dnsbl: src/dnsbl.cpp annotate

annotate src/dnsbl.cpp @ 27:43a4f6b3e668 stable-2-3

add configurable host name limit and bad html tag limits.

author	carl
date	Sat, 22 May 2004 22:30:45 -0700
parents	fdae7ab30cfc
children	33e1e3910506

rev	line source
0 96a9758165cd Initial revision carl parents: diff changeset	1 /*
96a9758165cd Initial revision carl parents: diff changeset	2
96a9758165cd Initial revision carl parents: diff changeset	3 Copyright (c) 2004 Carl Byington - 510 Software Group, released under
96a9758165cd Initial revision carl parents: diff changeset	4 the GPL version 2 or any later version at your choice available at
96a9758165cd Initial revision carl parents: diff changeset	5 http://www.fsf.org/licenses/gpl.txt
96a9758165cd Initial revision carl parents: diff changeset	6
96a9758165cd Initial revision carl parents: diff changeset	7 Based on a sample milter Copyright (c) 2000-2003 Sendmail, Inc. and its
96a9758165cd Initial revision carl parents: diff changeset	8 suppliers. Inspired by the DCC by Rhyolite Software
96a9758165cd Initial revision carl parents: diff changeset	9
96a9758165cd Initial revision carl parents: diff changeset	10 -p port The port through which the MTA will connect to this milter.
96a9758165cd Initial revision carl parents: diff changeset	11 -t sec The timeout value.
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	12 -c Check the config, and print a copy to stdout. Don't start the
4 15a7e942adec updates to use dcc conf files carl parents: 3 diff changeset	13 milter or do anything with the socket.
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	14 -d Add debug syslog entries
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	15
0 96a9758165cd Initial revision carl parents: diff changeset	16
13 2752e512fd32 finish documentation carl parents: 12 diff changeset	17 TODO:
2752e512fd32 finish documentation carl parents: 12 diff changeset	18 1) Add config for max_recipients for each mail domain. Recipients in
2752e512fd32 finish documentation carl parents: 12 diff changeset	19 excess of that limit will be rejected, and the entire data will be
2752e512fd32 finish documentation carl parents: 12 diff changeset	20 rejected if it is sent.
2752e512fd32 finish documentation carl parents: 12 diff changeset	21
2752e512fd32 finish documentation carl parents: 12 diff changeset	22 2) Add config for poison addresses. If any recipient is poison, all
2752e512fd32 finish documentation carl parents: 12 diff changeset	23 recipients are rejected even if they would be whitelisted, and the
2752e512fd32 finish documentation carl parents: 12 diff changeset	24 data is rejected if sent.
2752e512fd32 finish documentation carl parents: 12 diff changeset	25
0 96a9758165cd Initial revision carl parents: diff changeset	26 */
96a9758165cd Initial revision carl parents: diff changeset	27
96a9758165cd Initial revision carl parents: diff changeset	28
96a9758165cd Initial revision carl parents: diff changeset	29 // from sendmail sample
96a9758165cd Initial revision carl parents: diff changeset	30 #include <sys/types.h>
96a9758165cd Initial revision carl parents: diff changeset	31 #include <sys/stat.h>
96a9758165cd Initial revision carl parents: diff changeset	32 #include <errno.h>
96a9758165cd Initial revision carl parents: diff changeset	33 #include <sysexits.h>
96a9758165cd Initial revision carl parents: diff changeset	34 #include <unistd.h>
96a9758165cd Initial revision carl parents: diff changeset	35
96a9758165cd Initial revision carl parents: diff changeset	36 // needed for socket io
96a9758165cd Initial revision carl parents: diff changeset	37 #include <sys/ioctl.h>
96a9758165cd Initial revision carl parents: diff changeset	38 #include <net/if.h>
96a9758165cd Initial revision carl parents: diff changeset	39 #include <arpa/inet.h>
96a9758165cd Initial revision carl parents: diff changeset	40 #include <netinet/in.h>
96a9758165cd Initial revision carl parents: diff changeset	41 #include <netinet/tcp.h>
96a9758165cd Initial revision carl parents: diff changeset	42 #include <netdb.h>
96a9758165cd Initial revision carl parents: diff changeset	43 #include <sys/socket.h>
96a9758165cd Initial revision carl parents: diff changeset	44
96a9758165cd Initial revision carl parents: diff changeset	45 // needed for thread
96a9758165cd Initial revision carl parents: diff changeset	46 #include <pthread.h>
96a9758165cd Initial revision carl parents: diff changeset	47
96a9758165cd Initial revision carl parents: diff changeset	48 // needed for std c++ collections
96a9758165cd Initial revision carl parents: diff changeset	49 #include <set>
96a9758165cd Initial revision carl parents: diff changeset	50 #include <map>
96a9758165cd Initial revision carl parents: diff changeset	51 #include <list>
96a9758165cd Initial revision carl parents: diff changeset	52
96a9758165cd Initial revision carl parents: diff changeset	53 // for the dns resolver
96a9758165cd Initial revision carl parents: diff changeset	54 #include <netinet/in.h>
96a9758165cd Initial revision carl parents: diff changeset	55 #include <arpa/nameser.h>
96a9758165cd Initial revision carl parents: diff changeset	56 #include <resolv.h>
96a9758165cd Initial revision carl parents: diff changeset	57
96a9758165cd Initial revision carl parents: diff changeset	58 // misc stuff needed here
96a9758165cd Initial revision carl parents: diff changeset	59 #include <ctype.h>
96a9758165cd Initial revision carl parents: diff changeset	60 #include <fstream>
96a9758165cd Initial revision carl parents: diff changeset	61 #include <syslog.h>
96a9758165cd Initial revision carl parents: diff changeset	62
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	63 static char* dnsbl_version="$Id$";
0 96a9758165cd Initial revision carl parents: diff changeset	64
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	65 #define DEFAULT "default"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	66 #define WHITE "white"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	67 #define BLACK "black"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	68 #define OK "ok"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	69 #define MANY "many"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	70
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	71 enum status {oksofar, // not rejected yet
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	72 white, // whitelisted by envelope from
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	73 black, // blacklisted by envelope from or to
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	74 reject, // rejected by a dns list
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	75 reject_tag, // too many bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	76 reject_host}; // too many hosts/urls in body
1 bd0b1a153f67 no message carl parents: 0 diff changeset	77
0 96a9758165cd Initial revision carl parents: diff changeset	78 using namespace std;
96a9758165cd Initial revision carl parents: diff changeset	79
96a9758165cd Initial revision carl parents: diff changeset	80 extern "C" {
96a9758165cd Initial revision carl parents: diff changeset	81 #include "libmilter/mfapi.h"
96a9758165cd Initial revision carl parents: diff changeset	82 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr);
96a9758165cd Initial revision carl parents: diff changeset	83 sfsistat mlfi_envfrom(SMFICTX ctx, char *argv);
96a9758165cd Initial revision carl parents: diff changeset	84 sfsistat mlfi_envrcpt(SMFICTX ctx, char *argv);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	85 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	86 sfsistat mlfi_eom(SMFICTX *ctx);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	87 sfsistat mlfi_abort(SMFICTX *ctx);
0 96a9758165cd Initial revision carl parents: diff changeset	88 sfsistat mlfi_close(SMFICTX *ctx);
96a9758165cd Initial revision carl parents: diff changeset	89 }
96a9758165cd Initial revision carl parents: diff changeset	90
96a9758165cd Initial revision carl parents: diff changeset	91 struct ltstr {
96a9758165cd Initial revision carl parents: diff changeset	92 bool operator()(char* s1, char* s2) const {
96a9758165cd Initial revision carl parents: diff changeset	93 return strcmp(s1, s2) < 0;
96a9758165cd Initial revision carl parents: diff changeset	94 }
96a9758165cd Initial revision carl parents: diff changeset	95 };
96a9758165cd Initial revision carl parents: diff changeset	96
96a9758165cd Initial revision carl parents: diff changeset	97 struct DNSBL {
96a9758165cd Initial revision carl parents: diff changeset	98 char *suffix; // blacklist suffix like blackholes.five-ten-sg.com
96a9758165cd Initial revision carl parents: diff changeset	99 char *message; // error message with one or two %s operators for the ip address replacement
96a9758165cd Initial revision carl parents: diff changeset	100 DNSBL(char s, char m);
96a9758165cd Initial revision carl parents: diff changeset	101 };
96a9758165cd Initial revision carl parents: diff changeset	102 DNSBL::DNSBL(char s, char m) {
96a9758165cd Initial revision carl parents: diff changeset	103 suffix = s;
96a9758165cd Initial revision carl parents: diff changeset	104 message = m;
96a9758165cd Initial revision carl parents: diff changeset	105 }
96a9758165cd Initial revision carl parents: diff changeset	106
96a9758165cd Initial revision carl parents: diff changeset	107 typedef DNSBL * DNSBLP;
96a9758165cd Initial revision carl parents: diff changeset	108 typedef list<DNSBLP> DNSBLL;
96a9758165cd Initial revision carl parents: diff changeset	109 typedef DNSBLL * DNSBLLP;
96a9758165cd Initial revision carl parents: diff changeset	110 typedef map<char , char , ltstr> string_map;
96a9758165cd Initial revision carl parents: diff changeset	111 typedef map<char , string_map , ltstr> from_map;
96a9758165cd Initial revision carl parents: diff changeset	112 typedef map<char *, DNSBLP, ltstr> dnsblp_map;
96a9758165cd Initial revision carl parents: diff changeset	113 typedef map<char *, DNSBLLP, ltstr> dnsbllp_map;
96a9758165cd Initial revision carl parents: diff changeset	114 typedef set<char *, ltstr> string_set;
96a9758165cd Initial revision carl parents: diff changeset	115 typedef list<char *> string_list;
96a9758165cd Initial revision carl parents: diff changeset	116
96a9758165cd Initial revision carl parents: diff changeset	117 struct CONFIG {
96a9758165cd Initial revision carl parents: diff changeset	118 // the only mutable stuff once it has been loaded from the config file
96a9758165cd Initial revision carl parents: diff changeset	119 int reference_count; // protected by the global config_mutex
96a9758165cd Initial revision carl parents: diff changeset	120 // all the rest is constant after loading from the config file
96a9758165cd Initial revision carl parents: diff changeset	121 time_t load_time;
96a9758165cd Initial revision carl parents: diff changeset	122 string_list config_files;
96a9758165cd Initial revision carl parents: diff changeset	123 dnsblp_map dnsbls;
96a9758165cd Initial revision carl parents: diff changeset	124 dnsbllp_map dnsblls;
96a9758165cd Initial revision carl parents: diff changeset	125 from_map env_from;
96a9758165cd Initial revision carl parents: diff changeset	126 string_map env_to_dnsbll; // map recipient to a named dnsbll
96a9758165cd Initial revision carl parents: diff changeset	127 string_map env_to_chkfrom; // map recipient to a named from map
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	128 char * content_suffix; // for sbl url body filtering
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	129 char * content_message; // ""
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	130 char * host_limit_message; // error message for excessive host names
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	131 int host_limit; // limit on host names
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	132 char * tag_limit_message; // error message for excessive bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	133 int tag_limit; // limit on bad html tags
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	134 string_set html_tags; // set of valid html tags
0 96a9758165cd Initial revision carl parents: diff changeset	135 CONFIG();
96a9758165cd Initial revision carl parents: diff changeset	136 ~CONFIG();
96a9758165cd Initial revision carl parents: diff changeset	137 };
96a9758165cd Initial revision carl parents: diff changeset	138 CONFIG::CONFIG() {
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	139 reference_count = 0;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	140 load_time = 0;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	141 content_suffix = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	142 content_message = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	143 host_limit_message = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	144 host_limit = 0;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	145 tag_limit_message = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	146 tag_limit = 0;
0 96a9758165cd Initial revision carl parents: diff changeset	147 }
96a9758165cd Initial revision carl parents: diff changeset	148 CONFIG::~CONFIG() {
96a9758165cd Initial revision carl parents: diff changeset	149 for (dnsblp_map::iterator i=dnsbls.begin(); i!=dnsbls.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	150 DNSBLP d = (*i).second;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	151 // delete the underlying DNSBL objects.
0 96a9758165cd Initial revision carl parents: diff changeset	152 delete d;
96a9758165cd Initial revision carl parents: diff changeset	153 }
96a9758165cd Initial revision carl parents: diff changeset	154 for (dnsbllp_map::iterator i=dnsblls.begin(); i!=dnsblls.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	155 DNSBLLP d = (*i).second;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	156 // *d is a list of pointers to DNSBL objects, but
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	157 // the underlying objects have already been deleted above.
0 96a9758165cd Initial revision carl parents: diff changeset	158 delete d;
96a9758165cd Initial revision carl parents: diff changeset	159 }
96a9758165cd Initial revision carl parents: diff changeset	160 for (from_map::iterator i=env_from.begin(); i!=env_from.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	161 string_map d = (i).second;
96a9758165cd Initial revision carl parents: diff changeset	162 delete d;
96a9758165cd Initial revision carl parents: diff changeset	163 }
96a9758165cd Initial revision carl parents: diff changeset	164 }
96a9758165cd Initial revision carl parents: diff changeset	165
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	166 static bool debug_syslog = false;
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	167 static bool loader_run = true; // used to stop the config loader thread
0 96a9758165cd Initial revision carl parents: diff changeset	168 static string_set all_strings; // owns all the strings, only modified by the config loader thread
96a9758165cd Initial revision carl parents: diff changeset	169 static CONFIG * config = NULL; // protected by the config_mutex
96a9758165cd Initial revision carl parents: diff changeset	170
96a9758165cd Initial revision carl parents: diff changeset	171 static pthread_mutex_t config_mutex;
96a9758165cd Initial revision carl parents: diff changeset	172 static pthread_mutex_t syslog_mutex;
96a9758165cd Initial revision carl parents: diff changeset	173 static pthread_mutex_t resolve_mutex;
96a9758165cd Initial revision carl parents: diff changeset	174
96a9758165cd Initial revision carl parents: diff changeset	175
96a9758165cd Initial revision carl parents: diff changeset	176 ////////////////////////////////////////////////
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	177 // helper to discard the strings held by a string_set
0 96a9758165cd Initial revision carl parents: diff changeset	178 //
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	179 static void discard(string_set &s);
8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	180 static void discard(string_set &s) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	181 for (string_set::iterator i=s.begin(); i!=s.end(); i++) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	182 free(*i);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	183 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	184 s.clear();
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	185 }
0 96a9758165cd Initial revision carl parents: diff changeset	186
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	187 ////////////////////////////////////////////////
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	188 // helper to register a string in a string set
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	189 //
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	190 static char* register_string(string_set &s, char *name);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	191 static char* register_string(string_set &s, char *name) {
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	192 string_set::iterator i = s.find(name);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	193 if (i != s.end()) return *i;
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	194 char *x = strdup(name);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	195 s.insert(x);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	196 return x;
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	197 }
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	198
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	199 ////////////////////////////////////////////////
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	200 // syslog a message
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	201 //
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	202 static void my_syslog(char *text);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	203 static void my_syslog(char *text) {
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	204 pthread_mutex_lock(&syslog_mutex);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	205 openlog("dnsbl", LOG_PID, LOG_MAIL);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	206 syslog(LOG_NOTICE, "%s", text);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	207 closelog();
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	208 pthread_mutex_unlock(&syslog_mutex);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	209 }
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	210
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	211
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	212 // include the content scanner
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	213 #include "scanner.cpp"
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	214
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	215
0 96a9758165cd Initial revision carl parents: diff changeset	216 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	217 // mail filter private data, held for us by sendmail
96a9758165cd Initial revision carl parents: diff changeset	218 //
96a9758165cd Initial revision carl parents: diff changeset	219 struct mlfiPriv
96a9758165cd Initial revision carl parents: diff changeset	220 {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	221 // connection specific data
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	222 CONFIG *pc; // global context with our maps
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	223 int ip; // ip4 address of the smtp client
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	224 map<DNSBLP, status> checked; // status from those lists
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	225 // message specific data
0 96a9758165cd Initial revision carl parents: diff changeset	226 char *mailaddr; // envelope from value
96a9758165cd Initial revision carl parents: diff changeset	227 bool authenticated; // client authenticated? if so, suppress all dnsbl checks
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	228 bool have_whites; // have at least one whitelisted recipient? need to accept content and remove all non-whitelisted recipients if it fails
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	229 bool only_whites; // every recipient is whitelisted?
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	230 string_set non_whites; // remember the non-whitelisted recipients so we can remove them if need be
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	231 recorder *memory; // memory for the content scanner
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	232 url_scanner *scanner; // object to handle body scanning
0 96a9758165cd Initial revision carl parents: diff changeset	233 mlfiPriv();
96a9758165cd Initial revision carl parents: diff changeset	234 ~mlfiPriv();
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	235 void reset(bool final = false); // for a new message
0 96a9758165cd Initial revision carl parents: diff changeset	236 };
96a9758165cd Initial revision carl parents: diff changeset	237 mlfiPriv::mlfiPriv() {
96a9758165cd Initial revision carl parents: diff changeset	238 pthread_mutex_lock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	239 pc = config;
96a9758165cd Initial revision carl parents: diff changeset	240 pc->reference_count++;
96a9758165cd Initial revision carl parents: diff changeset	241 pthread_mutex_unlock(&config_mutex);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	242 ip = 0;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	243 mailaddr = NULL;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	244 authenticated = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	245 have_whites = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	246 only_whites = true;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	247 memory = new recorder(&pc->html_tags);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	248 scanner = new url_scanner(memory);
0 96a9758165cd Initial revision carl parents: diff changeset	249 }
96a9758165cd Initial revision carl parents: diff changeset	250 mlfiPriv::~mlfiPriv() {
96a9758165cd Initial revision carl parents: diff changeset	251 pthread_mutex_lock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	252 pc->reference_count--;
96a9758165cd Initial revision carl parents: diff changeset	253 pthread_mutex_unlock(&config_mutex);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	254 reset(true);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	255 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	256 void mlfiPriv::reset(bool final) {
0 96a9758165cd Initial revision carl parents: diff changeset	257 if (mailaddr) free(mailaddr);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	258 discard(non_whites);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	259 delete memory;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	260 delete scanner;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	261 if (!final) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	262 mailaddr = NULL;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	263 authenticated = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	264 have_whites = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	265 only_whites = true;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	266 memory = new recorder(&pc->html_tags);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	267 scanner = new url_scanner(memory);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	268 }
0 96a9758165cd Initial revision carl parents: diff changeset	269 }
96a9758165cd Initial revision carl parents: diff changeset	270
96a9758165cd Initial revision carl parents: diff changeset	271 #define MLFIPRIV ((struct mlfiPriv *) smfi_getpriv(ctx))
96a9758165cd Initial revision carl parents: diff changeset	272
96a9758165cd Initial revision carl parents: diff changeset	273
96a9758165cd Initial revision carl parents: diff changeset	274 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	275 // register a global string
96a9758165cd Initial revision carl parents: diff changeset	276 //
96a9758165cd Initial revision carl parents: diff changeset	277 static char* register_string(char *name);
96a9758165cd Initial revision carl parents: diff changeset	278 static char* register_string(char *name) {
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	279 return register_string(all_strings, name);
0 96a9758165cd Initial revision carl parents: diff changeset	280 }
96a9758165cd Initial revision carl parents: diff changeset	281
96a9758165cd Initial revision carl parents: diff changeset	282
96a9758165cd Initial revision carl parents: diff changeset	283 static char* next_token(char *delim);
96a9758165cd Initial revision carl parents: diff changeset	284 static char* next_token(char *delim) {
96a9758165cd Initial revision carl parents: diff changeset	285 char *name = strtok(NULL, delim);
96a9758165cd Initial revision carl parents: diff changeset	286 if (!name) return name;
96a9758165cd Initial revision carl parents: diff changeset	287 return register_string(name);
96a9758165cd Initial revision carl parents: diff changeset	288 }
96a9758165cd Initial revision carl parents: diff changeset	289
96a9758165cd Initial revision carl parents: diff changeset	290
96a9758165cd Initial revision carl parents: diff changeset	291 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	292 // lookup an email address in the env_from or env_to maps
96a9758165cd Initial revision carl parents: diff changeset	293 //
96a9758165cd Initial revision carl parents: diff changeset	294 static char* lookup1(char *email, string_map map);
96a9758165cd Initial revision carl parents: diff changeset	295 static char* lookup1(char *email, string_map map) {
96a9758165cd Initial revision carl parents: diff changeset	296 string_map::iterator i = map.find(email);
96a9758165cd Initial revision carl parents: diff changeset	297 if (i != map.end()) return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	298 char *x = strchr(email, '@');
96a9758165cd Initial revision carl parents: diff changeset	299 if (!x) return DEFAULT;
96a9758165cd Initial revision carl parents: diff changeset	300 x++;
96a9758165cd Initial revision carl parents: diff changeset	301 i = map.find(x);
96a9758165cd Initial revision carl parents: diff changeset	302 if (i != map.end()) return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	303 return DEFAULT;
96a9758165cd Initial revision carl parents: diff changeset	304 }
96a9758165cd Initial revision carl parents: diff changeset	305
96a9758165cd Initial revision carl parents: diff changeset	306
96a9758165cd Initial revision carl parents: diff changeset	307 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	308 // lookup an email address in the env_from or env_to maps
96a9758165cd Initial revision carl parents: diff changeset	309 // this email address is passed in from sendmail, and will
96a9758165cd Initial revision carl parents: diff changeset	310 // always be enclosed in <>. It may have mixed case, just
96a9758165cd Initial revision carl parents: diff changeset	311 // as the mail client sent it.
96a9758165cd Initial revision carl parents: diff changeset	312 //
96a9758165cd Initial revision carl parents: diff changeset	313 static char* lookup(char* email, string_map map);
96a9758165cd Initial revision carl parents: diff changeset	314 static char* lookup(char* email, string_map map) {
96a9758165cd Initial revision carl parents: diff changeset	315 int n = strlen(email)-2;
96a9758165cd Initial revision carl parents: diff changeset	316 if (n < 1) return DEFAULT; // malformed
96a9758165cd Initial revision carl parents: diff changeset	317 char *key = strdup(email+1);
96a9758165cd Initial revision carl parents: diff changeset	318 key[n] = '\0';
96a9758165cd Initial revision carl parents: diff changeset	319 for (int i=0; i<n; i++) key[i] = tolower(key[i]);
96a9758165cd Initial revision carl parents: diff changeset	320 char *rc = lookup1(key, map);
96a9758165cd Initial revision carl parents: diff changeset	321 free(key);
96a9758165cd Initial revision carl parents: diff changeset	322 return rc;
96a9758165cd Initial revision carl parents: diff changeset	323 }
96a9758165cd Initial revision carl parents: diff changeset	324
96a9758165cd Initial revision carl parents: diff changeset	325
96a9758165cd Initial revision carl parents: diff changeset	326 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	327 // find the dnsbl with a specific name
96a9758165cd Initial revision carl parents: diff changeset	328 //
96a9758165cd Initial revision carl parents: diff changeset	329 static DNSBLP find_dnsbl(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	330 static DNSBLP find_dnsbl(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	331 dnsblp_map::iterator i = dc.dnsbls.find(name);
96a9758165cd Initial revision carl parents: diff changeset	332 if (i == dc.dnsbls.end()) return NULL;
96a9758165cd Initial revision carl parents: diff changeset	333 return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	334 }
96a9758165cd Initial revision carl parents: diff changeset	335
96a9758165cd Initial revision carl parents: diff changeset	336
96a9758165cd Initial revision carl parents: diff changeset	337 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	338 // find the dnsbll with a specific name
96a9758165cd Initial revision carl parents: diff changeset	339 //
96a9758165cd Initial revision carl parents: diff changeset	340 static DNSBLLP find_dnsbll(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	341 static DNSBLLP find_dnsbll(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	342 dnsbllp_map::iterator i = dc.dnsblls.find(name);
96a9758165cd Initial revision carl parents: diff changeset	343 if (i == dc.dnsblls.end()) return NULL;
96a9758165cd Initial revision carl parents: diff changeset	344 return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	345 }
96a9758165cd Initial revision carl parents: diff changeset	346
96a9758165cd Initial revision carl parents: diff changeset	347
96a9758165cd Initial revision carl parents: diff changeset	348 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	349 // find the envfrom map with a specific name
96a9758165cd Initial revision carl parents: diff changeset	350 //
96a9758165cd Initial revision carl parents: diff changeset	351 static string_map* find_from_map(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	352 static string_map* find_from_map(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	353 from_map::iterator i = dc.env_from.find(name);
96a9758165cd Initial revision carl parents: diff changeset	354 if (i == dc.env_from.end()) return NULL;
96a9758165cd Initial revision carl parents: diff changeset	355 return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	356 }
96a9758165cd Initial revision carl parents: diff changeset	357
96a9758165cd Initial revision carl parents: diff changeset	358
96a9758165cd Initial revision carl parents: diff changeset	359 static string_map& really_find_from_map(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	360 static string_map& really_find_from_map(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	361 string_map *sm = find_from_map(dc, name);
96a9758165cd Initial revision carl parents: diff changeset	362 if (!sm) {
96a9758165cd Initial revision carl parents: diff changeset	363 sm = new string_map;
96a9758165cd Initial revision carl parents: diff changeset	364 dc.env_from[name] = sm;
96a9758165cd Initial revision carl parents: diff changeset	365 }
96a9758165cd Initial revision carl parents: diff changeset	366 return *sm;
96a9758165cd Initial revision carl parents: diff changeset	367 }
96a9758165cd Initial revision carl parents: diff changeset	368
96a9758165cd Initial revision carl parents: diff changeset	369
96a9758165cd Initial revision carl parents: diff changeset	370 ////////////////////////////////////////////////
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	371 //
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	372 // ask a dns question and get an A record answer - we don't try
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	373 // very hard, just using the default resolver retry settings.
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	374 // If we cannot get an answer, we just accept the mail. The
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	375 // caller must ensure thread safety.
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	376 //
0 96a9758165cd Initial revision carl parents: diff changeset	377 //
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	378 static int dns_interface(char *question, bool maybe_ip);
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	379 static int dns_interface(char *question, bool maybe_ip) {
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	380 #ifdef NS_PACKETSZ
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	381 u_char answer[NS_PACKETSZ];
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	382 int length = res_search(question, ns_c_in, ns_t_a, answer, sizeof(answer));
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	383 if (length >= 0) { // no error yet
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	384 // parse the answer
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	385 ns_msg handle;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	386 ns_rr rr;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	387 if (ns_initparse(answer, length, &handle) == 0) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	388 int rrnum = 0;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	389 while (ns_parserr(&handle, ns_s_an, rrnum++, &rr) == 0) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	390 if (ns_rr_type(rr) == ns_t_a) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	391 int address;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	392 memcpy(&address, ns_rr_rdata(rr), sizeof(address));
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	393 return address;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	394 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	395 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	396 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	397 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	398 if (maybe_ip) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	399 // might be a bare ip address
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	400 in_addr ip;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	401 if (inet_aton(question, &ip)) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	402 return ip.s_addr;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	403 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	404 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	405 return 0;
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	406 #else
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	407 struct hostent *host = gethostbyname(question);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	408 if (!host) return 0;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	409 if (host->h_addrtype != AF_INET) return 0;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	410 int address;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	411 memcpy(&address, host->h_addr, sizeof(address));
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	412 return address;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	413 #endif
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	414 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	415
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	416 static int protected_dns_interface(char *question, bool maybe_ip);
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	417 static int protected_dns_interface(char *question, bool maybe_ip) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	418 int ans;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	419 pthread_mutex_lock(&resolve_mutex);
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	420 ans = dns_interface(question, maybe_ip);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	421 pthread_mutex_unlock(&resolve_mutex);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	422 return ans;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	423
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	424 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	425
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	426 ////////////////////////////////////////////////
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	427 // check a single dnsbl
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	428 //
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	429 static status check_single(int ip, char *suffix);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	430 static status check_single(int ip, char *suffix) {
0 96a9758165cd Initial revision carl parents: diff changeset	431 // make a dns question
96a9758165cd Initial revision carl parents: diff changeset	432 const u_char src = (const u_char )&ip;
96a9758165cd Initial revision carl parents: diff changeset	433 if (src[0] == 127) return oksofar; // don't do dns lookups on localhost
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	434 #ifdef NS_MAXDNAME
0 96a9758165cd Initial revision carl parents: diff changeset	435 char question[NS_MAXDNAME];
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	436 #else
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	437 char question[1000];
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	438 #endif
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	439 snprintf(question, sizeof(question), "%u.%u.%u.%u.%s.", src[3], src[2], src[1], src[0], suffix);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	440 // ask the question, if we get an A record it implies a blacklisted ip address
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	441 return (protected_dns_interface(question, false)) ? reject : oksofar;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	442 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	443
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	444
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	445 ////////////////////////////////////////////////
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	446 // check a single dnsbl
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	447 //
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	448 static status check_single(int ip, DNSBL &bl);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	449 static status check_single(int ip, DNSBL &bl) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	450 return check_single(ip, bl.suffix);
0 96a9758165cd Initial revision carl parents: diff changeset	451 }
96a9758165cd Initial revision carl parents: diff changeset	452
96a9758165cd Initial revision carl parents: diff changeset	453
96a9758165cd Initial revision carl parents: diff changeset	454 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	455 // check the dnsbls specified for this recipient
96a9758165cd Initial revision carl parents: diff changeset	456 //
96a9758165cd Initial revision carl parents: diff changeset	457 static status check_dnsbl(mlfiPriv &priv, DNSBLLP dnsbllp, DNSBLP &rejectlist);
96a9758165cd Initial revision carl parents: diff changeset	458 static status check_dnsbl(mlfiPriv &priv, DNSBLLP dnsbllp, DNSBLP &rejectlist) {
96a9758165cd Initial revision carl parents: diff changeset	459 if (priv.authenticated) return oksofar;
96a9758165cd Initial revision carl parents: diff changeset	460 if (!dnsbllp) return oksofar;
96a9758165cd Initial revision carl parents: diff changeset	461 DNSBLL &dnsbll = *dnsbllp;
96a9758165cd Initial revision carl parents: diff changeset	462 for (DNSBLL::iterator i=dnsbll.begin(); i!=dnsbll.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	463 DNSBLP dp = *i; // non null by construction
96a9758165cd Initial revision carl parents: diff changeset	464 status st;
96a9758165cd Initial revision carl parents: diff changeset	465 map<DNSBLP, status>::iterator f = priv.checked.find(dp);
96a9758165cd Initial revision carl parents: diff changeset	466 if (f == priv.checked.end()) {
96a9758165cd Initial revision carl parents: diff changeset	467 // have not checked this list yet
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	468 st = check_single(priv.ip, *dp);
0 96a9758165cd Initial revision carl parents: diff changeset	469 rejectlist = dp;
96a9758165cd Initial revision carl parents: diff changeset	470 priv.checked[dp] = st;
96a9758165cd Initial revision carl parents: diff changeset	471 }
96a9758165cd Initial revision carl parents: diff changeset	472 else {
96a9758165cd Initial revision carl parents: diff changeset	473 st = (*f).second;
96a9758165cd Initial revision carl parents: diff changeset	474 rejectlist = (*f).first;
96a9758165cd Initial revision carl parents: diff changeset	475 }
96a9758165cd Initial revision carl parents: diff changeset	476 if (st == reject) return st;
96a9758165cd Initial revision carl parents: diff changeset	477 }
96a9758165cd Initial revision carl parents: diff changeset	478 return oksofar;
96a9758165cd Initial revision carl parents: diff changeset	479 }
96a9758165cd Initial revision carl parents: diff changeset	480
96a9758165cd Initial revision carl parents: diff changeset	481
96a9758165cd Initial revision carl parents: diff changeset	482 ////////////////////////////////////////////////
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	483 // check the dnsbls specified for this recipient
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	484 //
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	485 static status check_hosts(mlfiPriv &priv, char *&host, int &ip);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	486 static status check_hosts(mlfiPriv &priv, char *&host, int &ip) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	487 CONFIG &dc = *priv.pc;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	488 if (!dc.content_suffix) return oksofar;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	489 int count = 0;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	490 for (string_set::iterator i=priv.memory->hosts.begin(); i!=priv.memory->hosts.end(); i++) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	491 count++;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	492 int lim = priv.pc->host_limit;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	493 if ((count > lim) && (lim > 0)) return reject_host;
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	494 host = *i;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	495 if (debug_syslog) {
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	496 char buf[200];
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	497 snprintf(buf, sizeof(buf), "looking for host %s", host);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	498 my_syslog(buf);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	499 }
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	500 ip = protected_dns_interface(host, true);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	501 if (ip) {
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	502 // if (debug_syslog) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	503 // char adr[sizeof "255.255.255.255"];
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	504 // adr[0] = '\0';
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	505 // inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	506 // char buf[200];
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	507 // snprintf(buf, sizeof(buf), "found host %s at %s", host, adr);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	508 // my_syslog(buf);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	509 // }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	510 status st = check_single(ip, dc.content_suffix);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	511 if (st == reject) return st;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	512 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	513 }
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	514 host = NULL;
26 fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	515 int bin = priv.memory->binary_tags;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	516 int bad = priv.memory->bad_html_tags;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	517 int lim = priv.pc->tag_limit;
26 fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	518 if (bin > bad) return oksofar; // probably .zip or .tar.gz with random content
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	519 if ((bad > lim) && (lim > 0)) return reject_tag;
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	520 return oksofar;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	521 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	522
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	523
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	524 ////////////////////////////////////////////////
0 96a9758165cd Initial revision carl parents: diff changeset	525 // start of sendmail milter interfaces
96a9758165cd Initial revision carl parents: diff changeset	526 //
96a9758165cd Initial revision carl parents: diff changeset	527 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr)
96a9758165cd Initial revision carl parents: diff changeset	528 {
96a9758165cd Initial revision carl parents: diff changeset	529 // allocate some private memory
96a9758165cd Initial revision carl parents: diff changeset	530 mlfiPriv *priv = new mlfiPriv;
96a9758165cd Initial revision carl parents: diff changeset	531 if (hostaddr->sa_family == AF_INET) {
96a9758165cd Initial revision carl parents: diff changeset	532 priv->ip = ((struct sockaddr_in *)hostaddr)->sin_addr.s_addr;
96a9758165cd Initial revision carl parents: diff changeset	533 }
96a9758165cd Initial revision carl parents: diff changeset	534
96a9758165cd Initial revision carl parents: diff changeset	535 // save the private data
96a9758165cd Initial revision carl parents: diff changeset	536 smfi_setpriv(ctx, (void*)priv);
96a9758165cd Initial revision carl parents: diff changeset	537
96a9758165cd Initial revision carl parents: diff changeset	538 // continue processing
96a9758165cd Initial revision carl parents: diff changeset	539 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	540 }
96a9758165cd Initial revision carl parents: diff changeset	541
96a9758165cd Initial revision carl parents: diff changeset	542 sfsistat mlfi_envfrom(SMFICTX ctx, char *from)
96a9758165cd Initial revision carl parents: diff changeset	543 {
96a9758165cd Initial revision carl parents: diff changeset	544 mlfiPriv &priv = *MLFIPRIV;
96a9758165cd Initial revision carl parents: diff changeset	545 priv.mailaddr = strdup(from[0]);
96a9758165cd Initial revision carl parents: diff changeset	546 priv.authenticated = (smfi_getsymval(ctx, "{auth_authen}") != NULL);
96a9758165cd Initial revision carl parents: diff changeset	547 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	548 }
96a9758165cd Initial revision carl parents: diff changeset	549
96a9758165cd Initial revision carl parents: diff changeset	550 sfsistat mlfi_envrcpt(SMFICTX ctx, char *rcpt)
96a9758165cd Initial revision carl parents: diff changeset	551 {
96a9758165cd Initial revision carl parents: diff changeset	552 DNSBLP rejectlist = NULL; // list that caused the reject
96a9758165cd Initial revision carl parents: diff changeset	553 status st = oksofar;
96a9758165cd Initial revision carl parents: diff changeset	554 mlfiPriv &priv = *MLFIPRIV;
96a9758165cd Initial revision carl parents: diff changeset	555 CONFIG &dc = *priv.pc;
96a9758165cd Initial revision carl parents: diff changeset	556 char *rcptaddr = rcpt[0];
96a9758165cd Initial revision carl parents: diff changeset	557 char *dnsname = lookup(rcptaddr, dc.env_to_dnsbll);
96a9758165cd Initial revision carl parents: diff changeset	558 char *fromname = lookup(rcptaddr, dc.env_to_chkfrom);
96a9758165cd Initial revision carl parents: diff changeset	559 if ((strcmp(dnsname, BLACK) == 0) \|\|
96a9758165cd Initial revision carl parents: diff changeset	560 (strcmp(fromname, BLACK) == 0)) {
96a9758165cd Initial revision carl parents: diff changeset	561 st = black; // two options to blacklist this recipient
96a9758165cd Initial revision carl parents: diff changeset	562 }
96a9758165cd Initial revision carl parents: diff changeset	563 else if (strcmp(fromname, WHITE) == 0) {
96a9758165cd Initial revision carl parents: diff changeset	564 st = white;
96a9758165cd Initial revision carl parents: diff changeset	565 }
96a9758165cd Initial revision carl parents: diff changeset	566 else {
96a9758165cd Initial revision carl parents: diff changeset	567 // check an env_from map
96a9758165cd Initial revision carl parents: diff changeset	568 string_map *sm = find_from_map(dc, fromname);
96a9758165cd Initial revision carl parents: diff changeset	569 if (sm != NULL) {
96a9758165cd Initial revision carl parents: diff changeset	570 fromname = lookup(priv.mailaddr, *sm); // returns default if name not in map
96a9758165cd Initial revision carl parents: diff changeset	571 if (strcmp(fromname, BLACK) == 0) {
96a9758165cd Initial revision carl parents: diff changeset	572 st = black; // blacklist this envelope from value
96a9758165cd Initial revision carl parents: diff changeset	573 }
96a9758165cd Initial revision carl parents: diff changeset	574 if (strcmp(fromname, WHITE) == 0) {
96a9758165cd Initial revision carl parents: diff changeset	575 st = white; // blacklist this envelope from value
96a9758165cd Initial revision carl parents: diff changeset	576 }
96a9758165cd Initial revision carl parents: diff changeset	577 }
96a9758165cd Initial revision carl parents: diff changeset	578 }
96a9758165cd Initial revision carl parents: diff changeset	579 if ((st == oksofar) && (strcmp(dnsname, WHITE) != 0)) {
96a9758165cd Initial revision carl parents: diff changeset	580 // check dns lists
96a9758165cd Initial revision carl parents: diff changeset	581 st = check_dnsbl(priv, find_dnsbll(dc, dnsname), rejectlist);
96a9758165cd Initial revision carl parents: diff changeset	582 }
96a9758165cd Initial revision carl parents: diff changeset	583
96a9758165cd Initial revision carl parents: diff changeset	584 if (st == reject) {
96a9758165cd Initial revision carl parents: diff changeset	585 // reject the recipient based on some dnsbl
96a9758165cd Initial revision carl parents: diff changeset	586 char adr[sizeof "255.255.255.255"];
96a9758165cd Initial revision carl parents: diff changeset	587 adr[0] = '\0';
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	588 inet_ntop(AF_INET, (const u_char *)&priv.ip, adr, sizeof(adr));
0 96a9758165cd Initial revision carl parents: diff changeset	589 char buf[2000];
96a9758165cd Initial revision carl parents: diff changeset	590 snprintf(buf, sizeof(buf), rejectlist->message, adr, adr);
96a9758165cd Initial revision carl parents: diff changeset	591 smfi_setreply(ctx, "550", "5.7.1", buf);
96a9758165cd Initial revision carl parents: diff changeset	592 return SMFIS_REJECT;
96a9758165cd Initial revision carl parents: diff changeset	593 }
96a9758165cd Initial revision carl parents: diff changeset	594 else if (st == black) {
96a9758165cd Initial revision carl parents: diff changeset	595 // reject the recipient based on blacklisting either from or to
96a9758165cd Initial revision carl parents: diff changeset	596 smfi_setreply(ctx, "550", "5.7.1", "no such user");
96a9758165cd Initial revision carl parents: diff changeset	597 return SMFIS_REJECT;
96a9758165cd Initial revision carl parents: diff changeset	598 }
96a9758165cd Initial revision carl parents: diff changeset	599 else {
96a9758165cd Initial revision carl parents: diff changeset	600 // accept the recipient
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	601 if (st == oksofar) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	602 // but remember the non-whites
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	603 register_string(priv.non_whites, rcptaddr);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	604 priv.only_whites = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	605 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	606 if (st == white) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	607 priv.have_whites = true;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	608 }
0 96a9758165cd Initial revision carl parents: diff changeset	609 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	610 }
96a9758165cd Initial revision carl parents: diff changeset	611 }
96a9758165cd Initial revision carl parents: diff changeset	612
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	613 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len)
0 96a9758165cd Initial revision carl parents: diff changeset	614 {
96a9758165cd Initial revision carl parents: diff changeset	615 mlfiPriv &priv = *MLFIPRIV;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	616 if (priv.authenticated) return SMFIS_CONTINUE;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	617 if (priv.only_whites) return SMFIS_CONTINUE;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	618 priv.scanner->scan(data, len);
11 2c206836b4cc integration work on url scanner carl parents: 9 diff changeset	619 return SMFIS_CONTINUE;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	620 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	621
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	622 sfsistat mlfi_eom(SMFICTX *ctx)
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	623 {
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	624 sfsistat rc;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	625 mlfiPriv &priv = *MLFIPRIV;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	626 char *host = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	627 int ip;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	628 status st;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	629 // process end of message
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	630 if (priv.authenticated \|\|
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	631 priv.only_whites \|\|
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	632 ((st=check_hosts(priv, host, ip)) == oksofar)) rc = SMFIS_CONTINUE;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	633 else {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	634 if (!priv.have_whites) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	635 // can reject the entire message
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	636 char buf[2000];
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	637 if (st == reject_tag) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	638 // rejected due to excessive bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	639 snprintf(buf, sizeof(buf), priv.pc->tag_limit_message);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	640 }
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	641 else if (st == reject_host) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	642 // rejected due to excessive unique host/urls
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	643 snprintf(buf, sizeof(buf), priv.pc->host_limit_message);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	644 }
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	645 else {
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	646 char adr[sizeof "255.255.255.255"];
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	647 adr[0] = '\0';
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	648 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	649 snprintf(buf, sizeof(buf), priv.pc->content_message, host, adr);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	650 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	651 smfi_setreply(ctx, "550", "5.7.1", buf);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	652 rc = SMFIS_REJECT;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	653 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	654 else {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	655 // need to accept it but remove the recipients that don't want it
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	656 for (string_set::iterator i=priv.non_whites.begin(); i!=priv.non_whites.end(); i++) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	657 char rcpt = i;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	658 smfi_delrcpt(ctx, rcpt);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	659 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	660 rc = SMFIS_CONTINUE;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	661 }
0 96a9758165cd Initial revision carl parents: diff changeset	662 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	663 // reset for a new message on the same connection
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	664 mlfi_abort(ctx);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	665 return rc;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	666 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	667
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	668 sfsistat mlfi_abort(SMFICTX *ctx)
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	669 {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	670 mlfiPriv &priv = *MLFIPRIV;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	671 priv.reset();
0 96a9758165cd Initial revision carl parents: diff changeset	672 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	673 }
96a9758165cd Initial revision carl parents: diff changeset	674
96a9758165cd Initial revision carl parents: diff changeset	675 sfsistat mlfi_close(SMFICTX *ctx)
96a9758165cd Initial revision carl parents: diff changeset	676 {
96a9758165cd Initial revision carl parents: diff changeset	677 mlfiPriv *priv = MLFIPRIV;
96a9758165cd Initial revision carl parents: diff changeset	678 if (!priv) return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	679 delete priv;
96a9758165cd Initial revision carl parents: diff changeset	680 smfi_setpriv(ctx, NULL);
96a9758165cd Initial revision carl parents: diff changeset	681 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	682 }
96a9758165cd Initial revision carl parents: diff changeset	683
96a9758165cd Initial revision carl parents: diff changeset	684 struct smfiDesc smfilter =
96a9758165cd Initial revision carl parents: diff changeset	685 {
96a9758165cd Initial revision carl parents: diff changeset	686 "DNSBL", // filter name
96a9758165cd Initial revision carl parents: diff changeset	687 SMFI_VERSION, // version code -- do not change
96a9758165cd Initial revision carl parents: diff changeset	688 SMFIF_DELRCPT, // flags
96a9758165cd Initial revision carl parents: diff changeset	689 mlfi_connect, // connection info filter
96a9758165cd Initial revision carl parents: diff changeset	690 NULL, // SMTP HELO command filter
96a9758165cd Initial revision carl parents: diff changeset	691 mlfi_envfrom, // envelope sender filter
96a9758165cd Initial revision carl parents: diff changeset	692 mlfi_envrcpt, // envelope recipient filter
96a9758165cd Initial revision carl parents: diff changeset	693 NULL, // header filter
96a9758165cd Initial revision carl parents: diff changeset	694 NULL, // end of header
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	695 mlfi_body, // body block filter
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	696 mlfi_eom, // end of message
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	697 mlfi_abort, // message aborted
0 96a9758165cd Initial revision carl parents: diff changeset	698 mlfi_close, // connection cleanup
96a9758165cd Initial revision carl parents: diff changeset	699 };
96a9758165cd Initial revision carl parents: diff changeset	700
96a9758165cd Initial revision carl parents: diff changeset	701
96a9758165cd Initial revision carl parents: diff changeset	702 static void dumpit(char *name, string_map map);
96a9758165cd Initial revision carl parents: diff changeset	703 static void dumpit(char *name, string_map map) {
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	704 fprintf(stdout, "\n");
0 96a9758165cd Initial revision carl parents: diff changeset	705 for (string_map::iterator i=map.begin(); i!=map.end(); i++) {
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	706 fprintf(stdout, "%s %s->%s\n", name, (i).first, (i).second);
0 96a9758165cd Initial revision carl parents: diff changeset	707 }
96a9758165cd Initial revision carl parents: diff changeset	708 }
96a9758165cd Initial revision carl parents: diff changeset	709
96a9758165cd Initial revision carl parents: diff changeset	710
96a9758165cd Initial revision carl parents: diff changeset	711 static void dumpit(from_map map);
96a9758165cd Initial revision carl parents: diff changeset	712 static void dumpit(from_map map) {
96a9758165cd Initial revision carl parents: diff changeset	713 for (from_map::iterator i=map.begin(); i!=map.end(); i++) {
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	714 char buf[2000];
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	715 snprintf(buf, sizeof(buf), "envelope from map for %s", (*i).first);
0 96a9758165cd Initial revision carl parents: diff changeset	716 string_map sm = (i).second;
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	717 dumpit(buf, *sm);
0 96a9758165cd Initial revision carl parents: diff changeset	718 }
96a9758165cd Initial revision carl parents: diff changeset	719 }
96a9758165cd Initial revision carl parents: diff changeset	720
96a9758165cd Initial revision carl parents: diff changeset	721
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	722 static void dumpit(CONFIG &dc);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	723 static void dumpit(CONFIG &dc) {
5 793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	724 dumpit(dc.env_from);
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	725 dumpit("envelope to (dnsbl list)", dc.env_to_dnsbll);
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	726 dumpit("envelope to (from map)", dc.env_to_chkfrom);
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	727 fprintf(stdout, "\ndnsbls\n");
0 96a9758165cd Initial revision carl parents: diff changeset	728 for (dnsblp_map::iterator i=dc.dnsbls.begin(); i!=dc.dnsbls.end(); i++) {
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	729 fprintf(stdout, "%s %s %s\n", (i).first, (i).second->suffix, (*i).second->message);
0 96a9758165cd Initial revision carl parents: diff changeset	730 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	731 fprintf(stdout, "\ndnsbl_lists\n");
0 96a9758165cd Initial revision carl parents: diff changeset	732 for (dnsbllp_map::iterator i=dc.dnsblls.begin(); i!=dc.dnsblls.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	733 char name = (i).first;
96a9758165cd Initial revision carl parents: diff changeset	734 DNSBLL &dl = ((i).second);
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	735 fprintf(stdout, "%s", name);
0 96a9758165cd Initial revision carl parents: diff changeset	736 for (DNSBLL::iterator j=dl.begin(); j!=dl.end(); j++) {
96a9758165cd Initial revision carl parents: diff changeset	737 DNSBL &d = **j;
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	738 fprintf(stdout, " %s", d.suffix);
0 96a9758165cd Initial revision carl parents: diff changeset	739 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	740 fprintf(stdout, "\n");
0 96a9758165cd Initial revision carl parents: diff changeset	741 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	742 if (dc.content_suffix) {
8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	743 fprintf(stdout, "\ncontent filtering enabled with %s %s\n", dc.content_suffix, dc.content_message);
8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	744 }
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	745 if (dc.host_limit) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	746 fprintf(stdout, "\ncontent filtering for host names enabled with limit %d %s\n", dc.host_limit, dc.host_limit_message);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	747 }
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	748 if (dc.tag_limit) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	749 fprintf(stdout, "\ncontent filtering for excessive html tags enabled with limit %d %s\n", dc.tag_limit, dc.tag_limit_message);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	750 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	751 fprintf(stdout, "\nfiles\n");
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	752 for (string_list::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	753 char f = i;
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	754 fprintf(stdout, "config includes %s\n", f);
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	755 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	756 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	757
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	758
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	759 ////////////////////////////////////////////////
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	760 // check for redundant or recursive include files
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	761 //
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	762 static bool ok_to_include(CONFIG &dc, char *fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	763 static bool ok_to_include(CONFIG &dc, char *fn) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	764 if (!fn) return false;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	765 bool ok = true;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	766 for (string_list::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	767 char f = i;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	768 if (strcmp(f, fn) == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	769 my_syslog("redundant or recursive include file detected");
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	770 ok = false;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	771 break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	772 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	773 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	774 return ok;
0 96a9758165cd Initial revision carl parents: diff changeset	775 }
96a9758165cd Initial revision carl parents: diff changeset	776
96a9758165cd Initial revision carl parents: diff changeset	777
96a9758165cd Initial revision carl parents: diff changeset	778 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	779 // load a single config file
96a9758165cd Initial revision carl parents: diff changeset	780 //
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	781 static void load_conf_dcc(CONFIG &dc, char name, char fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	782 static void load_conf_dcc(CONFIG &dc, char name, char fn) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	783 dc.config_files.push_back(fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	784 char *list = BLACK;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	785 const int LINE_SIZE = 2000;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	786 ifstream is(fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	787 if (is.fail()) return;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	788 char line[LINE_SIZE];
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	789 char *delim = " \t";
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	790 int curline = 0;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	791 while (!is.eof()) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	792 is.getline(line, LINE_SIZE);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	793 curline++;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	794 int n = strlen(line);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	795 if (!n) continue;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	796 for (int i=0; i<n; i++) line[i] = tolower(line[i]);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	797 if (line[0] == '#') continue;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	798 char *head = line;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	799 if (strspn(line, delim) == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	800 // have a leading ok/many tag to fetch
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	801 char *cmd = strtok(line, delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	802 if (strcmp(cmd, MANY) == 0) list = BLACK;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	803 else if (strcmp(cmd, OK) == 0) list = WHITE;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	804 head = cmd + strlen(cmd) + 1;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	805 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	806 char *cmd = strtok(head, delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	807 if (!cmd) continue;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	808 if (strcmp(cmd, "env_from") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	809 char *from = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	810 if (from) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	811 string_map &fm = really_find_from_map(dc, name);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	812 fm[from] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	813 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	814 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	815 else if (strcmp(cmd, "env_to") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	816 char *to = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	817 if (to) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	818 dc.env_to_dnsbll[to] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	819 dc.env_to_chkfrom[to] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	820 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	821 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	822 else if (strcmp(cmd, "substitute") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	823 char *tag = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	824 if (tag && (strcmp(tag, "mail_host") == 0)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	825 char *from = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	826 if (from) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	827 string_map &fm = really_find_from_map(dc, name);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	828 fm[from] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	829 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	830 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	831 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	832 else if (strcmp(cmd, "include") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	833 char *fn = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	834 if (ok_to_include(dc, fn)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	835 load_conf_dcc(dc, name, fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	836 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	837 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	838
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	839 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	840 is.close();
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	841 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	842
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	843
0 96a9758165cd Initial revision carl parents: diff changeset	844 static void load_conf(CONFIG &dc, char *fn);
96a9758165cd Initial revision carl parents: diff changeset	845 static void load_conf(CONFIG &dc, char *fn) {
96a9758165cd Initial revision carl parents: diff changeset	846 dc.config_files.push_back(fn);
96a9758165cd Initial revision carl parents: diff changeset	847 map<char*, int, ltstr> commands;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	848 enum {dummy, content, hostlimit, htmllimit, htmltag, dnsbl, dnsbll, envfrom, envto, include, includedcc};
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	849 commands["content" ] = content;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	850 commands["host_limit" ] = hostlimit;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	851 commands["html_limit" ] = htmllimit;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	852 commands["html_tag" ] = htmltag;
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	853 commands["dnsbl" ] = dnsbl;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	854 commands["dnsbl_list" ] = dnsbll;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	855 commands["env_from" ] = envfrom;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	856 commands["env_to" ] = envto;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	857 commands["include" ] = include;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	858 commands["include_dcc"] = includedcc;
0 96a9758165cd Initial revision carl parents: diff changeset	859 const int LINE_SIZE = 2000;
96a9758165cd Initial revision carl parents: diff changeset	860 ifstream is(fn);
96a9758165cd Initial revision carl parents: diff changeset	861 if (is.fail()) return;
96a9758165cd Initial revision carl parents: diff changeset	862 char line[LINE_SIZE];
96a9758165cd Initial revision carl parents: diff changeset	863 char orig[LINE_SIZE];
96a9758165cd Initial revision carl parents: diff changeset	864 char *delim = " \t";
96a9758165cd Initial revision carl parents: diff changeset	865 int curline = 0;
96a9758165cd Initial revision carl parents: diff changeset	866 while (!is.eof()) {
96a9758165cd Initial revision carl parents: diff changeset	867 is.getline(line, LINE_SIZE);
96a9758165cd Initial revision carl parents: diff changeset	868 snprintf(orig, sizeof(orig), "%s", line);
96a9758165cd Initial revision carl parents: diff changeset	869 curline++;
96a9758165cd Initial revision carl parents: diff changeset	870 int n = strlen(line);
96a9758165cd Initial revision carl parents: diff changeset	871 for (int i=0; i<n; i++) line[i] = tolower(line[i]);
96a9758165cd Initial revision carl parents: diff changeset	872 char *cmd = strtok(line, delim);
96a9758165cd Initial revision carl parents: diff changeset	873 if (cmd && (cmd[0] != '#') && (cmd[0] != '\0')) {
96a9758165cd Initial revision carl parents: diff changeset	874 // have a decent command
96a9758165cd Initial revision carl parents: diff changeset	875 bool processed = false;
96a9758165cd Initial revision carl parents: diff changeset	876 switch (commands[cmd]) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	877 case content: {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	878 char *suff = strtok(NULL, delim);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	879 if (!suff) break; // no dns suffix
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	880 char *msg = suff + strlen(suff);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	881 if ((msg - line) >= strlen(orig)) break; // line ended with the dns suffix
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	882 msg = strchr(msg+1, '\'');
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	883 if (!msg) break; // no reply message template
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	884 msg++; // move over the leading '
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	885 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	886 char *last = strchr(msg, '\'');
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	887 if (!last) break; // no trailing quote
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	888 *last = '\0'; // make it a null terminator
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	889 dc.content_suffix = register_string(suff);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	890 dc.content_message = register_string(msg);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	891 processed = true;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	892 } break;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	893
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	894 case hostlimit: {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	895 char *limit = strtok(NULL, delim);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	896 if (!limit) break; // no integer limit
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	897 char *msg = limit + strlen(limit);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	898 if ((msg - line) >= strlen(orig)) break; // line ended with the limit
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	899 msg = strchr(msg+1, '\'');
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	900 if (!msg) break; // no reply message template
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	901 msg++; // move over the leading '
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	902 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	903 char *last = strchr(msg, '\'');
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	904 if (!last) break; // no trailing quote
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	905 *last = '\0'; // make it a null terminator
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	906 dc.host_limit = atoi(limit);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	907 dc.host_limit_message = register_string(msg);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	908 processed = true;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	909 } break;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	910
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	911 case htmllimit: {
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	912 char *limit = strtok(NULL, delim);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	913 if (!limit) break; // no integer limit
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	914 char *msg = limit + strlen(limit);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	915 if ((msg - line) >= strlen(orig)) break; // line ended with the limit
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	916 msg = strchr(msg+1, '\'');
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	917 if (!msg) break; // no reply message template
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	918 msg++; // move over the leading '
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	919 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	920 char *last = strchr(msg, '\'');
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	921 if (!last) break; // no trailing quote
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	922 *last = '\0'; // make it a null terminator
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	923 dc.tag_limit = atoi(limit);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	924 dc.tag_limit_message = register_string(msg);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	925 processed = true;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	926 } break;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	927
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	928 case htmltag: {
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	929 char *tag = next_token(delim);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	930 if (!tag) break; // no html tag value
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	931 dc.html_tags.insert(tag); // base version
26 fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	932 char buf[200];
fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	933 snprintf(buf, sizeof(buf), "/%s", tag);
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	934 dc.html_tags.insert(register_string(buf)); // leading /
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	935 snprintf(buf, sizeof(buf), "%s/", tag);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	936 dc.html_tags.insert(register_string(buf)); // trailing /
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	937 processed = true;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	938 } break;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	939
0 96a9758165cd Initial revision carl parents: diff changeset	940 case dnsbl: {
96a9758165cd Initial revision carl parents: diff changeset	941 // have a new dnsbl to use
96a9758165cd Initial revision carl parents: diff changeset	942 char *name = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	943 if (!name) break; // no name name
96a9758165cd Initial revision carl parents: diff changeset	944 if (find_dnsbl(dc, name)) break; // duplicate entry
96a9758165cd Initial revision carl parents: diff changeset	945 char *suff = strtok(NULL, delim);
96a9758165cd Initial revision carl parents: diff changeset	946 if (!suff) break; // no dns suffic
96a9758165cd Initial revision carl parents: diff changeset	947 char *msg = suff + strlen(suff);
96a9758165cd Initial revision carl parents: diff changeset	948 if ((msg - line) >= strlen(orig)) break; // line ended with the dns suffix
96a9758165cd Initial revision carl parents: diff changeset	949 msg = strchr(msg+1, '\'');
96a9758165cd Initial revision carl parents: diff changeset	950 if (!msg) break; // no reply message template
96a9758165cd Initial revision carl parents: diff changeset	951 msg++; // move over the leading '
96a9758165cd Initial revision carl parents: diff changeset	952 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
96a9758165cd Initial revision carl parents: diff changeset	953 char *last = strchr(msg, '\'');
96a9758165cd Initial revision carl parents: diff changeset	954 if (!last) break; // no trailing quote
96a9758165cd Initial revision carl parents: diff changeset	955 *last = '\0'; // make it a null terminator
96a9758165cd Initial revision carl parents: diff changeset	956 dc.dnsbls[name] = new DNSBL(register_string(suff), register_string(msg));
96a9758165cd Initial revision carl parents: diff changeset	957 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	958 } break;
96a9758165cd Initial revision carl parents: diff changeset	959
96a9758165cd Initial revision carl parents: diff changeset	960 case dnsbll: {
96a9758165cd Initial revision carl parents: diff changeset	961 // define a new combination of dnsbls
96a9758165cd Initial revision carl parents: diff changeset	962 char *name = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	963 if (!name) break;
96a9758165cd Initial revision carl parents: diff changeset	964 if (find_dnsbll(dc, name)) break; // duplicate entry
96a9758165cd Initial revision carl parents: diff changeset	965 char *list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	966 if (!list \|\| (list == '\0') \|\| (list == '#')) break;
96a9758165cd Initial revision carl parents: diff changeset	967 DNSBLLP d = new DNSBLL;
96a9758165cd Initial revision carl parents: diff changeset	968 DNSBLP p = find_dnsbl(dc, list);
96a9758165cd Initial revision carl parents: diff changeset	969 if (p) d->push_back(p);
96a9758165cd Initial revision carl parents: diff changeset	970 while (true) {
96a9758165cd Initial revision carl parents: diff changeset	971 list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	972 if (!list \|\| (list == '\0') \|\| (list == '#')) break;
96a9758165cd Initial revision carl parents: diff changeset	973 DNSBLP p = find_dnsbl(dc, list);
96a9758165cd Initial revision carl parents: diff changeset	974 if (p) d->push_back(p);
96a9758165cd Initial revision carl parents: diff changeset	975 }
96a9758165cd Initial revision carl parents: diff changeset	976 dc.dnsblls[name] = d;
96a9758165cd Initial revision carl parents: diff changeset	977 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	978 } break;
96a9758165cd Initial revision carl parents: diff changeset	979
96a9758165cd Initial revision carl parents: diff changeset	980 case envfrom: {
96a9758165cd Initial revision carl parents: diff changeset	981 // add an entry into the named string_map
96a9758165cd Initial revision carl parents: diff changeset	982 char *name = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	983 if (!name) break;
96a9758165cd Initial revision carl parents: diff changeset	984 char *from = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	985 if (!from) break;
96a9758165cd Initial revision carl parents: diff changeset	986 char *list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	987 if (!list) break;
96a9758165cd Initial revision carl parents: diff changeset	988 if ((strcmp(list, WHITE) == 0) \|\|
96a9758165cd Initial revision carl parents: diff changeset	989 (strcmp(list, BLACK) == 0)) {
96a9758165cd Initial revision carl parents: diff changeset	990 string_map &fm = really_find_from_map(dc, name);
96a9758165cd Initial revision carl parents: diff changeset	991 fm[from] = list;
96a9758165cd Initial revision carl parents: diff changeset	992 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	993 }
96a9758165cd Initial revision carl parents: diff changeset	994 else {
96a9758165cd Initial revision carl parents: diff changeset	995 // list may be the name of a previously defined from_map
96a9758165cd Initial revision carl parents: diff changeset	996 string_map *m = find_from_map(dc, list);
96a9758165cd Initial revision carl parents: diff changeset	997 if (m && (strcmp(list,name) != 0)) {
96a9758165cd Initial revision carl parents: diff changeset	998 string_map &pm = *m;
96a9758165cd Initial revision carl parents: diff changeset	999 string_map &fm = really_find_from_map(dc, name);
96a9758165cd Initial revision carl parents: diff changeset	1000 fm.insert(pm.begin(), pm.end());
96a9758165cd Initial revision carl parents: diff changeset	1001 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	1002 }
96a9758165cd Initial revision carl parents: diff changeset	1003 }
96a9758165cd Initial revision carl parents: diff changeset	1004 } break;
96a9758165cd Initial revision carl parents: diff changeset	1005
96a9758165cd Initial revision carl parents: diff changeset	1006 case envto: {
96a9758165cd Initial revision carl parents: diff changeset	1007 // define the dnsbl_list and env_from maps to use for this recipient
96a9758165cd Initial revision carl parents: diff changeset	1008 char *to = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	1009 if (!to) break;
96a9758165cd Initial revision carl parents: diff changeset	1010 char *list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	1011 if (!list) break;
96a9758165cd Initial revision carl parents: diff changeset	1012 char *from = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	1013 if (!from) break;
96a9758165cd Initial revision carl parents: diff changeset	1014 dc.env_to_dnsbll[to] = list;
96a9758165cd Initial revision carl parents: diff changeset	1015 dc.env_to_chkfrom[to] = from;
96a9758165cd Initial revision carl parents: diff changeset	1016 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	1017 } break;
96a9758165cd Initial revision carl parents: diff changeset	1018
96a9758165cd Initial revision carl parents: diff changeset	1019 case include: {
96a9758165cd Initial revision carl parents: diff changeset	1020 char *fn = next_token(delim);
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1021 if (ok_to_include(dc, fn)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1022 load_conf(dc, fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1023 processed = true;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1024 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1025 } break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1026
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1027 case includedcc: {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1028 char *name = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1029 if (!name) break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1030 char *fn = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1031 if (ok_to_include(dc, fn)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1032 load_conf_dcc(dc, name, fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1033 processed = true;
0 96a9758165cd Initial revision carl parents: diff changeset	1034 }
96a9758165cd Initial revision carl parents: diff changeset	1035 } break;
96a9758165cd Initial revision carl parents: diff changeset	1036
96a9758165cd Initial revision carl parents: diff changeset	1037 default: {
96a9758165cd Initial revision carl parents: diff changeset	1038 } break;
96a9758165cd Initial revision carl parents: diff changeset	1039 }
96a9758165cd Initial revision carl parents: diff changeset	1040 if (!processed) {
96a9758165cd Initial revision carl parents: diff changeset	1041 pthread_mutex_lock(&syslog_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1042 openlog("dnsbl", LOG_PID, LOG_MAIL);
96a9758165cd Initial revision carl parents: diff changeset	1043 syslog(LOG_ERR, "ignoring file %s line %d : %s\n", fn, curline, orig);
96a9758165cd Initial revision carl parents: diff changeset	1044 closelog();
96a9758165cd Initial revision carl parents: diff changeset	1045 pthread_mutex_unlock(&syslog_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1046 }
96a9758165cd Initial revision carl parents: diff changeset	1047 }
96a9758165cd Initial revision carl parents: diff changeset	1048 }
96a9758165cd Initial revision carl parents: diff changeset	1049 is.close();
96a9758165cd Initial revision carl parents: diff changeset	1050 }
96a9758165cd Initial revision carl parents: diff changeset	1051
96a9758165cd Initial revision carl parents: diff changeset	1052
96a9758165cd Initial revision carl parents: diff changeset	1053 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	1054 // reload the config
96a9758165cd Initial revision carl parents: diff changeset	1055 //
96a9758165cd Initial revision carl parents: diff changeset	1056 static CONFIG* new_conf();
96a9758165cd Initial revision carl parents: diff changeset	1057 static CONFIG* new_conf() {
96a9758165cd Initial revision carl parents: diff changeset	1058 my_syslog("loading new configuration");
96a9758165cd Initial revision carl parents: diff changeset	1059 CONFIG *newc = new CONFIG;
96a9758165cd Initial revision carl parents: diff changeset	1060 load_conf(*newc, "dnsbl.conf");
96a9758165cd Initial revision carl parents: diff changeset	1061 newc->load_time = time(NULL);
96a9758165cd Initial revision carl parents: diff changeset	1062 return newc;
96a9758165cd Initial revision carl parents: diff changeset	1063 }
96a9758165cd Initial revision carl parents: diff changeset	1064
96a9758165cd Initial revision carl parents: diff changeset	1065
96a9758165cd Initial revision carl parents: diff changeset	1066 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	1067 // thread to watch the old config files for changes
96a9758165cd Initial revision carl parents: diff changeset	1068 // and reload when needed. we also cleanup old
96a9758165cd Initial revision carl parents: diff changeset	1069 // configs whose reference count has gone to zero.
96a9758165cd Initial revision carl parents: diff changeset	1070 //
96a9758165cd Initial revision carl parents: diff changeset	1071 static void* config_loader(void *arg);
96a9758165cd Initial revision carl parents: diff changeset	1072 static void* config_loader(void *arg) {
96a9758165cd Initial revision carl parents: diff changeset	1073 typedef set<CONFIG *> configp_set;
96a9758165cd Initial revision carl parents: diff changeset	1074 configp_set old_configs;
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1075 while (loader_run) {
0 96a9758165cd Initial revision carl parents: diff changeset	1076 sleep(180); // look for modifications every 3 minutes
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1077 if (!loader_run) break;
0 96a9758165cd Initial revision carl parents: diff changeset	1078 CONFIG &dc = *config;
96a9758165cd Initial revision carl parents: diff changeset	1079 time_t then = dc.load_time;
96a9758165cd Initial revision carl parents: diff changeset	1080 struct stat st;
96a9758165cd Initial revision carl parents: diff changeset	1081 bool reload = false;
96a9758165cd Initial revision carl parents: diff changeset	1082 for (string_list::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	1083 char fn = i;
96a9758165cd Initial revision carl parents: diff changeset	1084 if (stat(fn, &st)) reload = true; // file disappeared
96a9758165cd Initial revision carl parents: diff changeset	1085 else if (st.st_mtime > then) reload = true; // file modified
96a9758165cd Initial revision carl parents: diff changeset	1086 if (reload) break;
96a9758165cd Initial revision carl parents: diff changeset	1087 }
96a9758165cd Initial revision carl parents: diff changeset	1088 if (reload) {
96a9758165cd Initial revision carl parents: diff changeset	1089 CONFIG *newc = new_conf();
96a9758165cd Initial revision carl parents: diff changeset	1090 // replace the global config pointer
96a9758165cd Initial revision carl parents: diff changeset	1091 pthread_mutex_lock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1092 CONFIG *old = config;
96a9758165cd Initial revision carl parents: diff changeset	1093 config = newc;
96a9758165cd Initial revision carl parents: diff changeset	1094 pthread_mutex_unlock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1095 if (old) old_configs.insert(old);
96a9758165cd Initial revision carl parents: diff changeset	1096 }
96a9758165cd Initial revision carl parents: diff changeset	1097 // now look for old configs with zero ref counts
96a9758165cd Initial revision carl parents: diff changeset	1098 for (configp_set::iterator i=old_configs.begin(); i!=old_configs.end(); ) {
96a9758165cd Initial revision carl parents: diff changeset	1099 CONFIG old = i;
96a9758165cd Initial revision carl parents: diff changeset	1100 if (!old->reference_count) {
96a9758165cd Initial revision carl parents: diff changeset	1101 delete old; // destructor does all the work
96a9758165cd Initial revision carl parents: diff changeset	1102 old_configs.erase(i++);
96a9758165cd Initial revision carl parents: diff changeset	1103 }
96a9758165cd Initial revision carl parents: diff changeset	1104 else i++;
96a9758165cd Initial revision carl parents: diff changeset	1105 }
96a9758165cd Initial revision carl parents: diff changeset	1106 }
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1107 return NULL;
0 96a9758165cd Initial revision carl parents: diff changeset	1108 }
96a9758165cd Initial revision carl parents: diff changeset	1109
96a9758165cd Initial revision carl parents: diff changeset	1110
96a9758165cd Initial revision carl parents: diff changeset	1111 static void usage(char *prog);
96a9758165cd Initial revision carl parents: diff changeset	1112 static void usage(char *prog)
96a9758165cd Initial revision carl parents: diff changeset	1113 {
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1114 fprintf(stderr, "Usage: %s [-d] [-c] -p socket-addr [-t timeout]\n", prog);
0 96a9758165cd Initial revision carl parents: diff changeset	1115 fprintf(stderr, "where socket-addr is for the connection to sendmail and should be one of\n");
96a9758165cd Initial revision carl parents: diff changeset	1116 fprintf(stderr, " inet:port@local-ip-address\n");
96a9758165cd Initial revision carl parents: diff changeset	1117 fprintf(stderr, " local:local-domain-socket-file-name\n");
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	1118 fprintf(stderr, "-c will load and dump the config to stdout\n");
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1119 fprintf(stderr, "-d will add some syslog debug messages\n");
0 96a9758165cd Initial revision carl parents: diff changeset	1120 }
96a9758165cd Initial revision carl parents: diff changeset	1121
96a9758165cd Initial revision carl parents: diff changeset	1122
96a9758165cd Initial revision carl parents: diff changeset	1123 int main(int argc, char**argv)
96a9758165cd Initial revision carl parents: diff changeset	1124 {
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1125 bool check = false;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1126 bool setconn = false;
0 96a9758165cd Initial revision carl parents: diff changeset	1127 int c;
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1128 const char *args = "p:t:hcd";
0 96a9758165cd Initial revision carl parents: diff changeset	1129 extern char *optarg;
96a9758165cd Initial revision carl parents: diff changeset	1130
96a9758165cd Initial revision carl parents: diff changeset	1131 // Process command line options
96a9758165cd Initial revision carl parents: diff changeset	1132 while ((c = getopt(argc, argv, args)) != -1) {
96a9758165cd Initial revision carl parents: diff changeset	1133 switch (c) {
96a9758165cd Initial revision carl parents: diff changeset	1134 case 'p':
96a9758165cd Initial revision carl parents: diff changeset	1135 if (optarg == NULL \|\| *optarg == '\0') {
96a9758165cd Initial revision carl parents: diff changeset	1136 fprintf(stderr, "Illegal conn: %s\n", optarg);
96a9758165cd Initial revision carl parents: diff changeset	1137 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1138 }
96a9758165cd Initial revision carl parents: diff changeset	1139 if (smfi_setconn(optarg) == MI_FAILURE) {
96a9758165cd Initial revision carl parents: diff changeset	1140 fprintf(stderr, "smfi_setconn failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1141 exit(EX_SOFTWARE);
96a9758165cd Initial revision carl parents: diff changeset	1142 }
96a9758165cd Initial revision carl parents: diff changeset	1143
96a9758165cd Initial revision carl parents: diff changeset	1144 if (strncasecmp(optarg, "unix:", 5) == 0) unlink(optarg + 5);
96a9758165cd Initial revision carl parents: diff changeset	1145 else if (strncasecmp(optarg, "local:", 6) == 0) unlink(optarg + 6);
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1146 setconn = true;
0 96a9758165cd Initial revision carl parents: diff changeset	1147 break;
96a9758165cd Initial revision carl parents: diff changeset	1148
96a9758165cd Initial revision carl parents: diff changeset	1149 case 't':
96a9758165cd Initial revision carl parents: diff changeset	1150 if (optarg == NULL \|\| *optarg == '\0') {
96a9758165cd Initial revision carl parents: diff changeset	1151 fprintf(stderr, "Illegal timeout: %s\n", optarg);
96a9758165cd Initial revision carl parents: diff changeset	1152 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1153 }
96a9758165cd Initial revision carl parents: diff changeset	1154 if (smfi_settimeout(atoi(optarg)) == MI_FAILURE) {
96a9758165cd Initial revision carl parents: diff changeset	1155 fprintf(stderr, "smfi_settimeout failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1156 exit(EX_SOFTWARE);
96a9758165cd Initial revision carl parents: diff changeset	1157 }
96a9758165cd Initial revision carl parents: diff changeset	1158 break;
96a9758165cd Initial revision carl parents: diff changeset	1159
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1160 case 'c':
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1161 check = true;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1162 break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1163
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1164 case 'd':
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1165 debug_syslog = true;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1166 break;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1167
0 96a9758165cd Initial revision carl parents: diff changeset	1168 case 'h':
96a9758165cd Initial revision carl parents: diff changeset	1169 default:
96a9758165cd Initial revision carl parents: diff changeset	1170 usage(argv[0]);
96a9758165cd Initial revision carl parents: diff changeset	1171 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1172 }
96a9758165cd Initial revision carl parents: diff changeset	1173 }
5 793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1174
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1175 if (check) {
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1176 CONFIG &dc = *new_conf();
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1177 dumpit(dc);
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1178 return 0;
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1179 }
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1180
0 96a9758165cd Initial revision carl parents: diff changeset	1181 if (!setconn) {
96a9758165cd Initial revision carl parents: diff changeset	1182 fprintf(stderr, "%s: Missing required -p argument\n", argv[0]);
96a9758165cd Initial revision carl parents: diff changeset	1183 usage(argv[0]);
96a9758165cd Initial revision carl parents: diff changeset	1184 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1185 }
5 793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1186
0 96a9758165cd Initial revision carl parents: diff changeset	1187 if (smfi_register(smfilter) == MI_FAILURE) {
96a9758165cd Initial revision carl parents: diff changeset	1188 fprintf(stderr, "smfi_register failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1189 exit(EX_UNAVAILABLE);
96a9758165cd Initial revision carl parents: diff changeset	1190 }
96a9758165cd Initial revision carl parents: diff changeset	1191
96a9758165cd Initial revision carl parents: diff changeset	1192 // switch to background mode
96a9758165cd Initial revision carl parents: diff changeset	1193 if (daemon(1,0) < 0) {
96a9758165cd Initial revision carl parents: diff changeset	1194 fprintf(stderr, "daemon() call failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1195 exit(EX_UNAVAILABLE);
96a9758165cd Initial revision carl parents: diff changeset	1196 }
96a9758165cd Initial revision carl parents: diff changeset	1197
96a9758165cd Initial revision carl parents: diff changeset	1198 // initialize the thread sync objects
96a9758165cd Initial revision carl parents: diff changeset	1199 pthread_mutex_init(&config_mutex, 0);
96a9758165cd Initial revision carl parents: diff changeset	1200 pthread_mutex_init(&syslog_mutex, 0);
96a9758165cd Initial revision carl parents: diff changeset	1201 pthread_mutex_init(&resolve_mutex, 0);
96a9758165cd Initial revision carl parents: diff changeset	1202
96a9758165cd Initial revision carl parents: diff changeset	1203 // load the initial config
96a9758165cd Initial revision carl parents: diff changeset	1204 config = new_conf();
96a9758165cd Initial revision carl parents: diff changeset	1205
96a9758165cd Initial revision carl parents: diff changeset	1206 // only create threads after the fork() in daemon
96a9758165cd Initial revision carl parents: diff changeset	1207 pthread_t tid;
96a9758165cd Initial revision carl parents: diff changeset	1208 if (pthread_create(&tid, 0, config_loader, 0))
96a9758165cd Initial revision carl parents: diff changeset	1209 my_syslog("failed to create config loader thread");
96a9758165cd Initial revision carl parents: diff changeset	1210 if (pthread_detach(tid))
96a9758165cd Initial revision carl parents: diff changeset	1211 my_syslog("failed to detach config loader thread");
96a9758165cd Initial revision carl parents: diff changeset	1212
96a9758165cd Initial revision carl parents: diff changeset	1213 // write the pid
96a9758165cd Initial revision carl parents: diff changeset	1214 const char *pidpath = "/var/run/dnsbl.pid";
96a9758165cd Initial revision carl parents: diff changeset	1215 unlink(pidpath);
96a9758165cd Initial revision carl parents: diff changeset	1216 FILE *f = fopen(pidpath, "w");
96a9758165cd Initial revision carl parents: diff changeset	1217 if (f) {
22 c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1218 #ifdef linux
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1219 // from a comment in the DCC source code:
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1220 // Linux threads are broken. Signals given the
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1221 // original process are delivered to only the
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1222 // thread that happens to have that PID. The
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1223 // sendmail libmilter thread that needs to hear
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1224 // SIGINT and other signals does not, and that breaks
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1225 // scripts that need to stop milters.
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1226 // However, signaling the process group works.
0 96a9758165cd Initial revision carl parents: diff changeset	1227 fprintf(f, "-%d\n", (u_int)getpgrp());
22 c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1228 #else
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1229 fprintf(f, "%d\n", (u_int)getpid());
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1230 #endif
0 96a9758165cd Initial revision carl parents: diff changeset	1231 fclose(f);
96a9758165cd Initial revision carl parents: diff changeset	1232 }
96a9758165cd Initial revision carl parents: diff changeset	1233
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1234 time_t starting = time(NULL);
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1235 int rc = smfi_main();
22 c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1236 if ((rc != MI_SUCCESS) && (time(NULL) > starting+5*60)) {
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1237 my_syslog("trying to restart after smfi_main()");
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1238 loader_run = false; // eventually the config loader thread will terminate
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1239 execvp(argv[0], argv);
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1240 }
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1241 exit((rc == MI_SUCCESS) ? 0 : EX_UNAVAILABLE);
0 96a9758165cd Initial revision carl parents: diff changeset	1242 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	1243

Mercurial > dnsbl

annotate src/dnsbl.cpp @ 27:43a4f6b3e668 stable-2-3