void rewrite_tree(RWR_CONTEXT *context, TOK822 *tree) { TOK822 *colon; TOK822 *domain; TOK822 *bang; TOK822 *local; VSTRING *vstringval; /* * XXX If you change this module, quote_822_local.c, or tok822_parse.c, * be sure to re-run the tests under "make rewrite_clnt_test" and "make * resolve_clnt_test" in the global directory. */ /* * Sanity check. */ if (tree->head == 0) msg_panic("rewrite_tree: empty tree"); /* * An empty address is a special case. */ if (tree->head == tree->tail && tree->tail->type == TOK822_QSTRING && VSTRING_LEN(tree->tail->vstr) == 0) return; /* * Treat a lone @ as if it were an empty address. */ if (tree->head == tree->tail && tree->tail->type == '@') { tok822_free_tree(tok822_sub_keep_before(tree, tree->tail)); tok822_sub_append(tree, tok822_alloc(TOK822_QSTRING, "")); return; } /* * Strip source route. */ if (tree->head->type == '@' && (colon = tok822_find_type(tree->head, ':')) != 0 && colon != tree->tail) tok822_free_tree(tok822_sub_keep_after(tree, colon)); /* * Optionally, transform address forms without @. */ if ((domain = tok822_rfind_type(tree->tail, '@')) == 0) { /* * Swap domain!user to user@domain. */ if (var_swap_bangpath != 0 && (bang = tok822_find_type(tree->head, '!')) != 0) { tok822_sub_keep_before(tree, bang); local = tok822_cut_after(bang); tok822_free(bang); tok822_sub_prepend(tree, tok822_alloc('@', (char *) 0)); if (local) tok822_sub_prepend(tree, local); } /* * Promote user%domain to user@domain. */ else if (var_percent_hack != 0 && (domain = tok822_rfind_type(tree->tail, '%')) != 0) { domain->type = '@'; } /* * Append missing @origin */ else if (var_append_at_myorigin != 0 && REW_PARAM_VALUE(context->origin) != 0 && REW_PARAM_VALUE(context->origin)[0] != 0) { domain = tok822_sub_append(tree, tok822_alloc('@', (char *) 0)); tok822_sub_append(tree, tok822_scan(REW_PARAM_VALUE(context->origin), (TOK822 **) 0)); } } /* * Append missing .domain, but leave broken forms ending in @ alone. This * merely makes diagnostics more accurate by leaving bogus addresses * alone. * * Backwards-compatibility warning: warn for "user@localhost" when there is * no "localhost" in mydestination or in any other address class with an * explicit domain list. */ if (var_append_dot_mydomain != 0 && REW_PARAM_VALUE(context->domain) != 0 && REW_PARAM_VALUE(context->domain)[0] != 0 && (domain = tok822_rfind_type(tree->tail, '@')) != 0 && domain != tree->tail && tok822_find_type(domain, TOK822_DOMLIT) == 0 && tok822_find_type(domain, '.') == 0) { if (warn_compat_break_app_dot_mydomain && (vstringval = domain->next->vstr) != 0) { if (strcasecmp(vstring_str(vstringval), "localhost") != 0) { msg_info("using backwards-compatible default setting " VAR_APP_DOT_MYDOMAIN "=yes to rewrite \"%s\" to " "\"%s.%s\"", vstring_str(vstringval), vstring_str(vstringval), var_mydomain); } else if (resolve_class("localhost") == RESOLVE_CLASS_DEFAULT) { msg_info("using backwards-compatible default setting " VAR_APP_DOT_MYDOMAIN "=yes to rewrite \"%s\" to " "\"%s.%s\"; please add \"localhost\" to " "mydestination or other address class", vstring_str(vstringval), vstring_str(vstringval), var_mydomain); } } tok822_sub_append(tree, tok822_alloc('.', (char *) 0)); tok822_sub_append(tree, tok822_scan(REW_PARAM_VALUE(context->domain), (TOK822 **) 0)); } /* * Strip trailing dot at end of domain, but not dot-dot or @-dot. This * merely makes diagnostics more accurate by leaving bogus addresses * alone. */ if (tree->tail->type == '.' && tree->tail->prev && tree->tail->prev->type != '.' && tree->tail->prev->type != '@') tok822_free_tree(tok822_sub_keep_before(tree, tree->tail)); }
static void postalias(char *map_type, char *path_name, int postalias_flags, int open_flags, int dict_flags) { VSTREAM *NOCLOBBER source_fp; VSTRING *line_buffer; MKMAP *mkmap; int lineno; int last_line; VSTRING *key_buffer; VSTRING *value_buffer; TOK822 *tok_list; TOK822 *key_list; TOK822 *colon; TOK822 *value_list; struct stat st; mode_t saved_mask; /* * Initialize. */ line_buffer = vstring_alloc(100); key_buffer = vstring_alloc(100); value_buffer = vstring_alloc(100); if ((open_flags & O_TRUNC) == 0) { /* Incremental mode. */ source_fp = VSTREAM_IN; vstream_control(source_fp, CA_VSTREAM_CTL_PATH("stdin"), CA_VSTREAM_CTL_END); } else { /* Create database. */ if (strcmp(map_type, DICT_TYPE_PROXY) == 0) msg_fatal("can't create maps via the proxy service"); dict_flags |= DICT_FLAG_BULK_UPDATE; if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0) msg_fatal("open %s: %m", path_name); } if (fstat(vstream_fileno(source_fp), &st) < 0) msg_fatal("fstat %s: %m", path_name); /* * Turn off group/other read permissions as indicated in the source file. */ if ((postalias_flags & POSTALIAS_FLAG_SAVE_PERM) && S_ISREG(st.st_mode)) saved_mask = umask(022 | (~st.st_mode & 077)); /* * If running as root, run as the owner of the source file, so that the * result shows proper ownership, and so that a bug in postalias does not * allow privilege escalation. */ if ((postalias_flags & POSTALIAS_FLAG_AS_OWNER) && getuid() == 0 && (st.st_uid != geteuid() || st.st_gid != getegid())) set_eugid(st.st_uid, st.st_gid); /* * Open the database, create it when it does not exist, truncate it when * it does exist, and lock out any spectators. */ mkmap = mkmap_open(map_type, path_name, open_flags, dict_flags); /* * And restore the umask, in case it matters. */ if ((postalias_flags & POSTALIAS_FLAG_SAVE_PERM) && S_ISREG(st.st_mode)) umask(saved_mask); /* * Trap "exceptions" so that we can restart a bulk-mode update after a * recoverable error. */ for (;;) { if (dict_isjmp(mkmap->dict) != 0 && dict_setjmp(mkmap->dict) != 0 && vstream_fseek(source_fp, SEEK_SET, 0) < 0) msg_fatal("seek %s: %m", VSTREAM_PATH(source_fp)); /* * Add records to the database. */ last_line = 0; while (readllines(line_buffer, source_fp, &last_line, &lineno)) { /* * First some UTF-8 checks sans casefolding. */ if ((mkmap->dict->flags & DICT_FLAG_UTF8_ACTIVE) && !allascii(STR(line_buffer)) && !valid_utf8_string(STR(line_buffer), LEN(line_buffer))) { msg_warn("%s, line %d: non-UTF-8 input \"%s\"" " -- ignoring this line", VSTREAM_PATH(source_fp), lineno, STR(line_buffer)); continue; } /* * Tokenize the input, so that we do the right thing when a * quoted localpart contains special characters such as "@", ":" * and so on. */ if ((tok_list = tok822_scan(STR(line_buffer), (TOK822 **) 0)) == 0) continue; /* * Enforce the key:value format. Disallow missing keys, * multi-address keys, or missing values. In order to specify an * empty string or value, enclose it in double quotes. */ if ((colon = tok822_find_type(tok_list, ':')) == 0 || colon->prev == 0 || colon->next == 0 || tok822_rfind_type(colon, ',')) { msg_warn("%s, line %d: need name:value pair", VSTREAM_PATH(source_fp), lineno); tok822_free_tree(tok_list); continue; } /* * Key must be local. XXX We should use the Postfix rewriting and * resolving services to handle all address forms correctly. * However, we can't count on the mail system being up when the * alias database is being built, so we're guessing a bit. */ if (tok822_rfind_type(colon, '@') || tok822_rfind_type(colon, '%')) { msg_warn("%s, line %d: name must be local", VSTREAM_PATH(source_fp), lineno); tok822_free_tree(tok_list); continue; } /* * Split the input into key and value parts, and convert from * token representation back to string representation. Convert * the key to internal (unquoted) form, because the resolver * produces addresses in internal form. Convert the value to * external (quoted) form, because it will have to be re-parsed * upon lookup. Discard the token representation when done. */ key_list = tok_list; tok_list = 0; value_list = tok822_cut_after(colon); tok822_unlink(colon); tok822_free(colon); tok822_internalize(key_buffer, key_list, TOK822_STR_DEFL); tok822_free_tree(key_list); tok822_externalize(value_buffer, value_list, TOK822_STR_DEFL); tok822_free_tree(value_list); /* * Store the value under a case-insensitive key. */ mkmap_append(mkmap, STR(key_buffer), STR(value_buffer)); if (mkmap->dict->error) msg_fatal("table %s:%s: write error: %m", mkmap->dict->type, mkmap->dict->name); } break; } /* * Update or append sendmail and NIS signatures. */ if ((open_flags & O_TRUNC) == 0) mkmap->dict->flags |= DICT_FLAG_DUP_REPLACE; /* * Sendmail compatibility: add the @:@ signature to indicate that the * database is complete. This might be needed by NIS clients running * sendmail. */ mkmap_append(mkmap, "@", "@"); if (mkmap->dict->error) msg_fatal("table %s:%s: write error: %m", mkmap->dict->type, mkmap->dict->name); /* * NIS compatibility: add time and master info. Unlike other information, * this information MUST be written without a trailing null appended to * key or value. */ mkmap->dict->flags &= ~DICT_FLAG_TRY1NULL; mkmap->dict->flags |= DICT_FLAG_TRY0NULL; vstring_sprintf(value_buffer, "%010ld", (long) time((time_t *) 0)); #if (defined(HAS_NIS) || defined(HAS_NISPLUS)) mkmap->dict->flags &= ~DICT_FLAG_FOLD_FIX; mkmap_append(mkmap, "YP_LAST_MODIFIED", STR(value_buffer)); mkmap_append(mkmap, "YP_MASTER_NAME", var_myhostname); #endif /* * Close the alias database, and release the lock. */ mkmap_close(mkmap); /* * Cleanup. We're about to terminate, but it is a good sanity check. */ vstring_free(value_buffer); vstring_free(key_buffer); vstring_free(line_buffer); if (source_fp != VSTREAM_IN) vstream_fclose(source_fp); }