1 /* 2 * Copyright (c) 1998-2003, 2006 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 */ 13 14 #include <sendmail.h> 15 16 SM_RCSID("@(#)$Id: envelope.c,v 8.305 2008/03/31 16:32:13 ca Exp $") 17 18 /* 19 ** CLRSESSENVELOPE -- clear session oriented data in an envelope 20 ** 21 ** Parameters: 22 ** e -- the envelope to clear. 23 ** 24 ** Returns: 25 ** none. 26 */ 27 28 void 29 clrsessenvelope(e) 30 ENVELOPE *e; 31 { 32 #if SASL 33 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), ""); 34 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), ""); 35 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), ""); 36 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), ""); 37 #endif /* SASL */ 38 #if STARTTLS 39 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), ""); 40 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), ""); 41 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), ""); 42 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), ""); 43 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), ""); 44 macdefine(&e->e_macro, A_PERM, macid("{verify}"), ""); 45 # if _FFR_TLS_1 46 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), ""); 47 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), ""); 48 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), ""); 49 # endif /* _FFR_TLS_1 */ 50 #endif /* STARTTLS */ 51 } 52 53 /* 54 ** NEWENVELOPE -- fill in a new envelope 55 ** 56 ** Supports inheritance. 57 ** 58 ** Parameters: 59 ** e -- the new envelope to fill in. 60 ** parent -- the envelope to be the parent of e. 61 ** rpool -- either NULL, or a pointer to a resource pool 62 ** from which envelope memory is allocated, and 63 ** to which envelope resources are attached. 64 ** 65 ** Returns: 66 ** e. 67 ** 68 ** Side Effects: 69 ** none. 70 */ 71 72 ENVELOPE * 73 newenvelope(e, parent, rpool) 74 register ENVELOPE *e; 75 register ENVELOPE *parent; 76 SM_RPOOL_T *rpool; 77 { 78 int sendmode; 79 80 /* 81 ** This code used to read: 82 ** if (e == parent && e->e_parent != NULL) 83 ** parent = e->e_parent; 84 ** So if e == parent && e->e_parent == NULL then we would 85 ** set e->e_parent = e, which creates a loop in the e_parent chain. 86 ** This meant macvalue() could go into an infinite loop. 87 */ 88 89 if (parent != NULL) 90 sendmode = parent->e_sendmode; 91 else 92 sendmode = DM_NOTSET; 93 94 if (e == parent) 95 parent = e->e_parent; 96 clearenvelope(e, true, rpool); 97 if (e == CurEnv) 98 memmove((char *) &e->e_from, 99 (char *) &NullAddress, 100 sizeof(e->e_from)); 101 else 102 memmove((char *) &e->e_from, 103 (char *) &CurEnv->e_from, 104 sizeof(e->e_from)); 105 e->e_parent = parent; 106 assign_queueid(e); 107 e->e_ctime = curtime(); 108 #if _FFR_SESSID 109 e->e_sessid = e->e_id; 110 #endif /* _FFR_SESSID */ 111 if (parent != NULL) 112 { 113 e->e_msgpriority = parent->e_msgsize; 114 #if _FFR_SESSID 115 if (parent->e_sessid != NULL) 116 e->e_sessid = sm_rpool_strdup_x(rpool, 117 parent->e_sessid); 118 #endif /* _FFR_SESSID */ 119 120 if (parent->e_quarmsg == NULL) 121 { 122 e->e_quarmsg = NULL; 123 macdefine(&e->e_macro, A_PERM, 124 macid("{quarantine}"), ""); 125 } 126 else 127 { 128 e->e_quarmsg = sm_rpool_strdup_x(rpool, 129 parent->e_quarmsg); 130 macdefine(&e->e_macro, A_PERM, 131 macid("{quarantine}"), e->e_quarmsg); 132 } 133 } 134 e->e_puthdr = putheader; 135 e->e_putbody = putbody; 136 if (CurEnv->e_xfp != NULL) 137 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT); 138 if (sendmode != DM_NOTSET) 139 set_delivery_mode(sendmode, e); 140 141 return e; 142 } 143 144 /* values for msg_timeout, see also IS_* below for usage (bit layout) */ 145 #define MSG_T_O 0x01 /* normal timeout */ 146 #define MSG_T_O_NOW 0x02 /* NOW timeout */ 147 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */ 148 #define MSG_WARN 0x10 /* normal queue warning */ 149 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */ 150 151 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */ 152 153 /* immediate return */ 154 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0) 155 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */ 156 157 /* 158 ** DROPENVELOPE -- deallocate an envelope. 159 ** 160 ** Parameters: 161 ** e -- the envelope to deallocate. 162 ** fulldrop -- if set, do return receipts. 163 ** split -- if true, split by recipient if message is queued up 164 ** 165 ** Returns: 166 ** none. 167 ** 168 ** Side Effects: 169 ** housekeeping necessary to dispose of an envelope. 170 ** Unlocks this queue file. 171 */ 172 173 void 174 dropenvelope(e, fulldrop, split) 175 register ENVELOPE *e; 176 bool fulldrop; 177 bool split; 178 { 179 bool panic = false; 180 bool queueit = false; 181 int msg_timeout = 0; 182 bool failure_return = false; 183 bool delay_return = false; 184 bool success_return = false; 185 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags); 186 bool done = false; 187 register ADDRESS *q; 188 char *id = e->e_id; 189 time_t now; 190 char buf[MAXLINE]; 191 192 if (tTd(50, 1)) 193 { 194 sm_dprintf("dropenvelope %p: id=", e); 195 xputs(sm_debug_file(), e->e_id); 196 sm_dprintf(", flags="); 197 printenvflags(e); 198 if (tTd(50, 10)) 199 { 200 sm_dprintf("sendq="); 201 printaddr(sm_debug_file(), e->e_sendqueue, true); 202 } 203 } 204 205 if (LogLevel > 84) 206 sm_syslog(LOG_DEBUG, id, 207 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d", 208 e->e_flags, OpMode, (int) CurrentPid); 209 210 /* we must have an id to remove disk files */ 211 if (id == NULL) 212 return; 213 214 /* if verify-only mode, we can skip most of this */ 215 if (OpMode == MD_VERIFY) 216 goto simpledrop; 217 218 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags)) 219 logsender(e, NULL); 220 e->e_flags &= ~EF_LOGSENDER; 221 222 /* post statistics */ 223 poststats(StatFile); 224 225 /* 226 ** Extract state information from dregs of send list. 227 */ 228 229 now = curtime(); 230 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass]) 231 msg_timeout = MSG_T_O; 232 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 && 233 now >= e->e_ctime + e->e_deliver_by && 234 !bitset(EF_RESPONSE, e->e_flags)) 235 { 236 msg_timeout = MSG_NOT_BY; 237 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 238 } 239 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW && 240 !bitset(EF_RESPONSE, e->e_flags)) 241 { 242 msg_timeout = MSG_T_O_NOW; 243 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 244 } 245 246 e->e_flags &= ~EF_QUEUERUN; 247 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 248 { 249 if (QS_IS_UNDELIVERED(q->q_state)) 250 queueit = true; 251 252 /* see if a notification is needed */ 253 if (bitset(QPINGONFAILURE, q->q_flags) && 254 ((IS_MSG_ERR(msg_timeout) && 255 QS_IS_UNDELIVERED(q->q_state)) || 256 QS_IS_BADADDR(q->q_state) || 257 IS_IMM_RET(msg_timeout))) 258 { 259 failure_return = true; 260 if (!done && q->q_owner == NULL && 261 !emptyaddr(&e->e_from)) 262 { 263 (void) sendtolist(e->e_from.q_paddr, NULLADDR, 264 &e->e_errorqueue, 0, e); 265 done = true; 266 } 267 } 268 else if ((bitset(QPINGONSUCCESS, q->q_flags) && 269 ((QS_IS_SENT(q->q_state) && 270 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) || 271 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) || 272 bitset(QBYTRACE, q->q_flags) || 273 bitset(QBYNRELAY, q->q_flags)) 274 { 275 success_return = true; 276 } 277 } 278 279 if (e->e_class < 0) 280 e->e_flags |= EF_NO_BODY_RETN; 281 282 /* 283 ** See if the message timed out. 284 */ 285 286 if (!queueit) 287 /* EMPTY */ 288 /* nothing to do */ ; 289 else if (IS_MSG_ERR(msg_timeout)) 290 { 291 if (failure_return) 292 { 293 if (msg_timeout == MSG_NOT_BY) 294 { 295 (void) sm_snprintf(buf, sizeof(buf), 296 "delivery time expired %lds", 297 e->e_deliver_by); 298 } 299 else 300 { 301 (void) sm_snprintf(buf, sizeof(buf), 302 "Cannot send message for %s", 303 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 304 false)); 305 } 306 307 /* don't free, allocated from e_rpool */ 308 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf); 309 message(buf); 310 e->e_flags |= EF_CLRQUEUE; 311 } 312 if (msg_timeout == MSG_NOT_BY) 313 { 314 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 315 "Delivery time (%lds) expired\n", 316 e->e_deliver_by); 317 } 318 else 319 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 320 "Message could not be delivered for %s\n", 321 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 322 false)); 323 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 324 "Message will be deleted from queue\n"); 325 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 326 { 327 if (QS_IS_UNDELIVERED(q->q_state)) 328 { 329 q->q_state = QS_BADADDR; 330 if (msg_timeout == MSG_NOT_BY) 331 q->q_status = "5.4.7"; 332 else 333 q->q_status = "4.4.7"; 334 } 335 } 336 } 337 else 338 { 339 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 && 340 now >= e->e_ctime + 341 TimeOuts.to_q_warning[e->e_timeoutclass]) 342 msg_timeout = MSG_WARN; 343 else if (IS_DLVR_NOTIFY(e) && 344 e->e_deliver_by > 0 && 345 now >= e->e_ctime + e->e_deliver_by) 346 msg_timeout = MSG_WARN_BY; 347 348 if (IS_MSG_WARN(msg_timeout)) 349 { 350 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) && 351 e->e_class >= 0 && 352 e->e_from.q_paddr != NULL && 353 strcmp(e->e_from.q_paddr, "<>") != 0 && 354 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 && 355 (strlen(e->e_from.q_paddr) <= 8 || 356 sm_strcasecmp(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8], 357 "-request") != 0)) 358 { 359 for (q = e->e_sendqueue; q != NULL; 360 q = q->q_next) 361 { 362 if (QS_IS_UNDELIVERED(q->q_state) 363 #if _FFR_NODELAYDSN_ON_HOLD 364 && !bitnset(M_HOLD, 365 q->q_mailer->m_flags) 366 #endif /* _FFR_NODELAYDSN_ON_HOLD */ 367 ) 368 { 369 if (msg_timeout == 370 MSG_WARN_BY && 371 (bitset(QPINGONDELAY, 372 q->q_flags) || 373 !bitset(QHASNOTIFY, 374 q->q_flags)) 375 ) 376 { 377 q->q_flags |= QBYNDELAY; 378 delay_return = true; 379 } 380 if (bitset(QPINGONDELAY, 381 q->q_flags)) 382 { 383 q->q_flags |= QDELAYED; 384 delay_return = true; 385 } 386 } 387 } 388 } 389 if (delay_return) 390 { 391 if (msg_timeout == MSG_WARN_BY) 392 { 393 (void) sm_snprintf(buf, sizeof(buf), 394 "Warning: Delivery time (%lds) exceeded", 395 e->e_deliver_by); 396 } 397 else 398 (void) sm_snprintf(buf, sizeof(buf), 399 "Warning: could not send message for past %s", 400 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 401 false)); 402 403 /* don't free, allocated from e_rpool */ 404 e->e_message = sm_rpool_strdup_x(e->e_rpool, 405 buf); 406 message(buf); 407 e->e_flags |= EF_WARNING; 408 } 409 if (msg_timeout == MSG_WARN_BY) 410 { 411 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 412 "Warning: Delivery time (%lds) exceeded\n", 413 e->e_deliver_by); 414 } 415 else 416 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 417 "Warning: message still undelivered after %s\n", 418 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 419 false)); 420 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 421 "Will keep trying until message is %s old\n", 422 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 423 false)); 424 } 425 } 426 427 if (tTd(50, 2)) 428 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n", 429 failure_return, delay_return, success_return, queueit); 430 431 /* 432 ** If we had some fatal error, but no addresses are marked as 433 ** bad, mark them _all_ as bad. 434 */ 435 436 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return) 437 { 438 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 439 { 440 if ((QS_IS_OK(q->q_state) || 441 QS_IS_VERIFIED(q->q_state)) && 442 bitset(QPINGONFAILURE, q->q_flags)) 443 { 444 failure_return = true; 445 q->q_state = QS_BADADDR; 446 } 447 } 448 } 449 450 /* 451 ** Send back return receipts as requested. 452 */ 453 454 if (success_return && !failure_return && !delay_return && fulldrop && 455 !bitset(PRIV_NORECEIPTS, PrivacyFlags) && 456 strcmp(e->e_from.q_paddr, "<>") != 0) 457 { 458 auto ADDRESS *rlist = NULL; 459 460 if (tTd(50, 8)) 461 sm_dprintf("dropenvelope(%s): sending return receipt\n", 462 id); 463 e->e_flags |= EF_SENDRECEIPT; 464 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e); 465 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e); 466 } 467 e->e_flags &= ~EF_SENDRECEIPT; 468 469 /* 470 ** Arrange to send error messages if there are fatal errors. 471 */ 472 473 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET) 474 { 475 if (tTd(50, 8)) 476 sm_dprintf("dropenvelope(%s): saving mail\n", id); 477 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags)); 478 } 479 480 /* 481 ** Arrange to send warning messages to postmaster as requested. 482 */ 483 484 if ((failure_return || pmnotify) && 485 PostMasterCopy != NULL && 486 !bitset(EF_RESPONSE, e->e_flags) && 487 e->e_class >= 0) 488 { 489 auto ADDRESS *rlist = NULL; 490 char pcopy[MAXNAME]; 491 492 if (failure_return) 493 { 494 expand(PostMasterCopy, pcopy, sizeof(pcopy), e); 495 496 if (tTd(50, 8)) 497 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n", 498 id, pcopy); 499 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e); 500 } 501 if (pmnotify) 502 (void) sendtolist("postmaster", NULLADDR, 503 &rlist, 0, e); 504 (void) returntosender(e->e_message, rlist, 505 RTSF_PM_BOUNCE|RTSF_NO_BODY, e); 506 } 507 508 /* 509 ** Instantiate or deinstantiate the queue. 510 */ 511 512 simpledrop: 513 if (tTd(50, 8)) 514 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n", 515 id, queueit); 516 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags)) 517 { 518 if (tTd(50, 1)) 519 { 520 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=", 521 e->e_id, queueit); 522 printenvflags(e); 523 } 524 if (!panic) 525 { 526 if (e->e_dfp != NULL) 527 { 528 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 529 e->e_dfp = NULL; 530 } 531 (void) xunlink(queuename(e, DATAFL_LETTER)); 532 } 533 if (panic && QueueMode == QM_LOST) 534 { 535 /* 536 ** leave the Qf file behind as 537 ** the delivery attempt failed. 538 */ 539 540 /* EMPTY */ 541 } 542 else 543 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0) 544 { 545 /* add to available space in filesystem */ 546 updfs(e, -1, panic ? 0 : -1, "dropenvelope"); 547 } 548 549 if (e->e_ntries > 0 && LogLevel > 9) 550 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d", 551 pintvl(curtime() - e->e_ctime, true), 552 e->e_ntries); 553 } 554 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 555 { 556 if (!split) 557 queueup(e, false, true); 558 else 559 { 560 ENVELOPE *oldsib; 561 ENVELOPE *ee; 562 563 /* 564 ** Save old sibling and set it to NULL to avoid 565 ** queueing up the same envelopes again. 566 ** This requires that envelopes in that list have 567 ** been take care of before (or at some other place). 568 */ 569 570 oldsib = e->e_sibling; 571 e->e_sibling = NULL; 572 if (!split_by_recipient(e) && 573 bitset(EF_FATALERRS, e->e_flags)) 574 { 575 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%d", 576 e->e_id, queuename(e, DATAFL_LETTER), 577 (int) geteuid()); 578 } 579 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 580 queueup(ee, false, true); 581 queueup(e, false, true); 582 583 /* clean up */ 584 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 585 { 586 /* now unlock the job */ 587 if (tTd(50, 8)) 588 sm_dprintf("dropenvelope(%s): unlocking job\n", 589 ee->e_id); 590 closexscript(ee); 591 unlockqueue(ee); 592 593 /* this envelope is marked unused */ 594 if (ee->e_dfp != NULL) 595 { 596 (void) sm_io_close(ee->e_dfp, 597 SM_TIME_DEFAULT); 598 ee->e_dfp = NULL; 599 } 600 ee->e_id = NULL; 601 ee->e_flags &= ~EF_HAS_DF; 602 } 603 e->e_sibling = oldsib; 604 } 605 } 606 607 /* now unlock the job */ 608 if (tTd(50, 8)) 609 sm_dprintf("dropenvelope(%s): unlocking job\n", id); 610 closexscript(e); 611 unlockqueue(e); 612 613 /* make sure that this envelope is marked unused */ 614 if (e->e_dfp != NULL) 615 { 616 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 617 e->e_dfp = NULL; 618 } 619 e->e_id = NULL; 620 e->e_flags &= ~EF_HAS_DF; 621 } 622 /* 623 ** CLEARENVELOPE -- clear an envelope without unlocking 624 ** 625 ** This is normally used by a child process to get a clean 626 ** envelope without disturbing the parent. 627 ** 628 ** Parameters: 629 ** e -- the envelope to clear. 630 ** fullclear - if set, the current envelope is total 631 ** garbage and should be ignored; otherwise, 632 ** release any resources it may indicate. 633 ** rpool -- either NULL, or a pointer to a resource pool 634 ** from which envelope memory is allocated, and 635 ** to which envelope resources are attached. 636 ** 637 ** Returns: 638 ** none. 639 ** 640 ** Side Effects: 641 ** Closes files associated with the envelope. 642 ** Marks the envelope as unallocated. 643 */ 644 645 void 646 clearenvelope(e, fullclear, rpool) 647 register ENVELOPE *e; 648 bool fullclear; 649 SM_RPOOL_T *rpool; 650 { 651 register HDR *bh; 652 register HDR **nhp; 653 extern ENVELOPE BlankEnvelope; 654 char **p; 655 656 if (!fullclear) 657 { 658 /* clear out any file information */ 659 if (e->e_xfp != NULL) 660 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 661 if (e->e_dfp != NULL) 662 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 663 e->e_xfp = e->e_dfp = NULL; 664 } 665 666 /* 667 ** Copy BlankEnvelope into *e. 668 ** It is not safe to simply copy pointers to strings; 669 ** the strings themselves must be copied (or set to NULL). 670 ** The problem is that when we assign a new string value to 671 ** a member of BlankEnvelope, we free the old string. 672 ** We did not need to do this copying in sendmail 8.11 :-( 673 ** and it is a potential performance hit. Reference counted 674 ** strings are one way out. 675 */ 676 677 *e = BlankEnvelope; 678 e->e_message = NULL; 679 e->e_qfletter = '\0'; 680 e->e_quarmsg = NULL; 681 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), ""); 682 683 /* 684 ** Copy the macro table. 685 ** We might be able to avoid this by zeroing the macro table 686 ** and always searching BlankEnvelope.e_macro after e->e_macro 687 ** in macvalue(). 688 */ 689 690 for (p = &e->e_macro.mac_table[0]; 691 p <= &e->e_macro.mac_table[MAXMACROID]; 692 ++p) 693 { 694 if (*p != NULL) 695 *p = sm_rpool_strdup_x(rpool, *p); 696 } 697 698 /* 699 ** XXX There are many strings in the envelope structure 700 ** XXX that we are not attempting to copy here. 701 ** XXX Investigate this further. 702 */ 703 704 e->e_rpool = rpool; 705 e->e_macro.mac_rpool = rpool; 706 if (Verbose) 707 set_delivery_mode(SM_DELIVER, e); 708 bh = BlankEnvelope.e_header; 709 nhp = &e->e_header; 710 while (bh != NULL) 711 { 712 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof(*bh)); 713 memmove((char *) *nhp, (char *) bh, sizeof(*bh)); 714 bh = bh->h_link; 715 nhp = &(*nhp)->h_link; 716 } 717 } 718 /* 719 ** INITSYS -- initialize instantiation of system 720 ** 721 ** In Daemon mode, this is done in the child. 722 ** 723 ** Parameters: 724 ** e -- the envelope to use. 725 ** 726 ** Returns: 727 ** none. 728 ** 729 ** Side Effects: 730 ** Initializes the system macros, some global variables, 731 ** etc. In particular, the current time in various 732 ** forms is set. 733 */ 734 735 void 736 initsys(e) 737 register ENVELOPE *e; 738 { 739 char buf[10]; 740 #ifdef TTYNAME 741 static char ybuf[60]; /* holds tty id */ 742 register char *p; 743 extern char *ttyname(); 744 #endif /* TTYNAME */ 745 746 /* 747 ** Give this envelope a reality. 748 ** I.e., an id, a transcript, and a creation time. 749 ** We don't select the queue until all of the recipients are known. 750 */ 751 752 openxscript(e); 753 e->e_ctime = curtime(); 754 e->e_qfletter = '\0'; 755 756 /* 757 ** Set OutChannel to something useful if stdout isn't it. 758 ** This arranges that any extra stuff the mailer produces 759 ** gets sent back to the user on error (because it is 760 ** tucked away in the transcript). 761 */ 762 763 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) && 764 e->e_xfp != NULL) 765 OutChannel = e->e_xfp; 766 767 /* 768 ** Set up some basic system macros. 769 */ 770 771 /* process id */ 772 (void) sm_snprintf(buf, sizeof(buf), "%d", (int) CurrentPid); 773 macdefine(&e->e_macro, A_TEMP, 'p', buf); 774 775 /* hop count */ 776 (void) sm_snprintf(buf, sizeof(buf), "%d", e->e_hopcount); 777 macdefine(&e->e_macro, A_TEMP, 'c', buf); 778 779 /* time as integer, unix time, arpa time */ 780 settime(e); 781 782 /* Load average */ 783 sm_getla(); 784 785 #ifdef TTYNAME 786 /* tty name */ 787 if (macvalue('y', e) == NULL) 788 { 789 p = ttyname(2); 790 if (p != NULL) 791 { 792 if (strrchr(p, '/') != NULL) 793 p = strrchr(p, '/') + 1; 794 (void) sm_strlcpy(ybuf, sizeof(ybuf), p); 795 macdefine(&e->e_macro, A_PERM, 'y', ybuf); 796 } 797 } 798 #endif /* TTYNAME */ 799 } 800 /* 801 ** SETTIME -- set the current time. 802 ** 803 ** Parameters: 804 ** e -- the envelope in which the macros should be set. 805 ** 806 ** Returns: 807 ** none. 808 ** 809 ** Side Effects: 810 ** Sets the various time macros -- $a, $b, $d, $t. 811 */ 812 813 void 814 settime(e) 815 register ENVELOPE *e; 816 { 817 register char *p; 818 auto time_t now; 819 char buf[30]; 820 register struct tm *tm; 821 822 now = curtime(); 823 (void) sm_snprintf(buf, sizeof(buf), "%ld", (long) now); 824 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf); 825 tm = gmtime(&now); 826 (void) sm_snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d", 827 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 828 tm->tm_hour, tm->tm_min); 829 macdefine(&e->e_macro, A_TEMP, 't', buf); 830 (void) sm_strlcpy(buf, ctime(&now), sizeof(buf)); 831 p = strchr(buf, '\n'); 832 if (p != NULL) 833 *p = '\0'; 834 macdefine(&e->e_macro, A_TEMP, 'd', buf); 835 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf)); 836 if (macvalue('a', e) == NULL) 837 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e)); 838 } 839 /* 840 ** OPENXSCRIPT -- Open transcript file 841 ** 842 ** Creates a transcript file for possible eventual mailing or 843 ** sending back. 844 ** 845 ** Parameters: 846 ** e -- the envelope to create the transcript in/for. 847 ** 848 ** Returns: 849 ** none 850 ** 851 ** Side Effects: 852 ** Creates the transcript file. 853 */ 854 855 #ifndef O_APPEND 856 # define O_APPEND 0 857 #endif /* ! O_APPEND */ 858 859 void 860 openxscript(e) 861 register ENVELOPE *e; 862 { 863 register char *p; 864 865 if (e->e_xfp != NULL) 866 return; 867 868 #if 0 869 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags)) 870 syserr("openxscript: job not locked"); 871 #endif /* 0 */ 872 873 p = queuename(e, XSCRPT_LETTER); 874 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize, 875 SFF_NOTEXCL|SFF_OPENASROOT); 876 877 if (e->e_xfp == NULL) 878 { 879 syserr("Can't create transcript file %s", p); 880 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, 881 SM_PATH_DEVNULL, SM_IO_RDWR, NULL); 882 if (e->e_xfp == NULL) 883 syserr("!Can't open %s", SM_PATH_DEVNULL); 884 } 885 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0); 886 if (tTd(46, 9)) 887 { 888 sm_dprintf("openxscript(%s):\n ", p); 889 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true, 890 false); 891 } 892 } 893 /* 894 ** CLOSEXSCRIPT -- close the transcript file. 895 ** 896 ** Parameters: 897 ** e -- the envelope containing the transcript to close. 898 ** 899 ** Returns: 900 ** none. 901 ** 902 ** Side Effects: 903 ** none. 904 */ 905 906 void 907 closexscript(e) 908 register ENVELOPE *e; 909 { 910 if (e->e_xfp == NULL) 911 return; 912 #if 0 913 if (e->e_lockfp == NULL) 914 syserr("closexscript: job not locked"); 915 #endif /* 0 */ 916 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 917 e->e_xfp = NULL; 918 } 919 /* 920 ** SETSENDER -- set the person who this message is from 921 ** 922 ** Under certain circumstances allow the user to say who 923 ** s/he is (using -f or -r). These are: 924 ** 1. The user's uid is zero (root). 925 ** 2. The user's login name is in an approved list (typically 926 ** from a network server). 927 ** 3. The address the user is trying to claim has a 928 ** "!" character in it (since #2 doesn't do it for 929 ** us if we are dialing out for UUCP). 930 ** A better check to replace #3 would be if the 931 ** effective uid is "UUCP" -- this would require me 932 ** to rewrite getpwent to "grab" uucp as it went by, 933 ** make getname more nasty, do another passwd file 934 ** scan, or compile the UID of "UUCP" into the code, 935 ** all of which are reprehensible. 936 ** 937 ** Assuming all of these fail, we figure out something 938 ** ourselves. 939 ** 940 ** Parameters: 941 ** from -- the person we would like to believe this message 942 ** is from, as specified on the command line. 943 ** e -- the envelope in which we would like the sender set. 944 ** delimptr -- if non-NULL, set to the location of the 945 ** trailing delimiter. 946 ** delimchar -- the character that will delimit the sender 947 ** address. 948 ** internal -- set if this address is coming from an internal 949 ** source such as an owner alias. 950 ** 951 ** Returns: 952 ** none. 953 ** 954 ** Side Effects: 955 ** sets sendmail's notion of who the from person is. 956 */ 957 958 void 959 setsender(from, e, delimptr, delimchar, internal) 960 char *from; 961 register ENVELOPE *e; 962 char **delimptr; 963 int delimchar; 964 bool internal; 965 { 966 register char **pvp; 967 char *realname = NULL; 968 char *bp; 969 char buf[MAXNAME + 2]; 970 char pvpbuf[PSBUFSIZE]; 971 extern char *FullName; 972 973 if (tTd(45, 1)) 974 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from); 975 976 /* may be set from earlier calls */ 977 macdefine(&e->e_macro, A_PERM, 'x', ""); 978 979 /* 980 ** Figure out the real user executing us. 981 ** Username can return errno != 0 on non-errors. 982 */ 983 984 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP || 985 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON) 986 realname = from; 987 if (realname == NULL || realname[0] == '\0') 988 realname = username(); 989 990 if (ConfigLevel < 2) 991 SuprErrs = true; 992 993 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 994 995 /* preset state for then clause in case from == NULL */ 996 e->e_from.q_state = QS_BADADDR; 997 e->e_from.q_flags = 0; 998 if (from == NULL || 999 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR, 1000 delimchar, delimptr, e, false) == NULL || 1001 QS_IS_BADADDR(e->e_from.q_state) || 1002 e->e_from.q_mailer == ProgMailer || 1003 e->e_from.q_mailer == FileMailer || 1004 e->e_from.q_mailer == InclMailer) 1005 { 1006 /* log garbage addresses for traceback */ 1007 if (from != NULL && LogLevel > 2) 1008 { 1009 char *p; 1010 char ebuf[MAXNAME * 2 + 2]; 1011 1012 p = macvalue('_', e); 1013 if (p == NULL) 1014 { 1015 char *host = RealHostName; 1016 1017 if (host == NULL) 1018 host = MyHostName; 1019 (void) sm_snprintf(ebuf, sizeof(ebuf), 1020 "%.*s@%.*s", MAXNAME, 1021 realname, MAXNAME, host); 1022 p = ebuf; 1023 } 1024 sm_syslog(LOG_NOTICE, e->e_id, 1025 "setsender: %s: invalid or unparsable, received from %s", 1026 shortenstring(from, 83), p); 1027 } 1028 if (from != NULL) 1029 { 1030 if (!QS_IS_BADADDR(e->e_from.q_state)) 1031 { 1032 /* it was a bogus mailer in the from addr */ 1033 e->e_status = "5.1.7"; 1034 usrerrenh(e->e_status, 1035 "553 Invalid sender address"); 1036 } 1037 SuprErrs = true; 1038 } 1039 if (from == realname || 1040 parseaddr(from = realname, 1041 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ', 1042 NULL, e, false) == NULL) 1043 { 1044 char nbuf[100]; 1045 1046 SuprErrs = true; 1047 expand("\201n", nbuf, sizeof(nbuf), e); 1048 from = sm_rpool_strdup_x(e->e_rpool, nbuf); 1049 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ', 1050 NULL, e, false) == NULL && 1051 parseaddr(from = "postmaster", &e->e_from, 1052 RF_COPYALL, ' ', NULL, e, false) == NULL) 1053 syserr("553 5.3.0 setsender: can't even parse postmaster!"); 1054 } 1055 } 1056 else 1057 FromFlag = true; 1058 e->e_from.q_state = QS_SENDER; 1059 if (tTd(45, 5)) 1060 { 1061 sm_dprintf("setsender: QS_SENDER "); 1062 printaddr(sm_debug_file(), &e->e_from, false); 1063 } 1064 SuprErrs = false; 1065 1066 #if USERDB 1067 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags)) 1068 { 1069 register char *p; 1070 1071 p = udbsender(e->e_from.q_user, e->e_rpool); 1072 if (p != NULL) 1073 from = p; 1074 } 1075 #endif /* USERDB */ 1076 1077 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags)) 1078 { 1079 SM_MBDB_T user; 1080 1081 if (!internal) 1082 { 1083 /* if the user already given fullname don't redefine */ 1084 if (FullName == NULL) 1085 FullName = macvalue('x', e); 1086 if (FullName != NULL) 1087 { 1088 if (FullName[0] == '\0') 1089 FullName = NULL; 1090 else 1091 FullName = newstr(FullName); 1092 } 1093 } 1094 1095 if (e->e_from.q_user[0] != '\0' && 1096 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK) 1097 { 1098 /* 1099 ** Process passwd file entry. 1100 */ 1101 1102 /* extract home directory */ 1103 if (*user.mbdb_homedir == '\0') 1104 e->e_from.q_home = NULL; 1105 else if (strcmp(user.mbdb_homedir, "/") == 0) 1106 e->e_from.q_home = ""; 1107 else 1108 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool, 1109 user.mbdb_homedir); 1110 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home); 1111 1112 /* extract user and group id */ 1113 if (user.mbdb_uid != SM_NO_UID) 1114 { 1115 e->e_from.q_uid = user.mbdb_uid; 1116 e->e_from.q_gid = user.mbdb_gid; 1117 e->e_from.q_flags |= QGOODUID; 1118 } 1119 1120 /* extract full name from passwd file */ 1121 if (FullName == NULL && !internal && 1122 user.mbdb_fullname[0] != '\0' && 1123 strcmp(user.mbdb_name, e->e_from.q_user) == 0) 1124 { 1125 FullName = newstr(user.mbdb_fullname); 1126 } 1127 } 1128 else 1129 { 1130 e->e_from.q_home = NULL; 1131 } 1132 if (FullName != NULL && !internal) 1133 macdefine(&e->e_macro, A_TEMP, 'x', FullName); 1134 } 1135 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP) 1136 { 1137 if (e->e_from.q_home == NULL) 1138 { 1139 e->e_from.q_home = getenv("HOME"); 1140 if (e->e_from.q_home != NULL) 1141 { 1142 if (*e->e_from.q_home == '\0') 1143 e->e_from.q_home = NULL; 1144 else if (strcmp(e->e_from.q_home, "/") == 0) 1145 e->e_from.q_home++; 1146 } 1147 } 1148 e->e_from.q_uid = RealUid; 1149 e->e_from.q_gid = RealGid; 1150 e->e_from.q_flags |= QGOODUID; 1151 } 1152 1153 /* 1154 ** Rewrite the from person to dispose of possible implicit 1155 ** links in the net. 1156 */ 1157 1158 pvp = prescan(from, delimchar, pvpbuf, sizeof(pvpbuf), NULL, 1159 IntTokenTab, false); 1160 if (pvp == NULL) 1161 { 1162 /* don't need to give error -- prescan did that already */ 1163 if (LogLevel > 2) 1164 sm_syslog(LOG_NOTICE, e->e_id, 1165 "cannot prescan from (%s)", 1166 shortenstring(from, MAXSHORTSTR)); 1167 finis(true, true, ExitStat); 1168 } 1169 (void) REWRITE(pvp, 3, e); 1170 (void) REWRITE(pvp, 1, e); 1171 (void) REWRITE(pvp, 4, e); 1172 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1173 bp = buf + 1; 1174 cataddr(pvp, NULL, bp, sizeof(buf) - 2, '\0', false); 1175 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags)) 1176 { 1177 /* heuristic: route-addr: add angle brackets */ 1178 (void) sm_strlcat(bp, ">", sizeof(buf) - 1); 1179 *--bp = '<'; 1180 } 1181 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp); 1182 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender); 1183 1184 /* save the domain spec if this mailer wants it */ 1185 if (e->e_from.q_mailer != NULL && 1186 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags)) 1187 { 1188 char **lastat; 1189 1190 /* get rid of any pesky angle brackets */ 1191 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 1192 (void) REWRITE(pvp, 3, e); 1193 (void) REWRITE(pvp, 1, e); 1194 (void) REWRITE(pvp, 4, e); 1195 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1196 1197 /* strip off to the last "@" sign */ 1198 for (lastat = NULL; *pvp != NULL; pvp++) 1199 { 1200 if (strcmp(*pvp, "@") == 0) 1201 lastat = pvp; 1202 } 1203 if (lastat != NULL) 1204 { 1205 e->e_fromdomain = copyplist(lastat, true, e->e_rpool); 1206 if (tTd(45, 3)) 1207 { 1208 sm_dprintf("Saving from domain: "); 1209 printav(sm_debug_file(), e->e_fromdomain); 1210 } 1211 } 1212 } 1213 } 1214 /* 1215 ** PRINTENVFLAGS -- print envelope flags for debugging 1216 ** 1217 ** Parameters: 1218 ** e -- the envelope with the flags to be printed. 1219 ** 1220 ** Returns: 1221 ** none. 1222 */ 1223 1224 struct eflags 1225 { 1226 char *ef_name; 1227 unsigned long ef_bit; 1228 }; 1229 1230 static struct eflags EnvelopeFlags[] = 1231 { 1232 { "OLDSTYLE", EF_OLDSTYLE }, 1233 { "INQUEUE", EF_INQUEUE }, 1234 { "NO_BODY_RETN", EF_NO_BODY_RETN }, 1235 { "CLRQUEUE", EF_CLRQUEUE }, 1236 { "SENDRECEIPT", EF_SENDRECEIPT }, 1237 { "FATALERRS", EF_FATALERRS }, 1238 { "DELETE_BCC", EF_DELETE_BCC }, 1239 { "RESPONSE", EF_RESPONSE }, 1240 { "RESENT", EF_RESENT }, 1241 { "VRFYONLY", EF_VRFYONLY }, 1242 { "WARNING", EF_WARNING }, 1243 { "QUEUERUN", EF_QUEUERUN }, 1244 { "GLOBALERRS", EF_GLOBALERRS }, 1245 { "PM_NOTIFY", EF_PM_NOTIFY }, 1246 { "METOO", EF_METOO }, 1247 { "LOGSENDER", EF_LOGSENDER }, 1248 { "NORECEIPT", EF_NORECEIPT }, 1249 { "HAS8BIT", EF_HAS8BIT }, 1250 { "NL_NOT_EOL", EF_NL_NOT_EOL }, 1251 { "CRLF_NOT_EOL", EF_CRLF_NOT_EOL }, 1252 { "RET_PARAM", EF_RET_PARAM }, 1253 { "HAS_DF", EF_HAS_DF }, 1254 { "IS_MIME", EF_IS_MIME }, 1255 { "DONT_MIME", EF_DONT_MIME }, 1256 { "DISCARD", EF_DISCARD }, 1257 { "TOOBIG", EF_TOOBIG }, 1258 { "SPLIT", EF_SPLIT }, 1259 { "UNSAFE", EF_UNSAFE }, 1260 { NULL, 0 } 1261 }; 1262 1263 void 1264 printenvflags(e) 1265 register ENVELOPE *e; 1266 { 1267 register struct eflags *ef; 1268 bool first = true; 1269 1270 sm_dprintf("%lx", e->e_flags); 1271 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++) 1272 { 1273 if (!bitset(ef->ef_bit, e->e_flags)) 1274 continue; 1275 if (first) 1276 sm_dprintf("<%s", ef->ef_name); 1277 else 1278 sm_dprintf(",%s", ef->ef_name); 1279 first = false; 1280 } 1281 if (!first) 1282 sm_dprintf(">\n"); 1283 } 1284