Do not claim OCSP support when compiled with too-old GnuTLS version
[exim.git] / src / src / spam.c
index 7915a433613159b680ec19719a5c897808afc9a8..7eb6fbfa75ceed0cf15d38f5ea5019525ddd733e 100644 (file)
@@ -1,5 +1,3 @@
-/* $Cambridge: exim/src/src/spam.c,v 1.15 2008/01/16 09:52:15 tom Exp $ */
-
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
@@ -20,15 +18,18 @@ uschar spam_report_buffer[32600];
 uschar prev_user_name[128] = "";
 int spam_ok = 0;
 int spam_rc = 0;
+uschar *prev_spamd_address_work = NULL;
 
-int spam(uschar **listptr) {
+int
+spam(uschar **listptr)
+{
   int sep = 0;
   uschar *list = *listptr;
   uschar *user_name;
   uschar user_name_buffer[128];
   unsigned long mbox_size;
   FILE *mbox_file;
-  int spamd_sock;
+  int spamd_sock = -1;
   uschar spamd_buffer[32600];
   int i, j, offset, result;
   uschar spamd_version[8];
@@ -71,6 +72,23 @@ int spam(uschar **listptr) {
     override = 1;
   };
 
+  /* expand spamd_address if needed */
+  if (*spamd_address == '$') {
+    spamd_address_work = expand_string(spamd_address);
+    if (spamd_address_work == NULL) {
+      log_write(0, LOG_MAIN|LOG_PANIC,
+        "spamassassin acl condition: spamd_address starts with $, but expansion failed: %s", expand_string_message);
+      return DEFER;
+    }
+  }
+  else
+    spamd_address_work = spamd_address;
+
+  /* check if previous spamd_address was expanded and has changed. dump cached results if so */
+  if ( spam_ok && ( prev_spamd_address_work != NULL) && (Ustrcmp(prev_spamd_address_work, spamd_address_work) != 0)) {
+    spam_ok = 0;
+  }
+
   /* if we scanned for this username last time, just return */
   if ( spam_ok && ( Ustrcmp(prev_user_name, user_name) == 0 ) ) {
     if (override)
@@ -80,7 +98,7 @@ int spam(uschar **listptr) {
   };
 
   /* make sure the eml mbox file is spooled up */
-  mbox_file = spool_mbox(&mbox_size);
+  mbox_file = spool_mbox(&mbox_size, NULL);
 
   if (mbox_file == NULL) {
     /* error while spooling */
@@ -91,25 +109,12 @@ int spam(uschar **listptr) {
 
   start = time(NULL);
 
-  if (*spamd_address == '$') {
-    spamd_address_work = expand_string(spamd_address);
-    if (spamd_address_work == NULL) {
-      log_write(0, LOG_MAIN|LOG_PANIC,
-        "spamassassin acl condition: spamd_address starts with $, but expansion failed: %s", expand_string_message);
-      return DEFER;
-    }
-  }
-  else
-    spamd_address_work = spamd_address;
-
   /* socket does not start with '/' -> network socket */
   if (*spamd_address_work != '/') {
-    time_t now = time(NULL);
     int num_servers = 0;
-    int current_server = 0;
-    int start_server = 0;
+    int current_server;
     uschar *address = NULL;
-    uschar *spamd_address_list_ptr = spamd_address;
+    uschar *spamd_address_list_ptr = spamd_address_work;
     uschar address_buffer[256];
     spamd_address_container * spamd_address_vector[32];
 
@@ -119,6 +124,7 @@ int spam(uschar **listptr) {
                                         address_buffer,
                                         sizeof(address_buffer))) != NULL) {
 
+      /* Potential memory leak as we never free the store. */
       spamd_address_container *this_spamd =
         (spamd_address_container *)store_get(sizeof(spamd_address_container));
 
@@ -143,9 +149,11 @@ int spam(uschar **listptr) {
       return DEFER;
     };
 
-    current_server = start_server = (int)now % num_servers;
+    while ( num_servers > 0 ) {
+      int i;
 
-    while (1) {
+      /* Randomly pick a server to try */
+      current_server = random_number( num_servers );
 
       debug_printf("trying server %s, port %u\n",
                    spamd_address_vector[current_server]->tcp_addr,
@@ -173,16 +181,20 @@ int spam(uschar **listptr) {
          spamd_address_vector[current_server]->tcp_addr,
          spamd_address_vector[current_server]->tcp_port,
          strerror(errno));
-      current_server++;
-      if (current_server >= num_servers)
-        current_server = 0;
-      if (current_server == start_server) {
-        log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: all spamd servers failed");
-        (void)fclose(mbox_file);
-        (void)close(spamd_sock);
-        return DEFER;
-      };
-    };
+
+      (void)close(spamd_sock);
+
+      /* Remove the server from the list. XXX We should free the memory */
+      num_servers--;
+      for( i = current_server; i < num_servers; i++ )
+        spamd_address_vector[i] = spamd_address_vector[i+1];
+    }
+
+    if ( num_servers == 0 ) {
+      log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: all spamd servers failed");
+      (void)fclose(mbox_file);
+      return DEFER;
+    }
 
   }
   else {
@@ -210,6 +222,14 @@ int spam(uschar **listptr) {
 
   }
 
+  if (spamd_sock == -1) {
+    log_write(0, LOG_MAIN|LOG_PANIC,
+        "programming fault, spamd_sock unexpectedly unset");
+    (void)fclose(mbox_file);
+    (void)close(spamd_sock);
+    return DEFER;
+  }
+
   /* now we are connected to spamd on spamd_sock */
   (void)string_format(spamd_buffer,
            sizeof(spamd_buffer),
@@ -268,7 +288,7 @@ again:
             "spam acl condition: %s on spamd socket", strerror(errno));
         else {
           if (time(NULL) - start < SPAMD_TIMEOUT)
-          goto again;
+            goto again;
           log_write(0, LOG_MAIN|LOG_PANIC,
             "spam acl condition: timed out writing spamd socket");
         }
@@ -354,13 +374,10 @@ again:
     *q = *p;
     q++;
     if (*p == '\n') {
-      *q = '\t';
+      /* add an extra space after the newline to ensure
+      that it is treated as a header continuation line */
+      *q = ' ';
       q++;
-      /* eat whitespace */
-      while( (*p <= ' ') && (*p != '\0') ) {
-        p++;
-      };
-      p--;
     };
     p++;
   };
@@ -408,11 +425,13 @@ again:
     spam_rc = FAIL;
   };
 
-  /* remember user name and "been here" for it unless spamd_socket was expanded */
-  if (spamd_address_work == spamd_address) {
-    Ustrcpy(prev_user_name, user_name);
-    spam_ok = 1;
+  /* remember expanded spamd_address if needed */
+  if (spamd_address_work != spamd_address) {
+    prev_spamd_address_work = string_copy(spamd_address_work);
   }
+  /* remember user name and "been here" for it */
+  Ustrcpy(prev_user_name, user_name);
+  spam_ok = 1;
 
   if (override) {
     /* always return OK, no matter what the score */