X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/ff790e47f2de6f4d6d48148e1d5a67da8e93c446..0a49a7a4f1090b6f1ce1d0f9d969804c9226b53e:/src/src/transports/appendfile.c diff --git a/src/src/transports/appendfile.c b/src/src/transports/appendfile.c index a2b7cfcb6..df2ce1cd8 100644 --- a/src/src/transports/appendfile.c +++ b/src/src/transports/appendfile.c @@ -1,10 +1,10 @@ -/* $Cambridge: exim/src/src/transports/appendfile.c,v 1.9 2005/06/22 15:44:38 ph10 Exp $ */ +/* $Cambridge: exim/src/src/transports/appendfile.c,v 1.24 2009/11/16 19:50:39 nm4 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2005 */ +/* Copyright (c) University of Cambridge 1995 - 2009 */ /* See the file NOTICE for conditions of use and distribution. */ @@ -107,6 +107,8 @@ optionlist appendfile_transport_options[] = { (void *)offsetof(appendfile_transport_options_block, maildir_tag) }, { "maildir_use_size_file", opt_bool, (void *)offsetof(appendfile_transport_options_block, maildir_use_size_file ) } , + { "maildirfolder_create_regex", opt_stringptr, + (void *)offsetof(appendfile_transport_options_block, maildirfolder_create_regex ) }, #endif /* SUPPORT_MAILDIR */ #ifdef SUPPORT_MAILSTORE { "mailstore_format", opt_bool, @@ -184,6 +186,7 @@ appendfile_transport_options_block appendfile_transport_option_defaults = { NULL, /* mailbox_filecount_string */ US"^(?:cur|new|\\..*)$", /* maildir_dir_regex */ NULL, /* maildir_tag */ + NULL, /* maildirfolder_create_regex */ NULL, /* mailstore_prefix */ NULL, /* mailstore_suffix */ NULL, /* check_string (default changed for non-bsmtp file)*/ @@ -247,6 +250,8 @@ Arguments: tblock points to the transport instance addrlist addresses about to be delivered (not used) dummy not used (doesn't pass back data) + uid the uid that will be set (not used) + gid the gid that will be set (not used) errmsg where to put an error message Returns: OK, FAIL, or DEFER @@ -254,7 +259,7 @@ Returns: OK, FAIL, or DEFER static int appendfile_transport_setup(transport_instance *tblock, address_item *addrlist, - transport_feedback *dummy, uschar **errmsg) + transport_feedback *dummy, uid_t uid, gid_t gid, uschar **errmsg) { appendfile_transport_options_block *ob = (appendfile_transport_options_block *)(tblock->options_block); @@ -264,6 +269,8 @@ int i; addrlist = addrlist; /* Keep picky compilers happy */ dummy = dummy; +uid = uid; +gid = gid; /* Loop for quota, quota_filecount, quota_warn_threshold, mailbox_size, mailbox_filecount */ @@ -271,6 +278,7 @@ mailbox_filecount */ for (i = 0; i < 5; i++) { double d; + uschar *which = NULL; if (q == NULL) d = default_value; else { @@ -316,33 +324,49 @@ for (i = 0; i < 5; i++) } } + /* Set each value, checking for possible overflow. */ + switch (i) { case 0: + if (d >= 2.0*1024.0*1024.0*1024.0 && sizeof(off_t) <= 4) which = US"quota"; ob->quota_value = (off_t)d; q = ob->quota_filecount; break; case 1: + if (d >= 2.0*1024.0*1024.0*1024.0) which = US"quota_filecount"; ob->quota_filecount_value = (int)d; q = ob->quota_warn_threshold; break; case 2: + if (d >= 2.0*1024.0*1024.0*1024.0 && sizeof(off_t) <= 4) + which = US"quota_warn_threshold"; ob->quota_warn_threshold_value = (off_t)d; q = ob->mailbox_size_string; default_value = -1.0; break; case 3: + if (d >= 2.0*1024.0*1024.0*1024.0 && sizeof(off_t) <= 4) + which = US"mailbox_size";; ob->mailbox_size_value = (off_t)d; q = ob->mailbox_filecount_string; break; case 4: + if (d >= 2.0*1024.0*1024.0*1024.0) which = US"mailbox_filecount"; ob->mailbox_filecount_value = (int)d; break; } + + if (which != NULL) + { + *errmsg = string_sprintf("%s value %.10g is too large (overflow) in " + "%s transport", which, d, tblock->name); + return FAIL; + } } return OK; @@ -575,10 +599,10 @@ host.next = NULL; until one succeeds. However, it appears that at least on some systems, comsat doesn't listen on the ::1 address. So for the moment, just force the address to be 127.0.0.1. At some future stage, when IPv6 really is superseding IPv4, this -can be changed. */ +can be changed. (But actually, comsat is probably dying out anyway.) */ /****** -if (host_find_byname(&host, NULL, NULL, FALSE) == HOST_FIND_FAILED) +if (host_find_byname(&host, NULL, 0, NULL, FALSE) == HOST_FIND_FAILED) { DEBUG(D_transport) debug_printf("\"localhost\" unknown\n"); return; @@ -602,7 +626,7 @@ for (h = &host; h != NULL; h = h->next) (void)ip_connect(sock, host_af, h->address, ntohs(sp->s_port), 0); rc = send(sock, buffer, Ustrlen(buffer) + 1, 0); - close(sock); + (void)close(sock); if (rc >= 0) break; DEBUG(D_transport) @@ -1205,6 +1229,7 @@ uschar *filecount_msg = US""; uschar *path; struct utimbuf times; struct timeval msg_tv; +BOOL disable_quota = FALSE; BOOL isdirectory = FALSE; BOOL isfifo = FALSE; BOOL wait_for_tick = FALSE; @@ -1312,10 +1337,15 @@ if (path[0] != '/') return FALSE; } -/* For a file delivery, make sure the local part in the address is updated to -the true local part. */ +/* For a file delivery, make sure the local part in the address(es) is updated +to the true local part. */ -if (testflag(addr, af_file)) addr->local_part = string_copy(path); +if (testflag(addr, af_file)) + { + address_item *addr2; + for (addr2 = addr; addr2 != NULL; addr2 = addr2->next) + addr2->local_part = string_copy(path); + } /* The available mailbox formats depend on whether it is a directory or a file delivery. */ @@ -1430,7 +1460,7 @@ if (!isdirectory) if (cfd >= 0) { transport_instance *tt = check_file_format(cfd, tblock, addr); - close(cfd); + (void)close(cfd); /* If another transport is indicated, call it and return; if no transport was found, just return - the error data will have been set up.*/ @@ -1622,7 +1652,7 @@ if (!isdirectory) sufficiently worried. */ if ((rc = Ulink(hitchname, lockname)) != 0) fstat(hd, &statbuf); - close(hd); + (void)close(hd); Uunlink(hitchname); if (rc != 0 && statbuf.st_nlink != 2) { @@ -1993,7 +2023,7 @@ if (!isdirectory) } } - mbx_lockfd = Uopen(mbx_lockname, O_RDWR | O_CREAT, 0600); + mbx_lockfd = Uopen(mbx_lockname, O_RDWR | O_CREAT, ob->lockfile_mode); if (mbx_lockfd < 0) { addr->basic_errno = ERRNO_LOCKFAILED; @@ -2002,7 +2032,7 @@ if (!isdirectory) goto RETURN; } - (void)Uchmod(mbx_lockname, 0600); + (void)Uchmod(mbx_lockname, ob->lockfile_mode); if (apply_lock(mbx_lockfd, F_WRLCK, ob->use_fcntl, ob->lock_fcntl_timeout, ob->use_flock, ob->lock_flock_timeout) >= 0) @@ -2023,7 +2053,7 @@ if (!isdirectory) DEBUG(D_transport) debug_printf("failed to lock %s: %s\n", mbx_lockname, strerror(errno)); - close(mbx_lockfd); + (void)close(mbx_lockfd); mbx_lockfd = -1; } else @@ -2039,7 +2069,7 @@ if (!isdirectory) DEBUG(D_transport) debug_printf("fcntl(), flock(), or MBX locking failed - retrying\n"); - close(fd); + (void)close(fd); fd = -1; use_lstat = TRUE; /* Reset to use lstat first */ @@ -2125,10 +2155,11 @@ else } #ifdef SUPPORT_MAILDIR - /* For a maildir delivery, ensure that all the relevant directories exist */ + /* For a maildir delivery, ensure that all the relevant directories exist, + and a maildirfolder file if necessary. */ if (mbformat == mbf_maildir && !maildir_ensure_directories(path, addr, - ob->create_directory, ob->dirmode)) + ob->create_directory, ob->dirmode, ob->maildirfolder_create_regex)) return FALSE; #endif /* SUPPORT_MAILDIR */ @@ -2144,7 +2175,7 @@ else const uschar *error; int offset; - /* Compile the regex if there is one */ + /* Compile the regex if there is one. */ if (ob->quota_size_regex != NULL) { @@ -2157,11 +2188,8 @@ else ob->quota_size_regex); return FALSE; } - else - { - DEBUG(D_transport) debug_printf("using regex for file sizes: %s\n", - ob->quota_size_regex); - } + DEBUG(D_transport) debug_printf("using regex for file sizes: %s\n", + ob->quota_size_regex); } /* Use an explicitly configured directory if set */ @@ -2212,6 +2240,8 @@ else { *slash = 0; check_path = new_check_path; + DEBUG(D_transport) debug_printf("maildirfolder file exists: " + "quota check directory changed to %s\n", check_path); } } } @@ -2237,6 +2267,8 @@ else if (ob->maildir_dir_regex != NULL) { + int check_path_len = Ustrlen(check_path); + dir_regex = pcre_compile(CS ob->maildir_dir_regex, PCRE_COPT, (const char **)&error, &offset, NULL); if (dir_regex == NULL) @@ -2246,11 +2278,27 @@ else ob->maildir_dir_regex); return FALSE; } - else + + DEBUG(D_transport) + debug_printf("using regex for maildir directory selection: %s\n", + ob->maildir_dir_regex); + + /* Check to see if we are delivering into an ignored directory, that is, + if the delivery path starts with the quota check path, and the rest + of the deliver path matches the regex; if so, set a flag to disable quota + checking and maildirsize updating. */ + + if (Ustrncmp(path, check_path, check_path_len) == 0) { - DEBUG(D_transport) - debug_printf("using regex for maildir directory selection: %s\n", - ob->maildir_dir_regex); + uschar *s = path + check_path_len; + while (*s == '/') s++; + s = (*s == 0)? US "new" : string_sprintf("%s/new", s); + if (pcre_exec(dir_regex, NULL, CS s, Ustrlen(s), 0, 0, NULL, 0) < 0) + { + disable_quota = TRUE; + DEBUG(D_transport) debug_printf("delivery directory does not match " + "maildir_quota_directory_regex: disabling quota\n"); + } } } @@ -2261,6 +2309,7 @@ else /* if (???? || ob->quota_value > 0) */ + if (!disable_quota) { off_t size; int filecount; @@ -2296,13 +2345,15 @@ else } #endif /* SUPPORT_MAILDIR */ - /* Otherwise (mailbox_size is not yet set), if we are going to do a quota - check later on, find the current size of the mailbox. (We don't need to check - ob->quota_filecount_value, because it can only be set if ob->quota_value is - set.) */ + /* Otherwise if we are going to do a quota check later on, and the mailbox + size is not set, find the current size of the mailbox. Ditto for the file + count. Note that ob->quota_filecount_value cannot be set without + ob->quota_value being set. */ - if ((mailbox_size < 0 || mailbox_filecount < 0) && - (ob->quota_value > 0 || THRESHOLD_CHECK)) + if (!disable_quota && + (ob->quota_value > 0 || THRESHOLD_CHECK) && + (mailbox_size < 0 || + (mailbox_filecount < 0 && ob->quota_filecount_value > 0))) { off_t size; int filecount = 0; @@ -2400,6 +2451,8 @@ else addr->message = string_sprintf ("failed to open %s (%d tr%s)", filename, i, (i == 1)? "y" : "ies"); addr->basic_errno = errno; + if (errno == errno_quota || errno == ENOSPC) + addr->user_message = US"mailbox is full"; return FALSE; } @@ -2468,7 +2521,7 @@ else addr->transport_return = PANIC; addr->message = string_sprintf("fdopen of %s (" "for %s transport) failed", filename, tblock->name); - close(fd); + (void)close(fd); Uunlink(filename); return FALSE; } @@ -2486,7 +2539,7 @@ else addr->message = string_sprintf("Expansion of \"%s\" (mailstore " "prefix for %s transport) failed: %s", ob->mailstore_prefix, tblock->name, expand_string_message); - fclose(env_file); + (void)fclose(env_file); Uunlink(filename); return FALSE; } @@ -2515,7 +2568,7 @@ else addr->message = string_sprintf("Expansion of \"%s\" (mailstore " "suffix for %s transport) failed: %s", ob->mailstore_suffix, tblock->name, expand_string_message); - fclose(env_file); + (void)fclose(env_file); Uunlink(filename); return FALSE; } @@ -2578,7 +2631,7 @@ with this message if quota_is_inclusive is set; if it is not set, the check is for the mailbox already being over quota (i.e. the current message is not included in the check). */ -if (ob->quota_value > 0) +if (!disable_quota && ob->quota_value > 0) { DEBUG(D_transport) { @@ -2732,7 +2785,7 @@ if (temp_file != NULL && ob->mbx_format) /* Preserve errno while closing the temporary file. */ mbx_save_errno = errno; - fclose(temp_file); + (void)fclose(temp_file); errno = mbx_save_errno; } #endif /* SUPPORT_MBX */ @@ -2740,7 +2793,7 @@ if (temp_file != NULL && ob->mbx_format) /* Force out the remaining data to check for any errors; some OS don't allow fsync() to be called for a FIFO. */ -if (yield == OK && !isfifo && fsync(fd) < 0) yield = DEFER; +if (yield == OK && !isfifo && EXIMfsync(fd) < 0) yield = DEFER; /* Update message_size to the accurate count of bytes written, including added headers. */ @@ -2748,22 +2801,25 @@ added headers. */ message_size = transport_count; /* If using a maildir++ quota file, add this message's size to it, and -close the file descriptor. */ +close the file descriptor, except when the quota has been disabled because we +are delivering into an uncounted folder. */ #ifdef SUPPORT_MAILDIR -if (yield == OK && maildirsize_fd >= 0) - maildir_record_length(maildirsize_fd, message_size); - -maildir_save_errno = errno; /* Preserve errno while closing the file */ -close(maildirsize_fd); -errno = maildir_save_errno; +if (!disable_quota) + { + if (yield == OK && maildirsize_fd >= 0) + maildir_record_length(maildirsize_fd, message_size); + maildir_save_errno = errno; /* Preserve errno while closing the file */ + (void)close(maildirsize_fd); + errno = maildir_save_errno; + } #endif /* SUPPORT_MAILDIR */ /* If there is a quota warning threshold and we are have crossed it with this message, set the SPECIAL_WARN flag in the address, to cause a warning message to be sent. */ -if (THRESHOLD_CHECK) +if (!disable_quota && THRESHOLD_CHECK) { off_t threshold = ob->quota_warn_threshold_value; if (ob->quota_warn_threshold_is_percent) @@ -2849,6 +2905,7 @@ if (yield != OK) #else addr->message = string_sprintf("mailbox is full"); #endif /* EDQUOT */ + addr->user_message = US"mailbox is full"; DEBUG(D_transport) debug_printf("System quota exceeded for %s%s%s\n", dataname, isdirectory? US"" : US": time since file read = ", @@ -3130,7 +3187,7 @@ if (mbx_lockfd >= 0) debug_printf("unlinking MBX lock file %s\n", mbx_lockname); Uunlink(mbx_lockname); } - close(mbx_lockfd); + (void)close(mbx_lockfd); } #endif /* SUPPORT_MBX */