1 /*
2 * Copyright (c) 1983 Eric P. Allman
3 * Copyright (c) 1988 Regents of the University of California.
4 * All rights reserved.
5 *
6 * %sccs.include.redist.c%
7 */
8
9 #ifndef lint
10 static char sccsid[] = "@(#)envelope.c 5.31 (Berkeley) 09/09/92";
11 #endif /* not lint */
12
13 #include <sys/types.h>
14 #include <sys/time.h>
15 #include <sys/stat.h>
16 #include <pwd.h>
17 #include <sys/file.h>
18 #include "sendmail.h"
19
20 /*
21 ** NEWENVELOPE -- allocate a new envelope
22 **
23 ** Supports inheritance.
24 **
25 ** Parameters:
26 ** e -- the new envelope to fill in.
27 **
28 ** Returns:
29 ** e.
30 **
31 ** Side Effects:
32 ** none.
33 */
34
35 ENVELOPE *
36 newenvelope(e)
37 register ENVELOPE *e;
38 {
39 register ENVELOPE *parent;
40 extern putheader(), putbody();
41 extern ENVELOPE BlankEnvelope;
42
43 parent = CurEnv;
44 if (e == CurEnv && e->e_parent != NULL)
45 parent = e->e_parent;
46 clearenvelope(e, TRUE);
47 if (e == CurEnv)
48 bcopy((char *) &NullAddress, (char *) &e->e_from, sizeof e->e_from);
49 else
50 bcopy((char *) &CurEnv->e_from, (char *) &e->e_from, sizeof e->e_from);
51 e->e_parent = parent;
52 e->e_ctime = curtime();
53 if (parent != NULL)
54 e->e_msgpriority = parent->e_msgsize;
55 e->e_puthdr = putheader;
56 e->e_putbody = putbody;
57 if (CurEnv->e_xfp != NULL)
58 (void) fflush(CurEnv->e_xfp);
59
60 return (e);
61 }
62 �/*
63 ** DROPENVELOPE -- deallocate an envelope.
64 **
65 ** Parameters:
66 ** e -- the envelope to deallocate.
67 **
68 ** Returns:
69 ** none.
70 **
71 ** Side Effects:
72 ** housekeeping necessary to dispose of an envelope.
73 ** Unlocks this queue file.
74 */
75
76 dropenvelope(e)
77 register ENVELOPE *e;
78 {
79 bool queueit = FALSE;
80 register ADDRESS *q;
81
82 if (tTd(50, 1))
83 {
84 printf("dropenvelope %x id=", e);
85 xputs(e->e_id);
86 printf(" flags=%o\n", e->e_flags);
87 }
88 #ifdef LOG
89 if (LogLevel > 12)
90 syslog(LOG_DEBUG, "dropenvelope, id=%s, flags=%o, pid=%d",
91 e->e_id == NULL ? "(none)" : e->e_id,
92 e->e_flags, getpid());
93 #endif LOG
94
95 /* we must have an id to remove disk files */
96 if (e->e_id == NULL)
97 return;
98
99 /*
100 ** Extract state information from dregs of send list.
101 */
102
103 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
104 {
105 if (bitset(QQUEUEUP, q->q_flags))
106 queueit = TRUE;
107 }
108
109 /*
110 ** Send back return receipts as requested.
111 */
112
113 if (e->e_receiptto != NULL && bitset(EF_SENDRECEIPT, e->e_flags))
114 {
115 auto ADDRESS *rlist = NULL;
116
117 sendtolist(e->e_receiptto, (ADDRESS *) NULL, &rlist, e);
118 (void) returntosender("Return receipt", rlist, FALSE, e);
119 }
120
121 /*
122 ** Arrange to send error messages if there are fatal errors.
123 */
124
125 if (bitset(EF_FATALERRS|EF_TIMEOUT, e->e_flags) && ErrorMode != EM_QUIET)
126 savemail(e);
127
128 /*
129 ** Instantiate or deinstantiate the queue.
130 */
131
132 if ((!queueit && !bitset(EF_KEEPQUEUE, e->e_flags)) ||
133 bitset(EF_CLRQUEUE, e->e_flags))
134 {
135 if (e->e_df != NULL)
136 xunlink(e->e_df);
137 xunlink(queuename(e, 'q'));
138 }
139 else if (queueit || !bitset(EF_INQUEUE, e->e_flags))
140 {
141 #ifdef QUEUE
142 queueup(e, FALSE, FALSE);
143 #else QUEUE
144 syserr("dropenvelope: queueup");
145 #endif QUEUE
146 }
147
148 /* now unlock the job */
149 closexscript(e);
150 unlockqueue(e);
151
152 /* make sure that this envelope is marked unused */
153 e->e_id = e->e_df = NULL;
154 if (e->e_dfp != NULL)
155 (void) fclose(e->e_dfp);
156 e->e_dfp = NULL;
157 }
158 �/*
159 ** CLEARENVELOPE -- clear an envelope without unlocking
160 **
161 ** This is normally used by a child process to get a clean
162 ** envelope without disturbing the parent.
163 **
164 ** Parameters:
165 ** e -- the envelope to clear.
166 ** fullclear - if set, the current envelope is total
167 ** garbage and should be ignored; otherwise,
168 ** release any resources it may indicate.
169 **
170 ** Returns:
171 ** none.
172 **
173 ** Side Effects:
174 ** Closes files associated with the envelope.
175 ** Marks the envelope as unallocated.
176 */
177
178 clearenvelope(e, fullclear)
179 register ENVELOPE *e;
180 bool fullclear;
181 {
182 register HDR *bh;
183 register HDR **nhp;
184 extern ENVELOPE BlankEnvelope;
185
186 if (!fullclear)
187 {
188 /* clear out any file information */
189 if (e->e_xfp != NULL)
190 (void) fclose(e->e_xfp);
191 if (e->e_dfp != NULL)
192 (void) fclose(e->e_dfp);
193 }
194
195 /* now clear out the data */
196 STRUCTCOPY(BlankEnvelope, *e);
197 bh = BlankEnvelope.e_header;
198 nhp = &e->e_header;
199 while (bh != NULL)
200 {
201 *nhp = (HDR *) xalloc(sizeof *bh);
202 bcopy((char *) bh, (char *) *nhp, sizeof *bh);
203 bh = bh->h_link;
204 nhp = &(*nhp)->h_link;
205 }
206 }
207 �/*
208 ** INITSYS -- initialize instantiation of system
209 **
210 ** In Daemon mode, this is done in the child.
211 **
212 ** Parameters:
213 ** none.
214 **
215 ** Returns:
216 ** none.
217 **
218 ** Side Effects:
219 ** Initializes the system macros, some global variables,
220 ** etc. In particular, the current time in various
221 ** forms is set.
222 */
223
224 initsys(e)
225 register ENVELOPE *e;
226 {
227 static char cbuf[5]; /* holds hop count */
228 static char pbuf[10]; /* holds pid */
229 #ifdef TTYNAME
230 static char ybuf[10]; /* holds tty id */
231 register char *p;
232 #endif TTYNAME
233 extern char *ttyname();
234 extern char *macvalue();
235 extern char Version[];
236
237 /*
238 ** Give this envelope a reality.
239 ** I.e., an id, a transcript, and a creation time.
240 */
241
242 openxscript(e);
243 e->e_ctime = curtime();
244
245 /*
246 ** Set OutChannel to something useful if stdout isn't it.
247 ** This arranges that any extra stuff the mailer produces
248 ** gets sent back to the user on error (because it is
249 ** tucked away in the transcript).
250 */
251
252 if (OpMode == MD_DAEMON && QueueRun)
253 OutChannel = e->e_xfp;
254
255 /*
256 ** Set up some basic system macros.
257 */
258
259 /* process id */
260 (void) sprintf(pbuf, "%d", getpid());
261 define('p', pbuf, e);
262
263 /* hop count */
264 (void) sprintf(cbuf, "%d", e->e_hopcount);
265 define('c', cbuf, e);
266
267 /* time as integer, unix time, arpa time */
268 settime(e);
269
270 #ifdef TTYNAME
271 /* tty name */
272 if (macvalue('y', e) == NULL)
273 {
274 p = ttyname(2);
275 if (p != NULL)
276 {
277 if (rindex(p, '/') != NULL)
278 p = rindex(p, '/') + 1;
279 (void) strcpy(ybuf, p);
280 define('y', ybuf, e);
281 }
282 }
283 #endif TTYNAME
284 }
285 �/*
286 ** SETTIME -- set the current time.
287 **
288 ** Parameters:
289 ** none.
290 **
291 ** Returns:
292 ** none.
293 **
294 ** Side Effects:
295 ** Sets the various time macros -- $a, $b, $d, $t.
296 */
297
298 settime(e)
299 register ENVELOPE *e;
300 {
301 register char *p;
302 auto time_t now;
303 static char tbuf[20]; /* holds "current" time */
304 static char dbuf[30]; /* holds ctime(tbuf) */
305 register struct tm *tm;
306 extern char *arpadate();
307 extern struct tm *gmtime();
308 extern char *macvalue();
309
310 now = curtime();
311 tm = gmtime(&now);
312 (void) sprintf(tbuf, "%02d%02d%02d%02d%02d", tm->tm_year, tm->tm_mon+1,
313 tm->tm_mday, tm->tm_hour, tm->tm_min);
314 define('t', tbuf, e);
315 (void) strcpy(dbuf, ctime(&now));
316 *index(dbuf, '\n') = '\0';
317 if (macvalue('d', e) == NULL)
318 define('d', dbuf, e);
319 p = newstr(arpadate(dbuf));
320 if (macvalue('a', e) == NULL)
321 define('a', p, e);
322 define('b', p, e);
323 }
324 �/*
325 ** OPENXSCRIPT -- Open transcript file
326 **
327 ** Creates a transcript file for possible eventual mailing or
328 ** sending back.
329 **
330 ** Parameters:
331 ** e -- the envelope to create the transcript in/for.
332 **
333 ** Returns:
334 ** none
335 **
336 ** Side Effects:
337 ** Creates the transcript file.
338 */
339
340 openxscript(e)
341 register ENVELOPE *e;
342 {
343 register char *p;
344 int fd;
345
346 # ifdef LOG
347 if (LogLevel > 19)
348 syslog(LOG_DEBUG, "%s: openx%s", e->e_id, e->e_xfp == NULL ? "" : " (no)");
349 # endif LOG
350 if (e->e_xfp != NULL)
351 return;
352 p = queuename(e, 'x');
353 fd = open(p, O_WRONLY|O_CREAT, 0644);
354 if (fd < 0)
355 syserr("Can't create %s", p);
356 else
357 e->e_xfp = fdopen(fd, "w");
358 }
359 �/*
360 ** CLOSEXSCRIPT -- close the transcript file.
361 **
362 ** Parameters:
363 ** e -- the envelope containing the transcript to close.
364 **
365 ** Returns:
366 ** none.
367 **
368 ** Side Effects:
369 ** none.
370 */
371
372 closexscript(e)
373 register ENVELOPE *e;
374 {
375 if (e->e_xfp == NULL)
376 return;
377 (void) fclose(e->e_xfp);
378 e->e_xfp = NULL;
379 }
380 �/*
381 ** SETSENDER -- set the person who this message is from
382 **
383 ** Under certain circumstances allow the user to say who
384 ** s/he is (using -f or -r). These are:
385 ** 1. The user's uid is zero (root).
386 ** 2. The user's login name is in an approved list (typically
387 ** from a network server).
388 ** 3. The address the user is trying to claim has a
389 ** "!" character in it (since #2 doesn't do it for
390 ** us if we are dialing out for UUCP).
391 ** A better check to replace #3 would be if the
392 ** effective uid is "UUCP" -- this would require me
393 ** to rewrite getpwent to "grab" uucp as it went by,
394 ** make getname more nasty, do another passwd file
395 ** scan, or compile the UID of "UUCP" into the code,
396 ** all of which are reprehensible.
397 **
398 ** Assuming all of these fail, we figure out something
399 ** ourselves.
400 **
401 ** Parameters:
402 ** from -- the person we would like to believe this message
403 ** is from, as specified on the command line.
404 ** e -- the envelope in which we would like the sender set.
405 **
406 ** Returns:
407 ** none.
408 **
409 ** Side Effects:
410 ** sets sendmail's notion of who the from person is.
411 */
412
413 setsender(from, e)
414 char *from;
415 register ENVELOPE *e;
416 {
417 register char **pvp;
418 char *realname = NULL;
419 register struct passwd *pw;
420 char buf[MAXNAME];
421 char pvpbuf[PSBUFSIZE];
422 extern struct passwd *getpwnam();
423 extern char *macvalue();
424 extern char **prescan();
425 extern bool safefile();
426 extern char *FullName;
427
428 if (tTd(45, 1))
429 printf("setsender(%s)\n", from == NULL ? "" : from);
430
431 /*
432 ** Figure out the real user executing us.
433 ** Username can return errno != 0 on non-errors.
434 */
435
436 if (QueueRun || OpMode == MD_SMTP)
437 realname = from;
438 if (realname == NULL || realname[0] == '\0')
439 {
440 extern char *username();
441
442 realname = username();
443 }
444
445 /*
446 ** Determine if this real person is allowed to alias themselves.
447 */
448
449 if (from != NULL)
450 {
451 extern bool trusteduser();
452
453 if (!trusteduser(realname) && getuid() != geteuid() &&
454 index(from, '!') == NULL && getuid() != 0)
455 {
456 /* network sends -r regardless (why why why?) */
457 /* syserr("%s, you cannot use the -f flag", realname); */
458 from = NULL;
459 }
460 }
461
462 SuprErrs = TRUE;
463 if (from == NULL || parseaddr(from, &e->e_from, 1, '\0', e) == NULL)
464 {
465 /* log garbage addresses for traceback */
466 # ifdef LOG
467 if (from != NULL && LogLevel >= 1)
468 {
469 char *host = RealHostName;
470
471 if (host == NULL)
472 host = MyHostName;
473 syslog(LOG_NOTICE,
474 "from=%s unparseable, received from %s@%s",
475 from, realname, host);
476 }
477 # endif LOG
478 from = newstr(realname);
479 if (parseaddr(from, &e->e_from, 1, '\0', e) == NULL &&
480 parseaddr("postmaster", &e->e_from, 1, '\0', e) == NULL)
481 {
482 syserr("setsender: can't even parse postmaster!");
483 }
484 }
485 else
486 FromFlag = TRUE;
487 e->e_from.q_flags |= QDONTSEND;
488 loweraddr(&e->e_from);
489 SuprErrs = FALSE;
490
491 pvp = NULL;
492 if (e->e_from.q_mailer == LocalMailer)
493 {
494 # ifdef USERDB
495 register char *p;
496 extern char *udbsender();
497 # endif
498
499 /* if the user has given fullname already, don't redefine */
500 if (FullName == NULL)
501 FullName = macvalue('x', e);
502 if (FullName != NULL && FullName[0] == '\0')
503 FullName = NULL;
504
505 # ifdef USERDB
506 p = udbsender(from);
507
508 if (p != NULL)
509 {
510 /*
511 ** We have an alternate address for the sender
512 */
513
514 pvp = prescan(p, '\0', pvpbuf);
515 }
516 # endif /* USERDB */
517
518 if ((pw = getpwnam(e->e_from.q_user)) != NULL)
519 {
520 /*
521 ** Process passwd file entry.
522 */
523
524
525 /* extract home directory */
526 e->e_from.q_home = newstr(pw->pw_dir);
527 define('z', e->e_from.q_home, e);
528
529 /* extract user and group id */
530 e->e_from.q_uid = pw->pw_uid;
531 e->e_from.q_gid = pw->pw_gid;
532
533 /* extract full name from passwd file */
534 if (FullName == NULL && pw->pw_gecos != NULL &&
535 strcmp(pw->pw_name, e->e_from.q_user) == 0)
536 {
537 buildfname(pw->pw_gecos, e->e_from.q_user, buf);
538 if (buf[0] != '\0')
539 FullName = newstr(buf);
540 }
541 }
542 if (FullName != NULL)
543 define('x', FullName, e);
544 }
545 else
546 {
547 if (e->e_from.q_home == NULL)
548 e->e_from.q_home = getenv("HOME");
549 e->e_from.q_uid = getuid();
550 e->e_from.q_gid = getgid();
551 }
552
553 /*
554 ** Rewrite the from person to dispose of possible implicit
555 ** links in the net.
556 */
557
558 if (pvp == NULL)
559 pvp = prescan(from, '\0', pvpbuf);
560 if (pvp == NULL)
561 {
562 # ifdef LOG
563 if (LogLevel >= 1)
564 syslog(LOG_NOTICE, "cannot prescan from (%s)", from);
565 # endif
566 usrerr("cannot prescan from (%s)", from);
567 finis();
568 }
569 rewrite(pvp, 3);
570 rewrite(pvp, 1);
571 rewrite(pvp, 4);
572 cataddr(pvp, buf, sizeof buf);
573 e->e_sender = e->e_returnpath = newstr(buf);
574
575 define('f', e->e_sender, e);
576
577 /* save the domain spec if this mailer wants it */
578 if (e->e_from.q_mailer != NULL &&
579 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags))
580 {
581 extern char **copyplist();
582
583 while (*pvp != NULL && strcmp(*pvp, "@") != 0)
584 pvp++;
585 if (*pvp != NULL)
586 e->e_fromdomain = copyplist(pvp, TRUE);
587 }
588 }
589 �/*
590 ** TRUSTEDUSER -- tell us if this user is to be trusted.
591 **
592 ** Parameters:
593 ** user -- the user to be checked.
594 **
595 ** Returns:
596 ** TRUE if the user is in an approved list.
597 ** FALSE otherwise.
598 **
599 ** Side Effects:
600 ** none.
601 */
602
603 bool
604 trusteduser(user)
605 char *user;
606 {
607 register char **ulist;
608 extern char *TrustedUsers[];
609
610 for (ulist = TrustedUsers; *ulist != NULL; ulist++)
611 if (strcmp(*ulist, user) == 0)
612 return (TRUE);
613 return (FALSE);
614 }
615