1 /*
2 * Copyright (c) 1983 Eric P. Allman
3 * Copyright (c) 1988 Regents of the University of California.
4 * All rights reserved.
5 *
6 * %sccs.include.redist.c%
7 */
8
9 #ifndef lint
10 static char sccsid[] = "@(#)envelope.c 6.6 (Berkeley) 02/12/93";
11 #endif /* not lint */
12
13 #include <sys/types.h>
14 #include <sys/time.h>
15 #include <sys/stat.h>
16 #include <pwd.h>
17 #include <fcntl.h>
18 #include "sendmail.h"
19
20 /*
21 ** NEWENVELOPE -- allocate a new envelope
22 **
23 ** Supports inheritance.
24 **
25 ** Parameters:
26 ** e -- the new envelope to fill in.
27 **
28 ** Returns:
29 ** e.
30 **
31 ** Side Effects:
32 ** none.
33 */
34
35 ENVELOPE *
36 newenvelope(e)
37 register ENVELOPE *e;
38 {
39 register ENVELOPE *parent;
40 extern putheader(), putbody();
41 extern ENVELOPE BlankEnvelope;
42
43 parent = CurEnv;
44 if (e == CurEnv && e->e_parent != NULL)
45 parent = e->e_parent;
46 clearenvelope(e, TRUE);
47 if (e == CurEnv)
48 bcopy((char *) &NullAddress, (char *) &e->e_from, sizeof e->e_from);
49 else
50 bcopy((char *) &CurEnv->e_from, (char *) &e->e_from, sizeof e->e_from);
51 e->e_parent = parent;
52 e->e_ctime = curtime();
53 if (parent != NULL)
54 e->e_msgpriority = parent->e_msgsize;
55 e->e_puthdr = putheader;
56 e->e_putbody = putbody;
57 if (CurEnv->e_xfp != NULL)
58 (void) fflush(CurEnv->e_xfp);
59
60 return (e);
61 }
62 �/*
63 ** DROPENVELOPE -- deallocate an envelope.
64 **
65 ** Parameters:
66 ** e -- the envelope to deallocate.
67 **
68 ** Returns:
69 ** none.
70 **
71 ** Side Effects:
72 ** housekeeping necessary to dispose of an envelope.
73 ** Unlocks this queue file.
74 */
75
76 dropenvelope(e)
77 register ENVELOPE *e;
78 {
79 bool queueit = FALSE;
80 register ADDRESS *q;
81 char *id = e->e_id;
82
83 if (tTd(50, 1))
84 {
85 printf("dropenvelope %x id=", e);
86 xputs(e->e_id);
87 printf(" flags=%o\n", e->e_flags);
88 }
89
90 if (id == NULL)
91 id = "(none)";
92
93 #ifdef LOG
94 if (LogLevel > 12)
95 syslog(LOG_DEBUG, "dropenvelope, id=%s, flags=%o, pid=%d",
96 id, e->e_flags, getpid());
97 #endif /* LOG */
98
99 /* we must have an id to remove disk files */
100 if (e->e_id == NULL)
101 return;
102
103 /*
104 ** Extract state information from dregs of send list.
105 */
106
107 for (q = e->e_sendqueue; q != NULL; q = q->q_next)
108 {
109 if (bitset(QQUEUEUP, q->q_flags))
110 queueit = TRUE;
111 }
112
113 /*
114 ** Send back return receipts as requested.
115 */
116
117 if (e->e_receiptto != NULL && bitset(EF_SENDRECEIPT, e->e_flags))
118 {
119 auto ADDRESS *rlist = NULL;
120
121 sendtolist(e->e_receiptto, (ADDRESS *) NULL, &rlist, e);
122 (void) returntosender("Return receipt", rlist, FALSE, e);
123 }
124
125 /*
126 ** Arrange to send error messages if there are fatal errors.
127 */
128
129 if (bitset(EF_FATALERRS|EF_TIMEOUT, e->e_flags) && ErrorMode != EM_QUIET)
130 savemail(e);
131
132 /*
133 ** Instantiate or deinstantiate the queue.
134 */
135
136 if ((!queueit && !bitset(EF_KEEPQUEUE, e->e_flags)) ||
137 bitset(EF_CLRQUEUE, e->e_flags))
138 {
139 if (e->e_df != NULL)
140 xunlink(e->e_df);
141 xunlink(queuename(e, 'q'));
142 }
143 else if (queueit || !bitset(EF_INQUEUE, e->e_flags))
144 {
145 #ifdef QUEUE
146 queueup(e, FALSE, FALSE);
147 #else /* QUEUE */
148 syserr("dropenvelope: queueup");
149 #endif /* QUEUE */
150 }
151
152 /* now unlock the job */
153 closexscript(e);
154 unlockqueue(e);
155
156 /* make sure that this envelope is marked unused */
157 e->e_id = e->e_df = NULL;
158 if (e->e_dfp != NULL)
159 (void) fclose(e->e_dfp);
160 e->e_dfp = NULL;
161
162 #ifdef LOG
163 if (LogLevel >= 10)
164 syslog(LOG_INFO, "%s: done", id);
165 #endif /* LOG */
166 }
167 �/*
168 ** CLEARENVELOPE -- clear an envelope without unlocking
169 **
170 ** This is normally used by a child process to get a clean
171 ** envelope without disturbing the parent.
172 **
173 ** Parameters:
174 ** e -- the envelope to clear.
175 ** fullclear - if set, the current envelope is total
176 ** garbage and should be ignored; otherwise,
177 ** release any resources it may indicate.
178 **
179 ** Returns:
180 ** none.
181 **
182 ** Side Effects:
183 ** Closes files associated with the envelope.
184 ** Marks the envelope as unallocated.
185 */
186
187 clearenvelope(e, fullclear)
188 register ENVELOPE *e;
189 bool fullclear;
190 {
191 register HDR *bh;
192 register HDR **nhp;
193 extern ENVELOPE BlankEnvelope;
194
195 if (!fullclear)
196 {
197 /* clear out any file information */
198 if (e->e_xfp != NULL)
199 (void) fclose(e->e_xfp);
200 if (e->e_dfp != NULL)
201 (void) fclose(e->e_dfp);
202 }
203
204 /* now clear out the data */
205 STRUCTCOPY(BlankEnvelope, *e);
206 bh = BlankEnvelope.e_header;
207 nhp = &e->e_header;
208 while (bh != NULL)
209 {
210 *nhp = (HDR *) xalloc(sizeof *bh);
211 bcopy((char *) bh, (char *) *nhp, sizeof *bh);
212 bh = bh->h_link;
213 nhp = &(*nhp)->h_link;
214 }
215 }
216 �/*
217 ** INITSYS -- initialize instantiation of system
218 **
219 ** In Daemon mode, this is done in the child.
220 **
221 ** Parameters:
222 ** none.
223 **
224 ** Returns:
225 ** none.
226 **
227 ** Side Effects:
228 ** Initializes the system macros, some global variables,
229 ** etc. In particular, the current time in various
230 ** forms is set.
231 */
232
233 initsys(e)
234 register ENVELOPE *e;
235 {
236 static char cbuf[5]; /* holds hop count */
237 static char pbuf[10]; /* holds pid */
238 #ifdef TTYNAME
239 static char ybuf[10]; /* holds tty id */
240 register char *p;
241 #endif /* TTYNAME */
242 extern char *ttyname();
243 extern char *macvalue();
244 extern char Version[];
245
246 /*
247 ** Give this envelope a reality.
248 ** I.e., an id, a transcript, and a creation time.
249 */
250
251 openxscript(e);
252 e->e_ctime = curtime();
253
254 /*
255 ** Set OutChannel to something useful if stdout isn't it.
256 ** This arranges that any extra stuff the mailer produces
257 ** gets sent back to the user on error (because it is
258 ** tucked away in the transcript).
259 */
260
261 if (OpMode == MD_DAEMON && QueueRun)
262 OutChannel = e->e_xfp;
263
264 /*
265 ** Set up some basic system macros.
266 */
267
268 /* process id */
269 (void) sprintf(pbuf, "%d", getpid());
270 define('p', pbuf, e);
271
272 /* hop count */
273 (void) sprintf(cbuf, "%d", e->e_hopcount);
274 define('c', cbuf, e);
275
276 /* time as integer, unix time, arpa time */
277 settime(e);
278
279 #ifdef TTYNAME
280 /* tty name */
281 if (macvalue('y', e) == NULL)
282 {
283 p = ttyname(2);
284 if (p != NULL)
285 {
286 if (strrchr(p, '/') != NULL)
287 p = strrchr(p, '/') + 1;
288 (void) strcpy(ybuf, p);
289 define('y', ybuf, e);
290 }
291 }
292 #endif /* TTYNAME */
293 }
294 �/*
295 ** SETTIME -- set the current time.
296 **
297 ** Parameters:
298 ** none.
299 **
300 ** Returns:
301 ** none.
302 **
303 ** Side Effects:
304 ** Sets the various time macros -- $a, $b, $d, $t.
305 */
306
307 settime(e)
308 register ENVELOPE *e;
309 {
310 register char *p;
311 auto time_t now;
312 static char tbuf[20]; /* holds "current" time */
313 static char dbuf[30]; /* holds ctime(tbuf) */
314 register struct tm *tm;
315 extern char *arpadate();
316 extern struct tm *gmtime();
317 extern char *macvalue();
318
319 now = curtime();
320 tm = gmtime(&now);
321 (void) sprintf(tbuf, "%04d%02d%02d%02d%02d", tm->tm_year + 1900,
322 tm->tm_mon+1, tm->tm_mday, tm->tm_hour, tm->tm_min);
323 define('t', tbuf, e);
324 (void) strcpy(dbuf, ctime(&now));
325 *strchr(dbuf, '\n') = '\0';
326 if (macvalue('d', e) == NULL)
327 define('d', dbuf, e);
328 p = newstr(arpadate(dbuf));
329 if (macvalue('a', e) == NULL)
330 define('a', p, e);
331 define('b', p, e);
332 }
333 �/*
334 ** OPENXSCRIPT -- Open transcript file
335 **
336 ** Creates a transcript file for possible eventual mailing or
337 ** sending back.
338 **
339 ** Parameters:
340 ** e -- the envelope to create the transcript in/for.
341 **
342 ** Returns:
343 ** none
344 **
345 ** Side Effects:
346 ** Creates the transcript file.
347 */
348
349 openxscript(e)
350 register ENVELOPE *e;
351 {
352 register char *p;
353 int fd;
354
355 # ifdef LOG
356 if (LogLevel > 19)
357 syslog(LOG_DEBUG, "%s: openx%s", e->e_id, e->e_xfp == NULL ? "" : " (no)");
358 # endif /* LOG */
359 if (e->e_xfp != NULL)
360 return;
361 p = queuename(e, 'x');
362 fd = open(p, O_WRONLY|O_CREAT, 0644);
363 if (fd < 0)
364 syserr("Can't create %s", p);
365 else
366 e->e_xfp = fdopen(fd, "w");
367 }
368 �/*
369 ** CLOSEXSCRIPT -- close the transcript file.
370 **
371 ** Parameters:
372 ** e -- the envelope containing the transcript to close.
373 **
374 ** Returns:
375 ** none.
376 **
377 ** Side Effects:
378 ** none.
379 */
380
381 closexscript(e)
382 register ENVELOPE *e;
383 {
384 if (e->e_xfp == NULL)
385 return;
386 (void) fclose(e->e_xfp);
387 e->e_xfp = NULL;
388 }
389 �/*
390 ** SETSENDER -- set the person who this message is from
391 **
392 ** Under certain circumstances allow the user to say who
393 ** s/he is (using -f or -r). These are:
394 ** 1. The user's uid is zero (root).
395 ** 2. The user's login name is in an approved list (typically
396 ** from a network server).
397 ** 3. The address the user is trying to claim has a
398 ** "!" character in it (since #2 doesn't do it for
399 ** us if we are dialing out for UUCP).
400 ** A better check to replace #3 would be if the
401 ** effective uid is "UUCP" -- this would require me
402 ** to rewrite getpwent to "grab" uucp as it went by,
403 ** make getname more nasty, do another passwd file
404 ** scan, or compile the UID of "UUCP" into the code,
405 ** all of which are reprehensible.
406 **
407 ** Assuming all of these fail, we figure out something
408 ** ourselves.
409 **
410 ** Parameters:
411 ** from -- the person we would like to believe this message
412 ** is from, as specified on the command line.
413 ** e -- the envelope in which we would like the sender set.
414 **
415 ** Returns:
416 ** none.
417 **
418 ** Side Effects:
419 ** sets sendmail's notion of who the from person is.
420 */
421
422 setsender(from, e)
423 char *from;
424 register ENVELOPE *e;
425 {
426 register char **pvp;
427 char *realname = NULL;
428 register struct passwd *pw;
429 char buf[MAXNAME];
430 char pvpbuf[PSBUFSIZE];
431 extern struct passwd *getpwnam();
432 extern char *macvalue();
433 extern char **prescan();
434 extern bool safefile();
435 extern char *FullName;
436
437 if (tTd(45, 1))
438 printf("setsender(%s)\n", from == NULL ? "" : from);
439
440 /*
441 ** Figure out the real user executing us.
442 ** Username can return errno != 0 on non-errors.
443 */
444
445 if (QueueRun || OpMode == MD_SMTP)
446 realname = from;
447 if (realname == NULL || realname[0] == '\0')
448 {
449 extern char *username();
450
451 realname = username();
452 }
453
454 /*
455 ** Determine if this real person is allowed to alias themselves.
456 */
457
458 if (from != NULL)
459 {
460 extern bool trusteduser();
461
462 if (!trusteduser(realname) && getuid() != geteuid() &&
463 strchr(from, '!') == NULL && getuid() != 0)
464 {
465 /* network sends -r regardless (why why why?) */
466 /* syserr("%s, you cannot use the -f flag", realname); */
467 from = NULL;
468 }
469 }
470
471 /*
472 SuprErrs = TRUE;
473 */
474 if (from == NULL || parseaddr(from, &e->e_from, 1, '\0', e) == NULL)
475 {
476 /* log garbage addresses for traceback */
477 # ifdef LOG
478 if (from != NULL && LogLevel >= 1)
479 {
480 char *host = RealHostName;
481
482 if (host == NULL)
483 host = MyHostName;
484 syslog(LOG_NOTICE,
485 "from=%s unparseable, received from %s@%s",
486 from, realname, host);
487 }
488 # endif /* LOG */
489 if (from != NULL)
490 SuprErrs = TRUE;
491 if (from == realname ||
492 parseaddr(from = newstr(realname), &e->e_from, 1, '\0', e) == NULL)
493 {
494 SuprErrs = TRUE;
495 if (parseaddr("postmaster", &e->e_from, 1, '\0', e) == NULL)
496 syserr("setsender: can't even parse postmaster!");
497 }
498 }
499 else
500 FromFlag = TRUE;
501 e->e_from.q_flags |= QDONTSEND;
502 if (tTd(45, 5))
503 {
504 printf("setsender: QDONTSEND ");
505 printaddr(&e->e_from, FALSE);
506 }
507 loweraddr(&e->e_from);
508 SuprErrs = FALSE;
509
510 pvp = NULL;
511 if (e->e_from.q_mailer == LocalMailer)
512 {
513 # ifdef USERDB
514 register char *p;
515 extern char *udbsender();
516 # endif
517
518 /* if the user has given fullname already, don't redefine */
519 if (FullName == NULL)
520 FullName = macvalue('x', e);
521 if (FullName != NULL && FullName[0] == '\0')
522 FullName = NULL;
523
524 # ifdef USERDB
525 p = udbsender(from);
526
527 if (p != NULL)
528 {
529 /*
530 ** We have an alternate address for the sender
531 */
532
533 pvp = prescan(p, '\0', pvpbuf);
534 }
535 # endif /* USERDB */
536
537 if ((pw = getpwnam(e->e_from.q_user)) != NULL)
538 {
539 /*
540 ** Process passwd file entry.
541 */
542
543
544 /* extract home directory */
545 e->e_from.q_home = newstr(pw->pw_dir);
546 define('z', e->e_from.q_home, e);
547
548 /* extract user and group id */
549 e->e_from.q_uid = pw->pw_uid;
550 e->e_from.q_gid = pw->pw_gid;
551
552 /* extract full name from passwd file */
553 if (FullName == NULL && pw->pw_gecos != NULL &&
554 strcmp(pw->pw_name, e->e_from.q_user) == 0)
555 {
556 buildfname(pw->pw_gecos, e->e_from.q_user, buf);
557 if (buf[0] != '\0')
558 FullName = newstr(buf);
559 }
560 }
561 if (FullName != NULL)
562 define('x', FullName, e);
563 }
564 else
565 {
566 if (e->e_from.q_home == NULL)
567 e->e_from.q_home = getenv("HOME");
568 e->e_from.q_uid = getuid();
569 e->e_from.q_gid = getgid();
570 }
571
572 /*
573 ** Rewrite the from person to dispose of possible implicit
574 ** links in the net.
575 */
576
577 if (pvp == NULL)
578 pvp = prescan(from, '\0', pvpbuf);
579 if (pvp == NULL)
580 {
581 # ifdef LOG
582 if (LogLevel >= 1)
583 syslog(LOG_NOTICE, "cannot prescan from (%s)", from);
584 # endif
585 usrerr("cannot prescan from (%s)", from);
586 finis();
587 }
588 rewrite(pvp, 3);
589 rewrite(pvp, 1);
590 rewrite(pvp, 4);
591 cataddr(pvp, buf, sizeof buf);
592 e->e_sender = e->e_returnpath = newstr(buf);
593
594 define('f', e->e_sender, e);
595
596 /* save the domain spec if this mailer wants it */
597 if (e->e_from.q_mailer != NULL &&
598 bitnset(M_CANONICAL, e->e_from.q_mailer->m_flags))
599 {
600 extern char **copyplist();
601
602 while (*pvp != NULL && strcmp(*pvp, "@") != 0)
603 pvp++;
604 if (*pvp != NULL)
605 e->e_fromdomain = copyplist(pvp, TRUE);
606 }
607 }
608 �/*
609 ** TRUSTEDUSER -- tell us if this user is to be trusted.
610 **
611 ** Parameters:
612 ** user -- the user to be checked.
613 **
614 ** Returns:
615 ** TRUE if the user is in an approved list.
616 ** FALSE otherwise.
617 **
618 ** Side Effects:
619 ** none.
620 */
621
622 bool
623 trusteduser(user)
624 char *user;
625 {
626 register char **ulist;
627 extern char *TrustedUsers[];
628
629 for (ulist = TrustedUsers; *ulist != NULL; ulist++)
630 if (strcmp(*ulist, user) == 0)
631 return (TRUE);
632 return (FALSE);
633 }
634