1 /* 2 * Copyright (c) 1999-2005 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * 5 * By using this file, you agree to the terms and conditions set 6 * forth in the LICENSE file which can be found at the top level of 7 * the sendmail distribution. 8 * 9 */ 10 11 #include <sendmail.h> 12 13 SM_RCSID("@(#)$Id: milter.c,v 8.229 2005/03/02 02:32:34 ca Exp $") 14 15 #if MILTER 16 # include <libmilter/mfapi.h> 17 # include <libmilter/mfdef.h> 18 19 # include <errno.h> 20 # include <sys/time.h> 21 # include <sys/uio.h> 22 23 # if NETINET || NETINET6 24 # include <arpa/inet.h> 25 # if _FFR_MILTER_NAGLE 26 # include <netinet/tcp.h> 27 # endif /* _FFR_MILTER_NAGLE */ 28 # endif /* NETINET || NETINET6 */ 29 30 # include <sm/fdset.h> 31 32 static void milter_connect_timeout __P((int)); 33 static void milter_error __P((struct milter *, ENVELOPE *)); 34 static int milter_open __P((struct milter *, bool, ENVELOPE *)); 35 static void milter_parse_timeouts __P((char *, struct milter *)); 36 37 static char *MilterConnectMacros[MAXFILTERMACROS + 1]; 38 static char *MilterHeloMacros[MAXFILTERMACROS + 1]; 39 static char *MilterEnvFromMacros[MAXFILTERMACROS + 1]; 40 static char *MilterEnvRcptMacros[MAXFILTERMACROS + 1]; 41 static char *MilterDataMacros[MAXFILTERMACROS + 1]; 42 static char *MilterEOMMacros[MAXFILTERMACROS + 1]; 43 static size_t MilterMaxDataSize = MILTER_MAX_DATA_SIZE; 44 45 # define MILTER_CHECK_DONE_MSG() \ 46 if (*state == SMFIR_REPLYCODE || \ 47 *state == SMFIR_REJECT || \ 48 *state == SMFIR_DISCARD || \ 49 *state == SMFIR_TEMPFAIL) \ 50 { \ 51 /* Abort the filters to let them know we are done with msg */ \ 52 milter_abort(e); \ 53 } 54 55 # define MILTER_CHECK_ERROR(initial, action) \ 56 if (!initial && tTd(71, 100)) \ 57 { \ 58 if (e->e_quarmsg == NULL) \ 59 { \ 60 e->e_quarmsg = sm_rpool_strdup_x(e->e_rpool, \ 61 "filter failure"); \ 62 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), \ 63 e->e_quarmsg); \ 64 } \ 65 } \ 66 else if (tTd(71, 101)) \ 67 { \ 68 if (e->e_quarmsg == NULL) \ 69 { \ 70 e->e_quarmsg = sm_rpool_strdup_x(e->e_rpool, \ 71 "filter failure"); \ 72 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), \ 73 e->e_quarmsg); \ 74 } \ 75 } \ 76 else if (bitnset(SMF_TEMPFAIL, m->mf_flags)) \ 77 *state = SMFIR_TEMPFAIL; \ 78 else if (bitnset(SMF_TEMPDROP, m->mf_flags)) \ 79 *state = SMFIR_SHUTDOWN; \ 80 else if (bitnset(SMF_REJECT, m->mf_flags)) \ 81 *state = SMFIR_REJECT; \ 82 else \ 83 action; 84 85 # define MILTER_CHECK_REPLYCODE(default) \ 86 if (response == NULL || \ 87 strlen(response) + 1 != (size_t) rlen || \ 88 rlen < 3 || \ 89 (response[0] != '4' && response[0] != '5') || \ 90 !isascii(response[1]) || !isdigit(response[1]) || \ 91 !isascii(response[2]) || !isdigit(response[2])) \ 92 { \ 93 if (response != NULL) \ 94 sm_free(response); /* XXX */ \ 95 response = newstr(default); \ 96 } \ 97 else \ 98 { \ 99 char *ptr = response; \ 100 \ 101 /* Check for unprotected %'s in the string */ \ 102 while (*ptr != '\0') \ 103 { \ 104 if (*ptr == '%' && *++ptr != '%') \ 105 { \ 106 sm_free(response); /* XXX */ \ 107 response = newstr(default); \ 108 break; \ 109 } \ 110 ptr++; \ 111 } \ 112 } 113 114 # define MILTER_DF_ERROR(msg) \ 115 { \ 116 int save_errno = errno; \ 117 \ 118 if (tTd(64, 5)) \ 119 { \ 120 sm_dprintf(msg, dfname, sm_errstring(save_errno)); \ 121 sm_dprintf("\n"); \ 122 } \ 123 if (MilterLogLevel > 0) \ 124 sm_syslog(LOG_ERR, e->e_id, msg, dfname, sm_errstring(save_errno)); \ 125 if (SuperSafe == SAFE_REALLY) \ 126 { \ 127 if (e->e_dfp != NULL) \ 128 { \ 129 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); \ 130 e->e_dfp = NULL; \ 131 } \ 132 e->e_flags &= ~EF_HAS_DF; \ 133 } \ 134 errno = save_errno; \ 135 } 136 137 /* 138 ** MILTER_TIMEOUT -- make sure socket is ready in time 139 ** 140 ** Parameters: 141 ** routine -- routine name for debug/logging 142 ** secs -- number of seconds in timeout 143 ** write -- waiting to read or write? 144 ** started -- whether this is part of a previous sequence 145 ** 146 ** Assumes 'm' is a milter structure for the current socket. 147 */ 148 149 # define MILTER_TIMEOUT(routine, secs, write, started) \ 150 { \ 151 int ret; \ 152 int save_errno; \ 153 fd_set fds; \ 154 struct timeval tv; \ 155 \ 156 if (SM_FD_SETSIZE > 0 && m->mf_sock >= SM_FD_SETSIZE) \ 157 { \ 158 if (tTd(64, 5)) \ 159 sm_dprintf("milter_%s(%s): socket %d is larger than FD_SETSIZE %d\n", \ 160 (routine), m->mf_name, m->mf_sock, \ 161 SM_FD_SETSIZE); \ 162 if (MilterLogLevel > 0) \ 163 sm_syslog(LOG_ERR, e->e_id, \ 164 "Milter (%s): socket(%s) %d is larger than FD_SETSIZE %d", \ 165 m->mf_name, (routine), m->mf_sock, \ 166 SM_FD_SETSIZE); \ 167 milter_error(m, e); \ 168 return NULL; \ 169 } \ 170 \ 171 do \ 172 { \ 173 FD_ZERO(&fds); \ 174 SM_FD_SET(m->mf_sock, &fds); \ 175 tv.tv_sec = (secs); \ 176 tv.tv_usec = 0; \ 177 ret = select(m->mf_sock + 1, \ 178 (write) ? NULL : &fds, \ 179 (write) ? &fds : NULL, \ 180 NULL, &tv); \ 181 } while (ret < 0 && errno == EINTR); \ 182 \ 183 switch (ret) \ 184 { \ 185 case 0: \ 186 if (tTd(64, 5)) \ 187 sm_dprintf("milter_%s(%s): timeout\n", (routine), \ 188 m->mf_name); \ 189 if (MilterLogLevel > 0) \ 190 sm_syslog(LOG_ERR, e->e_id, \ 191 "Milter (%s): %s %s %s %s", \ 192 m->mf_name, "timeout", \ 193 started ? "during" : "before", \ 194 "data", (routine)); \ 195 milter_error(m, e); \ 196 return NULL; \ 197 \ 198 case -1: \ 199 save_errno = errno; \ 200 if (tTd(64, 5)) \ 201 sm_dprintf("milter_%s(%s): select: %s\n", (routine), \ 202 m->mf_name, sm_errstring(save_errno)); \ 203 if (MilterLogLevel > 0) \ 204 { \ 205 sm_syslog(LOG_ERR, e->e_id, \ 206 "Milter (%s): select(%s): %s", \ 207 m->mf_name, (routine), \ 208 sm_errstring(save_errno)); \ 209 } \ 210 milter_error(m, e); \ 211 return NULL; \ 212 \ 213 default: \ 214 if (SM_FD_ISSET(m->mf_sock, &fds)) \ 215 break; \ 216 if (tTd(64, 5)) \ 217 sm_dprintf("milter_%s(%s): socket not ready\n", \ 218 (routine), m->mf_name); \ 219 if (MilterLogLevel > 0) \ 220 { \ 221 sm_syslog(LOG_ERR, e->e_id, \ 222 "Milter (%s): socket(%s) not ready", \ 223 m->mf_name, (routine)); \ 224 } \ 225 milter_error(m, e); \ 226 return NULL; \ 227 } \ 228 } 229 230 /* 231 ** Low level functions 232 */ 233 234 /* 235 ** MILTER_READ -- read from a remote milter filter 236 ** 237 ** Parameters: 238 ** m -- milter to read from. 239 ** cmd -- return param for command read. 240 ** rlen -- return length of response string. 241 ** to -- timeout in seconds. 242 ** e -- current envelope. 243 ** 244 ** Returns: 245 ** response string (may be NULL) 246 */ 247 248 static char * 249 milter_sysread(m, buf, sz, to, e) 250 struct milter *m; 251 char *buf; 252 ssize_t sz; 253 time_t to; 254 ENVELOPE *e; 255 { 256 time_t readstart = 0; 257 ssize_t len, curl; 258 bool started = false; 259 260 curl = 0; 261 262 if (to > 0) 263 readstart = curtime(); 264 265 for (;;) 266 { 267 if (to > 0) 268 { 269 time_t now; 270 271 now = curtime(); 272 if (now - readstart >= to) 273 { 274 if (tTd(64, 5)) 275 sm_dprintf("milter_read (%s): %s %s %s", 276 m->mf_name, "timeout", 277 started ? "during" : "before", 278 "data read"); 279 if (MilterLogLevel > 0) 280 sm_syslog(LOG_ERR, e->e_id, 281 "Milter (%s): %s %s %s", 282 m->mf_name, "timeout", 283 started ? "during" : "before", 284 "data read"); 285 milter_error(m, e); 286 return NULL; 287 } 288 to -= now - readstart; 289 readstart = now; 290 MILTER_TIMEOUT("read", to, false, started); 291 } 292 293 len = read(m->mf_sock, buf + curl, sz - curl); 294 295 if (len < 0) 296 { 297 int save_errno = errno; 298 299 if (tTd(64, 5)) 300 sm_dprintf("milter_read(%s): read returned %ld: %s\n", 301 m->mf_name, (long) len, 302 sm_errstring(save_errno)); 303 if (MilterLogLevel > 0) 304 sm_syslog(LOG_ERR, e->e_id, 305 "Milter (%s): read returned %ld: %s", 306 m->mf_name, (long) len, 307 sm_errstring(save_errno)); 308 milter_error(m, e); 309 return NULL; 310 } 311 312 started = true; 313 curl += len; 314 if (len == 0 || curl >= sz) 315 break; 316 317 } 318 319 if (curl != sz) 320 { 321 if (tTd(64, 5)) 322 sm_dprintf("milter_read(%s): cmd read returned %ld, expecting %ld\n", 323 m->mf_name, (long) curl, (long) sz); 324 if (MilterLogLevel > 0) 325 sm_syslog(LOG_ERR, e->e_id, 326 "milter_read(%s): cmd read returned %ld, expecting %ld", 327 m->mf_name, (long) curl, (long) sz); 328 milter_error(m, e); 329 return NULL; 330 } 331 return buf; 332 } 333 334 static char * 335 milter_read(m, cmd, rlen, to, e) 336 struct milter *m; 337 char *cmd; 338 ssize_t *rlen; 339 time_t to; 340 ENVELOPE *e; 341 { 342 time_t readstart = 0; 343 ssize_t expl; 344 mi_int32 i; 345 # if _FFR_MILTER_NAGLE 346 # ifdef TCP_CORK 347 int cork = 0; 348 # endif 349 # endif /* _FFR_MILTER_NAGLE */ 350 char *buf; 351 char data[MILTER_LEN_BYTES + 1]; 352 353 if (m->mf_sock < 0) 354 { 355 if (MilterLogLevel > 0) 356 sm_syslog(LOG_ERR, e->e_id, 357 "milter_read(%s): socket closed", 358 m->mf_name); 359 milter_error(m, e); 360 return NULL; 361 } 362 363 *rlen = 0; 364 *cmd = '\0'; 365 366 if (to > 0) 367 readstart = curtime(); 368 369 # if _FFR_MILTER_NAGLE 370 # ifdef TCP_CORK 371 setsockopt(m->mf_sock, IPPROTO_TCP, TCP_CORK, (char *)&cork, 372 sizeof(cork)); 373 # endif 374 # endif /* _FFR_MILTER_NAGLE */ 375 376 if (milter_sysread(m, data, sizeof data, to, e) == NULL) 377 return NULL; 378 379 # if _FFR_MILTER_NAGLE 380 # ifdef TCP_CORK 381 cork = 1; 382 setsockopt(m->mf_sock, IPPROTO_TCP, TCP_CORK, (char *)&cork, 383 sizeof(cork)); 384 # endif 385 # endif /* _FFR_MILTER_NAGLE */ 386 387 /* reset timeout */ 388 if (to > 0) 389 { 390 time_t now; 391 392 now = curtime(); 393 if (now - readstart >= to) 394 { 395 if (tTd(64, 5)) 396 sm_dprintf("milter_read(%s): timeout before data read\n", 397 m->mf_name); 398 if (MilterLogLevel > 0) 399 sm_syslog(LOG_ERR, e->e_id, 400 "Milter read(%s): timeout before data read", 401 m->mf_name); 402 milter_error(m, e); 403 return NULL; 404 } 405 to -= now - readstart; 406 } 407 408 *cmd = data[MILTER_LEN_BYTES]; 409 data[MILTER_LEN_BYTES] = '\0'; 410 (void) memcpy(&i, data, MILTER_LEN_BYTES); 411 expl = ntohl(i) - 1; 412 413 if (tTd(64, 25)) 414 sm_dprintf("milter_read(%s): expecting %ld bytes\n", 415 m->mf_name, (long) expl); 416 417 if (expl < 0) 418 { 419 if (tTd(64, 5)) 420 sm_dprintf("milter_read(%s): read size %ld out of range\n", 421 m->mf_name, (long) expl); 422 if (MilterLogLevel > 0) 423 sm_syslog(LOG_ERR, e->e_id, 424 "milter_read(%s): read size %ld out of range", 425 m->mf_name, (long) expl); 426 milter_error(m, e); 427 return NULL; 428 } 429 430 if (expl == 0) 431 return NULL; 432 433 buf = (char *) xalloc(expl); 434 435 if (milter_sysread(m, buf, expl, to, e) == NULL) 436 { 437 sm_free(buf); /* XXX */ 438 return NULL; 439 } 440 441 if (tTd(64, 50)) 442 sm_dprintf("milter_read(%s): Returning %*s\n", 443 m->mf_name, (int) expl, buf); 444 *rlen = expl; 445 return buf; 446 } 447 448 /* 449 ** MILTER_WRITE -- write to a remote milter filter 450 ** 451 ** Parameters: 452 ** m -- milter to read from. 453 ** cmd -- command to send. 454 ** buf -- optional command data. 455 ** len -- length of buf. 456 ** to -- timeout in seconds. 457 ** e -- current envelope. 458 ** 459 ** Returns: 460 ** buf if successful, NULL otherwise 461 ** Not actually used anywhere but function prototype 462 ** must match milter_read() 463 */ 464 465 static char * 466 milter_write(m, cmd, buf, len, to, e) 467 struct milter *m; 468 char cmd; 469 char *buf; 470 ssize_t len; 471 time_t to; 472 ENVELOPE *e; 473 { 474 time_t writestart = (time_t) 0; 475 ssize_t sl, i; 476 int num_vectors; 477 mi_int32 nl; 478 char data[MILTER_LEN_BYTES + 1]; 479 bool started = false; 480 struct iovec vector[2]; 481 482 /* 483 ** At most two buffers will be written, though 484 ** only one may actually be used (see num_vectors). 485 ** The first is the size/command and the second is the command data. 486 */ 487 488 if (len < 0 || len > MilterMaxDataSize) 489 { 490 if (tTd(64, 5)) 491 sm_dprintf("milter_write(%s): length %ld out of range\n", 492 m->mf_name, (long) len); 493 if (MilterLogLevel > 0) 494 sm_syslog(LOG_ERR, e->e_id, 495 "milter_write(%s): length %ld out of range", 496 m->mf_name, (long) len); 497 milter_error(m, e); 498 return NULL; 499 } 500 if (m->mf_sock < 0) 501 { 502 if (MilterLogLevel > 0) 503 sm_syslog(LOG_ERR, e->e_id, 504 "milter_write(%s): socket closed", 505 m->mf_name); 506 milter_error(m, e); 507 return NULL; 508 } 509 510 if (tTd(64, 20)) 511 sm_dprintf("milter_write(%s): cmd %c, len %ld\n", 512 m->mf_name, cmd, (long) len); 513 514 nl = htonl(len + 1); /* add 1 for the cmd char */ 515 (void) memcpy(data, (char *) &nl, MILTER_LEN_BYTES); 516 data[MILTER_LEN_BYTES] = cmd; 517 sl = MILTER_LEN_BYTES + 1; 518 519 /* set up the vector for the size / command */ 520 vector[0].iov_base = (void *) data; 521 vector[0].iov_len = sl; 522 523 /* 524 ** Determine if there is command data. If so, there will be two 525 ** vectors. If not, there will be only one. The vectors are set 526 ** up here and 'num_vectors' and 'sl' are set appropriately. 527 */ 528 529 /* NOTE: len<0 has already been checked for. Pedantic */ 530 if (len <= 0 || buf == NULL) 531 { 532 /* There is no command data -- only a size / command data */ 533 num_vectors = 1; 534 } 535 else 536 { 537 /* 538 ** There is both size / command and command data. 539 ** Set up the vector for the command data. 540 */ 541 542 num_vectors = 2; 543 sl += len; 544 vector[1].iov_base = (void *) buf; 545 vector[1].iov_len = len; 546 547 if (tTd(64, 50)) 548 sm_dprintf("milter_write(%s): Sending %*s\n", 549 m->mf_name, (int) len, buf); 550 } 551 552 if (to > 0) 553 { 554 writestart = curtime(); 555 MILTER_TIMEOUT("write", to, true, started); 556 } 557 558 /* write the vector(s) */ 559 i = writev(m->mf_sock, vector, num_vectors); 560 if (i != sl) 561 { 562 int save_errno = errno; 563 564 if (tTd(64, 5)) 565 sm_dprintf("milter_write(%s): write(%c) returned %ld, expected %ld: %s\n", 566 m->mf_name, cmd, (long) i, (long) sl, 567 sm_errstring(save_errno)); 568 if (MilterLogLevel > 0) 569 sm_syslog(LOG_ERR, e->e_id, 570 "Milter (%s): write(%c) returned %ld, expected %ld: %s", 571 m->mf_name, cmd, (long) i, (long) sl, 572 sm_errstring(save_errno)); 573 milter_error(m, e); 574 return NULL; 575 } 576 return buf; 577 } 578 579 /* 580 ** Utility functions 581 */ 582 583 /* 584 ** MILTER_OPEN -- connect to remote milter filter 585 ** 586 ** Parameters: 587 ** m -- milter to connect to. 588 ** parseonly -- parse but don't connect. 589 ** e -- current envelope. 590 ** 591 ** Returns: 592 ** connected socket if successful && !parseonly, 593 ** 0 upon parse success if parseonly, 594 ** -1 otherwise. 595 */ 596 597 static jmp_buf MilterConnectTimeout; 598 599 static int 600 milter_open(m, parseonly, e) 601 struct milter *m; 602 bool parseonly; 603 ENVELOPE *e; 604 { 605 int sock = 0; 606 SOCKADDR_LEN_T addrlen = 0; 607 int addrno = 0; 608 int save_errno; 609 char *p; 610 char *colon; 611 char *at; 612 struct hostent *hp = NULL; 613 SOCKADDR addr; 614 615 if (m->mf_conn == NULL || m->mf_conn[0] == '\0') 616 { 617 if (tTd(64, 5)) 618 sm_dprintf("X%s: empty or missing socket information\n", 619 m->mf_name); 620 if (parseonly) 621 syserr("X%s: empty or missing socket information", 622 m->mf_name); 623 else if (MilterLogLevel > 0) 624 sm_syslog(LOG_ERR, e->e_id, 625 "Milter (%s): empty or missing socket information", 626 m->mf_name); 627 milter_error(m, e); 628 return -1; 629 } 630 631 /* protocol:filename or protocol:port@host */ 632 memset(&addr, '\0', sizeof addr); 633 p = m->mf_conn; 634 colon = strchr(p, ':'); 635 if (colon != NULL) 636 { 637 *colon = '\0'; 638 639 if (*p == '\0') 640 { 641 # if NETUNIX 642 /* default to AF_UNIX */ 643 addr.sa.sa_family = AF_UNIX; 644 # else /* NETUNIX */ 645 # if NETINET 646 /* default to AF_INET */ 647 addr.sa.sa_family = AF_INET; 648 # else /* NETINET */ 649 # if NETINET6 650 /* default to AF_INET6 */ 651 addr.sa.sa_family = AF_INET6; 652 # else /* NETINET6 */ 653 /* no protocols available */ 654 if (MilterLogLevel > 0) 655 sm_syslog(LOG_ERR, e->e_id, 656 "Milter (%s): no valid socket protocols available", 657 m->mf_name); 658 milter_error(m, e); 659 return -1; 660 # endif /* NETINET6 */ 661 # endif /* NETINET */ 662 # endif /* NETUNIX */ 663 } 664 # if NETUNIX 665 else if (sm_strcasecmp(p, "unix") == 0 || 666 sm_strcasecmp(p, "local") == 0) 667 addr.sa.sa_family = AF_UNIX; 668 # endif /* NETUNIX */ 669 # if NETINET 670 else if (sm_strcasecmp(p, "inet") == 0) 671 addr.sa.sa_family = AF_INET; 672 # endif /* NETINET */ 673 # if NETINET6 674 else if (sm_strcasecmp(p, "inet6") == 0) 675 addr.sa.sa_family = AF_INET6; 676 # endif /* NETINET6 */ 677 else 678 { 679 # ifdef EPROTONOSUPPORT 680 errno = EPROTONOSUPPORT; 681 # else /* EPROTONOSUPPORT */ 682 errno = EINVAL; 683 # endif /* EPROTONOSUPPORT */ 684 if (tTd(64, 5)) 685 sm_dprintf("X%s: unknown socket type %s\n", 686 m->mf_name, p); 687 if (parseonly) 688 syserr("X%s: unknown socket type %s", 689 m->mf_name, p); 690 else if (MilterLogLevel > 0) 691 sm_syslog(LOG_ERR, e->e_id, 692 "Milter (%s): unknown socket type %s", 693 m->mf_name, p); 694 milter_error(m, e); 695 return -1; 696 } 697 *colon++ = ':'; 698 } 699 else 700 { 701 /* default to AF_UNIX */ 702 addr.sa.sa_family = AF_UNIX; 703 colon = p; 704 } 705 706 # if NETUNIX 707 if (addr.sa.sa_family == AF_UNIX) 708 { 709 long sff = SFF_SAFEDIRPATH|SFF_OPENASROOT|SFF_NOLINK|SFF_EXECOK; 710 711 at = colon; 712 if (strlen(colon) >= sizeof addr.sunix.sun_path) 713 { 714 if (tTd(64, 5)) 715 sm_dprintf("X%s: local socket name %s too long\n", 716 m->mf_name, colon); 717 errno = EINVAL; 718 if (parseonly) 719 syserr("X%s: local socket name %s too long", 720 m->mf_name, colon); 721 else if (MilterLogLevel > 0) 722 sm_syslog(LOG_ERR, e->e_id, 723 "Milter (%s): local socket name %s too long", 724 m->mf_name, colon); 725 milter_error(m, e); 726 return -1; 727 } 728 errno = safefile(colon, RunAsUid, RunAsGid, RunAsUserName, sff, 729 S_IRUSR|S_IWUSR, NULL); 730 731 /* if just parsing .cf file, socket doesn't need to exist */ 732 if (parseonly && errno == ENOENT) 733 { 734 if (OpMode == MD_DAEMON || 735 OpMode == MD_FGDAEMON) 736 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT, 737 "WARNING: X%s: local socket name %s missing\n", 738 m->mf_name, colon); 739 } 740 else if (errno != 0) 741 { 742 /* if not safe, don't create */ 743 save_errno = errno; 744 if (tTd(64, 5)) 745 sm_dprintf("X%s: local socket name %s unsafe\n", 746 m->mf_name, colon); 747 errno = save_errno; 748 if (parseonly) 749 { 750 if (OpMode == MD_DAEMON || 751 OpMode == MD_FGDAEMON || 752 OpMode == MD_SMTP) 753 syserr("X%s: local socket name %s unsafe", 754 m->mf_name, colon); 755 } 756 else if (MilterLogLevel > 0) 757 sm_syslog(LOG_ERR, e->e_id, 758 "Milter (%s): local socket name %s unsafe", 759 m->mf_name, colon); 760 milter_error(m, e); 761 return -1; 762 } 763 764 (void) sm_strlcpy(addr.sunix.sun_path, colon, 765 sizeof addr.sunix.sun_path); 766 addrlen = sizeof (struct sockaddr_un); 767 } 768 else 769 # endif /* NETUNIX */ 770 # if NETINET || NETINET6 771 if (false 772 # if NETINET 773 || addr.sa.sa_family == AF_INET 774 # endif /* NETINET */ 775 # if NETINET6 776 || addr.sa.sa_family == AF_INET6 777 # endif /* NETINET6 */ 778 ) 779 { 780 unsigned short port; 781 782 /* Parse port@host */ 783 at = strchr(colon, '@'); 784 if (at == NULL) 785 { 786 if (tTd(64, 5)) 787 sm_dprintf("X%s: bad address %s (expected port@host)\n", 788 m->mf_name, colon); 789 if (parseonly) 790 syserr("X%s: bad address %s (expected port@host)", 791 m->mf_name, colon); 792 else if (MilterLogLevel > 0) 793 sm_syslog(LOG_ERR, e->e_id, 794 "Milter (%s): bad address %s (expected port@host)", 795 m->mf_name, colon); 796 milter_error(m, e); 797 return -1; 798 } 799 *at = '\0'; 800 if (isascii(*colon) && isdigit(*colon)) 801 port = htons((unsigned short) atoi(colon)); 802 else 803 { 804 # ifdef NO_GETSERVBYNAME 805 if (tTd(64, 5)) 806 sm_dprintf("X%s: invalid port number %s\n", 807 m->mf_name, colon); 808 if (parseonly) 809 syserr("X%s: invalid port number %s", 810 m->mf_name, colon); 811 else if (MilterLogLevel > 0) 812 sm_syslog(LOG_ERR, e->e_id, 813 "Milter (%s): invalid port number %s", 814 m->mf_name, colon); 815 milter_error(m, e); 816 return -1; 817 # else /* NO_GETSERVBYNAME */ 818 register struct servent *sp; 819 820 sp = getservbyname(colon, "tcp"); 821 if (sp == NULL) 822 { 823 save_errno = errno; 824 if (tTd(64, 5)) 825 sm_dprintf("X%s: unknown port name %s\n", 826 m->mf_name, colon); 827 errno = save_errno; 828 if (parseonly) 829 syserr("X%s: unknown port name %s", 830 m->mf_name, colon); 831 else if (MilterLogLevel > 0) 832 sm_syslog(LOG_ERR, e->e_id, 833 "Milter (%s): unknown port name %s", 834 m->mf_name, colon); 835 milter_error(m, e); 836 return -1; 837 } 838 port = sp->s_port; 839 # endif /* NO_GETSERVBYNAME */ 840 } 841 *at++ = '@'; 842 if (*at == '[') 843 { 844 char *end; 845 846 end = strchr(at, ']'); 847 if (end != NULL) 848 { 849 bool found = false; 850 # if NETINET 851 unsigned long hid = INADDR_NONE; 852 # endif /* NETINET */ 853 # if NETINET6 854 struct sockaddr_in6 hid6; 855 # endif /* NETINET6 */ 856 857 *end = '\0'; 858 # if NETINET 859 if (addr.sa.sa_family == AF_INET && 860 (hid = inet_addr(&at[1])) != INADDR_NONE) 861 { 862 addr.sin.sin_addr.s_addr = hid; 863 addr.sin.sin_port = port; 864 found = true; 865 } 866 # endif /* NETINET */ 867 # if NETINET6 868 (void) memset(&hid6, '\0', sizeof hid6); 869 if (addr.sa.sa_family == AF_INET6 && 870 anynet_pton(AF_INET6, &at[1], 871 &hid6.sin6_addr) == 1) 872 { 873 addr.sin6.sin6_addr = hid6.sin6_addr; 874 addr.sin6.sin6_port = port; 875 found = true; 876 } 877 # endif /* NETINET6 */ 878 *end = ']'; 879 if (!found) 880 { 881 if (tTd(64, 5)) 882 sm_dprintf("X%s: Invalid numeric domain spec \"%s\"\n", 883 m->mf_name, at); 884 if (parseonly) 885 syserr("X%s: Invalid numeric domain spec \"%s\"", 886 m->mf_name, at); 887 else if (MilterLogLevel > 0) 888 sm_syslog(LOG_ERR, e->e_id, 889 "Milter (%s): Invalid numeric domain spec \"%s\"", 890 m->mf_name, at); 891 milter_error(m, e); 892 return -1; 893 } 894 } 895 else 896 { 897 if (tTd(64, 5)) 898 sm_dprintf("X%s: Invalid numeric domain spec \"%s\"\n", 899 m->mf_name, at); 900 if (parseonly) 901 syserr("X%s: Invalid numeric domain spec \"%s\"", 902 m->mf_name, at); 903 else if (MilterLogLevel > 0) 904 sm_syslog(LOG_ERR, e->e_id, 905 "Milter (%s): Invalid numeric domain spec \"%s\"", 906 m->mf_name, at); 907 milter_error(m, e); 908 return -1; 909 } 910 } 911 else 912 { 913 hp = sm_gethostbyname(at, addr.sa.sa_family); 914 if (hp == NULL) 915 { 916 save_errno = errno; 917 if (tTd(64, 5)) 918 sm_dprintf("X%s: Unknown host name %s\n", 919 m->mf_name, at); 920 errno = save_errno; 921 if (parseonly) 922 syserr("X%s: Unknown host name %s", 923 m->mf_name, at); 924 else if (MilterLogLevel > 0) 925 sm_syslog(LOG_ERR, e->e_id, 926 "Milter (%s): Unknown host name %s", 927 m->mf_name, at); 928 milter_error(m, e); 929 return -1; 930 } 931 addr.sa.sa_family = hp->h_addrtype; 932 switch (hp->h_addrtype) 933 { 934 # if NETINET 935 case AF_INET: 936 memmove(&addr.sin.sin_addr, 937 hp->h_addr, INADDRSZ); 938 addr.sin.sin_port = port; 939 addrlen = sizeof (struct sockaddr_in); 940 addrno = 1; 941 break; 942 # endif /* NETINET */ 943 944 # if NETINET6 945 case AF_INET6: 946 memmove(&addr.sin6.sin6_addr, 947 hp->h_addr, IN6ADDRSZ); 948 addr.sin6.sin6_port = port; 949 addrlen = sizeof (struct sockaddr_in6); 950 addrno = 1; 951 break; 952 # endif /* NETINET6 */ 953 954 default: 955 if (tTd(64, 5)) 956 sm_dprintf("X%s: Unknown protocol for %s (%d)\n", 957 m->mf_name, at, 958 hp->h_addrtype); 959 if (parseonly) 960 syserr("X%s: Unknown protocol for %s (%d)", 961 m->mf_name, at, hp->h_addrtype); 962 else if (MilterLogLevel > 0) 963 sm_syslog(LOG_ERR, e->e_id, 964 "Milter (%s): Unknown protocol for %s (%d)", 965 m->mf_name, at, 966 hp->h_addrtype); 967 milter_error(m, e); 968 # if NETINET6 969 freehostent(hp); 970 # endif /* NETINET6 */ 971 return -1; 972 } 973 } 974 } 975 else 976 # endif /* NETINET || NETINET6 */ 977 { 978 if (tTd(64, 5)) 979 sm_dprintf("X%s: unknown socket protocol\n", 980 m->mf_name); 981 if (parseonly) 982 syserr("X%s: unknown socket protocol", m->mf_name); 983 else if (MilterLogLevel > 0) 984 sm_syslog(LOG_ERR, e->e_id, 985 "Milter (%s): unknown socket protocol", 986 m->mf_name); 987 milter_error(m, e); 988 return -1; 989 } 990 991 /* just parsing through? */ 992 if (parseonly) 993 { 994 m->mf_state = SMFS_READY; 995 # if NETINET6 996 if (hp != NULL) 997 freehostent(hp); 998 # endif /* NETINET6 */ 999 return 0; 1000 } 1001 1002 /* sanity check */ 1003 if (m->mf_state != SMFS_READY && 1004 m->mf_state != SMFS_CLOSED) 1005 { 1006 /* shouldn't happen */ 1007 if (tTd(64, 1)) 1008 sm_dprintf("Milter (%s): Trying to open filter in state %c\n", 1009 m->mf_name, (char) m->mf_state); 1010 milter_error(m, e); 1011 # if NETINET6 1012 if (hp != NULL) 1013 freehostent(hp); 1014 # endif /* NETINET6 */ 1015 return -1; 1016 } 1017 1018 /* nope, actually connecting */ 1019 for (;;) 1020 { 1021 sock = socket(addr.sa.sa_family, SOCK_STREAM, 0); 1022 if (sock < 0) 1023 { 1024 save_errno = errno; 1025 if (tTd(64, 5)) 1026 sm_dprintf("Milter (%s): error creating socket: %s\n", 1027 m->mf_name, 1028 sm_errstring(save_errno)); 1029 if (MilterLogLevel > 0) 1030 sm_syslog(LOG_ERR, e->e_id, 1031 "Milter (%s): error creating socket: %s", 1032 m->mf_name, sm_errstring(save_errno)); 1033 milter_error(m, e); 1034 # if NETINET6 1035 if (hp != NULL) 1036 freehostent(hp); 1037 # endif /* NETINET6 */ 1038 return -1; 1039 } 1040 1041 if (setjmp(MilterConnectTimeout) == 0) 1042 { 1043 SM_EVENT *ev = NULL; 1044 int i; 1045 1046 if (m->mf_timeout[SMFTO_CONNECT] > 0) 1047 ev = sm_setevent(m->mf_timeout[SMFTO_CONNECT], 1048 milter_connect_timeout, 0); 1049 1050 i = connect(sock, (struct sockaddr *) &addr, addrlen); 1051 save_errno = errno; 1052 if (ev != NULL) 1053 sm_clrevent(ev); 1054 errno = save_errno; 1055 if (i >= 0) 1056 break; 1057 } 1058 1059 /* couldn't connect.... try next address */ 1060 save_errno = errno; 1061 p = CurHostName; 1062 CurHostName = at; 1063 if (tTd(64, 5)) 1064 sm_dprintf("milter_open (%s): open %s failed: %s\n", 1065 m->mf_name, at, sm_errstring(save_errno)); 1066 if (MilterLogLevel > 13) 1067 sm_syslog(LOG_INFO, e->e_id, 1068 "Milter (%s): open %s failed: %s", 1069 m->mf_name, at, sm_errstring(save_errno)); 1070 CurHostName = p; 1071 (void) close(sock); 1072 1073 /* try next address */ 1074 if (hp != NULL && hp->h_addr_list[addrno] != NULL) 1075 { 1076 switch (addr.sa.sa_family) 1077 { 1078 # if NETINET 1079 case AF_INET: 1080 memmove(&addr.sin.sin_addr, 1081 hp->h_addr_list[addrno++], 1082 INADDRSZ); 1083 break; 1084 # endif /* NETINET */ 1085 1086 # if NETINET6 1087 case AF_INET6: 1088 memmove(&addr.sin6.sin6_addr, 1089 hp->h_addr_list[addrno++], 1090 IN6ADDRSZ); 1091 break; 1092 # endif /* NETINET6 */ 1093 1094 default: 1095 if (tTd(64, 5)) 1096 sm_dprintf("X%s: Unknown protocol for %s (%d)\n", 1097 m->mf_name, at, 1098 hp->h_addrtype); 1099 if (MilterLogLevel > 0) 1100 sm_syslog(LOG_ERR, e->e_id, 1101 "Milter (%s): Unknown protocol for %s (%d)", 1102 m->mf_name, at, 1103 hp->h_addrtype); 1104 milter_error(m, e); 1105 # if NETINET6 1106 freehostent(hp); 1107 # endif /* NETINET6 */ 1108 return -1; 1109 } 1110 continue; 1111 } 1112 p = CurHostName; 1113 CurHostName = at; 1114 if (tTd(64, 5)) 1115 sm_dprintf("X%s: error connecting to filter: %s\n", 1116 m->mf_name, sm_errstring(save_errno)); 1117 if (MilterLogLevel > 0) 1118 sm_syslog(LOG_ERR, e->e_id, 1119 "Milter (%s): error connecting to filter: %s", 1120 m->mf_name, sm_errstring(save_errno)); 1121 CurHostName = p; 1122 milter_error(m, e); 1123 # if NETINET6 1124 if (hp != NULL) 1125 freehostent(hp); 1126 # endif /* NETINET6 */ 1127 return -1; 1128 } 1129 m->mf_state = SMFS_OPEN; 1130 # if NETINET6 1131 if (hp != NULL) 1132 { 1133 freehostent(hp); 1134 hp = NULL; 1135 } 1136 # endif /* NETINET6 */ 1137 # if _FFR_MILTER_NAGLE 1138 # ifndef TCP_CORK 1139 { 1140 int nodelay = 1; 1141 1142 setsockopt(m->mf_sock, IPPROTO_TCP, TCP_NODELAY, 1143 (char *)&nodelay, sizeof(nodelay)); 1144 } 1145 # endif /* TCP_CORK */ 1146 # endif /* _FFR_MILTER_NAGLE */ 1147 return sock; 1148 } 1149 1150 static void 1151 milter_connect_timeout(ignore) 1152 int ignore; 1153 { 1154 /* 1155 ** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD 1156 ** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE 1157 ** DOING. 1158 */ 1159 1160 errno = ETIMEDOUT; 1161 longjmp(MilterConnectTimeout, 1); 1162 } 1163 /* 1164 ** MILTER_SETUP -- setup structure for a mail filter 1165 ** 1166 ** Parameters: 1167 ** line -- the options line. 1168 ** 1169 ** Returns: 1170 ** none 1171 */ 1172 1173 void 1174 milter_setup(line) 1175 char *line; 1176 { 1177 char fcode; 1178 register char *p; 1179 register struct milter *m; 1180 STAB *s; 1181 1182 /* collect the filter name */ 1183 for (p = line; 1184 *p != '\0' && *p != ',' && !(isascii(*p) && isspace(*p)); 1185 p++) 1186 continue; 1187 if (*p != '\0') 1188 *p++ = '\0'; 1189 if (line[0] == '\0') 1190 { 1191 syserr("name required for mail filter"); 1192 return; 1193 } 1194 m = (struct milter *) xalloc(sizeof *m); 1195 memset((char *) m, '\0', sizeof *m); 1196 m->mf_name = newstr(line); 1197 m->mf_state = SMFS_READY; 1198 m->mf_sock = -1; 1199 m->mf_timeout[SMFTO_CONNECT] = (time_t) 300; 1200 m->mf_timeout[SMFTO_WRITE] = (time_t) 10; 1201 m->mf_timeout[SMFTO_READ] = (time_t) 10; 1202 m->mf_timeout[SMFTO_EOM] = (time_t) 300; 1203 1204 /* now scan through and assign info from the fields */ 1205 while (*p != '\0') 1206 { 1207 char *delimptr; 1208 1209 while (*p != '\0' && 1210 (*p == ',' || (isascii(*p) && isspace(*p)))) 1211 p++; 1212 1213 /* p now points to field code */ 1214 fcode = *p; 1215 while (*p != '\0' && *p != '=' && *p != ',') 1216 p++; 1217 if (*p++ != '=') 1218 { 1219 syserr("X%s: `=' expected", m->mf_name); 1220 return; 1221 } 1222 while (isascii(*p) && isspace(*p)) 1223 p++; 1224 1225 /* p now points to the field body */ 1226 p = munchstring(p, &delimptr, ','); 1227 1228 /* install the field into the filter struct */ 1229 switch (fcode) 1230 { 1231 case 'S': /* socket */ 1232 if (p == NULL) 1233 m->mf_conn = NULL; 1234 else 1235 m->mf_conn = newstr(p); 1236 break; 1237 1238 case 'F': /* Milter flags configured on MTA */ 1239 for (; *p != '\0'; p++) 1240 { 1241 if (!(isascii(*p) && isspace(*p))) 1242 setbitn(bitidx(*p), m->mf_flags); 1243 } 1244 break; 1245 1246 case 'T': /* timeouts */ 1247 milter_parse_timeouts(p, m); 1248 break; 1249 1250 default: 1251 syserr("X%s: unknown filter equate %c=", 1252 m->mf_name, fcode); 1253 break; 1254 } 1255 p = delimptr; 1256 } 1257 1258 /* early check for errors */ 1259 (void) milter_open(m, true, CurEnv); 1260 1261 /* enter the filter into the symbol table */ 1262 s = stab(m->mf_name, ST_MILTER, ST_ENTER); 1263 if (s->s_milter != NULL) 1264 syserr("X%s: duplicate filter definition", m->mf_name); 1265 else 1266 s->s_milter = m; 1267 } 1268 /* 1269 ** MILTER_CONFIG -- parse option list into an array and check config 1270 ** 1271 ** Called when reading configuration file. 1272 ** 1273 ** Parameters: 1274 ** spec -- the filter list. 1275 ** list -- the array to fill in. 1276 ** max -- the maximum number of entries in list. 1277 ** 1278 ** Returns: 1279 ** none 1280 */ 1281 1282 void 1283 milter_config(spec, list, max) 1284 char *spec; 1285 struct milter **list; 1286 int max; 1287 { 1288 int numitems = 0; 1289 register char *p; 1290 1291 /* leave one for the NULL signifying the end of the list */ 1292 max--; 1293 1294 for (p = spec; p != NULL; ) 1295 { 1296 STAB *s; 1297 1298 while (isascii(*p) && isspace(*p)) 1299 p++; 1300 if (*p == '\0') 1301 break; 1302 spec = p; 1303 1304 if (numitems >= max) 1305 { 1306 syserr("Too many filters defined, %d max", max); 1307 if (max > 0) 1308 list[0] = NULL; 1309 return; 1310 } 1311 p = strpbrk(p, ";,"); 1312 if (p != NULL) 1313 *p++ = '\0'; 1314 1315 s = stab(spec, ST_MILTER, ST_FIND); 1316 if (s == NULL) 1317 { 1318 syserr("InputFilter %s not defined", spec); 1319 ExitStat = EX_CONFIG; 1320 return; 1321 } 1322 list[numitems++] = s->s_milter; 1323 } 1324 list[numitems] = NULL; 1325 1326 /* if not set, set to LogLevel */ 1327 if (MilterLogLevel == -1) 1328 MilterLogLevel = LogLevel; 1329 } 1330 /* 1331 ** MILTER_PARSE_TIMEOUTS -- parse timeout list 1332 ** 1333 ** Called when reading configuration file. 1334 ** 1335 ** Parameters: 1336 ** spec -- the timeout list. 1337 ** m -- milter to set. 1338 ** 1339 ** Returns: 1340 ** none 1341 */ 1342 1343 static void 1344 milter_parse_timeouts(spec, m) 1345 char *spec; 1346 struct milter *m; 1347 { 1348 char fcode; 1349 int tcode; 1350 register char *p; 1351 1352 p = spec; 1353 1354 /* now scan through and assign info from the fields */ 1355 while (*p != '\0') 1356 { 1357 char *delimptr; 1358 1359 while (*p != '\0' && 1360 (*p == ';' || (isascii(*p) && isspace(*p)))) 1361 p++; 1362 1363 /* p now points to field code */ 1364 fcode = *p; 1365 while (*p != '\0' && *p != ':') 1366 p++; 1367 if (*p++ != ':') 1368 { 1369 syserr("X%s, T=: `:' expected", m->mf_name); 1370 return; 1371 } 1372 while (isascii(*p) && isspace(*p)) 1373 p++; 1374 1375 /* p now points to the field body */ 1376 p = munchstring(p, &delimptr, ';'); 1377 tcode = -1; 1378 1379 /* install the field into the filter struct */ 1380 switch (fcode) 1381 { 1382 case 'C': 1383 tcode = SMFTO_CONNECT; 1384 break; 1385 1386 case 'S': 1387 tcode = SMFTO_WRITE; 1388 break; 1389 1390 case 'R': 1391 tcode = SMFTO_READ; 1392 break; 1393 1394 case 'E': 1395 tcode = SMFTO_EOM; 1396 break; 1397 1398 default: 1399 if (tTd(64, 5)) 1400 sm_dprintf("X%s: %c unknown\n", 1401 m->mf_name, fcode); 1402 syserr("X%s: unknown filter timeout %c", 1403 m->mf_name, fcode); 1404 break; 1405 } 1406 if (tcode >= 0) 1407 { 1408 m->mf_timeout[tcode] = convtime(p, 's'); 1409 if (tTd(64, 5)) 1410 sm_dprintf("X%s: %c=%ld\n", 1411 m->mf_name, fcode, 1412 (u_long) m->mf_timeout[tcode]); 1413 } 1414 p = delimptr; 1415 } 1416 } 1417 /* 1418 ** MILTER_SET_OPTION -- set an individual milter option 1419 ** 1420 ** Parameters: 1421 ** name -- the name of the option. 1422 ** val -- the value of the option. 1423 ** sticky -- if set, don't let other setoptions override 1424 ** this value. 1425 ** 1426 ** Returns: 1427 ** none. 1428 */ 1429 1430 /* set if Milter sub-option is stuck */ 1431 static BITMAP256 StickyMilterOpt; 1432 1433 static struct milteropt 1434 { 1435 char *mo_name; /* long name of milter option */ 1436 unsigned char mo_code; /* code for option */ 1437 } MilterOptTab[] = 1438 { 1439 # define MO_MACROS_CONNECT 0x01 1440 { "macros.connect", MO_MACROS_CONNECT }, 1441 # define MO_MACROS_HELO 0x02 1442 { "macros.helo", MO_MACROS_HELO }, 1443 # define MO_MACROS_ENVFROM 0x03 1444 { "macros.envfrom", MO_MACROS_ENVFROM }, 1445 # define MO_MACROS_ENVRCPT 0x04 1446 { "macros.envrcpt", MO_MACROS_ENVRCPT }, 1447 # define MO_MACROS_DATA 0x05 1448 { "macros.data", MO_MACROS_DATA }, 1449 # define MO_MACROS_EOM 0x06 1450 { "macros.eom", MO_MACROS_EOM }, 1451 # define MO_LOGLEVEL 0x07 1452 { "loglevel", MO_LOGLEVEL }, 1453 # if _FFR_MAXDATASIZE 1454 # define MO_MAXDATASIZE 0x08 1455 { "maxdatasize", MO_MAXDATASIZE }, 1456 # endif /* _FFR_MAXDATASIZE */ 1457 { NULL, 0 }, 1458 }; 1459 1460 void 1461 milter_set_option(name, val, sticky) 1462 char *name; 1463 char *val; 1464 bool sticky; 1465 { 1466 int nummac = 0; 1467 register struct milteropt *mo; 1468 char *p; 1469 char **macros = NULL; 1470 1471 if (tTd(37, 2) || tTd(64, 5)) 1472 sm_dprintf("milter_set_option(%s = %s)", name, val); 1473 1474 if (name == NULL) 1475 { 1476 syserr("milter_set_option: invalid Milter option, must specify suboption"); 1477 return; 1478 } 1479 1480 for (mo = MilterOptTab; mo->mo_name != NULL; mo++) 1481 { 1482 if (sm_strcasecmp(mo->mo_name, name) == 0) 1483 break; 1484 } 1485 1486 if (mo->mo_name == NULL) 1487 { 1488 syserr("milter_set_option: invalid Milter option %s", name); 1489 return; 1490 } 1491 1492 /* 1493 ** See if this option is preset for us. 1494 */ 1495 1496 if (!sticky && bitnset(mo->mo_code, StickyMilterOpt)) 1497 { 1498 if (tTd(37, 2) || tTd(64,5)) 1499 sm_dprintf(" (ignored)\n"); 1500 return; 1501 } 1502 1503 if (tTd(37, 2) || tTd(64,5)) 1504 sm_dprintf("\n"); 1505 1506 switch (mo->mo_code) 1507 { 1508 case MO_LOGLEVEL: 1509 MilterLogLevel = atoi(val); 1510 break; 1511 1512 #if _FFR_MAXDATASIZE 1513 case MO_MAXDATASIZE: 1514 MilterMaxDataSize = (size_t)atol(val); 1515 break; 1516 #endif /* _FFR_MAXDATASIZE */ 1517 1518 case MO_MACROS_CONNECT: 1519 if (macros == NULL) 1520 macros = MilterConnectMacros; 1521 /* FALLTHROUGH */ 1522 1523 case MO_MACROS_HELO: 1524 if (macros == NULL) 1525 macros = MilterHeloMacros; 1526 /* FALLTHROUGH */ 1527 1528 case MO_MACROS_ENVFROM: 1529 if (macros == NULL) 1530 macros = MilterEnvFromMacros; 1531 /* FALLTHROUGH */ 1532 1533 case MO_MACROS_ENVRCPT: 1534 if (macros == NULL) 1535 macros = MilterEnvRcptMacros; 1536 /* FALLTHROUGH */ 1537 1538 case MO_MACROS_EOM: 1539 if (macros == NULL) 1540 macros = MilterEOMMacros; 1541 /* FALLTHROUGH */ 1542 1543 case MO_MACROS_DATA: 1544 if (macros == NULL) 1545 macros = MilterDataMacros; 1546 1547 p = newstr(val); 1548 while (*p != '\0') 1549 { 1550 char *macro; 1551 1552 /* Skip leading commas, spaces */ 1553 while (*p != '\0' && 1554 (*p == ',' || (isascii(*p) && isspace(*p)))) 1555 p++; 1556 1557 if (*p == '\0') 1558 break; 1559 1560 /* Find end of macro */ 1561 macro = p; 1562 while (*p != '\0' && *p != ',' && 1563 isascii(*p) && !isspace(*p)) 1564 p++; 1565 if (*p != '\0') 1566 *p++ = '\0'; 1567 1568 if (nummac >= MAXFILTERMACROS) 1569 { 1570 syserr("milter_set_option: too many macros in Milter.%s (max %d)", 1571 name, MAXFILTERMACROS); 1572 macros[nummac] = NULL; 1573 break; 1574 } 1575 macros[nummac++] = macro; 1576 } 1577 macros[nummac] = NULL; 1578 break; 1579 1580 default: 1581 syserr("milter_set_option: invalid Milter option %s", name); 1582 break; 1583 } 1584 if (sticky) 1585 setbitn(mo->mo_code, StickyMilterOpt); 1586 } 1587 /* 1588 ** MILTER_REOPEN_DF -- open & truncate the data file (for replbody) 1589 ** 1590 ** Parameters: 1591 ** e -- current envelope. 1592 ** 1593 ** Returns: 1594 ** 0 if succesful, -1 otherwise 1595 */ 1596 1597 static int 1598 milter_reopen_df(e) 1599 ENVELOPE *e; 1600 { 1601 char dfname[MAXPATHLEN]; 1602 1603 (void) sm_strlcpy(dfname, queuename(e, DATAFL_LETTER), sizeof dfname); 1604 1605 /* 1606 ** In SuperSafe == SAFE_REALLY mode, e->e_dfp is a read-only FP so 1607 ** close and reopen writable (later close and reopen 1608 ** read only again). 1609 ** 1610 ** In SuperSafe != SAFE_REALLY mode, e->e_dfp still points at the 1611 ** buffered file I/O descriptor, still open for writing so there 1612 ** isn't any work to do here (except checking for consistency). 1613 */ 1614 1615 if (SuperSafe == SAFE_REALLY) 1616 { 1617 /* close read-only data file */ 1618 if (bitset(EF_HAS_DF, e->e_flags) && e->e_dfp != NULL) 1619 { 1620 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 1621 e->e_flags &= ~EF_HAS_DF; 1622 } 1623 1624 /* open writable */ 1625 if ((e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, dfname, 1626 SM_IO_RDWR_B, NULL)) == NULL) 1627 { 1628 MILTER_DF_ERROR("milter_reopen_df: sm_io_open %s: %s"); 1629 return -1; 1630 } 1631 } 1632 else if (e->e_dfp == NULL) 1633 { 1634 /* shouldn't happen */ 1635 errno = ENOENT; 1636 MILTER_DF_ERROR("milter_reopen_df: NULL e_dfp (%s: %s)"); 1637 return -1; 1638 } 1639 return 0; 1640 } 1641 /* 1642 ** MILTER_RESET_DF -- re-open read-only the data file (for replbody) 1643 ** 1644 ** Parameters: 1645 ** e -- current envelope. 1646 ** 1647 ** Returns: 1648 ** 0 if succesful, -1 otherwise 1649 */ 1650 1651 static int 1652 milter_reset_df(e) 1653 ENVELOPE *e; 1654 { 1655 int afd; 1656 char dfname[MAXPATHLEN]; 1657 1658 (void) sm_strlcpy(dfname, queuename(e, DATAFL_LETTER), sizeof dfname); 1659 1660 if (sm_io_flush(e->e_dfp, SM_TIME_DEFAULT) != 0 || 1661 sm_io_error(e->e_dfp)) 1662 { 1663 MILTER_DF_ERROR("milter_reset_df: error writing/flushing %s: %s"); 1664 return -1; 1665 } 1666 else if (SuperSafe != SAFE_REALLY) 1667 { 1668 /* skip next few clauses */ 1669 /* EMPTY */ 1670 } 1671 else if ((afd = sm_io_getinfo(e->e_dfp, SM_IO_WHAT_FD, NULL)) >= 0 1672 && fsync(afd) < 0) 1673 { 1674 MILTER_DF_ERROR("milter_reset_df: error sync'ing %s: %s"); 1675 return -1; 1676 } 1677 else if (sm_io_close(e->e_dfp, SM_TIME_DEFAULT) < 0) 1678 { 1679 MILTER_DF_ERROR("milter_reset_df: error closing %s: %s"); 1680 return -1; 1681 } 1682 else if ((e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, dfname, 1683 SM_IO_RDONLY_B, NULL)) == NULL) 1684 { 1685 MILTER_DF_ERROR("milter_reset_df: error reopening %s: %s"); 1686 return -1; 1687 } 1688 else 1689 e->e_flags |= EF_HAS_DF; 1690 return 0; 1691 } 1692 /* 1693 ** MILTER_CAN_DELRCPTS -- can any milter filters delete recipients? 1694 ** 1695 ** Parameters: 1696 ** none 1697 ** 1698 ** Returns: 1699 ** true if any filter deletes recipients, false otherwise 1700 */ 1701 1702 bool 1703 milter_can_delrcpts() 1704 { 1705 bool can = false; 1706 int i; 1707 1708 if (tTd(64, 10)) 1709 sm_dprintf("milter_can_delrcpts:"); 1710 1711 for (i = 0; InputFilters[i] != NULL; i++) 1712 { 1713 struct milter *m = InputFilters[i]; 1714 1715 if (bitset(SMFIF_DELRCPT, m->mf_fflags)) 1716 { 1717 can = true; 1718 break; 1719 } 1720 } 1721 if (tTd(64, 10)) 1722 sm_dprintf("%s\n", can ? "true" : "false"); 1723 1724 return can; 1725 } 1726 /* 1727 ** MILTER_QUIT_FILTER -- close down a single filter 1728 ** 1729 ** Parameters: 1730 ** m -- milter structure of filter to close down. 1731 ** e -- current envelope. 1732 ** 1733 ** Returns: 1734 ** none 1735 */ 1736 1737 static void 1738 milter_quit_filter(m, e) 1739 struct milter *m; 1740 ENVELOPE *e; 1741 { 1742 if (tTd(64, 10)) 1743 sm_dprintf("milter_quit_filter(%s)\n", m->mf_name); 1744 if (MilterLogLevel > 18) 1745 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): quit filter", 1746 m->mf_name); 1747 1748 /* Never replace error state */ 1749 if (m->mf_state == SMFS_ERROR) 1750 return; 1751 1752 if (m->mf_sock < 0 || 1753 m->mf_state == SMFS_CLOSED || 1754 m->mf_state == SMFS_READY) 1755 { 1756 m->mf_sock = -1; 1757 m->mf_state = SMFS_CLOSED; 1758 return; 1759 } 1760 1761 (void) milter_write(m, SMFIC_QUIT, (char *) NULL, 0, 1762 m->mf_timeout[SMFTO_WRITE], e); 1763 if (m->mf_sock >= 0) 1764 { 1765 (void) close(m->mf_sock); 1766 m->mf_sock = -1; 1767 } 1768 if (m->mf_state != SMFS_ERROR) 1769 m->mf_state = SMFS_CLOSED; 1770 } 1771 /* 1772 ** MILTER_ABORT_FILTER -- tell filter to abort current message 1773 ** 1774 ** Parameters: 1775 ** m -- milter structure of filter to abort. 1776 ** e -- current envelope. 1777 ** 1778 ** Returns: 1779 ** none 1780 */ 1781 1782 static void 1783 milter_abort_filter(m, e) 1784 struct milter *m; 1785 ENVELOPE *e; 1786 { 1787 if (tTd(64, 10)) 1788 sm_dprintf("milter_abort_filter(%s)\n", m->mf_name); 1789 if (MilterLogLevel > 10) 1790 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): abort filter", 1791 m->mf_name); 1792 1793 if (m->mf_sock < 0 || 1794 m->mf_state != SMFS_INMSG) 1795 return; 1796 1797 (void) milter_write(m, SMFIC_ABORT, (char *) NULL, 0, 1798 m->mf_timeout[SMFTO_WRITE], e); 1799 if (m->mf_state != SMFS_ERROR) 1800 m->mf_state = SMFS_DONE; 1801 } 1802 /* 1803 ** MILTER_SEND_MACROS -- provide macros to the filters 1804 ** 1805 ** Parameters: 1806 ** m -- milter to send macros to. 1807 ** macros -- macros to send for filter smfi_getsymval(). 1808 ** cmd -- which command the macros are associated with. 1809 ** e -- current envelope (for macro access). 1810 ** 1811 ** Returns: 1812 ** none 1813 */ 1814 1815 static void 1816 milter_send_macros(m, macros, cmd, e) 1817 struct milter *m; 1818 char **macros; 1819 char cmd; 1820 ENVELOPE *e; 1821 { 1822 int i; 1823 int mid; 1824 char *v; 1825 char *buf, *bp; 1826 char exp[MAXLINE]; 1827 ssize_t s; 1828 1829 /* sanity check */ 1830 if (macros == NULL || macros[0] == NULL) 1831 return; 1832 1833 /* put together data */ 1834 s = 1; /* for the command character */ 1835 for (i = 0; macros[i] != NULL; i++) 1836 { 1837 mid = macid(macros[i]); 1838 if (mid == 0) 1839 continue; 1840 v = macvalue(mid, e); 1841 if (v == NULL) 1842 continue; 1843 expand(v, exp, sizeof(exp), e); 1844 s += strlen(macros[i]) + 1 + strlen(exp) + 1; 1845 } 1846 1847 if (s < 0) 1848 return; 1849 1850 buf = (char *) xalloc(s); 1851 bp = buf; 1852 *bp++ = cmd; 1853 for (i = 0; macros[i] != NULL; i++) 1854 { 1855 mid = macid(macros[i]); 1856 if (mid == 0) 1857 continue; 1858 v = macvalue(mid, e); 1859 if (v == NULL) 1860 continue; 1861 expand(v, exp, sizeof(exp), e); 1862 1863 if (tTd(64, 10)) 1864 sm_dprintf("milter_send_macros(%s, %c): %s=%s\n", 1865 m->mf_name, cmd, macros[i], exp); 1866 1867 (void) sm_strlcpy(bp, macros[i], s - (bp - buf)); 1868 bp += strlen(bp) + 1; 1869 (void) sm_strlcpy(bp, exp, s - (bp - buf)); 1870 bp += strlen(bp) + 1; 1871 } 1872 (void) milter_write(m, SMFIC_MACRO, buf, s, 1873 m->mf_timeout[SMFTO_WRITE], e); 1874 sm_free(buf); 1875 } 1876 1877 /* 1878 ** MILTER_SEND_COMMAND -- send a command and return the response for a filter 1879 ** 1880 ** Parameters: 1881 ** m -- current milter filter 1882 ** command -- command to send. 1883 ** data -- optional command data. 1884 ** sz -- length of buf. 1885 ** e -- current envelope (for e->e_id). 1886 ** state -- return state word. 1887 ** 1888 ** Returns: 1889 ** response string (may be NULL) 1890 */ 1891 1892 static char * 1893 milter_send_command(m, command, data, sz, e, state) 1894 struct milter *m; 1895 char command; 1896 void *data; 1897 ssize_t sz; 1898 ENVELOPE *e; 1899 char *state; 1900 { 1901 char rcmd; 1902 ssize_t rlen; 1903 unsigned long skipflag; 1904 #if _FFR_MILTER_NOHDR_RESP 1905 unsigned long norespflag = 0; 1906 #endif /* _FFR_MILTER_NOHDR_RESP */ 1907 char *action; 1908 char *defresponse; 1909 char *response; 1910 1911 if (tTd(64, 10)) 1912 sm_dprintf("milter_send_command(%s): cmd %c len %ld\n", 1913 m->mf_name, (char) command, (long) sz); 1914 1915 /* find skip flag and default failure */ 1916 switch (command) 1917 { 1918 case SMFIC_CONNECT: 1919 skipflag = SMFIP_NOCONNECT; 1920 action = "connect"; 1921 defresponse = "554 Command rejected"; 1922 break; 1923 1924 case SMFIC_HELO: 1925 skipflag = SMFIP_NOHELO; 1926 action = "helo"; 1927 defresponse = "550 Command rejected"; 1928 break; 1929 1930 case SMFIC_MAIL: 1931 skipflag = SMFIP_NOMAIL; 1932 action = "mail"; 1933 defresponse = "550 5.7.1 Command rejected"; 1934 break; 1935 1936 case SMFIC_RCPT: 1937 skipflag = SMFIP_NORCPT; 1938 action = "rcpt"; 1939 defresponse = "550 5.7.1 Command rejected"; 1940 break; 1941 1942 case SMFIC_HEADER: 1943 skipflag = SMFIP_NOHDRS; 1944 #if _FFR_MILTER_NOHDR_RESP 1945 norespflag = SMFIP_NOHREPL; 1946 #endif /* _FFR_MILTER_NOHDR_RESP */ 1947 action = "header"; 1948 defresponse = "550 5.7.1 Command rejected"; 1949 break; 1950 1951 case SMFIC_BODY: 1952 skipflag = SMFIP_NOBODY; 1953 action = "body"; 1954 defresponse = "554 5.7.1 Command rejected"; 1955 break; 1956 1957 case SMFIC_EOH: 1958 skipflag = SMFIP_NOEOH; 1959 action = "eoh"; 1960 defresponse = "550 5.7.1 Command rejected"; 1961 break; 1962 1963 #if SMFI_VERSION > 2 1964 case SMFIC_UNKNOWN: 1965 action = "unknown"; 1966 defresponse = "550 5.7.1 Command rejected"; 1967 break; 1968 #endif /* SMFI_VERSION > 2 */ 1969 1970 case SMFIC_BODYEOB: 1971 case SMFIC_OPTNEG: 1972 case SMFIC_MACRO: 1973 case SMFIC_ABORT: 1974 case SMFIC_QUIT: 1975 /* NOTE: not handled by milter_send_command() */ 1976 /* FALLTHROUGH */ 1977 1978 default: 1979 skipflag = 0; 1980 action = "default"; 1981 defresponse = "550 5.7.1 Command rejected"; 1982 break; 1983 } 1984 1985 /* check if filter wants this command */ 1986 if (skipflag != 0 && 1987 bitset(skipflag, m->mf_pflags)) 1988 return NULL; 1989 1990 /* send the command to the filter */ 1991 (void) milter_write(m, command, data, sz, 1992 m->mf_timeout[SMFTO_WRITE], e); 1993 if (m->mf_state == SMFS_ERROR) 1994 { 1995 MILTER_CHECK_ERROR(false, return NULL); 1996 return NULL; 1997 } 1998 1999 #if _FFR_MILTER_NOHDR_RESP 2000 /* check if filter sends response to this command */ 2001 if (norespflag != 0 && bitset(norespflag, m->mf_pflags)) 2002 return NULL; 2003 #endif /* _FFR_MILTER_NOHDR_RESP */ 2004 2005 /* get the response from the filter */ 2006 response = milter_read(m, &rcmd, &rlen, 2007 m->mf_timeout[SMFTO_READ], e); 2008 if (m->mf_state == SMFS_ERROR) 2009 { 2010 MILTER_CHECK_ERROR(false, return NULL); 2011 return NULL; 2012 } 2013 2014 if (tTd(64, 10)) 2015 sm_dprintf("milter_send_command(%s): returned %c\n", 2016 m->mf_name, (char) rcmd); 2017 2018 switch (rcmd) 2019 { 2020 case SMFIR_REPLYCODE: 2021 MILTER_CHECK_REPLYCODE(defresponse); 2022 if (MilterLogLevel > 10) 2023 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, reject=%s", 2024 m->mf_name, action, response); 2025 *state = rcmd; 2026 break; 2027 2028 case SMFIR_REJECT: 2029 if (MilterLogLevel > 10) 2030 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, reject", 2031 m->mf_name, action); 2032 *state = rcmd; 2033 break; 2034 2035 case SMFIR_DISCARD: 2036 if (MilterLogLevel > 10) 2037 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, discard", 2038 m->mf_name, action); 2039 *state = rcmd; 2040 break; 2041 2042 case SMFIR_TEMPFAIL: 2043 if (MilterLogLevel > 10) 2044 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, tempfail", 2045 m->mf_name, action); 2046 *state = rcmd; 2047 break; 2048 2049 case SMFIR_ACCEPT: 2050 /* this filter is done with message/connection */ 2051 if (command == SMFIC_HELO || 2052 command == SMFIC_CONNECT) 2053 m->mf_state = SMFS_CLOSABLE; 2054 else 2055 m->mf_state = SMFS_DONE; 2056 if (MilterLogLevel > 10) 2057 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, accepted", 2058 m->mf_name, action); 2059 break; 2060 2061 case SMFIR_CONTINUE: 2062 /* if MAIL command is ok, filter is in message state */ 2063 if (command == SMFIC_MAIL) 2064 m->mf_state = SMFS_INMSG; 2065 if (MilterLogLevel > 12) 2066 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, continue", 2067 m->mf_name, action); 2068 break; 2069 2070 default: 2071 /* Invalid response to command */ 2072 if (MilterLogLevel > 0) 2073 sm_syslog(LOG_ERR, e->e_id, 2074 "milter_send_command(%s): action=%s returned bogus response %c", 2075 m->mf_name, action, rcmd); 2076 milter_error(m, e); 2077 break; 2078 } 2079 2080 if (*state != SMFIR_REPLYCODE && 2081 response != NULL) 2082 { 2083 sm_free(response); /* XXX */ 2084 response = NULL; 2085 } 2086 return response; 2087 } 2088 2089 /* 2090 ** MILTER_COMMAND -- send a command and return the response for each filter 2091 ** 2092 ** Parameters: 2093 ** command -- command to send. 2094 ** data -- optional command data. 2095 ** sz -- length of buf. 2096 ** macros -- macros to send for filter smfi_getsymval(). 2097 ** e -- current envelope (for macro access). 2098 ** state -- return state word. 2099 ** 2100 ** Returns: 2101 ** response string (may be NULL) 2102 */ 2103 2104 static char * 2105 milter_command(command, data, sz, macros, e, state) 2106 char command; 2107 void *data; 2108 ssize_t sz; 2109 char **macros; 2110 ENVELOPE *e; 2111 char *state; 2112 { 2113 int i; 2114 char *response = NULL; 2115 time_t tn = 0; 2116 2117 if (tTd(64, 10)) 2118 sm_dprintf("milter_command: cmd %c len %ld\n", 2119 (char) command, (long) sz); 2120 2121 *state = SMFIR_CONTINUE; 2122 for (i = 0; InputFilters[i] != NULL; i++) 2123 { 2124 struct milter *m = InputFilters[i]; 2125 2126 /* previous problem? */ 2127 if (m->mf_state == SMFS_ERROR) 2128 { 2129 MILTER_CHECK_ERROR(false, continue); 2130 break; 2131 } 2132 2133 /* sanity check */ 2134 if (m->mf_sock < 0 || 2135 (m->mf_state != SMFS_OPEN && m->mf_state != SMFS_INMSG)) 2136 continue; 2137 2138 /* send macros (regardless of whether we send command) */ 2139 if (macros != NULL && macros[0] != NULL) 2140 { 2141 milter_send_macros(m, macros, command, e); 2142 if (m->mf_state == SMFS_ERROR) 2143 { 2144 MILTER_CHECK_ERROR(false, continue); 2145 break; 2146 } 2147 } 2148 2149 if (MilterLogLevel > 21) 2150 tn = curtime(); 2151 2152 response = milter_send_command(m, command, data, sz, e, state); 2153 2154 if (MilterLogLevel > 21) 2155 { 2156 /* log the time it took for the command per filter */ 2157 sm_syslog(LOG_INFO, e->e_id, 2158 "Milter (%s): time command (%c), %d", 2159 m->mf_name, command, (int) (tn - curtime())); 2160 } 2161 2162 if (*state != SMFIR_CONTINUE) 2163 break; 2164 } 2165 return response; 2166 } 2167 /* 2168 ** MILTER_NEGOTIATE -- get version and flags from filter 2169 ** 2170 ** Parameters: 2171 ** m -- milter filter structure. 2172 ** e -- current envelope. 2173 ** 2174 ** Returns: 2175 ** 0 on success, -1 otherwise 2176 */ 2177 2178 static int 2179 milter_negotiate(m, e) 2180 struct milter *m; 2181 ENVELOPE *e; 2182 { 2183 char rcmd; 2184 mi_int32 fvers; 2185 mi_int32 fflags; 2186 mi_int32 pflags; 2187 char *response; 2188 ssize_t rlen; 2189 char data[MILTER_OPTLEN]; 2190 2191 /* sanity check */ 2192 if (m->mf_sock < 0 || m->mf_state != SMFS_OPEN) 2193 { 2194 if (MilterLogLevel > 0) 2195 sm_syslog(LOG_ERR, e->e_id, 2196 "Milter (%s): negotiate, impossible state", 2197 m->mf_name); 2198 milter_error(m, e); 2199 return -1; 2200 } 2201 2202 fvers = htonl(SMFI_VERSION); 2203 fflags = htonl(SMFI_CURR_ACTS); 2204 pflags = htonl(SMFI_CURR_PROT); 2205 (void) memcpy(data, (char *) &fvers, MILTER_LEN_BYTES); 2206 (void) memcpy(data + MILTER_LEN_BYTES, 2207 (char *) &fflags, MILTER_LEN_BYTES); 2208 (void) memcpy(data + (MILTER_LEN_BYTES * 2), 2209 (char *) &pflags, MILTER_LEN_BYTES); 2210 (void) milter_write(m, SMFIC_OPTNEG, data, sizeof data, 2211 m->mf_timeout[SMFTO_WRITE], e); 2212 2213 if (m->mf_state == SMFS_ERROR) 2214 return -1; 2215 2216 response = milter_read(m, &rcmd, &rlen, m->mf_timeout[SMFTO_READ], e); 2217 if (m->mf_state == SMFS_ERROR) 2218 return -1; 2219 2220 if (rcmd != SMFIC_OPTNEG) 2221 { 2222 if (tTd(64, 5)) 2223 sm_dprintf("milter_negotiate(%s): returned %c instead of %c\n", 2224 m->mf_name, rcmd, SMFIC_OPTNEG); 2225 if (MilterLogLevel > 0) 2226 sm_syslog(LOG_ERR, e->e_id, 2227 "Milter (%s): negotiate: returned %c instead of %c", 2228 m->mf_name, rcmd, SMFIC_OPTNEG); 2229 if (response != NULL) 2230 sm_free(response); /* XXX */ 2231 milter_error(m, e); 2232 return -1; 2233 } 2234 2235 /* Make sure we have enough bytes for the version */ 2236 if (response == NULL || rlen < MILTER_LEN_BYTES) 2237 { 2238 if (tTd(64, 5)) 2239 sm_dprintf("milter_negotiate(%s): did not return valid info\n", 2240 m->mf_name); 2241 if (MilterLogLevel > 0) 2242 sm_syslog(LOG_ERR, e->e_id, 2243 "Milter (%s): negotiate: did not return valid info", 2244 m->mf_name); 2245 if (response != NULL) 2246 sm_free(response); /* XXX */ 2247 milter_error(m, e); 2248 return -1; 2249 } 2250 2251 /* extract information */ 2252 (void) memcpy((char *) &fvers, response, MILTER_LEN_BYTES); 2253 2254 /* Now make sure we have enough for the feature bitmap */ 2255 if (rlen != MILTER_OPTLEN) 2256 { 2257 if (tTd(64, 5)) 2258 sm_dprintf("milter_negotiate(%s): did not return enough info\n", 2259 m->mf_name); 2260 if (MilterLogLevel > 0) 2261 sm_syslog(LOG_ERR, e->e_id, 2262 "Milter (%s): negotiate: did not return enough info", 2263 m->mf_name); 2264 if (response != NULL) 2265 sm_free(response); /* XXX */ 2266 milter_error(m, e); 2267 return -1; 2268 } 2269 2270 (void) memcpy((char *) &fflags, response + MILTER_LEN_BYTES, 2271 MILTER_LEN_BYTES); 2272 (void) memcpy((char *) &pflags, response + (MILTER_LEN_BYTES * 2), 2273 MILTER_LEN_BYTES); 2274 sm_free(response); /* XXX */ 2275 response = NULL; 2276 2277 m->mf_fvers = ntohl(fvers); 2278 m->mf_fflags = ntohl(fflags); 2279 m->mf_pflags = ntohl(pflags); 2280 2281 /* check for version compatibility */ 2282 if (m->mf_fvers == 1 || 2283 m->mf_fvers > SMFI_VERSION) 2284 { 2285 if (tTd(64, 5)) 2286 sm_dprintf("milter_negotiate(%s): version %d != MTA milter version %d\n", 2287 m->mf_name, m->mf_fvers, SMFI_VERSION); 2288 if (MilterLogLevel > 0) 2289 sm_syslog(LOG_ERR, e->e_id, 2290 "Milter (%s): negotiate: version %d != MTA milter version %d", 2291 m->mf_name, m->mf_fvers, SMFI_VERSION); 2292 milter_error(m, e); 2293 return -1; 2294 } 2295 2296 /* check for filter feature mismatch */ 2297 if ((m->mf_fflags & SMFI_CURR_ACTS) != m->mf_fflags) 2298 { 2299 if (tTd(64, 5)) 2300 sm_dprintf("milter_negotiate(%s): filter abilities 0x%x != MTA milter abilities 0x%lx\n", 2301 m->mf_name, m->mf_fflags, 2302 SMFI_CURR_ACTS); 2303 if (MilterLogLevel > 0) 2304 sm_syslog(LOG_ERR, e->e_id, 2305 "Milter (%s): negotiate: filter abilities 0x%x != MTA milter abilities 0x%lx", 2306 m->mf_name, m->mf_fflags, 2307 (unsigned long) SMFI_CURR_ACTS); 2308 milter_error(m, e); 2309 return -1; 2310 } 2311 2312 /* check for protocol feature mismatch */ 2313 if ((m->mf_pflags & SMFI_CURR_PROT) != m->mf_pflags) 2314 { 2315 if (tTd(64, 5)) 2316 sm_dprintf("milter_negotiate(%s): protocol abilities 0x%x != MTA milter abilities 0x%lx\n", 2317 m->mf_name, m->mf_pflags, 2318 (unsigned long) SMFI_CURR_PROT); 2319 if (MilterLogLevel > 0) 2320 sm_syslog(LOG_ERR, e->e_id, 2321 "Milter (%s): negotiate: protocol abilities 0x%x != MTA milter abilities 0x%lx", 2322 m->mf_name, m->mf_pflags, 2323 (unsigned long) SMFI_CURR_PROT); 2324 milter_error(m, e); 2325 return -1; 2326 } 2327 2328 if (tTd(64, 5)) 2329 sm_dprintf("milter_negotiate(%s): version %u, fflags 0x%x, pflags 0x%x\n", 2330 m->mf_name, m->mf_fvers, m->mf_fflags, m->mf_pflags); 2331 return 0; 2332 } 2333 /* 2334 ** MILTER_PER_CONNECTION_CHECK -- checks on per-connection commands 2335 ** 2336 ** Reduce code duplication by putting these checks in one place 2337 ** 2338 ** Parameters: 2339 ** e -- current envelope. 2340 ** 2341 ** Returns: 2342 ** none 2343 */ 2344 2345 static void 2346 milter_per_connection_check(e) 2347 ENVELOPE *e; 2348 { 2349 int i; 2350 2351 /* see if we are done with any of the filters */ 2352 for (i = 0; InputFilters[i] != NULL; i++) 2353 { 2354 struct milter *m = InputFilters[i]; 2355 2356 if (m->mf_state == SMFS_CLOSABLE) 2357 milter_quit_filter(m, e); 2358 } 2359 } 2360 /* 2361 ** MILTER_ERROR -- Put a milter filter into error state 2362 ** 2363 ** Parameters: 2364 ** m -- the broken filter. 2365 ** e -- current envelope. 2366 ** 2367 ** Returns: 2368 ** none 2369 */ 2370 2371 static void 2372 milter_error(m, e) 2373 struct milter *m; 2374 ENVELOPE *e; 2375 { 2376 /* 2377 ** We could send a quit here but we may have gotten here due to 2378 ** an I/O error so we don't want to try to make things worse. 2379 */ 2380 2381 if (m->mf_sock >= 0) 2382 { 2383 (void) close(m->mf_sock); 2384 m->mf_sock = -1; 2385 } 2386 m->mf_state = SMFS_ERROR; 2387 2388 if (MilterLogLevel > 0) 2389 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): to error state", 2390 m->mf_name); 2391 } 2392 /* 2393 ** MILTER_HEADERS -- send headers to a single milter filter 2394 ** 2395 ** Parameters: 2396 ** m -- current filter. 2397 ** e -- current envelope. 2398 ** state -- return state from response. 2399 ** 2400 ** Returns: 2401 ** response string (may be NULL) 2402 */ 2403 2404 static char * 2405 milter_headers(m, e, state) 2406 struct milter *m; 2407 ENVELOPE *e; 2408 char *state; 2409 { 2410 char *response = NULL; 2411 HDR *h; 2412 2413 if (MilterLogLevel > 17) 2414 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): headers, send", 2415 m->mf_name); 2416 2417 for (h = e->e_header; h != NULL; h = h->h_link) 2418 { 2419 char *buf; 2420 ssize_t s; 2421 2422 /* don't send over deleted headers */ 2423 if (h->h_value == NULL) 2424 { 2425 /* strip H_USER so not counted in milter_changeheader() */ 2426 h->h_flags &= ~H_USER; 2427 continue; 2428 } 2429 2430 /* skip auto-generated */ 2431 if (!bitset(H_USER, h->h_flags)) 2432 continue; 2433 2434 if (tTd(64, 10)) 2435 sm_dprintf("milter_headers: %s: %s\n", 2436 h->h_field, h->h_value); 2437 if (MilterLogLevel > 21) 2438 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): header, %s", 2439 m->mf_name, h->h_field); 2440 2441 s = strlen(h->h_field) + 1 + strlen(h->h_value) + 1; 2442 if (s < 0) 2443 continue; 2444 buf = (char *) xalloc(s); 2445 (void) sm_snprintf(buf, s, "%s%c%s", 2446 h->h_field, '\0', h->h_value); 2447 2448 /* send it over */ 2449 response = milter_send_command(m, SMFIC_HEADER, buf, 2450 s, e, state); 2451 sm_free(buf); /* XXX */ 2452 if (m->mf_state == SMFS_ERROR || 2453 m->mf_state == SMFS_DONE || 2454 *state != SMFIR_CONTINUE) 2455 break; 2456 } 2457 if (MilterLogLevel > 17) 2458 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): headers, sent", 2459 m->mf_name); 2460 return response; 2461 } 2462 /* 2463 ** MILTER_BODY -- send the body to a filter 2464 ** 2465 ** Parameters: 2466 ** m -- current filter. 2467 ** e -- current envelope. 2468 ** state -- return state from response. 2469 ** 2470 ** Returns: 2471 ** response string (may be NULL) 2472 */ 2473 2474 static char * 2475 milter_body(m, e, state) 2476 struct milter *m; 2477 ENVELOPE *e; 2478 char *state; 2479 { 2480 char bufchar = '\0'; 2481 char prevchar = '\0'; 2482 int c; 2483 char *response = NULL; 2484 char *bp; 2485 char buf[MILTER_CHUNK_SIZE]; 2486 2487 if (tTd(64, 10)) 2488 sm_dprintf("milter_body\n"); 2489 2490 if (bfrewind(e->e_dfp) < 0) 2491 { 2492 ExitStat = EX_IOERR; 2493 *state = SMFIR_TEMPFAIL; 2494 syserr("milter_body: %s/%cf%s: rewind error", 2495 qid_printqueue(e->e_qgrp, e->e_qdir), 2496 DATAFL_LETTER, e->e_id); 2497 return NULL; 2498 } 2499 2500 if (MilterLogLevel > 17) 2501 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): body, send", 2502 m->mf_name); 2503 bp = buf; 2504 while ((c = sm_io_getc(e->e_dfp, SM_TIME_DEFAULT)) != SM_IO_EOF) 2505 { 2506 /* Change LF to CRLF */ 2507 if (c == '\n') 2508 { 2509 /* Not a CRLF already? */ 2510 if (prevchar != '\r') 2511 { 2512 /* Room for CR now? */ 2513 if (bp + 2 > &buf[sizeof buf]) 2514 { 2515 /* No room, buffer LF */ 2516 bufchar = c; 2517 2518 /* and send CR now */ 2519 c = '\r'; 2520 } 2521 else 2522 { 2523 /* Room to do it now */ 2524 *bp++ = '\r'; 2525 prevchar = '\r'; 2526 } 2527 } 2528 } 2529 *bp++ = (char) c; 2530 prevchar = c; 2531 if (bp >= &buf[sizeof buf]) 2532 { 2533 /* send chunk */ 2534 response = milter_send_command(m, SMFIC_BODY, buf, 2535 bp - buf, e, state); 2536 bp = buf; 2537 if (bufchar != '\0') 2538 { 2539 *bp++ = bufchar; 2540 bufchar = '\0'; 2541 prevchar = bufchar; 2542 } 2543 } 2544 if (m->mf_state == SMFS_ERROR || 2545 m->mf_state == SMFS_DONE || 2546 *state != SMFIR_CONTINUE) 2547 break; 2548 } 2549 2550 /* check for read errors */ 2551 if (sm_io_error(e->e_dfp)) 2552 { 2553 ExitStat = EX_IOERR; 2554 if (*state == SMFIR_CONTINUE || 2555 *state == SMFIR_ACCEPT) 2556 { 2557 *state = SMFIR_TEMPFAIL; 2558 if (response != NULL) 2559 { 2560 sm_free(response); /* XXX */ 2561 response = NULL; 2562 } 2563 } 2564 syserr("milter_body: %s/%cf%s: read error", 2565 qid_printqueue(e->e_qgrp, e->e_qdir), 2566 DATAFL_LETTER, e->e_id); 2567 return response; 2568 } 2569 2570 /* send last body chunk */ 2571 if (bp > buf && 2572 m->mf_state != SMFS_ERROR && 2573 m->mf_state != SMFS_DONE && 2574 *state == SMFIR_CONTINUE) 2575 { 2576 /* send chunk */ 2577 response = milter_send_command(m, SMFIC_BODY, buf, bp - buf, 2578 e, state); 2579 bp = buf; 2580 } 2581 if (MilterLogLevel > 17) 2582 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): body, sent", 2583 m->mf_name); 2584 return response; 2585 } 2586 2587 /* 2588 ** Actions 2589 */ 2590 2591 /* 2592 ** MILTER_ADDHEADER -- Add the supplied header to the message 2593 ** 2594 ** Parameters: 2595 ** response -- encoded form of header/value. 2596 ** rlen -- length of response. 2597 ** e -- current envelope. 2598 ** 2599 ** Returns: 2600 ** none 2601 */ 2602 2603 static void 2604 milter_addheader(response, rlen, e) 2605 char *response; 2606 ssize_t rlen; 2607 ENVELOPE *e; 2608 { 2609 char *val; 2610 HDR *h; 2611 2612 if (tTd(64, 10)) 2613 sm_dprintf("milter_addheader: "); 2614 2615 /* sanity checks */ 2616 if (response == NULL) 2617 { 2618 if (tTd(64, 10)) 2619 sm_dprintf("NULL response\n"); 2620 return; 2621 } 2622 2623 if (rlen < 2 || strlen(response) + 1 >= (size_t) rlen) 2624 { 2625 if (tTd(64, 10)) 2626 sm_dprintf("didn't follow protocol (total len)\n"); 2627 return; 2628 } 2629 2630 /* Find separating NUL */ 2631 val = response + strlen(response) + 1; 2632 2633 /* another sanity check */ 2634 if (strlen(response) + strlen(val) + 2 != (size_t) rlen) 2635 { 2636 if (tTd(64, 10)) 2637 sm_dprintf("didn't follow protocol (part len)\n"); 2638 return; 2639 } 2640 2641 if (*response == '\0') 2642 { 2643 if (tTd(64, 10)) 2644 sm_dprintf("empty field name\n"); 2645 return; 2646 } 2647 2648 for (h = e->e_header; h != NULL; h = h->h_link) 2649 { 2650 if (sm_strcasecmp(h->h_field, response) == 0 && 2651 !bitset(H_USER, h->h_flags) && 2652 !bitset(H_TRACE, h->h_flags)) 2653 break; 2654 } 2655 2656 /* add to e_msgsize */ 2657 e->e_msgsize += strlen(response) + 2 + strlen(val); 2658 2659 if (h != NULL) 2660 { 2661 if (tTd(64, 10)) 2662 sm_dprintf("Replace default header %s value with %s\n", 2663 h->h_field, val); 2664 if (MilterLogLevel > 8) 2665 sm_syslog(LOG_INFO, e->e_id, 2666 "Milter change: default header %s value with %s", 2667 h->h_field, val); 2668 h->h_value = newstr(val); 2669 h->h_flags |= H_USER; 2670 } 2671 else 2672 { 2673 if (tTd(64, 10)) 2674 sm_dprintf("Add %s: %s\n", response, val); 2675 if (MilterLogLevel > 8) 2676 sm_syslog(LOG_INFO, e->e_id, "Milter add: header: %s: %s", 2677 response, val); 2678 addheader(newstr(response), val, H_USER, e); 2679 } 2680 } 2681 /* 2682 ** MILTER_INSHEADER -- Insert the supplied header 2683 ** 2684 ** Parameters: 2685 ** response -- encoded form of header/value. 2686 ** rlen -- length of response. 2687 ** e -- current envelope. 2688 ** 2689 ** Returns: 2690 ** none 2691 ** 2692 ** Notes: 2693 ** Unlike milter_addheader(), this does not attempt to determine 2694 ** if the header already exists in the envelope, even a 2695 ** deleted version. It just blindly inserts. 2696 */ 2697 2698 static void 2699 milter_insheader(response, rlen, e) 2700 char *response; 2701 ssize_t rlen; 2702 ENVELOPE *e; 2703 { 2704 mi_int32 idx, i; 2705 char *field; 2706 char *val; 2707 2708 if (tTd(64, 10)) 2709 sm_dprintf("milter_insheader: "); 2710 2711 /* sanity checks */ 2712 if (response == NULL) 2713 { 2714 if (tTd(64, 10)) 2715 sm_dprintf("NULL response\n"); 2716 return; 2717 } 2718 2719 if (rlen < 2 || strlen(response) + 1 >= (size_t) rlen) 2720 { 2721 if (tTd(64, 10)) 2722 sm_dprintf("didn't follow protocol (total len)\n"); 2723 return; 2724 } 2725 2726 /* decode */ 2727 (void) memcpy((char *) &i, response, MILTER_LEN_BYTES); 2728 idx = ntohl(i); 2729 field = response + MILTER_LEN_BYTES; 2730 val = field + strlen(field) + 1; 2731 2732 /* another sanity check */ 2733 if (MILTER_LEN_BYTES + strlen(field) + 1 + 2734 strlen(val) + 1 != (size_t) rlen) 2735 { 2736 if (tTd(64, 10)) 2737 sm_dprintf("didn't follow protocol (part len)\n"); 2738 return; 2739 } 2740 2741 if (*field == '\0') 2742 { 2743 if (tTd(64, 10)) 2744 sm_dprintf("empty field name\n"); 2745 return; 2746 } 2747 2748 /* add to e_msgsize */ 2749 e->e_msgsize += strlen(response) + 2 + strlen(val); 2750 2751 if (tTd(64, 10)) 2752 sm_dprintf("Insert (%d) %s: %s\n", idx, response, val); 2753 if (MilterLogLevel > 8) 2754 sm_syslog(LOG_INFO, e->e_id, 2755 "Milter insert (%d): header: %s: %s", 2756 idx, field, val); 2757 insheader(idx, newstr(field), val, H_USER, e); 2758 } 2759 /* 2760 ** MILTER_CHANGEHEADER -- Change the supplied header in the message 2761 ** 2762 ** Parameters: 2763 ** response -- encoded form of header/index/value. 2764 ** rlen -- length of response. 2765 ** e -- current envelope. 2766 ** 2767 ** Returns: 2768 ** none 2769 */ 2770 2771 static void 2772 milter_changeheader(response, rlen, e) 2773 char *response; 2774 ssize_t rlen; 2775 ENVELOPE *e; 2776 { 2777 mi_int32 i, index; 2778 char *field, *val; 2779 HDR *h, *sysheader; 2780 2781 if (tTd(64, 10)) 2782 sm_dprintf("milter_changeheader: "); 2783 2784 /* sanity checks */ 2785 if (response == NULL) 2786 { 2787 if (tTd(64, 10)) 2788 sm_dprintf("NULL response\n"); 2789 return; 2790 } 2791 2792 if (rlen < 2 || strlen(response) + 1 >= (size_t) rlen) 2793 { 2794 if (tTd(64, 10)) 2795 sm_dprintf("didn't follow protocol (total len)\n"); 2796 return; 2797 } 2798 2799 /* Find separating NUL */ 2800 (void) memcpy((char *) &i, response, MILTER_LEN_BYTES); 2801 index = ntohl(i); 2802 field = response + MILTER_LEN_BYTES; 2803 val = field + strlen(field) + 1; 2804 2805 /* another sanity check */ 2806 if (MILTER_LEN_BYTES + strlen(field) + 1 + 2807 strlen(val) + 1 != (size_t) rlen) 2808 { 2809 if (tTd(64, 10)) 2810 sm_dprintf("didn't follow protocol (part len)\n"); 2811 return; 2812 } 2813 2814 if (*field == '\0') 2815 { 2816 if (tTd(64, 10)) 2817 sm_dprintf("empty field name\n"); 2818 return; 2819 } 2820 2821 sysheader = NULL; 2822 for (h = e->e_header; h != NULL; h = h->h_link) 2823 { 2824 if (sm_strcasecmp(h->h_field, field) == 0) 2825 { 2826 if (bitset(H_USER, h->h_flags) && 2827 --index <= 0) 2828 { 2829 sysheader = NULL; 2830 break; 2831 } 2832 else if (!bitset(H_USER, h->h_flags) && 2833 !bitset(H_TRACE, h->h_flags)) 2834 { 2835 /* 2836 ** DRUMS msg-fmt draft says can only have 2837 ** multiple occurences of trace fields, 2838 ** so make sure we replace any non-trace, 2839 ** non-user field. 2840 */ 2841 2842 sysheader = h; 2843 } 2844 } 2845 } 2846 2847 /* if not found as user-provided header at index, use sysheader */ 2848 if (h == NULL) 2849 h = sysheader; 2850 2851 if (h == NULL) 2852 { 2853 if (*val == '\0') 2854 { 2855 if (tTd(64, 10)) 2856 sm_dprintf("Delete (noop) %s\n", field); 2857 if (MilterLogLevel > 8) 2858 sm_syslog(LOG_INFO, e->e_id, 2859 "Milter delete (noop): header: %s" 2860 , field); 2861 } 2862 else 2863 { 2864 /* treat modify value with no existing header as add */ 2865 if (tTd(64, 10)) 2866 sm_dprintf("Add %s: %s\n", field, val); 2867 if (MilterLogLevel > 8) 2868 sm_syslog(LOG_INFO, e->e_id, 2869 "Milter change (add): header: %s: %s" 2870 , field, val); 2871 addheader(newstr(field), val, H_USER, e); 2872 } 2873 return; 2874 } 2875 2876 if (tTd(64, 10)) 2877 { 2878 if (*val == '\0') 2879 { 2880 sm_dprintf("Delete%s %s: %s\n", 2881 h == sysheader ? " (default header)" : "", 2882 field, 2883 h->h_value == NULL ? "<NULL>" : h->h_value); 2884 } 2885 else 2886 { 2887 sm_dprintf("Change%s %s: from %s to %s\n", 2888 h == sysheader ? " (default header)" : "", 2889 field, 2890 h->h_value == NULL ? "<NULL>" : h->h_value, 2891 val); 2892 } 2893 } 2894 2895 if (MilterLogLevel > 8) 2896 { 2897 if (*val == '\0') 2898 { 2899 sm_syslog(LOG_INFO, e->e_id, 2900 "Milter delete: header%s %s: %s", 2901 h == sysheader ? " (default header)" : "", 2902 field, 2903 h->h_value == NULL ? "<NULL>" : h->h_value); 2904 } 2905 else 2906 { 2907 sm_syslog(LOG_INFO, e->e_id, 2908 "Milter change: header%s %s: from %s to %s", 2909 h == sysheader ? " (default header)" : "", 2910 field, 2911 h->h_value == NULL ? "<NULL>" : h->h_value, 2912 val); 2913 } 2914 } 2915 2916 if (h != sysheader && h->h_value != NULL) 2917 { 2918 size_t l; 2919 2920 l = strlen(h->h_value); 2921 if (l > e->e_msgsize) 2922 e->e_msgsize = 0; 2923 else 2924 e->e_msgsize -= l; 2925 /* rpool, don't free: sm_free(h->h_value); XXX */ 2926 } 2927 2928 if (*val == '\0') 2929 { 2930 /* Remove "Field: " from message size */ 2931 if (h != sysheader) 2932 { 2933 size_t l; 2934 2935 l = strlen(h->h_field) + 2; 2936 if (l > e->e_msgsize) 2937 e->e_msgsize = 0; 2938 else 2939 e->e_msgsize -= l; 2940 } 2941 h->h_value = NULL; 2942 } 2943 else 2944 { 2945 h->h_value = newstr(val); 2946 h->h_flags |= H_USER; 2947 e->e_msgsize += strlen(h->h_value); 2948 } 2949 } 2950 /* 2951 ** MILTER_ADDRCPT -- Add the supplied recipient to the message 2952 ** 2953 ** Parameters: 2954 ** response -- encoded form of recipient address. 2955 ** rlen -- length of response. 2956 ** e -- current envelope. 2957 ** 2958 ** Returns: 2959 ** none 2960 */ 2961 2962 static void 2963 milter_addrcpt(response, rlen, e) 2964 char *response; 2965 ssize_t rlen; 2966 ENVELOPE *e; 2967 { 2968 int olderrors; 2969 2970 if (tTd(64, 10)) 2971 sm_dprintf("milter_addrcpt: "); 2972 2973 /* sanity checks */ 2974 if (response == NULL) 2975 { 2976 if (tTd(64, 10)) 2977 sm_dprintf("NULL response\n"); 2978 return; 2979 } 2980 2981 if (*response == '\0' || 2982 strlen(response) + 1 != (size_t) rlen) 2983 { 2984 if (tTd(64, 10)) 2985 sm_dprintf("didn't follow protocol (total len %d != rlen %d)\n", 2986 (int) strlen(response), (int) (rlen - 1)); 2987 return; 2988 } 2989 2990 if (tTd(64, 10)) 2991 sm_dprintf("%s\n", response); 2992 if (MilterLogLevel > 8) 2993 sm_syslog(LOG_INFO, e->e_id, "Milter add: rcpt: %s", response); 2994 olderrors = Errors; 2995 (void) sendtolist(response, NULLADDR, &e->e_sendqueue, 0, e); 2996 Errors = olderrors; 2997 return; 2998 } 2999 /* 3000 ** MILTER_DELRCPT -- Delete the supplied recipient from the message 3001 ** 3002 ** Parameters: 3003 ** response -- encoded form of recipient address. 3004 ** rlen -- length of response. 3005 ** e -- current envelope. 3006 ** 3007 ** Returns: 3008 ** none 3009 */ 3010 3011 static void 3012 milter_delrcpt(response, rlen, e) 3013 char *response; 3014 ssize_t rlen; 3015 ENVELOPE *e; 3016 { 3017 if (tTd(64, 10)) 3018 sm_dprintf("milter_delrcpt: "); 3019 3020 /* sanity checks */ 3021 if (response == NULL) 3022 { 3023 if (tTd(64, 10)) 3024 sm_dprintf("NULL response\n"); 3025 return; 3026 } 3027 3028 if (*response == '\0' || 3029 strlen(response) + 1 != (size_t) rlen) 3030 { 3031 if (tTd(64, 10)) 3032 sm_dprintf("didn't follow protocol (total len)\n"); 3033 return; 3034 } 3035 3036 if (tTd(64, 10)) 3037 sm_dprintf("%s\n", response); 3038 if (MilterLogLevel > 8) 3039 sm_syslog(LOG_INFO, e->e_id, "Milter delete: rcpt %s", 3040 response); 3041 (void) removefromlist(response, &e->e_sendqueue, e); 3042 return; 3043 } 3044 /* 3045 ** MILTER_REPLBODY -- Replace the current data file with new body 3046 ** 3047 ** Parameters: 3048 ** response -- encoded form of new body. 3049 ** rlen -- length of response. 3050 ** newfilter -- if first time called by a new filter 3051 ** e -- current envelope. 3052 ** 3053 ** Returns: 3054 ** 0 upon success, -1 upon failure 3055 */ 3056 3057 static int 3058 milter_replbody(response, rlen, newfilter, e) 3059 char *response; 3060 ssize_t rlen; 3061 bool newfilter; 3062 ENVELOPE *e; 3063 { 3064 static char prevchar; 3065 int i; 3066 3067 if (tTd(64, 10)) 3068 sm_dprintf("milter_replbody\n"); 3069 3070 /* If a new filter, reset previous character and truncate data file */ 3071 if (newfilter) 3072 { 3073 off_t prevsize; 3074 char dfname[MAXPATHLEN]; 3075 3076 (void) sm_strlcpy(dfname, queuename(e, DATAFL_LETTER), 3077 sizeof dfname); 3078 3079 /* Reset prevchar */ 3080 prevchar = '\0'; 3081 3082 /* Get the current data file information */ 3083 prevsize = sm_io_getinfo(e->e_dfp, SM_IO_WHAT_SIZE, NULL); 3084 if (prevsize < 0) 3085 prevsize = 0; 3086 3087 /* truncate current data file */ 3088 if (sm_io_getinfo(e->e_dfp, SM_IO_WHAT_ISTYPE, BF_FILE_TYPE)) 3089 { 3090 if (sm_io_setinfo(e->e_dfp, SM_BF_TRUNCATE, NULL) < 0) 3091 { 3092 MILTER_DF_ERROR("milter_replbody: sm_io truncate %s: %s"); 3093 return -1; 3094 } 3095 } 3096 else 3097 { 3098 int err; 3099 3100 err = sm_io_error(e->e_dfp); 3101 (void) sm_io_flush(e->e_dfp, SM_TIME_DEFAULT); 3102 3103 /* 3104 ** Clear error if tried to fflush() 3105 ** a read-only file pointer and 3106 ** there wasn't a previous error. 3107 */ 3108 3109 if (err == 0) 3110 sm_io_clearerr(e->e_dfp); 3111 3112 /* errno is set implicitly by fseek() before return */ 3113 err = sm_io_seek(e->e_dfp, SM_TIME_DEFAULT, 3114 0, SEEK_SET); 3115 if (err < 0) 3116 { 3117 MILTER_DF_ERROR("milter_replbody: sm_io_seek %s: %s"); 3118 return -1; 3119 } 3120 # if NOFTRUNCATE 3121 /* XXX: Not much we can do except rewind it */ 3122 errno = EINVAL; 3123 MILTER_DF_ERROR("milter_replbody: ftruncate not available on this platform (%s:%s)"); 3124 return -1; 3125 # else /* NOFTRUNCATE */ 3126 err = ftruncate(sm_io_getinfo(e->e_dfp, 3127 SM_IO_WHAT_FD, NULL), 3128 0); 3129 if (err < 0) 3130 { 3131 MILTER_DF_ERROR("milter_replbody: sm_io ftruncate %s: %s"); 3132 return -1; 3133 } 3134 # endif /* NOFTRUNCATE */ 3135 } 3136 3137 if (prevsize > e->e_msgsize) 3138 e->e_msgsize = 0; 3139 else 3140 e->e_msgsize -= prevsize; 3141 } 3142 3143 if (newfilter && MilterLogLevel > 8) 3144 sm_syslog(LOG_INFO, e->e_id, "Milter message: body replaced"); 3145 3146 if (response == NULL) 3147 { 3148 /* Flush the buffered '\r' */ 3149 if (prevchar == '\r') 3150 { 3151 (void) sm_io_putc(e->e_dfp, SM_TIME_DEFAULT, prevchar); 3152 e->e_msgsize++; 3153 } 3154 return 0; 3155 } 3156 3157 for (i = 0; i < rlen; i++) 3158 { 3159 /* Buffered char from last chunk */ 3160 if (i == 0 && prevchar == '\r') 3161 { 3162 /* Not CRLF, output prevchar */ 3163 if (response[i] != '\n') 3164 { 3165 (void) sm_io_putc(e->e_dfp, SM_TIME_DEFAULT, 3166 prevchar); 3167 e->e_msgsize++; 3168 } 3169 prevchar = '\0'; 3170 } 3171 3172 /* Turn CRLF into LF */ 3173 if (response[i] == '\r') 3174 { 3175 /* check if at end of chunk */ 3176 if (i + 1 < rlen) 3177 { 3178 /* If LF, strip CR */ 3179 if (response[i + 1] == '\n') 3180 i++; 3181 } 3182 else 3183 { 3184 /* check next chunk */ 3185 prevchar = '\r'; 3186 continue; 3187 } 3188 } 3189 (void) sm_io_putc(e->e_dfp, SM_TIME_DEFAULT, response[i]); 3190 e->e_msgsize++; 3191 } 3192 return 0; 3193 } 3194 3195 /* 3196 ** MTA callouts 3197 */ 3198 3199 /* 3200 ** MILTER_INIT -- open and negotiate with all of the filters 3201 ** 3202 ** Parameters: 3203 ** e -- current envelope. 3204 ** state -- return state from response. 3205 ** 3206 ** Returns: 3207 ** true iff at least one filter is active 3208 */ 3209 3210 /* ARGSUSED */ 3211 bool 3212 milter_init(e, state) 3213 ENVELOPE *e; 3214 char *state; 3215 { 3216 int i; 3217 3218 if (tTd(64, 10)) 3219 sm_dprintf("milter_init\n"); 3220 3221 *state = SMFIR_CONTINUE; 3222 if (InputFilters[0] == NULL) 3223 { 3224 if (MilterLogLevel > 10) 3225 sm_syslog(LOG_INFO, e->e_id, 3226 "Milter: no active filter"); 3227 return false; 3228 } 3229 3230 for (i = 0; InputFilters[i] != NULL; i++) 3231 { 3232 struct milter *m = InputFilters[i]; 3233 3234 m->mf_sock = milter_open(m, false, e); 3235 if (m->mf_state == SMFS_ERROR) 3236 { 3237 MILTER_CHECK_ERROR(true, continue); 3238 break; 3239 } 3240 3241 if (m->mf_sock < 0 || 3242 milter_negotiate(m, e) < 0 || 3243 m->mf_state == SMFS_ERROR) 3244 { 3245 if (tTd(64, 5)) 3246 sm_dprintf("milter_init(%s): failed to %s\n", 3247 m->mf_name, 3248 m->mf_sock < 0 ? "open" : 3249 "negotiate"); 3250 if (MilterLogLevel > 0) 3251 sm_syslog(LOG_ERR, e->e_id, 3252 "Milter (%s): init failed to %s", 3253 m->mf_name, 3254 m->mf_sock < 0 ? "open" : 3255 "negotiate"); 3256 3257 /* if negotation failure, close socket */ 3258 milter_error(m, e); 3259 MILTER_CHECK_ERROR(true, continue); 3260 continue; 3261 } 3262 if (MilterLogLevel > 9) 3263 sm_syslog(LOG_INFO, e->e_id, 3264 "Milter (%s): init success to %s", 3265 m->mf_name, 3266 m->mf_sock < 0 ? "open" : "negotiate"); 3267 } 3268 3269 /* 3270 ** If something temp/perm failed with one of the filters, 3271 ** we won't be using any of them, so clear any existing 3272 ** connections. 3273 */ 3274 3275 if (*state != SMFIR_CONTINUE) 3276 milter_quit(e); 3277 3278 return true; 3279 } 3280 /* 3281 ** MILTER_CONNECT -- send connection info to milter filters 3282 ** 3283 ** Parameters: 3284 ** hostname -- hostname of remote machine. 3285 ** addr -- address of remote machine. 3286 ** e -- current envelope. 3287 ** state -- return state from response. 3288 ** 3289 ** Returns: 3290 ** response string (may be NULL) 3291 */ 3292 3293 char * 3294 milter_connect(hostname, addr, e, state) 3295 char *hostname; 3296 SOCKADDR addr; 3297 ENVELOPE *e; 3298 char *state; 3299 { 3300 char family; 3301 unsigned short port; 3302 char *buf, *bp; 3303 char *response; 3304 char *sockinfo = NULL; 3305 ssize_t s; 3306 # if NETINET6 3307 char buf6[INET6_ADDRSTRLEN]; 3308 # endif /* NETINET6 */ 3309 3310 if (tTd(64, 10)) 3311 sm_dprintf("milter_connect(%s)\n", hostname); 3312 if (MilterLogLevel > 9) 3313 sm_syslog(LOG_INFO, e->e_id, "Milter: connect to filters"); 3314 3315 /* gather data */ 3316 switch (addr.sa.sa_family) 3317 { 3318 # if NETUNIX 3319 case AF_UNIX: 3320 family = SMFIA_UNIX; 3321 port = htons(0); 3322 sockinfo = addr.sunix.sun_path; 3323 break; 3324 # endif /* NETUNIX */ 3325 3326 # if NETINET 3327 case AF_INET: 3328 family = SMFIA_INET; 3329 port = addr.sin.sin_port; 3330 sockinfo = (char *) inet_ntoa(addr.sin.sin_addr); 3331 break; 3332 # endif /* NETINET */ 3333 3334 # if NETINET6 3335 case AF_INET6: 3336 if (IN6_IS_ADDR_V4MAPPED(&addr.sin6.sin6_addr)) 3337 family = SMFIA_INET; 3338 else 3339 family = SMFIA_INET6; 3340 port = addr.sin6.sin6_port; 3341 sockinfo = anynet_ntop(&addr.sin6.sin6_addr, buf6, 3342 sizeof buf6); 3343 if (sockinfo == NULL) 3344 sockinfo = ""; 3345 break; 3346 # endif /* NETINET6 */ 3347 3348 default: 3349 family = SMFIA_UNKNOWN; 3350 break; 3351 } 3352 3353 s = strlen(hostname) + 1 + sizeof(family); 3354 if (family != SMFIA_UNKNOWN) 3355 s += sizeof(port) + strlen(sockinfo) + 1; 3356 3357 buf = (char *) xalloc(s); 3358 bp = buf; 3359 3360 /* put together data */ 3361 (void) memcpy(bp, hostname, strlen(hostname)); 3362 bp += strlen(hostname); 3363 *bp++ = '\0'; 3364 (void) memcpy(bp, &family, sizeof family); 3365 bp += sizeof family; 3366 if (family != SMFIA_UNKNOWN) 3367 { 3368 (void) memcpy(bp, &port, sizeof port); 3369 bp += sizeof port; 3370 3371 /* include trailing '\0' */ 3372 (void) memcpy(bp, sockinfo, strlen(sockinfo) + 1); 3373 } 3374 3375 response = milter_command(SMFIC_CONNECT, buf, s, 3376 MilterConnectMacros, e, state); 3377 sm_free(buf); /* XXX */ 3378 3379 /* 3380 ** If this message connection is done for, 3381 ** close the filters. 3382 */ 3383 3384 if (*state != SMFIR_CONTINUE) 3385 { 3386 if (MilterLogLevel > 9) 3387 sm_syslog(LOG_INFO, e->e_id, "Milter: connect, ending"); 3388 milter_quit(e); 3389 } 3390 else 3391 milter_per_connection_check(e); 3392 3393 /* 3394 ** SMFIR_REPLYCODE can't work with connect due to 3395 ** the requirements of SMTP. Therefore, ignore the 3396 ** reply code text but keep the state it would reflect. 3397 */ 3398 3399 if (*state == SMFIR_REPLYCODE) 3400 { 3401 if (response != NULL && 3402 *response == '4') 3403 { 3404 if (strncmp(response, "421 ", 4) == 0) 3405 *state = SMFIR_SHUTDOWN; 3406 else 3407 *state = SMFIR_TEMPFAIL; 3408 } 3409 else 3410 *state = SMFIR_REJECT; 3411 if (response != NULL) 3412 { 3413 sm_free(response); /* XXX */ 3414 response = NULL; 3415 } 3416 } 3417 return response; 3418 } 3419 /* 3420 ** MILTER_HELO -- send SMTP HELO/EHLO command info to milter filters 3421 ** 3422 ** Parameters: 3423 ** helo -- argument to SMTP HELO/EHLO command. 3424 ** e -- current envelope. 3425 ** state -- return state from response. 3426 ** 3427 ** Returns: 3428 ** response string (may be NULL) 3429 */ 3430 3431 char * 3432 milter_helo(helo, e, state) 3433 char *helo; 3434 ENVELOPE *e; 3435 char *state; 3436 { 3437 int i; 3438 char *response; 3439 3440 if (tTd(64, 10)) 3441 sm_dprintf("milter_helo(%s)\n", helo); 3442 3443 /* HELO/EHLO can come at any point */ 3444 for (i = 0; InputFilters[i] != NULL; i++) 3445 { 3446 struct milter *m = InputFilters[i]; 3447 3448 switch (m->mf_state) 3449 { 3450 case SMFS_INMSG: 3451 /* abort in message filters */ 3452 milter_abort_filter(m, e); 3453 /* FALLTHROUGH */ 3454 3455 case SMFS_DONE: 3456 /* reset done filters */ 3457 m->mf_state = SMFS_OPEN; 3458 break; 3459 } 3460 } 3461 3462 response = milter_command(SMFIC_HELO, helo, strlen(helo) + 1, 3463 MilterHeloMacros, e, state); 3464 milter_per_connection_check(e); 3465 return response; 3466 } 3467 /* 3468 ** MILTER_ENVFROM -- send SMTP MAIL command info to milter filters 3469 ** 3470 ** Parameters: 3471 ** args -- SMTP MAIL command args (args[0] == sender). 3472 ** e -- current envelope. 3473 ** state -- return state from response. 3474 ** 3475 ** Returns: 3476 ** response string (may be NULL) 3477 */ 3478 3479 char * 3480 milter_envfrom(args, e, state) 3481 char **args; 3482 ENVELOPE *e; 3483 char *state; 3484 { 3485 int i; 3486 char *buf, *bp; 3487 char *response; 3488 ssize_t s; 3489 3490 if (tTd(64, 10)) 3491 { 3492 sm_dprintf("milter_envfrom:"); 3493 for (i = 0; args[i] != NULL; i++) 3494 sm_dprintf(" %s", args[i]); 3495 sm_dprintf("\n"); 3496 } 3497 3498 /* sanity check */ 3499 if (args[0] == NULL) 3500 { 3501 *state = SMFIR_REJECT; 3502 if (MilterLogLevel > 10) 3503 sm_syslog(LOG_INFO, e->e_id, 3504 "Milter: reject, no sender"); 3505 return NULL; 3506 } 3507 3508 /* new message, so ... */ 3509 for (i = 0; InputFilters[i] != NULL; i++) 3510 { 3511 struct milter *m = InputFilters[i]; 3512 3513 switch (m->mf_state) 3514 { 3515 case SMFS_INMSG: 3516 /* abort in message filters */ 3517 milter_abort_filter(m, e); 3518 /* FALLTHROUGH */ 3519 3520 case SMFS_DONE: 3521 /* reset done filters */ 3522 m->mf_state = SMFS_OPEN; 3523 break; 3524 } 3525 } 3526 3527 /* put together data */ 3528 s = 0; 3529 for (i = 0; args[i] != NULL; i++) 3530 s += strlen(args[i]) + 1; 3531 3532 if (s < 0) 3533 { 3534 *state = SMFIR_TEMPFAIL; 3535 return NULL; 3536 } 3537 3538 buf = (char *) xalloc(s); 3539 bp = buf; 3540 for (i = 0; args[i] != NULL; i++) 3541 { 3542 (void) sm_strlcpy(bp, args[i], s - (bp - buf)); 3543 bp += strlen(bp) + 1; 3544 } 3545 3546 if (MilterLogLevel > 14) 3547 sm_syslog(LOG_INFO, e->e_id, "Milter: senders: %s", buf); 3548 3549 /* send it over */ 3550 response = milter_command(SMFIC_MAIL, buf, s, 3551 MilterEnvFromMacros, e, state); 3552 sm_free(buf); /* XXX */ 3553 3554 /* 3555 ** If filter rejects/discards a per message command, 3556 ** abort the other filters since we are done with the 3557 ** current message. 3558 */ 3559 3560 MILTER_CHECK_DONE_MSG(); 3561 if (MilterLogLevel > 10 && *state == SMFIR_REJECT) 3562 sm_syslog(LOG_INFO, e->e_id, "Milter: reject, senders"); 3563 return response; 3564 } 3565 3566 /* 3567 ** MILTER_ENVRCPT -- send SMTP RCPT command info to milter filters 3568 ** 3569 ** Parameters: 3570 ** args -- SMTP MAIL command args (args[0] == recipient). 3571 ** e -- current envelope. 3572 ** state -- return state from response. 3573 ** 3574 ** Returns: 3575 ** response string (may be NULL) 3576 */ 3577 3578 char * 3579 milter_envrcpt(args, e, state) 3580 char **args; 3581 ENVELOPE *e; 3582 char *state; 3583 { 3584 int i; 3585 char *buf, *bp; 3586 char *response; 3587 ssize_t s; 3588 3589 if (tTd(64, 10)) 3590 { 3591 sm_dprintf("milter_envrcpt:"); 3592 for (i = 0; args[i] != NULL; i++) 3593 sm_dprintf(" %s", args[i]); 3594 sm_dprintf("\n"); 3595 } 3596 3597 /* sanity check */ 3598 if (args[0] == NULL) 3599 { 3600 *state = SMFIR_REJECT; 3601 if (MilterLogLevel > 10) 3602 sm_syslog(LOG_INFO, e->e_id, "Milter: reject, no rcpt"); 3603 return NULL; 3604 } 3605 3606 /* put together data */ 3607 s = 0; 3608 for (i = 0; args[i] != NULL; i++) 3609 s += strlen(args[i]) + 1; 3610 3611 if (s < 0) 3612 { 3613 *state = SMFIR_TEMPFAIL; 3614 return NULL; 3615 } 3616 3617 buf = (char *) xalloc(s); 3618 bp = buf; 3619 for (i = 0; args[i] != NULL; i++) 3620 { 3621 (void) sm_strlcpy(bp, args[i], s - (bp - buf)); 3622 bp += strlen(bp) + 1; 3623 } 3624 3625 if (MilterLogLevel > 14) 3626 sm_syslog(LOG_INFO, e->e_id, "Milter: rcpts: %s", buf); 3627 3628 /* send it over */ 3629 response = milter_command(SMFIC_RCPT, buf, s, 3630 MilterEnvRcptMacros, e, state); 3631 sm_free(buf); /* XXX */ 3632 return response; 3633 } 3634 3635 #if SMFI_VERSION > 3 3636 /* 3637 ** MILTER_DATA_CMD -- send SMTP DATA command info to milter filters 3638 ** 3639 ** Parameters: 3640 ** e -- current envelope. 3641 ** state -- return state from response. 3642 ** 3643 ** Returns: 3644 ** response string (may be NULL) 3645 */ 3646 3647 char * 3648 milter_data_cmd(e, state) 3649 ENVELOPE *e; 3650 char *state; 3651 { 3652 if (tTd(64, 10)) 3653 sm_dprintf("milter_data_cmd\n"); 3654 3655 /* send it over */ 3656 return milter_command(SMFIC_DATA, NULL, 0, MilterDataMacros, e, state); 3657 } 3658 #endif /* SMFI_VERSION > 3 */ 3659 3660 /* 3661 ** MILTER_DATA -- send message headers/body and gather final message results 3662 ** 3663 ** Parameters: 3664 ** e -- current envelope. 3665 ** state -- return state from response. 3666 ** 3667 ** Returns: 3668 ** response string (may be NULL) 3669 ** 3670 ** Side effects: 3671 ** - Uses e->e_dfp for access to the body 3672 ** - Can call the various milter action routines to 3673 ** modify the envelope or message. 3674 */ 3675 3676 # define MILTER_CHECK_RESULTS() \ 3677 if (*state == SMFIR_ACCEPT || \ 3678 m->mf_state == SMFS_DONE || \ 3679 m->mf_state == SMFS_ERROR) \ 3680 { \ 3681 if (m->mf_state != SMFS_ERROR) \ 3682 m->mf_state = SMFS_DONE; \ 3683 continue; /* to next filter */ \ 3684 } \ 3685 if (*state != SMFIR_CONTINUE) \ 3686 { \ 3687 m->mf_state = SMFS_DONE; \ 3688 goto finishup; \ 3689 } 3690 3691 char * 3692 milter_data(e, state) 3693 ENVELOPE *e; 3694 char *state; 3695 { 3696 bool replbody = false; /* milter_replbody() called? */ 3697 bool replfailed = false; /* milter_replbody() failed? */ 3698 bool rewind = false; /* rewind data file? */ 3699 bool dfopen = false; /* data file open for writing? */ 3700 bool newfilter; /* reset on each new filter */ 3701 char rcmd; 3702 int i; 3703 int save_errno; 3704 char *response = NULL; 3705 time_t eomsent; 3706 ssize_t rlen; 3707 3708 if (tTd(64, 10)) 3709 sm_dprintf("milter_data\n"); 3710 3711 *state = SMFIR_CONTINUE; 3712 3713 /* 3714 ** XXX: Should actually send body chunks to each filter 3715 ** a chunk at a time instead of sending the whole body to 3716 ** each filter in turn. However, only if the filters don't 3717 ** change the body. 3718 */ 3719 3720 for (i = 0; InputFilters[i] != NULL; i++) 3721 { 3722 struct milter *m = InputFilters[i]; 3723 3724 if (*state != SMFIR_CONTINUE && 3725 *state != SMFIR_ACCEPT) 3726 { 3727 /* 3728 ** A previous filter has dealt with the message, 3729 ** safe to stop processing the filters. 3730 */ 3731 3732 break; 3733 } 3734 3735 /* Now reset state for later evaluation */ 3736 *state = SMFIR_CONTINUE; 3737 newfilter = true; 3738 3739 /* previous problem? */ 3740 if (m->mf_state == SMFS_ERROR) 3741 { 3742 MILTER_CHECK_ERROR(false, continue); 3743 break; 3744 } 3745 3746 /* sanity checks */ 3747 if (m->mf_sock < 0 || 3748 (m->mf_state != SMFS_OPEN && m->mf_state != SMFS_INMSG)) 3749 continue; 3750 3751 m->mf_state = SMFS_INMSG; 3752 3753 /* check if filter wants the headers */ 3754 if (!bitset(SMFIP_NOHDRS, m->mf_pflags)) 3755 { 3756 response = milter_headers(m, e, state); 3757 MILTER_CHECK_RESULTS(); 3758 } 3759 3760 /* check if filter wants EOH */ 3761 if (!bitset(SMFIP_NOEOH, m->mf_pflags)) 3762 { 3763 if (tTd(64, 10)) 3764 sm_dprintf("milter_data: eoh\n"); 3765 3766 /* send it over */ 3767 response = milter_send_command(m, SMFIC_EOH, NULL, 0, 3768 e, state); 3769 MILTER_CHECK_RESULTS(); 3770 } 3771 3772 /* check if filter wants the body */ 3773 if (!bitset(SMFIP_NOBODY, m->mf_pflags) && 3774 e->e_dfp != NULL) 3775 { 3776 rewind = true; 3777 response = milter_body(m, e, state); 3778 MILTER_CHECK_RESULTS(); 3779 } 3780 3781 if (MilterEOMMacros[0] != NULL) 3782 { 3783 milter_send_macros(m, MilterEOMMacros, 3784 SMFIC_BODYEOB, e); 3785 MILTER_CHECK_RESULTS(); 3786 } 3787 3788 /* send the final body chunk */ 3789 (void) milter_write(m, SMFIC_BODYEOB, NULL, 0, 3790 m->mf_timeout[SMFTO_WRITE], e); 3791 3792 /* Get time EOM sent for timeout */ 3793 eomsent = curtime(); 3794 3795 /* deal with the possibility of multiple responses */ 3796 while (*state == SMFIR_CONTINUE) 3797 { 3798 /* Check total timeout from EOM to final ACK/NAK */ 3799 if (m->mf_timeout[SMFTO_EOM] > 0 && 3800 curtime() - eomsent >= m->mf_timeout[SMFTO_EOM]) 3801 { 3802 if (tTd(64, 5)) 3803 sm_dprintf("milter_data(%s): EOM ACK/NAK timeout\n", 3804 m->mf_name); 3805 if (MilterLogLevel > 0) 3806 sm_syslog(LOG_ERR, e->e_id, 3807 "milter_data(%s): EOM ACK/NAK timeout", 3808 m->mf_name); 3809 milter_error(m, e); 3810 MILTER_CHECK_ERROR(false, break); 3811 break; 3812 } 3813 3814 response = milter_read(m, &rcmd, &rlen, 3815 m->mf_timeout[SMFTO_READ], e); 3816 if (m->mf_state == SMFS_ERROR) 3817 break; 3818 3819 if (tTd(64, 10)) 3820 sm_dprintf("milter_data(%s): state %c\n", 3821 m->mf_name, (char) rcmd); 3822 3823 switch (rcmd) 3824 { 3825 case SMFIR_REPLYCODE: 3826 MILTER_CHECK_REPLYCODE("554 5.7.1 Command rejected"); 3827 if (MilterLogLevel > 12) 3828 sm_syslog(LOG_INFO, e->e_id, "milter=%s, reject=%s", 3829 m->mf_name, response); 3830 *state = rcmd; 3831 m->mf_state = SMFS_DONE; 3832 break; 3833 3834 case SMFIR_REJECT: /* log msg at end of function */ 3835 if (MilterLogLevel > 12) 3836 sm_syslog(LOG_INFO, e->e_id, "milter=%s, reject", 3837 m->mf_name); 3838 *state = rcmd; 3839 m->mf_state = SMFS_DONE; 3840 break; 3841 3842 case SMFIR_DISCARD: 3843 if (MilterLogLevel > 12) 3844 sm_syslog(LOG_INFO, e->e_id, "milter=%s, discard", 3845 m->mf_name); 3846 *state = rcmd; 3847 m->mf_state = SMFS_DONE; 3848 break; 3849 3850 case SMFIR_TEMPFAIL: 3851 if (MilterLogLevel > 12) 3852 sm_syslog(LOG_INFO, e->e_id, "milter=%s, tempfail", 3853 m->mf_name); 3854 *state = rcmd; 3855 m->mf_state = SMFS_DONE; 3856 break; 3857 3858 case SMFIR_CONTINUE: 3859 case SMFIR_ACCEPT: 3860 /* this filter is done with message */ 3861 if (replfailed) 3862 *state = SMFIR_TEMPFAIL; 3863 else 3864 *state = SMFIR_ACCEPT; 3865 m->mf_state = SMFS_DONE; 3866 break; 3867 3868 case SMFIR_PROGRESS: 3869 break; 3870 3871 case SMFIR_QUARANTINE: 3872 if (!bitset(SMFIF_QUARANTINE, m->mf_fflags)) 3873 { 3874 if (MilterLogLevel > 9) 3875 sm_syslog(LOG_WARNING, e->e_id, 3876 "milter_data(%s): lied about quarantining, honoring request anyway", 3877 m->mf_name); 3878 } 3879 if (response == NULL) 3880 response = newstr(""); 3881 if (MilterLogLevel > 3) 3882 sm_syslog(LOG_INFO, e->e_id, 3883 "milter=%s, quarantine=%s", 3884 m->mf_name, response); 3885 e->e_quarmsg = sm_rpool_strdup_x(e->e_rpool, 3886 response); 3887 macdefine(&e->e_macro, A_PERM, 3888 macid("{quarantine}"), e->e_quarmsg); 3889 break; 3890 3891 case SMFIR_ADDHEADER: 3892 if (!bitset(SMFIF_ADDHDRS, m->mf_fflags)) 3893 { 3894 if (MilterLogLevel > 9) 3895 sm_syslog(LOG_WARNING, e->e_id, 3896 "milter_data(%s): lied about adding headers, honoring request anyway", 3897 m->mf_name); 3898 } 3899 milter_addheader(response, rlen, e); 3900 break; 3901 3902 case SMFIR_INSHEADER: 3903 if (!bitset(SMFIF_ADDHDRS, m->mf_fflags)) 3904 { 3905 if (MilterLogLevel > 9) 3906 sm_syslog(LOG_WARNING, e->e_id, 3907 "milter_data(%s): lied about adding headers, honoring request anyway", 3908 m->mf_name); 3909 } 3910 milter_insheader(response, rlen, e); 3911 break; 3912 3913 case SMFIR_CHGHEADER: 3914 if (!bitset(SMFIF_CHGHDRS, m->mf_fflags)) 3915 { 3916 if (MilterLogLevel > 9) 3917 sm_syslog(LOG_WARNING, e->e_id, 3918 "milter_data(%s): lied about changing headers, honoring request anyway", 3919 m->mf_name); 3920 } 3921 milter_changeheader(response, rlen, e); 3922 break; 3923 3924 case SMFIR_ADDRCPT: 3925 if (!bitset(SMFIF_ADDRCPT, m->mf_fflags)) 3926 { 3927 if (MilterLogLevel > 9) 3928 sm_syslog(LOG_WARNING, e->e_id, 3929 "milter_data(%s) lied about adding recipients, honoring request anyway", 3930 m->mf_name); 3931 } 3932 milter_addrcpt(response, rlen, e); 3933 break; 3934 3935 case SMFIR_DELRCPT: 3936 if (!bitset(SMFIF_DELRCPT, m->mf_fflags)) 3937 { 3938 if (MilterLogLevel > 9) 3939 sm_syslog(LOG_WARNING, e->e_id, 3940 "milter_data(%s): lied about removing recipients, honoring request anyway", 3941 m->mf_name); 3942 } 3943 milter_delrcpt(response, rlen, e); 3944 break; 3945 3946 case SMFIR_REPLBODY: 3947 if (!bitset(SMFIF_MODBODY, m->mf_fflags)) 3948 { 3949 if (MilterLogLevel > 0) 3950 sm_syslog(LOG_ERR, e->e_id, 3951 "milter_data(%s): lied about replacing body, rejecting request and tempfailing message", 3952 m->mf_name); 3953 replfailed = true; 3954 break; 3955 } 3956 3957 /* already failed in attempt */ 3958 if (replfailed) 3959 break; 3960 3961 if (!dfopen) 3962 { 3963 if (milter_reopen_df(e) < 0) 3964 { 3965 replfailed = true; 3966 break; 3967 } 3968 dfopen = true; 3969 rewind = true; 3970 } 3971 3972 if (milter_replbody(response, rlen, 3973 newfilter, e) < 0) 3974 replfailed = true; 3975 newfilter = false; 3976 replbody = true; 3977 break; 3978 3979 default: 3980 /* Invalid response to command */ 3981 if (MilterLogLevel > 0) 3982 sm_syslog(LOG_ERR, e->e_id, 3983 "milter_data(%s): returned bogus response %c", 3984 m->mf_name, rcmd); 3985 milter_error(m, e); 3986 break; 3987 } 3988 if (rcmd != SMFIR_REPLYCODE && response != NULL) 3989 { 3990 sm_free(response); /* XXX */ 3991 response = NULL; 3992 } 3993 3994 if (m->mf_state == SMFS_ERROR) 3995 break; 3996 } 3997 3998 if (replbody && !replfailed) 3999 { 4000 /* flush possible buffered character */ 4001 milter_replbody(NULL, 0, !replbody, e); 4002 replbody = false; 4003 } 4004 4005 if (m->mf_state == SMFS_ERROR) 4006 { 4007 MILTER_CHECK_ERROR(false, continue); 4008 goto finishup; 4009 } 4010 } 4011 4012 finishup: 4013 /* leave things in the expected state if we touched it */ 4014 if (replfailed) 4015 { 4016 if (*state == SMFIR_CONTINUE || 4017 *state == SMFIR_ACCEPT) 4018 { 4019 *state = SMFIR_TEMPFAIL; 4020 SM_FREE_CLR(response); 4021 } 4022 4023 if (dfopen) 4024 { 4025 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 4026 e->e_dfp = NULL; 4027 e->e_flags &= ~EF_HAS_DF; 4028 dfopen = false; 4029 } 4030 rewind = false; 4031 } 4032 4033 if ((dfopen && milter_reset_df(e) < 0) || 4034 (rewind && bfrewind(e->e_dfp) < 0)) 4035 { 4036 save_errno = errno; 4037 ExitStat = EX_IOERR; 4038 4039 /* 4040 ** If filter told us to keep message but we had 4041 ** an error, we can't really keep it, tempfail it. 4042 */ 4043 4044 if (*state == SMFIR_CONTINUE || 4045 *state == SMFIR_ACCEPT) 4046 { 4047 *state = SMFIR_TEMPFAIL; 4048 SM_FREE_CLR(response); 4049 } 4050 4051 errno = save_errno; 4052 syserr("milter_data: %s/%cf%s: read error", 4053 qid_printqueue(e->e_qgrp, e->e_qdir), 4054 DATAFL_LETTER, e->e_id); 4055 } 4056 4057 MILTER_CHECK_DONE_MSG(); 4058 if (MilterLogLevel > 10 && *state == SMFIR_REJECT) 4059 sm_syslog(LOG_INFO, e->e_id, "Milter: reject, data"); 4060 return response; 4061 } 4062 4063 #if SMFI_VERSION > 2 4064 /* 4065 ** MILTER_UNKNOWN -- send any unrecognized or unimplemented command 4066 ** string to milter filters 4067 ** 4068 ** Parameters: 4069 ** cmd -- the string itself. 4070 ** e -- current envelope. 4071 ** state -- return state from response. 4072 ** 4073 ** 4074 ** Returns: 4075 ** response string (may be NULL) 4076 */ 4077 4078 char * 4079 milter_unknown(cmd, e, state) 4080 char *cmd; 4081 ENVELOPE *e; 4082 char *state; 4083 { 4084 if (tTd(64, 10)) 4085 sm_dprintf("milter_unknown(%s)\n", cmd); 4086 4087 return milter_command(SMFIC_UNKNOWN, cmd, strlen(cmd) + 1, 4088 NULL, e, state); 4089 } 4090 #endif /* SMFI_VERSION > 2 */ 4091 4092 /* 4093 ** MILTER_QUIT -- informs the filter(s) we are done and closes connection(s) 4094 ** 4095 ** Parameters: 4096 ** e -- current envelope. 4097 ** 4098 ** Returns: 4099 ** none 4100 */ 4101 4102 void 4103 milter_quit(e) 4104 ENVELOPE *e; 4105 { 4106 int i; 4107 4108 if (tTd(64, 10)) 4109 sm_dprintf("milter_quit(%s)\n", e->e_id); 4110 4111 for (i = 0; InputFilters[i] != NULL; i++) 4112 milter_quit_filter(InputFilters[i], e); 4113 } 4114 /* 4115 ** MILTER_ABORT -- informs the filter(s) that we are aborting current message 4116 ** 4117 ** Parameters: 4118 ** e -- current envelope. 4119 ** 4120 ** Returns: 4121 ** none 4122 */ 4123 4124 void 4125 milter_abort(e) 4126 ENVELOPE *e; 4127 { 4128 int i; 4129 4130 if (tTd(64, 10)) 4131 sm_dprintf("milter_abort\n"); 4132 4133 for (i = 0; InputFilters[i] != NULL; i++) 4134 { 4135 struct milter *m = InputFilters[i]; 4136 4137 /* sanity checks */ 4138 if (m->mf_sock < 0 || m->mf_state != SMFS_INMSG) 4139 continue; 4140 4141 milter_abort_filter(m, e); 4142 } 4143 } 4144 #endif /* MILTER */ 4145