dnsbl: src/dnsbl.cpp annotate

annotate src/dnsbl.cpp @ 29:4dfdf33f1db0 stable-2-4

add syslog msg freeing memory, use bare tld names without leading period

author	carl
date	Thu, 27 May 2004 16:17:48 -0700
parents	33e1e3910506
children	fc7f8f3ea90f

rev	line source
0 96a9758165cd Initial revision carl parents: diff changeset	1 /*
96a9758165cd Initial revision carl parents: diff changeset	2
96a9758165cd Initial revision carl parents: diff changeset	3 Copyright (c) 2004 Carl Byington - 510 Software Group, released under
96a9758165cd Initial revision carl parents: diff changeset	4 the GPL version 2 or any later version at your choice available at
96a9758165cd Initial revision carl parents: diff changeset	5 http://www.fsf.org/licenses/gpl.txt
96a9758165cd Initial revision carl parents: diff changeset	6
96a9758165cd Initial revision carl parents: diff changeset	7 Based on a sample milter Copyright (c) 2000-2003 Sendmail, Inc. and its
96a9758165cd Initial revision carl parents: diff changeset	8 suppliers. Inspired by the DCC by Rhyolite Software
96a9758165cd Initial revision carl parents: diff changeset	9
96a9758165cd Initial revision carl parents: diff changeset	10 -p port The port through which the MTA will connect to this milter.
96a9758165cd Initial revision carl parents: diff changeset	11 -t sec The timeout value.
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	12 -c Check the config, and print a copy to stdout. Don't start the
4 15a7e942adec updates to use dcc conf files carl parents: 3 diff changeset	13 milter or do anything with the socket.
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	14 -d Add debug syslog entries
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	15
0 96a9758165cd Initial revision carl parents: diff changeset	16
13 2752e512fd32 finish documentation carl parents: 12 diff changeset	17 TODO:
2752e512fd32 finish documentation carl parents: 12 diff changeset	18 1) Add config for max_recipients for each mail domain. Recipients in
2752e512fd32 finish documentation carl parents: 12 diff changeset	19 excess of that limit will be rejected, and the entire data will be
2752e512fd32 finish documentation carl parents: 12 diff changeset	20 rejected if it is sent.
2752e512fd32 finish documentation carl parents: 12 diff changeset	21
2752e512fd32 finish documentation carl parents: 12 diff changeset	22 2) Add config for poison addresses. If any recipient is poison, all
2752e512fd32 finish documentation carl parents: 12 diff changeset	23 recipients are rejected even if they would be whitelisted, and the
2752e512fd32 finish documentation carl parents: 12 diff changeset	24 data is rejected if sent.
2752e512fd32 finish documentation carl parents: 12 diff changeset	25
0 96a9758165cd Initial revision carl parents: diff changeset	26 */
96a9758165cd Initial revision carl parents: diff changeset	27
96a9758165cd Initial revision carl parents: diff changeset	28
96a9758165cd Initial revision carl parents: diff changeset	29 // from sendmail sample
96a9758165cd Initial revision carl parents: diff changeset	30 #include <sys/types.h>
96a9758165cd Initial revision carl parents: diff changeset	31 #include <sys/stat.h>
96a9758165cd Initial revision carl parents: diff changeset	32 #include <errno.h>
96a9758165cd Initial revision carl parents: diff changeset	33 #include <sysexits.h>
96a9758165cd Initial revision carl parents: diff changeset	34 #include <unistd.h>
96a9758165cd Initial revision carl parents: diff changeset	35
96a9758165cd Initial revision carl parents: diff changeset	36 // needed for socket io
96a9758165cd Initial revision carl parents: diff changeset	37 #include <sys/ioctl.h>
96a9758165cd Initial revision carl parents: diff changeset	38 #include <net/if.h>
96a9758165cd Initial revision carl parents: diff changeset	39 #include <arpa/inet.h>
96a9758165cd Initial revision carl parents: diff changeset	40 #include <netinet/in.h>
96a9758165cd Initial revision carl parents: diff changeset	41 #include <netinet/tcp.h>
96a9758165cd Initial revision carl parents: diff changeset	42 #include <netdb.h>
96a9758165cd Initial revision carl parents: diff changeset	43 #include <sys/socket.h>
96a9758165cd Initial revision carl parents: diff changeset	44
96a9758165cd Initial revision carl parents: diff changeset	45 // needed for thread
96a9758165cd Initial revision carl parents: diff changeset	46 #include <pthread.h>
96a9758165cd Initial revision carl parents: diff changeset	47
96a9758165cd Initial revision carl parents: diff changeset	48 // needed for std c++ collections
96a9758165cd Initial revision carl parents: diff changeset	49 #include <set>
96a9758165cd Initial revision carl parents: diff changeset	50 #include <map>
96a9758165cd Initial revision carl parents: diff changeset	51 #include <list>
96a9758165cd Initial revision carl parents: diff changeset	52
96a9758165cd Initial revision carl parents: diff changeset	53 // for the dns resolver
96a9758165cd Initial revision carl parents: diff changeset	54 #include <netinet/in.h>
96a9758165cd Initial revision carl parents: diff changeset	55 #include <arpa/nameser.h>
96a9758165cd Initial revision carl parents: diff changeset	56 #include <resolv.h>
96a9758165cd Initial revision carl parents: diff changeset	57
96a9758165cd Initial revision carl parents: diff changeset	58 // misc stuff needed here
96a9758165cd Initial revision carl parents: diff changeset	59 #include <ctype.h>
96a9758165cd Initial revision carl parents: diff changeset	60 #include <fstream>
96a9758165cd Initial revision carl parents: diff changeset	61 #include <syslog.h>
96a9758165cd Initial revision carl parents: diff changeset	62
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	63 static char* dnsbl_version="$Id$";
0 96a9758165cd Initial revision carl parents: diff changeset	64
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	65 #define DEFAULT "default"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	66 #define WHITE "white"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	67 #define BLACK "black"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	68 #define OK "ok"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	69 #define MANY "many"
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	70
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	71 enum status {oksofar, // not rejected yet
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	72 white, // whitelisted by envelope from
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	73 black, // blacklisted by envelope from or to
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	74 reject, // rejected by a dns list
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	75 reject_tag, // too many bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	76 reject_host}; // too many hosts/urls in body
1 bd0b1a153f67 no message carl parents: 0 diff changeset	77
0 96a9758165cd Initial revision carl parents: diff changeset	78 using namespace std;
96a9758165cd Initial revision carl parents: diff changeset	79
96a9758165cd Initial revision carl parents: diff changeset	80 extern "C" {
96a9758165cd Initial revision carl parents: diff changeset	81 #include "libmilter/mfapi.h"
96a9758165cd Initial revision carl parents: diff changeset	82 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr);
96a9758165cd Initial revision carl parents: diff changeset	83 sfsistat mlfi_envfrom(SMFICTX ctx, char *argv);
96a9758165cd Initial revision carl parents: diff changeset	84 sfsistat mlfi_envrcpt(SMFICTX ctx, char *argv);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	85 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	86 sfsistat mlfi_eom(SMFICTX *ctx);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	87 sfsistat mlfi_abort(SMFICTX *ctx);
0 96a9758165cd Initial revision carl parents: diff changeset	88 sfsistat mlfi_close(SMFICTX *ctx);
96a9758165cd Initial revision carl parents: diff changeset	89 }
96a9758165cd Initial revision carl parents: diff changeset	90
96a9758165cd Initial revision carl parents: diff changeset	91 struct ltstr {
96a9758165cd Initial revision carl parents: diff changeset	92 bool operator()(char* s1, char* s2) const {
96a9758165cd Initial revision carl parents: diff changeset	93 return strcmp(s1, s2) < 0;
96a9758165cd Initial revision carl parents: diff changeset	94 }
96a9758165cd Initial revision carl parents: diff changeset	95 };
96a9758165cd Initial revision carl parents: diff changeset	96
96a9758165cd Initial revision carl parents: diff changeset	97 struct DNSBL {
96a9758165cd Initial revision carl parents: diff changeset	98 char *suffix; // blacklist suffix like blackholes.five-ten-sg.com
96a9758165cd Initial revision carl parents: diff changeset	99 char *message; // error message with one or two %s operators for the ip address replacement
96a9758165cd Initial revision carl parents: diff changeset	100 DNSBL(char s, char m);
96a9758165cd Initial revision carl parents: diff changeset	101 };
96a9758165cd Initial revision carl parents: diff changeset	102 DNSBL::DNSBL(char s, char m) {
96a9758165cd Initial revision carl parents: diff changeset	103 suffix = s;
96a9758165cd Initial revision carl parents: diff changeset	104 message = m;
96a9758165cd Initial revision carl parents: diff changeset	105 }
96a9758165cd Initial revision carl parents: diff changeset	106
96a9758165cd Initial revision carl parents: diff changeset	107 typedef DNSBL * DNSBLP;
96a9758165cd Initial revision carl parents: diff changeset	108 typedef list<DNSBLP> DNSBLL;
96a9758165cd Initial revision carl parents: diff changeset	109 typedef DNSBLL * DNSBLLP;
96a9758165cd Initial revision carl parents: diff changeset	110 typedef map<char , char , ltstr> string_map;
96a9758165cd Initial revision carl parents: diff changeset	111 typedef map<char , string_map , ltstr> from_map;
96a9758165cd Initial revision carl parents: diff changeset	112 typedef map<char *, DNSBLP, ltstr> dnsblp_map;
96a9758165cd Initial revision carl parents: diff changeset	113 typedef map<char *, DNSBLLP, ltstr> dnsbllp_map;
96a9758165cd Initial revision carl parents: diff changeset	114 typedef set<char *, ltstr> string_set;
96a9758165cd Initial revision carl parents: diff changeset	115 typedef list<char *> string_list;
96a9758165cd Initial revision carl parents: diff changeset	116
96a9758165cd Initial revision carl parents: diff changeset	117 struct CONFIG {
96a9758165cd Initial revision carl parents: diff changeset	118 // the only mutable stuff once it has been loaded from the config file
96a9758165cd Initial revision carl parents: diff changeset	119 int reference_count; // protected by the global config_mutex
96a9758165cd Initial revision carl parents: diff changeset	120 // all the rest is constant after loading from the config file
29 4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	121 int generation;
0 96a9758165cd Initial revision carl parents: diff changeset	122 time_t load_time;
96a9758165cd Initial revision carl parents: diff changeset	123 string_list config_files;
96a9758165cd Initial revision carl parents: diff changeset	124 dnsblp_map dnsbls;
96a9758165cd Initial revision carl parents: diff changeset	125 dnsbllp_map dnsblls;
96a9758165cd Initial revision carl parents: diff changeset	126 from_map env_from;
96a9758165cd Initial revision carl parents: diff changeset	127 string_map env_to_dnsbll; // map recipient to a named dnsbll
96a9758165cd Initial revision carl parents: diff changeset	128 string_map env_to_chkfrom; // map recipient to a named from map
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	129 char * content_suffix; // for sbl url body filtering
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	130 char * content_message; // ""
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	131 char * host_limit_message; // error message for excessive host names
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	132 int host_limit; // limit on host names
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	133 char * tag_limit_message; // error message for excessive bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	134 int tag_limit; // limit on bad html tags
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	135 string_set html_tags; // set of valid html tags
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	136 string_set tlds; // set of valid tld components
0 96a9758165cd Initial revision carl parents: diff changeset	137 CONFIG();
96a9758165cd Initial revision carl parents: diff changeset	138 ~CONFIG();
96a9758165cd Initial revision carl parents: diff changeset	139 };
96a9758165cd Initial revision carl parents: diff changeset	140 CONFIG::CONFIG() {
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	141 reference_count = 0;
29 4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	142 generation = 0;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	143 load_time = 0;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	144 content_suffix = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	145 content_message = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	146 host_limit_message = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	147 host_limit = 0;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	148 tag_limit_message = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	149 tag_limit = 0;
0 96a9758165cd Initial revision carl parents: diff changeset	150 }
96a9758165cd Initial revision carl parents: diff changeset	151 CONFIG::~CONFIG() {
96a9758165cd Initial revision carl parents: diff changeset	152 for (dnsblp_map::iterator i=dnsbls.begin(); i!=dnsbls.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	153 DNSBLP d = (*i).second;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	154 // delete the underlying DNSBL objects.
0 96a9758165cd Initial revision carl parents: diff changeset	155 delete d;
96a9758165cd Initial revision carl parents: diff changeset	156 }
96a9758165cd Initial revision carl parents: diff changeset	157 for (dnsbllp_map::iterator i=dnsblls.begin(); i!=dnsblls.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	158 DNSBLLP d = (*i).second;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	159 // *d is a list of pointers to DNSBL objects, but
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	160 // the underlying objects have already been deleted above.
0 96a9758165cd Initial revision carl parents: diff changeset	161 delete d;
96a9758165cd Initial revision carl parents: diff changeset	162 }
96a9758165cd Initial revision carl parents: diff changeset	163 for (from_map::iterator i=env_from.begin(); i!=env_from.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	164 string_map d = (i).second;
96a9758165cd Initial revision carl parents: diff changeset	165 delete d;
96a9758165cd Initial revision carl parents: diff changeset	166 }
96a9758165cd Initial revision carl parents: diff changeset	167 }
96a9758165cd Initial revision carl parents: diff changeset	168
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	169 static bool debug_syslog = false;
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	170 static bool loader_run = true; // used to stop the config loader thread
0 96a9758165cd Initial revision carl parents: diff changeset	171 static string_set all_strings; // owns all the strings, only modified by the config loader thread
96a9758165cd Initial revision carl parents: diff changeset	172 static CONFIG * config = NULL; // protected by the config_mutex
29 4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	173 static int generation = 0; // protected by the config_mutex
0 96a9758165cd Initial revision carl parents: diff changeset	174
96a9758165cd Initial revision carl parents: diff changeset	175 static pthread_mutex_t config_mutex;
96a9758165cd Initial revision carl parents: diff changeset	176 static pthread_mutex_t syslog_mutex;
96a9758165cd Initial revision carl parents: diff changeset	177 static pthread_mutex_t resolve_mutex;
96a9758165cd Initial revision carl parents: diff changeset	178
96a9758165cd Initial revision carl parents: diff changeset	179
96a9758165cd Initial revision carl parents: diff changeset	180 ////////////////////////////////////////////////
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	181 // helper to discard the strings held by a string_set
0 96a9758165cd Initial revision carl parents: diff changeset	182 //
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	183 static void discard(string_set &s);
8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	184 static void discard(string_set &s) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	185 for (string_set::iterator i=s.begin(); i!=s.end(); i++) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	186 free(*i);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	187 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	188 s.clear();
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	189 }
0 96a9758165cd Initial revision carl parents: diff changeset	190
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	191 ////////////////////////////////////////////////
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	192 // helper to register a string in a string set
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	193 //
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	194 static char* register_string(string_set &s, char *name);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	195 static char* register_string(string_set &s, char *name) {
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	196 string_set::iterator i = s.find(name);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	197 if (i != s.end()) return *i;
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	198 char *x = strdup(name);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	199 s.insert(x);
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	200 return x;
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	201 }
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	202
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	203 ////////////////////////////////////////////////
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	204 // syslog a message
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	205 //
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	206 static void my_syslog(char *text);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	207 static void my_syslog(char *text) {
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	208 pthread_mutex_lock(&syslog_mutex);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	209 openlog("dnsbl", LOG_PID, LOG_MAIL);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	210 syslog(LOG_NOTICE, "%s", text);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	211 closelog();
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	212 pthread_mutex_unlock(&syslog_mutex);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	213 }
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	214
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	215
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	216 // include the content scanner
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	217 #include "scanner.cpp"
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	218
6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	219
0 96a9758165cd Initial revision carl parents: diff changeset	220 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	221 // mail filter private data, held for us by sendmail
96a9758165cd Initial revision carl parents: diff changeset	222 //
96a9758165cd Initial revision carl parents: diff changeset	223 struct mlfiPriv
96a9758165cd Initial revision carl parents: diff changeset	224 {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	225 // connection specific data
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	226 CONFIG *pc; // global context with our maps
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	227 int ip; // ip4 address of the smtp client
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	228 map<DNSBLP, status> checked; // status from those lists
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	229 // message specific data
0 96a9758165cd Initial revision carl parents: diff changeset	230 char *mailaddr; // envelope from value
96a9758165cd Initial revision carl parents: diff changeset	231 bool authenticated; // client authenticated? if so, suppress all dnsbl checks
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	232 bool have_whites; // have at least one whitelisted recipient? need to accept content and remove all non-whitelisted recipients if it fails
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	233 bool only_whites; // every recipient is whitelisted?
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	234 string_set non_whites; // remember the non-whitelisted recipients so we can remove them if need be
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	235 recorder *memory; // memory for the content scanner
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	236 url_scanner *scanner; // object to handle body scanning
0 96a9758165cd Initial revision carl parents: diff changeset	237 mlfiPriv();
96a9758165cd Initial revision carl parents: diff changeset	238 ~mlfiPriv();
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	239 void reset(bool final = false); // for a new message
0 96a9758165cd Initial revision carl parents: diff changeset	240 };
96a9758165cd Initial revision carl parents: diff changeset	241 mlfiPriv::mlfiPriv() {
96a9758165cd Initial revision carl parents: diff changeset	242 pthread_mutex_lock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	243 pc = config;
96a9758165cd Initial revision carl parents: diff changeset	244 pc->reference_count++;
96a9758165cd Initial revision carl parents: diff changeset	245 pthread_mutex_unlock(&config_mutex);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	246 ip = 0;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	247 mailaddr = NULL;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	248 authenticated = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	249 have_whites = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	250 only_whites = true;
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	251 memory = new recorder(&pc->html_tags, &pc->tlds);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	252 scanner = new url_scanner(memory);
0 96a9758165cd Initial revision carl parents: diff changeset	253 }
96a9758165cd Initial revision carl parents: diff changeset	254 mlfiPriv::~mlfiPriv() {
96a9758165cd Initial revision carl parents: diff changeset	255 pthread_mutex_lock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	256 pc->reference_count--;
96a9758165cd Initial revision carl parents: diff changeset	257 pthread_mutex_unlock(&config_mutex);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	258 reset(true);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	259 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	260 void mlfiPriv::reset(bool final) {
0 96a9758165cd Initial revision carl parents: diff changeset	261 if (mailaddr) free(mailaddr);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	262 discard(non_whites);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	263 delete memory;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	264 delete scanner;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	265 if (!final) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	266 mailaddr = NULL;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	267 authenticated = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	268 have_whites = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	269 only_whites = true;
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	270 memory = new recorder(&pc->html_tags, &pc->tlds);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	271 scanner = new url_scanner(memory);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	272 }
0 96a9758165cd Initial revision carl parents: diff changeset	273 }
96a9758165cd Initial revision carl parents: diff changeset	274
96a9758165cd Initial revision carl parents: diff changeset	275 #define MLFIPRIV ((struct mlfiPriv *) smfi_getpriv(ctx))
96a9758165cd Initial revision carl parents: diff changeset	276
96a9758165cd Initial revision carl parents: diff changeset	277
96a9758165cd Initial revision carl parents: diff changeset	278 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	279 // register a global string
96a9758165cd Initial revision carl parents: diff changeset	280 //
96a9758165cd Initial revision carl parents: diff changeset	281 static char* register_string(char *name);
96a9758165cd Initial revision carl parents: diff changeset	282 static char* register_string(char *name) {
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	283 return register_string(all_strings, name);
0 96a9758165cd Initial revision carl parents: diff changeset	284 }
96a9758165cd Initial revision carl parents: diff changeset	285
96a9758165cd Initial revision carl parents: diff changeset	286
96a9758165cd Initial revision carl parents: diff changeset	287 static char* next_token(char *delim);
96a9758165cd Initial revision carl parents: diff changeset	288 static char* next_token(char *delim) {
96a9758165cd Initial revision carl parents: diff changeset	289 char *name = strtok(NULL, delim);
96a9758165cd Initial revision carl parents: diff changeset	290 if (!name) return name;
96a9758165cd Initial revision carl parents: diff changeset	291 return register_string(name);
96a9758165cd Initial revision carl parents: diff changeset	292 }
96a9758165cd Initial revision carl parents: diff changeset	293
96a9758165cd Initial revision carl parents: diff changeset	294
96a9758165cd Initial revision carl parents: diff changeset	295 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	296 // lookup an email address in the env_from or env_to maps
96a9758165cd Initial revision carl parents: diff changeset	297 //
96a9758165cd Initial revision carl parents: diff changeset	298 static char* lookup1(char *email, string_map map);
96a9758165cd Initial revision carl parents: diff changeset	299 static char* lookup1(char *email, string_map map) {
96a9758165cd Initial revision carl parents: diff changeset	300 string_map::iterator i = map.find(email);
96a9758165cd Initial revision carl parents: diff changeset	301 if (i != map.end()) return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	302 char *x = strchr(email, '@');
96a9758165cd Initial revision carl parents: diff changeset	303 if (!x) return DEFAULT;
96a9758165cd Initial revision carl parents: diff changeset	304 x++;
96a9758165cd Initial revision carl parents: diff changeset	305 i = map.find(x);
96a9758165cd Initial revision carl parents: diff changeset	306 if (i != map.end()) return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	307 return DEFAULT;
96a9758165cd Initial revision carl parents: diff changeset	308 }
96a9758165cd Initial revision carl parents: diff changeset	309
96a9758165cd Initial revision carl parents: diff changeset	310
96a9758165cd Initial revision carl parents: diff changeset	311 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	312 // lookup an email address in the env_from or env_to maps
96a9758165cd Initial revision carl parents: diff changeset	313 // this email address is passed in from sendmail, and will
96a9758165cd Initial revision carl parents: diff changeset	314 // always be enclosed in <>. It may have mixed case, just
96a9758165cd Initial revision carl parents: diff changeset	315 // as the mail client sent it.
96a9758165cd Initial revision carl parents: diff changeset	316 //
96a9758165cd Initial revision carl parents: diff changeset	317 static char* lookup(char* email, string_map map);
96a9758165cd Initial revision carl parents: diff changeset	318 static char* lookup(char* email, string_map map) {
96a9758165cd Initial revision carl parents: diff changeset	319 int n = strlen(email)-2;
96a9758165cd Initial revision carl parents: diff changeset	320 if (n < 1) return DEFAULT; // malformed
96a9758165cd Initial revision carl parents: diff changeset	321 char *key = strdup(email+1);
96a9758165cd Initial revision carl parents: diff changeset	322 key[n] = '\0';
96a9758165cd Initial revision carl parents: diff changeset	323 for (int i=0; i<n; i++) key[i] = tolower(key[i]);
96a9758165cd Initial revision carl parents: diff changeset	324 char *rc = lookup1(key, map);
96a9758165cd Initial revision carl parents: diff changeset	325 free(key);
96a9758165cd Initial revision carl parents: diff changeset	326 return rc;
96a9758165cd Initial revision carl parents: diff changeset	327 }
96a9758165cd Initial revision carl parents: diff changeset	328
96a9758165cd Initial revision carl parents: diff changeset	329
96a9758165cd Initial revision carl parents: diff changeset	330 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	331 // find the dnsbl with a specific name
96a9758165cd Initial revision carl parents: diff changeset	332 //
96a9758165cd Initial revision carl parents: diff changeset	333 static DNSBLP find_dnsbl(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	334 static DNSBLP find_dnsbl(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	335 dnsblp_map::iterator i = dc.dnsbls.find(name);
96a9758165cd Initial revision carl parents: diff changeset	336 if (i == dc.dnsbls.end()) return NULL;
96a9758165cd Initial revision carl parents: diff changeset	337 return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	338 }
96a9758165cd Initial revision carl parents: diff changeset	339
96a9758165cd Initial revision carl parents: diff changeset	340
96a9758165cd Initial revision carl parents: diff changeset	341 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	342 // find the dnsbll with a specific name
96a9758165cd Initial revision carl parents: diff changeset	343 //
96a9758165cd Initial revision carl parents: diff changeset	344 static DNSBLLP find_dnsbll(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	345 static DNSBLLP find_dnsbll(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	346 dnsbllp_map::iterator i = dc.dnsblls.find(name);
96a9758165cd Initial revision carl parents: diff changeset	347 if (i == dc.dnsblls.end()) return NULL;
96a9758165cd Initial revision carl parents: diff changeset	348 return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	349 }
96a9758165cd Initial revision carl parents: diff changeset	350
96a9758165cd Initial revision carl parents: diff changeset	351
96a9758165cd Initial revision carl parents: diff changeset	352 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	353 // find the envfrom map with a specific name
96a9758165cd Initial revision carl parents: diff changeset	354 //
96a9758165cd Initial revision carl parents: diff changeset	355 static string_map* find_from_map(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	356 static string_map* find_from_map(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	357 from_map::iterator i = dc.env_from.find(name);
96a9758165cd Initial revision carl parents: diff changeset	358 if (i == dc.env_from.end()) return NULL;
96a9758165cd Initial revision carl parents: diff changeset	359 return (*i).second;
96a9758165cd Initial revision carl parents: diff changeset	360 }
96a9758165cd Initial revision carl parents: diff changeset	361
96a9758165cd Initial revision carl parents: diff changeset	362
96a9758165cd Initial revision carl parents: diff changeset	363 static string_map& really_find_from_map(CONFIG &dc, char *name);
96a9758165cd Initial revision carl parents: diff changeset	364 static string_map& really_find_from_map(CONFIG &dc, char *name) {
96a9758165cd Initial revision carl parents: diff changeset	365 string_map *sm = find_from_map(dc, name);
96a9758165cd Initial revision carl parents: diff changeset	366 if (!sm) {
96a9758165cd Initial revision carl parents: diff changeset	367 sm = new string_map;
96a9758165cd Initial revision carl parents: diff changeset	368 dc.env_from[name] = sm;
96a9758165cd Initial revision carl parents: diff changeset	369 }
96a9758165cd Initial revision carl parents: diff changeset	370 return *sm;
96a9758165cd Initial revision carl parents: diff changeset	371 }
96a9758165cd Initial revision carl parents: diff changeset	372
96a9758165cd Initial revision carl parents: diff changeset	373
96a9758165cd Initial revision carl parents: diff changeset	374 ////////////////////////////////////////////////
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	375 //
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	376 // ask a dns question and get an A record answer - we don't try
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	377 // very hard, just using the default resolver retry settings.
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	378 // If we cannot get an answer, we just accept the mail. The
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	379 // caller must ensure thread safety.
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	380 //
0 96a9758165cd Initial revision carl parents: diff changeset	381 //
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	382 static int dns_interface(char *question, bool maybe_ip);
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	383 static int dns_interface(char *question, bool maybe_ip) {
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	384 #ifdef NS_PACKETSZ
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	385 u_char answer[NS_PACKETSZ];
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	386 int length = res_search(question, ns_c_in, ns_t_a, answer, sizeof(answer));
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	387 if (length >= 0) { // no error yet
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	388 // parse the answer
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	389 ns_msg handle;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	390 ns_rr rr;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	391 if (ns_initparse(answer, length, &handle) == 0) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	392 int rrnum = 0;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	393 while (ns_parserr(&handle, ns_s_an, rrnum++, &rr) == 0) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	394 if (ns_rr_type(rr) == ns_t_a) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	395 int address;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	396 memcpy(&address, ns_rr_rdata(rr), sizeof(address));
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	397 return address;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	398 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	399 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	400 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	401 }
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	402 if (maybe_ip) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	403 // might be a bare ip address
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	404 in_addr ip;
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	405 if (inet_aton(question, &ip)) {
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	406 return ip.s_addr;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	407 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	408 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	409 return 0;
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	410 #else
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	411 struct hostent *host = gethostbyname(question);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	412 if (!host) return 0;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	413 if (host->h_addrtype != AF_INET) return 0;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	414 int address;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	415 memcpy(&address, host->h_addr, sizeof(address));
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	416 return address;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	417 #endif
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	418 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	419
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	420 static int protected_dns_interface(char *question, bool maybe_ip);
06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	421 static int protected_dns_interface(char *question, bool maybe_ip) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	422 int ans;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	423 pthread_mutex_lock(&resolve_mutex);
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	424 ans = dns_interface(question, maybe_ip);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	425 pthread_mutex_unlock(&resolve_mutex);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	426 return ans;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	427
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	428 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	429
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	430 ////////////////////////////////////////////////
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	431 // check a single dnsbl
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	432 //
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	433 static status check_single(int ip, char *suffix);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	434 static status check_single(int ip, char *suffix) {
0 96a9758165cd Initial revision carl parents: diff changeset	435 // make a dns question
96a9758165cd Initial revision carl parents: diff changeset	436 const u_char src = (const u_char )&ip;
96a9758165cd Initial revision carl parents: diff changeset	437 if (src[0] == 127) return oksofar; // don't do dns lookups on localhost
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	438 #ifdef NS_MAXDNAME
0 96a9758165cd Initial revision carl parents: diff changeset	439 char question[NS_MAXDNAME];
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	440 #else
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	441 char question[1000];
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	442 #endif
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	443 snprintf(question, sizeof(question), "%u.%u.%u.%u.%s.", src[3], src[2], src[1], src[0], suffix);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	444 // ask the question, if we get an A record it implies a blacklisted ip address
23 06de5ab6a232 add url decoding stage, allow http:/ single / in yahoo redirector, allow ip address hostnames carl parents: 22 diff changeset	445 return (protected_dns_interface(question, false)) ? reject : oksofar;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	446 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	447
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	448
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	449 ////////////////////////////////////////////////
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	450 // check a single dnsbl
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	451 //
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	452 static status check_single(int ip, DNSBL &bl);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	453 static status check_single(int ip, DNSBL &bl) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	454 return check_single(ip, bl.suffix);
0 96a9758165cd Initial revision carl parents: diff changeset	455 }
96a9758165cd Initial revision carl parents: diff changeset	456
96a9758165cd Initial revision carl parents: diff changeset	457
96a9758165cd Initial revision carl parents: diff changeset	458 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	459 // check the dnsbls specified for this recipient
96a9758165cd Initial revision carl parents: diff changeset	460 //
96a9758165cd Initial revision carl parents: diff changeset	461 static status check_dnsbl(mlfiPriv &priv, DNSBLLP dnsbllp, DNSBLP &rejectlist);
96a9758165cd Initial revision carl parents: diff changeset	462 static status check_dnsbl(mlfiPriv &priv, DNSBLLP dnsbllp, DNSBLP &rejectlist) {
96a9758165cd Initial revision carl parents: diff changeset	463 if (priv.authenticated) return oksofar;
96a9758165cd Initial revision carl parents: diff changeset	464 if (!dnsbllp) return oksofar;
96a9758165cd Initial revision carl parents: diff changeset	465 DNSBLL &dnsbll = *dnsbllp;
96a9758165cd Initial revision carl parents: diff changeset	466 for (DNSBLL::iterator i=dnsbll.begin(); i!=dnsbll.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	467 DNSBLP dp = *i; // non null by construction
96a9758165cd Initial revision carl parents: diff changeset	468 status st;
96a9758165cd Initial revision carl parents: diff changeset	469 map<DNSBLP, status>::iterator f = priv.checked.find(dp);
96a9758165cd Initial revision carl parents: diff changeset	470 if (f == priv.checked.end()) {
96a9758165cd Initial revision carl parents: diff changeset	471 // have not checked this list yet
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	472 st = check_single(priv.ip, *dp);
0 96a9758165cd Initial revision carl parents: diff changeset	473 rejectlist = dp;
96a9758165cd Initial revision carl parents: diff changeset	474 priv.checked[dp] = st;
96a9758165cd Initial revision carl parents: diff changeset	475 }
96a9758165cd Initial revision carl parents: diff changeset	476 else {
96a9758165cd Initial revision carl parents: diff changeset	477 st = (*f).second;
96a9758165cd Initial revision carl parents: diff changeset	478 rejectlist = (*f).first;
96a9758165cd Initial revision carl parents: diff changeset	479 }
96a9758165cd Initial revision carl parents: diff changeset	480 if (st == reject) return st;
96a9758165cd Initial revision carl parents: diff changeset	481 }
96a9758165cd Initial revision carl parents: diff changeset	482 return oksofar;
96a9758165cd Initial revision carl parents: diff changeset	483 }
96a9758165cd Initial revision carl parents: diff changeset	484
96a9758165cd Initial revision carl parents: diff changeset	485
96a9758165cd Initial revision carl parents: diff changeset	486 ////////////////////////////////////////////////
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	487 // check the dnsbls specified for this recipient
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	488 //
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	489 static status check_hosts(mlfiPriv &priv, char *&host, int &ip);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	490 static status check_hosts(mlfiPriv &priv, char *&host, int &ip) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	491 CONFIG &dc = *priv.pc;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	492 if (!dc.content_suffix) return oksofar;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	493 int count = 0;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	494 for (string_set::iterator i=priv.memory->hosts.begin(); i!=priv.memory->hosts.end(); i++) {
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	495 count++;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	496 int lim = priv.pc->host_limit;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	497 if ((count > lim) && (lim > 0)) return reject_host;
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	498 host = *i;
29 4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	499 ip = protected_dns_interface(host, true);
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	500 if (debug_syslog) {
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	501 char buf[200];
29 4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	502 if (ip) {
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	503 char adr[sizeof "255.255.255.255"];
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	504 adr[0] = '\0';
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	505 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	506 snprintf(buf, sizeof(buf), "host %s found at %s", host, adr);
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	507 }
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	508 else {
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	509 snprintf(buf, sizeof(buf), "host %s not found", host);
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	510 }
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	511 my_syslog(buf);
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	512 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	513 if (ip) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	514 status st = check_single(ip, dc.content_suffix);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	515 if (st == reject) return st;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	516 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	517 }
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	518 host = NULL;
26 fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	519 int bin = priv.memory->binary_tags;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	520 int bad = priv.memory->bad_html_tags;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	521 int lim = priv.pc->tag_limit;
26 fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	522 if (bin > bad) return oksofar; // probably .zip or .tar.gz with random content
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	523 if ((bad > lim) && (lim > 0)) return reject_tag;
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	524 return oksofar;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	525 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	526
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	527
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	528 ////////////////////////////////////////////////
0 96a9758165cd Initial revision carl parents: diff changeset	529 // start of sendmail milter interfaces
96a9758165cd Initial revision carl parents: diff changeset	530 //
96a9758165cd Initial revision carl parents: diff changeset	531 sfsistat mlfi_connect(SMFICTX ctx, char hostname, _SOCK_ADDR *hostaddr)
96a9758165cd Initial revision carl parents: diff changeset	532 {
96a9758165cd Initial revision carl parents: diff changeset	533 // allocate some private memory
96a9758165cd Initial revision carl parents: diff changeset	534 mlfiPriv *priv = new mlfiPriv;
96a9758165cd Initial revision carl parents: diff changeset	535 if (hostaddr->sa_family == AF_INET) {
96a9758165cd Initial revision carl parents: diff changeset	536 priv->ip = ((struct sockaddr_in *)hostaddr)->sin_addr.s_addr;
96a9758165cd Initial revision carl parents: diff changeset	537 }
96a9758165cd Initial revision carl parents: diff changeset	538
96a9758165cd Initial revision carl parents: diff changeset	539 // save the private data
96a9758165cd Initial revision carl parents: diff changeset	540 smfi_setpriv(ctx, (void*)priv);
96a9758165cd Initial revision carl parents: diff changeset	541
96a9758165cd Initial revision carl parents: diff changeset	542 // continue processing
96a9758165cd Initial revision carl parents: diff changeset	543 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	544 }
96a9758165cd Initial revision carl parents: diff changeset	545
96a9758165cd Initial revision carl parents: diff changeset	546 sfsistat mlfi_envfrom(SMFICTX ctx, char *from)
96a9758165cd Initial revision carl parents: diff changeset	547 {
96a9758165cd Initial revision carl parents: diff changeset	548 mlfiPriv &priv = *MLFIPRIV;
96a9758165cd Initial revision carl parents: diff changeset	549 priv.mailaddr = strdup(from[0]);
96a9758165cd Initial revision carl parents: diff changeset	550 priv.authenticated = (smfi_getsymval(ctx, "{auth_authen}") != NULL);
96a9758165cd Initial revision carl parents: diff changeset	551 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	552 }
96a9758165cd Initial revision carl parents: diff changeset	553
96a9758165cd Initial revision carl parents: diff changeset	554 sfsistat mlfi_envrcpt(SMFICTX ctx, char *rcpt)
96a9758165cd Initial revision carl parents: diff changeset	555 {
96a9758165cd Initial revision carl parents: diff changeset	556 DNSBLP rejectlist = NULL; // list that caused the reject
96a9758165cd Initial revision carl parents: diff changeset	557 status st = oksofar;
96a9758165cd Initial revision carl parents: diff changeset	558 mlfiPriv &priv = *MLFIPRIV;
96a9758165cd Initial revision carl parents: diff changeset	559 CONFIG &dc = *priv.pc;
96a9758165cd Initial revision carl parents: diff changeset	560 char *rcptaddr = rcpt[0];
96a9758165cd Initial revision carl parents: diff changeset	561 char *dnsname = lookup(rcptaddr, dc.env_to_dnsbll);
96a9758165cd Initial revision carl parents: diff changeset	562 char *fromname = lookup(rcptaddr, dc.env_to_chkfrom);
96a9758165cd Initial revision carl parents: diff changeset	563 if ((strcmp(dnsname, BLACK) == 0) \|\|
96a9758165cd Initial revision carl parents: diff changeset	564 (strcmp(fromname, BLACK) == 0)) {
96a9758165cd Initial revision carl parents: diff changeset	565 st = black; // two options to blacklist this recipient
96a9758165cd Initial revision carl parents: diff changeset	566 }
96a9758165cd Initial revision carl parents: diff changeset	567 else if (strcmp(fromname, WHITE) == 0) {
96a9758165cd Initial revision carl parents: diff changeset	568 st = white;
96a9758165cd Initial revision carl parents: diff changeset	569 }
96a9758165cd Initial revision carl parents: diff changeset	570 else {
96a9758165cd Initial revision carl parents: diff changeset	571 // check an env_from map
96a9758165cd Initial revision carl parents: diff changeset	572 string_map *sm = find_from_map(dc, fromname);
96a9758165cd Initial revision carl parents: diff changeset	573 if (sm != NULL) {
96a9758165cd Initial revision carl parents: diff changeset	574 fromname = lookup(priv.mailaddr, *sm); // returns default if name not in map
96a9758165cd Initial revision carl parents: diff changeset	575 if (strcmp(fromname, BLACK) == 0) {
96a9758165cd Initial revision carl parents: diff changeset	576 st = black; // blacklist this envelope from value
96a9758165cd Initial revision carl parents: diff changeset	577 }
96a9758165cd Initial revision carl parents: diff changeset	578 if (strcmp(fromname, WHITE) == 0) {
96a9758165cd Initial revision carl parents: diff changeset	579 st = white; // blacklist this envelope from value
96a9758165cd Initial revision carl parents: diff changeset	580 }
96a9758165cd Initial revision carl parents: diff changeset	581 }
96a9758165cd Initial revision carl parents: diff changeset	582 }
96a9758165cd Initial revision carl parents: diff changeset	583 if ((st == oksofar) && (strcmp(dnsname, WHITE) != 0)) {
96a9758165cd Initial revision carl parents: diff changeset	584 // check dns lists
96a9758165cd Initial revision carl parents: diff changeset	585 st = check_dnsbl(priv, find_dnsbll(dc, dnsname), rejectlist);
96a9758165cd Initial revision carl parents: diff changeset	586 }
96a9758165cd Initial revision carl parents: diff changeset	587
96a9758165cd Initial revision carl parents: diff changeset	588 if (st == reject) {
96a9758165cd Initial revision carl parents: diff changeset	589 // reject the recipient based on some dnsbl
96a9758165cd Initial revision carl parents: diff changeset	590 char adr[sizeof "255.255.255.255"];
96a9758165cd Initial revision carl parents: diff changeset	591 adr[0] = '\0';
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	592 inet_ntop(AF_INET, (const u_char *)&priv.ip, adr, sizeof(adr));
0 96a9758165cd Initial revision carl parents: diff changeset	593 char buf[2000];
96a9758165cd Initial revision carl parents: diff changeset	594 snprintf(buf, sizeof(buf), rejectlist->message, adr, adr);
96a9758165cd Initial revision carl parents: diff changeset	595 smfi_setreply(ctx, "550", "5.7.1", buf);
96a9758165cd Initial revision carl parents: diff changeset	596 return SMFIS_REJECT;
96a9758165cd Initial revision carl parents: diff changeset	597 }
96a9758165cd Initial revision carl parents: diff changeset	598 else if (st == black) {
96a9758165cd Initial revision carl parents: diff changeset	599 // reject the recipient based on blacklisting either from or to
96a9758165cd Initial revision carl parents: diff changeset	600 smfi_setreply(ctx, "550", "5.7.1", "no such user");
96a9758165cd Initial revision carl parents: diff changeset	601 return SMFIS_REJECT;
96a9758165cd Initial revision carl parents: diff changeset	602 }
96a9758165cd Initial revision carl parents: diff changeset	603 else {
96a9758165cd Initial revision carl parents: diff changeset	604 // accept the recipient
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	605 if (st == oksofar) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	606 // but remember the non-whites
12 6ac6d6b822ce fix memory leak with duplicate url host names, carl parents: 11 diff changeset	607 register_string(priv.non_whites, rcptaddr);
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	608 priv.only_whites = false;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	609 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	610 if (st == white) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	611 priv.have_whites = true;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	612 }
0 96a9758165cd Initial revision carl parents: diff changeset	613 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	614 }
96a9758165cd Initial revision carl parents: diff changeset	615 }
96a9758165cd Initial revision carl parents: diff changeset	616
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	617 sfsistat mlfi_body(SMFICTX ctx, u_char data, size_t len)
0 96a9758165cd Initial revision carl parents: diff changeset	618 {
96a9758165cd Initial revision carl parents: diff changeset	619 mlfiPriv &priv = *MLFIPRIV;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	620 if (priv.authenticated) return SMFIS_CONTINUE;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	621 if (priv.only_whites) return SMFIS_CONTINUE;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	622 priv.scanner->scan(data, len);
11 2c206836b4cc integration work on url scanner carl parents: 9 diff changeset	623 return SMFIS_CONTINUE;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	624 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	625
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	626 sfsistat mlfi_eom(SMFICTX *ctx)
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	627 {
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	628 sfsistat rc;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	629 mlfiPriv &priv = *MLFIPRIV;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	630 char *host = NULL;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	631 int ip;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	632 status st;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	633 // process end of message
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	634 if (priv.authenticated \|\|
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	635 priv.only_whites \|\|
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	636 ((st=check_hosts(priv, host, ip)) == oksofar)) rc = SMFIS_CONTINUE;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	637 else {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	638 if (!priv.have_whites) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	639 // can reject the entire message
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	640 char buf[2000];
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	641 if (st == reject_tag) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	642 // rejected due to excessive bad html tags
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	643 snprintf(buf, sizeof(buf), priv.pc->tag_limit_message);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	644 }
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	645 else if (st == reject_host) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	646 // rejected due to excessive unique host/urls
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	647 snprintf(buf, sizeof(buf), priv.pc->host_limit_message);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	648 }
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	649 else {
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	650 char adr[sizeof "255.255.255.255"];
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	651 adr[0] = '\0';
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	652 inet_ntop(AF_INET, (const u_char *)&ip, adr, sizeof(adr));
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	653 snprintf(buf, sizeof(buf), priv.pc->content_message, host, adr);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	654 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	655 smfi_setreply(ctx, "550", "5.7.1", buf);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	656 rc = SMFIS_REJECT;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	657 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	658 else {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	659 // need to accept it but remove the recipients that don't want it
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	660 for (string_set::iterator i=priv.non_whites.begin(); i!=priv.non_whites.end(); i++) {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	661 char rcpt = i;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	662 smfi_delrcpt(ctx, rcpt);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	663 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	664 rc = SMFIS_CONTINUE;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	665 }
0 96a9758165cd Initial revision carl parents: diff changeset	666 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	667 // reset for a new message on the same connection
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	668 mlfi_abort(ctx);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	669 return rc;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	670 }
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	671
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	672 sfsistat mlfi_abort(SMFICTX *ctx)
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	673 {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	674 mlfiPriv &priv = *MLFIPRIV;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	675 priv.reset();
0 96a9758165cd Initial revision carl parents: diff changeset	676 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	677 }
96a9758165cd Initial revision carl parents: diff changeset	678
96a9758165cd Initial revision carl parents: diff changeset	679 sfsistat mlfi_close(SMFICTX *ctx)
96a9758165cd Initial revision carl parents: diff changeset	680 {
96a9758165cd Initial revision carl parents: diff changeset	681 mlfiPriv *priv = MLFIPRIV;
96a9758165cd Initial revision carl parents: diff changeset	682 if (!priv) return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	683 delete priv;
96a9758165cd Initial revision carl parents: diff changeset	684 smfi_setpriv(ctx, NULL);
96a9758165cd Initial revision carl parents: diff changeset	685 return SMFIS_CONTINUE;
96a9758165cd Initial revision carl parents: diff changeset	686 }
96a9758165cd Initial revision carl parents: diff changeset	687
96a9758165cd Initial revision carl parents: diff changeset	688 struct smfiDesc smfilter =
96a9758165cd Initial revision carl parents: diff changeset	689 {
96a9758165cd Initial revision carl parents: diff changeset	690 "DNSBL", // filter name
96a9758165cd Initial revision carl parents: diff changeset	691 SMFI_VERSION, // version code -- do not change
96a9758165cd Initial revision carl parents: diff changeset	692 SMFIF_DELRCPT, // flags
96a9758165cd Initial revision carl parents: diff changeset	693 mlfi_connect, // connection info filter
96a9758165cd Initial revision carl parents: diff changeset	694 NULL, // SMTP HELO command filter
96a9758165cd Initial revision carl parents: diff changeset	695 mlfi_envfrom, // envelope sender filter
96a9758165cd Initial revision carl parents: diff changeset	696 mlfi_envrcpt, // envelope recipient filter
96a9758165cd Initial revision carl parents: diff changeset	697 NULL, // header filter
96a9758165cd Initial revision carl parents: diff changeset	698 NULL, // end of header
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	699 mlfi_body, // body block filter
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	700 mlfi_eom, // end of message
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	701 mlfi_abort, // message aborted
0 96a9758165cd Initial revision carl parents: diff changeset	702 mlfi_close, // connection cleanup
96a9758165cd Initial revision carl parents: diff changeset	703 };
96a9758165cd Initial revision carl parents: diff changeset	704
96a9758165cd Initial revision carl parents: diff changeset	705
96a9758165cd Initial revision carl parents: diff changeset	706 static void dumpit(char *name, string_map map);
96a9758165cd Initial revision carl parents: diff changeset	707 static void dumpit(char *name, string_map map) {
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	708 fprintf(stdout, "\n");
0 96a9758165cd Initial revision carl parents: diff changeset	709 for (string_map::iterator i=map.begin(); i!=map.end(); i++) {
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	710 fprintf(stdout, "%s %s->%s\n", name, (i).first, (i).second);
0 96a9758165cd Initial revision carl parents: diff changeset	711 }
96a9758165cd Initial revision carl parents: diff changeset	712 }
96a9758165cd Initial revision carl parents: diff changeset	713
96a9758165cd Initial revision carl parents: diff changeset	714
96a9758165cd Initial revision carl parents: diff changeset	715 static void dumpit(from_map map);
96a9758165cd Initial revision carl parents: diff changeset	716 static void dumpit(from_map map) {
96a9758165cd Initial revision carl parents: diff changeset	717 for (from_map::iterator i=map.begin(); i!=map.end(); i++) {
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	718 char buf[2000];
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	719 snprintf(buf, sizeof(buf), "envelope from map for %s", (*i).first);
0 96a9758165cd Initial revision carl parents: diff changeset	720 string_map sm = (i).second;
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	721 dumpit(buf, *sm);
0 96a9758165cd Initial revision carl parents: diff changeset	722 }
96a9758165cd Initial revision carl parents: diff changeset	723 }
96a9758165cd Initial revision carl parents: diff changeset	724
96a9758165cd Initial revision carl parents: diff changeset	725
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	726 static void dumpit(CONFIG &dc);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	727 static void dumpit(CONFIG &dc) {
5 793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	728 dumpit(dc.env_from);
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	729 dumpit("envelope to (dnsbl list)", dc.env_to_dnsbll);
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	730 dumpit("envelope to (from map)", dc.env_to_chkfrom);
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	731 fprintf(stdout, "\ndnsbls\n");
0 96a9758165cd Initial revision carl parents: diff changeset	732 for (dnsblp_map::iterator i=dc.dnsbls.begin(); i!=dc.dnsbls.end(); i++) {
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	733 fprintf(stdout, "%s %s %s\n", (i).first, (i).second->suffix, (*i).second->message);
0 96a9758165cd Initial revision carl parents: diff changeset	734 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	735 fprintf(stdout, "\ndnsbl_lists\n");
0 96a9758165cd Initial revision carl parents: diff changeset	736 for (dnsbllp_map::iterator i=dc.dnsblls.begin(); i!=dc.dnsblls.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	737 char name = (i).first;
96a9758165cd Initial revision carl parents: diff changeset	738 DNSBLL &dl = ((i).second);
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	739 fprintf(stdout, "%s", name);
0 96a9758165cd Initial revision carl parents: diff changeset	740 for (DNSBLL::iterator j=dl.begin(); j!=dl.end(); j++) {
96a9758165cd Initial revision carl parents: diff changeset	741 DNSBL &d = **j;
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	742 fprintf(stdout, " %s", d.suffix);
0 96a9758165cd Initial revision carl parents: diff changeset	743 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	744 fprintf(stdout, "\n");
0 96a9758165cd Initial revision carl parents: diff changeset	745 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	746 if (dc.content_suffix) {
8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	747 fprintf(stdout, "\ncontent filtering enabled with %s %s\n", dc.content_suffix, dc.content_message);
8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	748 }
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	749 if (dc.host_limit) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	750 fprintf(stdout, "\ncontent filtering for host names enabled with limit %d %s\n", dc.host_limit, dc.host_limit_message);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	751 }
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	752 if (dc.tag_limit) {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	753 fprintf(stdout, "\ncontent filtering for excessive html tags enabled with limit %d %s\n", dc.tag_limit, dc.tag_limit_message);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	754 }
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	755 fprintf(stdout, "\nfiles\n");
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	756 for (string_list::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	757 char f = i;
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	758 fprintf(stdout, "config includes %s\n", f);
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	759 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	760 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	761
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	762
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	763 ////////////////////////////////////////////////
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	764 // check for redundant or recursive include files
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	765 //
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	766 static bool ok_to_include(CONFIG &dc, char *fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	767 static bool ok_to_include(CONFIG &dc, char *fn) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	768 if (!fn) return false;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	769 bool ok = true;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	770 for (string_list::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	771 char f = i;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	772 if (strcmp(f, fn) == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	773 my_syslog("redundant or recursive include file detected");
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	774 ok = false;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	775 break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	776 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	777 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	778 return ok;
0 96a9758165cd Initial revision carl parents: diff changeset	779 }
96a9758165cd Initial revision carl parents: diff changeset	780
96a9758165cd Initial revision carl parents: diff changeset	781
96a9758165cd Initial revision carl parents: diff changeset	782 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	783 // load a single config file
96a9758165cd Initial revision carl parents: diff changeset	784 //
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	785 static void load_conf_dcc(CONFIG &dc, char name, char fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	786 static void load_conf_dcc(CONFIG &dc, char name, char fn) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	787 dc.config_files.push_back(fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	788 char *list = BLACK;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	789 const int LINE_SIZE = 2000;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	790 ifstream is(fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	791 if (is.fail()) return;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	792 char line[LINE_SIZE];
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	793 char *delim = " \t";
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	794 int curline = 0;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	795 while (!is.eof()) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	796 is.getline(line, LINE_SIZE);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	797 curline++;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	798 int n = strlen(line);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	799 if (!n) continue;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	800 for (int i=0; i<n; i++) line[i] = tolower(line[i]);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	801 if (line[0] == '#') continue;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	802 char *head = line;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	803 if (strspn(line, delim) == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	804 // have a leading ok/many tag to fetch
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	805 char *cmd = strtok(line, delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	806 if (strcmp(cmd, MANY) == 0) list = BLACK;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	807 else if (strcmp(cmd, OK) == 0) list = WHITE;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	808 head = cmd + strlen(cmd) + 1;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	809 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	810 char *cmd = strtok(head, delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	811 if (!cmd) continue;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	812 if (strcmp(cmd, "env_from") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	813 char *from = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	814 if (from) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	815 string_map &fm = really_find_from_map(dc, name);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	816 fm[from] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	817 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	818 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	819 else if (strcmp(cmd, "env_to") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	820 char *to = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	821 if (to) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	822 dc.env_to_dnsbll[to] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	823 dc.env_to_chkfrom[to] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	824 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	825 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	826 else if (strcmp(cmd, "substitute") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	827 char *tag = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	828 if (tag && (strcmp(tag, "mail_host") == 0)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	829 char *from = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	830 if (from) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	831 string_map &fm = really_find_from_map(dc, name);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	832 fm[from] = list;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	833 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	834 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	835 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	836 else if (strcmp(cmd, "include") == 0) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	837 char *fn = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	838 if (ok_to_include(dc, fn)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	839 load_conf_dcc(dc, name, fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	840 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	841 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	842
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	843 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	844 is.close();
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	845 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	846
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	847
0 96a9758165cd Initial revision carl parents: diff changeset	848 static void load_conf(CONFIG &dc, char *fn);
96a9758165cd Initial revision carl parents: diff changeset	849 static void load_conf(CONFIG &dc, char *fn) {
96a9758165cd Initial revision carl parents: diff changeset	850 dc.config_files.push_back(fn);
96a9758165cd Initial revision carl parents: diff changeset	851 map<char*, int, ltstr> commands;
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	852 enum {dummy, tld, content, hostlimit, htmllimit, htmltag, dnsbl, dnsbll, envfrom, envto, include, includedcc};
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	853 commands["tld" ] = tld;
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	854 commands["content" ] = content;
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	855 commands["host_limit" ] = hostlimit;
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	856 commands["html_limit" ] = htmllimit;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	857 commands["html_tag" ] = htmltag;
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	858 commands["dnsbl" ] = dnsbl;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	859 commands["dnsbl_list" ] = dnsbll;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	860 commands["env_from" ] = envfrom;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	861 commands["env_to" ] = envto;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	862 commands["include" ] = include;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	863 commands["include_dcc"] = includedcc;
0 96a9758165cd Initial revision carl parents: diff changeset	864 const int LINE_SIZE = 2000;
96a9758165cd Initial revision carl parents: diff changeset	865 ifstream is(fn);
96a9758165cd Initial revision carl parents: diff changeset	866 if (is.fail()) return;
96a9758165cd Initial revision carl parents: diff changeset	867 char line[LINE_SIZE];
96a9758165cd Initial revision carl parents: diff changeset	868 char orig[LINE_SIZE];
96a9758165cd Initial revision carl parents: diff changeset	869 char *delim = " \t";
96a9758165cd Initial revision carl parents: diff changeset	870 int curline = 0;
96a9758165cd Initial revision carl parents: diff changeset	871 while (!is.eof()) {
96a9758165cd Initial revision carl parents: diff changeset	872 is.getline(line, LINE_SIZE);
96a9758165cd Initial revision carl parents: diff changeset	873 snprintf(orig, sizeof(orig), "%s", line);
96a9758165cd Initial revision carl parents: diff changeset	874 curline++;
96a9758165cd Initial revision carl parents: diff changeset	875 int n = strlen(line);
96a9758165cd Initial revision carl parents: diff changeset	876 for (int i=0; i<n; i++) line[i] = tolower(line[i]);
96a9758165cd Initial revision carl parents: diff changeset	877 char *cmd = strtok(line, delim);
96a9758165cd Initial revision carl parents: diff changeset	878 if (cmd && (cmd[0] != '#') && (cmd[0] != '\0')) {
96a9758165cd Initial revision carl parents: diff changeset	879 // have a decent command
96a9758165cd Initial revision carl parents: diff changeset	880 bool processed = false;
96a9758165cd Initial revision carl parents: diff changeset	881 switch (commands[cmd]) {
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	882 case tld: {
29 4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	883 char *tld = next_token(delim);
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	884 if (!tld) break; // no tld value
29 4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	885 dc.tlds.insert(tld);
28 33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	886 processed = true;
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	887 } break;
33e1e3910506 add configurable list of tlds carl parents: 27 diff changeset	888
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	889 case content: {
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	890 char *suff = strtok(NULL, delim);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	891 if (!suff) break; // no dns suffix
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	892 char *msg = suff + strlen(suff);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	893 if ((msg - line) >= strlen(orig)) break; // line ended with the dns suffix
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	894 msg = strchr(msg+1, '\'');
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	895 if (!msg) break; // no reply message template
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	896 msg++; // move over the leading '
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	897 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	898 char *last = strchr(msg, '\'');
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	899 if (!last) break; // no trailing quote
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	900 *last = '\0'; // make it a null terminator
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	901 dc.content_suffix = register_string(suff);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	902 dc.content_message = register_string(msg);
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	903 processed = true;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	904 } break;
dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	905
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	906 case hostlimit: {
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	907 char *limit = strtok(NULL, delim);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	908 if (!limit) break; // no integer limit
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	909 char *msg = limit + strlen(limit);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	910 if ((msg - line) >= strlen(orig)) break; // line ended with the limit
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	911 msg = strchr(msg+1, '\'');
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	912 if (!msg) break; // no reply message template
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	913 msg++; // move over the leading '
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	914 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	915 char *last = strchr(msg, '\'');
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	916 if (!last) break; // no trailing quote
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	917 *last = '\0'; // make it a null terminator
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	918 dc.host_limit = atoi(limit);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	919 dc.host_limit_message = register_string(msg);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	920 processed = true;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	921 } break;
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	922
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	923 case htmllimit: {
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	924 char *limit = strtok(NULL, delim);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	925 if (!limit) break; // no integer limit
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	926 char *msg = limit + strlen(limit);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	927 if ((msg - line) >= strlen(orig)) break; // line ended with the limit
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	928 msg = strchr(msg+1, '\'');
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	929 if (!msg) break; // no reply message template
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	930 msg++; // move over the leading '
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	931 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	932 char *last = strchr(msg, '\'');
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	933 if (!last) break; // no trailing quote
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	934 *last = '\0'; // make it a null terminator
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	935 dc.tag_limit = atoi(limit);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	936 dc.tag_limit_message = register_string(msg);
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	937 processed = true;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	938 } break;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	939
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	940 case htmltag: {
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	941 char *tag = next_token(delim);
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	942 if (!tag) break; // no html tag value
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	943 dc.html_tags.insert(tag); // base version
26 fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	944 char buf[200];
fdae7ab30cfc allow normal and terminator versions of tags carl parents: 24 diff changeset	945 snprintf(buf, sizeof(buf), "/%s", tag);
27 43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	946 dc.html_tags.insert(register_string(buf)); // leading /
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	947 snprintf(buf, sizeof(buf), "%s/", tag);
43a4f6b3e668 add configurable host name limit and bad html tag limits. carl parents: 26 diff changeset	948 dc.html_tags.insert(register_string(buf)); // trailing /
24 2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	949 processed = true;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	950 } break;
2e23b7184d2b start coding for bad html tag detection carl parents: 23 diff changeset	951
0 96a9758165cd Initial revision carl parents: diff changeset	952 case dnsbl: {
96a9758165cd Initial revision carl parents: diff changeset	953 // have a new dnsbl to use
96a9758165cd Initial revision carl parents: diff changeset	954 char *name = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	955 if (!name) break; // no name name
96a9758165cd Initial revision carl parents: diff changeset	956 if (find_dnsbl(dc, name)) break; // duplicate entry
96a9758165cd Initial revision carl parents: diff changeset	957 char *suff = strtok(NULL, delim);
96a9758165cd Initial revision carl parents: diff changeset	958 if (!suff) break; // no dns suffic
96a9758165cd Initial revision carl parents: diff changeset	959 char *msg = suff + strlen(suff);
96a9758165cd Initial revision carl parents: diff changeset	960 if ((msg - line) >= strlen(orig)) break; // line ended with the dns suffix
96a9758165cd Initial revision carl parents: diff changeset	961 msg = strchr(msg+1, '\'');
96a9758165cd Initial revision carl parents: diff changeset	962 if (!msg) break; // no reply message template
96a9758165cd Initial revision carl parents: diff changeset	963 msg++; // move over the leading '
96a9758165cd Initial revision carl parents: diff changeset	964 if ((msg - line) >= strlen(orig)) break; // line ended with the leading quote
96a9758165cd Initial revision carl parents: diff changeset	965 char *last = strchr(msg, '\'');
96a9758165cd Initial revision carl parents: diff changeset	966 if (!last) break; // no trailing quote
96a9758165cd Initial revision carl parents: diff changeset	967 *last = '\0'; // make it a null terminator
96a9758165cd Initial revision carl parents: diff changeset	968 dc.dnsbls[name] = new DNSBL(register_string(suff), register_string(msg));
96a9758165cd Initial revision carl parents: diff changeset	969 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	970 } break;
96a9758165cd Initial revision carl parents: diff changeset	971
96a9758165cd Initial revision carl parents: diff changeset	972 case dnsbll: {
96a9758165cd Initial revision carl parents: diff changeset	973 // define a new combination of dnsbls
96a9758165cd Initial revision carl parents: diff changeset	974 char *name = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	975 if (!name) break;
96a9758165cd Initial revision carl parents: diff changeset	976 if (find_dnsbll(dc, name)) break; // duplicate entry
96a9758165cd Initial revision carl parents: diff changeset	977 char *list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	978 if (!list \|\| (list == '\0') \|\| (list == '#')) break;
96a9758165cd Initial revision carl parents: diff changeset	979 DNSBLLP d = new DNSBLL;
96a9758165cd Initial revision carl parents: diff changeset	980 DNSBLP p = find_dnsbl(dc, list);
96a9758165cd Initial revision carl parents: diff changeset	981 if (p) d->push_back(p);
96a9758165cd Initial revision carl parents: diff changeset	982 while (true) {
96a9758165cd Initial revision carl parents: diff changeset	983 list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	984 if (!list \|\| (list == '\0') \|\| (list == '#')) break;
96a9758165cd Initial revision carl parents: diff changeset	985 DNSBLP p = find_dnsbl(dc, list);
96a9758165cd Initial revision carl parents: diff changeset	986 if (p) d->push_back(p);
96a9758165cd Initial revision carl parents: diff changeset	987 }
96a9758165cd Initial revision carl parents: diff changeset	988 dc.dnsblls[name] = d;
96a9758165cd Initial revision carl parents: diff changeset	989 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	990 } break;
96a9758165cd Initial revision carl parents: diff changeset	991
96a9758165cd Initial revision carl parents: diff changeset	992 case envfrom: {
96a9758165cd Initial revision carl parents: diff changeset	993 // add an entry into the named string_map
96a9758165cd Initial revision carl parents: diff changeset	994 char *name = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	995 if (!name) break;
96a9758165cd Initial revision carl parents: diff changeset	996 char *from = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	997 if (!from) break;
96a9758165cd Initial revision carl parents: diff changeset	998 char *list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	999 if (!list) break;
96a9758165cd Initial revision carl parents: diff changeset	1000 if ((strcmp(list, WHITE) == 0) \|\|
96a9758165cd Initial revision carl parents: diff changeset	1001 (strcmp(list, BLACK) == 0)) {
96a9758165cd Initial revision carl parents: diff changeset	1002 string_map &fm = really_find_from_map(dc, name);
96a9758165cd Initial revision carl parents: diff changeset	1003 fm[from] = list;
96a9758165cd Initial revision carl parents: diff changeset	1004 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	1005 }
96a9758165cd Initial revision carl parents: diff changeset	1006 else {
96a9758165cd Initial revision carl parents: diff changeset	1007 // list may be the name of a previously defined from_map
96a9758165cd Initial revision carl parents: diff changeset	1008 string_map *m = find_from_map(dc, list);
96a9758165cd Initial revision carl parents: diff changeset	1009 if (m && (strcmp(list,name) != 0)) {
96a9758165cd Initial revision carl parents: diff changeset	1010 string_map &pm = *m;
96a9758165cd Initial revision carl parents: diff changeset	1011 string_map &fm = really_find_from_map(dc, name);
96a9758165cd Initial revision carl parents: diff changeset	1012 fm.insert(pm.begin(), pm.end());
96a9758165cd Initial revision carl parents: diff changeset	1013 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	1014 }
96a9758165cd Initial revision carl parents: diff changeset	1015 }
96a9758165cd Initial revision carl parents: diff changeset	1016 } break;
96a9758165cd Initial revision carl parents: diff changeset	1017
96a9758165cd Initial revision carl parents: diff changeset	1018 case envto: {
96a9758165cd Initial revision carl parents: diff changeset	1019 // define the dnsbl_list and env_from maps to use for this recipient
96a9758165cd Initial revision carl parents: diff changeset	1020 char *to = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	1021 if (!to) break;
96a9758165cd Initial revision carl parents: diff changeset	1022 char *list = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	1023 if (!list) break;
96a9758165cd Initial revision carl parents: diff changeset	1024 char *from = next_token(delim);
96a9758165cd Initial revision carl parents: diff changeset	1025 if (!from) break;
96a9758165cd Initial revision carl parents: diff changeset	1026 dc.env_to_dnsbll[to] = list;
96a9758165cd Initial revision carl parents: diff changeset	1027 dc.env_to_chkfrom[to] = from;
96a9758165cd Initial revision carl parents: diff changeset	1028 processed = true;
96a9758165cd Initial revision carl parents: diff changeset	1029 } break;
96a9758165cd Initial revision carl parents: diff changeset	1030
96a9758165cd Initial revision carl parents: diff changeset	1031 case include: {
96a9758165cd Initial revision carl parents: diff changeset	1032 char *fn = next_token(delim);
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1033 if (ok_to_include(dc, fn)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1034 load_conf(dc, fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1035 processed = true;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1036 }
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1037 } break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1038
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1039 case includedcc: {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1040 char *name = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1041 if (!name) break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1042 char *fn = next_token(delim);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1043 if (ok_to_include(dc, fn)) {
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1044 load_conf_dcc(dc, name, fn);
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1045 processed = true;
0 96a9758165cd Initial revision carl parents: diff changeset	1046 }
96a9758165cd Initial revision carl parents: diff changeset	1047 } break;
96a9758165cd Initial revision carl parents: diff changeset	1048
96a9758165cd Initial revision carl parents: diff changeset	1049 default: {
96a9758165cd Initial revision carl parents: diff changeset	1050 } break;
96a9758165cd Initial revision carl parents: diff changeset	1051 }
96a9758165cd Initial revision carl parents: diff changeset	1052 if (!processed) {
96a9758165cd Initial revision carl parents: diff changeset	1053 pthread_mutex_lock(&syslog_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1054 openlog("dnsbl", LOG_PID, LOG_MAIL);
96a9758165cd Initial revision carl parents: diff changeset	1055 syslog(LOG_ERR, "ignoring file %s line %d : %s\n", fn, curline, orig);
96a9758165cd Initial revision carl parents: diff changeset	1056 closelog();
96a9758165cd Initial revision carl parents: diff changeset	1057 pthread_mutex_unlock(&syslog_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1058 }
96a9758165cd Initial revision carl parents: diff changeset	1059 }
96a9758165cd Initial revision carl parents: diff changeset	1060 }
96a9758165cd Initial revision carl parents: diff changeset	1061 is.close();
96a9758165cd Initial revision carl parents: diff changeset	1062 }
96a9758165cd Initial revision carl parents: diff changeset	1063
96a9758165cd Initial revision carl parents: diff changeset	1064
96a9758165cd Initial revision carl parents: diff changeset	1065 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	1066 // reload the config
96a9758165cd Initial revision carl parents: diff changeset	1067 //
96a9758165cd Initial revision carl parents: diff changeset	1068 static CONFIG* new_conf();
96a9758165cd Initial revision carl parents: diff changeset	1069 static CONFIG* new_conf() {
96a9758165cd Initial revision carl parents: diff changeset	1070 CONFIG *newc = new CONFIG;
29 4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	1071 pthread_mutex_lock(&config_mutex);
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	1072 newc->generation = generation++;
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	1073 pthread_mutex_unlock(&config_mutex);
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	1074 char buf[200];
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	1075 snprintf(buf, sizeof(buf), "loading configuration generation %d", newc->generation);
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	1076 my_syslog(buf);
0 96a9758165cd Initial revision carl parents: diff changeset	1077 load_conf(*newc, "dnsbl.conf");
96a9758165cd Initial revision carl parents: diff changeset	1078 newc->load_time = time(NULL);
96a9758165cd Initial revision carl parents: diff changeset	1079 return newc;
96a9758165cd Initial revision carl parents: diff changeset	1080 }
96a9758165cd Initial revision carl parents: diff changeset	1081
96a9758165cd Initial revision carl parents: diff changeset	1082
96a9758165cd Initial revision carl parents: diff changeset	1083 ////////////////////////////////////////////////
96a9758165cd Initial revision carl parents: diff changeset	1084 // thread to watch the old config files for changes
96a9758165cd Initial revision carl parents: diff changeset	1085 // and reload when needed. we also cleanup old
96a9758165cd Initial revision carl parents: diff changeset	1086 // configs whose reference count has gone to zero.
96a9758165cd Initial revision carl parents: diff changeset	1087 //
96a9758165cd Initial revision carl parents: diff changeset	1088 static void* config_loader(void *arg);
96a9758165cd Initial revision carl parents: diff changeset	1089 static void* config_loader(void *arg) {
96a9758165cd Initial revision carl parents: diff changeset	1090 typedef set<CONFIG *> configp_set;
96a9758165cd Initial revision carl parents: diff changeset	1091 configp_set old_configs;
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1092 while (loader_run) {
0 96a9758165cd Initial revision carl parents: diff changeset	1093 sleep(180); // look for modifications every 3 minutes
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1094 if (!loader_run) break;
0 96a9758165cd Initial revision carl parents: diff changeset	1095 CONFIG &dc = *config;
96a9758165cd Initial revision carl parents: diff changeset	1096 time_t then = dc.load_time;
96a9758165cd Initial revision carl parents: diff changeset	1097 struct stat st;
96a9758165cd Initial revision carl parents: diff changeset	1098 bool reload = false;
96a9758165cd Initial revision carl parents: diff changeset	1099 for (string_list::iterator i=dc.config_files.begin(); i!=dc.config_files.end(); i++) {
96a9758165cd Initial revision carl parents: diff changeset	1100 char fn = i;
96a9758165cd Initial revision carl parents: diff changeset	1101 if (stat(fn, &st)) reload = true; // file disappeared
96a9758165cd Initial revision carl parents: diff changeset	1102 else if (st.st_mtime > then) reload = true; // file modified
96a9758165cd Initial revision carl parents: diff changeset	1103 if (reload) break;
96a9758165cd Initial revision carl parents: diff changeset	1104 }
96a9758165cd Initial revision carl parents: diff changeset	1105 if (reload) {
96a9758165cd Initial revision carl parents: diff changeset	1106 CONFIG *newc = new_conf();
96a9758165cd Initial revision carl parents: diff changeset	1107 // replace the global config pointer
96a9758165cd Initial revision carl parents: diff changeset	1108 pthread_mutex_lock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1109 CONFIG *old = config;
96a9758165cd Initial revision carl parents: diff changeset	1110 config = newc;
96a9758165cd Initial revision carl parents: diff changeset	1111 pthread_mutex_unlock(&config_mutex);
96a9758165cd Initial revision carl parents: diff changeset	1112 if (old) old_configs.insert(old);
96a9758165cd Initial revision carl parents: diff changeset	1113 }
96a9758165cd Initial revision carl parents: diff changeset	1114 // now look for old configs with zero ref counts
96a9758165cd Initial revision carl parents: diff changeset	1115 for (configp_set::iterator i=old_configs.begin(); i!=old_configs.end(); ) {
96a9758165cd Initial revision carl parents: diff changeset	1116 CONFIG old = i;
96a9758165cd Initial revision carl parents: diff changeset	1117 if (!old->reference_count) {
29 4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	1118 char buf[200];
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	1119 snprintf(buf, sizeof(buf), "freeing memory for old configuration generation %d", old->generation);
4dfdf33f1db0 add syslog msg freeing memory, use bare tld names without leading period carl parents: 28 diff changeset	1120 my_syslog(buf);
0 96a9758165cd Initial revision carl parents: diff changeset	1121 delete old; // destructor does all the work
96a9758165cd Initial revision carl parents: diff changeset	1122 old_configs.erase(i++);
96a9758165cd Initial revision carl parents: diff changeset	1123 }
96a9758165cd Initial revision carl parents: diff changeset	1124 else i++;
96a9758165cd Initial revision carl parents: diff changeset	1125 }
96a9758165cd Initial revision carl parents: diff changeset	1126 }
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1127 return NULL;
0 96a9758165cd Initial revision carl parents: diff changeset	1128 }
96a9758165cd Initial revision carl parents: diff changeset	1129
96a9758165cd Initial revision carl parents: diff changeset	1130
96a9758165cd Initial revision carl parents: diff changeset	1131 static void usage(char *prog);
96a9758165cd Initial revision carl parents: diff changeset	1132 static void usage(char *prog)
96a9758165cd Initial revision carl parents: diff changeset	1133 {
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1134 fprintf(stderr, "Usage: %s [-d] [-c] -p socket-addr [-t timeout]\n", prog);
0 96a9758165cd Initial revision carl parents: diff changeset	1135 fprintf(stderr, "where socket-addr is for the connection to sendmail and should be one of\n");
96a9758165cd Initial revision carl parents: diff changeset	1136 fprintf(stderr, " inet:port@local-ip-address\n");
96a9758165cd Initial revision carl parents: diff changeset	1137 fprintf(stderr, " local:local-domain-socket-file-name\n");
9 8c65411cd7ab integration work on url scanner carl parents: 8 diff changeset	1138 fprintf(stderr, "-c will load and dump the config to stdout\n");
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1139 fprintf(stderr, "-d will add some syslog debug messages\n");
0 96a9758165cd Initial revision carl parents: diff changeset	1140 }
96a9758165cd Initial revision carl parents: diff changeset	1141
96a9758165cd Initial revision carl parents: diff changeset	1142
96a9758165cd Initial revision carl parents: diff changeset	1143 int main(int argc, char**argv)
96a9758165cd Initial revision carl parents: diff changeset	1144 {
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1145 bool check = false;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1146 bool setconn = false;
0 96a9758165cd Initial revision carl parents: diff changeset	1147 int c;
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1148 const char *args = "p:t:hcd";
0 96a9758165cd Initial revision carl parents: diff changeset	1149 extern char *optarg;
96a9758165cd Initial revision carl parents: diff changeset	1150
96a9758165cd Initial revision carl parents: diff changeset	1151 // Process command line options
96a9758165cd Initial revision carl parents: diff changeset	1152 while ((c = getopt(argc, argv, args)) != -1) {
96a9758165cd Initial revision carl parents: diff changeset	1153 switch (c) {
96a9758165cd Initial revision carl parents: diff changeset	1154 case 'p':
96a9758165cd Initial revision carl parents: diff changeset	1155 if (optarg == NULL \|\| *optarg == '\0') {
96a9758165cd Initial revision carl parents: diff changeset	1156 fprintf(stderr, "Illegal conn: %s\n", optarg);
96a9758165cd Initial revision carl parents: diff changeset	1157 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1158 }
96a9758165cd Initial revision carl parents: diff changeset	1159 if (smfi_setconn(optarg) == MI_FAILURE) {
96a9758165cd Initial revision carl parents: diff changeset	1160 fprintf(stderr, "smfi_setconn failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1161 exit(EX_SOFTWARE);
96a9758165cd Initial revision carl parents: diff changeset	1162 }
96a9758165cd Initial revision carl parents: diff changeset	1163
96a9758165cd Initial revision carl parents: diff changeset	1164 if (strncasecmp(optarg, "unix:", 5) == 0) unlink(optarg + 5);
96a9758165cd Initial revision carl parents: diff changeset	1165 else if (strncasecmp(optarg, "local:", 6) == 0) unlink(optarg + 6);
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1166 setconn = true;
0 96a9758165cd Initial revision carl parents: diff changeset	1167 break;
96a9758165cd Initial revision carl parents: diff changeset	1168
96a9758165cd Initial revision carl parents: diff changeset	1169 case 't':
96a9758165cd Initial revision carl parents: diff changeset	1170 if (optarg == NULL \|\| *optarg == '\0') {
96a9758165cd Initial revision carl parents: diff changeset	1171 fprintf(stderr, "Illegal timeout: %s\n", optarg);
96a9758165cd Initial revision carl parents: diff changeset	1172 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1173 }
96a9758165cd Initial revision carl parents: diff changeset	1174 if (smfi_settimeout(atoi(optarg)) == MI_FAILURE) {
96a9758165cd Initial revision carl parents: diff changeset	1175 fprintf(stderr, "smfi_settimeout failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1176 exit(EX_SOFTWARE);
96a9758165cd Initial revision carl parents: diff changeset	1177 }
96a9758165cd Initial revision carl parents: diff changeset	1178 break;
96a9758165cd Initial revision carl parents: diff changeset	1179
3 7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1180 case 'c':
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1181 check = true;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1182 break;
7e1eb343a825 updates to use dcc conf files carl parents: 2 diff changeset	1183
16 2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1184 case 'd':
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1185 debug_syslog = true;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1186 break;
2ae8d953f1d0 add scanning for bare hostnames carl parents: 14 diff changeset	1187
0 96a9758165cd Initial revision carl parents: diff changeset	1188 case 'h':
96a9758165cd Initial revision carl parents: diff changeset	1189 default:
96a9758165cd Initial revision carl parents: diff changeset	1190 usage(argv[0]);
96a9758165cd Initial revision carl parents: diff changeset	1191 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1192 }
96a9758165cd Initial revision carl parents: diff changeset	1193 }
5 793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1194
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1195 if (check) {
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1196 CONFIG &dc = *new_conf();
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1197 dumpit(dc);
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1198 return 0;
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1199 }
793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1200
0 96a9758165cd Initial revision carl parents: diff changeset	1201 if (!setconn) {
96a9758165cd Initial revision carl parents: diff changeset	1202 fprintf(stderr, "%s: Missing required -p argument\n", argv[0]);
96a9758165cd Initial revision carl parents: diff changeset	1203 usage(argv[0]);
96a9758165cd Initial revision carl parents: diff changeset	1204 exit(EX_USAGE);
96a9758165cd Initial revision carl parents: diff changeset	1205 }
5 793ac9cc114d updates to use dcc conf files carl parents: 4 diff changeset	1206
0 96a9758165cd Initial revision carl parents: diff changeset	1207 if (smfi_register(smfilter) == MI_FAILURE) {
96a9758165cd Initial revision carl parents: diff changeset	1208 fprintf(stderr, "smfi_register failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1209 exit(EX_UNAVAILABLE);
96a9758165cd Initial revision carl parents: diff changeset	1210 }
96a9758165cd Initial revision carl parents: diff changeset	1211
96a9758165cd Initial revision carl parents: diff changeset	1212 // switch to background mode
96a9758165cd Initial revision carl parents: diff changeset	1213 if (daemon(1,0) < 0) {
96a9758165cd Initial revision carl parents: diff changeset	1214 fprintf(stderr, "daemon() call failed\n");
96a9758165cd Initial revision carl parents: diff changeset	1215 exit(EX_UNAVAILABLE);
96a9758165cd Initial revision carl parents: diff changeset	1216 }
96a9758165cd Initial revision carl parents: diff changeset	1217
96a9758165cd Initial revision carl parents: diff changeset	1218 // initialize the thread sync objects
96a9758165cd Initial revision carl parents: diff changeset	1219 pthread_mutex_init(&config_mutex, 0);
96a9758165cd Initial revision carl parents: diff changeset	1220 pthread_mutex_init(&syslog_mutex, 0);
96a9758165cd Initial revision carl parents: diff changeset	1221 pthread_mutex_init(&resolve_mutex, 0);
96a9758165cd Initial revision carl parents: diff changeset	1222
96a9758165cd Initial revision carl parents: diff changeset	1223 // load the initial config
96a9758165cd Initial revision carl parents: diff changeset	1224 config = new_conf();
96a9758165cd Initial revision carl parents: diff changeset	1225
96a9758165cd Initial revision carl parents: diff changeset	1226 // only create threads after the fork() in daemon
96a9758165cd Initial revision carl parents: diff changeset	1227 pthread_t tid;
96a9758165cd Initial revision carl parents: diff changeset	1228 if (pthread_create(&tid, 0, config_loader, 0))
96a9758165cd Initial revision carl parents: diff changeset	1229 my_syslog("failed to create config loader thread");
96a9758165cd Initial revision carl parents: diff changeset	1230 if (pthread_detach(tid))
96a9758165cd Initial revision carl parents: diff changeset	1231 my_syslog("failed to detach config loader thread");
96a9758165cd Initial revision carl parents: diff changeset	1232
96a9758165cd Initial revision carl parents: diff changeset	1233 // write the pid
96a9758165cd Initial revision carl parents: diff changeset	1234 const char *pidpath = "/var/run/dnsbl.pid";
96a9758165cd Initial revision carl parents: diff changeset	1235 unlink(pidpath);
96a9758165cd Initial revision carl parents: diff changeset	1236 FILE *f = fopen(pidpath, "w");
96a9758165cd Initial revision carl parents: diff changeset	1237 if (f) {
22 c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1238 #ifdef linux
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1239 // from a comment in the DCC source code:
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1240 // Linux threads are broken. Signals given the
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1241 // original process are delivered to only the
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1242 // thread that happens to have that PID. The
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1243 // sendmail libmilter thread that needs to hear
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1244 // SIGINT and other signals does not, and that breaks
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1245 // scripts that need to stop milters.
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1246 // However, signaling the process group works.
0 96a9758165cd Initial revision carl parents: diff changeset	1247 fprintf(f, "-%d\n", (u_int)getpgrp());
22 c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1248 #else
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1249 fprintf(f, "%d\n", (u_int)getpid());
c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1250 #endif
0 96a9758165cd Initial revision carl parents: diff changeset	1251 fclose(f);
96a9758165cd Initial revision carl parents: diff changeset	1252 }
96a9758165cd Initial revision carl parents: diff changeset	1253
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1254 time_t starting = time(NULL);
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1255 int rc = smfi_main();
22 c21b888cc175 fix restart code, add ifdef for linux pid issues carl parents: 18 diff changeset	1256 if ((rc != MI_SUCCESS) && (time(NULL) > starting+5*60)) {
18 041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1257 my_syslog("trying to restart after smfi_main()");
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1258 loader_run = false; // eventually the config loader thread will terminate
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1259 execvp(argv[0], argv);
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1260 }
041ea016b684 add scanning for bare hostnames carl parents: 16 diff changeset	1261 exit((rc == MI_SUCCESS) ? 0 : EX_UNAVAILABLE);
0 96a9758165cd Initial revision carl parents: diff changeset	1262 }
8 dbe18921f741 integration work on url scanner carl parents: 5 diff changeset	1263

Mercurial > dnsbl

annotate src/dnsbl.cpp @ 29:4dfdf33f1db0 stable-2-4