1 /*
2 ** Sendmail
3 ** Copyright (c) 1983 Eric P. Allman
4 ** Berkeley, California
5 **
6 ** Copyright (c) 1983 Regents of the University of California.
7 ** All rights reserved. The Berkeley software License Agreement
8 ** specifies the terms and conditions for redistribution.
9 */
10
11 #ifndef lint
12 static char SccsId[] = "@(#)recipient.c 5.9 (Berkeley) 10/23/86";
13 #endif not lint
14
15 # include <pwd.h>
16 # include "sendmail.h"
17 # include <sys/stat.h>
18
19 /*
20 ** SENDTOLIST -- Designate a send list.
21 **
22 ** The parameter is a comma-separated list of people to send to.
23 ** This routine arranges to send to all of them.
24 **
25 ** Parameters:
26 ** list -- the send list.
27 ** ctladdr -- the address template for the person to
28 ** send to -- effective uid/gid are important.
29 ** This is typically the alias that caused this
30 ** expansion.
31 ** sendq -- a pointer to the head of a queue to put
32 ** these people into.
33 **
34 ** Returns:
35 ** none
36 **
37 ** Side Effects:
38 ** none.
39 */
40
41 # define MAXRCRSN 10
42
43 sendtolist(list, ctladdr, sendq)
44 char *list;
45 ADDRESS *ctladdr;
46 ADDRESS **sendq;
47 {
48 register char *p;
49 register ADDRESS *al; /* list of addresses to send to */
50 bool firstone; /* set on first address sent */
51 bool selfref; /* set if this list includes ctladdr */
52 char delimiter; /* the address delimiter */
53
54 # ifdef DEBUG
55 if (tTd(25, 1))
56 {
57 printf("sendto: %s\n ctladdr=", list);
58 printaddr(ctladdr, FALSE);
59 }
60 # endif DEBUG
61
62 /* heuristic to determine old versus new style addresses */
63 if (ctladdr == NULL &&
64 (index(list, ',') != NULL || index(list, ';') != NULL ||
65 index(list, '<') != NULL || index(list, '(') != NULL))
66 CurEnv->e_flags &= ~EF_OLDSTYLE;
67 delimiter = ' ';
68 if (!bitset(EF_OLDSTYLE, CurEnv->e_flags) || ctladdr != NULL)
69 delimiter = ',';
70
71 firstone = TRUE;
72 selfref = FALSE;
73 al = NULL;
74
75 for (p = list; *p != '\0'; )
76 {
77 register ADDRESS *a;
78 extern char *DelimChar; /* defined in prescan */
79
80 /* parse the address */
81 while (isspace(*p) || *p == ',')
82 p++;
83 a = parseaddr(p, (ADDRESS *) NULL, 1, delimiter);
84 p = DelimChar;
85 if (a == NULL)
86 continue;
87 a->q_next = al;
88 a->q_alias = ctladdr;
89
90 /* see if this should be marked as a primary address */
91 if (ctladdr == NULL ||
92 (firstone && *p == '\0' && bitset(QPRIMARY, ctladdr->q_flags)))
93 a->q_flags |= QPRIMARY;
94
95 /* put on send queue or suppress self-reference */
96 if (ctladdr != NULL && sameaddr(ctladdr, a))
97 selfref = TRUE;
98 else
99 al = a;
100 firstone = FALSE;
101 }
102
103 /* if this alias doesn't include itself, delete ctladdr */
104 if (!selfref && ctladdr != NULL)
105 ctladdr->q_flags |= QDONTSEND;
106
107 /* arrange to send to everyone on the local send list */
108 while (al != NULL)
109 {
110 register ADDRESS *a = al;
111 extern ADDRESS *recipient();
112
113 al = a->q_next;
114 a = recipient(a, sendq);
115
116 /* arrange to inherit full name */
117 if (a->q_fullname == NULL && ctladdr != NULL)
118 a->q_fullname = ctladdr->q_fullname;
119 }
120
121 CurEnv->e_to = NULL;
122 }
123 �/*
124 ** RECIPIENT -- Designate a message recipient
125 **
126 ** Saves the named person for future mailing.
127 **
128 ** Parameters:
129 ** a -- the (preparsed) address header for the recipient.
130 ** sendq -- a pointer to the head of a queue to put the
131 ** recipient in. Duplicate supression is done
132 ** in this queue.
133 **
134 ** Returns:
135 ** The actual address in the queue. This will be "a" if
136 ** the address is not a duplicate, else the original address.
137 **
138 ** Side Effects:
139 ** none.
140 */
141
142 ADDRESS *
143 recipient(a, sendq)
144 register ADDRESS *a;
145 register ADDRESS **sendq;
146 {
147 register ADDRESS *q;
148 ADDRESS **pq;
149 register struct mailer *m;
150 register char *p;
151 bool quoted = FALSE; /* set if the addr has a quote bit */
152 char buf[MAXNAME]; /* unquoted image of the user name */
153 extern ADDRESS *getctladdr();
154 extern bool safefile();
155
156 CurEnv->e_to = a->q_paddr;
157 m = a->q_mailer;
158 errno = 0;
159 # ifdef DEBUG
160 if (tTd(26, 1))
161 {
162 printf("\nrecipient: ");
163 printaddr(a, FALSE);
164 }
165 # endif DEBUG
166
167 /* break aliasing loops */
168 if (AliasLevel > MAXRCRSN)
169 {
170 usrerr("aliasing/forwarding loop broken");
171 return (a);
172 }
173
174 /*
175 ** Finish setting up address structure.
176 */
177
178 /* set the queue timeout */
179 a->q_timeout = TimeOut;
180
181 /* map user & host to lower case if requested on non-aliases */
182 if (a->q_alias == NULL)
183 loweraddr(a);
184
185 /* get unquoted user for file, program or user.name check */
186 (void) strcpy(buf, a->q_user);
187 for (p = buf; *p != '\0' && !quoted; p++)
188 {
189 if (!isascii(*p) && (*p & 0377) != (SpaceSub & 0377))
190 quoted = TRUE;
191 }
192 stripquotes(buf, TRUE);
193
194 /* do sickly crude mapping for program mailing, etc. */
195 if (m == LocalMailer && buf[0] == '|')
196 {
197 a->q_mailer = m = ProgMailer;
198 a->q_user++;
199 if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
200 {
201 a->q_flags |= QDONTSEND|QBADADDR;
202 usrerr("Cannot mail directly to programs");
203 }
204 }
205
206 /*
207 ** Look up this person in the recipient list.
208 ** If they are there already, return, otherwise continue.
209 ** If the list is empty, just add it. Notice the cute
210 ** hack to make from addresses suppress things correctly:
211 ** the QDONTSEND bit will be set in the send list.
212 ** [Please note: the emphasis is on "hack."]
213 */
214
215 for (pq = sendq; (q = *pq) != NULL; pq = &q->q_next)
216 {
217 if (!ForceMail && sameaddr(q, a))
218 {
219 # ifdef DEBUG
220 if (tTd(26, 1))
221 {
222 printf("%s in sendq: ", a->q_paddr);
223 printaddr(q, FALSE);
224 }
225 # endif DEBUG
226 if (!bitset(QDONTSEND, a->q_flags))
227 message(Arpa_Info, "duplicate suppressed");
228 if (!bitset(QPRIMARY, q->q_flags))
229 q->q_flags |= a->q_flags;
230 return (q);
231 }
232 }
233
234 /* add address on list */
235 *pq = a;
236 a->q_next = NULL;
237 CurEnv->e_nrcpts++;
238
239 /*
240 ** Alias the name and handle :include: specs.
241 */
242
243 if (m == LocalMailer && !bitset(QDONTSEND, a->q_flags))
244 {
245 if (strncmp(a->q_user, ":include:", 9) == 0)
246 {
247 a->q_flags |= QDONTSEND;
248 if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
249 {
250 a->q_flags |= QBADADDR;
251 usrerr("Cannot mail directly to :include:s");
252 }
253 else
254 {
255 message(Arpa_Info, "including file %s", &a->q_user[9]);
256 include(&a->q_user[9], " sending", a, sendq);
257 }
258 }
259 else
260 alias(a, sendq);
261 }
262
263 /*
264 ** If the user is local and still being sent, verify that
265 ** the address is good. If it is, try to forward.
266 ** If the address is already good, we have a forwarding
267 ** loop. This can be broken by just sending directly to
268 ** the user (which is probably correct anyway).
269 */
270
271 if (!bitset(QDONTSEND, a->q_flags) && m == LocalMailer)
272 {
273 struct stat stb;
274 extern bool writable();
275
276 /* see if this is to a file */
277 if (buf[0] == '/')
278 {
279 p = rindex(buf, '/');
280 /* check if writable or creatable */
281 if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
282 {
283 a->q_flags |= QDONTSEND|QBADADDR;
284 usrerr("Cannot mail directly to files");
285 }
286 else if ((stat(buf, &stb) >= 0) ? (!writable(&stb)) :
287 (*p = '\0', !safefile(buf, getruid(), S_IWRITE|S_IEXEC)))
288 {
289 a->q_flags |= QBADADDR;
290 giveresponse(EX_CANTCREAT, m, CurEnv);
291 }
292 }
293 else
294 {
295 register struct passwd *pw;
296 extern struct passwd *finduser();
297
298 /* warning -- finduser may trash buf */
299 pw = finduser(buf);
300 if (pw == NULL)
301 {
302 a->q_flags |= QBADADDR;
303 giveresponse(EX_NOUSER, m, CurEnv);
304 }
305 else
306 {
307 char nbuf[MAXNAME];
308
309 if (strcmp(a->q_user, pw->pw_name) != 0)
310 {
311 a->q_user = newstr(pw->pw_name);
312 (void) strcpy(buf, pw->pw_name);
313 }
314 a->q_home = newstr(pw->pw_dir);
315 a->q_uid = pw->pw_uid;
316 a->q_gid = pw->pw_gid;
317 a->q_flags |= QGOODUID;
318 buildfname(pw->pw_gecos, pw->pw_name, nbuf);
319 if (nbuf[0] != '\0')
320 a->q_fullname = newstr(nbuf);
321 if (!quoted)
322 forward(a, sendq);
323 }
324 }
325 }
326 return (a);
327 }
328 �/*
329 ** FINDUSER -- find the password entry for a user.
330 **
331 ** This looks a lot like getpwnam, except that it may want to
332 ** do some fancier pattern matching in /etc/passwd.
333 **
334 ** This routine contains most of the time of many sendmail runs.
335 ** It deserves to be optimized.
336 **
337 ** Parameters:
338 ** name -- the name to match against.
339 **
340 ** Returns:
341 ** A pointer to a pw struct.
342 ** NULL if name is unknown or ambiguous.
343 **
344 ** Side Effects:
345 ** may modify name.
346 */
347
348 struct passwd *
349 finduser(name)
350 char *name;
351 {
352 register struct passwd *pw;
353 register char *p;
354 extern struct passwd *getpwent();
355 extern struct passwd *getpwnam();
356
357 /* map upper => lower case */
358 for (p = name; *p != '\0'; p++)
359 {
360 if (isascii(*p) && isupper(*p))
361 *p = tolower(*p);
362 }
363
364 /* look up this login name using fast path */
365 if ((pw = getpwnam(name)) != NULL)
366 return (pw);
367
368 /* search for a matching full name instead */
369 for (p = name; *p != '\0'; p++)
370 {
371 if (*p == (SpaceSub & 0177) || *p == '_')
372 *p = ' ';
373 }
374 (void) setpwent();
375 while ((pw = getpwent()) != NULL)
376 {
377 char buf[MAXNAME];
378 extern bool sameword();
379
380 buildfname(pw->pw_gecos, pw->pw_name, buf);
381 if (index(buf, ' ') != NULL && sameword(buf, name))
382 {
383 message(Arpa_Info, "sending to login name %s", pw->pw_name);
384 return (pw);
385 }
386 }
387 return (NULL);
388 }
389 �/*
390 ** WRITABLE -- predicate returning if the file is writable.
391 **
392 ** This routine must duplicate the algorithm in sys/fio.c.
393 ** Unfortunately, we cannot use the access call since we
394 ** won't necessarily be the real uid when we try to
395 ** actually open the file.
396 **
397 ** Notice that ANY file with ANY execute bit is automatically
398 ** not writable. This is also enforced by mailfile.
399 **
400 ** Parameters:
401 ** s -- pointer to a stat struct for the file.
402 **
403 ** Returns:
404 ** TRUE -- if we will be able to write this file.
405 ** FALSE -- if we cannot write this file.
406 **
407 ** Side Effects:
408 ** none.
409 */
410
411 bool
412 writable(s)
413 register struct stat *s;
414 {
415 int euid, egid;
416 int bits;
417
418 if (bitset(0111, s->st_mode))
419 return (FALSE);
420 euid = getruid();
421 egid = getrgid();
422 if (geteuid() == 0)
423 {
424 if (bitset(S_ISUID, s->st_mode))
425 euid = s->st_uid;
426 if (bitset(S_ISGID, s->st_mode))
427 egid = s->st_gid;
428 }
429
430 if (euid == 0)
431 return (TRUE);
432 bits = S_IWRITE;
433 if (euid != s->st_uid)
434 {
435 bits >>= 3;
436 if (egid != s->st_gid)
437 bits >>= 3;
438 }
439 return ((s->st_mode & bits) != 0);
440 }
441 �/*
442 ** INCLUDE -- handle :include: specification.
443 **
444 ** Parameters:
445 ** fname -- filename to include.
446 ** msg -- message to print in verbose mode.
447 ** ctladdr -- address template to use to fill in these
448 ** addresses -- effective user/group id are
449 ** the important things.
450 ** sendq -- a pointer to the head of the send queue
451 ** to put these addresses in.
452 **
453 ** Returns:
454 ** none.
455 **
456 ** Side Effects:
457 ** reads the :include: file and sends to everyone
458 ** listed in that file.
459 */
460
461 include(fname, msg, ctladdr, sendq)
462 char *fname;
463 char *msg;
464 ADDRESS *ctladdr;
465 ADDRESS **sendq;
466 {
467 char buf[MAXLINE];
468 register FILE *fp;
469 char *oldto = CurEnv->e_to;
470 char *oldfilename = FileName;
471 int oldlinenumber = LineNumber;
472
473 fp = fopen(fname, "r");
474 if (fp == NULL)
475 {
476 usrerr("Cannot open %s", fname);
477 return;
478 }
479 if (getctladdr(ctladdr) == NULL)
480 {
481 struct stat st;
482
483 if (fstat(fileno(fp), &st) < 0)
484 syserr("Cannot fstat %s!", fname);
485 ctladdr->q_uid = st.st_uid;
486 ctladdr->q_gid = st.st_gid;
487 ctladdr->q_flags |= QGOODUID;
488 }
489
490 /* read the file -- each line is a comma-separated list. */
491 FileName = fname;
492 LineNumber = 0;
493 while (fgets(buf, sizeof buf, fp) != NULL)
494 {
495 register char *p = index(buf, '\n');
496
497 if (p != NULL)
498 *p = '\0';
499 if (buf[0] == '\0')
500 continue;
501 CurEnv->e_to = oldto;
502 message(Arpa_Info, "%s to %s", msg, buf);
503 AliasLevel++;
504 sendtolist(buf, ctladdr, sendq);
505 AliasLevel--;
506 }
507
508 (void) fclose(fp);
509 FileName = oldfilename;
510 LineNumber = oldlinenumber;
511 }
512 �/*
513 ** SENDTOARGV -- send to an argument vector.
514 **
515 ** Parameters:
516 ** argv -- argument vector to send to.
517 **
518 ** Returns:
519 ** none.
520 **
521 ** Side Effects:
522 ** puts all addresses on the argument vector onto the
523 ** send queue.
524 */
525
526 sendtoargv(argv)
527 register char **argv;
528 {
529 register char *p;
530 extern bool sameword();
531
532 while ((p = *argv++) != NULL)
533 {
534 if (argv[0] != NULL && argv[1] != NULL && sameword(argv[0], "at"))
535 {
536 char nbuf[MAXNAME];
537
538 if (strlen(p) + strlen(argv[1]) + 2 > sizeof nbuf)
539 usrerr("address overflow");
540 else
541 {
542 (void) strcpy(nbuf, p);
543 (void) strcat(nbuf, "@");
544 (void) strcat(nbuf, argv[1]);
545 p = newstr(nbuf);
546 argv += 2;
547 }
548 }
549 sendtolist(p, (ADDRESS *) NULL, &CurEnv->e_sendqueue);
550 }
551 }
552 �/*
553 ** GETCTLADDR -- get controlling address from an address header.
554 **
555 ** If none, get one corresponding to the effective userid.
556 **
557 ** Parameters:
558 ** a -- the address to find the controller of.
559 **
560 ** Returns:
561 ** the controlling address.
562 **
563 ** Side Effects:
564 ** none.
565 */
566
567 ADDRESS *
568 getctladdr(a)
569 register ADDRESS *a;
570 {
571 while (a != NULL && !bitset(QGOODUID, a->q_flags))
572 a = a->q_alias;
573 return (a);
574 }
575