1 /*
2 * Copyright (c) 1988 Regents of the University of California.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms are permitted
6 * provided that this notice is preserved and that due credit is given
7 * to the University of California at Berkeley. The name of the University
8 * may not be used to endorse or promote products derived from this
9 * software without specific prior written permission. This software
10 * is provided ``as is'' without express or implied warranty.
11 *
12 * Sendmail
13 * Copyright (c) 1983 Eric P. Allman
14 * Berkeley, California
15 */
16
17 #ifndef lint
18 static char sccsid[] = "@(#)deliver.c 5.16 (Berkeley) 03/13/88";
19 #endif /* not lint */
20
21 # include <signal.h>
22 # include <errno.h>
23 # include "sendmail.h"
24 # include <sys/stat.h>
25 # include <netdb.h>
26
27 /*
28 ** DELIVER -- Deliver a message to a list of addresses.
29 **
30 ** This routine delivers to everyone on the same host as the
31 ** user on the head of the list. It is clever about mailers
32 ** that don't handle multiple users. It is NOT guaranteed
33 ** that it will deliver to all these addresses however -- so
34 ** deliver should be called once for each address on the
35 ** list.
36 **
37 ** Parameters:
38 ** e -- the envelope to deliver.
39 ** firstto -- head of the address list to deliver to.
40 **
41 ** Returns:
42 ** zero -- successfully delivered.
43 ** else -- some failure, see ExitStat for more info.
44 **
45 ** Side Effects:
46 ** The standard input is passed off to someone.
47 */
48
49 deliver(e, firstto)
50 register ENVELOPE *e;
51 ADDRESS *firstto;
52 {
53 char *host; /* host being sent to */
54 char *user; /* user being sent to */
55 char **pvp;
56 register char **mvp;
57 register char *p;
58 register MAILER *m; /* mailer for this recipient */
59 ADDRESS *ctladdr;
60 register ADDRESS *to = firstto;
61 bool clever = FALSE; /* running user smtp to this mailer */
62 ADDRESS *tochain = NULL; /* chain of users in this mailer call */
63 register int rcode; /* response code */
64 char *pv[MAXPV+1];
65 char tobuf[MAXLINE-50]; /* text line of to people */
66 char buf[MAXNAME];
67 char tfrombuf[MAXNAME]; /* translated from person */
68 extern bool checkcompat();
69 extern ADDRESS *getctladdr();
70 extern char *remotename();
71
72 errno = 0;
73 if (bitset(QDONTSEND, to->q_flags))
74 return (0);
75
76 m = to->q_mailer;
77 host = to->q_host;
78
79 # ifdef DEBUG
80 if (tTd(10, 1))
81 printf("\n--deliver, mailer=%d, host=`%s', first user=`%s'\n",
82 m->m_mno, host, to->q_user);
83 # endif DEBUG
84
85 /*
86 ** If this mailer is expensive, and if we don't want to make
87 ** connections now, just mark these addresses and return.
88 ** This is useful if we want to batch connections to
89 ** reduce load. This will cause the messages to be
90 ** queued up, and a daemon will come along to send the
91 ** messages later.
92 ** This should be on a per-mailer basis.
93 */
94
95 if (NoConnect && !QueueRun && bitnset(M_EXPENSIVE, m->m_flags) &&
96 !Verbose)
97 {
98 for (; to != NULL; to = to->q_next)
99 {
100 if (bitset(QDONTSEND, to->q_flags) || to->q_mailer != m)
101 continue;
102 to->q_flags |= QQUEUEUP|QDONTSEND;
103 e->e_to = to->q_paddr;
104 message(Arpa_Info, "queued");
105 if (LogLevel > 4)
106 logdelivery("queued");
107 }
108 e->e_to = NULL;
109 return (0);
110 }
111
112 /*
113 ** Do initial argv setup.
114 ** Insert the mailer name. Notice that $x expansion is
115 ** NOT done on the mailer name. Then, if the mailer has
116 ** a picky -f flag, we insert it as appropriate. This
117 ** code does not check for 'pv' overflow; this places a
118 ** manifest lower limit of 4 for MAXPV.
119 ** The from address rewrite is expected to make
120 ** the address relative to the other end.
121 */
122
123 /* rewrite from address, using rewriting rules */
124 expand("\001f", buf, &buf[sizeof buf - 1], e);
125 (void) strcpy(tfrombuf, remotename(buf, m, TRUE, TRUE));
126
127 define('g', tfrombuf, e); /* translated sender address */
128 define('h', host, e); /* to host */
129 Errors = 0;
130 pvp = pv;
131 *pvp++ = m->m_argv[0];
132
133 /* insert -f or -r flag as appropriate */
134 if (FromFlag && (bitnset(M_FOPT, m->m_flags) || bitnset(M_ROPT, m->m_flags)))
135 {
136 if (bitnset(M_FOPT, m->m_flags))
137 *pvp++ = "-f";
138 else
139 *pvp++ = "-r";
140 expand("\001g", buf, &buf[sizeof buf - 1], e);
141 *pvp++ = newstr(buf);
142 }
143
144 /*
145 ** Append the other fixed parts of the argv. These run
146 ** up to the first entry containing "$u". There can only
147 ** be one of these, and there are only a few more slots
148 ** in the pv after it.
149 */
150
151 for (mvp = m->m_argv; (p = *++mvp) != NULL; )
152 {
153 while ((p = index(p, '\001')) != NULL)
154 if (*++p == 'u')
155 break;
156 if (p != NULL)
157 break;
158
159 /* this entry is safe -- go ahead and process it */
160 expand(*mvp, buf, &buf[sizeof buf - 1], e);
161 *pvp++ = newstr(buf);
162 if (pvp >= &pv[MAXPV - 3])
163 {
164 syserr("Too many parameters to %s before $u", pv[0]);
165 return (-1);
166 }
167 }
168
169 /*
170 ** If we have no substitution for the user name in the argument
171 ** list, we know that we must supply the names otherwise -- and
172 ** SMTP is the answer!!
173 */
174
175 if (*mvp == NULL)
176 {
177 /* running SMTP */
178 # ifdef SMTP
179 clever = TRUE;
180 *pvp = NULL;
181 # else SMTP
182 /* oops! we don't implement SMTP */
183 syserr("SMTP style mailer");
184 return (EX_SOFTWARE);
185 # endif SMTP
186 }
187
188 /*
189 ** At this point *mvp points to the argument with $u. We
190 ** run through our address list and append all the addresses
191 ** we can. If we run out of space, do not fret! We can
192 ** always send another copy later.
193 */
194
195 tobuf[0] = '\0';
196 e->e_to = tobuf;
197 ctladdr = NULL;
198 for (; to != NULL; to = to->q_next)
199 {
200 /* avoid sending multiple recipients to dumb mailers */
201 if (tobuf[0] != '\0' && !bitnset(M_MUSER, m->m_flags))
202 break;
203
204 /* if already sent or not for this host, don't send */
205 if (bitset(QDONTSEND, to->q_flags) ||
206 strcmp(to->q_host, host) != 0 ||
207 to->q_mailer != firstto->q_mailer)
208 continue;
209
210 /* avoid overflowing tobuf */
211 if (sizeof tobuf - (strlen(to->q_paddr) + strlen(tobuf) + 2) < 0)
212 break;
213
214 # ifdef DEBUG
215 if (tTd(10, 1))
216 {
217 printf("\nsend to ");
218 printaddr(to, FALSE);
219 }
220 # endif DEBUG
221
222 /* compute effective uid/gid when sending */
223 if (to->q_mailer == ProgMailer)
224 ctladdr = getctladdr(to);
225
226 user = to->q_user;
227 e->e_to = to->q_paddr;
228 to->q_flags |= QDONTSEND;
229
230 /*
231 ** Check to see that these people are allowed to
232 ** talk to each other.
233 */
234
235 if (m->m_maxsize != 0 && e->e_msgsize > m->m_maxsize)
236 {
237 NoReturn = TRUE;
238 usrerr("Message is too large; %ld bytes max", m->m_maxsize);
239 giveresponse(EX_UNAVAILABLE, m, e);
240 continue;
241 }
242 if (!checkcompat(to))
243 {
244 giveresponse(EX_UNAVAILABLE, m, e);
245 continue;
246 }
247
248 /*
249 ** Strip quote bits from names if the mailer is dumb
250 ** about them.
251 */
252
253 if (bitnset(M_STRIPQ, m->m_flags))
254 {
255 stripquotes(user, TRUE);
256 stripquotes(host, TRUE);
257 }
258 else
259 {
260 stripquotes(user, FALSE);
261 stripquotes(host, FALSE);
262 }
263
264 /* hack attack -- delivermail compatibility */
265 if (m == ProgMailer && *user == '|')
266 user++;
267
268 /*
269 ** If an error message has already been given, don't
270 ** bother to send to this address.
271 **
272 ** >>>>>>>>>> This clause assumes that the local mailer
273 ** >> NOTE >> cannot do any further aliasing; that
274 ** >>>>>>>>>> function is subsumed by sendmail.
275 */
276
277 if (bitset(QBADADDR|QQUEUEUP, to->q_flags))
278 continue;
279
280 /* save statistics.... */
281 markstats(e, to);
282
283 /*
284 ** See if this user name is "special".
285 ** If the user name has a slash in it, assume that this
286 ** is a file -- send it off without further ado. Note
287 ** that this type of addresses is not processed along
288 ** with the others, so we fudge on the To person.
289 */
290
291 if (m == LocalMailer)
292 {
293 if (user[0] == '/')
294 {
295 rcode = mailfile(user, getctladdr(to));
296 giveresponse(rcode, m, e);
297 continue;
298 }
299 }
300
301 /*
302 ** Address is verified -- add this user to mailer
303 ** argv, and add it to the print list of recipients.
304 */
305
306 /* link together the chain of recipients */
307 to->q_tchain = tochain;
308 tochain = to;
309
310 /* create list of users for error messages */
311 (void) strcat(tobuf, ",");
312 (void) strcat(tobuf, to->q_paddr);
313 define('u', user, e); /* to user */
314 define('z', to->q_home, e); /* user's home */
315
316 /*
317 ** Expand out this user into argument list.
318 */
319
320 if (!clever)
321 {
322 expand(*mvp, buf, &buf[sizeof buf - 1], e);
323 *pvp++ = newstr(buf);
324 if (pvp >= &pv[MAXPV - 2])
325 {
326 /* allow some space for trailing parms */
327 break;
328 }
329 }
330 }
331
332 /* see if any addresses still exist */
333 if (tobuf[0] == '\0')
334 {
335 define('g', (char *) NULL, e);
336 return (0);
337 }
338
339 /* print out messages as full list */
340 e->e_to = tobuf + 1;
341
342 /*
343 ** Fill out any parameters after the $u parameter.
344 */
345
346 while (!clever && *++mvp != NULL)
347 {
348 expand(*mvp, buf, &buf[sizeof buf - 1], e);
349 *pvp++ = newstr(buf);
350 if (pvp >= &pv[MAXPV])
351 syserr("deliver: pv overflow after $u for %s", pv[0]);
352 }
353 *pvp++ = NULL;
354
355 /*
356 ** Call the mailer.
357 ** The argument vector gets built, pipes
358 ** are created as necessary, and we fork & exec as
359 ** appropriate.
360 ** If we are running SMTP, we just need to clean up.
361 */
362
363 message(Arpa_Info, "Connecting to %s.%s...", host, m->m_name);
364
365 if (ctladdr == NULL)
366 ctladdr = &e->e_from;
367 # ifdef SMTP
368 if (clever)
369 {
370 # ifdef MXDOMAIN
371 expand("\001w", buf, &buf[sizeof buf - 1], e);
372 if (host[0] == '[')
373 {
374 Nmx = 1;
375 MxHosts[0] = host;
376 rcode = EX_OK;
377 }
378 else if ((Nmx = getmxrr(host, MxHosts, MAXMXHOSTS, buf)) < 0)
379 {
380 /*
381 * Map errors into standard values
382 */
383 if (Nmx == -1)
384 rcode = EX_TEMPFAIL;
385 else if (Nmx == -3)
386 rcode = EX_NOHOST;
387 else
388 rcode = EX_UNAVAILABLE;
389 }
390 else
391 rcode = EX_OK;
392 #else MXDOMAIN
393 Nmx = 1;
394 MxHosts[0] = q->q_host;
395 rcode = EX_OK;
396 #endif
397 /* send the initial SMTP protocol */
398 if (rcode == EX_OK)
399 rcode = smtpinit(m, pv);
400
401 if (rcode == EX_OK)
402 {
403 /* send the recipient list */
404 tobuf[0] = '\0';
405 for (to = tochain; to != NULL; to = to->q_tchain)
406 {
407 int i;
408
409 e->e_to = to->q_paddr;
410 i = smtprcpt(to, m);
411 if (i != EX_OK)
412 {
413 markfailure(e, to, i);
414 giveresponse(i, m, e);
415 }
416 else
417 {
418 (void) strcat(tobuf, ",");
419 (void) strcat(tobuf, to->q_paddr);
420 }
421 }
422
423 /* now send the data */
424 if (tobuf[0] == '\0')
425 e->e_to = NULL;
426 else
427 {
428 e->e_to = tobuf + 1;
429 rcode = smtpdata(m, e);
430 }
431
432 /* now close the connection */
433 smtpquit(m);
434 }
435 }
436 else
437 # endif SMTP
438 rcode = sendoff(e, m, pv, ctladdr);
439
440 /*
441 ** Do final status disposal.
442 ** We check for something in tobuf for the SMTP case.
443 ** If we got a temporary failure, arrange to queue the
444 ** addressees.
445 */
446
447 if (tobuf[0] != '\0')
448 giveresponse(rcode, m, e);
449 if (rcode != EX_OK)
450 {
451 for (to = tochain; to != NULL; to = to->q_tchain)
452 markfailure(e, to, rcode);
453 }
454
455 errno = 0;
456 define('g', (char *) NULL, e);
457 return (rcode);
458 }
459 �/*
460 ** MARKFAILURE -- mark a failure on a specific address.
461 **
462 ** Parameters:
463 ** e -- the envelope we are sending.
464 ** q -- the address to mark.
465 ** rcode -- the code signifying the particular failure.
466 **
467 ** Returns:
468 ** none.
469 **
470 ** Side Effects:
471 ** marks the address (and possibly the envelope) with the
472 ** failure so that an error will be returned or
473 ** the message will be queued, as appropriate.
474 */
475
476 markfailure(e, q, rcode)
477 register ENVELOPE *e;
478 register ADDRESS *q;
479 int rcode;
480 {
481 if (rcode == EX_OK)
482 return;
483 else if (rcode != EX_TEMPFAIL)
484 q->q_flags |= QBADADDR;
485 else if (curtime() > e->e_ctime + TimeOut)
486 {
487 extern char *pintvl();
488 char buf[MAXLINE];
489
490 if (!bitset(EF_TIMEOUT, e->e_flags))
491 {
492 (void) sprintf(buf, "Cannot send message for %s",
493 pintvl(TimeOut, FALSE));
494 if (e->e_message != NULL)
495 free(e->e_message);
496 e->e_message = newstr(buf);
497 message(Arpa_Info, buf);
498 }
499 q->q_flags |= QBADADDR;
500 e->e_flags |= EF_TIMEOUT;
501 }
502 else
503 q->q_flags |= QQUEUEUP;
504 }
505 �/*
506 ** DOFORK -- do a fork, retrying a couple of times on failure.
507 **
508 ** This MUST be a macro, since after a vfork we are running
509 ** two processes on the same stack!!!
510 **
511 ** Parameters:
512 ** none.
513 **
514 ** Returns:
515 ** From a macro??? You've got to be kidding!
516 **
517 ** Side Effects:
518 ** Modifies the ==> LOCAL <== variable 'pid', leaving:
519 ** pid of child in parent, zero in child.
520 ** -1 on unrecoverable error.
521 **
522 ** Notes:
523 ** I'm awfully sorry this looks so awful. That's
524 ** vfork for you.....
525 */
526
527 # define NFORKTRIES 5
528 # ifdef VMUNIX
529 # define XFORK vfork
530 # else VMUNIX
531 # define XFORK fork
532 # endif VMUNIX
533
534 # define DOFORK(fORKfN) \
535 {\
536 register int i;\
537 \
538 for (i = NFORKTRIES; --i >= 0; )\
539 {\
540 pid = fORKfN();\
541 if (pid >= 0)\
542 break;\
543 if (i > 0)\
544 sleep((unsigned) NFORKTRIES - i);\
545 }\
546 }
547 �/*
548 ** DOFORK -- simple fork interface to DOFORK.
549 **
550 ** Parameters:
551 ** none.
552 **
553 ** Returns:
554 ** pid of child in parent.
555 ** zero in child.
556 ** -1 on error.
557 **
558 ** Side Effects:
559 ** returns twice, once in parent and once in child.
560 */
561
562 dofork()
563 {
564 register int pid;
565
566 DOFORK(fork);
567 return (pid);
568 }
569 �/*
570 ** SENDOFF -- send off call to mailer & collect response.
571 **
572 ** Parameters:
573 ** e -- the envelope to mail.
574 ** m -- mailer descriptor.
575 ** pvp -- parameter vector to send to it.
576 ** ctladdr -- an address pointer controlling the
577 ** user/groupid etc. of the mailer.
578 **
579 ** Returns:
580 ** exit status of mailer.
581 **
582 ** Side Effects:
583 ** none.
584 */
585
586 sendoff(e, m, pvp, ctladdr)
587 register ENVELOPE *e;
588 MAILER *m;
589 char **pvp;
590 ADDRESS *ctladdr;
591 {
592 auto FILE *mfile;
593 auto FILE *rfile;
594 register int i;
595 int pid;
596
597 /*
598 ** Create connection to mailer.
599 */
600
601 pid = openmailer(m, pvp, ctladdr, FALSE, &mfile, &rfile);
602 if (pid < 0)
603 return (-1);
604
605 /*
606 ** Format and send message.
607 */
608
609 putfromline(mfile, m);
610 (*e->e_puthdr)(mfile, m, e);
611 putline("\n", mfile, m);
612 (*e->e_putbody)(mfile, m, e);
613 (void) fclose(mfile);
614
615 i = endmailer(pid, pvp[0]);
616
617 /* arrange a return receipt if requested */
618 if (e->e_receiptto != NULL && bitnset(M_LOCAL, m->m_flags))
619 {
620 e->e_flags |= EF_SENDRECEIPT;
621 /* do we want to send back more info? */
622 }
623
624 return (i);
625 }
626 �/*
627 ** ENDMAILER -- Wait for mailer to terminate.
628 **
629 ** We should never get fatal errors (e.g., segmentation
630 ** violation), so we report those specially. For other
631 ** errors, we choose a status message (into statmsg),
632 ** and if it represents an error, we print it.
633 **
634 ** Parameters:
635 ** pid -- pid of mailer.
636 ** name -- name of mailer (for error messages).
637 **
638 ** Returns:
639 ** exit code of mailer.
640 **
641 ** Side Effects:
642 ** none.
643 */
644
645 endmailer(pid, name)
646 int pid;
647 char *name;
648 {
649 int st;
650
651 /* in the IPC case there is nothing to wait for */
652 if (pid == 0)
653 return (EX_OK);
654
655 /* wait for the mailer process to die and collect status */
656 st = waitfor(pid);
657 if (st == -1)
658 {
659 syserr("endmailer %s: wait", name);
660 return (EX_SOFTWARE);
661 }
662
663 /* see if it died a horrid death */
664 if ((st & 0377) != 0)
665 {
666 syserr("mailer %s died with signal %o", name, st);
667 ExitStat = EX_TEMPFAIL;
668 return (EX_TEMPFAIL);
669 }
670
671 /* normal death -- return status */
672 st = (st >> 8) & 0377;
673 return (st);
674 }
675 �/*
676 ** OPENMAILER -- open connection to mailer.
677 **
678 ** Parameters:
679 ** m -- mailer descriptor.
680 ** pvp -- parameter vector to pass to mailer.
681 ** ctladdr -- controlling address for user.
682 ** clever -- create a full duplex connection.
683 ** pmfile -- pointer to mfile (to mailer) connection.
684 ** prfile -- pointer to rfile (from mailer) connection.
685 **
686 ** Returns:
687 ** pid of mailer ( > 0 ).
688 ** -1 on error.
689 ** zero on an IPC connection.
690 **
691 ** Side Effects:
692 ** creates a mailer in a subprocess.
693 */
694
695 openmailer(m, pvp, ctladdr, clever, pmfile, prfile)
696 MAILER *m;
697 char **pvp;
698 ADDRESS *ctladdr;
699 bool clever;
700 FILE **pmfile;
701 FILE **prfile;
702 {
703 int pid;
704 int mpvect[2];
705 int rpvect[2];
706 FILE *mfile;
707 FILE *rfile;
708 extern FILE *fdopen();
709
710 # ifdef DEBUG
711 if (tTd(11, 1))
712 {
713 printf("openmailer:");
714 printav(pvp);
715 }
716 # endif DEBUG
717 errno = 0;
718
719 CurHostName = m->m_mailer;
720
721 /*
722 ** Deal with the special case of mail handled through an IPC
723 ** connection.
724 ** In this case we don't actually fork. We must be
725 ** running SMTP for this to work. We will return a
726 ** zero pid to indicate that we are running IPC.
727 ** We also handle a debug version that just talks to stdin/out.
728 */
729
730 #ifdef DEBUG
731 /* check for Local Person Communication -- not for mortals!!! */
732 if (strcmp(m->m_mailer, "[LPC]") == 0)
733 {
734 *pmfile = stdout;
735 *prfile = stdin;
736 return (0);
737 }
738 #endif DEBUG
739
740 if (strcmp(m->m_mailer, "[IPC]") == 0)
741 {
742 #ifdef HOSTINFO
743 register STAB *st;
744 extern STAB *stab();
745 #endif HOSTINFO
746 #ifdef DAEMON
747 register int i, j;
748 register u_short port;
749
750 CurHostName = pvp[1];
751 if (!clever)
752 syserr("non-clever IPC");
753 if (pvp[2] != NULL)
754 port = atoi(pvp[2]);
755 else
756 port = 0;
757 for (j = 0; j < Nmx; j++)
758 {
759 CurHostName = MxHosts[j];
760 #ifdef HOSTINFO
761 /* see if we have already determined that this host is fried */
762 st = stab(MxHosts[j], ST_HOST, ST_FIND);
763 if (st == NULL || st->s_host.ho_exitstat == EX_OK)
764 i = makeconnection(MxHosts[j], port, pmfile, prfile);
765 else
766 {
767 i = st->s_host.ho_exitstat;
768 errno = st->s_host.ho_errno;
769 }
770 #else HOSTINFO
771 i = makeconnection(MxHosts[j], port, pmfile, prfile);
772 #endif HOSTINFO
773 if (i != EX_OK)
774 {
775 #ifdef HOSTINFO
776 /* enter status of this host */
777 if (st == NULL)
778 st = stab(MxHosts[j], ST_HOST, ST_ENTER);
779 st->s_host.ho_exitstat = i;
780 st->s_host.ho_errno = errno;
781 #endif HOSTINFO
782 ExitStat = i;
783 continue;
784 }
785 else
786 return (0);
787 }
788 return (-1);
789 #else DAEMON
790 syserr("openmailer: no IPC");
791 return (-1);
792 #endif DAEMON
793 }
794
795 /* create a pipe to shove the mail through */
796 if (pipe(mpvect) < 0)
797 {
798 syserr("openmailer: pipe (to mailer)");
799 return (-1);
800 }
801
802 #ifdef SMTP
803 /* if this mailer speaks smtp, create a return pipe */
804 if (clever && pipe(rpvect) < 0)
805 {
806 syserr("openmailer: pipe (from mailer)");
807 (void) close(mpvect[0]);
808 (void) close(mpvect[1]);
809 return (-1);
810 }
811 #endif SMTP
812
813 /*
814 ** Actually fork the mailer process.
815 ** DOFORK is clever about retrying.
816 **
817 ** Dispose of SIGCHLD signal catchers that may be laying
818 ** around so that endmail will get it.
819 */
820
821 if (CurEnv->e_xfp != NULL)
822 (void) fflush(CurEnv->e_xfp); /* for debugging */
823 (void) fflush(stdout);
824 # ifdef SIGCHLD
825 (void) signal(SIGCHLD, SIG_DFL);
826 # endif SIGCHLD
827 DOFORK(XFORK);
828 /* pid is set by DOFORK */
829 if (pid < 0)
830 {
831 /* failure */
832 syserr("openmailer: cannot fork");
833 (void) close(mpvect[0]);
834 (void) close(mpvect[1]);
835 #ifdef SMTP
836 if (clever)
837 {
838 (void) close(rpvect[0]);
839 (void) close(rpvect[1]);
840 }
841 #endif SMTP
842 return (-1);
843 }
844 else if (pid == 0)
845 {
846 int i;
847 extern int DtableSize;
848
849 /* child -- set up input & exec mailer */
850 /* make diagnostic output be standard output */
851 (void) signal(SIGINT, SIG_IGN);
852 (void) signal(SIGHUP, SIG_IGN);
853 (void) signal(SIGTERM, SIG_DFL);
854
855 /* arrange to filter standard & diag output of command */
856 if (clever)
857 {
858 (void) close(rpvect[0]);
859 (void) close(1);
860 (void) dup(rpvect[1]);
861 (void) close(rpvect[1]);
862 }
863 else if (OpMode == MD_SMTP || HoldErrs)
864 {
865 /* put mailer output in transcript */
866 (void) close(1);
867 (void) dup(fileno(CurEnv->e_xfp));
868 }
869 (void) close(2);
870 (void) dup(1);
871
872 /* arrange to get standard input */
873 (void) close(mpvect[1]);
874 (void) close(0);
875 if (dup(mpvect[0]) < 0)
876 {
877 syserr("Cannot dup to zero!");
878 _exit(EX_OSERR);
879 }
880 (void) close(mpvect[0]);
881 if (!bitnset(M_RESTR, m->m_flags))
882 {
883 if (ctladdr == NULL || ctladdr->q_uid == 0)
884 {
885 (void) setgid(DefGid);
886 (void) setuid(DefUid);
887 }
888 else
889 {
890 (void) setgid(ctladdr->q_gid);
891 (void) setuid(ctladdr->q_uid);
892 }
893 }
894
895 /* arrange for all the files to be closed */
896 for (i = 3; i < DtableSize; i++)
897 #ifdef FIOCLEX
898 (void) ioctl(i, FIOCLEX, 0);
899 #else FIOCLEX
900 (void) close(i);
901 #endif FIOCLEX
902
903 /* try to execute the mailer */
904 execve(m->m_mailer, pvp, UserEnviron);
905
906 #ifdef FIOCLEX
907 syserr("Cannot exec %s", m->m_mailer);
908 #else FIOCLEX
909 printf("Cannot exec '%s' errno=%d\n", m->m_mailer, errno);
910 (void) fflush(stdout);
911 #endif FIOCLEX
912 if (m == LocalMailer || errno == EIO || errno == EAGAIN ||
913 errno == ENOMEM || errno == EPROCLIM)
914 _exit(EX_TEMPFAIL);
915 else
916 _exit(EX_UNAVAILABLE);
917 }
918
919 /*
920 ** Set up return value.
921 */
922
923 (void) close(mpvect[0]);
924 mfile = fdopen(mpvect[1], "w");
925 if (clever)
926 {
927 (void) close(rpvect[1]);
928 rfile = fdopen(rpvect[0], "r");
929 }
930
931 *pmfile = mfile;
932 *prfile = rfile;
933
934 return (pid);
935 }
936 �/*
937 ** GIVERESPONSE -- Interpret an error response from a mailer
938 **
939 ** Parameters:
940 ** stat -- the status code from the mailer (high byte
941 ** only; core dumps must have been taken care of
942 ** already).
943 ** m -- the mailer descriptor for this mailer.
944 **
945 ** Returns:
946 ** none.
947 **
948 ** Side Effects:
949 ** Errors may be incremented.
950 ** ExitStat may be set.
951 */
952
953 giveresponse(stat, m, e)
954 int stat;
955 register MAILER *m;
956 ENVELOPE *e;
957 {
958 register char *statmsg;
959 extern char *SysExMsg[];
960 register int i;
961 extern int N_SysEx, h_errno;
962 char buf[MAXLINE];
963
964 #ifdef lint
965 if (m == NULL)
966 return;
967 #endif lint
968
969 /*
970 ** Compute status message from code.
971 */
972
973 i = stat - EX__BASE;
974 if (stat == 0)
975 statmsg = "250 Sent";
976 else if (i < 0 || i > N_SysEx)
977 {
978 (void) sprintf(buf, "554 unknown mailer error %d", stat);
979 stat = EX_UNAVAILABLE;
980 statmsg = buf;
981 }
982 else if (stat == EX_TEMPFAIL)
983 {
984 (void) strcpy(buf, SysExMsg[i]);
985 if (h_errno == TRY_AGAIN)
986 {
987 extern char *errstring();
988
989 statmsg = errstring(h_errno+MAX_ERRNO);
990 }
991 else
992 {
993 if (errno != 0)
994 {
995 extern char *errstring();
996
997 statmsg = errstring(errno);
998 }
999 else
1000 {
1001 #ifdef SMTP
1002 extern char SmtpError[];
1003
1004 statmsg = SmtpError;
1005 #else SMTP
1006 statmsg = NULL;
1007 #endif SMTP
1008 }
1009 }
1010 if (statmsg != NULL && statmsg[0] != '\0')
1011 {
1012 (void) strcat(buf, ": ");
1013 (void) strcat(buf, statmsg);
1014 }
1015 statmsg = buf;
1016 }
1017 else
1018 {
1019 statmsg = SysExMsg[i];
1020 }
1021
1022 /*
1023 ** Print the message as appropriate
1024 */
1025
1026 if (stat == EX_OK || stat == EX_TEMPFAIL)
1027 message(Arpa_Info, &statmsg[4]);
1028 else
1029 {
1030 Errors++;
1031 usrerr(statmsg);
1032 }
1033
1034 /*
1035 ** Final cleanup.
1036 ** Log a record of the transaction. Compute the new
1037 ** ExitStat -- if we already had an error, stick with
1038 ** that.
1039 */
1040
1041 if (LogLevel > ((stat == 0 || stat == EX_TEMPFAIL) ? 3 : 2))
1042 logdelivery(&statmsg[4]);
1043
1044 if (stat != EX_TEMPFAIL)
1045 setstat(stat);
1046 if (stat != EX_OK)
1047 {
1048 if (e->e_message != NULL)
1049 free(e->e_message);
1050 e->e_message = newstr(&statmsg[4]);
1051 }
1052 errno = 0;
1053 h_errno = 0;
1054 }
1055 �/*
1056 ** LOGDELIVERY -- log the delivery in the system log
1057 **
1058 ** Parameters:
1059 ** stat -- the message to print for the status
1060 **
1061 ** Returns:
1062 ** none
1063 **
1064 ** Side Effects:
1065 ** none
1066 */
1067
1068 logdelivery(stat)
1069 char *stat;
1070 {
1071 extern char *pintvl();
1072
1073 # ifdef LOG
1074 syslog(LOG_INFO, "%s: to=%s, delay=%s, stat=%s", CurEnv->e_id,
1075 CurEnv->e_to, pintvl(curtime() - CurEnv->e_ctime, TRUE), stat);
1076 # endif LOG
1077 }
1078 �/*
1079 ** PUTFROMLINE -- output a UNIX-style from line (or whatever)
1080 **
1081 ** This can be made an arbitrary message separator by changing $l
1082 **
1083 ** One of the ugliest hacks seen by human eyes is contained herein:
1084 ** UUCP wants those stupid "remote from <host>" lines. Why oh why
1085 ** does a well-meaning programmer such as myself have to deal with
1086 ** this kind of antique garbage????
1087 **
1088 ** Parameters:
1089 ** fp -- the file to output to.
1090 ** m -- the mailer describing this entry.
1091 **
1092 ** Returns:
1093 ** none
1094 **
1095 ** Side Effects:
1096 ** outputs some text to fp.
1097 */
1098
1099 putfromline(fp, m)
1100 register FILE *fp;
1101 register MAILER *m;
1102 {
1103 char *template = "\001l\n";
1104 char buf[MAXLINE];
1105
1106 if (bitnset(M_NHDR, m->m_flags))
1107 return;
1108
1109 # ifdef UGLYUUCP
1110 if (bitnset(M_UGLYUUCP, m->m_flags))
1111 {
1112 char *bang;
1113 char xbuf[MAXLINE];
1114
1115 expand("\001g", buf, &buf[sizeof buf - 1], CurEnv);
1116 bang = index(buf, '!');
1117 if (bang == NULL)
1118 syserr("No ! in UUCP! (%s)", buf);
1119 else
1120 {
1121 *bang++ = '\0';
1122 (void) sprintf(xbuf, "From %s \001d remote from %s\n", bang, buf);
1123 template = xbuf;
1124 }
1125 }
1126 # endif UGLYUUCP
1127 expand(template, buf, &buf[sizeof buf - 1], CurEnv);
1128 putline(buf, fp, m);
1129 }
1130 �/*
1131 ** PUTBODY -- put the body of a message.
1132 **
1133 ** Parameters:
1134 ** fp -- file to output onto.
1135 ** m -- a mailer descriptor to control output format.
1136 ** e -- the envelope to put out.
1137 **
1138 ** Returns:
1139 ** none.
1140 **
1141 ** Side Effects:
1142 ** The message is written onto fp.
1143 */
1144
1145 putbody(fp, m, e)
1146 FILE *fp;
1147 MAILER *m;
1148 register ENVELOPE *e;
1149 {
1150 char buf[MAXLINE];
1151
1152 /*
1153 ** Output the body of the message
1154 */
1155
1156 if (e->e_dfp == NULL)
1157 {
1158 if (e->e_df != NULL)
1159 {
1160 e->e_dfp = fopen(e->e_df, "r");
1161 if (e->e_dfp == NULL)
1162 syserr("Cannot open %s", e->e_df);
1163 }
1164 else
1165 putline("<<< No Message Collected >>>", fp, m);
1166 }
1167 if (e->e_dfp != NULL)
1168 {
1169 rewind(e->e_dfp);
1170 while (!ferror(fp) && fgets(buf, sizeof buf, e->e_dfp) != NULL)
1171 {
1172 if (buf[0] == 'F' && bitnset(M_ESCFROM, m->m_flags) &&
1173 strncmp(buf, "From", 4) == 0)
1174 (void) putc('>', fp);
1175 putline(buf, fp, m);
1176 }
1177
1178 if (ferror(e->e_dfp))
1179 {
1180 syserr("putbody: read error");
1181 ExitStat = EX_IOERR;
1182 }
1183 }
1184
1185 (void) fflush(fp);
1186 if (ferror(fp) && errno != EPIPE)
1187 {
1188 syserr("putbody: write error");
1189 ExitStat = EX_IOERR;
1190 }
1191 errno = 0;
1192 }
1193 �/*
1194 ** MAILFILE -- Send a message to a file.
1195 **
1196 ** If the file has the setuid/setgid bits set, but NO execute
1197 ** bits, sendmail will try to become the owner of that file
1198 ** rather than the real user. Obviously, this only works if
1199 ** sendmail runs as root.
1200 **
1201 ** This could be done as a subordinate mailer, except that it
1202 ** is used implicitly to save messages in ~/dead.letter. We
1203 ** view this as being sufficiently important as to include it
1204 ** here. For example, if the system is dying, we shouldn't have
1205 ** to create another process plus some pipes to save the message.
1206 **
1207 ** Parameters:
1208 ** filename -- the name of the file to send to.
1209 ** ctladdr -- the controlling address header -- includes
1210 ** the userid/groupid to be when sending.
1211 **
1212 ** Returns:
1213 ** The exit code associated with the operation.
1214 **
1215 ** Side Effects:
1216 ** none.
1217 */
1218
1219 mailfile(filename, ctladdr)
1220 char *filename;
1221 ADDRESS *ctladdr;
1222 {
1223 register FILE *f;
1224 register int pid;
1225
1226 /*
1227 ** Fork so we can change permissions here.
1228 ** Note that we MUST use fork, not vfork, because of
1229 ** the complications of calling subroutines, etc.
1230 */
1231
1232 DOFORK(fork);
1233
1234 if (pid < 0)
1235 return (EX_OSERR);
1236 else if (pid == 0)
1237 {
1238 /* child -- actually write to file */
1239 struct stat stb;
1240
1241 (void) signal(SIGINT, SIG_DFL);
1242 (void) signal(SIGHUP, SIG_DFL);
1243 (void) signal(SIGTERM, SIG_DFL);
1244 (void) umask(OldUmask);
1245 if (stat(filename, &stb) < 0)
1246 {
1247 errno = 0;
1248 stb.st_mode = 0666;
1249 }
1250 if (bitset(0111, stb.st_mode))
1251 exit(EX_CANTCREAT);
1252 if (ctladdr == NULL)
1253 ctladdr = &CurEnv->e_from;
1254 if (!bitset(S_ISGID, stb.st_mode) || setgid(stb.st_gid) < 0)
1255 {
1256 if (ctladdr->q_uid == 0)
1257 (void) setgid(DefGid);
1258 else
1259 (void) setgid(ctladdr->q_gid);
1260 }
1261 if (!bitset(S_ISUID, stb.st_mode) || setuid(stb.st_uid) < 0)
1262 {
1263 if (ctladdr->q_uid == 0)
1264 (void) setuid(DefUid);
1265 else
1266 (void) setuid(ctladdr->q_uid);
1267 }
1268 f = dfopen(filename, "a");
1269 if (f == NULL)
1270 exit(EX_CANTCREAT);
1271
1272 putfromline(f, ProgMailer);
1273 (*CurEnv->e_puthdr)(f, ProgMailer, CurEnv);
1274 putline("\n", f, ProgMailer);
1275 (*CurEnv->e_putbody)(f, ProgMailer, CurEnv);
1276 putline("\n", f, ProgMailer);
1277 (void) fclose(f);
1278 (void) fflush(stdout);
1279
1280 /* reset ISUID & ISGID bits for paranoid systems */
1281 (void) chmod(filename, (int) stb.st_mode);
1282 exit(EX_OK);
1283 /*NOTREACHED*/
1284 }
1285 else
1286 {
1287 /* parent -- wait for exit status */
1288 int st;
1289
1290 st = waitfor(pid);
1291 if ((st & 0377) != 0)
1292 return (EX_UNAVAILABLE);
1293 else
1294 return ((st >> 8) & 0377);
1295 }
1296 }
1297 �/*
1298 ** SENDALL -- actually send all the messages.
1299 **
1300 ** Parameters:
1301 ** e -- the envelope to send.
1302 ** mode -- the delivery mode to use. If SM_DEFAULT, use
1303 ** the current SendMode.
1304 **
1305 ** Returns:
1306 ** none.
1307 **
1308 ** Side Effects:
1309 ** Scans the send lists and sends everything it finds.
1310 ** Delivers any appropriate error messages.
1311 ** If we are running in a non-interactive mode, takes the
1312 ** appropriate action.
1313 */
1314
1315 sendall(e, mode)
1316 ENVELOPE *e;
1317 char mode;
1318 {
1319 register ADDRESS *q;
1320 bool oldverbose;
1321 int pid;
1322
1323 /* determine actual delivery mode */
1324 if (mode == SM_DEFAULT)
1325 {
1326 extern bool shouldqueue();
1327
1328 if (shouldqueue(e->e_msgpriority))
1329 mode = SM_QUEUE;
1330 else
1331 mode = SendMode;
1332 }
1333
1334 #ifdef DEBUG
1335 if (tTd(13, 1))
1336 {
1337 printf("\nSENDALL: mode %c, sendqueue:\n", mode);
1338 printaddr(e->e_sendqueue, TRUE);
1339 }
1340 #endif DEBUG
1341
1342 /*
1343 ** Do any preprocessing necessary for the mode we are running.
1344 ** Check to make sure the hop count is reasonable.
1345 ** Delete sends to the sender in mailing lists.
1346 */
1347
1348 CurEnv = e;
1349
1350 if (e->e_hopcount > MAXHOP)
1351 {
1352 syserr("sendall: too many hops (%d max)", MAXHOP);
1353 return;
1354 }
1355
1356 if (!MeToo)
1357 {
1358 extern ADDRESS *recipient();
1359
1360 e->e_from.q_flags |= QDONTSEND;
1361 (void) recipient(&e->e_from, &e->e_sendqueue);
1362 }
1363
1364 # ifdef QUEUE
1365 if ((mode == SM_QUEUE || mode == SM_FORK ||
1366 (mode != SM_VERIFY && SuperSafe)) &&
1367 !bitset(EF_INQUEUE, e->e_flags))
1368 queueup(e, TRUE, mode == SM_QUEUE);
1369 #endif QUEUE
1370
1371 oldverbose = Verbose;
1372 switch (mode)
1373 {
1374 case SM_VERIFY:
1375 Verbose = TRUE;
1376 break;
1377
1378 case SM_QUEUE:
1379 e->e_flags |= EF_INQUEUE|EF_KEEPQUEUE;
1380 return;
1381
1382 case SM_FORK:
1383 if (e->e_xfp != NULL)
1384 (void) fflush(e->e_xfp);
1385 pid = fork();
1386 if (pid < 0)
1387 {
1388 mode = SM_DELIVER;
1389 break;
1390 }
1391 else if (pid > 0)
1392 {
1393 /* be sure we leave the temp files to our child */
1394 e->e_id = e->e_df = NULL;
1395 return;
1396 }
1397
1398 /* double fork to avoid zombies */
1399 if (fork() > 0)
1400 exit(EX_OK);
1401
1402 /* be sure we are immune from the terminal */
1403 disconnect(FALSE);
1404
1405 break;
1406 }
1407
1408 /*
1409 ** Run through the list and send everything.
1410 */
1411
1412 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
1413 {
1414 if (mode == SM_VERIFY)
1415 {
1416 e->e_to = q->q_paddr;
1417 if (!bitset(QDONTSEND|QBADADDR, q->q_flags))
1418 message(Arpa_Info, "deliverable");
1419 }
1420 else
1421 (void) deliver(e, q);
1422 }
1423 Verbose = oldverbose;
1424
1425 /*
1426 ** Now run through and check for errors.
1427 */
1428
1429 if (mode == SM_VERIFY)
1430 return;
1431
1432 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
1433 {
1434 register ADDRESS *qq;
1435
1436 # ifdef DEBUG
1437 if (tTd(13, 3))
1438 {
1439 printf("Checking ");
1440 printaddr(q, FALSE);
1441 }
1442 # endif DEBUG
1443
1444 /* only send errors if the message failed */
1445 if (!bitset(QBADADDR, q->q_flags))
1446 continue;
1447
1448 /* we have an address that failed -- find the parent */
1449 for (qq = q; qq != NULL; qq = qq->q_alias)
1450 {
1451 char obuf[MAXNAME + 6];
1452 extern char *aliaslookup();
1453
1454 /* we can only have owners for local addresses */
1455 if (!bitnset(M_LOCAL, qq->q_mailer->m_flags))
1456 continue;
1457
1458 /* see if the owner list exists */
1459 (void) strcpy(obuf, "owner-");
1460 if (strncmp(qq->q_user, "owner-", 6) == 0)
1461 (void) strcat(obuf, "owner");
1462 else
1463 (void) strcat(obuf, qq->q_user);
1464 if (aliaslookup(obuf) == NULL)
1465 continue;
1466
1467 # ifdef DEBUG
1468 if (tTd(13, 4))
1469 printf("Errors to %s\n", obuf);
1470 # endif DEBUG
1471
1472 /* owner list exists -- add it to the error queue */
1473 sendtolist(obuf, (ADDRESS *) NULL, &e->e_errorqueue);
1474 ErrorMode = EM_MAIL;
1475 break;
1476 }
1477
1478 /* if we did not find an owner, send to the sender */
1479 if (qq == NULL && bitset(QBADADDR, q->q_flags))
1480 sendtolist(e->e_from.q_paddr, qq, &e->e_errorqueue);
1481 }
1482
1483 if (mode == SM_FORK)
1484 finis();
1485 }
1486