1 /* 2 * Copyright (c) 1998-2003, 2006 Proofpoint, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 */ 13 14 #include <sendmail.h> 15 #include <sm/sendmail.h> 16 17 SM_RCSID("@(#)$Id: envelope.c,v 8.313 2013-11-22 20:51:55 ca Exp $") 18 19 /* 20 ** CLRSESSENVELOPE -- clear session oriented data in an envelope 21 ** 22 ** Parameters: 23 ** e -- the envelope to clear. 24 ** 25 ** Returns: 26 ** none. 27 */ 28 29 void 30 clrsessenvelope(e) 31 ENVELOPE *e; 32 { 33 #if SASL 34 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), ""); 35 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), ""); 36 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), ""); 37 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), ""); 38 #endif /* SASL */ 39 #if STARTTLS 40 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), ""); 41 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), ""); 42 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), ""); 43 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), ""); 44 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), ""); 45 macdefine(&e->e_macro, A_PERM, macid("{verify}"), ""); 46 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), ""); 47 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), ""); 48 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), ""); 49 #endif /* STARTTLS */ 50 } 51 52 /* 53 ** NEWENVELOPE -- fill in a new envelope 54 ** 55 ** Supports inheritance. 56 ** 57 ** Parameters: 58 ** e -- the new envelope to fill in. 59 ** parent -- the envelope to be the parent of e. 60 ** rpool -- either NULL, or a pointer to a resource pool 61 ** from which envelope memory is allocated, and 62 ** to which envelope resources are attached. 63 ** 64 ** Returns: 65 ** e. 66 ** 67 ** Side Effects: 68 ** none. 69 */ 70 71 ENVELOPE * 72 newenvelope(e, parent, rpool) 73 register ENVELOPE *e; 74 register ENVELOPE *parent; 75 SM_RPOOL_T *rpool; 76 { 77 int sendmode; 78 79 /* 80 ** This code used to read: 81 ** if (e == parent && e->e_parent != NULL) 82 ** parent = e->e_parent; 83 ** So if e == parent && e->e_parent == NULL then we would 84 ** set e->e_parent = e, which creates a loop in the e_parent chain. 85 ** This meant macvalue() could go into an infinite loop. 86 */ 87 88 if (parent != NULL) 89 sendmode = parent->e_sendmode; 90 else 91 sendmode = DM_NOTSET; 92 93 if (e == parent) 94 parent = e->e_parent; 95 clearenvelope(e, true, rpool); 96 if (e == CurEnv) 97 memmove((char *) &e->e_from, 98 (char *) &NullAddress, 99 sizeof(e->e_from)); 100 else 101 memmove((char *) &e->e_from, 102 (char *) &CurEnv->e_from, 103 sizeof(e->e_from)); 104 e->e_parent = parent; 105 assign_queueid(e); 106 e->e_ctime = curtime(); 107 #if _FFR_SESSID 108 e->e_sessid = e->e_id; 109 #endif 110 if (parent != NULL) 111 { 112 e->e_msgpriority = parent->e_msgsize; 113 #if _FFR_SESSID 114 if (parent->e_sessid != NULL) 115 e->e_sessid = sm_rpool_strdup_x(rpool, 116 parent->e_sessid); 117 #endif 118 119 if (parent->e_quarmsg == NULL) 120 { 121 e->e_quarmsg = NULL; 122 macdefine(&e->e_macro, A_PERM, 123 macid("{quarantine}"), ""); 124 } 125 else 126 { 127 e->e_quarmsg = sm_rpool_strdup_x(rpool, 128 parent->e_quarmsg); 129 macdefine(&e->e_macro, A_PERM, 130 macid("{quarantine}"), e->e_quarmsg); 131 } 132 } 133 e->e_puthdr = putheader; 134 e->e_putbody = putbody; 135 if (CurEnv->e_xfp != NULL) 136 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT); 137 if (sendmode != DM_NOTSET) 138 set_delivery_mode(sendmode, e); 139 140 return e; 141 } 142 143 /* values for msg_timeout, see also IS_* below for usage (bit layout) */ 144 #define MSG_T_O 0x01 /* normal timeout */ 145 #define MSG_T_O_NOW 0x02 /* NOW timeout */ 146 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */ 147 #define MSG_WARN 0x10 /* normal queue warning */ 148 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */ 149 150 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */ 151 152 /* immediate return */ 153 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0) 154 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */ 155 156 /* 157 ** DROPENVELOPE -- deallocate an envelope. 158 ** 159 ** Parameters: 160 ** e -- the envelope to deallocate. 161 ** fulldrop -- if set, do return receipts. 162 ** split -- if true, split by recipient if message is queued up 163 ** 164 ** Returns: 165 ** EX_* status (currently: 0: success, EX_IOERR on panic) 166 ** 167 ** Side Effects: 168 ** housekeeping necessary to dispose of an envelope. 169 ** Unlocks this queue file. 170 */ 171 172 int 173 dropenvelope(e, fulldrop, split) 174 register ENVELOPE *e; 175 bool fulldrop; 176 bool split; 177 { 178 bool panic = false; 179 bool queueit = false; 180 int msg_timeout = 0; 181 bool failure_return = false; 182 bool delay_return = false; 183 bool success_return = false; 184 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags); 185 bool done = false; 186 register ADDRESS *q; 187 char *id = e->e_id; 188 time_t now; 189 char buf[MAXLINE]; 190 191 if (tTd(50, 1)) 192 { 193 sm_dprintf("dropenvelope %p: id=", (void *)e); 194 xputs(sm_debug_file(), e->e_id); 195 sm_dprintf(", flags="); 196 printenvflags(e); 197 if (tTd(50, 10)) 198 { 199 sm_dprintf("sendq="); 200 printaddr(sm_debug_file(), e->e_sendqueue, true); 201 } 202 } 203 204 if (LogLevel > 84) 205 sm_syslog(LOG_DEBUG, id, 206 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d", 207 e->e_flags, OpMode, (int) CurrentPid); 208 209 /* we must have an id to remove disk files */ 210 if (id == NULL) 211 return EX_OK; 212 213 /* if verify-only mode, we can skip most of this */ 214 if (OpMode == MD_VERIFY) 215 goto simpledrop; 216 217 if (tTd(92, 2)) 218 sm_dprintf("dropenvelope: e_id=%s, EF_LOGSENDER=%d, LogLevel=%d\n", 219 e->e_id, bitset(EF_LOGSENDER, e->e_flags), LogLevel); 220 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags)) 221 logsender(e, NULL); 222 e->e_flags &= ~EF_LOGSENDER; 223 224 /* post statistics */ 225 poststats(StatFile); 226 227 /* 228 ** Extract state information from dregs of send list. 229 */ 230 231 now = curtime(); 232 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass]) 233 msg_timeout = MSG_T_O; 234 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 && 235 now >= e->e_ctime + e->e_deliver_by && 236 !bitset(EF_RESPONSE, e->e_flags)) 237 { 238 msg_timeout = MSG_NOT_BY; 239 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 240 } 241 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW && 242 !bitset(EF_RESPONSE, e->e_flags)) 243 { 244 msg_timeout = MSG_T_O_NOW; 245 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 246 } 247 248 #if _FFR_PROXY 249 if (tTd(87, 2)) 250 { 251 q = e->e_sendqueue; 252 sm_dprintf("dropenvelope: mode=%c, e=%p, sibling=%p, nrcpts=%d, sendqueue=%p, next=%p, state=%d\n", 253 e->e_sendmode, e, e->e_sibling, e->e_nrcpts, q, 254 (q == NULL) ? (void *)0 : q->q_next, 255 (q == NULL) ? -1 : q->q_state); 256 } 257 #endif /* _FFR_PROXY */ 258 259 e->e_flags &= ~EF_QUEUERUN; 260 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 261 { 262 if (QS_IS_UNDELIVERED(q->q_state)) 263 queueit = true; 264 265 #if _FFR_PROXY 266 if (queueit && e->e_sendmode == SM_PROXY) 267 queueit = false; 268 #endif 269 270 /* see if a notification is needed */ 271 if (bitset(QPINGONFAILURE, q->q_flags) && 272 ((IS_MSG_ERR(msg_timeout) && 273 QS_IS_UNDELIVERED(q->q_state)) || 274 QS_IS_BADADDR(q->q_state) || 275 IS_IMM_RET(msg_timeout))) 276 { 277 failure_return = true; 278 if (!done && q->q_owner == NULL && 279 !emptyaddr(&e->e_from)) 280 { 281 (void) sendtolist(e->e_from.q_paddr, NULLADDR, 282 &e->e_errorqueue, 0, e); 283 done = true; 284 } 285 } 286 else if ((bitset(QPINGONSUCCESS, q->q_flags) && 287 ((QS_IS_SENT(q->q_state) && 288 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) || 289 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) || 290 bitset(QBYTRACE, q->q_flags) || 291 bitset(QBYNRELAY, q->q_flags)) 292 { 293 success_return = true; 294 } 295 } 296 297 if (e->e_class < 0) 298 e->e_flags |= EF_NO_BODY_RETN; 299 300 /* 301 ** See if the message timed out. 302 */ 303 304 if (!queueit) 305 /* EMPTY */ 306 /* nothing to do */ ; 307 else if (IS_MSG_ERR(msg_timeout)) 308 { 309 if (failure_return) 310 { 311 if (msg_timeout == MSG_NOT_BY) 312 { 313 (void) sm_snprintf(buf, sizeof(buf), 314 "delivery time expired %lds", 315 e->e_deliver_by); 316 } 317 else 318 { 319 (void) sm_snprintf(buf, sizeof(buf), 320 "Cannot send message for %s", 321 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 322 false)); 323 } 324 325 /* don't free, allocated from e_rpool */ 326 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf); 327 message("%s", buf); 328 e->e_flags |= EF_CLRQUEUE; 329 } 330 if (msg_timeout == MSG_NOT_BY) 331 { 332 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 333 "Delivery time (%lds) expired\n", 334 e->e_deliver_by); 335 } 336 else 337 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 338 "Message could not be delivered for %s\n", 339 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 340 false)); 341 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 342 "Message will be deleted from queue\n"); 343 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 344 { 345 if (QS_IS_UNDELIVERED(q->q_state)) 346 { 347 q->q_state = QS_BADADDR; 348 if (msg_timeout == MSG_NOT_BY) 349 q->q_status = "5.4.7"; 350 else 351 q->q_status = "4.4.7"; 352 } 353 } 354 } 355 else 356 { 357 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 && 358 now >= e->e_ctime + 359 TimeOuts.to_q_warning[e->e_timeoutclass]) 360 msg_timeout = MSG_WARN; 361 else if (IS_DLVR_NOTIFY(e) && 362 e->e_deliver_by > 0 && 363 now >= e->e_ctime + e->e_deliver_by) 364 msg_timeout = MSG_WARN_BY; 365 366 if (IS_MSG_WARN(msg_timeout)) 367 { 368 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) && 369 e->e_class >= 0 && 370 e->e_from.q_paddr != NULL && 371 strcmp(e->e_from.q_paddr, "<>") != 0 && 372 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 && 373 (strlen(e->e_from.q_paddr) <= 8 || 374 !SM_STRCASEEQ(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8], 375 "-request"))) 376 { 377 for (q = e->e_sendqueue; q != NULL; 378 q = q->q_next) 379 { 380 if (QS_IS_UNDELIVERED(q->q_state) 381 #if _FFR_NODELAYDSN_ON_HOLD 382 && !bitnset(M_HOLD, 383 q->q_mailer->m_flags) 384 #endif 385 ) 386 { 387 if (msg_timeout == 388 MSG_WARN_BY && 389 (bitset(QPINGONDELAY, 390 q->q_flags) || 391 !bitset(QHASNOTIFY, 392 q->q_flags)) 393 ) 394 { 395 q->q_flags |= QBYNDELAY; 396 delay_return = true; 397 } 398 if (bitset(QPINGONDELAY, 399 q->q_flags)) 400 { 401 q->q_flags |= QDELAYED; 402 delay_return = true; 403 } 404 } 405 } 406 } 407 if (delay_return) 408 { 409 if (msg_timeout == MSG_WARN_BY) 410 { 411 (void) sm_snprintf(buf, sizeof(buf), 412 "Warning: Delivery time (%lds) exceeded", 413 e->e_deliver_by); 414 } 415 else 416 (void) sm_snprintf(buf, sizeof(buf), 417 "Warning: could not send message for past %s", 418 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 419 false)); 420 421 /* don't free, allocated from e_rpool */ 422 e->e_message = sm_rpool_strdup_x(e->e_rpool, 423 buf); 424 message("%s", buf); 425 e->e_flags |= EF_WARNING; 426 } 427 if (msg_timeout == MSG_WARN_BY) 428 { 429 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 430 "Warning: Delivery time (%lds) exceeded\n", 431 e->e_deliver_by); 432 } 433 else 434 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 435 "Warning: message still undelivered after %s\n", 436 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 437 false)); 438 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 439 "Will keep trying until message is %s old\n", 440 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 441 false)); 442 } 443 } 444 445 if (tTd(50, 2)) 446 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n", 447 failure_return, delay_return, success_return, queueit); 448 449 /* 450 ** If we had some fatal error, but no addresses are marked as bad, 451 ** mark all OK/VERIFIED addresses as bad (if QPINGONFAILURE). 452 */ 453 454 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return) 455 { 456 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 457 { 458 if ((QS_IS_OK(q->q_state) || 459 QS_IS_VERIFIED(q->q_state)) 460 && bitset(QPINGONFAILURE, q->q_flags) 461 462 /* 463 ** do not mark an address as bad if 464 ** - the address itself is stored in the queue 465 ** - the DeliveryMode requires queueing 466 ** - the envelope is queued 467 */ 468 469 && !(bitset(QQUEUED, q->q_flags) 470 && WILL_BE_QUEUED(e->e_sendmode) 471 && bitset(EF_INQUEUE, e->e_flags) 472 ) 473 ) 474 { 475 failure_return = true; 476 q->q_state = QS_BADADDR; 477 } 478 } 479 } 480 481 /* 482 ** Send back return receipts as requested. 483 */ 484 485 if (success_return && !failure_return && !delay_return && fulldrop && 486 !bitset(PRIV_NORECEIPTS, PrivacyFlags) && 487 strcmp(e->e_from.q_paddr, "<>") != 0) 488 { 489 auto ADDRESS *rlist = NULL; 490 491 if (tTd(50, 8)) 492 sm_dprintf("dropenvelope(%s): sending return receipt\n", 493 id); 494 e->e_flags |= EF_SENDRECEIPT; 495 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e); 496 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e); 497 } 498 e->e_flags &= ~EF_SENDRECEIPT; 499 500 /* 501 ** Arrange to send error messages if there are fatal errors. 502 */ 503 504 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET) 505 { 506 if (tTd(50, 8)) 507 sm_dprintf("dropenvelope(%s): saving mail\n", id); 508 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags)); 509 } 510 511 /* 512 ** Arrange to send warning messages to postmaster as requested. 513 */ 514 515 if ((failure_return || pmnotify) && 516 PostMasterCopy != NULL && 517 !bitset(EF_RESPONSE, e->e_flags) && 518 e->e_class >= 0) 519 { 520 auto ADDRESS *rlist = NULL; 521 char pcopy[MAXNAME_I]; 522 523 if (failure_return) 524 { 525 expand(PostMasterCopy, pcopy, sizeof(pcopy), e); 526 527 if (tTd(50, 8)) 528 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n", 529 id, pcopy); 530 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e); 531 } 532 if (pmnotify) 533 (void) sendtolist("postmaster", NULLADDR, 534 &rlist, 0, e); 535 (void) returntosender(e->e_message, rlist, 536 RTSF_PM_BOUNCE|RTSF_NO_BODY, e); 537 } 538 539 /* 540 ** Instantiate or deinstantiate the queue. 541 */ 542 543 simpledrop: 544 if (tTd(50, 8)) 545 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n", 546 id, queueit); 547 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags)) 548 { 549 if (tTd(50, 1)) 550 { 551 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=", 552 e->e_id, queueit); 553 printenvflags(e); 554 } 555 if (!panic) 556 { 557 SM_CLOSE_FP(e->e_dfp); 558 (void) xunlink(queuename(e, DATAFL_LETTER)); 559 } 560 if (panic && QueueMode == QM_LOST) 561 { 562 /* 563 ** leave the Qf file behind as 564 ** the delivery attempt failed. 565 */ 566 567 /* EMPTY */ 568 } 569 else 570 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0) 571 { 572 /* add to available space in filesystem */ 573 updfs(e, -1, panic ? 0 : -1, "dropenvelope"); 574 } 575 576 if (e->e_ntries > 0 && LogLevel > 9) 577 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d", 578 pintvl(curtime() - e->e_ctime, true), 579 e->e_ntries); 580 } 581 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 582 { 583 if (!split) 584 queueup(e, QUP_FL_MSYNC); 585 else 586 { 587 ENVELOPE *oldsib; 588 ENVELOPE *ee; 589 590 /* 591 ** Save old sibling and set it to NULL to avoid 592 ** queueing up the same envelopes again. 593 ** This requires that envelopes in that list have 594 ** been take care of before (or at some other place). 595 */ 596 597 oldsib = e->e_sibling; 598 e->e_sibling = NULL; 599 if (!split_by_recipient(e) && 600 bitset(EF_FATALERRS, e->e_flags)) 601 { 602 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%ld", 603 e->e_id, queuename(e, DATAFL_LETTER), 604 (long) geteuid()); 605 } 606 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 607 queueup(ee, QUP_FL_MSYNC); 608 queueup(e, QUP_FL_MSYNC); 609 610 /* clean up */ 611 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 612 { 613 /* now unlock the job */ 614 if (tTd(50, 8)) 615 sm_dprintf("dropenvelope(%s): unlocking job\n", 616 ee->e_id); 617 closexscript(ee); 618 unlockqueue(ee); 619 620 /* this envelope is marked unused */ 621 SM_CLOSE_FP(ee->e_dfp); 622 ee->e_id = NULL; 623 ee->e_flags &= ~EF_HAS_DF; 624 } 625 e->e_sibling = oldsib; 626 } 627 } 628 629 /* now unlock the job */ 630 if (tTd(50, 8)) 631 sm_dprintf("dropenvelope(%s): unlocking job\n", id); 632 closexscript(e); 633 unlockqueue(e); 634 635 /* make sure that this envelope is marked unused */ 636 SM_CLOSE_FP(e->e_dfp); 637 e->e_id = NULL; 638 e->e_flags &= ~EF_HAS_DF; 639 if (panic) 640 return EX_IOERR; 641 return EX_OK; 642 } 643 644 /* 645 ** CLEARENVELOPE -- clear an envelope without unlocking 646 ** 647 ** This is normally used by a child process to get a clean 648 ** envelope without disturbing the parent. 649 ** 650 ** Parameters: 651 ** e -- the envelope to clear. 652 ** fullclear - if set, the current envelope is total 653 ** garbage and should be ignored; otherwise, 654 ** release any resources it may indicate. 655 ** rpool -- either NULL, or a pointer to a resource pool 656 ** from which envelope memory is allocated, and 657 ** to which envelope resources are attached. 658 ** 659 ** Returns: 660 ** none. 661 ** 662 ** Side Effects: 663 ** Closes files associated with the envelope. 664 ** Marks the envelope as unallocated. 665 */ 666 667 void 668 clearenvelope(e, fullclear, rpool) 669 register ENVELOPE *e; 670 bool fullclear; 671 SM_RPOOL_T *rpool; 672 { 673 register HDR *bh; 674 register HDR **nhp; 675 extern ENVELOPE BlankEnvelope; 676 char **p; 677 678 if (!fullclear) 679 { 680 /* clear out any file information */ 681 SM_CLOSE_FP(e->e_xfp); 682 SM_CLOSE_FP(e->e_dfp); 683 } 684 685 /* 686 ** Copy BlankEnvelope into *e. 687 ** It is not safe to simply copy pointers to strings; 688 ** the strings themselves must be copied (or set to NULL). 689 ** The problem is that when we assign a new string value to 690 ** a member of BlankEnvelope, we free the old string. 691 ** We did not need to do this copying in sendmail 8.11 :-( 692 ** and it is a potential performance hit. Reference counted 693 ** strings are one way out. 694 */ 695 696 *e = BlankEnvelope; 697 e->e_message = NULL; 698 e->e_qfletter = '\0'; 699 e->e_quarmsg = NULL; 700 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), ""); 701 702 /* 703 ** Copy the macro table. 704 ** We might be able to avoid this by zeroing the macro table 705 ** and always searching BlankEnvelope.e_macro after e->e_macro 706 ** in macvalue(). 707 */ 708 709 for (p = &e->e_macro.mac_table[0]; 710 p <= &e->e_macro.mac_table[MAXMACROID]; 711 ++p) 712 { 713 if (*p != NULL) 714 *p = sm_rpool_strdup_x(rpool, *p); 715 } 716 717 /* 718 ** XXX There are many strings in the envelope structure 719 ** XXX that we are not attempting to copy here. 720 ** XXX Investigate this further. 721 */ 722 723 e->e_rpool = rpool; 724 e->e_macro.mac_rpool = rpool; 725 if (Verbose) 726 set_delivery_mode(SM_DELIVER, e); 727 bh = BlankEnvelope.e_header; 728 nhp = &e->e_header; 729 while (bh != NULL) 730 { 731 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof(*bh)); 732 memmove((char *) *nhp, (char *) bh, sizeof(*bh)); 733 bh = bh->h_link; 734 nhp = &(*nhp)->h_link; 735 } 736 #if _FFR_MILTER_ENHSC 737 e->e_enhsc[0] = '\0'; 738 #endif 739 } 740 /* 741 ** INITSYS -- initialize instantiation of system 742 ** 743 ** In Daemon mode, this is done in the child. 744 ** 745 ** Parameters: 746 ** e -- the envelope to use. 747 ** 748 ** Returns: 749 ** none. 750 ** 751 ** Side Effects: 752 ** Initializes the system macros, some global variables, 753 ** etc. In particular, the current time in various 754 ** forms is set. 755 */ 756 757 void 758 initsys(e) 759 register ENVELOPE *e; 760 { 761 char buf[10]; 762 #ifdef TTYNAME 763 static char ybuf[60]; /* holds tty id */ 764 register char *p; 765 extern char *ttyname(); 766 #endif /* TTYNAME */ 767 768 /* 769 ** Give this envelope a reality. 770 ** I.e., an id, a transcript, and a creation time. 771 ** We don't select the queue until all of the recipients are known. 772 */ 773 774 openxscript(e); 775 e->e_ctime = curtime(); 776 e->e_qfletter = '\0'; 777 778 /* 779 ** Set OutChannel to something useful if stdout isn't it. 780 ** This arranges that any extra stuff the mailer produces 781 ** gets sent back to the user on error (because it is 782 ** tucked away in the transcript). 783 */ 784 785 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) && 786 e->e_xfp != NULL) 787 OutChannel = e->e_xfp; 788 789 /* 790 ** Set up some basic system macros. 791 */ 792 793 /* process id */ 794 (void) sm_snprintf(buf, sizeof(buf), "%d", (int) CurrentPid); 795 macdefine(&e->e_macro, A_TEMP, 'p', buf); 796 797 /* hop count */ 798 (void) sm_snprintf(buf, sizeof(buf), "%d", e->e_hopcount); 799 macdefine(&e->e_macro, A_TEMP, 'c', buf); 800 801 /* time as integer, unix time, arpa time */ 802 settime(e); 803 804 /* Load average */ 805 sm_getla(); 806 807 #ifdef TTYNAME 808 /* tty name */ 809 if (macvalue('y', e) == NULL) 810 { 811 p = ttyname(2); 812 if (p != NULL) 813 { 814 if (strrchr(p, '/') != NULL) 815 p = strrchr(p, '/') + 1; 816 (void) sm_strlcpy(ybuf, sizeof(ybuf), p); 817 macdefine(&e->e_macro, A_PERM, 'y', ybuf); 818 } 819 } 820 #endif /* TTYNAME */ 821 } 822 /* 823 ** SETTIME -- set the current time. 824 ** 825 ** Parameters: 826 ** e -- the envelope in which the macros should be set. 827 ** 828 ** Returns: 829 ** none. 830 ** 831 ** Side Effects: 832 ** Sets the various time macros -- $a, $b, $d, $t. 833 */ 834 835 void 836 settime(e) 837 register ENVELOPE *e; 838 { 839 register char *p; 840 auto time_t now; 841 char buf[30]; 842 register struct tm *tm; 843 844 now = curtime(); 845 (void) sm_snprintf(buf, sizeof(buf), "%ld", (long) now); 846 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf); 847 tm = gmtime(&now); 848 (void) sm_snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d", 849 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 850 tm->tm_hour, tm->tm_min); 851 macdefine(&e->e_macro, A_TEMP, 't', buf); 852 (void) sm_strlcpy(buf, ctime(&now), sizeof(buf)); 853 p = strchr(buf, '\n'); 854 if (p != NULL) 855 *p = '\0'; 856 macdefine(&e->e_macro, A_TEMP, 'd', buf); 857 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf)); 858 if (macvalue('a', e) == NULL) 859 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e)); 860 } 861 /* 862 ** OPENXSCRIPT -- Open transcript file 863 ** 864 ** Creates a transcript file for possible eventual mailing or 865 ** sending back. 866 ** 867 ** Parameters: 868 ** e -- the envelope to create the transcript in/for. 869 ** 870 ** Returns: 871 ** none 872 ** 873 ** Side Effects: 874 ** Creates the transcript file. 875 */ 876 877 #ifndef O_APPEND 878 # define O_APPEND 0 879 #endif 880 881 void 882 openxscript(e) 883 register ENVELOPE *e; 884 { 885 register char *p; 886 887 if (e->e_xfp != NULL) 888 return; 889 890 #if 0 891 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags)) 892 syserr("openxscript: job not locked"); 893 #endif 894 895 p = queuename(e, XSCRPT_LETTER); 896 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize, 897 SFF_NOTEXCL|SFF_OPENASROOT); 898 899 if (e->e_xfp == NULL) 900 { 901 syserr("Can't create transcript file %s", p); 902 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, 903 SM_PATH_DEVNULL, SM_IO_RDWR, NULL); 904 if (e->e_xfp == NULL) 905 syserr("!Can't open %s", SM_PATH_DEVNULL); 906 } 907 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0); 908 if (tTd(46, 9)) 909 { 910 sm_dprintf("openxscript(%s):\n ", p); 911 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true, 912 false); 913 } 914 } 915 /* 916 ** CLOSEXSCRIPT -- close the transcript file. 917 ** 918 ** Parameters: 919 ** e -- the envelope containing the transcript to close. 920 ** 921 ** Returns: 922 ** none. 923 ** 924 ** Side Effects: 925 ** none. 926 */ 927 928 void 929 closexscript(e) 930 register ENVELOPE *e; 931 { 932 if (e->e_xfp == NULL) 933 return; 934 #if 0 935 if (e->e_lockfp == NULL) 936 syserr("closexscript: job not locked"); 937 #endif 938 SM_CLOSE_FP(e->e_xfp); 939 } 940 /* 941 ** SETSENDER -- set the person who this message is from 942 ** 943 ** Under certain circumstances allow the user to say who 944 ** s/he is (using -f or -r). These are: 945 ** 1. The user's uid is zero (root). 946 ** 2. The user's login name is in an approved list (typically 947 ** from a network server). 948 ** 3. The address the user is trying to claim has a 949 ** "!" character in it (since #2 doesn't do it for 950 ** us if we are dialing out for UUCP). 951 ** A better check to replace #3 would be if the 952 ** effective uid is "UUCP" -- this would require me 953 ** to rewrite getpwent to "grab" uucp as it went by, 954 ** make getname more nasty, do another passwd file 955 ** scan, or compile the UID of "UUCP" into the code, 956 ** all of which are reprehensible. 957 ** 958 ** Assuming all of these fail, we figure out something 959 ** ourselves. 960 ** 961 ** Parameters: 962 ** from -- the person we would like to believe this message [i] 963 ** is from, as specified on the command line. 964 ** e -- the envelope in which we would like the sender set. 965 ** delimptr -- if non-NULL, set to the location of the 966 ** trailing delimiter. 967 ** delimchar -- the character that will delimit the sender 968 ** address. 969 ** internal -- set if this address is coming from an internal 970 ** source such as an owner alias. 971 ** 972 ** Returns: 973 ** none. 974 ** 975 ** Side Effects: 976 ** sets sendmail's notion of who the from person is. 977 */ 978 979 void 980 setsender(from, e, delimptr, delimchar, internal) 981 char *from; 982 register ENVELOPE *e; 983 char **delimptr; 984 int delimchar; 985 bool internal; 986 { 987 register char **pvp; 988 char *realname = NULL; 989 char *bp; 990 char buf[MAXNAME_I + 2]; 991 char pvpbuf[PSBUFSIZE]; 992 extern char *FullName; 993 994 if (tTd(45, 1)) 995 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from); 996 997 /* may be set from earlier calls */ 998 macdefine(&e->e_macro, A_PERM, 'x', ""); 999 1000 /* 1001 ** Figure out the real user executing us. 1002 ** Username can return errno != 0 on non-errors. 1003 */ 1004 1005 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP || 1006 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON) 1007 realname = from; 1008 if (SM_IS_EMPTY(realname)) 1009 realname = username(); 1010 1011 if (ConfigLevel < 2) 1012 SuprErrs = true; 1013 1014 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 1015 1016 /* preset state for then clause in case from == NULL */ 1017 e->e_from.q_state = QS_BADADDR; 1018 e->e_from.q_flags = 0; 1019 if (from == NULL || 1020 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR, 1021 delimchar, delimptr, e, false) == NULL || 1022 QS_IS_BADADDR(e->e_from.q_state) || 1023 e->e_from.q_mailer == ProgMailer || 1024 e->e_from.q_mailer == FileMailer || 1025 e->e_from.q_mailer == InclMailer) 1026 { 1027 /* log garbage addresses for traceback */ 1028 if (from != NULL && LogLevel > 2) 1029 { 1030 char *p; 1031 char ebuf[MAXNAME * 2 + 2]; /* EAI:ok? */ 1032 1033 p = macvalue('_', e); 1034 if (p == NULL) 1035 { 1036 char *host = RealHostName; 1037 1038 if (host == NULL) 1039 host = MyHostName; 1040 (void) sm_snprintf(ebuf, sizeof(ebuf), 1041 "%.*s@%.*s", 1042 MAXNAME, realname, /* EAI: see above */ 1043 MAXNAME, host); /* EAI: see above */ 1044 p = ebuf; 1045 } 1046 sm_syslog(LOG_NOTICE, e->e_id, 1047 "setsender: %s: invalid or unparsable, received from %s", 1048 shortenstring(from, 83), p); 1049 } 1050 if (from != NULL) 1051 { 1052 if (!QS_IS_BADADDR(e->e_from.q_state)) 1053 { 1054 /* it was a bogus mailer in the from addr */ 1055 e->e_status = "5.1.7"; 1056 usrerrenh(e->e_status, 1057 "553 Invalid sender address"); 1058 } 1059 SuprErrs = true; 1060 } 1061 if (from == realname || 1062 /* XXX realname must be [i] */ 1063 parseaddr(from = realname, 1064 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ', 1065 NULL, e, false) == NULL) 1066 { 1067 char nbuf[100]; 1068 1069 SuprErrs = true; 1070 expand("\201n", nbuf, sizeof(nbuf), e); 1071 from = sm_rpool_strdup_x(e->e_rpool, nbuf); 1072 /* XXX from must be [i] */ 1073 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ', 1074 NULL, e, false) == NULL && 1075 parseaddr(from = "postmaster", &e->e_from, 1076 RF_COPYALL, ' ', NULL, e, false) == NULL) 1077 syserr("553 5.3.0 setsender: can't even parse postmaster!"); 1078 } 1079 } 1080 else 1081 FromFlag = true; 1082 e->e_from.q_state = QS_SENDER; 1083 if (tTd(45, 5)) 1084 { 1085 sm_dprintf("setsender: QS_SENDER "); 1086 printaddr(sm_debug_file(), &e->e_from, false); 1087 } 1088 SuprErrs = false; 1089 1090 #if USERDB 1091 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags)) 1092 { 1093 register char *p; 1094 1095 p = udbsender(e->e_from.q_user, e->e_rpool); 1096 if (p != NULL) 1097 from = p; 1098 } 1099 #endif /* USERDB */ 1100 1101 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags)) 1102 { 1103 SM_MBDB_T user; 1104 1105 if (!internal) 1106 { 1107 /* if the user already given fullname don't redefine */ 1108 if (FullName == NULL) 1109 FullName = macvalue('x', e); 1110 if (FullName != NULL) 1111 { 1112 if (FullName[0] == '\0') 1113 FullName = NULL; 1114 else 1115 FullName = newstr(FullName); 1116 } 1117 } 1118 1119 if (e->e_from.q_user[0] != '\0' && 1120 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK) 1121 { 1122 /* 1123 ** Process passwd file entry. 1124 */ 1125 1126 /* extract home directory */ 1127 if (*user.mbdb_homedir == '\0') 1128 e->e_from.q_home = NULL; 1129 else if (strcmp(user.mbdb_homedir, "/") == 0) 1130 e->e_from.q_home = ""; 1131 else 1132 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool, 1133 user.mbdb_homedir); 1134 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home); 1135 1136 /* extract user and group id */ 1137 if (user.mbdb_uid != SM_NO_UID) 1138 { 1139 e->e_from.q_uid = user.mbdb_uid; 1140 e->e_from.q_gid = user.mbdb_gid; 1141 e->e_from.q_flags |= QGOODUID; 1142 } 1143 1144 /* extract full name from passwd file */ 1145 if (FullName == NULL && !internal && 1146 user.mbdb_fullname[0] != '\0' && 1147 strcmp(user.mbdb_name, e->e_from.q_user) == 0) 1148 { 1149 FullName = newstr(user.mbdb_fullname); 1150 } 1151 } 1152 else 1153 { 1154 e->e_from.q_home = NULL; 1155 } 1156 if (FullName != NULL && !internal) 1157 macdefine(&e->e_macro, A_TEMP, 'x', FullName); 1158 } 1159 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP) 1160 { 1161 if (e->e_from.q_home == NULL) 1162 { 1163 e->e_from.q_home = getenv("HOME"); 1164 if (e->e_from.q_home != NULL) 1165 { 1166 if (*e->e_from.q_home == '\0') 1167 e->e_from.q_home = NULL; 1168 else if (strcmp(e->e_from.q_home, "/") == 0) 1169 e->e_from.q_home++; 1170 } 1171 } 1172 e->e_from.q_uid = RealUid; 1173 e->e_from.q_gid = RealGid; 1174 e->e_from.q_flags |= QGOODUID; 1175 } 1176 1177 /* 1178 ** Rewrite the from person to dispose of possible implicit 1179 ** links in the net. 1180 */ 1181 1182 pvp = prescan(from, delimchar, pvpbuf, sizeof(pvpbuf), NULL, 1183 IntTokenTab, false); 1184 if (pvp == NULL) 1185 { 1186 /* don't need to give error -- prescan did that already */ 1187 if (LogLevel > 2) 1188 sm_syslog(LOG_NOTICE, e->e_id, 1189 "cannot prescan from (%s)", 1190 shortenstring(from, MAXSHORTSTR)); 1191 finis(true, true, ExitStat); 1192 } 1193 (void) REWRITE(pvp, 3, e); 1194 (void) REWRITE(pvp, 1, e); 1195 (void) REWRITE(pvp, 4, e); 1196 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1197 bp = buf + 1; 1198 cataddr(pvp, NULL, bp, sizeof(buf) - 2, '\0', false); 1199 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags)) 1200 { 1201 /* heuristic: route-addr: add angle brackets */ 1202 (void) sm_strlcat(bp, ">", sizeof(buf) - 1); 1203 *--bp = '<'; 1204 } 1205 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp); 1206 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender); 1207 1208 /* save the domain spec if this mailer wants it */ 1209 if (e->e_from.q_mailer != NULL && 1210 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags)) 1211 { 1212 char **lastat; 1213 1214 /* get rid of any pesky angle brackets */ 1215 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 1216 (void) REWRITE(pvp, 3, e); 1217 (void) REWRITE(pvp, 1, e); 1218 (void) REWRITE(pvp, 4, e); 1219 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1220 1221 /* strip off to the last "@" sign */ 1222 for (lastat = NULL; *pvp != NULL; pvp++) 1223 { 1224 if (strcmp(*pvp, "@") == 0) 1225 lastat = pvp; 1226 } 1227 if (lastat != NULL) 1228 { 1229 e->e_fromdomain = copyplist(lastat, true, e->e_rpool); 1230 if (tTd(45, 3)) 1231 { 1232 sm_dprintf("Saving from domain: "); 1233 printav(sm_debug_file(), e->e_fromdomain); 1234 } 1235 } 1236 } 1237 } 1238 /* 1239 ** PRINTENVFLAGS -- print envelope flags for debugging 1240 ** 1241 ** Parameters: 1242 ** e -- the envelope with the flags to be printed. 1243 ** 1244 ** Returns: 1245 ** none. 1246 */ 1247 1248 struct eflags 1249 { 1250 char *ef_name; 1251 unsigned long ef_bit; 1252 }; 1253 1254 static struct eflags EnvelopeFlags[] = 1255 { 1256 { "OLDSTYLE", EF_OLDSTYLE }, 1257 { "INQUEUE", EF_INQUEUE }, 1258 { "NO_BODY_RETN", EF_NO_BODY_RETN }, 1259 { "CLRQUEUE", EF_CLRQUEUE }, 1260 { "SENDRECEIPT", EF_SENDRECEIPT }, 1261 { "FATALERRS", EF_FATALERRS }, 1262 { "DELETE_BCC", EF_DELETE_BCC }, 1263 { "RESPONSE", EF_RESPONSE }, 1264 { "RESENT", EF_RESENT }, 1265 { "VRFYONLY", EF_VRFYONLY }, 1266 { "WARNING", EF_WARNING }, 1267 { "QUEUERUN", EF_QUEUERUN }, 1268 { "GLOBALERRS", EF_GLOBALERRS }, 1269 { "PM_NOTIFY", EF_PM_NOTIFY }, 1270 { "METOO", EF_METOO }, 1271 { "LOGSENDER", EF_LOGSENDER }, 1272 { "NORECEIPT", EF_NORECEIPT }, 1273 { "HAS8BIT", EF_HAS8BIT }, 1274 { "RET_PARAM", EF_RET_PARAM }, 1275 { "HAS_DF", EF_HAS_DF }, 1276 { "IS_MIME", EF_IS_MIME }, 1277 { "DONT_MIME", EF_DONT_MIME }, 1278 { "DISCARD", EF_DISCARD }, 1279 { "TOOBIG", EF_TOOBIG }, 1280 { "SPLIT", EF_SPLIT }, 1281 { "UNSAFE", EF_UNSAFE }, 1282 { "TOODEEP", EF_TOODEEP }, 1283 { "SECURE", EF_SECURE }, 1284 { NULL, 0 } 1285 }; 1286 1287 void 1288 printenvflags(e) 1289 register ENVELOPE *e; 1290 { 1291 register struct eflags *ef; 1292 bool first = true; 1293 1294 sm_dprintf("%lx", e->e_flags); 1295 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++) 1296 { 1297 if (!bitset(ef->ef_bit, e->e_flags)) 1298 continue; 1299 if (first) 1300 sm_dprintf("<%s", ef->ef_name); 1301 else 1302 sm_dprintf(",%s", ef->ef_name); 1303 first = false; 1304 } 1305 if (!first) 1306 sm_dprintf(">\n"); 1307 } 1308