1 /* 2 * Copyright (c) 1983 Eric P. Allman 3 * Copyright (c) 1988 Regents of the University of California. 4 * All rights reserved. 5 * 6 * %sccs.include.redist.c% 7 */ 8 9 #ifndef lint 10 static char sccsid[] = "@(#)envelope.c 5.22 (Berkeley) 06/01/90"; 11 #endif /* not lint */ 12 13 #include <sys/types.h> 14 #include <sys/time.h> 15 #include <sys/stat.h> 16 #include <pwd.h> 17 #include <sys/file.h> 18 #include "sendmail.h" 19 20 /* 21 ** NEWENVELOPE -- allocate a new envelope 22 ** 23 ** Supports inheritance. 24 ** 25 ** Parameters: 26 ** e -- the new envelope to fill in. 27 ** 28 ** Returns: 29 ** e. 30 ** 31 ** Side Effects: 32 ** none. 33 */ 34 35 ENVELOPE * 36 newenvelope(e) 37 register ENVELOPE *e; 38 { 39 register ENVELOPE *parent; 40 extern putheader(), putbody(); 41 extern ENVELOPE BlankEnvelope; 42 43 parent = CurEnv; 44 if (e == CurEnv) 45 parent = e->e_parent; 46 clearenvelope(e, TRUE); 47 if (e == CurEnv) 48 bcopy((char *) &NullAddress, (char *) &e->e_from, sizeof e->e_from); 49 else 50 bcopy((char *) &CurEnv->e_from, (char *) &e->e_from, sizeof e->e_from); 51 e->e_parent = parent; 52 e->e_ctime = curtime(); 53 e->e_msgpriority = parent->e_msgsize; 54 e->e_puthdr = putheader; 55 e->e_putbody = putbody; 56 if (CurEnv->e_xfp != NULL) 57 (void) fflush(CurEnv->e_xfp); 58 59 return (e); 60 } 61 /* 62 ** DROPENVELOPE -- deallocate an envelope. 63 ** 64 ** Parameters: 65 ** e -- the envelope to deallocate. 66 ** 67 ** Returns: 68 ** none. 69 ** 70 ** Side Effects: 71 ** housekeeping necessary to dispose of an envelope. 72 ** Unlocks this queue file. 73 */ 74 75 dropenvelope(e) 76 register ENVELOPE *e; 77 { 78 bool queueit = FALSE; 79 register ADDRESS *q; 80 81 if (tTd(50, 1)) 82 { 83 printf("dropenvelope %x id=", e); 84 xputs(e->e_id); 85 printf(" flags=%o\n", e->e_flags); 86 } 87 #ifdef LOG 88 if (LogLevel > 10) 89 syslog(LOG_DEBUG, "dropenvelope, id=%s, flags=%o, pid=%d", 90 e->e_id == NULL ? "(none)" : e->e_id, 91 e->e_flags, getpid()); 92 #endif LOG 93 94 /* we must have an id to remove disk files */ 95 if (e->e_id == NULL) 96 return; 97 98 /* 99 ** Extract state information from dregs of send list. 100 */ 101 102 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 103 { 104 if (bitset(QQUEUEUP, q->q_flags)) 105 queueit = TRUE; 106 } 107 108 /* 109 ** Send back return receipts as requested. 110 */ 111 112 if (e->e_receiptto != NULL && bitset(EF_SENDRECEIPT, e->e_flags)) 113 { 114 auto ADDRESS *rlist = NULL; 115 116 sendtolist(CurEnv->e_receiptto, (ADDRESS *) NULL, &rlist); 117 (void) returntosender("Return receipt", rlist, FALSE); 118 } 119 120 /* 121 ** Arrange to send error messages if there are fatal errors. 122 */ 123 124 if (bitset(EF_FATALERRS|EF_TIMEOUT, e->e_flags) && ErrorMode != EM_QUIET) 125 savemail(e); 126 127 /* 128 ** Instantiate or deinstantiate the queue. 129 */ 130 131 if ((!queueit && !bitset(EF_KEEPQUEUE, e->e_flags)) || 132 bitset(EF_CLRQUEUE, e->e_flags)) 133 { 134 if (e->e_df != NULL) 135 xunlink(e->e_df); 136 xunlink(queuename(e, 'q')); 137 } 138 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 139 { 140 #ifdef QUEUE 141 FILE *lockfp, *queueup(); 142 lockfp = queueup(e, FALSE, FALSE); 143 if (lockfp != NULL) 144 (void) fclose(lockfp); 145 #else QUEUE 146 syserr("dropenvelope: queueup"); 147 #endif QUEUE 148 } 149 150 /* now unlock the job */ 151 closexscript(e); 152 unlockqueue(e); 153 154 /* make sure that this envelope is marked unused */ 155 e->e_id = e->e_df = NULL; 156 if (e->e_dfp != NULL) 157 (void) fclose(e->e_dfp); 158 e->e_dfp = NULL; 159 } 160 /* 161 ** CLEARENVELOPE -- clear an envelope without unlocking 162 ** 163 ** This is normally used by a child process to get a clean 164 ** envelope without disturbing the parent. 165 ** 166 ** Parameters: 167 ** e -- the envelope to clear. 168 ** fullclear - if set, the current envelope is total 169 ** garbage and should be ignored; otherwise, 170 ** release any resources it may indicate. 171 ** 172 ** Returns: 173 ** none. 174 ** 175 ** Side Effects: 176 ** Closes files associated with the envelope. 177 ** Marks the envelope as unallocated. 178 */ 179 180 clearenvelope(e, fullclear) 181 register ENVELOPE *e; 182 bool fullclear; 183 { 184 register HDR *bh; 185 register HDR **nhp; 186 extern ENVELOPE BlankEnvelope; 187 188 if (!fullclear) 189 { 190 /* clear out any file information */ 191 if (e->e_xfp != NULL) 192 (void) fclose(e->e_xfp); 193 if (e->e_dfp != NULL) 194 (void) fclose(e->e_dfp); 195 } 196 197 /* now clear out the data */ 198 STRUCTCOPY(BlankEnvelope, *e); 199 bh = BlankEnvelope.e_header; 200 nhp = &e->e_header; 201 while (bh != NULL) 202 { 203 *nhp = (HDR *) xalloc(sizeof *bh); 204 bcopy((char *) bh, (char *) *nhp, sizeof *bh); 205 bh = bh->h_link; 206 nhp = &(*nhp)->h_link; 207 } 208 } 209 /* 210 ** INITSYS -- initialize instantiation of system 211 ** 212 ** In Daemon mode, this is done in the child. 213 ** 214 ** Parameters: 215 ** none. 216 ** 217 ** Returns: 218 ** none. 219 ** 220 ** Side Effects: 221 ** Initializes the system macros, some global variables, 222 ** etc. In particular, the current time in various 223 ** forms is set. 224 */ 225 226 initsys() 227 { 228 static char cbuf[5]; /* holds hop count */ 229 static char pbuf[10]; /* holds pid */ 230 #ifdef TTYNAME 231 static char ybuf[10]; /* holds tty id */ 232 register char *p; 233 #endif TTYNAME 234 extern char *ttyname(); 235 extern char *macvalue(); 236 extern char Version[]; 237 238 /* 239 ** Give this envelope a reality. 240 ** I.e., an id, a transcript, and a creation time. 241 */ 242 243 openxscript(CurEnv); 244 CurEnv->e_ctime = curtime(); 245 246 /* 247 ** Set OutChannel to something useful if stdout isn't it. 248 ** This arranges that any extra stuff the mailer produces 249 ** gets sent back to the user on error (because it is 250 ** tucked away in the transcript). 251 */ 252 253 if (OpMode == MD_DAEMON && QueueRun) 254 OutChannel = CurEnv->e_xfp; 255 256 /* 257 ** Set up some basic system macros. 258 */ 259 260 /* process id */ 261 (void) sprintf(pbuf, "%d", getpid()); 262 define('p', pbuf, CurEnv); 263 264 /* hop count */ 265 (void) sprintf(cbuf, "%d", CurEnv->e_hopcount); 266 define('c', cbuf, CurEnv); 267 268 /* time as integer, unix time, arpa time */ 269 settime(); 270 271 #ifdef TTYNAME 272 /* tty name */ 273 if (macvalue('y', CurEnv) == NULL) 274 { 275 p = ttyname(2); 276 if (p != NULL) 277 { 278 if (rindex(p, '/') != NULL) 279 p = rindex(p, '/') + 1; 280 (void) strcpy(ybuf, p); 281 define('y', ybuf, CurEnv); 282 } 283 } 284 #endif TTYNAME 285 } 286 /* 287 ** SETTIME -- set the current time. 288 ** 289 ** Parameters: 290 ** none. 291 ** 292 ** Returns: 293 ** none. 294 ** 295 ** Side Effects: 296 ** Sets the various time macros -- $a, $b, $d, $t. 297 */ 298 299 settime() 300 { 301 register char *p; 302 auto time_t now; 303 static char tbuf[20]; /* holds "current" time */ 304 static char dbuf[30]; /* holds ctime(tbuf) */ 305 register struct tm *tm; 306 extern char *arpadate(); 307 extern struct tm *gmtime(); 308 extern char *macvalue(); 309 310 now = curtime(); 311 tm = gmtime(&now); 312 (void) sprintf(tbuf, "%02d%02d%02d%02d%02d", tm->tm_year, tm->tm_mon+1, 313 tm->tm_mday, tm->tm_hour, tm->tm_min); 314 define('t', tbuf, CurEnv); 315 (void) strcpy(dbuf, ctime(&now)); 316 *index(dbuf, '\n') = '\0'; 317 if (macvalue('d', CurEnv) == NULL) 318 define('d', dbuf, CurEnv); 319 p = newstr(arpadate(dbuf)); 320 if (macvalue('a', CurEnv) == NULL) 321 define('a', p, CurEnv); 322 define('b', p, CurEnv); 323 } 324 /* 325 ** OPENXSCRIPT -- Open transcript file 326 ** 327 ** Creates a transcript file for possible eventual mailing or 328 ** sending back. 329 ** 330 ** Parameters: 331 ** e -- the envelope to create the transcript in/for. 332 ** 333 ** Returns: 334 ** none 335 ** 336 ** Side Effects: 337 ** Creates the transcript file. 338 */ 339 340 openxscript(e) 341 register ENVELOPE *e; 342 { 343 register char *p; 344 int fd; 345 346 # ifdef LOG 347 if (LogLevel > 19) 348 syslog(LOG_DEBUG, "%s: openx%s", e->e_id, e->e_xfp == NULL ? "" : " (no)"); 349 # endif LOG 350 if (e->e_xfp != NULL) 351 return; 352 p = queuename(e, 'x'); 353 fd = open(p, O_WRONLY|O_CREAT, 0644); 354 if (fd < 0) 355 syserr("Can't create %s", p); 356 else 357 e->e_xfp = fdopen(fd, "w"); 358 } 359 /* 360 ** CLOSEXSCRIPT -- close the transcript file. 361 ** 362 ** Parameters: 363 ** e -- the envelope containing the transcript to close. 364 ** 365 ** Returns: 366 ** none. 367 ** 368 ** Side Effects: 369 ** none. 370 */ 371 372 closexscript(e) 373 register ENVELOPE *e; 374 { 375 if (e->e_xfp == NULL) 376 return; 377 (void) fclose(e->e_xfp); 378 e->e_xfp = NULL; 379 } 380 /* 381 ** SETSENDER -- set the person who this message is from 382 ** 383 ** Under certain circumstances allow the user to say who 384 ** s/he is (using -f or -r). These are: 385 ** 1. The user's uid is zero (root). 386 ** 2. The user's login name is in an approved list (typically 387 ** from a network server). 388 ** 3. The address the user is trying to claim has a 389 ** "!" character in it (since #2 doesn't do it for 390 ** us if we are dialing out for UUCP). 391 ** A better check to replace #3 would be if the 392 ** effective uid is "UUCP" -- this would require me 393 ** to rewrite getpwent to "grab" uucp as it went by, 394 ** make getname more nasty, do another passwd file 395 ** scan, or compile the UID of "UUCP" into the code, 396 ** all of which are reprehensible. 397 ** 398 ** Assuming all of these fail, we figure out something 399 ** ourselves. 400 ** 401 ** Parameters: 402 ** from -- the person we would like to believe this message 403 ** is from, as specified on the command line. 404 ** 405 ** Returns: 406 ** none. 407 ** 408 ** Side Effects: 409 ** sets sendmail's notion of who the from person is. 410 */ 411 412 setsender(from) 413 char *from; 414 { 415 register char **pvp; 416 char *realname = NULL; 417 register struct passwd *pw; 418 char buf[MAXNAME]; 419 char pvpbuf[PSBUFSIZE]; 420 extern struct passwd *getpwnam(); 421 extern char *macvalue(); 422 extern char **prescan(); 423 extern bool safefile(); 424 extern char *FullName; 425 426 if (tTd(45, 1)) 427 printf("setsender(%s)\n", from == NULL ? "" : from); 428 429 /* 430 ** Figure out the real user executing us. 431 ** Username can return errno != 0 on non-errors. 432 */ 433 434 if (QueueRun || OpMode == MD_SMTP || OpMode == MD_ARPAFTP) 435 realname = from; 436 if (realname == NULL || realname[0] == '\0') 437 { 438 extern char *username(); 439 440 realname = username(); 441 } 442 443 /* 444 ** Determine if this real person is allowed to alias themselves. 445 */ 446 447 if (from != NULL) 448 { 449 extern bool trusteduser(); 450 451 if (!trusteduser(realname) && getuid() != geteuid() && 452 index(from, '!') == NULL && getuid() != 0) 453 { 454 /* network sends -r regardless (why why why?) */ 455 /* syserr("%s, you cannot use the -f flag", realname); */ 456 from = NULL; 457 } 458 } 459 460 SuprErrs = TRUE; 461 if (from == NULL || parseaddr(from, &CurEnv->e_from, 1, '\0') == NULL) 462 { 463 /* log garbage addresses for traceback */ 464 if (from != NULL) 465 { 466 # ifdef LOG 467 if (LogLevel >= 1) 468 if (realname == from && RealHostName != NULL) 469 syslog(LOG_NOTICE, 470 "from=%s unparseable, received from %s", 471 from, RealHostName); 472 else 473 syslog(LOG_NOTICE, 474 "Unparseable username %s wants from=%s", 475 realname, from); 476 # endif LOG 477 } 478 from = newstr(realname); 479 if (parseaddr(from, &CurEnv->e_from, 1, '\0') == NULL && 480 parseaddr("postmaster", &CurEnv->e_from, 1, '\0') == NULL) 481 { 482 syserr("setsender: can't even parse postmaster!"); 483 } 484 } 485 else 486 FromFlag = TRUE; 487 CurEnv->e_from.q_flags |= QDONTSEND; 488 loweraddr(&CurEnv->e_from); 489 SuprErrs = FALSE; 490 491 if (CurEnv->e_from.q_mailer == LocalMailer && 492 (pw = getpwnam(CurEnv->e_from.q_user)) != NULL) 493 { 494 /* 495 ** Process passwd file entry. 496 */ 497 498 499 /* extract home directory */ 500 CurEnv->e_from.q_home = newstr(pw->pw_dir); 501 define('z', CurEnv->e_from.q_home, CurEnv); 502 503 /* extract user and group id */ 504 CurEnv->e_from.q_uid = pw->pw_uid; 505 CurEnv->e_from.q_gid = pw->pw_gid; 506 507 /* if the user has given fullname already, don't redefine */ 508 if (FullName == NULL) 509 FullName = macvalue('x', CurEnv); 510 if (FullName != NULL && FullName[0] == '\0') 511 FullName = NULL; 512 513 /* extract full name from passwd file */ 514 if (FullName == NULL && pw->pw_gecos != NULL && 515 strcmp(pw->pw_name, CurEnv->e_from.q_user) == 0) 516 { 517 buildfname(pw->pw_gecos, CurEnv->e_from.q_user, buf); 518 if (buf[0] != '\0') 519 FullName = newstr(buf); 520 } 521 if (FullName != NULL) 522 define('x', FullName, CurEnv); 523 } 524 else 525 { 526 if (CurEnv->e_from.q_home == NULL) 527 CurEnv->e_from.q_home = getenv("HOME"); 528 CurEnv->e_from.q_uid = getuid(); 529 CurEnv->e_from.q_gid = getgid(); 530 } 531 532 /* 533 ** Rewrite the from person to dispose of possible implicit 534 ** links in the net. 535 */ 536 537 pvp = prescan(from, '\0', pvpbuf); 538 if (pvp == NULL) 539 { 540 # ifdef LOG 541 if (LogLevel >= 1) 542 syslog(LOG_NOTICE, "cannot prescan from (%s)", from); 543 # endif 544 usrerr("cannot prescan from (%s)", from); 545 finis(); 546 } 547 rewrite(pvp, 3); 548 rewrite(pvp, 1); 549 rewrite(pvp, 4); 550 cataddr(pvp, buf, sizeof buf); 551 define('f', newstr(buf), CurEnv); 552 553 /* save the domain spec if this mailer wants it */ 554 if (CurEnv->e_from.q_mailer != NULL && 555 bitnset(M_CANONICAL, CurEnv->e_from.q_mailer->m_flags)) 556 { 557 extern char **copyplist(); 558 559 while (*pvp != NULL && strcmp(*pvp, "@") != 0) 560 pvp++; 561 if (*pvp != NULL) 562 CurEnv->e_fromdomain = copyplist(pvp, TRUE); 563 } 564 } 565 /* 566 ** TRUSTEDUSER -- tell us if this user is to be trusted. 567 ** 568 ** Parameters: 569 ** user -- the user to be checked. 570 ** 571 ** Returns: 572 ** TRUE if the user is in an approved list. 573 ** FALSE otherwise. 574 ** 575 ** Side Effects: 576 ** none. 577 */ 578 579 bool 580 trusteduser(user) 581 char *user; 582 { 583 register char **ulist; 584 extern char *TrustedUsers[]; 585 586 for (ulist = TrustedUsers; *ulist != NULL; ulist++) 587 if (strcmp(*ulist, user) == 0) 588 return (TRUE); 589 return (FALSE); 590 } 591