1 /* 2 * Copyright (c) 1983 Eric P. Allman 3 * Copyright (c) 1988 Regents of the University of California. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms are permitted 7 * provided that the above copyright notice and this paragraph are 8 * duplicated in all such forms and that any documentation, 9 * advertising materials, and other materials related to such 10 * distribution and use acknowledge that the software was developed 11 * by the University of California, Berkeley. The name of the 12 * University may not be used to endorse or promote products derived 13 * from this software without specific prior written permission. 14 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 16 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 17 */ 18 19 #ifndef lint 20 static char sccsid[] = "@(#)envelope.c 5.18 (Berkeley) 01/01/89"; 21 #endif /* not lint */ 22 23 #include <pwd.h> 24 #include <sys/time.h> 25 #include "sendmail.h" 26 #include <sys/stat.h> 27 28 /* 29 ** NEWENVELOPE -- allocate a new envelope 30 ** 31 ** Supports inheritance. 32 ** 33 ** Parameters: 34 ** e -- the new envelope to fill in. 35 ** 36 ** Returns: 37 ** e. 38 ** 39 ** Side Effects: 40 ** none. 41 */ 42 43 ENVELOPE * 44 newenvelope(e) 45 register ENVELOPE *e; 46 { 47 register ENVELOPE *parent; 48 extern putheader(), putbody(); 49 extern ENVELOPE BlankEnvelope; 50 51 parent = CurEnv; 52 if (e == CurEnv) 53 parent = e->e_parent; 54 clearenvelope(e, TRUE); 55 if (e == CurEnv) 56 bcopy((char *) &NullAddress, (char *) &e->e_from, sizeof e->e_from); 57 else 58 bcopy((char *) &CurEnv->e_from, (char *) &e->e_from, sizeof e->e_from); 59 e->e_parent = parent; 60 e->e_ctime = curtime(); 61 e->e_msgpriority = parent->e_msgsize; 62 e->e_puthdr = putheader; 63 e->e_putbody = putbody; 64 if (CurEnv->e_xfp != NULL) 65 (void) fflush(CurEnv->e_xfp); 66 67 return (e); 68 } 69 /* 70 ** DROPENVELOPE -- deallocate an envelope. 71 ** 72 ** Parameters: 73 ** e -- the envelope to deallocate. 74 ** 75 ** Returns: 76 ** none. 77 ** 78 ** Side Effects: 79 ** housekeeping necessary to dispose of an envelope. 80 ** Unlocks this queue file. 81 */ 82 83 dropenvelope(e) 84 register ENVELOPE *e; 85 { 86 bool queueit = FALSE; 87 register ADDRESS *q; 88 89 if (tTd(50, 1)) 90 { 91 printf("dropenvelope %x id=", e); 92 xputs(e->e_id); 93 printf(" flags=%o\n", e->e_flags); 94 } 95 #ifdef LOG 96 if (LogLevel > 10) 97 syslog(LOG_DEBUG, "dropenvelope, id=%s, flags=%o, pid=%d", 98 e->e_id == NULL ? "(none)" : e->e_id, 99 e->e_flags, getpid()); 100 #endif LOG 101 102 /* we must have an id to remove disk files */ 103 if (e->e_id == NULL) 104 return; 105 106 /* 107 ** Extract state information from dregs of send list. 108 */ 109 110 for (q = e->e_sendqueue; q != NULL; q = q->q_next) 111 { 112 if (bitset(QQUEUEUP, q->q_flags)) 113 queueit = TRUE; 114 } 115 116 /* 117 ** Send back return receipts as requested. 118 */ 119 120 if (e->e_receiptto != NULL && bitset(EF_SENDRECEIPT, e->e_flags)) 121 { 122 auto ADDRESS *rlist = NULL; 123 124 sendtolist(CurEnv->e_receiptto, (ADDRESS *) NULL, &rlist); 125 (void) returntosender("Return receipt", rlist, FALSE); 126 } 127 128 /* 129 ** Arrange to send error messages if there are fatal errors. 130 */ 131 132 if (bitset(EF_FATALERRS|EF_TIMEOUT, e->e_flags) && ErrorMode != EM_QUIET) 133 savemail(e); 134 135 /* 136 ** Instantiate or deinstantiate the queue. 137 */ 138 139 if ((!queueit && !bitset(EF_KEEPQUEUE, e->e_flags)) || 140 bitset(EF_CLRQUEUE, e->e_flags)) 141 { 142 if (e->e_df != NULL) 143 xunlink(e->e_df); 144 xunlink(queuename(e, 'q')); 145 } 146 else if (queueit || !bitset(EF_INQUEUE, e->e_flags)) 147 { 148 #ifdef QUEUE 149 queueup(e, FALSE, FALSE); 150 #else QUEUE 151 syserr("dropenvelope: queueup"); 152 #endif QUEUE 153 } 154 155 /* now unlock the job */ 156 closexscript(e); 157 unlockqueue(e); 158 159 /* make sure that this envelope is marked unused */ 160 e->e_id = e->e_df = NULL; 161 if (e->e_dfp != NULL) 162 (void) fclose(e->e_dfp); 163 e->e_dfp = NULL; 164 } 165 /* 166 ** CLEARENVELOPE -- clear an envelope without unlocking 167 ** 168 ** This is normally used by a child process to get a clean 169 ** envelope without disturbing the parent. 170 ** 171 ** Parameters: 172 ** e -- the envelope to clear. 173 ** fullclear - if set, the current envelope is total 174 ** garbage and should be ignored; otherwise, 175 ** release any resources it may indicate. 176 ** 177 ** Returns: 178 ** none. 179 ** 180 ** Side Effects: 181 ** Closes files associated with the envelope. 182 ** Marks the envelope as unallocated. 183 */ 184 185 clearenvelope(e, fullclear) 186 register ENVELOPE *e; 187 bool fullclear; 188 { 189 register HDR *bh; 190 register HDR **nhp; 191 extern ENVELOPE BlankEnvelope; 192 193 if (!fullclear) 194 { 195 /* clear out any file information */ 196 if (e->e_xfp != NULL) 197 (void) fclose(e->e_xfp); 198 if (e->e_dfp != NULL) 199 (void) fclose(e->e_dfp); 200 } 201 202 /* now clear out the data */ 203 STRUCTCOPY(BlankEnvelope, *e); 204 bh = BlankEnvelope.e_header; 205 nhp = &e->e_header; 206 while (bh != NULL) 207 { 208 *nhp = (HDR *) xalloc(sizeof *bh); 209 bcopy((char *) bh, (char *) *nhp, sizeof *bh); 210 bh = bh->h_link; 211 nhp = &(*nhp)->h_link; 212 } 213 } 214 /* 215 ** INITSYS -- initialize instantiation of system 216 ** 217 ** In Daemon mode, this is done in the child. 218 ** 219 ** Parameters: 220 ** none. 221 ** 222 ** Returns: 223 ** none. 224 ** 225 ** Side Effects: 226 ** Initializes the system macros, some global variables, 227 ** etc. In particular, the current time in various 228 ** forms is set. 229 */ 230 231 initsys() 232 { 233 static char cbuf[5]; /* holds hop count */ 234 static char pbuf[10]; /* holds pid */ 235 #ifdef TTYNAME 236 static char ybuf[10]; /* holds tty id */ 237 register char *p; 238 #endif TTYNAME 239 extern char *ttyname(); 240 extern char *macvalue(); 241 extern char Version[]; 242 243 /* 244 ** Give this envelope a reality. 245 ** I.e., an id, a transcript, and a creation time. 246 */ 247 248 openxscript(CurEnv); 249 CurEnv->e_ctime = curtime(); 250 251 /* 252 ** Set OutChannel to something useful if stdout isn't it. 253 ** This arranges that any extra stuff the mailer produces 254 ** gets sent back to the user on error (because it is 255 ** tucked away in the transcript). 256 */ 257 258 if (OpMode == MD_DAEMON && QueueRun) 259 OutChannel = CurEnv->e_xfp; 260 261 /* 262 ** Set up some basic system macros. 263 */ 264 265 /* process id */ 266 (void) sprintf(pbuf, "%d", getpid()); 267 define('p', pbuf, CurEnv); 268 269 /* hop count */ 270 (void) sprintf(cbuf, "%d", CurEnv->e_hopcount); 271 define('c', cbuf, CurEnv); 272 273 /* time as integer, unix time, arpa time */ 274 settime(); 275 276 #ifdef TTYNAME 277 /* tty name */ 278 if (macvalue('y', CurEnv) == NULL) 279 { 280 p = ttyname(2); 281 if (p != NULL) 282 { 283 if (rindex(p, '/') != NULL) 284 p = rindex(p, '/') + 1; 285 (void) strcpy(ybuf, p); 286 define('y', ybuf, CurEnv); 287 } 288 } 289 #endif TTYNAME 290 } 291 /* 292 ** SETTIME -- set the current time. 293 ** 294 ** Parameters: 295 ** none. 296 ** 297 ** Returns: 298 ** none. 299 ** 300 ** Side Effects: 301 ** Sets the various time macros -- $a, $b, $d, $t. 302 */ 303 304 settime() 305 { 306 register char *p; 307 auto time_t now; 308 static char tbuf[20]; /* holds "current" time */ 309 static char dbuf[30]; /* holds ctime(tbuf) */ 310 register struct tm *tm; 311 extern char *arpadate(); 312 extern struct tm *gmtime(); 313 extern char *macvalue(); 314 315 now = curtime(); 316 tm = gmtime(&now); 317 (void) sprintf(tbuf, "%02d%02d%02d%02d%02d", tm->tm_year, tm->tm_mon+1, 318 tm->tm_mday, tm->tm_hour, tm->tm_min); 319 define('t', tbuf, CurEnv); 320 (void) strcpy(dbuf, ctime(&now)); 321 *index(dbuf, '\n') = '\0'; 322 if (macvalue('d', CurEnv) == NULL) 323 define('d', dbuf, CurEnv); 324 p = newstr(arpadate(dbuf)); 325 if (macvalue('a', CurEnv) == NULL) 326 define('a', p, CurEnv); 327 define('b', p, CurEnv); 328 } 329 /* 330 ** OPENXSCRIPT -- Open transcript file 331 ** 332 ** Creates a transcript file for possible eventual mailing or 333 ** sending back. 334 ** 335 ** Parameters: 336 ** e -- the envelope to create the transcript in/for. 337 ** 338 ** Returns: 339 ** none 340 ** 341 ** Side Effects: 342 ** Creates the transcript file. 343 */ 344 345 openxscript(e) 346 register ENVELOPE *e; 347 { 348 register char *p; 349 350 # ifdef LOG 351 if (LogLevel > 19) 352 syslog(LOG_DEBUG, "%s: openx%s", e->e_id, e->e_xfp == NULL ? "" : " (no)"); 353 # endif LOG 354 if (e->e_xfp != NULL) 355 return; 356 p = queuename(e, 'x'); 357 e->e_xfp = fopen(p, "w"); 358 if (e->e_xfp == NULL) 359 syserr("Can't create %s", p); 360 else 361 (void) chmod(p, 0644); 362 } 363 /* 364 ** CLOSEXSCRIPT -- close the transcript file. 365 ** 366 ** Parameters: 367 ** e -- the envelope containing the transcript to close. 368 ** 369 ** Returns: 370 ** none. 371 ** 372 ** Side Effects: 373 ** none. 374 */ 375 376 closexscript(e) 377 register ENVELOPE *e; 378 { 379 if (e->e_xfp == NULL) 380 return; 381 (void) fclose(e->e_xfp); 382 e->e_xfp = NULL; 383 } 384 /* 385 ** SETSENDER -- set the person who this message is from 386 ** 387 ** Under certain circumstances allow the user to say who 388 ** s/he is (using -f or -r). These are: 389 ** 1. The user's uid is zero (root). 390 ** 2. The user's login name is in an approved list (typically 391 ** from a network server). 392 ** 3. The address the user is trying to claim has a 393 ** "!" character in it (since #2 doesn't do it for 394 ** us if we are dialing out for UUCP). 395 ** A better check to replace #3 would be if the 396 ** effective uid is "UUCP" -- this would require me 397 ** to rewrite getpwent to "grab" uucp as it went by, 398 ** make getname more nasty, do another passwd file 399 ** scan, or compile the UID of "UUCP" into the code, 400 ** all of which are reprehensible. 401 ** 402 ** Assuming all of these fail, we figure out something 403 ** ourselves. 404 ** 405 ** Parameters: 406 ** from -- the person we would like to believe this message 407 ** is from, as specified on the command line. 408 ** 409 ** Returns: 410 ** none. 411 ** 412 ** Side Effects: 413 ** sets sendmail's notion of who the from person is. 414 */ 415 416 setsender(from) 417 char *from; 418 { 419 register char **pvp; 420 char *realname = NULL; 421 register struct passwd *pw; 422 char buf[MAXNAME]; 423 char pvpbuf[PSBUFSIZE]; 424 extern struct passwd *getpwnam(); 425 extern char *macvalue(); 426 extern char **prescan(); 427 extern bool safefile(); 428 extern char *FullName; 429 430 if (tTd(45, 1)) 431 printf("setsender(%s)\n", from == NULL ? "" : from); 432 433 /* 434 ** Figure out the real user executing us. 435 ** Username can return errno != 0 on non-errors. 436 */ 437 438 if (QueueRun || OpMode == MD_SMTP || OpMode == MD_ARPAFTP) 439 realname = from; 440 if (realname == NULL || realname[0] == '\0') 441 { 442 extern char *username(); 443 444 realname = username(); 445 } 446 447 /* 448 ** Determine if this real person is allowed to alias themselves. 449 */ 450 451 if (from != NULL) 452 { 453 extern bool trusteduser(); 454 455 if (!trusteduser(realname) && getuid() != geteuid() && 456 index(from, '!') == NULL && getuid() != 0) 457 { 458 /* network sends -r regardless (why why why?) */ 459 /* syserr("%s, you cannot use the -f flag", realname); */ 460 from = NULL; 461 } 462 } 463 464 SuprErrs = TRUE; 465 if (from == NULL || parseaddr(from, &CurEnv->e_from, 1, '\0') == NULL) 466 { 467 /* log garbage addresses for traceback */ 468 if (from != NULL) 469 { 470 # ifdef LOG 471 if (LogLevel >= 1) 472 if (realname == from && RealHostName != NULL) 473 syslog(LOG_NOTICE, 474 "from=%s unparseable, received from %s", 475 from, RealHostName); 476 else 477 syslog(LOG_NOTICE, 478 "Unparseable username %s wants from=%s", 479 realname, from); 480 # endif LOG 481 } 482 from = newstr(realname); 483 if (parseaddr(from, &CurEnv->e_from, 1, '\0') == NULL && 484 parseaddr("postmaster", &CurEnv->e_from, 1, '\0') == NULL) 485 { 486 syserr("setsender: can't even parse postmaster!"); 487 } 488 } 489 else 490 FromFlag = TRUE; 491 CurEnv->e_from.q_flags |= QDONTSEND; 492 loweraddr(&CurEnv->e_from); 493 SuprErrs = FALSE; 494 495 if (CurEnv->e_from.q_mailer == LocalMailer && 496 (pw = getpwnam(CurEnv->e_from.q_user)) != NULL) 497 { 498 /* 499 ** Process passwd file entry. 500 */ 501 502 503 /* extract home directory */ 504 CurEnv->e_from.q_home = newstr(pw->pw_dir); 505 define('z', CurEnv->e_from.q_home, CurEnv); 506 507 /* extract user and group id */ 508 CurEnv->e_from.q_uid = pw->pw_uid; 509 CurEnv->e_from.q_gid = pw->pw_gid; 510 511 /* if the user has given fullname already, don't redefine */ 512 if (FullName == NULL) 513 FullName = macvalue('x', CurEnv); 514 if (FullName != NULL && FullName[0] == '\0') 515 FullName = NULL; 516 517 /* extract full name from passwd file */ 518 if (FullName == NULL && pw->pw_gecos != NULL && 519 strcmp(pw->pw_name, CurEnv->e_from.q_user) == 0) 520 { 521 buildfname(pw->pw_gecos, CurEnv->e_from.q_user, buf); 522 if (buf[0] != '\0') 523 FullName = newstr(buf); 524 } 525 if (FullName != NULL) 526 define('x', FullName, CurEnv); 527 } 528 else 529 { 530 if (CurEnv->e_from.q_home == NULL) 531 CurEnv->e_from.q_home = getenv("HOME"); 532 CurEnv->e_from.q_uid = getuid(); 533 CurEnv->e_from.q_gid = getgid(); 534 } 535 536 if (CurEnv->e_from.q_uid != 0) 537 { 538 DefUid = CurEnv->e_from.q_uid; 539 DefGid = CurEnv->e_from.q_gid; 540 } 541 542 /* 543 ** Rewrite the from person to dispose of possible implicit 544 ** links in the net. 545 */ 546 547 pvp = prescan(from, '\0', pvpbuf); 548 if (pvp == NULL) 549 { 550 # ifdef LOG 551 if (LogLevel >= 1) 552 syslog(LOG_NOTICE, "cannot prescan from (%s)", from); 553 # endif 554 usrerr("cannot prescan from (%s)", from); 555 finis(); 556 } 557 rewrite(pvp, 3); 558 rewrite(pvp, 1); 559 rewrite(pvp, 4); 560 cataddr(pvp, buf, sizeof buf); 561 define('f', newstr(buf), CurEnv); 562 563 /* save the domain spec if this mailer wants it */ 564 if (CurEnv->e_from.q_mailer != NULL && 565 bitnset(M_CANONICAL, CurEnv->e_from.q_mailer->m_flags)) 566 { 567 extern char **copyplist(); 568 569 while (*pvp != NULL && strcmp(*pvp, "@") != 0) 570 pvp++; 571 if (*pvp != NULL) 572 CurEnv->e_fromdomain = copyplist(pvp, TRUE); 573 } 574 } 575 /* 576 ** TRUSTEDUSER -- tell us if this user is to be trusted. 577 ** 578 ** Parameters: 579 ** user -- the user to be checked. 580 ** 581 ** Returns: 582 ** TRUE if the user is in an approved list. 583 ** FALSE otherwise. 584 ** 585 ** Side Effects: 586 ** none. 587 */ 588 589 bool 590 trusteduser(user) 591 char *user; 592 { 593 register char **ulist; 594 extern char *TrustedUsers[]; 595 596 for (ulist = TrustedUsers; *ulist != NULL; ulist++) 597 if (strcmp(*ulist, user) == 0) 598 return (TRUE); 599 return (FALSE); 600 } 601