diff options
Diffstat (limited to 'contrib/sendmail/src/util.c')
| -rw-r--r-- | contrib/sendmail/src/util.c | 2853 |
1 files changed, 0 insertions, 2853 deletions
diff --git a/contrib/sendmail/src/util.c b/contrib/sendmail/src/util.c deleted file mode 100644 index 95d2f9a..0000000 --- a/contrib/sendmail/src/util.c +++ /dev/null @@ -1,2853 +0,0 @@ -/* - * Copyright (c) 1998-2007 Sendmail, Inc. and its suppliers. - * All rights reserved. - * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * By using this file, you agree to the terms and conditions set - * forth in the LICENSE file which can be found at the top level of - * the sendmail distribution. - * - */ - -#include <sendmail.h> - -SM_RCSID("@(#)$Id: util.c,v 8.413 2007/09/26 23:29:11 ca Exp $") - -#include <sm/sendmail.h> -#include <sysexits.h> -#include <sm/xtrap.h> - -/* -** NEWSTR -- Create a copy of a C string -** -** Parameters: -** s -- the string to copy. -** -** Returns: -** pointer to newly allocated string. -*/ - -char * -newstr(s) - const char *s; -{ - size_t l; - char *n; - - l = strlen(s); - SM_ASSERT(l + 1 > l); - n = xalloc(l + 1); - sm_strlcpy(n, s, l + 1); - return n; -} - -/* -** ADDQUOTES -- Adds quotes & quote bits to a string. -** -** Runs through a string and adds backslashes and quote bits. -** -** Parameters: -** s -- the string to modify. -** rpool -- resource pool from which to allocate result -** -** Returns: -** pointer to quoted string. -*/ - -char * -addquotes(s, rpool) - char *s; - SM_RPOOL_T *rpool; -{ - int len = 0; - char c; - char *p = s, *q, *r; - - if (s == NULL) - return NULL; - - /* Find length of quoted string */ - while ((c = *p++) != '\0') - { - len++; - if (c == '\\' || c == '"') - len++; - } - - q = r = sm_rpool_malloc_x(rpool, len + 3); - p = s; - - /* add leading quote */ - *q++ = '"'; - while ((c = *p++) != '\0') - { - /* quote \ or " */ - if (c == '\\' || c == '"') - *q++ = '\\'; - *q++ = c; - } - *q++ = '"'; - *q = '\0'; - return r; -} - -/* -** STRIPBACKSLASH -- Strip all leading backslashes from a string, provided -** the following character is alpha-numerical. -** -** This is done in place. -** -** Parameters: -** s -- the string to strip. -** -** Returns: -** none. -*/ - -void -stripbackslash(s) - char *s; -{ - char *p, *q, c; - - if (s == NULL || *s == '\0') - return; - p = q = s; - while (*p == '\\' && (p[1] == '\\' || (isascii(p[1]) && isalnum(p[1])))) - p++; - do - { - c = *q++ = *p++; - } while (c != '\0'); -} - -/* -** RFC822_STRING -- Checks string for proper RFC822 string quoting. -** -** Runs through a string and verifies RFC822 special characters -** are only found inside comments, quoted strings, or backslash -** escaped. Also verified balanced quotes and parenthesis. -** -** Parameters: -** s -- the string to modify. -** -** Returns: -** true iff the string is RFC822 compliant, false otherwise. -*/ - -bool -rfc822_string(s) - char *s; -{ - bool quoted = false; - int commentlev = 0; - char *c = s; - - if (s == NULL) - return false; - - while (*c != '\0') - { - /* escaped character */ - if (*c == '\\') - { - c++; - if (*c == '\0') - return false; - } - else if (commentlev == 0 && *c == '"') - quoted = !quoted; - else if (!quoted) - { - if (*c == ')') - { - /* unbalanced ')' */ - if (commentlev == 0) - return false; - else - commentlev--; - } - else if (*c == '(') - commentlev++; - else if (commentlev == 0 && - strchr(MustQuoteChars, *c) != NULL) - return false; - } - c++; - } - - /* unbalanced '"' or '(' */ - return !quoted && commentlev == 0; -} - -/* -** SHORTEN_RFC822_STRING -- Truncate and rebalance an RFC822 string -** -** Arbitrarily shorten (in place) an RFC822 string and rebalance -** comments and quotes. -** -** Parameters: -** string -- the string to shorten -** length -- the maximum size, 0 if no maximum -** -** Returns: -** true if string is changed, false otherwise -** -** Side Effects: -** Changes string in place, possibly resulting -** in a shorter string. -*/ - -bool -shorten_rfc822_string(string, length) - char *string; - size_t length; -{ - bool backslash = false; - bool modified = false; - bool quoted = false; - size_t slen; - int parencount = 0; - char *ptr = string; - - /* - ** If have to rebalance an already short enough string, - ** need to do it within allocated space. - */ - - slen = strlen(string); - if (length == 0 || slen < length) - length = slen; - - while (*ptr != '\0') - { - if (backslash) - { - backslash = false; - goto increment; - } - - if (*ptr == '\\') - backslash = true; - else if (*ptr == '(') - { - if (!quoted) - parencount++; - } - else if (*ptr == ')') - { - if (--parencount < 0) - parencount = 0; - } - - /* Inside a comment, quotes don't matter */ - if (parencount <= 0 && *ptr == '"') - quoted = !quoted; - -increment: - /* Check for sufficient space for next character */ - if (length - (ptr - string) <= (size_t) ((backslash ? 1 : 0) + - parencount + - (quoted ? 1 : 0))) - { - /* Not enough, backtrack */ - if (*ptr == '\\') - backslash = false; - else if (*ptr == '(' && !quoted) - parencount--; - else if (*ptr == '"' && parencount == 0) - quoted = false; - break; - } - ptr++; - } - - /* Rebalance */ - while (parencount-- > 0) - { - if (*ptr != ')') - { - modified = true; - *ptr = ')'; - } - ptr++; - } - if (quoted) - { - if (*ptr != '"') - { - modified = true; - *ptr = '"'; - } - ptr++; - } - if (*ptr != '\0') - { - modified = true; - *ptr = '\0'; - } - return modified; -} - -/* -** FIND_CHARACTER -- find an unquoted character in an RFC822 string -** -** Find an unquoted, non-commented character in an RFC822 -** string and return a pointer to its location in the -** string. -** -** Parameters: -** string -- the string to search -** character -- the character to find -** -** Returns: -** pointer to the character, or -** a pointer to the end of the line if character is not found -*/ - -char * -find_character(string, character) - char *string; - int character; -{ - bool backslash = false; - bool quoted = false; - int parencount = 0; - - while (string != NULL && *string != '\0') - { - if (backslash) - { - backslash = false; - if (!quoted && character == '\\' && *string == '\\') - break; - string++; - continue; - } - switch (*string) - { - case '\\': - backslash = true; - break; - - case '(': - if (!quoted) - parencount++; - break; - - case ')': - if (--parencount < 0) - parencount = 0; - break; - } - - /* Inside a comment, nothing matters */ - if (parencount > 0) - { - string++; - continue; - } - - if (*string == '"') - quoted = !quoted; - else if (*string == character && !quoted) - break; - string++; - } - - /* Return pointer to the character */ - return string; -} - -/* -** CHECK_BODYTYPE -- check bodytype parameter -** -** Parameters: -** bodytype -- bodytype parameter -** -** Returns: -** BODYTYPE_* according to parameter -** -*/ - -int -check_bodytype(bodytype) - char *bodytype; -{ - /* check body type for legality */ - if (bodytype == NULL) - return BODYTYPE_NONE; - if (sm_strcasecmp(bodytype, "7BIT") == 0) - return BODYTYPE_7BIT; - if (sm_strcasecmp(bodytype, "8BITMIME") == 0) - return BODYTYPE_8BITMIME; - return BODYTYPE_ILLEGAL; -} - -/* -** TRUNCATE_AT_DELIM -- truncate string at a delimiter and append "..." -** -** Parameters: -** str -- string to truncate -** len -- maximum length (including '\0') (0 for unlimited) -** delim -- delimiter character -** -** Returns: -** None. -*/ - -void -truncate_at_delim(str, len, delim) - char *str; - size_t len; - int delim; -{ - char *p; - - if (str == NULL || len == 0 || strlen(str) < len) - return; - - *(str + len - 1) = '\0'; - while ((p = strrchr(str, delim)) != NULL) - { - *p = '\0'; - if (p - str + 4 < len) - { - *p++ = (char) delim; - *p = '\0'; - (void) sm_strlcat(str, "...", len); - return; - } - } - - /* Couldn't find a place to append "..." */ - if (len > 3) - (void) sm_strlcpy(str, "...", len); - else - str[0] = '\0'; -} - -/* -** XALLOC -- Allocate memory, raise an exception on error -** -** Parameters: -** sz -- size of area to allocate. -** -** Returns: -** pointer to data region. -** -** Exceptions: -** SmHeapOutOfMemory (F:sm.heap) -- cannot allocate memory -** -** Side Effects: -** Memory is allocated. -*/ - -char * -#if SM_HEAP_CHECK -xalloc_tagged(sz, file, line) - register int sz; - char *file; - int line; -#else /* SM_HEAP_CHECK */ -xalloc(sz) - register int sz; -#endif /* SM_HEAP_CHECK */ -{ - register char *p; - - SM_REQUIRE(sz >= 0); - - /* some systems can't handle size zero mallocs */ - if (sz <= 0) - sz = 1; - - /* scaffolding for testing error handling code */ - sm_xtrap_raise_x(&SmHeapOutOfMemory); - - p = sm_malloc_tagged((unsigned) sz, file, line, sm_heap_group()); - if (p == NULL) - { - sm_exc_raise_x(&SmHeapOutOfMemory); - } - return p; -} - -/* -** COPYPLIST -- copy list of pointers. -** -** This routine is the equivalent of strdup for lists of -** pointers. -** -** Parameters: -** list -- list of pointers to copy. -** Must be NULL terminated. -** copycont -- if true, copy the contents of the vector -** (which must be a string) also. -** rpool -- resource pool from which to allocate storage, -** or NULL -** -** Returns: -** a copy of 'list'. -*/ - -char ** -copyplist(list, copycont, rpool) - char **list; - bool copycont; - SM_RPOOL_T *rpool; -{ - register char **vp; - register char **newvp; - - for (vp = list; *vp != NULL; vp++) - continue; - - vp++; - - newvp = (char **) sm_rpool_malloc_x(rpool, (vp - list) * sizeof(*vp)); - memmove((char *) newvp, (char *) list, (int) (vp - list) * sizeof(*vp)); - - if (copycont) - { - for (vp = newvp; *vp != NULL; vp++) - *vp = sm_rpool_strdup_x(rpool, *vp); - } - - return newvp; -} - -/* -** COPYQUEUE -- copy address queue. -** -** This routine is the equivalent of strdup for address queues; -** addresses marked as QS_IS_DEAD() aren't copied -** -** Parameters: -** addr -- list of address structures to copy. -** rpool -- resource pool from which to allocate storage -** -** Returns: -** a copy of 'addr'. -*/ - -ADDRESS * -copyqueue(addr, rpool) - ADDRESS *addr; - SM_RPOOL_T *rpool; -{ - register ADDRESS *newaddr; - ADDRESS *ret; - register ADDRESS **tail = &ret; - - while (addr != NULL) - { - if (!QS_IS_DEAD(addr->q_state)) - { - newaddr = (ADDRESS *) sm_rpool_malloc_x(rpool, - sizeof(*newaddr)); - STRUCTCOPY(*addr, *newaddr); - *tail = newaddr; - tail = &newaddr->q_next; - } - addr = addr->q_next; - } - *tail = NULL; - - return ret; -} - -/* -** LOG_SENDMAIL_PID -- record sendmail pid and command line. -** -** Parameters: -** e -- the current envelope. -** -** Returns: -** none. -** -** Side Effects: -** writes pidfile, logs command line. -** keeps file open and locked to prevent overwrite of active file -*/ - -static SM_FILE_T *Pidf = NULL; - -void -log_sendmail_pid(e) - ENVELOPE *e; -{ - long sff; - char pidpath[MAXPATHLEN]; - extern char *CommandLineArgs; - - /* write the pid to the log file for posterity */ - sff = SFF_NOLINK|SFF_ROOTOK|SFF_REGONLY|SFF_CREAT|SFF_NBLOCK; - if (TrustedUid != 0 && RealUid == TrustedUid) - sff |= SFF_OPENASROOT; - expand(PidFile, pidpath, sizeof(pidpath), e); - Pidf = safefopen(pidpath, O_WRONLY|O_TRUNC, FileMode, sff); - if (Pidf == NULL) - { - if (errno == EWOULDBLOCK) - sm_syslog(LOG_ERR, NOQID, - "unable to write pid to %s: file in use by another process", - pidpath); - else - sm_syslog(LOG_ERR, NOQID, - "unable to write pid to %s: %s", - pidpath, sm_errstring(errno)); - } - else - { - PidFilePid = getpid(); - - /* write the process id on line 1 */ - (void) sm_io_fprintf(Pidf, SM_TIME_DEFAULT, "%ld\n", - (long) PidFilePid); - - /* line 2 contains all command line flags */ - (void) sm_io_fprintf(Pidf, SM_TIME_DEFAULT, "%s\n", - CommandLineArgs); - - /* flush */ - (void) sm_io_flush(Pidf, SM_TIME_DEFAULT); - - /* - ** Leave pid file open until process ends - ** so it's not overwritten by another - ** process. - */ - } - if (LogLevel > 9) - sm_syslog(LOG_INFO, NOQID, "started as: %s", CommandLineArgs); -} - -/* -** CLOSE_SENDMAIL_PID -- close sendmail pid file -** -** Parameters: -** none. -** -** Returns: -** none. -*/ - -void -close_sendmail_pid() -{ - if (Pidf == NULL) - return; - - (void) sm_io_close(Pidf, SM_TIME_DEFAULT); - Pidf = NULL; -} - -/* -** SET_DELIVERY_MODE -- set and record the delivery mode -** -** Parameters: -** mode -- delivery mode -** e -- the current envelope. -** -** Returns: -** none. -** -** Side Effects: -** sets {deliveryMode} macro -*/ - -void -set_delivery_mode(mode, e) - int mode; - ENVELOPE *e; -{ - char buf[2]; - - e->e_sendmode = (char) mode; - buf[0] = (char) mode; - buf[1] = '\0'; - macdefine(&e->e_macro, A_TEMP, macid("{deliveryMode}"), buf); -} - -/* -** SET_OP_MODE -- set and record the op mode -** -** Parameters: -** mode -- op mode -** e -- the current envelope. -** -** Returns: -** none. -** -** Side Effects: -** sets {opMode} macro -*/ - -void -set_op_mode(mode) - int mode; -{ - char buf[2]; - extern ENVELOPE BlankEnvelope; - - OpMode = (char) mode; - buf[0] = (char) mode; - buf[1] = '\0'; - macdefine(&BlankEnvelope.e_macro, A_TEMP, MID_OPMODE, buf); -} - -/* -** PRINTAV -- print argument vector. -** -** Parameters: -** fp -- output file pointer. -** av -- argument vector. -** -** Returns: -** none. -** -** Side Effects: -** prints av. -*/ - -void -printav(fp, av) - SM_FILE_T *fp; - char **av; -{ - while (*av != NULL) - { - if (tTd(0, 44)) - sm_dprintf("\n\t%08lx=", (unsigned long) *av); - else - (void) sm_io_putc(fp, SM_TIME_DEFAULT, ' '); - if (tTd(0, 99)) - sm_dprintf("%s", str2prt(*av++)); - else - xputs(fp, *av++); - } - (void) sm_io_putc(fp, SM_TIME_DEFAULT, '\n'); -} - -/* -** XPUTS -- put string doing control escapes. -** -** Parameters: -** fp -- output file pointer. -** s -- string to put. -** -** Returns: -** none. -** -** Side Effects: -** output to stdout -*/ - -void -xputs(fp, s) - SM_FILE_T *fp; - const char *s; -{ - int c; - struct metamac *mp; - bool shiftout = false; - extern struct metamac MetaMacros[]; - static SM_DEBUG_T DebugANSI = SM_DEBUG_INITIALIZER("ANSI", - "@(#)$Debug: ANSI - enable reverse video in debug output $"); - - /* - ** TermEscape is set here, rather than in main(), - ** because ANSI mode can be turned on or off at any time - ** if we are in -bt rule testing mode. - */ - - if (sm_debug_unknown(&DebugANSI)) - { - if (sm_debug_active(&DebugANSI, 1)) - { - TermEscape.te_rv_on = "\033[7m"; - TermEscape.te_normal = "\033[0m"; - } - else - { - TermEscape.te_rv_on = ""; - TermEscape.te_normal = ""; - } - } - - if (s == NULL) - { - (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s<null>%s", - TermEscape.te_rv_on, TermEscape.te_normal); - return; - } - while ((c = (*s++ & 0377)) != '\0') - { - if (shiftout) - { - (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s", - TermEscape.te_normal); - shiftout = false; - } - if (!isascii(c) && !tTd(84, 1)) - { - if (c == MATCHREPL) - { - (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, - "%s$", - TermEscape.te_rv_on); - shiftout = true; - if (*s == '\0') - continue; - c = *s++ & 0377; - goto printchar; - } - if (c == MACROEXPAND || c == MACRODEXPAND) - { - (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, - "%s$", - TermEscape.te_rv_on); - if (c == MACRODEXPAND) - (void) sm_io_putc(fp, - SM_TIME_DEFAULT, '&'); - shiftout = true; - if (*s == '\0') - continue; - if (strchr("=~&?", *s) != NULL) - (void) sm_io_putc(fp, - SM_TIME_DEFAULT, - *s++); - if (bitset(0200, *s)) - (void) sm_io_fprintf(fp, - SM_TIME_DEFAULT, - "{%s}", - macname(bitidx(*s++))); - else - (void) sm_io_fprintf(fp, - SM_TIME_DEFAULT, - "%c", - *s++); - continue; - } - for (mp = MetaMacros; mp->metaname != '\0'; mp++) - { - if (bitidx(mp->metaval) == c) - { - (void) sm_io_fprintf(fp, - SM_TIME_DEFAULT, - "%s$%c", - TermEscape.te_rv_on, - mp->metaname); - shiftout = true; - break; - } - } - if (c == MATCHCLASS || c == MATCHNCLASS) - { - if (bitset(0200, *s)) - (void) sm_io_fprintf(fp, - SM_TIME_DEFAULT, - "{%s}", - macname(bitidx(*s++))); - else if (*s != '\0') - (void) sm_io_fprintf(fp, - SM_TIME_DEFAULT, - "%c", - *s++); - } - if (mp->metaname != '\0') - continue; - - /* unrecognized meta character */ - (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%sM-", - TermEscape.te_rv_on); - shiftout = true; - c &= 0177; - } - printchar: - if (isprint(c)) - { - (void) sm_io_putc(fp, SM_TIME_DEFAULT, c); - continue; - } - - /* wasn't a meta-macro -- find another way to print it */ - switch (c) - { - case '\n': - c = 'n'; - break; - - case '\r': - c = 'r'; - break; - - case '\t': - c = 't'; - break; - } - if (!shiftout) - { - (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s", - TermEscape.te_rv_on); - shiftout = true; - } - if (isprint(c)) - { - (void) sm_io_putc(fp, SM_TIME_DEFAULT, '\\'); - (void) sm_io_putc(fp, SM_TIME_DEFAULT, c); - } - else if (tTd(84, 2)) - (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " %o ", c); - else if (tTd(84, 1)) - (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " %#x ", c); - else if (!isascii(c) && !tTd(84, 1)) - { - (void) sm_io_putc(fp, SM_TIME_DEFAULT, '^'); - (void) sm_io_putc(fp, SM_TIME_DEFAULT, c ^ 0100); - } - } - if (shiftout) - (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s", - TermEscape.te_normal); - (void) sm_io_flush(fp, SM_TIME_DEFAULT); -} - -/* -** MAKELOWER -- Translate a line into lower case -** -** Parameters: -** p -- the string to translate. If NULL, return is -** immediate. -** -** Returns: -** none. -** -** Side Effects: -** String pointed to by p is translated to lower case. -*/ - -void -makelower(p) - register char *p; -{ - register char c; - - if (p == NULL) - return; - for (; (c = *p) != '\0'; p++) - if (isascii(c) && isupper(c)) - *p = tolower(c); -} - -/* -** FIXCRLF -- fix <CR><LF> in line. -** -** Looks for the <CR><LF> combination and turns it into the -** UNIX canonical <NL> character. It only takes one line, -** i.e., it is assumed that the first <NL> found is the end -** of the line. -** -** Parameters: -** line -- the line to fix. -** stripnl -- if true, strip the newline also. -** -** Returns: -** none. -** -** Side Effects: -** line is changed in place. -*/ - -void -fixcrlf(line, stripnl) - char *line; - bool stripnl; -{ - register char *p; - - p = strchr(line, '\n'); - if (p == NULL) - return; - if (p > line && p[-1] == '\r') - p--; - if (!stripnl) - *p++ = '\n'; - *p = '\0'; -} - -/* -** PUTLINE -- put a line like fputs obeying SMTP conventions -** -** This routine always guarantees outputing a newline (or CRLF, -** as appropriate) at the end of the string. -** -** Parameters: -** l -- line to put. -** mci -- the mailer connection information. -** -** Returns: -** true iff line was written successfully -** -** Side Effects: -** output of l to mci->mci_out. -*/ - -bool -putline(l, mci) - register char *l; - register MCI *mci; -{ - return putxline(l, strlen(l), mci, PXLF_MAPFROM); -} - -/* -** PUTXLINE -- putline with flags bits. -** -** This routine always guarantees outputing a newline (or CRLF, -** as appropriate) at the end of the string. -** -** Parameters: -** l -- line to put. -** len -- the length of the line. -** mci -- the mailer connection information. -** pxflags -- flag bits: -** PXLF_MAPFROM -- map From_ to >From_. -** PXLF_STRIP8BIT -- strip 8th bit. -** PXLF_HEADER -- map bare newline in header to newline space. -** PXLF_NOADDEOL -- don't add an EOL if one wasn't present. -** PXLF_STRIPMQUOTE -- strip METAQUOTE bytes. -** -** Returns: -** true iff line was written successfully -** -** Side Effects: -** output of l to mci->mci_out. -*/ - - -#define PUTX(limit) \ - do \ - { \ - quotenext = false; \ - while (l < limit) \ - { \ - unsigned char c = (unsigned char) *l++; \ - \ - if (bitset(PXLF_STRIPMQUOTE, pxflags) && \ - !quotenext && c == METAQUOTE) \ - { \ - quotenext = true; \ - continue; \ - } \ - quotenext = false; \ - if (strip8bit) \ - c &= 0177; \ - if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, \ - c) == SM_IO_EOF) \ - { \ - dead = true; \ - break; \ - } \ - if (TrafficLogFile != NULL) \ - (void) sm_io_putc(TrafficLogFile, \ - SM_TIME_DEFAULT, \ - c); \ - } \ - } while (0) - -bool -putxline(l, len, mci, pxflags) - register char *l; - size_t len; - register MCI *mci; - int pxflags; -{ - register char *p, *end; - int slop; - bool dead, quotenext, strip8bit; - - /* strip out 0200 bits -- these can look like TELNET protocol */ - strip8bit = bitset(MCIF_7BIT, mci->mci_flags) || - bitset(PXLF_STRIP8BIT, pxflags); - dead = false; - slop = 0; - - end = l + len; - do - { - bool noeol = false; - - /* find the end of the line */ - p = memchr(l, '\n', end - l); - if (p == NULL) - { - p = end; - noeol = true; - } - - if (TrafficLogFile != NULL) - (void) sm_io_fprintf(TrafficLogFile, SM_TIME_DEFAULT, - "%05d >>> ", (int) CurrentPid); - - /* check for line overflow */ - while (mci->mci_mailer->m_linelimit > 0 && - (p - l + slop) > mci->mci_mailer->m_linelimit) - { - register char *q = &l[mci->mci_mailer->m_linelimit - slop - 1]; - - if (l[0] == '.' && slop == 0 && - bitnset(M_XDOT, mci->mci_mailer->m_flags)) - { - if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, - '.') == SM_IO_EOF) - dead = true; - if (TrafficLogFile != NULL) - (void) sm_io_putc(TrafficLogFile, - SM_TIME_DEFAULT, '.'); - } - else if (l[0] == 'F' && slop == 0 && - bitset(PXLF_MAPFROM, pxflags) && - strncmp(l, "From ", 5) == 0 && - bitnset(M_ESCFROM, mci->mci_mailer->m_flags)) - { - if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, - '>') == SM_IO_EOF) - dead = true; - if (TrafficLogFile != NULL) - (void) sm_io_putc(TrafficLogFile, - SM_TIME_DEFAULT, - '>'); - } - if (dead) - break; - - PUTX(q); - if (dead) - break; - - if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, - '!') == SM_IO_EOF || - sm_io_fputs(mci->mci_out, SM_TIME_DEFAULT, - mci->mci_mailer->m_eol) == SM_IO_EOF || - sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, - ' ') == SM_IO_EOF) - { - dead = true; - break; - } - if (TrafficLogFile != NULL) - { - (void) sm_io_fprintf(TrafficLogFile, - SM_TIME_DEFAULT, - "!\n%05d >>> ", - (int) CurrentPid); - } - slop = 1; - } - - if (dead) - break; - - /* output last part */ - if (l[0] == '.' && slop == 0 && - bitnset(M_XDOT, mci->mci_mailer->m_flags) && - !bitset(MCIF_INLONGLINE, mci->mci_flags)) - { - if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, '.') == - SM_IO_EOF) - { - dead = true; - break; - } - if (TrafficLogFile != NULL) - (void) sm_io_putc(TrafficLogFile, - SM_TIME_DEFAULT, '.'); - } - else if (l[0] == 'F' && slop == 0 && - bitset(PXLF_MAPFROM, pxflags) && - strncmp(l, "From ", 5) == 0 && - bitnset(M_ESCFROM, mci->mci_mailer->m_flags) && - !bitset(MCIF_INLONGLINE, mci->mci_flags)) - { - if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, '>') == - SM_IO_EOF) - { - dead = true; - break; - } - if (TrafficLogFile != NULL) - (void) sm_io_putc(TrafficLogFile, - SM_TIME_DEFAULT, '>'); - } - PUTX(p); - if (dead) - break; - - if (TrafficLogFile != NULL) - (void) sm_io_putc(TrafficLogFile, SM_TIME_DEFAULT, - '\n'); - if ((!bitset(PXLF_NOADDEOL, pxflags) || !noeol)) - { - mci->mci_flags &= ~MCIF_INLONGLINE; - if (sm_io_fputs(mci->mci_out, SM_TIME_DEFAULT, - mci->mci_mailer->m_eol) == SM_IO_EOF) - { - dead = true; - break; - } - } - else - mci->mci_flags |= MCIF_INLONGLINE; - - if (l < end && *l == '\n') - { - if (*++l != ' ' && *l != '\t' && *l != '\0' && - bitset(PXLF_HEADER, pxflags)) - { - if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, - ' ') == SM_IO_EOF) - { - dead = true; - break; - } - - if (TrafficLogFile != NULL) - (void) sm_io_putc(TrafficLogFile, - SM_TIME_DEFAULT, ' '); - } - } - - } while (l < end); - return !dead; -} - -/* -** XUNLINK -- unlink a file, doing logging as appropriate. -** -** Parameters: -** f -- name of file to unlink. -** -** Returns: -** return value of unlink() -** -** Side Effects: -** f is unlinked. -*/ - -int -xunlink(f) - char *f; -{ - register int i; - int save_errno; - - if (LogLevel > 98) - sm_syslog(LOG_DEBUG, CurEnv->e_id, "unlink %s", f); - - i = unlink(f); - save_errno = errno; - if (i < 0 && LogLevel > 97) - sm_syslog(LOG_DEBUG, CurEnv->e_id, "%s: unlink-fail %d", - f, errno); - if (i >= 0) - SYNC_DIR(f, false); - errno = save_errno; - return i; -} - -/* -** SFGETS -- "safe" fgets -- times out and ignores random interrupts. -** -** Parameters: -** buf -- place to put the input line. -** siz -- size of buf. -** fp -- file to read from. -** timeout -- the timeout before error occurs. -** during -- what we are trying to read (for error messages). -** -** Returns: -** NULL on error (including timeout). This may also leave -** buf containing a null string. -** buf otherwise. -*/ - - -char * -sfgets(buf, siz, fp, timeout, during) - char *buf; - int siz; - SM_FILE_T *fp; - time_t timeout; - char *during; -{ - register char *p; - int save_errno; - int io_timeout; - - SM_REQUIRE(siz > 0); - SM_REQUIRE(buf != NULL); - - if (fp == NULL) - { - buf[0] = '\0'; - errno = EBADF; - return NULL; - } - - /* try to read */ - p = NULL; - errno = 0; - - /* convert the timeout to sm_io notation */ - io_timeout = (timeout <= 0) ? SM_TIME_DEFAULT : timeout * 1000; - while (!sm_io_eof(fp) && !sm_io_error(fp)) - { - errno = 0; - p = sm_io_fgets(fp, io_timeout, buf, siz); - if (p == NULL && errno == EAGAIN) - { - /* The sm_io_fgets() call timedout */ - if (LogLevel > 1) - sm_syslog(LOG_NOTICE, CurEnv->e_id, - "timeout waiting for input from %.100s during %s", - CURHOSTNAME, - during); - buf[0] = '\0'; -#if XDEBUG - checkfd012(during); -#endif /* XDEBUG */ - if (TrafficLogFile != NULL) - (void) sm_io_fprintf(TrafficLogFile, - SM_TIME_DEFAULT, - "%05d <<< [TIMEOUT]\n", - (int) CurrentPid); - errno = ETIMEDOUT; - return NULL; - } - if (p != NULL || errno != EINTR) - break; - (void) sm_io_clearerr(fp); - } - save_errno = errno; - - /* clean up the books and exit */ - LineNumber++; - if (p == NULL) - { - buf[0] = '\0'; - if (TrafficLogFile != NULL) - (void) sm_io_fprintf(TrafficLogFile, SM_TIME_DEFAULT, - "%05d <<< [EOF]\n", - (int) CurrentPid); - errno = save_errno; - return NULL; - } - if (TrafficLogFile != NULL) - (void) sm_io_fprintf(TrafficLogFile, SM_TIME_DEFAULT, - "%05d <<< %s", (int) CurrentPid, buf); - if (SevenBitInput) - { - for (p = buf; *p != '\0'; p++) - *p &= ~0200; - } - else if (!HasEightBits) - { - for (p = buf; *p != '\0'; p++) - { - if (bitset(0200, *p)) - { - HasEightBits = true; - break; - } - } - } - return buf; -} - -/* -** FGETFOLDED -- like fgets, but knows about folded lines. -** -** Parameters: -** buf -- place to put result. -** np -- pointer to bytes available; will be updated with -** the actual buffer size (not number of bytes filled) -** on return. -** f -- file to read from. -** -** Returns: -** input line(s) on success, NULL on error or SM_IO_EOF. -** This will normally be buf -- unless the line is too -** long, when it will be sm_malloc_x()ed. -** -** Side Effects: -** buf gets lines from f, with continuation lines (lines -** with leading white space) appended. CRLF's are mapped -** into single newlines. Any trailing NL is stripped. -*/ - -char * -fgetfolded(buf, np, f) - char *buf; - int *np; - SM_FILE_T *f; -{ - register char *p = buf; - char *bp = buf; - register int i; - int n; - - SM_REQUIRE(np != NULL); - n = *np; - SM_REQUIRE(n > 0); - SM_REQUIRE(buf != NULL); - if (f == NULL) - { - buf[0] = '\0'; - errno = EBADF; - return NULL; - } - - n--; - while ((i = sm_io_getc(f, SM_TIME_DEFAULT)) != SM_IO_EOF) - { - if (i == '\r') - { - i = sm_io_getc(f, SM_TIME_DEFAULT); - if (i != '\n') - { - if (i != SM_IO_EOF) - (void) sm_io_ungetc(f, SM_TIME_DEFAULT, - i); - i = '\r'; - } - } - if (--n <= 0) - { - /* allocate new space */ - char *nbp; - int nn; - - nn = (p - bp); - if (nn < MEMCHUNKSIZE) - nn *= 2; - else - nn += MEMCHUNKSIZE; - nbp = sm_malloc_x(nn); - memmove(nbp, bp, p - bp); - p = &nbp[p - bp]; - if (bp != buf) - sm_free(bp); - bp = nbp; - n = nn - (p - bp); - *np = nn; - } - *p++ = i; - if (i == '\n') - { - LineNumber++; - i = sm_io_getc(f, SM_TIME_DEFAULT); - if (i != SM_IO_EOF) - (void) sm_io_ungetc(f, SM_TIME_DEFAULT, i); - if (i != ' ' && i != '\t') - break; - } - } - if (p == bp) - return NULL; - if (p[-1] == '\n') - p--; - *p = '\0'; - return bp; -} - -/* -** CURTIME -- return current time. -** -** Parameters: -** none. -** -** Returns: -** the current time. -*/ - -time_t -curtime() -{ - auto time_t t; - - (void) time(&t); - return t; -} - -/* -** ATOBOOL -- convert a string representation to boolean. -** -** Defaults to false -** -** Parameters: -** s -- string to convert. Takes "tTyY", empty, and NULL as true, -** others as false. -** -** Returns: -** A boolean representation of the string. -*/ - -bool -atobool(s) - register char *s; -{ - if (s == NULL || *s == '\0' || strchr("tTyY", *s) != NULL) - return true; - return false; -} - -/* -** ATOOCT -- convert a string representation to octal. -** -** Parameters: -** s -- string to convert. -** -** Returns: -** An integer representing the string interpreted as an -** octal number. -*/ - -int -atooct(s) - register char *s; -{ - register int i = 0; - - while (*s >= '0' && *s <= '7') - i = (i << 3) | (*s++ - '0'); - return i; -} - -/* -** BITINTERSECT -- tell if two bitmaps intersect -** -** Parameters: -** a, b -- the bitmaps in question -** -** Returns: -** true if they have a non-null intersection -** false otherwise -*/ - -bool -bitintersect(a, b) - BITMAP256 a; - BITMAP256 b; -{ - int i; - - for (i = BITMAPBYTES / sizeof(int); --i >= 0; ) - { - if ((a[i] & b[i]) != 0) - return true; - } - return false; -} - -/* -** BITZEROP -- tell if a bitmap is all zero -** -** Parameters: -** map -- the bit map to check -** -** Returns: -** true if map is all zero. -** false if there are any bits set in map. -*/ - -bool -bitzerop(map) - BITMAP256 map; -{ - int i; - - for (i = BITMAPBYTES / sizeof(int); --i >= 0; ) - { - if (map[i] != 0) - return false; - } - return true; -} - -/* -** STRCONTAINEDIN -- tell if one string is contained in another -** -** Parameters: -** icase -- ignore case? -** a -- possible substring. -** b -- possible superstring. -** -** Returns: -** true if a is contained in b (case insensitive). -** false otherwise. -*/ - -bool -strcontainedin(icase, a, b) - bool icase; - register char *a; - register char *b; -{ - int la; - int lb; - int c; - - la = strlen(a); - lb = strlen(b); - c = *a; - if (icase && isascii(c) && isupper(c)) - c = tolower(c); - for (; lb-- >= la; b++) - { - if (icase) - { - if (*b != c && - isascii(*b) && isupper(*b) && tolower(*b) != c) - continue; - if (sm_strncasecmp(a, b, la) == 0) - return true; - } - else - { - if (*b != c) - continue; - if (strncmp(a, b, la) == 0) - return true; - } - } - return false; -} - -/* -** CHECKFD012 -- check low numbered file descriptors -** -** File descriptors 0, 1, and 2 should be open at all times. -** This routine verifies that, and fixes it if not true. -** -** Parameters: -** where -- a tag printed if the assertion failed -** -** Returns: -** none -*/ - -void -checkfd012(where) - char *where; -{ -#if XDEBUG - register int i; - - for (i = 0; i < 3; i++) - fill_fd(i, where); -#endif /* XDEBUG */ -} - -/* -** CHECKFDOPEN -- make sure file descriptor is open -- for extended debugging -** -** Parameters: -** fd -- file descriptor to check. -** where -- tag to print on failure. -** -** Returns: -** none. -*/ - -void -checkfdopen(fd, where) - int fd; - char *where; -{ -#if XDEBUG - struct stat st; - - if (fstat(fd, &st) < 0 && errno == EBADF) - { - syserr("checkfdopen(%d): %s not open as expected!", fd, where); - printopenfds(true); - } -#endif /* XDEBUG */ -} - -/* -** CHECKFDS -- check for new or missing file descriptors -** -** Parameters: -** where -- tag for printing. If null, take a base line. -** -** Returns: -** none -** -** Side Effects: -** If where is set, shows changes since the last call. -*/ - -void -checkfds(where) - char *where; -{ - int maxfd; - register int fd; - bool printhdr = true; - int save_errno = errno; - static BITMAP256 baseline; - extern int DtableSize; - - if (DtableSize > BITMAPBITS) - maxfd = BITMAPBITS; - else - maxfd = DtableSize; - if (where == NULL) - clrbitmap(baseline); - - for (fd = 0; fd < maxfd; fd++) - { - struct stat stbuf; - - if (fstat(fd, &stbuf) < 0 && errno != EOPNOTSUPP) - { - if (!bitnset(fd, baseline)) - continue; - clrbitn(fd, baseline); - } - else if (!bitnset(fd, baseline)) - setbitn(fd, baseline); - else - continue; - - /* file state has changed */ - if (where == NULL) - continue; - if (printhdr) - { - sm_syslog(LOG_DEBUG, CurEnv->e_id, - "%s: changed fds:", - where); - printhdr = false; - } - dumpfd(fd, true, true); - } - errno = save_errno; -} - -/* -** PRINTOPENFDS -- print the open file descriptors (for debugging) -** -** Parameters: -** logit -- if set, send output to syslog; otherwise -** print for debugging. -** -** Returns: -** none. -*/ - -#if NETINET || NETINET6 -# include <arpa/inet.h> -#endif /* NETINET || NETINET6 */ - -void -printopenfds(logit) - bool logit; -{ - register int fd; - extern int DtableSize; - - for (fd = 0; fd < DtableSize; fd++) - dumpfd(fd, false, logit); -} - -/* -** DUMPFD -- dump a file descriptor -** -** Parameters: -** fd -- the file descriptor to dump. -** printclosed -- if set, print a notification even if -** it is closed; otherwise print nothing. -** logit -- if set, use sm_syslog instead of sm_dprintf() -** -** Returns: -** none. -*/ - -void -dumpfd(fd, printclosed, logit) - int fd; - bool printclosed; - bool logit; -{ - register char *p; - char *hp; -#ifdef S_IFSOCK - SOCKADDR sa; -#endif /* S_IFSOCK */ - auto SOCKADDR_LEN_T slen; - int i; -#if STAT64 > 0 - struct stat64 st; -#else /* STAT64 > 0 */ - struct stat st; -#endif /* STAT64 > 0 */ - char buf[200]; - - p = buf; - (void) sm_snprintf(p, SPACELEFT(buf, p), "%3d: ", fd); - p += strlen(p); - - if ( -#if STAT64 > 0 - fstat64(fd, &st) -#else /* STAT64 > 0 */ - fstat(fd, &st) -#endif /* STAT64 > 0 */ - < 0) - { - if (errno != EBADF) - { - (void) sm_snprintf(p, SPACELEFT(buf, p), - "CANNOT STAT (%s)", - sm_errstring(errno)); - goto printit; - } - else if (printclosed) - { - (void) sm_snprintf(p, SPACELEFT(buf, p), "CLOSED"); - goto printit; - } - return; - } - - i = fcntl(fd, F_GETFL, 0); - if (i != -1) - { - (void) sm_snprintf(p, SPACELEFT(buf, p), "fl=0x%x, ", i); - p += strlen(p); - } - - (void) sm_snprintf(p, SPACELEFT(buf, p), "mode=%o: ", - (int) st.st_mode); - p += strlen(p); - switch (st.st_mode & S_IFMT) - { -#ifdef S_IFSOCK - case S_IFSOCK: - (void) sm_snprintf(p, SPACELEFT(buf, p), "SOCK "); - p += strlen(p); - memset(&sa, '\0', sizeof(sa)); - slen = sizeof(sa); - if (getsockname(fd, &sa.sa, &slen) < 0) - (void) sm_snprintf(p, SPACELEFT(buf, p), "(%s)", - sm_errstring(errno)); - else - { - hp = hostnamebyanyaddr(&sa); - if (hp == NULL) - { - /* EMPTY */ - /* do nothing */ - } -# if NETINET - else if (sa.sa.sa_family == AF_INET) - (void) sm_snprintf(p, SPACELEFT(buf, p), - "%s/%d", hp, ntohs(sa.sin.sin_port)); -# endif /* NETINET */ -# if NETINET6 - else if (sa.sa.sa_family == AF_INET6) - (void) sm_snprintf(p, SPACELEFT(buf, p), - "%s/%d", hp, ntohs(sa.sin6.sin6_port)); -# endif /* NETINET6 */ - else - (void) sm_snprintf(p, SPACELEFT(buf, p), - "%s", hp); - } - p += strlen(p); - (void) sm_snprintf(p, SPACELEFT(buf, p), "->"); - p += strlen(p); - slen = sizeof(sa); - if (getpeername(fd, &sa.sa, &slen) < 0) - (void) sm_snprintf(p, SPACELEFT(buf, p), "(%s)", - sm_errstring(errno)); - else - { - hp = hostnamebyanyaddr(&sa); - if (hp == NULL) - { - /* EMPTY */ - /* do nothing */ - } -# if NETINET - else if (sa.sa.sa_family == AF_INET) - (void) sm_snprintf(p, SPACELEFT(buf, p), - "%s/%d", hp, ntohs(sa.sin.sin_port)); -# endif /* NETINET */ -# if NETINET6 - else if (sa.sa.sa_family == AF_INET6) - (void) sm_snprintf(p, SPACELEFT(buf, p), - "%s/%d", hp, ntohs(sa.sin6.sin6_port)); -# endif /* NETINET6 */ - else - (void) sm_snprintf(p, SPACELEFT(buf, p), - "%s", hp); - } - break; -#endif /* S_IFSOCK */ - - case S_IFCHR: - (void) sm_snprintf(p, SPACELEFT(buf, p), "CHR: "); - p += strlen(p); - goto defprint; - -#ifdef S_IFBLK - case S_IFBLK: - (void) sm_snprintf(p, SPACELEFT(buf, p), "BLK: "); - p += strlen(p); - goto defprint; -#endif /* S_IFBLK */ - -#if defined(S_IFIFO) && (!defined(S_IFSOCK) || S_IFIFO != S_IFSOCK) - case S_IFIFO: - (void) sm_snprintf(p, SPACELEFT(buf, p), "FIFO: "); - p += strlen(p); - goto defprint; -#endif /* defined(S_IFIFO) && (!defined(S_IFSOCK) || S_IFIFO != S_IFSOCK) */ - -#ifdef S_IFDIR - case S_IFDIR: - (void) sm_snprintf(p, SPACELEFT(buf, p), "DIR: "); - p += strlen(p); - goto defprint; -#endif /* S_IFDIR */ - -#ifdef S_IFLNK - case S_IFLNK: - (void) sm_snprintf(p, SPACELEFT(buf, p), "LNK: "); - p += strlen(p); - goto defprint; -#endif /* S_IFLNK */ - - default: -defprint: - (void) sm_snprintf(p, SPACELEFT(buf, p), - "dev=%d/%d, ino=%llu, nlink=%d, u/gid=%d/%d, ", - major(st.st_dev), minor(st.st_dev), - (ULONGLONG_T) st.st_ino, - (int) st.st_nlink, (int) st.st_uid, - (int) st.st_gid); - p += strlen(p); - (void) sm_snprintf(p, SPACELEFT(buf, p), "size=%llu", - (ULONGLONG_T) st.st_size); - break; - } - -printit: - if (logit) - sm_syslog(LOG_DEBUG, CurEnv ? CurEnv->e_id : NULL, - "%.800s", buf); - else - sm_dprintf("%s\n", buf); -} - -/* -** SHORTEN_HOSTNAME -- strip local domain information off of hostname. -** -** Parameters: -** host -- the host to shorten (stripped in place). -** -** Returns: -** place where string was truncated, NULL if not truncated. -*/ - -char * -shorten_hostname(host) - char host[]; -{ - register char *p; - char *mydom; - int i; - bool canon = false; - - /* strip off final dot */ - i = strlen(host); - p = &host[(i == 0) ? 0 : i - 1]; - if (*p == '.') - { - *p = '\0'; - canon = true; - } - - /* see if there is any domain at all -- if not, we are done */ - p = strchr(host, '.'); - if (p == NULL) - return NULL; - - /* yes, we have a domain -- see if it looks like us */ - mydom = macvalue('m', CurEnv); - if (mydom == NULL) - mydom = ""; - i = strlen(++p); - if ((canon ? sm_strcasecmp(p, mydom) - : sm_strncasecmp(p, mydom, i)) == 0 && - (mydom[i] == '.' || mydom[i] == '\0')) - { - *--p = '\0'; - return p; - } - return NULL; -} - -/* -** PROG_OPEN -- open a program for reading -** -** Parameters: -** argv -- the argument list. -** pfd -- pointer to a place to store the file descriptor. -** e -- the current envelope. -** -** Returns: -** pid of the process -- -1 if it failed. -*/ - -pid_t -prog_open(argv, pfd, e) - char **argv; - int *pfd; - ENVELOPE *e; -{ - pid_t pid; - int save_errno; - int sff; - int ret; - int fdv[2]; - char *p, *q; - char buf[MAXPATHLEN]; - extern int DtableSize; - - if (pipe(fdv) < 0) - { - syserr("%s: cannot create pipe for stdout", argv[0]); - return -1; - } - pid = fork(); - if (pid < 0) - { - syserr("%s: cannot fork", argv[0]); - (void) close(fdv[0]); - (void) close(fdv[1]); - return -1; - } - if (pid > 0) - { - /* parent */ - (void) close(fdv[1]); - *pfd = fdv[0]; - return pid; - } - - /* Reset global flags */ - RestartRequest = NULL; - RestartWorkGroup = false; - ShutdownRequest = NULL; - PendingSignal = 0; - CurrentPid = getpid(); - - /* - ** Initialize exception stack and default exception - ** handler for child process. - */ - - sm_exc_newthread(fatal_error); - - /* child -- close stdin */ - (void) close(0); - - /* stdout goes back to parent */ - (void) close(fdv[0]); - if (dup2(fdv[1], 1) < 0) - { - syserr("%s: cannot dup2 for stdout", argv[0]); - _exit(EX_OSERR); - } - (void) close(fdv[1]); - - /* stderr goes to transcript if available */ - if (e->e_xfp != NULL) - { - int xfd; - - xfd = sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL); - if (xfd >= 0 && dup2(xfd, 2) < 0) - { - syserr("%s: cannot dup2 for stderr", argv[0]); - _exit(EX_OSERR); - } - } - - /* this process has no right to the queue file */ - if (e->e_lockfp != NULL) - { - int fd; - - fd = sm_io_getinfo(e->e_lockfp, SM_IO_WHAT_FD, NULL); - if (fd >= 0) - (void) close(fd); - else - syserr("%s: lockfp does not have a fd", argv[0]); - } - - /* chroot to the program mailer directory, if defined */ - if (ProgMailer != NULL && ProgMailer->m_rootdir != NULL) - { - expand(ProgMailer->m_rootdir, buf, sizeof(buf), e); - if (chroot(buf) < 0) - { - syserr("prog_open: cannot chroot(%s)", buf); - exit(EX_TEMPFAIL); - } - if (chdir("/") < 0) - { - syserr("prog_open: cannot chdir(/)"); - exit(EX_TEMPFAIL); - } - } - - /* run as default user */ - endpwent(); - sm_mbdb_terminate(); -#if _FFR_MEMSTAT - (void) sm_memstat_close(); -#endif /* _FFR_MEMSTAT */ - if (setgid(DefGid) < 0 && geteuid() == 0) - { - syserr("prog_open: setgid(%ld) failed", (long) DefGid); - exit(EX_TEMPFAIL); - } - if (setuid(DefUid) < 0 && geteuid() == 0) - { - syserr("prog_open: setuid(%ld) failed", (long) DefUid); - exit(EX_TEMPFAIL); - } - - /* run in some directory */ - if (ProgMailer != NULL) - p = ProgMailer->m_execdir; - else - p = NULL; - for (; p != NULL; p = q) - { - q = strchr(p, ':'); - if (q != NULL) - *q = '\0'; - expand(p, buf, sizeof(buf), e); - if (q != NULL) - *q++ = ':'; - if (buf[0] != '\0' && chdir(buf) >= 0) - break; - } - if (p == NULL) - { - /* backup directories */ - if (chdir("/tmp") < 0) - (void) chdir("/"); - } - - /* Check safety of program to be run */ - sff = SFF_ROOTOK|SFF_EXECOK; - if (!bitnset(DBS_RUNWRITABLEPROGRAM, DontBlameSendmail)) - sff |= SFF_NOGWFILES|SFF_NOWWFILES; - if (bitnset(DBS_RUNPROGRAMINUNSAFEDIRPATH, DontBlameSendmail)) - sff |= SFF_NOPATHCHECK; - else - sff |= SFF_SAFEDIRPATH; - ret = safefile(argv[0], DefUid, DefGid, DefUser, sff, 0, NULL); - if (ret != 0) - sm_syslog(LOG_INFO, e->e_id, - "Warning: prog_open: program %s unsafe: %s", - argv[0], sm_errstring(ret)); - - /* arrange for all the files to be closed */ - sm_close_on_exec(STDERR_FILENO + 1, DtableSize); - - /* now exec the process */ - (void) execve(argv[0], (ARGV_T) argv, (ARGV_T) UserEnviron); - - /* woops! failed */ - save_errno = errno; - syserr("%s: cannot exec", argv[0]); - if (transienterror(save_errno)) - _exit(EX_OSERR); - _exit(EX_CONFIG); - return -1; /* avoid compiler warning on IRIX */ -} - -/* -** GET_COLUMN -- look up a Column in a line buffer -** -** Parameters: -** line -- the raw text line to search. -** col -- the column number to fetch. -** delim -- the delimiter between columns. If null, -** use white space. -** buf -- the output buffer. -** buflen -- the length of buf. -** -** Returns: -** buf if successful. -** NULL otherwise. -*/ - -char * -get_column(line, col, delim, buf, buflen) - char line[]; - int col; - int delim; - char buf[]; - int buflen; -{ - char *p; - char *begin, *end; - int i; - char delimbuf[4]; - - if ((char) delim == '\0') - (void) sm_strlcpy(delimbuf, "\n\t ", sizeof(delimbuf)); - else - { - delimbuf[0] = (char) delim; - delimbuf[1] = '\0'; - } - - p = line; - if (*p == '\0') - return NULL; /* line empty */ - if (*p == (char) delim && col == 0) - return NULL; /* first column empty */ - - begin = line; - - if (col == 0 && (char) delim == '\0') - { - while (*begin != '\0' && isascii(*begin) && isspace(*begin)) - begin++; - } - - for (i = 0; i < col; i++) - { - if ((begin = strpbrk(begin, delimbuf)) == NULL) - return NULL; /* no such column */ - begin++; - if ((char) delim == '\0') - { - while (*begin != '\0' && isascii(*begin) && isspace(*begin)) - begin++; - } - } - - end = strpbrk(begin, delimbuf); - if (end == NULL) - i = strlen(begin); - else - i = end - begin; - if (i >= buflen) - i = buflen - 1; - (void) sm_strlcpy(buf, begin, i + 1); - return buf; -} - -/* -** CLEANSTRCPY -- copy string keeping out bogus characters -** -** Parameters: -** t -- "to" string. -** f -- "from" string. -** l -- length of space available in "to" string. -** -** Returns: -** none. -*/ - -void -cleanstrcpy(t, f, l) - register char *t; - register char *f; - int l; -{ - /* check for newlines and log if necessary */ - (void) denlstring(f, true, true); - - if (l <= 0) - syserr("!cleanstrcpy: length == 0"); - - l--; - while (l > 0 && *f != '\0') - { - if (isascii(*f) && - (isalnum(*f) || strchr("!#$%&'*+-./^_`{|}~", *f) != NULL)) - { - l--; - *t++ = *f; - } - f++; - } - *t = '\0'; -} - -/* -** DENLSTRING -- convert newlines in a string to spaces -** -** Parameters: -** s -- the input string -** strict -- if set, don't permit continuation lines. -** logattacks -- if set, log attempted attacks. -** -** Returns: -** A pointer to a version of the string with newlines -** mapped to spaces. This should be copied. -*/ - -char * -denlstring(s, strict, logattacks) - char *s; - bool strict; - bool logattacks; -{ - register char *p; - int l; - static char *bp = NULL; - static int bl = 0; - - p = s; - while ((p = strchr(p, '\n')) != NULL) - if (strict || (*++p != ' ' && *p != '\t')) - break; - if (p == NULL) - return s; - - l = strlen(s) + 1; - if (bl < l) - { - /* allocate more space */ - char *nbp = sm_pmalloc_x(l); - - if (bp != NULL) - sm_free(bp); - bp = nbp; - bl = l; - } - (void) sm_strlcpy(bp, s, l); - for (p = bp; (p = strchr(p, '\n')) != NULL; ) - *p++ = ' '; - - if (logattacks) - { - sm_syslog(LOG_NOTICE, CurEnv ? CurEnv->e_id : NULL, - "POSSIBLE ATTACK from %.100s: newline in string \"%s\"", - RealHostName == NULL ? "[UNKNOWN]" : RealHostName, - shortenstring(bp, MAXSHORTSTR)); - } - - return bp; -} - -/* -** STRREPLNONPRT -- replace "unprintable" characters in a string with subst -** -** Parameters: -** s -- string to manipulate (in place) -** subst -- character to use as replacement -** -** Returns: -** true iff string did not contain "unprintable" characters -*/ - -bool -strreplnonprt(s, c) - char *s; - int c; -{ - bool ok; - - ok = true; - if (s == NULL) - return ok; - while (*s != '\0') - { - if (!(isascii(*s) && isprint(*s))) - { - *s = c; - ok = false; - } - ++s; - } - return ok; -} - -/* -** PATH_IS_DIR -- check to see if file exists and is a directory. -** -** There are some additional checks for security violations in -** here. This routine is intended to be used for the host status -** support. -** -** Parameters: -** pathname -- pathname to check for directory-ness. -** createflag -- if set, create directory if needed. -** -** Returns: -** true -- if the indicated pathname is a directory -** false -- otherwise -*/ - -bool -path_is_dir(pathname, createflag) - char *pathname; - bool createflag; -{ - struct stat statbuf; - -#if HASLSTAT - if (lstat(pathname, &statbuf) < 0) -#else /* HASLSTAT */ - if (stat(pathname, &statbuf) < 0) -#endif /* HASLSTAT */ - { - if (errno != ENOENT || !createflag) - return false; - if (mkdir(pathname, 0755) < 0) - return false; - return true; - } - if (!S_ISDIR(statbuf.st_mode)) - { - errno = ENOTDIR; - return false; - } - - /* security: don't allow writable directories */ - if (bitset(S_IWGRP|S_IWOTH, statbuf.st_mode)) - { - errno = EACCES; - return false; - } - return true; -} - -/* -** PROC_LIST_ADD -- add process id to list of our children -** -** Parameters: -** pid -- pid to add to list. -** task -- task of pid. -** type -- type of process. -** count -- number of processes. -** other -- other information for this type. -** -** Returns: -** none -** -** Side Effects: -** May increase CurChildren. May grow ProcList. -*/ - -typedef struct procs PROCS_T; - -struct procs -{ - pid_t proc_pid; - char *proc_task; - int proc_type; - int proc_count; - int proc_other; - SOCKADDR proc_hostaddr; -}; - -static PROCS_T *volatile ProcListVec = NULL; -static int ProcListSize = 0; - -void -proc_list_add(pid, task, type, count, other, hostaddr) - pid_t pid; - char *task; - int type; - int count; - int other; - SOCKADDR *hostaddr; -{ - int i; - - for (i = 0; i < ProcListSize; i++) - { - if (ProcListVec[i].proc_pid == NO_PID) - break; - } - if (i >= ProcListSize) - { - /* probe the existing vector to avoid growing infinitely */ - proc_list_probe(); - - /* now scan again */ - for (i = 0; i < ProcListSize; i++) - { - if (ProcListVec[i].proc_pid == NO_PID) - break; - } - } - if (i >= ProcListSize) - { - /* grow process list */ - int chldwasblocked; - PROCS_T *npv; - - SM_ASSERT(ProcListSize < INT_MAX - PROC_LIST_SEG); - npv = (PROCS_T *) sm_pmalloc_x((sizeof(*npv)) * - (ProcListSize + PROC_LIST_SEG)); - - /* Block SIGCHLD so reapchild() doesn't mess with us */ - chldwasblocked = sm_blocksignal(SIGCHLD); - if (ProcListSize > 0) - { - memmove(npv, ProcListVec, - ProcListSize * sizeof(PROCS_T)); - sm_free(ProcListVec); - } - - /* XXX just use memset() to initialize this part? */ - for (i = ProcListSize; i < ProcListSize + PROC_LIST_SEG; i++) - { - npv[i].proc_pid = NO_PID; - npv[i].proc_task = NULL; - npv[i].proc_type = PROC_NONE; - } - i = ProcListSize; - ProcListSize += PROC_LIST_SEG; - ProcListVec = npv; - if (chldwasblocked == 0) - (void) sm_releasesignal(SIGCHLD); - } - ProcListVec[i].proc_pid = pid; - PSTRSET(ProcListVec[i].proc_task, task); - ProcListVec[i].proc_type = type; - ProcListVec[i].proc_count = count; - ProcListVec[i].proc_other = other; - if (hostaddr != NULL) - ProcListVec[i].proc_hostaddr = *hostaddr; - else - memset(&ProcListVec[i].proc_hostaddr, 0, - sizeof(ProcListVec[i].proc_hostaddr)); - - /* if process adding itself, it's not a child */ - if (pid != CurrentPid) - { - SM_ASSERT(CurChildren < INT_MAX); - CurChildren++; - } -} - -/* -** PROC_LIST_SET -- set pid task in process list -** -** Parameters: -** pid -- pid to set -** task -- task of pid -** -** Returns: -** none. -*/ - -void -proc_list_set(pid, task) - pid_t pid; - char *task; -{ - int i; - - for (i = 0; i < ProcListSize; i++) - { - if (ProcListVec[i].proc_pid == pid) - { - PSTRSET(ProcListVec[i].proc_task, task); - break; - } - } -} - -/* -** PROC_LIST_DROP -- drop pid from process list -** -** Parameters: -** pid -- pid to drop -** st -- process status -** other -- storage for proc_other (return). -** -** Returns: -** none. -** -** Side Effects: -** May decrease CurChildren, CurRunners, or -** set RestartRequest or ShutdownRequest. -** -** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD -** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE -** DOING. -*/ - -void -proc_list_drop(pid, st, other) - pid_t pid; - int st; - int *other; -{ - int i; - int type = PROC_NONE; - - for (i = 0; i < ProcListSize; i++) - { - if (ProcListVec[i].proc_pid == pid) - { - ProcListVec[i].proc_pid = NO_PID; - type = ProcListVec[i].proc_type; - if (other != NULL) - *other = ProcListVec[i].proc_other; - if (CurChildren > 0) - CurChildren--; - break; - } - } - - - if (type == PROC_CONTROL && WIFEXITED(st)) - { - /* if so, see if we need to restart or shutdown */ - if (WEXITSTATUS(st) == EX_RESTART) - RestartRequest = "control socket"; - else if (WEXITSTATUS(st) == EX_SHUTDOWN) - ShutdownRequest = "control socket"; - } - else if (type == PROC_QUEUE_CHILD && !WIFSTOPPED(st) && - ProcListVec[i].proc_other > -1) - { - /* restart this persistent runner */ - mark_work_group_restart(ProcListVec[i].proc_other, st); - } - else if (type == PROC_QUEUE) - CurRunners -= ProcListVec[i].proc_count; -} - -/* -** PROC_LIST_CLEAR -- clear the process list -** -** Parameters: -** none. -** -** Returns: -** none. -** -** Side Effects: -** Sets CurChildren to zero. -*/ - -void -proc_list_clear() -{ - int i; - - /* start from 1 since 0 is the daemon itself */ - for (i = 1; i < ProcListSize; i++) - ProcListVec[i].proc_pid = NO_PID; - CurChildren = 0; -} - -/* -** PROC_LIST_PROBE -- probe processes in the list to see if they still exist -** -** Parameters: -** none -** -** Returns: -** none -** -** Side Effects: -** May decrease CurChildren. -*/ - -void -proc_list_probe() -{ - int i, children; - int chldwasblocked; - pid_t pid; - - children = 0; - chldwasblocked = sm_blocksignal(SIGCHLD); - - /* start from 1 since 0 is the daemon itself */ - for (i = 1; i < ProcListSize; i++) - { - pid = ProcListVec[i].proc_pid; - if (pid == NO_PID || pid == CurrentPid) - continue; - if (kill(pid, 0) < 0) - { - if (LogLevel > 3) - sm_syslog(LOG_DEBUG, CurEnv->e_id, - "proc_list_probe: lost pid %d", - (int) ProcListVec[i].proc_pid); - ProcListVec[i].proc_pid = NO_PID; - SM_FREE_CLR(ProcListVec[i].proc_task); - CurChildren--; - } - else - { - ++children; - } - } - if (CurChildren < 0) - CurChildren = 0; - if (chldwasblocked == 0) - (void) sm_releasesignal(SIGCHLD); - if (LogLevel > 10 && children != CurChildren && CurrentPid == DaemonPid) - { - sm_syslog(LOG_ERR, NOQID, - "proc_list_probe: found %d children, expected %d", - children, CurChildren); - } -} - -/* -** PROC_LIST_DISPLAY -- display the process list -** -** Parameters: -** out -- output file pointer -** prefix -- string to output in front of each line. -** -** Returns: -** none. -*/ - -void -proc_list_display(out, prefix) - SM_FILE_T *out; - char *prefix; -{ - int i; - - for (i = 0; i < ProcListSize; i++) - { - if (ProcListVec[i].proc_pid == NO_PID) - continue; - - (void) sm_io_fprintf(out, SM_TIME_DEFAULT, "%s%d %s%s\n", - prefix, - (int) ProcListVec[i].proc_pid, - ProcListVec[i].proc_task != NULL ? - ProcListVec[i].proc_task : "(unknown)", - (OpMode == MD_SMTP || - OpMode == MD_DAEMON || - OpMode == MD_ARPAFTP) ? "\r" : ""); - } -} - -/* -** PROC_LIST_SIGNAL -- send a signal to a type of process in the list -** -** Parameters: -** type -- type of process to signal -** signal -- the type of signal to send -** -** Results: -** none. -** -** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD -** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE -** DOING. -*/ - -void -proc_list_signal(type, signal) - int type; - int signal; -{ - int chldwasblocked; - int alrmwasblocked; - int i; - pid_t mypid = getpid(); - - /* block these signals so that we may signal cleanly */ - chldwasblocked = sm_blocksignal(SIGCHLD); - alrmwasblocked = sm_blocksignal(SIGALRM); - - /* Find all processes of type and send signal */ - for (i = 0; i < ProcListSize; i++) - { - if (ProcListVec[i].proc_pid == NO_PID || - ProcListVec[i].proc_pid == mypid) - continue; - if (ProcListVec[i].proc_type != type) - continue; - (void) kill(ProcListVec[i].proc_pid, signal); - } - - /* restore the signals */ - if (alrmwasblocked == 0) - (void) sm_releasesignal(SIGALRM); - if (chldwasblocked == 0) - (void) sm_releasesignal(SIGCHLD); -} - -/* -** COUNT_OPEN_CONNECTIONS -** -** Parameters: -** hostaddr - ClientAddress -** -** Returns: -** the number of open connections for this client -** -*/ - -int -count_open_connections(hostaddr) - SOCKADDR *hostaddr; -{ - int i, n; - - if (hostaddr == NULL) - return 0; - - /* - ** Initialize to 1 instead of 0 because this code gets called - ** before proc_list_add() gets called, so we (the daemon child - ** for this connection) don't count ourselves. - */ - - n = 1; - for (i = 0; i < ProcListSize; i++) - { - if (ProcListVec[i].proc_pid == NO_PID) - continue; - if (hostaddr->sa.sa_family != - ProcListVec[i].proc_hostaddr.sa.sa_family) - continue; -#if NETINET - if (hostaddr->sa.sa_family == AF_INET && - (hostaddr->sin.sin_addr.s_addr == - ProcListVec[i].proc_hostaddr.sin.sin_addr.s_addr)) - n++; -#endif /* NETINET */ -#if NETINET6 - if (hostaddr->sa.sa_family == AF_INET6 && - IN6_ARE_ADDR_EQUAL(&(hostaddr->sin6.sin6_addr), - &(ProcListVec[i].proc_hostaddr.sin6.sin6_addr))) - n++; -#endif /* NETINET6 */ - } - return n; -} |
