2 * Copyright (c) 1998-2013 Proofpoint, Inc. and its suppliers.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
16 SM_RCSID("@(#)$Id: conf.c,v 8.1191 2014-01-08 17:03:14 ca Exp $")
18 #include <sm/sendmail.h>
19 #include <sendmail/pathnames.h>
29 /* for the IPv6 device lookup */
30 # define _SOCKADDR_LEN
32 # endif /* NETINET6 */
35 # include <sys/ioctl.h>
36 # include <sys/param.h>
39 #if NETINET || NETINET6
40 # include <arpa/inet.h>
41 #endif /* NETINET || NETINET6 */
42 #if HASULIMIT && defined(HPUX11)
44 #endif /* HASULIMIT && defined(HPUX11) */
46 static void setupmaps __P((void));
47 static void setupmailers __P((void));
48 static void setupqueues __P((void));
49 static int get_num_procs_online __P((void));
50 static int add_hostnames __P((SOCKADDR *));
52 #if NETINET6 && NEEDSGETIPNODE
53 static struct hostent *sm_getipnodebyname __P((const char *, int, int, int *));
54 static struct hostent *sm_getipnodebyaddr __P((const void *, size_t, int, int *));
55 #else /* NETINET6 && NEEDSGETIPNODE */
56 #define sm_getipnodebyname getipnodebyname
57 #define sm_getipnodebyaddr getipnodebyaddr
58 #endif /* NETINET6 && NEEDSGETIPNODE */
62 ** CONF.C -- Sendmail Configuration Tables.
64 ** Defines the configuration of this installation.
66 ** Configuration Variables:
67 ** HdrInfo -- a table describing well-known header fields.
68 ** Each entry has the field name and some flags,
69 ** which are described in sendmail.h.
72 ** I have tried to put almost all the reasonable
73 ** configuration information into the configuration
74 ** file read at runtime. My intent is that anything
75 ** here is a function of the version of UNIX you
76 ** are running, or is really static -- for example
77 ** the headers are a superset of widely used
78 ** protocols. If you find yourself playing with
79 ** this file too much, you may be making a mistake!
85 ** Final (null) entry contains the flags used for any other field.
87 ** Not all of these are actually handled specially by sendmail
88 ** at this time. They are included as placeholders, to let
89 ** you know that "someday" I intend to have sendmail do
90 ** something with them.
93 struct hdrinfo HdrInfo[] =
95 /* originator fields, most to least significant */
96 { "resent-sender", H_FROM|H_RESENT, NULL },
97 { "resent-from", H_FROM|H_RESENT, NULL },
98 { "resent-reply-to", H_FROM|H_RESENT, NULL },
99 { "sender", H_FROM, NULL },
100 { "from", H_FROM, NULL },
101 { "reply-to", H_FROM, NULL },
102 { "errors-to", H_FROM|H_ERRORSTO, NULL },
103 { "full-name", H_ACHECK, NULL },
104 { "return-receipt-to", H_RECEIPTTO, NULL },
105 { "delivery-receipt-to", H_RECEIPTTO, NULL },
106 { "disposition-notification-to", H_FROM, NULL },
108 /* destination fields */
109 { "to", H_RCPT, NULL },
110 { "resent-to", H_RCPT|H_RESENT, NULL },
111 { "cc", H_RCPT, NULL },
112 { "resent-cc", H_RCPT|H_RESENT, NULL },
113 { "bcc", H_RCPT|H_BCC, NULL },
114 { "resent-bcc", H_RCPT|H_BCC|H_RESENT, NULL },
115 { "apparently-to", H_RCPT, NULL },
117 /* message identification and control */
118 { "message-id", 0, NULL },
119 { "resent-message-id", H_RESENT, NULL },
120 { "message", H_EOH, NULL },
121 { "text", H_EOH, NULL },
125 { "resent-date", H_RESENT, NULL },
128 { "received", H_TRACE|H_FORCE, NULL },
129 { "x400-received", H_TRACE|H_FORCE, NULL },
130 { "via", H_TRACE|H_FORCE, NULL },
131 { "mail-from", H_TRACE|H_FORCE, NULL },
133 /* miscellaneous fields */
134 { "comments", H_FORCE|H_ENCODABLE, NULL },
135 { "return-path", H_FORCE|H_ACHECK|H_BINDLATE, NULL },
136 { "content-transfer-encoding", H_CTE, NULL },
137 { "content-type", H_CTYPE, NULL },
138 { "content-length", H_ACHECK, NULL },
139 { "subject", H_ENCODABLE, NULL },
140 { "x-authentication-warning", H_FORCE, NULL },
151 struct prival PrivacyValues[] =
153 { "public", PRIV_PUBLIC },
154 { "needmailhelo", PRIV_NEEDMAILHELO },
155 { "needexpnhelo", PRIV_NEEDEXPNHELO },
156 { "needvrfyhelo", PRIV_NEEDVRFYHELO },
157 { "noexpn", PRIV_NOEXPN },
158 { "novrfy", PRIV_NOVRFY },
159 { "restrictexpand", PRIV_RESTRICTEXPAND },
160 { "restrictmailq", PRIV_RESTRICTMAILQ },
161 { "restrictqrun", PRIV_RESTRICTQRUN },
162 { "noetrn", PRIV_NOETRN },
163 { "noverb", PRIV_NOVERB },
164 { "authwarnings", PRIV_AUTHWARNINGS },
165 { "noreceipts", PRIV_NORECEIPTS },
166 { "nobodyreturn", PRIV_NOBODYRETN },
167 { "goaway", PRIV_GOAWAY },
168 { "noactualrecipient", PRIV_NOACTUALRECIPIENT },
173 ** DontBlameSendmail values
176 struct dbsval DontBlameSendmailValues[] =
178 { "safe", DBS_SAFE },
179 { "assumesafechown", DBS_ASSUMESAFECHOWN },
180 { "groupwritabledirpathsafe", DBS_GROUPWRITABLEDIRPATHSAFE },
181 { "groupwritableforwardfilesafe",
182 DBS_GROUPWRITABLEFORWARDFILESAFE },
183 { "groupwritableincludefilesafe",
184 DBS_GROUPWRITABLEINCLUDEFILESAFE },
185 { "groupwritablealiasfile", DBS_GROUPWRITABLEALIASFILE },
186 { "worldwritablealiasfile", DBS_WORLDWRITABLEALIASFILE },
187 { "forwardfileinunsafedirpath", DBS_FORWARDFILEINUNSAFEDIRPATH },
188 { "includefileinunsafedirpath", DBS_INCLUDEFILEINUNSAFEDIRPATH },
189 { "mapinunsafedirpath", DBS_MAPINUNSAFEDIRPATH },
190 { "linkedaliasfileinwritabledir",
191 DBS_LINKEDALIASFILEINWRITABLEDIR },
192 { "linkedclassfileinwritabledir",
193 DBS_LINKEDCLASSFILEINWRITABLEDIR },
194 { "linkedforwardfileinwritabledir",
195 DBS_LINKEDFORWARDFILEINWRITABLEDIR },
196 { "linkedincludefileinwritabledir",
197 DBS_LINKEDINCLUDEFILEINWRITABLEDIR },
198 { "linkedmapinwritabledir", DBS_LINKEDMAPINWRITABLEDIR },
199 { "linkedserviceswitchfileinwritabledir",
200 DBS_LINKEDSERVICESWITCHFILEINWRITABLEDIR },
201 { "filedeliverytohardlink", DBS_FILEDELIVERYTOHARDLINK },
202 { "filedeliverytosymlink", DBS_FILEDELIVERYTOSYMLINK },
203 { "writemaptohardlink", DBS_WRITEMAPTOHARDLINK },
204 { "writemaptosymlink", DBS_WRITEMAPTOSYMLINK },
205 { "writestatstohardlink", DBS_WRITESTATSTOHARDLINK },
206 { "writestatstosymlink", DBS_WRITESTATSTOSYMLINK },
207 { "forwardfileingroupwritabledirpath",
208 DBS_FORWARDFILEINGROUPWRITABLEDIRPATH },
209 { "includefileingroupwritabledirpath",
210 DBS_INCLUDEFILEINGROUPWRITABLEDIRPATH },
211 { "classfileinunsafedirpath", DBS_CLASSFILEINUNSAFEDIRPATH },
212 { "errorheaderinunsafedirpath", DBS_ERRORHEADERINUNSAFEDIRPATH },
213 { "helpfileinunsafedirpath", DBS_HELPFILEINUNSAFEDIRPATH },
214 { "forwardfileinunsafedirpathsafe",
215 DBS_FORWARDFILEINUNSAFEDIRPATHSAFE },
216 { "includefileinunsafedirpathsafe",
217 DBS_INCLUDEFILEINUNSAFEDIRPATHSAFE },
218 { "runprograminunsafedirpath", DBS_RUNPROGRAMINUNSAFEDIRPATH },
219 { "runwritableprogram", DBS_RUNWRITABLEPROGRAM },
220 { "nonrootsafeaddr", DBS_NONROOTSAFEADDR },
221 { "truststickybit", DBS_TRUSTSTICKYBIT },
222 { "dontwarnforwardfileinunsafedirpath",
223 DBS_DONTWARNFORWARDFILEINUNSAFEDIRPATH },
224 { "insufficiententropy", DBS_INSUFFICIENTENTROPY },
225 { "groupreadablesasldbfile", DBS_GROUPREADABLESASLDBFILE },
226 { "groupwritablesasldbfile", DBS_GROUPWRITABLESASLDBFILE },
227 { "groupwritableforwardfile", DBS_GROUPWRITABLEFORWARDFILE },
228 { "groupwritableincludefile", DBS_GROUPWRITABLEINCLUDEFILE },
229 { "worldwritableforwardfile", DBS_WORLDWRITABLEFORWARDFILE },
230 { "worldwritableincludefile", DBS_WORLDWRITABLEINCLUDEFILE },
231 { "groupreadablekeyfile", DBS_GROUPREADABLEKEYFILE },
232 #if _FFR_GROUPREADABLEAUTHINFOFILE
233 { "groupreadableadefaultauthinfofile",
234 DBS_GROUPREADABLEAUTHINFOFILE },
235 #endif /* _FFR_GROUPREADABLEAUTHINFOFILE */
240 ** Miscellaneous stuff.
243 int DtableSize = 50; /* max open files; reset in 4.2bsd */
245 ** SETDEFAULTS -- set default values
247 ** Some of these must be initialized using direct code since they
248 ** depend on run-time values. So let's do all of them this way.
251 ** e -- the default envelope.
257 ** Initializes a bunch of global variables to their
262 #define HOURS * 60 MINUTES
263 #define DAYS * 24 HOURS
265 #ifndef MAXRULERECURSION
266 # define MAXRULERECURSION 50 /* max ruleset recursion depth */
267 #endif /* ! MAXRULERECURSION */
271 register ENVELOPE *e;
277 numprocs = get_num_procs_online();
278 SpaceSub = ' '; /* option B */
279 QueueLA = 8 * numprocs; /* option x */
280 RefuseLA = 12 * numprocs; /* option X */
281 WkRecipFact = 30000L; /* option y */
282 WkClassFact = 1800L; /* option z */
283 WkTimeFact = 90000L; /* option Z */
284 QueueFactor = WkRecipFact * 20; /* option q */
285 QueueMode = QM_NORMAL; /* what queue items to act upon */
286 FileMode = (RealUid != geteuid()) ? 0644 : 0600;
288 QueueFileMode = (RealUid != geteuid()) ? 0644 : 0600;
289 /* option QueueFileMode */
291 if (((pw = sm_getpwnam("mailnull")) != NULL && pw->pw_uid != 0) ||
292 ((pw = sm_getpwnam("sendmail")) != NULL && pw->pw_uid != 0) ||
293 ((pw = sm_getpwnam("daemon")) != NULL && pw->pw_uid != 0))
295 DefUid = pw->pw_uid; /* option u */
296 DefGid = pw->pw_gid; /* option g */
297 DefUser = newstr(pw->pw_name);
301 DefUid = 1; /* option u */
302 DefGid = 1; /* option g */
307 sm_dprintf("setdefaults: DefUser=%s, DefUid=%d, DefGid=%d\n",
308 DefUser != NULL ? DefUser : "<1:1>",
309 (int) DefUid, (int) DefGid);
310 CheckpointInterval = 10; /* option C */
311 MaxHopCount = 25; /* option h */
312 set_delivery_mode(SM_FORK, e); /* option d */
313 e->e_errormode = EM_PRINT; /* option e */
316 e->e_xfqgrp = NOQGRP;
317 e->e_xfqdir = NOQDIR;
318 e->e_ctime = curtime();
319 SevenBitInput = false; /* option 7 */
320 MaxMciCache = 1; /* option k */
321 MciCacheTimeout = 5 MINUTES; /* option K */
322 LogLevel = 9; /* option L */
326 inittimeouts(NULL, false); /* option r */
327 PrivacyFlags = PRIV_PUBLIC; /* option p */
328 MeToo = true; /* option m */
329 SendMIMEErrors = true; /* option f */
330 SuperSafe = SAFE_REALLY; /* option s */
331 clrbitmap(DontBlameSendmail); /* DontBlameSendmail option */
333 MimeMode = MM_CVTMIME|MM_PASS8BIT; /* option 8 */
335 MimeMode = MM_PASS8BIT;
336 #endif /* MIME8TO7 */
337 for (i = 0; i < MAXTOCLASS; i++)
339 TimeOuts.to_q_return[i] = 5 DAYS; /* option T */
340 TimeOuts.to_q_warning[i] = 0; /* option T */
342 ServiceSwitchFile = "/etc/mail/service.switch";
343 ServiceCacheMaxAge = (time_t) 10;
344 HostsFile = _PATH_HOSTS;
345 PidFile = newstr(_PATH_SENDMAILPID);
346 MustQuoteChars = "@,;:\\()[].'";
347 MciInfoTimeout = 30 MINUTES;
348 MaxRuleRecursion = MAXRULERECURSION;
349 MaxAliasRecursion = 10;
350 MaxMacroRecursion = 10;
351 ColonOkInAddr = true;
352 DontLockReadFiles = true;
353 DontProbeInterfaces = DPI_PROBEALL;
354 DoubleBounceAddr = "postmaster";
355 MaxHeadersLength = MAXHDRSLEN;
356 MaxMimeHeaderLength = MAXLINE;
357 MaxMimeFieldLength = MaxMimeHeaderLength / 2;
358 MaxForwardEntries = 0;
360 MaxNOOPCommands = MAXNOOPCOMMANDS;
362 AuthMechanisms = newstr(AUTH_MECHANISMS);
367 TLS_Srv_Opts = TLS_I_SRV;
368 #endif /* STARTTLS */
370 HesiodContext = NULL;
371 #endif /* HESIOD_INIT */
373 /* Detect if IPv6 is available at run time */
374 i = socket(AF_INET6, SOCK_STREAM, 0);
384 #endif /* NETINET6 */
385 ControlSocketName = NULL;
386 memset(&ConnectOnlyTo, '\0', sizeof(ConnectOnlyTo));
387 DataFileBufferSize = 4096;
388 XscriptFileBufferSize = 4096;
389 for (i = 0; i < MAXRWSETS; i++)
390 RuleSetNames[i] = NULL;
392 InputFilters[0] = NULL;
394 RejectLogInterval = 3 HOURS;
395 #if REQUIRES_DIR_FSYNC
396 RequiresDirfsync = true;
397 #endif /* REQUIRES_DIR_FSYNC */
398 #if _FFR_RCPTTHROTDELAY
399 BadRcptThrottleDelay = 1;
400 #endif /* _FFR_RCPTTHROTDELAY */
401 ConnectionRateWindowSize = 60;
410 ** SETDEFUSER -- set/reset DefUser using DefUid (for initgroups())
416 struct passwd *defpwent;
417 static char defuserbuf[40];
419 DefUser = defuserbuf;
420 defpwent = sm_getpwuid(DefUid);
421 (void) sm_strlcpy(defuserbuf,
422 (defpwent == NULL || defpwent->pw_name == NULL)
423 ? "nobody" : defpwent->pw_name,
426 sm_dprintf("setdefuser: DefUid=%d, DefUser=%s\n",
427 (int) DefUid, DefUser);
430 ** SETUPQUEUES -- initialize default queues
432 ** The mqueue QUEUE structure gets filled in after readcf() but
433 ** we need something to point to now for the mailer setup,
434 ** which use "mqueue" as default queue.
442 MaxRunnersPerQueue = 1;
443 (void) sm_strlcpy(buf, "mqueue, P=/var/spool/mqueue", sizeof(buf));
444 makequeue(buf, false);
447 ** SETUPMAILERS -- initialize default mailers
455 (void) sm_strlcpy(buf, "prog, P=/bin/sh, F=lsouDq9, T=X-Unix/X-Unix/X-Unix, A=sh -c \201u",
459 (void) sm_strlcpy(buf, "*file*, P=[FILE], F=lsDFMPEouq9, T=X-Unix/X-Unix/X-Unix, A=FILE \201u",
463 (void) sm_strlcpy(buf, "*include*, P=/dev/null, F=su, A=INCLUDE \201u",
469 ** SETUPMAPS -- set up map classes
472 #define MAPDEF(name, ext, flags, parse, open, close, lookup, store) \
474 extern bool parse __P((MAP *, char *)); \
475 extern bool open __P((MAP *, int)); \
476 extern void close __P((MAP *)); \
477 extern char *lookup __P((MAP *, char *, char **, int *)); \
478 extern void store __P((MAP *, char *, char *)); \
479 s = stab(name, ST_MAPCLASS, ST_ENTER); \
480 s->s_mapclass.map_cname = name; \
481 s->s_mapclass.map_ext = ext; \
482 s->s_mapclass.map_cflags = flags; \
483 s->s_mapclass.map_parse = parse; \
484 s->s_mapclass.map_open = open; \
485 s->s_mapclass.map_close = close; \
486 s->s_mapclass.map_lookup = lookup; \
487 s->s_mapclass.map_store = store; \
496 # if DB_VERSION_MAJOR > 1
497 int major_v, minor_v, patch_v;
499 (void) db_version(&major_v, &minor_v, &patch_v);
500 if (major_v != DB_VERSION_MAJOR || minor_v != DB_VERSION_MINOR)
503 syserr("Berkeley DB version mismatch: compiled against %d.%d.%d, run-time linked against %d.%d.%d",
504 DB_VERSION_MAJOR, DB_VERSION_MINOR, DB_VERSION_PATCH,
505 major_v, minor_v, patch_v);
507 # endif /* DB_VERSION_MAJOR > 1 */
509 MAPDEF("hash", ".db", MCF_ALIASOK|MCF_REBUILDABLE,
510 map_parseargs, hash_map_open, db_map_close,
511 db_map_lookup, db_map_store);
513 MAPDEF("btree", ".db", MCF_ALIASOK|MCF_REBUILDABLE,
514 map_parseargs, bt_map_open, db_map_close,
515 db_map_lookup, db_map_store);
519 MAPDEF("dbm", ".dir", MCF_ALIASOK|MCF_REBUILDABLE,
520 map_parseargs, ndbm_map_open, ndbm_map_close,
521 ndbm_map_lookup, ndbm_map_store);
525 MAPDEF("nis", NULL, MCF_ALIASOK,
526 map_parseargs, nis_map_open, null_map_close,
527 nis_map_lookup, null_map_store);
531 MAPDEF("nisplus", NULL, MCF_ALIASOK,
532 map_parseargs, nisplus_map_open, null_map_close,
533 nisplus_map_lookup, null_map_store);
537 MAPDEF("ldap", NULL, MCF_ALIASOK|MCF_NOTPERSIST,
538 ldapmap_parseargs, ldapmap_open, ldapmap_close,
539 ldapmap_lookup, null_map_store);
543 MAPDEF("ph", NULL, MCF_NOTPERSIST,
544 ph_map_parseargs, ph_map_open, ph_map_close,
545 ph_map_lookup, null_map_store);
549 /* IRIX 6.5 nsd support */
550 MAPDEF("nsd", NULL, MCF_ALIASOK,
551 map_parseargs, null_map_open, null_map_close,
552 nsd_map_lookup, null_map_store);
556 MAPDEF("hesiod", NULL, MCF_ALIASOK|MCF_ALIASONLY,
557 map_parseargs, hes_map_open, hes_map_close,
558 hes_map_lookup, null_map_store);
562 MAPDEF("netinfo", NULL, MCF_ALIASOK,
563 map_parseargs, ni_map_open, null_map_close,
564 ni_map_lookup, null_map_store);
568 MAPDEF("dns", NULL, 0,
569 dns_map_init, null_map_open, null_map_close,
570 dns_map_lookup, null_map_store);
575 # if _FFR_DNSMAP_ALIASABLE
576 MAPDEF("dns", NULL, MCF_ALIASOK,
577 dns_map_parseargs, dns_map_open, null_map_close,
578 dns_map_lookup, null_map_store);
579 # else /* _FFR_DNSMAP_ALIASABLE */
580 MAPDEF("dns", NULL, 0,
581 dns_map_parseargs, dns_map_open, null_map_close,
582 dns_map_lookup, null_map_store);
583 # endif /* _FFR_DNSMAP_ALIASABLE */
585 #endif /* NAMED_BIND */
588 /* best MX DNS lookup */
589 MAPDEF("bestmx", NULL, MCF_OPTFILE,
590 map_parseargs, null_map_open, null_map_close,
591 bestmx_map_lookup, null_map_store);
592 #endif /* NAMED_BIND */
594 MAPDEF("host", NULL, 0,
595 host_map_init, null_map_open, null_map_close,
596 host_map_lookup, null_map_store);
598 MAPDEF("text", NULL, MCF_ALIASOK,
599 map_parseargs, text_map_open, null_map_close,
600 text_map_lookup, null_map_store);
602 MAPDEF("stab", NULL, MCF_ALIASOK|MCF_ALIASONLY,
603 map_parseargs, stab_map_open, null_map_close,
604 stab_map_lookup, stab_map_store);
606 MAPDEF("implicit", NULL, MCF_ALIASOK|MCF_ALIASONLY|MCF_REBUILDABLE,
607 map_parseargs, impl_map_open, impl_map_close,
608 impl_map_lookup, impl_map_store);
610 /* access to system passwd file */
611 MAPDEF("user", NULL, MCF_OPTFILE,
612 map_parseargs, user_map_open, null_map_close,
613 user_map_lookup, null_map_store);
616 MAPDEF("dequote", NULL, 0,
617 dequote_init, null_map_open, null_map_close,
618 dequote_map, null_map_store);
621 MAPDEF("regex", NULL, 0,
622 regex_map_init, null_map_open, null_map_close,
623 regex_map_lookup, null_map_store);
624 #endif /* MAP_REGEX */
628 MAPDEF("userdb", ".db", 0,
629 map_parseargs, null_map_open, null_map_close,
630 udb_map_lookup, null_map_store);
633 /* arbitrary programs */
634 MAPDEF("program", NULL, MCF_ALIASOK,
635 map_parseargs, null_map_open, null_map_close,
636 prog_map_lookup, null_map_store);
639 MAPDEF("sequence", NULL, MCF_ALIASOK,
640 seq_map_parse, null_map_open, null_map_close,
641 seq_map_lookup, seq_map_store);
643 /* switched interface to sequenced maps */
644 MAPDEF("switch", NULL, MCF_ALIASOK,
645 map_parseargs, switch_map_open, null_map_close,
646 seq_map_lookup, seq_map_store);
648 /* null map lookup -- really for internal use only */
649 MAPDEF("null", NULL, MCF_ALIASOK|MCF_OPTFILE,
650 map_parseargs, null_map_open, null_map_close,
651 null_map_lookup, null_map_store);
653 /* syslog map -- logs information to syslog */
654 MAPDEF("syslog", NULL, 0,
655 syslog_map_parseargs, null_map_open, null_map_close,
656 syslog_map_lookup, null_map_store);
658 /* macro storage map -- rulesets can set macros */
659 MAPDEF("macro", NULL, 0,
660 dequote_init, null_map_open, null_map_close,
661 macro_map_lookup, null_map_store);
663 /* arithmetic map -- add/subtract/compare */
664 MAPDEF("arith", NULL, 0,
665 dequote_init, null_map_open, null_map_close,
666 arith_map_lookup, null_map_store);
669 /* "arpa" map -- IP -> arpa */
670 MAPDEF("arpa", NULL, 0,
671 dequote_init, null_map_open, null_map_close,
672 arpa_map_lookup, null_map_store);
673 #endif /* _FFR_ARPA_MAP */
676 /* arbitrary daemons */
677 MAPDEF("socket", NULL, MCF_ALIASOK,
678 map_parseargs, socket_map_open, socket_map_close,
679 socket_map_lookup, null_map_store);
680 #endif /* SOCKETMAP */
683 /* dprintf map -- logs information to syslog */
684 MAPDEF("dprintf", NULL, 0,
685 dprintf_map_parseargs, null_map_open, null_map_close,
686 dprintf_map_lookup, null_map_store);
687 #endif /* _FFR_DPRINTF_MAP */
691 /* bogus map -- always return tempfail */
692 MAPDEF("bogus", NULL, MCF_ALIASOK|MCF_OPTFILE,
693 map_parseargs, null_map_open, null_map_close,
694 bogus_map_lookup, null_map_store);
700 ** INITHOSTMAPS -- initial host-dependent maps
702 ** This should act as an interface to any local service switch
703 ** provided by the host operating system.
712 ** Should define maps "host" and "users" as necessary
713 ** for this OS. If they are not defined, they will get
714 ** a default value later. It should check to make sure
715 ** they are not defined first, since it's possible that
716 ** the config file has provided an override.
724 char *maptype[MAXMAPSTACK];
725 short mapreturn[MAXMAPACTIONS];
729 ** Make sure we have a host map.
732 if (stab("host", ST_MAP, ST_FIND) == NULL)
734 /* user didn't initialize: set up host map */
735 (void) sm_strlcpy(buf, "host host", sizeof(buf));
737 if (ConfigLevel >= 2)
738 (void) sm_strlcat(buf, " -a. -D", sizeof(buf));
739 #endif /* NAMED_BIND */
740 (void) makemapentry(buf);
744 ** Set up default aliases maps
747 nmaps = switch_map_find("aliases", maptype, mapreturn);
748 for (i = 0; i < nmaps; i++)
750 if (strcmp(maptype[i], "files") == 0 &&
751 stab("aliases.files", ST_MAP, ST_FIND) == NULL)
753 (void) sm_strlcpy(buf, "aliases.files null",
755 (void) makemapentry(buf);
758 else if (strcmp(maptype[i], "nisplus") == 0 &&
759 stab("aliases.nisplus", ST_MAP, ST_FIND) == NULL)
761 (void) sm_strlcpy(buf, "aliases.nisplus nisplus -kalias -vexpansion mail_aliases.org_dir",
763 (void) makemapentry(buf);
767 else if (strcmp(maptype[i], "nis") == 0 &&
768 stab("aliases.nis", ST_MAP, ST_FIND) == NULL)
770 (void) sm_strlcpy(buf, "aliases.nis nis mail.aliases",
772 (void) makemapentry(buf);
776 else if (strcmp(maptype[i], "netinfo") == 0 &&
777 stab("aliases.netinfo", ST_MAP, ST_FIND) == NULL)
779 (void) sm_strlcpy(buf, "aliases.netinfo netinfo -z, /aliases",
781 (void) makemapentry(buf);
785 else if (strcmp(maptype[i], "hesiod") == 0 &&
786 stab("aliases.hesiod", ST_MAP, ST_FIND) == NULL)
788 (void) sm_strlcpy(buf, "aliases.hesiod hesiod aliases",
790 (void) makemapentry(buf);
793 #if LDAPMAP && defined(SUN_EXTENSIONS) && \
794 defined(SUN_SIMPLIFIED_LDAP) && HASLDAPGETALIASBYNAME
795 else if (strcmp(maptype[i], "ldap") == 0 &&
796 stab("aliases.ldap", ST_MAP, ST_FIND) == NULL)
798 (void) sm_strlcpy(buf, "aliases.ldap ldap -b . -h localhost -k mail=%0 -v mailgroup",
800 (void) makemapentry(buf);
802 #endif /* LDAPMAP && defined(SUN_EXTENSIONS) && ... */
804 if (stab("aliases", ST_MAP, ST_FIND) == NULL)
806 (void) sm_strlcpy(buf, "aliases switch aliases", sizeof(buf));
807 (void) makemapentry(buf);
812 ** SWITCH_MAP_FIND -- find the list of types associated with a map
814 ** This is the system-dependent interface to the service switch.
817 ** service -- the name of the service of interest.
818 ** maptype -- an out-array of strings containing the types
819 ** of access to use for this service. There can
820 ** be at most MAXMAPSTACK types for a single service.
821 ** mapreturn -- an out-array of return information bitmaps
825 ** The number of map types filled in, or -1 for failure.
828 ** Preserves errno so nothing in the routine clobbers it.
831 #if defined(SOLARIS) || (defined(sony_news) && defined(__svr4))
832 # define _USE_SUN_NSSWITCH_
833 #endif /* defined(SOLARIS) || (defined(sony_news) && defined(__svr4)) */
835 #if _FFR_HPUX_NSSWITCH
837 # define _USE_SUN_NSSWITCH_
839 #endif /* _FFR_HPUX_NSSWITCH */
841 #ifdef _USE_SUN_NSSWITCH_
842 # include <nsswitch.h>
843 #endif /* _USE_SUN_NSSWITCH_ */
845 #if defined(ultrix) || (defined(__osf__) && defined(__alpha))
846 # define _USE_DEC_SVC_CONF_
847 #endif /* defined(ultrix) || (defined(__osf__) && defined(__alpha)) */
849 #ifdef _USE_DEC_SVC_CONF_
850 # include <sys/svcinfo.h>
851 #endif /* _USE_DEC_SVC_CONF_ */
854 switch_map_find(service, maptype, mapreturn)
856 char *maptype[MAXMAPSTACK];
857 short mapreturn[MAXMAPACTIONS];
860 int save_errno = errno;
862 #ifdef _USE_SUN_NSSWITCH_
863 struct __nsw_switchconfig *nsw_conf;
864 enum __nsw_parse_err pserr;
865 struct __nsw_lookup *lk;
866 static struct __nsw_lookup lkp0 =
867 { "files", {1, 0, 0, 0}, NULL, NULL };
868 static struct __nsw_switchconfig lkp_default =
869 { 0, "sendmail", 3, &lkp0 };
871 for (svcno = 0; svcno < MAXMAPACTIONS; svcno++)
872 mapreturn[svcno] = 0;
874 if ((nsw_conf = __nsw_getconfig(service, &pserr)) == NULL)
875 lk = lkp_default.lookups;
877 lk = nsw_conf->lookups;
879 while (lk != NULL && svcno < MAXMAPSTACK)
881 maptype[svcno] = lk->service_name;
882 if (lk->actions[__NSW_NOTFOUND] == __NSW_RETURN)
883 mapreturn[MA_NOTFOUND] |= 1 << svcno;
884 if (lk->actions[__NSW_TRYAGAIN] == __NSW_RETURN)
885 mapreturn[MA_TRYAGAIN] |= 1 << svcno;
886 if (lk->actions[__NSW_UNAVAIL] == __NSW_RETURN)
887 mapreturn[MA_TRYAGAIN] |= 1 << svcno;
893 #endif /* _USE_SUN_NSSWITCH_ */
895 #ifdef _USE_DEC_SVC_CONF_
896 struct svcinfo *svcinfo;
899 for (svcno = 0; svcno < MAXMAPACTIONS; svcno++)
900 mapreturn[svcno] = 0;
905 if (strcmp(service, "hosts") == 0)
907 else if (strcmp(service, "aliases") == 0)
909 else if (strcmp(service, "passwd") == 0)
916 for (svcno = 0; svcno < SVC_PATHSIZE && svcno < MAXMAPSTACK; svcno++)
918 switch (svcinfo->svcpath[svc][svcno])
921 maptype[svcno] = "files";
925 maptype[svcno] = "nis";
929 maptype[svcno] = "dns";
934 maptype[svcno] = "hesiod";
936 # endif /* SVC_HESIOD */
945 #endif /* _USE_DEC_SVC_CONF_ */
947 #if !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_)
949 ** Fall-back mechanism.
953 static time_t servicecachetime; /* time service switch was cached */
954 time_t now = curtime();
956 for (svcno = 0; svcno < MAXMAPACTIONS; svcno++)
957 mapreturn[svcno] = 0;
959 if ((now - servicecachetime) > (time_t) ServiceCacheMaxAge)
961 /* (re)read service switch */
962 register SM_FILE_T *fp;
963 long sff = SFF_REGONLY|SFF_OPENASROOT|SFF_NOLOCK;
965 if (!bitnset(DBS_LINKEDSERVICESWITCHFILEINWRITABLEDIR,
970 servicecachetime = now;
971 fp = safefopen(ServiceSwitchFile, O_RDONLY, 0, sff);
976 while (sm_io_fgets(fp, SM_TIME_DEFAULT, buf,
981 p = strpbrk(buf, "#\n");
984 #ifndef SM_NSSWITCH_DELIMS
985 # define SM_NSSWITCH_DELIMS " \t"
986 #endif /* SM_NSSWITCH_DELIMS */
987 p = strpbrk(buf, SM_NSSWITCH_DELIMS);
994 sm_syslog(LOG_ERR, NOQID,
995 "Bad line on %.100s: %.100s",
1000 while (isascii(*p) && isspace(*p))
1006 ** Find/allocate space for this service entry.
1007 ** Space for all of the service strings
1008 ** are allocated at once. This means
1009 ** that we only have to free the first
1010 ** one to free all of them.
1013 st = stab(buf, ST_SERVICE, ST_ENTER);
1014 if (st->s_service[0] != NULL)
1015 sm_free((void *) st->s_service[0]); /* XXX */
1017 for (svcno = 0; svcno < MAXMAPSTACK; )
1021 st->s_service[svcno++] = p;
1022 p = strpbrk(p, " \t");
1026 while (isascii(*p) && isspace(*p))
1029 if (svcno < MAXMAPSTACK)
1030 st->s_service[svcno] = NULL;
1032 (void) sm_io_close(fp, SM_TIME_DEFAULT);
1036 /* look up entry in cache */
1037 st = stab(service, ST_SERVICE, ST_FIND);
1038 if (st != NULL && st->s_service[0] != NULL)
1042 while (svcno < MAXMAPSTACK)
1044 maptype[svcno] = st->s_service[svcno];
1045 if (maptype[svcno++] == NULL)
1051 #endif /* !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_) */
1053 #if !defined(_USE_SUN_NSSWITCH_)
1054 /* if the service file doesn't work, use an absolute fallback */
1055 # ifdef _USE_DEC_SVC_CONF_
1057 # endif /* _USE_DEC_SVC_CONF_ */
1058 for (svcno = 0; svcno < MAXMAPACTIONS; svcno++)
1059 mapreturn[svcno] = 0;
1061 if (strcmp(service, "aliases") == 0)
1063 maptype[svcno++] = "files";
1064 # if defined(AUTO_NETINFO_ALIASES) && defined (NETINFO)
1065 maptype[svcno++] = "netinfo";
1066 # endif /* defined(AUTO_NETINFO_ALIASES) && defined (NETINFO) */
1067 # ifdef AUTO_NIS_ALIASES
1069 maptype[svcno++] = "nisplus";
1070 # endif /* NISPLUS */
1072 maptype[svcno++] = "nis";
1074 # endif /* AUTO_NIS_ALIASES */
1078 if (strcmp(service, "hosts") == 0)
1081 maptype[svcno++] = "dns";
1082 # else /* NAMED_BIND */
1083 # if defined(sun) && !defined(BSD)
1085 maptype[svcno++] = "nis";
1086 # endif /* defined(sun) && !defined(BSD) */
1087 # endif /* NAMED_BIND */
1088 # if defined(AUTO_NETINFO_HOSTS) && defined (NETINFO)
1089 maptype[svcno++] = "netinfo";
1090 # endif /* defined(AUTO_NETINFO_HOSTS) && defined (NETINFO) */
1091 maptype[svcno++] = "files";
1097 #endif /* !defined(_USE_SUN_NSSWITCH_) */
1100 ** USERNAME -- return the user id of the logged in user.
1106 ** The login name of the logged in user.
1112 ** The return value is statically allocated.
1118 static char *myname = NULL;
1119 extern char *getlogin();
1120 register struct passwd *pw;
1122 /* cache the result */
1125 myname = getlogin();
1126 if (myname == NULL || myname[0] == '\0')
1128 pw = sm_getpwuid(RealUid);
1130 myname = pw->pw_name;
1134 uid_t uid = RealUid;
1136 if ((pw = sm_getpwnam(myname)) == NULL ||
1137 (uid != 0 && uid != pw->pw_uid))
1139 pw = sm_getpwuid(uid);
1141 myname = pw->pw_name;
1144 if (myname == NULL || myname[0] == '\0')
1146 syserr("554 5.3.0 Who are you?");
1147 myname = "postmaster";
1149 else if (strpbrk(myname, ",;:/|\"\\") != NULL)
1150 myname = addquotes(myname, NULL);
1152 myname = sm_pstrdup_x(myname);
1157 ** TTYPATH -- Get the path of the user's tty
1159 ** Returns the pathname of the user's tty. Returns NULL if
1160 ** the user is not logged in or if s/he has write permission
1167 ** pathname of the user's tty.
1168 ** NULL if not logged in or write permission denied.
1174 ** Return value is in a local buffer.
1184 register char *pathn;
1185 extern char *ttyname();
1186 extern char *getlogin();
1188 /* compute the pathname of the controlling tty */
1189 if ((pathn = ttyname(2)) == NULL && (pathn = ttyname(1)) == NULL &&
1190 (pathn = ttyname(0)) == NULL)
1196 /* see if we have write permission */
1197 if (stat(pathn, &stbuf) < 0 || !bitset(S_IWOTH, stbuf.st_mode))
1203 /* see if the user is logged in */
1204 if (getlogin() == NULL)
1211 ** CHECKCOMPAT -- check for From and To person compatible.
1213 ** This routine can be supplied on a per-installation basis
1214 ** to determine whether a person is allowed to send a message.
1215 ** This allows restriction of certain types of internet
1216 ** forwarding or registration of users.
1218 ** If the hosts are found to be incompatible, an error
1219 ** message should be given using "usrerr" and an EX_ code
1220 ** should be returned. You can also set to->q_status to
1221 ** a DSN-style status code.
1223 ** EF_NO_BODY_RETN can be set in e->e_flags to suppress the
1224 ** body during the return-to-sender function; this should be done
1225 ** on huge messages. This bit may already be set by the ESMTP
1229 ** to -- the person being sent to.
1235 ** none (unless you include the usrerr stuff)
1240 register ADDRESS *to;
1241 register ENVELOPE *e;
1244 sm_dprintf("checkcompat(to=%s, from=%s)\n",
1245 to->q_paddr, e->e_from.q_paddr);
1248 /* this code is intended as an example only */
1251 s = stab("arpa", ST_MAILER, ST_FIND);
1252 if (s != NULL && strcmp(e->e_from.q_mailer->m_name, "local") != 0 &&
1253 to->q_mailer == s->s_mailer)
1255 usrerr("553 No ARPA mail through this machine: see your system administration");
1256 /* e->e_flags |= EF_NO_BODY_RETN; to suppress body on return */
1257 to->q_status = "5.7.1";
1258 return EX_UNAVAILABLE;
1260 #endif /* EXAMPLE_CODE */
1264 #ifdef SUN_EXTENSIONS
1270 /* Check for large file descriptor */
1271 if (fstat(fileno(stdin), &sbuf) < 0)
1273 if (errno == EOVERFLOW)
1280 #endif /* SUN_EXTENSIONS */
1283 ** INIT_MD -- do machine dependent initializations
1285 ** Systems that have global modes that should be set should do
1286 ** them here rather than in main.
1290 # include <compat.h>
1291 #endif /* _AUX_SOURCE */
1294 # include <shares.h>
1295 #endif /* SHARE_V1 */
1303 setcompat(getcompat() | COMPAT_BSDPROT);
1304 #endif /* _AUX_SOURCE */
1306 #ifdef SUN_EXTENSIONS
1308 #endif /* SUN_EXTENSIONS */
1311 /* keep gethostby*() from stripping the local domain name */
1312 set_domain_trim_off();
1313 #endif /* _CONVEX_SOURCE */
1314 #if defined(__QNX__) && !defined(__QNXNTO__)
1316 ** Due to QNX's network distributed nature, you can target a tcpip
1317 ** stack on a different node in the qnx network; this patch lets
1318 ** this feature work. The __sock_locate() must be done before the
1319 ** environment is clear.
1322 #endif /* __QNX__ */
1323 #if SECUREWARE || defined(_SCO_unix_)
1324 set_auth_parameters(argc, argv);
1328 ** This is required for highest security levels (the kernel
1329 ** won't let it call set*uid() or run setuid binaries without
1330 ** it). It may be necessary on other SECUREWARE systems.
1333 if (getluid() == -1)
1335 # endif /* _SCO_unix_ */
1336 #endif /* SECUREWARE || defined(_SCO_unix_) */
1339 #ifdef VENDOR_DEFAULT
1340 VendorCode = VENDOR_DEFAULT;
1341 #else /* VENDOR_DEFAULT */
1342 VendorCode = VENDOR_BERKELEY;
1343 #endif /* VENDOR_DEFAULT */
1346 ** INIT_VENDOR_MACROS -- vendor-dependent macro initializations
1348 ** Called once, on startup.
1351 ** e -- the global envelope.
1357 ** vendor-dependent.
1361 init_vendor_macros(e)
1362 register ENVELOPE *e;
1366 ** GETLA -- get the current load average
1368 ** This code stolen from la.c.
1374 ** The current load average as an integer.
1380 /* try to guess what style of load average we have */
1381 #define LA_ZERO 1 /* always return load average as zero */
1382 #define LA_INT 2 /* read kmem for avenrun; interpret as long */
1383 #define LA_FLOAT 3 /* read kmem for avenrun; interpret as float */
1384 #define LA_SUBR 4 /* call getloadavg */
1385 #define LA_MACH 5 /* MACH load averages (as on NeXT boxes) */
1386 #define LA_SHORT 6 /* read kmem for avenrun; interpret as short */
1387 #define LA_PROCSTR 7 /* read string ("1.17") from /proc/loadavg */
1388 #define LA_READKSYM 8 /* SVR4: use MIOC_READKSYM ioctl call */
1389 #define LA_DGUX 9 /* special DGUX implementation */
1390 #define LA_HPUX 10 /* special HPUX implementation */
1391 #define LA_IRIX6 11 /* special IRIX 6.2 implementation */
1392 #define LA_KSTAT 12 /* special Solaris kstat(3k) implementation */
1393 #define LA_DEVSHORT 13 /* read short from a device */
1394 #define LA_ALPHAOSF 14 /* Digital UNIX (OSF/1 on Alpha) table() call */
1395 #define LA_PSET 15 /* Solaris per-processor-set load average */
1396 #define LA_LONGLONG 17 /* read kmem for avenrun; interpret as long long */
1398 /* do guesses based on general OS type */
1400 # define LA_TYPE LA_ZERO
1401 #endif /* ! LA_TYPE */
1404 # if defined(unixpc)
1406 # endif /* defined(unixpc) */
1408 # if defined(__alpha) || defined(IRIX)
1410 # endif /* defined(__alpha) || defined(IRIX) */
1412 #endif /* ! FSHIFT */
1416 #endif /* ! FSHIFT */
1419 # define FSCALE (1 << FSHIFT)
1420 #endif /* ! FSCALE */
1424 # define LA_AVENRUN "avenrun"
1425 # else /* SYSTEM5 */
1426 # define LA_AVENRUN "_avenrun"
1427 # endif /* SYSTEM5 */
1428 #endif /* ! LA_AVENRUN */
1430 /* _PATH_KMEM should be defined in <paths.h> */
1432 # define _PATH_KMEM "/dev/kmem"
1433 #endif /* ! _PATH_KMEM */
1435 #if (LA_TYPE == LA_INT) || (LA_TYPE == LA_FLOAT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG)
1439 /* _PATH_UNIX should be defined in <paths.h> */
1441 # if defined(SYSTEM5)
1442 # define _PATH_UNIX "/unix"
1443 # else /* defined(SYSTEM5) */
1444 # define _PATH_UNIX "/vmunix"
1445 # endif /* defined(SYSTEM5) */
1446 # endif /* ! _PATH_UNIX */
1450 # else /* _AUX_SOURCE */
1456 # endif /* _AUX_SOURCE */
1457 # define X_AVENRUN 0
1463 static int kmem = -1;
1464 # if LA_TYPE == LA_INT
1466 # else /* LA_TYPE == LA_INT */
1467 # if LA_TYPE == LA_SHORT
1470 # if LA_TYPE == LA_LONGLONG
1471 long long avenrun[3];
1472 # else /* LA_TYPE == LA_LONGLONG */
1474 # endif /* LA_TYPE == LA_LONGLONG */
1475 # endif /* LA_TYPE == LA_SHORT */
1476 # endif /* LA_TYPE == LA_INT */
1477 extern off_t lseek();
1482 (void) sm_strlcpy(Nl[X_AVENRUN].n_name, LA_AVENRUN,
1483 sizeof(Nl[X_AVENRUN].n_name));
1484 Nl[1].n_name[0] = '\0';
1485 # endif /* _AUX_SOURCE */
1487 # if defined(_AIX3) || defined(_AIX4)
1488 if (knlist(Nl, 1, sizeof(Nl[0])) < 0)
1489 # else /* defined(_AIX3) || defined(_AIX4) */
1490 if (nlist(_PATH_UNIX, Nl) < 0)
1491 # endif /* defined(_AIX3) || defined(_AIX4) */
1494 sm_dprintf("getla: nlist(%s): %s\n", _PATH_UNIX,
1495 sm_errstring(errno));
1498 if (Nl[X_AVENRUN].n_value == 0)
1501 sm_dprintf("getla: nlist(%s, %s) ==> 0\n",
1502 _PATH_UNIX, LA_AVENRUN);
1505 # ifdef NAMELISTMASK
1506 Nl[X_AVENRUN].n_value &= NAMELISTMASK;
1507 # endif /* NAMELISTMASK */
1509 kmem = open(_PATH_KMEM, 0, 0);
1513 sm_dprintf("getla: open(/dev/kmem): %s\n",
1514 sm_errstring(errno));
1517 if ((j = fcntl(kmem, F_GETFD, 0)) < 0 ||
1518 fcntl(kmem, F_SETFD, j | FD_CLOEXEC) < 0)
1521 sm_dprintf("getla: fcntl(/dev/kmem, FD_CLOEXEC): %s\n",
1522 sm_errstring(errno));
1529 sm_dprintf("getla: symbol address = %#lx\n",
1530 (unsigned long) Nl[X_AVENRUN].n_value);
1531 if (lseek(kmem, (off_t) Nl[X_AVENRUN].n_value, SEEK_SET) == -1 ||
1532 read(kmem, (char *) avenrun, sizeof(avenrun)) != sizeof(avenrun))
1536 sm_dprintf("getla: lseek or read: %s\n",
1537 sm_errstring(errno));
1540 # if (LA_TYPE == LA_INT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG)
1543 # if LA_TYPE == LA_SHORT
1544 sm_dprintf("getla: avenrun = %d", avenrun[0]);
1546 sm_dprintf(", %d, %d", avenrun[1], avenrun[2]);
1547 # else /* LA_TYPE == LA_SHORT */
1548 # if LA_TYPE == LA_LONGLONG
1549 sm_dprintf("getla: avenrun = %lld", avenrun[0]);
1551 sm_dprintf(", %lld, %lld", avenrun[1], avenrun[2]);
1552 # else /* LA_TYPE == LA_LONGLONG */
1553 sm_dprintf("getla: avenrun = %ld", avenrun[0]);
1555 sm_dprintf(", %ld, %ld", avenrun[1], avenrun[2]);
1556 # endif /* LA_TYPE == LA_LONGLONG */
1557 # endif /* LA_TYPE == LA_SHORT */
1561 sm_dprintf("getla: %d\n",
1562 (int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1563 return ((int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1564 # else /* (LA_TYPE == LA_INT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG) */
1567 sm_dprintf("getla: avenrun = %g", avenrun[0]);
1569 sm_dprintf(", %g, %g", avenrun[1], avenrun[2]);
1573 sm_dprintf("getla: %d\n", (int) (avenrun[0] +0.5));
1574 return ((int) (avenrun[0] + 0.5));
1575 # endif /* (LA_TYPE == LA_INT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG) */
1578 #endif /* (LA_TYPE == LA_INT) || (LA_TYPE == LA_FLOAT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG) */
1580 #if LA_TYPE == LA_READKSYM
1582 # include <sys/ksym.h>
1588 static int kmem = -1;
1590 struct mioc_rksym mirk;
1594 kmem = open("/dev/kmem", 0, 0);
1598 sm_dprintf("getla: open(/dev/kmem): %s\n",
1599 sm_errstring(errno));
1602 if ((j = fcntl(kmem, F_GETFD, 0)) < 0 ||
1603 fcntl(kmem, F_SETFD, j | FD_CLOEXEC) < 0)
1606 sm_dprintf("getla: fcntl(/dev/kmem, FD_CLOEXEC): %s\n",
1607 sm_errstring(errno));
1613 mirk.mirk_symname = LA_AVENRUN;
1614 mirk.mirk_buf = avenrun;
1615 mirk.mirk_buflen = sizeof(avenrun);
1616 if (ioctl(kmem, MIOC_READKSYM, &mirk) < 0)
1619 sm_dprintf("getla: ioctl(MIOC_READKSYM) failed: %s\n",
1620 sm_errstring(errno));
1625 sm_dprintf("getla: avenrun = %d", avenrun[0]);
1627 sm_dprintf(", %d, %d", avenrun[1], avenrun[2]);
1631 sm_dprintf("getla: %d\n",
1632 (int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1633 return ((int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1636 #endif /* LA_TYPE == LA_READKSYM */
1638 #if LA_TYPE == LA_DGUX
1640 # include <sys/dg_sys_info.h>
1645 struct dg_sys_info_load_info load_info;
1647 dg_sys_info((long *)&load_info,
1648 DG_SYS_INFO_LOAD_INFO_TYPE, DG_SYS_INFO_LOAD_VERSION_0);
1651 sm_dprintf("getla: %d\n", (int) (load_info.one_minute + 0.5));
1653 return ((int) (load_info.one_minute + 0.5));
1656 #endif /* LA_TYPE == LA_DGUX */
1658 #if LA_TYPE == LA_HPUX
1660 /* forward declarations to keep gcc from complaining */
1665 struct pst_diskinfo;
1666 struct pst_processor;
1668 struct pst_swapinfo;
1670 # include <sys/param.h>
1671 # include <sys/pstat.h>
1676 struct pst_dynamic pstd;
1678 if (pstat_getdynamic(&pstd, sizeof(struct pst_dynamic),
1679 (size_t) 1, 0) == -1)
1683 sm_dprintf("getla: %d\n", (int) (pstd.psd_avg_1_min + 0.5));
1685 return (int) (pstd.psd_avg_1_min + 0.5);
1688 #endif /* LA_TYPE == LA_HPUX */
1690 #if LA_TYPE == LA_SUBR
1697 if (getloadavg(avenrun, sizeof(avenrun) / sizeof(avenrun[0])) < 0)
1700 sm_dprintf("getla: getloadavg failed: %s",
1701 sm_errstring(errno));
1705 sm_dprintf("getla: %d\n", (int) (avenrun[0] +0.5));
1706 return ((int) (avenrun[0] + 0.5));
1709 #endif /* LA_TYPE == LA_SUBR */
1711 #if LA_TYPE == LA_MACH
1714 ** This has been tested on NEXTSTEP release 2.1/3.X.
1717 # if defined(NX_CURRENT_COMPILER_RELEASE) && NX_CURRENT_COMPILER_RELEASE > NX_COMPILER_RELEASE_3_0
1718 # include <mach/mach.h>
1719 # else /* defined(NX_CURRENT_COMPILER_RELEASE) && NX_CURRENT_COMPILER_RELEASE > NX_COMPILER_RELEASE_3_0 */
1721 # endif /* defined(NX_CURRENT_COMPILER_RELEASE) && NX_CURRENT_COMPILER_RELEASE > NX_COMPILER_RELEASE_3_0 */
1726 processor_set_t default_set;
1727 kern_return_t error;
1728 unsigned int info_count;
1729 struct processor_set_basic_info info;
1732 error = processor_set_default(host_self(), &default_set);
1733 if (error != KERN_SUCCESS)
1736 sm_dprintf("getla: processor_set_default failed: %s",
1737 sm_errstring(errno));
1740 info_count = PROCESSOR_SET_BASIC_INFO_COUNT;
1741 if (processor_set_info(default_set, PROCESSOR_SET_BASIC_INFO,
1742 &host, (processor_set_info_t)&info,
1743 &info_count) != KERN_SUCCESS)
1746 sm_dprintf("getla: processor_set_info failed: %s",
1747 sm_errstring(errno));
1751 sm_dprintf("getla: %d\n",
1752 (int) ((info.load_average + (LOAD_SCALE / 2)) /
1754 return (int) (info.load_average + (LOAD_SCALE / 2)) / LOAD_SCALE;
1757 #endif /* LA_TYPE == LA_MACH */
1759 #if LA_TYPE == LA_PROCSTR
1760 # if SM_CONF_BROKEN_STRTOD
1761 ERROR: This OS has most likely a broken strtod() implemenentation.
1762 ERROR: The function is required for getla().
1763 ERROR: Check the compilation options _LA_PROCSTR and
1764 ERROR: _SM_CONF_BROKEN_STRTOD (without the leading _).
1765 # endif /* SM_CONF_BROKEN_STRTOD */
1768 ** Read /proc/loadavg for the load average. This is assumed to be
1769 ** in a format like "0.15 0.12 0.06".
1771 ** Initially intended for Linux. This has been in the kernel
1772 ** since at least 0.99.15.
1775 # ifndef _PATH_LOADAVG
1776 # define _PATH_LOADAVG "/proc/loadavg"
1777 # endif /* ! _PATH_LOADAVG */
1783 register int result;
1786 fp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, _PATH_LOADAVG, SM_IO_RDONLY,
1791 sm_dprintf("getla: sm_io_open(%s): %s\n",
1792 _PATH_LOADAVG, sm_errstring(errno));
1795 result = sm_io_fscanf(fp, SM_TIME_DEFAULT, "%lf", &avenrun);
1796 (void) sm_io_close(fp, SM_TIME_DEFAULT);
1800 sm_dprintf("getla: sm_io_fscanf() = %d: %s\n",
1801 result, sm_errstring(errno));
1806 sm_dprintf("getla(): %.2f\n", avenrun);
1808 return ((int) (avenrun + 0.5));
1811 #endif /* LA_TYPE == LA_PROCSTR */
1813 #if LA_TYPE == LA_IRIX6
1815 # include <sys/sysmp.h>
1818 # define CAST_SYSMP(x) (x)
1819 # else /* _UNICOSMP */
1820 # define CAST_SYSMP(x) ((x) & 0x7fffffff)
1821 # endif /* _UNICOSMP */
1827 static int kmem = -1;
1832 kmem = open(_PATH_KMEM, 0, 0);
1836 sm_dprintf("getla: open(%s): %s\n", _PATH_KMEM,
1837 sm_errstring(errno));
1840 if ((j = fcntl(kmem, F_GETFD, 0)) < 0 ||
1841 fcntl(kmem, F_SETFD, j | FD_CLOEXEC) < 0)
1844 sm_dprintf("getla: fcntl(/dev/kmem, FD_CLOEXEC): %s\n",
1845 sm_errstring(errno));
1852 if (lseek(kmem, CAST_SYSMP(sysmp(MP_KERNADDR, MPKA_AVENRUN)), SEEK_SET)
1854 read(kmem, (char *) avenrun, sizeof(avenrun)) != sizeof(avenrun))
1857 sm_dprintf("getla: lseek or read: %s\n",
1858 sm_errstring(errno));
1863 sm_dprintf("getla: avenrun = %ld", (long int) avenrun[0]);
1865 sm_dprintf(", %ld, %ld",
1866 (long int) avenrun[1], (long int) avenrun[2]);
1871 sm_dprintf("getla: %d\n",
1872 (int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1873 return ((int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1876 #endif /* LA_TYPE == LA_IRIX6 */
1878 #if LA_TYPE == LA_KSTAT
1885 static kstat_ctl_t *kc = NULL;
1886 static kstat_t *ksp = NULL;
1890 if (kc == NULL) /* if not initialized before */
1895 sm_dprintf("getla: kstat_open(): %s\n",
1896 sm_errstring(errno));
1900 ksp = kstat_lookup(kc, "unix", 0, "system_misc");
1904 sm_dprintf("getla: kstat_lookup(): %s\n",
1905 sm_errstring(errno));
1908 if (kstat_read(kc, ksp, NULL) < 0)
1911 sm_dprintf("getla: kstat_read(): %s\n",
1912 sm_errstring(errno));
1915 ksn = (kstat_named_t *) kstat_data_lookup(ksp, "avenrun_1min");
1916 la = ((double) ksn->value.ul + FSCALE/2) / FSCALE;
1917 /* kstat_close(kc); /o do not close for fast access */
1921 #endif /* LA_TYPE == LA_KSTAT */
1923 #if LA_TYPE == LA_DEVSHORT
1926 ** Read /dev/table/avenrun for the load average. This should contain
1927 ** three shorts for the 1, 5, and 15 minute loads. We only read the
1928 ** first, since that's all we care about.
1930 ** Intended for SCO OpenServer 5.
1933 # ifndef _PATH_AVENRUN
1934 # define _PATH_AVENRUN "/dev/table/avenrun"
1935 # endif /* ! _PATH_AVENRUN */
1940 static int afd = -1;
1947 if (afd == -1 || lseek(afd, 0L, SEEK_SET) == -1)
1951 afd = open(_PATH_AVENRUN, O_RDONLY|O_SYNC);
1954 sm_syslog(LOG_ERR, NOQID,
1955 "can't open %s: %s",
1956 _PATH_AVENRUN, sm_errstring(errno));
1961 r = read(afd, &avenrun, sizeof(avenrun));
1962 if (r != sizeof(avenrun))
1964 sm_syslog(LOG_ERR, NOQID,
1965 "can't read %s: %s", _PATH_AVENRUN,
1966 r == -1 ? sm_errstring(errno) : "short read");
1971 sm_dprintf("getla: avenrun = %d\n", avenrun);
1972 loadav = (int) (avenrun + FSCALE/2) >> FSHIFT;
1974 sm_dprintf("getla: %d\n", loadav);
1978 #endif /* LA_TYPE == LA_DEVSHORT */
1980 #if LA_TYPE == LA_ALPHAOSF
1983 # include <sys/table.h>
1989 struct tbl_loadavg tab;
1991 if (table(TBL_LOADAVG, 0, &tab, 1, sizeof(tab)) == -1)
1994 sm_dprintf("getla: table %s\n", sm_errstring(errno));
1999 sm_dprintf("getla: scale = %d\n", tab.tl_lscale);
2002 ave = ((tab.tl_avenrun.l[2] + (tab.tl_lscale/2)) /
2005 ave = (int) (tab.tl_avenrun.d[2] + 0.5);
2008 sm_dprintf("getla: %d\n", ave);
2013 #endif /* LA_TYPE == LA_ALPHAOSF */
2015 #if LA_TYPE == LA_PSET
2022 if (pset_getloadavg(PS_MYID, avenrun,
2023 sizeof(avenrun) / sizeof(avenrun[0])) < 0)
2026 sm_dprintf("getla: pset_getloadavg failed: %s",
2027 sm_errstring(errno));
2031 sm_dprintf("getla: %d\n", (int) (avenrun[0] +0.5));
2032 return ((int) (avenrun[0] + 0.5));
2035 #endif /* LA_TYPE == LA_PSET */
2037 #if LA_TYPE == LA_ZERO
2043 sm_dprintf("getla: ZERO\n");
2047 #endif /* LA_TYPE == LA_ZERO */
2050 * Copyright 1989 Massachusetts Institute of Technology
2052 * Permission to use, copy, modify, distribute, and sell this software and its
2053 * documentation for any purpose is hereby granted without fee, provided that
2054 * the above copyright notice appear in all copies and that both that
2055 * copyright notice and this permission notice appear in supporting
2056 * documentation, and that the name of M.I.T. not be used in advertising or
2057 * publicity pertaining to distribution of the software without specific,
2058 * written prior permission. M.I.T. makes no representations about the
2059 * suitability of this software for any purpose. It is provided "as is"
2060 * without express or implied warranty.
2062 * M.I.T. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
2063 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL M.I.T.
2064 * BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
2065 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
2066 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
2067 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
2069 * Authors: Many and varied...
2072 /* Non Apollo stuff removed by Don Lewis 11/15/93 */
2074 SM_UNUSED(static char rcsid[]) = "@(#)$OrigId: getloadavg.c,v 1.16 1991/06/21 12:51:15 paul Exp $";
2079 # include <apollo/base.h>
2082 int getloadavg( call_data )
2083 caddr_t call_data; /* pointer to (double) return value */
2085 double *avenrun = (double *) call_data;
2090 proc1_$get_loadav(loadav, &st);
2091 *avenrun = loadav[0] / (double) (1 << 16);
2096 ** SM_GETLA -- get the current load average
2105 ** Set CurrentLA to the current load average.
2106 ** Set {load_avg} in GlobalMacros to the current load average.
2114 CurrentLA = getla();
2115 (void) sm_snprintf(labuf, sizeof(labuf), "%d", CurrentLA);
2116 macdefine(&GlobalMacros, A_TEMP, macid("{load_avg}"), labuf);
2119 ** SHOULDQUEUE -- should this message be queued or sent?
2121 ** Compares the message cost to the load average to decide.
2123 ** Note: Do NOT change this API! It is documented in op.me
2124 ** and theoretically the user can change this function...
2127 ** pri -- the priority of the message in question.
2128 ** ct -- the message creation time (unused, but see above).
2131 ** true -- if this message should be queued up for the
2133 ** false -- if the load is low enough to send this message.
2141 shouldqueue(pri, ct)
2148 #endif /* _FFR_MEMSTAT */
2151 sm_dprintf("shouldqueue: CurrentLA=%d, pri=%ld: ",
2155 if (QueueLowMem > 0 &&
2156 sm_memstat_get(MemoryResource, &memfree) >= 0 &&
2157 memfree < QueueLowMem)
2160 sm_dprintf("true (memfree=%ld < QueueLowMem=%ld)\n",
2161 memfree, QueueLowMem);
2164 #endif /* _FFR_MEMSTAT */
2165 if (CurrentLA < QueueLA)
2168 sm_dprintf("false (CurrentLA < QueueLA)\n");
2171 rval = pri > (QueueFactor / (CurrentLA - QueueLA + 1));
2173 sm_dprintf("%s (by calculation)\n", rval ? "true" : "false");
2178 ** REFUSECONNECTIONS -- decide if connections should be refused
2181 ** e -- the current envelope.
2182 ** dn -- number of daemon.
2183 ** active -- was this daemon actually active?
2186 ** true if incoming SMTP connections should be refused
2188 ** false if we should accept new work.
2191 ** Sets process title when it is rejecting connections.
2195 refuseconnections(e, dn, active)
2200 static time_t lastconn[MAXDAEMONS];
2201 static int conncnt[MAXDAEMONS];
2202 static time_t firstrejtime[MAXDAEMONS];
2203 static time_t nextlogtime[MAXDAEMONS];
2207 #endif /* _FFR_MEMSTAT */
2215 SM_ASSERT(dn < MAXDAEMONS);
2216 if (ConnRateThrottle > 0)
2223 if (now != lastconn[dn])
2228 else if (conncnt[dn]++ > ConnRateThrottle)
2230 #define D_MSG_CRT "deferring connections on daemon %s: %d per second"
2231 /* sleep to flatten out connection load */
2232 sm_setproctitle(true, e, D_MSG_CRT,
2236 sm_syslog(LOG_INFO, NOQID, D_MSG_CRT,
2242 else if (now != lastconn[dn])
2248 if (RefuseLowMem > 0 &&
2249 sm_memstat_get(MemoryResource, &memfree) >= 0 &&
2250 memfree < RefuseLowMem)
2252 # define R_MSG_LM "rejecting connections on daemon %s: free memory: %ld"
2253 sm_setproctitle(true, e, R_MSG_LM, Daemons[dn].d_name, memfree);
2255 sm_syslog(LOG_NOTICE, NOQID, R_MSG_LM,
2256 Daemons[dn].d_name, memfree);
2259 #endif /* _FFR_MEMSTAT */
2261 limit = (Daemons[dn].d_refuseLA != DPO_NOTSET) ?
2262 Daemons[dn].d_refuseLA : RefuseLA;
2263 if (limit > 0 && CurrentLA >= limit)
2267 # define R_MSG_LA "rejecting connections on daemon %s: load average: %d"
2268 # define R2_MSG_LA "have been rejecting connections on daemon %s for %s"
2269 sm_setproctitle(true, e, R_MSG_LA, Daemons[dn].d_name,
2272 sm_syslog(LOG_NOTICE, NOQID, R_MSG_LA,
2273 Daemons[dn].d_name, CurrentLA);
2275 if (firstrejtime[dn] == 0)
2277 firstrejtime[dn] = now;
2278 nextlogtime[dn] = now + RejectLogInterval;
2280 else if (nextlogtime[dn] < now)
2282 sm_syslog(LOG_ERR, NOQID, R2_MSG_LA, Daemons[dn].d_name,
2283 pintvl(now - firstrejtime[dn], true));
2284 nextlogtime[dn] = now + RejectLogInterval;
2289 firstrejtime[dn] = 0;
2291 limit = (Daemons[dn].d_delayLA != DPO_NOTSET) ?
2292 Daemons[dn].d_delayLA : DelayLA;
2293 if (limit > 0 && CurrentLA >= limit)
2296 static time_t log_delay = (time_t) 0;
2298 # define MIN_DELAY_LOG 90 /* wait before logging this again */
2299 # define D_MSG_LA "delaying connections on daemon %s: load average=%d >= %d"
2300 /* sleep to flatten out connection load */
2301 sm_setproctitle(true, e, D_MSG_LA, Daemons[dn].d_name,
2303 if (LogLevel > 8 && (now = curtime()) > log_delay)
2305 sm_syslog(LOG_INFO, NOQID, D_MSG_LA,
2306 Daemons[dn].d_name, CurrentLA, limit);
2307 log_delay = now + MIN_DELAY_LOG;
2312 limit = (Daemons[dn].d_maxchildren != DPO_NOTSET) ?
2313 Daemons[dn].d_maxchildren : MaxChildren;
2314 if (limit > 0 && CurChildren >= limit)
2317 if (CurChildren >= limit)
2319 #define R_MSG_CHILD "rejecting connections on daemon %s: %d children, max %d"
2320 sm_setproctitle(true, e, R_MSG_CHILD,
2321 Daemons[dn].d_name, CurChildren,
2324 sm_syslog(LOG_INFO, NOQID, R_MSG_CHILD,
2325 Daemons[dn].d_name, CurChildren,
2334 ** SETPROCTITLE -- set process title for ps
2337 ** fmt -- a printf style format string.
2338 ** a, b, c -- possible parameters to fmt.
2344 ** Clobbers argv of our main procedure so ps(1) will
2345 ** display the title.
2348 #define SPT_NONE 0 /* don't use it at all */
2349 #define SPT_REUSEARGV 1 /* cover argv with title information */
2350 #define SPT_BUILTIN 2 /* use libc builtin */
2351 #define SPT_PSTAT 3 /* use pstat(PSTAT_SETCMD, ...) */
2352 #define SPT_PSSTRINGS 4 /* use PS_STRINGS->... */
2353 #define SPT_SYSMIPS 5 /* use sysmips() supported by NEWS-OS 6 */
2354 #define SPT_SCO 6 /* write kernel u. area */
2355 #define SPT_CHANGEARGV 7 /* write our own strings into argv[] */
2358 # define SPT_TYPE SPT_REUSEARGV
2359 #endif /* ! SPT_TYPE */
2362 #if SPT_TYPE != SPT_NONE && SPT_TYPE != SPT_BUILTIN
2364 # if SPT_TYPE == SPT_PSTAT
2365 # include <sys/pstat.h>
2366 # endif /* SPT_TYPE == SPT_PSTAT */
2367 # if SPT_TYPE == SPT_PSSTRINGS
2368 # include <machine/vmparam.h>
2369 # include <sys/exec.h>
2370 # ifndef PS_STRINGS /* hmmmm.... apparently not available after all */
2372 # define SPT_TYPE SPT_REUSEARGV
2373 # else /* ! PS_STRINGS */
2374 # ifndef NKPDE /* FreeBSD 2.0 */
2376 typedef unsigned int *pt_entry_t;
2377 # endif /* ! NKPDE */
2378 # endif /* ! PS_STRINGS */
2379 # endif /* SPT_TYPE == SPT_PSSTRINGS */
2381 # if SPT_TYPE == SPT_PSSTRINGS || SPT_TYPE == SPT_CHANGEARGV
2382 # define SETPROC_STATIC static
2383 # else /* SPT_TYPE == SPT_PSSTRINGS || SPT_TYPE == SPT_CHANGEARGV */
2384 # define SETPROC_STATIC
2385 # endif /* SPT_TYPE == SPT_PSSTRINGS || SPT_TYPE == SPT_CHANGEARGV */
2387 # if SPT_TYPE == SPT_SYSMIPS
2388 # include <sys/sysmips.h>
2389 # include <sys/sysnews.h>
2390 # endif /* SPT_TYPE == SPT_SYSMIPS */
2392 # if SPT_TYPE == SPT_SCO
2393 # include <sys/immu.h>
2394 # include <sys/dir.h>
2395 # include <sys/user.h>
2396 # include <sys/fs/s5param.h>
2397 # if PSARGSZ > MAXLINE
2398 # define SPT_BUFSIZE PSARGSZ
2399 # endif /* PSARGSZ > MAXLINE */
2400 # endif /* SPT_TYPE == SPT_SCO */
2402 # ifndef SPT_PADCHAR
2403 # define SPT_PADCHAR ' '
2404 # endif /* ! SPT_PADCHAR */
2406 #endif /* SPT_TYPE != SPT_NONE && SPT_TYPE != SPT_BUILTIN */
2409 # define SPT_BUFSIZE MAXLINE
2410 #endif /* ! SPT_BUFSIZE */
2415 ** It looks like the Compaq Tru64 5.1A now aligns argv and envp to
2416 ** 64 bit alignment, so unless each piece of argv and envp is a multiple
2417 ** of 8 bytes (including terminating NULL), initsetproctitle() won't use
2418 ** any of the space beyond argv[0]. Be sure to set SPT_ALIGN_SIZE if
2419 ** you use this FFR.
2422 # ifdef SPT_ALIGN_SIZE
2423 # define SPT_ALIGN(x, align) (((((x) + SPT_ALIGN_SIZE) >> (align)) << (align)) - 1)
2424 # else /* SPT_ALIGN_SIZE */
2425 # define SPT_ALIGN(x, align) (x)
2426 # endif /* SPT_ALIGN_SIZE */
2427 #else /* _FFR_SPT_ALIGN */
2428 # define SPT_ALIGN(x, align) (x)
2429 #endif /* _FFR_SPT_ALIGN */
2432 ** Pointers for setproctitle.
2433 ** This allows "ps" listings to give more useful information.
2436 static char **Argv = NULL; /* pointer to argument vector */
2437 static char *LastArgv = NULL; /* end of argv */
2438 #if SPT_TYPE != SPT_BUILTIN
2439 static void setproctitle __P((const char *, ...));
2440 #endif /* SPT_TYPE != SPT_BUILTIN */
2443 initsetproctitle(argc, argv, envp)
2450 extern char **environ;
2453 ** Move the environment so setproctitle can use the space at
2454 ** the top of memory.
2459 for (i = 0; envp[i] != NULL; i++)
2461 environ = (char **) xalloc(sizeof(char *) * (i + 1));
2462 for (i = 0; envp[i] != NULL; i++)
2463 environ[i] = newstr(envp[i]);
2468 ** Save start and extent of argv for setproctitle.
2474 ** Determine how much space we can use for setproctitle.
2475 ** Use all contiguous argv and envp pointers starting at argv[0]
2480 # ifdef SPT_ALIGN_SIZE
2481 for (i = SPT_ALIGN_SIZE; i > 0; i >>= 1)
2483 # endif /* SPT_ALIGN_SIZE */
2484 # endif /* _FFR_SPT_ALIGN */
2486 for (i = 0; i < argc; i++)
2488 if (i == 0 || LastArgv + 1 == argv[i])
2489 LastArgv = argv[i] + SPT_ALIGN(strlen(argv[i]), align);
2491 for (i = 0; LastArgv != NULL && envp != NULL && envp[i] != NULL; i++)
2493 if (LastArgv + 1 == envp[i])
2494 LastArgv = envp[i] + SPT_ALIGN(strlen(envp[i]), align);
2498 #if SPT_TYPE != SPT_BUILTIN
2503 setproctitle(const char *fmt, ...)
2504 # else /* __STDC__ */
2505 setproctitle(fmt, va_alist)
2508 # endif /* __STDC__ */
2510 # if SPT_TYPE != SPT_NONE
2513 SETPROC_STATIC char buf[SPT_BUFSIZE];
2515 # if SPT_TYPE == SPT_PSTAT
2517 # endif /* SPT_TYPE == SPT_PSTAT */
2518 # if SPT_TYPE == SPT_SCO
2521 static int kmem = -1;
2522 static pid_t kmempid = -1;
2524 # endif /* SPT_TYPE == SPT_SCO */
2528 /* print sendmail: heading for grep */
2529 (void) sm_strlcpy(p, "sendmail: ", SPACELEFT(buf, p));
2532 /* print the argument string */
2533 SM_VA_START(ap, fmt);
2534 (void) sm_vsnprintf(p, SPACELEFT(buf, p), fmt, ap);
2537 i = (int) strlen(buf);
2541 # if SPT_TYPE == SPT_PSTAT
2542 pst.pst_command = buf;
2543 pstat(PSTAT_SETCMD, pst, i, 0, 0);
2544 # endif /* SPT_TYPE == SPT_PSTAT */
2545 # if SPT_TYPE == SPT_PSSTRINGS
2546 PS_STRINGS->ps_nargvstr = 1;
2547 PS_STRINGS->ps_argvstr = buf;
2548 # endif /* SPT_TYPE == SPT_PSSTRINGS */
2549 # if SPT_TYPE == SPT_SYSMIPS
2550 sysmips(SONY_SYSNEWS, NEWS_SETPSARGS, buf);
2551 # endif /* SPT_TYPE == SPT_SYSMIPS */
2552 # if SPT_TYPE == SPT_SCO
2553 if (kmem < 0 || kmempid != CurrentPid)
2557 kmem = open(_PATH_KMEM, O_RDWR, 0);
2560 if ((j = fcntl(kmem, F_GETFD, 0)) < 0 ||
2561 fcntl(kmem, F_SETFD, j | FD_CLOEXEC) < 0)
2567 kmempid = CurrentPid;
2569 buf[PSARGSZ - 1] = '\0';
2570 seek_off = UVUBLK + (off_t) u.u_psargs - (off_t) &u;
2571 if (lseek(kmem, (off_t) seek_off, SEEK_SET) == seek_off)
2572 (void) write(kmem, buf, PSARGSZ);
2573 # endif /* SPT_TYPE == SPT_SCO */
2574 # if SPT_TYPE == SPT_REUSEARGV
2575 if (LastArgv == NULL)
2578 if (i > LastArgv - Argv[0] - 2)
2580 i = LastArgv - Argv[0] - 2;
2583 (void) sm_strlcpy(Argv[0], buf, i + 1);
2585 while (p < LastArgv)
2588 # endif /* SPT_TYPE == SPT_REUSEARGV */
2589 # if SPT_TYPE == SPT_CHANGEARGV
2592 # endif /* SPT_TYPE == SPT_CHANGEARGV */
2593 # endif /* SPT_TYPE != SPT_NONE */
2596 #endif /* SPT_TYPE != SPT_BUILTIN */
2598 ** SM_SETPROCTITLE -- set process task and set process title for ps
2600 ** Possibly set process status and call setproctitle() to
2601 ** change the ps display.
2604 ** status -- whether or not to store as process status
2605 ** e -- the current envelope.
2606 ** fmt -- a printf style format string.
2607 ** a, b, c -- possible parameters to fmt.
2616 sm_setproctitle(bool status, ENVELOPE *e, const char *fmt, ...)
2617 #else /* __STDC__ */
2618 sm_setproctitle(status, e, fmt, va_alist)
2623 #endif /* __STDC__ */
2625 char buf[SPT_BUFSIZE];
2628 /* print the argument string */
2629 SM_VA_START(ap, fmt);
2630 (void) sm_vsnprintf(buf, sizeof(buf), fmt, ap);
2634 proc_list_set(CurrentPid, buf);
2636 if (ProcTitlePrefix != NULL)
2638 char prefix[SPT_BUFSIZE];
2640 expand(ProcTitlePrefix, prefix, sizeof(prefix), e);
2641 setproctitle("%s: %s", prefix, buf);
2644 setproctitle("%s", buf);
2647 ** WAITFOR -- wait for a particular process id.
2650 ** pid -- process id to wait for.
2654 ** -1 if pid never shows up.
2672 proc_list_drop(i, st, NULL);
2673 } while ((i >= 0 || errno == EINTR) && i != pid);
2682 ** status -- pointer to status (return value)
2694 # else /* WAITUNION */
2696 # endif /* WAITUNION */
2698 # if defined(ISC_UNIX) || defined(_SCO_unix_)
2700 # endif /* defined(ISC_UNIX) || defined(_SCO_unix_) */
2702 # if defined(ISC_UNIX) || defined(_SCO_unix_)
2703 savesig = sm_releasesignal(SIGCHLD);
2704 # endif /* defined(ISC_UNIX) || defined(_SCO_unix_) */
2706 # if defined(ISC_UNIX) || defined(_SCO_unix_)
2708 sm_blocksignal(SIGCHLD);
2709 # endif /* defined(ISC_UNIX) || defined(_SCO_unix_) */
2711 *status = st.w_status;
2712 # else /* WAITUNION */
2714 # endif /* WAITUNION */
2718 ** REAPCHILD -- pick up the body of my child, lest it become a zombie
2721 ** sig -- the signal that got us here (unused).
2727 ** Picks up extant zombies.
2728 ** Control socket exits may restart/shutdown daemon.
2730 ** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
2731 ** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
2740 int save_errno = errno;
2748 while ((pid = waitpid(-1, &status, WNOHANG)) > 0)
2753 # else /* HASWAITPID */
2757 while ((pid = wait3(&status, WNOHANG, (struct rusage *) NULL)) > 0)
2759 st = status.w_status;
2760 # else /* WNOHANG */
2764 ** Catch one zombie -- we will be re-invoked (we hope) if there
2765 ** are more. Unreliable signals probably break this, but this
2766 ** is the "old system" situation -- waitpid or wait3 are to be
2767 ** strongly preferred.
2770 if ((pid = wait(&status)) > 0)
2773 # endif /* WNOHANG */
2774 # endif /* HASWAITPID */
2775 /* Drop PID and check if it was a control socket child */
2776 proc_list_drop(pid, st, NULL);
2778 FIX_SYSV_SIGNAL(sig, reapchild);
2780 return SIGFUNC_RETURN;
2783 ** GETDTABLESIZE -- return number of file descriptors
2785 ** Only on non-BSD systems
2791 ** size of file descriptor table
2798 # include <sys/resource.h>
2799 #endif /* SOLARIS */
2804 # ifdef RLIMIT_NOFILE
2807 if (getrlimit(RLIMIT_NOFILE, &rl) >= 0)
2809 # endif /* RLIMIT_NOFILE */
2811 # if HASGETDTABLESIZE
2812 return getdtablesize();
2813 # else /* HASGETDTABLESIZE */
2814 # ifdef _SC_OPEN_MAX
2815 return sysconf(_SC_OPEN_MAX);
2816 # else /* _SC_OPEN_MAX */
2818 # endif /* _SC_OPEN_MAX */
2819 # endif /* HASGETDTABLESIZE */
2822 ** UNAME -- get the UUCP name of this system.
2829 struct utsname *name;
2834 name->nodename[0] = '\0';
2836 /* try /etc/whoami -- one line with the node name */
2837 if ((file = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, "/etc/whoami",
2838 SM_IO_RDONLY, NULL)) != NULL)
2840 (void) sm_io_fgets(file, SM_TIME_DEFAULT, name->nodename,
2842 (void) sm_io_close(file, SM_TIME_DEFAULT);
2843 n = strchr(name->nodename, '\n');
2846 if (name->nodename[0] != '\0')
2850 /* try /usr/include/whoami.h -- has a #define somewhere */
2851 if ((file = sm_io_open(SmFtStdio, SM_TIME_DEFAULT,
2852 "/usr/include/whoami.h", SM_IO_RDONLY, NULL))
2857 while (sm_io_fgets(file, SM_TIME_DEFAULT,
2858 buf, sizeof(buf)) >= 0)
2860 if (sm_io_sscanf(buf, "#define sysname \"%*[^\"]\"",
2861 NODE_LENGTH, name->nodename) > 0)
2864 (void) sm_io_close(file, SM_TIME_DEFAULT);
2865 if (name->nodename[0] != '\0')
2871 #endif /* !HASUNAME */
2873 ** INITGROUPS -- initialize groups
2875 ** Stub implementation for System V style systems
2880 initgroups(name, basegid)
2887 #endif /* !HASINITGROUPS */
2889 ** SETGROUPS -- set group list
2891 ** Stub implementation for systems that don't have group lists
2897 setgroups(ngroups, grouplist)
2899 GIDSET_T grouplist[];
2904 #endif /* ! NGROUPS_MAX */
2906 ** SETSID -- set session id (for non-POSIX systems)
2917 fd = open("/dev/tty", O_RDWR, 0);
2920 (void) ioctl(fd, TIOCNOTTY, (char *) 0);
2923 # endif /* TIOCNOTTY */
2926 # else /* SYS5SETPGRP */
2927 return setpgid(0, CurrentPid);
2928 # endif /* SYS5SETPGRP */
2931 #endif /* !HASSETSID */
2933 ** FSYNC -- dummy fsync
2942 return fcntl(fd, F_SETFL, O_SYNC);
2944 /* nothing we can do */
2946 # endif /* O_SYNC */
2949 #endif /* NEEDFSYNC */
2951 ** DGUX_INET_ADDR -- inet_addr for DG/UX
2953 ** Data General DG/UX version of inet_addr returns a struct in_addr
2954 ** instead of a long. This patches things. Only needed on versions
2963 dgux_inet_addr(host)
2966 struct in_addr haddr;
2968 haddr = inet_addr(host);
2969 return haddr.s_addr;
2972 #endif /* DGUX_5_4_2 */
2974 ** GETOPT -- for old systems or systems with bogus implementations
2980 * Copyright (c) 1985 Regents of the University of California.
2981 * All rights reserved. The Berkeley software License Agreement
2982 * specifies the terms and conditions for redistribution.
2987 ** this version hacked to add `atend' flag to allow state machine
2988 ** to reset if invoked by the program to scan args for a 2nd time
2991 # if defined(LIBC_SCCS) && !defined(lint)
2992 static char sccsid[] = "@(#)getopt.c 4.3 (Berkeley) 3/9/86";
2993 # endif /* defined(LIBC_SCCS) && !defined(lint) */
2996 ** get option letter from argument vector
2998 # ifdef _CONVEX_SOURCE
2999 extern int optind, opterr, optopt;
3000 extern char *optarg;
3001 # else /* _CONVEX_SOURCE */
3002 int opterr = 1; /* if error message should be printed */
3003 int optind = 1; /* index into parent argv vector */
3004 int optopt = 0; /* character checked for validity */
3005 char *optarg = NULL; /* argument associated with option */
3006 # endif /* _CONVEX_SOURCE */
3008 # define BADCH (int)'?'
3010 # define tell(s) if (opterr) \
3011 {sm_io_fputs(smioerr, SM_TIME_DEFAULT, *nargv); \
3012 (void) sm_io_fputs(smioerr, SM_TIME_DEFAULT, s); \
3013 (void) sm_io_putc(smioerr, SM_TIME_DEFAULT, optopt); \
3014 (void) sm_io_putc(smioerr, SM_TIME_DEFAULT, '\n'); \
3018 getopt(nargc,nargv,ostr)
3023 static char *place = EMSG; /* option letter processing */
3024 static char atend = 0;
3025 register char *oli = NULL; /* option letter list index */
3031 if(!*place) { /* update scanning pointer */
3032 if (optind >= nargc || *(place = nargv[optind]) != '-' || !*++place) {
3036 if (*place == '-') { /* found "--" */
3041 } /* option letter okay? */
3042 if ((optopt = (int)*place++) == (int)':' || !(oli = strchr(ostr,optopt))) {
3043 if (!*place) ++optind;
3044 tell(": illegal option -- ");
3046 if (oli && *++oli != ':') { /* don't need argument */
3048 if (!*place) ++optind;
3050 else { /* need an argument */
3051 if (*place) optarg = place; /* no white space */
3052 else if (nargc <= ++optind) { /* no arg */
3054 tell(": option requires an argument -- ");
3056 else optarg = nargv[optind]; /* white space */
3060 return optopt; /* dump back option letter */
3063 #endif /* !SM_CONF_GETOPT */
3065 ** USERSHELLOK -- tell if a user's shell is ok for unrestricted use
3068 ** user -- the name of the user we are checking.
3069 ** shell -- the user's shell from /etc/passwd
3072 ** true -- if it is ok to use this for unrestricted access.
3073 ** false -- if the shell is restricted.
3076 #if !HASGETUSERSHELL
3078 # ifndef _PATH_SHELLS
3079 # define _PATH_SHELLS "/etc/shells"
3080 # endif /* ! _PATH_SHELLS */
3082 # if defined(_AIX3) || defined(_AIX4)
3083 # include <userconf.h>
3085 # include <userpw.h>
3086 # endif /* _AIX4 >= 40200 */
3087 # include <usersec.h>
3088 # endif /* defined(_AIX3) || defined(_AIX4) */
3090 static char *DefaultUserShells[] =
3092 "/bin/sh", /* standard shell */
3097 "/bin/csh", /* C shell */
3102 "/usr/bin/rsh", /* restricted Bourne shell */
3103 "/usr/bin/ksh", /* Korn shell */
3104 "/usr/bin/rksh", /* restricted Korn shell */
3106 "/usr/bin/keysh", /* key shell (extended Korn shell) */
3107 "/usr/bin/posix/sh",
3109 "/bin/rsh", /* restricted Bourne shell */
3110 "/bin/ksh", /* Korn shell */
3111 "/bin/rksh", /* restricted Korn shell */
3113 "/usr/bin/keysh", /* key shell (extended Korn shell) */
3117 # endif /* __hpux */
3118 # if defined(_AIX3) || defined(_AIX4)
3119 "/bin/ksh", /* Korn shell */
3121 "/bin/tsh", /* trusted shell */
3123 "/bin/bsh", /* Bourne shell */
3125 # endif /* defined(_AIX3) || defined(_AIX4) */
3126 # if defined(__svr4__) || defined(__svr5__)
3127 "/bin/ksh", /* Korn shell */
3129 # endif /* defined(__svr4__) || defined(__svr5__) */
3131 "/sbin/sh", /* SGI's shells really live in /sbin */
3133 "/sbin/bsh", /* classic Bourne shell */
3136 "/sbin/csh", /* standard csh */
3139 "/sbin/jsh", /* classic Bourne shell w/ job control*/
3142 "/bin/ksh", /* Korn shell */
3145 "/sbin/tcsh", /* Extended csh */
3152 #endif /* !HASGETUSERSHELL */
3154 #define WILDCARD_SHELL "/SENDMAIL/ANY/SHELL/"
3157 usershellok(user, shell)
3161 # if HASGETUSERSHELL
3163 extern char *getusershell();
3165 if (shell == NULL || shell[0] == '\0' || wordinclass(user, 't') ||
3170 while ((p = getusershell()) != NULL)
3171 if (strcmp(p, shell) == 0 || strcmp(p, WILDCARD_SHELL) == 0)
3175 # else /* HASGETUSERSHELL */
3178 # endif /* USEGETCONFATTR */
3179 register SM_FILE_T *shellf;
3182 if (shell == NULL || shell[0] == '\0' || wordinclass(user, 't') ||
3188 ** Naturally IBM has a "better" idea.....
3190 ** What a crock. This interface isn't documented, it is
3191 ** considered part of the security library (-ls), and it
3192 ** only works if you are running as root (since the list
3193 ** of valid shells is obviously a source of great concern).
3194 ** I recommend that you do NOT define USEGETCONFATTR,
3195 ** especially since you are going to have to set up an
3196 ** /etc/shells anyhow to handle the cases where getconfattr
3200 if (getconfattr(SC_SYS_LOGIN, SC_SHELLS, &v, SEC_LIST) == 0 && v != NULL)
3204 if (strcmp(v, shell) == 0 || strcmp(v, WILDCARD_SHELL) == 0)
3210 # endif /* USEGETCONFATTR */
3212 shellf = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, _PATH_SHELLS,
3213 SM_IO_RDONLY, NULL);
3216 /* no /etc/shells; see if it is one of the std shells */
3219 if (errno != ENOENT && LogLevel > 3)
3220 sm_syslog(LOG_ERR, NOQID,
3221 "usershellok: cannot open %s: %s",
3222 _PATH_SHELLS, sm_errstring(errno));
3224 for (d = DefaultUserShells; *d != NULL; d++)
3226 if (strcmp(shell, *d) == 0)
3232 while (sm_io_fgets(shellf, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0)
3234 register char *p, *q;
3237 while (*p != '\0' && *p != '#' && *p != '/')
3239 if (*p == '#' || *p == '\0')
3242 while (*p != '\0' && *p != '#' && !(isascii(*p) && isspace(*p)))
3245 if (strcmp(shell, q) == 0 || strcmp(WILDCARD_SHELL, q) == 0)
3247 (void) sm_io_close(shellf, SM_TIME_DEFAULT);
3251 (void) sm_io_close(shellf, SM_TIME_DEFAULT);
3253 # endif /* HASGETUSERSHELL */
3256 ** FREEDISKSPACE -- see how much free space is on the queue filesystem
3258 ** Only implemented if you have statfs.
3261 ** dir -- the directory in question.
3262 ** bsize -- a variable into which the filesystem
3263 ** block size is stored.
3266 ** The number of blocks free on the queue filesystem.
3267 ** -1 if the statfs call fails.
3270 ** Puts the filesystem block size into bsize.
3274 # define SFS_NONE 0 /* no statfs implementation */
3275 # define SFS_USTAT 1 /* use ustat */
3276 # define SFS_4ARGS 2 /* use four-argument statfs call */
3277 # define SFS_VFS 3 /* use <sys/vfs.h> implementation */
3278 # define SFS_MOUNT 4 /* use <sys/mount.h> implementation */
3279 # define SFS_STATFS 5 /* use <sys/statfs.h> implementation */
3280 # define SFS_STATVFS 6 /* use <sys/statvfs.h> implementation */
3283 # define SFS_TYPE SFS_NONE
3284 # endif /* ! SFS_TYPE */
3286 # if SFS_TYPE == SFS_USTAT
3288 # endif /* SFS_TYPE == SFS_USTAT */
3289 # if SFS_TYPE == SFS_4ARGS || SFS_TYPE == SFS_STATFS
3290 # include <sys/statfs.h>
3291 # endif /* SFS_TYPE == SFS_4ARGS || SFS_TYPE == SFS_STATFS */
3292 # if SFS_TYPE == SFS_VFS
3293 # include <sys/vfs.h>
3294 # endif /* SFS_TYPE == SFS_VFS */
3295 # if SFS_TYPE == SFS_MOUNT
3296 # include <sys/mount.h>
3297 # endif /* SFS_TYPE == SFS_MOUNT */
3298 # if SFS_TYPE == SFS_STATVFS
3299 # include <sys/statvfs.h>
3300 # endif /* SFS_TYPE == SFS_STATVFS */
3303 freediskspace(dir, bsize)
3307 # if SFS_TYPE == SFS_NONE
3311 /* assume free space is plentiful */
3312 return (long) LONG_MAX;
3313 # else /* SFS_TYPE == SFS_NONE */
3314 # if SFS_TYPE == SFS_USTAT
3316 struct stat statbuf;
3317 # define FSBLOCKSIZE DEV_BSIZE
3318 # define SFS_BAVAIL f_tfree
3319 # else /* SFS_TYPE == SFS_USTAT */
3320 # if defined(ultrix)
3322 # define SFS_BAVAIL fd_bfreen
3323 # define FSBLOCKSIZE 1024L
3324 # else /* defined(ultrix) */
3325 # if SFS_TYPE == SFS_STATVFS
3327 # define FSBLOCKSIZE fs.f_frsize
3328 # else /* SFS_TYPE == SFS_STATVFS */
3330 # define FSBLOCKSIZE fs.f_bsize
3331 # endif /* SFS_TYPE == SFS_STATVFS */
3332 # endif /* defined(ultrix) */
3333 # endif /* SFS_TYPE == SFS_USTAT */
3335 # define SFS_BAVAIL f_bavail
3336 # endif /* ! SFS_BAVAIL */
3338 # if SFS_TYPE == SFS_USTAT
3339 if (stat(dir, &statbuf) == 0 && ustat(statbuf.st_dev, &fs) == 0)
3340 # else /* SFS_TYPE == SFS_USTAT */
3341 # if SFS_TYPE == SFS_4ARGS
3342 if (statfs(dir, &fs, sizeof(fs), 0) == 0)
3343 # else /* SFS_TYPE == SFS_4ARGS */
3344 # if SFS_TYPE == SFS_STATVFS
3345 if (statvfs(dir, &fs) == 0)
3346 # else /* SFS_TYPE == SFS_STATVFS */
3347 # if defined(ultrix)
3348 if (statfs(dir, &fs) > 0)
3349 # else /* defined(ultrix) */
3350 if (statfs(dir, &fs) == 0)
3351 # endif /* defined(ultrix) */
3352 # endif /* SFS_TYPE == SFS_STATVFS */
3353 # endif /* SFS_TYPE == SFS_4ARGS */
3354 # endif /* SFS_TYPE == SFS_USTAT */
3357 *bsize = FSBLOCKSIZE;
3358 if (fs.SFS_BAVAIL <= 0)
3360 else if (fs.SFS_BAVAIL > LONG_MAX)
3361 return (long) LONG_MAX;
3363 return (long) fs.SFS_BAVAIL;
3366 # endif /* SFS_TYPE == SFS_NONE */
3369 ** ENOUGHDISKSPACE -- is there enough free space on the queue file systems?
3372 ** msize -- the size to check against. If zero, we don't yet
3373 ** know how big the message will be, so just check for
3374 ** a "reasonable" amount.
3375 ** e -- envelope, or NULL -- controls logging
3378 ** true if in every queue group there is at least one
3379 ** queue directory whose file system contains enough free space.
3383 ** If there is not enough disk space and e != NULL
3384 ** then sm_syslog is called.
3388 enoughdiskspace(msize, e)
3397 #endif /* _FFR_TESTS */
3398 if (MinBlocksFree <= 0 && msize <= 0)
3401 sm_dprintf("enoughdiskspace: no threshold\n");
3406 for (i = 0; i < NumQueue; ++i)
3408 if (pickqdir(Queue[i], msize, e) < 0)
3414 ** TRANSIENTERROR -- tell if an error code indicates a transient failure
3416 ** This looks at an errno value and tells if this is likely to
3417 ** go away if retried later.
3420 ** err -- the errno code to classify.
3423 ** true if this is probably transient.
3433 case EIO: /* I/O error */
3434 case ENXIO: /* Device not configured */
3435 case EAGAIN: /* Resource temporarily unavailable */
3436 case ENOMEM: /* Cannot allocate memory */
3437 case ENODEV: /* Operation not supported by device */
3438 case ENFILE: /* Too many open files in system */
3439 case EMFILE: /* Too many open files */
3440 case ENOSPC: /* No space left on device */
3441 case ETIMEDOUT: /* Connection timed out */
3443 case ESTALE: /* Stale NFS file handle */
3446 case ENETDOWN: /* Network is down */
3447 #endif /* ENETDOWN */
3449 case ENETUNREACH: /* Network is unreachable */
3450 #endif /* ENETUNREACH */
3452 case ENETRESET: /* Network dropped connection on reset */
3453 #endif /* ENETRESET */
3455 case ECONNABORTED: /* Software caused connection abort */
3456 #endif /* ECONNABORTED */
3458 case ECONNRESET: /* Connection reset by peer */
3459 #endif /* ECONNRESET */
3461 case ENOBUFS: /* No buffer space available */
3462 #endif /* ENOBUFS */
3464 case ESHUTDOWN: /* Can't send after socket shutdown */
3465 #endif /* ESHUTDOWN */
3467 case ECONNREFUSED: /* Connection refused */
3468 #endif /* ECONNREFUSED */
3470 case EHOSTDOWN: /* Host is down */
3471 #endif /* EHOSTDOWN */
3473 case EHOSTUNREACH: /* No route to host */
3474 #endif /* EHOSTUNREACH */
3476 case EDQUOT: /* Disc quota exceeded */
3479 case EPROCLIM: /* Too many processes */
3480 #endif /* EPROCLIM */
3482 case EUSERS: /* Too many users */
3485 case EDEADLK: /* Resource deadlock avoided */
3486 #endif /* EDEADLK */
3488 case EISCONN: /* Socket already connected */
3489 #endif /* EISCONN */
3491 case EINPROGRESS: /* Operation now in progress */
3492 #endif /* EINPROGRESS */
3494 case EALREADY: /* Operation already in progress */
3495 #endif /* EALREADY */
3497 case EADDRINUSE: /* Address already in use */
3498 #endif /* EADDRINUSE */
3499 #ifdef EADDRNOTAVAIL
3500 case EADDRNOTAVAIL: /* Can't assign requested address */
3501 #endif /* EADDRNOTAVAIL */
3503 case ETXTBSY: /* (Apollo) file locked */
3504 #endif /* ETXTBSY */
3505 #if defined(ENOSR) && (!defined(ENOBUFS) || (ENOBUFS != ENOSR))
3506 case ENOSR: /* Out of streams resources */
3507 #endif /* defined(ENOSR) && (!defined(ENOBUFS) || (ENOBUFS != ENOSR)) */
3509 case ENOLCK: /* No locks available */
3511 case E_SM_OPENTIMEOUT: /* PSEUDO: open timed out */
3515 /* nope, must be permanent */
3519 ** LOCKFILE -- lock a file using flock or (shudder) fcntl locking
3522 ** fd -- the file descriptor of the file.
3523 ** filename -- the file name (for error messages).
3524 ** ext -- the filename extension.
3525 ** type -- type of the lock. Bits can be:
3526 ** LOCK_EX -- exclusive lock.
3527 ** LOCK_NB -- non-blocking.
3528 ** LOCK_UN -- unlock.
3531 ** true if the lock was acquired.
3536 lockfile(fd, filename, ext, type)
3551 memset(&lfd, '\0', sizeof(lfd));
3552 if (bitset(LOCK_UN, type))
3553 lfd.l_type = F_UNLCK;
3554 else if (bitset(LOCK_EX, type))
3555 lfd.l_type = F_WRLCK;
3557 lfd.l_type = F_RDLCK;
3559 if (bitset(LOCK_NB, type))
3565 sm_dprintf("lockfile(%s%s, action=%d, type=%d): ",
3566 filename, ext, action, lfd.l_type);
3568 while ((i = fcntl(fd, action, &lfd)) < 0 && errno == EINTR)
3573 sm_dprintf("SUCCESS\n");
3579 sm_dprintf("(%s) ", sm_errstring(save_errno));
3582 ** On SunOS, if you are testing using -oQ/tmp/mqueue or
3583 ** -oA/tmp/aliases or anything like that, and /tmp is mounted
3584 ** as type "tmp" (that is, served from swap space), the
3585 ** previous fcntl will fail with "Invalid argument" errors.
3586 ** Since this is fairly common during testing, we will assume
3587 ** that this indicates that the lock is successfully grabbed.
3590 if (save_errno == EINVAL)
3593 sm_dprintf("SUCCESS\n");
3597 if (!bitset(LOCK_NB, type) ||
3598 (save_errno != EACCES && save_errno != EAGAIN))
3600 int omode = fcntl(fd, F_GETFL, 0);
3601 uid_t euid = geteuid();
3604 syserr("cannot lockf(%s%s, fd=%d, type=%o, omode=%o, euid=%d)",
3605 filename, ext, fd, type, omode, euid);
3606 dumpfd(fd, true, true);
3608 # else /* !HASFLOCK */
3613 sm_dprintf("lockfile(%s%s, type=%o): ", filename, ext, type);
3615 while ((i = flock(fd, type)) < 0 && errno == EINTR)
3620 sm_dprintf("SUCCESS\n");
3626 sm_dprintf("(%s) ", sm_errstring(save_errno));
3628 if (!bitset(LOCK_NB, type) || save_errno != EWOULDBLOCK)
3630 int omode = fcntl(fd, F_GETFL, 0);
3631 uid_t euid = geteuid();
3634 syserr("cannot flock(%s%s, fd=%d, type=%o, omode=%o, euid=%d)",
3635 filename, ext, fd, type, omode, euid);
3636 dumpfd(fd, true, true);
3638 # endif /* !HASFLOCK */
3640 sm_dprintf("FAIL\n");
3645 ** CHOWNSAFE -- tell if chown is "safe" (executable only by root)
3647 ** Unfortunately, given that we can't predict other systems on which
3648 ** a remote mounted (NFS) filesystem will be mounted, the answer is
3649 ** almost always that this is unsafe.
3651 ** Note also that many operating systems have non-compliant
3652 ** implementations of the _POSIX_CHOWN_RESTRICTED variable and the
3653 ** fpathconf() routine. According to IEEE 1003.1-1990, if
3654 ** _POSIX_CHOWN_RESTRICTED is defined and not equal to -1, then
3655 ** no non-root process can give away the file. However, vendors
3656 ** don't take NFS into account, so a comfortable value of
3657 ** _POSIX_CHOWN_RESTRICTED tells us nothing.
3659 ** Also, some systems (e.g., IRIX 6.2) return 1 from fpathconf()
3660 ** even on files where chown is not restricted. Many systems get
3661 ** this wrong on NFS-based filesystems (that is, they say that chown
3662 ** is restricted [safe] on NFS filesystems where it may not be, since
3663 ** other systems can access the same filesystem and do file giveaway;
3664 ** only the NFS server knows for sure!) Hence, it is important to
3665 ** get the value of SAFENFSPATHCONF correct -- it should be defined
3666 ** _only_ after testing (see test/t_pathconf.c) a system on an unsafe
3667 ** NFS-based filesystem to ensure that you can get meaningful results.
3668 ** If in doubt, assume unsafe!
3670 ** You may also need to tweak IS_SAFE_CHOWN -- it should be a
3671 ** condition indicating whether the return from pathconf indicates
3672 ** that chown is safe (typically either > 0 or >= 0 -- there isn't
3673 ** even any agreement about whether a zero return means that a file
3674 ** is or is not safe). It defaults to "> 0".
3676 ** If the parent directory is safe (writable only by owner back
3677 ** to the root) then we can relax slightly and trust fpathconf
3678 ** in more circumstances. This is really a crock -- if this is an
3679 ** NFS mounted filesystem then we really know nothing about the
3680 ** underlying implementation. However, most systems pessimize and
3681 ** return an error (EINVAL or EOPNOTSUPP) on NFS filesystems, which
3682 ** we interpret as unsafe, as we should. Thus, this heuristic gets
3683 ** us into a possible problem only on systems that have a broken
3684 ** pathconf implementation and which are also poorly configured
3685 ** (have :include: files in group- or world-writable directories).
3688 ** fd -- the file descriptor to check.
3689 ** safedir -- set if the parent directory is safe.
3692 ** true -- if the chown(2) operation is "safe" -- that is,
3693 ** only root can chown the file to an arbitrary user.
3694 ** false -- if an arbitrary user can give away a file.
3697 #ifndef IS_SAFE_CHOWN
3698 # define IS_SAFE_CHOWN > 0
3699 #endif /* ! IS_SAFE_CHOWN */
3702 chownsafe(fd, safedir)
3706 # if (!defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1) && \
3707 (defined(_PC_CHOWN_RESTRICTED) || defined(_GNU_TYPES_H))
3710 /* give the system administrator a chance to override */
3711 if (bitnset(DBS_ASSUMESAFECHOWN, DontBlameSendmail))
3715 ** Some systems (e.g., SunOS) seem to have the call and the
3716 ** #define _PC_CHOWN_RESTRICTED, but don't actually implement
3717 ** the call. This heuristic checks for that.
3721 rval = fpathconf(fd, _PC_CHOWN_RESTRICTED);
3722 # if SAFENFSPATHCONF
3723 return errno == 0 && rval IS_SAFE_CHOWN;
3724 # else /* SAFENFSPATHCONF */
3725 return safedir && errno == 0 && rval IS_SAFE_CHOWN;
3726 # endif /* SAFENFSPATHCONF */
3727 # else /* (!defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1) && ... */
3728 return bitnset(DBS_ASSUMESAFECHOWN, DontBlameSendmail);
3729 # endif /* (!defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1) && ... */
3732 ** RESETLIMITS -- reset system controlled resource limits
3734 ** This is to avoid denial-of-service attacks
3744 # ifdef RLIMIT_NEEDS_SYS_TIME_H
3745 # include <sm/time.h>
3746 # endif /* RLIMIT_NEEDS_SYS_TIME_H */
3747 # include <sys/resource.h>
3748 #endif /* HASSETRLIMIT */
3756 lim.rlim_cur = lim.rlim_max = RLIM_INFINITY;
3757 (void) setrlimit(RLIMIT_CPU, &lim);
3758 (void) setrlimit(RLIMIT_FSIZE, &lim);
3759 # ifdef RLIMIT_NOFILE
3760 lim.rlim_cur = lim.rlim_max = FD_SETSIZE;
3761 (void) setrlimit(RLIMIT_NOFILE, &lim);
3762 # endif /* RLIMIT_NOFILE */
3763 #else /* HASSETRLIMIT */
3765 (void) ulimit(2, 0x3fffff);
3766 (void) ulimit(4, FD_SETSIZE);
3767 # endif /* HASULIMIT */
3768 #endif /* HASSETRLIMIT */
3772 ** SETVENDOR -- process vendor code from V configuration line
3775 ** vendor -- string representation of vendor.
3779 ** false -- if vendor code could not be processed.
3782 ** It is reasonable to set mode flags here to tweak
3783 ** processing in other parts of the code if necessary.
3784 ** For example, if you are a vendor that uses $%y to
3785 ** indicate YP lookups, you could enable that here.
3792 if (sm_strcasecmp(vendor, "Berkeley") == 0)
3794 VendorCode = VENDOR_BERKELEY;
3798 /* add vendor extensions here */
3800 #ifdef SUN_EXTENSIONS
3801 if (sm_strcasecmp(vendor, "Sun") == 0)
3803 VendorCode = VENDOR_SUN;
3806 #endif /* SUN_EXTENSIONS */
3808 if (sm_strcasecmp(vendor, "Digital") == 0)
3810 VendorCode = VENDOR_DEC;
3815 #if defined(VENDOR_NAME) && defined(VENDOR_CODE)
3816 if (sm_strcasecmp(vendor, VENDOR_NAME) == 0)
3818 VendorCode = VENDOR_CODE;
3821 #endif /* defined(VENDOR_NAME) && defined(VENDOR_CODE) */
3826 ** GETVENDOR -- return vendor name based on vendor code
3829 ** vendorcode -- numeric representation of vendor.
3832 ** string containing vendor name.
3836 getvendor(vendorcode)
3839 #if defined(VENDOR_NAME) && defined(VENDOR_CODE)
3841 ** Can't have the same switch case twice so need to
3842 ** handle VENDOR_CODE outside of switch. It might
3843 ** match one of the existing VENDOR_* codes.
3846 if (vendorcode == VENDOR_CODE)
3848 #endif /* defined(VENDOR_NAME) && defined(VENDOR_CODE) */
3852 case VENDOR_BERKELEY:
3864 case VENDOR_SENDMAIL:
3872 ** VENDOR_PRE_DEFAULTS, VENDOR_POST_DEFAULTS -- set vendor-specific defaults
3874 ** Vendor_pre_defaults is called before reading the configuration
3875 ** file; vendor_post_defaults is called immediately after.
3878 ** e -- the global environment to initialize.
3885 int DefShareUid; /* default share uid to run as -- unused??? */
3886 #endif /* SHARE_V1 */
3889 vendor_pre_defaults(e)
3893 /* OTHERUID is defined in shares.h, do not be alarmed */
3894 DefShareUid = OTHERUID;
3895 #endif /* SHARE_V1 */
3896 #if defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES)
3897 sun_pre_defaults(e);
3898 #endif /* defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES) */
3901 ** stupid domain/os can't even open
3902 ** /etc/mail/sendmail.cf without this
3905 sm_setuserenv("ISP", NULL);
3906 sm_setuserenv("SYSTYPE", NULL);
3912 vendor_post_defaults(e)
3916 /* Makes sure the SOCK environment variable remains */
3917 sm_setuserenv("SOCK", NULL);
3918 #endif /* __QNX__ */
3919 #if defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES)
3920 sun_post_defaults(e);
3921 #endif /* defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES) */
3924 ** VENDOR_DAEMON_SETUP -- special vendor setup needed for daemon mode
3928 vendor_daemon_setup(e)
3932 (void) setlogin(RunAsUserName);
3933 #endif /* HASSETLOGIN */
3935 if (getluid() != -1)
3937 usrerr("Daemon cannot have LUID");
3938 finis(false, true, EX_USAGE);
3940 #endif /* SECUREWARE */
3943 ** VENDOR_SET_UID -- do setup for setting a user id
3945 ** This is called when we are still root.
3948 ** uid -- the uid we are about to become.
3959 ** We need to setup the share groups (lnodes)
3960 ** and add auditing information (luid's)
3961 ** before we loose our ``root''ness.
3964 if (setupshares(uid, syserr) != 0)
3965 syserr("Unable to set up shares");
3966 #endif /* SHARE_V1 */
3968 (void) setup_secure(uid);
3969 #endif /* SECUREWARE */
3972 ** VALIDATE_CONNECTION -- check connection for rationality
3974 ** If the connection is rejected, this routine should log an
3975 ** appropriate message -- but should never issue any SMTP protocol.
3978 ** sap -- a pointer to a SOCKADDR naming the peer.
3979 ** hostname -- the name corresponding to sap.
3980 ** e -- the current envelope.
3983 ** error message from rejection.
3984 ** NULL if not rejected.
3990 /* tcpwrappers does no logging, but you still have to declare these -- ugh */
3991 int allow_severity = LOG_INFO;
3992 int deny_severity = LOG_NOTICE;
3993 #endif /* TCPWRAPPERS */
3996 validate_connection(sap, hostname, e)
4004 extern int hosts_ctl();
4005 #endif /* TCPWRAPPERS */
4008 sm_dprintf("validate_connection(%s, %s)\n",
4009 hostname, anynet_ntoa(sap));
4011 connection_rate_check(sap, e);
4012 if (rscheck("check_relay", hostname, anynet_ntoa(sap),
4013 e, RSF_RMCOMM|RSF_COUNT, 3, NULL, NOQID, NULL) != EX_OK)
4015 static char reject[BUFSIZ*2];
4016 extern char MsgBuf[];
4019 sm_dprintf(" ... validate_connection: BAD (rscheck)\n");
4021 if (strlen(MsgBuf) >= 3)
4022 (void) sm_strlcpy(reject, MsgBuf, sizeof(reject));
4024 (void) sm_strlcpy(reject, "Access denied", sizeof(reject));
4030 if (hostname[0] == '[' && hostname[strlen(hostname) - 1] == ']')
4034 addr = anynet_ntoa(sap);
4037 /* TCP/Wrappers don't want the IPv6: protocol label */
4038 if (addr != NULL && sm_strncasecmp(addr, "IPv6:", 5) == 0)
4040 # endif /* NETINET6 */
4042 if (!hosts_ctl("sendmail", host, addr, STRING_UNKNOWN))
4045 sm_dprintf(" ... validate_connection: BAD (tcpwrappers)\n");
4047 sm_syslog(LOG_NOTICE, e->e_id,
4048 "tcpwrappers (%s, %s) rejection",
4050 return "Access denied";
4052 #endif /* TCPWRAPPERS */
4054 sm_dprintf(" ... validate_connection: OK\n");
4059 ** STRTOL -- convert string to long integer
4061 ** For systems that don't have it in the C library.
4063 ** This is taken verbatim from the 4.4-Lite C library.
4068 # if defined(LIBC_SCCS) && !defined(lint)
4069 static char sccsid[] = "@(#)strtol.c 8.1 (Berkeley) 6/4/93";
4070 # endif /* defined(LIBC_SCCS) && !defined(lint) */
4073 ** Convert a string to a long integer.
4075 ** Ignores `locale' stuff. Assumes that the upper and lower case
4076 ** alphabets and digits are each contiguous.
4080 strtol(nptr, endptr, base)
4085 register const char *s = nptr;
4086 register unsigned long acc;
4088 register unsigned long cutoff;
4089 register int neg = 0, any, cutlim;
4092 ** Skip white space and pick up leading +/- sign if any.
4093 ** If base is 0, allow 0x for hex and 0 for octal, else
4094 ** assume decimal; if base is already 16, allow 0x.
4098 } while (isascii(c) && isspace(c));
4102 } else if (c == '+')
4104 if ((base == 0 || base == 16) &&
4105 c == '0' && (*s == 'x' || *s == 'X')) {
4111 base = c == '0' ? 8 : 10;
4114 ** Compute the cutoff value between legal numbers and illegal
4115 ** numbers. That is the largest legal value, divided by the
4116 ** base. An input number that is greater than this value, if
4117 ** followed by a legal input character, is too big. One that
4118 ** is equal to this value may be valid or not; the limit
4119 ** between valid and invalid numbers is then based on the last
4120 ** digit. For instance, if the range for longs is
4121 ** [-2147483648..2147483647] and the input base is 10,
4122 ** cutoff will be set to 214748364 and cutlim to either
4123 ** 7 (neg==0) or 8 (neg==1), meaning that if we have accumulated
4124 ** a value > 214748364, or equal but the next digit is > 7 (or 8),
4125 ** the number is too big, and we will return a range error.
4127 ** Set any if any `digits' consumed; make it negative to indicate
4130 cutoff = neg ? -(unsigned long) LONG_MIN : LONG_MAX;
4131 cutlim = cutoff % (unsigned long) base;
4132 cutoff /= (unsigned long) base;
4133 for (acc = 0, any = 0;; c = *s++) {
4134 if (isascii(c) && isdigit(c))
4136 else if (isascii(c) && isalpha(c))
4137 c -= isupper(c) ? 'A' - 10 : 'a' - 10;
4142 if (any < 0 || acc > cutoff || acc == cutoff && c > cutlim)
4151 acc = neg ? LONG_MIN : LONG_MAX;
4156 *endptr = (char *)(any ? s - 1 : nptr);
4160 #endif /* NEEDSTRTOL */
4162 ** STRSTR -- find first substring in string
4165 ** big -- the big (full) string.
4166 ** little -- the little (sub) string.
4169 ** A pointer to the first instance of little in big.
4170 ** big if little is the null string.
4171 ** NULL if little is not contained in big.
4181 register char *p = big;
4184 if (*little == '\0')
4188 while ((p = strchr(p, *little)) != NULL)
4190 if (strncmp(p, little, l) == 0)
4197 #endif /* NEEDSTRSTR */
4199 ** SM_GETHOSTBY{NAME,ADDR} -- compatibility routines for gethostbyXXX
4201 ** Some operating systems have weird problems with the gethostbyXXX
4202 ** routines. For example, Solaris versions at least through 2.3
4203 ** don't properly deliver a canonical h_name field. This tries to
4204 ** work around these problems.
4206 ** Support IPv6 as well as IPv4.
4209 #if NETINET6 && NEEDSGETIPNODE
4212 # define AI_DEFAULT 0 /* dummy */
4213 # endif /* ! AI_DEFAULT */
4214 # ifndef AI_ADDRCONFIG
4215 # define AI_ADDRCONFIG 0 /* dummy */
4216 # endif /* ! AI_ADDRCONFIG */
4217 # ifndef AI_V4MAPPED
4218 # define AI_V4MAPPED 0 /* dummy */
4219 # endif /* ! AI_V4MAPPED */
4221 # define AI_ALL 0 /* dummy */
4222 # endif /* ! AI_ALL */
4224 static struct hostent *
4225 sm_getipnodebyname(name, family, flags, err)
4232 # if HAS_GETHOSTBYNAME2
4234 h = gethostbyname2(name, family);
4239 # else /* HAS_GETHOSTBYNAME2 */
4242 if (family == AF_INET6)
4244 /* From RFC2133, section 6.1 */
4245 resv6 = bitset(RES_USE_INET6, _res.options);
4246 _res.options |= RES_USE_INET6;
4249 h = gethostbyname(name);
4251 _res.options &= ~RES_USE_INET6;
4253 /* the function is supposed to return only the requested family */
4254 if (h != NULL && h->h_addrtype != family)
4258 # endif /* NETINET6 */
4265 # endif /* HAS_GETHOSTBYNAME2 */
4268 static struct hostent *
4269 sm_getipnodebyaddr(addr, len, family, err)
4278 h = gethostbyaddr(addr, len, family);
4288 ** Stub routine -- if they don't have getipnodeby*(),
4289 ** they probably don't have the free routine either.
4294 #endif /* NETINET6 && NEEDSGETIPNODE */
4297 sm_gethostbyname(name, family)
4302 struct hostent *h = NULL;
4303 #if (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4))
4304 # if SOLARIS == 20300 || SOLARIS == 203
4305 static struct hostent hp;
4306 static char buf[1000];
4307 extern struct hostent *_switch_gethostbyname_r();
4310 sm_dprintf("_switch_gethostbyname_r(%s)... ", name);
4311 h = _switch_gethostbyname_r(name, &hp, buf, sizeof(buf), &h_errno);
4313 # else /* SOLARIS == 20300 || SOLARIS == 203 */
4314 extern struct hostent *__switch_gethostbyname();
4317 sm_dprintf("__switch_gethostbyname(%s)... ", name);
4318 h = __switch_gethostbyname(name);
4320 # endif /* SOLARIS == 20300 || SOLARIS == 203 */
4321 #else /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4)) */
4324 # ifndef SM_IPNODEBYNAME_FLAGS
4325 /* For IPv4-mapped addresses, use: AI_DEFAULT|AI_ALL */
4326 # define SM_IPNODEBYNAME_FLAGS AI_ADDRCONFIG
4327 # endif /* SM_IPNODEBYNAME_FLAGS */
4329 int flags = SM_IPNODEBYNAME_FLAGS;
4331 # endif /* NETINET6 */
4332 char *maptype[MAXMAPSTACK];
4333 short mapreturn[MAXMAPACTIONS];
4337 sm_dprintf("sm_gethostbyname(%s, %d)... ", name, family);
4340 # if ADDRCONFIG_IS_BROKEN
4341 flags &= ~AI_ADDRCONFIG;
4342 # endif /* ADDRCONFIG_IS_BROKEN */
4343 h = sm_getipnodebyname(name, family, flags, &err);
4344 SM_SET_H_ERRNO(err);
4345 # else /* NETINET6 */
4346 h = gethostbyname(name);
4347 # endif /* NETINET6 */
4353 sm_dprintf("failure\n");
4355 nmaps = switch_map_find("hosts", maptype, mapreturn);
4356 while (--nmaps >= 0)
4358 if (strcmp(maptype[nmaps], "nis") == 0 ||
4359 strcmp(maptype[nmaps], "files") == 0)
4365 /* try short name */
4366 if (strlen(name) > sizeof(hbuf) - 1)
4371 (void) sm_strlcpy(hbuf, name, sizeof(hbuf));
4372 (void) shorten_hostname(hbuf);
4374 /* if it hasn't been shortened, there's no point */
4375 if (strcmp(hbuf, name) != 0)
4378 sm_dprintf("sm_gethostbyname(%s, %d)... ",
4382 h = sm_getipnodebyname(hbuf, family, flags, &err);
4383 SM_SET_H_ERRNO(err);
4385 # else /* NETINET6 */
4386 h = gethostbyname(hbuf);
4388 # endif /* NETINET6 */
4392 #endif /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4)) */
4394 /* the function is supposed to return only the requested family */
4395 if (h != NULL && h->h_addrtype != family)
4399 # endif /* NETINET6 */
4401 SM_SET_H_ERRNO(NO_DATA);
4407 sm_dprintf("failure\n");
4410 sm_dprintf("%s\n", h->h_name);
4416 struct in6_addr ia6;
4417 char buf6[INET6_ADDRSTRLEN];
4418 #endif /* NETINET6 */
4420 if (h->h_aliases != NULL)
4421 for (i = 0; h->h_aliases[i] != NULL;
4423 sm_dprintf("\talias: %s\n",
4425 for (i = 0; h->h_addr_list[i] != NULL; i++)
4431 if (h->h_addrtype == AF_INET6)
4433 memmove(&ia6, h->h_addr_list[i],
4435 addr = anynet_ntop(&ia6,
4436 buf6, sizeof(buf6));
4439 #endif /* NETINET6 */
4440 /* "else" in #if code above */
4442 memmove(&ia, h->h_addr_list[i],
4444 addr = (char *) inet_ntoa(ia);
4447 sm_dprintf("\taddr: %s\n", addr);
4457 sm_gethostbyaddr(addr, len, type)
4465 if (type == AF_INET6 &&
4466 IN6_IS_ADDR_UNSPECIFIED((struct in6_addr *) addr))
4468 /* Avoid reverse lookup for IPv6 unspecified address */
4469 SM_SET_H_ERRNO(HOST_NOT_FOUND);
4472 #endif /* NETINET6 */
4474 #if (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204)
4475 # if SOLARIS == 20300 || SOLARIS == 203
4477 static struct hostent he;
4478 static char buf[1000];
4479 extern struct hostent *_switch_gethostbyaddr_r();
4481 hp = _switch_gethostbyaddr_r(addr, len, type, &he,
4482 buf, sizeof(buf), &h_errno);
4484 # else /* SOLARIS == 20300 || SOLARIS == 203 */
4486 extern struct hostent *__switch_gethostbyaddr();
4488 hp = __switch_gethostbyaddr(addr, len, type);
4490 # endif /* SOLARIS == 20300 || SOLARIS == 203 */
4491 #else /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) */
4496 hp = sm_getipnodebyaddr(addr, len, type, &err);
4497 SM_SET_H_ERRNO(err);
4499 # else /* NETINET6 */
4500 hp = gethostbyaddr(addr, len, type);
4501 # endif /* NETINET6 */
4502 #endif /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) */
4506 ** SM_GETPW{NAM,UID} -- wrapper for getpwnam and getpwuid
4514 extern struct passwd *_getpwnam_shadow(const char *, const int);
4516 return _getpwnam_shadow(user, 0);
4518 return getpwnam(user);
4526 #if defined(_AIX4) && 0
4527 extern struct passwd *_getpwuid_shadow(const int, const int);
4529 return _getpwuid_shadow(uid,0);
4530 #else /* defined(_AIX4) && 0 */
4531 return getpwuid(uid);
4532 #endif /* defined(_AIX4) && 0 */
4535 ** SECUREWARE_SETUP_SECURE -- Convex SecureWare setup
4537 ** Set up the trusted computing environment for C2 level security
4538 ** under SecureWare.
4541 ** uid -- uid of the user to initialize in the TCB
4547 ** Initialized the user in the trusted computing base
4552 # include <sys/security.h>
4556 secureware_setup_secure(uid)
4561 if (getluid() != -1)
4564 if ((rc = set_secure_info(uid)) != SSI_GOOD_RETURN)
4568 case SSI_NO_PRPW_ENTRY:
4569 syserr("No protected passwd entry, uid = %d",
4574 syserr("Account has been disabled, uid = %d",
4579 syserr("Account has been retired, uid = %d",
4583 case SSI_BAD_SET_LUID:
4584 syserr("Could not set LUID, uid = %d", (int) uid);
4587 case SSI_BAD_SET_PRIVS:
4588 syserr("Could not set kernel privs, uid = %d",
4592 syserr("Unknown return code (%d) from set_secure_info(%d)",
4596 finis(false, true, EX_NOPERM);
4599 #endif /* SECUREWARE */
4601 ** ADD_HOSTNAMES -- Add a hostname to class 'w' based on IP address
4603 ** Add hostnames to class 'w' based on the IP address read from
4604 ** the network interface.
4607 ** sa -- a pointer to a SOCKADDR containing the address
4610 ** 0 if successful, -1 if host lookup fails.
4619 char hnb[MAXHOSTNAMELEN];
4621 /* lookup name with IP address */
4622 switch (sa->sa.sa_family)
4626 hp = sm_gethostbyaddr((char *) &sa->sin.sin_addr,
4627 sizeof(sa->sin.sin_addr),
4630 #endif /* NETINET */
4634 hp = sm_gethostbyaddr((char *) &sa->sin6.sin6_addr,
4635 sizeof(sa->sin6.sin6_addr),
4638 #endif /* NETINET6 */
4641 /* Give warning about unsupported family */
4643 sm_syslog(LOG_WARNING, NOQID,
4644 "Unsupported address family %d: %.100s",
4645 sa->sa.sa_family, anynet_ntoa(sa));
4651 int save_errno = errno;
4654 #if NETINET && defined(IN_LINKLOCAL)
4655 !(sa->sa.sa_family == AF_INET &&
4656 IN_LINKLOCAL(ntohl(sa->sin.sin_addr.s_addr))) &&
4657 #endif /* NETINET && defined(IN_LINKLOCAL) */
4659 !(sa->sa.sa_family == AF_INET6 &&
4660 IN6_IS_ADDR_LINKLOCAL(&sa->sin6.sin6_addr)) &&
4661 #endif /* NETINET6 */
4663 sm_syslog(LOG_WARNING, NOQID,
4664 "gethostbyaddr(%.100s) failed: %d",
4668 #else /* NAMED_BIND */
4670 #endif /* NAMED_BIND */
4676 /* save its cname */
4677 if (!wordinclass((char *) hp->h_name, 'w'))
4679 setclass('w', (char *) hp->h_name);
4681 sm_dprintf("\ta.k.a.: %s\n", hp->h_name);
4683 if (sm_snprintf(hnb, sizeof(hnb), "[%s]", hp->h_name) <
4685 && !wordinclass((char *) hnb, 'w'))
4691 sm_dprintf("\ta.k.a.: %s (already in $=w)\n", hp->h_name);
4694 /* save all it aliases name */
4695 for (ha = hp->h_aliases; ha != NULL && *ha != NULL; ha++)
4697 if (!wordinclass(*ha, 'w'))
4701 sm_dprintf("\ta.k.a.: %s\n", *ha);
4702 if (sm_snprintf(hnb, sizeof(hnb),
4703 "[%s]", *ha) < sizeof(hnb) &&
4704 !wordinclass((char *) hnb, 'w'))
4710 sm_dprintf("\ta.k.a.: %s (already in $=w)\n",
4716 #endif /* NETINET6 */
4720 ** LOAD_IF_NAMES -- load interface-specific names into $=w
4729 ** Loads $=w with the names of all the interfaces.
4733 # define SIOCGIFCONF_IS_BROKEN 1 /* XXX */
4734 #endif /* !NETINET */
4736 #if defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN
4740 # include <sm/time.h>
4741 # endif /* ! SUNOS403 */
4742 # if (_AIX4 >= 40300) && !defined(_NET_IF_H)
4744 # endif /* (_AIX4 >= 40300) && !defined(_NET_IF_H) */
4745 # include <net/if.h>
4746 #endif /* defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN */
4751 # if NETINET6 && defined(SIOCGLIFCONF)
4755 ** Unfortunately, HP has changed all of the structures,
4756 ** making life difficult for implementors.
4759 # define lifconf if_laddrconf
4760 # define lifc_len iflc_len
4761 # define lifc_buf iflc_buf
4762 # define lifreq if_laddrreq
4763 # define lifr_addr iflr_addr
4764 # define lifr_name iflr_name
4765 # define lifr_flags iflr_flags
4766 # define ss_family sa_family
4768 # endif /* __hpux */
4775 struct lifconf lifc;
4778 # endif /* SIOCGLIFNUM */
4780 s = socket(InetMode, SOCK_DGRAM, 0);
4784 /* get the list of known IP address from the kernel */
4786 i = ioctl(s, SIOCGIFNUM, (char *) &numifs);
4787 # endif /* __hpux */
4789 lifn.lifn_family = AF_UNSPEC;
4790 lifn.lifn_flags = 0;
4791 i = ioctl(s, SIOCGLIFNUM, (char *)&lifn);
4792 numifs = lifn.lifn_count;
4793 # endif /* SIOCGLIFNUM */
4795 # if defined(__hpux) || defined(SIOCGLIFNUM)
4798 /* can't get number of interfaces -- fall back */
4800 sm_dprintf("SIOCGLIFNUM failed: %s\n",
4801 sm_errstring(errno));
4804 else if (tTd(0, 42))
4805 sm_dprintf("system has %d interfaces\n", numifs);
4807 # endif /* defined(__hpux) || defined(SIOCGLIFNUM) */
4808 numifs = MAXINTERFACES;
4816 len = lifc.lifc_len = numifs * sizeof(struct lifreq);
4817 buf = lifc.lifc_buf = xalloc(lifc.lifc_len);
4819 lifc.lifc_family = AF_UNSPEC;
4820 lifc.lifc_flags = 0;
4821 # endif /* ! __hpux */
4822 if (ioctl(s, SIOCGLIFCONF, (char *)&lifc) < 0)
4825 sm_dprintf("SIOCGLIFCONF failed: %s\n",
4826 sm_errstring(errno));
4832 /* scan the list of IP address */
4834 sm_dprintf("scanning for interface specific names, lifc_len=%ld\n",
4837 for (i = 0; i < len && i >= 0; )
4840 struct lifreq *ifr = (struct lifreq *)&buf[i];
4841 SOCKADDR *sa = (SOCKADDR *) &ifr->lifr_addr;
4842 int af = ifr->lifr_addr.ss_family;
4845 struct in6_addr ia6;
4847 # ifdef SIOCGLIFFLAGS
4849 # endif /* SIOCGLIFFLAGS */
4851 char buf6[INET6_ADDRSTRLEN];
4854 ** We must close and recreate the socket each time
4855 ** since we don't know what type of socket it is now
4856 ** (each status function may change it).
4861 s = socket(af, SOCK_DGRAM, 0);
4864 sm_free(buf); /* XXX */
4869 ** If we don't have a complete ifr structure,
4870 ** don't try to use it.
4873 if ((len - i) < sizeof(*ifr))
4876 # ifdef BSD4_4_SOCKADDR
4877 if (sa->sa.sa_len > sizeof(ifr->lifr_addr))
4878 i += sizeof(ifr->lifr_name) + sa->sa.sa_len;
4880 # endif /* BSD4_4_SOCKADDR */
4882 /* fix for IPv6 size differences */
4883 i += sizeof(ifr->ifr_name) +
4884 max(sizeof(ifr->ifr_addr), ifr->ifr_addr.sa_len);
4890 sm_dprintf("%s\n", anynet_ntoa(sa));
4892 if (af != AF_INET && af != AF_INET6)
4895 # ifdef SIOCGLIFFLAGS
4896 memset(&ifrf, '\0', sizeof(struct lifreq));
4897 (void) sm_strlcpy(ifrf.lifr_name, ifr->lifr_name,
4898 sizeof(ifrf.lifr_name));
4899 if (ioctl(s, SIOCGLIFFLAGS, (char *) &ifrf) < 0)
4902 sm_dprintf("SIOCGLIFFLAGS failed: %s\n",
4903 sm_errstring(errno));
4907 name = ifr->lifr_name;
4908 flags = ifrf.lifr_flags;
4911 sm_dprintf("\tflags: %lx\n", (unsigned long) flags);
4913 if (!bitset(IFF_UP, flags))
4915 # endif /* SIOCGLIFFLAGS */
4919 /* extract IP address from the list*/
4923 SETV6LOOPBACKADDRFOUND(*sa);
4925 /* convert into proper scoped address */
4926 if ((IN6_IS_ADDR_LINKLOCAL(&sa->sin6.sin6_addr) ||
4927 IN6_IS_ADDR_SITELOCAL(&sa->sin6.sin6_addr)) &&
4928 sa->sin6.sin6_scope_id == 0)
4930 struct in6_addr *ia6p;
4932 ia6p = &sa->sin6.sin6_addr;
4933 sa->sin6.sin6_scope_id = ntohs(ia6p->s6_addr[3] |
4934 ((unsigned int)ia6p->s6_addr[2] << 8));
4935 ia6p->s6_addr[2] = ia6p->s6_addr[3] = 0;
4937 # endif /* __KAME__ */
4938 ia6 = sa->sin6.sin6_addr;
4939 if (IN6_IS_ADDR_UNSPECIFIED(&ia6))
4941 addr = anynet_ntop(&ia6, buf6, sizeof(buf6));
4942 message("WARNING: interface %s is UP with %s address",
4943 name, addr == NULL ? "(NULL)" : addr);
4947 /* save IP address in text from */
4948 addr = anynet_ntop(&ia6, buf6, sizeof(buf6));
4950 (void) sm_snprintf(ip_addr, sizeof(ip_addr),
4952 (int) sizeof(ip_addr) - 3,
4957 ia = sa->sin.sin_addr;
4958 if (ia.s_addr == INADDR_ANY ||
4959 ia.s_addr == INADDR_NONE)
4961 message("WARNING: interface %s is UP with %s address",
4962 name, inet_ntoa(ia));
4966 /* save IP address in text from */
4967 (void) sm_snprintf(ip_addr, sizeof(ip_addr), "[%.*s]",
4968 (int) sizeof(ip_addr) - 3, inet_ntoa(ia));
4972 if (*ip_addr == '\0')
4975 if (!wordinclass(ip_addr, 'w'))
4977 setclass('w', ip_addr);
4979 sm_dprintf("\ta.k.a.: %s\n", ip_addr);
4982 # ifdef SIOCGLIFFLAGS
4983 /* skip "loopback" interface "lo" */
4984 if (DontProbeInterfaces == DPI_SKIPLOOPBACK &&
4985 bitset(IFF_LOOPBACK, flags))
4987 # endif /* SIOCGLIFFLAGS */
4988 (void) add_hostnames(sa);
4990 sm_free(buf); /* XXX */
4992 # else /* NETINET6 && defined(SIOCGLIFCONF) */
4993 # if defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN
4999 s = socket(AF_INET, SOCK_DGRAM, 0);
5003 /* get the list of known IP address from the kernel */
5004 # if defined(SIOCGIFNUM) && !SIOCGIFNUM_IS_BROKEN
5005 if (ioctl(s, SIOCGIFNUM, (char *) &numifs) < 0)
5007 /* can't get number of interfaces -- fall back */
5009 sm_dprintf("SIOCGIFNUM failed: %s\n",
5010 sm_errstring(errno));
5013 else if (tTd(0, 42))
5014 sm_dprintf("system has %d interfaces\n", numifs);
5016 # endif /* defined(SIOCGIFNUM) && !SIOCGIFNUM_IS_BROKEN */
5017 numifs = MAXINTERFACES;
5024 ifc.ifc_len = numifs * sizeof(struct ifreq);
5025 ifc.ifc_buf = xalloc(ifc.ifc_len);
5026 if (ioctl(s, SIOCGIFCONF, (char *)&ifc) < 0)
5029 sm_dprintf("SIOCGIFCONF failed: %s\n",
5030 sm_errstring(errno));
5035 /* scan the list of IP address */
5037 sm_dprintf("scanning for interface specific names, ifc_len=%d\n",
5040 for (i = 0; i < ifc.ifc_len && i >= 0; )
5043 struct ifreq *ifr = (struct ifreq *) &ifc.ifc_buf[i];
5044 SOCKADDR *sa = (SOCKADDR *) &ifr->ifr_addr;
5047 struct in6_addr ia6;
5048 # endif /* NETINET6 */
5050 # ifdef SIOCGIFFLAGS
5052 # endif /* SIOCGIFFLAGS */
5055 char buf6[INET6_ADDRSTRLEN];
5056 # endif /* NETINET6 */
5059 ** If we don't have a complete ifr structure,
5060 ** don't try to use it.
5063 if ((ifc.ifc_len - i) < sizeof(*ifr))
5066 # ifdef BSD4_4_SOCKADDR
5067 if (sa->sa.sa_len > sizeof(ifr->ifr_addr))
5068 i += sizeof(ifr->ifr_name) + sa->sa.sa_len;
5070 # endif /* BSD4_4_SOCKADDR */
5074 sm_dprintf("%s\n", anynet_ntoa(sa));
5076 af = ifr->ifr_addr.sa_family;
5080 # endif /* NETINET6 */
5084 # ifdef SIOCGIFFLAGS
5085 memset(&ifrf, '\0', sizeof(struct ifreq));
5086 (void) sm_strlcpy(ifrf.ifr_name, ifr->ifr_name,
5087 sizeof(ifrf.ifr_name));
5088 (void) ioctl(s, SIOCGIFFLAGS, (char *) &ifrf);
5090 sm_dprintf("\tflags: %lx\n",
5091 (unsigned long) ifrf.ifr_flags);
5092 # define IFRFREF ifrf
5093 # else /* SIOCGIFFLAGS */
5094 # define IFRFREF (*ifr)
5095 # endif /* SIOCGIFFLAGS */
5097 if (!bitset(IFF_UP, IFRFREF.ifr_flags))
5102 /* extract IP address from the list*/
5106 ia = sa->sin.sin_addr;
5107 if (ia.s_addr == INADDR_ANY ||
5108 ia.s_addr == INADDR_NONE)
5110 message("WARNING: interface %s is UP with %s address",
5111 ifr->ifr_name, inet_ntoa(ia));
5115 /* save IP address in text from */
5116 (void) sm_snprintf(ip_addr, sizeof(ip_addr), "[%.*s]",
5117 (int) sizeof(ip_addr) - 3,
5123 SETV6LOOPBACKADDRFOUND(*sa);
5125 /* convert into proper scoped address */
5126 if ((IN6_IS_ADDR_LINKLOCAL(&sa->sin6.sin6_addr) ||
5127 IN6_IS_ADDR_SITELOCAL(&sa->sin6.sin6_addr)) &&
5128 sa->sin6.sin6_scope_id == 0)
5130 struct in6_addr *ia6p;
5132 ia6p = &sa->sin6.sin6_addr;
5133 sa->sin6.sin6_scope_id = ntohs(ia6p->s6_addr[3] |
5134 ((unsigned int)ia6p->s6_addr[2] << 8));
5135 ia6p->s6_addr[2] = ia6p->s6_addr[3] = 0;
5137 # endif /* __KAME__ */
5138 ia6 = sa->sin6.sin6_addr;
5139 if (IN6_IS_ADDR_UNSPECIFIED(&ia6))
5141 addr = anynet_ntop(&ia6, buf6, sizeof(buf6));
5142 message("WARNING: interface %s is UP with %s address",
5144 addr == NULL ? "(NULL)" : addr);
5148 /* save IP address in text from */
5149 addr = anynet_ntop(&ia6, buf6, sizeof(buf6));
5151 (void) sm_snprintf(ip_addr, sizeof(ip_addr),
5153 (int) sizeof(ip_addr) - 3,
5157 # endif /* NETINET6 */
5160 if (ip_addr[0] == '\0')
5163 if (!wordinclass(ip_addr, 'w'))
5165 setclass('w', ip_addr);
5167 sm_dprintf("\ta.k.a.: %s\n", ip_addr);
5170 /* skip "loopback" interface "lo" */
5171 if (DontProbeInterfaces == DPI_SKIPLOOPBACK &&
5172 bitset(IFF_LOOPBACK, IFRFREF.ifr_flags))
5175 (void) add_hostnames(sa);
5177 sm_free(ifc.ifc_buf); /* XXX */
5180 # endif /* defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN */
5181 # endif /* NETINET6 && defined(SIOCGLIFCONF) */
5184 ** ISLOOPBACK -- is socket address in the loopback net?
5187 ** sa -- socket address.
5190 ** true -- is socket address in the loopback net?
5191 ** false -- otherwise
5200 if (IN6_IS_ADDR_LOOPBACK(&sa.sin6.sin6_addr))
5202 #else /* NETINET6 */
5203 /* XXX how to correctly extract IN_LOOPBACKNET part? */
5204 if (((ntohl(sa.sin.sin_addr.s_addr) & IN_CLASSA_NET)
5205 >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
5207 #endif /* NETINET6 */
5211 ** GET_NUM_PROCS_ONLINE -- return the number of processors currently online
5217 ** The number of processors online.
5221 get_num_procs_online()
5226 # if defined(CTL_HW) && defined(HW_NCPU)
5232 sz = (size_t) sizeof(nproc);
5233 (void) sysctl(mib, 2, &nproc, &sz, NULL, 0);
5234 # endif /* defined(CTL_HW) && defined(HW_NCPU) */
5235 #else /* USESYSCTL */
5236 # ifdef _SC_NPROCESSORS_ONLN
5237 nproc = (int) sysconf(_SC_NPROCESSORS_ONLN);
5238 # else /* _SC_NPROCESSORS_ONLN */
5240 # include <sys/pstat.h>
5241 struct pst_dynamic psd;
5243 if (pstat_getdynamic(&psd, sizeof(psd), (size_t)1, 0) != -1)
5244 nproc = psd.psd_proc_cnt;
5245 # endif /* __hpux */
5246 # endif /* _SC_NPROCESSORS_ONLN */
5247 #endif /* USESYSCTL */
5254 ** SM_CLOSEFROM -- close file descriptors
5257 ** lowest -- first fd to close
5258 ** highest -- last fd + 1 to close
5265 sm_closefrom(lowest, highest)
5266 int lowest, highest;
5270 #else /* HASCLOSEFROM */
5273 for (i = lowest; i < highest; i++)
5275 #endif /* HASCLOSEFROM */
5279 ** CLOSEFD_WALK -- walk fd's arranging to close them
5280 ** Callback for fdwalk()
5283 ** lowest -- first fd to arrange to be closed
5284 ** fd -- fd to arrange to be closed
5291 closefd_walk(lowest, fd)
5295 if (fd >= *(int *)lowest)
5296 (void) fcntl(fd, F_SETFD, FD_CLOEXEC);
5299 #endif /* HASFDWALK */
5301 ** SM_CLOSE_ON_EXEC -- arrange for file descriptors to be closed
5304 ** lowest -- first fd to arrange to be closed
5305 ** highest -- last fd + 1 to arrange to be closed
5312 sm_close_on_exec(lowest, highest)
5313 int lowest, highest;
5316 (void) fdwalk(closefd_walk, &lowest);
5317 #else /* HASFDWALK */
5320 for (i = lowest; i < highest; i++)
5322 if ((j = fcntl(i, F_GETFD, 0)) != -1)
5323 (void) fcntl(i, F_SETFD, j | FD_CLOEXEC);
5325 #endif /* HASFDWALK */
5328 ** SEED_RANDOM -- seed the random number generator
5342 #else /* HASSRANDOMDEV */
5346 seed = (long) CurrentPid;
5347 if (gettimeofday(&t, NULL) >= 0)
5348 seed += t.tv_sec + t.tv_usec;
5351 (void) srandom(seed);
5352 # else /* HASRANDOM */
5353 (void) srand((unsigned int) seed);
5354 # endif /* HASRANDOM */
5355 #endif /* HASSRANDOMDEV */
5358 ** SM_SYSLOG -- syslog wrapper to keep messages under SYSLOG_BUFSIZE
5361 ** level -- syslog level
5362 ** id -- envelope ID or NULL (NOQUEUE)
5363 ** fmt -- format string
5364 ** arg... -- arguments as implied by fmt.
5373 sm_syslog(int level, const char *id, const char *fmt, ...)
5374 #else /* __STDC__ */
5375 sm_syslog(level, id, fmt, va_alist)
5380 #endif /* __STDC__ */
5390 extern int SyslogPrefixLen;
5396 idlen = strlen(id) + SyslogPrefixLen;
5399 bufsize = sizeof(buf0);
5405 /* print log message into buf */
5406 SM_VA_START(ap, fmt);
5407 n = sm_vsnprintf(buf, bufsize, fmt, ap);
5413 /* String too small, redo with correct size */
5420 buf = sm_malloc_x(bufsize);
5423 /* clean up buf after it has been expanded with args */
5424 newstring = str2prt(buf);
5425 if ((strlen(newstring) + idlen + 1) < SYSLOG_BUFSIZE)
5434 gettimeofday(&tv, NULL);
5435 sm_dprintf("%ld.%06ld %s\n", (long) tv.tv_sec,
5436 (long) tv.tv_usec, newstring);
5438 else if (tTd(89, 8))
5439 sm_dprintf("%s\n", newstring);
5441 syslog(level, "%s", newstring);
5449 gettimeofday(&tv, NULL);
5450 sm_dprintf("%ld.%06ld %s: %s\n", (long) tv.tv_sec,
5451 (long) tv.tv_usec, id, newstring);
5453 else if (tTd(89, 8))
5454 sm_dprintf("%s: %s\n", id, newstring);
5456 syslog(level, "%s: %s", id, newstring);
5459 /*XXX should do something more sensible */
5461 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT, "%s\n",
5464 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
5465 "%s: %s\n", id, newstring);
5474 ** additional length for splitting: " ..." + 3, where 3 is magic to
5475 ** have some data for the next entry.
5481 idlen += 5; /* strlen("[999]"), see below */
5482 while (*begin != '\0' &&
5483 (strlen(begin) + idlen) > SYSLOG_BUFSIZE)
5489 /* Too many messages */
5492 end = begin + SYSLOG_BUFSIZE - idlen - SL_SPLIT;
5495 /* Break on comma or space */
5496 if (*end == ',' || *end == ' ')
5498 end++; /* Include separator */
5503 /* No separator, break midstring... */
5505 end = begin + SYSLOG_BUFSIZE - idlen - SL_SPLIT;
5510 sm_dprintf("%s[%d]: %s ...\n", id, seq++, begin);
5512 syslog(level, "%s[%d]: %s ...", id, seq++, begin);
5514 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
5515 "%s[%d]: %s ...\n", id, seq++, begin);
5524 sm_dprintf("%s[%d]: log terminated, too many parts\n",
5527 syslog(level, "%s[%d]: log terminated, too many parts",
5530 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
5531 "%s[%d]: log terminated, too many parts\n", id, seq);
5534 else if (*begin != '\0')
5538 sm_dprintf("%s[%d]: %s\n", id, seq, begin);
5540 syslog(level, "%s[%d]: %s", id, seq, begin);
5542 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
5543 "%s[%d]: %s\n", id, seq, begin);
5551 ** HARD_SYSLOG -- call syslog repeatedly until it works
5553 ** Needed on HP-UX, which apparently doesn't guarantee that
5554 ** syslog succeeds during interrupt handlers.
5557 #if defined(__hpux) && !defined(HPUX11)
5559 # define MAXSYSLOGTRIES 100
5562 # define XCNST const
5563 # define CAST (const char *)
5571 hard_syslog(int pri, XCNST char *msg, ...)
5572 # else /* __STDC__ */
5573 hard_syslog(pri, msg, va_alist)
5577 # endif /* __STDC__ */
5580 char buf[SYSLOG_BUFSIZE];
5583 SM_VA_START(ap, msg);
5584 (void) sm_vsnprintf(buf, sizeof(buf), msg, ap);
5587 for (i = MAXSYSLOGTRIES; --i >= 0 && syslog(pri, CAST "%s", buf) < 0; )
5592 #endif /* defined(__hpux) && !defined(HPUX11) */
5593 #if NEEDLOCAL_HOSTNAME_LENGTH
5595 ** LOCAL_HOSTNAME_LENGTH
5597 ** This is required to get sendmail to compile against BIND 4.9.x
5600 ** Unfortunately, a Compaq Y2K patch kit provides it without
5601 ** bumping __RES in /usr/include/resolv.h so we can't automatically
5602 ** figure out whether it is needed.
5606 local_hostname_length(hostname)
5609 size_t len_host, len_domain;
5611 if (!*_res.defdname)
5613 len_host = strlen(hostname);
5614 len_domain = strlen(_res.defdname);
5615 if (len_host > len_domain &&
5616 (sm_strcasecmp(hostname + len_host - len_domain,
5617 _res.defdname) == 0) &&
5618 hostname[len_host - len_domain - 1] == '.')
5619 return len_host - len_domain - 1;
5623 #endif /* NEEDLOCAL_HOSTNAME_LENGTH */
5627 ** LINK -- clone a file
5629 ** Some OS's lacks link() and hard links. Since sendmail is using
5630 ** link() as an efficient way to clone files, this implementation
5631 ** will simply do a file copy.
5633 ** NOTE: This link() replacement is not a generic replacement as it
5634 ** does not handle all of the semantics of the real link(2).
5637 ** source -- pathname of existing file.
5638 ** target -- pathname of link (clone) to be created.
5642 ** -1 -- failure, see errno for details.
5646 link(source, target)
5652 int src = -1, dst = -1;
5658 sff = SFF_REGONLY|SFF_OPENASROOT;
5659 if (DontLockReadFiles)
5662 /* Open the original file */
5663 src = safeopen((char *)source, O_RDONLY, 0, sff);
5667 /* Obtain the size and the mode */
5668 if (fstat(src, &st) < 0)
5671 /* Create the duplicate copy */
5674 dst = safeopen((char *)target, O_CREAT|O_EXCL|O_WRONLY,
5679 /* Copy all of the bytes one buffer at a time */
5680 while ((readlen = read(src, &buf, sizeof(buf))) > 0)
5682 ssize_t left = readlen;
5686 (writelen = write(dst, p, (size_t) left)) >= 0)
5695 /* Any trouble reading? */
5696 if (readlen < 0 || writelen < 0)
5699 /* Close the input file */
5707 /* Close the output file */
5710 /* don't set dst = -1 here so we unlink the file */
5723 (void) unlink(target);
5729 #endif /* NEEDLINK */
5732 ** Compile-Time options
5735 char *CompileOptions[] =
5739 #endif /* ALLOW_255 */
5743 # endif /* DNSMAP */
5744 #endif /* NAMED_BIND */
5753 #endif /* HES_GETMAILHOST */
5756 #endif /* LDAPMAP */
5759 #endif /* LDAP_REFERRALS */
5765 #endif /* MAP_NSD */
5768 #endif /* MAP_REGEX */
5771 #endif /* MATCHGECOS */
5777 #endif /* MIME7TO8 */
5780 #endif /* MIME7TO8_OLD */
5783 #endif /* MIME8TO7 */
5786 #endif /* NAMED_BIND */
5792 #endif /* NETINET */
5795 #endif /* NETINET6 */
5798 #endif /* NETINFO */
5807 #endif /* NETUNIX */
5819 #endif /* NISPLUS */
5826 #ifdef PICKY_HELO_CHECK
5828 #endif /* PICKY_HELO_CHECK */
5831 #endif /* PIPELINING */
5835 # else /* SASL >= 20000 */
5837 # endif /* SASL >= 20000 */
5842 #if SM_LDAP_ERROR_ON_MISSING_ARGS
5843 "SM_LDAP_ERROR_ON_MISSING_ARGS",
5844 #endif /* SM_LDAP_ERROR_ON_MISSING_ARGS */
5847 #endif /* SMTPDEBUG */
5850 #endif /* SOCKETMAP */
5853 #endif /* STARTTLS */
5854 #if SUID_ROOT_FILES_OK
5855 "SUID_ROOT_FILES_OK",
5856 #endif /* SUID_ROOT_FILES_OK */
5859 #endif /* TCPWRAPPERS */
5862 #endif /* TLS_NO_RSA */
5863 #if TLS_VRFY_PER_CTX
5865 #endif /* TLS_VRFY_PER_CTX */
5871 #endif /* USE_LDAP_INIT */
5874 #endif /* USE_TTYPATH */
5886 ** OS compile options.
5889 char *OsCompileOptions[] =
5891 #if ADDRCONFIG_IS_BROKEN
5892 "ADDRCONFIG_IS_BROKEN",
5893 #endif /* ADDRCONFIG_IS_BROKEN */
5894 #ifdef AUTO_NETINFO_HOSTS
5895 "AUTO_NETINFO_HOSTS",
5896 #endif /* AUTO_NETINFO_HOSTS */
5897 #ifdef AUTO_NIS_ALIASES
5899 #endif /* AUTO_NIS_ALIASES */
5900 #if BROKEN_RES_SEARCH
5901 "BROKEN_RES_SEARCH",
5902 #endif /* BROKEN_RES_SEARCH */
5903 #ifdef BSD4_4_SOCKADDR
5905 #endif /* BSD4_4_SOCKADDR */
5908 #endif /* BOGUS_O_EXCL */
5909 #if DEC_OSF_BROKEN_GETPWENT
5910 "DEC_OSF_BROKEN_GETPWENT",
5911 #endif /* DEC_OSF_BROKEN_GETPWENT */
5912 #if FAST_PID_RECYCLE
5914 #endif /* FAST_PID_RECYCLE */
5917 #endif /* HASCLOSEFROM */
5920 #endif /* HASFCHOWN */
5923 #endif /* HASFCHMOD */
5926 #endif /* HASFDWALK */
5929 #endif /* HASFLOCK */
5930 #if HASGETDTABLESIZE
5932 #endif /* HASGETDTABLESIZE */
5935 #endif /* HASGETUSERSHELL */
5938 #endif /* HASINITGROUPS */
5939 #if HASLDAPGETALIASBYNAME
5940 "HASLDAPGETALIASBYNAME",
5941 #endif /* HASLDAPGETALIASBYNAME */
5944 #endif /* HASLSTAT */
5947 #endif /* HASNICE */
5950 #endif /* HASRANDOM */
5953 #endif /* HASRRESVPORT */
5956 #endif /* HASSETEGID */
5959 #endif /* HASSETLOGIN */
5962 #endif /* HASSETREGID */
5965 #endif /* HASSETRESGID */
5968 #endif /* HASSETREUID */
5971 #endif /* HASSETRLIMIT */
5974 #endif /* HASSETSID */
5975 #if HASSETUSERCONTEXT
5976 "HASSETUSERCONTEXT",
5977 #endif /* HASSETUSERCONTEXT */
5980 #endif /* HASSETVBUF */
5983 #endif /* HAS_ST_GEN */
5986 #endif /* HASSRANDOMDEV */
5989 #endif /* HASURANDOMDEV */
5992 #endif /* HASSTRERROR */
5995 #endif /* HASULIMIT */
5998 #endif /* HASUNAME */
6001 #endif /* HASUNSETENV */
6004 #endif /* HASWAITPID */
6007 #endif /* HAVE_NANOSLEEP */
6010 #endif /* IDENTPROTO */
6013 #endif /* IP_SRCROUTE */
6014 #if O_EXLOCK && HASFLOCK && !BOGUS_O_EXCL
6016 #endif /* O_EXLOCK && HASFLOCK && !BOGUS_O_EXCL */
6019 #endif /* MILTER_NO_NAGLE */
6022 #endif /* NEEDFSYNC */
6025 #endif /* NEEDLINK */
6026 #if NEEDLOCAL_HOSTNAME_LENGTH
6027 "NEEDLOCAL_HOSTNAME_LENGTH",
6028 #endif /* NEEDLOCAL_HOSTNAME_LENGTH */
6031 #endif /* NEEDSGETIPNODE */
6034 #endif /* NEEDSTRSTR */
6037 #endif /* NEEDSTRTOL */
6038 #ifdef NO_GETSERVBYNAME
6040 #endif /* NO_GETSERVBYNAME */
6043 #endif /* NOFTRUNCATE */
6044 #if REQUIRES_DIR_FSYNC
6045 "REQUIRES_DIR_FSYNC",
6046 #endif /* REQUIRES_DIR_FSYNC */
6047 #if RLIMIT_NEEDS_SYS_TIME_H
6048 "RLIMIT_NEEDS_SYS_TIME_H",
6049 #endif /* RLIMIT_NEEDS_SYS_TIME_H */
6052 #endif /* SAFENFSPATHCONF */
6055 #endif /* SECUREWARE */
6056 #if SFS_TYPE == SFS_4ARGS
6058 #elif SFS_TYPE == SFS_MOUNT
6060 #elif SFS_TYPE == SFS_NONE
6062 #elif SFS_TYPE == SFS_NT
6064 #elif SFS_TYPE == SFS_STATFS
6066 #elif SFS_TYPE == SFS_STATVFS
6068 #elif SFS_TYPE == SFS_USTAT
6070 #elif SFS_TYPE == SFS_VFS
6075 #endif /* SHARE_V1 */
6076 #if SIOCGIFCONF_IS_BROKEN
6077 "SIOCGIFCONF_IS_BROKEN",
6078 #endif /* SIOCGIFCONF_IS_BROKEN */
6079 #if SIOCGIFNUM_IS_BROKEN
6080 "SIOCGIFNUM_IS_BROKEN",
6081 #endif /* SIOCGIFNUM_IS_BROKEN */
6082 #if SNPRINTF_IS_BROKEN
6083 "SNPRINTF_IS_BROKEN",
6084 #endif /* SNPRINTF_IS_BROKEN */
6085 #if SO_REUSEADDR_IS_BROKEN
6086 "SO_REUSEADDR_IS_BROKEN",
6087 #endif /* SO_REUSEADDR_IS_BROKEN */
6090 #endif /* SYS5SETPGRP */
6093 #endif /* SYSTEM5 */
6096 #endif /* USE_DOUBLE_FORK */
6099 #endif /* USE_ENVIRON */
6100 #if USE_SA_SIGACTION
6102 #endif /* USE_SA_SIGACTION */
6105 #endif /* USE_SIGLONGJMP */
6108 #endif /* USEGETCONFATTR */
6111 #endif /* USESETEUID */
6114 #endif /* USESYSCTL */
6115 #if USE_OPENSSL_ENGINE
6116 "USE_OPENSSL_ENGINE",
6117 #endif /* USE_OPENSSL_ENGINE */
6118 #if USING_NETSCAPE_LDAP
6119 "USING_NETSCAPE_LDAP",
6120 #endif /* USING_NETSCAPE_LDAP */
6123 #endif /* WAITUNION */
6128 ** FFR compile options.
6131 char *FFRCompileOptions[] =
6133 #if _FFR_ADDR_TYPE_MODES
6134 /* more info in {addr_type}, requires m4 changes! */
6135 "_FFR_ADDR_TYPE_MODES",
6136 #endif /* _FFR_ADDR_TYPE_MODES */
6137 #if _FFR_ALLOW_SASLINFO
6138 /* DefaultAuthInfo can be specified by user. */
6139 /* DefaultAuthInfo doesn't really work in 8.13 anymore. */
6140 "_FFR_ALLOW_SASLINFO",
6141 #endif /* _FFR_ALLOW_SASLINFO */
6143 /* arpa map to reverse an IPv(4,6) address */
6145 #endif /* _FFR_ARPA_MAP */
6146 #if _FFR_BADRCPT_SHUTDOWN
6147 /* shut down connection (421) if there are too many bad RCPTs */
6148 "_FFR_BADRCPT_SHUTDOWN",
6149 #endif /* _FFR_BADRCPT_SHUTDOWN */
6150 #if _FFR_BESTMX_BETTER_TRUNCATION
6151 /* Better truncation of list of MX records for dns map. */
6152 "_FFR_BESTMX_BETTER_TRUNCATION",
6153 #endif /* _FFR_BESTMX_BETTER_TRUNCATION */
6154 #if _FFR_CATCH_BROKEN_MTAS
6155 /* Deal with MTAs that send a reply during the DATA phase. */
6156 "_FFR_CATCH_BROKEN_MTAS",
6157 #endif /* _FFR_CATCH_BROKEN_MTAS */
6158 #if _FFR_CHECKCONFIG
6159 /* New OpMode to check the configuration file */
6161 #endif /* _FFR_CHECKCONFIG */
6163 /* Stricter checks about queue directory permissions. */
6165 #endif /* _FFR_CHK_QUEUE */
6166 #if _FFR_CLIENT_SIZE
6167 /* Don't try to send mail if its size exceeds SIZE= of server. */
6169 #endif /* _FFR_CLIENT_SIZE */
6171 /* CRLPath; needs documentation; Al Smith */
6173 #endif /* _FFR_CRLPATH */
6174 #if _FFR_DAEMON_NETUNIX
6175 /* Allow local (not just TCP) socket connection to server. */
6176 "_FFR_DAEMON_NETUNIX",
6177 #endif /* _FFR_DAEMON_NETUNIX */
6178 #if _FFR_DEPRECATE_MAILER_FLAG_I
6179 /* What it says :-) */
6180 "_FFR_DEPRECATE_MAILER_FLAG_I",
6181 #endif /* _FFR_DEPRECATE_MAILER_FLAG_I */
6183 /* deliver first TA in background, then queue */
6185 #endif /* _FFR_DM_ONE */
6186 #if _FFR_DIGUNIX_SAFECHOWN
6187 /* Properly set SAFECHOWN (include/sm/conf.h) for Digital UNIX */
6188 /* Problem noted by Anne Bennett of Concordia University */
6189 "_FFR_DIGUNIX_SAFECHOWN",
6190 #endif /* _FFR_DIGUNIX_SAFECHOWN */
6191 #if _FFR_DNSMAP_ALIASABLE
6192 /* Allow dns map type to be used for aliases. */
6193 /* Don Lewis of TDK */
6194 "_FFR_DNSMAP_ALIASABLE",
6195 #endif /* _FFR_DNSMAP_ALIASABLE */
6196 #if _FFR_DONTLOCKFILESFORREAD_OPTION
6197 /* Enable DontLockFilesForRead option. */
6198 "_FFR_DONTLOCKFILESFORREAD_OPTION",
6199 #endif /* _FFR_DONTLOCKFILESFORREAD_OPTION */
6200 #if _FFR_DOTTED_USERNAMES
6201 /* Allow usernames with '.' */
6202 "_FFR_DOTTED_USERNAMES",
6203 #endif /* _FFR_DOTTED_USERNAMES */
6206 ** Make DaemonPortOptions case sensitive.
6207 ** For some unknown reasons the code converted every option
6208 ** to uppercase (first letter only, as that's the only one that
6209 ** is actually checked). This prevented all new lower case options
6211 ** The documentation doesn't say anything about case (in)sensitivity,
6212 ** which means it should be case sensitive by default,
6213 ** but it's not a good idea to change this within a patch release,
6214 ** so let's delay this to 8.15.
6218 #endif /* _FFR_DPO_CS */
6219 #if _FFR_DPRINTF_MAP
6220 /* dprintf map for logging */
6222 #endif /* _FFR_DPRINTF_MAP */
6223 #if _FFR_DROP_TRUSTUSER_WARNING
6225 ** Don't issue this warning:
6226 ** "readcf: option TrustedUser may cause problems on systems
6227 ** which do not support fchown() if UseMSP is not set.
6230 "_FFR_DROP_TRUSTUSER_WARNING",
6231 #endif /* _FFR_DROP_TRUSTUSER_WARNING */
6232 #if _FFR_EIGHT_BIT_ADDR_OK
6233 /* EightBitAddrOK: allow 8-bit e-mail addresses */
6234 "_FFR_EIGHT_BIT_ADDR_OK",
6235 #endif /* _FFR_EIGHT_BIT_ADDR_OK */
6237 /* exponential queue delay */
6239 #endif /* _FFR_EXPDELAY */
6240 #if _FFR_EXTRA_MAP_CHECK
6241 /* perform extra checks on $( $) in R lines */
6242 "_FFR_EXTRA_MAP_CHECK",
6243 #endif /* _FFR_EXTRA_MAP_CHECK */
6244 #if _FFR_GETHBN_ExFILE
6246 ** According to Motonori Nakamura some gethostbyname()
6247 ** implementations (TurboLinux?) may (temporarily) fail
6248 ** due to a lack of file discriptors. Enabling this FFR
6249 ** will check errno for EMFILE and ENFILE and in case of a match
6250 ** cause a temporary error instead of a permanent error.
6251 ** The right solution is of course to file a bug against those
6252 ** systems such that they actually set h_errno = TRY_AGAIN.
6255 "_FFR_GETHBN_ExFILE",
6256 #endif /* _FFR_GETHBN_ExFILE */
6258 /* FIPSMode (if supported by OpenSSL library) */
6260 #endif /* _FFR_FIPSMODE */
6263 ** If using -t, force not sending to argv recipients, even
6264 ** if they are mentioned in the headers.
6268 #endif /* _FFR_FIX_DASHT */
6269 #if _FFR_FORWARD_SYSERR
6270 /* Cause a "syserr" if forward file isn't "safe". */
6271 "_FFR_FORWARD_SYSERR",
6272 #endif /* _FFR_FORWARD_SYSERR */
6274 /* Generate a ORCPT DSN arg if not already provided */
6276 #endif /* _FFR_GEN_ORCPT */
6277 #if _FFR_GROUPREADABLEAUTHINFOFILE
6278 /* Allow group readable DefaultAuthInfo file. */
6279 "_FFR_GROUPREADABLEAUTHINFOFILE",
6280 #endif /* _FFR_GROUPREADABLEAUTHINFOFILE */
6281 #if _FFR_HANDLE_ISO8859_GECOS
6283 ** Allow ISO 8859 characters in GECOS field: replace them
6284 ** ith ASCII "equivalent".
6287 /* Peter Eriksson of Linkopings universitet */
6288 "_FFR_HANDLE_ISO8859_GECOS",
6289 #endif /* _FFR_HANDLE_ISO8859_GECOS */
6290 #if _FFR_HPUX_NSSWITCH
6291 /* Use nsswitch on HP-UX */
6292 "_FFR_HPUX_NSSWITCH",
6293 #endif /* _FFR_HPUX_NSSWITCH */
6294 #if _FFR_IGNORE_BOGUS_ADDR
6295 /* Ignore addresses for which prescan() failed */
6296 "_FFR_IGNORE_BOGUS_ADDR",
6297 #endif /* _FFR_IGNORE_BOGUS_ADDR */
6298 #if _FFR_IGNORE_EXT_ON_HELO
6299 /* Ignore extensions offered in response to HELO */
6300 "_FFR_IGNORE_EXT_ON_HELO",
6301 #endif /* _FFR_IGNORE_EXT_ON_HELO */
6303 /* Use uncompressed IPv6 address format (no "::") */
6305 #endif /* _FFR_IPV6_FULL */
6307 /* Set MAXHOSTNAMELEN to 256 (Linux) */
6309 #endif /* _FFR_LINUX_MHNL */
6310 #if _FFR_LOCAL_DAEMON
6311 /* Local daemon mode (-bl) which only accepts loopback connections */
6312 "_FFR_LOCAL_DAEMON",
6313 #endif /* _FFR_LOCAL_DAEMON */
6316 #endif /* _FFR_MAIL_MACRO */
6317 #if _FFR_MAXDATASIZE
6319 ** It is possible that a header is larger than MILTER_CHUNK_SIZE,
6320 ** hence this shouldn't be used as limit for milter communication.
6321 ** see also libmilter/comm.c
6322 ** Gurusamy Sarathy of ActiveState
6326 #endif /* _FFR_MAXDATASIZE */
6327 #if _FFR_MAX_FORWARD_ENTRIES
6328 /* Try to limit number of .forward entries */
6329 /* (doesn't work) */
6330 /* Randall S. Winchester of the University of Maryland */
6331 "_FFR_MAX_FORWARD_ENTRIES",
6332 #endif /* _FFR_MAX_FORWARD_ENTRIES */
6333 #if _FFR_MAX_SLEEP_TIME
6334 /* Limit sleep(2) time in libsm/clock.c */
6335 "_FFR_MAX_SLEEP_TIME",
6336 #endif /* _FFR_MAX_SLEEP_TIME */
6337 #if _FFR_MDS_NEGOTIATE
6338 /* MaxDataSize negotation with libmilter */
6339 "_FFR_MDS_NEGOTIATE",
6340 #endif /* _FFR_MDS_NEGOTIATE */
6342 /* Check free memory */
6344 #endif /* _FFR_MEMSTAT */
6345 #if _FFR_MILTER_CHECK
6346 "_FFR_MILTER_CHECK",
6347 #endif /* _FFR_MILTER_CHECK */
6348 #if _FFR_MILTER_CONVERT_ALL_LF_TO_CRLF
6350 ** milter_body() uses the same conversion algorithm as putbody()
6351 ** to translate the "local" df format (\n) to SMTP format (\r\n).
6352 ** However, putbody() and mime8to7() use different conversion
6354 ** If the input date does not follow the SMTP standard
6355 ** (e.g., if it has "naked \r"s), then the output from putbody()
6356 ** and mime8to7() will most likely be different.
6357 ** By turning on this FFR milter_body() will try to "imitate"
6359 ** Note: there is no (simple) way to deal with both conversions
6360 ** in a consistent manner. Moreover, as the "GiGo" principle applies,
6361 ** it's not really worth to fix it.
6364 "_FFR_MILTER_CONVERT_ALL_LF_TO_CRLF",
6365 #endif /* _FFR_MILTER_CONVERT_ALL_LF_TO_CRLF */
6366 #if _FFR_MILTER_CHECK_REJECTIONS_TOO
6368 ** Also send RCPTs that are rejected by check_rcpt to a milter
6369 ** (if requested during option negotiation).
6372 "_FFR_MILTER_CHECK_REJECTIONS_TOO",
6373 #endif /* _FFR_MILTER_CHECK_REJECTIONS_TOO */
6374 #if _FFR_MILTER_ENHSC
6375 /* extract enhanced status code from milter replies for dsn= logging */
6376 "_FFR_MILTER_ENHSC",
6377 #endif /* _FFR_MILTER_ENHSC */
6378 #if _FFR_MIME7TO8_OLD
6379 /* Old mime7to8 code, the new is broken for at least one example. */
6380 "_FFR_MIME7TO8_OLD",
6381 #endif /* _FFR_MAX_SLEEP_TIME */
6382 #if _FFR_MORE_MACROS
6383 /* allow more long macro names ("unprintable" characters). */
6385 #endif /* _FFR_MORE_MACROS */
6387 /* allow to override "Message accepted for delivery" */
6389 #endif /* _FFR_MSG_ACCEPT */
6390 #if _FFR_NODELAYDSN_ON_HOLD
6391 /* Do not issue a DELAY DSN for mailers that use the hold flag. */
6393 "_FFR_NODELAYDSN_ON_HOLD",
6394 #endif /* _FFR_NODELAYDSN_ON_HOLD */
6396 /* Disable PIPELINING, delay client if used. */
6398 #endif /* _FFR_NO_PIPE */
6399 #if _FFR_LDAP_NETWORK_TIMEOUT
6400 /* set LDAP_OPT_NETWORK_TIMEOUT if available (-c) */
6401 "_FFR_LDAP_NETWORK_TIMEOUT",
6402 #endif /* _FFR_LDAP_NETWORK_TIMEOUT */
6404 /* log ntries=, from Nik Clayton of FreeBSD */
6406 #endif /* _FFR_LOG_NTRIES */
6407 #if _FFR_QF_PARANOIA
6409 #endif /* _FFR_QF_PARANOIA */
6411 /* Exponential queue delay; disabled in 8.13 since it isn't used. */
6413 #endif /* _FFR_QUEUEDELAY */
6414 #if _FFR_QUEUE_GROUP_SORTORDER
6415 /* Allow QueueSortOrder per queue group. */
6416 /* XXX: Still need to actually use qgrp->qg_sortorder */
6417 "_FFR_QUEUE_GROUP_SORTORDER",
6418 #endif /* _FFR_QUEUE_GROUP_SORTORDER */
6419 #if _FFR_QUEUE_MACRO
6420 /* Define {queue} macro. */
6422 #endif /* _FFR_QUEUE_MACRO */
6423 #if _FFR_QUEUE_RUN_PARANOIA
6424 /* Additional checks when doing queue runs; interval of checks */
6425 "_FFR_QUEUE_RUN_PARANOIA",
6426 #endif /* _FFR_QUEUE_RUN_PARANOIA */
6427 #if _FFR_QUEUE_SCHED_DBG
6428 /* Debug output for the queue scheduler. */
6429 "_FFR_QUEUE_SCHED_DBG",
6430 #endif /* _FFR_QUEUE_SCHED_DBG */
6431 #if _FFR_RCPTTHROTDELAY
6432 /* configurable delay for BadRcptThrottle */
6433 "_FFR_RCPTTHROTDELAY",
6434 #endif /* _FFR_RCPTTHROTDELAY */
6435 #if _FFR_REDIRECTEMPTY
6437 ** envelope <> can't be sent to mailing lists, only owner-
6438 ** send spam of this type to owner- of the list
6439 ** ---- to stop spam from going to mailing lists.
6442 "_FFR_REDIRECTEMPTY",
6443 #endif /* _FFR_REDIRECTEMPTY */
6444 #if _FFR_REJECT_NUL_BYTE
6445 /* reject NUL bytes in body */
6446 "_FFR_REJECT_NUL_BYTE",
6447 #endif /* _FFR_REJECT_NUL_BYTE */
6448 #if _FFR_RESET_MACRO_GLOBALS
6449 /* Allow macro 'j' to be set dynamically via rulesets. */
6450 "_FFR_RESET_MACRO_GLOBALS",
6451 #endif /* _FFR_RESET_MACRO_GLOBALS */
6453 /* Random shuffle for queue sorting. */
6455 #endif /* _FFR_RHS */
6458 ** allow -qGqueue_group -qp to work, i.e.,
6459 ** restrict a persistent queue runner to a queue group.
6463 #endif /* _FFR_RUNPQG */
6465 /* session id (for logging) */
6467 #endif /* _FFR_SESSID */
6469 /* Donated code (unused). */
6471 #endif /* _FFR_SHM_STATUS */
6472 #if _FFR_LDAP_SINGLEDN
6474 ** The LDAP database map code in Sendmail 8.12.10, when
6475 ** given the -1 switch, would match only a single DN,
6476 ** but was able to return multiple attributes for that
6477 ** DN. In Sendmail 8.13 this "bug" was corrected to
6478 ** only return if exactly one attribute matched.
6480 ** Unfortunately, our configuration uses the former
6481 ** behaviour. Attached is a relatively simple patch
6482 ** to 8.13.4 which adds a -2 switch (for lack of a
6483 ** better option) which returns the single dn/multiple
6486 ** Jeffrey T. Eaton, Carnegie-Mellon University
6489 "_FFR_LDAP_SINGLEDN",
6490 #endif /* _FFR_LDAP_SINGLEDN */
6491 #if _FFR_SKIP_DOMAINS
6492 /* process every N'th domain instead of every N'th message */
6493 "_FFR_SKIP_DOMAINS",
6494 #endif /* _FFR_SKIP_DOMAINS */
6495 #if _FFR_SLEEP_USE_SELECT
6496 /* Use select(2) in libsm/clock.c to emulate sleep(2) */
6497 "_FFR_SLEEP_USE_SELECT ",
6498 #endif /* _FFR_SLEEP_USE_SELECT */
6501 ** It looks like the Compaq Tru64 5.1A now aligns argv and envp to 64
6502 ** bit alignment, so unless each piece of argv and envp is a multiple
6503 ** of 8 bytes (including terminating NULL), initsetproctitle() won't
6504 ** use any of the space beyond argv[0]. Be sure to set SPT_ALIGN_SIZE
6505 ** if you use this FFR.
6508 /* Chris Adams of HiWAAY Informations Services */
6510 #endif /* _FFR_SPT_ALIGN */
6511 #if _FFR_SS_PER_DAEMON
6512 /* SuperSafe per DaemonPortOptions: 'T' (better letter?) */
6513 "_FFR_SS_PER_DAEMON",
6514 #endif /* _FFR_SS_PER_DAEMON */
6516 /* enable some test code */
6518 #endif /* _FFR_TESTS */
6520 /* Donated code (unused). */
6522 #endif /* _FFR_TIMERS */
6524 /* More STARTTLS options, e.g., secondary certs. */
6526 #endif /* _FFR_TLS_1 */
6529 #endif /* _FFR_TLS_EC */
6532 ** If we don't own the file mark it as unsafe.
6533 ** However, allow TrustedUser to own it as well
6534 ** in case TrustedUser manipulates the queue.
6538 #endif /* _FFR_TRUSTED_QF */
6539 #if _FFR_USE_GETPWNAM_ERRNO
6541 ** See libsm/mbdb.c: only enable this on OSs
6542 ** that implement the correct (POSIX) semantics.
6543 ** This will need to become an OS-specific #if enabled
6544 ** in one of the headers files under include/sm/os/ .
6547 "_FFR_USE_GETPWNAM_ERRNO",
6548 #endif /* _FFR_USE_GETPWNAM_ERRNO */
6549 #if _FFR_USE_SEM_LOCKING
6550 "_FFR_USE_SEM_LOCKING",
6551 #endif /* _FFR_USE_SEM_LOCKING */
6552 #if _FFR_USE_SETLOGIN
6553 /* Use setlogin() */
6555 "_FFR_USE_SETLOGIN",
6556 #endif /* _FFR_USE_SETLOGIN */