1 /* 2 * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 */ 13 14 #include <sendmail.h> 15 16 SM_RCSID("@(#)$Id: envelope.c,v 8.296 2006/03/31 18:53:50 ca Exp $") 17 18 /* 19 ** CLRSESSENVELOPE -- clear session oriented data in an envelope 20 ** 21 ** Parameters: 22 ** e -- the envelope to clear. 23 ** 24 ** Returns: 25 ** none. 26 */ 27 28 void 29 clrsessenvelope(e) 30 ENVELOPE *e; 31 { 32 #if SASL 33 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), ""); 34 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), ""); 35 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), ""); 36 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), ""); 37 #endif /* SASL */ 38 #if STARTTLS 39 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), ""); 40 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), ""); 41 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), ""); 42 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), ""); 43 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), ""); 44 macdefine(&e->e_macro, A_PERM, macid("{verify}"), ""); 45 # if _FFR_TLS_1 46 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), ""); 47 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), ""); 48 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), ""); 49 # endif /* _FFR_TLS_1 */ 50 #endif /* STARTTLS */ 51 } 52 53 /* 54 ** NEWENVELOPE -- fill in a new envelope 55 ** 56 ** Supports inheritance. 57 ** 58 ** Parameters: 59 ** e -- the new envelope to fill in. 60 ** parent -- the envelope to be the parent of e. 61 ** rpool -- either NULL, or a pointer to a resource pool 62 ** from which envelope memory is allocated, and 63 ** to which envelope resources are attached. 64 ** 65 ** Returns: 66 ** e. 67 ** 68 ** Side Effects: 69 ** none. 70 */ 71 72 ENVELOPE * 73 newenvelope(e, parent, rpool) 74 register ENVELOPE *e; 75 register ENVELOPE *parent; 76 SM_RPOOL_T *rpool; 77 { 78 #if _FFR_DM_PER_DAEMON 79 int sendmode; 80 #endif /* _FFR_DM_PER_DAEMON */ 81 82 /* 83 ** This code used to read: 84 ** if (e == parent && e->e_parent != NULL) 85 ** parent = e->e_parent; 86 ** So if e == parent && e->e_parent == NULL then we would 87 ** set e->e_parent = e, which creates a loop in the e_parent chain. 88 ** This meant macvalue() could go into an infinite loop. 89 */ 90 91 #if _FFR_DM_PER_DAEMON 92 if (parent != NULL) 93 sendmode = parent->e_sendmode; 94 else 95 sendmode = DM_NOTSET; 96 #endif /* _FFR_DM_PER_DAEMON */ 97 98 if (e == parent) 99 parent = e->e_parent; 100 clearenvelope(e, true, rpool); 101 if (e == CurEnv) 102 memmove((char *) &e->e_from, 103 (char *) &NullAddress, 104 sizeof e->e_from); 105 else 106 memmove((char *) &e->e_from, 107 (char *) &CurEnv->e_from, 108 sizeof e->e_from); 109 e->e_parent = parent; 110 assign_queueid(e); 111 e->e_ctime = curtime(); 112 if (parent != NULL) 113 { 114 e->e_msgpriority = parent->e_msgsize; 115 if (parent->e_quarmsg == NULL) 116 { 117 e->e_quarmsg = NULL; 118 macdefine(&e->e_macro, A_PERM, 119 macid("{quarantine}"), ""); 120 } 121 else 122 { 123 e->e_quarmsg = sm_rpool_strdup_x(rpool, 124 parent->e_quarmsg); 125 macdefine(&e->e_macro, A_PERM, 126 macid("{quarantine}"), e->e_quarmsg); 127 } 128 } 129 e->e_puthdr = putheader; 130 e->e_putbody = putbody; 131 if (CurEnv->e_xfp != NULL) 132 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT); 133 #if _FFR_DM_PER_DAEMON 134 if (sendmode != DM_NOTSET) 135 e->e_sendmode = sendmode; 136 #endif /* _FFR_DM_PER_DAEMON */ 137 138 return e; 139 } 140 141 /* values for msg_timeout, see also IS_* below for usage (bit layout) */ 142 #define MSG_T_O 0x01 /* normal timeout */ 143 #define MSG_T_O_NOW 0x02 /* NOW timeout */ 144 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */ 145 #define MSG_WARN 0x10 /* normal queue warning */ 146 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */ 147 148 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */ 149 150 /* immediate return */ 151 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0) 152 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */ 153 154 /* 155 ** DROPENVELOPE -- deallocate an envelope. 156 ** 157 ** Parameters: 158 ** e -- the envelope to deallocate. 159 ** fulldrop -- if set, do return receipts. 160 ** split -- if true, split by recipient if message is queued up 161 ** 162 ** Returns: 163 ** none. 164 ** 165 ** Side Effects: 166 ** housekeeping necessary to dispose of an envelope. 167 ** Unlocks this queue file. 168 */ 169 170 void 171 dropenvelope(e, fulldrop, split) 172 register ENVELOPE *e; 173 bool fulldrop; 174 bool split; 175 { 176 bool panic = false; 177 bool queueit = false; 178 int msg_timeout = 0; 179 bool failure_return = false; 180 bool delay_return = false; 181 bool success_return = false; 182 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags); 183 bool done = false; 184 register ADDRESS *q; 185 char *id = e->e_id; 186 time_t now; 187 char buf[MAXLINE]; 188 189 if (tTd(50, 1)) 190 { 191 sm_dprintf("dropenvelope %p: id=", e); 192 xputs(sm_debug_file(), e->e_id); 193 sm_dprintf(", flags="); 194 printenvflags(e); 195 if (tTd(50, 10)) 196 { 197 sm_dprintf("sendq="); 198 printaddr(sm_debug_file(), e->e_sendqueue, true); 199 } 200 } 201 202 if (LogLevel > 84) 203 sm_syslog(LOG_DEBUG, id, 204 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d", 205 e->e_flags, OpMode, (int) CurrentPid); 206 207 /* we must have an id to remove disk files */ 208 if (id == NULL) 209 return; 210 211 /* if verify-only mode, we can skip most of this */ 212 if (OpMode == MD_VERIFY) 213 goto simpledrop; 214 215 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags)) 216 logsender(e, NULL); 217 e->e_flags &= ~EF_LOGSENDER; 218 219 /* post statistics */ 220 poststats(StatFile); 221 222 /* 223 ** Extract state information from dregs of send list. 224 */ 225 226 now = curtime(); 227 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass]) 228 msg_timeout = MSG_T_O; 229 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 && 230 now >= e->e_ctime + e->e_deliver_by && 231 !bitset(EF_RESPONSE, e->e_flags)) 232 { 233 msg_timeout = MSG_NOT_BY; 234 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 235 } 236 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW && 237 !bitset(EF_RESPONSE, e->e_flags)) 238 { 239 msg_timeout = MSG_T_O_NOW; 240 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 241 } 242 243 e->e_flags &= ~EF_QUEUERUN; 244 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 245 { 246 if (QS_IS_UNDELIVERED(q->q_state)) 247 queueit = true; 248 249 /* see if a notification is needed */ 250 if (bitset(QPINGONFAILURE, q->q_flags) && 251 ((IS_MSG_ERR(msg_timeout) && 252 QS_IS_UNDELIVERED(q->q_state)) || 253 QS_IS_BADADDR(q->q_state) || 254 IS_IMM_RET(msg_timeout))) 255 { 256 failure_return = true; 257 if (!done && q->q_owner == NULL && 258 !emptyaddr(&e->e_from)) 259 { 260 (void) sendtolist(e->e_from.q_paddr, NULLADDR, 261 &e->e_errorqueue, 0, e); 262 done = true; 263 } 264 } 265 else if ((bitset(QPINGONSUCCESS, q->q_flags) && 266 ((QS_IS_SENT(q->q_state) && 267 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) || 268 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) || 269 bitset(QBYTRACE, q->q_flags) || 270 bitset(QBYNRELAY, q->q_flags)) 271 { 272 success_return = true; 273 } 274 } 275 276 if (e->e_class < 0) 277 e->e_flags |= EF_NO_BODY_RETN; 278 279 /* 280 ** See if the message timed out. 281 */ 282 283 if (!queueit) 284 /* EMPTY */ 285 /* nothing to do */ ; 286 else if (IS_MSG_ERR(msg_timeout)) 287 { 288 if (failure_return) 289 { 290 if (msg_timeout == MSG_NOT_BY) 291 { 292 (void) sm_snprintf(buf, sizeof buf, 293 "delivery time expired %lds", 294 e->e_deliver_by); 295 } 296 else 297 { 298 (void) sm_snprintf(buf, sizeof buf, 299 "Cannot send message for %s", 300 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 301 false)); 302 } 303 304 /* don't free, allocated from e_rpool */ 305 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf); 306 message(buf); 307 e->e_flags |= EF_CLRQUEUE; 308 } 309 if (msg_timeout == MSG_NOT_BY) 310 { 311 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 312 "Delivery time (%lds) expired\n", 313 e->e_deliver_by); 314 } 315 else 316 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 317 "Message could not be delivered for %s\n", 318 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 319 false)); 320 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 321 "Message will be deleted from queue\n"); 322 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 323 { 324 if (QS_IS_UNDELIVERED(q->q_state)) 325 { 326 q->q_state = QS_BADADDR; 327 if (msg_timeout == MSG_NOT_BY) 328 q->q_status = "5.4.7"; 329 else 330 q->q_status = "4.4.7"; 331 } 332 } 333 } 334 else 335 { 336 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 && 337 now >= e->e_ctime + 338 TimeOuts.to_q_warning[e->e_timeoutclass]) 339 msg_timeout = MSG_WARN; 340 else if (IS_DLVR_NOTIFY(e) && 341 e->e_deliver_by > 0 && 342 now >= e->e_ctime + e->e_deliver_by) 343 msg_timeout = MSG_WARN_BY; 344 345 if (IS_MSG_WARN(msg_timeout)) 346 { 347 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) && 348 e->e_class >= 0 && 349 e->e_from.q_paddr != NULL && 350 strcmp(e->e_from.q_paddr, "<>") != 0 && 351 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 && 352 (strlen(e->e_from.q_paddr) <= 8 || 353 sm_strcasecmp(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8], 354 "-request") != 0)) 355 { 356 for (q = e->e_sendqueue; q != NULL; 357 q = q->q_next) 358 { 359 if (QS_IS_UNDELIVERED(q->q_state) 360 #if _FFR_NODELAYDSN_ON_HOLD 361 && !bitnset(M_HOLD, 362 q->q_mailer->m_flags) 363 #endif /* _FFR_NODELAYDSN_ON_HOLD */ 364 ) 365 { 366 if (msg_timeout == 367 MSG_WARN_BY && 368 (bitset(QPINGONDELAY, 369 q->q_flags) || 370 !bitset(QHASNOTIFY, 371 q->q_flags)) 372 ) 373 { 374 q->q_flags |= QBYNDELAY; 375 delay_return = true; 376 } 377 if (bitset(QPINGONDELAY, 378 q->q_flags)) 379 { 380 q->q_flags |= QDELAYED; 381 delay_return = true; 382 } 383 } 384 } 385 } 386 if (delay_return) 387 { 388 if (msg_timeout == MSG_WARN_BY) 389 { 390 (void) sm_snprintf(buf, sizeof buf, 391 "Warning: Delivery time (%lds) exceeded", 392 e->e_deliver_by); 393 } 394 else 395 (void) sm_snprintf(buf, sizeof buf, 396 "Warning: could not send message for past %s", 397 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 398 false)); 399 400 /* don't free, allocated from e_rpool */ 401 e->e_message = sm_rpool_strdup_x(e->e_rpool, 402 buf); 403 message(buf); 404 e->e_flags |= EF_WARNING; 405 } 406 if (msg_timeout == MSG_WARN_BY) 407 { 408 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 409 "Warning: Delivery time (%lds) exceeded\n", 410 e->e_deliver_by); 411 } 412 else 413 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 414 "Warning: message still undelivered after %s\n", 415 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 416 false)); 417 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 418 "Will keep trying until message is %s old\n", 419 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 420 false)); 421 } 422 } 423 424 if (tTd(50, 2)) 425 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n", 426 failure_return, delay_return, success_return, queueit); 427 428 /* 429 ** If we had some fatal error, but no addresses are marked as 430 ** bad, mark them _all_ as bad. 431 */ 432 433 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return) 434 { 435 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 436 { 437 if ((QS_IS_OK(q->q_state) || 438 QS_IS_VERIFIED(q->q_state)) && 439 bitset(QPINGONFAILURE, q->q_flags)) 440 { 441 failure_return = true; 442 q->q_state = QS_BADADDR; 443 } 444 } 445 } 446 447 /* 448 ** Send back return receipts as requested. 449 */ 450 451 if (success_return && !failure_return && !delay_return && fulldrop && 452 !bitset(PRIV_NORECEIPTS, PrivacyFlags) && 453 strcmp(e->e_from.q_paddr, "<>") != 0) 454 { 455 auto ADDRESS *rlist = NULL; 456 457 if (tTd(50, 8)) 458 sm_dprintf("dropenvelope(%s): sending return receipt\n", 459 id); 460 e->e_flags |= EF_SENDRECEIPT; 461 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e); 462 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e); 463 } 464 e->e_flags &= ~EF_SENDRECEIPT; 465 466 /* 467 ** Arrange to send error messages if there are fatal errors. 468 */ 469 470 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET) 471 { 472 if (tTd(50, 8)) 473 sm_dprintf("dropenvelope(%s): saving mail\n", id); 474 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags)); 475 } 476 477 /* 478 ** Arrange to send warning messages to postmaster as requested. 479 */ 480 481 if ((failure_return || pmnotify) && 482 PostMasterCopy != NULL && 483 !bitset(EF_RESPONSE, e->e_flags) && 484 e->e_class >= 0) 485 { 486 auto ADDRESS *rlist = NULL; 487 char pcopy[MAXNAME]; 488 489 if (failure_return) 490 { 491 expand(PostMasterCopy, pcopy, sizeof pcopy, e); 492 493 if (tTd(50, 8)) 494 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n", 495 id, pcopy); 496 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e); 497 } 498 if (pmnotify) 499 (void) sendtolist("postmaster", NULLADDR, 500 &rlist, 0, e); 501 (void) returntosender(e->e_message, rlist, 502 RTSF_PM_BOUNCE|RTSF_NO_BODY, e); 503 } 504 505 /* 506 ** Instantiate or deinstantiate the queue. 507 */ 508 509 simpledrop: 510 if (tTd(50, 8)) 511 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n", 512 id, queueit); 513 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags)) 514 { 515 if (tTd(50, 1)) 516 { 517 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=", 518 e->e_id, queueit); 519 printenvflags(e); 520 } 521 if (!panic) 522 { 523 if (e->e_dfp != NULL) 524 { 525 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 526 e->e_dfp = NULL; 527 } 528 (void) xunlink(queuename(e, DATAFL_LETTER)); 529 } 530 if (panic && QueueMode == QM_LOST) 531 { 532 /* 533 ** leave the Qf file behind as 534 ** the delivery attempt failed. 535 */ 536 537 /* EMPTY */ 538 } 539 else 540 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0) 541 { 542 /* add to available space in filesystem */ 543 updfs(e, -1, panic ? 0 : -1, "dropenvelope"); 544 } 545 546 if (e->e_ntries > 0 && LogLevel > 9) 547 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d", 548 pintvl(curtime() - e->e_ctime, true), 549 e->e_ntries); 550 } 551 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 552 { 553 if (!split) 554 queueup(e, false, true); 555 else 556 { 557 ENVELOPE *oldsib; 558 ENVELOPE *ee; 559 560 /* 561 ** Save old sibling and set it to NULL to avoid 562 ** queueing up the same envelopes again. 563 ** This requires that envelopes in that list have 564 ** been take care of before (or at some other place). 565 */ 566 567 oldsib = e->e_sibling; 568 e->e_sibling = NULL; 569 if (!split_by_recipient(e) && 570 bitset(EF_FATALERRS, e->e_flags)) 571 { 572 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%d", 573 e->e_id, queuename(e, DATAFL_LETTER), 574 (int) geteuid()); 575 } 576 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 577 queueup(ee, false, true); 578 queueup(e, false, true); 579 580 /* clean up */ 581 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 582 { 583 /* now unlock the job */ 584 if (tTd(50, 8)) 585 sm_dprintf("dropenvelope(%s): unlocking job\n", 586 ee->e_id); 587 closexscript(ee); 588 unlockqueue(ee); 589 590 /* this envelope is marked unused */ 591 if (ee->e_dfp != NULL) 592 { 593 (void) sm_io_close(ee->e_dfp, 594 SM_TIME_DEFAULT); 595 ee->e_dfp = NULL; 596 } 597 ee->e_id = NULL; 598 ee->e_flags &= ~EF_HAS_DF; 599 } 600 e->e_sibling = oldsib; 601 } 602 } 603 604 /* now unlock the job */ 605 if (tTd(50, 8)) 606 sm_dprintf("dropenvelope(%s): unlocking job\n", id); 607 closexscript(e); 608 unlockqueue(e); 609 610 /* make sure that this envelope is marked unused */ 611 if (e->e_dfp != NULL) 612 { 613 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 614 e->e_dfp = NULL; 615 } 616 e->e_id = NULL; 617 e->e_flags &= ~EF_HAS_DF; 618 } 619 /* 620 ** CLEARENVELOPE -- clear an envelope without unlocking 621 ** 622 ** This is normally used by a child process to get a clean 623 ** envelope without disturbing the parent. 624 ** 625 ** Parameters: 626 ** e -- the envelope to clear. 627 ** fullclear - if set, the current envelope is total 628 ** garbage and should be ignored; otherwise, 629 ** release any resources it may indicate. 630 ** rpool -- either NULL, or a pointer to a resource pool 631 ** from which envelope memory is allocated, and 632 ** to which envelope resources are attached. 633 ** 634 ** Returns: 635 ** none. 636 ** 637 ** Side Effects: 638 ** Closes files associated with the envelope. 639 ** Marks the envelope as unallocated. 640 */ 641 642 void 643 clearenvelope(e, fullclear, rpool) 644 register ENVELOPE *e; 645 bool fullclear; 646 SM_RPOOL_T *rpool; 647 { 648 register HDR *bh; 649 register HDR **nhp; 650 extern ENVELOPE BlankEnvelope; 651 char **p; 652 653 if (!fullclear) 654 { 655 /* clear out any file information */ 656 if (e->e_xfp != NULL) 657 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 658 if (e->e_dfp != NULL) 659 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 660 e->e_xfp = e->e_dfp = NULL; 661 } 662 663 /* 664 ** Copy BlankEnvelope into *e. 665 ** It is not safe to simply copy pointers to strings; 666 ** the strings themselves must be copied (or set to NULL). 667 ** The problem is that when we assign a new string value to 668 ** a member of BlankEnvelope, we free the old string. 669 ** We did not need to do this copying in sendmail 8.11 :-( 670 ** and it is a potential performance hit. Reference counted 671 ** strings are one way out. 672 */ 673 674 *e = BlankEnvelope; 675 e->e_message = NULL; 676 e->e_qfletter = '\0'; 677 e->e_quarmsg = NULL; 678 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), ""); 679 680 /* 681 ** Copy the macro table. 682 ** We might be able to avoid this by zeroing the macro table 683 ** and always searching BlankEnvelope.e_macro after e->e_macro 684 ** in macvalue(). 685 */ 686 687 for (p = &e->e_macro.mac_table[0]; 688 p <= &e->e_macro.mac_table[MAXMACROID]; 689 ++p) 690 { 691 if (*p != NULL) 692 *p = sm_rpool_strdup_x(rpool, *p); 693 } 694 695 /* 696 ** XXX There are many strings in the envelope structure 697 ** XXX that we are not attempting to copy here. 698 ** XXX Investigate this further. 699 */ 700 701 e->e_rpool = rpool; 702 e->e_macro.mac_rpool = rpool; 703 if (Verbose) 704 set_delivery_mode(SM_DELIVER, e); 705 bh = BlankEnvelope.e_header; 706 nhp = &e->e_header; 707 while (bh != NULL) 708 { 709 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof *bh); 710 memmove((char *) *nhp, (char *) bh, sizeof *bh); 711 bh = bh->h_link; 712 nhp = &(*nhp)->h_link; 713 } 714 } 715 /* 716 ** INITSYS -- initialize instantiation of system 717 ** 718 ** In Daemon mode, this is done in the child. 719 ** 720 ** Parameters: 721 ** e -- the envelope to use. 722 ** 723 ** Returns: 724 ** none. 725 ** 726 ** Side Effects: 727 ** Initializes the system macros, some global variables, 728 ** etc. In particular, the current time in various 729 ** forms is set. 730 */ 731 732 void 733 initsys(e) 734 register ENVELOPE *e; 735 { 736 char buf[10]; 737 #ifdef TTYNAME 738 static char ybuf[60]; /* holds tty id */ 739 register char *p; 740 extern char *ttyname(); 741 #endif /* TTYNAME */ 742 743 /* 744 ** Give this envelope a reality. 745 ** I.e., an id, a transcript, and a creation time. 746 ** We don't select the queue until all of the recipients are known. 747 */ 748 749 openxscript(e); 750 e->e_ctime = curtime(); 751 e->e_qfletter = '\0'; 752 753 /* 754 ** Set OutChannel to something useful if stdout isn't it. 755 ** This arranges that any extra stuff the mailer produces 756 ** gets sent back to the user on error (because it is 757 ** tucked away in the transcript). 758 */ 759 760 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) && 761 e->e_xfp != NULL) 762 OutChannel = e->e_xfp; 763 764 /* 765 ** Set up some basic system macros. 766 */ 767 768 /* process id */ 769 (void) sm_snprintf(buf, sizeof buf, "%d", (int) CurrentPid); 770 macdefine(&e->e_macro, A_TEMP, 'p', buf); 771 772 /* hop count */ 773 (void) sm_snprintf(buf, sizeof buf, "%d", e->e_hopcount); 774 macdefine(&e->e_macro, A_TEMP, 'c', buf); 775 776 /* time as integer, unix time, arpa time */ 777 settime(e); 778 779 /* Load average */ 780 sm_getla(); 781 782 #ifdef TTYNAME 783 /* tty name */ 784 if (macvalue('y', e) == NULL) 785 { 786 p = ttyname(2); 787 if (p != NULL) 788 { 789 if (strrchr(p, '/') != NULL) 790 p = strrchr(p, '/') + 1; 791 (void) sm_strlcpy(ybuf, sizeof ybuf, p); 792 macdefine(&e->e_macro, A_PERM, 'y', ybuf); 793 } 794 } 795 #endif /* TTYNAME */ 796 } 797 /* 798 ** SETTIME -- set the current time. 799 ** 800 ** Parameters: 801 ** e -- the envelope in which the macros should be set. 802 ** 803 ** Returns: 804 ** none. 805 ** 806 ** Side Effects: 807 ** Sets the various time macros -- $a, $b, $d, $t. 808 */ 809 810 void 811 settime(e) 812 register ENVELOPE *e; 813 { 814 register char *p; 815 auto time_t now; 816 char buf[30]; 817 register struct tm *tm; 818 819 now = curtime(); 820 (void) sm_snprintf(buf, sizeof buf, "%ld", (long) now); 821 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf); 822 tm = gmtime(&now); 823 (void) sm_snprintf(buf, sizeof buf, "%04d%02d%02d%02d%02d", 824 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 825 tm->tm_hour, tm->tm_min); 826 macdefine(&e->e_macro, A_TEMP, 't', buf); 827 (void) sm_strlcpy(buf, ctime(&now), sizeof buf); 828 p = strchr(buf, '\n'); 829 if (p != NULL) 830 *p = '\0'; 831 macdefine(&e->e_macro, A_TEMP, 'd', buf); 832 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf)); 833 if (macvalue('a', e) == NULL) 834 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e)); 835 } 836 /* 837 ** OPENXSCRIPT -- Open transcript file 838 ** 839 ** Creates a transcript file for possible eventual mailing or 840 ** sending back. 841 ** 842 ** Parameters: 843 ** e -- the envelope to create the transcript in/for. 844 ** 845 ** Returns: 846 ** none 847 ** 848 ** Side Effects: 849 ** Creates the transcript file. 850 */ 851 852 #ifndef O_APPEND 853 # define O_APPEND 0 854 #endif /* ! O_APPEND */ 855 856 void 857 openxscript(e) 858 register ENVELOPE *e; 859 { 860 register char *p; 861 862 if (e->e_xfp != NULL) 863 return; 864 865 #if 0 866 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags)) 867 syserr("openxscript: job not locked"); 868 #endif /* 0 */ 869 870 p = queuename(e, XSCRPT_LETTER); 871 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize, 872 SFF_NOTEXCL|SFF_OPENASROOT); 873 874 if (e->e_xfp == NULL) 875 { 876 syserr("Can't create transcript file %s", p); 877 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, 878 SM_PATH_DEVNULL, SM_IO_RDWR, NULL); 879 if (e->e_xfp == NULL) 880 syserr("!Can't open %s", SM_PATH_DEVNULL); 881 } 882 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0); 883 if (tTd(46, 9)) 884 { 885 sm_dprintf("openxscript(%s):\n ", p); 886 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true, 887 false); 888 } 889 } 890 /* 891 ** CLOSEXSCRIPT -- close the transcript file. 892 ** 893 ** Parameters: 894 ** e -- the envelope containing the transcript to close. 895 ** 896 ** Returns: 897 ** none. 898 ** 899 ** Side Effects: 900 ** none. 901 */ 902 903 void 904 closexscript(e) 905 register ENVELOPE *e; 906 { 907 if (e->e_xfp == NULL) 908 return; 909 #if 0 910 if (e->e_lockfp == NULL) 911 syserr("closexscript: job not locked"); 912 #endif /* 0 */ 913 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 914 e->e_xfp = NULL; 915 } 916 /* 917 ** SETSENDER -- set the person who this message is from 918 ** 919 ** Under certain circumstances allow the user to say who 920 ** s/he is (using -f or -r). These are: 921 ** 1. The user's uid is zero (root). 922 ** 2. The user's login name is in an approved list (typically 923 ** from a network server). 924 ** 3. The address the user is trying to claim has a 925 ** "!" character in it (since #2 doesn't do it for 926 ** us if we are dialing out for UUCP). 927 ** A better check to replace #3 would be if the 928 ** effective uid is "UUCP" -- this would require me 929 ** to rewrite getpwent to "grab" uucp as it went by, 930 ** make getname more nasty, do another passwd file 931 ** scan, or compile the UID of "UUCP" into the code, 932 ** all of which are reprehensible. 933 ** 934 ** Assuming all of these fail, we figure out something 935 ** ourselves. 936 ** 937 ** Parameters: 938 ** from -- the person we would like to believe this message 939 ** is from, as specified on the command line. 940 ** e -- the envelope in which we would like the sender set. 941 ** delimptr -- if non-NULL, set to the location of the 942 ** trailing delimiter. 943 ** delimchar -- the character that will delimit the sender 944 ** address. 945 ** internal -- set if this address is coming from an internal 946 ** source such as an owner alias. 947 ** 948 ** Returns: 949 ** none. 950 ** 951 ** Side Effects: 952 ** sets sendmail's notion of who the from person is. 953 */ 954 955 void 956 setsender(from, e, delimptr, delimchar, internal) 957 char *from; 958 register ENVELOPE *e; 959 char **delimptr; 960 int delimchar; 961 bool internal; 962 { 963 register char **pvp; 964 char *realname = NULL; 965 char *bp; 966 char buf[MAXNAME + 2]; 967 char pvpbuf[PSBUFSIZE]; 968 extern char *FullName; 969 970 if (tTd(45, 1)) 971 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from); 972 973 /* may be set from earlier calls */ 974 macdefine(&e->e_macro, A_PERM, 'x', ""); 975 976 /* 977 ** Figure out the real user executing us. 978 ** Username can return errno != 0 on non-errors. 979 */ 980 981 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP || 982 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON) 983 realname = from; 984 if (realname == NULL || realname[0] == '\0') 985 realname = username(); 986 987 if (ConfigLevel < 2) 988 SuprErrs = true; 989 990 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 991 992 /* preset state for then clause in case from == NULL */ 993 e->e_from.q_state = QS_BADADDR; 994 e->e_from.q_flags = 0; 995 if (from == NULL || 996 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR, 997 delimchar, delimptr, e, false) == NULL || 998 QS_IS_BADADDR(e->e_from.q_state) || 999 e->e_from.q_mailer == ProgMailer || 1000 e->e_from.q_mailer == FileMailer || 1001 e->e_from.q_mailer == InclMailer) 1002 { 1003 /* log garbage addresses for traceback */ 1004 if (from != NULL && LogLevel > 2) 1005 { 1006 char *p; 1007 char ebuf[MAXNAME * 2 + 2]; 1008 1009 p = macvalue('_', e); 1010 if (p == NULL) 1011 { 1012 char *host = RealHostName; 1013 1014 if (host == NULL) 1015 host = MyHostName; 1016 (void) sm_snprintf(ebuf, sizeof ebuf, 1017 "%.*s@%.*s", MAXNAME, 1018 realname, MAXNAME, host); 1019 p = ebuf; 1020 } 1021 sm_syslog(LOG_NOTICE, e->e_id, 1022 "setsender: %s: invalid or unparsable, received from %s", 1023 shortenstring(from, 83), p); 1024 } 1025 if (from != NULL) 1026 { 1027 if (!QS_IS_BADADDR(e->e_from.q_state)) 1028 { 1029 /* it was a bogus mailer in the from addr */ 1030 e->e_status = "5.1.7"; 1031 usrerrenh(e->e_status, 1032 "553 Invalid sender address"); 1033 } 1034 SuprErrs = true; 1035 } 1036 if (from == realname || 1037 parseaddr(from = realname, 1038 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ', 1039 NULL, e, false) == NULL) 1040 { 1041 char nbuf[100]; 1042 1043 SuprErrs = true; 1044 expand("\201n", nbuf, sizeof nbuf, e); 1045 from = sm_rpool_strdup_x(e->e_rpool, nbuf); 1046 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ', 1047 NULL, e, false) == NULL && 1048 parseaddr(from = "postmaster", &e->e_from, 1049 RF_COPYALL, ' ', NULL, e, false) == NULL) 1050 syserr("553 5.3.0 setsender: can't even parse postmaster!"); 1051 } 1052 } 1053 else 1054 FromFlag = true; 1055 e->e_from.q_state = QS_SENDER; 1056 if (tTd(45, 5)) 1057 { 1058 sm_dprintf("setsender: QS_SENDER "); 1059 printaddr(sm_debug_file(), &e->e_from, false); 1060 } 1061 SuprErrs = false; 1062 1063 #if USERDB 1064 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags)) 1065 { 1066 register char *p; 1067 1068 p = udbsender(e->e_from.q_user, e->e_rpool); 1069 if (p != NULL) 1070 from = p; 1071 } 1072 #endif /* USERDB */ 1073 1074 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags)) 1075 { 1076 SM_MBDB_T user; 1077 1078 if (!internal) 1079 { 1080 /* if the user already given fullname don't redefine */ 1081 if (FullName == NULL) 1082 FullName = macvalue('x', e); 1083 if (FullName != NULL) 1084 { 1085 if (FullName[0] == '\0') 1086 FullName = NULL; 1087 else 1088 FullName = newstr(FullName); 1089 } 1090 } 1091 1092 if (e->e_from.q_user[0] != '\0' && 1093 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK) 1094 { 1095 /* 1096 ** Process passwd file entry. 1097 */ 1098 1099 /* extract home directory */ 1100 if (*user.mbdb_homedir == '\0') 1101 e->e_from.q_home = NULL; 1102 else if (strcmp(user.mbdb_homedir, "/") == 0) 1103 e->e_from.q_home = ""; 1104 else 1105 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool, 1106 user.mbdb_homedir); 1107 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home); 1108 1109 /* extract user and group id */ 1110 if (user.mbdb_uid != SM_NO_UID) 1111 { 1112 e->e_from.q_uid = user.mbdb_uid; 1113 e->e_from.q_gid = user.mbdb_gid; 1114 e->e_from.q_flags |= QGOODUID; 1115 } 1116 1117 /* extract full name from passwd file */ 1118 if (FullName == NULL && !internal && 1119 user.mbdb_fullname[0] != '\0' && 1120 strcmp(user.mbdb_name, e->e_from.q_user) == 0) 1121 { 1122 FullName = newstr(user.mbdb_fullname); 1123 } 1124 } 1125 else 1126 { 1127 e->e_from.q_home = NULL; 1128 } 1129 if (FullName != NULL && !internal) 1130 macdefine(&e->e_macro, A_TEMP, 'x', FullName); 1131 } 1132 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP) 1133 { 1134 if (e->e_from.q_home == NULL) 1135 { 1136 e->e_from.q_home = getenv("HOME"); 1137 if (e->e_from.q_home != NULL) 1138 { 1139 if (*e->e_from.q_home == '\0') 1140 e->e_from.q_home = NULL; 1141 else if (strcmp(e->e_from.q_home, "/") == 0) 1142 e->e_from.q_home++; 1143 } 1144 } 1145 e->e_from.q_uid = RealUid; 1146 e->e_from.q_gid = RealGid; 1147 e->e_from.q_flags |= QGOODUID; 1148 } 1149 1150 /* 1151 ** Rewrite the from person to dispose of possible implicit 1152 ** links in the net. 1153 */ 1154 1155 pvp = prescan(from, delimchar, pvpbuf, sizeof pvpbuf, NULL, NULL, false); 1156 if (pvp == NULL) 1157 { 1158 /* don't need to give error -- prescan did that already */ 1159 if (LogLevel > 2) 1160 sm_syslog(LOG_NOTICE, e->e_id, 1161 "cannot prescan from (%s)", 1162 shortenstring(from, MAXSHORTSTR)); 1163 finis(true, true, ExitStat); 1164 } 1165 (void) REWRITE(pvp, 3, e); 1166 (void) REWRITE(pvp, 1, e); 1167 (void) REWRITE(pvp, 4, e); 1168 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1169 bp = buf + 1; 1170 cataddr(pvp, NULL, bp, sizeof buf - 2, '\0'); 1171 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags)) 1172 { 1173 /* heuristic: route-addr: add angle brackets */ 1174 (void) sm_strlcat(bp, ">", sizeof buf - 1); 1175 *--bp = '<'; 1176 } 1177 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp); 1178 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender); 1179 1180 /* save the domain spec if this mailer wants it */ 1181 if (e->e_from.q_mailer != NULL && 1182 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags)) 1183 { 1184 char **lastat; 1185 1186 /* get rid of any pesky angle brackets */ 1187 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 1188 (void) REWRITE(pvp, 3, e); 1189 (void) REWRITE(pvp, 1, e); 1190 (void) REWRITE(pvp, 4, e); 1191 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1192 1193 /* strip off to the last "@" sign */ 1194 for (lastat = NULL; *pvp != NULL; pvp++) 1195 { 1196 if (strcmp(*pvp, "@") == 0) 1197 lastat = pvp; 1198 } 1199 if (lastat != NULL) 1200 { 1201 e->e_fromdomain = copyplist(lastat, true, e->e_rpool); 1202 if (tTd(45, 3)) 1203 { 1204 sm_dprintf("Saving from domain: "); 1205 printav(sm_debug_file(), e->e_fromdomain); 1206 } 1207 } 1208 } 1209 } 1210 /* 1211 ** PRINTENVFLAGS -- print envelope flags for debugging 1212 ** 1213 ** Parameters: 1214 ** e -- the envelope with the flags to be printed. 1215 ** 1216 ** Returns: 1217 ** none. 1218 */ 1219 1220 struct eflags 1221 { 1222 char *ef_name; 1223 unsigned long ef_bit; 1224 }; 1225 1226 static struct eflags EnvelopeFlags[] = 1227 { 1228 { "OLDSTYLE", EF_OLDSTYLE }, 1229 { "INQUEUE", EF_INQUEUE }, 1230 { "NO_BODY_RETN", EF_NO_BODY_RETN }, 1231 { "CLRQUEUE", EF_CLRQUEUE }, 1232 { "SENDRECEIPT", EF_SENDRECEIPT }, 1233 { "FATALERRS", EF_FATALERRS }, 1234 { "DELETE_BCC", EF_DELETE_BCC }, 1235 { "RESPONSE", EF_RESPONSE }, 1236 { "RESENT", EF_RESENT }, 1237 { "VRFYONLY", EF_VRFYONLY }, 1238 { "WARNING", EF_WARNING }, 1239 { "QUEUERUN", EF_QUEUERUN }, 1240 { "GLOBALERRS", EF_GLOBALERRS }, 1241 { "PM_NOTIFY", EF_PM_NOTIFY }, 1242 { "METOO", EF_METOO }, 1243 { "LOGSENDER", EF_LOGSENDER }, 1244 { "NORECEIPT", EF_NORECEIPT }, 1245 { "HAS8BIT", EF_HAS8BIT }, 1246 { "NL_NOT_EOL", EF_NL_NOT_EOL }, 1247 { "CRLF_NOT_EOL", EF_CRLF_NOT_EOL }, 1248 { "RET_PARAM", EF_RET_PARAM }, 1249 { "HAS_DF", EF_HAS_DF }, 1250 { "IS_MIME", EF_IS_MIME }, 1251 { "DONT_MIME", EF_DONT_MIME }, 1252 { "DISCARD", EF_DISCARD }, 1253 { "TOOBIG", EF_TOOBIG }, 1254 { "SPLIT", EF_SPLIT }, 1255 { "UNSAFE", EF_UNSAFE }, 1256 { NULL, 0 } 1257 }; 1258 1259 void 1260 printenvflags(e) 1261 register ENVELOPE *e; 1262 { 1263 register struct eflags *ef; 1264 bool first = true; 1265 1266 sm_dprintf("%lx", e->e_flags); 1267 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++) 1268 { 1269 if (!bitset(ef->ef_bit, e->e_flags)) 1270 continue; 1271 if (first) 1272 sm_dprintf("<%s", ef->ef_name); 1273 else 1274 sm_dprintf(",%s", ef->ef_name); 1275 first = false; 1276 } 1277 if (!first) 1278 sm_dprintf(">\n"); 1279 } 1280