int
testdb_find(void *handle, uschar *filename, uschar *query, int length,
uschar **result, uschar **errmsg, BOOL *do_cache)
{
handle = handle; /* Keep picky compilers happy */
filename = filename;
length = length;
if (Ustrcmp(query, "fail") == 0)
{
*errmsg = US"testdb lookup forced FAIL";
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return FAIL;
}
if (Ustrcmp(query, "defer") == 0)
{
*errmsg = US"testdb lookup forced DEFER";
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return DEFER;
}
if (Ustrcmp(query, "nocache") == 0) *do_cache = FALSE;
*result = string_copy(query);
return OK;
}
uschar *
read_paragraph(uschar *p, int *nest_info)
{
uschar *q = parabuffer;
int length = Ustrlen(p);
memcpy(q, p, length);
q += length;
*nest_info = NEST_NO; /* Not hit .nest */
for (;;)
{
uschar *s;
if ((p = read_nextline()) == NULL) break;
if (Ustrncmp(p, ".literal ", 9) == 0)
{
next_line = p;
break;
}
if (Ustrncmp(p, ".nest ", 6) == 0)
{
p += 6;
while (isspace(*p)) p++;
s = p + Ustrlen(p);
while (s > p && isspace(s[-1])) s--;
*s = 0;
if (Ustrcmp(p, "begin") == 0) *nest_info = NEST_BEGIN;
else if (Ustrcmp(p, "end") == 0) *nest_info = NEST_END;
else error(26, p);
break;
}
else if (*p == '.')
{
dot_process(p);
continue;
}
/* End paragraph on encountering a completely blank line */
for (s = p; *s == ' ' || *s == '\t'; s++);
if (*s == '\n') break;
length = Ustrlen(p);
memcpy(q, p, length);
q += length;
}
*q = 0;
return parabuffer;
}
static int
check_args(int argc, uschar **argv, uschar *name, uschar *options)
{
if (argc == 3)
{
if (Ustrcmp(argv[2], "retry") == 0) return type_retry;
if (Ustrcmp(argv[2], "misc") == 0) return type_misc;
if (Ustrncmp(argv[2], "wait-", 5) == 0) return type_wait;
if (Ustrcmp(argv[2], "callout") == 0) return type_callout;
if (Ustrcmp(argv[2], "ratelimit") == 0) return type_ratelimit;
}
usage(name, options);
return -1; /* Never obeyed */
}
void open_temporary_file(char *editname, char *filename, int disp, int linenum)
{
EDITINFO *edata;
int i;
Char *newname;
newname=concat(LocaletoUstr(editname),0);
i=0;
while (aig(edata = (EDITINFO*) next_data_with_type(MAINEDITWINDOW, &i)) &&
Ustrcmp(edata->pathname,newname))
i++;
if (!edata) {
as_icon=1;
edit_open();
as_icon=0;
if (state_window) edata = state_window;
}
handle_view_filename((void *) edata, concat(LocaletoUstr(filename),NULL));
editwindow_line(edata->info, linenum-1);
set_name(edata,newname);
if (edata->iconized) {
XMapWindow(display, edata->win_id);
}
if (disp) XRaiseWindow(display, edata->win_id);
}
static EDITINFO *message_window(Char *messagetitle)
{
int i=0;
EDITINFO *edata;
if (!messagetitle) return NULL;
while (aig(edata = (EDITINFO*) next_data_with_type(MAINEDITWINDOW, &i)) &&
Ustrcmp(edata->pathname,messagetitle)) {
i++;
}
if (!edata) {
int old_icon=as_icon;
as_icon=MP_True;
edit_open();
as_icon=old_icon;
if (state_window) {
edata=state_window;
edata->view_mode=MP_True;
set_name(edata, concat(messagetitle,NULL));
}
}
if (edata && edata->iconized && 0) {
XMapWindow(display, edata->win_id);
XFlush(display);
}
return edata;
}
static queue_filename *
merge_queue_lists(queue_filename *a, queue_filename *b)
{
queue_filename *first = NULL;
queue_filename **append = &first;
while (a != NULL && b != NULL)
{
if (Ustrcmp(a->text, b->text) < 0)
{
*append = a;
append= &a->next;
a = a->next;
}
else
{
*append = b;
append= &b->next;
b = b->next;
}
}
*append=((a != NULL)? a : b);
return first;
}
static pcre_list *
compile(const uschar * list)
{
int sep = 0;
uschar *regex_string;
const char *pcre_error;
int pcre_erroffset;
pcre_list *re_list_head = NULL;
pcre_list *ri;
/* precompile our regexes */
while ((regex_string = string_nextinlist(&list, &sep, NULL, 0)))
if (strcmpic(regex_string, US"false") != 0 && Ustrcmp(regex_string, "0") != 0)
{
pcre *re;
/* compile our regular expression */
if (!(re = pcre_compile( CS regex_string,
0, &pcre_error, &pcre_erroffset, NULL )))
{
log_write(0, LOG_MAIN,
"regex acl condition warning - error in regex '%s': %s at offset %d, skipped.",
regex_string, pcre_error, pcre_erroffset);
continue;
}
ri = store_get(sizeof(pcre_list));
ri->re = re;
ri->pcre_text = regex_string;
ri->next = re_list_head;
re_list_head = ri;
}
return re_list_head;
}
/* header to be able to add this function to a menu */
void open_helpfile(void *data, int nr __attribute__((unused)))
{
Char *c = (Char*) data;
int i=0,hpos=0;
Char *f;
Char *name;
Char *fullname;
EDITINFO *edata;
if (!c || !(f = (Char*) malloc(sizeof(Char)*(Ustrlen(c)+1)))) return;
for (i=0; (f[i]=c[i]) ; i++)
if (c[i]=='#') if (!i) hpos=-1; else if (hpos) hpos=0; else hpos=i;
if (hpos>0) {
name = c+hpos+1;
f[hpos]='\0';
} else name = c+i;
f = standard_dir(f);
fullname = search_through_dirs(help_dirs, nr_help_dirs, f);
if (!fullname && f[0]=='/')
fullname=f;
else
free(f);
if (!fullname) {
message(MP_ERROR, translate("Help document not found."));
return;
}
i=0;
while (aig(edata = (EDITINFO*) next_data_with_type(MAINEDITWINDOW, &i)) &&
Ustrcmp(edata->pathname,fullname))
i++;
if (!edata) {
as_icon=1;
edit_open();
as_icon=0;
if (state_window) {
edata = state_window;
handle_view_filename((void *) state_window, concat(fullname,NULL));
word_wrap_window(edata->info);
}
}
if (!edata) {
message2(MP_CLICKREMARK, translate("Unable to open an edit window for document "),
name);
return;
}
if (name[0]) {
int j=Ustrlen(name)+1;
Char *cname = (Char*) malloc(j*sizeof(Char));
if (cname) {
for (i=j-1;i>=0; i--) cname[i]=name[i];
editwindow_topto(edata->info, cname);
free(cname);
}
}
if (edata->iconized) {
XMapWindow(display, edata->win_id);
}
XRaiseWindow(display, edata->win_id);
}
int
spf_process(const uschar **listptr, uschar *spf_envelope_sender, int action)
{
int sep = 0;
const uschar *list = *listptr;
uschar *spf_result_id;
int rc = SPF_RESULT_PERMERROR;
if (!(spf_server && spf_request))
/* no global context, assume temp error and skip to evaluation */
rc = SPF_RESULT_PERMERROR;
else if (SPF_request_set_env_from(spf_request, CS spf_envelope_sender))
/* Invalid sender address. This should be a real rare occurrence */
rc = SPF_RESULT_PERMERROR;
else
{
/* get SPF result */
if (action == SPF_PROCESS_FALLBACK)
{
SPF_request_query_fallback(spf_request, &spf_response, CS spf_guess);
spf_result_guessed = TRUE;
}
else
SPF_request_query_mailfrom(spf_request, &spf_response);
/* set up expansion items */
spf_header_comment = US SPF_response_get_header_comment(spf_response);
spf_received = US SPF_response_get_received_spf(spf_response);
spf_result = US SPF_strresult(SPF_response_result(spf_response));
spf_smtp_comment = US SPF_response_get_smtp_comment(spf_response);
rc = SPF_response_result(spf_response);
}
/* We got a result. Now see if we should return OK or FAIL for it */
DEBUG(D_acl) debug_printf("SPF result is %s (%d)\n", SPF_strresult(rc), rc);
if (action == SPF_PROCESS_GUESS && (!strcmp (SPF_strresult(rc), "none")))
return spf_process(listptr, spf_envelope_sender, SPF_PROCESS_FALLBACK);
while ((spf_result_id = string_nextinlist(&list, &sep, NULL, 0)))
{
BOOL negate, result;
if ((negate = spf_result_id[0] == '!'))
spf_result_id++;
result = Ustrcmp(spf_result_id, spf_result_id_list[rc].name) == 0;
if (negate != result) return OK;
}
/* no match */
return FAIL;
}
tree_node *
tree_search(tree_node *p, uschar *name)
{
while (p != NULL)
{
int c = Ustrcmp(name, p->name);
if (c == 0) return p;
p = (c < 0)? p->left : p->right;
}
return NULL;
}
void
manualroute_router_init(router_instance *rblock)
{
manualroute_router_options_block *ob =
(manualroute_router_options_block *)(rblock->options_block);
int i;
/* Host_find_failed must be a recognized word */
for (i = 0; i < hff_count; i++)
{
if (Ustrcmp(ob->host_find_failed, hff_names[i]) == 0)
{
ob->hff_code = hff_codes[i];
break;
}
}
if (ob->hff_code < 0)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
"unrecognized setting for host_find_failed option", rblock->name);
for (i = 1; i < hff_count; i++) /* NB starts at 1 to skip "ignore" */
{
if (Ustrcmp(ob->host_all_ignored, hff_names[i]) == 0)
{
ob->hai_code = hff_codes[i];
break;
}
}
if (ob->hai_code < 0)
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
"unrecognized setting for host_all_ignored option", rblock->name);
/* One of route_list or route_data must be specified */
if ((ob->route_list == NULL && ob->route_data == NULL) ||
(ob->route_list != NULL && ob->route_data != NULL))
log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
"route_list or route_data (but not both) must be specified",
rblock->name);
}
static uschar *
time_copy(time_t t, uschar * mod)
{
uschar * cp;
struct tm * tp;
size_t len;
if (mod && Ustrcmp(mod, "int") == 0)
return string_sprintf("%u", (unsigned)t);
cp = store_get(32);
tp = gmtime(&t);
len = strftime(CS cp, 32, "%b %e %T %Y %Z", tp);
return len > 0 ? cp : NULL;
}
BOOL
rf_get_transport(uschar *tpname, transport_instance **tpptr, address_item *addr,
uschar *router_name, uschar *require_name)
{
uschar *ss;
BOOL expandable;
transport_instance *tp;
if (tpname == NULL)
{
if (require_name == NULL) return TRUE;
addr->basic_errno = ERRNO_BADTRANSPORT;
addr->message = string_sprintf("%s unset in %s router", require_name,
router_name);
return FALSE;
}
expandable = Ustrchr(tpname, '$') != NULL;
if (*tpptr != NULL && !expandable) return TRUE;
if (expandable)
{
ss = expand_string(tpname);
if (ss == NULL)
{
addr->basic_errno = ERRNO_BADTRANSPORT;
addr->message = string_sprintf("failed to expand transport "
"\"%s\" in %s router: %s", tpname, router_name, expand_string_message);
return FALSE;
}
}
else ss = tpname;
for (tp = transports; tp != NULL; tp = tp->next)
{
if (Ustrcmp(tp->name, ss) == 0)
{
DEBUG(D_route) debug_printf("set transport %s\n", ss);
*tpptr = tp;
return TRUE;
}
}
addr->basic_errno = ERRNO_BADTRANSPORT;
addr->message = string_sprintf("transport \"%s\" not found in %s router", ss,
router_name);
return FALSE;
}
void edit_signal_to_proces(int signl, Char *shname)
{
EDITINFO *edata;
int i=0;
while (aig(edata = (EDITINFO*) next_data_with_type(MAINEDITWINDOW,&i)) &&
Ustrcmp(edata->pathname,shname)) i++;
if (!edata) {
message2(MP_ERROR, shname, translate(" is not running."));
return;
}
if (!edata->pid) {
message2(MP_ERROR, translate("Unable to send signals to "),shname);
return;
}
kill(edata->pid, signl);
}
int
auth_get_no64_data(uschar **aptr, uschar *challenge)
{
int c;
int p = 0;
smtp_printf("334 %s\r\n", challenge);
while ((c = receive_getc()) != '\n' && c != EOF)
{
if (p >= big_buffer_size - 1) return BAD64;
big_buffer[p++] = c;
}
if (p > 0 && big_buffer[p-1] == '\r') p--;
big_buffer[p] = 0;
if (Ustrcmp(big_buffer, "*") == 0) return CANCELLED;
*aptr = big_buffer;
return OK;
}
int
auth_get_data(uschar **aptr, uschar *challenge, int challen)
{
int c;
int p = 0;
smtp_printf("334 %s\r\n", b64encode(challenge, challen));
while ((c = receive_getc()) != '\n' && c != EOF)
{
if (p >= big_buffer_size - 1) return BAD64;
big_buffer[p++] = c;
}
if (p > 0 && big_buffer[p-1] == '\r') p--;
big_buffer[p] = 0;
DEBUG(D_receive) debug_printf("SMTP<< %s\n", big_buffer);
if (Ustrcmp(big_buffer, "*") == 0) return CANCELLED;
*aptr = big_buffer;
return OK;
}
static int check_name(EDITINFO *einf, Char *name)
{
int i=0,found=0;
EDITINFO *tinf;
if (!einf || !name) return 0;
do {
tinf=(EDITINFO*) next_data_with_type(MAINEDITWINDOW, &i);
found = (tinf && tinf!=einf && !tinf->view_mode &&
!Ustrcmp(name, tinf->pathname));
i++;
} while (!found && tinf);
if (found) {
if (tinf->iconized)
XMapWindow(display, tinf->win_id);
XRaiseWindow(display, tinf->win_id);
}
return found;
}
static uschar *
time_copy(time_t t, uschar * mod)
{
uschar * cp;
size_t len = 32;
if (mod && Ustrcmp(mod, "int") == 0)
return string_sprintf("%u", (unsigned)t);
cp = store_get(len);
if (timestamps_utc)
{
uschar * tz = to_tz(US"GMT0");
len = strftime(CS cp, len, "%b %e %T %Y %Z", gmtime(&t));
restore_tz(tz);
}
else
len = strftime(CS cp, len, "%b %e %T %Y %Z", localtime(&t));
return len > 0 ? cp : NULL;
}
/* only valid after lookup_list and lookup_list_count are assigned */
static void add_lookup_to_list(lookup_info *info)
{
/* need to add the lookup to lookup_list, sorted */
int pos = 0;
/* strategy is to go through the list until we find
* either an empty spot or a name that is higher.
* this can't fail because we have enough space. */
while (lookup_list[pos]
&& (Ustrcmp(lookup_list[pos]->name, info->name) <= 0)) {
pos++;
}
if (lookup_list[pos]) {
/* need to insert it, so move all the other items up
* (last slot is still empty, of course) */
memmove(&lookup_list[pos+1],
&lookup_list[pos],
sizeof(lookup_info **) * (lookup_list_count-pos-1));
}
lookup_list[pos] = info;
}
int
manualroute_router_entry(
router_instance *rblock, /* data for this instantiation */
address_item *addr, /* address we are working on */
struct passwd *pw, /* passwd entry after check_local_user */
int verify, /* v_none/v_recipient/v_sender/v_expn */
address_item **addr_local, /* add it to this if it's local */
address_item **addr_remote, /* add it to this if it's remote */
address_item **addr_new, /* put new addresses on here */
address_item **addr_succeed) /* put old address here on success */
{
int rc, lookup_type;
uschar *route_item = NULL;
const uschar *options = NULL;
const uschar *hostlist = NULL;
const uschar *domain;
uschar *newhostlist;
const uschar *listptr;
manualroute_router_options_block *ob =
(manualroute_router_options_block *)(rblock->options_block);
transport_instance *transport = NULL;
BOOL individual_transport_set = FALSE;
BOOL randomize = ob->hosts_randomize;
addr_new = addr_new; /* Keep picky compilers happy */
addr_succeed = addr_succeed;
DEBUG(D_route) debug_printf("%s router called for %s\n domain = %s\n",
rblock->name, addr->address, addr->domain);
/* The initialization check ensures that either route_list or route_data is
set. */
if (ob->route_list != NULL)
{
int sep = -(';'); /* Default is semicolon */
listptr = ob->route_list;
while ((route_item = string_nextinlist(&listptr, &sep, NULL, 0)) != NULL)
{
int rc;
DEBUG(D_route) debug_printf("route_item = %s\n", route_item);
if (!parse_route_item(route_item, &domain, &hostlist, &options))
continue; /* Ignore blank items */
/* Check the current domain; if it matches, break the loop */
if ((rc = match_isinlist(addr->domain, &domain, UCHAR_MAX+1,
&domainlist_anchor, NULL, MCL_DOMAIN, TRUE, CUSS &lookup_value)) == OK)
break;
/* If there was a problem doing the check, defer */
if (rc == DEFER)
{
addr->message = US"lookup defer in route_list";
return DEFER;
}
}
if (route_item == NULL) return DECLINE; /* No pattern in the list matched */
}
/* Handle a single routing item in route_data. If it expands to an empty
string, decline. */
else
{
route_item = rf_expand_data(addr, ob->route_data, &rc);
if (route_item == NULL) return rc;
(void) parse_route_item(route_item, NULL, &hostlist, &options);
if (hostlist[0] == 0) return DECLINE;
}
/* Expand the hostlist item. It may then pointing to an empty string, or to a
single host or a list of hosts; options is pointing to the rest of the
routelist item, which is either empty or contains various option words. */
DEBUG(D_route) debug_printf("original list of hosts = \"%s\" options = %s\n",
hostlist, options);
newhostlist = expand_string_copy(hostlist);
lookup_value = NULL; /* Finished with */
expand_nmax = -1;
/* If the expansion was forced to fail, just decline. Otherwise there is a
configuration problem. */
if (newhostlist == NULL)
{
if (expand_string_forcedfail) return DECLINE;
addr->message = string_sprintf("%s router: failed to expand \"%s\": %s",
rblock->name, hostlist, expand_string_message);
return DEFER;
}
else hostlist = newhostlist;
DEBUG(D_route) debug_printf("expanded list of hosts = \"%s\" options = %s\n",
hostlist, options);
/* Set default lookup type and scan the options */
lookup_type = lk_default;
while (*options != 0)
{
unsigned n;
const uschar *s = options;
while (*options != 0 && !isspace(*options)) options++;
n = options-s;
if (Ustrncmp(s, "randomize", n) == 0) randomize = TRUE;
else if (Ustrncmp(s, "no_randomize", n) == 0) randomize = FALSE;
else if (Ustrncmp(s, "byname", n) == 0) lookup_type = lk_byname;
else if (Ustrncmp(s, "bydns", n) == 0) lookup_type = lk_bydns;
else
{
transport_instance *t;
for (t = transports; t != NULL; t = t->next)
if (Ustrcmp(t->name, s) == 0)
{
transport = t;
individual_transport_set = TRUE;
break;
}
if (t == NULL)
{
s = string_sprintf("unknown routing option or transport name \"%s\"", s);
log_write(0, LOG_MAIN, "Error in %s router: %s", rblock->name, s);
addr->message = string_sprintf("error in router: %s", s);
return DEFER;
}
}
if (*options)
{
options++;
while (*options != 0 && isspace(*options)) options++;
}
}
/* Set up the errors address, if any. */
rc = rf_get_errors_address(addr, rblock, verify, &addr->prop.errors_address);
if (rc != OK) return rc;
/* Set up the additional and removeable headers for this address. */
rc = rf_get_munge_headers(addr, rblock, &addr->prop.extra_headers,
&addr->prop.remove_headers);
if (rc != OK) return rc;
/* If an individual transport is not set, get the transport for this router, if
any. It might be expanded, or it might be unset if this router has verify_only
set. */
if (!individual_transport_set)
{
if (!rf_get_transport(rblock->transport_name, &(rblock->transport), addr,
rblock->name, NULL))
return DEFER;
transport = rblock->transport;
}
/* Deal with the case of a local transport. The host list is passed over as a
single text string that ends up in $host. */
if (transport != NULL && transport->info->local)
{
if (hostlist[0] != 0)
{
host_item *h;
addr->host_list = h = store_get(sizeof(host_item));
h->name = string_copy(hostlist);
h->address = NULL;
h->port = PORT_NONE;
h->mx = MX_NONE;
h->status = hstatus_unknown;
h->why = hwhy_unknown;
h->last_try = 0;
h->next = NULL;
}
/* There is nothing more to do other than to queue the address for the
local transport, filling in any uid/gid. This can be done by the common
rf_queue_add() function. */
addr->transport = transport;
return rf_queue_add(addr, addr_local, addr_remote, rblock, pw)?
OK : DEFER;
}
/* There is either no transport (verify_only) or a remote transport. A host
list is mandatory in either case, except when verifying, in which case the
address is just accepted. */
if (hostlist[0] == 0)
{
if (verify != v_none) goto ROUTED;
addr->message = string_sprintf("error in %s router: no host(s) specified "
"for domain %s", rblock->name, domain);
log_write(0, LOG_MAIN, "%s", addr->message);
return DEFER;
}
/* Otherwise we finish the routing here by building a chain of host items
for the list of configured hosts, and then finding their addresses. */
host_build_hostlist(&(addr->host_list), hostlist, randomize);
rc = rf_lookup_hostlist(rblock, addr, rblock->ignore_target_hosts, lookup_type,
ob->hff_code, addr_new);
if (rc != OK) return rc;
/* If host_find_failed is set to "ignore", it is possible for all the hosts to
be ignored, in which case we will end up with an empty host list. What happens
is controlled by host_all_ignored. */
if (addr->host_list == NULL)
{
int i;
DEBUG(D_route) debug_printf("host_find_failed ignored every host\n");
if (ob->hai_code == hff_decline) return DECLINE;
if (ob->hai_code == hff_pass) return PASS;
for (i = 0; i < hff_count; i++)
if (ob->hai_code == hff_codes[i]) break;
addr->message = string_sprintf("lookup failed for all hosts in %s router: "
"host_find_failed=ignore host_all_ignored=%s", rblock->name, hff_names[i]);
if (ob->hai_code == hff_defer) return DEFER;
if (ob->hai_code == hff_fail) return FAIL;
addr->special_action = SPECIAL_FREEZE;
return DEFER;
}
/* Finally, since we have done all the routing here, there must be a transport
defined for these hosts. It will be a remote one, as a local transport is
dealt with above. However, we don't need one if verifying only. */
if (transport == NULL && verify == v_none)
{
log_write(0, LOG_MAIN, "Error in %s router: no transport defined",
rblock->name);
addr->message = US"error in router: transport missing";
return DEFER;
}
/* Fill in the transport, queue for remote delivery. The yield of
rf_queue_add() is always TRUE for a remote transport. */
ROUTED:
addr->transport = transport;
(void)rf_queue_add(addr, addr_local, addr_remote, rblock, NULL);
return OK;
}
uschar *
tls_cert_subject_altname(void * cert, uschar * mod)
{
uschar * list = NULL;
int index;
size_t siz;
int ret;
uschar sep = '\n';
uschar * tag = US"";
uschar * ele;
int match = -1;
while (mod)
{
if (*mod == '>' && *++mod) sep = *mod++;
else if (Ustrcmp(mod, "dns")==0) {
match = GNUTLS_SAN_DNSNAME;
mod += 3;
}
else if (Ustrcmp(mod, "uri")==0) {
match = GNUTLS_SAN_URI;
mod += 3;
}
else if (Ustrcmp(mod, "mail")==0) {
match = GNUTLS_SAN_RFC822NAME;
mod += 4;
}
else continue;
if (*mod++ != ',')
break;
}
for(index = 0;; index++)
{
siz = 0;
switch(ret = gnutls_x509_crt_get_subject_alt_name(
(gnutls_x509_crt_t)cert, index, NULL, &siz, NULL))
{
case GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE:
return list; /* no more elements; normal exit */
case GNUTLS_E_SHORT_MEMORY_BUFFER:
break;
default:
return g_err("gs0", __FUNCTION__, ret);
}
ele = store_get(siz+1);
if ((ret = gnutls_x509_crt_get_subject_alt_name(
(gnutls_x509_crt_t)cert, index, ele, &siz, NULL)) < 0)
return g_err("gs1", __FUNCTION__, ret);
ele[siz] = '\0';
if ( match != -1 && match != ret /* wrong type of SAN */
|| Ustrlen(ele) != siz) /* contains a NUL */
continue;
switch (ret)
{
case GNUTLS_SAN_DNSNAME:
tag = US"DNS";
break;
case GNUTLS_SAN_URI:
tag = US"URI";
break;
case GNUTLS_SAN_RFC822NAME:
tag = US"MAIL";
break;
default:
continue; /* ignore unrecognised types */
}
list = string_append_listele(list, sep,
match == -1 ? string_sprintf("%s=%s", tag, ele) : ele);
}
/*NOTREACHED*/
}
int
dnslookup_router_entry(
router_instance *rblock, /* data for this instantiation */
address_item *addr, /* address we are working on */
struct passwd *pw, /* passwd entry after check_local_user */
int verify, /* v_none/v_recipient/v_sender/v_expn */
address_item **addr_local, /* add it to this if it's local */
address_item **addr_remote, /* add it to this if it's remote */
address_item **addr_new, /* put new addresses on here */
address_item **addr_succeed) /* put old address here on success */
{
host_item h;
int rc;
int widen_sep = 0;
int whichrrs = HOST_FIND_BY_MX | HOST_FIND_BY_A;
dnslookup_router_options_block *ob =
(dnslookup_router_options_block *)(rblock->options_block);
uschar *srv_service = NULL;
uschar *widen = NULL;
uschar *pre_widen = addr->domain;
uschar *post_widen = NULL;
uschar *fully_qualified_name;
uschar *listptr;
uschar widen_buffer[256];
addr_new = addr_new; /* Keep picky compilers happy */
addr_succeed = addr_succeed;
DEBUG(D_route)
debug_printf("%s router called for %s\n domain = %s\n",
rblock->name, addr->address, addr->domain);
/* If an SRV check is required, expand the service name */
if (ob->check_srv != NULL)
{
srv_service = expand_string(ob->check_srv);
if (srv_service == NULL && !expand_string_forcedfail)
{
addr->message = string_sprintf("%s router: failed to expand \"%s\": %s",
rblock->name, ob->check_srv, expand_string_message);
return DEFER;
}
else whichrrs |= HOST_FIND_BY_SRV;
}
/* Set up the first of any widening domains. The code further down copes with
either pre- or post-widening, but at present there is no way to turn on
pre-widening, as actually doing so seems like a rather bad idea, and nobody has
requested it. Pre-widening would cause local abbreviated names to take
precedence over global names. For example, if the domain is "xxx.ch" it might
be something in the "ch" toplevel domain, but it also might be xxx.ch.xyz.com.
The choice of pre- or post-widening affects which takes precedence. If ever
somebody comes up with some kind of requirement for pre-widening, presumably
with some conditions under which it is done, it can be selected here.
The rewrite_headers option works only when routing an address at transport
time, because the alterations to the headers are not persistent so must be
worked out immediately before they are used. Sender addresses are routed for
verification purposes, but never at transport time, so any header changes that
you might expect as a result of sender domain widening do not occur. Therefore
we do not perform widening when verifying sender addresses; however, widening
sender addresses is OK if we do not have to rewrite the headers. A corollary
of this is that if the current address is not the original address, then it
does not appear in the message header so it is also OK to widen. The
suppression of widening for sender addresses is silent because it is the
normal desirable behaviour. */
if (ob->widen_domains != NULL &&
(verify != v_sender || !ob->rewrite_headers || addr->parent != NULL))
{
listptr = ob->widen_domains;
widen = string_nextinlist(&listptr, &widen_sep, widen_buffer,
sizeof(widen_buffer));
/****
if (some condition requiring pre-widening)
{
post_widen = pre_widen;
pre_widen = NULL;
}
****/
}
/* Loop to cope with explicit widening of domains as configured. This code
copes with widening that may happen before or after the original name. The
decision as to which is taken above. */
for (;;)
{
int flags = whichrrs;
BOOL removed = FALSE;
if (pre_widen != NULL)
{
h.name = pre_widen;
pre_widen = NULL;
}
else if (widen != NULL)
{
h.name = string_sprintf("%s.%s", addr->domain, widen);
widen = string_nextinlist(&listptr, &widen_sep, widen_buffer,
sizeof(widen_buffer));
DEBUG(D_route) debug_printf("%s router widened %s to %s\n", rblock->name,
addr->domain, h.name);
}
else if (post_widen != NULL)
{
h.name = post_widen;
post_widen = NULL;
DEBUG(D_route) debug_printf("%s router trying %s after widening failed\n",
rblock->name, h.name);
}
else return DECLINE;
/* Set up the rest of the initial host item. Others may get chained on if
there is more than one IP address. We set it up here instead of outside the
loop so as to re-initialize if a previous try succeeded but was rejected
because of not having an MX record. */
h.next = NULL;
h.address = NULL;
h.port = PORT_NONE;
h.mx = MX_NONE;
h.status = hstatus_unknown;
h.why = hwhy_unknown;
h.last_try = 0;
/* Unfortunately, we cannot set the mx_only option in advance, because the
DNS lookup may extend an unqualified name. Therefore, we must do the test
subsequently. We use the same logic as that for widen_domains above to avoid
requesting a header rewrite that cannot work. */
if (verify != v_sender || !ob->rewrite_headers || addr->parent != NULL)
{
if (ob->qualify_single) flags |= HOST_FIND_QUALIFY_SINGLE;
if (ob->search_parents) flags |= HOST_FIND_SEARCH_PARENTS;
}
rc = host_find_bydns(&h, rblock->ignore_target_hosts, flags, srv_service,
ob->srv_fail_domains, ob->mx_fail_domains, &fully_qualified_name, &removed);
if (removed) setflag(addr, af_local_host_removed);
/* If host found with only address records, test for the domain's being in
the mx_domains list. Note that this applies also to SRV records; the name of
the option is historical. */
if ((rc == HOST_FOUND || rc == HOST_FOUND_LOCAL) && h.mx < 0 &&
ob->mx_domains != NULL)
{
switch(match_isinlist(fully_qualified_name, &(ob->mx_domains), 0,
&domainlist_anchor, addr->domain_cache, MCL_DOMAIN, TRUE, NULL))
{
case DEFER:
addr->message = US"lookup defer for mx_domains";
return DEFER;
case OK:
DEBUG(D_route) debug_printf("%s router rejected %s: no MX record(s)\n",
rblock->name, fully_qualified_name);
continue;
}
}
/* Deferral returns forthwith, and anything other than failure breaks the
loop. */
if (rc == HOST_FIND_AGAIN)
{
if (rblock->pass_on_timeout)
{
DEBUG(D_route) debug_printf("%s router timed out, and pass_on_timeout is set\n",
rblock->name);
return PASS;
}
addr->message = US"host lookup did not complete";
return DEFER;
}
if (rc != HOST_FIND_FAILED) break;
/* Check to see if the failure is the result of MX records pointing to
non-existent domains, and if so, set an appropriate error message; the case
of an MX or SRV record pointing to "." is another special case that we can
detect. Otherwise "unknown mail domain" is used, which is confusing. Also, in
this case don't do the widening. We need check only the first host to see if
its MX has been filled in, but there is no address, because if there were any
usable addresses returned, we would not have had HOST_FIND_FAILED.
As a common cause of this problem is MX records with IP addresses on the
RHS, give a special message in this case. */
if (h.mx >= 0 && h.address == NULL)
{
setflag(addr, af_pass_message); /* This is not a security risk */
if (h.name[0] == 0)
addr->message = US"an MX or SRV record indicated no SMTP service";
else
{
addr->message = US"all relevant MX records point to non-existent hosts";
if (!allow_mx_to_ip && string_is_ip_address(h.name, NULL) != 0)
{
addr->user_message =
string_sprintf("It appears that the DNS operator for %s\n"
"has installed an invalid MX record with an IP address\n"
"instead of a domain name on the right hand side.", addr->domain);
addr->message = string_sprintf("%s or (invalidly) to IP addresses",
addr->message);
}
}
return DECLINE;
}
/* If there's a syntax error, do not continue with any widening, and note
the error. */
if (host_find_failed_syntax)
{
addr->message = string_sprintf("mail domain \"%s\" is syntactically "
"invalid", h.name);
return DECLINE;
}
}
/* If the original domain name has been changed as a result of the host lookup,
set up a child address for rerouting and request header rewrites if so
configured. Then yield REROUTED. However, if the only change is a change of
case in the domain name, which some resolvers yield (others don't), just change
the domain name in the original address so that the official version is used in
RCPT commands. */
if (Ustrcmp(addr->domain, fully_qualified_name) != 0)
{
if (strcmpic(addr->domain, fully_qualified_name) == 0)
{
uschar *at = Ustrrchr(addr->address, '@');
memcpy(at+1, fully_qualified_name, Ustrlen(at+1));
}
else
{
rf_change_domain(addr, fully_qualified_name, ob->rewrite_headers, addr_new);
return REROUTED;
}
}
/* If the yield is HOST_FOUND_LOCAL, the remote domain name either found MX
records with the lowest numbered one pointing to a host with an IP address that
is set on one of the interfaces of this machine, or found A records or got
addresses from gethostbyname() that contain one for this machine. This can
happen quite legitimately if the original name was a shortened form of a
domain, but we will have picked that up already via the name change test above.
Otherwise, the action to be taken can be configured by the self option, the
handling of which is in a separate function, as it is also required for other
routers. */
if (rc == HOST_FOUND_LOCAL)
{
rc = rf_self_action(addr, &h, rblock->self_code, rblock->self_rewrite,
rblock->self, addr_new);
if (rc != OK) return rc;
}
/* Otherwise, insist on being a secondary MX if so configured */
else if (ob->check_secondary_mx && !testflag(addr, af_local_host_removed))
{
DEBUG(D_route) debug_printf("check_secondary_mx set and local host not secondary\n");
return DECLINE;
}
/* Set up the errors address, if any. */
rc = rf_get_errors_address(addr, rblock, verify, &(addr->p.errors_address));
if (rc != OK) return rc;
/* Set up the additional and removeable headers for this address. */
rc = rf_get_munge_headers(addr, rblock, &(addr->p.extra_headers),
&(addr->p.remove_headers));
if (rc != OK) return rc;
/* Get store in which to preserve the original host item, chained on
to the address. */
addr->host_list = store_get(sizeof(host_item));
addr->host_list[0] = h;
/* Fill in the transport and queue the address for delivery. */
if (!rf_get_transport(rblock->transport_name, &(rblock->transport),
addr, rblock->name, NULL))
return DEFER;
addr->transport = rblock->transport;
return rf_queue_add(addr, addr_local, addr_remote, rblock, pw)?
OK : DEFER;
}
int dcc_process(uschar **listptr) {
int sep = 0;
uschar *list = *listptr;
FILE *data_file;
uschar *dcc_daemon_ip = US"";
uschar *dcc_default_ip_option = US"127.0.0.1";
uschar *dcc_ip_option = US"";
uschar *dcc_helo_option = US"localhost";
uschar *dcc_reject_message = US"Rejected by DCC";
uschar *xtra_hdrs = NULL;
/* from local_scan */
int i, j, k, c, retval, sockfd, resp, line;
unsigned int portnr;
struct sockaddr_un serv_addr;
struct sockaddr_in serv_addr_in;
struct hostent *ipaddress;
uschar sockpath[128];
uschar sockip[40], client_ip[40];
uschar opts[128];
uschar rcpt[128], from[128];
uschar sendbuf[4096];
uschar recvbuf[4096];
uschar dcc_return_text[1024];
uschar mbox_path[1024];
uschar message_subdir[2];
struct header_line *dcchdr;
uschar *dcc_acl_options;
uschar dcc_acl_options_buffer[10];
uschar dcc_xtra_hdrs[1024];
/* grep 1st option */
if ((dcc_acl_options = string_nextinlist(&list, &sep,
dcc_acl_options_buffer,
sizeof(dcc_acl_options_buffer))) != NULL)
{
/* parse 1st option */
if ( (strcmpic(dcc_acl_options,US"false") == 0) ||
(Ustrcmp(dcc_acl_options,"0") == 0) ) {
/* explicitly no matching */
return FAIL;
};
/* special cases (match anything except empty) */
if ( (strcmpic(dcc_acl_options,US"true") == 0) ||
(Ustrcmp(dcc_acl_options,"*") == 0) ||
(Ustrcmp(dcc_acl_options,"1") == 0) ) {
dcc_acl_options = dcc_acl_options;
};
}
else {
/* empty means "don't match anything" */
return FAIL;
};
sep = 0;
/* if we scanned this message last time, just return */
if ( dcc_ok )
return dcc_rc;
/* open the spooled body */
message_subdir[1] = '\0';
for (i = 0; i < 2; i++) {
message_subdir[0] = (split_spool_directory == (i == 0))? message_id[5] : 0;
sprintf(CS mbox_path, "%s/input/%s/%s-D", spool_directory, message_subdir, message_id);
data_file = Ufopen(mbox_path,"rb");
if (data_file != NULL)
break;
};
if (data_file == NULL) {
/* error while spooling */
log_write(0, LOG_MAIN|LOG_PANIC,
"dcc acl condition: error while opening spool file");
return DEFER;
};
/* Initialize the variables */
bzero(sockip,sizeof(sockip));
if (dccifd_address) {
if (dccifd_address[0] == '/')
Ustrncpy(sockpath, dccifd_address, sizeof(sockpath));
else
if( sscanf(CS dccifd_address, "%s %u", sockip, &portnr) != 2) {
log_write(0, LOG_MAIN,
"dcc acl condition: warning - invalid dccifd address: '%s'", dccifd_address);
(void)fclose(data_file);
return DEFER;
}
}
/* opts is what we send as dccifd options - see man dccifd */
/* We don't support any other option than 'header' so just copy that */
bzero(opts,sizeof(opts));
Ustrncpy(opts, "header", sizeof(opts)-1);
Ustrncpy(client_ip, dcc_ip_option, sizeof(client_ip)-1);
/* If the dcc_client_ip is not provided use the
* sender_host_address or 127.0.0.1 if it is NULL */
DEBUG(D_acl)
debug_printf("my_ip_option = %s - client_ip = %s - sender_host_address = %s\n", dcc_ip_option, client_ip, sender_host_address);
if(!(Ustrcmp(client_ip, ""))){
/* Do we have a sender_host_address or is it NULL? */
if(sender_host_address){
Ustrncpy(client_ip, sender_host_address, sizeof(client_ip)-1);
} else {
/* sender_host_address is NULL which means it comes from localhost */
Ustrncpy(client_ip, dcc_default_ip_option, sizeof(client_ip)-1);
}
}
DEBUG(D_acl)
debug_printf("Client IP: %s\n", client_ip);
Ustrncpy(sockip, dcc_daemon_ip, sizeof(sockip)-1);
/* strncat(opts, my_request, strlen(my_request)); */
Ustrcat(opts, "\n");
Ustrncat(opts, client_ip, sizeof(opts)-Ustrlen(opts)-1);
Ustrncat(opts, "\nHELO ", sizeof(opts)-Ustrlen(opts)-1);
Ustrncat(opts, dcc_helo_option, sizeof(opts)-Ustrlen(opts)-2);
Ustrcat(opts, "\n");
/* initialize the other variables */
dcchdr = header_list;
/* we set the default return value to DEFER */
retval = DEFER;
bzero(sendbuf,sizeof(sendbuf));
bzero(dcc_header_str,sizeof(dcc_header_str));
bzero(rcpt,sizeof(rcpt));
bzero(from,sizeof(from));
/* send a null return path as "<>". */
if (Ustrlen(sender_address) > 0)
Ustrncpy(from, sender_address, sizeof(from));
else
Ustrncpy(from, "<>", sizeof(from));
Ustrncat(from, "\n", sizeof(from)-Ustrlen(from)-1);
/**************************************
* Now creating the socket connection *
**************************************/
/* If there is a dcc_daemon_ip, we use a tcp socket, otherwise a UNIX socket */
if(Ustrcmp(sockip, "")){
ipaddress = gethostbyname((char *)sockip);
bzero((char *) &serv_addr_in, sizeof(serv_addr_in));
serv_addr_in.sin_family = AF_INET;
bcopy((char *)ipaddress->h_addr, (char *)&serv_addr_in.sin_addr.s_addr, ipaddress->h_length);
serv_addr_in.sin_port = htons(portnr);
if ((sockfd = socket(AF_INET, SOCK_STREAM,0)) < 0){
DEBUG(D_acl)
debug_printf("Creating socket failed: %s\n", strerror(errno));
log_write(0,LOG_REJECT,"Creating socket failed: %s\n", strerror(errno));
/* if we cannot create the socket, defer the mail */
(void)fclose(data_file);
return retval;
}
/* Now connecting the socket (INET) */
if (connect(sockfd, (struct sockaddr *)&serv_addr_in, sizeof(serv_addr_in)) < 0){
DEBUG(D_acl)
debug_printf("Connecting socket failed: %s\n", strerror(errno));
log_write(0,LOG_REJECT,"Connecting socket failed: %s\n", strerror(errno));
/* if we cannot contact the socket, defer the mail */
(void)fclose(data_file);
return retval;
}
} else {
/* connecting to the dccifd UNIX socket */
bzero((char *)&serv_addr,sizeof(serv_addr));
serv_addr.sun_family = AF_UNIX;
Ustrcpy(serv_addr.sun_path, sockpath);
if ((sockfd = socket(AF_UNIX, SOCK_STREAM,0)) < 0){
DEBUG(D_acl)
debug_printf("Creating socket failed: %s\n", strerror(errno));
log_write(0,LOG_REJECT,"Creating socket failed: %s\n", strerror(errno));
/* if we cannot create the socket, defer the mail */
(void)fclose(data_file);
return retval;
}
/* Now connecting the socket (UNIX) */
if (connect(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0){
DEBUG(D_acl)
debug_printf("Connecting socket failed: %s\n", strerror(errno));
log_write(0,LOG_REJECT,"Connecting socket failed: %s\n", strerror(errno));
/* if we cannot contact the socket, defer the mail */
(void)fclose(data_file);
return retval;
}
}
/* the socket is open, now send the options to dccifd*/
DEBUG(D_acl)
debug_printf("\n---------------------------\nSocket opened; now sending input\n-----------------\n");
/* First, fill in the input buffer */
Ustrncpy(sendbuf, opts, sizeof(sendbuf));
Ustrncat(sendbuf, from, sizeof(sendbuf)-Ustrlen(sendbuf)-1);
DEBUG(D_acl)
{
debug_printf("opts = %s\nsender = %s\nrcpt count = %d\n", opts, from, recipients_count);
debug_printf("Sending options:\n****************************\n");
}
/* let's send each of the recipients to dccifd */
for (i = 0; i < recipients_count; i++){
DEBUG(D_acl)
debug_printf("recipient = %s\n",recipients_list[i].address);
if(Ustrlen(sendbuf) + Ustrlen(recipients_list[i].address) > sizeof(sendbuf))
{
DEBUG(D_acl)
debug_printf("Writing buffer: %s\n", sendbuf);
flushbuffer(sockfd, sendbuf);
bzero(sendbuf, sizeof(sendbuf));
}
Ustrncat(sendbuf, recipients_list[i].address, sizeof(sendbuf)-Ustrlen(sendbuf)-1);
Ustrncat(sendbuf, "\r\n", sizeof(sendbuf)-Ustrlen(sendbuf)-1);
}
/* send a blank line between options and message */
Ustrncat(sendbuf, "\n", sizeof(sendbuf)-Ustrlen(sendbuf)-1);
/* Now we send the input buffer */
DEBUG(D_acl)
debug_printf("%s\n****************************\n", sendbuf);
flushbuffer(sockfd, sendbuf);
/* now send the message */
/* Clear the input buffer */
bzero(sendbuf, sizeof(sendbuf));
/* First send the headers */
/* Now send the headers */
DEBUG(D_acl)
debug_printf("Sending headers:\n****************************\n");
Ustrncpy(sendbuf, dcchdr->text, sizeof(sendbuf)-2);
while((dcchdr=dcchdr->next)) {
if(dcchdr->slen > sizeof(sendbuf)-2) {
/* The size of the header is bigger than the size of
* the input buffer, so split it up in smaller parts. */
flushbuffer(sockfd, sendbuf);
bzero(sendbuf, sizeof(sendbuf));
j = 0;
while(j < dcchdr->slen)
{
for(i = 0; i < sizeof(sendbuf)-2; i++) {
sendbuf[i] = dcchdr->text[j];
j++;
}
flushbuffer(sockfd, sendbuf);
bzero(sendbuf, sizeof(sendbuf));
}
} else if(Ustrlen(sendbuf) + dcchdr->slen > sizeof(sendbuf)-2) {
flushbuffer(sockfd, sendbuf);
bzero(sendbuf, sizeof(sendbuf));
Ustrncpy(sendbuf, dcchdr->text, sizeof(sendbuf)-2);
} else {
Ustrncat(sendbuf, dcchdr->text, sizeof(sendbuf)-Ustrlen(sendbuf)-2);
}
}
/* a blank line seperates header from body */
Ustrncat(sendbuf, "\n", sizeof(sendbuf)-Ustrlen(sendbuf)-1);
flushbuffer(sockfd, sendbuf);
DEBUG(D_acl)
debug_printf("\n****************************\n%s", sendbuf);
/* Clear the input buffer */
bzero(sendbuf, sizeof(sendbuf));
/* now send the body */
DEBUG(D_acl)
debug_printf("Writing body:\n****************************\n");
(void)fseek(data_file, SPOOL_DATA_START_OFFSET, SEEK_SET);
while((fread(sendbuf, 1, sizeof(sendbuf)-1, data_file)) > 0) {
flushbuffer(sockfd, sendbuf);
bzero(sendbuf, sizeof(sendbuf));
}
DEBUG(D_acl)
debug_printf("\n****************************\n");
/* shutdown() the socket */
if(shutdown(sockfd, 1) < 0){
DEBUG(D_acl)
debug_printf("Couldn't shutdown socket: %s\n", strerror(errno));
log_write(0,LOG_MAIN,"Couldn't shutdown socket: %s\n", strerror(errno));
/* If there is a problem with the shutdown()
* defer the mail. */
(void)fclose(data_file);
return retval;
}
DEBUG(D_acl)
debug_printf("\n-------------------------\nInput sent.\n-------------------------\n");
/********************************
* receiving output from dccifd *
********************************/
DEBUG(D_acl)
debug_printf("\n-------------------------------------\nNow receiving output from server\n-----------------------------------\n");
/******************************************************************
* We should get 3 lines: *
* 1/ First line is overall result: either 'A' for Accept, *
* 'R' for Reject, 'S' for accept Some recipients or *
* 'T' for a Temporary error. *
* 2/ Second line contains the list of Accepted/Rejected *
* recipients in the form AARRA (A = accepted, R = rejected). *
* 3/ Third line contains the X-DCC header. *
******************************************************************/
line = 1; /* we start at the first line of the output */
j = 0; /* will be used as index for the recipients list */
k = 0; /* initializing the index of the X-DCC header: dcc_header_str[k] */
/* Let's read from the socket until there's nothing left to read */
bzero(recvbuf, sizeof(recvbuf));
while((resp = read(sockfd, recvbuf, sizeof(recvbuf)-1)) > 0) {
/* How much did we get from the socket */
c = Ustrlen(recvbuf) + 1;
DEBUG(D_acl)
debug_printf("Length of the output buffer is: %d\nOutput buffer is:\n------------\n%s\n-----------\n", c, recvbuf);
/* Now let's read each character and see what we've got */
for(i = 0; i < c; i++) {
/* First check if we reached the end of the line and
* then increment the line counter */
if(recvbuf[i] == '\n') {
line++;
}
else {
/* The first character of the first line is the
* overall response. If there's another character
* on that line it is not correct. */
if(line == 1) {
if(i == 0) {
/* Now get the value and set the
* return value accordingly */
if(recvbuf[i] == 'A') {
DEBUG(D_acl)
debug_printf("Overall result = A\treturning OK\n");
Ustrcpy(dcc_return_text, "Mail accepted by DCC");
dcc_result = US"A";
retval = OK;
}
else if(recvbuf[i] == 'R') {
DEBUG(D_acl)
debug_printf("Overall result = R\treturning FAIL\n");
dcc_result = US"R";
retval = FAIL;
if(sender_host_name) {
log_write(0, LOG_MAIN, "H=%s [%s] F=<%s>: rejected by DCC", sender_host_name, sender_host_address, sender_address);
}
else {
log_write(0, LOG_MAIN, "H=[%s] F=<%s>: rejected by DCC", sender_host_address, sender_address);
}
Ustrncpy(dcc_return_text, dcc_reject_message, Ustrlen(dcc_reject_message) + 1);
}
else if(recvbuf[i] == 'S') {
DEBUG(D_acl)
debug_printf("Overall result = S\treturning OK\n");
Ustrcpy(dcc_return_text, "Not all recipients accepted by DCC");
/* Since we're in an ACL we want a global result
* so we accept for all */
dcc_result = US"A";
retval = OK;
}
else if(recvbuf[i] == 'G') {
DEBUG(D_acl)
debug_printf("Overall result = G\treturning FAIL\n");
Ustrcpy(dcc_return_text, "Greylisted by DCC");
dcc_result = US"G";
retval = FAIL;
}
else if(recvbuf[i] == 'T') {
DEBUG(D_acl)
debug_printf("Overall result = T\treturning DEFER\n");
retval = DEFER;
log_write(0,LOG_MAIN,"Temporary error with DCC: %s\n", recvbuf);
Ustrcpy(dcc_return_text, "Temporary error with DCC");
dcc_result = US"T";
}
else {
DEBUG(D_acl)
debug_printf("Overall result = something else\treturning DEFER\n");
retval = DEFER;
log_write(0,LOG_MAIN,"Unknown DCC response: %s\n", recvbuf);
Ustrcpy(dcc_return_text, "Unknown DCC response");
dcc_result = US"T";
}
}
else {
/* We're on the first line but not on the first character,
* there must be something wrong. */
DEBUG(D_acl)
debug_printf("Line = %d but i = %d != 0 character is %c - This is wrong!\n", line, i, recvbuf[i]);
log_write(0,LOG_MAIN,"Wrong header from DCC, output is %s\n", recvbuf);
}
}
else if(line == 2) {
/* On the second line we get a list of
* answers for each recipient. We don't care about
* it because we're in an acl and take the
* global result. */
}
else if(line > 2) {
/* The third and following lines are the X-DCC header,
* so we store it in dcc_header_str. */
/* check if we don't get more than we can handle */
if(k < sizeof(dcc_header_str)) {
dcc_header_str[k] = recvbuf[i];
k++;
}
else {
DEBUG(D_acl)
debug_printf("We got more output than we can store in the X-DCC header. Truncating at 120 characters.\n");
}
}
else {
/* Wrong line number. There must be a problem with the output. */
DEBUG(D_acl)
debug_printf("Wrong line number in output. Line number is %d\n", line);
}
}
}
/* we reinitialize the output buffer before we read again */
bzero(recvbuf,sizeof(recvbuf));
}
/* We have read everything from the socket */
/* We need to terminate the X-DCC header with a '\n' character. This needs to be k-1
* since dcc_header_str[k] contains '\0'. */
dcc_header_str[k-1] = '\n';
/* Now let's sum up what we've got. */
DEBUG(D_acl)
debug_printf("\n--------------------------\nOverall result = %d\nX-DCC header: %sReturn message: %s\ndcc_result: %s\n", retval, dcc_header_str, dcc_return_text, dcc_result);
/* We only add the X-DCC header if it starts with X-DCC */
if(!(Ustrncmp(dcc_header_str, "X-DCC", 5))){
dcc_header = dcc_header_str;
if(dcc_direct_add_header) {
header_add(' ' , "%s", dcc_header_str);
/* since the MIME ACL already writes the .eml file to disk without DCC Header we've to erase it */
unspool_mbox();
}
}
else {
DEBUG(D_acl)
debug_printf("Wrong format of the X-DCC header: %s\n", dcc_header_str);
}
/* check if we should add additional headers passed in acl_m_dcc_add_header */
if(dcc_direct_add_header) {
if (((xtra_hdrs = expand_string(US"$acl_m_dcc_add_header")) != NULL) && (xtra_hdrs[0] != '\0')) {
Ustrncpy(dcc_xtra_hdrs, xtra_hdrs, sizeof(dcc_xtra_hdrs) - 2);
if (dcc_xtra_hdrs[Ustrlen(dcc_xtra_hdrs)-1] != '\n')
Ustrcat(dcc_xtra_hdrs, "\n");
header_add(' ', "%s", dcc_xtra_hdrs);
DEBUG(D_acl)
debug_printf("adding additional headers in $acl_m_dcc_add_header: %s", dcc_xtra_hdrs);
}
}
dcc_ok = 1;
/* Now return to exim main process */
DEBUG(D_acl)
debug_printf("Before returning to exim main process:\nreturn_text = %s - retval = %d\ndcc_result = %s\n", dcc_return_text, retval, dcc_result);
(void)fclose(data_file);
dcc_rc = retval;
return dcc_rc;
}
BOOL
autoreply_transport_entry(
transport_instance *tblock, /* data for this instantiation */
address_item *addr) /* address we are working on */
{
int fd, pid, rc;
int cache_fd = -1;
int log_fd = -1;
int cache_size = 0;
int add_size = 0;
EXIM_DB *dbm_file = NULL;
BOOL file_expand, return_message;
uschar *from, *reply_to, *to, *cc, *bcc, *subject, *headers, *text, *file;
uschar *logfile, *oncelog;
uschar *cache_buff = NULL;
uschar *cache_time = NULL;
uschar *message_id = NULL;
header_line *h;
time_t now = time(NULL);
time_t once_repeat_sec = 0;
FILE *f;
FILE *ff = NULL;
autoreply_transport_options_block *ob =
(autoreply_transport_options_block *)(tblock->options_block);
DEBUG(D_transport) debug_printf("%s transport entered\n", tblock->name);
/* Set up for the good case */
addr->transport_return = OK;
addr->basic_errno = 0;
/* If the address is pointing to a reply block, then take all the data
from that block. It has typically been set up by a mail filter processing
router. Otherwise, the data must be supplied by this transport, and
it has to be expanded here. */
if (addr->reply != NULL)
{
DEBUG(D_transport) debug_printf("taking data from address\n");
from = addr->reply->from;
reply_to = addr->reply->reply_to;
to = addr->reply->to;
cc = addr->reply->cc;
bcc = addr->reply->bcc;
subject = addr->reply->subject;
headers = addr->reply->headers;
text = addr->reply->text;
file = addr->reply->file;
logfile = addr->reply->logfile;
oncelog = addr->reply->oncelog;
once_repeat_sec = addr->reply->once_repeat;
file_expand = addr->reply->file_expand;
expand_forbid = addr->reply->expand_forbid;
return_message = addr->reply->return_message;
}
else
{
uschar *oncerepeat = ob->once_repeat;
DEBUG(D_transport) debug_printf("taking data from transport\n");
from = ob->from;
reply_to = ob->reply_to;
to = ob->to;
cc = ob->cc;
bcc = ob->bcc;
subject = ob->subject;
headers = ob->headers;
text = ob->text;
file = ob->file;
logfile = ob->logfile;
oncelog = ob->oncelog;
file_expand = ob->file_expand;
return_message = ob->return_message;
if ((from != NULL &&
(from = checkexpand(from, addr, tblock->name, cke_hdr)) == NULL) ||
(reply_to != NULL &&
(reply_to = checkexpand(reply_to, addr, tblock->name, cke_hdr)) == NULL) ||
(to != NULL &&
(to = checkexpand(to, addr, tblock->name, cke_hdr)) == NULL) ||
(cc != NULL &&
(cc = checkexpand(cc, addr, tblock->name, cke_hdr)) == NULL) ||
(bcc != NULL &&
(bcc = checkexpand(bcc, addr, tblock->name, cke_hdr)) == NULL) ||
(subject != NULL &&
(subject = checkexpand(subject, addr, tblock->name, cke_hdr)) == NULL) ||
(headers != NULL &&
(headers = checkexpand(headers, addr, tblock->name, cke_text)) == NULL) ||
(text != NULL &&
(text = checkexpand(text, addr, tblock->name, cke_text)) == NULL) ||
(file != NULL &&
(file = checkexpand(file, addr, tblock->name, cke_file)) == NULL) ||
(logfile != NULL &&
(logfile = checkexpand(logfile, addr, tblock->name, cke_file)) == NULL) ||
(oncelog != NULL &&
(oncelog = checkexpand(oncelog, addr, tblock->name, cke_file)) == NULL) ||
(oncerepeat != NULL &&
(oncerepeat = checkexpand(oncerepeat, addr, tblock->name, cke_file)) == NULL))
return FALSE;
if (oncerepeat != NULL)
{
once_repeat_sec = readconf_readtime(oncerepeat, 0, FALSE);
if (once_repeat_sec < 0)
{
addr->transport_return = FAIL;
addr->message = string_sprintf("Invalid time value \"%s\" for "
"\"once_repeat\" in %s transport", oncerepeat, tblock->name);
return FALSE;
}
}
}
/* If the never_mail option is set, we have to scan all the recipients and
remove those that match. */
if (ob->never_mail != NULL)
{
uschar *never_mail = expand_string(ob->never_mail);
if (never_mail == NULL)
{
addr->transport_return = FAIL;
addr->message = string_sprintf("Failed to expand \"%s\" for "
"\"never_mail\" in %s transport", ob->never_mail, tblock->name);
return FALSE;
}
if (to != NULL) check_never_mail(&to, never_mail);
if (cc != NULL) check_never_mail(&cc, never_mail);
if (bcc != NULL) check_never_mail(&bcc, never_mail);
if (to == NULL && cc == NULL && bcc == NULL)
{
DEBUG(D_transport)
debug_printf("*** all recipients removed by never_mail\n");
return OK;
}
}
/* If the -N option is set, can't do any more. */
if (dont_deliver)
{
DEBUG(D_transport)
debug_printf("*** delivery by %s transport bypassed by -N option\n",
tblock->name);
return FALSE;
}
/* If the oncelog field is set, we send want to send only one message to the
given recipient(s). This works only on the "To" field. If there is no "To"
field, the message is always sent. If the To: field contains more than one
recipient, the effect might not be quite as envisaged. If once_file_size is
set, instead of a dbm file, we use a regular file containing a circular buffer
recipient cache. */
if (oncelog != NULL && *oncelog != 0 && to != NULL)
{
time_t then = 0;
/* Handle fixed-size cache file. */
if (ob->once_file_size > 0)
{
uschar *p;
struct stat statbuf;
cache_fd = Uopen(oncelog, O_CREAT|O_RDWR, ob->mode);
if (cache_fd < 0 || fstat(cache_fd, &statbuf) != 0)
{
addr->transport_return = DEFER;
addr->message = string_sprintf("Failed to %s \"once\" file %s when "
"sending message from %s transport: %s",
(cache_fd < 0)? "open" : "stat", oncelog, tblock->name,
strerror(errno));
goto END_OFF;
}
/* Get store in the temporary pool and read the entire file into it. We get
an amount of store that is big enough to add the new entry on the end if we
need to do that. */
cache_size = statbuf.st_size;
add_size = sizeof(time_t) + Ustrlen(to) + 1;
cache_buff = store_get(cache_size + add_size);
if (read(cache_fd, cache_buff, cache_size) != cache_size)
{
addr->transport_return = DEFER;
addr->basic_errno = errno;
addr->message = US"error while reading \"once\" file";
goto END_OFF;
}
DEBUG(D_transport) debug_printf("%d bytes read from %s\n", cache_size, oncelog);
/* Scan the data for this recipient. Each entry in the file starts with
a time_t sized time value, followed by the address, followed by a binary
zero. If we find a match, put the time into "then", and the place where it
was found into "cache_time". Otherwise, "then" is left at zero. */
p = cache_buff;
while (p < cache_buff + cache_size)
{
uschar *s = p + sizeof(time_t);
uschar *nextp = s + Ustrlen(s) + 1;
if (Ustrcmp(to, s) == 0)
{
memcpy(&then, p, sizeof(time_t));
cache_time = p;
break;
}
p = nextp;
}
}
/* Use a DBM file for the list of previous recipients. */
else
{
EXIM_DATUM key_datum, result_datum;
EXIM_DBOPEN(oncelog, O_RDWR|O_CREAT, ob->mode, &dbm_file);
if (dbm_file == NULL)
{
addr->transport_return = DEFER;
addr->message = string_sprintf("Failed to open %s file %s when sending "
"message from %s transport: %s", EXIM_DBTYPE, oncelog, tblock->name,
strerror(errno));
goto END_OFF;
}
EXIM_DATUM_INIT(key_datum); /* Some DBM libraries need datums */
EXIM_DATUM_INIT(result_datum); /* to be cleared */
EXIM_DATUM_DATA(key_datum) = CS to;
EXIM_DATUM_SIZE(key_datum) = Ustrlen(to) + 1;
if (EXIM_DBGET(dbm_file, key_datum, result_datum))
{
/* If the datum size is that of a binary time, we are in the new world
where messages are sent periodically. Otherwise the file is an old one,
where the datum was filled with a tod_log time, which is assumed to be
different in size. For that, only one message is ever sent. This change
introduced at Exim 3.00. In a couple of years' time the test on the size
can be abolished. */
if (EXIM_DATUM_SIZE(result_datum) == sizeof(time_t))
{
memcpy(&then, EXIM_DATUM_DATA(result_datum), sizeof(time_t));
}
else then = now;
}
}
/* Either "then" is set zero, if no message has yet been sent, or it
is set to the time of the last sending. */
if (then != 0 && (once_repeat_sec <= 0 || now - then < once_repeat_sec))
{
DEBUG(D_transport) debug_printf("message previously sent to %s%s\n", to,
(once_repeat_sec > 0)? " and repeat time not reached" : "");
log_fd = Uopen(logfile, O_WRONLY|O_APPEND|O_CREAT, ob->mode);
if (log_fd >= 0)
{
uschar *ptr = log_buffer;
sprintf(CS ptr, "%s\n previously sent to %.200s\n", tod_stamp(tod_log), to);
while(*ptr) ptr++;
if(write(log_fd, log_buffer, ptr - log_buffer) != ptr-log_buffer
|| close(log_fd))
DEBUG(D_transport) debug_printf("Problem writing log file %s for %s "
"transport\n", logfile, tblock->name);
}
goto END_OFF;
}
DEBUG(D_transport) debug_printf("%s %s\n", (then <= 0)?
"no previous message sent to" : "repeat time reached for", to);
}
/* We are going to send a message. Ensure any requested file is available. */
if (file != NULL)
{
ff = Ufopen(file, "rb");
if (ff == NULL && !ob->file_optional)
{
addr->transport_return = DEFER;
addr->message = string_sprintf("Failed to open file %s when sending "
"message from %s transport: %s", file, tblock->name, strerror(errno));
return FALSE;
}
}
/* Make a subprocess to send the message */
pid = child_open_exim(&fd);
/* Creation of child failed; defer this delivery. */
if (pid < 0)
{
addr->transport_return = DEFER;
addr->message = string_sprintf("Failed to create child process to send "
"message from %s transport: %s", tblock->name, strerror(errno));
DEBUG(D_transport) debug_printf("%s\n", addr->message);
return FALSE;
}
/* Create the message to be sent - recipients are taken from the headers,
as the -t option is used. The "headers" stuff *must* be last in case there
are newlines in it which might, if placed earlier, screw up other headers. */
f = fdopen(fd, "wb");
if (from != NULL) fprintf(f, "From: %s\n", from);
if (reply_to != NULL) fprintf(f, "Reply-To: %s\n", reply_to);
if (to != NULL) fprintf(f, "To: %s\n", to);
if (cc != NULL) fprintf(f, "Cc: %s\n", cc);
if (bcc != NULL) fprintf(f, "Bcc: %s\n", bcc);
if (subject != NULL) fprintf(f, "Subject: %s\n", subject);
/* Generate In-Reply-To from the message_id header; there should
always be one, but code defensively. */
for (h = header_list; h != NULL; h = h->next)
if (h->type == htype_id) break;
if (h != NULL)
{
message_id = Ustrchr(h->text, ':') + 1;
while (isspace(*message_id)) message_id++;
fprintf(f, "In-Reply-To: %s", message_id);
}
/* Generate a References header if there is at least one of Message-ID:,
References:, or In-Reply-To: (see RFC 2822). */
for (h = header_list; h != NULL; h = h->next)
if (h->type != htype_old && strncmpic(US"References:", h->text, 11) == 0)
break;
if (h == NULL)
for (h = header_list; h != NULL; h = h->next)
if (h->type != htype_old && strncmpic(US"In-Reply-To:", h->text, 12) == 0)
break;
/* We limit the total length of references. Although there is no fixed
limit, some systems do not like headers growing beyond recognition.
Keep the first message ID for the thread root and the last few for
the position inside the thread, up to a maximum of 12 altogether. */
if (h != NULL || message_id != NULL)
{
fprintf(f, "References:");
if (h != NULL)
{
uschar *s, *id, *error;
uschar *referenced_ids[12];
int reference_count = 0;
int i;
s = Ustrchr(h->text, ':') + 1;
parse_allow_group = FALSE;
while (*s != 0 && (s = parse_message_id(s, &id, &error)) != NULL)
{
if (reference_count == sizeof(referenced_ids)/sizeof(uschar *))
{
memmove(referenced_ids + 1, referenced_ids + 2,
sizeof(referenced_ids) - 2*sizeof(uschar *));
referenced_ids[reference_count - 1] = id;
}
else referenced_ids[reference_count++] = id;
}
for (i = 0; i < reference_count; ++i) fprintf(f, " %s", referenced_ids[i]);
}
/* The message id will have a newline on the end of it. */
if (message_id != NULL) fprintf(f, " %s", message_id);
else fprintf(f, "\n");
}
/* Add an Auto-Submitted: header */
fprintf(f, "Auto-Submitted: auto-replied\n");
/* Add any specially requested headers */
if (headers != NULL) fprintf(f, "%s\n", headers);
fprintf(f, "\n");
if (text != NULL)
{
fprintf(f, "%s", CS text);
if (text[Ustrlen(text)-1] != '\n') fprintf(f, "\n");
}
if (ff != NULL)
{
while (Ufgets(big_buffer, big_buffer_size, ff) != NULL)
{
if (file_expand)
{
uschar *s = expand_string(big_buffer);
DEBUG(D_transport)
{
if (s == NULL)
debug_printf("error while expanding line from file:\n %s\n %s\n",
big_buffer, expand_string_message);
}
fprintf(f, "%s", (s == NULL)? CS big_buffer : CS s);
}
else fprintf(f, "%s", CS big_buffer);
}
}
int
dns_lookup(dns_answer *dnsa, const uschar *name, int type,
const uschar **fully_qualified_name)
{
int i;
const uschar *orig_name = name;
BOOL secure_so_far = TRUE;
/* Loop to follow CNAME chains so far, but no further... */
for (i = 0; i < 10; i++)
{
uschar data[256];
dns_record *rr, cname_rr, type_rr;
dns_scan dnss;
int datalen, rc;
/* DNS lookup failures get passed straight back. */
if ((rc = dns_basic_lookup(dnsa, name, type)) != DNS_SUCCEED) return rc;
/* We should have either records of the required type, or a CNAME record,
or both. We need to know whether both exist for getting the fully qualified
name, but avoid scanning more than necessary. Note that we must copy the
contents of any rr blocks returned by dns_next_rr() as they use the same
area in the dnsa block. */
cname_rr.data = type_rr.data = NULL;
for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
{
if (rr->type == type)
{
if (type_rr.data == NULL) type_rr = *rr;
if (cname_rr.data != NULL) break;
}
else if (rr->type == T_CNAME) cname_rr = *rr;
}
/* For the first time round this loop, if a CNAME was found, take the fully
qualified name from it; otherwise from the first data record, if present. */
if (i == 0 && fully_qualified_name != NULL)
{
uschar * rr_name = cname_rr.data ? cname_rr.name
: type_rr.data ? type_rr.name : NULL;
if ( rr_name
&& Ustrcmp(rr_name, *fully_qualified_name) != 0
&& rr_name[0] != '*'
#ifdef EXPERIMENTAL_INTERNATIONAL
&& ( !string_is_utf8(*fully_qualified_name)
|| Ustrcmp(rr_name,
string_domain_utf8_to_alabel(*fully_qualified_name, NULL)) != 0
)
#endif
)
*fully_qualified_name = string_copy_dnsdomain(rr_name);
}
/* If any data records of the correct type were found, we are done. */
if (type_rr.data != NULL)
{
if (!secure_so_far) /* mark insecure if any element of CNAME chain was */
dns_set_insecure(dnsa);
return DNS_SUCCEED;
}
/* If there are no data records, we need to re-scan the DNS using the
domain given in the CNAME record, which should exist (otherwise we should
have had a failure from dns_lookup). However code against the possibility of
its not existing. */
if (cname_rr.data == NULL) return DNS_FAIL;
datalen = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen,
cname_rr.data, (DN_EXPAND_ARG4_TYPE)data, sizeof(data));
if (datalen < 0) return DNS_FAIL;
name = data;
if (!dns_is_secure(dnsa))
secure_so_far = FALSE;
DEBUG(D_dns) debug_printf("CNAME found: change to %s\n", name);
} /* Loop back to do another lookup */
/*Control reaches here after 10 times round the CNAME loop. Something isn't
right... */
log_write(0, LOG_MAIN, "CNAME loop for %s encountered", orig_name);
return DNS_FAIL;
}
static int
fakens_search(const uschar *domain, int type, uschar *answerptr, int size)
{
int len = Ustrlen(domain);
int asize = size; /* Locally modified */
uschar *endname;
uschar name[256];
uschar utilname[256];
uschar *aptr = answerptr; /* Locally modified */
struct stat statbuf;
/* Remove terminating dot. */
if (domain[len - 1] == '.') len--;
Ustrncpy(name, domain, len);
name[len] = 0;
endname = name + len;
/* This code, for forcing TRY_AGAIN and NO_RECOVERY, is here so that it works
for the old test suite that uses a real nameserver. When the old test suite is
eventually abandoned, this code could be moved into the fakens utility. */
if (len >= 14 && Ustrcmp(endname - 14, "test.again.dns") == 0)
{
int delay = Uatoi(name); /* digits at the start of the name */
DEBUG(D_dns) debug_printf("Return from DNS lookup of %s (%s) faked for testing\n",
name, dns_text_type(type));
if (delay > 0)
{
DEBUG(D_dns) debug_printf("delaying %d seconds\n", delay);
sleep(delay);
}
h_errno = TRY_AGAIN;
return -1;
}
if (len >= 13 && Ustrcmp(endname - 13, "test.fail.dns") == 0)
{
DEBUG(D_dns) debug_printf("Return from DNS lookup of %s (%s) faked for testing\n",
name, dns_text_type(type));
h_errno = NO_RECOVERY;
return -1;
}
/* Look for the fakens utility, and if it exists, call it. */
(void)string_format(utilname, sizeof(utilname), "%s/../bin/fakens",
spool_directory);
if (stat(CS utilname, &statbuf) >= 0)
{
pid_t pid;
int infd, outfd, rc;
uschar *argv[5];
DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) using fakens\n",
name, dns_text_type(type));
argv[0] = utilname;
argv[1] = spool_directory;
argv[2] = name;
argv[3] = dns_text_type(type);
argv[4] = NULL;
pid = child_open(argv, NULL, 0000, &infd, &outfd, FALSE);
if (pid < 0)
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to run fakens: %s",
strerror(errno));
len = 0;
rc = -1;
while (asize > 0 && (rc = read(outfd, aptr, asize)) > 0)
{
len += rc;
aptr += rc; /* Don't modify the actual arguments, because they */
asize -= rc; /* may need to be passed on to res_search(). */
}
if (rc < 0)
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "read from fakens failed: %s",
strerror(errno));
switch(child_close(pid, 0))
{
case 0: return len;
case 1: h_errno = HOST_NOT_FOUND; return -1;
case 2: h_errno = TRY_AGAIN; return -1;
default:
case 3: h_errno = NO_RECOVERY; return -1;
case 4: h_errno = NO_DATA; return -1;
case 5: /* Pass on to res_search() */
DEBUG(D_dns) debug_printf("fakens returned PASS_ON\n");
}
}
/* fakens utility not found, or it returned "pass on" */
DEBUG(D_dns) debug_printf("passing %s on to res_search()\n", domain);
return res_search(CS domain, C_IN, type, answerptr, size);
}
static int
perform_redis_search(const uschar *command, uschar *server, uschar **resultptr,
uschar **errmsg, BOOL *defer_break, uint *do_cache)
{
redisContext *redis_handle = NULL; /* Keep compilers happy */
redisReply *redis_reply = NULL;
redisReply *entry = NULL;
redisReply *tentry = NULL;
redis_connection *cn;
int ssize = 0;
int offset = 0;
int yield = DEFER;
int i, j;
uschar *result = NULL;
uschar *server_copy = NULL;
uschar *tmp, *ttmp;
uschar *sdata[3];
/* Disaggregate the parameters from the server argument.
The order is host:port(socket)
We can write to the string, since it is in a nextinlist temporary buffer.
This copy is also used for debugging output. */
memset(sdata, 0, sizeof(sdata)) /* Set all to NULL */;
for (i = 2; i > 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (!pp)
{
*errmsg = string_sprintf("incomplete Redis server data: %s",
i == 2 ? server : server_copy);
*defer_break = TRUE;
return DEFER;
}
*pp++ = 0;
sdata[i] = pp;
if (i == 2) server_copy = string_copy(server); /* sans password */
}
sdata[0] = server; /* What's left at the start */
/* If the database or password is an empty string, set it NULL */
if (sdata[1][0] == 0) sdata[1] = NULL;
if (sdata[2][0] == 0) sdata[2] = NULL;
/* See if we have a cached connection to the server */
for (cn = redis_connections; cn; cn = cn->next)
if (Ustrcmp(cn->server, server_copy) == 0)
{
redis_handle = cn->handle;
break;
}
if (!cn)
{
uschar *p;
uschar *socket = NULL;
int port = 0;
/* int redis_err = REDIS_OK; */
if ((p = Ustrchr(sdata[0], '(')))
{
*p++ = 0;
socket = p;
while (*p != 0 && *p != ')') p++;
*p = 0;
}
if ((p = Ustrchr(sdata[0], ':')))
{
*p++ = 0;
port = Uatoi(p);
}
else
port = Uatoi("6379");
if (Ustrchr(server, '/'))
{
*errmsg = string_sprintf("unexpected slash in Redis server hostname: %s",
sdata[0]);
*defer_break = TRUE;
return DEFER;
}
DEBUG(D_lookup)
debug_printf("REDIS new connection: host=%s port=%d socket=%s database=%s\n",
sdata[0], port, socket, sdata[1]);
/* Get store for a new handle, initialize it, and connect to the server */
/* XXX: Use timeouts ? */
redis_handle =
socket ? redisConnectUnix(CCS socket) : redisConnect(CCS server, port);
if (!redis_handle)
{
*errmsg = string_sprintf("REDIS connection failed");
*defer_break = FALSE;
goto REDIS_EXIT;
}
/* Add the connection to the cache */
cn = store_get(sizeof(redis_connection));
cn->server = server_copy;
cn->handle = redis_handle;
cn->next = redis_connections;
redis_connections = cn;
}
else
{
DEBUG(D_lookup)
debug_printf("REDIS using cached connection for %s\n", server_copy);
}
/* Authenticate if there is a password */
if(sdata[2])
if (!(redis_reply = redisCommand(redis_handle, "AUTH %s", sdata[2])))
{
*errmsg = string_sprintf("REDIS Authentication failed: %s\n", redis_handle->errstr);
*defer_break = FALSE;
goto REDIS_EXIT;
}
/* Select the database if there is a dbnumber passed */
if(sdata[1])
{
if (!(redis_reply = redisCommand(redis_handle, "SELECT %s", sdata[1])))
{
*errmsg = string_sprintf("REDIS: Selecting database=%s failed: %s\n", sdata[1], redis_handle->errstr);
*defer_break = FALSE;
goto REDIS_EXIT;
}
DEBUG(D_lookup) debug_printf("REDIS: Selecting database=%s\n", sdata[1]);
}
/* split string on whitespace into argv */
{
uschar * argv[32];
int i;
const uschar * s = command;
int siz, ptr;
uschar c;
while (isspace(*s)) s++;
for (i = 0; *s && i < nele(argv); i++)
{
for (argv[i] = NULL, siz = ptr = 0; (c = *s) && !isspace(c); s++)
if (c != '\\' || *++s) /* backslash protects next char */
argv[i] = string_cat(argv[i], &siz, &ptr, s, 1);
*(argv[i]+ptr) = '\0';
DEBUG(D_lookup) debug_printf("REDIS: argv[%d] '%s'\n", i, argv[i]);
while (isspace(*s)) s++;
}
/* Run the command. We use the argv form rather than plain as that parses
into args by whitespace yet has no escaping mechanism. */
redis_reply = redisCommandArgv(redis_handle, i, (const char **) argv, NULL);
if (!redis_reply)
{
*errmsg = string_sprintf("REDIS: query failed: %s\n", redis_handle->errstr);
*defer_break = FALSE;
goto REDIS_EXIT;
}
}
switch (redis_reply->type)
{
case REDIS_REPLY_ERROR:
*errmsg = string_sprintf("REDIS: lookup result failed: %s\n", redis_reply->str);
*defer_break = FALSE;
*do_cache = 0;
goto REDIS_EXIT;
/* NOTREACHED */
case REDIS_REPLY_NIL:
DEBUG(D_lookup)
debug_printf("REDIS: query was not one that returned any data\n");
result = string_sprintf("");
*do_cache = 0;
goto REDIS_EXIT;
/* NOTREACHED */
case REDIS_REPLY_INTEGER:
ttmp = (redis_reply->integer != 0) ? US"true" : US"false";
result = string_cat(result, &ssize, &offset, US ttmp, Ustrlen(ttmp));
break;
case REDIS_REPLY_STRING:
case REDIS_REPLY_STATUS:
result = string_cat(result, &ssize, &offset,
US redis_reply->str, redis_reply->len);
break;
case REDIS_REPLY_ARRAY:
/* NOTE: For now support 1 nested array result. If needed a limitless
result can be parsed */
for (i = 0; i < redis_reply->elements; i++)
{
entry = redis_reply->element[i];
if (result)
result = string_cat(result, &ssize, &offset, US"\n", 1);
switch (entry->type)
{
case REDIS_REPLY_INTEGER:
tmp = string_sprintf("%d", entry->integer);
result = string_cat(result, &ssize, &offset, US tmp, Ustrlen(tmp));
break;
case REDIS_REPLY_STRING:
result = string_cat(result, &ssize, &offset,
US entry->str, entry->len);
break;
case REDIS_REPLY_ARRAY:
for (j = 0; j < entry->elements; j++)
{
tentry = entry->element[j];
if (result)
result = string_cat(result, &ssize, &offset, US"\n", 1);
switch (tentry->type)
{
case REDIS_REPLY_INTEGER:
ttmp = string_sprintf("%d", tentry->integer);
result = string_cat(result, &ssize, &offset,
US ttmp, Ustrlen(ttmp));
break;
case REDIS_REPLY_STRING:
result = string_cat(result, &ssize, &offset,
US tentry->str, tentry->len);
break;
case REDIS_REPLY_ARRAY:
DEBUG(D_lookup)
debug_printf("REDIS: result has nesting of arrays which"
" is not supported. Ignoring!\n");
break;
default:
DEBUG(D_lookup) debug_printf(
"REDIS: result has unsupported type. Ignoring!\n");
break;
}
}
break;
default:
DEBUG(D_lookup) debug_printf("REDIS: query returned unsupported type\n");
break;
}
}
break;
}
if (result)
{
result[offset] = 0;
store_reset(result + offset + 1);
}
else
{
yield = FAIL;
*errmsg = US"REDIS: no data found";
}
REDIS_EXIT:
/* Free store for any result that was got; don't close the connection,
as it is cached. */
if (redis_reply) freeReplyObject(redis_reply);
/* Non-NULL result indicates a sucessful result */
if (result)
{
*resultptr = result;
return OK;
}
else
{
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
/* NOTE: Required to close connection since it needs to be reopened */
return yield; /* FAIL or DEFER */
}
}
int
spool_read_header(uschar *name, BOOL read_headers, BOOL subdir_set)
{
FILE *f = NULL;
int n;
int rcount = 0;
long int uid, gid;
BOOL inheader = FALSE;
uschar *p;
/* Reset all the global variables to their default values. However, there is
one exception. DO NOT change the default value of dont_deliver, because it may
be forced by an external setting. */
acl_var_c = acl_var_m = NULL;
authenticated_id = NULL;
authenticated_sender = NULL;
allow_unqualified_recipient = FALSE;
allow_unqualified_sender = FALSE;
body_linecount = 0;
body_zerocount = 0;
deliver_firsttime = FALSE;
deliver_freeze = FALSE;
deliver_frozen_at = 0;
deliver_manual_thaw = FALSE;
/* dont_deliver must NOT be reset */
header_list = header_last = NULL;
host_lookup_deferred = FALSE;
host_lookup_failed = FALSE;
interface_address = NULL;
interface_port = 0;
local_error_message = FALSE;
local_scan_data = NULL;
max_received_linelength = 0;
message_linecount = 0;
received_protocol = NULL;
received_count = 0;
recipients_list = NULL;
sender_address = NULL;
sender_fullhost = NULL;
sender_helo_name = NULL;
sender_host_address = NULL;
sender_host_name = NULL;
sender_host_port = 0;
sender_host_authenticated = NULL;
sender_ident = NULL;
sender_local = FALSE;
sender_set_untrusted = FALSE;
smtp_active_hostname = primary_hostname;
tree_nonrecipients = NULL;
#ifdef EXPERIMENTAL_BRIGHTMAIL
bmi_run = 0;
bmi_verdicts = NULL;
#endif
#ifndef DISABLE_DKIM
dkim_signers = NULL;
dkim_disable_verify = FALSE;
dkim_collect_input = FALSE;
#endif
#ifdef SUPPORT_TLS
tls_in.certificate_verified = FALSE;
# ifdef EXPERIMENTAL_DANE
tls_in.dane_verified = FALSE;
# endif
tls_in.cipher = NULL;
# ifndef COMPILE_UTILITY /* tls support fns not built in */
tls_free_cert(&tls_in.ourcert);
tls_free_cert(&tls_in.peercert);
# endif
tls_in.peerdn = NULL;
tls_in.sni = NULL;
tls_in.ocsp = OCSP_NOT_REQ;
#endif
#ifdef WITH_CONTENT_SCAN
spam_bar = NULL;
spam_score = NULL;
spam_score_int = NULL;
#endif
#if defined(SUPPORT_I18N) && !defined(COMPILE_UTILITY)
message_smtputf8 = FALSE;
message_utf8_downconvert = 0;
#endif
dsn_ret = 0;
dsn_envid = NULL;
/* Generate the full name and open the file. If message_subdir is already
set, just look in the given directory. Otherwise, look in both the split
and unsplit directories, as for the data file above. */
for (n = 0; n < 2; n++)
{
if (!subdir_set)
message_subdir[0] = (split_spool_directory == (n == 0))? name[5] : 0;
sprintf(CS big_buffer, "%s/input/%s/%s", spool_directory, message_subdir,
name);
f = Ufopen(big_buffer, "rb");
if (f != NULL) break;
if (n != 0 || subdir_set || errno != ENOENT) return spool_read_notopen;
}
errno = 0;
#ifndef COMPILE_UTILITY
DEBUG(D_deliver) debug_printf("reading spool file %s\n", name);
#endif /* COMPILE_UTILITY */
/* The first line of a spool file contains the message id followed by -H (i.e.
the file name), in order to make the file self-identifying. */
if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
if (Ustrlen(big_buffer) != MESSAGE_ID_LENGTH + 3 ||
Ustrncmp(big_buffer, name, MESSAGE_ID_LENGTH + 2) != 0)
goto SPOOL_FORMAT_ERROR;
/* The next three lines in the header file are in a fixed format. The first
contains the login, uid, and gid of the user who caused the file to be written.
There are known cases where a negative gid is used, so we allow for both
negative uids and gids. The second contains the mail address of the message's
sender, enclosed in <>. The third contains the time the message was received,
and the number of warning messages for delivery delays that have been sent. */
if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
p = big_buffer + Ustrlen(big_buffer);
while (p > big_buffer && isspace(p[-1])) p--;
*p = 0;
if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
gid = Uatoi(p);
if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
*p = 0;
if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
uid = Uatoi(p);
if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
*p = 0;
originator_login = string_copy(big_buffer);
originator_uid = (uid_t)uid;
originator_gid = (gid_t)gid;
/* envelope from */
if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
n = Ustrlen(big_buffer);
if (n < 3 || big_buffer[0] != '<' || big_buffer[n-2] != '>')
goto SPOOL_FORMAT_ERROR;
sender_address = store_get(n-2);
Ustrncpy(sender_address, big_buffer+1, n-3);
sender_address[n-3] = 0;
/* time */
if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
if (sscanf(CS big_buffer, "%d %d", &received_time, &warning_count) != 2)
goto SPOOL_FORMAT_ERROR;
message_age = time(NULL) - received_time;
#ifndef COMPILE_UTILITY
DEBUG(D_deliver) debug_printf("user=%s uid=%ld gid=%ld sender=%s\n",
originator_login, (long int)originator_uid, (long int)originator_gid,
sender_address);
#endif /* COMPILE_UTILITY */
/* Now there may be a number of optional lines, each starting with "-". If you
add a new setting here, make sure you set the default above.
Because there are now quite a number of different possibilities, we use a
switch on the first character to avoid too many failing tests. Thanks to Nico
Erfurth for the patch that implemented this. I have made it even more efficient
by not re-scanning the first two characters.
To allow new versions of Exim that add additional flags to interwork with older
versions that do not understand them, just ignore any lines starting with "-"
that we don't recognize. Otherwise it wouldn't be possible to back off a new
version that left new-style flags written on the spool. */
p = big_buffer + 2;
for (;;)
{
int len;
if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
if (big_buffer[0] != '-') break;
while ( (len = Ustrlen(big_buffer)) == big_buffer_size-1
&& big_buffer[len-1] != '\n'
)
{ /* buffer not big enough for line; certs make this possible */
uschar * buf;
if (big_buffer_size >= BIG_BUFFER_SIZE*4) goto SPOOL_READ_ERROR;
buf = store_get_perm(big_buffer_size *= 2);
memcpy(buf, big_buffer, --len);
big_buffer = buf;
if (Ufgets(big_buffer+len, big_buffer_size-len, f) == NULL)
goto SPOOL_READ_ERROR;
}
big_buffer[len-1] = 0;
switch(big_buffer[1])
{
case 'a':
/* Nowadays we use "-aclc" and "-aclm" for the different types of ACL
variable, because Exim allows any number of them, with arbitrary names.
The line in the spool file is "-acl[cm] <name> <length>". The name excludes
the c or m. */
if (Ustrncmp(p, "clc ", 4) == 0 ||
Ustrncmp(p, "clm ", 4) == 0)
{
uschar *name, *endptr;
int count;
tree_node *node;
endptr = Ustrchr(big_buffer + 6, ' ');
if (endptr == NULL) goto SPOOL_FORMAT_ERROR;
name = string_sprintf("%c%.*s", big_buffer[4], endptr - big_buffer - 6,
big_buffer + 6);
if (sscanf(CS endptr, " %d", &count) != 1) goto SPOOL_FORMAT_ERROR;
node = acl_var_create(name);
node->data.ptr = store_get(count + 1);
if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
((uschar*)node->data.ptr)[count] = 0;
}
else if (Ustrcmp(p, "llow_unqualified_recipient") == 0)
allow_unqualified_recipient = TRUE;
else if (Ustrcmp(p, "llow_unqualified_sender") == 0)
allow_unqualified_sender = TRUE;
else if (Ustrncmp(p, "uth_id", 6) == 0)
authenticated_id = string_copy(big_buffer + 9);
else if (Ustrncmp(p, "uth_sender", 10) == 0)
authenticated_sender = string_copy(big_buffer + 13);
else if (Ustrncmp(p, "ctive_hostname", 14) == 0)
smtp_active_hostname = string_copy(big_buffer + 17);
/* For long-term backward compatibility, we recognize "-acl", which was
used before the number of ACL variables changed from 10 to 20. This was
before the subsequent change to an arbitrary number of named variables.
This code is retained so that upgrades from very old versions can still
handle old-format spool files. The value given after "-acl" is a number
that is 0-9 for connection variables, and 10-19 for message variables. */
else if (Ustrncmp(p, "cl ", 3) == 0)
{
int index, count;
uschar name[20]; /* Need plenty of space for %d format */
tree_node *node;
if ( sscanf(CS big_buffer + 5, "%d %d", &index, &count) != 2
|| index >= 20
)
goto SPOOL_FORMAT_ERROR;
if (index < 10)
(void) string_format(name, sizeof(name), "%c%d", 'c', index);
else
(void) string_format(name, sizeof(name), "%c%d", 'm', index - 10);
node = acl_var_create(name);
node->data.ptr = store_get(count + 1);
if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
((uschar*)node->data.ptr)[count] = 0;
}
break;
case 'b':
if (Ustrncmp(p, "ody_linecount", 13) == 0)
body_linecount = Uatoi(big_buffer + 15);
else if (Ustrncmp(p, "ody_zerocount", 13) == 0)
body_zerocount = Uatoi(big_buffer + 15);
#ifdef EXPERIMENTAL_BRIGHTMAIL
else if (Ustrncmp(p, "mi_verdicts ", 12) == 0)
bmi_verdicts = string_copy(big_buffer + 14);
#endif
break;
case 'd':
if (Ustrcmp(p, "eliver_firsttime") == 0)
deliver_firsttime = TRUE;
/* Check if the dsn flags have been set in the header file */
else if (Ustrncmp(p, "sn_ret", 6) == 0)
dsn_ret= atoi(CS big_buffer + 8);
else if (Ustrncmp(p, "sn_envid", 8) == 0)
dsn_envid = string_copy(big_buffer + 11);
break;
case 'f':
if (Ustrncmp(p, "rozen", 5) == 0)
{
deliver_freeze = TRUE;
if (sscanf(CS big_buffer+7, TIME_T_FMT, &deliver_frozen_at) != 1)
goto SPOOL_READ_ERROR;
}
break;
case 'h':
if (Ustrcmp(p, "ost_lookup_deferred") == 0)
host_lookup_deferred = TRUE;
else if (Ustrcmp(p, "ost_lookup_failed") == 0)
host_lookup_failed = TRUE;
else if (Ustrncmp(p, "ost_auth", 8) == 0)
sender_host_authenticated = string_copy(big_buffer + 11);
else if (Ustrncmp(p, "ost_name", 8) == 0)
sender_host_name = string_copy(big_buffer + 11);
else if (Ustrncmp(p, "elo_name", 8) == 0)
sender_helo_name = string_copy(big_buffer + 11);
/* We now record the port number after the address, separated by a
dot. For compatibility during upgrading, do nothing if there
isn't a value (it gets left at zero). */
else if (Ustrncmp(p, "ost_address", 11) == 0)
{
sender_host_port = host_address_extract_port(big_buffer + 14);
sender_host_address = string_copy(big_buffer + 14);
}
break;
case 'i':
if (Ustrncmp(p, "nterface_address", 16) == 0)
{
interface_port = host_address_extract_port(big_buffer + 19);
interface_address = string_copy(big_buffer + 19);
}
else if (Ustrncmp(p, "dent", 4) == 0)
sender_ident = string_copy(big_buffer + 7);
break;
case 'l':
if (Ustrcmp(p, "ocal") == 0) sender_local = TRUE;
else if (Ustrcmp(big_buffer, "-localerror") == 0)
local_error_message = TRUE;
else if (Ustrncmp(p, "ocal_scan ", 10) == 0)
local_scan_data = string_copy(big_buffer + 12);
break;
case 'm':
if (Ustrcmp(p, "anual_thaw") == 0) deliver_manual_thaw = TRUE;
else if (Ustrncmp(p, "ax_received_linelength", 22) == 0)
max_received_linelength = Uatoi(big_buffer + 24);
break;
case 'N':
if (*p == 0) dont_deliver = TRUE; /* -N */
break;
case 'r':
if (Ustrncmp(p, "eceived_protocol", 16) == 0)
received_protocol = string_copy(big_buffer + 19);
break;
case 's':
if (Ustrncmp(p, "ender_set_untrusted", 19) == 0)
sender_set_untrusted = TRUE;
#ifdef WITH_CONTENT_SCAN
else if (Ustrncmp(p, "pam_bar ", 8) == 0)
spam_bar = string_copy(big_buffer + 10);
else if (Ustrncmp(p, "pam_score ", 10) == 0)
spam_score = string_copy(big_buffer + 12);
else if (Ustrncmp(p, "pam_score_int ", 14) == 0)
spam_score_int = string_copy(big_buffer + 16);
#endif
#if defined(SUPPORT_I18N) && !defined(COMPILE_UTILITY)
else if (Ustrncmp(p, "mtputf8", 7) == 0)
message_smtputf8 = TRUE;
#endif
break;
#ifdef SUPPORT_TLS
case 't':
if (Ustrncmp(p, "ls_certificate_verified", 23) == 0)
tls_in.certificate_verified = TRUE;
else if (Ustrncmp(p, "ls_cipher", 9) == 0)
tls_in.cipher = string_copy(big_buffer + 12);
# ifndef COMPILE_UTILITY /* tls support fns not built in */
else if (Ustrncmp(p, "ls_ourcert", 10) == 0)
(void) tls_import_cert(big_buffer + 13, &tls_in.ourcert);
else if (Ustrncmp(p, "ls_peercert", 11) == 0)
(void) tls_import_cert(big_buffer + 14, &tls_in.peercert);
# endif
else if (Ustrncmp(p, "ls_peerdn", 9) == 0)
tls_in.peerdn = string_unprinting(string_copy(big_buffer + 12));
else if (Ustrncmp(p, "ls_sni", 6) == 0)
tls_in.sni = string_unprinting(string_copy(big_buffer + 9));
else if (Ustrncmp(p, "ls_ocsp", 7) == 0)
tls_in.ocsp = big_buffer[10] - '0';
break;
#endif
#if defined(SUPPORT_I18N) && !defined(COMPILE_UTILITY)
case 'u':
if (Ustrncmp(p, "tf8_downcvt", 11) == 0)
message_utf8_downconvert = 1;
else if (Ustrncmp(p, "tf8_optdowncvt", 15) == 0)
message_utf8_downconvert = -1;
break;
#endif
default: /* Present because some compilers complain if all */
break; /* possibilities are not covered. */
}
}
/* Build sender_fullhost if required */
#ifndef COMPILE_UTILITY
host_build_sender_fullhost();
#endif /* COMPILE_UTILITY */
#ifndef COMPILE_UTILITY
DEBUG(D_deliver)
debug_printf("sender_local=%d ident=%s\n", sender_local,
(sender_ident == NULL)? US"unset" : sender_ident);
#endif /* COMPILE_UTILITY */
/* We now have the tree of addresses NOT to deliver to, or a line
containing "XX", indicating no tree. */
if (Ustrncmp(big_buffer, "XX\n", 3) != 0 &&
!read_nonrecipients_tree(&tree_nonrecipients, f, big_buffer, big_buffer_size))
goto SPOOL_FORMAT_ERROR;
#ifndef COMPILE_UTILITY
DEBUG(D_deliver)
{
debug_printf("Non-recipients:\n");
debug_print_tree(tree_nonrecipients);
}
#endif /* COMPILE_UTILITY */
/* After reading the tree, the next line has not yet been read into the
buffer. It contains the count of recipients which follow on separate lines. */
if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
if (sscanf(CS big_buffer, "%d", &rcount) != 1) goto SPOOL_FORMAT_ERROR;
#ifndef COMPILE_UTILITY
DEBUG(D_deliver) debug_printf("recipients_count=%d\n", rcount);
#endif /* COMPILE_UTILITY */
recipients_list_max = rcount;
recipients_list = store_get(rcount * sizeof(recipient_item));
for (recipients_count = 0; recipients_count < rcount; recipients_count++)
{
int nn;
int pno = -1;
int dsn_flags = 0;
uschar *orcpt = NULL;
uschar *errors_to = NULL;
uschar *p;
if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
nn = Ustrlen(big_buffer);
if (nn < 2) goto SPOOL_FORMAT_ERROR;
/* Remove the newline; this terminates the address if there is no additional
data on the line. */
p = big_buffer + nn - 1;
*p-- = 0;
/* Look back from the end of the line for digits and special terminators.
Since an address must end with a domain, we can tell that extra data is
present by the presence of the terminator, which is always some character
that cannot exist in a domain. (If I'd thought of the need for additional
data early on, I'd have put it at the start, with the address at the end. As
it is, we have to operate backwards. Addresses are permitted to contain
spaces, you see.)
This code has to cope with various versions of this data that have evolved
over time. In all cases, the line might just contain an address, with no
additional data. Otherwise, the possibilities are as follows:
Exim 3 type: <address><space><digits>,<digits>,<digits>
The second set of digits is the parent number for one_time addresses. The
other values were remnants of earlier experiments that were abandoned.
Exim 4 first type: <address><space><digits>
The digits are the parent number for one_time addresses.
Exim 4 new type: <address><space><data>#<type bits>
The type bits indicate what the contents of the data are.
Bit 01 indicates that, reading from right to left, the data
ends with <errors_to address><space><len>,<pno> where pno is
the parent number for one_time addresses, and len is the length
of the errors_to address (zero meaning none).
Bit 02 indicates that, again reading from right to left, the data continues
with orcpt len(orcpt),dsn_flags
*/
while (isdigit(*p)) p--;
/* Handle Exim 3 spool files */
if (*p == ',')
{
int dummy;
while (isdigit(*(--p)) || *p == ',');
if (*p == ' ')
{
*p++ = 0;
(void)sscanf(CS p, "%d,%d", &dummy, &pno);
}
}
/* Handle early Exim 4 spool files */
else if (*p == ' ')
{
*p++ = 0;
(void)sscanf(CS p, "%d", &pno);
}
/* Handle current format Exim 4 spool files */
else if (*p == '#')
{
int flags;
#if !defined (COMPILE_UTILITY)
DEBUG(D_deliver) debug_printf("**** SPOOL_IN - Exim 4 standard format spoolfile\n");
#endif
(void)sscanf(CS p+1, "%d", &flags);
if ((flags & 0x01) != 0) /* one_time data exists */
{
int len;
while (isdigit(*(--p)) || *p == ',' || *p == '-');
(void)sscanf(CS p+1, "%d,%d", &len, &pno);
*p = 0;
if (len > 0)
{
p -= len;
errors_to = string_copy(p);
}
}
*(--p) = 0; /* Terminate address */
if ((flags & 0x02) != 0) /* one_time data exists */
{
int len;
while (isdigit(*(--p)) || *p == ',' || *p == '-');
(void)sscanf(CS p+1, "%d,%d", &len, &dsn_flags);
*p = 0;
if (len > 0)
{
p -= len;
orcpt = string_copy(p);
}
}
*(--p) = 0; /* Terminate address */
}
#if !defined(COMPILE_UTILITY)
else
{ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - No additional fields\n"); }
if ((orcpt != NULL) || (dsn_flags != 0))
{
DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| orcpt: |%s| dsn_flags: %d\n",
big_buffer, orcpt, dsn_flags);
}
if (errors_to != NULL)
{
DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s|\n",
big_buffer, errors_to);
}
#endif
recipients_list[recipients_count].address = string_copy(big_buffer);
recipients_list[recipients_count].pno = pno;
recipients_list[recipients_count].errors_to = errors_to;
recipients_list[recipients_count].orcpt = orcpt;
recipients_list[recipients_count].dsn_flags = dsn_flags;
}
/* The remainder of the spool header file contains the headers for the message,
separated off from the previous data by a blank line. Each header is preceded
by a count of its length and either a certain letter (for various identified
headers), space (for a miscellaneous live header) or an asterisk (for a header
that has been rewritten). Count the Received: headers. We read the headers
always, in order to check on the format of the file, but only create a header
list if requested to do so. */
inheader = TRUE;
if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
if (big_buffer[0] != '\n') goto SPOOL_FORMAT_ERROR;
while ((n = fgetc(f)) != EOF)
{
header_line *h;
uschar flag[4];
int i;
if (!isdigit(n)) goto SPOOL_FORMAT_ERROR;
if(ungetc(n, f) == EOF || fscanf(f, "%d%c ", &n, flag) == EOF)
goto SPOOL_READ_ERROR;
if (flag[0] != '*') message_size += n; /* Omit non-transmitted headers */
if (read_headers)
{
h = store_get(sizeof(header_line));
h->next = NULL;
h->type = flag[0];
h->slen = n;
h->text = store_get(n+1);
if (h->type == htype_received) received_count++;
if (header_list == NULL) header_list = h;
else header_last->next = h;
header_last = h;
for (i = 0; i < n; i++)
{
int c = fgetc(f);
if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
if (c == '\n' && h->type != htype_old) message_linecount++;
h->text[i] = c;
}
h->text[i] = 0;
}
/* Not requiring header data, just skip through the bytes */
else for (i = 0; i < n; i++)
{
int c = fgetc(f);
if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
}
}
/* We have successfully read the data in the header file. Update the message
line count by adding the body linecount to the header linecount. Close the file
and give a positive response. */
#ifndef COMPILE_UTILITY
DEBUG(D_deliver) debug_printf("body_linecount=%d message_linecount=%d\n",
body_linecount, message_linecount);
#endif /* COMPILE_UTILITY */
message_linecount += body_linecount;
fclose(f);
return spool_read_OK;
/* There was an error reading the spool or there was missing data,
or there was a format error. A "read error" with no errno means an
unexpected EOF, which we treat as a format error. */
SPOOL_READ_ERROR:
if (errno != 0)
{
n = errno;
#ifndef COMPILE_UTILITY
DEBUG(D_any) debug_printf("Error while reading spool file %s\n", name);
#endif /* COMPILE_UTILITY */
fclose(f);
errno = n;
return inheader? spool_read_hdrerror : spool_read_enverror;
}
SPOOL_FORMAT_ERROR:
#ifndef COMPILE_UTILITY
DEBUG(D_any) debug_printf("Format error in spool file %s\n", name);
#endif /* COMPILE_UTILITY */
fclose(f);
errno = ERRNO_SPOOLFORMAT;
return inheader? spool_read_hdrerror : spool_read_enverror;
}
static int
perform_pgsql_search(uschar *query, uschar *server, uschar **resultptr,
uschar **errmsg, BOOL *defer_break, BOOL *do_cache)
{
PGconn *pg_conn = NULL;
PGresult *pg_result = NULL;
int i;
int ssize = 0;
int offset = 0;
int yield = DEFER;
unsigned int num_fields, num_tuples;
uschar *result = NULL;
pgsql_connection *cn;
uschar *server_copy = NULL;
uschar *sdata[3];
/* Disaggregate the parameters from the server argument. The order is host or
path, database, user, password. We can write to the string, since it is in a
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */
for (i = 2; i >= 0; i--)
{
uschar *pp = Ustrrchr(server, '/');
if (pp == NULL)
{
*errmsg = string_sprintf("incomplete pgSQL server data: %s",
(i == 2)? server : server_copy);
*defer_break = TRUE;
return DEFER;
}
*pp++ = 0;
sdata[i] = pp;
if (i == 2) server_copy = string_copy(server); /* sans password */
}
/* The total server string has now been truncated so that what is left at the
start is the identification of the server (host or path). See if we have a
cached connection to the server. */
for (cn = pgsql_connections; cn != NULL; cn = cn->next)
{
if (Ustrcmp(cn->server, server_copy) == 0)
{
pg_conn = cn->handle;
break;
}
}
/* If there is no cached connection, we must set one up. */
if (cn == NULL)
{
uschar *port = US"";
/* For a Unix domain socket connection, the path is in parentheses */
if (*server == '(')
{
uschar *last_slash, *last_dot, *p;
p = ++server;
while (*p != 0 && *p != ')') p++;
*p = 0;
last_slash = Ustrrchr(server, '/');
last_dot = Ustrrchr(server, '.');
DEBUG(D_lookup) debug_printf("PGSQL new connection: socket=%s "
"database=%s user=%s\n", server, sdata[0], sdata[1]);
/* A valid socket name looks like this: /var/run/postgresql/.s.PGSQL.5432
We have to call PQsetdbLogin with '/var/run/postgresql' as the hostname
argument and put '5432' into the port variable. */
if (last_slash == NULL || last_dot == NULL)
{
*errmsg = string_sprintf("PGSQL invalid filename for socket: %s",
server);
*defer_break = TRUE;
return DEFER;
}
/* Terminate the path name and set up the port: we'll have something like
server = "/var/run/postgresql" and port = "5432". */
*last_slash = 0;
port = last_dot + 1;
}
/* Host connection; sort out the port */
else
{
uschar *p;
if ((p = Ustrchr(server, ':')) != NULL)
{
*p++ = 0;
port = p;
}
if (Ustrchr(server, '/') != NULL)
{
*errmsg = string_sprintf("unexpected slash in pgSQL server hostname: %s",
server);
*defer_break = TRUE;
return DEFER;
}
DEBUG(D_lookup) debug_printf("PGSQL new connection: host=%s port=%s "
"database=%s user=%s\n", server, port, sdata[0], sdata[1]);
}
/* If the database is the empty string, set it NULL - the query must then
define it. */
if (sdata[0][0] == 0) sdata[0] = NULL;
/* Get store for a new handle, initialize it, and connect to the server */
pg_conn=PQsetdbLogin(
/* host port options tty database user passwd */
CS server, CS port, NULL, NULL, CS sdata[0], CS sdata[1], CS sdata[2]);
if(PQstatus(pg_conn) == CONNECTION_BAD)
{
store_reset(server_copy);
*errmsg = string_sprintf("PGSQL connection failed: %s",
PQerrorMessage(pg_conn));
PQfinish(pg_conn);
goto PGSQL_EXIT;
}
/* Set the client encoding to SQL_ASCII, which means that the server will
not try to interpret the query as being in any fancy encoding such as UTF-8
or other multibyte code that might cause problems with escaping. */
PQsetClientEncoding(pg_conn, "SQL_ASCII");
/* Set the notice processor to prevent notices from being written to stderr
(which is what the default does). Our function (above) just produces debug
output. */
PQsetNoticeProcessor(pg_conn, notice_processor, NULL);
/* Add the connection to the cache */
cn = store_get(sizeof(pgsql_connection));
cn->server = server_copy;
cn->handle = pg_conn;
cn->next = pgsql_connections;
pgsql_connections = cn;
}
/* Else use a previously cached connection */
else
{
DEBUG(D_lookup) debug_printf("PGSQL using cached connection for %s\n",
server_copy);
}
/* Run the query */
pg_result = PQexec(pg_conn, CS query);
switch(PQresultStatus(pg_result))
{
case PGRES_EMPTY_QUERY:
case PGRES_COMMAND_OK:
/* The command was successful but did not return any data since it was
* not SELECT but either an INSERT, UPDATE or DELETE statement. Tell the
* high level code to not cache this query, and clean the current cache for
* this handle by setting *do_cache FALSE. */
result = string_copy(US PQcmdTuples(pg_result));
offset = Ustrlen(result);
*do_cache = FALSE;
DEBUG(D_lookup) debug_printf("PGSQL: command does not return any data "
"but was successful. Rows affected: %s\n", result);
case PGRES_TUPLES_OK:
break;
default:
/* This was the original code:
*errmsg = string_sprintf("PGSQL: query failed: %s\n",
PQresultErrorMessage(pg_result));
This was suggested by a user:
*/
*errmsg = string_sprintf("PGSQL: query failed: %s (%s) (%s)\n",
PQresultErrorMessage(pg_result),
PQresStatus(PQresultStatus(pg_result)), query);
goto PGSQL_EXIT;
}
/* Result is in pg_result. Find the number of fields returned. If this is one,
we don't add field names to the data. Otherwise we do. If the query did not
return anything we skip the for loop; this also applies to the case
PGRES_COMMAND_OK. */
num_fields = PQnfields(pg_result);
num_tuples = PQntuples(pg_result);
/* Get the fields and construct the result string. If there is more than one
row, we insert '\n' between them. */
for (i = 0; i < num_tuples; i++)
{
if (result != NULL)
result = string_cat(result, &ssize, &offset, US"\n", 1);
if (num_fields == 1)
{
result = string_cat(result, &ssize, &offset,
US PQgetvalue(pg_result, i, 0), PQgetlength(pg_result, i, 0));
}
else
{
int j;
for (j = 0; j < num_fields; j++)
{
uschar *tmp = US PQgetvalue(pg_result, i, j);
result = lf_quote(US PQfname(pg_result, j), tmp, Ustrlen(tmp), result,
&ssize, &offset);
}
}
}
/* If result is NULL then no data has been found and so we return FAIL.
Otherwise, we must terminate the string which has been built; string_cat()
always leaves enough room for a terminating zero. */
if (result == NULL)
{
yield = FAIL;
*errmsg = US"PGSQL: no data found";
}
else
{
result[offset] = 0;
store_reset(result + offset + 1);
}
/* Get here by goto from various error checks. */
PGSQL_EXIT:
/* Free store for any result that was got; don't close the connection, as
it is cached. */
if (pg_result != NULL) PQclear(pg_result);
/* Non-NULL result indicates a sucessful result */
if (result != NULL)
{
*resultptr = result;
return OK;
}
else
{
DEBUG(D_lookup) debug_printf("%s\n", *errmsg);
return yield; /* FAIL or DEFER */
}
}
static queue_filename *
queue_get_spool_list(int subdiroffset, uschar *subdirs, int *subcount,
BOOL randomize)
{
int i;
int flags = 0;
int resetflags = -1;
int subptr;
queue_filename *yield = NULL;
queue_filename *last = NULL;
struct dirent *ent;
DIR *dd;
uschar buffer[256];
queue_filename *root[LOG2_MAXNODES];
/* When randomizing, the file names are added to the start or end of the list
according to the bits of the flags variable. Get a collection of bits from the
current time. Use the bottom 16 and just keep re-using them if necessary. When
not randomizing, initialize the sublists for the bottom-up merge sort. */
if (randomize)
resetflags = time(NULL) & 0xFFFF;
else
for (i = 0; i < LOG2_MAXNODES; i++)
root[i] = NULL;
/* If processing the full queue, or just the top-level, start at the base
directory, and initialize the first subdirectory name (as none). Otherwise,
start at the sub-directory offset. */
if (subdiroffset <= 0)
{
i = 0;
subdirs[0] = 0;
*subcount = 0;
}
else
i = subdiroffset;
/* Set up prototype for the directory name. */
spool_pname_buf(buffer, sizeof(buffer));
buffer[sizeof(buffer) - 3] = 0;
subptr = Ustrlen(buffer);
buffer[subptr+2] = 0; /* terminator for lengthened name */
/* This loop runs at least once, for the main or given directory, and then as
many times as necessary to scan any subdirectories encountered in the main
directory, if they are to be scanned at this time. */
for (; i <= *subcount; i++)
{
int count = 0;
int subdirchar = subdirs[i]; /* 0 for main directory */
if (subdirchar != 0)
{
buffer[subptr] = '/';
buffer[subptr+1] = subdirchar;
}
DEBUG(D_queue_run) debug_printf("looking in %s\n", buffer);
if (!(dd = opendir(CS buffer)))
continue;
/* Now scan the directory. */
while ((ent = readdir(dd)))
{
uschar *name = US ent->d_name;
int len = Ustrlen(name);
/* Count entries */
count++;
/* If we find a single alphameric sub-directory in the base directory,
add it to the list for subsequent scans. */
if (i == 0 && len == 1 && isalnum(*name))
{
*subcount = *subcount + 1;
subdirs[*subcount] = *name;
continue;
}
/* Otherwise, if it is a header spool file, add it to the list */
if (len == SPOOL_NAME_LENGTH &&
Ustrcmp(name + SPOOL_NAME_LENGTH - 2, "-H") == 0)
{
queue_filename *next =
store_get(sizeof(queue_filename) + Ustrlen(name));
Ustrcpy(next->text, name);
next->dir_uschar = subdirchar;
/* Handle the creation of a randomized list. The first item becomes both
the top and bottom of the list. Subsequent items are inserted either at
the top or the bottom, randomly. This is, I argue, faster than doing a
sort by allocating a random number to each item, and it also saves having
to store the number with each item. */
if (randomize)
if (!yield)
{
next->next = NULL;
yield = last = next;
}
else
{
if (flags == 0)
flags = resetflags;
if ((flags & 1) == 0)
{
next->next = yield;
yield = next;
}
else
{
next->next = NULL;
last->next = next;
last = next;
}
flags = flags >> 1;
}
/* Otherwise do a bottom-up merge sort based on the name. */
else
{
int j;
next->next = NULL;
for (j = 0; j < LOG2_MAXNODES; j++)
if (root[j])
{
next = merge_queue_lists(next, root[j]);
root[j] = (j == LOG2_MAXNODES - 1)? next : NULL;
}
else
{
root[j] = next;
break;
}
}
}
}
