TFO: early-data for ClamAV and for readsocket expansion

[users/jgh/exim.git] / src / src / moan.c

diff --git a/src/src/moan.c b/src/src/moan.c
index 4503a47e5ed9c6ac6f9d4d711b537d17719fb630..6d922a5a4d87c60336a025c720e5693ef5d50f80 100644 (file)
--- a/src/src/moan.c
+++ b/src/src/moan.c
@@ -1,10 +1,8 @@
-/* $Cambridge: exim/src/src/moan.c,v 1.7 2007/01/08 10:50:18 ph10 Exp $ */
-

 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 

-/* Copyright (c) University of Cambridge 1995 - 2007 */
+/* Copyright (c) University of Cambridge 1995 - 2016 */

 /* See the file NOTICE for conditions of use and distribution. */
 
 /* Functions for sending messages to sender or to mailmaster. */
 /* See the file NOTICE for conditions of use and distribution. */
 
 /* Functions for sending messages to sender or to mailmaster. */


@@ -14,6 +12,34 @@
 
 
 
 
 
 

+/*************************************************
+*            Write From: line for DSN            *
+*************************************************/
+
+/* This function is called to write the From: line in automatically generated
+messages - bounces, warnings, etc. It expands a configuration item in order to
+get the text. If the expansion fails, a panic is logged and the default value
+for the option is used.
+
+Argument:   the FILE to write to
+Returns:    nothing
+*/
+
+void
+moan_write_from(FILE *f)
+{
+uschar *s = expand_string(dsn_from);
+if (s == NULL)
+  {
+  log_write(0, LOG_MAIN|LOG_PANIC,
+    "Failed to expand dsn_from (using default): %s", expand_string_message);
+  s = expand_string(US DEFAULT_DSN_FROM);
+  }
+fprintf(f, "From: %s\n", s);
+}
+
+
+

 /*************************************************
 *              Send error message                *
 *************************************************/
 /*************************************************
 *              Send error message                *
 *************************************************/


@@ -60,129 +86,145 @@ else DEBUG(D_any) debug_printf("Child process %d for sending message\n", pid);
 /* Creation of child succeeded */
 
 f = fdopen(fd, "wb");
 /* Creation of child succeeded */
 
 f = fdopen(fd, "wb");

-if (errors_reply_to != NULL) fprintf(f, "Reply-To: %s\n", errors_reply_to);
+if (errors_reply_to) fprintf(f, "Reply-To: %s\n", errors_reply_to);

 fprintf(f, "Auto-Submitted: auto-replied\n");
 fprintf(f, "Auto-Submitted: auto-replied\n");

-fprintf(f, "From: Mail Delivery System <Mailer-Daemon@%s>\n",
-  qualify_domain_sender);
+moan_write_from(f);

 fprintf(f, "To: %s\n", recipient);
 
 switch(ident)
   {
   case ERRMESS_BADARGADDRESS:
 fprintf(f, "To: %s\n", recipient);
 
 switch(ident)
   {
   case ERRMESS_BADARGADDRESS:

-  fprintf(f,
-  "Subject: Mail failure - malformed recipient address\n\n");
-  fprintf(f,
-  "A message that you sent contained a recipient address that was incorrectly\n"
-  "constructed:\n\n");
-  fprintf(f, "  %s  %s\n", eblock->text1, eblock->text2);
-  count = Ustrlen(eblock->text1);
-  if (count > 0 && eblock->text1[count-1] == '.')

     fprintf(f,
     fprintf(f,

-    "\nRecipient addresses must not end with a '.' character.\n");
-  fprintf(f,
-  "\nThe message has not been delivered to any recipients.\n");
-  break;
+      "Subject: Mail failure - malformed recipient address\n\n");
+    fprintf(f,
+      "A message that you sent contained a recipient address that was incorrectly\n"
+      "constructed:\n\n");
+    fprintf(f, "  %s  %s\n", eblock->text1, eblock->text2);
+    count = Ustrlen(eblock->text1);
+    if (count > 0 && eblock->text1[count-1] == '.')
+      fprintf(f,
+       "\nRecipient addresses must not end with a '.' character.\n");
+    fprintf(f,
+      "\nThe message has not been delivered to any recipients.\n");
+    break;

 
   case ERRMESS_BADNOADDRESS:
   case ERRMESS_BADADDRESS:
 
   case ERRMESS_BADNOADDRESS:
   case ERRMESS_BADADDRESS:

-  fprintf(f,
-  "Subject: Mail failure - malformed recipient address\n\n");
-  fprintf(f,
-  "A message that you sent contained one or more recipient addresses that were\n"
-  "incorrectly constructed:\n\n");
+    fprintf(f,
+      "Subject: Mail failure - malformed recipient address\n\n");
+    fprintf(f,
+      "A message that you sent contained one or more recipient addresses that were\n"
+      "incorrectly constructed:\n\n");

 
 

-  while (eblock != NULL)
-    {
-    fprintf(f, "  %s: %s\n", eblock->text1, eblock->text2);
-    count++;
-    eblock = eblock->next;
-    }
+    while (eblock != NULL)
+      {
+      fprintf(f, "  %s: %s\n", eblock->text1, eblock->text2);
+      count++;
+      eblock = eblock->next;
+      }

 
 

-  fprintf(f, (count == 1)? "\nThis address has been ignored. " :
-    "\nThese addresses have been ignored. ");
+    fprintf(f, (count == 1)? "\nThis address has been ignored. " :
+      "\nThese addresses have been ignored. ");

 
 

-  fprintf(f, (ident == ERRMESS_BADADDRESS)?
-  "The other addresses in the message were\n"
-  "syntactically valid and have been passed on for an attempt at delivery.\n" :
+    fprintf(f, (ident == ERRMESS_BADADDRESS)?
+      "The other addresses in the message were\n"
+      "syntactically valid and have been passed on for an attempt at delivery.\n" :

 
 

-  "There were no other addresses in your\n"
-  "message, and so no attempt at delivery was possible.\n");
-  break;
+      "There were no other addresses in your\n"
+      "message, and so no attempt at delivery was possible.\n");
+    break;

 
   case ERRMESS_IGADDRESS:
 
   case ERRMESS_IGADDRESS:

-  fprintf(f, "Subject: Mail failure - no recipient addresses\n\n");
-  fprintf(f,
-  "A message that you sent using the -t command line option contained no\n"
-  "addresses that were not also on the command line, and were therefore\n"
-  "suppressed. This left no recipient addresses, and so no delivery could\n"
-  "be attempted.\n");
-  break;
+    fprintf(f, "Subject: Mail failure - no recipient addresses\n\n");
+    fprintf(f,
+      "A message that you sent using the -t command line option contained no\n"
+      "addresses that were not also on the command line, and were therefore\n"
+      "suppressed. This left no recipient addresses, and so no delivery could\n"
+      "be attempted.\n");
+    break;

 
   case ERRMESS_NOADDRESS:
 
   case ERRMESS_NOADDRESS:

-  fprintf(f, "Subject: Mail failure - no recipient addresses\n\n");
-  fprintf(f,
-  "A message that you sent contained no recipient addresses, and therefore no\n"
-  "delivery could be attempted.\n");
-  break;
+    fprintf(f, "Subject: Mail failure - no recipient addresses\n\n");
+    fprintf(f,
+      "A message that you sent contained no recipient addresses, and therefore no\n"
+      "delivery could be attempted.\n");
+    break;

 
   case ERRMESS_IOERR:
 
   case ERRMESS_IOERR:

-  fprintf(f, "Subject: Mail failure - system failure\n\n");
-  fprintf(f,
-  "A system failure was encountered while processing a message that you sent,\n"
-  "so it has not been possible to deliver it. The error was:\n\n%s\n",
-    eblock->text1);
-  break;
+    fprintf(f, "Subject: Mail failure - system failure\n\n");
+    fprintf(f,
+      "A system failure was encountered while processing a message that you sent,\n"
+      "so it has not been possible to deliver it. The error was:\n\n%s\n",
+      eblock->text1);
+    break;

 
   case ERRMESS_VLONGHEADER:
 
   case ERRMESS_VLONGHEADER:

-  fprintf(f, "Subject: Mail failure - overlong header section\n\n");
-  fprintf(f,
-  "A message that you sent contained a header section that was excessively\n"
-  "long and could not be handled by the mail transmission software. The\n"
-  "message has not been delivered to any recipients.\n");
-  break;
+    fprintf(f, "Subject: Mail failure - overlong header section\n\n");
+    fprintf(f,
+      "A message that you sent contained a header section that was excessively\n"
+      "long and could not be handled by the mail transmission software. The\n"
+      "message has not been delivered to any recipients.\n");
+    break;

 
   case ERRMESS_VLONGHDRLINE:
 
   case ERRMESS_VLONGHDRLINE:

-  fprintf(f, "Subject: Mail failure - overlong header line\n\n");
-  fprintf(f,
-  "A message that you sent contained a header line that was excessively\n"
-  "long and could not be handled by the mail transmission software. The\n"
-  "message has not been delivered to any recipients.\n");
-  break;
+    fprintf(f, "Subject: Mail failure - overlong header line\n\n");
+    fprintf(f,
+      "A message that you sent contained a header line that was excessively\n"
+      "long and could not be handled by the mail transmission software. The\n"
+      "message has not been delivered to any recipients.\n");
+    break;

 
   case ERRMESS_TOOBIG:
 
   case ERRMESS_TOOBIG:

-  fprintf(f, "Subject: Mail failure - message too big\n\n");
-  fprintf(f,
-  "A message that you sent was longer than the maximum size allowed on this\n"
-  "system. It was not delivered to any recipients.\n");
-  break;
+    fprintf(f, "Subject: Mail failure - message too big\n\n");
+    fprintf(f,
+      "A message that you sent was longer than the maximum size allowed on this\n"
+      "system. It was not delivered to any recipients.\n");
+    break;

 
   case ERRMESS_TOOMANYRECIP:
 
   case ERRMESS_TOOMANYRECIP:

-  fprintf(f, "Subject: Mail failure - too many recipients\n\n");
-  fprintf(f,
-  "A message that you sent contained more recipients than allowed on this\n"
-  "system. It was not delivered to any recipients.\n");
-  break;
+    fprintf(f, "Subject: Mail failure - too many recipients\n\n");
+    fprintf(f,
+      "A message that you sent contained more recipients than allowed on this\n"
+      "system. It was not delivered to any recipients.\n");
+    break;

 
   case ERRMESS_LOCAL_SCAN:
   case ERRMESS_LOCAL_ACL:
 
   case ERRMESS_LOCAL_SCAN:
   case ERRMESS_LOCAL_ACL:

-  fprintf(f, "Subject: Mail failure - rejected by local scanning code\n\n");
-  fprintf(f,
-  "A message that you sent was rejected by the local scanning code that\n"
-  "checks incoming messages on this system.");
-  if (eblock->text1 != NULL)
-    {
+    fprintf(f, "Subject: Mail failure - rejected by local scanning code\n\n");

     fprintf(f,
     fprintf(f,

-    " The following error was given:\n\n  %s", eblock->text1);
-    }
+      "A message that you sent was rejected by the local scanning code that\n"
+      "checks incoming messages on this system.");
+      if (eblock->text1)
+       fprintf(f, " The following error was given:\n\n  %s", eblock->text1);

   fprintf(f, "\n");
   break;
 
   fprintf(f, "\n");
   break;
 

-  default:
-  fprintf(f, "Subject: Mail failure\n\n");
-  fprintf(f,
-  "A message that you sent has caused the error routine to be entered with\n"
-  "an unknown error number (%d).\n", ident);
+#ifdef EXPERIMENTAL_DMARC
+  case ERRMESS_DMARC_FORENSIC:
+    bounce_return_message = TRUE;
+    bounce_return_body    = FALSE;
+    fprintf(f,
+          "Subject: DMARC Forensic Report for %s from IP %s\n\n",
+         ((eblock == NULL) ? US"Unknown" : eblock->text2),
+          sender_host_address);
+    fprintf(f,
+      "A message claiming to be from you has failed the published DMARC\n"
+      "policy for your domain.\n\n");
+    while (eblock != NULL)
+      {
+      fprintf(f, "  %s: %s\n", eblock->text1, eblock->text2);
+      count++;
+      eblock = eblock->next;
+      }

   break;
   break;

+#endif
+
+  default:
+    fprintf(f, "Subject: Mail failure\n\n");
+    fprintf(f,
+      "A message that you sent has caused the error routine to be entered with\n"
+      "an unknown error number (%d).\n", ident);
+    break;

   }
 
 /* Now, if configured, copy the message; first the headers and then the rest of
   }
 
 /* Now, if configured, copy the message; first the headers and then the rest of


@@ -222,7 +264,7 @@ if (bounce_return_message)
   /* If the error occurred before the Received: header was created, its text
   field will still be NULL; just omit such a header line. */
 
   /* If the error occurred before the Received: header was created, its text
   field will still be NULL; just omit such a header line. */
 

-  while (headers != NULL)
+  while (headers)

     {
     if (headers->text != NULL) fprintf(f, "%s", CS headers->text);
     headers = headers->next;
     {
     if (headers->text != NULL) fprintf(f, "%s", CS headers->text);
     headers = headers->next;


@@ -235,28 +277,51 @@ if (bounce_return_message)
   in which case we might have to terminate on a line containing just "."
   as well as on EOF. We may already have the first line in memory. */
 
   in which case we might have to terminate on a line containing just "."
   as well as on EOF. We may already have the first line in memory. */
 

-  if (bounce_return_body && message_file != NULL)
+  if (bounce_return_body && message_file)

     {
     {

-    int ch;
-    int state = 1;

     BOOL enddot = dot_ends && message_file == stdin;
     BOOL enddot = dot_ends && message_file == stdin;

-    if (firstline != NULL) fprintf(f, "%s", CS firstline);
-    while ((ch = fgetc(message_file)) != EOF)
+    uschar * buf = store_get(bounce_return_linesize_limit+2);
+
+    if (firstline) fprintf(f, "%s", CS firstline);
+
+    while (fgets(CS buf, bounce_return_linesize_limit+2, message_file))

       {
       {

-      fputc(ch, f);
-      if (size_limit > 0 && ++written > size_limit) break;
-      if (enddot)
-        {
-        if (state == 0) { if (ch == '\n') state = 1; }
-        else if (state == 1)
-          { if (ch == '.') state = 2; else if (ch != '\n') state = 0; }
-        else
-          { if (ch == '\n') break; else state = 0; }
-        }
+      int len;
+
+      if (enddot && *buf == '.' && buf[1] == '\n')
+       {
+       fputc('.', f);
+       break;
+       }
+
+      len = Ustrlen(buf);
+      if (buf[len-1] != '\n')
+       {       /* eat rest of partial line */
+       int ch;
+       while ((ch = fgetc(message_file)) != EOF && ch != '\n') ;
+       }
+
+      if (size_limit > 0 && len > size_limit - written)
+       {
+       buf[size_limit - written] = '\0';
+       fputs(CS buf, f);
+       break;
+       }
+
+      fputs(CS buf, f);

       }
     }
       }
     }

+#ifdef EXPERIMENTAL_DMARC
+  /* Overkill, but use exact test in case future code gets inserted */
+  else if (bounce_return_body && message_file == NULL)
+    {
+    /*XXX limit line length here? */
+    /* This doesn't print newlines, disable until can parse and fix
+     * output to be legible.  */
+    fprintf(f, "%s", expand_string(US"$message_body"));
+    }
+#endif

   }
   }

-

 /* Close the file, which should send an EOF to the child process
 that is receiving the message. Wait for it to finish, without a timeout. */
 
 /* Close the file, which should send an EOF to the child process
 that is receiving the message. Wait for it to finish, without a timeout. */
 


@@ -312,24 +377,24 @@ moan_to_sender(int ident, error_block *eblock, header_line *headers,
 uschar *firstline = NULL;
 uschar *msg = US"Error while reading message with no usable sender address";
 
 uschar *firstline = NULL;
 uschar *msg = US"Error while reading message with no usable sender address";
 

-if (message_reference != NULL)
+if (message_reference)

   msg = string_sprintf("%s (R=%s)", msg, message_reference);
 
 /* Find the sender from a From line if permitted and possible */
 
   msg = string_sprintf("%s (R=%s)", msg, message_reference);
 
 /* Find the sender from a From line if permitted and possible */
 

-if (check_sender && message_file != NULL && trusted_caller &&
+if (check_sender && message_file && trusted_caller &&

     Ufgets(big_buffer, BIG_BUFFER_SIZE, message_file) != NULL)
   {
   uschar *new_sender = NULL;
   if (regex_match_and_setup(regex_From, big_buffer, 0, -1))
     new_sender = expand_string(uucp_from_sender);
     Ufgets(big_buffer, BIG_BUFFER_SIZE, message_file) != NULL)
   {
   uschar *new_sender = NULL;
   if (regex_match_and_setup(regex_From, big_buffer, 0, -1))
     new_sender = expand_string(uucp_from_sender);

-  if (new_sender != NULL) sender_address = new_sender;
+  if (new_sender) sender_address = new_sender;

     else firstline = big_buffer;
   }
 
 /* If viable sender address, send a message */
 
     else firstline = big_buffer;
   }
 
 /* If viable sender address, send a message */
 

-if (sender_address != NULL && sender_address[0] != 0 && !local_error_message)
+if (sender_address && sender_address[0] && !local_error_message)

   return moan_send_message(sender_address, ident, eblock, headers,
     message_file, firstline);
 
   return moan_send_message(sender_address, ident, eblock, headers,
     message_file, firstline);
 


@@ -410,8 +475,8 @@ Returns:        nothing
 */
 
 void
 */
 
 void

-moan_tell_someone(uschar *who, address_item *addr, uschar *subject,
-  char *format, ...)
+moan_tell_someone(uschar *who, address_item *addr,
+  const uschar *subject, const char *format, ...)

 {
 FILE *f;
 va_list ap;
 {
 FILE *f;
 va_list ap;


@@ -427,8 +492,7 @@ if (pid < 0)
 
 f = fdopen(fd, "wb");
 fprintf(f, "Auto-Submitted: auto-replied\n");
 
 f = fdopen(fd, "wb");
 fprintf(f, "Auto-Submitted: auto-replied\n");

-fprintf(f, "From: Mail Delivery System <Mailer-Daemon@%s>\n",
-  qualify_domain_sender);
+moan_write_from(f);

 fprintf(f, "To: %s\n", who);
 fprintf(f, "Subject: %s\n\n", subject);
 va_start(ap, format);
 fprintf(f, "To: %s\n", who);
 fprintf(f, "Subject: %s\n\n", subject);
 va_start(ap, format);


@@ -479,7 +543,7 @@ Returns:       does not return; exits from the program
 */
 
 void
 */
 
 void

-moan_smtp_batch(uschar *cmd_buffer, char *format, ...)
+moan_smtp_batch(uschar *cmd_buffer, const char *format, ...)

 {
 va_list ap;
 int yield = (receive_messagecount > 0)? 1 : 2;
 {
 va_list ap;
 int yield = (receive_messagecount > 0)? 1 : 2;


@@ -546,7 +610,7 @@ uschar *
 moan_check_errorcopy(uschar *recipient)
 {
 uschar *item, *localpart, *domain;
 moan_check_errorcopy(uschar *recipient)
 {
 uschar *item, *localpart, *domain;

-uschar *listptr = errors_copy;
+const uschar *listptr = errors_copy;

 uschar *yield = NULL;
 uschar buffer[256];
 int sep = 0;
 uschar *yield = NULL;
 uschar buffer[256];
 int sep = 0;


@@ -558,7 +622,7 @@ if (errors_copy == NULL) return NULL;
 length of the local part. */
 
 localpart = recipient;
 length of the local part. */
 
 localpart = recipient;

-domain = Ustrchr(recipient, '@');
+domain = Ustrrchr(recipient, '@');

 if (domain == NULL) return NULL;  /* should not occur, but avoid crash */
 llen = domain++ - recipient;
 
 if (domain == NULL) return NULL;  /* should not occur, but avoid crash */
 llen = domain++ - recipient;
 


@@ -567,8 +631,8 @@ llen = domain++ - recipient;
 while ((item = string_nextinlist(&listptr, &sep, buffer, sizeof(buffer)))
        != NULL)
   {
 while ((item = string_nextinlist(&listptr, &sep, buffer, sizeof(buffer)))
        != NULL)
   {

-  uschar *newaddress = item;
-  uschar *pattern = string_dequote(&newaddress);
+  const uschar *newaddress = item;
+  const uschar *pattern = string_dequote(&newaddress);

 
   /* If no new address found, just skip this item. */
 
 
   /* If no new address found, just skip this item. */
 


@@ -584,10 +648,7 @@ while ((item = string_nextinlist(&listptr, &sep, buffer, sizeof(buffer)))
   if (match_address_list(recipient, TRUE, TRUE, &pattern, NULL, 0, UCHAR_MAX+1,
         NULL) == OK)
     {
   if (match_address_list(recipient, TRUE, TRUE, &pattern, NULL, 0, UCHAR_MAX+1,
         NULL) == OK)
     {

-    uschar temp[256];
-    Ustrncpy(temp, localpart, llen);
-    temp[llen] = 0;
-    deliver_localpart = temp;
+    deliver_localpart = string_copyn(localpart, llen);

     deliver_domain = domain;
     yield = expand_string_copy(newaddress);
     deliver_domain = deliver_localpart = NULL;
     deliver_domain = domain;
     yield = expand_string_copy(newaddress);
     deliver_domain = deliver_localpart = NULL;


@@ -671,8 +732,7 @@ if (pid < 0)
 
 f = fdopen(fd, "wb");
 fprintf(f, "Auto-Submitted: auto-replied\n");
 
 f = fdopen(fd, "wb");
 fprintf(f, "Auto-Submitted: auto-replied\n");

-fprintf(f, "From: Mail Delivery System <Mailer-Daemon@%s>\n",
-  qualify_domain_sender);
+moan_write_from(f);

 fprintf(f, "To: %s\n", s);
 fprintf(f, "Subject: error(s) in forwarding or filtering\n\n");
 
 fprintf(f, "To: %s\n", s);
 fprintf(f, "Subject: error(s) in forwarding or filtering\n\n");