1 /* $NetBSD: postmap.c,v 1.4 2022/10/08 16:12:47 christos Exp $ */ 2 3 /*++ 4 /* NAME 5 /* postmap 1 6 /* SUMMARY 7 /* Postfix lookup table management 8 /* SYNOPSIS 9 /* .fi 10 /* \fBpostmap\fR [\fB-bfFhimnNoprsuUvw\fR] [\fB-c \fIconfig_dir\fR] 11 /* [\fB-d \fIkey\fR] [\fB-q \fIkey\fR] 12 /* [\fIfile_type\fR:]\fIfile_name\fR ... 13 /* DESCRIPTION 14 /* The \fBpostmap\fR(1) command creates or queries one or more Postfix 15 /* lookup tables, or updates an existing one. 16 /* 17 /* If the result files do not exist they will be created with the 18 /* same group and other read permissions as their source file. 19 /* 20 /* While the table update is in progress, signal delivery is 21 /* postponed, and an exclusive, advisory, lock is placed on the 22 /* entire table, in order to avoid surprises in spectator 23 /* processes. 24 /* INPUT FILE FORMAT 25 /* .ad 26 /* .fi 27 /* The format of a lookup table input file is as follows: 28 /* .IP \(bu 29 /* A table entry has the form 30 /* .sp 31 /* .nf 32 /* \fIkey\fR whitespace \fIvalue\fR 33 /* .fi 34 /* .IP \(bu 35 /* Empty lines and whitespace-only lines are ignored, as 36 /* are lines whose first non-whitespace character is a `#'. 37 /* .IP \(bu 38 /* A logical line starts with non-whitespace text. A line that 39 /* starts with whitespace continues a logical line. 40 /* .PP 41 /* The \fIkey\fR and \fIvalue\fR are processed as is, except that 42 /* surrounding white space is stripped off. Whitespace in lookup 43 /* keys is supported in Postfix 3.2 and later, by surrounding the 44 /* key with double quote characters `"'. Within the double quotes, 45 /* double quote `"' and backslash `\\' characters can be included 46 /* by quoting them with a preceding backslash. 47 /* 48 /* When the \fB-F\fR option is given, the \fIvalue\fR must 49 /* specify one or more filenames separated by comma and/or 50 /* whitespace; \fBpostmap\fR(1) will concatenate the file 51 /* content (with a newline character inserted between files) 52 /* and will store the base64-encoded result instead of the 53 /* \fIvalue\fR. 54 /* 55 /* When the \fIkey\fR specifies email address information, the 56 /* localpart should be enclosed with double quotes if required 57 /* by RFC 5322. For example, an address localpart that contains 58 /* ";", or a localpart that starts or ends with ".". 59 /* 60 /* By default the lookup key is mapped to lowercase to make 61 /* the lookups case insensitive; as of Postfix 2.3 this case 62 /* folding happens only with tables whose lookup keys are 63 /* fixed-case strings such as btree:, dbm: or hash:. With 64 /* earlier versions, the lookup key is folded even with tables 65 /* where a lookup field can match both upper and lower case 66 /* text, such as regexp: and pcre:. This resulted in loss of 67 /* information with $\fInumber\fR substitutions. 68 /* COMMAND-LINE ARGUMENTS 69 /* .ad 70 /* .fi 71 /* .IP \fB-b\fR 72 /* Enable message body query mode. When reading lookup keys 73 /* from standard input with "\fB-q -\fR", process the input 74 /* as if it is an email message in RFC 5322 format. Each line 75 /* of body content becomes one lookup key. 76 /* .sp 77 /* By default, the \fB-b\fR option starts generating lookup 78 /* keys at the first non-header line, and stops when the end 79 /* of the message is reached. 80 /* To simulate \fBbody_checks\fR(5) processing, enable MIME 81 /* parsing with \fB-m\fR. With this, the \fB-b\fR option 82 /* generates no body-style lookup keys for attachment MIME 83 /* headers and for attached message/* headers. 84 /* .sp 85 /* NOTE: with "smtputf8_enable = yes", the \fB-b\fR option 86 /* disables UTF-8 syntax checks on query keys and lookup 87 /* results. Specify the \fB-U\fR option to force UTF-8 88 /* syntax checks anyway. 89 /* .sp 90 /* This feature is available in Postfix version 2.6 and later. 91 /* .IP "\fB-c \fIconfig_dir\fR" 92 /* Read the \fBmain.cf\fR configuration file in the named directory 93 /* instead of the default configuration directory. 94 /* .IP "\fB-d \fIkey\fR" 95 /* Search the specified maps for \fIkey\fR and remove one entry per map. 96 /* The exit status is zero when the requested information was found. 97 /* 98 /* If a key value of \fB-\fR is specified, the program reads key 99 /* values from the standard input stream. The exit status is zero 100 /* when at least one of the requested keys was found. 101 /* .IP \fB-f\fR 102 /* Do not fold the lookup key to lower case while creating or querying 103 /* a table. 104 /* 105 /* With Postfix version 2.3 and later, this option has no 106 /* effect for regular expression tables. There, case folding 107 /* is controlled by appending a flag to a pattern. 108 /* .IP \fB-F\fR 109 /* When querying a map, or listing a map, base64-decode each 110 /* value. When creating a map from source file, process each 111 /* value as a list of filenames, concatenate the content of 112 /* those files, and store the base64-encoded result instead 113 /* of the value (see INPUT FILE FORMAT for details). 114 /* .sp 115 /* This feature is available in Postfix version 3.4 and later. 116 /* .IP \fB-h\fR 117 /* Enable message header query mode. When reading lookup keys 118 /* from standard input with "\fB-q -\fR", process the input 119 /* as if it is an email message in RFC 5322 format. Each 120 /* logical header line becomes one lookup key. A multi-line 121 /* header becomes one lookup key with one or more embedded 122 /* newline characters. 123 /* .sp 124 /* By default, the \fB-h\fR option generates lookup keys until 125 /* the first non-header line is reached. 126 /* To simulate \fBheader_checks\fR(5) processing, enable MIME 127 /* parsing with \fB-m\fR. With this, the \fB-h\fR option also 128 /* generates header-style lookup keys for attachment MIME 129 /* headers and for attached message/* headers. 130 /* .sp 131 /* NOTE: with "smtputf8_enable = yes", the \fB-b\fR option 132 /* option disables UTF-8 syntax checks on query keys and 133 /* lookup results. Specify the \fB-U\fR option to force UTF-8 134 /* syntax checks anyway. 135 /* .sp 136 /* This feature is available in Postfix version 2.6 and later. 137 /* .IP \fB-i\fR 138 /* Incremental mode. Read entries from standard input and do not 139 /* truncate an existing database. By default, \fBpostmap\fR(1) creates 140 /* a new database from the entries in \fBfile_name\fR. 141 /* .IP \fB-m\fR 142 /* Enable MIME parsing with "\fB-b\fR" and "\fB-h\fR". 143 /* .sp 144 /* This feature is available in Postfix version 2.6 and later. 145 /* .IP \fB-N\fR 146 /* Include the terminating null character that terminates lookup keys 147 /* and values. By default, \fBpostmap\fR(1) does whatever is 148 /* the default for 149 /* the host operating system. 150 /* .IP \fB-n\fR 151 /* Don't include the terminating null character that terminates lookup 152 /* keys and values. By default, \fBpostmap\fR(1) does whatever 153 /* is the default for 154 /* the host operating system. 155 /* .IP \fB-o\fR 156 /* Do not release root privileges when processing a non-root 157 /* input file. By default, \fBpostmap\fR(1) drops root privileges 158 /* and runs as the source file owner instead. 159 /* .IP \fB-p\fR 160 /* Do not inherit the file access permissions from the input file 161 /* when creating a new file. Instead, create a new file with default 162 /* access permissions (mode 0644). 163 /* .IP "\fB-q \fIkey\fR" 164 /* Search the specified maps for \fIkey\fR and write the first value 165 /* found to the standard output stream. The exit status is zero 166 /* when the requested information was found. 167 /* 168 /* Note: this performs a single query with the key as specified, 169 /* and does not make iterative queries with substrings of the 170 /* key as described for access(5), canonical(5), transport(5), 171 /* virtual(5) and other Postfix table-driven features. 172 /* 173 /* If a key value of \fB-\fR is specified, the program reads key 174 /* values from the standard input stream and writes one line of 175 /* \fIkey value\fR output for each key that was found. The exit 176 /* status is zero when at least one of the requested keys was found. 177 /* .IP \fB-r\fR 178 /* When updating a table, do not complain about attempts to update 179 /* existing entries, and make those updates anyway. 180 /* .IP \fB-s\fR 181 /* Retrieve all database elements, and write one line of 182 /* \fIkey value\fR output for each element. The elements are 183 /* printed in database order, which is not necessarily the same 184 /* as the original input order. 185 /* .sp 186 /* This feature is available in Postfix version 2.2 and later, 187 /* and is not available for all database types. 188 /* .IP \fB-u\fR 189 /* Disable UTF-8 support. UTF-8 support is enabled by default 190 /* when "smtputf8_enable = yes". It requires that keys and 191 /* values are valid UTF-8 strings. 192 /* .IP \fB-U\fR 193 /* With "smtputf8_enable = yes", force UTF-8 syntax checks 194 /* with the \fB-b\fR and \fB-h\fR options. 195 /* .IP \fB-v\fR 196 /* Enable verbose logging for debugging purposes. Multiple \fB-v\fR 197 /* options make the software increasingly verbose. 198 /* .IP \fB-w\fR 199 /* When updating a table, do not complain about attempts to update 200 /* existing entries, and ignore those attempts. 201 /* .PP 202 /* Arguments: 203 /* .IP \fIfile_type\fR 204 /* The database type. To find out what types are supported, use 205 /* the "\fBpostconf -m\fR" command. 206 /* 207 /* The \fBpostmap\fR(1) command can query any supported file type, 208 /* but it can create only the following file types: 209 /* .RS 210 /* .IP \fBbtree\fR 211 /* The output file is a btree file, named \fIfile_name\fB.db\fR. 212 /* This is available on systems with support for \fBdb\fR databases. 213 /* .IP \fBcdb\fR 214 /* The output consists of one file, named \fIfile_name\fB.cdb\fR. 215 /* This is available on systems with support for \fBcdb\fR databases. 216 /* .IP \fBdbm\fR 217 /* The output consists of two files, named \fIfile_name\fB.pag\fR and 218 /* \fIfile_name\fB.dir\fR. 219 /* This is available on systems with support for \fBdbm\fR databases. 220 /* .IP \fBfail\fR 221 /* A table that reliably fails all requests. The lookup table 222 /* name is used for logging only. This table exists to simplify 223 /* Postfix error tests. 224 /* .IP \fBhash\fR 225 /* The output file is a hashed file, named \fIfile_name\fB.db\fR. 226 /* This is available on systems with support for \fBdb\fR databases. 227 /* .IP \fBlmdb\fR 228 /* The output is a btree-based file, named \fIfile_name\fB.lmdb\fR. 229 /* \fBlmdb\fR supports concurrent writes and reads from different 230 /* processes, unlike other supported file-based tables. 231 /* This is available on systems with support for \fBlmdb\fR databases. 232 /* .IP \fBsdbm\fR 233 /* The output consists of two files, named \fIfile_name\fB.pag\fR and 234 /* \fIfile_name\fB.dir\fR. 235 /* This is available on systems with support for \fBsdbm\fR databases. 236 /* .PP 237 /* When no \fIfile_type\fR is specified, the software uses the database 238 /* type specified via the \fBdefault_database_type\fR configuration 239 /* parameter. 240 /* .RE 241 /* .IP \fIfile_name\fR 242 /* The name of the lookup table source file when rebuilding a database. 243 /* DIAGNOSTICS 244 /* Problems are logged to the standard error stream and to 245 /* \fBsyslogd\fR(8) or \fBpostlogd\fR(8). 246 /* No output means that no problems were detected. Duplicate entries are 247 /* skipped and are flagged with a warning. 248 /* 249 /* \fBpostmap\fR(1) terminates with zero exit status in case of success 250 /* (including successful "\fBpostmap -q\fR" lookup) and terminates 251 /* with non-zero exit status in case of failure. 252 /* ENVIRONMENT 253 /* .ad 254 /* .fi 255 /* .IP \fBMAIL_CONFIG\fR 256 /* Directory with Postfix configuration files. 257 /* .IP \fBMAIL_VERBOSE\fR 258 /* Enable verbose logging for debugging purposes. 259 /* CONFIGURATION PARAMETERS 260 /* .ad 261 /* .fi 262 /* The following \fBmain.cf\fR parameters are especially relevant to 263 /* this program. 264 /* The text below provides only a parameter summary. See 265 /* \fBpostconf\fR(5) for more details including examples. 266 /* .IP "\fBberkeley_db_create_buffer_size (16777216)\fR" 267 /* The per-table I/O buffer size for programs that create Berkeley DB 268 /* hash or btree tables. 269 /* .IP "\fBberkeley_db_read_buffer_size (131072)\fR" 270 /* The per-table I/O buffer size for programs that read Berkeley DB 271 /* hash or btree tables. 272 /* .IP "\fBconfig_directory (see 'postconf -d' output)\fR" 273 /* The default location of the Postfix main.cf and master.cf 274 /* configuration files. 275 /* .IP "\fBdefault_database_type (see 'postconf -d' output)\fR" 276 /* The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1) 277 /* and \fBpostmap\fR(1) commands. 278 /* .IP "\fBimport_environment (see 'postconf -d' output)\fR" 279 /* The list of environment variables that a privileged Postfix 280 /* process will import from a non-Postfix parent process, or name=value 281 /* environment overrides. 282 /* .IP "\fBsmtputf8_enable (yes)\fR" 283 /* Enable preliminary SMTPUTF8 support for the protocols described 284 /* in RFC 6531, RFC 6532, and RFC 6533. 285 /* .IP "\fBsyslog_facility (mail)\fR" 286 /* The syslog facility of Postfix logging. 287 /* .IP "\fBsyslog_name (see 'postconf -d' output)\fR" 288 /* A prefix that is prepended to the process name in syslog 289 /* records, so that, for example, "smtpd" becomes "prefix/smtpd". 290 /* .PP 291 /* Available in Postfix 2.11 and later: 292 /* .IP "\fBlmdb_map_size (16777216)\fR" 293 /* The initial OpenLDAP LMDB database size limit in bytes. 294 /* SEE ALSO 295 /* postalias(1), create/update/query alias database 296 /* postconf(1), supported database types 297 /* postconf(5), configuration parameters 298 /* postlogd(8), Postfix logging 299 /* syslogd(8), system logging 300 /* README FILES 301 /* .ad 302 /* .fi 303 /* Use "\fBpostconf readme_directory\fR" or 304 /* "\fBpostconf html_directory\fR" to locate this information. 305 /* .na 306 /* .nf 307 /* DATABASE_README, Postfix lookup table overview 308 /* LICENSE 309 /* .ad 310 /* .fi 311 /* The Secure Mailer license must be distributed with this software. 312 /* AUTHOR(S) 313 /* Wietse Venema 314 /* IBM T.J. Watson Research 315 /* P.O. Box 704 316 /* Yorktown Heights, NY 10598, USA 317 /* 318 /* Wietse Venema 319 /* Google, Inc. 320 /* 111 8th Avenue 321 /* New York, NY 10011, USA 322 /*--*/ 323 324 /* System library. */ 325 326 #include <sys_defs.h> 327 #include <sys/stat.h> 328 #include <stdlib.h> 329 #include <unistd.h> 330 #include <fcntl.h> 331 #include <ctype.h> 332 #include <string.h> 333 334 /* Utility library. */ 335 336 #include <msg.h> 337 #include <mymalloc.h> 338 #include <vstring.h> 339 #include <vstream.h> 340 #include <msg_vstream.h> 341 #include <readlline.h> 342 #include <stringops.h> 343 #include <split_at.h> 344 #include <vstring_vstream.h> 345 #include <set_eugid.h> 346 #include <warn_stat.h> 347 #include <clean_env.h> 348 349 /* Global library. */ 350 351 #include <mail_conf.h> 352 #include <mail_dict.h> 353 #include <mail_params.h> 354 #include <mail_version.h> 355 #include <mkmap.h> 356 #include <mail_task.h> 357 #include <dict_proxy.h> 358 #include <mime_state.h> 359 #include <rec_type.h> 360 #include <mail_parm_split.h> 361 #include <maillog_client.h> 362 363 /* Application-specific. */ 364 365 #define STR vstring_str 366 #define LEN VSTRING_LEN 367 368 #define POSTMAP_FLAG_AS_OWNER (1<<0) /* open dest as owner of source */ 369 #define POSTMAP_FLAG_SAVE_PERM (1<<1) /* copy access permission from source */ 370 #define POSTMAP_FLAG_HEADER_KEY (1<<2) /* apply to header text */ 371 #define POSTMAP_FLAG_BODY_KEY (1<<3) /* apply to body text */ 372 #define POSTMAP_FLAG_MIME_KEY (1<<4) /* enable MIME parsing */ 373 374 #define POSTMAP_FLAG_HB_KEY (POSTMAP_FLAG_HEADER_KEY | POSTMAP_FLAG_BODY_KEY) 375 #define POSTMAP_FLAG_FULL_KEY (POSTMAP_FLAG_BODY_KEY | POSTMAP_FLAG_MIME_KEY) 376 #define POSTMAP_FLAG_ANY_KEY (POSTMAP_FLAG_HB_KEY | POSTMAP_FLAG_MIME_KEY) 377 378 /* 379 * MIME Engine call-back state for generating lookup keys from an email 380 * message read from standard input. 381 */ 382 typedef struct { 383 DICT **dicts; /* map handles */ 384 char **maps; /* map names */ 385 int map_count; /* yes, indeed */ 386 int dict_flags; /* query flags */ 387 int header_done; /* past primary header */ 388 int found; /* result */ 389 } POSTMAP_KEY_STATE; 390 391 /* postmap - create or update mapping database */ 392 393 static void postmap(char *map_type, char *path_name, int postmap_flags, 394 int open_flags, int dict_flags) 395 { 396 VSTREAM *NOCLOBBER source_fp; 397 VSTRING *line_buffer; 398 MKMAP *mkmap; 399 int lineno; 400 int last_line; 401 char *key; 402 char *value; 403 struct stat st; 404 mode_t saved_mask; 405 406 /* 407 * Initialize. 408 */ 409 line_buffer = vstring_alloc(100); 410 if ((open_flags & O_TRUNC) == 0) { 411 /* Incremental mode. */ 412 source_fp = VSTREAM_IN; 413 vstream_control(source_fp, CA_VSTREAM_CTL_PATH("stdin"), CA_VSTREAM_CTL_END); 414 } else { 415 /* Create database. */ 416 if (strcmp(map_type, DICT_TYPE_PROXY) == 0) 417 msg_fatal("can't create maps via the proxy service"); 418 dict_flags |= DICT_FLAG_BULK_UPDATE; 419 if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0) 420 msg_fatal("open %s: %m", path_name); 421 } 422 if (fstat(vstream_fileno(source_fp), &st) < 0) 423 msg_fatal("fstat %s: %m", path_name); 424 425 /* 426 * Turn off group/other read permissions as indicated in the source file. 427 */ 428 if ((postmap_flags & POSTMAP_FLAG_SAVE_PERM) && S_ISREG(st.st_mode)) 429 saved_mask = umask(022 | (~st.st_mode & 077)); 430 431 /* 432 * If running as root, run as the owner of the source file, so that the 433 * result shows proper ownership, and so that a bug in postmap does not 434 * allow privilege escalation. 435 */ 436 if ((postmap_flags & POSTMAP_FLAG_AS_OWNER) && getuid() == 0 437 && (st.st_uid != geteuid() || st.st_gid != getegid())) 438 set_eugid(st.st_uid, st.st_gid); 439 440 /* 441 * Open the database, optionally create it when it does not exist, 442 * optionally truncate it when it does exist, and lock out any 443 * spectators. 444 */ 445 mkmap = mkmap_open(map_type, path_name, open_flags, dict_flags); 446 447 /* 448 * And restore the umask, in case it matters. 449 */ 450 if ((postmap_flags & POSTMAP_FLAG_SAVE_PERM) && S_ISREG(st.st_mode)) 451 umask(saved_mask); 452 453 /* 454 * Trap "exceptions" so that we can restart a bulk-mode update after a 455 * recoverable error. 456 */ 457 for (;;) { 458 if (dict_isjmp(mkmap->dict) != 0 459 && dict_setjmp(mkmap->dict) != 0 460 && vstream_fseek(source_fp, SEEK_SET, 0) < 0) 461 msg_fatal("seek %s: %m", VSTREAM_PATH(source_fp)); 462 463 /* 464 * Add records to the database. XXX This duplicates the parser in 465 * dict_thash.c. 466 */ 467 last_line = 0; 468 while (readllines(line_buffer, source_fp, &last_line, &lineno)) { 469 int in_quotes = 0; 470 471 /* 472 * First some UTF-8 checks sans casefolding. 473 */ 474 if ((mkmap->dict->flags & DICT_FLAG_UTF8_ACTIVE) 475 && !allascii(STR(line_buffer)) 476 && !valid_utf8_string(STR(line_buffer), LEN(line_buffer))) { 477 msg_warn("%s, line %d: non-UTF-8 input \"%s\"" 478 " -- ignoring this line", 479 VSTREAM_PATH(source_fp), lineno, STR(line_buffer)); 480 continue; 481 } 482 483 /* 484 * Terminate the key on the first unquoted whitespace character, 485 * then trim leading and trailing whitespace from the value. 486 */ 487 for (value = STR(line_buffer); *value; value++) { 488 if (*value == '\\') { 489 if (*++value == 0) 490 break; 491 } else if (ISSPACE(*value)) { 492 if (!in_quotes) 493 break; 494 } else if (*value == '"') { 495 in_quotes = !in_quotes; 496 } 497 } 498 if (in_quotes) { 499 msg_warn("%s, line %d: unbalanced '\"' in '%s'" 500 " -- ignoring this line", 501 VSTREAM_PATH(source_fp), lineno, STR(line_buffer)); 502 continue; 503 } 504 if (*value) 505 *value++ = 0; 506 while (ISSPACE(*value)) 507 value++; 508 trimblanks(value, 0)[0] = 0; 509 510 /* 511 * Leave the key in quoted form, because 1) postmap cannot assume 512 * that a string without @ contains an email address localpart, 513 * and 2) an address localpart may require quoting even when the 514 * quoted form contains no backslash or ". 515 */ 516 key = STR(line_buffer); 517 518 /* 519 * Enforce the "key whitespace value" format. Disallow missing 520 * keys or missing values. 521 */ 522 if (*key == 0 || *value == 0) { 523 msg_warn("%s, line %d: expected format: key whitespace value", 524 VSTREAM_PATH(source_fp), lineno); 525 continue; 526 } 527 if (key[strlen(key) - 1] == ':') 528 msg_warn("%s, line %d: record is in \"key: value\" format; is this an alias file?", 529 VSTREAM_PATH(source_fp), lineno); 530 531 /* 532 * Optionally treat the vale as a filename, and replace the value 533 * with the BASE64-encoded content of the named file. 534 */ 535 if (dict_flags & DICT_FLAG_SRC_RHS_IS_FILE) { 536 VSTRING *base64_buf; 537 char *err; 538 539 if ((base64_buf = dict_file_to_b64(mkmap->dict, value)) == 0) { 540 err = dict_file_get_error(mkmap->dict); 541 msg_warn("%s, line %d: %s: skipping this entry", 542 VSTREAM_PATH(source_fp), lineno, err); 543 myfree(err); 544 continue; 545 } 546 value = vstring_str(base64_buf); 547 } 548 549 /* 550 * Store the value under a (possibly case-insensitive) key, as 551 * specified with open_flags. 552 */ 553 mkmap_append(mkmap, key, value); 554 if (mkmap->dict->error) 555 msg_fatal("table %s:%s: write error: %m", 556 mkmap->dict->type, mkmap->dict->name); 557 } 558 break; 559 } 560 561 /* 562 * Close the mapping database, and release the lock. 563 */ 564 mkmap_close(mkmap); 565 566 /* 567 * Cleanup. We're about to terminate, but it is a good sanity check. 568 */ 569 vstring_free(line_buffer); 570 if (source_fp != VSTREAM_IN) 571 vstream_fclose(source_fp); 572 } 573 574 /* postmap_body - MIME engine body call-back routine */ 575 576 static void postmap_body(void *ptr, int unused_rec_type, 577 const char *keybuf, 578 ssize_t unused_len, 579 off_t unused_offset) 580 { 581 POSTMAP_KEY_STATE *state = (POSTMAP_KEY_STATE *) ptr; 582 DICT **dicts = state->dicts; 583 char **maps = state->maps; 584 int map_count = state->map_count; 585 int dict_flags = state->dict_flags; 586 const char *map_name; 587 const char *value; 588 int n; 589 590 for (n = 0; n < map_count; n++) { 591 if (dicts[n] == 0) 592 dicts[n] = ((map_name = split_at(maps[n], ':')) != 0 ? 593 dict_open3(maps[n], map_name, O_RDONLY, dict_flags) : 594 dict_open3(var_db_type, maps[n], O_RDONLY, dict_flags)); 595 if ((value = dict_get(dicts[n], keybuf)) != 0) { 596 if (*value == 0) { 597 msg_warn("table %s:%s: key %s: empty string result is not allowed", 598 dicts[n]->type, dicts[n]->name, keybuf); 599 msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND", 600 dicts[n]->type, dicts[n]->name); 601 } 602 vstream_printf("%s %s\n", keybuf, value); 603 state->found = 1; 604 break; 605 } 606 if (dicts[n]->error) 607 msg_fatal("table %s:%s: query error: %m", 608 dicts[n]->type, dicts[n]->name); 609 } 610 } 611 612 /* postmap_header - MIME engine header call-back routine */ 613 614 static void postmap_header(void *ptr, int unused_header_class, 615 const HEADER_OPTS *unused_header_info, 616 VSTRING *header_buf, 617 off_t offset) 618 { 619 620 /* 621 * Don't re-invent an already working wheel. 622 */ 623 postmap_body(ptr, 0, STR(header_buf), LEN(header_buf), offset); 624 } 625 626 /* postmap_head_end - MIME engine end-of-header call-back routine */ 627 628 static void postmap_head_end(void *ptr) 629 { 630 POSTMAP_KEY_STATE *state = (POSTMAP_KEY_STATE *) ptr; 631 632 /* 633 * Don't process the message body when we only examine primary headers. 634 */ 635 state->header_done = 1; 636 } 637 638 /* postmap_queries - apply multiple requests from stdin */ 639 640 static int postmap_queries(VSTREAM *in, char **maps, const int map_count, 641 const int postmap_flags, 642 const int dict_flags) 643 { 644 int found = 0; 645 VSTRING *keybuf = vstring_alloc(100); 646 DICT **dicts; 647 const char *map_name; 648 const char *value; 649 int n; 650 651 /* 652 * Sanity check. 653 */ 654 if (map_count <= 0) 655 msg_panic("postmap_queries: bad map count"); 656 657 /* 658 * Prepare to open maps lazily. 659 */ 660 dicts = (DICT **) mymalloc(sizeof(*dicts) * map_count); 661 for (n = 0; n < map_count; n++) 662 dicts[n] = 0; 663 664 /* 665 * Perform all queries. Open maps on the fly, to avoid opening unnecessary 666 * maps. 667 */ 668 if ((postmap_flags & POSTMAP_FLAG_HB_KEY) == 0) { 669 while (vstring_get_nonl(keybuf, in) != VSTREAM_EOF) { 670 for (n = 0; n < map_count; n++) { 671 if (dicts[n] == 0) 672 dicts[n] = ((map_name = split_at(maps[n], ':')) != 0 ? 673 dict_open3(maps[n], map_name, O_RDONLY, dict_flags) : 674 dict_open3(var_db_type, maps[n], O_RDONLY, dict_flags)); 675 value = ((dict_flags & DICT_FLAG_SRC_RHS_IS_FILE) ? 676 dict_file_lookup : dicts[n]->lookup) 677 (dicts[n], STR(keybuf)); 678 if (value != 0) { 679 if (*value == 0) { 680 msg_warn("table %s:%s: key %s: empty string result is not allowed", 681 dicts[n]->type, dicts[n]->name, STR(keybuf)); 682 msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND", 683 dicts[n]->type, dicts[n]->name); 684 } 685 vstream_printf("%s %s\n", STR(keybuf), value); 686 found = 1; 687 break; 688 } 689 switch (dicts[n]->error) { 690 case 0: 691 break; 692 case DICT_ERR_CONFIG: 693 msg_fatal("table %s:%s: query error", 694 dicts[n]->type, dicts[n]->name); 695 default: 696 msg_fatal("table %s:%s: query error: %m", 697 dicts[n]->type, dicts[n]->name); 698 } 699 } 700 } 701 } else { 702 POSTMAP_KEY_STATE key_state; 703 MIME_STATE *mime_state; 704 int mime_errs = 0; 705 706 /* 707 * Bundle up the request and instantiate a MIME parsing engine. 708 */ 709 key_state.dicts = dicts; 710 key_state.maps = maps; 711 key_state.map_count = map_count; 712 key_state.dict_flags = dict_flags; 713 key_state.header_done = 0; 714 key_state.found = 0; 715 mime_state = 716 mime_state_alloc((postmap_flags & POSTMAP_FLAG_MIME_KEY) ? 717 0 : MIME_OPT_DISABLE_MIME, 718 (postmap_flags & POSTMAP_FLAG_HEADER_KEY) ? 719 postmap_header : (MIME_STATE_HEAD_OUT) 0, 720 (postmap_flags & POSTMAP_FLAG_FULL_KEY) ? 721 (MIME_STATE_ANY_END) 0 : postmap_head_end, 722 (postmap_flags & POSTMAP_FLAG_BODY_KEY) ? 723 postmap_body : (MIME_STATE_BODY_OUT) 0, 724 (MIME_STATE_ANY_END) 0, 725 (MIME_STATE_ERR_PRINT) 0, 726 (void *) &key_state); 727 728 /* 729 * Process the input message. 730 */ 731 while (vstring_get_nonl(keybuf, in) != VSTREAM_EOF 732 && key_state.header_done == 0 && mime_errs == 0) 733 mime_errs = mime_state_update(mime_state, REC_TYPE_NORM, 734 STR(keybuf), LEN(keybuf)); 735 736 /* 737 * Flush the MIME engine output buffer and tidy up loose ends. 738 */ 739 if (mime_errs == 0) 740 mime_errs = mime_state_update(mime_state, REC_TYPE_END, "", 0); 741 if (mime_errs) 742 msg_fatal("message format error: %s", 743 mime_state_detail(mime_errs)->text); 744 mime_state_free(mime_state); 745 found = key_state.found; 746 } 747 748 if (found) 749 vstream_fflush(VSTREAM_OUT); 750 751 /* 752 * Cleanup. 753 */ 754 for (n = 0; n < map_count; n++) 755 if (dicts[n]) 756 dict_close(dicts[n]); 757 myfree((void *) dicts); 758 vstring_free(keybuf); 759 760 return (found); 761 } 762 763 /* postmap_query - query a map and print the result to stdout */ 764 765 static int postmap_query(const char *map_type, const char *map_name, 766 const char *key, int dict_flags) 767 { 768 DICT *dict; 769 const char *value; 770 771 dict = dict_open3(map_type, map_name, O_RDONLY, dict_flags); 772 value = ((dict_flags & DICT_FLAG_SRC_RHS_IS_FILE) ? 773 dict_file_lookup : dict->lookup) (dict, key); 774 if (value != 0) { 775 if (*value == 0) { 776 msg_warn("table %s:%s: key %s: empty string result is not allowed", 777 map_type, map_name, key); 778 msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND", 779 map_type, map_name); 780 } 781 vstream_printf("%s\n", value); 782 } 783 switch (dict->error) { 784 case 0: 785 break; 786 case DICT_ERR_CONFIG: 787 msg_fatal("table %s:%s: query error", 788 dict->type, dict->name); 789 default: 790 msg_fatal("table %s:%s: query error: %m", 791 dict->type, dict->name); 792 } 793 vstream_fflush(VSTREAM_OUT); 794 dict_close(dict); 795 return (value != 0); 796 } 797 798 /* postmap_deletes - apply multiple requests from stdin */ 799 800 static int postmap_deletes(VSTREAM *in, char **maps, const int map_count, 801 int dict_flags) 802 { 803 int found = 0; 804 VSTRING *keybuf = vstring_alloc(100); 805 DICT **dicts; 806 const char *map_name; 807 int n; 808 int open_flags; 809 810 /* 811 * Sanity check. 812 */ 813 if (map_count <= 0) 814 msg_panic("postmap_deletes: bad map count"); 815 816 /* 817 * Open maps ahead of time. 818 */ 819 dicts = (DICT **) mymalloc(sizeof(*dicts) * map_count); 820 for (n = 0; n < map_count; n++) { 821 map_name = split_at(maps[n], ':'); 822 if (map_name && strcmp(maps[n], DICT_TYPE_PROXY) == 0) 823 open_flags = O_RDWR | O_CREAT; /* XXX */ 824 else 825 open_flags = O_RDWR; 826 dicts[n] = (map_name != 0 ? 827 dict_open3(maps[n], map_name, open_flags, dict_flags) : 828 dict_open3(var_db_type, maps[n], open_flags, dict_flags)); 829 } 830 831 /* 832 * Perform all requests. 833 */ 834 while (vstring_get_nonl(keybuf, in) != VSTREAM_EOF) { 835 for (n = 0; n < map_count; n++) { 836 found |= (dict_del(dicts[n], STR(keybuf)) == 0); 837 if (dicts[n]->error) 838 msg_fatal("table %s:%s: delete error: %m", 839 dicts[n]->type, dicts[n]->name); 840 } 841 } 842 843 /* 844 * Cleanup. 845 */ 846 for (n = 0; n < map_count; n++) 847 if (dicts[n]) 848 dict_close(dicts[n]); 849 myfree((void *) dicts); 850 vstring_free(keybuf); 851 852 return (found); 853 } 854 855 /* postmap_delete - delete a (key, value) pair from a map */ 856 857 static int postmap_delete(const char *map_type, const char *map_name, 858 const char *key, int dict_flags) 859 { 860 DICT *dict; 861 int status; 862 int open_flags; 863 864 if (strcmp(map_type, DICT_TYPE_PROXY) == 0) 865 open_flags = O_RDWR | O_CREAT; /* XXX */ 866 else 867 open_flags = O_RDWR; 868 dict = dict_open3(map_type, map_name, open_flags, dict_flags); 869 status = dict_del(dict, key); 870 if (dict->error) 871 msg_fatal("table %s:%s: delete error: %m", dict->type, dict->name); 872 dict_close(dict); 873 return (status == 0); 874 } 875 876 /* postmap_seq - print all map entries to stdout */ 877 878 static void postmap_seq(const char *map_type, const char *map_name, 879 int dict_flags) 880 { 881 DICT *dict; 882 const char *key; 883 const char *value; 884 int func; 885 886 if (strcmp(map_type, DICT_TYPE_PROXY) == 0) 887 msg_fatal("can't sequence maps via the proxy service"); 888 dict = dict_open3(map_type, map_name, O_RDONLY, dict_flags); 889 for (func = DICT_SEQ_FUN_FIRST; /* void */ ; func = DICT_SEQ_FUN_NEXT) { 890 if (dict_seq(dict, func, &key, &value) != 0) 891 break; 892 if (*key == 0) { 893 msg_warn("table %s:%s: empty lookup key value is not allowed", 894 map_type, map_name); 895 } else if (*value == 0) { 896 msg_warn("table %s:%s: key %s: empty string result is not allowed", 897 map_type, map_name, key); 898 msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND", 899 map_type, map_name); 900 } 901 if (dict_flags & DICT_FLAG_SRC_RHS_IS_FILE) { 902 VSTRING *unb64; 903 char *err; 904 905 if ((unb64 = dict_file_from_b64(dict, value)) == 0) { 906 err = dict_file_get_error(dict); 907 msg_warn("table %s:%s: key %s: %s", 908 dict->type, dict->name, key, err); 909 myfree(err); 910 /* dict->error = DICT_ERR_CONFIG; */ 911 continue; 912 } 913 value = STR(unb64); 914 } 915 vstream_printf("%s %s\n", key, value); 916 } 917 if (dict->error) 918 msg_fatal("table %s:%s: sequence error: %m", dict->type, dict->name); 919 vstream_fflush(VSTREAM_OUT); 920 dict_close(dict); 921 } 922 923 /* usage - explain */ 924 925 static NORETURN usage(char *myname) 926 { 927 msg_fatal("usage: %s [-bfFhimnNoprsuUvw] [-c config_dir] [-d key] [-q key] [map_type:]file...", 928 myname); 929 } 930 931 MAIL_VERSION_STAMP_DECLARE; 932 933 int main(int argc, char **argv) 934 { 935 char *path_name; 936 int ch; 937 int fd; 938 char *slash; 939 struct stat st; 940 int postmap_flags = POSTMAP_FLAG_AS_OWNER | POSTMAP_FLAG_SAVE_PERM; 941 int open_flags = O_RDWR | O_CREAT | O_TRUNC; 942 int dict_flags = (DICT_FLAG_DUP_WARN | DICT_FLAG_FOLD_FIX 943 | DICT_FLAG_UTF8_REQUEST); 944 char *query = 0; 945 char *delkey = 0; 946 int sequence = 0; 947 int found; 948 int force_utf8 = 0; 949 ARGV *import_env; 950 951 /* 952 * Fingerprint executables and core dumps. 953 */ 954 MAIL_VERSION_STAMP_ALLOCATE; 955 956 /* 957 * Be consistent with file permissions. 958 */ 959 umask(022); 960 961 /* 962 * To minimize confusion, make sure that the standard file descriptors 963 * are open before opening anything else. XXX Work around for 44BSD where 964 * fstat can return EBADF on an open file descriptor. 965 */ 966 for (fd = 0; fd < 3; fd++) 967 if (fstat(fd, &st) == -1 968 && (close(fd), open("/dev/null", O_RDWR, 0)) != fd) 969 msg_fatal("open /dev/null: %m"); 970 971 /* 972 * Process environment options as early as we can. We are not set-uid, 973 * and we are supposed to be running in a controlled environment. 974 */ 975 if (getenv(CONF_ENV_VERB)) 976 msg_verbose = 1; 977 978 /* 979 * Initialize. Set up logging. Read the global configuration file after 980 * parsing command-line arguments. 981 */ 982 if ((slash = strrchr(argv[0], '/')) != 0 && slash[1]) 983 argv[0] = slash + 1; 984 msg_vstream_init(argv[0], VSTREAM_ERR); 985 maillog_client_init(mail_task(argv[0]), MAILLOG_CLIENT_FLAG_NONE); 986 987 /* 988 * Check the Postfix library version as soon as we enable logging. 989 */ 990 MAIL_VERSION_CHECK; 991 992 /* 993 * Parse JCL. 994 */ 995 while ((ch = GETOPT(argc, argv, "bc:d:fFhimnNopq:rsuUvw")) > 0) { 996 switch (ch) { 997 default: 998 usage(argv[0]); 999 break; 1000 case 'N': 1001 dict_flags |= DICT_FLAG_TRY1NULL; 1002 dict_flags &= ~DICT_FLAG_TRY0NULL; 1003 break; 1004 case 'b': 1005 postmap_flags |= POSTMAP_FLAG_BODY_KEY; 1006 break; 1007 case 'c': 1008 if (setenv(CONF_ENV_PATH, optarg, 1) < 0) 1009 msg_fatal("out of memory"); 1010 break; 1011 case 'd': 1012 if (sequence || query || delkey) 1013 msg_fatal("specify only one of -s -q or -d"); 1014 delkey = optarg; 1015 break; 1016 case 'f': 1017 dict_flags &= ~DICT_FLAG_FOLD_FIX; 1018 break; 1019 case 'F': 1020 dict_flags |= DICT_FLAG_SRC_RHS_IS_FILE; 1021 break; 1022 case 'h': 1023 postmap_flags |= POSTMAP_FLAG_HEADER_KEY; 1024 break; 1025 case 'i': 1026 open_flags &= ~O_TRUNC; 1027 break; 1028 case 'm': 1029 postmap_flags |= POSTMAP_FLAG_MIME_KEY; 1030 break; 1031 case 'n': 1032 dict_flags |= DICT_FLAG_TRY0NULL; 1033 dict_flags &= ~DICT_FLAG_TRY1NULL; 1034 break; 1035 case 'o': 1036 postmap_flags &= ~POSTMAP_FLAG_AS_OWNER; 1037 break; 1038 case 'p': 1039 postmap_flags &= ~POSTMAP_FLAG_SAVE_PERM; 1040 break; 1041 case 'q': 1042 if (sequence || query || delkey) 1043 msg_fatal("specify only one of -s -q or -d"); 1044 query = optarg; 1045 break; 1046 case 'r': 1047 dict_flags &= ~(DICT_FLAG_DUP_WARN | DICT_FLAG_DUP_IGNORE); 1048 dict_flags |= DICT_FLAG_DUP_REPLACE; 1049 break; 1050 case 's': 1051 if (query || delkey) 1052 msg_fatal("specify only one of -s or -q or -d"); 1053 sequence = 1; 1054 break; 1055 case 'u': 1056 dict_flags &= ~DICT_FLAG_UTF8_REQUEST; 1057 break; 1058 case 'U': 1059 force_utf8 = 1; 1060 break; 1061 case 'v': 1062 msg_verbose++; 1063 break; 1064 case 'w': 1065 dict_flags &= ~(DICT_FLAG_DUP_WARN | DICT_FLAG_DUP_REPLACE); 1066 dict_flags |= DICT_FLAG_DUP_IGNORE; 1067 break; 1068 } 1069 } 1070 mail_conf_read(); 1071 /* Enforce consistent operation of different Postfix parts. */ 1072 import_env = mail_parm_split(VAR_IMPORT_ENVIRON, var_import_environ); 1073 update_env(import_env->argv); 1074 argv_free(import_env); 1075 /* Re-evaluate mail_task() after reading main.cf. */ 1076 maillog_client_init(mail_task(argv[0]), MAILLOG_CLIENT_FLAG_NONE); 1077 mail_dict_init(); 1078 if ((query == 0 || strcmp(query, "-") != 0) 1079 && (postmap_flags & POSTMAP_FLAG_ANY_KEY)) 1080 msg_fatal("specify -b -h or -m only with \"-q -\""); 1081 if ((postmap_flags & POSTMAP_FLAG_ANY_KEY) != 0 1082 && (postmap_flags & POSTMAP_FLAG_ANY_KEY) 1083 == (postmap_flags & POSTMAP_FLAG_MIME_KEY)) 1084 msg_warn("ignoring -m option without -b or -h"); 1085 if ((postmap_flags & (POSTMAP_FLAG_ANY_KEY & ~POSTMAP_FLAG_MIME_KEY)) 1086 && force_utf8 == 0) 1087 dict_flags &= ~DICT_FLAG_UTF8_MASK; 1088 1089 /* 1090 * Use the map type specified by the user, or fall back to a default 1091 * database type. 1092 */ 1093 if (delkey) { /* remove entry */ 1094 if (optind + 1 > argc) 1095 usage(argv[0]); 1096 if (strcmp(delkey, "-") == 0) 1097 exit(postmap_deletes(VSTREAM_IN, argv + optind, argc - optind, 1098 dict_flags | DICT_FLAG_LOCK) == 0); 1099 found = 0; 1100 while (optind < argc) { 1101 if ((path_name = split_at(argv[optind], ':')) != 0) { 1102 found |= postmap_delete(argv[optind], path_name, delkey, 1103 dict_flags | DICT_FLAG_LOCK); 1104 } else { 1105 found |= postmap_delete(var_db_type, argv[optind], delkey, 1106 dict_flags | DICT_FLAG_LOCK); 1107 } 1108 optind++; 1109 } 1110 exit(found ? 0 : 1); 1111 } else if (query) { /* query map(s) */ 1112 if (optind + 1 > argc) 1113 usage(argv[0]); 1114 if (strcmp(query, "-") == 0) 1115 exit(postmap_queries(VSTREAM_IN, argv + optind, argc - optind, 1116 postmap_flags, dict_flags | DICT_FLAG_LOCK) == 0); 1117 while (optind < argc) { 1118 if ((path_name = split_at(argv[optind], ':')) != 0) { 1119 found = postmap_query(argv[optind], path_name, query, 1120 dict_flags | DICT_FLAG_LOCK); 1121 } else { 1122 found = postmap_query(var_db_type, argv[optind], query, 1123 dict_flags | DICT_FLAG_LOCK); 1124 } 1125 if (found) 1126 exit(0); 1127 optind++; 1128 } 1129 exit(1); 1130 } else if (sequence) { 1131 while (optind < argc) { 1132 if ((path_name = split_at(argv[optind], ':')) != 0) { 1133 postmap_seq(argv[optind], path_name, 1134 dict_flags | DICT_FLAG_LOCK); 1135 } else { 1136 postmap_seq(var_db_type, argv[optind], 1137 dict_flags | DICT_FLAG_LOCK); 1138 } 1139 exit(0); 1140 } 1141 exit(1); 1142 } else { /* create/update map(s) */ 1143 if (optind + 1 > argc) 1144 usage(argv[0]); 1145 while (optind < argc) { 1146 if ((path_name = split_at(argv[optind], ':')) != 0) { 1147 postmap(argv[optind], path_name, postmap_flags, 1148 open_flags, dict_flags); 1149 } else { 1150 postmap(var_db_type, argv[optind], postmap_flags, 1151 open_flags, dict_flags); 1152 } 1153 optind++; 1154 } 1155 exit(0); 1156 } 1157 } 1158