1 /* 2 * Copyright (c) 1983 Eric P. Allman 3 * Copyright (c) 1988 Regents of the University of California. 4 * All rights reserved. 5 * 6 * %sccs.include.redist.c% 7 */ 8 9 #ifndef lint 10 static char sccsid[] = "@(#)deliver.c 6.78 (Berkeley) 05/21/93"; 11 #endif /* not lint */ 12 13 #include "sendmail.h" 14 #include <signal.h> 15 #include <netdb.h> 16 #include <errno.h> 17 #ifdef NAMED_BIND 18 #include <arpa/nameser.h> 19 #include <resolv.h> 20 #endif 21 22 /* 23 ** SENDALL -- actually send all the messages. 24 ** 25 ** Parameters: 26 ** e -- the envelope to send. 27 ** mode -- the delivery mode to use. If SM_DEFAULT, use 28 ** the current e->e_sendmode. 29 ** 30 ** Returns: 31 ** none. 32 ** 33 ** Side Effects: 34 ** Scans the send lists and sends everything it finds. 35 ** Delivers any appropriate error messages. 36 ** If we are running in a non-interactive mode, takes the 37 ** appropriate action. 38 */ 39 40 sendall(e, mode) 41 ENVELOPE *e; 42 char mode; 43 { 44 register ADDRESS *q; 45 char *owner; 46 int otherowners; 47 register ENVELOPE *ee; 48 ENVELOPE *splitenv = NULL; 49 bool announcequeueup; 50 51 /* determine actual delivery mode */ 52 if (mode == SM_DEFAULT) 53 { 54 extern bool shouldqueue(); 55 56 mode = e->e_sendmode; 57 if (mode != SM_VERIFY && 58 shouldqueue(e->e_msgpriority, e->e_ctime)) 59 mode = SM_QUEUE; 60 announcequeueup = mode == SM_QUEUE; 61 } 62 else 63 announcequeueup = FALSE; 64 65 if (tTd(13, 1)) 66 { 67 printf("\nSENDALL: mode %c, e_from ", mode); 68 printaddr(&e->e_from, FALSE); 69 printf("sendqueue:\n"); 70 printaddr(e->e_sendqueue, TRUE); 71 } 72 73 /* 74 ** Do any preprocessing necessary for the mode we are running. 75 ** Check to make sure the hop count is reasonable. 76 ** Delete sends to the sender in mailing lists. 77 */ 78 79 CurEnv = e; 80 81 if (e->e_hopcount > MaxHopCount) 82 { 83 errno = 0; 84 syserr("554 too many hops %d (%d max): from %s, to %s", 85 e->e_hopcount, MaxHopCount, e->e_from.q_paddr, 86 e->e_sendqueue->q_paddr); 87 return; 88 } 89 90 /* 91 ** Do sender deletion. 92 ** 93 ** If the sender has the QQUEUEUP flag set, skip this. 94 ** This can happen if the name server is hosed when you 95 ** are trying to send mail. The result is that the sender 96 ** is instantiated in the queue as a recipient. 97 */ 98 99 if (!MeToo && !bitset(QQUEUEUP, e->e_from.q_flags)) 100 { 101 extern ADDRESS *recipient(); 102 103 if (tTd(13, 5)) 104 { 105 printf("sendall: QDONTSEND "); 106 printaddr(&e->e_from, FALSE); 107 } 108 e->e_from.q_flags |= QDONTSEND; 109 (void) recipient(&e->e_from, &e->e_sendqueue, e); 110 } 111 112 /* 113 ** Handle alias owners. 114 ** 115 ** We scan up the q_alias chain looking for owners. 116 ** We discard owners that are the same as the return path. 117 */ 118 119 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 120 { 121 register struct address *a; 122 123 for (a = q; a != NULL && a->q_owner == NULL; a = a->q_alias) 124 continue; 125 if (a != NULL) 126 q->q_owner = a->q_owner; 127 128 if (q->q_owner != NULL && 129 !bitset(QDONTSEND, q->q_flags) && 130 strcmp(q->q_owner, e->e_from.q_paddr) == 0) 131 q->q_owner = NULL; 132 } 133 134 owner = ""; 135 otherowners = 1; 136 while (owner != NULL && otherowners > 0) 137 { 138 owner = NULL; 139 otherowners = 0; 140 141 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 142 { 143 if (bitset(QDONTSEND, q->q_flags)) 144 continue; 145 146 if (q->q_owner != NULL) 147 { 148 if (owner == NULL) 149 owner = q->q_owner; 150 else if (owner != q->q_owner) 151 { 152 if (strcmp(owner, q->q_owner) == 0) 153 { 154 /* make future comparisons cheap */ 155 q->q_owner = owner; 156 } 157 else 158 { 159 otherowners++; 160 } 161 owner = q->q_owner; 162 } 163 } 164 else 165 { 166 otherowners++; 167 } 168 } 169 170 if (owner != NULL && otherowners > 0) 171 { 172 extern HDR *copyheader(); 173 extern ADDRESS *copyqueue(); 174 175 /* 176 ** Split this envelope into two. 177 */ 178 179 ee = (ENVELOPE *) xalloc(sizeof(ENVELOPE)); 180 *ee = *e; 181 ee->e_id = NULL; 182 (void) queuename(ee, '\0'); 183 184 if (tTd(13, 1)) 185 printf("sendall: split %s into %s\n", 186 e->e_id, ee->e_id); 187 188 ee->e_header = copyheader(e->e_header); 189 ee->e_sendqueue = copyqueue(e->e_sendqueue); 190 ee->e_errorqueue = copyqueue(e->e_errorqueue); 191 ee->e_flags = e->e_flags & ~(EF_INQUEUE|EF_CLRQUEUE|EF_FATALERRS); 192 setsender(owner, ee, NULL, TRUE); 193 if (tTd(13, 5)) 194 { 195 printf("sendall(split): QDONTSEND "); 196 printaddr(&ee->e_from, FALSE); 197 } 198 ee->e_from.q_flags |= QDONTSEND; 199 ee->e_dfp = NULL; 200 ee->e_xfp = NULL; 201 ee->e_lockfp = NULL; 202 ee->e_df = NULL; 203 ee->e_errormode = EM_MAIL; 204 ee->e_sibling = splitenv; 205 splitenv = ee; 206 207 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 208 if (q->q_owner == owner) 209 q->q_flags |= QDONTSEND; 210 for (q = ee->e_sendqueue; q != NULL; q = q->q_next) 211 if (q->q_owner != owner) 212 q->q_flags |= QDONTSEND; 213 214 if (e->e_df != NULL && mode != SM_VERIFY) 215 { 216 ee->e_dfp = NULL; 217 ee->e_df = newstr(queuename(ee, 'd')); 218 if (link(e->e_df, ee->e_df) < 0) 219 { 220 syserr("sendall: link(%s, %s)", 221 e->e_df, ee->e_df); 222 } 223 } 224 225 if (mode != SM_VERIFY) 226 openxscript(ee); 227 #ifdef LOG 228 if (LogLevel > 4) 229 syslog(LOG_INFO, "%s: clone %s", 230 ee->e_id, e->e_id); 231 #endif 232 } 233 } 234 235 if (owner != NULL) 236 { 237 setsender(owner, e, NULL, TRUE); 238 if (tTd(13, 5)) 239 { 240 printf("sendall(owner): QDONTSEND "); 241 printaddr(&e->e_from, FALSE); 242 } 243 e->e_from.q_flags |= QDONTSEND; 244 e->e_errormode = EM_MAIL; 245 } 246 247 # ifdef QUEUE 248 if ((mode == SM_QUEUE || mode == SM_FORK || 249 (mode != SM_VERIFY && SuperSafe)) && 250 !bitset(EF_INQUEUE, e->e_flags)) 251 { 252 /* be sure everything is instantiated in the queue */ 253 queueup(e, TRUE, announcequeueup); 254 for (ee = splitenv; ee != NULL; ee = ee->e_sibling) 255 queueup(ee, TRUE, announcequeueup); 256 } 257 #endif /* QUEUE */ 258 259 if (splitenv != NULL) 260 { 261 if (tTd(13, 1)) 262 { 263 printf("\nsendall: Split queue; remaining queue:\n"); 264 printaddr(e->e_sendqueue, TRUE); 265 } 266 267 for (ee = splitenv; ee != NULL; ee = ee->e_sibling) 268 { 269 CurEnv = ee; 270 sendenvelope(ee, mode); 271 } 272 273 CurEnv = e; 274 } 275 sendenvelope(e, mode); 276 277 for (; splitenv != NULL; splitenv = splitenv->e_sibling) 278 dropenvelope(splitenv); 279 } 280 281 sendenvelope(e, mode) 282 register ENVELOPE *e; 283 char mode; 284 { 285 bool oldverbose; 286 int pid; 287 register ADDRESS *q; 288 #ifdef LOCKF 289 struct flock lfd; 290 #endif 291 292 oldverbose = Verbose; 293 switch (mode) 294 { 295 case SM_VERIFY: 296 Verbose = TRUE; 297 break; 298 299 case SM_QUEUE: 300 queueonly: 301 e->e_flags |= EF_INQUEUE|EF_KEEPQUEUE; 302 return; 303 304 case SM_FORK: 305 if (e->e_xfp != NULL) 306 (void) fflush(e->e_xfp); 307 308 # ifdef LOCKF 309 /* 310 ** Since lockf has the interesting semantic that the 311 ** lock is lost when we fork, we have to risk losing 312 ** the lock here by closing before the fork, and then 313 ** trying to get it back in the child. 314 */ 315 316 if (e->e_lockfp != NULL) 317 { 318 (void) xfclose(e->e_lockfp, "sendenvelope", "lockfp"); 319 e->e_lockfp = NULL; 320 } 321 # endif /* LOCKF */ 322 323 pid = fork(); 324 if (pid < 0) 325 { 326 goto queueonly; 327 } 328 else if (pid > 0) 329 { 330 /* be sure we leave the temp files to our child */ 331 e->e_id = e->e_df = NULL; 332 # ifndef LOCKF 333 if (e->e_lockfp != NULL) 334 { 335 (void) xfclose(e->e_lockfp, "sendenvelope", "lockfp"); 336 e->e_lockfp = NULL; 337 } 338 # endif 339 340 /* close any random open files in the envelope */ 341 if (e->e_dfp != NULL) 342 { 343 (void) xfclose(e->e_dfp, "sendenvelope", "dfp"); 344 e->e_dfp = NULL; 345 } 346 if (e->e_xfp != NULL) 347 { 348 (void) xfclose(e->e_xfp, "sendenvelope", "xfp"); 349 e->e_xfp = NULL; 350 } 351 return; 352 } 353 354 /* double fork to avoid zombies */ 355 if (fork() > 0) 356 exit(EX_OK); 357 358 /* be sure we are immune from the terminal */ 359 disconnect(FALSE, e); 360 361 # ifdef LOCKF 362 /* 363 ** Now try to get our lock back. 364 */ 365 366 lfd.l_type = F_WRLCK; 367 lfd.l_whence = lfd.l_start = lfd.l_len = 0; 368 e->e_lockfp = fopen(queuename(e, 'q'), "r+"); 369 if (e->e_lockfp == NULL || 370 fcntl(fileno(e->e_lockfp), F_SETLK, &lfd) < 0) 371 { 372 /* oops.... lost it */ 373 if (tTd(13, 1)) 374 printf("sendenvelope: %s lost lock: lockfp=%x, %s\n", 375 e->e_id, e->e_lockfp, errstring(errno)); 376 377 # ifdef LOG 378 if (LogLevel > 29) 379 syslog(LOG_NOTICE, "%s: lost lock: %m", 380 e->e_id); 381 # endif /* LOG */ 382 exit(EX_OK); 383 } 384 # endif /* LOCKF */ 385 386 /* 387 ** Close any cached connections. 388 ** 389 ** We don't send the QUIT protocol because the parent 390 ** still knows about the connection. 391 ** 392 ** This should only happen when delivering an error 393 ** message. 394 */ 395 396 mci_flush(FALSE, NULL); 397 398 break; 399 } 400 401 /* 402 ** Run through the list and send everything. 403 */ 404 405 e->e_nsent = 0; 406 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 407 { 408 if (mode == SM_VERIFY) 409 { 410 e->e_to = q->q_paddr; 411 if (!bitset(QDONTSEND|QBADADDR, q->q_flags)) 412 { 413 message("deliverable: mailer %s, host %s, user %s", 414 q->q_mailer->m_name, 415 q->q_host, 416 q->q_user); 417 } 418 } 419 else if (!bitset(QDONTSEND|QBADADDR, q->q_flags)) 420 { 421 # ifdef QUEUE 422 /* 423 ** Checkpoint the send list every few addresses 424 */ 425 426 if (e->e_nsent >= CheckpointInterval) 427 { 428 queueup(e, TRUE, FALSE); 429 e->e_nsent = 0; 430 } 431 # endif /* QUEUE */ 432 (void) deliver(e, q); 433 } 434 } 435 Verbose = oldverbose; 436 437 /* 438 ** Now run through and check for errors. 439 */ 440 441 if (mode == SM_VERIFY) 442 { 443 return; 444 } 445 446 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 447 { 448 if (tTd(13, 3)) 449 { 450 printf("Checking "); 451 printaddr(q, FALSE); 452 } 453 454 /* only send errors if the message failed */ 455 if (!bitset(QBADADDR, q->q_flags) || 456 bitset(QDONTSEND, q->q_flags)) 457 continue; 458 459 e->e_flags |= EF_FATALERRS; 460 461 if (q->q_owner == NULL && strcmp(e->e_from.q_paddr, "<>") != 0) 462 (void) sendtolist(e->e_from.q_paddr, NULL, 463 &e->e_errorqueue, e); 464 } 465 466 if (mode == SM_FORK) 467 finis(); 468 } 469 /* 470 ** DOFORK -- do a fork, retrying a couple of times on failure. 471 ** 472 ** This MUST be a macro, since after a vfork we are running 473 ** two processes on the same stack!!! 474 ** 475 ** Parameters: 476 ** none. 477 ** 478 ** Returns: 479 ** From a macro??? You've got to be kidding! 480 ** 481 ** Side Effects: 482 ** Modifies the ==> LOCAL <== variable 'pid', leaving: 483 ** pid of child in parent, zero in child. 484 ** -1 on unrecoverable error. 485 ** 486 ** Notes: 487 ** I'm awfully sorry this looks so awful. That's 488 ** vfork for you..... 489 */ 490 491 # define NFORKTRIES 5 492 493 # ifndef FORK 494 # define FORK fork 495 # endif 496 497 # define DOFORK(fORKfN) \ 498 {\ 499 register int i;\ 500 \ 501 for (i = NFORKTRIES; --i >= 0; )\ 502 {\ 503 pid = fORKfN();\ 504 if (pid >= 0)\ 505 break;\ 506 if (i > 0)\ 507 sleep((unsigned) NFORKTRIES - i);\ 508 }\ 509 } 510 /* 511 ** DOFORK -- simple fork interface to DOFORK. 512 ** 513 ** Parameters: 514 ** none. 515 ** 516 ** Returns: 517 ** pid of child in parent. 518 ** zero in child. 519 ** -1 on error. 520 ** 521 ** Side Effects: 522 ** returns twice, once in parent and once in child. 523 */ 524 525 dofork() 526 { 527 register int pid; 528 529 DOFORK(fork); 530 return (pid); 531 } 532 /* 533 ** DELIVER -- Deliver a message to a list of addresses. 534 ** 535 ** This routine delivers to everyone on the same host as the 536 ** user on the head of the list. It is clever about mailers 537 ** that don't handle multiple users. It is NOT guaranteed 538 ** that it will deliver to all these addresses however -- so 539 ** deliver should be called once for each address on the 540 ** list. 541 ** 542 ** Parameters: 543 ** e -- the envelope to deliver. 544 ** firstto -- head of the address list to deliver to. 545 ** 546 ** Returns: 547 ** zero -- successfully delivered. 548 ** else -- some failure, see ExitStat for more info. 549 ** 550 ** Side Effects: 551 ** The standard input is passed off to someone. 552 */ 553 554 deliver(e, firstto) 555 register ENVELOPE *e; 556 ADDRESS *firstto; 557 { 558 char *host; /* host being sent to */ 559 char *user; /* user being sent to */ 560 char **pvp; 561 register char **mvp; 562 register char *p; 563 register MAILER *m; /* mailer for this recipient */ 564 ADDRESS *ctladdr; 565 register MCI *mci; 566 register ADDRESS *to = firstto; 567 bool clever = FALSE; /* running user smtp to this mailer */ 568 ADDRESS *tochain = NULL; /* chain of users in this mailer call */ 569 int rcode; /* response code */ 570 char *firstsig; /* signature of firstto */ 571 int pid; 572 char *curhost; 573 int mpvect[2]; 574 int rpvect[2]; 575 char *pv[MAXPV+1]; 576 char tobuf[TOBUFSIZE]; /* text line of to people */ 577 char buf[MAXNAME]; 578 char rpathbuf[MAXNAME]; /* translated return path */ 579 extern int checkcompat(); 580 extern ADDRESS *getctladdr(); 581 extern char *remotename(); 582 extern char *hostsignature(); 583 extern FILE *fdopen(); 584 585 errno = 0; 586 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags)) 587 return (0); 588 589 #ifdef NAMED_BIND 590 /* unless interactive, try twice, over a minute */ 591 if (OpMode == MD_DAEMON || OpMode == MD_SMTP) { 592 _res.retrans = 30; 593 _res.retry = 2; 594 } 595 #endif 596 597 m = to->q_mailer; 598 host = to->q_host; 599 CurEnv = e; /* just in case */ 600 e->e_statmsg = NULL; 601 602 if (tTd(10, 1)) 603 printf("\n--deliver, mailer=%d, host=`%s', first user=`%s'\n", 604 m->m_mno, host, to->q_user); 605 606 /* 607 ** If this mailer is expensive, and if we don't want to make 608 ** connections now, just mark these addresses and return. 609 ** This is useful if we want to batch connections to 610 ** reduce load. This will cause the messages to be 611 ** queued up, and a daemon will come along to send the 612 ** messages later. 613 ** This should be on a per-mailer basis. 614 */ 615 616 if (NoConnect && !bitset(EF_QUEUERUN, e->e_flags) && 617 bitnset(M_EXPENSIVE, m->m_flags) && !Verbose) 618 { 619 for (; to != NULL; to = to->q_next) 620 { 621 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags) || 622 to->q_mailer != m) 623 continue; 624 to->q_flags |= QQUEUEUP|QDONTSEND; 625 e->e_to = to->q_paddr; 626 message("queued"); 627 if (LogLevel > 8) 628 logdelivery(m, NULL, "queued", e); 629 } 630 e->e_to = NULL; 631 return (0); 632 } 633 634 /* 635 ** Do initial argv setup. 636 ** Insert the mailer name. Notice that $x expansion is 637 ** NOT done on the mailer name. Then, if the mailer has 638 ** a picky -f flag, we insert it as appropriate. This 639 ** code does not check for 'pv' overflow; this places a 640 ** manifest lower limit of 4 for MAXPV. 641 ** The from address rewrite is expected to make 642 ** the address relative to the other end. 643 */ 644 645 /* rewrite from address, using rewriting rules */ 646 rcode = EX_OK; 647 (void) strcpy(rpathbuf, remotename(e->e_from.q_paddr, m, 648 RF_SENDERADDR|RF_CANONICAL, 649 &rcode, e)); 650 define('g', rpathbuf, e); /* translated return path */ 651 define('h', host, e); /* to host */ 652 Errors = 0; 653 pvp = pv; 654 *pvp++ = m->m_argv[0]; 655 656 /* insert -f or -r flag as appropriate */ 657 if (FromFlag && (bitnset(M_FOPT, m->m_flags) || bitnset(M_ROPT, m->m_flags))) 658 { 659 if (bitnset(M_FOPT, m->m_flags)) 660 *pvp++ = "-f"; 661 else 662 *pvp++ = "-r"; 663 *pvp++ = newstr(rpathbuf); 664 } 665 666 /* 667 ** Append the other fixed parts of the argv. These run 668 ** up to the first entry containing "$u". There can only 669 ** be one of these, and there are only a few more slots 670 ** in the pv after it. 671 */ 672 673 for (mvp = m->m_argv; (p = *++mvp) != NULL; ) 674 { 675 /* can't use strchr here because of sign extension problems */ 676 while (*p != '\0') 677 { 678 if ((*p++ & 0377) == MACROEXPAND) 679 { 680 if (*p == 'u') 681 break; 682 } 683 } 684 685 if (*p != '\0') 686 break; 687 688 /* this entry is safe -- go ahead and process it */ 689 expand(*mvp, buf, &buf[sizeof buf - 1], e); 690 *pvp++ = newstr(buf); 691 if (pvp >= &pv[MAXPV - 3]) 692 { 693 syserr("554 Too many parameters to %s before $u", pv[0]); 694 return (-1); 695 } 696 } 697 698 /* 699 ** If we have no substitution for the user name in the argument 700 ** list, we know that we must supply the names otherwise -- and 701 ** SMTP is the answer!! 702 */ 703 704 if (*mvp == NULL) 705 { 706 /* running SMTP */ 707 # ifdef SMTP 708 clever = TRUE; 709 *pvp = NULL; 710 # else /* SMTP */ 711 /* oops! we don't implement SMTP */ 712 syserr("554 SMTP style mailer"); 713 return (EX_SOFTWARE); 714 # endif /* SMTP */ 715 } 716 717 /* 718 ** At this point *mvp points to the argument with $u. We 719 ** run through our address list and append all the addresses 720 ** we can. If we run out of space, do not fret! We can 721 ** always send another copy later. 722 */ 723 724 tobuf[0] = '\0'; 725 e->e_to = tobuf; 726 ctladdr = NULL; 727 firstsig = hostsignature(firstto->q_mailer, firstto->q_host, e); 728 for (; to != NULL; to = to->q_next) 729 { 730 /* avoid sending multiple recipients to dumb mailers */ 731 if (tobuf[0] != '\0' && !bitnset(M_MUSER, m->m_flags)) 732 break; 733 734 /* if already sent or not for this host, don't send */ 735 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags) || 736 to->q_mailer != firstto->q_mailer || 737 strcmp(hostsignature(to->q_mailer, to->q_host, e), firstsig) != 0) 738 continue; 739 740 /* avoid overflowing tobuf */ 741 if (sizeof tobuf < (strlen(to->q_paddr) + strlen(tobuf) + 2)) 742 break; 743 744 if (tTd(10, 1)) 745 { 746 printf("\nsend to "); 747 printaddr(to, FALSE); 748 } 749 750 /* compute effective uid/gid when sending */ 751 if (to->q_mailer == ProgMailer) 752 ctladdr = getctladdr(to); 753 754 user = to->q_user; 755 e->e_to = to->q_paddr; 756 if (tTd(10, 5)) 757 { 758 printf("deliver: QDONTSEND "); 759 printaddr(to, FALSE); 760 } 761 to->q_flags |= QDONTSEND; 762 763 /* 764 ** Check to see that these people are allowed to 765 ** talk to each other. 766 */ 767 768 if (m->m_maxsize != 0 && e->e_msgsize > m->m_maxsize) 769 { 770 NoReturn = TRUE; 771 usrerr("552 Message is too large; %ld bytes max", m->m_maxsize); 772 giveresponse(EX_UNAVAILABLE, m, NULL, e); 773 continue; 774 } 775 rcode = checkcompat(to, e); 776 if (rcode != EX_OK) 777 { 778 giveresponse(rcode, m, NULL, e); 779 continue; 780 } 781 782 /* 783 ** Strip quote bits from names if the mailer is dumb 784 ** about them. 785 */ 786 787 if (bitnset(M_STRIPQ, m->m_flags)) 788 { 789 stripquotes(user); 790 stripquotes(host); 791 } 792 793 /* hack attack -- delivermail compatibility */ 794 if (m == ProgMailer && *user == '|') 795 user++; 796 797 /* 798 ** If an error message has already been given, don't 799 ** bother to send to this address. 800 ** 801 ** >>>>>>>>>> This clause assumes that the local mailer 802 ** >> NOTE >> cannot do any further aliasing; that 803 ** >>>>>>>>>> function is subsumed by sendmail. 804 */ 805 806 if (bitset(QBADADDR|QQUEUEUP, to->q_flags)) 807 continue; 808 809 /* save statistics.... */ 810 markstats(e, to); 811 812 /* 813 ** See if this user name is "special". 814 ** If the user name has a slash in it, assume that this 815 ** is a file -- send it off without further ado. Note 816 ** that this type of addresses is not processed along 817 ** with the others, so we fudge on the To person. 818 */ 819 820 if (m == FileMailer) 821 { 822 rcode = mailfile(user, getctladdr(to), e); 823 giveresponse(rcode, m, NULL, e); 824 if (rcode == EX_OK) 825 to->q_flags |= QSENT; 826 continue; 827 } 828 829 /* 830 ** Address is verified -- add this user to mailer 831 ** argv, and add it to the print list of recipients. 832 */ 833 834 /* link together the chain of recipients */ 835 to->q_tchain = tochain; 836 tochain = to; 837 838 /* create list of users for error messages */ 839 (void) strcat(tobuf, ","); 840 (void) strcat(tobuf, to->q_paddr); 841 define('u', user, e); /* to user */ 842 define('z', to->q_home, e); /* user's home */ 843 844 /* 845 ** Expand out this user into argument list. 846 */ 847 848 if (!clever) 849 { 850 expand(*mvp, buf, &buf[sizeof buf - 1], e); 851 *pvp++ = newstr(buf); 852 if (pvp >= &pv[MAXPV - 2]) 853 { 854 /* allow some space for trailing parms */ 855 break; 856 } 857 } 858 } 859 860 /* see if any addresses still exist */ 861 if (tobuf[0] == '\0') 862 { 863 define('g', (char *) NULL, e); 864 return (0); 865 } 866 867 /* print out messages as full list */ 868 e->e_to = tobuf + 1; 869 870 /* 871 ** Fill out any parameters after the $u parameter. 872 */ 873 874 while (!clever && *++mvp != NULL) 875 { 876 expand(*mvp, buf, &buf[sizeof buf - 1], e); 877 *pvp++ = newstr(buf); 878 if (pvp >= &pv[MAXPV]) 879 syserr("554 deliver: pv overflow after $u for %s", pv[0]); 880 } 881 *pvp++ = NULL; 882 883 /* 884 ** Call the mailer. 885 ** The argument vector gets built, pipes 886 ** are created as necessary, and we fork & exec as 887 ** appropriate. 888 ** If we are running SMTP, we just need to clean up. 889 */ 890 891 if (ctladdr == NULL && m != ProgMailer) 892 ctladdr = &e->e_from; 893 #ifdef NAMED_BIND 894 if (ConfigLevel < 2) 895 _res.options &= ~(RES_DEFNAMES | RES_DNSRCH); /* XXX */ 896 #endif 897 898 if (tTd(11, 1)) 899 { 900 printf("openmailer:"); 901 printav(pv); 902 } 903 errno = 0; 904 905 CurHostName = m->m_mailer; 906 907 /* 908 ** Deal with the special case of mail handled through an IPC 909 ** connection. 910 ** In this case we don't actually fork. We must be 911 ** running SMTP for this to work. We will return a 912 ** zero pid to indicate that we are running IPC. 913 ** We also handle a debug version that just talks to stdin/out. 914 */ 915 916 curhost = NULL; 917 918 /* check for Local Person Communication -- not for mortals!!! */ 919 if (strcmp(m->m_mailer, "[LPC]") == 0) 920 { 921 mci = (MCI *) xalloc(sizeof *mci); 922 bzero((char *) mci, sizeof *mci); 923 mci->mci_in = stdin; 924 mci->mci_out = stdout; 925 mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN; 926 mci->mci_mailer = m; 927 } 928 else if (strcmp(m->m_mailer, "[IPC]") == 0 || 929 strcmp(m->m_mailer, "[TCP]") == 0) 930 { 931 #ifdef DAEMON 932 register int i; 933 register u_short port; 934 extern MCI *mci_get(); 935 extern char *hostsignature(); 936 937 CurHostName = pv[1]; 938 curhost = hostsignature(m, pv[1], e); 939 940 if (curhost == NULL || curhost[0] == '\0') 941 { 942 syserr("null signature"); 943 rcode = EX_OSERR; 944 goto give_up; 945 } 946 947 if (!clever) 948 { 949 syserr("554 non-clever IPC"); 950 rcode = EX_OSERR; 951 goto give_up; 952 } 953 if (pv[2] != NULL) 954 port = atoi(pv[2]); 955 else 956 port = 0; 957 tryhost: 958 mci = NULL; 959 while (*curhost != '\0') 960 { 961 register char *p; 962 static char hostbuf[MAXNAME]; 963 964 mci = NULL; 965 966 /* pull the next host from the signature */ 967 p = strchr(curhost, ':'); 968 if (p == NULL) 969 p = &curhost[strlen(curhost)]; 970 strncpy(hostbuf, curhost, p - curhost); 971 hostbuf[p - curhost] = '\0'; 972 if (*p != '\0') 973 p++; 974 curhost = p; 975 976 /* see if we already know that this host is fried */ 977 CurHostName = hostbuf; 978 mci = mci_get(hostbuf, m); 979 if (mci->mci_state != MCIS_CLOSED) 980 { 981 if (tTd(11, 1)) 982 { 983 printf("openmailer: "); 984 mci_dump(mci); 985 } 986 CurHostName = mci->mci_host; 987 break; 988 } 989 mci->mci_mailer = m; 990 if (mci->mci_exitstat != EX_OK) 991 continue; 992 993 /* try the connection */ 994 setproctitle("%s %s: %s", e->e_id, hostbuf, "user open"); 995 message("Connecting to %s (%s)...", 996 hostbuf, m->m_name); 997 i = makeconnection(hostbuf, port, mci, 998 bitnset(M_SECURE_PORT, m->m_flags)); 999 mci->mci_exitstat = i; 1000 mci->mci_errno = errno; 1001 if (i == EX_OK) 1002 { 1003 mci->mci_state = MCIS_OPENING; 1004 mci_cache(mci); 1005 break; 1006 } 1007 else if (tTd(11, 1)) 1008 printf("openmailer: makeconnection => stat=%d, errno=%d\n", 1009 i, errno); 1010 1011 1012 /* enter status of this host */ 1013 setstat(i); 1014 } 1015 mci->mci_pid = 0; 1016 #else /* no DAEMON */ 1017 syserr("554 openmailer: no IPC"); 1018 if (tTd(11, 1)) 1019 printf("openmailer: NULL\n"); 1020 return NULL; 1021 #endif /* DAEMON */ 1022 } 1023 else 1024 { 1025 int i; 1026 struct stat stbuf; 1027 1028 /* make absolutely certain 0, 1, and 2 are in use */ 1029 for (i = 0; i < 3; i++) 1030 { 1031 if (fstat(i, &stbuf) < 0) 1032 { 1033 /* oops.... */ 1034 int fd; 1035 1036 syserr("%s... openmailer(%s): fd %d not open", 1037 e->e_to, m->m_name, i); 1038 fd = open("/dev/null", O_RDONLY, 0666); 1039 if (fd != i) 1040 { 1041 (void) dup2(fd, i); 1042 (void) close(fd); 1043 } 1044 } 1045 } 1046 1047 /* create a pipe to shove the mail through */ 1048 if (pipe(mpvect) < 0) 1049 { 1050 syserr("%s... openmailer(%s): pipe (to mailer)", 1051 e->e_to, m->m_name); 1052 if (tTd(11, 1)) 1053 printf("openmailer: NULL\n"); 1054 rcode = EX_OSERR; 1055 goto give_up; 1056 } 1057 1058 /* if this mailer speaks smtp, create a return pipe */ 1059 if (clever && pipe(rpvect) < 0) 1060 { 1061 syserr("%s... openmailer(%s): pipe (from mailer)", 1062 e->e_to, m->m_name); 1063 (void) close(mpvect[0]); 1064 (void) close(mpvect[1]); 1065 if (tTd(11, 1)) 1066 printf("openmailer: NULL\n"); 1067 rcode = EX_OSERR; 1068 goto give_up; 1069 } 1070 1071 /* 1072 ** Actually fork the mailer process. 1073 ** DOFORK is clever about retrying. 1074 ** 1075 ** Dispose of SIGCHLD signal catchers that may be laying 1076 ** around so that endmail will get it. 1077 */ 1078 1079 if (e->e_xfp != NULL) 1080 (void) fflush(e->e_xfp); /* for debugging */ 1081 (void) fflush(stdout); 1082 # ifdef SIGCHLD 1083 (void) signal(SIGCHLD, SIG_DFL); 1084 # endif /* SIGCHLD */ 1085 DOFORK(FORK); 1086 /* pid is set by DOFORK */ 1087 if (pid < 0) 1088 { 1089 /* failure */ 1090 syserr("%s... openmailer(%s): cannot fork", 1091 e->e_to, m->m_name); 1092 (void) close(mpvect[0]); 1093 (void) close(mpvect[1]); 1094 if (clever) 1095 { 1096 (void) close(rpvect[0]); 1097 (void) close(rpvect[1]); 1098 } 1099 if (tTd(11, 1)) 1100 printf("openmailer: NULL\n"); 1101 rcode = EX_OSERR; 1102 goto give_up; 1103 } 1104 else if (pid == 0) 1105 { 1106 int i; 1107 int saveerrno; 1108 char **ep; 1109 char *env[MAXUSERENVIRON]; 1110 extern char **environ; 1111 extern int DtableSize; 1112 1113 /* child -- set up input & exec mailer */ 1114 /* make diagnostic output be standard output */ 1115 (void) signal(SIGINT, SIG_IGN); 1116 (void) signal(SIGHUP, SIG_IGN); 1117 (void) signal(SIGTERM, SIG_DFL); 1118 1119 /* close any other cached connections */ 1120 mci_flush(FALSE, mci); 1121 1122 /* move into some "safe" directory */ 1123 if (m->m_execdir != NULL) 1124 { 1125 char *p, *q; 1126 char buf[MAXLINE]; 1127 1128 for (p = m->m_execdir; p != NULL; p = q) 1129 { 1130 q = strchr(p, ':'); 1131 if (q != NULL) 1132 *q = '\0'; 1133 expand(p, buf, &buf[sizeof buf] - 1, e); 1134 if (q != NULL) 1135 *q++ = ':'; 1136 if (tTd(11, 20)) 1137 printf("openmailer: trydir %s\n", 1138 buf); 1139 if (buf[0] != '\0' && chdir(buf) >= 0) 1140 break; 1141 } 1142 } 1143 1144 /* arrange to filter std & diag output of command */ 1145 if (clever) 1146 { 1147 (void) close(rpvect[0]); 1148 if (dup2(rpvect[1], STDOUT_FILENO) < 0) 1149 { 1150 syserr("%s... openmailer(%s): cannot dup pipe %d for stdout", 1151 e->e_to, m->m_name, rpvect[1]); 1152 _exit(EX_OSERR); 1153 } 1154 (void) close(rpvect[1]); 1155 } 1156 else if (OpMode == MD_SMTP || HoldErrs) 1157 { 1158 /* put mailer output in transcript */ 1159 if (dup2(fileno(e->e_xfp), STDOUT_FILENO) < 0) 1160 { 1161 syserr("%s... openmailer(%s): cannot dup xscript %d for stdout", 1162 e->e_to, m->m_name, 1163 fileno(e->e_xfp)); 1164 _exit(EX_OSERR); 1165 } 1166 } 1167 if (dup2(STDOUT_FILENO, STDERR_FILENO) < 0) 1168 { 1169 syserr("%s... openmailer(%s): cannot dup stdout for stderr", 1170 e->e_to, m->m_name); 1171 _exit(EX_OSERR); 1172 } 1173 1174 /* arrange to get standard input */ 1175 (void) close(mpvect[1]); 1176 if (dup2(mpvect[0], STDIN_FILENO) < 0) 1177 { 1178 syserr("%s... openmailer(%s): cannot dup pipe %d for stdin", 1179 e->e_to, m->m_name, mpvect[0]); 1180 _exit(EX_OSERR); 1181 } 1182 (void) close(mpvect[0]); 1183 if (!bitnset(M_RESTR, m->m_flags)) 1184 { 1185 if (ctladdr == NULL || ctladdr->q_uid == 0) 1186 { 1187 (void) setgid(DefGid); 1188 (void) initgroups(DefUser, DefGid); 1189 (void) setuid(DefUid); 1190 } 1191 else 1192 { 1193 (void) setgid(ctladdr->q_gid); 1194 (void) initgroups(ctladdr->q_ruser? 1195 ctladdr->q_ruser: ctladdr->q_user, 1196 ctladdr->q_gid); 1197 (void) setuid(ctladdr->q_uid); 1198 } 1199 } 1200 1201 /* arrange for all the files to be closed */ 1202 for (i = 3; i < DtableSize; i++) 1203 { 1204 register int j; 1205 if ((j = fcntl(i, F_GETFD, 0)) != -1) 1206 (void)fcntl(i, F_SETFD, j|1); 1207 } 1208 1209 /* set up the mailer environment */ 1210 i = 0; 1211 env[i++] = "AGENT=sendmail"; 1212 for (ep = environ; *ep != NULL; ep++) 1213 { 1214 if (strncmp(*ep, "TZ=", 3) == 0) 1215 env[i++] = *ep; 1216 } 1217 env[i++] = NULL; 1218 1219 /* try to execute the mailer */ 1220 execve(m->m_mailer, pv, env); 1221 saveerrno = errno; 1222 syserr("Cannot exec %s", m->m_mailer); 1223 if (m == LocalMailer || transienterror(saveerrno)) 1224 _exit(EX_OSERR); 1225 _exit(EX_UNAVAILABLE); 1226 } 1227 1228 /* 1229 ** Set up return value. 1230 */ 1231 1232 mci = (MCI *) xalloc(sizeof *mci); 1233 bzero((char *) mci, sizeof *mci); 1234 mci->mci_mailer = m; 1235 mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN; 1236 mci->mci_pid = pid; 1237 (void) close(mpvect[0]); 1238 mci->mci_out = fdopen(mpvect[1], "w"); 1239 if (clever) 1240 { 1241 (void) close(rpvect[1]); 1242 mci->mci_in = fdopen(rpvect[0], "r"); 1243 } 1244 else 1245 { 1246 mci->mci_flags |= MCIF_TEMP; 1247 mci->mci_in = NULL; 1248 } 1249 } 1250 1251 /* 1252 ** If we are in SMTP opening state, send initial protocol. 1253 */ 1254 1255 if (clever && mci->mci_state != MCIS_CLOSED) 1256 { 1257 smtpinit(m, mci, e); 1258 } 1259 if (tTd(11, 1)) 1260 { 1261 printf("openmailer: "); 1262 mci_dump(mci); 1263 } 1264 1265 if (mci->mci_state != MCIS_OPEN) 1266 { 1267 /* couldn't open the mailer */ 1268 rcode = mci->mci_exitstat; 1269 errno = mci->mci_errno; 1270 if (rcode == EX_OK) 1271 { 1272 /* shouldn't happen */ 1273 syserr("554 deliver: rcode=%d, mci_state=%d, sig=%s", 1274 rcode, mci->mci_state, firstsig); 1275 rcode = EX_SOFTWARE; 1276 } 1277 else if (rcode == EX_TEMPFAIL && *curhost != '\0') 1278 { 1279 /* try next MX site */ 1280 goto tryhost; 1281 } 1282 } 1283 else if (!clever) 1284 { 1285 /* 1286 ** Format and send message. 1287 */ 1288 1289 putfromline(mci->mci_out, m, e); 1290 (*e->e_puthdr)(mci->mci_out, m, e); 1291 putline("\n", mci->mci_out, m); 1292 (*e->e_putbody)(mci->mci_out, m, e, NULL); 1293 1294 /* get the exit status */ 1295 rcode = endmailer(mci, e, pv); 1296 } 1297 else 1298 #ifdef SMTP 1299 { 1300 /* 1301 ** Send the MAIL FROM: protocol 1302 */ 1303 1304 rcode = smtpmailfrom(m, mci, e); 1305 if (rcode == EX_OK) 1306 { 1307 register char *t = tobuf; 1308 register int i; 1309 1310 /* send the recipient list */ 1311 tobuf[0] = '\0'; 1312 for (to = tochain; to != NULL; to = to->q_tchain) 1313 { 1314 e->e_to = to->q_paddr; 1315 if ((i = smtprcpt(to, m, mci, e)) != EX_OK) 1316 { 1317 markfailure(e, to, i); 1318 giveresponse(i, m, mci, e); 1319 } 1320 else 1321 { 1322 *t++ = ','; 1323 for (p = to->q_paddr; *p; *t++ = *p++) 1324 continue; 1325 } 1326 } 1327 1328 /* now send the data */ 1329 if (tobuf[0] == '\0') 1330 { 1331 rcode = EX_OK; 1332 e->e_to = NULL; 1333 if (bitset(MCIF_CACHED, mci->mci_flags)) 1334 smtprset(m, mci, e); 1335 } 1336 else 1337 { 1338 e->e_to = tobuf + 1; 1339 rcode = smtpdata(m, mci, e); 1340 } 1341 1342 /* now close the connection */ 1343 if (!bitset(MCIF_CACHED, mci->mci_flags)) 1344 smtpquit(m, mci, e); 1345 } 1346 if (rcode != EX_OK && *curhost != '\0') 1347 { 1348 /* try next MX site */ 1349 goto tryhost; 1350 } 1351 } 1352 #else /* not SMTP */ 1353 { 1354 syserr("554 deliver: need SMTP compiled to use clever mailer"); 1355 rcode = EX_CONFIG; 1356 goto give_up; 1357 } 1358 #endif /* SMTP */ 1359 #ifdef NAMED_BIND 1360 if (ConfigLevel < 2) 1361 _res.options |= RES_DEFNAMES | RES_DNSRCH; /* XXX */ 1362 #endif 1363 1364 /* arrange a return receipt if requested */ 1365 if (e->e_receiptto != NULL && bitnset(M_LOCALMAILER, m->m_flags)) 1366 { 1367 e->e_flags |= EF_SENDRECEIPT; 1368 /* do we want to send back more info? */ 1369 } 1370 1371 /* 1372 ** Do final status disposal. 1373 ** We check for something in tobuf for the SMTP case. 1374 ** If we got a temporary failure, arrange to queue the 1375 ** addressees. 1376 */ 1377 1378 give_up: 1379 if (tobuf[0] != '\0') 1380 giveresponse(rcode, m, mci, e); 1381 for (to = tochain; to != NULL; to = to->q_tchain) 1382 { 1383 if (rcode != EX_OK) 1384 markfailure(e, to, rcode); 1385 else 1386 { 1387 to->q_flags |= QSENT; 1388 e->e_nsent++; 1389 } 1390 } 1391 1392 /* 1393 ** Restore state and return. 1394 */ 1395 1396 errno = 0; 1397 define('g', (char *) NULL, e); 1398 return (rcode); 1399 } 1400 /* 1401 ** MARKFAILURE -- mark a failure on a specific address. 1402 ** 1403 ** Parameters: 1404 ** e -- the envelope we are sending. 1405 ** q -- the address to mark. 1406 ** rcode -- the code signifying the particular failure. 1407 ** 1408 ** Returns: 1409 ** none. 1410 ** 1411 ** Side Effects: 1412 ** marks the address (and possibly the envelope) with the 1413 ** failure so that an error will be returned or 1414 ** the message will be queued, as appropriate. 1415 */ 1416 1417 markfailure(e, q, rcode) 1418 register ENVELOPE *e; 1419 register ADDRESS *q; 1420 int rcode; 1421 { 1422 char buf[MAXLINE]; 1423 extern char *pintvl(); 1424 1425 if (rcode == EX_OK) 1426 return; 1427 else if (rcode != EX_TEMPFAIL && rcode != EX_IOERR && rcode != EX_OSERR) 1428 q->q_flags |= QBADADDR; 1429 else if (curtime() > e->e_ctime + TimeOuts.to_q_return) 1430 { 1431 if (!bitset(EF_TIMEOUT, e->e_flags)) 1432 { 1433 (void) sprintf(buf, "Cannot send message for %s", 1434 pintvl(TimeOuts.to_q_return, FALSE)); 1435 if (e->e_message != NULL) 1436 free(e->e_message); 1437 e->e_message = newstr(buf); 1438 message(buf); 1439 } 1440 q->q_flags |= QBADADDR; 1441 e->e_flags |= EF_TIMEOUT; 1442 fprintf(e->e_xfp, "421 %s... Message timed out\n", q->q_paddr); 1443 } 1444 else 1445 { 1446 q->q_flags |= QQUEUEUP; 1447 if (TimeOuts.to_q_warning > 0 && 1448 curtime() > e->e_ctime + TimeOuts.to_q_warning) 1449 { 1450 if (!bitset(EF_WARNING, e->e_flags) && 1451 e->e_class >= 0) 1452 { 1453 (void) sprintf(buf, 1454 "warning: cannot send message for %s", 1455 pintvl(TimeOuts.to_q_warning, FALSE)); 1456 if (e->e_message != NULL) 1457 free(e->e_message); 1458 e->e_message = newstr(buf); 1459 message(buf); 1460 e->e_flags |= EF_WARNING|EF_TIMEOUT; 1461 } 1462 fprintf(e->e_xfp, 1463 "%s... Warning: message still undelivered after %s\n", 1464 q->q_paddr, pintvl(TimeOuts.to_q_warning, FALSE)); 1465 fprintf(e->e_xfp, "Will keep trying until message is %s old\n", 1466 pintvl(TimeOuts.to_q_return, FALSE)); 1467 } 1468 } 1469 } 1470 /* 1471 ** ENDMAILER -- Wait for mailer to terminate. 1472 ** 1473 ** We should never get fatal errors (e.g., segmentation 1474 ** violation), so we report those specially. For other 1475 ** errors, we choose a status message (into statmsg), 1476 ** and if it represents an error, we print it. 1477 ** 1478 ** Parameters: 1479 ** pid -- pid of mailer. 1480 ** e -- the current envelope. 1481 ** pv -- the parameter vector that invoked the mailer 1482 ** (for error messages). 1483 ** 1484 ** Returns: 1485 ** exit code of mailer. 1486 ** 1487 ** Side Effects: 1488 ** none. 1489 */ 1490 1491 endmailer(mci, e, pv) 1492 register MCI *mci; 1493 register ENVELOPE *e; 1494 char **pv; 1495 { 1496 int st; 1497 1498 /* close any connections */ 1499 if (mci->mci_in != NULL) 1500 (void) xfclose(mci->mci_in, pv[0], "mci_in"); 1501 if (mci->mci_out != NULL) 1502 (void) xfclose(mci->mci_out, pv[0], "mci_out"); 1503 mci->mci_in = mci->mci_out = NULL; 1504 mci->mci_state = MCIS_CLOSED; 1505 1506 /* in the IPC case there is nothing to wait for */ 1507 if (mci->mci_pid == 0) 1508 return (EX_OK); 1509 1510 /* wait for the mailer process to die and collect status */ 1511 st = waitfor(mci->mci_pid); 1512 if (st == -1) 1513 { 1514 syserr("endmailer %s: wait", pv[0]); 1515 return (EX_SOFTWARE); 1516 } 1517 1518 /* see if it died a horrid death */ 1519 if ((st & 0377) != 0) 1520 { 1521 syserr("mailer %s died with signal %o", pv[0], st); 1522 1523 /* log the arguments */ 1524 if (e->e_xfp != NULL) 1525 { 1526 register char **av; 1527 1528 fprintf(e->e_xfp, "Arguments:"); 1529 for (av = pv; *av != NULL; av++) 1530 fprintf(e->e_xfp, " %s", *av); 1531 fprintf(e->e_xfp, "\n"); 1532 } 1533 1534 ExitStat = EX_TEMPFAIL; 1535 return (EX_TEMPFAIL); 1536 } 1537 1538 /* normal death -- return status */ 1539 st = (st >> 8) & 0377; 1540 return (st); 1541 } 1542 /* 1543 ** GIVERESPONSE -- Interpret an error response from a mailer 1544 ** 1545 ** Parameters: 1546 ** stat -- the status code from the mailer (high byte 1547 ** only; core dumps must have been taken care of 1548 ** already). 1549 ** m -- the mailer info for this mailer. 1550 ** mci -- the mailer connection info -- can be NULL if the 1551 ** response is given before the connection is made. 1552 ** e -- the current envelope. 1553 ** 1554 ** Returns: 1555 ** none. 1556 ** 1557 ** Side Effects: 1558 ** Errors may be incremented. 1559 ** ExitStat may be set. 1560 */ 1561 1562 giveresponse(stat, m, mci, e) 1563 int stat; 1564 register MAILER *m; 1565 register MCI *mci; 1566 ENVELOPE *e; 1567 { 1568 register const char *statmsg; 1569 extern char *SysExMsg[]; 1570 register int i; 1571 extern int N_SysEx; 1572 #ifdef NAMED_BIND 1573 extern int h_errno; 1574 #endif 1575 char buf[MAXLINE]; 1576 1577 /* 1578 ** Compute status message from code. 1579 */ 1580 1581 i = stat - EX__BASE; 1582 if (stat == 0) 1583 { 1584 statmsg = "250 Sent"; 1585 if (e->e_statmsg != NULL) 1586 { 1587 (void) sprintf(buf, "%s (%s)", statmsg, e->e_statmsg); 1588 statmsg = buf; 1589 } 1590 } 1591 else if (i < 0 || i > N_SysEx) 1592 { 1593 (void) sprintf(buf, "554 unknown mailer error %d", stat); 1594 stat = EX_UNAVAILABLE; 1595 statmsg = buf; 1596 } 1597 else if (stat == EX_TEMPFAIL) 1598 { 1599 (void) strcpy(buf, SysExMsg[i] + 1); 1600 #ifdef NAMED_BIND 1601 if (h_errno == TRY_AGAIN) 1602 statmsg = errstring(h_errno+MAX_ERRNO); 1603 else 1604 #endif 1605 { 1606 if (errno != 0) 1607 statmsg = errstring(errno); 1608 else 1609 { 1610 #ifdef SMTP 1611 extern char SmtpError[]; 1612 1613 statmsg = SmtpError; 1614 #else /* SMTP */ 1615 statmsg = NULL; 1616 #endif /* SMTP */ 1617 } 1618 } 1619 if (statmsg != NULL && statmsg[0] != '\0') 1620 { 1621 (void) strcat(buf, ": "); 1622 (void) strcat(buf, statmsg); 1623 } 1624 statmsg = buf; 1625 } 1626 else 1627 { 1628 statmsg = SysExMsg[i]; 1629 if (*statmsg++ == ':') 1630 { 1631 (void) sprintf(buf, "%s: %s", statmsg, errstring(errno)); 1632 statmsg = buf; 1633 } 1634 } 1635 1636 /* 1637 ** Print the message as appropriate 1638 */ 1639 1640 if (stat == EX_OK || stat == EX_TEMPFAIL) 1641 message(&statmsg[4], errstring(errno)); 1642 else 1643 { 1644 Errors++; 1645 usrerr(statmsg, errstring(errno)); 1646 } 1647 1648 /* 1649 ** Final cleanup. 1650 ** Log a record of the transaction. Compute the new 1651 ** ExitStat -- if we already had an error, stick with 1652 ** that. 1653 */ 1654 1655 if (LogLevel > ((stat == EX_TEMPFAIL) ? 8 : (stat == EX_OK) ? 7 : 6)) 1656 logdelivery(m, mci, &statmsg[4], e); 1657 1658 if (stat != EX_TEMPFAIL) 1659 setstat(stat); 1660 if (stat != EX_OK) 1661 { 1662 if (e->e_message != NULL) 1663 free(e->e_message); 1664 e->e_message = newstr(&statmsg[4]); 1665 } 1666 errno = 0; 1667 #ifdef NAMED_BIND 1668 h_errno = 0; 1669 #endif 1670 } 1671 /* 1672 ** LOGDELIVERY -- log the delivery in the system log 1673 ** 1674 ** Parameters: 1675 ** m -- the mailer info. Can be NULL for initial queue. 1676 ** mci -- the mailer connection info -- can be NULL if the 1677 ** log is occuring when no connection is active. 1678 ** stat -- the message to print for the status. 1679 ** e -- the current envelope. 1680 ** 1681 ** Returns: 1682 ** none 1683 ** 1684 ** Side Effects: 1685 ** none 1686 */ 1687 1688 logdelivery(m, mci, stat, e) 1689 MAILER *m; 1690 register MCI *mci; 1691 char *stat; 1692 register ENVELOPE *e; 1693 { 1694 # ifdef LOG 1695 char *curhost; 1696 char buf[512]; 1697 extern char *pintvl(); 1698 extern char *macvalue(); 1699 1700 (void) sprintf(buf, "delay=%s", pintvl(curtime() - e->e_ctime, TRUE)); 1701 1702 if (m != NULL) 1703 { 1704 (void) strcat(buf, ", mailer="); 1705 (void) strcat(buf, m->m_name); 1706 } 1707 1708 if (mci != NULL && mci->mci_host != NULL) 1709 { 1710 # ifdef DAEMON 1711 extern SOCKADDR CurHostAddr; 1712 extern char *anynet_ntoa(); 1713 # endif 1714 1715 (void) strcat(buf, ", relay="); 1716 (void) strcat(buf, mci->mci_host); 1717 1718 # ifdef DAEMON 1719 (void) strcat(buf, " ("); 1720 (void) strcat(buf, anynet_ntoa(&CurHostAddr)); 1721 (void) strcat(buf, ")"); 1722 # endif 1723 } 1724 else 1725 { 1726 char *p = macvalue('h', e); 1727 1728 if (p != NULL && p[0] != '\0') 1729 { 1730 (void) strcat(buf, ", relay="); 1731 (void) strcat(buf, p); 1732 } 1733 } 1734 1735 syslog(LOG_INFO, "%s: to=%s, %s, stat=%s", 1736 e->e_id, e->e_to, buf, stat); 1737 # endif /* LOG */ 1738 } 1739 /* 1740 ** PUTFROMLINE -- output a UNIX-style from line (or whatever) 1741 ** 1742 ** This can be made an arbitrary message separator by changing $l 1743 ** 1744 ** One of the ugliest hacks seen by human eyes is contained herein: 1745 ** UUCP wants those stupid "remote from <host>" lines. Why oh why 1746 ** does a well-meaning programmer such as myself have to deal with 1747 ** this kind of antique garbage???? 1748 ** 1749 ** Parameters: 1750 ** fp -- the file to output to. 1751 ** m -- the mailer describing this entry. 1752 ** 1753 ** Returns: 1754 ** none 1755 ** 1756 ** Side Effects: 1757 ** outputs some text to fp. 1758 */ 1759 1760 putfromline(fp, m, e) 1761 register FILE *fp; 1762 register MAILER *m; 1763 ENVELOPE *e; 1764 { 1765 char *template = "\201l\n"; 1766 char buf[MAXLINE]; 1767 1768 if (bitnset(M_NHDR, m->m_flags)) 1769 return; 1770 1771 # ifdef UGLYUUCP 1772 if (bitnset(M_UGLYUUCP, m->m_flags)) 1773 { 1774 char *bang; 1775 char xbuf[MAXLINE]; 1776 1777 expand("\201g", buf, &buf[sizeof buf - 1], e); 1778 bang = strchr(buf, '!'); 1779 if (bang == NULL) 1780 syserr("554 No ! in UUCP! (%s)", buf); 1781 else 1782 { 1783 *bang++ = '\0'; 1784 (void) sprintf(xbuf, "From %s \201d remote from %s\n", bang, buf); 1785 template = xbuf; 1786 } 1787 } 1788 # endif /* UGLYUUCP */ 1789 expand(template, buf, &buf[sizeof buf - 1], e); 1790 putline(buf, fp, m); 1791 } 1792 /* 1793 ** PUTBODY -- put the body of a message. 1794 ** 1795 ** Parameters: 1796 ** fp -- file to output onto. 1797 ** m -- a mailer descriptor to control output format. 1798 ** e -- the envelope to put out. 1799 ** separator -- if non-NULL, a message separator that must 1800 ** not be permitted in the resulting message. 1801 ** 1802 ** Returns: 1803 ** none. 1804 ** 1805 ** Side Effects: 1806 ** The message is written onto fp. 1807 */ 1808 1809 putbody(fp, m, e, separator) 1810 FILE *fp; 1811 MAILER *m; 1812 register ENVELOPE *e; 1813 char *separator; 1814 { 1815 char buf[MAXLINE]; 1816 1817 /* 1818 ** Output the body of the message 1819 */ 1820 1821 if (e->e_dfp == NULL) 1822 { 1823 if (e->e_df != NULL) 1824 { 1825 e->e_dfp = fopen(e->e_df, "r"); 1826 if (e->e_dfp == NULL) 1827 syserr("putbody: Cannot open %s for %s from %s", 1828 e->e_df, e->e_to, e->e_from); 1829 } 1830 else 1831 putline("<<< No Message Collected >>>", fp, m); 1832 } 1833 if (e->e_dfp != NULL) 1834 { 1835 rewind(e->e_dfp); 1836 while (!ferror(fp) && fgets(buf, sizeof buf, e->e_dfp) != NULL) 1837 { 1838 if (buf[0] == 'F' && bitnset(M_ESCFROM, m->m_flags) && 1839 strncmp(buf, "From ", 5) == 0) 1840 (void) putc('>', fp); 1841 if (buf[0] == '-' && buf[1] == '-' && separator != NULL) 1842 { 1843 /* possible separator */ 1844 int sl = strlen(separator); 1845 1846 if (strncmp(&buf[2], separator, sl) == 0) 1847 (void) putc(' ', fp); 1848 } 1849 putline(buf, fp, m); 1850 } 1851 1852 if (ferror(e->e_dfp)) 1853 { 1854 syserr("putbody: read error"); 1855 ExitStat = EX_IOERR; 1856 } 1857 } 1858 1859 /* some mailers want extra blank line at end of message */ 1860 if (bitnset(M_BLANKEND, m->m_flags) && buf[0] != '\0' && buf[0] != '\n') 1861 putline("", fp, m); 1862 1863 (void) fflush(fp); 1864 if (ferror(fp) && errno != EPIPE) 1865 { 1866 syserr("putbody: write error"); 1867 ExitStat = EX_IOERR; 1868 } 1869 errno = 0; 1870 } 1871 /* 1872 ** MAILFILE -- Send a message to a file. 1873 ** 1874 ** If the file has the setuid/setgid bits set, but NO execute 1875 ** bits, sendmail will try to become the owner of that file 1876 ** rather than the real user. Obviously, this only works if 1877 ** sendmail runs as root. 1878 ** 1879 ** This could be done as a subordinate mailer, except that it 1880 ** is used implicitly to save messages in ~/dead.letter. We 1881 ** view this as being sufficiently important as to include it 1882 ** here. For example, if the system is dying, we shouldn't have 1883 ** to create another process plus some pipes to save the message. 1884 ** 1885 ** Parameters: 1886 ** filename -- the name of the file to send to. 1887 ** ctladdr -- the controlling address header -- includes 1888 ** the userid/groupid to be when sending. 1889 ** 1890 ** Returns: 1891 ** The exit code associated with the operation. 1892 ** 1893 ** Side Effects: 1894 ** none. 1895 */ 1896 1897 mailfile(filename, ctladdr, e) 1898 char *filename; 1899 ADDRESS *ctladdr; 1900 register ENVELOPE *e; 1901 { 1902 register FILE *f; 1903 register int pid; 1904 int mode; 1905 1906 if (tTd(11, 1)) 1907 { 1908 printf("mailfile %s\n ctladdr=", filename); 1909 printaddr(ctladdr, FALSE); 1910 } 1911 1912 /* 1913 ** Fork so we can change permissions here. 1914 ** Note that we MUST use fork, not vfork, because of 1915 ** the complications of calling subroutines, etc. 1916 */ 1917 1918 DOFORK(fork); 1919 1920 if (pid < 0) 1921 return (EX_OSERR); 1922 else if (pid == 0) 1923 { 1924 /* child -- actually write to file */ 1925 struct stat stb; 1926 1927 (void) signal(SIGINT, SIG_DFL); 1928 (void) signal(SIGHUP, SIG_DFL); 1929 (void) signal(SIGTERM, SIG_DFL); 1930 (void) umask(OldUmask); 1931 1932 if (stat(filename, &stb) < 0) 1933 stb.st_mode = FileMode; 1934 mode = stb.st_mode; 1935 1936 /* limit the errors to those actually caused in the child */ 1937 errno = 0; 1938 ExitStat = EX_OK; 1939 1940 if (bitset(0111, stb.st_mode)) 1941 exit(EX_CANTCREAT); 1942 if (ctladdr == NULL) 1943 ctladdr = &e->e_from; 1944 else 1945 { 1946 /* ignore setuid and setgid bits */ 1947 mode &= ~(S_ISGID|S_ISUID); 1948 } 1949 1950 /* we have to open the dfile BEFORE setuid */ 1951 if (e->e_dfp == NULL && e->e_df != NULL) 1952 { 1953 e->e_dfp = fopen(e->e_df, "r"); 1954 if (e->e_dfp == NULL) 1955 { 1956 syserr("mailfile: Cannot open %s for %s from %s", 1957 e->e_df, e->e_to, e->e_from); 1958 } 1959 } 1960 1961 if (!bitset(S_ISGID, mode) || setgid(stb.st_gid) < 0) 1962 { 1963 if (ctladdr->q_uid == 0) 1964 { 1965 (void) setgid(DefGid); 1966 (void) initgroups(DefUser, DefGid); 1967 } 1968 else 1969 { 1970 (void) setgid(ctladdr->q_gid); 1971 (void) initgroups(ctladdr->q_ruser ? 1972 ctladdr->q_ruser : ctladdr->q_user, 1973 ctladdr->q_gid); 1974 } 1975 } 1976 if (!bitset(S_ISUID, mode) || setuid(stb.st_uid) < 0) 1977 { 1978 if (ctladdr->q_uid == 0) 1979 (void) setuid(DefUid); 1980 else 1981 (void) setuid(ctladdr->q_uid); 1982 } 1983 FileName = filename; 1984 LineNumber = 0; 1985 f = dfopen(filename, O_WRONLY|O_CREAT|O_APPEND, FileMode); 1986 if (f == NULL) 1987 { 1988 message("554 cannot open"); 1989 exit(EX_CANTCREAT); 1990 } 1991 1992 putfromline(f, FileMailer, e); 1993 (*e->e_puthdr)(f, FileMailer, e); 1994 putline("\n", f, FileMailer); 1995 (*e->e_putbody)(f, FileMailer, e, NULL); 1996 putline("\n", f, FileMailer); 1997 if (ferror(f)) 1998 { 1999 message("451 I/O error"); 2000 setstat(EX_IOERR); 2001 } 2002 (void) xfclose(f, "mailfile", filename); 2003 (void) fflush(stdout); 2004 2005 /* reset ISUID & ISGID bits for paranoid systems */ 2006 (void) chmod(filename, (int) stb.st_mode); 2007 exit(ExitStat); 2008 /*NOTREACHED*/ 2009 } 2010 else 2011 { 2012 /* parent -- wait for exit status */ 2013 int st; 2014 2015 st = waitfor(pid); 2016 if ((st & 0377) != 0) 2017 return (EX_UNAVAILABLE); 2018 else 2019 return ((st >> 8) & 0377); 2020 /*NOTREACHED*/ 2021 } 2022 } 2023 /* 2024 ** HOSTSIGNATURE -- return the "signature" for a host. 2025 ** 2026 ** The signature describes how we are going to send this -- it 2027 ** can be just the hostname (for non-Internet hosts) or can be 2028 ** an ordered list of MX hosts. 2029 ** 2030 ** Parameters: 2031 ** m -- the mailer describing this host. 2032 ** host -- the host name. 2033 ** e -- the current envelope. 2034 ** 2035 ** Returns: 2036 ** The signature for this host. 2037 ** 2038 ** Side Effects: 2039 ** Can tweak the symbol table. 2040 */ 2041 2042 char * 2043 hostsignature(m, host, e) 2044 register MAILER *m; 2045 char *host; 2046 ENVELOPE *e; 2047 { 2048 register char *p; 2049 register STAB *s; 2050 int i; 2051 int len; 2052 #ifdef NAMED_BIND 2053 int nmx; 2054 auto int rcode; 2055 char *hp; 2056 char *endp; 2057 int oldoptions; 2058 char *mxhosts[MAXMXHOSTS + 1]; 2059 #endif 2060 2061 /* 2062 ** Check to see if this uses IPC -- if not, it can't have MX records. 2063 */ 2064 2065 p = m->m_mailer; 2066 if (strcmp(p, "[IPC]") != 0 && strcmp(p, "[TCP]") != 0) 2067 { 2068 /* just an ordinary mailer */ 2069 return host; 2070 } 2071 2072 /* 2073 ** If it is a numeric address, just return it. 2074 */ 2075 2076 if (host[0] == '[') 2077 return host; 2078 2079 /* 2080 ** Look it up in the symbol table. 2081 */ 2082 2083 s = stab(host, ST_HOSTSIG, ST_ENTER); 2084 if (s->s_hostsig != NULL) 2085 return s->s_hostsig; 2086 2087 /* 2088 ** Not already there -- create a signature. 2089 */ 2090 2091 #ifdef NAMED_BIND 2092 if (ConfigLevel < 2) 2093 { 2094 oldoptions = _res.options; 2095 _res.options &= ~(RES_DEFNAMES | RES_DNSRCH); /* XXX */ 2096 } 2097 2098 for (hp = host; hp != NULL; hp = endp) 2099 { 2100 endp = strchr(hp, ':'); 2101 if (endp != NULL) 2102 *endp = '\0'; 2103 2104 nmx = getmxrr(hp, mxhosts, TRUE, &rcode); 2105 2106 if (nmx <= 0) 2107 { 2108 register MCI *mci; 2109 extern int errno; 2110 extern MCI *mci_get(); 2111 2112 /* update the connection info for this host */ 2113 mci = mci_get(hp, m); 2114 mci->mci_exitstat = rcode; 2115 mci->mci_errno = errno; 2116 2117 /* and return the original host name as the signature */ 2118 nmx = 1; 2119 mxhosts[0] = hp; 2120 } 2121 2122 len = 0; 2123 for (i = 0; i < nmx; i++) 2124 { 2125 len += strlen(mxhosts[i]) + 1; 2126 } 2127 if (s->s_hostsig != NULL) 2128 len += strlen(s->s_hostsig) + 1; 2129 p = xalloc(len); 2130 if (s->s_hostsig != NULL) 2131 { 2132 (void) strcpy(p, s->s_hostsig); 2133 free(s->s_hostsig); 2134 s->s_hostsig = p; 2135 p += strlen(p); 2136 *p++ = ':'; 2137 } 2138 else 2139 s->s_hostsig = p; 2140 for (i = 0; i < nmx; i++) 2141 { 2142 if (i != 0) 2143 *p++ = ':'; 2144 strcpy(p, mxhosts[i]); 2145 p += strlen(p); 2146 } 2147 if (endp != NULL) 2148 *endp++ = ':'; 2149 } 2150 makelower(s->s_hostsig); 2151 if (ConfigLevel < 2) 2152 _res.options = oldoptions; 2153 #else 2154 /* not using BIND -- the signature is just the host name */ 2155 s->s_hostsig = host; 2156 #endif 2157 if (tTd(17, 1)) 2158 printf("hostsignature(%s) = %s\n", host, s->s_hostsig); 2159 return s->s_hostsig; 2160 } 2161