1 /*
2 * Copyright (c) 1983 Eric P. Allman
3 * Copyright (c) 1988, 1993
4 * The Regents of the University of California. All rights reserved.
5 *
6 * %sccs.include.redist.c%
7 */
8
9 #ifndef lint
10 static char sccsid[] = "@(#)deliver.c 8.9 (Berkeley) 07/29/93";
11 #endif /* not lint */
12
13 #include "sendmail.h"
14 #include <netdb.h>
15 #include <errno.h>
16 #ifdef NAMED_BIND
17 #include <arpa/nameser.h>
18 #include <resolv.h>
19
20 extern int h_errno;
21 #endif
22
23 /*
24 ** SENDALL -- actually send all the messages.
25 **
26 ** Parameters:
27 ** e -- the envelope to send.
28 ** mode -- the delivery mode to use. If SM_DEFAULT, use
29 ** the current e->e_sendmode.
30 **
31 ** Returns:
32 ** none.
33 **
34 ** Side Effects:
35 ** Scans the send lists and sends everything it finds.
36 ** Delivers any appropriate error messages.
37 ** If we are running in a non-interactive mode, takes the
38 ** appropriate action.
39 */
40
41 sendall(e, mode)
42 ENVELOPE *e;
43 char mode;
44 {
45 register ADDRESS *q;
46 char *owner;
47 int otherowners;
48 register ENVELOPE *ee;
49 ENVELOPE *splitenv = NULL;
50 bool announcequeueup;
51
52 /*
53 ** If we have had global, fatal errors, don't bother sending
54 ** the message at all if we are in SMTP mode. Local errors
55 ** (e.g., a single address failing) will still cause the other
56 ** addresses to be sent.
57 */
58
59 if (bitset(EF_FATALERRS, e->e_flags) && OpMode == MD_SMTP)
60 {
61 e->e_flags |= EF_CLRQUEUE;
62 return;
63 }
64
65 /* determine actual delivery mode */
66 if (mode == SM_DEFAULT)
67 {
68 mode = e->e_sendmode;
69 if (mode != SM_VERIFY &&
70 shouldqueue(e->e_msgpriority, e->e_ctime))
71 mode = SM_QUEUE;
72 announcequeueup = mode == SM_QUEUE;
73 }
74 else
75 announcequeueup = FALSE;
76
77 if (tTd(13, 1))
78 {
79 printf("\nSENDALL: mode %c, e_from ", mode);
80 printaddr(&e->e_from, FALSE);
81 printf("sendqueue:\n");
82 printaddr(e->e_sendqueue, TRUE);
83 }
84
85 /*
86 ** Do any preprocessing necessary for the mode we are running.
87 ** Check to make sure the hop count is reasonable.
88 ** Delete sends to the sender in mailing lists.
89 */
90
91 CurEnv = e;
92
93 if (e->e_hopcount > MaxHopCount)
94 {
95 errno = 0;
96 syserr("554 too many hops %d (%d max): from %s, to %s",
97 e->e_hopcount, MaxHopCount, e->e_from.q_paddr,
98 e->e_sendqueue->q_paddr);
99 return;
100 }
101
102 /*
103 ** Do sender deletion.
104 **
105 ** If the sender has the QQUEUEUP flag set, skip this.
106 ** This can happen if the name server is hosed when you
107 ** are trying to send mail. The result is that the sender
108 ** is instantiated in the queue as a recipient.
109 */
110
111 if (!MeToo && !bitset(QQUEUEUP, e->e_from.q_flags))
112 {
113 if (tTd(13, 5))
114 {
115 printf("sendall: QDONTSEND ");
116 printaddr(&e->e_from, FALSE);
117 }
118 e->e_from.q_flags |= QDONTSEND;
119 (void) recipient(&e->e_from, &e->e_sendqueue, e);
120 }
121
122 /*
123 ** Handle alias owners.
124 **
125 ** We scan up the q_alias chain looking for owners.
126 ** We discard owners that are the same as the return path.
127 */
128
129 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
130 {
131 register struct address *a;
132
133 for (a = q; a != NULL && a->q_owner == NULL; a = a->q_alias)
134 continue;
135 if (a != NULL)
136 q->q_owner = a->q_owner;
137
138 if (q->q_owner != NULL &&
139 !bitset(QDONTSEND, q->q_flags) &&
140 strcmp(q->q_owner, e->e_from.q_paddr) == 0)
141 q->q_owner = NULL;
142 }
143
144 owner = "";
145 otherowners = 1;
146 while (owner != NULL && otherowners > 0)
147 {
148 owner = NULL;
149 otherowners = 0;
150
151 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
152 {
153 if (bitset(QDONTSEND, q->q_flags))
154 continue;
155
156 if (q->q_owner != NULL)
157 {
158 if (owner == NULL)
159 owner = q->q_owner;
160 else if (owner != q->q_owner)
161 {
162 if (strcmp(owner, q->q_owner) == 0)
163 {
164 /* make future comparisons cheap */
165 q->q_owner = owner;
166 }
167 else
168 {
169 otherowners++;
170 }
171 owner = q->q_owner;
172 }
173 }
174 else
175 {
176 otherowners++;
177 }
178 }
179
180 if (owner != NULL && otherowners > 0)
181 {
182 extern HDR *copyheader();
183 extern ADDRESS *copyqueue();
184
185 /*
186 ** Split this envelope into two.
187 */
188
189 ee = (ENVELOPE *) xalloc(sizeof(ENVELOPE));
190 *ee = *e;
191 ee->e_id = NULL;
192 (void) queuename(ee, '\0');
193
194 if (tTd(13, 1))
195 printf("sendall: split %s into %s\n",
196 e->e_id, ee->e_id);
197
198 ee->e_header = copyheader(e->e_header);
199 ee->e_sendqueue = copyqueue(e->e_sendqueue);
200 ee->e_errorqueue = copyqueue(e->e_errorqueue);
201 ee->e_flags = e->e_flags & ~(EF_INQUEUE|EF_CLRQUEUE|EF_FATALERRS);
202 setsender(owner, ee, NULL, TRUE);
203 if (tTd(13, 5))
204 {
205 printf("sendall(split): QDONTSEND ");
206 printaddr(&ee->e_from, FALSE);
207 }
208 ee->e_from.q_flags |= QDONTSEND;
209 ee->e_dfp = NULL;
210 ee->e_xfp = NULL;
211 ee->e_lockfp = NULL;
212 ee->e_df = NULL;
213 ee->e_errormode = EM_MAIL;
214 ee->e_sibling = splitenv;
215 splitenv = ee;
216
217 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
218 if (q->q_owner == owner)
219 q->q_flags |= QDONTSEND;
220 for (q = ee->e_sendqueue; q != NULL; q = q->q_next)
221 if (q->q_owner != owner)
222 q->q_flags |= QDONTSEND;
223
224 if (e->e_df != NULL && mode != SM_VERIFY)
225 {
226 ee->e_dfp = NULL;
227 ee->e_df = queuename(ee, 'd');
228 ee->e_df = newstr(ee->e_df);
229 if (link(e->e_df, ee->e_df) < 0)
230 {
231 syserr("sendall: link(%s, %s)",
232 e->e_df, ee->e_df);
233 }
234 }
235
236 if (mode != SM_VERIFY)
237 openxscript(ee);
238 #ifdef LOG
239 if (LogLevel > 4)
240 syslog(LOG_INFO, "%s: clone %s",
241 ee->e_id, e->e_id);
242 #endif
243 }
244 }
245
246 if (owner != NULL)
247 {
248 setsender(owner, e, NULL, TRUE);
249 if (tTd(13, 5))
250 {
251 printf("sendall(owner): QDONTSEND ");
252 printaddr(&e->e_from, FALSE);
253 }
254 e->e_from.q_flags |= QDONTSEND;
255 e->e_errormode = EM_MAIL;
256 }
257
258 # ifdef QUEUE
259 if ((mode == SM_QUEUE || mode == SM_FORK ||
260 (mode != SM_VERIFY && SuperSafe)) &&
261 !bitset(EF_INQUEUE, e->e_flags))
262 {
263 /* be sure everything is instantiated in the queue */
264 queueup(e, TRUE, announcequeueup);
265 for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
266 queueup(ee, TRUE, announcequeueup);
267 }
268 #endif /* QUEUE */
269
270 if (splitenv != NULL)
271 {
272 if (tTd(13, 1))
273 {
274 printf("\nsendall: Split queue; remaining queue:\n");
275 printaddr(e->e_sendqueue, TRUE);
276 }
277
278 for (ee = splitenv; ee != NULL; ee = ee->e_sibling)
279 {
280 CurEnv = ee;
281 sendenvelope(ee, mode);
282 }
283
284 CurEnv = e;
285 }
286 sendenvelope(e, mode);
287
288 for (; splitenv != NULL; splitenv = splitenv->e_sibling)
289 dropenvelope(splitenv);
290 }
291
292 sendenvelope(e, mode)
293 register ENVELOPE *e;
294 char mode;
295 {
296 bool oldverbose;
297 int pid;
298 register ADDRESS *q;
299 #ifndef HASFLOCK
300 struct flock lfd;
301 #endif
302
303 /*
304 ** If we have had global, fatal errors, don't bother sending
305 ** the message at all if we are in SMTP mode. Local errors
306 ** (e.g., a single address failing) will still cause the other
307 ** addresses to be sent.
308 */
309
310 if (bitset(EF_FATALERRS, e->e_flags) && OpMode == MD_SMTP)
311 {
312 e->e_flags |= EF_CLRQUEUE;
313 return;
314 }
315
316 oldverbose = Verbose;
317 switch (mode)
318 {
319 case SM_VERIFY:
320 Verbose = TRUE;
321 break;
322
323 case SM_QUEUE:
324 queueonly:
325 e->e_flags |= EF_INQUEUE|EF_KEEPQUEUE;
326 return;
327
328 case SM_FORK:
329 if (e->e_xfp != NULL)
330 (void) fflush(e->e_xfp);
331
332 # ifndef HASFLOCK
333 /*
334 ** Since fcntl lockin has the interesting semantic that
335 ** the lock is lost when we fork, we have to risk losing
336 ** the lock here by closing before the fork, and then
337 ** trying to get it back in the child.
338 */
339
340 if (e->e_lockfp != NULL)
341 {
342 (void) xfclose(e->e_lockfp, "sendenvelope", "lockfp");
343 e->e_lockfp = NULL;
344 }
345 # endif /* HASFLOCK */
346
347 pid = fork();
348 if (pid < 0)
349 {
350 goto queueonly;
351 }
352 else if (pid > 0)
353 {
354 /* be sure we leave the temp files to our child */
355 e->e_id = e->e_df = NULL;
356 # ifdef HASFLOCK
357 if (e->e_lockfp != NULL)
358 {
359 (void) xfclose(e->e_lockfp, "sendenvelope", "lockfp");
360 e->e_lockfp = NULL;
361 }
362 # endif
363
364 /* close any random open files in the envelope */
365 if (e->e_dfp != NULL)
366 {
367 (void) xfclose(e->e_dfp, "sendenvelope", "dfp");
368 e->e_dfp = NULL;
369 }
370 if (e->e_xfp != NULL)
371 {
372 (void) xfclose(e->e_xfp, "sendenvelope", "xfp");
373 e->e_xfp = NULL;
374 }
375 return;
376 }
377
378 /* double fork to avoid zombies */
379 if (fork() > 0)
380 exit(EX_OK);
381
382 /* be sure we are immune from the terminal */
383 disconnect(1, e);
384
385 # ifndef HASFLOCK
386 /*
387 ** Now try to get our lock back.
388 */
389
390 lfd.l_type = F_WRLCK;
391 lfd.l_whence = lfd.l_start = lfd.l_len = 0;
392 e->e_lockfp = fopen(queuename(e, 'q'), "r+");
393 if (e->e_lockfp == NULL ||
394 fcntl(fileno(e->e_lockfp), F_SETLK, &lfd) < 0)
395 {
396 /* oops.... lost it */
397 if (tTd(13, 1))
398 printf("sendenvelope: %s lost lock: lockfp=%x, %s\n",
399 e->e_id, e->e_lockfp, errstring(errno));
400
401 # ifdef LOG
402 if (LogLevel > 29)
403 syslog(LOG_NOTICE, "%s: lost lock: %m",
404 e->e_id);
405 # endif /* LOG */
406 exit(EX_OK);
407 }
408 # endif /* HASFLOCK */
409
410 /*
411 ** Close any cached connections.
412 **
413 ** We don't send the QUIT protocol because the parent
414 ** still knows about the connection.
415 **
416 ** This should only happen when delivering an error
417 ** message.
418 */
419
420 mci_flush(FALSE, NULL);
421
422 break;
423 }
424
425 /*
426 ** Run through the list and send everything.
427 **
428 ** Set EF_GLOBALERRS so that error messages during delivery
429 ** result in returned mail.
430 */
431
432 e->e_nsent = 0;
433 e->e_flags |= EF_GLOBALERRS;
434 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
435 {
436 if (mode == SM_VERIFY)
437 {
438 e->e_to = q->q_paddr;
439 if (!bitset(QDONTSEND|QBADADDR, q->q_flags))
440 {
441 message("deliverable: mailer %s, host %s, user %s",
442 q->q_mailer->m_name,
443 q->q_host,
444 q->q_user);
445 }
446 }
447 else if (!bitset(QDONTSEND|QBADADDR, q->q_flags))
448 {
449 # ifdef QUEUE
450 /*
451 ** Checkpoint the send list every few addresses
452 */
453
454 if (e->e_nsent >= CheckpointInterval)
455 {
456 queueup(e, TRUE, FALSE);
457 e->e_nsent = 0;
458 }
459 # endif /* QUEUE */
460 (void) deliver(e, q);
461 }
462 }
463 Verbose = oldverbose;
464
465 if (mode == SM_FORK)
466 finis();
467 }
468 �/*
469 ** DOFORK -- do a fork, retrying a couple of times on failure.
470 **
471 ** This MUST be a macro, since after a vfork we are running
472 ** two processes on the same stack!!!
473 **
474 ** Parameters:
475 ** none.
476 **
477 ** Returns:
478 ** From a macro??? You've got to be kidding!
479 **
480 ** Side Effects:
481 ** Modifies the ==> LOCAL <== variable 'pid', leaving:
482 ** pid of child in parent, zero in child.
483 ** -1 on unrecoverable error.
484 **
485 ** Notes:
486 ** I'm awfully sorry this looks so awful. That's
487 ** vfork for you.....
488 */
489
490 # define NFORKTRIES 5
491
492 # ifndef FORK
493 # define FORK fork
494 # endif
495
496 # define DOFORK(fORKfN) \
497 {\
498 register int i;\
499 \
500 for (i = NFORKTRIES; --i >= 0; )\
501 {\
502 pid = fORKfN();\
503 if (pid >= 0)\
504 break;\
505 if (i > 0)\
506 sleep((unsigned) NFORKTRIES - i);\
507 }\
508 }
509 �/*
510 ** DOFORK -- simple fork interface to DOFORK.
511 **
512 ** Parameters:
513 ** none.
514 **
515 ** Returns:
516 ** pid of child in parent.
517 ** zero in child.
518 ** -1 on error.
519 **
520 ** Side Effects:
521 ** returns twice, once in parent and once in child.
522 */
523
524 dofork()
525 {
526 register int pid;
527
528 DOFORK(fork);
529 return (pid);
530 }
531 �/*
532 ** DELIVER -- Deliver a message to a list of addresses.
533 **
534 ** This routine delivers to everyone on the same host as the
535 ** user on the head of the list. It is clever about mailers
536 ** that don't handle multiple users. It is NOT guaranteed
537 ** that it will deliver to all these addresses however -- so
538 ** deliver should be called once for each address on the
539 ** list.
540 **
541 ** Parameters:
542 ** e -- the envelope to deliver.
543 ** firstto -- head of the address list to deliver to.
544 **
545 ** Returns:
546 ** zero -- successfully delivered.
547 ** else -- some failure, see ExitStat for more info.
548 **
549 ** Side Effects:
550 ** The standard input is passed off to someone.
551 */
552
553 deliver(e, firstto)
554 register ENVELOPE *e;
555 ADDRESS *firstto;
556 {
557 char *host; /* host being sent to */
558 char *user; /* user being sent to */
559 char **pvp;
560 register char **mvp;
561 register char *p;
562 register MAILER *m; /* mailer for this recipient */
563 ADDRESS *ctladdr;
564 register MCI *mci;
565 register ADDRESS *to = firstto;
566 bool clever = FALSE; /* running user smtp to this mailer */
567 ADDRESS *tochain = NULL; /* chain of users in this mailer call */
568 int rcode; /* response code */
569 char *firstsig; /* signature of firstto */
570 int pid;
571 char *curhost;
572 int mpvect[2];
573 int rpvect[2];
574 char *pv[MAXPV+1];
575 char tobuf[TOBUFSIZE]; /* text line of to people */
576 char buf[MAXNAME];
577 char rpathbuf[MAXNAME]; /* translated return path */
578 extern int checkcompat();
579 extern FILE *fdopen();
580
581 errno = 0;
582 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags))
583 return (0);
584
585 #ifdef NAMED_BIND
586 /* unless interactive, try twice, over a minute */
587 if (OpMode == MD_DAEMON || OpMode == MD_SMTP) {
588 _res.retrans = 30;
589 _res.retry = 2;
590 }
591 #endif
592
593 m = to->q_mailer;
594 host = to->q_host;
595 CurEnv = e; /* just in case */
596 e->e_statmsg = NULL;
597
598 if (tTd(10, 1))
599 printf("\n--deliver, mailer=%d, host=`%s', first user=`%s'\n",
600 m->m_mno, host, to->q_user);
601
602 /*
603 ** If this mailer is expensive, and if we don't want to make
604 ** connections now, just mark these addresses and return.
605 ** This is useful if we want to batch connections to
606 ** reduce load. This will cause the messages to be
607 ** queued up, and a daemon will come along to send the
608 ** messages later.
609 ** This should be on a per-mailer basis.
610 */
611
612 if (NoConnect && !bitset(EF_QUEUERUN, e->e_flags) &&
613 bitnset(M_EXPENSIVE, m->m_flags) && !Verbose)
614 {
615 for (; to != NULL; to = to->q_next)
616 {
617 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags) ||
618 to->q_mailer != m)
619 continue;
620 to->q_flags |= QQUEUEUP;
621 e->e_to = to->q_paddr;
622 message("queued");
623 if (LogLevel > 8)
624 logdelivery(m, NULL, "queued", e);
625 }
626 e->e_to = NULL;
627 return (0);
628 }
629
630 /*
631 ** Do initial argv setup.
632 ** Insert the mailer name. Notice that $x expansion is
633 ** NOT done on the mailer name. Then, if the mailer has
634 ** a picky -f flag, we insert it as appropriate. This
635 ** code does not check for 'pv' overflow; this places a
636 ** manifest lower limit of 4 for MAXPV.
637 ** The from address rewrite is expected to make
638 ** the address relative to the other end.
639 */
640
641 /* rewrite from address, using rewriting rules */
642 rcode = EX_OK;
643 (void) strcpy(rpathbuf, remotename(e->e_from.q_paddr, m,
644 RF_SENDERADDR|RF_CANONICAL,
645 &rcode, e));
646 define('g', rpathbuf, e); /* translated return path */
647 define('h', host, e); /* to host */
648 Errors = 0;
649 pvp = pv;
650 *pvp++ = m->m_argv[0];
651
652 /* insert -f or -r flag as appropriate */
653 if (FromFlag && (bitnset(M_FOPT, m->m_flags) || bitnset(M_ROPT, m->m_flags)))
654 {
655 if (bitnset(M_FOPT, m->m_flags))
656 *pvp++ = "-f";
657 else
658 *pvp++ = "-r";
659 *pvp++ = newstr(rpathbuf);
660 }
661
662 /*
663 ** Append the other fixed parts of the argv. These run
664 ** up to the first entry containing "$u". There can only
665 ** be one of these, and there are only a few more slots
666 ** in the pv after it.
667 */
668
669 for (mvp = m->m_argv; (p = *++mvp) != NULL; )
670 {
671 /* can't use strchr here because of sign extension problems */
672 while (*p != '\0')
673 {
674 if ((*p++ & 0377) == MACROEXPAND)
675 {
676 if (*p == 'u')
677 break;
678 }
679 }
680
681 if (*p != '\0')
682 break;
683
684 /* this entry is safe -- go ahead and process it */
685 expand(*mvp, buf, &buf[sizeof buf - 1], e);
686 *pvp++ = newstr(buf);
687 if (pvp >= &pv[MAXPV - 3])
688 {
689 syserr("554 Too many parameters to %s before $u", pv[0]);
690 return (-1);
691 }
692 }
693
694 /*
695 ** If we have no substitution for the user name in the argument
696 ** list, we know that we must supply the names otherwise -- and
697 ** SMTP is the answer!!
698 */
699
700 if (*mvp == NULL)
701 {
702 /* running SMTP */
703 # ifdef SMTP
704 clever = TRUE;
705 *pvp = NULL;
706 # else /* SMTP */
707 /* oops! we don't implement SMTP */
708 syserr("554 SMTP style mailer");
709 return (EX_SOFTWARE);
710 # endif /* SMTP */
711 }
712
713 /*
714 ** At this point *mvp points to the argument with $u. We
715 ** run through our address list and append all the addresses
716 ** we can. If we run out of space, do not fret! We can
717 ** always send another copy later.
718 */
719
720 tobuf[0] = '\0';
721 e->e_to = tobuf;
722 ctladdr = NULL;
723 firstsig = hostsignature(firstto->q_mailer, firstto->q_host, e);
724 for (; to != NULL; to = to->q_next)
725 {
726 /* avoid sending multiple recipients to dumb mailers */
727 if (tobuf[0] != '\0' && !bitnset(M_MUSER, m->m_flags))
728 break;
729
730 /* if already sent or not for this host, don't send */
731 if (bitset(QDONTSEND|QBADADDR|QQUEUEUP, to->q_flags) ||
732 to->q_mailer != firstto->q_mailer ||
733 strcmp(hostsignature(to->q_mailer, to->q_host, e), firstsig) != 0)
734 continue;
735
736 /* avoid overflowing tobuf */
737 if (sizeof tobuf < (strlen(to->q_paddr) + strlen(tobuf) + 2))
738 break;
739
740 if (tTd(10, 1))
741 {
742 printf("\nsend to ");
743 printaddr(to, FALSE);
744 }
745
746 /* compute effective uid/gid when sending */
747 if (to->q_mailer == ProgMailer)
748 ctladdr = getctladdr(to);
749
750 user = to->q_user;
751 e->e_to = to->q_paddr;
752 if (tTd(10, 5))
753 {
754 printf("deliver: QDONTSEND ");
755 printaddr(to, FALSE);
756 }
757 to->q_flags |= QDONTSEND;
758
759 /*
760 ** Check to see that these people are allowed to
761 ** talk to each other.
762 */
763
764 if (m->m_maxsize != 0 && e->e_msgsize > m->m_maxsize)
765 {
766 NoReturn = TRUE;
767 usrerr("552 Message is too large; %ld bytes max", m->m_maxsize);
768 giveresponse(EX_UNAVAILABLE, m, NULL, e);
769 continue;
770 }
771 rcode = checkcompat(to, e);
772 if (rcode != EX_OK)
773 {
774 markfailure(e, to, rcode);
775 giveresponse(rcode, m, NULL, e);
776 continue;
777 }
778
779 /*
780 ** Strip quote bits from names if the mailer is dumb
781 ** about them.
782 */
783
784 if (bitnset(M_STRIPQ, m->m_flags))
785 {
786 stripquotes(user);
787 stripquotes(host);
788 }
789
790 /* hack attack -- delivermail compatibility */
791 if (m == ProgMailer && *user == '|')
792 user++;
793
794 /*
795 ** If an error message has already been given, don't
796 ** bother to send to this address.
797 **
798 ** >>>>>>>>>> This clause assumes that the local mailer
799 ** >> NOTE >> cannot do any further aliasing; that
800 ** >>>>>>>>>> function is subsumed by sendmail.
801 */
802
803 if (bitset(QBADADDR|QQUEUEUP, to->q_flags))
804 continue;
805
806 /* save statistics.... */
807 markstats(e, to);
808
809 /*
810 ** See if this user name is "special".
811 ** If the user name has a slash in it, assume that this
812 ** is a file -- send it off without further ado. Note
813 ** that this type of addresses is not processed along
814 ** with the others, so we fudge on the To person.
815 */
816
817 if (m == FileMailer)
818 {
819 rcode = mailfile(user, getctladdr(to), e);
820 giveresponse(rcode, m, NULL, e);
821 if (rcode == EX_OK)
822 to->q_flags |= QSENT;
823 continue;
824 }
825
826 /*
827 ** Address is verified -- add this user to mailer
828 ** argv, and add it to the print list of recipients.
829 */
830
831 /* link together the chain of recipients */
832 to->q_tchain = tochain;
833 tochain = to;
834
835 /* create list of users for error messages */
836 (void) strcat(tobuf, ",");
837 (void) strcat(tobuf, to->q_paddr);
838 define('u', user, e); /* to user */
839 define('z', to->q_home, e); /* user's home */
840
841 /*
842 ** Expand out this user into argument list.
843 */
844
845 if (!clever)
846 {
847 expand(*mvp, buf, &buf[sizeof buf - 1], e);
848 *pvp++ = newstr(buf);
849 if (pvp >= &pv[MAXPV - 2])
850 {
851 /* allow some space for trailing parms */
852 break;
853 }
854 }
855 }
856
857 /* see if any addresses still exist */
858 if (tobuf[0] == '\0')
859 {
860 define('g', (char *) NULL, e);
861 return (0);
862 }
863
864 /* print out messages as full list */
865 e->e_to = tobuf + 1;
866
867 /*
868 ** Fill out any parameters after the $u parameter.
869 */
870
871 while (!clever && *++mvp != NULL)
872 {
873 expand(*mvp, buf, &buf[sizeof buf - 1], e);
874 *pvp++ = newstr(buf);
875 if (pvp >= &pv[MAXPV])
876 syserr("554 deliver: pv overflow after $u for %s", pv[0]);
877 }
878 *pvp++ = NULL;
879
880 /*
881 ** Call the mailer.
882 ** The argument vector gets built, pipes
883 ** are created as necessary, and we fork & exec as
884 ** appropriate.
885 ** If we are running SMTP, we just need to clean up.
886 */
887
888 if (ctladdr == NULL && m != ProgMailer)
889 ctladdr = &e->e_from;
890 #ifdef NAMED_BIND
891 if (ConfigLevel < 2)
892 _res.options &= ~(RES_DEFNAMES | RES_DNSRCH); /* XXX */
893 #endif
894
895 if (tTd(11, 1))
896 {
897 printf("openmailer:");
898 printav(pv);
899 }
900 errno = 0;
901
902 CurHostName = m->m_mailer;
903
904 /*
905 ** Deal with the special case of mail handled through an IPC
906 ** connection.
907 ** In this case we don't actually fork. We must be
908 ** running SMTP for this to work. We will return a
909 ** zero pid to indicate that we are running IPC.
910 ** We also handle a debug version that just talks to stdin/out.
911 */
912
913 curhost = NULL;
914
915 /* check for Local Person Communication -- not for mortals!!! */
916 if (strcmp(m->m_mailer, "[LPC]") == 0)
917 {
918 mci = (MCI *) xalloc(sizeof *mci);
919 bzero((char *) mci, sizeof *mci);
920 mci->mci_in = stdin;
921 mci->mci_out = stdout;
922 mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN;
923 mci->mci_mailer = m;
924 }
925 else if (strcmp(m->m_mailer, "[IPC]") == 0 ||
926 strcmp(m->m_mailer, "[TCP]") == 0)
927 {
928 #ifdef DAEMON
929 register int i;
930 register u_short port;
931
932 CurHostName = pv[1];
933 curhost = hostsignature(m, pv[1], e);
934
935 if (curhost == NULL || curhost[0] == '\0')
936 {
937 syserr("null signature");
938 rcode = EX_OSERR;
939 goto give_up;
940 }
941
942 if (!clever)
943 {
944 syserr("554 non-clever IPC");
945 rcode = EX_OSERR;
946 goto give_up;
947 }
948 if (pv[2] != NULL)
949 port = atoi(pv[2]);
950 else
951 port = 0;
952 tryhost:
953 mci = NULL;
954 while (*curhost != '\0')
955 {
956 register char *p;
957 static char hostbuf[MAXNAME];
958
959 mci = NULL;
960
961 /* pull the next host from the signature */
962 p = strchr(curhost, ':');
963 if (p == NULL)
964 p = &curhost[strlen(curhost)];
965 strncpy(hostbuf, curhost, p - curhost);
966 hostbuf[p - curhost] = '\0';
967 if (*p != '\0')
968 p++;
969 curhost = p;
970
971 /* see if we already know that this host is fried */
972 CurHostName = hostbuf;
973 mci = mci_get(hostbuf, m);
974 if (mci->mci_state != MCIS_CLOSED)
975 {
976 if (tTd(11, 1))
977 {
978 printf("openmailer: ");
979 mci_dump(mci);
980 }
981 CurHostName = mci->mci_host;
982 break;
983 }
984 mci->mci_mailer = m;
985 if (mci->mci_exitstat != EX_OK)
986 continue;
987
988 /* try the connection */
989 setproctitle("%s %s: %s", e->e_id, hostbuf, "user open");
990 message("Connecting to %s (%s)...",
991 hostbuf, m->m_name);
992 i = makeconnection(hostbuf, port, mci,
993 bitnset(M_SECURE_PORT, m->m_flags));
994 mci->mci_exitstat = i;
995 mci->mci_errno = errno;
996 #ifdef NAMED_BIND
997 mci->mci_herrno = h_errno;
998 #endif
999 if (i == EX_OK)
1000 {
1001 mci->mci_state = MCIS_OPENING;
1002 mci_cache(mci);
1003 if (TrafficLogFile != NULL)
1004 fprintf(TrafficLogFile, "%05d == CONNECT %s\n",
1005 getpid(), hostbuf);
1006 break;
1007 }
1008 else if (tTd(11, 1))
1009 printf("openmailer: makeconnection => stat=%d, errno=%d\n",
1010 i, errno);
1011
1012
1013 /* enter status of this host */
1014 setstat(i);
1015 }
1016 mci->mci_pid = 0;
1017 #else /* no DAEMON */
1018 syserr("554 openmailer: no IPC");
1019 if (tTd(11, 1))
1020 printf("openmailer: NULL\n");
1021 return NULL;
1022 #endif /* DAEMON */
1023 }
1024 else
1025 {
1026 #ifdef XDEBUG
1027 char wbuf[MAXLINE];
1028
1029 /* make absolutely certain 0, 1, and 2 are in use */
1030 sprintf(wbuf, "%s... openmailer(%s)", e->e_to, m->m_name);
1031 checkfd012(wbuf);
1032 #endif
1033
1034 if (TrafficLogFile != NULL)
1035 {
1036 char **av;
1037
1038 fprintf(TrafficLogFile, "%05d === EXEC", getpid());
1039 for (av = pv; *av != NULL; av++)
1040 fprintf(TrafficLogFile, " %s", *av);
1041 fprintf(TrafficLogFile, "\n");
1042 }
1043
1044 /* create a pipe to shove the mail through */
1045 if (pipe(mpvect) < 0)
1046 {
1047 syserr("%s... openmailer(%s): pipe (to mailer)",
1048 e->e_to, m->m_name);
1049 if (tTd(11, 1))
1050 printf("openmailer: NULL\n");
1051 rcode = EX_OSERR;
1052 goto give_up;
1053 }
1054
1055 /* if this mailer speaks smtp, create a return pipe */
1056 if (clever && pipe(rpvect) < 0)
1057 {
1058 syserr("%s... openmailer(%s): pipe (from mailer)",
1059 e->e_to, m->m_name);
1060 (void) close(mpvect[0]);
1061 (void) close(mpvect[1]);
1062 if (tTd(11, 1))
1063 printf("openmailer: NULL\n");
1064 rcode = EX_OSERR;
1065 goto give_up;
1066 }
1067
1068 /*
1069 ** Actually fork the mailer process.
1070 ** DOFORK is clever about retrying.
1071 **
1072 ** Dispose of SIGCHLD signal catchers that may be laying
1073 ** around so that endmail will get it.
1074 */
1075
1076 if (e->e_xfp != NULL)
1077 (void) fflush(e->e_xfp); /* for debugging */
1078 (void) fflush(stdout);
1079 # ifdef SIGCHLD
1080 (void) setsignal(SIGCHLD, SIG_DFL);
1081 # endif /* SIGCHLD */
1082 DOFORK(FORK);
1083 /* pid is set by DOFORK */
1084 if (pid < 0)
1085 {
1086 /* failure */
1087 syserr("%s... openmailer(%s): cannot fork",
1088 e->e_to, m->m_name);
1089 (void) close(mpvect[0]);
1090 (void) close(mpvect[1]);
1091 if (clever)
1092 {
1093 (void) close(rpvect[0]);
1094 (void) close(rpvect[1]);
1095 }
1096 if (tTd(11, 1))
1097 printf("openmailer: NULL\n");
1098 rcode = EX_OSERR;
1099 goto give_up;
1100 }
1101 else if (pid == 0)
1102 {
1103 int i;
1104 int saveerrno;
1105 char **ep;
1106 char *env[MAXUSERENVIRON];
1107 extern char **environ;
1108 extern int DtableSize;
1109
1110 /* child -- set up input & exec mailer */
1111 /* make diagnostic output be standard output */
1112 (void) setsignal(SIGINT, SIG_IGN);
1113 (void) setsignal(SIGHUP, SIG_IGN);
1114 (void) setsignal(SIGTERM, SIG_DFL);
1115
1116 /* close any other cached connections */
1117 mci_flush(FALSE, mci);
1118
1119 /* move into some "safe" directory */
1120 if (m->m_execdir != NULL)
1121 {
1122 char *p, *q;
1123 char buf[MAXLINE];
1124
1125 for (p = m->m_execdir; p != NULL; p = q)
1126 {
1127 q = strchr(p, ':');
1128 if (q != NULL)
1129 *q = '\0';
1130 expand(p, buf, &buf[sizeof buf] - 1, e);
1131 if (q != NULL)
1132 *q++ = ':';
1133 if (tTd(11, 20))
1134 printf("openmailer: trydir %s\n",
1135 buf);
1136 if (buf[0] != '\0' && chdir(buf) >= 0)
1137 break;
1138 }
1139 }
1140
1141 /* arrange to filter std & diag output of command */
1142 if (clever)
1143 {
1144 (void) close(rpvect[0]);
1145 if (dup2(rpvect[1], STDOUT_FILENO) < 0)
1146 {
1147 syserr("%s... openmailer(%s): cannot dup pipe %d for stdout",
1148 e->e_to, m->m_name, rpvect[1]);
1149 _exit(EX_OSERR);
1150 }
1151 (void) close(rpvect[1]);
1152 }
1153 else if (OpMode == MD_SMTP || HoldErrs)
1154 {
1155 /* put mailer output in transcript */
1156 if (dup2(fileno(e->e_xfp), STDOUT_FILENO) < 0)
1157 {
1158 syserr("%s... openmailer(%s): cannot dup xscript %d for stdout",
1159 e->e_to, m->m_name,
1160 fileno(e->e_xfp));
1161 _exit(EX_OSERR);
1162 }
1163 }
1164 if (dup2(STDOUT_FILENO, STDERR_FILENO) < 0)
1165 {
1166 syserr("%s... openmailer(%s): cannot dup stdout for stderr",
1167 e->e_to, m->m_name);
1168 _exit(EX_OSERR);
1169 }
1170
1171 /* arrange to get standard input */
1172 (void) close(mpvect[1]);
1173 if (dup2(mpvect[0], STDIN_FILENO) < 0)
1174 {
1175 syserr("%s... openmailer(%s): cannot dup pipe %d for stdin",
1176 e->e_to, m->m_name, mpvect[0]);
1177 _exit(EX_OSERR);
1178 }
1179 (void) close(mpvect[0]);
1180 if (!bitnset(M_RESTR, m->m_flags))
1181 {
1182 if (ctladdr == NULL || ctladdr->q_uid == 0)
1183 {
1184 (void) setgid(DefGid);
1185 (void) initgroups(DefUser, DefGid);
1186 (void) setuid(DefUid);
1187 }
1188 else
1189 {
1190 (void) setgid(ctladdr->q_gid);
1191 (void) initgroups(ctladdr->q_ruser?
1192 ctladdr->q_ruser: ctladdr->q_user,
1193 ctladdr->q_gid);
1194 (void) setuid(ctladdr->q_uid);
1195 }
1196 }
1197
1198 /* arrange for all the files to be closed */
1199 for (i = 3; i < DtableSize; i++)
1200 {
1201 register int j;
1202 if ((j = fcntl(i, F_GETFD, 0)) != -1)
1203 (void)fcntl(i, F_SETFD, j|1);
1204 }
1205
1206 /* set up the mailer environment */
1207 i = 0;
1208 env[i++] = "AGENT=sendmail";
1209 for (ep = environ; *ep != NULL; ep++)
1210 {
1211 if (strncmp(*ep, "TZ=", 3) == 0)
1212 env[i++] = *ep;
1213 }
1214 env[i++] = NULL;
1215
1216 /* try to execute the mailer */
1217 execve(m->m_mailer, pv, env);
1218 saveerrno = errno;
1219 syserr("Cannot exec %s", m->m_mailer);
1220 if (m == LocalMailer || transienterror(saveerrno))
1221 _exit(EX_OSERR);
1222 _exit(EX_UNAVAILABLE);
1223 }
1224
1225 /*
1226 ** Set up return value.
1227 */
1228
1229 mci = (MCI *) xalloc(sizeof *mci);
1230 bzero((char *) mci, sizeof *mci);
1231 mci->mci_mailer = m;
1232 mci->mci_state = clever ? MCIS_OPENING : MCIS_OPEN;
1233 mci->mci_pid = pid;
1234 (void) close(mpvect[0]);
1235 mci->mci_out = fdopen(mpvect[1], "w");
1236 if (clever)
1237 {
1238 (void) close(rpvect[1]);
1239 mci->mci_in = fdopen(rpvect[0], "r");
1240 }
1241 else
1242 {
1243 mci->mci_flags |= MCIF_TEMP;
1244 mci->mci_in = NULL;
1245 }
1246 }
1247
1248 /*
1249 ** If we are in SMTP opening state, send initial protocol.
1250 */
1251
1252 if (clever && mci->mci_state != MCIS_CLOSED)
1253 {
1254 smtpinit(m, mci, e);
1255 }
1256 if (tTd(11, 1))
1257 {
1258 printf("openmailer: ");
1259 mci_dump(mci);
1260 }
1261
1262 if (mci->mci_state != MCIS_OPEN)
1263 {
1264 /* couldn't open the mailer */
1265 rcode = mci->mci_exitstat;
1266 errno = mci->mci_errno;
1267 #ifdef NAMED_BIND
1268 h_errno = mci->mci_herrno;
1269 #endif
1270 if (rcode == EX_OK)
1271 {
1272 /* shouldn't happen */
1273 syserr("554 deliver: rcode=%d, mci_state=%d, sig=%s",
1274 rcode, mci->mci_state, firstsig);
1275 rcode = EX_SOFTWARE;
1276 }
1277 else if (rcode == EX_TEMPFAIL && *curhost != '\0')
1278 {
1279 /* try next MX site */
1280 goto tryhost;
1281 }
1282 }
1283 else if (!clever)
1284 {
1285 /*
1286 ** Format and send message.
1287 */
1288
1289 putfromline(mci->mci_out, m, e);
1290 (*e->e_puthdr)(mci->mci_out, m, e);
1291 putline("\n", mci->mci_out, m);
1292 (*e->e_putbody)(mci->mci_out, m, e, NULL);
1293
1294 /* get the exit status */
1295 rcode = endmailer(mci, e, pv);
1296 }
1297 else
1298 #ifdef SMTP
1299 {
1300 /*
1301 ** Send the MAIL FROM: protocol
1302 */
1303
1304 rcode = smtpmailfrom(m, mci, e);
1305 if (rcode == EX_OK)
1306 {
1307 register char *t = tobuf;
1308 register int i;
1309
1310 /* send the recipient list */
1311 tobuf[0] = '\0';
1312 for (to = tochain; to != NULL; to = to->q_tchain)
1313 {
1314 e->e_to = to->q_paddr;
1315 if ((i = smtprcpt(to, m, mci, e)) != EX_OK)
1316 {
1317 markfailure(e, to, i);
1318 giveresponse(i, m, mci, e);
1319 }
1320 else
1321 {
1322 *t++ = ',';
1323 for (p = to->q_paddr; *p; *t++ = *p++)
1324 continue;
1325 }
1326 }
1327
1328 /* now send the data */
1329 if (tobuf[0] == '\0')
1330 {
1331 rcode = EX_OK;
1332 e->e_to = NULL;
1333 if (bitset(MCIF_CACHED, mci->mci_flags))
1334 smtprset(m, mci, e);
1335 }
1336 else
1337 {
1338 e->e_to = tobuf + 1;
1339 rcode = smtpdata(m, mci, e);
1340 }
1341
1342 /* now close the connection */
1343 if (!bitset(MCIF_CACHED, mci->mci_flags))
1344 smtpquit(m, mci, e);
1345 }
1346 if (rcode != EX_OK && *curhost != '\0')
1347 {
1348 /* try next MX site */
1349 goto tryhost;
1350 }
1351 }
1352 #else /* not SMTP */
1353 {
1354 syserr("554 deliver: need SMTP compiled to use clever mailer");
1355 rcode = EX_CONFIG;
1356 goto give_up;
1357 }
1358 #endif /* SMTP */
1359 #ifdef NAMED_BIND
1360 if (ConfigLevel < 2)
1361 _res.options |= RES_DEFNAMES | RES_DNSRCH; /* XXX */
1362 #endif
1363
1364 /* arrange a return receipt if requested */
1365 if (e->e_receiptto != NULL && bitnset(M_LOCALMAILER, m->m_flags))
1366 {
1367 e->e_flags |= EF_SENDRECEIPT;
1368 /* do we want to send back more info? */
1369 }
1370
1371 /*
1372 ** Do final status disposal.
1373 ** We check for something in tobuf for the SMTP case.
1374 ** If we got a temporary failure, arrange to queue the
1375 ** addressees.
1376 */
1377
1378 give_up:
1379 if (tobuf[0] != '\0')
1380 giveresponse(rcode, m, mci, e);
1381 for (to = tochain; to != NULL; to = to->q_tchain)
1382 {
1383 if (rcode != EX_OK)
1384 markfailure(e, to, rcode);
1385 else
1386 {
1387 to->q_flags |= QSENT;
1388 e->e_nsent++;
1389 }
1390 }
1391
1392 /*
1393 ** Restore state and return.
1394 */
1395
1396 errno = 0;
1397 define('g', (char *) NULL, e);
1398 return (rcode);
1399 }
1400 �/*
1401 ** MARKFAILURE -- mark a failure on a specific address.
1402 **
1403 ** Parameters:
1404 ** e -- the envelope we are sending.
1405 ** q -- the address to mark.
1406 ** rcode -- the code signifying the particular failure.
1407 **
1408 ** Returns:
1409 ** none.
1410 **
1411 ** Side Effects:
1412 ** marks the address (and possibly the envelope) with the
1413 ** failure so that an error will be returned or
1414 ** the message will be queued, as appropriate.
1415 */
1416
1417 markfailure(e, q, rcode)
1418 register ENVELOPE *e;
1419 register ADDRESS *q;
1420 int rcode;
1421 {
1422 char buf[MAXLINE];
1423
1424 if (rcode == EX_OK)
1425 return;
1426 else if (rcode == EX_TEMPFAIL)
1427 q->q_flags |= QQUEUEUP;
1428 else if (rcode != EX_IOERR && rcode != EX_OSERR)
1429 q->q_flags |= QBADADDR;
1430 }
1431 �/*
1432 ** ENDMAILER -- Wait for mailer to terminate.
1433 **
1434 ** We should never get fatal errors (e.g., segmentation
1435 ** violation), so we report those specially. For other
1436 ** errors, we choose a status message (into statmsg),
1437 ** and if it represents an error, we print it.
1438 **
1439 ** Parameters:
1440 ** pid -- pid of mailer.
1441 ** e -- the current envelope.
1442 ** pv -- the parameter vector that invoked the mailer
1443 ** (for error messages).
1444 **
1445 ** Returns:
1446 ** exit code of mailer.
1447 **
1448 ** Side Effects:
1449 ** none.
1450 */
1451
1452 endmailer(mci, e, pv)
1453 register MCI *mci;
1454 register ENVELOPE *e;
1455 char **pv;
1456 {
1457 int st;
1458
1459 /* close any connections */
1460 if (mci->mci_in != NULL)
1461 (void) xfclose(mci->mci_in, pv[0], "mci_in");
1462 if (mci->mci_out != NULL)
1463 (void) xfclose(mci->mci_out, pv[0], "mci_out");
1464 mci->mci_in = mci->mci_out = NULL;
1465 mci->mci_state = MCIS_CLOSED;
1466
1467 /* in the IPC case there is nothing to wait for */
1468 if (mci->mci_pid == 0)
1469 return (EX_OK);
1470
1471 /* wait for the mailer process to die and collect status */
1472 st = waitfor(mci->mci_pid);
1473 if (st == -1)
1474 {
1475 syserr("endmailer %s: wait", pv[0]);
1476 return (EX_SOFTWARE);
1477 }
1478
1479 /* see if it died a horrid death */
1480 if ((st & 0377) != 0)
1481 {
1482 syserr("mailer %s died with signal %o", pv[0], st);
1483
1484 /* log the arguments */
1485 if (e->e_xfp != NULL)
1486 {
1487 register char **av;
1488
1489 fprintf(e->e_xfp, "Arguments:");
1490 for (av = pv; *av != NULL; av++)
1491 fprintf(e->e_xfp, " %s", *av);
1492 fprintf(e->e_xfp, "\n");
1493 }
1494
1495 ExitStat = EX_TEMPFAIL;
1496 return (EX_TEMPFAIL);
1497 }
1498
1499 /* normal death -- return status */
1500 st = (st >> 8) & 0377;
1501 return (st);
1502 }
1503 �/*
1504 ** GIVERESPONSE -- Interpret an error response from a mailer
1505 **
1506 ** Parameters:
1507 ** stat -- the status code from the mailer (high byte
1508 ** only; core dumps must have been taken care of
1509 ** already).
1510 ** m -- the mailer info for this mailer.
1511 ** mci -- the mailer connection info -- can be NULL if the
1512 ** response is given before the connection is made.
1513 ** e -- the current envelope.
1514 **
1515 ** Returns:
1516 ** none.
1517 **
1518 ** Side Effects:
1519 ** Errors may be incremented.
1520 ** ExitStat may be set.
1521 */
1522
1523 giveresponse(stat, m, mci, e)
1524 int stat;
1525 register MAILER *m;
1526 register MCI *mci;
1527 ENVELOPE *e;
1528 {
1529 register const char *statmsg;
1530 extern char *SysExMsg[];
1531 register int i;
1532 extern int N_SysEx;
1533 char buf[MAXLINE];
1534
1535 /*
1536 ** Compute status message from code.
1537 */
1538
1539 i = stat - EX__BASE;
1540 if (stat == 0)
1541 {
1542 statmsg = "250 Sent";
1543 if (e->e_statmsg != NULL)
1544 {
1545 (void) sprintf(buf, "%s (%s)", statmsg, e->e_statmsg);
1546 statmsg = buf;
1547 }
1548 }
1549 else if (i < 0 || i > N_SysEx)
1550 {
1551 (void) sprintf(buf, "554 unknown mailer error %d", stat);
1552 stat = EX_UNAVAILABLE;
1553 statmsg = buf;
1554 }
1555 else if (stat == EX_TEMPFAIL)
1556 {
1557 (void) strcpy(buf, SysExMsg[i] + 1);
1558 #ifdef NAMED_BIND
1559 if (h_errno == TRY_AGAIN)
1560 statmsg = errstring(h_errno+E_DNSBASE);
1561 else
1562 #endif
1563 {
1564 if (errno != 0)
1565 statmsg = errstring(errno);
1566 else
1567 {
1568 #ifdef SMTP
1569 extern char SmtpError[];
1570
1571 statmsg = SmtpError;
1572 #else /* SMTP */
1573 statmsg = NULL;
1574 #endif /* SMTP */
1575 }
1576 }
1577 if (statmsg != NULL && statmsg[0] != '\0')
1578 {
1579 (void) strcat(buf, ": ");
1580 (void) strcat(buf, statmsg);
1581 }
1582 statmsg = buf;
1583 }
1584 #ifdef NAMED_BIND
1585 else if (stat == EX_NOHOST && h_errno != 0)
1586 {
1587 statmsg = errstring(h_errno + E_DNSBASE);
1588 (void) sprintf(buf, "%s (%s)", SysExMsg[i], statmsg);
1589 statmsg = buf;
1590 }
1591 #endif
1592 else
1593 {
1594 statmsg = SysExMsg[i];
1595 if (*statmsg++ == ':')
1596 {
1597 (void) sprintf(buf, "%s: %s", statmsg, errstring(errno));
1598 statmsg = buf;
1599 }
1600 }
1601
1602 /*
1603 ** Print the message as appropriate
1604 */
1605
1606 if (stat == EX_OK || stat == EX_TEMPFAIL)
1607 message(&statmsg[4], errstring(errno));
1608 else
1609 {
1610 Errors++;
1611 usrerr(statmsg, errstring(errno));
1612 }
1613
1614 /*
1615 ** Final cleanup.
1616 ** Log a record of the transaction. Compute the new
1617 ** ExitStat -- if we already had an error, stick with
1618 ** that.
1619 */
1620
1621 if (LogLevel > ((stat == EX_TEMPFAIL) ? 8 : (stat == EX_OK) ? 7 : 6))
1622 logdelivery(m, mci, &statmsg[4], e);
1623
1624 if (stat != EX_TEMPFAIL)
1625 setstat(stat);
1626 if (stat != EX_OK)
1627 {
1628 if (e->e_message != NULL)
1629 free(e->e_message);
1630 e->e_message = newstr(&statmsg[4]);
1631 }
1632 errno = 0;
1633 #ifdef NAMED_BIND
1634 h_errno = 0;
1635 #endif
1636 }
1637 �/*
1638 ** LOGDELIVERY -- log the delivery in the system log
1639 **
1640 ** Parameters:
1641 ** m -- the mailer info. Can be NULL for initial queue.
1642 ** mci -- the mailer connection info -- can be NULL if the
1643 ** log is occuring when no connection is active.
1644 ** stat -- the message to print for the status.
1645 ** e -- the current envelope.
1646 **
1647 ** Returns:
1648 ** none
1649 **
1650 ** Side Effects:
1651 ** none
1652 */
1653
1654 logdelivery(m, mci, stat, e)
1655 MAILER *m;
1656 register MCI *mci;
1657 char *stat;
1658 register ENVELOPE *e;
1659 {
1660 # ifdef LOG
1661 char buf[512];
1662
1663 (void) sprintf(buf, "delay=%s", pintvl(curtime() - e->e_ctime, TRUE));
1664
1665 if (m != NULL)
1666 {
1667 (void) strcat(buf, ", mailer=");
1668 (void) strcat(buf, m->m_name);
1669 }
1670
1671 if (mci != NULL && mci->mci_host != NULL)
1672 {
1673 # ifdef DAEMON
1674 extern SOCKADDR CurHostAddr;
1675 # endif
1676
1677 (void) strcat(buf, ", relay=");
1678 (void) strcat(buf, mci->mci_host);
1679
1680 # ifdef DAEMON
1681 (void) strcat(buf, " (");
1682 (void) strcat(buf, anynet_ntoa(&CurHostAddr));
1683 (void) strcat(buf, ")");
1684 # endif
1685 }
1686 else
1687 {
1688 char *p = macvalue('h', e);
1689
1690 if (p != NULL && p[0] != '\0')
1691 {
1692 (void) strcat(buf, ", relay=");
1693 (void) strcat(buf, p);
1694 }
1695 }
1696
1697 syslog(LOG_INFO, "%s: to=%s, %s, stat=%s",
1698 e->e_id, e->e_to, buf, stat);
1699 # endif /* LOG */
1700 }
1701 �/*
1702 ** PUTFROMLINE -- output a UNIX-style from line (or whatever)
1703 **
1704 ** This can be made an arbitrary message separator by changing $l
1705 **
1706 ** One of the ugliest hacks seen by human eyes is contained herein:
1707 ** UUCP wants those stupid "remote from <host>" lines. Why oh why
1708 ** does a well-meaning programmer such as myself have to deal with
1709 ** this kind of antique garbage????
1710 **
1711 ** Parameters:
1712 ** fp -- the file to output to.
1713 ** m -- the mailer describing this entry.
1714 **
1715 ** Returns:
1716 ** none
1717 **
1718 ** Side Effects:
1719 ** outputs some text to fp.
1720 */
1721
1722 putfromline(fp, m, e)
1723 register FILE *fp;
1724 register MAILER *m;
1725 ENVELOPE *e;
1726 {
1727 char *template = "\201l\n";
1728 char buf[MAXLINE];
1729
1730 if (bitnset(M_NHDR, m->m_flags))
1731 return;
1732
1733 # ifdef UGLYUUCP
1734 if (bitnset(M_UGLYUUCP, m->m_flags))
1735 {
1736 char *bang;
1737 char xbuf[MAXLINE];
1738
1739 expand("\201g", buf, &buf[sizeof buf - 1], e);
1740 bang = strchr(buf, '!');
1741 if (bang == NULL)
1742 syserr("554 No ! in UUCP! (%s)", buf);
1743 else
1744 {
1745 *bang++ = '\0';
1746 (void) sprintf(xbuf, "From %s \201d remote from %s\n", bang, buf);
1747 template = xbuf;
1748 }
1749 }
1750 # endif /* UGLYUUCP */
1751 expand(template, buf, &buf[sizeof buf - 1], e);
1752 putline(buf, fp, m);
1753 }
1754 �/*
1755 ** PUTBODY -- put the body of a message.
1756 **
1757 ** Parameters:
1758 ** fp -- file to output onto.
1759 ** m -- a mailer descriptor to control output format.
1760 ** e -- the envelope to put out.
1761 ** separator -- if non-NULL, a message separator that must
1762 ** not be permitted in the resulting message.
1763 **
1764 ** Returns:
1765 ** none.
1766 **
1767 ** Side Effects:
1768 ** The message is written onto fp.
1769 */
1770
1771 putbody(fp, m, e, separator)
1772 FILE *fp;
1773 MAILER *m;
1774 register ENVELOPE *e;
1775 char *separator;
1776 {
1777 char buf[MAXLINE];
1778
1779 /*
1780 ** Output the body of the message
1781 */
1782
1783 if (e->e_dfp == NULL)
1784 {
1785 if (e->e_df != NULL)
1786 {
1787 e->e_dfp = fopen(e->e_df, "r");
1788 if (e->e_dfp == NULL)
1789 syserr("putbody: Cannot open %s for %s from %s",
1790 e->e_df, e->e_to, e->e_from);
1791 }
1792 else
1793 putline("<<< No Message Collected >>>", fp, m);
1794 }
1795 if (e->e_dfp != NULL)
1796 {
1797 rewind(e->e_dfp);
1798 while (!ferror(fp) && fgets(buf, sizeof buf, e->e_dfp) != NULL)
1799 {
1800 if (buf[0] == 'F' && bitnset(M_ESCFROM, m->m_flags) &&
1801 strncmp(buf, "From ", 5) == 0)
1802 (void) putc('>', fp);
1803 if (buf[0] == '-' && buf[1] == '-' && separator != NULL)
1804 {
1805 /* possible separator */
1806 int sl = strlen(separator);
1807
1808 if (strncmp(&buf[2], separator, sl) == 0)
1809 (void) putc(' ', fp);
1810 }
1811 putline(buf, fp, m);
1812 }
1813
1814 if (ferror(e->e_dfp))
1815 {
1816 syserr("putbody: read error");
1817 ExitStat = EX_IOERR;
1818 }
1819 }
1820
1821 /* some mailers want extra blank line at end of message */
1822 if (bitnset(M_BLANKEND, m->m_flags) && buf[0] != '\0' && buf[0] != '\n')
1823 putline("", fp, m);
1824
1825 (void) fflush(fp);
1826 if (ferror(fp) && errno != EPIPE)
1827 {
1828 syserr("putbody: write error");
1829 ExitStat = EX_IOERR;
1830 }
1831 errno = 0;
1832 }
1833 �/*
1834 ** MAILFILE -- Send a message to a file.
1835 **
1836 ** If the file has the setuid/setgid bits set, but NO execute
1837 ** bits, sendmail will try to become the owner of that file
1838 ** rather than the real user. Obviously, this only works if
1839 ** sendmail runs as root.
1840 **
1841 ** This could be done as a subordinate mailer, except that it
1842 ** is used implicitly to save messages in ~/dead.letter. We
1843 ** view this as being sufficiently important as to include it
1844 ** here. For example, if the system is dying, we shouldn't have
1845 ** to create another process plus some pipes to save the message.
1846 **
1847 ** Parameters:
1848 ** filename -- the name of the file to send to.
1849 ** ctladdr -- the controlling address header -- includes
1850 ** the userid/groupid to be when sending.
1851 **
1852 ** Returns:
1853 ** The exit code associated with the operation.
1854 **
1855 ** Side Effects:
1856 ** none.
1857 */
1858
1859 mailfile(filename, ctladdr, e)
1860 char *filename;
1861 ADDRESS *ctladdr;
1862 register ENVELOPE *e;
1863 {
1864 register FILE *f;
1865 register int pid;
1866 int mode;
1867
1868 if (tTd(11, 1))
1869 {
1870 printf("mailfile %s\n ctladdr=", filename);
1871 printaddr(ctladdr, FALSE);
1872 }
1873
1874 if (e->e_xfp != NULL)
1875 fflush(e->e_xfp);
1876
1877 /*
1878 ** Fork so we can change permissions here.
1879 ** Note that we MUST use fork, not vfork, because of
1880 ** the complications of calling subroutines, etc.
1881 */
1882
1883 DOFORK(fork);
1884
1885 if (pid < 0)
1886 return (EX_OSERR);
1887 else if (pid == 0)
1888 {
1889 /* child -- actually write to file */
1890 struct stat stb;
1891
1892 (void) setsignal(SIGINT, SIG_DFL);
1893 (void) setsignal(SIGHUP, SIG_DFL);
1894 (void) setsignal(SIGTERM, SIG_DFL);
1895 (void) umask(OldUmask);
1896
1897 if (stat(filename, &stb) < 0)
1898 stb.st_mode = FileMode;
1899 mode = stb.st_mode;
1900
1901 /* limit the errors to those actually caused in the child */
1902 errno = 0;
1903 ExitStat = EX_OK;
1904
1905 if (bitset(0111, stb.st_mode))
1906 exit(EX_CANTCREAT);
1907 if (ctladdr == NULL)
1908 ctladdr = &e->e_from;
1909 else
1910 {
1911 /* ignore setuid and setgid bits */
1912 mode &= ~(S_ISGID|S_ISUID);
1913 }
1914
1915 /* we have to open the dfile BEFORE setuid */
1916 if (e->e_dfp == NULL && e->e_df != NULL)
1917 {
1918 e->e_dfp = fopen(e->e_df, "r");
1919 if (e->e_dfp == NULL)
1920 {
1921 syserr("mailfile: Cannot open %s for %s from %s",
1922 e->e_df, e->e_to, e->e_from);
1923 }
1924 }
1925
1926 if (!bitset(S_ISGID, mode) || setgid(stb.st_gid) < 0)
1927 {
1928 if (ctladdr->q_uid == 0)
1929 {
1930 (void) setgid(DefGid);
1931 (void) initgroups(DefUser, DefGid);
1932 }
1933 else
1934 {
1935 (void) setgid(ctladdr->q_gid);
1936 (void) initgroups(ctladdr->q_ruser ?
1937 ctladdr->q_ruser : ctladdr->q_user,
1938 ctladdr->q_gid);
1939 }
1940 }
1941 if (!bitset(S_ISUID, mode) || setuid(stb.st_uid) < 0)
1942 {
1943 if (ctladdr->q_uid == 0)
1944 (void) setuid(DefUid);
1945 else
1946 (void) setuid(ctladdr->q_uid);
1947 }
1948 FileName = filename;
1949 LineNumber = 0;
1950 f = dfopen(filename, O_WRONLY|O_CREAT|O_APPEND, FileMode);
1951 if (f == NULL)
1952 {
1953 message("554 cannot open");
1954 exit(EX_CANTCREAT);
1955 }
1956
1957 putfromline(f, FileMailer, e);
1958 (*e->e_puthdr)(f, FileMailer, e);
1959 putline("\n", f, FileMailer);
1960 (*e->e_putbody)(f, FileMailer, e, NULL);
1961 putline("\n", f, FileMailer);
1962 if (ferror(f))
1963 {
1964 message("451 I/O error");
1965 setstat(EX_IOERR);
1966 }
1967 (void) xfclose(f, "mailfile", filename);
1968 (void) fflush(stdout);
1969
1970 /* reset ISUID & ISGID bits for paranoid systems */
1971 (void) chmod(filename, (int) stb.st_mode);
1972 exit(ExitStat);
1973 /*NOTREACHED*/
1974 }
1975 else
1976 {
1977 /* parent -- wait for exit status */
1978 int st;
1979
1980 st = waitfor(pid);
1981 if ((st & 0377) != 0)
1982 return (EX_UNAVAILABLE);
1983 else
1984 return ((st >> 8) & 0377);
1985 /*NOTREACHED*/
1986 }
1987 }
1988 �/*
1989 ** HOSTSIGNATURE -- return the "signature" for a host.
1990 **
1991 ** The signature describes how we are going to send this -- it
1992 ** can be just the hostname (for non-Internet hosts) or can be
1993 ** an ordered list of MX hosts.
1994 **
1995 ** Parameters:
1996 ** m -- the mailer describing this host.
1997 ** host -- the host name.
1998 ** e -- the current envelope.
1999 **
2000 ** Returns:
2001 ** The signature for this host.
2002 **
2003 ** Side Effects:
2004 ** Can tweak the symbol table.
2005 */
2006
2007 char *
2008 hostsignature(m, host, e)
2009 register MAILER *m;
2010 char *host;
2011 ENVELOPE *e;
2012 {
2013 register char *p;
2014 register STAB *s;
2015 int i;
2016 int len;
2017 #ifdef NAMED_BIND
2018 int nmx;
2019 auto int rcode;
2020 char *hp;
2021 char *endp;
2022 int oldoptions;
2023 char *mxhosts[MAXMXHOSTS + 1];
2024 #endif
2025
2026 /*
2027 ** Check to see if this uses IPC -- if not, it can't have MX records.
2028 */
2029
2030 p = m->m_mailer;
2031 if (strcmp(p, "[IPC]") != 0 && strcmp(p, "[TCP]") != 0)
2032 {
2033 /* just an ordinary mailer */
2034 return host;
2035 }
2036
2037 /*
2038 ** If it is a numeric address, just return it.
2039 */
2040
2041 if (host[0] == '[')
2042 return host;
2043
2044 /*
2045 ** Look it up in the symbol table.
2046 */
2047
2048 s = stab(host, ST_HOSTSIG, ST_ENTER);
2049 if (s->s_hostsig != NULL)
2050 return s->s_hostsig;
2051
2052 /*
2053 ** Not already there -- create a signature.
2054 */
2055
2056 #ifdef NAMED_BIND
2057 if (ConfigLevel < 2)
2058 {
2059 oldoptions = _res.options;
2060 _res.options &= ~(RES_DEFNAMES | RES_DNSRCH); /* XXX */
2061 }
2062
2063 for (hp = host; hp != NULL; hp = endp)
2064 {
2065 endp = strchr(hp, ':');
2066 if (endp != NULL)
2067 *endp = '\0';
2068
2069 nmx = getmxrr(hp, mxhosts, TRUE, &rcode);
2070
2071 if (nmx <= 0)
2072 {
2073 register MCI *mci;
2074 extern int errno;
2075
2076 /* update the connection info for this host */
2077 mci = mci_get(hp, m);
2078 mci->mci_exitstat = rcode;
2079 mci->mci_errno = errno;
2080 #ifdef NAMED_BIND
2081 mci->mci_herrno = h_errno;
2082 #endif
2083
2084 /* and return the original host name as the signature */
2085 nmx = 1;
2086 mxhosts[0] = hp;
2087 }
2088
2089 len = 0;
2090 for (i = 0; i < nmx; i++)
2091 {
2092 len += strlen(mxhosts[i]) + 1;
2093 }
2094 if (s->s_hostsig != NULL)
2095 len += strlen(s->s_hostsig) + 1;
2096 p = xalloc(len);
2097 if (s->s_hostsig != NULL)
2098 {
2099 (void) strcpy(p, s->s_hostsig);
2100 free(s->s_hostsig);
2101 s->s_hostsig = p;
2102 p += strlen(p);
2103 *p++ = ':';
2104 }
2105 else
2106 s->s_hostsig = p;
2107 for (i = 0; i < nmx; i++)
2108 {
2109 if (i != 0)
2110 *p++ = ':';
2111 strcpy(p, mxhosts[i]);
2112 p += strlen(p);
2113 }
2114 if (endp != NULL)
2115 *endp++ = ':';
2116 }
2117 makelower(s->s_hostsig);
2118 if (ConfigLevel < 2)
2119 _res.options = oldoptions;
2120 #else
2121 /* not using BIND -- the signature is just the host name */
2122 s->s_hostsig = host;
2123 #endif
2124 if (tTd(17, 1))
2125 printf("hostsignature(%s) = %s\n", host, s->s_hostsig);
2126 return s->s_hostsig;
2127 }
2128