1 /*
2 * Copyright (c) 1988 Regents of the University of California.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms are permitted
6 * provided that this notice is preserved and that due credit is given
7 * to the University of California at Berkeley. The name of the University
8 * may not be used to endorse or promote products derived from this
9 * software without specific prior written permission. This software
10 * is provided ``as is'' without express or implied warranty.
11 *
12 * Sendmail
13 * Copyright (c) 1983 Eric P. Allman
14 * Berkeley, California
15 */
16
17 #ifndef lint
18 static char sccsid[] = "@(#)envelope.c 5.13 (Berkeley) 03/13/88";
19 #endif /* not lint */
20
21 #include <pwd.h>
22 #include <sys/time.h>
23 #include "sendmail.h"
24 #include <sys/stat.h>
25
26 /*
27 ** NEWENVELOPE -- allocate a new envelope
28 **
29 ** Supports inheritance.
30 **
31 ** Parameters:
32 ** e -- the new envelope to fill in.
33 **
34 ** Returns:
35 ** e.
36 **
37 ** Side Effects:
38 ** none.
39 */
40
41 ENVELOPE *
42 newenvelope(e)
43 register ENVELOPE *e;
44 {
45 register ENVELOPE *parent;
46 extern putheader(), putbody();
47 extern ENVELOPE BlankEnvelope;
48
49 parent = CurEnv;
50 if (e == CurEnv)
51 parent = e->e_parent;
52 clearenvelope(e, TRUE);
53 if (e == CurEnv)
54 bcopy((char *) &NullAddress, (char *) &e->e_from, sizeof e->e_from);
55 else
56 bcopy((char *) &CurEnv->e_from, (char *) &e->e_from, sizeof e->e_from);
57 e->e_parent = parent;
58 e->e_ctime = curtime();
59 e->e_msgpriority = parent->e_msgsize;
60 e->e_puthdr = putheader;
61 e->e_putbody = putbody;
62 if (CurEnv->e_xfp != NULL)
63 (void) fflush(CurEnv->e_xfp);
64
65 return (e);
66 }
67 �/*
68 ** DROPENVELOPE -- deallocate an envelope.
69 **
70 ** Parameters:
71 ** e -- the envelope to deallocate.
72 **
73 ** Returns:
74 ** none.
75 **
76 ** Side Effects:
77 ** housekeeping necessary to dispose of an envelope.
78 ** Unlocks this queue file.
79 */
80
81 dropenvelope(e)
82 register ENVELOPE *e;
83 {
84 bool queueit = FALSE;
85 register ADDRESS *q;
86
87 #ifdef DEBUG
88 if (tTd(50, 1))
89 {
90 printf("dropenvelope %x id=", e);
91 xputs(e->e_id);
92 printf(" flags=%o\n", e->e_flags);
93 }
94 #endif DEBUG
95 #ifdef LOG
96 if (LogLevel > 10)
97 syslog(LOG_DEBUG, "dropenvelope, id=%s, flags=%o, pid=%d",
98 e->e_id == NULL ? "(none)" : e->e_id,
99 e->e_flags, getpid());
100 #endif LOG
101
102 /* we must have an id to remove disk files */
103 if (e->e_id == NULL)
104 return;
105
106 /*
107 ** Extract state information from dregs of send list.
108 */
109
110 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
111 {
112 if (bitset(QQUEUEUP, q->q_flags))
113 queueit = TRUE;
114 }
115
116 /*
117 ** Send back return receipts as requested.
118 */
119
120 if (e->e_receiptto != NULL && bitset(EF_SENDRECEIPT, e->e_flags))
121 {
122 auto ADDRESS *rlist = NULL;
123
124 sendtolist(CurEnv->e_receiptto, (ADDRESS *) NULL, &rlist);
125 (void) returntosender("Return receipt", rlist, FALSE);
126 }
127
128 /*
129 ** Arrange to send error messages if there are fatal errors.
130 */
131
132 if (bitset(EF_FATALERRS|EF_TIMEOUT, e->e_flags) && ErrorMode != EM_QUIET)
133 savemail(e);
134
135 /*
136 ** Instantiate or deinstantiate the queue.
137 */
138
139 if ((!queueit && !bitset(EF_KEEPQUEUE, e->e_flags)) ||
140 bitset(EF_CLRQUEUE, e->e_flags))
141 {
142 if (e->e_df != NULL)
143 xunlink(e->e_df);
144 xunlink(queuename(e, 'q'));
145 }
146 else if (queueit || !bitset(EF_INQUEUE, e->e_flags))
147 {
148 #ifdef QUEUE
149 queueup(e, FALSE, FALSE);
150 #else QUEUE
151 syserr("dropenvelope: queueup");
152 #endif QUEUE
153 }
154
155 /* now unlock the job */
156 closexscript(e);
157 unlockqueue(e);
158
159 /* make sure that this envelope is marked unused */
160 e->e_id = e->e_df = NULL;
161 if (e->e_dfp != NULL)
162 (void) fclose(e->e_dfp);
163 e->e_dfp = NULL;
164 }
165 �/*
166 ** CLEARENVELOPE -- clear an envelope without unlocking
167 **
168 ** This is normally used by a child process to get a clean
169 ** envelope without disturbing the parent.
170 **
171 ** Parameters:
172 ** e -- the envelope to clear.
173 ** fullclear - if set, the current envelope is total
174 ** garbage and should be ignored; otherwise,
175 ** release any resources it may indicate.
176 **
177 ** Returns:
178 ** none.
179 **
180 ** Side Effects:
181 ** Closes files associated with the envelope.
182 ** Marks the envelope as unallocated.
183 */
184
185 clearenvelope(e, fullclear)
186 register ENVELOPE *e;
187 bool fullclear;
188 {
189 register HDR *bh;
190 register HDR **nhp;
191 extern ENVELOPE BlankEnvelope;
192
193 if (!fullclear)
194 {
195 /* clear out any file information */
196 if (e->e_xfp != NULL)
197 (void) fclose(e->e_xfp);
198 if (e->e_dfp != NULL)
199 (void) fclose(e->e_dfp);
200 }
201
202 /* now clear out the data */
203 STRUCTCOPY(BlankEnvelope, *e);
204 bh = BlankEnvelope.e_header;
205 nhp = &e->e_header;
206 while (bh != NULL)
207 {
208 *nhp = (HDR *) xalloc(sizeof *bh);
209 bcopy((char *) bh, (char *) *nhp, sizeof *bh);
210 bh = bh->h_link;
211 nhp = &(*nhp)->h_link;
212 }
213 }
214 �/*
215 ** INITSYS -- initialize instantiation of system
216 **
217 ** In Daemon mode, this is done in the child.
218 **
219 ** Parameters:
220 ** none.
221 **
222 ** Returns:
223 ** none.
224 **
225 ** Side Effects:
226 ** Initializes the system macros, some global variables,
227 ** etc. In particular, the current time in various
228 ** forms is set.
229 */
230
231 initsys()
232 {
233 static char cbuf[5]; /* holds hop count */
234 static char pbuf[10]; /* holds pid */
235 #ifdef TTYNAME
236 static char ybuf[10]; /* holds tty id */
237 register char *p;
238 #endif TTYNAME
239 extern char *ttyname();
240 extern char *macvalue();
241 extern char Version[];
242
243 /*
244 ** Give this envelope a reality.
245 ** I.e., an id, a transcript, and a creation time.
246 */
247
248 openxscript(CurEnv);
249 CurEnv->e_ctime = curtime();
250
251 /*
252 ** Set OutChannel to something useful if stdout isn't it.
253 ** This arranges that any extra stuff the mailer produces
254 ** gets sent back to the user on error (because it is
255 ** tucked away in the transcript).
256 */
257
258 if (OpMode == MD_DAEMON && QueueRun)
259 OutChannel = CurEnv->e_xfp;
260
261 /*
262 ** Set up some basic system macros.
263 */
264
265 /* process id */
266 (void) sprintf(pbuf, "%d", getpid());
267 define('p', pbuf, CurEnv);
268
269 /* hop count */
270 (void) sprintf(cbuf, "%d", CurEnv->e_hopcount);
271 define('c', cbuf, CurEnv);
272
273 /* time as integer, unix time, arpa time */
274 settime();
275
276 #ifdef TTYNAME
277 /* tty name */
278 if (macvalue('y', CurEnv) == NULL)
279 {
280 p = ttyname(2);
281 if (p != NULL)
282 {
283 if (rindex(p, '/') != NULL)
284 p = rindex(p, '/') + 1;
285 (void) strcpy(ybuf, p);
286 define('y', ybuf, CurEnv);
287 }
288 }
289 #endif TTYNAME
290 }
291 �/*
292 ** SETTIME -- set the current time.
293 **
294 ** Parameters:
295 ** none.
296 **
297 ** Returns:
298 ** none.
299 **
300 ** Side Effects:
301 ** Sets the various time macros -- $a, $b, $d, $t.
302 */
303
304 settime()
305 {
306 register char *p;
307 auto time_t now;
308 static char tbuf[20]; /* holds "current" time */
309 static char dbuf[30]; /* holds ctime(tbuf) */
310 register struct tm *tm;
311 extern char *arpadate();
312 extern struct tm *gmtime();
313 extern char *macvalue();
314
315 now = curtime();
316 tm = gmtime(&now);
317 (void) sprintf(tbuf, "%02d%02d%02d%02d%02d", tm->tm_year, tm->tm_mon+1,
318 tm->tm_mday, tm->tm_hour, tm->tm_min);
319 define('t', tbuf, CurEnv);
320 (void) strcpy(dbuf, ctime(&now));
321 *index(dbuf, '\n') = '\0';
322 if (macvalue('d', CurEnv) == NULL)
323 define('d', dbuf, CurEnv);
324 p = newstr(arpadate(dbuf));
325 if (macvalue('a', CurEnv) == NULL)
326 define('a', p, CurEnv);
327 define('b', p, CurEnv);
328 }
329 �/*
330 ** OPENXSCRIPT -- Open transcript file
331 **
332 ** Creates a transcript file for possible eventual mailing or
333 ** sending back.
334 **
335 ** Parameters:
336 ** e -- the envelope to create the transcript in/for.
337 **
338 ** Returns:
339 ** none
340 **
341 ** Side Effects:
342 ** Creates the transcript file.
343 */
344
345 openxscript(e)
346 register ENVELOPE *e;
347 {
348 register char *p;
349
350 # ifdef LOG
351 if (LogLevel > 19)
352 syslog(LOG_DEBUG, "%s: openx%s", e->e_id, e->e_xfp == NULL ? "" : " (no)");
353 # endif LOG
354 if (e->e_xfp != NULL)
355 return;
356 p = queuename(e, 'x');
357 e->e_xfp = fopen(p, "w");
358 if (e->e_xfp == NULL)
359 syserr("Can't create %s", p);
360 else
361 (void) chmod(p, 0644);
362 }
363 �/*
364 ** CLOSEXSCRIPT -- close the transcript file.
365 **
366 ** Parameters:
367 ** e -- the envelope containing the transcript to close.
368 **
369 ** Returns:
370 ** none.
371 **
372 ** Side Effects:
373 ** none.
374 */
375
376 closexscript(e)
377 register ENVELOPE *e;
378 {
379 if (e->e_xfp == NULL)
380 return;
381 (void) fclose(e->e_xfp);
382 e->e_xfp = NULL;
383 }
384 �/*
385 ** SETSENDER -- set the person who this message is from
386 **
387 ** Under certain circumstances allow the user to say who
388 ** s/he is (using -f or -r). These are:
389 ** 1. The user's uid is zero (root).
390 ** 2. The user's login name is in an approved list (typically
391 ** from a network server).
392 ** 3. The address the user is trying to claim has a
393 ** "!" character in it (since #2 doesn't do it for
394 ** us if we are dialing out for UUCP).
395 ** A better check to replace #3 would be if the
396 ** effective uid is "UUCP" -- this would require me
397 ** to rewrite getpwent to "grab" uucp as it went by,
398 ** make getname more nasty, do another passwd file
399 ** scan, or compile the UID of "UUCP" into the code,
400 ** all of which are reprehensible.
401 **
402 ** Assuming all of these fail, we figure out something
403 ** ourselves.
404 **
405 ** Parameters:
406 ** from -- the person we would like to believe this message
407 ** is from, as specified on the command line.
408 **
409 ** Returns:
410 ** none.
411 **
412 ** Side Effects:
413 ** sets sendmail's notion of who the from person is.
414 */
415
416 setsender(from)
417 char *from;
418 {
419 register char **pvp;
420 char *realname = NULL;
421 register struct passwd *pw;
422 char buf[MAXNAME];
423 char pvpbuf[PSBUFSIZE];
424 extern struct passwd *getpwnam();
425 extern char *macvalue();
426 extern char **prescan();
427 extern bool safefile();
428 extern char *FullName;
429
430 # ifdef DEBUG
431 if (tTd(45, 1))
432 printf("setsender(%s)\n", from == NULL ? "" : from);
433 # endif DEBUG
434
435 /*
436 ** Figure out the real user executing us.
437 ** Username can return errno != 0 on non-errors.
438 */
439
440 if (QueueRun || OpMode == MD_SMTP || OpMode == MD_ARPAFTP)
441 realname = from;
442 if (realname == NULL || realname[0] == '\0')
443 {
444 extern char *username();
445
446 realname = username();
447 }
448
449 /*
450 ** Determine if this real person is allowed to alias themselves.
451 */
452
453 if (from != NULL)
454 {
455 extern bool trusteduser();
456
457 if (!trusteduser(realname) &&
458 # ifdef DEBUG
459 (!tTd(1, 9) || getuid() != geteuid()) &&
460 # endif DEBUG
461 index(from, '!') == NULL && getuid() != 0)
462 {
463 /* network sends -r regardless (why why why?) */
464 /* syserr("%s, you cannot use the -f flag", realname); */
465 from = NULL;
466 }
467 }
468
469 SuprErrs = TRUE;
470 if (from == NULL || parseaddr(from, &CurEnv->e_from, 1, '\0') == NULL)
471 {
472 /* log garbage addresses for traceback */
473 if (from != NULL)
474 {
475 # ifdef LOG
476 if (LogLevel >= 1)
477 syslog(LOG_ERR, "Unparseable user %s wants to be %s",
478 realname, from);
479 # endif LOG
480 }
481 from = newstr(realname);
482 if (parseaddr(from, &CurEnv->e_from, 1, '\0') == NULL &&
483 parseaddr("postmaster", &CurEnv->e_from, 1, '\0') == NULL)
484 {
485 syserr("setsender: can't even parse postmaster!");
486 }
487 }
488 else
489 FromFlag = TRUE;
490 CurEnv->e_from.q_flags |= QDONTSEND;
491 loweraddr(&CurEnv->e_from);
492 SuprErrs = FALSE;
493
494 if (CurEnv->e_from.q_mailer == LocalMailer &&
495 (pw = getpwnam(CurEnv->e_from.q_user)) != NULL)
496 {
497 /*
498 ** Process passwd file entry.
499 */
500
501
502 /* extract home directory */
503 CurEnv->e_from.q_home = newstr(pw->pw_dir);
504 define('z', CurEnv->e_from.q_home, CurEnv);
505
506 /* extract user and group id */
507 CurEnv->e_from.q_uid = pw->pw_uid;
508 CurEnv->e_from.q_gid = pw->pw_gid;
509
510 /* if the user has given fullname already, don't redefine */
511 if (FullName == NULL)
512 FullName = macvalue('x', CurEnv);
513 if (FullName != NULL && FullName[0] == '\0')
514 FullName = NULL;
515
516 /* extract full name from passwd file */
517 if (FullName == NULL && pw->pw_gecos != NULL &&
518 strcmp(pw->pw_name, CurEnv->e_from.q_user) == 0)
519 {
520 buildfname(pw->pw_gecos, CurEnv->e_from.q_user, buf);
521 if (buf[0] != '\0')
522 FullName = newstr(buf);
523 }
524 if (FullName != NULL)
525 define('x', FullName, CurEnv);
526 }
527 else
528 {
529 #ifndef V6
530 if (CurEnv->e_from.q_home == NULL)
531 CurEnv->e_from.q_home = getenv("HOME");
532 #endif V6
533 CurEnv->e_from.q_uid = getuid();
534 CurEnv->e_from.q_gid = getgid();
535 }
536
537 if (CurEnv->e_from.q_uid != 0)
538 {
539 DefUid = CurEnv->e_from.q_uid;
540 DefGid = CurEnv->e_from.q_gid;
541 }
542
543 /*
544 ** Rewrite the from person to dispose of possible implicit
545 ** links in the net.
546 */
547
548 pvp = prescan(from, '\0', pvpbuf);
549 if (pvp == NULL)
550 {
551 syserr("cannot prescan from (%s)", from);
552 finis();
553 }
554 rewrite(pvp, 3);
555 rewrite(pvp, 1);
556 rewrite(pvp, 4);
557 cataddr(pvp, buf, sizeof buf);
558 define('f', newstr(buf), CurEnv);
559
560 /* save the domain spec if this mailer wants it */
561 if (CurEnv->e_from.q_mailer != NULL &&
562 bitnset(M_CANONICAL, CurEnv->e_from.q_mailer->m_flags))
563 {
564 extern char **copyplist();
565
566 while (*pvp != NULL && strcmp(*pvp, "@") != 0)
567 pvp++;
568 if (*pvp != NULL)
569 CurEnv->e_fromdomain = copyplist(pvp, TRUE);
570 }
571 }
572 �/*
573 ** TRUSTEDUSER -- tell us if this user is to be trusted.
574 **
575 ** Parameters:
576 ** user -- the user to be checked.
577 **
578 ** Returns:
579 ** TRUE if the user is in an approved list.
580 ** FALSE otherwise.
581 **
582 ** Side Effects:
583 ** none.
584 */
585
586 bool
587 trusteduser(user)
588 char *user;
589 {
590 register char **ulist;
591 extern char *TrustedUsers[];
592
593 for (ulist = TrustedUsers; *ulist != NULL; ulist++)
594 if (strcmp(*ulist, user) == 0)
595 return (TRUE);
596 return (FALSE);
597 }
598