Commit | Line | Data |
---|---|---|
1a46a8c5 | 1 | /* $Cambridge: exim/src/src/routers/redirect.c,v 1.7 2005/03/22 14:11:55 ph10 Exp $ */ |
0756eb3c PH |
2 | |
3 | /************************************************* | |
4 | * Exim - an Internet mail transport agent * | |
5 | *************************************************/ | |
6 | ||
c988f1f4 | 7 | /* Copyright (c) University of Cambridge 1995 - 2005 */ |
0756eb3c PH |
8 | /* See the file NOTICE for conditions of use and distribution. */ |
9 | ||
10 | ||
11 | #include "../exim.h" | |
12 | #include "rf_functions.h" | |
13 | #include "redirect.h" | |
14 | ||
15 | ||
16 | ||
17 | /* Options specific to the redirect router. */ | |
18 | ||
19 | optionlist redirect_router_options[] = { | |
20 | { "allow_defer", opt_bit | (RDON_DEFER << 16), | |
21 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
22 | { "allow_fail", opt_bit | (RDON_FAIL << 16), | |
23 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
24 | { "allow_filter", opt_bit | (RDON_FILTER << 16), | |
25 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
26 | { "allow_freeze", opt_bit | (RDON_FREEZE << 16), | |
27 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
28 | { "check_ancestor", opt_bool, | |
29 | (void *)offsetof(redirect_router_options_block, check_ancestor) }, | |
30 | { "check_group", opt_bool, | |
31 | (void *)offsetof(redirect_router_options_block, check_group) }, | |
32 | { "check_owner", opt_bool, | |
33 | (void *)offsetof(redirect_router_options_block, check_owner) }, | |
34 | { "data", opt_stringptr, | |
35 | (void *)offsetof(redirect_router_options_block, data) }, | |
36 | { "directory_transport",opt_stringptr, | |
37 | (void *)offsetof(redirect_router_options_block, directory_transport_name) }, | |
38 | { "file", opt_stringptr, | |
39 | (void *)offsetof(redirect_router_options_block, file) }, | |
40 | { "file_transport", opt_stringptr, | |
41 | (void *)offsetof(redirect_router_options_block, file_transport_name) }, | |
42 | { "forbid_blackhole", opt_bit | (RDON_BLACKHOLE << 16), | |
43 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
23c7ff99 PH |
44 | { "forbid_exim_filter", opt_bit | (RDON_EXIM_FILTER << 16), |
45 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
0756eb3c PH |
46 | { "forbid_file", opt_bool, |
47 | (void *)offsetof(redirect_router_options_block, forbid_file) }, | |
1a46a8c5 PH |
48 | #ifdef EXPAND_DLFUNC |
49 | { "forbid_filter_dlfunc", opt_bit | (RDON_DLFUNC << 16), | |
50 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
51 | #endif | |
0756eb3c PH |
52 | { "forbid_filter_existstest", opt_bit | (RDON_EXISTS << 16), |
53 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
54 | { "forbid_filter_logwrite",opt_bit | (RDON_LOG << 16), | |
55 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
56 | { "forbid_filter_lookup", opt_bit | (RDON_LOOKUP << 16), | |
57 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
58 | #ifdef EXIM_PERL | |
59 | { "forbid_filter_perl", opt_bit | (RDON_PERL << 16), | |
60 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
61 | #endif | |
62 | { "forbid_filter_readfile", opt_bit | (RDON_READFILE << 16), | |
63 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
64 | { "forbid_filter_readsocket", opt_bit | (RDON_READSOCK << 16), | |
65 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
66 | { "forbid_filter_reply",opt_bool, | |
67 | (void *)offsetof(redirect_router_options_block, forbid_filter_reply) }, | |
68 | { "forbid_filter_run", opt_bit | (RDON_RUN << 16), | |
69 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
70 | { "forbid_include", opt_bit | (RDON_INCLUDE << 16), | |
71 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
72 | { "forbid_pipe", opt_bool, | |
73 | (void *)offsetof(redirect_router_options_block, forbid_pipe) }, | |
23c7ff99 PH |
74 | { "forbid_sieve_filter",opt_bit | (RDON_SIEVE_FILTER << 16), |
75 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
0756eb3c PH |
76 | { "hide_child_in_errmsg", opt_bool, |
77 | (void *)offsetof(redirect_router_options_block, hide_child_in_errmsg) }, | |
78 | { "ignore_eacces", opt_bit | (RDON_EACCES << 16), | |
79 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
80 | { "ignore_enotdir", opt_bit | (RDON_ENOTDIR << 16), | |
81 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
82 | { "include_directory", opt_stringptr, | |
83 | (void *)offsetof(redirect_router_options_block, include_directory) }, | |
84 | { "modemask", opt_octint, | |
85 | (void *)offsetof(redirect_router_options_block, modemask) }, | |
86 | { "one_time", opt_bool, | |
87 | (void *)offsetof(redirect_router_options_block, one_time) }, | |
88 | { "owners", opt_uidlist, | |
89 | (void *)offsetof(redirect_router_options_block, owners) }, | |
90 | { "owngroups", opt_gidlist, | |
91 | (void *)offsetof(redirect_router_options_block, owngroups) }, | |
92 | { "pipe_transport", opt_stringptr, | |
93 | (void *)offsetof(redirect_router_options_block, pipe_transport_name) }, | |
94 | { "qualify_domain", opt_stringptr, | |
95 | (void *)offsetof(redirect_router_options_block, qualify_domain) }, | |
96 | { "qualify_preserve_domain", opt_bool, | |
97 | (void *)offsetof(redirect_router_options_block, qualify_preserve_domain) }, | |
98 | { "repeat_use", opt_bool | opt_public, | |
99 | (void *)offsetof(router_instance, repeat_use) }, | |
100 | { "reply_transport", opt_stringptr, | |
101 | (void *)offsetof(redirect_router_options_block, reply_transport_name) }, | |
102 | { "rewrite", opt_bit | (RDON_REWRITE << 16), | |
103 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
104 | { "sieve_vacation_directory", opt_stringptr, | |
105 | (void *)offsetof(redirect_router_options_block, sieve_vacation_directory) }, | |
106 | { "skip_syntax_errors", opt_bool, | |
107 | (void *)offsetof(redirect_router_options_block, skip_syntax_errors) }, | |
8523533c TK |
108 | #ifdef EXPERIMENTAL_SRS |
109 | { "srs", opt_stringptr, | |
110 | (void *)offsetof(redirect_router_options_block, srs) }, | |
111 | { "srs_alias", opt_stringptr, | |
112 | (void *)offsetof(redirect_router_options_block, srs_alias) }, | |
113 | { "srs_condition", opt_stringptr, | |
114 | (void *)offsetof(redirect_router_options_block, srs_condition) }, | |
115 | { "srs_db", opt_stringptr, | |
116 | (void *)offsetof(redirect_router_options_block, srs_db) }, | |
117 | #endif | |
0756eb3c PH |
118 | { "syntax_errors_text", opt_stringptr, |
119 | (void *)offsetof(redirect_router_options_block, syntax_errors_text) }, | |
120 | { "syntax_errors_to", opt_stringptr, | |
121 | (void *)offsetof(redirect_router_options_block, syntax_errors_to) } | |
122 | }; | |
123 | ||
124 | /* Size of the options list. An extern variable has to be used so that its | |
125 | address can appear in the tables drtables.c. */ | |
126 | ||
127 | int redirect_router_options_count = | |
128 | sizeof(redirect_router_options)/sizeof(optionlist); | |
129 | ||
130 | /* Default private options block for the redirect router. */ | |
131 | ||
132 | redirect_router_options_block redirect_router_option_defaults = { | |
133 | NULL, /* directory_transport */ | |
134 | NULL, /* file_transport */ | |
135 | NULL, /* pipe_transport */ | |
136 | NULL, /* reply_transport */ | |
137 | NULL, /* data */ | |
138 | NULL, /* directory_transport_name */ | |
139 | NULL, /* file */ | |
140 | NULL, /* file_dir */ | |
141 | NULL, /* file_transport_name */ | |
142 | NULL, /* include_directory */ | |
143 | NULL, /* pipe_transport_name */ | |
144 | NULL, /* reply_transport_name */ | |
145 | NULL, /* sieve_vacation_directory */ | |
146 | NULL, /* syntax_errors_text */ | |
147 | NULL, /* syntax_errors_to */ | |
148 | NULL, /* qualify_domain */ | |
149 | NULL, /* owners */ | |
150 | NULL, /* owngroups */ | |
8523533c TK |
151 | #ifdef EXPERIMENTAL_SRS |
152 | NULL, /* srs */ | |
153 | NULL, /* srs_condition */ | |
154 | NULL, /* srs_db */ | |
155 | NULL, /* srs_alias */ | |
156 | #endif | |
0756eb3c PH |
157 | 022, /* modemask */ |
158 | RDO_REWRITE, /* bit_options */ | |
159 | FALSE, /* check_ancestor */ | |
160 | TRUE_UNSET, /* check_owner */ | |
161 | TRUE_UNSET, /* check_group */ | |
162 | FALSE, /* forbid_file */ | |
163 | FALSE, /* forbid_filter_reply */ | |
164 | FALSE, /* forbid_pipe */ | |
165 | FALSE, /* hide_child_in_errmsg */ | |
166 | FALSE, /* one_time */ | |
167 | FALSE, /* qualify_preserve_domain */ | |
168 | FALSE /* skip_syntax_errors */ | |
169 | }; | |
170 | ||
171 | ||
172 | ||
173 | /************************************************* | |
174 | * Initialization entry point * | |
175 | *************************************************/ | |
176 | ||
177 | /* Called for each instance, after its options have been read, to enable | |
178 | consistency checks to be done, or anything else that needs to be set up. */ | |
179 | ||
180 | void redirect_router_init(router_instance *rblock) | |
181 | { | |
182 | redirect_router_options_block *ob = | |
183 | (redirect_router_options_block *)(rblock->options_block); | |
184 | ||
185 | /* Either file or data must be set, but not both */ | |
186 | ||
187 | if ((ob->file == NULL) == (ob->data == NULL)) | |
188 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
189 | "%sone of \"file\" or \"data\" must be specified", | |
190 | rblock->name, (ob->file == NULL)? "" : "only "); | |
191 | ||
7f45268c PH |
192 | /* Onetime aliases can only be real addresses. Headers can't be manipulated. |
193 | The combination of one_time and unseen is not allowed. We can't check the | |
194 | expansion of "unseen" here, but we assume that if it is set to anything other | |
195 | than false, there is likely to be a problem. */ | |
0756eb3c PH |
196 | |
197 | if (ob->one_time) | |
198 | { | |
199 | ob->forbid_pipe = ob->forbid_file = ob->forbid_filter_reply = TRUE; | |
200 | if (rblock->extra_headers != NULL || rblock->remove_headers != NULL) | |
201 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
202 | "\"headers_add\" and \"headers_remove\" are not permitted with " | |
203 | "\"one_time\"", rblock->name); | |
7f45268c PH |
204 | if (rblock->unseen || rblock->expand_unseen != NULL) |
205 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
206 | "\"unseen\" may not be used with \"one_time\"", rblock->name); | |
0756eb3c PH |
207 | } |
208 | ||
209 | /* The defaults for check_owner and check_group depend on other settings. The | |
210 | defaults are: Check the owner if check_local_user or owners is set; check the | |
211 | group if check_local_user is set without a restriction on the group write bit, | |
212 | or if owngroups is set. */ | |
213 | ||
214 | if (ob->check_owner == TRUE_UNSET) | |
215 | ob->check_owner = rblock->check_local_user || | |
216 | (ob->owners != NULL && ob->owners[0] != 0); | |
217 | ||
218 | if (ob->check_group == TRUE_UNSET) | |
219 | ob->check_group = (rblock->check_local_user && (ob->modemask & 020) == 0) || | |
220 | (ob->owngroups != NULL && ob->owngroups[0] != 0); | |
221 | ||
222 | /* If explicit qualify domain set, the preserve option is locked out */ | |
223 | ||
224 | if (ob->qualify_domain != NULL && ob->qualify_preserve_domain) | |
225 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
226 | "only one of \"qualify_domain\" or \"qualify_preserve_domain\" must be set", | |
227 | rblock->name); | |
228 | ||
229 | /* If allow_filter is set, either user or check_local_user must be set. */ | |
230 | ||
231 | if (!rblock->check_local_user && | |
232 | !rblock->uid_set && | |
233 | rblock->expand_uid == NULL && | |
234 | (ob->bit_options & RDO_FILTER) != 0) | |
235 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
236 | "\"user\" or \"check_local_user\" must be set with \"allow_filter\"", | |
237 | rblock->name); | |
238 | } | |
239 | ||
240 | ||
241 | ||
242 | /************************************************* | |
243 | * Get errors address and header mods * | |
244 | *************************************************/ | |
245 | ||
246 | /* This function is called when new addresses are generated, in order to | |
247 | sort out errors address and header modifications. We put the errors address | |
248 | into the parent address (even though it is never used from there because that | |
249 | address is never transported) so that it can be retrieved if any of the | |
250 | children gets routed by an "unseen" router. The clone of the child that is | |
251 | passed on must have the original errors_address value. | |
252 | ||
253 | Arguments: | |
254 | rblock the router control block | |
255 | addr the address being routed | |
256 | verify true if verifying | |
257 | addr_prop point to the propagated block, which is where the | |
258 | new values are to be placed | |
259 | ||
260 | Returns: the result of rf_get_errors_address() or rf_get_munge_headers(), | |
261 | which is either OK or DEFER | |
262 | */ | |
263 | ||
264 | static int | |
265 | sort_errors_and_headers(router_instance *rblock, address_item *addr, | |
266 | BOOL verify, address_item_propagated *addr_prop) | |
267 | { | |
268 | int frc = rf_get_errors_address(addr, rblock, verify, | |
269 | &(addr_prop->errors_address)); | |
270 | if (frc != OK) return frc; | |
271 | addr->p.errors_address = addr_prop->errors_address; | |
272 | return rf_get_munge_headers(addr, rblock, &(addr_prop->extra_headers), | |
273 | &(addr_prop->remove_headers)); | |
274 | } | |
275 | ||
276 | ||
277 | ||
278 | /************************************************* | |
279 | * Process a set of generated new addresses * | |
280 | *************************************************/ | |
281 | ||
282 | /* This function sets up a set of newly generated child addresses and puts them | |
283 | on the new address chain. Copy in the uid, gid and permission flags for use by | |
284 | pipes and files, set the parent, and "or" its af_ignore_error flag. Also record | |
285 | the setting for any starting router. | |
286 | ||
287 | If the generated address is the same as one of its ancestors, and the | |
288 | check_ancestor flag is set, do not use this generated address, but replace it | |
289 | with a copy of the input address. This is to cope with cases where A is aliased | |
290 | to B and B has a .forward file pointing to A, though it is usually set on the | |
291 | forwardfile rather than the aliasfile. We can't just pass on the old | |
292 | address by returning FAIL, because it must act as a general parent for | |
293 | generated addresses, and only get marked "done" when all its children are | |
294 | delivered. | |
295 | ||
296 | Arguments: | |
297 | rblock router block | |
298 | addr_new new address chain | |
299 | addr original address | |
300 | generated list of generated addresses | |
301 | addr_prop the propagated block, containing the errors_address, | |
302 | header modification stuff, and address_data | |
303 | ugidptr points to uid/gid data for files, pipes, autoreplies | |
304 | pw password entry, set if ob->check_local_user is TRUE | |
305 | ||
306 | Returns: nothing | |
307 | */ | |
308 | ||
309 | static void | |
310 | add_generated(router_instance *rblock, address_item **addr_new, | |
311 | address_item *addr, address_item *generated, | |
312 | address_item_propagated *addr_prop, ugid_block *ugidptr, struct passwd *pw) | |
313 | { | |
314 | redirect_router_options_block *ob = | |
315 | (redirect_router_options_block *)(rblock->options_block); | |
316 | ||
317 | while (generated != NULL) | |
318 | { | |
319 | address_item *parent; | |
320 | address_item *next = generated; | |
321 | uschar *errors_address = next->p.errors_address; | |
322 | ||
323 | generated = next->next; | |
324 | next->parent = addr; | |
325 | orflag(next, addr, af_ignore_error); | |
326 | next->start_router = rblock->redirect_router; | |
327 | addr->child_count++; | |
328 | ||
329 | next->next = *addr_new; | |
330 | *addr_new = next; | |
331 | ||
332 | /* Don't do the "one_time" thing for the first pass of a 2-stage queue run. */ | |
333 | ||
334 | if (ob->one_time && !queue_2stage) | |
335 | { | |
336 | for (parent = addr; parent->parent != NULL; parent = parent->parent); | |
337 | next->onetime_parent = parent->address; | |
338 | } | |
339 | ||
340 | if (ob->hide_child_in_errmsg) setflag(next, af_hide_child); | |
341 | ||
342 | /* If check_ancestor is set, we want to know if any ancestor of this address | |
343 | is the address we are about to generate. The check must be done caselessly | |
344 | unless the ancestor was routed by a case-sensitive router. */ | |
345 | ||
346 | if (ob->check_ancestor) | |
347 | { | |
348 | for (parent = addr; parent != NULL; parent = parent->parent) | |
349 | { | |
350 | if (((parent->router != NULL && parent->router->caseful_local_part)? | |
351 | Ustrcmp(next->address, parent->address) | |
352 | : | |
353 | strcmpic(next->address, parent->address) | |
354 | ) == 0) | |
355 | { | |
356 | DEBUG(D_route) debug_printf("generated parent replaced by child\n"); | |
357 | next->address = string_copy(addr->address); | |
358 | break; | |
359 | } | |
360 | } | |
361 | } | |
362 | ||
363 | /* A user filter may, under some circumstances, set up an errors address. | |
364 | If so, we must take care to re-instate it when we copy in the propagated | |
365 | data so that it overrides any errors_to setting on the router. */ | |
366 | ||
367 | next->p = *addr_prop; | |
368 | if (errors_address != NULL) next->p.errors_address = errors_address; | |
369 | ||
370 | /* For pipes, files, and autoreplies, record this router as handling them, | |
371 | because they don't go through the routing process again. Then set up uid, | |
372 | gid, home and current directories for transporting. */ | |
373 | ||
374 | if (testflag(next, af_pfr)) | |
375 | { | |
376 | next->router = rblock; | |
377 | rf_set_ugid(next, ugidptr); /* Will contain pw values if not overridden */ | |
378 | ||
379 | /* When getting the home directory out of the password information, wrap it | |
380 | in \N...\N to avoid expansion later. In Cygwin, home directories can | |
381 | contain $ characters. */ | |
382 | ||
383 | if (rblock->home_directory != NULL) | |
384 | next->home_dir = rblock->home_directory; | |
385 | else if (rblock->check_local_user) | |
386 | next->home_dir = string_sprintf("\\N%s\\N", pw->pw_dir); | |
387 | else if (rblock->router_home_directory != NULL && | |
388 | testflag(addr, af_home_expanded)) | |
389 | { | |
390 | next->home_dir = deliver_home; | |
391 | setflag(next, af_home_expanded); | |
392 | } | |
393 | ||
394 | next->current_dir = rblock->current_directory; | |
395 | ||
396 | /* Permission options */ | |
397 | ||
398 | if (!ob->forbid_pipe) setflag(next, af_allow_pipe); | |
399 | if (!ob->forbid_file) setflag(next, af_allow_file); | |
400 | if (!ob->forbid_filter_reply) setflag(next, af_allow_reply); | |
401 | ||
402 | /* If the transport setting fails, the error gets picked up at the outer | |
403 | level from the setting of basic_errno in the address. */ | |
404 | ||
405 | if (next->address[0] == '|') | |
406 | { | |
407 | address_pipe = next->address; | |
408 | if (rf_get_transport(ob->pipe_transport_name, &(ob->pipe_transport), | |
409 | next, rblock->name, US"pipe_transport")) | |
410 | next->transport = ob->pipe_transport; | |
411 | address_pipe = NULL; | |
412 | } | |
413 | else if (next->address[0] == '>') | |
414 | { | |
415 | if (rf_get_transport(ob->reply_transport_name, &(ob->reply_transport), | |
416 | next, rblock->name, US"reply_transport")) | |
417 | next->transport = ob->reply_transport; | |
418 | } | |
419 | else /* must be file or directory */ | |
420 | { | |
421 | int len = Ustrlen(next->address); | |
422 | address_file = next->address; | |
423 | if (next->address[len-1] == '/') | |
424 | { | |
425 | if (rf_get_transport(ob->directory_transport_name, | |
426 | &(ob->directory_transport), next, rblock->name, | |
427 | US"directory_transport")) | |
428 | next->transport = ob->directory_transport; | |
429 | } | |
430 | else | |
431 | { | |
432 | if (rf_get_transport(ob->file_transport_name, &(ob->file_transport), | |
433 | next, rblock->name, US"file_transport")) | |
434 | next->transport = ob->file_transport; | |
435 | } | |
436 | address_file = NULL; | |
437 | } | |
438 | } | |
439 | ||
440 | DEBUG(D_route) | |
441 | { | |
442 | debug_printf("%s router generated %s\n %serrors_to=%s transport=%s\n", | |
443 | rblock->name, | |
444 | next->address, | |
445 | testflag(next, af_pfr)? "pipe, file, or autoreply\n " : "", | |
446 | next->p.errors_address, | |
447 | (next->transport == NULL)? US"NULL" : next->transport->name); | |
448 | ||
449 | if (testflag(next, af_uid_set)) | |
450 | debug_printf(" uid=%ld ", (long int)(next->uid)); | |
451 | else | |
452 | debug_printf(" uid=unset "); | |
453 | ||
454 | if (testflag(next, af_gid_set)) | |
455 | debug_printf("gid=%ld ", (long int)(next->gid)); | |
456 | else | |
457 | debug_printf("gid=unset "); | |
458 | ||
459 | debug_printf("home=%s\n", next->home_dir); | |
460 | } | |
461 | } | |
462 | } | |
463 | ||
464 | ||
465 | /************************************************* | |
466 | * Main entry point * | |
467 | *************************************************/ | |
468 | ||
469 | /* See local README for interface description. This router returns: | |
470 | ||
471 | DECLINE | |
472 | . empty address list, or filter did nothing significant | |
473 | ||
474 | DEFER | |
475 | . verifying the errors address caused a deferment or a big disaster such | |
476 | as an expansion failure (rf_get_errors_address) | |
477 | . expanding a headers_{add,remove} string caused a deferment or another | |
478 | expansion error (rf_get_munge_headers) | |
479 | . :defer: or "freeze" in a filter | |
480 | . error in address list or filter | |
481 | . skipped syntax errors, but failed to send the message | |
482 | ||
483 | DISCARD | |
484 | . address was :blackhole:d or "seen finish"ed | |
485 | ||
486 | FAIL | |
487 | . :fail: | |
488 | ||
489 | OK | |
490 | . new addresses added to addr_new | |
491 | */ | |
492 | ||
493 | int redirect_router_entry( | |
494 | router_instance *rblock, /* data for this instantiation */ | |
495 | address_item *addr, /* address we are working on */ | |
496 | struct passwd *pw, /* passwd entry after check_local_user */ | |
497 | BOOL verify, /* TRUE when verifying */ | |
498 | address_item **addr_local, /* add it to this if it's local */ | |
499 | address_item **addr_remote, /* add it to this if it's remote */ | |
500 | address_item **addr_new, /* put new addresses on here */ | |
501 | address_item **addr_succeed) /* put old address here on success */ | |
502 | { | |
503 | redirect_router_options_block *ob = | |
504 | (redirect_router_options_block *)(rblock->options_block); | |
505 | address_item *generated = NULL; | |
506 | uschar *save_qualify_domain_recipient = qualify_domain_recipient; | |
507 | uschar *discarded = US"discarded"; | |
508 | address_item_propagated addr_prop; | |
509 | error_block *eblock = NULL; | |
510 | ugid_block ugid; | |
511 | redirect_block redirect; | |
512 | int filtertype = FILTER_UNSET; | |
513 | int yield = OK; | |
514 | int options = ob->bit_options; | |
515 | int frc = 0; | |
516 | int xrc = 0; | |
517 | ||
518 | addr_local = addr_local; /* Keep picky compilers happy */ | |
519 | addr_remote = addr_remote; | |
520 | ||
521 | /* Initialize the data to be propagated to the children */ | |
522 | ||
523 | addr_prop.address_data = deliver_address_data; | |
524 | addr_prop.domain_data = deliver_domain_data; | |
525 | addr_prop.localpart_data = deliver_localpart_data; | |
526 | addr_prop.errors_address = NULL; | |
527 | addr_prop.extra_headers = NULL; | |
528 | addr_prop.remove_headers = NULL; | |
529 | ||
530 | /* When verifying and testing addresses, the "logwrite" command in filters | |
531 | must be bypassed. */ | |
532 | ||
533 | if (!verify && !address_test_mode) options |= RDO_REALLOG; | |
534 | ||
535 | /* Sort out the fixed or dynamic uid/gid. This uid is used (a) for reading the | |
536 | file (and interpreting a filter) and (b) for running the transports for | |
537 | generated file and pipe addresses. It is not (necessarily) the same as the uids | |
538 | that may own the file. Exim panics if an expanded string is not a number and | |
539 | can't be found in the password file. Other errors set the freezing bit. */ | |
540 | ||
541 | if (!rf_get_ugid(rblock, addr, &ugid)) return DEFER; | |
542 | ||
543 | if (!ugid.uid_set && pw != NULL) | |
544 | { | |
545 | ugid.uid = pw->pw_uid; | |
546 | ugid.uid_set = TRUE; | |
547 | } | |
548 | ||
549 | if (!ugid.gid_set && pw != NULL) | |
550 | { | |
551 | ugid.gid = pw->pw_gid; | |
552 | ugid.gid_set = TRUE; | |
553 | } | |
554 | ||
8523533c TK |
555 | #ifdef EXPERIMENTAL_SRS |
556 | /* For reverse SRS, fill the srs_recipient expandsion variable, | |
557 | on failure, return decline/fail as relevant */ | |
558 | if(ob->srs != NULL) | |
559 | { | |
560 | BOOL usesrs = TRUE; | |
8e669ac1 | 561 | |
8523533c TK |
562 | if(ob->srs_condition != NULL) |
563 | usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL); | |
8e669ac1 | 564 | |
8523533c TK |
565 | if(usesrs) |
566 | if(Ustrcmp(ob->srs, "reverse") == 0 || Ustrcmp(ob->srs, "reverseandforward") == 0) | |
567 | { | |
568 | uschar *res; | |
569 | int n_srs; | |
8e669ac1 | 570 | |
8523533c TK |
571 | srs_orig_recipient = addr->address; |
572 | eximsrs_init(); | |
573 | if(ob->srs_db) | |
574 | eximsrs_db_set(TRUE, ob->srs_db); | |
575 | if((n_srs = eximsrs_reverse(&res, addr->address)) != OK) | |
576 | return n_srs; | |
577 | srs_recipient = res; | |
578 | eximsrs_done(); | |
579 | DEBUG(D_any) | |
c988f1f4 | 580 | debug_printf("SRS: Recipient '%s' rewritten to '%s'\n", srs_orig_recipient, srs_recipient); |
8523533c TK |
581 | } |
582 | } | |
583 | #endif | |
584 | ||
0756eb3c PH |
585 | /* Call the function that interprets redirection data, either inline or from a |
586 | file. This is a separate function so that the system filter can use it. It will | |
587 | run the function in a subprocess if necessary. If qualify_preserve_domain is | |
588 | set, temporarily reset qualify_domain_recipient to the current domain so that | |
589 | any unqualified addresses get qualified with the same domain as the incoming | |
590 | address. Otherwise, if a local qualify_domain is provided, set that up. */ | |
591 | ||
592 | if (ob->qualify_preserve_domain) | |
593 | qualify_domain_recipient = addr->domain; | |
594 | else if (ob->qualify_domain != NULL) | |
595 | { | |
596 | uschar *new_qdr = rf_expand_data(addr, ob->qualify_domain, &xrc); | |
597 | if (new_qdr == NULL) return xrc; | |
598 | qualify_domain_recipient = new_qdr; | |
599 | } | |
600 | ||
601 | redirect.owners = ob->owners; | |
602 | redirect.owngroups = ob->owngroups; | |
603 | redirect.modemask = ob->modemask; | |
604 | redirect.check_owner = ob->check_owner; | |
605 | redirect.check_group = ob->check_group; | |
606 | redirect.pw = pw; | |
607 | ||
608 | if (ob->file != NULL) | |
609 | { | |
610 | redirect.string = ob->file; | |
611 | redirect.isfile = TRUE; | |
612 | } | |
613 | else | |
614 | { | |
615 | redirect.string = ob->data; | |
616 | redirect.isfile = FALSE; | |
617 | } | |
618 | ||
619 | frc = rda_interpret(&redirect, options, ob->include_directory, | |
620 | ob->sieve_vacation_directory, &ugid, &generated, &(addr->message), | |
621 | ob->skip_syntax_errors? &eblock : NULL, &filtertype, | |
622 | string_sprintf("%s router (recipient is %s)", rblock->name, addr->address)); | |
623 | ||
624 | qualify_domain_recipient = save_qualify_domain_recipient; | |
625 | ||
626 | /* Handle exceptional returns from filtering or processing an address list. | |
627 | For FAIL and FREEZE we honour any previously set up deliveries by a filter. */ | |
628 | ||
629 | switch (frc) | |
630 | { | |
631 | case FF_NONEXIST: | |
632 | addr->message = addr->user_message = NULL; | |
633 | return DECLINE; | |
634 | ||
635 | case FF_BLACKHOLE: | |
636 | DEBUG(D_route) debug_printf("address :blackhole:d\n"); | |
637 | generated = NULL; | |
638 | discarded = US":blackhole:"; | |
639 | frc = FF_DELIVERED; | |
640 | break; | |
641 | ||
642 | /* FF_DEFER and FF_FAIL can arise only as a result of explicit commands | |
643 | (:fail: in an alias file or "fail" in a filter). If a configured message was | |
644 | supplied, allow it to be included in an SMTP response after verifying. */ | |
645 | ||
646 | case FF_DEFER: | |
647 | if (addr->message == NULL) addr->message = US"forced defer"; | |
648 | else addr->user_message = addr->message; | |
649 | return DEFER; | |
650 | ||
651 | case FF_FAIL: | |
652 | if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK) | |
653 | return xrc; | |
654 | add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw); | |
655 | if (addr->message == NULL) addr->message = US"forced rejection"; | |
656 | else addr->user_message = addr->message; | |
657 | return FAIL; | |
658 | ||
659 | /* As in the case of a system filter, a freeze does not happen after a manual | |
660 | thaw. In case deliveries were set up by the filter, we set the child count | |
661 | high so that their completion does not mark the original address done. */ | |
662 | ||
663 | case FF_FREEZE: | |
664 | if (!deliver_manual_thaw) | |
665 | { | |
666 | if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) | |
667 | != OK) return xrc; | |
668 | add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw); | |
669 | if (addr->message == NULL) addr->message = US"frozen by filter"; | |
670 | addr->special_action = SPECIAL_FREEZE; | |
671 | addr->child_count = 9999; | |
672 | return DEFER; | |
673 | } | |
674 | frc = FF_NOTDELIVERED; | |
675 | break; | |
676 | ||
677 | /* Handle syntax errors and :include: failures and lookup defers */ | |
678 | ||
679 | case FF_ERROR: | |
680 | case FF_INCLUDEFAIL: | |
681 | ||
682 | /* If filtertype is still FILTER_UNSET, it means that the redirection data | |
683 | was never inspected, so the error was an expansion failure or failure to open | |
684 | the file, or whatever. In these cases, the existing error message is probably | |
685 | sufficient. */ | |
686 | ||
687 | if (filtertype == FILTER_UNSET) return DEFER; | |
688 | ||
689 | /* If it was a filter and skip_syntax_errors is set, we want to set up | |
690 | the error message so that it can be logged and mailed to somebody. */ | |
691 | ||
692 | if (filtertype != FILTER_FORWARD && ob->skip_syntax_errors) | |
693 | { | |
694 | eblock = store_get(sizeof(error_block)); | |
695 | eblock->next = NULL; | |
696 | eblock->text1 = addr->message; | |
697 | eblock->text2 = NULL; | |
698 | addr->message = addr->user_message = NULL; | |
699 | } | |
700 | ||
701 | /* Otherwise set up the error for the address and defer. */ | |
702 | ||
703 | else | |
704 | { | |
705 | addr->basic_errno = ERRNO_BADREDIRECT; | |
706 | addr->message = string_sprintf("error in %s %s: %s", | |
707 | (filtertype != FILTER_FORWARD)? "filter" : "redirect", | |
708 | (ob->data == NULL)? "file" : "data", | |
709 | addr->message); | |
710 | return DEFER; | |
711 | } | |
712 | } | |
713 | ||
714 | ||
715 | /* Yield is either FF_DELIVERED (significant action) or FF_NOTDELIVERED (no | |
716 | significant action). Before dealing with these, however, we must handle the | |
717 | effect of skip_syntax_errors. | |
718 | ||
719 | If skip_syntax_errors was set and there were syntax errors in an address list, | |
720 | error messages will be present in eblock. Log them and send a message if so | |
721 | configured. We cannot do this earlier, because the error message must not be | |
722 | sent as the local user. If there were no valid addresses, generated will be | |
723 | NULL. In this case, the router declines. | |
724 | ||
725 | For a filter file, the error message has been fudged into an eblock. After | |
726 | dealing with it, the router declines. */ | |
727 | ||
728 | if (eblock != NULL) | |
729 | { | |
730 | if (!moan_skipped_syntax_errors( | |
731 | rblock->name, /* For message content */ | |
732 | eblock, /* Ditto */ | |
733 | (verify || address_test_mode)? | |
734 | NULL : ob->syntax_errors_to, /* Who to mail */ | |
735 | generated != NULL, /* True if not all failed */ | |
736 | ob->syntax_errors_text)) /* Custom message */ | |
737 | return DEFER; | |
738 | ||
739 | if (filtertype != FILTER_FORWARD || generated == NULL) | |
740 | { | |
741 | addr->message = US"syntax error in redirection data"; | |
742 | return DECLINE; | |
743 | } | |
744 | } | |
745 | ||
746 | /* Sort out the errors address and any header modifications, and handle the | |
747 | generated addresses, if any. If there are no generated addresses, we must avoid | |
748 | calling sort_errors_and_headers() in case this router declines - that function | |
749 | may modify the errors_address field in the current address, and we don't want | |
750 | to do that for a decline. */ | |
751 | ||
752 | if (generated != NULL) | |
753 | { | |
754 | if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK) | |
755 | return xrc; | |
756 | add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw); | |
757 | } | |
758 | ||
759 | /* FF_DELIVERED with no generated addresses is what we get when an address list | |
760 | contains :blackhole: or a filter contains "seen finish" without having | |
761 | generated anything. Log what happened to this address, and return DISCARD. */ | |
762 | ||
763 | if (frc == FF_DELIVERED) | |
764 | { | |
765 | if (generated == NULL && !verify && !address_test_mode) | |
766 | { | |
767 | log_write(0, LOG_MAIN, "=> %s <%s> R=%s", discarded, addr->address, | |
768 | rblock->name); | |
769 | yield = DISCARD; | |
770 | } | |
771 | } | |
772 | ||
773 | /* For an address list, FF_NOTDELIVERED always means that no addresses were | |
774 | generated. For a filter, addresses may or may not have been generated. If none | |
775 | were, it's the same as an empty address list, and the router declines. However, | |
776 | if addresses were generated, we can't just decline because successful delivery | |
777 | of the base address gets it marked "done", so deferred generated addresses | |
778 | never get tried again. We have to generate a new version of the base address, | |
779 | as if there were a "deliver" command in the filter file, with the original | |
780 | address as parent. */ | |
781 | ||
782 | else | |
783 | { | |
784 | address_item *next; | |
785 | ||
786 | if (generated == NULL) return DECLINE; | |
787 | ||
788 | next = deliver_make_addr(addr->address, FALSE); | |
789 | next->parent = addr; | |
790 | addr->child_count++; | |
791 | next->next = *addr_new; | |
792 | *addr_new = next; | |
793 | ||
794 | /* Copy relevant flags (af_propagate is a name for the set), and set the | |
795 | data that propagates. */ | |
796 | ||
797 | copyflag(next, addr, af_propagate); | |
798 | next->p = addr_prop; | |
799 | ||
800 | DEBUG(D_route) debug_printf("%s router autogenerated %s\n%s%s%s", | |
801 | rblock->name, | |
802 | next->address, | |
803 | (addr_prop.errors_address != NULL)? " errors to " : "", | |
804 | (addr_prop.errors_address != NULL)? addr_prop.errors_address : US"", | |
805 | (addr_prop.errors_address != NULL)? "\n" : ""); | |
806 | } | |
807 | ||
8523533c TK |
808 | #ifdef EXPERIMENTAL_SRS |
809 | /* On successful redirection, check for SRS forwarding and adjust sender */ | |
810 | if(ob->srs != NULL) | |
811 | { | |
812 | BOOL usesrs = TRUE; | |
8e669ac1 | 813 | |
8523533c TK |
814 | if(ob->srs_condition != NULL) |
815 | usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL); | |
8e669ac1 | 816 | |
8523533c TK |
817 | if(usesrs) |
818 | if((Ustrcmp(ob->srs, "forward") == 0 || Ustrcmp(ob->srs, "reverseandforward") == 0) && !verify) | |
819 | { | |
820 | uschar *res; | |
821 | uschar *usedomain; | |
822 | int n_srs; | |
8e669ac1 | 823 | |
8523533c TK |
824 | srs_orig_sender = sender_address; |
825 | eximsrs_init(); | |
826 | if(ob->srs_db) | |
827 | eximsrs_db_set(FALSE, ob->srs_db); | |
828 | ||
829 | if(ob->srs_alias != NULL ? (usedomain = expand_string(ob->srs_alias)) == NULL : 1) | |
830 | usedomain = deliver_domain; | |
8e669ac1 | 831 | |
8523533c TK |
832 | if((n_srs = eximsrs_forward(&res, sender_address, usedomain)) != OK) |
833 | return n_srs; | |
834 | sender_address = res; | |
835 | DEBUG(D_any) | |
836 | debug_printf("SRS: Sender '%s' rewritten to '%s'\n", srs_orig_sender, sender_address); | |
837 | } | |
838 | } | |
839 | #endif | |
840 | ||
0756eb3c PH |
841 | /* Control gets here only when the address has been completely handled. Put the |
842 | original address onto the succeed queue so that any retry items that get | |
843 | attached to it get processed. */ | |
844 | ||
845 | addr->next = *addr_succeed; | |
846 | *addr_succeed = addr; | |
847 | ||
848 | return yield; | |
849 | } | |
850 | ||
851 | /* End of routers/redirect.c */ |