X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/8e669ac162fe3b1040297f1d021de10778dce9d9..0f5014860e54132a13e4ecc2f7f1859a9f3a971b:/src/src/spam.c diff --git a/src/src/spam.c b/src/src/spam.c index 77406cea4..63395f2d5 100644 --- a/src/src/spam.c +++ b/src/src/spam.c @@ -1,5 +1,3 @@ -/* $Cambridge: exim/src/src/spam.c,v 1.4 2005/02/17 11:58:26 ph10 Exp $ */ - /************************************************* * Exim - an Internet mail transport agent * *************************************************/ @@ -20,6 +18,7 @@ uschar spam_report_buffer[32600]; uschar prev_user_name[128] = ""; int spam_ok = 0; int spam_rc = 0; +uschar *prev_spamd_address_work = NULL; int spam(uschar **listptr) { int sep = 0; @@ -28,16 +27,28 @@ int spam(uschar **listptr) { uschar user_name_buffer[128]; unsigned long mbox_size; FILE *mbox_file; - int spamd_sock; + int spamd_sock = -1; uschar spamd_buffer[32600]; - int i, j, offset; + int i, j, offset, result; uschar spamd_version[8]; uschar spamd_score_char; double spamd_threshold, spamd_score; int spamd_report_offset; uschar *p,*q; int override = 0; + time_t start; + size_t read, wrote; struct sockaddr_un server; +#ifndef NO_POLL_H + struct pollfd pollfd; +#else /* Patch posted by Erik ? for OS X */ + struct timeval select_tv; /* and applied by PH */ + fd_set select_fd; +#endif + uschar *spamd_address_work; + + /* stop compiler warning */ + result = 0; /* find the username from the option list */ if ((user_name = string_nextinlist(&list, &sep, @@ -59,6 +70,23 @@ int spam(uschar **listptr) { override = 1; }; + /* expand spamd_address if needed */ + if (*spamd_address == '$') { + spamd_address_work = expand_string(spamd_address); + if (spamd_address_work == NULL) { + log_write(0, LOG_MAIN|LOG_PANIC, + "spamassassin acl condition: spamd_address starts with $, but expansion failed: %s", expand_string_message); + return DEFER; + } + } + else + spamd_address_work = spamd_address; + + /* check if previous spamd_address was expanded and has changed. dump cached results if so */ + if ( spam_ok && ( prev_spamd_address_work != NULL) && (Ustrcmp(prev_spamd_address_work, spamd_address_work) != 0)) { + spam_ok = 0; + } + /* if we scanned for this username last time, just return */ if ( spam_ok && ( Ustrcmp(prev_user_name, user_name) == 0 ) ) { if (override) @@ -68,7 +96,7 @@ int spam(uschar **listptr) { }; /* make sure the eml mbox file is spooled up */ - mbox_file = spool_mbox(&mbox_size); + mbox_file = spool_mbox(&mbox_size, NULL); if (mbox_file == NULL) { /* error while spooling */ @@ -77,14 +105,14 @@ int spam(uschar **listptr) { return DEFER; }; + start = time(NULL); + /* socket does not start with '/' -> network socket */ - if (*spamd_address != '/') { - time_t now = time(NULL); + if (*spamd_address_work != '/') { int num_servers = 0; - int current_server = 0; - int start_server = 0; + int current_server; uschar *address = NULL; - uschar *spamd_address_list_ptr = spamd_address; + uschar *spamd_address_list_ptr = spamd_address_work; uschar address_buffer[256]; spamd_address_container * spamd_address_vector[32]; @@ -94,6 +122,7 @@ int spam(uschar **listptr) { address_buffer, sizeof(address_buffer))) != NULL) { + /* Potential memory leak as we never free the store. */ spamd_address_container *this_spamd = (spamd_address_container *)store_get(sizeof(spamd_address_container)); @@ -114,13 +143,15 @@ int spam(uschar **listptr) { if (!num_servers) { log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: no useable spamd server addresses in spamd_address configuration option."); - fclose(mbox_file); + (void)fclose(mbox_file); return DEFER; }; - current_server = start_server = (int)now % num_servers; + while ( num_servers > 0 ) { + int i; - while (1) { + /* Randomly pick a server to try */ + current_server = random_number( num_servers ); debug_printf("trying server %s, port %u\n", spamd_address_vector[current_server]->tcp_addr, @@ -130,7 +161,7 @@ int spam(uschar **listptr) { if ( (spamd_sock = ip_socket(SOCK_STREAM, AF_INET)) < 0) { log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: error creating IP socket for spamd"); - fclose(mbox_file); + (void)fclose(mbox_file); return DEFER; }; @@ -148,16 +179,20 @@ int spam(uschar **listptr) { spamd_address_vector[current_server]->tcp_addr, spamd_address_vector[current_server]->tcp_port, strerror(errno)); - current_server++; - if (current_server >= num_servers) - current_server = 0; - if (current_server == start_server) { - log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: all spamd servers failed"); - fclose(mbox_file); - close(spamd_sock); - return DEFER; - }; - }; + + (void)close(spamd_sock); + + /* Remove the server from the list. XXX We should free the memory */ + num_servers--; + for( i = current_server; i < num_servers; i++ ) + spamd_address_vector[i] = spamd_address_vector[i+1]; + } + + if ( num_servers == 0 ) { + log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: all spamd servers failed"); + (void)fclose(mbox_file); + return DEFER; + } } else { @@ -167,26 +202,34 @@ int spam(uschar **listptr) { log_write(0, LOG_MAIN|LOG_PANIC, "malware acl condition: spamd: unable to acquire socket (%s)", strerror(errno)); - fclose(mbox_file); + (void)fclose(mbox_file); return DEFER; } server.sun_family = AF_UNIX; - Ustrcpy(server.sun_path, spamd_address); + Ustrcpy(server.sun_path, spamd_address_work); if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) { log_write(0, LOG_MAIN|LOG_PANIC, "malware acl condition: spamd: unable to connect to UNIX socket %s (%s)", - spamd_address, strerror(errno) ); - fclose(mbox_file); - close(spamd_sock); + spamd_address_work, strerror(errno) ); + (void)fclose(mbox_file); + (void)close(spamd_sock); return DEFER; } } + if (spamd_sock == -1) { + log_write(0, LOG_MAIN|LOG_PANIC, + "programming fault, spamd_sock unexpectedly unset"); + (void)fclose(mbox_file); + (void)close(spamd_sock); + return DEFER; + } + /* now we are connected to spamd on spamd_sock */ - snprintf(CS spamd_buffer, + (void)string_format(spamd_buffer, sizeof(spamd_buffer), "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n", user_name, @@ -194,42 +237,101 @@ int spam(uschar **listptr) { /* send our request */ if (send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0) < 0) { - close(spamd_sock); + (void)close(spamd_sock); log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: spamd send failed: %s", strerror(errno)); - fclose(mbox_file); - close(spamd_sock); + (void)fclose(mbox_file); + (void)close(spamd_sock); return DEFER; }; /* now send the file */ + /* spamd sometimes accepts conections but doesn't read data off + * the connection. We make the file descriptor non-blocking so + * that the write will only write sufficient data without blocking + * and we poll the desciptor to make sure that we can write without + * blocking. Short writes are gracefully handled and if the whole + * trasaction takes too long it is aborted. + * Note: poll() is not supported in OSX 10.2 and is reported to be + * broken in more recent versions (up to 10.4). + */ +#ifndef NO_POLL_H + pollfd.fd = spamd_sock; + pollfd.events = POLLOUT; +#endif + (void)fcntl(spamd_sock, F_SETFL, O_NONBLOCK); do { - j = fread(spamd_buffer,1,sizeof(spamd_buffer),mbox_file); - if (j > 0) { - i = send(spamd_sock,spamd_buffer,j,0); - if (i != j) { - log_write(0, LOG_MAIN|LOG_PANIC, - "spam acl condition: error/short send to spamd"); - close(spamd_sock); - fclose(mbox_file); + read = fread(spamd_buffer,1,sizeof(spamd_buffer),mbox_file); + if (read > 0) { + offset = 0; +again: +#ifndef NO_POLL_H + result = poll(&pollfd, 1, 1000); + +/* Patch posted by Erik ? for OS X and applied by PH */ +#else + select_tv.tv_sec = 1; + select_tv.tv_usec = 0; + FD_ZERO(&select_fd); + FD_SET(spamd_sock, &select_fd); + result = select(spamd_sock+1, NULL, &select_fd, NULL, &select_tv); +#endif +/* End Erik's patch */ + + if (result == -1 && errno == EINTR) + goto again; + else if (result < 1) { + if (result == -1) + log_write(0, LOG_MAIN|LOG_PANIC, + "spam acl condition: %s on spamd socket", strerror(errno)); + else { + if (time(NULL) - start < SPAMD_TIMEOUT) + goto again; + log_write(0, LOG_MAIN|LOG_PANIC, + "spam acl condition: timed out writing spamd socket"); + } + (void)close(spamd_sock); + (void)fclose(mbox_file); return DEFER; - }; - }; + } + + wrote = send(spamd_sock,spamd_buffer + offset,read - offset,0); + if (wrote == -1) + { + log_write(0, LOG_MAIN|LOG_PANIC, + "spam acl condition: %s on spamd socket", strerror(errno)); + (void)close(spamd_sock); + (void)fclose(mbox_file); + return DEFER; + } + if (offset + wrote != read) { + offset += wrote; + goto again; + } + } + } + while (!feof(mbox_file) && !ferror(mbox_file)); + if (ferror(mbox_file)) { + log_write(0, LOG_MAIN|LOG_PANIC, + "spam acl condition: error reading spool file: %s", strerror(errno)); + (void)close(spamd_sock); + (void)fclose(mbox_file); + return DEFER; } - while (j > 0); - fclose(mbox_file); + (void)fclose(mbox_file); /* we're done sending, close socket for writing */ shutdown(spamd_sock,SHUT_WR); - /* read spamd response */ + /* read spamd response using what's left of the timeout. + */ memset(spamd_buffer, 0, sizeof(spamd_buffer)); offset = 0; while((i = ip_recv(spamd_sock, spamd_buffer + offset, sizeof(spamd_buffer) - offset - 1, - SPAMD_READ_TIMEOUT)) > 0 ) { + SPAMD_TIMEOUT - time(NULL) + start)) > 0 ) { offset += i; } @@ -237,19 +339,19 @@ int spam(uschar **listptr) { if((i <= 0) && (errno != 0)) { log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: error reading from spamd socket: %s", strerror(errno)); - close(spamd_sock); + (void)close(spamd_sock); return DEFER; } /* reading done */ - close(spamd_sock); + (void)close(spamd_sock); /* dig in the spamd output and put the report in a multiline header, if requested */ - if( sscanf(CS spamd_buffer,"SPAMD/%s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n", + if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n", spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { /* try to fall back to pre-2.50 spamd output */ - if( sscanf(CS spamd_buffer,"SPAMD/%s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n", + if( sscanf(CS spamd_buffer,"SPAMD/%7s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n", spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) { log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: cannot parse spamd output"); @@ -270,13 +372,10 @@ int spam(uschar **listptr) { *q = *p; q++; if (*p == '\n') { - *q = '\t'; + /* add an extra space after the newline to ensure + that it is treated as a header continuation line */ + *q = ' '; q++; - /* eat whitespace */ - while( (*p <= ' ') && (*p != '\0') ) { - p++; - }; - p--; }; p++; }; @@ -306,12 +405,12 @@ int spam(uschar **listptr) { spam_bar = spam_bar_buffer; /* create "float" spam score */ - snprintf(CS spam_score_buffer, sizeof(spam_score_buffer),"%.1f", spamd_score); + (void)string_format(spam_score_buffer, sizeof(spam_score_buffer),"%.1f", spamd_score); spam_score = spam_score_buffer; /* create "int" spam score */ j = (int)((spamd_score + 0.001)*10); - snprintf(CS spam_score_int_buffer, sizeof(spam_score_int_buffer), "%d", j); + (void)string_format(spam_score_int_buffer, sizeof(spam_score_int_buffer), "%d", j); spam_score_int = spam_score_int_buffer; /* compare threshold against score */ @@ -324,6 +423,10 @@ int spam(uschar **listptr) { spam_rc = FAIL; }; + /* remember expanded spamd_address if needed */ + if (spamd_address_work != spamd_address) { + prev_spamd_address_work = string_copy(spamd_address_work); + } /* remember user name and "been here" for it */ Ustrcpy(prev_user_name, user_name); spam_ok = 1;