projects / exim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Move DSN support to mainline
[exim.git] / src / src / spool_in.c
CommitLineData
059ec3d9
PH		 1/*************************************************
2* Exim - an Internet mail transport agent *
3*************************************************/
4
c4ceed07 5/* Copyright (c) University of Cambridge 1995 - 2012 */
059ec3d9
PH		 6/* See the file NOTICE for conditions of use and distribution. */
7
8/* Functions for reading spool files. When compiling for a utility (eximon),
9not all are needed, and some functionality can be cut out. */
10
11
12#include "exim.h"
13
14
15
16#ifndef COMPILE_UTILITY
17/*************************************************
18* Open and lock data file *
19*************************************************/
20
21/* The data file is the one that is used for locking, because the header file
22can get replaced during delivery because of header rewriting. The file has
23to opened with write access so that we can get an exclusive lock, but in
24fact it won't be written to. Just in case there's a major disaster (e.g.
25overwriting some other file descriptor with the value of this one), open it
26with append.
27
28Argument: the id of the message
29Returns: TRUE if file successfully opened and locked
30
31Side effect: deliver_datafile is set to the fd of the open file.
32*/
33
34BOOL
35spool_open_datafile(uschar *id)
36{
37int i;
38struct stat statbuf;
39flock_t lock_data;
40uschar spoolname[256];
41
42/* If split_spool_directory is set, first look for the file in the appropriate
43sub-directory of the input directory. If it is not found there, try the input
44directory itself, to pick up leftovers from before the splitting. If split_
45spool_directory is not set, first look in the main input directory. If it is
46not found there, try the split sub-directory, in case it is left over from a
47splitting state. */
48
49for (i = 0; i < 2; i++)
50 {
51 int save_errno;
52 message_subdir[0] = (split_spool_directory == (i == 0))? id[5] : 0;
53 sprintf(CS spoolname, "%s/input/%s/%s-D", spool_directory, message_subdir, id);
54 deliver_datafile = Uopen(spoolname, O_RDWR | O_APPEND, 0);
55 if (deliver_datafile >= 0) break;
56 save_errno = errno;
57 if (errno == ENOENT)
58 {
59 if (i == 0) continue;
60 if (!queue_running)
61 log_write(0, LOG_MAIN, "Spool file %s-D not found", id);
62 }
63 else log_write(0, LOG_MAIN, "Spool error for %s: %s", spoolname,
64 strerror(errno));
65 errno = save_errno;
66 return FALSE;
67 }
68
69/* File is open and message_subdir is set. Set the close-on-exec flag, and lock
70the file. We lock only the first line of the file (containing the message ID)
71because this apparently is needed for running Exim under Cygwin. If the entire
72file is locked in one process, a sub-process cannot access it, even when passed
73an open file descriptor (at least, I think that's the Cygwin story). On real
74Unix systems it doesn't make any difference as long as Exim is consistent in
75what it locks. */
76
ff790e47 77(void)fcntl(deliver_datafile, F_SETFD, fcntl(deliver_datafile, F_GETFD) |
059ec3d9
PH		 78 FD_CLOEXEC);
79
80lock_data.l_type = F_WRLCK;
81lock_data.l_whence = SEEK_SET;
82lock_data.l_start = 0;
83lock_data.l_len = SPOOL_DATA_START_OFFSET;
84
85if (fcntl(deliver_datafile, F_SETLK, &lock_data) < 0)
86 {
87 log_write(L_skip_delivery,
88 LOG_MAIN,
89 "Spool file is locked (another process is handling this message)");
f1e894f3 90 (void)close(deliver_datafile);
059ec3d9
PH		 91 deliver_datafile = -1;
92 errno = 0;
93 return FALSE;
94 }
95
96/* Get the size of the data; don't include the leading filename line
97in the count, but add one for the newline before the data. */
98
99if (fstat(deliver_datafile, &statbuf) == 0)
100 {
101 message_body_size = statbuf.st_size - SPOOL_DATA_START_OFFSET;
102 message_size = message_body_size + 1;
103 }
104
105return TRUE;
106}
107#endif /* COMPILE_UTILITY */
108
109
110
111/*************************************************
112* Read non-recipients tree from spool file *
113*************************************************/
114
115/* The tree of non-recipients is written to the spool file in a form that
116makes it easy to read back into a tree. The format is as follows:
117
118 . Each node is preceded by two letter(Y/N) indicating whether it has left
119 or right children. There's one space after the two flags, before the name.
120
121 . The left subtree (if any) then follows, then the right subtree (if any).
122
123This function is entered with the next input line in the buffer. Note we must
124save the right flag before recursing with the same buffer.
125
126Once the tree is read, we re-construct the balance fields by scanning the tree.
127I forgot to write them out originally, and the compatible fix is to do it this
128way. This initial local recursing function does the necessary.
129
130Arguments:
131 node tree node
132
133Returns: maximum depth below the node, including the node itself
134*/
135
136static int
137count_below(tree_node *node)
138{
139int nleft, nright;
140if (node == NULL) return 0;
141nleft = count_below(node->left);
142nright = count_below(node->right);
143node->balance = (nleft > nright)? 1 : ((nright > nleft)? 2 : 0);
144return 1 + ((nleft > nright)? nleft : nright);
145}
146
147/* This is the real function...
148
149Arguments:
150 connect pointer to the root of the tree
151 f FILE to read data from
152 buffer contains next input line; further lines read into it
153 buffer_size size of the buffer
154
155Returns: FALSE on format error
156*/
157
158static BOOL
159read_nonrecipients_tree(tree_node **connect, FILE *f, uschar *buffer,
160 int buffer_size)
161{
162tree_node *node;
163int n = Ustrlen(buffer);
164BOOL right = buffer[1] == 'Y';
165
166if (n < 5) return FALSE; /* malformed line */
167buffer[n-1] = 0; /* Remove \n */
168node = store_get(sizeof(tree_node) + n - 3);
169*connect = node;
170Ustrcpy(node->name, buffer + 3);
171node->data.ptr = NULL;
172
173if (buffer[0] == 'Y')
174 {
175 if (Ufgets(buffer, buffer_size, f) == NULL ||
176 !read_nonrecipients_tree(&node->left, f, buffer, buffer_size))
177 return FALSE;
178 }
179else node->left = NULL;
180
181if (right)
182 {
183 if (Ufgets(buffer, buffer_size, f) == NULL ||
184 !read_nonrecipients_tree(&node->right, f, buffer, buffer_size))
185 return FALSE;
186 }
187else node->right = NULL;
188
189(void) count_below(*connect);
190return TRUE;
191}
192
193
194
195
196/*************************************************
197* Read spool header file *
198*************************************************/
199
200/* This function reads a spool header file and places the data into the
201appropriate global variables. The header portion is always read, but header
202structures are built only if read_headers is set true. It isn't, for example,
203while generating -bp output.
204
205It may be possible for blocks of nulls (binary zeroes) to get written on the
206end of a file if there is a system crash during writing. It was observed on an
207earlier version of Exim that omitted to fsync() the files - this is thought to
208have been the cause of that incident, but in any case, this code must be robust
209against such an event, and if such a file is encountered, it must be treated as
210malformed.
211
212Arguments:
213 name name of the header file, including the -H
214 read_headers TRUE if in-store header structures are to be built
215 subdir_set TRUE is message_subdir is already set
216
217Returns: spool_read_OK success
218 spool_read_notopen open failed
219 spool_read_enverror error in the envelope portion
220 spool_read_hdrdrror error in the header portion
221*/
222
223int
224spool_read_header(uschar *name, BOOL read_headers, BOOL subdir_set)
225{
226FILE *f = NULL;
227int n;
228int rcount = 0;
229long int uid, gid;
230BOOL inheader = FALSE;
1e70f85b 231uschar *p;
059ec3d9
PH		 232
233/* Reset all the global variables to their default values. However, there is
234one exception. DO NOT change the default value of dont_deliver, because it may
235be forced by an external setting. */
236
38a0a95f 237acl_var_c = acl_var_m = NULL;
059ec3d9
PH		 238authenticated_id = NULL;
239authenticated_sender = NULL;
240allow_unqualified_recipient = FALSE;
241allow_unqualified_sender = FALSE;
242body_linecount = 0;
243body_zerocount = 0;
244deliver_firsttime = FALSE;
245deliver_freeze = FALSE;
246deliver_frozen_at = 0;
247deliver_manual_thaw = FALSE;
248/* dont_deliver must NOT be reset */
249header_list = header_last = NULL;
b08b24c8 250host_lookup_deferred = FALSE;
059ec3d9
PH		 251host_lookup_failed = FALSE;
252interface_address = NULL;
253interface_port = 0;
254local_error_message = FALSE;
255local_scan_data = NULL;
d677b2f2 256max_received_linelength = 0;
059ec3d9
PH		 257message_linecount = 0;
258received_protocol = NULL;
259received_count = 0;
260recipients_list = NULL;
261sender_address = NULL;
262sender_fullhost = NULL;
263sender_helo_name = NULL;
264sender_host_address = NULL;
265sender_host_name = NULL;
266sender_host_port = 0;
267sender_host_authenticated = NULL;
268sender_ident = NULL;
269sender_local = FALSE;
270sender_set_untrusted = FALSE;
1f5b4c3d 271smtp_active_hostname = primary_hostname;
059ec3d9
PH		 272tree_nonrecipients = NULL;
273
8523533c
TK		 274#ifdef EXPERIMENTAL_BRIGHTMAIL
275bmi_run = 0;
276bmi_verdicts = NULL;
277#endif
278
80a47a2c 279#ifndef DISABLE_DKIM
9e5d6b55 280dkim_signers = NULL;
80a47a2c
TK		 281dkim_disable_verify = FALSE;
282dkim_collect_input = FALSE;
f7572e5a
TK		 283#endif
284
059ec3d9 285#ifdef SUPPORT_TLS
817d9f57 286tls_in.certificate_verified = FALSE;
53a7196b
JH		 287# ifdef EXPERIMENTAL_DANE
288tls_in.dane_verified = FALSE;
289# endif
817d9f57 290tls_in.cipher = NULL;
9d1c15ef
JH		 291tls_in.ourcert = NULL;
292tls_in.peercert = NULL;
817d9f57
JH		 293tls_in.peerdn = NULL;
294tls_in.sni = NULL;
44662487 295tls_in.ocsp = OCSP_NOT_REQ;
7be682ca 296#endif
059ec3d9 297
8523533c 298#ifdef WITH_CONTENT_SCAN
8523533c
TK		 299spam_score_int = NULL;
300#endif
301
6c1c3d1d
WB		 302dsn_ret = 0;
303dsn_envid = NULL;
6c1c3d1d 304
059ec3d9
PH		 305/* Generate the full name and open the file. If message_subdir is already
306set, just look in the given directory. Otherwise, look in both the split
307and unsplit directories, as for the data file above. */
308
309for (n = 0; n < 2; n++)
310 {
311 if (!subdir_set)
312 message_subdir[0] = (split_spool_directory == (n == 0))? name[5] : 0;
313 sprintf(CS big_buffer, "%s/input/%s/%s", spool_directory, message_subdir,
314 name);
315 f = Ufopen(big_buffer, "rb");
316 if (f != NULL) break;
317 if (n != 0 || subdir_set || errno != ENOENT) return spool_read_notopen;
318 }
319
320errno = 0;
321
322#ifndef COMPILE_UTILITY
323DEBUG(D_deliver) debug_printf("reading spool file %s\n", name);
324#endif /* COMPILE_UTILITY */
325
326/* The first line of a spool file contains the message id followed by -H (i.e.
327the file name), in order to make the file self-identifying. */
328
329if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
330if (Ustrlen(big_buffer) != MESSAGE_ID_LENGTH + 3 ||
331 Ustrncmp(big_buffer, name, MESSAGE_ID_LENGTH + 2) != 0)
332 goto SPOOL_FORMAT_ERROR;
333
334/* The next three lines in the header file are in a fixed format. The first
335contains the login, uid, and gid of the user who caused the file to be written.
ebb6e6d5
PH		 336There are known cases where a negative gid is used, so we allow for both
337negative uids and gids. The second contains the mail address of the message's
338sender, enclosed in <>. The third contains the time the message was received,
339and the number of warning messages for delivery delays that have been sent. */
059ec3d9
PH		 340
341if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
342
1e70f85b
PH		 343p = big_buffer + Ustrlen(big_buffer);
344while (p > big_buffer && isspace(p[-1])) p--;
345*p = 0;
346if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
ebb6e6d5 347while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
1e70f85b
PH		 348gid = Uatoi(p);
349if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
350*p = 0;
351if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
ebb6e6d5 352while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
1e70f85b
PH		 353uid = Uatoi(p);
354if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
355*p = 0;
8e669ac1 356
1e70f85b 357originator_login = string_copy(big_buffer);
059ec3d9
PH		 358originator_uid = (uid_t)uid;
359originator_gid = (gid_t)gid;
360
e91ad4a7 361/* envelope from */
059ec3d9
PH		 362if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
363n = Ustrlen(big_buffer);
364if (n < 3 || big_buffer[0] != '<' || big_buffer[n-2] != '>')
365 goto SPOOL_FORMAT_ERROR;
366
367sender_address = store_get(n-2);
368Ustrncpy(sender_address, big_buffer+1, n-3);
369sender_address[n-3] = 0;
370
e91ad4a7 371/* time */
059ec3d9
PH		 372if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
373if (sscanf(CS big_buffer, "%d %d", &received_time, &warning_count) != 2)
374 goto SPOOL_FORMAT_ERROR;
375
376message_age = time(NULL) - received_time;
377
378#ifndef COMPILE_UTILITY
379DEBUG(D_deliver) debug_printf("user=%s uid=%ld gid=%ld sender=%s\n",
380 originator_login, (long int)originator_uid, (long int)originator_gid,
381 sender_address);
382#endif /* COMPILE_UTILITY */
383
08955dd3
PH		 384/* Now there may be a number of optional lines, each starting with "-". If you
385add a new setting here, make sure you set the default above.
059ec3d9 386
08955dd3
PH		 387Because there are now quite a number of different possibilities, we use a
388switch on the first character to avoid too many failing tests. Thanks to Nico
389Erfurth for the patch that implemented this. I have made it even more efficient
390by not re-scanning the first two characters.
391
392To allow new versions of Exim that add additional flags to interwork with older
393versions that do not understand them, just ignore any lines starting with "-"
394that we don't recognize. Otherwise it wouldn't be possible to back off a new
395version that left new-style flags written on the spool. */
396
397p = big_buffer + 2;
059ec3d9
PH		 398for (;;)
399 {
e91ad4a7 400 int len;
059ec3d9
PH		 401 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
402 if (big_buffer[0] != '-') break;
e91ad4a7
JH		 403 while ( (len = Ustrlen(big_buffer)) == big_buffer_size-1
404 && big_buffer[len-1] != '\n'
405 )
406 { /* buffer not big enough for line; certs make this possible */
407 uschar * buf;
408 if (big_buffer_size >= BIG_BUFFER_SIZE*4) goto SPOOL_READ_ERROR;
409 buf = store_get_perm(big_buffer_size *= 2);
410 memcpy(buf, big_buffer, --len);
411 big_buffer = buf;
412 if (Ufgets(big_buffer+len, big_buffer_size-len, f) == NULL)
413 goto SPOOL_READ_ERROR;
414 }
415 big_buffer[len-1] = 0;
47ca6d6c 416
08955dd3 417 switch(big_buffer[1])
059ec3d9 418 {
08955dd3
PH		 419 case 'a':
420
421 /* Nowadays we use "-aclc" and "-aclm" for the different types of ACL
422 variable, because Exim allows any number of them, with arbitrary names.
423 The line in the spool file is "-acl[cm] <name> <length>". The name excludes
424 the c or m. */
425
426 if (Ustrncmp(p, "clc ", 4) == 0 ||
427 Ustrncmp(p, "clm ", 4) == 0)
428 {
429 uschar *name, *endptr;
430 int count;
431 tree_node *node;
432 endptr = Ustrchr(big_buffer + 6, ' ');
433 if (endptr == NULL) goto SPOOL_FORMAT_ERROR;
434 name = string_sprintf("%c%.*s", big_buffer[4], endptr - big_buffer - 6,
435 big_buffer + 6);
436 if (sscanf(CS endptr, " %d", &count) != 1) goto SPOOL_FORMAT_ERROR;
437 node = acl_var_create(name);
438 node->data.ptr = store_get(count + 1);
439 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
440 ((uschar*)node->data.ptr)[count] = 0;
441 }
442
443 else if (Ustrcmp(p, "llow_unqualified_recipient") == 0)
444 allow_unqualified_recipient = TRUE;
445 else if (Ustrcmp(p, "llow_unqualified_sender") == 0)
446 allow_unqualified_sender = TRUE;
447
448 else if (Ustrncmp(p, "uth_id", 6) == 0)
449 authenticated_id = string_copy(big_buffer + 9);
450 else if (Ustrncmp(p, "uth_sender", 10) == 0)
451 authenticated_sender = string_copy(big_buffer + 13);
452 else if (Ustrncmp(p, "ctive_hostname", 14) == 0)
453 smtp_active_hostname = string_copy(big_buffer + 17);
454
455 /* For long-term backward compatibility, we recognize "-acl", which was
456 used before the number of ACL variables changed from 10 to 20. This was
457 before the subsequent change to an arbitrary number of named variables.
458 This code is retained so that upgrades from very old versions can still
459 handle old-format spool files. The value given after "-acl" is a number
460 that is 0-9 for connection variables, and 10-19 for message variables. */
461
462 else if (Ustrncmp(p, "cl ", 3) == 0)
463 {
464 int index, count;
8dce1a6f 465 uschar name[20]; /* Need plenty of space for %d format */
08955dd3
PH		 466 tree_node *node;
467 if (sscanf(CS big_buffer + 5, "%d %d", &index, &count) != 2)
468 goto SPOOL_FORMAT_ERROR;
8dce1a6f
PH		 469 if (index < 10)
470 (void) string_format(name, sizeof(name), "%c%d", 'c', index);
471 else if (index < 20) /* ignore out-of-range index */
472 (void) string_format(name, sizeof(name), "%c%d", 'm', index - 10);
08955dd3
PH		 473 node = acl_var_create(name);
474 node->data.ptr = store_get(count + 1);
475 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
476 ((uschar*)node->data.ptr)[count] = 0;
477 }
478 break;
479
480 case 'b':
481 if (Ustrncmp(p, "ody_linecount", 13) == 0)
482 body_linecount = Uatoi(big_buffer + 15);
483 else if (Ustrncmp(p, "ody_zerocount", 13) == 0)
484 body_zerocount = Uatoi(big_buffer + 15);
e91ad4a7 485#ifdef EXPERIMENTAL_BRIGHTMAIL
08955dd3
PH		 486 else if (Ustrncmp(p, "mi_verdicts ", 12) == 0)
487 bmi_verdicts = string_copy(big_buffer + 14);
e91ad4a7 488#endif
08955dd3
PH		 489 break;
490
491 case 'd':
492 if (Ustrcmp(p, "eliver_firsttime") == 0)
493 deliver_firsttime = TRUE;
6c1c3d1d
WB		 494 /* Check if the dsn flags have been set in the header file */
495 else if (Ustrncmp(p, "sn_ret", 6) == 0)
45500060 496 dsn_ret= atoi(CS big_buffer + 8);
6c1c3d1d 497 else if (Ustrncmp(p, "sn_envid", 8) == 0)
6c1c3d1d 498 dsn_envid = string_copy(big_buffer + 11);
08955dd3
PH		 499 break;
500
501 case 'f':
502 if (Ustrncmp(p, "rozen", 5) == 0)
503 {
504 deliver_freeze = TRUE;
85098ee7 505 sscanf(CS big_buffer+7, TIME_T_FMT, &deliver_frozen_at);
08955dd3
PH		 506 }
507 break;
508
509 case 'h':
510 if (Ustrcmp(p, "ost_lookup_deferred") == 0)
511 host_lookup_deferred = TRUE;
512 else if (Ustrcmp(p, "ost_lookup_failed") == 0)
513 host_lookup_failed = TRUE;
514 else if (Ustrncmp(p, "ost_auth", 8) == 0)
515 sender_host_authenticated = string_copy(big_buffer + 11);
516 else if (Ustrncmp(p, "ost_name", 8) == 0)
517 sender_host_name = string_copy(big_buffer + 11);
518 else if (Ustrncmp(p, "elo_name", 8) == 0)
519 sender_helo_name = string_copy(big_buffer + 11);
520
521 /* We now record the port number after the address, separated by a
522 dot. For compatibility during upgrading, do nothing if there
523 isn't a value (it gets left at zero). */
524
525 else if (Ustrncmp(p, "ost_address", 11) == 0)
526 {
527 sender_host_port = host_address_extract_port(big_buffer + 14);
528 sender_host_address = string_copy(big_buffer + 14);
529 }
530 break;
531
532 case 'i':
533 if (Ustrncmp(p, "nterface_address", 16) == 0)
534 {
535 interface_port = host_address_extract_port(big_buffer + 19);
536 interface_address = string_copy(big_buffer + 19);
537 }
538 else if (Ustrncmp(p, "dent", 4) == 0)
539 sender_ident = string_copy(big_buffer + 7);
540 break;
541
542 case 'l':
543 if (Ustrcmp(p, "ocal") == 0) sender_local = TRUE;
544 else if (Ustrcmp(big_buffer, "-localerror") == 0)
545 local_error_message = TRUE;
546 else if (Ustrncmp(p, "ocal_scan ", 10) == 0)
547 local_scan_data = string_copy(big_buffer + 12);
548 break;
549
550 case 'm':
551 if (Ustrcmp(p, "anual_thaw") == 0) deliver_manual_thaw = TRUE;
d677b2f2
PH		 552 else if (Ustrncmp(p, "ax_received_linelength", 22) == 0)
553 max_received_linelength = Uatoi(big_buffer + 24);
08955dd3
PH		 554 break;
555
556 case 'N':
557 if (*p == 0) dont_deliver = TRUE; /* -N */
558 break;
559
560 case 'r':
561 if (Ustrncmp(p, "eceived_protocol", 16) == 0)
562 received_protocol = string_copy(big_buffer + 19);
563 break;
564
565 case 's':
566 if (Ustrncmp(p, "ender_set_untrusted", 19) == 0)
567 sender_set_untrusted = TRUE;
e91ad4a7 568#ifdef WITH_CONTENT_SCAN
08955dd3
PH		 569 else if (Ustrncmp(p, "pam_score_int ", 14) == 0)
570 spam_score_int = string_copy(big_buffer + 16);
e91ad4a7 571#endif
08955dd3
PH		 572 break;
573
e91ad4a7 574#ifdef SUPPORT_TLS
08955dd3
PH		 575 case 't':
576 if (Ustrncmp(p, "ls_certificate_verified", 23) == 0)
817d9f57 577 tls_in.certificate_verified = TRUE;
08955dd3 578 else if (Ustrncmp(p, "ls_cipher", 9) == 0)
817d9f57 579 tls_in.cipher = string_copy(big_buffer + 12);
e91ad4a7 580# ifndef COMPILE_UTILITY /* tls support fns not built in */
9d1c15ef
JH		 581 else if (Ustrncmp(p, "ls_ourcert", 10) == 0)
582 (void) tls_import_cert(big_buffer + 13, &tls_in.ourcert);
583 else if (Ustrncmp(p, "ls_peercert", 11) == 0)
584 (void) tls_import_cert(big_buffer + 14, &tls_in.peercert);
e91ad4a7 585# endif
08955dd3 586 else if (Ustrncmp(p, "ls_peerdn", 9) == 0)
817d9f57 587 tls_in.peerdn = string_unprinting(string_copy(big_buffer + 12));
7be682ca 588 else if (Ustrncmp(p, "ls_sni", 6) == 0)
817d9f57 589 tls_in.sni = string_unprinting(string_copy(big_buffer + 9));
44662487
JH		 590 else if (Ustrncmp(p, "ls_ocsp", 7) == 0)
591 tls_in.ocsp = big_buffer[10] - '0';
08955dd3 592 break;
e91ad4a7 593#endif
08955dd3
PH		 594
595 default: /* Present because some compilers complain if all */
596 break; /* possibilities are not covered. */
059ec3d9 597 }
059ec3d9
PH		 598 }
599
600/* Build sender_fullhost if required */
601
602#ifndef COMPILE_UTILITY
603host_build_sender_fullhost();
604#endif /* COMPILE_UTILITY */
605
606#ifndef COMPILE_UTILITY
607DEBUG(D_deliver)
608 debug_printf("sender_local=%d ident=%s\n", sender_local,
609 (sender_ident == NULL)? US"unset" : sender_ident);
610#endif /* COMPILE_UTILITY */
611
612/* We now have the tree of addresses NOT to deliver to, or a line
613containing "XX", indicating no tree. */
614
615if (Ustrncmp(big_buffer, "XX\n", 3) != 0 &&
616 !read_nonrecipients_tree(&tree_nonrecipients, f, big_buffer, big_buffer_size))
617 goto SPOOL_FORMAT_ERROR;
618
619#ifndef COMPILE_UTILITY
620DEBUG(D_deliver)
621 {
622 debug_printf("Non-recipients:\n");
623 debug_print_tree(tree_nonrecipients);
624 }
625#endif /* COMPILE_UTILITY */
626
627/* After reading the tree, the next line has not yet been read into the
628buffer. It contains the count of recipients which follow on separate lines. */
629
630if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
631if (sscanf(CS big_buffer, "%d", &rcount) != 1) goto SPOOL_FORMAT_ERROR;
632
633#ifndef COMPILE_UTILITY
634DEBUG(D_deliver) debug_printf("recipients_count=%d\n", rcount);
635#endif /* COMPILE_UTILITY */
636
637recipients_list_max = rcount;
638recipients_list = store_get(rcount * sizeof(recipient_item));
639
640for (recipients_count = 0; recipients_count < rcount; recipients_count++)
641 {
642 int nn;
643 int pno = -1;
6c1c3d1d
WB		 644 int dsn_flags = 0;
645 uschar *orcpt = NULL;
059ec3d9
PH		 646 uschar *errors_to = NULL;
647 uschar *p;
648
649 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
650 nn = Ustrlen(big_buffer);
651 if (nn < 2) goto SPOOL_FORMAT_ERROR;
652
653 /* Remove the newline; this terminates the address if there is no additional
654 data on the line. */
655
656 p = big_buffer + nn - 1;
657 *p-- = 0;
658
659 /* Look back from the end of the line for digits and special terminators.
660 Since an address must end with a domain, we can tell that extra data is
661 present by the presence of the terminator, which is always some character
662 that cannot exist in a domain. (If I'd thought of the need for additional
663 data early on, I'd have put it at the start, with the address at the end. As
664 it is, we have to operate backwards. Addresses are permitted to contain
665 spaces, you see.)
666
667 This code has to cope with various versions of this data that have evolved
668 over time. In all cases, the line might just contain an address, with no
669 additional data. Otherwise, the possibilities are as follows:
670
671 Exim 3 type: <address><space><digits>,<digits>,<digits>
672
673 The second set of digits is the parent number for one_time addresses. The
674 other values were remnants of earlier experiments that were abandoned.
675
676 Exim 4 first type: <address><space><digits>
677
678 The digits are the parent number for one_time addresses.
679
680 Exim 4 new type: <address><space><data>#<type bits>
681
682 The type bits indicate what the contents of the data are.
683
684 Bit 01 indicates that, reading from right to left, the data
685 ends with <errors_to address><space><len>,<pno> where pno is
686 the parent number for one_time addresses, and len is the length
687 of the errors_to address (zero meaning none).
6c1c3d1d
WB		 688
689 Bit 02 indicates that, again reading from right to left, the data continues
690 with orcpt len(orcpt),dsn_flags
059ec3d9
PH		 691 */
692
693 while (isdigit(*p)) p--;
694
695 /* Handle Exim 3 spool files */
696
697 if (*p == ',')
698 {
699 int dummy;
700 while (isdigit(*(--p)) || *p == ',');
701 if (*p == ' ')
702 {
703 *p++ = 0;
ff790e47 704 (void)sscanf(CS p, "%d,%d", &dummy, &pno);
059ec3d9
PH		 705 }
706 }
707
708 /* Handle early Exim 4 spool files */
709
710 else if (*p == ' ')
711 {
712 *p++ = 0;
ff790e47 713 (void)sscanf(CS p, "%d", &pno);
059ec3d9
PH		 714 }
715
716 /* Handle current format Exim 4 spool files */
717
718 else if (*p == '#')
719 {
720 int flags;
6c1c3d1d 721
50dc7409 722#if !defined (COMPILE_UTILITY)
e91ad4a7
JH		 723 DEBUG(D_deliver) debug_printf("**** SPOOL_IN - Exim 4 standard format spoolfile\n");
724#endif
6c1c3d1d 725
ff790e47 726 (void)sscanf(CS p+1, "%d", &flags);
059ec3d9
PH		 727
728 if ((flags & 0x01) != 0) /* one_time data exists */
729 {
730 int len;
731 while (isdigit(*(--p)) || *p == ',' || *p == '-');
ff790e47 732 (void)sscanf(CS p+1, "%d,%d", &len, &pno);
059ec3d9
PH		 733 *p = 0;
734 if (len > 0)
735 {
736 p -= len;
737 errors_to = string_copy(p);
6c1c3d1d
WB		 738 }
739 }
740
741 *(--p) = 0; /* Terminate address */
6c1c3d1d
WB		 742 if ((flags & 0x02) != 0) /* one_time data exists */
743 {
744 int len;
745 while (isdigit(*(--p)) || *p == ',' || *p == '-');
746 (void)sscanf(CS p+1, "%d,%d", &len, &dsn_flags);
747 *p = 0;
748 if (len > 0)
749 {
750 p -= len;
751 orcpt = string_copy(p);
752 }
059ec3d9
PH		 753 }
754
755 *(--p) = 0; /* Terminate address */
6c1c3d1d 756 }
50dc7409 757#if !defined(COMPILE_UTILITY)
6c1c3d1d 758 else
e91ad4a7 759 { DEBUG(D_deliver) debug_printf("**** SPOOL_IN - No additional fields\n"); }
6c1c3d1d
WB		 760
761 if ((orcpt != NULL) || (dsn_flags != 0))
762 {
763 DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| orcpt: |%s| dsn_flags: %d\n",
764 big_buffer, orcpt, dsn_flags);
765 }
766 if (errors_to != NULL)
767 {
768 DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s|\n",
769 big_buffer, errors_to);
059ec3d9 770 }
50dc7409 771#endif
059ec3d9
PH		 772
773 recipients_list[recipients_count].address = string_copy(big_buffer);
774 recipients_list[recipients_count].pno = pno;
775 recipients_list[recipients_count].errors_to = errors_to;
6c1c3d1d
WB		 776 recipients_list[recipients_count].orcpt = orcpt;
777 recipients_list[recipients_count].dsn_flags = dsn_flags;
059ec3d9
PH		 778 }
779
780/* The remainder of the spool header file contains the headers for the message,
781separated off from the previous data by a blank line. Each header is preceded
782by a count of its length and either a certain letter (for various identified
783headers), space (for a miscellaneous live header) or an asterisk (for a header
784that has been rewritten). Count the Received: headers. We read the headers
785always, in order to check on the format of the file, but only create a header
786list if requested to do so. */
787
788inheader = TRUE;
789if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
790if (big_buffer[0] != '\n') goto SPOOL_FORMAT_ERROR;
791
792while ((n = fgetc(f)) != EOF)
793 {
794 header_line *h;
795 uschar flag[4];
796 int i;
797
798 if (!isdigit(n)) goto SPOOL_FORMAT_ERROR;
1ac6b2e7
JH		 799 if(ungetc(n, f) == EOF || fscanf(f, "%d%c ", &n, flag) == EOF)
800 goto SPOOL_READ_ERROR;
059ec3d9
PH		 801 if (flag[0] != '*') message_size += n; /* Omit non-transmitted headers */
802
803 if (read_headers)
804 {
805 h = store_get(sizeof(header_line));
806 h->next = NULL;
807 h->type = flag[0];
808 h->slen = n;
809 h->text = store_get(n+1);
810
811 if (h->type == htype_received) received_count++;
812
813 if (header_list == NULL) header_list = h;
814 else header_last->next = h;
815 header_last = h;
816
817 for (i = 0; i < n; i++)
818 {
819 int c = fgetc(f);
820 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
821 if (c == '\n' && h->type != htype_old) message_linecount++;
822 h->text[i] = c;
823 }
824 h->text[i] = 0;
825 }
826
827 /* Not requiring header data, just skip through the bytes */
828
829 else for (i = 0; i < n; i++)
830 {
831 int c = fgetc(f);
832 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
833 }
834 }
835
836/* We have successfully read the data in the header file. Update the message
837line count by adding the body linecount to the header linecount. Close the file
838and give a positive response. */
839
840#ifndef COMPILE_UTILITY
841DEBUG(D_deliver) debug_printf("body_linecount=%d message_linecount=%d\n",
842 body_linecount, message_linecount);
843#endif /* COMPILE_UTILITY */
844
845message_linecount += body_linecount;
846
847fclose(f);
848return spool_read_OK;
849
850
851/* There was an error reading the spool or there was missing data,
852or there was a format error. A "read error" with no errno means an
853unexpected EOF, which we treat as a format error. */
854
855SPOOL_READ_ERROR:
856if (errno != 0)
857 {
858 n = errno;
859
e91ad4a7 860#ifndef COMPILE_UTILITY
059ec3d9 861 DEBUG(D_any) debug_printf("Error while reading spool file %s\n", name);
e91ad4a7 862#endif /* COMPILE_UTILITY */
059ec3d9
PH		 863
864 fclose(f);
865 errno = n;
866 return inheader? spool_read_hdrerror : spool_read_enverror;
867 }
868
869SPOOL_FORMAT_ERROR:
870
871#ifndef COMPILE_UTILITY
872DEBUG(D_any) debug_printf("Format error in spool file %s\n", name);
873#endif /* COMPILE_UTILITY */
874
875fclose(f);
876errno = ERRNO_SPOOLFORMAT;
877return inheader? spool_read_hdrerror : spool_read_enverror;
878}
879
9d1c15ef
JH		 880/* vi: aw ai sw=2
881*/
059ec3d9 882/* End of spool_in.c */
Unnamed repository; edit this file 'description' to name the repository.