projects / exim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Faffing around with tests.
[exim.git] / src / src / spool_in.c
CommitLineData
38a0a95f 1/* $Cambridge: exim/src/src/spool_in.c,v 1.16 2006/09/19 11:28:45 ph10 Exp $ */
059ec3d9
PH		 2
3/*************************************************
4* Exim - an Internet mail transport agent *
5*************************************************/
6
d7d7b7b9 7/* Copyright (c) University of Cambridge 1995 - 2006 */
059ec3d9
PH		 8/* See the file NOTICE for conditions of use and distribution. */
9
10/* Functions for reading spool files. When compiling for a utility (eximon),
11not all are needed, and some functionality can be cut out. */
12
13
14#include "exim.h"
15
16
17
18#ifndef COMPILE_UTILITY
19/*************************************************
20* Open and lock data file *
21*************************************************/
22
23/* The data file is the one that is used for locking, because the header file
24can get replaced during delivery because of header rewriting. The file has
25to opened with write access so that we can get an exclusive lock, but in
26fact it won't be written to. Just in case there's a major disaster (e.g.
27overwriting some other file descriptor with the value of this one), open it
28with append.
29
30Argument: the id of the message
31Returns: TRUE if file successfully opened and locked
32
33Side effect: deliver_datafile is set to the fd of the open file.
34*/
35
36BOOL
37spool_open_datafile(uschar *id)
38{
39int i;
40struct stat statbuf;
41flock_t lock_data;
42uschar spoolname[256];
43
44/* If split_spool_directory is set, first look for the file in the appropriate
45sub-directory of the input directory. If it is not found there, try the input
46directory itself, to pick up leftovers from before the splitting. If split_
47spool_directory is not set, first look in the main input directory. If it is
48not found there, try the split sub-directory, in case it is left over from a
49splitting state. */
50
51for (i = 0; i < 2; i++)
52 {
53 int save_errno;
54 message_subdir[0] = (split_spool_directory == (i == 0))? id[5] : 0;
55 sprintf(CS spoolname, "%s/input/%s/%s-D", spool_directory, message_subdir, id);
56 deliver_datafile = Uopen(spoolname, O_RDWR | O_APPEND, 0);
57 if (deliver_datafile >= 0) break;
58 save_errno = errno;
59 if (errno == ENOENT)
60 {
61 if (i == 0) continue;
62 if (!queue_running)
63 log_write(0, LOG_MAIN, "Spool file %s-D not found", id);
64 }
65 else log_write(0, LOG_MAIN, "Spool error for %s: %s", spoolname,
66 strerror(errno));
67 errno = save_errno;
68 return FALSE;
69 }
70
71/* File is open and message_subdir is set. Set the close-on-exec flag, and lock
72the file. We lock only the first line of the file (containing the message ID)
73because this apparently is needed for running Exim under Cygwin. If the entire
74file is locked in one process, a sub-process cannot access it, even when passed
75an open file descriptor (at least, I think that's the Cygwin story). On real
76Unix systems it doesn't make any difference as long as Exim is consistent in
77what it locks. */
78
ff790e47 79(void)fcntl(deliver_datafile, F_SETFD, fcntl(deliver_datafile, F_GETFD) |
059ec3d9
PH		 80 FD_CLOEXEC);
81
82lock_data.l_type = F_WRLCK;
83lock_data.l_whence = SEEK_SET;
84lock_data.l_start = 0;
85lock_data.l_len = SPOOL_DATA_START_OFFSET;
86
87if (fcntl(deliver_datafile, F_SETLK, &lock_data) < 0)
88 {
89 log_write(L_skip_delivery,
90 LOG_MAIN,
91 "Spool file is locked (another process is handling this message)");
f1e894f3 92 (void)close(deliver_datafile);
059ec3d9
PH		 93 deliver_datafile = -1;
94 errno = 0;
95 return FALSE;
96 }
97
98/* Get the size of the data; don't include the leading filename line
99in the count, but add one for the newline before the data. */
100
101if (fstat(deliver_datafile, &statbuf) == 0)
102 {
103 message_body_size = statbuf.st_size - SPOOL_DATA_START_OFFSET;
104 message_size = message_body_size + 1;
105 }
106
107return TRUE;
108}
109#endif /* COMPILE_UTILITY */
110
111
112
113/*************************************************
114* Read non-recipients tree from spool file *
115*************************************************/
116
117/* The tree of non-recipients is written to the spool file in a form that
118makes it easy to read back into a tree. The format is as follows:
119
120 . Each node is preceded by two letter(Y/N) indicating whether it has left
121 or right children. There's one space after the two flags, before the name.
122
123 . The left subtree (if any) then follows, then the right subtree (if any).
124
125This function is entered with the next input line in the buffer. Note we must
126save the right flag before recursing with the same buffer.
127
128Once the tree is read, we re-construct the balance fields by scanning the tree.
129I forgot to write them out originally, and the compatible fix is to do it this
130way. This initial local recursing function does the necessary.
131
132Arguments:
133 node tree node
134
135Returns: maximum depth below the node, including the node itself
136*/
137
138static int
139count_below(tree_node *node)
140{
141int nleft, nright;
142if (node == NULL) return 0;
143nleft = count_below(node->left);
144nright = count_below(node->right);
145node->balance = (nleft > nright)? 1 : ((nright > nleft)? 2 : 0);
146return 1 + ((nleft > nright)? nleft : nright);
147}
148
149/* This is the real function...
150
151Arguments:
152 connect pointer to the root of the tree
153 f FILE to read data from
154 buffer contains next input line; further lines read into it
155 buffer_size size of the buffer
156
157Returns: FALSE on format error
158*/
159
160static BOOL
161read_nonrecipients_tree(tree_node **connect, FILE *f, uschar *buffer,
162 int buffer_size)
163{
164tree_node *node;
165int n = Ustrlen(buffer);
166BOOL right = buffer[1] == 'Y';
167
168if (n < 5) return FALSE; /* malformed line */
169buffer[n-1] = 0; /* Remove \n */
170node = store_get(sizeof(tree_node) + n - 3);
171*connect = node;
172Ustrcpy(node->name, buffer + 3);
173node->data.ptr = NULL;
174
175if (buffer[0] == 'Y')
176 {
177 if (Ufgets(buffer, buffer_size, f) == NULL ||
178 !read_nonrecipients_tree(&node->left, f, buffer, buffer_size))
179 return FALSE;
180 }
181else node->left = NULL;
182
183if (right)
184 {
185 if (Ufgets(buffer, buffer_size, f) == NULL ||
186 !read_nonrecipients_tree(&node->right, f, buffer, buffer_size))
187 return FALSE;
188 }
189else node->right = NULL;
190
191(void) count_below(*connect);
192return TRUE;
193}
194
195
196
197
198/*************************************************
199* Read spool header file *
200*************************************************/
201
202/* This function reads a spool header file and places the data into the
203appropriate global variables. The header portion is always read, but header
204structures are built only if read_headers is set true. It isn't, for example,
205while generating -bp output.
206
207It may be possible for blocks of nulls (binary zeroes) to get written on the
208end of a file if there is a system crash during writing. It was observed on an
209earlier version of Exim that omitted to fsync() the files - this is thought to
210have been the cause of that incident, but in any case, this code must be robust
211against such an event, and if such a file is encountered, it must be treated as
212malformed.
213
214Arguments:
215 name name of the header file, including the -H
216 read_headers TRUE if in-store header structures are to be built
217 subdir_set TRUE is message_subdir is already set
218
219Returns: spool_read_OK success
220 spool_read_notopen open failed
221 spool_read_enverror error in the envelope portion
222 spool_read_hdrdrror error in the header portion
223*/
224
225int
226spool_read_header(uschar *name, BOOL read_headers, BOOL subdir_set)
227{
228FILE *f = NULL;
229int n;
230int rcount = 0;
231long int uid, gid;
232BOOL inheader = FALSE;
1e70f85b 233uschar *p;
059ec3d9
PH		 234
235/* Reset all the global variables to their default values. However, there is
236one exception. DO NOT change the default value of dont_deliver, because it may
237be forced by an external setting. */
238
38a0a95f 239acl_var_c = acl_var_m = NULL;
059ec3d9
PH		 240authenticated_id = NULL;
241authenticated_sender = NULL;
242allow_unqualified_recipient = FALSE;
243allow_unqualified_sender = FALSE;
244body_linecount = 0;
245body_zerocount = 0;
246deliver_firsttime = FALSE;
247deliver_freeze = FALSE;
248deliver_frozen_at = 0;
249deliver_manual_thaw = FALSE;
250/* dont_deliver must NOT be reset */
251header_list = header_last = NULL;
b08b24c8 252host_lookup_deferred = FALSE;
059ec3d9
PH		 253host_lookup_failed = FALSE;
254interface_address = NULL;
255interface_port = 0;
256local_error_message = FALSE;
257local_scan_data = NULL;
258message_linecount = 0;
259received_protocol = NULL;
260received_count = 0;
261recipients_list = NULL;
262sender_address = NULL;
263sender_fullhost = NULL;
264sender_helo_name = NULL;
265sender_host_address = NULL;
266sender_host_name = NULL;
267sender_host_port = 0;
268sender_host_authenticated = NULL;
269sender_ident = NULL;
270sender_local = FALSE;
271sender_set_untrusted = FALSE;
1f5b4c3d 272smtp_active_hostname = primary_hostname;
059ec3d9
PH		 273tree_nonrecipients = NULL;
274
8523533c
TK		 275#ifdef EXPERIMENTAL_BRIGHTMAIL
276bmi_run = 0;
277bmi_verdicts = NULL;
278#endif
279
fb2274d4
TK		 280#ifdef EXPERIMENTAL_DOMAINKEYS
281dk_do_verify = 0;
282#endif
283
059ec3d9
PH		 284#ifdef SUPPORT_TLS
285tls_certificate_verified = FALSE;
286tls_cipher = NULL;
287tls_peerdn = NULL;
288#endif
289
8523533c 290#ifdef WITH_CONTENT_SCAN
8523533c
TK		 291spam_score_int = NULL;
292#endif
293
059ec3d9
PH		 294/* Generate the full name and open the file. If message_subdir is already
295set, just look in the given directory. Otherwise, look in both the split
296and unsplit directories, as for the data file above. */
297
298for (n = 0; n < 2; n++)
299 {
300 if (!subdir_set)
301 message_subdir[0] = (split_spool_directory == (n == 0))? name[5] : 0;
302 sprintf(CS big_buffer, "%s/input/%s/%s", spool_directory, message_subdir,
303 name);
304 f = Ufopen(big_buffer, "rb");
305 if (f != NULL) break;
306 if (n != 0 || subdir_set || errno != ENOENT) return spool_read_notopen;
307 }
308
309errno = 0;
310
311#ifndef COMPILE_UTILITY
312DEBUG(D_deliver) debug_printf("reading spool file %s\n", name);
313#endif /* COMPILE_UTILITY */
314
315/* The first line of a spool file contains the message id followed by -H (i.e.
316the file name), in order to make the file self-identifying. */
317
318if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
319if (Ustrlen(big_buffer) != MESSAGE_ID_LENGTH + 3 ||
320 Ustrncmp(big_buffer, name, MESSAGE_ID_LENGTH + 2) != 0)
321 goto SPOOL_FORMAT_ERROR;
322
323/* The next three lines in the header file are in a fixed format. The first
324contains the login, uid, and gid of the user who caused the file to be written.
ebb6e6d5
PH		 325There are known cases where a negative gid is used, so we allow for both
326negative uids and gids. The second contains the mail address of the message's
327sender, enclosed in <>. The third contains the time the message was received,
328and the number of warning messages for delivery delays that have been sent. */
059ec3d9
PH		 329
330if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
331
1e70f85b
PH		 332p = big_buffer + Ustrlen(big_buffer);
333while (p > big_buffer && isspace(p[-1])) p--;
334*p = 0;
335if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
ebb6e6d5 336while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
1e70f85b
PH		 337gid = Uatoi(p);
338if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
339*p = 0;
340if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
ebb6e6d5 341while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
1e70f85b
PH		 342uid = Uatoi(p);
343if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
344*p = 0;
8e669ac1 345
1e70f85b 346originator_login = string_copy(big_buffer);
059ec3d9
PH		 347originator_uid = (uid_t)uid;
348originator_gid = (gid_t)gid;
349
350if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
351n = Ustrlen(big_buffer);
352if (n < 3 || big_buffer[0] != '<' || big_buffer[n-2] != '>')
353 goto SPOOL_FORMAT_ERROR;
354
355sender_address = store_get(n-2);
356Ustrncpy(sender_address, big_buffer+1, n-3);
357sender_address[n-3] = 0;
358
359if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
360if (sscanf(CS big_buffer, "%d %d", &received_time, &warning_count) != 2)
361 goto SPOOL_FORMAT_ERROR;
362
363message_age = time(NULL) - received_time;
364
365#ifndef COMPILE_UTILITY
366DEBUG(D_deliver) debug_printf("user=%s uid=%ld gid=%ld sender=%s\n",
367 originator_login, (long int)originator_uid, (long int)originator_gid,
368 sender_address);
369#endif /* COMPILE_UTILITY */
370
371/* Now there may be a number of optional lines, each starting with "-".
372If you add a new setting here, make sure you set the default above. */
373
374for (;;)
375 {
376 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
377 if (big_buffer[0] != '-') break;
059ec3d9 378 big_buffer[Ustrlen(big_buffer) - 1] = 0;
47ca6d6c 379
38a0a95f
PH		 380 /* For long-term backward compatibility, we recognize "-acl", which was used
381 before the number of ACL variables changed from 10 to 20. This was before the
382 subsequent change to an arbitrary number of named variables. This code is
383 retained so that upgrades from very old versions can still handle old-format
384 spool files. The value given after "-acl" is a number that is 0-9 for
385 connection variables, and 10-19 for message variables. */
47ca6d6c 386
059ec3d9
PH		 387 if (Ustrncmp(big_buffer, "-acl ", 5) == 0)
388 {
389 int index, count;
38a0a95f
PH		 390 uschar name[4];
391 tree_node *node;
392
059ec3d9
PH		 393 if (sscanf(CS big_buffer + 5, "%d %d", &index, &count) != 2)
394 goto SPOOL_FORMAT_ERROR;
47ca6d6c 395
38a0a95f
PH		 396 (void) string_format(name, 4, "%c%d", (index < 10 ? 'c' : 'm'), index);
397 node = acl_var_create(name);
398 node->data.ptr = store_get(count + 1);
47ca6d6c 399
38a0a95f
PH		 400 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
401 ((uschar*)node->data.ptr)[count] = 0;
059ec3d9 402 }
47ca6d6c 403
38a0a95f
PH		 404 /* Nowadays we use "-aclc" and "-aclm" for the different types of ACL
405 variable, because Exim allows any number of them, with arbitrary names.
406 The line in the spool file is "-acl[cm] <name> <length>". The name excludes
407 the c or m. */
408
409 else if (Ustrncmp(big_buffer, "-aclc ", 6) == 0 ||
410 Ustrncmp(big_buffer, "-aclm ", 6) == 0)
47ca6d6c 411 {
38a0a95f
PH		 412 uschar *name, *endptr;
413 int count;
414 tree_node *node;
415
416 endptr = Ustrchr(big_buffer + 6, ' ');
417 if (endptr == NULL) goto SPOOL_FORMAT_ERROR;
418 name = string_sprintf("%c%.*s", big_buffer[4], endptr - big_buffer - 6,
419 big_buffer + 6);
420 if (sscanf(CS endptr, " %d", &count) != 1) goto SPOOL_FORMAT_ERROR;
421
422 node = acl_var_create(name);
423 node->data.ptr = store_get(count + 1);
424 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
425 ((uschar*)node->data.ptr)[count] = 0;
47ca6d6c
PH		 426 }
427
428 /* Other values */
429
059ec3d9
PH		 430 else if (Ustrcmp(big_buffer, "-local") == 0) sender_local = TRUE;
431 else if (Ustrcmp(big_buffer, "-localerror") == 0)
432 local_error_message = TRUE;
433 else if (Ustrncmp(big_buffer, "-local_scan ", 12) == 0)
434 local_scan_data = string_copy(big_buffer + 12);
8e669ac1 435#ifdef WITH_CONTENT_SCAN
8523533c 436 else if (Ustrncmp(big_buffer, "-spam_score_int ", 16) == 0)
8e669ac1 437 spam_score_int = string_copy(big_buffer + 16);
8523533c
TK		 438#endif
439#ifdef EXPERIMENTAL_BRIGHTMAIL
440 else if (Ustrncmp(big_buffer, "-bmi_verdicts ", 14) == 0)
441 bmi_verdicts = string_copy(big_buffer + 14);
442#endif
b08b24c8
PH		 443 else if (Ustrcmp(big_buffer, "-host_lookup_deferred") == 0)
444 host_lookup_deferred = TRUE;
059ec3d9
PH		 445 else if (Ustrcmp(big_buffer, "-host_lookup_failed") == 0)
446 host_lookup_failed = TRUE;
447 else if (Ustrncmp(big_buffer, "-body_linecount", 15) == 0)
448 body_linecount = Uatoi(big_buffer + 15);
449 else if (Ustrncmp(big_buffer, "-body_zerocount", 15) == 0)
450 body_zerocount = Uatoi(big_buffer + 15);
451 else if (Ustrncmp(big_buffer, "-frozen", 7) == 0)
452 {
453 deliver_freeze = TRUE;
454 deliver_frozen_at = Uatoi(big_buffer + 7);
455 }
456 else if (Ustrcmp(big_buffer, "-allow_unqualified_recipient") == 0)
457 allow_unqualified_recipient = TRUE;
458 else if (Ustrcmp(big_buffer, "-allow_unqualified_sender") == 0)
459 allow_unqualified_sender = TRUE;
460 else if (Ustrcmp(big_buffer, "-deliver_firsttime") == 0)
461 deliver_firsttime = TRUE;
462 else if (Ustrcmp(big_buffer, "-manual_thaw") == 0)
463 deliver_manual_thaw = TRUE;
464 else if (Ustrncmp(big_buffer, "-auth_id", 8) == 0)
465 authenticated_id = string_copy(big_buffer + 9);
466 else if (Ustrncmp(big_buffer, "-auth_sender", 12) == 0)
467 authenticated_sender = string_copy(big_buffer + 13);
468 else if (Ustrncmp(big_buffer, "-sender_set_untrusted", 21) == 0)
469 sender_set_untrusted = TRUE;
470
471 #ifdef SUPPORT_TLS
472 else if (Ustrncmp(big_buffer, "-tls_certificate_verified", 25) == 0)
473 tls_certificate_verified = TRUE;
474 else if (Ustrncmp(big_buffer, "-tls_cipher", 11) == 0)
475 tls_cipher = string_copy(big_buffer + 12);
476 else if (Ustrncmp(big_buffer, "-tls_peerdn", 11) == 0)
477 tls_peerdn = string_copy(big_buffer + 12);
478 #endif
479
480 /* We now record the port number after the address, separated by a
481 dot. For compatibility during upgrading, do nothing if there
482 isn't a value (it gets left at zero). */
483
484 else if (Ustrncmp(big_buffer, "-host_address", 13) == 0)
485 {
7cd1141b 486 sender_host_port = host_address_extract_port(big_buffer + 14);
059ec3d9
PH		 487 sender_host_address = string_copy(big_buffer + 14);
488 }
489
490 else if (Ustrncmp(big_buffer, "-interface_address", 18) == 0)
491 {
7cd1141b 492 interface_port = host_address_extract_port(big_buffer + 19);
059ec3d9
PH		 493 interface_address = string_copy(big_buffer + 19);
494 }
495
1f5b4c3d 496 else if (Ustrncmp(big_buffer, "-active_hostname", 16) == 0)
8e669ac1 497 smtp_active_hostname = string_copy(big_buffer + 17);
059ec3d9
PH		 498 else if (Ustrncmp(big_buffer, "-host_auth", 10) == 0)
499 sender_host_authenticated = string_copy(big_buffer + 11);
500 else if (Ustrncmp(big_buffer, "-host_name", 10) == 0)
501 sender_host_name = string_copy(big_buffer + 11);
502 else if (Ustrncmp(big_buffer, "-helo_name", 10) == 0)
503 sender_helo_name = string_copy(big_buffer + 11);
504 else if (Ustrncmp(big_buffer, "-ident", 6) == 0)
505 sender_ident = string_copy(big_buffer + 7);
506 else if (Ustrncmp(big_buffer, "-received_protocol", 18) == 0)
507 received_protocol = string_copy(big_buffer + 19);
508 else if (Ustrncmp(big_buffer, "-N", 2) == 0)
509 dont_deliver = TRUE;
510
511 /* To allow new versions of Exim that add additional flags to interwork
512 with older versions that do not understand them, just ignore any flagged
513 lines that we don't recognize. Otherwise it wouldn't be possible to back
514 off a new version that left new-style flags written on the spool. That's
515 why the following line is commented out. */
516
517 /* else goto SPOOL_FORMAT_ERROR; */
518 }
519
520/* Build sender_fullhost if required */
521
522#ifndef COMPILE_UTILITY
523host_build_sender_fullhost();
524#endif /* COMPILE_UTILITY */
525
526#ifndef COMPILE_UTILITY
527DEBUG(D_deliver)
528 debug_printf("sender_local=%d ident=%s\n", sender_local,
529 (sender_ident == NULL)? US"unset" : sender_ident);
530#endif /* COMPILE_UTILITY */
531
532/* We now have the tree of addresses NOT to deliver to, or a line
533containing "XX", indicating no tree. */
534
535if (Ustrncmp(big_buffer, "XX\n", 3) != 0 &&
536 !read_nonrecipients_tree(&tree_nonrecipients, f, big_buffer, big_buffer_size))
537 goto SPOOL_FORMAT_ERROR;
538
539#ifndef COMPILE_UTILITY
540DEBUG(D_deliver)
541 {
542 debug_printf("Non-recipients:\n");
543 debug_print_tree(tree_nonrecipients);
544 }
545#endif /* COMPILE_UTILITY */
546
547/* After reading the tree, the next line has not yet been read into the
548buffer. It contains the count of recipients which follow on separate lines. */
549
550if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
551if (sscanf(CS big_buffer, "%d", &rcount) != 1) goto SPOOL_FORMAT_ERROR;
552
553#ifndef COMPILE_UTILITY
554DEBUG(D_deliver) debug_printf("recipients_count=%d\n", rcount);
555#endif /* COMPILE_UTILITY */
556
557recipients_list_max = rcount;
558recipients_list = store_get(rcount * sizeof(recipient_item));
559
560for (recipients_count = 0; recipients_count < rcount; recipients_count++)
561 {
562 int nn;
563 int pno = -1;
564 uschar *errors_to = NULL;
565 uschar *p;
566
567 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
568 nn = Ustrlen(big_buffer);
569 if (nn < 2) goto SPOOL_FORMAT_ERROR;
570
571 /* Remove the newline; this terminates the address if there is no additional
572 data on the line. */
573
574 p = big_buffer + nn - 1;
575 *p-- = 0;
576
577 /* Look back from the end of the line for digits and special terminators.
578 Since an address must end with a domain, we can tell that extra data is
579 present by the presence of the terminator, which is always some character
580 that cannot exist in a domain. (If I'd thought of the need for additional
581 data early on, I'd have put it at the start, with the address at the end. As
582 it is, we have to operate backwards. Addresses are permitted to contain
583 spaces, you see.)
584
585 This code has to cope with various versions of this data that have evolved
586 over time. In all cases, the line might just contain an address, with no
587 additional data. Otherwise, the possibilities are as follows:
588
589 Exim 3 type: <address><space><digits>,<digits>,<digits>
590
591 The second set of digits is the parent number for one_time addresses. The
592 other values were remnants of earlier experiments that were abandoned.
593
594 Exim 4 first type: <address><space><digits>
595
596 The digits are the parent number for one_time addresses.
597
598 Exim 4 new type: <address><space><data>#<type bits>
599
600 The type bits indicate what the contents of the data are.
601
602 Bit 01 indicates that, reading from right to left, the data
603 ends with <errors_to address><space><len>,<pno> where pno is
604 the parent number for one_time addresses, and len is the length
605 of the errors_to address (zero meaning none).
606 */
607
608 while (isdigit(*p)) p--;
609
610 /* Handle Exim 3 spool files */
611
612 if (*p == ',')
613 {
614 int dummy;
615 while (isdigit(*(--p)) || *p == ',');
616 if (*p == ' ')
617 {
618 *p++ = 0;
ff790e47 619 (void)sscanf(CS p, "%d,%d", &dummy, &pno);
059ec3d9
PH		 620 }
621 }
622
623 /* Handle early Exim 4 spool files */
624
625 else if (*p == ' ')
626 {
627 *p++ = 0;
ff790e47 628 (void)sscanf(CS p, "%d", &pno);
059ec3d9
PH		 629 }
630
631 /* Handle current format Exim 4 spool files */
632
633 else if (*p == '#')
634 {
635 int flags;
ff790e47 636 (void)sscanf(CS p+1, "%d", &flags);
059ec3d9
PH		 637
638 if ((flags & 0x01) != 0) /* one_time data exists */
639 {
640 int len;
641 while (isdigit(*(--p)) || *p == ',' || *p == '-');
ff790e47 642 (void)sscanf(CS p+1, "%d,%d", &len, &pno);
059ec3d9
PH		 643 *p = 0;
644 if (len > 0)
645 {
646 p -= len;
647 errors_to = string_copy(p);
648 }
649 }
650
651 *(--p) = 0; /* Terminate address */
652 }
653
654 recipients_list[recipients_count].address = string_copy(big_buffer);
655 recipients_list[recipients_count].pno = pno;
656 recipients_list[recipients_count].errors_to = errors_to;
657 }
658
659/* The remainder of the spool header file contains the headers for the message,
660separated off from the previous data by a blank line. Each header is preceded
661by a count of its length and either a certain letter (for various identified
662headers), space (for a miscellaneous live header) or an asterisk (for a header
663that has been rewritten). Count the Received: headers. We read the headers
664always, in order to check on the format of the file, but only create a header
665list if requested to do so. */
666
667inheader = TRUE;
668if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
669if (big_buffer[0] != '\n') goto SPOOL_FORMAT_ERROR;
670
671while ((n = fgetc(f)) != EOF)
672 {
673 header_line *h;
674 uschar flag[4];
675 int i;
676
677 if (!isdigit(n)) goto SPOOL_FORMAT_ERROR;
ff790e47
PH		 678 (void)ungetc(n, f);
679 (void)fscanf(f, "%d%c ", &n, flag);
059ec3d9
PH		 680 if (flag[0] != '*') message_size += n; /* Omit non-transmitted headers */
681
682 if (read_headers)
683 {
684 h = store_get(sizeof(header_line));
685 h->next = NULL;
686 h->type = flag[0];
687 h->slen = n;
688 h->text = store_get(n+1);
689
690 if (h->type == htype_received) received_count++;
691
692 if (header_list == NULL) header_list = h;
693 else header_last->next = h;
694 header_last = h;
695
696 for (i = 0; i < n; i++)
697 {
698 int c = fgetc(f);
699 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
700 if (c == '\n' && h->type != htype_old) message_linecount++;
701 h->text[i] = c;
702 }
703 h->text[i] = 0;
704 }
705
706 /* Not requiring header data, just skip through the bytes */
707
708 else for (i = 0; i < n; i++)
709 {
710 int c = fgetc(f);
711 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
712 }
713 }
714
715/* We have successfully read the data in the header file. Update the message
716line count by adding the body linecount to the header linecount. Close the file
717and give a positive response. */
718
719#ifndef COMPILE_UTILITY
720DEBUG(D_deliver) debug_printf("body_linecount=%d message_linecount=%d\n",
721 body_linecount, message_linecount);
722#endif /* COMPILE_UTILITY */
723
724message_linecount += body_linecount;
725
726fclose(f);
727return spool_read_OK;
728
729
730/* There was an error reading the spool or there was missing data,
731or there was a format error. A "read error" with no errno means an
732unexpected EOF, which we treat as a format error. */
733
734SPOOL_READ_ERROR:
735if (errno != 0)
736 {
737 n = errno;
738
739 #ifndef COMPILE_UTILITY
740 DEBUG(D_any) debug_printf("Error while reading spool file %s\n", name);
741 #endif /* COMPILE_UTILITY */
742
743 fclose(f);
744 errno = n;
745 return inheader? spool_read_hdrerror : spool_read_enverror;
746 }
747
748SPOOL_FORMAT_ERROR:
749
750#ifndef COMPILE_UTILITY
751DEBUG(D_any) debug_printf("Format error in spool file %s\n", name);
752#endif /* COMPILE_UTILITY */
753
754fclose(f);
755errno = ERRNO_SPOOLFORMAT;
756return inheader? spool_read_hdrerror : spool_read_enverror;
757}
758
759/* End of spool_in.c */
Unnamed repository; edit this file 'description' to name the repository.