2 * Copyright (c) 1999-2004, 2006, 2007 Sendmail, Inc. and its suppliers.
5 * By using this file, you agree to the terms and conditions set
6 * forth in the LICENSE file which can be found at the top level of
7 * the sendmail distribution.
12 SM_RCSID("@(#)$Id: engine.c,v 8.159 2007/04/23 22:22:50 ca Exp $")
14 #include "libmilter.h"
16 #if NETINET || NETINET6
17 # include <arpa/inet.h>
18 #endif /* NETINET || NETINET6 */
20 /* generic argument for functions in the command table */
23 size_t a_len; /* length of buffer */
24 char *a_buf; /* argument string */
25 int a_idx; /* index for macro array */
26 SMFICTX_PTR a_ctx; /* context */
29 typedef struct arg_struct genarg;
31 /* structure for commands received from MTA */
34 char cm_cmd; /* command */
35 int cm_argt; /* type of arguments expected */
36 int cm_next; /* next state */
37 int cm_todo; /* what to do next */
38 int cm_macros; /* index for macros */
39 int (*cm_fct) __P((genarg *)); /* function to execute */
42 typedef struct cmdfct_t cmdfct;
44 /* possible values for cm_argt */
45 #define CM_ARG0 0 /* no args */
46 #define CM_ARG1 1 /* one arg (string) */
47 #define CM_ARG2 2 /* two args (strings) */
48 #define CM_ARGA 4 /* one string and _SOCK_ADDR */
49 #define CM_ARGO 5 /* two integers */
50 #define CM_ARGV 8 /* \0 separated list of args, NULL-terminated */
51 #define CM_ARGN 9 /* \0 separated list of args (strings) */
53 /* possible values for cm_todo */
54 #define CT_CONT 0x0000 /* continue reading commands */
55 #define CT_IGNO 0x0001 /* continue even when error */
57 /* not needed right now, done via return code instead */
58 #define CT_KEEP 0x0004 /* keep buffer (contains symbols) */
59 #define CT_END 0x0008 /* last command of session, stop replying */
61 /* index in macro array: macros only for these commands */
70 #define CI_LAST CI_EOH
72 ERROR: do not compile with CI_LAST < CI_DATA
75 ERROR: do not compile with CI_LAST < CI_EOM
78 ERROR: do not compile with CI_LAST < CI_EOH
80 #if CI_LAST < CI_ENVRCPT
81 ERROR: do not compile with CI_LAST < CI_ENVRCPT
83 #if CI_LAST < CI_ENVFROM
84 ERROR: do not compile with CI_LAST < CI_ENVFROM
87 ERROR: do not compile with CI_LAST < CI_HELO
89 #if CI_LAST < CI_CONNECT
90 ERROR: do not compile with CI_LAST < CI_CONNECT
92 #if CI_LAST >= MAX_MACROS_ENTRIES
93 ERROR: do not compile with CI_LAST >= MAX_MACROS_ENTRIES
96 /* function prototypes */
97 static int st_abortfct __P((genarg *));
98 static int st_macros __P((genarg *));
99 static int st_optionneg __P((genarg *));
100 static int st_bodychunk __P((genarg *));
101 static int st_connectinfo __P((genarg *));
102 static int st_bodyend __P((genarg *));
103 static int st_helo __P((genarg *));
104 static int st_header __P((genarg *));
105 static int st_sender __P((genarg *));
106 static int st_rcpt __P((genarg *));
107 static int st_unknown __P((genarg *));
108 static int st_data __P((genarg *));
109 static int st_eoh __P((genarg *));
110 static int st_quit __P((genarg *));
111 static int sendreply __P((sfsistat, socket_t, struct timeval *, SMFICTX_PTR));
112 static void fix_stm __P((SMFICTX_PTR));
113 static bool trans_ok __P((int, int));
114 static char **dec_argv __P((char *, size_t));
115 static int dec_arg2 __P((char *, size_t, char **, char **));
117 #if _FFR_WORKERS_POOL
118 static bool mi_rd_socket_ready __P((int));
119 #endif /* _FFR_WORKERS_POOL */
123 #define ST_INIT 0 /* initial state */
124 #define ST_OPTS 1 /* option negotiation */
125 #define ST_CONN 2 /* connection info */
126 #define ST_HELO 3 /* helo */
127 #define ST_MAIL 4 /* mail from */
128 #define ST_RCPT 5 /* rcpt to */
129 #define ST_DATA 6 /* data */
130 #define ST_HDRS 7 /* headers */
131 #define ST_EOHS 8 /* end of headers */
132 #define ST_BODY 9 /* body */
133 #define ST_ENDM 10 /* end of message */
134 #define ST_QUIT 11 /* quit */
135 #define ST_ABRT 12 /* abort */
136 #define ST_UNKN 13 /* unknown SMTP command */
137 #define ST_Q_NC 14 /* quit, new connection follows */
138 #define ST_LAST ST_Q_NC /* last valid state */
139 #define ST_SKIP 16 /* not a state but required for the state table */
141 /* in a mail transaction? must be before eom according to spec. */
142 #define ST_IN_MAIL(st) ((st) >= ST_MAIL && (st) < ST_ENDM)
145 ** set of next states
146 ** each state (ST_*) corresponds to bit in an int value (1 << state)
147 ** each state has a set of allowed transitions ('or' of bits of states)
148 ** so a state transition is valid if the mask of the next state
149 ** is set in the NX_* value
150 ** this function is coded in trans_ok(), see below.
153 #define MI_MASK(x) (0x0001 << (x)) /* generate a bit "mask" for a state */
154 #define NX_INIT (MI_MASK(ST_OPTS))
155 #define NX_OPTS (MI_MASK(ST_CONN) | MI_MASK(ST_UNKN))
156 #define NX_CONN (MI_MASK(ST_HELO) | MI_MASK(ST_MAIL) | MI_MASK(ST_UNKN))
157 #define NX_HELO (MI_MASK(ST_HELO) | MI_MASK(ST_MAIL) | MI_MASK(ST_UNKN))
158 #define NX_MAIL (MI_MASK(ST_RCPT) | MI_MASK(ST_ABRT) | MI_MASK(ST_UNKN))
159 #define NX_RCPT (MI_MASK(ST_HDRS) | MI_MASK(ST_EOHS) | MI_MASK(ST_DATA) | \
160 MI_MASK(ST_BODY) | MI_MASK(ST_ENDM) | \
161 MI_MASK(ST_RCPT) | MI_MASK(ST_ABRT) | MI_MASK(ST_UNKN))
162 #define NX_DATA (MI_MASK(ST_EOHS) | MI_MASK(ST_HDRS) | MI_MASK(ST_ABRT))
163 #define NX_HDRS (MI_MASK(ST_EOHS) | MI_MASK(ST_HDRS) | MI_MASK(ST_ABRT))
164 #define NX_EOHS (MI_MASK(ST_BODY) | MI_MASK(ST_ENDM) | MI_MASK(ST_ABRT))
165 #define NX_BODY (MI_MASK(ST_ENDM) | MI_MASK(ST_BODY) | MI_MASK(ST_ABRT))
166 #define NX_ENDM (MI_MASK(ST_QUIT) | MI_MASK(ST_MAIL) | MI_MASK(ST_UNKN) | \
170 #define NX_UNKN (MI_MASK(ST_HELO) | MI_MASK(ST_MAIL) | \
171 MI_MASK(ST_RCPT) | MI_MASK(ST_ABRT) | \
173 MI_MASK(ST_BODY) | MI_MASK(ST_UNKN) | \
174 MI_MASK(ST_ABRT) | MI_MASK(ST_QUIT) | MI_MASK(ST_Q_NC))
175 #define NX_Q_NC (MI_MASK(ST_CONN) | MI_MASK(ST_UNKN))
176 #define NX_SKIP MI_MASK(ST_SKIP)
178 static int next_states[] =
197 #define SIZE_NEXT_STATES (sizeof(next_states) / sizeof(next_states[0]))
199 /* commands received by milter */
200 static cmdfct cmds[] =
202 {SMFIC_ABORT, CM_ARG0, ST_ABRT, CT_CONT, CI_NONE, st_abortfct }
203 , {SMFIC_MACRO, CM_ARGV, ST_NONE, CT_KEEP, CI_NONE, st_macros }
204 , {SMFIC_BODY, CM_ARG1, ST_BODY, CT_CONT, CI_NONE, st_bodychunk }
205 , {SMFIC_CONNECT, CM_ARG2, ST_CONN, CT_CONT, CI_CONN, st_connectinfo }
206 , {SMFIC_BODYEOB, CM_ARG1, ST_ENDM, CT_CONT, CI_EOM, st_bodyend }
207 , {SMFIC_HELO, CM_ARG1, ST_HELO, CT_CONT, CI_HELO, st_helo }
208 , {SMFIC_HEADER, CM_ARG2, ST_HDRS, CT_CONT, CI_NONE, st_header }
209 , {SMFIC_MAIL, CM_ARGV, ST_MAIL, CT_CONT, CI_MAIL, st_sender }
210 , {SMFIC_OPTNEG, CM_ARGO, ST_OPTS, CT_CONT, CI_NONE, st_optionneg }
211 , {SMFIC_EOH, CM_ARG0, ST_EOHS, CT_CONT, CI_EOH, st_eoh }
212 , {SMFIC_QUIT, CM_ARG0, ST_QUIT, CT_END, CI_NONE, st_quit }
213 , {SMFIC_DATA, CM_ARG0, ST_DATA, CT_CONT, CI_DATA, st_data }
214 , {SMFIC_RCPT, CM_ARGV, ST_RCPT, CT_IGNO, CI_RCPT, st_rcpt }
215 , {SMFIC_UNKNOWN, CM_ARG1, ST_UNKN, CT_IGNO, CI_NONE, st_unknown }
216 , {SMFIC_QUIT_NC, CM_ARG0, ST_Q_NC, CT_CONT, CI_NONE, st_quit }
220 ** Additional (internal) reply codes;
221 ** must be coordinated wit libmilter/mfapi.h
224 #define _SMFIS_KEEP 20
225 #define _SMFIS_ABORT 21
226 #define _SMFIS_OPTIONS 22
227 #define _SMFIS_NOREPLY SMFIS_NOREPLY
228 #define _SMFIS_FAIL (-1)
229 #define _SMFIS_NONE (-2)
232 ** MI_ENGINE -- receive commands and process them
235 ** ctx -- context structure
238 ** MI_FAILURE/MI_SUCCESS
248 int ret = MI_SUCCESS;
249 int ncmds = sizeof(cmds) / sizeof(cmdfct);
250 int curstate = ST_INIT;
257 struct timeval timeout;
258 int (*f) __P((genarg *));
259 sfsistat (*fi_abort) __P((SMFICTX *));
260 sfsistat (*fi_close) __P((SMFICTX *));
264 fi_abort = ctx->ctx_smfi->xxfi_abort;
265 #if _FFR_WORKERS_POOL
266 curstate = ctx->ctx_state;
267 if (curstate == ST_INIT)
269 mi_clr_macros(ctx, 0);
272 #else /* _FFR_WORKERS_POOL */
273 mi_clr_macros(ctx, 0);
275 #endif /* _FFR_WORKERS_POOL */
279 /* call abort only if in a mail transaction */
280 call_abort = ST_IN_MAIL(curstate);
281 timeout.tv_sec = ctx->ctx_timeout;
283 if (mi_stop() == MILTER_ABRT)
285 if (ctx->ctx_dbg > 3)
286 sm_dprintf("[%ld] milter_abort\n",
293 ** Notice: buf is allocated by mi_rd_cmd() and it will
294 ** usually be free()d after it has been used in f().
295 ** However, if the function returns _SMFIS_KEEP then buf
296 ** contains macros and will not be free()d.
297 ** Hence r must be set to _SMFIS_NONE if a new buf is
298 ** allocated to avoid problem with housekeeping, esp.
299 ** if the code "break"s out of the loop.
302 #if _FFR_WORKERS_POOL
303 /* Is the socket ready to be read ??? */
304 if (!mi_rd_socket_ready(sd))
309 #endif /* _FFR_WORKERS_POOL */
312 if ((buf = mi_rd_cmd(sd, &timeout, &cmd, &len,
313 ctx->ctx_smfi->xxfi_name)) == NULL &&
314 cmd < SMFIC_VALIDCMD)
316 if (ctx->ctx_dbg > 5)
317 sm_dprintf("[%ld] mi_engine: mi_rd_cmd error (%x)\n",
318 (long) ctx->ctx_id, (int) cmd);
321 ** eof is currently treated as failure ->
322 ** abort() instead of close(), otherwise use:
323 ** if (cmd != SMFIC_EOF)
329 if (ctx->ctx_dbg > 4)
330 sm_dprintf("[%ld] got cmd '%c' len %d\n",
331 (long) ctx->ctx_id, cmd, (int) len);
332 for (i = 0; i < ncmds; i++)
334 if (cmd == cmds[i].cm_cmd)
339 /* unknown command */
340 if (ctx->ctx_dbg > 1)
341 sm_dprintf("[%ld] cmd '%c' unknown\n",
342 (long) ctx->ctx_id, cmd);
346 if ((f = cmds[i].cm_fct) == NULL)
349 if (ctx->ctx_dbg > 1)
350 sm_dprintf("[%ld] cmd '%c' not impl\n",
351 (long) ctx->ctx_id, cmd);
356 /* is new state ok? */
357 newstate = cmds[i].cm_next;
358 if (ctx->ctx_dbg > 5)
359 sm_dprintf("[%ld] cur %x new %x nextmask %x\n",
361 curstate, newstate, next_states[curstate]);
363 if (newstate != ST_NONE && !trans_ok(curstate, newstate))
365 if (ctx->ctx_dbg > 1)
366 sm_dprintf("[%ld] abort: cur %d (%x) new %d (%x) next %x\n",
368 curstate, MI_MASK(curstate),
369 newstate, MI_MASK(newstate),
370 next_states[curstate]);
372 /* call abort only if in a mail transaction */
373 if (fi_abort != NULL && call_abort)
374 (void) (*fi_abort)(ctx);
377 ** try to reach the new state from HELO
378 ** if it can't be reached, ignore the command.
382 if (!trans_ok(curstate, newstate))
394 if (newstate != ST_NONE)
397 ctx->ctx_state = curstate;
399 arg.a_idx = cmds[i].cm_macros;
400 call_abort = ST_IN_MAIL(curstate);
402 /* call function to deal with command */
403 MI_MONITOR_BEGIN(ctx, cmd);
405 MI_MONITOR_END(ctx, cmd);
406 if (r != _SMFIS_KEEP && buf != NULL)
411 if (sendreply(r, sd, &timeout, ctx) != MI_SUCCESS)
417 if (r == SMFIS_ACCEPT)
419 /* accept mail, no further actions taken */
422 else if (r == SMFIS_REJECT || r == SMFIS_DISCARD ||
426 ** further actions depend on current state
427 ** if the IGNO bit is set: "ignore" the error,
428 ** i.e., stay in the current state
430 if (!bitset(CT_IGNO, cmds[i].cm_todo))
433 else if (r == _SMFIS_ABORT)
435 if (ctx->ctx_dbg > 5)
436 sm_dprintf("[%ld] function returned abort\n",
441 } while (!bitset(CT_END, cmds[i].cm_todo));
443 ctx->ctx_state = curstate;
445 if (ret == MI_FAILURE)
447 /* call abort only if in a mail transaction */
448 if (fi_abort != NULL && call_abort)
449 (void) (*fi_abort)(ctx);
452 /* has close been called? */
453 if (ctx->ctx_state != ST_QUIT
454 #if _FFR_WORKERS_POOL
455 && ret != MI_CONTINUE
456 #endif /* _FFR_WORKERS_POOL */
459 if ((fi_close = ctx->ctx_smfi->xxfi_close) != NULL)
460 (void) (*fi_close)(ctx);
462 if (r != _SMFIS_KEEP && buf != NULL)
464 #if !_FFR_WORKERS_POOL
465 mi_clr_macros(ctx, 0);
466 #endif /* _FFR_WORKERS_POOL */
470 static size_t milter_addsymlist __P((SMFICTX_PTR, char *, char **));
473 milter_addsymlist(ctx, buf, newbuf)
483 SM_ASSERT(ctx != NULL);
484 SM_ASSERT(buf != NULL);
485 SM_ASSERT(newbuf != NULL);
487 for (i = 0; i < MAX_MACROS_ENTRIES; i++)
489 if (ctx->ctx_mac_list[i] != NULL)
491 len += strlen(ctx->ctx_mac_list[i]) + 1 +
499 SM_ASSERT(len + MILTER_OPTLEN > len);
500 len += MILTER_OPTLEN;
501 buffer = malloc(len);
504 (void) memcpy(buffer, buf, MILTER_OPTLEN);
505 offset = MILTER_OPTLEN;
506 for (i = 0; i < MAX_MACROS_ENTRIES; i++)
510 if (ctx->ctx_mac_list[i] == NULL)
513 SM_ASSERT(offset + MILTER_LEN_BYTES < len);
515 (void) memcpy(buffer + offset, (void *) &v,
517 offset += MILTER_LEN_BYTES;
518 l = strlen(ctx->ctx_mac_list[i]) + 1;
519 SM_ASSERT(offset + l <= len);
520 (void) memcpy(buffer + offset,
521 ctx->ctx_mac_list[i], l);
540 ** GET_NR_BIT -- get "no reply" bit matching state
543 ** state -- current protocol stage
546 ** 0: no matching bit
547 ** >0: the matching "no reply" bit
550 static unsigned long get_nr_bit __P((int));
595 ** SENDREPLY -- send a reply to the MTA
599 ** sd -- socket descriptor
600 ** timeout_ptr -- (ptr to) timeout to use for sending
601 ** ctx -- context structure
604 ** MI_SUCCESS/MI_FAILURE
608 sendreply(r, sd, timeout_ptr, ctx)
611 struct timeval *timeout_ptr;
619 bit = get_nr_bit(ctx->ctx_state);
620 if (bit != 0 && (ctx->ctx_pflags & bit) != 0 && r != SMFIS_NOREPLY)
622 if (r >= SMFIS_CONTINUE && r < _SMFIS_KEEP)
624 /* milter said it wouldn't reply, but it lied... */
626 "%s: milter claimed not to reply in state %d but did anyway %d\n",
627 ctx->ctx_smfi->xxfi_name,
633 ** Force specified behavior, otherwise libmilter
634 ** and MTA will fail to communicate properly.
654 ret = mi_wr_cmd(sd, timeout_ptr, SMFIR_CONTINUE, NULL, 0);
658 if (ctx->ctx_reply != NULL &&
659 ((r == SMFIS_TEMPFAIL && *ctx->ctx_reply == '4') ||
660 (r == SMFIS_REJECT && *ctx->ctx_reply == '5')))
662 ret = mi_wr_cmd(sd, timeout_ptr, SMFIR_REPLYCODE,
664 strlen(ctx->ctx_reply) + 1);
665 free(ctx->ctx_reply);
666 ctx->ctx_reply = NULL;
670 ret = mi_wr_cmd(sd, timeout_ptr, r == SMFIS_REJECT ?
671 SMFIR_REJECT : SMFIR_TEMPFAIL, NULL, 0);
675 ret = mi_wr_cmd(sd, timeout_ptr, SMFIR_DISCARD, NULL, 0);
678 ret = mi_wr_cmd(sd, timeout_ptr, SMFIR_ACCEPT, NULL, 0);
681 ret = mi_wr_cmd(sd, timeout_ptr, SMFIR_SKIP, NULL, 0);
688 char buf[MILTER_OPTLEN];
690 v = htonl(ctx->ctx_prot_vers2mta);
691 (void) memcpy(&(buf[0]), (void *) &v,
693 v = htonl(ctx->ctx_aflags);
694 (void) memcpy(&(buf[MILTER_LEN_BYTES]), (void *) &v,
696 v = htonl(ctx->ctx_pflags2mta);
697 (void) memcpy(&(buf[MILTER_LEN_BYTES * 2]),
698 (void *) &v, MILTER_LEN_BYTES);
699 len = milter_addsymlist(ctx, buf, &buffer);
701 ret = mi_wr_cmd(sd, timeout_ptr, SMFIC_OPTNEG,
709 (ctx->ctx_pflags & bit) != 0 &&
710 (ctx->ctx_mta_pflags & bit) == 0)
713 ** milter doesn't want to send a reply,
714 ** but the MTA doesn't have that feature: fake it.
717 ret = mi_wr_cmd(sd, timeout_ptr, SMFIR_CONTINUE, NULL,
721 default: /* don't send a reply */
728 ** CLR_MACROS -- clear set of macros starting from a given index
731 ** ctx -- context structure
732 ** m -- index from which to clear all macros
739 mi_clr_macros(ctx, m)
745 for (i = m; i < MAX_MACROS_ENTRIES; i++)
747 if (ctx->ctx_mac_ptr[i] != NULL)
749 free(ctx->ctx_mac_ptr[i]);
750 ctx->ctx_mac_ptr[i] = NULL;
752 if (ctx->ctx_mac_buf[i] != NULL)
754 free(ctx->ctx_mac_buf[i]);
755 ctx->ctx_mac_buf[i] = NULL;
761 ** ST_OPTIONNEG -- negotiate options
764 ** g -- generic argument structure
767 ** abort/send options/continue
774 mi_int32 i, v, fake_pflags;
776 int (*fi_negotiate) __P((SMFICTX *,
777 unsigned long, unsigned long,
778 unsigned long, unsigned long,
779 unsigned long *, unsigned long *,
780 unsigned long *, unsigned long *));
782 if (g == NULL || g->a_ctx->ctx_smfi == NULL)
783 return SMFIS_CONTINUE;
785 mi_clr_macros(ctx, g->a_idx + 1);
786 ctx->ctx_prot_vers = SMFI_PROT_VERSION;
788 /* check for minimum length */
789 if (g->a_len < MILTER_OPTLEN)
792 "%s: st_optionneg[%ld]: len too short %d < %d",
793 ctx->ctx_smfi->xxfi_name,
794 (long) ctx->ctx_id, (int) g->a_len,
799 /* protocol version */
800 (void) memcpy((void *) &i, (void *) &(g->a_buf[0]), MILTER_LEN_BYTES);
803 #define SMFI_PROT_VERSION_MIN 2
805 /* check for minimum version */
806 if (v < SMFI_PROT_VERSION_MIN)
809 "%s: st_optionneg[%ld]: protocol version too old %d < %d",
810 ctx->ctx_smfi->xxfi_name,
811 (long) ctx->ctx_id, v, SMFI_PROT_VERSION_MIN);
814 ctx->ctx_mta_prot_vers = v;
815 if (ctx->ctx_prot_vers < ctx->ctx_mta_prot_vers)
816 ctx->ctx_prot_vers2mta = ctx->ctx_prot_vers;
818 ctx->ctx_prot_vers2mta = ctx->ctx_mta_prot_vers;
820 (void) memcpy((void *) &i, (void *) &(g->a_buf[MILTER_LEN_BYTES]),
824 /* no flags? set to default value for V1 actions */
827 ctx->ctx_mta_aflags = v; /* MTA action flags */
829 (void) memcpy((void *) &i, (void *) &(g->a_buf[MILTER_LEN_BYTES * 2]),
833 /* no flags? set to default value for V1 protocol */
836 ctx->ctx_mta_pflags = v; /* MTA protocol flags */
839 ** Copy flags from milter struct into libmilter context;
840 ** this variable will be used later on to check whether
841 ** the MTA "actions" can fulfill the milter requirements,
842 ** but it may be overwritten by the negotiate callback.
845 ctx->ctx_aflags = ctx->ctx_smfi->xxfi_flags;
846 fake_pflags = SMFIP_NR_CONN
857 if (g->a_ctx->ctx_smfi != NULL &&
858 g->a_ctx->ctx_smfi->xxfi_version > 4 &&
859 (fi_negotiate = g->a_ctx->ctx_smfi->xxfi_negotiate) != NULL)
862 unsigned long m_aflags, m_pflags, m_f2, m_f3;
865 ** let milter decide whether the features offered by the
866 ** MTA are "good enough".
868 ** - libmilter can "fake" some features (e.g., SMFIP_NR_HDR)
869 ** - m_f2, m_f3 are for future extensions
873 m_aflags = ctx->ctx_mta_aflags;
874 m_pflags = ctx->ctx_pflags;
875 if ((SMFIP_SKIP & ctx->ctx_mta_pflags) != 0)
876 m_pflags |= SMFIP_SKIP;
877 r = fi_negotiate(g->a_ctx,
879 ctx->ctx_mta_pflags|fake_pflags,
881 &m_aflags, &m_pflags, &m_f2, &m_f3);
884 ** Types of protocol flags (pflags):
885 ** 1. do NOT send protocol step X
886 ** 2. MTA can do/understand something extra (SKIP,
887 ** send unknown RCPTs)
888 ** 3. MTA can deal with "no reply" for various protocol steps
889 ** Note: this mean that it isn't possible to simply set all
890 ** flags to get "everything":
891 ** setting a flag of type 1 turns off a step
892 ** (it should be the other way around:
893 ** a flag means a protocol step can be sent)
894 ** setting a flag of type 3 requires that milter
895 ** never sends a reply for the corresponding step.
896 ** Summary: the "negation" of protocol flags is causing
897 ** problems, but at least for type 3 there is no simple
900 ** What should "all options" mean?
901 ** send all protocol steps _except_ those for which there is
902 ** no callback (currently registered in ctx_pflags)
903 ** expect SKIP as return code? Yes
904 ** send unknown RCPTs? No,
905 ** must be explicitly requested?
906 ** "no reply" for some protocol steps? No,
907 ** must be explicitly requested.
910 if (SMFIS_ALL_OPTS == r)
912 ctx->ctx_aflags = ctx->ctx_mta_aflags;
913 ctx->ctx_pflags2mta = ctx->ctx_pflags;
914 if ((SMFIP_SKIP & ctx->ctx_mta_pflags) != 0)
915 ctx->ctx_pflags2mta |= SMFIP_SKIP;
917 else if (r != SMFIS_CONTINUE)
920 "%s: st_optionneg[%ld]: xxfi_negotiate returned %d (protocol options=0x%lx, actions=0x%lx)",
921 ctx->ctx_smfi->xxfi_name,
922 (long) ctx->ctx_id, r, ctx->ctx_mta_pflags,
923 ctx->ctx_mta_aflags);
928 ctx->ctx_aflags = m_aflags;
929 ctx->ctx_pflags = m_pflags;
930 ctx->ctx_pflags2mta = m_pflags;
933 /* check whether some flags need to be "faked" */
934 i = ctx->ctx_pflags2mta;
935 if ((ctx->ctx_mta_pflags & i) != i)
941 ** If some behavior can be faked (set in fake_pflags),
942 ** but the MTA doesn't support it, then unset
943 ** that flag in the value that is sent to the MTA.
946 for (idx = 0; idx < 32; idx++)
949 if ((ctx->ctx_mta_pflags & b) != b &&
950 (fake_pflags & b) == b)
951 ctx->ctx_pflags2mta &= ~b;
958 ** Set the protocol flags based on the values determined
959 ** in mi_listener() which checked the defined callbacks.
962 ctx->ctx_pflags2mta = ctx->ctx_pflags;
965 /* check whether actions and protocol requirements can be satisfied */
967 if ((i & ctx->ctx_mta_aflags) != i)
970 "%s: st_optionneg[%ld]: 0x%lx does not fulfill action requirements 0x%x",
971 ctx->ctx_smfi->xxfi_name,
972 (long) ctx->ctx_id, ctx->ctx_mta_aflags, i);
976 i = ctx->ctx_pflags2mta;
977 if ((ctx->ctx_mta_pflags & i) != i)
980 ** Older MTAs do not support some protocol steps.
981 ** As this protocol is a bit "wierd" (it asks for steps
982 ** NOT to be taken/sent) we have to check whether we
983 ** should turn off those "negative" requests.
984 ** Currently these are only SMFIP_NODATA and SMFIP_NOUNKNOWN.
987 if (bitset(SMFIP_NODATA, ctx->ctx_pflags2mta) &&
988 !bitset(SMFIP_NODATA, ctx->ctx_mta_pflags))
989 ctx->ctx_pflags2mta &= ~SMFIP_NODATA;
990 if (bitset(SMFIP_NOUNKNOWN, ctx->ctx_pflags2mta) &&
991 !bitset(SMFIP_NOUNKNOWN, ctx->ctx_mta_pflags))
992 ctx->ctx_pflags2mta &= ~SMFIP_NOUNKNOWN;
993 i = ctx->ctx_pflags2mta;
996 if ((ctx->ctx_mta_pflags & i) != i)
999 "%s: st_optionneg[%ld]: 0x%lx does not fulfill protocol requirements 0x%x",
1000 ctx->ctx_smfi->xxfi_name,
1001 (long) ctx->ctx_id, ctx->ctx_mta_pflags, i);
1002 return _SMFIS_ABORT;
1005 if (ctx->ctx_dbg > 3)
1006 sm_dprintf("[%ld] milter_negotiate:"
1007 " mta_actions=0x%lx, mta_flags=0x%lx"
1008 " actions=0x%lx, flags=0x%lx\n"
1009 , (long) ctx->ctx_id
1010 , ctx->ctx_mta_aflags, ctx->ctx_mta_pflags
1011 , ctx->ctx_aflags, ctx->ctx_pflags);
1013 return _SMFIS_OPTIONS;
1017 ** ST_CONNECTINFO -- receive connection information
1020 ** g -- generic argument structure
1023 ** continue or filter-specified value
1033 unsigned short port = 0;
1034 _SOCK_ADDR sockaddr;
1035 sfsistat (*fi_connect) __P((SMFICTX *, char *, _SOCK_ADDR *));
1038 return _SMFIS_ABORT;
1039 mi_clr_macros(g->a_ctx, g->a_idx + 1);
1040 if (g->a_ctx->ctx_smfi == NULL ||
1041 (fi_connect = g->a_ctx->ctx_smfi->xxfi_connect) == NULL)
1042 return SMFIS_CONTINUE;
1047 while (s[i] != '\0' && i <= l)
1050 return _SMFIS_ABORT;
1052 /* Move past trailing \0 in host string */
1055 (void) memset(&sockaddr, '\0', sizeof sockaddr);
1056 if (family != SMFIA_UNKNOWN)
1058 if (i + sizeof port >= l)
1060 smi_log(SMI_LOG_ERR,
1061 "%s: connect[%ld]: wrong len %d >= %d",
1062 g->a_ctx->ctx_smfi->xxfi_name,
1063 (long) g->a_ctx->ctx_id, (int) i, (int) l);
1064 return _SMFIS_ABORT;
1066 (void) memcpy((void *) &port, (void *) (s + i),
1070 /* make sure string is terminated */
1071 if (s[l - 1] != '\0')
1072 return _SMFIS_ABORT;
1074 if (family == SMFIA_INET)
1076 if (inet_aton(s + i, (struct in_addr *) &sockaddr.sin.sin_addr)
1079 smi_log(SMI_LOG_ERR,
1080 "%s: connect[%ld]: inet_aton failed",
1081 g->a_ctx->ctx_smfi->xxfi_name,
1082 (long) g->a_ctx->ctx_id);
1083 return _SMFIS_ABORT;
1085 sockaddr.sa.sa_family = AF_INET;
1087 sockaddr.sin.sin_port = port;
1090 # endif /* NETINET */
1092 if (family == SMFIA_INET6)
1094 if (mi_inet_pton(AF_INET6, s + i,
1095 &sockaddr.sin6.sin6_addr) != 1)
1097 smi_log(SMI_LOG_ERR,
1098 "%s: connect[%ld]: mi_inet_pton failed",
1099 g->a_ctx->ctx_smfi->xxfi_name,
1100 (long) g->a_ctx->ctx_id);
1101 return _SMFIS_ABORT;
1103 sockaddr.sa.sa_family = AF_INET6;
1105 sockaddr.sin6.sin6_port = port;
1108 # endif /* NETINET6 */
1110 if (family == SMFIA_UNIX)
1112 if (sm_strlcpy(sockaddr.sunix.sun_path, s + i,
1113 sizeof sockaddr.sunix.sun_path) >=
1114 sizeof sockaddr.sunix.sun_path)
1116 smi_log(SMI_LOG_ERR,
1117 "%s: connect[%ld]: path too long",
1118 g->a_ctx->ctx_smfi->xxfi_name,
1119 (long) g->a_ctx->ctx_id);
1120 return _SMFIS_ABORT;
1122 sockaddr.sunix.sun_family = AF_UNIX;
1125 # endif /* NETUNIX */
1127 smi_log(SMI_LOG_ERR,
1128 "%s: connect[%ld]: unknown family %d",
1129 g->a_ctx->ctx_smfi->xxfi_name,
1130 (long) g->a_ctx->ctx_id, family);
1131 return _SMFIS_ABORT;
1134 return (*fi_connect)(g->a_ctx, g->a_buf,
1135 family != SMFIA_UNKNOWN ? &sockaddr : NULL);
1139 ** ST_EOH -- end of headers
1142 ** g -- generic argument structure
1145 ** continue or filter-specified value
1152 sfsistat (*fi_eoh) __P((SMFICTX *));
1155 return _SMFIS_ABORT;
1156 if (g->a_ctx->ctx_smfi != NULL &&
1157 (fi_eoh = g->a_ctx->ctx_smfi->xxfi_eoh) != NULL)
1158 return (*fi_eoh)(g->a_ctx);
1159 return SMFIS_CONTINUE;
1163 ** ST_DATA -- DATA command
1166 ** g -- generic argument structure
1169 ** continue or filter-specified value
1176 sfsistat (*fi_data) __P((SMFICTX *));
1179 return _SMFIS_ABORT;
1180 if (g->a_ctx->ctx_smfi != NULL &&
1181 g->a_ctx->ctx_smfi->xxfi_version > 3 &&
1182 (fi_data = g->a_ctx->ctx_smfi->xxfi_data) != NULL)
1183 return (*fi_data)(g->a_ctx);
1184 return SMFIS_CONTINUE;
1188 ** ST_HELO -- helo/ehlo command
1191 ** g -- generic argument structure
1194 ** continue or filter-specified value
1201 sfsistat (*fi_helo) __P((SMFICTX *, char *));
1204 return _SMFIS_ABORT;
1205 mi_clr_macros(g->a_ctx, g->a_idx + 1);
1206 if (g->a_ctx->ctx_smfi != NULL &&
1207 (fi_helo = g->a_ctx->ctx_smfi->xxfi_helo) != NULL)
1209 /* paranoia: check for terminating '\0' */
1210 if (g->a_len == 0 || g->a_buf[g->a_len - 1] != '\0')
1212 return (*fi_helo)(g->a_ctx, g->a_buf);
1214 return SMFIS_CONTINUE;
1218 ** ST_HEADER -- header line
1221 ** g -- generic argument structure
1224 ** continue or filter-specified value
1232 sfsistat (*fi_header) __P((SMFICTX *, char *, char *));
1235 return _SMFIS_ABORT;
1236 if (g->a_ctx->ctx_smfi == NULL ||
1237 (fi_header = g->a_ctx->ctx_smfi->xxfi_header) == NULL)
1238 return SMFIS_CONTINUE;
1239 if (dec_arg2(g->a_buf, g->a_len, &hf, &hv) == MI_SUCCESS)
1240 return (*fi_header)(g->a_ctx, hf, hv);
1242 return _SMFIS_ABORT;
1245 #define ARGV_FCT(lf, rf, idx) \
1247 sfsistat (*lf) __P((SMFICTX *, char **)); \
1251 return _SMFIS_ABORT; \
1252 mi_clr_macros(g->a_ctx, g->a_idx + 1); \
1253 if (g->a_ctx->ctx_smfi == NULL || \
1254 (lf = g->a_ctx->ctx_smfi->rf) == NULL) \
1255 return SMFIS_CONTINUE; \
1256 if ((argv = dec_argv(g->a_buf, g->a_len)) == NULL) \
1257 return _SMFIS_ABORT; \
1258 r = (*lf)(g->a_ctx, argv); \
1263 ** ST_SENDER -- MAIL FROM command
1266 ** g -- generic argument structure
1269 ** continue or filter-specified value
1276 ARGV_FCT(fi_envfrom, xxfi_envfrom, CI_MAIL)
1280 ** ST_RCPT -- RCPT TO command
1283 ** g -- generic argument structure
1286 ** continue or filter-specified value
1293 ARGV_FCT(fi_envrcpt, xxfi_envrcpt, CI_RCPT)
1297 ** ST_UNKNOWN -- unrecognized or unimplemented command
1300 ** g -- generic argument structure
1303 ** continue or filter-specified value
1310 sfsistat (*fi_unknown) __P((SMFICTX *, const char *));
1313 return _SMFIS_ABORT;
1314 if (g->a_ctx->ctx_smfi != NULL &&
1315 g->a_ctx->ctx_smfi->xxfi_version > 2 &&
1316 (fi_unknown = g->a_ctx->ctx_smfi->xxfi_unknown) != NULL)
1317 return (*fi_unknown)(g->a_ctx, (const char *) g->a_buf);
1318 return SMFIS_CONTINUE;
1322 ** ST_MACROS -- deal with macros received from the MTA
1325 ** g -- generic argument structure
1331 ** set pointer in macro array to current values.
1341 if (g == NULL || g->a_len < 1)
1343 if ((argv = dec_argv(g->a_buf + 1, g->a_len - 1)) == NULL)
1345 switch (g->a_buf[0])
1372 if (g->a_ctx->ctx_mac_ptr[i] != NULL)
1373 free(g->a_ctx->ctx_mac_ptr[i]);
1374 if (g->a_ctx->ctx_mac_buf[i] != NULL)
1375 free(g->a_ctx->ctx_mac_buf[i]);
1376 g->a_ctx->ctx_mac_ptr[i] = argv;
1377 g->a_ctx->ctx_mac_buf[i] = g->a_buf;
1382 ** ST_QUIT -- quit command
1385 ** g -- generic argument structure
1396 sfsistat (*fi_close) __P((SMFICTX *));
1399 return _SMFIS_ABORT;
1400 if (g->a_ctx->ctx_smfi != NULL &&
1401 (fi_close = g->a_ctx->ctx_smfi->xxfi_close) != NULL)
1402 (void) (*fi_close)(g->a_ctx);
1403 mi_clr_macros(g->a_ctx, 0);
1404 return _SMFIS_NOREPLY;
1408 ** ST_BODYCHUNK -- deal with a piece of the mail body
1411 ** g -- generic argument structure
1414 ** continue or filter-specified value
1421 sfsistat (*fi_body) __P((SMFICTX *, unsigned char *, size_t));
1424 return _SMFIS_ABORT;
1425 if (g->a_ctx->ctx_smfi != NULL &&
1426 (fi_body = g->a_ctx->ctx_smfi->xxfi_body) != NULL)
1427 return (*fi_body)(g->a_ctx, (unsigned char *)g->a_buf,
1429 return SMFIS_CONTINUE;
1433 ** ST_BODYEND -- deal with the last piece of the mail body
1436 ** g -- generic argument structure
1439 ** continue or filter-specified value
1442 ** sends a reply for the body part (if non-empty).
1450 sfsistat (*fi_body) __P((SMFICTX *, unsigned char *, size_t));
1451 sfsistat (*fi_eom) __P((SMFICTX *));
1454 return _SMFIS_ABORT;
1456 if (g->a_ctx->ctx_smfi != NULL)
1458 if ((fi_body = g->a_ctx->ctx_smfi->xxfi_body) != NULL &&
1462 struct timeval timeout;
1464 timeout.tv_sec = g->a_ctx->ctx_timeout;
1465 timeout.tv_usec = 0;
1466 sd = g->a_ctx->ctx_sd;
1467 r = (*fi_body)(g->a_ctx, (unsigned char *)g->a_buf,
1469 if (r != SMFIS_CONTINUE &&
1470 sendreply(r, sd, &timeout, g->a_ctx) != MI_SUCCESS)
1471 return _SMFIS_ABORT;
1474 if (r == SMFIS_CONTINUE &&
1475 (fi_eom = g->a_ctx->ctx_smfi->xxfi_eom) != NULL)
1476 return (*fi_eom)(g->a_ctx);
1481 ** ST_ABORTFCT -- deal with aborts
1484 ** g -- generic argument structure
1487 ** abort or filter-specified value
1494 sfsistat (*fi_abort) __P((SMFICTX *));
1497 return _SMFIS_ABORT;
1498 if (g != NULL && g->a_ctx->ctx_smfi != NULL &&
1499 (fi_abort = g->a_ctx->ctx_smfi->xxfi_abort) != NULL)
1500 (void) (*fi_abort)(g->a_ctx);
1501 return _SMFIS_NOREPLY;
1505 ** TRANS_OK -- is the state transition ok?
1512 ** state transition ok
1522 if (s >= SIZE_NEXT_STATES)
1526 /* is this state transition allowed? */
1527 if ((MI_MASK(new) & next_states[s]) != 0)
1531 ** no: try next state;
1532 ** this works since the relevant states are ordered
1533 ** strict sequentially
1537 if (n >= SIZE_NEXT_STATES)
1541 ** can we actually "skip" this state?
1542 ** see fix_stm() which sets this bit for those
1543 ** states which the filter program is not interested in
1546 if (bitset(NX_SKIP, next_states[n]))
1550 } while (s < SIZE_NEXT_STATES);
1555 ** FIX_STM -- add "skip" bits to the state transition table
1558 ** ctx -- context structure
1564 ** may change state transition table.
1573 if (ctx == NULL || ctx->ctx_smfi == NULL)
1575 fl = ctx->ctx_pflags;
1576 if (bitset(SMFIP_NOCONNECT, fl))
1577 next_states[ST_CONN] |= NX_SKIP;
1578 if (bitset(SMFIP_NOHELO, fl))
1579 next_states[ST_HELO] |= NX_SKIP;
1580 if (bitset(SMFIP_NOMAIL, fl))
1581 next_states[ST_MAIL] |= NX_SKIP;
1582 if (bitset(SMFIP_NORCPT, fl))
1583 next_states[ST_RCPT] |= NX_SKIP;
1584 if (bitset(SMFIP_NOHDRS, fl))
1585 next_states[ST_HDRS] |= NX_SKIP;
1586 if (bitset(SMFIP_NOEOH, fl))
1587 next_states[ST_EOHS] |= NX_SKIP;
1588 if (bitset(SMFIP_NOBODY, fl))
1589 next_states[ST_BODY] |= NX_SKIP;
1590 if (bitset(SMFIP_NODATA, fl))
1591 next_states[ST_DATA] |= NX_SKIP;
1592 if (bitset(SMFIP_NOUNKNOWN, fl))
1593 next_states[ST_UNKN] |= NX_SKIP;
1597 ** DEC_ARGV -- split a buffer into a list of strings, NULL terminated
1600 ** buf -- buffer with several strings
1601 ** len -- length of buffer
1604 ** array of pointers to the individual strings
1617 for (i = 0; i < len; i++)
1625 /* last entry is only for the name */
1626 s = (char **)malloc((nelem + 1) * (sizeof *s));
1630 for (i = 0, elem = 0; i < len && elem < nelem; i++)
1638 s[elem] = &(buf[i + 1]);
1642 /* overwrite last entry (already done above, just paranoia) */
1648 ** DEC_ARG2 -- split a buffer into two strings
1651 ** buf -- buffer with two strings
1652 ** len -- length of buffer
1653 ** s1,s2 -- pointer to result strings
1656 ** MI_FAILURE/MI_SUCCESS
1660 dec_arg2(buf, len, s1, s2)
1668 /* paranoia: check for terminating '\0' */
1669 if (len == 0 || buf[len - 1] != '\0')
1672 for (i = 1; i < len && buf[i] != '\0'; i++)
1681 ** SENDOK -- is it ok for the filter to send stuff to the MTA?
1684 ** ctx -- context structure
1685 ** flag -- flag to check
1688 ** sending allowed (in current state)
1692 mi_sendok(ctx, flag)
1696 if (ctx == NULL || ctx->ctx_smfi == NULL)
1699 /* did the milter request this operation? */
1700 if (flag != 0 && !bitset(flag, ctx->ctx_aflags))
1703 /* are we in the correct state? It must be "End of Message". */
1704 return ctx->ctx_state == ST_ENDM;
1707 #if _FFR_WORKERS_POOL
1709 ** MI_RD_SOCKET_READY - checks if the socket is ready for read(2)
1715 ** true iff socket is ready for read(2)
1718 #define MI_RD_CMD_TO 1
1719 #define MI_RD_MAX_ERR 16
1722 mi_rd_socket_ready (sd)
1729 #else /* SM_CONF_POLL */
1730 fd_set rd_set, exc_set;
1731 #endif /* SM_CONF_POLL */
1737 pfd.events = POLLIN;
1740 n = poll(&pfd, 1, MI_RD_CMD_TO);
1741 #else /* SM_CONF_POLL */
1742 struct timeval timeout;
1746 FD_SET(sd, &rd_set);
1747 FD_SET(sd, &exc_set);
1749 timeout.tv_sec = MI_RD_CMD_TO / 1000;
1750 timeout.tv_usec = 0;
1751 n = select(sd + 1, &rd_set, NULL, &exc_set, &timeout);
1752 #endif /* SM_CONF_POLL */
1767 } while (nerr < MI_RD_MAX_ERR);
1768 if (nerr >= MI_RD_MAX_ERR)
1772 return (pfd.revents != 0);
1773 #else /* SM_CONF_POLL */
1774 return FD_ISSET(sd, &rd_set) || FD_ISSET(sd, &exc_set);
1775 #endif /* SM_CONF_POLL */
1777 #endif /* _FFR_WORKERS_POOL */
lentferj's projects / dragonfly.git / blob