1 /* 2 * Copyright (c) 1983 Eric P. Allman 3 * Copyright (c) 1988 Regents of the University of California. 4 * All rights reserved. 5 * 6 * %sccs.include.redist.c% 7 */ 8 9 #ifndef lint 10 static char sccsid[] = "@(#)envelope.c 5.29 (Berkeley) 07/13/92"; 11 #endif /* not lint */ 12 13 #include <sys/types.h> 14 #include <sys/time.h> 15 #include <sys/stat.h> 16 #include <pwd.h> 17 #include <sys/file.h> 18 #include "sendmail.h" 19 20 /* 21 ** NEWENVELOPE -- allocate a new envelope 22 ** 23 ** Supports inheritance. 24 ** 25 ** Parameters: 26 ** e -- the new envelope to fill in. 27 ** 28 ** Returns: 29 ** e. 30 ** 31 ** Side Effects: 32 ** none. 33 */ 34 35 ENVELOPE * 36 newenvelope(e) 37 register ENVELOPE *e; 38 { 39 register ENVELOPE *parent; 40 extern putheader(), putbody(); 41 extern ENVELOPE BlankEnvelope; 42 43 parent = CurEnv; 44 if (e == CurEnv) 45 parent = e->e_parent; 46 clearenvelope(e, TRUE); 47 if (e == CurEnv) 48 bcopy((char *) &NullAddress, (char *) &e->e_from, sizeof e->e_from); 49 else 50 bcopy((char *) &CurEnv->e_from, (char *) &e->e_from, sizeof e->e_from); 51 e->e_parent = parent; 52 e->e_ctime = curtime(); 53 e->e_msgpriority = parent->e_msgsize; 54 e->e_puthdr = putheader; 55 e->e_putbody = putbody; 56 if (CurEnv->e_xfp != NULL) 57 (void) fflush(CurEnv->e_xfp); 58 59 return (e); 60 } 61 /* 62 ** DROPENVELOPE -- deallocate an envelope. 63 ** 64 ** Parameters: 65 ** e -- the envelope to deallocate. 66 ** 67 ** Returns: 68 ** none. 69 ** 70 ** Side Effects: 71 ** housekeeping necessary to dispose of an envelope. 72 ** Unlocks this queue file. 73 */ 74 75 dropenvelope(e) 76 register ENVELOPE *e; 77 { 78 bool queueit = FALSE; 79 register ADDRESS *q; 80 81 if (tTd(50, 1)) 82 { 83 printf("dropenvelope %x id=", e); 84 xputs(e->e_id); 85 printf(" flags=%o\n", e->e_flags); 86 } 87 #ifdef LOG 88 if (LogLevel > 10) 89 syslog(LOG_DEBUG, "dropenvelope, id=%s, flags=%o, pid=%d", 90 e->e_id == NULL ? "(none)" : e->e_id, 91 e->e_flags, getpid()); 92 #endif LOG 93 94 /* we must have an id to remove disk files */ 95 if (e->e_id == NULL) 96 return; 97 98 /* 99 ** Extract state information from dregs of send list. 100 */ 101 102 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 103 { 104 if (bitset(QQUEUEUP, q->q_flags)) 105 queueit = TRUE; 106 } 107 108 /* 109 ** Send back return receipts as requested. 110 */ 111 112 if (e->e_receiptto != NULL && bitset(EF_SENDRECEIPT, e->e_flags)) 113 { 114 auto ADDRESS *rlist = NULL; 115 116 sendtolist(e->e_receiptto, (ADDRESS *) NULL, &rlist, e); 117 (void) returntosender("Return receipt", rlist, FALSE, e); 118 } 119 120 /* 121 ** Arrange to send error messages if there are fatal errors. 122 */ 123 124 if (bitset(EF_FATALERRS|EF_TIMEOUT, e->e_flags) && ErrorMode != EM_QUIET) 125 savemail(e); 126 127 /* 128 ** Instantiate or deinstantiate the queue. 129 */ 130 131 if ((!queueit && !bitset(EF_KEEPQUEUE, e->e_flags)) || 132 bitset(EF_CLRQUEUE, e->e_flags)) 133 { 134 if (e->e_df != NULL) 135 xunlink(e->e_df); 136 xunlink(queuename(e, 'q')); 137 } 138 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 139 { 140 #ifdef QUEUE 141 queueup(e, FALSE, FALSE); 142 #else QUEUE 143 syserr("dropenvelope: queueup"); 144 #endif QUEUE 145 } 146 147 /* now unlock the job */ 148 closexscript(e); 149 unlockqueue(e); 150 151 /* make sure that this envelope is marked unused */ 152 e->e_id = e->e_df = NULL; 153 if (e->e_dfp != NULL) 154 (void) fclose(e->e_dfp); 155 e->e_dfp = NULL; 156 } 157 /* 158 ** CLEARENVELOPE -- clear an envelope without unlocking 159 ** 160 ** This is normally used by a child process to get a clean 161 ** envelope without disturbing the parent. 162 ** 163 ** Parameters: 164 ** e -- the envelope to clear. 165 ** fullclear - if set, the current envelope is total 166 ** garbage and should be ignored; otherwise, 167 ** release any resources it may indicate. 168 ** 169 ** Returns: 170 ** none. 171 ** 172 ** Side Effects: 173 ** Closes files associated with the envelope. 174 ** Marks the envelope as unallocated. 175 */ 176 177 clearenvelope(e, fullclear) 178 register ENVELOPE *e; 179 bool fullclear; 180 { 181 register HDR *bh; 182 register HDR **nhp; 183 extern ENVELOPE BlankEnvelope; 184 185 if (!fullclear) 186 { 187 /* clear out any file information */ 188 if (e->e_xfp != NULL) 189 (void) fclose(e->e_xfp); 190 if (e->e_dfp != NULL) 191 (void) fclose(e->e_dfp); 192 } 193 194 /* now clear out the data */ 195 STRUCTCOPY(BlankEnvelope, *e); 196 bh = BlankEnvelope.e_header; 197 nhp = &e->e_header; 198 while (bh != NULL) 199 { 200 *nhp = (HDR *) xalloc(sizeof *bh); 201 bcopy((char *) bh, (char *) *nhp, sizeof *bh); 202 bh = bh->h_link; 203 nhp = &(*nhp)->h_link; 204 } 205 } 206 /* 207 ** INITSYS -- initialize instantiation of system 208 ** 209 ** In Daemon mode, this is done in the child. 210 ** 211 ** Parameters: 212 ** none. 213 ** 214 ** Returns: 215 ** none. 216 ** 217 ** Side Effects: 218 ** Initializes the system macros, some global variables, 219 ** etc. In particular, the current time in various 220 ** forms is set. 221 */ 222 223 initsys(e) 224 register ENVELOPE *e; 225 { 226 static char cbuf[5]; /* holds hop count */ 227 static char pbuf[10]; /* holds pid */ 228 #ifdef TTYNAME 229 static char ybuf[10]; /* holds tty id */ 230 register char *p; 231 #endif TTYNAME 232 extern char *ttyname(); 233 extern char *macvalue(); 234 extern char Version[]; 235 236 /* 237 ** Give this envelope a reality. 238 ** I.e., an id, a transcript, and a creation time. 239 */ 240 241 openxscript(e); 242 e->e_ctime = curtime(); 243 244 /* 245 ** Set OutChannel to something useful if stdout isn't it. 246 ** This arranges that any extra stuff the mailer produces 247 ** gets sent back to the user on error (because it is 248 ** tucked away in the transcript). 249 */ 250 251 if (OpMode == MD_DAEMON && QueueRun) 252 OutChannel = e->e_xfp; 253 254 /* 255 ** Set up some basic system macros. 256 */ 257 258 /* process id */ 259 (void) sprintf(pbuf, "%d", getpid()); 260 define('p', pbuf, e); 261 262 /* hop count */ 263 (void) sprintf(cbuf, "%d", e->e_hopcount); 264 define('c', cbuf, e); 265 266 /* time as integer, unix time, arpa time */ 267 settime(e); 268 269 #ifdef TTYNAME 270 /* tty name */ 271 if (macvalue('y', e) == NULL) 272 { 273 p = ttyname(2); 274 if (p != NULL) 275 { 276 if (rindex(p, '/') != NULL) 277 p = rindex(p, '/') + 1; 278 (void) strcpy(ybuf, p); 279 define('y', ybuf, e); 280 } 281 } 282 #endif TTYNAME 283 } 284 /* 285 ** SETTIME -- set the current time. 286 ** 287 ** Parameters: 288 ** none. 289 ** 290 ** Returns: 291 ** none. 292 ** 293 ** Side Effects: 294 ** Sets the various time macros -- $a, $b, $d, $t. 295 */ 296 297 settime(e) 298 register ENVELOPE *e; 299 { 300 register char *p; 301 auto time_t now; 302 static char tbuf[20]; /* holds "current" time */ 303 static char dbuf[30]; /* holds ctime(tbuf) */ 304 register struct tm *tm; 305 extern char *arpadate(); 306 extern struct tm *gmtime(); 307 extern char *macvalue(); 308 309 now = curtime(); 310 tm = gmtime(&now); 311 (void) sprintf(tbuf, "%02d%02d%02d%02d%02d", tm->tm_year, tm->tm_mon+1, 312 tm->tm_mday, tm->tm_hour, tm->tm_min); 313 define('t', tbuf, e); 314 (void) strcpy(dbuf, ctime(&now)); 315 *index(dbuf, '\n') = '\0'; 316 if (macvalue('d', e) == NULL) 317 define('d', dbuf, e); 318 p = newstr(arpadate(dbuf)); 319 if (macvalue('a', e) == NULL) 320 define('a', p, e); 321 define('b', p, e); 322 } 323 /* 324 ** OPENXSCRIPT -- Open transcript file 325 ** 326 ** Creates a transcript file for possible eventual mailing or 327 ** sending back. 328 ** 329 ** Parameters: 330 ** e -- the envelope to create the transcript in/for. 331 ** 332 ** Returns: 333 ** none 334 ** 335 ** Side Effects: 336 ** Creates the transcript file. 337 */ 338 339 openxscript(e) 340 register ENVELOPE *e; 341 { 342 register char *p; 343 int fd; 344 345 # ifdef LOG 346 if (LogLevel > 19) 347 syslog(LOG_DEBUG, "%s: openx%s", e->e_id, e->e_xfp == NULL ? "" : " (no)"); 348 # endif LOG 349 if (e->e_xfp != NULL) 350 return; 351 p = queuename(e, 'x'); 352 fd = open(p, O_WRONLY|O_CREAT, 0644); 353 if (fd < 0) 354 syserr("Can't create %s", p); 355 else 356 e->e_xfp = fdopen(fd, "w"); 357 } 358 /* 359 ** CLOSEXSCRIPT -- close the transcript file. 360 ** 361 ** Parameters: 362 ** e -- the envelope containing the transcript to close. 363 ** 364 ** Returns: 365 ** none. 366 ** 367 ** Side Effects: 368 ** none. 369 */ 370 371 closexscript(e) 372 register ENVELOPE *e; 373 { 374 if (e->e_xfp == NULL) 375 return; 376 (void) fclose(e->e_xfp); 377 e->e_xfp = NULL; 378 } 379 /* 380 ** SETSENDER -- set the person who this message is from 381 ** 382 ** Under certain circumstances allow the user to say who 383 ** s/he is (using -f or -r). These are: 384 ** 1. The user's uid is zero (root). 385 ** 2. The user's login name is in an approved list (typically 386 ** from a network server). 387 ** 3. The address the user is trying to claim has a 388 ** "!" character in it (since #2 doesn't do it for 389 ** us if we are dialing out for UUCP). 390 ** A better check to replace #3 would be if the 391 ** effective uid is "UUCP" -- this would require me 392 ** to rewrite getpwent to "grab" uucp as it went by, 393 ** make getname more nasty, do another passwd file 394 ** scan, or compile the UID of "UUCP" into the code, 395 ** all of which are reprehensible. 396 ** 397 ** Assuming all of these fail, we figure out something 398 ** ourselves. 399 ** 400 ** Parameters: 401 ** from -- the person we would like to believe this message 402 ** is from, as specified on the command line. 403 ** e -- the envelope in which we would like the sender set. 404 ** 405 ** Returns: 406 ** none. 407 ** 408 ** Side Effects: 409 ** sets sendmail's notion of who the from person is. 410 */ 411 412 setsender(from, e) 413 char *from; 414 register ENVELOPE *e; 415 { 416 register char **pvp; 417 char *realname = NULL; 418 register struct passwd *pw; 419 char buf[MAXNAME]; 420 char pvpbuf[PSBUFSIZE]; 421 extern struct passwd *getpwnam(); 422 extern char *macvalue(); 423 extern char **prescan(); 424 extern bool safefile(); 425 extern char *FullName; 426 427 if (tTd(45, 1)) 428 printf("setsender(%s)\n", from == NULL ? "" : from); 429 430 /* 431 ** Figure out the real user executing us. 432 ** Username can return errno != 0 on non-errors. 433 */ 434 435 if (QueueRun || OpMode == MD_SMTP) 436 realname = from; 437 if (realname == NULL || realname[0] == '\0') 438 { 439 extern char *username(); 440 441 realname = username(); 442 } 443 444 /* 445 ** Determine if this real person is allowed to alias themselves. 446 */ 447 448 if (from != NULL) 449 { 450 extern bool trusteduser(); 451 452 if (!trusteduser(realname) && getuid() != geteuid() && 453 index(from, '!') == NULL && getuid() != 0) 454 { 455 /* network sends -r regardless (why why why?) */ 456 /* syserr("%s, you cannot use the -f flag", realname); */ 457 from = NULL; 458 } 459 } 460 461 SuprErrs = TRUE; 462 if (from == NULL || parseaddr(from, &e->e_from, 1, '\0', e) == NULL) 463 { 464 /* log garbage addresses for traceback */ 465 # ifdef LOG 466 if (from != NULL && LogLevel >= 1) 467 { 468 char *host = RealHostName; 469 470 if (host == NULL) 471 host = MyHostName; 472 syslog(LOG_NOTICE, 473 "from=%s unparseable, received from %s@%s", 474 from, realname, host); 475 } 476 # endif LOG 477 from = newstr(realname); 478 if (parseaddr(from, &e->e_from, 1, '\0', e) == NULL && 479 parseaddr("postmaster", &e->e_from, 1, '\0', e) == NULL) 480 { 481 syserr("setsender: can't even parse postmaster!"); 482 } 483 } 484 else 485 FromFlag = TRUE; 486 e->e_from.q_flags |= QDONTSEND; 487 loweraddr(&e->e_from); 488 SuprErrs = FALSE; 489 490 pvp = NULL; 491 if (e->e_from.q_mailer == LocalMailer) 492 { 493 # ifdef USERDB 494 register char *p; 495 extern char *udbsender(); 496 # endif 497 498 /* if the user has given fullname already, don't redefine */ 499 if (FullName == NULL) 500 FullName = macvalue('x', e); 501 if (FullName != NULL && FullName[0] == '\0') 502 FullName = NULL; 503 504 # ifdef USERDB 505 p = udbsender(from); 506 507 if (p != NULL) 508 { 509 /* 510 ** We have an alternate address for the sender 511 */ 512 513 pvp = prescan(p, '\0', pvpbuf); 514 } 515 # endif /* USERDB */ 516 517 if ((pw = getpwnam(e->e_from.q_user)) != NULL) 518 { 519 /* 520 ** Process passwd file entry. 521 */ 522 523 524 /* extract home directory */ 525 e->e_from.q_home = newstr(pw->pw_dir); 526 define('z', e->e_from.q_home, e); 527 528 /* extract user and group id */ 529 e->e_from.q_uid = pw->pw_uid; 530 e->e_from.q_gid = pw->pw_gid; 531 532 /* extract full name from passwd file */ 533 if (FullName == NULL && pw->pw_gecos != NULL && 534 strcmp(pw->pw_name, e->e_from.q_user) == 0) 535 { 536 buildfname(pw->pw_gecos, e->e_from.q_user, buf); 537 if (buf[0] != '\0') 538 FullName = newstr(buf); 539 } 540 } 541 if (FullName != NULL) 542 define('x', FullName, e); 543 } 544 else 545 { 546 if (e->e_from.q_home == NULL) 547 e->e_from.q_home = getenv("HOME"); 548 e->e_from.q_uid = getuid(); 549 e->e_from.q_gid = getgid(); 550 } 551 552 /* 553 ** Rewrite the from person to dispose of possible implicit 554 ** links in the net. 555 */ 556 557 if (pvp == NULL) 558 pvp = prescan(from, '\0', pvpbuf); 559 if (pvp == NULL) 560 { 561 # ifdef LOG 562 if (LogLevel >= 1) 563 syslog(LOG_NOTICE, "cannot prescan from (%s)", from); 564 # endif 565 usrerr("cannot prescan from (%s)", from); 566 finis(); 567 } 568 rewrite(pvp, 3); 569 rewrite(pvp, 1); 570 rewrite(pvp, 4); 571 cataddr(pvp, buf, sizeof buf); 572 e->e_sender = e->e_returnpath = newstr(buf); 573 574 define('f', e->e_sender, e); 575 576 /* save the domain spec if this mailer wants it */ 577 if (e->e_from.q_mailer != NULL && 578 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags)) 579 { 580 extern char **copyplist(); 581 582 while (*pvp != NULL && strcmp(*pvp, "@") != 0) 583 pvp++; 584 if (*pvp != NULL) 585 e->e_fromdomain = copyplist(pvp, TRUE); 586 } 587 } 588 /* 589 ** TRUSTEDUSER -- tell us if this user is to be trusted. 590 ** 591 ** Parameters: 592 ** user -- the user to be checked. 593 ** 594 ** Returns: 595 ** TRUE if the user is in an approved list. 596 ** FALSE otherwise. 597 ** 598 ** Side Effects: 599 ** none. 600 */ 601 602 bool 603 trusteduser(user) 604 char *user; 605 { 606 register char **ulist; 607 extern char *TrustedUsers[]; 608 609 for (ulist = TrustedUsers; *ulist != NULL; ulist++) 610 if (strcmp(*ulist, user) == 0) 611 return (TRUE); 612 return (FALSE); 613 } 614