Commit | Line | Data |
---|---|---|
4608d683 | 1 | /* $Cambridge: exim/src/src/routers/redirect.c,v 1.16 2006/06/27 14:34:26 ph10 Exp $ */ |
0756eb3c PH |
2 | |
3 | /************************************************* | |
4 | * Exim - an Internet mail transport agent * | |
5 | *************************************************/ | |
6 | ||
d7d7b7b9 | 7 | /* Copyright (c) University of Cambridge 1995 - 2006 */ |
0756eb3c PH |
8 | /* See the file NOTICE for conditions of use and distribution. */ |
9 | ||
10 | ||
11 | #include "../exim.h" | |
12 | #include "rf_functions.h" | |
13 | #include "redirect.h" | |
14 | ||
15 | ||
16 | ||
17 | /* Options specific to the redirect router. */ | |
18 | ||
19 | optionlist redirect_router_options[] = { | |
20 | { "allow_defer", opt_bit | (RDON_DEFER << 16), | |
21 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
22 | { "allow_fail", opt_bit | (RDON_FAIL << 16), | |
23 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
24 | { "allow_filter", opt_bit | (RDON_FILTER << 16), | |
25 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
26 | { "allow_freeze", opt_bit | (RDON_FREEZE << 16), | |
27 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
28 | { "check_ancestor", opt_bool, | |
29 | (void *)offsetof(redirect_router_options_block, check_ancestor) }, | |
30 | { "check_group", opt_bool, | |
31 | (void *)offsetof(redirect_router_options_block, check_group) }, | |
32 | { "check_owner", opt_bool, | |
33 | (void *)offsetof(redirect_router_options_block, check_owner) }, | |
34 | { "data", opt_stringptr, | |
35 | (void *)offsetof(redirect_router_options_block, data) }, | |
36 | { "directory_transport",opt_stringptr, | |
37 | (void *)offsetof(redirect_router_options_block, directory_transport_name) }, | |
38 | { "file", opt_stringptr, | |
39 | (void *)offsetof(redirect_router_options_block, file) }, | |
40 | { "file_transport", opt_stringptr, | |
41 | (void *)offsetof(redirect_router_options_block, file_transport_name) }, | |
4608d683 PH |
42 | { "filter_prepend_home",opt_bit | (RDON_PREPEND_HOME << 16), |
43 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
0756eb3c PH |
44 | { "forbid_blackhole", opt_bit | (RDON_BLACKHOLE << 16), |
45 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
23c7ff99 PH |
46 | { "forbid_exim_filter", opt_bit | (RDON_EXIM_FILTER << 16), |
47 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
0756eb3c PH |
48 | { "forbid_file", opt_bool, |
49 | (void *)offsetof(redirect_router_options_block, forbid_file) }, | |
1a46a8c5 PH |
50 | { "forbid_filter_dlfunc", opt_bit | (RDON_DLFUNC << 16), |
51 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
0756eb3c PH |
52 | { "forbid_filter_existstest", opt_bit | (RDON_EXISTS << 16), |
53 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
54 | { "forbid_filter_logwrite",opt_bit | (RDON_LOG << 16), | |
55 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
56 | { "forbid_filter_lookup", opt_bit | (RDON_LOOKUP << 16), | |
57 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
0756eb3c PH |
58 | { "forbid_filter_perl", opt_bit | (RDON_PERL << 16), |
59 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
0756eb3c PH |
60 | { "forbid_filter_readfile", opt_bit | (RDON_READFILE << 16), |
61 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
62 | { "forbid_filter_readsocket", opt_bit | (RDON_READSOCK << 16), | |
63 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
64 | { "forbid_filter_reply",opt_bool, | |
65 | (void *)offsetof(redirect_router_options_block, forbid_filter_reply) }, | |
66 | { "forbid_filter_run", opt_bit | (RDON_RUN << 16), | |
67 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
68 | { "forbid_include", opt_bit | (RDON_INCLUDE << 16), | |
69 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
70 | { "forbid_pipe", opt_bool, | |
71 | (void *)offsetof(redirect_router_options_block, forbid_pipe) }, | |
23c7ff99 PH |
72 | { "forbid_sieve_filter",opt_bit | (RDON_SIEVE_FILTER << 16), |
73 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
0756eb3c PH |
74 | { "hide_child_in_errmsg", opt_bool, |
75 | (void *)offsetof(redirect_router_options_block, hide_child_in_errmsg) }, | |
76 | { "ignore_eacces", opt_bit | (RDON_EACCES << 16), | |
77 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
78 | { "ignore_enotdir", opt_bit | (RDON_ENOTDIR << 16), | |
79 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
80 | { "include_directory", opt_stringptr, | |
81 | (void *)offsetof(redirect_router_options_block, include_directory) }, | |
82 | { "modemask", opt_octint, | |
83 | (void *)offsetof(redirect_router_options_block, modemask) }, | |
84 | { "one_time", opt_bool, | |
85 | (void *)offsetof(redirect_router_options_block, one_time) }, | |
86 | { "owners", opt_uidlist, | |
87 | (void *)offsetof(redirect_router_options_block, owners) }, | |
88 | { "owngroups", opt_gidlist, | |
89 | (void *)offsetof(redirect_router_options_block, owngroups) }, | |
90 | { "pipe_transport", opt_stringptr, | |
91 | (void *)offsetof(redirect_router_options_block, pipe_transport_name) }, | |
92 | { "qualify_domain", opt_stringptr, | |
93 | (void *)offsetof(redirect_router_options_block, qualify_domain) }, | |
94 | { "qualify_preserve_domain", opt_bool, | |
95 | (void *)offsetof(redirect_router_options_block, qualify_preserve_domain) }, | |
96 | { "repeat_use", opt_bool | opt_public, | |
97 | (void *)offsetof(router_instance, repeat_use) }, | |
98 | { "reply_transport", opt_stringptr, | |
99 | (void *)offsetof(redirect_router_options_block, reply_transport_name) }, | |
100 | { "rewrite", opt_bit | (RDON_REWRITE << 16), | |
101 | (void *)offsetof(redirect_router_options_block, bit_options) }, | |
e4a89c47 PH |
102 | { "sieve_subaddress", opt_stringptr, |
103 | (void *)offsetof(redirect_router_options_block, sieve_subaddress) }, | |
104 | { "sieve_useraddress", opt_stringptr, | |
105 | (void *)offsetof(redirect_router_options_block, sieve_useraddress) }, | |
0756eb3c PH |
106 | { "sieve_vacation_directory", opt_stringptr, |
107 | (void *)offsetof(redirect_router_options_block, sieve_vacation_directory) }, | |
108 | { "skip_syntax_errors", opt_bool, | |
109 | (void *)offsetof(redirect_router_options_block, skip_syntax_errors) }, | |
8523533c TK |
110 | #ifdef EXPERIMENTAL_SRS |
111 | { "srs", opt_stringptr, | |
112 | (void *)offsetof(redirect_router_options_block, srs) }, | |
113 | { "srs_alias", opt_stringptr, | |
114 | (void *)offsetof(redirect_router_options_block, srs_alias) }, | |
115 | { "srs_condition", opt_stringptr, | |
116 | (void *)offsetof(redirect_router_options_block, srs_condition) }, | |
384152a6 TK |
117 | { "srs_dbinsert", opt_stringptr, |
118 | (void *)offsetof(redirect_router_options_block, srs_dbinsert) }, | |
119 | { "srs_dbselect", opt_stringptr, | |
120 | (void *)offsetof(redirect_router_options_block, srs_dbselect) }, | |
8523533c | 121 | #endif |
0756eb3c PH |
122 | { "syntax_errors_text", opt_stringptr, |
123 | (void *)offsetof(redirect_router_options_block, syntax_errors_text) }, | |
124 | { "syntax_errors_to", opt_stringptr, | |
125 | (void *)offsetof(redirect_router_options_block, syntax_errors_to) } | |
126 | }; | |
127 | ||
128 | /* Size of the options list. An extern variable has to be used so that its | |
129 | address can appear in the tables drtables.c. */ | |
130 | ||
131 | int redirect_router_options_count = | |
132 | sizeof(redirect_router_options)/sizeof(optionlist); | |
133 | ||
134 | /* Default private options block for the redirect router. */ | |
135 | ||
136 | redirect_router_options_block redirect_router_option_defaults = { | |
137 | NULL, /* directory_transport */ | |
138 | NULL, /* file_transport */ | |
139 | NULL, /* pipe_transport */ | |
140 | NULL, /* reply_transport */ | |
141 | NULL, /* data */ | |
142 | NULL, /* directory_transport_name */ | |
143 | NULL, /* file */ | |
144 | NULL, /* file_dir */ | |
145 | NULL, /* file_transport_name */ | |
146 | NULL, /* include_directory */ | |
147 | NULL, /* pipe_transport_name */ | |
148 | NULL, /* reply_transport_name */ | |
e4a89c47 PH |
149 | NULL, /* sieve_subaddress */ |
150 | NULL, /* sieve_useraddress */ | |
0756eb3c PH |
151 | NULL, /* sieve_vacation_directory */ |
152 | NULL, /* syntax_errors_text */ | |
153 | NULL, /* syntax_errors_to */ | |
154 | NULL, /* qualify_domain */ | |
155 | NULL, /* owners */ | |
156 | NULL, /* owngroups */ | |
8523533c TK |
157 | #ifdef EXPERIMENTAL_SRS |
158 | NULL, /* srs */ | |
8523533c | 159 | NULL, /* srs_alias */ |
384152a6 TK |
160 | NULL, /* srs_condition */ |
161 | NULL, /* srs_dbinsert */ | |
162 | NULL, /* srs_dbselect */ | |
8523533c | 163 | #endif |
0756eb3c | 164 | 022, /* modemask */ |
4608d683 | 165 | RDO_REWRITE | RDO_PREPEND_HOME, /* bit_options */ |
0756eb3c PH |
166 | FALSE, /* check_ancestor */ |
167 | TRUE_UNSET, /* check_owner */ | |
168 | TRUE_UNSET, /* check_group */ | |
169 | FALSE, /* forbid_file */ | |
170 | FALSE, /* forbid_filter_reply */ | |
171 | FALSE, /* forbid_pipe */ | |
172 | FALSE, /* hide_child_in_errmsg */ | |
173 | FALSE, /* one_time */ | |
174 | FALSE, /* qualify_preserve_domain */ | |
175 | FALSE /* skip_syntax_errors */ | |
176 | }; | |
177 | ||
178 | ||
179 | ||
180 | /************************************************* | |
181 | * Initialization entry point * | |
182 | *************************************************/ | |
183 | ||
184 | /* Called for each instance, after its options have been read, to enable | |
185 | consistency checks to be done, or anything else that needs to be set up. */ | |
186 | ||
187 | void redirect_router_init(router_instance *rblock) | |
188 | { | |
189 | redirect_router_options_block *ob = | |
190 | (redirect_router_options_block *)(rblock->options_block); | |
191 | ||
192 | /* Either file or data must be set, but not both */ | |
193 | ||
194 | if ((ob->file == NULL) == (ob->data == NULL)) | |
195 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
196 | "%sone of \"file\" or \"data\" must be specified", | |
197 | rblock->name, (ob->file == NULL)? "" : "only "); | |
198 | ||
7f45268c PH |
199 | /* Onetime aliases can only be real addresses. Headers can't be manipulated. |
200 | The combination of one_time and unseen is not allowed. We can't check the | |
201 | expansion of "unseen" here, but we assume that if it is set to anything other | |
202 | than false, there is likely to be a problem. */ | |
0756eb3c PH |
203 | |
204 | if (ob->one_time) | |
205 | { | |
206 | ob->forbid_pipe = ob->forbid_file = ob->forbid_filter_reply = TRUE; | |
207 | if (rblock->extra_headers != NULL || rblock->remove_headers != NULL) | |
208 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
209 | "\"headers_add\" and \"headers_remove\" are not permitted with " | |
210 | "\"one_time\"", rblock->name); | |
7f45268c PH |
211 | if (rblock->unseen || rblock->expand_unseen != NULL) |
212 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
213 | "\"unseen\" may not be used with \"one_time\"", rblock->name); | |
0756eb3c PH |
214 | } |
215 | ||
216 | /* The defaults for check_owner and check_group depend on other settings. The | |
217 | defaults are: Check the owner if check_local_user or owners is set; check the | |
218 | group if check_local_user is set without a restriction on the group write bit, | |
219 | or if owngroups is set. */ | |
220 | ||
221 | if (ob->check_owner == TRUE_UNSET) | |
222 | ob->check_owner = rblock->check_local_user || | |
223 | (ob->owners != NULL && ob->owners[0] != 0); | |
224 | ||
225 | if (ob->check_group == TRUE_UNSET) | |
226 | ob->check_group = (rblock->check_local_user && (ob->modemask & 020) == 0) || | |
227 | (ob->owngroups != NULL && ob->owngroups[0] != 0); | |
228 | ||
229 | /* If explicit qualify domain set, the preserve option is locked out */ | |
230 | ||
231 | if (ob->qualify_domain != NULL && ob->qualify_preserve_domain) | |
232 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
233 | "only one of \"qualify_domain\" or \"qualify_preserve_domain\" must be set", | |
234 | rblock->name); | |
235 | ||
236 | /* If allow_filter is set, either user or check_local_user must be set. */ | |
237 | ||
238 | if (!rblock->check_local_user && | |
239 | !rblock->uid_set && | |
240 | rblock->expand_uid == NULL && | |
241 | (ob->bit_options & RDO_FILTER) != 0) | |
242 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n " | |
243 | "\"user\" or \"check_local_user\" must be set with \"allow_filter\"", | |
244 | rblock->name); | |
245 | } | |
246 | ||
247 | ||
248 | ||
249 | /************************************************* | |
250 | * Get errors address and header mods * | |
251 | *************************************************/ | |
252 | ||
253 | /* This function is called when new addresses are generated, in order to | |
254 | sort out errors address and header modifications. We put the errors address | |
255 | into the parent address (even though it is never used from there because that | |
256 | address is never transported) so that it can be retrieved if any of the | |
257 | children gets routed by an "unseen" router. The clone of the child that is | |
258 | passed on must have the original errors_address value. | |
259 | ||
260 | Arguments: | |
261 | rblock the router control block | |
262 | addr the address being routed | |
fd6de02e | 263 | verify v_none/v_recipient/v_sender/v_expn |
0756eb3c PH |
264 | addr_prop point to the propagated block, which is where the |
265 | new values are to be placed | |
266 | ||
267 | Returns: the result of rf_get_errors_address() or rf_get_munge_headers(), | |
268 | which is either OK or DEFER | |
269 | */ | |
270 | ||
271 | static int | |
272 | sort_errors_and_headers(router_instance *rblock, address_item *addr, | |
fd6de02e | 273 | int verify, address_item_propagated *addr_prop) |
0756eb3c PH |
274 | { |
275 | int frc = rf_get_errors_address(addr, rblock, verify, | |
276 | &(addr_prop->errors_address)); | |
277 | if (frc != OK) return frc; | |
278 | addr->p.errors_address = addr_prop->errors_address; | |
279 | return rf_get_munge_headers(addr, rblock, &(addr_prop->extra_headers), | |
280 | &(addr_prop->remove_headers)); | |
281 | } | |
282 | ||
283 | ||
284 | ||
285 | /************************************************* | |
286 | * Process a set of generated new addresses * | |
287 | *************************************************/ | |
288 | ||
289 | /* This function sets up a set of newly generated child addresses and puts them | |
290 | on the new address chain. Copy in the uid, gid and permission flags for use by | |
291 | pipes and files, set the parent, and "or" its af_ignore_error flag. Also record | |
292 | the setting for any starting router. | |
293 | ||
294 | If the generated address is the same as one of its ancestors, and the | |
295 | check_ancestor flag is set, do not use this generated address, but replace it | |
296 | with a copy of the input address. This is to cope with cases where A is aliased | |
297 | to B and B has a .forward file pointing to A, though it is usually set on the | |
298 | forwardfile rather than the aliasfile. We can't just pass on the old | |
299 | address by returning FAIL, because it must act as a general parent for | |
300 | generated addresses, and only get marked "done" when all its children are | |
301 | delivered. | |
302 | ||
303 | Arguments: | |
304 | rblock router block | |
305 | addr_new new address chain | |
306 | addr original address | |
307 | generated list of generated addresses | |
308 | addr_prop the propagated block, containing the errors_address, | |
309 | header modification stuff, and address_data | |
310 | ugidptr points to uid/gid data for files, pipes, autoreplies | |
311 | pw password entry, set if ob->check_local_user is TRUE | |
312 | ||
313 | Returns: nothing | |
314 | */ | |
315 | ||
316 | static void | |
317 | add_generated(router_instance *rblock, address_item **addr_new, | |
318 | address_item *addr, address_item *generated, | |
319 | address_item_propagated *addr_prop, ugid_block *ugidptr, struct passwd *pw) | |
320 | { | |
321 | redirect_router_options_block *ob = | |
322 | (redirect_router_options_block *)(rblock->options_block); | |
323 | ||
324 | while (generated != NULL) | |
325 | { | |
326 | address_item *parent; | |
327 | address_item *next = generated; | |
328 | uschar *errors_address = next->p.errors_address; | |
329 | ||
330 | generated = next->next; | |
331 | next->parent = addr; | |
332 | orflag(next, addr, af_ignore_error); | |
333 | next->start_router = rblock->redirect_router; | |
334 | addr->child_count++; | |
335 | ||
336 | next->next = *addr_new; | |
337 | *addr_new = next; | |
338 | ||
339 | /* Don't do the "one_time" thing for the first pass of a 2-stage queue run. */ | |
340 | ||
341 | if (ob->one_time && !queue_2stage) | |
342 | { | |
343 | for (parent = addr; parent->parent != NULL; parent = parent->parent); | |
344 | next->onetime_parent = parent->address; | |
345 | } | |
346 | ||
347 | if (ob->hide_child_in_errmsg) setflag(next, af_hide_child); | |
348 | ||
349 | /* If check_ancestor is set, we want to know if any ancestor of this address | |
350 | is the address we are about to generate. The check must be done caselessly | |
351 | unless the ancestor was routed by a case-sensitive router. */ | |
352 | ||
353 | if (ob->check_ancestor) | |
354 | { | |
355 | for (parent = addr; parent != NULL; parent = parent->parent) | |
356 | { | |
357 | if (((parent->router != NULL && parent->router->caseful_local_part)? | |
358 | Ustrcmp(next->address, parent->address) | |
359 | : | |
360 | strcmpic(next->address, parent->address) | |
361 | ) == 0) | |
362 | { | |
363 | DEBUG(D_route) debug_printf("generated parent replaced by child\n"); | |
364 | next->address = string_copy(addr->address); | |
365 | break; | |
366 | } | |
367 | } | |
368 | } | |
369 | ||
370 | /* A user filter may, under some circumstances, set up an errors address. | |
371 | If so, we must take care to re-instate it when we copy in the propagated | |
372 | data so that it overrides any errors_to setting on the router. */ | |
373 | ||
374 | next->p = *addr_prop; | |
375 | if (errors_address != NULL) next->p.errors_address = errors_address; | |
376 | ||
377 | /* For pipes, files, and autoreplies, record this router as handling them, | |
378 | because they don't go through the routing process again. Then set up uid, | |
379 | gid, home and current directories for transporting. */ | |
380 | ||
381 | if (testflag(next, af_pfr)) | |
382 | { | |
383 | next->router = rblock; | |
384 | rf_set_ugid(next, ugidptr); /* Will contain pw values if not overridden */ | |
385 | ||
386 | /* When getting the home directory out of the password information, wrap it | |
387 | in \N...\N to avoid expansion later. In Cygwin, home directories can | |
388 | contain $ characters. */ | |
389 | ||
390 | if (rblock->home_directory != NULL) | |
391 | next->home_dir = rblock->home_directory; | |
392 | else if (rblock->check_local_user) | |
393 | next->home_dir = string_sprintf("\\N%s\\N", pw->pw_dir); | |
394 | else if (rblock->router_home_directory != NULL && | |
395 | testflag(addr, af_home_expanded)) | |
396 | { | |
397 | next->home_dir = deliver_home; | |
398 | setflag(next, af_home_expanded); | |
399 | } | |
400 | ||
401 | next->current_dir = rblock->current_directory; | |
402 | ||
403 | /* Permission options */ | |
404 | ||
405 | if (!ob->forbid_pipe) setflag(next, af_allow_pipe); | |
406 | if (!ob->forbid_file) setflag(next, af_allow_file); | |
407 | if (!ob->forbid_filter_reply) setflag(next, af_allow_reply); | |
408 | ||
409 | /* If the transport setting fails, the error gets picked up at the outer | |
410 | level from the setting of basic_errno in the address. */ | |
411 | ||
412 | if (next->address[0] == '|') | |
413 | { | |
414 | address_pipe = next->address; | |
415 | if (rf_get_transport(ob->pipe_transport_name, &(ob->pipe_transport), | |
416 | next, rblock->name, US"pipe_transport")) | |
417 | next->transport = ob->pipe_transport; | |
418 | address_pipe = NULL; | |
419 | } | |
420 | else if (next->address[0] == '>') | |
421 | { | |
422 | if (rf_get_transport(ob->reply_transport_name, &(ob->reply_transport), | |
423 | next, rblock->name, US"reply_transport")) | |
424 | next->transport = ob->reply_transport; | |
425 | } | |
426 | else /* must be file or directory */ | |
427 | { | |
428 | int len = Ustrlen(next->address); | |
429 | address_file = next->address; | |
430 | if (next->address[len-1] == '/') | |
431 | { | |
432 | if (rf_get_transport(ob->directory_transport_name, | |
433 | &(ob->directory_transport), next, rblock->name, | |
434 | US"directory_transport")) | |
435 | next->transport = ob->directory_transport; | |
436 | } | |
437 | else | |
438 | { | |
439 | if (rf_get_transport(ob->file_transport_name, &(ob->file_transport), | |
440 | next, rblock->name, US"file_transport")) | |
441 | next->transport = ob->file_transport; | |
442 | } | |
443 | address_file = NULL; | |
444 | } | |
445 | } | |
446 | ||
447 | DEBUG(D_route) | |
448 | { | |
449 | debug_printf("%s router generated %s\n %serrors_to=%s transport=%s\n", | |
450 | rblock->name, | |
451 | next->address, | |
452 | testflag(next, af_pfr)? "pipe, file, or autoreply\n " : "", | |
453 | next->p.errors_address, | |
454 | (next->transport == NULL)? US"NULL" : next->transport->name); | |
455 | ||
456 | if (testflag(next, af_uid_set)) | |
457 | debug_printf(" uid=%ld ", (long int)(next->uid)); | |
458 | else | |
459 | debug_printf(" uid=unset "); | |
460 | ||
461 | if (testflag(next, af_gid_set)) | |
462 | debug_printf("gid=%ld ", (long int)(next->gid)); | |
463 | else | |
464 | debug_printf("gid=unset "); | |
465 | ||
466 | debug_printf("home=%s\n", next->home_dir); | |
467 | } | |
468 | } | |
469 | } | |
470 | ||
471 | ||
472 | /************************************************* | |
473 | * Main entry point * | |
474 | *************************************************/ | |
475 | ||
476 | /* See local README for interface description. This router returns: | |
477 | ||
478 | DECLINE | |
479 | . empty address list, or filter did nothing significant | |
480 | ||
481 | DEFER | |
482 | . verifying the errors address caused a deferment or a big disaster such | |
483 | as an expansion failure (rf_get_errors_address) | |
484 | . expanding a headers_{add,remove} string caused a deferment or another | |
485 | expansion error (rf_get_munge_headers) | |
486 | . :defer: or "freeze" in a filter | |
487 | . error in address list or filter | |
488 | . skipped syntax errors, but failed to send the message | |
489 | ||
490 | DISCARD | |
491 | . address was :blackhole:d or "seen finish"ed | |
492 | ||
493 | FAIL | |
494 | . :fail: | |
495 | ||
496 | OK | |
497 | . new addresses added to addr_new | |
498 | */ | |
499 | ||
500 | int redirect_router_entry( | |
501 | router_instance *rblock, /* data for this instantiation */ | |
502 | address_item *addr, /* address we are working on */ | |
503 | struct passwd *pw, /* passwd entry after check_local_user */ | |
fd6de02e | 504 | int verify, /* v_none/v_recipient/v_sender/v_expn */ |
0756eb3c PH |
505 | address_item **addr_local, /* add it to this if it's local */ |
506 | address_item **addr_remote, /* add it to this if it's remote */ | |
507 | address_item **addr_new, /* put new addresses on here */ | |
508 | address_item **addr_succeed) /* put old address here on success */ | |
509 | { | |
510 | redirect_router_options_block *ob = | |
511 | (redirect_router_options_block *)(rblock->options_block); | |
512 | address_item *generated = NULL; | |
513 | uschar *save_qualify_domain_recipient = qualify_domain_recipient; | |
514 | uschar *discarded = US"discarded"; | |
515 | address_item_propagated addr_prop; | |
516 | error_block *eblock = NULL; | |
517 | ugid_block ugid; | |
518 | redirect_block redirect; | |
519 | int filtertype = FILTER_UNSET; | |
520 | int yield = OK; | |
521 | int options = ob->bit_options; | |
522 | int frc = 0; | |
523 | int xrc = 0; | |
524 | ||
525 | addr_local = addr_local; /* Keep picky compilers happy */ | |
526 | addr_remote = addr_remote; | |
527 | ||
528 | /* Initialize the data to be propagated to the children */ | |
529 | ||
530 | addr_prop.address_data = deliver_address_data; | |
531 | addr_prop.domain_data = deliver_domain_data; | |
532 | addr_prop.localpart_data = deliver_localpart_data; | |
533 | addr_prop.errors_address = NULL; | |
534 | addr_prop.extra_headers = NULL; | |
535 | addr_prop.remove_headers = NULL; | |
536 | ||
384152a6 TK |
537 | #ifdef EXPERIMENTAL_SRS |
538 | addr_prop.srs_sender = NULL; | |
539 | #endif | |
540 | ||
0756eb3c PH |
541 | /* When verifying and testing addresses, the "logwrite" command in filters |
542 | must be bypassed. */ | |
543 | ||
fd6de02e | 544 | if (verify == v_none && !address_test_mode) options |= RDO_REALLOG; |
0756eb3c PH |
545 | |
546 | /* Sort out the fixed or dynamic uid/gid. This uid is used (a) for reading the | |
547 | file (and interpreting a filter) and (b) for running the transports for | |
548 | generated file and pipe addresses. It is not (necessarily) the same as the uids | |
549 | that may own the file. Exim panics if an expanded string is not a number and | |
550 | can't be found in the password file. Other errors set the freezing bit. */ | |
551 | ||
552 | if (!rf_get_ugid(rblock, addr, &ugid)) return DEFER; | |
553 | ||
554 | if (!ugid.uid_set && pw != NULL) | |
555 | { | |
556 | ugid.uid = pw->pw_uid; | |
557 | ugid.uid_set = TRUE; | |
558 | } | |
559 | ||
560 | if (!ugid.gid_set && pw != NULL) | |
561 | { | |
562 | ugid.gid = pw->pw_gid; | |
563 | ugid.gid_set = TRUE; | |
564 | } | |
565 | ||
8523533c | 566 | #ifdef EXPERIMENTAL_SRS |
384152a6 TK |
567 | /* Perform SRS on recipient/return-path as required */ |
568 | ||
8523533c TK |
569 | if(ob->srs != NULL) |
570 | { | |
571 | BOOL usesrs = TRUE; | |
8e669ac1 | 572 | |
8523533c TK |
573 | if(ob->srs_condition != NULL) |
574 | usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL); | |
8e669ac1 | 575 | |
8523533c | 576 | if(usesrs) |
384152a6 | 577 | { |
5614ee86 | 578 | int srs_action = 0, n_srs; |
384152a6 TK |
579 | uschar *res; |
580 | uschar *usedomain; | |
581 | ||
582 | /* What are we doing? */ | |
583 | if(Ustrcmp(ob->srs, "forward") == 0) | |
584 | srs_action = 1; | |
585 | else if(Ustrcmp(ob->srs, "reverseandforward") == 0) | |
8523533c | 586 | { |
384152a6 | 587 | srs_action = 3; |
8e669ac1 | 588 | |
384152a6 TK |
589 | if((ob->srs_dbinsert == NULL) ^ (ob->srs_dbselect == NULL)) |
590 | return DEFER; | |
591 | } | |
592 | else if(Ustrcmp(ob->srs, "reverse") == 0) | |
593 | srs_action = 2; | |
594 | ||
595 | /* Reverse SRS */ | |
596 | if(srs_action & 2) | |
597 | { | |
8523533c | 598 | srs_orig_recipient = addr->address; |
384152a6 | 599 | |
8523533c | 600 | eximsrs_init(); |
384152a6 TK |
601 | if(ob->srs_dbselect) |
602 | eximsrs_db_set(TRUE, ob->srs_dbselect); | |
130e9641 | 603 | /* Comment this out for now... |
384152a6 TK |
604 | // else |
605 | // eximsrs_db_set(TRUE, NULL); | |
130e9641 | 606 | */ |
384152a6 TK |
607 | |
608 | if((n_srs = eximsrs_reverse(&res, addr->address)) == OK) | |
609 | { | |
610 | srs_recipient = res; | |
611 | DEBUG(D_any) | |
612 | debug_printf("SRS (reverse): Recipient '%s' rewritten to '%s'\n", srs_orig_recipient, srs_recipient); | |
613 | } | |
614 | ||
615 | eximsrs_done(); | |
616 | ||
617 | if(n_srs != OK) | |
8523533c | 618 | return n_srs; |
384152a6 TK |
619 | } |
620 | ||
621 | /* Forward SRS */ | |
622 | /* No point in actually performing SRS if we are just verifying a recipient */ | |
fd6de02e PH |
623 | if((srs_action & 1) && verify == v_none && |
624 | (sender_address ? sender_address[0] != 0 : FALSE)) | |
384152a6 TK |
625 | { |
626 | ||
627 | srs_orig_sender = sender_address; | |
628 | eximsrs_init(); | |
629 | if(ob->srs_dbinsert) | |
630 | eximsrs_db_set(FALSE, ob->srs_dbinsert); | |
130e9641 | 631 | /* Comment this out for now... |
384152a6 TK |
632 | // else |
633 | // eximsrs_db_set(FALSE, NULL); | |
130e9641 | 634 | */ |
384152a6 TK |
635 | |
636 | if(ob->srs_alias != NULL ? (usedomain = expand_string(ob->srs_alias)) == NULL : 1) | |
637 | usedomain = deliver_domain; | |
638 | ||
639 | if((n_srs = eximsrs_forward(&res, sender_address, usedomain)) == OK) | |
640 | { | |
641 | addr_prop.srs_sender = res; | |
642 | DEBUG(D_any) | |
643 | debug_printf("SRS (forward): Sender '%s' rewritten to '%s'\n", srs_orig_sender, res); | |
644 | } | |
645 | ||
8523533c | 646 | eximsrs_done(); |
384152a6 TK |
647 | |
648 | if(n_srs != OK) | |
649 | return n_srs; | |
8523533c | 650 | } |
384152a6 | 651 | } |
8523533c TK |
652 | } |
653 | #endif | |
654 | ||
0756eb3c PH |
655 | /* Call the function that interprets redirection data, either inline or from a |
656 | file. This is a separate function so that the system filter can use it. It will | |
657 | run the function in a subprocess if necessary. If qualify_preserve_domain is | |
658 | set, temporarily reset qualify_domain_recipient to the current domain so that | |
659 | any unqualified addresses get qualified with the same domain as the incoming | |
660 | address. Otherwise, if a local qualify_domain is provided, set that up. */ | |
661 | ||
662 | if (ob->qualify_preserve_domain) | |
663 | qualify_domain_recipient = addr->domain; | |
664 | else if (ob->qualify_domain != NULL) | |
665 | { | |
666 | uschar *new_qdr = rf_expand_data(addr, ob->qualify_domain, &xrc); | |
667 | if (new_qdr == NULL) return xrc; | |
668 | qualify_domain_recipient = new_qdr; | |
669 | } | |
670 | ||
671 | redirect.owners = ob->owners; | |
672 | redirect.owngroups = ob->owngroups; | |
673 | redirect.modemask = ob->modemask; | |
674 | redirect.check_owner = ob->check_owner; | |
675 | redirect.check_group = ob->check_group; | |
676 | redirect.pw = pw; | |
677 | ||
678 | if (ob->file != NULL) | |
679 | { | |
680 | redirect.string = ob->file; | |
681 | redirect.isfile = TRUE; | |
682 | } | |
683 | else | |
684 | { | |
685 | redirect.string = ob->data; | |
686 | redirect.isfile = FALSE; | |
687 | } | |
688 | ||
689 | frc = rda_interpret(&redirect, options, ob->include_directory, | |
e4a89c47 PH |
690 | ob->sieve_vacation_directory, ob->sieve_useraddress, ob->sieve_subaddress, |
691 | &ugid, &generated, &(addr->message), ob->skip_syntax_errors? &eblock : NULL, | |
692 | &filtertype, string_sprintf("%s router (recipient is %s)", rblock->name, | |
693 | addr->address)); | |
0756eb3c PH |
694 | |
695 | qualify_domain_recipient = save_qualify_domain_recipient; | |
696 | ||
697 | /* Handle exceptional returns from filtering or processing an address list. | |
698 | For FAIL and FREEZE we honour any previously set up deliveries by a filter. */ | |
699 | ||
700 | switch (frc) | |
701 | { | |
702 | case FF_NONEXIST: | |
703 | addr->message = addr->user_message = NULL; | |
704 | return DECLINE; | |
705 | ||
706 | case FF_BLACKHOLE: | |
707 | DEBUG(D_route) debug_printf("address :blackhole:d\n"); | |
708 | generated = NULL; | |
709 | discarded = US":blackhole:"; | |
710 | frc = FF_DELIVERED; | |
711 | break; | |
712 | ||
713 | /* FF_DEFER and FF_FAIL can arise only as a result of explicit commands | |
714 | (:fail: in an alias file or "fail" in a filter). If a configured message was | |
715 | supplied, allow it to be included in an SMTP response after verifying. */ | |
716 | ||
717 | case FF_DEFER: | |
718 | if (addr->message == NULL) addr->message = US"forced defer"; | |
719 | else addr->user_message = addr->message; | |
720 | return DEFER; | |
721 | ||
722 | case FF_FAIL: | |
723 | if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK) | |
724 | return xrc; | |
725 | add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw); | |
447d236c PH |
726 | if (addr->message == NULL) |
727 | addr->message = US"forced rejection"; | |
728 | else | |
729 | { | |
730 | addr->user_message = addr->message; | |
731 | setflag(addr, af_pass_message); | |
732 | } | |
0756eb3c PH |
733 | return FAIL; |
734 | ||
735 | /* As in the case of a system filter, a freeze does not happen after a manual | |
736 | thaw. In case deliveries were set up by the filter, we set the child count | |
737 | high so that their completion does not mark the original address done. */ | |
738 | ||
739 | case FF_FREEZE: | |
740 | if (!deliver_manual_thaw) | |
741 | { | |
742 | if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) | |
743 | != OK) return xrc; | |
744 | add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw); | |
745 | if (addr->message == NULL) addr->message = US"frozen by filter"; | |
746 | addr->special_action = SPECIAL_FREEZE; | |
747 | addr->child_count = 9999; | |
748 | return DEFER; | |
749 | } | |
750 | frc = FF_NOTDELIVERED; | |
751 | break; | |
752 | ||
753 | /* Handle syntax errors and :include: failures and lookup defers */ | |
754 | ||
755 | case FF_ERROR: | |
756 | case FF_INCLUDEFAIL: | |
757 | ||
758 | /* If filtertype is still FILTER_UNSET, it means that the redirection data | |
759 | was never inspected, so the error was an expansion failure or failure to open | |
760 | the file, or whatever. In these cases, the existing error message is probably | |
761 | sufficient. */ | |
762 | ||
763 | if (filtertype == FILTER_UNSET) return DEFER; | |
764 | ||
765 | /* If it was a filter and skip_syntax_errors is set, we want to set up | |
766 | the error message so that it can be logged and mailed to somebody. */ | |
767 | ||
768 | if (filtertype != FILTER_FORWARD && ob->skip_syntax_errors) | |
769 | { | |
770 | eblock = store_get(sizeof(error_block)); | |
771 | eblock->next = NULL; | |
772 | eblock->text1 = addr->message; | |
773 | eblock->text2 = NULL; | |
774 | addr->message = addr->user_message = NULL; | |
775 | } | |
776 | ||
777 | /* Otherwise set up the error for the address and defer. */ | |
778 | ||
779 | else | |
780 | { | |
781 | addr->basic_errno = ERRNO_BADREDIRECT; | |
782 | addr->message = string_sprintf("error in %s %s: %s", | |
783 | (filtertype != FILTER_FORWARD)? "filter" : "redirect", | |
784 | (ob->data == NULL)? "file" : "data", | |
785 | addr->message); | |
786 | return DEFER; | |
787 | } | |
788 | } | |
789 | ||
790 | ||
791 | /* Yield is either FF_DELIVERED (significant action) or FF_NOTDELIVERED (no | |
792 | significant action). Before dealing with these, however, we must handle the | |
793 | effect of skip_syntax_errors. | |
794 | ||
795 | If skip_syntax_errors was set and there were syntax errors in an address list, | |
796 | error messages will be present in eblock. Log them and send a message if so | |
797 | configured. We cannot do this earlier, because the error message must not be | |
798 | sent as the local user. If there were no valid addresses, generated will be | |
799 | NULL. In this case, the router declines. | |
800 | ||
801 | For a filter file, the error message has been fudged into an eblock. After | |
802 | dealing with it, the router declines. */ | |
803 | ||
804 | if (eblock != NULL) | |
805 | { | |
806 | if (!moan_skipped_syntax_errors( | |
fd6de02e PH |
807 | rblock->name, /* For message content */ |
808 | eblock, /* Ditto */ | |
809 | (verify != v_none || address_test_mode)? | |
810 | NULL : ob->syntax_errors_to, /* Who to mail */ | |
811 | generated != NULL, /* True if not all failed */ | |
812 | ob->syntax_errors_text)) /* Custom message */ | |
0756eb3c PH |
813 | return DEFER; |
814 | ||
815 | if (filtertype != FILTER_FORWARD || generated == NULL) | |
816 | { | |
817 | addr->message = US"syntax error in redirection data"; | |
818 | return DECLINE; | |
819 | } | |
820 | } | |
821 | ||
822 | /* Sort out the errors address and any header modifications, and handle the | |
823 | generated addresses, if any. If there are no generated addresses, we must avoid | |
824 | calling sort_errors_and_headers() in case this router declines - that function | |
825 | may modify the errors_address field in the current address, and we don't want | |
826 | to do that for a decline. */ | |
827 | ||
828 | if (generated != NULL) | |
829 | { | |
830 | if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK) | |
831 | return xrc; | |
832 | add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw); | |
833 | } | |
834 | ||
835 | /* FF_DELIVERED with no generated addresses is what we get when an address list | |
836 | contains :blackhole: or a filter contains "seen finish" without having | |
837 | generated anything. Log what happened to this address, and return DISCARD. */ | |
838 | ||
839 | if (frc == FF_DELIVERED) | |
840 | { | |
fd6de02e | 841 | if (generated == NULL && verify == v_none && !address_test_mode) |
0756eb3c PH |
842 | { |
843 | log_write(0, LOG_MAIN, "=> %s <%s> R=%s", discarded, addr->address, | |
844 | rblock->name); | |
845 | yield = DISCARD; | |
846 | } | |
847 | } | |
848 | ||
849 | /* For an address list, FF_NOTDELIVERED always means that no addresses were | |
850 | generated. For a filter, addresses may or may not have been generated. If none | |
851 | were, it's the same as an empty address list, and the router declines. However, | |
852 | if addresses were generated, we can't just decline because successful delivery | |
853 | of the base address gets it marked "done", so deferred generated addresses | |
854 | never get tried again. We have to generate a new version of the base address, | |
855 | as if there were a "deliver" command in the filter file, with the original | |
856 | address as parent. */ | |
857 | ||
858 | else | |
859 | { | |
860 | address_item *next; | |
861 | ||
862 | if (generated == NULL) return DECLINE; | |
863 | ||
864 | next = deliver_make_addr(addr->address, FALSE); | |
865 | next->parent = addr; | |
866 | addr->child_count++; | |
867 | next->next = *addr_new; | |
868 | *addr_new = next; | |
869 | ||
870 | /* Copy relevant flags (af_propagate is a name for the set), and set the | |
871 | data that propagates. */ | |
872 | ||
873 | copyflag(next, addr, af_propagate); | |
874 | next->p = addr_prop; | |
875 | ||
876 | DEBUG(D_route) debug_printf("%s router autogenerated %s\n%s%s%s", | |
877 | rblock->name, | |
878 | next->address, | |
879 | (addr_prop.errors_address != NULL)? " errors to " : "", | |
880 | (addr_prop.errors_address != NULL)? addr_prop.errors_address : US"", | |
881 | (addr_prop.errors_address != NULL)? "\n" : ""); | |
882 | } | |
883 | ||
884 | /* Control gets here only when the address has been completely handled. Put the | |
885 | original address onto the succeed queue so that any retry items that get | |
886 | attached to it get processed. */ | |
887 | ||
888 | addr->next = *addr_succeed; | |
889 | *addr_succeed = addr; | |
890 | ||
891 | return yield; | |
892 | } | |
893 | ||
894 | /* End of routers/redirect.c */ |