1 # include <pwd.h>
2 # include "sendmail.h"
3 # include <sys/stat.h>
4
5 SCCSID(@(#)recipient.c 4.3 03/11/84);
6
7 /*
8 ** SENDTOLIST -- Designate a send list.
9 **
10 ** The parameter is a comma-separated list of people to send to.
11 ** This routine arranges to send to all of them.
12 **
13 ** Parameters:
14 ** list -- the send list.
15 ** ctladdr -- the address template for the person to
16 ** send to -- effective uid/gid are important.
17 ** This is typically the alias that caused this
18 ** expansion.
19 ** sendq -- a pointer to the head of a queue to put
20 ** these people into.
21 **
22 ** Returns:
23 ** none
24 **
25 ** Side Effects:
26 ** none.
27 */
28
29 # define MAXRCRSN 10
30
31 sendtolist(list, ctladdr, sendq)
32 char *list;
33 ADDRESS *ctladdr;
34 ADDRESS **sendq;
35 {
36 register char *p;
37 register ADDRESS *al; /* list of addresses to send to */
38 bool firstone; /* set on first address sent */
39 bool selfref; /* set if this list includes ctladdr */
40 char delimiter; /* the address delimiter */
41
42 # ifdef DEBUG
43 if (tTd(25, 1))
44 {
45 printf("sendto: %s\n ctladdr=", list);
46 printaddr(ctladdr, FALSE);
47 }
48 # endif DEBUG
49
50 /* heuristic to determine old versus new style addresses */
51 if (ctladdr == NULL &&
52 (index(list, ',') != NULL || index(list, ';') != NULL ||
53 index(list, '<') != NULL || index(list, '(') != NULL))
54 CurEnv->e_flags &= ~EF_OLDSTYLE;
55 delimiter = ' ';
56 if (!bitset(EF_OLDSTYLE, CurEnv->e_flags) || ctladdr != NULL)
57 delimiter = ',';
58
59 firstone = TRUE;
60 selfref = FALSE;
61 al = NULL;
62
63 for (p = list; *p != '\0'; )
64 {
65 register ADDRESS *a;
66 extern char *DelimChar; /* defined in prescan */
67
68 /* parse the address */
69 while (isspace(*p) || *p == ',')
70 p++;
71 a = parseaddr(p, (ADDRESS *) NULL, 1, delimiter);
72 p = DelimChar;
73 if (a == NULL)
74 continue;
75 a->q_next = al;
76 a->q_alias = ctladdr;
77
78 /* see if this should be marked as a primary address */
79 if (ctladdr == NULL ||
80 (firstone && *p == '\0' && bitset(QPRIMARY, ctladdr->q_flags)))
81 a->q_flags |= QPRIMARY;
82
83 /* put on send queue or suppress self-reference */
84 if (ctladdr != NULL && sameaddr(ctladdr, a))
85 selfref = TRUE;
86 else
87 al = a;
88 firstone = FALSE;
89 }
90
91 /* if this alias doesn't include itself, delete ctladdr */
92 if (!selfref && ctladdr != NULL)
93 ctladdr->q_flags |= QDONTSEND;
94
95 /* arrange to send to everyone on the local send list */
96 while (al != NULL)
97 {
98 register ADDRESS *a = al;
99 extern ADDRESS *recipient();
100
101 al = a->q_next;
102 a = recipient(a, sendq);
103
104 /* arrange to inherit full name */
105 if (a->q_fullname == NULL && ctladdr != NULL)
106 a->q_fullname = ctladdr->q_fullname;
107 }
108
109 CurEnv->e_to = NULL;
110 }
111 �/*
112 ** RECIPIENT -- Designate a message recipient
113 **
114 ** Saves the named person for future mailing.
115 **
116 ** Parameters:
117 ** a -- the (preparsed) address header for the recipient.
118 ** sendq -- a pointer to the head of a queue to put the
119 ** recipient in. Duplicate supression is done
120 ** in this queue.
121 **
122 ** Returns:
123 ** The actual address in the queue. This will be "a" if
124 ** the address is not a duplicate, else the original address.
125 **
126 ** Side Effects:
127 ** none.
128 */
129
130 ADDRESS *
131 recipient(a, sendq)
132 register ADDRESS *a;
133 register ADDRESS **sendq;
134 {
135 register ADDRESS *q;
136 ADDRESS **pq;
137 register struct mailer *m;
138 register char *p;
139 bool quoted = FALSE; /* set if the addr has a quote bit */
140 char buf[MAXNAME]; /* unquoted image of the user name */
141 extern ADDRESS *getctladdr();
142 extern bool safefile();
143
144 CurEnv->e_to = a->q_paddr;
145 m = a->q_mailer;
146 errno = 0;
147 # ifdef DEBUG
148 if (tTd(26, 1))
149 {
150 printf("\nrecipient: ");
151 printaddr(a, FALSE);
152 }
153 # endif DEBUG
154
155 /* break aliasing loops */
156 if (AliasLevel > MAXRCRSN)
157 {
158 usrerr("aliasing/forwarding loop broken");
159 return (a);
160 }
161
162 /*
163 ** Finish setting up address structure.
164 */
165
166 /* set the queue timeout */
167 a->q_timeout = TimeOut;
168
169 /* map user & host to lower case if requested on non-aliases */
170 if (a->q_alias == NULL)
171 loweraddr(a);
172
173 /* get unquoted user for file, program or user.name check */
174 (void) strcpy(buf, a->q_user);
175 for (p = buf; *p != '\0' && !quoted; p++)
176 {
177 if (!isascii(*p) && (*p & 0377) != (SpaceSub & 0377))
178 quoted = TRUE;
179 }
180 stripquotes(buf, TRUE);
181
182 /* do sickly crude mapping for program mailing, etc. */
183 if (m == LocalMailer && buf[0] == '|')
184 {
185 a->q_mailer = m = ProgMailer;
186 a->q_user++;
187 if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
188 {
189 usrerr("Cannot mail directly to programs");
190 a->q_flags |= QDONTSEND;
191 }
192 }
193
194 /*
195 ** Look up this person in the recipient list.
196 ** If they are there already, return, otherwise continue.
197 ** If the list is empty, just add it. Notice the cute
198 ** hack to make from addresses suppress things correctly:
199 ** the QDONTSEND bit will be set in the send list.
200 ** [Please note: the emphasis is on "hack."]
201 */
202
203 for (pq = sendq; (q = *pq) != NULL; pq = &q->q_next)
204 {
205 if (!ForceMail && sameaddr(q, a))
206 {
207 # ifdef DEBUG
208 if (tTd(26, 1))
209 {
210 printf("%s in sendq: ", a->q_paddr);
211 printaddr(q, FALSE);
212 }
213 # endif DEBUG
214 if (!bitset(QDONTSEND, a->q_flags))
215 message(Arpa_Info, "duplicate suppressed");
216 if (!bitset(QPRIMARY, q->q_flags))
217 q->q_flags |= a->q_flags;
218 return (q);
219 }
220 }
221
222 /* add address on list */
223 *pq = a;
224 a->q_next = NULL;
225
226 /*
227 ** Alias the name and handle :include: specs.
228 */
229
230 if (m == LocalMailer && !bitset(QDONTSEND, a->q_flags))
231 {
232 if (strncmp(a->q_user, ":include:", 9) == 0)
233 {
234 a->q_flags |= QDONTSEND;
235 if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
236 usrerr("Cannot mail directly to :include:s");
237 else
238 {
239 message(Arpa_Info, "including file %s", &a->q_user[9]);
240 include(&a->q_user[9], " sending", a, sendq);
241 }
242 }
243 else
244 alias(a, sendq);
245 }
246
247 /*
248 ** If the user is local and still being sent, verify that
249 ** the address is good. If it is, try to forward.
250 ** If the address is already good, we have a forwarding
251 ** loop. This can be broken by just sending directly to
252 ** the user (which is probably correct anyway).
253 */
254
255 if (!bitset(QDONTSEND, a->q_flags) && m == LocalMailer)
256 {
257 struct stat stb;
258 extern bool writable();
259
260 /* see if this is to a file */
261 if (buf[0] == '/')
262 {
263 p = rindex(buf, '/');
264 /* check if writable or creatable */
265 if (a->q_alias == NULL && !tTd(0, 1) && !QueueRun && !ForceMail)
266 {
267 usrerr("Cannot mail directly to files");
268 a->q_flags |= QDONTSEND;
269 }
270 else if ((stat(buf, &stb) >= 0) ? (!writable(&stb)) :
271 (*p = '\0', !safefile(buf, getruid(), S_IWRITE|S_IEXEC)))
272 {
273 a->q_flags |= QBADADDR;
274 giveresponse(EX_CANTCREAT, m, CurEnv);
275 }
276 }
277 else
278 {
279 register struct passwd *pw;
280 extern struct passwd *finduser();
281
282 /* warning -- finduser may trash buf */
283 pw = finduser(buf);
284 if (pw == NULL)
285 {
286 a->q_flags |= QBADADDR;
287 giveresponse(EX_NOUSER, m, CurEnv);
288 }
289 else
290 {
291 char nbuf[MAXNAME];
292
293 if (strcmp(a->q_user, pw->pw_name) != 0)
294 {
295 a->q_user = newstr(pw->pw_name);
296 (void) strcpy(buf, pw->pw_name);
297 }
298 a->q_home = newstr(pw->pw_dir);
299 a->q_uid = pw->pw_uid;
300 a->q_gid = pw->pw_gid;
301 a->q_flags |= QGOODUID;
302 buildfname(pw->pw_gecos, pw->pw_name, nbuf);
303 if (nbuf[0] != '\0')
304 a->q_fullname = newstr(nbuf);
305 if (!quoted)
306 forward(a, sendq);
307 }
308 }
309 }
310 return (a);
311 }
312 �/*
313 ** FINDUSER -- find the password entry for a user.
314 **
315 ** This looks a lot like getpwnam, except that it may want to
316 ** do some fancier pattern matching in /etc/passwd.
317 **
318 ** This routine contains most of the time of many sendmail runs.
319 ** It deserves to be optimized.
320 **
321 ** Parameters:
322 ** name -- the name to match against.
323 **
324 ** Returns:
325 ** A pointer to a pw struct.
326 ** NULL if name is unknown or ambiguous.
327 **
328 ** Side Effects:
329 ** may modify name.
330 */
331
332 struct passwd *
333 finduser(name)
334 char *name;
335 {
336 register struct passwd *pw;
337 register char *p;
338 extern struct passwd *getpwent();
339 extern struct passwd *getpwnam();
340
341 /*
342 ** Make name canonical.
343 */
344
345 for (p = name; *p != '\0'; p++)
346 {
347 if (*p == (SpaceSub & 0177) || *p == '_')
348 *p = ' ';
349 }
350
351 /* look up this login name */
352 if ((pw = getpwnam(name)) != NULL)
353 return (pw);
354
355 /* search for a matching full name instead */
356 setpwent();
357 while ((pw = getpwent()) != NULL)
358 {
359 char buf[MAXNAME];
360 extern bool sameword();
361
362 if (strcmp(pw->pw_name, name) == 0)
363 return (pw);
364 buildfname(pw->pw_gecos, pw->pw_name, buf);
365 if (index(buf, ' ') != NULL && sameword(buf, name))
366 {
367 message(Arpa_Info, "sending to login name %s", pw->pw_name);
368 return (pw);
369 }
370 }
371 return (NULL);
372 }
373 �/*
374 ** WRITABLE -- predicate returning if the file is writable.
375 **
376 ** This routine must duplicate the algorithm in sys/fio.c.
377 ** Unfortunately, we cannot use the access call since we
378 ** won't necessarily be the real uid when we try to
379 ** actually open the file.
380 **
381 ** Notice that ANY file with ANY execute bit is automatically
382 ** not writable. This is also enforced by mailfile.
383 **
384 ** Parameters:
385 ** s -- pointer to a stat struct for the file.
386 **
387 ** Returns:
388 ** TRUE -- if we will be able to write this file.
389 ** FALSE -- if we cannot write this file.
390 **
391 ** Side Effects:
392 ** none.
393 */
394
395 bool
396 writable(s)
397 register struct stat *s;
398 {
399 int euid, egid;
400 int bits;
401
402 if (bitset(0111, s->st_mode))
403 return (FALSE);
404 euid = getruid();
405 egid = getrgid();
406 if (geteuid() == 0)
407 {
408 if (bitset(S_ISUID, s->st_mode))
409 euid = s->st_uid;
410 if (bitset(S_ISGID, s->st_mode))
411 egid = s->st_gid;
412 }
413
414 if (euid == 0)
415 return (TRUE);
416 bits = S_IWRITE;
417 if (euid != s->st_uid)
418 {
419 bits >>= 3;
420 if (egid != s->st_gid)
421 bits >>= 3;
422 }
423 return ((s->st_mode & bits) != 0);
424 }
425 �/*
426 ** INCLUDE -- handle :include: specification.
427 **
428 ** Parameters:
429 ** fname -- filename to include.
430 ** msg -- message to print in verbose mode.
431 ** ctladdr -- address template to use to fill in these
432 ** addresses -- effective user/group id are
433 ** the important things.
434 ** sendq -- a pointer to the head of the send queue
435 ** to put these addresses in.
436 **
437 ** Returns:
438 ** none.
439 **
440 ** Side Effects:
441 ** reads the :include: file and sends to everyone
442 ** listed in that file.
443 */
444
445 include(fname, msg, ctladdr, sendq)
446 char *fname;
447 char *msg;
448 ADDRESS *ctladdr;
449 ADDRESS **sendq;
450 {
451 char buf[MAXLINE];
452 register FILE *fp;
453 char *oldto = CurEnv->e_to;
454 char *oldfilename = FileName;
455 int oldlinenumber = LineNumber;
456
457 fp = fopen(fname, "r");
458 if (fp == NULL)
459 {
460 usrerr("Cannot open %s", fname);
461 return;
462 }
463 if (getctladdr(ctladdr) == NULL)
464 {
465 struct stat st;
466
467 if (fstat(fileno(fp), &st) < 0)
468 syserr("Cannot fstat %s!", fname);
469 ctladdr->q_uid = st.st_uid;
470 ctladdr->q_gid = st.st_gid;
471 ctladdr->q_flags |= QGOODUID;
472 }
473
474 /* read the file -- each line is a comma-separated list. */
475 FileName = fname;
476 LineNumber = 0;
477 while (fgets(buf, sizeof buf, fp) != NULL)
478 {
479 register char *p = index(buf, '\n');
480
481 if (p != NULL)
482 *p = '\0';
483 if (buf[0] == '\0')
484 continue;
485 CurEnv->e_to = oldto;
486 message(Arpa_Info, "%s to %s", msg, buf);
487 AliasLevel++;
488 sendtolist(buf, ctladdr, sendq);
489 AliasLevel--;
490 }
491
492 (void) fclose(fp);
493 FileName = oldfilename;
494 LineNumber = oldlinenumber;
495 }
496 �/*
497 ** SENDTOARGV -- send to an argument vector.
498 **
499 ** Parameters:
500 ** argv -- argument vector to send to.
501 **
502 ** Returns:
503 ** none.
504 **
505 ** Side Effects:
506 ** puts all addresses on the argument vector onto the
507 ** send queue.
508 */
509
510 sendtoargv(argv)
511 register char **argv;
512 {
513 register char *p;
514 extern bool sameword();
515
516 while ((p = *argv++) != NULL)
517 {
518 if (argv[0] != NULL && argv[1] != NULL && sameword(argv[0], "at"))
519 {
520 char nbuf[MAXNAME];
521
522 if (strlen(p) + strlen(argv[1]) + 2 > sizeof nbuf)
523 usrerr("address overflow");
524 else
525 {
526 (void) strcpy(nbuf, p);
527 (void) strcat(nbuf, "@");
528 (void) strcat(nbuf, argv[1]);
529 p = newstr(nbuf);
530 argv += 2;
531 }
532 }
533 sendtolist(p, (ADDRESS *) NULL, &CurEnv->e_sendqueue);
534 }
535 }
536 �/*
537 ** GETCTLADDR -- get controlling address from an address header.
538 **
539 ** If none, get one corresponding to the effective userid.
540 **
541 ** Parameters:
542 ** a -- the address to find the controller of.
543 **
544 ** Returns:
545 ** the controlling address.
546 **
547 ** Side Effects:
548 ** none.
549 */
550
551 ADDRESS *
552 getctladdr(a)
553 register ADDRESS *a;
554 {
555 while (a != NULL && !bitset(QGOODUID, a->q_flags))
556 a = a->q_alias;
557 return (a);
558 }
559