1 /* 2 * Copyright (c) 1998-2003, 2006 Sendmail, Inc. and its suppliers. 3 * All rights reserved. 4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. 5 * Copyright (c) 1988, 1993 6 * The Regents of the University of California. All rights reserved. 7 * 8 * By using this file, you agree to the terms and conditions set 9 * forth in the LICENSE file which can be found at the top level of 10 * the sendmail distribution. 11 * 12 */ 13 14 #pragma ident "%Z%%M% %I% %E% SMI" 15 16 #include <sendmail.h> 17 18 SM_RCSID("@(#)$Id: envelope.c,v 8.305 2008/03/31 16:32:13 ca Exp $") 19 20 /* 21 ** CLRSESSENVELOPE -- clear session oriented data in an envelope 22 ** 23 ** Parameters: 24 ** e -- the envelope to clear. 25 ** 26 ** Returns: 27 ** none. 28 */ 29 30 void 31 clrsessenvelope(e) 32 ENVELOPE *e; 33 { 34 #if SASL 35 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), ""); 36 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), ""); 37 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), ""); 38 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), ""); 39 #endif /* SASL */ 40 #if STARTTLS 41 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), ""); 42 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), ""); 43 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), ""); 44 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), ""); 45 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), ""); 46 macdefine(&e->e_macro, A_PERM, macid("{verify}"), ""); 47 # if _FFR_TLS_1 48 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), ""); 49 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), ""); 50 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), ""); 51 # endif /* _FFR_TLS_1 */ 52 #endif /* STARTTLS */ 53 } 54 55 /* 56 ** NEWENVELOPE -- fill in a new envelope 57 ** 58 ** Supports inheritance. 59 ** 60 ** Parameters: 61 ** e -- the new envelope to fill in. 62 ** parent -- the envelope to be the parent of e. 63 ** rpool -- either NULL, or a pointer to a resource pool 64 ** from which envelope memory is allocated, and 65 ** to which envelope resources are attached. 66 ** 67 ** Returns: 68 ** e. 69 ** 70 ** Side Effects: 71 ** none. 72 */ 73 74 ENVELOPE * 75 newenvelope(e, parent, rpool) 76 register ENVELOPE *e; 77 register ENVELOPE *parent; 78 SM_RPOOL_T *rpool; 79 { 80 int sendmode; 81 82 /* 83 ** This code used to read: 84 ** if (e == parent && e->e_parent != NULL) 85 ** parent = e->e_parent; 86 ** So if e == parent && e->e_parent == NULL then we would 87 ** set e->e_parent = e, which creates a loop in the e_parent chain. 88 ** This meant macvalue() could go into an infinite loop. 89 */ 90 91 if (parent != NULL) 92 sendmode = parent->e_sendmode; 93 else 94 sendmode = DM_NOTSET; 95 96 if (e == parent) 97 parent = e->e_parent; 98 clearenvelope(e, true, rpool); 99 if (e == CurEnv) 100 memmove((char *) &e->e_from, 101 (char *) &NullAddress, 102 sizeof(e->e_from)); 103 else 104 memmove((char *) &e->e_from, 105 (char *) &CurEnv->e_from, 106 sizeof(e->e_from)); 107 e->e_parent = parent; 108 assign_queueid(e); 109 e->e_ctime = curtime(); 110 #if _FFR_SESSID 111 e->e_sessid = e->e_id; 112 #endif /* _FFR_SESSID */ 113 if (parent != NULL) 114 { 115 e->e_msgpriority = parent->e_msgsize; 116 #if _FFR_SESSID 117 if (parent->e_sessid != NULL) 118 e->e_sessid = sm_rpool_strdup_x(rpool, 119 parent->e_sessid); 120 #endif /* _FFR_SESSID */ 121 122 if (parent->e_quarmsg == NULL) 123 { 124 e->e_quarmsg = NULL; 125 macdefine(&e->e_macro, A_PERM, 126 macid("{quarantine}"), ""); 127 } 128 else 129 { 130 e->e_quarmsg = sm_rpool_strdup_x(rpool, 131 parent->e_quarmsg); 132 macdefine(&e->e_macro, A_PERM, 133 macid("{quarantine}"), e->e_quarmsg); 134 } 135 } 136 e->e_puthdr = putheader; 137 e->e_putbody = putbody; 138 if (CurEnv->e_xfp != NULL) 139 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT); 140 if (sendmode != DM_NOTSET) 141 set_delivery_mode(sendmode, e); 142 143 return e; 144 } 145 146 /* values for msg_timeout, see also IS_* below for usage (bit layout) */ 147 #define MSG_T_O 0x01 /* normal timeout */ 148 #define MSG_T_O_NOW 0x02 /* NOW timeout */ 149 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */ 150 #define MSG_WARN 0x10 /* normal queue warning */ 151 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */ 152 153 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */ 154 155 /* immediate return */ 156 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0) 157 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */ 158 159 /* 160 ** DROPENVELOPE -- deallocate an envelope. 161 ** 162 ** Parameters: 163 ** e -- the envelope to deallocate. 164 ** fulldrop -- if set, do return receipts. 165 ** split -- if true, split by recipient if message is queued up 166 ** 167 ** Returns: 168 ** none. 169 ** 170 ** Side Effects: 171 ** housekeeping necessary to dispose of an envelope. 172 ** Unlocks this queue file. 173 */ 174 175 void 176 dropenvelope(e, fulldrop, split) 177 register ENVELOPE *e; 178 bool fulldrop; 179 bool split; 180 { 181 bool panic = false; 182 bool queueit = false; 183 int msg_timeout = 0; 184 bool failure_return = false; 185 bool delay_return = false; 186 bool success_return = false; 187 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags); 188 bool done = false; 189 register ADDRESS *q; 190 char *id = e->e_id; 191 time_t now; 192 char buf[MAXLINE]; 193 194 if (tTd(50, 1)) 195 { 196 sm_dprintf("dropenvelope %p: id=", e); 197 xputs(sm_debug_file(), e->e_id); 198 sm_dprintf(", flags="); 199 printenvflags(e); 200 if (tTd(50, 10)) 201 { 202 sm_dprintf("sendq="); 203 printaddr(sm_debug_file(), e->e_sendqueue, true); 204 } 205 } 206 207 if (LogLevel > 84) 208 sm_syslog(LOG_DEBUG, id, 209 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d", 210 e->e_flags, OpMode, (int) CurrentPid); 211 212 /* we must have an id to remove disk files */ 213 if (id == NULL) 214 return; 215 216 /* if verify-only mode, we can skip most of this */ 217 if (OpMode == MD_VERIFY) 218 goto simpledrop; 219 220 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags)) 221 logsender(e, NULL); 222 e->e_flags &= ~EF_LOGSENDER; 223 224 /* post statistics */ 225 poststats(StatFile); 226 227 /* 228 ** Extract state information from dregs of send list. 229 */ 230 231 now = curtime(); 232 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass]) 233 msg_timeout = MSG_T_O; 234 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 && 235 now >= e->e_ctime + e->e_deliver_by && 236 !bitset(EF_RESPONSE, e->e_flags)) 237 { 238 msg_timeout = MSG_NOT_BY; 239 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 240 } 241 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW && 242 !bitset(EF_RESPONSE, e->e_flags)) 243 { 244 msg_timeout = MSG_T_O_NOW; 245 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE; 246 } 247 248 e->e_flags &= ~EF_QUEUERUN; 249 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 250 { 251 if (QS_IS_UNDELIVERED(q->q_state)) 252 queueit = true; 253 254 /* see if a notification is needed */ 255 if (bitset(QPINGONFAILURE, q->q_flags) && 256 ((IS_MSG_ERR(msg_timeout) && 257 QS_IS_UNDELIVERED(q->q_state)) || 258 QS_IS_BADADDR(q->q_state) || 259 IS_IMM_RET(msg_timeout))) 260 { 261 failure_return = true; 262 if (!done && q->q_owner == NULL && 263 !emptyaddr(&e->e_from)) 264 { 265 (void) sendtolist(e->e_from.q_paddr, NULLADDR, 266 &e->e_errorqueue, 0, e); 267 done = true; 268 } 269 } 270 else if ((bitset(QPINGONSUCCESS, q->q_flags) && 271 ((QS_IS_SENT(q->q_state) && 272 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) || 273 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) || 274 bitset(QBYTRACE, q->q_flags) || 275 bitset(QBYNRELAY, q->q_flags)) 276 { 277 success_return = true; 278 } 279 } 280 281 if (e->e_class < 0) 282 e->e_flags |= EF_NO_BODY_RETN; 283 284 /* 285 ** See if the message timed out. 286 */ 287 288 if (!queueit) 289 /* EMPTY */ 290 /* nothing to do */ ; 291 else if (IS_MSG_ERR(msg_timeout)) 292 { 293 if (failure_return) 294 { 295 if (msg_timeout == MSG_NOT_BY) 296 { 297 (void) sm_snprintf(buf, sizeof(buf), 298 "delivery time expired %lds", 299 e->e_deliver_by); 300 } 301 else 302 { 303 (void) sm_snprintf(buf, sizeof(buf), 304 "Cannot send message for %s", 305 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 306 false)); 307 } 308 309 /* don't free, allocated from e_rpool */ 310 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf); 311 message(buf); 312 e->e_flags |= EF_CLRQUEUE; 313 } 314 if (msg_timeout == MSG_NOT_BY) 315 { 316 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 317 "Delivery time (%lds) expired\n", 318 e->e_deliver_by); 319 } 320 else 321 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 322 "Message could not be delivered for %s\n", 323 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 324 false)); 325 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 326 "Message will be deleted from queue\n"); 327 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 328 { 329 if (QS_IS_UNDELIVERED(q->q_state)) 330 { 331 q->q_state = QS_BADADDR; 332 if (msg_timeout == MSG_NOT_BY) 333 q->q_status = "5.4.7"; 334 else 335 q->q_status = "4.4.7"; 336 } 337 } 338 } 339 else 340 { 341 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 && 342 now >= e->e_ctime + 343 TimeOuts.to_q_warning[e->e_timeoutclass]) 344 msg_timeout = MSG_WARN; 345 else if (IS_DLVR_NOTIFY(e) && 346 e->e_deliver_by > 0 && 347 now >= e->e_ctime + e->e_deliver_by) 348 msg_timeout = MSG_WARN_BY; 349 350 if (IS_MSG_WARN(msg_timeout)) 351 { 352 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) && 353 e->e_class >= 0 && 354 e->e_from.q_paddr != NULL && 355 strcmp(e->e_from.q_paddr, "<>") != 0 && 356 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 && 357 (strlen(e->e_from.q_paddr) <= 8 || 358 sm_strcasecmp(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8], 359 "-request") != 0)) 360 { 361 for (q = e->e_sendqueue; q != NULL; 362 q = q->q_next) 363 { 364 if (QS_IS_UNDELIVERED(q->q_state) 365 #if _FFR_NODELAYDSN_ON_HOLD 366 && !bitnset(M_HOLD, 367 q->q_mailer->m_flags) 368 #endif /* _FFR_NODELAYDSN_ON_HOLD */ 369 ) 370 { 371 if (msg_timeout == 372 MSG_WARN_BY && 373 (bitset(QPINGONDELAY, 374 q->q_flags) || 375 !bitset(QHASNOTIFY, 376 q->q_flags)) 377 ) 378 { 379 q->q_flags |= QBYNDELAY; 380 delay_return = true; 381 } 382 if (bitset(QPINGONDELAY, 383 q->q_flags)) 384 { 385 q->q_flags |= QDELAYED; 386 delay_return = true; 387 } 388 } 389 } 390 } 391 if (delay_return) 392 { 393 if (msg_timeout == MSG_WARN_BY) 394 { 395 (void) sm_snprintf(buf, sizeof(buf), 396 "Warning: Delivery time (%lds) exceeded", 397 e->e_deliver_by); 398 } 399 else 400 (void) sm_snprintf(buf, sizeof(buf), 401 "Warning: could not send message for past %s", 402 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 403 false)); 404 405 /* don't free, allocated from e_rpool */ 406 e->e_message = sm_rpool_strdup_x(e->e_rpool, 407 buf); 408 message(buf); 409 e->e_flags |= EF_WARNING; 410 } 411 if (msg_timeout == MSG_WARN_BY) 412 { 413 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 414 "Warning: Delivery time (%lds) exceeded\n", 415 e->e_deliver_by); 416 } 417 else 418 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 419 "Warning: message still undelivered after %s\n", 420 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass], 421 false)); 422 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT, 423 "Will keep trying until message is %s old\n", 424 pintvl(TimeOuts.to_q_return[e->e_timeoutclass], 425 false)); 426 } 427 } 428 429 if (tTd(50, 2)) 430 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n", 431 failure_return, delay_return, success_return, queueit); 432 433 /* 434 ** If we had some fatal error, but no addresses are marked as 435 ** bad, mark them _all_ as bad. 436 */ 437 438 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return) 439 { 440 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 441 { 442 if ((QS_IS_OK(q->q_state) || 443 QS_IS_VERIFIED(q->q_state)) && 444 bitset(QPINGONFAILURE, q->q_flags)) 445 { 446 failure_return = true; 447 q->q_state = QS_BADADDR; 448 } 449 } 450 } 451 452 /* 453 ** Send back return receipts as requested. 454 */ 455 456 if (success_return && !failure_return && !delay_return && fulldrop && 457 !bitset(PRIV_NORECEIPTS, PrivacyFlags) && 458 strcmp(e->e_from.q_paddr, "<>") != 0) 459 { 460 auto ADDRESS *rlist = NULL; 461 462 if (tTd(50, 8)) 463 sm_dprintf("dropenvelope(%s): sending return receipt\n", 464 id); 465 e->e_flags |= EF_SENDRECEIPT; 466 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e); 467 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e); 468 } 469 e->e_flags &= ~EF_SENDRECEIPT; 470 471 /* 472 ** Arrange to send error messages if there are fatal errors. 473 */ 474 475 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET) 476 { 477 if (tTd(50, 8)) 478 sm_dprintf("dropenvelope(%s): saving mail\n", id); 479 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags)); 480 } 481 482 /* 483 ** Arrange to send warning messages to postmaster as requested. 484 */ 485 486 if ((failure_return || pmnotify) && 487 PostMasterCopy != NULL && 488 !bitset(EF_RESPONSE, e->e_flags) && 489 e->e_class >= 0) 490 { 491 auto ADDRESS *rlist = NULL; 492 char pcopy[MAXNAME]; 493 494 if (failure_return) 495 { 496 expand(PostMasterCopy, pcopy, sizeof(pcopy), e); 497 498 if (tTd(50, 8)) 499 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n", 500 id, pcopy); 501 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e); 502 } 503 if (pmnotify) 504 (void) sendtolist("postmaster", NULLADDR, 505 &rlist, 0, e); 506 (void) returntosender(e->e_message, rlist, 507 RTSF_PM_BOUNCE|RTSF_NO_BODY, e); 508 } 509 510 /* 511 ** Instantiate or deinstantiate the queue. 512 */ 513 514 simpledrop: 515 if (tTd(50, 8)) 516 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n", 517 id, queueit); 518 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags)) 519 { 520 if (tTd(50, 1)) 521 { 522 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=", 523 e->e_id, queueit); 524 printenvflags(e); 525 } 526 if (!panic) 527 { 528 if (e->e_dfp != NULL) 529 { 530 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 531 e->e_dfp = NULL; 532 } 533 (void) xunlink(queuename(e, DATAFL_LETTER)); 534 } 535 if (panic && QueueMode == QM_LOST) 536 { 537 /* 538 ** leave the Qf file behind as 539 ** the delivery attempt failed. 540 */ 541 542 /* EMPTY */ 543 } 544 else 545 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0) 546 { 547 /* add to available space in filesystem */ 548 updfs(e, -1, panic ? 0 : -1, "dropenvelope"); 549 } 550 551 if (e->e_ntries > 0 && LogLevel > 9) 552 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d", 553 pintvl(curtime() - e->e_ctime, true), 554 e->e_ntries); 555 } 556 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 557 { 558 if (!split) 559 queueup(e, false, true); 560 else 561 { 562 ENVELOPE *oldsib; 563 ENVELOPE *ee; 564 565 /* 566 ** Save old sibling and set it to NULL to avoid 567 ** queueing up the same envelopes again. 568 ** This requires that envelopes in that list have 569 ** been take care of before (or at some other place). 570 */ 571 572 oldsib = e->e_sibling; 573 e->e_sibling = NULL; 574 if (!split_by_recipient(e) && 575 bitset(EF_FATALERRS, e->e_flags)) 576 { 577 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%d", 578 e->e_id, queuename(e, DATAFL_LETTER), 579 (int) geteuid()); 580 } 581 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 582 queueup(ee, false, true); 583 queueup(e, false, true); 584 585 /* clean up */ 586 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling) 587 { 588 /* now unlock the job */ 589 if (tTd(50, 8)) 590 sm_dprintf("dropenvelope(%s): unlocking job\n", 591 ee->e_id); 592 closexscript(ee); 593 unlockqueue(ee); 594 595 /* this envelope is marked unused */ 596 if (ee->e_dfp != NULL) 597 { 598 (void) sm_io_close(ee->e_dfp, 599 SM_TIME_DEFAULT); 600 ee->e_dfp = NULL; 601 } 602 ee->e_id = NULL; 603 ee->e_flags &= ~EF_HAS_DF; 604 } 605 e->e_sibling = oldsib; 606 } 607 } 608 609 /* now unlock the job */ 610 if (tTd(50, 8)) 611 sm_dprintf("dropenvelope(%s): unlocking job\n", id); 612 closexscript(e); 613 unlockqueue(e); 614 615 /* make sure that this envelope is marked unused */ 616 if (e->e_dfp != NULL) 617 { 618 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 619 e->e_dfp = NULL; 620 } 621 e->e_id = NULL; 622 e->e_flags &= ~EF_HAS_DF; 623 } 624 /* 625 ** CLEARENVELOPE -- clear an envelope without unlocking 626 ** 627 ** This is normally used by a child process to get a clean 628 ** envelope without disturbing the parent. 629 ** 630 ** Parameters: 631 ** e -- the envelope to clear. 632 ** fullclear - if set, the current envelope is total 633 ** garbage and should be ignored; otherwise, 634 ** release any resources it may indicate. 635 ** rpool -- either NULL, or a pointer to a resource pool 636 ** from which envelope memory is allocated, and 637 ** to which envelope resources are attached. 638 ** 639 ** Returns: 640 ** none. 641 ** 642 ** Side Effects: 643 ** Closes files associated with the envelope. 644 ** Marks the envelope as unallocated. 645 */ 646 647 void 648 clearenvelope(e, fullclear, rpool) 649 register ENVELOPE *e; 650 bool fullclear; 651 SM_RPOOL_T *rpool; 652 { 653 register HDR *bh; 654 register HDR **nhp; 655 extern ENVELOPE BlankEnvelope; 656 char **p; 657 658 if (!fullclear) 659 { 660 /* clear out any file information */ 661 if (e->e_xfp != NULL) 662 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 663 if (e->e_dfp != NULL) 664 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); 665 e->e_xfp = e->e_dfp = NULL; 666 } 667 668 /* 669 ** Copy BlankEnvelope into *e. 670 ** It is not safe to simply copy pointers to strings; 671 ** the strings themselves must be copied (or set to NULL). 672 ** The problem is that when we assign a new string value to 673 ** a member of BlankEnvelope, we free the old string. 674 ** We did not need to do this copying in sendmail 8.11 :-( 675 ** and it is a potential performance hit. Reference counted 676 ** strings are one way out. 677 */ 678 679 *e = BlankEnvelope; 680 e->e_message = NULL; 681 e->e_qfletter = '\0'; 682 e->e_quarmsg = NULL; 683 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), ""); 684 685 /* 686 ** Copy the macro table. 687 ** We might be able to avoid this by zeroing the macro table 688 ** and always searching BlankEnvelope.e_macro after e->e_macro 689 ** in macvalue(). 690 */ 691 692 for (p = &e->e_macro.mac_table[0]; 693 p <= &e->e_macro.mac_table[MAXMACROID]; 694 ++p) 695 { 696 if (*p != NULL) 697 *p = sm_rpool_strdup_x(rpool, *p); 698 } 699 700 /* 701 ** XXX There are many strings in the envelope structure 702 ** XXX that we are not attempting to copy here. 703 ** XXX Investigate this further. 704 */ 705 706 e->e_rpool = rpool; 707 e->e_macro.mac_rpool = rpool; 708 if (Verbose) 709 set_delivery_mode(SM_DELIVER, e); 710 bh = BlankEnvelope.e_header; 711 nhp = &e->e_header; 712 while (bh != NULL) 713 { 714 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof(*bh)); 715 memmove((char *) *nhp, (char *) bh, sizeof(*bh)); 716 bh = bh->h_link; 717 nhp = &(*nhp)->h_link; 718 } 719 } 720 /* 721 ** INITSYS -- initialize instantiation of system 722 ** 723 ** In Daemon mode, this is done in the child. 724 ** 725 ** Parameters: 726 ** e -- the envelope to use. 727 ** 728 ** Returns: 729 ** none. 730 ** 731 ** Side Effects: 732 ** Initializes the system macros, some global variables, 733 ** etc. In particular, the current time in various 734 ** forms is set. 735 */ 736 737 void 738 initsys(e) 739 register ENVELOPE *e; 740 { 741 char buf[10]; 742 #ifdef TTYNAME 743 static char ybuf[60]; /* holds tty id */ 744 register char *p; 745 extern char *ttyname(); 746 #endif /* TTYNAME */ 747 748 /* 749 ** Give this envelope a reality. 750 ** I.e., an id, a transcript, and a creation time. 751 ** We don't select the queue until all of the recipients are known. 752 */ 753 754 openxscript(e); 755 e->e_ctime = curtime(); 756 e->e_qfletter = '\0'; 757 758 /* 759 ** Set OutChannel to something useful if stdout isn't it. 760 ** This arranges that any extra stuff the mailer produces 761 ** gets sent back to the user on error (because it is 762 ** tucked away in the transcript). 763 */ 764 765 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) && 766 e->e_xfp != NULL) 767 OutChannel = e->e_xfp; 768 769 /* 770 ** Set up some basic system macros. 771 */ 772 773 /* process id */ 774 (void) sm_snprintf(buf, sizeof(buf), "%d", (int) CurrentPid); 775 macdefine(&e->e_macro, A_TEMP, 'p', buf); 776 777 /* hop count */ 778 (void) sm_snprintf(buf, sizeof(buf), "%d", e->e_hopcount); 779 macdefine(&e->e_macro, A_TEMP, 'c', buf); 780 781 /* time as integer, unix time, arpa time */ 782 settime(e); 783 784 /* Load average */ 785 sm_getla(); 786 787 #ifdef TTYNAME 788 /* tty name */ 789 if (macvalue('y', e) == NULL) 790 { 791 p = ttyname(2); 792 if (p != NULL) 793 { 794 if (strrchr(p, '/') != NULL) 795 p = strrchr(p, '/') + 1; 796 (void) sm_strlcpy(ybuf, sizeof(ybuf), p); 797 macdefine(&e->e_macro, A_PERM, 'y', ybuf); 798 } 799 } 800 #endif /* TTYNAME */ 801 } 802 /* 803 ** SETTIME -- set the current time. 804 ** 805 ** Parameters: 806 ** e -- the envelope in which the macros should be set. 807 ** 808 ** Returns: 809 ** none. 810 ** 811 ** Side Effects: 812 ** Sets the various time macros -- $a, $b, $d, $t. 813 */ 814 815 void 816 settime(e) 817 register ENVELOPE *e; 818 { 819 register char *p; 820 auto time_t now; 821 char buf[30]; 822 register struct tm *tm; 823 824 now = curtime(); 825 (void) sm_snprintf(buf, sizeof(buf), "%ld", (long) now); 826 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf); 827 tm = gmtime(&now); 828 (void) sm_snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d", 829 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 830 tm->tm_hour, tm->tm_min); 831 macdefine(&e->e_macro, A_TEMP, 't', buf); 832 (void) sm_strlcpy(buf, ctime(&now), sizeof(buf)); 833 p = strchr(buf, '\n'); 834 if (p != NULL) 835 *p = '\0'; 836 macdefine(&e->e_macro, A_TEMP, 'd', buf); 837 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf)); 838 if (macvalue('a', e) == NULL) 839 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e)); 840 } 841 /* 842 ** OPENXSCRIPT -- Open transcript file 843 ** 844 ** Creates a transcript file for possible eventual mailing or 845 ** sending back. 846 ** 847 ** Parameters: 848 ** e -- the envelope to create the transcript in/for. 849 ** 850 ** Returns: 851 ** none 852 ** 853 ** Side Effects: 854 ** Creates the transcript file. 855 */ 856 857 #ifndef O_APPEND 858 # define O_APPEND 0 859 #endif /* ! O_APPEND */ 860 861 void 862 openxscript(e) 863 register ENVELOPE *e; 864 { 865 register char *p; 866 867 if (e->e_xfp != NULL) 868 return; 869 870 #if 0 871 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags)) 872 syserr("openxscript: job not locked"); 873 #endif /* 0 */ 874 875 p = queuename(e, XSCRPT_LETTER); 876 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize, 877 SFF_NOTEXCL|SFF_OPENASROOT); 878 879 if (e->e_xfp == NULL) 880 { 881 syserr("Can't create transcript file %s", p); 882 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, 883 SM_PATH_DEVNULL, SM_IO_RDWR, NULL); 884 if (e->e_xfp == NULL) 885 syserr("!Can't open %s", SM_PATH_DEVNULL); 886 } 887 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0); 888 if (tTd(46, 9)) 889 { 890 sm_dprintf("openxscript(%s):\n ", p); 891 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true, 892 false); 893 } 894 } 895 /* 896 ** CLOSEXSCRIPT -- close the transcript file. 897 ** 898 ** Parameters: 899 ** e -- the envelope containing the transcript to close. 900 ** 901 ** Returns: 902 ** none. 903 ** 904 ** Side Effects: 905 ** none. 906 */ 907 908 void 909 closexscript(e) 910 register ENVELOPE *e; 911 { 912 if (e->e_xfp == NULL) 913 return; 914 #if 0 915 if (e->e_lockfp == NULL) 916 syserr("closexscript: job not locked"); 917 #endif /* 0 */ 918 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT); 919 e->e_xfp = NULL; 920 } 921 /* 922 ** SETSENDER -- set the person who this message is from 923 ** 924 ** Under certain circumstances allow the user to say who 925 ** s/he is (using -f or -r). These are: 926 ** 1. The user's uid is zero (root). 927 ** 2. The user's login name is in an approved list (typically 928 ** from a network server). 929 ** 3. The address the user is trying to claim has a 930 ** "!" character in it (since #2 doesn't do it for 931 ** us if we are dialing out for UUCP). 932 ** A better check to replace #3 would be if the 933 ** effective uid is "UUCP" -- this would require me 934 ** to rewrite getpwent to "grab" uucp as it went by, 935 ** make getname more nasty, do another passwd file 936 ** scan, or compile the UID of "UUCP" into the code, 937 ** all of which are reprehensible. 938 ** 939 ** Assuming all of these fail, we figure out something 940 ** ourselves. 941 ** 942 ** Parameters: 943 ** from -- the person we would like to believe this message 944 ** is from, as specified on the command line. 945 ** e -- the envelope in which we would like the sender set. 946 ** delimptr -- if non-NULL, set to the location of the 947 ** trailing delimiter. 948 ** delimchar -- the character that will delimit the sender 949 ** address. 950 ** internal -- set if this address is coming from an internal 951 ** source such as an owner alias. 952 ** 953 ** Returns: 954 ** none. 955 ** 956 ** Side Effects: 957 ** sets sendmail's notion of who the from person is. 958 */ 959 960 void 961 setsender(from, e, delimptr, delimchar, internal) 962 char *from; 963 register ENVELOPE *e; 964 char **delimptr; 965 int delimchar; 966 bool internal; 967 { 968 register char **pvp; 969 char *realname = NULL; 970 char *bp; 971 char buf[MAXNAME + 2]; 972 char pvpbuf[PSBUFSIZE]; 973 extern char *FullName; 974 975 if (tTd(45, 1)) 976 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from); 977 978 /* may be set from earlier calls */ 979 macdefine(&e->e_macro, A_PERM, 'x', ""); 980 981 /* 982 ** Figure out the real user executing us. 983 ** Username can return errno != 0 on non-errors. 984 */ 985 986 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP || 987 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON) 988 realname = from; 989 if (realname == NULL || realname[0] == '\0') 990 realname = username(); 991 992 if (ConfigLevel < 2) 993 SuprErrs = true; 994 995 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 996 997 /* preset state for then clause in case from == NULL */ 998 e->e_from.q_state = QS_BADADDR; 999 e->e_from.q_flags = 0; 1000 if (from == NULL || 1001 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR, 1002 delimchar, delimptr, e, false) == NULL || 1003 QS_IS_BADADDR(e->e_from.q_state) || 1004 e->e_from.q_mailer == ProgMailer || 1005 e->e_from.q_mailer == FileMailer || 1006 e->e_from.q_mailer == InclMailer) 1007 { 1008 /* log garbage addresses for traceback */ 1009 if (from != NULL && LogLevel > 2) 1010 { 1011 char *p; 1012 char ebuf[MAXNAME * 2 + 2]; 1013 1014 p = macvalue('_', e); 1015 if (p == NULL) 1016 { 1017 char *host = RealHostName; 1018 1019 if (host == NULL) 1020 host = MyHostName; 1021 (void) sm_snprintf(ebuf, sizeof(ebuf), 1022 "%.*s@%.*s", MAXNAME, 1023 realname, MAXNAME, host); 1024 p = ebuf; 1025 } 1026 sm_syslog(LOG_NOTICE, e->e_id, 1027 "setsender: %s: invalid or unparsable, received from %s", 1028 shortenstring(from, 83), p); 1029 } 1030 if (from != NULL) 1031 { 1032 if (!QS_IS_BADADDR(e->e_from.q_state)) 1033 { 1034 /* it was a bogus mailer in the from addr */ 1035 e->e_status = "5.1.7"; 1036 usrerrenh(e->e_status, 1037 "553 Invalid sender address"); 1038 } 1039 SuprErrs = true; 1040 } 1041 if (from == realname || 1042 parseaddr(from = realname, 1043 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ', 1044 NULL, e, false) == NULL) 1045 { 1046 char nbuf[100]; 1047 1048 SuprErrs = true; 1049 expand("\201n", nbuf, sizeof(nbuf), e); 1050 from = sm_rpool_strdup_x(e->e_rpool, nbuf); 1051 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ', 1052 NULL, e, false) == NULL && 1053 parseaddr(from = "postmaster", &e->e_from, 1054 RF_COPYALL, ' ', NULL, e, false) == NULL) 1055 syserr("553 5.3.0 setsender: can't even parse postmaster!"); 1056 } 1057 } 1058 else 1059 FromFlag = true; 1060 e->e_from.q_state = QS_SENDER; 1061 if (tTd(45, 5)) 1062 { 1063 sm_dprintf("setsender: QS_SENDER "); 1064 printaddr(sm_debug_file(), &e->e_from, false); 1065 } 1066 SuprErrs = false; 1067 1068 #if USERDB 1069 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags)) 1070 { 1071 register char *p; 1072 1073 p = udbsender(e->e_from.q_user, e->e_rpool); 1074 if (p != NULL) 1075 from = p; 1076 } 1077 #endif /* USERDB */ 1078 1079 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags)) 1080 { 1081 SM_MBDB_T user; 1082 1083 if (!internal) 1084 { 1085 /* if the user already given fullname don't redefine */ 1086 if (FullName == NULL) 1087 FullName = macvalue('x', e); 1088 if (FullName != NULL) 1089 { 1090 if (FullName[0] == '\0') 1091 FullName = NULL; 1092 else 1093 FullName = newstr(FullName); 1094 } 1095 } 1096 1097 if (e->e_from.q_user[0] != '\0' && 1098 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK) 1099 { 1100 /* 1101 ** Process passwd file entry. 1102 */ 1103 1104 /* extract home directory */ 1105 if (*user.mbdb_homedir == '\0') 1106 e->e_from.q_home = NULL; 1107 else if (strcmp(user.mbdb_homedir, "/") == 0) 1108 e->e_from.q_home = ""; 1109 else 1110 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool, 1111 user.mbdb_homedir); 1112 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home); 1113 1114 /* extract user and group id */ 1115 if (user.mbdb_uid != SM_NO_UID) 1116 { 1117 e->e_from.q_uid = user.mbdb_uid; 1118 e->e_from.q_gid = user.mbdb_gid; 1119 e->e_from.q_flags |= QGOODUID; 1120 } 1121 1122 /* extract full name from passwd file */ 1123 if (FullName == NULL && !internal && 1124 user.mbdb_fullname[0] != '\0' && 1125 strcmp(user.mbdb_name, e->e_from.q_user) == 0) 1126 { 1127 FullName = newstr(user.mbdb_fullname); 1128 } 1129 } 1130 else 1131 { 1132 e->e_from.q_home = NULL; 1133 } 1134 if (FullName != NULL && !internal) 1135 macdefine(&e->e_macro, A_TEMP, 'x', FullName); 1136 } 1137 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP) 1138 { 1139 if (e->e_from.q_home == NULL) 1140 { 1141 e->e_from.q_home = getenv("HOME"); 1142 if (e->e_from.q_home != NULL) 1143 { 1144 if (*e->e_from.q_home == '\0') 1145 e->e_from.q_home = NULL; 1146 else if (strcmp(e->e_from.q_home, "/") == 0) 1147 e->e_from.q_home++; 1148 } 1149 } 1150 e->e_from.q_uid = RealUid; 1151 e->e_from.q_gid = RealGid; 1152 e->e_from.q_flags |= QGOODUID; 1153 } 1154 1155 /* 1156 ** Rewrite the from person to dispose of possible implicit 1157 ** links in the net. 1158 */ 1159 1160 pvp = prescan(from, delimchar, pvpbuf, sizeof(pvpbuf), NULL, 1161 IntTokenTab, false); 1162 if (pvp == NULL) 1163 { 1164 /* don't need to give error -- prescan did that already */ 1165 if (LogLevel > 2) 1166 sm_syslog(LOG_NOTICE, e->e_id, 1167 "cannot prescan from (%s)", 1168 shortenstring(from, MAXSHORTSTR)); 1169 finis(true, true, ExitStat); 1170 } 1171 (void) REWRITE(pvp, 3, e); 1172 (void) REWRITE(pvp, 1, e); 1173 (void) REWRITE(pvp, 4, e); 1174 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1175 bp = buf + 1; 1176 cataddr(pvp, NULL, bp, sizeof(buf) - 2, '\0', false); 1177 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags)) 1178 { 1179 /* heuristic: route-addr: add angle brackets */ 1180 (void) sm_strlcat(bp, ">", sizeof(buf) - 1); 1181 *--bp = '<'; 1182 } 1183 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp); 1184 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender); 1185 1186 /* save the domain spec if this mailer wants it */ 1187 if (e->e_from.q_mailer != NULL && 1188 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags)) 1189 { 1190 char **lastat; 1191 1192 /* get rid of any pesky angle brackets */ 1193 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s"); 1194 (void) REWRITE(pvp, 3, e); 1195 (void) REWRITE(pvp, 1, e); 1196 (void) REWRITE(pvp, 4, e); 1197 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL); 1198 1199 /* strip off to the last "@" sign */ 1200 for (lastat = NULL; *pvp != NULL; pvp++) 1201 { 1202 if (strcmp(*pvp, "@") == 0) 1203 lastat = pvp; 1204 } 1205 if (lastat != NULL) 1206 { 1207 e->e_fromdomain = copyplist(lastat, true, e->e_rpool); 1208 if (tTd(45, 3)) 1209 { 1210 sm_dprintf("Saving from domain: "); 1211 printav(sm_debug_file(), e->e_fromdomain); 1212 } 1213 } 1214 } 1215 } 1216 /* 1217 ** PRINTENVFLAGS -- print envelope flags for debugging 1218 ** 1219 ** Parameters: 1220 ** e -- the envelope with the flags to be printed. 1221 ** 1222 ** Returns: 1223 ** none. 1224 */ 1225 1226 struct eflags 1227 { 1228 char *ef_name; 1229 unsigned long ef_bit; 1230 }; 1231 1232 static struct eflags EnvelopeFlags[] = 1233 { 1234 { "OLDSTYLE", EF_OLDSTYLE }, 1235 { "INQUEUE", EF_INQUEUE }, 1236 { "NO_BODY_RETN", EF_NO_BODY_RETN }, 1237 { "CLRQUEUE", EF_CLRQUEUE }, 1238 { "SENDRECEIPT", EF_SENDRECEIPT }, 1239 { "FATALERRS", EF_FATALERRS }, 1240 { "DELETE_BCC", EF_DELETE_BCC }, 1241 { "RESPONSE", EF_RESPONSE }, 1242 { "RESENT", EF_RESENT }, 1243 { "VRFYONLY", EF_VRFYONLY }, 1244 { "WARNING", EF_WARNING }, 1245 { "QUEUERUN", EF_QUEUERUN }, 1246 { "GLOBALERRS", EF_GLOBALERRS }, 1247 { "PM_NOTIFY", EF_PM_NOTIFY }, 1248 { "METOO", EF_METOO }, 1249 { "LOGSENDER", EF_LOGSENDER }, 1250 { "NORECEIPT", EF_NORECEIPT }, 1251 { "HAS8BIT", EF_HAS8BIT }, 1252 { "NL_NOT_EOL", EF_NL_NOT_EOL }, 1253 { "CRLF_NOT_EOL", EF_CRLF_NOT_EOL }, 1254 { "RET_PARAM", EF_RET_PARAM }, 1255 { "HAS_DF", EF_HAS_DF }, 1256 { "IS_MIME", EF_IS_MIME }, 1257 { "DONT_MIME", EF_DONT_MIME }, 1258 { "DISCARD", EF_DISCARD }, 1259 { "TOOBIG", EF_TOOBIG }, 1260 { "SPLIT", EF_SPLIT }, 1261 { "UNSAFE", EF_UNSAFE }, 1262 { NULL, 0 } 1263 }; 1264 1265 void 1266 printenvflags(e) 1267 register ENVELOPE *e; 1268 { 1269 register struct eflags *ef; 1270 bool first = true; 1271 1272 sm_dprintf("%lx", e->e_flags); 1273 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++) 1274 { 1275 if (!bitset(ef->ef_bit, e->e_flags)) 1276 continue; 1277 if (first) 1278 sm_dprintf("<%s", ef->ef_name); 1279 else 1280 sm_dprintf(",%s", ef->ef_name); 1281 first = false; 1282 } 1283 if (!first) 1284 sm_dprintf(">\n"); 1285 } 1286