1/*
|
2 * Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers.
|
| 2 * Copyright (c) 1998-2006 Sendmail, Inc. and its suppliers. |
3 * All rights reserved.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
7 *
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
11 *
12 */
13
14#define _DEFINE
15#include <sendmail.h>
16#include <sm/xtrap.h>
17#include <sm/signal.h>
18
19#ifndef lint
20SM_UNUSED(static char copyright[]) =
21"@(#) Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.\n\
22 All rights reserved.\n\
23 Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.\n\
24 Copyright (c) 1988, 1993\n\
25 The Regents of the University of California. All rights reserved.\n";
26#endif /* ! lint */
27
|
28SM_RCSID("@(#)$Id: main.c,v 8.942 2005/12/26 04:39:13 ca Exp $")
|
| 28SM_RCSID("@(#)$Id: main.c,v 8.944 2006/04/21 23:56:42 ca Exp $") |
29
30
31#if NETINET || NETINET6
32# include <arpa/inet.h>
33#endif /* NETINET || NETINET6 */
34
35/* for getcfname() */
36#include <sendmail/pathnames.h>
37
38static SM_DEBUG_T
39DebugNoPRestart = SM_DEBUG_INITIALIZER("no_persistent_restart",
40 "@(#)$Debug: no_persistent_restart - don't restart, log only $");
41
42static void dump_class __P((STAB *, int));
43static void obsolete __P((char **));
44static void testmodeline __P((char *, ENVELOPE *));
45static char *getextenv __P((const char *));
46static void sm_printoptions __P((char **));
47static SIGFUNC_DECL intindebug __P((int));
48static SIGFUNC_DECL sighup __P((int));
49static SIGFUNC_DECL sigpipe __P((int));
50static SIGFUNC_DECL sigterm __P((int));
51#ifdef SIGUSR1
52static SIGFUNC_DECL sigusr1 __P((int));
53#endif /* SIGUSR1 */
54
55/*
56** SENDMAIL -- Post mail to a set of destinations.
57**
58** This is the basic mail router. All user mail programs should
59** call this routine to actually deliver mail. Sendmail in
60** turn calls a bunch of mail servers that do the real work of
61** delivering the mail.
62**
63** Sendmail is driven by settings read in from /etc/mail/sendmail.cf
64** (read by readcf.c).
65**
66** Usage:
67** /usr/lib/sendmail [flags] addr ...
68**
69** See the associated documentation for details.
70**
71** Authors:
72** Eric Allman, UCB/INGRES (until 10/81).
73** Britton-Lee, Inc., purveyors of fine
74** database computers (11/81 - 10/88).
75** International Computer Science Institute
76** (11/88 - 9/89).
77** UCB/Mammoth Project (10/89 - 7/95).
78** InReference, Inc. (8/95 - 1/97).
79** Sendmail, Inc. (1/98 - present).
80** The support of my employers is gratefully acknowledged.
81** Few of them (Britton-Lee in particular) have had
82** anything to gain from my involvement in this project.
83**
84** Gregory Neil Shapiro,
85** Worcester Polytechnic Institute (until 3/98).
86** Sendmail, Inc. (3/98 - present).
87**
88** Claus Assmann,
89** Sendmail, Inc. (12/98 - present).
90*/
91
92char *FullName; /* sender's full name */
93ENVELOPE BlankEnvelope; /* a "blank" envelope */
94static ENVELOPE MainEnvelope; /* the envelope around the basic letter */
95ADDRESS NullAddress = /* a null address */
96 { "", "", NULL, "" };
97char *CommandLineArgs; /* command line args for pid file */
98bool Warn_Q_option = false; /* warn about Q option use */
99static int MissingFds = 0; /* bit map of fds missing on startup */
100char *Mbdb = "pw"; /* mailbox database defaults to /etc/passwd */
101
102#ifdef NGROUPS_MAX
103GIDSET_T InitialGidSet[NGROUPS_MAX];
104#endif /* NGROUPS_MAX */
105
106#define MAXCONFIGLEVEL 10 /* highest config version level known */
107
108#if SASL
109static sasl_callback_t srvcallbacks[] =
110{
111 { SASL_CB_VERIFYFILE, &safesaslfile, NULL },
112 { SASL_CB_PROXY_POLICY, &proxy_policy, NULL },
113 { SASL_CB_LIST_END, NULL, NULL }
114};
115#endif /* SASL */
116
117unsigned int SubmitMode;
118int SyslogPrefixLen; /* estimated length of syslog prefix */
119#define PIDLEN 6 /* pid length for computing SyslogPrefixLen */
120#ifndef SL_FUDGE
121# define SL_FUDGE 10 /* fudge offset for SyslogPrefixLen */
122#endif /* ! SL_FUDGE */
123#define SLDLL 8 /* est. length of default syslog label */
124
125
126/* Some options are dangerous to allow users to use in non-submit mode */
127#define CHECK_AGAINST_OPMODE(cmd) \
128{ \
129 if (extraprivs && \
130 OpMode != MD_DELIVER && OpMode != MD_SMTP && \
131 OpMode != MD_ARPAFTP && \
132 OpMode != MD_VERIFY && OpMode != MD_TEST) \
133 { \
134 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, \
135 "WARNING: Ignoring submission mode -%c option (not in submission mode)\n", \
136 (cmd)); \
137 break; \
138 } \
139 if (extraprivs && queuerun) \
140 { \
141 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, \
142 "WARNING: Ignoring submission mode -%c option with -q\n", \
143 (cmd)); \
144 break; \
145 } \
146}
147
148int
149main(argc, argv, envp)
150 int argc;
151 char **argv;
152 char **envp;
153{
154 register char *p;
155 char **av;
156 extern char Version[];
157 char *ep, *from;
158 STAB *st;
159 register int i;
160 int j;
161 int dp;
162 int fill_errno;
163 int qgrp = NOQGRP; /* queue group to process */
164 bool safecf = true;
165 BITMAP256 *p_flags = NULL; /* daemon flags */
166 bool warn_C_flag = false;
167 bool auth = true; /* whether to set e_auth_param */
168 char warn_f_flag = '\0';
169 bool run_in_foreground = false; /* -bD mode */
170 bool queuerun = false, debug = false;
171 struct passwd *pw;
172 struct hostent *hp;
173 char *nullserver = NULL;
174 char *authinfo = NULL;
175 char *sysloglabel = NULL; /* label for syslog */
176 char *conffile = NULL; /* name of .cf file */
177 char *queuegroup = NULL; /* queue group to process */
178 char *quarantining = NULL; /* quarantine queue items? */
179 bool extraprivs;
180 bool forged, negate;
181 bool queuepersistent = false; /* queue runner process runs forever */
182 bool foregroundqueue = false; /* queue run in foreground */
183 bool save_val; /* to save some bool var. */
184 int cftype; /* which cf file to use? */
185 SM_FILE_T *smdebug;
186 static time_t starttime = 0; /* when was process started */
187 struct stat traf_st; /* for TrafficLog FIFO check */
188 char buf[MAXLINE];
189 char jbuf[MAXHOSTNAMELEN]; /* holds MyHostName */
190 static char rnamebuf[MAXNAME]; /* holds RealUserName */
191 char *emptyenviron[1];
192#if STARTTLS
193 bool tls_ok;
194#endif /* STARTTLS */
195 QUEUE_CHAR *new;
196 ENVELOPE *e;
197 extern int DtableSize;
198 extern int optind;
199 extern int opterr;
200 extern char *optarg;
201 extern char **environ;
202#if SASL
203 extern void sm_sasl_init __P((void));
204#endif /* SASL */
205
206#if USE_ENVIRON
207 envp = environ;
208#endif /* USE_ENVIRON */
209
210 /* turn off profiling */
211 SM_PROF(0);
212
213 /* install default exception handler */
214 sm_exc_newthread(fatal_error);
215
216 /* set the default in/out channel so errors reported to screen */
217 InChannel = smioin;
218 OutChannel = smioout;
219
220 /*
221 ** Check to see if we reentered.
222 ** This would normally happen if e_putheader or e_putbody
223 ** were NULL when invoked.
224 */
225
226 if (starttime != 0)
227 {
228 syserr("main: reentered!");
229 abort();
230 }
231 starttime = curtime();
232
233 /* avoid null pointer dereferences */
234 TermEscape.te_rv_on = TermEscape.te_rv_off = "";
235
236 RealUid = getuid();
237 RealGid = getgid();
238
239 /* Check if sendmail is running with extra privs */
240 extraprivs = (RealUid != 0 &&
241 (geteuid() != getuid() || getegid() != getgid()));
242
243 CurrentPid = getpid();
244
245 /* get whatever .cf file is right for the opmode */
246 cftype = SM_GET_RIGHT_CF;
247
248 /* in 4.4BSD, the table can be huge; impose a reasonable limit */
249 DtableSize = getdtsize();
250 if (DtableSize > 256)
251 DtableSize = 256;
252
253 /*
254 ** Be sure we have enough file descriptors.
255 ** But also be sure that 0, 1, & 2 are open.
256 */
257
258 /* reset errno and fill_errno; the latter is used way down below */
259 errno = fill_errno = 0;
260 fill_fd(STDIN_FILENO, NULL);
261 if (errno != 0)
262 fill_errno = errno;
263 fill_fd(STDOUT_FILENO, NULL);
264 if (errno != 0)
265 fill_errno = errno;
266 fill_fd(STDERR_FILENO, NULL);
267 if (errno != 0)
268 fill_errno = errno;
269
270 sm_closefrom(STDERR_FILENO + 1, DtableSize);
271 errno = 0;
272 smdebug = NULL;
273
274#if LOG
275# ifndef SM_LOG_STR
276# define SM_LOG_STR "sendmail"
277# endif /* ! SM_LOG_STR */
278# ifdef LOG_MAIL
279 openlog(SM_LOG_STR, LOG_PID, LOG_MAIL);
280# else /* LOG_MAIL */
281 openlog(SM_LOG_STR, LOG_PID);
282# endif /* LOG_MAIL */
283#endif /* LOG */
284
285 /*
286 ** Seed the random number generator.
287 ** Used for queue file names, picking a queue directory, and
288 ** MX randomization.
289 */
290
291 seed_random();
292
293 /* do machine-dependent initializations */
294 init_md(argc, argv);
295
296
297 SyslogPrefixLen = PIDLEN + (MAXQFNAME - 3) + SL_FUDGE + SLDLL;
298
299 /* reset status from syserr() calls for missing file descriptors */
300 Errors = 0;
301 ExitStat = EX_OK;
302
303 SubmitMode = SUBMIT_UNKNOWN;
304#if XDEBUG
305 checkfd012("after openlog");
306#endif /* XDEBUG */
307
308 tTsetup(tTdvect, sizeof tTdvect, "0-99.1,*_trace_*.1");
309
310#ifdef NGROUPS_MAX
311 /* save initial group set for future checks */
312 i = getgroups(NGROUPS_MAX, InitialGidSet);
313 if (i <= 0)
314 {
315 InitialGidSet[0] = (GID_T) -1;
316 i = 0;
317 }
318 while (i < NGROUPS_MAX)
319 InitialGidSet[i++] = InitialGidSet[0];
320#endif /* NGROUPS_MAX */
321
322 /* drop group id privileges (RunAsUser not yet set) */
323 dp = drop_privileges(false);
324 setstat(dp);
325
326#ifdef SIGUSR1
327 /* Only allow root (or non-set-*-ID binaries) to use SIGUSR1 */
328 if (!extraprivs)
329 {
330 /* arrange to dump state on user-1 signal */
331 (void) sm_signal(SIGUSR1, sigusr1);
332 }
333 else
334 {
335 /* ignore user-1 signal */
336 (void) sm_signal(SIGUSR1, SIG_IGN);
337 }
338#endif /* SIGUSR1 */
339
340 /* initialize for setproctitle */
341 initsetproctitle(argc, argv, envp);
342
343 /* Handle any non-getoptable constructions. */
344 obsolete(argv);
345
346 /*
347 ** Do a quick prescan of the argument list.
348 */
349
350
351 /* find initial opMode */
352 OpMode = MD_DELIVER;
353 av = argv;
354 p = strrchr(*av, '/');
355 if (p++ == NULL)
356 p = *av;
357 if (strcmp(p, "newaliases") == 0)
358 OpMode = MD_INITALIAS;
359 else if (strcmp(p, "mailq") == 0)
360 OpMode = MD_PRINT;
361 else if (strcmp(p, "smtpd") == 0)
362 OpMode = MD_DAEMON;
363 else if (strcmp(p, "hoststat") == 0)
364 OpMode = MD_HOSTSTAT;
365 else if (strcmp(p, "purgestat") == 0)
366 OpMode = MD_PURGESTAT;
367
368#if defined(__osf__) || defined(_AIX3)
369# define OPTIONS "A:B:b:C:cD:d:e:F:f:Gh:IiL:M:mN:nO:o:p:Q:q:R:r:sTtV:vX:x"
370#endif /* defined(__osf__) || defined(_AIX3) */
371#if defined(sony_news)
372# define OPTIONS "A:B:b:C:cD:d:E:e:F:f:Gh:IiJ:L:M:mN:nO:o:p:Q:q:R:r:sTtV:vX:"
373#endif /* defined(sony_news) */
374#ifndef OPTIONS
375# define OPTIONS "A:B:b:C:cD:d:e:F:f:Gh:IiL:M:mN:nO:o:p:Q:q:R:r:sTtV:vX:"
376#endif /* ! OPTIONS */
377
378 /* Set to 0 to allow -b; need to check optarg before using it! */
379 opterr = 0;
380 while ((j = getopt(argc, argv, OPTIONS)) != -1)
381 {
382 switch (j)
383 {
384 case 'b': /* operations mode */
385 j = (optarg == NULL) ? ' ' : *optarg;
386 switch (j)
387 {
388 case MD_DAEMON:
389 case MD_FGDAEMON:
390 case MD_SMTP:
391 case MD_INITALIAS:
392 case MD_DELIVER:
393 case MD_VERIFY:
394 case MD_TEST:
395 case MD_PRINT:
396 case MD_PRINTNQE:
397 case MD_HOSTSTAT:
398 case MD_PURGESTAT:
399 case MD_ARPAFTP:
400 OpMode = j;
401 break;
402
403 case MD_FREEZE:
404 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
405 "Frozen configurations unsupported\n");
406 return EX_USAGE;
407
408 default:
409 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
410 "Invalid operation mode %c\n",
411 j);
412 return EX_USAGE;
413 }
414 break;
415
416 case 'D':
417 if (debug)
418 {
419 errno = 0;
420 syserr("-D file must be before -d");
421 ExitStat = EX_USAGE;
422 break;
423 }
424 dp = drop_privileges(true);
425 setstat(dp);
426 smdebug = sm_io_open(SmFtStdio, SM_TIME_DEFAULT,
427 optarg, SM_IO_APPEND, NULL);
428 if (smdebug == NULL)
429 {
430 syserr("cannot open %s", optarg);
431 ExitStat = EX_CANTCREAT;
432 break;
433 }
434 sm_debug_setfile(smdebug);
435 break;
436
437 case 'd':
438 debug = true;
439 tTflag(optarg);
440 (void) sm_io_setvbuf(sm_debug_file(), SM_TIME_DEFAULT,
441 (char *) NULL, SM_IO_NBF,
442 SM_IO_BUFSIZ);
443 break;
444
445 case 'G': /* relay (gateway) submission */
446 SubmitMode = SUBMIT_MTA;
447 break;
448
449 case 'L':
450 if (optarg == NULL)
451 {
452 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
453 "option requires an argument -- '%c'",
454 (char) j);
455 return EX_USAGE;
456 }
457 j = SM_MIN(strlen(optarg), 32) + 1;
458 sysloglabel = xalloc(j);
459 (void) sm_strlcpy(sysloglabel, optarg, j);
460 SyslogPrefixLen = PIDLEN + (MAXQFNAME - 3) +
461 SL_FUDGE + j;
462 break;
463
464 case 'Q':
465 case 'q':
466 /* just check if it is there */
467 queuerun = true;
468 break;
469 }
470 }
471 opterr = 1;
472
473 /* Don't leak queue information via debug flags */
474 if (extraprivs && queuerun && debug)
475 {
476 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
477 "WARNING: Can not use -d with -q. Disabling debugging.\n");
478 sm_debug_close();
479 sm_debug_setfile(NULL);
480 (void) memset(tTdvect, '\0', sizeof tTdvect);
481 }
482
483#if LOG
484 if (sysloglabel != NULL)
485 {
486 /* Sanitize the string */
487 for (p = sysloglabel; *p != '\0'; p++)
488 {
489 if (!isascii(*p) || !isprint(*p) || *p == '%')
490 *p = '*';
491 }
492 closelog();
493# ifdef LOG_MAIL
494 openlog(sysloglabel, LOG_PID, LOG_MAIL);
495# else /* LOG_MAIL */
496 openlog(sysloglabel, LOG_PID);
497# endif /* LOG_MAIL */
498 }
499#endif /* LOG */
500
501 /* set up the blank envelope */
502 BlankEnvelope.e_puthdr = putheader;
503 BlankEnvelope.e_putbody = putbody;
504 BlankEnvelope.e_xfp = NULL;
505 STRUCTCOPY(NullAddress, BlankEnvelope.e_from);
506 CurEnv = &BlankEnvelope;
507 STRUCTCOPY(NullAddress, MainEnvelope.e_from);
508
509 /*
510 ** Set default values for variables.
511 ** These cannot be in initialized data space.
512 */
513
514 setdefaults(&BlankEnvelope);
515 initmacros(&BlankEnvelope);
516
517 /* reset macro */
518 set_op_mode(OpMode);
|
519 if (OpMode == MD_DAEMON)
520 DaemonPid = CurrentPid; /* needed for finis() to work */ |
521
522 pw = sm_getpwuid(RealUid);
523 if (pw != NULL)
524 (void) sm_strlcpy(rnamebuf, pw->pw_name, sizeof rnamebuf);
525 else
526 (void) sm_snprintf(rnamebuf, sizeof rnamebuf, "Unknown UID %d",
527 (int) RealUid);
528
529 RealUserName = rnamebuf;
530
531 if (tTd(0, 101))
532 {
533 sm_dprintf("Version %s\n", Version);
534 finis(false, true, EX_OK);
535 /* NOTREACHED */
536 }
537
538 /*
539 ** if running non-set-user-ID binary as non-root, pretend
540 ** we are the RunAsUid
541 */
542
543 if (RealUid != 0 && geteuid() == RealUid)
544 {
545 if (tTd(47, 1))
546 sm_dprintf("Non-set-user-ID binary: RunAsUid = RealUid = %d\n",
547 (int) RealUid);
548 RunAsUid = RealUid;
549 }
550 else if (geteuid() != 0)
551 RunAsUid = geteuid();
552
553 EffGid = getegid();
554 if (RealUid != 0 && EffGid == RealGid)
555 RunAsGid = RealGid;
556
557 if (tTd(47, 5))
558 {
559 sm_dprintf("main: e/ruid = %d/%d e/rgid = %d/%d\n",
560 (int) geteuid(), (int) getuid(),
561 (int) getegid(), (int) getgid());
562 sm_dprintf("main: RunAsUser = %d:%d\n",
563 (int) RunAsUid, (int) RunAsGid);
564 }
565
566 /* save command line arguments */
567 j = 0;
568 for (av = argv; *av != NULL; )
569 j += strlen(*av++) + 1;
570 SaveArgv = (char **) xalloc(sizeof (char *) * (argc + 1));
571 CommandLineArgs = xalloc(j);
572 p = CommandLineArgs;
573 for (av = argv, i = 0; *av != NULL; )
574 {
575 int h;
576
577 SaveArgv[i++] = newstr(*av);
578 if (av != argv)
579 *p++ = ' ';
580 (void) sm_strlcpy(p, *av++, j);
581 h = strlen(p);
582 p += h;
583 j -= h + 1;
584 }
585 SaveArgv[i] = NULL;
586
587 if (tTd(0, 1))
588 {
589 extern char *CompileOptions[];
590
591 sm_dprintf("Version %s\n Compiled with:", Version);
592 sm_printoptions(CompileOptions);
593 }
594 if (tTd(0, 10))
595 {
596 extern char *OsCompileOptions[];
597
598 sm_dprintf(" OS Defines:");
599 sm_printoptions(OsCompileOptions);
600#ifdef _PATH_UNIX
601 sm_dprintf("Kernel symbols:\t%s\n", _PATH_UNIX);
602#endif /* _PATH_UNIX */
603
604 sm_dprintf(" Conf file:\t%s (default for MSP)\n",
605 getcfname(OpMode, SubmitMode, SM_GET_SUBMIT_CF,
606 conffile));
607 sm_dprintf(" Conf file:\t%s (default for MTA)\n",
608 getcfname(OpMode, SubmitMode, SM_GET_SENDMAIL_CF,
609 conffile));
610 sm_dprintf(" Pid file:\t%s (default)\n", PidFile);
611 }
612
613 if (tTd(0, 12))
614 {
615 extern char *SmCompileOptions[];
616
617 sm_dprintf(" libsm Defines:");
618 sm_printoptions(SmCompileOptions);
619 }
620
621 if (tTd(0, 13))
622 {
623 extern char *FFRCompileOptions[];
624
625 sm_dprintf(" FFR Defines:");
626 sm_printoptions(FFRCompileOptions);
627 }
628
629 /* clear sendmail's environment */
630 ExternalEnviron = environ;
631 emptyenviron[0] = NULL;
632 environ = emptyenviron;
633
634 /*
635 ** restore any original TZ setting until TimeZoneSpec has been
636 ** determined - or early log messages may get bogus time stamps
637 */
638
639 if ((p = getextenv("TZ")) != NULL)
640 {
641 char *tz;
642 int tzlen;
643
644 /* XXX check for reasonable length? */
645 tzlen = strlen(p) + 4;
646 tz = xalloc(tzlen);
647 (void) sm_strlcpyn(tz, tzlen, 2, "TZ=", p);
648
649 /* XXX check return code? */
650 (void) putenv(tz);
651 }
652
653 /* prime the child environment */
654 sm_setuserenv("AGENT", "sendmail");
655
656 (void) sm_signal(SIGPIPE, SIG_IGN);
657 OldUmask = umask(022);
658 FullName = getextenv("NAME");
659 if (FullName != NULL)
660 FullName = newstr(FullName);
661
662 /*
663 ** Initialize name server if it is going to be used.
664 */
665
666#if NAMED_BIND
667 if (!bitset(RES_INIT, _res.options))
668 (void) res_init();
669 if (tTd(8, 8))
670 _res.options |= RES_DEBUG;
671 else
672 _res.options &= ~RES_DEBUG;
673# ifdef RES_NOALIASES
674 _res.options |= RES_NOALIASES;
675# endif /* RES_NOALIASES */
676 TimeOuts.res_retry[RES_TO_DEFAULT] = _res.retry;
677 TimeOuts.res_retry[RES_TO_FIRST] = _res.retry;
678 TimeOuts.res_retry[RES_TO_NORMAL] = _res.retry;
679 TimeOuts.res_retrans[RES_TO_DEFAULT] = _res.retrans;
680 TimeOuts.res_retrans[RES_TO_FIRST] = _res.retrans;
681 TimeOuts.res_retrans[RES_TO_NORMAL] = _res.retrans;
682#endif /* NAMED_BIND */
683
684 errno = 0;
685 from = NULL;
686
687 /* initialize some macros, etc. */
688 init_vendor_macros(&BlankEnvelope);
689
690 /* version */
691 macdefine(&BlankEnvelope.e_macro, A_PERM, 'v', Version);
692
693 /* hostname */
694 hp = myhostname(jbuf, sizeof jbuf);
695 if (jbuf[0] != '\0')
696 {
697 struct utsname utsname;
698
699 if (tTd(0, 4))
700 sm_dprintf("Canonical name: %s\n", jbuf);
701 macdefine(&BlankEnvelope.e_macro, A_TEMP, 'w', jbuf);
702 macdefine(&BlankEnvelope.e_macro, A_TEMP, 'j', jbuf);
703 setclass('w', jbuf);
704
705 p = strchr(jbuf, '.');
706 if (p != NULL && p[1] != '\0')
707 macdefine(&BlankEnvelope.e_macro, A_TEMP, 'm', &p[1]);
708
709 if (uname(&utsname) >= 0)
710 p = utsname.nodename;
711 else
712 {
713 if (tTd(0, 22))
714 sm_dprintf("uname failed (%s)\n",
715 sm_errstring(errno));
716 makelower(jbuf);
717 p = jbuf;
718 }
719 if (tTd(0, 4))
720 sm_dprintf(" UUCP nodename: %s\n", p);
721 macdefine(&BlankEnvelope.e_macro, A_TEMP, 'k', p);
722 setclass('k', p);
723 setclass('w', p);
724 }
725 if (hp != NULL)
726 {
727 for (av = hp->h_aliases; av != NULL && *av != NULL; av++)
728 {
729 if (tTd(0, 4))
730 sm_dprintf("\ta.k.a.: %s\n", *av);
731 setclass('w', *av);
732 }
733#if NETINET || NETINET6
734 for (i = 0; i >= 0 && hp->h_addr_list[i] != NULL; i++)
735 {
736# if NETINET6
737 char *addr;
738 char buf6[INET6_ADDRSTRLEN];
739 struct in6_addr ia6;
740# endif /* NETINET6 */
741# if NETINET
742 struct in_addr ia;
743# endif /* NETINET */
744 char ipbuf[103];
745
746 ipbuf[0] = '\0';
747 switch (hp->h_addrtype)
748 {
749# if NETINET
750 case AF_INET:
751 if (hp->h_length != INADDRSZ)
752 break;
753
754 memmove(&ia, hp->h_addr_list[i], INADDRSZ);
755 (void) sm_snprintf(ipbuf, sizeof ipbuf,
756 "[%.100s]", inet_ntoa(ia));
757 break;
758# endif /* NETINET */
759
760# if NETINET6
761 case AF_INET6:
762 if (hp->h_length != IN6ADDRSZ)
763 break;
764
765 memmove(&ia6, hp->h_addr_list[i], IN6ADDRSZ);
766 addr = anynet_ntop(&ia6, buf6, sizeof buf6);
767 if (addr != NULL)
768 (void) sm_snprintf(ipbuf, sizeof ipbuf,
769 "[%.100s]", addr);
770 break;
771# endif /* NETINET6 */
772 }
773 if (ipbuf[0] == '\0')
774 break;
775
776 if (tTd(0, 4))
777 sm_dprintf("\ta.k.a.: %s\n", ipbuf);
778 setclass('w', ipbuf);
779 }
780#endif /* NETINET || NETINET6 */
781#if NETINET6
782 freehostent(hp);
783 hp = NULL;
784#endif /* NETINET6 */
785 }
786
787 /* current time */
788 macdefine(&BlankEnvelope.e_macro, A_TEMP, 'b', arpadate((char *) NULL));
789
790 /* current load average */
791 sm_getla();
792
793 QueueLimitRecipient = (QUEUE_CHAR *) NULL;
794 QueueLimitSender = (QUEUE_CHAR *) NULL;
795 QueueLimitId = (QUEUE_CHAR *) NULL;
796 QueueLimitQuarantine = (QUEUE_CHAR *) NULL;
797
798 /*
799 ** Crack argv.
800 */
801
802 optind = 1;
803 while ((j = getopt(argc, argv, OPTIONS)) != -1)
804 {
805 switch (j)
806 {
807 case 'b': /* operations mode */
808 /* already done */
809 break;
810
811 case 'A': /* use Alternate sendmail/submit.cf */
812 cftype = optarg[0] == 'c' ? SM_GET_SUBMIT_CF
813 : SM_GET_SENDMAIL_CF;
814 break;
815
816 case 'B': /* body type */
817 CHECK_AGAINST_OPMODE(j);
818 BlankEnvelope.e_bodytype = newstr(optarg);
819 break;
820
821 case 'C': /* select configuration file (already done) */
822 if (RealUid != 0)
823 warn_C_flag = true;
824 conffile = newstr(optarg);
825 dp = drop_privileges(true);
826 setstat(dp);
827 safecf = false;
828 break;
829
830 case 'D':
831 case 'd': /* debugging */
832 /* already done */
833 break;
834
835 case 'f': /* from address */
836 case 'r': /* obsolete -f flag */
837 CHECK_AGAINST_OPMODE(j);
838 if (from != NULL)
839 {
840 usrerr("More than one \"from\" person");
841 ExitStat = EX_USAGE;
842 break;
843 }
844 if (optarg[0] == '\0')
845 from = newstr("<>");
846 else
847 from = newstr(denlstring(optarg, true, true));
848 if (strcmp(RealUserName, from) != 0)
849 warn_f_flag = j;
850 break;
851
852 case 'F': /* set full name */
853 CHECK_AGAINST_OPMODE(j);
854 FullName = newstr(optarg);
855 break;
856
857 case 'G': /* relay (gateway) submission */
858 /* already set */
859 CHECK_AGAINST_OPMODE(j);
860 break;
861
862 case 'h': /* hop count */
863 CHECK_AGAINST_OPMODE(j);
864 BlankEnvelope.e_hopcount = (short) strtol(optarg, &ep,
865 10);
866 (void) sm_snprintf(buf, sizeof buf, "%d",
867 BlankEnvelope.e_hopcount);
868 macdefine(&BlankEnvelope.e_macro, A_TEMP, 'c', buf);
869
870 if (*ep)
871 {
872 usrerr("Bad hop count (%s)", optarg);
873 ExitStat = EX_USAGE;
874 }
875 break;
876
877 case 'L': /* program label */
878 /* already set */
879 break;
880
881 case 'n': /* don't alias */
882 CHECK_AGAINST_OPMODE(j);
883 NoAlias = true;
884 break;
885
886 case 'N': /* delivery status notifications */
887 CHECK_AGAINST_OPMODE(j);
888 DefaultNotify |= QHASNOTIFY;
889 macdefine(&BlankEnvelope.e_macro, A_TEMP,
890 macid("{dsn_notify}"), optarg);
891 if (sm_strcasecmp(optarg, "never") == 0)
892 break;
893 for (p = optarg; p != NULL; optarg = p)
894 {
895 p = strchr(p, ',');
896 if (p != NULL)
897 *p++ = '\0';
898 if (sm_strcasecmp(optarg, "success") == 0)
899 DefaultNotify |= QPINGONSUCCESS;
900 else if (sm_strcasecmp(optarg, "failure") == 0)
901 DefaultNotify |= QPINGONFAILURE;
902 else if (sm_strcasecmp(optarg, "delay") == 0)
903 DefaultNotify |= QPINGONDELAY;
904 else
905 {
906 usrerr("Invalid -N argument");
907 ExitStat = EX_USAGE;
908 }
909 }
910 break;
911
912 case 'o': /* set option */
913 setoption(*optarg, optarg + 1, false, true,
914 &BlankEnvelope);
915 break;
916
917 case 'O': /* set option (long form) */
918 setoption(' ', optarg, false, true, &BlankEnvelope);
919 break;
920
921 case 'p': /* set protocol */
922 CHECK_AGAINST_OPMODE(j);
923 p = strchr(optarg, ':');
924 if (p != NULL)
925 {
926 *p++ = '\0';
927 if (*p != '\0')
928 {
929 i = strlen(p) + 1;
930 ep = sm_malloc_x(i);
931 cleanstrcpy(ep, p, i);
932 macdefine(&BlankEnvelope.e_macro,
933 A_HEAP, 's', ep);
934 }
935 }
936 if (*optarg != '\0')
937 {
938 i = strlen(optarg) + 1;
939 ep = sm_malloc_x(i);
940 cleanstrcpy(ep, optarg, i);
941 macdefine(&BlankEnvelope.e_macro, A_HEAP,
942 'r', ep);
943 }
944 break;
945
946 case 'Q': /* change quarantining on queued items */
947 /* sanity check */
948 if (OpMode != MD_DELIVER &&
949 OpMode != MD_QUEUERUN)
950 {
951 usrerr("Can not use -Q with -b%c", OpMode);
952 ExitStat = EX_USAGE;
953 break;
954 }
955
956 if (OpMode == MD_DELIVER)
957 set_op_mode(MD_QUEUERUN);
958
959 FullName = NULL;
960
961 quarantining = newstr(optarg);
962 break;
963
964 case 'q': /* run queue files at intervals */
965 /* sanity check */
966 if (OpMode != MD_DELIVER &&
967 OpMode != MD_DAEMON &&
968 OpMode != MD_FGDAEMON &&
969 OpMode != MD_PRINT &&
970 OpMode != MD_PRINTNQE &&
971 OpMode != MD_QUEUERUN)
972 {
973 usrerr("Can not use -q with -b%c", OpMode);
974 ExitStat = EX_USAGE;
975 break;
976 }
977
978 /* don't override -bd, -bD or -bp */
979 if (OpMode == MD_DELIVER)
980 set_op_mode(MD_QUEUERUN);
981
982 FullName = NULL;
983 negate = optarg[0] == '!';
984 if (negate)
985 {
986 /* negate meaning of pattern match */
987 optarg++; /* skip '!' for next switch */
988 }
989
990 switch (optarg[0])
991 {
992 case 'G': /* Limit by queue group name */
993 if (negate)
994 {
995 usrerr("Can not use -q!G");
996 ExitStat = EX_USAGE;
997 break;
998 }
999 if (queuegroup != NULL)
1000 {
1001 usrerr("Can not use multiple -qG options");
1002 ExitStat = EX_USAGE;
1003 break;
1004 }
1005 queuegroup = newstr(&optarg[1]);
1006 break;
1007
1008 case 'I': /* Limit by ID */
1009 new = (QUEUE_CHAR *) xalloc(sizeof *new);
1010 new->queue_match = newstr(&optarg[1]);
1011 new->queue_negate = negate;
1012 new->queue_next = QueueLimitId;
1013 QueueLimitId = new;
1014 break;
1015
1016 case 'R': /* Limit by recipient */
1017 new = (QUEUE_CHAR *) xalloc(sizeof *new);
1018 new->queue_match = newstr(&optarg[1]);
1019 new->queue_negate = negate;
1020 new->queue_next = QueueLimitRecipient;
1021 QueueLimitRecipient = new;
1022 break;
1023
1024 case 'S': /* Limit by sender */
1025 new = (QUEUE_CHAR *) xalloc(sizeof *new);
1026 new->queue_match = newstr(&optarg[1]);
1027 new->queue_negate = negate;
1028 new->queue_next = QueueLimitSender;
1029 QueueLimitSender = new;
1030 break;
1031
1032 case 'f': /* foreground queue run */
1033 foregroundqueue = true;
1034 break;
1035
1036 case 'Q': /* Limit by quarantine message */
1037 if (optarg[1] != '\0')
1038 {
1039 new = (QUEUE_CHAR *) xalloc(sizeof *new);
1040 new->queue_match = newstr(&optarg[1]);
1041 new->queue_negate = negate;
1042 new->queue_next = QueueLimitQuarantine;
1043 QueueLimitQuarantine = new;
1044 }
1045 QueueMode = QM_QUARANTINE;
1046 break;
1047
1048 case 'L': /* act on lost items */
1049 QueueMode = QM_LOST;
1050 break;
1051
1052 case 'p': /* Persistent queue */
1053 queuepersistent = true;
1054 if (QueueIntvl == 0)
1055 QueueIntvl = 1;
1056 if (optarg[1] == '\0')
1057 break;
1058 ++optarg;
1059 /* FALLTHROUGH */
1060
1061 default:
1062 i = Errors;
1063 QueueIntvl = convtime(optarg, 'm');
1064 if (QueueIntvl < 0)
1065 {
1066 usrerr("Invalid -q value");
1067 ExitStat = EX_USAGE;
1068 }
1069
1070 /* check for bad conversion */
1071 if (i < Errors)
1072 ExitStat = EX_USAGE;
1073 break;
1074 }
1075 break;
1076
1077 case 'R': /* DSN RET: what to return */
1078 CHECK_AGAINST_OPMODE(j);
1079 if (bitset(EF_RET_PARAM, BlankEnvelope.e_flags))
1080 {
1081 usrerr("Duplicate -R flag");
1082 ExitStat = EX_USAGE;
1083 break;
1084 }
1085 BlankEnvelope.e_flags |= EF_RET_PARAM;
1086 if (sm_strcasecmp(optarg, "hdrs") == 0)
1087 BlankEnvelope.e_flags |= EF_NO_BODY_RETN;
1088 else if (sm_strcasecmp(optarg, "full") != 0)
1089 {
1090 usrerr("Invalid -R value");
1091 ExitStat = EX_USAGE;
1092 }
1093 macdefine(&BlankEnvelope.e_macro, A_TEMP,
1094 macid("{dsn_ret}"), optarg);
1095 break;
1096
1097 case 't': /* read recipients from message */
1098 CHECK_AGAINST_OPMODE(j);
1099 GrabTo = true;
1100 break;
1101
1102 case 'V': /* DSN ENVID: set "original" envelope id */
1103 CHECK_AGAINST_OPMODE(j);
1104 if (!xtextok(optarg))
1105 {
1106 usrerr("Invalid syntax in -V flag");
1107 ExitStat = EX_USAGE;
1108 }
1109 else
1110 {
1111 BlankEnvelope.e_envid = newstr(optarg);
1112 macdefine(&BlankEnvelope.e_macro, A_TEMP,
1113 macid("{dsn_envid}"), optarg);
1114 }
1115 break;
1116
1117 case 'X': /* traffic log file */
1118 dp = drop_privileges(true);
1119 setstat(dp);
1120 if (stat(optarg, &traf_st) == 0 &&
1121 S_ISFIFO(traf_st.st_mode))
1122 TrafficLogFile = sm_io_open(SmFtStdio,
1123 SM_TIME_DEFAULT,
1124 optarg,
1125 SM_IO_WRONLY, NULL);
1126 else
1127 TrafficLogFile = sm_io_open(SmFtStdio,
1128 SM_TIME_DEFAULT,
1129 optarg,
1130 SM_IO_APPEND, NULL);
1131 if (TrafficLogFile == NULL)
1132 {
1133 syserr("cannot open %s", optarg);
1134 ExitStat = EX_CANTCREAT;
1135 break;
1136 }
1137 (void) sm_io_setvbuf(TrafficLogFile, SM_TIME_DEFAULT,
1138 NULL, SM_IO_LBF, 0);
1139 break;
1140
1141 /* compatibility flags */
1142 case 'c': /* connect to non-local mailers */
1143 case 'i': /* don't let dot stop me */
1144 case 'm': /* send to me too */
1145 case 'T': /* set timeout interval */
1146 case 'v': /* give blow-by-blow description */
1147 setoption(j, "T", false, true, &BlankEnvelope);
1148 break;
1149
1150 case 'e': /* error message disposition */
1151 case 'M': /* define macro */
1152 setoption(j, optarg, false, true, &BlankEnvelope);
1153 break;
1154
1155 case 's': /* save From lines in headers */
1156 setoption('f', "T", false, true, &BlankEnvelope);
1157 break;
1158
1159#ifdef DBM
1160 case 'I': /* initialize alias DBM file */
1161 set_op_mode(MD_INITALIAS);
1162 break;
1163#endif /* DBM */
1164
1165#if defined(__osf__) || defined(_AIX3)
1166 case 'x': /* random flag that OSF/1 & AIX mailx passes */
1167 break;
1168#endif /* defined(__osf__) || defined(_AIX3) */
1169#if defined(sony_news)
1170 case 'E':
1171 case 'J': /* ignore flags for Japanese code conversion
1172 implemented on Sony NEWS */
1173 break;
1174#endif /* defined(sony_news) */
1175
1176 default:
1177 finis(true, true, EX_USAGE);
1178 /* NOTREACHED */
1179 break;
1180 }
1181 }
1182
1183 /* if we've had errors so far, exit now */
1184 if ((ExitStat != EX_OK && OpMode != MD_TEST) ||
1185 ExitStat == EX_OSERR)
1186 {
1187 finis(false, true, ExitStat);
1188 /* NOTREACHED */
1189 }
1190
1191 if (bitset(SUBMIT_MTA, SubmitMode))
1192 {
1193 /* If set daemon_flags on command line, don't reset it */
1194 if (macvalue(macid("{daemon_flags}"), &BlankEnvelope) == NULL)
1195 macdefine(&BlankEnvelope.e_macro, A_PERM,
1196 macid("{daemon_flags}"), "CC f");
1197 }
1198 else if (OpMode == MD_DELIVER || OpMode == MD_SMTP)
1199 {
1200 SubmitMode = SUBMIT_MSA;
1201
1202 /* If set daemon_flags on command line, don't reset it */
1203 if (macvalue(macid("{daemon_flags}"), &BlankEnvelope) == NULL)
1204 macdefine(&BlankEnvelope.e_macro, A_PERM,
1205 macid("{daemon_flags}"), "c u");
1206 }
1207
1208 /*
1209 ** Do basic initialization.
1210 ** Read system control file.
1211 ** Extract special fields for local use.
1212 */
1213
1214#if XDEBUG
1215 checkfd012("before readcf");
1216#endif /* XDEBUG */
1217 vendor_pre_defaults(&BlankEnvelope);
1218
1219 readcf(getcfname(OpMode, SubmitMode, cftype, conffile),
1220 safecf, &BlankEnvelope);
1221#if !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_)
1222 ConfigFileRead = true;
1223#endif /* !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_) */
1224 vendor_post_defaults(&BlankEnvelope);
1225
1226 /* now we can complain about missing fds */
1227 if (MissingFds != 0 && LogLevel > 8)
1228 {
1229 char mbuf[MAXLINE];
1230
1231 mbuf[0] = '\0';
1232 if (bitset(1 << STDIN_FILENO, MissingFds))
1233 (void) sm_strlcat(mbuf, ", stdin", sizeof mbuf);
1234 if (bitset(1 << STDOUT_FILENO, MissingFds))
1235 (void) sm_strlcat(mbuf, ", stdout", sizeof mbuf);
1236 if (bitset(1 << STDERR_FILENO, MissingFds))
1237 (void) sm_strlcat(mbuf, ", stderr", sizeof mbuf);
1238
1239 /* Notice: fill_errno is from high above: fill_fd() */
1240 sm_syslog(LOG_WARNING, NOQID,
1241 "File descriptors missing on startup: %s; %s",
1242 &mbuf[2], sm_errstring(fill_errno));
1243 }
1244
1245 /* Remove the ability for a normal user to send signals */
1246 if (RealUid != 0 && RealUid != geteuid())
1247 {
1248 uid_t new_uid = geteuid();
1249
1250#if HASSETREUID
1251 /*
1252 ** Since we can differentiate between uid and euid,
1253 ** make the uid a different user so the real user
1254 ** can't send signals. However, it doesn't need to be
1255 ** root (euid has root).
1256 */
1257
1258 if (new_uid == 0)
1259 new_uid = DefUid;
1260 if (tTd(47, 5))
1261 sm_dprintf("Changing real uid to %d\n", (int) new_uid);
1262 if (setreuid(new_uid, geteuid()) < 0)
1263 {
1264 syserr("main: setreuid(%d, %d) failed",
1265 (int) new_uid, (int) geteuid());
1266 finis(false, true, EX_OSERR);
1267 /* NOTREACHED */
1268 }
1269 if (tTd(47, 10))
1270 sm_dprintf("Now running as e/ruid %d:%d\n",
1271 (int) geteuid(), (int) getuid());
1272#else /* HASSETREUID */
1273 /*
1274 ** Have to change both effective and real so need to
1275 ** change them both to effective to keep privs.
1276 */
1277
1278 if (tTd(47, 5))
1279 sm_dprintf("Changing uid to %d\n", (int) new_uid);
1280 if (setuid(new_uid) < 0)
1281 {
1282 syserr("main: setuid(%d) failed", (int) new_uid);
1283 finis(false, true, EX_OSERR);
1284 /* NOTREACHED */
1285 }
1286 if (tTd(47, 10))
1287 sm_dprintf("Now running as e/ruid %d:%d\n",
1288 (int) geteuid(), (int) getuid());
1289#endif /* HASSETREUID */
1290 }
1291
1292#if NAMED_BIND
1293 if (FallbackMX != NULL)
1294 (void) getfallbackmxrr(FallbackMX);
1295#endif /* NAMED_BIND */
1296
1297 if (SuperSafe == SAFE_INTERACTIVE && CurEnv->e_sendmode != SM_DELIVER)
1298 {
1299 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
1300 "WARNING: SuperSafe=interactive should only be used with\n DeliveryMode=interactive\n");
1301 }
1302
1303 if (UseMSP && (OpMode == MD_DAEMON || OpMode == MD_FGDAEMON))
1304 {
1305 usrerr("Mail submission program cannot be used as daemon");
1306 finis(false, true, EX_USAGE);
1307 }
1308
1309 if (OpMode == MD_DELIVER || OpMode == MD_SMTP ||
1310 OpMode == MD_QUEUERUN || OpMode == MD_ARPAFTP ||
1311 OpMode == MD_DAEMON || OpMode == MD_FGDAEMON)
1312 makeworkgroups();
1313
1314 /* set up the basic signal handlers */
1315 if (sm_signal(SIGINT, SIG_IGN) != SIG_IGN)
1316 (void) sm_signal(SIGINT, intsig);
1317 (void) sm_signal(SIGTERM, intsig);
1318
1319 /* Enforce use of local time (null string overrides this) */
1320 if (TimeZoneSpec == NULL)
1321 unsetenv("TZ");
1322 else if (TimeZoneSpec[0] != '\0')
1323 sm_setuserenv("TZ", TimeZoneSpec);
1324 else
1325 sm_setuserenv("TZ", NULL);
1326 tzset();
1327
1328 /* initialize mailbox database */
1329 i = sm_mbdb_initialize(Mbdb);
1330 if (i != EX_OK)
1331 {
1332 usrerr("Can't initialize mailbox database \"%s\": %s",
1333 Mbdb, sm_strexit(i));
1334 ExitStat = i;
1335 }
1336
1337 /* avoid denial-of-service attacks */
1338 resetlimits();
1339
1340 if (OpMode == MD_TEST)
1341 {
1342 /* can't be done after readcf if RunAs* is used */
1343 dp = drop_privileges(true);
1344 if (dp != EX_OK)
1345 {
1346 finis(false, true, dp);
1347 /* NOTREACHED */
1348 }
1349 }
1350 else if (OpMode != MD_DAEMON && OpMode != MD_FGDAEMON)
1351 {
1352 /* drop privileges -- daemon mode done after socket/bind */
1353 dp = drop_privileges(false);
1354 setstat(dp);
1355 if (dp == EX_OK && UseMSP && (geteuid() == 0 || getuid() == 0))
1356 {
1357 usrerr("Mail submission program must have RunAsUser set to non root user");
1358 finis(false, true, EX_CONFIG);
1359 /* NOTREACHED */
1360 }
1361 }
1362
1363#if NAMED_BIND
1364 _res.retry = TimeOuts.res_retry[RES_TO_DEFAULT];
1365 _res.retrans = TimeOuts.res_retrans[RES_TO_DEFAULT];
1366#endif /* NAMED_BIND */
1367
1368 /*
1369 ** Find our real host name for future logging.
1370 */
1371
1372 authinfo = getauthinfo(STDIN_FILENO, &forged);
1373 macdefine(&BlankEnvelope.e_macro, A_TEMP, '_', authinfo);
1374
1375 /* suppress error printing if errors mailed back or whatever */
1376 if (BlankEnvelope.e_errormode != EM_PRINT)
1377 HoldErrs = true;
1378
1379 /* set up the $=m class now, after .cf has a chance to redefine $m */
1380 expand("\201m", jbuf, sizeof jbuf, &BlankEnvelope);
1381 if (jbuf[0] != '\0')
1382 setclass('m', jbuf);
1383
1384 /* probe interfaces and locate any additional names */
1385 if (DontProbeInterfaces != DPI_PROBENONE)
1386 load_if_names();
1387
1388 if (tTd(0, 10))
1389 {
1390 char pidpath[MAXPATHLEN];
1391
1392 /* Now we know which .cf file we use */
1393 sm_dprintf(" Conf file:\t%s (selected)\n",
1394 getcfname(OpMode, SubmitMode, cftype, conffile));
1395 expand(PidFile, pidpath, sizeof pidpath, &BlankEnvelope);
1396 sm_dprintf(" Pid file:\t%s (selected)\n", pidpath);
1397 }
1398
1399 if (tTd(0, 1))
1400 {
1401 sm_dprintf("\n============ SYSTEM IDENTITY (after readcf) ============");
1402 sm_dprintf("\n (short domain name) $w = ");
1403 xputs(sm_debug_file(), macvalue('w', &BlankEnvelope));
1404 sm_dprintf("\n (canonical domain name) $j = ");
1405 xputs(sm_debug_file(), macvalue('j', &BlankEnvelope));
1406 sm_dprintf("\n (subdomain name) $m = ");
1407 xputs(sm_debug_file(), macvalue('m', &BlankEnvelope));
1408 sm_dprintf("\n (node name) $k = ");
1409 xputs(sm_debug_file(), macvalue('k', &BlankEnvelope));
1410 sm_dprintf("\n========================================================\n\n");
1411 }
1412
1413 /*
1414 ** Do more command line checking -- these are things that
1415 ** have to modify the results of reading the config file.
1416 */
1417
1418 /* process authorization warnings from command line */
1419 if (warn_C_flag)
1420 auth_warning(&BlankEnvelope, "Processed by %s with -C %s",
1421 RealUserName, conffile);
1422 if (Warn_Q_option && !wordinclass(RealUserName, 't'))
1423 auth_warning(&BlankEnvelope, "Processed from queue %s",
1424 QueueDir);
1425 if (sysloglabel != NULL && !wordinclass(RealUserName, 't') &&
1426 RealUid != 0 && RealUid != TrustedUid && LogLevel > 1)
1427 sm_syslog(LOG_WARNING, NOQID, "user %d changed syslog label",
1428 (int) RealUid);
1429
1430 /* check body type for legality */
1431 i = check_bodytype(BlankEnvelope.e_bodytype);
1432 if (i == BODYTYPE_ILLEGAL)
1433 {
1434 usrerr("Illegal body type %s", BlankEnvelope.e_bodytype);
1435 BlankEnvelope.e_bodytype = NULL;
1436 }
1437 else if (i != BODYTYPE_NONE)
1438 SevenBitInput = (i == BODYTYPE_7BIT);
1439
1440 /* tweak default DSN notifications */
1441 if (DefaultNotify == 0)
1442 DefaultNotify = QPINGONFAILURE|QPINGONDELAY;
1443
1444 /* check for sane configuration level */
1445 if (ConfigLevel > MAXCONFIGLEVEL)
1446 {
1447 syserr("Warning: .cf version level (%d) exceeds sendmail version %s functionality (%d)",
1448 ConfigLevel, Version, MAXCONFIGLEVEL);
1449 }
1450
1451 /* need MCI cache to have persistence */
1452 if (HostStatDir != NULL && MaxMciCache == 0)
1453 {
1454 HostStatDir = NULL;
1455 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
1456 "Warning: HostStatusDirectory disabled with ConnectionCacheSize = 0\n");
1457 }
1458
1459 /* need HostStatusDir in order to have SingleThreadDelivery */
1460 if (SingleThreadDelivery && HostStatDir == NULL)
1461 {
1462 SingleThreadDelivery = false;
1463 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
1464 "Warning: HostStatusDirectory required for SingleThreadDelivery\n");
1465 }
1466
1467#if _FFR_MEMSTAT
1468 j = sm_memstat_open();
1469 if (j < 0 && (RefuseLowMem > 0 || QueueLowMem > 0) && LogLevel > 4)
1470 {
1471 sm_syslog(LOG_WARNING, NOQID,
1472 "cannot get memory statistics, settings ignored, error=%d"
1473 , j);
1474 }
1475#endif /* _FFR_MEMSTAT */
1476
1477 /* check for permissions */
1478 if (RealUid != 0 &&
1479 RealUid != TrustedUid)
1480 {
1481 char *action = NULL;
1482
1483 switch (OpMode)
1484 {
1485 case MD_QUEUERUN:
1486 if (quarantining != NULL)
1487 action = "quarantine jobs";
1488 else
1489 {
1490 /* Normal users can do a single queue run */
1491 if (QueueIntvl == 0)
1492 break;
1493 }
1494
1495 /* but not persistent queue runners */
1496 if (action == NULL)
1497 action = "start a queue runner daemon";
1498 /* FALLTHROUGH */
1499
1500 case MD_PURGESTAT:
1501 if (action == NULL)
1502 action = "purge host status";
1503 /* FALLTHROUGH */
1504
1505 case MD_DAEMON:
1506 case MD_FGDAEMON:
1507 if (action == NULL)
1508 action = "run daemon";
1509
1510 if (tTd(65, 1))
1511 sm_dprintf("Deny user %d attempt to %s\n",
1512 (int) RealUid, action);
1513
1514 if (LogLevel > 1)
1515 sm_syslog(LOG_ALERT, NOQID,
1516 "user %d attempted to %s",
1517 (int) RealUid, action);
1518 HoldErrs = false;
1519 usrerr("Permission denied (real uid not trusted)");
1520 finis(false, true, EX_USAGE);
1521 /* NOTREACHED */
1522 break;
1523
1524 case MD_VERIFY:
1525 if (bitset(PRIV_RESTRICTEXPAND, PrivacyFlags))
1526 {
1527 /*
1528 ** If -bv and RestrictExpand,
1529 ** drop privs to prevent normal
1530 ** users from reading private
1531 ** aliases/forwards/:include:s
1532 */
1533
1534 if (tTd(65, 1))
1535 sm_dprintf("Drop privs for user %d attempt to expand (RestrictExpand)\n",
1536 (int) RealUid);
1537
1538 dp = drop_privileges(true);
1539
1540 /* Fake address safety */
1541 if (tTd(65, 1))
1542 sm_dprintf("Faking DontBlameSendmail=NonRootSafeAddr\n");
1543 setbitn(DBS_NONROOTSAFEADDR, DontBlameSendmail);
1544
1545 if (dp != EX_OK)
1546 {
1547 if (tTd(65, 1))
1548 sm_dprintf("Failed to drop privs for user %d attempt to expand, exiting\n",
1549 (int) RealUid);
1550 CurEnv->e_id = NULL;
1551 finis(true, true, dp);
1552 /* NOTREACHED */
1553 }
1554 }
1555 break;
1556
1557 case MD_TEST:
1558 case MD_PRINT:
1559 case MD_PRINTNQE:
1560 case MD_FREEZE:
1561 case MD_HOSTSTAT:
1562 /* Nothing special to check */
1563 break;
1564
1565 case MD_INITALIAS:
1566 if (!wordinclass(RealUserName, 't'))
1567 {
1568 if (tTd(65, 1))
1569 sm_dprintf("Deny user %d attempt to rebuild the alias map\n",
1570 (int) RealUid);
1571 if (LogLevel > 1)
1572 sm_syslog(LOG_ALERT, NOQID,
1573 "user %d attempted to rebuild the alias map",
1574 (int) RealUid);
1575 HoldErrs = false;
1576 usrerr("Permission denied (real uid not trusted)");
1577 finis(false, true, EX_USAGE);
1578 /* NOTREACHED */
1579 }
1580 if (UseMSP)
1581 {
1582 HoldErrs = false;
1583 usrerr("User %d cannot rebuild aliases in mail submission program",
1584 (int) RealUid);
1585 finis(false, true, EX_USAGE);
1586 /* NOTREACHED */
1587 }
1588 /* FALLTHROUGH */
1589
1590 default:
1591 if (bitset(PRIV_RESTRICTEXPAND, PrivacyFlags) &&
1592 Verbose != 0)
1593 {
1594 /*
1595 ** If -v and RestrictExpand, reset
1596 ** Verbose to prevent normal users
1597 ** from seeing the expansion of
1598 ** aliases/forwards/:include:s
1599 */
1600
1601 if (tTd(65, 1))
1602 sm_dprintf("Dropping verbosity for user %d (RestrictExpand)\n",
1603 (int) RealUid);
1604 Verbose = 0;
1605 }
1606 break;
1607 }
1608 }
1609
1610 if (MeToo)
1611 BlankEnvelope.e_flags |= EF_METOO;
1612
1613 switch (OpMode)
1614 {
1615 case MD_TEST:
1616 /* don't have persistent host status in test mode */
1617 HostStatDir = NULL;
1618 if (Verbose == 0)
1619 Verbose = 2;
1620 BlankEnvelope.e_errormode = EM_PRINT;
1621 HoldErrs = false;
1622 break;
1623
1624 case MD_VERIFY:
1625 BlankEnvelope.e_errormode = EM_PRINT;
1626 HoldErrs = false;
1627 /* arrange to exit cleanly on hangup signal */
1628 if (sm_signal(SIGHUP, SIG_IGN) == (sigfunc_t) SIG_DFL)
1629 (void) sm_signal(SIGHUP, intsig);
1630 if (geteuid() != 0)
1631 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
1632 "Notice: -bv may give misleading output for non-privileged user\n");
1633 break;
1634
1635 case MD_FGDAEMON:
1636 run_in_foreground = true;
1637 set_op_mode(MD_DAEMON);
1638 /* FALLTHROUGH */
1639
1640 case MD_DAEMON:
1641 vendor_daemon_setup(&BlankEnvelope);
1642
1643 /* remove things that don't make sense in daemon mode */
1644 FullName = NULL;
1645 GrabTo = false;
1646
1647 /* arrange to restart on hangup signal */
1648 if (SaveArgv[0] == NULL || SaveArgv[0][0] != '/')
1649 sm_syslog(LOG_WARNING, NOQID,
1650 "daemon invoked without full pathname; kill -1 won't work");
1651 break;
1652
1653 case MD_INITALIAS:
1654 Verbose = 2;
1655 BlankEnvelope.e_errormode = EM_PRINT;
1656 HoldErrs = false;
1657 /* FALLTHROUGH */
1658
1659 default:
1660 /* arrange to exit cleanly on hangup signal */
1661 if (sm_signal(SIGHUP, SIG_IGN) == (sigfunc_t) SIG_DFL)
1662 (void) sm_signal(SIGHUP, intsig);
1663 break;
1664 }
1665
1666 /* special considerations for FullName */
1667 if (FullName != NULL)
1668 {
1669 char *full = NULL;
1670
1671 /* full names can't have newlines */
1672 if (strchr(FullName, '\n') != NULL)
1673 {
1674 full = newstr(denlstring(FullName, true, true));
1675 FullName = full;
1676 }
1677
1678 /* check for characters that may have to be quoted */
1679 if (!rfc822_string(FullName))
1680 {
1681 /*
1682 ** Quote a full name with special characters
1683 ** as a comment so crackaddr() doesn't destroy
1684 ** the name portion of the address.
1685 */
1686
1687 FullName = addquotes(FullName, NULL);
1688 if (full != NULL)
1689 sm_free(full); /* XXX */
1690 }
1691 }
1692
1693 /* do heuristic mode adjustment */
1694 if (Verbose)
1695 {
1696 /* turn off noconnect option */
1697 setoption('c', "F", true, false, &BlankEnvelope);
1698
1699 /* turn on interactive delivery */
1700 setoption('d', "", true, false, &BlankEnvelope);
1701 }
1702
1703#ifdef VENDOR_CODE
1704 /* check for vendor mismatch */
1705 if (VendorCode != VENDOR_CODE)
1706 {
1707 message("Warning: .cf file vendor code mismatch: sendmail expects vendor %s, .cf file vendor is %s",
1708 getvendor(VENDOR_CODE), getvendor(VendorCode));
1709 }
1710#endif /* VENDOR_CODE */
1711
1712 /* check for out of date configuration level */
1713 if (ConfigLevel < MAXCONFIGLEVEL)
1714 {
1715 message("Warning: .cf file is out of date: sendmail %s supports version %d, .cf file is version %d",
1716 Version, MAXCONFIGLEVEL, ConfigLevel);
1717 }
1718
1719 if (ConfigLevel < 3)
1720 UseErrorsTo = true;
1721
1722 /* set options that were previous macros */
1723 if (SmtpGreeting == NULL)
1724 {
1725 if (ConfigLevel < 7 &&
1726 (p = macvalue('e', &BlankEnvelope)) != NULL)
1727 SmtpGreeting = newstr(p);
1728 else
1729 SmtpGreeting = "\201j Sendmail \201v ready at \201b";
1730 }
1731 if (UnixFromLine == NULL)
1732 {
1733 if (ConfigLevel < 7 &&
1734 (p = macvalue('l', &BlankEnvelope)) != NULL)
1735 UnixFromLine = newstr(p);
1736 else
1737 UnixFromLine = "From \201g \201d";
1738 }
1739 SmtpError[0] = '\0';
1740
1741 /* our name for SMTP codes */
1742 expand("\201j", jbuf, sizeof jbuf, &BlankEnvelope);
1743 if (jbuf[0] == '\0')
1744 PSTRSET(MyHostName, "localhost");
1745 else
1746 PSTRSET(MyHostName, jbuf);
1747 if (strchr(MyHostName, '.') == NULL)
1748 message("WARNING: local host name (%s) is not qualified; see cf/README: WHO AM I?",
1749 MyHostName);
1750
1751 /* make certain that this name is part of the $=w class */
1752 setclass('w', MyHostName);
1753
1754 /* fill in the structure of the *default* queue */
1755 st = stab("mqueue", ST_QUEUE, ST_FIND);
1756 if (st == NULL)
1757 syserr("No default queue (mqueue) defined");
1758 else
1759 set_def_queueval(st->s_quegrp, true);
1760
1761 /* the indices of built-in mailers */
1762 st = stab("local", ST_MAILER, ST_FIND);
1763 if (st != NULL)
1764 LocalMailer = st->s_mailer;
1765 else if (OpMode != MD_TEST || !warn_C_flag)
1766 syserr("No local mailer defined");
1767
1768 st = stab("prog", ST_MAILER, ST_FIND);
1769 if (st == NULL)
1770 syserr("No prog mailer defined");
1771 else
1772 {
1773 ProgMailer = st->s_mailer;
1774 clrbitn(M_MUSER, ProgMailer->m_flags);
1775 }
1776
1777 st = stab("*file*", ST_MAILER, ST_FIND);
1778 if (st == NULL)
1779 syserr("No *file* mailer defined");
1780 else
1781 {
1782 FileMailer = st->s_mailer;
1783 clrbitn(M_MUSER, FileMailer->m_flags);
1784 }
1785
1786 st = stab("*include*", ST_MAILER, ST_FIND);
1787 if (st == NULL)
1788 syserr("No *include* mailer defined");
1789 else
1790 InclMailer = st->s_mailer;
1791
1792 if (ConfigLevel < 6)
1793 {
1794 /* heuristic tweaking of local mailer for back compat */
1795 if (LocalMailer != NULL)
1796 {
1797 setbitn(M_ALIASABLE, LocalMailer->m_flags);
1798 setbitn(M_HASPWENT, LocalMailer->m_flags);
1799 setbitn(M_TRYRULESET5, LocalMailer->m_flags);
1800 setbitn(M_CHECKINCLUDE, LocalMailer->m_flags);
1801 setbitn(M_CHECKPROG, LocalMailer->m_flags);
1802 setbitn(M_CHECKFILE, LocalMailer->m_flags);
1803 setbitn(M_CHECKUDB, LocalMailer->m_flags);
1804 }
1805 if (ProgMailer != NULL)
1806 setbitn(M_RUNASRCPT, ProgMailer->m_flags);
1807 if (FileMailer != NULL)
1808 setbitn(M_RUNASRCPT, FileMailer->m_flags);
1809 }
1810 if (ConfigLevel < 7)
1811 {
1812 if (LocalMailer != NULL)
1813 setbitn(M_VRFY250, LocalMailer->m_flags);
1814 if (ProgMailer != NULL)
1815 setbitn(M_VRFY250, ProgMailer->m_flags);
1816 if (FileMailer != NULL)
1817 setbitn(M_VRFY250, FileMailer->m_flags);
1818 }
1819
1820 /* MIME Content-Types that cannot be transfer encoded */
1821 setclass('n', "multipart/signed");
1822
1823 /* MIME message/xxx subtypes that can be treated as messages */
1824 setclass('s', "rfc822");
1825
1826 /* MIME Content-Transfer-Encodings that can be encoded */
1827 setclass('e', "7bit");
1828 setclass('e', "8bit");
1829 setclass('e', "binary");
1830
1831#ifdef USE_B_CLASS
1832 /* MIME Content-Types that should be treated as binary */
1833 setclass('b', "image");
1834 setclass('b', "audio");
1835 setclass('b', "video");
1836 setclass('b', "application/octet-stream");
1837#endif /* USE_B_CLASS */
1838
1839 /* MIME headers which have fields to check for overflow */
1840 setclass(macid("{checkMIMEFieldHeaders}"), "content-disposition");
1841 setclass(macid("{checkMIMEFieldHeaders}"), "content-type");
1842
1843 /* MIME headers to check for length overflow */
1844 setclass(macid("{checkMIMETextHeaders}"), "content-description");
1845
1846 /* MIME headers to check for overflow and rebalance */
1847 setclass(macid("{checkMIMEHeaders}"), "content-disposition");
1848 setclass(macid("{checkMIMEHeaders}"), "content-id");
1849 setclass(macid("{checkMIMEHeaders}"), "content-transfer-encoding");
1850 setclass(macid("{checkMIMEHeaders}"), "content-type");
1851 setclass(macid("{checkMIMEHeaders}"), "mime-version");
1852
1853 /* Macros to save in the queue file -- don't remove any */
1854 setclass(macid("{persistentMacros}"), "r");
1855 setclass(macid("{persistentMacros}"), "s");
1856 setclass(macid("{persistentMacros}"), "_");
1857 setclass(macid("{persistentMacros}"), "{if_addr}");
1858 setclass(macid("{persistentMacros}"), "{daemon_flags}");
1859
1860 /* operate in queue directory */
1861 if (QueueDir == NULL || *QueueDir == '\0')
1862 {
1863 if (OpMode != MD_TEST)
1864 {
1865 syserr("QueueDirectory (Q) option must be set");
1866 ExitStat = EX_CONFIG;
1867 }
1868 }
1869 else
1870 {
1871 if (OpMode != MD_TEST)
1872 setup_queues(OpMode == MD_DAEMON);
1873 }
1874
1875 /* check host status directory for validity */
1876 if (HostStatDir != NULL && !path_is_dir(HostStatDir, false))
1877 {
1878 /* cannot use this value */
1879 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
1880 "Warning: Cannot use HostStatusDirectory = %s: %s\n",
1881 HostStatDir, sm_errstring(errno));
1882 HostStatDir = NULL;
1883 }
1884
1885 if (OpMode == MD_QUEUERUN &&
1886 RealUid != 0 && bitset(PRIV_RESTRICTQRUN, PrivacyFlags))
1887 {
1888 struct stat stbuf;
1889
1890 /* check to see if we own the queue directory */
1891 if (stat(".", &stbuf) < 0)
1892 syserr("main: cannot stat %s", QueueDir);
1893 if (stbuf.st_uid != RealUid)
1894 {
1895 /* nope, really a botch */
1896 HoldErrs = false;
1897 usrerr("You do not have permission to process the queue");
1898 finis(false, true, EX_NOPERM);
1899 /* NOTREACHED */
1900 }
1901 }
1902
1903#if MILTER
1904 /* sanity checks on milter filters */
1905 if (OpMode == MD_DAEMON || OpMode == MD_SMTP)
1906 {
1907 milter_config(InputFilterList, InputFilters, MAXFILTERS);
1908 setup_daemon_milters();
1909 }
1910#endif /* MILTER */
1911
1912 /* Convert queuegroup string to qgrp number */
1913 if (queuegroup != NULL)
1914 {
1915 qgrp = name2qid(queuegroup);
1916 if (qgrp == NOQGRP)
1917 {
1918 HoldErrs = false;
1919 usrerr("Queue group %s unknown", queuegroup);
1920 finis(false, true, ExitStat);
1921 /* NOTREACHED */
1922 }
1923 }
1924
1925 /* if we've had errors so far, exit now */
1926 if (ExitStat != EX_OK && OpMode != MD_TEST)
1927 {
1928 finis(false, true, ExitStat);
1929 /* NOTREACHED */
1930 }
1931
1932#if SASL
1933 /* sendmail specific SASL initialization */
1934 sm_sasl_init();
1935#endif /* SASL */
1936
1937#if XDEBUG
1938 checkfd012("before main() initmaps");
1939#endif /* XDEBUG */
1940
1941 /*
1942 ** Do operation-mode-dependent initialization.
1943 */
1944
1945 switch (OpMode)
1946 {
1947 case MD_PRINT:
1948 /* print the queue */
1949 HoldErrs = false;
1950 dropenvelope(&BlankEnvelope, true, false);
1951 (void) sm_signal(SIGPIPE, sigpipe);
1952 if (qgrp != NOQGRP)
1953 {
1954 int j;
1955
1956 /* Selecting a particular queue group to run */
1957 for (j = 0; j < Queue[qgrp]->qg_numqueues; j++)
1958 {
1959 if (StopRequest)
1960 stop_sendmail();
1961 (void) print_single_queue(qgrp, j);
1962 }
1963 finis(false, true, EX_OK);
1964 /* NOTREACHED */
1965 }
1966 printqueue();
1967 finis(false, true, EX_OK);
1968 /* NOTREACHED */
1969 break;
1970
1971 case MD_PRINTNQE:
1972 /* print number of entries in queue */
1973 dropenvelope(&BlankEnvelope, true, false);
1974 (void) sm_signal(SIGPIPE, sigpipe);
1975 printnqe(smioout, NULL);
1976 finis(false, true, EX_OK);
1977 /* NOTREACHED */
1978 break;
1979
1980 case MD_QUEUERUN:
1981 /* only handle quarantining here */
1982 if (quarantining == NULL)
1983 break;
1984
1985 if (QueueMode != QM_QUARANTINE &&
1986 QueueMode != QM_NORMAL)
1987 {
1988 HoldErrs = false;
1989 usrerr("Can not use -Q with -q%c", QueueMode);
1990 ExitStat = EX_USAGE;
1991 finis(false, true, ExitStat);
1992 /* NOTREACHED */
1993 }
1994 quarantine_queue(quarantining, qgrp);
1995 finis(false, true, EX_OK);
1996 break;
1997
1998 case MD_HOSTSTAT:
1999 (void) sm_signal(SIGPIPE, sigpipe);
2000 (void) mci_traverse_persistent(mci_print_persistent, NULL);
2001 finis(false, true, EX_OK);
2002 /* NOTREACHED */
2003 break;
2004
2005 case MD_PURGESTAT:
2006 (void) mci_traverse_persistent(mci_purge_persistent, NULL);
2007 finis(false, true, EX_OK);
2008 /* NOTREACHED */
2009 break;
2010
2011 case MD_INITALIAS:
2012 /* initialize maps */
2013 initmaps();
2014 finis(false, true, ExitStat);
2015 /* NOTREACHED */
2016 break;
2017
2018 case MD_SMTP:
2019 case MD_DAEMON:
2020 /* reset DSN parameters */
2021 DefaultNotify = QPINGONFAILURE|QPINGONDELAY;
2022 macdefine(&BlankEnvelope.e_macro, A_PERM,
2023 macid("{dsn_notify}"), NULL);
2024 BlankEnvelope.e_envid = NULL;
2025 macdefine(&BlankEnvelope.e_macro, A_PERM,
2026 macid("{dsn_envid}"), NULL);
2027 BlankEnvelope.e_flags &= ~(EF_RET_PARAM|EF_NO_BODY_RETN);
2028 macdefine(&BlankEnvelope.e_macro, A_PERM,
2029 macid("{dsn_ret}"), NULL);
2030
2031 /* don't open maps for daemon -- done below in child */
2032 break;
2033 }
2034
2035 if (tTd(0, 15))
2036 {
2037 /* print configuration table (or at least part of it) */
2038 if (tTd(0, 90))
2039 printrules();
2040 for (i = 0; i < MAXMAILERS; i++)
2041 {
2042 if (Mailer[i] != NULL)
2043 printmailer(sm_debug_file(), Mailer[i]);
2044 }
2045 }
2046
2047 /*
2048 ** Switch to the main envelope.
2049 */
2050
2051 CurEnv = newenvelope(&MainEnvelope, &BlankEnvelope,
2052 sm_rpool_new_x(NULL));
2053 MainEnvelope.e_flags = BlankEnvelope.e_flags;
2054
2055 /*
2056 ** If test mode, read addresses from stdin and process.
2057 */
2058
2059 if (OpMode == MD_TEST)
2060 {
2061 if (isatty(sm_io_getinfo(smioin, SM_IO_WHAT_FD, NULL)))
2062 Verbose = 2;
2063
2064 if (Verbose)
2065 {
2066 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
2067 "ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)\n");
2068 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
2069 "Enter <ruleset> <address>\n");
2070 }
2071 macdefine(&(MainEnvelope.e_macro), A_PERM,
2072 macid("{addr_type}"), "e r");
2073 for (;;)
2074 {
2075 SM_TRY
2076 {
2077 (void) sm_signal(SIGINT, intindebug);
2078 (void) sm_releasesignal(SIGINT);
2079 if (Verbose == 2)
2080 (void) sm_io_fprintf(smioout,
2081 SM_TIME_DEFAULT,
2082 "> ");
2083 (void) sm_io_flush(smioout, SM_TIME_DEFAULT);
2084 if (sm_io_fgets(smioin, SM_TIME_DEFAULT, buf,
2085 sizeof buf) == NULL)
2086 testmodeline("/quit", &MainEnvelope);
2087 p = strchr(buf, '\n');
2088 if (p != NULL)
2089 *p = '\0';
2090 if (Verbose < 2)
2091 (void) sm_io_fprintf(smioout,
2092 SM_TIME_DEFAULT,
2093 "> %s\n", buf);
2094 testmodeline(buf, &MainEnvelope);
2095 }
2096 SM_EXCEPT(exc, "[!F]*")
2097 {
2098 /*
2099 ** 8.10 just prints \n on interrupt.
2100 ** I'm printing the exception here in case
2101 ** sendmail is extended to raise additional
2102 ** exceptions in this context.
2103 */
2104
2105 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
2106 "\n");
2107 sm_exc_print(exc, smioout);
2108 }
2109 SM_END_TRY
2110 }
2111 }
2112
2113#if STARTTLS
2114 tls_ok = true;
2115 if (OpMode == MD_QUEUERUN || OpMode == MD_DELIVER)
2116 {
2117 /* check whether STARTTLS is turned off for the client */
2118 if (chkclientmodifiers(D_NOTLS))
2119 tls_ok = false;
2120 }
2121 else if (OpMode == MD_DAEMON || OpMode == MD_FGDAEMON ||
2122 OpMode == MD_SMTP)
2123 {
2124 /* check whether STARTTLS is turned off for the server */
2125 if (chkdaemonmodifiers(D_NOTLS))
2126 tls_ok = false;
2127 }
2128 else /* other modes don't need STARTTLS */
2129 tls_ok = false;
2130
2131 if (tls_ok)
2132 {
2133 /* basic TLS initialization */
2134 tls_ok = init_tls_library();
2135 }
2136
2137 if (!tls_ok && (OpMode == MD_QUEUERUN || OpMode == MD_DELIVER))
2138 {
2139 /* disable TLS for client */
2140 setclttls(false);
2141 }
2142#endif /* STARTTLS */
2143
2144 /*
2145 ** If collecting stuff from the queue, go start doing that.
2146 */
2147
2148 if (OpMode == MD_QUEUERUN && QueueIntvl == 0)
2149 {
2150 pid_t pid = -1;
2151
2152#if STARTTLS
2153 /* init TLS for client, ignore result for now */
2154 (void) initclttls(tls_ok);
2155#endif /* STARTTLS */
2156
2157 /*
2158 ** The parent process of the caller of runqueue() needs
2159 ** to stay around for a possible SIGTERM. The SIGTERM will
2160 ** tell this process that all of the queue runners children
2161 ** need to be sent SIGTERM as well. At the same time, we
2162 ** want to return control to the command line. So we do an
2163 ** extra fork().
2164 */
2165
2166 if (Verbose || foregroundqueue || (pid = fork()) <= 0)
2167 {
2168 /*
2169 ** If the fork() failed we should still try to do
2170 ** the queue run. If it succeeded then the child
2171 ** is going to start the run and wait for all
2172 ** of the children to finish.
2173 */
2174
2175 if (pid == 0)
2176 {
2177 /* Reset global flags */
2178 RestartRequest = NULL;
2179 ShutdownRequest = NULL;
2180 PendingSignal = 0;
2181
2182 /* disconnect from terminal */
2183 disconnect(2, CurEnv);
2184 }
2185
2186 CurrentPid = getpid();
2187 if (qgrp != NOQGRP)
2188 {
2189 int rwgflags = RWG_NONE;
2190
2191 /*
2192 ** To run a specific queue group mark it to
2193 ** be run, select the work group it's in and
2194 ** increment the work counter.
2195 */
2196
2197 for (i = 0; i < NumQueue && Queue[i] != NULL;
2198 i++)
2199 Queue[i]->qg_nextrun = (time_t) -1;
2200 Queue[qgrp]->qg_nextrun = 0;
2201 if (Verbose)
2202 rwgflags |= RWG_VERBOSE;
2203 if (queuepersistent)
2204 rwgflags |= RWG_PERSISTENT;
2205 rwgflags |= RWG_FORCE;
2206 (void) run_work_group(Queue[qgrp]->qg_wgrp,
2207 rwgflags);
2208 }
2209 else
2210 (void) runqueue(false, Verbose,
2211 queuepersistent, true);
2212
2213 /* set the title to make it easier to find */
2214 sm_setproctitle(true, CurEnv, "Queue control");
2215 (void) sm_signal(SIGCHLD, SIG_DFL);
2216 while (CurChildren > 0)
2217 {
2218 int status;
2219 pid_t ret;
2220
2221 errno = 0;
2222 while ((ret = sm_wait(&status)) <= 0)
2223 {
2224 if (errno == ECHILD)
2225 {
2226 /*
2227 ** Oops... something got messed
2228 ** up really bad. Waiting for
2229 ** non-existent children
2230 ** shouldn't happen. Let's get
2231 ** out of here.
2232 */
2233
2234 CurChildren = 0;
2235 break;
2236 }
2237 continue;
2238 }
2239
2240 /* something is really really wrong */
2241 if (errno == ECHILD)
2242 {
2243 sm_syslog(LOG_ERR, NOQID,
2244 "queue control process: lost all children: wait returned ECHILD");
2245 break;
2246 }
2247
2248 /* Only drop when a child gives status */
2249 if (WIFSTOPPED(status))
2250 continue;
2251
2252 proc_list_drop(ret, status, NULL);
2253 }
2254 }
2255 finis(true, true, ExitStat);
2256 /* NOTREACHED */
2257 }
2258
2259# if SASL
2260 if (OpMode == MD_SMTP || OpMode == MD_DAEMON)
2261 {
2262 /* check whether AUTH is turned off for the server */
2263 if (!chkdaemonmodifiers(D_NOAUTH) &&
2264 (i = sasl_server_init(srvcallbacks, "Sendmail")) != SASL_OK)
2265 syserr("!sasl_server_init failed! [%s]",
2266 sasl_errstring(i, NULL, NULL));
2267 }
2268# endif /* SASL */
2269
2270 if (OpMode == MD_SMTP)
2271 {
2272 proc_list_add(CurrentPid, "Sendmail SMTP Agent",
2273 PROC_DAEMON, 0, -1, NULL);
2274
2275 /* clean up background delivery children */
2276 (void) sm_signal(SIGCHLD, reapchild);
2277 }
2278
2279 /*
2280 ** If a daemon, wait for a request.
2281 ** getrequests will always return in a child.
2282 ** If we should also be processing the queue, start
2283 ** doing it in background.
2284 ** We check for any errors that might have happened
2285 ** during startup.
2286 */
2287
2288 if (OpMode == MD_DAEMON || QueueIntvl > 0)
2289 {
2290 char dtype[200];
2291
2292 if (!run_in_foreground && !tTd(99, 100))
2293 {
2294 /* put us in background */
2295 i = fork();
2296 if (i < 0)
2297 syserr("daemon: cannot fork");
2298 if (i != 0)
2299 {
2300 finis(false, true, EX_OK);
2301 /* NOTREACHED */
2302 }
2303
2304 /*
2305 ** Initialize exception stack and default exception
2306 ** handler for child process.
2307 */
2308
2309 /* Reset global flags */
2310 RestartRequest = NULL;
2311 RestartWorkGroup = false;
2312 ShutdownRequest = NULL;
2313 PendingSignal = 0;
2314 CurrentPid = getpid();
2315
2316 sm_exc_newthread(fatal_error);
2317
2318 /* disconnect from our controlling tty */
2319 disconnect(2, &MainEnvelope);
2320 }
2321
2322 dtype[0] = '\0';
2323 if (OpMode == MD_DAEMON)
|
2322 {
|
2324 (void) sm_strlcat(dtype, "+SMTP", sizeof dtype);
|
2324 DaemonPid = CurrentPid;
2325 }
|
2325 if (QueueIntvl > 0)
2326 {
2327 (void) sm_strlcat2(dtype,
2328 queuepersistent
2329 ? "+persistent-queueing@"
2330 : "+queueing@",
2331 pintvl(QueueIntvl, true),
2332 sizeof dtype);
2333 }
2334 if (tTd(0, 1))
2335 (void) sm_strlcat(dtype, "+debugging", sizeof dtype);
2336
2337 sm_syslog(LOG_INFO, NOQID,
2338 "starting daemon (%s): %s", Version, dtype + 1);
2339#if XLA
2340 xla_create_file();
2341#endif /* XLA */
2342
2343 /* save daemon type in a macro for possible PidFile use */
2344 macdefine(&BlankEnvelope.e_macro, A_TEMP,
2345 macid("{daemon_info}"), dtype + 1);
2346
2347 /* save queue interval in a macro for possible PidFile use */
2348 macdefine(&MainEnvelope.e_macro, A_TEMP,
2349 macid("{queue_interval}"), pintvl(QueueIntvl, true));
2350
2351 /* workaround: can't seem to release the signal in the parent */
2352 (void) sm_signal(SIGHUP, sighup);
2353 (void) sm_releasesignal(SIGHUP);
2354 (void) sm_signal(SIGTERM, sigterm);
2355
2356 if (QueueIntvl > 0)
2357 {
2358 (void) runqueue(true, false, queuepersistent, true);
2359
2360 /*
2361 ** If queuepersistent but not in daemon mode then
2362 ** we're going to do the queue runner monitoring here.
2363 ** If in daemon mode then the monitoring will happen
2364 ** elsewhere.
2365 */
2366
2367 if (OpMode != MD_DAEMON && queuepersistent)
2368 {
2369 /*
2370 ** Write the pid to file
2371 ** XXX Overwrites sendmail.pid
2372 */
2373
2374 log_sendmail_pid(&MainEnvelope);
2375
2376 /* set the title to make it easier to find */
2377 sm_setproctitle(true, CurEnv, "Queue control");
2378 (void) sm_signal(SIGCHLD, SIG_DFL);
2379 while (CurChildren > 0)
2380 {
2381 int status;
2382 pid_t ret;
2383 int group;
2384
2385 CHECK_RESTART;
2386 errno = 0;
2387 while ((ret = sm_wait(&status)) <= 0)
2388 {
2389 /*
2390 ** Waiting for non-existent
2391 ** children shouldn't happen.
2392 ** Let's get out of here if
2393 ** it occurs.
2394 */
2395
2396 if (errno == ECHILD)
2397 {
2398 CurChildren = 0;
2399 break;
2400 }
2401 continue;
2402 }
2403
2404 /* something is really really wrong */
2405 if (errno == ECHILD)
2406 {
2407 sm_syslog(LOG_ERR, NOQID,
2408 "persistent queue runner control process: lost all children: wait returned ECHILD");
2409 break;
2410 }
2411
2412 if (WIFSTOPPED(status))
2413 continue;
2414
2415 /* Probe only on a child status */
2416 proc_list_drop(ret, status, &group);
2417
2418 if (WIFSIGNALED(status))
2419 {
2420 if (WCOREDUMP(status))
2421 {
2422 sm_syslog(LOG_ERR, NOQID,
2423 "persistent queue runner=%d core dumped, signal=%d",
2424 group, WTERMSIG(status));
2425
2426 /* don't restart this */
2427 mark_work_group_restart(
2428 group, -1);
2429 continue;
2430 }
2431
2432 sm_syslog(LOG_ERR, NOQID,
2433 "persistent queue runner=%d died, signal=%d",
2434 group, WTERMSIG(status));
2435 }
2436
2437 /*
2438 ** When debugging active, don't
2439 ** restart the persistent queues.
2440 ** But do log this as info.
2441 */
2442
2443 if (sm_debug_active(&DebugNoPRestart,
2444 1))
2445 {
2446 sm_syslog(LOG_DEBUG, NOQID,
2447 "persistent queue runner=%d, exited",
2448 group);
2449 mark_work_group_restart(group,
2450 -1);
2451 }
2452 }
2453 finis(true, true, ExitStat);
2454 /* NOTREACHED */
2455 }
2456
2457 if (OpMode != MD_DAEMON)
2458 {
2459 char qtype[200];
2460
2461 /*
2462 ** Write the pid to file
2463 ** XXX Overwrites sendmail.pid
2464 */
2465
2466 log_sendmail_pid(&MainEnvelope);
2467
2468 /* set the title to make it easier to find */
2469 qtype[0] = '\0';
2470 (void) sm_strlcpyn(qtype, sizeof qtype, 4,
2471 "Queue runner@",
2472 pintvl(QueueIntvl, true),
2473 " for ",
2474 QueueDir);
2475 sm_setproctitle(true, CurEnv, qtype);
2476 for (;;)
2477 {
2478 (void) pause();
2479
2480 CHECK_RESTART;
2481
2482 if (doqueuerun())
2483 (void) runqueue(true, false,
2484 false, false);
2485 }
2486 }
2487 }
2488 dropenvelope(&MainEnvelope, true, false);
2489
2490#if STARTTLS
2491 /* init TLS for server, ignore result for now */
2492 (void) initsrvtls(tls_ok);
2493#endif /* STARTTLS */
2494
2495 nextreq:
2496 p_flags = getrequests(&MainEnvelope);
2497
2498 /* drop privileges */
2499 (void) drop_privileges(false);
2500
2501 /*
2502 ** Get authentication data
2503 ** Set _ macro in BlankEnvelope before calling newenvelope().
2504 */
2505
2506 authinfo = getauthinfo(sm_io_getinfo(InChannel, SM_IO_WHAT_FD,
2507 NULL), &forged);
2508 macdefine(&BlankEnvelope.e_macro, A_TEMP, '_', authinfo);
2509
2510 /* at this point we are in a child: reset state */
2511 sm_rpool_free(MainEnvelope.e_rpool);
2512 (void) newenvelope(&MainEnvelope, &MainEnvelope,
2513 sm_rpool_new_x(NULL));
2514 }
2515
2516 if (LogLevel > 9)
2517 {
2518 /* log connection information */
2519 sm_syslog(LOG_INFO, NULL, "connect from %s", authinfo);
2520 }
2521
2522 /*
2523 ** If running SMTP protocol, start collecting and executing
2524 ** commands. This will never return.
2525 */
2526
2527 if (OpMode == MD_SMTP || OpMode == MD_DAEMON)
2528 {
2529 char pbuf[20];
2530
2531 /*
2532 ** Save some macros for check_* rulesets.
2533 */
2534
2535 if (forged)
2536 {
2537 char ipbuf[103];
2538
2539 (void) sm_snprintf(ipbuf, sizeof ipbuf, "[%.100s]",
2540 anynet_ntoa(&RealHostAddr));
2541 macdefine(&BlankEnvelope.e_macro, A_TEMP,
2542 macid("{client_name}"), ipbuf);
2543 }
2544 else
2545 macdefine(&BlankEnvelope.e_macro, A_PERM,
2546 macid("{client_name}"), RealHostName);
2547 macdefine(&BlankEnvelope.e_macro, A_PERM,
2548 macid("{client_ptr}"), RealHostName);
2549 macdefine(&BlankEnvelope.e_macro, A_TEMP,
2550 macid("{client_addr}"), anynet_ntoa(&RealHostAddr));
2551 sm_getla();
2552
2553 switch (RealHostAddr.sa.sa_family)
2554 {
2555#if NETINET
2556 case AF_INET:
2557 (void) sm_snprintf(pbuf, sizeof pbuf, "%d",
2558 RealHostAddr.sin.sin_port);
2559 break;
2560#endif /* NETINET */
2561#if NETINET6
2562 case AF_INET6:
2563 (void) sm_snprintf(pbuf, sizeof pbuf, "%d",
2564 RealHostAddr.sin6.sin6_port);
2565 break;
2566#endif /* NETINET6 */
2567 default:
2568 (void) sm_snprintf(pbuf, sizeof pbuf, "0");
2569 break;
2570 }
2571 macdefine(&BlankEnvelope.e_macro, A_TEMP,
2572 macid("{client_port}"), pbuf);
2573
2574 if (OpMode == MD_DAEMON)
2575 {
2576 /* validate the connection */
2577 HoldErrs = true;
2578 nullserver = validate_connection(&RealHostAddr,
2579 macvalue(macid("{client_name}"),
2580 &MainEnvelope),
2581 &MainEnvelope);
2582 HoldErrs = false;
2583 }
2584 else if (p_flags == NULL)
2585 {
2586 p_flags = (BITMAP256 *) xalloc(sizeof *p_flags);
2587 clrbitmap(p_flags);
2588 }
2589#if STARTTLS
2590 if (OpMode == MD_SMTP)
2591 (void) initsrvtls(tls_ok);
2592#endif /* STARTTLS */
2593
2594 /* turn off profiling */
2595 SM_PROF(1);
2596 smtp(nullserver, *p_flags, &MainEnvelope);
2597
2598 if (tTd(93, 100))
2599 {
2600 /* turn off profiling */
2601 SM_PROF(0);
2602 if (OpMode == MD_DAEMON)
2603 goto nextreq;
2604 }
2605 }
2606
2607 sm_rpool_free(MainEnvelope.e_rpool);
2608 clearenvelope(&MainEnvelope, false, sm_rpool_new_x(NULL));
2609 if (OpMode == MD_VERIFY)
2610 {
2611 set_delivery_mode(SM_VERIFY, &MainEnvelope);
2612 PostMasterCopy = NULL;
2613 }
2614 else
2615 {
2616 /* interactive -- all errors are global */
2617 MainEnvelope.e_flags |= EF_GLOBALERRS|EF_LOGSENDER;
2618 }
2619
2620 /*
2621 ** Do basic system initialization and set the sender
2622 */
2623
2624 initsys(&MainEnvelope);
2625 macdefine(&MainEnvelope.e_macro, A_PERM, macid("{ntries}"), "0");
2626 macdefine(&MainEnvelope.e_macro, A_PERM, macid("{nrcpts}"), "0");
2627 setsender(from, &MainEnvelope, NULL, '\0', false);
2628 if (warn_f_flag != '\0' && !wordinclass(RealUserName, 't') &&
2629 (!bitnset(M_LOCALMAILER, MainEnvelope.e_from.q_mailer->m_flags) ||
2630 strcmp(MainEnvelope.e_from.q_user, RealUserName) != 0))
2631 {
2632 auth_warning(&MainEnvelope, "%s set sender to %s using -%c",
2633 RealUserName, from, warn_f_flag);
2634#if SASL
2635 auth = false;
2636#endif /* SASL */
2637 }
2638 if (auth)
2639 {
2640 char *fv;
2641
2642 /* set the initial sender for AUTH= to $f@$j */
2643 fv = macvalue('f', &MainEnvelope);
2644 if (fv == NULL || *fv == '\0')
2645 MainEnvelope.e_auth_param = NULL;
2646 else
2647 {
2648 if (strchr(fv, '@') == NULL)
2649 {
2650 i = strlen(fv) + strlen(macvalue('j',
2651 &MainEnvelope)) + 2;
2652 p = sm_malloc_x(i);
2653 (void) sm_strlcpyn(p, i, 3, fv, "@",
2654 macvalue('j',
2655 &MainEnvelope));
2656 }
2657 else
2658 p = sm_strdup_x(fv);
2659 MainEnvelope.e_auth_param = sm_rpool_strdup_x(MainEnvelope.e_rpool,
2660 xtextify(p, "="));
2661 sm_free(p); /* XXX */
2662 }
2663 }
2664 if (macvalue('s', &MainEnvelope) == NULL)
2665 macdefine(&MainEnvelope.e_macro, A_PERM, 's', RealHostName);
2666
2667 av = argv + optind;
2668 if (*av == NULL && !GrabTo)
2669 {
2670 MainEnvelope.e_to = NULL;
2671 MainEnvelope.e_flags |= EF_GLOBALERRS;
2672 HoldErrs = false;
2673 SuperSafe = SAFE_NO;
2674 usrerr("Recipient names must be specified");
2675
2676 /* collect body for UUCP return */
2677 if (OpMode != MD_VERIFY)
2678 collect(InChannel, false, NULL, &MainEnvelope, true);
2679 finis(true, true, EX_USAGE);
2680 /* NOTREACHED */
2681 }
2682
2683 /*
2684 ** Scan argv and deliver the message to everyone.
2685 */
2686
2687 save_val = LogUsrErrs;
2688 LogUsrErrs = true;
2689 sendtoargv(av, &MainEnvelope);
2690 LogUsrErrs = save_val;
2691
2692 /* if we have had errors sofar, arrange a meaningful exit stat */
2693 if (Errors > 0 && ExitStat == EX_OK)
2694 ExitStat = EX_USAGE;
2695
2696#if _FFR_FIX_DASHT
2697 /*
2698 ** If using -t, force not sending to argv recipients, even
2699 ** if they are mentioned in the headers.
2700 */
2701
2702 if (GrabTo)
2703 {
2704 ADDRESS *q;
2705
2706 for (q = MainEnvelope.e_sendqueue; q != NULL; q = q->q_next)
2707 q->q_state = QS_REMOVED;
2708 }
2709#endif /* _FFR_FIX_DASHT */
2710
2711 /*
2712 ** Read the input mail.
2713 */
2714
2715 MainEnvelope.e_to = NULL;
2716 if (OpMode != MD_VERIFY || GrabTo)
2717 {
2718 int savederrors;
2719 unsigned long savedflags;
2720
2721 /*
2722 ** workaround for compiler warning on Irix:
2723 ** do not initialize variable in the definition, but
2724 ** later on:
2725 ** warning(1548): transfer of control bypasses
2726 ** initialization of:
2727 ** variable "savederrors" (declared at line 2570)
2728 ** variable "savedflags" (declared at line 2571)
2729 ** goto giveup;
2730 */
2731
2732 savederrors = Errors;
2733 savedflags = MainEnvelope.e_flags & EF_FATALERRS;
2734 MainEnvelope.e_flags |= EF_GLOBALERRS;
2735 MainEnvelope.e_flags &= ~EF_FATALERRS;
2736 Errors = 0;
2737 buffer_errors();
2738 collect(InChannel, false, NULL, &MainEnvelope, true);
2739
2740 /* header checks failed */
2741 if (Errors > 0)
2742 {
2743 giveup:
2744 if (!GrabTo)
2745 {
2746 /* Log who the mail would have gone to */
2747 logundelrcpts(&MainEnvelope,
2748 MainEnvelope.e_message,
2749 8, false);
2750 }
2751 flush_errors(true);
2752 finis(true, true, ExitStat);
2753 /* NOTREACHED */
2754 return -1;
2755 }
2756
2757 /* bail out if message too large */
2758 if (bitset(EF_CLRQUEUE, MainEnvelope.e_flags))
2759 {
2760 finis(true, true, ExitStat != EX_OK ? ExitStat
2761 : EX_DATAERR);
2762 /* NOTREACHED */
2763 return -1;
2764 }
2765
2766 /* set message size */
2767 (void) sm_snprintf(buf, sizeof buf, "%ld",
2768 MainEnvelope.e_msgsize);
2769 macdefine(&MainEnvelope.e_macro, A_TEMP,
2770 macid("{msg_size}"), buf);
2771
2772 Errors = savederrors;
2773 MainEnvelope.e_flags |= savedflags;
2774 }
2775 errno = 0;
2776
2777 if (tTd(1, 1))
2778 sm_dprintf("From person = \"%s\"\n",
2779 MainEnvelope.e_from.q_paddr);
2780
2781 /* Check if quarantining stats should be updated */
2782 if (MainEnvelope.e_quarmsg != NULL)
2783 markstats(&MainEnvelope, NULL, STATS_QUARANTINE);
2784
2785 /*
2786 ** Actually send everything.
2787 ** If verifying, just ack.
2788 */
2789
2790 if (Errors == 0)
2791 {
2792 if (!split_by_recipient(&MainEnvelope) &&
2793 bitset(EF_FATALERRS, MainEnvelope.e_flags))
2794 goto giveup;
2795 }
2796
2797 /* make sure we deliver at least the first envelope */
2798 i = FastSplit > 0 ? 0 : -1;
2799 for (e = &MainEnvelope; e != NULL; e = e->e_sibling, i++)
2800 {
2801 ENVELOPE *next;
2802
2803 e->e_from.q_state = QS_SENDER;
2804 if (tTd(1, 5))
2805 {
2806 sm_dprintf("main[%d]: QS_SENDER ", i);
2807 printaddr(sm_debug_file(), &e->e_from, false);
2808 }
2809 e->e_to = NULL;
2810 sm_getla();
2811 GrabTo = false;
2812#if NAMED_BIND
2813 _res.retry = TimeOuts.res_retry[RES_TO_FIRST];
2814 _res.retrans = TimeOuts.res_retrans[RES_TO_FIRST];
2815#endif /* NAMED_BIND */
2816 next = e->e_sibling;
2817 e->e_sibling = NULL;
2818
2819 /* after FastSplit envelopes: queue up */
2820 sendall(e, i >= FastSplit ? SM_QUEUE : SM_DEFAULT);
2821 e->e_sibling = next;
2822 }
2823
2824 /*
2825 ** All done.
2826 ** Don't send return error message if in VERIFY mode.
2827 */
2828
2829 finis(true, true, ExitStat);
2830 /* NOTREACHED */
2831 return ExitStat;
2832}
2833/*
2834** STOP_SENDMAIL -- Stop the running program
2835**
2836** Parameters:
2837** none.
2838**
2839** Returns:
2840** none.
2841**
2842** Side Effects:
2843** exits.
2844*/
2845
2846void
2847stop_sendmail()
2848{
2849 /* reset uid for process accounting */
2850 endpwent();
2851 (void) setuid(RealUid);
2852 exit(EX_OK);
2853}
2854/*
2855** FINIS -- Clean up and exit.
2856**
2857** Parameters:
2858** drop -- whether or not to drop CurEnv envelope
2859** cleanup -- call exit() or _exit()?
2860** exitstat -- exit status to use for exit() call
2861**
2862** Returns:
2863** never
2864**
2865** Side Effects:
2866** exits sendmail
2867*/
2868
2869void
2870finis(drop, cleanup, exitstat)
2871 bool drop;
2872 bool cleanup;
2873 volatile int exitstat;
2874{
2875 char pidpath[MAXPATHLEN];
|
| 2876 pid_t pid; |
2877
2878 /* Still want to process new timeouts added below */
2879 sm_clear_events();
2880 (void) sm_releasesignal(SIGALRM);
2881
2882 if (tTd(2, 1))
2883 {
2884 sm_dprintf("\n====finis: stat %d e_id=%s e_flags=",
2885 exitstat,
2886 CurEnv->e_id == NULL ? "NOQUEUE" : CurEnv->e_id);
2887 printenvflags(CurEnv);
2888 }
2889 if (tTd(2, 9))
2890 printopenfds(false);
2891
2892 SM_TRY
2893 /*
2894 ** Clean up. This might raise E:mta.quickabort
2895 */
2896
2897 /* clean up temp files */
2898 CurEnv->e_to = NULL;
2899 if (drop)
2900 {
2901 if (CurEnv->e_id != NULL)
2902 {
2903 dropenvelope(CurEnv, true, false);
2904 sm_rpool_free(CurEnv->e_rpool);
2905 CurEnv->e_rpool = NULL;
2906 }
2907 else
2908 poststats(StatFile);
2909 }
2910
2911 /* flush any cached connections */
2912 mci_flush(true, NULL);
2913
2914 /* close maps belonging to this pid */
2915 closemaps(false);
2916
2917#if USERDB
2918 /* close UserDatabase */
2919 _udbx_close();
2920#endif /* USERDB */
2921
2922#if SASL
2923 stop_sasl_client();
2924#endif /* SASL */
2925
2926#if XLA
2927 /* clean up extended load average stuff */
2928 xla_all_end();
2929#endif /* XLA */
2930
2931 SM_FINALLY
2932 /*
2933 ** And exit.
2934 */
2935
2936 if (LogLevel > 78)
2937 sm_syslog(LOG_DEBUG, CurEnv->e_id, "finis, pid=%d",
2938 (int) CurrentPid);
2939 if (exitstat == EX_TEMPFAIL ||
2940 CurEnv->e_errormode == EM_BERKNET)
2941 exitstat = EX_OK;
2942
2943 /* XXX clean up queues and related data structures */
2944 cleanup_queues();
|
| 2945 pid = getpid(); |
2946#if SM_CONF_SHM
|
2946 cleanup_shm(DaemonPid == getpid());
|
| 2947 cleanup_shm(DaemonPid == pid); |
2948#endif /* SM_CONF_SHM */
2949
2950 /* close locked pid file */
2951 close_sendmail_pid();
2952
|
2952 if (DaemonPid == getpid() || PidFilePid == getpid())
|
| 2953 if (DaemonPid == pid || PidFilePid == pid) |
2954 {
2955 /* blow away the pid file */
2956 expand(PidFile, pidpath, sizeof pidpath, CurEnv);
2957 (void) unlink(pidpath);
2958 }
2959
2960 /* reset uid for process accounting */
2961 endpwent();
2962 sm_mbdb_terminate();
2963#if _FFR_MEMSTAT
2964 (void) sm_memstat_close();
2965#endif /* _FFR_MEMSTAT */
2966 (void) setuid(RealUid);
2967#if SM_HEAP_CHECK
2968 /* dump the heap, if we are checking for memory leaks */
2969 if (sm_debug_active(&SmHeapCheck, 2))
2970 sm_heap_report(smioout,
2971 sm_debug_level(&SmHeapCheck) - 1);
2972#endif /* SM_HEAP_CHECK */
2973 if (sm_debug_active(&SmXtrapReport, 1))
2974 sm_dprintf("xtrap count = %d\n", SmXtrapCount);
2975 if (cleanup)
2976 exit(exitstat);
2977 else
2978 _exit(exitstat);
2979 SM_END_TRY
2980}
2981/*
2982** INTINDEBUG -- signal handler for SIGINT in -bt mode
2983**
2984** Parameters:
2985** sig -- incoming signal.
2986**
2987** Returns:
2988** none.
2989**
2990** Side Effects:
2991** longjmps back to test mode loop.
2992**
2993** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
2994** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
2995** DOING.
2996*/
2997
2998/* Type of an exception generated on SIGINT during address test mode. */
2999static const SM_EXC_TYPE_T EtypeInterrupt =
3000{
3001 SmExcTypeMagic,
3002 "S:mta.interrupt",
3003 "",
3004 sm_etype_printf,
3005 "interrupt",
3006};
3007
3008/* ARGSUSED */
3009static SIGFUNC_DECL
3010intindebug(sig)
3011 int sig;
3012{
3013 int save_errno = errno;
3014
3015 FIX_SYSV_SIGNAL(sig, intindebug);
3016 errno = save_errno;
3017 CHECK_CRITICAL(sig);
3018 errno = save_errno;
3019 sm_exc_raisenew_x(&EtypeInterrupt);
3020 errno = save_errno;
3021 return SIGFUNC_RETURN;
3022}
3023/*
3024** SIGTERM -- SIGTERM handler for the daemon
3025**
3026** Parameters:
3027** sig -- signal number.
3028**
3029** Returns:
3030** none.
3031**
3032** Side Effects:
3033** Sets ShutdownRequest which will hopefully trigger
3034** the daemon to exit.
3035**
3036** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
3037** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
3038** DOING.
3039*/
3040
3041/* ARGSUSED */
3042static SIGFUNC_DECL
3043sigterm(sig)
3044 int sig;
3045{
3046 int save_errno = errno;
3047
3048 FIX_SYSV_SIGNAL(sig, sigterm);
3049 ShutdownRequest = "signal";
3050 errno = save_errno;
3051 return SIGFUNC_RETURN;
3052}
3053/*
3054** SIGHUP -- handle a SIGHUP signal
3055**
3056** Parameters:
3057** sig -- incoming signal.
3058**
3059** Returns:
3060** none.
3061**
3062** Side Effects:
3063** Sets RestartRequest which should cause the daemon
3064** to restart.
3065**
3066** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
3067** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
3068** DOING.
3069*/
3070
3071/* ARGSUSED */
3072static SIGFUNC_DECL
3073sighup(sig)
3074 int sig;
3075{
3076 int save_errno = errno;
3077
3078 FIX_SYSV_SIGNAL(sig, sighup);
3079 RestartRequest = "signal";
3080 errno = save_errno;
3081 return SIGFUNC_RETURN;
3082}
3083/*
3084** SIGPIPE -- signal handler for SIGPIPE
3085**
3086** Parameters:
3087** sig -- incoming signal.
3088**
3089** Returns:
3090** none.
3091**
3092** Side Effects:
3093** Sets StopRequest which should cause the mailq/hoststatus
3094** display to stop.
3095**
3096** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
3097** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
3098** DOING.
3099*/
3100
3101/* ARGSUSED */
3102static SIGFUNC_DECL
3103sigpipe(sig)
3104 int sig;
3105{
3106 int save_errno = errno;
3107
3108 FIX_SYSV_SIGNAL(sig, sigpipe);
3109 StopRequest = true;
3110 errno = save_errno;
3111 return SIGFUNC_RETURN;
3112}
3113/*
3114** INTSIG -- clean up on interrupt
3115**
3116** This just arranges to exit. It pessimizes in that it
3117** may resend a message.
3118**
3119** Parameters:
3120** none.
3121**
3122** Returns:
3123** none.
3124**
3125** Side Effects:
3126** Unlocks the current job.
3127**
3128** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
3129** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
3130** DOING.
3131**
3132** XXX: More work is needed for this signal handler.
3133*/
3134
3135/* ARGSUSED */
3136SIGFUNC_DECL
3137intsig(sig)
3138 int sig;
3139{
3140 bool drop = false;
3141 int save_errno = errno;
3142
3143 FIX_SYSV_SIGNAL(sig, intsig);
3144 errno = save_errno;
3145 CHECK_CRITICAL(sig);
3146 sm_allsignals(true);
3147
3148 if (sig != 0 && LogLevel > 79)
3149 sm_syslog(LOG_DEBUG, CurEnv->e_id, "interrupt");
3150 FileName = NULL;
3151
3152 /* Clean-up on aborted stdin message submission */
3153 if (CurEnv->e_id != NULL &&
3154 (OpMode == MD_SMTP ||
3155 OpMode == MD_DELIVER ||
3156 OpMode == MD_ARPAFTP))
3157 {
3158 register ADDRESS *q;
3159
3160 /* don't return an error indication */
3161 CurEnv->e_to = NULL;
3162 CurEnv->e_flags &= ~EF_FATALERRS;
3163 CurEnv->e_flags |= EF_CLRQUEUE;
3164
3165 /*
3166 ** Spin through the addresses and
3167 ** mark them dead to prevent bounces
3168 */
3169
3170 for (q = CurEnv->e_sendqueue; q != NULL; q = q->q_next)
3171 q->q_state = QS_DONTSEND;
3172
3173 drop = true;
3174 }
3175 else if (OpMode != MD_TEST)
3176 {
3177 unlockqueue(CurEnv);
3178 }
3179
3180 finis(drop, false, EX_OK);
3181 /* NOTREACHED */
3182}
3183/*
3184** DISCONNECT -- remove our connection with any foreground process
3185**
3186** Parameters:
3187** droplev -- how "deeply" we should drop the line.
3188** 0 -- ignore signals, mail back errors, make sure
3189** output goes to stdout.
3190** 1 -- also, make stdout go to /dev/null.
3191** 2 -- also, disconnect from controlling terminal
3192** (only for daemon mode).
3193** e -- the current envelope.
3194**
3195** Returns:
3196** none
3197**
3198** Side Effects:
3199** Trys to insure that we are immune to vagaries of
3200** the controlling tty.
3201*/
3202
3203void
3204disconnect(droplev, e)
3205 int droplev;
3206 register ENVELOPE *e;
3207{
3208 int fd;
3209
3210 if (tTd(52, 1))
3211 sm_dprintf("disconnect: In %d Out %d, e=%p\n",
3212 sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL),
3213 sm_io_getinfo(OutChannel, SM_IO_WHAT_FD, NULL), e);
3214 if (tTd(52, 100))
3215 {
3216 sm_dprintf("don't\n");
3217 return;
3218 }
3219 if (LogLevel > 93)
3220 sm_syslog(LOG_DEBUG, e->e_id,
3221 "disconnect level %d",
3222 droplev);
3223
3224 /* be sure we don't get nasty signals */
3225 (void) sm_signal(SIGINT, SIG_IGN);
3226 (void) sm_signal(SIGQUIT, SIG_IGN);
3227
3228 /* we can't communicate with our caller, so.... */
3229 HoldErrs = true;
3230 CurEnv->e_errormode = EM_MAIL;
3231 Verbose = 0;
3232 DisConnected = true;
3233
3234 /* all input from /dev/null */
3235 if (InChannel != smioin)
3236 {
3237 (void) sm_io_close(InChannel, SM_TIME_DEFAULT);
3238 InChannel = smioin;
3239 }
3240 if (sm_io_reopen(SmFtStdio, SM_TIME_DEFAULT, SM_PATH_DEVNULL,
3241 SM_IO_RDONLY, NULL, smioin) == NULL)
3242 sm_syslog(LOG_ERR, e->e_id,
3243 "disconnect: sm_io_reopen(\"%s\") failed: %s",
3244 SM_PATH_DEVNULL, sm_errstring(errno));
3245
3246 /*
3247 ** output to the transcript
3248 ** We also compare the fd numbers here since OutChannel
3249 ** might be a layer on top of smioout due to encryption
3250 ** (see sfsasl.c).
3251 */
3252
3253 if (OutChannel != smioout &&
3254 sm_io_getinfo(OutChannel, SM_IO_WHAT_FD, NULL) !=
3255 sm_io_getinfo(smioout, SM_IO_WHAT_FD, NULL))
3256 {
3257 (void) sm_io_close(OutChannel, SM_TIME_DEFAULT);
3258 OutChannel = smioout;
3259
3260#if 0
3261 /*
3262 ** Has smioout been closed? Reopen it.
3263 ** This shouldn't happen anymore, the code is here
3264 ** just as a reminder.
3265 */
3266
3267 if (smioout->sm_magic == NULL &&
3268 sm_io_reopen(SmFtStdio, SM_TIME_DEFAULT, SM_PATH_DEVNULL,
3269 SM_IO_WRONLY, NULL, smioout) == NULL)
3270 sm_syslog(LOG_ERR, e->e_id,
3271 "disconnect: sm_io_reopen(\"%s\") failed: %s",
3272 SM_PATH_DEVNULL, sm_errstring(errno));
3273#endif /* 0 */
3274 }
3275 if (droplev > 0)
3276 {
3277 fd = open(SM_PATH_DEVNULL, O_WRONLY, 0666);
3278 if (fd == -1)
|
| 3279 { |
3280 sm_syslog(LOG_ERR, e->e_id,
3281 "disconnect: open(\"%s\") failed: %s",
3282 SM_PATH_DEVNULL, sm_errstring(errno));
|
| 3283 } |
3284 (void) sm_io_flush(smioout, SM_TIME_DEFAULT);
|
3282 (void) dup2(fd, STDOUT_FILENO);
3283 (void) dup2(fd, STDERR_FILENO);
3284 (void) close(fd);
|
3285 if (fd >= 0)
3286 {
3287 (void) dup2(fd, STDOUT_FILENO);
3288 (void) dup2(fd, STDERR_FILENO);
3289 (void) close(fd);
3290 } |
3291 }
3292
3293 /* drop our controlling TTY completely if possible */
3294 if (droplev > 1)
3295 {
3296 (void) setsid();
3297 errno = 0;
3298 }
3299
3300#if XDEBUG
3301 checkfd012("disconnect");
3302#endif /* XDEBUG */
3303
3304 if (LogLevel > 71)
3305 sm_syslog(LOG_DEBUG, e->e_id, "in background, pid=%d",
3306 (int) CurrentPid);
3307
3308 errno = 0;
3309}
3310
3311static void
3312obsolete(argv)
3313 char *argv[];
3314{
3315 register char *ap;
3316 register char *op;
3317
3318 while ((ap = *++argv) != NULL)
3319 {
3320 /* Return if "--" or not an option of any form. */
3321 if (ap[0] != '-' || ap[1] == '-')
3322 return;
3323
3324 /* Don't allow users to use "-Q." or "-Q ." */
3325 if ((ap[1] == 'Q' && ap[2] == '.') ||
3326 (ap[1] == 'Q' && argv[1] != NULL &&
3327 argv[1][0] == '.' && argv[1][1] == '\0'))
3328 {
3329 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3330 "Can not use -Q.\n");
3331 exit(EX_USAGE);
3332 }
3333
3334 /* skip over options that do have a value */
3335 op = strchr(OPTIONS, ap[1]);
3336 if (op != NULL && *++op == ':' && ap[2] == '\0' &&
3337 ap[1] != 'd' &&
3338#if defined(sony_news)
3339 ap[1] != 'E' && ap[1] != 'J' &&
3340#endif /* defined(sony_news) */
3341 argv[1] != NULL && argv[1][0] != '-')
3342 {
3343 argv++;
3344 continue;
3345 }
3346
3347 /* If -C doesn't have an argument, use sendmail.cf. */
3348#define __DEFPATH "sendmail.cf"
3349 if (ap[1] == 'C' && ap[2] == '\0')
3350 {
3351 *argv = xalloc(sizeof(__DEFPATH) + 2);
3352 (void) sm_strlcpyn(argv[0], sizeof(__DEFPATH) + 2, 2,
3353 "-C", __DEFPATH);
3354 }
3355
3356 /* If -q doesn't have an argument, run it once. */
3357 if (ap[1] == 'q' && ap[2] == '\0')
3358 *argv = "-q0";
3359
3360 /* If -Q doesn't have an argument, disable quarantining */
3361 if (ap[1] == 'Q' && ap[2] == '\0')
3362 *argv = "-Q.";
3363
3364 /* if -d doesn't have an argument, use 0-99.1 */
3365 if (ap[1] == 'd' && ap[2] == '\0')
3366 *argv = "-d0-99.1";
3367
3368#if defined(sony_news)
3369 /* if -E doesn't have an argument, use -EC */
3370 if (ap[1] == 'E' && ap[2] == '\0')
3371 *argv = "-EC";
3372
3373 /* if -J doesn't have an argument, use -JJ */
3374 if (ap[1] == 'J' && ap[2] == '\0')
3375 *argv = "-JJ";
3376#endif /* defined(sony_news) */
3377 }
3378}
3379/*
3380** AUTH_WARNING -- specify authorization warning
3381**
3382** Parameters:
3383** e -- the current envelope.
3384** msg -- the text of the message.
3385** args -- arguments to the message.
3386**
3387** Returns:
3388** none.
3389*/
3390
3391void
3392#ifdef __STDC__
3393auth_warning(register ENVELOPE *e, const char *msg, ...)
3394#else /* __STDC__ */
3395auth_warning(e, msg, va_alist)
3396 register ENVELOPE *e;
3397 const char *msg;
3398 va_dcl
3399#endif /* __STDC__ */
3400{
3401 char buf[MAXLINE];
3402 SM_VA_LOCAL_DECL
3403
3404 if (bitset(PRIV_AUTHWARNINGS, PrivacyFlags))
3405 {
3406 register char *p;
3407 static char hostbuf[48];
3408
3409 if (hostbuf[0] == '\0')
3410 {
3411 struct hostent *hp;
3412
3413 hp = myhostname(hostbuf, sizeof hostbuf);
3414#if NETINET6
3415 if (hp != NULL)
3416 {
3417 freehostent(hp);
3418 hp = NULL;
3419 }
3420#endif /* NETINET6 */
3421 }
3422
3423 (void) sm_strlcpyn(buf, sizeof buf, 2, hostbuf, ": ");
3424 p = &buf[strlen(buf)];
3425 SM_VA_START(ap, msg);
3426 (void) sm_vsnprintf(p, SPACELEFT(buf, p), msg, ap);
3427 SM_VA_END(ap);
3428 addheader("X-Authentication-Warning", buf, 0, e);
3429 if (LogLevel > 3)
3430 sm_syslog(LOG_INFO, e->e_id,
3431 "Authentication-Warning: %.400s",
3432 buf);
3433 }
3434}
3435/*
3436** GETEXTENV -- get from external environment
3437**
3438** Parameters:
3439** envar -- the name of the variable to retrieve
3440**
3441** Returns:
3442** The value, if any.
3443*/
3444
3445static char *
3446getextenv(envar)
3447 const char *envar;
3448{
3449 char **envp;
3450 int l;
3451
3452 l = strlen(envar);
3453 for (envp = ExternalEnviron; envp != NULL && *envp != NULL; envp++)
3454 {
3455 if (strncmp(*envp, envar, l) == 0 && (*envp)[l] == '=')
3456 return &(*envp)[l + 1];
3457 }
3458 return NULL;
3459}
3460/*
3461** SM_SETUSERENV -- set an environment variable in the propagated environment
3462**
3463** Parameters:
3464** envar -- the name of the environment variable.
3465** value -- the value to which it should be set. If
3466** null, this is extracted from the incoming
3467** environment. If that is not set, the call
3468** to sm_setuserenv is ignored.
3469**
3470** Returns:
3471** none.
3472*/
3473
3474void
3475sm_setuserenv(envar, value)
3476 const char *envar;
3477 const char *value;
3478{
3479 int i, l;
3480 char **evp = UserEnviron;
3481 char *p;
3482
3483 if (value == NULL)
3484 {
3485 value = getextenv(envar);
3486 if (value == NULL)
3487 return;
3488 }
3489
3490 /* XXX enforce reasonable size? */
3491 i = strlen(envar) + 1;
3492 l = strlen(value) + i + 1;
3493 p = (char *) xalloc(l);
3494 (void) sm_strlcpyn(p, l, 3, envar, "=", value);
3495
3496 while (*evp != NULL && strncmp(*evp, p, i) != 0)
3497 evp++;
3498 if (*evp != NULL)
3499 {
3500 *evp++ = p;
3501 }
3502 else if (evp < &UserEnviron[MAXUSERENVIRON])
3503 {
3504 *evp++ = p;
3505 *evp = NULL;
3506 }
3507
3508 /* make sure it is in our environment as well */
3509 if (putenv(p) < 0)
3510 syserr("sm_setuserenv: putenv(%s) failed", p);
3511}
3512/*
3513** DUMPSTATE -- dump state
3514**
3515** For debugging.
3516*/
3517
3518void
3519dumpstate(when)
3520 char *when;
3521{
3522 register char *j = macvalue('j', CurEnv);
3523 int rs;
3524 extern int NextMacroId;
3525
3526 sm_syslog(LOG_DEBUG, CurEnv->e_id,
3527 "--- dumping state on %s: $j = %s ---",
3528 when,
3529 j == NULL ? "<NULL>" : j);
3530 if (j != NULL)
3531 {
3532 if (!wordinclass(j, 'w'))
3533 sm_syslog(LOG_DEBUG, CurEnv->e_id,
3534 "*** $j not in $=w ***");
3535 }
3536 sm_syslog(LOG_DEBUG, CurEnv->e_id, "CurChildren = %d", CurChildren);
3537 sm_syslog(LOG_DEBUG, CurEnv->e_id, "NextMacroId = %d (Max %d)",
3538 NextMacroId, MAXMACROID);
3539 sm_syslog(LOG_DEBUG, CurEnv->e_id, "--- open file descriptors: ---");
3540 printopenfds(true);
3541 sm_syslog(LOG_DEBUG, CurEnv->e_id, "--- connection cache: ---");
3542 mci_dump_all(smioout, true);
3543 rs = strtorwset("debug_dumpstate", NULL, ST_FIND);
3544 if (rs > 0)
3545 {
3546 int status;
3547 register char **pvp;
3548 char *pv[MAXATOM + 1];
3549
3550 pv[0] = NULL;
3551 status = REWRITE(pv, rs, CurEnv);
3552 sm_syslog(LOG_DEBUG, CurEnv->e_id,
3553 "--- ruleset debug_dumpstate returns stat %d, pv: ---",
3554 status);
3555 for (pvp = pv; *pvp != NULL; pvp++)
3556 sm_syslog(LOG_DEBUG, CurEnv->e_id, "%s", *pvp);
3557 }
3558 sm_syslog(LOG_DEBUG, CurEnv->e_id, "--- end of state dump ---");
3559}
3560
3561#ifdef SIGUSR1
3562/*
3563** SIGUSR1 -- Signal a request to dump state.
3564**
3565** Parameters:
3566** sig -- calling signal.
3567**
3568** Returns:
3569** none.
3570**
3571** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
3572** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
3573** DOING.
3574**
3575** XXX: More work is needed for this signal handler.
3576*/
3577
3578/* ARGSUSED */
3579static SIGFUNC_DECL
3580sigusr1(sig)
3581 int sig;
3582{
3583 int save_errno = errno;
3584# if SM_HEAP_CHECK
3585 extern void dumpstab __P((void));
3586# endif /* SM_HEAP_CHECK */
3587
3588 FIX_SYSV_SIGNAL(sig, sigusr1);
3589 errno = save_errno;
3590 CHECK_CRITICAL(sig);
3591 dumpstate("user signal");
3592# if SM_HEAP_CHECK
3593 dumpstab();
3594# endif /* SM_HEAP_CHECK */
3595 errno = save_errno;
3596 return SIGFUNC_RETURN;
3597}
3598#endif /* SIGUSR1 */
3599
3600/*
3601** DROP_PRIVILEGES -- reduce privileges to those of the RunAsUser option
3602**
3603** Parameters:
3604** to_real_uid -- if set, drop to the real uid instead
3605** of the RunAsUser.
3606**
3607** Returns:
3608** EX_OSERR if the setuid failed.
3609** EX_OK otherwise.
3610*/
3611
3612int
3613drop_privileges(to_real_uid)
3614 bool to_real_uid;
3615{
3616 int rval = EX_OK;
3617 GIDSET_T emptygidset[1];
3618
3619 if (tTd(47, 1))
3620 sm_dprintf("drop_privileges(%d): Real[UG]id=%d:%d, get[ug]id=%d:%d, gete[ug]id=%d:%d, RunAs[UG]id=%d:%d\n",
3621 (int) to_real_uid,
3622 (int) RealUid, (int) RealGid,
3623 (int) getuid(), (int) getgid(),
3624 (int) geteuid(), (int) getegid(),
3625 (int) RunAsUid, (int) RunAsGid);
3626
3627 if (to_real_uid)
3628 {
3629 RunAsUserName = RealUserName;
3630 RunAsUid = RealUid;
3631 RunAsGid = RealGid;
3632 EffGid = RunAsGid;
3633 }
3634
3635 /* make sure no one can grab open descriptors for secret files */
3636 endpwent();
3637 sm_mbdb_terminate();
3638
3639 /* reset group permissions; these can be set later */
3640 emptygidset[0] = (to_real_uid || RunAsGid != 0) ? RunAsGid : getegid();
3641
3642 /*
3643 ** Notice: on some OS (Linux...) the setgroups() call causes
3644 ** a logfile entry if sendmail is not run by root.
3645 ** However, it is unclear (no POSIX standard) whether
3646 ** setgroups() can only succeed if executed by root.
3647 ** So for now we keep it as it is; if you want to change it, use
3648 ** if (geteuid() == 0 && setgroups(1, emptygidset) == -1)
3649 */
3650
3651 if (setgroups(1, emptygidset) == -1 && geteuid() == 0)
3652 {
3653 syserr("drop_privileges: setgroups(1, %d) failed",
3654 (int) emptygidset[0]);
3655 rval = EX_OSERR;
3656 }
3657
3658 /* reset primary group id */
3659 if (to_real_uid)
3660 {
3661 /*
3662 ** Drop gid to real gid.
3663 ** On some OS we must reset the effective[/real[/saved]] gid,
3664 ** and then use setgid() to finally drop all group privileges.
3665 ** Later on we check whether we can get back the
3666 ** effective gid.
3667 */
3668
3669#if HASSETEGID
3670 if (setegid(RunAsGid) < 0)
3671 {
3672 syserr("drop_privileges: setegid(%d) failed",
3673 (int) RunAsGid);
3674 rval = EX_OSERR;
3675 }
3676#else /* HASSETEGID */
3677# if HASSETREGID
3678 if (setregid(RunAsGid, RunAsGid) < 0)
3679 {
3680 syserr("drop_privileges: setregid(%d, %d) failed",
3681 (int) RunAsGid, (int) RunAsGid);
3682 rval = EX_OSERR;
3683 }
3684# else /* HASSETREGID */
3685# if HASSETRESGID
3686 if (setresgid(RunAsGid, RunAsGid, RunAsGid) < 0)
3687 {
3688 syserr("drop_privileges: setresgid(%d, %d, %d) failed",
3689 (int) RunAsGid, (int) RunAsGid, (int) RunAsGid);
3690 rval = EX_OSERR;
3691 }
3692# endif /* HASSETRESGID */
3693# endif /* HASSETREGID */
3694#endif /* HASSETEGID */
3695 }
3696 if (rval == EX_OK && (to_real_uid || RunAsGid != 0))
3697 {
3698 if (setgid(RunAsGid) < 0 && (!UseMSP || getegid() != RunAsGid))
3699 {
3700 syserr("drop_privileges: setgid(%d) failed",
3701 (int) RunAsGid);
3702 rval = EX_OSERR;
3703 }
3704 errno = 0;
3705 if (rval == EX_OK && getegid() != RunAsGid)
3706 {
3707 syserr("drop_privileges: Unable to set effective gid=%d to RunAsGid=%d",
3708 (int) getegid(), (int) RunAsGid);
3709 rval = EX_OSERR;
3710 }
3711 }
3712
3713 /* fiddle with uid */
3714 if (to_real_uid || RunAsUid != 0)
3715 {
3716 uid_t euid;
3717
3718 /*
3719 ** Try to setuid(RunAsUid).
3720 ** euid must be RunAsUid,
3721 ** ruid must be RunAsUid unless (e|r)uid wasn't 0
3722 ** and we didn't have to drop privileges to the real uid.
3723 */
3724
3725 if (setuid(RunAsUid) < 0 ||
3726 geteuid() != RunAsUid ||
3727 (getuid() != RunAsUid &&
3728 (to_real_uid || geteuid() == 0 || getuid() == 0)))
3729 {
3730#if HASSETREUID
3731 /*
3732 ** if ruid != RunAsUid, euid == RunAsUid, then
3733 ** try resetting just the real uid, then using
3734 ** setuid() to drop the saved-uid as well.
3735 */
3736
3737 if (geteuid() == RunAsUid)
3738 {
3739 if (setreuid(RunAsUid, -1) < 0)
3740 {
3741 syserr("drop_privileges: setreuid(%d, -1) failed",
3742 (int) RunAsUid);
3743 rval = EX_OSERR;
3744 }
3745 if (setuid(RunAsUid) < 0)
3746 {
3747 syserr("drop_privileges: second setuid(%d) attempt failed",
3748 (int) RunAsUid);
3749 rval = EX_OSERR;
3750 }
3751 }
3752 else
3753#endif /* HASSETREUID */
3754 {
3755 syserr("drop_privileges: setuid(%d) failed",
3756 (int) RunAsUid);
3757 rval = EX_OSERR;
3758 }
3759 }
3760 euid = geteuid();
3761 if (RunAsUid != 0 && setuid(0) == 0)
3762 {
3763 /*
3764 ** Believe it or not, the Linux capability model
3765 ** allows a non-root process to override setuid()
3766 ** on a process running as root and prevent that
3767 ** process from dropping privileges.
3768 */
3769
3770 syserr("drop_privileges: setuid(0) succeeded (when it should not)");
3771 rval = EX_OSERR;
3772 }
3773 else if (RunAsUid != euid && setuid(euid) == 0)
3774 {
3775 /*
3776 ** Some operating systems will keep the saved-uid
3777 ** if a non-root effective-uid calls setuid(real-uid)
3778 ** making it possible to set it back again later.
3779 */
3780
3781 syserr("drop_privileges: Unable to drop non-root set-user-ID privileges");
3782 rval = EX_OSERR;
3783 }
3784 }
3785
3786 if ((to_real_uid || RunAsGid != 0) &&
3787 rval == EX_OK && RunAsGid != EffGid &&
3788 getuid() != 0 && geteuid() != 0)
3789 {
3790 errno = 0;
3791 if (setgid(EffGid) == 0)
3792 {
3793 syserr("drop_privileges: setgid(%d) succeeded (when it should not)",
3794 (int) EffGid);
3795 rval = EX_OSERR;
3796 }
3797 }
3798
3799 if (tTd(47, 5))
3800 {
3801 sm_dprintf("drop_privileges: e/ruid = %d/%d e/rgid = %d/%d\n",
3802 (int) geteuid(), (int) getuid(),
3803 (int) getegid(), (int) getgid());
3804 sm_dprintf("drop_privileges: RunAsUser = %d:%d\n",
3805 (int) RunAsUid, (int) RunAsGid);
3806 if (tTd(47, 10))
3807 sm_dprintf("drop_privileges: rval = %d\n", rval);
3808 }
3809 return rval;
3810}
3811/*
3812** FILL_FD -- make sure a file descriptor has been properly allocated
3813**
3814** Used to make sure that stdin/out/err are allocated on startup
3815**
3816** Parameters:
3817** fd -- the file descriptor to be filled.
3818** where -- a string used for logging. If NULL, this is
3819** being called on startup, and logging should
3820** not be done.
3821**
3822** Returns:
3823** none
3824**
3825** Side Effects:
3826** possibly changes MissingFds
3827*/
3828
3829void
3830fill_fd(fd, where)
3831 int fd;
3832 char *where;
3833{
3834 int i;
3835 struct stat stbuf;
3836
3837 if (fstat(fd, &stbuf) >= 0 || errno != EBADF)
3838 return;
3839
3840 if (where != NULL)
3841 syserr("fill_fd: %s: fd %d not open", where, fd);
3842 else
3843 MissingFds |= 1 << fd;
3844 i = open(SM_PATH_DEVNULL, fd == 0 ? O_RDONLY : O_WRONLY, 0666);
3845 if (i < 0)
3846 {
3847 syserr("!fill_fd: %s: cannot open %s",
3848 where == NULL ? "startup" : where, SM_PATH_DEVNULL);
3849 }
3850 if (fd != i)
3851 {
3852 (void) dup2(i, fd);
3853 (void) close(i);
3854 }
3855}
3856/*
3857** SM_PRINTOPTIONS -- print options
3858**
3859** Parameters:
3860** options -- array of options.
3861**
3862** Returns:
3863** none.
3864*/
3865
3866static void
3867sm_printoptions(options)
3868 char **options;
3869{
3870 int ll;
3871 char **av;
3872
3873 av = options;
3874 ll = 7;
3875 while (*av != NULL)
3876 {
3877 if (ll + strlen(*av) > 63)
3878 {
3879 sm_dprintf("\n");
3880 ll = 0;
3881 }
3882 if (ll == 0)
3883 sm_dprintf("\t\t");
3884 else
3885 sm_dprintf(" ");
3886 sm_dprintf("%s", *av);
3887 ll += strlen(*av++) + 1;
3888 }
3889 sm_dprintf("\n");
3890}
3891/*
3892** TESTMODELINE -- process a test mode input line
3893**
3894** Parameters:
3895** line -- the input line.
3896** e -- the current environment.
3897** Syntax:
3898** # a comment
3899** .X process X as a configuration line
3900** =X dump a configuration item (such as mailers)
3901** $X dump a macro or class
3902** /X try an activity
3903** X normal process through rule set X
3904*/
3905
3906static void
3907testmodeline(line, e)
3908 char *line;
3909 ENVELOPE *e;
3910{
3911 register char *p;
3912 char *q;
3913 auto char *delimptr;
3914 int mid;
3915 int i, rs;
3916 STAB *map;
3917 char **s;
3918 struct rewrite *rw;
3919 ADDRESS a;
3920 static int tryflags = RF_COPYNONE;
3921 char exbuf[MAXLINE];
3922 extern unsigned char TokTypeNoC[];
3923
3924 /* skip leading spaces */
3925 while (*line == ' ')
3926 line++;
3927
3928 switch (line[0])
3929 {
3930 case '#':
3931 case '\0':
3932 return;
3933
3934 case '?':
3935 help("-bt", e);
3936 return;
3937
3938 case '.': /* config-style settings */
3939 switch (line[1])
3940 {
3941 case 'D':
3942 mid = macid_parse(&line[2], &delimptr);
3943 if (mid == 0)
3944 return;
3945 translate_dollars(delimptr);
3946 macdefine(&e->e_macro, A_TEMP, mid, delimptr);
3947 break;
3948
3949 case 'C':
3950 if (line[2] == '\0') /* not to call syserr() */
3951 return;
3952
3953 mid = macid_parse(&line[2], &delimptr);
3954 if (mid == 0)
3955 return;
3956 translate_dollars(delimptr);
3957 expand(delimptr, exbuf, sizeof exbuf, e);
3958 p = exbuf;
3959 while (*p != '\0')
3960 {
3961 register char *wd;
3962 char delim;
3963
3964 while (*p != '\0' && isascii(*p) && isspace(*p))
3965 p++;
3966 wd = p;
3967 while (*p != '\0' && !(isascii(*p) && isspace(*p)))
3968 p++;
3969 delim = *p;
3970 *p = '\0';
3971 if (wd[0] != '\0')
3972 setclass(mid, wd);
3973 *p = delim;
3974 }
3975 break;
3976
3977 case '\0':
3978 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3979 "Usage: .[DC]macro value(s)\n");
3980 break;
3981
3982 default:
3983 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3984 "Unknown \".\" command %s\n", line);
3985 break;
3986 }
3987 return;
3988
3989 case '=': /* config-style settings */
3990 switch (line[1])
3991 {
3992 case 'S': /* dump rule set */
3993 rs = strtorwset(&line[2], NULL, ST_FIND);
3994 if (rs < 0)
3995 {
3996 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3997 "Undefined ruleset %s\n", &line[2]);
3998 return;
3999 }
4000 rw = RewriteRules[rs];
4001 if (rw == NULL)
4002 return;
4003 do
4004 {
4005 (void) sm_io_putc(smioout, SM_TIME_DEFAULT,
4006 'R');
4007 s = rw->r_lhs;
4008 while (*s != NULL)
4009 {
4010 xputs(smioout, *s++);
4011 (void) sm_io_putc(smioout,
4012 SM_TIME_DEFAULT, ' ');
4013 }
4014 (void) sm_io_putc(smioout, SM_TIME_DEFAULT,
4015 '\t');
4016 (void) sm_io_putc(smioout, SM_TIME_DEFAULT,
4017 '\t');
4018 s = rw->r_rhs;
4019 while (*s != NULL)
4020 {
4021 xputs(smioout, *s++);
4022 (void) sm_io_putc(smioout,
4023 SM_TIME_DEFAULT, ' ');
4024 }
4025 (void) sm_io_putc(smioout, SM_TIME_DEFAULT,
4026 '\n');
4027 } while ((rw = rw->r_next) != NULL);
4028 break;
4029
4030 case 'M':
4031 for (i = 0; i < MAXMAILERS; i++)
4032 {
4033 if (Mailer[i] != NULL)
4034 printmailer(smioout, Mailer[i]);
4035 }
4036 break;
4037
4038 case '\0':
4039 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4040 "Usage: =Sruleset or =M\n");
4041 break;
4042
4043 default:
4044 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4045 "Unknown \"=\" command %s\n", line);
4046 break;
4047 }
4048 return;
4049
4050 case '-': /* set command-line-like opts */
4051 switch (line[1])
4052 {
4053 case 'd':
4054 tTflag(&line[2]);
4055 break;
4056
4057 case '\0':
4058 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4059 "Usage: -d{debug arguments}\n");
4060 break;
4061
4062 default:
4063 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4064 "Unknown \"-\" command %s\n", line);
4065 break;
4066 }
4067 return;
4068
4069 case '$':
4070 if (line[1] == '=')
4071 {
4072 mid = macid(&line[2]);
4073 if (mid != 0)
4074 stabapply(dump_class, mid);
4075 return;
4076 }
4077 mid = macid(&line[1]);
4078 if (mid == 0)
4079 return;
4080 p = macvalue(mid, e);
4081 if (p == NULL)
4082 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4083 "Undefined\n");
4084 else
4085 {
4086 xputs(smioout, p);
4087 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4088 "\n");
4089 }
4090 return;
4091
4092 case '/': /* miscellaneous commands */
4093 p = &line[strlen(line)];
4094 while (--p >= line && isascii(*p) && isspace(*p))
4095 *p = '\0';
4096 p = strpbrk(line, " \t");
4097 if (p != NULL)
4098 {
4099 while (isascii(*p) && isspace(*p))
4100 *p++ = '\0';
4101 }
4102 else
4103 p = "";
4104 if (line[1] == '\0')
4105 {
4106 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4107 "Usage: /[canon|map|mx|parse|try|tryflags]\n");
4108 return;
4109 }
4110 if (sm_strcasecmp(&line[1], "quit") == 0)
4111 {
4112 CurEnv->e_id = NULL;
4113 finis(true, true, ExitStat);
4114 /* NOTREACHED */
4115 }
4116 if (sm_strcasecmp(&line[1], "mx") == 0)
4117 {
4118#if NAMED_BIND
4119 /* look up MX records */
4120 int nmx;
4121 auto int rcode;
4122 char *mxhosts[MAXMXHOSTS + 1];
4123
4124 if (*p == '\0')
4125 {
4126 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4127 "Usage: /mx address\n");
4128 return;
4129 }
4130 nmx = getmxrr(p, mxhosts, NULL, false, &rcode, true,
4131 NULL);
4132 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4133 "getmxrr(%s) returns %d value(s):\n",
4134 p, nmx);
4135 for (i = 0; i < nmx; i++)
4136 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4137 "\t%s\n", mxhosts[i]);
4138#else /* NAMED_BIND */
4139 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4140 "No MX code compiled in\n");
4141#endif /* NAMED_BIND */
4142 }
4143 else if (sm_strcasecmp(&line[1], "canon") == 0)
4144 {
4145 char host[MAXHOSTNAMELEN];
4146
4147 if (*p == '\0')
4148 {
4149 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4150 "Usage: /canon address\n");
4151 return;
4152 }
4153 else if (sm_strlcpy(host, p, sizeof host) >= sizeof host)
4154 {
4155 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4156 "Name too long\n");
4157 return;
4158 }
4159 (void) getcanonname(host, sizeof host, !HasWildcardMX,
4160 NULL);
4161 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4162 "getcanonname(%s) returns %s\n",
4163 p, host);
4164 }
4165 else if (sm_strcasecmp(&line[1], "map") == 0)
4166 {
4167 auto int rcode = EX_OK;
4168 char *av[2];
4169
4170 if (*p == '\0')
4171 {
4172 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4173 "Usage: /map mapname key\n");
4174 return;
4175 }
4176 for (q = p; *q != '\0' && !(isascii(*q) && isspace(*q)); q++)
4177 continue;
4178 if (*q == '\0')
4179 {
4180 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4181 "No key specified\n");
4182 return;
4183 }
4184 *q++ = '\0';
4185 map = stab(p, ST_MAP, ST_FIND);
4186 if (map == NULL)
4187 {
4188 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4189 "Map named \"%s\" not found\n", p);
4190 return;
4191 }
4192 if (!bitset(MF_OPEN, map->s_map.map_mflags) &&
4193 !openmap(&(map->s_map)))
4194 {
4195 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4196 "Map named \"%s\" not open\n", p);
4197 return;
4198 }
4199 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4200 "map_lookup: %s (%s) ", p, q);
4201 av[0] = q;
4202 av[1] = NULL;
4203 p = (*map->s_map.map_class->map_lookup)
4204 (&map->s_map, q, av, &rcode);
4205 if (p == NULL)
4206 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4207 "no match (%d)\n",
4208 rcode);
4209 else
4210 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4211 "returns %s (%d)\n", p,
4212 rcode);
4213 }
4214 else if (sm_strcasecmp(&line[1], "try") == 0)
4215 {
4216 MAILER *m;
4217 STAB *st;
4218 auto int rcode = EX_OK;
4219
4220 q = strpbrk(p, " \t");
4221 if (q != NULL)
4222 {
4223 while (isascii(*q) && isspace(*q))
4224 *q++ = '\0';
4225 }
4226 if (q == NULL || *q == '\0')
4227 {
4228 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4229 "Usage: /try mailer address\n");
4230 return;
4231 }
4232 st = stab(p, ST_MAILER, ST_FIND);
4233 if (st == NULL)
4234 {
4235 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4236 "Unknown mailer %s\n", p);
4237 return;
4238 }
4239 m = st->s_mailer;
4240 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4241 "Trying %s %s address %s for mailer %s\n",
4242 bitset(RF_HEADERADDR, tryflags) ? "header"
4243 : "envelope",
4244 bitset(RF_SENDERADDR, tryflags) ? "sender"
4245 : "recipient", q, p);
4246 p = remotename(q, m, tryflags, &rcode, CurEnv);
4247 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4248 "Rcode = %d, addr = %s\n",
4249 rcode, p == NULL ? "<NULL>" : p);
4250 e->e_to = NULL;
4251 }
4252 else if (sm_strcasecmp(&line[1], "tryflags") == 0)
4253 {
4254 if (*p == '\0')
4255 {
4256 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4257 "Usage: /tryflags [Hh|Ee][Ss|Rr]\n");
4258 return;
4259 }
4260 for (; *p != '\0'; p++)
4261 {
4262 switch (*p)
4263 {
4264 case 'H':
4265 case 'h':
4266 tryflags |= RF_HEADERADDR;
4267 break;
4268
4269 case 'E':
4270 case 'e':
4271 tryflags &= ~RF_HEADERADDR;
4272 break;
4273
4274 case 'S':
4275 case 's':
4276 tryflags |= RF_SENDERADDR;
4277 break;
4278
4279 case 'R':
4280 case 'r':
4281 tryflags &= ~RF_SENDERADDR;
4282 break;
4283 }
4284 }
4285 exbuf[0] = bitset(RF_HEADERADDR, tryflags) ? 'h' : 'e';
4286 exbuf[1] = ' ';
4287 exbuf[2] = bitset(RF_SENDERADDR, tryflags) ? 's' : 'r';
4288 exbuf[3] = '\0';
4289 macdefine(&e->e_macro, A_TEMP,
4290 macid("{addr_type}"), exbuf);
4291 }
4292 else if (sm_strcasecmp(&line[1], "parse") == 0)
4293 {
4294 if (*p == '\0')
4295 {
4296 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4297 "Usage: /parse address\n");
4298 return;
4299 }
4300 q = crackaddr(p, e);
4301 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4302 "Cracked address = ");
4303 xputs(smioout, q);
4304 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4305 "\nParsing %s %s address\n",
4306 bitset(RF_HEADERADDR, tryflags) ?
4307 "header" : "envelope",
4308 bitset(RF_SENDERADDR, tryflags) ?
4309 "sender" : "recipient");
4310 if (parseaddr(p, &a, tryflags, '\0', NULL, e, true)
4311 == NULL)
4312 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4313 "Cannot parse\n");
4314 else if (a.q_host != NULL && a.q_host[0] != '\0')
4315 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4316 "mailer %s, host %s, user %s\n",
4317 a.q_mailer->m_name,
4318 a.q_host,
4319 a.q_user);
4320 else
4321 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4322 "mailer %s, user %s\n",
4323 a.q_mailer->m_name,
4324 a.q_user);
4325 e->e_to = NULL;
4326 }
4327 else
4328 {
4329 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4330 "Unknown \"/\" command %s\n",
4331 line);
4332 }
4333 return;
4334 }
4335
4336 for (p = line; isascii(*p) && isspace(*p); p++)
4337 continue;
4338 q = p;
4339 while (*p != '\0' && !(isascii(*p) && isspace(*p)))
4340 p++;
4341 if (*p == '\0')
4342 {
4343 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4344 "No address!\n");
4345 return;
4346 }
4347 *p = '\0';
4348 if (invalidaddr(p + 1, NULL, true))
4349 return;
4350 do
4351 {
4352 register char **pvp;
4353 char pvpbuf[PSBUFSIZE];
4354
4355 pvp = prescan(++p, ',', pvpbuf, sizeof pvpbuf, &delimptr,
4356 ConfigLevel >= 9 ? TokTypeNoC : NULL, false);
4357 if (pvp == NULL)
4358 continue;
4359 p = q;
4360 while (*p != '\0')
4361 {
4362 int status;
4363
4364 rs = strtorwset(p, NULL, ST_FIND);
4365 if (rs < 0)
4366 {
4367 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4368 "Undefined ruleset %s\n",
4369 p);
4370 break;
4371 }
4372 status = REWRITE(pvp, rs, e);
4373 if (status != EX_OK)
4374 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4375 "== Ruleset %s (%d) status %d\n",
4376 p, rs, status);
4377 while (*p != '\0' && *p++ != ',')
4378 continue;
4379 }
4380 } while (*(p = delimptr) != '\0');
4381}
4382
4383static void
4384dump_class(s, id)
4385 register STAB *s;
4386 int id;
4387{
4388 if (s->s_symtype != ST_CLASS)
4389 return;
4390 if (bitnset(bitidx(id), s->s_class))
4391 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
4392 "%s\n", s->s_name);
4393}
4394
4395/*
4396** An exception type used to create QuickAbort exceptions.
4397** This is my first cut at converting QuickAbort from longjmp to exceptions.
4398** These exceptions have a single integer argument, which is the argument
4399** to longjmp in the original code (either 1 or 2). I don't know the
4400** significance of 1 vs 2: the calls to setjmp don't care.
4401*/
4402
4403const SM_EXC_TYPE_T EtypeQuickAbort =
4404{
4405 SmExcTypeMagic,
4406 "E:mta.quickabort",
4407 "i",
4408 sm_etype_printf,
4409 "quick abort %0",
4410};
|