projects / exim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Diagnose an error for "seen", "unseen", or "noerror" if not followed by
[exim.git] / src / src / routers / redirect.c
CommitLineData
4608d683 1/* $Cambridge: exim/src/src/routers/redirect.c,v 1.16 2006/06/27 14:34:26 ph10 Exp $ */
0756eb3c
PH		 2
3/*************************************************
4* Exim - an Internet mail transport agent *
5*************************************************/
6
d7d7b7b9 7/* Copyright (c) University of Cambridge 1995 - 2006 */
0756eb3c
PH		 8/* See the file NOTICE for conditions of use and distribution. */
9
10
11#include "../exim.h"
12#include "rf_functions.h"
13#include "redirect.h"
14
15
16
17/* Options specific to the redirect router. */
18
19optionlist redirect_router_options[] = {
20 { "allow_defer", opt_bit | (RDON_DEFER << 16),
21 (void *)offsetof(redirect_router_options_block, bit_options) },
22 { "allow_fail", opt_bit | (RDON_FAIL << 16),
23 (void *)offsetof(redirect_router_options_block, bit_options) },
24 { "allow_filter", opt_bit | (RDON_FILTER << 16),
25 (void *)offsetof(redirect_router_options_block, bit_options) },
26 { "allow_freeze", opt_bit | (RDON_FREEZE << 16),
27 (void *)offsetof(redirect_router_options_block, bit_options) },
28 { "check_ancestor", opt_bool,
29 (void *)offsetof(redirect_router_options_block, check_ancestor) },
30 { "check_group", opt_bool,
31 (void *)offsetof(redirect_router_options_block, check_group) },
32 { "check_owner", opt_bool,
33 (void *)offsetof(redirect_router_options_block, check_owner) },
34 { "data", opt_stringptr,
35 (void *)offsetof(redirect_router_options_block, data) },
36 { "directory_transport",opt_stringptr,
37 (void *)offsetof(redirect_router_options_block, directory_transport_name) },
38 { "file", opt_stringptr,
39 (void *)offsetof(redirect_router_options_block, file) },
40 { "file_transport", opt_stringptr,
41 (void *)offsetof(redirect_router_options_block, file_transport_name) },
4608d683
PH		 42 { "filter_prepend_home",opt_bit | (RDON_PREPEND_HOME << 16),
43 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH		 44 { "forbid_blackhole", opt_bit | (RDON_BLACKHOLE << 16),
45 (void *)offsetof(redirect_router_options_block, bit_options) },
23c7ff99
PH		 46 { "forbid_exim_filter", opt_bit | (RDON_EXIM_FILTER << 16),
47 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH		 48 { "forbid_file", opt_bool,
49 (void *)offsetof(redirect_router_options_block, forbid_file) },
1a46a8c5
PH		 50 { "forbid_filter_dlfunc", opt_bit | (RDON_DLFUNC << 16),
51 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH		 52 { "forbid_filter_existstest", opt_bit | (RDON_EXISTS << 16),
53 (void *)offsetof(redirect_router_options_block, bit_options) },
54 { "forbid_filter_logwrite",opt_bit | (RDON_LOG << 16),
55 (void *)offsetof(redirect_router_options_block, bit_options) },
56 { "forbid_filter_lookup", opt_bit | (RDON_LOOKUP << 16),
57 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH		 58 { "forbid_filter_perl", opt_bit | (RDON_PERL << 16),
59 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH		 60 { "forbid_filter_readfile", opt_bit | (RDON_READFILE << 16),
61 (void *)offsetof(redirect_router_options_block, bit_options) },
62 { "forbid_filter_readsocket", opt_bit | (RDON_READSOCK << 16),
63 (void *)offsetof(redirect_router_options_block, bit_options) },
64 { "forbid_filter_reply",opt_bool,
65 (void *)offsetof(redirect_router_options_block, forbid_filter_reply) },
66 { "forbid_filter_run", opt_bit | (RDON_RUN << 16),
67 (void *)offsetof(redirect_router_options_block, bit_options) },
68 { "forbid_include", opt_bit | (RDON_INCLUDE << 16),
69 (void *)offsetof(redirect_router_options_block, bit_options) },
70 { "forbid_pipe", opt_bool,
71 (void *)offsetof(redirect_router_options_block, forbid_pipe) },
23c7ff99
PH		 72 { "forbid_sieve_filter",opt_bit | (RDON_SIEVE_FILTER << 16),
73 (void *)offsetof(redirect_router_options_block, bit_options) },
0756eb3c
PH		 74 { "hide_child_in_errmsg", opt_bool,
75 (void *)offsetof(redirect_router_options_block, hide_child_in_errmsg) },
76 { "ignore_eacces", opt_bit | (RDON_EACCES << 16),
77 (void *)offsetof(redirect_router_options_block, bit_options) },
78 { "ignore_enotdir", opt_bit | (RDON_ENOTDIR << 16),
79 (void *)offsetof(redirect_router_options_block, bit_options) },
80 { "include_directory", opt_stringptr,
81 (void *)offsetof(redirect_router_options_block, include_directory) },
82 { "modemask", opt_octint,
83 (void *)offsetof(redirect_router_options_block, modemask) },
84 { "one_time", opt_bool,
85 (void *)offsetof(redirect_router_options_block, one_time) },
86 { "owners", opt_uidlist,
87 (void *)offsetof(redirect_router_options_block, owners) },
88 { "owngroups", opt_gidlist,
89 (void *)offsetof(redirect_router_options_block, owngroups) },
90 { "pipe_transport", opt_stringptr,
91 (void *)offsetof(redirect_router_options_block, pipe_transport_name) },
92 { "qualify_domain", opt_stringptr,
93 (void *)offsetof(redirect_router_options_block, qualify_domain) },
94 { "qualify_preserve_domain", opt_bool,
95 (void *)offsetof(redirect_router_options_block, qualify_preserve_domain) },
96 { "repeat_use", opt_bool | opt_public,
97 (void *)offsetof(router_instance, repeat_use) },
98 { "reply_transport", opt_stringptr,
99 (void *)offsetof(redirect_router_options_block, reply_transport_name) },
100 { "rewrite", opt_bit | (RDON_REWRITE << 16),
101 (void *)offsetof(redirect_router_options_block, bit_options) },
e4a89c47
PH		 102 { "sieve_subaddress", opt_stringptr,
103 (void *)offsetof(redirect_router_options_block, sieve_subaddress) },
104 { "sieve_useraddress", opt_stringptr,
105 (void *)offsetof(redirect_router_options_block, sieve_useraddress) },
0756eb3c
PH		 106 { "sieve_vacation_directory", opt_stringptr,
107 (void *)offsetof(redirect_router_options_block, sieve_vacation_directory) },
108 { "skip_syntax_errors", opt_bool,
109 (void *)offsetof(redirect_router_options_block, skip_syntax_errors) },
8523533c
TK		 110#ifdef EXPERIMENTAL_SRS
111 { "srs", opt_stringptr,
112 (void *)offsetof(redirect_router_options_block, srs) },
113 { "srs_alias", opt_stringptr,
114 (void *)offsetof(redirect_router_options_block, srs_alias) },
115 { "srs_condition", opt_stringptr,
116 (void *)offsetof(redirect_router_options_block, srs_condition) },
384152a6
TK		 117 { "srs_dbinsert", opt_stringptr,
118 (void *)offsetof(redirect_router_options_block, srs_dbinsert) },
119 { "srs_dbselect", opt_stringptr,
120 (void *)offsetof(redirect_router_options_block, srs_dbselect) },
8523533c 121#endif
0756eb3c
PH		 122 { "syntax_errors_text", opt_stringptr,
123 (void *)offsetof(redirect_router_options_block, syntax_errors_text) },
124 { "syntax_errors_to", opt_stringptr,
125 (void *)offsetof(redirect_router_options_block, syntax_errors_to) }
126};
127
128/* Size of the options list. An extern variable has to be used so that its
129address can appear in the tables drtables.c. */
130
131int redirect_router_options_count =
132 sizeof(redirect_router_options)/sizeof(optionlist);
133
134/* Default private options block for the redirect router. */
135
136redirect_router_options_block redirect_router_option_defaults = {
137 NULL, /* directory_transport */
138 NULL, /* file_transport */
139 NULL, /* pipe_transport */
140 NULL, /* reply_transport */
141 NULL, /* data */
142 NULL, /* directory_transport_name */
143 NULL, /* file */
144 NULL, /* file_dir */
145 NULL, /* file_transport_name */
146 NULL, /* include_directory */
147 NULL, /* pipe_transport_name */
148 NULL, /* reply_transport_name */
e4a89c47
PH		 149 NULL, /* sieve_subaddress */
150 NULL, /* sieve_useraddress */
0756eb3c
PH		 151 NULL, /* sieve_vacation_directory */
152 NULL, /* syntax_errors_text */
153 NULL, /* syntax_errors_to */
154 NULL, /* qualify_domain */
155 NULL, /* owners */
156 NULL, /* owngroups */
8523533c
TK		 157#ifdef EXPERIMENTAL_SRS
158 NULL, /* srs */
8523533c 159 NULL, /* srs_alias */
384152a6
TK		 160 NULL, /* srs_condition */
161 NULL, /* srs_dbinsert */
162 NULL, /* srs_dbselect */
8523533c 163#endif
0756eb3c 164 022, /* modemask */
4608d683 165 RDO_REWRITE | RDO_PREPEND_HOME, /* bit_options */
0756eb3c
PH		 166 FALSE, /* check_ancestor */
167 TRUE_UNSET, /* check_owner */
168 TRUE_UNSET, /* check_group */
169 FALSE, /* forbid_file */
170 FALSE, /* forbid_filter_reply */
171 FALSE, /* forbid_pipe */
172 FALSE, /* hide_child_in_errmsg */
173 FALSE, /* one_time */
174 FALSE, /* qualify_preserve_domain */
175 FALSE /* skip_syntax_errors */
176};
177
178
179
180/*************************************************
181* Initialization entry point *
182*************************************************/
183
184/* Called for each instance, after its options have been read, to enable
185consistency checks to be done, or anything else that needs to be set up. */
186
187void redirect_router_init(router_instance *rblock)
188{
189redirect_router_options_block *ob =
190 (redirect_router_options_block *)(rblock->options_block);
191
192/* Either file or data must be set, but not both */
193
194if ((ob->file == NULL) == (ob->data == NULL))
195 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
196 "%sone of \"file\" or \"data\" must be specified",
197 rblock->name, (ob->file == NULL)? "" : "only ");
198
7f45268c
PH		 199/* Onetime aliases can only be real addresses. Headers can't be manipulated.
200The combination of one_time and unseen is not allowed. We can't check the
201expansion of "unseen" here, but we assume that if it is set to anything other
202than false, there is likely to be a problem. */
0756eb3c
PH		 203
204if (ob->one_time)
205 {
206 ob->forbid_pipe = ob->forbid_file = ob->forbid_filter_reply = TRUE;
207 if (rblock->extra_headers != NULL || rblock->remove_headers != NULL)
208 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
209 "\"headers_add\" and \"headers_remove\" are not permitted with "
210 "\"one_time\"", rblock->name);
7f45268c
PH		 211 if (rblock->unseen || rblock->expand_unseen != NULL)
212 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
213 "\"unseen\" may not be used with \"one_time\"", rblock->name);
0756eb3c
PH		 214 }
215
216/* The defaults for check_owner and check_group depend on other settings. The
217defaults are: Check the owner if check_local_user or owners is set; check the
218group if check_local_user is set without a restriction on the group write bit,
219or if owngroups is set. */
220
221if (ob->check_owner == TRUE_UNSET)
222 ob->check_owner = rblock->check_local_user ||
223 (ob->owners != NULL && ob->owners[0] != 0);
224
225if (ob->check_group == TRUE_UNSET)
226 ob->check_group = (rblock->check_local_user && (ob->modemask & 020) == 0) ||
227 (ob->owngroups != NULL && ob->owngroups[0] != 0);
228
229/* If explicit qualify domain set, the preserve option is locked out */
230
231if (ob->qualify_domain != NULL && ob->qualify_preserve_domain)
232 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
233 "only one of \"qualify_domain\" or \"qualify_preserve_domain\" must be set",
234 rblock->name);
235
236/* If allow_filter is set, either user or check_local_user must be set. */
237
238if (!rblock->check_local_user &&
239 !rblock->uid_set &&
240 rblock->expand_uid == NULL &&
241 (ob->bit_options & RDO_FILTER) != 0)
242 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
243 "\"user\" or \"check_local_user\" must be set with \"allow_filter\"",
244 rblock->name);
245}
246
247
248
249/*************************************************
250* Get errors address and header mods *
251*************************************************/
252
253/* This function is called when new addresses are generated, in order to
254sort out errors address and header modifications. We put the errors address
255into the parent address (even though it is never used from there because that
256address is never transported) so that it can be retrieved if any of the
257children gets routed by an "unseen" router. The clone of the child that is
258passed on must have the original errors_address value.
259
260Arguments:
261 rblock the router control block
262 addr the address being routed
fd6de02e 263 verify v_none/v_recipient/v_sender/v_expn
0756eb3c
PH		 264 addr_prop point to the propagated block, which is where the
265 new values are to be placed
266
267Returns: the result of rf_get_errors_address() or rf_get_munge_headers(),
268 which is either OK or DEFER
269*/
270
271static int
272sort_errors_and_headers(router_instance *rblock, address_item *addr,
fd6de02e 273 int verify, address_item_propagated *addr_prop)
0756eb3c
PH		 274{
275int frc = rf_get_errors_address(addr, rblock, verify,
276 &(addr_prop->errors_address));
277if (frc != OK) return frc;
278addr->p.errors_address = addr_prop->errors_address;
279return rf_get_munge_headers(addr, rblock, &(addr_prop->extra_headers),
280 &(addr_prop->remove_headers));
281}
282
283
284
285/*************************************************
286* Process a set of generated new addresses *
287*************************************************/
288
289/* This function sets up a set of newly generated child addresses and puts them
290on the new address chain. Copy in the uid, gid and permission flags for use by
291pipes and files, set the parent, and "or" its af_ignore_error flag. Also record
292the setting for any starting router.
293
294If the generated address is the same as one of its ancestors, and the
295check_ancestor flag is set, do not use this generated address, but replace it
296with a copy of the input address. This is to cope with cases where A is aliased
297to B and B has a .forward file pointing to A, though it is usually set on the
298forwardfile rather than the aliasfile. We can't just pass on the old
299address by returning FAIL, because it must act as a general parent for
300generated addresses, and only get marked "done" when all its children are
301delivered.
302
303Arguments:
304 rblock router block
305 addr_new new address chain
306 addr original address
307 generated list of generated addresses
308 addr_prop the propagated block, containing the errors_address,
309 header modification stuff, and address_data
310 ugidptr points to uid/gid data for files, pipes, autoreplies
311 pw password entry, set if ob->check_local_user is TRUE
312
313Returns: nothing
314*/
315
316static void
317add_generated(router_instance *rblock, address_item **addr_new,
318 address_item *addr, address_item *generated,
319 address_item_propagated *addr_prop, ugid_block *ugidptr, struct passwd *pw)
320{
321redirect_router_options_block *ob =
322 (redirect_router_options_block *)(rblock->options_block);
323
324while (generated != NULL)
325 {
326 address_item *parent;
327 address_item *next = generated;
328 uschar *errors_address = next->p.errors_address;
329
330 generated = next->next;
331 next->parent = addr;
332 orflag(next, addr, af_ignore_error);
333 next->start_router = rblock->redirect_router;
334 addr->child_count++;
335
336 next->next = *addr_new;
337 *addr_new = next;
338
339 /* Don't do the "one_time" thing for the first pass of a 2-stage queue run. */
340
341 if (ob->one_time && !queue_2stage)
342 {
343 for (parent = addr; parent->parent != NULL; parent = parent->parent);
344 next->onetime_parent = parent->address;
345 }
346
347 if (ob->hide_child_in_errmsg) setflag(next, af_hide_child);
348
349 /* If check_ancestor is set, we want to know if any ancestor of this address
350 is the address we are about to generate. The check must be done caselessly
351 unless the ancestor was routed by a case-sensitive router. */
352
353 if (ob->check_ancestor)
354 {
355 for (parent = addr; parent != NULL; parent = parent->parent)
356 {
357 if (((parent->router != NULL && parent->router->caseful_local_part)?
358 Ustrcmp(next->address, parent->address)
359 :
360 strcmpic(next->address, parent->address)
361 ) == 0)
362 {
363 DEBUG(D_route) debug_printf("generated parent replaced by child\n");
364 next->address = string_copy(addr->address);
365 break;
366 }
367 }
368 }
369
370 /* A user filter may, under some circumstances, set up an errors address.
371 If so, we must take care to re-instate it when we copy in the propagated
372 data so that it overrides any errors_to setting on the router. */
373
374 next->p = *addr_prop;
375 if (errors_address != NULL) next->p.errors_address = errors_address;
376
377 /* For pipes, files, and autoreplies, record this router as handling them,
378 because they don't go through the routing process again. Then set up uid,
379 gid, home and current directories for transporting. */
380
381 if (testflag(next, af_pfr))
382 {
383 next->router = rblock;
384 rf_set_ugid(next, ugidptr); /* Will contain pw values if not overridden */
385
386 /* When getting the home directory out of the password information, wrap it
387 in \N...\N to avoid expansion later. In Cygwin, home directories can
388 contain $ characters. */
389
390 if (rblock->home_directory != NULL)
391 next->home_dir = rblock->home_directory;
392 else if (rblock->check_local_user)
393 next->home_dir = string_sprintf("\\N%s\\N", pw->pw_dir);
394 else if (rblock->router_home_directory != NULL &&
395 testflag(addr, af_home_expanded))
396 {
397 next->home_dir = deliver_home;
398 setflag(next, af_home_expanded);
399 }
400
401 next->current_dir = rblock->current_directory;
402
403 /* Permission options */
404
405 if (!ob->forbid_pipe) setflag(next, af_allow_pipe);
406 if (!ob->forbid_file) setflag(next, af_allow_file);
407 if (!ob->forbid_filter_reply) setflag(next, af_allow_reply);
408
409 /* If the transport setting fails, the error gets picked up at the outer
410 level from the setting of basic_errno in the address. */
411
412 if (next->address[0] == '|')
413 {
414 address_pipe = next->address;
415 if (rf_get_transport(ob->pipe_transport_name, &(ob->pipe_transport),
416 next, rblock->name, US"pipe_transport"))
417 next->transport = ob->pipe_transport;
418 address_pipe = NULL;
419 }
420 else if (next->address[0] == '>')
421 {
422 if (rf_get_transport(ob->reply_transport_name, &(ob->reply_transport),
423 next, rblock->name, US"reply_transport"))
424 next->transport = ob->reply_transport;
425 }
426 else /* must be file or directory */
427 {
428 int len = Ustrlen(next->address);
429 address_file = next->address;
430 if (next->address[len-1] == '/')
431 {
432 if (rf_get_transport(ob->directory_transport_name,
433 &(ob->directory_transport), next, rblock->name,
434 US"directory_transport"))
435 next->transport = ob->directory_transport;
436 }
437 else
438 {
439 if (rf_get_transport(ob->file_transport_name, &(ob->file_transport),
440 next, rblock->name, US"file_transport"))
441 next->transport = ob->file_transport;
442 }
443 address_file = NULL;
444 }
445 }
446
447 DEBUG(D_route)
448 {
449 debug_printf("%s router generated %s\n %serrors_to=%s transport=%s\n",
450 rblock->name,
451 next->address,
452 testflag(next, af_pfr)? "pipe, file, or autoreply\n " : "",
453 next->p.errors_address,
454 (next->transport == NULL)? US"NULL" : next->transport->name);
455
456 if (testflag(next, af_uid_set))
457 debug_printf(" uid=%ld ", (long int)(next->uid));
458 else
459 debug_printf(" uid=unset ");
460
461 if (testflag(next, af_gid_set))
462 debug_printf("gid=%ld ", (long int)(next->gid));
463 else
464 debug_printf("gid=unset ");
465
466 debug_printf("home=%s\n", next->home_dir);
467 }
468 }
469}
470
471
472/*************************************************
473* Main entry point *
474*************************************************/
475
476/* See local README for interface description. This router returns:
477
478DECLINE
479 . empty address list, or filter did nothing significant
480
481DEFER
482 . verifying the errors address caused a deferment or a big disaster such
483 as an expansion failure (rf_get_errors_address)
484 . expanding a headers_{add,remove} string caused a deferment or another
485 expansion error (rf_get_munge_headers)
486 . :defer: or "freeze" in a filter
487 . error in address list or filter
488 . skipped syntax errors, but failed to send the message
489
490DISCARD
491 . address was :blackhole:d or "seen finish"ed
492
493FAIL
494 . :fail:
495
496OK
497 . new addresses added to addr_new
498*/
499
500int redirect_router_entry(
501 router_instance *rblock, /* data for this instantiation */
502 address_item *addr, /* address we are working on */
503 struct passwd *pw, /* passwd entry after check_local_user */
fd6de02e 504 int verify, /* v_none/v_recipient/v_sender/v_expn */
0756eb3c
PH		 505 address_item **addr_local, /* add it to this if it's local */
506 address_item **addr_remote, /* add it to this if it's remote */
507 address_item **addr_new, /* put new addresses on here */
508 address_item **addr_succeed) /* put old address here on success */
509{
510redirect_router_options_block *ob =
511 (redirect_router_options_block *)(rblock->options_block);
512address_item *generated = NULL;
513uschar *save_qualify_domain_recipient = qualify_domain_recipient;
514uschar *discarded = US"discarded";
515address_item_propagated addr_prop;
516error_block *eblock = NULL;
517ugid_block ugid;
518redirect_block redirect;
519int filtertype = FILTER_UNSET;
520int yield = OK;
521int options = ob->bit_options;
522int frc = 0;
523int xrc = 0;
524
525addr_local = addr_local; /* Keep picky compilers happy */
526addr_remote = addr_remote;
527
528/* Initialize the data to be propagated to the children */
529
530addr_prop.address_data = deliver_address_data;
531addr_prop.domain_data = deliver_domain_data;
532addr_prop.localpart_data = deliver_localpart_data;
533addr_prop.errors_address = NULL;
534addr_prop.extra_headers = NULL;
535addr_prop.remove_headers = NULL;
536
384152a6
TK		 537#ifdef EXPERIMENTAL_SRS
538addr_prop.srs_sender = NULL;
539#endif
540
0756eb3c
PH		 541/* When verifying and testing addresses, the "logwrite" command in filters
542must be bypassed. */
543
fd6de02e 544if (verify == v_none && !address_test_mode) options |= RDO_REALLOG;
0756eb3c
PH		 545
546/* Sort out the fixed or dynamic uid/gid. This uid is used (a) for reading the
547file (and interpreting a filter) and (b) for running the transports for
548generated file and pipe addresses. It is not (necessarily) the same as the uids
549that may own the file. Exim panics if an expanded string is not a number and
550can't be found in the password file. Other errors set the freezing bit. */
551
552if (!rf_get_ugid(rblock, addr, &ugid)) return DEFER;
553
554if (!ugid.uid_set && pw != NULL)
555 {
556 ugid.uid = pw->pw_uid;
557 ugid.uid_set = TRUE;
558 }
559
560if (!ugid.gid_set && pw != NULL)
561 {
562 ugid.gid = pw->pw_gid;
563 ugid.gid_set = TRUE;
564 }
565
8523533c 566#ifdef EXPERIMENTAL_SRS
384152a6
TK		 567 /* Perform SRS on recipient/return-path as required */
568
8523533c
TK		 569 if(ob->srs != NULL)
570 {
571 BOOL usesrs = TRUE;
8e669ac1 572
8523533c
TK		 573 if(ob->srs_condition != NULL)
574 usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL);
8e669ac1 575
8523533c 576 if(usesrs)
384152a6 577 {
5614ee86 578 int srs_action = 0, n_srs;
384152a6
TK		 579 uschar *res;
580 uschar *usedomain;
581
582 /* What are we doing? */
583 if(Ustrcmp(ob->srs, "forward") == 0)
584 srs_action = 1;
585 else if(Ustrcmp(ob->srs, "reverseandforward") == 0)
8523533c 586 {
384152a6 587 srs_action = 3;
8e669ac1 588
384152a6
TK		 589 if((ob->srs_dbinsert == NULL) ^ (ob->srs_dbselect == NULL))
590 return DEFER;
591 }
592 else if(Ustrcmp(ob->srs, "reverse") == 0)
593 srs_action = 2;
594
595 /* Reverse SRS */
596 if(srs_action & 2)
597 {
8523533c 598 srs_orig_recipient = addr->address;
384152a6 599
8523533c 600 eximsrs_init();
384152a6
TK		 601 if(ob->srs_dbselect)
602 eximsrs_db_set(TRUE, ob->srs_dbselect);
130e9641 603/* Comment this out for now...
384152a6
TK		 604// else
605// eximsrs_db_set(TRUE, NULL);
130e9641 606*/
384152a6
TK		 607
608 if((n_srs = eximsrs_reverse(&res, addr->address)) == OK)
609 {
610 srs_recipient = res;
611 DEBUG(D_any)
612 debug_printf("SRS (reverse): Recipient '%s' rewritten to '%s'\n", srs_orig_recipient, srs_recipient);
613 }
614
615 eximsrs_done();
616
617 if(n_srs != OK)
8523533c 618 return n_srs;
384152a6
TK		 619 }
620
621 /* Forward SRS */
622 /* No point in actually performing SRS if we are just verifying a recipient */
fd6de02e
PH		 623 if((srs_action & 1) && verify == v_none &&
624 (sender_address ? sender_address[0] != 0 : FALSE))
384152a6
TK		 625 {
626
627 srs_orig_sender = sender_address;
628 eximsrs_init();
629 if(ob->srs_dbinsert)
630 eximsrs_db_set(FALSE, ob->srs_dbinsert);
130e9641 631/* Comment this out for now...
384152a6
TK		 632// else
633// eximsrs_db_set(FALSE, NULL);
130e9641 634*/
384152a6
TK		 635
636 if(ob->srs_alias != NULL ? (usedomain = expand_string(ob->srs_alias)) == NULL : 1)
637 usedomain = deliver_domain;
638
639 if((n_srs = eximsrs_forward(&res, sender_address, usedomain)) == OK)
640 {
641 addr_prop.srs_sender = res;
642 DEBUG(D_any)
643 debug_printf("SRS (forward): Sender '%s' rewritten to '%s'\n", srs_orig_sender, res);
644 }
645
8523533c 646 eximsrs_done();
384152a6
TK		 647
648 if(n_srs != OK)
649 return n_srs;
8523533c 650 }
384152a6 651 }
8523533c
TK		 652 }
653#endif
654
0756eb3c
PH		 655/* Call the function that interprets redirection data, either inline or from a
656file. This is a separate function so that the system filter can use it. It will
657run the function in a subprocess if necessary. If qualify_preserve_domain is
658set, temporarily reset qualify_domain_recipient to the current domain so that
659any unqualified addresses get qualified with the same domain as the incoming
660address. Otherwise, if a local qualify_domain is provided, set that up. */
661
662if (ob->qualify_preserve_domain)
663 qualify_domain_recipient = addr->domain;
664else if (ob->qualify_domain != NULL)
665 {
666 uschar *new_qdr = rf_expand_data(addr, ob->qualify_domain, &xrc);
667 if (new_qdr == NULL) return xrc;
668 qualify_domain_recipient = new_qdr;
669 }
670
671redirect.owners = ob->owners;
672redirect.owngroups = ob->owngroups;
673redirect.modemask = ob->modemask;
674redirect.check_owner = ob->check_owner;
675redirect.check_group = ob->check_group;
676redirect.pw = pw;
677
678if (ob->file != NULL)
679 {
680 redirect.string = ob->file;
681 redirect.isfile = TRUE;
682 }
683else
684 {
685 redirect.string = ob->data;
686 redirect.isfile = FALSE;
687 }
688
689frc = rda_interpret(&redirect, options, ob->include_directory,
e4a89c47
PH		 690 ob->sieve_vacation_directory, ob->sieve_useraddress, ob->sieve_subaddress,
691 &ugid, &generated, &(addr->message), ob->skip_syntax_errors? &eblock : NULL,
692 &filtertype, string_sprintf("%s router (recipient is %s)", rblock->name,
693 addr->address));
0756eb3c
PH		 694
695qualify_domain_recipient = save_qualify_domain_recipient;
696
697/* Handle exceptional returns from filtering or processing an address list.
698For FAIL and FREEZE we honour any previously set up deliveries by a filter. */
699
700switch (frc)
701 {
702 case FF_NONEXIST:
703 addr->message = addr->user_message = NULL;
704 return DECLINE;
705
706 case FF_BLACKHOLE:
707 DEBUG(D_route) debug_printf("address :blackhole:d\n");
708 generated = NULL;
709 discarded = US":blackhole:";
710 frc = FF_DELIVERED;
711 break;
712
713 /* FF_DEFER and FF_FAIL can arise only as a result of explicit commands
714 (:fail: in an alias file or "fail" in a filter). If a configured message was
715 supplied, allow it to be included in an SMTP response after verifying. */
716
717 case FF_DEFER:
718 if (addr->message == NULL) addr->message = US"forced defer";
719 else addr->user_message = addr->message;
720 return DEFER;
721
722 case FF_FAIL:
723 if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK)
724 return xrc;
725 add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw);
447d236c
PH		 726 if (addr->message == NULL)
727 addr->message = US"forced rejection";
728 else
729 {
730 addr->user_message = addr->message;
731 setflag(addr, af_pass_message);
732 }
0756eb3c
PH		 733 return FAIL;
734
735 /* As in the case of a system filter, a freeze does not happen after a manual
736 thaw. In case deliveries were set up by the filter, we set the child count
737 high so that their completion does not mark the original address done. */
738
739 case FF_FREEZE:
740 if (!deliver_manual_thaw)
741 {
742 if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop))
743 != OK) return xrc;
744 add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw);
745 if (addr->message == NULL) addr->message = US"frozen by filter";
746 addr->special_action = SPECIAL_FREEZE;
747 addr->child_count = 9999;
748 return DEFER;
749 }
750 frc = FF_NOTDELIVERED;
751 break;
752
753 /* Handle syntax errors and :include: failures and lookup defers */
754
755 case FF_ERROR:
756 case FF_INCLUDEFAIL:
757
758 /* If filtertype is still FILTER_UNSET, it means that the redirection data
759 was never inspected, so the error was an expansion failure or failure to open
760 the file, or whatever. In these cases, the existing error message is probably
761 sufficient. */
762
763 if (filtertype == FILTER_UNSET) return DEFER;
764
765 /* If it was a filter and skip_syntax_errors is set, we want to set up
766 the error message so that it can be logged and mailed to somebody. */
767
768 if (filtertype != FILTER_FORWARD && ob->skip_syntax_errors)
769 {
770 eblock = store_get(sizeof(error_block));
771 eblock->next = NULL;
772 eblock->text1 = addr->message;
773 eblock->text2 = NULL;
774 addr->message = addr->user_message = NULL;
775 }
776
777 /* Otherwise set up the error for the address and defer. */
778
779 else
780 {
781 addr->basic_errno = ERRNO_BADREDIRECT;
782 addr->message = string_sprintf("error in %s %s: %s",
783 (filtertype != FILTER_FORWARD)? "filter" : "redirect",
784 (ob->data == NULL)? "file" : "data",
785 addr->message);
786 return DEFER;
787 }
788 }
789
790
791/* Yield is either FF_DELIVERED (significant action) or FF_NOTDELIVERED (no
792significant action). Before dealing with these, however, we must handle the
793effect of skip_syntax_errors.
794
795If skip_syntax_errors was set and there were syntax errors in an address list,
796error messages will be present in eblock. Log them and send a message if so
797configured. We cannot do this earlier, because the error message must not be
798sent as the local user. If there were no valid addresses, generated will be
799NULL. In this case, the router declines.
800
801For a filter file, the error message has been fudged into an eblock. After
802dealing with it, the router declines. */
803
804if (eblock != NULL)
805 {
806 if (!moan_skipped_syntax_errors(
fd6de02e
PH		 807 rblock->name, /* For message content */
808 eblock, /* Ditto */
809 (verify != v_none || address_test_mode)?
810 NULL : ob->syntax_errors_to, /* Who to mail */
811 generated != NULL, /* True if not all failed */
812 ob->syntax_errors_text)) /* Custom message */
0756eb3c
PH		 813 return DEFER;
814
815 if (filtertype != FILTER_FORWARD || generated == NULL)
816 {
817 addr->message = US"syntax error in redirection data";
818 return DECLINE;
819 }
820 }
821
822/* Sort out the errors address and any header modifications, and handle the
823generated addresses, if any. If there are no generated addresses, we must avoid
824calling sort_errors_and_headers() in case this router declines - that function
825may modify the errors_address field in the current address, and we don't want
826to do that for a decline. */
827
828if (generated != NULL)
829 {
830 if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK)
831 return xrc;
832 add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw);
833 }
834
835/* FF_DELIVERED with no generated addresses is what we get when an address list
836contains :blackhole: or a filter contains "seen finish" without having
837generated anything. Log what happened to this address, and return DISCARD. */
838
839if (frc == FF_DELIVERED)
840 {
fd6de02e 841 if (generated == NULL && verify == v_none && !address_test_mode)
0756eb3c
PH		 842 {
843 log_write(0, LOG_MAIN, "=> %s <%s> R=%s", discarded, addr->address,
844 rblock->name);
845 yield = DISCARD;
846 }
847 }
848
849/* For an address list, FF_NOTDELIVERED always means that no addresses were
850generated. For a filter, addresses may or may not have been generated. If none
851were, it's the same as an empty address list, and the router declines. However,
852if addresses were generated, we can't just decline because successful delivery
853of the base address gets it marked "done", so deferred generated addresses
854never get tried again. We have to generate a new version of the base address,
855as if there were a "deliver" command in the filter file, with the original
856address as parent. */
857
858else
859 {
860 address_item *next;
861
862 if (generated == NULL) return DECLINE;
863
864 next = deliver_make_addr(addr->address, FALSE);
865 next->parent = addr;
866 addr->child_count++;
867 next->next = *addr_new;
868 *addr_new = next;
869
870 /* Copy relevant flags (af_propagate is a name for the set), and set the
871 data that propagates. */
872
873 copyflag(next, addr, af_propagate);
874 next->p = addr_prop;
875
876 DEBUG(D_route) debug_printf("%s router autogenerated %s\n%s%s%s",
877 rblock->name,
878 next->address,
879 (addr_prop.errors_address != NULL)? " errors to " : "",
880 (addr_prop.errors_address != NULL)? addr_prop.errors_address : US"",
881 (addr_prop.errors_address != NULL)? "\n" : "");
882 }
883
884/* Control gets here only when the address has been completely handled. Put the
885original address onto the succeed queue so that any retry items that get
886attached to it get processed. */
887
888addr->next = *addr_succeed;
889*addr_succeed = addr;
890
891return yield;
892}
893
894/* End of routers/redirect.c */
Unnamed repository; edit this file 'description' to name the repository.