122710Sdist /*
222710Sdist ** Sendmail
322710Sdist ** Copyright (c) 1983 Eric P. Allman
422710Sdist ** Berkeley, California
522710Sdist **
622710Sdist ** Copyright (c) 1983 Regents of the University of California.
722710Sdist ** All rights reserved. The Berkeley software License Agreement
822710Sdist ** specifies the terms and conditions for redistribution.
922710Sdist */
1022710Sdist
1122710Sdist #ifndef lint
12*29915Seric static char SccsId[] = "@(#)recipient.c 5.9 (Berkeley) 10/23/86";
1322710Sdist #endif not lint
1422710Sdist
154174Seric # include <pwd.h>
164627Seric # include "sendmail.h"
174329Seric # include <sys/stat.h>
184174Seric
194174Seric /*
209622Seric ** SENDTOLIST -- Designate a send list.
214174Seric **
224174Seric ** The parameter is a comma-separated list of people to send to.
234174Seric ** This routine arranges to send to all of them.
244174Seric **
254174Seric ** Parameters:
264174Seric ** list -- the send list.
274399Seric ** ctladdr -- the address template for the person to
284399Seric ** send to -- effective uid/gid are important.
295006Seric ** This is typically the alias that caused this
305006Seric ** expansion.
315006Seric ** sendq -- a pointer to the head of a queue to put
325006Seric ** these people into.
334174Seric **
344174Seric ** Returns:
354998Seric ** none
364174Seric **
374174Seric ** Side Effects:
384174Seric ** none.
394174Seric */
404174Seric
414174Seric # define MAXRCRSN 10
424174Seric
439622Seric sendtolist(list, ctladdr, sendq)
444174Seric char *list;
454399Seric ADDRESS *ctladdr;
465198Seric ADDRESS **sendq;
474174Seric {
484174Seric register char *p;
498223Seric register ADDRESS *al; /* list of addresses to send to */
504423Seric bool firstone; /* set on first address sent */
514444Seric bool selfref; /* set if this list includes ctladdr */
5211446Seric char delimiter; /* the address delimiter */
534174Seric
544324Seric # ifdef DEBUG
557676Seric if (tTd(25, 1))
564444Seric {
574444Seric printf("sendto: %s\n ctladdr=", list);
584444Seric printaddr(ctladdr, FALSE);
594444Seric }
604324Seric # endif DEBUG
614324Seric
628223Seric /* heuristic to determine old versus new style addresses */
638230Seric if (ctladdr == NULL &&
648230Seric (index(list, ',') != NULL || index(list, ';') != NULL ||
658230Seric index(list, '<') != NULL || index(list, '(') != NULL))
669340Seric CurEnv->e_flags &= ~EF_OLDSTYLE;
6711446Seric delimiter = ' ';
6811446Seric if (!bitset(EF_OLDSTYLE, CurEnv->e_flags) || ctladdr != NULL)
6911446Seric delimiter = ',';
708223Seric
714423Seric firstone = TRUE;
724444Seric selfref = FALSE;
734324Seric al = NULL;
748223Seric
758081Seric for (p = list; *p != '\0'; )
764174Seric {
778081Seric register ADDRESS *a;
788081Seric extern char *DelimChar; /* defined in prescan */
794319Seric
808081Seric /* parse the address */
818081Seric while (isspace(*p) || *p == ',')
824174Seric p++;
8311446Seric a = parseaddr(p, (ADDRESS *) NULL, 1, delimiter);
849297Seric p = DelimChar;
859297Seric if (a == NULL)
864174Seric continue;
874324Seric a->q_next = al;
884399Seric a->q_alias = ctladdr;
894444Seric
904444Seric /* see if this should be marked as a primary address */
914423Seric if (ctladdr == NULL ||
928081Seric (firstone && *p == '\0' && bitset(QPRIMARY, ctladdr->q_flags)))
934423Seric a->q_flags |= QPRIMARY;
944444Seric
954444Seric /* put on send queue or suppress self-reference */
969379Seric if (ctladdr != NULL && sameaddr(ctladdr, a))
974444Seric selfref = TRUE;
984444Seric else
994444Seric al = a;
1004423Seric firstone = FALSE;
1014324Seric }
1024324Seric
1034444Seric /* if this alias doesn't include itself, delete ctladdr */
1044444Seric if (!selfref && ctladdr != NULL)
1054444Seric ctladdr->q_flags |= QDONTSEND;
1064444Seric
1074324Seric /* arrange to send to everyone on the local send list */
1084324Seric while (al != NULL)
1094324Seric {
1104324Seric register ADDRESS *a = al;
11112613Seric extern ADDRESS *recipient();
1124324Seric
1134324Seric al = a->q_next;
11412613Seric a = recipient(a, sendq);
1154993Seric
1164998Seric /* arrange to inherit full name */
1174998Seric if (a->q_fullname == NULL && ctladdr != NULL)
1184998Seric a->q_fullname = ctladdr->q_fullname;
1194174Seric }
1204324Seric
1216906Seric CurEnv->e_to = NULL;
1224174Seric }
1234174Seric �/*
1244174Seric ** RECIPIENT -- Designate a message recipient
1254174Seric **
1264174Seric ** Saves the named person for future mailing.
1274174Seric **
1284174Seric ** Parameters:
1294174Seric ** a -- the (preparsed) address header for the recipient.
1305006Seric ** sendq -- a pointer to the head of a queue to put the
1315006Seric ** recipient in. Duplicate supression is done
1325006Seric ** in this queue.
1334174Seric **
1344174Seric ** Returns:
13512613Seric ** The actual address in the queue. This will be "a" if
13612613Seric ** the address is not a duplicate, else the original address.
1374174Seric **
1384174Seric ** Side Effects:
1394174Seric ** none.
1404174Seric */
1414174Seric
14212613Seric ADDRESS *
1435006Seric recipient(a, sendq)
1444174Seric register ADDRESS *a;
1455006Seric register ADDRESS **sendq;
1464174Seric {
1474174Seric register ADDRESS *q;
1484319Seric ADDRESS **pq;
1494174Seric register struct mailer *m;
1509210Seric register char *p;
1519210Seric bool quoted = FALSE; /* set if the addr has a quote bit */
1529210Seric char buf[MAXNAME]; /* unquoted image of the user name */
1534399Seric extern ADDRESS *getctladdr();
1544627Seric extern bool safefile();
1554174Seric
1566906Seric CurEnv->e_to = a->q_paddr;
1574600Seric m = a->q_mailer;
1584174Seric errno = 0;
1594174Seric # ifdef DEBUG
1607676Seric if (tTd(26, 1))
1614444Seric {
1624444Seric printf("\nrecipient: ");
1634444Seric printaddr(a, FALSE);
1644444Seric }
1654174Seric # endif DEBUG
1664174Seric
1674174Seric /* break aliasing loops */
1684174Seric if (AliasLevel > MAXRCRSN)
1694174Seric {
1704174Seric usrerr("aliasing/forwarding loop broken");
17112613Seric return (a);
1724174Seric }
1734174Seric
1744174Seric /*
1754627Seric ** Finish setting up address structure.
1764174Seric */
1774174Seric
17816160Seric /* set the queue timeout */
1794627Seric a->q_timeout = TimeOut;
1804627Seric
18116160Seric /* map user & host to lower case if requested on non-aliases */
18216160Seric if (a->q_alias == NULL)
18316160Seric loweraddr(a);
18416160Seric
18516160Seric /* get unquoted user for file, program or user.name check */
1869210Seric (void) strcpy(buf, a->q_user);
1879210Seric for (p = buf; *p != '\0' && !quoted; p++)
1889210Seric {
1899210Seric if (!isascii(*p) && (*p & 0377) != (SpaceSub & 0377))
1909210Seric quoted = TRUE;
1919210Seric }
1929210Seric stripquotes(buf, TRUE);
1939210Seric
1944627Seric /* do sickly crude mapping for program mailing, etc. */
1959210Seric if (m == LocalMailer && buf[0] == '|')
1964174Seric {
1979210Seric a->q_mailer = m = ProgMailer;
1989210Seric a->q_user++;
1999210Seric if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
2004174Seric {
201*29915Seric a->q_flags |= QDONTSEND|QBADADDR;
2029210Seric usrerr("Cannot mail directly to programs");
2034174Seric }
2044174Seric }
2054174Seric
2064174Seric /*
2074419Seric ** Look up this person in the recipient list.
2084419Seric ** If they are there already, return, otherwise continue.
2094419Seric ** If the list is empty, just add it. Notice the cute
2104419Seric ** hack to make from addresses suppress things correctly:
2114419Seric ** the QDONTSEND bit will be set in the send list.
2124419Seric ** [Please note: the emphasis is on "hack."]
2134174Seric */
2144174Seric
2155006Seric for (pq = sendq; (q = *pq) != NULL; pq = &q->q_next)
2164174Seric {
2179379Seric if (!ForceMail && sameaddr(q, a))
2184174Seric {
2194174Seric # ifdef DEBUG
2207676Seric if (tTd(26, 1))
2214444Seric {
2224444Seric printf("%s in sendq: ", a->q_paddr);
2234444Seric printaddr(q, FALSE);
2244444Seric }
2254174Seric # endif DEBUG
2267054Seric if (!bitset(QDONTSEND, a->q_flags))
2274324Seric message(Arpa_Info, "duplicate suppressed");
2284423Seric if (!bitset(QPRIMARY, q->q_flags))
2294423Seric q->q_flags |= a->q_flags;
23012613Seric return (q);
2314174Seric }
2324319Seric }
2334174Seric
2344319Seric /* add address on list */
2354319Seric *pq = a;
2364174Seric a->q_next = NULL;
23724951Seric CurEnv->e_nrcpts++;
2384174Seric
2394174Seric /*
2404174Seric ** Alias the name and handle :include: specs.
2414174Seric */
2424174Seric
2439210Seric if (m == LocalMailer && !bitset(QDONTSEND, a->q_flags))
2444174Seric {
2454174Seric if (strncmp(a->q_user, ":include:", 9) == 0)
2464174Seric {
2474174Seric a->q_flags |= QDONTSEND;
2487676Seric if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
249*29915Seric {
250*29915Seric a->q_flags |= QBADADDR;
2514399Seric usrerr("Cannot mail directly to :include:s");
252*29915Seric }
2534399Seric else
2544399Seric {
2557054Seric message(Arpa_Info, "including file %s", &a->q_user[9]);
2565006Seric include(&a->q_user[9], " sending", a, sendq);
2574399Seric }
2584174Seric }
2594174Seric else
2605006Seric alias(a, sendq);
2614174Seric }
2624174Seric
2634174Seric /*
2644174Seric ** If the user is local and still being sent, verify that
2654174Seric ** the address is good. If it is, try to forward.
2664174Seric ** If the address is already good, we have a forwarding
2674174Seric ** loop. This can be broken by just sending directly to
2684174Seric ** the user (which is probably correct anyway).
2694174Seric */
2704174Seric
2719210Seric if (!bitset(QDONTSEND, a->q_flags) && m == LocalMailer)
2724174Seric {
2734329Seric struct stat stb;
2744329Seric extern bool writable();
2754174Seric
2764174Seric /* see if this is to a file */
2775600Seric if (buf[0] == '/')
2784174Seric {
2795600Seric p = rindex(buf, '/');
2804201Seric /* check if writable or creatable */
2817676Seric if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
2824399Seric {
283*29915Seric a->q_flags |= QDONTSEND|QBADADDR;
2844399Seric usrerr("Cannot mail directly to files");
2854399Seric }
2864399Seric else if ((stat(buf, &stb) >= 0) ? (!writable(&stb)) :
2874539Seric (*p = '\0', !safefile(buf, getruid(), S_IWRITE|S_IEXEC)))
2884174Seric {
2894174Seric a->q_flags |= QBADADDR;
29010109Seric giveresponse(EX_CANTCREAT, m, CurEnv);
2914174Seric }
2924174Seric }
2934174Seric else
2944174Seric {
2954174Seric register struct passwd *pw;
2964373Seric extern struct passwd *finduser();
2974373Seric
2984407Seric /* warning -- finduser may trash buf */
2994373Seric pw = finduser(buf);
3004174Seric if (pw == NULL)
3014174Seric {
3024174Seric a->q_flags |= QBADADDR;
30310109Seric giveresponse(EX_NOUSER, m, CurEnv);
3044174Seric }
3054174Seric else
3064174Seric {
3074993Seric char nbuf[MAXNAME];
3084993Seric
3094376Seric if (strcmp(a->q_user, pw->pw_name) != 0)
3104376Seric {
3114376Seric a->q_user = newstr(pw->pw_name);
3127008Seric (void) strcpy(buf, pw->pw_name);
3134376Seric }
3144174Seric a->q_home = newstr(pw->pw_dir);
3154213Seric a->q_uid = pw->pw_uid;
3164399Seric a->q_gid = pw->pw_gid;
3174404Seric a->q_flags |= QGOODUID;
3184998Seric buildfname(pw->pw_gecos, pw->pw_name, nbuf);
3194993Seric if (nbuf[0] != '\0')
3204993Seric a->q_fullname = newstr(nbuf);
3214399Seric if (!quoted)
3225006Seric forward(a, sendq);
3234174Seric }
3244174Seric }
3254174Seric }
32612613Seric return (a);
3274174Seric }
3284174Seric �/*
3294373Seric ** FINDUSER -- find the password entry for a user.
3304373Seric **
3314373Seric ** This looks a lot like getpwnam, except that it may want to
3324373Seric ** do some fancier pattern matching in /etc/passwd.
3334373Seric **
3349379Seric ** This routine contains most of the time of many sendmail runs.
3359379Seric ** It deserves to be optimized.
3369379Seric **
3374373Seric ** Parameters:
3384373Seric ** name -- the name to match against.
3394373Seric **
3404373Seric ** Returns:
3414373Seric ** A pointer to a pw struct.
3424373Seric ** NULL if name is unknown or ambiguous.
3434373Seric **
3444373Seric ** Side Effects:
3454407Seric ** may modify name.
3464373Seric */
3474373Seric
3484373Seric struct passwd *
3494373Seric finduser(name)
3504373Seric char *name;
3514373Seric {
3524376Seric register struct passwd *pw;
3534407Seric register char *p;
35415325Seric extern struct passwd *getpwent();
35515325Seric extern struct passwd *getpwnam();
3564373Seric
35725777Seric /* map upper => lower case */
3584407Seric for (p = name; *p != '\0'; p++)
3594407Seric {
36025777Seric if (isascii(*p) && isupper(*p))
36125568Seric *p = tolower(*p);
3624407Seric }
3634407Seric
36425777Seric /* look up this login name using fast path */
36512634Seric if ((pw = getpwnam(name)) != NULL)
36612634Seric return (pw);
36712634Seric
36812634Seric /* search for a matching full name instead */
36925777Seric for (p = name; *p != '\0'; p++)
37025777Seric {
37125777Seric if (*p == (SpaceSub & 0177) || *p == '_')
37225777Seric *p = ' ';
37325777Seric }
37423107Seric (void) setpwent();
3754376Seric while ((pw = getpwent()) != NULL)
3764376Seric {
3774998Seric char buf[MAXNAME];
3784993Seric extern bool sameword();
3794376Seric
3804998Seric buildfname(pw->pw_gecos, pw->pw_name, buf);
3814407Seric if (index(buf, ' ') != NULL && sameword(buf, name))
3824381Seric {
3837054Seric message(Arpa_Info, "sending to login name %s", pw->pw_name);
3844376Seric return (pw);
3854377Seric }
3864376Seric }
3874376Seric return (NULL);
3884373Seric }
3894373Seric �/*
3904329Seric ** WRITABLE -- predicate returning if the file is writable.
3914329Seric **
3924329Seric ** This routine must duplicate the algorithm in sys/fio.c.
3934329Seric ** Unfortunately, we cannot use the access call since we
3944329Seric ** won't necessarily be the real uid when we try to
3954329Seric ** actually open the file.
3964329Seric **
3974329Seric ** Notice that ANY file with ANY execute bit is automatically
3984329Seric ** not writable. This is also enforced by mailfile.
3994329Seric **
4004329Seric ** Parameters:
4014329Seric ** s -- pointer to a stat struct for the file.
4024329Seric **
4034329Seric ** Returns:
4044329Seric ** TRUE -- if we will be able to write this file.
4054329Seric ** FALSE -- if we cannot write this file.
4064329Seric **
4074329Seric ** Side Effects:
4084329Seric ** none.
4094329Seric */
4104329Seric
4114329Seric bool
4124329Seric writable(s)
4134329Seric register struct stat *s;
4144329Seric {
4154329Seric int euid, egid;
4164329Seric int bits;
4174329Seric
4184329Seric if (bitset(0111, s->st_mode))
4194329Seric return (FALSE);
4204329Seric euid = getruid();
4214329Seric egid = getrgid();
4224329Seric if (geteuid() == 0)
4234329Seric {
4244329Seric if (bitset(S_ISUID, s->st_mode))
4254329Seric euid = s->st_uid;
4264329Seric if (bitset(S_ISGID, s->st_mode))
4274329Seric egid = s->st_gid;
4284329Seric }
4294329Seric
4304329Seric if (euid == 0)
4314329Seric return (TRUE);
4324329Seric bits = S_IWRITE;
4334329Seric if (euid != s->st_uid)
4344329Seric {
4354329Seric bits >>= 3;
4364329Seric if (egid != s->st_gid)
4374329Seric bits >>= 3;
4384329Seric }
4394329Seric return ((s->st_mode & bits) != 0);
4404329Seric }
4414329Seric �/*
4424174Seric ** INCLUDE -- handle :include: specification.
4434174Seric **
4444174Seric ** Parameters:
4454174Seric ** fname -- filename to include.
4464176Seric ** msg -- message to print in verbose mode.
4474399Seric ** ctladdr -- address template to use to fill in these
4484399Seric ** addresses -- effective user/group id are
4494399Seric ** the important things.
4505006Seric ** sendq -- a pointer to the head of the send queue
4515006Seric ** to put these addresses in.
4524174Seric **
4534174Seric ** Returns:
4544174Seric ** none.
4554174Seric **
4564174Seric ** Side Effects:
4574174Seric ** reads the :include: file and sends to everyone
4584174Seric ** listed in that file.
4594174Seric */
4604174Seric
4615006Seric include(fname, msg, ctladdr, sendq)
4624174Seric char *fname;
4634176Seric char *msg;
4644399Seric ADDRESS *ctladdr;
4655006Seric ADDRESS **sendq;
4664174Seric {
4674174Seric char buf[MAXLINE];
4684174Seric register FILE *fp;
4696906Seric char *oldto = CurEnv->e_to;
4709379Seric char *oldfilename = FileName;
4719379Seric int oldlinenumber = LineNumber;
4724174Seric
4734174Seric fp = fopen(fname, "r");
4744174Seric if (fp == NULL)
4754174Seric {
4764174Seric usrerr("Cannot open %s", fname);
4774174Seric return;
4784174Seric }
4794406Seric if (getctladdr(ctladdr) == NULL)
4804406Seric {
4814406Seric struct stat st;
4824174Seric
4834406Seric if (fstat(fileno(fp), &st) < 0)
4844406Seric syserr("Cannot fstat %s!", fname);
4854406Seric ctladdr->q_uid = st.st_uid;
4864406Seric ctladdr->q_gid = st.st_gid;
4874406Seric ctladdr->q_flags |= QGOODUID;
4884406Seric }
4894406Seric
4904174Seric /* read the file -- each line is a comma-separated list. */
4919379Seric FileName = fname;
4929379Seric LineNumber = 0;
4934174Seric while (fgets(buf, sizeof buf, fp) != NULL)
4944174Seric {
4954174Seric register char *p = index(buf, '\n');
4964174Seric
4974174Seric if (p != NULL)
4984174Seric *p = '\0';
4994174Seric if (buf[0] == '\0')
5004174Seric continue;
5016906Seric CurEnv->e_to = oldto;
5027054Seric message(Arpa_Info, "%s to %s", msg, buf);
5034176Seric AliasLevel++;
5049622Seric sendtolist(buf, ctladdr, sendq);
5054176Seric AliasLevel--;
5064174Seric }
5074174Seric
5084319Seric (void) fclose(fp);
5099379Seric FileName = oldfilename;
5109379Seric LineNumber = oldlinenumber;
5114174Seric }
5124324Seric �/*
5134324Seric ** SENDTOARGV -- send to an argument vector.
5144324Seric **
5154324Seric ** Parameters:
5164324Seric ** argv -- argument vector to send to.
5174324Seric **
5184324Seric ** Returns:
5194324Seric ** none.
5204324Seric **
5214324Seric ** Side Effects:
5224324Seric ** puts all addresses on the argument vector onto the
5234324Seric ** send queue.
5244324Seric */
5254324Seric
5264324Seric sendtoargv(argv)
5274324Seric register char **argv;
5284324Seric {
5294324Seric register char *p;
5304324Seric extern bool sameword();
5314324Seric
5324324Seric while ((p = *argv++) != NULL)
5334324Seric {
5344324Seric if (argv[0] != NULL && argv[1] != NULL && sameword(argv[0], "at"))
5354324Seric {
5364324Seric char nbuf[MAXNAME];
5374324Seric
5384324Seric if (strlen(p) + strlen(argv[1]) + 2 > sizeof nbuf)
5394324Seric usrerr("address overflow");
5404324Seric else
5414324Seric {
5424324Seric (void) strcpy(nbuf, p);
5434324Seric (void) strcat(nbuf, "@");
5444324Seric (void) strcat(nbuf, argv[1]);
5454324Seric p = newstr(nbuf);
5464324Seric argv += 2;
5474324Seric }
5484324Seric }
5499622Seric sendtolist(p, (ADDRESS *) NULL, &CurEnv->e_sendqueue);
5504324Seric }
5514324Seric }
5524399Seric �/*
5534399Seric ** GETCTLADDR -- get controlling address from an address header.
5544399Seric **
5554399Seric ** If none, get one corresponding to the effective userid.
5564399Seric **
5574399Seric ** Parameters:
5584399Seric ** a -- the address to find the controller of.
5594399Seric **
5604399Seric ** Returns:
5614399Seric ** the controlling address.
5624399Seric **
5634399Seric ** Side Effects:
5644399Seric ** none.
5654399Seric */
5664399Seric
5674399Seric ADDRESS *
5684399Seric getctladdr(a)
5694399Seric register ADDRESS *a;
5704399Seric {
5714404Seric while (a != NULL && !bitset(QGOODUID, a->q_flags))
5724399Seric a = a->q_alias;
5734399Seric return (a);
5744399Seric }
575