2 * Copyright (c) 1999-2003 Sendmail, Inc. and its suppliers.
5 * By using this file, you agree to the terms and conditions set
6 * forth in the LICENSE file which can be found at the top level of
7 * the sendmail distribution.
13 SM_RCSID("@(#)$Id: milter.c,v 8.197.2.9 2003/09/07 00:18:29 ca Exp $")
16 # include <libmilter/mfapi.h>
17 # include <libmilter/mfdef.h>
20 # include <sys/time.h>
22 # if NETINET || NETINET6
23 # include <arpa/inet.h>
24 # endif /* NETINET || NETINET6 */
26 # include <sm/fdset.h>
28 static void milter_connect_timeout __P((void));
29 static void milter_error __P((struct milter *, ENVELOPE *));
30 static int milter_open __P((struct milter *, bool, ENVELOPE *));
31 static void milter_parse_timeouts __P((char *, struct milter *));
33 static char *MilterConnectMacros[MAXFILTERMACROS + 1];
34 static char *MilterHeloMacros[MAXFILTERMACROS + 1];
35 static char *MilterEnvFromMacros[MAXFILTERMACROS + 1];
36 static char *MilterEnvRcptMacros[MAXFILTERMACROS + 1];
38 # define MILTER_CHECK_DONE_MSG() \
39 if (*state == SMFIR_REPLYCODE || \
40 *state == SMFIR_REJECT || \
41 *state == SMFIR_DISCARD || \
42 *state == SMFIR_TEMPFAIL) \
44 /* Abort the filters to let them know we are done with msg */ \
49 # define MILTER_CHECK_ERROR(initial, action) \
50 if (!initial && tTd(71, 100)) \
52 if (e->e_quarmsg == NULL) \
54 e->e_quarmsg = sm_rpool_strdup_x(e->e_rpool, \
56 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), \
60 else if (tTd(71, 101)) \
62 if (e->e_quarmsg == NULL) \
64 e->e_quarmsg = sm_rpool_strdup_x(e->e_rpool, \
66 macdefine(&e->e_macro, A_PERM, macid("{quarantine}"), \
70 else if (bitnset(SMF_TEMPFAIL, m->mf_flags)) \
71 *state = SMFIR_TEMPFAIL; \
72 else if (bitnset(SMF_REJECT, m->mf_flags)) \
73 *state = SMFIR_REJECT; \
76 # else /* _FFR_QUARANTINE */
77 # define MILTER_CHECK_ERROR(initial, action) \
78 if (bitnset(SMF_TEMPFAIL, m->mf_flags)) \
79 *state = SMFIR_TEMPFAIL; \
80 else if (bitnset(SMF_REJECT, m->mf_flags)) \
81 *state = SMFIR_REJECT; \
84 # endif /* _FFR_QUARANTINE */
86 # define MILTER_CHECK_REPLYCODE(default) \
87 if (response == NULL || \
88 strlen(response) + 1 != (size_t) rlen || \
90 (response[0] != '4' && response[0] != '5') || \
91 !isascii(response[1]) || !isdigit(response[1]) || \
92 !isascii(response[2]) || !isdigit(response[2])) \
94 if (response != NULL) \
95 sm_free(response); /* XXX */ \
96 response = newstr(default); \
100 char *ptr = response; \
102 /* Check for unprotected %'s in the string */ \
103 while (*ptr != '\0') \
105 if (*ptr == '%' && *++ptr != '%') \
107 sm_free(response); /* XXX */ \
108 response = newstr(default); \
115 # define MILTER_DF_ERROR(msg) \
117 int save_errno = errno; \
121 sm_dprintf(msg, dfname, sm_errstring(save_errno)); \
124 if (MilterLogLevel > 0) \
125 sm_syslog(LOG_ERR, e->e_id, msg, dfname, sm_errstring(save_errno)); \
126 if (SuperSafe == SAFE_REALLY) \
128 if (e->e_dfp != NULL) \
130 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT); \
133 e->e_flags &= ~EF_HAS_DF; \
135 errno = save_errno; \
139 ** MILTER_TIMEOUT -- make sure socket is ready in time
142 ** routine -- routine name for debug/logging
143 ** secs -- number of seconds in timeout
144 ** write -- waiting to read or write?
145 ** started -- whether this is part of a previous sequence
147 ** Assumes 'm' is a milter structure for the current socket.
150 # define MILTER_TIMEOUT(routine, secs, write, started) \
157 if (SM_FD_SETSIZE > 0 && m->mf_sock >= SM_FD_SETSIZE) \
160 sm_dprintf("milter_%s(%s): socket %d is larger than FD_SETSIZE %d\n", \
161 (routine), m->mf_name, m->mf_sock, \
163 if (MilterLogLevel > 0) \
164 sm_syslog(LOG_ERR, e->e_id, \
165 "Milter (%s): socket(%s) %d is larger than FD_SETSIZE %d", \
166 m->mf_name, (routine), m->mf_sock, \
168 milter_error(m, e); \
175 SM_FD_SET(m->mf_sock, &fds); \
176 tv.tv_sec = (secs); \
178 ret = select(m->mf_sock + 1, \
179 (write) ? NULL : &fds, \
180 (write) ? &fds : NULL, \
182 } while (ret < 0 && errno == EINTR); \
188 sm_dprintf("milter_%s(%s): timeout\n", (routine), \
190 if (MilterLogLevel > 0) \
191 sm_syslog(LOG_ERR, e->e_id, \
192 "Milter (%s): %s %s %s %s", \
193 m->mf_name, "timeout", \
194 started ? "during" : "before", \
195 "data", (routine)); \
196 milter_error(m, e); \
200 save_errno = errno; \
202 sm_dprintf("milter_%s(%s): select: %s\n", (routine), \
203 m->mf_name, sm_errstring(save_errno)); \
204 if (MilterLogLevel > 0) \
206 sm_syslog(LOG_ERR, e->e_id, \
207 "Milter (%s): select(%s): %s", \
208 m->mf_name, (routine), \
209 sm_errstring(save_errno)); \
211 milter_error(m, e); \
215 if (SM_FD_ISSET(m->mf_sock, &fds)) \
218 sm_dprintf("milter_%s(%s): socket not ready\n", \
219 (routine), m->mf_name); \
220 if (MilterLogLevel > 0) \
222 sm_syslog(LOG_ERR, e->e_id, \
223 "Milter (%s): socket(%s) not ready", \
224 m->mf_name, (routine)); \
226 milter_error(m, e); \
232 ** Low level functions
236 ** MILTER_READ -- read from a remote milter filter
239 ** m -- milter to read from.
240 ** cmd -- return param for command read.
241 ** rlen -- return length of response string.
242 ** to -- timeout in seconds.
243 ** e -- current envelope.
246 ** response string (may be NULL)
250 milter_sysread(m, buf, sz, to, e)
257 time_t readstart = 0;
259 bool started = false;
264 readstart = curtime();
273 if (now - readstart >= to)
276 sm_dprintf("milter_read (%s): %s %s %s",
277 m->mf_name, "timeout",
278 started ? "during" : "before",
280 if (MilterLogLevel > 0)
281 sm_syslog(LOG_ERR, e->e_id,
282 "Milter (%s): %s %s %s",
283 m->mf_name, "timeout",
284 started ? "during" : "before",
289 to -= now - readstart;
291 MILTER_TIMEOUT("read", to, false, started);
294 len = read(m->mf_sock, buf + curl, sz - curl);
298 int save_errno = errno;
301 sm_dprintf("milter_read(%s): read returned %ld: %s\n",
302 m->mf_name, (long) len,
303 sm_errstring(save_errno));
304 if (MilterLogLevel > 0)
305 sm_syslog(LOG_ERR, e->e_id,
306 "Milter (%s): read returned %ld: %s",
307 m->mf_name, (long) len,
308 sm_errstring(save_errno));
315 if (len == 0 || curl >= sz)
323 sm_dprintf("milter_read(%s): cmd read returned %ld, expecting %ld\n",
324 m->mf_name, (long) curl, (long) sz);
325 if (MilterLogLevel > 0)
326 sm_syslog(LOG_ERR, e->e_id,
327 "milter_read(%s): cmd read returned %ld, expecting %ld",
328 m->mf_name, (long) curl, (long) sz);
336 milter_read(m, cmd, rlen, to, e)
343 time_t readstart = 0;
347 char data[MILTER_LEN_BYTES + 1];
353 readstart = curtime();
355 if (milter_sysread(m, data, sizeof data, to, e) == NULL)
364 if (now - readstart >= to)
367 sm_dprintf("milter_read(%s): timeout before data read\n",
369 if (MilterLogLevel > 0)
370 sm_syslog(LOG_ERR, e->e_id,
371 "Milter read(%s): timeout before data read",
376 to -= now - readstart;
379 *cmd = data[MILTER_LEN_BYTES];
380 data[MILTER_LEN_BYTES] = '\0';
381 (void) memcpy(&i, data, MILTER_LEN_BYTES);
385 sm_dprintf("milter_read(%s): expecting %ld bytes\n",
386 m->mf_name, (long) expl);
391 sm_dprintf("milter_read(%s): read size %ld out of range\n",
392 m->mf_name, (long) expl);
393 if (MilterLogLevel > 0)
394 sm_syslog(LOG_ERR, e->e_id,
395 "milter_read(%s): read size %ld out of range",
396 m->mf_name, (long) expl);
404 buf = (char *) xalloc(expl);
406 if (milter_sysread(m, buf, expl, to, e) == NULL)
408 sm_free(buf); /* XXX */
413 sm_dprintf("milter_read(%s): Returning %*s\n",
414 m->mf_name, (int) expl, buf);
419 ** MILTER_WRITE -- write to a remote milter filter
422 ** m -- milter to read from.
423 ** cmd -- command to send.
424 ** buf -- optional command data.
425 ** len -- length of buf.
426 ** to -- timeout in seconds.
427 ** e -- current envelope.
430 ** buf if successful, NULL otherwise
431 ** Not actually used anywhere but function prototype
432 ** must match milter_read()
436 milter_write(m, cmd, buf, len, to, e)
444 time_t writestart = (time_t) 0;
447 char data[MILTER_LEN_BYTES + 1];
448 bool started = false;
450 if (len < 0 || len > MILTER_CHUNK_SIZE)
453 sm_dprintf("milter_write(%s): length %ld out of range\n",
454 m->mf_name, (long) len);
455 if (MilterLogLevel > 0)
456 sm_syslog(LOG_ERR, e->e_id,
457 "milter_write(%s): length %ld out of range",
458 m->mf_name, (long) len);
464 sm_dprintf("milter_write(%s): cmd %c, len %ld\n",
465 m->mf_name, cmd, (long) len);
467 nl = htonl(len + 1); /* add 1 for the cmd char */
468 (void) memcpy(data, (char *) &nl, MILTER_LEN_BYTES);
469 data[MILTER_LEN_BYTES] = cmd;
470 sl = MILTER_LEN_BYTES + 1;
474 writestart = curtime();
475 MILTER_TIMEOUT("write", to, true, started);
478 /* use writev() instead to send the whole stuff at once? */
479 i = write(m->mf_sock, (void *) data, sl);
482 int save_errno = errno;
485 sm_dprintf("milter_write (%s): write(%c) returned %ld, expected %ld: %s\n",
486 m->mf_name, cmd, (long) i, (long) sl,
487 sm_errstring(save_errno));
488 if (MilterLogLevel > 0)
489 sm_syslog(LOG_ERR, e->e_id,
490 "Milter (%s): write(%c) returned %ld, expected %ld: %s",
491 m->mf_name, cmd, (long) i, (long) sl,
492 sm_errstring(save_errno));
497 if (len <= 0 || buf == NULL)
501 sm_dprintf("milter_write(%s): Sending %*s\n",
502 m->mf_name, (int) len, buf);
510 if (now - writestart >= to)
513 sm_dprintf("milter_write(%s): timeout before data write\n",
515 if (MilterLogLevel > 0)
516 sm_syslog(LOG_ERR, e->e_id,
517 "Milter (%s): timeout before data write",
524 to -= now - writestart;
525 MILTER_TIMEOUT("write", to, true, started);
529 i = write(m->mf_sock, (void *) buf, len);
532 int save_errno = errno;
535 sm_dprintf("milter_write(%s): write(%c) returned %ld, expected %ld: %s\n",
536 m->mf_name, cmd, (long) i, (long) sl,
537 sm_errstring(save_errno));
538 if (MilterLogLevel > 0)
539 sm_syslog(LOG_ERR, e->e_id,
540 "Milter (%s): write(%c) returned %ld, expected %ld: %s",
541 m->mf_name, cmd, (long) i, (long) len,
542 sm_errstring(save_errno));
554 ** MILTER_OPEN -- connect to remote milter filter
557 ** m -- milter to connect to.
558 ** parseonly -- parse but don't connect.
559 ** e -- current envelope.
562 ** connected socket if successful && !parseonly,
563 ** 0 upon parse success if parseonly,
567 static jmp_buf MilterConnectTimeout;
570 milter_open(m, parseonly, e)
576 SOCKADDR_LEN_T addrlen = 0;
582 struct hostent *hp = NULL;
585 if (m->mf_conn == NULL || m->mf_conn[0] == '\0')
588 sm_dprintf("X%s: empty or missing socket information\n",
591 syserr("X%s: empty or missing socket information",
593 else if (MilterLogLevel > 0)
594 sm_syslog(LOG_ERR, e->e_id,
595 "Milter (%s): empty or missing socket information",
601 /* protocol:filename or protocol:port@host */
602 memset(&addr, '\0', sizeof addr);
604 colon = strchr(p, ':');
612 /* default to AF_UNIX */
613 addr.sa.sa_family = AF_UNIX;
616 /* default to AF_INET */
617 addr.sa.sa_family = AF_INET;
620 /* default to AF_INET6 */
621 addr.sa.sa_family = AF_INET6;
622 # else /* NETINET6 */
623 /* no protocols available */
624 if (MilterLogLevel > 0)
625 sm_syslog(LOG_ERR, e->e_id,
626 "Milter (%s): no valid socket protocols available",
630 # endif /* NETINET6 */
631 # endif /* NETINET */
632 # endif /* NETUNIX */
635 else if (sm_strcasecmp(p, "unix") == 0 ||
636 sm_strcasecmp(p, "local") == 0)
637 addr.sa.sa_family = AF_UNIX;
638 # endif /* NETUNIX */
640 else if (sm_strcasecmp(p, "inet") == 0)
641 addr.sa.sa_family = AF_INET;
642 # endif /* NETINET */
644 else if (sm_strcasecmp(p, "inet6") == 0)
645 addr.sa.sa_family = AF_INET6;
646 # endif /* NETINET6 */
649 # ifdef EPROTONOSUPPORT
650 errno = EPROTONOSUPPORT;
651 # else /* EPROTONOSUPPORT */
653 # endif /* EPROTONOSUPPORT */
655 sm_dprintf("X%s: unknown socket type %s\n",
658 syserr("X%s: unknown socket type %s",
660 else if (MilterLogLevel > 0)
661 sm_syslog(LOG_ERR, e->e_id,
662 "Milter (%s): unknown socket type %s",
671 /* default to AF_UNIX */
672 addr.sa.sa_family = AF_UNIX;
677 if (addr.sa.sa_family == AF_UNIX)
679 long sff = SFF_SAFEDIRPATH|SFF_OPENASROOT|SFF_NOLINK|SFF_EXECOK;
682 if (strlen(colon) >= sizeof addr.sunix.sun_path)
685 sm_dprintf("X%s: local socket name %s too long\n",
689 syserr("X%s: local socket name %s too long",
691 else if (MilterLogLevel > 0)
692 sm_syslog(LOG_ERR, e->e_id,
693 "Milter (%s): local socket name %s too long",
698 errno = safefile(colon, RunAsUid, RunAsGid, RunAsUserName, sff,
699 S_IRUSR|S_IWUSR, NULL);
701 /* if just parsing .cf file, socket doesn't need to exist */
702 if (parseonly && errno == ENOENT)
704 if (OpMode == MD_DAEMON ||
705 OpMode == MD_FGDAEMON)
706 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
707 "WARNING: X%s: local socket name %s missing\n",
712 /* if not safe, don't create */
715 sm_dprintf("X%s: local socket name %s unsafe\n",
720 if (OpMode == MD_DAEMON ||
721 OpMode == MD_FGDAEMON ||
723 syserr("X%s: local socket name %s unsafe",
726 else if (MilterLogLevel > 0)
727 sm_syslog(LOG_ERR, e->e_id,
728 "Milter (%s): local socket name %s unsafe",
734 (void) sm_strlcpy(addr.sunix.sun_path, colon,
735 sizeof addr.sunix.sun_path);
736 addrlen = sizeof (struct sockaddr_un);
739 # endif /* NETUNIX */
740 # if NETINET || NETINET6
743 || addr.sa.sa_family == AF_INET
744 # endif /* NETINET */
746 || addr.sa.sa_family == AF_INET6
747 # endif /* NETINET6 */
752 /* Parse port@host */
753 at = strchr(colon, '@');
757 sm_dprintf("X%s: bad address %s (expected port@host)\n",
760 syserr("X%s: bad address %s (expected port@host)",
762 else if (MilterLogLevel > 0)
763 sm_syslog(LOG_ERR, e->e_id,
764 "Milter (%s): bad address %s (expected port@host)",
770 if (isascii(*colon) && isdigit(*colon))
771 port = htons((unsigned short) atoi(colon));
774 # ifdef NO_GETSERVBYNAME
776 sm_dprintf("X%s: invalid port number %s\n",
779 syserr("X%s: invalid port number %s",
781 else if (MilterLogLevel > 0)
782 sm_syslog(LOG_ERR, e->e_id,
783 "Milter (%s): invalid port number %s",
787 # else /* NO_GETSERVBYNAME */
788 register struct servent *sp;
790 sp = getservbyname(colon, "tcp");
795 sm_dprintf("X%s: unknown port name %s\n",
799 syserr("X%s: unknown port name %s",
801 else if (MilterLogLevel > 0)
802 sm_syslog(LOG_ERR, e->e_id,
803 "Milter (%s): unknown port name %s",
809 # endif /* NO_GETSERVBYNAME */
816 end = strchr(at, ']');
821 unsigned long hid = INADDR_NONE;
822 # endif /* NETINET */
824 struct sockaddr_in6 hid6;
825 # endif /* NETINET6 */
829 if (addr.sa.sa_family == AF_INET &&
830 (hid = inet_addr(&at[1])) != INADDR_NONE)
832 addr.sin.sin_addr.s_addr = hid;
833 addr.sin.sin_port = port;
836 # endif /* NETINET */
838 (void) memset(&hid6, '\0', sizeof hid6);
839 if (addr.sa.sa_family == AF_INET6 &&
840 anynet_pton(AF_INET6, &at[1],
841 &hid6.sin6_addr) == 1)
843 addr.sin6.sin6_addr = hid6.sin6_addr;
844 addr.sin6.sin6_port = port;
847 # endif /* NETINET6 */
852 sm_dprintf("X%s: Invalid numeric domain spec \"%s\"\n",
855 syserr("X%s: Invalid numeric domain spec \"%s\"",
857 else if (MilterLogLevel > 0)
858 sm_syslog(LOG_ERR, e->e_id,
859 "Milter (%s): Invalid numeric domain spec \"%s\"",
868 sm_dprintf("X%s: Invalid numeric domain spec \"%s\"\n",
871 syserr("X%s: Invalid numeric domain spec \"%s\"",
873 else if (MilterLogLevel > 0)
874 sm_syslog(LOG_ERR, e->e_id,
875 "Milter (%s): Invalid numeric domain spec \"%s\"",
883 hp = sm_gethostbyname(at, addr.sa.sa_family);
888 sm_dprintf("X%s: Unknown host name %s\n",
892 syserr("X%s: Unknown host name %s",
894 else if (MilterLogLevel > 0)
895 sm_syslog(LOG_ERR, e->e_id,
896 "Milter (%s): Unknown host name %s",
901 addr.sa.sa_family = hp->h_addrtype;
902 switch (hp->h_addrtype)
906 memmove(&addr.sin.sin_addr,
907 hp->h_addr, INADDRSZ);
908 addr.sin.sin_port = port;
909 addrlen = sizeof (struct sockaddr_in);
912 # endif /* NETINET */
916 memmove(&addr.sin6.sin6_addr,
917 hp->h_addr, IN6ADDRSZ);
918 addr.sin6.sin6_port = port;
919 addrlen = sizeof (struct sockaddr_in6);
922 # endif /* NETINET6 */
926 sm_dprintf("X%s: Unknown protocol for %s (%d)\n",
930 syserr("X%s: Unknown protocol for %s (%d)",
931 m->mf_name, at, hp->h_addrtype);
932 else if (MilterLogLevel > 0)
933 sm_syslog(LOG_ERR, e->e_id,
934 "Milter (%s): Unknown protocol for %s (%d)",
940 # endif /* NETINET6 */
946 # endif /* NETINET || NETINET6 */
949 sm_dprintf("X%s: unknown socket protocol\n",
952 syserr("X%s: unknown socket protocol", m->mf_name);
953 else if (MilterLogLevel > 0)
954 sm_syslog(LOG_ERR, e->e_id,
955 "Milter (%s): unknown socket protocol",
961 /* just parsing through? */
964 m->mf_state = SMFS_READY;
968 # endif /* NETINET6 */
973 if (m->mf_state != SMFS_READY &&
974 m->mf_state != SMFS_CLOSED)
976 /* shouldn't happen */
978 sm_dprintf("Milter (%s): Trying to open filter in state %c\n",
979 m->mf_name, (char) m->mf_state);
984 # endif /* NETINET6 */
988 /* nope, actually connecting */
991 sock = socket(addr.sa.sa_family, SOCK_STREAM, 0);
996 sm_dprintf("Milter (%s): error creating socket: %s\n",
998 sm_errstring(save_errno));
999 if (MilterLogLevel > 0)
1000 sm_syslog(LOG_ERR, e->e_id,
1001 "Milter (%s): error creating socket: %s",
1002 m->mf_name, sm_errstring(save_errno));
1007 # endif /* NETINET6 */
1011 if (setjmp(MilterConnectTimeout) == 0)
1013 SM_EVENT *ev = NULL;
1016 if (m->mf_timeout[SMFTO_CONNECT] > 0)
1017 ev = sm_setevent(m->mf_timeout[SMFTO_CONNECT],
1018 milter_connect_timeout, 0);
1020 i = connect(sock, (struct sockaddr *) &addr, addrlen);
1029 /* couldn't connect.... try next address */
1034 sm_dprintf("milter_open (%s): open %s failed: %s\n",
1035 m->mf_name, at, sm_errstring(save_errno));
1036 if (MilterLogLevel > 13)
1037 sm_syslog(LOG_INFO, e->e_id,
1038 "Milter (%s): open %s failed: %s",
1039 m->mf_name, at, sm_errstring(save_errno));
1043 /* try next address */
1044 if (hp != NULL && hp->h_addr_list[addrno] != NULL)
1046 switch (addr.sa.sa_family)
1050 memmove(&addr.sin.sin_addr,
1051 hp->h_addr_list[addrno++],
1054 # endif /* NETINET */
1058 memmove(&addr.sin6.sin6_addr,
1059 hp->h_addr_list[addrno++],
1062 # endif /* NETINET6 */
1066 sm_dprintf("X%s: Unknown protocol for %s (%d)\n",
1069 if (MilterLogLevel > 0)
1070 sm_syslog(LOG_ERR, e->e_id,
1071 "Milter (%s): Unknown protocol for %s (%d)",
1077 # endif /* NETINET6 */
1085 sm_dprintf("X%s: error connecting to filter: %s\n",
1086 m->mf_name, sm_errstring(save_errno));
1087 if (MilterLogLevel > 0)
1088 sm_syslog(LOG_ERR, e->e_id,
1089 "Milter (%s): error connecting to filter: %s",
1090 m->mf_name, sm_errstring(save_errno));
1096 # endif /* NETINET6 */
1099 m->mf_state = SMFS_OPEN;
1106 # endif /* NETINET6 */
1111 milter_connect_timeout()
1114 ** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
1115 ** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
1120 longjmp(MilterConnectTimeout, 1);
1123 ** MILTER_SETUP -- setup structure for a mail filter
1126 ** line -- the options line.
1138 register struct milter *m;
1141 /* collect the filter name */
1143 *p != '\0' && *p != ',' && !(isascii(*p) && isspace(*p));
1148 if (line[0] == '\0')
1150 syserr("name required for mail filter");
1153 m = (struct milter *) xalloc(sizeof *m);
1154 memset((char *) m, '\0', sizeof *m);
1155 m->mf_name = newstr(line);
1156 m->mf_state = SMFS_READY;
1158 m->mf_timeout[SMFTO_CONNECT] = (time_t) 300;
1159 m->mf_timeout[SMFTO_WRITE] = (time_t) 10;
1160 m->mf_timeout[SMFTO_READ] = (time_t) 10;
1161 m->mf_timeout[SMFTO_EOM] = (time_t) 300;
1163 /* now scan through and assign info from the fields */
1168 while (*p != '\0' &&
1169 (*p == ',' || (isascii(*p) && isspace(*p))))
1172 /* p now points to field code */
1174 while (*p != '\0' && *p != '=' && *p != ',')
1178 syserr("X%s: `=' expected", m->mf_name);
1181 while (isascii(*p) && isspace(*p))
1184 /* p now points to the field body */
1185 p = munchstring(p, &delimptr, ',');
1187 /* install the field into the filter struct */
1190 case 'S': /* socket */
1194 m->mf_conn = newstr(p);
1197 case 'F': /* Milter flags configured on MTA */
1198 for (; *p != '\0'; p++)
1200 if (!(isascii(*p) && isspace(*p)))
1201 setbitn(bitidx(*p), m->mf_flags);
1205 case 'T': /* timeouts */
1206 milter_parse_timeouts(p, m);
1210 syserr("X%s: unknown filter equate %c=",
1217 /* early check for errors */
1218 (void) milter_open(m, true, CurEnv);
1220 /* enter the filter into the symbol table */
1221 s = stab(m->mf_name, ST_MILTER, ST_ENTER);
1222 if (s->s_milter != NULL)
1223 syserr("X%s: duplicate filter definition", m->mf_name);
1228 ** MILTER_CONFIG -- parse option list into an array and check config
1230 ** Called when reading configuration file.
1233 ** spec -- the filter list.
1234 ** list -- the array to fill in.
1235 ** max -- the maximum number of entries in list.
1242 milter_config(spec, list, max)
1244 struct milter **list;
1250 /* leave one for the NULL signifying the end of the list */
1253 for (p = spec; p != NULL; )
1257 while (isascii(*p) && isspace(*p))
1263 if (numitems >= max)
1265 syserr("Too many filters defined, %d max", max);
1270 #if _FFR_MILTER_PERDAEMON
1271 p = strpbrk(p, ";,");
1272 #else /* _FFR_MILTER_PERDAEMON */
1273 p = strpbrk(p, ",");
1274 #endif /* _FFR_MILTER_PERDAEMON */
1278 s = stab(spec, ST_MILTER, ST_FIND);
1281 syserr("InputFilter %s not defined", spec);
1282 ExitStat = EX_CONFIG;
1285 list[numitems++] = s->s_milter;
1287 list[numitems] = NULL;
1289 /* if not set, set to LogLevel */
1290 if (MilterLogLevel == -1)
1291 MilterLogLevel = LogLevel;
1294 ** MILTER_PARSE_TIMEOUTS -- parse timeout list
1296 ** Called when reading configuration file.
1299 ** spec -- the timeout list.
1300 ** m -- milter to set.
1307 milter_parse_timeouts(spec, m)
1316 /* now scan through and assign info from the fields */
1321 while (*p != '\0' &&
1322 (*p == ';' || (isascii(*p) && isspace(*p))))
1325 /* p now points to field code */
1327 while (*p != '\0' && *p != ':')
1331 syserr("X%s, T=: `:' expected", m->mf_name);
1334 while (isascii(*p) && isspace(*p))
1337 /* p now points to the field body */
1338 p = munchstring(p, &delimptr, ';');
1340 /* install the field into the filter struct */
1344 m->mf_timeout[SMFTO_CONNECT] = convtime(p, 's');
1346 sm_dprintf("X%s: %c=%lu\n",
1348 (unsigned long) m->mf_timeout[SMFTO_CONNECT]);
1352 m->mf_timeout[SMFTO_WRITE] = convtime(p, 's');
1354 sm_dprintf("X%s: %c=%lu\n",
1356 (unsigned long) m->mf_timeout[SMFTO_WRITE]);
1360 m->mf_timeout[SMFTO_READ] = convtime(p, 's');
1362 sm_dprintf("X%s: %c=%lu\n",
1364 (unsigned long) m->mf_timeout[SMFTO_READ]);
1368 m->mf_timeout[SMFTO_EOM] = convtime(p, 's');
1370 sm_dprintf("X%s: %c=%lu\n",
1372 (unsigned long) m->mf_timeout[SMFTO_EOM]);
1377 sm_dprintf("X%s: %c unknown\n",
1379 syserr("X%s: unknown filter timeout %c",
1387 ** MILTER_SET_OPTION -- set an individual milter option
1390 ** name -- the name of the option.
1391 ** val -- the value of the option.
1392 ** sticky -- if set, don't let other setoptions override
1399 /* set if Milter sub-option is stuck */
1400 static BITMAP256 StickyMilterOpt;
1402 static struct milteropt
1404 char *mo_name; /* long name of milter option */
1405 unsigned char mo_code; /* code for option */
1408 # define MO_MACROS_CONNECT 0x01
1409 { "macros.connect", MO_MACROS_CONNECT },
1410 # define MO_MACROS_HELO 0x02
1411 { "macros.helo", MO_MACROS_HELO },
1412 # define MO_MACROS_ENVFROM 0x03
1413 { "macros.envfrom", MO_MACROS_ENVFROM },
1414 # define MO_MACROS_ENVRCPT 0x04
1415 { "macros.envrcpt", MO_MACROS_ENVRCPT },
1416 # define MO_LOGLEVEL 0x05
1417 { "loglevel", MO_LOGLEVEL },
1422 milter_set_option(name, val, sticky)
1428 register struct milteropt *mo;
1430 char **macros = NULL;
1432 if (tTd(37, 2) || tTd(64, 5))
1433 sm_dprintf("milter_set_option(%s = %s)", name, val);
1437 syserr("milter_set_option: invalid Milter option, must specify suboption");
1441 for (mo = MilterOptTab; mo->mo_name != NULL; mo++)
1443 if (sm_strcasecmp(mo->mo_name, name) == 0)
1447 if (mo->mo_name == NULL)
1449 syserr("milter_set_option: invalid Milter option %s", name);
1454 ** See if this option is preset for us.
1457 if (!sticky && bitnset(mo->mo_code, StickyMilterOpt))
1459 if (tTd(37, 2) || tTd(64,5))
1460 sm_dprintf(" (ignored)\n");
1464 if (tTd(37, 2) || tTd(64,5))
1467 switch (mo->mo_code)
1470 MilterLogLevel = atoi(val);
1473 case MO_MACROS_CONNECT:
1475 macros = MilterConnectMacros;
1478 case MO_MACROS_HELO:
1480 macros = MilterHeloMacros;
1483 case MO_MACROS_ENVFROM:
1485 macros = MilterEnvFromMacros;
1488 case MO_MACROS_ENVRCPT:
1490 macros = MilterEnvRcptMacros;
1497 /* Skip leading commas, spaces */
1498 while (*p != '\0' &&
1499 (*p == ',' || (isascii(*p) && isspace(*p))))
1505 /* Find end of macro */
1507 while (*p != '\0' && *p != ',' &&
1508 isascii(*p) && !isspace(*p))
1513 if (nummac >= MAXFILTERMACROS)
1515 syserr("milter_set_option: too many macros in Milter.%s (max %d)",
1516 name, MAXFILTERMACROS);
1517 macros[nummac] = NULL;
1520 macros[nummac++] = macro;
1522 macros[nummac] = NULL;
1526 syserr("milter_set_option: invalid Milter option %s", name);
1530 setbitn(mo->mo_code, StickyMilterOpt);
1533 ** MILTER_REOPEN_DF -- open & truncate the data file (for replbody)
1536 ** e -- current envelope.
1539 ** 0 if succesful, -1 otherwise
1546 char dfname[MAXPATHLEN];
1548 (void) sm_strlcpy(dfname, queuename(e, DATAFL_LETTER), sizeof dfname);
1551 ** In SuperSafe == SAFE_REALLY mode, e->e_dfp is a read-only FP so
1552 ** close and reopen writable (later close and reopen
1553 ** read only again).
1555 ** In SuperSafe != SAFE_REALLY mode, e->e_dfp still points at the
1556 ** buffered file I/O descriptor, still open for writing
1557 ** so there isn't as much work to do, just truncate it
1561 if (SuperSafe == SAFE_REALLY)
1563 /* close read-only data file */
1564 if (bitset(EF_HAS_DF, e->e_flags) && e->e_dfp != NULL)
1566 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
1567 e->e_flags &= ~EF_HAS_DF;
1571 if ((e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, dfname,
1572 SM_IO_RDWR_B, NULL)) == NULL)
1574 MILTER_DF_ERROR("milter_reopen_df: sm_io_open %s: %s");
1578 else if (e->e_dfp == NULL)
1580 /* shouldn't happen */
1582 MILTER_DF_ERROR("milter_reopen_df: NULL e_dfp (%s: %s)");
1588 ** MILTER_RESET_DF -- re-open read-only the data file (for replbody)
1591 ** e -- current envelope.
1594 ** 0 if succesful, -1 otherwise
1602 char dfname[MAXPATHLEN];
1604 (void) sm_strlcpy(dfname, queuename(e, DATAFL_LETTER), sizeof dfname);
1606 if (sm_io_flush(e->e_dfp, SM_TIME_DEFAULT) != 0 ||
1607 sm_io_error(e->e_dfp))
1609 MILTER_DF_ERROR("milter_reset_df: error writing/flushing %s: %s");
1612 else if (SuperSafe != SAFE_REALLY)
1614 /* skip next few clauses */
1617 else if ((afd = sm_io_getinfo(e->e_dfp, SM_IO_WHAT_FD, NULL)) >= 0
1620 MILTER_DF_ERROR("milter_reset_df: error sync'ing %s: %s");
1623 else if (sm_io_close(e->e_dfp, SM_TIME_DEFAULT) < 0)
1625 MILTER_DF_ERROR("milter_reset_df: error closing %s: %s");
1628 else if ((e->e_dfp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, dfname,
1629 SM_IO_RDONLY_B, NULL)) == NULL)
1631 MILTER_DF_ERROR("milter_reset_df: error reopening %s: %s");
1635 e->e_flags |= EF_HAS_DF;
1639 ** MILTER_CAN_DELRCPTS -- can any milter filters delete recipients?
1645 ** true if any filter deletes recipients, false otherwise
1649 milter_can_delrcpts()
1655 sm_dprintf("milter_can_delrcpts:");
1657 for (i = 0; InputFilters[i] != NULL; i++)
1659 struct milter *m = InputFilters[i];
1661 if (bitset(SMFIF_DELRCPT, m->mf_fflags))
1668 sm_dprintf("%s\n", can ? "true" : "false");
1673 ** MILTER_QUIT_FILTER -- close down a single filter
1676 ** m -- milter structure of filter to close down.
1677 ** e -- current envelope.
1684 milter_quit_filter(m, e)
1689 sm_dprintf("milter_quit_filter(%s)\n", m->mf_name);
1690 if (MilterLogLevel > 18)
1691 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): quit filter",
1694 /* Never replace error state */
1695 if (m->mf_state == SMFS_ERROR)
1698 if (m->mf_sock < 0 ||
1699 m->mf_state == SMFS_CLOSED ||
1700 m->mf_state == SMFS_READY)
1703 m->mf_state = SMFS_CLOSED;
1707 (void) milter_write(m, SMFIC_QUIT, (char *) NULL, 0,
1708 m->mf_timeout[SMFTO_WRITE], e);
1709 if (m->mf_sock >= 0)
1711 (void) close(m->mf_sock);
1714 if (m->mf_state != SMFS_ERROR)
1715 m->mf_state = SMFS_CLOSED;
1718 ** MILTER_ABORT_FILTER -- tell filter to abort current message
1721 ** m -- milter structure of filter to abort.
1722 ** e -- current envelope.
1729 milter_abort_filter(m, e)
1734 sm_dprintf("milter_abort_filter(%s)\n", m->mf_name);
1735 if (MilterLogLevel > 10)
1736 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): abort filter",
1739 if (m->mf_sock < 0 ||
1740 m->mf_state != SMFS_INMSG)
1743 (void) milter_write(m, SMFIC_ABORT, (char *) NULL, 0,
1744 m->mf_timeout[SMFTO_WRITE], e);
1745 if (m->mf_state != SMFS_ERROR)
1746 m->mf_state = SMFS_DONE;
1749 ** MILTER_SEND_MACROS -- provide macros to the filters
1752 ** m -- milter to send macros to.
1753 ** macros -- macros to send for filter smfi_getsymval().
1754 ** cmd -- which command the macros are associated with.
1755 ** e -- current envelope (for macro access).
1762 milter_send_macros(m, macros, cmd, e)
1776 if (macros == NULL || macros[0] == NULL)
1779 /* put together data */
1780 s = 1; /* for the command character */
1781 for (i = 0; macros[i] != NULL; i++)
1783 mid = macid(macros[i]);
1786 v = macvalue(mid, e);
1789 expand(v, exp, sizeof(exp), e);
1790 s += strlen(macros[i]) + 1 + strlen(exp) + 1;
1796 buf = (char *) xalloc(s);
1799 for (i = 0; macros[i] != NULL; i++)
1801 mid = macid(macros[i]);
1804 v = macvalue(mid, e);
1807 expand(v, exp, sizeof(exp), e);
1810 sm_dprintf("milter_send_macros(%s, %c): %s=%s\n",
1811 m->mf_name, cmd, macros[i], exp);
1813 (void) sm_strlcpy(bp, macros[i], s - (bp - buf));
1814 bp += strlen(bp) + 1;
1815 (void) sm_strlcpy(bp, exp, s - (bp - buf));
1816 bp += strlen(bp) + 1;
1818 (void) milter_write(m, SMFIC_MACRO, buf, s,
1819 m->mf_timeout[SMFTO_WRITE], e);
1820 sm_free(buf); /* XXX */
1824 ** MILTER_SEND_COMMAND -- send a command and return the response for a filter
1827 ** m -- current milter filter
1828 ** command -- command to send.
1829 ** data -- optional command data.
1830 ** sz -- length of buf.
1831 ** e -- current envelope (for e->e_id).
1832 ** state -- return state word.
1835 ** response string (may be NULL)
1839 milter_send_command(m, command, data, sz, e, state)
1849 unsigned long skipflag;
1855 sm_dprintf("milter_send_command(%s): cmd %c len %ld\n",
1856 m->mf_name, (char) command, (long) sz);
1858 /* find skip flag and default failure */
1862 skipflag = SMFIP_NOCONNECT;
1864 defresponse = "554 Command rejected";
1868 skipflag = SMFIP_NOHELO;
1870 defresponse = "550 Command rejected";
1874 skipflag = SMFIP_NOMAIL;
1876 defresponse = "550 5.7.1 Command rejected";
1880 skipflag = SMFIP_NORCPT;
1882 defresponse = "550 5.7.1 Command rejected";
1886 skipflag = SMFIP_NOHDRS;
1888 defresponse = "550 5.7.1 Command rejected";
1892 skipflag = SMFIP_NOBODY;
1894 defresponse = "554 5.7.1 Command rejected";
1898 skipflag = SMFIP_NOEOH;
1900 defresponse = "550 5.7.1 Command rejected";
1908 /* NOTE: not handled by milter_send_command() */
1914 defresponse = "550 5.7.1 Command rejected";
1918 /* check if filter wants this command */
1919 if (skipflag != 0 &&
1920 bitset(skipflag, m->mf_pflags))
1923 /* send the command to the filter */
1924 (void) milter_write(m, command, data, sz,
1925 m->mf_timeout[SMFTO_WRITE], e);
1926 if (m->mf_state == SMFS_ERROR)
1928 MILTER_CHECK_ERROR(false, return NULL);
1932 /* get the response from the filter */
1933 response = milter_read(m, &rcmd, &rlen,
1934 m->mf_timeout[SMFTO_READ], e);
1935 if (m->mf_state == SMFS_ERROR)
1937 MILTER_CHECK_ERROR(false, return NULL);
1942 sm_dprintf("milter_send_command(%s): returned %c\n",
1943 m->mf_name, (char) rcmd);
1947 case SMFIR_REPLYCODE:
1948 MILTER_CHECK_REPLYCODE(defresponse);
1949 if (MilterLogLevel > 10)
1950 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, reject=%s",
1951 m->mf_name, action, response);
1956 if (MilterLogLevel > 10)
1957 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, reject",
1958 m->mf_name, action);
1963 if (MilterLogLevel > 10)
1964 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, discard",
1965 m->mf_name, action);
1969 case SMFIR_TEMPFAIL:
1970 if (MilterLogLevel > 10)
1971 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, tempfail",
1972 m->mf_name, action);
1977 /* this filter is done with message/connection */
1978 if (command == SMFIC_HELO ||
1979 command == SMFIC_CONNECT)
1980 m->mf_state = SMFS_CLOSABLE;
1982 m->mf_state = SMFS_DONE;
1983 if (MilterLogLevel > 10)
1984 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, accepted",
1985 m->mf_name, action);
1988 case SMFIR_CONTINUE:
1989 /* if MAIL command is ok, filter is in message state */
1990 if (command == SMFIC_MAIL)
1991 m->mf_state = SMFS_INMSG;
1992 if (MilterLogLevel > 12)
1993 sm_syslog(LOG_INFO, e->e_id, "milter=%s, action=%s, continue",
1994 m->mf_name, action);
1998 /* Invalid response to command */
1999 if (MilterLogLevel > 0)
2000 sm_syslog(LOG_ERR, e->e_id,
2001 "milter_send_command(%s): action=%s returned bogus response %c",
2002 m->mf_name, action, rcmd);
2007 if (*state != SMFIR_REPLYCODE &&
2010 sm_free(response); /* XXX */
2017 ** MILTER_COMMAND -- send a command and return the response for each filter
2020 ** command -- command to send.
2021 ** data -- optional command data.
2022 ** sz -- length of buf.
2023 ** macros -- macros to send for filter smfi_getsymval().
2024 ** e -- current envelope (for macro access).
2025 ** state -- return state word.
2028 ** response string (may be NULL)
2032 milter_command(command, data, sz, macros, e, state)
2041 char *response = NULL;
2045 sm_dprintf("milter_command: cmd %c len %ld\n",
2046 (char) command, (long) sz);
2048 *state = SMFIR_CONTINUE;
2049 for (i = 0; InputFilters[i] != NULL; i++)
2051 struct milter *m = InputFilters[i];
2053 /* previous problem? */
2054 if (m->mf_state == SMFS_ERROR)
2056 MILTER_CHECK_ERROR(false, continue);
2061 if (m->mf_sock < 0 ||
2062 (m->mf_state != SMFS_OPEN && m->mf_state != SMFS_INMSG))
2065 /* send macros (regardless of whether we send command) */
2066 if (macros != NULL && macros[0] != NULL)
2068 milter_send_macros(m, macros, command, e);
2069 if (m->mf_state == SMFS_ERROR)
2071 MILTER_CHECK_ERROR(false, continue);
2076 if (MilterLogLevel > 21)
2079 response = milter_send_command(m, command, data, sz, e, state);
2081 if (MilterLogLevel > 21)
2083 /* log the time it took for the command per filter */
2084 sm_syslog(LOG_INFO, e->e_id,
2085 "Milter (%s): time command (%c), %d",
2086 m->mf_name, command, (int) (tn - curtime()));
2089 if (*state != SMFIR_CONTINUE)
2095 ** MILTER_NEGOTIATE -- get version and flags from filter
2098 ** m -- milter filter structure.
2099 ** e -- current envelope.
2102 ** 0 on success, -1 otherwise
2106 milter_negotiate(m, e)
2116 char data[MILTER_OPTLEN];
2119 if (m->mf_sock < 0 || m->mf_state != SMFS_OPEN)
2121 if (MilterLogLevel > 0)
2122 sm_syslog(LOG_ERR, e->e_id,
2123 "Milter (%s): negotiate, impossible state",
2129 fvers = htonl(SMFI_VERSION);
2130 fflags = htonl(SMFI_CURR_ACTS);
2131 pflags = htonl(SMFI_CURR_PROT);
2132 (void) memcpy(data, (char *) &fvers, MILTER_LEN_BYTES);
2133 (void) memcpy(data + MILTER_LEN_BYTES,
2134 (char *) &fflags, MILTER_LEN_BYTES);
2135 (void) memcpy(data + (MILTER_LEN_BYTES * 2),
2136 (char *) &pflags, MILTER_LEN_BYTES);
2137 (void) milter_write(m, SMFIC_OPTNEG, data, sizeof data,
2138 m->mf_timeout[SMFTO_WRITE], e);
2140 if (m->mf_state == SMFS_ERROR)
2143 response = milter_read(m, &rcmd, &rlen, m->mf_timeout[SMFTO_READ], e);
2144 if (m->mf_state == SMFS_ERROR)
2147 if (rcmd != SMFIC_OPTNEG)
2150 sm_dprintf("milter_negotiate(%s): returned %c instead of %c\n",
2151 m->mf_name, rcmd, SMFIC_OPTNEG);
2152 if (MilterLogLevel > 0)
2153 sm_syslog(LOG_ERR, e->e_id,
2154 "Milter (%s): negotiate: returned %c instead of %c",
2155 m->mf_name, rcmd, SMFIC_OPTNEG);
2156 if (response != NULL)
2157 sm_free(response); /* XXX */
2162 /* Make sure we have enough bytes for the version */
2163 if (response == NULL || rlen < MILTER_LEN_BYTES)
2166 sm_dprintf("milter_negotiate(%s): did not return valid info\n",
2168 if (MilterLogLevel > 0)
2169 sm_syslog(LOG_ERR, e->e_id,
2170 "Milter (%s): negotiate: did not return valid info",
2172 if (response != NULL)
2173 sm_free(response); /* XXX */
2178 /* extract information */
2179 (void) memcpy((char *) &fvers, response, MILTER_LEN_BYTES);
2181 /* Now make sure we have enough for the feature bitmap */
2182 if (rlen != MILTER_OPTLEN)
2185 sm_dprintf("milter_negotiate(%s): did not return enough info\n",
2187 if (MilterLogLevel > 0)
2188 sm_syslog(LOG_ERR, e->e_id,
2189 "Milter (%s): negotiate: did not return enough info",
2191 if (response != NULL)
2192 sm_free(response); /* XXX */
2197 (void) memcpy((char *) &fflags, response + MILTER_LEN_BYTES,
2199 (void) memcpy((char *) &pflags, response + (MILTER_LEN_BYTES * 2),
2201 sm_free(response); /* XXX */
2204 m->mf_fvers = ntohl(fvers);
2205 m->mf_fflags = ntohl(fflags);
2206 m->mf_pflags = ntohl(pflags);
2208 /* check for version compatibility */
2209 if (m->mf_fvers == 1 ||
2210 m->mf_fvers > SMFI_VERSION)
2213 sm_dprintf("milter_negotiate(%s): version %d != MTA milter version %d\n",
2214 m->mf_name, m->mf_fvers, SMFI_VERSION);
2215 if (MilterLogLevel > 0)
2216 sm_syslog(LOG_ERR, e->e_id,
2217 "Milter (%s): negotiate: version %d != MTA milter version %d",
2218 m->mf_name, m->mf_fvers, SMFI_VERSION);
2223 /* check for filter feature mismatch */
2224 if ((m->mf_fflags & SMFI_CURR_ACTS) != m->mf_fflags)
2227 sm_dprintf("milter_negotiate(%s): filter abilities 0x%x != MTA milter abilities 0x%lx\n",
2228 m->mf_name, m->mf_fflags,
2230 if (MilterLogLevel > 0)
2231 sm_syslog(LOG_ERR, e->e_id,
2232 "Milter (%s): negotiate: filter abilities 0x%x != MTA milter abilities 0x%lx",
2233 m->mf_name, m->mf_fflags,
2234 (unsigned long) SMFI_CURR_ACTS);
2239 /* check for protocol feature mismatch */
2240 if ((m->mf_pflags & SMFI_CURR_PROT) != m->mf_pflags)
2243 sm_dprintf("milter_negotiate(%s): protocol abilities 0x%x != MTA milter abilities 0x%lx\n",
2244 m->mf_name, m->mf_pflags,
2245 (unsigned long) SMFI_CURR_PROT);
2246 if (MilterLogLevel > 0)
2247 sm_syslog(LOG_ERR, e->e_id,
2248 "Milter (%s): negotiate: protocol abilities 0x%x != MTA milter abilities 0x%lx",
2249 m->mf_name, m->mf_pflags,
2250 (unsigned long) SMFI_CURR_PROT);
2256 sm_dprintf("milter_negotiate(%s): version %u, fflags 0x%x, pflags 0x%x\n",
2257 m->mf_name, m->mf_fvers, m->mf_fflags, m->mf_pflags);
2261 ** MILTER_PER_CONNECTION_CHECK -- checks on per-connection commands
2263 ** Reduce code duplication by putting these checks in one place
2266 ** e -- current envelope.
2273 milter_per_connection_check(e)
2278 /* see if we are done with any of the filters */
2279 for (i = 0; InputFilters[i] != NULL; i++)
2281 struct milter *m = InputFilters[i];
2283 if (m->mf_state == SMFS_CLOSABLE)
2284 milter_quit_filter(m, e);
2288 ** MILTER_ERROR -- Put a milter filter into error state
2291 ** m -- the broken filter.
2303 ** We could send a quit here but
2304 ** we may have gotten here due to
2305 ** an I/O error so we don't want
2306 ** to try to make things worse.
2309 if (m->mf_sock >= 0)
2311 (void) close(m->mf_sock);
2314 m->mf_state = SMFS_ERROR;
2316 if (MilterLogLevel > 0)
2317 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): to error state",
2321 ** MILTER_HEADERS -- send headers to a single milter filter
2324 ** m -- current filter.
2325 ** e -- current envelope.
2326 ** state -- return state from response.
2329 ** response string (may be NULL)
2333 milter_headers(m, e, state)
2338 char *response = NULL;
2341 if (MilterLogLevel > 17)
2342 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): headers, send",
2345 for (h = e->e_header; h != NULL; h = h->h_link)
2350 /* don't send over deleted headers */
2351 if (h->h_value == NULL)
2353 /* strip H_USER so not counted in milter_chgheader() */
2354 h->h_flags &= ~H_USER;
2358 /* skip auto-generated */
2359 if (!bitset(H_USER, h->h_flags))
2363 sm_dprintf("milter_headers: %s: %s\n",
2364 h->h_field, h->h_value);
2365 if (MilterLogLevel > 21)
2366 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): header, %s",
2367 m->mf_name, h->h_field);
2369 s = strlen(h->h_field) + 1 + strlen(h->h_value) + 1;
2372 buf = (char *) xalloc(s);
2373 (void) sm_snprintf(buf, s, "%s%c%s",
2374 h->h_field, '\0', h->h_value);
2377 response = milter_send_command(m, SMFIC_HEADER, buf,
2379 sm_free(buf); /* XXX */
2380 if (m->mf_state == SMFS_ERROR ||
2381 m->mf_state == SMFS_DONE ||
2382 *state != SMFIR_CONTINUE)
2385 if (MilterLogLevel > 17)
2386 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): headers, sent",
2391 ** MILTER_BODY -- send the body to a filter
2394 ** m -- current filter.
2395 ** e -- current envelope.
2396 ** state -- return state from response.
2399 ** response string (may be NULL)
2403 milter_body(m, e, state)
2408 char bufchar = '\0';
2409 char prevchar = '\0';
2411 char *response = NULL;
2413 char buf[MILTER_CHUNK_SIZE];
2416 sm_dprintf("milter_body\n");
2418 if (bfrewind(e->e_dfp) < 0)
2420 ExitStat = EX_IOERR;
2421 *state = SMFIR_TEMPFAIL;
2422 syserr("milter_body: %s/%cf%s: rewind error",
2423 qid_printqueue(e->e_qgrp, e->e_qdir),
2424 DATAFL_LETTER, e->e_id);
2428 if (MilterLogLevel > 17)
2429 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): body, send",
2432 while ((c = sm_io_getc(e->e_dfp, SM_TIME_DEFAULT)) != SM_IO_EOF)
2434 /* Change LF to CRLF */
2437 /* Not a CRLF already? */
2438 if (prevchar != '\r')
2440 /* Room for CR now? */
2441 if (bp + 2 > &buf[sizeof buf])
2443 /* No room, buffer LF */
2446 /* and send CR now */
2451 /* Room to do it now */
2459 if (bp >= &buf[sizeof buf])
2462 response = milter_send_command(m, SMFIC_BODY, buf,
2463 bp - buf, e, state);
2465 if (bufchar != '\0')
2472 if (m->mf_state == SMFS_ERROR ||
2473 m->mf_state == SMFS_DONE ||
2474 *state != SMFIR_CONTINUE)
2478 /* check for read errors */
2479 if (sm_io_error(e->e_dfp))
2481 ExitStat = EX_IOERR;
2482 if (*state == SMFIR_CONTINUE ||
2483 *state == SMFIR_ACCEPT)
2485 *state = SMFIR_TEMPFAIL;
2486 if (response != NULL)
2488 sm_free(response); /* XXX */
2492 syserr("milter_body: %s/%cf%s: read error",
2493 qid_printqueue(e->e_qgrp, e->e_qdir),
2494 DATAFL_LETTER, e->e_id);
2498 /* send last body chunk */
2500 m->mf_state != SMFS_ERROR &&
2501 m->mf_state != SMFS_DONE &&
2502 *state == SMFIR_CONTINUE)
2505 response = milter_send_command(m, SMFIC_BODY, buf, bp - buf,
2509 if (MilterLogLevel > 17)
2510 sm_syslog(LOG_INFO, e->e_id, "Milter (%s): body, sent",
2520 ** MILTER_ADDHEADER -- Add the supplied header to the message
2523 ** response -- encoded form of header/value.
2524 ** rlen -- length of response.
2525 ** e -- current envelope.
2532 milter_addheader(response, rlen, e)
2541 sm_dprintf("milter_addheader: ");
2544 if (response == NULL)
2547 sm_dprintf("NULL response\n");
2551 if (rlen < 2 || strlen(response) + 1 >= (size_t) rlen)
2554 sm_dprintf("didn't follow protocol (total len)\n");
2558 /* Find separating NUL */
2559 val = response + strlen(response) + 1;
2561 /* another sanity check */
2562 if (strlen(response) + strlen(val) + 2 != (size_t) rlen)
2565 sm_dprintf("didn't follow protocol (part len)\n");
2569 if (*response == '\0')
2572 sm_dprintf("empty field name\n");
2576 for (h = e->e_header; h != NULL; h = h->h_link)
2578 if (sm_strcasecmp(h->h_field, response) == 0 &&
2579 !bitset(H_USER, h->h_flags) &&
2580 !bitset(H_TRACE, h->h_flags))
2584 /* add to e_msgsize */
2585 e->e_msgsize += strlen(response) + 2 + strlen(val);
2590 sm_dprintf("Replace default header %s value with %s\n",
2592 if (MilterLogLevel > 8)
2593 sm_syslog(LOG_INFO, e->e_id,
2594 "Milter change: default header %s value with %s",
2596 h->h_value = newstr(val);
2597 h->h_flags |= H_USER;
2602 sm_dprintf("Add %s: %s\n", response, val);
2603 if (MilterLogLevel > 8)
2604 sm_syslog(LOG_INFO, e->e_id, "Milter add: header: %s: %s",
2606 addheader(newstr(response), val, H_USER, e);
2610 ** MILTER_CHANGEHEADER -- Change the supplied header in the message
2613 ** response -- encoded form of header/index/value.
2614 ** rlen -- length of response.
2615 ** e -- current envelope.
2622 milter_changeheader(response, rlen, e)
2632 sm_dprintf("milter_changeheader: ");
2635 if (response == NULL)
2638 sm_dprintf("NULL response\n");
2642 if (rlen < 2 || strlen(response) + 1 >= (size_t) rlen)
2645 sm_dprintf("didn't follow protocol (total len)\n");
2649 /* Find separating NUL */
2650 (void) memcpy((char *) &i, response, MILTER_LEN_BYTES);
2652 field = response + MILTER_LEN_BYTES;
2653 val = field + strlen(field) + 1;
2655 /* another sanity check */
2656 if (MILTER_LEN_BYTES + strlen(field) + 1 +
2657 strlen(val) + 1 != (size_t) rlen)
2660 sm_dprintf("didn't follow protocol (part len)\n");
2667 sm_dprintf("empty field name\n");
2672 for (h = e->e_header; h != NULL; h = h->h_link)
2674 if (sm_strcasecmp(h->h_field, field) == 0)
2676 if (bitset(H_USER, h->h_flags) &&
2682 else if (!bitset(H_USER, h->h_flags) &&
2683 !bitset(H_TRACE, h->h_flags))
2686 ** DRUMS msg-fmt draft says can only have
2687 ** multiple occurences of trace fields,
2688 ** so make sure we replace any non-trace,
2697 /* if not found as user-provided header at index, use sysheader */
2706 sm_dprintf("Delete (noop) %s:\n", field);
2710 /* treat modify value with no existing header as add */
2712 sm_dprintf("Add %s: %s\n", field, val);
2713 addheader(newstr(field), val, H_USER, e);
2722 sm_dprintf("Delete%s %s: %s\n",
2723 h == sysheader ? " (default header)" : "",
2725 h->h_value == NULL ? "<NULL>" : h->h_value);
2729 sm_dprintf("Change%s %s: from %s to %s\n",
2730 h == sysheader ? " (default header)" : "",
2732 h->h_value == NULL ? "<NULL>" : h->h_value,
2737 if (MilterLogLevel > 8)
2741 sm_syslog(LOG_INFO, e->e_id,
2742 "Milter delete: header %s %s: %s",
2743 h == sysheader ? " (default header)" : "",
2745 h->h_value == NULL ? "<NULL>" : h->h_value);
2749 sm_syslog(LOG_INFO, e->e_id,
2750 "Milter change: header %s %s: from %s to %s",
2751 h == sysheader ? " (default header)" : "",
2753 h->h_value == NULL ? "<NULL>" : h->h_value,
2758 if (h != sysheader && h->h_value != NULL)
2762 l = strlen(h->h_value);
2763 if (l > e->e_msgsize)
2767 /* rpool, don't free: sm_free(h->h_value); XXX */
2772 /* Remove "Field: " from message size */
2777 l = strlen(h->h_field) + 2;
2778 if (l > e->e_msgsize)
2787 h->h_value = newstr(val);
2788 h->h_flags |= H_USER;
2789 e->e_msgsize += strlen(h->h_value);
2793 ** MILTER_ADDRCPT -- Add the supplied recipient to the message
2796 ** response -- encoded form of recipient address.
2797 ** rlen -- length of response.
2798 ** e -- current envelope.
2805 milter_addrcpt(response, rlen, e)
2813 sm_dprintf("milter_addrcpt: ");
2816 if (response == NULL)
2819 sm_dprintf("NULL response\n");
2823 if (*response == '\0' ||
2824 strlen(response) + 1 != (size_t) rlen)
2827 sm_dprintf("didn't follow protocol (total len %d != rlen %d)\n",
2828 (int) strlen(response), (int) (rlen - 1));
2833 sm_dprintf("%s\n", response);
2834 if (MilterLogLevel > 8)
2835 sm_syslog(LOG_INFO, e->e_id, "Milter add: rcpt: %s", response);
2837 (void) sendtolist(response, NULLADDR, &e->e_sendqueue, 0, e);
2842 ** MILTER_DELRCPT -- Delete the supplied recipient from the message
2845 ** response -- encoded form of recipient address.
2846 ** rlen -- length of response.
2847 ** e -- current envelope.
2854 milter_delrcpt(response, rlen, e)
2860 sm_dprintf("milter_delrcpt: ");
2863 if (response == NULL)
2866 sm_dprintf("NULL response\n");
2870 if (*response == '\0' ||
2871 strlen(response) + 1 != (size_t) rlen)
2874 sm_dprintf("didn't follow protocol (total len)\n");
2879 sm_dprintf("%s\n", response);
2880 if (MilterLogLevel > 8)
2881 sm_syslog(LOG_INFO, e->e_id, "Milter delete: rcpt %s",
2883 (void) removefromlist(response, &e->e_sendqueue, e);
2887 ** MILTER_REPLBODY -- Replace the current data file with new body
2890 ** response -- encoded form of new body.
2891 ** rlen -- length of response.
2892 ** newfilter -- if first time called by a new filter
2893 ** e -- current envelope.
2896 ** 0 upon success, -1 upon failure
2900 milter_replbody(response, rlen, newfilter, e)
2906 static char prevchar;
2910 sm_dprintf("milter_replbody\n");
2912 /* If a new filter, reset previous character and truncate data file */
2916 char dfname[MAXPATHLEN];
2918 (void) sm_strlcpy(dfname, queuename(e, DATAFL_LETTER),
2921 /* Reset prevchar */
2924 /* Get the current data file information */
2925 prevsize = sm_io_getinfo(e->e_dfp, SM_IO_WHAT_SIZE, NULL);
2929 /* truncate current data file */
2930 if (sm_io_getinfo(e->e_dfp, SM_IO_WHAT_ISTYPE, BF_FILE_TYPE))
2932 if (sm_io_setinfo(e->e_dfp, SM_BF_TRUNCATE, NULL) < 0)
2934 MILTER_DF_ERROR("milter_replbody: sm_io truncate %s: %s");
2942 err = sm_io_error(e->e_dfp);
2943 (void) sm_io_flush(e->e_dfp, SM_TIME_DEFAULT);
2946 ** Clear error if tried to fflush()
2947 ** a read-only file pointer and
2948 ** there wasn't a previous error.
2952 sm_io_clearerr(e->e_dfp);
2954 /* errno is set implicitly by fseek() before return */
2955 err = sm_io_seek(e->e_dfp, SM_TIME_DEFAULT,
2959 MILTER_DF_ERROR("milter_replbody: sm_io_seek %s: %s");
2963 /* XXX: Not much we can do except rewind it */
2965 MILTER_DF_ERROR("milter_replbody: ftruncate not available on this platform (%s:%s)");
2967 # else /* NOFTRUNCATE */
2968 err = ftruncate(sm_io_getinfo(e->e_dfp,
2969 SM_IO_WHAT_FD, NULL),
2973 MILTER_DF_ERROR("milter_replbody: sm_io ftruncate %s: %s");
2976 # endif /* NOFTRUNCATE */
2979 if (prevsize > e->e_msgsize)
2982 e->e_msgsize -= prevsize;
2985 if (newfilter && MilterLogLevel > 8)
2986 sm_syslog(LOG_INFO, e->e_id, "Milter message: body replaced");
2988 if (response == NULL)
2990 /* Flush the buffered '\r' */
2991 if (prevchar == '\r')
2993 (void) sm_io_putc(e->e_dfp, SM_TIME_DEFAULT, prevchar);
2999 for (i = 0; i < rlen; i++)
3001 /* Buffered char from last chunk */
3002 if (i == 0 && prevchar == '\r')
3004 /* Not CRLF, output prevchar */
3005 if (response[i] != '\n')
3007 (void) sm_io_putc(e->e_dfp, SM_TIME_DEFAULT,
3014 /* Turn CRLF into LF */
3015 if (response[i] == '\r')
3017 /* check if at end of chunk */
3020 /* If LF, strip CR */
3021 if (response[i + 1] == '\n')
3026 /* check next chunk */
3031 (void) sm_io_putc(e->e_dfp, SM_TIME_DEFAULT, response[i]);
3042 ** MILTER_INIT -- open and negotiate with all of the filters
3045 ** e -- current envelope.
3046 ** state -- return state from response.
3049 ** true iff at least one filter is active
3054 milter_init(e, state)
3061 sm_dprintf("milter_init\n");
3063 *state = SMFIR_CONTINUE;
3064 if (InputFilters[0] == NULL)
3066 if (MilterLogLevel > 10)
3067 sm_syslog(LOG_INFO, e->e_id,
3068 "Milter: no active filter");
3072 for (i = 0; InputFilters[i] != NULL; i++)
3074 struct milter *m = InputFilters[i];
3076 m->mf_sock = milter_open(m, false, e);
3077 if (m->mf_state == SMFS_ERROR)
3079 MILTER_CHECK_ERROR(true, continue);
3083 if (m->mf_sock < 0 ||
3084 milter_negotiate(m, e) < 0 ||
3085 m->mf_state == SMFS_ERROR)
3088 sm_dprintf("milter_init(%s): failed to %s\n",
3090 m->mf_sock < 0 ? "open" :
3092 if (MilterLogLevel > 0)
3093 sm_syslog(LOG_ERR, e->e_id,
3094 "Milter (%s): init failed to %s",
3096 m->mf_sock < 0 ? "open" :
3099 /* if negotation failure, close socket */
3101 MILTER_CHECK_ERROR(true, continue);
3103 if (MilterLogLevel > 9)
3104 sm_syslog(LOG_INFO, e->e_id,
3105 "Milter (%s): init success to %s",
3107 m->mf_sock < 0 ? "open" : "negotiate");
3111 ** If something temp/perm failed with one of the filters,
3112 ** we won't be using any of them, so clear any existing
3116 if (*state != SMFIR_CONTINUE)
3122 ** MILTER_CONNECT -- send connection info to milter filters
3125 ** hostname -- hostname of remote machine.
3126 ** addr -- address of remote machine.
3127 ** e -- current envelope.
3128 ** state -- return state from response.
3131 ** response string (may be NULL)
3135 milter_connect(hostname, addr, e, state)
3142 unsigned short port;
3145 char *sockinfo = NULL;
3148 char buf6[INET6_ADDRSTRLEN];
3149 # endif /* NETINET6 */
3152 sm_dprintf("milter_connect(%s)\n", hostname);
3153 if (MilterLogLevel > 9)
3154 sm_syslog(LOG_INFO, e->e_id, "Milter: connect to filters");
3157 switch (addr.sa.sa_family)
3161 family = SMFIA_UNIX;
3163 sockinfo = addr.sunix.sun_path;
3165 # endif /* NETUNIX */
3169 family = SMFIA_INET;
3170 port = addr.sin.sin_port;
3171 sockinfo = (char *) inet_ntoa(addr.sin.sin_addr);
3173 # endif /* NETINET */
3177 if (IN6_IS_ADDR_V4MAPPED(&addr.sin6.sin6_addr))
3178 family = SMFIA_INET;
3180 family = SMFIA_INET6;
3181 port = addr.sin6.sin6_port;
3182 sockinfo = anynet_ntop(&addr.sin6.sin6_addr, buf6,
3184 if (sockinfo == NULL)
3187 # endif /* NETINET6 */
3190 family = SMFIA_UNKNOWN;
3194 s = strlen(hostname) + 1 + sizeof(family);
3195 if (family != SMFIA_UNKNOWN)
3196 s += sizeof(port) + strlen(sockinfo) + 1;
3198 buf = (char *) xalloc(s);
3201 /* put together data */
3202 (void) memcpy(bp, hostname, strlen(hostname));
3203 bp += strlen(hostname);
3205 (void) memcpy(bp, &family, sizeof family);
3206 bp += sizeof family;
3207 if (family != SMFIA_UNKNOWN)
3209 (void) memcpy(bp, &port, sizeof port);
3212 /* include trailing '\0' */
3213 (void) memcpy(bp, sockinfo, strlen(sockinfo) + 1);
3216 response = milter_command(SMFIC_CONNECT, buf, s,
3217 MilterConnectMacros, e, state);
3218 sm_free(buf); /* XXX */
3221 ** If this message connection is done for,
3222 ** close the filters.
3225 if (*state != SMFIR_CONTINUE)
3227 if (MilterLogLevel > 9)
3228 sm_syslog(LOG_INFO, e->e_id, "Milter: connect, ending");
3232 milter_per_connection_check(e);
3235 ** SMFIR_REPLYCODE can't work with connect due to
3236 ** the requirements of SMTP. Therefore, ignore the
3237 ** reply code text but keep the state it would reflect.
3240 if (*state == SMFIR_REPLYCODE)
3242 if (response != NULL &&
3246 if (strncmp(response, "421 ", 4) == 0)
3247 *state = SMFIR_SHUTDOWN;
3249 #endif /* _FFR_MILTER_421 */
3250 *state = SMFIR_TEMPFAIL;
3253 *state = SMFIR_REJECT;
3254 if (response != NULL)
3256 sm_free(response); /* XXX */
3263 ** MILTER_HELO -- send SMTP HELO/EHLO command info to milter filters
3266 ** helo -- argument to SMTP HELO/EHLO command.
3267 ** e -- current envelope.
3268 ** state -- return state from response.
3271 ** response string (may be NULL)
3275 milter_helo(helo, e, state)
3284 sm_dprintf("milter_helo(%s)\n", helo);
3286 /* HELO/EHLO can come at any point */
3287 for (i = 0; InputFilters[i] != NULL; i++)
3289 struct milter *m = InputFilters[i];
3291 switch (m->mf_state)
3294 /* abort in message filters */
3295 milter_abort_filter(m, e);
3299 /* reset done filters */
3300 m->mf_state = SMFS_OPEN;
3305 response = milter_command(SMFIC_HELO, helo, strlen(helo) + 1,
3306 MilterHeloMacros, e, state);
3307 milter_per_connection_check(e);
3311 ** MILTER_ENVFROM -- send SMTP MAIL command info to milter filters
3314 ** args -- SMTP MAIL command args (args[0] == sender).
3315 ** e -- current envelope.
3316 ** state -- return state from response.
3319 ** response string (may be NULL)
3323 milter_envfrom(args, e, state)
3335 sm_dprintf("milter_envfrom:");
3336 for (i = 0; args[i] != NULL; i++)
3337 sm_dprintf(" %s", args[i]);
3342 if (args[0] == NULL)
3344 *state = SMFIR_REJECT;
3345 if (MilterLogLevel > 10)
3346 sm_syslog(LOG_INFO, e->e_id,
3347 "Milter: reject, no sender");
3351 /* new message, so ... */
3352 for (i = 0; InputFilters[i] != NULL; i++)
3354 struct milter *m = InputFilters[i];
3356 switch (m->mf_state)
3359 /* abort in message filters */
3360 milter_abort_filter(m, e);
3364 /* reset done filters */
3365 m->mf_state = SMFS_OPEN;
3370 /* put together data */
3372 for (i = 0; args[i] != NULL; i++)
3373 s += strlen(args[i]) + 1;
3377 *state = SMFIR_TEMPFAIL;
3381 buf = (char *) xalloc(s);
3383 for (i = 0; args[i] != NULL; i++)
3385 (void) sm_strlcpy(bp, args[i], s - (bp - buf));
3386 bp += strlen(bp) + 1;
3389 if (MilterLogLevel > 14)
3390 sm_syslog(LOG_INFO, e->e_id, "Milter: senders: %s", buf);
3393 response = milter_command(SMFIC_MAIL, buf, s,
3394 MilterEnvFromMacros, e, state);
3395 sm_free(buf); /* XXX */
3398 ** If filter rejects/discards a per message command,
3399 ** abort the other filters since we are done with the
3403 MILTER_CHECK_DONE_MSG();
3404 if (MilterLogLevel > 10 && *state == SMFIR_REJECT)
3405 sm_syslog(LOG_INFO, e->e_id, "Milter: reject, senders");
3409 ** MILTER_ENVRCPT -- send SMTP RCPT command info to milter filters
3412 ** args -- SMTP MAIL command args (args[0] == recipient).
3413 ** e -- current envelope.
3414 ** state -- return state from response.
3417 ** response string (may be NULL)
3421 milter_envrcpt(args, e, state)
3433 sm_dprintf("milter_envrcpt:");
3434 for (i = 0; args[i] != NULL; i++)
3435 sm_dprintf(" %s", args[i]);
3440 if (args[0] == NULL)
3442 *state = SMFIR_REJECT;
3443 if (MilterLogLevel > 10)
3444 sm_syslog(LOG_INFO, e->e_id, "Milter: reject, no rcpt");
3448 /* put together data */
3450 for (i = 0; args[i] != NULL; i++)
3451 s += strlen(args[i]) + 1;
3455 *state = SMFIR_TEMPFAIL;
3459 buf = (char *) xalloc(s);
3461 for (i = 0; args[i] != NULL; i++)
3463 (void) sm_strlcpy(bp, args[i], s - (bp - buf));
3464 bp += strlen(bp) + 1;
3467 if (MilterLogLevel > 14)
3468 sm_syslog(LOG_INFO, e->e_id, "Milter: rcpts: %s", buf);
3471 response = milter_command(SMFIC_RCPT, buf, s,
3472 MilterEnvRcptMacros, e, state);
3473 sm_free(buf); /* XXX */
3477 ** MILTER_DATA -- send message headers/body and gather final message results
3480 ** e -- current envelope.
3481 ** state -- return state from response.
3484 ** response string (may be NULL)
3487 ** - Uses e->e_dfp for access to the body
3488 ** - Can call the various milter action routines to
3489 ** modify the envelope or message.
3492 # define MILTER_CHECK_RESULTS() \
3493 if (*state == SMFIR_ACCEPT || \
3494 m->mf_state == SMFS_DONE || \
3495 m->mf_state == SMFS_ERROR) \
3497 if (m->mf_state != SMFS_ERROR) \
3498 m->mf_state = SMFS_DONE; \
3499 continue; /* to next filter */ \
3501 if (*state != SMFIR_CONTINUE) \
3503 m->mf_state = SMFS_DONE; \
3508 milter_data(e, state)
3512 bool replbody = false; /* milter_replbody() called? */
3513 bool replfailed = false; /* milter_replbody() failed? */
3514 bool rewind = false; /* rewind data file? */
3515 bool dfopen = false; /* data file open for writing? */
3516 bool newfilter; /* reset on each new filter */
3520 char *response = NULL;
3525 sm_dprintf("milter_data\n");
3527 *state = SMFIR_CONTINUE;
3530 ** XXX: Should actually send body chunks to each filter
3531 ** a chunk at a time instead of sending the whole body to
3532 ** each filter in turn. However, only if the filters don't
3536 for (i = 0; InputFilters[i] != NULL; i++)
3538 struct milter *m = InputFilters[i];
3540 if (*state != SMFIR_CONTINUE &&
3541 *state != SMFIR_ACCEPT)
3544 ** A previous filter has dealt with the message,
3545 ** safe to stop processing the filters.
3551 /* Now reset state for later evaluation */
3552 *state = SMFIR_CONTINUE;
3555 /* previous problem? */
3556 if (m->mf_state == SMFS_ERROR)
3558 MILTER_CHECK_ERROR(false, continue);
3563 if (m->mf_sock < 0 ||
3564 (m->mf_state != SMFS_OPEN && m->mf_state != SMFS_INMSG))
3567 m->mf_state = SMFS_INMSG;
3569 /* check if filter wants the headers */
3570 if (!bitset(SMFIP_NOHDRS, m->mf_pflags))
3572 response = milter_headers(m, e, state);
3573 MILTER_CHECK_RESULTS();
3576 /* check if filter wants EOH */
3577 if (!bitset(SMFIP_NOEOH, m->mf_pflags))
3580 sm_dprintf("milter_data: eoh\n");
3583 response = milter_send_command(m, SMFIC_EOH, NULL, 0,
3585 MILTER_CHECK_RESULTS();
3588 /* check if filter wants the body */
3589 if (!bitset(SMFIP_NOBODY, m->mf_pflags) &&
3593 response = milter_body(m, e, state);
3594 MILTER_CHECK_RESULTS();
3597 /* send the final body chunk */
3598 (void) milter_write(m, SMFIC_BODYEOB, NULL, 0,
3599 m->mf_timeout[SMFTO_WRITE], e);
3601 /* Get time EOM sent for timeout */
3602 eomsent = curtime();
3604 /* deal with the possibility of multiple responses */
3605 while (*state == SMFIR_CONTINUE)
3607 /* Check total timeout from EOM to final ACK/NAK */
3608 if (m->mf_timeout[SMFTO_EOM] > 0 &&
3609 curtime() - eomsent >= m->mf_timeout[SMFTO_EOM])
3612 sm_dprintf("milter_data(%s): EOM ACK/NAK timeout\n",
3614 if (MilterLogLevel > 0)
3615 sm_syslog(LOG_ERR, e->e_id,
3616 "milter_data(%s): EOM ACK/NAK timeout",
3619 MILTER_CHECK_ERROR(false, break);
3623 response = milter_read(m, &rcmd, &rlen,
3624 m->mf_timeout[SMFTO_READ], e);
3625 if (m->mf_state == SMFS_ERROR)
3629 sm_dprintf("milter_data(%s): state %c\n",
3630 m->mf_name, (char) rcmd);
3634 case SMFIR_REPLYCODE:
3635 MILTER_CHECK_REPLYCODE("554 5.7.1 Command rejected");
3636 if (MilterLogLevel > 12)
3637 sm_syslog(LOG_INFO, e->e_id, "milter=%s, reject=%s",
3638 m->mf_name, response);
3640 m->mf_state = SMFS_DONE;
3643 case SMFIR_REJECT: /* log msg at end of function */
3644 if (MilterLogLevel > 12)
3645 sm_syslog(LOG_INFO, e->e_id, "milter=%s, reject",
3648 m->mf_state = SMFS_DONE;
3652 if (MilterLogLevel > 12)
3653 sm_syslog(LOG_INFO, e->e_id, "milter=%s, discard",
3656 m->mf_state = SMFS_DONE;
3659 case SMFIR_TEMPFAIL:
3660 if (MilterLogLevel > 12)
3661 sm_syslog(LOG_INFO, e->e_id, "milter=%s, tempfail",
3664 m->mf_state = SMFS_DONE;
3667 case SMFIR_CONTINUE:
3669 /* this filter is done with message */
3671 *state = SMFIR_TEMPFAIL;
3673 *state = SMFIR_ACCEPT;
3674 m->mf_state = SMFS_DONE;
3677 case SMFIR_PROGRESS:
3680 # if _FFR_QUARANTINE
3681 case SMFIR_QUARANTINE:
3682 if (!bitset(SMFIF_QUARANTINE, m->mf_fflags))
3684 if (MilterLogLevel > 9)
3685 sm_syslog(LOG_WARNING, e->e_id,
3686 "milter_data(%s): lied about quarantining, honoring request anyway",
3689 if (response == NULL)
3690 response = newstr("");
3691 if (MilterLogLevel > 3)
3692 sm_syslog(LOG_INFO, e->e_id,
3693 "milter=%s, quarantine=%s",
3694 m->mf_name, response);
3695 e->e_quarmsg = sm_rpool_strdup_x(e->e_rpool,
3697 macdefine(&e->e_macro, A_PERM,
3698 macid("{quarantine}"), e->e_quarmsg);
3700 # endif /* _FFR_QUARANTINE */
3702 case SMFIR_ADDHEADER:
3703 if (!bitset(SMFIF_ADDHDRS, m->mf_fflags))
3705 if (MilterLogLevel > 9)
3706 sm_syslog(LOG_WARNING, e->e_id,
3707 "milter_data(%s): lied about adding headers, honoring request anyway",
3710 milter_addheader(response, rlen, e);
3713 case SMFIR_CHGHEADER:
3714 if (!bitset(SMFIF_CHGHDRS, m->mf_fflags))
3716 if (MilterLogLevel > 9)
3717 sm_syslog(LOG_WARNING, e->e_id,
3718 "milter_data(%s): lied about changing headers, honoring request anyway",
3721 milter_changeheader(response, rlen, e);
3725 if (!bitset(SMFIF_ADDRCPT, m->mf_fflags))
3727 if (MilterLogLevel > 9)
3728 sm_syslog(LOG_WARNING, e->e_id,
3729 "milter_data(%s) lied about adding recipients, honoring request anyway",
3732 milter_addrcpt(response, rlen, e);
3736 if (!bitset(SMFIF_DELRCPT, m->mf_fflags))
3738 if (MilterLogLevel > 9)
3739 sm_syslog(LOG_WARNING, e->e_id,
3740 "milter_data(%s): lied about removing recipients, honoring request anyway",
3743 milter_delrcpt(response, rlen, e);
3746 case SMFIR_REPLBODY:
3747 if (!bitset(SMFIF_MODBODY, m->mf_fflags))
3749 if (MilterLogLevel > 9)
3750 sm_syslog(LOG_ERR, e->e_id,
3751 "milter_data(%s): lied about replacing body, rejecting request and tempfailing message",
3757 /* already failed in attempt */
3763 if (milter_reopen_df(e) < 0)
3772 if (milter_replbody(response, rlen,
3780 /* Invalid response to command */
3781 if (MilterLogLevel > 0)
3782 sm_syslog(LOG_ERR, e->e_id,
3783 "milter_data(%s): returned bogus response %c",
3788 if (rcmd != SMFIR_REPLYCODE && response != NULL)
3790 sm_free(response); /* XXX */
3794 if (m->mf_state == SMFS_ERROR)
3798 if (replbody && !replfailed)
3800 /* flush possible buffered character */
3801 milter_replbody(NULL, 0, !replbody, e);
3805 if (m->mf_state == SMFS_ERROR)
3807 MILTER_CHECK_ERROR(false, continue);
3813 /* leave things in the expected state if we touched it */
3816 if (*state == SMFIR_CONTINUE ||
3817 *state == SMFIR_ACCEPT)
3819 *state = SMFIR_TEMPFAIL;
3820 SM_FREE_CLR(response);
3825 (void) sm_io_close(e->e_dfp, SM_TIME_DEFAULT);
3827 e->e_flags &= ~EF_HAS_DF;
3833 if ((dfopen && milter_reset_df(e) < 0) ||
3834 (rewind && bfrewind(e->e_dfp) < 0))
3837 ExitStat = EX_IOERR;
3840 ** If filter told us to keep message but we had
3841 ** an error, we can't really keep it, tempfail it.
3844 if (*state == SMFIR_CONTINUE ||
3845 *state == SMFIR_ACCEPT)
3847 *state = SMFIR_TEMPFAIL;
3848 SM_FREE_CLR(response);
3852 syserr("milter_data: %s/%cf%s: read error",
3853 qid_printqueue(e->e_qgrp, e->e_qdir),
3854 DATAFL_LETTER, e->e_id);
3857 MILTER_CHECK_DONE_MSG();
3858 if (MilterLogLevel > 10 && *state == SMFIR_REJECT)
3859 sm_syslog(LOG_INFO, e->e_id, "Milter: reject, data");
3863 ** MILTER_QUIT -- informs the filter(s) we are done and closes connection(s)
3866 ** e -- current envelope.
3879 sm_dprintf("milter_quit(%s)\n", e->e_id);
3881 for (i = 0; InputFilters[i] != NULL; i++)
3882 milter_quit_filter(InputFilters[i], e);
3885 ** MILTER_ABORT -- informs the filter(s) that we are aborting current message
3888 ** e -- current envelope.
3901 sm_dprintf("milter_abort\n");
3903 for (i = 0; InputFilters[i] != NULL; i++)
3905 struct milter *m = InputFilters[i];
3908 if (m->mf_sock < 0 || m->mf_state != SMFS_INMSG)
3911 milter_abort_filter(m, e);