1 /*
2 * Copyright (c) 1983 Eric P. Allman
3 * Copyright (c) 1988, 1993
4 * The Regents of the University of California. All rights reserved.
5 *
6 * %sccs.include.redist.c%
7 */
8
9 #ifndef lint
10 static char sccsid[] = "@(#)deliver.c 8.2 (Berkeley) 07/11/93";
11 #endif /* not lint */
12
13 #include "sendmail.h"
14 #include <signal.h>
15 #include <netdb.h>
16 #include <errno.h>
17 #ifdef NAMED_BIND
18 #include <arpa/nameser.h>
19 #include <resolv.h>
20
21 extern int h_errno;
22 #endif
23
24 /*
25 ** SENDALL -- actually send all the messages.
26 **
27 ** Parameters:
28 ** e -- the envelope to send.
29 ** mode -- the delivery mode to use. If SM_DEFAULT, use
30 ** the current e->e_sendmode.
31 **
32 ** Returns:
33 ** none.
34 **
35 ** Side Effects:
36 ** Scans the send lists and sends everything it finds.
37 ** Delivers any appropriate error messages.
38 ** If we are running in a non-interactive mode, takes the
39 ** appropriate action.
40 */
41
42 sendall(e, mode)
43 ENVELOPE *e;
44 char mode;
45 {
46 register ADDRESS *q;
47 char *owner;
48 int otherowners;
49 register ENVELOPE *ee;
50 ENVELOPE *splitenv = NULL;
51 bool announcequeueup;
52
53 if (bitset(EF_FATALERRS, e->e_flags))
54 {
55 /* this will get a return message -- so don't send it */
56 e->e_flags |= EF_CLRQUEUE;
57 return;
58 }
59
60 /* determine actual delivery mode */
61 if (mode == SM_DEFAULT)
62 {
63 mode = e->e_sendmode;
64 if (mode != SM_VERIFY &&
65 shouldqueue(e->e_msgpriority, e->e_ctime))
66 mode = SM_QUEUE;
67 announcequeueup = mode == SM_QUEUE;
68 }
69 else
70 announcequeueup = FALSE;
71
72 if (tTd(13, 1))
73 {
74 printf("\nSENDALL: mode %c, e_from ", mode);
75 printaddr(&e->e_from, FALSE);
76 printf("sendqueue:\n");
77 printaddr(e->e_sendqueue, TRUE);
78 }
79
80 /*
81 ** Do any preprocessing necessary for the mode we are running.
82 ** Check to make sure the hop count is reasonable.
83 ** Delete sends to the sender in mailing lists.
84 */
85
86 CurEnv = e;
87
88 if (e->e_hopcount > MaxHopCount)
89 {
90 errno = 0;
91 syserr("554 too many hops %d (%d max): from %s, to %s",
92 e->e_hopcount, MaxHopCount, e->e_from.q_paddr,
93 e->e_sendqueue->q_paddr);
94 return;
95 }
96
97 /*
98 ** Do sender deletion.
99 **
100 ** If the sender has the QQUEUEUP flag set, skip this.
101 ** This can happen if the name server is hosed when you
102 ** are trying to send mail. The result is that the sender
103 ** is instantiated in the queue as a recipient.
104 */
105
106 if (!MeToo && !bitset(QQUEUEUP, e->e_from.q_flags))
107 {
108 if (tTd(13, 5))
109 {
110 printf("sendall: QDONTSEND ");
111 printaddr(&e->e_from, FALSE);
112 }
113 e->e_from.q_flags |= QDONTSEND;
114 (void) recipient(&e->e_from, &e->e_sendqueue, e);
115 }
116
117 /*
118 ** Handle alias owners.
119 **
120 ** We scan up the q_alias chain looking for owners.
121 ** We discard owners that are the same as the return path.
122 */
123
124 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
125 {
126 register struct address *a;
127
128 for (a = q; a != NULL && a->q_owner == NULL; a = a->q_alias)
129 continue;
130 if (a != NULL)
131 q->q_owner = a->q_owner;
132
133 if (q->q_owner != NULL &&
134 !bitset(QDONTSEND, q->q_flags) &&
135 strcmp(q->q_owner, e->e_from.q_paddr) == 0)
136 q->q_owner = NULL;
137 }
138
139 owner = "";
140 otherowners = 1;
141 while (owner != NULL && otherowners > 0)
142 {
143 owner = NULL;
144 otherowners = 0;
145
146 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
147 {
148 if (bitset(QDONTSEND, q->q_flags))
149 continue;
150
151 if (q->q_owner != NULL)
152 {
153 if (owner == NULL)
154 owner = q->q_owner;
155 else if (owner != q->q_owner)
156 {
157 if (strcmp(owner, q->q_owner) == 0)
158 {
159 /* make future comparisons cheap */
160 q->q_owner = owner;
161 }
162 else
163 {
164 otherowners++;
165 }
166 owner = q->q_owner;
167 }
168 }
169 else
170 {
171 otherowners++;
172 }
173 }
174
175 if (owner != NULL && otherowners > 0)
176 {
177 extern HDR *copyheader();
178 extern ADDRESS *copyqueue();
179
180 /*
181 ** Split this envelope into two.
182 */
183
184 ee = (ENVELOPE *) xalloc(sizeof(ENVELOPE));
185 *ee = *e;
186 ee->e_id = NULL;
187 (void) queuename(ee, '\0');
188
189 if (tTd(13, 1))
190 printf("sendall: split %s into %s\n",
191 e->e_id, ee->e_id);
192
193 ee->e_header = copyheader(e->e_header);
194 ee->e_sendqueue = copyqueue(e->e_sendqueue);
195 ee->e_errorqueue = copyqueue(e->e_errorqueue);
196 ee->e_flags = e->e_flags & ~(EF_INQUEUE|EF_CLRQUEUE|EF_FATALERRS);
197 setsender(owner, ee, NULL, TRUE);
198 if (tTd(13, 5))
199 {
200 printf("sendall(split): QDONTSEND ");
201 printaddr(&ee->e_from, FALSE);
202 }
203 ee->e_from.q_flags |= QDONTSEND;
204 ee->e_dfp = NULL;
205 ee->e_xfp = NULL;
206 ee->e_lockfp = NULL;
207 ee->e_df = NULL;
208 ee->e_errormode = EM_MAIL;
209 ee->e_sibling = splitenv;
210 splitenv = ee;
211
212 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
213 if (q->q_owner == owner)
214 q->q_flags |= QDONTSEND;
215 for (q = ee->e_sendqueue; q != NULL; q = q->q_next)
216 if (q->q_owner != owner)
217 q->q_flags |= QDONTSEND;
218
219 if (e->e_df != NULL && mode != SM_VERIFY)
220 {
221 ee->e_dfp = NULL;
222 ee->e_df = newstr(queuename(ee, 'd'));
223 if (link(e->e_df, ee->e_df) < 0)
224 {
225 syserr("sendall: link(%s, %s)",
226 e->e_df, ee->e_df);
227 }
228 }
229
230 if (mode != SM_VERIFY)
231 openxscript(ee);
232 #ifdef LOG
233 if (LogLevel > 4)
234 syslog(LOG_INFO, "%s: clone %s",
235 ee->e_id, e->e_id);
236 #endif
237 }
238 }
239
240 if (owner != NULL)
241 {
242 setsender(owner, e, NULL, TRUE);
243 if (tTd(13, 5))
244 {
245 printf("sendall(owner): QDONTSEND ");
246 printaddr(&e->e_from, FALSE);
247 }
248 e->e_from.q_flags |= QDONTSEND;
249 e->e_errormode = EM_MAIL;
250 }
251
252 # ifdef QUEUE
253 if ((mode == SM_QUEUE || mode == SM_FORK ||
254 (mode != SM_VERIFY && SuperSafe)) &&
255 !bitset(EF_INQUEUE, e->e_flags))
256 {
257 /* be sure everything is instantiated in the queue */
258 queueup(e, TRUE, announcequeueup);
259 for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
260 queueup(ee, TRUE, announcequeueup);
261 }
262 #endif /* QUEUE */
263
264 if (splitenv != NULL)
265 {
266 if (tTd(13, 1))
267 {
268 printf("\nsendall: Split queue; remaining queue:\n");
269 printaddr(e->e_sendqueue, TRUE);
270 }
271
272 for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
273 {
274 CurEnv = ee;
275 sendenvelope(ee, mode);
276 }
277
278 CurEnv = e;
279 }
280 sendenvelope(e, mode);
281
282 for (; splitenv != NULL; splitenv = splitenv->e_sibling)
283 dropenvelope(splitenv);
284 }
285
286 sendenvelope(e, mode)
287 register ENVELOPE *e;
288 char mode;
289 {
290 bool oldverbose;
291 int pid;
292 register ADDRESS *q;
293 #ifdef LOCKF
294 struct flock lfd;
295 #endif
296
297 oldverbose = Verbose;
298 switch (mode)
299 {
300 case SM_VERIFY:
301 Verbose = TRUE;
302 break;
303
304 case SM_QUEUE:
305 queueonly:
306 e->e_flags |= EF_INQUEUE|EF_KEEPQUEUE;
307 return;
308
309 case SM_FORK:
310 if (e->e_xfp != NULL)
311 (void) fflush(e->e_xfp);
312
313 # ifdef LOCKF
314 /*
315 ** Since lockf has the interesting semantic that the
316 ** lock is lost when we fork, we have to risk losing
317 ** the lock here by closing before the fork, and then
318 ** trying to get it back in the child.
319 */
320
321 if (e->e_lockfp != NULL)
322 {
323 (void) xfclose(e->e_lockfp, "sendenvelope", "lockfp");
324 e->e_lockfp = NULL;
325 }
326 # endif /* LOCKF */
327
328 pid = fork();
329 if (pid < 0)
330 {
331 goto queueonly;
332 }
333 else if (pid > 0)
334 {
335 /* be sure we leave the temp files to our child */
336 e->e_id = e->e_df = NULL;
337 # ifndef LOCKF
338 if (e->e_lockfp != NULL)
339 {
340 (void) xfclose(e->e_lockfp, "sendenvelope", "lockfp");
341 e->e_lockfp = NULL;
342 }
343 # endif
344
345 /* close any random open files in the envelope */
346 if (e->e_dfp != NULL)
347 {
348 (void) xfclose(e->e_dfp, "sendenvelope", "dfp");
349 e->e_dfp = NULL;
350 }
351 if (e->e_xfp != NULL)
352 {
353 (void) xfclose(e->e_xfp, "sendenvelope", "xfp");
354 e->e_xfp = NULL;
355 }
356 return;
357 }
358
359 /* double fork to avoid zombies */
360 if (fork() > 0)
361 exit(EX_OK);
362
363 /* be sure we are immune from the terminal */
364 disconnect(FALSE, e);
365
366 # ifdef LOCKF
367 /*
368 ** Now try to get our lock back.
369 */
370
371 lfd.l_type = F_WRLCK;
372 lfd.l_whence = lfd.l_start = lfd.l_len = 0;
373 e->e_lockfp = fopen(queuename(e, 'q'), "r+");
374 if (e->e_lockfp == NULL ||
375 fcntl(fileno(e->e_lockfp), F_SETLK, &lfd) < 0)
376 {
377 /* oops.... lost it */
378 if (tTd(13, 1))
379 printf("sendenvelope: %s lost lock: lockfp=%x, %s\n",
380 e->e_id, e->e_lockfp, errstring(errno));
381
382 # ifdef LOG
383 if (LogLevel > 29)
384 syslog(LOG_NOTICE, "%s: lost lock: %m",
385 e->e_id);
386 # endif /* LOG */
387 exit(EX_OK);
388 }
389 # endif /* LOCKF */
390
391 /*
392 ** Close any cached connections.
393 **
394 ** We don't send the QUIT protocol because the parent
395 ** still knows about the connection.
396 **
397 ** This should only happen when delivering an error
398 ** message.
399 */
400
401 mci_flush(FALSE, NULL);
402
403 break;
404 }
405
406 /*
407 ** Run through the list and send everything.
408 */
409
410 e->e_nsent = 0;
411 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
412 {
413 if (mode == SM_VERIFY)
414 {
415 e->e_to = q->q_paddr;
416 if (!bitset(QDONTSEND|QBADADDR, q->q_flags))
417 {
418 message("deliverable: mailer %s, host %s, user %s",
419 q->q_mailer->m_name,
420 q->q_host,
421 q->q_user);
422 }
423 }
424 else if (!bitset(QDONTSEND|QBADADDR, q->q_flags))
425 {
426 # ifdef QUEUE
427 /*
428 ** Checkpoint the send list every few addresses
429 */
430
431 if (e->e_nsent >= CheckpointInterval)
432 {
433 queueup(e, TRUE, FALSE);
434 e->e_nsent = 0;
435 }
436 # endif /* QUEUE */
437 (void) deliver(e, q);
438 }
439 }
440 Verbose = oldverbose;
441
442 /*
443 ** Now run through and check for errors.
444 */
445
446 if (mode == SM_VERIFY)
447 {
448 return;
449 }
450
451 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
452 {
453 if (tTd(13, 3))
454 {
455 printf("Checking ");
456 printaddr(q, FALSE);
457 }
458
459 /* only send errors if the message failed */
460 if (!bitset(QBADADDR, q->q_flags) ||
461 bitset(QDONTSEND, q->q_flags))
462 continue;
463
464 e->e_flags |= EF_FATALERRS;
465
466 if (q->q_owner == NULL && strcmp(e->e_from.q_paddr, "<>") != 0)
467 (void) sendtolist(e->e_from.q_paddr, NULL,
468 &e->e_errorqueue, e);
469 }
470
471 if (mode == SM_FORK)
472 finis();
473 }
474 �/*
475 ** DOFORK -- do a fork, retrying a couple of times on failure.
476 **
477 ** This MUST be a macro, since after a vfork we are running
478 ** two processes on the same stack!!!
479 **
480 ** Parameters:
481 ** none.
482 **
483 ** Returns:
484 ** From a macro??? You've got to be kidding!
485 **
486 ** Side Effects:
487 ** Modifies the ==> LOCAL <== variable 'pid', leaving:
488 ** pid of child in parent, zero in child.
489 ** -1 on unrecoverable error.
490 **
491 ** Notes:
492 ** I'm awfully sorry this looks so awful. That's
493 ** vfork for you.....
494 */
495
496 # define NFORKTRIES 5
497
498 # ifndef FORK
499 # define FORK fork
500 # endif
501
502 # define DOFORK(fORKfN) \
503 {\
504 register int i;\
505 \
506 for (i = NFORKTRIES; --i >= 0; )\
507 {\
508 pid = fORKfN();\
509 if (pid >= 0)\
510 break;\
511 if (i > 0)\
512 sleep((unsigned) NFORKTRIES - i);\
513 }\
514 }
515 �/*
516 ** DOFORK -- simple fork interface to DOFORK.
517 **
518 ** Parameters:
519 ** none.
520 **
521 ** Returns:
522 ** pid of child in parent.
523 ** zero in child.
524 ** -1 on error.
525 **
526 ** Side Effects:
527 ** returns twice, once in parent and once in child.
528 */
529
530 dofork()
531 {
532 register int pid;
533
534 DOFORK(fork);
535 return (pid);
536 }
537 �/*
538 ** DELIVER -- Deliver a message to a list of addresses.
539 **
540 ** This routine delivers to everyone on the same host as the
541 ** user on the head of the list. It is clever about mailers
542 ** that don't handle multiple users. It is NOT guaranteed
543 ** that it will deliver to all these addresses however -- so
544 ** deliver should be called once for each address on the
545 ** list.
546 **
547 ** Parameters:
548 ** e -- the envelope to deliver.
549 ** firstto -- head of the address list to deliver to.
550 **
551 ** Returns:
552 ** zero -- successfully delivered.
553 ** else -- some failure, see ExitStat for more info.
554 **
555 ** Side Effects:
556 ** The standard input is passed off to someone.
557 */
558
559 deliver(e, firstto)
560 register ENVELOPE *e;
561 ADDRESS *firstto;
562 {
563 char *host; /* host being sent to */
564 char *user; /* user being sent to */
565 char **pvp;
566 register char **mvp;
567 register char *p;
568 register MAILER *m; /* mailer for this recipient */
569 ADDRESS *ctladdr;
570 register MCI *mci;
571 register ADDRESS *to = firstto;
572 bool clever = FALSE; /* running user smtp to this mailer */
573 ADDRESS *tochain = NULL; /* chain of users in this mailer call */
574 int rcode; /* response code */
575 char *firstsig; /* signature of firstto */
576 int pid;
577 char *curhost;
578 int mpvect[2];
579 int rpvect[2];
580 char *pv[MAXPV+1];
581 char tobuf[TOBUFSIZE]; /* text line of to people */
582 char buf[MAXNAME];
583 char rpathbuf[MAXNAME]; /* translated return path */
584 extern int checkcompat();
585 extern FILE *fdopen();
586
587 errno = 0;
588 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags))
589 return (0);
590
591 #ifdef NAMED_BIND
592 /* unless interactive, try twice, over a minute */
593 if (OpMode == MD_DAEMON || OpMode == MD_SMTP) {
594 _res.retrans = 30;
595 _res.retry = 2;
596 }
597 #endif
598
599 m = to->q_mailer;
600 host = to->q_host;
601 CurEnv = e; /* just in case */
602 e->e_statmsg = NULL;
603
604 if (tTd(10, 1))
605 printf("\n--deliver, mailer=%d, host=`%s', first user=`%s'\n",
606 m->m_mno, host, to->q_user);
607
608 /*
609 ** If this mailer is expensive, and if we don't want to make
610 ** connections now, just mark these addresses and return.
611 ** This is useful if we want to batch connections to
612 ** reduce load. This will cause the messages to be
613 ** queued up, and a daemon will come along to send the
614 ** messages later.
615 ** This should be on a per-mailer basis.
616 */
617
618 if (NoConnect && !bitset(EF_QUEUERUN, e->e_flags) &&
619 bitnset(M_EXPENSIVE, m->m_flags) && !Verbose)
620 {
621 for (; to != NULL; to = to->q_next)
622 {
623 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags) ||
624 to->q_mailer != m)
625 continue;
626 to->q_flags |= QQUEUEUP|QDONTSEND;
627 e->e_to = to->q_paddr;
628 message("queued");
629 if (LogLevel > 8)
630 logdelivery(m, NULL, "queued", e);
631 }
632 e->e_to = NULL;
633 return (0);
634 }
635
636 /*
637 ** Do initial argv setup.
638 ** Insert the mailer name. Notice that $x expansion is
639 ** NOT done on the mailer name. Then, if the mailer has
640 ** a picky -f flag, we insert it as appropriate. This
641 ** code does not check for 'pv' overflow; this places a
642 ** manifest lower limit of 4 for MAXPV.
643 ** The from address rewrite is expected to make
644 ** the address relative to the other end.
645 */
646
647 /* rewrite from address, using rewriting rules */
648 rcode = EX_OK;
649 (void) strcpy(rpathbuf, remotename(e->e_from.q_paddr, m,
650 RF_SENDERADDR|RF_CANONICAL,
651 &rcode, e));
652 define('g', rpathbuf, e); /* translated return path */
653 define('h', host, e); /* to host */
654 Errors = 0;
655 pvp = pv;
656 *pvp++ = m->m_argv[0];
657
658 /* insert -f or -r flag as appropriate */
659 if (FromFlag && (bitnset(M_FOPT, m->m_flags) || bitnset(M_ROPT, m->m_flags)))
660 {
661 if (bitnset(M_FOPT, m->m_flags))
662 *pvp++ = "-f";
663 else
664 *pvp++ = "-r";
665 *pvp++ = newstr(rpathbuf);
666 }
667
668 /*
669 ** Append the other fixed parts of the argv. These run
670 ** up to the first entry containing "$u". There can only
671 ** be one of these, and there are only a few more slots
672 ** in the pv after it.
673 */
674
675 for (mvp = m->m_argv; (p = *++mvp) != NULL; )
676 {
677 /* can't use strchr here because of sign extension problems */
678 while (*p != '\0')
679 {
680 if ((*p++ & 0377) == MACROEXPAND)
681 {
682 if (*p == 'u')
683 break;
684 }
685 }
686
687 if (*p != '\0')
688 break;
689
690 /* this entry is safe -- go ahead and process it */
691 expand(*mvp, buf, &buf[sizeof buf - 1], e);
692 *pvp++ = newstr(buf);
693 if (pvp >= &pv[MAXPV - 3])
694 {
695 syserr("554 Too many parameters to %s before $u", pv[0]);
696 return (-1);
697 }
698 }
699
700 /*
701 ** If we have no substitution for the user name in the argument
702 ** list, we know that we must supply the names otherwise -- and
703 ** SMTP is the answer!!
704 */
705
706 if (*mvp == NULL)
707 {
708 /* running SMTP */
709 # ifdef SMTP
710 clever = TRUE;
711 *pvp = NULL;
712 # else /* SMTP */
713 /* oops! we don't implement SMTP */
714 syserr("554 SMTP style mailer");
715 return (EX_SOFTWARE);
716 # endif /* SMTP */
717 }
718
719 /*
720 ** At this point *mvp points to the argument with $u. We
721 ** run through our address list and append all the addresses
722 ** we can. If we run out of space, do not fret! We can
723 ** always send another copy later.
724 */
725
726 tobuf[0] = '\0';
727 e->e_to = tobuf;
728 ctladdr = NULL;
729 firstsig = hostsignature(firstto->q_mailer, firstto->q_host, e);
730 for (; to != NULL; to = to->q_next)
731 {
732 /* avoid sending multiple recipients to dumb mailers */
733 if (tobuf[0] != '\0' && !bitnset(M_MUSER, m->m_flags))
734 break;
735
736 /* if already sent or not for this host, don't send */
737 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags) ||
738 to->q_mailer != firstto->q_mailer ||
739 strcmp(hostsignature(to->q_mailer, to->q_host, e), firstsig) != 0)
740 continue;
741
742 /* avoid overflowing tobuf */
743 if (sizeof tobuf < (strlen(to->q_paddr) + strlen(tobuf) + 2))
744 break;
745
746 if (tTd(10, 1))
747 {
748 printf("\nsend to ");
749 printaddr(to, FALSE);
750 }
751
752 /* compute effective uid/gid when sending */
753 if (to->q_mailer == ProgMailer)
754 ctladdr = getctladdr(to);
755
756 user = to->q_user;
757 e->e_to = to->q_paddr;
758 if (tTd(10, 5))
759 {
760 printf("deliver: QDONTSEND ");
761 printaddr(to, FALSE);
762 }
763 to->q_flags |= QDONTSEND;
764
765 /*
766 ** Check to see that these people are allowed to
767 ** talk to each other.
768 */
769
770 if (m->m_maxsize != 0 && e->e_msgsize > m->m_maxsize)
771 {
772 NoReturn = TRUE;
773 usrerr("552 Message is too large; %ld bytes max", m->m_maxsize);
774 giveresponse(EX_UNAVAILABLE, m, NULL, e);
775 continue;
776 }
777 rcode = checkcompat(to, e);
778 if (rcode != EX_OK)
779 {
780 giveresponse(rcode, m, NULL, e);
781 continue;
782 }
783
784 /*
785 ** Strip quote bits from names if the mailer is dumb
786 ** about them.
787 */
788
789 if (bitnset(M_STRIPQ, m->m_flags))
790 {
791 stripquotes(user);
792 stripquotes(host);
793 }
794
795 /* hack attack -- delivermail compatibility */
796 if (m == ProgMailer && *user == '|')
797 user++;
798
799 /*
800 ** If an error message has already been given, don't
801 ** bother to send to this address.
802 **
803 ** >>>>>>>>>> This clause assumes that the local mailer
804 ** >> NOTE >> cannot do any further aliasing; that
805 ** >>>>>>>>>> function is subsumed by sendmail.
806 */
807
808 if (bitset(QBADADDR|QQUEUEUP, to->q_flags))
809 continue;
810
811 /* save statistics.... */
812 markstats(e, to);
813
814 /*
815 ** See if this user name is "special".
816 ** If the user name has a slash in it, assume that this
817 ** is a file -- send it off without further ado. Note
818 ** that this type of addresses is not processed along
819 ** with the others, so we fudge on the To person.
820 */
821
822 if (m == FileMailer)
823 {
824 rcode = mailfile(user, getctladdr(to), e);
825 giveresponse(rcode, m, NULL, e);
826 if (rcode == EX_OK)
827 to->q_flags |= QSENT;
828 continue;
829 }
830
831 /*
832 ** Address is verified -- add this user to mailer
833 ** argv, and add it to the print list of recipients.
834 */
835
836 /* link together the chain of recipients */
837 to->q_tchain = tochain;
838 tochain = to;
839
840 /* create list of users for error messages */
841 (void) strcat(tobuf, ",");
842 (void) strcat(tobuf, to->q_paddr);
843 define('u', user, e); /* to user */
844 define('z', to->q_home, e); /* user's home */
845
846 /*
847 ** Expand out this user into argument list.
848 */
849
850 if (!clever)
851 {
852 expand(*mvp, buf, &buf[sizeof buf - 1], e);
853 *pvp++ = newstr(buf);
854 if (pvp >= &pv[MAXPV - 2])
855 {
856 /* allow some space for trailing parms */
857 break;
858 }
859 }
860 }
861
862 /* see if any addresses still exist */
863 if (tobuf[0] == '\0')
864 {
865 define('g', (char *) NULL, e);
866 return (0);
867 }
868
869 /* print out messages as full list */
870 e->e_to = tobuf + 1;
871
872 /*
873 ** Fill out any parameters after the $u parameter.
874 */
875
876 while (!clever && *++mvp != NULL)
877 {
878 expand(*mvp, buf, &buf[sizeof buf - 1], e);
879 *pvp++ = newstr(buf);
880 if (pvp >= &pv[MAXPV])
881 syserr("554 deliver: pv overflow after $u for %s", pv[0]);
882 }
883 *pvp++ = NULL;
884
885 /*
886 ** Call the mailer.
887 ** The argument vector gets built, pipes
888 ** are created as necessary, and we fork & exec as
889 ** appropriate.
890 ** If we are running SMTP, we just need to clean up.
891 */
892
893 if (ctladdr == NULL && m != ProgMailer)
894 ctladdr = &e->e_from;
895 #ifdef NAMED_BIND
896 if (ConfigLevel < 2)
897 _res.options &= ~(RES_DEFNAMES | RES_DNSRCH); /* XXX */
898 #endif
899
900 if (tTd(11, 1))
901 {
902 printf("openmailer:");
903 printav(pv);
904 }
905 errno = 0;
906
907 CurHostName = m->m_mailer;
908
909 /*
910 ** Deal with the special case of mail handled through an IPC
911 ** connection.
912 ** In this case we don't actually fork. We must be
913 ** running SMTP for this to work. We will return a
914 ** zero pid to indicate that we are running IPC.
915 ** We also handle a debug version that just talks to stdin/out.
916 */
917
918 curhost = NULL;
919
920 /* check for Local Person Communication -- not for mortals!!! */
921 if (strcmp(m->m_mailer, "[LPC]") == 0)
922 {
923 mci = (MCI *) xalloc(sizeof *mci);
924 bzero((char *) mci, sizeof *mci);
925 mci->mci_in = stdin;
926 mci->mci_out = stdout;
927 mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN;
928 mci->mci_mailer = m;
929 }
930 else if (strcmp(m->m_mailer, "[IPC]") == 0 ||
931 strcmp(m->m_mailer, "[TCP]") == 0)
932 {
933 #ifdef DAEMON
934 register int i;
935 register u_short port;
936
937 CurHostName = pv[1];
938 curhost = hostsignature(m, pv[1], e);
939
940 if (curhost == NULL || curhost[0] == '\0')
941 {
942 syserr("null signature");
943 rcode = EX_OSERR;
944 goto give_up;
945 }
946
947 if (!clever)
948 {
949 syserr("554 non-clever IPC");
950 rcode = EX_OSERR;
951 goto give_up;
952 }
953 if (pv[2] != NULL)
954 port = atoi(pv[2]);
955 else
956 port = 0;
957 tryhost:
958 mci = NULL;
959 while (*curhost != '\0')
960 {
961 register char *p;
962 static char hostbuf[MAXNAME];
963
964 mci = NULL;
965
966 /* pull the next host from the signature */
967 p = strchr(curhost, ':');
968 if (p == NULL)
969 p = &curhost[strlen(curhost)];
970 strncpy(hostbuf, curhost, p - curhost);
971 hostbuf[p - curhost] = '\0';
972 if (*p != '\0')
973 p++;
974 curhost = p;
975
976 /* see if we already know that this host is fried */
977 CurHostName = hostbuf;
978 mci = mci_get(hostbuf, m);
979 if (mci->mci_state != MCIS_CLOSED)
980 {
981 if (tTd(11, 1))
982 {
983 printf("openmailer: ");
984 mci_dump(mci);
985 }
986 CurHostName = mci->mci_host;
987 break;
988 }
989 mci->mci_mailer = m;
990 if (mci->mci_exitstat != EX_OK)
991 continue;
992
993 /* try the connection */
994 setproctitle("%s %s: %s", e->e_id, hostbuf, "user open");
995 message("Connecting to %s (%s)...",
996 hostbuf, m->m_name);
997 i = makeconnection(hostbuf, port, mci,
998 bitnset(M_SECURE_PORT, m->m_flags));
999 mci->mci_exitstat = i;
1000 mci->mci_errno = errno;
1001 #ifdef NAMED_BIND
1002 mci->mci_herrno = h_errno;
1003 #endif
1004 if (i == EX_OK)
1005 {
1006 mci->mci_state = MCIS_OPENING;
1007 mci_cache(mci);
1008 if (TrafficLogFile != NULL)
1009 fprintf(TrafficLogFile, "%05d == CONNECT %s\n",
1010 getpid(), hostbuf);
1011 break;
1012 }
1013 else if (tTd(11, 1))
1014 printf("openmailer: makeconnection => stat=%d, errno=%d\n",
1015 i, errno);
1016
1017
1018 /* enter status of this host */
1019 setstat(i);
1020 }
1021 mci->mci_pid = 0;
1022 #else /* no DAEMON */
1023 syserr("554 openmailer: no IPC");
1024 if (tTd(11, 1))
1025 printf("openmailer: NULL\n");
1026 return NULL;
1027 #endif /* DAEMON */
1028 }
1029 else
1030 {
1031 #ifdef XDEBUG
1032 char wbuf[MAXLINE];
1033
1034 /* make absolutely certain 0, 1, and 2 are in use */
1035 sprintf(wbuf, "%s... openmailer(%s)", e->e_to, m->m_name);
1036 checkfd012(wbuf);
1037 #endif
1038
1039 if (TrafficLogFile != NULL)
1040 {
1041 char **av;
1042
1043 fprintf(TrafficLogFile, "%05d === EXEC", getpid());
1044 for (av = pv; *av != NULL; av++)
1045 fprintf(TrafficLogFile, " %s", *av);
1046 fprintf(TrafficLogFile, "\n");
1047 }
1048
1049 /* create a pipe to shove the mail through */
1050 if (pipe(mpvect) < 0)
1051 {
1052 syserr("%s... openmailer(%s): pipe (to mailer)",
1053 e->e_to, m->m_name);
1054 if (tTd(11, 1))
1055 printf("openmailer: NULL\n");
1056 rcode = EX_OSERR;
1057 goto give_up;
1058 }
1059
1060 /* if this mailer speaks smtp, create a return pipe */
1061 if (clever && pipe(rpvect) < 0)
1062 {
1063 syserr("%s... openmailer(%s): pipe (from mailer)",
1064 e->e_to, m->m_name);
1065 (void) close(mpvect[0]);
1066 (void) close(mpvect[1]);
1067 if (tTd(11, 1))
1068 printf("openmailer: NULL\n");
1069 rcode = EX_OSERR;
1070 goto give_up;
1071 }
1072
1073 /*
1074 ** Actually fork the mailer process.
1075 ** DOFORK is clever about retrying.
1076 **
1077 ** Dispose of SIGCHLD signal catchers that may be laying
1078 ** around so that endmail will get it.
1079 */
1080
1081 if (e->e_xfp != NULL)
1082 (void) fflush(e->e_xfp); /* for debugging */
1083 (void) fflush(stdout);
1084 # ifdef SIGCHLD
1085 (void) signal(SIGCHLD, SIG_DFL);
1086 # endif /* SIGCHLD */
1087 DOFORK(FORK);
1088 /* pid is set by DOFORK */
1089 if (pid < 0)
1090 {
1091 /* failure */
1092 syserr("%s... openmailer(%s): cannot fork",
1093 e->e_to, m->m_name);
1094 (void) close(mpvect[0]);
1095 (void) close(mpvect[1]);
1096 if (clever)
1097 {
1098 (void) close(rpvect[0]);
1099 (void) close(rpvect[1]);
1100 }
1101 if (tTd(11, 1))
1102 printf("openmailer: NULL\n");
1103 rcode = EX_OSERR;
1104 goto give_up;
1105 }
1106 else if (pid == 0)
1107 {
1108 int i;
1109 int saveerrno;
1110 char **ep;
1111 char *env[MAXUSERENVIRON];
1112 extern char **environ;
1113 extern int DtableSize;
1114
1115 /* child -- set up input & exec mailer */
1116 /* make diagnostic output be standard output */
1117 (void) signal(SIGINT, SIG_IGN);
1118 (void) signal(SIGHUP, SIG_IGN);
1119 (void) signal(SIGTERM, SIG_DFL);
1120
1121 /* close any other cached connections */
1122 mci_flush(FALSE, mci);
1123
1124 /* move into some "safe" directory */
1125 if (m->m_execdir != NULL)
1126 {
1127 char *p, *q;
1128 char buf[MAXLINE];
1129
1130 for (p = m->m_execdir; p != NULL; p = q)
1131 {
1132 q = strchr(p, ':');
1133 if (q != NULL)
1134 *q = '\0';
1135 expand(p, buf, &buf[sizeof buf] - 1, e);
1136 if (q != NULL)
1137 *q++ = ':';
1138 if (tTd(11, 20))
1139 printf("openmailer: trydir %s\n",
1140 buf);
1141 if (buf[0] != '\0' && chdir(buf) >= 0)
1142 break;
1143 }
1144 }
1145
1146 /* arrange to filter std & diag output of command */
1147 if (clever)
1148 {
1149 (void) close(rpvect[0]);
1150 if (dup2(rpvect[1], STDOUT_FILENO) < 0)
1151 {
1152 syserr("%s... openmailer(%s): cannot dup pipe %d for stdout",
1153 e->e_to, m->m_name, rpvect[1]);
1154 _exit(EX_OSERR);
1155 }
1156 (void) close(rpvect[1]);
1157 }
1158 else if (OpMode == MD_SMTP || HoldErrs)
1159 {
1160 /* put mailer output in transcript */
1161 if (dup2(fileno(e->e_xfp), STDOUT_FILENO) < 0)
1162 {
1163 syserr("%s... openmailer(%s): cannot dup xscript %d for stdout",
1164 e->e_to, m->m_name,
1165 fileno(e->e_xfp));
1166 _exit(EX_OSERR);
1167 }
1168 }
1169 if (dup2(STDOUT_FILENO, STDERR_FILENO) < 0)
1170 {
1171 syserr("%s... openmailer(%s): cannot dup stdout for stderr",
1172 e->e_to, m->m_name);
1173 _exit(EX_OSERR);
1174 }
1175
1176 /* arrange to get standard input */
1177 (void) close(mpvect[1]);
1178 if (dup2(mpvect[0], STDIN_FILENO) < 0)
1179 {
1180 syserr("%s... openmailer(%s): cannot dup pipe %d for stdin",
1181 e->e_to, m->m_name, mpvect[0]);
1182 _exit(EX_OSERR);
1183 }
1184 (void) close(mpvect[0]);
1185 if (!bitnset(M_RESTR, m->m_flags))
1186 {
1187 if (ctladdr == NULL || ctladdr->q_uid == 0)
1188 {
1189 (void) setgid(DefGid);
1190 (void) initgroups(DefUser, DefGid);
1191 (void) setuid(DefUid);
1192 }
1193 else
1194 {
1195 (void) setgid(ctladdr->q_gid);
1196 (void) initgroups(ctladdr->q_ruser?
1197 ctladdr->q_ruser: ctladdr->q_user,
1198 ctladdr->q_gid);
1199 (void) setuid(ctladdr->q_uid);
1200 }
1201 }
1202
1203 /* arrange for all the files to be closed */
1204 for (i = 3; i < DtableSize; i++)
1205 {
1206 register int j;
1207 if ((j = fcntl(i, F_GETFD, 0)) != -1)
1208 (void)fcntl(i, F_SETFD, j|1);
1209 }
1210
1211 /* set up the mailer environment */
1212 i = 0;
1213 env[i++] = "AGENT=sendmail";
1214 for (ep = environ; *ep != NULL; ep++)
1215 {
1216 if (strncmp(*ep, "TZ=", 3) == 0)
1217 env[i++] = *ep;
1218 }
1219 env[i++] = NULL;
1220
1221 /* try to execute the mailer */
1222 execve(m->m_mailer, pv, env);
1223 saveerrno = errno;
1224 syserr("Cannot exec %s", m->m_mailer);
1225 if (m == LocalMailer || transienterror(saveerrno))
1226 _exit(EX_OSERR);
1227 _exit(EX_UNAVAILABLE);
1228 }
1229
1230 /*
1231 ** Set up return value.
1232 */
1233
1234 mci = (MCI *) xalloc(sizeof *mci);
1235 bzero((char *) mci, sizeof *mci);
1236 mci->mci_mailer = m;
1237 mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN;
1238 mci->mci_pid = pid;
1239 (void) close(mpvect[0]);
1240 mci->mci_out = fdopen(mpvect[1], "w");
1241 if (clever)
1242 {
1243 (void) close(rpvect[1]);
1244 mci->mci_in = fdopen(rpvect[0], "r");
1245 }
1246 else
1247 {
1248 mci->mci_flags |= MCIF_TEMP;
1249 mci->mci_in = NULL;
1250 }
1251 }
1252
1253 /*
1254 ** If we are in SMTP opening state, send initial protocol.
1255 */
1256
1257 if (clever && mci->mci_state != MCIS_CLOSED)
1258 {
1259 smtpinit(m, mci, e);
1260 }
1261 if (tTd(11, 1))
1262 {
1263 printf("openmailer: ");
1264 mci_dump(mci);
1265 }
1266
1267 if (mci->mci_state != MCIS_OPEN)
1268 {
1269 /* couldn't open the mailer */
1270 rcode = mci->mci_exitstat;
1271 errno = mci->mci_errno;
1272 #ifdef NAMED_BIND
1273 h_errno = mci->mci_herrno;
1274 #endif
1275 if (rcode == EX_OK)
1276 {
1277 /* shouldn't happen */
1278 syserr("554 deliver: rcode=%d, mci_state=%d, sig=%s",
1279 rcode, mci->mci_state, firstsig);
1280 rcode = EX_SOFTWARE;
1281 }
1282 else if (rcode == EX_TEMPFAIL && *curhost != '\0')
1283 {
1284 /* try next MX site */
1285 goto tryhost;
1286 }
1287 }
1288 else if (!clever)
1289 {
1290 /*
1291 ** Format and send message.
1292 */
1293
1294 putfromline(mci->mci_out, m, e);
1295 (*e->e_puthdr)(mci->mci_out, m, e);
1296 putline("\n", mci->mci_out, m);
1297 (*e->e_putbody)(mci->mci_out, m, e, NULL);
1298
1299 /* get the exit status */
1300 rcode = endmailer(mci, e, pv);
1301 }
1302 else
1303 #ifdef SMTP
1304 {
1305 /*
1306 ** Send the MAIL FROM: protocol
1307 */
1308
1309 rcode = smtpmailfrom(m, mci, e);
1310 if (rcode == EX_OK)
1311 {
1312 register char *t = tobuf;
1313 register int i;
1314
1315 /* send the recipient list */
1316 tobuf[0] = '\0';
1317 for (to = tochain; to != NULL; to = to->q_tchain)
1318 {
1319 e->e_to = to->q_paddr;
1320 if ((i = smtprcpt(to, m, mci, e)) != EX_OK)
1321 {
1322 markfailure(e, to, i);
1323 giveresponse(i, m, mci, e);
1324 }
1325 else
1326 {
1327 *t++ = ',';
1328 for (p = to->q_paddr; *p; *t++ = *p++)
1329 continue;
1330 }
1331 }
1332
1333 /* now send the data */
1334 if (tobuf[0] == '\0')
1335 {
1336 rcode = EX_OK;
1337 e->e_to = NULL;
1338 if (bitset(MCIF_CACHED, mci->mci_flags))
1339 smtprset(m, mci, e);
1340 }
1341 else
1342 {
1343 e->e_to = tobuf + 1;
1344 rcode = smtpdata(m, mci, e);
1345 }
1346
1347 /* now close the connection */
1348 if (!bitset(MCIF_CACHED, mci->mci_flags))
1349 smtpquit(m, mci, e);
1350 }
1351 if (rcode != EX_OK && *curhost != '\0')
1352 {
1353 /* try next MX site */
1354 goto tryhost;
1355 }
1356 }
1357 #else /* not SMTP */
1358 {
1359 syserr("554 deliver: need SMTP compiled to use clever mailer");
1360 rcode = EX_CONFIG;
1361 goto give_up;
1362 }
1363 #endif /* SMTP */
1364 #ifdef NAMED_BIND
1365 if (ConfigLevel < 2)
1366 _res.options |= RES_DEFNAMES | RES_DNSRCH; /* XXX */
1367 #endif
1368
1369 /* arrange a return receipt if requested */
1370 if (e->e_receiptto != NULL && bitnset(M_LOCALMAILER, m->m_flags))
1371 {
1372 e->e_flags |= EF_SENDRECEIPT;
1373 /* do we want to send back more info? */
1374 }
1375
1376 /*
1377 ** Do final status disposal.
1378 ** We check for something in tobuf for the SMTP case.
1379 ** If we got a temporary failure, arrange to queue the
1380 ** addressees.
1381 */
1382
1383 give_up:
1384 if (tobuf[0] != '\0')
1385 giveresponse(rcode, m, mci, e);
1386 for (to = tochain; to != NULL; to = to->q_tchain)
1387 {
1388 if (rcode != EX_OK)
1389 markfailure(e, to, rcode);
1390 else
1391 {
1392 to->q_flags |= QSENT;
1393 e->e_nsent++;
1394 }
1395 }
1396
1397 /*
1398 ** Restore state and return.
1399 */
1400
1401 errno = 0;
1402 define('g', (char *) NULL, e);
1403 return (rcode);
1404 }
1405 �/*
1406 ** MARKFAILURE -- mark a failure on a specific address.
1407 **
1408 ** Parameters:
1409 ** e -- the envelope we are sending.
1410 ** q -- the address to mark.
1411 ** rcode -- the code signifying the particular failure.
1412 **
1413 ** Returns:
1414 ** none.
1415 **
1416 ** Side Effects:
1417 ** marks the address (and possibly the envelope) with the
1418 ** failure so that an error will be returned or
1419 ** the message will be queued, as appropriate.
1420 */
1421
1422 markfailure(e, q, rcode)
1423 register ENVELOPE *e;
1424 register ADDRESS *q;
1425 int rcode;
1426 {
1427 char buf[MAXLINE];
1428
1429 if (rcode == EX_OK)
1430 return;
1431 else if (rcode == EX_TEMPFAIL)
1432 q->q_flags |= QQUEUEUP;
1433 else if (rcode != EX_IOERR && rcode != EX_OSERR)
1434 q->q_flags |= QBADADDR;
1435 }
1436 �/*
1437 ** ENDMAILER -- Wait for mailer to terminate.
1438 **
1439 ** We should never get fatal errors (e.g., segmentation
1440 ** violation), so we report those specially. For other
1441 ** errors, we choose a status message (into statmsg),
1442 ** and if it represents an error, we print it.
1443 **
1444 ** Parameters:
1445 ** pid -- pid of mailer.
1446 ** e -- the current envelope.
1447 ** pv -- the parameter vector that invoked the mailer
1448 ** (for error messages).
1449 **
1450 ** Returns:
1451 ** exit code of mailer.
1452 **
1453 ** Side Effects:
1454 ** none.
1455 */
1456
1457 endmailer(mci, e, pv)
1458 register MCI *mci;
1459 register ENVELOPE *e;
1460 char **pv;
1461 {
1462 int st;
1463
1464 /* close any connections */
1465 if (mci->mci_in != NULL)
1466 (void) xfclose(mci->mci_in, pv[0], "mci_in");
1467 if (mci->mci_out != NULL)
1468 (void) xfclose(mci->mci_out, pv[0], "mci_out");
1469 mci->mci_in = mci->mci_out = NULL;
1470 mci->mci_state = MCIS_CLOSED;
1471
1472 /* in the IPC case there is nothing to wait for */
1473 if (mci->mci_pid == 0)
1474 return (EX_OK);
1475
1476 /* wait for the mailer process to die and collect status */
1477 st = waitfor(mci->mci_pid);
1478 if (st == -1)
1479 {
1480 syserr("endmailer %s: wait", pv[0]);
1481 return (EX_SOFTWARE);
1482 }
1483
1484 /* see if it died a horrid death */
1485 if ((st & 0377) != 0)
1486 {
1487 syserr("mailer %s died with signal %o", pv[0], st);
1488
1489 /* log the arguments */
1490 if (e->e_xfp != NULL)
1491 {
1492 register char **av;
1493
1494 fprintf(e->e_xfp, "Arguments:");
1495 for (av = pv; *av != NULL; av++)
1496 fprintf(e->e_xfp, " %s", *av);
1497 fprintf(e->e_xfp, "\n");
1498 }
1499
1500 ExitStat = EX_TEMPFAIL;
1501 return (EX_TEMPFAIL);
1502 }
1503
1504 /* normal death -- return status */
1505 st = (st >> 8) & 0377;
1506 return (st);
1507 }
1508 �/*
1509 ** GIVERESPONSE -- Interpret an error response from a mailer
1510 **
1511 ** Parameters:
1512 ** stat -- the status code from the mailer (high byte
1513 ** only; core dumps must have been taken care of
1514 ** already).
1515 ** m -- the mailer info for this mailer.
1516 ** mci -- the mailer connection info -- can be NULL if the
1517 ** response is given before the connection is made.
1518 ** e -- the current envelope.
1519 **
1520 ** Returns:
1521 ** none.
1522 **
1523 ** Side Effects:
1524 ** Errors may be incremented.
1525 ** ExitStat may be set.
1526 */
1527
1528 giveresponse(stat, m, mci, e)
1529 int stat;
1530 register MAILER *m;
1531 register MCI *mci;
1532 ENVELOPE *e;
1533 {
1534 register const char *statmsg;
1535 extern char *SysExMsg[];
1536 register int i;
1537 extern int N_SysEx;
1538 char buf[MAXLINE];
1539
1540 /*
1541 ** Compute status message from code.
1542 */
1543
1544 i = stat - EX__BASE;
1545 if (stat == 0)
1546 {
1547 statmsg = "250 Sent";
1548 if (e->e_statmsg != NULL)
1549 {
1550 (void) sprintf(buf, "%s (%s)", statmsg, e->e_statmsg);
1551 statmsg = buf;
1552 }
1553 }
1554 else if (i < 0 || i > N_SysEx)
1555 {
1556 (void) sprintf(buf, "554 unknown mailer error %d", stat);
1557 stat = EX_UNAVAILABLE;
1558 statmsg = buf;
1559 }
1560 else if (stat == EX_TEMPFAIL)
1561 {
1562 (void) strcpy(buf, SysExMsg[i] + 1);
1563 #ifdef NAMED_BIND
1564 if (h_errno == TRY_AGAIN)
1565 statmsg = errstring(h_errno+MAX_ERRNO);
1566 else
1567 #endif
1568 {
1569 if (errno != 0)
1570 statmsg = errstring(errno);
1571 else
1572 {
1573 #ifdef SMTP
1574 extern char SmtpError[];
1575
1576 statmsg = SmtpError;
1577 #else /* SMTP */
1578 statmsg = NULL;
1579 #endif /* SMTP */
1580 }
1581 }
1582 if (statmsg != NULL && statmsg[0] != '\0')
1583 {
1584 (void) strcat(buf, ": ");
1585 (void) strcat(buf, statmsg);
1586 }
1587 statmsg = buf;
1588 }
1589 #ifdef NAMED_BIND
1590 else if (stat == EX_NOHOST && h_errno != 0)
1591 {
1592 statmsg = errstring(h_errno + MAX_ERRNO);
1593 (void) sprintf(buf, "%s (%s)", SysExMsg[i], statmsg);
1594 statmsg = buf;
1595 }
1596 #endif
1597 else
1598 {
1599 statmsg = SysExMsg[i];
1600 if (*statmsg++ == ':')
1601 {
1602 (void) sprintf(buf, "%s: %s", statmsg, errstring(errno));
1603 statmsg = buf;
1604 }
1605 }
1606
1607 /*
1608 ** Print the message as appropriate
1609 */
1610
1611 if (stat == EX_OK || stat == EX_TEMPFAIL)
1612 message(&statmsg[4], errstring(errno));
1613 else
1614 {
1615 Errors++;
1616 usrerr(statmsg, errstring(errno));
1617 }
1618
1619 /*
1620 ** Final cleanup.
1621 ** Log a record of the transaction. Compute the new
1622 ** ExitStat -- if we already had an error, stick with
1623 ** that.
1624 */
1625
1626 if (LogLevel > ((stat == EX_TEMPFAIL) ? 8 : (stat == EX_OK) ? 7 : 6))
1627 logdelivery(m, mci, &statmsg[4], e);
1628
1629 if (stat != EX_TEMPFAIL)
1630 setstat(stat);
1631 if (stat != EX_OK)
1632 {
1633 if (e->e_message != NULL)
1634 free(e->e_message);
1635 e->e_message = newstr(&statmsg[4]);
1636 }
1637 errno = 0;
1638 #ifdef NAMED_BIND
1639 h_errno = 0;
1640 #endif
1641 }
1642 �/*
1643 ** LOGDELIVERY -- log the delivery in the system log
1644 **
1645 ** Parameters:
1646 ** m -- the mailer info. Can be NULL for initial queue.
1647 ** mci -- the mailer connection info -- can be NULL if the
1648 ** log is occuring when no connection is active.
1649 ** stat -- the message to print for the status.
1650 ** e -- the current envelope.
1651 **
1652 ** Returns:
1653 ** none
1654 **
1655 ** Side Effects:
1656 ** none
1657 */
1658
1659 logdelivery(m, mci, stat, e)
1660 MAILER *m;
1661 register MCI *mci;
1662 char *stat;
1663 register ENVELOPE *e;
1664 {
1665 # ifdef LOG
1666 char buf[512];
1667
1668 (void) sprintf(buf, "delay=%s", pintvl(curtime() - e->e_ctime, TRUE));
1669
1670 if (m != NULL)
1671 {
1672 (void) strcat(buf, ", mailer=");
1673 (void) strcat(buf, m->m_name);
1674 }
1675
1676 if (mci != NULL && mci->mci_host != NULL)
1677 {
1678 # ifdef DAEMON
1679 extern SOCKADDR CurHostAddr;
1680 # endif
1681
1682 (void) strcat(buf, ", relay=");
1683 (void) strcat(buf, mci->mci_host);
1684
1685 # ifdef DAEMON
1686 (void) strcat(buf, " (");
1687 (void) strcat(buf, anynet_ntoa(&CurHostAddr));
1688 (void) strcat(buf, ")");
1689 # endif
1690 }
1691 else
1692 {
1693 char *p = macvalue('h', e);
1694
1695 if (p != NULL && p[0] != '\0')
1696 {
1697 (void) strcat(buf, ", relay=");
1698 (void) strcat(buf, p);
1699 }
1700 }
1701
1702 syslog(LOG_INFO, "%s: to=%s, %s, stat=%s",
1703 e->e_id, e->e_to, buf, stat);
1704 # endif /* LOG */
1705 }
1706 �/*
1707 ** PUTFROMLINE -- output a UNIX-style from line (or whatever)
1708 **
1709 ** This can be made an arbitrary message separator by changing $l
1710 **
1711 ** One of the ugliest hacks seen by human eyes is contained herein:
1712 ** UUCP wants those stupid "remote from <host>" lines. Why oh why
1713 ** does a well-meaning programmer such as myself have to deal with
1714 ** this kind of antique garbage????
1715 **
1716 ** Parameters:
1717 ** fp -- the file to output to.
1718 ** m -- the mailer describing this entry.
1719 **
1720 ** Returns:
1721 ** none
1722 **
1723 ** Side Effects:
1724 ** outputs some text to fp.
1725 */
1726
1727 putfromline(fp, m, e)
1728 register FILE *fp;
1729 register MAILER *m;
1730 ENVELOPE *e;
1731 {
1732 char *template = "\201l\n";
1733 char buf[MAXLINE];
1734
1735 if (bitnset(M_NHDR, m->m_flags))
1736 return;
1737
1738 # ifdef UGLYUUCP
1739 if (bitnset(M_UGLYUUCP, m->m_flags))
1740 {
1741 char *bang;
1742 char xbuf[MAXLINE];
1743
1744 expand("\201g", buf, &buf[sizeof buf - 1], e);
1745 bang = strchr(buf, '!');
1746 if (bang == NULL)
1747 syserr("554 No ! in UUCP! (%s)", buf);
1748 else
1749 {
1750 *bang++ = '\0';
1751 (void) sprintf(xbuf, "From %s \201d remote from %s\n", bang, buf);
1752 template = xbuf;
1753 }
1754 }
1755 # endif /* UGLYUUCP */
1756 expand(template, buf, &buf[sizeof buf - 1], e);
1757 putline(buf, fp, m);
1758 }
1759 �/*
1760 ** PUTBODY -- put the body of a message.
1761 **
1762 ** Parameters:
1763 ** fp -- file to output onto.
1764 ** m -- a mailer descriptor to control output format.
1765 ** e -- the envelope to put out.
1766 ** separator -- if non-NULL, a message separator that must
1767 ** not be permitted in the resulting message.
1768 **
1769 ** Returns:
1770 ** none.
1771 **
1772 ** Side Effects:
1773 ** The message is written onto fp.
1774 */
1775
1776 putbody(fp, m, e, separator)
1777 FILE *fp;
1778 MAILER *m;
1779 register ENVELOPE *e;
1780 char *separator;
1781 {
1782 char buf[MAXLINE];
1783
1784 /*
1785 ** Output the body of the message
1786 */
1787
1788 if (e->e_dfp == NULL)
1789 {
1790 if (e->e_df != NULL)
1791 {
1792 e->e_dfp = fopen(e->e_df, "r");
1793 if (e->e_dfp == NULL)
1794 syserr("putbody: Cannot open %s for %s from %s",
1795 e->e_df, e->e_to, e->e_from);
1796 }
1797 else
1798 putline("<<< No Message Collected >>>", fp, m);
1799 }
1800 if (e->e_dfp != NULL)
1801 {
1802 rewind(e->e_dfp);
1803 while (!ferror(fp) && fgets(buf, sizeof buf, e->e_dfp) != NULL)
1804 {
1805 if (buf[0] == 'F' && bitnset(M_ESCFROM, m->m_flags) &&
1806 strncmp(buf, "From ", 5) == 0)
1807 (void) putc('>', fp);
1808 if (buf[0] == '-' && buf[1] == '-' && separator != NULL)
1809 {
1810 /* possible separator */
1811 int sl = strlen(separator);
1812
1813 if (strncmp(&buf[2], separator, sl) == 0)
1814 (void) putc(' ', fp);
1815 }
1816 putline(buf, fp, m);
1817 }
1818
1819 if (ferror(e->e_dfp))
1820 {
1821 syserr("putbody: read error");
1822 ExitStat = EX_IOERR;
1823 }
1824 }
1825
1826 /* some mailers want extra blank line at end of message */
1827 if (bitnset(M_BLANKEND, m->m_flags) && buf[0] != '\0' && buf[0] != '\n')
1828 putline("", fp, m);
1829
1830 (void) fflush(fp);
1831 if (ferror(fp) && errno != EPIPE)
1832 {
1833 syserr("putbody: write error");
1834 ExitStat = EX_IOERR;
1835 }
1836 errno = 0;
1837 }
1838 �/*
1839 ** MAILFILE -- Send a message to a file.
1840 **
1841 ** If the file has the setuid/setgid bits set, but NO execute
1842 ** bits, sendmail will try to become the owner of that file
1843 ** rather than the real user. Obviously, this only works if
1844 ** sendmail runs as root.
1845 **
1846 ** This could be done as a subordinate mailer, except that it
1847 ** is used implicitly to save messages in ~/dead.letter. We
1848 ** view this as being sufficiently important as to include it
1849 ** here. For example, if the system is dying, we shouldn't have
1850 ** to create another process plus some pipes to save the message.
1851 **
1852 ** Parameters:
1853 ** filename -- the name of the file to send to.
1854 ** ctladdr -- the controlling address header -- includes
1855 ** the userid/groupid to be when sending.
1856 **
1857 ** Returns:
1858 ** The exit code associated with the operation.
1859 **
1860 ** Side Effects:
1861 ** none.
1862 */
1863
1864 mailfile(filename, ctladdr, e)
1865 char *filename;
1866 ADDRESS *ctladdr;
1867 register ENVELOPE *e;
1868 {
1869 register FILE *f;
1870 register int pid;
1871 int mode;
1872
1873 if (tTd(11, 1))
1874 {
1875 printf("mailfile %s\n ctladdr=", filename);
1876 printaddr(ctladdr, FALSE);
1877 }
1878
1879 if (e->e_xfp != NULL)
1880 fflush(e->e_xfp);
1881
1882 /*
1883 ** Fork so we can change permissions here.
1884 ** Note that we MUST use fork, not vfork, because of
1885 ** the complications of calling subroutines, etc.
1886 */
1887
1888 DOFORK(fork);
1889
1890 if (pid < 0)
1891 return (EX_OSERR);
1892 else if (pid == 0)
1893 {
1894 /* child -- actually write to file */
1895 struct stat stb;
1896
1897 (void) signal(SIGINT, SIG_DFL);
1898 (void) signal(SIGHUP, SIG_DFL);
1899 (void) signal(SIGTERM, SIG_DFL);
1900 (void) umask(OldUmask);
1901
1902 if (stat(filename, &stb) < 0)
1903 stb.st_mode = FileMode;
1904 mode = stb.st_mode;
1905
1906 /* limit the errors to those actually caused in the child */
1907 errno = 0;
1908 ExitStat = EX_OK;
1909
1910 if (bitset(0111, stb.st_mode))
1911 exit(EX_CANTCREAT);
1912 if (ctladdr == NULL)
1913 ctladdr = &e->e_from;
1914 else
1915 {
1916 /* ignore setuid and setgid bits */
1917 mode &= ~(S_ISGID|S_ISUID);
1918 }
1919
1920 /* we have to open the dfile BEFORE setuid */
1921 if (e->e_dfp == NULL && e->e_df != NULL)
1922 {
1923 e->e_dfp = fopen(e->e_df, "r");
1924 if (e->e_dfp == NULL)
1925 {
1926 syserr("mailfile: Cannot open %s for %s from %s",
1927 e->e_df, e->e_to, e->e_from);
1928 }
1929 }
1930
1931 if (!bitset(S_ISGID, mode) || setgid(stb.st_gid) < 0)
1932 {
1933 if (ctladdr->q_uid == 0)
1934 {
1935 (void) setgid(DefGid);
1936 (void) initgroups(DefUser, DefGid);
1937 }
1938 else
1939 {
1940 (void) setgid(ctladdr->q_gid);
1941 (void) initgroups(ctladdr->q_ruser ?
1942 ctladdr->q_ruser : ctladdr->q_user,
1943 ctladdr->q_gid);
1944 }
1945 }
1946 if (!bitset(S_ISUID, mode) || setuid(stb.st_uid) < 0)
1947 {
1948 if (ctladdr->q_uid == 0)
1949 (void) setuid(DefUid);
1950 else
1951 (void) setuid(ctladdr->q_uid);
1952 }
1953 FileName = filename;
1954 LineNumber = 0;
1955 f = dfopen(filename, O_WRONLY|O_CREAT|O_APPEND, FileMode);
1956 if (f == NULL)
1957 {
1958 message("554 cannot open");
1959 exit(EX_CANTCREAT);
1960 }
1961
1962 putfromline(f, FileMailer, e);
1963 (*e->e_puthdr)(f, FileMailer, e);
1964 putline("\n", f, FileMailer);
1965 (*e->e_putbody)(f, FileMailer, e, NULL);
1966 putline("\n", f, FileMailer);
1967 if (ferror(f))
1968 {
1969 message("451 I/O error");
1970 setstat(EX_IOERR);
1971 }
1972 (void) xfclose(f, "mailfile", filename);
1973 (void) fflush(stdout);
1974
1975 /* reset ISUID & ISGID bits for paranoid systems */
1976 (void) chmod(filename, (int) stb.st_mode);
1977 exit(ExitStat);
1978 /*NOTREACHED*/
1979 }
1980 else
1981 {
1982 /* parent -- wait for exit status */
1983 int st;
1984
1985 st = waitfor(pid);
1986 if ((st & 0377) != 0)
1987 return (EX_UNAVAILABLE);
1988 else
1989 return ((st >> 8) & 0377);
1990 /*NOTREACHED*/
1991 }
1992 }
1993 �/*
1994 ** HOSTSIGNATURE -- return the "signature" for a host.
1995 **
1996 ** The signature describes how we are going to send this -- it
1997 ** can be just the hostname (for non-Internet hosts) or can be
1998 ** an ordered list of MX hosts.
1999 **
2000 ** Parameters:
2001 ** m -- the mailer describing this host.
2002 ** host -- the host name.
2003 ** e -- the current envelope.
2004 **
2005 ** Returns:
2006 ** The signature for this host.
2007 **
2008 ** Side Effects:
2009 ** Can tweak the symbol table.
2010 */
2011
2012 char *
2013 hostsignature(m, host, e)
2014 register MAILER *m;
2015 char *host;
2016 ENVELOPE *e;
2017 {
2018 register char *p;
2019 register STAB *s;
2020 int i;
2021 int len;
2022 #ifdef NAMED_BIND
2023 int nmx;
2024 auto int rcode;
2025 char *hp;
2026 char *endp;
2027 int oldoptions;
2028 char *mxhosts[MAXMXHOSTS + 1];
2029 #endif
2030
2031 /*
2032 ** Check to see if this uses IPC -- if not, it can't have MX records.
2033 */
2034
2035 p = m->m_mailer;
2036 if (strcmp(p, "[IPC]") != 0 && strcmp(p, "[TCP]") != 0)
2037 {
2038 /* just an ordinary mailer */
2039 return host;
2040 }
2041
2042 /*
2043 ** If it is a numeric address, just return it.
2044 */
2045
2046 if (host[0] == '[')
2047 return host;
2048
2049 /*
2050 ** Look it up in the symbol table.
2051 */
2052
2053 s = stab(host, ST_HOSTSIG, ST_ENTER);
2054 if (s->s_hostsig != NULL)
2055 return s->s_hostsig;
2056
2057 /*
2058 ** Not already there -- create a signature.
2059 */
2060
2061 #ifdef NAMED_BIND
2062 if (ConfigLevel < 2)
2063 {
2064 oldoptions = _res.options;
2065 _res.options &= ~(RES_DEFNAMES | RES_DNSRCH); /* XXX */
2066 }
2067
2068 for (hp = host; hp != NULL; hp = endp)
2069 {
2070 endp = strchr(hp, ':');
2071 if (endp != NULL)
2072 *endp = '\0';
2073
2074 nmx = getmxrr(hp, mxhosts, TRUE, &rcode);
2075
2076 if (nmx <= 0)
2077 {
2078 register MCI *mci;
2079 extern int errno;
2080
2081 /* update the connection info for this host */
2082 mci = mci_get(hp, m);
2083 mci->mci_exitstat = rcode;
2084 mci->mci_errno = errno;
2085 #ifdef NAMED_BIND
2086 mci->mci_herrno = h_errno;
2087 #endif
2088
2089 /* and return the original host name as the signature */
2090 nmx = 1;
2091 mxhosts[0] = hp;
2092 }
2093
2094 len = 0;
2095 for (i = 0; i < nmx; i++)
2096 {
2097 len += strlen(mxhosts[i]) + 1;
2098 }
2099 if (s->s_hostsig != NULL)
2100 len += strlen(s->s_hostsig) + 1;
2101 p = xalloc(len);
2102 if (s->s_hostsig != NULL)
2103 {
2104 (void) strcpy(p, s->s_hostsig);
2105 free(s->s_hostsig);
2106 s->s_hostsig = p;
2107 p += strlen(p);
2108 *p++ = ':';
2109 }
2110 else
2111 s->s_hostsig = p;
2112 for (i = 0; i < nmx; i++)
2113 {
2114 if (i != 0)
2115 *p++ = ':';
2116 strcpy(p, mxhosts[i]);
2117 p += strlen(p);
2118 }
2119 if (endp != NULL)
2120 *endp++ = ':';
2121 }
2122 makelower(s->s_hostsig);
2123 if (ConfigLevel < 2)
2124 _res.options = oldoptions;
2125 #else
2126 /* not using BIND -- the signature is just the host name */
2127 s->s_hostsig = host;
2128 #endif
2129 if (tTd(17, 1))
2130 printf("hostsignature(%s) = %s\n", host, s->s_hostsig);
2131 return s->s_hostsig;
2132 }
2133