1 /* 2 * Copyright (c) 1998-2003, 2006 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 */ 13 14 #pragma ident "%Z%%M% %I% %E% SMI" 15 16 #include <sendmail.h> 17 18 SM_RCSID("@(#)$Id: envelope.c,v 8.302 2006/11/10 23:12:52 ca Exp $") 19 20 /* 21 ** CLRSESSENVELOPE -- clear session oriented data in an envelope 22 ** 23 ** Parameters: 24 ** e -- the envelope to clear. 25 ** 26 ** Returns: 27 ** none. 28 */ 29 30 void 31 clrsessenvelope(e) 32 ENVELOPE *e; 33 { 34 #if SASL 35 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), ""); 36 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), ""); 37 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), ""); 38 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), ""); 39 #endif /* SASL */ 40 #if STARTTLS 41 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), ""); 42 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), ""); 43 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), ""); 44 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), ""); 45 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), ""); 46 macdefine(&e->e_macro, A_PERM, macid("{verify}"), ""); 47 # if _FFR_TLS_1 48 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), ""); 49 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), ""); 50 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), ""); 51 # endif /* _FFR_TLS_1 */ 52 #endif /* STARTTLS */ 53 } 54 55 /* 56 ** NEWENVELOPE -- fill in a new envelope 57 ** 58 ** Supports inheritance. 59 ** 60 ** Parameters: 61 ** e -- the new envelope to fill in. 62 ** parent -- the envelope to be the parent of e. 63 ** rpool -- either NULL, or a pointer to a resource pool 64 ** from which envelope memory is allocated, and 65 ** to which envelope resources are attached. 66 ** 67 ** Returns: 68 ** e. 69 ** 70 ** Side Effects: 71 ** none. 72 */ 73 74 ENVELOPE * 75 newenvelope(e, parent, rpool) 76 register ENVELOPE *e; 77 register ENVELOPE *parent; 78 SM_RPOOL_T *rpool; 79 { 80 int sendmode; 81 82 /* 83 ** This code used to read: 84 ** if (e == parent && e->e_parent != NULL) 85 ** parent = e->e_parent; 86 ** So if e == parent && e->e_parent == NULL then we would 87 ** set e->e_parent = e, which creates a loop in the e_parent chain. 88 ** This meant macvalue() could go into an infinite loop. 89 */ 90 91 if (parent != NULL) 92 sendmode = parent->e_sendmode; 93 else 94 sendmode = DM_NOTSET; 95 96 if (e == parent) 97 parent = e->e_parent; 98 clearenvelope(e, true, rpool); 99 if (e == CurEnv) 100 memmove((char *) &e->e_from, 101 (char *) &NullAddress, 102 sizeof(e->e_from)); 103 else 104 memmove((char *) &e->e_from, 105 (char *) &CurEnv->e_from, 106 sizeof(e->e_from)); 107 e->e_parent = parent; 108 assign_queueid(e); 109 e->e_ctime = curtime(); 110 if (parent != NULL) 111 { 112 e->e_msgpriority = parent->e_msgsize; 113 if (parent->e_quarmsg == NULL) 114 { 115 e->e_quarmsg = NULL; 116 macdefine(&e->e_macro, A_PERM, 117 macid("{quarantine}"), ""); 118 } 119 else 120 { 121 e->e_quarmsg = sm_rpool_strdup_x(rpool, 122 parent->e_quarmsg); 123 macdefine(&e->e_macro, A_PERM, 124 macid("{quarantine}"), e->e_quarmsg); 125 } 126 } 127 e->e_puthdr = putheader; 128 e->e_putbody = putbody; 129 if (CurEnv->e_xfp != NULL) 130 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT); 131 if (sendmode != DM_NOTSET) 132 e->e_sendmode = sendmode; 133 134 return e; 135 } 136 137 /* values for msg_timeout, see also IS_* below for usage (bit layout) */ 138 #define MSG_T_O 0x01 /* normal timeout */ 139 #define MSG_T_O_NOW 0x02 /* NOW timeout */ 140 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */ 141 #define MSG_WARN 0x10 /* normal queue warning */ 142 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */ 143 144 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */ 145 146 /* immediate return */ 147 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0) 148 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */ 149 150 /* 151 ** DROPENVELOPE -- deallocate an envelope. 152 ** 153 ** Parameters: 154 ** e -- the envelope to deallocate. 155 ** fulldrop -- if set, do return receipts. 156 ** split -- if true, split by recipient if message is queued up 157 ** 158 ** Returns: 159 ** none. 160 ** 161 ** Side Effects: 162 ** housekeeping necessary to dispose of an envelope. 163 ** Unlocks this queue file. 164 */ 165 166 void 167 dropenvelope(e, fulldrop, split) 168 register ENVELOPE *e; 169 bool fulldrop; 170 bool split; 171 { 172 bool panic = false; 173 bool queueit = false; 174 int msg_timeout = 0; 175 bool failure_return = false; 176 bool delay_return = false; 177 bool success_return = false; 178 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags); 179 bool done = false; 180 register ADDRESS *q; 181 char *id = e->e_id; 182 time_t now; 183 char buf[MAXLINE]; 184 185 if (tTd(50, 1)) 186 { 187 sm_dprintf("dropenvelope %p: id=", e); 188 xputs(sm_debug_file(), e->e_id); 189 sm_dprintf(", flags="); 190 printenvflags(e); 191 if (tTd(50, 10)) 192 { 193 sm_dprintf("sendq="); 194 printaddr(sm_debug_file(), e->e_sendqueue, true); 195 } 196 } 197 198 if (LogLevel > 84) 199 sm_syslog(LOG_DEBUG, id, 200 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d", 201 e->e_flags, OpMode, (int) CurrentPid); 202 203 /* we must have an id to remove disk files */ 204 if (id == NULL) 205 return; 206 207 /* if verify-only mode, we can skip most of this */ 208 if (OpMode == MD_VERIFY) 209 goto simpledrop; 210 211 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags)) 212 logsender(e, NULL); 213 e->e_flags &= ~EF_LOGSENDER; 214 215 /* post statistics */ 216 poststats(StatFile); 217 218 /* 219 ** Extract state information from dregs of send list. 220 */ 221 222 now = curtime(); 223 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass]) 224 msg_timeout = MSG_T_O; 225 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 && 226 now >= e->e_ctime + e->e_deliver_by && 227 !bitset(EF_RESPONSE, e->e_flags)) 228 { 229 msg_timeout = MSG_NOT_BY; 230 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 231 } 232 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW && 233 !bitset(EF_RESPONSE, e->e_flags)) 234 { 235 msg_timeout = MSG_T_O_NOW; 236 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 237 } 238 239 e->e_flags &= ~EF_QUEUERUN; 240 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 241 { 242 if (QS_IS_UNDELIVERED(q->q_state)) 243 queueit = true; 244 245 /* see if a notification is needed */ 246 if (bitset(QPINGONFAILURE, q->q_flags) && 247 ((IS_MSG_ERR(msg_timeout) && 248 QS_IS_UNDELIVERED(q->q_state)) || 249 QS_IS_BADADDR(q->q_state) || 250 IS_IMM_RET(msg_timeout))) 251 { 252 failure_return = true; 253 if (!done && q->q_owner == NULL && 254 !emptyaddr(&e->e_from)) 255 { 256 (void) sendtolist(e->e_from.q_paddr, NULLADDR, 257 &e->e_errorqueue, 0, e); 258 done = true; 259 } 260 } 261 else if ((bitset(QPINGONSUCCESS, q->q_flags) && 262 ((QS_IS_SENT(q->q_state) && 263 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) || 264 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) || 265 bitset(QBYTRACE, q->q_flags) || 266 bitset(QBYNRELAY, q->q_flags)) 267 { 268 success_return = true; 269 } 270 } 271 272 if (e->e_class < 0) 273 e->e_flags |= EF_NO_BODY_RETN; 274 275 /* 276 ** See if the message timed out. 277 */ 278 279 if (!queueit) 280 /* EMPTY */ 281 /* nothing to do */ ; 282 else if (IS_MSG_ERR(msg_timeout)) 283 { 284 if (failure_return) 285 { 286 if (msg_timeout == MSG_NOT_BY) 287 { 288 (void) sm_snprintf(buf, sizeof(buf), 289 "delivery time expired %lds", 290 e->e_deliver_by); 291 } 292 else 293 { 294 (void) sm_snprintf(buf, sizeof(buf), 295 "Cannot send message for %s", 296 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 297 false)); 298 } 299 300 /* don't free, allocated from e_rpool */ 301 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf); 302 message(buf); 303 e->e_flags |= EF_CLRQUEUE; 304 } 305 if (msg_timeout == MSG_NOT_BY) 306 { 307 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 308 "Delivery time (%lds) expired\n", 309 e->e_deliver_by); 310 } 311 else 312 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 313 "Message could not be delivered for %s\n", 314 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 315 false)); 316 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 317 "Message will be deleted from queue\n"); 318 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 319 { 320 if (QS_IS_UNDELIVERED(q->q_state)) 321 { 322 q->q_state = QS_BADADDR; 323 if (msg_timeout == MSG_NOT_BY) 324 q->q_status = "5.4.7"; 325 else 326 q->q_status = "4.4.7"; 327 } 328 } 329 } 330 else 331 { 332 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 && 333 now >= e->e_ctime + 334 TimeOuts.to_q_warning[e->e_timeoutclass]) 335 msg_timeout = MSG_WARN; 336 else if (IS_DLVR_NOTIFY(e) && 337 e->e_deliver_by > 0 && 338 now >= e->e_ctime + e->e_deliver_by) 339 msg_timeout = MSG_WARN_BY; 340 341 if (IS_MSG_WARN(msg_timeout)) 342 { 343 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) && 344 e->e_class >= 0 && 345 e->e_from.q_paddr != NULL && 346 strcmp(e->e_from.q_paddr, "<>") != 0 && 347 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 && 348 (strlen(e->e_from.q_paddr) <= 8 || 349 sm_strcasecmp(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8], 350 "-request") != 0)) 351 { 352 for (q = e->e_sendqueue; q != NULL; 353 q = q->q_next) 354 { 355 if (QS_IS_UNDELIVERED(q->q_state) 356 #if _FFR_NODELAYDSN_ON_HOLD 357 && !bitnset(M_HOLD, 358 q->q_mailer->m_flags) 359 #endif /* _FFR_NODELAYDSN_ON_HOLD */ 360 ) 361 { 362 if (msg_timeout == 363 MSG_WARN_BY && 364 (bitset(QPINGONDELAY, 365 q->q_flags) || 366 !bitset(QHASNOTIFY, 367 q->q_flags)) 368 ) 369 { 370 q->q_flags |= QBYNDELAY; 371 delay_return = true; 372 } 373 if (bitset(QPINGONDELAY, 374 q->q_flags)) 375 { 376 q->q_flags |= QDELAYED; 377 delay_return = true; 378 } 379 } 380 } 381 } 382 if (delay_return) 383 { 384 if (msg_timeout == MSG_WARN_BY) 385 { 386 (void) sm_snprintf(buf, sizeof(buf), 387 "Warning: Delivery time (%lds) exceeded", 388 e->e_deliver_by); 389 } 390 else 391 (void) sm_snprintf(buf, sizeof(buf), 392 "Warning: could not send message for past %s", 393 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 394 false)); 395 396 /* don't free, allocated from e_rpool */ 397 e->e_message = sm_rpool_strdup_x(e->e_rpool, 398 buf); 399 message(buf); 400 e->e_flags |= EF_WARNING; 401 } 402 if (msg_timeout == MSG_WARN_BY) 403 { 404 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 405 "Warning: Delivery time (%lds) exceeded\n", 406 e->e_deliver_by); 407 } 408 else 409 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 410 "Warning: message still undelivered after %s\n", 411 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 412 false)); 413 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 414 "Will keep trying until message is %s old\n", 415 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 416 false)); 417 } 418 } 419 420 if (tTd(50, 2)) 421 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n", 422 failure_return, delay_return, success_return, queueit); 423 424 /* 425 ** If we had some fatal error, but no addresses are marked as 426 ** bad, mark them _all_ as bad. 427 */ 428 429 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return) 430 { 431 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 432 { 433 if ((QS_IS_OK(q->q_state) || 434 QS_IS_VERIFIED(q->q_state)) && 435 bitset(QPINGONFAILURE, q->q_flags)) 436 { 437 failure_return = true; 438 q->q_state = QS_BADADDR; 439 } 440 } 441 } 442 443 /* 444 ** Send back return receipts as requested. 445 */ 446 447 if (success_return && !failure_return && !delay_return && fulldrop && 448 !bitset(PRIV_NORECEIPTS, PrivacyFlags) && 449 strcmp(e->e_from.q_paddr, "<>") != 0) 450 { 451 auto ADDRESS *rlist = NULL; 452 453 if (tTd(50, 8)) 454 sm_dprintf("dropenvelope(%s): sending return receipt\n", 455 id); 456 e->e_flags |= EF_SENDRECEIPT; 457 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e); 458 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e); 459 } 460 e->e_flags &= ~EF_SENDRECEIPT; 461 462 /* 463 ** Arrange to send error messages if there are fatal errors. 464 */ 465 466 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET) 467 { 468 if (tTd(50, 8)) 469 sm_dprintf("dropenvelope(%s): saving mail\n", id); 470 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags)); 471 } 472 473 /* 474 ** Arrange to send warning messages to postmaster as requested. 475 */ 476 477 if ((failure_return || pmnotify) && 478 PostMasterCopy != NULL && 479 !bitset(EF_RESPONSE, e->e_flags) && 480 e->e_class >= 0) 481 { 482 auto ADDRESS *rlist = NULL; 483 char pcopy[MAXNAME]; 484 485 if (failure_return) 486 { 487 expand(PostMasterCopy, pcopy, sizeof(pcopy), e); 488 489 if (tTd(50, 8)) 490 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n", 491 id, pcopy); 492 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e); 493 } 494 if (pmnotify) 495 (void) sendtolist("postmaster", NULLADDR, 496 &rlist, 0, e); 497 (void) returntosender(e->e_message, rlist, 498 RTSF_PM_BOUNCE|RTSF_NO_BODY, e); 499 } 500 501 /* 502 ** Instantiate or deinstantiate the queue. 503 */ 504 505 simpledrop: 506 if (tTd(50, 8)) 507 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n", 508 id, queueit); 509 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags)) 510 { 511 if (tTd(50, 1)) 512 { 513 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=", 514 e->e_id, queueit); 515 printenvflags(e); 516 } 517 if (!panic) 518 { 519 if (e->e_dfp != NULL) 520 { 521 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 522 e->e_dfp = NULL; 523 } 524 (void) xunlink(queuename(e, DATAFL_LETTER)); 525 } 526 if (panic && QueueMode == QM_LOST) 527 { 528 /* 529 ** leave the Qf file behind as 530 ** the delivery attempt failed. 531 */ 532 533 /* EMPTY */ 534 } 535 else 536 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0) 537 { 538 /* add to available space in filesystem */ 539 updfs(e, -1, panic ? 0 : -1, "dropenvelope"); 540 } 541 542 if (e->e_ntries > 0 && LogLevel > 9) 543 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d", 544 pintvl(curtime() - e->e_ctime, true), 545 e->e_ntries); 546 } 547 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 548 { 549 if (!split) 550 queueup(e, false, true); 551 else 552 { 553 ENVELOPE *oldsib; 554 ENVELOPE *ee; 555 556 /* 557 ** Save old sibling and set it to NULL to avoid 558 ** queueing up the same envelopes again. 559 ** This requires that envelopes in that list have 560 ** been take care of before (or at some other place). 561 */ 562 563 oldsib = e->e_sibling; 564 e->e_sibling = NULL; 565 if (!split_by_recipient(e) && 566 bitset(EF_FATALERRS, e->e_flags)) 567 { 568 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%d", 569 e->e_id, queuename(e, DATAFL_LETTER), 570 (int) geteuid()); 571 } 572 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 573 queueup(ee, false, true); 574 queueup(e, false, true); 575 576 /* clean up */ 577 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 578 { 579 /* now unlock the job */ 580 if (tTd(50, 8)) 581 sm_dprintf("dropenvelope(%s): unlocking job\n", 582 ee->e_id); 583 closexscript(ee); 584 unlockqueue(ee); 585 586 /* this envelope is marked unused */ 587 if (ee->e_dfp != NULL) 588 { 589 (void) sm_io_close(ee->e_dfp, 590 SM_TIME_DEFAULT); 591 ee->e_dfp = NULL; 592 } 593 ee->e_id = NULL; 594 ee->e_flags &= ~EF_HAS_DF; 595 } 596 e->e_sibling = oldsib; 597 } 598 } 599 600 /* now unlock the job */ 601 if (tTd(50, 8)) 602 sm_dprintf("dropenvelope(%s): unlocking job\n", id); 603 closexscript(e); 604 unlockqueue(e); 605 606 /* make sure that this envelope is marked unused */ 607 if (e->e_dfp != NULL) 608 { 609 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 610 e->e_dfp = NULL; 611 } 612 e->e_id = NULL; 613 e->e_flags &= ~EF_HAS_DF; 614 } 615 /* 616 ** CLEARENVELOPE -- clear an envelope without unlocking 617 ** 618 ** This is normally used by a child process to get a clean 619 ** envelope without disturbing the parent. 620 ** 621 ** Parameters: 622 ** e -- the envelope to clear. 623 ** fullclear - if set, the current envelope is total 624 ** garbage and should be ignored; otherwise, 625 ** release any resources it may indicate. 626 ** rpool -- either NULL, or a pointer to a resource pool 627 ** from which envelope memory is allocated, and 628 ** to which envelope resources are attached. 629 ** 630 ** Returns: 631 ** none. 632 ** 633 ** Side Effects: 634 ** Closes files associated with the envelope. 635 ** Marks the envelope as unallocated. 636 */ 637 638 void 639 clearenvelope(e, fullclear, rpool) 640 register ENVELOPE *e; 641 bool fullclear; 642 SM_RPOOL_T *rpool; 643 { 644 register HDR *bh; 645 register HDR **nhp; 646 extern ENVELOPE BlankEnvelope; 647 char **p; 648 649 if (!fullclear) 650 { 651 /* clear out any file information */ 652 if (e->e_xfp != NULL) 653 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 654 if (e->e_dfp != NULL) 655 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 656 e->e_xfp = e->e_dfp = NULL; 657 } 658 659 /* 660 ** Copy BlankEnvelope into *e. 661 ** It is not safe to simply copy pointers to strings; 662 ** the strings themselves must be copied (or set to NULL). 663 ** The problem is that when we assign a new string value to 664 ** a member of BlankEnvelope, we free the old string. 665 ** We did not need to do this copying in sendmail 8.11 :-( 666 ** and it is a potential performance hit. Reference counted 667 ** strings are one way out. 668 */ 669 670 *e = BlankEnvelope; 671 e->e_message = NULL; 672 e->e_qfletter = '\0'; 673 e->e_quarmsg = NULL; 674 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), ""); 675 676 /* 677 ** Copy the macro table. 678 ** We might be able to avoid this by zeroing the macro table 679 ** and always searching BlankEnvelope.e_macro after e->e_macro 680 ** in macvalue(). 681 */ 682 683 for (p = &e->e_macro.mac_table[0]; 684 p <= &e->e_macro.mac_table[MAXMACROID]; 685 ++p) 686 { 687 if (*p != NULL) 688 *p = sm_rpool_strdup_x(rpool, *p); 689 } 690 691 /* 692 ** XXX There are many strings in the envelope structure 693 ** XXX that we are not attempting to copy here. 694 ** XXX Investigate this further. 695 */ 696 697 e->e_rpool = rpool; 698 e->e_macro.mac_rpool = rpool; 699 if (Verbose) 700 set_delivery_mode(SM_DELIVER, e); 701 bh = BlankEnvelope.e_header; 702 nhp = &e->e_header; 703 while (bh != NULL) 704 { 705 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof(*bh)); 706 memmove((char *) *nhp, (char *) bh, sizeof(*bh)); 707 bh = bh->h_link; 708 nhp = &(*nhp)->h_link; 709 } 710 } 711 /* 712 ** INITSYS -- initialize instantiation of system 713 ** 714 ** In Daemon mode, this is done in the child. 715 ** 716 ** Parameters: 717 ** e -- the envelope to use. 718 ** 719 ** Returns: 720 ** none. 721 ** 722 ** Side Effects: 723 ** Initializes the system macros, some global variables, 724 ** etc. In particular, the current time in various 725 ** forms is set. 726 */ 727 728 void 729 initsys(e) 730 register ENVELOPE *e; 731 { 732 char buf[10]; 733 #ifdef TTYNAME 734 static char ybuf[60]; /* holds tty id */ 735 register char *p; 736 extern char *ttyname(); 737 #endif /* TTYNAME */ 738 739 /* 740 ** Give this envelope a reality. 741 ** I.e., an id, a transcript, and a creation time. 742 ** We don't select the queue until all of the recipients are known. 743 */ 744 745 openxscript(e); 746 e->e_ctime = curtime(); 747 e->e_qfletter = '\0'; 748 749 /* 750 ** Set OutChannel to something useful if stdout isn't it. 751 ** This arranges that any extra stuff the mailer produces 752 ** gets sent back to the user on error (because it is 753 ** tucked away in the transcript). 754 */ 755 756 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) && 757 e->e_xfp != NULL) 758 OutChannel = e->e_xfp; 759 760 /* 761 ** Set up some basic system macros. 762 */ 763 764 /* process id */ 765 (void) sm_snprintf(buf, sizeof(buf), "%d", (int) CurrentPid); 766 macdefine(&e->e_macro, A_TEMP, 'p', buf); 767 768 /* hop count */ 769 (void) sm_snprintf(buf, sizeof(buf), "%d", e->e_hopcount); 770 macdefine(&e->e_macro, A_TEMP, 'c', buf); 771 772 /* time as integer, unix time, arpa time */ 773 settime(e); 774 775 /* Load average */ 776 sm_getla(); 777 778 #ifdef TTYNAME 779 /* tty name */ 780 if (macvalue('y', e) == NULL) 781 { 782 p = ttyname(2); 783 if (p != NULL) 784 { 785 if (strrchr(p, '/') != NULL) 786 p = strrchr(p, '/') + 1; 787 (void) sm_strlcpy(ybuf, sizeof(ybuf), p); 788 macdefine(&e->e_macro, A_PERM, 'y', ybuf); 789 } 790 } 791 #endif /* TTYNAME */ 792 } 793 /* 794 ** SETTIME -- set the current time. 795 ** 796 ** Parameters: 797 ** e -- the envelope in which the macros should be set. 798 ** 799 ** Returns: 800 ** none. 801 ** 802 ** Side Effects: 803 ** Sets the various time macros -- $a, $b, $d, $t. 804 */ 805 806 void 807 settime(e) 808 register ENVELOPE *e; 809 { 810 register char *p; 811 auto time_t now; 812 char buf[30]; 813 register struct tm *tm; 814 815 now = curtime(); 816 (void) sm_snprintf(buf, sizeof(buf), "%ld", (long) now); 817 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf); 818 tm = gmtime(&now); 819 (void) sm_snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d", 820 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 821 tm->tm_hour, tm->tm_min); 822 macdefine(&e->e_macro, A_TEMP, 't', buf); 823 (void) sm_strlcpy(buf, ctime(&now), sizeof(buf)); 824 p = strchr(buf, '\n'); 825 if (p != NULL) 826 *p = '\0'; 827 macdefine(&e->e_macro, A_TEMP, 'd', buf); 828 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf)); 829 if (macvalue('a', e) == NULL) 830 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e)); 831 } 832 /* 833 ** OPENXSCRIPT -- Open transcript file 834 ** 835 ** Creates a transcript file for possible eventual mailing or 836 ** sending back. 837 ** 838 ** Parameters: 839 ** e -- the envelope to create the transcript in/for. 840 ** 841 ** Returns: 842 ** none 843 ** 844 ** Side Effects: 845 ** Creates the transcript file. 846 */ 847 848 #ifndef O_APPEND 849 # define O_APPEND 0 850 #endif /* ! O_APPEND */ 851 852 void 853 openxscript(e) 854 register ENVELOPE *e; 855 { 856 register char *p; 857 858 if (e->e_xfp != NULL) 859 return; 860 861 #if 0 862 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags)) 863 syserr("openxscript: job not locked"); 864 #endif /* 0 */ 865 866 p = queuename(e, XSCRPT_LETTER); 867 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize, 868 SFF_NOTEXCL|SFF_OPENASROOT); 869 870 if (e->e_xfp == NULL) 871 { 872 syserr("Can't create transcript file %s", p); 873 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, 874 SM_PATH_DEVNULL, SM_IO_RDWR, NULL); 875 if (e->e_xfp == NULL) 876 syserr("!Can't open %s", SM_PATH_DEVNULL); 877 } 878 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0); 879 if (tTd(46, 9)) 880 { 881 sm_dprintf("openxscript(%s):\n ", p); 882 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true, 883 false); 884 } 885 } 886 /* 887 ** CLOSEXSCRIPT -- close the transcript file. 888 ** 889 ** Parameters: 890 ** e -- the envelope containing the transcript to close. 891 ** 892 ** Returns: 893 ** none. 894 ** 895 ** Side Effects: 896 ** none. 897 */ 898 899 void 900 closexscript(e) 901 register ENVELOPE *e; 902 { 903 if (e->e_xfp == NULL) 904 return; 905 #if 0 906 if (e->e_lockfp == NULL) 907 syserr("closexscript: job not locked"); 908 #endif /* 0 */ 909 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 910 e->e_xfp = NULL; 911 } 912 /* 913 ** SETSENDER -- set the person who this message is from 914 ** 915 ** Under certain circumstances allow the user to say who 916 ** s/he is (using -f or -r). These are: 917 ** 1. The user's uid is zero (root). 918 ** 2. The user's login name is in an approved list (typically 919 ** from a network server). 920 ** 3. The address the user is trying to claim has a 921 ** "!" character in it (since #2 doesn't do it for 922 ** us if we are dialing out for UUCP). 923 ** A better check to replace #3 would be if the 924 ** effective uid is "UUCP" -- this would require me 925 ** to rewrite getpwent to "grab" uucp as it went by, 926 ** make getname more nasty, do another passwd file 927 ** scan, or compile the UID of "UUCP" into the code, 928 ** all of which are reprehensible. 929 ** 930 ** Assuming all of these fail, we figure out something 931 ** ourselves. 932 ** 933 ** Parameters: 934 ** from -- the person we would like to believe this message 935 ** is from, as specified on the command line. 936 ** e -- the envelope in which we would like the sender set. 937 ** delimptr -- if non-NULL, set to the location of the 938 ** trailing delimiter. 939 ** delimchar -- the character that will delimit the sender 940 ** address. 941 ** internal -- set if this address is coming from an internal 942 ** source such as an owner alias. 943 ** 944 ** Returns: 945 ** none. 946 ** 947 ** Side Effects: 948 ** sets sendmail's notion of who the from person is. 949 */ 950 951 void 952 setsender(from, e, delimptr, delimchar, internal) 953 char *from; 954 register ENVELOPE *e; 955 char **delimptr; 956 int delimchar; 957 bool internal; 958 { 959 register char **pvp; 960 char *realname = NULL; 961 char *bp; 962 char buf[MAXNAME + 2]; 963 char pvpbuf[PSBUFSIZE]; 964 extern char *FullName; 965 966 if (tTd(45, 1)) 967 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from); 968 969 /* may be set from earlier calls */ 970 macdefine(&e->e_macro, A_PERM, 'x', ""); 971 972 /* 973 ** Figure out the real user executing us. 974 ** Username can return errno != 0 on non-errors. 975 */ 976 977 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP || 978 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON) 979 realname = from; 980 if (realname == NULL || realname[0] == '\0') 981 realname = username(); 982 983 if (ConfigLevel < 2) 984 SuprErrs = true; 985 986 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 987 988 /* preset state for then clause in case from == NULL */ 989 e->e_from.q_state = QS_BADADDR; 990 e->e_from.q_flags = 0; 991 if (from == NULL || 992 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR, 993 delimchar, delimptr, e, false) == NULL || 994 QS_IS_BADADDR(e->e_from.q_state) || 995 e->e_from.q_mailer == ProgMailer || 996 e->e_from.q_mailer == FileMailer || 997 e->e_from.q_mailer == InclMailer) 998 { 999 /* log garbage addresses for traceback */ 1000 if (from != NULL && LogLevel > 2) 1001 { 1002 char *p; 1003 char ebuf[MAXNAME * 2 + 2]; 1004 1005 p = macvalue('_', e); 1006 if (p == NULL) 1007 { 1008 char *host = RealHostName; 1009 1010 if (host == NULL) 1011 host = MyHostName; 1012 (void) sm_snprintf(ebuf, sizeof(ebuf), 1013 "%.*s@%.*s", MAXNAME, 1014 realname, MAXNAME, host); 1015 p = ebuf; 1016 } 1017 sm_syslog(LOG_NOTICE, e->e_id, 1018 "setsender: %s: invalid or unparsable, received from %s", 1019 shortenstring(from, 83), p); 1020 } 1021 if (from != NULL) 1022 { 1023 if (!QS_IS_BADADDR(e->e_from.q_state)) 1024 { 1025 /* it was a bogus mailer in the from addr */ 1026 e->e_status = "5.1.7"; 1027 usrerrenh(e->e_status, 1028 "553 Invalid sender address"); 1029 } 1030 SuprErrs = true; 1031 } 1032 if (from == realname || 1033 parseaddr(from = realname, 1034 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ', 1035 NULL, e, false) == NULL) 1036 { 1037 char nbuf[100]; 1038 1039 SuprErrs = true; 1040 expand("\201n", nbuf, sizeof(nbuf), e); 1041 from = sm_rpool_strdup_x(e->e_rpool, nbuf); 1042 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ', 1043 NULL, e, false) == NULL && 1044 parseaddr(from = "postmaster", &e->e_from, 1045 RF_COPYALL, ' ', NULL, e, false) == NULL) 1046 syserr("553 5.3.0 setsender: can't even parse postmaster!"); 1047 } 1048 } 1049 else 1050 FromFlag = true; 1051 e->e_from.q_state = QS_SENDER; 1052 if (tTd(45, 5)) 1053 { 1054 sm_dprintf("setsender: QS_SENDER "); 1055 printaddr(sm_debug_file(), &e->e_from, false); 1056 } 1057 SuprErrs = false; 1058 1059 #if USERDB 1060 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags)) 1061 { 1062 register char *p; 1063 1064 p = udbsender(e->e_from.q_user, e->e_rpool); 1065 if (p != NULL) 1066 from = p; 1067 } 1068 #endif /* USERDB */ 1069 1070 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags)) 1071 { 1072 SM_MBDB_T user; 1073 1074 if (!internal) 1075 { 1076 /* if the user already given fullname don't redefine */ 1077 if (FullName == NULL) 1078 FullName = macvalue('x', e); 1079 if (FullName != NULL) 1080 { 1081 if (FullName[0] == '\0') 1082 FullName = NULL; 1083 else 1084 FullName = newstr(FullName); 1085 } 1086 } 1087 1088 if (e->e_from.q_user[0] != '\0' && 1089 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK) 1090 { 1091 /* 1092 ** Process passwd file entry. 1093 */ 1094 1095 /* extract home directory */ 1096 if (*user.mbdb_homedir == '\0') 1097 e->e_from.q_home = NULL; 1098 else if (strcmp(user.mbdb_homedir, "/") == 0) 1099 e->e_from.q_home = ""; 1100 else 1101 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool, 1102 user.mbdb_homedir); 1103 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home); 1104 1105 /* extract user and group id */ 1106 if (user.mbdb_uid != SM_NO_UID) 1107 { 1108 e->e_from.q_uid = user.mbdb_uid; 1109 e->e_from.q_gid = user.mbdb_gid; 1110 e->e_from.q_flags |= QGOODUID; 1111 } 1112 1113 /* extract full name from passwd file */ 1114 if (FullName == NULL && !internal && 1115 user.mbdb_fullname[0] != '\0' && 1116 strcmp(user.mbdb_name, e->e_from.q_user) == 0) 1117 { 1118 FullName = newstr(user.mbdb_fullname); 1119 } 1120 } 1121 else 1122 { 1123 e->e_from.q_home = NULL; 1124 } 1125 if (FullName != NULL && !internal) 1126 macdefine(&e->e_macro, A_TEMP, 'x', FullName); 1127 } 1128 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP) 1129 { 1130 if (e->e_from.q_home == NULL) 1131 { 1132 e->e_from.q_home = getenv("HOME"); 1133 if (e->e_from.q_home != NULL) 1134 { 1135 if (*e->e_from.q_home == '\0') 1136 e->e_from.q_home = NULL; 1137 else if (strcmp(e->e_from.q_home, "/") == 0) 1138 e->e_from.q_home++; 1139 } 1140 } 1141 e->e_from.q_uid = RealUid; 1142 e->e_from.q_gid = RealGid; 1143 e->e_from.q_flags |= QGOODUID; 1144 } 1145 1146 /* 1147 ** Rewrite the from person to dispose of possible implicit 1148 ** links in the net. 1149 */ 1150 1151 pvp = prescan(from, delimchar, pvpbuf, sizeof(pvpbuf), NULL, 1152 IntTokenTab, false); 1153 if (pvp == NULL) 1154 { 1155 /* don't need to give error -- prescan did that already */ 1156 if (LogLevel > 2) 1157 sm_syslog(LOG_NOTICE, e->e_id, 1158 "cannot prescan from (%s)", 1159 shortenstring(from, MAXSHORTSTR)); 1160 finis(true, true, ExitStat); 1161 } 1162 (void) REWRITE(pvp, 3, e); 1163 (void) REWRITE(pvp, 1, e); 1164 (void) REWRITE(pvp, 4, e); 1165 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1166 bp = buf + 1; 1167 cataddr(pvp, NULL, bp, sizeof(buf) - 2, '\0', false); 1168 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags)) 1169 { 1170 /* heuristic: route-addr: add angle brackets */ 1171 (void) sm_strlcat(bp, ">", sizeof(buf) - 1); 1172 *--bp = '<'; 1173 } 1174 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp); 1175 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender); 1176 1177 /* save the domain spec if this mailer wants it */ 1178 if (e->e_from.q_mailer != NULL && 1179 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags)) 1180 { 1181 char **lastat; 1182 1183 /* get rid of any pesky angle brackets */ 1184 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 1185 (void) REWRITE(pvp, 3, e); 1186 (void) REWRITE(pvp, 1, e); 1187 (void) REWRITE(pvp, 4, e); 1188 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1189 1190 /* strip off to the last "@" sign */ 1191 for (lastat = NULL; *pvp != NULL; pvp++) 1192 { 1193 if (strcmp(*pvp, "@") == 0) 1194 lastat = pvp; 1195 } 1196 if (lastat != NULL) 1197 { 1198 e->e_fromdomain = copyplist(lastat, true, e->e_rpool); 1199 if (tTd(45, 3)) 1200 { 1201 sm_dprintf("Saving from domain: "); 1202 printav(sm_debug_file(), e->e_fromdomain); 1203 } 1204 } 1205 } 1206 } 1207 /* 1208 ** PRINTENVFLAGS -- print envelope flags for debugging 1209 ** 1210 ** Parameters: 1211 ** e -- the envelope with the flags to be printed. 1212 ** 1213 ** Returns: 1214 ** none. 1215 */ 1216 1217 struct eflags 1218 { 1219 char *ef_name; 1220 unsigned long ef_bit; 1221 }; 1222 1223 static struct eflags EnvelopeFlags[] = 1224 { 1225 { "OLDSTYLE", EF_OLDSTYLE }, 1226 { "INQUEUE", EF_INQUEUE }, 1227 { "NO_BODY_RETN", EF_NO_BODY_RETN }, 1228 { "CLRQUEUE", EF_CLRQUEUE }, 1229 { "SENDRECEIPT", EF_SENDRECEIPT }, 1230 { "FATALERRS", EF_FATALERRS }, 1231 { "DELETE_BCC", EF_DELETE_BCC }, 1232 { "RESPONSE", EF_RESPONSE }, 1233 { "RESENT", EF_RESENT }, 1234 { "VRFYONLY", EF_VRFYONLY }, 1235 { "WARNING", EF_WARNING }, 1236 { "QUEUERUN", EF_QUEUERUN }, 1237 { "GLOBALERRS", EF_GLOBALERRS }, 1238 { "PM_NOTIFY", EF_PM_NOTIFY }, 1239 { "METOO", EF_METOO }, 1240 { "LOGSENDER", EF_LOGSENDER }, 1241 { "NORECEIPT", EF_NORECEIPT }, 1242 { "HAS8BIT", EF_HAS8BIT }, 1243 { "NL_NOT_EOL", EF_NL_NOT_EOL }, 1244 { "CRLF_NOT_EOL", EF_CRLF_NOT_EOL }, 1245 { "RET_PARAM", EF_RET_PARAM }, 1246 { "HAS_DF", EF_HAS_DF }, 1247 { "IS_MIME", EF_IS_MIME }, 1248 { "DONT_MIME", EF_DONT_MIME }, 1249 { "DISCARD", EF_DISCARD }, 1250 { "TOOBIG", EF_TOOBIG }, 1251 { "SPLIT", EF_SPLIT }, 1252 { "UNSAFE", EF_UNSAFE }, 1253 { NULL, 0 } 1254 }; 1255 1256 void 1257 printenvflags(e) 1258 register ENVELOPE *e; 1259 { 1260 register struct eflags *ef; 1261 bool first = true; 1262 1263 sm_dprintf("%lx", e->e_flags); 1264 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++) 1265 { 1266 if (!bitset(ef->ef_bit, e->e_flags)) 1267 continue; 1268 if (first) 1269 sm_dprintf("<%s", ef->ef_name); 1270 else 1271 sm_dprintf(",%s", ef->ef_name); 1272 first = false; 1273 } 1274 if (!first) 1275 sm_dprintf(">\n"); 1276 } 1277