122710Sdist /*
234921Sbostic * Copyright (c) 1983 Eric P. Allman
333731Sbostic * Copyright (c) 1988 Regents of the University of California.
433731Sbostic * All rights reserved.
533731Sbostic *
633731Sbostic * Redistribution and use in source and binary forms are permitted
734921Sbostic * provided that the above copyright notice and this paragraph are
834921Sbostic * duplicated in all such forms and that any documentation,
934921Sbostic * advertising materials, and other materials related to such
1034921Sbostic * distribution and use acknowledge that the software was developed
1134921Sbostic * by the University of California, Berkeley. The name of the
1234921Sbostic * University may not be used to endorse or promote products derived
1334921Sbostic * from this software without specific prior written permission.
1434921Sbostic * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
1534921Sbostic * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
1634921Sbostic * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
1733731Sbostic */
1822710Sdist
1922710Sdist #ifndef lint
20*36928Sbostic static char sccsid[] = "@(#)recipient.c 5.15 (Berkeley) 02/27/89";
2133731Sbostic #endif /* not lint */
2222710Sdist
23*36928Sbostic # include <sys/types.h>
24*36928Sbostic # include <sys/stat.h>
254174Seric # include <pwd.h>
264627Seric # include "sendmail.h"
274174Seric
284174Seric /*
299622Seric ** SENDTOLIST -- Designate a send list.
304174Seric **
314174Seric ** The parameter is a comma-separated list of people to send to.
324174Seric ** This routine arranges to send to all of them.
334174Seric **
344174Seric ** Parameters:
354174Seric ** list -- the send list.
364399Seric ** ctladdr -- the address template for the person to
374399Seric ** send to -- effective uid/gid are important.
385006Seric ** This is typically the alias that caused this
395006Seric ** expansion.
405006Seric ** sendq -- a pointer to the head of a queue to put
415006Seric ** these people into.
424174Seric **
434174Seric ** Returns:
444998Seric ** none
454174Seric **
464174Seric ** Side Effects:
474174Seric ** none.
484174Seric */
494174Seric
504174Seric # define MAXRCRSN 10
514174Seric
529622Seric sendtolist(list, ctladdr, sendq)
534174Seric char *list;
544399Seric ADDRESS *ctladdr;
555198Seric ADDRESS **sendq;
564174Seric {
574174Seric register char *p;
588223Seric register ADDRESS *al; /* list of addresses to send to */
594423Seric bool firstone; /* set on first address sent */
604444Seric bool selfref; /* set if this list includes ctladdr */
6111446Seric char delimiter; /* the address delimiter */
624174Seric
637676Seric if (tTd(25, 1))
644444Seric {
654444Seric printf("sendto: %s\n ctladdr=", list);
664444Seric printaddr(ctladdr, FALSE);
674444Seric }
684324Seric
698223Seric /* heuristic to determine old versus new style addresses */
708230Seric if (ctladdr == NULL &&
718230Seric (index(list, ',') != NULL || index(list, ';') != NULL ||
728230Seric index(list, '<') != NULL || index(list, '(') != NULL))
739340Seric CurEnv->e_flags &= ~EF_OLDSTYLE;
7411446Seric delimiter = ' ';
7511446Seric if (!bitset(EF_OLDSTYLE, CurEnv->e_flags) || ctladdr != NULL)
7611446Seric delimiter = ',';
778223Seric
784423Seric firstone = TRUE;
794444Seric selfref = FALSE;
804324Seric al = NULL;
818223Seric
828081Seric for (p = list; *p != '\0'; )
834174Seric {
848081Seric register ADDRESS *a;
858081Seric extern char *DelimChar; /* defined in prescan */
864319Seric
878081Seric /* parse the address */
888081Seric while (isspace(*p) || *p == ',')
894174Seric p++;
9011446Seric a = parseaddr(p, (ADDRESS *) NULL, 1, delimiter);
919297Seric p = DelimChar;
929297Seric if (a == NULL)
934174Seric continue;
944324Seric a->q_next = al;
954399Seric a->q_alias = ctladdr;
964444Seric
974444Seric /* see if this should be marked as a primary address */
984423Seric if (ctladdr == NULL ||
998081Seric (firstone && *p == '\0' && bitset(QPRIMARY, ctladdr->q_flags)))
1004423Seric a->q_flags |= QPRIMARY;
1014444Seric
1024444Seric /* put on send queue or suppress self-reference */
1039379Seric if (ctladdr != NULL && sameaddr(ctladdr, a))
1044444Seric selfref = TRUE;
1054444Seric else
1064444Seric al = a;
1074423Seric firstone = FALSE;
1084324Seric }
1094324Seric
1104444Seric /* if this alias doesn't include itself, delete ctladdr */
1114444Seric if (!selfref && ctladdr != NULL)
1124444Seric ctladdr->q_flags |= QDONTSEND;
1134444Seric
1144324Seric /* arrange to send to everyone on the local send list */
1154324Seric while (al != NULL)
1164324Seric {
1174324Seric register ADDRESS *a = al;
11812613Seric extern ADDRESS *recipient();
1194324Seric
1204324Seric al = a->q_next;
12112613Seric a = recipient(a, sendq);
1224993Seric
1234998Seric /* arrange to inherit full name */
1244998Seric if (a->q_fullname == NULL && ctladdr != NULL)
1254998Seric a->q_fullname = ctladdr->q_fullname;
1264174Seric }
1274324Seric
1286906Seric CurEnv->e_to = NULL;
1294174Seric }
1304174Seric �/*
1314174Seric ** RECIPIENT -- Designate a message recipient
1324174Seric **
1334174Seric ** Saves the named person for future mailing.
1344174Seric **
1354174Seric ** Parameters:
1364174Seric ** a -- the (preparsed) address header for the recipient.
1375006Seric ** sendq -- a pointer to the head of a queue to put the
1385006Seric ** recipient in. Duplicate supression is done
1395006Seric ** in this queue.
1404174Seric **
1414174Seric ** Returns:
14212613Seric ** The actual address in the queue. This will be "a" if
14312613Seric ** the address is not a duplicate, else the original address.
1444174Seric **
1454174Seric ** Side Effects:
1464174Seric ** none.
1474174Seric */
1484174Seric
14912613Seric ADDRESS *
1505006Seric recipient(a, sendq)
1514174Seric register ADDRESS *a;
1525006Seric register ADDRESS **sendq;
1534174Seric {
1544174Seric register ADDRESS *q;
1554319Seric ADDRESS **pq;
1564174Seric register struct mailer *m;
1579210Seric register char *p;
1589210Seric bool quoted = FALSE; /* set if the addr has a quote bit */
1599210Seric char buf[MAXNAME]; /* unquoted image of the user name */
1604399Seric extern ADDRESS *getctladdr();
1614627Seric extern bool safefile();
1624174Seric
1636906Seric CurEnv->e_to = a->q_paddr;
1644600Seric m = a->q_mailer;
1654174Seric errno = 0;
1667676Seric if (tTd(26, 1))
1674444Seric {
1684444Seric printf("\nrecipient: ");
1694444Seric printaddr(a, FALSE);
1704444Seric }
1714174Seric
1724174Seric /* break aliasing loops */
1734174Seric if (AliasLevel > MAXRCRSN)
1744174Seric {
1754174Seric usrerr("aliasing/forwarding loop broken");
17612613Seric return (a);
1774174Seric }
1784174Seric
1794174Seric /*
1804627Seric ** Finish setting up address structure.
1814174Seric */
1824174Seric
18316160Seric /* set the queue timeout */
1844627Seric a->q_timeout = TimeOut;
1854627Seric
18616160Seric /* map user & host to lower case if requested on non-aliases */
18716160Seric if (a->q_alias == NULL)
18816160Seric loweraddr(a);
18916160Seric
19016160Seric /* get unquoted user for file, program or user.name check */
1919210Seric (void) strcpy(buf, a->q_user);
1929210Seric for (p = buf; *p != '\0' && !quoted; p++)
1939210Seric {
1949210Seric if (!isascii(*p) && (*p & 0377) != (SpaceSub & 0377))
1959210Seric quoted = TRUE;
1969210Seric }
1979210Seric stripquotes(buf, TRUE);
1989210Seric
1994627Seric /* do sickly crude mapping for program mailing, etc. */
2009210Seric if (m == LocalMailer && buf[0] == '|')
2014174Seric {
2029210Seric a->q_mailer = m = ProgMailer;
2039210Seric a->q_user++;
20436231Sbostic if (a->q_alias == NULL && !QueueRun && !ForceMail)
2054174Seric {
20629915Seric a->q_flags |= QDONTSEND|QBADADDR;
2079210Seric usrerr("Cannot mail directly to programs");
2084174Seric }
2094174Seric }
2104174Seric
2114174Seric /*
2124419Seric ** Look up this person in the recipient list.
2134419Seric ** If they are there already, return, otherwise continue.
2144419Seric ** If the list is empty, just add it. Notice the cute
2154419Seric ** hack to make from addresses suppress things correctly:
2164419Seric ** the QDONTSEND bit will be set in the send list.
2174419Seric ** [Please note: the emphasis is on "hack."]
2184174Seric */
2194174Seric
2205006Seric for (pq = sendq; (q = *pq) != NULL; pq = &q->q_next)
2214174Seric {
2229379Seric if (!ForceMail && sameaddr(q, a))
2234174Seric {
2247676Seric if (tTd(26, 1))
2254444Seric {
2264444Seric printf("%s in sendq: ", a->q_paddr);
2274444Seric printaddr(q, FALSE);
2284444Seric }
2297054Seric if (!bitset(QDONTSEND, a->q_flags))
2304324Seric message(Arpa_Info, "duplicate suppressed");
2314423Seric if (!bitset(QPRIMARY, q->q_flags))
2324423Seric q->q_flags |= a->q_flags;
23312613Seric return (q);
2344174Seric }
2354319Seric }
2364174Seric
2374319Seric /* add address on list */
2384319Seric *pq = a;
2394174Seric a->q_next = NULL;
24024951Seric CurEnv->e_nrcpts++;
2414174Seric
2424174Seric /*
2434174Seric ** Alias the name and handle :include: specs.
2444174Seric */
2454174Seric
2469210Seric if (m == LocalMailer && !bitset(QDONTSEND, a->q_flags))
2474174Seric {
2484174Seric if (strncmp(a->q_user, ":include:", 9) == 0)
2494174Seric {
2504174Seric a->q_flags |= QDONTSEND;
25136231Sbostic if (a->q_alias == NULL && !QueueRun && !ForceMail)
25229915Seric {
25329915Seric a->q_flags |= QBADADDR;
2544399Seric usrerr("Cannot mail directly to :include:s");
25529915Seric }
2564399Seric else
2574399Seric {
2587054Seric message(Arpa_Info, "including file %s", &a->q_user[9]);
2595006Seric include(&a->q_user[9], " sending", a, sendq);
2604399Seric }
2614174Seric }
2624174Seric else
2635006Seric alias(a, sendq);
2644174Seric }
2654174Seric
2664174Seric /*
2674174Seric ** If the user is local and still being sent, verify that
2684174Seric ** the address is good. If it is, try to forward.
2694174Seric ** If the address is already good, we have a forwarding
2704174Seric ** loop. This can be broken by just sending directly to
2714174Seric ** the user (which is probably correct anyway).
2724174Seric */
2734174Seric
2749210Seric if (!bitset(QDONTSEND, a->q_flags) && m == LocalMailer)
2754174Seric {
2764329Seric struct stat stb;
2774329Seric extern bool writable();
2784174Seric
2794174Seric /* see if this is to a file */
2805600Seric if (buf[0] == '/')
2814174Seric {
2825600Seric p = rindex(buf, '/');
2834201Seric /* check if writable or creatable */
28436231Sbostic if (a->q_alias == NULL && !QueueRun && !ForceMail)
2854399Seric {
28629915Seric a->q_flags |= QDONTSEND|QBADADDR;
2874399Seric usrerr("Cannot mail directly to files");
2884399Seric }
2894399Seric else if ((stat(buf, &stb) >= 0) ? (!writable(&stb)) :
2904539Seric (*p = '\0', !safefile(buf, getruid(), S_IWRITE|S_IEXEC)))
2914174Seric {
2924174Seric a->q_flags |= QBADADDR;
29310109Seric giveresponse(EX_CANTCREAT, m, CurEnv);
2944174Seric }
2954174Seric }
2964174Seric else
2974174Seric {
2984174Seric register struct passwd *pw;
2994373Seric extern struct passwd *finduser();
3004373Seric
3014407Seric /* warning -- finduser may trash buf */
3024373Seric pw = finduser(buf);
3034174Seric if (pw == NULL)
3044174Seric {
3054174Seric a->q_flags |= QBADADDR;
30610109Seric giveresponse(EX_NOUSER, m, CurEnv);
3074174Seric }
3084174Seric else
3094174Seric {
3104993Seric char nbuf[MAXNAME];
3114993Seric
3124376Seric if (strcmp(a->q_user, pw->pw_name) != 0)
3134376Seric {
3144376Seric a->q_user = newstr(pw->pw_name);
3157008Seric (void) strcpy(buf, pw->pw_name);
3164376Seric }
3174174Seric a->q_home = newstr(pw->pw_dir);
3184213Seric a->q_uid = pw->pw_uid;
3194399Seric a->q_gid = pw->pw_gid;
3204404Seric a->q_flags |= QGOODUID;
3214998Seric buildfname(pw->pw_gecos, pw->pw_name, nbuf);
3224993Seric if (nbuf[0] != '\0')
3234993Seric a->q_fullname = newstr(nbuf);
3244399Seric if (!quoted)
3255006Seric forward(a, sendq);
3264174Seric }
3274174Seric }
3284174Seric }
32912613Seric return (a);
3304174Seric }
3314174Seric �/*
3324373Seric ** FINDUSER -- find the password entry for a user.
3334373Seric **
3344373Seric ** This looks a lot like getpwnam, except that it may want to
3354373Seric ** do some fancier pattern matching in /etc/passwd.
3364373Seric **
3379379Seric ** This routine contains most of the time of many sendmail runs.
3389379Seric ** It deserves to be optimized.
3399379Seric **
3404373Seric ** Parameters:
3414373Seric ** name -- the name to match against.
3424373Seric **
3434373Seric ** Returns:
3444373Seric ** A pointer to a pw struct.
3454373Seric ** NULL if name is unknown or ambiguous.
3464373Seric **
3474373Seric ** Side Effects:
3484407Seric ** may modify name.
3494373Seric */
3504373Seric
3514373Seric struct passwd *
3524373Seric finduser(name)
3534373Seric char *name;
3544373Seric {
3554376Seric register struct passwd *pw;
3564407Seric register char *p;
35715325Seric extern struct passwd *getpwent();
35815325Seric extern struct passwd *getpwnam();
3594373Seric
36025777Seric /* map upper => lower case */
3614407Seric for (p = name; *p != '\0'; p++)
3624407Seric {
36325777Seric if (isascii(*p) && isupper(*p))
36425568Seric *p = tolower(*p);
3654407Seric }
3664407Seric
36725777Seric /* look up this login name using fast path */
36812634Seric if ((pw = getpwnam(name)) != NULL)
36912634Seric return (pw);
37012634Seric
37112634Seric /* search for a matching full name instead */
37225777Seric for (p = name; *p != '\0'; p++)
37325777Seric {
37425777Seric if (*p == (SpaceSub & 0177) || *p == '_')
37525777Seric *p = ' ';
37625777Seric }
37723107Seric (void) setpwent();
3784376Seric while ((pw = getpwent()) != NULL)
3794376Seric {
3804998Seric char buf[MAXNAME];
3814376Seric
3824998Seric buildfname(pw->pw_gecos, pw->pw_name, buf);
38333725Sbostic if (index(buf, ' ') != NULL && !strcasecmp(buf, name))
3844381Seric {
3857054Seric message(Arpa_Info, "sending to login name %s", pw->pw_name);
3864376Seric return (pw);
3874377Seric }
3884376Seric }
3894376Seric return (NULL);
3904373Seric }
3914373Seric �/*
3924329Seric ** WRITABLE -- predicate returning if the file is writable.
3934329Seric **
3944329Seric ** This routine must duplicate the algorithm in sys/fio.c.
3954329Seric ** Unfortunately, we cannot use the access call since we
3964329Seric ** won't necessarily be the real uid when we try to
3974329Seric ** actually open the file.
3984329Seric **
3994329Seric ** Notice that ANY file with ANY execute bit is automatically
4004329Seric ** not writable. This is also enforced by mailfile.
4014329Seric **
4024329Seric ** Parameters:
4034329Seric ** s -- pointer to a stat struct for the file.
4044329Seric **
4054329Seric ** Returns:
4064329Seric ** TRUE -- if we will be able to write this file.
4074329Seric ** FALSE -- if we cannot write this file.
4084329Seric **
4094329Seric ** Side Effects:
4104329Seric ** none.
4114329Seric */
4124329Seric
4134329Seric bool
4144329Seric writable(s)
4154329Seric register struct stat *s;
4164329Seric {
4174329Seric int euid, egid;
4184329Seric int bits;
4194329Seric
4204329Seric if (bitset(0111, s->st_mode))
4214329Seric return (FALSE);
4224329Seric euid = getruid();
4234329Seric egid = getrgid();
4244329Seric if (geteuid() == 0)
4254329Seric {
4264329Seric if (bitset(S_ISUID, s->st_mode))
4274329Seric euid = s->st_uid;
4284329Seric if (bitset(S_ISGID, s->st_mode))
4294329Seric egid = s->st_gid;
4304329Seric }
4314329Seric
4324329Seric if (euid == 0)
4334329Seric return (TRUE);
4344329Seric bits = S_IWRITE;
4354329Seric if (euid != s->st_uid)
4364329Seric {
4374329Seric bits >>= 3;
4384329Seric if (egid != s->st_gid)
4394329Seric bits >>= 3;
4404329Seric }
4414329Seric return ((s->st_mode & bits) != 0);
4424329Seric }
4434329Seric �/*
4444174Seric ** INCLUDE -- handle :include: specification.
4454174Seric **
4464174Seric ** Parameters:
4474174Seric ** fname -- filename to include.
4484176Seric ** msg -- message to print in verbose mode.
4494399Seric ** ctladdr -- address template to use to fill in these
4504399Seric ** addresses -- effective user/group id are
4514399Seric ** the important things.
4525006Seric ** sendq -- a pointer to the head of the send queue
4535006Seric ** to put these addresses in.
4544174Seric **
4554174Seric ** Returns:
4564174Seric ** none.
4574174Seric **
4584174Seric ** Side Effects:
4594174Seric ** reads the :include: file and sends to everyone
4604174Seric ** listed in that file.
4614174Seric */
4624174Seric
4635006Seric include(fname, msg, ctladdr, sendq)
4644174Seric char *fname;
4654176Seric char *msg;
4664399Seric ADDRESS *ctladdr;
4675006Seric ADDRESS **sendq;
4684174Seric {
4694174Seric char buf[MAXLINE];
4704174Seric register FILE *fp;
4716906Seric char *oldto = CurEnv->e_to;
4729379Seric char *oldfilename = FileName;
4739379Seric int oldlinenumber = LineNumber;
4744174Seric
4754174Seric fp = fopen(fname, "r");
4764174Seric if (fp == NULL)
4774174Seric {
4784174Seric usrerr("Cannot open %s", fname);
4794174Seric return;
4804174Seric }
4814406Seric if (getctladdr(ctladdr) == NULL)
4824406Seric {
4834406Seric struct stat st;
4844174Seric
4854406Seric if (fstat(fileno(fp), &st) < 0)
4864406Seric syserr("Cannot fstat %s!", fname);
4874406Seric ctladdr->q_uid = st.st_uid;
4884406Seric ctladdr->q_gid = st.st_gid;
4894406Seric ctladdr->q_flags |= QGOODUID;
4904406Seric }
4914406Seric
4924174Seric /* read the file -- each line is a comma-separated list. */
4939379Seric FileName = fname;
4949379Seric LineNumber = 0;
4954174Seric while (fgets(buf, sizeof buf, fp) != NULL)
4964174Seric {
4974174Seric register char *p = index(buf, '\n');
4984174Seric
4994174Seric if (p != NULL)
5004174Seric *p = '\0';
5014174Seric if (buf[0] == '\0')
5024174Seric continue;
5036906Seric CurEnv->e_to = oldto;
5047054Seric message(Arpa_Info, "%s to %s", msg, buf);
5054176Seric AliasLevel++;
5069622Seric sendtolist(buf, ctladdr, sendq);
5074176Seric AliasLevel--;
5084174Seric }
5094174Seric
5104319Seric (void) fclose(fp);
5119379Seric FileName = oldfilename;
5129379Seric LineNumber = oldlinenumber;
5134174Seric }
5144324Seric �/*
5154324Seric ** SENDTOARGV -- send to an argument vector.
5164324Seric **
5174324Seric ** Parameters:
5184324Seric ** argv -- argument vector to send to.
5194324Seric **
5204324Seric ** Returns:
5214324Seric ** none.
5224324Seric **
5234324Seric ** Side Effects:
5244324Seric ** puts all addresses on the argument vector onto the
5254324Seric ** send queue.
5264324Seric */
5274324Seric
5284324Seric sendtoargv(argv)
5294324Seric register char **argv;
5304324Seric {
5314324Seric register char *p;
5324324Seric
5334324Seric while ((p = *argv++) != NULL)
5344324Seric {
53533725Sbostic if (argv[0] != NULL && argv[1] != NULL && !strcasecmp(argv[0], "at"))
5364324Seric {
5374324Seric char nbuf[MAXNAME];
5384324Seric
5394324Seric if (strlen(p) + strlen(argv[1]) + 2 > sizeof nbuf)
5404324Seric usrerr("address overflow");
5414324Seric else
5424324Seric {
5434324Seric (void) strcpy(nbuf, p);
5444324Seric (void) strcat(nbuf, "@");
5454324Seric (void) strcat(nbuf, argv[1]);
5464324Seric p = newstr(nbuf);
5474324Seric argv += 2;
5484324Seric }
5494324Seric }
5509622Seric sendtolist(p, (ADDRESS *) NULL, &CurEnv->e_sendqueue);
5514324Seric }
5524324Seric }
5534399Seric �/*
5544399Seric ** GETCTLADDR -- get controlling address from an address header.
5554399Seric **
5564399Seric ** If none, get one corresponding to the effective userid.
5574399Seric **
5584399Seric ** Parameters:
5594399Seric ** a -- the address to find the controller of.
5604399Seric **
5614399Seric ** Returns:
5624399Seric ** the controlling address.
5634399Seric **
5644399Seric ** Side Effects:
5654399Seric ** none.
5664399Seric */
5674399Seric
5684399Seric ADDRESS *
5694399Seric getctladdr(a)
5704399Seric register ADDRESS *a;
5714399Seric {
5724404Seric while (a != NULL && !bitset(QGOODUID, a->q_flags))
5734399Seric a = a->q_alias;
5744399Seric return (a);
5754399Seric }
576