dnsbl: src/dnsbl.cpp annotate

annotate src/dnsbl.cpp @ 190:004b855c6c1f

fix null pointer dereference from missing HELO command

author	carl
date	Sat, 10 Nov 2007 10:52:50 -0800
parents	edcefdb7ccc1
children	2a67d31099c3

rev	line source
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1 /*
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	2
152 c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	3 Copyright (c) 2007 Carl Byington - 510 Software Group, released under
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	4 the GPL version 3 or any later version at your choice available at
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	5 http://www.gnu.org/licenses/gpl-3.0.txt
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	6
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	7 Based on a sample milter Copyright (c) 2000-2003 Sendmail, Inc. and its
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	8 suppliers. Inspired by the DCC by Rhyolite Software
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	9
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	10 -b port The port used to talk to the dcc interface daemon
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	11 -r port The port used to talk to our internal dns resolver processes
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	12 -p port The port through which the MTA will connect to this milter.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	13 -t sec The timeout value.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	14 -c Check the config, and print a copy to stdout. Don't start the
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	15 milter or do anything with the socket.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	16 -s Stress test by loading and deleting the current config in a loop.
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	17 -d level set the debug level
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	18 -e f\|t Print the results of looking up from address f and to address
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	19 t in the current config
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	20
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	21 */
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	22
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	23
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	24 // from sendmail sample
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	25 #include <sys/types.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	26 #include <sys/stat.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	27 #include <errno.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	28 #include <sysexits.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	29 #include <unistd.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	30
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	31 // needed for socket io
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	32 #include <sys/ioctl.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	33 #include <net/if.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	34 #include <arpa/inet.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	35 #include <netinet/in.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	36 #include <netinet/tcp.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	37 #include <netdb.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	38 #include <sys/socket.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	39 #include <sys/un.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	40
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	41 // needed for thread
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	42 #include <pthread.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	43
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	44 // needed for std c++ collections
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	45 #include <set>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	46 #include <map>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	47 #include <list>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	48
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	49 // for the dns resolver
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	50 #include <netinet/in.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	51 #include <arpa/nameser.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	52 #include <resolv.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	53
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	54 // misc stuff needed here
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	55 #include <ctype.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	56 #include <syslog.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	57 #include <pwd.h>
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	58 #include <sys/wait.h> /* header for waitpid() and various macros */
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	59 #include <signal.h> /* header for signal functions */
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	60
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	61 #include "includes.h"
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	62
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	63 static char* dnsbl_version="$Id$";
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	64
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	65 extern "C" {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	66 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr);
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	67 sfsistat mlfi_helo(SMFICTX * ctx, char *helohost);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	68 sfsistat mlfi_envfrom(SMFICTX ctx, char *argv);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	69 sfsistat mlfi_envrcpt(SMFICTX ctx, char *argv);
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	70 sfsistat mlfi_header(SMFICTX* ctx, char* headerf, char* headerv);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	71 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	72 sfsistat mlfi_eom(SMFICTX *ctx);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	73 sfsistat mlfi_abort(SMFICTX *ctx);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	74 sfsistat mlfi_close(SMFICTX *ctx);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	75 void sig_chld(int signo);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	76 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	77
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	78 int debug_syslog = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	79 bool syslog_opened = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	80 bool use_syslog = true; // false to printf
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	81 bool loader_run = true; // used to stop the config loader thread
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	82 CONFIG *config = NULL; // protected by the config_mutex
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	83 int generation = 0; // protected by the config_mutex
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	84 const int maxlen = 1000; // used for snprintf buffers
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	85
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	86 pthread_mutex_t config_mutex;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	87 pthread_mutex_t syslog_mutex;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	88 pthread_mutex_t resolve_mutex;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	89 pthread_mutex_t fd_pool_mutex;
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	90 pthread_mutex_t rate_mutex;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	91
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	92 std::set<int> fd_pool;
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	93 int NULL_SOCKET = -1;
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	94 const time_t ERROR_SOCKET_TIME = 60; // number of seconds between attempts to open a socket to the dns resolver process
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	95 char *resolver_port = NULL; // unix domain socket to talk to the dns resolver process
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	96 int resolver_socket = NULL_SOCKET; // socket used to listen for resolver requests
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	97 char *dccifd_port = NULL; // unix domain socket to talk to the dcc interface daemon
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	98 time_t last_error_time;
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	99 int resolver_sock_count = 0; // protected with fd_pool_mutex
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	100 int resolver_pool_size = 0; // protected with fd_pool_mutex
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	101 rcpt_rates rcpt_counts; // protected with rate_mutex
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	102
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	103
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	104 struct ns_map {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	105 // all the strings are owned by the keys/values in the ns_host string map
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	106 string_map ns_host; // nameserver name -> host name that uses this name server
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	107 ns_mapper ns_ip; // nameserver name -> ip address of the name server
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	108 ~ns_map();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	109 void add(char name, char refer);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	110 };
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	111
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	112
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	113 ns_map::~ns_map() {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	114 for (string_map::iterator i=ns_host.begin(); i!=ns_host.end(); i++) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	115 char x = (i).first;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	116 char y = (i).second;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	117 free(x);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	118 free(y);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	119 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	120 ns_ip.clear();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	121 ns_host.clear();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	122 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	123
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	124
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	125 void ns_map::add(char name, char refer) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	126 string_map::iterator i = ns_host.find(name);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	127 if (i != ns_host.end()) return;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	128 char *x = strdup(name);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	129 char *y = strdup(refer);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	130 ns_ip[x] = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	131 ns_host[x] = y;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	132
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	133 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	134
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	135 // packed structure to allow a single socket write to dump the
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	136 // length and the following answer. The packing attribute is gcc specific.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	137 struct glommer {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	138 int length;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	139 #ifdef NS_PACKETSZ
115 07e5d4721213 use larger resolver buffer carl parents: 94 diff changeset	140 u_char answer[NS_PACKETSZ*4]; // with a resolver, we return resolver answers
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	141 #else
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	142 int answer; // without a resolver, we return a single ip4 address, 0 == no answer
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	143 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	144 } __attribute__ ((packed));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	145
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	146
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	147 ////////////////////////////////////////////////
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	148 // helper to manipulate recipient counts
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	149 //
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	150 int incr_rcpt_count(char *user);
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	151 int incr_rcpt_count(char *user) {
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	152 pthread_mutex_lock(&rate_mutex);
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	153 rcpt_rates::iterator i = rcpt_counts.find(user);
138 9d0bc30b4576 add smtp auth rate limits carl parents: 137 diff changeset	154 int c = 1;
9d0bc30b4576 add smtp auth rate limits carl parents: 137 diff changeset	155 if (i == rcpt_counts.end()) {
9d0bc30b4576 add smtp auth rate limits carl parents: 137 diff changeset	156 user = strdup(user);
9d0bc30b4576 add smtp auth rate limits carl parents: 137 diff changeset	157 rcpt_counts[user] = c;
9d0bc30b4576 add smtp auth rate limits carl parents: 137 diff changeset	158 }
9d0bc30b4576 add smtp auth rate limits carl parents: 137 diff changeset	159 else {
139 003026deaed1 add smtp auth rate limits carl parents: 138 diff changeset	160 c = ++((*i).second);
138 9d0bc30b4576 add smtp auth rate limits carl parents: 137 diff changeset	161 }
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	162 pthread_mutex_unlock(&rate_mutex);
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	163 return c;
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	164 }
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	165
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	166 ////////////////////////////////////////////////
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	167 // helper to discard the strings held by a context_map
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	168 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	169 void discard(context_map &cm);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	170 void discard(context_map &cm) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	171 for (context_map::iterator i=cm.begin(); i!=cm.end(); i++) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	172 char x = (i).first;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	173 free(x);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	174 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	175 cm.clear();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	176 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	177
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	178
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	179 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	180 // helper to register a string in a context_map
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	181 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	182 void register_string(context_map &cm, char name, CONTEXT con);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	183 void register_string(context_map &cm, char name, CONTEXT con) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	184 context_map::iterator i = cm.find(name);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	185 if (i != cm.end()) return;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	186 char *x = strdup(name);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	187 cm[x] = con;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	188 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	189
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	190
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	191 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	192 // disconnect the fd from the dns resolver process
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	193 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	194 void my_disconnect(int sock, bool decrement = true);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	195 void my_disconnect(int sock, bool decrement) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	196 if (sock != NULL_SOCKET) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	197 if (decrement) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	198 pthread_mutex_lock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	199 resolver_sock_count--;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	200 pthread_mutex_unlock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	201 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	202 shutdown(sock, SHUT_RDWR);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	203 close(sock);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	204 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	205 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	206
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	207
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	208 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	209 // return fd connected to the dns resolver process
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	210 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	211 int my_connect();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	212 int my_connect() {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	213 // if we have had recent errors, don't even try to open the socket
129 c5cd1261394d ignore smtp connection attempts for 10 minutes when getting connection errors on verify hosts carl parents: 128 diff changeset	214 if ((time(NULL) - last_error_time) < ERROR_SOCKET_TIME) return NULL_SOCKET;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	215
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	216 // nothing recent, maybe this time it will work
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	217 int sock = NULL_SOCKET;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	218 sockaddr_un server;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	219 memset(&server, '\0', sizeof(server));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	220 server.sun_family = AF_UNIX;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	221 strncpy(server.sun_path, resolver_port, sizeof(server.sun_path)-1);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	222 sock = socket(AF_UNIX, SOCK_STREAM, 0);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	223 if (sock != NULL_SOCKET) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	224 bool rc = (connect(sock, (sockaddr *)&server, sizeof(server)) == 0);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	225 if (!rc) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	226 my_disconnect(sock, false);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	227 sock = NULL_SOCKET;
129 c5cd1261394d ignore smtp connection attempts for 10 minutes when getting connection errors on verify hosts carl parents: 128 diff changeset	228 last_error_time = time(NULL);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	229 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	230 }
129 c5cd1261394d ignore smtp connection attempts for 10 minutes when getting connection errors on verify hosts carl parents: 128 diff changeset	231 else last_error_time = time(NULL);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	232 if (sock != NULL_SOCKET) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	233 pthread_mutex_lock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	234 resolver_sock_count++;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	235 pthread_mutex_unlock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	236 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	237 return sock;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	238 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	239
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	240
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	241 mlfiPriv::mlfiPriv() {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	242 pthread_mutex_lock(&config_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	243 pc = config;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	244 pc->reference_count++;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	245 pthread_mutex_unlock(&config_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	246 get_fd();
190 004b855c6c1f fix null pointer dereference from missing HELO command carl parents: 188 diff changeset	247 ctx = NULL;
004b855c6c1f fix null pointer dereference from missing HELO command carl parents: 188 diff changeset	248 eom = false;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	249 ip = 0;
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	250 helo = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	251 mailaddr = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	252 queueid = NULL;
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	253 authenticated = NULL;
168 6bac960af6b4 add generic reverse dns filtering regex carl parents: 167 diff changeset	254 client_name = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	255 have_whites = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	256 only_whites = true;
167 9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	257 want_spamassassin = false;
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	258 want_dccgrey = false;
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	259 want_dccbulk = false;
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	260 content_context = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	261 memory = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	262 scanner = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	263 content_suffix = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	264 content_message = NULL;
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	265 uribl_suffix = NULL;
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	266 uribl_message = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	267 content_host_ignore = NULL;
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	268 assassin = NULL;
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	269 dccifd = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	270 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	271
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	272 mlfiPriv::~mlfiPriv() {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	273 return_fd();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	274 pthread_mutex_lock(&config_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	275 pc->reference_count--;
146 7278c9766e26 free old configs when last reference goes away carl parents: 143 diff changeset	276 bool last = (!pc->reference_count) && (pc != config);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	277 pthread_mutex_unlock(&config_mutex);
146 7278c9766e26 free old configs when last reference goes away carl parents: 143 diff changeset	278 if (last) delete pc; // free this config, since we were the last reference to it
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	279 if (helo) free(helo);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	280 reset(true);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	281 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	282
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	283 void mlfiPriv::reset(bool final) {
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	284 if (mailaddr) free(mailaddr);
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	285 if (queueid) free(queueid);
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	286 if (authenticated) free(authenticated);
168 6bac960af6b4 add generic reverse dns filtering regex carl parents: 167 diff changeset	287 if (client_name) free(client_name);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	288 discard(env_to);
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	289 if (memory) delete memory;
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	290 if (scanner) delete scanner;
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	291 if (assassin) delete assassin;
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	292 if (dccifd) delete dccifd;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	293 if (!final) {
190 004b855c6c1f fix null pointer dereference from missing HELO command carl parents: 188 diff changeset	294 ctx = NULL;
004b855c6c1f fix null pointer dereference from missing HELO command carl parents: 188 diff changeset	295 eom = false;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	296 mailaddr = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	297 queueid = NULL;
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	298 authenticated = NULL;
168 6bac960af6b4 add generic reverse dns filtering regex carl parents: 167 diff changeset	299 client_name = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	300 have_whites = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	301 only_whites = true;
167 9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	302 want_spamassassin = false;
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	303 want_dccgrey = false;
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	304 want_dccbulk = false;
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	305 content_context = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	306 memory = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	307 scanner = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	308 content_suffix = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	309 content_message = NULL;
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	310 uribl_suffix = NULL;
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	311 uribl_message = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	312 content_host_ignore = NULL;
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	313 assassin = NULL;
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	314 dccifd = NULL;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	315 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	316 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	317
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	318 void mlfiPriv::get_fd() {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	319 err = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	320 fd = NULL_SOCKET;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	321 int result = pthread_mutex_lock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	322 if (!result) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	323 std::set<int>::iterator i;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	324 i = fd_pool.begin();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	325 if (i != fd_pool.end()) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	326 // have at least one fd in the pool
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	327 err = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	328 fd = *i;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	329 fd_pool.erase(fd);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	330 resolver_pool_size--;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	331 pthread_mutex_unlock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	332 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	333 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	334 // pool is empty, get a new fd
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	335 pthread_mutex_unlock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	336 fd = my_connect();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	337 err = (fd == NULL_SOCKET);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	338 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	339 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	340 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	341 // cannot lock the pool, just get a new fd
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	342 fd = my_connect();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	343 err = (fd == NULL_SOCKET);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	344 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	345 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	346
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	347 void mlfiPriv::return_fd() {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	348 if (err) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	349 // this fd got a socket error, so close it, rather than returning it to the pool
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	350 my_disconnect(fd);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	351 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	352 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	353 int result = pthread_mutex_lock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	354 if (!result) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	355 if ((resolver_sock_count > resolver_pool_size*5) \|\| (resolver_pool_size < 5)) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	356 // return the fd to the pool
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	357 fd_pool.insert(fd);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	358 resolver_pool_size++;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	359 pthread_mutex_unlock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	360 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	361 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	362 // more than 20% of the open resolver sockets are in the pool, and the
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	363 // pool as at least 5 sockets. that is enough, so just close this one.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	364 pthread_mutex_unlock(&fd_pool_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	365 my_disconnect(fd);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	366 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	367 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	368 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	369 // could not lock the pool, so just close the fd
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	370 my_disconnect(fd);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	371 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	372 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	373 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	374
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	375 size_t mlfiPriv::my_write(const char *buf, size_t len) {
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	376 if (err) return 0;
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	377 size_t rs = 0;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	378 while (len) {
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	379 size_t ws = write(fd, buf, len);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	380 if (ws > 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	381 rs += ws;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	382 len -= ws;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	383 buf += ws;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	384 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	385 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	386 // peer closed the socket!
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	387 rs = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	388 err = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	389 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	390 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	391 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	392 return rs;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	393 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	394
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	395 size_t mlfiPriv::my_read(char *buf, size_t len) {
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	396 if (err) return 0;
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	397 size_t rs = 0;
134 f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	398 while (len) {
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	399 size_t ws = read(fd, buf, len);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	400 if (ws > 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	401 rs += ws;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	402 len -= ws;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	403 buf += ws;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	404 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	405 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	406 // peer closed the socket!
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	407 rs = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	408 err = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	409 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	410 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	411 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	412 return rs;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	413 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	414
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	415 void mlfiPriv::need_content_filter(char *rcpt, CONTEXT &con) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	416 register_string(env_to, rcpt, &con);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	417 if (!memory) {
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	418 // first recipient that needs content filtering sets
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	419 // some of the content filtering parameters
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	420 memory = new recorder(this, con.get_html_tags(), con.get_content_tlds(), con.get_content_cctlds());
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	421 scanner = new url_scanner(memory);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	422 content_suffix = con.get_content_suffix();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	423 content_message = con.get_content_message();
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	424 uribl_suffix = con.get_uribl_suffix();
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	425 uribl_message = con.get_uribl_message();
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	426 content_host_ignore = &con.get_content_host_ignore();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	427 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	428 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	429
186 2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	430
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	431 mlfiPriv* fetch_priv_from_ctx(SMFICTX *ctx);
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	432 mlfiPriv* fetch_priv_from_ctx(SMFICTX *ctx)
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	433 {
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	434 mlfiPriv priv = (struct mlfiPriv )smfi_getpriv(ctx);
187 f0eda59e8afd fix null pointer dereference from missing HELO command carl parents: 186 diff changeset	435 priv->ctx = ctx;
186 2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	436 return priv;
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	437 }
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	438 #define MLFIPRIV fetch_priv_from_ctx(ctx)
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	439
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	440
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	441
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	442 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	443 // syslog a message
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	444 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	445 void my_syslog(mlfiPriv priv, char text) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	446 char buf[maxlen];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	447 if (priv) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	448 snprintf(buf, sizeof(buf), "%s: %s", priv->queueid, text);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	449 text = buf;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	450 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	451 if (use_syslog) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	452 pthread_mutex_lock(&syslog_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	453 if (!syslog_opened) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	454 openlog("dnsbl", LOG_PID, LOG_MAIL);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	455 syslog_opened = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	456 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	457 syslog(LOG_NOTICE, "%s", text);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	458 pthread_mutex_unlock(&syslog_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	459 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	460 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	461 printf("%s \n", text);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	462 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	463 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	464
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	465 void my_syslog(mlfiPriv *priv, string text) {
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	466 if (debug_syslog > 3) {
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	467 char buf[maxlen];
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	468 strncpy(buf, text.c_str(), sizeof(buf));
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	469 buf[maxlen-1] = '\0'; // ensure null termination
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	470 my_syslog(priv, buf);
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	471 }
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	472 }
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	473
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	474 void my_syslog(char *text) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	475 my_syslog(NULL, text);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	476 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	477
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	478
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	479 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	480 // read a resolver request from the socket, process it, and
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	481 // write the result back to the socket.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	482
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	483 void process_resolver_requests(int socket);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	484 void process_resolver_requests(int socket) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	485 #ifdef NS_MAXDNAME
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	486 char question[NS_MAXDNAME];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	487 #else
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	488 char question[1000];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	489 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	490 glommer glom;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	491
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	492 int maxq = sizeof(question);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	493 while (true) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	494 // read a question
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	495 int rs = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	496 while (rs < maxq) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	497 int ns = read(socket, question+rs, maxq-rs);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	498 if (ns > 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	499 rs += ns;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	500 if (question[rs-1] == '\0') {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	501 // last byte read was the null terminator, we are done
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	502 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	503 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	504 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	505 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	506 // peer closed the socket
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	507 #ifdef RESOLVER_DEBUG
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	508 my_syslog("process_resolver_requests() peer closed socket while reading question");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	509 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	510 shutdown(socket, SHUT_RDWR);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	511 close(socket);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	512 return;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	513 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	514 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	515 question[rs-1] = '\0'; // ensure null termination
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	516
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	517 // find the answer
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	518 #ifdef NS_PACKETSZ
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	519 #ifdef RESOLVER_DEBUG
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	520 char text[1000];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	521 snprintf(text, sizeof(text), "process_resolver_requests() has a question %s", question);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	522 my_syslog(text);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	523 #endif
150 a23ef169d322 limit dns resolver timeouts and retry interval carl parents: 148 diff changeset	524 if ((_res.options & RES_INIT) == 0) res_init();
a23ef169d322 limit dns resolver timeouts and retry interval carl parents: 148 diff changeset	525 _res.retry = 2;
a23ef169d322 limit dns resolver timeouts and retry interval carl parents: 148 diff changeset	526 _res.retrans = RES_TIMEOUT;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	527 glom.length = res_search(question, ns_c_in, ns_t_a, glom.answer, sizeof(glom.answer));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	528 if (glom.length < 0) glom.length = 0; // represent all errors as zero length answers
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	529 #else
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	530 glom.length = sizeof(glom.answer);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	531 glom.answer = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	532 struct hostent *host = gethostbyname(question);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	533 if (host && (host->h_addrtype == AF_INET)) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	534 memcpy(&glom.answer, host->h_addr, sizeof(glom.answer));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	535 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	536 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	537
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	538 // write the answer
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	539 char buf = (char )&glom;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	540 int len = glom.length + sizeof(glom.length);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	541 #ifdef RESOLVER_DEBUG
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	542 snprintf(text, sizeof(text), "process_resolver_requests() writing answer length %d for total %d", glom.length, len);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	543 my_syslog(text);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	544 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	545 int ws = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	546 while (len > ws) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	547 int ns = write(socket, buf+ws, len-ws);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	548 if (ns > 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	549 ws += ns;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	550 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	551 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	552 // peer closed the socket!
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	553 #ifdef RESOLVER_DEBUG
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	554 my_syslog("process_resolver_requests() peer closed socket while writing answer");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	555 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	556 shutdown(socket, SHUT_RDWR);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	557 close(socket);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	558 return;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	559 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	560 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	561 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	562 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	563
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	564
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	565 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	566 // ask a dns question and get an A record answer - we don't try
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	567 // very hard, just using the default resolver retry settings.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	568 // If we cannot get an answer, we just accept the mail.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	569 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	570 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	571 int dns_interface(mlfiPriv &priv, char question, bool maybe_ip, ns_map nameservers);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	572 int dns_interface(mlfiPriv &priv, char question, bool maybe_ip, ns_map nameservers) {
186 2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	573 // tell sendmail we are still working
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	574 #if _FFR_SMFI_PROGRESS
190 004b855c6c1f fix null pointer dereference from missing HELO command carl parents: 188 diff changeset	575 if (priv.eom) smfi_progress(priv.ctx);
186 2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	576 #endif
2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	577
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	578 // this part can be done without locking the resolver mutex. Each
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	579 // milter thread is talking over its own socket to a separate resolver
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	580 // process, which does the actual dns resolution.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	581 if (priv.err) return 0; // cannot ask more questions on this socket.
134 f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	582 if (maybe_ip) {
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	583 // might be a bare ip address, try this first to avoid dns lookups that may not be needed
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	584 in_addr ip;
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	585 if (inet_aton(question, &ip)) {
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	586 return (int)ip.s_addr;
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	587 }
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	588 }
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	589 int n = strlen(question);
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	590 if (question[n-1] == '.') {
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	591 priv.my_write(question, n+1); // write the question including the null terminator
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	592 }
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	593 else {
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	594 priv.my_write(question, n); // write the question
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	595 priv.my_write(".", 2); // and the fully qualified . terminator and null string terminator
f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	596 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	597 glommer glom;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	598 char buf = (char )&glom;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	599 priv.my_read(buf, sizeof(glom.length));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	600 buf += sizeof(glom.length);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	601 #ifdef RESOLVER_DEBUG
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	602 char text[1000];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	603 snprintf(text, sizeof(text), "dns_interface() wrote question %s and has answer length %d", question, glom.length);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	604 my_syslog(text);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	605 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	606 if ((glom.length < 0) \|\| (glom.length > sizeof(glom.answer))) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	607 priv.err = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	608 return 0; // cannot process overlarge answers
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	609 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	610 priv.my_read(buf, glom.length);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	611
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	612 #ifdef NS_PACKETSZ
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	613 // now we need to lock the resolver mutex to keep the milter threads from
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	614 // stepping on each other while parsing the dns answer.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	615 int ret_address = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	616 pthread_mutex_lock(&resolve_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	617 if (glom.length > 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	618 // parse the answer
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	619 ns_msg handle;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	620 ns_rr rr;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	621 if (ns_initparse(glom.answer, glom.length, &handle) == 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	622 // look for ns names
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	623 if (nameservers) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	624 ns_map &ns = *nameservers;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	625 int rrnum = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	626 while (ns_parserr(&handle, ns_s_ns, rrnum++, &rr) == 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	627 if (ns_rr_type(rr) == ns_t_ns) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	628 char nam[NS_MAXDNAME+1];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	629 char *n = nam;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	630 const u_char *p = ns_rr_rdata(rr);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	631 while (((n-nam) < NS_MAXDNAME) && ((p-glom.answer) < glom.length) && *p) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	632 size_t s = *(p++);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	633 if (s > 191) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	634 // compression pointer
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	635 s = (s-192)256 + (p++);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	636 if (s >= glom.length) break; // pointer outside bounds of answer
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	637 p = glom.answer + s;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	638 s = *(p++);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	639 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	640 if (s > 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	641 if ((n-nam) >= (NS_MAXDNAME-s)) break; // destination would overflow name buffer
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	642 if ((p-glom.answer) >= (glom.length-s)) break; // source outside bounds of answer
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	643 memcpy(n, p, s);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	644 n += s;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	645 p += s;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	646 *(n++) = '.';
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	647 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	648 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	649 if (n-nam) n--; // remove trailing .
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	650 *n = '\0'; // null terminate it
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	651 ns.add(nam, question); // ns host to lookup later
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	652 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	653 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	654 rrnum = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	655 while (ns_parserr(&handle, ns_s_ar, rrnum++, &rr) == 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	656 if (ns_rr_type(rr) == ns_t_a) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	657 char* nam = (char*)ns_rr_name(rr);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	658 ns_mapper::iterator i = ns.ns_ip.find(nam);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	659 if (i != ns.ns_ip.end()) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	660 // we want this ip address
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	661 int address;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	662 memcpy(&address, ns_rr_rdata(rr), sizeof(address));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	663 ns.ns_ip[nam] = address;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	664 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	665 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	666 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	667 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	668 int rrnum = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	669 while (ns_parserr(&handle, ns_s_an, rrnum++, &rr) == 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	670 if (ns_rr_type(rr) == ns_t_a) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	671 int address;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	672 memcpy(&address, ns_rr_rdata(rr), sizeof(address));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	673 ret_address = address;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	674 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	675 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	676 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	677 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	678 pthread_mutex_unlock(&resolve_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	679 return ret_address;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	680 #else
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	681 return glom.answer;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	682 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	683 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	684
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	685
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	686 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	687 // check a single dnsbl
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	688 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	689 bool check_single(mlfiPriv &priv, int ip, char *suffix);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	690 bool check_single(mlfiPriv &priv, int ip, char *suffix) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	691 // make a dns question
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	692 const u_char src = (const u_char )&ip;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	693 if (src[0] == 127) return false; // don't do dns lookups on localhost
126 05ae49d37896 don't do dnsbl lookups on rfc1918 address space carl parents: 124 diff changeset	694 if (src[0] == 10) return false; // don't do dns lookups on rfc1918 space
05ae49d37896 don't do dnsbl lookups on rfc1918 address space carl parents: 124 diff changeset	695 if ((src[0] == 192) && (src[1] == 168)) return false;
05ae49d37896 don't do dnsbl lookups on rfc1918 address space carl parents: 124 diff changeset	696 if ((src[0] == 172) && (16 <= src[1]) && (src[1] <= 31)) return false;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	697 #ifdef NS_MAXDNAME
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	698 char question[NS_MAXDNAME];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	699 #else
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	700 char question[1000];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	701 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	702 snprintf(question, sizeof(question), "%u.%u.%u.%u.%s.", src[3], src[2], src[1], src[0], suffix);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	703 // ask the question, if we get an A record it implies a blacklisted ip address
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	704 return dns_interface(priv, question, false, NULL);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	705 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	706
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	707
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	708 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	709 // check a single dnsbl
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	710 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	711 bool check_single(mlfiPriv &priv, int ip, DNSBL &bl);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	712 bool check_single(mlfiPriv &priv, int ip, DNSBL &bl) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	713 return check_single(priv, ip, bl.suffix);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	714 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	715
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	716
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	717 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	718 // check the dnsbls specified for this recipient
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	719 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	720 bool check_dnsbl(mlfiPriv &priv, dnsblp_list &dnsbll, DNSBLP &rejectlist);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	721 bool check_dnsbl(mlfiPriv &priv, dnsblp_list &dnsbll, DNSBLP &rejectlist) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	722 for (dnsblp_list::iterator i=dnsbll.begin(); i!=dnsbll.end(); i++) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	723 DNSBLP dp = *i; // non null by construction
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	724 bool st;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	725 map<DNSBLP, bool>::iterator f = priv.checked.find(dp);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	726 if (f == priv.checked.end()) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	727 // have not checked this list yet
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	728 st = check_single(priv, priv.ip, *dp);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	729 rejectlist = dp;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	730 priv.checked[dp] = st;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	731 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	732 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	733 st = (*f).second;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	734 rejectlist = (*f).first;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	735 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	736 if (st) return st;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	737 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	738 return false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	739 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	740
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	741
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	742 ////////////////////////////////////////////////
134 f9917ce924a3 all dns lookups fully qualified, my_read() bug fix carl parents: 132 diff changeset	743 // lookup the domain name part of a hostname on the uribl
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	744 //
124 ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	745 // if we find part of the hostname on the uribl, return
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	746 // true and point found to the part of the hostname that we found
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	747 // as a string registered in hosts.
124 ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	748 // otherwise, return false and preserve the value of found.
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	749 //
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	750 bool uriblookup(mlfiPriv &priv, string_set &hosts, char hostname, char top, char *&found) ;
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	751 bool uriblookup(mlfiPriv &priv, string_set &hosts, char hostname, char top, char *&found) {
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	752 // top is pointer to '.' char at end of base domain, or null for ip address form
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	753 // so for hostname of www.fred.mydomain.co.uk
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	754 // top points to-----------------------^
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	755 // and we end up looking at only mydomain.co.uk, ignoring the www.fred stuff
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	756 char buf[maxlen];
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	757 if (top) {
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	758 // add one more component
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	759 *top = '\0';
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	760 char *x = strrchr(hostname, '.');
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	761 if (x) hostname = x+1;
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	762 *top = '.';
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	763 }
131 df355d117199 uribl lookups fully qualified; allow two component host names carl parents: 129 diff changeset	764 snprintf(buf, sizeof(buf), "%s.%s.", hostname, priv.uribl_suffix);
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	765 if (dns_interface(priv, buf, false, NULL)) {
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	766 if (debug_syslog > 2) {
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	767 char tmp[maxlen];
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	768 snprintf(tmp, sizeof(tmp), "found %s on %s", hostname, priv.uribl_suffix);
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	769 my_syslog(tmp);
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	770 }
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	771 found = register_string(hosts, hostname);
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	772 return true;
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	773 }
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	774 return false;
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	775 }
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	776
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	777
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	778 ////////////////////////////////////////////////
124 ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	779 // uribl checker
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	780 // -------------
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	781 // hostname MUST not have a trailing dot
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	782 // If tld, two level lookup.
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	783 // Else, look up three level domain.
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	784 //
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	785 // if we find part of the hostname on the uribl, return
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	786 // true and point found to the part of the hostname that we found
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	787 // as a string registered in hosts.
124 ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	788 // otherwise, return false and preserve the value of found.
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	789 //
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	790 bool check_uribl(mlfiPriv &priv, string_set &hosts, char hostname, char &found) ;
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	791 bool check_uribl(mlfiPriv &priv, string_set &hosts, char hostname, char &found) {
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	792 in_addr ip;
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	793 if (inet_aton(hostname, &ip)) {
120 1d9e6c1b8872 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 119 diff changeset	794 const u_char src = (const u_char )&ip.s_addr;
128 9ab51896447f don't do uribl lookups on rfc1918 address space carl parents: 127 diff changeset	795 if (src[0] == 127) return false; // don't do dns lookups on localhost
9ab51896447f don't do uribl lookups on rfc1918 address space carl parents: 127 diff changeset	796 if (src[0] == 10) return false; // don't do dns lookups on rfc1918 space
9ab51896447f don't do uribl lookups on rfc1918 address space carl parents: 127 diff changeset	797 if ((src[0] == 192) && (src[1] == 168)) return false;
9ab51896447f don't do uribl lookups on rfc1918 address space carl parents: 127 diff changeset	798 if ((src[0] == 172) && (16 <= src[1]) && (src[1] <= 31)) return false;
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	799 char adr[sizeof "255.255.255.255 "];
120 1d9e6c1b8872 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 119 diff changeset	800 snprintf(adr, sizeof(adr), "%u.%u.%u.%u", src[3], src[2], src[1], src[0]);
179 8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	801 // cannot use inet_ntop here since we want the octets reversed.
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	802 return (uriblookup(priv, hosts, adr, NULL, found));
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	803 }
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	804
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	805 char top, top2, *top3;
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	806 top = strrchr(hostname, '.');
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	807 if (top) {
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	808 *top = '\0';
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	809 top2 = strrchr(hostname, '.');
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	810 *top = '.';
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	811
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	812 if (top2) {
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	813 string_set::iterator i = priv.memory->get_cctlds()->find(top2+1);
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	814 string_set::iterator x = priv.memory->get_cctlds()->end();
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	815 // if we have a 2-level-cctld, just look at top three levels of the name
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	816 if (i != x) return uriblookup(priv, hosts, hostname, top2, found);
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	817
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	818 *top2 = '\0';
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	819 top3 = strrchr(hostname, '.');
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	820 *top2 = '.';
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	821
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	822 // if we have more than 3 levels in the name, look at the top three levels of the name
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	823 if (top3 && uriblookup(priv, hosts, hostname, top2, found)) return true;
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	824 // if that was not found, fall thru to looking at the top two levels
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	825 }
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	826 // look at the top two levels of the name
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	827 return uriblookup(priv, hosts, hostname, top, found);
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	828 }
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	829 return false;
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	830 }
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	831
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	832
aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	833 ////////////////////////////////////////////////
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	834 // check the hosts from the body against the content filter and uribl dnsbls
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	835 //
124 ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	836 //
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	837 bool check_hosts(mlfiPriv &priv, bool random, int limit, char &msg, char &host, int &ip, char *&found);
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	838 bool check_hosts(mlfiPriv &priv, bool random, int limit, char &msg, char &host, int &ip, char *&found) {
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	839 found = NULL; // normally ip address style
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	840 if (!priv.content_suffix && !priv.uribl_suffix) return false; // nothing to check
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	841 CONFIG &dc = *priv.pc;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	842 string_set &hosts = priv.memory->get_hosts();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	843 string_set &ignore = *priv.content_host_ignore;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	844
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	845 int count = 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	846 int cnt = hosts.size(); // number of hosts we could look at
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	847 int_set ips;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	848 ns_map nameservers;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	849 for (string_set::iterator i=hosts.begin(); i!=hosts.end(); i++) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	850 host = *i; // a reference into hosts, which will live until this smtp transaction is closed
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	851
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	852 // don't bother looking up hosts on the ignore list
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	853 string_set::iterator j = ignore.find(host);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	854 if (j != ignore.end()) continue;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	855
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	856 // try to only look at limit/cnt fraction of the available cnt host names in random mode
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	857 if ((cnt > limit) && (limit > 0) && random) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	858 int r = rand() % cnt;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	859 if (r >= limit) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	860 if (debug_syslog > 2) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	861 char buf[maxlen];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	862 snprintf(buf, sizeof(buf), "host %s skipped", host);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	863 my_syslog(&priv, buf);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	864 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	865 continue;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	866 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	867 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	868 count++;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	869 ip = dns_interface(priv, host, true, &nameservers);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	870 if (debug_syslog > 2) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	871 char buf[maxlen];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	872 if (ip) {
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	873 char adr[sizeof "255.255.255.255 "];
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	874 adr[0] = '\0';
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	875 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	876 snprintf(buf, sizeof(buf), "host %s found at %s", host, adr);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	877 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	878 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	879 snprintf(buf, sizeof(buf), "host %s not found", host);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	880 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	881 my_syslog(&priv, buf);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	882 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	883 if (ip) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	884 int_set::iterator i = ips.find(ip);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	885 if (i == ips.end()) {
117 aa07452e641b uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 115 diff changeset	886 // we haven't looked this up yet
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	887 ips.insert(ip);
124 ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	888 // check dnsbl style list
ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	889 if (priv.content_suffix && check_single(priv, ip, priv.content_suffix)) {
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	890 msg = priv.content_message;
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	891 return true;
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	892 }
124 ea6f9c812faa put hostname in smtp message for uribl style lookups carl parents: 123 diff changeset	893 // Check uribl & surbl style list
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	894 if (priv.uribl_suffix && check_uribl(priv, hosts, host, found)) {
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	895 msg = priv.uribl_message;
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	896 return true;
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	897 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	898 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	899 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	900 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	901 limit *= 4; // allow average of 3 ns per host name
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	902 for (ns_mapper::iterator i=nameservers.ns_ip.begin(); i!=nameservers.ns_ip.end(); i++) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	903 count++;
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	904 if ((count > limit) && (limit > 0)) return false; // too many name servers to check them all
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	905 host = (*i).first; // a transient reference that needs to be replaced before we return it
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	906 ip = (*i).second;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	907 if (!ip) ip = dns_interface(priv, host, false, NULL);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	908 if (debug_syslog > 2) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	909 char buf[maxlen];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	910 if (ip) {
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	911 char adr[sizeof "255.255.255.255 "];
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	912 adr[0] = '\0';
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	913 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	914 snprintf(buf, sizeof(buf), "ns %s found at %s", host, adr);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	915 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	916 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	917 snprintf(buf, sizeof(buf), "ns %s not found", host);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	918 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	919 my_syslog(&priv, buf);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	920 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	921 if (ip) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	922 int_set::iterator i = ips.find(ip);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	923 if (i == ips.end()) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	924 ips.insert(ip);
119 d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	925 if (check_single(priv, ip, priv.content_suffix)) {
d9d2f8699621 uribl patch from Jeff Evans <jeffe@tricab.com> carl parents: 117 diff changeset	926 msg = priv.content_message;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	927 string_map::iterator j = nameservers.ns_host.find(host);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	928 if (j != nameservers.ns_host.end()) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	929 char refer = (j).second;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	930 char buf[maxlen];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	931 snprintf(buf, sizeof(buf), "%s with nameserver %s", refer, host);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	932 host = register_string(hosts, buf); // put a copy into hosts, and return that reference
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	933 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	934 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	935 host = register_string(hosts, host); // put a copy into hosts, and return that reference
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	936 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	937 return true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	938 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	939 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	940 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	941 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	942 return false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	943 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	944
127 2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	945
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	946 ////////////////////////////////////////////////
127 2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	947 //
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	948 // this email address is passed in from sendmail, and will normally be
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	949 // enclosed in <>. I think older versions of sendmail supplied the <>
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	950 // wrapper if the mail client did not, but the current version does not do
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	951 // that. So the <> wrapper is now optional. It may have mixed case, just
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	952 // as the mail client sent it. We dup the string and convert the duplicate
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	953 // to lower case.
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	954 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	955 char to_lower_string(char email);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	956 char to_lower_string(char email) {
127 2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	957 int n = strlen(email);
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	958 if (*email == '<') {
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	959 // assume it also ends with >
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	960 n -= 2;
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	961 if (n < 1) return strdup(email); // return "<>"
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	962 email++;
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	963 }
2b1a4701e856 sendmail no longer guarantees <> wrapper on envelopes carl parents: 126 diff changeset	964 char *key = strdup(email);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	965 key[n] = '\0';
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	966 for (int i=0; i<n; i++) key[i] = tolower(key[i]);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	967 return key;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	968 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	969
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	970
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	971 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	972 // start of sendmail milter interfaces
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	973 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	974 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	975 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	976 // allocate some private memory
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	977 mlfiPriv *priv = new mlfiPriv;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	978 if (hostaddr->sa_family == AF_INET) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	979 priv->ip = ((struct sockaddr_in *)hostaddr)->sin_addr.s_addr;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	980 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	981 // save the private data
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	982 smfi_setpriv(ctx, (void*)priv);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	983
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	984 // continue processing
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	985 return SMFIS_CONTINUE;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	986 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	987
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	988 sfsistat mlfi_helo(SMFICTX * ctx, char *helohost)
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	989 {
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	990 mlfiPriv &priv = *MLFIPRIV;
186 2a80c9b5d2c9 fix null pointer dereference from missing HELO command carl parents: 185 diff changeset	991 priv.helo = (helohost) ? strdup(helohost) : strdup("missing");
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	992 return SMFIS_CONTINUE;
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	993 }
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	994
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	995 sfsistat mlfi_envfrom(SMFICTX ctx, char *from)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	996 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	997 mlfiPriv &priv = *MLFIPRIV;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	998 priv.mailaddr = to_lower_string(from[0]);
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	999 priv.queueid = strdup(smfi_getsymval(ctx, "i"));
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1000 priv.authenticated = smfi_getsymval(ctx, "{auth_authen}");
168 6bac960af6b4 add generic reverse dns filtering regex carl parents: 167 diff changeset	1001 priv.client_name = smfi_getsymval(ctx, "_");
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1002 if (priv.authenticated) priv.authenticated = strdup(priv.authenticated);
168 6bac960af6b4 add generic reverse dns filtering regex carl parents: 167 diff changeset	1003 if (priv.client_name) priv.client_name = strdup(priv.client_name);
167 9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1004 if (spamc != spamc_empty) {
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1005 priv.assassin = new SpamAssassin(&priv, priv.ip, priv.helo, priv.mailaddr, priv.queueid);
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1006 }
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1007 if (dccifd_port) {
179 8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1008 priv.dccifd = new DccInterface(dccifd_port, &priv, priv.ip, priv.helo, priv.mailaddr);
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1009 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1010 return SMFIS_CONTINUE;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1011 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1012
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1013 sfsistat mlfi_envrcpt(SMFICTX ctx, char *rcpt)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1014 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1015 DNSBLP rejectlist = NULL; // list that caused the reject
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1016 mlfiPriv &priv = *MLFIPRIV;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1017 CONFIG &dc = *priv.pc;
152 c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1018 char *rcptaddr = rcpt[0];
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1019 char *loto = to_lower_string(rcptaddr);
174 da0c41b9f672 don't whitelist addresses with embedded spaces carl parents: 173 diff changeset	1020
da0c41b9f672 don't whitelist addresses with embedded spaces carl parents: 173 diff changeset	1021 // some version of sendmail allowed rcpt to:<> and passed it thru to the milters
da0c41b9f672 don't whitelist addresses with embedded spaces carl parents: 173 diff changeset	1022 if (strcmp(loto, "<>") == 0) {
da0c41b9f672 don't whitelist addresses with embedded spaces carl parents: 173 diff changeset	1023 smfi_setreply(ctx, "550", "5.7.1", "bogus recipient");
da0c41b9f672 don't whitelist addresses with embedded spaces carl parents: 173 diff changeset	1024 return SMFIS_REJECT;
da0c41b9f672 don't whitelist addresses with embedded spaces carl parents: 173 diff changeset	1025 }
152 c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1026 // priv.mailaddr sending original message to loto
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1027 CONTEXT &con = *(dc.find_context(loto)->find_context(priv.mailaddr));
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1028 VERIFYP ver = con.find_verify(loto);
173 83fe0be032c1 fix leak, update timestamps when receiving auto-whitelisted sender carl parents: 172 diff changeset	1029 char *fromvalue = con.find_from(priv.mailaddr, true);
179 8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1030 // tell spam assassin and dccifd about this recipient
8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1031 if (priv.assassin) priv.assassin->mlfi_envrcpt(ctx, loto);
182 2b06183b9b25 embedded dcc filtering carl parents: 181 diff changeset	1032 if (priv.dccifd) priv.dccifd->mlfi_envrcpt(ctx, loto, con.get_grey() && !priv.authenticated);
152 c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1033 // loto sending a reply back to priv.mailaddr
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1034 CONTEXT &con2 = *(dc.find_context(priv.mailaddr)->find_context(loto));
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1035 char *replyvalue = con2.find_from(loto);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1036 if (debug_syslog > 1) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1037 char buf[maxlen];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1038 char msg[maxlen];
156 a220bfb9211f add auto whitelisting carl parents: 154 diff changeset	1039 snprintf(msg, sizeof(msg), "from <%s> to <%s> using context %s state %s reply state %s", priv.mailaddr, loto, con.get_full_name(buf,maxlen), fromvalue, replyvalue);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1040 my_syslog(&priv, msg);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1041 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1042 free(loto);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1043 status st;
152 c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1044 if (replyvalue == token_black) {
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1045 smfi_setreply(ctx, "550", "5.7.1", "recipient can not reply due to blacklisting");
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1046 return SMFIS_REJECT;
c7fc218686f5 gpl3, block mail to recipients that cannot reply carl parents: 150 diff changeset	1047 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1048 if (priv.authenticated) {
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1049 int c = incr_rcpt_count(priv.authenticated);
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1050 int l = dc.default_context->find_rate(priv.authenticated);
142 b82e00146672 always log smth auth rate counts carl parents: 140 diff changeset	1051 if (debug_syslog > 1) {
b82e00146672 always log smth auth rate counts carl parents: 140 diff changeset	1052 char buf[maxlen];
b82e00146672 always log smth auth rate counts carl parents: 140 diff changeset	1053 char msg[maxlen];
b82e00146672 always log smth auth rate counts carl parents: 140 diff changeset	1054 snprintf(msg, sizeof(msg), "authenticated id %s (%d recipients, %d limit)", priv.authenticated, c, l);
b82e00146672 always log smth auth rate counts carl parents: 140 diff changeset	1055 my_syslog(&priv, msg);
b82e00146672 always log smth auth rate counts carl parents: 140 diff changeset	1056 }
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1057 if (c > l) {
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1058 smfi_setreply(ctx, "550", "5.7.1", "recipient rate limit exceeded");
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1059 return SMFIS_REJECT;
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1060 }
142 b82e00146672 always log smth auth rate counts carl parents: 140 diff changeset	1061 st = white;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1062 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1063 else if (fromvalue == token_black) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1064 st = black;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1065 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1066 else if (fromvalue == token_white) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1067 st = white;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1068 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1069 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1070 // check the dns based lists
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1071 st = (check_dnsbl(priv, con.get_dnsbl_list(), rejectlist)) ? reject : oksofar;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1072 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1073 if (st == reject) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1074 // reject the recipient based on some dnsbl
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1075 char adr[sizeof "255.255.255.255 "];
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1076 adr[0] = '\0';
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1077 inet_ntop(AF_INET, (const u_char *)&priv.ip, adr, sizeof(adr));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1078 char buf[maxlen];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1079 snprintf(buf, sizeof(buf), rejectlist->message, adr, adr);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1080 smfi_setreply(ctx, "550", "5.7.1", buf);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1081 return SMFIS_REJECT;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1082 }
172 d3189495ec68 don't do generic rdns filtering on whitelisted recipients carl parents: 168 diff changeset	1083 if (st == oksofar) {
d3189495ec68 don't do generic rdns filtering on whitelisted recipients carl parents: 168 diff changeset	1084 char *msg = con.generic_match(priv.client_name);
d3189495ec68 don't do generic rdns filtering on whitelisted recipients carl parents: 168 diff changeset	1085 if (msg) {
d3189495ec68 don't do generic rdns filtering on whitelisted recipients carl parents: 168 diff changeset	1086 // reject the recipient based on generic reverse dns
d3189495ec68 don't do generic rdns filtering on whitelisted recipients carl parents: 168 diff changeset	1087 char buf[maxlen];
d3189495ec68 don't do generic rdns filtering on whitelisted recipients carl parents: 168 diff changeset	1088 snprintf(buf, sizeof(buf), msg, priv.client_name);
d3189495ec68 don't do generic rdns filtering on whitelisted recipients carl parents: 168 diff changeset	1089 smfi_setreply(ctx, "550", "5.7.1", buf);
d3189495ec68 don't do generic rdns filtering on whitelisted recipients carl parents: 168 diff changeset	1090 return SMFIS_REJECT;
d3189495ec68 don't do generic rdns filtering on whitelisted recipients carl parents: 168 diff changeset	1091 }
168 6bac960af6b4 add generic reverse dns filtering regex carl parents: 167 diff changeset	1092 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1093 if (st == black) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1094 // reject the recipient based on blacklisting either from or to
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1095 smfi_setreply(ctx, "550", "5.7.1", "no such user");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1096 return SMFIS_REJECT;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1097 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1098 if (ver && (st != white)) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1099 // try to verify this from/to pair of addresses since it is not explicitly whitelisted
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1100 char *loto = to_lower_string(rcptaddr);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1101 bool rc = ver->ok(priv.mailaddr, loto);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1102 free(loto);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1103 if (!rc) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1104 smfi_setreply(ctx, "550", "5.7.1", "no such user");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1105 return SMFIS_REJECT;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1106 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1107 }
153 8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1108 // we will accept the recipient, but add an auto-whitelist entry
8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1109 // if needed to ensure we can accept replies
162 c4bce911c276 don't add auto whitelist for A to A carl parents: 159 diff changeset	1110 loto = to_lower_string(rcptaddr);
c4bce911c276 don't add auto whitelist for A to A carl parents: 159 diff changeset	1111 WHITELISTERP w = con2.find_autowhite(loto, priv.mailaddr);
153 8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1112 if (w) {
156 a220bfb9211f add auto whitelisting carl parents: 154 diff changeset	1113 if (debug_syslog > 1) {
a220bfb9211f add auto whitelisting carl parents: 154 diff changeset	1114 char buf[maxlen];
a220bfb9211f add auto whitelisting carl parents: 154 diff changeset	1115 char msg[maxlen];
159 ea7c57a4a2d1 add auto whitelisting carl parents: 156 diff changeset	1116 snprintf(msg, sizeof(msg), "whitelist reply from <%s> in context %s", loto, con2.get_full_name(buf,maxlen));
156 a220bfb9211f add auto whitelisting carl parents: 154 diff changeset	1117 my_syslog(&priv, msg);
a220bfb9211f add auto whitelisting carl parents: 154 diff changeset	1118 }
154 89ce226e5383 add auto whitelisting carl parents: 153 diff changeset	1119 w->sent(loto); // don't free it, the whitelister takes ownership of the string
153 8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1120 }
162 c4bce911c276 don't add auto whitelist for A to A carl parents: 159 diff changeset	1121 else {
c4bce911c276 don't add auto whitelist for A to A carl parents: 159 diff changeset	1122 free(loto);
c4bce911c276 don't add auto whitelist for A to A carl parents: 159 diff changeset	1123 }
179 8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1124
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1125 // accept the recipient
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1126 if (!con.get_content_filtering()) st = white;
179 8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1127
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1128 if (st == oksofar) {
179 8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1129 // remember first content filtering context
8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1130 if (con.get_content_filtering()) {
8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1131 if (!priv.content_context) priv.content_context = &con;
8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1132 else if (con.get_require() && (priv.content_context != &con)) {
8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1133 smfi_setreply(ctx, "452", "4.2.1", "incompatible filtering contexts");
8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1134 return SMFIS_TEMPFAIL;
8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1135 }
8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1136 }
8b86a894514d embedded dcc filtering carl parents: 178 diff changeset	1137 // remember the non-whites
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1138 priv.need_content_filter(rcptaddr, con);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1139 priv.only_whites = false;
167 9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1140 priv.want_spamassassin \|= (priv.assassin) && // have spam assassin available and
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1141 (con.get_spamassassin_limit() != 0); // want to use it with a non-zero score
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1142 priv.want_dccgrey \|= (priv.dccifd) && // have dcc interface and
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1143 (con.get_grey()); // want to use it for greylisting
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1144 priv.want_dccbulk \|= (priv.dccifd) && // have dcc interface and
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1145 (con.get_bulk() != 0); // want to use it for bulk detection
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1146 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1147 if (st == white) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1148 priv.have_whites = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1149 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1150 return SMFIS_CONTINUE;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1151 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1152
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1153 sfsistat mlfi_header(SMFICTX* ctx, char* headerf, char* headerv)
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1154 {
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1155 mlfiPriv &priv = *MLFIPRIV;
167 9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1156 if (priv.authenticated) return SMFIS_CONTINUE;
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1157 if (priv.only_whites) return SMFIS_CONTINUE;
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1158 if (priv.want_spamassassin) priv.assassin->mlfi_header(headerf, headerv);
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1159 if (priv.want_dccgrey \|\| priv.want_dccbulk) priv.dccifd->mlfi_header(ctx, headerf, headerv);
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1160 return SMFIS_CONTINUE;
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1161 }
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1162
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1163 sfsistat mlfi_eoh(SMFICTX* ctx)
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1164 {
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1165 mlfiPriv &priv = *MLFIPRIV;
167 9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1166 if (priv.authenticated) return SMFIS_CONTINUE;
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1167 if (priv.only_whites) return SMFIS_CONTINUE;
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1168 if (priv.want_spamassassin) priv.assassin->mlfi_eoh();
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1169 if (priv.want_dccgrey \|\| priv.want_dccbulk) priv.dccifd->mlfi_eoh();
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1170 return SMFIS_CONTINUE;
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1171 }
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1172
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1173 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1174 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1175 mlfiPriv &priv = *MLFIPRIV;
167 9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1176 if (priv.authenticated) return SMFIS_CONTINUE;
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1177 if (priv.only_whites) return SMFIS_CONTINUE;
9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1178 if (priv.want_spamassassin) priv.assassin->mlfi_body(data, len);
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1179 if (priv.want_dccgrey \|\| priv.want_dccbulk) priv.dccifd->mlfi_body(data, len);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1180 priv.scanner->scan(data, len);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1181 return SMFIS_CONTINUE;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1182 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1183
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1184 sfsistat mlfi_eom(SMFICTX *ctx)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1185 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1186 sfsistat rc;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1187 mlfiPriv &priv = *MLFIPRIV;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1188 CONFIG &dc = *priv.pc;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1189 char *host = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1190 int ip;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1191 status st;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1192 // process end of message
190 004b855c6c1f fix null pointer dereference from missing HELO command carl parents: 188 diff changeset	1193 priv.eom = true;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1194 if (priv.authenticated \|\| priv.only_whites) rc = SMFIS_CONTINUE;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1195 else {
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1196 // assert env_to not empty, it contains the
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1197 // non-whitelisted folks that want content filtering
167 9b129ed78d7d actually use spamassassin result, allow build without spam assassin, only call it if some recipient needs it. carl parents: 165 diff changeset	1198 int score = (priv.want_spamassassin) ? priv.assassin->mlfi_eom() : 0;
181 cb5c0d7ec451 embedded dcc filtering carl parents: 179 diff changeset	1199 bool grey = false;
cb5c0d7ec451 embedded dcc filtering carl parents: 179 diff changeset	1200 int bulk = 0;
cb5c0d7ec451 embedded dcc filtering carl parents: 179 diff changeset	1201 if (priv.want_dccgrey \|\| priv.want_dccbulk) priv.dccifd->mlfi_eom(grey, bulk);
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1202
185 505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1203 char buf[maxlen];
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1204 string msg;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1205 string_set alive;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1206 bool random = false;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1207 int limit = 0;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1208 for (context_map::iterator i=priv.env_to.begin(); i!=priv.env_to.end(); i++) {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1209 char rcpt = (i).first;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1210 CONTEXT &con = ((i).second);
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1211 if (!con.acceptable_content(*priv.memory, score, bulk, msg)) {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1212 // bad html tags or excessive hosts or
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1213 // high spam assassin score or dcc bulk threshold exceedeed
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1214 smfi_delrcpt(ctx, rcpt);
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1215 }
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1216 else {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1217 alive.insert(rcpt);
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1218 random \|= con.get_host_random();
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1219 limit = max(limit, con.get_host_limit());
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1220 }
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1221 }
185 505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1222 bool rejecting = alive.empty(); // if alive is empty, we must have set msg above in acceptable_content()
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1223 if (!rejecting) {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1224 char fmt, found;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1225 if (check_hosts(priv, random, limit, fmt, host, ip, found)) {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1226 if (found) {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1227 // uribl style
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1228 snprintf(buf, sizeof(buf), fmt, host, found);
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1229 }
d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1230 else {
185 505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1231 // dnsbl style
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1232 char adr[sizeof "255.255.255.255 "];
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1233 adr[0] = '\0';
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1234 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1235 snprintf(buf, sizeof(buf), fmt, host, adr);
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1236 }
185 505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1237 msg = string(buf);
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1238 rejecting = true;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1239 }
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1240 }
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1241 if (!rejecting) {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1242 if (priv.want_dccgrey && grey) {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1243 smfi_setreply(ctx, "452", "4.2.1", "temporary greylist embargoed");
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1244 rc = SMFIS_TEMPFAIL;
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1245 }
185 505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1246 else rc = SMFIS_CONTINUE;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1247 }
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1248 else if (!priv.have_whites) {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1249 // can reject the entire message
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1250 snprintf(buf, sizeof(buf), "%s", msg.c_str());
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1251 smfi_setreply(ctx, "550", "5.7.1", buf);
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1252 rc = SMFIS_REJECT;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1253 }
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1254 else {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1255 // need to accept it but remove the recipients that don't want it
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1256 for (string_set::iterator i=alive.begin(); i!=alive.end(); i++) {
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1257 char rcpt = i;
505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1258 smfi_delrcpt(ctx, rcpt);
178 d6531c702be3 embedded dcc filtering carl parents: 177 diff changeset	1259 }
185 505283ab296c smtp rejections take precendence over greylisting carl parents: 182 diff changeset	1260 rc = SMFIS_CONTINUE;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1261 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1262 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1263 // reset for a new message on the same connection
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1264 mlfi_abort(ctx);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1265 return rc;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1266 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1267
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1268 sfsistat mlfi_abort(SMFICTX *ctx)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1269 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1270 mlfiPriv &priv = *MLFIPRIV;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1271 priv.reset();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1272 return SMFIS_CONTINUE;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1273 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1274
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1275 sfsistat mlfi_close(SMFICTX *ctx)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1276 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1277 mlfiPriv *priv = MLFIPRIV;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1278 if (!priv) return SMFIS_CONTINUE;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1279 delete priv;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1280 smfi_setpriv(ctx, NULL);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1281 return SMFIS_CONTINUE;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1282 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1283
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1284 struct smfiDesc smfilter =
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1285 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1286 "DNSBL", // filter name
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1287 SMFI_VERSION, // version code -- do not change
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1288 SMFIF_DELRCPT, // flags
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1289 mlfi_connect, // connection info filter
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1290 mlfi_helo, // SMTP HELO command filter
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1291 mlfi_envfrom, // envelope sender filter
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1292 mlfi_envrcpt, // envelope recipient filter
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1293 mlfi_header, // header filter
97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1294 mlfi_eoh, // end of header
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1295 mlfi_body, // body block filter
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1296 mlfi_eom, // end of message
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1297 mlfi_abort, // message aborted
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1298 mlfi_close, // connection cleanup
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1299 };
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1300
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1301
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1302 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1303 // reload the config
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1304 //
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1305 CONFIG* new_conf();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1306 CONFIG* new_conf() {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1307 CONFIG *newc = new CONFIG;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1308 pthread_mutex_lock(&config_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1309 newc->generation = generation++;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1310 pthread_mutex_unlock(&config_mutex);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1311 if (debug_syslog) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1312 char buf[maxlen];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1313 snprintf(buf, sizeof(buf), "loading configuration generation %d", newc->generation);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1314 my_syslog(buf);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1315 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1316 if (load_conf(*newc, "dnsbl.conf")) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1317 newc->load_time = time(NULL);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1318 return newc;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1319 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1320 delete newc;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1321 return NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1322 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1323
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1324
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1325 ////////////////////////////////////////////////
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1326 // thread to watch the old config files for changes
146 7278c9766e26 free old configs when last reference goes away carl parents: 143 diff changeset	1327 // and reload when needed.
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1328 // we also clear the SMTP AUTH recipient counts hourly
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1329 //
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1330 extern "C" {void* config_loader(void *arg);}
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1331 void* config_loader(void *arg) {
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1332 int loop = 0;
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1333 while (loader_run) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1334 sleep(180); // look for modifications every 3 minutes
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1335 if (!loader_run) break;
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1336 loop++;
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1337 if (loop == 20) {
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1338 // three minutes thru each loop, 20 loops per hour
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1339 // clear the recipient counts
f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1340 pthread_mutex_lock(&rate_mutex);
138 9d0bc30b4576 add smtp auth rate limits carl parents: 137 diff changeset	1341 for (rcpt_rates::iterator i=rcpt_counts.begin(); i!=rcpt_counts.end(); i++) {
140 4028de9b46dd cleanup smtp rate limit code carl parents: 139 diff changeset	1342 (*i).second = 0;
138 9d0bc30b4576 add smtp auth rate limits carl parents: 137 diff changeset	1343 }
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1344 pthread_mutex_unlock(&rate_mutex);
137 a6190f7798f4 add smtp auth rate limits carl parents: 136 diff changeset	1345 loop = 0;
136 f4746d8a12a3 add smtp auth rate limits carl parents: 134 diff changeset	1346 }
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1347 CONFIG &dc = *config;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1348 time_t then = dc.load_time;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1349 struct stat st;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1350 bool reload = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1351 for (string_set::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1352 char fn = i;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1353 if (stat(fn, &st)) reload = true; // file disappeared
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1354 else if (st.st_mtime > then) reload = true; // file modified
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1355 if (reload) break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1356 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1357 if (reload) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1358 CONFIG *newc = new_conf();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1359 if (newc) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1360 // replace the global config pointer
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1361 pthread_mutex_lock(&config_mutex);
146 7278c9766e26 free old configs when last reference goes away carl parents: 143 diff changeset	1362 CONFIG *pc = config;
7278c9766e26 free old configs when last reference goes away carl parents: 143 diff changeset	1363 bool last = pc && (!pc->reference_count);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1364 config = newc;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1365 pthread_mutex_unlock(&config_mutex);
163 97d7da45fe2a spamassassin changes carl parents: 162 diff changeset	1366 if (last) delete pc; // there were no references to this config
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1367 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1368 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1369 // failed to load new config
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1370 my_syslog("failed to load new configuration");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1371 system("echo 'failed to load new dnsbl configuration from /etc/dnsbl' \| mail -s 'error in /etc/dnsbl configuration' root");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1372 // update the load time on the current config to prevent complaining every 3 minutes
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1373 dc.load_time = time(NULL);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1374 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1375 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1376 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1377 return NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1378 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1379
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1380
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1381 void usage(char *prog);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1382 void usage(char *prog)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1383 {
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1384 fprintf(stderr, "Usage: %s [-d [level]] [-c] [-s] [-e from\|to] [-b dccifd-addr] -r port -p sm-sock-addr [-t timeout]\n", prog);
a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1385 fprintf(stderr, "where dccifd_addr is for the connection to dccifd\n");
a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1386 fprintf(stderr, " and should be local-domain-socket-file-name\n");
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1387 fprintf(stderr, "where port is for the connection to our own dns resolver processes\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1388 fprintf(stderr, " and should be local-domain-socket-file-name\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1389 fprintf(stderr, "where sm-sock-addr is for the connection to sendmail\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1390 fprintf(stderr, " and should be one of\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1391 fprintf(stderr, " inet:port@ip-address\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1392 fprintf(stderr, " local:local-domain-socket-file-name\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1393 fprintf(stderr, "-c will load and dump the config to stdout\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1394 fprintf(stderr, "-s will stress test the config loading code by repeating the load/free cycle\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1395 fprintf(stderr, " in an infinte loop.\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1396 fprintf(stderr, "-d will set the syslog message level, currently 0 to 3\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1397 fprintf(stderr, "-e will print the results of looking up the from and to addresses in the\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1398 fprintf(stderr, " current config. The \| character is used to separate the from and to\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1399 fprintf(stderr, " addresses in the argument to the -e switch\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1400 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1401
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1402
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1403
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1404 void setup_socket(char *sock);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1405 void setup_socket(char *sock) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1406 unlink(sock);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1407 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1408
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1409
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1410 /*
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1411 * The signal handler function -- only gets called when a SIGCHLD
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1412 * is received, ie when a child terminates
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1413 */
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1414 void sig_chld(int signo)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1415 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1416 int status;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1417 /* Wait for any child without blocking */
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1418 while (waitpid(-1, &status, WNOHANG) > 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1419 // ignore child exit status, we only do this to cleanup zombies
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1420 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1421 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1422
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1423
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1424 int main(int argc, char**argv)
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1425 {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1426 token_init();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1427 bool check = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1428 bool stress = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1429 bool setconn = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1430 bool setreso = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1431 char *email = NULL;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1432 int c;
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1433 const char *args = "b:r:p:t:e:d:chs";
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1434 extern char *optarg;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1435
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1436 // Process command line options
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1437 while ((c = getopt(argc, argv, args)) != -1) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1438 switch (c) {
177 a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1439 case 'b':
a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1440 if (optarg == NULL \|\| *optarg == '\0') {
a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1441 fprintf(stderr, "Illegal dccifd socket: %s\n", optarg);
a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1442 exit(EX_USAGE);
a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1443 }
a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1444 dccifd_port = strdup(optarg);
a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1445 break;
a4d313c2460b start embedded dcc filtering carl parents: 174 diff changeset	1446
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1447 case 'r':
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1448 if (optarg == NULL \|\| *optarg == '\0') {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1449 fprintf(stderr, "Illegal resolver socket: %s\n", optarg);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1450 exit(EX_USAGE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1451 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1452 resolver_port = strdup(optarg);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1453 setup_socket(resolver_port);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1454 setreso = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1455 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1456
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1457 case 'p':
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1458 if (optarg == NULL \|\| *optarg == '\0') {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1459 fprintf(stderr, "Illegal sendmail socket: %s\n", optarg);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1460 exit(EX_USAGE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1461 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1462 if (smfi_setconn(optarg) == MI_FAILURE) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1463 fprintf(stderr, "smfi_setconn failed\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1464 exit(EX_SOFTWARE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1465 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1466 if (strncasecmp(optarg, "unix:", 5) == 0) setup_socket(optarg + 5);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1467 else if (strncasecmp(optarg, "local:", 6) == 0) setup_socket(optarg + 6);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1468 setconn = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1469 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1470
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1471 case 't':
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1472 if (optarg == NULL \|\| *optarg == '\0') {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1473 fprintf(stderr, "Illegal timeout: %s\n", optarg);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1474 exit(EX_USAGE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1475 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1476 if (smfi_settimeout(atoi(optarg)) == MI_FAILURE) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1477 fprintf(stderr, "smfi_settimeout failed\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1478 exit(EX_SOFTWARE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1479 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1480 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1481
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1482 case 'e':
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1483 if (email) free(email);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1484 email = strdup(optarg);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1485 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1486
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1487 case 'c':
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1488 check = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1489 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1490
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1491 case 's':
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1492 stress = true;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1493 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1494
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1495 case 'd':
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1496 if (optarg == NULL \|\| *optarg == '\0') debug_syslog = 1;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1497 else debug_syslog = atoi(optarg);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1498 break;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1499
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1500 case 'h':
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1501 default:
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1502 usage(argv[0]);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1503 exit(EX_USAGE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1504 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1505 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1506
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1507 if (check) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1508 use_syslog = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1509 debug_syslog = 10;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1510 CONFIG *conf = new_conf();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1511 if (conf) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1512 conf->dump();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1513 delete conf;
164 5809bcdc325b spamassassin changes carl parents: 163 diff changeset	1514 clear_strings(); // for valgrind checking
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1515 return 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1516 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1517 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1518 return 1; // config failed to load
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1519 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1520 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1521
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1522 if (stress) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1523 fprintf(stdout, "stress testing\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1524 while (1) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1525 for (int i=0; i<10; i++) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1526 CONFIG *conf = new_conf();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1527 if (conf) delete conf;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1528 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1529 fprintf(stdout, ".");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1530 fflush(stdout);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1531 sleep(1);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1532 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1533 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1534
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1535 if (email) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1536 char *x = strchr(email, '\|');
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1537 if (x) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1538 *x = '\0';
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1539 char *from = strdup(email);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1540 char *to = strdup(x+1);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1541 use_syslog = false;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1542 CONFIG *conf = new_conf();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1543 if (conf) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1544 CONTEXTP con = conf->find_context(to);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1545 char buf[maxlen];
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1546 fprintf(stdout, "envelope to <%s> finds context %s\n", to, con->get_full_name(buf,maxlen));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1547 CONTEXTP fc = con->find_context(from);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1548 fprintf(stdout, "envelope from <%s> finds context %s\n", from, fc->get_full_name(buf,maxlen));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1549 char *st = fc->find_from(from);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1550 fprintf(stdout, "envelope from <%s> finds status %s\n", from, st);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1551 delete conf;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1552 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1553 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1554 return 0;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1555 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1556
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1557 if (!setconn) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1558 fprintf(stderr, "%s: Missing required -p argument\n", argv[0]);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1559 usage(argv[0]);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1560 exit(EX_USAGE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1561 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1562
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1563 if (!setreso) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1564 fprintf(stderr, "%s: Missing required -r argument\n", argv[0]);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1565 usage(argv[0]);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1566 exit(EX_USAGE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1567 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1568
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1569 if (smfi_register(smfilter) == MI_FAILURE) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1570 fprintf(stderr, "smfi_register failed\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1571 exit(EX_UNAVAILABLE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1572 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1573
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1574 // switch to background mode
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1575 if (daemon(1,0) < 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1576 fprintf(stderr, "daemon() call failed\n");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1577 exit(EX_UNAVAILABLE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1578 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1579
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1580 // write the pid
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1581 const char *pidpath = "/var/run/dnsbl.pid";
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1582 unlink(pidpath);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1583 FILE *f = fopen(pidpath, "w");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1584 if (f) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1585 #ifdef linux
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1586 // from a comment in the DCC source code:
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1587 // Linux threads are broken. Signals given the
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1588 // original process are delivered to only the
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1589 // thread that happens to have that PID. The
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1590 // sendmail libmilter thread that needs to hear
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1591 // SIGINT and other signals does not, and that breaks
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1592 // scripts that need to stop milters.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1593 // However, signaling the process group works.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1594 fprintf(f, "-%d\n", (u_int)getpgrp());
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1595 #else
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1596 fprintf(f, "%d\n", (u_int)getpid());
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1597 #endif
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1598 fclose(f);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1599 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1600
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1601 // initialize the thread sync objects
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1602 pthread_mutex_init(&config_mutex, 0);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1603 pthread_mutex_init(&syslog_mutex, 0);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1604 pthread_mutex_init(&resolve_mutex, 0);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1605 pthread_mutex_init(&fd_pool_mutex, 0);
153 8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1606 pthread_mutex_init(&verifier_mutex, 0);
8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1607 pthread_mutex_init(&whitelister_mutex, 0);
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1608
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1609 // drop root privs
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1610 struct passwd *pw = getpwnam("dnsbl");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1611 if (pw) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1612 if (setgid(pw->pw_gid) == -1) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1613 my_syslog("failed to switch to group dnsbl");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1614 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1615 if (setuid(pw->pw_uid) == -1) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1616 my_syslog("failed to switch to user dnsbl");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1617 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1618 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1619
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1620 // load the initial config
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1621 config = new_conf();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1622 if (!config) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1623 my_syslog("failed to load initial configuration, quitting");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1624 exit(1);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1625 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1626
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1627 // fork off the resolver listener process
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1628 pid_t child = fork();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1629 if (child < 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1630 my_syslog("failed to create resolver listener process");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1631 exit(0);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1632 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1633 if (child == 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1634 // we are the child - dns resolver listener process
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1635 resolver_socket = socket(AF_UNIX, SOCK_STREAM, 0);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1636 if (resolver_socket < 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1637 my_syslog("child failed to create resolver socket");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1638 exit(0); // failed
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1639 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1640 sockaddr_un server;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1641 memset(&server, '\0', sizeof(server));
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1642 server.sun_family = AF_UNIX;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1643 strncpy(server.sun_path, resolver_port, sizeof(server.sun_path)-1);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1644 //try to bind the address to the socket.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1645 if (bind(resolver_socket, (sockaddr *)&server, sizeof(server)) < 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1646 // bind failed
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1647 shutdown(resolver_socket, SHUT_RDWR);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1648 close(resolver_socket);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1649 my_syslog("child failed to bind resolver socket");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1650 exit(0); // failed
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1651 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1652 //listen on the socket.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1653 if (listen(resolver_socket, 10) < 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1654 // listen failed
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1655 shutdown(resolver_socket, SHUT_RDWR);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1656 close(resolver_socket);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1657 my_syslog("child failed to listen to resolver socket");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1658 exit(0); // failed
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1659 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1660 // setup sigchld handler to prevent zombies
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1661 struct sigaction act;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1662 act.sa_handler = sig_chld; // Assign sig_chld as our SIGCHLD handler
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1663 sigemptyset(&act.sa_mask); // We don't want to block any other signals in this example
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1664 act.sa_flags = SA_NOCLDSTOP; // only want children that have terminated
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1665 if (sigaction(SIGCHLD, &act, NULL) < 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1666 my_syslog("child failed to setup SIGCHLD handler");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1667 exit(0); // failed
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1668 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1669 while (true) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1670 sockaddr_un client;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1671 socklen_t clientlen = sizeof(client);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1672 int s = accept(resolver_socket, (sockaddr *)&client, &clientlen);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1673 if (s > 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1674 // accept worked, it did not get cancelled before we could accept it
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1675 // fork off a process to handle this connection
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1676 int newchild = fork();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1677 if (newchild == 0) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1678 // this is the worker process
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1679 // child does not need the listening socket
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1680 close(resolver_socket);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1681 process_resolver_requests(s);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1682 exit(0);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1683 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1684 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1685 // this is the parent
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1686 // parent does not need the accepted socket
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1687 close(s);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1688 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1689 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1690 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1691 exit(0); // make sure we don't fall thru.
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1692 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1693 else {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1694 sleep(2); // allow child to get started
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1695 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1696
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1697 // only create threads after the fork() in daemon
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1698 pthread_t tid;
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1699 if (pthread_create(&tid, 0, config_loader, 0))
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1700 my_syslog("failed to create config loader thread");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1701 if (pthread_detach(tid))
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1702 my_syslog("failed to detach config loader thread");
153 8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1703
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1704 if (pthread_create(&tid, 0, verify_closer, 0))
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1705 my_syslog("failed to create verify closer thread");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1706 if (pthread_detach(tid))
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1707 my_syslog("failed to detach verify closer thread");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1708
153 8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1709 if (pthread_create(&tid, 0, whitelister_writer, 0))
8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1710 my_syslog("failed to create autowhite writer thread");
8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1711 if (pthread_detach(tid))
8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1712 my_syslog("failed to detach autowhite writer thread");
8d7c439bb6fa add auto whitelisting carl parents: 152 diff changeset	1713
94 e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1714 time_t starting = time(NULL);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1715 int rc = smfi_main();
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1716 if ((rc != MI_SUCCESS) && (time(NULL) > starting+5*60)) {
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1717 my_syslog("trying to restart after smfi_main()");
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1718 loader_run = false; // eventually the config loader thread will terminate
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1719 execvp(argv[0], argv);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1720 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1721 exit((rc == MI_SUCCESS) ? 0 : EX_UNAVAILABLE);
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1722 }
e107ade3b1c0 fix dos line terminators carl parents: 92 diff changeset	1723

Mercurial > dnsbl

annotate src/dnsbl.cpp @ 190:004b855c6c1f