Mercurial > dnsbl
annotate src/context.cpp @ 159:ea7c57a4a2d1 stable-6-01
add auto whitelisting
author | carl |
---|---|
date | Sun, 08 Jul 2007 11:57:51 -0700 |
parents | a220bfb9211f |
children | b3ed72ee6564 |
rev | line source |
---|---|
94 | 1 /* |
2 | |
152 | 3 Copyright (c) 2007 Carl Byington - 510 Software Group, released under |
4 the GPL version 3 or any later version at your choice available at | |
5 http://www.gnu.org/licenses/gpl-3.0.txt | |
94 | 6 |
7 */ | |
8 | |
9 #include "includes.h" | |
10 | |
11 // needed for socket io | |
96
1edd4e8d3a60
fix missing include, not all systems define HOST_NAME_MAX
carl
parents:
94
diff
changeset
|
12 #include <unistd.h> |
94 | 13 #include <sys/ioctl.h> |
14 #include <net/if.h> | |
15 #include <arpa/inet.h> | |
16 #include <netinet/in.h> | |
17 #include <netinet/tcp.h> | |
18 #include <netdb.h> | |
19 #include <sys/socket.h> | |
20 #include <sys/un.h> | |
21 | |
22 static char* context_version="$Id$"; | |
23 | |
153 | 24 char *token_autowhite; |
94 | 25 char *token_black; |
26 char *token_content; | |
27 char *token_context; | |
28 char *token_dccfrom; | |
29 char *token_dccto; | |
30 char *token_default; | |
31 char *token_dnsbl; | |
32 char *token_dnsbll; | |
33 char *token_envfrom; | |
34 char *token_envto; | |
35 char *token_filter; | |
36 char *token_host_limit; | |
37 char *token_html_limit; | |
38 char *token_html_tags; | |
39 char *token_ignore; | |
40 char *token_include; | |
41 char *token_inherit; | |
42 char *token_lbrace; | |
43 char *token_mailhost; | |
44 char *token_many; | |
45 char *token_off; | |
46 char *token_ok2; | |
47 char *token_ok; | |
48 char *token_on; | |
136 | 49 char *token_rate; |
94 | 50 char *token_rbrace; |
51 char *token_semi; | |
52 char *token_soft; | |
53 char *token_substitute; | |
54 char *token_tld; | |
117 | 55 char *token_cctld; |
94 | 56 char *token_unknown; |
119 | 57 char *token_uribl; |
94 | 58 char *token_verify; |
59 char *token_white; | |
60 | |
61 char *token_myhostname; | |
96
1edd4e8d3a60
fix missing include, not all systems define HOST_NAME_MAX
carl
parents:
94
diff
changeset
|
62 #ifndef HOST_NAME_MAX |
1edd4e8d3a60
fix missing include, not all systems define HOST_NAME_MAX
carl
parents:
94
diff
changeset
|
63 #define HOST_NAME_MAX 255 |
1edd4e8d3a60
fix missing include, not all systems define HOST_NAME_MAX
carl
parents:
94
diff
changeset
|
64 #endif |
94 | 65 char myhostname[HOST_NAME_MAX+1]; |
66 | |
153 | 67 pthread_mutex_t verifier_mutex; // protect the verifier map |
94 | 68 verify_map verifiers; |
153 | 69 |
70 pthread_mutex_t whitelister_mutex; // protect the | |
71 whitelister_map whitelisters; | |
72 | |
94 | 73 string_set all_strings; // owns all the strings, only modified by the config loader thread |
74 const int maxlen = 1000; // used for snprintf buffers | |
153 | 75 const int maxsmtp_age = 120;// smtp verify sockets older than this are ancient |
76 const int maxauto_age = 600;// auto whitelister delay before flushing to file | |
94 | 77 extern int NULL_SOCKET; |
129
c5cd1261394d
ignore smtp connection attempts for 10 minutes when getting connection errors on verify hosts
carl
parents:
119
diff
changeset
|
78 const time_t ERROR_SMTP_SOCKET_TIME = 600; // number of seconds between attempts to open a socket to an smtp server |
94 | 79 |
80 | |
81 int SMTP::writer() { | |
82 #ifdef VERIFY_DEBUG | |
83 log("writer() sees buffer with %s", buffer); | |
84 log("writer() sees error %d", (int)error); | |
85 #endif | |
86 int rs = 0; | |
87 if (!error) { | |
88 int len = strlen(buffer); | |
89 while (rs < len) { | |
90 int ws = write(fd, buffer+rs, len-rs); | |
91 if (ws > 0) { | |
92 rs += ws; | |
93 } | |
94 else { | |
95 // peer closed the socket! | |
96 rs = 0; | |
97 error = true; | |
98 break; | |
99 } | |
100 } | |
101 } | |
102 return rs; | |
103 } | |
104 | |
105 | |
106 int SMTP::reader() { | |
107 // read some bytes terminated by lf or end of buffer. | |
108 // we may have a multi line response or part thereof in the buffer. | |
109 #ifdef VERIFY_DEBUG | |
110 log("reader() sees error %d", (int)error); | |
111 #endif | |
112 if (error) return 0; | |
113 int len = maxlen-1; // room for null terminator | |
114 while (pending < len) { | |
115 int ws = read(fd, buffer+pending, len-pending); | |
116 if (ws > 0) { | |
117 pending += ws; | |
118 if (buffer[pending-1] == '\n') break; | |
119 } | |
120 else { | |
121 // peer closed the socket! | |
122 pending = 0; | |
123 error = true; | |
124 break; | |
125 } | |
126 } | |
127 buffer[pending] = '\0'; | |
128 #ifdef VERIFY_DEBUG | |
129 log("reader() sees buffer with %s", buffer); | |
130 #endif | |
131 return pending; | |
132 } | |
133 | |
134 | |
135 int SMTP::read_line() { | |
136 char *lf = strchr(buffer, '\n'); | |
137 if (!lf) { | |
138 reader(); // get a lf | |
139 lf = strchr(buffer, '\n'); | |
140 if (!lf) lf = buffer + pending - 1; | |
141 } | |
142 return (lf-buffer)+1; // number of bytes in this line | |
143 } | |
144 | |
145 | |
97 | 146 void SMTP::flush_line(int r) { |
94 | 147 if (pending > r) memmove(buffer, buffer+r, pending-r); |
148 pending -= r; | |
149 } | |
150 | |
151 | |
152 int SMTP::read_response() { | |
153 pending = 0; | |
154 buffer[pending] = '\0'; | |
155 while (true) { | |
156 int r = read_line(); | |
157 #ifdef VERIFY_DEBUG | |
158 log("read_response() sees line with %s", buffer); | |
159 log("read_response() sees line length %d", r); | |
160 #endif | |
161 if (r == 0) return 0; // failed to read any bytes | |
162 if ((r > 4) && (buffer[3] == '-')) { | |
163 flush_line(r); | |
164 continue; | |
165 } | |
166 return atoi(buffer); | |
167 } | |
168 return 0; | |
169 } | |
170 | |
171 | |
172 int SMTP::cmd(char *c) { | |
173 if (c) { | |
174 init(); | |
175 append(c); | |
176 } | |
177 append("\r\n"); | |
178 writer(); | |
179 return read_response(); | |
180 } | |
181 | |
182 | |
183 int SMTP::helo() { | |
184 if (read_response() != 220) return 0; | |
185 init(); | |
186 append("HELO "); | |
187 append(token_myhostname); | |
188 return cmd(NULL); | |
189 } | |
190 | |
191 | |
192 int SMTP::rset() { | |
193 int rc = cmd("RSET"); | |
194 efrom[0] = '\0'; | |
195 return rc; | |
196 } | |
197 | |
198 | |
199 int SMTP::from(char *f) { | |
101 | 200 // the mail from address was originally passed in from sendmail enclosed in |
201 // <>. to_lower_string() removed the <> and converted the rest to lowercase, | |
202 // except in the case of an empty return path, which was left as the two | |
203 // character string <>. | |
94 | 204 if (strncmp(efrom, f, maxlen)) { |
205 rset(); | |
206 strncpy(efrom, f, maxlen); | |
207 init(); | |
208 append("MAIL FROM:<"); | |
101 | 209 if (*f != '<') append(f); |
94 | 210 append(">"); |
211 return cmd(NULL); | |
212 } | |
213 return 250; // pretend it worked | |
214 } | |
215 | |
216 | |
217 int SMTP::rcpt(char *t) { | |
218 init(); | |
219 append("RCPT TO:<"); | |
220 append(t); | |
221 append(">"); | |
222 return cmd(NULL); | |
223 } | |
224 | |
225 | |
226 int SMTP::quit() { | |
227 return cmd("QUIT"); | |
228 } | |
229 | |
230 | |
231 void SMTP::closefd() { | |
232 shutdown(fd, SHUT_RDWR); | |
233 close(fd); | |
234 } | |
235 | |
236 | |
237 #ifdef VERIFY_DEBUG | |
238 void SMTP::log(char *m, int v) { | |
239 char buf[maxlen]; | |
240 snprintf(buf, maxlen, m, v); | |
241 my_syslog(buf); | |
242 } | |
243 | |
244 | |
245 void SMTP::log(char *m, char *v) { | |
246 char buf[maxlen]; | |
247 snprintf(buf, maxlen, m, v); | |
248 my_syslog(buf); | |
249 } | |
250 #endif | |
251 | |
252 | |
153 | 253 //////////////////////////////////////////////// |
254 // smtp verifier so backup mx machines can see the valid users | |
255 // | |
94 | 256 VERIFY::VERIFY(char *h) { |
257 host = h; | |
258 last_err = 0; | |
259 pthread_mutex_init(&mutex, 0); | |
260 } | |
261 | |
262 | |
263 void VERIFY::closer() { | |
264 bool ok = true; | |
265 while (ok) { | |
266 SMTP *conn = NULL; | |
267 pthread_mutex_lock(&mutex); | |
268 if (connections.empty()) { | |
269 ok = false; | |
270 } | |
271 else { | |
272 conn = connections.front(); | |
273 time_t now = time(NULL); | |
153 | 274 if ((now - conn->get_stamp()) > maxsmtp_age) { |
94 | 275 // this connection is ancient, remove it |
276 connections.pop_front(); | |
277 } | |
278 else { | |
279 ok = false; | |
280 conn = NULL; | |
281 } | |
282 } | |
283 pthread_mutex_unlock(&mutex); | |
284 // avoid doing this work inside the mutex lock | |
285 if (conn) { | |
286 #ifdef VERIFY_DEBUG | |
287 conn->log("closer() closes ancient %d", conn->get_fd()); | |
288 #endif | |
289 delete conn; | |
290 } | |
291 } | |
292 } | |
293 | |
294 | |
295 SMTP* VERIFY::get_connection() { | |
296 SMTP *conn = NULL; | |
297 pthread_mutex_lock(&mutex); | |
298 if (!connections.empty()) { | |
299 conn = connections.front(); | |
300 connections.pop_front(); | |
301 #ifdef VERIFY_DEBUG | |
302 conn->log("get_connection() %d from cache", conn->get_fd()); | |
303 #endif | |
304 } | |
305 pthread_mutex_unlock(&mutex); | |
306 if (conn) return conn; | |
307 int sock = NULL_SOCKET; | |
129
c5cd1261394d
ignore smtp connection attempts for 10 minutes when getting connection errors on verify hosts
carl
parents:
119
diff
changeset
|
308 if ((time(NULL) - last_err) > ERROR_SMTP_SOCKET_TIME) { |
94 | 309 // nothing recent, maybe this time it will work |
310 hostent *h = gethostbyname(host); | |
311 if (h) { | |
312 sockaddr_in server; | |
313 server.sin_family = h->h_addrtype; | |
314 server.sin_port = htons(25); | |
315 memcpy(&server.sin_addr, h->h_addr_list[0], h->h_length); | |
316 sock = socket(PF_INET, SOCK_STREAM, 0); | |
317 if (sock != NULL_SOCKET) { | |
318 bool rc = (connect(sock, (sockaddr *)&server, sizeof(server)) == 0); | |
319 if (!rc) { | |
320 shutdown(sock, SHUT_RDWR); | |
321 close(sock); | |
322 sock = NULL_SOCKET; | |
129
c5cd1261394d
ignore smtp connection attempts for 10 minutes when getting connection errors on verify hosts
carl
parents:
119
diff
changeset
|
323 last_err = time(NULL); |
94 | 324 } |
325 } | |
129
c5cd1261394d
ignore smtp connection attempts for 10 minutes when getting connection errors on verify hosts
carl
parents:
119
diff
changeset
|
326 else last_err = time(NULL); |
94 | 327 } |
129
c5cd1261394d
ignore smtp connection attempts for 10 minutes when getting connection errors on verify hosts
carl
parents:
119
diff
changeset
|
328 else last_err = time(NULL); |
94 | 329 } |
330 if (sock != NULL_SOCKET) { | |
331 conn = new SMTP(sock); | |
332 #ifdef VERIFY_DEBUG | |
333 conn->log("get_connection() %d new socket", conn->get_fd()); | |
334 #endif | |
335 if (conn->helo() == 250) return conn; | |
336 delete conn; | |
337 } | |
338 return NULL; | |
339 } | |
340 | |
341 | |
342 void VERIFY::put_connection(SMTP *conn) { | |
343 if (conn->err()) { | |
344 #ifdef VERIFY_DEBUG | |
345 conn->log("put_socket() %d with error, close it", conn->get_fd()); | |
346 #endif | |
347 delete conn; | |
348 last_err = time(NULL); | |
349 } | |
350 else { | |
351 #ifdef VERIFY_DEBUG | |
352 conn->log("put_socket() %d", conn->get_fd()); | |
353 #endif | |
354 conn->now(); | |
355 pthread_mutex_lock(&mutex); | |
356 connections.push_back(conn); | |
357 pthread_mutex_unlock(&mutex); | |
358 } | |
359 } | |
360 | |
361 | |
362 bool VERIFY::ok(char *from, char *to) { | |
363 if (host == token_myhostname) return true; | |
364 SMTP *conn = get_connection(); | |
365 if (!conn) return true; // cannot verify right now, we have socket errors | |
366 int rc; | |
367 rc = conn->from(from); | |
368 #ifdef VERIFY_DEBUG | |
369 conn->log("verify::ok() from sees %d", rc); | |
370 #endif | |
371 if (rc != 250) { | |
372 conn->rset(); | |
373 put_connection(conn); | |
374 return (rc >= 500) ? false : true; | |
375 } | |
376 rc = conn->rcpt(to); | |
377 #ifdef VERIFY_DEBUG | |
378 conn->log("verify::ok() rcpt sees %d", rc); | |
379 #endif | |
380 put_connection(conn); | |
381 return (rc >= 500) ? false : true; | |
382 } | |
383 | |
384 | |
153 | 385 //////////////////////////////////////////////// |
386 // setup a new smtp verify host | |
387 // | |
388 VERIFYP add_verify_host(char *host); | |
389 VERIFYP add_verify_host(char *host) { | |
390 VERIFYP rc = NULL; | |
391 pthread_mutex_lock(&verifier_mutex); | |
392 verify_map::iterator i = verifiers.find(host); | |
393 if (i == verifiers.end()) { | |
394 rc = new VERIFY(host); | |
395 verifiers[host] = rc; | |
396 } | |
397 else rc = (*i).second; | |
398 pthread_mutex_unlock(&verifier_mutex); | |
399 return rc; | |
400 } | |
401 | |
402 | |
403 //////////////////////////////////////////////// | |
404 // thread to check for verify hosts with old sockets that we can close | |
405 // | |
406 void* verify_closer(void *arg) { | |
407 while (true) { | |
408 sleep(maxsmtp_age); | |
409 pthread_mutex_lock(&verifier_mutex); | |
410 for (verify_map::iterator i=verifiers.begin(); i!=verifiers.end(); i++) { | |
411 VERIFYP v = (*i).second; | |
412 v->closer(); | |
413 } | |
414 pthread_mutex_unlock(&verifier_mutex); | |
415 } | |
416 return NULL; | |
417 } | |
418 | |
419 | |
420 //////////////////////////////////////////////// | |
421 // automatic whitelister | |
422 // | |
423 WHITELISTER::WHITELISTER(char *f, int d) { | |
424 fn = f; | |
425 days = d; | |
426 pthread_mutex_init(&mutex, 0); | |
427 need = false; | |
154 | 428 ifstream ifs; |
429 ifs.open(fn); | |
430 if (!ifs.fail()) { | |
431 const int maxlen = 1000; | |
432 char buf[maxlen]; | |
433 while (ifs.getline(buf, maxlen)) { | |
434 char *p = strchr(buf, ' '); | |
435 if (p) { | |
436 *p = '\0'; | |
437 char *who = strdup(buf); | |
438 int when = atoi(p+1); | |
439 rcpts[who] = when; | |
440 } | |
441 } | |
442 } | |
443 ifs.close(); | |
153 | 444 } |
445 | |
446 | |
447 void WHITELISTER::writer() { | |
448 pthread_mutex_lock(&mutex); | |
449 time_t limit = time(NULL) - days*86400; | |
450 for (autowhite_sent::iterator i=rcpts.begin(); i!=rcpts.end();) { | |
451 time_t when = (*i).second; | |
452 if (when < limit) { | |
154 | 453 char *who = (*i).first; |
454 free(who); | |
153 | 455 autowhite_sent::iterator j = i; |
456 j++; | |
457 rcpts.erase(i); | |
458 i = j; | |
459 need = true; | |
460 } | |
461 else i++; | |
462 } | |
463 if (need) { | |
464 // dump the file | |
154 | 465 ofstream ofs; |
466 ofs.open(fn); | |
467 if (!ofs.fail()) { | |
153 | 468 for (autowhite_sent::iterator i=rcpts.begin(); i!=rcpts.end(); i++) { |
469 char *who = (*i).first; | |
470 int when = (*i).second; | |
154 | 471 ofs << who << " " << when << endl; |
153 | 472 } |
473 } | |
154 | 474 ofs.close(); |
156 | 475 need = false; |
153 | 476 } |
477 pthread_mutex_unlock(&mutex); | |
478 } | |
479 | |
480 | |
481 void WHITELISTER::sent(char *to) { | |
154 | 482 // we take ownership of the string |
153 | 483 pthread_mutex_lock(&mutex); |
484 need = true; | |
485 rcpts[to] = time(NULL); | |
486 pthread_mutex_unlock(&mutex); | |
487 } | |
488 | |
489 | |
490 bool WHITELISTER::is_white(char *from) { | |
491 bool rc = false; | |
492 pthread_mutex_lock(&mutex); | |
493 autowhite_sent::iterator i = rcpts.find(from); | |
494 if (i != rcpts.end()) { | |
495 time_t when = (*i).second; | |
496 time_t now = time(NULL); | |
497 rc = (when+(days*8640) > now); | |
498 } | |
499 pthread_mutex_unlock(&mutex); | |
500 return rc; | |
501 } | |
502 | |
503 | |
504 //////////////////////////////////////////////// | |
505 // setup a new auto whitelister file | |
506 // | |
507 WHITELISTERP add_whitelister_file(char *fn, int days); | |
508 WHITELISTERP add_whitelister_file(char *fn, int days) { | |
509 WHITELISTERP rc = NULL; | |
510 pthread_mutex_lock(&whitelister_mutex); | |
511 whitelister_map::iterator i = whitelisters.find(fn); | |
512 if (i == whitelisters.end()) { | |
513 rc = new WHITELISTER(fn, days); | |
514 whitelisters[fn] = rc; | |
515 } | |
156 | 516 else { |
517 rc = (*i).second; | |
518 rc->set_days(days); | |
519 } | |
153 | 520 pthread_mutex_unlock(&whitelister_mutex); |
521 return rc; | |
522 } | |
523 | |
524 | |
525 //////////////////////////////////////////////// | |
526 // thread to check for whitelister hosts with old sockets that we can close | |
527 // | |
528 void* whitelister_writer(void *arg) { | |
529 while (true) { | |
530 sleep(maxauto_age); | |
531 pthread_mutex_lock(&whitelister_mutex); | |
532 for (whitelister_map::iterator i=whitelisters.begin(); i!=whitelisters.end(); i++) { | |
533 WHITELISTERP v = (*i).second; | |
534 v->writer(); | |
535 } | |
536 pthread_mutex_unlock(&whitelister_mutex); | |
537 } | |
538 return NULL; | |
539 } | |
540 | |
541 | |
94 | 542 DNSBL::DNSBL(char *n, char *s, char *m) { |
543 name = n; | |
544 suffix = s; | |
545 message = m; | |
546 } | |
547 | |
548 | |
549 bool DNSBL::operator==(const DNSBL &rhs) { | |
550 return (strcmp(name, rhs.name) == 0) && | |
551 (strcmp(suffix, rhs.suffix) == 0) && | |
552 (strcmp(message, rhs.message) == 0); | |
553 } | |
554 | |
555 | |
556 CONFIG::CONFIG() { | |
557 reference_count = 0; | |
558 generation = 0; | |
559 load_time = 0; | |
560 default_context = NULL; | |
561 } | |
562 | |
563 | |
564 CONFIG::~CONFIG() { | |
146 | 565 if (debug_syslog) { |
566 char buf[maxlen]; | |
567 snprintf(buf, sizeof(buf), "freeing memory for old configuration generation %d", generation); | |
568 my_syslog(buf); | |
569 } | |
94 | 570 for (context_list::iterator i=contexts.begin(); i!=contexts.end(); i++) { |
571 CONTEXT *c = *i; | |
572 delete c; | |
573 } | |
574 } | |
575 | |
576 | |
577 void CONFIG::add_context(CONTEXTP con) { | |
578 contexts.push_back(con); | |
579 if (!default_context && !con->get_parent()) { | |
580 // first global context | |
581 default_context = con; | |
582 } | |
583 } | |
584 | |
585 | |
586 void CONFIG::add_to(char *to, CONTEXTP con) { | |
587 context_map::iterator i = env_to.find(to); | |
588 if (i != env_to.end()) { | |
589 CONTEXTP c = (*i).second; | |
590 if ((c != con) && (c != con->get_parent())) { | |
591 if (debug_syslog) { | |
592 char oldname[maxlen]; | |
593 char newname[maxlen]; | |
594 char *oldn = c->get_full_name(oldname, maxlen); | |
595 char *newn = con->get_full_name(newname, maxlen); | |
596 char buf[maxlen*3]; | |
597 snprintf(buf, maxlen*3, "both %s and %s claim envelope to %s, the second one wins", oldn, newn, to); | |
598 my_syslog(buf); | |
599 } | |
600 } | |
601 } | |
602 env_to[to] = con; | |
603 } | |
604 | |
605 | |
606 CONTEXTP CONFIG::find_context(char *to) { | |
607 context_map::iterator i = env_to.find(to); | |
117 | 608 if (i != env_to.end()) return (*i).second; // found user@domain key |
94 | 609 char *x = strchr(to, '@'); |
610 if (x) { | |
611 x++; | |
612 i = env_to.find(x); | |
117 | 613 if (i != env_to.end()) return (*i).second; // found domain key |
94 | 614 char y = *x; |
615 *x = '\0'; | |
616 i = env_to.find(to); | |
617 *x = y; | |
618 if (i != env_to.end()) return (*i).second; // found user@ key | |
619 } | |
620 return default_context; | |
621 } | |
622 | |
623 | |
624 void CONFIG::dump() { | |
144
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
625 if (default_context) default_context->dump(true); |
94 | 626 for (context_list::iterator i=contexts.begin(); i!=contexts.end(); i++) { |
627 CONTEXTP c = *i; | |
628 CONTEXTP p = c->get_parent(); | |
144
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
629 if (!p && (c != default_context)) c->dump(false); |
94 | 630 } |
631 char buf[maxlen]; | |
632 for (context_map::iterator i=env_to.begin(); i!=env_to.end(); i++) { | |
633 char *to = (*i).first; | |
634 CONTEXTP con = (*i).second; | |
635 printf("// envelope to %s \t-> context %s \n", to, con->get_full_name(buf,maxlen)); | |
636 } | |
637 } | |
638 | |
639 | |
640 CONTEXT::CONTEXT(CONTEXTP parent_, char *name_) { | |
641 parent = parent_; | |
642 name = name_; | |
643 verify_host = NULL; | |
153 | 644 verifier = NULL; |
645 autowhite_file = NULL; | |
646 whitelister = NULL; | |
94 | 647 env_from_default = (parent) ? token_inherit : token_unknown; |
648 content_filtering = (parent) ? parent->content_filtering : false; | |
649 content_suffix = NULL; | |
650 content_message = NULL; | |
119 | 651 uribl_suffix = NULL; |
652 uribl_message = NULL; | |
94 | 653 host_limit = (parent) ? parent->host_limit : 0; |
654 host_limit_message = NULL; | |
655 host_random = (parent) ? parent->host_random : false; | |
656 tag_limit = (parent) ? parent->tag_limit : 0; | |
657 tag_limit_message = NULL; | |
140 | 658 default_rcpt_rate = INT_MAX; |
94 | 659 } |
660 | |
661 | |
662 CONTEXT::~CONTEXT() { | |
663 for (dnsblp_map::iterator i=dnsbl_names.begin(); i!=dnsbl_names.end(); i++) { | |
664 DNSBLP d = (*i).second; | |
665 // delete the underlying DNSBL objects. | |
666 delete d; | |
667 } | |
668 } | |
669 | |
670 | |
671 bool CONTEXT::is_parent(CONTEXTP p) { | |
672 if (p == parent) return true; | |
673 if (!parent) return false; | |
674 return parent->is_parent(p); | |
675 } | |
676 | |
677 | |
678 char *CONTEXT::get_full_name(char *buffer, int size) { | |
679 if (!parent) return name; | |
680 char buf[maxlen]; | |
681 snprintf(buffer, size, "%s.%s", parent->get_full_name(buf, maxlen), name); | |
682 return buffer; | |
683 } | |
684 | |
685 | |
686 bool CONTEXT::cover_env_to(char *to) { | |
687 char buffer[maxlen]; | |
688 char *x = strchr(to, '@'); | |
689 if (x) x++; | |
690 else x = to; | |
144
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
691 if (*x == '\0') return true; // always allow covering addresses with no domain name, eg abuse@ |
100
63e8633abc34
allow empty env_to at global context to remove all restrictions on child contexts
carl
parents:
99
diff
changeset
|
692 if (!parent && env_to.empty()) return true; // empty env_to at global level covers everything |
94 | 693 string_set::iterator i = env_to.find(x); |
144
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
694 if (i != env_to.end()) return true; // we cover the entire domain |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
695 if (x != to) { |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
696 i = env_to.find(to); |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
697 if (i != env_to.end()) return true; // we cover the specific email address |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
698 } |
94 | 699 return false; |
700 } | |
701 | |
702 | |
703 VERIFYP CONTEXT::find_verify(char *to) { | |
153 | 704 if (verifier && (verify_host != token_myhostname) && cover_env_to(to)) |
705 return verifier; | |
706 else if (parent) | |
707 return parent->find_verify(to); | |
708 else | |
709 return NULL; | |
710 } | |
94 | 711 |
153 | 712 |
713 WHITELISTERP CONTEXT::find_autowhite(char *to) { | |
714 if (whitelister && cover_env_to(to)) | |
715 return whitelister; | |
716 else if (parent) | |
717 return parent->find_autowhite(to); | |
718 else | |
719 return NULL; | |
94 | 720 } |
721 | |
722 | |
136 | 723 int CONTEXT::find_rate(char *user) { |
140 | 724 if (rcpt_per_hour.empty()) return default_rcpt_rate; |
136 | 725 rcpt_rates::iterator i = rcpt_per_hour.find(user); |
140 | 726 return (i == rcpt_per_hour.end()) ? default_rcpt_rate : (*i).second; |
136 | 727 } |
728 | |
729 | |
94 | 730 char *CONTEXT::find_from(char *from) { |
153 | 731 if (whitelister && whitelister->is_white(from)) return token_white; |
148
9330b8d6a56b
add documentation fixes, allow env_from target of inherit
carl
parents:
146
diff
changeset
|
732 char *rc = env_from_default; |
94 | 733 string_map::iterator i = env_from.find(from); |
117 | 734 if (i != env_from.end()) rc = (*i).second; // found user@domain key |
94 | 735 else { |
736 char *x = strchr(from, '@'); | |
737 if (x) { | |
738 x++; | |
739 i = env_from.find(x); | |
117 | 740 if (i != env_from.end()) rc = (*i).second; // found domain key |
94 | 741 else { |
742 char y = *x; | |
743 *x = '\0'; | |
744 i = env_from.find(from); | |
745 *x = y; | |
746 if (i != env_from.end()) rc = (*i).second; // found user@ key | |
747 } | |
748 } | |
749 } | |
750 if ((rc == token_inherit) && parent) return parent->find_from(from); | |
751 return (rc == token_inherit) ? token_unknown : rc; | |
752 } | |
753 | |
754 | |
755 CONTEXTP CONTEXT::find_context(char *from) { | |
756 context_map::iterator i = env_from_context.find(from); | |
117 | 757 if (i != env_from_context.end()) return (*i).second; // found user@domain key |
94 | 758 char *x = strchr(from, '@'); |
759 if (x) { | |
760 x++; | |
761 i = env_from_context.find(x); | |
117 | 762 if (i != env_from_context.end()) return (*i).second; // found domain key |
94 | 763 char y = *x; |
764 *x = '\0'; | |
765 i = env_from_context.find(from); | |
766 *x = y; | |
767 if (i != env_from_context.end()) return (*i).second; // found user@ key | |
768 } | |
769 return this; | |
770 } | |
771 | |
772 | |
773 CONTEXTP CONTEXT::find_from_context_name(char *name) { | |
774 context_map::iterator i = children.find(name); | |
775 if (i != children.end()) return (*i).second; | |
776 return NULL; | |
777 } | |
778 | |
779 | |
780 DNSBLP CONTEXT::find_dnsbl(char *name) { | |
781 dnsblp_map::iterator i = dnsbl_names.find(name); | |
782 if (i != dnsbl_names.end()) return (*i).second; | |
783 if (parent) return parent->find_dnsbl(name); | |
784 return NULL; | |
785 } | |
786 | |
787 | |
788 char* CONTEXT::get_content_suffix() { | |
789 if (!content_suffix && parent) return parent->get_content_suffix(); | |
790 return content_suffix; | |
791 } | |
792 | |
793 | |
119 | 794 char* CONTEXT::get_uribl_suffix() { |
795 if (!uribl_suffix && parent) return parent->get_uribl_suffix(); | |
796 return uribl_suffix; | |
797 } | |
798 | |
799 | |
94 | 800 char* CONTEXT::get_content_message() { |
801 if (!content_message && parent) return parent->get_content_message(); | |
802 return content_message; | |
803 } | |
804 | |
805 | |
119 | 806 char* CONTEXT::get_uribl_message() { |
807 if (!uribl_message && parent) return parent->get_uribl_message(); | |
808 return uribl_message; | |
809 } | |
810 | |
811 | |
94 | 812 string_set& CONTEXT::get_content_host_ignore() { |
813 if (content_host_ignore.empty() && parent) return parent->get_content_host_ignore(); | |
814 return content_host_ignore; | |
815 } | |
816 | |
817 | |
117 | 818 string_set& CONTEXT::get_content_cctlds() { |
819 if (content_cctlds.empty() && parent) return parent->get_content_cctlds(); | |
820 return content_cctlds; | |
821 } | |
822 | |
94 | 823 string_set& CONTEXT::get_content_tlds() { |
824 if (content_tlds.empty() && parent) return parent->get_content_tlds(); | |
825 return content_tlds; | |
826 } | |
827 | |
828 | |
829 string_set& CONTEXT::get_html_tags() { | |
830 if (html_tags.empty() && parent) return parent->get_html_tags(); | |
831 return html_tags; | |
832 } | |
833 | |
834 | |
835 dnsblp_list& CONTEXT::get_dnsbl_list() { | |
836 if (dnsbl_list.empty() && parent) return parent->get_dnsbl_list(); | |
837 return dnsbl_list; | |
838 } | |
839 | |
840 | |
841 bool CONTEXT::acceptable_content(recorder &memory, char *&msg) { | |
842 if (memory.excessive_bad_tags(tag_limit)) { | |
843 msg = tag_limit_message; | |
844 return false; | |
845 } | |
846 if (!host_random && memory.excessive_hosts(host_limit)) { | |
847 msg = host_limit_message; | |
848 return false; | |
849 } | |
850 return true; | |
851 } | |
852 | |
853 | |
144
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
854 void CONTEXT::dump(bool isdefault, int level) { |
94 | 855 char indent[maxlen]; |
856 int i = min(maxlen-1, level*4); | |
857 memset(indent, ' ', i); | |
858 indent[i] = '\0'; | |
859 char buf[maxlen]; | |
860 char *fullname = get_full_name(buf,maxlen); | |
861 printf("%s context %s { \t// %s\n", indent, name, fullname); | |
862 | |
863 for (dnsblp_map::iterator i=dnsbl_names.begin(); i!=dnsbl_names.end(); i++) { | |
864 char *n = (*i).first; | |
865 DNSBL &d = *(*i).second; | |
866 printf("%s dnsbl %s %s \"%s\"; \n", indent, n, d.suffix, d.message); | |
867 } | |
868 | |
145 | 869 dnsblp_list dl = get_dnsbl_list(); |
870 if (!dl.empty()) { | |
94 | 871 printf("%s dnsbl_list", indent); |
145 | 872 for (dnsblp_list::iterator i=dl.begin(); i!=dl.end(); i++) { |
94 | 873 DNSBL &d = *(*i); |
874 printf(" %s", d.name); | |
875 } | |
876 printf("; \n"); | |
877 } | |
878 | |
879 if (content_filtering) { | |
880 printf("%s content on { \n", indent, env_from_default); | |
881 if (content_suffix) { | |
882 printf("%s filter %s \"%s\"; \n", indent, content_suffix, content_message); | |
883 } | |
119 | 884 if (uribl_suffix) { |
885 printf("%s uribl %s \"%s\"; \n", indent, uribl_suffix, uribl_message); | |
886 } | |
94 | 887 if (!content_host_ignore.empty()) { |
888 printf("%s ignore { \n", indent); | |
889 for (string_set::iterator i=content_host_ignore.begin(); i!=content_host_ignore.end(); i++) { | |
890 printf("%s %s; \n", indent, *i); | |
891 } | |
892 printf("%s }; \n", indent); | |
893 } | |
117 | 894 if (!content_cctlds.empty()) { |
895 printf("%s cctld { \n", indent); | |
896 printf("%s ", indent); | |
897 for (string_set::iterator i=content_cctlds.begin(); i!=content_cctlds.end(); i++) { | |
898 printf("%s; ", *i); | |
899 } | |
900 printf("\n%s }; \n", indent); | |
901 } | |
94 | 902 if (!content_tlds.empty()) { |
903 printf("%s tld { \n", indent); | |
904 printf("%s ", indent); | |
905 for (string_set::iterator i=content_tlds.begin(); i!=content_tlds.end(); i++) { | |
906 printf("%s; ", *i); | |
907 } | |
908 printf("\n%s }; \n", indent); | |
909 } | |
910 if (!html_tags.empty()) { | |
911 printf("%s html_tags { \n", indent); | |
912 printf("%s ", indent); | |
913 for (string_set::iterator i=html_tags.begin(); i!=html_tags.end(); i++) { | |
914 printf("%s; ", *i); | |
915 } | |
916 printf("\n%s }; \n", indent); | |
917 } | |
918 if (host_limit_message) { | |
919 printf("%s host_limit on %d \"%s\"; \n", indent, host_limit, host_limit_message); | |
920 } | |
921 else if (host_random) { | |
922 printf("%s host_limit soft %d; \n", indent, host_limit); | |
923 } | |
924 else { | |
925 printf("%s host_limit off; \n", indent); | |
926 } | |
927 if (tag_limit_message) { | |
928 printf("%s html_limit on %d \"%s\"; \n", indent, tag_limit, tag_limit_message); | |
929 } | |
930 else { | |
931 printf("%s html_limit off; \n", indent); | |
932 } | |
933 printf("%s }; \n", indent); | |
934 } | |
935 else { | |
936 printf("%s content off {}; \n", indent, env_from_default); | |
937 } | |
938 | |
939 printf("%s env_to { \t// %s\n", indent, fullname); | |
940 for (string_set::iterator i=env_to.begin(); i!=env_to.end(); i++) { | |
941 printf("%s %s; \n", indent, *i); | |
942 } | |
943 printf("%s }; \n", indent); | |
944 | |
945 if (verify_host) { | |
946 printf("%s verify %s; \n", indent, verify_host); | |
947 } | |
948 | |
153 | 949 if (autowhite_file && whitelister) { |
950 printf("%s autowhite %d %s; \n", indent, whitelister->get_days(), autowhite_file); | |
951 } | |
952 | |
94 | 953 for (context_map::iterator i=children.begin(); i!=children.end(); i++) { |
954 CONTEXTP c = (*i).second; | |
144
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
955 c->dump(false, level+1); |
94 | 956 } |
957 | |
958 printf("%s env_from %s { \t// %s\n", indent, env_from_default, fullname); | |
959 if (!env_from.empty()) { | |
960 printf("%s // white/black/unknown \n", indent); | |
961 for (string_map::iterator i=env_from.begin(); i!=env_from.end(); i++) { | |
962 char *f = (*i).first; | |
963 char *t = (*i).second; | |
964 printf("%s %s \t%s; \n", indent, f, t); | |
965 } | |
966 } | |
967 if (!env_from_context.empty()) { | |
968 printf("%s // child contexts \n", indent); | |
969 for (context_map::iterator j=env_from_context.begin(); j!=env_from_context.end(); j++) { | |
970 char *f = (*j).first; | |
971 CONTEXTP t = (*j).second; | |
972 printf("%s %s \t%s; \n", indent, f, t->name); | |
973 } | |
974 } | |
975 printf("%s }; \n", indent); | |
976 | |
144
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
977 if (isdefault) { |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
978 printf("%s rate_limit %d { \n", indent, default_rcpt_rate); |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
979 for (rcpt_rates::iterator j=rcpt_per_hour.begin(); j!=rcpt_per_hour.end(); j++) { |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
980 char *u = (*j).first; |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
981 int l = (*j).second; |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
982 printf("%s \"%s\" \t%d; \n", indent, u, l); |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
983 } |
31ff00ea6bfb
allow parent/child to share a fully qualified env_to address
carl
parents:
143
diff
changeset
|
984 printf("%s }; \n", indent); |
136 | 985 } |
986 | |
94 | 987 printf("%s }; \n", indent); |
988 } | |
989 | |
990 | |
991 //////////////////////////////////////////////// | |
992 // helper to discard the strings held by a string_set | |
993 // | |
994 void discard(string_set &s) { | |
995 for (string_set::iterator i=s.begin(); i!=s.end(); i++) { | |
996 free(*i); | |
997 } | |
998 s.clear(); | |
999 } | |
1000 | |
1001 | |
1002 //////////////////////////////////////////////// | |
1003 // helper to register a string in a string set | |
1004 // | |
1005 char* register_string(string_set &s, char *name) { | |
1006 string_set::iterator i = s.find(name); | |
1007 if (i != s.end()) return *i; | |
1008 char *x = strdup(name); | |
1009 s.insert(x); | |
1010 return x; | |
1011 } | |
1012 | |
1013 | |
1014 //////////////////////////////////////////////// | |
1015 // register a global string | |
1016 // | |
1017 char* register_string(char *name) { | |
1018 return register_string(all_strings, name); | |
1019 } | |
1020 | |
1021 | |
1022 //////////////////////////////////////////////// | |
1023 // | |
1024 bool tsa(TOKEN &tok, char *token); | |
1025 bool tsa(TOKEN &tok, char *token) { | |
1026 char *have = tok.next(); | |
1027 if (have == token) return true; | |
1028 tok.token_error(token, have); | |
1029 return false; | |
1030 } | |
1031 | |
1032 | |
1033 //////////////////////////////////////////////// | |
1034 // | |
1035 bool parse_dnsbl(TOKEN &tok, CONFIG &dc, CONTEXT &me); | |
1036 bool parse_dnsbl(TOKEN &tok, CONFIG &dc, CONTEXT &me) { | |
1037 char *name = tok.next(); | |
1038 char *suf = tok.next(); | |
1039 char *msg = tok.next(); | |
1040 if (!tsa(tok, token_semi)) return false; | |
1041 DNSBLP dnsnew = new DNSBL(name, suf, msg); | |
1042 DNSBLP dnsold = me.find_dnsbl(name); | |
1043 if (dnsold && (*dnsold == *dnsnew)) { | |
1044 // duplicate redefinition, ignore it | |
1045 delete dnsnew; | |
1046 return true; | |
1047 } | |
1048 me.add_dnsbl(name, dnsnew); | |
1049 return true; | |
1050 } | |
1051 | |
1052 | |
1053 //////////////////////////////////////////////// | |
1054 // | |
1055 bool parse_dnsbll(TOKEN &tok, CONFIG &dc, CONTEXT &me); | |
1056 bool parse_dnsbll(TOKEN &tok, CONFIG &dc, CONTEXT &me) { | |
1057 while (true) { | |
1058 char *have = tok.next(); | |
1059 if (!have) break; | |
1060 if (have == token_semi) break; | |
1061 DNSBLP dns = me.find_dnsbl(have); | |
1062 if (dns) { | |
1063 me.add_dnsbl(dns); | |
1064 } | |
1065 else { | |
1066 tok.token_error("dnsbl name", have); | |
1067 return false; | |
1068 } | |
1069 } | |
1070 return true; | |
1071 } | |
1072 | |
1073 | |
1074 //////////////////////////////////////////////// | |
1075 // | |
1076 bool parse_content(TOKEN &tok, CONFIG &dc, CONTEXT &me); | |
1077 bool parse_content(TOKEN &tok, CONFIG &dc, CONTEXT &me) { | |
1078 char *setting = tok.next(); | |
1079 if (setting == token_on) { | |
1080 me.set_content_filtering(true); | |
1081 } | |
1082 else if (setting == token_off) { | |
1083 me.set_content_filtering(false); | |
1084 } | |
1085 else { | |
1086 tok.token_error("on/off", setting); | |
1087 return false; | |
1088 } | |
1089 if (!tsa(tok, token_lbrace)) return false; | |
1090 while (true) { | |
1091 char *have = tok.next(); | |
1092 if (!have) break; | |
1093 if (have == token_filter) { | |
1094 char *suffix = tok.next(); | |
1095 char *messag = tok.next(); | |
1096 me.set_content_suffix(suffix); | |
1097 me.set_content_message(messag); | |
1098 if (!tsa(tok, token_semi)) return false; | |
1099 } | |
119 | 1100 else if (have == token_uribl) { |
1101 char *suffix = tok.next(); | |
1102 char *messag = tok.next(); | |
1103 me.set_uribl_suffix(suffix); | |
1104 me.set_uribl_message(messag); | |
1105 if (!tsa(tok, token_semi)) return false; | |
1106 } | |
94 | 1107 else if (have == token_ignore) { |
1108 if (!tsa(tok, token_lbrace)) return false; | |
1109 while (true) { | |
1110 if (!have) break; | |
1111 char *have = tok.next(); | |
1112 if (have == token_rbrace) break; // done | |
1113 me.add_ignore(have); | |
1114 } | |
1115 if (!tsa(tok, token_semi)) return false; | |
1116 } | |
117 | 1117 else if (have == token_cctld) { |
1118 if (!tsa(tok, token_lbrace)) return false; | |
1119 while (true) { | |
1120 char *have = tok.next(); | |
1121 if (!have) break; | |
1122 if (have == token_rbrace) break; // done | |
1123 me.add_cctld(have); | |
1124 } | |
1125 if (!tsa(tok, token_semi)) return false; | |
1126 } | |
94 | 1127 else if (have == token_tld) { |
1128 if (!tsa(tok, token_lbrace)) return false; | |
1129 while (true) { | |
1130 char *have = tok.next(); | |
1131 if (!have) break; | |
1132 if (have == token_rbrace) break; // done | |
1133 me.add_tld(have); | |
1134 } | |
1135 if (!tsa(tok, token_semi)) return false; | |
1136 } | |
1137 else if (have == token_html_limit) { | |
1138 have = tok.next(); | |
1139 if (have == token_on) { | |
1140 me.set_tag_limit(tok.nextint()); | |
1141 me.set_tag_message(tok.next()); | |
1142 } | |
1143 else if (have == token_off) { | |
1144 me.set_tag_limit(0); | |
1145 me.set_tag_message(NULL); | |
1146 } | |
1147 else { | |
1148 tok.token_error("on/off", have); | |
1149 return false; | |
1150 } | |
1151 if (!tsa(tok, token_semi)) return false; | |
1152 } | |
1153 else if (have == token_html_tags) { | |
1154 if (!tsa(tok, token_lbrace)) return false; | |
1155 while (true) { | |
1156 char *have = tok.next(); | |
1157 if (!have) break; | |
1158 if (have == token_rbrace) { | |
1159 break; // done | |
1160 } | |
1161 else { | |
1162 me.add_tag(have); // base version | |
1163 char buf[200]; | |
1164 snprintf(buf, sizeof(buf), "/%s", have); | |
1165 me.add_tag(register_string(buf)); // leading / | |
1166 snprintf(buf, sizeof(buf), "%s/", have); | |
1167 me.add_tag(register_string(buf)); // trailing / | |
1168 } | |
1169 } | |
1170 if (!tsa(tok, token_semi)) return false; | |
1171 } | |
1172 else if (have == token_host_limit) { | |
1173 have = tok.next(); | |
1174 if (have == token_on) { | |
1175 me.set_host_limit(tok.nextint()); | |
1176 me.set_host_message(tok.next()); | |
1177 me.set_host_random(false); | |
1178 } | |
1179 else if (have == token_off) { | |
1180 me.set_host_limit(0); | |
1181 me.set_host_message(NULL); | |
1182 me.set_host_random(false); | |
1183 } | |
1184 else if (have == token_soft) { | |
1185 me.set_host_limit(tok.nextint()); | |
1186 me.set_host_message(NULL); | |
1187 me.set_host_random(true); | |
1188 } | |
1189 else { | |
1190 tok.token_error("on/off/soft", have); | |
1191 return false; | |
1192 } | |
1193 if (!tsa(tok, token_semi)) return false; | |
1194 } | |
1195 else if (have == token_rbrace) { | |
1196 break; // done | |
1197 } | |
1198 else { | |
1199 tok.token_error("content keyword", have); | |
1200 return false; | |
1201 } | |
1202 } | |
1203 return tsa(tok, token_semi); | |
1204 } | |
1205 | |
1206 | |
1207 //////////////////////////////////////////////// | |
1208 // | |
1209 bool parse_envto(TOKEN &tok, CONFIG &dc, CONTEXT &me); | |
1210 bool parse_envto(TOKEN &tok, CONFIG &dc, CONTEXT &me) { | |
1211 if (!tsa(tok, token_lbrace)) return false; | |
1212 while (true) { | |
1213 char *have = tok.next(); | |
1214 if (!have) break; | |
1215 if (have == token_rbrace) break; | |
1216 if (have == token_semi) { | |
1217 // optional separators | |
1218 } | |
1219 else if (have == token_dccto) { | |
1220 char *flavor = tok.next(); | |
1221 if (!tsa(tok, token_lbrace)) return false; | |
1222 bool keeping = false; | |
1223 while (true) { | |
1224 char *have = tok.next(); | |
1225 if (!have) break; | |
1226 if (have == token_rbrace) break; | |
1227 if (have == flavor) { | |
1228 keeping = true; | |
1229 continue; | |
1230 } | |
1231 else if ((have == token_ok) || (have == token_ok2) || (have == token_many)) { | |
1232 keeping = false; | |
1233 continue; | |
1234 } | |
1235 if (have == token_envto) { | |
1236 have = tok.next(); | |
1237 if (keeping) { | |
1238 if (me.allow_env_to(have)) { | |
1239 me.add_to(have); | |
1240 dc.add_to(have, &me); | |
1241 } | |
1242 } | |
1243 } | |
1244 //else if (have == token_substitute) { | |
1245 // if (tok.next() == token_mailhost) { | |
1246 // have = tok.next(); | |
1247 // if (keeping) { | |
1248 // if (me.allow_env_to(have)) { | |
1249 // me.add_to(have); | |
1250 // dc.add_to(have, &me); | |
1251 // } | |
1252 // } | |
1253 // } | |
1254 //} | |
1255 tok.skipeol(); | |
1256 } | |
1257 } | |
1258 else if (me.allow_env_to(have)) { | |
1259 me.add_to(have); | |
1260 dc.add_to(have, &me); | |
1261 } | |
1262 else { | |
1263 tok.token_error("user@ or user@domain.tld or domain.tld where domain.tld allowed by parent context", have); | |
1264 return false; | |
1265 } | |
1266 } | |
1267 return tsa(tok, token_semi); | |
1268 } | |
1269 | |
1270 | |
1271 //////////////////////////////////////////////// | |
1272 // | |
1273 bool parse_verify(TOKEN &tok, CONFIG &dc, CONTEXT &me); | |
1274 bool parse_verify(TOKEN &tok, CONFIG &dc, CONTEXT &me) { | |
1275 char *host = tok.next(); | |
1276 if (!tsa(tok, token_semi)) return false; | |
1277 me.set_verify(host); | |
153 | 1278 me.set_verifier(add_verify_host(host)); |
1279 return true; | |
1280 } | |
1281 | |
1282 | |
1283 //////////////////////////////////////////////// | |
1284 // | |
1285 bool parse_autowhite(TOKEN &tok, CONFIG &dc, CONTEXT &me); | |
1286 bool parse_autowhite(TOKEN &tok, CONFIG &dc, CONTEXT &me) { | |
1287 int days = tok.nextint(); | |
1288 char *fn = tok.next(); | |
1289 if (!tsa(tok, token_semi)) return false; | |
1290 me.set_autowhite(fn); | |
1291 me.set_whitelister(add_whitelister_file(fn, days)); | |
99 | 1292 return true; |
94 | 1293 } |
1294 | |
1295 | |
1296 //////////////////////////////////////////////// | |
1297 // | |
1298 bool parse_envfrom(TOKEN &tok, CONFIG &dc, CONTEXT &me); | |
1299 bool parse_envfrom(TOKEN &tok, CONFIG &dc, CONTEXT &me) { | |
1300 char *st = tok.next(); | |
1301 if ((st == token_black) || (st == token_white) || (st == token_unknown) || (st == token_inherit)) { | |
1302 me.set_from_default(st); | |
1303 } | |
1304 else { | |
1305 tok.push(st); | |
1306 } | |
1307 if (!tsa(tok, token_lbrace)) return false; | |
1308 while (true) { | |
1309 char *have = tok.next(); | |
1310 if (!have) break; | |
1311 if (have == token_rbrace) break; | |
1312 if (have == token_semi) { | |
1313 // optional separators | |
1314 } | |
1315 else if (have == token_dccfrom) { | |
1316 if (!tsa(tok, token_lbrace)) return false; | |
1317 bool keeping = false; | |
1318 bool many = false; | |
1319 while (true) { | |
1320 char *have = tok.next(); | |
1321 if (!have) break; | |
1322 if (have == token_rbrace) break; | |
1323 if (have == token_ok) { | |
1324 keeping = true; | |
1325 many = false; | |
1326 continue; | |
1327 } | |
1328 else if (have == token_many) { | |
1329 keeping = true; | |
1330 many = true; | |
1331 continue; | |
1332 } | |
1333 else if (have == token_ok2) { | |
1334 keeping = false; | |
1335 continue; | |
1336 } | |
1337 if (have == token_envfrom) { | |
1338 have = tok.next(); | |
1339 if (keeping) { | |
1340 me.add_from(have, (many) ? token_black : token_white); | |
1341 } | |
1342 } | |
1343 else if (have == token_substitute) { | |
1344 if (tok.next() == token_mailhost) { | |
1345 have = tok.next(); | |
1346 me.add_from(have, (many) ? token_black : token_white); | |
1347 } | |
1348 } | |
1349 tok.skipeol(); | |
1350 } | |
1351 } | |
1352 else { | |
1353 // may be a valid email address or domain name | |
1354 char *st = tok.next(); | |
148
9330b8d6a56b
add documentation fixes, allow env_from target of inherit
carl
parents:
146
diff
changeset
|
1355 if ((st == token_white) || (st == token_black) || (st == token_unknown) || (st == token_inherit)) { |
94 | 1356 me.add_from(have, st); |
1357 } | |
1358 else { | |
1359 CONTEXTP con = me.find_from_context_name(st); | |
1360 if (con) { | |
1361 me.add_from_context(have, con); | |
1362 } | |
1363 else { | |
148
9330b8d6a56b
add documentation fixes, allow env_from target of inherit
carl
parents:
146
diff
changeset
|
1364 tok.token_error("white/black/unknown/inherit or child context name", st); |
94 | 1365 return false; |
1366 } | |
1367 } | |
1368 } | |
1369 } | |
1370 return tsa(tok, token_semi); | |
1371 } | |
1372 | |
1373 | |
1374 //////////////////////////////////////////////// | |
1375 // | |
136 | 1376 bool parse_rate(TOKEN &tok, CONFIG &dc, CONTEXT &me); |
1377 bool parse_rate(TOKEN &tok, CONFIG &dc, CONTEXT &me) { | |
140 | 1378 char *def = tok.next(); |
141 | 1379 tok.push(def); |
1380 if (def != token_lbrace) me.set_default_rate(tok.nextint()); | |
136 | 1381 if (!tsa(tok, token_lbrace)) return false; |
1382 while (true) { | |
1383 char *have = tok.next(); | |
1384 if (!have) break; | |
1385 if (have == token_rbrace) break; | |
1386 if (have == token_semi) { | |
1387 // optional separators | |
1388 } | |
1389 else { | |
140 | 1390 me.add_rate(have, tok.nextint()); |
136 | 1391 } |
1392 } | |
1393 return tsa(tok, token_semi); | |
1394 } | |
1395 | |
1396 | |
1397 //////////////////////////////////////////////// | |
1398 // | |
94 | 1399 bool parse_context(TOKEN &tok, CONFIG &dc, CONTEXTP parent); |
1400 bool parse_context(TOKEN &tok, CONFIG &dc, CONTEXTP parent) { | |
1401 char *name = tok.next(); | |
1402 if (!tsa(tok, token_lbrace)) return false; | |
1403 CONTEXTP con = new CONTEXT(parent, name); | |
1404 | |
1405 while (true) { | |
1406 char *have = tok.next(); | |
1407 if (!have) break; | |
1408 if (have == token_rbrace) break; // done | |
1409 if (have == token_dnsbl) { | |
1410 if (!parse_dnsbl(tok, dc, *con)) return false; | |
1411 } | |
1412 else if (have == token_dnsbll) { | |
1413 if (!parse_dnsbll(tok, dc, *con)) return false; | |
1414 } | |
1415 else if (have == token_content) { | |
1416 if (!parse_content(tok, dc, *con)) return false; | |
1417 } | |
1418 else if (have == token_envto) { | |
1419 if (!parse_envto(tok, dc, *con)) return false; | |
1420 } | |
1421 else if (have == token_verify) { | |
1422 if (!parse_verify(tok, dc, *con)) return false; | |
1423 } | |
153 | 1424 else if (have == token_autowhite) { |
1425 if (!parse_autowhite(tok, dc, *con)) return false; | |
1426 } | |
94 | 1427 else if (have == token_envfrom) { |
1428 if (!parse_envfrom(tok, dc, *con)) return false; | |
1429 } | |
140 | 1430 else if (have == token_rate) { |
1431 if (parent || dc.default_context) tok.token_error("rate limit ignored in non default context"); | |
136 | 1432 if (!parse_rate(tok, dc, *con)) return false; |
1433 } | |
94 | 1434 else if (have == token_context) { |
1435 if (!parse_context(tok, dc, con)) return false; | |
1436 } | |
1437 else { | |
1438 tok.token_error("context keyword", have); | |
1439 return false; | |
1440 } | |
1441 } | |
1442 | |
1443 if (!tsa(tok, token_semi)) { | |
1444 delete con; | |
1445 return false; | |
1446 } | |
1447 dc.add_context(con); | |
1448 if (parent) parent->add_context(con); | |
1449 return true; | |
1450 } | |
1451 | |
1452 | |
1453 //////////////////////////////////////////////// | |
1454 // parse a config file | |
1455 // | |
1456 bool load_conf(CONFIG &dc, char *fn) { | |
99 | 1457 int count = 0; |
94 | 1458 TOKEN tok(fn, &dc.config_files); |
1459 while (true) { | |
1460 char *have = tok.next(); | |
1461 if (!have) break; | |
1462 if (have == token_context) { | |
1463 if (!parse_context(tok, dc, NULL)) { | |
99 | 1464 tok.token_error("load_conf() failed to parse context"); |
94 | 1465 return false; |
1466 } | |
99 | 1467 else count++; |
94 | 1468 } |
1469 else { | |
1470 tok.token_error(token_context, have); | |
1471 return false; | |
1472 } | |
1473 } | |
99 | 1474 tok.token_error("load_conf() found %d contexts in %s", count, fn); |
94 | 1475 return (dc.default_context) ? true : false; |
1476 } | |
1477 | |
1478 | |
1479 //////////////////////////////////////////////// | |
1480 // init the tokens | |
1481 // | |
1482 void token_init() { | |
153 | 1483 token_autowhite = register_string("autowhite"); |
94 | 1484 token_black = register_string("black"); |
117 | 1485 token_cctld = register_string("cctld"); |
94 | 1486 token_content = register_string("content"); |
1487 token_context = register_string("context"); | |
1488 token_dccfrom = register_string("dcc_from"); | |
1489 token_dccto = register_string("dcc_to"); | |
1490 token_default = register_string("default"); | |
1491 token_dnsbl = register_string("dnsbl"); | |
1492 token_dnsbll = register_string("dnsbl_list"); | |
1493 token_envfrom = register_string("env_from"); | |
1494 token_envto = register_string("env_to"); | |
1495 token_filter = register_string("filter"); | |
1496 token_host_limit = register_string("host_limit"); | |
1497 token_html_limit = register_string("html_limit"); | |
1498 token_html_tags = register_string("html_tags"); | |
1499 token_ignore = register_string("ignore"); | |
1500 token_include = register_string("include"); | |
1501 token_inherit = register_string("inherit"); | |
1502 token_lbrace = register_string("{"); | |
1503 token_mailhost = register_string("mail_host"); | |
1504 token_many = register_string("many"); | |
1505 token_off = register_string("off"); | |
1506 token_ok = register_string("ok"); | |
1507 token_ok2 = register_string("ok2"); | |
1508 token_on = register_string("on"); | |
136 | 1509 token_rate = register_string("rate_limit"); |
94 | 1510 token_rbrace = register_string("}"); |
1511 token_semi = register_string(";"); | |
1512 token_soft = register_string("soft"); | |
1513 token_substitute = register_string("substitute"); | |
1514 token_tld = register_string("tld"); | |
1515 token_unknown = register_string("unknown"); | |
119 | 1516 token_uribl = register_string("uribl"); |
94 | 1517 token_verify = register_string("verify"); |
1518 token_white = register_string("white"); | |
1519 | |
1520 if (gethostname(myhostname, HOST_NAME_MAX+1) != 0) { | |
1521 strncpy(myhostname, "localhost", HOST_NAME_MAX+1); | |
1522 } | |
1523 myhostname[HOST_NAME_MAX] = '\0'; // ensure null termination | |
1524 token_myhostname = register_string(myhostname); | |
1525 } |