1*22710Sdist /*
2*22710Sdist ** Sendmail
3*22710Sdist ** Copyright (c) 1983 Eric P. Allman
4*22710Sdist ** Berkeley, California
5*22710Sdist **
6*22710Sdist ** Copyright (c) 1983 Regents of the University of California.
7*22710Sdist ** All rights reserved. The Berkeley software License Agreement
8*22710Sdist ** specifies the terms and conditions for redistribution.
9*22710Sdist */
10*22710Sdist
11*22710Sdist #ifndef lint
12*22710Sdist static char SccsId[] = "@(#)recipient.c 5.1 (Berkeley) 06/07/85";
13*22710Sdist #endif not lint
14*22710Sdist
154174Seric # include <pwd.h>
164627Seric # include "sendmail.h"
174329Seric # include <sys/stat.h>
184174Seric
19*22710Sdist SCCSID(@(#)recipient.c 5.1 06/07/85);
204174Seric
214174Seric /*
229622Seric ** SENDTOLIST -- Designate a send list.
234174Seric **
244174Seric ** The parameter is a comma-separated list of people to send to.
254174Seric ** This routine arranges to send to all of them.
264174Seric **
274174Seric ** Parameters:
284174Seric ** list -- the send list.
294399Seric ** ctladdr -- the address template for the person to
304399Seric ** send to -- effective uid/gid are important.
315006Seric ** This is typically the alias that caused this
325006Seric ** expansion.
335006Seric ** sendq -- a pointer to the head of a queue to put
345006Seric ** these people into.
354174Seric **
364174Seric ** Returns:
374998Seric ** none
384174Seric **
394174Seric ** Side Effects:
404174Seric ** none.
414174Seric */
424174Seric
434174Seric # define MAXRCRSN 10
444174Seric
459622Seric sendtolist(list, ctladdr, sendq)
464174Seric char *list;
474399Seric ADDRESS *ctladdr;
485198Seric ADDRESS **sendq;
494174Seric {
504174Seric register char *p;
518223Seric register ADDRESS *al; /* list of addresses to send to */
524423Seric bool firstone; /* set on first address sent */
534444Seric bool selfref; /* set if this list includes ctladdr */
5411446Seric char delimiter; /* the address delimiter */
554174Seric
564324Seric # ifdef DEBUG
577676Seric if (tTd(25, 1))
584444Seric {
594444Seric printf("sendto: %s\n ctladdr=", list);
604444Seric printaddr(ctladdr, FALSE);
614444Seric }
624324Seric # endif DEBUG
634324Seric
648223Seric /* heuristic to determine old versus new style addresses */
658230Seric if (ctladdr == NULL &&
668230Seric (index(list, ',') != NULL || index(list, ';') != NULL ||
678230Seric index(list, '<') != NULL || index(list, '(') != NULL))
689340Seric CurEnv->e_flags &= ~EF_OLDSTYLE;
6911446Seric delimiter = ' ';
7011446Seric if (!bitset(EF_OLDSTYLE, CurEnv->e_flags) || ctladdr != NULL)
7111446Seric delimiter = ',';
728223Seric
734423Seric firstone = TRUE;
744444Seric selfref = FALSE;
754324Seric al = NULL;
768223Seric
778081Seric for (p = list; *p != '\0'; )
784174Seric {
798081Seric register ADDRESS *a;
808081Seric extern char *DelimChar; /* defined in prescan */
814319Seric
828081Seric /* parse the address */
838081Seric while (isspace(*p) || *p == ',')
844174Seric p++;
8511446Seric a = parseaddr(p, (ADDRESS *) NULL, 1, delimiter);
869297Seric p = DelimChar;
879297Seric if (a == NULL)
884174Seric continue;
894324Seric a->q_next = al;
904399Seric a->q_alias = ctladdr;
914444Seric
924444Seric /* see if this should be marked as a primary address */
934423Seric if (ctladdr == NULL ||
948081Seric (firstone && *p == '\0' && bitset(QPRIMARY, ctladdr->q_flags)))
954423Seric a->q_flags |= QPRIMARY;
964444Seric
974444Seric /* put on send queue or suppress self-reference */
989379Seric if (ctladdr != NULL && sameaddr(ctladdr, a))
994444Seric selfref = TRUE;
1004444Seric else
1014444Seric al = a;
1024423Seric firstone = FALSE;
1034324Seric }
1044324Seric
1054444Seric /* if this alias doesn't include itself, delete ctladdr */
1064444Seric if (!selfref && ctladdr != NULL)
1074444Seric ctladdr->q_flags |= QDONTSEND;
1084444Seric
1094324Seric /* arrange to send to everyone on the local send list */
1104324Seric while (al != NULL)
1114324Seric {
1124324Seric register ADDRESS *a = al;
11312613Seric extern ADDRESS *recipient();
1144324Seric
1154324Seric al = a->q_next;
11612613Seric a = recipient(a, sendq);
1174993Seric
1184998Seric /* arrange to inherit full name */
1194998Seric if (a->q_fullname == NULL && ctladdr != NULL)
1204998Seric a->q_fullname = ctladdr->q_fullname;
1214174Seric }
1224324Seric
1236906Seric CurEnv->e_to = NULL;
1244174Seric }
1254174Seric �/*
1264174Seric ** RECIPIENT -- Designate a message recipient
1274174Seric **
1284174Seric ** Saves the named person for future mailing.
1294174Seric **
1304174Seric ** Parameters:
1314174Seric ** a -- the (preparsed) address header for the recipient.
1325006Seric ** sendq -- a pointer to the head of a queue to put the
1335006Seric ** recipient in. Duplicate supression is done
1345006Seric ** in this queue.
1354174Seric **
1364174Seric ** Returns:
13712613Seric ** The actual address in the queue. This will be "a" if
13812613Seric ** the address is not a duplicate, else the original address.
1394174Seric **
1404174Seric ** Side Effects:
1414174Seric ** none.
1424174Seric */
1434174Seric
14412613Seric ADDRESS *
1455006Seric recipient(a, sendq)
1464174Seric register ADDRESS *a;
1475006Seric register ADDRESS **sendq;
1484174Seric {
1494174Seric register ADDRESS *q;
1504319Seric ADDRESS **pq;
1514174Seric register struct mailer *m;
1529210Seric register char *p;
1539210Seric bool quoted = FALSE; /* set if the addr has a quote bit */
1549210Seric char buf[MAXNAME]; /* unquoted image of the user name */
1554399Seric extern ADDRESS *getctladdr();
1564627Seric extern bool safefile();
1574174Seric
1586906Seric CurEnv->e_to = a->q_paddr;
1594600Seric m = a->q_mailer;
1604174Seric errno = 0;
1614174Seric # ifdef DEBUG
1627676Seric if (tTd(26, 1))
1634444Seric {
1644444Seric printf("\nrecipient: ");
1654444Seric printaddr(a, FALSE);
1664444Seric }
1674174Seric # endif DEBUG
1684174Seric
1694174Seric /* break aliasing loops */
1704174Seric if (AliasLevel > MAXRCRSN)
1714174Seric {
1724174Seric usrerr("aliasing/forwarding loop broken");
17312613Seric return (a);
1744174Seric }
1754174Seric
1764174Seric /*
1774627Seric ** Finish setting up address structure.
1784174Seric */
1794174Seric
18016160Seric /* set the queue timeout */
1814627Seric a->q_timeout = TimeOut;
1824627Seric
18316160Seric /* map user & host to lower case if requested on non-aliases */
18416160Seric if (a->q_alias == NULL)
18516160Seric loweraddr(a);
18616160Seric
18716160Seric /* get unquoted user for file, program or user.name check */
1889210Seric (void) strcpy(buf, a->q_user);
1899210Seric for (p = buf; *p != '\0' && !quoted; p++)
1909210Seric {
1919210Seric if (!isascii(*p) && (*p & 0377) != (SpaceSub & 0377))
1929210Seric quoted = TRUE;
1939210Seric }
1949210Seric stripquotes(buf, TRUE);
1959210Seric
1964627Seric /* do sickly crude mapping for program mailing, etc. */
1979210Seric if (m == LocalMailer && buf[0] == '|')
1984174Seric {
1999210Seric a->q_mailer = m = ProgMailer;
2009210Seric a->q_user++;
2019210Seric if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
2024174Seric {
2039210Seric usrerr("Cannot mail directly to programs");
2049210Seric a->q_flags |= QDONTSEND;
2054174Seric }
2064174Seric }
2074174Seric
2084174Seric /*
2094419Seric ** Look up this person in the recipient list.
2104419Seric ** If they are there already, return, otherwise continue.
2114419Seric ** If the list is empty, just add it. Notice the cute
2124419Seric ** hack to make from addresses suppress things correctly:
2134419Seric ** the QDONTSEND bit will be set in the send list.
2144419Seric ** [Please note: the emphasis is on "hack."]
2154174Seric */
2164174Seric
2175006Seric for (pq = sendq; (q = *pq) != NULL; pq = &q->q_next)
2184174Seric {
2199379Seric if (!ForceMail && sameaddr(q, a))
2204174Seric {
2214174Seric # ifdef DEBUG
2227676Seric if (tTd(26, 1))
2234444Seric {
2244444Seric printf("%s in sendq: ", a->q_paddr);
2254444Seric printaddr(q, FALSE);
2264444Seric }
2274174Seric # endif DEBUG
2287054Seric if (!bitset(QDONTSEND, a->q_flags))
2294324Seric message(Arpa_Info, "duplicate suppressed");
2304423Seric if (!bitset(QPRIMARY, q->q_flags))
2314423Seric q->q_flags |= a->q_flags;
23212613Seric return (q);
2334174Seric }
2344319Seric }
2354174Seric
2364319Seric /* add address on list */
2374319Seric *pq = a;
2384174Seric a->q_next = NULL;
2394174Seric
2404174Seric /*
2414174Seric ** Alias the name and handle :include: specs.
2424174Seric */
2434174Seric
2449210Seric if (m == LocalMailer && !bitset(QDONTSEND, a->q_flags))
2454174Seric {
2464174Seric if (strncmp(a->q_user, ":include:", 9) == 0)
2474174Seric {
2484174Seric a->q_flags |= QDONTSEND;
2497676Seric if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
2504399Seric usrerr("Cannot mail directly to :include:s");
2514399Seric else
2524399Seric {
2537054Seric message(Arpa_Info, "including file %s", &a->q_user[9]);
2545006Seric include(&a->q_user[9], " sending", a, sendq);
2554399Seric }
2564174Seric }
2574174Seric else
2585006Seric alias(a, sendq);
2594174Seric }
2604174Seric
2614174Seric /*
2624174Seric ** If the user is local and still being sent, verify that
2634174Seric ** the address is good. If it is, try to forward.
2644174Seric ** If the address is already good, we have a forwarding
2654174Seric ** loop. This can be broken by just sending directly to
2664174Seric ** the user (which is probably correct anyway).
2674174Seric */
2684174Seric
2699210Seric if (!bitset(QDONTSEND, a->q_flags) && m == LocalMailer)
2704174Seric {
2714329Seric struct stat stb;
2724329Seric extern bool writable();
2734174Seric
2744174Seric /* see if this is to a file */
2755600Seric if (buf[0] == '/')
2764174Seric {
2775600Seric p = rindex(buf, '/');
2784201Seric /* check if writable or creatable */
2797676Seric if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
2804399Seric {
2814399Seric usrerr("Cannot mail directly to files");
2824399Seric a->q_flags |= QDONTSEND;
2834399Seric }
2844399Seric else if ((stat(buf, &stb) >= 0) ? (!writable(&stb)) :
2854539Seric (*p = '\0', !safefile(buf, getruid(), S_IWRITE|S_IEXEC)))
2864174Seric {
2874174Seric a->q_flags |= QBADADDR;
28810109Seric giveresponse(EX_CANTCREAT, m, CurEnv);
2894174Seric }
2904174Seric }
2914174Seric else
2924174Seric {
2934174Seric register struct passwd *pw;
2944373Seric extern struct passwd *finduser();
2954373Seric
2964407Seric /* warning -- finduser may trash buf */
2974373Seric pw = finduser(buf);
2984174Seric if (pw == NULL)
2994174Seric {
3004174Seric a->q_flags |= QBADADDR;
30110109Seric giveresponse(EX_NOUSER, m, CurEnv);
3024174Seric }
3034174Seric else
3044174Seric {
3054993Seric char nbuf[MAXNAME];
3064993Seric
3074376Seric if (strcmp(a->q_user, pw->pw_name) != 0)
3084376Seric {
3094376Seric a->q_user = newstr(pw->pw_name);
3107008Seric (void) strcpy(buf, pw->pw_name);
3114376Seric }
3124174Seric a->q_home = newstr(pw->pw_dir);
3134213Seric a->q_uid = pw->pw_uid;
3144399Seric a->q_gid = pw->pw_gid;
3154404Seric a->q_flags |= QGOODUID;
3164998Seric buildfname(pw->pw_gecos, pw->pw_name, nbuf);
3174993Seric if (nbuf[0] != '\0')
3184993Seric a->q_fullname = newstr(nbuf);
3194399Seric if (!quoted)
3205006Seric forward(a, sendq);
3214174Seric }
3224174Seric }
3234174Seric }
32412613Seric return (a);
3254174Seric }
3264174Seric �/*
3274373Seric ** FINDUSER -- find the password entry for a user.
3284373Seric **
3294373Seric ** This looks a lot like getpwnam, except that it may want to
3304373Seric ** do some fancier pattern matching in /etc/passwd.
3314373Seric **
3329379Seric ** This routine contains most of the time of many sendmail runs.
3339379Seric ** It deserves to be optimized.
3349379Seric **
3354373Seric ** Parameters:
3364373Seric ** name -- the name to match against.
3374373Seric **
3384373Seric ** Returns:
3394373Seric ** A pointer to a pw struct.
3404373Seric ** NULL if name is unknown or ambiguous.
3414373Seric **
3424373Seric ** Side Effects:
3434407Seric ** may modify name.
3444373Seric */
3454373Seric
3464373Seric struct passwd *
3474373Seric finduser(name)
3484373Seric char *name;
3494373Seric {
3504376Seric register struct passwd *pw;
3514407Seric register char *p;
35215325Seric extern struct passwd *getpwent();
35315325Seric extern struct passwd *getpwnam();
3544373Seric
3554407Seric /*
3564407Seric ** Make name canonical.
3574407Seric */
3584407Seric
3594407Seric for (p = name; *p != '\0'; p++)
3604407Seric {
3619044Seric if (*p == (SpaceSub & 0177) || *p == '_')
3624407Seric *p = ' ';
3634407Seric }
3644407Seric
36512634Seric /* look up this login name */
36612634Seric if ((pw = getpwnam(name)) != NULL)
36712634Seric return (pw);
36812634Seric
36912634Seric /* search for a matching full name instead */
3704376Seric setpwent();
3714376Seric while ((pw = getpwent()) != NULL)
3724376Seric {
3734998Seric char buf[MAXNAME];
3744993Seric extern bool sameword();
3754376Seric
3764376Seric if (strcmp(pw->pw_name, name) == 0)
3774376Seric return (pw);
3784998Seric buildfname(pw->pw_gecos, pw->pw_name, buf);
3794407Seric if (index(buf, ' ') != NULL && sameword(buf, name))
3804381Seric {
3817054Seric message(Arpa_Info, "sending to login name %s", pw->pw_name);
3824376Seric return (pw);
3834377Seric }
3844376Seric }
3854376Seric return (NULL);
3864373Seric }
3874373Seric �/*
3884329Seric ** WRITABLE -- predicate returning if the file is writable.
3894329Seric **
3904329Seric ** This routine must duplicate the algorithm in sys/fio.c.
3914329Seric ** Unfortunately, we cannot use the access call since we
3924329Seric ** won't necessarily be the real uid when we try to
3934329Seric ** actually open the file.
3944329Seric **
3954329Seric ** Notice that ANY file with ANY execute bit is automatically
3964329Seric ** not writable. This is also enforced by mailfile.
3974329Seric **
3984329Seric ** Parameters:
3994329Seric ** s -- pointer to a stat struct for the file.
4004329Seric **
4014329Seric ** Returns:
4024329Seric ** TRUE -- if we will be able to write this file.
4034329Seric ** FALSE -- if we cannot write this file.
4044329Seric **
4054329Seric ** Side Effects:
4064329Seric ** none.
4074329Seric */
4084329Seric
4094329Seric bool
4104329Seric writable(s)
4114329Seric register struct stat *s;
4124329Seric {
4134329Seric int euid, egid;
4144329Seric int bits;
4154329Seric
4164329Seric if (bitset(0111, s->st_mode))
4174329Seric return (FALSE);
4184329Seric euid = getruid();
4194329Seric egid = getrgid();
4204329Seric if (geteuid() == 0)
4214329Seric {
4224329Seric if (bitset(S_ISUID, s->st_mode))
4234329Seric euid = s->st_uid;
4244329Seric if (bitset(S_ISGID, s->st_mode))
4254329Seric egid = s->st_gid;
4264329Seric }
4274329Seric
4284329Seric if (euid == 0)
4294329Seric return (TRUE);
4304329Seric bits = S_IWRITE;
4314329Seric if (euid != s->st_uid)
4324329Seric {
4334329Seric bits >>= 3;
4344329Seric if (egid != s->st_gid)
4354329Seric bits >>= 3;
4364329Seric }
4374329Seric return ((s->st_mode & bits) != 0);
4384329Seric }
4394329Seric �/*
4404174Seric ** INCLUDE -- handle :include: specification.
4414174Seric **
4424174Seric ** Parameters:
4434174Seric ** fname -- filename to include.
4444176Seric ** msg -- message to print in verbose mode.
4454399Seric ** ctladdr -- address template to use to fill in these
4464399Seric ** addresses -- effective user/group id are
4474399Seric ** the important things.
4485006Seric ** sendq -- a pointer to the head of the send queue
4495006Seric ** to put these addresses in.
4504174Seric **
4514174Seric ** Returns:
4524174Seric ** none.
4534174Seric **
4544174Seric ** Side Effects:
4554174Seric ** reads the :include: file and sends to everyone
4564174Seric ** listed in that file.
4574174Seric */
4584174Seric
4595006Seric include(fname, msg, ctladdr, sendq)
4604174Seric char *fname;
4614176Seric char *msg;
4624399Seric ADDRESS *ctladdr;
4635006Seric ADDRESS **sendq;
4644174Seric {
4654174Seric char buf[MAXLINE];
4664174Seric register FILE *fp;
4676906Seric char *oldto = CurEnv->e_to;
4689379Seric char *oldfilename = FileName;
4699379Seric int oldlinenumber = LineNumber;
4704174Seric
4714174Seric fp = fopen(fname, "r");
4724174Seric if (fp == NULL)
4734174Seric {
4744174Seric usrerr("Cannot open %s", fname);
4754174Seric return;
4764174Seric }
4774406Seric if (getctladdr(ctladdr) == NULL)
4784406Seric {
4794406Seric struct stat st;
4804174Seric
4814406Seric if (fstat(fileno(fp), &st) < 0)
4824406Seric syserr("Cannot fstat %s!", fname);
4834406Seric ctladdr->q_uid = st.st_uid;
4844406Seric ctladdr->q_gid = st.st_gid;
4854406Seric ctladdr->q_flags |= QGOODUID;
4864406Seric }
4874406Seric
4884174Seric /* read the file -- each line is a comma-separated list. */
4899379Seric FileName = fname;
4909379Seric LineNumber = 0;
4914174Seric while (fgets(buf, sizeof buf, fp) != NULL)
4924174Seric {
4934174Seric register char *p = index(buf, '\n');
4944174Seric
4954174Seric if (p != NULL)
4964174Seric *p = '\0';
4974174Seric if (buf[0] == '\0')
4984174Seric continue;
4996906Seric CurEnv->e_to = oldto;
5007054Seric message(Arpa_Info, "%s to %s", msg, buf);
5014176Seric AliasLevel++;
5029622Seric sendtolist(buf, ctladdr, sendq);
5034176Seric AliasLevel--;
5044174Seric }
5054174Seric
5064319Seric (void) fclose(fp);
5079379Seric FileName = oldfilename;
5089379Seric LineNumber = oldlinenumber;
5094174Seric }
5104324Seric �/*
5114324Seric ** SENDTOARGV -- send to an argument vector.
5124324Seric **
5134324Seric ** Parameters:
5144324Seric ** argv -- argument vector to send to.
5154324Seric **
5164324Seric ** Returns:
5174324Seric ** none.
5184324Seric **
5194324Seric ** Side Effects:
5204324Seric ** puts all addresses on the argument vector onto the
5214324Seric ** send queue.
5224324Seric */
5234324Seric
5244324Seric sendtoargv(argv)
5254324Seric register char **argv;
5264324Seric {
5274324Seric register char *p;
5284324Seric extern bool sameword();
5294324Seric
5304324Seric while ((p = *argv++) != NULL)
5314324Seric {
5324324Seric if (argv[0] != NULL && argv[1] != NULL && sameword(argv[0], "at"))
5334324Seric {
5344324Seric char nbuf[MAXNAME];
5354324Seric
5364324Seric if (strlen(p) + strlen(argv[1]) + 2 > sizeof nbuf)
5374324Seric usrerr("address overflow");
5384324Seric else
5394324Seric {
5404324Seric (void) strcpy(nbuf, p);
5414324Seric (void) strcat(nbuf, "@");
5424324Seric (void) strcat(nbuf, argv[1]);
5434324Seric p = newstr(nbuf);
5444324Seric argv += 2;
5454324Seric }
5464324Seric }
5479622Seric sendtolist(p, (ADDRESS *) NULL, &CurEnv->e_sendqueue);
5484324Seric }
5494324Seric }
5504399Seric �/*
5514399Seric ** GETCTLADDR -- get controlling address from an address header.
5524399Seric **
5534399Seric ** If none, get one corresponding to the effective userid.
5544399Seric **
5554399Seric ** Parameters:
5564399Seric ** a -- the address to find the controller of.
5574399Seric **
5584399Seric ** Returns:
5594399Seric ** the controlling address.
5604399Seric **
5614399Seric ** Side Effects:
5624399Seric ** none.
5634399Seric */
5644399Seric
5654399Seric ADDRESS *
5664399Seric getctladdr(a)
5674399Seric register ADDRESS *a;
5684399Seric {
5694404Seric while (a != NULL && !bitset(QGOODUID, a->q_flags))
5704399Seric a = a->q_alias;
5714399Seric return (a);
5724399Seric }
573