/*
+ * Copyright (c) 2008-2014, Simon Schubert <2@0x2c.org>.
* Copyright (c) 2008 The DragonFly Project. All rights reserved.
*
* This code is derived from software contributed to The DragonFly Project
- * by Simon 'corecode' Schubert <corecode@fs.ei.tum.de>.
+ * by Simon Schubert <2@0x2c.org>.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* SUCH DAMAGE.
*/
+#include "dfcompat.h"
+
#include <sys/param.h>
+#include <sys/types.h>
#include <sys/queue.h>
#include <sys/stat.h>
-#include <sys/types.h>
+#include <sys/time.h>
#include <sys/wait.h>
#include <dirent.h>
#include "dma.h"
-
static void deliver(struct qitem *);
struct aliases aliases = LIST_HEAD_INITIALIZER(aliases);
struct strlist tmpfs = SLIST_HEAD_INITIALIZER(tmpfs);
-struct virtusers virtusers = LIST_HEAD_INITIALIZER(virtusers);
struct authusers authusers = LIST_HEAD_INITIALIZER(authusers);
-struct config *config;
-const char *username;
+char username[USERNAME_SIZE];
+uid_t useruid;
const char *logident_base;
+char errmsg[ERRMSG_SIZE];
static int daemonize = 1;
+static int doqueue = 0;
+
+struct config config = {
+ .smarthost = NULL,
+ .port = 25,
+ .aliases = "/etc/aliases",
+ .spooldir = "/var/spool/dma",
+ .authpath = NULL,
+ .certfile = NULL,
+ .features = 0,
+ .mailname = NULL,
+ .masquerade_host = NULL,
+ .masquerade_user = NULL,
+};
+
+
+static void
+sighup_handler(int signo)
+{
+ (void)signo; /* so that gcc doesn't complain */
+}
static char *
-set_from(const char *osender)
+set_from(struct queue *queue, const char *osender)
{
- struct virtuser *v;
+ const char *addr;
char *sender;
- if ((config->features & VIRTUAL) != 0) {
- SLIST_FOREACH(v, &virtusers, next) {
- if (strcmp(v->login, username) == 0) {
- sender = strdup(v->address);
- if (sender == NULL)
- return(NULL);
- goto out;
- }
- }
+ if (osender) {
+ addr = osender;
+ } else if (getenv("EMAIL") != NULL) {
+ addr = getenv("EMAIL");
+ } else {
+ if (config.masquerade_user)
+ addr = config.masquerade_user;
+ else
+ addr = username;
}
- if (osender) {
- sender = strdup(osender);
- if (sender == NULL)
+ if (!strchr(addr, '@')) {
+ const char *from_host = hostname();
+
+ if (config.masquerade_host)
+ from_host = config.masquerade_host;
+
+ if (asprintf(&sender, "%s@%s", addr, from_host) <= 0)
return (NULL);
} else {
- if (asprintf(&sender, "%s@%s", username, hostname()) <= 0)
+ sender = strdup(addr);
+ if (sender == NULL)
return (NULL);
}
return (NULL);
}
-out:
+ queue->sender = sender;
return (sender);
}
static int
read_aliases(void)
{
- yyin = fopen(config->aliases, "r");
- if (yyin == NULL)
- return (0); /* not fatal */
+ yyin = fopen(config.aliases, "r");
+ if (yyin == NULL) {
+ /*
+ * Non-existing aliases file is not a fatal error
+ */
+ if (errno == ENOENT)
+ return (0);
+ /* Other problems are. */
+ return (-1);
+ }
if (yyparse())
return (-1); /* fatal error, probably malloc() */
fclose(yyin);
return (0);
}
+static int
+do_alias(struct queue *queue, const char *addr)
+{
+ struct alias *al;
+ struct stritem *sit;
+ int aliased = 0;
+
+ LIST_FOREACH(al, &aliases, next) {
+ if (strcmp(al->alias, addr) != 0)
+ continue;
+ SLIST_FOREACH(sit, &al->dests, next) {
+ if (add_recp(queue, sit->str, EXPAND_ADDR) != 0)
+ return (-1);
+ }
+ aliased = 1;
+ }
+
+ return (aliased);
+}
+
int
-add_recp(struct queue *queue, const char *str, const char *sender, int expand)
+add_recp(struct queue *queue, const char *str, int expand)
{
struct qitem *it, *tit;
- struct stritem *sit;
- struct alias *al;
struct passwd *pw;
char *host;
int aliased = 0;
if (it->addr == NULL)
return (-1);
- it->sender = sender;
+ it->sender = queue->sender;
host = strrchr(it->addr, '@');
if (host != NULL &&
(strcmp(host + 1, hostname()) == 0 ||
}
}
LIST_INSERT_HEAD(&queue->queue, it, next);
- if (strrchr(it->addr, '@') == NULL) {
+
+ /**
+ * Do local delivery if there is no @.
+ * Do not do local delivery when NULLCLIENT is set.
+ */
+ if (strrchr(it->addr, '@') == NULL && (config.features & NULLCLIENT) == 0) {
it->remote = 0;
if (expand) {
- LIST_FOREACH(al, &aliases, next) {
- if (strcmp(al->alias, it->addr) != 0)
- continue;
- SLIST_FOREACH(sit, &al->dests, next) {
- if (add_recp(queue, sit->str, sender, 1) != 0)
- return (-1);
- }
- aliased = 1;
- }
+ aliased = do_alias(queue, it->addr);
+ if (!aliased && expand == EXPAND_WILDCARD)
+ aliased = do_alias(queue, "*");
+ if (aliased < 0)
+ return (-1);
if (aliased) {
LIST_REMOVE(it, next);
} else {
return (-1);
}
-static int
-readmail(struct queue *queue, const char *sender, int nodot)
-{
- char line[1000]; /* by RFC2822 */
- size_t linelen;
- size_t error;
- int had_headers = 0;
- int had_from = 0;
- int had_messagid = 0;
- int had_date = 0;
-
- error = fprintf(queue->mailf,
- "Received: from %s (uid %d)\n"
- "\t(envelope-from %s)\n"
- "\tid %s\n"
- "\tby %s (%s)\n"
- "\t%s\n",
- username, getuid(),
- sender,
- queue->id,
- hostname(), VERSION,
- rfc822date());
- if ((ssize_t)error < 0)
- return (-1);
-
- while (!feof(stdin)) {
- if (fgets(line, sizeof(line), stdin) == NULL)
- break;
- linelen = strlen(line);
- if (linelen == 0 || line[linelen - 1] != '\n') {
- errno = EINVAL; /* XXX mark permanent errors */
- return (-1);
- }
- if (!had_headers) {
- if (strprefixcmp(line, "Date:") == 0)
- had_date = 1;
- else if (strprefixcmp(line, "Message-Id:") == 0)
- had_messagid = 1;
- else if (strprefixcmp(line, "From:") == 0)
- had_from = 1;
- }
- if (strcmp(line, "\n") == 0 && !had_headers) {
- had_headers = 1;
- while (!had_date || !had_messagid || !had_from) {
- if (!had_date) {
- had_date = 1;
- snprintf(line, sizeof(line), "Date: %s\n", rfc822date());
- } else if (!had_messagid) {
- /* XXX better msgid, assign earlier and log? */
- had_messagid = 1;
- snprintf(line, sizeof(line), "Message-Id: <%s@%s>\n",
- queue->id, hostname());
- } else if (!had_from) {
- had_from = 1;
- snprintf(line, sizeof(line), "From: <%s>\n", sender);
- }
- if (fwrite(line, strlen(line), 1, queue->mailf) != 1)
- return (-1);
- }
- strcpy(line, "\n");
- }
- if (!nodot && linelen == 2 && line[0] == '.')
- break;
- if (fwrite(line, strlen(line), 1, queue->mailf) != 1)
- return (-1);
- }
-
- return (0);
-}
-
static struct qitem *
go_background(struct queue *queue)
{
if (daemonize && daemon(0, 0) != 0) {
syslog(LOG_ERR, "can not daemonize: %m");
- exit(1);
+ exit(EX_OSERR);
}
daemonize = 0;
bzero(&sa, sizeof(sa));
- sa.sa_flags = SA_NOCLDWAIT;
sa.sa_handler = SIG_IGN;
sigaction(SIGCHLD, &sa, NULL);
switch (pid) {
case -1:
syslog(LOG_ERR, "can not fork: %m");
- exit(1);
+ exit(EX_OSERR);
break;
case 0:
*/
retit:
/*
- * If necessary, aquire the queue and * mail files.
+ * If necessary, acquire the queue and * mail files.
* If this fails, we probably were raced by another
- * process.
+ * process. It is okay to be raced if we're supposed
+ * to flush the queue.
*/
setlogident("%s", it->queueid);
- if (aquirespool(it) < 0)
- exit(1);
+ switch (acquirespool(it)) {
+ case 0:
+ break;
+ case 1:
+ if (doqueue)
+ exit(EX_OK);
+ syslog(LOG_WARNING, "could not lock queue file");
+ exit(EX_SOFTWARE);
+ default:
+ exit(EX_SOFTWARE);
+ }
dropspool(queue, it);
return (it);
}
syslog(LOG_CRIT, "reached dead code");
- exit(1);
-}
-
-static void
-bounce(struct qitem *it, const char *reason)
-{
- struct queue bounceq;
- struct qitem *bit;
- char line[1000];
- size_t pos;
- int error;
-
- /* Don't bounce bounced mails */
- if (it->sender[0] == 0) {
- syslog(LOG_INFO, "can not bounce a bounce message, discarding");
- exit(1);
- }
-
- LIST_INIT(&bounceq.queue);
- if (add_recp(&bounceq, it->sender, "", 1) != 0)
- goto fail;
-
- if (newspoolf(&bounceq, "") != 0)
- goto fail;
-
- syslog(LOG_ERR, "delivery failed, bouncing as %s", bounceq.id);
- setlogident("%s", bounceq.id);
-
- error = fprintf(bounceq.mailf,
- "Received: from MAILER-DAEMON\n"
- "\tid %s\n"
- "\tby %s (%s)\n"
- "\t%s\n"
- "X-Original-To: <%s>\n"
- "From: MAILER-DAEMON <>\n"
- "To: %s\n"
- "Subject: Mail delivery failed\n"
- "Message-Id: <%s@%s>\n"
- "Date: %s\n"
- "\n"
- "This is the %s at %s.\n"
- "\n"
- "There was an error delivering your mail to <%s>.\n"
- "\n"
- "%s\n"
- "\n"
- "%s\n"
- "\n",
- bounceq.id,
- hostname(), VERSION,
- rfc822date(),
- it->addr,
- it->sender,
- bounceq.id, hostname(),
- rfc822date(),
- VERSION, hostname(),
- it->addr,
- reason,
- config->features & FULLBOUNCE ?
- "Original message follows." :
- "Message headers follow.");
- if (error < 0)
- goto fail;
-
- if (fseek(it->mailf, it->hdrlen, SEEK_SET) != 0)
- goto fail;
- if (config->features & FULLBOUNCE) {
- while ((pos = fread(line, 1, sizeof(line), it->mailf)) > 0) {
- if (fwrite(line, 1, pos, bounceq.mailf) != pos)
- goto fail;
- }
- } else {
- while (!feof(it->mailf)) {
- if (fgets(line, sizeof(line), it->mailf) == NULL)
- break;
- if (line[0] == '\n')
- break;
- if (fwrite(line, strlen(line), 1, bounceq.mailf) != 1)
- goto fail;
- }
- }
-
- if (linkspool(&bounceq, "") != 0)
- goto fail;
- /* bounce is safe */
-
- delqueue(it);
-
- bit = go_background(&bounceq);
- deliver(bit);
- /* NOTREACHED */
-
-fail:
- syslog(LOG_CRIT, "error creating bounce: %m");
- delqueue(it);
- exit(1);
+ exit(EX_SOFTWARE);
}
static void
deliver(struct qitem *it)
{
int error;
- unsigned int backoff = MIN_RETRY;
- const char *errmsg = "unknown bounce reason";
+ unsigned int backoff = MIN_RETRY, slept;
struct timeval now;
struct stat st;
+ snprintf(errmsg, sizeof(errmsg), "unknown bounce reason");
+
retry:
- syslog(LOG_INFO, "trying delivery");
+ syslog(LOG_INFO, "<%s> trying delivery", it->addr);
if (it->remote)
- error = deliver_remote(it, &errmsg);
+ error = deliver_remote(it);
else
- error = deliver_local(it, &errmsg);
+ error = deliver_local(it);
switch (error) {
case 0:
delqueue(it);
- syslog(LOG_INFO, "delivery successful");
- exit(0);
+ syslog(LOG_INFO, "<%s> delivery successful", it->addr);
+ exit(EX_OK);
case 1:
if (stat(it->queuefn, &st) != 0) {
syslog(LOG_ERR, "lost queue file `%s'", it->queuefn);
- exit(1);
+ exit(EX_SOFTWARE);
}
if (gettimeofday(&now, NULL) == 0 &&
- (now.tv_sec - st.st_mtimespec.tv_sec > MAX_TIMEOUT)) {
- asprintf(__DECONST(void *, &errmsg),
+ (now.tv_sec - st.st_mtim.tv_sec > MAX_TIMEOUT)) {
+ snprintf(errmsg, sizeof(errmsg),
"Could not deliver for the last %d seconds. Giving up.",
MAX_TIMEOUT);
goto bounce;
}
- sleep(backoff);
- backoff *= 2;
- if (backoff > MAX_RETRY)
- backoff = MAX_RETRY;
+ for (slept = 0; slept < backoff;) {
+ slept += SLEEP_TIMEOUT - sleep(SLEEP_TIMEOUT);
+ if (flushqueue_since(slept)) {
+ backoff = MIN_RETRY;
+ goto retry;
+ }
+ }
+ if (slept >= backoff) {
+ /* pick the next backoff between [1.5, 2.5) times backoff */
+ backoff = backoff + backoff / 2 + random() % backoff;
+ if (backoff > MAX_RETRY)
+ backoff = MAX_RETRY;
+ }
goto retry;
case -1:
/* NOTREACHED */
}
-static void
+void
run_queue(struct queue *queue)
{
struct qitem *it;
LIST_FOREACH(it, &queue->queue, next) {
printf("ID\t: %s%s\n"
"From\t: %s\n"
- "To\t: %s\n"
- "--\n",
+ "To\t: %s\n",
it->queueid,
locked ? "*" : "",
it->sender, it->addr);
+
+ if (LIST_NEXT(it, next) != NULL)
+ printf("--\n");
}
}
int
main(int argc, char **argv)
{
+ struct sigaction act;
char *sender = NULL;
- struct qitem *it;
struct queue queue;
- struct queue lqueue;
int i, ch;
- int nodot = 0, doqueue = 0, showq = 0;
+ int nodot = 0, showq = 0, queue_only = 0;
+ int recp_from_header = 0;
+
+ set_username();
+
+ /*
+ * We never run as root. If called by root, drop permissions
+ * to the mail user.
+ */
+ if (geteuid() == 0 || getuid() == 0) {
+ struct passwd *pw;
+
+ errno = 0;
+ pw = getpwnam(DMA_ROOT_USER);
+ if (pw == NULL) {
+ if (errno == 0)
+ errx(EX_CONFIG, "user '%s' not found", DMA_ROOT_USER);
+ else
+ err(EX_OSERR, "cannot drop root privileges");
+ }
+
+ if (setuid(pw->pw_uid) != 0)
+ err(EX_OSERR, "cannot drop root privileges");
+
+ if (geteuid() == 0 || getuid() == 0)
+ errx(EX_OSERR, "cannot drop root privileges");
+ }
atexit(deltmp);
+ init_random();
+
+ bzero(&queue, sizeof(queue));
LIST_INIT(&queue.queue);
if (strcmp(argv[0], "mailq") == 0) {
argv++; argc--;
showq = 1;
if (argc != 0)
- errx(1, "invalid arguments");
+ errx(EX_USAGE, "invalid arguments");
goto skipopts;
+ } else if (strcmp(argv[0], "newaliases") == 0) {
+ logident_base = "dma";
+ setlogident(NULL);
+
+ if (read_aliases() != 0)
+ errx(EX_SOFTWARE, "could not parse aliases file `%s'", config.aliases);
+ exit(EX_OK);
}
opterr = 0;
- while ((ch = getopt(argc, argv, "A:b:B:C:d:Df:F:h:iL:N:no:O:q:r:R:UV:vX:")) != -1) {
+ while ((ch = getopt(argc, argv, ":A:b:B:C:d:Df:F:h:iL:N:no:O:q:r:R:tUV:vX:")) != -1) {
switch (ch) {
case 'A':
/* -AX is being ignored, except for -A{c,m} */
if (optarg[0] == 'p') {
showq = 1;
break;
+ } else if (optarg[0] == 'q') {
+ queue_only = 1;
+ break;
}
/* else FALLTRHOUGH */
case 'D':
sender = optarg;
break;
+ case 't':
+ recp_from_header = 1;
+ break;
+
case 'o':
/* -oX is being ignored, except for -oi */
if (optarg[0] != 'i')
break;
case 'q':
+ /* Don't let getopt slup up other arguments */
+ if (optarg && *optarg == '-')
+ optind--;
doqueue = 1;
break;
case 'X':
break;
+ case ':':
+ if (optopt == 'q') {
+ doqueue = 1;
+ break;
+ }
+ /* FALLTHROUGH */
+
default:
- exit(1);
+ fprintf(stderr, "invalid argument: `-%c'\n", optopt);
+ exit(EX_USAGE);
}
}
argc -= optind;
opterr = 1;
if (argc != 0 && (showq || doqueue))
- errx(1, "sending mail and queue operations are mutually exclusive");
+ errx(EX_USAGE, "sending mail and queue operations are mutually exclusive");
if (showq + doqueue > 1)
- errx(1, "conflicting queue operations");
+ errx(EX_USAGE, "conflicting queue operations");
skipopts:
if (logident_base == NULL)
logident_base = "dma";
setlogident(NULL);
- set_username();
- /* XXX fork root here */
+ act.sa_handler = sighup_handler;
+ act.sa_flags = 0;
+ sigemptyset(&act.sa_mask);
+ if (sigaction(SIGHUP, &act, NULL) != 0)
+ syslog(LOG_WARNING, "can not set signal handler: %m");
- config = calloc(1, sizeof(*config));
- if (config == NULL)
- errlog(1, NULL);
-
- if (parse_conf(CONF_PATH) < 0) {
- free(config);
- errlog(1, "can not read config file");
- }
+ parse_conf(CONF_PATH "/dma.conf");
- if (config->features & VIRTUAL)
- if (parse_virtuser(config->virtualpath) < 0)
- errlog(1, "can not read virtual user file `%s'",
- config->virtualpath);
-
- if (parse_authfile(config->authpath) < 0)
- errlog(1, "can not read SMTP authentication file");
+ if (config.authpath != NULL)
+ parse_authfile(config.authpath);
if (showq) {
- if (load_queue(&lqueue) < 0)
- errlog(1, "can not load queue");
- show_queue(&lqueue);
+ if (load_queue(&queue) < 0)
+ errlog(EX_NOINPUT, "can not load queue");
+ show_queue(&queue);
return (0);
}
if (doqueue) {
- if (load_queue(&lqueue) < 0)
- errlog(1, "can not load queue");
- run_queue(&lqueue);
+ flushqueue_signal();
+ if (load_queue(&queue) < 0)
+ errlog(EX_NOINPUT, "can not load queue");
+ run_queue(&queue);
return (0);
}
if (read_aliases() != 0)
- errlog(1, "can not read aliases file `%s'", config->aliases);
+ errlog(EX_SOFTWARE, "could not parse aliases file `%s'", config.aliases);
+
+ if ((sender = set_from(&queue, sender)) == NULL)
+ errlog(EX_SOFTWARE, NULL);
- if ((sender = set_from(sender)) == NULL)
- errlog(1, NULL);
+ if (newspoolf(&queue) != 0)
+ errlog(EX_CANTCREAT, "can not create temp file in `%s'", config.spooldir);
+
+ setlogident("%s", queue.id);
for (i = 0; i < argc; i++) {
- if (add_recp(&queue, argv[i], sender, 1) != 0)
- errlogx(1, "invalid recipient `%s'", argv[i]);
+ if (add_recp(&queue, argv[i], EXPAND_WILDCARD) != 0)
+ errlogx(EX_DATAERR, "invalid recipient `%s'", argv[i]);
}
- if (LIST_EMPTY(&queue.queue))
- errlogx(1, "no recipients");
-
- if (newspoolf(&queue, sender) != 0)
- errlog(1, "can not create temp file");
+ if (LIST_EMPTY(&queue.queue) && !recp_from_header)
+ errlogx(EX_NOINPUT, "no recipients");
- setlogident("%s", queue.id);
+ if (readmail(&queue, nodot, recp_from_header) != 0)
+ errlog(EX_NOINPUT, "can not read mail");
- if (readmail(&queue, sender, nodot) != 0)
- errlog(1, "can not read mail");
+ if (LIST_EMPTY(&queue.queue))
+ errlogx(EX_NOINPUT, "no recipients");
- if (linkspool(&queue, sender) != 0)
- errlog(1, "can not create spools");
+ if (linkspool(&queue) != 0)
+ errlog(EX_CANTCREAT, "can not create spools");
/* From here on the mail is safe. */
- if (config->features & DEFER)
+ if (config.features & DEFER || queue_only)
return (0);
- it = go_background(&queue);
- deliver(it);
+ run_queue(&queue);
/* NOTREACHED */
return (0);