1 /* 2 * Copyright (c) 1983 Eric P. Allman 3 * Copyright (c) 1988 Regents of the University of California. 4 * All rights reserved. 5 * 6 * %sccs.include.redist.c% 7 */ 8 9 #ifndef lint 10 static char sccsid[] = "@(#)deliver.c 6.79 (Berkeley) 05/27/93"; 11 #endif /* not lint */ 12 13 #include "sendmail.h" 14 #include <signal.h> 15 #include <netdb.h> 16 #include <errno.h> 17 #ifdef NAMED_BIND 18 #include <arpa/nameser.h> 19 #include <resolv.h> 20 #endif 21 22 /* 23 ** SENDALL -- actually send all the messages. 24 ** 25 ** Parameters: 26 ** e -- the envelope to send. 27 ** mode -- the delivery mode to use. If SM_DEFAULT, use 28 ** the current e->e_sendmode. 29 ** 30 ** Returns: 31 ** none. 32 ** 33 ** Side Effects: 34 ** Scans the send lists and sends everything it finds. 35 ** Delivers any appropriate error messages. 36 ** If we are running in a non-interactive mode, takes the 37 ** appropriate action. 38 */ 39 40 sendall(e, mode) 41 ENVELOPE *e; 42 char mode; 43 { 44 register ADDRESS *q; 45 char *owner; 46 int otherowners; 47 register ENVELOPE *ee; 48 ENVELOPE *splitenv = NULL; 49 bool announcequeueup; 50 51 /* determine actual delivery mode */ 52 if (mode == SM_DEFAULT) 53 { 54 mode = e->e_sendmode; 55 if (mode != SM_VERIFY && 56 shouldqueue(e->e_msgpriority, e->e_ctime)) 57 mode = SM_QUEUE; 58 announcequeueup = mode == SM_QUEUE; 59 } 60 else 61 announcequeueup = FALSE; 62 63 if (tTd(13, 1)) 64 { 65 printf("\nSENDALL: mode %c, e_from ", mode); 66 printaddr(&e->e_from, FALSE); 67 printf("sendqueue:\n"); 68 printaddr(e->e_sendqueue, TRUE); 69 } 70 71 /* 72 ** Do any preprocessing necessary for the mode we are running. 73 ** Check to make sure the hop count is reasonable. 74 ** Delete sends to the sender in mailing lists. 75 */ 76 77 CurEnv = e; 78 79 if (e->e_hopcount > MaxHopCount) 80 { 81 errno = 0; 82 syserr("554 too many hops %d (%d max): from %s, to %s", 83 e->e_hopcount, MaxHopCount, e->e_from.q_paddr, 84 e->e_sendqueue->q_paddr); 85 return; 86 } 87 88 /* 89 ** Do sender deletion. 90 ** 91 ** If the sender has the QQUEUEUP flag set, skip this. 92 ** This can happen if the name server is hosed when you 93 ** are trying to send mail. The result is that the sender 94 ** is instantiated in the queue as a recipient. 95 */ 96 97 if (!MeToo && !bitset(QQUEUEUP, e->e_from.q_flags)) 98 { 99 if (tTd(13, 5)) 100 { 101 printf("sendall: QDONTSEND "); 102 printaddr(&e->e_from, FALSE); 103 } 104 e->e_from.q_flags |= QDONTSEND; 105 (void) recipient(&e->e_from, &e->e_sendqueue, e); 106 } 107 108 /* 109 ** Handle alias owners. 110 ** 111 ** We scan up the q_alias chain looking for owners. 112 ** We discard owners that are the same as the return path. 113 */ 114 115 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 116 { 117 register struct address *a; 118 119 for (a = q; a != NULL && a->q_owner == NULL; a = a->q_alias) 120 continue; 121 if (a != NULL) 122 q->q_owner = a->q_owner; 123 124 if (q->q_owner != NULL && 125 !bitset(QDONTSEND, q->q_flags) && 126 strcmp(q->q_owner, e->e_from.q_paddr) == 0) 127 q->q_owner = NULL; 128 } 129 130 owner = ""; 131 otherowners = 1; 132 while (owner != NULL && otherowners > 0) 133 { 134 owner = NULL; 135 otherowners = 0; 136 137 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 138 { 139 if (bitset(QDONTSEND, q->q_flags)) 140 continue; 141 142 if (q->q_owner != NULL) 143 { 144 if (owner == NULL) 145 owner = q->q_owner; 146 else if (owner != q->q_owner) 147 { 148 if (strcmp(owner, q->q_owner) == 0) 149 { 150 /* make future comparisons cheap */ 151 q->q_owner = owner; 152 } 153 else 154 { 155 otherowners++; 156 } 157 owner = q->q_owner; 158 } 159 } 160 else 161 { 162 otherowners++; 163 } 164 } 165 166 if (owner != NULL && otherowners > 0) 167 { 168 extern HDR *copyheader(); 169 extern ADDRESS *copyqueue(); 170 171 /* 172 ** Split this envelope into two. 173 */ 174 175 ee = (ENVELOPE *) xalloc(sizeof(ENVELOPE)); 176 *ee = *e; 177 ee->e_id = NULL; 178 (void) queuename(ee, '\0'); 179 180 if (tTd(13, 1)) 181 printf("sendall: split %s into %s\n", 182 e->e_id, ee->e_id); 183 184 ee->e_header = copyheader(e->e_header); 185 ee->e_sendqueue = copyqueue(e->e_sendqueue); 186 ee->e_errorqueue = copyqueue(e->e_errorqueue); 187 ee->e_flags = e->e_flags & ~(EF_INQUEUE|EF_CLRQUEUE|EF_FATALERRS); 188 setsender(owner, ee, NULL, TRUE); 189 if (tTd(13, 5)) 190 { 191 printf("sendall(split): QDONTSEND "); 192 printaddr(&ee->e_from, FALSE); 193 } 194 ee->e_from.q_flags |= QDONTSEND; 195 ee->e_dfp = NULL; 196 ee->e_xfp = NULL; 197 ee->e_lockfp = NULL; 198 ee->e_df = NULL; 199 ee->e_errormode = EM_MAIL; 200 ee->e_sibling = splitenv; 201 splitenv = ee; 202 203 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 204 if (q->q_owner == owner) 205 q->q_flags |= QDONTSEND; 206 for (q = ee->e_sendqueue; q != NULL; q = q->q_next) 207 if (q->q_owner != owner) 208 q->q_flags |= QDONTSEND; 209 210 if (e->e_df != NULL && mode != SM_VERIFY) 211 { 212 ee->e_dfp = NULL; 213 ee->e_df = newstr(queuename(ee, 'd')); 214 if (link(e->e_df, ee->e_df) < 0) 215 { 216 syserr("sendall: link(%s, %s)", 217 e->e_df, ee->e_df); 218 } 219 } 220 221 if (mode != SM_VERIFY) 222 openxscript(ee); 223 #ifdef LOG 224 if (LogLevel > 4) 225 syslog(LOG_INFO, "%s: clone %s", 226 ee->e_id, e->e_id); 227 #endif 228 } 229 } 230 231 if (owner != NULL) 232 { 233 setsender(owner, e, NULL, TRUE); 234 if (tTd(13, 5)) 235 { 236 printf("sendall(owner): QDONTSEND "); 237 printaddr(&e->e_from, FALSE); 238 } 239 e->e_from.q_flags |= QDONTSEND; 240 e->e_errormode = EM_MAIL; 241 } 242 243 # ifdef QUEUE 244 if ((mode == SM_QUEUE || mode == SM_FORK || 245 (mode != SM_VERIFY && SuperSafe)) && 246 !bitset(EF_INQUEUE, e->e_flags)) 247 { 248 /* be sure everything is instantiated in the queue */ 249 queueup(e, TRUE, announcequeueup); 250 for (ee = splitenv; ee != NULL; ee = ee->e_sibling) 251 queueup(ee, TRUE, announcequeueup); 252 } 253 #endif /* QUEUE */ 254 255 if (splitenv != NULL) 256 { 257 if (tTd(13, 1)) 258 { 259 printf("\nsendall: Split queue; remaining queue:\n"); 260 printaddr(e->e_sendqueue, TRUE); 261 } 262 263 for (ee = splitenv; ee != NULL; ee = ee->e_sibling) 264 { 265 CurEnv = ee; 266 sendenvelope(ee, mode); 267 } 268 269 CurEnv = e; 270 } 271 sendenvelope(e, mode); 272 273 for (; splitenv != NULL; splitenv = splitenv->e_sibling) 274 dropenvelope(splitenv); 275 } 276 277 sendenvelope(e, mode) 278 register ENVELOPE *e; 279 char mode; 280 { 281 bool oldverbose; 282 int pid; 283 register ADDRESS *q; 284 #ifdef LOCKF 285 struct flock lfd; 286 #endif 287 288 oldverbose = Verbose; 289 switch (mode) 290 { 291 case SM_VERIFY: 292 Verbose = TRUE; 293 break; 294 295 case SM_QUEUE: 296 queueonly: 297 e->e_flags |= EF_INQUEUE|EF_KEEPQUEUE; 298 return; 299 300 case SM_FORK: 301 if (e->e_xfp != NULL) 302 (void) fflush(e->e_xfp); 303 304 # ifdef LOCKF 305 /* 306 ** Since lockf has the interesting semantic that the 307 ** lock is lost when we fork, we have to risk losing 308 ** the lock here by closing before the fork, and then 309 ** trying to get it back in the child. 310 */ 311 312 if (e->e_lockfp != NULL) 313 { 314 (void) xfclose(e->e_lockfp, "sendenvelope", "lockfp"); 315 e->e_lockfp = NULL; 316 } 317 # endif /* LOCKF */ 318 319 pid = fork(); 320 if (pid < 0) 321 { 322 goto queueonly; 323 } 324 else if (pid > 0) 325 { 326 /* be sure we leave the temp files to our child */ 327 e->e_id = e->e_df = NULL; 328 # ifndef LOCKF 329 if (e->e_lockfp != NULL) 330 { 331 (void) xfclose(e->e_lockfp, "sendenvelope", "lockfp"); 332 e->e_lockfp = NULL; 333 } 334 # endif 335 336 /* close any random open files in the envelope */ 337 if (e->e_dfp != NULL) 338 { 339 (void) xfclose(e->e_dfp, "sendenvelope", "dfp"); 340 e->e_dfp = NULL; 341 } 342 if (e->e_xfp != NULL) 343 { 344 (void) xfclose(e->e_xfp, "sendenvelope", "xfp"); 345 e->e_xfp = NULL; 346 } 347 return; 348 } 349 350 /* double fork to avoid zombies */ 351 if (fork() > 0) 352 exit(EX_OK); 353 354 /* be sure we are immune from the terminal */ 355 disconnect(FALSE, e); 356 357 # ifdef LOCKF 358 /* 359 ** Now try to get our lock back. 360 */ 361 362 lfd.l_type = F_WRLCK; 363 lfd.l_whence = lfd.l_start = lfd.l_len = 0; 364 e->e_lockfp = fopen(queuename(e, 'q'), "r+"); 365 if (e->e_lockfp == NULL || 366 fcntl(fileno(e->e_lockfp), F_SETLK, &lfd) < 0) 367 { 368 /* oops.... lost it */ 369 if (tTd(13, 1)) 370 printf("sendenvelope: %s lost lock: lockfp=%x, %s\n", 371 e->e_id, e->e_lockfp, errstring(errno)); 372 373 # ifdef LOG 374 if (LogLevel > 29) 375 syslog(LOG_NOTICE, "%s: lost lock: %m", 376 e->e_id); 377 # endif /* LOG */ 378 exit(EX_OK); 379 } 380 # endif /* LOCKF */ 381 382 /* 383 ** Close any cached connections. 384 ** 385 ** We don't send the QUIT protocol because the parent 386 ** still knows about the connection. 387 ** 388 ** This should only happen when delivering an error 389 ** message. 390 */ 391 392 mci_flush(FALSE, NULL); 393 394 break; 395 } 396 397 /* 398 ** Run through the list and send everything. 399 */ 400 401 e->e_nsent = 0; 402 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 403 { 404 if (mode == SM_VERIFY) 405 { 406 e->e_to = q->q_paddr; 407 if (!bitset(QDONTSEND|QBADADDR, q->q_flags)) 408 { 409 message("deliverable: mailer %s, host %s, user %s", 410 q->q_mailer->m_name, 411 q->q_host, 412 q->q_user); 413 } 414 } 415 else if (!bitset(QDONTSEND|QBADADDR, q->q_flags)) 416 { 417 # ifdef QUEUE 418 /* 419 ** Checkpoint the send list every few addresses 420 */ 421 422 if (e->e_nsent >= CheckpointInterval) 423 { 424 queueup(e, TRUE, FALSE); 425 e->e_nsent = 0; 426 } 427 # endif /* QUEUE */ 428 (void) deliver(e, q); 429 } 430 } 431 Verbose = oldverbose; 432 433 /* 434 ** Now run through and check for errors. 435 */ 436 437 if (mode == SM_VERIFY) 438 { 439 return; 440 } 441 442 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 443 { 444 if (tTd(13, 3)) 445 { 446 printf("Checking "); 447 printaddr(q, FALSE); 448 } 449 450 /* only send errors if the message failed */ 451 if (!bitset(QBADADDR, q->q_flags) || 452 bitset(QDONTSEND, q->q_flags)) 453 continue; 454 455 e->e_flags |= EF_FATALERRS; 456 457 if (q->q_owner == NULL && strcmp(e->e_from.q_paddr, "<>") != 0) 458 (void) sendtolist(e->e_from.q_paddr, NULL, 459 &e->e_errorqueue, e); 460 } 461 462 if (mode == SM_FORK) 463 finis(); 464 } 465 /* 466 ** DOFORK -- do a fork, retrying a couple of times on failure. 467 ** 468 ** This MUST be a macro, since after a vfork we are running 469 ** two processes on the same stack!!! 470 ** 471 ** Parameters: 472 ** none. 473 ** 474 ** Returns: 475 ** From a macro??? You've got to be kidding! 476 ** 477 ** Side Effects: 478 ** Modifies the ==> LOCAL <== variable 'pid', leaving: 479 ** pid of child in parent, zero in child. 480 ** -1 on unrecoverable error. 481 ** 482 ** Notes: 483 ** I'm awfully sorry this looks so awful. That's 484 ** vfork for you..... 485 */ 486 487 # define NFORKTRIES 5 488 489 # ifndef FORK 490 # define FORK fork 491 # endif 492 493 # define DOFORK(fORKfN) \ 494 {\ 495 register int i;\ 496 \ 497 for (i = NFORKTRIES; --i >= 0; )\ 498 {\ 499 pid = fORKfN();\ 500 if (pid >= 0)\ 501 break;\ 502 if (i > 0)\ 503 sleep((unsigned) NFORKTRIES - i);\ 504 }\ 505 } 506 /* 507 ** DOFORK -- simple fork interface to DOFORK. 508 ** 509 ** Parameters: 510 ** none. 511 ** 512 ** Returns: 513 ** pid of child in parent. 514 ** zero in child. 515 ** -1 on error. 516 ** 517 ** Side Effects: 518 ** returns twice, once in parent and once in child. 519 */ 520 521 dofork() 522 { 523 register int pid; 524 525 DOFORK(fork); 526 return (pid); 527 } 528 /* 529 ** DELIVER -- Deliver a message to a list of addresses. 530 ** 531 ** This routine delivers to everyone on the same host as the 532 ** user on the head of the list. It is clever about mailers 533 ** that don't handle multiple users. It is NOT guaranteed 534 ** that it will deliver to all these addresses however -- so 535 ** deliver should be called once for each address on the 536 ** list. 537 ** 538 ** Parameters: 539 ** e -- the envelope to deliver. 540 ** firstto -- head of the address list to deliver to. 541 ** 542 ** Returns: 543 ** zero -- successfully delivered. 544 ** else -- some failure, see ExitStat for more info. 545 ** 546 ** Side Effects: 547 ** The standard input is passed off to someone. 548 */ 549 550 deliver(e, firstto) 551 register ENVELOPE *e; 552 ADDRESS *firstto; 553 { 554 char *host; /* host being sent to */ 555 char *user; /* user being sent to */ 556 char **pvp; 557 register char **mvp; 558 register char *p; 559 register MAILER *m; /* mailer for this recipient */ 560 ADDRESS *ctladdr; 561 register MCI *mci; 562 register ADDRESS *to = firstto; 563 bool clever = FALSE; /* running user smtp to this mailer */ 564 ADDRESS *tochain = NULL; /* chain of users in this mailer call */ 565 int rcode; /* response code */ 566 char *firstsig; /* signature of firstto */ 567 int pid; 568 char *curhost; 569 int mpvect[2]; 570 int rpvect[2]; 571 char *pv[MAXPV+1]; 572 char tobuf[TOBUFSIZE]; /* text line of to people */ 573 char buf[MAXNAME]; 574 char rpathbuf[MAXNAME]; /* translated return path */ 575 extern int checkcompat(); 576 extern FILE *fdopen(); 577 578 errno = 0; 579 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags)) 580 return (0); 581 582 #ifdef NAMED_BIND 583 /* unless interactive, try twice, over a minute */ 584 if (OpMode == MD_DAEMON || OpMode == MD_SMTP) { 585 _res.retrans = 30; 586 _res.retry = 2; 587 } 588 #endif 589 590 m = to->q_mailer; 591 host = to->q_host; 592 CurEnv = e; /* just in case */ 593 e->e_statmsg = NULL; 594 595 if (tTd(10, 1)) 596 printf("\n--deliver, mailer=%d, host=`%s', first user=`%s'\n", 597 m->m_mno, host, to->q_user); 598 599 /* 600 ** If this mailer is expensive, and if we don't want to make 601 ** connections now, just mark these addresses and return. 602 ** This is useful if we want to batch connections to 603 ** reduce load. This will cause the messages to be 604 ** queued up, and a daemon will come along to send the 605 ** messages later. 606 ** This should be on a per-mailer basis. 607 */ 608 609 if (NoConnect && !bitset(EF_QUEUERUN, e->e_flags) && 610 bitnset(M_EXPENSIVE, m->m_flags) && !Verbose) 611 { 612 for (; to != NULL; to = to->q_next) 613 { 614 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags) || 615 to->q_mailer != m) 616 continue; 617 to->q_flags |= QQUEUEUP|QDONTSEND; 618 e->e_to = to->q_paddr; 619 message("queued"); 620 if (LogLevel > 8) 621 logdelivery(m, NULL, "queued", e); 622 } 623 e->e_to = NULL; 624 return (0); 625 } 626 627 /* 628 ** Do initial argv setup. 629 ** Insert the mailer name. Notice that $x expansion is 630 ** NOT done on the mailer name. Then, if the mailer has 631 ** a picky -f flag, we insert it as appropriate. This 632 ** code does not check for 'pv' overflow; this places a 633 ** manifest lower limit of 4 for MAXPV. 634 ** The from address rewrite is expected to make 635 ** the address relative to the other end. 636 */ 637 638 /* rewrite from address, using rewriting rules */ 639 rcode = EX_OK; 640 (void) strcpy(rpathbuf, remotename(e->e_from.q_paddr, m, 641 RF_SENDERADDR|RF_CANONICAL, 642 &rcode, e)); 643 define('g', rpathbuf, e); /* translated return path */ 644 define('h', host, e); /* to host */ 645 Errors = 0; 646 pvp = pv; 647 *pvp++ = m->m_argv[0]; 648 649 /* insert -f or -r flag as appropriate */ 650 if (FromFlag && (bitnset(M_FOPT, m->m_flags) || bitnset(M_ROPT, m->m_flags))) 651 { 652 if (bitnset(M_FOPT, m->m_flags)) 653 *pvp++ = "-f"; 654 else 655 *pvp++ = "-r"; 656 *pvp++ = newstr(rpathbuf); 657 } 658 659 /* 660 ** Append the other fixed parts of the argv. These run 661 ** up to the first entry containing "$u". There can only 662 ** be one of these, and there are only a few more slots 663 ** in the pv after it. 664 */ 665 666 for (mvp = m->m_argv; (p = *++mvp) != NULL; ) 667 { 668 /* can't use strchr here because of sign extension problems */ 669 while (*p != '\0') 670 { 671 if ((*p++ & 0377) == MACROEXPAND) 672 { 673 if (*p == 'u') 674 break; 675 } 676 } 677 678 if (*p != '\0') 679 break; 680 681 /* this entry is safe -- go ahead and process it */ 682 expand(*mvp, buf, &buf[sizeof buf - 1], e); 683 *pvp++ = newstr(buf); 684 if (pvp >= &pv[MAXPV - 3]) 685 { 686 syserr("554 Too many parameters to %s before $u", pv[0]); 687 return (-1); 688 } 689 } 690 691 /* 692 ** If we have no substitution for the user name in the argument 693 ** list, we know that we must supply the names otherwise -- and 694 ** SMTP is the answer!! 695 */ 696 697 if (*mvp == NULL) 698 { 699 /* running SMTP */ 700 # ifdef SMTP 701 clever = TRUE; 702 *pvp = NULL; 703 # else /* SMTP */ 704 /* oops! we don't implement SMTP */ 705 syserr("554 SMTP style mailer"); 706 return (EX_SOFTWARE); 707 # endif /* SMTP */ 708 } 709 710 /* 711 ** At this point *mvp points to the argument with $u. We 712 ** run through our address list and append all the addresses 713 ** we can. If we run out of space, do not fret! We can 714 ** always send another copy later. 715 */ 716 717 tobuf[0] = '\0'; 718 e->e_to = tobuf; 719 ctladdr = NULL; 720 firstsig = hostsignature(firstto->q_mailer, firstto->q_host, e); 721 for (; to != NULL; to = to->q_next) 722 { 723 /* avoid sending multiple recipients to dumb mailers */ 724 if (tobuf[0] != '\0' && !bitnset(M_MUSER, m->m_flags)) 725 break; 726 727 /* if already sent or not for this host, don't send */ 728 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags) || 729 to->q_mailer != firstto->q_mailer || 730 strcmp(hostsignature(to->q_mailer, to->q_host, e), firstsig) != 0) 731 continue; 732 733 /* avoid overflowing tobuf */ 734 if (sizeof tobuf < (strlen(to->q_paddr) + strlen(tobuf) + 2)) 735 break; 736 737 if (tTd(10, 1)) 738 { 739 printf("\nsend to "); 740 printaddr(to, FALSE); 741 } 742 743 /* compute effective uid/gid when sending */ 744 if (to->q_mailer == ProgMailer) 745 ctladdr = getctladdr(to); 746 747 user = to->q_user; 748 e->e_to = to->q_paddr; 749 if (tTd(10, 5)) 750 { 751 printf("deliver: QDONTSEND "); 752 printaddr(to, FALSE); 753 } 754 to->q_flags |= QDONTSEND; 755 756 /* 757 ** Check to see that these people are allowed to 758 ** talk to each other. 759 */ 760 761 if (m->m_maxsize != 0 && e->e_msgsize > m->m_maxsize) 762 { 763 NoReturn = TRUE; 764 usrerr("552 Message is too large; %ld bytes max", m->m_maxsize); 765 giveresponse(EX_UNAVAILABLE, m, NULL, e); 766 continue; 767 } 768 rcode = checkcompat(to, e); 769 if (rcode != EX_OK) 770 { 771 giveresponse(rcode, m, NULL, e); 772 continue; 773 } 774 775 /* 776 ** Strip quote bits from names if the mailer is dumb 777 ** about them. 778 */ 779 780 if (bitnset(M_STRIPQ, m->m_flags)) 781 { 782 stripquotes(user); 783 stripquotes(host); 784 } 785 786 /* hack attack -- delivermail compatibility */ 787 if (m == ProgMailer && *user == '|') 788 user++; 789 790 /* 791 ** If an error message has already been given, don't 792 ** bother to send to this address. 793 ** 794 ** >>>>>>>>>> This clause assumes that the local mailer 795 ** >> NOTE >> cannot do any further aliasing; that 796 ** >>>>>>>>>> function is subsumed by sendmail. 797 */ 798 799 if (bitset(QBADADDR|QQUEUEUP, to->q_flags)) 800 continue; 801 802 /* save statistics.... */ 803 markstats(e, to); 804 805 /* 806 ** See if this user name is "special". 807 ** If the user name has a slash in it, assume that this 808 ** is a file -- send it off without further ado. Note 809 ** that this type of addresses is not processed along 810 ** with the others, so we fudge on the To person. 811 */ 812 813 if (m == FileMailer) 814 { 815 rcode = mailfile(user, getctladdr(to), e); 816 giveresponse(rcode, m, NULL, e); 817 if (rcode == EX_OK) 818 to->q_flags |= QSENT; 819 continue; 820 } 821 822 /* 823 ** Address is verified -- add this user to mailer 824 ** argv, and add it to the print list of recipients. 825 */ 826 827 /* link together the chain of recipients */ 828 to->q_tchain = tochain; 829 tochain = to; 830 831 /* create list of users for error messages */ 832 (void) strcat(tobuf, ","); 833 (void) strcat(tobuf, to->q_paddr); 834 define('u', user, e); /* to user */ 835 define('z', to->q_home, e); /* user's home */ 836 837 /* 838 ** Expand out this user into argument list. 839 */ 840 841 if (!clever) 842 { 843 expand(*mvp, buf, &buf[sizeof buf - 1], e); 844 *pvp++ = newstr(buf); 845 if (pvp >= &pv[MAXPV - 2]) 846 { 847 /* allow some space for trailing parms */ 848 break; 849 } 850 } 851 } 852 853 /* see if any addresses still exist */ 854 if (tobuf[0] == '\0') 855 { 856 define('g', (char *) NULL, e); 857 return (0); 858 } 859 860 /* print out messages as full list */ 861 e->e_to = tobuf + 1; 862 863 /* 864 ** Fill out any parameters after the $u parameter. 865 */ 866 867 while (!clever && *++mvp != NULL) 868 { 869 expand(*mvp, buf, &buf[sizeof buf - 1], e); 870 *pvp++ = newstr(buf); 871 if (pvp >= &pv[MAXPV]) 872 syserr("554 deliver: pv overflow after $u for %s", pv[0]); 873 } 874 *pvp++ = NULL; 875 876 /* 877 ** Call the mailer. 878 ** The argument vector gets built, pipes 879 ** are created as necessary, and we fork & exec as 880 ** appropriate. 881 ** If we are running SMTP, we just need to clean up. 882 */ 883 884 if (ctladdr == NULL && m != ProgMailer) 885 ctladdr = &e->e_from; 886 #ifdef NAMED_BIND 887 if (ConfigLevel < 2) 888 _res.options &= ~(RES_DEFNAMES | RES_DNSRCH); /* XXX */ 889 #endif 890 891 if (tTd(11, 1)) 892 { 893 printf("openmailer:"); 894 printav(pv); 895 } 896 errno = 0; 897 898 CurHostName = m->m_mailer; 899 900 /* 901 ** Deal with the special case of mail handled through an IPC 902 ** connection. 903 ** In this case we don't actually fork. We must be 904 ** running SMTP for this to work. We will return a 905 ** zero pid to indicate that we are running IPC. 906 ** We also handle a debug version that just talks to stdin/out. 907 */ 908 909 curhost = NULL; 910 911 /* check for Local Person Communication -- not for mortals!!! */ 912 if (strcmp(m->m_mailer, "[LPC]") == 0) 913 { 914 mci = (MCI *) xalloc(sizeof *mci); 915 bzero((char *) mci, sizeof *mci); 916 mci->mci_in = stdin; 917 mci->mci_out = stdout; 918 mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN; 919 mci->mci_mailer = m; 920 } 921 else if (strcmp(m->m_mailer, "[IPC]") == 0 || 922 strcmp(m->m_mailer, "[TCP]") == 0) 923 { 924 #ifdef DAEMON 925 register int i; 926 register u_short port; 927 928 CurHostName = pv[1]; 929 curhost = hostsignature(m, pv[1], e); 930 931 if (curhost == NULL || curhost[0] == '\0') 932 { 933 syserr("null signature"); 934 rcode = EX_OSERR; 935 goto give_up; 936 } 937 938 if (!clever) 939 { 940 syserr("554 non-clever IPC"); 941 rcode = EX_OSERR; 942 goto give_up; 943 } 944 if (pv[2] != NULL) 945 port = atoi(pv[2]); 946 else 947 port = 0; 948 tryhost: 949 mci = NULL; 950 while (*curhost != '\0') 951 { 952 register char *p; 953 static char hostbuf[MAXNAME]; 954 955 mci = NULL; 956 957 /* pull the next host from the signature */ 958 p = strchr(curhost, ':'); 959 if (p == NULL) 960 p = &curhost[strlen(curhost)]; 961 strncpy(hostbuf, curhost, p - curhost); 962 hostbuf[p - curhost] = '\0'; 963 if (*p != '\0') 964 p++; 965 curhost = p; 966 967 /* see if we already know that this host is fried */ 968 CurHostName = hostbuf; 969 mci = mci_get(hostbuf, m); 970 if (mci->mci_state != MCIS_CLOSED) 971 { 972 if (tTd(11, 1)) 973 { 974 printf("openmailer: "); 975 mci_dump(mci); 976 } 977 CurHostName = mci->mci_host; 978 break; 979 } 980 mci->mci_mailer = m; 981 if (mci->mci_exitstat != EX_OK) 982 continue; 983 984 /* try the connection */ 985 setproctitle("%s %s: %s", e->e_id, hostbuf, "user open"); 986 message("Connecting to %s (%s)...", 987 hostbuf, m->m_name); 988 i = makeconnection(hostbuf, port, mci, 989 bitnset(M_SECURE_PORT, m->m_flags)); 990 mci->mci_exitstat = i; 991 mci->mci_errno = errno; 992 if (i == EX_OK) 993 { 994 mci->mci_state = MCIS_OPENING; 995 mci_cache(mci); 996 break; 997 } 998 else if (tTd(11, 1)) 999 printf("openmailer: makeconnection => stat=%d, errno=%d\n", 1000 i, errno); 1001 1002 1003 /* enter status of this host */ 1004 setstat(i); 1005 } 1006 mci->mci_pid = 0; 1007 #else /* no DAEMON */ 1008 syserr("554 openmailer: no IPC"); 1009 if (tTd(11, 1)) 1010 printf("openmailer: NULL\n"); 1011 return NULL; 1012 #endif /* DAEMON */ 1013 } 1014 else 1015 { 1016 int i; 1017 struct stat stbuf; 1018 1019 /* make absolutely certain 0, 1, and 2 are in use */ 1020 for (i = 0; i < 3; i++) 1021 { 1022 if (fstat(i, &stbuf) < 0) 1023 { 1024 /* oops.... */ 1025 int fd; 1026 1027 syserr("%s... openmailer(%s): fd %d not open", 1028 e->e_to, m->m_name, i); 1029 fd = open("/dev/null", O_RDONLY, 0666); 1030 if (fd != i) 1031 { 1032 (void) dup2(fd, i); 1033 (void) close(fd); 1034 } 1035 } 1036 } 1037 1038 /* create a pipe to shove the mail through */ 1039 if (pipe(mpvect) < 0) 1040 { 1041 syserr("%s... openmailer(%s): pipe (to mailer)", 1042 e->e_to, m->m_name); 1043 if (tTd(11, 1)) 1044 printf("openmailer: NULL\n"); 1045 rcode = EX_OSERR; 1046 goto give_up; 1047 } 1048 1049 /* if this mailer speaks smtp, create a return pipe */ 1050 if (clever && pipe(rpvect) < 0) 1051 { 1052 syserr("%s... openmailer(%s): pipe (from mailer)", 1053 e->e_to, m->m_name); 1054 (void) close(mpvect[0]); 1055 (void) close(mpvect[1]); 1056 if (tTd(11, 1)) 1057 printf("openmailer: NULL\n"); 1058 rcode = EX_OSERR; 1059 goto give_up; 1060 } 1061 1062 /* 1063 ** Actually fork the mailer process. 1064 ** DOFORK is clever about retrying. 1065 ** 1066 ** Dispose of SIGCHLD signal catchers that may be laying 1067 ** around so that endmail will get it. 1068 */ 1069 1070 if (e->e_xfp != NULL) 1071 (void) fflush(e->e_xfp); /* for debugging */ 1072 (void) fflush(stdout); 1073 # ifdef SIGCHLD 1074 (void) signal(SIGCHLD, SIG_DFL); 1075 # endif /* SIGCHLD */ 1076 DOFORK(FORK); 1077 /* pid is set by DOFORK */ 1078 if (pid < 0) 1079 { 1080 /* failure */ 1081 syserr("%s... openmailer(%s): cannot fork", 1082 e->e_to, m->m_name); 1083 (void) close(mpvect[0]); 1084 (void) close(mpvect[1]); 1085 if (clever) 1086 { 1087 (void) close(rpvect[0]); 1088 (void) close(rpvect[1]); 1089 } 1090 if (tTd(11, 1)) 1091 printf("openmailer: NULL\n"); 1092 rcode = EX_OSERR; 1093 goto give_up; 1094 } 1095 else if (pid == 0) 1096 { 1097 int i; 1098 int saveerrno; 1099 char **ep; 1100 char *env[MAXUSERENVIRON]; 1101 extern char **environ; 1102 extern int DtableSize; 1103 1104 /* child -- set up input & exec mailer */ 1105 /* make diagnostic output be standard output */ 1106 (void) signal(SIGINT, SIG_IGN); 1107 (void) signal(SIGHUP, SIG_IGN); 1108 (void) signal(SIGTERM, SIG_DFL); 1109 1110 /* close any other cached connections */ 1111 mci_flush(FALSE, mci); 1112 1113 /* move into some "safe" directory */ 1114 if (m->m_execdir != NULL) 1115 { 1116 char *p, *q; 1117 char buf[MAXLINE]; 1118 1119 for (p = m->m_execdir; p != NULL; p = q) 1120 { 1121 q = strchr(p, ':'); 1122 if (q != NULL) 1123 *q = '\0'; 1124 expand(p, buf, &buf[sizeof buf] - 1, e); 1125 if (q != NULL) 1126 *q++ = ':'; 1127 if (tTd(11, 20)) 1128 printf("openmailer: trydir %s\n", 1129 buf); 1130 if (buf[0] != '\0' && chdir(buf) >= 0) 1131 break; 1132 } 1133 } 1134 1135 /* arrange to filter std & diag output of command */ 1136 if (clever) 1137 { 1138 (void) close(rpvect[0]); 1139 if (dup2(rpvect[1], STDOUT_FILENO) < 0) 1140 { 1141 syserr("%s... openmailer(%s): cannot dup pipe %d for stdout", 1142 e->e_to, m->m_name, rpvect[1]); 1143 _exit(EX_OSERR); 1144 } 1145 (void) close(rpvect[1]); 1146 } 1147 else if (OpMode == MD_SMTP || HoldErrs) 1148 { 1149 /* put mailer output in transcript */ 1150 if (dup2(fileno(e->e_xfp), STDOUT_FILENO) < 0) 1151 { 1152 syserr("%s... openmailer(%s): cannot dup xscript %d for stdout", 1153 e->e_to, m->m_name, 1154 fileno(e->e_xfp)); 1155 _exit(EX_OSERR); 1156 } 1157 } 1158 if (dup2(STDOUT_FILENO, STDERR_FILENO) < 0) 1159 { 1160 syserr("%s... openmailer(%s): cannot dup stdout for stderr", 1161 e->e_to, m->m_name); 1162 _exit(EX_OSERR); 1163 } 1164 1165 /* arrange to get standard input */ 1166 (void) close(mpvect[1]); 1167 if (dup2(mpvect[0], STDIN_FILENO) < 0) 1168 { 1169 syserr("%s... openmailer(%s): cannot dup pipe %d for stdin", 1170 e->e_to, m->m_name, mpvect[0]); 1171 _exit(EX_OSERR); 1172 } 1173 (void) close(mpvect[0]); 1174 if (!bitnset(M_RESTR, m->m_flags)) 1175 { 1176 if (ctladdr == NULL || ctladdr->q_uid == 0) 1177 { 1178 (void) setgid(DefGid); 1179 (void) initgroups(DefUser, DefGid); 1180 (void) setuid(DefUid); 1181 } 1182 else 1183 { 1184 (void) setgid(ctladdr->q_gid); 1185 (void) initgroups(ctladdr->q_ruser? 1186 ctladdr->q_ruser: ctladdr->q_user, 1187 ctladdr->q_gid); 1188 (void) setuid(ctladdr->q_uid); 1189 } 1190 } 1191 1192 /* arrange for all the files to be closed */ 1193 for (i = 3; i < DtableSize; i++) 1194 { 1195 register int j; 1196 if ((j = fcntl(i, F_GETFD, 0)) != -1) 1197 (void)fcntl(i, F_SETFD, j|1); 1198 } 1199 1200 /* set up the mailer environment */ 1201 i = 0; 1202 env[i++] = "AGENT=sendmail"; 1203 for (ep = environ; *ep != NULL; ep++) 1204 { 1205 if (strncmp(*ep, "TZ=", 3) == 0) 1206 env[i++] = *ep; 1207 } 1208 env[i++] = NULL; 1209 1210 /* try to execute the mailer */ 1211 execve(m->m_mailer, pv, env); 1212 saveerrno = errno; 1213 syserr("Cannot exec %s", m->m_mailer); 1214 if (m == LocalMailer || transienterror(saveerrno)) 1215 _exit(EX_OSERR); 1216 _exit(EX_UNAVAILABLE); 1217 } 1218 1219 /* 1220 ** Set up return value. 1221 */ 1222 1223 mci = (MCI *) xalloc(sizeof *mci); 1224 bzero((char *) mci, sizeof *mci); 1225 mci->mci_mailer = m; 1226 mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN; 1227 mci->mci_pid = pid; 1228 (void) close(mpvect[0]); 1229 mci->mci_out = fdopen(mpvect[1], "w"); 1230 if (clever) 1231 { 1232 (void) close(rpvect[1]); 1233 mci->mci_in = fdopen(rpvect[0], "r"); 1234 } 1235 else 1236 { 1237 mci->mci_flags |= MCIF_TEMP; 1238 mci->mci_in = NULL; 1239 } 1240 } 1241 1242 /* 1243 ** If we are in SMTP opening state, send initial protocol. 1244 */ 1245 1246 if (clever && mci->mci_state != MCIS_CLOSED) 1247 { 1248 smtpinit(m, mci, e); 1249 } 1250 if (tTd(11, 1)) 1251 { 1252 printf("openmailer: "); 1253 mci_dump(mci); 1254 } 1255 1256 if (mci->mci_state != MCIS_OPEN) 1257 { 1258 /* couldn't open the mailer */ 1259 rcode = mci->mci_exitstat; 1260 errno = mci->mci_errno; 1261 if (rcode == EX_OK) 1262 { 1263 /* shouldn't happen */ 1264 syserr("554 deliver: rcode=%d, mci_state=%d, sig=%s", 1265 rcode, mci->mci_state, firstsig); 1266 rcode = EX_SOFTWARE; 1267 } 1268 else if (rcode == EX_TEMPFAIL && *curhost != '\0') 1269 { 1270 /* try next MX site */ 1271 goto tryhost; 1272 } 1273 } 1274 else if (!clever) 1275 { 1276 /* 1277 ** Format and send message. 1278 */ 1279 1280 putfromline(mci->mci_out, m, e); 1281 (*e->e_puthdr)(mci->mci_out, m, e); 1282 putline("\n", mci->mci_out, m); 1283 (*e->e_putbody)(mci->mci_out, m, e, NULL); 1284 1285 /* get the exit status */ 1286 rcode = endmailer(mci, e, pv); 1287 } 1288 else 1289 #ifdef SMTP 1290 { 1291 /* 1292 ** Send the MAIL FROM: protocol 1293 */ 1294 1295 rcode = smtpmailfrom(m, mci, e); 1296 if (rcode == EX_OK) 1297 { 1298 register char *t = tobuf; 1299 register int i; 1300 1301 /* send the recipient list */ 1302 tobuf[0] = '\0'; 1303 for (to = tochain; to != NULL; to = to->q_tchain) 1304 { 1305 e->e_to = to->q_paddr; 1306 if ((i = smtprcpt(to, m, mci, e)) != EX_OK) 1307 { 1308 markfailure(e, to, i); 1309 giveresponse(i, m, mci, e); 1310 } 1311 else 1312 { 1313 *t++ = ','; 1314 for (p = to->q_paddr; *p; *t++ = *p++) 1315 continue; 1316 } 1317 } 1318 1319 /* now send the data */ 1320 if (tobuf[0] == '\0') 1321 { 1322 rcode = EX_OK; 1323 e->e_to = NULL; 1324 if (bitset(MCIF_CACHED, mci->mci_flags)) 1325 smtprset(m, mci, e); 1326 } 1327 else 1328 { 1329 e->e_to = tobuf + 1; 1330 rcode = smtpdata(m, mci, e); 1331 } 1332 1333 /* now close the connection */ 1334 if (!bitset(MCIF_CACHED, mci->mci_flags)) 1335 smtpquit(m, mci, e); 1336 } 1337 if (rcode != EX_OK && *curhost != '\0') 1338 { 1339 /* try next MX site */ 1340 goto tryhost; 1341 } 1342 } 1343 #else /* not SMTP */ 1344 { 1345 syserr("554 deliver: need SMTP compiled to use clever mailer"); 1346 rcode = EX_CONFIG; 1347 goto give_up; 1348 } 1349 #endif /* SMTP */ 1350 #ifdef NAMED_BIND 1351 if (ConfigLevel < 2) 1352 _res.options |= RES_DEFNAMES | RES_DNSRCH; /* XXX */ 1353 #endif 1354 1355 /* arrange a return receipt if requested */ 1356 if (e->e_receiptto != NULL && bitnset(M_LOCALMAILER, m->m_flags)) 1357 { 1358 e->e_flags |= EF_SENDRECEIPT; 1359 /* do we want to send back more info? */ 1360 } 1361 1362 /* 1363 ** Do final status disposal. 1364 ** We check for something in tobuf for the SMTP case. 1365 ** If we got a temporary failure, arrange to queue the 1366 ** addressees. 1367 */ 1368 1369 give_up: 1370 if (tobuf[0] != '\0') 1371 giveresponse(rcode, m, mci, e); 1372 for (to = tochain; to != NULL; to = to->q_tchain) 1373 { 1374 if (rcode != EX_OK) 1375 markfailure(e, to, rcode); 1376 else 1377 { 1378 to->q_flags |= QSENT; 1379 e->e_nsent++; 1380 } 1381 } 1382 1383 /* 1384 ** Restore state and return. 1385 */ 1386 1387 errno = 0; 1388 define('g', (char *) NULL, e); 1389 return (rcode); 1390 } 1391 /* 1392 ** MARKFAILURE -- mark a failure on a specific address. 1393 ** 1394 ** Parameters: 1395 ** e -- the envelope we are sending. 1396 ** q -- the address to mark. 1397 ** rcode -- the code signifying the particular failure. 1398 ** 1399 ** Returns: 1400 ** none. 1401 ** 1402 ** Side Effects: 1403 ** marks the address (and possibly the envelope) with the 1404 ** failure so that an error will be returned or 1405 ** the message will be queued, as appropriate. 1406 */ 1407 1408 markfailure(e, q, rcode) 1409 register ENVELOPE *e; 1410 register ADDRESS *q; 1411 int rcode; 1412 { 1413 char buf[MAXLINE]; 1414 1415 if (rcode == EX_OK) 1416 return; 1417 else if (rcode != EX_TEMPFAIL && rcode != EX_IOERR && rcode != EX_OSERR) 1418 q->q_flags |= QBADADDR; 1419 else if (curtime() > e->e_ctime + TimeOuts.to_q_return) 1420 { 1421 if (!bitset(EF_TIMEOUT, e->e_flags)) 1422 { 1423 (void) sprintf(buf, "Cannot send message for %s", 1424 pintvl(TimeOuts.to_q_return, FALSE)); 1425 if (e->e_message != NULL) 1426 free(e->e_message); 1427 e->e_message = newstr(buf); 1428 message(buf); 1429 } 1430 q->q_flags |= QBADADDR; 1431 e->e_flags |= EF_TIMEOUT; 1432 fprintf(e->e_xfp, "421 %s... Message timed out\n", q->q_paddr); 1433 } 1434 else 1435 { 1436 q->q_flags |= QQUEUEUP; 1437 if (TimeOuts.to_q_warning > 0 && 1438 curtime() > e->e_ctime + TimeOuts.to_q_warning) 1439 { 1440 if (!bitset(EF_WARNING, e->e_flags) && 1441 e->e_class >= 0) 1442 { 1443 (void) sprintf(buf, 1444 "warning: cannot send message for %s", 1445 pintvl(TimeOuts.to_q_warning, FALSE)); 1446 if (e->e_message != NULL) 1447 free(e->e_message); 1448 e->e_message = newstr(buf); 1449 message(buf); 1450 e->e_flags |= EF_WARNING|EF_TIMEOUT; 1451 } 1452 fprintf(e->e_xfp, 1453 "%s... Warning: message still undelivered after %s\n", 1454 q->q_paddr, pintvl(TimeOuts.to_q_warning, FALSE)); 1455 fprintf(e->e_xfp, "Will keep trying until message is %s old\n", 1456 pintvl(TimeOuts.to_q_return, FALSE)); 1457 } 1458 } 1459 } 1460 /* 1461 ** ENDMAILER -- Wait for mailer to terminate. 1462 ** 1463 ** We should never get fatal errors (e.g., segmentation 1464 ** violation), so we report those specially. For other 1465 ** errors, we choose a status message (into statmsg), 1466 ** and if it represents an error, we print it. 1467 ** 1468 ** Parameters: 1469 ** pid -- pid of mailer. 1470 ** e -- the current envelope. 1471 ** pv -- the parameter vector that invoked the mailer 1472 ** (for error messages). 1473 ** 1474 ** Returns: 1475 ** exit code of mailer. 1476 ** 1477 ** Side Effects: 1478 ** none. 1479 */ 1480 1481 endmailer(mci, e, pv) 1482 register MCI *mci; 1483 register ENVELOPE *e; 1484 char **pv; 1485 { 1486 int st; 1487 1488 /* close any connections */ 1489 if (mci->mci_in != NULL) 1490 (void) xfclose(mci->mci_in, pv[0], "mci_in"); 1491 if (mci->mci_out != NULL) 1492 (void) xfclose(mci->mci_out, pv[0], "mci_out"); 1493 mci->mci_in = mci->mci_out = NULL; 1494 mci->mci_state = MCIS_CLOSED; 1495 1496 /* in the IPC case there is nothing to wait for */ 1497 if (mci->mci_pid == 0) 1498 return (EX_OK); 1499 1500 /* wait for the mailer process to die and collect status */ 1501 st = waitfor(mci->mci_pid); 1502 if (st == -1) 1503 { 1504 syserr("endmailer %s: wait", pv[0]); 1505 return (EX_SOFTWARE); 1506 } 1507 1508 /* see if it died a horrid death */ 1509 if ((st & 0377) != 0) 1510 { 1511 syserr("mailer %s died with signal %o", pv[0], st); 1512 1513 /* log the arguments */ 1514 if (e->e_xfp != NULL) 1515 { 1516 register char **av; 1517 1518 fprintf(e->e_xfp, "Arguments:"); 1519 for (av = pv; *av != NULL; av++) 1520 fprintf(e->e_xfp, " %s", *av); 1521 fprintf(e->e_xfp, "\n"); 1522 } 1523 1524 ExitStat = EX_TEMPFAIL; 1525 return (EX_TEMPFAIL); 1526 } 1527 1528 /* normal death -- return status */ 1529 st = (st >> 8) & 0377; 1530 return (st); 1531 } 1532 /* 1533 ** GIVERESPONSE -- Interpret an error response from a mailer 1534 ** 1535 ** Parameters: 1536 ** stat -- the status code from the mailer (high byte 1537 ** only; core dumps must have been taken care of 1538 ** already). 1539 ** m -- the mailer info for this mailer. 1540 ** mci -- the mailer connection info -- can be NULL if the 1541 ** response is given before the connection is made. 1542 ** e -- the current envelope. 1543 ** 1544 ** Returns: 1545 ** none. 1546 ** 1547 ** Side Effects: 1548 ** Errors may be incremented. 1549 ** ExitStat may be set. 1550 */ 1551 1552 giveresponse(stat, m, mci, e) 1553 int stat; 1554 register MAILER *m; 1555 register MCI *mci; 1556 ENVELOPE *e; 1557 { 1558 register const char *statmsg; 1559 extern char *SysExMsg[]; 1560 register int i; 1561 extern int N_SysEx; 1562 #ifdef NAMED_BIND 1563 extern int h_errno; 1564 #endif 1565 char buf[MAXLINE]; 1566 1567 /* 1568 ** Compute status message from code. 1569 */ 1570 1571 i = stat - EX__BASE; 1572 if (stat == 0) 1573 { 1574 statmsg = "250 Sent"; 1575 if (e->e_statmsg != NULL) 1576 { 1577 (void) sprintf(buf, "%s (%s)", statmsg, e->e_statmsg); 1578 statmsg = buf; 1579 } 1580 } 1581 else if (i < 0 || i > N_SysEx) 1582 { 1583 (void) sprintf(buf, "554 unknown mailer error %d", stat); 1584 stat = EX_UNAVAILABLE; 1585 statmsg = buf; 1586 } 1587 else if (stat == EX_TEMPFAIL) 1588 { 1589 (void) strcpy(buf, SysExMsg[i] + 1); 1590 #ifdef NAMED_BIND 1591 if (h_errno == TRY_AGAIN) 1592 statmsg = errstring(h_errno+MAX_ERRNO); 1593 else 1594 #endif 1595 { 1596 if (errno != 0) 1597 statmsg = errstring(errno); 1598 else 1599 { 1600 #ifdef SMTP 1601 extern char SmtpError[]; 1602 1603 statmsg = SmtpError; 1604 #else /* SMTP */ 1605 statmsg = NULL; 1606 #endif /* SMTP */ 1607 } 1608 } 1609 if (statmsg != NULL && statmsg[0] != '\0') 1610 { 1611 (void) strcat(buf, ": "); 1612 (void) strcat(buf, statmsg); 1613 } 1614 statmsg = buf; 1615 } 1616 else 1617 { 1618 statmsg = SysExMsg[i]; 1619 if (*statmsg++ == ':') 1620 { 1621 (void) sprintf(buf, "%s: %s", statmsg, errstring(errno)); 1622 statmsg = buf; 1623 } 1624 } 1625 1626 /* 1627 ** Print the message as appropriate 1628 */ 1629 1630 if (stat == EX_OK || stat == EX_TEMPFAIL) 1631 message(&statmsg[4], errstring(errno)); 1632 else 1633 { 1634 Errors++; 1635 usrerr(statmsg, errstring(errno)); 1636 } 1637 1638 /* 1639 ** Final cleanup. 1640 ** Log a record of the transaction. Compute the new 1641 ** ExitStat -- if we already had an error, stick with 1642 ** that. 1643 */ 1644 1645 if (LogLevel > ((stat == EX_TEMPFAIL) ? 8 : (stat == EX_OK) ? 7 : 6)) 1646 logdelivery(m, mci, &statmsg[4], e); 1647 1648 if (stat != EX_TEMPFAIL) 1649 setstat(stat); 1650 if (stat != EX_OK) 1651 { 1652 if (e->e_message != NULL) 1653 free(e->e_message); 1654 e->e_message = newstr(&statmsg[4]); 1655 } 1656 errno = 0; 1657 #ifdef NAMED_BIND 1658 h_errno = 0; 1659 #endif 1660 } 1661 /* 1662 ** LOGDELIVERY -- log the delivery in the system log 1663 ** 1664 ** Parameters: 1665 ** m -- the mailer info. Can be NULL for initial queue. 1666 ** mci -- the mailer connection info -- can be NULL if the 1667 ** log is occuring when no connection is active. 1668 ** stat -- the message to print for the status. 1669 ** e -- the current envelope. 1670 ** 1671 ** Returns: 1672 ** none 1673 ** 1674 ** Side Effects: 1675 ** none 1676 */ 1677 1678 logdelivery(m, mci, stat, e) 1679 MAILER *m; 1680 register MCI *mci; 1681 char *stat; 1682 register ENVELOPE *e; 1683 { 1684 # ifdef LOG 1685 char *curhost; 1686 char buf[512]; 1687 1688 (void) sprintf(buf, "delay=%s", pintvl(curtime() - e->e_ctime, TRUE)); 1689 1690 if (m != NULL) 1691 { 1692 (void) strcat(buf, ", mailer="); 1693 (void) strcat(buf, m->m_name); 1694 } 1695 1696 if (mci != NULL && mci->mci_host != NULL) 1697 { 1698 # ifdef DAEMON 1699 extern SOCKADDR CurHostAddr; 1700 # endif 1701 1702 (void) strcat(buf, ", relay="); 1703 (void) strcat(buf, mci->mci_host); 1704 1705 # ifdef DAEMON 1706 (void) strcat(buf, " ("); 1707 (void) strcat(buf, anynet_ntoa(&CurHostAddr)); 1708 (void) strcat(buf, ")"); 1709 # endif 1710 } 1711 else 1712 { 1713 char *p = macvalue('h', e); 1714 1715 if (p != NULL && p[0] != '\0') 1716 { 1717 (void) strcat(buf, ", relay="); 1718 (void) strcat(buf, p); 1719 } 1720 } 1721 1722 syslog(LOG_INFO, "%s: to=%s, %s, stat=%s", 1723 e->e_id, e->e_to, buf, stat); 1724 # endif /* LOG */ 1725 } 1726 /* 1727 ** PUTFROMLINE -- output a UNIX-style from line (or whatever) 1728 ** 1729 ** This can be made an arbitrary message separator by changing $l 1730 ** 1731 ** One of the ugliest hacks seen by human eyes is contained herein: 1732 ** UUCP wants those stupid "remote from <host>" lines. Why oh why 1733 ** does a well-meaning programmer such as myself have to deal with 1734 ** this kind of antique garbage???? 1735 ** 1736 ** Parameters: 1737 ** fp -- the file to output to. 1738 ** m -- the mailer describing this entry. 1739 ** 1740 ** Returns: 1741 ** none 1742 ** 1743 ** Side Effects: 1744 ** outputs some text to fp. 1745 */ 1746 1747 putfromline(fp, m, e) 1748 register FILE *fp; 1749 register MAILER *m; 1750 ENVELOPE *e; 1751 { 1752 char *template = "\201l\n"; 1753 char buf[MAXLINE]; 1754 1755 if (bitnset(M_NHDR, m->m_flags)) 1756 return; 1757 1758 # ifdef UGLYUUCP 1759 if (bitnset(M_UGLYUUCP, m->m_flags)) 1760 { 1761 char *bang; 1762 char xbuf[MAXLINE]; 1763 1764 expand("\201g", buf, &buf[sizeof buf - 1], e); 1765 bang = strchr(buf, '!'); 1766 if (bang == NULL) 1767 syserr("554 No ! in UUCP! (%s)", buf); 1768 else 1769 { 1770 *bang++ = '\0'; 1771 (void) sprintf(xbuf, "From %s \201d remote from %s\n", bang, buf); 1772 template = xbuf; 1773 } 1774 } 1775 # endif /* UGLYUUCP */ 1776 expand(template, buf, &buf[sizeof buf - 1], e); 1777 putline(buf, fp, m); 1778 } 1779 /* 1780 ** PUTBODY -- put the body of a message. 1781 ** 1782 ** Parameters: 1783 ** fp -- file to output onto. 1784 ** m -- a mailer descriptor to control output format. 1785 ** e -- the envelope to put out. 1786 ** separator -- if non-NULL, a message separator that must 1787 ** not be permitted in the resulting message. 1788 ** 1789 ** Returns: 1790 ** none. 1791 ** 1792 ** Side Effects: 1793 ** The message is written onto fp. 1794 */ 1795 1796 putbody(fp, m, e, separator) 1797 FILE *fp; 1798 MAILER *m; 1799 register ENVELOPE *e; 1800 char *separator; 1801 { 1802 char buf[MAXLINE]; 1803 1804 /* 1805 ** Output the body of the message 1806 */ 1807 1808 if (e->e_dfp == NULL) 1809 { 1810 if (e->e_df != NULL) 1811 { 1812 e->e_dfp = fopen(e->e_df, "r"); 1813 if (e->e_dfp == NULL) 1814 syserr("putbody: Cannot open %s for %s from %s", 1815 e->e_df, e->e_to, e->e_from); 1816 } 1817 else 1818 putline("<<< No Message Collected >>>", fp, m); 1819 } 1820 if (e->e_dfp != NULL) 1821 { 1822 rewind(e->e_dfp); 1823 while (!ferror(fp) && fgets(buf, sizeof buf, e->e_dfp) != NULL) 1824 { 1825 if (buf[0] == 'F' && bitnset(M_ESCFROM, m->m_flags) && 1826 strncmp(buf, "From ", 5) == 0) 1827 (void) putc('>', fp); 1828 if (buf[0] == '-' && buf[1] == '-' && separator != NULL) 1829 { 1830 /* possible separator */ 1831 int sl = strlen(separator); 1832 1833 if (strncmp(&buf[2], separator, sl) == 0) 1834 (void) putc(' ', fp); 1835 } 1836 putline(buf, fp, m); 1837 } 1838 1839 if (ferror(e->e_dfp)) 1840 { 1841 syserr("putbody: read error"); 1842 ExitStat = EX_IOERR; 1843 } 1844 } 1845 1846 /* some mailers want extra blank line at end of message */ 1847 if (bitnset(M_BLANKEND, m->m_flags) && buf[0] != '\0' && buf[0] != '\n') 1848 putline("", fp, m); 1849 1850 (void) fflush(fp); 1851 if (ferror(fp) && errno != EPIPE) 1852 { 1853 syserr("putbody: write error"); 1854 ExitStat = EX_IOERR; 1855 } 1856 errno = 0; 1857 } 1858 /* 1859 ** MAILFILE -- Send a message to a file. 1860 ** 1861 ** If the file has the setuid/setgid bits set, but NO execute 1862 ** bits, sendmail will try to become the owner of that file 1863 ** rather than the real user. Obviously, this only works if 1864 ** sendmail runs as root. 1865 ** 1866 ** This could be done as a subordinate mailer, except that it 1867 ** is used implicitly to save messages in ~/dead.letter. We 1868 ** view this as being sufficiently important as to include it 1869 ** here. For example, if the system is dying, we shouldn't have 1870 ** to create another process plus some pipes to save the message. 1871 ** 1872 ** Parameters: 1873 ** filename -- the name of the file to send to. 1874 ** ctladdr -- the controlling address header -- includes 1875 ** the userid/groupid to be when sending. 1876 ** 1877 ** Returns: 1878 ** The exit code associated with the operation. 1879 ** 1880 ** Side Effects: 1881 ** none. 1882 */ 1883 1884 mailfile(filename, ctladdr, e) 1885 char *filename; 1886 ADDRESS *ctladdr; 1887 register ENVELOPE *e; 1888 { 1889 register FILE *f; 1890 register int pid; 1891 int mode; 1892 1893 if (tTd(11, 1)) 1894 { 1895 printf("mailfile %s\n ctladdr=", filename); 1896 printaddr(ctladdr, FALSE); 1897 } 1898 1899 /* 1900 ** Fork so we can change permissions here. 1901 ** Note that we MUST use fork, not vfork, because of 1902 ** the complications of calling subroutines, etc. 1903 */ 1904 1905 DOFORK(fork); 1906 1907 if (pid < 0) 1908 return (EX_OSERR); 1909 else if (pid == 0) 1910 { 1911 /* child -- actually write to file */ 1912 struct stat stb; 1913 1914 (void) signal(SIGINT, SIG_DFL); 1915 (void) signal(SIGHUP, SIG_DFL); 1916 (void) signal(SIGTERM, SIG_DFL); 1917 (void) umask(OldUmask); 1918 1919 if (stat(filename, &stb) < 0) 1920 stb.st_mode = FileMode; 1921 mode = stb.st_mode; 1922 1923 /* limit the errors to those actually caused in the child */ 1924 errno = 0; 1925 ExitStat = EX_OK; 1926 1927 if (bitset(0111, stb.st_mode)) 1928 exit(EX_CANTCREAT); 1929 if (ctladdr == NULL) 1930 ctladdr = &e->e_from; 1931 else 1932 { 1933 /* ignore setuid and setgid bits */ 1934 mode &= ~(S_ISGID|S_ISUID); 1935 } 1936 1937 /* we have to open the dfile BEFORE setuid */ 1938 if (e->e_dfp == NULL && e->e_df != NULL) 1939 { 1940 e->e_dfp = fopen(e->e_df, "r"); 1941 if (e->e_dfp == NULL) 1942 { 1943 syserr("mailfile: Cannot open %s for %s from %s", 1944 e->e_df, e->e_to, e->e_from); 1945 } 1946 } 1947 1948 if (!bitset(S_ISGID, mode) || setgid(stb.st_gid) < 0) 1949 { 1950 if (ctladdr->q_uid == 0) 1951 { 1952 (void) setgid(DefGid); 1953 (void) initgroups(DefUser, DefGid); 1954 } 1955 else 1956 { 1957 (void) setgid(ctladdr->q_gid); 1958 (void) initgroups(ctladdr->q_ruser ? 1959 ctladdr->q_ruser : ctladdr->q_user, 1960 ctladdr->q_gid); 1961 } 1962 } 1963 if (!bitset(S_ISUID, mode) || setuid(stb.st_uid) < 0) 1964 { 1965 if (ctladdr->q_uid == 0) 1966 (void) setuid(DefUid); 1967 else 1968 (void) setuid(ctladdr->q_uid); 1969 } 1970 FileName = filename; 1971 LineNumber = 0; 1972 f = dfopen(filename, O_WRONLY|O_CREAT|O_APPEND, FileMode); 1973 if (f == NULL) 1974 { 1975 message("554 cannot open"); 1976 exit(EX_CANTCREAT); 1977 } 1978 1979 putfromline(f, FileMailer, e); 1980 (*e->e_puthdr)(f, FileMailer, e); 1981 putline("\n", f, FileMailer); 1982 (*e->e_putbody)(f, FileMailer, e, NULL); 1983 putline("\n", f, FileMailer); 1984 if (ferror(f)) 1985 { 1986 message("451 I/O error"); 1987 setstat(EX_IOERR); 1988 } 1989 (void) xfclose(f, "mailfile", filename); 1990 (void) fflush(stdout); 1991 1992 /* reset ISUID & ISGID bits for paranoid systems */ 1993 (void) chmod(filename, (int) stb.st_mode); 1994 exit(ExitStat); 1995 /*NOTREACHED*/ 1996 } 1997 else 1998 { 1999 /* parent -- wait for exit status */ 2000 int st; 2001 2002 st = waitfor(pid); 2003 if ((st & 0377) != 0) 2004 return (EX_UNAVAILABLE); 2005 else 2006 return ((st >> 8) & 0377); 2007 /*NOTREACHED*/ 2008 } 2009 } 2010 /* 2011 ** HOSTSIGNATURE -- return the "signature" for a host. 2012 ** 2013 ** The signature describes how we are going to send this -- it 2014 ** can be just the hostname (for non-Internet hosts) or can be 2015 ** an ordered list of MX hosts. 2016 ** 2017 ** Parameters: 2018 ** m -- the mailer describing this host. 2019 ** host -- the host name. 2020 ** e -- the current envelope. 2021 ** 2022 ** Returns: 2023 ** The signature for this host. 2024 ** 2025 ** Side Effects: 2026 ** Can tweak the symbol table. 2027 */ 2028 2029 char * 2030 hostsignature(m, host, e) 2031 register MAILER *m; 2032 char *host; 2033 ENVELOPE *e; 2034 { 2035 register char *p; 2036 register STAB *s; 2037 int i; 2038 int len; 2039 #ifdef NAMED_BIND 2040 int nmx; 2041 auto int rcode; 2042 char *hp; 2043 char *endp; 2044 int oldoptions; 2045 char *mxhosts[MAXMXHOSTS + 1]; 2046 #endif 2047 2048 /* 2049 ** Check to see if this uses IPC -- if not, it can't have MX records. 2050 */ 2051 2052 p = m->m_mailer; 2053 if (strcmp(p, "[IPC]") != 0 && strcmp(p, "[TCP]") != 0) 2054 { 2055 /* just an ordinary mailer */ 2056 return host; 2057 } 2058 2059 /* 2060 ** If it is a numeric address, just return it. 2061 */ 2062 2063 if (host[0] == '[') 2064 return host; 2065 2066 /* 2067 ** Look it up in the symbol table. 2068 */ 2069 2070 s = stab(host, ST_HOSTSIG, ST_ENTER); 2071 if (s->s_hostsig != NULL) 2072 return s->s_hostsig; 2073 2074 /* 2075 ** Not already there -- create a signature. 2076 */ 2077 2078 #ifdef NAMED_BIND 2079 if (ConfigLevel < 2) 2080 { 2081 oldoptions = _res.options; 2082 _res.options &= ~(RES_DEFNAMES | RES_DNSRCH); /* XXX */ 2083 } 2084 2085 for (hp = host; hp != NULL; hp = endp) 2086 { 2087 endp = strchr(hp, ':'); 2088 if (endp != NULL) 2089 *endp = '\0'; 2090 2091 nmx = getmxrr(hp, mxhosts, TRUE, &rcode); 2092 2093 if (nmx <= 0) 2094 { 2095 register MCI *mci; 2096 extern int errno; 2097 2098 /* update the connection info for this host */ 2099 mci = mci_get(hp, m); 2100 mci->mci_exitstat = rcode; 2101 mci->mci_errno = errno; 2102 2103 /* and return the original host name as the signature */ 2104 nmx = 1; 2105 mxhosts[0] = hp; 2106 } 2107 2108 len = 0; 2109 for (i = 0; i < nmx; i++) 2110 { 2111 len += strlen(mxhosts[i]) + 1; 2112 } 2113 if (s->s_hostsig != NULL) 2114 len += strlen(s->s_hostsig) + 1; 2115 p = xalloc(len); 2116 if (s->s_hostsig != NULL) 2117 { 2118 (void) strcpy(p, s->s_hostsig); 2119 free(s->s_hostsig); 2120 s->s_hostsig = p; 2121 p += strlen(p); 2122 *p++ = ':'; 2123 } 2124 else 2125 s->s_hostsig = p; 2126 for (i = 0; i < nmx; i++) 2127 { 2128 if (i != 0) 2129 *p++ = ':'; 2130 strcpy(p, mxhosts[i]); 2131 p += strlen(p); 2132 } 2133 if (endp != NULL) 2134 *endp++ = ':'; 2135 } 2136 makelower(s->s_hostsig); 2137 if (ConfigLevel < 2) 2138 _res.options = oldoptions; 2139 #else 2140 /* not using BIND -- the signature is just the host name */ 2141 s->s_hostsig = host; 2142 #endif 2143 if (tTd(17, 1)) 2144 printf("hostsignature(%s) = %s\n", host, s->s_hostsig); 2145 return s->s_hostsig; 2146 } 2147