Install Tony's patch for $message_linecount.
[exim.git] / src / src / routers / redirect.c
CommitLineData
e4a89c47 1/* $Cambridge: exim/src/src/routers/redirect.c,v 1.9 2005/04/06 14:40:24 ph10 Exp $ */
0756eb3c
PH
2
3/*************************************************
4* Exim - an Internet mail transport agent *
5*************************************************/
6
c988f1f4 7/* Copyright (c) University of Cambridge 1995 - 2005 */
0756eb3c
PH
8/* See the file NOTICE for conditions of use and distribution. */
9
10
11#include "../exim.h"
12#include "rf_functions.h"
13#include "redirect.h"
14
15
16
17/* Options specific to the redirect router. */
18
19optionlist redirect_router_options[] = {
20 { "allow_defer", opt_bit | (RDON_DEFER << 16),
21 (void *)offsetof(redirect_router_options_block, bit_options) },
22 { "allow_fail", opt_bit | (RDON_FAIL << 16),
23 (void *)offsetof(redirect_router_options_block, bit_options) },
24 { "allow_filter", opt_bit | (RDON_FILTER << 16),
25 (void *)offsetof(redirect_router_options_block, bit_options) },
26 { "allow_freeze", opt_bit | (RDON_FREEZE << 16),
27 (void *)offsetof(redirect_router_options_block, bit_options) },
28 { "check_ancestor", opt_bool,
29 (void *)offsetof(redirect_router_options_block, check_ancestor) },
30 { "check_group", opt_bool,
31 (void *)offsetof(redirect_router_options_block, check_group) },
32 { "check_owner", opt_bool,
33 (void *)offsetof(redirect_router_options_block, check_owner) },
34 { "data", opt_stringptr,
35 (void *)offsetof(redirect_router_options_block, data) },
36 { "directory_transport",opt_stringptr,
37 (void *)offsetof(redirect_router_options_block, directory_transport_name) },
38 { "file", opt_stringptr,
39 (void *)offsetof(redirect_router_options_block, file) },
40 { "file_transport", opt_stringptr,
41 (void *)offsetof(redirect_router_options_block, file_transport_name) },
42 { "forbid_blackhole", opt_bit | (RDON_BLACKHOLE << 16),
43 (void *)offsetof(redirect_router_options_block, bit_options) },
23c7ff99
PH
44 { "forbid_exim_filter", opt_bit | (RDON_EXIM_FILTER << 16),
45 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH
46 { "forbid_file", opt_bool,
47 (void *)offsetof(redirect_router_options_block, forbid_file) },
1a46a8c5
PH
48 { "forbid_filter_dlfunc", opt_bit | (RDON_DLFUNC << 16),
49 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH
50 { "forbid_filter_existstest", opt_bit | (RDON_EXISTS << 16),
51 (void *)offsetof(redirect_router_options_block, bit_options) },
52 { "forbid_filter_logwrite",opt_bit | (RDON_LOG << 16),
53 (void *)offsetof(redirect_router_options_block, bit_options) },
54 { "forbid_filter_lookup", opt_bit | (RDON_LOOKUP << 16),
55 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH
56 { "forbid_filter_perl", opt_bit | (RDON_PERL << 16),
57 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH
58 { "forbid_filter_readfile", opt_bit | (RDON_READFILE << 16),
59 (void *)offsetof(redirect_router_options_block, bit_options) },
60 { "forbid_filter_readsocket", opt_bit | (RDON_READSOCK << 16),
61 (void *)offsetof(redirect_router_options_block, bit_options) },
62 { "forbid_filter_reply",opt_bool,
63 (void *)offsetof(redirect_router_options_block, forbid_filter_reply) },
64 { "forbid_filter_run", opt_bit | (RDON_RUN << 16),
65 (void *)offsetof(redirect_router_options_block, bit_options) },
66 { "forbid_include", opt_bit | (RDON_INCLUDE << 16),
67 (void *)offsetof(redirect_router_options_block, bit_options) },
68 { "forbid_pipe", opt_bool,
69 (void *)offsetof(redirect_router_options_block, forbid_pipe) },
23c7ff99
PH
70 { "forbid_sieve_filter",opt_bit | (RDON_SIEVE_FILTER << 16),
71 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH
72 { "hide_child_in_errmsg", opt_bool,
73 (void *)offsetof(redirect_router_options_block, hide_child_in_errmsg) },
74 { "ignore_eacces", opt_bit | (RDON_EACCES << 16),
75 (void *)offsetof(redirect_router_options_block, bit_options) },
76 { "ignore_enotdir", opt_bit | (RDON_ENOTDIR << 16),
77 (void *)offsetof(redirect_router_options_block, bit_options) },
78 { "include_directory", opt_stringptr,
79 (void *)offsetof(redirect_router_options_block, include_directory) },
80 { "modemask", opt_octint,
81 (void *)offsetof(redirect_router_options_block, modemask) },
82 { "one_time", opt_bool,
83 (void *)offsetof(redirect_router_options_block, one_time) },
84 { "owners", opt_uidlist,
85 (void *)offsetof(redirect_router_options_block, owners) },
86 { "owngroups", opt_gidlist,
87 (void *)offsetof(redirect_router_options_block, owngroups) },
88 { "pipe_transport", opt_stringptr,
89 (void *)offsetof(redirect_router_options_block, pipe_transport_name) },
90 { "qualify_domain", opt_stringptr,
91 (void *)offsetof(redirect_router_options_block, qualify_domain) },
92 { "qualify_preserve_domain", opt_bool,
93 (void *)offsetof(redirect_router_options_block, qualify_preserve_domain) },
94 { "repeat_use", opt_bool | opt_public,
95 (void *)offsetof(router_instance, repeat_use) },
96 { "reply_transport", opt_stringptr,
97 (void *)offsetof(redirect_router_options_block, reply_transport_name) },
98 { "rewrite", opt_bit | (RDON_REWRITE << 16),
99 (void *)offsetof(redirect_router_options_block, bit_options) },
e4a89c47
PH
100 { "sieve_subaddress", opt_stringptr,
101 (void *)offsetof(redirect_router_options_block, sieve_subaddress) },
102 { "sieve_useraddress", opt_stringptr,
103 (void *)offsetof(redirect_router_options_block, sieve_useraddress) },
0756eb3c
PH
104 { "sieve_vacation_directory", opt_stringptr,
105 (void *)offsetof(redirect_router_options_block, sieve_vacation_directory) },
106 { "skip_syntax_errors", opt_bool,
107 (void *)offsetof(redirect_router_options_block, skip_syntax_errors) },
8523533c
TK
108#ifdef EXPERIMENTAL_SRS
109 { "srs", opt_stringptr,
110 (void *)offsetof(redirect_router_options_block, srs) },
111 { "srs_alias", opt_stringptr,
112 (void *)offsetof(redirect_router_options_block, srs_alias) },
113 { "srs_condition", opt_stringptr,
114 (void *)offsetof(redirect_router_options_block, srs_condition) },
115 { "srs_db", opt_stringptr,
116 (void *)offsetof(redirect_router_options_block, srs_db) },
117#endif
0756eb3c
PH
118 { "syntax_errors_text", opt_stringptr,
119 (void *)offsetof(redirect_router_options_block, syntax_errors_text) },
120 { "syntax_errors_to", opt_stringptr,
121 (void *)offsetof(redirect_router_options_block, syntax_errors_to) }
122};
123
124/* Size of the options list. An extern variable has to be used so that its
125address can appear in the tables drtables.c. */
126
127int redirect_router_options_count =
128 sizeof(redirect_router_options)/sizeof(optionlist);
129
130/* Default private options block for the redirect router. */
131
132redirect_router_options_block redirect_router_option_defaults = {
133 NULL, /* directory_transport */
134 NULL, /* file_transport */
135 NULL, /* pipe_transport */
136 NULL, /* reply_transport */
137 NULL, /* data */
138 NULL, /* directory_transport_name */
139 NULL, /* file */
140 NULL, /* file_dir */
141 NULL, /* file_transport_name */
142 NULL, /* include_directory */
143 NULL, /* pipe_transport_name */
144 NULL, /* reply_transport_name */
e4a89c47
PH
145 NULL, /* sieve_subaddress */
146 NULL, /* sieve_useraddress */
0756eb3c
PH
147 NULL, /* sieve_vacation_directory */
148 NULL, /* syntax_errors_text */
149 NULL, /* syntax_errors_to */
150 NULL, /* qualify_domain */
151 NULL, /* owners */
152 NULL, /* owngroups */
8523533c
TK
153#ifdef EXPERIMENTAL_SRS
154 NULL, /* srs */
155 NULL, /* srs_condition */
156 NULL, /* srs_db */
157 NULL, /* srs_alias */
158#endif
0756eb3c
PH
159 022, /* modemask */
160 RDO_REWRITE, /* bit_options */
161 FALSE, /* check_ancestor */
162 TRUE_UNSET, /* check_owner */
163 TRUE_UNSET, /* check_group */
164 FALSE, /* forbid_file */
165 FALSE, /* forbid_filter_reply */
166 FALSE, /* forbid_pipe */
167 FALSE, /* hide_child_in_errmsg */
168 FALSE, /* one_time */
169 FALSE, /* qualify_preserve_domain */
170 FALSE /* skip_syntax_errors */
171};
172
173
174
175/*************************************************
176* Initialization entry point *
177*************************************************/
178
179/* Called for each instance, after its options have been read, to enable
180consistency checks to be done, or anything else that needs to be set up. */
181
182void redirect_router_init(router_instance *rblock)
183{
184redirect_router_options_block *ob =
185 (redirect_router_options_block *)(rblock->options_block);
186
187/* Either file or data must be set, but not both */
188
189if ((ob->file == NULL) == (ob->data == NULL))
190 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
191 "%sone of \"file\" or \"data\" must be specified",
192 rblock->name, (ob->file == NULL)? "" : "only ");
193
7f45268c
PH
194/* Onetime aliases can only be real addresses. Headers can't be manipulated.
195The combination of one_time and unseen is not allowed. We can't check the
196expansion of "unseen" here, but we assume that if it is set to anything other
197than false, there is likely to be a problem. */
0756eb3c
PH
198
199if (ob->one_time)
200 {
201 ob->forbid_pipe = ob->forbid_file = ob->forbid_filter_reply = TRUE;
202 if (rblock->extra_headers != NULL || rblock->remove_headers != NULL)
203 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
204 "\"headers_add\" and \"headers_remove\" are not permitted with "
205 "\"one_time\"", rblock->name);
7f45268c
PH
206 if (rblock->unseen || rblock->expand_unseen != NULL)
207 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
208 "\"unseen\" may not be used with \"one_time\"", rblock->name);
0756eb3c
PH
209 }
210
211/* The defaults for check_owner and check_group depend on other settings. The
212defaults are: Check the owner if check_local_user or owners is set; check the
213group if check_local_user is set without a restriction on the group write bit,
214or if owngroups is set. */
215
216if (ob->check_owner == TRUE_UNSET)
217 ob->check_owner = rblock->check_local_user ||
218 (ob->owners != NULL && ob->owners[0] != 0);
219
220if (ob->check_group == TRUE_UNSET)
221 ob->check_group = (rblock->check_local_user && (ob->modemask & 020) == 0) ||
222 (ob->owngroups != NULL && ob->owngroups[0] != 0);
223
224/* If explicit qualify domain set, the preserve option is locked out */
225
226if (ob->qualify_domain != NULL && ob->qualify_preserve_domain)
227 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
228 "only one of \"qualify_domain\" or \"qualify_preserve_domain\" must be set",
229 rblock->name);
230
231/* If allow_filter is set, either user or check_local_user must be set. */
232
233if (!rblock->check_local_user &&
234 !rblock->uid_set &&
235 rblock->expand_uid == NULL &&
236 (ob->bit_options & RDO_FILTER) != 0)
237 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
238 "\"user\" or \"check_local_user\" must be set with \"allow_filter\"",
239 rblock->name);
240}
241
242
243
244/*************************************************
245* Get errors address and header mods *
246*************************************************/
247
248/* This function is called when new addresses are generated, in order to
249sort out errors address and header modifications. We put the errors address
250into the parent address (even though it is never used from there because that
251address is never transported) so that it can be retrieved if any of the
252children gets routed by an "unseen" router. The clone of the child that is
253passed on must have the original errors_address value.
254
255Arguments:
256 rblock the router control block
257 addr the address being routed
258 verify true if verifying
259 addr_prop point to the propagated block, which is where the
260 new values are to be placed
261
262Returns: the result of rf_get_errors_address() or rf_get_munge_headers(),
263 which is either OK or DEFER
264*/
265
266static int
267sort_errors_and_headers(router_instance *rblock, address_item *addr,
268 BOOL verify, address_item_propagated *addr_prop)
269{
270int frc = rf_get_errors_address(addr, rblock, verify,
271 &(addr_prop->errors_address));
272if (frc != OK) return frc;
273addr->p.errors_address = addr_prop->errors_address;
274return rf_get_munge_headers(addr, rblock, &(addr_prop->extra_headers),
275 &(addr_prop->remove_headers));
276}
277
278
279
280/*************************************************
281* Process a set of generated new addresses *
282*************************************************/
283
284/* This function sets up a set of newly generated child addresses and puts them
285on the new address chain. Copy in the uid, gid and permission flags for use by
286pipes and files, set the parent, and "or" its af_ignore_error flag. Also record
287the setting for any starting router.
288
289If the generated address is the same as one of its ancestors, and the
290check_ancestor flag is set, do not use this generated address, but replace it
291with a copy of the input address. This is to cope with cases where A is aliased
292to B and B has a .forward file pointing to A, though it is usually set on the
293forwardfile rather than the aliasfile. We can't just pass on the old
294address by returning FAIL, because it must act as a general parent for
295generated addresses, and only get marked "done" when all its children are
296delivered.
297
298Arguments:
299 rblock router block
300 addr_new new address chain
301 addr original address
302 generated list of generated addresses
303 addr_prop the propagated block, containing the errors_address,
304 header modification stuff, and address_data
305 ugidptr points to uid/gid data for files, pipes, autoreplies
306 pw password entry, set if ob->check_local_user is TRUE
307
308Returns: nothing
309*/
310
311static void
312add_generated(router_instance *rblock, address_item **addr_new,
313 address_item *addr, address_item *generated,
314 address_item_propagated *addr_prop, ugid_block *ugidptr, struct passwd *pw)
315{
316redirect_router_options_block *ob =
317 (redirect_router_options_block *)(rblock->options_block);
318
319while (generated != NULL)
320 {
321 address_item *parent;
322 address_item *next = generated;
323 uschar *errors_address = next->p.errors_address;
324
325 generated = next->next;
326 next->parent = addr;
327 orflag(next, addr, af_ignore_error);
328 next->start_router = rblock->redirect_router;
329 addr->child_count++;
330
331 next->next = *addr_new;
332 *addr_new = next;
333
334 /* Don't do the "one_time" thing for the first pass of a 2-stage queue run. */
335
336 if (ob->one_time && !queue_2stage)
337 {
338 for (parent = addr; parent->parent != NULL; parent = parent->parent);
339 next->onetime_parent = parent->address;
340 }
341
342 if (ob->hide_child_in_errmsg) setflag(next, af_hide_child);
343
344 /* If check_ancestor is set, we want to know if any ancestor of this address
345 is the address we are about to generate. The check must be done caselessly
346 unless the ancestor was routed by a case-sensitive router. */
347
348 if (ob->check_ancestor)
349 {
350 for (parent = addr; parent != NULL; parent = parent->parent)
351 {
352 if (((parent->router != NULL && parent->router->caseful_local_part)?
353 Ustrcmp(next->address, parent->address)
354 :
355 strcmpic(next->address, parent->address)
356 ) == 0)
357 {
358 DEBUG(D_route) debug_printf("generated parent replaced by child\n");
359 next->address = string_copy(addr->address);
360 break;
361 }
362 }
363 }
364
365 /* A user filter may, under some circumstances, set up an errors address.
366 If so, we must take care to re-instate it when we copy in the propagated
367 data so that it overrides any errors_to setting on the router. */
368
369 next->p = *addr_prop;
370 if (errors_address != NULL) next->p.errors_address = errors_address;
371
372 /* For pipes, files, and autoreplies, record this router as handling them,
373 because they don't go through the routing process again. Then set up uid,
374 gid, home and current directories for transporting. */
375
376 if (testflag(next, af_pfr))
377 {
378 next->router = rblock;
379 rf_set_ugid(next, ugidptr); /* Will contain pw values if not overridden */
380
381 /* When getting the home directory out of the password information, wrap it
382 in \N...\N to avoid expansion later. In Cygwin, home directories can
383 contain $ characters. */
384
385 if (rblock->home_directory != NULL)
386 next->home_dir = rblock->home_directory;
387 else if (rblock->check_local_user)
388 next->home_dir = string_sprintf("\\N%s\\N", pw->pw_dir);
389 else if (rblock->router_home_directory != NULL &&
390 testflag(addr, af_home_expanded))
391 {
392 next->home_dir = deliver_home;
393 setflag(next, af_home_expanded);
394 }
395
396 next->current_dir = rblock->current_directory;
397
398 /* Permission options */
399
400 if (!ob->forbid_pipe) setflag(next, af_allow_pipe);
401 if (!ob->forbid_file) setflag(next, af_allow_file);
402 if (!ob->forbid_filter_reply) setflag(next, af_allow_reply);
403
404 /* If the transport setting fails, the error gets picked up at the outer
405 level from the setting of basic_errno in the address. */
406
407 if (next->address[0] == '|')
408 {
409 address_pipe = next->address;
410 if (rf_get_transport(ob->pipe_transport_name, &(ob->pipe_transport),
411 next, rblock->name, US"pipe_transport"))
412 next->transport = ob->pipe_transport;
413 address_pipe = NULL;
414 }
415 else if (next->address[0] == '>')
416 {
417 if (rf_get_transport(ob->reply_transport_name, &(ob->reply_transport),
418 next, rblock->name, US"reply_transport"))
419 next->transport = ob->reply_transport;
420 }
421 else /* must be file or directory */
422 {
423 int len = Ustrlen(next->address);
424 address_file = next->address;
425 if (next->address[len-1] == '/')
426 {
427 if (rf_get_transport(ob->directory_transport_name,
428 &(ob->directory_transport), next, rblock->name,
429 US"directory_transport"))
430 next->transport = ob->directory_transport;
431 }
432 else
433 {
434 if (rf_get_transport(ob->file_transport_name, &(ob->file_transport),
435 next, rblock->name, US"file_transport"))
436 next->transport = ob->file_transport;
437 }
438 address_file = NULL;
439 }
440 }
441
442 DEBUG(D_route)
443 {
444 debug_printf("%s router generated %s\n %serrors_to=%s transport=%s\n",
445 rblock->name,
446 next->address,
447 testflag(next, af_pfr)? "pipe, file, or autoreply\n " : "",
448 next->p.errors_address,
449 (next->transport == NULL)? US"NULL" : next->transport->name);
450
451 if (testflag(next, af_uid_set))
452 debug_printf(" uid=%ld ", (long int)(next->uid));
453 else
454 debug_printf(" uid=unset ");
455
456 if (testflag(next, af_gid_set))
457 debug_printf("gid=%ld ", (long int)(next->gid));
458 else
459 debug_printf("gid=unset ");
460
461 debug_printf("home=%s\n", next->home_dir);
462 }
463 }
464}
465
466
467/*************************************************
468* Main entry point *
469*************************************************/
470
471/* See local README for interface description. This router returns:
472
473DECLINE
474 . empty address list, or filter did nothing significant
475
476DEFER
477 . verifying the errors address caused a deferment or a big disaster such
478 as an expansion failure (rf_get_errors_address)
479 . expanding a headers_{add,remove} string caused a deferment or another
480 expansion error (rf_get_munge_headers)
481 . :defer: or "freeze" in a filter
482 . error in address list or filter
483 . skipped syntax errors, but failed to send the message
484
485DISCARD
486 . address was :blackhole:d or "seen finish"ed
487
488FAIL
489 . :fail:
490
491OK
492 . new addresses added to addr_new
493*/
494
495int redirect_router_entry(
496 router_instance *rblock, /* data for this instantiation */
497 address_item *addr, /* address we are working on */
498 struct passwd *pw, /* passwd entry after check_local_user */
499 BOOL verify, /* TRUE when verifying */
500 address_item **addr_local, /* add it to this if it's local */
501 address_item **addr_remote, /* add it to this if it's remote */
502 address_item **addr_new, /* put new addresses on here */
503 address_item **addr_succeed) /* put old address here on success */
504{
505redirect_router_options_block *ob =
506 (redirect_router_options_block *)(rblock->options_block);
507address_item *generated = NULL;
508uschar *save_qualify_domain_recipient = qualify_domain_recipient;
509uschar *discarded = US"discarded";
510address_item_propagated addr_prop;
511error_block *eblock = NULL;
512ugid_block ugid;
513redirect_block redirect;
514int filtertype = FILTER_UNSET;
515int yield = OK;
516int options = ob->bit_options;
517int frc = 0;
518int xrc = 0;
519
520addr_local = addr_local; /* Keep picky compilers happy */
521addr_remote = addr_remote;
522
523/* Initialize the data to be propagated to the children */
524
525addr_prop.address_data = deliver_address_data;
526addr_prop.domain_data = deliver_domain_data;
527addr_prop.localpart_data = deliver_localpart_data;
528addr_prop.errors_address = NULL;
529addr_prop.extra_headers = NULL;
530addr_prop.remove_headers = NULL;
531
532/* When verifying and testing addresses, the "logwrite" command in filters
533must be bypassed. */
534
535if (!verify && !address_test_mode) options |= RDO_REALLOG;
536
537/* Sort out the fixed or dynamic uid/gid. This uid is used (a) for reading the
538file (and interpreting a filter) and (b) for running the transports for
539generated file and pipe addresses. It is not (necessarily) the same as the uids
540that may own the file. Exim panics if an expanded string is not a number and
541can't be found in the password file. Other errors set the freezing bit. */
542
543if (!rf_get_ugid(rblock, addr, &ugid)) return DEFER;
544
545if (!ugid.uid_set && pw != NULL)
546 {
547 ugid.uid = pw->pw_uid;
548 ugid.uid_set = TRUE;
549 }
550
551if (!ugid.gid_set && pw != NULL)
552 {
553 ugid.gid = pw->pw_gid;
554 ugid.gid_set = TRUE;
555 }
556
8523533c
TK
557#ifdef EXPERIMENTAL_SRS
558 /* For reverse SRS, fill the srs_recipient expandsion variable,
559 on failure, return decline/fail as relevant */
560 if(ob->srs != NULL)
561 {
562 BOOL usesrs = TRUE;
8e669ac1 563
8523533c
TK
564 if(ob->srs_condition != NULL)
565 usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL);
8e669ac1 566
8523533c
TK
567 if(usesrs)
568 if(Ustrcmp(ob->srs, "reverse") == 0 || Ustrcmp(ob->srs, "reverseandforward") == 0)
569 {
570 uschar *res;
571 int n_srs;
8e669ac1 572
8523533c
TK
573 srs_orig_recipient = addr->address;
574 eximsrs_init();
575 if(ob->srs_db)
576 eximsrs_db_set(TRUE, ob->srs_db);
577 if((n_srs = eximsrs_reverse(&res, addr->address)) != OK)
578 return n_srs;
579 srs_recipient = res;
580 eximsrs_done();
581 DEBUG(D_any)
c988f1f4 582 debug_printf("SRS: Recipient '%s' rewritten to '%s'\n", srs_orig_recipient, srs_recipient);
8523533c
TK
583 }
584 }
585#endif
586
0756eb3c
PH
587/* Call the function that interprets redirection data, either inline or from a
588file. This is a separate function so that the system filter can use it. It will
589run the function in a subprocess if necessary. If qualify_preserve_domain is
590set, temporarily reset qualify_domain_recipient to the current domain so that
591any unqualified addresses get qualified with the same domain as the incoming
592address. Otherwise, if a local qualify_domain is provided, set that up. */
593
594if (ob->qualify_preserve_domain)
595 qualify_domain_recipient = addr->domain;
596else if (ob->qualify_domain != NULL)
597 {
598 uschar *new_qdr = rf_expand_data(addr, ob->qualify_domain, &xrc);
599 if (new_qdr == NULL) return xrc;
600 qualify_domain_recipient = new_qdr;
601 }
602
603redirect.owners = ob->owners;
604redirect.owngroups = ob->owngroups;
605redirect.modemask = ob->modemask;
606redirect.check_owner = ob->check_owner;
607redirect.check_group = ob->check_group;
608redirect.pw = pw;
609
610if (ob->file != NULL)
611 {
612 redirect.string = ob->file;
613 redirect.isfile = TRUE;
614 }
615else
616 {
617 redirect.string = ob->data;
618 redirect.isfile = FALSE;
619 }
620
621frc = rda_interpret(&redirect, options, ob->include_directory,
e4a89c47
PH
622 ob->sieve_vacation_directory, ob->sieve_useraddress, ob->sieve_subaddress,
623 &ugid, &generated, &(addr->message), ob->skip_syntax_errors? &eblock : NULL,
624 &filtertype, string_sprintf("%s router (recipient is %s)", rblock->name,
625 addr->address));
0756eb3c
PH
626
627qualify_domain_recipient = save_qualify_domain_recipient;
628
629/* Handle exceptional returns from filtering or processing an address list.
630For FAIL and FREEZE we honour any previously set up deliveries by a filter. */
631
632switch (frc)
633 {
634 case FF_NONEXIST:
635 addr->message = addr->user_message = NULL;
636 return DECLINE;
637
638 case FF_BLACKHOLE:
639 DEBUG(D_route) debug_printf("address :blackhole:d\n");
640 generated = NULL;
641 discarded = US":blackhole:";
642 frc = FF_DELIVERED;
643 break;
644
645 /* FF_DEFER and FF_FAIL can arise only as a result of explicit commands
646 (:fail: in an alias file or "fail" in a filter). If a configured message was
647 supplied, allow it to be included in an SMTP response after verifying. */
648
649 case FF_DEFER:
650 if (addr->message == NULL) addr->message = US"forced defer";
651 else addr->user_message = addr->message;
652 return DEFER;
653
654 case FF_FAIL:
655 if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK)
656 return xrc;
657 add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw);
658 if (addr->message == NULL) addr->message = US"forced rejection";
659 else addr->user_message = addr->message;
660 return FAIL;
661
662 /* As in the case of a system filter, a freeze does not happen after a manual
663 thaw. In case deliveries were set up by the filter, we set the child count
664 high so that their completion does not mark the original address done. */
665
666 case FF_FREEZE:
667 if (!deliver_manual_thaw)
668 {
669 if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop))
670 != OK) return xrc;
671 add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw);
672 if (addr->message == NULL) addr->message = US"frozen by filter";
673 addr->special_action = SPECIAL_FREEZE;
674 addr->child_count = 9999;
675 return DEFER;
676 }
677 frc = FF_NOTDELIVERED;
678 break;
679
680 /* Handle syntax errors and :include: failures and lookup defers */
681
682 case FF_ERROR:
683 case FF_INCLUDEFAIL:
684
685 /* If filtertype is still FILTER_UNSET, it means that the redirection data
686 was never inspected, so the error was an expansion failure or failure to open
687 the file, or whatever. In these cases, the existing error message is probably
688 sufficient. */
689
690 if (filtertype == FILTER_UNSET) return DEFER;
691
692 /* If it was a filter and skip_syntax_errors is set, we want to set up
693 the error message so that it can be logged and mailed to somebody. */
694
695 if (filtertype != FILTER_FORWARD && ob->skip_syntax_errors)
696 {
697 eblock = store_get(sizeof(error_block));
698 eblock->next = NULL;
699 eblock->text1 = addr->message;
700 eblock->text2 = NULL;
701 addr->message = addr->user_message = NULL;
702 }
703
704 /* Otherwise set up the error for the address and defer. */
705
706 else
707 {
708 addr->basic_errno = ERRNO_BADREDIRECT;
709 addr->message = string_sprintf("error in %s %s: %s",
710 (filtertype != FILTER_FORWARD)? "filter" : "redirect",
711 (ob->data == NULL)? "file" : "data",
712 addr->message);
713 return DEFER;
714 }
715 }
716
717
718/* Yield is either FF_DELIVERED (significant action) or FF_NOTDELIVERED (no
719significant action). Before dealing with these, however, we must handle the
720effect of skip_syntax_errors.
721
722If skip_syntax_errors was set and there were syntax errors in an address list,
723error messages will be present in eblock. Log them and send a message if so
724configured. We cannot do this earlier, because the error message must not be
725sent as the local user. If there were no valid addresses, generated will be
726NULL. In this case, the router declines.
727
728For a filter file, the error message has been fudged into an eblock. After
729dealing with it, the router declines. */
730
731if (eblock != NULL)
732 {
733 if (!moan_skipped_syntax_errors(
734 rblock->name, /* For message content */
735 eblock, /* Ditto */
736 (verify || address_test_mode)?
737 NULL : ob->syntax_errors_to, /* Who to mail */
738 generated != NULL, /* True if not all failed */
739 ob->syntax_errors_text)) /* Custom message */
740 return DEFER;
741
742 if (filtertype != FILTER_FORWARD || generated == NULL)
743 {
744 addr->message = US"syntax error in redirection data";
745 return DECLINE;
746 }
747 }
748
749/* Sort out the errors address and any header modifications, and handle the
750generated addresses, if any. If there are no generated addresses, we must avoid
751calling sort_errors_and_headers() in case this router declines - that function
752may modify the errors_address field in the current address, and we don't want
753to do that for a decline. */
754
755if (generated != NULL)
756 {
757 if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK)
758 return xrc;
759 add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw);
760 }
761
762/* FF_DELIVERED with no generated addresses is what we get when an address list
763contains :blackhole: or a filter contains "seen finish" without having
764generated anything. Log what happened to this address, and return DISCARD. */
765
766if (frc == FF_DELIVERED)
767 {
768 if (generated == NULL && !verify && !address_test_mode)
769 {
770 log_write(0, LOG_MAIN, "=> %s <%s> R=%s", discarded, addr->address,
771 rblock->name);
772 yield = DISCARD;
773 }
774 }
775
776/* For an address list, FF_NOTDELIVERED always means that no addresses were
777generated. For a filter, addresses may or may not have been generated. If none
778were, it's the same as an empty address list, and the router declines. However,
779if addresses were generated, we can't just decline because successful delivery
780of the base address gets it marked "done", so deferred generated addresses
781never get tried again. We have to generate a new version of the base address,
782as if there were a "deliver" command in the filter file, with the original
783address as parent. */
784
785else
786 {
787 address_item *next;
788
789 if (generated == NULL) return DECLINE;
790
791 next = deliver_make_addr(addr->address, FALSE);
792 next->parent = addr;
793 addr->child_count++;
794 next->next = *addr_new;
795 *addr_new = next;
796
797 /* Copy relevant flags (af_propagate is a name for the set), and set the
798 data that propagates. */
799
800 copyflag(next, addr, af_propagate);
801 next->p = addr_prop;
802
803 DEBUG(D_route) debug_printf("%s router autogenerated %s\n%s%s%s",
804 rblock->name,
805 next->address,
806 (addr_prop.errors_address != NULL)? " errors to " : "",
807 (addr_prop.errors_address != NULL)? addr_prop.errors_address : US"",
808 (addr_prop.errors_address != NULL)? "\n" : "");
809 }
810
8523533c
TK
811#ifdef EXPERIMENTAL_SRS
812 /* On successful redirection, check for SRS forwarding and adjust sender */
813 if(ob->srs != NULL)
814 {
815 BOOL usesrs = TRUE;
8e669ac1 816
8523533c
TK
817 if(ob->srs_condition != NULL)
818 usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL);
8e669ac1 819
8523533c
TK
820 if(usesrs)
821 if((Ustrcmp(ob->srs, "forward") == 0 || Ustrcmp(ob->srs, "reverseandforward") == 0) && !verify)
822 {
823 uschar *res;
824 uschar *usedomain;
825 int n_srs;
8e669ac1 826
8523533c
TK
827 srs_orig_sender = sender_address;
828 eximsrs_init();
829 if(ob->srs_db)
830 eximsrs_db_set(FALSE, ob->srs_db);
831
832 if(ob->srs_alias != NULL ? (usedomain = expand_string(ob->srs_alias)) == NULL : 1)
833 usedomain = deliver_domain;
8e669ac1 834
8523533c
TK
835 if((n_srs = eximsrs_forward(&res, sender_address, usedomain)) != OK)
836 return n_srs;
837 sender_address = res;
838 DEBUG(D_any)
839 debug_printf("SRS: Sender '%s' rewritten to '%s'\n", srs_orig_sender, sender_address);
840 }
841 }
842#endif
843
0756eb3c
PH
844/* Control gets here only when the address has been completely handled. Put the
845original address onto the succeed queue so that any retry items that get
846attached to it get processed. */
847
848addr->next = *addr_succeed;
849*addr_succeed = addr;
850
851return yield;
852}
853
854/* End of routers/redirect.c */