1 /*
2 * Copyright (c) 1998-2003, 2006 Proofpoint, Inc. and its suppliers.
3 * All rights reserved.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
7 *
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
11 *
12 */
13
14 #include <sendmail.h>
15
16 SM_RCSID("$MirOS: src/gnu/usr.sbin/sendmail/sendmail/envelope.c,v 1.7 2014/06/09 15:17:48 tg Exp $")
17 SM_RCSID("@(#)$Id: envelope.c,v 8.313 2013-11-22 20:51:55 ca Exp $")
18
19 /*
20 ** CLRSESSENVELOPE -- clear session oriented data in an envelope
21 **
22 ** Parameters:
23 ** e -- the envelope to clear.
24 **
25 ** Returns:
26 ** none.
27 */
28
29 void
30 clrsessenvelope(e)
31 ENVELOPE *e;
32 {
33 #if SASL
34 macdefine(&e->e_macro, A_PERM, macid("{auth_type}"), "");
35 macdefine(&e->e_macro, A_PERM, macid("{auth_authen}"), "");
36 macdefine(&e->e_macro, A_PERM, macid("{auth_author}"), "");
37 macdefine(&e->e_macro, A_PERM, macid("{auth_ssf}"), "");
38 #endif /* SASL */
39 #if STARTTLS
40 macdefine(&e->e_macro, A_PERM, macid("{cert_issuer}"), "");
41 macdefine(&e->e_macro, A_PERM, macid("{cert_subject}"), "");
42 macdefine(&e->e_macro, A_PERM, macid("{cipher_bits}"), "");
43 macdefine(&e->e_macro, A_PERM, macid("{cipher}"), "");
44 macdefine(&e->e_macro, A_PERM, macid("{tls_version}"), "");
45 macdefine(&e->e_macro, A_PERM, macid("{verify}"), "");
46 # if _FFR_TLS_1
47 macdefine(&e->e_macro, A_PERM, macid("{alg_bits}"), "");
48 macdefine(&e->e_macro, A_PERM, macid("{cn_issuer}"), "");
49 macdefine(&e->e_macro, A_PERM, macid("{cn_subject}"), "");
50 # endif /* _FFR_TLS_1 */
51 #endif /* STARTTLS */
52 }
53
54 /*
55 ** NEWENVELOPE -- fill in a new envelope
56 **
57 ** Supports inheritance.
58 **
59 ** Parameters:
60 ** e -- the new envelope to fill in.
61 ** parent -- the envelope to be the parent of e.
62 ** rpool -- either NULL, or a pointer to a resource pool
63 ** from which envelope memory is allocated, and
64 ** to which envelope resources are attached.
65 **
66 ** Returns:
67 ** e.
68 **
69 ** Side Effects:
70 ** none.
71 */
72
73 ENVELOPE *
newenvelope(e,parent,rpool)74 newenvelope(e, parent, rpool)
75 register ENVELOPE *e;
76 register ENVELOPE *parent;
77 SM_RPOOL_T *rpool;
78 {
79 int sendmode;
80
81 /*
82 ** This code used to read:
83 ** if (e == parent && e->e_parent != NULL)
84 ** parent = e->e_parent;
85 ** So if e == parent && e->e_parent == NULL then we would
86 ** set e->e_parent = e, which creates a loop in the e_parent chain.
87 ** This meant macvalue() could go into an infinite loop.
88 */
89
90 if (parent != NULL)
91 sendmode = parent->e_sendmode;
92 else
93 sendmode = DM_NOTSET;
94
95 if (e == parent)
96 parent = e->e_parent;
97 clearenvelope(e, true, rpool);
98 if (e == CurEnv)
99 memmove((char *) &e->e_from,
100 (char *) &NullAddress,
101 sizeof(e->e_from));
102 else
103 memmove((char *) &e->e_from,
104 (char *) &CurEnv->e_from,
105 sizeof(e->e_from));
106 e->e_parent = parent;
107 assign_queueid(e);
108 e->e_ctime = curtime();
109 #if _FFR_SESSID
110 e->e_sessid = e->e_id;
111 #endif /* _FFR_SESSID */
112 if (parent != NULL)
113 {
114 e->e_msgpriority = parent->e_msgsize;
115 #if _FFR_SESSID
116 if (parent->e_sessid != NULL)
117 e->e_sessid = sm_rpool_strdup_x(rpool,
118 parent->e_sessid);
119 #endif /* _FFR_SESSID */
120
121 if (parent->e_quarmsg == NULL)
122 {
123 e->e_quarmsg = NULL;
124 macdefine(&e->e_macro, A_PERM,
125 macid("{quarantine}"), "");
126 }
127 else
128 {
129 e->e_quarmsg = sm_rpool_strdup_x(rpool,
130 parent->e_quarmsg);
131 macdefine(&e->e_macro, A_PERM,
132 macid("{quarantine}"), e->e_quarmsg);
133 }
134 }
135 e->e_puthdr = putheader;
136 e->e_putbody = putbody;
137 if (CurEnv->e_xfp != NULL)
138 (void) sm_io_flush(CurEnv->e_xfp, SM_TIME_DEFAULT);
139 if (sendmode != DM_NOTSET)
140 set_delivery_mode(sendmode, e);
141
142 return e;
143 }
144
145 /* values for msg_timeout, see also IS_* below for usage (bit layout) */
146 #define MSG_T_O 0x01 /* normal timeout */
147 #define MSG_T_O_NOW 0x02 /* NOW timeout */
148 #define MSG_NOT_BY 0x04 /* Deliver-By time exceeded, mode R */
149 #define MSG_WARN 0x10 /* normal queue warning */
150 #define MSG_WARN_BY 0x20 /* Deliver-By time exceeded, mode N */
151
152 #define IS_MSG_ERR(x) (((x) & 0x0f) != 0) /* return an error */
153
154 /* immediate return */
155 #define IS_IMM_RET(x) (((x) & (MSG_T_O_NOW|MSG_NOT_BY)) != 0)
156 #define IS_MSG_WARN(x) (((x) & 0xf0) != 0) /* return a warning */
157
158 /*
159 ** DROPENVELOPE -- deallocate an envelope.
160 **
161 ** Parameters:
162 ** e -- the envelope to deallocate.
163 ** fulldrop -- if set, do return receipts.
164 ** split -- if true, split by recipient if message is queued up
165 **
166 ** Returns:
167 ** EX_* status (currently: 0: success, EX_IOERR on panic)
168 **
169 ** Side Effects:
170 ** housekeeping necessary to dispose of an envelope.
171 ** Unlocks this queue file.
172 */
173
174 int
dropenvelope(e,fulldrop,split)175 dropenvelope(e, fulldrop, split)
176 register ENVELOPE *e;
177 bool fulldrop;
178 bool split;
179 {
180 bool panic = false;
181 bool queueit = false;
182 int msg_timeout = 0;
183 bool failure_return = false;
184 bool delay_return = false;
185 bool success_return = false;
186 bool pmnotify = bitset(EF_PM_NOTIFY, e->e_flags);
187 bool done = false;
188 register ADDRESS *q;
189 char *id = e->e_id;
190 time_t now;
191 char buf[MAXLINE];
192
193 if (tTd(50, 1))
194 {
195 sm_dprintf("dropenvelope %p: id=", e);
196 xputs(sm_debug_file(), e->e_id);
197 sm_dprintf(", flags=");
198 printenvflags(e);
199 if (tTd(50, 10))
200 {
201 sm_dprintf("sendq=");
202 printaddr(sm_debug_file(), e->e_sendqueue, true);
203 }
204 }
205
206 if (LogLevel > 84)
207 sm_syslog(LOG_DEBUG, id,
208 "dropenvelope, e_flags=0x%lx, OpMode=%c, pid=%d",
209 e->e_flags, OpMode, (int) CurrentPid);
210
211 /* we must have an id to remove disk files */
212 if (id == NULL)
213 return EX_OK;
214
215 /* if verify-only mode, we can skip most of this */
216 if (OpMode == MD_VERIFY)
217 goto simpledrop;
218
219 if (tTd(92, 2))
220 sm_dprintf("dropenvelope: e_id=%s, EF_LOGSENDER=%d, LogLevel=%d\n",
221 e->e_id, bitset(EF_LOGSENDER, e->e_flags), LogLevel);
222 if (LogLevel > 4 && bitset(EF_LOGSENDER, e->e_flags))
223 logsender(e, NULL);
224 e->e_flags &= ~EF_LOGSENDER;
225
226 /* post statistics */
227 poststats(StatFile);
228
229 /*
230 ** Extract state information from dregs of send list.
231 */
232
233 now = curtime();
234 if (now >= e->e_ctime + TimeOuts.to_q_return[e->e_timeoutclass])
235 msg_timeout = MSG_T_O;
236 if (IS_DLVR_RETURN(e) && e->e_deliver_by > 0 &&
237 now >= e->e_ctime + e->e_deliver_by &&
238 !bitset(EF_RESPONSE, e->e_flags))
239 {
240 msg_timeout = MSG_NOT_BY;
241 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE;
242 }
243 else if (TimeOuts.to_q_return[e->e_timeoutclass] == NOW &&
244 !bitset(EF_RESPONSE, e->e_flags))
245 {
246 msg_timeout = MSG_T_O_NOW;
247 e->e_flags |= EF_FATALERRS|EF_CLRQUEUE;
248 }
249
250
251 e->e_flags &= ~EF_QUEUERUN;
252 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
253 {
254 if (QS_IS_UNDELIVERED(q->q_state))
255 queueit = true;
256
257
258 /* see if a notification is needed */
259 if (bitset(QPINGONFAILURE, q->q_flags) &&
260 ((IS_MSG_ERR(msg_timeout) &&
261 QS_IS_UNDELIVERED(q->q_state)) ||
262 QS_IS_BADADDR(q->q_state) ||
263 IS_IMM_RET(msg_timeout)))
264 {
265 failure_return = true;
266 if (!done && q->q_owner == NULL &&
267 !emptyaddr(&e->e_from))
268 {
269 (void) sendtolist(e->e_from.q_paddr, NULLADDR,
270 &e->e_errorqueue, 0, e);
271 done = true;
272 }
273 }
274 else if ((bitset(QPINGONSUCCESS, q->q_flags) &&
275 ((QS_IS_SENT(q->q_state) &&
276 bitnset(M_LOCALMAILER, q->q_mailer->m_flags)) ||
277 bitset(QRELAYED|QEXPANDED|QDELIVERED, q->q_flags))) ||
278 bitset(QBYTRACE, q->q_flags) ||
279 bitset(QBYNRELAY, q->q_flags))
280 {
281 success_return = true;
282 }
283 }
284
285 if (e->e_class < 0)
286 e->e_flags |= EF_NO_BODY_RETN;
287
288 /*
289 ** See if the message timed out.
290 */
291
292 if (!queueit)
293 /* EMPTY */
294 /* nothing to do */ ;
295 else if (IS_MSG_ERR(msg_timeout))
296 {
297 if (failure_return)
298 {
299 if (msg_timeout == MSG_NOT_BY)
300 {
301 (void) sm_snprintf(buf, sizeof(buf),
302 "delivery time expired %lds",
303 e->e_deliver_by);
304 }
305 else
306 {
307 (void) sm_snprintf(buf, sizeof(buf),
308 "Cannot send message for %s",
309 pintvl(TimeOuts.to_q_return[e->e_timeoutclass],
310 false));
311 }
312
313 /* don't free, allocated from e_rpool */
314 e->e_message = sm_rpool_strdup_x(e->e_rpool, buf);
315 message(buf);
316 e->e_flags |= EF_CLRQUEUE;
317 }
318 if (msg_timeout == MSG_NOT_BY)
319 {
320 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
321 "Delivery time (%lds) expired\n",
322 e->e_deliver_by);
323 }
324 else
325 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
326 "Message could not be delivered for %s\n",
327 pintvl(TimeOuts.to_q_return[e->e_timeoutclass],
328 false));
329 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
330 "Message will be deleted from queue\n");
331 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
332 {
333 if (QS_IS_UNDELIVERED(q->q_state))
334 {
335 q->q_state = QS_BADADDR;
336 if (msg_timeout == MSG_NOT_BY)
337 q->q_status = "5.4.7";
338 else
339 q->q_status = "4.4.7";
340 }
341 }
342 }
343 else
344 {
345 if (TimeOuts.to_q_warning[e->e_timeoutclass] > 0 &&
346 now >= e->e_ctime +
347 TimeOuts.to_q_warning[e->e_timeoutclass])
348 msg_timeout = MSG_WARN;
349 else if (IS_DLVR_NOTIFY(e) &&
350 e->e_deliver_by > 0 &&
351 now >= e->e_ctime + e->e_deliver_by)
352 msg_timeout = MSG_WARN_BY;
353
354 if (IS_MSG_WARN(msg_timeout))
355 {
356 if (!bitset(EF_WARNING|EF_RESPONSE, e->e_flags) &&
357 e->e_class >= 0 &&
358 e->e_from.q_paddr != NULL &&
359 strcmp(e->e_from.q_paddr, "<>") != 0 &&
360 sm_strncasecmp(e->e_from.q_paddr, "owner-", 6) != 0 &&
361 (strlen(e->e_from.q_paddr) <= 8 ||
362 sm_strcasecmp(&e->e_from.q_paddr[strlen(e->e_from.q_paddr) - 8],
363 "-request") != 0))
364 {
365 for (q = e->e_sendqueue; q != NULL;
366 q = q->q_next)
367 {
368 if (QS_IS_UNDELIVERED(q->q_state)
369 #if _FFR_NODELAYDSN_ON_HOLD
370 && !bitnset(M_HOLD,
371 q->q_mailer->m_flags)
372 #endif /* _FFR_NODELAYDSN_ON_HOLD */
373 )
374 {
375 if (msg_timeout ==
376 MSG_WARN_BY &&
377 (bitset(QPINGONDELAY,
378 q->q_flags) ||
379 !bitset(QHASNOTIFY,
380 q->q_flags))
381 )
382 {
383 q->q_flags |= QBYNDELAY;
384 delay_return = true;
385 }
386 if (bitset(QPINGONDELAY,
387 q->q_flags))
388 {
389 q->q_flags |= QDELAYED;
390 delay_return = true;
391 }
392 }
393 }
394 }
395 if (delay_return)
396 {
397 if (msg_timeout == MSG_WARN_BY)
398 {
399 (void) sm_snprintf(buf, sizeof(buf),
400 "Warning: Delivery time (%lds) exceeded",
401 e->e_deliver_by);
402 }
403 else
404 (void) sm_snprintf(buf, sizeof(buf),
405 "Warning: could not send message for past %s",
406 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass],
407 false));
408
409 /* don't free, allocated from e_rpool */
410 e->e_message = sm_rpool_strdup_x(e->e_rpool,
411 buf);
412 message(buf);
413 e->e_flags |= EF_WARNING;
414 }
415 if (msg_timeout == MSG_WARN_BY)
416 {
417 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
418 "Warning: Delivery time (%lds) exceeded\n",
419 e->e_deliver_by);
420 }
421 else
422 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
423 "Warning: message still undelivered after %s\n",
424 pintvl(TimeOuts.to_q_warning[e->e_timeoutclass],
425 false));
426 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
427 "Will keep trying until message is %s old\n",
428 pintvl(TimeOuts.to_q_return[e->e_timeoutclass],
429 false));
430 }
431 }
432
433 if (tTd(50, 2))
434 sm_dprintf("failure_return=%d delay_return=%d success_return=%d queueit=%d\n",
435 failure_return, delay_return, success_return, queueit);
436
437 /*
438 ** If we had some fatal error, but no addresses are marked as
439 ** bad, mark them _all_ as bad.
440 */
441
442 if (bitset(EF_FATALERRS, e->e_flags) && !failure_return)
443 {
444 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
445 {
446 if ((QS_IS_OK(q->q_state) ||
447 QS_IS_VERIFIED(q->q_state)) &&
448 bitset(QPINGONFAILURE, q->q_flags))
449 {
450 failure_return = true;
451 q->q_state = QS_BADADDR;
452 }
453 }
454 }
455
456 /*
457 ** Send back return receipts as requested.
458 */
459
460 if (success_return && !failure_return && !delay_return && fulldrop &&
461 !bitset(PRIV_NORECEIPTS, PrivacyFlags) &&
462 strcmp(e->e_from.q_paddr, "<>") != 0)
463 {
464 auto ADDRESS *rlist = NULL;
465
466 if (tTd(50, 8))
467 sm_dprintf("dropenvelope(%s): sending return receipt\n",
468 id);
469 e->e_flags |= EF_SENDRECEIPT;
470 (void) sendtolist(e->e_from.q_paddr, NULLADDR, &rlist, 0, e);
471 (void) returntosender("Return receipt", rlist, RTSF_NO_BODY, e);
472 }
473 e->e_flags &= ~EF_SENDRECEIPT;
474
475 /*
476 ** Arrange to send error messages if there are fatal errors.
477 */
478
479 if ((failure_return || delay_return) && e->e_errormode != EM_QUIET)
480 {
481 if (tTd(50, 8))
482 sm_dprintf("dropenvelope(%s): saving mail\n", id);
483 panic = savemail(e, !bitset(EF_NO_BODY_RETN, e->e_flags));
484 }
485
486 /*
487 ** Arrange to send warning messages to postmaster as requested.
488 */
489
490 if ((failure_return || pmnotify) &&
491 PostMasterCopy != NULL &&
492 !bitset(EF_RESPONSE, e->e_flags) &&
493 e->e_class >= 0)
494 {
495 auto ADDRESS *rlist = NULL;
496 char pcopy[MAXNAME];
497
498 if (failure_return)
499 {
500 expand(PostMasterCopy, pcopy, sizeof(pcopy), e);
501
502 if (tTd(50, 8))
503 sm_dprintf("dropenvelope(%s): sending postmaster copy to %s\n",
504 id, pcopy);
505 (void) sendtolist(pcopy, NULLADDR, &rlist, 0, e);
506 }
507 if (pmnotify)
508 (void) sendtolist("postmaster", NULLADDR,
509 &rlist, 0, e);
510 (void) returntosender(e->e_message, rlist,
511 RTSF_PM_BOUNCE|RTSF_NO_BODY, e);
512 }
513
514 /*
515 ** Instantiate or deinstantiate the queue.
516 */
517
518 simpledrop:
519 if (tTd(50, 8))
520 sm_dprintf("dropenvelope(%s): at simpledrop, queueit=%d\n",
521 id, queueit);
522 if (!queueit || bitset(EF_CLRQUEUE, e->e_flags))
523 {
524 if (tTd(50, 1))
525 {
526 sm_dprintf("\n===== Dropping queue files for %s... queueit=%d, e_flags=",
527 e->e_id, queueit);
528 printenvflags(e);
529 }
530 if (!panic)
531 {
532 if (e->e_dfp != NULL)
533 {
534 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
535 e->e_dfp = NULL;
536 }
537 (void) xunlink(queuename(e, DATAFL_LETTER));
538 }
539 if (panic && QueueMode == QM_LOST)
540 {
541 /*
542 ** leave the Qf file behind as
543 ** the delivery attempt failed.
544 */
545
546 /* EMPTY */
547 }
548 else
549 if (xunlink(queuename(e, ANYQFL_LETTER)) == 0)
550 {
551 /* add to available space in filesystem */
552 updfs(e, -1, panic ? 0 : -1, "dropenvelope");
553 }
554
555 if (e->e_ntries > 0 && LogLevel > 9)
556 sm_syslog(LOG_INFO, id, "done; delay=%s, ntries=%d",
557 pintvl(curtime() - e->e_ctime, true),
558 e->e_ntries);
559 }
560 else if (queueit || !bitset(EF_INQUEUE, e->e_flags))
561 {
562 if (!split)
563 queueup(e, false, true);
564 else
565 {
566 ENVELOPE *oldsib;
567 ENVELOPE *ee;
568
569 /*
570 ** Save old sibling and set it to NULL to avoid
571 ** queueing up the same envelopes again.
572 ** This requires that envelopes in that list have
573 ** been take care of before (or at some other place).
574 */
575
576 oldsib = e->e_sibling;
577 e->e_sibling = NULL;
578 if (!split_by_recipient(e) &&
579 bitset(EF_FATALERRS, e->e_flags))
580 {
581 syserr("!dropenvelope(%s): cannot commit data file %s, uid=%d",
582 e->e_id, queuename(e, DATAFL_LETTER),
583 (int) geteuid());
584 }
585 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling)
586 queueup(ee, false, true);
587 queueup(e, false, true);
588
589 /* clean up */
590 for (ee = e->e_sibling; ee != NULL; ee = ee->e_sibling)
591 {
592 /* now unlock the job */
593 if (tTd(50, 8))
594 sm_dprintf("dropenvelope(%s): unlocking job\n",
595 ee->e_id);
596 closexscript(ee);
597 unlockqueue(ee);
598
599 /* this envelope is marked unused */
600 if (ee->e_dfp != NULL)
601 {
602 (void) sm_io_close(ee->e_dfp,
603 SM_TIME_DEFAULT);
604 ee->e_dfp = NULL;
605 }
606 ee->e_id = NULL;
607 ee->e_flags &= ~EF_HAS_DF;
608 }
609 e->e_sibling = oldsib;
610 }
611 }
612
613 /* now unlock the job */
614 if (tTd(50, 8))
615 sm_dprintf("dropenvelope(%s): unlocking job\n", id);
616 closexscript(e);
617 unlockqueue(e);
618
619 /* make sure that this envelope is marked unused */
620 if (e->e_dfp != NULL)
621 {
622 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
623 e->e_dfp = NULL;
624 }
625 e->e_id = NULL;
626 e->e_flags &= ~EF_HAS_DF;
627 if (panic)
628 return EX_IOERR;
629 return EX_OK;
630 }
631
632 /*
633 ** CLEARENVELOPE -- clear an envelope without unlocking
634 **
635 ** This is normally used by a child process to get a clean
636 ** envelope without disturbing the parent.
637 **
638 ** Parameters:
639 ** e -- the envelope to clear.
640 ** fullclear - if set, the current envelope is total
641 ** garbage and should be ignored; otherwise,
642 ** release any resources it may indicate.
643 ** rpool -- either NULL, or a pointer to a resource pool
644 ** from which envelope memory is allocated, and
645 ** to which envelope resources are attached.
646 **
647 ** Returns:
648 ** none.
649 **
650 ** Side Effects:
651 ** Closes files associated with the envelope.
652 ** Marks the envelope as unallocated.
653 */
654
655 void
clearenvelope(e,fullclear,rpool)656 clearenvelope(e, fullclear, rpool)
657 register ENVELOPE *e;
658 bool fullclear;
659 SM_RPOOL_T *rpool;
660 {
661 register HDR *bh;
662 register HDR **nhp;
663 extern ENVELOPE BlankEnvelope;
664 char **p;
665
666 if (!fullclear)
667 {
668 /* clear out any file information */
669 if (e->e_xfp != NULL)
670 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT);
671 if (e->e_dfp != NULL)
672 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
673 e->e_xfp = e->e_dfp = NULL;
674 }
675
676 /*
677 ** Copy BlankEnvelope into *e.
678 ** It is not safe to simply copy pointers to strings;
679 ** the strings themselves must be copied (or set to NULL).
680 ** The problem is that when we assign a new string value to
681 ** a member of BlankEnvelope, we free the old string.
682 ** We did not need to do this copying in sendmail 8.11 :-(
683 ** and it is a potential performance hit. Reference counted
684 ** strings are one way out.
685 */
686
687 *e = BlankEnvelope;
688 e->e_message = NULL;
689 e->e_qfletter = '\0';
690 e->e_quarmsg = NULL;
691 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), "");
692
693 /*
694 ** Copy the macro table.
695 ** We might be able to avoid this by zeroing the macro table
696 ** and always searching BlankEnvelope.e_macro after e->e_macro
697 ** in macvalue().
698 */
699
700 for (p = &e->e_macro.mac_table[0];
701 p <= &e->e_macro.mac_table[MAXMACROID];
702 ++p)
703 {
704 if (*p != NULL)
705 *p = sm_rpool_strdup_x(rpool, *p);
706 }
707
708 /*
709 ** XXX There are many strings in the envelope structure
710 ** XXX that we are not attempting to copy here.
711 ** XXX Investigate this further.
712 */
713
714 e->e_rpool = rpool;
715 e->e_macro.mac_rpool = rpool;
716 if (Verbose)
717 set_delivery_mode(SM_DELIVER, e);
718 bh = BlankEnvelope.e_header;
719 nhp = &e->e_header;
720 while (bh != NULL)
721 {
722 *nhp = (HDR *) sm_rpool_malloc_x(rpool, sizeof(*bh));
723 memmove((char *) *nhp, (char *) bh, sizeof(*bh));
724 bh = bh->h_link;
725 nhp = &(*nhp)->h_link;
726 }
727 #if _FFR_MILTER_ENHSC
728 e->e_enhsc[0] = '\0';
729 #endif /* _FFR_MILTER_ENHSC */
730 }
731 /*
732 ** INITSYS -- initialize instantiation of system
733 **
734 ** In Daemon mode, this is done in the child.
735 **
736 ** Parameters:
737 ** e -- the envelope to use.
738 **
739 ** Returns:
740 ** none.
741 **
742 ** Side Effects:
743 ** Initializes the system macros, some global variables,
744 ** etc. In particular, the current time in various
745 ** forms is set.
746 */
747
748 void
initsys(e)749 initsys(e)
750 register ENVELOPE *e;
751 {
752 char buf[10];
753 #ifdef TTYNAME
754 static char ybuf[60]; /* holds tty id */
755 register char *p;
756 extern char *ttyname();
757 #endif /* TTYNAME */
758
759 /*
760 ** Give this envelope a reality.
761 ** I.e., an id, a transcript, and a creation time.
762 ** We don't select the queue until all of the recipients are known.
763 */
764
765 openxscript(e);
766 e->e_ctime = curtime();
767 e->e_qfletter = '\0';
768
769 /*
770 ** Set OutChannel to something useful if stdout isn't it.
771 ** This arranges that any extra stuff the mailer produces
772 ** gets sent back to the user on error (because it is
773 ** tucked away in the transcript).
774 */
775
776 if (OpMode == MD_DAEMON && bitset(EF_QUEUERUN, e->e_flags) &&
777 e->e_xfp != NULL)
778 OutChannel = e->e_xfp;
779
780 /*
781 ** Set up some basic system macros.
782 */
783
784 /* process id */
785 (void) sm_snprintf(buf, sizeof(buf), "%d", (int) CurrentPid);
786 macdefine(&e->e_macro, A_TEMP, 'p', buf);
787
788 /* hop count */
789 (void) sm_snprintf(buf, sizeof(buf), "%d", e->e_hopcount);
790 macdefine(&e->e_macro, A_TEMP, 'c', buf);
791
792 /* time as integer, unix time, arpa time */
793 settime(e);
794
795 /* Load average */
796 sm_getla();
797
798 #ifdef TTYNAME
799 /* tty name */
800 if (macvalue('y', e) == NULL)
801 {
802 p = ttyname(2);
803 if (p != NULL)
804 {
805 if (strrchr(p, '/') != NULL)
806 p = strrchr(p, '/') + 1;
807 (void) sm_strlcpy(ybuf, sizeof(ybuf), p);
808 macdefine(&e->e_macro, A_PERM, 'y', ybuf);
809 }
810 }
811 #endif /* TTYNAME */
812 }
813 /*
814 ** SETTIME -- set the current time.
815 **
816 ** Parameters:
817 ** e -- the envelope in which the macros should be set.
818 **
819 ** Returns:
820 ** none.
821 **
822 ** Side Effects:
823 ** Sets the various time macros -- $a, $b, $d, $t.
824 */
825
826 void
settime(e)827 settime(e)
828 register ENVELOPE *e;
829 {
830 register char *p;
831 auto time_t now;
832 char buf[30];
833 register struct tm *tm;
834
835 now = curtime();
836 (void) sm_snprintf(buf, sizeof(buf), "%ld", (long) now);
837 macdefine(&e->e_macro, A_TEMP, macid("{time}"), buf);
838 tm = gmtime(&now);
839 (void) sm_snprintf(buf, sizeof(buf), "%04d%02d%02d%02d%02d",
840 (int)(tm->tm_year + 1900), tm->tm_mon + 1, tm->tm_mday,
841 tm->tm_hour, tm->tm_min);
842 macdefine(&e->e_macro, A_TEMP, 't', buf);
843 (void) sm_strlcpy(buf, ctime(&now), sizeof(buf));
844 p = strchr(buf, '\n');
845 if (p != NULL)
846 *p = '\0';
847 macdefine(&e->e_macro, A_TEMP, 'd', buf);
848 macdefine(&e->e_macro, A_TEMP, 'b', arpadate(buf));
849 if (macvalue('a', e) == NULL)
850 macdefine(&e->e_macro, A_PERM, 'a', macvalue('b', e));
851 }
852 /*
853 ** OPENXSCRIPT -- Open transcript file
854 **
855 ** Creates a transcript file for possible eventual mailing or
856 ** sending back.
857 **
858 ** Parameters:
859 ** e -- the envelope to create the transcript in/for.
860 **
861 ** Returns:
862 ** none
863 **
864 ** Side Effects:
865 ** Creates the transcript file.
866 */
867
868 #ifndef O_APPEND
869 # define O_APPEND 0
870 #endif /* ! O_APPEND */
871
872 void
openxscript(e)873 openxscript(e)
874 register ENVELOPE *e;
875 {
876 register char *p;
877
878 if (e->e_xfp != NULL)
879 return;
880
881 #if 0
882 if (e->e_lockfp == NULL && bitset(EF_INQUEUE, e->e_flags))
883 syserr("openxscript: job not locked");
884 #endif /* 0 */
885
886 p = queuename(e, XSCRPT_LETTER);
887 e->e_xfp = bfopen(p, FileMode, XscriptFileBufferSize,
888 SFF_NOTEXCL|SFF_OPENASROOT);
889
890 if (e->e_xfp == NULL)
891 {
892 syserr("Can't create transcript file %s", p);
893 e->e_xfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT,
894 SM_PATH_DEVNULL, SM_IO_RDWR, NULL);
895 if (e->e_xfp == NULL)
896 syserr("!Can't open %s", SM_PATH_DEVNULL);
897 }
898 (void) sm_io_setvbuf(e->e_xfp, SM_TIME_DEFAULT, NULL, SM_IO_LBF, 0);
899 if (tTd(46, 9))
900 {
901 sm_dprintf("openxscript(%s):\n ", p);
902 dumpfd(sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL), true,
903 false);
904 }
905 }
906 /*
907 ** CLOSEXSCRIPT -- close the transcript file.
908 **
909 ** Parameters:
910 ** e -- the envelope containing the transcript to close.
911 **
912 ** Returns:
913 ** none.
914 **
915 ** Side Effects:
916 ** none.
917 */
918
919 void
closexscript(e)920 closexscript(e)
921 register ENVELOPE *e;
922 {
923 if (e->e_xfp == NULL)
924 return;
925 #if 0
926 if (e->e_lockfp == NULL)
927 syserr("closexscript: job not locked");
928 #endif /* 0 */
929 (void) sm_io_close(e->e_xfp, SM_TIME_DEFAULT);
930 e->e_xfp = NULL;
931 }
932 /*
933 ** SETSENDER -- set the person who this message is from
934 **
935 ** Under certain circumstances allow the user to say who
936 ** s/he is (using -f or -r). These are:
937 ** 1. The user's uid is zero (root).
938 ** 2. The user's login name is in an approved list (typically
939 ** from a network server).
940 ** 3. The address the user is trying to claim has a
941 ** "!" character in it (since #2 doesn't do it for
942 ** us if we are dialing out for UUCP).
943 ** A better check to replace #3 would be if the
944 ** effective uid is "UUCP" -- this would require me
945 ** to rewrite getpwent to "grab" uucp as it went by,
946 ** make getname more nasty, do another passwd file
947 ** scan, or compile the UID of "UUCP" into the code,
948 ** all of which are reprehensible.
949 **
950 ** Assuming all of these fail, we figure out something
951 ** ourselves.
952 **
953 ** Parameters:
954 ** from -- the person we would like to believe this message
955 ** is from, as specified on the command line.
956 ** e -- the envelope in which we would like the sender set.
957 ** delimptr -- if non-NULL, set to the location of the
958 ** trailing delimiter.
959 ** delimchar -- the character that will delimit the sender
960 ** address.
961 ** internal -- set if this address is coming from an internal
962 ** source such as an owner alias.
963 **
964 ** Returns:
965 ** none.
966 **
967 ** Side Effects:
968 ** sets sendmail's notion of who the from person is.
969 */
970
971 void
setsender(from,e,delimptr,delimchar,internal)972 setsender(from, e, delimptr, delimchar, internal)
973 char *from;
974 register ENVELOPE *e;
975 char **delimptr;
976 int delimchar;
977 bool internal;
978 {
979 register char **pvp;
980 char *realname = NULL;
981 char *bp;
982 char buf[MAXNAME + 2];
983 char pvpbuf[PSBUFSIZE];
984 extern char *FullName;
985
986 if (tTd(45, 1))
987 sm_dprintf("setsender(%s)\n", from == NULL ? "" : from);
988
989 /* may be set from earlier calls */
990 macdefine(&e->e_macro, A_PERM, 'x', "");
991
992 /*
993 ** Figure out the real user executing us.
994 ** Username can return errno != 0 on non-errors.
995 */
996
997 if (bitset(EF_QUEUERUN, e->e_flags) || OpMode == MD_SMTP ||
998 OpMode == MD_ARPAFTP || OpMode == MD_DAEMON)
999 realname = from;
1000 if (realname == NULL || realname[0] == '\0')
1001 realname = username();
1002
1003 if (ConfigLevel < 2)
1004 SuprErrs = true;
1005
1006 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s");
1007
1008 /* preset state for then clause in case from == NULL */
1009 e->e_from.q_state = QS_BADADDR;
1010 e->e_from.q_flags = 0;
1011 if (from == NULL ||
1012 parseaddr(from, &e->e_from, RF_COPYALL|RF_SENDERADDR,
1013 delimchar, delimptr, e, false) == NULL ||
1014 QS_IS_BADADDR(e->e_from.q_state) ||
1015 e->e_from.q_mailer == ProgMailer ||
1016 e->e_from.q_mailer == FileMailer ||
1017 e->e_from.q_mailer == InclMailer)
1018 {
1019 /* log garbage addresses for traceback */
1020 if (from != NULL && LogLevel > 2)
1021 {
1022 char *p;
1023 char ebuf[MAXNAME * 2 + 2];
1024
1025 p = macvalue('_', e);
1026 if (p == NULL)
1027 {
1028 char *host = RealHostName;
1029
1030 if (host == NULL)
1031 host = MyHostName;
1032 (void) sm_snprintf(ebuf, sizeof(ebuf),
1033 "%.*s@%.*s", MAXNAME,
1034 realname, MAXNAME, host);
1035 p = ebuf;
1036 }
1037 sm_syslog(LOG_NOTICE, e->e_id,
1038 "setsender: %s: invalid or unparsable, received from %s",
1039 shortenstring(from, 83), p);
1040 }
1041 if (from != NULL)
1042 {
1043 if (!QS_IS_BADADDR(e->e_from.q_state))
1044 {
1045 /* it was a bogus mailer in the from addr */
1046 e->e_status = "5.1.7";
1047 usrerrenh(e->e_status,
1048 "553 Invalid sender address");
1049 }
1050 SuprErrs = true;
1051 }
1052 if (from == realname ||
1053 parseaddr(from = realname,
1054 &e->e_from, RF_COPYALL|RF_SENDERADDR, ' ',
1055 NULL, e, false) == NULL)
1056 {
1057 char nbuf[100];
1058
1059 SuprErrs = true;
1060 expand("\201n", nbuf, sizeof(nbuf), e);
1061 from = sm_rpool_strdup_x(e->e_rpool, nbuf);
1062 if (parseaddr(from, &e->e_from, RF_COPYALL, ' ',
1063 NULL, e, false) == NULL &&
1064 parseaddr(from = "postmaster", &e->e_from,
1065 RF_COPYALL, ' ', NULL, e, false) == NULL)
1066 syserr("553 5.3.0 setsender: can't even parse postmaster!");
1067 }
1068 }
1069 else
1070 FromFlag = true;
1071 e->e_from.q_state = QS_SENDER;
1072 if (tTd(45, 5))
1073 {
1074 sm_dprintf("setsender: QS_SENDER ");
1075 printaddr(sm_debug_file(), &e->e_from, false);
1076 }
1077 SuprErrs = false;
1078
1079 #if USERDB
1080 if (bitnset(M_CHECKUDB, e->e_from.q_mailer->m_flags))
1081 {
1082 register char *p;
1083
1084 p = udbsender(e->e_from.q_user, e->e_rpool);
1085 if (p != NULL)
1086 from = p;
1087 }
1088 #endif /* USERDB */
1089
1090 if (bitnset(M_HASPWENT, e->e_from.q_mailer->m_flags))
1091 {
1092 SM_MBDB_T user;
1093
1094 if (!internal)
1095 {
1096 /* if the user already given fullname don't redefine */
1097 if (FullName == NULL)
1098 FullName = macvalue('x', e);
1099 if (FullName != NULL)
1100 {
1101 if (FullName[0] == '\0')
1102 FullName = NULL;
1103 else
1104 FullName = newstr(FullName);
1105 }
1106 }
1107
1108 if (e->e_from.q_user[0] != '\0' &&
1109 sm_mbdb_lookup(e->e_from.q_user, &user) == EX_OK)
1110 {
1111 /*
1112 ** Process passwd file entry.
1113 */
1114
1115 /* extract home directory */
1116 if (*user.mbdb_homedir == '\0')
1117 e->e_from.q_home = NULL;
1118 else if (strcmp(user.mbdb_homedir, "/") == 0)
1119 e->e_from.q_home = "";
1120 else
1121 e->e_from.q_home = sm_rpool_strdup_x(e->e_rpool,
1122 user.mbdb_homedir);
1123 macdefine(&e->e_macro, A_PERM, 'z', e->e_from.q_home);
1124
1125 /* extract user and group id */
1126 if (user.mbdb_uid != SM_NO_UID)
1127 {
1128 e->e_from.q_uid = user.mbdb_uid;
1129 e->e_from.q_gid = user.mbdb_gid;
1130 e->e_from.q_flags |= QGOODUID;
1131 }
1132
1133 /* extract full name from passwd file */
1134 if (FullName == NULL && !internal &&
1135 user.mbdb_fullname[0] != '\0' &&
1136 strcmp(user.mbdb_name, e->e_from.q_user) == 0)
1137 {
1138 FullName = newstr(user.mbdb_fullname);
1139 }
1140 }
1141 else
1142 {
1143 e->e_from.q_home = NULL;
1144 }
1145 if (FullName != NULL && !internal)
1146 macdefine(&e->e_macro, A_TEMP, 'x', FullName);
1147 }
1148 else if (!internal && OpMode != MD_DAEMON && OpMode != MD_SMTP)
1149 {
1150 if (e->e_from.q_home == NULL)
1151 {
1152 e->e_from.q_home = getenv("HOME");
1153 if (e->e_from.q_home != NULL)
1154 {
1155 if (*e->e_from.q_home == '\0')
1156 e->e_from.q_home = NULL;
1157 else if (strcmp(e->e_from.q_home, "/") == 0)
1158 e->e_from.q_home++;
1159 }
1160 }
1161 e->e_from.q_uid = RealUid;
1162 e->e_from.q_gid = RealGid;
1163 e->e_from.q_flags |= QGOODUID;
1164 }
1165
1166 /*
1167 ** Rewrite the from person to dispose of possible implicit
1168 ** links in the net.
1169 */
1170
1171 pvp = prescan(from, delimchar, pvpbuf, sizeof(pvpbuf), NULL,
1172 IntTokenTab, false);
1173 if (pvp == NULL)
1174 {
1175 /* don't need to give error -- prescan did that already */
1176 if (LogLevel > 2)
1177 sm_syslog(LOG_NOTICE, e->e_id,
1178 "cannot prescan from (%s)",
1179 shortenstring(from, MAXSHORTSTR));
1180 finis(true, true, ExitStat);
1181 }
1182 (void) REWRITE(pvp, 3, e);
1183 (void) REWRITE(pvp, 1, e);
1184 (void) REWRITE(pvp, 4, e);
1185 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL);
1186 bp = buf + 1;
1187 cataddr(pvp, NULL, bp, sizeof(buf) - 2, '\0', false);
1188 if (*bp == '@' && !bitnset(M_NOBRACKET, e->e_from.q_mailer->m_flags))
1189 {
1190 /* heuristic: route-addr: add angle brackets */
1191 (void) sm_strlcat(bp, ">", sizeof(buf) - 1);
1192 *--bp = '<';
1193 }
1194 e->e_sender = sm_rpool_strdup_x(e->e_rpool, bp);
1195 macdefine(&e->e_macro, A_PERM, 'f', e->e_sender);
1196
1197 /* save the domain spec if this mailer wants it */
1198 if (e->e_from.q_mailer != NULL &&
1199 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags))
1200 {
1201 char **lastat;
1202
1203 /* get rid of any pesky angle brackets */
1204 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e s");
1205 (void) REWRITE(pvp, 3, e);
1206 (void) REWRITE(pvp, 1, e);
1207 (void) REWRITE(pvp, 4, e);
1208 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL);
1209
1210 /* strip off to the last "@" sign */
1211 for (lastat = NULL; *pvp != NULL; pvp++)
1212 {
1213 if (strcmp(*pvp, "@") == 0)
1214 lastat = pvp;
1215 }
1216 if (lastat != NULL)
1217 {
1218 e->e_fromdomain = copyplist(lastat, true, e->e_rpool);
1219 if (tTd(45, 3))
1220 {
1221 sm_dprintf("Saving from domain: ");
1222 printav(sm_debug_file(), e->e_fromdomain);
1223 }
1224 }
1225 }
1226 }
1227 /*
1228 ** PRINTENVFLAGS -- print envelope flags for debugging
1229 **
1230 ** Parameters:
1231 ** e -- the envelope with the flags to be printed.
1232 **
1233 ** Returns:
1234 ** none.
1235 */
1236
1237 struct eflags
1238 {
1239 char *ef_name;
1240 unsigned long ef_bit;
1241 };
1242
1243 static struct eflags EnvelopeFlags[] =
1244 {
1245 { "OLDSTYLE", EF_OLDSTYLE },
1246 { "INQUEUE", EF_INQUEUE },
1247 { "NO_BODY_RETN", EF_NO_BODY_RETN },
1248 { "CLRQUEUE", EF_CLRQUEUE },
1249 { "SENDRECEIPT", EF_SENDRECEIPT },
1250 { "FATALERRS", EF_FATALERRS },
1251 { "DELETE_BCC", EF_DELETE_BCC },
1252 { "RESPONSE", EF_RESPONSE },
1253 { "RESENT", EF_RESENT },
1254 { "VRFYONLY", EF_VRFYONLY },
1255 { "WARNING", EF_WARNING },
1256 { "QUEUERUN", EF_QUEUERUN },
1257 { "GLOBALERRS", EF_GLOBALERRS },
1258 { "PM_NOTIFY", EF_PM_NOTIFY },
1259 { "METOO", EF_METOO },
1260 { "LOGSENDER", EF_LOGSENDER },
1261 { "NORECEIPT", EF_NORECEIPT },
1262 { "HAS8BIT", EF_HAS8BIT },
1263 { "NL_NOT_EOL", EF_NL_NOT_EOL },
1264 { "CRLF_NOT_EOL", EF_CRLF_NOT_EOL },
1265 { "RET_PARAM", EF_RET_PARAM },
1266 { "HAS_DF", EF_HAS_DF },
1267 { "IS_MIME", EF_IS_MIME },
1268 { "DONT_MIME", EF_DONT_MIME },
1269 { "DISCARD", EF_DISCARD },
1270 { "TOOBIG", EF_TOOBIG },
1271 { "SPLIT", EF_SPLIT },
1272 { "UNSAFE", EF_UNSAFE },
1273 { NULL, 0 }
1274 };
1275
1276 void
printenvflags(e)1277 printenvflags(e)
1278 register ENVELOPE *e;
1279 {
1280 register struct eflags *ef;
1281 bool first = true;
1282
1283 sm_dprintf("%lx", e->e_flags);
1284 for (ef = EnvelopeFlags; ef->ef_name != NULL; ef++)
1285 {
1286 if (!bitset(ef->ef_bit, e->e_flags))
1287 continue;
1288 if (first)
1289 sm_dprintf("<%s", ef->ef_name);
1290 else
1291 sm_dprintf(",%s", ef->ef_name);
1292 first = false;
1293 }
1294 if (!first)
1295 sm_dprintf(">\n");
1296 }
1297