n", id); 585 closexscript(e); 586 unlockqueue(e); 587 588 /* make sure that this envelope is marked unused */ 589 if (e->e_dfp != NULL) 590 { 591 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 592 e->e_dfp = NULL; 593 } 594 e->e_id = NULL; 595 e->e_flags &= ~EF_HAS_DF; 596 } 597 /* 598 ** CLEARENVELOPE -- clear an envelope without unlocking 599 ** 600 ** This is normally used by a child process to get a clean 601 ** envelope without disturbing the parent. 602 ** 603 ** Parameters: 604 ** e -- the envelope to clear. 605 ** fullclear - if set, the current envelope is total 606 ** garbage and should be ignored; otherwise, 607 ** release any resources it may indicate. 608 ** rpool -- either NULL, or a pointer to a resource pool 609 ** from which envelope memory is allocated, and 610 ** to which envelope resources are attached. 611 ** 612 ** Returns: 613 ** none. 614 ** 615 ** Side Effects: 616 ** Closes files associated with the envelope. 617 ** Marks the envelope as unallocated. 618 */ 619 620 void 621 clearenvelope(e, fullclear, rpool) 622 register ENVELOPE *e; 623 bool fullclear; 624 SM_RPOOL_T *rpool; 625 { 626 register HDR *bh; 627 register HDR **nhp; 628 extern ENVELOPE BlankEnvelope; 629 char **p; 630 631 if (!fullclear) 632 { 633 /* clear out any file information */ 634 if (e->e_xfp != NULL) 635 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 636 if (e->e_dfp != NULL) 637 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 638 e->e_xfp = e->e_dfp = NULL; 639 } 640 641 /* 642 ** Copy BlankEnvelope into *e. 643 ** It is not safe to simply copy pointers to strings; 644 ** the strings themselves must be copied (or set to NULL). 645 ** The problem is that when we assign a new string value to 646 ** a member of BlankEnvelope, we free the old string. 647 ** We did not need to do this copying in sendmail 8.11 :-( 648 ** and it is a potential performance hit. Reference counted 649 ** strings are one way out. 650 */ 651 652 *e = BlankEnvelope; 653 e->e_message = NULL; 654 e->e_qfletter = '\0'; 655 e->e_quarmsg = NULL; 656 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), ""); 657 658 /* 659 ** Copy the macro table. 660 ** We might be able to avoid this by zeroing the macro table 661 ** and always searching BlankEnvelope.e_macro after e->e_macro 662 ** in macvalue(). 663 */ 664 665 for (p = &e->e_macro.mac_table[0]; 666 p <= &e->e_macro.mac_table[MAXMACROID]; 667 ++p) 668 { 669 if (*p != NULL) 670 *p = sm_rpool_strdup_x(rpool, *p); 671 } 672 673 /* 674 ** XXX There are many strings in the envelope structure 675 ** XXX that we are not attempting to copy here. 676 ** XXX Investigate this further. 677 */ 678 679 e->e_rpool = rpool; 680 e->e_macro.mac_rpool = rpool; 681 if (Verbose) 682 set_delivery_mode(SM_DELIVER, e); 683 bh = BlankEnvelope.e_header; 684 nhp = &e->e_header; 685 while (bh != NULL) 686 { 687 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof *bh); 688 memmove((char *) *nhp, (char *) bh, sizeof *bh); 689 bh = bh->h_link; 690 nhp = &(*nhp)->h_link; 691 } 692 } 693 /* 694 ** INITSYS -- initialize instantiation of system 695 ** 696 ** In Daemon mode, this is done in the child. 697 ** 698 ** Parameters: 699 ** e -- the envelope to use. 700 ** 701 ** Returns: 702 ** none. 703 ** 704 ** Side Effects: 705 ** Initializes the system macros, some global variables, 706 ** etc. In particular, the current time in various 707 ** forms is set. 708 */ 709 710 void 711 initsys(e) 712 register ENVELOPE *e; 713 { 714 char buf[10]; 715 #ifdef TTYNAME 716 static char ybuf[60]; /* holds tty id */ 717 register char *p; 718 extern char *ttyname(); 719 #endif /* TTYNAME */ 720 721 /* 722 ** Give this envelope a reality. 723 ** I.e., an id, a transcript, and a creation time. 724 ** We don't select the queue until all of the recipients are known. 725 */ 726 727 openxscript(e); 728 e->e_ctime = curtime(); 729 e->e_qfletter = '\0'; 730 731 /* 732 ** Set OutChannel to something useful if stdout isn't it. 733 ** This arranges that any extra stuff the mailer produces 734 ** gets sent back to the user on error (because it is 735 ** tucked away in the transcript). 736 */ 737 738 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) && 739 e->e_xfp != NULL) 740 OutChannel = e->e_xfp; 741 742 /* 743 ** Set up some basic system macros. 744 */ 745 746 /* process id */ 747 (void) sm_snprintf(buf, sizeof buf, "%d", (int) CurrentPid); 748 macdefine(&e->e_macro, A_TEMP, 'p', buf); 749 750 /* hop count */ 751 (void) sm_snprintf(buf, sizeof buf, "%d", e->e_hopcount); 752 macdefine(&e->e_macro, A_TEMP, 'c', buf); 753 754 /* time as integer, unix time, arpa time */ 755 settime(e); 756 757 /* Load average */ 758 sm_getla(); 759 760 #ifdef TTYNAME 761 /* tty name */ 762 if (macvalue('y', e) == NULL) 763 { 764 p = ttyname(2); 765 if (p != NULL) 766 { 767 if (strrchr(p, '/') != NULL) 768 p = strrchr(p, '/') + 1; 769 (void) sm_strlcpy(ybuf, sizeof ybuf, p); 770 macdefine(&e->e_macro, A_PERM, 'y', ybuf); 771 } 772 } 773 #endif /* TTYNAME */ 774 } 775 /* 776 ** SETTIME -- set the current time. 777 ** 778 ** Parameters: 779 ** e -- the envelope in which the macros should be set. 780 ** 781 ** Returns: 782 ** none. 783 ** 784 ** Side Effects: 785 ** Sets the various time macros -- $a, $b, $d, $t. 786 */ 787 788 void 789 settime(e) 790 register ENVELOPE *e; 791 { 792 register char *p; 793 auto time_t now; 794 char buf[30]; 795 register struct tm *tm; 796 797 now = curtime(); 798 (void) sm_snprintf(buf, sizeof buf, "%ld", (long) now); 799 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf); 800 tm = gmtime(&now); 801 (void) sm_snprintf(buf, sizeof buf, "%04d%02d%02d%02d%02d", 802 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 803 tm->tm_hour, tm->tm_min); 804 macdefine(&e->e_macro, A_TEMP, 't', buf); 805 (void) sm_strlcpy(buf, ctime(&now), sizeof buf); 806 p = strchr(buf, '\n'); 807 if (p != NULL) 808 *p = '\0'; 809 macdefine(&e->e_macro, A_TEMP, 'd', buf); 810 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf)); 811 if (macvalue('a', e) == NULL) 812 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e)); 813 } 814 /* 815 ** OPENXSCRIPT -- Open transcript file 816 ** 817 ** Creates a transcript file for possible eventual mailing or 818 ** sending back. 819 ** 820 ** Parameters: 821 ** e -- the envelope to create the transcript in/for. 822 ** 823 ** Returns: 824 ** none 825 ** 826 ** Side Effects: 827 ** Creates the transcript file. 828 */ 829 830 #ifndef O_APPEND 831 # define O_APPEND 0 832 #endif /* ! O_APPEND */ 833 834 void 835 openxscript(e) 836 register ENVELOPE *e; 837 { 838 register char *p; 839 840 if (e->e_xfp != NULL) 841 return; 842 843 #if 0 844 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags)) 845 syserr("openxscript: job not locked"); 846 #endif /* 0 */ 847 848 p = queuename(e, XSCRPT_LETTER); 849 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize, 850 SFF_NOTEXCL|SFF_OPENASROOT); 851 852 if (e->e_xfp == NULL) 853 { 854 syserr("Can't create transcript file %s", p); 855 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, 856 SM_PATH_DEVNULL, SM_IO_RDWR, NULL); 857 if (e->e_xfp == NULL) 858 syserr("!Can't open %s", SM_PATH_DEVNULL); 859 } 860 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0); 861 if (tTd(46, 9)) 862 { 863 sm_dprintf("openxscript(%s):\n ", p); 864 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true, 865 false); 866 } 867 } 868 /* 869 ** CLOSEXSCRIPT -- close the transcript file. 870 ** 871 ** Parameters: 872 ** e -- the envelope containing the transcript to close. 873 ** 874 ** Returns: 875 ** none. 876 ** 877 ** Side Effects: 878 ** none. 879 */ 880 881 void 882 closexscript(e) 883 register ENVELOPE *e; 884 { 885 if (e->e_xfp == NULL) 886 return; 887 #if 0 888 if (e->e_lockfp == NULL) 889 syserr("closexscript: job not locked"); 890 #endif /* 0 */ 891 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 892 e->e_xfp = NULL; 893 } 894 /* 895 ** SETSENDER -- set the person who this message is from 896 ** 897 ** Under certain circumstances allow the user to say who 898 ** s/he is (using -f or -r). These are: 899 ** 1. The user's uid is zero (root). 900 ** 2. The user's login name is in an approved list (typically 901 ** from a network server). 902 ** 3. The address the user is trying to claim has a 903 ** "!" character in it (since #2 doesn't do it for 904 ** us if we are dialing out for UUCP). 905 ** A better check to replace #3 would be if the 906 ** effective uid is "UUCP" -- this would require me 907 ** to rewrite getpwent to "grab" uucp as it went by, 908 ** make getname more nasty, do another passwd file 909 ** scan, or compile the UID of "UUCP" into the code, 910 ** all of which are reprehensible. 911 ** 912 ** Assuming all of these fail, we figure out something 913 ** ourselves. 914 ** 915 ** Parameters: 916 ** from -- the person we would like to believe this message 917 ** is from, as specified on the command line. 918 ** e -- the envelope in which we would like the sender set. 919 ** delimptr -- if non-NULL, set to the location of the 920 ** trailing delimiter. 921 ** delimchar -- the character that will delimit the sender 922 ** address. 923 ** internal -- set if this address is coming from an internal 924 ** source such as an owner alias. 925 ** 926 ** Returns: 927 ** none. 928 ** 929 ** Side Effects: 930 ** sets sendmail's notion of who the from person is. 931 */ 932 933 void 934 setsender(from, e, delimptr, delimchar, internal) 935 char *from; 936 register ENVELOPE *e; 937 char **delimptr; 938 int delimchar; 939 bool internal; 940 { 941 register char **pvp; 942 char *realname = NULL; 943 char *bp; 944 char buf[MAXNAME + 2]; 945 char pvpbuf[PSBUFSIZE]; 946 extern char *FullName; 947 948 if (tTd(45, 1)) 949 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from); 950 951 /* may be set from earlier calls */ 952 macdefine(&e->e_macro, A_PERM, 'x', ""); 953 954 /* 955 ** Figure out the real user executing us. 956 ** Username can return errno != 0 on non-errors. 957 */ 958 959 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP || 960 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON) 961 realname = from; 962 if (realname == NULL || realname[0] == '\0') 963 realname = username(); 964 965 if (ConfigLevel < 2) 966 SuprErrs = true; 967 968 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 969 970 /* preset state for then clause in case from == NULL */ 971 e->e_from.q_state = QS_BADADDR; 972 e->e_from.q_flags = 0; 973 if (from == NULL || 974 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR, 975 delimchar, delimptr, e, false) == NULL || 976 QS_IS_BADADDR(e->e_from.q_state) || 977 e->e_from.q_mailer == ProgMailer || 978 e->e_from.q_mailer == FileMailer || 979 e->e_from.q_mailer == InclMailer) 980 { 981 /* log garbage addresses for traceback */ 982 if (from != NULL && LogLevel > 2) 983 { 984 char *p; 985 char ebuf[MAXNAME * 2 + 2]; 986 987 p = macvalue('_', e); 988 if (p == NULL) 989 { 990 char *host = RealHostName; 991 992 if (host == NULL) 993 host = MyHostName; 994 (void) sm_snprintf(ebuf, sizeof ebuf, 995 "%.*s@%.*s", MAXNAME, 996 realname, MAXNAME, host); 997 p = ebuf; 998 } 999 sm_syslog(LOG_NOTICE, e->e_id, 1000 "setsender: %s: invalid or unparsable, received from %s", 1001 shortenstring(from, 83), p); 1002 } 1003 if (from != NULL) 1004 { 1005 if (!QS_IS_BADADDR(e->e_from.q_state)) 1006 { 1007 /* it was a bogus mailer in the from addr */ 1008 e->e_status = "5.1.7"; 1009 usrerrenh(e->e_status, 1010 "553 Invalid sender address"); 1011 } 1012 SuprErrs = true; 1013 } 1014 if (from == realname || 1015 parseaddr(from = realname, 1016 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ', 1017 NULL, e, false) == NULL) 1018 { 1019 char nbuf[100]; 1020 1021 SuprErrs = true; 1022 expand("\201n", nbuf, sizeof nbuf, e); 1023 from = sm_rpool_strdup_x(e->e_rpool, nbuf); 1024 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ', 1025 NULL, e, false) == NULL && 1026 parseaddr(from = "postmaster", &e->e_from, 1027 RF_COPYALL, ' ', NULL, e, false) == NULL) 1028 syserr("553 5.3.0 setsender: can't even parse postmaster!"); 1029 } 1030 } 1031 else 1032 FromFlag = true; 1033 e->e_from.q_state = QS_SENDER; 1034 if (tTd(45, 5)) 1035 { 1036 sm_dprintf("setsender: QS_SENDER "); 1037 printaddr(sm_debug_file(), &e->e_from, false); 1038 } 1039 SuprErrs = false; 1040 1041 #if USERDB 1042 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags)) 1043 { 1044 register char *p; 1045 1046 p = udbsender(e->e_from.q_user, e->e_rpool); 1047 if (p != NULL) 1048 from = p; 1049 } 1050 #endif /* USERDB */ 1051 1052 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags)) 1053 { 1054 SM_MBDB_T user; 1055 1056 if (!internal) 1057 { 1058 /* if the user already given fullname don't redefine */ 1059 if (FullName == NULL) 1060 FullName = macvalue('x', e); 1061 if (FullName != NULL) 1062 { 1063 if (FullName[0] == '\0') 1064 FullName = NULL; 1065 else 1066 FullName = newstr(FullName); 1067 } 1068 } 1069 1070 if (e->e_from.q_user[0] != '\0' && 1071 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK) 1072 { 1073 /* 1074 ** Process passwd file entry. 1075 */ 1076 1077 /* extract home directory */ 1078 if (*user.mbdb_homedir == '\0') 1079 e->e_from.q_home = NULL; 1080 else if (strcmp(user.mbdb_homedir, "/") == 0) 1081 e->e_from.q_home = ""; 1082 else 1083 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool, 1084 user.mbdb_homedir); 1085 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home); 1086 1087 /* extract user and group id */ 1088 if (user.mbdb_uid != SM_NO_UID) 1089 { 1090 e->e_from.q_uid = user.mbdb_uid; 1091 e->e_from.q_gid = user.mbdb_gid; 1092 e->e_from.q_flags |= QGOODUID; 1093 } 1094 1095 /* extract full name from passwd file */ 1096 if (FullName == NULL && !internal && 1097 user.mbdb_fullname[0] != '\0' && 1098 strcmp(user.mbdb_name, e->e_from.q_user) == 0) 1099 { 1100 FullName = newstr(user.mbdb_fullname); 1101 } 1102 } 1103 else 1104 { 1105 e->e_from.q_home = NULL; 1106 } 1107 if (FullName != NULL && !internal) 1108 macdefine(&e->e_macro, A_TEMP, 'x', FullName); 1109 } 1110 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP) 1111 { 1112 if (e->e_from.q_home == NULL) 1113 { 1114 e->e_from.q_home = getenv("HOME"); 1115 if (e->e_from.q_home != NULL) 1116 { 1117 if (*e->e_from.q_home == '\0') 1118 e->e_from.q_home = NULL; 1119 else if (strcmp(e->e_from.q_home, "/") == 0) 1120 e->e_from.q_home++; 1121 } 1122 } 1123 e->e_from.q_uid = RealUid; 1124 e->e_from.q_gid = RealGid; 1125 e->e_from.q_flags |= QGOODUID; 1126 } 1127 1128 /* 1129 ** Rewrite the from person to dispose of possible implicit 1130 ** links in the net. 1131 */ 1132 1133 pvp = prescan(from, delimchar, pvpbuf, sizeof pvpbuf, NULL, NULL, false); 1134 if (pvp == NULL) 1135 { 1136 /* don't need to give error -- prescan did that already */ 1137 if (LogLevel > 2) 1138 sm_syslog(LOG_NOTICE, e->e_id, 1139 "cannot prescan from (%s)", 1140 shortenstring(from, MAXSHORTSTR)); 1141 finis(true, true, ExitStat); 1142 } 1143 (void) REWRITE(pvp, 3, e); 1144 (void) REWRITE(pvp, 1, e); 1145 (void) REWRITE(pvp, 4, e); 1146 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1147 bp = buf + 1; 1148 cataddr(pvp, NULL, bp, sizeof buf - 2, '\0'); 1149 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags)) 1150 { 1151 /* heuristic: route-addr: add angle brackets */ 1152 (void) sm_strlcat(bp, ">", sizeof buf - 1); 1153 *--bp = '<'; 1154 } 1155 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp); 1156 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender); 1157 1158 /* save the domain spec if this mailer wants it */ 1159 if (e->e_from.q_mailer != NULL && 1160 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags)) 1161 { 1162 char **lastat; 1163 1164 /* get rid of any pesky angle brackets */ 1165 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 1166 (void) REWRITE(pvp, 3, e); 1167 (void) REWRITE(pvp, 1, e); 1168 (void) REWRITE(pvp, 4, e); 1169 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1170 1171 /* strip off to the last "@" sign */ 1172 for (lastat = NULL; *pvp != NULL; pvp++) 1173 { 1174 if (strcmp(*pvp, "@") == 0) 1175 lastat = pvp; 1176 } 1177 if (lastat != NULL) 1178 { 1179 e->e_fromdomain = copyplist(lastat, true, e->e_rpool); 1180 if (tTd(45, 3)) 1181 { 1182 sm_dprintf("Saving from domain: "); 1183 printav(sm_debug_file(), e->e_fromdomain); 1184 } 1185 } 1186 } 1187 } 1188 /* 1189 ** PRINTENVFLAGS -- print envelope flags for debugging 1190 ** 1191 ** Parameters: 1192 ** e -- the envelope with the flags to be printed. 1193 ** 1194 ** Returns: 1195 ** none. 1196 */ 1197 1198 struct eflags 1199 { 1200 char *ef_name; 1201 unsigned long ef_bit; 1202 }; 1203 1204 static struct eflags EnvelopeFlags[] = 1205 { 1206 { "OLDSTYLE", EF_OLDSTYLE }, 1207 { "INQUEUE", EF_INQUEUE }, 1208 { "NO_BODY_RETN", EF_NO_BODY_RETN }, 1209 { "CLRQUEUE", EF_CLRQUEUE }, 1210 { "SENDRECEIPT", EF_SENDRECEIPT }, 1211 { "FATALERRS", EF_FATALERRS }, 1212 { "DELETE_BCC", EF_DELETE_BCC }, 1213 { "RESPONSE", EF_RESPONSE }, 1214 { "RESENT", EF_RESENT }, 1215 { "VRFYONLY", EF_VRFYONLY }, 1216 { "WARNING", EF_WARNING }, 1217 { "QUEUERUN", EF_QUEUERUN }, 1218 { "GLOBALERRS", EF_GLOBALERRS }, 1219 { "PM_NOTIFY", EF_PM_NOTIFY }, 1220 { "METOO", EF_METOO }, 1221 { "LOGSENDER", EF_LOGSENDER }, 1222 { "NORECEIPT", EF_NORECEIPT }, 1223 { "HAS8BIT", EF_HAS8BIT }, 1224 { "NL_NOT_EOL", EF_NL_NOT_EOL }, 1225 { "CRLF_NOT_EOL", EF_CRLF_NOT_EOL }, 1226 { "RET_PARAM", EF_RET_PARAM }, 1227 { "HAS_DF", EF_HAS_DF }, 1228 { "IS_MIME", EF_IS_MIME }, 1229 { "DONT_MIME", EF_DONT_MIME }, 1230 { "DISCARD", EF_DISCARD }, 1231 { "TOOBIG", EF_TOOBIG }, 1232 { "SPLIT", EF_SPLIT }, 1233 { "UNSAFE", EF_UNSAFE }, 1234 { NULL, 0 } 1235 }; 1236 1237 void 1238 printenvflags(e) 1239 register ENVELOPE *e; 1240 { 1241 register struct eflags *ef; 1242 bool first = true; 1243 1244 sm_dprintf("%lx", e->e_flags); 1245 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++) 1246 { 1247 if (!bitset(ef->ef_bit, e->e_flags)) 1248 continue; 1249 if (first) 1250 sm_dprintf("<%s", ef->ef_name); 1251 else 1252 sm_dprintf(",%s", ef->ef_name); 1253 first = false; 1254 } 1255 if (!first) 1256 sm_dprintf(">\n"); 1257 } 1258