2 * Copyright (c) 1998-2002 Sendmail, Inc. and its suppliers.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
16 SM_RCSID("@(#)$Id: alias.c,v 8.214.2.1 2003/07/28 17:47:55 ca Exp $")
19 # define ALIAS_SPEC_SEPARATORS " ,/:"
21 static MAP *AliasFileMap = NULL; /* the actual aliases.files map */
22 static int NAliasFileMaps; /* the number of entries in AliasFileMap */
24 static char *aliaslookup __P((char *, int *, char *));
27 ** ALIAS -- Compute aliases.
29 ** Scans the alias file for an alias for the given address.
30 ** If found, it arranges to deliver to the alias list instead.
31 ** Uses libdbm database if -DDBM.
34 ** a -- address to alias.
35 ** sendq -- a pointer to the head of the send queue
36 ** to put the aliases in.
37 ** aliaslevel -- the current alias nesting depth.
38 ** e -- the current envelope.
44 ** Aliases found are expanded.
47 ** It should complain about names that are aliased to
52 alias(a, sendq, aliaslevel, e)
60 auto int status = EX_OK;
61 char obuf[MAXNAME + 7];
64 sm_dprintf("alias(%s)\n", a->q_user);
66 /* don't realias already aliased names */
67 if (!QS_IS_OK(a->q_state))
78 ** If the map was unavailable, we will queue this message
79 ** until the map becomes available; otherwise, we could
80 ** bounce messages inappropriately.
83 #if _FFR_REDIRECTEMPTY
85 ** envelope <> can't be sent to mailing lists, only owner-
86 ** send spam of this type to owner- of the list
87 ** ---- to stop spam from going to mailing lists!
90 if (e->e_sender != NULL && *e->e_sender == '\0')
92 /* Look for owner of alias */
93 (void) sm_strlcpyn(obuf, sizeof obuf, 2, "owner-", a->q_user);
94 if (aliaslookup(obuf, &status, a->q_host) != NULL)
97 sm_syslog(LOG_WARNING, e->e_id,
98 "possible spam from <> to list: %s, redirected to %s\n",
100 a->q_user = sm_rpool_strdup_x(e->e_rpool, obuf);
103 #endif /* _FFR_REDIRECTEMPTY */
105 p = aliaslookup(a->q_user, &status, a->q_host);
106 if (status == EX_TEMPFAIL || status == EX_UNAVAILABLE)
108 a->q_state = QS_QUEUEUP;
109 if (e->e_message == NULL)
110 e->e_message = "alias database unavailable";
112 /* XXX msg only per recipient? */
113 if (a->q_message == NULL)
114 a->q_message = "alias database unavailable";
122 ** Deliver to the target list.
126 sm_dprintf("%s (%s, %s) aliased to %s\n",
127 a->q_paddr, a->q_host, a->q_user, p);
128 if (bitset(EF_VRFYONLY, e->e_flags))
130 a->q_state = QS_VERIFIED;
133 message("aliased to %s", shortenstring(p, MAXSHORTSTR));
135 sm_syslog(LOG_INFO, e->e_id,
136 "alias %.100s => %s",
137 a->q_paddr, shortenstring(p, MAXSHORTSTR));
138 a->q_flags &= ~QSELFREF;
141 sm_dprintf("alias: QS_EXPANDED ");
144 a->q_state = QS_EXPANDED;
147 ** Always deliver aliased items as the default user.
148 ** Setting q_gid to 0 forces deliver() to use DefUser
149 ** instead of the alias name for the call to initgroups().
154 a->q_fullname = NULL;
155 a->q_flags |= QGOODUID|QALIAS;
157 (void) sendtolist(p, a, sendq, aliaslevel + 1, e);
159 if (bitset(QSELFREF, a->q_flags) && QS_IS_EXPANDED(a->q_state))
163 ** Look for owner of alias
166 if (strncmp(a->q_user, "owner-", 6) == 0 ||
167 strlen(a->q_user) > sizeof obuf - 7)
168 (void) sm_strlcpy(obuf, "owner-owner", sizeof obuf);
170 (void) sm_strlcpyn(obuf, sizeof obuf, 2, "owner-", a->q_user);
171 owner = aliaslookup(obuf, &status, a->q_host);
175 /* reflect owner into envelope sender */
176 if (strpbrk(owner, ",:/|\"") != NULL)
178 a->q_owner = sm_rpool_strdup_x(e->e_rpool, owner);
180 /* announce delivery to this alias; NORECEIPT bit set later */
181 if (e->e_xfp != NULL)
182 (void) sm_io_fprintf(e->e_xfp, SM_TIME_DEFAULT,
183 "Message delivered to mailing list %s\n",
185 e->e_flags |= EF_SENDRECEIPT;
186 a->q_flags |= QDELIVERED|QEXPANDED;
189 ** ALIASLOOKUP -- look up a name in the alias file.
192 ** name -- the name to look up.
193 ** pstat -- a pointer to a place to put the status.
194 ** av -- argument for %1 expansion.
197 ** the value of name.
204 ** The return value will be trashed across calls.
208 aliaslookup(name, pstat, av)
213 static MAP *map = NULL;
214 #if _FFR_ALIAS_DETAIL
217 #endif /* _FFR_ALIAS_DETAIL */
221 STAB *s = stab("aliases", ST_MAP, ST_FIND);
229 /* special case POstMastER -- always use lower case */
230 if (sm_strcasecmp(name, "postmaster") == 0)
233 #if _FFR_ALIAS_DETAIL
238 /* XXX '+' is hardwired here as delimiter! */
239 if (av != NULL && *av == '+')
242 return (*map->map_class->map_lookup)(map, name, argv, pstat);
243 #else /* _FFR_ALIAS_DETAIL */
244 return (*map->map_class->map_lookup)(map, name, NULL, pstat);
245 #endif /* _FFR_ALIAS_DETAIL */
248 ** SETALIAS -- set up an alias map
250 ** Called when reading configuration file.
253 ** spec -- the alias specification
269 sm_dprintf("setalias(%s)\n", spec);
271 for (p = spec; p != NULL; )
275 while (isascii(*p) && isspace(*p))
281 if (NAliasFileMaps >= MAXMAPSTACK)
283 syserr("Too many alias databases defined, %d max",
287 if (AliasFileMap == NULL)
289 (void) sm_strlcpy(buf, "aliases.files sequence",
291 AliasFileMap = makemapentry(buf);
292 if (AliasFileMap == NULL)
294 syserr("setalias: cannot create aliases.files map");
298 (void) sm_snprintf(buf, sizeof buf, "Alias%d", NAliasFileMaps);
299 s = stab(buf, ST_MAP, ST_ENTER);
301 memset(map, '\0', sizeof *map);
302 map->map_mname = s->s_name;
303 p = strpbrk(p, ALIAS_SPEC_SEPARATORS);
304 if (p != NULL && *p == SEPARATOR)
314 map->map_mflags = MF_INCLNULL;
317 /* find end of spec */
322 for (; *p != '\0'; p++)
325 ** Don't break into a quoted string.
326 ** Needed for ldap maps which use
327 ** commas in their specifications.
332 else if (*p == ',' && !quoted)
336 /* No more alias specifications follow */
344 sm_dprintf(" map %s:%s %s\n", class, s->s_name, spec);
347 s = stab(class, ST_MAPCLASS, ST_FIND);
350 syserr("setalias: unknown alias class %s", class);
352 else if (!bitset(MCF_ALIASOK, s->s_mapclass.map_cflags))
354 syserr("setalias: map class %s can't handle aliases",
359 map->map_class = &s->s_mapclass;
360 map->map_mflags |= MF_ALIAS;
361 if (map->map_class->map_parse(map, spec))
363 map->map_mflags |= MF_VALID;
364 AliasFileMap->map_stack[NAliasFileMaps++] = map;
370 ** ALIASWAIT -- wait for distinguished @:@ token to appear.
372 ** This can decide to reopen or rebuild the alias file
375 ** map -- a pointer to the map descriptor for this alias file.
376 ** ext -- the filename extension (e.g., ".db") for the
378 ** isopen -- if set, the database is already open, and we
379 ** should check for validity; otherwise, we are
380 ** just checking to see if it should be created.
383 ** true -- if the database is open when we return.
384 ** false -- if the database is closed when we return.
388 aliaswait(map, ext, isopen)
393 bool attimeout = false;
396 char buf[MAXPATHLEN];
399 sm_dprintf("aliaswait(%s:%s)\n",
400 map->map_class->map_cname, map->map_file);
401 if (bitset(MF_ALIASWAIT, map->map_mflags))
403 map->map_mflags |= MF_ALIASWAIT;
408 unsigned int sleeptime = 2;
409 unsigned int loopcount = 0; /* only used for debugging */
410 time_t toolong = curtime() + SafeAlias;
413 map->map_class->map_lookup(map, "@", NULL, &st) == NULL)
415 if (curtime() > toolong)
423 ** Close and re-open the alias database in case
424 ** the one is mv'ed instead of cp'ed in.
430 sm_dprintf("aliaswait: sleeping for %u seconds (loopcount = %u)\n",
431 sleeptime, loopcount);
434 map->map_mflags |= MF_CLOSING;
435 map->map_class->map_close(map);
436 map->map_mflags &= ~(MF_OPEN|MF_WRITABLE|MF_CLOSING);
437 (void) sleep(sleeptime);
441 isopen = map->map_class->map_open(map, O_RDONLY);
445 /* see if we need to go into auto-rebuild mode */
446 if (!bitset(MCF_REBUILDABLE, map->map_class->map_cflags))
449 sm_dprintf("aliaswait: not rebuildable\n");
450 map->map_mflags &= ~MF_ALIASWAIT;
453 if (stat(map->map_file, &stb) < 0)
456 sm_dprintf("aliaswait: no source file\n");
457 map->map_mflags &= ~MF_ALIASWAIT;
460 mtime = stb.st_mtime;
461 if (sm_strlcpyn(buf, sizeof buf, 2,
462 map->map_file, ext == NULL ? "" : ext) >= sizeof buf)
465 sm_syslog(LOG_INFO, NOQID,
466 "alias database %s%s name too long",
467 map->map_file, ext == NULL ? "" : ext);
468 message("alias database %s%s name too long",
469 map->map_file, ext == NULL ? "" : ext);
472 if (stat(buf, &stb) < 0 || stb.st_mtime < mtime || attimeout)
475 sm_syslog(LOG_INFO, NOQID,
476 "alias database %s out of date", buf);
477 message("Warning: alias database %s out of date", buf);
479 map->map_mflags &= ~MF_ALIASWAIT;
483 ** REBUILDALIASES -- rebuild the alias database.
486 ** map -- the database to rebuild.
487 ** automatic -- set if this was automatically generated.
490 ** true if successful; false otherwise.
493 ** Reads the text version of the database, builds the
494 ** DBM or DB version.
498 rebuildaliases(map, automatic)
504 bool success = false;
505 long sff = SFF_OPENASROOT|SFF_REGONLY|SFF_NOLOCK;
506 sigfunc_t oldsigint, oldsigquit;
508 sigfunc_t oldsigtstp;
511 if (!bitset(MCF_REBUILDABLE, map->map_class->map_cflags))
514 if (!bitnset(DBS_LINKEDALIASFILEINWRITABLEDIR, DontBlameSendmail))
516 if (!bitnset(DBS_GROUPWRITABLEALIASFILE, DontBlameSendmail))
517 sff |= SFF_NOGWFILES;
518 if (!bitnset(DBS_WORLDWRITABLEALIASFILE, DontBlameSendmail))
519 sff |= SFF_NOWWFILES;
521 /* try to lock the source file */
522 if ((af = safefopen(map->map_file, O_RDWR, 0, sff)) == NULL)
526 if ((errno != EACCES && errno != EROFS) || automatic ||
527 (af = safefopen(map->map_file, O_RDONLY, 0, sff)) == NULL)
532 sm_dprintf("Can't open %s: %s\n",
533 map->map_file, sm_errstring(saveerr));
534 if (!automatic && !bitset(MF_OPTIONAL, map->map_mflags))
535 message("newaliases: cannot open %s: %s",
536 map->map_file, sm_errstring(saveerr));
542 fstat(sm_io_getinfo(af, SM_IO_WHAT_FD, NULL), &stb) < 0 ||
543 bitset(S_IWUSR|S_IWGRP|S_IWOTH, stb.st_mode))
544 message("warning: cannot lock %s: %s",
545 map->map_file, sm_errstring(errno));
548 /* see if someone else is rebuilding the alias file */
550 !lockfile(sm_io_getinfo(af, SM_IO_WHAT_FD, NULL), map->map_file,
551 NULL, LOCK_EX|LOCK_NB))
553 /* yes, they are -- wait until done */
554 message("Alias file %s is locked (maybe being rebuilt)",
556 if (OpMode != MD_INITALIAS)
558 /* wait for other rebuild to complete */
559 (void) lockfile(sm_io_getinfo(af, SM_IO_WHAT_FD, NULL),
560 map->map_file, NULL, LOCK_EX);
562 (void) sm_io_close(af, SM_TIME_DEFAULT);
567 oldsigint = sm_signal(SIGINT, SIG_IGN);
568 oldsigquit = sm_signal(SIGQUIT, SIG_IGN);
570 oldsigtstp = sm_signal(SIGTSTP, SIG_IGN);
573 if (map->map_class->map_open(map, O_RDWR))
577 sm_syslog(LOG_NOTICE, NOQID,
578 "alias database %s %srebuilt by %s",
579 map->map_file, automatic ? "auto" : "",
582 map->map_mflags |= MF_OPEN|MF_WRITABLE;
583 map->map_pid = CurrentPid;
584 readaliases(map, af, !automatic, true);
590 sm_dprintf("Can't create database for %s: %s\n",
591 map->map_file, sm_errstring(errno));
593 syserr("Cannot create database for alias file %s",
597 /* close the file, thus releasing locks */
598 (void) sm_io_close(af, SM_TIME_DEFAULT);
600 /* add distinguished entries and close the database */
601 if (bitset(MF_OPEN, map->map_mflags))
603 map->map_mflags |= MF_CLOSING;
604 map->map_class->map_close(map);
605 map->map_mflags &= ~(MF_OPEN|MF_WRITABLE|MF_CLOSING);
608 /* restore the old signals */
609 (void) sm_signal(SIGINT, oldsigint);
610 (void) sm_signal(SIGQUIT, oldsigquit);
612 (void) sm_signal(SIGTSTP, oldsigtstp);
617 ** READALIASES -- read and process the alias file.
619 ** This routine implements the part of initaliases that occurs
620 ** when we are not going to use the DBM stuff.
623 ** map -- the alias database descriptor.
624 ** af -- file to read the aliases from.
625 ** announcestats -- announce statistics regarding number of
626 ** aliases, longest alias, etc.
627 ** logstats -- lot the same info.
633 ** Reads aliasfile into the symbol table.
634 ** Optionally, builds the .dir & .pag files.
638 readaliases(map, af, announcestats, logstats)
647 long naliases, bytes, longest;
652 ** Read and interpret lines
655 FileName = map->map_file;
657 naliases = bytes = longest = 0;
659 while (sm_io_fgets(af, SM_TIME_DEFAULT, line, sizeof line) != NULL)
661 int lhssize, rhssize;
665 p = strchr(line, '\n');
667 /* XXX what if line="a\\" ? */
668 while (p != NULL && p > line && p[-1] == '\\')
671 if (sm_io_fgets(af, SM_TIME_DEFAULT, p,
672 SPACELEFT(line, p)) == NULL)
679 else if (!sm_io_eof(af))
682 syserr("554 5.3.0 alias line too long");
684 /* flush to end of line */
685 while ((c = sm_io_getc(af, SM_TIME_DEFAULT)) !=
686 SM_IO_EOF && c != '\n')
689 /* skip any continuation lines */
703 syserr("554 5.3.5 Non-continuation line starts with space");
711 ** Find the colon separator, and parse the address.
712 ** It should resolve to a local name -- this will
713 ** be checked later (we want to optionally do
714 ** parsing of the RHS first to maximize error
718 for (p = line; *p != '\0' && *p != ':' && *p != '\n'; p++)
722 syserr("554 5.3.5 missing colon");
725 if (parseaddr(line, &al, RF_COPYALL, ':', NULL, CurEnv, true)
728 syserr("554 5.3.5 %.40s... illegal alias name", line);
734 ** 'al' is the internal form of the LHS address.
735 ** 'p' points to the text of the RHS.
738 while (isascii(*p) && isspace(*p))
746 if (nlp > p && nlp[-1] == '\n')
751 /* do parsing & compression of addresses */
756 while ((isascii(*p) && isspace(*p)) ||
761 if (parseaddr(p, &bl, RF_COPYNONE, ',',
762 &delimptr, CurEnv, true)
764 usrerr("553 5.3.5 %s... bad address", p);
773 /* see if there should be a continuation line */
774 c = sm_io_getc(af, SM_TIME_DEFAULT);
776 (void) sm_io_ungetc(af, SM_TIME_DEFAULT, c);
777 if (c != ' ' && c != '\t')
780 /* read continuation line */
781 if (sm_io_fgets(af, SM_TIME_DEFAULT, p,
782 sizeof line - (p-line)) == NULL)
786 /* check for line overflow */
787 if (strchr(p, '\n') == NULL && !sm_io_eof(af))
789 usrerr("554 5.3.5 alias too long");
790 while ((c = sm_io_getc(af, SM_TIME_DEFAULT))
791 != SM_IO_EOF && c != '\n')
801 if (!bitnset(M_ALIASABLE, al.q_mailer->m_flags))
803 syserr("554 5.3.5 %s... cannot alias non-local names",
809 ** Insert alias into symbol table or database file.
811 ** Special case pOStmaStER -- always make it lower case.
814 if (sm_strcasecmp(al.q_user, "postmaster") == 0)
815 makelower(al.q_user);
817 lhssize = strlen(al.q_user);
818 rhssize = strlen(rhs);
821 /* is RHS empty (just spaces)? */
823 while (isascii(*p) && isspace(*p))
826 if (rhssize == 0 || *p == '\0')
828 syserr("554 5.3.5 %.40s... missing value for alias",
834 map->map_class->map_store(map, al.q_user, rhs);
838 bytes += lhssize + rhssize;
839 if (rhssize > longest)
845 ** address strings are now stored in the envelope rpool,
846 ** and therefore cannot be freed.
848 if (al.q_paddr != NULL)
849 sm_free(al.q_paddr); /* disabled */
850 if (al.q_host != NULL)
851 sm_free(al.q_host); /* disabled */
852 if (al.q_user != NULL)
853 sm_free(al.q_user); /* disabled */
859 if (Verbose || announcestats)
860 message("%s: %ld aliases, longest %ld bytes, %ld bytes total",
861 map->map_file, naliases, longest, bytes);
862 if (LogLevel > 7 && logstats)
863 sm_syslog(LOG_INFO, NOQID,
864 "%s: %ld aliases, longest %ld bytes, %ld bytes total",
865 map->map_file, naliases, longest, bytes);
868 ** FORWARD -- Try to forward mail
870 ** This is similar but not identical to aliasing.
873 ** user -- the name of the user who's mail we would like
874 ** to forward to. It must have been verified --
875 ** i.e., the q_home field must have been filled
877 ** sendq -- a pointer to the head of the send queue to
878 ** put this user's aliases in.
879 ** aliaslevel -- the current alias nesting depth.
880 ** e -- the current envelope.
886 ** New names are added to send queues.
890 forward(user, sendq, aliaslevel, e)
894 register ENVELOPE *e;
901 sm_dprintf("forward(%s)\n", user->q_paddr);
903 if (!bitnset(M_HASPWENT, user->q_mailer->m_flags) ||
904 !QS_IS_OK(user->q_state))
906 if (ForwardPath != NULL && *ForwardPath == '\0')
908 if (user->q_home == NULL)
910 syserr("554 5.3.0 forward: no home");
911 user->q_home = "/no/such/directory";
914 /* good address -- look for .forward file in home */
915 macdefine(&e->e_macro, A_PERM, 'z', user->q_home);
916 macdefine(&e->e_macro, A_PERM, 'u', user->q_user);
917 macdefine(&e->e_macro, A_PERM, 'h', user->q_host);
918 if (ForwardPath == NULL)
919 ForwardPath = newstr("\201z/.forward");
921 got_transient = false;
922 for (pp = ForwardPath; pp != NULL; pp = ep)
925 char buf[MAXPATHLEN];
928 ep = strchr(pp, SEPARATOR);
931 expand(pp, buf, sizeof buf, e);
937 sm_dprintf("forward: trying %s\n", buf);
939 err = include(buf, true, user, sendq, aliaslevel, e);
942 else if (transienterror(err))
944 /* we may have to suspend this message */
945 got_transient = true;
947 sm_dprintf("forward: transient error on %s\n",
951 char *curhost = CurHostName;
954 sm_syslog(LOG_ERR, e->e_id,
955 "forward %s: transient error: %s",
956 buf, sm_errstring(err));
957 CurHostName = curhost;
970 /* check if it even exists */
971 if (stat(buf, &st) < 0 && errno == ENOENT)
973 if (bitnset(DBS_DONTWARNFORWARDFILEINUNSAFEDIRPATH,
979 #if _FFR_FORWARD_SYSERR
986 syserr("forward: %s: %s", buf, sm_errstring(err));
988 #endif /* _FFR_FORWARD_SYSERR */
991 if (LogLevel > (RunAsUid == 0 ? 2 : 10))
992 sm_syslog(LOG_WARNING, e->e_id,
993 "forward %s: %s", buf,
996 message("forward: %s: %s",
997 buf, sm_errstring(err));
1002 if (pp == NULL && got_transient)
1005 ** There was no successful .forward open and at least one
1006 ** transient open. We have to defer this address for
1007 ** further delivery.
1010 message("transient .forward open error: message queued");
1011 user->q_state = QS_QUEUEUP;