projects / exim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Testsuite: be more tolerant of slow filesystem
[exim.git] / src / src / spool_in.c
CommitLineData
059ec3d9
PH		 1/*************************************************
2* Exim - an Internet mail transport agent *
3*************************************************/
4
c4ceed07 5/* Copyright (c) University of Cambridge 1995 - 2012 */
059ec3d9
PH		 6/* See the file NOTICE for conditions of use and distribution. */
7
8/* Functions for reading spool files. When compiling for a utility (eximon),
9not all are needed, and some functionality can be cut out. */
10
11
12#include "exim.h"
13
14
15
16#ifndef COMPILE_UTILITY
17/*************************************************
18* Open and lock data file *
19*************************************************/
20
21/* The data file is the one that is used for locking, because the header file
22can get replaced during delivery because of header rewriting. The file has
23to opened with write access so that we can get an exclusive lock, but in
24fact it won't be written to. Just in case there's a major disaster (e.g.
25overwriting some other file descriptor with the value of this one), open it
26with append.
27
28Argument: the id of the message
29Returns: TRUE if file successfully opened and locked
30
31Side effect: deliver_datafile is set to the fd of the open file.
32*/
33
34BOOL
35spool_open_datafile(uschar *id)
36{
37int i;
38struct stat statbuf;
39flock_t lock_data;
40uschar spoolname[256];
41
42/* If split_spool_directory is set, first look for the file in the appropriate
43sub-directory of the input directory. If it is not found there, try the input
44directory itself, to pick up leftovers from before the splitting. If split_
45spool_directory is not set, first look in the main input directory. If it is
46not found there, try the split sub-directory, in case it is left over from a
47splitting state. */
48
49for (i = 0; i < 2; i++)
50 {
51 int save_errno;
52 message_subdir[0] = (split_spool_directory == (i == 0))? id[5] : 0;
53 sprintf(CS spoolname, "%s/input/%s/%s-D", spool_directory, message_subdir, id);
54 deliver_datafile = Uopen(spoolname, O_RDWR | O_APPEND, 0);
55 if (deliver_datafile >= 0) break;
56 save_errno = errno;
57 if (errno == ENOENT)
58 {
59 if (i == 0) continue;
60 if (!queue_running)
61 log_write(0, LOG_MAIN, "Spool file %s-D not found", id);
62 }
63 else log_write(0, LOG_MAIN, "Spool error for %s: %s", spoolname,
64 strerror(errno));
65 errno = save_errno;
66 return FALSE;
67 }
68
69/* File is open and message_subdir is set. Set the close-on-exec flag, and lock
70the file. We lock only the first line of the file (containing the message ID)
71because this apparently is needed for running Exim under Cygwin. If the entire
72file is locked in one process, a sub-process cannot access it, even when passed
73an open file descriptor (at least, I think that's the Cygwin story). On real
74Unix systems it doesn't make any difference as long as Exim is consistent in
75what it locks. */
76
ff790e47 77(void)fcntl(deliver_datafile, F_SETFD, fcntl(deliver_datafile, F_GETFD) |
059ec3d9
PH		 78 FD_CLOEXEC);
79
80lock_data.l_type = F_WRLCK;
81lock_data.l_whence = SEEK_SET;
82lock_data.l_start = 0;
83lock_data.l_len = SPOOL_DATA_START_OFFSET;
84
85if (fcntl(deliver_datafile, F_SETLK, &lock_data) < 0)
86 {
87 log_write(L_skip_delivery,
88 LOG_MAIN,
89 "Spool file is locked (another process is handling this message)");
f1e894f3 90 (void)close(deliver_datafile);
059ec3d9
PH		 91 deliver_datafile = -1;
92 errno = 0;
93 return FALSE;
94 }
95
96/* Get the size of the data; don't include the leading filename line
97in the count, but add one for the newline before the data. */
98
99if (fstat(deliver_datafile, &statbuf) == 0)
100 {
101 message_body_size = statbuf.st_size - SPOOL_DATA_START_OFFSET;
102 message_size = message_body_size + 1;
103 }
104
105return TRUE;
106}
107#endif /* COMPILE_UTILITY */
108
109
110
111/*************************************************
112* Read non-recipients tree from spool file *
113*************************************************/
114
115/* The tree of non-recipients is written to the spool file in a form that
116makes it easy to read back into a tree. The format is as follows:
117
118 . Each node is preceded by two letter(Y/N) indicating whether it has left
119 or right children. There's one space after the two flags, before the name.
120
121 . The left subtree (if any) then follows, then the right subtree (if any).
122
123This function is entered with the next input line in the buffer. Note we must
124save the right flag before recursing with the same buffer.
125
126Once the tree is read, we re-construct the balance fields by scanning the tree.
127I forgot to write them out originally, and the compatible fix is to do it this
128way. This initial local recursing function does the necessary.
129
130Arguments:
131 node tree node
132
133Returns: maximum depth below the node, including the node itself
134*/
135
136static int
137count_below(tree_node *node)
138{
139int nleft, nright;
140if (node == NULL) return 0;
141nleft = count_below(node->left);
142nright = count_below(node->right);
143node->balance = (nleft > nright)? 1 : ((nright > nleft)? 2 : 0);
144return 1 + ((nleft > nright)? nleft : nright);
145}
146
147/* This is the real function...
148
149Arguments:
150 connect pointer to the root of the tree
151 f FILE to read data from
152 buffer contains next input line; further lines read into it
153 buffer_size size of the buffer
154
155Returns: FALSE on format error
156*/
157
158static BOOL
159read_nonrecipients_tree(tree_node **connect, FILE *f, uschar *buffer,
160 int buffer_size)
161{
162tree_node *node;
163int n = Ustrlen(buffer);
164BOOL right = buffer[1] == 'Y';
165
166if (n < 5) return FALSE; /* malformed line */
167buffer[n-1] = 0; /* Remove \n */
168node = store_get(sizeof(tree_node) + n - 3);
169*connect = node;
170Ustrcpy(node->name, buffer + 3);
171node->data.ptr = NULL;
172
173if (buffer[0] == 'Y')
174 {
175 if (Ufgets(buffer, buffer_size, f) == NULL ||
176 !read_nonrecipients_tree(&node->left, f, buffer, buffer_size))
177 return FALSE;
178 }
179else node->left = NULL;
180
181if (right)
182 {
183 if (Ufgets(buffer, buffer_size, f) == NULL ||
184 !read_nonrecipients_tree(&node->right, f, buffer, buffer_size))
185 return FALSE;
186 }
187else node->right = NULL;
188
189(void) count_below(*connect);
190return TRUE;
191}
192
193
194
195
196/*************************************************
197* Read spool header file *
198*************************************************/
199
200/* This function reads a spool header file and places the data into the
201appropriate global variables. The header portion is always read, but header
202structures are built only if read_headers is set true. It isn't, for example,
203while generating -bp output.
204
205It may be possible for blocks of nulls (binary zeroes) to get written on the
206end of a file if there is a system crash during writing. It was observed on an
207earlier version of Exim that omitted to fsync() the files - this is thought to
208have been the cause of that incident, but in any case, this code must be robust
209against such an event, and if such a file is encountered, it must be treated as
210malformed.
211
212Arguments:
213 name name of the header file, including the -H
214 read_headers TRUE if in-store header structures are to be built
215 subdir_set TRUE is message_subdir is already set
216
217Returns: spool_read_OK success
218 spool_read_notopen open failed
219 spool_read_enverror error in the envelope portion
220 spool_read_hdrdrror error in the header portion
221*/
222
223int
224spool_read_header(uschar *name, BOOL read_headers, BOOL subdir_set)
225{
226FILE *f = NULL;
227int n;
228int rcount = 0;
229long int uid, gid;
230BOOL inheader = FALSE;
1e70f85b 231uschar *p;
059ec3d9
PH		 232
233/* Reset all the global variables to their default values. However, there is
234one exception. DO NOT change the default value of dont_deliver, because it may
235be forced by an external setting. */
236
38a0a95f 237acl_var_c = acl_var_m = NULL;
059ec3d9
PH		 238authenticated_id = NULL;
239authenticated_sender = NULL;
240allow_unqualified_recipient = FALSE;
241allow_unqualified_sender = FALSE;
242body_linecount = 0;
243body_zerocount = 0;
244deliver_firsttime = FALSE;
245deliver_freeze = FALSE;
246deliver_frozen_at = 0;
247deliver_manual_thaw = FALSE;
248/* dont_deliver must NOT be reset */
249header_list = header_last = NULL;
b08b24c8 250host_lookup_deferred = FALSE;
059ec3d9
PH		 251host_lookup_failed = FALSE;
252interface_address = NULL;
253interface_port = 0;
254local_error_message = FALSE;
255local_scan_data = NULL;
d677b2f2 256max_received_linelength = 0;
059ec3d9
PH		 257message_linecount = 0;
258received_protocol = NULL;
259received_count = 0;
260recipients_list = NULL;
261sender_address = NULL;
262sender_fullhost = NULL;
263sender_helo_name = NULL;
264sender_host_address = NULL;
265sender_host_name = NULL;
266sender_host_port = 0;
267sender_host_authenticated = NULL;
268sender_ident = NULL;
269sender_local = FALSE;
270sender_set_untrusted = FALSE;
1f5b4c3d 271smtp_active_hostname = primary_hostname;
059ec3d9
PH		 272tree_nonrecipients = NULL;
273
8523533c
TK		 274#ifdef EXPERIMENTAL_BRIGHTMAIL
275bmi_run = 0;
276bmi_verdicts = NULL;
277#endif
278
80a47a2c 279#ifndef DISABLE_DKIM
9e5d6b55 280dkim_signers = NULL;
80a47a2c
TK		 281dkim_disable_verify = FALSE;
282dkim_collect_input = FALSE;
f7572e5a
TK		 283#endif
284
059ec3d9 285#ifdef SUPPORT_TLS
817d9f57 286tls_in.certificate_verified = FALSE;
53a7196b
JH		 287# ifdef EXPERIMENTAL_DANE
288tls_in.dane_verified = FALSE;
289# endif
817d9f57 290tls_in.cipher = NULL;
9d1c15ef
JH		 291tls_in.ourcert = NULL;
292tls_in.peercert = NULL;
817d9f57
JH		 293tls_in.peerdn = NULL;
294tls_in.sni = NULL;
44662487 295tls_in.ocsp = OCSP_NOT_REQ;
7be682ca 296#endif
059ec3d9 297
8523533c 298#ifdef WITH_CONTENT_SCAN
8523533c
TK		 299spam_score_int = NULL;
300#endif
301
7ade712c
JH		 302#if defined(EXPERIMENTAL_INTERNATIONAL) && !defined(COMPILE_UTILITY)
303message_smtputf8 = FALSE;
304#endif
305
6c1c3d1d
WB		 306dsn_ret = 0;
307dsn_envid = NULL;
6c1c3d1d 308
059ec3d9
PH		 309/* Generate the full name and open the file. If message_subdir is already
310set, just look in the given directory. Otherwise, look in both the split
311and unsplit directories, as for the data file above. */
312
313for (n = 0; n < 2; n++)
314 {
315 if (!subdir_set)
316 message_subdir[0] = (split_spool_directory == (n == 0))? name[5] : 0;
317 sprintf(CS big_buffer, "%s/input/%s/%s", spool_directory, message_subdir,
318 name);
319 f = Ufopen(big_buffer, "rb");
320 if (f != NULL) break;
321 if (n != 0 || subdir_set || errno != ENOENT) return spool_read_notopen;
322 }
323
324errno = 0;
325
326#ifndef COMPILE_UTILITY
327DEBUG(D_deliver) debug_printf("reading spool file %s\n", name);
328#endif /* COMPILE_UTILITY */
329
330/* The first line of a spool file contains the message id followed by -H (i.e.
331the file name), in order to make the file self-identifying. */
332
333if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
334if (Ustrlen(big_buffer) != MESSAGE_ID_LENGTH + 3 ||
335 Ustrncmp(big_buffer, name, MESSAGE_ID_LENGTH + 2) != 0)
336 goto SPOOL_FORMAT_ERROR;
337
338/* The next three lines in the header file are in a fixed format. The first
339contains the login, uid, and gid of the user who caused the file to be written.
ebb6e6d5
PH		 340There are known cases where a negative gid is used, so we allow for both
341negative uids and gids. The second contains the mail address of the message's
342sender, enclosed in <>. The third contains the time the message was received,
343and the number of warning messages for delivery delays that have been sent. */
059ec3d9
PH		 344
345if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
346
1e70f85b
PH		 347p = big_buffer + Ustrlen(big_buffer);
348while (p > big_buffer && isspace(p[-1])) p--;
349*p = 0;
350if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
ebb6e6d5 351while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
1e70f85b
PH		 352gid = Uatoi(p);
353if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
354*p = 0;
355if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
ebb6e6d5 356while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
1e70f85b
PH		 357uid = Uatoi(p);
358if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
359*p = 0;
8e669ac1 360
1e70f85b 361originator_login = string_copy(big_buffer);
059ec3d9
PH		 362originator_uid = (uid_t)uid;
363originator_gid = (gid_t)gid;
364
e91ad4a7 365/* envelope from */
059ec3d9
PH		 366if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
367n = Ustrlen(big_buffer);
368if (n < 3 || big_buffer[0] != '<' || big_buffer[n-2] != '>')
369 goto SPOOL_FORMAT_ERROR;
370
371sender_address = store_get(n-2);
372Ustrncpy(sender_address, big_buffer+1, n-3);
373sender_address[n-3] = 0;
374
e91ad4a7 375/* time */
059ec3d9
PH		 376if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
377if (sscanf(CS big_buffer, "%d %d", &received_time, &warning_count) != 2)
378 goto SPOOL_FORMAT_ERROR;
379
380message_age = time(NULL) - received_time;
381
382#ifndef COMPILE_UTILITY
383DEBUG(D_deliver) debug_printf("user=%s uid=%ld gid=%ld sender=%s\n",
384 originator_login, (long int)originator_uid, (long int)originator_gid,
385 sender_address);
386#endif /* COMPILE_UTILITY */
387
08955dd3
PH		 388/* Now there may be a number of optional lines, each starting with "-". If you
389add a new setting here, make sure you set the default above.
059ec3d9 390
08955dd3
PH		 391Because there are now quite a number of different possibilities, we use a
392switch on the first character to avoid too many failing tests. Thanks to Nico
393Erfurth for the patch that implemented this. I have made it even more efficient
394by not re-scanning the first two characters.
395
396To allow new versions of Exim that add additional flags to interwork with older
397versions that do not understand them, just ignore any lines starting with "-"
398that we don't recognize. Otherwise it wouldn't be possible to back off a new
399version that left new-style flags written on the spool. */
400
401p = big_buffer + 2;
059ec3d9
PH		 402for (;;)
403 {
e91ad4a7 404 int len;
059ec3d9
PH		 405 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
406 if (big_buffer[0] != '-') break;
e91ad4a7
JH		 407 while ( (len = Ustrlen(big_buffer)) == big_buffer_size-1
408 && big_buffer[len-1] != '\n'
409 )
410 { /* buffer not big enough for line; certs make this possible */
411 uschar * buf;
412 if (big_buffer_size >= BIG_BUFFER_SIZE*4) goto SPOOL_READ_ERROR;
413 buf = store_get_perm(big_buffer_size *= 2);
414 memcpy(buf, big_buffer, --len);
415 big_buffer = buf;
416 if (Ufgets(big_buffer+len, big_buffer_size-len, f) == NULL)
417 goto SPOOL_READ_ERROR;
418 }
419 big_buffer[len-1] = 0;
47ca6d6c 420
08955dd3 421 switch(big_buffer[1])
059ec3d9 422 {
08955dd3
PH		 423 case 'a':
424
425 /* Nowadays we use "-aclc" and "-aclm" for the different types of ACL
426 variable, because Exim allows any number of them, with arbitrary names.
427 The line in the spool file is "-acl[cm] <name> <length>". The name excludes
428 the c or m. */
429
430 if (Ustrncmp(p, "clc ", 4) == 0 ||
431 Ustrncmp(p, "clm ", 4) == 0)
432 {
433 uschar *name, *endptr;
434 int count;
435 tree_node *node;
436 endptr = Ustrchr(big_buffer + 6, ' ');
437 if (endptr == NULL) goto SPOOL_FORMAT_ERROR;
438 name = string_sprintf("%c%.*s", big_buffer[4], endptr - big_buffer - 6,
439 big_buffer + 6);
440 if (sscanf(CS endptr, " %d", &count) != 1) goto SPOOL_FORMAT_ERROR;
441 node = acl_var_create(name);
442 node->data.ptr = store_get(count + 1);
443 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
444 ((uschar*)node->data.ptr)[count] = 0;
445 }
446
447 else if (Ustrcmp(p, "llow_unqualified_recipient") == 0)
448 allow_unqualified_recipient = TRUE;
449 else if (Ustrcmp(p, "llow_unqualified_sender") == 0)
450 allow_unqualified_sender = TRUE;
451
452 else if (Ustrncmp(p, "uth_id", 6) == 0)
453 authenticated_id = string_copy(big_buffer + 9);
454 else if (Ustrncmp(p, "uth_sender", 10) == 0)
455 authenticated_sender = string_copy(big_buffer + 13);
456 else if (Ustrncmp(p, "ctive_hostname", 14) == 0)
457 smtp_active_hostname = string_copy(big_buffer + 17);
458
459 /* For long-term backward compatibility, we recognize "-acl", which was
460 used before the number of ACL variables changed from 10 to 20. This was
461 before the subsequent change to an arbitrary number of named variables.
462 This code is retained so that upgrades from very old versions can still
463 handle old-format spool files. The value given after "-acl" is a number
464 that is 0-9 for connection variables, and 10-19 for message variables. */
465
466 else if (Ustrncmp(p, "cl ", 3) == 0)
467 {
468 int index, count;
8dce1a6f 469 uschar name[20]; /* Need plenty of space for %d format */
08955dd3
PH		 470 tree_node *node;
471 if (sscanf(CS big_buffer + 5, "%d %d", &index, &count) != 2)
472 goto SPOOL_FORMAT_ERROR;
8dce1a6f
PH		 473 if (index < 10)
474 (void) string_format(name, sizeof(name), "%c%d", 'c', index);
475 else if (index < 20) /* ignore out-of-range index */
476 (void) string_format(name, sizeof(name), "%c%d", 'm', index - 10);
08955dd3
PH		 477 node = acl_var_create(name);
478 node->data.ptr = store_get(count + 1);
479 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
480 ((uschar*)node->data.ptr)[count] = 0;
481 }
482 break;
483
484 case 'b':
485 if (Ustrncmp(p, "ody_linecount", 13) == 0)
486 body_linecount = Uatoi(big_buffer + 15);
487 else if (Ustrncmp(p, "ody_zerocount", 13) == 0)
488 body_zerocount = Uatoi(big_buffer + 15);
e91ad4a7 489#ifdef EXPERIMENTAL_BRIGHTMAIL
08955dd3
PH		 490 else if (Ustrncmp(p, "mi_verdicts ", 12) == 0)
491 bmi_verdicts = string_copy(big_buffer + 14);
e91ad4a7 492#endif
08955dd3
PH		 493 break;
494
495 case 'd':
496 if (Ustrcmp(p, "eliver_firsttime") == 0)
497 deliver_firsttime = TRUE;
6c1c3d1d
WB		 498 /* Check if the dsn flags have been set in the header file */
499 else if (Ustrncmp(p, "sn_ret", 6) == 0)
45500060 500 dsn_ret= atoi(CS big_buffer + 8);
6c1c3d1d 501 else if (Ustrncmp(p, "sn_envid", 8) == 0)
6c1c3d1d 502 dsn_envid = string_copy(big_buffer + 11);
08955dd3
PH		 503 break;
504
505 case 'f':
506 if (Ustrncmp(p, "rozen", 5) == 0)
507 {
508 deliver_freeze = TRUE;
85098ee7 509 sscanf(CS big_buffer+7, TIME_T_FMT, &deliver_frozen_at);
08955dd3
PH		 510 }
511 break;
512
513 case 'h':
514 if (Ustrcmp(p, "ost_lookup_deferred") == 0)
515 host_lookup_deferred = TRUE;
516 else if (Ustrcmp(p, "ost_lookup_failed") == 0)
517 host_lookup_failed = TRUE;
518 else if (Ustrncmp(p, "ost_auth", 8) == 0)
519 sender_host_authenticated = string_copy(big_buffer + 11);
520 else if (Ustrncmp(p, "ost_name", 8) == 0)
521 sender_host_name = string_copy(big_buffer + 11);
522 else if (Ustrncmp(p, "elo_name", 8) == 0)
523 sender_helo_name = string_copy(big_buffer + 11);
524
525 /* We now record the port number after the address, separated by a
526 dot. For compatibility during upgrading, do nothing if there
527 isn't a value (it gets left at zero). */
528
529 else if (Ustrncmp(p, "ost_address", 11) == 0)
530 {
531 sender_host_port = host_address_extract_port(big_buffer + 14);
532 sender_host_address = string_copy(big_buffer + 14);
533 }
534 break;
535
536 case 'i':
537 if (Ustrncmp(p, "nterface_address", 16) == 0)
538 {
539 interface_port = host_address_extract_port(big_buffer + 19);
540 interface_address = string_copy(big_buffer + 19);
541 }
542 else if (Ustrncmp(p, "dent", 4) == 0)
543 sender_ident = string_copy(big_buffer + 7);
544 break;
545
546 case 'l':
547 if (Ustrcmp(p, "ocal") == 0) sender_local = TRUE;
548 else if (Ustrcmp(big_buffer, "-localerror") == 0)
549 local_error_message = TRUE;
550 else if (Ustrncmp(p, "ocal_scan ", 10) == 0)
551 local_scan_data = string_copy(big_buffer + 12);
552 break;
553
554 case 'm':
555 if (Ustrcmp(p, "anual_thaw") == 0) deliver_manual_thaw = TRUE;
d677b2f2
PH		 556 else if (Ustrncmp(p, "ax_received_linelength", 22) == 0)
557 max_received_linelength = Uatoi(big_buffer + 24);
08955dd3
PH		 558 break;
559
560 case 'N':
561 if (*p == 0) dont_deliver = TRUE; /* -N */
562 break;
563
564 case 'r':
565 if (Ustrncmp(p, "eceived_protocol", 16) == 0)
566 received_protocol = string_copy(big_buffer + 19);
567 break;
568
569 case 's':
570 if (Ustrncmp(p, "ender_set_untrusted", 19) == 0)
571 sender_set_untrusted = TRUE;
e91ad4a7 572#ifdef WITH_CONTENT_SCAN
08955dd3
PH		 573 else if (Ustrncmp(p, "pam_score_int ", 14) == 0)
574 spam_score_int = string_copy(big_buffer + 16);
e91ad4a7 575#endif
7ade712c
JH		 576#if defined(EXPERIMENTAL_INTERNATIONAL) && !defined(COMPILE_UTILITY)
577 else if (Ustrncmp(p, "mtputf8", 7) == 0)
578 message_smtputf8 = TRUE;
579#endif
08955dd3
PH		 580 break;
581
e91ad4a7 582#ifdef SUPPORT_TLS
08955dd3
PH		 583 case 't':
584 if (Ustrncmp(p, "ls_certificate_verified", 23) == 0)
817d9f57 585 tls_in.certificate_verified = TRUE;
08955dd3 586 else if (Ustrncmp(p, "ls_cipher", 9) == 0)
817d9f57 587 tls_in.cipher = string_copy(big_buffer + 12);
e91ad4a7 588# ifndef COMPILE_UTILITY /* tls support fns not built in */
9d1c15ef
JH		 589 else if (Ustrncmp(p, "ls_ourcert", 10) == 0)
590 (void) tls_import_cert(big_buffer + 13, &tls_in.ourcert);
591 else if (Ustrncmp(p, "ls_peercert", 11) == 0)
592 (void) tls_import_cert(big_buffer + 14, &tls_in.peercert);
e91ad4a7 593# endif
08955dd3 594 else if (Ustrncmp(p, "ls_peerdn", 9) == 0)
817d9f57 595 tls_in.peerdn = string_unprinting(string_copy(big_buffer + 12));
7be682ca 596 else if (Ustrncmp(p, "ls_sni", 6) == 0)
817d9f57 597 tls_in.sni = string_unprinting(string_copy(big_buffer + 9));
44662487
JH		 598 else if (Ustrncmp(p, "ls_ocsp", 7) == 0)
599 tls_in.ocsp = big_buffer[10] - '0';
08955dd3 600 break;
e91ad4a7 601#endif
08955dd3
PH		 602
603 default: /* Present because some compilers complain if all */
604 break; /* possibilities are not covered. */
059ec3d9 605 }
059ec3d9
PH		 606 }
607
608/* Build sender_fullhost if required */
609
610#ifndef COMPILE_UTILITY
611host_build_sender_fullhost();
612#endif /* COMPILE_UTILITY */
613
614#ifndef COMPILE_UTILITY
615DEBUG(D_deliver)
616 debug_printf("sender_local=%d ident=%s\n", sender_local,
617 (sender_ident == NULL)? US"unset" : sender_ident);
618#endif /* COMPILE_UTILITY */
619
620/* We now have the tree of addresses NOT to deliver to, or a line
621containing "XX", indicating no tree. */
622
623if (Ustrncmp(big_buffer, "XX\n", 3) != 0 &&
624 !read_nonrecipients_tree(&tree_nonrecipients, f, big_buffer, big_buffer_size))
625 goto SPOOL_FORMAT_ERROR;
626
627#ifndef COMPILE_UTILITY
628DEBUG(D_deliver)
629 {
630 debug_printf("Non-recipients:\n");
631 debug_print_tree(tree_nonrecipients);
632 }
633#endif /* COMPILE_UTILITY */
634
635/* After reading the tree, the next line has not yet been read into the
636buffer. It contains the count of recipients which follow on separate lines. */
637
638if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
639if (sscanf(CS big_buffer, "%d", &rcount) != 1) goto SPOOL_FORMAT_ERROR;
640
641#ifndef COMPILE_UTILITY
642DEBUG(D_deliver) debug_printf("recipients_count=%d\n", rcount);
643#endif /* COMPILE_UTILITY */
644
645recipients_list_max = rcount;
646recipients_list = store_get(rcount * sizeof(recipient_item));
647
648for (recipients_count = 0; recipients_count < rcount; recipients_count++)
649 {
650 int nn;
651 int pno = -1;
6c1c3d1d
WB		 652 int dsn_flags = 0;
653 uschar *orcpt = NULL;
059ec3d9
PH		 654 uschar *errors_to = NULL;
655 uschar *p;
656
657 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
658 nn = Ustrlen(big_buffer);
659 if (nn < 2) goto SPOOL_FORMAT_ERROR;
660
661 /* Remove the newline; this terminates the address if there is no additional
662 data on the line. */
663
664 p = big_buffer + nn - 1;
665 *p-- = 0;
666
667 /* Look back from the end of the line for digits and special terminators.
668 Since an address must end with a domain, we can tell that extra data is
669 present by the presence of the terminator, which is always some character
670 that cannot exist in a domain. (If I'd thought of the need for additional
671 data early on, I'd have put it at the start, with the address at the end. As
672 it is, we have to operate backwards. Addresses are permitted to contain
673 spaces, you see.)
674
675 This code has to cope with various versions of this data that have evolved
676 over time. In all cases, the line might just contain an address, with no
677 additional data. Otherwise, the possibilities are as follows:
678
679 Exim 3 type: <address><space><digits>,<digits>,<digits>
680
681 The second set of digits is the parent number for one_time addresses. The
682 other values were remnants of earlier experiments that were abandoned.
683
684 Exim 4 first type: <address><space><digits>
685
686 The digits are the parent number for one_time addresses.
687
688 Exim 4 new type: <address><space><data>#<type bits>
689
690 The type bits indicate what the contents of the data are.
691
692 Bit 01 indicates that, reading from right to left, the data
693 ends with <errors_to address><space><len>,<pno> where pno is
694 the parent number for one_time addresses, and len is the length
695 of the errors_to address (zero meaning none).
6c1c3d1d
WB		 696
697 Bit 02 indicates that, again reading from right to left, the data continues
698 with orcpt len(orcpt),dsn_flags
059ec3d9
PH		 699 */
700
701 while (isdigit(*p)) p--;
702
703 /* Handle Exim 3 spool files */
704
705 if (*p == ',')
706 {
707 int dummy;
708 while (isdigit(*(--p)) || *p == ',');
709 if (*p == ' ')
710 {
711 *p++ = 0;
ff790e47 712 (void)sscanf(CS p, "%d,%d", &dummy, &pno);
059ec3d9
PH		 713 }
714 }
715
716 /* Handle early Exim 4 spool files */
717
718 else if (*p == ' ')
719 {
720 *p++ = 0;
ff790e47 721 (void)sscanf(CS p, "%d", &pno);
059ec3d9
PH		 722 }
723
724 /* Handle current format Exim 4 spool files */
725
726 else if (*p == '#')
727 {
728 int flags;
6c1c3d1d 729
50dc7409 730#if !defined (COMPILE_UTILITY)
e91ad4a7
JH		 731 DEBUG(D_deliver) debug_printf("**** SPOOL_IN - Exim 4 standard format spoolfile\n");
732#endif
6c1c3d1d 733
ff790e47 734 (void)sscanf(CS p+1, "%d", &flags);
059ec3d9
PH		 735
736 if ((flags & 0x01) != 0) /* one_time data exists */
737 {
738 int len;
739 while (isdigit(*(--p)) || *p == ',' || *p == '-');
ff790e47 740 (void)sscanf(CS p+1, "%d,%d", &len, &pno);
059ec3d9
PH		 741 *p = 0;
742 if (len > 0)
743 {
744 p -= len;
745 errors_to = string_copy(p);
6c1c3d1d
WB		 746 }
747 }
748
749 *(--p) = 0; /* Terminate address */
6c1c3d1d
WB		 750 if ((flags & 0x02) != 0) /* one_time data exists */
751 {
752 int len;
753 while (isdigit(*(--p)) || *p == ',' || *p == '-');
754 (void)sscanf(CS p+1, "%d,%d", &len, &dsn_flags);
755 *p = 0;
756 if (len > 0)
757 {
758 p -= len;
759 orcpt = string_copy(p);
760 }
059ec3d9
PH		 761 }
762
763 *(--p) = 0; /* Terminate address */
6c1c3d1d 764 }
50dc7409 765#if !defined(COMPILE_UTILITY)
6c1c3d1d 766 else
e91ad4a7 767 { DEBUG(D_deliver) debug_printf("**** SPOOL_IN - No additional fields\n"); }
6c1c3d1d
WB		 768
769 if ((orcpt != NULL) || (dsn_flags != 0))
770 {
771 DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| orcpt: |%s| dsn_flags: %d\n",
772 big_buffer, orcpt, dsn_flags);
773 }
774 if (errors_to != NULL)
775 {
776 DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s|\n",
777 big_buffer, errors_to);
059ec3d9 778 }
50dc7409 779#endif
059ec3d9
PH		 780
781 recipients_list[recipients_count].address = string_copy(big_buffer);
782 recipients_list[recipients_count].pno = pno;
783 recipients_list[recipients_count].errors_to = errors_to;
6c1c3d1d
WB		 784 recipients_list[recipients_count].orcpt = orcpt;
785 recipients_list[recipients_count].dsn_flags = dsn_flags;
059ec3d9
PH		 786 }
787
788/* The remainder of the spool header file contains the headers for the message,
789separated off from the previous data by a blank line. Each header is preceded
790by a count of its length and either a certain letter (for various identified
791headers), space (for a miscellaneous live header) or an asterisk (for a header
792that has been rewritten). Count the Received: headers. We read the headers
793always, in order to check on the format of the file, but only create a header
794list if requested to do so. */
795
796inheader = TRUE;
797if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
798if (big_buffer[0] != '\n') goto SPOOL_FORMAT_ERROR;
799
800while ((n = fgetc(f)) != EOF)
801 {
802 header_line *h;
803 uschar flag[4];
804 int i;
805
806 if (!isdigit(n)) goto SPOOL_FORMAT_ERROR;
1ac6b2e7
JH		 807 if(ungetc(n, f) == EOF || fscanf(f, "%d%c ", &n, flag) == EOF)
808 goto SPOOL_READ_ERROR;
059ec3d9
PH		 809 if (flag[0] != '*') message_size += n; /* Omit non-transmitted headers */
810
811 if (read_headers)
812 {
813 h = store_get(sizeof(header_line));
814 h->next = NULL;
815 h->type = flag[0];
816 h->slen = n;
817 h->text = store_get(n+1);
818
819 if (h->type == htype_received) received_count++;
820
821 if (header_list == NULL) header_list = h;
822 else header_last->next = h;
823 header_last = h;
824
825 for (i = 0; i < n; i++)
826 {
827 int c = fgetc(f);
828 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
829 if (c == '\n' && h->type != htype_old) message_linecount++;
830 h->text[i] = c;
831 }
832 h->text[i] = 0;
833 }
834
835 /* Not requiring header data, just skip through the bytes */
836
837 else for (i = 0; i < n; i++)
838 {
839 int c = fgetc(f);
840 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
841 }
842 }
843
844/* We have successfully read the data in the header file. Update the message
845line count by adding the body linecount to the header linecount. Close the file
846and give a positive response. */
847
848#ifndef COMPILE_UTILITY
849DEBUG(D_deliver) debug_printf("body_linecount=%d message_linecount=%d\n",
850 body_linecount, message_linecount);
851#endif /* COMPILE_UTILITY */
852
853message_linecount += body_linecount;
854
855fclose(f);
856return spool_read_OK;
857
858
859/* There was an error reading the spool or there was missing data,
860or there was a format error. A "read error" with no errno means an
861unexpected EOF, which we treat as a format error. */
862
863SPOOL_READ_ERROR:
864if (errno != 0)
865 {
866 n = errno;
867
e91ad4a7 868#ifndef COMPILE_UTILITY
059ec3d9 869 DEBUG(D_any) debug_printf("Error while reading spool file %s\n", name);
e91ad4a7 870#endif /* COMPILE_UTILITY */
059ec3d9
PH		 871
872 fclose(f);
873 errno = n;
874 return inheader? spool_read_hdrerror : spool_read_enverror;
875 }
876
877SPOOL_FORMAT_ERROR:
878
879#ifndef COMPILE_UTILITY
880DEBUG(D_any) debug_printf("Format error in spool file %s\n", name);
881#endif /* COMPILE_UTILITY */
882
883fclose(f);
884errno = ERRNO_SPOOLFORMAT;
885return inheader? spool_read_hdrerror : spool_read_enverror;
886}
887
9d1c15ef
JH		 888/* vi: aw ai sw=2
889*/
059ec3d9 890/* End of spool_in.c */
Unnamed repository; edit this file 'description' to name the repository.