X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/059ec3d9952740285fb1ebf47961b8aca2eb1b4a..38a0a95ff69327042421b9ee6982e386175f141b:/src/src/spool_in.c diff --git a/src/src/spool_in.c b/src/src/spool_in.c index f43556bfa..c45914058 100644 --- a/src/src/spool_in.c +++ b/src/src/spool_in.c @@ -1,10 +1,10 @@ -/* $Cambridge: exim/src/src/spool_in.c,v 1.1 2004/10/07 10:39:01 ph10 Exp $ */ +/* $Cambridge: exim/src/src/spool_in.c,v 1.16 2006/09/19 11:28:45 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2004 */ +/* Copyright (c) University of Cambridge 1995 - 2006 */ /* See the file NOTICE for conditions of use and distribution. */ /* Functions for reading spool files. When compiling for a utility (eximon), @@ -76,7 +76,7 @@ an open file descriptor (at least, I think that's the Cygwin story). On real Unix systems it doesn't make any difference as long as Exim is consistent in what it locks. */ -fcntl(deliver_datafile, F_SETFD, fcntl(deliver_datafile, F_GETFD) | +(void)fcntl(deliver_datafile, F_SETFD, fcntl(deliver_datafile, F_GETFD) | FD_CLOEXEC); lock_data.l_type = F_WRLCK; @@ -89,7 +89,7 @@ if (fcntl(deliver_datafile, F_SETLK, &lock_data) < 0) log_write(L_skip_delivery, LOG_MAIN, "Spool file is locked (another process is handling this message)"); - close(deliver_datafile); + (void)close(deliver_datafile); deliver_datafile = -1; errno = 0; return FALSE; @@ -230,14 +230,13 @@ int n; int rcount = 0; long int uid, gid; BOOL inheader = FALSE; -uschar originator[64]; +uschar *p; /* Reset all the global variables to their default values. However, there is one exception. DO NOT change the default value of dont_deliver, because it may be forced by an external setting. */ -for (n = 0; n < ACL_C_MAX + ACL_M_MAX; n++) acl_var[n] = NULL; - +acl_var_c = acl_var_m = NULL; authenticated_id = NULL; authenticated_sender = NULL; allow_unqualified_recipient = FALSE; @@ -250,6 +249,7 @@ deliver_frozen_at = 0; deliver_manual_thaw = FALSE; /* dont_deliver must NOT be reset */ header_list = header_last = NULL; +host_lookup_deferred = FALSE; host_lookup_failed = FALSE; interface_address = NULL; interface_port = 0; @@ -269,14 +269,28 @@ sender_host_authenticated = NULL; sender_ident = NULL; sender_local = FALSE; sender_set_untrusted = FALSE; +smtp_active_hostname = primary_hostname; tree_nonrecipients = NULL; +#ifdef EXPERIMENTAL_BRIGHTMAIL +bmi_run = 0; +bmi_verdicts = NULL; +#endif + +#ifdef EXPERIMENTAL_DOMAINKEYS +dk_do_verify = 0; +#endif + #ifdef SUPPORT_TLS tls_certificate_verified = FALSE; tls_cipher = NULL; tls_peerdn = NULL; #endif +#ifdef WITH_CONTENT_SCAN +spam_score_int = NULL; +#endif + /* Generate the full name and open the file. If message_subdir is already set, just look in the given directory. Otherwise, look in both the split and unsplit directories, as for the data file above. */ @@ -308,15 +322,28 @@ if (Ustrlen(big_buffer) != MESSAGE_ID_LENGTH + 3 || /* The next three lines in the header file are in a fixed format. The first contains the login, uid, and gid of the user who caused the file to be written. -The second contains the mail address of the message's sender, enclosed in <>. -The third contains the time the message was received, and the number of warning -messages for delivery delays that have been sent. */ +There are known cases where a negative gid is used, so we allow for both +negative uids and gids. The second contains the mail address of the message's +sender, enclosed in <>. The third contains the time the message was received, +and the number of warning messages for delivery delays that have been sent. */ if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR; -if (sscanf(CS big_buffer, "%s %ld %ld", originator, &uid, &gid) != 3) - goto SPOOL_FORMAT_ERROR; -originator_login = string_copy(originator); +p = big_buffer + Ustrlen(big_buffer); +while (p > big_buffer && isspace(p[-1])) p--; +*p = 0; +if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR; +while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--; +gid = Uatoi(p); +if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR; +*p = 0; +if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR; +while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--; +uid = Uatoi(p); +if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR; +*p = 0; + +originator_login = string_copy(big_buffer); originator_uid = (uid_t)uid; originator_gid = (gid_t)gid; @@ -348,27 +375,73 @@ for (;;) { if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR; if (big_buffer[0] != '-') break; - big_buffer[Ustrlen(big_buffer) - 1] = 0; + + /* For long-term backward compatibility, we recognize "-acl", which was used + before the number of ACL variables changed from 10 to 20. This was before the + subsequent change to an arbitrary number of named variables. This code is + retained so that upgrades from very old versions can still handle old-format + spool files. The value given after "-acl" is a number that is 0-9 for + connection variables, and 10-19 for message variables. */ + if (Ustrncmp(big_buffer, "-acl ", 5) == 0) { int index, count; + uschar name[4]; + tree_node *node; + if (sscanf(CS big_buffer + 5, "%d %d", &index, &count) != 2) goto SPOOL_FORMAT_ERROR; - /* Ignore if index too big - might be if a later release with more - variables built this spool file. */ - if (index < ACL_C_MAX + ACL_M_MAX) - { - acl_var[index] = store_get(count + 1); - if (fread(acl_var[index], 1, count+1, f) < count) goto SPOOL_READ_ERROR; - acl_var[index][count] = 0; - } + + (void) string_format(name, 4, "%c%d", (index < 10 ? 'c' : 'm'), index); + node = acl_var_create(name); + node->data.ptr = store_get(count + 1); + + if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR; + ((uschar*)node->data.ptr)[count] = 0; + } + + /* Nowadays we use "-aclc" and "-aclm" for the different types of ACL + variable, because Exim allows any number of them, with arbitrary names. + The line in the spool file is "-acl[cm] ". The name excludes + the c or m. */ + + else if (Ustrncmp(big_buffer, "-aclc ", 6) == 0 || + Ustrncmp(big_buffer, "-aclm ", 6) == 0) + { + uschar *name, *endptr; + int count; + tree_node *node; + + endptr = Ustrchr(big_buffer + 6, ' '); + if (endptr == NULL) goto SPOOL_FORMAT_ERROR; + name = string_sprintf("%c%.*s", big_buffer[4], endptr - big_buffer - 6, + big_buffer + 6); + if (sscanf(CS endptr, " %d", &count) != 1) goto SPOOL_FORMAT_ERROR; + + node = acl_var_create(name); + node->data.ptr = store_get(count + 1); + if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR; + ((uschar*)node->data.ptr)[count] = 0; } + + /* Other values */ + else if (Ustrcmp(big_buffer, "-local") == 0) sender_local = TRUE; else if (Ustrcmp(big_buffer, "-localerror") == 0) local_error_message = TRUE; else if (Ustrncmp(big_buffer, "-local_scan ", 12) == 0) local_scan_data = string_copy(big_buffer + 12); +#ifdef WITH_CONTENT_SCAN + else if (Ustrncmp(big_buffer, "-spam_score_int ", 16) == 0) + spam_score_int = string_copy(big_buffer + 16); +#endif +#ifdef EXPERIMENTAL_BRIGHTMAIL + else if (Ustrncmp(big_buffer, "-bmi_verdicts ", 14) == 0) + bmi_verdicts = string_copy(big_buffer + 14); +#endif + else if (Ustrcmp(big_buffer, "-host_lookup_deferred") == 0) + host_lookup_deferred = TRUE; else if (Ustrcmp(big_buffer, "-host_lookup_failed") == 0) host_lookup_failed = TRUE; else if (Ustrncmp(big_buffer, "-body_linecount", 15) == 0) @@ -410,16 +483,18 @@ for (;;) else if (Ustrncmp(big_buffer, "-host_address", 13) == 0) { - sender_host_port = host_extract_port(big_buffer + 14); + sender_host_port = host_address_extract_port(big_buffer + 14); sender_host_address = string_copy(big_buffer + 14); } else if (Ustrncmp(big_buffer, "-interface_address", 18) == 0) { - interface_port = host_extract_port(big_buffer + 19); + interface_port = host_address_extract_port(big_buffer + 19); interface_address = string_copy(big_buffer + 19); } + else if (Ustrncmp(big_buffer, "-active_hostname", 16) == 0) + smtp_active_hostname = string_copy(big_buffer + 17); else if (Ustrncmp(big_buffer, "-host_auth", 10) == 0) sender_host_authenticated = string_copy(big_buffer + 11); else if (Ustrncmp(big_buffer, "-host_name", 10) == 0) @@ -541,7 +616,7 @@ for (recipients_count = 0; recipients_count < rcount; recipients_count++) if (*p == ' ') { *p++ = 0; - sscanf(CS p, "%d,%d", &dummy, &pno); + (void)sscanf(CS p, "%d,%d", &dummy, &pno); } } @@ -550,7 +625,7 @@ for (recipients_count = 0; recipients_count < rcount; recipients_count++) else if (*p == ' ') { *p++ = 0; - sscanf(CS p, "%d", &pno); + (void)sscanf(CS p, "%d", &pno); } /* Handle current format Exim 4 spool files */ @@ -558,13 +633,13 @@ for (recipients_count = 0; recipients_count < rcount; recipients_count++) else if (*p == '#') { int flags; - sscanf(CS p+1, "%d", &flags); + (void)sscanf(CS p+1, "%d", &flags); if ((flags & 0x01) != 0) /* one_time data exists */ { int len; while (isdigit(*(--p)) || *p == ',' || *p == '-'); - sscanf(CS p+1, "%d,%d", &len, &pno); + (void)sscanf(CS p+1, "%d,%d", &len, &pno); *p = 0; if (len > 0) { @@ -600,8 +675,8 @@ while ((n = fgetc(f)) != EOF) int i; if (!isdigit(n)) goto SPOOL_FORMAT_ERROR; - ungetc(n, f); - fscanf(f, "%d%c ", &n, flag); + (void)ungetc(n, f); + (void)fscanf(f, "%d%c ", &n, flag); if (flag[0] != '*') message_size += n; /* Omit non-transmitted headers */ if (read_headers)