* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/* Functions for writing spool files, and moving them about. */
automatically. */
if (fd >= 0)
- if (fchown(fd, exim_uid, exim_gid) || fchmod(fd, SPOOL_MODE))
+ if (exim_fchown(fd, exim_uid, exim_gid, temp_name) || fchmod(fd, SPOOL_MODE))
{
DEBUG(D_any) debug_printf("failed setting perms on %s\n", temp_name);
(void) close(fd); fd = -1;
+static const uschar *
+zap_newlines(const uschar *s)
+{
+uschar *z, *p;
+
+if (Ustrchr(s, '\n') == NULL) return s;
+
+p = z = string_copy(s);
+while ((p = Ustrchr(p, '\n')) != NULL) *p++ = ' ';
+return z;
+}
+
+static void
+spool_var_write(FILE * fp, const uschar * name, const uschar * val)
+{
+putc('-', fp);
+if (is_tainted(val))
+ {
+ int q = quoter_for_address(val);
+ putc('-', fp);
+ if (is_real_quoter(q)) fprintf(fp, "(%s)", lookup_list[q]->name);
+ }
+fprintf(fp, "%s %s\n", name, val);
+}
+
/*************************************************
* Write the header spool file *
*************************************************/
uschar * tname;
uschar * fname;
-tname = spool_fname(US"input", message_subdir,
- string_sprintf("hdr.%d", (int)getpid()), US"");
+tname = spool_fname(US"input", message_subdir, US"hdr.", message_id);
if ((fd = spool_open_temp(tname)) < 0)
return spool_write_error(where, errmsg, US"open", NULL, NULL);
fprintf(fp, "%d %d\n", (int)received_time.tv_sec, warning_count);
fprintf(fp, "-received_time_usec .%06d\n", (int)received_time.tv_usec);
+fprintf(fp, "-received_time_complete %d.%06d\n",
+ (int)received_time_complete.tv_sec, (int)received_time_complete.tv_usec);
/* If there is information about a sending host, remember it. The HELO
data can be set for local SMTP as well as remote. */
-if (sender_helo_name)
- fprintf(fp, "-helo_name %s\n", sender_helo_name);
+if (sender_helo_name) spool_var_write(fp, US"helo_name", sender_helo_name);
if (sender_host_address)
{
- fprintf(fp, "-host_address %s.%d\n", sender_host_address, sender_host_port);
+ if (is_tainted(sender_host_address)) putc('-', fp);
+ fprintf(fp, "-host_address [%s]:%d\n", sender_host_address, sender_host_port);
if (sender_host_name)
- fprintf(fp, "-host_name %s\n", sender_host_name);
- if (sender_host_authenticated)
- fprintf(fp, "-host_auth %s\n", sender_host_authenticated);
+ spool_var_write(fp, US"host_name", sender_host_name);
}
+if (sender_host_authenticated)
+ spool_var_write(fp, US"host_auth", sender_host_authenticated);
+if (sender_host_auth_pubname)
+ spool_var_write(fp, US"host_auth_pubname", sender_host_auth_pubname);
/* Also about the interface a message came in on */
if (interface_address)
- fprintf(fp, "-interface_address %s.%d\n", interface_address, interface_port);
+ {
+ if (is_tainted(interface_address)) putc('-', fp);
+ fprintf(fp, "-interface_address [%s]:%d\n", interface_address, interface_port);
+ }
if (smtp_active_hostname != primary_hostname)
- fprintf(fp, "-active_hostname %s\n", smtp_active_hostname);
+ spool_var_write(fp, US"active_hostname", smtp_active_hostname);
/* Likewise for any ident information; for local messages this is
likely to be the same as originator_login, but will be different if
the originator was root, forcing a different ident. */
-if (sender_ident) fprintf(fp, "-ident %s\n", sender_ident);
+if (sender_ident)
+ spool_var_write(fp, US"ident", sender_ident);
/* Ditto for the received protocol */
if (received_protocol)
- fprintf(fp, "-received_protocol %s\n", received_protocol);
+ spool_var_write(fp, US"received_protocol", received_protocol);
/* Preserve any ACL variables that are set. */
/* Now any other data that needs to be remembered. */
+if (*debuglog_name)
+ {
+ fprintf(fp, "-debug_selector 0x%x\n", debug_selector);
+ fprintf(fp, "-debuglog_name %s\n", debuglog_name);
+ }
+
if (f.spool_file_wireformat)
fprintf(fp, "-spool_file_wireformat\n");
else
if (body_zerocount > 0) fprintf(fp, "-body_zerocount %d\n", body_zerocount);
if (authenticated_id)
- fprintf(fp, "-auth_id %s\n", authenticated_id);
+ spool_var_write(fp, US"auth_id", authenticated_id);
if (authenticated_sender)
- fprintf(fp, "-auth_sender %s\n", authenticated_sender);
+ spool_var_write(fp, US"auth_sender", zap_newlines(authenticated_sender));
if (f.allow_unqualified_recipient) fprintf(fp, "-allow_unqualified_recipient\n");
if (f.allow_unqualified_sender) fprintf(fp, "-allow_unqualified_sender\n");
if (f.sender_local) fprintf(fp, "-local\n");
if (f.local_error_message) fprintf(fp, "-localerror\n");
#ifdef HAVE_LOCAL_SCAN
-if (local_scan_data) fprintf(fp, "-local_scan %s\n", local_scan_data);
+if (local_scan_data) spool_var_write(fp, US"local_scan", local_scan_data);
#endif
#ifdef WITH_CONTENT_SCAN
-if (spam_bar) fprintf(fp,"-spam_bar %s\n", spam_bar);
-if (spam_score) fprintf(fp,"-spam_score %s\n", spam_score);
-if (spam_score_int) fprintf(fp,"-spam_score_int %s\n", spam_score_int);
+if (spam_bar) spool_var_write(fp, US"spam_bar", spam_bar);
+if (spam_score) spool_var_write(fp, US"spam_score", spam_score);
+if (spam_score_int) spool_var_write(fp, US"spam_score_int", spam_score_int);
#endif
if (f.deliver_manual_thaw) fprintf(fp, "-manual_thaw\n");
if (f.sender_set_untrusted) fprintf(fp, "-sender_set_untrusted\n");
#ifdef EXPERIMENTAL_BRIGHTMAIL
-if (bmi_verdicts) fprintf(fp, "-bmi_verdicts %s\n", bmi_verdicts);
+if (bmi_verdicts) spool_var_write(fp, US"bmi_verdicts", bmi_verdicts);
#endif
-#ifdef SUPPORT_TLS
+#ifndef DISABLE_TLS
if (tls_in.certificate_verified) fprintf(fp, "-tls_certificate_verified\n");
-if (tls_in.cipher) fprintf(fp, "-tls_cipher %s\n", tls_in.cipher);
+if (tls_in.cipher) spool_var_write(fp, US"tls_cipher", tls_in.cipher);
if (tls_in.peercert)
{
- (void) tls_export_cert(big_buffer, big_buffer_size, tls_in.peercert);
- fprintf(fp, "-tls_peercert %s\n", CS big_buffer);
+ if (tls_export_cert(big_buffer, big_buffer_size, tls_in.peercert))
+ fprintf(fp, "--tls_peercert %s\n", CS big_buffer);
}
-if (tls_in.peerdn) fprintf(fp, "-tls_peerdn %s\n", string_printing(tls_in.peerdn));
-if (tls_in.sni) fprintf(fp, "-tls_sni %s\n", string_printing(tls_in.sni));
+if (tls_in.peerdn) spool_var_write(fp, US"tls_peerdn", string_printing(tls_in.peerdn));
+if (tls_in.sni) spool_var_write(fp, US"tls_sni", string_printing(tls_in.sni));
if (tls_in.ourcert)
{
- (void) tls_export_cert(big_buffer, big_buffer_size, tls_in.ourcert);
- fprintf(fp, "-tls_ourcert %s\n", CS big_buffer);
+ if (tls_export_cert(big_buffer, big_buffer_size, tls_in.ourcert))
+ fprintf(fp, "-tls_ourcert %s\n", CS big_buffer);
}
if (tls_in.ocsp) fprintf(fp, "-tls_ocsp %d\n", tls_in.ocsp);
-
-# ifdef EXPERIMENTAL_REQUIRETLS
-if (tls_requiretls) fprintf(fp, "-tls_requiretls 0x%x\n", tls_requiretls);
+# ifndef DISABLE_TLS_RESUME
+fprintf(fp, "-tls_resumption %c\n", 'A' + tls_in.resumption);
# endif
+if (tls_in.ver) spool_var_write(fp, US"tls_ver", tls_in.ver);
#endif
#ifdef SUPPORT_I18N
#endif
/* Write the dsn flags to the spool header file */
-DEBUG(D_deliver) debug_printf("DSN: Write SPOOL :-dsn_envid %s\n", dsn_envid);
+/* DEBUG(D_deliver) debug_printf("DSN: Write SPOOL: -dsn_envid %s\n", dsn_envid); */
if (dsn_envid) fprintf(fp, "-dsn_envid %s\n", dsn_envid);
-DEBUG(D_deliver) debug_printf("DSN: Write SPOOL :-dsn_ret %d\n", dsn_ret);
+/* DEBUG(D_deliver) debug_printf("DSN: Write SPOOL: -dsn_ret %d\n", dsn_ret); */
if (dsn_ret) fprintf(fp, "-dsn_ret %d\n", dsn_ret);
/* To complete the envelope, write out the tree of non-recipients, followed by
for (int i = 0; i < recipients_count; i++)
{
recipient_item *r = recipients_list + i;
+ const uschar *address = zap_newlines(r->address);
- DEBUG(D_deliver) debug_printf("DSN: Flags :%d\n", r->dsn_flags);
+ /* DEBUG(D_deliver) debug_printf("DSN: Flags: 0x%x\n", r->dsn_flags); */
- if (r->pno < 0 && r->errors_to == NULL && r->dsn_flags == 0)
- fprintf(fp, "%s\n", r->address);
+ if (r->pno < 0 && !r->errors_to && r->dsn_flags == 0)
+ fprintf(fp, "%s\n", address);
else
{
- uschar * errors_to = r->errors_to ? r->errors_to : US"";
+ const uschar *errors_to = r->errors_to ? zap_newlines(r->errors_to) : CUS"";
/* for DSN SUPPORT extend exim 4 spool in a compatible way by
adding new values upfront and add flag 0x02 */
- uschar * orcpt = r->orcpt ? r->orcpt : US"";
+ const uschar *orcpt = r->orcpt ? zap_newlines(r->orcpt) : CUS"";
- fprintf(fp, "%s %s %d,%d %s %d,%d#3\n", r->address, orcpt, Ustrlen(orcpt),
+ fprintf(fp, "%s %s %d,%d %s %d,%d#3\n", address, orcpt, Ustrlen(orcpt),
r->dsn_flags, errors_to, Ustrlen(errors_to), r->pno);
}
DEBUG(D_deliver) debug_printf("DSN: **** SPOOL_OUT - "
- "address: |%s| errorsto: |%s| orcpt: |%s| dsn_flags: %d\n",
+ "address: <%s> errorsto: <%s> orcpt: <%s> dsn_flags: 0x%x\n",
r->address, r->errors_to, r->orcpt, r->dsn_flags);
}
}
-#ifdef SUPPORT_MOVE_FROZEN_MESSAGES
-
/************************************************
* Make a hard link *
************************************************/
Arguments:
dir base directory name
+ dq destiinationqueue name
subdir subdirectory name
id message id
suffix suffix to add to id
*/
static BOOL
-make_link(uschar *dir, uschar *subdir, uschar *id, uschar *suffix, uschar *from,
- uschar *to, BOOL noentok)
+make_link(uschar *dir, uschar * dq, uschar *subdir, uschar *id, uschar *suffix,
+ uschar *from, uschar *to, BOOL noentok)
{
uschar * fname = spool_fname(string_sprintf("%s%s", from, dir), subdir, id, suffix);
-uschar * tname = spool_fname(string_sprintf("%s%s", to, dir), subdir, id, suffix);
+uschar * tname = spool_q_fname(string_sprintf("%s%s", to, dir), dq, subdir, id, suffix);
if (Ulink(fname, tname) < 0 && (!noentok || errno != ENOENT))
{
log_write(0, LOG_MAIN|LOG_PANIC, "link(\"%s\", \"%s\") failed while moving "
/* Move the files for a message (-H, -D, and msglog) from one directory (or
hierarchy) to another. It is assume that there is no -J file in existence when
-this is done. At present, this is used only when move_frozen_messages is set,
-so compile it only when that support is configured.
+this is done.
Arguments:
id the id of the message to be delivered
BOOL
spool_move_message(uschar *id, uschar *subdir, uschar *from, uschar *to)
{
+uschar * dest_qname = queue_name_dest ? queue_name_dest : queue_name;
+
+/* Since we are working within the spool, de-taint the dest queue name */
+dest_qname = string_copy_taint(dest_qname, GET_UNTAINTED);
+
/* Create any output directories that do not exist. */
(void) directory_make(spool_directory,
- spool_sname(string_sprintf("%sinput", to), subdir),
+ spool_q_sname(string_sprintf("%sinput", to), dest_qname, subdir),
INPUT_DIRECTORY_MODE, TRUE);
(void) directory_make(spool_directory,
- spool_sname(string_sprintf("%smsglog", to), subdir),
+ spool_q_sname(string_sprintf("%smsglog", to), dest_qname, subdir),
INPUT_DIRECTORY_MODE, TRUE);
/* Move the message by first creating new hard links for all the files, and
the mail spool, the -D file should be open and locked at the time, thus keeping
Exim's hands off. */
-if (!make_link(US"msglog", subdir, id, US"", from, to, TRUE) ||
- !make_link(US"input", subdir, id, US"-D", from, to, FALSE) ||
- !make_link(US"input", subdir, id, US"-H", from, to, FALSE))
+if (!make_link(US"msglog", dest_qname, subdir, id, US"", from, to, TRUE) ||
+ !make_link(US"input", dest_qname, subdir, id, US"-D", from, to, FALSE) ||
+ !make_link(US"input", dest_qname, subdir, id, US"-H", from, to, FALSE))
return FALSE;
if (!break_link(US"input", subdir, id, US"-H", from, FALSE) ||
!break_link(US"msglog", subdir, id, US"", from, TRUE))
return FALSE;
-log_write(0, LOG_MAIN, "moved from %sinput, %smsglog to %sinput, %smsglog",
- from, from, to, to);
+log_write(0, LOG_MAIN, "moved from %s%s%s%sinput, %smsglog to %s%s%s%sinput, %smsglog",
+ *queue_name?"(":"", *queue_name?queue_name:US"", *queue_name?") ":"",
+ from, from,
+ *dest_qname?"(":"", *dest_qname?dest_qname:US"", *dest_qname?") ":"",
+ to, to);
return TRUE;
}
-#endif
/* End of spool_out.c */
/* vi: aw ai sw=2
git://git.exim.org / exim.git / blobdiff