2 * Copyright (c) 1998-2003 Sendmail, Inc. and its suppliers.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
16 SM_RCSID("@(#)$Id: recipient.c,v 8.337 2004/08/03 19:57:23 ca Exp $")
18 static void includetimeout __P((int));
19 static ADDRESS *self_reference __P((ADDRESS *));
20 static int sortexpensive __P((ADDRESS *, ADDRESS *));
21 static int sortbysignature __P((ADDRESS *, ADDRESS *));
22 static int sorthost __P((ADDRESS *, ADDRESS *));
24 typedef int sortfn_t __P((ADDRESS *, ADDRESS *));
27 ** SORTHOST -- strcmp()-like func for host portion of an ADDRESS
30 ** xx -- first ADDRESS
31 ** yy -- second ADDRESS
34 ** <0 when xx->q_host is less than yy->q_host
35 ** >0 when xx->q_host is greater than yy->q_host
44 #if _FFR_HOST_SORT_REVERSE
45 /* XXX maybe compare hostnames from the end? */
46 return sm_strrevcasecmp(xx->q_host, yy->q_host);
47 #else /* _FFR_HOST_SORT_REVERSE */
48 return sm_strcasecmp(xx->q_host, yy->q_host);
49 #endif /* _FFR_HOST_SORT_REVERSE */
53 ** SORTEXPENSIVE -- strcmp()-like func for expensive mailers
55 ** The mailer has been noted already as "expensive" for 'xx'. This
56 ** will give a result relative to 'yy'. Expensive mailers get rated
57 ** "greater than" non-expensive mailers because during the delivery phase
58 ** it will get queued -- no use it getting in the way of less expensive
59 ** recipients. We avoid an MX RR lookup when both 'xx' and 'yy' are
60 ** expensive since an MX RR lookup happens when extracted from the queue
64 ** xx -- first ADDRESS
65 ** yy -- second ADDRESS
68 ** <0 when xx->q_host is less than yy->q_host and both are
70 ** >0 when xx->q_host is greater than yy->q_host, or when
71 ** 'yy' is non-expensive
72 ** 0 when equal (by expense and q_host)
80 if (!bitnset(M_EXPENSIVE, yy->q_mailer->m_flags))
81 return 1; /* xx should go later */
82 #if _FFR_HOST_SORT_REVERSE
83 /* XXX maybe compare hostnames from the end? */
84 return sm_strrevcasecmp(xx->q_host, yy->q_host);
85 #else /* _FFR_HOST_SORT_REVERSE */
86 return sm_strcasecmp(xx->q_host, yy->q_host);
87 #endif /* _FFR_HOST_SORT_REVERSE */
91 ** SORTBYSIGNATURE -- a strcmp()-like func for q_mailer and q_host in ADDRESS
94 ** xx -- first ADDRESS
95 ** yy -- second ADDRESS
98 ** 0 when the "signature"'s are same
99 ** <0 when xx->q_signature is less than yy->q_signature
100 ** >0 when xx->q_signature is greater than yy->q_signature
103 ** May set ADDRESS pointer for q_signature if not already set.
107 sortbysignature(xx, yy)
113 /* Let's avoid redoing the signature over and over again */
114 if (xx->q_signature == NULL)
115 xx->q_signature = hostsignature(xx->q_mailer, xx->q_host);
116 if (yy->q_signature == NULL)
117 yy->q_signature = hostsignature(yy->q_mailer, yy->q_host);
118 ret = strcmp(xx->q_signature, yy->q_signature);
121 ** If the two signatures are the same then we will return a sort
122 ** value based on 'q_user'. But note that we have reversed xx and yy
123 ** on purpose. This additional compare helps reduce the number of
124 ** sameaddr() calls and loops in recipient() for the case when
125 ** the rcpt list has been provided already in-order.
129 return strcmp(yy->q_user, xx->q_user);
135 ** SENDTOLIST -- Designate a send list.
137 ** The parameter is a comma-separated list of people to send to.
138 ** This routine arranges to send to all of them.
141 ** list -- the send list.
142 ** ctladdr -- the address template for the person to
143 ** send to -- effective uid/gid are important.
144 ** This is typically the alias that caused this
146 ** sendq -- a pointer to the head of a queue to put
147 ** these people into.
148 ** aliaslevel -- the current alias nesting depth -- to
150 ** e -- the envelope in which to add these recipients.
153 ** The number of addresses actually on the list.
156 /* q_flags bits inherited from ctladdr */
157 #define QINHERITEDBITS (QPINGONSUCCESS|QPINGONFAILURE|QPINGONDELAY|QHASNOTIFY)
160 sendtolist(list, ctladdr, sendq, aliaslevel, e)
165 register ENVELOPE *e;
168 register ADDRESS *SM_NONVOLATILE al; /* list of addresses to send to */
169 SM_NONVOLATILE char delimiter; /* the address delimiter */
170 SM_NONVOLATILE int naddrs;
171 SM_NONVOLATILE int i;
173 char *oldto = e->e_to;
174 char *SM_NONVOLATILE bufp;
175 char buf[MAXNAME + 1];
179 syserr("sendtolist: null list");
185 sm_dprintf("sendto: %s\n ctladdr=", list);
186 printaddr(sm_debug_file(), ctladdr, false);
189 /* heuristic to determine old versus new style addresses */
190 if (ctladdr == NULL &&
191 (strchr(list, ',') != NULL || strchr(list, ';') != NULL ||
192 strchr(list, '<') != NULL || strchr(list, '(') != NULL))
193 e->e_flags &= ~EF_OLDSTYLE;
195 if (!bitset(EF_OLDSTYLE, e->e_flags) || ctladdr != NULL)
201 /* make sure we have enough space to copy the string */
202 i = strlen(list) + 1;
209 bufp = sm_malloc_x(i);
214 (void) sm_strlcpy(bufp, denlstring(list, false, true), i);
216 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e r");
217 for (p = bufp; *p != '\0'; )
224 /* parse the address */
225 while ((isascii(*p) && isspace(*p)) || *p == ',')
228 a = parseaddr(p, NULLADDR, RF_COPYALL, delimiter,
235 a->q_alias = ctladdr;
237 /* arrange to inherit attributes from parent */
242 /* self reference test */
243 if (sameaddr(ctladdr, a))
247 sm_dprintf("sendtolist: QSELFREF ");
248 printaddr(sm_debug_file(), ctladdr, false);
250 ctladdr->q_flags |= QSELFREF;
253 /* check for address loops */
254 b = self_reference(a);
257 b->q_flags |= QSELFREF;
260 sm_dprintf("sendtolist: QSELFREF ");
261 printaddr(sm_debug_file(), b, false);
267 sm_dprintf("sendtolist: QS_DONTSEND ");
268 printaddr(sm_debug_file(), a, false);
270 a->q_state = QS_DONTSEND;
271 b->q_flags |= a->q_flags & QNOTREMOTE;
277 if (a->q_fullname == NULL)
278 a->q_fullname = ctladdr->q_fullname;
280 /* various flag bits */
281 a->q_flags &= ~QINHERITEDBITS;
282 a->q_flags |= ctladdr->q_flags & QINHERITEDBITS;
284 /* DSN recipient information */
285 a->q_finalrcpt = ctladdr->q_finalrcpt;
286 a->q_orcpt = ctladdr->q_orcpt;
292 /* arrange to send to everyone on the local send list */
295 register ADDRESS *a = al;
298 a = recipient(a, sendq, aliaslevel, e);
307 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL);
314 ** REMOVEFROMLIST -- Remove addresses from a send list.
316 ** The parameter is a comma-separated list of recipients to remove.
317 ** Note that it only deletes matching addresses. If those addresses
318 ** have been expanded already in the sendq, it won't mark the
319 ** expanded recipients as QS_REMOVED.
322 ** list -- the list to remove.
323 ** sendq -- a pointer to the head of a queue to remove
324 ** these addresses from.
325 ** e -- the envelope in which to remove these recipients.
328 ** The number of addresses removed from the list.
333 removefromlist(list, sendq, e)
338 SM_NONVOLATILE char delimiter; /* the address delimiter */
339 SM_NONVOLATILE int naddrs;
340 SM_NONVOLATILE int i;
342 char *oldto = e->e_to;
343 char *SM_NONVOLATILE bufp;
344 char buf[MAXNAME + 1];
348 syserr("removefromlist: null list");
353 sm_dprintf("removefromlist: %s\n", list);
355 /* heuristic to determine old versus new style addresses */
356 if (strchr(list, ',') != NULL || strchr(list, ';') != NULL ||
357 strchr(list, '<') != NULL || strchr(list, '(') != NULL)
358 e->e_flags &= ~EF_OLDSTYLE;
360 if (!bitset(EF_OLDSTYLE, e->e_flags))
365 /* make sure we have enough space to copy the string */
366 i = strlen(list) + 1;
373 bufp = sm_malloc_x(i);
377 (void) sm_strlcpy(bufp, denlstring(list, false, true), i);
379 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), "e r");
380 for (p = bufp; *p != '\0'; )
382 ADDRESS a; /* parsed address to be removed */
387 /* parse the address */
388 while ((isascii(*p) && isspace(*p)) || *p == ',')
390 if (parseaddr(p, &a, RF_COPYALL,
391 delimiter, &delimptr, e, true) == NULL)
397 for (pq = sendq; (q = *pq) != NULL; pq = &q->q_next)
399 if (!QS_IS_DEAD(q->q_state) &&
401 strcmp(q->q_paddr, a.q_paddr) == 0))
405 sm_dprintf("removefromlist: QS_REMOVED ");
406 printaddr(sm_debug_file(), &a, false);
408 q->q_state = QS_REMOVED;
420 macdefine(&e->e_macro, A_PERM, macid("{addr_type}"), NULL);
427 ** RECIPIENT -- Designate a message recipient
429 ** Saves the named person for future mailing.
432 ** new -- the (preparsed) address header for the recipient.
433 ** sendq -- a pointer to the head of a queue to put the
434 ** recipient in. Duplicate suppression is done
436 ** aliaslevel -- the current alias nesting depth.
437 ** e -- the current envelope.
440 ** The actual address in the queue. This will be "a" if
441 ** the address is not a duplicate, else the original address.
446 recipient(new, sendq, aliaslevel, e)
447 register ADDRESS *new;
448 register ADDRESS **sendq;
450 register ENVELOPE *e;
455 register struct mailer *m;
458 bool quoted; /* set if the addr has a quote bit */
461 bool initialdontsend;
463 char buf0[MAXNAME + 1]; /* unquoted image of the user name */
470 initialdontsend = QS_IS_DEAD(new->q_state);
471 e->e_to = new->q_paddr;
475 new->q_flags |= QPRIMARY;
478 sm_dprintf("\nrecipient (%d): ", aliaslevel);
479 printaddr(sm_debug_file(), new, false);
482 /* if this is primary, use it as original recipient */
483 if (new->q_alias == NULL)
485 if (e->e_origrcpt == NULL)
486 e->e_origrcpt = new->q_paddr;
487 else if (e->e_origrcpt != new->q_paddr)
491 /* find parent recipient for finalrcpt and orcpt */
492 for (q = new; q->q_alias != NULL; q = q->q_alias)
495 /* find final recipient DSN address */
496 if (new->q_finalrcpt == NULL &&
497 e->e_from.q_mailer != NULL)
501 p = e->e_from.q_mailer->m_addrtype;
504 if (sm_strcasecmp(p, "rfc822") != 0)
506 (void) sm_snprintf(frbuf, sizeof frbuf, "%s; %.800s",
507 q->q_mailer->m_addrtype,
510 else if (strchr(q->q_user, '@') != NULL)
512 (void) sm_snprintf(frbuf, sizeof frbuf, "%s; %.800s",
515 else if (strchr(q->q_paddr, '@') != NULL)
522 /* strip brackets from address */
526 b = qp[strlen(qp) - 1] == '>';
528 qp[strlen(qp) - 1] = '\0';
531 (void) sm_snprintf(frbuf, sizeof frbuf, "%s; %.800s",
536 qp[strlen(qp)] = '>';
540 (void) sm_snprintf(frbuf, sizeof frbuf,
542 p, q->q_user, MyHostName);
544 new->q_finalrcpt = sm_rpool_strdup_x(e->e_rpool, frbuf);
548 /* set ORCPT DSN arg if not already set */
549 if (new->q_orcpt == NULL)
551 /* check for an existing ORCPT */
552 if (q->q_orcpt != NULL)
553 new->q_orcpt = q->q_orcpt;
561 if (e->e_from.q_mailer != NULL)
562 p = e->e_from.q_mailer->m_addrtype;
565 (void) sm_strlcpyn(obuf, sizeof obuf, 2, p, ";");
569 /* FFR: Needs to strip comments from stdin addrs */
571 /* strip brackets from address */
574 b = qp[strlen(qp) - 1] == '>';
576 qp[strlen(qp) - 1] = '\0';
580 p = xtextify(denlstring(qp, true, false), NULL);
582 if (sm_strlcat(obuf, p, sizeof obuf) >= sizeof obuf)
584 /* if too big, don't use it */
590 qp[strlen(qp)] = '>';
594 sm_rpool_strdup_x(e->e_rpool, obuf);
597 #endif /* _FFR_GEN_ORCPT */
599 /* break aliasing loops */
600 if (aliaslevel > MaxAliasRecursion)
602 new->q_state = QS_BADADDR;
603 new->q_status = "5.4.6";
604 usrerrenh(new->q_status,
605 "554 aliasing/forwarding loop broken (%d aliases deep; %d max)",
606 aliaslevel, MaxAliasRecursion);
611 ** Finish setting up address structure.
614 /* get unquoted user for file, program or user.name check */
615 i = strlen(new->q_user);
616 if (i >= sizeof buf0)
619 buf = xalloc(buflen);
624 buflen = sizeof buf0;
626 (void) sm_strlcpy(buf, new->q_user, buflen);
627 for (p = buf; *p != '\0' && !quoted; p++)
634 /* check for direct mailing to restricted mailers */
637 if (new->q_alias == NULL || UseMSP ||
638 bitset(EF_UNSAFE, e->e_flags))
640 new->q_state = QS_BADADDR;
641 new->q_status = "5.7.1";
642 usrerrenh(new->q_status,
643 "550 Cannot mail directly to programs");
645 else if (bitset(QBOGUSSHELL, new->q_alias->q_flags))
647 new->q_state = QS_BADADDR;
648 new->q_status = "5.7.1";
649 if (new->q_alias->q_ruser == NULL)
650 usrerrenh(new->q_status,
651 "550 UID %d is an unknown user: cannot mail to programs",
652 new->q_alias->q_uid);
654 usrerrenh(new->q_status,
655 "550 User %s@%s doesn't have a valid shell for mailing to programs",
656 new->q_alias->q_ruser, MyHostName);
658 else if (bitset(QUNSAFEADDR, new->q_alias->q_flags))
660 new->q_state = QS_BADADDR;
661 new->q_status = "5.7.1";
662 new->q_rstatus = "550 Unsafe for mailing to programs";
663 usrerrenh(new->q_status,
664 "550 Address %s is unsafe for mailing to programs",
665 new->q_alias->q_paddr);
670 ** Look up this person in the recipient list.
671 ** If they are there already, return, otherwise continue.
672 ** If the list is empty, just add it. Notice the cute
673 ** hack to make from addresses suppress things correctly:
674 ** the QS_DUPLICATE state will be set in the send list.
675 ** [Please note: the emphasis is on "hack."]
681 ** If this message is going to the queue or FastSplit is set
682 ** and it is the first try and the envelope hasn't split, then we
683 ** avoid doing an MX RR lookup now because one will be done when the
684 ** message is extracted from the queue later. It can go to the queue
685 ** because all messages are going to the queue or this mailer of
686 ** the current recipient is marked expensive.
689 if (UseMSP || WILL_BE_QUEUED(e->e_sendmode) ||
690 (!bitset(EF_SPLIT, e->e_flags) && e->e_ntries == 0 &&
693 else if (NoConnect && bitnset(M_EXPENSIVE, new->q_mailer->m_flags))
694 sortfn = sortexpensive;
696 sortfn = sortbysignature;
698 for (pq = sendq; (q = *pq) != NULL; pq = &q->q_next)
701 ** If address is "less than" it should be inserted now.
702 ** If address is "greater than" current comparison it'll
703 ** insert later in the list; so loop again (if possible).
704 ** If address is "equal" (different equal than sameaddr()
705 ** call) then check if sameaddr() will be true.
706 ** Because this list is now sorted, it'll mean fewer
707 ** comparisons and fewer loops which is important for more
711 i = (*sortfn)(new, q);
712 if (i == 0) /* equal */
715 ** Sortbysignature() has said that the two have
716 ** equal MX RR's and the same user. Calling sameaddr()
717 ** now checks if the two hosts are as identical as the
718 ** MX RR's are (which might not be the case)
719 ** before saying these are the identical addresses.
722 if (sameaddr(q, new) &&
723 (bitset(QRCPTOK, q->q_flags) ||
724 !bitset(QPRIMARY, q->q_flags)))
728 sm_dprintf("%s in sendq: ",
730 printaddr(sm_debug_file(), q, false);
732 if (!bitset(QPRIMARY, q->q_flags))
734 if (!QS_IS_DEAD(new->q_state))
735 message("duplicate suppressed");
737 q->q_state = QS_DUPLICATE;
738 q->q_flags |= new->q_flags;
740 else if (bitset(QSELFREF, q->q_flags)
741 || q->q_state == QS_REMOVED)
744 ** If an earlier milter removed the
745 ** address, a later one can still add
749 q->q_state = new->q_state;
750 q->q_flags |= new->q_flags;
756 else if (i < 0) /* less than */
764 /* pq should point to an address, never NULL */
765 SM_ASSERT(pq != NULL);
767 /* add address on list */
771 ** insert before 'pq'. Only possible when at least 1
772 ** ADDRESS is in the list already.
777 *sendq = new; /* To be the first ADDRESS */
779 (*prev)->q_next = new;
784 ** Place in list at current 'pq' position. Possible
785 ** when there are 0 or more ADDRESS's in the list.
792 /* added a new address: clear split flag */
793 e->e_flags &= ~EF_SPLIT;
796 ** Alias the name and handle special mailer types.
802 sm_dprintf("at trylocaluser: ");
803 printaddr(sm_debug_file(), new, false);
806 if (!QS_IS_OK(new->q_state))
808 if (QS_IS_UNDELIVERED(new->q_state))
810 goto testselfdestruct;
815 new->q_state = QS_INCLUDED;
816 if (new->q_alias == NULL || UseMSP ||
817 bitset(EF_UNSAFE, e->e_flags))
819 new->q_state = QS_BADADDR;
820 new->q_status = "5.7.1";
821 usrerrenh(new->q_status,
822 "550 Cannot mail directly to :include:s");
828 message("including file %s", new->q_user);
829 ret = include(new->q_user, false, new,
830 sendq, aliaslevel, e);
831 if (transienterror(ret))
834 sm_syslog(LOG_ERR, e->e_id,
835 "include %s: transient error: %s",
836 shortenstring(new->q_user,
839 new->q_state = QS_QUEUEUP;
840 usrerr("451 4.2.4 Cannot open %s: %s",
841 shortenstring(new->q_user,
847 new->q_state = QS_BADADDR;
848 new->q_status = "5.2.4";
849 usrerrenh(new->q_status,
850 "550 Cannot open %s: %s",
851 shortenstring(new->q_user,
857 else if (m == FileMailer)
859 /* check if allowed */
860 if (new->q_alias == NULL || UseMSP ||
861 bitset(EF_UNSAFE, e->e_flags))
863 new->q_state = QS_BADADDR;
864 new->q_status = "5.7.1";
865 usrerrenh(new->q_status,
866 "550 Cannot mail directly to files");
868 else if (bitset(QBOGUSSHELL, new->q_alias->q_flags))
870 new->q_state = QS_BADADDR;
871 new->q_status = "5.7.1";
872 if (new->q_alias->q_ruser == NULL)
873 usrerrenh(new->q_status,
874 "550 UID %d is an unknown user: cannot mail to files",
875 new->q_alias->q_uid);
877 usrerrenh(new->q_status,
878 "550 User %s@%s doesn't have a valid shell for mailing to files",
879 new->q_alias->q_ruser, MyHostName);
881 else if (bitset(QUNSAFEADDR, new->q_alias->q_flags))
883 new->q_state = QS_BADADDR;
884 new->q_status = "5.7.1";
885 new->q_rstatus = "550 Unsafe for mailing to files";
886 usrerrenh(new->q_status,
887 "550 Address %s is unsafe for mailing to files",
888 new->q_alias->q_paddr);
893 if (!quoted && QS_IS_OK(new->q_state) &&
894 bitnset(M_ALIASABLE, m->m_flags))
895 alias(new, sendq, aliaslevel, e);
898 /* if not aliased, look it up in the user database */
899 if (!bitset(QNOTREMOTE, new->q_flags) &&
900 QS_IS_SENDABLE(new->q_state) &&
901 bitnset(M_CHECKUDB, m->m_flags))
903 if (udbexpand(new, sendq, aliaslevel, e) == EX_TEMPFAIL)
905 new->q_state = QS_QUEUEUP;
906 if (e->e_message == NULL)
907 e->e_message = "Deferred: user database error";
908 if (new->q_message == NULL)
909 new->q_message = "Deferred: user database error";
911 sm_syslog(LOG_INFO, e->e_id,
912 "deferred: udbexpand: %s",
913 sm_errstring(errno));
914 message("queued (user database error): %s",
915 sm_errstring(errno));
917 goto testselfdestruct;
923 ** If we have a level two config file, then pass the name through
924 ** Ruleset 5 before sending it off. Ruleset 5 has the right
925 ** to rewrite it to another mailer. This gives us a hook
926 ** after local aliasing has been done.
931 sm_dprintf("recipient: testing local? cl=%d, rr5=%p\n\t",
932 ConfigLevel, RewriteRules[5]);
933 printaddr(sm_debug_file(), new, false);
935 if (ConfigLevel >= 2 && RewriteRules[5] != NULL &&
936 bitnset(M_TRYRULESET5, m->m_flags) &&
937 !bitset(QNOTREMOTE, new->q_flags) &&
938 QS_IS_OK(new->q_state))
940 maplocaluser(new, sendq, aliaslevel + 1, e);
944 ** If it didn't get rewritten to another mailer, go ahead
948 if (QS_IS_OK(new->q_state) &&
949 bitnset(M_HASPWENT, m->m_flags))
955 /* warning -- finduser may trash buf */
956 status = finduser(buf, &fuzzy, &user);
960 new->q_state = QS_QUEUEUP;
961 new->q_status = "4.5.2";
962 giveresponse(EX_TEMPFAIL, new->q_status, m, NULL,
963 new->q_alias, (time_t) 0, e, new);
966 new->q_state = QS_BADADDR;
967 new->q_status = "5.1.1";
968 new->q_rstatus = "550 5.1.1 User unknown";
969 giveresponse(EX_NOUSER, new->q_status, m, NULL,
970 new->q_alias, (time_t) 0, e, new);
975 /* name was a fuzzy match */
976 new->q_user = sm_rpool_strdup_x(e->e_rpool,
978 if (findusercount++ > 3)
980 new->q_state = QS_BADADDR;
981 new->q_status = "5.4.6";
982 usrerrenh(new->q_status,
983 "554 aliasing/forwarding loop for %s broken",
988 /* see if it aliases */
989 (void) sm_strlcpy(buf, user.mbdb_name, buflen);
992 if (*user.mbdb_homedir == '\0')
994 else if (strcmp(user.mbdb_homedir, "/") == 0)
997 new->q_home = sm_rpool_strdup_x(e->e_rpool,
999 if (user.mbdb_uid != SM_NO_UID)
1001 new->q_uid = user.mbdb_uid;
1002 new->q_gid = user.mbdb_gid;
1003 new->q_flags |= QGOODUID;
1005 new->q_ruser = sm_rpool_strdup_x(e->e_rpool,
1007 if (user.mbdb_fullname[0] != '\0')
1008 new->q_fullname = sm_rpool_strdup_x(e->e_rpool,
1009 user.mbdb_fullname);
1010 if (!usershellok(user.mbdb_name, user.mbdb_shell))
1012 new->q_flags |= QBOGUSSHELL;
1014 if (bitset(EF_VRFYONLY, e->e_flags))
1016 /* don't do any more now */
1017 new->q_state = QS_VERIFIED;
1020 forward(new, sendq, aliaslevel, e);
1023 if (!QS_IS_DEAD(new->q_state))
1027 new->q_flags |= QTHISPASS;
1030 sm_dprintf("testselfdestruct: ");
1031 printaddr(sm_debug_file(), new, false);
1034 sm_dprintf("SENDQ:\n");
1035 printaddr(sm_debug_file(), *sendq, true);
1036 sm_dprintf("----\n");
1039 if (new->q_alias == NULL && new != &e->e_from &&
1040 QS_IS_DEAD(new->q_state))
1042 for (q = *sendq; q != NULL; q = q->q_next)
1044 if (!QS_IS_DEAD(q->q_state))
1049 new->q_state = QS_BADADDR;
1050 new->q_status = "5.4.6";
1051 usrerrenh(new->q_status,
1052 "554 aliasing/forwarding loop broken");
1057 new->q_flags |= QTHISPASS;
1059 sm_free(buf); /* XXX leak if above code raises exception */
1062 ** If we are at the top level, check to see if this has
1063 ** expanded to exactly one address. If so, it can inherit
1064 ** the primaryness of the address.
1066 ** While we're at it, clear the QTHISPASS bits.
1069 if (aliaslevel == 0)
1072 ADDRESS *only = NULL;
1074 for (q = *sendq; q != NULL; q = q->q_next)
1076 if (bitset(QTHISPASS, q->q_flags) &&
1077 QS_IS_SENDABLE(q->q_state))
1082 q->q_flags &= ~QTHISPASS;
1086 /* check to see if this actually got a new owner */
1088 while ((q = q->q_alias) != NULL)
1090 if (q->q_owner != NULL)
1094 only->q_flags |= QPRIMARY;
1096 else if (!initialdontsend && nrcpts > 0)
1098 /* arrange for return receipt */
1099 e->e_flags |= EF_SENDRECEIPT;
1100 new->q_flags |= QEXPANDED;
1101 if (e->e_xfp != NULL &&
1102 bitset(QPINGONSUCCESS, new->q_flags))
1103 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
1104 "%s... expanded to multiple addresses\n",
1108 new->q_flags |= QRCPTOK;
1109 (void) sm_snprintf(buf0, sizeof buf0, "%d", e->e_nrcpts);
1110 macdefine(&e->e_macro, A_TEMP, macid("{nrcpts}"), buf0);
1114 ** FINDUSER -- find the password entry for a user.
1116 ** This looks a lot like getpwnam, except that it may want to
1117 ** do some fancier pattern matching in /etc/passwd.
1119 ** This routine contains most of the time of many sendmail runs.
1120 ** It deserves to be optimized.
1123 ** name -- the name to match against.
1124 ** fuzzyp -- an outarg that is set to true if this entry
1125 ** was found using the fuzzy matching algorithm;
1126 ** set to false otherwise.
1127 ** user -- structure to fill in if user is found
1130 ** On success, fill in *user, set *fuzzyp and return EX_OK.
1131 ** If the user was not found, return EX_NOUSER.
1132 ** On error, return EX_TEMPFAIL or EX_OSERR.
1139 finduser(name, fuzzyp, user)
1145 register struct passwd *pw;
1146 #endif /* MATCHGECOS */
1152 sm_dprintf("finduser(%s): ", name);
1157 /* DEC Hesiod getpwnam accepts numeric strings -- short circuit it */
1158 for (p = name; *p != '\0'; p++)
1159 if (!isascii(*p) || !isdigit(*p))
1164 sm_dprintf("failed (numeric input)\n");
1169 /* look up this login name using fast path */
1170 status = sm_mbdb_lookup(name, user);
1171 if (status != EX_NOUSER)
1174 sm_dprintf("%s (non-fuzzy)\n", sm_strexit(status));
1178 /* try mapping it to lower case */
1180 for (p = name; *p != '\0'; p++)
1182 if (isascii(*p) && isupper(*p))
1188 if (tryagain && (status = sm_mbdb_lookup(name, user)) != EX_NOUSER)
1191 sm_dprintf("%s (lower case)\n", sm_strexit(status));
1197 /* see if fuzzy matching allowed */
1201 sm_dprintf("not found (fuzzy disabled)\n");
1205 /* search for a matching full name instead */
1206 for (p = name; *p != '\0'; p++)
1208 if (*p == (SpaceSub & 0177) || *p == '_')
1212 while ((pw = getpwent()) != NULL)
1214 char buf[MAXNAME + 1];
1217 if (sm_strcasecmp(pw->pw_name, name) == 0)
1220 sm_dprintf("found (case wrapped)\n");
1225 sm_pwfullname(pw->pw_gecos, pw->pw_name, buf, sizeof buf);
1226 if (strchr(buf, ' ') != NULL && sm_strcasecmp(buf, name) == 0)
1229 sm_dprintf("fuzzy matches %s\n", pw->pw_name);
1230 message("sending to login name %s", pw->pw_name);
1236 else if (tTd(29, 4))
1237 sm_dprintf("no fuzzy match found\n");
1238 # if DEC_OSF_BROKEN_GETPWENT /* DEC OSF/1 3.2 or earlier */
1240 # endif /* DEC_OSF_BROKEN_GETPWENT */
1243 sm_mbdb_frompw(user, pw);
1245 #else /* MATCHGECOS */
1247 sm_dprintf("not found (fuzzy disabled)\n");
1249 #endif /* MATCHGECOS */
1252 ** WRITABLE -- predicate returning if the file is writable.
1254 ** This routine must duplicate the algorithm in sys/fio.c.
1255 ** Unfortunately, we cannot use the access call since we
1256 ** won't necessarily be the real uid when we try to
1257 ** actually open the file.
1259 ** Notice that ANY file with ANY execute bit is automatically
1260 ** not writable. This is also enforced by mailfile.
1263 ** filename -- the file name to check.
1264 ** ctladdr -- the controlling address for this file.
1265 ** flags -- SFF_* flags to control the function.
1268 ** true -- if we will be able to write this file.
1269 ** false -- if we cannot write this file.
1276 writable(filename, ctladdr, flags)
1286 sm_dprintf("writable(%s, 0x%lx)\n", filename, flags);
1289 ** File does exist -- check that it is writable.
1298 else if (ctladdr != NULL)
1300 euid = ctladdr->q_uid;
1301 egid = ctladdr->q_gid;
1302 user = ctladdr->q_user;
1304 else if (bitset(SFF_RUNASREALUID, flags))
1308 user = RealUserName;
1310 else if (FileMailer != NULL && !bitset(SFF_ROOTOK, flags))
1312 if (FileMailer->m_uid == NO_UID)
1319 euid = FileMailer->m_uid;
1322 if (FileMailer->m_gid == NO_GID)
1325 egid = FileMailer->m_gid;
1332 if (!bitset(SFF_ROOTOK, flags))
1342 if (geteuid() == 0 &&
1343 (ctladdr == NULL || !bitset(QGOODUID, ctladdr->q_flags)))
1344 flags |= SFF_SETUIDOK;
1346 if (!bitnset(DBS_FILEDELIVERYTOSYMLINK, DontBlameSendmail))
1347 flags |= SFF_NOSLINK;
1348 if (!bitnset(DBS_FILEDELIVERYTOHARDLINK, DontBlameSendmail))
1349 flags |= SFF_NOHLINK;
1351 errno = safefile(filename, euid, egid, user, flags, S_IWRITE, NULL);
1355 ** INCLUDE -- handle :include: specification.
1358 ** fname -- filename to include.
1359 ** forwarding -- if true, we are reading a .forward file.
1360 ** if false, it's a :include: file.
1361 ** ctladdr -- address template to use to fill in these
1362 ** addresses -- effective user/group id are
1363 ** the important things.
1364 ** sendq -- a pointer to the head of the send queue
1365 ** to put these addresses in.
1366 ** aliaslevel -- the alias nesting depth.
1367 ** e -- the current envelope.
1370 ** open error status
1373 ** reads the :include: file and sends to everyone
1374 ** listed in that file.
1377 ** If you have restricted chown (that is, you can't
1378 ** give a file away), it is reasonable to allow programs
1379 ** and files called from this :include: file to be to be
1380 ** run as the owner of the :include: file. This is bogus
1381 ** if there is any chance of someone giving away a file.
1382 ** We assume that pre-POSIX systems can give away files.
1384 ** There is an additional restriction that if you
1385 ** forward to a :include: file, it will not take on
1386 ** the ownership of the :include: file. This may not
1387 ** be necessary, but shouldn't hurt.
1390 static jmp_buf CtxIncludeTimeout;
1393 include(fname, forwarding, ctladdr, sendq, aliaslevel, e)
1401 SM_FILE_T *volatile fp = NULL;
1402 char *oldto = e->e_to;
1403 char *oldfilename = FileName;
1404 int oldlinenumber = LineNumber;
1405 register SM_EVENT *ev = NULL;
1408 volatile bool maxreached = false;
1409 register ADDRESS *ca;
1410 volatile uid_t saveduid;
1411 volatile gid_t savedgid;
1414 char *volatile user;
1416 volatile long sfflags = SFF_REGONLY;
1418 bool safechown = false;
1419 volatile bool safedir = false;
1424 sm_dprintf("include(%s)\n", fname);
1426 sm_dprintf(" ruid=%d euid=%d\n",
1427 (int) getuid(), (int) geteuid());
1430 sm_dprintf("ctladdr ");
1431 printaddr(sm_debug_file(), ctladdr, false);
1435 sm_dprintf("include: old uid = %d/%d\n",
1436 (int) getuid(), (int) geteuid());
1440 sfflags |= SFF_MUSTOWN|SFF_ROOTOK;
1441 if (!bitnset(DBS_GROUPWRITABLEFORWARDFILE, DontBlameSendmail))
1442 sfflags |= SFF_NOGWFILES;
1443 if (!bitnset(DBS_WORLDWRITABLEFORWARDFILE, DontBlameSendmail))
1444 sfflags |= SFF_NOWWFILES;
1448 if (!bitnset(DBS_GROUPWRITABLEINCLUDEFILE, DontBlameSendmail))
1449 sfflags |= SFF_NOGWFILES;
1450 if (!bitnset(DBS_WORLDWRITABLEINCLUDEFILE, DontBlameSendmail))
1451 sfflags |= SFF_NOWWFILES;
1455 ** If RunAsUser set, won't be able to run programs as user
1456 ** so mark them as unsafe unless the administrator knows better.
1459 if ((geteuid() != 0 || RunAsUid != 0) &&
1460 !bitnset(DBS_NONROOTSAFEADDR, DontBlameSendmail))
1463 sm_dprintf("include: not safe (euid=%d, RunAsUid=%d)\n",
1464 (int) geteuid(), (int) RunAsUid);
1465 ctladdr->q_flags |= QUNSAFEADDR;
1468 ca = getctladdr(ctladdr);
1470 (ca->q_uid == DefUid && ca->q_gid == 0))
1482 #if MAILER_SETUID_METHOD != USE_SETUID
1483 saveduid = geteuid();
1484 savedgid = getegid();
1487 if (!DontInitGroups)
1489 if (initgroups(user, gid) == -1)
1492 syserr("include: initgroups(%s, %d) failed",
1502 if (setgroups(1, gidset) == -1)
1505 syserr("include: setgroups() failed");
1510 if (gid != 0 && setgid(gid) < -1)
1513 syserr("setgid(%d) failure", gid);
1518 # if MAILER_SETUID_METHOD == USE_SETEUID
1519 if (seteuid(uid) < 0)
1522 syserr("seteuid(%d) failure (real=%d, eff=%d)",
1523 uid, (int) getuid(), (int) geteuid());
1526 # endif /* MAILER_SETUID_METHOD == USE_SETEUID */
1527 # if MAILER_SETUID_METHOD == USE_SETREUID
1528 if (setreuid(0, uid) < 0)
1531 syserr("setreuid(0, %d) failure (real=%d, eff=%d)",
1532 uid, (int) getuid(), (int) geteuid());
1535 # endif /* MAILER_SETUID_METHOD == USE_SETREUID */
1538 #endif /* MAILER_SETUID_METHOD != USE_SETUID */
1541 sm_dprintf("include: new uid = %d/%d\n",
1542 (int) getuid(), (int) geteuid());
1545 ** If home directory is remote mounted but server is down,
1546 ** this can hang or give errors; use a timeout to avoid this
1549 if (setjmp(CtxIncludeTimeout) != 0)
1551 ctladdr->q_state = QS_QUEUEUP;
1554 /* return pseudo-error code */
1555 rval = E_SM_OPENTIMEOUT;
1558 if (TimeOuts.to_fileopen > 0)
1559 ev = sm_setevent(TimeOuts.to_fileopen, includetimeout, 0);
1564 /* check for writable parent directory */
1565 p = strrchr(fname, '/');
1571 ret = safedirpath(fname, uid, gid, user,
1572 sfflags|SFF_SAFEDIRPATH, 0, 0);
1575 /* in safe directory: relax chown & link rules */
1577 sfflags |= SFF_NOPATHCHECK;
1581 if (bitnset((forwarding ?
1582 DBS_FORWARDFILEINUNSAFEDIRPATH :
1583 DBS_INCLUDEFILEINUNSAFEDIRPATH),
1585 sfflags |= SFF_NOPATHCHECK;
1586 else if (bitnset((forwarding ?
1587 DBS_FORWARDFILEINGROUPWRITABLEDIRPATH :
1588 DBS_INCLUDEFILEINGROUPWRITABLEDIRPATH),
1589 DontBlameSendmail) &&
1592 setbitn(DBS_GROUPWRITABLEDIRPATHSAFE,
1594 ret = safedirpath(fname, uid, gid, user,
1595 sfflags|SFF_SAFEDIRPATH,
1597 clrbitn(DBS_GROUPWRITABLEDIRPATHSAFE,
1600 sfflags |= SFF_NOPATHCHECK;
1602 sfflags |= SFF_SAFEDIRPATH;
1605 sfflags |= SFF_SAFEDIRPATH;
1606 if (ret > E_PSEUDOBASE &&
1607 !bitnset((forwarding ?
1608 DBS_FORWARDFILEINUNSAFEDIRPATHSAFE :
1609 DBS_INCLUDEFILEINUNSAFEDIRPATHSAFE),
1613 sm_syslog(LOG_INFO, e->e_id,
1614 "%s: unsafe directory path, marked unsafe",
1615 shortenstring(fname, MAXSHORTSTR));
1616 ctladdr->q_flags |= QUNSAFEADDR;
1622 /* allow links only in unwritable directories */
1624 !bitnset((forwarding ?
1625 DBS_LINKEDFORWARDFILEINWRITABLEDIR :
1626 DBS_LINKEDINCLUDEFILEINWRITABLEDIR),
1628 sfflags |= SFF_NOLINK;
1630 rval = safefile(fname, uid, gid, user, sfflags, S_IREAD, &st);
1633 /* don't use this :include: file */
1635 sm_dprintf("include: not safe (uid=%d): %s\n",
1636 (int) uid, sm_errstring(rval));
1638 else if ((fp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, fname,
1639 SM_IO_RDONLY, NULL)) == NULL)
1643 sm_dprintf("include: open: %s\n", sm_errstring(rval));
1645 else if (filechanged(fname, sm_io_getinfo(fp,SM_IO_WHAT_FD, NULL), &st))
1647 rval = E_SM_FILECHANGE;
1649 sm_dprintf("include: file changed after open\n");
1656 #if HASSETREUID || USESETEUID
1663 syserr("!seteuid(0) failure (real=%d, eff=%d)",
1664 (int) getuid(), (int) geteuid());
1665 # else /* USESETEUID */
1666 if (setreuid(-1, 0) < 0)
1667 syserr("!setreuid(-1, 0) failure (real=%d, eff=%d)",
1668 (int) getuid(), (int) geteuid());
1669 if (setreuid(RealUid, 0) < 0)
1670 syserr("!setreuid(%d, 0) failure (real=%d, eff=%d)",
1671 (int) RealUid, (int) getuid(),
1673 # endif /* USESETEUID */
1675 if (setgid(savedgid) < 0)
1676 syserr("!setgid(%d) failure (real=%d eff=%d)",
1677 (int) savedgid, (int) getgid(),
1680 #endif /* HASSETREUID || USESETEUID */
1683 sm_dprintf("include: reset uid = %d/%d\n",
1684 (int) getuid(), (int) geteuid());
1686 if (rval == E_SM_OPENTIMEOUT)
1687 usrerr("451 4.4.1 open timeout on %s", fname);
1692 if (fstat(sm_io_getinfo(fp, SM_IO_WHAT_FD, NULL), &st) < 0)
1695 syserr("Cannot fstat %s!", fname);
1696 (void) sm_io_close(fp, SM_TIME_DEFAULT);
1700 /* if path was writable, check to avoid file giveaway tricks */
1701 safechown = chownsafe(sm_io_getinfo(fp, SM_IO_WHAT_FD, NULL), safedir);
1703 sm_dprintf("include: parent of %s is %s, chown is %ssafe\n",
1704 fname, safedir ? "safe" : "dangerous",
1705 safechown ? "" : "un");
1707 /* if no controlling user or coming from an alias delivery */
1710 (ca->q_uid == DefUid && ca->q_gid == 0)))
1712 ctladdr->q_uid = st.st_uid;
1713 ctladdr->q_gid = st.st_gid;
1714 ctladdr->q_flags |= QGOODUID;
1716 if (ca != NULL && ca->q_uid == st.st_uid)
1718 /* optimization -- avoid getpwuid if we already have info */
1719 ctladdr->q_flags |= ca->q_flags & QBOGUSSHELL;
1720 ctladdr->q_ruser = ca->q_ruser;
1722 else if (!forwarding)
1724 register struct passwd *pw;
1726 pw = sm_getpwuid(st.st_uid);
1729 ctladdr->q_uid = st.st_uid;
1730 ctladdr->q_flags |= QBOGUSSHELL;
1736 ctladdr->q_ruser = sm_rpool_strdup_x(e->e_rpool,
1741 sh = "/SENDMAIL/ANY/SHELL/";
1742 if (!usershellok(pw->pw_name, sh))
1745 sm_syslog(LOG_INFO, e->e_id,
1746 "%s: user %s has bad shell %s, marked %s",
1747 shortenstring(fname,
1750 safechown ? "bogus" : "unsafe");
1752 ctladdr->q_flags |= QBOGUSSHELL;
1754 ctladdr->q_flags |= QUNSAFEADDR;
1759 if (bitset(EF_VRFYONLY, e->e_flags))
1761 /* don't do any more now */
1762 ctladdr->q_state = QS_VERIFIED;
1764 (void) sm_io_close(fp, SM_TIME_DEFAULT);
1769 ** Check to see if some bad guy can write this file
1771 ** Group write checking could be more clever, e.g.,
1772 ** guessing as to which groups are actually safe ("sys"
1773 ** may be; "user" probably is not).
1777 if (!bitnset((forwarding ?
1778 DBS_GROUPWRITABLEFORWARDFILESAFE :
1779 DBS_GROUPWRITABLEINCLUDEFILESAFE),
1783 if (bitset(mode, st.st_mode))
1786 sm_dprintf("include: %s is %s writable, marked unsafe\n",
1787 shortenstring(fname, MAXSHORTSTR),
1788 bitset(S_IWOTH, st.st_mode) ? "world"
1791 sm_syslog(LOG_INFO, e->e_id,
1792 "%s: %s writable %s file, marked unsafe",
1793 shortenstring(fname, MAXSHORTSTR),
1794 bitset(S_IWOTH, st.st_mode) ? "world" : "group",
1795 forwarding ? "forward" : ":include:");
1796 ctladdr->q_flags |= QUNSAFEADDR;
1799 /* read the file -- each line is a comma-separated list. */
1802 ctladdr->q_flags &= ~QSELFREF;
1804 while (sm_io_fgets(fp, SM_TIME_DEFAULT, buf, sizeof buf) != NULL &&
1809 if (buf[0] == '#' || buf[0] == '\0')
1812 /* <sp>#@# introduces a comment anywhere */
1813 /* for Japanese character sets */
1814 for (p = buf; (p = strchr(++p, '#')) != NULL; )
1816 if (p[1] == '@' && p[2] == '#' &&
1817 isascii(p[-1]) && isspace(p[-1]) &&
1818 (p[3] == '\0' || (isascii(p[3]) && isspace(p[3]))))
1821 while (p > buf && isascii(p[-1]) &&
1833 forwarding ? "forwarding" : "sending", buf);
1834 if (forwarding && LogLevel > 10)
1835 sm_syslog(LOG_INFO, e->e_id,
1836 "forward %.200s => %s",
1837 oldto, shortenstring(buf, MAXSHORTSTR));
1839 nincludes += sendtolist(buf, ctladdr, sendq, aliaslevel + 1, e);
1842 MaxForwardEntries > 0 &&
1843 nincludes >= MaxForwardEntries)
1845 /* just stop reading and processing further entries */
1847 /* additional: (?) */
1848 ctladdr->q_state = QS_DONTSEND;
1851 syserr("Attempt to forward to more than %d addresses (in %s)!",
1852 MaxForwardEntries, fname);
1857 if (sm_io_error(fp) && tTd(27, 3))
1858 sm_dprintf("include: read error: %s\n", sm_errstring(errno));
1859 if (nincludes > 0 && !bitset(QSELFREF, ctladdr->q_flags))
1863 sm_dprintf("include: QS_DONTSEND ");
1864 printaddr(sm_debug_file(), ctladdr, false);
1866 ctladdr->q_state = QS_DONTSEND;
1869 (void) sm_io_close(fp, SM_TIME_DEFAULT);
1870 FileName = oldfilename;
1871 LineNumber = oldlinenumber;
1877 includetimeout(ignore)
1881 ** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
1882 ** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
1887 longjmp(CtxIncludeTimeout, 1);
1890 ** SENDTOARGV -- send to an argument vector.
1893 ** argv -- argument vector to send to.
1894 ** e -- the current envelope.
1900 ** puts all addresses on the argument vector onto the
1906 register char **argv;
1907 register ENVELOPE *e;
1911 while ((p = *argv++) != NULL)
1912 (void) sendtolist(p, NULLADDR, &e->e_sendqueue, 0, e);
1915 ** GETCTLADDR -- get controlling address from an address header.
1917 ** If none, get one corresponding to the effective userid.
1920 ** a -- the address to find the controller of.
1923 ** the controlling address.
1928 register ADDRESS *a;
1930 while (a != NULL && !bitset(QGOODUID, a->q_flags))
1935 ** SELF_REFERENCE -- check to see if an address references itself
1937 ** The check is done through a chain of aliases. If it is part of
1938 ** a loop, break the loop at the "best" address, that is, the one
1939 ** that exists as a real user.
1941 ** This is to handle the case of:
1942 ** awc: Andrew.Chang
1943 ** Andrew.Chang: awc@mail.server
1944 ** which is a problem only on mail.server.
1947 ** a -- the address to check.
1950 ** The address that should be retained.
1957 ADDRESS *b; /* top entry in self ref loop */
1958 ADDRESS *c; /* entry that point to a real mail box */
1961 sm_dprintf("self_reference(%s)\n", a->q_paddr);
1963 for (b = a->q_alias; b != NULL; b = b->q_alias)
1972 sm_dprintf("\t... no self ref\n");
1977 ** Pick the first address that resolved to a real mail box
1978 ** i.e has a mbdb entry. The returned value will be marked
1979 ** QSELFREF in recipient(), which in turn will disable alias()
1980 ** from marking it as QS_IS_DEAD(), which mean it will be used
1981 ** as a deliverable address.
1983 ** The 2 key thing to note here are:
1984 ** 1) we are in a recursive call sequence:
1985 ** alias->sendtolist->recipient->alias
1986 ** 2) normally, when we return back to alias(), the address
1987 ** will be marked QS_EXPANDED, since alias() assumes the
1988 ** expanded form will be used instead of the current address.
1989 ** This behaviour is turned off if the address is marked
1990 ** QSELFREF. We set QSELFREF when we return to recipient().
1997 sm_dprintf(" %s", c->q_user);
1998 if (bitnset(M_HASPWENT, c->q_mailer->m_flags))
2003 sm_dprintf("\t... getpwnam(%s)... ", c->q_user);
2004 if (sm_mbdb_lookup(c->q_user, &user) == EX_OK)
2007 sm_dprintf("found\n");
2009 /* ought to cache results here */
2016 sm_dprintf("failed\n");
2020 /* if local delivery, compare usernames */
2021 if (bitnset(M_LOCALMAILER, c->q_mailer->m_flags) &&
2022 b->q_mailer == c->q_mailer)
2025 sm_dprintf("\t... local match (%s)\n",
2039 sm_dprintf("\t... cannot break loop for \"%s\"\n", a->q_paddr);