2 * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
16 SM_RCSID("@(#)$Id: util.c,v 8.363.2.7 2003/06/02 03:25:39 gshapiro Exp $")
22 ** ADDQUOTES -- Adds quotes & quote bits to a string.
24 ** Runs through a string and adds backslashes and quote bits.
27 ** s -- the string to modify.
28 ** rpool -- resource pool from which to allocate result
31 ** pointer to quoted string.
46 /* Find length of quoted string */
47 while ((c = *p++) != '\0')
50 if (c == '\\' || c == '"')
54 q = r = sm_rpool_malloc_x(rpool, len + 3);
57 /* add leading quote */
59 while ((c = *p++) != '\0')
62 if (c == '\\' || c == '"')
73 ** STRIPBACKSLASH -- Strip leading backslash from a string.
75 ** This is done in place.
78 ** s -- the string to strip.
90 if (s == NULL || *s == '\0')
93 while (*p == '\\' && (p[1] == '\\' || (isascii(p[1]) && isalnum(p[1]))))
100 #endif /* _FFR_STRIPBACKSL */
103 ** RFC822_STRING -- Checks string for proper RFC822 string quoting.
105 ** Runs through a string and verifies RFC822 special characters
106 ** are only found inside comments, quoted strings, or backslash
107 ** escaped. Also verified balanced quotes and parenthesis.
110 ** s -- the string to modify.
113 ** true iff the string is RFC822 compliant, false otherwise.
129 /* escaped character */
136 else if (commentlev == 0 && *c == '"')
150 else if (commentlev == 0 &&
151 strchr(MustQuoteChars, *c) != NULL)
157 /* unbalanced '"' or '(' */
158 return !quoted && commentlev == 0;
161 ** SHORTEN_RFC822_STRING -- Truncate and rebalance an RFC822 string
163 ** Arbitrarily shorten (in place) an RFC822 string and rebalance
164 ** comments and quotes.
167 ** string -- the string to shorten
168 ** length -- the maximum size, 0 if no maximum
171 ** true if string is changed, false otherwise
174 ** Changes string in place, possibly resulting
175 ** in a shorter string.
179 shorten_rfc822_string(string, length)
183 bool backslash = false;
184 bool modified = false;
191 ** If have to rebalance an already short enough string,
192 ** need to do it within allocated space.
195 slen = strlen(string);
196 if (length == 0 || slen < length)
209 else if (*ptr == '(')
214 else if (*ptr == ')')
216 if (--parencount < 0)
220 /* Inside a comment, quotes don't matter */
221 if (parencount <= 0 && *ptr == '"')
225 /* Check for sufficient space for next character */
226 if (length - (ptr - string) <= (size_t) ((backslash ? 1 : 0) +
230 /* Not enough, backtrack */
233 else if (*ptr == '(' && !quoted)
235 else if (*ptr == '"' && parencount == 0)
243 while (parencount-- > 0)
269 ** FIND_CHARACTER -- find an unquoted character in an RFC822 string
271 ** Find an unquoted, non-commented character in an RFC822
272 ** string and return a pointer to its location in the
276 ** string -- the string to search
277 ** character -- the character to find
280 ** pointer to the character, or
281 ** a pointer to the end of the line if character is not found
285 find_character(string, character)
289 bool backslash = false;
293 while (string != NULL && *string != '\0')
298 if (!quoted && character == '\\' && *string == '\\')
315 if (--parencount < 0)
320 /* Inside a comment, nothing matters */
329 else if (*string == character && !quoted)
334 /* Return pointer to the character */
339 ** CHECK_BODYTYPE -- check bodytype parameter
342 ** bodytype -- bodytype parameter
345 ** BODYTYPE_* according to parameter
350 check_bodytype(bodytype)
353 /* check body type for legality */
354 if (bodytype == NULL)
355 return BODYTYPE_NONE;
356 if (sm_strcasecmp(bodytype, "7BIT") == 0)
357 return BODYTYPE_7BIT;
358 if (sm_strcasecmp(bodytype, "8BITMIME") == 0)
359 return BODYTYPE_8BITMIME;
360 return BODYTYPE_ILLEGAL;
363 #if _FFR_BESTMX_BETTER_TRUNCATION || _FFR_DNSMAP_MULTI
365 ** TRUNCATE_AT_DELIM -- truncate string at a delimiter and append "..."
368 ** str -- string to truncate
369 ** len -- maximum length (including '\0') (0 for unlimited)
370 ** delim -- delimiter character
377 truncate_at_delim(str, len, delim)
384 if (str == NULL || len == 0 || strlen(str) < len)
387 *(str + len - 1) = '\0';
388 while ((p = strrchr(str, delim)) != NULL)
391 if (p - str + 4 < len)
395 (void) sm_strlcat(str, "...", len);
400 /* Couldn't find a place to append "..." */
402 (void) sm_strlcpy(str, "...", len);
406 #endif /* _FFR_BESTMX_BETTER_TRUNCATION || _FFR_DNSMAP_MULTI */
408 ** XALLOC -- Allocate memory, raise an exception on error
411 ** sz -- size of area to allocate.
414 ** pointer to data region.
417 ** SmHeapOutOfMemory (F:sm.heap) -- cannot allocate memory
420 ** Memory is allocated.
425 xalloc_tagged(sz, file, line)
429 #else /* SM_HEAP_CHECK */
432 #endif /* SM_HEAP_CHECK */
436 /* some systems can't handle size zero mallocs */
440 /* scaffolding for testing error handling code */
441 sm_xtrap_raise_x(&SmHeapOutOfMemory);
443 p = sm_malloc_tagged((unsigned) sz, file, line, sm_heap_group());
446 sm_exc_raise_x(&SmHeapOutOfMemory);
451 ** COPYPLIST -- copy list of pointers.
453 ** This routine is the equivalent of strdup for lists of
457 ** list -- list of pointers to copy.
458 ** Must be NULL terminated.
459 ** copycont -- if true, copy the contents of the vector
460 ** (which must be a string) also.
461 ** rpool -- resource pool from which to allocate storage,
469 copyplist(list, copycont, rpool)
475 register char **newvp;
477 for (vp = list; *vp != NULL; vp++)
482 newvp = (char **) sm_rpool_malloc_x(rpool, (vp - list) * sizeof *vp);
483 memmove((char *) newvp, (char *) list, (int) (vp - list) * sizeof *vp);
487 for (vp = newvp; *vp != NULL; vp++)
488 *vp = sm_rpool_strdup_x(rpool, *vp);
494 ** COPYQUEUE -- copy address queue.
496 ** This routine is the equivalent of strdup for address queues;
497 ** addresses marked as QS_IS_DEAD() aren't copied
500 ** addr -- list of address structures to copy.
501 ** rpool -- resource pool from which to allocate storage
508 copyqueue(addr, rpool)
512 register ADDRESS *newaddr;
514 register ADDRESS **tail = &ret;
518 if (!QS_IS_DEAD(addr->q_state))
520 newaddr = (ADDRESS *) sm_rpool_malloc_x(rpool,
522 STRUCTCOPY(*addr, *newaddr);
524 tail = &newaddr->q_next;
533 ** LOG_SENDMAIL_PID -- record sendmail pid and command line.
536 ** e -- the current envelope.
542 ** writes pidfile, logs command line.
551 char pidpath[MAXPATHLEN];
552 extern char *CommandLineArgs;
554 /* write the pid to the log file for posterity */
555 sff = SFF_NOLINK|SFF_ROOTOK|SFF_REGONLY|SFF_CREAT;
556 if (TrustedUid != 0 && RealUid == TrustedUid)
557 sff |= SFF_OPENASROOT;
558 expand(PidFile, pidpath, sizeof pidpath, e);
559 pidf = safefopen(pidpath, O_WRONLY|O_TRUNC, FileMode, sff);
562 sm_syslog(LOG_ERR, NOQID, "unable to write %s: %s",
563 pidpath, sm_errstring(errno));
571 /* write the process id on line 1 */
572 (void) sm_io_fprintf(pidf, SM_TIME_DEFAULT, "%ld\n",
575 /* line 2 contains all command line flags */
576 (void) sm_io_fprintf(pidf, SM_TIME_DEFAULT, "%s\n",
579 /* flush and close */
580 (void) sm_io_close(pidf, SM_TIME_DEFAULT);
583 sm_syslog(LOG_INFO, NOQID, "started as: %s", CommandLineArgs);
586 ** SET_DELIVERY_MODE -- set and record the delivery mode
589 ** mode -- delivery mode
590 ** e -- the current envelope.
596 ** sets {deliveryMode} macro
600 set_delivery_mode(mode, e)
606 e->e_sendmode = (char) mode;
607 buf[0] = (char) mode;
609 macdefine(&e->e_macro, A_TEMP, macid("{deliveryMode}"), buf);
612 ** SET_OP_MODE -- set and record the op mode
616 ** e -- the current envelope.
622 ** sets {opMode} macro
630 extern ENVELOPE BlankEnvelope;
632 OpMode = (char) mode;
633 buf[0] = (char) mode;
635 macdefine(&BlankEnvelope.e_macro, A_TEMP, MID_OPMODE, buf);
638 ** PRINTAV -- print argument vector.
641 ** av -- argument vector.
657 sm_dprintf("\n\t%08lx=", (unsigned long) *av);
659 (void) sm_io_putc(smioout, SM_TIME_DEFAULT, ' ');
662 (void) sm_io_putc(smioout, SM_TIME_DEFAULT, '\n');
665 ** XPUTS -- put string doing control escapes.
668 ** s -- string to put.
679 register const char *s;
682 register struct metamac *mp;
683 bool shiftout = false;
684 extern struct metamac MetaMacros[];
685 static SM_DEBUG_T DebugANSI = SM_DEBUG_INITIALIZER("ANSI",
686 "@(#)$Debug: ANSI - enable reverse video in debug output $");
689 ** TermEscape is set here, rather than in main(),
690 ** because ANSI mode can be turned on or off at any time
691 ** if we are in -bt rule testing mode.
694 if (sm_debug_unknown(&DebugANSI))
696 if (sm_debug_active(&DebugANSI, 1))
698 TermEscape.te_rv_on = "\033[7m";
699 TermEscape.te_rv_off = "\033[0m";
703 TermEscape.te_rv_on = "";
704 TermEscape.te_rv_off = "";
710 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%s<null>%s",
711 TermEscape.te_rv_on, TermEscape.te_rv_off);
714 while ((c = (*s++ & 0377)) != '\0')
718 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%s",
719 TermEscape.te_rv_off);
726 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
728 TermEscape.te_rv_on);
735 if (c == MACROEXPAND || c == MACRODEXPAND)
737 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
739 TermEscape.te_rv_on);
740 if (c == MACRODEXPAND)
741 (void) sm_io_putc(smioout,
742 SM_TIME_DEFAULT, '&');
746 if (strchr("=~&?", *s) != NULL)
747 (void) sm_io_putc(smioout,
750 if (bitset(0200, *s))
751 (void) sm_io_fprintf(smioout,
754 macname(bitidx(*s++)));
756 (void) sm_io_fprintf(smioout,
762 for (mp = MetaMacros; mp->metaname != '\0'; mp++)
764 if (bitidx(mp->metaval) == c)
766 (void) sm_io_fprintf(smioout,
775 if (c == MATCHCLASS || c == MATCHNCLASS)
777 if (bitset(0200, *s))
778 (void) sm_io_fprintf(smioout,
781 macname(bitidx(*s++)));
783 (void) sm_io_fprintf(smioout,
788 if (mp->metaname != '\0')
791 /* unrecognized meta character */
792 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%sM-",
793 TermEscape.te_rv_on);
800 (void) sm_io_putc(smioout, SM_TIME_DEFAULT, c);
804 /* wasn't a meta-macro -- find another way to print it */
821 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%s",
822 TermEscape.te_rv_on);
827 (void) sm_io_putc(smioout, SM_TIME_DEFAULT, '\\');
828 (void) sm_io_putc(smioout, SM_TIME_DEFAULT, c);
832 (void) sm_io_putc(smioout, SM_TIME_DEFAULT, '^');
833 (void) sm_io_putc(smioout, SM_TIME_DEFAULT, c ^ 0100);
837 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%s",
838 TermEscape.te_rv_off);
839 (void) sm_io_flush(smioout, SM_TIME_DEFAULT);
842 ** MAKELOWER -- Translate a line into lower case
845 ** p -- the string to translate. If NULL, return is
852 ** String pointed to by p is translated to lower case.
863 for (; (c = *p) != '\0'; p++)
864 if (isascii(c) && isupper(c))
868 ** FIXCRLF -- fix <CR><LF> in line.
870 ** Looks for the <CR><LF> combination and turns it into the
871 ** UNIX canonical <NL> character. It only takes one line,
872 ** i.e., it is assumed that the first <NL> found is the end
876 ** line -- the line to fix.
877 ** stripnl -- if true, strip the newline also.
883 ** line is changed in place.
887 fixcrlf(line, stripnl)
893 p = strchr(line, '\n');
896 if (p > line && p[-1] == '\r')
903 ** PUTLINE -- put a line like fputs obeying SMTP conventions
905 ** This routine always guarantees outputing a newline (or CRLF,
906 ** as appropriate) at the end of the string.
910 ** mci -- the mailer connection information.
916 ** output of l to mci->mci_out.
924 putxline(l, strlen(l), mci, PXLF_MAPFROM);
927 ** PUTXLINE -- putline with flags bits.
929 ** This routine always guarantees outputing a newline (or CRLF,
930 ** as appropriate) at the end of the string.
934 ** len -- the length of the line.
935 ** mci -- the mailer connection information.
936 ** pxflags -- flag bits:
937 ** PXLF_MAPFROM -- map From_ to >From_.
938 ** PXLF_STRIP8BIT -- strip 8th bit.
939 ** PXLF_HEADER -- map bare newline in header to newline space.
940 ** PXLF_NOADDEOL -- don't add an EOL if one wasn't present.
946 ** output of l to mci->mci_out.
950 putxline(l, len, mci, pxflags)
957 register char *p, *end;
960 /* strip out 0200 bits -- these can look like TELNET protocol */
961 if (bitset(MCIF_7BIT, mci->mci_flags) ||
962 bitset(PXLF_STRIP8BIT, pxflags))
964 register char svchar;
966 for (p = l; (svchar = *p) != '\0'; ++p)
967 if (bitset(0200, svchar))
976 /* find the end of the line */
977 p = memchr(l, '\n', end - l);
984 if (TrafficLogFile != NULL)
985 (void) sm_io_fprintf(TrafficLogFile, SM_TIME_DEFAULT,
986 "%05d >>> ", (int) CurrentPid);
988 /* check for line overflow */
989 while (mci->mci_mailer->m_linelimit > 0 &&
990 (p - l + slop) > mci->mci_mailer->m_linelimit)
993 register char *q = &l[mci->mci_mailer->m_linelimit - slop - 1];
995 if (l[0] == '.' && slop == 0 &&
996 bitnset(M_XDOT, mci->mci_mailer->m_flags))
998 if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT,
1003 /* record progress for DATA timeout */
1004 DataProgress = true;
1006 if (TrafficLogFile != NULL)
1007 (void) sm_io_putc(TrafficLogFile,
1008 SM_TIME_DEFAULT, '.');
1010 else if (l[0] == 'F' && slop == 0 &&
1011 bitset(PXLF_MAPFROM, pxflags) &&
1012 strncmp(l, "From ", 5) == 0 &&
1013 bitnset(M_ESCFROM, mci->mci_mailer->m_flags))
1015 if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT,
1020 /* record progress for DATA timeout */
1021 DataProgress = true;
1023 if (TrafficLogFile != NULL)
1024 (void) sm_io_putc(TrafficLogFile,
1033 if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT,
1034 (unsigned char) *l++) == SM_IO_EOF)
1041 /* record progress for DATA timeout */
1042 DataProgress = true;
1048 if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, '!') ==
1050 sm_io_fputs(mci->mci_out, SM_TIME_DEFAULT,
1051 mci->mci_mailer->m_eol) ==
1053 sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, ' ') ==
1061 /* record progress for DATA timeout */
1062 DataProgress = true;
1064 if (TrafficLogFile != NULL)
1066 for (l = l_base; l < q; l++)
1067 (void) sm_io_putc(TrafficLogFile,
1070 (void) sm_io_fprintf(TrafficLogFile,
1081 /* output last part */
1082 if (l[0] == '.' && slop == 0 &&
1083 bitnset(M_XDOT, mci->mci_mailer->m_flags))
1085 if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, '.') ==
1090 /* record progress for DATA timeout */
1091 DataProgress = true;
1093 if (TrafficLogFile != NULL)
1094 (void) sm_io_putc(TrafficLogFile,
1095 SM_TIME_DEFAULT, '.');
1097 else if (l[0] == 'F' && slop == 0 &&
1098 bitset(PXLF_MAPFROM, pxflags) &&
1099 strncmp(l, "From ", 5) == 0 &&
1100 bitnset(M_ESCFROM, mci->mci_mailer->m_flags))
1102 if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT, '>') ==
1107 /* record progress for DATA timeout */
1108 DataProgress = true;
1110 if (TrafficLogFile != NULL)
1111 (void) sm_io_putc(TrafficLogFile,
1112 SM_TIME_DEFAULT, '>');
1116 if (TrafficLogFile != NULL)
1117 (void) sm_io_putc(TrafficLogFile,
1120 if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT,
1121 (unsigned char) *l) == SM_IO_EOF)
1128 /* record progress for DATA timeout */
1129 DataProgress = true;
1135 if (TrafficLogFile != NULL)
1136 (void) sm_io_putc(TrafficLogFile, SM_TIME_DEFAULT,
1138 if ((!bitset(PXLF_NOADDEOL, pxflags) || !noeol) &&
1139 sm_io_fputs(mci->mci_out, SM_TIME_DEFAULT,
1140 mci->mci_mailer->m_eol) == SM_IO_EOF)
1144 /* record progress for DATA timeout */
1145 DataProgress = true;
1147 if (l < end && *l == '\n')
1149 if (*++l != ' ' && *l != '\t' && *l != '\0' &&
1150 bitset(PXLF_HEADER, pxflags))
1152 if (sm_io_putc(mci->mci_out, SM_TIME_DEFAULT,
1157 /* record progress for DATA timeout */
1158 DataProgress = true;
1161 if (TrafficLogFile != NULL)
1162 (void) sm_io_putc(TrafficLogFile,
1163 SM_TIME_DEFAULT, ' ');
1167 /* record progress for DATA timeout */
1168 DataProgress = true;
1172 ** XUNLINK -- unlink a file, doing logging as appropriate.
1175 ** f -- name of file to unlink.
1178 ** return value of unlink()
1192 sm_syslog(LOG_DEBUG, CurEnv->e_id, "unlink %s", f);
1196 if (i < 0 && LogLevel > 97)
1197 sm_syslog(LOG_DEBUG, CurEnv->e_id, "%s: unlink-fail %d",
1205 ** SFGETS -- "safe" fgets -- times out and ignores random interrupts.
1208 ** buf -- place to put the input line.
1209 ** siz -- size of buf.
1210 ** fp -- file to read from.
1211 ** timeout -- the timeout before error occurs.
1212 ** during -- what we are trying to read (for error messages).
1215 ** NULL on error (including timeout). This may also leave
1216 ** buf containing a null string.
1222 sfgets(buf, siz, fp, timeout, during)
1233 SM_REQUIRE(siz > 0);
1234 SM_REQUIRE(buf != NULL);
1247 /* convert the timeout to sm_io notation */
1248 io_timeout = (timeout <= 0) ? SM_TIME_DEFAULT : timeout * 1000;
1249 while (!sm_io_eof(fp) && !sm_io_error(fp))
1252 p = sm_io_fgets(fp, io_timeout, buf, siz);
1253 if (p == NULL && errno == EAGAIN)
1255 /* The sm_io_fgets() call timedout */
1257 sm_syslog(LOG_NOTICE, CurEnv->e_id,
1258 "timeout waiting for input from %.100s during %s",
1265 if (TrafficLogFile != NULL)
1266 (void) sm_io_fprintf(TrafficLogFile,
1268 "%05d <<< [TIMEOUT]\n",
1273 if (p != NULL || errno != EINTR)
1275 (void) sm_io_clearerr(fp);
1279 /* clean up the books and exit */
1284 if (TrafficLogFile != NULL)
1285 (void) sm_io_fprintf(TrafficLogFile, SM_TIME_DEFAULT,
1291 if (TrafficLogFile != NULL)
1292 (void) sm_io_fprintf(TrafficLogFile, SM_TIME_DEFAULT,
1293 "%05d <<< %s", (int) CurrentPid, buf);
1296 for (p = buf; *p != '\0'; p++)
1299 else if (!HasEightBits)
1301 for (p = buf; *p != '\0'; p++)
1303 if (bitset(0200, *p))
1305 HasEightBits = true;
1313 ** FGETFOLDED -- like fgets, but knows about folded lines.
1316 ** buf -- place to put result.
1317 ** n -- bytes available.
1318 ** f -- file to read from.
1321 ** input line(s) on success, NULL on error or SM_IO_EOF.
1322 ** This will normally be buf -- unless the line is too
1323 ** long, when it will be sm_malloc_x()ed.
1326 ** buf gets lines from f, with continuation lines (lines
1327 ** with leading white space) appended. CRLF's are mapped
1328 ** into single newlines. Any trailing NL is stripped.
1332 fgetfolded(buf, n, f)
1337 register char *p = buf;
1342 SM_REQUIRE(buf != NULL);
1351 while ((i = sm_io_getc(f, SM_TIME_DEFAULT)) != SM_IO_EOF)
1355 i = sm_io_getc(f, SM_TIME_DEFAULT);
1359 (void) sm_io_ungetc(f, SM_TIME_DEFAULT,
1366 /* allocate new space */
1371 if (nn < MEMCHUNKSIZE)
1375 nbp = sm_malloc_x(nn);
1376 memmove(nbp, bp, p - bp);
1387 i = sm_io_getc(f, SM_TIME_DEFAULT);
1389 (void) sm_io_ungetc(f, SM_TIME_DEFAULT, i);
1390 if (i != ' ' && i != '\t')
1402 ** CURTIME -- return current time.
1408 ** the current time.
1420 ** ATOBOOL -- convert a string representation to boolean.
1422 ** Defaults to false
1425 ** s -- string to convert. Takes "tTyY", empty, and NULL as true,
1429 ** A boolean representation of the string.
1436 if (s == NULL || *s == '\0' || strchr("tTyY", *s) != NULL)
1441 ** ATOOCT -- convert a string representation to octal.
1444 ** s -- string to convert.
1447 ** An integer representing the string interpreted as an
1457 while (*s >= '0' && *s <= '7')
1458 i = (i << 3) | (*s++ - '0');
1462 ** BITINTERSECT -- tell if two bitmaps intersect
1465 ** a, b -- the bitmaps in question
1468 ** true if they have a non-null intersection
1479 for (i = BITMAPBYTES / sizeof (int); --i >= 0; )
1481 if ((a[i] & b[i]) != 0)
1487 ** BITZEROP -- tell if a bitmap is all zero
1490 ** map -- the bit map to check
1493 ** true if map is all zero.
1494 ** false if there are any bits set in map.
1503 for (i = BITMAPBYTES / sizeof (int); --i >= 0; )
1511 ** STRCONTAINEDIN -- tell if one string is contained in another
1514 ** icase -- ignore case?
1515 ** a -- possible substring.
1516 ** b -- possible superstring.
1519 ** true if a is contained in b (case insensitive).
1524 strcontainedin(icase, a, b)
1536 if (icase && isascii(c) && isupper(c))
1538 for (; lb-- >= la; b++)
1543 isascii(*b) && isupper(*b) && tolower(*b) != c)
1545 if (sm_strncasecmp(a, b, la) == 0)
1552 if (strncmp(a, b, la) == 0)
1559 ** CHECKFD012 -- check low numbered file descriptors
1561 ** File descriptors 0, 1, and 2 should be open at all times.
1562 ** This routine verifies that, and fixes it if not true.
1565 ** where -- a tag printed if the assertion failed
1578 for (i = 0; i < 3; i++)
1583 ** CHECKFDOPEN -- make sure file descriptor is open -- for extended debugging
1586 ** fd -- file descriptor to check.
1587 ** where -- tag to print on failure.
1594 checkfdopen(fd, where)
1601 if (fstat(fd, &st) < 0 && errno == EBADF)
1603 syserr("checkfdopen(%d): %s not open as expected!", fd, where);
1609 ** CHECKFDS -- check for new or missing file descriptors
1612 ** where -- tag for printing. If null, take a base line.
1618 ** If where is set, shows changes since the last call.
1627 bool printhdr = true;
1628 int save_errno = errno;
1629 static BITMAP256 baseline;
1630 extern int DtableSize;
1632 if (DtableSize > BITMAPBITS)
1637 clrbitmap(baseline);
1639 for (fd = 0; fd < maxfd; fd++)
1643 if (fstat(fd, &stbuf) < 0 && errno != EOPNOTSUPP)
1645 if (!bitnset(fd, baseline))
1647 clrbitn(fd, baseline);
1649 else if (!bitnset(fd, baseline))
1650 setbitn(fd, baseline);
1654 /* file state has changed */
1659 sm_syslog(LOG_DEBUG, CurEnv->e_id,
1664 dumpfd(fd, true, true);
1669 ** PRINTOPENFDS -- print the open file descriptors (for debugging)
1672 ** logit -- if set, send output to syslog; otherwise
1673 ** print for debugging.
1679 #if NETINET || NETINET6
1680 # include <arpa/inet.h>
1681 #endif /* NETINET || NETINET6 */
1688 extern int DtableSize;
1690 for (fd = 0; fd < DtableSize; fd++)
1691 dumpfd(fd, false, logit);
1694 ** DUMPFD -- dump a file descriptor
1697 ** fd -- the file descriptor to dump.
1698 ** printclosed -- if set, print a notification even if
1699 ** it is closed; otherwise print nothing.
1700 ** logit -- if set, send output to syslog instead of stdout.
1707 dumpfd(fd, printclosed, logit)
1716 #endif /* S_IFSOCK */
1717 auto SOCKADDR_LEN_T slen;
1721 #else /* STAT64 > 0 */
1723 #endif /* STAT64 > 0 */
1727 (void) sm_snprintf(p, SPACELEFT(buf, p), "%3d: ", fd);
1733 #else /* STAT64 > 0 */
1735 #endif /* STAT64 > 0 */
1740 (void) sm_snprintf(p, SPACELEFT(buf, p),
1742 sm_errstring(errno));
1745 else if (printclosed)
1747 (void) sm_snprintf(p, SPACELEFT(buf, p), "CLOSED");
1753 i = fcntl(fd, F_GETFL, 0);
1756 (void) sm_snprintf(p, SPACELEFT(buf, p), "fl=0x%x, ", i);
1760 (void) sm_snprintf(p, SPACELEFT(buf, p), "mode=%o: ",
1763 switch (st.st_mode & S_IFMT)
1767 (void) sm_snprintf(p, SPACELEFT(buf, p), "SOCK ");
1769 memset(&sa, '\0', sizeof sa);
1771 if (getsockname(fd, &sa.sa, &slen) < 0)
1772 (void) sm_snprintf(p, SPACELEFT(buf, p), "(%s)",
1773 sm_errstring(errno));
1776 hp = hostnamebyanyaddr(&sa);
1783 else if (sa.sa.sa_family == AF_INET)
1784 (void) sm_snprintf(p, SPACELEFT(buf, p),
1785 "%s/%d", hp, ntohs(sa.sin.sin_port));
1786 # endif /* NETINET */
1788 else if (sa.sa.sa_family == AF_INET6)
1789 (void) sm_snprintf(p, SPACELEFT(buf, p),
1790 "%s/%d", hp, ntohs(sa.sin6.sin6_port));
1791 # endif /* NETINET6 */
1793 (void) sm_snprintf(p, SPACELEFT(buf, p),
1797 (void) sm_snprintf(p, SPACELEFT(buf, p), "->");
1800 if (getpeername(fd, &sa.sa, &slen) < 0)
1801 (void) sm_snprintf(p, SPACELEFT(buf, p), "(%s)",
1802 sm_errstring(errno));
1805 hp = hostnamebyanyaddr(&sa);
1812 else if (sa.sa.sa_family == AF_INET)
1813 (void) sm_snprintf(p, SPACELEFT(buf, p),
1814 "%s/%d", hp, ntohs(sa.sin.sin_port));
1815 # endif /* NETINET */
1817 else if (sa.sa.sa_family == AF_INET6)
1818 (void) sm_snprintf(p, SPACELEFT(buf, p),
1819 "%s/%d", hp, ntohs(sa.sin6.sin6_port));
1820 # endif /* NETINET6 */
1822 (void) sm_snprintf(p, SPACELEFT(buf, p),
1826 #endif /* S_IFSOCK */
1829 (void) sm_snprintf(p, SPACELEFT(buf, p), "CHR: ");
1835 (void) sm_snprintf(p, SPACELEFT(buf, p), "BLK: ");
1838 #endif /* S_IFBLK */
1840 #if defined(S_IFIFO) && (!defined(S_IFSOCK) || S_IFIFO != S_IFSOCK)
1842 (void) sm_snprintf(p, SPACELEFT(buf, p), "FIFO: ");
1845 #endif /* defined(S_IFIFO) && (!defined(S_IFSOCK) || S_IFIFO != S_IFSOCK) */
1849 (void) sm_snprintf(p, SPACELEFT(buf, p), "DIR: ");
1852 #endif /* S_IFDIR */
1856 (void) sm_snprintf(p, SPACELEFT(buf, p), "LNK: ");
1859 #endif /* S_IFLNK */
1863 (void) sm_snprintf(p, SPACELEFT(buf, p),
1864 "dev=%d/%d, ino=%llu, nlink=%d, u/gid=%d/%d, ",
1865 major(st.st_dev), minor(st.st_dev),
1866 (ULONGLONG_T) st.st_ino,
1867 (int) st.st_nlink, (int) st.st_uid,
1870 (void) sm_snprintf(p, SPACELEFT(buf, p), "size=%llu",
1871 (ULONGLONG_T) st.st_size);
1877 sm_syslog(LOG_DEBUG, CurEnv ? CurEnv->e_id : NULL,
1880 (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT, "%s\n", buf);
1883 ** SHORTEN_HOSTNAME -- strip local domain information off of hostname.
1886 ** host -- the host to shorten (stripped in place).
1889 ** place where string was truncated, NULL if not truncated.
1893 shorten_hostname(host)
1901 /* strip off final dot */
1903 p = &host[(i == 0) ? 0 : i - 1];
1910 /* see if there is any domain at all -- if not, we are done */
1911 p = strchr(host, '.');
1915 /* yes, we have a domain -- see if it looks like us */
1916 mydom = macvalue('m', CurEnv);
1920 if ((canon ? sm_strcasecmp(p, mydom)
1921 : sm_strncasecmp(p, mydom, i)) == 0 &&
1922 (mydom[i] == '.' || mydom[i] == '\0'))
1930 ** PROG_OPEN -- open a program for reading
1933 ** argv -- the argument list.
1934 ** pfd -- pointer to a place to store the file descriptor.
1935 ** e -- the current envelope.
1938 ** pid of the process -- -1 if it failed.
1942 prog_open(argv, pfd, e)
1954 char buf[MAXPATHLEN];
1955 extern int DtableSize;
1959 syserr("%s: cannot create pipe for stdout", argv[0]);
1965 syserr("%s: cannot fork", argv[0]);
1966 (void) close(fdv[0]);
1967 (void) close(fdv[1]);
1973 (void) close(fdv[1]);
1978 /* Reset global flags */
1979 RestartRequest = NULL;
1980 RestartWorkGroup = false;
1981 ShutdownRequest = NULL;
1983 CurrentPid = getpid();
1986 ** Initialize exception stack and default exception
1987 ** handler for child process.
1990 sm_exc_newthread(fatal_error);
1992 /* child -- close stdin */
1995 /* stdout goes back to parent */
1996 (void) close(fdv[0]);
1997 if (dup2(fdv[1], 1) < 0)
1999 syserr("%s: cannot dup2 for stdout", argv[0]);
2002 (void) close(fdv[1]);
2004 /* stderr goes to transcript if available */
2005 if (e->e_xfp != NULL)
2009 xfd = sm_io_getinfo(e->e_xfp, SM_IO_WHAT_FD, NULL);
2010 if (xfd >= 0 && dup2(xfd, 2) < 0)
2012 syserr("%s: cannot dup2 for stderr", argv[0]);
2017 /* this process has no right to the queue file */
2018 if (e->e_lockfp != NULL)
2019 (void) close(sm_io_getinfo(e->e_lockfp, SM_IO_WHAT_FD, NULL));
2021 /* chroot to the program mailer directory, if defined */
2022 if (ProgMailer != NULL && ProgMailer->m_rootdir != NULL)
2024 expand(ProgMailer->m_rootdir, buf, sizeof buf, e);
2025 if (chroot(buf) < 0)
2027 syserr("prog_open: cannot chroot(%s)", buf);
2032 syserr("prog_open: cannot chdir(/)");
2037 /* run as default user */
2039 sm_mbdb_terminate();
2040 if (setgid(DefGid) < 0 && geteuid() == 0)
2042 syserr("prog_open: setgid(%ld) failed", (long) DefGid);
2045 if (setuid(DefUid) < 0 && geteuid() == 0)
2047 syserr("prog_open: setuid(%ld) failed", (long) DefUid);
2051 /* run in some directory */
2052 if (ProgMailer != NULL)
2053 p = ProgMailer->m_execdir;
2056 for (; p != NULL; p = q)
2061 expand(p, buf, sizeof buf, e);
2064 if (buf[0] != '\0' && chdir(buf) >= 0)
2069 /* backup directories */
2070 if (chdir("/tmp") < 0)
2074 /* Check safety of program to be run */
2075 sff = SFF_ROOTOK|SFF_EXECOK;
2076 if (!bitnset(DBS_RUNWRITABLEPROGRAM, DontBlameSendmail))
2077 sff |= SFF_NOGWFILES|SFF_NOWWFILES;
2078 if (bitnset(DBS_RUNPROGRAMINUNSAFEDIRPATH, DontBlameSendmail))
2079 sff |= SFF_NOPATHCHECK;
2081 sff |= SFF_SAFEDIRPATH;
2082 ret = safefile(argv[0], DefUid, DefGid, DefUser, sff, 0, NULL);
2084 sm_syslog(LOG_INFO, e->e_id,
2085 "Warning: prog_open: program %s unsafe: %s",
2086 argv[0], sm_errstring(ret));
2088 /* arrange for all the files to be closed */
2089 for (i = 3; i < DtableSize; i++)
2093 if ((j = fcntl(i, F_GETFD, 0)) != -1)
2094 (void) fcntl(i, F_SETFD, j | FD_CLOEXEC);
2097 /* now exec the process */
2098 (void) execve(argv[0], (ARGV_T) argv, (ARGV_T) UserEnviron);
2102 syserr("%s: cannot exec", argv[0]);
2103 if (transienterror(save_errno))
2106 return -1; /* avoid compiler warning on IRIX */
2109 ** GET_COLUMN -- look up a Column in a line buffer
2112 ** line -- the raw text line to search.
2113 ** col -- the column number to fetch.
2114 ** delim -- the delimiter between columns. If null,
2116 ** buf -- the output buffer.
2117 ** buflen -- the length of buf.
2120 ** buf if successful.
2125 get_column(line, col, delim, buf, buflen)
2137 if ((char) delim == '\0')
2138 (void) sm_strlcpy(delimbuf, "\n\t ", sizeof delimbuf);
2141 delimbuf[0] = (char) delim;
2147 return NULL; /* line empty */
2148 if (*p == (char) delim && col == 0)
2149 return NULL; /* first column empty */
2153 if (col == 0 && (char) delim == '\0')
2155 while (*begin != '\0' && isascii(*begin) && isspace(*begin))
2159 for (i = 0; i < col; i++)
2161 if ((begin = strpbrk(begin, delimbuf)) == NULL)
2162 return NULL; /* no such column */
2164 if ((char) delim == '\0')
2166 while (*begin != '\0' && isascii(*begin) && isspace(*begin))
2171 end = strpbrk(begin, delimbuf);
2178 (void) sm_strlcpy(buf, begin, i + 1);
2182 ** CLEANSTRCPY -- copy string keeping out bogus characters
2185 ** t -- "to" string.
2186 ** f -- "from" string.
2187 ** l -- length of space available in "to" string.
2194 cleanstrcpy(t, f, l)
2199 /* check for newlines and log if necessary */
2200 (void) denlstring(f, true, true);
2203 syserr("!cleanstrcpy: length == 0");
2206 while (l > 0 && *f != '\0')
2209 (isalnum(*f) || strchr("!#$%&'*+-./^_`{|}~", *f) != NULL))
2219 ** DENLSTRING -- convert newlines in a string to spaces
2222 ** s -- the input string
2223 ** strict -- if set, don't permit continuation lines.
2224 ** logattacks -- if set, log attempted attacks.
2227 ** A pointer to a version of the string with newlines
2228 ** mapped to spaces. This should be copied.
2232 denlstring(s, strict, logattacks)
2239 static char *bp = NULL;
2243 while ((p = strchr(p, '\n')) != NULL)
2244 if (strict || (*++p != ' ' && *p != '\t'))
2252 /* allocate more space */
2253 char *nbp = sm_pmalloc_x(l);
2260 (void) sm_strlcpy(bp, s, l);
2261 for (p = bp; (p = strchr(p, '\n')) != NULL; )
2266 sm_syslog(LOG_NOTICE, CurEnv->e_id,
2267 "POSSIBLE ATTACK from %.100s: newline in string \"%s\"",
2268 RealHostName == NULL ? "[UNKNOWN]" : RealHostName,
2269 shortenstring(bp, MAXSHORTSTR));
2276 ** STRREPLNONPRT -- replace "unprintable" characters in a string with subst
2279 ** s -- string to manipulate (in place)
2280 ** subst -- character to use as replacement
2283 ** true iff string did not contain "unprintable" characters
2298 if (!(isascii(*s) && isprint(*s)))
2309 ** STR2PRT -- convert "unprintable" characters in a string to \oct
2312 ** s -- string to convert
2315 ** converted string.
2316 ** This is a static local buffer, string must be copied
2317 ** before this function is called again!
2328 static char *buf = NULL;
2333 for (h = s, l = 1; *h != '\0'; h++, l++)
2340 else if (!(isascii(*h) && isprint(*h)))
2350 char *nbuf = sm_pmalloc_x(l);
2357 for (h = buf; *s != '\0' && l > 0; s++, l--)
2360 if (isascii(c) && isprint(c) && c != '\\')
2383 (void) sm_snprintf(h, l, "%03o", (int) c);
2386 ** XXX since l is unsigned this may
2387 ** wrap around if the calculation is screwed
2398 buf[len - 1] = '\0';
2402 ** PATH_IS_DIR -- check to see if file exists and is a directory.
2404 ** There are some additional checks for security violations in
2405 ** here. This routine is intended to be used for the host status
2409 ** pathname -- pathname to check for directory-ness.
2410 ** createflag -- if set, create directory if needed.
2413 ** true -- if the indicated pathname is a directory
2414 ** false -- otherwise
2418 path_is_dir(pathname, createflag)
2422 struct stat statbuf;
2425 if (lstat(pathname, &statbuf) < 0)
2426 #else /* HASLSTAT */
2427 if (stat(pathname, &statbuf) < 0)
2428 #endif /* HASLSTAT */
2430 if (errno != ENOENT || !createflag)
2432 if (mkdir(pathname, 0755) < 0)
2436 if (!S_ISDIR(statbuf.st_mode))
2442 /* security: don't allow writable directories */
2443 if (bitset(S_IWGRP|S_IWOTH, statbuf.st_mode))
2451 ** PROC_LIST_ADD -- add process id to list of our children
2454 ** pid -- pid to add to list.
2455 ** task -- task of pid.
2456 ** type -- type of process.
2457 ** count -- number of processes.
2458 ** other -- other information for this type.
2464 ** May increase CurChildren. May grow ProcList.
2467 typedef struct procs PROCS_T;
2478 static PROCS_T *volatile ProcListVec = NULL;
2479 static int ProcListSize = 0;
2482 proc_list_add(pid, task, type, count, other)
2491 for (i = 0; i < ProcListSize; i++)
2493 if (ProcListVec[i].proc_pid == NO_PID)
2496 if (i >= ProcListSize)
2498 /* probe the existing vector to avoid growing infinitely */
2501 /* now scan again */
2502 for (i = 0; i < ProcListSize; i++)
2504 if (ProcListVec[i].proc_pid == NO_PID)
2508 if (i >= ProcListSize)
2510 /* grow process list */
2513 SM_ASSERT(ProcListSize < INT_MAX - PROC_LIST_SEG);
2514 npv = (PROCS_T *) sm_pmalloc_x((sizeof *npv) *
2515 (ProcListSize + PROC_LIST_SEG));
2516 if (ProcListSize > 0)
2518 memmove(npv, ProcListVec,
2519 ProcListSize * sizeof (PROCS_T));
2520 sm_free(ProcListVec);
2523 /* XXX just use memset() to initialize this part? */
2524 for (i = ProcListSize; i < ProcListSize + PROC_LIST_SEG; i++)
2526 npv[i].proc_pid = NO_PID;
2527 npv[i].proc_task = NULL;
2528 npv[i].proc_type = PROC_NONE;
2531 ProcListSize += PROC_LIST_SEG;
2534 ProcListVec[i].proc_pid = pid;
2535 PSTRSET(ProcListVec[i].proc_task, task);
2536 ProcListVec[i].proc_type = type;
2537 ProcListVec[i].proc_count = count;
2538 ProcListVec[i].proc_other = other;
2540 /* if process adding itself, it's not a child */
2541 if (pid != CurrentPid)
2543 SM_ASSERT(CurChildren < INT_MAX);
2548 ** PROC_LIST_SET -- set pid task in process list
2551 ** pid -- pid to set
2552 ** task -- task of pid
2559 proc_list_set(pid, task)
2565 for (i = 0; i < ProcListSize; i++)
2567 if (ProcListVec[i].proc_pid == pid)
2569 PSTRSET(ProcListVec[i].proc_task, task);
2575 ** PROC_LIST_DROP -- drop pid from process list
2578 ** pid -- pid to drop
2579 ** st -- process status
2580 ** other -- storage for proc_other (return).
2586 ** May decrease CurChildren, CurRunners, or
2587 ** set RestartRequest or ShutdownRequest.
2589 ** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
2590 ** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
2595 proc_list_drop(pid, st, other)
2601 int type = PROC_NONE;
2603 for (i = 0; i < ProcListSize; i++)
2605 if (ProcListVec[i].proc_pid == pid)
2607 ProcListVec[i].proc_pid = NO_PID;
2608 type = ProcListVec[i].proc_type;
2610 *other = ProcListVec[i].proc_other;
2614 if (CurChildren > 0)
2618 if (type == PROC_CONTROL && WIFEXITED(st))
2620 /* if so, see if we need to restart or shutdown */
2621 if (WEXITSTATUS(st) == EX_RESTART)
2622 RestartRequest = "control socket";
2623 else if (WEXITSTATUS(st) == EX_SHUTDOWN)
2624 ShutdownRequest = "control socket";
2626 else if (type == PROC_QUEUE_CHILD && !WIFSTOPPED(st) &&
2627 ProcListVec[i].proc_other > -1)
2629 /* restart this persistent runner */
2630 mark_work_group_restart(ProcListVec[i].proc_other, st);
2632 else if (type == PROC_QUEUE)
2633 CurRunners -= ProcListVec[i].proc_count;
2636 ** PROC_LIST_CLEAR -- clear the process list
2645 ** Sets CurChildren to zero.
2653 /* start from 1 since 0 is the daemon itself */
2654 for (i = 1; i < ProcListSize; i++)
2655 ProcListVec[i].proc_pid = NO_PID;
2659 ** PROC_LIST_PROBE -- probe processes in the list to see if they still exist
2668 ** May decrease CurChildren.
2676 /* start from 1 since 0 is the daemon itself */
2677 for (i = 1; i < ProcListSize; i++)
2679 if (ProcListVec[i].proc_pid == NO_PID)
2681 if (kill(ProcListVec[i].proc_pid, 0) < 0)
2684 sm_syslog(LOG_DEBUG, CurEnv->e_id,
2685 "proc_list_probe: lost pid %d",
2686 (int) ProcListVec[i].proc_pid);
2687 ProcListVec[i].proc_pid = NO_PID;
2688 SM_FREE_CLR(ProcListVec[i].proc_task);
2692 if (CurChildren < 0)
2697 ** PROC_LIST_DISPLAY -- display the process list
2700 ** out -- output file pointer
2701 ** prefix -- string to output in front of each line.
2708 proc_list_display(out, prefix)
2714 for (i = 0; i < ProcListSize; i++)
2716 if (ProcListVec[i].proc_pid == NO_PID)
2719 (void) sm_io_fprintf(out, SM_TIME_DEFAULT, "%s%d %s%s\n",
2721 (int) ProcListVec[i].proc_pid,
2722 ProcListVec[i].proc_task != NULL ?
2723 ProcListVec[i].proc_task : "(unknown)",
2724 (OpMode == MD_SMTP ||
2725 OpMode == MD_DAEMON ||
2726 OpMode == MD_ARPAFTP) ? "\r" : "");
2731 ** PROC_LIST_SIGNAL -- send a signal to a type of process in the list
2734 ** type -- type of process to signal
2735 ** signal -- the type of signal to send
2740 ** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
2741 ** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
2746 proc_list_signal(type, signal)
2753 pid_t mypid = getpid();
2755 /* block these signals so that we may signal cleanly */
2756 chldwasblocked = sm_blocksignal(SIGCHLD);
2757 alrmwasblocked = sm_blocksignal(SIGALRM);
2759 /* Find all processes of type and send signal */
2760 for (i = 0; i < ProcListSize; i++)
2762 if (ProcListVec[i].proc_pid == NO_PID ||
2763 ProcListVec[i].proc_pid == mypid)
2765 if (ProcListVec[i].proc_type != type)
2767 (void) kill(ProcListVec[i].proc_pid, signal);
2770 /* restore the signals */
2771 if (alrmwasblocked == 0)
2772 (void) sm_releasesignal(SIGALRM);
2773 if (chldwasblocked == 0)
2774 (void) sm_releasesignal(SIGCHLD);