dnsbl: src/dnsbl.cpp annotate

annotate src/dnsbl.cpp @ 28:33e1e3910506

add configurable list of tlds

author	carl
date	Thu, 27 May 2004 10:08:51 -0700
parents	43a4f6b3e668
children	4dfdf33f1db0

rev	line source
0 96a9758165cd Initial revision carl parents: diff changeset	1 /*
96a9758165cd Initial revision carl parents: diff changeset	2
96a9758165cd Initial revision carl parents: diff changeset	3 Copyright (c) 2004 Carl Byington - 510 Software Group, released under
96a9758165cd Initial revision carl parents: diff changeset	4 the GPL version 2 or any later version at your choice available at
96a9758165cd Initial revision carl parents: diff changeset	5 http://www.fsf.org/licenses/gpl.txt
96a9758165cd Initial revision carl parents: diff changeset	6
96a9758165cd Initial revision carl parents: diff changeset	7 Based on a sample milter Copyright (c) 2000-2003 Sendmail, Inc. and its
96a9758165cd Initial revision carl parents: diff changeset	8 suppliers. Inspired by the DCC by Rhyolite Software
96a9758165cd Initial revision carl parents: diff changeset	9
96a9758165cd Initial revision carl parents: diff changeset	10 -p port The port through which the MTA will connect to this milter.
96a9758165cd Initial revision carl parents: diff changeset	11 -t sec The timeout value.
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	12 -c Check the config, and print a copy to stdout. Don't start the
4 15a7e942adec updates to use dcc conf files carl parents: 3 diff changeset	13 milter or do anything with the socket.
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	14 -d Add debug syslog entries
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	15
0 96a9758165cd Initial revision carl parents: diff changeset	16
13 2752e512fd32 finish documentation carl parents: 12 diff changeset	17 TODO:
2752e512fd32 finish documentation carl parents: 12 diff changeset	18 1) Add config for max_recipients for each mail domain. Recipients in
2752e512fd32 finish documentation carl parents: 12 diff changeset	19 excess of that limit will be rejected, and the entire data will be
2752e512fd32 finish documentation carl parents: 12 diff changeset	20 rejected if it is sent.
2752e512fd32 finish documentation carl parents: 12 diff changeset	21
2752e512fd32 finish documentation carl parents: 12 diff changeset	22 2) Add config for poison addresses. If any recipient is poison, all
2752e512fd32 finish documentation carl parents: 12 diff changeset	23 recipients are rejected even if they would be whitelisted, and the
2752e512fd32 finish documentation carl parents: 12 diff changeset	24 data is rejected if sent.
2752e512fd32 finish documentation carl parents: 12 diff changeset	25
0 96a9758165cd Initial revision carl parents: diff changeset	26 */
96a9758165cd Initial revision carl parents: diff changeset	27
96a9758165cd Initial revision carl parents: diff changeset	28
96a9758165cd Initial revision carl parents: diff changeset	29 // from sendmail sample
96a9758165cd Initial revision carl parents: diff changeset	30 #include <sys/types.h>
96a9758165cd Initial revision carl parents: diff changeset	31 #include <sys/stat.h>
96a9758165cd Initial revision carl parents: diff changeset	32 #include <errno.h>
96a9758165cd Initial revision carl parents: diff changeset	33 #include <sysexits.h>
96a9758165cd Initial revision carl parents: diff changeset	34 #include <unistd.h>
96a9758165cd Initial revision carl parents: diff changeset	35
96a9758165cd Initial revision carl parents: diff changeset	36 // needed for socket io
96a9758165cd Initial revision carl parents: diff changeset	37 #include <sys/ioctl.h>
96a9758165cd Initial revision carl parents: diff changeset	38 #include <net/if.h>
96a9758165cd Initial revision carl parents: diff changeset	39 #include <arpa/inet.h>
96a9758165cd Initial revision carl parents: diff changeset	40 #include <netinet/in.h>
96a9758165cd Initial revision carl parents: diff changeset	41 #include <netinet/tcp.h>
96a9758165cd Initial revision carl parents: diff changeset	42 #include <netdb.h>
96a9758165cd Initial revision carl parents: diff changeset	43 #include <sys/socket.h>
96a9758165cd Initial revision carl parents: diff changeset	44
96a9758165cd Initial revision carl parents: diff changeset	45 // needed for thread
96a9758165cd Initial revision carl parents: diff changeset	46 #include <pthread.h>
96a9758165cd Initial revision carl parents: diff changeset	47
96a9758165cd Initial revision carl parents: diff changeset	48 // needed for std c++ collections
96a9758165cd Initial revision carl parents: diff changeset	49 #include <set>
96a9758165cd Initial revision carl parents: diff changeset	50 #include <map>
96a9758165cd Initial revision carl parents: diff changeset	51 #include <list>
96a9758165cd Initial revision carl parents: diff changeset	52
96a9758165cd Initial revision carl parents: diff changeset	53 // for the dns resolver
96a9758165cd Initial revision carl parents: diff changeset	54 #include <netinet/in.h>
96a9758165cd Initial revision carl parents: diff changeset	55 #include <arpa/nameser.h>
96a9758165cd Initial revision carl parents: diff changeset	56 #include <resolv.h>
96a9758165cd Initial revision carl parents: diff changeset	57
96a9758165cd Initial revision carl parents: diff changeset	58 // misc stuff needed here
96a9758165cd Initial revision carl parents: diff changeset	59 #include <ctype.h>
96a9758165cd Initial revision carl parents: diff changeset	60 #include <fstream>
96a9758165cd Initial revision carl parents: diff changeset	61 #include <syslog.h>
96a9758165cd Initial revision carl parents: diff changeset	62
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	63 static char* dnsbl_version="$Id$";
0 96a9758165cd Initial revision carl parents: diff changeset	64
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	65 #define DEFAULT "default"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	66 #define WHITE "white"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	67 #define BLACK "black"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	68 #define OK "ok"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	69 #define MANY "many"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	70
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	71 enum status {oksofar, // not rejected yet
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	72 white, // whitelisted by envelope from
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	73 black, // blacklisted by envelope from or to
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	74 reject, // rejected by a dns list
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	75 reject_tag, // too many bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	76 reject_host}; // too many hosts/urls in body
1 bd0b1a153f67 no message carl parents: 0 diff changeset	77
0 96a9758165cd Initial revision carl parents: diff changeset	78 using namespace std;
96a9758165cd Initial revision carl parents: diff changeset	79
96a9758165cd Initial revision carl parents: diff changeset	80 extern "C" {
96a9758165cd Initial revision carl parents: diff changeset	81 #include "libmilter/mfapi.h"
96a9758165cd Initial revision carl parents: diff changeset	82 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr);
96a9758165cd Initial revision carl parents: diff changeset	83 sfsistat mlfi_envfrom(SMFICTX ctx, char *argv);
96a9758165cd Initial revision carl parents: diff changeset	84 sfsistat mlfi_envrcpt(SMFICTX ctx, char *argv);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	85 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	86 sfsistat mlfi_eom(SMFICTX *ctx);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	87 sfsistat mlfi_abort(SMFICTX *ctx);
0 96a9758165cd Initial revision carl parents: diff changeset	88 sfsistat mlfi_close(SMFICTX *ctx);
96a9758165cd Initial revision carl parents: diff changeset	89 }
96a9758165cd Initial revision carl parents: diff changeset	90
96a9758165cd Initial revision carl parents: diff changeset	91 struct ltstr {
96a9758165cd Initial revision carl parents: diff changeset	92 bool operator()(char* s1, char* s2) const {
96a9758165cd Initial revision carl parents: diff changeset	93 return strcmp(s1, s2) < 0;
96a9758165cd Initial revision carl parents: diff changeset	94 }
96a9758165cd Initial revision carl parents: diff changeset	95 };
96a9758165cd Initial revision carl parents: diff changeset	96
96a9758165cd Initial revision carl parents: diff changeset	97 struct DNSBL {
96a9758165cd Initial revision carl parents: diff changeset	98 char *suffix; // blacklist suffix like blackholes.five-ten-sg.com
96a9758165cd Initial revision carl parents: diff changeset	99 char *message; // error message with one or two %s operators for the ip address replacement
96a9758165cd Initial revision carl parents: diff changeset	100 DNSBL(char s, char m);
96a9758165cd Initial revision carl parents: diff changeset	101 };
96a9758165cd Initial revision carl parents: diff changeset	102 DNSBL::DNSBL(char s, char m) {
96a9758165cd Initial revision carl parents: diff changeset	103 suffix = s;
96a9758165cd Initial revision carl parents: diff changeset	104 message = m;
96a9758165cd Initial revision carl parents: diff changeset	105 }
96a9758165cd Initial revision carl parents: diff changeset	106
96a9758165cd Initial revision carl parents: diff changeset	107 typedef DNSBL * DNSBLP;
96a9758165cd Initial revision carl parents: diff changeset	108 typedef list<DNSBLP> DNSBLL;
96a9758165cd Initial revision carl parents: diff changeset	109 typedef DNSBLL * DNSBLLP;
96a9758165cd Initial revision carl parents: diff changeset	110 typedef map<char , char , ltstr> string_map;
96a9758165cd Initial revision carl parents: diff changeset	111 typedef map<char , string_map , ltstr> from_map;
96a9758165cd Initial revision carl parents: diff changeset	112 typedef map<char *, DNSBLP, ltstr> dnsblp_map;
96a9758165cd Initial revision carl parents: diff changeset	113 typedef map<char *, DNSBLLP, ltstr> dnsbllp_map;
96a9758165cd Initial revision carl parents: diff changeset	114 typedef set<char *, ltstr> string_set;
96a9758165cd Initial revision carl parents: diff changeset	115 typedef list<char *> string_list;
96a9758165cd Initial revision carl parents: diff changeset	116
96a9758165cd Initial revision carl parents: diff changeset	117 struct CONFIG {
96a9758165cd Initial revision carl parents: diff changeset	118 // the only mutable stuff once it has been loaded from the config file
96a9758165cd Initial revision carl parents: diff changeset	119 int reference_count; // protected by the global config_mutex
96a9758165cd Initial revision carl parents: diff changeset	120 // all the rest is constant after loading from the config file
96a9758165cd Initial revision carl parents: diff changeset	121 time_t load_time;
96a9758165cd Initial revision carl parents: diff changeset	122 string_list config_files;
96a9758165cd Initial revision carl parents: diff changeset	123 dnsblp_map dnsbls;
96a9758165cd Initial revision carl parents: diff changeset	124 dnsbllp_map dnsblls;
96a9758165cd Initial revision carl parents: diff changeset	125 from_map env_from;
96a9758165cd Initial revision carl parents: diff changeset	126 string_map env_to_dnsbll; // map recipient to a named dnsbll
96a9758165cd Initial revision carl parents: diff changeset	127 string_map env_to_chkfrom; // map recipient to a named from map
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	128 char * content_suffix; // for sbl url body filtering
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	129 char * content_message; // ""
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	130 char * host_limit_message; // error message for excessive host names
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	131 int host_limit; // limit on host names
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	132 char * tag_limit_message; // error message for excessive bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	133 int tag_limit; // limit on bad html tags
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	134 string_set html_tags; // set of valid html tags
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	135 string_set tlds; // set of valid tld components
0 96a9758165cd Initial revision carl parents: diff changeset	136 CONFIG();
96a9758165cd Initial revision carl parents: diff changeset	137 ~CONFIG();
96a9758165cd Initial revision carl parents: diff changeset	138 };
96a9758165cd Initial revision carl parents: diff changeset	139 CONFIG::CONFIG() {
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	140 reference_count = 0;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	141 load_time = 0;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	142 content_suffix = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	143 content_message = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	144 host_limit_message = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	145 host_limit = 0;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	146 tag_limit_message = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	147 tag_limit = 0;
0 96a9758165cd Initial revision carl parents: diff changeset	148 }
96a9758165cd Initial revision carl parents: diff changeset	149 CONFIG::~CONFIG() {
96a9758165cd Initial revision carl parents: diff changeset	150 for (dnsblp_map::iterator i=dnsbls.begin(); i!=dnsbls.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	151 DNSBLP d = (*i).second;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	152 // delete the underlying DNSBL objects.
0 96a9758165cd Initial revision carl parents: diff changeset	153 delete d;
96a9758165cd Initial revision carl parents: diff changeset	154 }
96a9758165cd Initial revision carl parents: diff changeset	155 for (dnsbllp_map::iterator i=dnsblls.begin(); i!=dnsblls.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	156 DNSBLLP d = (*i).second;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	157 // *d is a list of pointers to DNSBL objects, but
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	158 // the underlying objects have already been deleted above.
0 96a9758165cd Initial revision carl parents: diff changeset	159 delete d;
96a9758165cd Initial revision carl parents: diff changeset	160 }
96a9758165cd Initial revision carl parents: diff changeset	161 for (from_map::iterator i=env_from.begin(); i!=env_from.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	162 string_map d = (i).second;
96a9758165cd Initial revision carl parents: diff changeset	163 delete d;
96a9758165cd Initial revision carl parents: diff changeset	164 }
96a9758165cd Initial revision carl parents: diff changeset	165 }
96a9758165cd Initial revision carl parents: diff changeset	166
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	167 static bool debug_syslog = false;
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	168 static bool loader_run = true; // used to stop the config loader thread
0 96a9758165cd Initial revision carl parents: diff changeset	169 static string_set all_strings; // owns all the strings, only modified by the config loader thread
96a9758165cd Initial revision carl parents: diff changeset	170 static CONFIG * config = NULL; // protected by the config_mutex
96a9758165cd Initial revision carl parents: diff changeset	171
96a9758165cd Initial revision carl parents: diff changeset	172 static pthread_mutex_t config_mutex;
96a9758165cd Initial revision carl parents: diff changeset	173 static pthread_mutex_t syslog_mutex;
96a9758165cd Initial revision carl parents: diff changeset	174 static pthread_mutex_t resolve_mutex;
96a9758165cd Initial revision carl parents: diff changeset	175
96a9758165cd Initial revision carl parents: diff changeset	176
96a9758165cd Initial revision carl parents: diff changeset	177 ////////////////////////////////////////////////
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	178 // helper to discard the strings held by a string_set
0 96a9758165cd Initial revision carl parents: diff changeset	179 //
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	180 static void discard(string_set &s);
8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	181 static void discard(string_set &s) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	182 for (string_set::iterator i=s.begin(); i!=s.end(); i++) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	183 free(*i);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	184 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	185 s.clear();
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	186 }
0 96a9758165cd Initial revision carl parents: diff changeset	187
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	188 ////////////////////////////////////////////////
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	189 // helper to register a string in a string set
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	190 //
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	191 static char* register_string(string_set &s, char *name);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	192 static char* register_string(string_set &s, char *name) {
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	193 string_set::iterator i = s.find(name);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	194 if (i != s.end()) return *i;
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	195 char *x = strdup(name);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	196 s.insert(x);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	197 return x;
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	198 }
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	199
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	200 ////////////////////////////////////////////////
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	201 // syslog a message
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	202 //
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	203 static void my_syslog(char *text);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	204 static void my_syslog(char *text) {
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	205 pthread_mutex_lock(&syslog_mutex);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	206 openlog("dnsbl", LOG_PID, LOG_MAIL);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	207 syslog(LOG_NOTICE, "%s", text);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	208 closelog();
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	209 pthread_mutex_unlock(&syslog_mutex);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	210 }
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	211
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	212
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	213 // include the content scanner
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	214 #include "scanner.cpp"
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	215
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	216
0 96a9758165cd Initial revision carl parents: diff changeset	217 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	218 // mail filter private data, held for us by sendmail
96a9758165cd Initial revision carl parents: diff changeset	219 //
96a9758165cd Initial revision carl parents: diff changeset	220 struct mlfiPriv
96a9758165cd Initial revision carl parents: diff changeset	221 {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	222 // connection specific data
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	223 CONFIG *pc; // global context with our maps
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	224 int ip; // ip4 address of the smtp client
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	225 map<DNSBLP, status> checked; // status from those lists
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	226 // message specific data
0 96a9758165cd Initial revision carl parents: diff changeset	227 char *mailaddr; // envelope from value
96a9758165cd Initial revision carl parents: diff changeset	228 bool authenticated; // client authenticated? if so, suppress all dnsbl checks
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	229 bool have_whites; // have at least one whitelisted recipient? need to accept content and remove all non-whitelisted recipients if it fails
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	230 bool only_whites; // every recipient is whitelisted?
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	231 string_set non_whites; // remember the non-whitelisted recipients so we can remove them if need be
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	232 recorder *memory; // memory for the content scanner
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	233 url_scanner *scanner; // object to handle body scanning
0 96a9758165cd Initial revision carl parents: diff changeset	234 mlfiPriv();
96a9758165cd Initial revision carl parents: diff changeset	235 ~mlfiPriv();
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	236 void reset(bool final = false); // for a new message
0 96a9758165cd Initial revision carl parents: diff changeset	237 };
96a9758165cd Initial revision carl parents: diff changeset	238 mlfiPriv::mlfiPriv() {
96a9758165cd Initial revision carl parents: diff changeset	239 pthread_mutex_lock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	240 pc = config;
96a9758165cd Initial revision carl parents: diff changeset	241 pc->reference_count++;
96a9758165cd Initial revision carl parents: diff changeset	242 pthread_mutex_unlock(&config_mutex);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	243 ip = 0;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	244 mailaddr = NULL;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	245 authenticated = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	246 have_whites = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	247 only_whites = true;
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	248 memory = new recorder(&pc->html_tags, &pc->tlds);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	249 scanner = new url_scanner(memory);
0 96a9758165cd Initial revision carl parents: diff changeset	250 }
96a9758165cd Initial revision carl parents: diff changeset	251 mlfiPriv::~mlfiPriv() {
96a9758165cd Initial revision carl parents: diff changeset	252 pthread_mutex_lock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	253 pc->reference_count--;
96a9758165cd Initial revision carl parents: diff changeset	254 pthread_mutex_unlock(&config_mutex);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	255 reset(true);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	256 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	257 void mlfiPriv::reset(bool final) {
0 96a9758165cd Initial revision carl parents: diff changeset	258 if (mailaddr) free(mailaddr);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	259 discard(non_whites);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	260 delete memory;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	261 delete scanner;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	262 if (!final) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	263 mailaddr = NULL;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	264 authenticated = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	265 have_whites = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	266 only_whites = true;
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	267 memory = new recorder(&pc->html_tags, &pc->tlds);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	268 scanner = new url_scanner(memory);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	269 }
0 96a9758165cd Initial revision carl parents: diff changeset	270 }
96a9758165cd Initial revision carl parents: diff changeset	271
96a9758165cd Initial revision carl parents: diff changeset	272 #define MLFIPRIV ((struct mlfiPriv *) smfi_getpriv(ctx))
96a9758165cd Initial revision carl parents: diff changeset	273
96a9758165cd Initial revision carl parents: diff changeset	274
96a9758165cd Initial revision carl parents: diff changeset	275 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	276 // register a global string
96a9758165cd Initial revision carl parents: diff changeset	277 //
96a9758165cd Initial revision carl parents: diff changeset	278 static char* register_string(char *name);
96a9758165cd Initial revision carl parents: diff changeset	279 static char* register_string(char *name) {
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	280 return register_string(all_strings, name);
0 96a9758165cd Initial revision carl parents: diff changeset	281 }
96a9758165cd Initial revision carl parents: diff changeset	282
96a9758165cd Initial revision carl parents: diff changeset	283
96a9758165cd Initial revision carl parents: diff changeset	284 static char* next_token(char *delim);
96a9758165cd Initial revision carl parents: diff changeset	285 static char* next_token(char *delim) {
96a9758165cd Initial revision carl parents: diff changeset	286 char *name = strtok(NULL, delim);
96a9758165cd Initial revision carl parents: diff changeset	287 if (!name) return name;
96a9758165cd Initial revision carl parents: diff changeset	288 return register_string(name);
96a9758165cd Initial revision carl parents: diff changeset	289 }
96a9758165cd Initial revision carl parents: diff changeset	290
96a9758165cd Initial revision carl parents: diff changeset	291
96a9758165cd Initial revision carl parents: diff changeset	292 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	293 // lookup an email address in the env_from or env_to maps
96a9758165cd Initial revision carl parents: diff changeset	294 //
96a9758165cd Initial revision carl parents: diff changeset	295 static char* lookup1(char *email, string_map map);
96a9758165cd Initial revision carl parents: diff changeset	296 static char* lookup1(char *email, string_map map) {
96a9758165cd Initial revision carl parents: diff changeset	297 string_map::iterator i = map.find(email);
96a9758165cd Initial revision carl parents: diff changeset	298 if (i != map.end()) return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	299 char *x = strchr(email, '@');
96a9758165cd Initial revision carl parents: diff changeset	300 if (!x) return DEFAULT;
96a9758165cd Initial revision carl parents: diff changeset	301 x++;
96a9758165cd Initial revision carl parents: diff changeset	302 i = map.find(x);
96a9758165cd Initial revision carl parents: diff changeset	303 if (i != map.end()) return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	304 return DEFAULT;
96a9758165cd Initial revision carl parents: diff changeset	305 }
96a9758165cd Initial revision carl parents: diff changeset	306
96a9758165cd Initial revision carl parents: diff changeset	307
96a9758165cd Initial revision carl parents: diff changeset	308 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	309 // lookup an email address in the env_from or env_to maps
96a9758165cd Initial revision carl parents: diff changeset	310 // this email address is passed in from sendmail, and will
96a9758165cd Initial revision carl parents: diff changeset	311 // always be enclosed in <>. It may have mixed case, just
96a9758165cd Initial revision carl parents: diff changeset	312 // as the mail client sent it.
96a9758165cd Initial revision carl parents: diff changeset	313 //
96a9758165cd Initial revision carl parents: diff changeset	314 static char* lookup(char* email, string_map map);
96a9758165cd Initial revision carl parents: diff changeset	315 static char* lookup(char* email, string_map map) {
96a9758165cd Initial revision carl parents: diff changeset	316 int n = strlen(email)-2;
96a9758165cd Initial revision carl parents: diff changeset	317 if (n < 1) return DEFAULT; // malformed
96a9758165cd Initial revision carl parents: diff changeset	318 char *key = strdup(email+1);
96a9758165cd Initial revision carl parents: diff changeset	319 key[n] = '\0';
96a9758165cd Initial revision carl parents: diff changeset	320 for (int i=0; i<n; i++) key[i] = tolower(key[i]);
96a9758165cd Initial revision carl parents: diff changeset	321 char *rc = lookup1(key, map);
96a9758165cd Initial revision carl parents: diff changeset	322 free(key);
96a9758165cd Initial revision carl parents: diff changeset	323 return rc;
96a9758165cd Initial revision carl parents: diff changeset	324 }
96a9758165cd Initial revision carl parents: diff changeset	325
96a9758165cd Initial revision carl parents: diff changeset	326
96a9758165cd Initial revision carl parents: diff changeset	327 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	328 // find the dnsbl with a specific name
96a9758165cd Initial revision carl parents: diff changeset	329 //
96a9758165cd Initial revision carl parents: diff changeset	330 static DNSBLP find_dnsbl(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	331 static DNSBLP find_dnsbl(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	332 dnsblp_map::iterator i = dc.dnsbls.find(name);
96a9758165cd Initial revision carl parents: diff changeset	333 if (i == dc.dnsbls.end()) return NULL;
96a9758165cd Initial revision carl parents: diff changeset	334 return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	335 }
96a9758165cd Initial revision carl parents: diff changeset	336
96a9758165cd Initial revision carl parents: diff changeset	337
96a9758165cd Initial revision carl parents: diff changeset	338 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	339 // find the dnsbll with a specific name
96a9758165cd Initial revision carl parents: diff changeset	340 //
96a9758165cd Initial revision carl parents: diff changeset	341 static DNSBLLP find_dnsbll(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	342 static DNSBLLP find_dnsbll(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	343 dnsbllp_map::iterator i = dc.dnsblls.find(name);
96a9758165cd Initial revision carl parents: diff changeset	344 if (i == dc.dnsblls.end()) return NULL;
96a9758165cd Initial revision carl parents: diff changeset	345 return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	346 }
96a9758165cd Initial revision carl parents: diff changeset	347
96a9758165cd Initial revision carl parents: diff changeset	348
96a9758165cd Initial revision carl parents: diff changeset	349 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	350 // find the envfrom map with a specific name
96a9758165cd Initial revision carl parents: diff changeset	351 //
96a9758165cd Initial revision carl parents: diff changeset	352 static string_map* find_from_map(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	353 static string_map* find_from_map(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	354 from_map::iterator i = dc.env_from.find(name);
96a9758165cd Initial revision carl parents: diff changeset	355 if (i == dc.env_from.end()) return NULL;
96a9758165cd Initial revision carl parents: diff changeset	356 return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	357 }
96a9758165cd Initial revision carl parents: diff changeset	358
96a9758165cd Initial revision carl parents: diff changeset	359
96a9758165cd Initial revision carl parents: diff changeset	360 static string_map& really_find_from_map(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	361 static string_map& really_find_from_map(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	362 string_map *sm = find_from_map(dc, name);
96a9758165cd Initial revision carl parents: diff changeset	363 if (!sm) {
96a9758165cd Initial revision carl parents: diff changeset	364 sm = new string_map;
96a9758165cd Initial revision carl parents: diff changeset	365 dc.env_from[name] = sm;
96a9758165cd Initial revision carl parents: diff changeset	366 }
96a9758165cd Initial revision carl parents: diff changeset	367 return *sm;
96a9758165cd Initial revision carl parents: diff changeset	368 }
96a9758165cd Initial revision carl parents: diff changeset	369
96a9758165cd Initial revision carl parents: diff changeset	370
96a9758165cd Initial revision carl parents: diff changeset	371 ////////////////////////////////////////////////
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	372 //
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	373 // ask a dns question and get an A record answer - we don't try
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	374 // very hard, just using the default resolver retry settings.
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	375 // If we cannot get an answer, we just accept the mail. The
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	376 // caller must ensure thread safety.
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	377 //
0 96a9758165cd Initial revision carl parents: diff changeset	378 //
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	379 static int dns_interface(char *question, bool maybe_ip);
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	380 static int dns_interface(char *question, bool maybe_ip) {
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	381 #ifdef NS_PACKETSZ
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	382 u_char answer[NS_PACKETSZ];
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	383 int length = res_search(question, ns_c_in, ns_t_a, answer, sizeof(answer));
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	384 if (length >= 0) { // no error yet
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	385 // parse the answer
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	386 ns_msg handle;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	387 ns_rr rr;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	388 if (ns_initparse(answer, length, &handle) == 0) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	389 int rrnum = 0;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	390 while (ns_parserr(&handle, ns_s_an, rrnum++, &rr) == 0) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	391 if (ns_rr_type(rr) == ns_t_a) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	392 int address;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	393 memcpy(&address, ns_rr_rdata(rr), sizeof(address));
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	394 return address;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	395 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	396 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	397 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	398 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	399 if (maybe_ip) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	400 // might be a bare ip address
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	401 in_addr ip;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	402 if (inet_aton(question, &ip)) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	403 return ip.s_addr;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	404 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	405 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	406 return 0;
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	407 #else
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	408 struct hostent *host = gethostbyname(question);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	409 if (!host) return 0;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	410 if (host->h_addrtype != AF_INET) return 0;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	411 int address;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	412 memcpy(&address, host->h_addr, sizeof(address));
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	413 return address;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	414 #endif
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	415 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	416
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	417 static int protected_dns_interface(char *question, bool maybe_ip);
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	418 static int protected_dns_interface(char *question, bool maybe_ip) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	419 int ans;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	420 pthread_mutex_lock(&resolve_mutex);
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	421 ans = dns_interface(question, maybe_ip);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	422 pthread_mutex_unlock(&resolve_mutex);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	423 return ans;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	424
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	425 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	426
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	427 ////////////////////////////////////////////////
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	428 // check a single dnsbl
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	429 //
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	430 static status check_single(int ip, char *suffix);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	431 static status check_single(int ip, char *suffix) {
0 96a9758165cd Initial revision carl parents: diff changeset	432 // make a dns question
96a9758165cd Initial revision carl parents: diff changeset	433 const u_char src = (const u_char )&ip;
96a9758165cd Initial revision carl parents: diff changeset	434 if (src[0] == 127) return oksofar; // don't do dns lookups on localhost
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	435 #ifdef NS_MAXDNAME
0 96a9758165cd Initial revision carl parents: diff changeset	436 char question[NS_MAXDNAME];
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	437 #else
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	438 char question[1000];
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	439 #endif
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	440 snprintf(question, sizeof(question), "%u.%u.%u.%u.%s.", src[3], src[2], src[1], src[0], suffix);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	441 // ask the question, if we get an A record it implies a blacklisted ip address
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	442 return (protected_dns_interface(question, false)) ? reject : oksofar;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	443 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	444
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	445
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	446 ////////////////////////////////////////////////
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	447 // check a single dnsbl
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	448 //
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	449 static status check_single(int ip, DNSBL &bl);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	450 static status check_single(int ip, DNSBL &bl) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	451 return check_single(ip, bl.suffix);
0 96a9758165cd Initial revision carl parents: diff changeset	452 }
96a9758165cd Initial revision carl parents: diff changeset	453
96a9758165cd Initial revision carl parents: diff changeset	454
96a9758165cd Initial revision carl parents: diff changeset	455 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	456 // check the dnsbls specified for this recipient
96a9758165cd Initial revision carl parents: diff changeset	457 //
96a9758165cd Initial revision carl parents: diff changeset	458 static status check_dnsbl(mlfiPriv &priv, DNSBLLP dnsbllp, DNSBLP &rejectlist);
96a9758165cd Initial revision carl parents: diff changeset	459 static status check_dnsbl(mlfiPriv &priv, DNSBLLP dnsbllp, DNSBLP &rejectlist) {
96a9758165cd Initial revision carl parents: diff changeset	460 if (priv.authenticated) return oksofar;
96a9758165cd Initial revision carl parents: diff changeset	461 if (!dnsbllp) return oksofar;
96a9758165cd Initial revision carl parents: diff changeset	462 DNSBLL &dnsbll = *dnsbllp;
96a9758165cd Initial revision carl parents: diff changeset	463 for (DNSBLL::iterator i=dnsbll.begin(); i!=dnsbll.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	464 DNSBLP dp = *i; // non null by construction
96a9758165cd Initial revision carl parents: diff changeset	465 status st;
96a9758165cd Initial revision carl parents: diff changeset	466 map<DNSBLP, status>::iterator f = priv.checked.find(dp);
96a9758165cd Initial revision carl parents: diff changeset	467 if (f == priv.checked.end()) {
96a9758165cd Initial revision carl parents: diff changeset	468 // have not checked this list yet
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	469 st = check_single(priv.ip, *dp);
0 96a9758165cd Initial revision carl parents: diff changeset	470 rejectlist = dp;
96a9758165cd Initial revision carl parents: diff changeset	471 priv.checked[dp] = st;
96a9758165cd Initial revision carl parents: diff changeset	472 }
96a9758165cd Initial revision carl parents: diff changeset	473 else {
96a9758165cd Initial revision carl parents: diff changeset	474 st = (*f).second;
96a9758165cd Initial revision carl parents: diff changeset	475 rejectlist = (*f).first;
96a9758165cd Initial revision carl parents: diff changeset	476 }
96a9758165cd Initial revision carl parents: diff changeset	477 if (st == reject) return st;
96a9758165cd Initial revision carl parents: diff changeset	478 }
96a9758165cd Initial revision carl parents: diff changeset	479 return oksofar;
96a9758165cd Initial revision carl parents: diff changeset	480 }
96a9758165cd Initial revision carl parents: diff changeset	481
96a9758165cd Initial revision carl parents: diff changeset	482
96a9758165cd Initial revision carl parents: diff changeset	483 ////////////////////////////////////////////////
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	484 // check the dnsbls specified for this recipient
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	485 //
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	486 static status check_hosts(mlfiPriv &priv, char *&host, int &ip);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	487 static status check_hosts(mlfiPriv &priv, char *&host, int &ip) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	488 CONFIG &dc = *priv.pc;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	489 if (!dc.content_suffix) return oksofar;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	490 int count = 0;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	491 for (string_set::iterator i=priv.memory->hosts.begin(); i!=priv.memory->hosts.end(); i++) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	492 count++;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	493 int lim = priv.pc->host_limit;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	494 if ((count > lim) && (lim > 0)) return reject_host;
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	495 host = *i;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	496 if (debug_syslog) {
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	497 char buf[200];
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	498 snprintf(buf, sizeof(buf), "looking for host %s", host);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	499 my_syslog(buf);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	500 }
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	501 ip = protected_dns_interface(host, true);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	502 if (ip) {
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	503 // if (debug_syslog) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	504 // char adr[sizeof "255.255.255.255"];
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	505 // adr[0] = '\0';
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	506 // inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	507 // char buf[200];
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	508 // snprintf(buf, sizeof(buf), "found host %s at %s", host, adr);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	509 // my_syslog(buf);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	510 // }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	511 status st = check_single(ip, dc.content_suffix);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	512 if (st == reject) return st;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	513 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	514 }
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	515 host = NULL;
26 fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	516 int bin = priv.memory->binary_tags;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	517 int bad = priv.memory->bad_html_tags;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	518 int lim = priv.pc->tag_limit;
26 fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	519 if (bin > bad) return oksofar; // probably .zip or .tar.gz with random content
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	520 if ((bad > lim) && (lim > 0)) return reject_tag;
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	521 return oksofar;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	522 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	523
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	524
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	525 ////////////////////////////////////////////////
0 96a9758165cd Initial revision carl parents: diff changeset	526 // start of sendmail milter interfaces
96a9758165cd Initial revision carl parents: diff changeset	527 //
96a9758165cd Initial revision carl parents: diff changeset	528 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr)
96a9758165cd Initial revision carl parents: diff changeset	529 {
96a9758165cd Initial revision carl parents: diff changeset	530 // allocate some private memory
96a9758165cd Initial revision carl parents: diff changeset	531 mlfiPriv *priv = new mlfiPriv;
96a9758165cd Initial revision carl parents: diff changeset	532 if (hostaddr->sa_family == AF_INET) {
96a9758165cd Initial revision carl parents: diff changeset	533 priv->ip = ((struct sockaddr_in *)hostaddr)->sin_addr.s_addr;
96a9758165cd Initial revision carl parents: diff changeset	534 }
96a9758165cd Initial revision carl parents: diff changeset	535
96a9758165cd Initial revision carl parents: diff changeset	536 // save the private data
96a9758165cd Initial revision carl parents: diff changeset	537 smfi_setpriv(ctx, (void*)priv);
96a9758165cd Initial revision carl parents: diff changeset	538
96a9758165cd Initial revision carl parents: diff changeset	539 // continue processing
96a9758165cd Initial revision carl parents: diff changeset	540 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	541 }
96a9758165cd Initial revision carl parents: diff changeset	542
96a9758165cd Initial revision carl parents: diff changeset	543 sfsistat mlfi_envfrom(SMFICTX ctx, char *from)
96a9758165cd Initial revision carl parents: diff changeset	544 {
96a9758165cd Initial revision carl parents: diff changeset	545 mlfiPriv &priv = *MLFIPRIV;
96a9758165cd Initial revision carl parents: diff changeset	546 priv.mailaddr = strdup(from[0]);
96a9758165cd Initial revision carl parents: diff changeset	547 priv.authenticated = (smfi_getsymval(ctx, "{auth_authen}") != NULL);
96a9758165cd Initial revision carl parents: diff changeset	548 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	549 }
96a9758165cd Initial revision carl parents: diff changeset	550
96a9758165cd Initial revision carl parents: diff changeset	551 sfsistat mlfi_envrcpt(SMFICTX ctx, char *rcpt)
96a9758165cd Initial revision carl parents: diff changeset	552 {
96a9758165cd Initial revision carl parents: diff changeset	553 DNSBLP rejectlist = NULL; // list that caused the reject
96a9758165cd Initial revision carl parents: diff changeset	554 status st = oksofar;
96a9758165cd Initial revision carl parents: diff changeset	555 mlfiPriv &priv = *MLFIPRIV;
96a9758165cd Initial revision carl parents: diff changeset	556 CONFIG &dc = *priv.pc;
96a9758165cd Initial revision carl parents: diff changeset	557 char *rcptaddr = rcpt[0];
96a9758165cd Initial revision carl parents: diff changeset	558 char *dnsname = lookup(rcptaddr, dc.env_to_dnsbll);
96a9758165cd Initial revision carl parents: diff changeset	559 char *fromname = lookup(rcptaddr, dc.env_to_chkfrom);
96a9758165cd Initial revision carl parents: diff changeset	560 if ((strcmp(dnsname, BLACK) == 0) \|\|
96a9758165cd Initial revision carl parents: diff changeset	561 (strcmp(fromname, BLACK) == 0)) {
96a9758165cd Initial revision carl parents: diff changeset	562 st = black; // two options to blacklist this recipient
96a9758165cd Initial revision carl parents: diff changeset	563 }
96a9758165cd Initial revision carl parents: diff changeset	564 else if (strcmp(fromname, WHITE) == 0) {
96a9758165cd Initial revision carl parents: diff changeset	565 st = white;
96a9758165cd Initial revision carl parents: diff changeset	566 }
96a9758165cd Initial revision carl parents: diff changeset	567 else {
96a9758165cd Initial revision carl parents: diff changeset	568 // check an env_from map
96a9758165cd Initial revision carl parents: diff changeset	569 string_map *sm = find_from_map(dc, fromname);
96a9758165cd Initial revision carl parents: diff changeset	570 if (sm != NULL) {
96a9758165cd Initial revision carl parents: diff changeset	571 fromname = lookup(priv.mailaddr, *sm); // returns default if name not in map
96a9758165cd Initial revision carl parents: diff changeset	572 if (strcmp(fromname, BLACK) == 0) {
96a9758165cd Initial revision carl parents: diff changeset	573 st = black; // blacklist this envelope from value
96a9758165cd Initial revision carl parents: diff changeset	574 }
96a9758165cd Initial revision carl parents: diff changeset	575 if (strcmp(fromname, WHITE) == 0) {
96a9758165cd Initial revision carl parents: diff changeset	576 st = white; // blacklist this envelope from value
96a9758165cd Initial revision carl parents: diff changeset	577 }
96a9758165cd Initial revision carl parents: diff changeset	578 }
96a9758165cd Initial revision carl parents: diff changeset	579 }
96a9758165cd Initial revision carl parents: diff changeset	580 if ((st == oksofar) && (strcmp(dnsname, WHITE) != 0)) {
96a9758165cd Initial revision carl parents: diff changeset	581 // check dns lists
96a9758165cd Initial revision carl parents: diff changeset	582 st = check_dnsbl(priv, find_dnsbll(dc, dnsname), rejectlist);
96a9758165cd Initial revision carl parents: diff changeset	583 }
96a9758165cd Initial revision carl parents: diff changeset	584
96a9758165cd Initial revision carl parents: diff changeset	585 if (st == reject) {
96a9758165cd Initial revision carl parents: diff changeset	586 // reject the recipient based on some dnsbl
96a9758165cd Initial revision carl parents: diff changeset	587 char adr[sizeof "255.255.255.255"];
96a9758165cd Initial revision carl parents: diff changeset	588 adr[0] = '\0';
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	589 inet_ntop(AF_INET, (const u_char *)&priv.ip, adr, sizeof(adr));
0 96a9758165cd Initial revision carl parents: diff changeset	590 char buf[2000];
96a9758165cd Initial revision carl parents: diff changeset	591 snprintf(buf, sizeof(buf), rejectlist->message, adr, adr);
96a9758165cd Initial revision carl parents: diff changeset	592 smfi_setreply(ctx, "550", "5.7.1", buf);
96a9758165cd Initial revision carl parents: diff changeset	593 return SMFIS_REJECT;
96a9758165cd Initial revision carl parents: diff changeset	594 }
96a9758165cd Initial revision carl parents: diff changeset	595 else if (st == black) {
96a9758165cd Initial revision carl parents: diff changeset	596 // reject the recipient based on blacklisting either from or to
96a9758165cd Initial revision carl parents: diff changeset	597 smfi_setreply(ctx, "550", "5.7.1", "no such user");
96a9758165cd Initial revision carl parents: diff changeset	598 return SMFIS_REJECT;
96a9758165cd Initial revision carl parents: diff changeset	599 }
96a9758165cd Initial revision carl parents: diff changeset	600 else {
96a9758165cd Initial revision carl parents: diff changeset	601 // accept the recipient
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	602 if (st == oksofar) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	603 // but remember the non-whites
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	604 register_string(priv.non_whites, rcptaddr);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	605 priv.only_whites = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	606 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	607 if (st == white) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	608 priv.have_whites = true;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	609 }
0 96a9758165cd Initial revision carl parents: diff changeset	610 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	611 }
96a9758165cd Initial revision carl parents: diff changeset	612 }
96a9758165cd Initial revision carl parents: diff changeset	613
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	614 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len)
0 96a9758165cd Initial revision carl parents: diff changeset	615 {
96a9758165cd Initial revision carl parents: diff changeset	616 mlfiPriv &priv = *MLFIPRIV;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	617 if (priv.authenticated) return SMFIS_CONTINUE;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	618 if (priv.only_whites) return SMFIS_CONTINUE;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	619 priv.scanner->scan(data, len);
11 2c206836b4cc integration work on url scanner carl parents: 9 diff changeset	620 return SMFIS_CONTINUE;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	621 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	622
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	623 sfsistat mlfi_eom(SMFICTX *ctx)
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	624 {
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	625 sfsistat rc;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	626 mlfiPriv &priv = *MLFIPRIV;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	627 char *host = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	628 int ip;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	629 status st;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	630 // process end of message
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	631 if (priv.authenticated \|\|
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	632 priv.only_whites \|\|
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	633 ((st=check_hosts(priv, host, ip)) == oksofar)) rc = SMFIS_CONTINUE;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	634 else {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	635 if (!priv.have_whites) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	636 // can reject the entire message
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	637 char buf[2000];
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	638 if (st == reject_tag) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	639 // rejected due to excessive bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	640 snprintf(buf, sizeof(buf), priv.pc->tag_limit_message);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	641 }
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	642 else if (st == reject_host) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	643 // rejected due to excessive unique host/urls
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	644 snprintf(buf, sizeof(buf), priv.pc->host_limit_message);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	645 }
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	646 else {
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	647 char adr[sizeof "255.255.255.255"];
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	648 adr[0] = '\0';
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	649 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	650 snprintf(buf, sizeof(buf), priv.pc->content_message, host, adr);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	651 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	652 smfi_setreply(ctx, "550", "5.7.1", buf);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	653 rc = SMFIS_REJECT;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	654 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	655 else {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	656 // need to accept it but remove the recipients that don't want it
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	657 for (string_set::iterator i=priv.non_whites.begin(); i!=priv.non_whites.end(); i++) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	658 char rcpt = i;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	659 smfi_delrcpt(ctx, rcpt);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	660 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	661 rc = SMFIS_CONTINUE;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	662 }
0 96a9758165cd Initial revision carl parents: diff changeset	663 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	664 // reset for a new message on the same connection
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	665 mlfi_abort(ctx);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	666 return rc;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	667 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	668
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	669 sfsistat mlfi_abort(SMFICTX *ctx)
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	670 {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	671 mlfiPriv &priv = *MLFIPRIV;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	672 priv.reset();
0 96a9758165cd Initial revision carl parents: diff changeset	673 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	674 }
96a9758165cd Initial revision carl parents: diff changeset	675
96a9758165cd Initial revision carl parents: diff changeset	676 sfsistat mlfi_close(SMFICTX *ctx)
96a9758165cd Initial revision carl parents: diff changeset	677 {
96a9758165cd Initial revision carl parents: diff changeset	678 mlfiPriv *priv = MLFIPRIV;
96a9758165cd Initial revision carl parents: diff changeset	679 if (!priv) return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	680 delete priv;
96a9758165cd Initial revision carl parents: diff changeset	681 smfi_setpriv(ctx, NULL);
96a9758165cd Initial revision carl parents: diff changeset	682 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	683 }
96a9758165cd Initial revision carl parents: diff changeset	684
96a9758165cd Initial revision carl parents: diff changeset	685 struct smfiDesc smfilter =
96a9758165cd Initial revision carl parents: diff changeset	686 {
96a9758165cd Initial revision carl parents: diff changeset	687 "DNSBL", // filter name
96a9758165cd Initial revision carl parents: diff changeset	688 SMFI_VERSION, // version code -- do not change
96a9758165cd Initial revision carl parents: diff changeset	689 SMFIF_DELRCPT, // flags
96a9758165cd Initial revision carl parents: diff changeset	690 mlfi_connect, // connection info filter
96a9758165cd Initial revision carl parents: diff changeset	691 NULL, // SMTP HELO command filter
96a9758165cd Initial revision carl parents: diff changeset	692 mlfi_envfrom, // envelope sender filter
96a9758165cd Initial revision carl parents: diff changeset	693 mlfi_envrcpt, // envelope recipient filter
96a9758165cd Initial revision carl parents: diff changeset	694 NULL, // header filter
96a9758165cd Initial revision carl parents: diff changeset	695 NULL, // end of header
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	696 mlfi_body, // body block filter
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	697 mlfi_eom, // end of message
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	698 mlfi_abort, // message aborted
0 96a9758165cd Initial revision carl parents: diff changeset	699 mlfi_close, // connection cleanup
96a9758165cd Initial revision carl parents: diff changeset	700 };
96a9758165cd Initial revision carl parents: diff changeset	701
96a9758165cd Initial revision carl parents: diff changeset	702
96a9758165cd Initial revision carl parents: diff changeset	703 static void dumpit(char *name, string_map map);
96a9758165cd Initial revision carl parents: diff changeset	704 static void dumpit(char *name, string_map map) {
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	705 fprintf(stdout, "\n");
0 96a9758165cd Initial revision carl parents: diff changeset	706 for (string_map::iterator i=map.begin(); i!=map.end(); i++) {
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	707 fprintf(stdout, "%s %s->%s\n", name, (i).first, (i).second);
0 96a9758165cd Initial revision carl parents: diff changeset	708 }
96a9758165cd Initial revision carl parents: diff changeset	709 }
96a9758165cd Initial revision carl parents: diff changeset	710
96a9758165cd Initial revision carl parents: diff changeset	711
96a9758165cd Initial revision carl parents: diff changeset	712 static void dumpit(from_map map);
96a9758165cd Initial revision carl parents: diff changeset	713 static void dumpit(from_map map) {
96a9758165cd Initial revision carl parents: diff changeset	714 for (from_map::iterator i=map.begin(); i!=map.end(); i++) {
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	715 char buf[2000];
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	716 snprintf(buf, sizeof(buf), "envelope from map for %s", (*i).first);
0 96a9758165cd Initial revision carl parents: diff changeset	717 string_map sm = (i).second;
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	718 dumpit(buf, *sm);
0 96a9758165cd Initial revision carl parents: diff changeset	719 }
96a9758165cd Initial revision carl parents: diff changeset	720 }
96a9758165cd Initial revision carl parents: diff changeset	721
96a9758165cd Initial revision carl parents: diff changeset	722
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	723 static void dumpit(CONFIG &dc);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	724 static void dumpit(CONFIG &dc) {
5 793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	725 dumpit(dc.env_from);
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	726 dumpit("envelope to (dnsbl list)", dc.env_to_dnsbll);
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	727 dumpit("envelope to (from map)", dc.env_to_chkfrom);
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	728 fprintf(stdout, "\ndnsbls\n");
0 96a9758165cd Initial revision carl parents: diff changeset	729 for (dnsblp_map::iterator i=dc.dnsbls.begin(); i!=dc.dnsbls.end(); i++) {
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	730 fprintf(stdout, "%s %s %s\n", (i).first, (i).second->suffix, (*i).second->message);
0 96a9758165cd Initial revision carl parents: diff changeset	731 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	732 fprintf(stdout, "\ndnsbl_lists\n");
0 96a9758165cd Initial revision carl parents: diff changeset	733 for (dnsbllp_map::iterator i=dc.dnsblls.begin(); i!=dc.dnsblls.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	734 char name = (i).first;
96a9758165cd Initial revision carl parents: diff changeset	735 DNSBLL &dl = ((i).second);
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	736 fprintf(stdout, "%s", name);
0 96a9758165cd Initial revision carl parents: diff changeset	737 for (DNSBLL::iterator j=dl.begin(); j!=dl.end(); j++) {
96a9758165cd Initial revision carl parents: diff changeset	738 DNSBL &d = **j;
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	739 fprintf(stdout, " %s", d.suffix);
0 96a9758165cd Initial revision carl parents: diff changeset	740 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	741 fprintf(stdout, "\n");
0 96a9758165cd Initial revision carl parents: diff changeset	742 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	743 if (dc.content_suffix) {
8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	744 fprintf(stdout, "\ncontent filtering enabled with %s %s\n", dc.content_suffix, dc.content_message);
8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	745 }
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	746 if (dc.host_limit) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	747 fprintf(stdout, "\ncontent filtering for host names enabled with limit %d %s\n", dc.host_limit, dc.host_limit_message);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	748 }
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	749 if (dc.tag_limit) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	750 fprintf(stdout, "\ncontent filtering for excessive html tags enabled with limit %d %s\n", dc.tag_limit, dc.tag_limit_message);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	751 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	752 fprintf(stdout, "\nfiles\n");
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	753 for (string_list::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	754 char f = i;
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	755 fprintf(stdout, "config includes %s\n", f);
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	756 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	757 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	758
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	759
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	760 ////////////////////////////////////////////////
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	761 // check for redundant or recursive include files
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	762 //
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	763 static bool ok_to_include(CONFIG &dc, char *fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	764 static bool ok_to_include(CONFIG &dc, char *fn) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	765 if (!fn) return false;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	766 bool ok = true;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	767 for (string_list::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	768 char f = i;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	769 if (strcmp(f, fn) == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	770 my_syslog("redundant or recursive include file detected");
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	771 ok = false;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	772 break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	773 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	774 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	775 return ok;
0 96a9758165cd Initial revision carl parents: diff changeset	776 }
96a9758165cd Initial revision carl parents: diff changeset	777
96a9758165cd Initial revision carl parents: diff changeset	778
96a9758165cd Initial revision carl parents: diff changeset	779 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	780 // load a single config file
96a9758165cd Initial revision carl parents: diff changeset	781 //
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	782 static void load_conf_dcc(CONFIG &dc, char name, char fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	783 static void load_conf_dcc(CONFIG &dc, char name, char fn) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	784 dc.config_files.push_back(fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	785 char *list = BLACK;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	786 const int LINE_SIZE = 2000;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	787 ifstream is(fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	788 if (is.fail()) return;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	789 char line[LINE_SIZE];
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	790 char *delim = " \t";
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	791 int curline = 0;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	792 while (!is.eof()) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	793 is.getline(line, LINE_SIZE);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	794 curline++;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	795 int n = strlen(line);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	796 if (!n) continue;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	797 for (int i=0; i<n; i++) line[i] = tolower(line[i]);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	798 if (line[0] == '#') continue;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	799 char *head = line;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	800 if (strspn(line, delim) == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	801 // have a leading ok/many tag to fetch
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	802 char *cmd = strtok(line, delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	803 if (strcmp(cmd, MANY) == 0) list = BLACK;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	804 else if (strcmp(cmd, OK) == 0) list = WHITE;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	805 head = cmd + strlen(cmd) + 1;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	806 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	807 char *cmd = strtok(head, delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	808 if (!cmd) continue;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	809 if (strcmp(cmd, "env_from") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	810 char *from = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	811 if (from) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	812 string_map &fm = really_find_from_map(dc, name);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	813 fm[from] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	814 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	815 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	816 else if (strcmp(cmd, "env_to") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	817 char *to = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	818 if (to) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	819 dc.env_to_dnsbll[to] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	820 dc.env_to_chkfrom[to] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	821 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	822 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	823 else if (strcmp(cmd, "substitute") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	824 char *tag = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	825 if (tag && (strcmp(tag, "mail_host") == 0)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	826 char *from = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	827 if (from) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	828 string_map &fm = really_find_from_map(dc, name);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	829 fm[from] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	830 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	831 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	832 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	833 else if (strcmp(cmd, "include") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	834 char *fn = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	835 if (ok_to_include(dc, fn)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	836 load_conf_dcc(dc, name, fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	837 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	838 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	839
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	840 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	841 is.close();
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	842 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	843
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	844
0 96a9758165cd Initial revision carl parents: diff changeset	845 static void load_conf(CONFIG &dc, char *fn);
96a9758165cd Initial revision carl parents: diff changeset	846 static void load_conf(CONFIG &dc, char *fn) {
96a9758165cd Initial revision carl parents: diff changeset	847 dc.config_files.push_back(fn);
96a9758165cd Initial revision carl parents: diff changeset	848 map<char*, int, ltstr> commands;
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	849 enum {dummy, tld, content, hostlimit, htmllimit, htmltag, dnsbl, dnsbll, envfrom, envto, include, includedcc};
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	850 commands["tld" ] = tld;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	851 commands["content" ] = content;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	852 commands["host_limit" ] = hostlimit;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	853 commands["html_limit" ] = htmllimit;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	854 commands["html_tag" ] = htmltag;
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	855 commands["dnsbl" ] = dnsbl;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	856 commands["dnsbl_list" ] = dnsbll;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	857 commands["env_from" ] = envfrom;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	858 commands["env_to" ] = envto;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	859 commands["include" ] = include;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	860 commands["include_dcc"] = includedcc;
0 96a9758165cd Initial revision carl parents: diff changeset	861 const int LINE_SIZE = 2000;
96a9758165cd Initial revision carl parents: diff changeset	862 ifstream is(fn);
96a9758165cd Initial revision carl parents: diff changeset	863 if (is.fail()) return;
96a9758165cd Initial revision carl parents: diff changeset	864 char line[LINE_SIZE];
96a9758165cd Initial revision carl parents: diff changeset	865 char orig[LINE_SIZE];
96a9758165cd Initial revision carl parents: diff changeset	866 char *delim = " \t";
96a9758165cd Initial revision carl parents: diff changeset	867 int curline = 0;
96a9758165cd Initial revision carl parents: diff changeset	868 while (!is.eof()) {
96a9758165cd Initial revision carl parents: diff changeset	869 is.getline(line, LINE_SIZE);
96a9758165cd Initial revision carl parents: diff changeset	870 snprintf(orig, sizeof(orig), "%s", line);
96a9758165cd Initial revision carl parents: diff changeset	871 curline++;
96a9758165cd Initial revision carl parents: diff changeset	872 int n = strlen(line);
96a9758165cd Initial revision carl parents: diff changeset	873 for (int i=0; i<n; i++) line[i] = tolower(line[i]);
96a9758165cd Initial revision carl parents: diff changeset	874 char *cmd = strtok(line, delim);
96a9758165cd Initial revision carl parents: diff changeset	875 if (cmd && (cmd[0] != '#') && (cmd[0] != '\0')) {
96a9758165cd Initial revision carl parents: diff changeset	876 // have a decent command
96a9758165cd Initial revision carl parents: diff changeset	877 bool processed = false;
96a9758165cd Initial revision carl parents: diff changeset	878 switch (commands[cmd]) {
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	879 case tld: {
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	880 char *tld = strtok(NULL, delim);
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	881 if (!tld) break; // no tld value
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	882 char buf[200];
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	883 snprintf(buf, sizeof(buf), ".%s", tld);
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	884 dc.tlds.insert(register_string(buf)); // leading .
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	885 processed = true;
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	886 } break;
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	887
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	888 case content: {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	889 char *suff = strtok(NULL, delim);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	890 if (!suff) break; // no dns suffix
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	891 char *msg = suff + strlen(suff);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	892 if ((msg - line) >= strlen(orig)) break; // line ended with the dns suffix
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	893 msg = strchr(msg+1, '\'');
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	894 if (!msg) break; // no reply message template
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	895 msg++; // move over the leading '
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	896 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	897 char *last = strchr(msg, '\'');
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	898 if (!last) break; // no trailing quote
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	899 *last = '\0'; // make it a null terminator
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	900 dc.content_suffix = register_string(suff);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	901 dc.content_message = register_string(msg);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	902 processed = true;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	903 } break;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	904
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	905 case hostlimit: {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	906 char *limit = strtok(NULL, delim);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	907 if (!limit) break; // no integer limit
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	908 char *msg = limit + strlen(limit);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	909 if ((msg - line) >= strlen(orig)) break; // line ended with the limit
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	910 msg = strchr(msg+1, '\'');
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	911 if (!msg) break; // no reply message template
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	912 msg++; // move over the leading '
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	913 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	914 char *last = strchr(msg, '\'');
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	915 if (!last) break; // no trailing quote
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	916 *last = '\0'; // make it a null terminator
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	917 dc.host_limit = atoi(limit);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	918 dc.host_limit_message = register_string(msg);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	919 processed = true;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	920 } break;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	921
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	922 case htmllimit: {
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	923 char *limit = strtok(NULL, delim);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	924 if (!limit) break; // no integer limit
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	925 char *msg = limit + strlen(limit);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	926 if ((msg - line) >= strlen(orig)) break; // line ended with the limit
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	927 msg = strchr(msg+1, '\'');
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	928 if (!msg) break; // no reply message template
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	929 msg++; // move over the leading '
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	930 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	931 char *last = strchr(msg, '\'');
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	932 if (!last) break; // no trailing quote
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	933 *last = '\0'; // make it a null terminator
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	934 dc.tag_limit = atoi(limit);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	935 dc.tag_limit_message = register_string(msg);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	936 processed = true;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	937 } break;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	938
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	939 case htmltag: {
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	940 char *tag = next_token(delim);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	941 if (!tag) break; // no html tag value
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	942 dc.html_tags.insert(tag); // base version
26 fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	943 char buf[200];
fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	944 snprintf(buf, sizeof(buf), "/%s", tag);
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	945 dc.html_tags.insert(register_string(buf)); // leading /
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	946 snprintf(buf, sizeof(buf), "%s/", tag);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	947 dc.html_tags.insert(register_string(buf)); // trailing /
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	948 processed = true;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	949 } break;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	950
0 96a9758165cd Initial revision carl parents: diff changeset	951 case dnsbl: {
96a9758165cd Initial revision carl parents: diff changeset	952 // have a new dnsbl to use
96a9758165cd Initial revision carl parents: diff changeset	953 char *name = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	954 if (!name) break; // no name name
96a9758165cd Initial revision carl parents: diff changeset	955 if (find_dnsbl(dc, name)) break; // duplicate entry
96a9758165cd Initial revision carl parents: diff changeset	956 char *suff = strtok(NULL, delim);
96a9758165cd Initial revision carl parents: diff changeset	957 if (!suff) break; // no dns suffic
96a9758165cd Initial revision carl parents: diff changeset	958 char *msg = suff + strlen(suff);
96a9758165cd Initial revision carl parents: diff changeset	959 if ((msg - line) >= strlen(orig)) break; // line ended with the dns suffix
96a9758165cd Initial revision carl parents: diff changeset	960 msg = strchr(msg+1, '\'');
96a9758165cd Initial revision carl parents: diff changeset	961 if (!msg) break; // no reply message template
96a9758165cd Initial revision carl parents: diff changeset	962 msg++; // move over the leading '
96a9758165cd Initial revision carl parents: diff changeset	963 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
96a9758165cd Initial revision carl parents: diff changeset	964 char *last = strchr(msg, '\'');
96a9758165cd Initial revision carl parents: diff changeset	965 if (!last) break; // no trailing quote
96a9758165cd Initial revision carl parents: diff changeset	966 *last = '\0'; // make it a null terminator
96a9758165cd Initial revision carl parents: diff changeset	967 dc.dnsbls[name] = new DNSBL(register_string(suff), register_string(msg));
96a9758165cd Initial revision carl parents: diff changeset	968 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	969 } break;
96a9758165cd Initial revision carl parents: diff changeset	970
96a9758165cd Initial revision carl parents: diff changeset	971 case dnsbll: {
96a9758165cd Initial revision carl parents: diff changeset	972 // define a new combination of dnsbls
96a9758165cd Initial revision carl parents: diff changeset	973 char *name = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	974 if (!name) break;
96a9758165cd Initial revision carl parents: diff changeset	975 if (find_dnsbll(dc, name)) break; // duplicate entry
96a9758165cd Initial revision carl parents: diff changeset	976 char *list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	977 if (!list \|\| (list == '\0') \|\| (list == '#')) break;
96a9758165cd Initial revision carl parents: diff changeset	978 DNSBLLP d = new DNSBLL;
96a9758165cd Initial revision carl parents: diff changeset	979 DNSBLP p = find_dnsbl(dc, list);
96a9758165cd Initial revision carl parents: diff changeset	980 if (p) d->push_back(p);
96a9758165cd Initial revision carl parents: diff changeset	981 while (true) {
96a9758165cd Initial revision carl parents: diff changeset	982 list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	983 if (!list \|\| (list == '\0') \|\| (list == '#')) break;
96a9758165cd Initial revision carl parents: diff changeset	984 DNSBLP p = find_dnsbl(dc, list);
96a9758165cd Initial revision carl parents: diff changeset	985 if (p) d->push_back(p);
96a9758165cd Initial revision carl parents: diff changeset	986 }
96a9758165cd Initial revision carl parents: diff changeset	987 dc.dnsblls[name] = d;
96a9758165cd Initial revision carl parents: diff changeset	988 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	989 } break;
96a9758165cd Initial revision carl parents: diff changeset	990
96a9758165cd Initial revision carl parents: diff changeset	991 case envfrom: {
96a9758165cd Initial revision carl parents: diff changeset	992 // add an entry into the named string_map
96a9758165cd Initial revision carl parents: diff changeset	993 char *name = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	994 if (!name) break;
96a9758165cd Initial revision carl parents: diff changeset	995 char *from = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	996 if (!from) break;
96a9758165cd Initial revision carl parents: diff changeset	997 char *list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	998 if (!list) break;
96a9758165cd Initial revision carl parents: diff changeset	999 if ((strcmp(list, WHITE) == 0) \|\|
96a9758165cd Initial revision carl parents: diff changeset	1000 (strcmp(list, BLACK) == 0)) {
96a9758165cd Initial revision carl parents: diff changeset	1001 string_map &fm = really_find_from_map(dc, name);
96a9758165cd Initial revision carl parents: diff changeset	1002 fm[from] = list;
96a9758165cd Initial revision carl parents: diff changeset	1003 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	1004 }
96a9758165cd Initial revision carl parents: diff changeset	1005 else {
96a9758165cd Initial revision carl parents: diff changeset	1006 // list may be the name of a previously defined from_map
96a9758165cd Initial revision carl parents: diff changeset	1007 string_map *m = find_from_map(dc, list);
96a9758165cd Initial revision carl parents: diff changeset	1008 if (m && (strcmp(list,name) != 0)) {
96a9758165cd Initial revision carl parents: diff changeset	1009 string_map &pm = *m;
96a9758165cd Initial revision carl parents: diff changeset	1010 string_map &fm = really_find_from_map(dc, name);
96a9758165cd Initial revision carl parents: diff changeset	1011 fm.insert(pm.begin(), pm.end());
96a9758165cd Initial revision carl parents: diff changeset	1012 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	1013 }
96a9758165cd Initial revision carl parents: diff changeset	1014 }
96a9758165cd Initial revision carl parents: diff changeset	1015 } break;
96a9758165cd Initial revision carl parents: diff changeset	1016
96a9758165cd Initial revision carl parents: diff changeset	1017 case envto: {
96a9758165cd Initial revision carl parents: diff changeset	1018 // define the dnsbl_list and env_from maps to use for this recipient
96a9758165cd Initial revision carl parents: diff changeset	1019 char *to = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	1020 if (!to) break;
96a9758165cd Initial revision carl parents: diff changeset	1021 char *list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	1022 if (!list) break;
96a9758165cd Initial revision carl parents: diff changeset	1023 char *from = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	1024 if (!from) break;
96a9758165cd Initial revision carl parents: diff changeset	1025 dc.env_to_dnsbll[to] = list;
96a9758165cd Initial revision carl parents: diff changeset	1026 dc.env_to_chkfrom[to] = from;
96a9758165cd Initial revision carl parents: diff changeset	1027 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	1028 } break;
96a9758165cd Initial revision carl parents: diff changeset	1029
96a9758165cd Initial revision carl parents: diff changeset	1030 case include: {
96a9758165cd Initial revision carl parents: diff changeset	1031 char *fn = next_token(delim);
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1032 if (ok_to_include(dc, fn)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1033 load_conf(dc, fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1034 processed = true;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1035 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1036 } break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1037
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1038 case includedcc: {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1039 char *name = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1040 if (!name) break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1041 char *fn = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1042 if (ok_to_include(dc, fn)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1043 load_conf_dcc(dc, name, fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1044 processed = true;
0 96a9758165cd Initial revision carl parents: diff changeset	1045 }
96a9758165cd Initial revision carl parents: diff changeset	1046 } break;
96a9758165cd Initial revision carl parents: diff changeset	1047
96a9758165cd Initial revision carl parents: diff changeset	1048 default: {
96a9758165cd Initial revision carl parents: diff changeset	1049 } break;
96a9758165cd Initial revision carl parents: diff changeset	1050 }
96a9758165cd Initial revision carl parents: diff changeset	1051 if (!processed) {
96a9758165cd Initial revision carl parents: diff changeset	1052 pthread_mutex_lock(&syslog_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1053 openlog("dnsbl", LOG_PID, LOG_MAIL);
96a9758165cd Initial revision carl parents: diff changeset	1054 syslog(LOG_ERR, "ignoring file %s line %d : %s\n", fn, curline, orig);
96a9758165cd Initial revision carl parents: diff changeset	1055 closelog();
96a9758165cd Initial revision carl parents: diff changeset	1056 pthread_mutex_unlock(&syslog_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1057 }
96a9758165cd Initial revision carl parents: diff changeset	1058 }
96a9758165cd Initial revision carl parents: diff changeset	1059 }
96a9758165cd Initial revision carl parents: diff changeset	1060 is.close();
96a9758165cd Initial revision carl parents: diff changeset	1061 }
96a9758165cd Initial revision carl parents: diff changeset	1062
96a9758165cd Initial revision carl parents: diff changeset	1063
96a9758165cd Initial revision carl parents: diff changeset	1064 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	1065 // reload the config
96a9758165cd Initial revision carl parents: diff changeset	1066 //
96a9758165cd Initial revision carl parents: diff changeset	1067 static CONFIG* new_conf();
96a9758165cd Initial revision carl parents: diff changeset	1068 static CONFIG* new_conf() {
96a9758165cd Initial revision carl parents: diff changeset	1069 my_syslog("loading new configuration");
96a9758165cd Initial revision carl parents: diff changeset	1070 CONFIG *newc = new CONFIG;
96a9758165cd Initial revision carl parents: diff changeset	1071 load_conf(*newc, "dnsbl.conf");
96a9758165cd Initial revision carl parents: diff changeset	1072 newc->load_time = time(NULL);
96a9758165cd Initial revision carl parents: diff changeset	1073 return newc;
96a9758165cd Initial revision carl parents: diff changeset	1074 }
96a9758165cd Initial revision carl parents: diff changeset	1075
96a9758165cd Initial revision carl parents: diff changeset	1076
96a9758165cd Initial revision carl parents: diff changeset	1077 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	1078 // thread to watch the old config files for changes
96a9758165cd Initial revision carl parents: diff changeset	1079 // and reload when needed. we also cleanup old
96a9758165cd Initial revision carl parents: diff changeset	1080 // configs whose reference count has gone to zero.
96a9758165cd Initial revision carl parents: diff changeset	1081 //
96a9758165cd Initial revision carl parents: diff changeset	1082 static void* config_loader(void *arg);
96a9758165cd Initial revision carl parents: diff changeset	1083 static void* config_loader(void *arg) {
96a9758165cd Initial revision carl parents: diff changeset	1084 typedef set<CONFIG *> configp_set;
96a9758165cd Initial revision carl parents: diff changeset	1085 configp_set old_configs;
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1086 while (loader_run) {
0 96a9758165cd Initial revision carl parents: diff changeset	1087 sleep(180); // look for modifications every 3 minutes
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1088 if (!loader_run) break;
0 96a9758165cd Initial revision carl parents: diff changeset	1089 CONFIG &dc = *config;
96a9758165cd Initial revision carl parents: diff changeset	1090 time_t then = dc.load_time;
96a9758165cd Initial revision carl parents: diff changeset	1091 struct stat st;
96a9758165cd Initial revision carl parents: diff changeset	1092 bool reload = false;
96a9758165cd Initial revision carl parents: diff changeset	1093 for (string_list::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	1094 char fn = i;
96a9758165cd Initial revision carl parents: diff changeset	1095 if (stat(fn, &st)) reload = true; // file disappeared
96a9758165cd Initial revision carl parents: diff changeset	1096 else if (st.st_mtime > then) reload = true; // file modified
96a9758165cd Initial revision carl parents: diff changeset	1097 if (reload) break;
96a9758165cd Initial revision carl parents: diff changeset	1098 }
96a9758165cd Initial revision carl parents: diff changeset	1099 if (reload) {
96a9758165cd Initial revision carl parents: diff changeset	1100 CONFIG *newc = new_conf();
96a9758165cd Initial revision carl parents: diff changeset	1101 // replace the global config pointer
96a9758165cd Initial revision carl parents: diff changeset	1102 pthread_mutex_lock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1103 CONFIG *old = config;
96a9758165cd Initial revision carl parents: diff changeset	1104 config = newc;
96a9758165cd Initial revision carl parents: diff changeset	1105 pthread_mutex_unlock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1106 if (old) old_configs.insert(old);
96a9758165cd Initial revision carl parents: diff changeset	1107 }
96a9758165cd Initial revision carl parents: diff changeset	1108 // now look for old configs with zero ref counts
96a9758165cd Initial revision carl parents: diff changeset	1109 for (configp_set::iterator i=old_configs.begin(); i!=old_configs.end(); ) {
96a9758165cd Initial revision carl parents: diff changeset	1110 CONFIG old = i;
96a9758165cd Initial revision carl parents: diff changeset	1111 if (!old->reference_count) {
96a9758165cd Initial revision carl parents: diff changeset	1112 delete old; // destructor does all the work
96a9758165cd Initial revision carl parents: diff changeset	1113 old_configs.erase(i++);
96a9758165cd Initial revision carl parents: diff changeset	1114 }
96a9758165cd Initial revision carl parents: diff changeset	1115 else i++;
96a9758165cd Initial revision carl parents: diff changeset	1116 }
96a9758165cd Initial revision carl parents: diff changeset	1117 }
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1118 return NULL;
0 96a9758165cd Initial revision carl parents: diff changeset	1119 }
96a9758165cd Initial revision carl parents: diff changeset	1120
96a9758165cd Initial revision carl parents: diff changeset	1121
96a9758165cd Initial revision carl parents: diff changeset	1122 static void usage(char *prog);
96a9758165cd Initial revision carl parents: diff changeset	1123 static void usage(char *prog)
96a9758165cd Initial revision carl parents: diff changeset	1124 {
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1125 fprintf(stderr, "Usage: %s [-d] [-c] -p socket-addr [-t timeout]\n", prog);
0 96a9758165cd Initial revision carl parents: diff changeset	1126 fprintf(stderr, "where socket-addr is for the connection to sendmail and should be one of\n");
96a9758165cd Initial revision carl parents: diff changeset	1127 fprintf(stderr, " inet:port@local-ip-address\n");
96a9758165cd Initial revision carl parents: diff changeset	1128 fprintf(stderr, " local:local-domain-socket-file-name\n");
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	1129 fprintf(stderr, "-c will load and dump the config to stdout\n");
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1130 fprintf(stderr, "-d will add some syslog debug messages\n");
0 96a9758165cd Initial revision carl parents: diff changeset	1131 }
96a9758165cd Initial revision carl parents: diff changeset	1132
96a9758165cd Initial revision carl parents: diff changeset	1133
96a9758165cd Initial revision carl parents: diff changeset	1134 int main(int argc, char**argv)
96a9758165cd Initial revision carl parents: diff changeset	1135 {
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1136 bool check = false;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1137 bool setconn = false;
0 96a9758165cd Initial revision carl parents: diff changeset	1138 int c;
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1139 const char *args = "p:t:hcd";
0 96a9758165cd Initial revision carl parents: diff changeset	1140 extern char *optarg;
96a9758165cd Initial revision carl parents: diff changeset	1141
96a9758165cd Initial revision carl parents: diff changeset	1142 // Process command line options
96a9758165cd Initial revision carl parents: diff changeset	1143 while ((c = getopt(argc, argv, args)) != -1) {
96a9758165cd Initial revision carl parents: diff changeset	1144 switch (c) {
96a9758165cd Initial revision carl parents: diff changeset	1145 case 'p':
96a9758165cd Initial revision carl parents: diff changeset	1146 if (optarg == NULL \|\| *optarg == '\0') {
96a9758165cd Initial revision carl parents: diff changeset	1147 fprintf(stderr, "Illegal conn: %s\n", optarg);
96a9758165cd Initial revision carl parents: diff changeset	1148 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1149 }
96a9758165cd Initial revision carl parents: diff changeset	1150 if (smfi_setconn(optarg) == MI_FAILURE) {
96a9758165cd Initial revision carl parents: diff changeset	1151 fprintf(stderr, "smfi_setconn failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1152 exit(EX_SOFTWARE);
96a9758165cd Initial revision carl parents: diff changeset	1153 }
96a9758165cd Initial revision carl parents: diff changeset	1154
96a9758165cd Initial revision carl parents: diff changeset	1155 if (strncasecmp(optarg, "unix:", 5) == 0) unlink(optarg + 5);
96a9758165cd Initial revision carl parents: diff changeset	1156 else if (strncasecmp(optarg, "local:", 6) == 0) unlink(optarg + 6);
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1157 setconn = true;
0 96a9758165cd Initial revision carl parents: diff changeset	1158 break;
96a9758165cd Initial revision carl parents: diff changeset	1159
96a9758165cd Initial revision carl parents: diff changeset	1160 case 't':
96a9758165cd Initial revision carl parents: diff changeset	1161 if (optarg == NULL \|\| *optarg == '\0') {
96a9758165cd Initial revision carl parents: diff changeset	1162 fprintf(stderr, "Illegal timeout: %s\n", optarg);
96a9758165cd Initial revision carl parents: diff changeset	1163 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1164 }
96a9758165cd Initial revision carl parents: diff changeset	1165 if (smfi_settimeout(atoi(optarg)) == MI_FAILURE) {
96a9758165cd Initial revision carl parents: diff changeset	1166 fprintf(stderr, "smfi_settimeout failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1167 exit(EX_SOFTWARE);
96a9758165cd Initial revision carl parents: diff changeset	1168 }
96a9758165cd Initial revision carl parents: diff changeset	1169 break;
96a9758165cd Initial revision carl parents: diff changeset	1170
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1171 case 'c':
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1172 check = true;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1173 break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1174
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1175 case 'd':
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1176 debug_syslog = true;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1177 break;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1178
0 96a9758165cd Initial revision carl parents: diff changeset	1179 case 'h':
96a9758165cd Initial revision carl parents: diff changeset	1180 default:
96a9758165cd Initial revision carl parents: diff changeset	1181 usage(argv[0]);
96a9758165cd Initial revision carl parents: diff changeset	1182 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1183 }
96a9758165cd Initial revision carl parents: diff changeset	1184 }
5 793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1185
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1186 if (check) {
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1187 CONFIG &dc = *new_conf();
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1188 dumpit(dc);
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1189 return 0;
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1190 }
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1191
0 96a9758165cd Initial revision carl parents: diff changeset	1192 if (!setconn) {
96a9758165cd Initial revision carl parents: diff changeset	1193 fprintf(stderr, "%s: Missing required -p argument\n", argv[0]);
96a9758165cd Initial revision carl parents: diff changeset	1194 usage(argv[0]);
96a9758165cd Initial revision carl parents: diff changeset	1195 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1196 }
5 793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1197
0 96a9758165cd Initial revision carl parents: diff changeset	1198 if (smfi_register(smfilter) == MI_FAILURE) {
96a9758165cd Initial revision carl parents: diff changeset	1199 fprintf(stderr, "smfi_register failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1200 exit(EX_UNAVAILABLE);
96a9758165cd Initial revision carl parents: diff changeset	1201 }
96a9758165cd Initial revision carl parents: diff changeset	1202
96a9758165cd Initial revision carl parents: diff changeset	1203 // switch to background mode
96a9758165cd Initial revision carl parents: diff changeset	1204 if (daemon(1,0) < 0) {
96a9758165cd Initial revision carl parents: diff changeset	1205 fprintf(stderr, "daemon() call failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1206 exit(EX_UNAVAILABLE);
96a9758165cd Initial revision carl parents: diff changeset	1207 }
96a9758165cd Initial revision carl parents: diff changeset	1208
96a9758165cd Initial revision carl parents: diff changeset	1209 // initialize the thread sync objects
96a9758165cd Initial revision carl parents: diff changeset	1210 pthread_mutex_init(&config_mutex, 0);
96a9758165cd Initial revision carl parents: diff changeset	1211 pthread_mutex_init(&syslog_mutex, 0);
96a9758165cd Initial revision carl parents: diff changeset	1212 pthread_mutex_init(&resolve_mutex, 0);
96a9758165cd Initial revision carl parents: diff changeset	1213
96a9758165cd Initial revision carl parents: diff changeset	1214 // load the initial config
96a9758165cd Initial revision carl parents: diff changeset	1215 config = new_conf();
96a9758165cd Initial revision carl parents: diff changeset	1216
96a9758165cd Initial revision carl parents: diff changeset	1217 // only create threads after the fork() in daemon
96a9758165cd Initial revision carl parents: diff changeset	1218 pthread_t tid;
96a9758165cd Initial revision carl parents: diff changeset	1219 if (pthread_create(&tid, 0, config_loader, 0))
96a9758165cd Initial revision carl parents: diff changeset	1220 my_syslog("failed to create config loader thread");
96a9758165cd Initial revision carl parents: diff changeset	1221 if (pthread_detach(tid))
96a9758165cd Initial revision carl parents: diff changeset	1222 my_syslog("failed to detach config loader thread");
96a9758165cd Initial revision carl parents: diff changeset	1223
96a9758165cd Initial revision carl parents: diff changeset	1224 // write the pid
96a9758165cd Initial revision carl parents: diff changeset	1225 const char *pidpath = "/var/run/dnsbl.pid";
96a9758165cd Initial revision carl parents: diff changeset	1226 unlink(pidpath);
96a9758165cd Initial revision carl parents: diff changeset	1227 FILE *f = fopen(pidpath, "w");
96a9758165cd Initial revision carl parents: diff changeset	1228 if (f) {
22 c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1229 #ifdef linux
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1230 // from a comment in the DCC source code:
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1231 // Linux threads are broken. Signals given the
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1232 // original process are delivered to only the
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1233 // thread that happens to have that PID. The
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1234 // sendmail libmilter thread that needs to hear
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1235 // SIGINT and other signals does not, and that breaks
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1236 // scripts that need to stop milters.
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1237 // However, signaling the process group works.
0 96a9758165cd Initial revision carl parents: diff changeset	1238 fprintf(f, "-%d\n", (u_int)getpgrp());
22 c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1239 #else
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1240 fprintf(f, "%d\n", (u_int)getpid());
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1241 #endif
0 96a9758165cd Initial revision carl parents: diff changeset	1242 fclose(f);
96a9758165cd Initial revision carl parents: diff changeset	1243 }
96a9758165cd Initial revision carl parents: diff changeset	1244
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1245 time_t starting = time(NULL);
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1246 int rc = smfi_main();
22 c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1247 if ((rc != MI_SUCCESS) && (time(NULL) > starting+5*60)) {
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1248 my_syslog("trying to restart after smfi_main()");
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1249 loader_run = false; // eventually the config loader thread will terminate
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1250 execvp(argv[0], argv);
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1251 }
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1252 exit((rc == MI_SUCCESS) ? 0 : EX_UNAVAILABLE);
0 96a9758165cd Initial revision carl parents: diff changeset	1253 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	1254

Mercurial > dnsbl

annotate src/dnsbl.cpp @ 28:33e1e3910506