1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) University of Cambridge 1995 - 2018 */
6 /* Copyright (c) The Exim Maintainers 2020 */
7 /* See the file NOTICE for conditions of use and distribution. */
9 /* Functions that operate on the input queue. */
20 #ifndef COMPILE_UTILITY
22 /* The number of nodes to use for the bottom-up merge sort when a list of queue
23 items is to be ordered. The code for this sort was contributed as a patch by
26 #define LOG2_MAXNODES 32
30 /*************************************************
31 * Helper sort function for queue_get_spool_list *
32 *************************************************/
34 /* This function is used when sorting the queue list in the function
35 queue_get_spool_list() below.
38 a points to an ordered list of queue_filename items
39 b points to another ordered list
41 Returns: a pointer to a merged ordered list
44 static queue_filename *
45 merge_queue_lists(queue_filename *a, queue_filename *b)
47 queue_filename *first = NULL;
48 queue_filename **append = &first;
53 if ((d = Ustrncmp(a->text, b->text, 6)) == 0)
54 d = Ustrcmp(a->text + 14, b->text + 14);
77 /*************************************************
78 * Get list of spool files *
79 *************************************************/
81 /* Scan the spool directory and return a list of the relevant file names
82 therein. Single-character sub-directories are handled as follows:
84 If the first argument is > 0, a sub-directory is scanned; the letter is
85 taken from the nth entry in subdirs.
87 If the first argument is 0, sub-directories are not scanned. However, a
88 list of them is returned.
90 If the first argument is < 0, sub-directories are scanned for messages,
91 and a single, unified list is created. The returned data blocks contain the
92 identifying character of the subdirectory, if any. The subdirs vector is
93 still required as an argument.
95 If the randomize argument is TRUE, messages are returned in "randomized" order.
96 Actually, the order is anything but random, but the algorithm is cheap, and the
97 point is simply to ensure that the same order doesn't occur every time, in case
98 a particular message is causing a remote MTA to barf - we would like to try
99 other messages to that MTA first.
101 If the randomize argument is FALSE, sort the list according to the file name.
102 This should give the order in which the messages arrived. It is normally used
103 only for presentation to humans, in which case the (possibly expensive) sort
104 that it does is not part of the normal operational code. However, if
105 queue_run_in_order is set, sorting has to take place for queue runs as well.
106 When randomize is FALSE, the first argument is normally -1, so all messages are
110 subdiroffset sub-directory character offset, or 0 or -1 (see above)
111 subdirs vector to store list of subdirchars
112 subcount pointer to int in which to store count of subdirs
113 randomize TRUE if the order of the list is to be unpredictable
114 pcount If not NULL, fill in with count of files and do not return list
116 Returns: pointer to a chain of queue name items
119 static queue_filename *
120 queue_get_spool_list(int subdiroffset, uschar *subdirs, int *subcount,
121 BOOL randomize, unsigned * pcount)
127 queue_filename *yield = NULL;
128 queue_filename *last = NULL;
130 queue_filename *root[LOG2_MAXNODES];
132 /* When randomizing, the file names are added to the start or end of the list
133 according to the bits of the flags variable. Get a collection of bits from the
134 current time. Use the bottom 16 and just keep re-using them if necessary. When
135 not randomizing, initialize the sublists for the bottom-up merge sort. */
140 resetflags = time(NULL) & 0xFFFF;
142 for (i = 0; i < LOG2_MAXNODES; i++)
145 /* If processing the full queue, or just the top-level, start at the base
146 directory, and initialize the first subdirectory name (as none). Otherwise,
147 start at the sub-directory offset. */
149 if (subdiroffset <= 0)
158 /* Set up prototype for the directory name. */
160 spool_pname_buf(buffer, sizeof(buffer));
161 buffer[sizeof(buffer) - 3] = 0;
162 subptr = Ustrlen(buffer);
163 buffer[subptr+2] = 0; /* terminator for lengthened name */
165 /* This loop runs at least once, for the main or given directory, and then as
166 many times as necessary to scan any subdirectories encountered in the main
167 directory, if they are to be scanned at this time. */
169 for (; i <= *subcount; i++)
172 int subdirchar = subdirs[i]; /* 0 for main directory */
177 buffer[subptr] = '/';
178 buffer[subptr+1] = subdirchar;
181 DEBUG(D_queue_run) debug_printf("looking in %s\n", buffer);
182 if (!(dd = exim_opendir(buffer)))
185 /* Now scan the directory. */
187 for (struct dirent *ent; ent = readdir(dd); )
189 uschar *name = US ent->d_name;
190 int len = Ustrlen(name);
196 /* If we find a single alphameric sub-directory in the base directory,
197 add it to the list for subsequent scans. */
199 if (i == 0 && len == 1 && isalnum(*name))
201 *subcount = *subcount + 1;
202 subdirs[*subcount] = *name;
206 /* Otherwise, if it is a header spool file, add it to the list */
208 if (len == SPOOL_NAME_LENGTH &&
209 Ustrcmp(name + SPOOL_NAME_LENGTH - 2, "-H") == 0)
214 queue_filename *next =
215 store_get(sizeof(queue_filename) + Ustrlen(name), is_tainted(name));
216 Ustrcpy(next->text, name);
217 next->dir_uschar = subdirchar;
219 /* Handle the creation of a randomized list. The first item becomes both
220 the top and bottom of the list. Subsequent items are inserted either at
221 the top or the bottom, randomly. This is, I argue, faster than doing a
222 sort by allocating a random number to each item, and it also saves having
223 to store the number with each item. */
235 if ((flags & 1) == 0)
249 /* Otherwise do a bottom-up merge sort based on the name. */
254 for (int j = 0; j < LOG2_MAXNODES; j++)
257 next = merge_queue_lists(next, root[j]);
258 root[j] = j == LOG2_MAXNODES - 1 ? next : NULL;
269 /* Finished with this directory */
273 /* If we have just scanned a sub-directory, and it was empty (count == 2
274 implies just "." and ".." entries), and Exim is no longer configured to
275 use sub-directories, attempt to get rid of it. At the same time, try to
276 get rid of any corresponding msglog subdirectory. These are just cosmetic
277 tidying actions, so just ignore failures. If we are scanning just a single
278 sub-directory, break the loop. */
282 if (!split_spool_directory && count <= 2)
287 subdir[0] = subdirchar; subdir[1] = 0;
288 rmdir(CS spool_dname(US"msglog", subdir));
290 if (subdiroffset > 0) break; /* Single sub-directory */
293 /* If we have just scanned the base directory, and subdiroffset is 0,
294 we do not want to continue scanning the sub-directories. */
296 else if (subdiroffset == 0)
298 } /* Loop for multiple subdirectories */
300 /* When using a bottom-up merge sort, do the final merging of the sublists.
301 Then pass back the final list of file items. */
303 if (!pcount && !randomize)
304 for (i = 0; i < LOG2_MAXNODES; ++i)
305 yield = merge_queue_lists(yield, root[i]);
313 /*************************************************
314 * Perform a queue run *
315 *************************************************/
317 /* The arguments give the messages to start and stop at; NULL means start at
318 the beginning or stop at the end. If the given start message doesn't exist, we
319 start at the next lexically greater one, and likewise we stop at the after the
320 previous lexically lesser one if the given stop message doesn't exist. Because
321 a queue run can take some time, stat each file before forking, in case it has
322 been delivered in the meantime by some other means.
324 The global variables queue_run_force and queue_run_local may be set to cause
325 forced deliveries or local-only deliveries, respectively.
327 If deliver_selectstring[_sender] is not NULL, skip messages whose recipients do
328 not contain the string. As this option is typically used when a machine comes
329 back online, we want to ensure that at least one delivery attempt takes place,
330 so force the first one. The selecting string can optionally be a regex, or
331 refer to the sender instead of recipients.
333 If queue_2stage is set, the queue is scanned twice. The first time, queue_smtp
334 is set so that routing is done for all messages. Thus in the second run those
335 that are routed to the same host should go down the same SMTP connection.
338 start_id message id to start at, or NULL for all
339 stop_id message id to end at, or NULL for all
340 recurse TRUE if recursing for 2-stage run
346 queue_run(uschar *start_id, uschar *stop_id, BOOL recurse)
348 BOOL force_delivery = f.queue_run_force || deliver_selectstring != NULL ||
349 deliver_selectstring_sender != NULL;
350 const pcre *selectstring_regex = NULL;
351 const pcre *selectstring_regex_sender = NULL;
352 uschar *log_detail = NULL;
355 pid_t qpid[4] = {0}; /* Parallelism factor for q2stage 1st phase */
356 BOOL single_id = FALSE;
358 #ifdef MEASURE_TIMING
359 report_time_since(×tamp_startup, US"queue_run start");
362 /* Cancel any specific queue domains. Turn off the flag that causes SMTP
363 deliveries not to happen, unless doing a 2-stage queue run, when the SMTP flag
364 gets set. Save the queue_runner's pid and the flag that indicates any
365 deliveries run directly from this process. Deliveries that are run by handing
366 on TCP/IP channels have queue_run_pid set, but not queue_running. */
368 queue_domains = NULL;
369 queue_smtp_domains = NULL;
370 f.queue_smtp = f.queue_2stage;
372 queue_run_pid = getpid();
373 f.queue_running = TRUE;
375 /* Log the true start of a queue run, and fancy options */
382 if (f.queue_2stage) *p++ = 'q';
383 if (f.queue_run_first_delivery) *p++ = 'i';
384 if (f.queue_run_force) *p++ = 'f';
385 if (f.deliver_force_thaw) *p++ = 'f';
386 if (f.queue_run_local) *p++ = 'l';
390 p += sprintf(CS p, "pid=%d", (int)queue_run_pid);
393 p += sprintf(CS p, " -q%s", extras);
395 if (deliver_selectstring)
397 snprintf(CS p, big_buffer_size - (p - big_buffer), " -R%s %s",
398 f.deliver_selectstring_regex? "r" : "", deliver_selectstring);
402 if (deliver_selectstring_sender)
404 snprintf(CS p, big_buffer_size - (p - big_buffer), " -S%s %s",
405 f.deliver_selectstring_sender_regex? "r" : "", deliver_selectstring_sender);
409 log_detail = string_copy(big_buffer);
411 log_write(L_queue_run, LOG_MAIN, "Start '%s' queue run: %s",
412 queue_name, log_detail);
414 log_write(L_queue_run, LOG_MAIN, "Start queue run: %s", log_detail);
416 single_id = start_id && stop_id && !f.queue_2stage
417 && Ustrcmp(start_id, stop_id) == 0;
420 /* If deliver_selectstring is a regex, compile it. */
422 if (deliver_selectstring && f.deliver_selectstring_regex)
423 selectstring_regex = regex_must_compile(deliver_selectstring, TRUE, FALSE);
425 if (deliver_selectstring_sender && f.deliver_selectstring_sender_regex)
426 selectstring_regex_sender =
427 regex_must_compile(deliver_selectstring_sender, TRUE, FALSE);
429 /* If the spool is split into subdirectories, we want to process it one
430 directory at a time, so as to spread out the directory scanning and the
431 delivering when there are lots of messages involved, except when
432 queue_run_in_order is set.
434 In the random order case, this loop runs once for the main directory (handling
435 any messages therein), and then repeats for any subdirectories that were found.
436 When the first argument of queue_get_spool_list() is 0, it scans the top
437 directory, fills in subdirs, and sets subcount. The order of the directories is
438 then randomized after the first time through, before they are scanned in
439 subsequent iterations.
441 When the first argument of queue_get_spool_list() is -1 (for queue_run_in_
442 order), it scans all directories and makes a single message list. */
444 for (int i = queue_run_in_order ? -1 : 0;
445 i <= (queue_run_in_order ? -1 : subcount);
448 rmark reset_point1 = store_mark();
453 debug_printf("queue running main directory\n");
455 debug_printf("queue running combined directories\n");
457 debug_printf("queue running subdirectory '%c'\n", subdirs[i]);
460 for (queue_filename * fq = queue_get_spool_list(i, subdirs, &subcount,
461 !queue_run_in_order, NULL);
470 /* Unless deliveries are forced, if deliver_queue_load_max is non-negative,
471 check that the load average is low enough to permit deliveries. */
473 if (!f.queue_run_force && deliver_queue_load_max >= 0)
474 if ((load_average = os_getloadavg()) > deliver_queue_load_max)
476 log_write(L_queue_run, LOG_MAIN, "Abandon queue run: %s (load %.2f, max %.2f)",
478 (double)load_average/1000.0,
479 (double)deliver_queue_load_max/1000.0);
480 i = subcount; /* Don't process other directories */
484 DEBUG(D_load) debug_printf("load average = %.2f max = %.2f\n",
485 (double)load_average/1000.0,
486 (double)deliver_queue_load_max/1000.0);
488 /* If initial of a 2-phase run, maintain a set of child procs
489 to get disk parallelism */
491 if (f.queue_2stage && !queue_run_in_order)
494 if (qpid[f.running_in_test_harness ? 0 : nelem(qpid) - 1])
496 DEBUG(D_queue_run) debug_printf("q2stage waiting for child %d\n", (int)qpid[0]);
497 waitpid(qpid[0], NULL, 0);
498 DEBUG(D_queue_run) debug_printf("q2stage reaped child %d\n", (int)qpid[0]);
499 if (f.running_in_test_harness) i = 0;
500 else for (i = 0; i < nelem(qpid) - 1; i++) qpid[i] = qpid[i+1];
504 for (i = 0; qpid[i]; ) i++;
505 if ((qpid[i] = exim_fork(US"qrun-phase-one")))
506 continue; /* parent loops around */
509 /* Skip this message unless it's within the ID limits */
511 if (stop_id && Ustrncmp(fq->text, stop_id, MESSAGE_ID_LENGTH) > 0)
513 if (start_id && Ustrncmp(fq->text, start_id, MESSAGE_ID_LENGTH) < 0)
516 /* Check that the message still exists */
518 message_subdir[0] = fq->dir_uschar;
519 if (Ustat(spool_fname(US"input", message_subdir, fq->text, US""), &statbuf) < 0)
522 /* There are some tests that require the reading of the header file. Ensure
523 the store used is scavenged afterwards so that this process doesn't keep
524 growing its store. We have to read the header file again when actually
525 delivering, but it's cheaper than forking a delivery process for each
526 message when many are not going to be delivered. */
528 if (deliver_selectstring || deliver_selectstring_sender ||
529 f.queue_run_first_delivery)
532 BOOL orig_dont_deliver = f.dont_deliver;
533 rmark reset_point2 = store_mark();
535 /* Restore the original setting of dont_deliver after reading the header,
536 so that a setting for a particular message doesn't force it for any that
537 follow. If the message is chosen for delivery, the header is read again
538 in the deliver_message() function, in a subprocess. */
540 if (spool_read_header(fq->text, FALSE, TRUE) != spool_read_OK) goto go_around;
541 f.dont_deliver = orig_dont_deliver;
543 /* Now decide if we want to deliver this message. As we have read the
544 header file, we might as well do the freeze test now, and save forking
547 if (f.deliver_freeze && !f.deliver_force_thaw)
549 log_write(L_skip_delivery, LOG_MAIN, "Message is frozen");
553 /* Check first_delivery in the case when there are no message logs. */
555 else if (f.queue_run_first_delivery && !f.deliver_firsttime)
557 DEBUG(D_queue_run) debug_printf("%s: not first delivery\n", fq->text);
561 /* Check for a matching address if deliver_selectstring[_sender] is set.
562 If so, we do a fully delivery - don't want to omit other addresses since
563 their routing might trigger re-writing etc. */
565 /* Sender matching */
567 else if ( deliver_selectstring_sender
568 && !(f.deliver_selectstring_sender_regex
569 ? (pcre_exec(selectstring_regex_sender, NULL,
570 CS sender_address, Ustrlen(sender_address), 0, PCRE_EOPT,
572 : (strstric(sender_address, deliver_selectstring_sender, FALSE)
576 DEBUG(D_queue_run) debug_printf("%s: sender address did not match %s\n",
577 fq->text, deliver_selectstring_sender);
581 /* Recipient matching */
583 else if (deliver_selectstring)
586 for (i = 0; i < recipients_count; i++)
588 uschar *address = recipients_list[i].address;
589 if ( (f.deliver_selectstring_regex
590 ? (pcre_exec(selectstring_regex, NULL, CS address,
591 Ustrlen(address), 0, PCRE_EOPT, NULL, 0) >= 0)
592 : (strstric(address, deliver_selectstring, FALSE) != NULL)
594 && tree_search(tree_nonrecipients, address) == NULL
599 if (i >= recipients_count)
602 debug_printf("%s: no recipient address matched %s\n",
603 fq->text, deliver_selectstring);
608 /* Recover store used when reading the header */
610 spool_clear_header_globals();
611 store_reset(reset_point2);
612 if (!wanted) goto go_around; /* With next message */
615 /* OK, got a message we want to deliver. Create a pipe which will
616 serve as a means of detecting when all the processes created by the
617 delivery process are finished. This is relevant when the delivery
618 process passes one or more SMTP channels on to its own children. The
619 pipe gets passed down; by reading on it here we detect when the last
620 descendent dies by the unblocking of the read. It's a pity that for
621 most of the time the pipe isn't used, but creating a pipe should be
625 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "failed to create pipe in queue "
626 "runner process %d: %s", queue_run_pid, strerror(errno));
627 queue_run_pipe = pfd[pipe_write]; /* To ensure it gets passed on. */
629 /* Make sure it isn't stdin. This seems unlikely, but just to be on the
632 if (queue_run_pipe == 0)
634 queue_run_pipe = dup(queue_run_pipe);
638 /* Before forking to deliver the message, ensure any open and cached
639 lookup files or databases are closed. Otherwise, closing in the subprocess
640 can make the next subprocess have problems. There won't often be anything
641 open here, but it is possible (e.g. if spool_directory is an expanded
642 string). A single call before this loop would probably suffice, but just in
643 case expansions get inserted at some point, I've taken the heavy-handed
644 approach. When nothing is open, the call should be cheap. */
648 /* Now deliver the message; get the id by cutting the -H off the file
649 name. The return of the process is zero if a delivery was attempted. */
651 set_process_info("running queue: %s", fq->text);
652 fq->text[SPOOL_NAME_LENGTH-2] = 0;
653 #ifdef MEASURE_TIMING
654 report_time_since(×tamp_startup, US"queue msg selected");
658 if ((pid = exim_fork(US"qrun-delivery")) == 0)
661 (void)close(pfd[pipe_read]);
662 rc = deliver_message(fq->text, force_delivery, FALSE);
663 exim_underbar_exit(rc == DELIVER_NOT_ATTEMPTED
664 ? EXIT_FAILURE : EXIT_SUCCESS);
667 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "fork of delivery process from "
668 "queue runner %d failed\n", queue_run_pid);
670 /* Close the writing end of the synchronizing pipe in this process,
671 then wait for the first level process to terminate. */
673 (void)close(pfd[pipe_write]);
674 set_process_info("running queue: waiting for %s (%d)", fq->text, pid);
675 while (wait(&status) != pid);
677 /* A zero return means a delivery was attempted; turn off the force flag
678 for any subsequent calls unless queue_force is set. */
680 if (!(status & 0xffff)) force_delivery = f.queue_run_force;
682 /* If the process crashed, tell somebody */
684 else if (status & 0x00ff)
685 log_write(0, LOG_MAIN|LOG_PANIC,
686 "queue run: process %d crashed with signal %d while delivering %s",
687 (int)pid, status & 0x00ff, fq->text);
689 /* If single-item delivery was untried (likely due to locking)
690 retry once after a delay */
692 if (status & 0xff00 && single_id)
695 DEBUG(D_queue_run) debug_printf("qrun single-item pause before retry\n");
697 DEBUG(D_queue_run) debug_printf("qrun single-item retry after pause\n");
698 goto single_item_retry;
701 /* Before continuing, wait till the pipe gets closed at the far end. This
702 tells us that any children created by the delivery to re-use any SMTP
703 channels have all finished. Since no process actually writes to the pipe,
704 the mere fact that read() unblocks is enough. */
706 set_process_info("running queue: waiting for children of %d", pid);
707 if ((status = read(pfd[pipe_read], buffer, sizeof(buffer))) != 0)
708 log_write(0, LOG_MAIN|LOG_PANIC, status > 0 ?
709 "queue run: unexpected data on pipe" : "queue run: error on pipe: %s",
711 (void)close(pfd[pipe_read]);
712 set_process_info("running queue");
714 /* If initial of a 2-phase run, we are a child - so just exit */
715 if (f.queue_2stage && !queue_run_in_order)
716 exim_exit(EXIT_SUCCESS);
718 /* If we are in the test harness, and this is not the first of a 2-stage
719 queue run, update fudged queue times. */
721 if (f.running_in_test_harness && !f.queue_2stage)
723 uschar * fqtnext = Ustrchr(fudged_queue_times, '/');
724 if (fqtnext) fudged_queue_times = fqtnext + 1;
731 /* If initial of a 2-phase run, we are a child - so just exit */
732 if (f.queue_2stage && !queue_run_in_order)
733 exim_exit(EXIT_SUCCESS);
734 } /* End loop for list of messages */
736 tree_nonrecipients = NULL;
737 store_reset(reset_point1); /* Scavenge list of messages */
739 /* If this was the first time through for random order processing, and
740 sub-directories have been found, randomize their order if necessary. */
742 if (i == 0 && subcount > 1 && !queue_run_in_order)
743 for (int j = 1; j <= subcount; j++)
746 if ((r = random_number(100)) >= 50)
748 int k = (r % subcount) + 1;
750 subdirs[j] = subdirs[k];
754 } /* End loop for multiple directories */
756 /* If queue_2stage is true, we do it all again, with the 2stage flag
762 /* wait for last children */
763 for (int i = 0; i < nelem(qpid); i++)
766 DEBUG(D_queue_run) debug_printf("q2stage reaped child %d\n", (int)qpid[i]);
767 waitpid(qpid[i], NULL, 0);
771 #ifdef MEASURE_TIMING
772 report_time_since(×tamp_startup, US"queue_run 1st phase done");
774 f.queue_2stage = FALSE;
775 queue_run(start_id, stop_id, TRUE);
778 /* At top level, log the end of the run. */
782 log_write(L_queue_run, LOG_MAIN, "End '%s' queue run: %s",
783 queue_name, log_detail);
785 log_write(L_queue_run, LOG_MAIN, "End queue run: %s", log_detail);
791 /************************************************
792 * Count messages on the queue *
793 ************************************************/
795 /* Called as a result of -bpc
808 (void) queue_get_spool_list(-1, /* entire queue */
809 subdirs, /* for holding sub list */
810 &subcount, /* for subcount */
811 FALSE, /* not random */
812 &count); /* just get the count */
817 #define QUEUE_SIZE_AGE 60 /* update rate for queue_size */
820 queue_count_cached(void)
823 if ((now = time(NULL)) >= queue_size_next)
825 queue_size = queue_count();
826 queue_size_next = now + (f.running_in_test_harness ? 3 : QUEUE_SIZE_AGE);
831 /************************************************
832 * List extra deliveries *
833 ************************************************/
835 /* This is called from queue_list below to print out all addresses that
836 have received a message but which were not primary addresses. That is, all
837 the addresses in the tree of non-recipients that are not primary addresses.
838 The tree has been scanned and the data field filled in for those that are
841 Argument: points to the tree node
846 queue_list_extras(tree_node *p)
848 if (p->left) queue_list_extras(p->left);
849 if (!p->data.val) printf(" +D %s\n", p->name);
850 if (p->right) queue_list_extras(p->right);
855 /************************************************
856 * List messages on the queue *
857 ************************************************/
859 /* Or a given list of messages. In the "all" case, we get a list of file names
860 as quickly as possible, then scan each one for information to output. If any
861 disappear while we are processing, just leave them out, but give an error if an
862 explicit list was given. This function is a top-level function that is obeyed
863 as a result of the -bp argument. As there may be a lot of messages on the
864 queue, we must tidy up the store after reading the headers for each one.
867 option 0 => list top-level recipients, with "D" for those delivered
868 1 => list only undelivered top-level recipients
869 2 => as 0, plus any generated delivered recipients
870 If 8 is added to any of these values, the queue is listed in
872 list => first of any message ids to list
873 count count of message ids; 0 => all
879 queue_list(int option, uschar **list, int count)
882 int now = (int)time(NULL);
884 queue_filename * qf = NULL;
887 /* If given a list of messages, build a chain containing their ids. */
891 queue_filename *last = NULL;
892 for (int i = 0; i < count; i++)
894 queue_filename *next =
895 store_get(sizeof(queue_filename) + Ustrlen(list[i]) + 2, is_tainted(list[i]));
896 sprintf(CS next->text, "%s-H", list[i]);
897 next->dir_uschar = '*';
899 if (i == 0) qf = next; else last->next = next;
904 /* Otherwise get a list of the entire queue, in order if necessary. */
907 qf = queue_get_spool_list(
908 -1, /* entire queue */
909 subdirs, /* for holding sub list */
910 &subcount, /* for subcount */
911 option >= 8, /* randomize if required */
912 NULL); /* don't just count */
914 if (option >= 8) option -= 8;
916 /* Now scan the chain and print information, resetting store used
920 qf && (reset_point = store_mark());
921 spool_clear_header_globals(), store_reset(reset_point), qf = qf->next
929 message_subdir[0] = qf->dir_uschar;
930 rc = spool_read_header(qf->text, FALSE, count <= 0);
931 if (rc == spool_read_notopen && errno == ENOENT && count <= 0)
935 env_read = (rc == spool_read_OK || rc == spool_read_hdrerror);
942 uschar * fname = spool_fname(US"input", message_subdir, qf->text, US"");
944 ptr = Ustrlen(fname)-1;
947 /* Add the data size to the header size; don't count the file name
948 at the start of the data file, but add one for the notional blank line
949 that precedes the data. */
951 if (Ustat(fname, &statbuf) == 0)
952 size = message_size + statbuf.st_size - SPOOL_DATA_START_OFFSET + 1;
953 i = (now - received_time.tv_sec)/60; /* minutes on queue */
957 if (i > 72) printf("%2dd ", (i + 12)/24); else printf("%2dh ", i);
959 else printf("%2dm ", i);
961 /* Collect delivered addresses from any J file */
964 if ((jread = Ufopen(fname, "rb")))
966 while (Ufgets(big_buffer, big_buffer_size, jread) != NULL)
968 int n = Ustrlen(big_buffer);
970 tree_add_nonrecipient(big_buffer);
976 fprintf(stdout, "%s ", string_format_size(size, big_buffer));
977 for (int i = 0; i < 16; i++) fputc(qf->text[i], stdout);
979 if (env_read && sender_address)
981 printf(" <%s>", sender_address);
982 if (f.sender_set_untrusted) printf(" (%s)", originator_login);
985 if (rc != spool_read_OK)
988 if (save_errno == ERRNO_SPOOLFORMAT)
991 uschar * fname = spool_fname(US"input", message_subdir, qf->text, US"");
993 if (Ustat(fname, &statbuf) == 0)
994 printf("*** spool format error: size=" OFF_T_FMT " ***",
996 else printf("*** spool format error ***");
998 else printf("*** spool read error: %s ***", strerror(save_errno));
999 if (rc != spool_read_hdrerror)
1006 if (f.deliver_freeze) printf(" *** frozen ***");
1010 if (recipients_list)
1012 for (int i = 0; i < recipients_count; i++)
1014 tree_node *delivered =
1015 tree_search(tree_nonrecipients, recipients_list[i].address);
1016 if (!delivered || option != 1)
1018 delivered ? "D" : " ", recipients_list[i].address);
1019 if (delivered) delivered->data.val = TRUE;
1021 if (option == 2 && tree_nonrecipients)
1022 queue_list_extras(tree_nonrecipients);
1030 /*************************************************
1031 * Act on a specific message *
1032 *************************************************/
1034 /* Actions that require a list of addresses make use of argv/argc/
1035 recipients_arg. Other actions do not. This function does its own
1039 id id of the message to work on
1040 action which action is required (MSG_xxx)
1041 argv the original argv for Exim
1042 argc the original argc for Exim
1043 recipients_arg offset to the list of recipients in argv
1045 Returns: FALSE if there was any problem
1049 queue_action(uschar *id, int action, uschar **argv, int argc, int recipients_arg)
1052 BOOL removed = FALSE;
1054 uschar *doing = NULL;
1057 uschar spoolname[32];
1059 /* Set the global message_id variable, used when re-writing spool files. This
1060 also causes message ids to be added to log messages. */
1062 Ustrcpy(message_id, id);
1064 /* The "actions" that just list the files do not require any locking to be
1065 done. Only admin users may read the spool files. */
1067 if (action >= MSG_SHOW_BODY)
1070 uschar *subdirectory, *suffix;
1074 printf("Permission denied\n");
1078 if (recipients_arg < argc)
1080 printf("*** Only one message can be listed at once\n");
1084 if (action == MSG_SHOW_BODY)
1086 subdirectory = US"input";
1089 else if (action == MSG_SHOW_HEADER)
1091 subdirectory = US"input";
1096 subdirectory = US"msglog";
1100 for (int i = 0; i < 2; i++)
1102 set_subdir_str(message_subdir, id, i);
1103 if ((fd = Uopen(spool_fname(subdirectory, message_subdir, id, suffix),
1109 printf("Failed to open %s file for %s%s: %s\n", subdirectory, id, suffix,
1111 if (action == MSG_SHOW_LOG && !message_logs)
1112 printf("(No message logs are being created because the message_logs "
1113 "option is false.)\n");
1117 while((rc = read(fd, big_buffer, big_buffer_size)) > 0)
1118 rc = write(fileno(stdout), big_buffer, rc);
1124 /* For actions that actually act, open and lock the data file to ensure that no
1125 other process is working on this message. If the file does not exist, continue
1126 only if the action is remove and the user is an admin user, to allow for
1127 tidying up broken states. */
1129 if ((deliver_datafile = spool_open_datafile(id)) < 0)
1130 if (errno == ENOENT)
1133 printf("Spool data file for %s does not exist\n", id);
1134 if (action != MSG_REMOVE || !f.admin_user) return FALSE;
1135 printf("Continuing, to ensure all files removed\n");
1139 if (errno == 0) printf("Message %s is locked\n", id);
1140 else printf("Couldn't open spool file for %s: %s\n", id,
1145 /* Read the spool header file for the message. Again, continue after an
1146 error only in the case of deleting by an administrator. Setting the third
1147 argument false causes it to look both in the main spool directory and in
1148 the appropriate subdirectory, and set message_subdir according to where it
1149 found the message. */
1151 sprintf(CS spoolname, "%s-H", id);
1152 if (spool_read_header(spoolname, TRUE, FALSE) != spool_read_OK)
1155 if (errno != ERRNO_SPOOLFORMAT)
1156 printf("Spool read error for %s: %s\n", spoolname, strerror(errno));
1158 printf("Spool format error for %s\n", spoolname);
1159 if (action != MSG_REMOVE || !f.admin_user)
1161 (void)close(deliver_datafile);
1162 deliver_datafile = -1;
1165 printf("Continuing to ensure all files removed\n");
1168 /* Check that the user running this process is entitled to operate on this
1169 message. Only admin users may freeze/thaw, add/cancel recipients, or otherwise
1170 mess about, but the original sender is permitted to remove a message. That's
1171 why we leave this check until after the headers are read. */
1173 if (!f.admin_user && (action != MSG_REMOVE || real_uid != originator_uid))
1175 printf("Permission denied\n");
1176 (void)close(deliver_datafile);
1177 deliver_datafile = -1;
1181 /* Set up the user name for logging. */
1183 pw = getpwuid(real_uid);
1184 username = (pw != NULL)?
1185 US pw->pw_name : string_sprintf("uid %ld", (long int)real_uid);
1187 /* Take the necessary action. */
1189 if (action != MSG_SHOW_COPY) printf("Message %s ", id);
1195 transport_ctx tctx = {{0}};
1196 deliver_in_buffer = store_malloc(DELIVER_IN_BUFFER_SIZE);
1197 deliver_out_buffer = store_malloc(DELIVER_OUT_BUFFER_SIZE);
1199 (void) transport_write_message(&tctx, 0);
1205 if (f.deliver_freeze)
1208 printf("is already frozen\n");
1212 f.deliver_freeze = TRUE;
1213 f.deliver_manual_thaw = FALSE;
1214 deliver_frozen_at = time(NULL);
1215 if (spool_write_header(id, SW_MODIFYING, &errmsg) >= 0)
1217 printf("is now frozen\n");
1218 log_write(0, LOG_MAIN, "frozen by %s", username);
1223 printf("could not be frozen: %s\n", errmsg);
1230 if (!f.deliver_freeze)
1233 printf("is not frozen\n");
1237 f.deliver_freeze = FALSE;
1238 f.deliver_manual_thaw = TRUE;
1239 if (spool_write_header(id, SW_MODIFYING, &errmsg) >= 0)
1241 printf("is no longer frozen\n");
1242 log_write(0, LOG_MAIN, "unfrozen by %s", username);
1247 printf("could not be unfrozen: %s\n", errmsg);
1253 /* We must ensure all files are removed from both the input directory
1254 and the appropriate subdirectory, to clean up cases when there are odd
1255 files left lying around in odd places. In the normal case message_subdir
1256 will have been set correctly by spool_read_header, but as this is a rare
1257 operation, just run everything twice. */
1265 message_subdir[0] = id[5];
1267 for (int j = 0; j < 2; message_subdir[0] = 0, j++)
1269 uschar * fname = spool_fname(US"msglog", message_subdir, id, US"");
1271 DEBUG(D_any) debug_printf(" removing %s", fname);
1272 if (Uunlink(fname) < 0)
1274 if (errno != ENOENT)
1277 printf("Error while removing %s: %s\n", fname, strerror(errno));
1279 else DEBUG(D_any) debug_printf(" (no file)\n");
1284 DEBUG(D_any) debug_printf(" (ok)\n");
1287 for (int i = 0; i < 3; i++)
1291 suffix[1] = (US"DHJ")[i];
1292 fname = spool_fname(US"input", message_subdir, id, suffix);
1294 DEBUG(D_any) debug_printf(" removing %s", fname);
1295 if (Uunlink(fname) < 0)
1297 if (errno != ENOENT)
1300 printf("Error while removing %s: %s\n", fname, strerror(errno));
1302 else DEBUG(D_any) debug_printf(" (no file)\n");
1307 DEBUG(D_any) debug_printf(" (done)\n");
1312 /* In the common case, the datafile is open (and locked), so give the
1313 obvious message. Otherwise be more specific. */
1315 if (deliver_datafile >= 0) printf("has been removed\n");
1316 else printf("has been removed or did not exist\n");
1319 #ifndef DISABLE_EVENT
1320 if (event_action) for (int i = 0; i < recipients_count; i++)
1322 tree_node *delivered =
1323 tree_search(tree_nonrecipients, recipients_list[i].address);
1326 uschar * save_local = deliver_localpart;
1327 const uschar * save_domain = deliver_domain;
1328 uschar * addr = recipients_list[i].address, * errmsg = NULL;
1329 int start, end, dom;
1331 if (!parse_extract_address(addr, &errmsg, &start, &end, &dom, TRUE))
1332 log_write(0, LOG_MAIN|LOG_PANIC,
1333 "failed to parse address '%.100s'\n: %s", addr, errmsg);
1337 string_copyn(addr+start, dom ? (dom-1) - start : end - start);
1338 deliver_domain = dom
1339 ? CUS string_copyn(addr+dom, end - dom) : CUS"";
1341 event_raise(event_action, US"msg:fail:internal",
1342 string_sprintf("message removed by %s", username));
1344 deliver_localpart = save_local;
1345 deliver_domain = save_domain;
1349 (void) event_raise(event_action, US"msg:complete", NULL);
1351 log_write(0, LOG_MAIN, "removed by %s", username);
1352 log_write(0, LOG_MAIN, "Completed");
1359 /* The global "queue_name_dest" is used as destination, "queue_name"
1362 spool_move_message(id, message_subdir, US"", US"");
1366 case MSG_MARK_ALL_DELIVERED:
1367 for (int i = 0; i < recipients_count; i++)
1368 tree_add_nonrecipient(recipients_list[i].address);
1370 if (spool_write_header(id, SW_MODIFYING, &errmsg) >= 0)
1372 printf("has been modified\n");
1373 for (int i = 0; i < recipients_count; i++)
1374 log_write(0, LOG_MAIN, "address <%s> marked delivered by %s",
1375 recipients_list[i].address, username);
1380 printf("- could not mark all delivered: %s\n", errmsg);
1385 case MSG_EDIT_SENDER:
1386 if (recipients_arg < argc - 1)
1389 printf("- only one sender address can be specified\n");
1392 doing = US"editing sender";
1395 case MSG_ADD_RECIPIENT:
1396 if (doing == NULL) doing = US"adding recipient";
1399 case MSG_MARK_DELIVERED:
1400 if (doing == NULL) doing = US"marking as delivered";
1402 /* Common code for EDIT_SENDER, ADD_RECIPIENT, & MARK_DELIVERED */
1404 if (recipients_arg >= argc)
1407 printf("- error while %s: no address given\n", doing);
1411 for (; recipients_arg < argc; recipients_arg++)
1413 int start, end, domain;
1416 parse_extract_address(argv[recipients_arg], &errmess, &start, &end,
1417 &domain, (action == MSG_EDIT_SENDER));
1422 printf("- error while %s:\n bad address %s: %s\n",
1423 doing, argv[recipients_arg], errmess);
1425 else if (*recipient && domain == 0)
1428 printf("- error while %s:\n bad address %s: "
1429 "domain missing\n", doing, argv[recipients_arg]);
1433 if (action == MSG_ADD_RECIPIENT)
1436 if (string_is_utf8(recipient)) allow_utf8_domains = message_smtputf8 = TRUE;
1438 receive_add_recipient(recipient, -1);
1439 log_write(0, LOG_MAIN, "recipient <%s> added by %s",
1440 recipient, username);
1442 else if (action == MSG_MARK_DELIVERED)
1445 for (i = 0; i < recipients_count; i++)
1446 if (Ustrcmp(recipients_list[i].address, recipient) == 0) break;
1447 if (i >= recipients_count)
1449 printf("- error while %s:\n %s is not a recipient:"
1450 " message not updated\n", doing, recipient);
1455 tree_add_nonrecipient(recipients_list[i].address);
1456 log_write(0, LOG_MAIN, "address <%s> marked delivered by %s",
1457 recipient, username);
1460 else /* MSG_EDIT_SENDER */
1463 if (string_is_utf8(recipient)) allow_utf8_domains = message_smtputf8 = TRUE;
1465 sender_address = recipient;
1466 log_write(0, LOG_MAIN, "sender address changed to <%s> by %s",
1467 recipient, username);
1473 if (spool_write_header(id, SW_MODIFYING, &errmsg) >= 0)
1474 printf("has been modified\n");
1478 printf("- while %s: %s\n", doing, errmsg);
1484 /* Closing the datafile releases the lock and permits other processes
1485 to operate on the message (if it still exists). */
1487 if (deliver_datafile >= 0)
1489 (void)close(deliver_datafile);
1490 deliver_datafile = -1;
1497 /*************************************************
1498 * Check the queue_only_file condition *
1499 *************************************************/
1501 /* The queue_only_file option forces certain kinds of queueing if a given file
1509 queue_check_only(void)
1512 struct stat statbuf;
1513 const uschar * s = queue_only_file;
1517 while ((ss = string_nextinlist(&s, &sep, NULL, 0)))
1518 if (Ustrncmp(ss, "smtp", 4) == 0)
1521 if (Ustat(ss, &statbuf) == 0)
1523 f.queue_smtp = TRUE;
1524 DEBUG(D_receive) debug_printf("queue_smtp set because %s exists\n", ss);
1528 if (Ustat(ss, &statbuf) == 0)
1531 DEBUG(D_receive) debug_printf("queue_only set because %s exists\n", ss);
1537 /******************************************************************************/
1538 /******************************************************************************/
1540 #ifdef EXPERIMENTAL_QUEUE_RAMP
1542 queue_notify_daemon(const uschar * msgid)
1544 uschar buf[MESSAGE_ID_LENGTH + 2];
1547 DEBUG(D_queue_run) debug_printf("%s: %s\n", __FUNCTION__, msgid);
1549 buf[0] = NOTIFY_MSG_QRUN;
1550 memcpy(buf+1, msgid, MESSAGE_ID_LENGTH+1);
1552 if ((fd = socket(AF_UNIX, SOCK_DGRAM, 0)) >= 0)
1554 struct sockaddr_un sa_un = {.sun_family = AF_UNIX};
1556 #ifdef EXIM_HAVE_ABSTRACT_UNIX_SOCKETS
1557 int len = offsetof(struct sockaddr_un, sun_path) + 1
1558 + snprintf(sa_un.sun_path+1, sizeof(sa_un.sun_path)-1, "%s",
1559 expand_string(notifier_socket));
1560 sa_un.sun_path[0] = 0;
1562 int len = offsetof(struct sockaddr_un, sun_path)
1563 + snprintf(sa_un.sun_path, sizeof(sa_un.sun_path), "%s",
1564 expand_string(notifier_socket));
1567 if (sendto(fd, buf, sizeof(buf), 0, (struct sockaddr *)&sa_un, len) < 0)
1569 debug_printf("%s: sendto %s\n", __FUNCTION__, strerror(errno));
1572 else DEBUG(D_queue_run) debug_printf(" socket: %s\n", strerror(errno));
1576 #endif /*!COMPILE_UTILITY*/
1578 /* End of queue.c */