1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) University of Cambridge 1995 - 2018 */
6 /* Copyright (c) The Exim Maintainers 2020 - 2022 */
7 /* See the file NOTICE for conditions of use and distribution. */
9 /* This header file contains macro definitions so that a variety of DBM
10 libraries can be used by Exim. Nigel Metheringham provided the original set for
11 Berkeley DB 1.x in native mode and ndbm. Subsequently, versions for Berkeley DB
12 2.x and 3.x were added. Later still, support for tdb was added, courtesy of
13 James Antill. Most recently, support for native mode gdbm was added, with code
14 from Pierre A. Humblet, so Exim could be made to work with Cygwin.
16 For convenience, the definitions of the structures used in the various hints
17 databases are also kept in this file, which is used by the maintenance
18 utilities as well as the main Exim binary. */
23 /* ************************* tdb interface ************************ */
28 # define EXIM_DB TDB_CONTEXT
30 /* Cursor type: tdb uses the previous "key" in _nextkey() (really it wants
31 tdb_traverse to be called) */
32 # define EXIM_CURSOR TDB_DATA
34 /* The datum type used for queries */
35 # define EXIM_DATUM TDB_DATA
37 /* Some text for messages */
38 # define EXIM_DBTYPE "tdb"
40 /* Access functions */
42 /* EXIM_DBOPEN - sets *dbpp to point to an EXIM_DB, NULL if failed */
43 # define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \
44 *(dbpp) = tdb_open(CS name, 0, TDB_DEFAULT, flags, mode)
46 /* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */
47 # define EXIM_DBGET(db, key, data) \
48 (data = tdb_fetch(db, key), data.dptr != NULL)
50 /* EXIM_DBPUT - returns nothing useful, assumes replace mode */
51 # define EXIM_DBPUT(db, key, data) \
52 tdb_store(db, key, data, TDB_REPLACE)
54 /* EXIM_DBPUTB - non-overwriting for use by dbmbuild */
55 # define EXIM_DBPUTB(db, key, data) \
56 tdb_store(db, key, data, TDB_INSERT)
58 /* Returns from EXIM_DBPUTB */
60 # define EXIM_DBPUTB_OK 0
61 # define EXIM_DBPUTB_DUP (-1)
64 # define EXIM_DBDEL(db, key) tdb_delete(db, key)
66 /* EXIM_DBCREATE_CURSOR - initialize for scanning operation */
67 # define EXIM_DBCREATE_CURSOR(db, cursor) { \
68 *(cursor) = store_malloc(sizeof(TDB_DATA)); (*(cursor))->dptr = NULL; }
70 /* EXIM_DBSCAN - This is complicated because we have to free the last datum
71 free() must not die when passed NULL */
72 # define EXIM_DBSCAN(db, key, data, first, cursor) \
73 (key = (first ? tdb_firstkey(db) : tdb_nextkey(db, *(cursor))), \
74 free((cursor)->dptr), *(cursor) = key, \
77 /* EXIM_DBDELETE_CURSOR - terminate scanning operation. */
78 # define EXIM_DBDELETE_CURSOR(cursor) store_free(cursor)
81 # define EXIM_DBCLOSE__(db) tdb_close(db)
83 /* Datum access types - these are intended to be assignable */
85 # define EXIM_DATUM_SIZE(datum) (datum).dsize
86 # define EXIM_DATUM_DATA(datum) (datum).dptr
88 /* Free the stuff inside the datum. */
90 # define EXIM_DATUM_FREE(datum) (free((datum).dptr), (datum).dptr = NULL)
92 /* No initialization is needed. */
94 # define EXIM_DATUM_INIT(datum)
98 # define EXIM_DB_RLIMIT 150
105 /********************* Berkeley db native definitions **********************/
112 /* We can distinguish between versions 1.x and 2.x/3.x by looking for a
113 definition of DB_VERSION_STRING, which is present in versions 2.x onwards. */
115 # ifdef DB_VERSION_STRING
117 # if DB_VERSION_MAJOR >= 6
118 # error Version 6 and later BDB API is not supported
121 /* The API changed (again!) between the 2.x and 3.x versions */
123 # if DB_VERSION_MAJOR >= 3
125 /***************** Berkeley db 3.x/4.x native definitions ******************/
128 # if DB_VERSION_MAJOR > 4 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1)
129 # define EXIM_DB DB_ENV
130 /* Cursor type, for scanning */
131 # define EXIM_CURSOR DBC
133 /* The datum type used for queries */
134 # define EXIM_DATUM DBT
136 /* Some text for messages */
137 # define EXIM_DBTYPE "db (v4.1+)"
139 /* Only more-recent versions. 5+ ? */
140 # ifndef DB_FORCESYNC
141 # define DB_FORCESYNC 0
145 /* Access functions */
147 /* EXIM_DBOPEN - sets *dbpp to point to an EXIM_DB, NULL if failed. The
148 API changed for DB 4.1. - and we also starting using the "env" with a
149 specified working dir, to avoid the DBCONFIG file trap. */
151 # define ENV_TO_DB(env) ((DB *)((env)->app_private))
153 # define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \
154 if ( db_env_create(dbpp, 0) != 0 \
155 || ((*dbpp)->set_errcall(*dbpp, dbfn_bdb_error_callback), 0) \
156 || (*dbpp)->open(*dbpp, CS dirname, DB_CREATE|DB_INIT_MPOOL|DB_PRIVATE, 0) != 0\
159 else if (db_create((DB **) &((*dbpp)->app_private), *dbpp, 0) != 0) \
161 ((DB_ENV *)(*dbpp))->close((DB_ENV *)(*dbpp), 0); \
164 else if (ENV_TO_DB(*dbpp)->open(ENV_TO_DB(*dbpp), NULL, CS name, NULL, \
165 (flags) == O_RDONLY ? DB_UNKNOWN : DB_HASH, \
166 (flags) == O_RDONLY ? DB_RDONLY : DB_CREATE, \
170 ENV_TO_DB(*dbpp)->close(ENV_TO_DB(*dbpp), 0); \
171 ((DB_ENV *)(*dbpp))->close((DB_ENV *)(*dbpp), 0); \
175 /* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */
176 # define EXIM_DBGET(db, key, data) \
177 (ENV_TO_DB(db)->get(ENV_TO_DB(db), NULL, &key, &data, 0) == 0)
179 /* EXIM_DBPUT - returns nothing useful, assumes replace mode */
180 # define EXIM_DBPUT(db, key, data) \
181 ENV_TO_DB(db)->put(ENV_TO_DB(db), NULL, &key, &data, 0)
183 /* EXIM_DBPUTB - non-overwriting for use by dbmbuild */
184 # define EXIM_DBPUTB(db, key, data) \
185 ENV_TO_DB(db)->put(ENV_TO_DB(db), NULL, &key, &data, DB_NOOVERWRITE)
187 /* Return values from EXIM_DBPUTB */
189 # define EXIM_DBPUTB_OK 0
190 # define EXIM_DBPUTB_DUP DB_KEYEXIST
193 # define EXIM_DBDEL(db, key) ENV_TO_DB(db)->del(ENV_TO_DB(db), NULL, &key, 0)
195 /* EXIM_DBCREATE_CURSOR - initialize for scanning operation */
197 # define EXIM_DBCREATE_CURSOR(db, cursor) \
198 ENV_TO_DB(db)->cursor(ENV_TO_DB(db), NULL, cursor, 0)
200 /* EXIM_DBSCAN - returns TRUE if data is returned, FALSE at end */
201 # define EXIM_DBSCAN(db, key, data, first, cursor) \
202 ((cursor)->c_get(cursor, &key, &data, \
203 (first? DB_FIRST : DB_NEXT)) == 0)
205 /* EXIM_DBDELETE_CURSOR - terminate scanning operation */
206 # define EXIM_DBDELETE_CURSOR(cursor) \
207 (cursor)->c_close(cursor)
210 # define EXIM_DBCLOSE__(db) \
211 (ENV_TO_DB(db)->close(ENV_TO_DB(db), 0) , ((DB_ENV *)(db))->close((DB_ENV *)(db), DB_FORCESYNC))
213 /* Datum access types - these are intended to be assignable. */
215 # define EXIM_DATUM_SIZE(datum) (datum).size
216 # define EXIM_DATUM_DATA(datum) (datum).data
218 /* The whole datum structure contains other fields that must be cleared
219 before use, but we don't have to free anything after reading data. */
221 # define EXIM_DATUM_INIT(datum) memset(&datum, 0, sizeof(datum))
222 # define EXIM_DATUM_FREE(datum)
224 # else /* pre- 4.1 */
228 /* Cursor type, for scanning */
229 # define EXIM_CURSOR DBC
231 /* The datum type used for queries */
232 # define EXIM_DATUM DBT
234 /* Some text for messages */
235 # define EXIM_DBTYPE "db (v3/4)"
237 /* Access functions */
239 /* EXIM_DBOPEN - sets *dbpp to point to an EXIM_DB, NULL if failed. */
241 # define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \
242 if (db_create(dbpp, NULL, 0) != 0 || \
243 ((*dbpp)->set_errcall(*dbpp, dbfn_bdb_error_callback), \
244 ((*dbpp)->open)(*dbpp, CS name, NULL, \
245 ((flags) == O_RDONLY)? DB_UNKNOWN : DB_HASH, \
246 ((flags) == O_RDONLY)? DB_RDONLY : DB_CREATE, \
247 mode)) != 0) *(dbpp) = NULL
249 /* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */
250 # define EXIM_DBGET(db, key, data) \
251 ((db)->get(db, NULL, &key, &data, 0) == 0)
253 /* EXIM_DBPUT - returns nothing useful, assumes replace mode */
254 # define EXIM_DBPUT(db, key, data) \
255 (db)->put(db, NULL, &key, &data, 0)
257 /* EXIM_DBPUTB - non-overwriting for use by dbmbuild */
258 # define EXIM_DBPUTB(db, key, data) \
259 (db)->put(db, NULL, &key, &data, DB_NOOVERWRITE)
261 /* Return values from EXIM_DBPUTB */
263 # define EXIM_DBPUTB_OK 0
264 # define EXIM_DBPUTB_DUP DB_KEYEXIST
267 # define EXIM_DBDEL(db, key) (db)->del(db, NULL, &key, 0)
269 /* EXIM_DBCREATE_CURSOR - initialize for scanning operation */
271 # define EXIM_DBCREATE_CURSOR(db, cursor) \
272 (db)->cursor(db, NULL, cursor, 0)
274 /* EXIM_DBSCAN - returns TRUE if data is returned, FALSE at end */
275 # define EXIM_DBSCAN(db, key, data, first, cursor) \
276 ((cursor)->c_get(cursor, &key, &data, \
277 (first? DB_FIRST : DB_NEXT)) == 0)
279 /* EXIM_DBDELETE_CURSOR - terminate scanning operation */
280 # define EXIM_DBDELETE_CURSOR(cursor) \
281 (cursor)->c_close(cursor)
284 # define EXIM_DBCLOSE__(db) (db)->close(db, 0)
286 /* Datum access types - these are intended to be assignable. */
288 # define EXIM_DATUM_SIZE(datum) (datum).size
289 # define EXIM_DATUM_DATA(datum) (datum).data
291 /* The whole datum structure contains other fields that must be cleared
292 before use, but we don't have to free anything after reading data. */
294 # define EXIM_DATUM_INIT(datum) memset(&datum, 0, sizeof(datum))
295 # define EXIM_DATUM_FREE(datum)
300 # else /* DB_VERSION_MAJOR >= 3 */
301 # error Berkeley DB versions earlier than 3 are not supported */
302 # endif /* DB_VERSION_MAJOR */
303 # endif /* DB_VERSION_STRING */
306 /* all BDB versions */
309 # define EXIM_DB_RLIMIT 150
316 /********************* gdbm interface definitions **********************/
318 #elif defined USE_GDBM
324 GDBM_FILE gdbm; /* Database */
325 datum lkey; /* Last key, for scans */
328 #define EXIM_DB gdbm_db
330 /* Cursor type, not used with gdbm: just set up a dummy */
331 # define EXIM_CURSOR int
333 /* The datum type used for queries */
334 # define EXIM_DATUM datum
336 /* Some text for messages */
338 # define EXIM_DBTYPE "gdbm"
340 /* Access functions */
342 /* EXIM_DBOPEN - returns a EXIM_DB *, NULL if failed */
343 # define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \
344 { EXIM_DB * dbp = malloc(sizeof(EXIM_DB));\
346 dbp->lkey.dptr = NULL;\
347 dbp->gdbm = gdbm_open(CS name, 0, (((flags) & O_CREAT))?GDBM_WRCREAT:(((flags) & (O_RDWR|O_WRONLY))?GDBM_WRITER:GDBM_READER), (mode), 0);\
356 /* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */
357 # define EXIM_DBGET(db, key, data) \
358 (data = gdbm_fetch(db->gdbm, key), data.dptr != NULL)
360 /* EXIM_DBPUT - returns nothing useful, assumes replace mode */
361 # define EXIM_DBPUT(db, key, data) \
362 gdbm_store(db->gdbm, key, data, GDBM_REPLACE)
364 /* EXIM_DBPUTB - non-overwriting for use by dbmbuild */
365 # define EXIM_DBPUTB(db, key, data) \
366 gdbm_store(db->gdbm, key, data, GDBM_INSERT)
368 /* Returns from EXIM_DBPUTB */
370 # define EXIM_DBPUTB_OK 0
371 # define EXIM_DBPUTB_DUP 1
374 # define EXIM_DBDEL(db, key) gdbm_delete(db->gdbm, key)
376 /* EXIM_DBCREATE_CURSOR - initialize for scanning operation (null) */
377 # define EXIM_DBCREATE_CURSOR(db, cursor) {}
380 # define EXIM_DBSCAN(db, key, data, first, cursor) \
381 ( key = ((first)? gdbm_firstkey(db->gdbm) : gdbm_nextkey(db->gdbm, db->lkey)), \
382 (((db)->lkey.dptr != NULL)? (free((db)->lkey.dptr),1) : 1),\
383 db->lkey = key, key.dptr != NULL)
385 /* EXIM_DBDELETE_CURSOR - terminate scanning operation (null). */
386 # define EXIM_DBDELETE_CURSOR(cursor) { }
389 # define EXIM_DBCLOSE__(db) \
390 { gdbm_close((db)->gdbm);\
391 if ((db)->lkey.dptr != NULL) free((db)->lkey.dptr);\
394 /* Datum access types - these are intended to be assignable */
396 # define EXIM_DATUM_SIZE(datum) (datum).dsize
397 # define EXIM_DATUM_DATA(datum) (datum).dptr
399 /* There's no clearing required before use, but we have to free the dptr
400 after reading data. */
402 # define EXIM_DATUM_INIT(datum)
403 # define EXIM_DATUM_FREE(datum) free(datum.dptr)
407 # define EXIM_DB_RLIMIT 150
416 /* If none of USE_DB, USG_GDBM, or USE_TDB are set, the default is the NDBM
420 /********************* ndbm interface definitions **********************/
427 /* Cursor type, not used with ndbm: just set up a dummy */
428 # define EXIM_CURSOR int
430 /* The datum type used for queries */
431 # define EXIM_DATUM datum
433 /* Some text for messages */
435 # define EXIM_DBTYPE "ndbm"
437 /* Access functions */
439 /* EXIM_DBOPEN - returns a EXIM_DB *, NULL if failed */
440 /* Check that the name given is not present. This catches
441 a directory name; otherwise we would create the name.pag and
442 name.dir files in the directory's parent. */
444 # define EXIM_DBOPEN__(name, dirname, flags, mode, dbpp) \
447 *(dbpp) = !(flags & O_CREAT) \
448 || lstat(CCS (name), &st) != 0 && errno == ENOENT \
449 ? dbm_open(CS (name), (flags), (mode)) \
450 : (errno = (st.st_mode & S_IFMT) == S_IFDIR ? EISDIR : EEXIST, \
454 /* EXIM_DBGET - returns TRUE if successful, FALSE otherwise */
455 # define EXIM_DBGET(db, key, data) \
456 (data = dbm_fetch(db, key), data.dptr != NULL)
458 /* EXIM_DBPUT - returns nothing useful, assumes replace mode */
459 # define EXIM_DBPUT(db, key, data) \
460 dbm_store(db, key, data, DBM_REPLACE)
462 /* EXIM_DBPUTB - non-overwriting for use by dbmbuild */
463 # define EXIM_DBPUTB(db, key, data) \
464 dbm_store(db, key, data, DBM_INSERT)
466 /* Returns from EXIM_DBPUTB */
468 # define EXIM_DBPUTB_OK 0
469 # define EXIM_DBPUTB_DUP 1
472 # define EXIM_DBDEL(db, key) dbm_delete(db, key)
474 /* EXIM_DBCREATE_CURSOR - initialize for scanning operation (null) */
475 # define EXIM_DBCREATE_CURSOR(db, cursor) {}
478 # define EXIM_DBSCAN(db, key, data, first, cursor) \
479 (key = (first? dbm_firstkey(db) : dbm_nextkey(db)), key.dptr != NULL)
481 /* EXIM_DBDELETE_CURSOR - terminate scanning operation (null). */
482 # define EXIM_DBDELETE_CURSOR(cursor) { }
485 # define EXIM_DBCLOSE__(db) dbm_close(db)
487 /* Datum access types - these are intended to be assignable */
489 # define EXIM_DATUM_SIZE(datum) (datum).dsize
490 # define EXIM_DATUM_DATA(datum) (datum).dptr
492 /* There's no clearing required before use, and we don't have to free anything
493 after reading data. */
495 # define EXIM_DATUM_INIT(datum)
496 # define EXIM_DATUM_FREE(datum)
500 # define EXIM_DB_RLIMIT 150
502 #endif /* USE_GDBM */
508 #ifdef COMPILE_UTILITY
510 # define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \
511 EXIM_DBOPEN__(name, dirname, flags, mode, dbpp)
512 # define EXIM_DBCLOSE(db) EXIM_DBCLOSE__(db)
516 # define EXIM_DBOPEN(name, dirname, flags, mode, dbpp) \
518 DEBUG(D_hints_lookup) \
519 debug_printf_indent("EXIM_DBOPEN: file <%s> dir <%s> flags=%s\n", \
521 (flags) == O_RDONLY ? "O_RDONLY" \
522 : (flags) == O_RDWR ? "O_RDWR" \
523 : (flags) == (O_RDWR|O_CREAT) ? "O_RDWR|O_CREAT" \
525 if (is_tainted(name) || is_tainted(dirname)) \
527 log_write(0, LOG_MAIN|LOG_PANIC, "Tainted name for DB file not permitted"); \
531 { EXIM_DBOPEN__(name, dirname, flags, mode, dbpp); } \
532 DEBUG(D_hints_lookup) debug_printf_indent("returned from EXIM_DBOPEN: %p\n", *dbpp); \
534 # define EXIM_DBCLOSE(db) \
536 DEBUG(D_hints_lookup) debug_printf_indent("EXIM_DBCLOSE(%p)\n", db); \
537 EXIM_DBCLOSE__(db); \
543 # define EXIM_DB void /* dummy */
546 # define EXIM_CURSOR void /* dummy */
548 /********************* End of dbm library definitions **********************/
551 /* Structure for carrying around an open DBM file, and an open locking file
552 that relates to it. */
560 /* Structures for records stored in exim database dbm files. They all
561 start with the same fields, described in the generic type. */
565 time_t time_stamp; /* Timestamp of writing */
569 /* This structure keeps track of retry information for a host or a local
575 time_t first_failed; /* Time of first failure */
576 time_t last_try; /* Time of last try */
577 time_t next_try; /* Time of next try */
578 BOOL expired; /* Retry time has expired */
579 int basic_errno; /* Errno of last failure */
580 int more_errno; /* Additional information */
581 uschar text[1]; /* Text message for last failure */
584 /* These structures keep track of addresses that have had callout verification
585 performed on them. There are two groups of records:
587 1. keyed by localpart@domain -
588 Full address was tested and record holds result
591 Domain response upto MAIL FROM:<>, postmaster, random local part;
593 If a record exists, the result field is either ccache_accept or ccache_reject,
594 or, for a domain record only, ccache_reject_mfnull when MAIL FROM:<> was
595 rejected. The other fields, however, (which are only relevant to domain
596 records) may also contain ccache_unknown if that particular test has not been
599 Originally, there was only one structure, used for both types. However, it got
600 expanded for domain records, so it got split. To make it possible for Exim to
601 handle the old type of record, we retain the old definition. The different
602 kinds of record can be distinguished by their different lengths. */
608 int postmaster_result; /* Postmaster is accepted */
609 int random_result; /* Random local part was accepted */
610 } dbdata_callout_cache_obs;
613 time_t time_stamp; /* Timestamp of last address check */
615 int result; /* accept or reject */
616 } dbdata_callout_cache_address;
618 /* For this new layout, we put the additional fields (the timestamps)
619 last so that if somebody reverts to an older Exim, the new records will
620 still make sense because they match the old layout. */
623 time_t time_stamp; /* Time stamp of last connection */
625 int result; /* Domain reject or accept */
626 int postmaster_result; /* Postmaster result */
627 int random_result; /* Random result */
628 time_t postmaster_stamp; /* Timestamp of postmaster check */
629 time_t random_stamp; /* Timestamp of random check */
630 } dbdata_callout_cache;
632 /* This structure keeps track of messages that are waiting for a particular
633 host for a particular transport. */
638 int count; /* Count of message ids */
639 int sequence; /* Sequence for continued records */
640 uschar text[1]; /* One long character string */
644 /* The contents of the "misc" database are a mixture of different kinds of
645 record, as defined below. The keys used for a specific type all start with a
646 given string such as "etrn-" or "host-serialize-". */
649 /* This structure records a connection to a particular host, for the
650 purpose of serializing access to certain hosts. For possible future extension,
651 a field is defined for holding the count of connections, but it is not
652 at present in use. The same structure is used for recording a running ETRN
658 int count; /* Reserved for possible connection count */
662 /* This structure records the information required for the ratelimit
668 int time_usec; /* Fractional part of time, from gettimeofday() */
669 double rate; /* Smoothed sending rate at that time */
672 /* Same as above, plus a Bloom filter for uniquifying events. */
675 dbdata_ratelimit dbd;
676 time_t bloom_epoch; /* When the Bloom filter was last reset */
677 unsigned bloom_size; /* Number of bytes in the Bloom filter */
678 uschar bloom[40]; /* Bloom filter which may be larger than this */
679 } dbdata_ratelimit_unique;
682 /* For "seen" ACL condition */
687 #ifndef DISABLE_PIPE_CONNECT
688 /* This structure records the EHLO responses, cleartext and crypted,
689 for an IP, as bitmasks (cf. OPTION_TLS). For LIMITS, also values
690 advertised for MAILMAX, RCPTMAX and RCPTDOMAINMAX; zero meaning no
694 unsigned short cleartext_features;
695 unsigned short crypted_features;
696 unsigned short cleartext_auths;
697 unsigned short crypted_auths;
699 # ifdef EXPERIMENTAL_ESMTP_LIMITS
700 unsigned int limit_mail;
701 unsigned int limit_rcpt;
702 unsigned int limit_rcptdom;
709 ehlo_resp_precis data;
716 uschar verify_override:1;
719 } dbdata_tls_session;
722 /* End of dbstuff.h */