projects / exim.git / blob
? search:


65b5e40994cc75fed58eafcdc8595a2d031a4a5d
[exim.git] / src / src / routers / redirect.c
1 /* $Cambridge: exim/src/src/routers/redirect.c,v 1.7 2005/03/22 14:11:55 ph10 Exp $ */
2
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
6
7 /* Copyright (c) University of Cambridge 1995 - 2005 */
8 /* See the file NOTICE for conditions of use and distribution. */
9
10
11 #include "../exim.h"
12 #include "rf_functions.h"
13 #include "redirect.h"
14
15
16
17 /* Options specific to the redirect router. */
18
19 optionlist redirect_router_options[] = {
20 { "allow_defer", opt_bit | (RDON_DEFER << 16),
21 (void *)offsetof(redirect_router_options_block, bit_options) },
22 { "allow_fail", opt_bit | (RDON_FAIL << 16),
23 (void *)offsetof(redirect_router_options_block, bit_options) },
24 { "allow_filter", opt_bit | (RDON_FILTER << 16),
25 (void *)offsetof(redirect_router_options_block, bit_options) },
26 { "allow_freeze", opt_bit | (RDON_FREEZE << 16),
27 (void *)offsetof(redirect_router_options_block, bit_options) },
28 { "check_ancestor", opt_bool,
29 (void *)offsetof(redirect_router_options_block, check_ancestor) },
30 { "check_group", opt_bool,
31 (void *)offsetof(redirect_router_options_block, check_group) },
32 { "check_owner", opt_bool,
33 (void *)offsetof(redirect_router_options_block, check_owner) },
34 { "data", opt_stringptr,
35 (void *)offsetof(redirect_router_options_block, data) },
36 { "directory_transport",opt_stringptr,
37 (void *)offsetof(redirect_router_options_block, directory_transport_name) },
38 { "file", opt_stringptr,
39 (void *)offsetof(redirect_router_options_block, file) },
40 { "file_transport", opt_stringptr,
41 (void *)offsetof(redirect_router_options_block, file_transport_name) },
42 { "forbid_blackhole", opt_bit | (RDON_BLACKHOLE << 16),
43 (void *)offsetof(redirect_router_options_block, bit_options) },
44 { "forbid_exim_filter", opt_bit | (RDON_EXIM_FILTER << 16),
45 (void *)offsetof(redirect_router_options_block, bit_options) },
46 { "forbid_file", opt_bool,
47 (void *)offsetof(redirect_router_options_block, forbid_file) },
48 #ifdef EXPAND_DLFUNC
49 { "forbid_filter_dlfunc", opt_bit | (RDON_DLFUNC << 16),
50 (void *)offsetof(redirect_router_options_block, bit_options) },
51 #endif
52 { "forbid_filter_existstest", opt_bit | (RDON_EXISTS << 16),
53 (void *)offsetof(redirect_router_options_block, bit_options) },
54 { "forbid_filter_logwrite",opt_bit | (RDON_LOG << 16),
55 (void *)offsetof(redirect_router_options_block, bit_options) },
56 { "forbid_filter_lookup", opt_bit | (RDON_LOOKUP << 16),
57 (void *)offsetof(redirect_router_options_block, bit_options) },
58 #ifdef EXIM_PERL
59 { "forbid_filter_perl", opt_bit | (RDON_PERL << 16),
60 (void *)offsetof(redirect_router_options_block, bit_options) },
61 #endif
62 { "forbid_filter_readfile", opt_bit | (RDON_READFILE << 16),
63 (void *)offsetof(redirect_router_options_block, bit_options) },
64 { "forbid_filter_readsocket", opt_bit | (RDON_READSOCK << 16),
65 (void *)offsetof(redirect_router_options_block, bit_options) },
66 { "forbid_filter_reply",opt_bool,
67 (void *)offsetof(redirect_router_options_block, forbid_filter_reply) },
68 { "forbid_filter_run", opt_bit | (RDON_RUN << 16),
69 (void *)offsetof(redirect_router_options_block, bit_options) },
70 { "forbid_include", opt_bit | (RDON_INCLUDE << 16),
71 (void *)offsetof(redirect_router_options_block, bit_options) },
72 { "forbid_pipe", opt_bool,
73 (void *)offsetof(redirect_router_options_block, forbid_pipe) },
74 { "forbid_sieve_filter",opt_bit | (RDON_SIEVE_FILTER << 16),
75 (void *)offsetof(redirect_router_options_block, bit_options) },
76 { "hide_child_in_errmsg", opt_bool,
77 (void *)offsetof(redirect_router_options_block, hide_child_in_errmsg) },
78 { "ignore_eacces", opt_bit | (RDON_EACCES << 16),
79 (void *)offsetof(redirect_router_options_block, bit_options) },
80 { "ignore_enotdir", opt_bit | (RDON_ENOTDIR << 16),
81 (void *)offsetof(redirect_router_options_block, bit_options) },
82 { "include_directory", opt_stringptr,
83 (void *)offsetof(redirect_router_options_block, include_directory) },
84 { "modemask", opt_octint,
85 (void *)offsetof(redirect_router_options_block, modemask) },
86 { "one_time", opt_bool,
87 (void *)offsetof(redirect_router_options_block, one_time) },
88 { "owners", opt_uidlist,
89 (void *)offsetof(redirect_router_options_block, owners) },
90 { "owngroups", opt_gidlist,
91 (void *)offsetof(redirect_router_options_block, owngroups) },
92 { "pipe_transport", opt_stringptr,
93 (void *)offsetof(redirect_router_options_block, pipe_transport_name) },
94 { "qualify_domain", opt_stringptr,
95 (void *)offsetof(redirect_router_options_block, qualify_domain) },
96 { "qualify_preserve_domain", opt_bool,
97 (void *)offsetof(redirect_router_options_block, qualify_preserve_domain) },
98 { "repeat_use", opt_bool | opt_public,
99 (void *)offsetof(router_instance, repeat_use) },
100 { "reply_transport", opt_stringptr,
101 (void *)offsetof(redirect_router_options_block, reply_transport_name) },
102 { "rewrite", opt_bit | (RDON_REWRITE << 16),
103 (void *)offsetof(redirect_router_options_block, bit_options) },
104 { "sieve_vacation_directory", opt_stringptr,
105 (void *)offsetof(redirect_router_options_block, sieve_vacation_directory) },
106 { "skip_syntax_errors", opt_bool,
107 (void *)offsetof(redirect_router_options_block, skip_syntax_errors) },
108 #ifdef EXPERIMENTAL_SRS
109 { "srs", opt_stringptr,
110 (void *)offsetof(redirect_router_options_block, srs) },
111 { "srs_alias", opt_stringptr,
112 (void *)offsetof(redirect_router_options_block, srs_alias) },
113 { "srs_condition", opt_stringptr,
114 (void *)offsetof(redirect_router_options_block, srs_condition) },
115 { "srs_db", opt_stringptr,
116 (void *)offsetof(redirect_router_options_block, srs_db) },
117 #endif
118 { "syntax_errors_text", opt_stringptr,
119 (void *)offsetof(redirect_router_options_block, syntax_errors_text) },
120 { "syntax_errors_to", opt_stringptr,
121 (void *)offsetof(redirect_router_options_block, syntax_errors_to) }
122 };
123
124 /* Size of the options list. An extern variable has to be used so that its
125 address can appear in the tables drtables.c. */
126
127 int redirect_router_options_count =
128 sizeof(redirect_router_options)/sizeof(optionlist);
129
130 /* Default private options block for the redirect router. */
131
132 redirect_router_options_block redirect_router_option_defaults = {
133 NULL, /* directory_transport */
134 NULL, /* file_transport */
135 NULL, /* pipe_transport */
136 NULL, /* reply_transport */
137 NULL, /* data */
138 NULL, /* directory_transport_name */
139 NULL, /* file */
140 NULL, /* file_dir */
141 NULL, /* file_transport_name */
142 NULL, /* include_directory */
143 NULL, /* pipe_transport_name */
144 NULL, /* reply_transport_name */
145 NULL, /* sieve_vacation_directory */
146 NULL, /* syntax_errors_text */
147 NULL, /* syntax_errors_to */
148 NULL, /* qualify_domain */
149 NULL, /* owners */
150 NULL, /* owngroups */
151 #ifdef EXPERIMENTAL_SRS
152 NULL, /* srs */
153 NULL, /* srs_condition */
154 NULL, /* srs_db */
155 NULL, /* srs_alias */
156 #endif
157 022, /* modemask */
158 RDO_REWRITE, /* bit_options */
159 FALSE, /* check_ancestor */
160 TRUE_UNSET, /* check_owner */
161 TRUE_UNSET, /* check_group */
162 FALSE, /* forbid_file */
163 FALSE, /* forbid_filter_reply */
164 FALSE, /* forbid_pipe */
165 FALSE, /* hide_child_in_errmsg */
166 FALSE, /* one_time */
167 FALSE, /* qualify_preserve_domain */
168 FALSE /* skip_syntax_errors */
169 };
170
171
172
173 /*************************************************
174 * Initialization entry point *
175 *************************************************/
176
177 /* Called for each instance, after its options have been read, to enable
178 consistency checks to be done, or anything else that needs to be set up. */
179
180 void redirect_router_init(router_instance *rblock)
181 {
182 redirect_router_options_block *ob =
183 (redirect_router_options_block *)(rblock->options_block);
184
185 /* Either file or data must be set, but not both */
186
187 if ((ob->file == NULL) == (ob->data == NULL))
188 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
189 "%sone of \"file\" or \"data\" must be specified",
190 rblock->name, (ob->file == NULL)? "" : "only ");
191
192 /* Onetime aliases can only be real addresses. Headers can't be manipulated.
193 The combination of one_time and unseen is not allowed. We can't check the
194 expansion of "unseen" here, but we assume that if it is set to anything other
195 than false, there is likely to be a problem. */
196
197 if (ob->one_time)
198 {
199 ob->forbid_pipe = ob->forbid_file = ob->forbid_filter_reply = TRUE;
200 if (rblock->extra_headers != NULL || rblock->remove_headers != NULL)
201 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
202 "\"headers_add\" and \"headers_remove\" are not permitted with "
203 "\"one_time\"", rblock->name);
204 if (rblock->unseen || rblock->expand_unseen != NULL)
205 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
206 "\"unseen\" may not be used with \"one_time\"", rblock->name);
207 }
208
209 /* The defaults for check_owner and check_group depend on other settings. The
210 defaults are: Check the owner if check_local_user or owners is set; check the
211 group if check_local_user is set without a restriction on the group write bit,
212 or if owngroups is set. */
213
214 if (ob->check_owner == TRUE_UNSET)
215 ob->check_owner = rblock->check_local_user ||
216 (ob->owners != NULL && ob->owners[0] != 0);
217
218 if (ob->check_group == TRUE_UNSET)
219 ob->check_group = (rblock->check_local_user && (ob->modemask & 020) == 0) ||
220 (ob->owngroups != NULL && ob->owngroups[0] != 0);
221
222 /* If explicit qualify domain set, the preserve option is locked out */
223
224 if (ob->qualify_domain != NULL && ob->qualify_preserve_domain)
225 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
226 "only one of \"qualify_domain\" or \"qualify_preserve_domain\" must be set",
227 rblock->name);
228
229 /* If allow_filter is set, either user or check_local_user must be set. */
230
231 if (!rblock->check_local_user &&
232 !rblock->uid_set &&
233 rblock->expand_uid == NULL &&
234 (ob->bit_options & RDO_FILTER) != 0)
235 log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s router:\n "
236 "\"user\" or \"check_local_user\" must be set with \"allow_filter\"",
237 rblock->name);
238 }
239
240
241
242 /*************************************************
243 * Get errors address and header mods *
244 *************************************************/
245
246 /* This function is called when new addresses are generated, in order to
247 sort out errors address and header modifications. We put the errors address
248 into the parent address (even though it is never used from there because that
249 address is never transported) so that it can be retrieved if any of the
250 children gets routed by an "unseen" router. The clone of the child that is
251 passed on must have the original errors_address value.
252
253 Arguments:
254 rblock the router control block
255 addr the address being routed
256 verify true if verifying
257 addr_prop point to the propagated block, which is where the
258 new values are to be placed
259
260 Returns: the result of rf_get_errors_address() or rf_get_munge_headers(),
261 which is either OK or DEFER
262 */
263
264 static int
265 sort_errors_and_headers(router_instance *rblock, address_item *addr,
266 BOOL verify, address_item_propagated *addr_prop)
267 {
268 int frc = rf_get_errors_address(addr, rblock, verify,
269 &(addr_prop->errors_address));
270 if (frc != OK) return frc;
271 addr->p.errors_address = addr_prop->errors_address;
272 return rf_get_munge_headers(addr, rblock, &(addr_prop->extra_headers),
273 &(addr_prop->remove_headers));
274 }
275
276
277
278 /*************************************************
279 * Process a set of generated new addresses *
280 *************************************************/
281
282 /* This function sets up a set of newly generated child addresses and puts them
283 on the new address chain. Copy in the uid, gid and permission flags for use by
284 pipes and files, set the parent, and "or" its af_ignore_error flag. Also record
285 the setting for any starting router.
286
287 If the generated address is the same as one of its ancestors, and the
288 check_ancestor flag is set, do not use this generated address, but replace it
289 with a copy of the input address. This is to cope with cases where A is aliased
290 to B and B has a .forward file pointing to A, though it is usually set on the
291 forwardfile rather than the aliasfile. We can't just pass on the old
292 address by returning FAIL, because it must act as a general parent for
293 generated addresses, and only get marked "done" when all its children are
294 delivered.
295
296 Arguments:
297 rblock router block
298 addr_new new address chain
299 addr original address
300 generated list of generated addresses
301 addr_prop the propagated block, containing the errors_address,
302 header modification stuff, and address_data
303 ugidptr points to uid/gid data for files, pipes, autoreplies
304 pw password entry, set if ob->check_local_user is TRUE
305
306 Returns: nothing
307 */
308
309 static void
310 add_generated(router_instance *rblock, address_item **addr_new,
311 address_item *addr, address_item *generated,
312 address_item_propagated *addr_prop, ugid_block *ugidptr, struct passwd *pw)
313 {
314 redirect_router_options_block *ob =
315 (redirect_router_options_block *)(rblock->options_block);
316
317 while (generated != NULL)
318 {
319 address_item *parent;
320 address_item *next = generated;
321 uschar *errors_address = next->p.errors_address;
322
323 generated = next->next;
324 next->parent = addr;
325 orflag(next, addr, af_ignore_error);
326 next->start_router = rblock->redirect_router;
327 addr->child_count++;
328
329 next->next = *addr_new;
330 *addr_new = next;
331
332 /* Don't do the "one_time" thing for the first pass of a 2-stage queue run. */
333
334 if (ob->one_time && !queue_2stage)
335 {
336 for (parent = addr; parent->parent != NULL; parent = parent->parent);
337 next->onetime_parent = parent->address;
338 }
339
340 if (ob->hide_child_in_errmsg) setflag(next, af_hide_child);
341
342 /* If check_ancestor is set, we want to know if any ancestor of this address
343 is the address we are about to generate. The check must be done caselessly
344 unless the ancestor was routed by a case-sensitive router. */
345
346 if (ob->check_ancestor)
347 {
348 for (parent = addr; parent != NULL; parent = parent->parent)
349 {
350 if (((parent->router != NULL && parent->router->caseful_local_part)?
351 Ustrcmp(next->address, parent->address)
352 :
353 strcmpic(next->address, parent->address)
354 ) == 0)
355 {
356 DEBUG(D_route) debug_printf("generated parent replaced by child\n");
357 next->address = string_copy(addr->address);
358 break;
359 }
360 }
361 }
362
363 /* A user filter may, under some circumstances, set up an errors address.
364 If so, we must take care to re-instate it when we copy in the propagated
365 data so that it overrides any errors_to setting on the router. */
366
367 next->p = *addr_prop;
368 if (errors_address != NULL) next->p.errors_address = errors_address;
369
370 /* For pipes, files, and autoreplies, record this router as handling them,
371 because they don't go through the routing process again. Then set up uid,
372 gid, home and current directories for transporting. */
373
374 if (testflag(next, af_pfr))
375 {
376 next->router = rblock;
377 rf_set_ugid(next, ugidptr); /* Will contain pw values if not overridden */
378
379 /* When getting the home directory out of the password information, wrap it
380 in \N...\N to avoid expansion later. In Cygwin, home directories can
381 contain $ characters. */
382
383 if (rblock->home_directory != NULL)
384 next->home_dir = rblock->home_directory;
385 else if (rblock->check_local_user)
386 next->home_dir = string_sprintf("\\N%s\\N", pw->pw_dir);
387 else if (rblock->router_home_directory != NULL &&
388 testflag(addr, af_home_expanded))
389 {
390 next->home_dir = deliver_home;
391 setflag(next, af_home_expanded);
392 }
393
394 next->current_dir = rblock->current_directory;
395
396 /* Permission options */
397
398 if (!ob->forbid_pipe) setflag(next, af_allow_pipe);
399 if (!ob->forbid_file) setflag(next, af_allow_file);
400 if (!ob->forbid_filter_reply) setflag(next, af_allow_reply);
401
402 /* If the transport setting fails, the error gets picked up at the outer
403 level from the setting of basic_errno in the address. */
404
405 if (next->address[0] == '|')
406 {
407 address_pipe = next->address;
408 if (rf_get_transport(ob->pipe_transport_name, &(ob->pipe_transport),
409 next, rblock->name, US"pipe_transport"))
410 next->transport = ob->pipe_transport;
411 address_pipe = NULL;
412 }
413 else if (next->address[0] == '>')
414 {
415 if (rf_get_transport(ob->reply_transport_name, &(ob->reply_transport),
416 next, rblock->name, US"reply_transport"))
417 next->transport = ob->reply_transport;
418 }
419 else /* must be file or directory */
420 {
421 int len = Ustrlen(next->address);
422 address_file = next->address;
423 if (next->address[len-1] == '/')
424 {
425 if (rf_get_transport(ob->directory_transport_name,
426 &(ob->directory_transport), next, rblock->name,
427 US"directory_transport"))
428 next->transport = ob->directory_transport;
429 }
430 else
431 {
432 if (rf_get_transport(ob->file_transport_name, &(ob->file_transport),
433 next, rblock->name, US"file_transport"))
434 next->transport = ob->file_transport;
435 }
436 address_file = NULL;
437 }
438 }
439
440 DEBUG(D_route)
441 {
442 debug_printf("%s router generated %s\n %serrors_to=%s transport=%s\n",
443 rblock->name,
444 next->address,
445 testflag(next, af_pfr)? "pipe, file, or autoreply\n " : "",
446 next->p.errors_address,
447 (next->transport == NULL)? US"NULL" : next->transport->name);
448
449 if (testflag(next, af_uid_set))
450 debug_printf(" uid=%ld ", (long int)(next->uid));
451 else
452 debug_printf(" uid=unset ");
453
454 if (testflag(next, af_gid_set))
455 debug_printf("gid=%ld ", (long int)(next->gid));
456 else
457 debug_printf("gid=unset ");
458
459 debug_printf("home=%s\n", next->home_dir);
460 }
461 }
462 }
463
464
465 /*************************************************
466 * Main entry point *
467 *************************************************/
468
469 /* See local README for interface description. This router returns:
470
471 DECLINE
472 . empty address list, or filter did nothing significant
473
474 DEFER
475 . verifying the errors address caused a deferment or a big disaster such
476 as an expansion failure (rf_get_errors_address)
477 . expanding a headers_{add,remove} string caused a deferment or another
478 expansion error (rf_get_munge_headers)
479 . :defer: or "freeze" in a filter
480 . error in address list or filter
481 . skipped syntax errors, but failed to send the message
482
483 DISCARD
484 . address was :blackhole:d or "seen finish"ed
485
486 FAIL
487 . :fail:
488
489 OK
490 . new addresses added to addr_new
491 */
492
493 int redirect_router_entry(
494 router_instance *rblock, /* data for this instantiation */
495 address_item *addr, /* address we are working on */
496 struct passwd *pw, /* passwd entry after check_local_user */
497 BOOL verify, /* TRUE when verifying */
498 address_item **addr_local, /* add it to this if it's local */
499 address_item **addr_remote, /* add it to this if it's remote */
500 address_item **addr_new, /* put new addresses on here */
501 address_item **addr_succeed) /* put old address here on success */
502 {
503 redirect_router_options_block *ob =
504 (redirect_router_options_block *)(rblock->options_block);
505 address_item *generated = NULL;
506 uschar *save_qualify_domain_recipient = qualify_domain_recipient;
507 uschar *discarded = US"discarded";
508 address_item_propagated addr_prop;
509 error_block *eblock = NULL;
510 ugid_block ugid;
511 redirect_block redirect;
512 int filtertype = FILTER_UNSET;
513 int yield = OK;
514 int options = ob->bit_options;
515 int frc = 0;
516 int xrc = 0;
517
518 addr_local = addr_local; /* Keep picky compilers happy */
519 addr_remote = addr_remote;
520
521 /* Initialize the data to be propagated to the children */
522
523 addr_prop.address_data = deliver_address_data;
524 addr_prop.domain_data = deliver_domain_data;
525 addr_prop.localpart_data = deliver_localpart_data;
526 addr_prop.errors_address = NULL;
527 addr_prop.extra_headers = NULL;
528 addr_prop.remove_headers = NULL;
529
530 /* When verifying and testing addresses, the "logwrite" command in filters
531 must be bypassed. */
532
533 if (!verify && !address_test_mode) options |= RDO_REALLOG;
534
535 /* Sort out the fixed or dynamic uid/gid. This uid is used (a) for reading the
536 file (and interpreting a filter) and (b) for running the transports for
537 generated file and pipe addresses. It is not (necessarily) the same as the uids
538 that may own the file. Exim panics if an expanded string is not a number and
539 can't be found in the password file. Other errors set the freezing bit. */
540
541 if (!rf_get_ugid(rblock, addr, &ugid)) return DEFER;
542
543 if (!ugid.uid_set && pw != NULL)
544 {
545 ugid.uid = pw->pw_uid;
546 ugid.uid_set = TRUE;
547 }
548
549 if (!ugid.gid_set && pw != NULL)
550 {
551 ugid.gid = pw->pw_gid;
552 ugid.gid_set = TRUE;
553 }
554
555 #ifdef EXPERIMENTAL_SRS
556 /* For reverse SRS, fill the srs_recipient expandsion variable,
557 on failure, return decline/fail as relevant */
558 if(ob->srs != NULL)
559 {
560 BOOL usesrs = TRUE;
561
562 if(ob->srs_condition != NULL)
563 usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL);
564
565 if(usesrs)
566 if(Ustrcmp(ob->srs, "reverse") == 0 || Ustrcmp(ob->srs, "reverseandforward") == 0)
567 {
568 uschar *res;
569 int n_srs;
570
571 srs_orig_recipient = addr->address;
572 eximsrs_init();
573 if(ob->srs_db)
574 eximsrs_db_set(TRUE, ob->srs_db);
575 if((n_srs = eximsrs_reverse(&res, addr->address)) != OK)
576 return n_srs;
577 srs_recipient = res;
578 eximsrs_done();
579 DEBUG(D_any)
580 debug_printf("SRS: Recipient '%s' rewritten to '%s'\n", srs_orig_recipient, srs_recipient);
581 }
582 }
583 #endif
584
585 /* Call the function that interprets redirection data, either inline or from a
586 file. This is a separate function so that the system filter can use it. It will
587 run the function in a subprocess if necessary. If qualify_preserve_domain is
588 set, temporarily reset qualify_domain_recipient to the current domain so that
589 any unqualified addresses get qualified with the same domain as the incoming
590 address. Otherwise, if a local qualify_domain is provided, set that up. */
591
592 if (ob->qualify_preserve_domain)
593 qualify_domain_recipient = addr->domain;
594 else if (ob->qualify_domain != NULL)
595 {
596 uschar *new_qdr = rf_expand_data(addr, ob->qualify_domain, &xrc);
597 if (new_qdr == NULL) return xrc;
598 qualify_domain_recipient = new_qdr;
599 }
600
601 redirect.owners = ob->owners;
602 redirect.owngroups = ob->owngroups;
603 redirect.modemask = ob->modemask;
604 redirect.check_owner = ob->check_owner;
605 redirect.check_group = ob->check_group;
606 redirect.pw = pw;
607
608 if (ob->file != NULL)
609 {
610 redirect.string = ob->file;
611 redirect.isfile = TRUE;
612 }
613 else
614 {
615 redirect.string = ob->data;
616 redirect.isfile = FALSE;
617 }
618
619 frc = rda_interpret(&redirect, options, ob->include_directory,
620 ob->sieve_vacation_directory, &ugid, &generated, &(addr->message),
621 ob->skip_syntax_errors? &eblock : NULL, &filtertype,
622 string_sprintf("%s router (recipient is %s)", rblock->name, addr->address));
623
624 qualify_domain_recipient = save_qualify_domain_recipient;
625
626 /* Handle exceptional returns from filtering or processing an address list.
627 For FAIL and FREEZE we honour any previously set up deliveries by a filter. */
628
629 switch (frc)
630 {
631 case FF_NONEXIST:
632 addr->message = addr->user_message = NULL;
633 return DECLINE;
634
635 case FF_BLACKHOLE:
636 DEBUG(D_route) debug_printf("address :blackhole:d\n");
637 generated = NULL;
638 discarded = US":blackhole:";
639 frc = FF_DELIVERED;
640 break;
641
642 /* FF_DEFER and FF_FAIL can arise only as a result of explicit commands
643 (:fail: in an alias file or "fail" in a filter). If a configured message was
644 supplied, allow it to be included in an SMTP response after verifying. */
645
646 case FF_DEFER:
647 if (addr->message == NULL) addr->message = US"forced defer";
648 else addr->user_message = addr->message;
649 return DEFER;
650
651 case FF_FAIL:
652 if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK)
653 return xrc;
654 add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw);
655 if (addr->message == NULL) addr->message = US"forced rejection";
656 else addr->user_message = addr->message;
657 return FAIL;
658
659 /* As in the case of a system filter, a freeze does not happen after a manual
660 thaw. In case deliveries were set up by the filter, we set the child count
661 high so that their completion does not mark the original address done. */
662
663 case FF_FREEZE:
664 if (!deliver_manual_thaw)
665 {
666 if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop))
667 != OK) return xrc;
668 add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw);
669 if (addr->message == NULL) addr->message = US"frozen by filter";
670 addr->special_action = SPECIAL_FREEZE;
671 addr->child_count = 9999;
672 return DEFER;
673 }
674 frc = FF_NOTDELIVERED;
675 break;
676
677 /* Handle syntax errors and :include: failures and lookup defers */
678
679 case FF_ERROR:
680 case FF_INCLUDEFAIL:
681
682 /* If filtertype is still FILTER_UNSET, it means that the redirection data
683 was never inspected, so the error was an expansion failure or failure to open
684 the file, or whatever. In these cases, the existing error message is probably
685 sufficient. */
686
687 if (filtertype == FILTER_UNSET) return DEFER;
688
689 /* If it was a filter and skip_syntax_errors is set, we want to set up
690 the error message so that it can be logged and mailed to somebody. */
691
692 if (filtertype != FILTER_FORWARD && ob->skip_syntax_errors)
693 {
694 eblock = store_get(sizeof(error_block));
695 eblock->next = NULL;
696 eblock->text1 = addr->message;
697 eblock->text2 = NULL;
698 addr->message = addr->user_message = NULL;
699 }
700
701 /* Otherwise set up the error for the address and defer. */
702
703 else
704 {
705 addr->basic_errno = ERRNO_BADREDIRECT;
706 addr->message = string_sprintf("error in %s %s: %s",
707 (filtertype != FILTER_FORWARD)? "filter" : "redirect",
708 (ob->data == NULL)? "file" : "data",
709 addr->message);
710 return DEFER;
711 }
712 }
713
714
715 /* Yield is either FF_DELIVERED (significant action) or FF_NOTDELIVERED (no
716 significant action). Before dealing with these, however, we must handle the
717 effect of skip_syntax_errors.
718
719 If skip_syntax_errors was set and there were syntax errors in an address list,
720 error messages will be present in eblock. Log them and send a message if so
721 configured. We cannot do this earlier, because the error message must not be
722 sent as the local user. If there were no valid addresses, generated will be
723 NULL. In this case, the router declines.
724
725 For a filter file, the error message has been fudged into an eblock. After
726 dealing with it, the router declines. */
727
728 if (eblock != NULL)
729 {
730 if (!moan_skipped_syntax_errors(
731 rblock->name, /* For message content */
732 eblock, /* Ditto */
733 (verify || address_test_mode)?
734 NULL : ob->syntax_errors_to, /* Who to mail */
735 generated != NULL, /* True if not all failed */
736 ob->syntax_errors_text)) /* Custom message */
737 return DEFER;
738
739 if (filtertype != FILTER_FORWARD || generated == NULL)
740 {
741 addr->message = US"syntax error in redirection data";
742 return DECLINE;
743 }
744 }
745
746 /* Sort out the errors address and any header modifications, and handle the
747 generated addresses, if any. If there are no generated addresses, we must avoid
748 calling sort_errors_and_headers() in case this router declines - that function
749 may modify the errors_address field in the current address, and we don't want
750 to do that for a decline. */
751
752 if (generated != NULL)
753 {
754 if ((xrc = sort_errors_and_headers(rblock, addr, verify, &addr_prop)) != OK)
755 return xrc;
756 add_generated(rblock, addr_new, addr, generated, &addr_prop, &ugid, pw);
757 }
758
759 /* FF_DELIVERED with no generated addresses is what we get when an address list
760 contains :blackhole: or a filter contains "seen finish" without having
761 generated anything. Log what happened to this address, and return DISCARD. */
762
763 if (frc == FF_DELIVERED)
764 {
765 if (generated == NULL && !verify && !address_test_mode)
766 {
767 log_write(0, LOG_MAIN, "=> %s <%s> R=%s", discarded, addr->address,
768 rblock->name);
769 yield = DISCARD;
770 }
771 }
772
773 /* For an address list, FF_NOTDELIVERED always means that no addresses were
774 generated. For a filter, addresses may or may not have been generated. If none
775 were, it's the same as an empty address list, and the router declines. However,
776 if addresses were generated, we can't just decline because successful delivery
777 of the base address gets it marked "done", so deferred generated addresses
778 never get tried again. We have to generate a new version of the base address,
779 as if there were a "deliver" command in the filter file, with the original
780 address as parent. */
781
782 else
783 {
784 address_item *next;
785
786 if (generated == NULL) return DECLINE;
787
788 next = deliver_make_addr(addr->address, FALSE);
789 next->parent = addr;
790 addr->child_count++;
791 next->next = *addr_new;
792 *addr_new = next;
793
794 /* Copy relevant flags (af_propagate is a name for the set), and set the
795 data that propagates. */
796
797 copyflag(next, addr, af_propagate);
798 next->p = addr_prop;
799
800 DEBUG(D_route) debug_printf("%s router autogenerated %s\n%s%s%s",
801 rblock->name,
802 next->address,
803 (addr_prop.errors_address != NULL)? " errors to " : "",
804 (addr_prop.errors_address != NULL)? addr_prop.errors_address : US"",
805 (addr_prop.errors_address != NULL)? "\n" : "");
806 }
807
808 #ifdef EXPERIMENTAL_SRS
809 /* On successful redirection, check for SRS forwarding and adjust sender */
810 if(ob->srs != NULL)
811 {
812 BOOL usesrs = TRUE;
813
814 if(ob->srs_condition != NULL)
815 usesrs = expand_check_condition(ob->srs_condition, "srs_condition expansion failed", NULL);
816
817 if(usesrs)
818 if((Ustrcmp(ob->srs, "forward") == 0 || Ustrcmp(ob->srs, "reverseandforward") == 0) && !verify)
819 {
820 uschar *res;
821 uschar *usedomain;
822 int n_srs;
823
824 srs_orig_sender = sender_address;
825 eximsrs_init();
826 if(ob->srs_db)
827 eximsrs_db_set(FALSE, ob->srs_db);
828
829 if(ob->srs_alias != NULL ? (usedomain = expand_string(ob->srs_alias)) == NULL : 1)
830 usedomain = deliver_domain;
831
832 if((n_srs = eximsrs_forward(&res, sender_address, usedomain)) != OK)
833 return n_srs;
834 sender_address = res;
835 DEBUG(D_any)
836 debug_printf("SRS: Sender '%s' rewritten to '%s'\n", srs_orig_sender, sender_address);
837 }
838 }
839 #endif
840
841 /* Control gets here only when the address has been completely handled. Put the
842 original address onto the succeed queue so that any retry items that get
843 attached to it get processed. */
844
845 addr->next = *addr_succeed;
846 *addr_succeed = addr;
847
848 return yield;
849 }
850
851 /* End of routers/redirect.c */
Unnamed repository; edit this file 'description' to name the repository.