2 * Copyright (c) 1998-2006, 2008-2010 Sendmail, Inc. and its suppliers.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
15 #include <sm/sendmail.h>
17 SM_RCSID("@(#)$Id: readcf.c,v 8.684 2011/03/15 17:29:29 guenther Exp $")
19 #if NETINET || NETINET6
20 # include <arpa/inet.h>
21 #endif /* NETINET || NETINET6 */
29 static void fileclass __P((int, char *, char *, bool, bool, bool));
30 static char **makeargv __P((char *));
31 static void settimeout __P((char *, char *, bool));
32 static void toomany __P((int, int));
33 static char *extrquotstr __P((char *, char **, char *, bool *));
34 static void parse_class_words __P((int, char *));
37 ** READCF -- read configuration file.
39 ** This routine reads the configuration file and builds the internal
42 ** The file is formatted as a sequence of lines, each taken
43 ** atomically. The first character of each line describes how
44 ** the line is to be interpreted. The lines are:
45 ** Dxval Define macro x to have value val.
46 ** Cxword Put word into class x.
47 ** Fxfile [fmt] Read file for lines to put into
48 ** class x. Use scanf string 'fmt'
49 ** or "%s" if not present. Fmt should
50 ** only produce one string-valued result.
51 ** Hname: value Define header with field-name 'name'
52 ** and value as specified; this will be
53 ** macro expanded immediately before
55 ** Sn Use rewriting set n.
56 ** Rlhs rhs Rewrite addresses that match lhs to
58 ** Mn arg=val... Define mailer. n is the internal name.
59 ** Args specify mailer parameters.
60 ** Oxvalue Set option x to value.
61 ** O option value Set option (long name) to value.
62 ** Pname=value Set precedence name to value.
63 ** Qn arg=val... Define queue groups. n is the internal name.
64 ** Args specify queue parameters.
65 ** Vversioncode[/vendorcode]
66 ** Version level/vendor name of
67 ** configuration syntax.
68 ** Kmapname mapclass arguments....
69 ** Define keyed lookup of a given class.
70 ** Arguments are class dependent.
71 ** Eenvar=value Set the environment value to the given value.
74 ** cfname -- configuration file name.
75 ** safe -- true if this is the system config file;
77 ** e -- the main envelope.
83 ** Builds several internal tables.
87 readcf(cfname, safe, e)
95 struct rewrite *rwp = NULL;
105 long sff = SFF_OPENASROOT;
110 char pvpbuf[MAXLINE + MAXATOM];
111 static char *null_list[1] = { NULL };
112 extern unsigned char TokTypeNoC[];
118 Srv_SSL_Options = SSL_OP_ALL;
119 Clt_SSL_Options = SSL_OP_ALL
120 #ifdef SSL_OP_NO_SSLv2
123 #ifdef SSL_OP_NO_TICKET
127 #endif /* STARTTLS */
128 if (DontLockReadFiles)
130 cf = safefopen(cfname, O_RDONLY, 0444, sff);
133 syserr("cannot open");
134 finis(false, true, EX_OSFILE);
137 if (fstat(sm_io_getinfo(cf, SM_IO_WHAT_FD, NULL), &statb) < 0)
139 syserr("cannot fstat");
140 finis(false, true, EX_OSFILE);
143 if (!S_ISREG(statb.st_mode))
145 syserr("not a plain file");
146 finis(false, true, EX_OSFILE);
149 if (OpMode != MD_TEST && bitset(S_IWGRP|S_IWOTH, statb.st_mode))
151 if (OpMode == MD_DAEMON || OpMode == MD_INITALIAS || OpMode == MD_CHECKCONFIG)
152 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
153 "%s: WARNING: dangerous write permissions\n",
156 sm_syslog(LOG_CRIT, NOQID,
157 "%s: WARNING: dangerous write permissions",
165 while (bufsize = sizeof(buf),
166 (bp = fgetfolded(buf, &bufsize, cf)) != NULL)
173 sm_free(bp); /* XXX */
177 /* do macro expansion mappings */
178 nbp = translate_dollars(bp, bp, &bufsize);
179 if (nbp != bp && bp != buf)
183 /* interpret this line */
188 case '#': /* comment */
191 case 'R': /* rewriting rule */
194 syserr("missing valid ruleset for \"%s\"", bp);
197 for (p = &bp[1]; *p != '\0' && *p != '\t'; p++)
202 syserr("invalid rewrite line \"%s\" (tab expected)", bp);
206 /* allocate space for the rule header */
209 RewriteRules[ruleset] = rwp =
210 (struct rewrite *) xalloc(sizeof(*rwp));
214 rwp->r_next = (struct rewrite *) xalloc(sizeof(*rwp));
219 /* expand and save the LHS */
221 expand(&bp[1], exbuf, sizeof(exbuf), e);
222 rwp->r_lhs = prescan(exbuf, '\t', pvpbuf,
223 sizeof(pvpbuf), NULL,
224 ConfigLevel >= 9 ? TokTypeNoC : IntTokenTab,
227 if (rwp->r_lhs != NULL)
231 rwp->r_lhs = copyplist(rwp->r_lhs, true, NULL);
233 /* count the number of fuzzy matches in LHS */
234 for (ap = rwp->r_lhs; *ap != NULL; ap++)
239 switch (ap[0][0] & 0377)
286 syserr("Inappropriate use of %s on LHS",
289 rwp->r_line = LineNumber;
293 syserr("R line: null LHS");
294 rwp->r_lhs = null_list;
296 if (nfuzzy > MAXMATCH)
298 syserr("R line: too many wildcards");
299 rwp->r_lhs = null_list;
302 /* expand and save the RHS */
306 while (*p != '\0' && *p != '\t')
309 expand(q, exbuf, sizeof(exbuf), e);
310 rwp->r_rhs = prescan(exbuf, '\t', pvpbuf,
311 sizeof(pvpbuf), NULL,
312 ConfigLevel >= 9 ? TokTypeNoC : IntTokenTab,
314 if (rwp->r_rhs != NULL)
318 #if _FFR_EXTRA_MAP_CHECK
320 #endif /* _FFR_EXTRA_MAP_CHECK */
323 rwp->r_rhs = copyplist(rwp->r_rhs, true, NULL);
325 /* check no out-of-bounds replacements */
330 for (ap = rwp->r_rhs; *ap != NULL; ap++)
335 switch (ap[0][0] & 0377)
338 if (ap[0][1] <= '0' ||
341 syserr("replacement $%c out of bounds",
369 if (++args >= MAX_MAP_ARGS)
370 syserr("too many arguments for map lookup");
378 if ((ap[0][0] & 0377) == LOOKUPBEGIN)
379 endtoken = LOOKUPEND;
381 syserr("cannot nest map lookups");
384 #if _FFR_EXTRA_MAP_CHECK
387 syserr("syntax error in map lookup");
390 nexttoken = ap[1][0] & 0377;
391 if (nexttoken == CANONHOST ||
392 nexttoken == CANONUSER ||
393 nexttoken == endtoken))
395 syserr("missing map name for lookup");
400 syserr("syntax error in map lookup");
403 if (ap[0][0] == HOSTBEGIN)
405 nexttoken = ap[2][0] & 0377;
406 if (nexttoken == CANONHOST ||
407 nexttoken == CANONUSER ||
408 nexttoken == endtoken)
410 syserr("missing key name for lookup");
413 #endif /* _FFR_EXTRA_MAP_CHECK */
418 if ((ap[0][0] & 0377) != endtoken)
427 ** This doesn't work yet as there are maps defined *after* the cf
428 ** is read such as host, user, and alias. So for now, it's removed.
429 ** When it comes back, the RELEASE_NOTES entry will be:
430 ** Emit warnings for unknown maps when reading the .cf file. Based on
431 ** patch from Robert Harker of Harker Systems.
436 ** Got a database lookup,
437 ** check if map is defined.
441 if ((ep[0] & 0377) != MACRODEXPAND &&
442 stab(ep, ST_MAP, ST_FIND) == NULL)
444 (void) sm_io_fprintf(smioout,
446 "Warning: %s: line %d: map %s not found\n",
455 syserr("Inappropriate use of %s on RHS",
459 syserr("missing map closing token");
463 syserr("R line: null RHS");
464 rwp->r_rhs = null_list;
468 case 'S': /* select rewriting set */
469 expand(&bp[1], exbuf, sizeof(exbuf), e);
470 ruleset = strtorwset(exbuf, NULL, ST_ENTER);
474 rwp = RewriteRules[ruleset];
477 if (OpMode == MD_TEST || OpMode == MD_CHECKCONFIG)
478 (void) sm_io_fprintf(smioout,
480 "WARNING: Ruleset %s has multiple definitions\n",
483 sm_dprintf("WARNING: Ruleset %s has multiple definitions\n",
485 while (rwp->r_next != NULL)
490 case 'D': /* macro definition */
491 mid = macid_parse(&bp[1], &ep);
494 p = munchstring(ep, NULL, '\0');
495 macdefine(&e->e_macro, A_TEMP, mid, p);
498 case 'H': /* required header line */
499 (void) chompheader(&bp[1], CHHDR_DEF, NULL, e);
502 case 'C': /* word class */
503 case 'T': /* trusted user (set class `t') */
506 mid = macid_parse(&bp[1], &ep);
509 expand(ep, exbuf, sizeof(exbuf), e);
522 while (*p != '\0' && isascii(*p) && isspace(*p))
525 while (*p != '\0' && !(isascii(*p) && isspace(*p)))
535 case 'F': /* word class from file */
536 mid = macid_parse(&bp[1], &ep);
539 for (p = ep; isascii(*p) && isspace(*p); )
541 if (p[0] == '-' && p[1] == 'o')
545 !(isascii(*p) && isspace(*p)))
547 while (isascii(*p) && isspace(*p))
553 /* check if [key]@map:spec */
555 if (!SM_IS_DIR_DELIM(*p) &&
557 (q = strchr(p, '@')) != NULL)
561 /* look for @LDAP or @map: in string */
562 if (strcmp(q, "LDAP") == 0 ||
564 strchr(q, ':') != NULL))
570 /* use entire spec */
575 file = extrquotstr(p, &q, " ", &ok);
578 syserr("illegal filename '%s'", p);
583 if (*file == '|' || ismap)
593 while (isascii(*++p) && isspace(*p))
597 fileclass(mid, file, p, ismap, safe, optional);
601 case 'L': /* extended load average description */
606 #if defined(SUN_EXTENSIONS) && defined(SUN_LOOKUP_MACRO)
607 case 'L': /* lookup macro */
608 case 'G': /* lookup class */
609 /* reserved for Sun -- NIS+ database lookup */
610 if (VendorCode != VENDOR_SUN)
612 sun_lg_config_line(bp, e);
614 #endif /* defined(SUN_EXTENSIONS) && defined(SUN_LOOKUP_MACRO) */
616 case 'M': /* define mailer */
620 case 'O': /* set option */
621 setoption(bp[1], &bp[2], safe, false, e);
624 case 'P': /* set precedence */
625 if (NumPriorities >= MAXPRIORITIES)
627 toomany('P', MAXPRIORITIES);
630 for (p = &bp[1]; *p != '\0' && *p != '='; p++)
635 Priorities[NumPriorities].pri_name = newstr(&bp[1]);
636 Priorities[NumPriorities].pri_val = atoi(++p);
640 case 'Q': /* define queue */
641 makequeue(&bp[1], true);
644 case 'V': /* configuration syntax version */
645 for (p = &bp[1]; isascii(*p) && isspace(*p); p++)
647 if (!isascii(*p) || !isdigit(*p))
649 syserr("invalid argument to V line: \"%.20s\"",
653 ConfigLevel = strtol(p, &ep, 10);
656 ** Do heuristic tweaking for back compatibility.
659 if (ConfigLevel >= 5)
661 /* level 5 configs have short name in $w */
662 p = macvalue('w', e);
663 if (p != NULL && (p = strchr(p, '.')) != NULL)
666 macdefine(&e->e_macro, A_TEMP, 'w',
670 if (ConfigLevel >= 6)
672 ColonOkInAddr = false;
676 ** Look for vendor code.
681 /* extract vendor code */
682 for (p = ep; isascii(*p) && isalpha(*p); )
687 syserr("invalid V line vendor code: \"%s\"",
693 expand(&bp[1], exbuf, sizeof(exbuf), e);
694 (void) makemapentry(exbuf);
701 sm_setuserenv(&bp[1], p);
704 case 'X': /* mail filter */
706 milter_setup(&bp[1]);
708 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
709 "Warning: Filter usage ('X') requires Milter support (-DMILTER)\n");
715 syserr("unknown configuration line \"%s\"", bp);
718 sm_free(bp); /* XXX */
722 syserr("I/O read error");
723 finis(false, true, EX_OSFILE);
725 (void) sm_io_close(cf, SM_TIME_DEFAULT);
728 /* initialize host maps from local service tables */
731 /* initialize daemon (if not defined yet) */
734 /* determine if we need to do special name-server frotz */
737 char *maptype[MAXMAPSTACK];
738 short mapreturn[MAXMAPACTIONS];
740 nmaps = switch_map_find("hosts", maptype, mapreturn);
741 UseNameServer = false;
742 if (nmaps > 0 && nmaps <= MAXMAPSTACK)
746 for (mapno = 0; mapno < nmaps && !UseNameServer;
749 if (strcmp(maptype[mapno], "dns") == 0)
750 UseNameServer = true;
757 ** TRANSLATE_DOLLARS -- convert $x into internal form
759 ** Actually does all appropriate pre-processing of a config line
760 ** to turn it into internal form.
763 ** ibp -- the buffer to translate.
764 ** obp -- where to put the translation; may be the same as obp
765 ** bsp -- a pointer to the size of obp; will be updated if
766 ** the buffer needs to be replaced.
769 ** The buffer pointer; may differ from obp if the expansion
770 ** is larger then *bsp, in which case this will point to
771 ** malloc()ed memory which must be free()d by the caller.
775 translate_dollars(ibp, obp, bsp)
786 sm_dprintf("translate_dollars(");
787 xputs(sm_debug_file(), ibp);
791 bp = quote_internal_chars(ibp, obp, bsp);
793 for (p = bp; *p != '\0'; p++)
795 if (*p == '#' && p > bp && ConfigLevel >= 3)
802 /* it's from $# -- let it go through */
807 /* it's backslash escaped */
808 (void) sm_strlcpy(p, p + 1, strlen(p));
812 /* delete leading white space */
813 while (isascii(*p) && isspace(*p) &&
814 *p != '\n' && p > bp)
818 if ((e = strchr(++p, '\n')) != NULL)
819 (void) sm_strlcpy(p, e, strlen(p));
827 if (*p != '$' || p[1] == '\0')
832 /* actual dollar sign.... */
833 (void) sm_strlcpy(p, p + 1, strlen(p));
837 /* convert to macro expansion character */
840 /* special handling for $=, $~, $&, and $? */
841 if (*p == '=' || *p == '~' || *p == '&' || *p == '?')
844 /* convert macro name to code */
845 *p = macid_parse(p, &ep);
847 (void) sm_strlcpy(p + 1, ep, strlen(p + 1));
850 /* strip trailing white space from the line */
851 while (--p > bp && isascii(*p) && isspace(*p))
856 sm_dprintf(" translate_dollars => ");
857 xputs(sm_debug_file(), bp);
864 ** TOOMANY -- signal too many of some option
867 ** id -- the id of the error line
868 ** maxcnt -- the maximum possible values
882 syserr("too many %c lines, %d max", id, maxcnt);
885 ** FILECLASS -- read members of a class from a file
888 ** class -- class to define.
889 ** filename -- name of file to read.
890 ** fmt -- scanf string to use for match.
891 ** ismap -- if set, this is a map lookup.
892 ** safe -- if set, this is a safe read.
893 ** optional -- if set, it is not an error for the file to
900 ** puts all lines in filename that match a scanf into
905 ** Break up the match into words and add to class.
909 parse_class_words(class, line)
913 while (line != NULL && *line != '\0')
917 /* strip leading spaces */
918 while (isascii(*line) && isspace(*line))
923 /* find the end of the word */
925 while (*line != '\0' && !(isascii(*line) && isspace(*line)))
930 /* enter the word in the symbol table */
936 fileclass(class, filename, fmt, ismap, safe, optional)
951 sm_dprintf("fileclass(%s, fmt=%s)\n", filename, fmt);
953 if (*filename == '\0')
955 syserr("fileclass: missing file name");
967 mn = newstr(macname(class));
972 if ((p = strchr(filename, '@')) == NULL)
974 /* should not happen */
975 syserr("fileclass: bogus map specification");
985 if (strcmp(cl, "LDAP") == 0)
989 char jbuf[MAXHOSTNAMELEN];
993 expand("\201j", jbuf, sizeof(jbuf), &BlankEnvelope);
996 (void) sm_strlcpy(jbuf, "localhost",
1000 /* impose the default schema */
1001 lc = macvalue(macid("{sendmailMTACluster}"), CurEnv);
1006 expand(lc, lcbuf, sizeof(lcbuf), CurEnv);
1011 n = sm_snprintf(buf, sizeof(buf),
1012 "-k (&(objectClass=sendmailMTAClass)(sendmailMTAClassName=%s)(|(sendmailMTACluster=%s)(sendmailMTAHost=%s))) -v sendmailMTAClassValue,sendmailMTAClassSearch:FILTER:sendmailMTAClass,sendmailMTAClassURL:URL:sendmailMTAClass",
1014 if (n >= sizeof(buf))
1016 syserr("fileclass: F{%s}: Default LDAP string too long",
1024 #endif /* LDAPMAP */
1026 if ((spec = strchr(cl, ':')) == NULL)
1028 syserr("fileclass: F{%s}: missing map class",
1036 /* set up map structure */
1037 mapclass = stab(cl, ST_MAPCLASS, ST_FIND);
1038 if (mapclass == NULL)
1040 syserr("fileclass: F{%s}: class %s not available",
1045 memset(&map, '\0', sizeof(map));
1046 map.map_class = &mapclass->s_mapclass;
1048 map.map_mflags |= MF_FILECLASS;
1051 sm_dprintf("fileclass: F{%s}: map class %s, key %s, spec %s\n",
1055 /* parse map spec */
1056 if (!map.map_class->map_parse(&map, spec))
1058 /* map_parse() showed the error already */
1062 map.map_mflags |= MF_VALID;
1065 if (map.map_class->map_open(&map, O_RDONLY))
1067 map.map_mflags |= MF_OPEN;
1068 map.map_pid = getpid();
1073 !bitset(MF_OPTIONAL, map.map_mflags))
1074 syserr("fileclass: F{%s}: map open failed",
1081 p = (*map.map_class->map_lookup)(&map, key, NULL, &status);
1082 if (status != EX_OK && status != EX_NOTFOUND)
1085 syserr("fileclass: F{%s}: map lookup failed",
1090 /* use the results */
1092 parse_class_words(class, p);
1095 map.map_mflags |= MF_CLOSING;
1096 map.map_class->map_close(&map);
1097 map.map_mflags &= ~(MF_OPEN|MF_WRITABLE|MF_CLOSING);
1101 else if (filename[0] == '|')
1105 char *argv[MAXPV + 1];
1108 for (p = strtok(&filename[1], " \t");
1109 p != NULL && i < MAXPV;
1110 p = strtok(NULL, " \t"))
1113 pid = prog_open(argv, &fd, CurEnv);
1117 f = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
1118 (void *) &fd, SM_IO_RDONLY, NULL);
1124 if (!bitnset(DBS_CLASSFILEINUNSAFEDIRPATH, DontBlameSendmail))
1125 sff |= SFF_SAFEDIRPATH;
1126 if (!bitnset(DBS_LINKEDCLASSFILEINWRITABLEDIR,
1130 sff |= SFF_OPENASROOT;
1131 else if (RealUid == 0)
1133 if (DontLockReadFiles)
1135 f = safefopen(filename, O_RDONLY, 0, sff);
1140 syserr("fileclass: cannot open '%s'", filename);
1144 while (sm_io_fgets(f, SM_TIME_DEFAULT, buf, sizeof(buf)) != NULL)
1147 char wordbuf[MAXLINE + 1];
1153 if (sm_io_sscanf(buf, fmt, wordbuf) != 1)
1160 parse_class_words(class, p);
1163 ** If anything else is added here,
1164 ** check if the '@' map case above
1165 ** needs the code as well.
1169 (void) sm_io_close(f, SM_TIME_DEFAULT);
1171 (void) waitfor(pid);
1174 ** MAKEMAILER -- define a new mailer.
1177 ** line -- description of mailer. This is in labeled
1178 ** fields. The fields are:
1179 ** A -- the argv for this mailer
1180 ** C -- the character set for MIME conversions
1181 ** D -- the directory to run in
1182 ** E -- the eol string
1183 ** F -- the flags associated with the mailer
1184 ** L -- the maximum line length
1185 ** M -- the maximum message size
1186 ** N -- the niceness at which to run
1187 ** P -- the path to the mailer
1188 ** Q -- the queue group for the mailer
1189 ** R -- the recipient rewriting set
1190 ** S -- the sender rewriting set
1191 ** T -- the mailer type (for DSNs)
1192 ** U -- the uid to run as
1193 ** W -- the time to wait at the end
1194 ** m -- maximum messages per connection
1195 ** r -- maximum number of recipients per message
1196 ** / -- new root directory
1197 ** The first word is the canonical name of the mailer.
1203 ** enters the mailer into the mailer table.
1211 register struct mailer *m;
1216 static int nextmailer = 0; /* "free" index into Mailer struct */
1218 /* allocate a mailer and set up defaults */
1219 m = (struct mailer *) xalloc(sizeof(*m));
1220 memset((char *) m, '\0', sizeof(*m));
1221 errno = 0; /* avoid bogus error text */
1223 /* collect the mailer name */
1225 *p != '\0' && *p != ',' && !(isascii(*p) && isspace(*p));
1230 if (line[0] == '\0')
1232 syserr("name required for mailer");
1235 m->m_name = newstr(line);
1240 /* now scan through and assign info from the fields */
1243 auto char *delimptr;
1245 while (*p != '\0' &&
1246 (*p == ',' || (isascii(*p) && isspace(*p))))
1249 /* p now points to field code */
1251 while (*p != '\0' && *p != '=' && *p != ',')
1255 syserr("mailer %s: `=' expected", m->m_name);
1258 while (isascii(*p) && isspace(*p))
1261 /* p now points to the field body */
1262 p = munchstring(p, &delimptr, ',');
1264 /* install the field into the mailer struct */
1267 case 'P': /* pathname */
1268 if (*p != '\0') /* error is issued below */
1269 m->m_mailer = newstr(p);
1272 case 'F': /* flags */
1273 for (; *p != '\0'; p++)
1275 if (!(isascii(*p) && isspace(*p)))
1277 #if _FFR_DEPRECATE_MAILER_FLAG_I
1278 if (*p == M_INTERNAL)
1279 sm_syslog(LOG_WARNING, NOQID,
1280 "WARNING: mailer=%s, flag=%c deprecated",
1282 #endif /* _FFR_DEPRECATE_MAILER_FLAG_I */
1283 setbitn(bitidx(*p), m->m_flags);
1288 case 'S': /* sender rewriting ruleset */
1289 case 'R': /* recipient rewriting ruleset */
1290 i = strtorwset(p, &endp, ST_ENTER);
1294 m->m_sh_rwset = m->m_se_rwset = i;
1296 m->m_rh_rwset = m->m_re_rwset = i;
1301 i = strtorwset(p, NULL, ST_ENTER);
1311 case 'E': /* end of line string */
1313 syserr("mailer %s: null end-of-line string",
1316 m->m_eol = newstr(p);
1319 case 'A': /* argument vector */
1320 if (*p != '\0') /* error is issued below */
1321 m->m_argv = makeargv(p);
1324 case 'M': /* maximum message size */
1325 m->m_maxsize = atol(p);
1328 case 'm': /* maximum messages per connection */
1329 m->m_maxdeliveries = atoi(p);
1332 case 'r': /* max recipient per envelope */
1333 m->m_maxrcpt = atoi(p);
1336 case 'L': /* maximum line length */
1337 m->m_linelimit = atoi(p);
1338 if (m->m_linelimit < 0)
1342 case 'N': /* run niceness */
1343 m->m_nice = atoi(p);
1346 case 'D': /* working directory */
1348 syserr("mailer %s: null working directory",
1351 m->m_execdir = newstr(p);
1354 case 'C': /* default charset */
1356 syserr("mailer %s: null charset", m->m_name);
1358 m->m_defcharset = newstr(p);
1361 case 'Q': /* queue for this mailer */
1364 syserr("mailer %s: null queue", m->m_name);
1367 s = stab(p, ST_QUEUE, ST_FIND);
1369 syserr("mailer %s: unknown queue %s",
1372 m->m_qgrp = s->s_quegrp->qg_index;
1375 case 'T': /* MTA-Name/Address/Diagnostic types */
1376 /* extract MTA name type; default to "dns" */
1377 m->m_mtatype = newstr(p);
1378 p = strchr(m->m_mtatype, '/');
1385 if (*m->m_mtatype == '\0')
1386 m->m_mtatype = "dns";
1388 /* extract address type; default to "rfc822" */
1398 if (m->m_addrtype == NULL || *m->m_addrtype == '\0')
1399 m->m_addrtype = "rfc822";
1401 /* extract diagnostic type; default to "smtp" */
1403 if (m->m_diagtype == NULL || *m->m_diagtype == '\0')
1404 m->m_diagtype = "smtp";
1407 case 'U': /* user id */
1408 if (isascii(*p) && !isdigit(*p))
1413 while (*p != '\0' && isascii(*p) &&
1414 (isalnum(*p) || strchr("-_", *p) != NULL))
1416 while (isascii(*p) && isspace(*p))
1422 syserr("mailer %s: null user name",
1426 pw = sm_getpwnam(q);
1429 syserr("readcf: mailer U= flag: unknown user %s", q);
1434 m->m_uid = pw->pw_uid;
1435 m->m_gid = pw->pw_gid;
1442 m->m_uid = strtol(p, &q, 0);
1444 while (isascii(*p) && isspace(*p))
1449 while (isascii(*p) && isspace(*p))
1453 if (isascii(*p) && !isdigit(*p))
1458 while (isascii(*p) && isalnum(*p))
1463 syserr("mailer %s: null group name",
1470 syserr("readcf: mailer U= flag: unknown group %s", q);
1474 m->m_gid = gr->gr_gid;
1478 m->m_gid = strtol(p, NULL, 0);
1482 case 'W': /* wait timeout */
1483 m->m_wait = convtime(p, 's');
1486 case '/': /* new root directory */
1488 syserr("mailer %s: null root directory",
1491 m->m_rootdir = newstr(p);
1495 syserr("M%s: unknown mailer equate %c=",
1504 if (bitnset(M_SECURE_PORT, m->m_flags))
1506 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
1507 "M%s: Warning: F=%c set on system that doesn't support rresvport()\n",
1508 m->m_name, M_SECURE_PORT);
1510 #endif /* !HASRRESVPORT */
1515 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
1516 "M%s: Warning: N= set on system that doesn't support nice()\n",
1519 #endif /* !HASNICE */
1521 /* do some rationality checking */
1522 if (m->m_argv == NULL)
1524 syserr("M%s: A= argument required", m->m_name);
1527 if (m->m_mailer == NULL)
1529 syserr("M%s: P= argument required", m->m_name);
1533 if (nextmailer >= MAXMAILERS)
1535 syserr("too many mailers defined (%d max)", MAXMAILERS);
1539 if (m->m_maxrcpt <= 0)
1540 m->m_maxrcpt = DEFAULT_MAX_RCPT;
1542 /* do some heuristic cleanup for back compatibility */
1543 if (bitnset(M_LIMITS, m->m_flags))
1545 if (m->m_linelimit == 0)
1546 m->m_linelimit = SMTPLINELIM;
1547 if (ConfigLevel < 2)
1548 setbitn(M_7BITS, m->m_flags);
1551 if (strcmp(m->m_mailer, "[TCP]") == 0)
1553 syserr("M%s: P=[TCP] must be replaced by P=[IPC]", m->m_name);
1557 if (strcmp(m->m_mailer, "[IPC]") == 0)
1559 /* Use the second argument for host or path to socket */
1560 if (m->m_argv[0] == NULL || m->m_argv[1] == NULL ||
1561 m->m_argv[1][0] == '\0')
1563 syserr("M%s: too few parameters for %s mailer",
1564 m->m_name, m->m_mailer);
1567 if (strcmp(m->m_argv[0], "TCP") != 0
1569 && strcmp(m->m_argv[0], "FILE") != 0
1570 #endif /* NETUNIX */
1573 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
1574 "M%s: Warning: first argument in %s mailer must be %s\n",
1575 m->m_name, m->m_mailer,
1580 #endif /* NETUNIX */
1583 if (m->m_mtatype == NULL)
1584 m->m_mtatype = "dns";
1585 if (m->m_addrtype == NULL)
1586 m->m_addrtype = "rfc822";
1587 if (m->m_diagtype == NULL)
1589 if (m->m_argv[0] != NULL &&
1590 strcmp(m->m_argv[0], "FILE") == 0)
1591 m->m_diagtype = "x-unix";
1593 m->m_diagtype = "smtp";
1596 else if (strcmp(m->m_mailer, "[FILE]") == 0)
1598 /* Use the second argument for filename */
1599 if (m->m_argv[0] == NULL || m->m_argv[1] == NULL ||
1600 m->m_argv[2] != NULL)
1602 syserr("M%s: too %s parameters for [FILE] mailer",
1604 (m->m_argv[0] == NULL ||
1605 m->m_argv[1] == NULL) ? "few" : "many");
1608 else if (strcmp(m->m_argv[0], "FILE") != 0)
1610 syserr("M%s: first argument in [FILE] mailer must be FILE",
1616 if (m->m_eol == NULL)
1620 /* default for SMTP is \r\n; use \n for local delivery */
1621 for (pp = m->m_argv; *pp != NULL; pp++)
1623 for (p = *pp; *p != '\0'; )
1625 if ((*p++ & 0377) == MACROEXPAND && *p == 'u')
1637 /* enter the mailer into the symbol table */
1638 s = stab(m->m_name, ST_MAILER, ST_ENTER);
1639 if (s->s_mailer != NULL)
1641 i = s->s_mailer->m_mno;
1642 sm_free(s->s_mailer); /* XXX */
1648 Mailer[i] = s->s_mailer = m;
1652 ** MUNCHSTRING -- translate a string into internal form.
1655 ** p -- the string to munch.
1656 ** delimptr -- if non-NULL, set to the pointer of the
1657 ** field delimiter character.
1658 ** delim -- the delimiter for the field.
1661 ** the munched string.
1664 ** the munched string is a local static buffer.
1665 ** it must be copied before the function is called again.
1669 munchstring(p, delimptr, delim)
1675 bool backslash = false;
1676 bool quotemode = false;
1677 static char buf[MAXLINE];
1679 for (q = buf; *p != '\0' && q < &buf[sizeof(buf) - 1]; p++)
1683 /* everything is roughly literal */
1687 case 'r': /* carriage return */
1691 case 'n': /* newline */
1695 case 'f': /* form feed */
1699 case 'b': /* backspace */
1710 quotemode = !quotemode;
1711 else if (quotemode || *p != delim)
1718 if (delimptr != NULL)
1724 ** EXTRQUOTSTR -- extract a (quoted) string.
1726 ** This routine deals with quoted (") strings and escaped
1730 ** p -- source string.
1731 ** delimptr -- if non-NULL, set to the pointer of the
1732 ** field delimiter character.
1733 ** delimbuf -- delimiters for the field.
1734 ** st -- if non-NULL, store the return value (whether the
1735 ** string was correctly quoted) here.
1738 ** the extracted string.
1741 ** the returned string is a local static buffer.
1742 ** it must be copied before the function is called again.
1746 extrquotstr(p, delimptr, delimbuf, st)
1753 bool backslash = false;
1754 bool quotemode = false;
1755 static char buf[MAXLINE];
1757 for (q = buf; *p != '\0' && q < &buf[sizeof(buf) - 1]; p++)
1768 quotemode = !quotemode;
1769 else if (quotemode ||
1770 strchr(delimbuf, (int) *p) == NULL)
1776 if (delimptr != NULL)
1780 *st = !(quotemode || backslash);
1784 ** MAKEARGV -- break up a string into words
1787 ** p -- the string to break up.
1790 ** a char **argv (dynamically allocated)
1803 char *argv[MAXPV + 1];
1805 /* take apart the words */
1807 while (*p != '\0' && i < MAXPV)
1810 while (*p != '\0' && !(isascii(*p) && isspace(*p)))
1812 while (isascii(*p) && isspace(*p))
1814 argv[i++] = newstr(q);
1818 /* now make a copy of the argv */
1819 avp = (char **) xalloc(sizeof(*avp) * i);
1820 memmove((char *) avp, (char *) argv, sizeof(*avp) * i);
1825 ** PRINTRULES -- print rewrite rules (for debugging)
1834 ** prints rewrite rules.
1840 register struct rewrite *rwp;
1841 register int ruleset;
1843 for (ruleset = 0; ruleset < 10; ruleset++)
1845 if (RewriteRules[ruleset] == NULL)
1847 sm_dprintf("\n----Rule Set %d:", ruleset);
1849 for (rwp = RewriteRules[ruleset]; rwp != NULL; rwp = rwp->r_next)
1851 sm_dprintf("\nLHS:");
1852 printav(sm_debug_file(), rwp->r_lhs);
1854 printav(sm_debug_file(), rwp->r_rhs);
1859 ** PRINTMAILER -- print mailer structure (for debugging)
1862 ** fp -- output file
1863 ** m -- the mailer to print
1876 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT,
1877 "mailer %d (%s): P=%s S=", m->m_mno, m->m_name,
1879 if (RuleSetNames[m->m_se_rwset] == NULL)
1880 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%d/",
1883 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s/",
1884 RuleSetNames[m->m_se_rwset]);
1885 if (RuleSetNames[m->m_sh_rwset] == NULL)
1886 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%d R=",
1889 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s R=",
1890 RuleSetNames[m->m_sh_rwset]);
1891 if (RuleSetNames[m->m_re_rwset] == NULL)
1892 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%d/",
1895 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s/",
1896 RuleSetNames[m->m_re_rwset]);
1897 if (RuleSetNames[m->m_rh_rwset] == NULL)
1898 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%d ",
1901 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "%s ",
1902 RuleSetNames[m->m_rh_rwset]);
1903 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "M=%ld U=%d:%d F=",
1904 m->m_maxsize, (int) m->m_uid, (int) m->m_gid);
1905 for (j = '\0'; j <= '\177'; j++)
1906 if (bitnset(j, m->m_flags))
1907 (void) sm_io_putc(fp, SM_TIME_DEFAULT, j);
1908 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " L=%d E=",
1910 xputs(fp, m->m_eol);
1911 if (m->m_defcharset != NULL)
1912 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " C=%s",
1914 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " T=%s/%s/%s",
1915 m->m_mtatype == NULL
1916 ? "<undefined>" : m->m_mtatype,
1917 m->m_addrtype == NULL
1918 ? "<undefined>" : m->m_addrtype,
1919 m->m_diagtype == NULL
1920 ? "<undefined>" : m->m_diagtype);
1921 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " r=%d", m->m_maxrcpt);
1922 if (m->m_argv != NULL)
1924 char **a = m->m_argv;
1926 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, " A=");
1930 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT,
1935 (void) sm_io_fprintf(fp, SM_TIME_DEFAULT, "\n");
1938 ** SETOPTION -- set global processing option
1941 ** opt -- option name.
1942 ** val -- option value (as a text string).
1943 ** safe -- set if this came from a configuration file.
1944 ** Some options (if set from the command line) will
1945 ** reset the user id to avoid security problems.
1946 ** sticky -- if set, don't let other setoptions override
1948 ** e -- the main envelope.
1954 ** Sets options as implied by the arguments.
1957 static BITMAP256 StickyOpt; /* set if option is stuck */
1961 static struct resolverflags
1963 char *rf_name; /* name of the flag */
1964 long rf_bits; /* bits to set/clear */
1967 { "debug", RES_DEBUG },
1968 { "aaonly", RES_AAONLY },
1969 { "usevc", RES_USEVC },
1970 { "primary", RES_PRIMARY },
1971 { "igntc", RES_IGNTC },
1972 { "recurse", RES_RECURSE },
1973 { "defnames", RES_DEFNAMES },
1974 { "stayopen", RES_STAYOPEN },
1975 { "dnsrch", RES_DNSRCH },
1976 # ifdef RES_USE_INET6
1977 { "use_inet6", RES_USE_INET6 },
1978 # endif /* RES_USE_INET6 */
1979 { "true", 0 }, /* avoid error on old syntax */
1983 #endif /* NAMED_BIND */
1985 #define OI_NONE 0 /* no special treatment */
1986 #define OI_SAFE 0x0001 /* safe for random people to use */
1987 #define OI_SUBOPT 0x0002 /* option has suboptions */
1989 static struct optioninfo
1991 char *o_name; /* long name of option */
1992 unsigned char o_code; /* short name of option */
1993 unsigned short o_flags; /* option flags */
1996 #if defined(SUN_EXTENSIONS) && defined(REMOTE_MODE)
1997 { "RemoteMode", '>', OI_NONE },
1998 #endif /* defined(SUN_EXTENSIONS) && defined(REMOTE_MODE) */
1999 { "SevenBitInput", '7', OI_SAFE },
2000 { "EightBitMode", '8', OI_SAFE },
2001 { "AliasFile", 'A', OI_NONE },
2002 { "AliasWait", 'a', OI_NONE },
2003 { "BlankSub", 'B', OI_NONE },
2004 { "MinFreeBlocks", 'b', OI_SAFE },
2005 { "CheckpointInterval", 'C', OI_SAFE },
2006 { "HoldExpensive", 'c', OI_NONE },
2007 { "DeliveryMode", 'd', OI_SAFE },
2008 { "ErrorHeader", 'E', OI_NONE },
2009 { "ErrorMode", 'e', OI_SAFE },
2010 { "TempFileMode", 'F', OI_NONE },
2011 { "SaveFromLine", 'f', OI_NONE },
2012 { "MatchGECOS", 'G', OI_NONE },
2014 /* no long name, just here to avoid problems in setoption */
2015 { "", 'g', OI_NONE },
2016 { "HelpFile", 'H', OI_NONE },
2017 { "MaxHopCount", 'h', OI_NONE },
2018 { "ResolverOptions", 'I', OI_NONE },
2019 { "IgnoreDots", 'i', OI_SAFE },
2020 { "ForwardPath", 'J', OI_NONE },
2021 { "SendMimeErrors", 'j', OI_SAFE },
2022 { "ConnectionCacheSize", 'k', OI_NONE },
2023 { "ConnectionCacheTimeout", 'K', OI_NONE },
2024 { "UseErrorsTo", 'l', OI_NONE },
2025 { "LogLevel", 'L', OI_SAFE },
2026 { "MeToo", 'm', OI_SAFE },
2028 /* no long name, just here to avoid problems in setoption */
2029 { "", 'M', OI_NONE },
2030 { "CheckAliases", 'n', OI_NONE },
2031 { "OldStyleHeaders", 'o', OI_SAFE },
2032 { "DaemonPortOptions", 'O', OI_NONE },
2033 { "PrivacyOptions", 'p', OI_SAFE },
2034 { "PostmasterCopy", 'P', OI_NONE },
2035 { "QueueFactor", 'q', OI_NONE },
2036 { "QueueDirectory", 'Q', OI_NONE },
2037 { "DontPruneRoutes", 'R', OI_NONE },
2038 { "Timeout", 'r', OI_SUBOPT },
2039 { "StatusFile", 'S', OI_NONE },
2040 { "SuperSafe", 's', OI_SAFE },
2041 { "QueueTimeout", 'T', OI_NONE },
2042 { "TimeZoneSpec", 't', OI_NONE },
2043 { "UserDatabaseSpec", 'U', OI_NONE },
2044 { "DefaultUser", 'u', OI_NONE },
2045 { "FallbackMXhost", 'V', OI_NONE },
2046 { "Verbose", 'v', OI_SAFE },
2047 { "TryNullMXList", 'w', OI_NONE },
2048 { "QueueLA", 'x', OI_NONE },
2049 { "RefuseLA", 'X', OI_NONE },
2050 { "RecipientFactor", 'y', OI_NONE },
2051 { "ForkEachJob", 'Y', OI_NONE },
2052 { "ClassFactor", 'z', OI_NONE },
2053 { "RetryFactor", 'Z', OI_NONE },
2054 #define O_QUEUESORTORD 0x81
2055 { "QueueSortOrder", O_QUEUESORTORD, OI_SAFE },
2056 #define O_HOSTSFILE 0x82
2057 { "HostsFile", O_HOSTSFILE, OI_NONE },
2059 { "MinQueueAge", O_MQA, OI_SAFE },
2060 #define O_DEFCHARSET 0x85
2061 { "DefaultCharSet", O_DEFCHARSET, OI_SAFE },
2062 #define O_SSFILE 0x86
2063 { "ServiceSwitchFile", O_SSFILE, OI_NONE },
2064 #define O_DIALDELAY 0x87
2065 { "DialDelay", O_DIALDELAY, OI_SAFE },
2066 #define O_NORCPTACTION 0x88
2067 { "NoRecipientAction", O_NORCPTACTION, OI_SAFE },
2068 #define O_SAFEFILEENV 0x89
2069 { "SafeFileEnvironment", O_SAFEFILEENV, OI_NONE },
2070 #define O_MAXMSGSIZE 0x8a
2071 { "MaxMessageSize", O_MAXMSGSIZE, OI_NONE },
2072 #define O_COLONOKINADDR 0x8b
2073 { "ColonOkInAddr", O_COLONOKINADDR, OI_SAFE },
2074 #define O_MAXQUEUERUN 0x8c
2075 { "MaxQueueRunSize", O_MAXQUEUERUN, OI_SAFE },
2076 #define O_MAXCHILDREN 0x8d
2077 { "MaxDaemonChildren", O_MAXCHILDREN, OI_NONE },
2078 #define O_KEEPCNAMES 0x8e
2079 { "DontExpandCnames", O_KEEPCNAMES, OI_NONE },
2080 #define O_MUSTQUOTE 0x8f
2081 { "MustQuoteChars", O_MUSTQUOTE, OI_NONE },
2082 #define O_SMTPGREETING 0x90
2083 { "SmtpGreetingMessage", O_SMTPGREETING, OI_NONE },
2084 #define O_UNIXFROM 0x91
2085 { "UnixFromLine", O_UNIXFROM, OI_NONE },
2086 #define O_OPCHARS 0x92
2087 { "OperatorChars", O_OPCHARS, OI_NONE },
2088 #define O_DONTINITGRPS 0x93
2089 { "DontInitGroups", O_DONTINITGRPS, OI_NONE },
2091 { "SingleLineFromHeader", O_SLFH, OI_SAFE },
2093 { "AllowBogusHELO", O_ABH, OI_SAFE },
2094 #define O_CONNTHROT 0x97
2095 { "ConnectionRateThrottle", O_CONNTHROT, OI_NONE },
2097 { "UnsafeGroupWrites", O_UGW, OI_NONE },
2098 #define O_DBLBOUNCE 0x9a
2099 { "DoubleBounceAddress", O_DBLBOUNCE, OI_NONE },
2100 #define O_HSDIR 0x9b
2101 { "HostStatusDirectory", O_HSDIR, OI_NONE },
2102 #define O_SINGTHREAD 0x9c
2103 { "SingleThreadDelivery", O_SINGTHREAD, OI_NONE },
2104 #define O_RUNASUSER 0x9d
2105 { "RunAsUser", O_RUNASUSER, OI_NONE },
2106 #define O_DSN_RRT 0x9e
2107 { "RrtImpliesDsn", O_DSN_RRT, OI_NONE },
2108 #define O_PIDFILE 0x9f
2109 { "PidFile", O_PIDFILE, OI_NONE },
2110 #define O_DONTBLAMESENDMAIL 0xa0
2111 { "DontBlameSendmail", O_DONTBLAMESENDMAIL, OI_NONE },
2113 { "DontProbeInterfaces", O_DPI, OI_NONE },
2114 #define O_MAXRCPT 0xa2
2115 { "MaxRecipientsPerMessage", O_MAXRCPT, OI_SAFE },
2116 #define O_DEADLETTER 0xa3
2117 { "DeadLetterDrop", O_DEADLETTER, OI_NONE },
2118 #if _FFR_DONTLOCKFILESFORREAD_OPTION
2119 # define O_DONTLOCK 0xa4
2120 { "DontLockFilesForRead", O_DONTLOCK, OI_NONE },
2121 #endif /* _FFR_DONTLOCKFILESFORREAD_OPTION */
2122 #define O_MAXALIASRCSN 0xa5
2123 { "MaxAliasRecursion", O_MAXALIASRCSN, OI_NONE },
2124 #define O_CNCTONLYTO 0xa6
2125 { "ConnectOnlyTo", O_CNCTONLYTO, OI_NONE },
2126 #define O_TRUSTUSER 0xa7
2127 { "TrustedUser", O_TRUSTUSER, OI_NONE },
2128 #define O_MAXMIMEHDRLEN 0xa8
2129 { "MaxMimeHeaderLength", O_MAXMIMEHDRLEN, OI_NONE },
2130 #define O_CONTROLSOCKET 0xa9
2131 { "ControlSocketName", O_CONTROLSOCKET, OI_NONE },
2132 #define O_MAXHDRSLEN 0xaa
2133 { "MaxHeadersLength", O_MAXHDRSLEN, OI_NONE },
2134 #if _FFR_MAX_FORWARD_ENTRIES
2135 # define O_MAXFORWARD 0xab
2136 { "MaxForwardEntries", O_MAXFORWARD, OI_NONE },
2137 #endif /* _FFR_MAX_FORWARD_ENTRIES */
2138 #define O_PROCTITLEPREFIX 0xac
2139 { "ProcessTitlePrefix", O_PROCTITLEPREFIX, OI_NONE },
2140 #define O_SASLINFO 0xad
2141 #if _FFR_ALLOW_SASLINFO
2142 { "DefaultAuthInfo", O_SASLINFO, OI_SAFE },
2143 #else /* _FFR_ALLOW_SASLINFO */
2144 { "DefaultAuthInfo", O_SASLINFO, OI_NONE },
2145 #endif /* _FFR_ALLOW_SASLINFO */
2146 #define O_SASLMECH 0xae
2147 { "AuthMechanisms", O_SASLMECH, OI_NONE },
2148 #define O_CLIENTPORT 0xaf
2149 { "ClientPortOptions", O_CLIENTPORT, OI_NONE },
2150 #define O_DF_BUFSIZE 0xb0
2151 { "DataFileBufferSize", O_DF_BUFSIZE, OI_NONE },
2152 #define O_XF_BUFSIZE 0xb1
2153 { "XscriptFileBufferSize", O_XF_BUFSIZE, OI_NONE },
2154 #define O_LDAPDEFAULTSPEC 0xb2
2155 { "LDAPDefaultSpec", O_LDAPDEFAULTSPEC, OI_NONE },
2156 #define O_SRVCERTFILE 0xb4
2157 { "ServerCertFile", O_SRVCERTFILE, OI_NONE },
2158 #define O_SRVKEYFILE 0xb5
2159 { "ServerKeyFile", O_SRVKEYFILE, OI_NONE },
2160 #define O_CLTCERTFILE 0xb6
2161 { "ClientCertFile", O_CLTCERTFILE, OI_NONE },
2162 #define O_CLTKEYFILE 0xb7
2163 { "ClientKeyFile", O_CLTKEYFILE, OI_NONE },
2164 #define O_CACERTFILE 0xb8
2165 { "CACertFile", O_CACERTFILE, OI_NONE },
2166 #define O_CACERTPATH 0xb9
2167 { "CACertPath", O_CACERTPATH, OI_NONE },
2168 #define O_DHPARAMS 0xba
2169 { "DHParameters", O_DHPARAMS, OI_NONE },
2170 #define O_INPUTMILTER 0xbb
2171 { "InputMailFilters", O_INPUTMILTER, OI_NONE },
2172 #define O_MILTER 0xbc
2173 { "Milter", O_MILTER, OI_SUBOPT },
2174 #define O_SASLOPTS 0xbd
2175 { "AuthOptions", O_SASLOPTS, OI_NONE },
2176 #define O_QUEUE_FILE_MODE 0xbe
2177 { "QueueFileMode", O_QUEUE_FILE_MODE, OI_NONE },
2179 # define O_DHPARAMS5 0xbf
2180 { "DHParameters512", O_DHPARAMS5, OI_NONE },
2181 # define O_CIPHERLIST 0xc0
2182 { "CipherList", O_CIPHERLIST, OI_NONE },
2183 #endif /* _FFR_TLS_1 */
2184 #define O_RANDFILE 0xc1
2185 { "RandFile", O_RANDFILE, OI_NONE },
2186 #define O_TLS_SRV_OPTS 0xc2
2187 { "TLSSrvOptions", O_TLS_SRV_OPTS, OI_NONE },
2188 #define O_RCPTTHROT 0xc3
2189 { "BadRcptThrottle", O_RCPTTHROT, OI_SAFE },
2190 #define O_DLVR_MIN 0xc4
2191 { "DeliverByMin", O_DLVR_MIN, OI_NONE },
2192 #define O_MAXQUEUECHILDREN 0xc5
2193 { "MaxQueueChildren", O_MAXQUEUECHILDREN, OI_NONE },
2194 #define O_MAXRUNNERSPERQUEUE 0xc6
2195 { "MaxRunnersPerQueue", O_MAXRUNNERSPERQUEUE, OI_NONE },
2196 #define O_DIRECTSUBMODIFIERS 0xc7
2197 { "DirectSubmissionModifiers", O_DIRECTSUBMODIFIERS, OI_NONE },
2198 #define O_NICEQUEUERUN 0xc8
2199 { "NiceQueueRun", O_NICEQUEUERUN, OI_NONE },
2200 #define O_SHMKEY 0xc9
2201 { "SharedMemoryKey", O_SHMKEY, OI_NONE },
2202 #define O_SASLBITS 0xca
2203 { "AuthMaxBits", O_SASLBITS, OI_NONE },
2205 { "MailboxDatabase", O_MBDB, OI_NONE },
2207 { "UseMSP", O_MSQ, OI_NONE },
2208 #define O_DELAY_LA 0xcd
2209 { "DelayLA", O_DELAY_LA, OI_NONE },
2210 #define O_FASTSPLIT 0xce
2211 { "FastSplit", O_FASTSPLIT, OI_NONE },
2212 #define O_SOFTBOUNCE 0xcf
2213 { "SoftBounce", O_SOFTBOUNCE, OI_NONE },
2214 #define O_SHMKEYFILE 0xd0
2215 { "SharedMemoryKeyFile", O_SHMKEYFILE, OI_NONE },
2216 #define O_REJECTLOGINTERVAL 0xd1
2217 { "RejectLogInterval", O_REJECTLOGINTERVAL, OI_NONE },
2218 #define O_REQUIRES_DIR_FSYNC 0xd2
2219 { "RequiresDirfsync", O_REQUIRES_DIR_FSYNC, OI_NONE },
2220 #define O_CONNECTION_RATE_WINDOW_SIZE 0xd3
2221 { "ConnectionRateWindowSize", O_CONNECTION_RATE_WINDOW_SIZE, OI_NONE },
2222 #define O_CRLFILE 0xd4
2223 { "CRLFile", O_CRLFILE, OI_NONE },
2224 #define O_FALLBACKSMARTHOST 0xd5
2225 { "FallbackSmartHost", O_FALLBACKSMARTHOST, OI_NONE },
2226 #define O_SASLREALM 0xd6
2227 { "AuthRealm", O_SASLREALM, OI_NONE },
2229 # define O_CRLPATH 0xd7
2230 { "CRLPath", O_CRLPATH, OI_NONE },
2231 #endif /* _FFR_CRLPATH */
2232 #define O_HELONAME 0xd8
2233 { "HeloName", O_HELONAME, OI_NONE },
2235 # define O_REFUSELOWMEM 0xd9
2236 { "RefuseLowMem", O_REFUSELOWMEM, OI_NONE },
2237 # define O_QUEUELOWMEM 0xda
2238 { "QueueLowMem", O_QUEUELOWMEM, OI_NONE },
2239 # define O_MEMRESOURCE 0xdb
2240 { "MemoryResource", O_MEMRESOURCE, OI_NONE },
2241 #endif /* _FFR_MEMSTAT */
2242 #define O_MAXNOOPCOMMANDS 0xdc
2243 { "MaxNOOPCommands", O_MAXNOOPCOMMANDS, OI_NONE },
2245 # define O_MSG_ACCEPT 0xdd
2246 { "MessageAccept", O_MSG_ACCEPT, OI_NONE },
2247 #endif /* _FFR_MSG_ACCEPT */
2248 #if _FFR_QUEUE_RUN_PARANOIA
2249 # define O_CHK_Q_RUNNERS 0xde
2250 { "CheckQueueRunners", O_CHK_Q_RUNNERS, OI_NONE },
2251 #endif /* _FFR_QUEUE_RUN_PARANOIA */
2252 #if _FFR_EIGHT_BIT_ADDR_OK
2254 # ERROR FFR_EIGHT_BIT_ADDR_OK requires _ALLOW_255
2255 # endif /* !ALLOW_255 */
2256 # define O_EIGHT_BIT_ADDR_OK 0xdf
2257 { "EightBitAddrOK", O_EIGHT_BIT_ADDR_OK, OI_NONE },
2258 #endif /* _FFR_EIGHT_BIT_ADDR_OK */
2259 #if _FFR_ADDR_TYPE_MODES
2260 # define O_ADDR_TYPE_MODES 0xe0
2261 { "AddrTypeModes", O_ADDR_TYPE_MODES, OI_NONE },
2262 #endif /* _FFR_ADDR_TYPE_MODES */
2263 #if _FFR_BADRCPT_SHUTDOWN
2264 # define O_RCPTSHUTD 0xe1
2265 { "BadRcptShutdown", O_RCPTSHUTD, OI_SAFE },
2266 # define O_RCPTSHUTDG 0xe2
2267 { "BadRcptShutdownGood", O_RCPTSHUTDG, OI_SAFE },
2268 #endif /* _FFR_BADRCPT_SHUTDOWN */
2269 #if STARTTLS && _FFR_TLS_1
2270 # define O_SRV_SSL_OPTIONS 0xe3
2271 { "ServerSSLOptions", O_SRV_SSL_OPTIONS, OI_NONE },
2272 # define O_CLT_SSL_OPTIONS 0xe4
2273 { "ClientSSLOptions", O_CLT_SSL_OPTIONS, OI_NONE },
2274 #endif /* STARTTLS && _FFR_TLS_1 */
2276 # define O_MAX_QUEUE_AGE 0xe5
2277 { "MaxQueueAge", O_MAX_QUEUE_AGE, OI_NONE },
2278 #endif /* _FFR_EXPDELAY */
2279 #if _FFR_RCPTTHROTDELAY
2280 # define O_RCPTTHROTDELAY 0xe6
2281 { "BadRcptThrottleDelay", O_RCPTTHROTDELAY, OI_SAFE },
2282 #endif /* _FFR_RCPTTHROTDELAY */
2283 #if 0 && _FFR_QOS && defined(SOL_IP) && defined(IP_TOS)
2284 # define O_INETQOS 0xe7 /* reserved for FFR_QOS */
2285 { "InetQoS", O_INETQOS, OI_NONE },
2288 { NULL, '\0', OI_NONE }
2291 #if STARTTLS && _FFR_TLS_1
2292 static struct ssl_options
2294 const char *sslopt_name; /* name of the flag */
2295 long sslopt_bits; /* bits to set/clear */
2298 /* these are turned on by default */
2299 #ifdef SSL_OP_MICROSOFT_SESS_ID_BUG
2300 { "SSL_OP_MICROSOFT_SESS_ID_BUG", SSL_OP_MICROSOFT_SESS_ID_BUG },
2302 #ifdef SSL_OP_NETSCAPE_CHALLENGE_BUG
2303 { "SSL_OP_NETSCAPE_CHALLENGE_BUG", SSL_OP_NETSCAPE_CHALLENGE_BUG },
2305 #ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
2306 { "SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG },
2308 #ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
2309 { "SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG },
2311 #ifdef SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
2312 { "SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER },
2314 #ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
2315 { "SSL_OP_MSIE_SSLV2_RSA_PADDING", SSL_OP_MSIE_SSLV2_RSA_PADDING },
2317 #ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG
2318 { "SSL_OP_SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG },
2320 #ifdef SSL_OP_TLS_D5_BUG
2321 { "SSL_OP_TLS_D5_BUG", SSL_OP_TLS_D5_BUG },
2323 #ifdef SSL_OP_TLS_BLOCK_PADDING_BUG
2324 { "SSL_OP_TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG },
2326 #ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
2327 { "SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS },
2330 { "SSL_OP_ALL", SSL_OP_ALL },
2332 #ifdef SSL_OP_NO_QUERY_MTU
2333 { "SSL_OP_NO_QUERY_MTU", SSL_OP_NO_QUERY_MTU },
2335 #ifdef SSL_OP_COOKIE_EXCHANGE
2336 { "SSL_OP_COOKIE_EXCHANGE", SSL_OP_COOKIE_EXCHANGE },
2338 #ifdef SSL_OP_NO_TICKET
2339 { "SSL_OP_NO_TICKET", SSL_OP_NO_TICKET },
2341 #ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
2342 { "SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION", SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION },
2344 #ifdef SSL_OP_SINGLE_ECDH_USE
2345 { "SSL_OP_SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE },
2347 #ifdef SSL_OP_SINGLE_DH_USE
2348 { "SSL_OP_SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE },
2350 #ifdef SSL_OP_EPHEMERAL_RSA
2351 { "SSL_OP_EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA },
2353 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
2354 { "SSL_OP_CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE },
2356 #ifdef SSL_OP_TLS_ROLLBACK_BUG
2357 { "SSL_OP_TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG },
2359 #ifdef SSL_OP_NO_SSLv2
2360 { "SSL_OP_NO_SSLv2", SSL_OP_NO_SSLv2 },
2362 #ifdef SSL_OP_NO_SSLv3
2363 { "SSL_OP_NO_SSLv3", SSL_OP_NO_SSLv3 },
2365 #ifdef SSL_OP_NO_TLSv1
2366 { "SSL_OP_NO_TLSv1", SSL_OP_NO_TLSv1 },
2368 #ifdef SSL_OP_PKCS1_CHECK_1
2369 { "SSL_OP_PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1 },
2371 #ifdef SSL_OP_PKCS1_CHECK_2
2372 { "SSL_OP_PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2 },
2374 #ifdef SSL_OP_NETSCAPE_CA_DN_BUG
2375 { "SSL_OP_NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG },
2377 #ifdef SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
2378 { "SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG },
2382 #endif /* STARTTLS && _FFR_TLS_1 */
2385 # define CANONIFY(val)
2387 # define SET_OPT_DEFAULT(opt, val) opt = val
2389 /* set a string option by expanding the value and assigning it */
2390 /* WARNING this belongs ONLY into a case statement! */
2391 #define SET_STRING_EXP(str) \
2392 expand(val, exbuf, sizeof(exbuf), e); \
2393 newval = sm_pstrdup_x(exbuf); \
2400 #define OPTNAME o->o_name == NULL ? "<unknown>" : o->o_name
2403 setoption(opt, val, safe, sticky, e)
2408 register ENVELOPE *e;
2411 register struct optioninfo *o;
2414 bool can_setuid = RunAsUid == 0;
2417 extern bool Warn_Q_option;
2418 #if _FFR_ALLOW_SASLINFO
2419 extern unsigned int SubmitMode;
2420 #endif /* _FFR_ALLOW_SASLINFO */
2421 #if STARTTLS || SM_CONF_SHM
2423 char exbuf[MAXLINE];
2424 #endif /* STARTTLS || SM_CONF_SHM */
2425 #if STARTTLS && _FFR_TLS_1
2426 long *pssloptions = NULL;
2427 #endif /* STARTTLS && _FFR_TLS_1 */
2432 /* full word options */
2433 struct optioninfo *sel;
2435 p = strchr(val, '=');
2437 p = &val[strlen(val)];
2444 syserr("readcf: null option name");
2451 subopt = strchr(val, '.');
2455 for (o = OptionTab; o->o_name != NULL; o++)
2457 if (sm_strncasecmp(o->o_name, val, strlen(val)) != 0)
2459 if (strlen(o->o_name) == strlen(val))
2461 /* completely specified -- this must be it */
2469 if (sel != NULL && o->o_name == NULL)
2471 else if (o->o_name == NULL)
2473 syserr("readcf: unknown option name %s", val);
2476 else if (sel != NULL)
2478 syserr("readcf: ambiguous option name %s (matches %s and %s)",
2479 val, sel->o_name, o->o_name);
2482 if (strlen(val) != strlen(o->o_name))
2484 int oldVerbose = Verbose;
2487 message("Option %s used as abbreviation for %s",
2489 Verbose = oldVerbose;
2496 for (o = OptionTab; o->o_name != NULL; o++)
2498 if (o->o_code == opt)
2501 if (o->o_name == NULL)
2503 syserr("readcf: unknown option name 0x%x", opt & 0xff);
2509 if (subopt != NULL && !bitset(OI_SUBOPT, o->o_flags))
2512 sm_dprintf("setoption: %s does not support suboptions, ignoring .%s\n",
2519 sm_dprintf(isascii(opt) && isprint(opt) ?
2520 "setoption %s (%c)%s%s=" :
2521 "setoption %s (0x%x)%s%s=",
2522 OPTNAME, opt, subopt == NULL ? "" : ".",
2523 subopt == NULL ? "" : subopt);
2524 xputs(sm_debug_file(), val);
2528 ** See if this option is preset for us.
2531 if (!sticky && bitnset(opt, StickyOpt))
2534 sm_dprintf(" (ignored)\n");
2539 ** Check to see if this option can be specified by this user.
2542 if (!safe && RealUid == 0)
2544 if (!safe && !bitset(OI_SAFE, o->o_flags))
2546 if (opt != 'M' || (val[0] != 'r' && val[0] != 's'))
2551 sm_dprintf(" (unsafe)");
2552 dp = drop_privileges(true);
2561 case '7': /* force seven-bit input */
2562 SevenBitInput = atobool(val);
2565 case '8': /* handling of 8-bit input */
2569 case 'p': /* pass 8 bit, convert MIME */
2570 MimeMode = MM_CVTMIME|MM_PASS8BIT;
2573 case 'm': /* convert 8-bit, convert MIME */
2574 MimeMode = MM_CVTMIME|MM_MIME8BIT;
2577 case 's': /* strict adherence */
2578 MimeMode = MM_CVTMIME;
2582 case 'r': /* reject 8-bit, don't convert MIME */
2586 case 'j': /* "just send 8" */
2587 MimeMode = MM_PASS8BIT;
2590 case 'a': /* encode 8 bit if available */
2591 MimeMode = MM_MIME8BIT|MM_PASS8BIT|MM_CVTMIME;
2594 case 'c': /* convert 8 bit to MIME, never 7 bit */
2595 MimeMode = MM_MIME8BIT;
2600 syserr("Unknown 8-bit mode %c", *val);
2601 finis(false, true, EX_USAGE);
2603 #else /* MIME8TO7 */
2604 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
2605 "Warning: Option: %s requires MIME8TO7 support\n",
2607 #endif /* MIME8TO7 */
2610 case 'A': /* set default alias file */
2615 SET_OPT_DEFAULT(al, "aliases");
2622 case 'a': /* look N minutes for "@:@" in alias file */
2624 SafeAlias = 5 MINUTES;
2626 SafeAlias = convtime(val, 'm');
2629 case 'B': /* substitution for blank character */
2631 if (SpaceSub == '\0')
2635 case 'b': /* min blocks free on queue fs/max msg size */
2636 p = strchr(val, '/');
2640 MaxMessageSize = atol(p);
2642 MinBlocksFree = atol(val);
2645 case 'c': /* don't connect to "expensive" mailers */
2646 NoConnect = atobool(val);
2649 case 'C': /* checkpoint every N addresses */
2650 if (safe || CheckpointInterval > atoi(val))
2651 CheckpointInterval = atoi(val);
2654 case 'd': /* delivery mode */
2658 set_delivery_mode(SM_DELIVER, e);
2661 case SM_QUEUE: /* queue only */
2662 case SM_DEFER: /* queue only and defer map lookups */
2663 case SM_DELIVER: /* do everything */
2664 case SM_FORK: /* fork after verification */
2666 /* deliver first TA in background, then queue */
2668 #endif /* _FFR_DM_ONE */
2669 set_delivery_mode(*val, e);
2674 syserr("Unknown delivery mode %c", *val);
2675 finis(false, true, EX_USAGE);
2679 case 'E': /* error message header/header file */
2681 ErrMsgFile = newstr(val);
2684 case 'e': /* set error processing mode */
2687 case EM_QUIET: /* be silent about it */
2688 case EM_MAIL: /* mail back */
2689 case EM_BERKNET: /* do berknet error processing */
2690 case EM_WRITE: /* write back (or mail) */
2691 case EM_PRINT: /* print errors normally (default) */
2692 e->e_errormode = *val;
2697 case 'F': /* file mode */
2698 FileMode = atooct(val) & 0777;
2701 case 'f': /* save Unix-style From lines on front */
2702 SaveFrom = atobool(val);
2705 case 'G': /* match recipients against GECOS field */
2706 MatchGecos = atobool(val);
2709 case 'g': /* default gid */
2711 if (isascii(*val) && isdigit(*val))
2715 register struct group *gr;
2720 syserr("readcf: option %c: unknown group %s",
2723 DefGid = gr->gr_gid;
2727 case 'H': /* help file */
2730 SET_OPT_DEFAULT(HelpFile, "helpfile");
2735 HelpFile = newstr(val);
2739 case 'h': /* maximum hop count */
2740 MaxHopCount = atoi(val);
2743 case 'I': /* use internet domain name server */
2745 for (p = val; *p != 0; )
2749 struct resolverflags *rfp;
2762 while (*p != '\0' && !(isascii(*p) && isspace(*p)))
2766 if (sm_strcasecmp(q, "HasWildcardMX") == 0)
2768 HasWildcardMX = !clearmode;
2771 if (sm_strcasecmp(q, "WorkAroundBrokenAAAA") == 0)
2773 WorkAroundBrokenAAAA = !clearmode;
2776 for (rfp = ResolverFlags; rfp->rf_name != NULL; rfp++)
2778 if (sm_strcasecmp(q, rfp->rf_name) == 0)
2781 if (rfp->rf_name == NULL)
2782 syserr("readcf: I option value %s unrecognized", q);
2784 _res.options &= ~rfp->rf_bits;
2786 _res.options |= rfp->rf_bits;
2789 sm_dprintf("_res.options = %x, HasWildcardMX = %d\n",
2790 (unsigned int) _res.options, HasWildcardMX);
2791 #else /* NAMED_BIND */
2792 usrerr("name server (I option) specified but BIND not compiled in");
2793 #endif /* NAMED_BIND */
2796 case 'i': /* ignore dot lines in message */
2797 IgnrDot = atobool(val);
2800 case 'j': /* send errors in MIME (RFC 1341) format */
2801 SendMIMEErrors = atobool(val);
2804 case 'J': /* .forward search path */
2806 ForwardPath = newstr(val);
2809 case 'k': /* connection cache size */
2810 MaxMciCache = atoi(val);
2811 if (MaxMciCache < 0)
2815 case 'K': /* connection cache timeout */
2816 MciCacheTimeout = convtime(val, 'm');
2819 case 'l': /* use Errors-To: header */
2820 UseErrorsTo = atobool(val);
2823 case 'L': /* log level */
2824 if (safe || LogLevel < atoi(val))
2825 LogLevel = atoi(val);
2828 case 'M': /* define macro */
2830 mid = macid_parse(val, &ep);
2835 cleanstrcpy(p, p, strlen(p) + 1);
2836 macdefine(&CurEnv->e_macro, A_TEMP, mid, p);
2839 case 'm': /* send to me too */
2840 MeToo = atobool(val);
2843 case 'n': /* validate RHS in newaliases */
2844 CheckAliases = atobool(val);
2847 /* 'N' available -- was "net name" */
2849 case 'O': /* daemon options */
2850 if (!setdaemonoptions(val))
2851 syserr("too many daemons defined (%d max)", MAXDAEMONS);
2854 case 'o': /* assume old style headers */
2856 CurEnv->e_flags |= EF_OLDSTYLE;
2858 CurEnv->e_flags &= ~EF_OLDSTYLE;
2861 case 'p': /* select privacy level */
2865 register struct prival *pv;
2866 extern struct prival PrivacyValues[];
2868 while (isascii(*p) && (isspace(*p) || ispunct(*p)))
2873 while (isascii(*p) && isalnum(*p))
2878 for (pv = PrivacyValues; pv->pv_name != NULL; pv++)
2880 if (sm_strcasecmp(val, pv->pv_name) == 0)
2883 if (pv->pv_name == NULL)
2884 syserr("readcf: Op line: %s unrecognized", val);
2886 PrivacyFlags |= pv->pv_flag;
2891 case 'P': /* postmaster copy address for returned mail */
2892 PostMasterCopy = newstr(val);
2895 case 'q': /* slope of queue only function */
2896 QueueFactor = atoi(val);
2899 case 'Q': /* queue directory */
2902 QueueDir = "mqueue";
2906 QueueDir = newstr(val);
2908 if (RealUid != 0 && !safe)
2909 Warn_Q_option = true;
2912 case 'R': /* don't prune routes */
2913 DontPruneRoutes = atobool(val);
2916 case 'r': /* read timeout */
2918 inittimeouts(val, sticky);
2920 settimeout(subopt, val, sticky);
2923 case 'S': /* status file */
2926 SET_OPT_DEFAULT(StatFile, "statistics");
2931 StatFile = newstr(val);
2935 case 's': /* be super safe, even if expensive */
2936 if (tolower(*val) == 'i')
2937 SuperSafe = SAFE_INTERACTIVE;
2938 else if (tolower(*val) == 'p')
2940 SuperSafe = SAFE_REALLY_POSTMILTER;
2942 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
2943 "Warning: SuperSafe=PostMilter requires Milter support (-DMILTER)\n");
2946 SuperSafe = atobool(val) ? SAFE_REALLY : SAFE_NO;
2949 case 'T': /* queue timeout */
2950 p = strchr(val, '/');
2954 settimeout("queuewarn", p, sticky);
2956 settimeout("queuereturn", val, sticky);
2959 case 't': /* time zone name */
2960 TimeZoneSpec = newstr(val);
2963 case 'U': /* location of user database */
2964 UdbSpec = newstr(val);
2967 case 'u': /* set default uid */
2968 for (p = val; *p != '\0'; p++)
2970 # if _FFR_DOTTED_USERNAMES
2971 if (*p == '/' || *p == ':')
2972 # else /* _FFR_DOTTED_USERNAMES */
2973 if (*p == '.' || *p == '/' || *p == ':')
2974 # endif /* _FFR_DOTTED_USERNAMES */
2980 if (isascii(*val) && isdigit(*val))
2987 register struct passwd *pw;
2990 pw = sm_getpwnam(val);
2993 syserr("readcf: option u: unknown user %s", val);
2998 DefUid = pw->pw_uid;
2999 DefGid = pw->pw_gid;
3000 DefUser = newstr(pw->pw_name);
3005 if (DefUid > UID_MAX)
3007 syserr("readcf: option u: uid value (%ld) > UID_MAX (%ld); ignored",
3008 (long)DefUid, (long)UID_MAX);
3011 # endif /* UID_MAX */
3013 /* handle the group if it is there */
3019 case 'V': /* fallback MX host */
3021 FallbackMX = newstr(val);
3024 case 'v': /* run in verbose mode */
3025 Verbose = atobool(val) ? 1 : 0;
3028 case 'w': /* if we are best MX, try host directly */
3029 TryNullMXList = atobool(val);
3032 /* 'W' available -- was wizard password */
3034 case 'x': /* load avg at which to auto-queue msgs */
3035 QueueLA = atoi(val);
3038 case 'X': /* load avg at which to auto-reject connections */
3039 RefuseLA = atoi(val);
3042 case O_DELAY_LA: /* load avg at which to delay connections */
3043 DelayLA = atoi(val);
3046 case 'y': /* work recipient factor */
3047 WkRecipFact = atoi(val);
3050 case 'Y': /* fork jobs during queue runs */
3051 ForkQueueRuns = atobool(val);
3054 case 'z': /* work message class factor */
3055 WkClassFact = atoi(val);
3058 case 'Z': /* work time factor */
3059 WkTimeFact = atoi(val);
3063 #if _FFR_QUEUE_GROUP_SORTORDER
3064 /* coordinate this with makequeue() */
3065 #endif /* _FFR_QUEUE_GROUP_SORTORDER */
3066 case O_QUEUESORTORD: /* queue sorting order */
3069 case 'f': /* File Name */
3071 QueueSortOrder = QSO_BYFILENAME;
3074 case 'h': /* Host first */
3076 QueueSortOrder = QSO_BYHOST;
3079 case 'm': /* Modification time */
3081 QueueSortOrder = QSO_BYMODTIME;
3084 case 'p': /* Priority order */
3086 QueueSortOrder = QSO_BYPRIORITY;
3089 case 't': /* Submission time */
3091 QueueSortOrder = QSO_BYTIME;
3094 case 'r': /* Random */
3096 QueueSortOrder = QSO_RANDOM;
3100 case 's': /* Shuffled host name */
3102 QueueSortOrder = QSO_BYSHUFFLE;
3104 #endif /* _FFR_RHS */
3106 case 'n': /* none */
3108 QueueSortOrder = QSO_NONE;
3112 syserr("Invalid queue sort order \"%s\"", val);
3116 case O_HOSTSFILE: /* pathname of /etc/hosts file */
3118 HostsFile = newstr(val);
3121 case O_MQA: /* minimum queue age between deliveries */
3122 MinQueueAge = convtime(val, 'm');
3126 case O_MAX_QUEUE_AGE:
3127 MaxQueueAge = convtime(val, 'm');
3129 #endif /* _FFR_EXPDELAY */
3131 case O_DEFCHARSET: /* default character set for mimefying */
3132 DefaultCharSet = newstr(denlstring(val, true, true));
3135 case O_SSFILE: /* service switch file */
3137 ServiceSwitchFile = newstr(val);
3140 case O_DIALDELAY: /* delay for dial-on-demand operation */
3141 DialDelay = convtime(val, 's');
3144 case O_NORCPTACTION: /* what to do if no recipient */
3145 if (sm_strcasecmp(val, "none") == 0)
3146 NoRecipientAction = NRA_NO_ACTION;
3147 else if (sm_strcasecmp(val, "add-to") == 0)
3148 NoRecipientAction = NRA_ADD_TO;
3149 else if (sm_strcasecmp(val, "add-apparently-to") == 0)
3150 NoRecipientAction = NRA_ADD_APPARENTLY_TO;
3151 else if (sm_strcasecmp(val, "add-bcc") == 0)
3152 NoRecipientAction = NRA_ADD_BCC;
3153 else if (sm_strcasecmp(val, "add-to-undisclosed") == 0)
3154 NoRecipientAction = NRA_ADD_TO_UNDISCLOSED;
3156 syserr("Invalid NoRecipientAction: %s", val);
3159 case O_SAFEFILEENV: /* chroot() environ for writing to files */
3163 /* strip trailing slashes */
3164 p = val + strlen(val) - 1;
3165 while (p >= val && *p == '/')
3171 SafeFileEnv = newstr(val);
3174 case O_MAXMSGSIZE: /* maximum message size */
3175 MaxMessageSize = atol(val);
3178 case O_COLONOKINADDR: /* old style handling of colon addresses */
3179 ColonOkInAddr = atobool(val);
3182 case O_MAXQUEUERUN: /* max # of jobs in a single queue run */
3183 MaxQueueRun = atoi(val);
3186 case O_MAXCHILDREN: /* max # of children of daemon */
3187 MaxChildren = atoi(val);
3190 case O_MAXQUEUECHILDREN: /* max # of children of daemon */
3191 MaxQueueChildren = atoi(val);
3194 case O_MAXRUNNERSPERQUEUE: /* max # runners in a queue group */
3195 MaxRunnersPerQueue = atoi(val);
3198 case O_NICEQUEUERUN: /* nice queue runs */
3200 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3201 "Warning: NiceQueueRun set on system that doesn't support nice()\n");
3202 #endif /* !HASNICE */
3204 /* XXX do we want to check the range? > 0 ? */
3205 NiceQueueRun = atoi(val);
3208 case O_SHMKEY: /* shared memory key */
3211 #else /* SM_CONF_SHM */
3212 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3213 "Warning: Option: %s requires shared memory support (-DSM_CONF_SHM)\n",
3215 #endif /* SM_CONF_SHM */
3218 case O_SHMKEYFILE: /* shared memory key file */
3220 SET_STRING_EXP(ShmKeyFile);
3221 #else /* SM_CONF_SHM */
3222 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3223 "Warning: Option: %s requires shared memory support (-DSM_CONF_SHM)\n",
3226 #endif /* SM_CONF_SHM */
3228 #if _FFR_MAX_FORWARD_ENTRIES
3229 case O_MAXFORWARD: /* max # of forward entries */
3230 MaxForwardEntries = atoi(val);
3232 #endif /* _FFR_MAX_FORWARD_ENTRIES */
3234 case O_KEEPCNAMES: /* don't expand CNAME records */
3235 DontExpandCnames = atobool(val);
3238 case O_MUSTQUOTE: /* must quote these characters in phrases */
3239 (void) sm_strlcpy(buf, "@,;:\\()[]", sizeof(buf));
3240 if (strlen(val) < sizeof(buf) - 10)
3241 (void) sm_strlcat(buf, val, sizeof(buf));
3243 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3244 "Warning: MustQuoteChars too long, ignored.\n");
3245 MustQuoteChars = newstr(buf);
3248 case O_SMTPGREETING: /* SMTP greeting message (old $e macro) */
3249 SmtpGreeting = newstr(munchstring(val, NULL, '\0'));
3252 case O_UNIXFROM: /* UNIX From_ line (old $l macro) */
3253 UnixFromLine = newstr(munchstring(val, NULL, '\0'));
3256 case O_OPCHARS: /* operator characters (old $o macro) */
3257 if (OperatorChars != NULL)
3258 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3259 "Warning: OperatorChars is being redefined.\n It should only be set before ruleset definitions.\n");
3260 OperatorChars = newstr(munchstring(val, NULL, '\0'));
3263 case O_DONTINITGRPS: /* don't call initgroups(3) */
3264 DontInitGroups = atobool(val);
3267 case O_SLFH: /* make sure from fits on one line */
3268 SingleLineFromHeader = atobool(val);
3271 case O_ABH: /* allow HELO commands with syntax errors */
3272 AllowBogusHELO = atobool(val);
3275 case O_CONNTHROT: /* connection rate throttle */
3276 ConnRateThrottle = atoi(val);
3279 case O_UGW: /* group writable files are unsafe */
3282 setbitn(DBS_GROUPWRITABLEFORWARDFILESAFE,
3284 setbitn(DBS_GROUPWRITABLEINCLUDEFILESAFE,
3289 case O_DBLBOUNCE: /* address to which to send double bounces */
3290 DoubleBounceAddr = newstr(val);
3293 case O_HSDIR: /* persistent host status directory */
3297 HostStatDir = newstr(val);
3301 case O_SINGTHREAD: /* single thread deliveries (requires hsdir) */
3302 SingleThreadDelivery = atobool(val);
3305 case O_RUNASUSER: /* run bulk of code as this user */
3306 for (p = val; *p != '\0'; p++)
3308 # if _FFR_DOTTED_USERNAMES
3309 if (*p == '/' || *p == ':')
3310 # else /* _FFR_DOTTED_USERNAMES */
3311 if (*p == '.' || *p == '/' || *p == ':')
3312 # endif /* _FFR_DOTTED_USERNAMES */
3318 if (isascii(*val) && isdigit(*val))
3321 RunAsUid = atoi(val);
3325 register struct passwd *pw;
3327 pw = sm_getpwnam(val);
3330 syserr("readcf: option RunAsUser: unknown user %s", val);
3333 else if (can_setuid)
3336 RunAsUserName = newstr(val);
3337 RunAsUid = pw->pw_uid;
3338 RunAsGid = pw->pw_gid;
3340 else if (EffGid == pw->pw_gid)
3341 RunAsGid = pw->pw_gid;
3342 else if (UseMSP && *p == '\0')
3343 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3344 "WARNING: RunAsUser for MSP ignored, check group ids (egid=%d, want=%d)\n",
3349 if (RunAsUid > UID_MAX)
3351 syserr("readcf: option RunAsUser: uid value (%ld) > UID_MAX (%ld); ignored",
3352 (long) RunAsUid, (long) UID_MAX);
3355 # endif /* UID_MAX */
3358 if (isascii(*p) && isdigit(*p))
3362 runasgid = (gid_t) atoi(p);
3363 if (can_setuid || EffGid == runasgid)
3364 RunAsGid = runasgid;
3366 (void) sm_io_fprintf(smioout,
3368 "WARNING: RunAsUser for MSP ignored, check group ids (egid=%d, want=%d)\n",
3374 register struct group *gr;
3378 syserr("readcf: option RunAsUser: unknown group %s",
3380 else if (can_setuid || EffGid == gr->gr_gid)
3381 RunAsGid = gr->gr_gid;
3383 (void) sm_io_fprintf(smioout,
3385 "WARNING: RunAsUser for MSP ignored, check group ids (egid=%d, want=%d)\n",
3391 sm_dprintf("readcf: RunAsUser = %d:%d\n",
3392 (int) RunAsUid, (int) RunAsGid);
3396 RrtImpliesDsn = atobool(val);
3400 PSTRSET(PidFile, val);
3403 case O_DONTBLAMESENDMAIL:
3407 register struct dbsval *dbs;
3408 extern struct dbsval DontBlameSendmailValues[];
3410 while (isascii(*p) && (isspace(*p) || ispunct(*p)))
3415 while (isascii(*p) && isalnum(*p))
3420 for (dbs = DontBlameSendmailValues;
3421 dbs->dbs_name != NULL; dbs++)
3423 if (sm_strcasecmp(val, dbs->dbs_name) == 0)
3426 if (dbs->dbs_name == NULL)
3427 syserr("readcf: DontBlameSendmail option: %s unrecognized", val);
3428 else if (dbs->dbs_flag == DBS_SAFE)
3429 clrbitmap(DontBlameSendmail);
3431 setbitn(dbs->dbs_flag, DontBlameSendmail);
3437 if (sm_strcasecmp(val, "loopback") == 0)
3438 DontProbeInterfaces = DPI_SKIPLOOPBACK;
3439 else if (atobool(val))
3440 DontProbeInterfaces = DPI_PROBENONE;
3442 DontProbeInterfaces = DPI_PROBEALL;
3446 MaxRcptPerMsg = atoi(val);
3450 BadRcptThrottle = atoi(val);
3453 #if _FFR_RCPTTHROTDELAY
3454 case O_RCPTTHROTDELAY:
3455 BadRcptThrottleDelay = atoi(val);
3457 #endif /* _FFR_RCPTTHROTDELAY */
3461 PSTRSET(DeadLetterDrop, val);
3464 #if _FFR_DONTLOCKFILESFORREAD_OPTION
3466 DontLockReadFiles = atobool(val);
3468 #endif /* _FFR_DONTLOCKFILESFORREAD_OPTION */
3470 case O_MAXALIASRCSN:
3471 MaxAliasRecursion = atoi(val);
3475 /* XXX should probably use gethostbyname */
3476 #if NETINET || NETINET6
3477 ConnectOnlyTo.sa.sa_family = AF_UNSPEC;
3479 if (anynet_pton(AF_INET6, val,
3480 &ConnectOnlyTo.sin6.sin6_addr) == 1)
3481 ConnectOnlyTo.sa.sa_family = AF_INET6;
3483 # endif /* NETINET6 */
3486 ConnectOnlyTo.sin.sin_addr.s_addr = inet_addr(val);
3487 if (ConnectOnlyTo.sin.sin_addr.s_addr != INADDR_NONE)
3488 ConnectOnlyTo.sa.sa_family = AF_INET;
3491 # endif /* NETINET */
3492 if (ConnectOnlyTo.sa.sa_family == AF_UNSPEC)
3494 syserr("readcf: option ConnectOnlyTo: invalid IP address %s",
3498 #endif /* NETINET || NETINET6 */
3502 # if !HASFCHOWN && !defined(_FFR_DROP_TRUSTUSER_WARNING)
3504 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3505 "readcf: option TrustedUser may cause problems on systems\n which do not support fchown() if UseMSP is not set.\n");
3506 # endif /* !HASFCHOWN && !defined(_FFR_DROP_TRUSTUSER_WARNING) */
3507 if (isascii(*val) && isdigit(*val))
3508 TrustedUid = atoi(val);
3511 register struct passwd *pw;
3514 pw = sm_getpwnam(val);
3517 syserr("readcf: option TrustedUser: unknown user %s", val);
3521 TrustedUid = pw->pw_uid;
3525 if (TrustedUid > UID_MAX)
3527 syserr("readcf: option TrustedUser: uid value (%ld) > UID_MAX (%ld)",
3528 (long) TrustedUid, (long) UID_MAX);
3531 # endif /* UID_MAX */
3534 case O_MAXMIMEHDRLEN:
3535 p = strchr(val, '/');
3538 MaxMimeHeaderLength = atoi(val);
3539 if (p != NULL && *p != '\0')
3540 MaxMimeFieldLength = atoi(p);
3542 MaxMimeFieldLength = MaxMimeHeaderLength / 2;
3544 if (MaxMimeHeaderLength <= 0)
3545 MaxMimeHeaderLength = 0;
3546 else if (MaxMimeHeaderLength < 128)
3547 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3548 "Warning: MaxMimeHeaderLength: header length limit set lower than 128\n");
3550 if (MaxMimeFieldLength <= 0)
3551 MaxMimeFieldLength = 0;
3552 else if (MaxMimeFieldLength < 40)
3553 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3554 "Warning: MaxMimeHeaderLength: field length limit set lower than 40\n");
3557 ** Headers field values now include leading space, so let's
3558 ** adjust the values to be "backward compatible".
3561 if (MaxMimeHeaderLength > 0)
3562 MaxMimeHeaderLength++;
3563 if (MaxMimeFieldLength > 0)
3564 MaxMimeFieldLength++;
3567 case O_CONTROLSOCKET:
3568 PSTRSET(ControlSocketName, val);
3572 MaxHeadersLength = atoi(val);
3574 if (MaxHeadersLength > 0 &&
3575 MaxHeadersLength < (MAXHDRSLEN / 2))
3576 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3577 "Warning: MaxHeadersLength: headers length limit set lower than %d\n",
3581 case O_PROCTITLEPREFIX:
3582 PSTRSET(ProcTitlePrefix, val);
3587 # if _FFR_ALLOW_SASLINFO
3589 ** Allow users to select their own authinfo file
3590 ** under certain circumstances, otherwise just ignore
3591 ** the option. If the option isn't ignored, several
3592 ** commands don't work very well, e.g., mailq.
3593 ** However, this is not a "perfect" solution.
3594 ** If mail is queued, the authentication info
3595 ** will not be used in subsequent delivery attempts.
3596 ** If we really want to support this, then it has
3597 ** to be stored in the queue file.
3599 if (!bitset(SUBMIT_MSA, SubmitMode) && RealUid != 0 &&
3600 RunAsUid != RealUid)
3602 # endif /* _FFR_ALLOW_SASLINFO */
3603 PSTRSET(SASLInfo, val);
3607 if (AuthMechanisms != NULL)
3608 sm_free(AuthMechanisms); /* XXX */
3610 AuthMechanisms = newstr(val);
3612 AuthMechanisms = NULL;
3616 if (AuthRealm != NULL)
3619 AuthRealm = newstr(val);
3625 while (val != NULL && *val != '\0')
3630 SASLOpts |= SASL_AUTH_AUTH;
3634 SASLOpts |= SASL_SEC_NOACTIVE;
3638 SASLOpts |= SASL_SEC_PASS_CREDENTIALS;
3642 SASLOpts |= SASL_SEC_NODICTIONARY;
3646 SASLOpts |= SASL_SEC_FORWARD_SECRECY;
3651 SASLOpts |= SASL_SEC_MUTUAL_AUTH;
3653 # endif /* SASL >= 20101 */
3656 SASLOpts |= SASL_SEC_NOPLAINTEXT;
3660 SASLOpts |= SASL_SEC_NOANONYMOUS;
3663 case ' ': /* ignore */
3664 case '\t': /* ignore */
3665 case ',': /* ignore */
3669 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3670 "Warning: Option: %s unknown parameter '%c'\n",
3678 val = strpbrk(val, ", \t");
3685 MaxSLBits = atoi(val);
3694 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3695 "Warning: Option: %s requires SASL support (-DSASL)\n",
3702 SET_STRING_EXP(SrvCertFile);
3704 SET_STRING_EXP(SrvKeyFile);
3706 SET_STRING_EXP(CltCertFile);
3708 SET_STRING_EXP(CltKeyFile);
3710 SET_STRING_EXP(CACertFile);
3712 SET_STRING_EXP(CACertPath);
3714 SET_STRING_EXP(DHParams);
3717 SET_STRING_EXP(DHParams5);
3719 SET_STRING_EXP(CipherList);
3720 case O_SRV_SSL_OPTIONS:
3721 pssloptions = &Srv_SSL_Options;
3722 case O_CLT_SSL_OPTIONS:
3723 if (pssloptions == NULL)
3724 pssloptions = &Clt_SSL_Options;
3725 for (p = val; *p != 0; )
3729 struct ssl_options *sslopts;
3736 if (*p == '-' || *p == '+')
3737 clearmode = *p++ == '-';
3739 while (*p != '\0' && !(isascii(*p) && isspace(*p)))
3743 for (sslopts = SSL_Option;
3744 sslopts->sslopt_name != NULL; sslopts++)
3746 if (sm_strcasecmp(q, sslopts->sslopt_name) == 0)
3749 if (sslopts->sslopt_name == NULL)
3752 syserr("readcf: %s option value %s unrecognized",
3756 *pssloptions &= ~sslopts->sslopt_bits;
3758 *pssloptions |= sslopts->sslopt_bits;
3763 # endif /* _FFR_TLS_1 */
3766 # if OPENSSL_VERSION_NUMBER > 0x00907000L
3767 SET_STRING_EXP(CRLFile);
3768 # else /* OPENSSL_VERSION_NUMBER > 0x00907000L */
3769 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3770 "Warning: Option: %s requires at least OpenSSL 0.9.7\n",
3773 # endif /* OPENSSL_VERSION_NUMBER > 0x00907000L */
3777 # if OPENSSL_VERSION_NUMBER > 0x00907000L
3778 SET_STRING_EXP(CRLPath);
3779 # else /* OPENSSL_VERSION_NUMBER > 0x00907000L */
3780 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3781 "Warning: Option: %s requires at least OpenSSL 0.9.7\n",
3784 # endif /* OPENSSL_VERSION_NUMBER > 0x00907000L */
3785 # endif /* _FFR_CRLPATH */
3788 ** XXX How about options per daemon/client instead of globally?
3789 ** This doesn't work well for some options, e.g., no server cert,
3790 ** but fine for others.
3792 ** XXX Some people may want different certs per server.
3794 ** See also srvfeatures()
3797 case O_TLS_SRV_OPTS:
3798 while (val != NULL && *val != '\0')
3803 TLS_Srv_Opts |= TLS_I_NO_VRFY;
3807 ** Server without a cert? That works only if
3808 ** AnonDH is enabled as cipher, which is not in the
3809 ** default list. Hence the CipherList option must
3810 ** be available. Moreover: which clients support this
3811 ** besides sendmail with this setting?
3815 TLS_Srv_Opts &= ~TLS_I_SRV_CERT;
3817 # endif /* _FFR_TLS_1 */
3818 case ' ': /* ignore */
3819 case '\t': /* ignore */
3820 case ',': /* ignore */
3823 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3824 "Warning: Option: %s unknown parameter '%c'\n",
3832 val = strpbrk(val, ", \t");
3839 PSTRSET(RandFile, val);
3842 #else /* STARTTLS */
3853 # endif /* _FFR_TLS_1 */
3857 # endif /* _FFR_CRLPATH */
3859 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3860 "Warning: Option: %s requires TLS support\n",
3864 #endif /* STARTTLS */
3867 setclientoptions(val);
3871 DataFileBufferSize = atoi(val);
3875 XscriptFileBufferSize = atoi(val);
3878 case O_LDAPDEFAULTSPEC:
3880 ldapmap_set_defaults(val);
3882 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3883 "Warning: Option: %s requires LDAP support (-DLDAPMAP)\n",
3885 #endif /* LDAPMAP */
3890 InputFilterList = newstr(val);
3892 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3893 "Warning: Option: %s requires Milter support (-DMILTER)\n",
3900 milter_set_option(subopt, val, sticky);
3902 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
3903 "Warning: Option: %s requires Milter support (-DMILTER)\n",
3908 case O_QUEUE_FILE_MODE: /* queue file mode */
3909 QueueFileMode = atooct(val) & 0777;
3912 case O_DLVR_MIN: /* deliver by minimum time */
3913 DeliverByMin = convtime(val, 's');
3916 /* modifiers {daemon_flags} for direct submissions */
3917 case O_DIRECTSUBMODIFIERS:
3919 BITMAP256 m; /* ignored */
3920 extern ENVELOPE BlankEnvelope;
3922 macdefine(&BlankEnvelope.e_macro, A_PERM,
3923 macid("{daemon_flags}"),
3924 getmodifiers(val, m));
3929 FastSplit = atoi(val);
3937 UseMSP = atobool(val);
3941 SoftBounce = atobool(val);
3944 case O_REJECTLOGINTERVAL: /* time btwn log msgs while refusing */
3945 RejectLogInterval = convtime(val, 'h');
3948 case O_REQUIRES_DIR_FSYNC:
3949 #if REQUIRES_DIR_FSYNC
3950 RequiresDirfsync = atobool(val);
3951 #else /* REQUIRES_DIR_FSYNC */
3952 /* silently ignored... required for cf file option */
3953 #endif /* REQUIRES_DIR_FSYNC */
3956 case O_CONNECTION_RATE_WINDOW_SIZE:
3957 ConnectionRateWindowSize = convtime(val, 's');
3960 case O_FALLBACKSMARTHOST: /* fallback smart host */
3962 FallbackSmartHost = newstr(val);
3966 HeloName = newstr(val);
3970 case O_REFUSELOWMEM:
3971 RefuseLowMem = atoi(val);
3974 QueueLowMem = atoi(val);
3977 MemoryResource = newstr(val);
3979 #endif /* _FFR_MEMSTAT */
3981 case O_MAXNOOPCOMMANDS:
3982 MaxNOOPCommands = atoi(val);
3987 MessageAccept = newstr(val);
3989 #endif /* _FFR_MSG_ACCEPT */
3991 #if _FFR_QUEUE_RUN_PARANOIA
3992 case O_CHK_Q_RUNNERS:
3993 CheckQueueRunners = atoi(val);
3995 #endif /* _FFR_QUEUE_RUN_PARANOIA */
3997 #if _FFR_EIGHT_BIT_ADDR_OK
3998 case O_EIGHT_BIT_ADDR_OK:
3999 EightBitAddrOK = atobool(val);
4001 #endif /* _FFR_EIGHT_BIT_ADDR_OK */
4003 #if _FFR_ADDR_TYPE_MODES
4004 case O_ADDR_TYPE_MODES:
4005 AddrTypeModes = atobool(val);
4007 #endif /* _FFR_ADDR_TYPE_MODES */
4009 #if _FFR_BADRCPT_SHUTDOWN
4011 BadRcptShutdown = atoi(val);
4015 BadRcptShutdownGood = atoi(val);
4017 #endif /* _FFR_BADRCPT_SHUTDOWN */
4022 if (isascii(opt) && isprint(opt))
4023 sm_dprintf("Warning: option %c unknown\n", opt);
4025 sm_dprintf("Warning: option 0x%x unknown\n", opt);
4031 ** Options with suboptions are responsible for taking care
4032 ** of sticky-ness (e.g., that a command line setting is kept
4033 ** when reading in the sendmail.cf file). This has to be done
4034 ** when the suboptions are parsed since each suboption must be
4035 ** sticky, not the root option.
4038 if (sticky && !bitset(OI_SUBOPT, o->o_flags))
4039 setbitn(opt, StickyOpt);
4042 ** SETCLASS -- set a string into a class
4045 ** class -- the class to put the string in.
4046 ** str -- the string to enter
4052 ** puts the word into the symbol table.
4056 setclass(class, str)
4062 if ((str[0] & 0377) == MATCHCLASS)
4072 sm_dprintf("setclass(%s, $=%s)\n",
4073 macname(class), macname(mid));
4074 copy_class(mid, class);
4079 sm_dprintf("setclass(%s, %s)\n", macname(class), str);
4081 s = stab(str, ST_CLASS, ST_ENTER);
4082 setbitn(bitidx(class), s->s_class);
4086 ** MAKEMAPENTRY -- create a map entry
4089 ** line -- the config file line
4092 ** A pointer to the map that has been created.
4093 ** NULL if there was a syntax error.
4096 ** Enters the map into the dictionary.
4109 for (p = line; isascii(*p) && isspace(*p); p++)
4111 if (!(isascii(*p) && isalnum(*p)))
4113 syserr("readcf: config K line: no map name");
4118 while ((isascii(*++p) && isalnum(*p)) || *p == '_' || *p == '.')
4122 while (isascii(*p) && isspace(*p))
4124 if (!(isascii(*p) && isalnum(*p)))
4126 syserr("readcf: config K line, map %s: no map class", mapname);
4130 while (isascii(*++p) && isalnum(*p))
4134 while (isascii(*p) && isspace(*p))
4137 /* look up the class */
4138 class = stab(classname, ST_MAPCLASS, ST_FIND);
4141 syserr("readcf: map %s: class %s not available", mapname,
4147 s = stab(mapname, ST_MAP, ST_ENTER);
4148 s->s_map.map_class = &class->s_mapclass;
4149 s->s_map.map_mname = newstr(mapname);
4151 if (class->s_mapclass.map_parse(&s->s_map, p))
4152 s->s_map.map_mflags |= MF_VALID;
4156 sm_dprintf("map %s, class %s, flags %lx, file %s,\n",
4157 s->s_map.map_mname, s->s_map.map_class->map_cname,
4158 s->s_map.map_mflags, s->s_map.map_file);
4159 sm_dprintf("\tapp %s, domain %s, rebuild %s\n",
4160 s->s_map.map_app, s->s_map.map_domain,
4161 s->s_map.map_rebuild);
4166 ** STRTORWSET -- convert string to rewriting set number
4169 ** p -- the pointer to the string to decode.
4170 ** endp -- if set, store the trailing delimiter here.
4171 ** stabmode -- ST_ENTER to create this entry, ST_FIND if
4172 ** it must already exist.
4175 ** The appropriate ruleset number.
4176 ** -1 if it is not valid (error already printed)
4180 strtorwset(p, endp, stabmode)
4186 static int nextruleset = MAXRWSETS;
4188 while (isascii(*p) && isspace(*p))
4192 syserr("invalid ruleset name: \"%.20s\"", p);
4197 ruleset = strtol(p, endp, 10);
4198 if (ruleset >= MAXRWSETS / 2 || ruleset < 0)
4200 syserr("bad ruleset %d (%d max)",
4201 ruleset, MAXRWSETS / 2);
4212 while (*p != '\0' && isascii(*p) && (isalnum(*p) || *p == '_'))
4214 if (q == p || !(isascii(*q) && isalpha(*q)))
4216 /* no valid characters */
4217 syserr("invalid ruleset name: \"%.20s\"", q);
4220 while (isascii(*p) && isspace(*p))
4225 s = stab(q, ST_RULESET, stabmode);
4232 if (stabmode == ST_ENTER && delim == '=')
4234 while (isascii(*++p) && isspace(*p))
4236 if (!(isascii(*p) && isdigit(*p)))
4238 syserr("bad ruleset definition \"%s\" (number required after `=')", q);
4243 ruleset = strtol(p, endp, 10);
4244 if (ruleset >= MAXRWSETS / 2 || ruleset < 0)
4246 syserr("bad ruleset number %d in \"%s\" (%d max)",
4247 ruleset, q, MAXRWSETS / 2);
4256 if (s->s_ruleset >= 0)
4257 ruleset = s->s_ruleset;
4258 else if ((ruleset = --nextruleset) < MAXRWSETS / 2)
4260 syserr("%s: too many named rulesets (%d max)",
4265 if (s->s_ruleset >= 0 &&
4267 ruleset != s->s_ruleset)
4269 syserr("%s: ruleset changed value (old %d, new %d)",
4270 q, s->s_ruleset, ruleset);
4271 ruleset = s->s_ruleset;
4273 else if (ruleset >= 0)
4275 s->s_ruleset = ruleset;
4277 if (stabmode == ST_ENTER && ruleset >= 0)
4281 if (RuleSetNames[ruleset] != NULL)
4282 sm_free(RuleSetNames[ruleset]); /* XXX */
4283 if (delim != '\0' && (h = strchr(q, delim)) != NULL)
4285 RuleSetNames[ruleset] = newstr(q);
4286 if (delim == '/' && h != NULL)
4287 *h = delim; /* put back delim */
4293 ** SETTIMEOUT -- set an individual timeout
4296 ** name -- the name of the timeout.
4297 ** val -- the value of the timeout.
4298 ** sticky -- if set, don't let other setoptions override
4305 /* set if Timeout sub-option is stuck */
4306 static BITMAP256 StickyTimeoutOpt;
4308 static struct timeoutinfo
4310 char *to_name; /* long name of timeout */
4311 unsigned char to_code; /* code for option */
4314 #define TO_INITIAL 0x01
4315 { "initial", TO_INITIAL },
4316 #define TO_MAIL 0x02
4317 { "mail", TO_MAIL },
4318 #define TO_RCPT 0x03
4319 { "rcpt", TO_RCPT },
4320 #define TO_DATAINIT 0x04
4321 { "datainit", TO_DATAINIT },
4322 #define TO_DATABLOCK 0x05
4323 { "datablock", TO_DATABLOCK },
4324 #define TO_DATAFINAL 0x06
4325 { "datafinal", TO_DATAFINAL },
4326 #define TO_COMMAND 0x07
4327 { "command", TO_COMMAND },
4328 #define TO_RSET 0x08
4329 { "rset", TO_RSET },
4330 #define TO_HELO 0x09
4331 { "helo", TO_HELO },
4332 #define TO_QUIT 0x0A
4333 { "quit", TO_QUIT },
4334 #define TO_MISC 0x0B
4335 { "misc", TO_MISC },
4336 #define TO_IDENT 0x0C
4337 { "ident", TO_IDENT },
4338 #define TO_FILEOPEN 0x0D
4339 { "fileopen", TO_FILEOPEN },
4340 #define TO_CONNECT 0x0E
4341 { "connect", TO_CONNECT },
4342 #define TO_ICONNECT 0x0F
4343 { "iconnect", TO_ICONNECT },
4344 #define TO_QUEUEWARN 0x10
4345 { "queuewarn", TO_QUEUEWARN },
4346 { "queuewarn.*", TO_QUEUEWARN },
4347 #define TO_QUEUEWARN_NORMAL 0x11
4348 { "queuewarn.normal", TO_QUEUEWARN_NORMAL },
4349 #define TO_QUEUEWARN_URGENT 0x12
4350 { "queuewarn.urgent", TO_QUEUEWARN_URGENT },
4351 #define TO_QUEUEWARN_NON_URGENT 0x13
4352 { "queuewarn.non-urgent", TO_QUEUEWARN_NON_URGENT },
4353 #define TO_QUEUERETURN 0x14
4354 { "queuereturn", TO_QUEUERETURN },
4355 { "queuereturn.*", TO_QUEUERETURN },
4356 #define TO_QUEUERETURN_NORMAL 0x15
4357 { "queuereturn.normal", TO_QUEUERETURN_NORMAL },
4358 #define TO_QUEUERETURN_URGENT 0x16
4359 { "queuereturn.urgent", TO_QUEUERETURN_URGENT },
4360 #define TO_QUEUERETURN_NON_URGENT 0x17
4361 { "queuereturn.non-urgent", TO_QUEUERETURN_NON_URGENT },
4362 #define TO_HOSTSTATUS 0x18
4363 { "hoststatus", TO_HOSTSTATUS },
4364 #define TO_RESOLVER_RETRANS 0x19
4365 { "resolver.retrans", TO_RESOLVER_RETRANS },
4366 #define TO_RESOLVER_RETRANS_NORMAL 0x1A
4367 { "resolver.retrans.normal", TO_RESOLVER_RETRANS_NORMAL },
4368 #define TO_RESOLVER_RETRANS_FIRST 0x1B
4369 { "resolver.retrans.first", TO_RESOLVER_RETRANS_FIRST },
4370 #define TO_RESOLVER_RETRY 0x1C
4371 { "resolver.retry", TO_RESOLVER_RETRY },
4372 #define TO_RESOLVER_RETRY_NORMAL 0x1D
4373 { "resolver.retry.normal", TO_RESOLVER_RETRY_NORMAL },
4374 #define TO_RESOLVER_RETRY_FIRST 0x1E
4375 { "resolver.retry.first", TO_RESOLVER_RETRY_FIRST },
4376 #define TO_CONTROL 0x1F
4377 { "control", TO_CONTROL },
4378 #define TO_LHLO 0x20
4379 { "lhlo", TO_LHLO },
4380 #define TO_AUTH 0x21
4381 { "auth", TO_AUTH },
4382 #define TO_STARTTLS 0x22
4383 { "starttls", TO_STARTTLS },
4384 #define TO_ACONNECT 0x23
4385 { "aconnect", TO_ACONNECT },
4386 #define TO_QUEUEWARN_DSN 0x24
4387 { "queuewarn.dsn", TO_QUEUEWARN_DSN },
4388 #define TO_QUEUERETURN_DSN 0x25
4389 { "queuereturn.dsn", TO_QUEUERETURN_DSN },
4395 settimeout(name, val, sticky)
4400 register struct timeoutinfo *to;
4405 sm_dprintf("settimeout(%s = %s)", name, val);
4407 for (to = TimeOutTab; to->to_name != NULL; to++)
4409 if (sm_strcasecmp(to->to_name, name) == 0)
4413 if (to->to_name == NULL)
4415 errno = 0; /* avoid bogus error text */
4416 syserr("settimeout: invalid timeout %s", name);
4421 ** See if this option is preset for us.
4424 if (!sticky && bitnset(to->to_code, StickyTimeoutOpt))
4427 sm_dprintf(" (ignored)\n");
4434 toval = convtime(val, 'm');
4437 switch (to->to_code)
4440 TimeOuts.to_initial = toval;
4444 TimeOuts.to_mail = toval;
4448 TimeOuts.to_rcpt = toval;
4452 TimeOuts.to_datainit = toval;
4456 TimeOuts.to_datablock = toval;
4460 TimeOuts.to_datafinal = toval;
4464 TimeOuts.to_nextcommand = toval;
4468 TimeOuts.to_rset = toval;
4472 TimeOuts.to_helo = toval;
4476 TimeOuts.to_quit = toval;
4480 TimeOuts.to_miscshort = toval;
4484 TimeOuts.to_ident = toval;
4488 TimeOuts.to_fileopen = toval;
4492 TimeOuts.to_connect = toval;
4496 TimeOuts.to_iconnect = toval;
4500 TimeOuts.to_aconnect = toval;
4504 toval = convtime(val, 'h');
4505 TimeOuts.to_q_warning[TOC_NORMAL] = toval;
4506 TimeOuts.to_q_warning[TOC_URGENT] = toval;
4507 TimeOuts.to_q_warning[TOC_NONURGENT] = toval;
4508 TimeOuts.to_q_warning[TOC_DSN] = toval;
4512 case TO_QUEUEWARN_NORMAL:
4513 toval = convtime(val, 'h');
4514 TimeOuts.to_q_warning[TOC_NORMAL] = toval;
4517 case TO_QUEUEWARN_URGENT:
4518 toval = convtime(val, 'h');
4519 TimeOuts.to_q_warning[TOC_URGENT] = toval;
4522 case TO_QUEUEWARN_NON_URGENT:
4523 toval = convtime(val, 'h');
4524 TimeOuts.to_q_warning[TOC_NONURGENT] = toval;
4527 case TO_QUEUEWARN_DSN:
4528 toval = convtime(val, 'h');
4529 TimeOuts.to_q_warning[TOC_DSN] = toval;
4532 case TO_QUEUERETURN:
4533 toval = convtime(val, 'd');
4534 TimeOuts.to_q_return[TOC_NORMAL] = toval;
4535 TimeOuts.to_q_return[TOC_URGENT] = toval;
4536 TimeOuts.to_q_return[TOC_NONURGENT] = toval;
4537 TimeOuts.to_q_return[TOC_DSN] = toval;
4541 case TO_QUEUERETURN_NORMAL:
4542 toval = convtime(val, 'd');
4543 TimeOuts.to_q_return[TOC_NORMAL] = toval;
4546 case TO_QUEUERETURN_URGENT:
4547 toval = convtime(val, 'd');
4548 TimeOuts.to_q_return[TOC_URGENT] = toval;
4551 case TO_QUEUERETURN_NON_URGENT:
4552 toval = convtime(val, 'd');
4553 TimeOuts.to_q_return[TOC_NONURGENT] = toval;
4556 case TO_QUEUERETURN_DSN:
4557 toval = convtime(val, 'd');
4558 TimeOuts.to_q_return[TOC_DSN] = toval;
4562 MciInfoTimeout = toval;
4565 case TO_RESOLVER_RETRANS:
4566 toval = convtime(val, 's');
4567 TimeOuts.res_retrans[RES_TO_DEFAULT] = toval;
4568 TimeOuts.res_retrans[RES_TO_FIRST] = toval;
4569 TimeOuts.res_retrans[RES_TO_NORMAL] = toval;
4573 case TO_RESOLVER_RETRY:
4575 TimeOuts.res_retry[RES_TO_DEFAULT] = i;
4576 TimeOuts.res_retry[RES_TO_FIRST] = i;
4577 TimeOuts.res_retry[RES_TO_NORMAL] = i;
4581 case TO_RESOLVER_RETRANS_NORMAL:
4582 TimeOuts.res_retrans[RES_TO_NORMAL] = convtime(val, 's');
4585 case TO_RESOLVER_RETRY_NORMAL:
4586 TimeOuts.res_retry[RES_TO_NORMAL] = atoi(val);
4589 case TO_RESOLVER_RETRANS_FIRST:
4590 TimeOuts.res_retrans[RES_TO_FIRST] = convtime(val, 's');
4593 case TO_RESOLVER_RETRY_FIRST:
4594 TimeOuts.res_retry[RES_TO_FIRST] = atoi(val);
4598 TimeOuts.to_control = toval;
4602 TimeOuts.to_lhlo = toval;
4607 TimeOuts.to_auth = toval;
4613 TimeOuts.to_starttls = toval;
4615 #endif /* STARTTLS */
4618 syserr("settimeout: invalid timeout %s", name);
4624 for (i = 0; i <= addopts; i++)
4625 setbitn(to->to_code + i, StickyTimeoutOpt);
4629 ** INITTIMEOUTS -- parse and set timeout values
4632 ** val -- a pointer to the values. If NULL, do initial
4634 ** sticky -- if set, don't let other setoptions override
4635 ** this suboption value.
4641 ** Initializes the TimeOuts structure
4645 inittimeouts(val, sticky)
4652 sm_dprintf("inittimeouts(%s)\n", val == NULL ? "<NULL>" : val);
4655 TimeOuts.to_connect = (time_t) 0 SECONDS;
4656 TimeOuts.to_aconnect = (time_t) 0 SECONDS;
4657 TimeOuts.to_iconnect = (time_t) 0 SECONDS;
4658 TimeOuts.to_initial = (time_t) 5 MINUTES;
4659 TimeOuts.to_helo = (time_t) 5 MINUTES;
4660 TimeOuts.to_mail = (time_t) 10 MINUTES;
4661 TimeOuts.to_rcpt = (time_t) 1 HOUR;
4662 TimeOuts.to_datainit = (time_t) 5 MINUTES;
4663 TimeOuts.to_datablock = (time_t) 1 HOUR;
4664 TimeOuts.to_datafinal = (time_t) 1 HOUR;
4665 TimeOuts.to_rset = (time_t) 5 MINUTES;
4666 TimeOuts.to_quit = (time_t) 2 MINUTES;
4667 TimeOuts.to_nextcommand = (time_t) 1 HOUR;
4668 TimeOuts.to_miscshort = (time_t) 2 MINUTES;
4670 TimeOuts.to_ident = (time_t) 5 SECONDS;
4671 #else /* IDENTPROTO */
4672 TimeOuts.to_ident = (time_t) 0 SECONDS;
4673 #endif /* IDENTPROTO */
4674 TimeOuts.to_fileopen = (time_t) 60 SECONDS;
4675 TimeOuts.to_control = (time_t) 2 MINUTES;
4676 TimeOuts.to_lhlo = (time_t) 2 MINUTES;
4678 TimeOuts.to_auth = (time_t) 10 MINUTES;
4681 TimeOuts.to_starttls = (time_t) 1 HOUR;
4682 #endif /* STARTTLS */
4685 sm_dprintf("Timeouts:\n");
4686 sm_dprintf(" connect = %ld\n",
4687 (long) TimeOuts.to_connect);
4688 sm_dprintf(" aconnect = %ld\n",
4689 (long) TimeOuts.to_aconnect);
4690 sm_dprintf(" initial = %ld\n",
4691 (long) TimeOuts.to_initial);
4692 sm_dprintf(" helo = %ld\n", (long) TimeOuts.to_helo);
4693 sm_dprintf(" mail = %ld\n", (long) TimeOuts.to_mail);
4694 sm_dprintf(" rcpt = %ld\n", (long) TimeOuts.to_rcpt);
4695 sm_dprintf(" datainit = %ld\n",
4696 (long) TimeOuts.to_datainit);
4697 sm_dprintf(" datablock = %ld\n",
4698 (long) TimeOuts.to_datablock);
4699 sm_dprintf(" datafinal = %ld\n",
4700 (long) TimeOuts.to_datafinal);
4701 sm_dprintf(" rset = %ld\n", (long) TimeOuts.to_rset);
4702 sm_dprintf(" quit = %ld\n", (long) TimeOuts.to_quit);
4703 sm_dprintf(" nextcommand = %ld\n",
4704 (long) TimeOuts.to_nextcommand);
4705 sm_dprintf(" miscshort = %ld\n",
4706 (long) TimeOuts.to_miscshort);
4707 sm_dprintf(" ident = %ld\n", (long) TimeOuts.to_ident);
4708 sm_dprintf(" fileopen = %ld\n",
4709 (long) TimeOuts.to_fileopen);
4710 sm_dprintf(" lhlo = %ld\n",
4711 (long) TimeOuts.to_lhlo);
4712 sm_dprintf(" control = %ld\n",
4713 (long) TimeOuts.to_control);
4720 while (isascii(*val) && isspace(*val))
4724 for (p = val; *p != '\0' && *p != ','; p++)
4729 if (isascii(*val) && isdigit(*val))
4731 /* old syntax -- set everything */
4732 TimeOuts.to_mail = convtime(val, 'm');
4733 TimeOuts.to_rcpt = TimeOuts.to_mail;
4734 TimeOuts.to_datainit = TimeOuts.to_mail;
4735 TimeOuts.to_datablock = TimeOuts.to_mail;
4736 TimeOuts.to_datafinal = TimeOuts.to_mail;
4737 TimeOuts.to_nextcommand = TimeOuts.to_mail;
4740 setbitn(TO_MAIL, StickyTimeoutOpt);
4741 setbitn(TO_RCPT, StickyTimeoutOpt);
4742 setbitn(TO_DATAINIT, StickyTimeoutOpt);
4743 setbitn(TO_DATABLOCK, StickyTimeoutOpt);
4744 setbitn(TO_DATAFINAL, StickyTimeoutOpt);
4745 setbitn(TO_COMMAND, StickyTimeoutOpt);
4751 register char *q = strchr(val, ':');
4753 if (q == NULL && (q = strchr(val, '=')) == NULL)
4759 settimeout(val, q, sticky);