-/* $Cambridge: exim/src/src/receive.c,v 1.2 2004/10/18 11:36:23 ph10 Exp $ */
+/* $Cambridge: exim/src/src/receive.c,v 1.4 2004/11/17 14:32:25 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
/*************************************************
-* Check space on spool and log partitions *
+* Read space info for a partition *
*************************************************/
-/* This function is called before accepting a message; if any thresholds are
-set, it checks them. If a message_size is supplied, it checks that there is
-enough space for that size plus the threshold - i.e. that the message won't
-reduce the space to the threshold. Not all OS have statvfs(); for those that
-don't, this function always returns TRUE. For some OS the old function and
-struct name statfs is used; that is handled by a macro, defined in exim.h.
+/* This function is called by receive_check_fs() below, and also by string
+expansion for variables such as $spool_space. The field names for the statvfs
+structure are macros, because not all OS have F_FAVAIL and it seems tidier to
+have macros for F_BAVAIL and F_FILES as well. Some kinds of file system do not
+have inodes, and they return -1 for the number available.
-Arguments:
- msg_size the (estimated) size of an incoming message
+Later: It turns out that some file systems that do not have the concept of
+inodes return 0 rather than -1. Such systems should also return 0 for the total
+number of inodes, so we require that to be greater than zero before returning
+an inode count.
-Returns: FALSE if there isn't enough space, or if the information cannot
- be obtained
- TRUE if no check was done or there is enough space
+Arguments:
+ isspool TRUE for spool partition, FALSE for log partition
+ inodeptr address of int to receive inode count; -1 if there isn't one
+
+Returns: available on-root space, in kilobytes
+ -1 for log partition if there isn't one
+
+All values are -1 if the STATFS functions are not available.
*/
-BOOL
-receive_check_fs(int msg_size)
+int
+receive_statvfs(BOOL isspool, int *inodeptr)
{
#ifdef HAVE_STATFS
-BOOL rc = TRUE;
struct STATVFS statbuf;
+uschar *path;
+uschar *name;
+uschar buffer[1024];
-memset(&statbuf, 0, sizeof(statbuf));
+/* The spool directory must always exist. */
-/* The field names are macros, because not all OS have F_FAVAIL and it seems
-tidier to have macros for F_BAVAIL and F_FILES as well. Some kinds of file
-server do not have inodes, and they return -1 for the number available, so we
-do the check only when this field is non-negative.
-
-Later: It turns out that some file systems that do not have the concept of
-inodes return 0 rather than -1. Such systems should also return 0 for the total
-number of inodes, so we require that to be greater than zero before doing the
-test. */
-
-if (check_spool_space > 0 || msg_size > 0 || check_spool_inodes > 0)
+if (isspool)
{
- if (STATVFS(CS spool_directory, &statbuf) != 0)
- {
- log_write(0, LOG_MAIN|LOG_PANIC, "cannot accept message: failed to stat "
- "spool directory %s: %s", spool_directory, strerror(errno));
- smtp_closedown(US"spool directory problem");
- exim_exit(EXIT_FAILURE);
- }
-
- /* check_spool_space is held in K because disks are getting huge */
-
- if (statbuf.F_BAVAIL < (unsigned long)
- ((((double)check_spool_space) * 1024.0 + (double)msg_size) /
- (double)statbuf.F_FRSIZE)
- ||
- (statbuf.F_FILES > 0 &&
- statbuf.F_FAVAIL >= 0 &&
- statbuf.F_FAVAIL < check_spool_inodes))
- rc = FALSE;
-
- DEBUG(D_receive)
- debug_printf("spool directory %s space = %d blocks; inodes = %d; "
- "check_space = %dK (%d blocks); inodes = %d; msg_size = %d (%d blocks)\n",
- spool_directory, (int)statbuf.F_BAVAIL, (int)statbuf.F_FAVAIL,
- check_spool_space,
- (int)(((double)check_spool_space * 1024.0) / (double)statbuf.F_FRSIZE),
- check_spool_inodes, msg_size, (int)(msg_size / statbuf.F_FRSIZE));
-
- if (!rc)
- {
- log_write(0, LOG_MAIN, "spool directory space check failed: space=%d "
- "inodes=%d", (int)statbuf.F_BAVAIL, (int)statbuf.F_FAVAIL);
- return FALSE;
- }
- }
-
+ path = spool_directory;
+ name = US"spool";
+ }
+
/* Need to cut down the log file path to the directory, and to ignore any
appearance of "syslog" in it. */
-if (check_log_space > 0 || check_log_inodes > 0)
+else
{
- uschar *path;
int sep = ':'; /* Not variable - outside scripts use */
- uschar *cp;
uschar *p = log_file_path;
- uschar buffer[1024];
+ name = US"log";
/* An empty log_file_path means "use the default". This is the same as an
empty item in a list. */
if (Ustrcmp(path, "syslog") != 0) break;
}
- if (path == NULL) return TRUE; /* No log files, so no problem */
-
- /* An empty string means use the default */
+ if (path == NULL) /* No log files */
+ {
+ *inodeptr = -1;
+ return -1;
+ }
- if (path[0] == 0)
- path = string_sprintf("%s/log/%%slog", spool_directory);
+ /* An empty string means use the default, which is in the spool directory.
+ But don't just use the spool directory, as it is possible that the log
+ subdirectory has been symbolically linked elsewhere. */
- if ((cp = Ustrrchr(path, '/')) == NULL)
+ if (path[0] == 0)
{
- DEBUG(D_receive) debug_printf("cannot find slash in %s\n", path);
- return FALSE;
- }
- *cp = 0;
-
- if (STATVFS(CS path, &statbuf) != 0)
+ sprintf(CS buffer, CS"%s/log", CS spool_directory);
+ path = buffer;
+ }
+ else
{
- log_write(0, LOG_MAIN|LOG_PANIC, "cannot accept message: failed to stat "
- "log directory %s: %s", path, strerror(errno));
- smtp_closedown(US"log directory problem");
- exim_exit(EXIT_FAILURE);
- }
+ uschar *cp;
+ if ((cp = Ustrrchr(path, '/')) != NULL) *cp = 0;
+ }
+ }
+
+/* We now have the patch; do the business */
- if (statbuf.F_BAVAIL < (unsigned long)
- (((double)check_log_space * 1024.0) / (double)statbuf.F_FRSIZE)
- ||
- statbuf.F_FAVAIL < check_log_inodes) rc = FALSE;
+memset(&statbuf, 0, sizeof(statbuf));
+if (STATVFS(CS path, &statbuf) != 0)
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC, "cannot accept message: failed to stat "
+ "%s directory %s: %s", name, spool_directory, strerror(errno));
+ smtp_closedown(US"spool or log directory problem");
+ exim_exit(EXIT_FAILURE);
+ }
+
+*inodeptr = (statbuf.F_FILES > 0)? statbuf.F_FAVAIL : -1;
+
+/* Disks are getting huge. Take care with computing the size in kilobytes. */
+
+return (int)(((double)statbuf.F_BAVAIL * (double)statbuf.F_FRSIZE)/1024.0);
+
+/* Unable to find partition sizes in this environment. */
+
+#else
+*inodeptr = -1;
+return -1;
+#endif
+}
+
+
+
+
+/*************************************************
+* Check space on spool and log partitions *
+*************************************************/
+
+/* This function is called before accepting a message; if any thresholds are
+set, it checks them. If a message_size is supplied, it checks that there is
+enough space for that size plus the threshold - i.e. that the message won't
+reduce the space to the threshold. Not all OS have statvfs(); for those that
+don't, this function always returns TRUE. For some OS the old function and
+struct name statfs is used; that is handled by a macro, defined in exim.h.
+
+Arguments:
+ msg_size the (estimated) size of an incoming message
+
+Returns: FALSE if there isn't enough space, or if the information cannot
+ be obtained
+ TRUE if no check was done or there is enough space
+*/
+
+BOOL
+receive_check_fs(int msg_size)
+{
+int space, inodes;
+
+if (check_spool_space > 0 || msg_size > 0 || check_spool_inodes > 0)
+ {
+ space = receive_statvfs(TRUE, &inodes);
+
DEBUG(D_receive)
- debug_printf("log directory %s space = %d blocks; inodes = %d; "
- "check_space = %dK (%d blocks); inodes = %d\n",
- path, (int)statbuf.F_BAVAIL, (int)statbuf.F_FAVAIL,
- check_log_space,
- (int)(((double)check_log_space * 1024.0) / (double)statbuf.F_FRSIZE),
- check_log_inodes);
-
- if (!rc)
- {
- log_write(0, LOG_MAIN, "log directory space check failed: space=%d "
- "inodes=%d", (int)statbuf.F_BAVAIL, (int)statbuf.F_FAVAIL);
+ debug_printf("spool directory space = %dK inodes = %d "
+ "check_space = %dK inodes = %d msg_size = %d\n",
+ space, inodes, check_spool_space, check_spool_inodes, msg_size);
+
+ if ((space >= 0 && space < check_spool_space) ||
+ (inodes >= 0 && inodes < check_spool_inodes))
+ {
+ log_write(0, LOG_MAIN, "spool directory space check failed: space=%d "
+ "inodes=%d", space, inodes);
return FALSE;
}
}
-#endif
+if (check_log_space > 0 || check_log_inodes > 0)
+ {
+ space = receive_statvfs(FALSE, &inodes);
+
+ DEBUG(D_receive)
+ debug_printf("log directory space = %dK inodes = %d "
+ "check_space = %dK inodes = %d\n",
+ space, inodes, check_log_space, check_log_inodes);
+
+ if ((space >= 0 && space < check_log_space) ||
+ (inodes >= 0 && inodes < check_log_inodes))
+ {
+ log_write(0, LOG_MAIN, "log directory space check failed: space=%d "
+ "inodes=%d", space, inodes);
+ return FALSE;
+ }
+ }
+
return TRUE;
}
blocks.
. If there is a "sender:" header and the message is locally originated,
- throw it away, unless the caller is trusted, or unless local_sender_retain
- is set - which can only happen if local_from_check is false.
+ throw it away, unless the caller is trusted, or unless
+ active_local_sender_retain is set - which can only happen if
+ active_local_from_check is false.
. If recipients are to be extracted from the message, build the
recipients list from the headers, removing any that were on the
. If the sender is local, check that from: is correct, and if not, generate
a Sender: header, unless message comes from a trusted caller, or this
- feature is disabled by no_local_from_check.
+ feature is disabled by active_local_from_check being false.
. If there is no "date" header, generate one, for locally-originated
or submission mode messages only.
/* If there is a "Sender:" header and the message is locally originated,
and from an untrusted caller, or if we are in submission mode for a remote
message, mark it "old" so that it will not be transmitted with the message,
- unless local_sender_retain is set. (This can only be true if
- local_from_check is false.) If there are any resent- headers in the
+ unless active_local_sender_retain is set. (This can only be true if
+ active_local_from_check is false.) If there are any resent- headers in the
message, apply this rule to Resent-Sender: instead of Sender:. Messages
with multiple resent- header sets cannot be tidily handled. (For this
reason, at least one MUA - Pine - turns old resent- headers into X-resent-
headers when resending, leaving just one set.) */
case htype_sender:
- h->type = ((
- (sender_local && !trusted_caller && !local_sender_retain) ||
- submission_mode
+ h->type = ((!active_local_sender_retain &&
+ ((sender_local && !trusted_caller) || submission_mode)
) &&
(!resents_exist||is_resent))?
htype_old : htype_sender;
Sender: header is inserted, as required. */
if (from_header != NULL &&
- (
- (sender_local && local_from_check && !trusted_caller) ||
- (submission_mode && authenticated_id != NULL)
+ (active_local_from_check &&
+ ((sender_local && !trusted_caller) ||
+ (submission_mode && authenticated_id != NULL))
))
{
BOOL make_sender = TRUE;