projects / exim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Remove trailing whitespace from each header before concatenation in
[exim.git] / src / src / spool_in.c
CommitLineData
08955dd3 1/* $Cambridge: exim/src/src/spool_in.c,v 1.17 2006/10/10 11:15:12 ph10 Exp $ */
059ec3d9
PH		 2
3/*************************************************
4* Exim - an Internet mail transport agent *
5*************************************************/
6
d7d7b7b9 7/* Copyright (c) University of Cambridge 1995 - 2006 */
059ec3d9
PH		 8/* See the file NOTICE for conditions of use and distribution. */
9
10/* Functions for reading spool files. When compiling for a utility (eximon),
11not all are needed, and some functionality can be cut out. */
12
13
14#include "exim.h"
15
16
17
18#ifndef COMPILE_UTILITY
19/*************************************************
20* Open and lock data file *
21*************************************************/
22
23/* The data file is the one that is used for locking, because the header file
24can get replaced during delivery because of header rewriting. The file has
25to opened with write access so that we can get an exclusive lock, but in
26fact it won't be written to. Just in case there's a major disaster (e.g.
27overwriting some other file descriptor with the value of this one), open it
28with append.
29
30Argument: the id of the message
31Returns: TRUE if file successfully opened and locked
32
33Side effect: deliver_datafile is set to the fd of the open file.
34*/
35
36BOOL
37spool_open_datafile(uschar *id)
38{
39int i;
40struct stat statbuf;
41flock_t lock_data;
42uschar spoolname[256];
43
44/* If split_spool_directory is set, first look for the file in the appropriate
45sub-directory of the input directory. If it is not found there, try the input
46directory itself, to pick up leftovers from before the splitting. If split_
47spool_directory is not set, first look in the main input directory. If it is
48not found there, try the split sub-directory, in case it is left over from a
49splitting state. */
50
51for (i = 0; i < 2; i++)
52 {
53 int save_errno;
54 message_subdir[0] = (split_spool_directory == (i == 0))? id[5] : 0;
55 sprintf(CS spoolname, "%s/input/%s/%s-D", spool_directory, message_subdir, id);
56 deliver_datafile = Uopen(spoolname, O_RDWR | O_APPEND, 0);
57 if (deliver_datafile >= 0) break;
58 save_errno = errno;
59 if (errno == ENOENT)
60 {
61 if (i == 0) continue;
62 if (!queue_running)
63 log_write(0, LOG_MAIN, "Spool file %s-D not found", id);
64 }
65 else log_write(0, LOG_MAIN, "Spool error for %s: %s", spoolname,
66 strerror(errno));
67 errno = save_errno;
68 return FALSE;
69 }
70
71/* File is open and message_subdir is set. Set the close-on-exec flag, and lock
72the file. We lock only the first line of the file (containing the message ID)
73because this apparently is needed for running Exim under Cygwin. If the entire
74file is locked in one process, a sub-process cannot access it, even when passed
75an open file descriptor (at least, I think that's the Cygwin story). On real
76Unix systems it doesn't make any difference as long as Exim is consistent in
77what it locks. */
78
ff790e47 79(void)fcntl(deliver_datafile, F_SETFD, fcntl(deliver_datafile, F_GETFD) |
059ec3d9
PH		 80 FD_CLOEXEC);
81
82lock_data.l_type = F_WRLCK;
83lock_data.l_whence = SEEK_SET;
84lock_data.l_start = 0;
85lock_data.l_len = SPOOL_DATA_START_OFFSET;
86
87if (fcntl(deliver_datafile, F_SETLK, &lock_data) < 0)
88 {
89 log_write(L_skip_delivery,
90 LOG_MAIN,
91 "Spool file is locked (another process is handling this message)");
f1e894f3 92 (void)close(deliver_datafile);
059ec3d9
PH		 93 deliver_datafile = -1;
94 errno = 0;
95 return FALSE;
96 }
97
98/* Get the size of the data; don't include the leading filename line
99in the count, but add one for the newline before the data. */
100
101if (fstat(deliver_datafile, &statbuf) == 0)
102 {
103 message_body_size = statbuf.st_size - SPOOL_DATA_START_OFFSET;
104 message_size = message_body_size + 1;
105 }
106
107return TRUE;
108}
109#endif /* COMPILE_UTILITY */
110
111
112
113/*************************************************
114* Read non-recipients tree from spool file *
115*************************************************/
116
117/* The tree of non-recipients is written to the spool file in a form that
118makes it easy to read back into a tree. The format is as follows:
119
120 . Each node is preceded by two letter(Y/N) indicating whether it has left
121 or right children. There's one space after the two flags, before the name.
122
123 . The left subtree (if any) then follows, then the right subtree (if any).
124
125This function is entered with the next input line in the buffer. Note we must
126save the right flag before recursing with the same buffer.
127
128Once the tree is read, we re-construct the balance fields by scanning the tree.
129I forgot to write them out originally, and the compatible fix is to do it this
130way. This initial local recursing function does the necessary.
131
132Arguments:
133 node tree node
134
135Returns: maximum depth below the node, including the node itself
136*/
137
138static int
139count_below(tree_node *node)
140{
141int nleft, nright;
142if (node == NULL) return 0;
143nleft = count_below(node->left);
144nright = count_below(node->right);
145node->balance = (nleft > nright)? 1 : ((nright > nleft)? 2 : 0);
146return 1 + ((nleft > nright)? nleft : nright);
147}
148
149/* This is the real function...
150
151Arguments:
152 connect pointer to the root of the tree
153 f FILE to read data from
154 buffer contains next input line; further lines read into it
155 buffer_size size of the buffer
156
157Returns: FALSE on format error
158*/
159
160static BOOL
161read_nonrecipients_tree(tree_node **connect, FILE *f, uschar *buffer,
162 int buffer_size)
163{
164tree_node *node;
165int n = Ustrlen(buffer);
166BOOL right = buffer[1] == 'Y';
167
168if (n < 5) return FALSE; /* malformed line */
169buffer[n-1] = 0; /* Remove \n */
170node = store_get(sizeof(tree_node) + n - 3);
171*connect = node;
172Ustrcpy(node->name, buffer + 3);
173node->data.ptr = NULL;
174
175if (buffer[0] == 'Y')
176 {
177 if (Ufgets(buffer, buffer_size, f) == NULL ||
178 !read_nonrecipients_tree(&node->left, f, buffer, buffer_size))
179 return FALSE;
180 }
181else node->left = NULL;
182
183if (right)
184 {
185 if (Ufgets(buffer, buffer_size, f) == NULL ||
186 !read_nonrecipients_tree(&node->right, f, buffer, buffer_size))
187 return FALSE;
188 }
189else node->right = NULL;
190
191(void) count_below(*connect);
192return TRUE;
193}
194
195
196
197
198/*************************************************
199* Read spool header file *
200*************************************************/
201
202/* This function reads a spool header file and places the data into the
203appropriate global variables. The header portion is always read, but header
204structures are built only if read_headers is set true. It isn't, for example,
205while generating -bp output.
206
207It may be possible for blocks of nulls (binary zeroes) to get written on the
208end of a file if there is a system crash during writing. It was observed on an
209earlier version of Exim that omitted to fsync() the files - this is thought to
210have been the cause of that incident, but in any case, this code must be robust
211against such an event, and if such a file is encountered, it must be treated as
212malformed.
213
214Arguments:
215 name name of the header file, including the -H
216 read_headers TRUE if in-store header structures are to be built
217 subdir_set TRUE is message_subdir is already set
218
219Returns: spool_read_OK success
220 spool_read_notopen open failed
221 spool_read_enverror error in the envelope portion
222 spool_read_hdrdrror error in the header portion
223*/
224
225int
226spool_read_header(uschar *name, BOOL read_headers, BOOL subdir_set)
227{
228FILE *f = NULL;
229int n;
230int rcount = 0;
231long int uid, gid;
232BOOL inheader = FALSE;
1e70f85b 233uschar *p;
059ec3d9
PH		 234
235/* Reset all the global variables to their default values. However, there is
236one exception. DO NOT change the default value of dont_deliver, because it may
237be forced by an external setting. */
238
38a0a95f 239acl_var_c = acl_var_m = NULL;
059ec3d9
PH		 240authenticated_id = NULL;
241authenticated_sender = NULL;
242allow_unqualified_recipient = FALSE;
243allow_unqualified_sender = FALSE;
244body_linecount = 0;
245body_zerocount = 0;
246deliver_firsttime = FALSE;
247deliver_freeze = FALSE;
248deliver_frozen_at = 0;
249deliver_manual_thaw = FALSE;
250/* dont_deliver must NOT be reset */
251header_list = header_last = NULL;
b08b24c8 252host_lookup_deferred = FALSE;
059ec3d9
PH		 253host_lookup_failed = FALSE;
254interface_address = NULL;
255interface_port = 0;
256local_error_message = FALSE;
257local_scan_data = NULL;
258message_linecount = 0;
259received_protocol = NULL;
260received_count = 0;
261recipients_list = NULL;
262sender_address = NULL;
263sender_fullhost = NULL;
264sender_helo_name = NULL;
265sender_host_address = NULL;
266sender_host_name = NULL;
267sender_host_port = 0;
268sender_host_authenticated = NULL;
269sender_ident = NULL;
270sender_local = FALSE;
271sender_set_untrusted = FALSE;
1f5b4c3d 272smtp_active_hostname = primary_hostname;
059ec3d9
PH		 273tree_nonrecipients = NULL;
274
8523533c
TK		 275#ifdef EXPERIMENTAL_BRIGHTMAIL
276bmi_run = 0;
277bmi_verdicts = NULL;
278#endif
279
fb2274d4
TK		 280#ifdef EXPERIMENTAL_DOMAINKEYS
281dk_do_verify = 0;
282#endif
283
059ec3d9
PH		 284#ifdef SUPPORT_TLS
285tls_certificate_verified = FALSE;
286tls_cipher = NULL;
287tls_peerdn = NULL;
288#endif
289
8523533c 290#ifdef WITH_CONTENT_SCAN
8523533c
TK		 291spam_score_int = NULL;
292#endif
293
059ec3d9
PH		 294/* Generate the full name and open the file. If message_subdir is already
295set, just look in the given directory. Otherwise, look in both the split
296and unsplit directories, as for the data file above. */
297
298for (n = 0; n < 2; n++)
299 {
300 if (!subdir_set)
301 message_subdir[0] = (split_spool_directory == (n == 0))? name[5] : 0;
302 sprintf(CS big_buffer, "%s/input/%s/%s", spool_directory, message_subdir,
303 name);
304 f = Ufopen(big_buffer, "rb");
305 if (f != NULL) break;
306 if (n != 0 || subdir_set || errno != ENOENT) return spool_read_notopen;
307 }
308
309errno = 0;
310
311#ifndef COMPILE_UTILITY
312DEBUG(D_deliver) debug_printf("reading spool file %s\n", name);
313#endif /* COMPILE_UTILITY */
314
315/* The first line of a spool file contains the message id followed by -H (i.e.
316the file name), in order to make the file self-identifying. */
317
318if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
319if (Ustrlen(big_buffer) != MESSAGE_ID_LENGTH + 3 ||
320 Ustrncmp(big_buffer, name, MESSAGE_ID_LENGTH + 2) != 0)
321 goto SPOOL_FORMAT_ERROR;
322
323/* The next three lines in the header file are in a fixed format. The first
324contains the login, uid, and gid of the user who caused the file to be written.
ebb6e6d5
PH		 325There are known cases where a negative gid is used, so we allow for both
326negative uids and gids. The second contains the mail address of the message's
327sender, enclosed in <>. The third contains the time the message was received,
328and the number of warning messages for delivery delays that have been sent. */
059ec3d9
PH		 329
330if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
331
1e70f85b
PH		 332p = big_buffer + Ustrlen(big_buffer);
333while (p > big_buffer && isspace(p[-1])) p--;
334*p = 0;
335if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
ebb6e6d5 336while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
1e70f85b
PH		 337gid = Uatoi(p);
338if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
339*p = 0;
340if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
ebb6e6d5 341while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
1e70f85b
PH		 342uid = Uatoi(p);
343if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
344*p = 0;
8e669ac1 345
1e70f85b 346originator_login = string_copy(big_buffer);
059ec3d9
PH		 347originator_uid = (uid_t)uid;
348originator_gid = (gid_t)gid;
349
350if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
351n = Ustrlen(big_buffer);
352if (n < 3 || big_buffer[0] != '<' || big_buffer[n-2] != '>')
353 goto SPOOL_FORMAT_ERROR;
354
355sender_address = store_get(n-2);
356Ustrncpy(sender_address, big_buffer+1, n-3);
357sender_address[n-3] = 0;
358
359if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
360if (sscanf(CS big_buffer, "%d %d", &received_time, &warning_count) != 2)
361 goto SPOOL_FORMAT_ERROR;
362
363message_age = time(NULL) - received_time;
364
365#ifndef COMPILE_UTILITY
366DEBUG(D_deliver) debug_printf("user=%s uid=%ld gid=%ld sender=%s\n",
367 originator_login, (long int)originator_uid, (long int)originator_gid,
368 sender_address);
369#endif /* COMPILE_UTILITY */
370
08955dd3
PH		 371/* Now there may be a number of optional lines, each starting with "-". If you
372add a new setting here, make sure you set the default above.
059ec3d9 373
08955dd3
PH		 374Because there are now quite a number of different possibilities, we use a
375switch on the first character to avoid too many failing tests. Thanks to Nico
376Erfurth for the patch that implemented this. I have made it even more efficient
377by not re-scanning the first two characters.
378
379To allow new versions of Exim that add additional flags to interwork with older
380versions that do not understand them, just ignore any lines starting with "-"
381that we don't recognize. Otherwise it wouldn't be possible to back off a new
382version that left new-style flags written on the spool. */
383
384p = big_buffer + 2;
059ec3d9
PH		 385for (;;)
386 {
387 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
388 if (big_buffer[0] != '-') break;
059ec3d9 389 big_buffer[Ustrlen(big_buffer) - 1] = 0;
47ca6d6c 390
08955dd3 391 switch(big_buffer[1])
059ec3d9 392 {
08955dd3
PH		 393 case 'a':
394
395 /* Nowadays we use "-aclc" and "-aclm" for the different types of ACL
396 variable, because Exim allows any number of them, with arbitrary names.
397 The line in the spool file is "-acl[cm] <name> <length>". The name excludes
398 the c or m. */
399
400 if (Ustrncmp(p, "clc ", 4) == 0 ||
401 Ustrncmp(p, "clm ", 4) == 0)
402 {
403 uschar *name, *endptr;
404 int count;
405 tree_node *node;
406 endptr = Ustrchr(big_buffer + 6, ' ');
407 if (endptr == NULL) goto SPOOL_FORMAT_ERROR;
408 name = string_sprintf("%c%.*s", big_buffer[4], endptr - big_buffer - 6,
409 big_buffer + 6);
410 if (sscanf(CS endptr, " %d", &count) != 1) goto SPOOL_FORMAT_ERROR;
411 node = acl_var_create(name);
412 node->data.ptr = store_get(count + 1);
413 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
414 ((uschar*)node->data.ptr)[count] = 0;
415 }
416
417 else if (Ustrcmp(p, "llow_unqualified_recipient") == 0)
418 allow_unqualified_recipient = TRUE;
419 else if (Ustrcmp(p, "llow_unqualified_sender") == 0)
420 allow_unqualified_sender = TRUE;
421
422 else if (Ustrncmp(p, "uth_id", 6) == 0)
423 authenticated_id = string_copy(big_buffer + 9);
424 else if (Ustrncmp(p, "uth_sender", 10) == 0)
425 authenticated_sender = string_copy(big_buffer + 13);
426 else if (Ustrncmp(p, "ctive_hostname", 14) == 0)
427 smtp_active_hostname = string_copy(big_buffer + 17);
428
429 /* For long-term backward compatibility, we recognize "-acl", which was
430 used before the number of ACL variables changed from 10 to 20. This was
431 before the subsequent change to an arbitrary number of named variables.
432 This code is retained so that upgrades from very old versions can still
433 handle old-format spool files. The value given after "-acl" is a number
434 that is 0-9 for connection variables, and 10-19 for message variables. */
435
436 else if (Ustrncmp(p, "cl ", 3) == 0)
437 {
438 int index, count;
439 uschar name[4];
440 tree_node *node;
441 if (sscanf(CS big_buffer + 5, "%d %d", &index, &count) != 2)
442 goto SPOOL_FORMAT_ERROR;
443 (void) string_format(name, 4, "%c%d", (index < 10 ? 'c' : 'm'), index);
444 node = acl_var_create(name);
445 node->data.ptr = store_get(count + 1);
446 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
447 ((uschar*)node->data.ptr)[count] = 0;
448 }
449 break;
450
451 case 'b':
452 if (Ustrncmp(p, "ody_linecount", 13) == 0)
453 body_linecount = Uatoi(big_buffer + 15);
454 else if (Ustrncmp(p, "ody_zerocount", 13) == 0)
455 body_zerocount = Uatoi(big_buffer + 15);
456 #ifdef EXPERIMENTAL_BRIGHTMAIL
457 else if (Ustrncmp(p, "mi_verdicts ", 12) == 0)
458 bmi_verdicts = string_copy(big_buffer + 14);
459 #endif
460 break;
461
462 case 'd':
463 if (Ustrcmp(p, "eliver_firsttime") == 0)
464 deliver_firsttime = TRUE;
465 break;
466
467 case 'f':
468 if (Ustrncmp(p, "rozen", 5) == 0)
469 {
470 deliver_freeze = TRUE;
471 deliver_frozen_at = Uatoi(big_buffer + 7);
472 }
473 break;
474
475 case 'h':
476 if (Ustrcmp(p, "ost_lookup_deferred") == 0)
477 host_lookup_deferred = TRUE;
478 else if (Ustrcmp(p, "ost_lookup_failed") == 0)
479 host_lookup_failed = TRUE;
480 else if (Ustrncmp(p, "ost_auth", 8) == 0)
481 sender_host_authenticated = string_copy(big_buffer + 11);
482 else if (Ustrncmp(p, "ost_name", 8) == 0)
483 sender_host_name = string_copy(big_buffer + 11);
484 else if (Ustrncmp(p, "elo_name", 8) == 0)
485 sender_helo_name = string_copy(big_buffer + 11);
486
487 /* We now record the port number after the address, separated by a
488 dot. For compatibility during upgrading, do nothing if there
489 isn't a value (it gets left at zero). */
490
491 else if (Ustrncmp(p, "ost_address", 11) == 0)
492 {
493 sender_host_port = host_address_extract_port(big_buffer + 14);
494 sender_host_address = string_copy(big_buffer + 14);
495 }
496 break;
497
498 case 'i':
499 if (Ustrncmp(p, "nterface_address", 16) == 0)
500 {
501 interface_port = host_address_extract_port(big_buffer + 19);
502 interface_address = string_copy(big_buffer + 19);
503 }
504 else if (Ustrncmp(p, "dent", 4) == 0)
505 sender_ident = string_copy(big_buffer + 7);
506 break;
507
508 case 'l':
509 if (Ustrcmp(p, "ocal") == 0) sender_local = TRUE;
510 else if (Ustrcmp(big_buffer, "-localerror") == 0)
511 local_error_message = TRUE;
512 else if (Ustrncmp(p, "ocal_scan ", 10) == 0)
513 local_scan_data = string_copy(big_buffer + 12);
514 break;
515
516 case 'm':
517 if (Ustrcmp(p, "anual_thaw") == 0) deliver_manual_thaw = TRUE;
518 break;
519
520 case 'N':
521 if (*p == 0) dont_deliver = TRUE; /* -N */
522 break;
523
524 case 'r':
525 if (Ustrncmp(p, "eceived_protocol", 16) == 0)
526 received_protocol = string_copy(big_buffer + 19);
527 break;
528
529 case 's':
530 if (Ustrncmp(p, "ender_set_untrusted", 19) == 0)
531 sender_set_untrusted = TRUE;
532 #ifdef WITH_CONTENT_SCAN
533 else if (Ustrncmp(p, "pam_score_int ", 14) == 0)
534 spam_score_int = string_copy(big_buffer + 16);
535 #endif
536 break;
537
538 #ifdef SUPPORT_TLS
539 case 't':
540 if (Ustrncmp(p, "ls_certificate_verified", 23) == 0)
541 tls_certificate_verified = TRUE;
542 else if (Ustrncmp(p, "ls_cipher", 9) == 0)
543 tls_cipher = string_copy(big_buffer + 12);
544 else if (Ustrncmp(p, "ls_peerdn", 9) == 0)
545 tls_peerdn = string_copy(big_buffer + 12);
546 break;
547 #endif
548
549 default: /* Present because some compilers complain if all */
550 break; /* possibilities are not covered. */
059ec3d9 551 }
059ec3d9
PH		 552 }
553
554/* Build sender_fullhost if required */
555
556#ifndef COMPILE_UTILITY
557host_build_sender_fullhost();
558#endif /* COMPILE_UTILITY */
559
560#ifndef COMPILE_UTILITY
561DEBUG(D_deliver)
562 debug_printf("sender_local=%d ident=%s\n", sender_local,
563 (sender_ident == NULL)? US"unset" : sender_ident);
564#endif /* COMPILE_UTILITY */
565
566/* We now have the tree of addresses NOT to deliver to, or a line
567containing "XX", indicating no tree. */
568
569if (Ustrncmp(big_buffer, "XX\n", 3) != 0 &&
570 !read_nonrecipients_tree(&tree_nonrecipients, f, big_buffer, big_buffer_size))
571 goto SPOOL_FORMAT_ERROR;
572
573#ifndef COMPILE_UTILITY
574DEBUG(D_deliver)
575 {
576 debug_printf("Non-recipients:\n");
577 debug_print_tree(tree_nonrecipients);
578 }
579#endif /* COMPILE_UTILITY */
580
581/* After reading the tree, the next line has not yet been read into the
582buffer. It contains the count of recipients which follow on separate lines. */
583
584if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
585if (sscanf(CS big_buffer, "%d", &rcount) != 1) goto SPOOL_FORMAT_ERROR;
586
587#ifndef COMPILE_UTILITY
588DEBUG(D_deliver) debug_printf("recipients_count=%d\n", rcount);
589#endif /* COMPILE_UTILITY */
590
591recipients_list_max = rcount;
592recipients_list = store_get(rcount * sizeof(recipient_item));
593
594for (recipients_count = 0; recipients_count < rcount; recipients_count++)
595 {
596 int nn;
597 int pno = -1;
598 uschar *errors_to = NULL;
599 uschar *p;
600
601 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
602 nn = Ustrlen(big_buffer);
603 if (nn < 2) goto SPOOL_FORMAT_ERROR;
604
605 /* Remove the newline; this terminates the address if there is no additional
606 data on the line. */
607
608 p = big_buffer + nn - 1;
609 *p-- = 0;
610
611 /* Look back from the end of the line for digits and special terminators.
612 Since an address must end with a domain, we can tell that extra data is
613 present by the presence of the terminator, which is always some character
614 that cannot exist in a domain. (If I'd thought of the need for additional
615 data early on, I'd have put it at the start, with the address at the end. As
616 it is, we have to operate backwards. Addresses are permitted to contain
617 spaces, you see.)
618
619 This code has to cope with various versions of this data that have evolved
620 over time. In all cases, the line might just contain an address, with no
621 additional data. Otherwise, the possibilities are as follows:
622
623 Exim 3 type: <address><space><digits>,<digits>,<digits>
624
625 The second set of digits is the parent number for one_time addresses. The
626 other values were remnants of earlier experiments that were abandoned.
627
628 Exim 4 first type: <address><space><digits>
629
630 The digits are the parent number for one_time addresses.
631
632 Exim 4 new type: <address><space><data>#<type bits>
633
634 The type bits indicate what the contents of the data are.
635
636 Bit 01 indicates that, reading from right to left, the data
637 ends with <errors_to address><space><len>,<pno> where pno is
638 the parent number for one_time addresses, and len is the length
639 of the errors_to address (zero meaning none).
640 */
641
642 while (isdigit(*p)) p--;
643
644 /* Handle Exim 3 spool files */
645
646 if (*p == ',')
647 {
648 int dummy;
649 while (isdigit(*(--p)) || *p == ',');
650 if (*p == ' ')
651 {
652 *p++ = 0;
ff790e47 653 (void)sscanf(CS p, "%d,%d", &dummy, &pno);
059ec3d9
PH		 654 }
655 }
656
657 /* Handle early Exim 4 spool files */
658
659 else if (*p == ' ')
660 {
661 *p++ = 0;
ff790e47 662 (void)sscanf(CS p, "%d", &pno);
059ec3d9
PH		 663 }
664
665 /* Handle current format Exim 4 spool files */
666
667 else if (*p == '#')
668 {
669 int flags;
ff790e47 670 (void)sscanf(CS p+1, "%d", &flags);
059ec3d9
PH		 671
672 if ((flags & 0x01) != 0) /* one_time data exists */
673 {
674 int len;
675 while (isdigit(*(--p)) || *p == ',' || *p == '-');
ff790e47 676 (void)sscanf(CS p+1, "%d,%d", &len, &pno);
059ec3d9
PH		 677 *p = 0;
678 if (len > 0)
679 {
680 p -= len;
681 errors_to = string_copy(p);
682 }
683 }
684
685 *(--p) = 0; /* Terminate address */
686 }
687
688 recipients_list[recipients_count].address = string_copy(big_buffer);
689 recipients_list[recipients_count].pno = pno;
690 recipients_list[recipients_count].errors_to = errors_to;
691 }
692
693/* The remainder of the spool header file contains the headers for the message,
694separated off from the previous data by a blank line. Each header is preceded
695by a count of its length and either a certain letter (for various identified
696headers), space (for a miscellaneous live header) or an asterisk (for a header
697that has been rewritten). Count the Received: headers. We read the headers
698always, in order to check on the format of the file, but only create a header
699list if requested to do so. */
700
701inheader = TRUE;
702if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
703if (big_buffer[0] != '\n') goto SPOOL_FORMAT_ERROR;
704
705while ((n = fgetc(f)) != EOF)
706 {
707 header_line *h;
708 uschar flag[4];
709 int i;
710
711 if (!isdigit(n)) goto SPOOL_FORMAT_ERROR;
ff790e47
PH		 712 (void)ungetc(n, f);
713 (void)fscanf(f, "%d%c ", &n, flag);
059ec3d9
PH		 714 if (flag[0] != '*') message_size += n; /* Omit non-transmitted headers */
715
716 if (read_headers)
717 {
718 h = store_get(sizeof(header_line));
719 h->next = NULL;
720 h->type = flag[0];
721 h->slen = n;
722 h->text = store_get(n+1);
723
724 if (h->type == htype_received) received_count++;
725
726 if (header_list == NULL) header_list = h;
727 else header_last->next = h;
728 header_last = h;
729
730 for (i = 0; i < n; i++)
731 {
732 int c = fgetc(f);
733 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
734 if (c == '\n' && h->type != htype_old) message_linecount++;
735 h->text[i] = c;
736 }
737 h->text[i] = 0;
738 }
739
740 /* Not requiring header data, just skip through the bytes */
741
742 else for (i = 0; i < n; i++)
743 {
744 int c = fgetc(f);
745 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
746 }
747 }
748
749/* We have successfully read the data in the header file. Update the message
750line count by adding the body linecount to the header linecount. Close the file
751and give a positive response. */
752
753#ifndef COMPILE_UTILITY
754DEBUG(D_deliver) debug_printf("body_linecount=%d message_linecount=%d\n",
755 body_linecount, message_linecount);
756#endif /* COMPILE_UTILITY */
757
758message_linecount += body_linecount;
759
760fclose(f);
761return spool_read_OK;
762
763
764/* There was an error reading the spool or there was missing data,
765or there was a format error. A "read error" with no errno means an
766unexpected EOF, which we treat as a format error. */
767
768SPOOL_READ_ERROR:
769if (errno != 0)
770 {
771 n = errno;
772
773 #ifndef COMPILE_UTILITY
774 DEBUG(D_any) debug_printf("Error while reading spool file %s\n", name);
775 #endif /* COMPILE_UTILITY */
776
777 fclose(f);
778 errno = n;
779 return inheader? spool_read_hdrerror : spool_read_enverror;
780 }
781
782SPOOL_FORMAT_ERROR:
783
784#ifndef COMPILE_UTILITY
785DEBUG(D_any) debug_printf("Format error in spool file %s\n", name);
786#endif /* COMPILE_UTILITY */
787
788fclose(f);
789errno = ERRNO_SPOOLFORMAT;
790return inheader? spool_read_hdrerror : spool_read_enverror;
791}
792
793/* End of spool_in.c */
Unnamed repository; edit this file 'description' to name the repository.