projects / exim.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix possible endless loop due to dying spamd
[exim.git] / src / src / spam.c
1 /* $Cambridge: exim/src/src/spam.c,v 1.7 2005/06/10 13:29:36 tom Exp $ */
2
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
6
7 /* Copyright (c) Tom Kistner <tom@duncanthrax.net> 2003-???? */
8 /* License: GPL */
9
10 /* Code for calling spamassassin's spamd. Called from acl.c. */
11
12 #include "exim.h"
13 #ifdef WITH_CONTENT_SCAN
14 #include "spam.h"
15
16 uschar spam_score_buffer[16];
17 uschar spam_score_int_buffer[16];
18 uschar spam_bar_buffer[128];
19 uschar spam_report_buffer[32600];
20 uschar prev_user_name[128] = "";
21 int spam_ok = 0;
22 int spam_rc = 0;
23
24 int spam(uschar **listptr) {
25 int sep = 0;
26 uschar *list = *listptr;
27 uschar *user_name;
28 uschar user_name_buffer[128];
29 unsigned long mbox_size;
30 FILE *mbox_file;
31 int spamd_sock;
32 uschar spamd_buffer[32600];
33 int i, j, offset, result;
34 uschar spamd_version[8];
35 uschar spamd_score_char;
36 double spamd_threshold, spamd_score;
37 int spamd_report_offset;
38 uschar *p,*q;
39 int override = 0;
40 time_t start;
41 size_t read, wrote;
42 struct sockaddr_un server;
43 #ifndef NO_POLL_H
44 struct pollfd pollfd;
45 #endif
46
47 /* find the username from the option list */
48 if ((user_name = string_nextinlist(&list, &sep,
49 user_name_buffer,
50 sizeof(user_name_buffer))) == NULL) {
51 /* no username given, this means no scanning should be done */
52 return FAIL;
53 };
54
55 /* if username is "0" or "false", do not scan */
56 if ( (Ustrcmp(user_name,"0") == 0) ||
57 (strcmpic(user_name,US"false") == 0) ) {
58 return FAIL;
59 };
60
61 /* if there is an additional option, check if it is "true" */
62 if (strcmpic(list,US"true") == 0) {
63 /* in that case, always return true later */
64 override = 1;
65 };
66
67 /* if we scanned for this username last time, just return */
68 if ( spam_ok && ( Ustrcmp(prev_user_name, user_name) == 0 ) ) {
69 if (override)
70 return OK;
71 else
72 return spam_rc;
73 };
74
75 /* make sure the eml mbox file is spooled up */
76 mbox_file = spool_mbox(&mbox_size);
77
78 if (mbox_file == NULL) {
79 /* error while spooling */
80 log_write(0, LOG_MAIN|LOG_PANIC,
81 "spam acl condition: error while creating mbox spool file");
82 return DEFER;
83 };
84
85 start = time(NULL);
86 /* socket does not start with '/' -> network socket */
87 if (*spamd_address != '/') {
88 time_t now = time(NULL);
89 int num_servers = 0;
90 int current_server = 0;
91 int start_server = 0;
92 uschar *address = NULL;
93 uschar *spamd_address_list_ptr = spamd_address;
94 uschar address_buffer[256];
95 spamd_address_container * spamd_address_vector[32];
96
97 /* Check how many spamd servers we have
98 and register their addresses */
99 while ((address = string_nextinlist(&spamd_address_list_ptr, &sep,
100 address_buffer,
101 sizeof(address_buffer))) != NULL) {
102
103 spamd_address_container *this_spamd =
104 (spamd_address_container *)store_get(sizeof(spamd_address_container));
105
106 /* grok spamd address and port */
107 if( sscanf(CS address, "%s %u", this_spamd->tcp_addr, &(this_spamd->tcp_port)) != 2 ) {
108 log_write(0, LOG_MAIN,
109 "spam acl condition: warning - invalid spamd address: '%s'", address);
110 continue;
111 };
112
113 spamd_address_vector[num_servers] = this_spamd;
114 num_servers++;
115 if (num_servers > 31)
116 break;
117 };
118
119 /* check if we have at least one server */
120 if (!num_servers) {
121 log_write(0, LOG_MAIN|LOG_PANIC,
122 "spam acl condition: no useable spamd server addresses in spamd_address configuration option.");
123 fclose(mbox_file);
124 return DEFER;
125 };
126
127 current_server = start_server = (int)now % num_servers;
128
129 while (1) {
130
131 debug_printf("trying server %s, port %u\n",
132 spamd_address_vector[current_server]->tcp_addr,
133 spamd_address_vector[current_server]->tcp_port);
134
135 /* contact a spamd */
136 if ( (spamd_sock = ip_socket(SOCK_STREAM, AF_INET)) < 0) {
137 log_write(0, LOG_MAIN|LOG_PANIC,
138 "spam acl condition: error creating IP socket for spamd");
139 fclose(mbox_file);
140 return DEFER;
141 };
142
143 if (ip_connect( spamd_sock,
144 AF_INET,
145 spamd_address_vector[current_server]->tcp_addr,
146 spamd_address_vector[current_server]->tcp_port,
147 5 ) > -1) {
148 /* connection OK */
149 break;
150 };
151
152 log_write(0, LOG_MAIN|LOG_PANIC,
153 "spam acl condition: warning - spamd connection to %s, port %u failed: %s",
154 spamd_address_vector[current_server]->tcp_addr,
155 spamd_address_vector[current_server]->tcp_port,
156 strerror(errno));
157 current_server++;
158 if (current_server >= num_servers)
159 current_server = 0;
160 if (current_server == start_server) {
161 log_write(0, LOG_MAIN|LOG_PANIC, "spam acl condition: all spamd servers failed");
162 fclose(mbox_file);
163 close(spamd_sock);
164 return DEFER;
165 };
166 };
167
168 }
169 else {
170 /* open the local socket */
171
172 if ((spamd_sock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
173 log_write(0, LOG_MAIN|LOG_PANIC,
174 "malware acl condition: spamd: unable to acquire socket (%s)",
175 strerror(errno));
176 fclose(mbox_file);
177 return DEFER;
178 }
179
180 server.sun_family = AF_UNIX;
181 Ustrcpy(server.sun_path, spamd_address);
182
183 if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) {
184 log_write(0, LOG_MAIN|LOG_PANIC,
185 "malware acl condition: spamd: unable to connect to UNIX socket %s (%s)",
186 spamd_address, strerror(errno) );
187 fclose(mbox_file);
188 close(spamd_sock);
189 return DEFER;
190 }
191
192 }
193
194 /* now we are connected to spamd on spamd_sock */
195 snprintf(CS spamd_buffer,
196 sizeof(spamd_buffer),
197 "REPORT SPAMC/1.2\r\nUser: %s\r\nContent-length: %ld\r\n\r\n",
198 user_name,
199 mbox_size);
200
201 /* send our request */
202 if (send(spamd_sock, spamd_buffer, Ustrlen(spamd_buffer), 0) < 0) {
203 close(spamd_sock);
204 log_write(0, LOG_MAIN|LOG_PANIC,
205 "spam acl condition: spamd send failed: %s", strerror(errno));
206 fclose(mbox_file);
207 close(spamd_sock);
208 return DEFER;
209 };
210
211 /* now send the file */
212 /* spamd sometimes accepts conections but doesn't read data off
213 * the connection. We make the file descriptor non-blocking so
214 * that the write will only write sufficient data without blocking
215 * and we poll the desciptor to make sure that we can write without
216 * blocking. Short writes are gracefully handled and if the whole
217 * trasaction takes too long it is aborted.
218 * Note: poll() is not supported in OSX 10.2.
219 */
220 #ifndef NO_POLL_H
221 pollfd.fd = spamd_sock;
222 pollfd.events = POLLOUT;
223 #endif
224 fcntl(spamd_sock, F_SETFL, O_NONBLOCK);
225 do {
226 read = fread(spamd_buffer,1,sizeof(spamd_buffer),mbox_file);
227 if (read > 0) {
228 offset = 0;
229 again:
230 #ifndef NO_POLL_H
231 result = poll(&pollfd, 1, 1000);
232 if (result == -1 && errno == EINTR)
233 continue;
234 else if (result < 1) {
235 if (result == -1)
236 log_write(0, LOG_MAIN|LOG_PANIC,
237 "spam acl condition: %s on spamd socket", strerror(errno));
238 else {
239 if (time(NULL) - start < SPAMD_TIMEOUT)
240 goto again;
241 log_write(0, LOG_MAIN|LOG_PANIC,
242 "spam acl condition: timed out writing spamd socket");
243 }
244 close(spamd_sock);
245 fclose(mbox_file);
246 return DEFER;
247 }
248 #endif
249 wrote = send(spamd_sock,spamd_buffer + offset,read - offset,0);
250 if (wrote == -1)
251 {
252 log_write(0, LOG_MAIN|LOG_PANIC,
253 "spam acl condition: %s on spamd socket", strerror(errno));
254 close(spamd_sock);
255 fclose(mbox_file);
256 return DEFER;
257 }
258 if (offset + wrote != read) {
259 offset += wrote;
260 goto again;
261 }
262 }
263 }
264 while (!feof(mbox_file) && !ferror(mbox_file));
265 if (ferror(mbox_file)) {
266 log_write(0, LOG_MAIN|LOG_PANIC,
267 "spam acl condition: error reading spool file: %s", strerror(errno));
268 close(spamd_sock);
269 fclose(mbox_file);
270 return DEFER;
271 }
272
273 fclose(mbox_file);
274
275 /* we're done sending, close socket for writing */
276 shutdown(spamd_sock,SHUT_WR);
277
278 /* read spamd response using what's left of the timeout.
279 */
280 memset(spamd_buffer, 0, sizeof(spamd_buffer));
281 offset = 0;
282 while((i = ip_recv(spamd_sock,
283 spamd_buffer + offset,
284 sizeof(spamd_buffer) - offset - 1,
285 SPAMD_TIMEOUT - time(NULL) + start)) > 0 ) {
286 offset += i;
287 }
288
289 /* error handling */
290 if((i <= 0) && (errno != 0)) {
291 log_write(0, LOG_MAIN|LOG_PANIC,
292 "spam acl condition: error reading from spamd socket: %s", strerror(errno));
293 close(spamd_sock);
294 return DEFER;
295 }
296
297 /* reading done */
298 close(spamd_sock);
299
300 /* dig in the spamd output and put the report in a multiline header, if requested */
301 if( sscanf(CS spamd_buffer,"SPAMD/%s 0 EX_OK\r\nContent-length: %*u\r\n\r\n%lf/%lf\r\n%n",
302 spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
303
304 /* try to fall back to pre-2.50 spamd output */
305 if( sscanf(CS spamd_buffer,"SPAMD/%s 0 EX_OK\r\nSpam: %*s ; %lf / %lf\r\n\r\n%n",
306 spamd_version,&spamd_score,&spamd_threshold,&spamd_report_offset) != 3 ) {
307 log_write(0, LOG_MAIN|LOG_PANIC,
308 "spam acl condition: cannot parse spamd output");
309 return DEFER;
310 };
311 };
312
313 /* Create report. Since this is a multiline string,
314 we must hack it into shape first */
315 p = &spamd_buffer[spamd_report_offset];
316 q = spam_report_buffer;
317 while (*p != '\0') {
318 /* skip \r */
319 if (*p == '\r') {
320 p++;
321 continue;
322 };
323 *q = *p;
324 q++;
325 if (*p == '\n') {
326 *q = '\t';
327 q++;
328 /* eat whitespace */
329 while( (*p <= ' ') && (*p != '\0') ) {
330 p++;
331 };
332 p--;
333 };
334 p++;
335 };
336 /* NULL-terminate */
337 *q = '\0';
338 q--;
339 /* cut off trailing leftovers */
340 while (*q <= ' ') {
341 *q = '\0';
342 q--;
343 };
344 spam_report = spam_report_buffer;
345
346 /* create spam bar */
347 spamd_score_char = spamd_score > 0 ? '+' : '-';
348 j = abs((int)(spamd_score));
349 i = 0;
350 if( j != 0 ) {
351 while((i < j) && (i <= MAX_SPAM_BAR_CHARS))
352 spam_bar_buffer[i++] = spamd_score_char;
353 }
354 else{
355 spam_bar_buffer[0] = '/';
356 i = 1;
357 }
358 spam_bar_buffer[i] = '\0';
359 spam_bar = spam_bar_buffer;
360
361 /* create "float" spam score */
362 snprintf(CS spam_score_buffer, sizeof(spam_score_buffer),"%.1f", spamd_score);
363 spam_score = spam_score_buffer;
364
365 /* create "int" spam score */
366 j = (int)((spamd_score + 0.001)*10);
367 snprintf(CS spam_score_int_buffer, sizeof(spam_score_int_buffer), "%d", j);
368 spam_score_int = spam_score_int_buffer;
369
370 /* compare threshold against score */
371 if (spamd_score >= spamd_threshold) {
372 /* spam as determined by user's threshold */
373 spam_rc = OK;
374 }
375 else {
376 /* not spam */
377 spam_rc = FAIL;
378 };
379
380 /* remember user name and "been here" for it */
381 Ustrcpy(prev_user_name, user_name);
382 spam_ok = 1;
383
384 if (override) {
385 /* always return OK, no matter what the score */
386 return OK;
387 }
388 else {
389 return spam_rc;
390 };
391 }
392
393 #endif
Unnamed repository; edit this file 'description' to name the repository.