2 * Copyright (c) 1998-2013 Sendmail, Inc. and its suppliers.
4 * Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
5 * Copyright (c) 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * By using this file, you agree to the terms and conditions set
9 * forth in the LICENSE file which can be found at the top level of
10 * the sendmail distribution.
16 SM_RCSID("@(#)$Id: conf.c,v 8.1182 2013/04/05 17:39:09 ca Exp $")
18 #include <sm/sendmail.h>
19 #include <sendmail/pathnames.h>
29 /* for the IPv6 device lookup */
30 # define _SOCKADDR_LEN
32 # endif /* NETINET6 */
35 # include <sys/ioctl.h>
36 # include <sys/param.h>
39 #if NETINET || NETINET6
40 # include <arpa/inet.h>
41 #endif /* NETINET || NETINET6 */
42 #if HASULIMIT && defined(HPUX11)
44 #endif /* HASULIMIT && defined(HPUX11) */
46 static void setupmaps __P((void));
47 static void setupmailers __P((void));
48 static void setupqueues __P((void));
49 static int get_num_procs_online __P((void));
50 static int add_hostnames __P((SOCKADDR *));
52 #if NETINET6 && NEEDSGETIPNODE
53 static struct hostent *sm_getipnodebyname __P((const char *, int, int, int *));
54 static struct hostent *sm_getipnodebyaddr __P((const void *, size_t, int, int *));
55 #else /* NETINET6 && NEEDSGETIPNODE */
56 #define sm_getipnodebyname getipnodebyname
57 #define sm_getipnodebyaddr getipnodebyaddr
58 #endif /* NETINET6 && NEEDSGETIPNODE */
62 ** CONF.C -- Sendmail Configuration Tables.
64 ** Defines the configuration of this installation.
66 ** Configuration Variables:
67 ** HdrInfo -- a table describing well-known header fields.
68 ** Each entry has the field name and some flags,
69 ** which are described in sendmail.h.
72 ** I have tried to put almost all the reasonable
73 ** configuration information into the configuration
74 ** file read at runtime. My intent is that anything
75 ** here is a function of the version of UNIX you
76 ** are running, or is really static -- for example
77 ** the headers are a superset of widely used
78 ** protocols. If you find yourself playing with
79 ** this file too much, you may be making a mistake!
85 ** Final (null) entry contains the flags used for any other field.
87 ** Not all of these are actually handled specially by sendmail
88 ** at this time. They are included as placeholders, to let
89 ** you know that "someday" I intend to have sendmail do
90 ** something with them.
93 struct hdrinfo HdrInfo[] =
95 /* originator fields, most to least significant */
96 { "resent-sender", H_FROM|H_RESENT, NULL },
97 { "resent-from", H_FROM|H_RESENT, NULL },
98 { "resent-reply-to", H_FROM|H_RESENT, NULL },
99 { "sender", H_FROM, NULL },
100 { "from", H_FROM, NULL },
101 { "reply-to", H_FROM, NULL },
102 { "errors-to", H_FROM|H_ERRORSTO, NULL },
103 { "full-name", H_ACHECK, NULL },
104 { "return-receipt-to", H_RECEIPTTO, NULL },
105 { "delivery-receipt-to", H_RECEIPTTO, NULL },
106 { "disposition-notification-to", H_FROM, NULL },
108 /* destination fields */
109 { "to", H_RCPT, NULL },
110 { "resent-to", H_RCPT|H_RESENT, NULL },
111 { "cc", H_RCPT, NULL },
112 { "resent-cc", H_RCPT|H_RESENT, NULL },
113 { "bcc", H_RCPT|H_BCC, NULL },
114 { "resent-bcc", H_RCPT|H_BCC|H_RESENT, NULL },
115 { "apparently-to", H_RCPT, NULL },
117 /* message identification and control */
118 { "message-id", 0, NULL },
119 { "resent-message-id", H_RESENT, NULL },
120 { "message", H_EOH, NULL },
121 { "text", H_EOH, NULL },
125 { "resent-date", H_RESENT, NULL },
128 { "received", H_TRACE|H_FORCE, NULL },
129 { "x400-received", H_TRACE|H_FORCE, NULL },
130 { "via", H_TRACE|H_FORCE, NULL },
131 { "mail-from", H_TRACE|H_FORCE, NULL },
133 /* miscellaneous fields */
134 { "comments", H_FORCE|H_ENCODABLE, NULL },
135 { "return-path", H_FORCE|H_ACHECK|H_BINDLATE, NULL },
136 { "content-transfer-encoding", H_CTE, NULL },
137 { "content-type", H_CTYPE, NULL },
138 { "content-length", H_ACHECK, NULL },
139 { "subject", H_ENCODABLE, NULL },
140 { "x-authentication-warning", H_FORCE, NULL },
151 struct prival PrivacyValues[] =
153 { "public", PRIV_PUBLIC },
154 { "needmailhelo", PRIV_NEEDMAILHELO },
155 { "needexpnhelo", PRIV_NEEDEXPNHELO },
156 { "needvrfyhelo", PRIV_NEEDVRFYHELO },
157 { "noexpn", PRIV_NOEXPN },
158 { "novrfy", PRIV_NOVRFY },
159 { "restrictexpand", PRIV_RESTRICTEXPAND },
160 { "restrictmailq", PRIV_RESTRICTMAILQ },
161 { "restrictqrun", PRIV_RESTRICTQRUN },
162 { "noetrn", PRIV_NOETRN },
163 { "noverb", PRIV_NOVERB },
164 { "authwarnings", PRIV_AUTHWARNINGS },
165 { "noreceipts", PRIV_NORECEIPTS },
166 { "nobodyreturn", PRIV_NOBODYRETN },
167 { "goaway", PRIV_GOAWAY },
168 { "noactualrecipient", PRIV_NOACTUALRECIPIENT },
173 ** DontBlameSendmail values
176 struct dbsval DontBlameSendmailValues[] =
178 { "safe", DBS_SAFE },
179 { "assumesafechown", DBS_ASSUMESAFECHOWN },
180 { "groupwritabledirpathsafe", DBS_GROUPWRITABLEDIRPATHSAFE },
181 { "groupwritableforwardfilesafe",
182 DBS_GROUPWRITABLEFORWARDFILESAFE },
183 { "groupwritableincludefilesafe",
184 DBS_GROUPWRITABLEINCLUDEFILESAFE },
185 { "groupwritablealiasfile", DBS_GROUPWRITABLEALIASFILE },
186 { "worldwritablealiasfile", DBS_WORLDWRITABLEALIASFILE },
187 { "forwardfileinunsafedirpath", DBS_FORWARDFILEINUNSAFEDIRPATH },
188 { "includefileinunsafedirpath", DBS_INCLUDEFILEINUNSAFEDIRPATH },
189 { "mapinunsafedirpath", DBS_MAPINUNSAFEDIRPATH },
190 { "linkedaliasfileinwritabledir",
191 DBS_LINKEDALIASFILEINWRITABLEDIR },
192 { "linkedclassfileinwritabledir",
193 DBS_LINKEDCLASSFILEINWRITABLEDIR },
194 { "linkedforwardfileinwritabledir",
195 DBS_LINKEDFORWARDFILEINWRITABLEDIR },
196 { "linkedincludefileinwritabledir",
197 DBS_LINKEDINCLUDEFILEINWRITABLEDIR },
198 { "linkedmapinwritabledir", DBS_LINKEDMAPINWRITABLEDIR },
199 { "linkedserviceswitchfileinwritabledir",
200 DBS_LINKEDSERVICESWITCHFILEINWRITABLEDIR },
201 { "filedeliverytohardlink", DBS_FILEDELIVERYTOHARDLINK },
202 { "filedeliverytosymlink", DBS_FILEDELIVERYTOSYMLINK },
203 { "writemaptohardlink", DBS_WRITEMAPTOHARDLINK },
204 { "writemaptosymlink", DBS_WRITEMAPTOSYMLINK },
205 { "writestatstohardlink", DBS_WRITESTATSTOHARDLINK },
206 { "writestatstosymlink", DBS_WRITESTATSTOSYMLINK },
207 { "forwardfileingroupwritabledirpath",
208 DBS_FORWARDFILEINGROUPWRITABLEDIRPATH },
209 { "includefileingroupwritabledirpath",
210 DBS_INCLUDEFILEINGROUPWRITABLEDIRPATH },
211 { "classfileinunsafedirpath", DBS_CLASSFILEINUNSAFEDIRPATH },
212 { "errorheaderinunsafedirpath", DBS_ERRORHEADERINUNSAFEDIRPATH },
213 { "helpfileinunsafedirpath", DBS_HELPFILEINUNSAFEDIRPATH },
214 { "forwardfileinunsafedirpathsafe",
215 DBS_FORWARDFILEINUNSAFEDIRPATHSAFE },
216 { "includefileinunsafedirpathsafe",
217 DBS_INCLUDEFILEINUNSAFEDIRPATHSAFE },
218 { "runprograminunsafedirpath", DBS_RUNPROGRAMINUNSAFEDIRPATH },
219 { "runwritableprogram", DBS_RUNWRITABLEPROGRAM },
220 { "nonrootsafeaddr", DBS_NONROOTSAFEADDR },
221 { "truststickybit", DBS_TRUSTSTICKYBIT },
222 { "dontwarnforwardfileinunsafedirpath",
223 DBS_DONTWARNFORWARDFILEINUNSAFEDIRPATH },
224 { "insufficiententropy", DBS_INSUFFICIENTENTROPY },
225 { "groupreadablesasldbfile", DBS_GROUPREADABLESASLDBFILE },
226 { "groupwritablesasldbfile", DBS_GROUPWRITABLESASLDBFILE },
227 { "groupwritableforwardfile", DBS_GROUPWRITABLEFORWARDFILE },
228 { "groupwritableincludefile", DBS_GROUPWRITABLEINCLUDEFILE },
229 { "worldwritableforwardfile", DBS_WORLDWRITABLEFORWARDFILE },
230 { "worldwritableincludefile", DBS_WORLDWRITABLEINCLUDEFILE },
231 { "groupreadablekeyfile", DBS_GROUPREADABLEKEYFILE },
232 #if _FFR_GROUPREADABLEAUTHINFOFILE
233 { "groupreadableadefaultauthinfofile",
234 DBS_GROUPREADABLEAUTHINFOFILE },
235 #endif /* _FFR_GROUPREADABLEAUTHINFOFILE */
240 ** Miscellaneous stuff.
243 int DtableSize = 50; /* max open files; reset in 4.2bsd */
245 ** SETDEFAULTS -- set default values
247 ** Some of these must be initialized using direct code since they
248 ** depend on run-time values. So let's do all of them this way.
251 ** e -- the default envelope.
257 ** Initializes a bunch of global variables to their
262 #define HOURS * 60 MINUTES
263 #define DAYS * 24 HOURS
265 #ifndef MAXRULERECURSION
266 # define MAXRULERECURSION 50 /* max ruleset recursion depth */
267 #endif /* ! MAXRULERECURSION */
271 register ENVELOPE *e;
277 numprocs = get_num_procs_online();
278 SpaceSub = ' '; /* option B */
279 QueueLA = 8 * numprocs; /* option x */
280 RefuseLA = 12 * numprocs; /* option X */
281 WkRecipFact = 30000L; /* option y */
282 WkClassFact = 1800L; /* option z */
283 WkTimeFact = 90000L; /* option Z */
284 QueueFactor = WkRecipFact * 20; /* option q */
285 QueueMode = QM_NORMAL; /* what queue items to act upon */
286 FileMode = (RealUid != geteuid()) ? 0644 : 0600;
288 QueueFileMode = (RealUid != geteuid()) ? 0644 : 0600;
289 /* option QueueFileMode */
291 if (((pw = sm_getpwnam("mailnull")) != NULL && pw->pw_uid != 0) ||
292 ((pw = sm_getpwnam("sendmail")) != NULL && pw->pw_uid != 0) ||
293 ((pw = sm_getpwnam("daemon")) != NULL && pw->pw_uid != 0))
295 DefUid = pw->pw_uid; /* option u */
296 DefGid = pw->pw_gid; /* option g */
297 DefUser = newstr(pw->pw_name);
301 DefUid = 1; /* option u */
302 DefGid = 1; /* option g */
307 sm_dprintf("setdefaults: DefUser=%s, DefUid=%d, DefGid=%d\n",
308 DefUser != NULL ? DefUser : "<1:1>",
309 (int) DefUid, (int) DefGid);
310 CheckpointInterval = 10; /* option C */
311 MaxHopCount = 25; /* option h */
312 set_delivery_mode(SM_FORK, e); /* option d */
313 e->e_errormode = EM_PRINT; /* option e */
316 e->e_xfqgrp = NOQGRP;
317 e->e_xfqdir = NOQDIR;
318 e->e_ctime = curtime();
319 SevenBitInput = false; /* option 7 */
320 MaxMciCache = 1; /* option k */
321 MciCacheTimeout = 5 MINUTES; /* option K */
322 LogLevel = 9; /* option L */
326 inittimeouts(NULL, false); /* option r */
327 PrivacyFlags = PRIV_PUBLIC; /* option p */
328 MeToo = true; /* option m */
329 SendMIMEErrors = true; /* option f */
330 SuperSafe = SAFE_REALLY; /* option s */
331 clrbitmap(DontBlameSendmail); /* DontBlameSendmail option */
333 MimeMode = MM_CVTMIME|MM_PASS8BIT; /* option 8 */
335 MimeMode = MM_PASS8BIT;
336 #endif /* MIME8TO7 */
337 for (i = 0; i < MAXTOCLASS; i++)
339 TimeOuts.to_q_return[i] = 5 DAYS; /* option T */
340 TimeOuts.to_q_warning[i] = 0; /* option T */
342 ServiceSwitchFile = "/etc/mail/service.switch";
343 ServiceCacheMaxAge = (time_t) 10;
344 HostsFile = _PATH_HOSTS;
345 PidFile = newstr(_PATH_SENDMAILPID);
346 MustQuoteChars = "@,;:\\()[].'";
347 MciInfoTimeout = 30 MINUTES;
348 MaxRuleRecursion = MAXRULERECURSION;
349 MaxAliasRecursion = 10;
350 MaxMacroRecursion = 10;
351 ColonOkInAddr = true;
352 DontLockReadFiles = true;
353 DontProbeInterfaces = DPI_PROBEALL;
354 DoubleBounceAddr = "postmaster";
355 MaxHeadersLength = MAXHDRSLEN;
356 MaxMimeHeaderLength = MAXLINE;
357 MaxMimeFieldLength = MaxMimeHeaderLength / 2;
358 MaxForwardEntries = 0;
360 MaxNOOPCommands = MAXNOOPCOMMANDS;
362 AuthMechanisms = newstr(AUTH_MECHANISMS);
367 TLS_Srv_Opts = TLS_I_SRV;
368 #endif /* STARTTLS */
370 HesiodContext = NULL;
371 #endif /* HESIOD_INIT */
373 /* Detect if IPv6 is available at run time */
374 i = socket(AF_INET6, SOCK_STREAM, 0);
384 #endif /* NETINET6 */
385 ControlSocketName = NULL;
386 memset(&ConnectOnlyTo, '\0', sizeof(ConnectOnlyTo));
387 DataFileBufferSize = 4096;
388 XscriptFileBufferSize = 4096;
389 for (i = 0; i < MAXRWSETS; i++)
390 RuleSetNames[i] = NULL;
392 InputFilters[0] = NULL;
394 RejectLogInterval = 3 HOURS;
395 #if REQUIRES_DIR_FSYNC
396 RequiresDirfsync = true;
397 #endif /* REQUIRES_DIR_FSYNC */
398 #if _FFR_RCPTTHROTDELAY
399 BadRcptThrottleDelay = 1;
400 #endif /* _FFR_RCPTTHROTDELAY */
401 ConnectionRateWindowSize = 60;
410 ** SETDEFUSER -- set/reset DefUser using DefUid (for initgroups())
416 struct passwd *defpwent;
417 static char defuserbuf[40];
419 DefUser = defuserbuf;
420 defpwent = sm_getpwuid(DefUid);
421 (void) sm_strlcpy(defuserbuf,
422 (defpwent == NULL || defpwent->pw_name == NULL)
423 ? "nobody" : defpwent->pw_name,
426 sm_dprintf("setdefuser: DefUid=%d, DefUser=%s\n",
427 (int) DefUid, DefUser);
430 ** SETUPQUEUES -- initialize default queues
432 ** The mqueue QUEUE structure gets filled in after readcf() but
433 ** we need something to point to now for the mailer setup,
434 ** which use "mqueue" as default queue.
442 MaxRunnersPerQueue = 1;
443 (void) sm_strlcpy(buf, "mqueue, P=/var/spool/mqueue", sizeof(buf));
444 makequeue(buf, false);
447 ** SETUPMAILERS -- initialize default mailers
455 (void) sm_strlcpy(buf, "prog, P=/bin/sh, F=lsouDq9, T=X-Unix/X-Unix/X-Unix, A=sh -c \201u",
459 (void) sm_strlcpy(buf, "*file*, P=[FILE], F=lsDFMPEouq9, T=X-Unix/X-Unix/X-Unix, A=FILE \201u",
463 (void) sm_strlcpy(buf, "*include*, P=/dev/null, F=su, A=INCLUDE \201u",
469 ** SETUPMAPS -- set up map classes
472 #define MAPDEF(name, ext, flags, parse, open, close, lookup, store) \
474 extern bool parse __P((MAP *, char *)); \
475 extern bool open __P((MAP *, int)); \
476 extern void close __P((MAP *)); \
477 extern char *lookup __P((MAP *, char *, char **, int *)); \
478 extern void store __P((MAP *, char *, char *)); \
479 s = stab(name, ST_MAPCLASS, ST_ENTER); \
480 s->s_mapclass.map_cname = name; \
481 s->s_mapclass.map_ext = ext; \
482 s->s_mapclass.map_cflags = flags; \
483 s->s_mapclass.map_parse = parse; \
484 s->s_mapclass.map_open = open; \
485 s->s_mapclass.map_close = close; \
486 s->s_mapclass.map_lookup = lookup; \
487 s->s_mapclass.map_store = store; \
496 # if DB_VERSION_MAJOR > 1
497 int major_v, minor_v, patch_v;
499 (void) db_version(&major_v, &minor_v, &patch_v);
500 if (major_v != DB_VERSION_MAJOR || minor_v != DB_VERSION_MINOR)
503 syserr("Berkeley DB version mismatch: compiled against %d.%d.%d, run-time linked against %d.%d.%d",
504 DB_VERSION_MAJOR, DB_VERSION_MINOR, DB_VERSION_PATCH,
505 major_v, minor_v, patch_v);
507 # endif /* DB_VERSION_MAJOR > 1 */
509 MAPDEF("hash", ".db", MCF_ALIASOK|MCF_REBUILDABLE,
510 map_parseargs, hash_map_open, db_map_close,
511 db_map_lookup, db_map_store);
513 MAPDEF("btree", ".db", MCF_ALIASOK|MCF_REBUILDABLE,
514 map_parseargs, bt_map_open, db_map_close,
515 db_map_lookup, db_map_store);
519 MAPDEF("dbm", ".dir", MCF_ALIASOK|MCF_REBUILDABLE,
520 map_parseargs, ndbm_map_open, ndbm_map_close,
521 ndbm_map_lookup, ndbm_map_store);
525 MAPDEF("nis", NULL, MCF_ALIASOK,
526 map_parseargs, nis_map_open, null_map_close,
527 nis_map_lookup, null_map_store);
531 MAPDEF("nisplus", NULL, MCF_ALIASOK,
532 map_parseargs, nisplus_map_open, null_map_close,
533 nisplus_map_lookup, null_map_store);
537 MAPDEF("ldap", NULL, MCF_ALIASOK|MCF_NOTPERSIST,
538 ldapmap_parseargs, ldapmap_open, ldapmap_close,
539 ldapmap_lookup, null_map_store);
543 MAPDEF("ph", NULL, MCF_NOTPERSIST,
544 ph_map_parseargs, ph_map_open, ph_map_close,
545 ph_map_lookup, null_map_store);
549 /* IRIX 6.5 nsd support */
550 MAPDEF("nsd", NULL, MCF_ALIASOK,
551 map_parseargs, null_map_open, null_map_close,
552 nsd_map_lookup, null_map_store);
556 MAPDEF("hesiod", NULL, MCF_ALIASOK|MCF_ALIASONLY,
557 map_parseargs, hes_map_open, hes_map_close,
558 hes_map_lookup, null_map_store);
562 MAPDEF("netinfo", NULL, MCF_ALIASOK,
563 map_parseargs, ni_map_open, null_map_close,
564 ni_map_lookup, null_map_store);
568 MAPDEF("dns", NULL, 0,
569 dns_map_init, null_map_open, null_map_close,
570 dns_map_lookup, null_map_store);
575 # if _FFR_DNSMAP_ALIASABLE
576 MAPDEF("dns", NULL, MCF_ALIASOK,
577 dns_map_parseargs, dns_map_open, null_map_close,
578 dns_map_lookup, null_map_store);
579 # else /* _FFR_DNSMAP_ALIASABLE */
580 MAPDEF("dns", NULL, 0,
581 dns_map_parseargs, dns_map_open, null_map_close,
582 dns_map_lookup, null_map_store);
583 # endif /* _FFR_DNSMAP_ALIASABLE */
585 #endif /* NAMED_BIND */
588 /* best MX DNS lookup */
589 MAPDEF("bestmx", NULL, MCF_OPTFILE,
590 map_parseargs, null_map_open, null_map_close,
591 bestmx_map_lookup, null_map_store);
592 #endif /* NAMED_BIND */
594 MAPDEF("host", NULL, 0,
595 host_map_init, null_map_open, null_map_close,
596 host_map_lookup, null_map_store);
598 MAPDEF("text", NULL, MCF_ALIASOK,
599 map_parseargs, text_map_open, null_map_close,
600 text_map_lookup, null_map_store);
602 MAPDEF("stab", NULL, MCF_ALIASOK|MCF_ALIASONLY,
603 map_parseargs, stab_map_open, null_map_close,
604 stab_map_lookup, stab_map_store);
606 MAPDEF("implicit", NULL, MCF_ALIASOK|MCF_ALIASONLY|MCF_REBUILDABLE,
607 map_parseargs, impl_map_open, impl_map_close,
608 impl_map_lookup, impl_map_store);
610 /* access to system passwd file */
611 MAPDEF("user", NULL, MCF_OPTFILE,
612 map_parseargs, user_map_open, null_map_close,
613 user_map_lookup, null_map_store);
616 MAPDEF("dequote", NULL, 0,
617 dequote_init, null_map_open, null_map_close,
618 dequote_map, null_map_store);
621 MAPDEF("regex", NULL, 0,
622 regex_map_init, null_map_open, null_map_close,
623 regex_map_lookup, null_map_store);
624 #endif /* MAP_REGEX */
628 MAPDEF("userdb", ".db", 0,
629 map_parseargs, null_map_open, null_map_close,
630 udb_map_lookup, null_map_store);
633 /* arbitrary programs */
634 MAPDEF("program", NULL, MCF_ALIASOK,
635 map_parseargs, null_map_open, null_map_close,
636 prog_map_lookup, null_map_store);
639 MAPDEF("sequence", NULL, MCF_ALIASOK,
640 seq_map_parse, null_map_open, null_map_close,
641 seq_map_lookup, seq_map_store);
643 /* switched interface to sequenced maps */
644 MAPDEF("switch", NULL, MCF_ALIASOK,
645 map_parseargs, switch_map_open, null_map_close,
646 seq_map_lookup, seq_map_store);
648 /* null map lookup -- really for internal use only */
649 MAPDEF("null", NULL, MCF_ALIASOK|MCF_OPTFILE,
650 map_parseargs, null_map_open, null_map_close,
651 null_map_lookup, null_map_store);
653 /* syslog map -- logs information to syslog */
654 MAPDEF("syslog", NULL, 0,
655 syslog_map_parseargs, null_map_open, null_map_close,
656 syslog_map_lookup, null_map_store);
658 /* macro storage map -- rulesets can set macros */
659 MAPDEF("macro", NULL, 0,
660 dequote_init, null_map_open, null_map_close,
661 macro_map_lookup, null_map_store);
663 /* arithmetic map -- add/subtract/compare */
664 MAPDEF("arith", NULL, 0,
665 dequote_init, null_map_open, null_map_close,
666 arith_map_lookup, null_map_store);
669 /* arbitrary daemons */
670 MAPDEF("socket", NULL, MCF_ALIASOK,
671 map_parseargs, socket_map_open, socket_map_close,
672 socket_map_lookup, null_map_store);
673 #endif /* SOCKETMAP */
676 /* dprintf map -- logs information to syslog */
677 MAPDEF("dprintf", NULL, 0,
678 dprintf_map_parseargs, null_map_open, null_map_close,
679 dprintf_map_lookup, null_map_store);
680 #endif /* _FFR_DPRINTF_MAP */
684 /* bogus map -- always return tempfail */
685 MAPDEF("bogus", NULL, MCF_ALIASOK|MCF_OPTFILE,
686 map_parseargs, null_map_open, null_map_close,
687 bogus_map_lookup, null_map_store);
693 ** INITHOSTMAPS -- initial host-dependent maps
695 ** This should act as an interface to any local service switch
696 ** provided by the host operating system.
705 ** Should define maps "host" and "users" as necessary
706 ** for this OS. If they are not defined, they will get
707 ** a default value later. It should check to make sure
708 ** they are not defined first, since it's possible that
709 ** the config file has provided an override.
717 char *maptype[MAXMAPSTACK];
718 short mapreturn[MAXMAPACTIONS];
722 ** Make sure we have a host map.
725 if (stab("host", ST_MAP, ST_FIND) == NULL)
727 /* user didn't initialize: set up host map */
728 (void) sm_strlcpy(buf, "host host", sizeof(buf));
730 if (ConfigLevel >= 2)
731 (void) sm_strlcat(buf, " -a. -D", sizeof(buf));
732 #endif /* NAMED_BIND */
733 (void) makemapentry(buf);
737 ** Set up default aliases maps
740 nmaps = switch_map_find("aliases", maptype, mapreturn);
741 for (i = 0; i < nmaps; i++)
743 if (strcmp(maptype[i], "files") == 0 &&
744 stab("aliases.files", ST_MAP, ST_FIND) == NULL)
746 (void) sm_strlcpy(buf, "aliases.files null",
748 (void) makemapentry(buf);
751 else if (strcmp(maptype[i], "nisplus") == 0 &&
752 stab("aliases.nisplus", ST_MAP, ST_FIND) == NULL)
754 (void) sm_strlcpy(buf, "aliases.nisplus nisplus -kalias -vexpansion mail_aliases.org_dir",
756 (void) makemapentry(buf);
760 else if (strcmp(maptype[i], "nis") == 0 &&
761 stab("aliases.nis", ST_MAP, ST_FIND) == NULL)
763 (void) sm_strlcpy(buf, "aliases.nis nis mail.aliases",
765 (void) makemapentry(buf);
769 else if (strcmp(maptype[i], "netinfo") == 0 &&
770 stab("aliases.netinfo", ST_MAP, ST_FIND) == NULL)
772 (void) sm_strlcpy(buf, "aliases.netinfo netinfo -z, /aliases",
774 (void) makemapentry(buf);
778 else if (strcmp(maptype[i], "hesiod") == 0 &&
779 stab("aliases.hesiod", ST_MAP, ST_FIND) == NULL)
781 (void) sm_strlcpy(buf, "aliases.hesiod hesiod aliases",
783 (void) makemapentry(buf);
786 #if LDAPMAP && defined(SUN_EXTENSIONS) && \
787 defined(SUN_SIMPLIFIED_LDAP) && HASLDAPGETALIASBYNAME
788 else if (strcmp(maptype[i], "ldap") == 0 &&
789 stab("aliases.ldap", ST_MAP, ST_FIND) == NULL)
791 (void) sm_strlcpy(buf, "aliases.ldap ldap -b . -h localhost -k mail=%0 -v mailgroup",
793 (void) makemapentry(buf);
795 #endif /* LDAPMAP && defined(SUN_EXTENSIONS) && ... */
797 if (stab("aliases", ST_MAP, ST_FIND) == NULL)
799 (void) sm_strlcpy(buf, "aliases switch aliases", sizeof(buf));
800 (void) makemapentry(buf);
805 ** SWITCH_MAP_FIND -- find the list of types associated with a map
807 ** This is the system-dependent interface to the service switch.
810 ** service -- the name of the service of interest.
811 ** maptype -- an out-array of strings containing the types
812 ** of access to use for this service. There can
813 ** be at most MAXMAPSTACK types for a single service.
814 ** mapreturn -- an out-array of return information bitmaps
818 ** The number of map types filled in, or -1 for failure.
821 ** Preserves errno so nothing in the routine clobbers it.
824 #if defined(SOLARIS) || (defined(sony_news) && defined(__svr4))
825 # define _USE_SUN_NSSWITCH_
826 #endif /* defined(SOLARIS) || (defined(sony_news) && defined(__svr4)) */
828 #if _FFR_HPUX_NSSWITCH
830 # define _USE_SUN_NSSWITCH_
832 #endif /* _FFR_HPUX_NSSWITCH */
834 #ifdef _USE_SUN_NSSWITCH_
835 # include <nsswitch.h>
836 #endif /* _USE_SUN_NSSWITCH_ */
838 #if defined(ultrix) || (defined(__osf__) && defined(__alpha))
839 # define _USE_DEC_SVC_CONF_
840 #endif /* defined(ultrix) || (defined(__osf__) && defined(__alpha)) */
842 #ifdef _USE_DEC_SVC_CONF_
843 # include <sys/svcinfo.h>
844 #endif /* _USE_DEC_SVC_CONF_ */
847 switch_map_find(service, maptype, mapreturn)
849 char *maptype[MAXMAPSTACK];
850 short mapreturn[MAXMAPACTIONS];
853 int save_errno = errno;
855 #ifdef _USE_SUN_NSSWITCH_
856 struct __nsw_switchconfig *nsw_conf;
857 enum __nsw_parse_err pserr;
858 struct __nsw_lookup *lk;
859 static struct __nsw_lookup lkp0 =
860 { "files", {1, 0, 0, 0}, NULL, NULL };
861 static struct __nsw_switchconfig lkp_default =
862 { 0, "sendmail", 3, &lkp0 };
864 for (svcno = 0; svcno < MAXMAPACTIONS; svcno++)
865 mapreturn[svcno] = 0;
867 if ((nsw_conf = __nsw_getconfig(service, &pserr)) == NULL)
868 lk = lkp_default.lookups;
870 lk = nsw_conf->lookups;
872 while (lk != NULL && svcno < MAXMAPSTACK)
874 maptype[svcno] = lk->service_name;
875 if (lk->actions[__NSW_NOTFOUND] == __NSW_RETURN)
876 mapreturn[MA_NOTFOUND] |= 1 << svcno;
877 if (lk->actions[__NSW_TRYAGAIN] == __NSW_RETURN)
878 mapreturn[MA_TRYAGAIN] |= 1 << svcno;
879 if (lk->actions[__NSW_UNAVAIL] == __NSW_RETURN)
880 mapreturn[MA_TRYAGAIN] |= 1 << svcno;
886 #endif /* _USE_SUN_NSSWITCH_ */
888 #ifdef _USE_DEC_SVC_CONF_
889 struct svcinfo *svcinfo;
892 for (svcno = 0; svcno < MAXMAPACTIONS; svcno++)
893 mapreturn[svcno] = 0;
898 if (strcmp(service, "hosts") == 0)
900 else if (strcmp(service, "aliases") == 0)
902 else if (strcmp(service, "passwd") == 0)
909 for (svcno = 0; svcno < SVC_PATHSIZE && svcno < MAXMAPSTACK; svcno++)
911 switch (svcinfo->svcpath[svc][svcno])
914 maptype[svcno] = "files";
918 maptype[svcno] = "nis";
922 maptype[svcno] = "dns";
927 maptype[svcno] = "hesiod";
929 # endif /* SVC_HESIOD */
938 #endif /* _USE_DEC_SVC_CONF_ */
940 #if !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_)
942 ** Fall-back mechanism.
946 static time_t servicecachetime; /* time service switch was cached */
947 time_t now = curtime();
949 for (svcno = 0; svcno < MAXMAPACTIONS; svcno++)
950 mapreturn[svcno] = 0;
952 if ((now - servicecachetime) > (time_t) ServiceCacheMaxAge)
954 /* (re)read service switch */
955 register SM_FILE_T *fp;
956 long sff = SFF_REGONLY|SFF_OPENASROOT|SFF_NOLOCK;
958 if (!bitnset(DBS_LINKEDSERVICESWITCHFILEINWRITABLEDIR,
963 servicecachetime = now;
964 fp = safefopen(ServiceSwitchFile, O_RDONLY, 0, sff);
969 while (sm_io_fgets(fp, SM_TIME_DEFAULT, buf,
974 p = strpbrk(buf, "#\n");
977 #ifndef SM_NSSWITCH_DELIMS
978 # define SM_NSSWITCH_DELIMS " \t"
979 #endif /* SM_NSSWITCH_DELIMS */
980 p = strpbrk(buf, SM_NSSWITCH_DELIMS);
987 sm_syslog(LOG_ERR, NOQID,
988 "Bad line on %.100s: %.100s",
993 while (isascii(*p) && isspace(*p))
999 ** Find/allocate space for this service entry.
1000 ** Space for all of the service strings
1001 ** are allocated at once. This means
1002 ** that we only have to free the first
1003 ** one to free all of them.
1006 st = stab(buf, ST_SERVICE, ST_ENTER);
1007 if (st->s_service[0] != NULL)
1008 sm_free((void *) st->s_service[0]); /* XXX */
1010 for (svcno = 0; svcno < MAXMAPSTACK; )
1014 st->s_service[svcno++] = p;
1015 p = strpbrk(p, " \t");
1019 while (isascii(*p) && isspace(*p))
1022 if (svcno < MAXMAPSTACK)
1023 st->s_service[svcno] = NULL;
1025 (void) sm_io_close(fp, SM_TIME_DEFAULT);
1029 /* look up entry in cache */
1030 st = stab(service, ST_SERVICE, ST_FIND);
1031 if (st != NULL && st->s_service[0] != NULL)
1035 while (svcno < MAXMAPSTACK)
1037 maptype[svcno] = st->s_service[svcno];
1038 if (maptype[svcno++] == NULL)
1044 #endif /* !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_) */
1046 #if !defined(_USE_SUN_NSSWITCH_)
1047 /* if the service file doesn't work, use an absolute fallback */
1048 # ifdef _USE_DEC_SVC_CONF_
1050 # endif /* _USE_DEC_SVC_CONF_ */
1051 for (svcno = 0; svcno < MAXMAPACTIONS; svcno++)
1052 mapreturn[svcno] = 0;
1054 if (strcmp(service, "aliases") == 0)
1056 maptype[svcno++] = "files";
1057 # if defined(AUTO_NETINFO_ALIASES) && defined (NETINFO)
1058 maptype[svcno++] = "netinfo";
1059 # endif /* defined(AUTO_NETINFO_ALIASES) && defined (NETINFO) */
1060 # ifdef AUTO_NIS_ALIASES
1062 maptype[svcno++] = "nisplus";
1063 # endif /* NISPLUS */
1065 maptype[svcno++] = "nis";
1067 # endif /* AUTO_NIS_ALIASES */
1071 if (strcmp(service, "hosts") == 0)
1074 maptype[svcno++] = "dns";
1075 # else /* NAMED_BIND */
1076 # if defined(sun) && !defined(BSD)
1078 maptype[svcno++] = "nis";
1079 # endif /* defined(sun) && !defined(BSD) */
1080 # endif /* NAMED_BIND */
1081 # if defined(AUTO_NETINFO_HOSTS) && defined (NETINFO)
1082 maptype[svcno++] = "netinfo";
1083 # endif /* defined(AUTO_NETINFO_HOSTS) && defined (NETINFO) */
1084 maptype[svcno++] = "files";
1090 #endif /* !defined(_USE_SUN_NSSWITCH_) */
1093 ** USERNAME -- return the user id of the logged in user.
1099 ** The login name of the logged in user.
1105 ** The return value is statically allocated.
1111 static char *myname = NULL;
1112 extern char *getlogin();
1113 register struct passwd *pw;
1115 /* cache the result */
1118 myname = getlogin();
1119 if (myname == NULL || myname[0] == '\0')
1121 pw = sm_getpwuid(RealUid);
1123 myname = pw->pw_name;
1127 uid_t uid = RealUid;
1129 if ((pw = sm_getpwnam(myname)) == NULL ||
1130 (uid != 0 && uid != pw->pw_uid))
1132 pw = sm_getpwuid(uid);
1134 myname = pw->pw_name;
1137 if (myname == NULL || myname[0] == '\0')
1139 syserr("554 5.3.0 Who are you?");
1140 myname = "postmaster";
1142 else if (strpbrk(myname, ",;:/|\"\\") != NULL)
1143 myname = addquotes(myname, NULL);
1145 myname = sm_pstrdup_x(myname);
1150 ** TTYPATH -- Get the path of the user's tty
1152 ** Returns the pathname of the user's tty. Returns NULL if
1153 ** the user is not logged in or if s/he has write permission
1160 ** pathname of the user's tty.
1161 ** NULL if not logged in or write permission denied.
1167 ** Return value is in a local buffer.
1177 register char *pathn;
1178 extern char *ttyname();
1179 extern char *getlogin();
1181 /* compute the pathname of the controlling tty */
1182 if ((pathn = ttyname(2)) == NULL && (pathn = ttyname(1)) == NULL &&
1183 (pathn = ttyname(0)) == NULL)
1189 /* see if we have write permission */
1190 if (stat(pathn, &stbuf) < 0 || !bitset(S_IWOTH, stbuf.st_mode))
1196 /* see if the user is logged in */
1197 if (getlogin() == NULL)
1204 ** CHECKCOMPAT -- check for From and To person compatible.
1206 ** This routine can be supplied on a per-installation basis
1207 ** to determine whether a person is allowed to send a message.
1208 ** This allows restriction of certain types of internet
1209 ** forwarding or registration of users.
1211 ** If the hosts are found to be incompatible, an error
1212 ** message should be given using "usrerr" and an EX_ code
1213 ** should be returned. You can also set to->q_status to
1214 ** a DSN-style status code.
1216 ** EF_NO_BODY_RETN can be set in e->e_flags to suppress the
1217 ** body during the return-to-sender function; this should be done
1218 ** on huge messages. This bit may already be set by the ESMTP
1222 ** to -- the person being sent to.
1228 ** none (unless you include the usrerr stuff)
1233 register ADDRESS *to;
1234 register ENVELOPE *e;
1237 sm_dprintf("checkcompat(to=%s, from=%s)\n",
1238 to->q_paddr, e->e_from.q_paddr);
1241 /* this code is intended as an example only */
1244 s = stab("arpa", ST_MAILER, ST_FIND);
1245 if (s != NULL && strcmp(e->e_from.q_mailer->m_name, "local") != 0 &&
1246 to->q_mailer == s->s_mailer)
1248 usrerr("553 No ARPA mail through this machine: see your system administration");
1249 /* e->e_flags |= EF_NO_BODY_RETN; to suppress body on return */
1250 to->q_status = "5.7.1";
1251 return EX_UNAVAILABLE;
1253 #endif /* EXAMPLE_CODE */
1257 #ifdef SUN_EXTENSIONS
1263 /* Check for large file descriptor */
1264 if (fstat(fileno(stdin), &sbuf) < 0)
1266 if (errno == EOVERFLOW)
1273 #endif /* SUN_EXTENSIONS */
1276 ** INIT_MD -- do machine dependent initializations
1278 ** Systems that have global modes that should be set should do
1279 ** them here rather than in main.
1283 # include <compat.h>
1284 #endif /* _AUX_SOURCE */
1287 # include <shares.h>
1288 #endif /* SHARE_V1 */
1296 setcompat(getcompat() | COMPAT_BSDPROT);
1297 #endif /* _AUX_SOURCE */
1299 #ifdef SUN_EXTENSIONS
1301 #endif /* SUN_EXTENSIONS */
1304 /* keep gethostby*() from stripping the local domain name */
1305 set_domain_trim_off();
1306 #endif /* _CONVEX_SOURCE */
1307 #if defined(__QNX__) && !defined(__QNXNTO__)
1309 ** Due to QNX's network distributed nature, you can target a tcpip
1310 ** stack on a different node in the qnx network; this patch lets
1311 ** this feature work. The __sock_locate() must be done before the
1312 ** environment is clear.
1315 #endif /* __QNX__ */
1316 #if SECUREWARE || defined(_SCO_unix_)
1317 set_auth_parameters(argc, argv);
1321 ** This is required for highest security levels (the kernel
1322 ** won't let it call set*uid() or run setuid binaries without
1323 ** it). It may be necessary on other SECUREWARE systems.
1326 if (getluid() == -1)
1328 # endif /* _SCO_unix_ */
1329 #endif /* SECUREWARE || defined(_SCO_unix_) */
1332 #ifdef VENDOR_DEFAULT
1333 VendorCode = VENDOR_DEFAULT;
1334 #else /* VENDOR_DEFAULT */
1335 VendorCode = VENDOR_BERKELEY;
1336 #endif /* VENDOR_DEFAULT */
1339 ** INIT_VENDOR_MACROS -- vendor-dependent macro initializations
1341 ** Called once, on startup.
1344 ** e -- the global envelope.
1350 ** vendor-dependent.
1354 init_vendor_macros(e)
1355 register ENVELOPE *e;
1359 ** GETLA -- get the current load average
1361 ** This code stolen from la.c.
1367 ** The current load average as an integer.
1373 /* try to guess what style of load average we have */
1374 #define LA_ZERO 1 /* always return load average as zero */
1375 #define LA_INT 2 /* read kmem for avenrun; interpret as long */
1376 #define LA_FLOAT 3 /* read kmem for avenrun; interpret as float */
1377 #define LA_SUBR 4 /* call getloadavg */
1378 #define LA_MACH 5 /* MACH load averages (as on NeXT boxes) */
1379 #define LA_SHORT 6 /* read kmem for avenrun; interpret as short */
1380 #define LA_PROCSTR 7 /* read string ("1.17") from /proc/loadavg */
1381 #define LA_READKSYM 8 /* SVR4: use MIOC_READKSYM ioctl call */
1382 #define LA_DGUX 9 /* special DGUX implementation */
1383 #define LA_HPUX 10 /* special HPUX implementation */
1384 #define LA_IRIX6 11 /* special IRIX 6.2 implementation */
1385 #define LA_KSTAT 12 /* special Solaris kstat(3k) implementation */
1386 #define LA_DEVSHORT 13 /* read short from a device */
1387 #define LA_ALPHAOSF 14 /* Digital UNIX (OSF/1 on Alpha) table() call */
1388 #define LA_PSET 15 /* Solaris per-processor-set load average */
1389 #define LA_LONGLONG 17 /* read kmem for avenrun; interpret as long long */
1391 /* do guesses based on general OS type */
1393 # define LA_TYPE LA_ZERO
1394 #endif /* ! LA_TYPE */
1397 # if defined(unixpc)
1399 # endif /* defined(unixpc) */
1401 # if defined(__alpha) || defined(IRIX)
1403 # endif /* defined(__alpha) || defined(IRIX) */
1405 #endif /* ! FSHIFT */
1409 #endif /* ! FSHIFT */
1412 # define FSCALE (1 << FSHIFT)
1413 #endif /* ! FSCALE */
1417 # define LA_AVENRUN "avenrun"
1418 # else /* SYSTEM5 */
1419 # define LA_AVENRUN "_avenrun"
1420 # endif /* SYSTEM5 */
1421 #endif /* ! LA_AVENRUN */
1423 /* _PATH_KMEM should be defined in <paths.h> */
1425 # define _PATH_KMEM "/dev/kmem"
1426 #endif /* ! _PATH_KMEM */
1428 #if (LA_TYPE == LA_INT) || (LA_TYPE == LA_FLOAT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG)
1432 /* _PATH_UNIX should be defined in <paths.h> */
1434 # if defined(SYSTEM5)
1435 # define _PATH_UNIX "/unix"
1436 # else /* defined(SYSTEM5) */
1437 # define _PATH_UNIX "/vmunix"
1438 # endif /* defined(SYSTEM5) */
1439 # endif /* ! _PATH_UNIX */
1443 # else /* _AUX_SOURCE */
1449 # endif /* _AUX_SOURCE */
1450 # define X_AVENRUN 0
1456 static int kmem = -1;
1457 # if LA_TYPE == LA_INT
1459 # else /* LA_TYPE == LA_INT */
1460 # if LA_TYPE == LA_SHORT
1463 # if LA_TYPE == LA_LONGLONG
1464 long long avenrun[3];
1465 # else /* LA_TYPE == LA_LONGLONG */
1467 # endif /* LA_TYPE == LA_LONGLONG */
1468 # endif /* LA_TYPE == LA_SHORT */
1469 # endif /* LA_TYPE == LA_INT */
1470 extern off_t lseek();
1475 (void) sm_strlcpy(Nl[X_AVENRUN].n_name, LA_AVENRUN,
1476 sizeof(Nl[X_AVENRUN].n_name));
1477 Nl[1].n_name[0] = '\0';
1478 # endif /* _AUX_SOURCE */
1480 # if defined(_AIX3) || defined(_AIX4)
1481 if (knlist(Nl, 1, sizeof(Nl[0])) < 0)
1482 # else /* defined(_AIX3) || defined(_AIX4) */
1483 if (nlist(_PATH_UNIX, Nl) < 0)
1484 # endif /* defined(_AIX3) || defined(_AIX4) */
1487 sm_dprintf("getla: nlist(%s): %s\n", _PATH_UNIX,
1488 sm_errstring(errno));
1491 if (Nl[X_AVENRUN].n_value == 0)
1494 sm_dprintf("getla: nlist(%s, %s) ==> 0\n",
1495 _PATH_UNIX, LA_AVENRUN);
1498 # ifdef NAMELISTMASK
1499 Nl[X_AVENRUN].n_value &= NAMELISTMASK;
1500 # endif /* NAMELISTMASK */
1502 kmem = open(_PATH_KMEM, 0, 0);
1506 sm_dprintf("getla: open(/dev/kmem): %s\n",
1507 sm_errstring(errno));
1510 if ((j = fcntl(kmem, F_GETFD, 0)) < 0 ||
1511 fcntl(kmem, F_SETFD, j | FD_CLOEXEC) < 0)
1514 sm_dprintf("getla: fcntl(/dev/kmem, FD_CLOEXEC): %s\n",
1515 sm_errstring(errno));
1522 sm_dprintf("getla: symbol address = %#lx\n",
1523 (unsigned long) Nl[X_AVENRUN].n_value);
1524 if (lseek(kmem, (off_t) Nl[X_AVENRUN].n_value, SEEK_SET) == -1 ||
1525 read(kmem, (char *) avenrun, sizeof(avenrun)) != sizeof(avenrun))
1529 sm_dprintf("getla: lseek or read: %s\n",
1530 sm_errstring(errno));
1533 # if (LA_TYPE == LA_INT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG)
1536 # if LA_TYPE == LA_SHORT
1537 sm_dprintf("getla: avenrun = %d", avenrun[0]);
1539 sm_dprintf(", %d, %d", avenrun[1], avenrun[2]);
1540 # else /* LA_TYPE == LA_SHORT */
1541 # if LA_TYPE == LA_LONGLONG
1542 sm_dprintf("getla: avenrun = %lld", avenrun[0]);
1544 sm_dprintf(", %lld, %lld", avenrun[1], avenrun[2]);
1545 # else /* LA_TYPE == LA_LONGLONG */
1546 sm_dprintf("getla: avenrun = %ld", avenrun[0]);
1548 sm_dprintf(", %ld, %ld", avenrun[1], avenrun[2]);
1549 # endif /* LA_TYPE == LA_LONGLONG */
1550 # endif /* LA_TYPE == LA_SHORT */
1554 sm_dprintf("getla: %d\n",
1555 (int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1556 return ((int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1557 # else /* (LA_TYPE == LA_INT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG) */
1560 sm_dprintf("getla: avenrun = %g", avenrun[0]);
1562 sm_dprintf(", %g, %g", avenrun[1], avenrun[2]);
1566 sm_dprintf("getla: %d\n", (int) (avenrun[0] +0.5));
1567 return ((int) (avenrun[0] + 0.5));
1568 # endif /* (LA_TYPE == LA_INT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG) */
1571 #endif /* (LA_TYPE == LA_INT) || (LA_TYPE == LA_FLOAT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG) */
1573 #if LA_TYPE == LA_READKSYM
1575 # include <sys/ksym.h>
1581 static int kmem = -1;
1583 struct mioc_rksym mirk;
1587 kmem = open("/dev/kmem", 0, 0);
1591 sm_dprintf("getla: open(/dev/kmem): %s\n",
1592 sm_errstring(errno));
1595 if ((j = fcntl(kmem, F_GETFD, 0)) < 0 ||
1596 fcntl(kmem, F_SETFD, j | FD_CLOEXEC) < 0)
1599 sm_dprintf("getla: fcntl(/dev/kmem, FD_CLOEXEC): %s\n",
1600 sm_errstring(errno));
1606 mirk.mirk_symname = LA_AVENRUN;
1607 mirk.mirk_buf = avenrun;
1608 mirk.mirk_buflen = sizeof(avenrun);
1609 if (ioctl(kmem, MIOC_READKSYM, &mirk) < 0)
1612 sm_dprintf("getla: ioctl(MIOC_READKSYM) failed: %s\n",
1613 sm_errstring(errno));
1618 sm_dprintf("getla: avenrun = %d", avenrun[0]);
1620 sm_dprintf(", %d, %d", avenrun[1], avenrun[2]);
1624 sm_dprintf("getla: %d\n",
1625 (int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1626 return ((int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1629 #endif /* LA_TYPE == LA_READKSYM */
1631 #if LA_TYPE == LA_DGUX
1633 # include <sys/dg_sys_info.h>
1638 struct dg_sys_info_load_info load_info;
1640 dg_sys_info((long *)&load_info,
1641 DG_SYS_INFO_LOAD_INFO_TYPE, DG_SYS_INFO_LOAD_VERSION_0);
1644 sm_dprintf("getla: %d\n", (int) (load_info.one_minute + 0.5));
1646 return ((int) (load_info.one_minute + 0.5));
1649 #endif /* LA_TYPE == LA_DGUX */
1651 #if LA_TYPE == LA_HPUX
1653 /* forward declarations to keep gcc from complaining */
1658 struct pst_diskinfo;
1659 struct pst_processor;
1661 struct pst_swapinfo;
1663 # include <sys/param.h>
1664 # include <sys/pstat.h>
1669 struct pst_dynamic pstd;
1671 if (pstat_getdynamic(&pstd, sizeof(struct pst_dynamic),
1672 (size_t) 1, 0) == -1)
1676 sm_dprintf("getla: %d\n", (int) (pstd.psd_avg_1_min + 0.5));
1678 return (int) (pstd.psd_avg_1_min + 0.5);
1681 #endif /* LA_TYPE == LA_HPUX */
1683 #if LA_TYPE == LA_SUBR
1690 if (getloadavg(avenrun, sizeof(avenrun) / sizeof(avenrun[0])) < 0)
1693 sm_dprintf("getla: getloadavg failed: %s",
1694 sm_errstring(errno));
1698 sm_dprintf("getla: %d\n", (int) (avenrun[0] +0.5));
1699 return ((int) (avenrun[0] + 0.5));
1702 #endif /* LA_TYPE == LA_SUBR */
1704 #if LA_TYPE == LA_MACH
1707 ** This has been tested on NEXTSTEP release 2.1/3.X.
1710 # if defined(NX_CURRENT_COMPILER_RELEASE) && NX_CURRENT_COMPILER_RELEASE > NX_COMPILER_RELEASE_3_0
1711 # include <mach/mach.h>
1712 # else /* defined(NX_CURRENT_COMPILER_RELEASE) && NX_CURRENT_COMPILER_RELEASE > NX_COMPILER_RELEASE_3_0 */
1714 # endif /* defined(NX_CURRENT_COMPILER_RELEASE) && NX_CURRENT_COMPILER_RELEASE > NX_COMPILER_RELEASE_3_0 */
1719 processor_set_t default_set;
1720 kern_return_t error;
1721 unsigned int info_count;
1722 struct processor_set_basic_info info;
1725 error = processor_set_default(host_self(), &default_set);
1726 if (error != KERN_SUCCESS)
1729 sm_dprintf("getla: processor_set_default failed: %s",
1730 sm_errstring(errno));
1733 info_count = PROCESSOR_SET_BASIC_INFO_COUNT;
1734 if (processor_set_info(default_set, PROCESSOR_SET_BASIC_INFO,
1735 &host, (processor_set_info_t)&info,
1736 &info_count) != KERN_SUCCESS)
1739 sm_dprintf("getla: processor_set_info failed: %s",
1740 sm_errstring(errno));
1744 sm_dprintf("getla: %d\n",
1745 (int) ((info.load_average + (LOAD_SCALE / 2)) /
1747 return (int) (info.load_average + (LOAD_SCALE / 2)) / LOAD_SCALE;
1750 #endif /* LA_TYPE == LA_MACH */
1752 #if LA_TYPE == LA_PROCSTR
1753 # if SM_CONF_BROKEN_STRTOD
1754 ERROR: This OS has most likely a broken strtod() implemenentation.
1755 ERROR: The function is required for getla().
1756 ERROR: Check the compilation options _LA_PROCSTR and
1757 ERROR: _SM_CONF_BROKEN_STRTOD (without the leading _).
1758 # endif /* SM_CONF_BROKEN_STRTOD */
1761 ** Read /proc/loadavg for the load average. This is assumed to be
1762 ** in a format like "0.15 0.12 0.06".
1764 ** Initially intended for Linux. This has been in the kernel
1765 ** since at least 0.99.15.
1768 # ifndef _PATH_LOADAVG
1769 # define _PATH_LOADAVG "/proc/loadavg"
1770 # endif /* ! _PATH_LOADAVG */
1776 register int result;
1779 fp = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, _PATH_LOADAVG, SM_IO_RDONLY,
1784 sm_dprintf("getla: sm_io_open(%s): %s\n",
1785 _PATH_LOADAVG, sm_errstring(errno));
1788 result = sm_io_fscanf(fp, SM_TIME_DEFAULT, "%lf", &avenrun);
1789 (void) sm_io_close(fp, SM_TIME_DEFAULT);
1793 sm_dprintf("getla: sm_io_fscanf() = %d: %s\n",
1794 result, sm_errstring(errno));
1799 sm_dprintf("getla(): %.2f\n", avenrun);
1801 return ((int) (avenrun + 0.5));
1804 #endif /* LA_TYPE == LA_PROCSTR */
1806 #if LA_TYPE == LA_IRIX6
1808 # include <sys/sysmp.h>
1811 # define CAST_SYSMP(x) (x)
1812 # else /* _UNICOSMP */
1813 # define CAST_SYSMP(x) ((x) & 0x7fffffff)
1814 # endif /* _UNICOSMP */
1820 static int kmem = -1;
1825 kmem = open(_PATH_KMEM, 0, 0);
1829 sm_dprintf("getla: open(%s): %s\n", _PATH_KMEM,
1830 sm_errstring(errno));
1833 if ((j = fcntl(kmem, F_GETFD, 0)) < 0 ||
1834 fcntl(kmem, F_SETFD, j | FD_CLOEXEC) < 0)
1837 sm_dprintf("getla: fcntl(/dev/kmem, FD_CLOEXEC): %s\n",
1838 sm_errstring(errno));
1845 if (lseek(kmem, CAST_SYSMP(sysmp(MP_KERNADDR, MPKA_AVENRUN)), SEEK_SET)
1847 read(kmem, (char *) avenrun, sizeof(avenrun)) != sizeof(avenrun))
1850 sm_dprintf("getla: lseek or read: %s\n",
1851 sm_errstring(errno));
1856 sm_dprintf("getla: avenrun = %ld", (long int) avenrun[0]);
1858 sm_dprintf(", %ld, %ld",
1859 (long int) avenrun[1], (long int) avenrun[2]);
1864 sm_dprintf("getla: %d\n",
1865 (int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1866 return ((int) (avenrun[0] + FSCALE/2) >> FSHIFT);
1869 #endif /* LA_TYPE == LA_IRIX6 */
1871 #if LA_TYPE == LA_KSTAT
1878 static kstat_ctl_t *kc = NULL;
1879 static kstat_t *ksp = NULL;
1883 if (kc == NULL) /* if not initialized before */
1888 sm_dprintf("getla: kstat_open(): %s\n",
1889 sm_errstring(errno));
1893 ksp = kstat_lookup(kc, "unix", 0, "system_misc");
1897 sm_dprintf("getla: kstat_lookup(): %s\n",
1898 sm_errstring(errno));
1901 if (kstat_read(kc, ksp, NULL) < 0)
1904 sm_dprintf("getla: kstat_read(): %s\n",
1905 sm_errstring(errno));
1908 ksn = (kstat_named_t *) kstat_data_lookup(ksp, "avenrun_1min");
1909 la = ((double) ksn->value.ul + FSCALE/2) / FSCALE;
1910 /* kstat_close(kc); /o do not close for fast access */
1914 #endif /* LA_TYPE == LA_KSTAT */
1916 #if LA_TYPE == LA_DEVSHORT
1919 ** Read /dev/table/avenrun for the load average. This should contain
1920 ** three shorts for the 1, 5, and 15 minute loads. We only read the
1921 ** first, since that's all we care about.
1923 ** Intended for SCO OpenServer 5.
1926 # ifndef _PATH_AVENRUN
1927 # define _PATH_AVENRUN "/dev/table/avenrun"
1928 # endif /* ! _PATH_AVENRUN */
1933 static int afd = -1;
1940 if (afd == -1 || lseek(afd, 0L, SEEK_SET) == -1)
1944 afd = open(_PATH_AVENRUN, O_RDONLY|O_SYNC);
1947 sm_syslog(LOG_ERR, NOQID,
1948 "can't open %s: %s",
1949 _PATH_AVENRUN, sm_errstring(errno));
1954 r = read(afd, &avenrun, sizeof(avenrun));
1955 if (r != sizeof(avenrun))
1957 sm_syslog(LOG_ERR, NOQID,
1958 "can't read %s: %s", _PATH_AVENRUN,
1959 r == -1 ? sm_errstring(errno) : "short read");
1964 sm_dprintf("getla: avenrun = %d\n", avenrun);
1965 loadav = (int) (avenrun + FSCALE/2) >> FSHIFT;
1967 sm_dprintf("getla: %d\n", loadav);
1971 #endif /* LA_TYPE == LA_DEVSHORT */
1973 #if LA_TYPE == LA_ALPHAOSF
1976 # include <sys/table.h>
1982 struct tbl_loadavg tab;
1984 if (table(TBL_LOADAVG, 0, &tab, 1, sizeof(tab)) == -1)
1987 sm_dprintf("getla: table %s\n", sm_errstring(errno));
1992 sm_dprintf("getla: scale = %d\n", tab.tl_lscale);
1995 ave = ((tab.tl_avenrun.l[2] + (tab.tl_lscale/2)) /
1998 ave = (int) (tab.tl_avenrun.d[2] + 0.5);
2001 sm_dprintf("getla: %d\n", ave);
2006 #endif /* LA_TYPE == LA_ALPHAOSF */
2008 #if LA_TYPE == LA_PSET
2015 if (pset_getloadavg(PS_MYID, avenrun,
2016 sizeof(avenrun) / sizeof(avenrun[0])) < 0)
2019 sm_dprintf("getla: pset_getloadavg failed: %s",
2020 sm_errstring(errno));
2024 sm_dprintf("getla: %d\n", (int) (avenrun[0] +0.5));
2025 return ((int) (avenrun[0] + 0.5));
2028 #endif /* LA_TYPE == LA_PSET */
2030 #if LA_TYPE == LA_ZERO
2036 sm_dprintf("getla: ZERO\n");
2040 #endif /* LA_TYPE == LA_ZERO */
2043 * Copyright 1989 Massachusetts Institute of Technology
2045 * Permission to use, copy, modify, distribute, and sell this software and its
2046 * documentation for any purpose is hereby granted without fee, provided that
2047 * the above copyright notice appear in all copies and that both that
2048 * copyright notice and this permission notice appear in supporting
2049 * documentation, and that the name of M.I.T. not be used in advertising or
2050 * publicity pertaining to distribution of the software without specific,
2051 * written prior permission. M.I.T. makes no representations about the
2052 * suitability of this software for any purpose. It is provided "as is"
2053 * without express or implied warranty.
2055 * M.I.T. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
2056 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL M.I.T.
2057 * BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
2058 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
2059 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
2060 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
2062 * Authors: Many and varied...
2065 /* Non Apollo stuff removed by Don Lewis 11/15/93 */
2067 SM_UNUSED(static char rcsid[]) = "@(#)$OrigId: getloadavg.c,v 1.16 1991/06/21 12:51:15 paul Exp $";
2072 # include <apollo/base.h>
2075 int getloadavg( call_data )
2076 caddr_t call_data; /* pointer to (double) return value */
2078 double *avenrun = (double *) call_data;
2083 proc1_$get_loadav(loadav, &st);
2084 *avenrun = loadav[0] / (double) (1 << 16);
2089 ** SM_GETLA -- get the current load average
2098 ** Set CurrentLA to the current load average.
2099 ** Set {load_avg} in GlobalMacros to the current load average.
2107 CurrentLA = getla();
2108 (void) sm_snprintf(labuf, sizeof(labuf), "%d", CurrentLA);
2109 macdefine(&GlobalMacros, A_TEMP, macid("{load_avg}"), labuf);
2112 ** SHOULDQUEUE -- should this message be queued or sent?
2114 ** Compares the message cost to the load average to decide.
2116 ** Note: Do NOT change this API! It is documented in op.me
2117 ** and theoretically the user can change this function...
2120 ** pri -- the priority of the message in question.
2121 ** ct -- the message creation time (unused, but see above).
2124 ** true -- if this message should be queued up for the
2126 ** false -- if the load is low enough to send this message.
2134 shouldqueue(pri, ct)
2141 #endif /* _FFR_MEMSTAT */
2144 sm_dprintf("shouldqueue: CurrentLA=%d, pri=%ld: ",
2148 if (QueueLowMem > 0 &&
2149 sm_memstat_get(MemoryResource, &memfree) >= 0 &&
2150 memfree < QueueLowMem)
2153 sm_dprintf("true (memfree=%ld < QueueLowMem=%ld)\n",
2154 memfree, QueueLowMem);
2157 #endif /* _FFR_MEMSTAT */
2158 if (CurrentLA < QueueLA)
2161 sm_dprintf("false (CurrentLA < QueueLA)\n");
2164 rval = pri > (QueueFactor / (CurrentLA - QueueLA + 1));
2166 sm_dprintf("%s (by calculation)\n", rval ? "true" : "false");
2171 ** REFUSECONNECTIONS -- decide if connections should be refused
2174 ** e -- the current envelope.
2175 ** dn -- number of daemon.
2176 ** active -- was this daemon actually active?
2179 ** true if incoming SMTP connections should be refused
2181 ** false if we should accept new work.
2184 ** Sets process title when it is rejecting connections.
2188 refuseconnections(e, dn, active)
2193 static time_t lastconn[MAXDAEMONS];
2194 static int conncnt[MAXDAEMONS];
2195 static time_t firstrejtime[MAXDAEMONS];
2196 static time_t nextlogtime[MAXDAEMONS];
2200 #endif /* _FFR_MEMSTAT */
2208 SM_ASSERT(dn < MAXDAEMONS);
2209 if (ConnRateThrottle > 0)
2216 if (now != lastconn[dn])
2221 else if (conncnt[dn]++ > ConnRateThrottle)
2223 #define D_MSG_CRT "deferring connections on daemon %s: %d per second"
2224 /* sleep to flatten out connection load */
2225 sm_setproctitle(true, e, D_MSG_CRT,
2229 sm_syslog(LOG_INFO, NOQID, D_MSG_CRT,
2235 else if (now != lastconn[dn])
2241 if (RefuseLowMem > 0 &&
2242 sm_memstat_get(MemoryResource, &memfree) >= 0 &&
2243 memfree < RefuseLowMem)
2245 # define R_MSG_LM "rejecting connections on daemon %s: free memory: %ld"
2246 sm_setproctitle(true, e, R_MSG_LM, Daemons[dn].d_name, memfree);
2248 sm_syslog(LOG_NOTICE, NOQID, R_MSG_LM,
2249 Daemons[dn].d_name, memfree);
2252 #endif /* _FFR_MEMSTAT */
2254 limit = (Daemons[dn].d_refuseLA != DPO_NOTSET) ?
2255 Daemons[dn].d_refuseLA : RefuseLA;
2256 if (limit > 0 && CurrentLA >= limit)
2260 # define R_MSG_LA "rejecting connections on daemon %s: load average: %d"
2261 # define R2_MSG_LA "have been rejecting connections on daemon %s for %s"
2262 sm_setproctitle(true, e, R_MSG_LA, Daemons[dn].d_name,
2265 sm_syslog(LOG_NOTICE, NOQID, R_MSG_LA,
2266 Daemons[dn].d_name, CurrentLA);
2268 if (firstrejtime[dn] == 0)
2270 firstrejtime[dn] = now;
2271 nextlogtime[dn] = now + RejectLogInterval;
2273 else if (nextlogtime[dn] < now)
2275 sm_syslog(LOG_ERR, NOQID, R2_MSG_LA, Daemons[dn].d_name,
2276 pintvl(now - firstrejtime[dn], true));
2277 nextlogtime[dn] = now + RejectLogInterval;
2282 firstrejtime[dn] = 0;
2284 limit = (Daemons[dn].d_delayLA != DPO_NOTSET) ?
2285 Daemons[dn].d_delayLA : DelayLA;
2286 if (limit > 0 && CurrentLA >= limit)
2289 static time_t log_delay = (time_t) 0;
2291 # define MIN_DELAY_LOG 90 /* wait before logging this again */
2292 # define D_MSG_LA "delaying connections on daemon %s: load average=%d >= %d"
2293 /* sleep to flatten out connection load */
2294 sm_setproctitle(true, e, D_MSG_LA, Daemons[dn].d_name,
2296 if (LogLevel > 8 && (now = curtime()) > log_delay)
2298 sm_syslog(LOG_INFO, NOQID, D_MSG_LA,
2299 Daemons[dn].d_name, CurrentLA, limit);
2300 log_delay = now + MIN_DELAY_LOG;
2305 limit = (Daemons[dn].d_maxchildren != DPO_NOTSET) ?
2306 Daemons[dn].d_maxchildren : MaxChildren;
2307 if (limit > 0 && CurChildren >= limit)
2310 if (CurChildren >= limit)
2312 #define R_MSG_CHILD "rejecting connections on daemon %s: %d children, max %d"
2313 sm_setproctitle(true, e, R_MSG_CHILD,
2314 Daemons[dn].d_name, CurChildren,
2317 sm_syslog(LOG_INFO, NOQID, R_MSG_CHILD,
2318 Daemons[dn].d_name, CurChildren,
2327 ** SETPROCTITLE -- set process title for ps
2330 ** fmt -- a printf style format string.
2331 ** a, b, c -- possible parameters to fmt.
2337 ** Clobbers argv of our main procedure so ps(1) will
2338 ** display the title.
2341 #define SPT_NONE 0 /* don't use it at all */
2342 #define SPT_REUSEARGV 1 /* cover argv with title information */
2343 #define SPT_BUILTIN 2 /* use libc builtin */
2344 #define SPT_PSTAT 3 /* use pstat(PSTAT_SETCMD, ...) */
2345 #define SPT_PSSTRINGS 4 /* use PS_STRINGS->... */
2346 #define SPT_SYSMIPS 5 /* use sysmips() supported by NEWS-OS 6 */
2347 #define SPT_SCO 6 /* write kernel u. area */
2348 #define SPT_CHANGEARGV 7 /* write our own strings into argv[] */
2351 # define SPT_TYPE SPT_REUSEARGV
2352 #endif /* ! SPT_TYPE */
2355 #if SPT_TYPE != SPT_NONE && SPT_TYPE != SPT_BUILTIN
2357 # if SPT_TYPE == SPT_PSTAT
2358 # include <sys/pstat.h>
2359 # endif /* SPT_TYPE == SPT_PSTAT */
2360 # if SPT_TYPE == SPT_PSSTRINGS
2361 # include <machine/vmparam.h>
2362 # include <sys/exec.h>
2363 # ifndef PS_STRINGS /* hmmmm.... apparently not available after all */
2365 # define SPT_TYPE SPT_REUSEARGV
2366 # else /* ! PS_STRINGS */
2367 # ifndef NKPDE /* FreeBSD 2.0 */
2369 typedef unsigned int *pt_entry_t;
2370 # endif /* ! NKPDE */
2371 # endif /* ! PS_STRINGS */
2372 # endif /* SPT_TYPE == SPT_PSSTRINGS */
2374 # if SPT_TYPE == SPT_PSSTRINGS || SPT_TYPE == SPT_CHANGEARGV
2375 # define SETPROC_STATIC static
2376 # else /* SPT_TYPE == SPT_PSSTRINGS || SPT_TYPE == SPT_CHANGEARGV */
2377 # define SETPROC_STATIC
2378 # endif /* SPT_TYPE == SPT_PSSTRINGS || SPT_TYPE == SPT_CHANGEARGV */
2380 # if SPT_TYPE == SPT_SYSMIPS
2381 # include <sys/sysmips.h>
2382 # include <sys/sysnews.h>
2383 # endif /* SPT_TYPE == SPT_SYSMIPS */
2385 # if SPT_TYPE == SPT_SCO
2386 # include <sys/immu.h>
2387 # include <sys/dir.h>
2388 # include <sys/user.h>
2389 # include <sys/fs/s5param.h>
2390 # if PSARGSZ > MAXLINE
2391 # define SPT_BUFSIZE PSARGSZ
2392 # endif /* PSARGSZ > MAXLINE */
2393 # endif /* SPT_TYPE == SPT_SCO */
2395 # ifndef SPT_PADCHAR
2396 # define SPT_PADCHAR ' '
2397 # endif /* ! SPT_PADCHAR */
2399 #endif /* SPT_TYPE != SPT_NONE && SPT_TYPE != SPT_BUILTIN */
2402 # define SPT_BUFSIZE MAXLINE
2403 #endif /* ! SPT_BUFSIZE */
2408 ** It looks like the Compaq Tru64 5.1A now aligns argv and envp to
2409 ** 64 bit alignment, so unless each piece of argv and envp is a multiple
2410 ** of 8 bytes (including terminating NULL), initsetproctitle() won't use
2411 ** any of the space beyond argv[0]. Be sure to set SPT_ALIGN_SIZE if
2412 ** you use this FFR.
2415 # ifdef SPT_ALIGN_SIZE
2416 # define SPT_ALIGN(x, align) (((((x) + SPT_ALIGN_SIZE) >> (align)) << (align)) - 1)
2417 # else /* SPT_ALIGN_SIZE */
2418 # define SPT_ALIGN(x, align) (x)
2419 # endif /* SPT_ALIGN_SIZE */
2420 #else /* _FFR_SPT_ALIGN */
2421 # define SPT_ALIGN(x, align) (x)
2422 #endif /* _FFR_SPT_ALIGN */
2425 ** Pointers for setproctitle.
2426 ** This allows "ps" listings to give more useful information.
2429 static char **Argv = NULL; /* pointer to argument vector */
2430 static char *LastArgv = NULL; /* end of argv */
2431 #if SPT_TYPE != SPT_BUILTIN
2432 static void setproctitle __P((const char *, ...));
2433 #endif /* SPT_TYPE != SPT_BUILTIN */
2436 initsetproctitle(argc, argv, envp)
2443 extern char **environ;
2446 ** Move the environment so setproctitle can use the space at
2447 ** the top of memory.
2452 for (i = 0; envp[i] != NULL; i++)
2454 environ = (char **) xalloc(sizeof(char *) * (i + 1));
2455 for (i = 0; envp[i] != NULL; i++)
2456 environ[i] = newstr(envp[i]);
2461 ** Save start and extent of argv for setproctitle.
2467 ** Determine how much space we can use for setproctitle.
2468 ** Use all contiguous argv and envp pointers starting at argv[0]
2473 # ifdef SPT_ALIGN_SIZE
2474 for (i = SPT_ALIGN_SIZE; i > 0; i >>= 1)
2476 # endif /* SPT_ALIGN_SIZE */
2477 # endif /* _FFR_SPT_ALIGN */
2479 for (i = 0; i < argc; i++)
2481 if (i == 0 || LastArgv + 1 == argv[i])
2482 LastArgv = argv[i] + SPT_ALIGN(strlen(argv[i]), align);
2484 for (i = 0; LastArgv != NULL && envp != NULL && envp[i] != NULL; i++)
2486 if (LastArgv + 1 == envp[i])
2487 LastArgv = envp[i] + SPT_ALIGN(strlen(envp[i]), align);
2491 #if SPT_TYPE != SPT_BUILTIN
2496 setproctitle(const char *fmt, ...)
2497 # else /* __STDC__ */
2498 setproctitle(fmt, va_alist)
2501 # endif /* __STDC__ */
2503 # if SPT_TYPE != SPT_NONE
2506 SETPROC_STATIC char buf[SPT_BUFSIZE];
2508 # if SPT_TYPE == SPT_PSTAT
2510 # endif /* SPT_TYPE == SPT_PSTAT */
2511 # if SPT_TYPE == SPT_SCO
2514 static int kmem = -1;
2515 static pid_t kmempid = -1;
2517 # endif /* SPT_TYPE == SPT_SCO */
2521 /* print sendmail: heading for grep */
2522 (void) sm_strlcpy(p, "sendmail: ", SPACELEFT(buf, p));
2525 /* print the argument string */
2526 SM_VA_START(ap, fmt);
2527 (void) sm_vsnprintf(p, SPACELEFT(buf, p), fmt, ap);
2530 i = (int) strlen(buf);
2534 # if SPT_TYPE == SPT_PSTAT
2535 pst.pst_command = buf;
2536 pstat(PSTAT_SETCMD, pst, i, 0, 0);
2537 # endif /* SPT_TYPE == SPT_PSTAT */
2538 # if SPT_TYPE == SPT_PSSTRINGS
2539 PS_STRINGS->ps_nargvstr = 1;
2540 PS_STRINGS->ps_argvstr = buf;
2541 # endif /* SPT_TYPE == SPT_PSSTRINGS */
2542 # if SPT_TYPE == SPT_SYSMIPS
2543 sysmips(SONY_SYSNEWS, NEWS_SETPSARGS, buf);
2544 # endif /* SPT_TYPE == SPT_SYSMIPS */
2545 # if SPT_TYPE == SPT_SCO
2546 if (kmem < 0 || kmempid != CurrentPid)
2550 kmem = open(_PATH_KMEM, O_RDWR, 0);
2553 if ((j = fcntl(kmem, F_GETFD, 0)) < 0 ||
2554 fcntl(kmem, F_SETFD, j | FD_CLOEXEC) < 0)
2560 kmempid = CurrentPid;
2562 buf[PSARGSZ - 1] = '\0';
2563 seek_off = UVUBLK + (off_t) u.u_psargs - (off_t) &u;
2564 if (lseek(kmem, (off_t) seek_off, SEEK_SET) == seek_off)
2565 (void) write(kmem, buf, PSARGSZ);
2566 # endif /* SPT_TYPE == SPT_SCO */
2567 # if SPT_TYPE == SPT_REUSEARGV
2568 if (LastArgv == NULL)
2571 if (i > LastArgv - Argv[0] - 2)
2573 i = LastArgv - Argv[0] - 2;
2576 (void) sm_strlcpy(Argv[0], buf, i + 1);
2578 while (p < LastArgv)
2581 # endif /* SPT_TYPE == SPT_REUSEARGV */
2582 # if SPT_TYPE == SPT_CHANGEARGV
2585 # endif /* SPT_TYPE == SPT_CHANGEARGV */
2586 # endif /* SPT_TYPE != SPT_NONE */
2589 #endif /* SPT_TYPE != SPT_BUILTIN */
2591 ** SM_SETPROCTITLE -- set process task and set process title for ps
2593 ** Possibly set process status and call setproctitle() to
2594 ** change the ps display.
2597 ** status -- whether or not to store as process status
2598 ** e -- the current envelope.
2599 ** fmt -- a printf style format string.
2600 ** a, b, c -- possible parameters to fmt.
2609 sm_setproctitle(bool status, ENVELOPE *e, const char *fmt, ...)
2610 #else /* __STDC__ */
2611 sm_setproctitle(status, e, fmt, va_alist)
2616 #endif /* __STDC__ */
2618 char buf[SPT_BUFSIZE];
2621 /* print the argument string */
2622 SM_VA_START(ap, fmt);
2623 (void) sm_vsnprintf(buf, sizeof(buf), fmt, ap);
2627 proc_list_set(CurrentPid, buf);
2629 if (ProcTitlePrefix != NULL)
2631 char prefix[SPT_BUFSIZE];
2633 expand(ProcTitlePrefix, prefix, sizeof(prefix), e);
2634 setproctitle("%s: %s", prefix, buf);
2637 setproctitle("%s", buf);
2640 ** WAITFOR -- wait for a particular process id.
2643 ** pid -- process id to wait for.
2647 ** -1 if pid never shows up.
2665 proc_list_drop(i, st, NULL);
2666 } while ((i >= 0 || errno == EINTR) && i != pid);
2675 ** status -- pointer to status (return value)
2687 # else /* WAITUNION */
2689 # endif /* WAITUNION */
2691 # if defined(ISC_UNIX) || defined(_SCO_unix_)
2693 # endif /* defined(ISC_UNIX) || defined(_SCO_unix_) */
2695 # if defined(ISC_UNIX) || defined(_SCO_unix_)
2696 savesig = sm_releasesignal(SIGCHLD);
2697 # endif /* defined(ISC_UNIX) || defined(_SCO_unix_) */
2699 # if defined(ISC_UNIX) || defined(_SCO_unix_)
2701 sm_blocksignal(SIGCHLD);
2702 # endif /* defined(ISC_UNIX) || defined(_SCO_unix_) */
2704 *status = st.w_status;
2705 # else /* WAITUNION */
2707 # endif /* WAITUNION */
2711 ** REAPCHILD -- pick up the body of my child, lest it become a zombie
2714 ** sig -- the signal that got us here (unused).
2720 ** Picks up extant zombies.
2721 ** Control socket exits may restart/shutdown daemon.
2723 ** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
2724 ** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
2733 int save_errno = errno;
2741 while ((pid = waitpid(-1, &status, WNOHANG)) > 0)
2746 # else /* HASWAITPID */
2750 while ((pid = wait3(&status, WNOHANG, (struct rusage *) NULL)) > 0)
2752 st = status.w_status;
2753 # else /* WNOHANG */
2757 ** Catch one zombie -- we will be re-invoked (we hope) if there
2758 ** are more. Unreliable signals probably break this, but this
2759 ** is the "old system" situation -- waitpid or wait3 are to be
2760 ** strongly preferred.
2763 if ((pid = wait(&status)) > 0)
2766 # endif /* WNOHANG */
2767 # endif /* HASWAITPID */
2768 /* Drop PID and check if it was a control socket child */
2769 proc_list_drop(pid, st, NULL);
2771 FIX_SYSV_SIGNAL(sig, reapchild);
2773 return SIGFUNC_RETURN;
2776 ** GETDTABLESIZE -- return number of file descriptors
2778 ** Only on non-BSD systems
2784 ** size of file descriptor table
2791 # include <sys/resource.h>
2792 #endif /* SOLARIS */
2797 # ifdef RLIMIT_NOFILE
2800 if (getrlimit(RLIMIT_NOFILE, &rl) >= 0)
2802 # endif /* RLIMIT_NOFILE */
2804 # if HASGETDTABLESIZE
2805 return getdtablesize();
2806 # else /* HASGETDTABLESIZE */
2807 # ifdef _SC_OPEN_MAX
2808 return sysconf(_SC_OPEN_MAX);
2809 # else /* _SC_OPEN_MAX */
2811 # endif /* _SC_OPEN_MAX */
2812 # endif /* HASGETDTABLESIZE */
2815 ** UNAME -- get the UUCP name of this system.
2822 struct utsname *name;
2827 name->nodename[0] = '\0';
2829 /* try /etc/whoami -- one line with the node name */
2830 if ((file = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, "/etc/whoami",
2831 SM_IO_RDONLY, NULL)) != NULL)
2833 (void) sm_io_fgets(file, SM_TIME_DEFAULT, name->nodename,
2835 (void) sm_io_close(file, SM_TIME_DEFAULT);
2836 n = strchr(name->nodename, '\n');
2839 if (name->nodename[0] != '\0')
2843 /* try /usr/include/whoami.h -- has a #define somewhere */
2844 if ((file = sm_io_open(SmFtStdio, SM_TIME_DEFAULT,
2845 "/usr/include/whoami.h", SM_IO_RDONLY, NULL))
2850 while (sm_io_fgets(file, SM_TIME_DEFAULT,
2851 buf, sizeof(buf)) >= 0)
2853 if (sm_io_sscanf(buf, "#define sysname \"%*[^\"]\"",
2854 NODE_LENGTH, name->nodename) > 0)
2857 (void) sm_io_close(file, SM_TIME_DEFAULT);
2858 if (name->nodename[0] != '\0')
2864 #endif /* !HASUNAME */
2866 ** INITGROUPS -- initialize groups
2868 ** Stub implementation for System V style systems
2873 initgroups(name, basegid)
2880 #endif /* !HASINITGROUPS */
2882 ** SETGROUPS -- set group list
2884 ** Stub implementation for systems that don't have group lists
2890 setgroups(ngroups, grouplist)
2892 GIDSET_T grouplist[];
2897 #endif /* ! NGROUPS_MAX */
2899 ** SETSID -- set session id (for non-POSIX systems)
2910 fd = open("/dev/tty", O_RDWR, 0);
2913 (void) ioctl(fd, TIOCNOTTY, (char *) 0);
2916 # endif /* TIOCNOTTY */
2919 # else /* SYS5SETPGRP */
2920 return setpgid(0, CurrentPid);
2921 # endif /* SYS5SETPGRP */
2924 #endif /* !HASSETSID */
2926 ** FSYNC -- dummy fsync
2935 return fcntl(fd, F_SETFL, O_SYNC);
2937 /* nothing we can do */
2939 # endif /* O_SYNC */
2942 #endif /* NEEDFSYNC */
2944 ** DGUX_INET_ADDR -- inet_addr for DG/UX
2946 ** Data General DG/UX version of inet_addr returns a struct in_addr
2947 ** instead of a long. This patches things. Only needed on versions
2956 dgux_inet_addr(host)
2959 struct in_addr haddr;
2961 haddr = inet_addr(host);
2962 return haddr.s_addr;
2965 #endif /* DGUX_5_4_2 */
2967 ** GETOPT -- for old systems or systems with bogus implementations
2973 * Copyright (c) 1985 Regents of the University of California.
2974 * All rights reserved. The Berkeley software License Agreement
2975 * specifies the terms and conditions for redistribution.
2980 ** this version hacked to add `atend' flag to allow state machine
2981 ** to reset if invoked by the program to scan args for a 2nd time
2984 # if defined(LIBC_SCCS) && !defined(lint)
2985 static char sccsid[] = "@(#)getopt.c 4.3 (Berkeley) 3/9/86";
2986 # endif /* defined(LIBC_SCCS) && !defined(lint) */
2989 ** get option letter from argument vector
2991 # ifdef _CONVEX_SOURCE
2992 extern int optind, opterr, optopt;
2993 extern char *optarg;
2994 # else /* _CONVEX_SOURCE */
2995 int opterr = 1; /* if error message should be printed */
2996 int optind = 1; /* index into parent argv vector */
2997 int optopt = 0; /* character checked for validity */
2998 char *optarg = NULL; /* argument associated with option */
2999 # endif /* _CONVEX_SOURCE */
3001 # define BADCH (int)'?'
3003 # define tell(s) if (opterr) \
3004 {sm_io_fputs(smioerr, SM_TIME_DEFAULT, *nargv); \
3005 (void) sm_io_fputs(smioerr, SM_TIME_DEFAULT, s); \
3006 (void) sm_io_putc(smioerr, SM_TIME_DEFAULT, optopt); \
3007 (void) sm_io_putc(smioerr, SM_TIME_DEFAULT, '\n'); \
3011 getopt(nargc,nargv,ostr)
3016 static char *place = EMSG; /* option letter processing */
3017 static char atend = 0;
3018 register char *oli = NULL; /* option letter list index */
3024 if(!*place) { /* update scanning pointer */
3025 if (optind >= nargc || *(place = nargv[optind]) != '-' || !*++place) {
3029 if (*place == '-') { /* found "--" */
3034 } /* option letter okay? */
3035 if ((optopt = (int)*place++) == (int)':' || !(oli = strchr(ostr,optopt))) {
3036 if (!*place) ++optind;
3037 tell(": illegal option -- ");
3039 if (oli && *++oli != ':') { /* don't need argument */
3041 if (!*place) ++optind;
3043 else { /* need an argument */
3044 if (*place) optarg = place; /* no white space */
3045 else if (nargc <= ++optind) { /* no arg */
3047 tell(": option requires an argument -- ");
3049 else optarg = nargv[optind]; /* white space */
3053 return optopt; /* dump back option letter */
3056 #endif /* !SM_CONF_GETOPT */
3058 ** USERSHELLOK -- tell if a user's shell is ok for unrestricted use
3061 ** user -- the name of the user we are checking.
3062 ** shell -- the user's shell from /etc/passwd
3065 ** true -- if it is ok to use this for unrestricted access.
3066 ** false -- if the shell is restricted.
3069 #if !HASGETUSERSHELL
3071 # ifndef _PATH_SHELLS
3072 # define _PATH_SHELLS "/etc/shells"
3073 # endif /* ! _PATH_SHELLS */
3075 # if defined(_AIX3) || defined(_AIX4)
3076 # include <userconf.h>
3078 # include <userpw.h>
3079 # endif /* _AIX4 >= 40200 */
3080 # include <usersec.h>
3081 # endif /* defined(_AIX3) || defined(_AIX4) */
3083 static char *DefaultUserShells[] =
3085 "/bin/sh", /* standard shell */
3090 "/bin/csh", /* C shell */
3095 "/usr/bin/rsh", /* restricted Bourne shell */
3096 "/usr/bin/ksh", /* Korn shell */
3097 "/usr/bin/rksh", /* restricted Korn shell */
3099 "/usr/bin/keysh", /* key shell (extended Korn shell) */
3100 "/usr/bin/posix/sh",
3102 "/bin/rsh", /* restricted Bourne shell */
3103 "/bin/ksh", /* Korn shell */
3104 "/bin/rksh", /* restricted Korn shell */
3106 "/usr/bin/keysh", /* key shell (extended Korn shell) */
3110 # endif /* __hpux */
3111 # if defined(_AIX3) || defined(_AIX4)
3112 "/bin/ksh", /* Korn shell */
3114 "/bin/tsh", /* trusted shell */
3116 "/bin/bsh", /* Bourne shell */
3118 # endif /* defined(_AIX3) || defined(_AIX4) */
3119 # if defined(__svr4__) || defined(__svr5__)
3120 "/bin/ksh", /* Korn shell */
3122 # endif /* defined(__svr4__) || defined(__svr5__) */
3124 "/sbin/sh", /* SGI's shells really live in /sbin */
3126 "/sbin/bsh", /* classic Bourne shell */
3129 "/sbin/csh", /* standard csh */
3132 "/sbin/jsh", /* classic Bourne shell w/ job control*/
3135 "/bin/ksh", /* Korn shell */
3138 "/sbin/tcsh", /* Extended csh */
3145 #endif /* !HASGETUSERSHELL */
3147 #define WILDCARD_SHELL "/SENDMAIL/ANY/SHELL/"
3150 usershellok(user, shell)
3154 # if HASGETUSERSHELL
3156 extern char *getusershell();
3158 if (shell == NULL || shell[0] == '\0' || wordinclass(user, 't') ||
3163 while ((p = getusershell()) != NULL)
3164 if (strcmp(p, shell) == 0 || strcmp(p, WILDCARD_SHELL) == 0)
3168 # else /* HASGETUSERSHELL */
3171 # endif /* USEGETCONFATTR */
3172 register SM_FILE_T *shellf;
3175 if (shell == NULL || shell[0] == '\0' || wordinclass(user, 't') ||
3181 ** Naturally IBM has a "better" idea.....
3183 ** What a crock. This interface isn't documented, it is
3184 ** considered part of the security library (-ls), and it
3185 ** only works if you are running as root (since the list
3186 ** of valid shells is obviously a source of great concern).
3187 ** I recommend that you do NOT define USEGETCONFATTR,
3188 ** especially since you are going to have to set up an
3189 ** /etc/shells anyhow to handle the cases where getconfattr
3193 if (getconfattr(SC_SYS_LOGIN, SC_SHELLS, &v, SEC_LIST) == 0 && v != NULL)
3197 if (strcmp(v, shell) == 0 || strcmp(v, WILDCARD_SHELL) == 0)
3203 # endif /* USEGETCONFATTR */
3205 shellf = sm_io_open(SmFtStdio, SM_TIME_DEFAULT, _PATH_SHELLS,
3206 SM_IO_RDONLY, NULL);
3209 /* no /etc/shells; see if it is one of the std shells */
3212 if (errno != ENOENT && LogLevel > 3)
3213 sm_syslog(LOG_ERR, NOQID,
3214 "usershellok: cannot open %s: %s",
3215 _PATH_SHELLS, sm_errstring(errno));
3217 for (d = DefaultUserShells; *d != NULL; d++)
3219 if (strcmp(shell, *d) == 0)
3225 while (sm_io_fgets(shellf, SM_TIME_DEFAULT, buf, sizeof(buf)) >= 0)
3227 register char *p, *q;
3230 while (*p != '\0' && *p != '#' && *p != '/')
3232 if (*p == '#' || *p == '\0')
3235 while (*p != '\0' && *p != '#' && !(isascii(*p) && isspace(*p)))
3238 if (strcmp(shell, q) == 0 || strcmp(WILDCARD_SHELL, q) == 0)
3240 (void) sm_io_close(shellf, SM_TIME_DEFAULT);
3244 (void) sm_io_close(shellf, SM_TIME_DEFAULT);
3246 # endif /* HASGETUSERSHELL */
3249 ** FREEDISKSPACE -- see how much free space is on the queue filesystem
3251 ** Only implemented if you have statfs.
3254 ** dir -- the directory in question.
3255 ** bsize -- a variable into which the filesystem
3256 ** block size is stored.
3259 ** The number of blocks free on the queue filesystem.
3260 ** -1 if the statfs call fails.
3263 ** Puts the filesystem block size into bsize.
3267 # define SFS_NONE 0 /* no statfs implementation */
3268 # define SFS_USTAT 1 /* use ustat */
3269 # define SFS_4ARGS 2 /* use four-argument statfs call */
3270 # define SFS_VFS 3 /* use <sys/vfs.h> implementation */
3271 # define SFS_MOUNT 4 /* use <sys/mount.h> implementation */
3272 # define SFS_STATFS 5 /* use <sys/statfs.h> implementation */
3273 # define SFS_STATVFS 6 /* use <sys/statvfs.h> implementation */
3276 # define SFS_TYPE SFS_NONE
3277 # endif /* ! SFS_TYPE */
3279 # if SFS_TYPE == SFS_USTAT
3281 # endif /* SFS_TYPE == SFS_USTAT */
3282 # if SFS_TYPE == SFS_4ARGS || SFS_TYPE == SFS_STATFS
3283 # include <sys/statfs.h>
3284 # endif /* SFS_TYPE == SFS_4ARGS || SFS_TYPE == SFS_STATFS */
3285 # if SFS_TYPE == SFS_VFS
3286 # include <sys/vfs.h>
3287 # endif /* SFS_TYPE == SFS_VFS */
3288 # if SFS_TYPE == SFS_MOUNT
3289 # include <sys/mount.h>
3290 # endif /* SFS_TYPE == SFS_MOUNT */
3291 # if SFS_TYPE == SFS_STATVFS
3292 # include <sys/statvfs.h>
3293 # endif /* SFS_TYPE == SFS_STATVFS */
3296 freediskspace(dir, bsize)
3300 # if SFS_TYPE == SFS_NONE
3304 /* assume free space is plentiful */
3305 return (long) LONG_MAX;
3306 # else /* SFS_TYPE == SFS_NONE */
3307 # if SFS_TYPE == SFS_USTAT
3309 struct stat statbuf;
3310 # define FSBLOCKSIZE DEV_BSIZE
3311 # define SFS_BAVAIL f_tfree
3312 # else /* SFS_TYPE == SFS_USTAT */
3313 # if defined(ultrix)
3315 # define SFS_BAVAIL fd_bfreen
3316 # define FSBLOCKSIZE 1024L
3317 # else /* defined(ultrix) */
3318 # if SFS_TYPE == SFS_STATVFS
3320 # define FSBLOCKSIZE fs.f_frsize
3321 # else /* SFS_TYPE == SFS_STATVFS */
3323 # define FSBLOCKSIZE fs.f_bsize
3324 # endif /* SFS_TYPE == SFS_STATVFS */
3325 # endif /* defined(ultrix) */
3326 # endif /* SFS_TYPE == SFS_USTAT */
3328 # define SFS_BAVAIL f_bavail
3329 # endif /* ! SFS_BAVAIL */
3331 # if SFS_TYPE == SFS_USTAT
3332 if (stat(dir, &statbuf) == 0 && ustat(statbuf.st_dev, &fs) == 0)
3333 # else /* SFS_TYPE == SFS_USTAT */
3334 # if SFS_TYPE == SFS_4ARGS
3335 if (statfs(dir, &fs, sizeof(fs), 0) == 0)
3336 # else /* SFS_TYPE == SFS_4ARGS */
3337 # if SFS_TYPE == SFS_STATVFS
3338 if (statvfs(dir, &fs) == 0)
3339 # else /* SFS_TYPE == SFS_STATVFS */
3340 # if defined(ultrix)
3341 if (statfs(dir, &fs) > 0)
3342 # else /* defined(ultrix) */
3343 if (statfs(dir, &fs) == 0)
3344 # endif /* defined(ultrix) */
3345 # endif /* SFS_TYPE == SFS_STATVFS */
3346 # endif /* SFS_TYPE == SFS_4ARGS */
3347 # endif /* SFS_TYPE == SFS_USTAT */
3350 *bsize = FSBLOCKSIZE;
3351 if (fs.SFS_BAVAIL <= 0)
3353 else if (fs.SFS_BAVAIL > LONG_MAX)
3354 return (long) LONG_MAX;
3356 return (long) fs.SFS_BAVAIL;
3359 # endif /* SFS_TYPE == SFS_NONE */
3362 ** ENOUGHDISKSPACE -- is there enough free space on the queue file systems?
3365 ** msize -- the size to check against. If zero, we don't yet
3366 ** know how big the message will be, so just check for
3367 ** a "reasonable" amount.
3368 ** e -- envelope, or NULL -- controls logging
3371 ** true if in every queue group there is at least one
3372 ** queue directory whose file system contains enough free space.
3376 ** If there is not enough disk space and e != NULL
3377 ** then sm_syslog is called.
3381 enoughdiskspace(msize, e)
3390 #endif /* _FFR_TESTS */
3391 if (MinBlocksFree <= 0 && msize <= 0)
3394 sm_dprintf("enoughdiskspace: no threshold\n");
3399 for (i = 0; i < NumQueue; ++i)
3401 if (pickqdir(Queue[i], msize, e) < 0)
3407 ** TRANSIENTERROR -- tell if an error code indicates a transient failure
3409 ** This looks at an errno value and tells if this is likely to
3410 ** go away if retried later.
3413 ** err -- the errno code to classify.
3416 ** true if this is probably transient.
3426 case EIO: /* I/O error */
3427 case ENXIO: /* Device not configured */
3428 case EAGAIN: /* Resource temporarily unavailable */
3429 case ENOMEM: /* Cannot allocate memory */
3430 case ENODEV: /* Operation not supported by device */
3431 case ENFILE: /* Too many open files in system */
3432 case EMFILE: /* Too many open files */
3433 case ENOSPC: /* No space left on device */
3434 case ETIMEDOUT: /* Connection timed out */
3436 case ESTALE: /* Stale NFS file handle */
3439 case ENETDOWN: /* Network is down */
3440 #endif /* ENETDOWN */
3442 case ENETUNREACH: /* Network is unreachable */
3443 #endif /* ENETUNREACH */
3445 case ENETRESET: /* Network dropped connection on reset */
3446 #endif /* ENETRESET */
3448 case ECONNABORTED: /* Software caused connection abort */
3449 #endif /* ECONNABORTED */
3451 case ECONNRESET: /* Connection reset by peer */
3452 #endif /* ECONNRESET */
3454 case ENOBUFS: /* No buffer space available */
3455 #endif /* ENOBUFS */
3457 case ESHUTDOWN: /* Can't send after socket shutdown */
3458 #endif /* ESHUTDOWN */
3460 case ECONNREFUSED: /* Connection refused */
3461 #endif /* ECONNREFUSED */
3463 case EHOSTDOWN: /* Host is down */
3464 #endif /* EHOSTDOWN */
3466 case EHOSTUNREACH: /* No route to host */
3467 #endif /* EHOSTUNREACH */
3469 case EDQUOT: /* Disc quota exceeded */
3472 case EPROCLIM: /* Too many processes */
3473 #endif /* EPROCLIM */
3475 case EUSERS: /* Too many users */
3478 case EDEADLK: /* Resource deadlock avoided */
3479 #endif /* EDEADLK */
3481 case EISCONN: /* Socket already connected */
3482 #endif /* EISCONN */
3484 case EINPROGRESS: /* Operation now in progress */
3485 #endif /* EINPROGRESS */
3487 case EALREADY: /* Operation already in progress */
3488 #endif /* EALREADY */
3490 case EADDRINUSE: /* Address already in use */
3491 #endif /* EADDRINUSE */
3492 #ifdef EADDRNOTAVAIL
3493 case EADDRNOTAVAIL: /* Can't assign requested address */
3494 #endif /* EADDRNOTAVAIL */
3496 case ETXTBSY: /* (Apollo) file locked */
3497 #endif /* ETXTBSY */
3498 #if defined(ENOSR) && (!defined(ENOBUFS) || (ENOBUFS != ENOSR))
3499 case ENOSR: /* Out of streams resources */
3500 #endif /* defined(ENOSR) && (!defined(ENOBUFS) || (ENOBUFS != ENOSR)) */
3502 case ENOLCK: /* No locks available */
3504 case E_SM_OPENTIMEOUT: /* PSEUDO: open timed out */
3508 /* nope, must be permanent */
3512 ** LOCKFILE -- lock a file using flock or (shudder) fcntl locking
3515 ** fd -- the file descriptor of the file.
3516 ** filename -- the file name (for error messages).
3517 ** ext -- the filename extension.
3518 ** type -- type of the lock. Bits can be:
3519 ** LOCK_EX -- exclusive lock.
3520 ** LOCK_NB -- non-blocking.
3521 ** LOCK_UN -- unlock.
3524 ** true if the lock was acquired.
3529 lockfile(fd, filename, ext, type)
3544 memset(&lfd, '\0', sizeof(lfd));
3545 if (bitset(LOCK_UN, type))
3546 lfd.l_type = F_UNLCK;
3547 else if (bitset(LOCK_EX, type))
3548 lfd.l_type = F_WRLCK;
3550 lfd.l_type = F_RDLCK;
3552 if (bitset(LOCK_NB, type))
3558 sm_dprintf("lockfile(%s%s, action=%d, type=%d): ",
3559 filename, ext, action, lfd.l_type);
3561 while ((i = fcntl(fd, action, &lfd)) < 0 && errno == EINTR)
3566 sm_dprintf("SUCCESS\n");
3572 sm_dprintf("(%s) ", sm_errstring(save_errno));
3575 ** On SunOS, if you are testing using -oQ/tmp/mqueue or
3576 ** -oA/tmp/aliases or anything like that, and /tmp is mounted
3577 ** as type "tmp" (that is, served from swap space), the
3578 ** previous fcntl will fail with "Invalid argument" errors.
3579 ** Since this is fairly common during testing, we will assume
3580 ** that this indicates that the lock is successfully grabbed.
3583 if (save_errno == EINVAL)
3586 sm_dprintf("SUCCESS\n");
3590 if (!bitset(LOCK_NB, type) ||
3591 (save_errno != EACCES && save_errno != EAGAIN))
3593 int omode = fcntl(fd, F_GETFL, 0);
3594 uid_t euid = geteuid();
3597 syserr("cannot lockf(%s%s, fd=%d, type=%o, omode=%o, euid=%d)",
3598 filename, ext, fd, type, omode, euid);
3599 dumpfd(fd, true, true);
3601 # else /* !HASFLOCK */
3606 sm_dprintf("lockfile(%s%s, type=%o): ", filename, ext, type);
3608 while ((i = flock(fd, type)) < 0 && errno == EINTR)
3613 sm_dprintf("SUCCESS\n");
3619 sm_dprintf("(%s) ", sm_errstring(save_errno));
3621 if (!bitset(LOCK_NB, type) || save_errno != EWOULDBLOCK)
3623 int omode = fcntl(fd, F_GETFL, 0);
3624 uid_t euid = geteuid();
3627 syserr("cannot flock(%s%s, fd=%d, type=%o, omode=%o, euid=%d)",
3628 filename, ext, fd, type, omode, euid);
3629 dumpfd(fd, true, true);
3631 # endif /* !HASFLOCK */
3633 sm_dprintf("FAIL\n");
3638 ** CHOWNSAFE -- tell if chown is "safe" (executable only by root)
3640 ** Unfortunately, given that we can't predict other systems on which
3641 ** a remote mounted (NFS) filesystem will be mounted, the answer is
3642 ** almost always that this is unsafe.
3644 ** Note also that many operating systems have non-compliant
3645 ** implementations of the _POSIX_CHOWN_RESTRICTED variable and the
3646 ** fpathconf() routine. According to IEEE 1003.1-1990, if
3647 ** _POSIX_CHOWN_RESTRICTED is defined and not equal to -1, then
3648 ** no non-root process can give away the file. However, vendors
3649 ** don't take NFS into account, so a comfortable value of
3650 ** _POSIX_CHOWN_RESTRICTED tells us nothing.
3652 ** Also, some systems (e.g., IRIX 6.2) return 1 from fpathconf()
3653 ** even on files where chown is not restricted. Many systems get
3654 ** this wrong on NFS-based filesystems (that is, they say that chown
3655 ** is restricted [safe] on NFS filesystems where it may not be, since
3656 ** other systems can access the same filesystem and do file giveaway;
3657 ** only the NFS server knows for sure!) Hence, it is important to
3658 ** get the value of SAFENFSPATHCONF correct -- it should be defined
3659 ** _only_ after testing (see test/t_pathconf.c) a system on an unsafe
3660 ** NFS-based filesystem to ensure that you can get meaningful results.
3661 ** If in doubt, assume unsafe!
3663 ** You may also need to tweak IS_SAFE_CHOWN -- it should be a
3664 ** condition indicating whether the return from pathconf indicates
3665 ** that chown is safe (typically either > 0 or >= 0 -- there isn't
3666 ** even any agreement about whether a zero return means that a file
3667 ** is or is not safe). It defaults to "> 0".
3669 ** If the parent directory is safe (writable only by owner back
3670 ** to the root) then we can relax slightly and trust fpathconf
3671 ** in more circumstances. This is really a crock -- if this is an
3672 ** NFS mounted filesystem then we really know nothing about the
3673 ** underlying implementation. However, most systems pessimize and
3674 ** return an error (EINVAL or EOPNOTSUPP) on NFS filesystems, which
3675 ** we interpret as unsafe, as we should. Thus, this heuristic gets
3676 ** us into a possible problem only on systems that have a broken
3677 ** pathconf implementation and which are also poorly configured
3678 ** (have :include: files in group- or world-writable directories).
3681 ** fd -- the file descriptor to check.
3682 ** safedir -- set if the parent directory is safe.
3685 ** true -- if the chown(2) operation is "safe" -- that is,
3686 ** only root can chown the file to an arbitrary user.
3687 ** false -- if an arbitrary user can give away a file.
3690 #ifndef IS_SAFE_CHOWN
3691 # define IS_SAFE_CHOWN > 0
3692 #endif /* ! IS_SAFE_CHOWN */
3695 chownsafe(fd, safedir)
3699 # if (!defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1) && \
3700 (defined(_PC_CHOWN_RESTRICTED) || defined(_GNU_TYPES_H))
3703 /* give the system administrator a chance to override */
3704 if (bitnset(DBS_ASSUMESAFECHOWN, DontBlameSendmail))
3708 ** Some systems (e.g., SunOS) seem to have the call and the
3709 ** #define _PC_CHOWN_RESTRICTED, but don't actually implement
3710 ** the call. This heuristic checks for that.
3714 rval = fpathconf(fd, _PC_CHOWN_RESTRICTED);
3715 # if SAFENFSPATHCONF
3716 return errno == 0 && rval IS_SAFE_CHOWN;
3717 # else /* SAFENFSPATHCONF */
3718 return safedir && errno == 0 && rval IS_SAFE_CHOWN;
3719 # endif /* SAFENFSPATHCONF */
3720 # else /* (!defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1) && ... */
3721 return bitnset(DBS_ASSUMESAFECHOWN, DontBlameSendmail);
3722 # endif /* (!defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1) && ... */
3725 ** RESETLIMITS -- reset system controlled resource limits
3727 ** This is to avoid denial-of-service attacks
3737 # ifdef RLIMIT_NEEDS_SYS_TIME_H
3738 # include <sm/time.h>
3739 # endif /* RLIMIT_NEEDS_SYS_TIME_H */
3740 # include <sys/resource.h>
3741 #endif /* HASSETRLIMIT */
3749 lim.rlim_cur = lim.rlim_max = RLIM_INFINITY;
3750 (void) setrlimit(RLIMIT_CPU, &lim);
3751 (void) setrlimit(RLIMIT_FSIZE, &lim);
3752 # ifdef RLIMIT_NOFILE
3753 lim.rlim_cur = lim.rlim_max = FD_SETSIZE;
3754 (void) setrlimit(RLIMIT_NOFILE, &lim);
3755 # endif /* RLIMIT_NOFILE */
3756 #else /* HASSETRLIMIT */
3758 (void) ulimit(2, 0x3fffff);
3759 (void) ulimit(4, FD_SETSIZE);
3760 # endif /* HASULIMIT */
3761 #endif /* HASSETRLIMIT */
3765 ** SETVENDOR -- process vendor code from V configuration line
3768 ** vendor -- string representation of vendor.
3772 ** false -- if vendor code could not be processed.
3775 ** It is reasonable to set mode flags here to tweak
3776 ** processing in other parts of the code if necessary.
3777 ** For example, if you are a vendor that uses $%y to
3778 ** indicate YP lookups, you could enable that here.
3785 if (sm_strcasecmp(vendor, "Berkeley") == 0)
3787 VendorCode = VENDOR_BERKELEY;
3791 /* add vendor extensions here */
3793 #ifdef SUN_EXTENSIONS
3794 if (sm_strcasecmp(vendor, "Sun") == 0)
3796 VendorCode = VENDOR_SUN;
3799 #endif /* SUN_EXTENSIONS */
3801 if (sm_strcasecmp(vendor, "Digital") == 0)
3803 VendorCode = VENDOR_DEC;
3808 #if defined(VENDOR_NAME) && defined(VENDOR_CODE)
3809 if (sm_strcasecmp(vendor, VENDOR_NAME) == 0)
3811 VendorCode = VENDOR_CODE;
3814 #endif /* defined(VENDOR_NAME) && defined(VENDOR_CODE) */
3819 ** GETVENDOR -- return vendor name based on vendor code
3822 ** vendorcode -- numeric representation of vendor.
3825 ** string containing vendor name.
3829 getvendor(vendorcode)
3832 #if defined(VENDOR_NAME) && defined(VENDOR_CODE)
3834 ** Can't have the same switch case twice so need to
3835 ** handle VENDOR_CODE outside of switch. It might
3836 ** match one of the existing VENDOR_* codes.
3839 if (vendorcode == VENDOR_CODE)
3841 #endif /* defined(VENDOR_NAME) && defined(VENDOR_CODE) */
3845 case VENDOR_BERKELEY:
3857 case VENDOR_SENDMAIL:
3865 ** VENDOR_PRE_DEFAULTS, VENDOR_POST_DEFAULTS -- set vendor-specific defaults
3867 ** Vendor_pre_defaults is called before reading the configuration
3868 ** file; vendor_post_defaults is called immediately after.
3871 ** e -- the global environment to initialize.
3878 int DefShareUid; /* default share uid to run as -- unused??? */
3879 #endif /* SHARE_V1 */
3882 vendor_pre_defaults(e)
3886 /* OTHERUID is defined in shares.h, do not be alarmed */
3887 DefShareUid = OTHERUID;
3888 #endif /* SHARE_V1 */
3889 #if defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES)
3890 sun_pre_defaults(e);
3891 #endif /* defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES) */
3894 ** stupid domain/os can't even open
3895 ** /etc/mail/sendmail.cf without this
3898 sm_setuserenv("ISP", NULL);
3899 sm_setuserenv("SYSTYPE", NULL);
3905 vendor_post_defaults(e)
3909 /* Makes sure the SOCK environment variable remains */
3910 sm_setuserenv("SOCK", NULL);
3911 #endif /* __QNX__ */
3912 #if defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES)
3913 sun_post_defaults(e);
3914 #endif /* defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES) */
3917 ** VENDOR_DAEMON_SETUP -- special vendor setup needed for daemon mode
3921 vendor_daemon_setup(e)
3925 (void) setlogin(RunAsUserName);
3926 #endif /* HASSETLOGIN */
3928 if (getluid() != -1)
3930 usrerr("Daemon cannot have LUID");
3931 finis(false, true, EX_USAGE);
3933 #endif /* SECUREWARE */
3936 ** VENDOR_SET_UID -- do setup for setting a user id
3938 ** This is called when we are still root.
3941 ** uid -- the uid we are about to become.
3952 ** We need to setup the share groups (lnodes)
3953 ** and add auditing information (luid's)
3954 ** before we loose our ``root''ness.
3957 if (setupshares(uid, syserr) != 0)
3958 syserr("Unable to set up shares");
3959 #endif /* SHARE_V1 */
3961 (void) setup_secure(uid);
3962 #endif /* SECUREWARE */
3965 ** VALIDATE_CONNECTION -- check connection for rationality
3967 ** If the connection is rejected, this routine should log an
3968 ** appropriate message -- but should never issue any SMTP protocol.
3971 ** sap -- a pointer to a SOCKADDR naming the peer.
3972 ** hostname -- the name corresponding to sap.
3973 ** e -- the current envelope.
3976 ** error message from rejection.
3977 ** NULL if not rejected.
3983 /* tcpwrappers does no logging, but you still have to declare these -- ugh */
3984 int allow_severity = LOG_INFO;
3985 int deny_severity = LOG_NOTICE;
3986 #endif /* TCPWRAPPERS */
3989 validate_connection(sap, hostname, e)
3997 extern int hosts_ctl();
3998 #endif /* TCPWRAPPERS */
4001 sm_dprintf("validate_connection(%s, %s)\n",
4002 hostname, anynet_ntoa(sap));
4004 connection_rate_check(sap, e);
4005 if (rscheck("check_relay", hostname, anynet_ntoa(sap),
4006 e, RSF_RMCOMM|RSF_COUNT, 3, NULL, NOQID, NULL) != EX_OK)
4008 static char reject[BUFSIZ*2];
4009 extern char MsgBuf[];
4012 sm_dprintf(" ... validate_connection: BAD (rscheck)\n");
4014 if (strlen(MsgBuf) >= 3)
4015 (void) sm_strlcpy(reject, MsgBuf, sizeof(reject));
4017 (void) sm_strlcpy(reject, "Access denied", sizeof(reject));
4023 if (hostname[0] == '[' && hostname[strlen(hostname) - 1] == ']')
4027 addr = anynet_ntoa(sap);
4030 /* TCP/Wrappers don't want the IPv6: protocol label */
4031 if (addr != NULL && sm_strncasecmp(addr, "IPv6:", 5) == 0)
4033 # endif /* NETINET6 */
4035 if (!hosts_ctl("sendmail", host, addr, STRING_UNKNOWN))
4038 sm_dprintf(" ... validate_connection: BAD (tcpwrappers)\n");
4040 sm_syslog(LOG_NOTICE, e->e_id,
4041 "tcpwrappers (%s, %s) rejection",
4043 return "Access denied";
4045 #endif /* TCPWRAPPERS */
4047 sm_dprintf(" ... validate_connection: OK\n");
4052 ** STRTOL -- convert string to long integer
4054 ** For systems that don't have it in the C library.
4056 ** This is taken verbatim from the 4.4-Lite C library.
4061 # if defined(LIBC_SCCS) && !defined(lint)
4062 static char sccsid[] = "@(#)strtol.c 8.1 (Berkeley) 6/4/93";
4063 # endif /* defined(LIBC_SCCS) && !defined(lint) */
4066 ** Convert a string to a long integer.
4068 ** Ignores `locale' stuff. Assumes that the upper and lower case
4069 ** alphabets and digits are each contiguous.
4073 strtol(nptr, endptr, base)
4078 register const char *s = nptr;
4079 register unsigned long acc;
4081 register unsigned long cutoff;
4082 register int neg = 0, any, cutlim;
4085 ** Skip white space and pick up leading +/- sign if any.
4086 ** If base is 0, allow 0x for hex and 0 for octal, else
4087 ** assume decimal; if base is already 16, allow 0x.
4091 } while (isascii(c) && isspace(c));
4095 } else if (c == '+')
4097 if ((base == 0 || base == 16) &&
4098 c == '0' && (*s == 'x' || *s == 'X')) {
4104 base = c == '0' ? 8 : 10;
4107 ** Compute the cutoff value between legal numbers and illegal
4108 ** numbers. That is the largest legal value, divided by the
4109 ** base. An input number that is greater than this value, if
4110 ** followed by a legal input character, is too big. One that
4111 ** is equal to this value may be valid or not; the limit
4112 ** between valid and invalid numbers is then based on the last
4113 ** digit. For instance, if the range for longs is
4114 ** [-2147483648..2147483647] and the input base is 10,
4115 ** cutoff will be set to 214748364 and cutlim to either
4116 ** 7 (neg==0) or 8 (neg==1), meaning that if we have accumulated
4117 ** a value > 214748364, or equal but the next digit is > 7 (or 8),
4118 ** the number is too big, and we will return a range error.
4120 ** Set any if any `digits' consumed; make it negative to indicate
4123 cutoff = neg ? -(unsigned long) LONG_MIN : LONG_MAX;
4124 cutlim = cutoff % (unsigned long) base;
4125 cutoff /= (unsigned long) base;
4126 for (acc = 0, any = 0;; c = *s++) {
4127 if (isascii(c) && isdigit(c))
4129 else if (isascii(c) && isalpha(c))
4130 c -= isupper(c) ? 'A' - 10 : 'a' - 10;
4135 if (any < 0 || acc > cutoff || acc == cutoff && c > cutlim)
4144 acc = neg ? LONG_MIN : LONG_MAX;
4149 *endptr = (char *)(any ? s - 1 : nptr);
4153 #endif /* NEEDSTRTOL */
4155 ** STRSTR -- find first substring in string
4158 ** big -- the big (full) string.
4159 ** little -- the little (sub) string.
4162 ** A pointer to the first instance of little in big.
4163 ** big if little is the null string.
4164 ** NULL if little is not contained in big.
4174 register char *p = big;
4177 if (*little == '\0')
4181 while ((p = strchr(p, *little)) != NULL)
4183 if (strncmp(p, little, l) == 0)
4190 #endif /* NEEDSTRSTR */
4192 ** SM_GETHOSTBY{NAME,ADDR} -- compatibility routines for gethostbyXXX
4194 ** Some operating systems have weird problems with the gethostbyXXX
4195 ** routines. For example, Solaris versions at least through 2.3
4196 ** don't properly deliver a canonical h_name field. This tries to
4197 ** work around these problems.
4199 ** Support IPv6 as well as IPv4.
4202 #if NETINET6 && NEEDSGETIPNODE
4205 # define AI_DEFAULT 0 /* dummy */
4206 # endif /* ! AI_DEFAULT */
4207 # ifndef AI_ADDRCONFIG
4208 # define AI_ADDRCONFIG 0 /* dummy */
4209 # endif /* ! AI_ADDRCONFIG */
4210 # ifndef AI_V4MAPPED
4211 # define AI_V4MAPPED 0 /* dummy */
4212 # endif /* ! AI_V4MAPPED */
4214 # define AI_ALL 0 /* dummy */
4215 # endif /* ! AI_ALL */
4217 static struct hostent *
4218 sm_getipnodebyname(name, family, flags, err)
4227 if (family == AF_INET6)
4229 /* From RFC2133, section 6.1 */
4230 resv6 = bitset(RES_USE_INET6, _res.options);
4231 _res.options |= RES_USE_INET6;
4234 h = gethostbyname(name);
4236 _res.options &= ~RES_USE_INET6;
4241 static struct hostent *
4242 sm_getipnodebyaddr(addr, len, family, err)
4251 h = gethostbyaddr(addr, len, family);
4261 ** Stub routine -- if they don't have getipnodeby*(),
4262 ** they probably don't have the free routine either.
4267 #endif /* NETINET6 && NEEDSGETIPNODE */
4270 sm_gethostbyname(name, family)
4275 struct hostent *h = NULL;
4276 #if (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4))
4277 # if SOLARIS == 20300 || SOLARIS == 203
4278 static struct hostent hp;
4279 static char buf[1000];
4280 extern struct hostent *_switch_gethostbyname_r();
4283 sm_dprintf("_switch_gethostbyname_r(%s)... ", name);
4284 h = _switch_gethostbyname_r(name, &hp, buf, sizeof(buf), &h_errno);
4286 # else /* SOLARIS == 20300 || SOLARIS == 203 */
4287 extern struct hostent *__switch_gethostbyname();
4290 sm_dprintf("__switch_gethostbyname(%s)... ", name);
4291 h = __switch_gethostbyname(name);
4293 # endif /* SOLARIS == 20300 || SOLARIS == 203 */
4294 #else /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4)) */
4297 # ifndef SM_IPNODEBYNAME_FLAGS
4298 /* For IPv4-mapped addresses, use: AI_DEFAULT|AI_ALL */
4299 # define SM_IPNODEBYNAME_FLAGS AI_ADDRCONFIG
4300 # endif /* SM_IPNODEBYNAME_FLAGS */
4302 int flags = SM_IPNODEBYNAME_FLAGS;
4304 # endif /* NETINET6 */
4305 char *maptype[MAXMAPSTACK];
4306 short mapreturn[MAXMAPACTIONS];
4310 sm_dprintf("sm_gethostbyname(%s, %d)... ", name, family);
4313 # if ADDRCONFIG_IS_BROKEN
4314 flags &= ~AI_ADDRCONFIG;
4315 # endif /* ADDRCONFIG_IS_BROKEN */
4316 h = sm_getipnodebyname(name, family, flags, &err);
4317 SM_SET_H_ERRNO(err);
4318 # else /* NETINET6 */
4319 h = gethostbyname(name);
4320 # endif /* NETINET6 */
4326 sm_dprintf("failure\n");
4328 nmaps = switch_map_find("hosts", maptype, mapreturn);
4329 while (--nmaps >= 0)
4331 if (strcmp(maptype[nmaps], "nis") == 0 ||
4332 strcmp(maptype[nmaps], "files") == 0)
4338 /* try short name */
4339 if (strlen(name) > sizeof(hbuf) - 1)
4344 (void) sm_strlcpy(hbuf, name, sizeof(hbuf));
4345 (void) shorten_hostname(hbuf);
4347 /* if it hasn't been shortened, there's no point */
4348 if (strcmp(hbuf, name) != 0)
4351 sm_dprintf("sm_gethostbyname(%s, %d)... ",
4355 h = sm_getipnodebyname(hbuf, family, flags, &err);
4356 SM_SET_H_ERRNO(err);
4358 # else /* NETINET6 */
4359 h = gethostbyname(hbuf);
4361 # endif /* NETINET6 */
4365 #endif /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4)) */
4369 sm_dprintf("failure\n");
4372 sm_dprintf("%s\n", h->h_name);
4376 struct in6_addr ia6;
4377 char buf6[INET6_ADDRSTRLEN];
4378 #else /* NETINET6 */
4380 #endif /* NETINET6 */
4383 if (h->h_aliases != NULL)
4384 for (i = 0; h->h_aliases[i] != NULL;
4386 sm_dprintf("\talias: %s\n",
4388 for (i = 0; h->h_addr_list[i] != NULL; i++)
4393 memmove(&ia6, h->h_addr_list[i],
4395 addr = anynet_ntop(&ia6,
4396 buf6, sizeof(buf6));
4397 #else /* NETINET6 */
4398 memmove(&ia, h->h_addr_list[i],
4400 addr = (char *) inet_ntoa(ia);
4401 #endif /* NETINET6 */
4403 sm_dprintf("\taddr: %s\n", addr);
4413 sm_gethostbyaddr(addr, len, type)
4421 if (type == AF_INET6 &&
4422 IN6_IS_ADDR_UNSPECIFIED((struct in6_addr *) addr))
4424 /* Avoid reverse lookup for IPv6 unspecified address */
4425 SM_SET_H_ERRNO(HOST_NOT_FOUND);
4428 #endif /* NETINET6 */
4430 #if (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204)
4431 # if SOLARIS == 20300 || SOLARIS == 203
4433 static struct hostent he;
4434 static char buf[1000];
4435 extern struct hostent *_switch_gethostbyaddr_r();
4437 hp = _switch_gethostbyaddr_r(addr, len, type, &he,
4438 buf, sizeof(buf), &h_errno);
4440 # else /* SOLARIS == 20300 || SOLARIS == 203 */
4442 extern struct hostent *__switch_gethostbyaddr();
4444 hp = __switch_gethostbyaddr(addr, len, type);
4446 # endif /* SOLARIS == 20300 || SOLARIS == 203 */
4447 #else /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) */
4452 hp = sm_getipnodebyaddr(addr, len, type, &err);
4453 SM_SET_H_ERRNO(err);
4455 # else /* NETINET6 */
4456 hp = gethostbyaddr(addr, len, type);
4457 # endif /* NETINET6 */
4458 #endif /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) */
4462 ** SM_GETPW{NAM,UID} -- wrapper for getpwnam and getpwuid
4470 extern struct passwd *_getpwnam_shadow(const char *, const int);
4472 return _getpwnam_shadow(user, 0);
4474 return getpwnam(user);
4482 #if defined(_AIX4) && 0
4483 extern struct passwd *_getpwuid_shadow(const int, const int);
4485 return _getpwuid_shadow(uid,0);
4486 #else /* defined(_AIX4) && 0 */
4487 return getpwuid(uid);
4488 #endif /* defined(_AIX4) && 0 */
4491 ** SECUREWARE_SETUP_SECURE -- Convex SecureWare setup
4493 ** Set up the trusted computing environment for C2 level security
4494 ** under SecureWare.
4497 ** uid -- uid of the user to initialize in the TCB
4503 ** Initialized the user in the trusted computing base
4508 # include <sys/security.h>
4512 secureware_setup_secure(uid)
4517 if (getluid() != -1)
4520 if ((rc = set_secure_info(uid)) != SSI_GOOD_RETURN)
4524 case SSI_NO_PRPW_ENTRY:
4525 syserr("No protected passwd entry, uid = %d",
4530 syserr("Account has been disabled, uid = %d",
4535 syserr("Account has been retired, uid = %d",
4539 case SSI_BAD_SET_LUID:
4540 syserr("Could not set LUID, uid = %d", (int) uid);
4543 case SSI_BAD_SET_PRIVS:
4544 syserr("Could not set kernel privs, uid = %d",
4548 syserr("Unknown return code (%d) from set_secure_info(%d)",
4552 finis(false, true, EX_NOPERM);
4555 #endif /* SECUREWARE */
4557 ** ADD_HOSTNAMES -- Add a hostname to class 'w' based on IP address
4559 ** Add hostnames to class 'w' based on the IP address read from
4560 ** the network interface.
4563 ** sa -- a pointer to a SOCKADDR containing the address
4566 ** 0 if successful, -1 if host lookup fails.
4575 char hnb[MAXHOSTNAMELEN];
4577 /* lookup name with IP address */
4578 switch (sa->sa.sa_family)
4582 hp = sm_gethostbyaddr((char *) &sa->sin.sin_addr,
4583 sizeof(sa->sin.sin_addr),
4586 #endif /* NETINET */
4590 hp = sm_gethostbyaddr((char *) &sa->sin6.sin6_addr,
4591 sizeof(sa->sin6.sin6_addr),
4594 #endif /* NETINET6 */
4597 /* Give warning about unsupported family */
4599 sm_syslog(LOG_WARNING, NOQID,
4600 "Unsupported address family %d: %.100s",
4601 sa->sa.sa_family, anynet_ntoa(sa));
4607 int save_errno = errno;
4610 #if NETINET && defined(IN_LINKLOCAL)
4611 !(sa->sa.sa_family == AF_INET &&
4612 IN_LINKLOCAL(ntohl(sa->sin.sin_addr.s_addr))) &&
4613 #endif /* NETINET && defined(IN_LINKLOCAL) */
4615 !(sa->sa.sa_family == AF_INET6 &&
4616 IN6_IS_ADDR_LINKLOCAL(&sa->sin6.sin6_addr)) &&
4617 #endif /* NETINET6 */
4619 sm_syslog(LOG_WARNING, NOQID,
4620 "gethostbyaddr(%.100s) failed: %d",
4624 #else /* NAMED_BIND */
4626 #endif /* NAMED_BIND */
4632 /* save its cname */
4633 if (!wordinclass((char *) hp->h_name, 'w'))
4635 setclass('w', (char *) hp->h_name);
4637 sm_dprintf("\ta.k.a.: %s\n", hp->h_name);
4639 if (sm_snprintf(hnb, sizeof(hnb), "[%s]", hp->h_name) <
4641 && !wordinclass((char *) hnb, 'w'))
4647 sm_dprintf("\ta.k.a.: %s (already in $=w)\n", hp->h_name);
4650 /* save all it aliases name */
4651 for (ha = hp->h_aliases; ha != NULL && *ha != NULL; ha++)
4653 if (!wordinclass(*ha, 'w'))
4657 sm_dprintf("\ta.k.a.: %s\n", *ha);
4658 if (sm_snprintf(hnb, sizeof(hnb),
4659 "[%s]", *ha) < sizeof(hnb) &&
4660 !wordinclass((char *) hnb, 'w'))
4666 sm_dprintf("\ta.k.a.: %s (already in $=w)\n",
4672 #endif /* NETINET6 */
4676 ** LOAD_IF_NAMES -- load interface-specific names into $=w
4685 ** Loads $=w with the names of all the interfaces.
4689 # define SIOCGIFCONF_IS_BROKEN 1 /* XXX */
4690 #endif /* !NETINET */
4692 #if defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN
4696 # include <sm/time.h>
4697 # endif /* ! SUNOS403 */
4698 # if (_AIX4 >= 40300) && !defined(_NET_IF_H)
4700 # endif /* (_AIX4 >= 40300) && !defined(_NET_IF_H) */
4701 # include <net/if.h>
4702 #endif /* defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN */
4707 # if NETINET6 && defined(SIOCGLIFCONF)
4711 ** Unfortunately, HP has changed all of the structures,
4712 ** making life difficult for implementors.
4715 # define lifconf if_laddrconf
4716 # define lifc_len iflc_len
4717 # define lifc_buf iflc_buf
4718 # define lifreq if_laddrreq
4719 # define lifr_addr iflr_addr
4720 # define lifr_name iflr_name
4721 # define lifr_flags iflr_flags
4722 # define ss_family sa_family
4724 # endif /* __hpux */
4731 struct lifconf lifc;
4734 # endif /* SIOCGLIFNUM */
4736 s = socket(InetMode, SOCK_DGRAM, 0);
4740 /* get the list of known IP address from the kernel */
4742 i = ioctl(s, SIOCGIFNUM, (char *) &numifs);
4743 # endif /* __hpux */
4745 lifn.lifn_family = AF_UNSPEC;
4746 lifn.lifn_flags = 0;
4747 i = ioctl(s, SIOCGLIFNUM, (char *)&lifn);
4748 numifs = lifn.lifn_count;
4749 # endif /* SIOCGLIFNUM */
4751 # if defined(__hpux) || defined(SIOCGLIFNUM)
4754 /* can't get number of interfaces -- fall back */
4756 sm_dprintf("SIOCGLIFNUM failed: %s\n",
4757 sm_errstring(errno));
4760 else if (tTd(0, 42))
4761 sm_dprintf("system has %d interfaces\n", numifs);
4763 # endif /* defined(__hpux) || defined(SIOCGLIFNUM) */
4764 numifs = MAXINTERFACES;
4772 len = lifc.lifc_len = numifs * sizeof(struct lifreq);
4773 buf = lifc.lifc_buf = xalloc(lifc.lifc_len);
4775 lifc.lifc_family = AF_UNSPEC;
4776 lifc.lifc_flags = 0;
4777 # endif /* ! __hpux */
4778 if (ioctl(s, SIOCGLIFCONF, (char *)&lifc) < 0)
4781 sm_dprintf("SIOCGLIFCONF failed: %s\n",
4782 sm_errstring(errno));
4788 /* scan the list of IP address */
4790 sm_dprintf("scanning for interface specific names, lifc_len=%ld\n",
4793 for (i = 0; i < len && i >= 0; )
4796 struct lifreq *ifr = (struct lifreq *)&buf[i];
4797 SOCKADDR *sa = (SOCKADDR *) &ifr->lifr_addr;
4798 int af = ifr->lifr_addr.ss_family;
4801 struct in6_addr ia6;
4803 # ifdef SIOCGLIFFLAGS
4805 # endif /* SIOCGLIFFLAGS */
4807 char buf6[INET6_ADDRSTRLEN];
4810 ** We must close and recreate the socket each time
4811 ** since we don't know what type of socket it is now
4812 ** (each status function may change it).
4817 s = socket(af, SOCK_DGRAM, 0);
4820 sm_free(buf); /* XXX */
4825 ** If we don't have a complete ifr structure,
4826 ** don't try to use it.
4829 if ((len - i) < sizeof(*ifr))
4832 # ifdef BSD4_4_SOCKADDR
4833 if (sa->sa.sa_len > sizeof(ifr->lifr_addr))
4834 i += sizeof(ifr->lifr_name) + sa->sa.sa_len;
4836 # endif /* BSD4_4_SOCKADDR */
4838 /* fix for IPv6 size differences */
4839 i += sizeof(ifr->ifr_name) +
4840 max(sizeof(ifr->ifr_addr), ifr->ifr_addr.sa_len);
4846 sm_dprintf("%s\n", anynet_ntoa(sa));
4848 if (af != AF_INET && af != AF_INET6)
4851 # ifdef SIOCGLIFFLAGS
4852 memset(&ifrf, '\0', sizeof(struct lifreq));
4853 (void) sm_strlcpy(ifrf.lifr_name, ifr->lifr_name,
4854 sizeof(ifrf.lifr_name));
4855 if (ioctl(s, SIOCGLIFFLAGS, (char *) &ifrf) < 0)
4858 sm_dprintf("SIOCGLIFFLAGS failed: %s\n",
4859 sm_errstring(errno));
4863 name = ifr->lifr_name;
4864 flags = ifrf.lifr_flags;
4867 sm_dprintf("\tflags: %lx\n", (unsigned long) flags);
4869 if (!bitset(IFF_UP, flags))
4871 # endif /* SIOCGLIFFLAGS */
4875 /* extract IP address from the list*/
4879 SETV6LOOPBACKADDRFOUND(*sa);
4881 /* convert into proper scoped address */
4882 if ((IN6_IS_ADDR_LINKLOCAL(&sa->sin6.sin6_addr) ||
4883 IN6_IS_ADDR_SITELOCAL(&sa->sin6.sin6_addr)) &&
4884 sa->sin6.sin6_scope_id == 0)
4886 struct in6_addr *ia6p;
4888 ia6p = &sa->sin6.sin6_addr;
4889 sa->sin6.sin6_scope_id = ntohs(ia6p->s6_addr[3] |
4890 ((unsigned int)ia6p->s6_addr[2] << 8));
4891 ia6p->s6_addr[2] = ia6p->s6_addr[3] = 0;
4893 # endif /* __KAME__ */
4894 ia6 = sa->sin6.sin6_addr;
4895 if (IN6_IS_ADDR_UNSPECIFIED(&ia6))
4897 addr = anynet_ntop(&ia6, buf6, sizeof(buf6));
4898 message("WARNING: interface %s is UP with %s address",
4899 name, addr == NULL ? "(NULL)" : addr);
4903 /* save IP address in text from */
4904 addr = anynet_ntop(&ia6, buf6, sizeof(buf6));
4906 (void) sm_snprintf(ip_addr, sizeof(ip_addr),
4908 (int) sizeof(ip_addr) - 3,
4913 ia = sa->sin.sin_addr;
4914 if (ia.s_addr == INADDR_ANY ||
4915 ia.s_addr == INADDR_NONE)
4917 message("WARNING: interface %s is UP with %s address",
4918 name, inet_ntoa(ia));
4922 /* save IP address in text from */
4923 (void) sm_snprintf(ip_addr, sizeof(ip_addr), "[%.*s]",
4924 (int) sizeof(ip_addr) - 3, inet_ntoa(ia));
4928 if (*ip_addr == '\0')
4931 if (!wordinclass(ip_addr, 'w'))
4933 setclass('w', ip_addr);
4935 sm_dprintf("\ta.k.a.: %s\n", ip_addr);
4938 # ifdef SIOCGLIFFLAGS
4939 /* skip "loopback" interface "lo" */
4940 if (DontProbeInterfaces == DPI_SKIPLOOPBACK &&
4941 bitset(IFF_LOOPBACK, flags))
4943 # endif /* SIOCGLIFFLAGS */
4944 (void) add_hostnames(sa);
4946 sm_free(buf); /* XXX */
4948 # else /* NETINET6 && defined(SIOCGLIFCONF) */
4949 # if defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN
4955 s = socket(AF_INET, SOCK_DGRAM, 0);
4959 /* get the list of known IP address from the kernel */
4960 # if defined(SIOCGIFNUM) && !SIOCGIFNUM_IS_BROKEN
4961 if (ioctl(s, SIOCGIFNUM, (char *) &numifs) < 0)
4963 /* can't get number of interfaces -- fall back */
4965 sm_dprintf("SIOCGIFNUM failed: %s\n",
4966 sm_errstring(errno));
4969 else if (tTd(0, 42))
4970 sm_dprintf("system has %d interfaces\n", numifs);
4972 # endif /* defined(SIOCGIFNUM) && !SIOCGIFNUM_IS_BROKEN */
4973 numifs = MAXINTERFACES;
4980 ifc.ifc_len = numifs * sizeof(struct ifreq);
4981 ifc.ifc_buf = xalloc(ifc.ifc_len);
4982 if (ioctl(s, SIOCGIFCONF, (char *)&ifc) < 0)
4985 sm_dprintf("SIOCGIFCONF failed: %s\n",
4986 sm_errstring(errno));
4991 /* scan the list of IP address */
4993 sm_dprintf("scanning for interface specific names, ifc_len=%d\n",
4996 for (i = 0; i < ifc.ifc_len && i >= 0; )
4999 struct ifreq *ifr = (struct ifreq *) &ifc.ifc_buf[i];
5000 SOCKADDR *sa = (SOCKADDR *) &ifr->ifr_addr;
5003 struct in6_addr ia6;
5004 # endif /* NETINET6 */
5006 # ifdef SIOCGIFFLAGS
5008 # endif /* SIOCGIFFLAGS */
5011 char buf6[INET6_ADDRSTRLEN];
5012 # endif /* NETINET6 */
5015 ** If we don't have a complete ifr structure,
5016 ** don't try to use it.
5019 if ((ifc.ifc_len - i) < sizeof(*ifr))
5022 # ifdef BSD4_4_SOCKADDR
5023 if (sa->sa.sa_len > sizeof(ifr->ifr_addr))
5024 i += sizeof(ifr->ifr_name) + sa->sa.sa_len;
5026 # endif /* BSD4_4_SOCKADDR */
5030 sm_dprintf("%s\n", anynet_ntoa(sa));
5032 af = ifr->ifr_addr.sa_family;
5036 # endif /* NETINET6 */
5040 # ifdef SIOCGIFFLAGS
5041 memset(&ifrf, '\0', sizeof(struct ifreq));
5042 (void) sm_strlcpy(ifrf.ifr_name, ifr->ifr_name,
5043 sizeof(ifrf.ifr_name));
5044 (void) ioctl(s, SIOCGIFFLAGS, (char *) &ifrf);
5046 sm_dprintf("\tflags: %lx\n",
5047 (unsigned long) ifrf.ifr_flags);
5048 # define IFRFREF ifrf
5049 # else /* SIOCGIFFLAGS */
5050 # define IFRFREF (*ifr)
5051 # endif /* SIOCGIFFLAGS */
5053 if (!bitset(IFF_UP, IFRFREF.ifr_flags))
5058 /* extract IP address from the list*/
5062 ia = sa->sin.sin_addr;
5063 if (ia.s_addr == INADDR_ANY ||
5064 ia.s_addr == INADDR_NONE)
5066 message("WARNING: interface %s is UP with %s address",
5067 ifr->ifr_name, inet_ntoa(ia));
5071 /* save IP address in text from */
5072 (void) sm_snprintf(ip_addr, sizeof(ip_addr), "[%.*s]",
5073 (int) sizeof(ip_addr) - 3,
5079 SETV6LOOPBACKADDRFOUND(*sa);
5081 /* convert into proper scoped address */
5082 if ((IN6_IS_ADDR_LINKLOCAL(&sa->sin6.sin6_addr) ||
5083 IN6_IS_ADDR_SITELOCAL(&sa->sin6.sin6_addr)) &&
5084 sa->sin6.sin6_scope_id == 0)
5086 struct in6_addr *ia6p;
5088 ia6p = &sa->sin6.sin6_addr;
5089 sa->sin6.sin6_scope_id = ntohs(ia6p->s6_addr[3] |
5090 ((unsigned int)ia6p->s6_addr[2] << 8));
5091 ia6p->s6_addr[2] = ia6p->s6_addr[3] = 0;
5093 # endif /* __KAME__ */
5094 ia6 = sa->sin6.sin6_addr;
5095 if (IN6_IS_ADDR_UNSPECIFIED(&ia6))
5097 addr = anynet_ntop(&ia6, buf6, sizeof(buf6));
5098 message("WARNING: interface %s is UP with %s address",
5100 addr == NULL ? "(NULL)" : addr);
5104 /* save IP address in text from */
5105 addr = anynet_ntop(&ia6, buf6, sizeof(buf6));
5107 (void) sm_snprintf(ip_addr, sizeof(ip_addr),
5109 (int) sizeof(ip_addr) - 3,
5113 # endif /* NETINET6 */
5116 if (ip_addr[0] == '\0')
5119 if (!wordinclass(ip_addr, 'w'))
5121 setclass('w', ip_addr);
5123 sm_dprintf("\ta.k.a.: %s\n", ip_addr);
5126 /* skip "loopback" interface "lo" */
5127 if (DontProbeInterfaces == DPI_SKIPLOOPBACK &&
5128 bitset(IFF_LOOPBACK, IFRFREF.ifr_flags))
5131 (void) add_hostnames(sa);
5133 sm_free(ifc.ifc_buf); /* XXX */
5136 # endif /* defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN */
5137 # endif /* NETINET6 && defined(SIOCGLIFCONF) */
5140 ** ISLOOPBACK -- is socket address in the loopback net?
5143 ** sa -- socket address.
5146 ** true -- is socket address in the loopback net?
5147 ** false -- otherwise
5156 if (IN6_IS_ADDR_LOOPBACK(&sa.sin6.sin6_addr))
5158 #else /* NETINET6 */
5159 /* XXX how to correctly extract IN_LOOPBACKNET part? */
5160 if (((ntohl(sa.sin.sin_addr.s_addr) & IN_CLASSA_NET)
5161 >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
5163 #endif /* NETINET6 */
5167 ** GET_NUM_PROCS_ONLINE -- return the number of processors currently online
5173 ** The number of processors online.
5177 get_num_procs_online()
5182 # if defined(CTL_HW) && defined(HW_NCPU)
5188 sz = (size_t) sizeof(nproc);
5189 (void) sysctl(mib, 2, &nproc, &sz, NULL, 0);
5190 # endif /* defined(CTL_HW) && defined(HW_NCPU) */
5191 #else /* USESYSCTL */
5192 # ifdef _SC_NPROCESSORS_ONLN
5193 nproc = (int) sysconf(_SC_NPROCESSORS_ONLN);
5194 # else /* _SC_NPROCESSORS_ONLN */
5196 # include <sys/pstat.h>
5197 struct pst_dynamic psd;
5199 if (pstat_getdynamic(&psd, sizeof(psd), (size_t)1, 0) != -1)
5200 nproc = psd.psd_proc_cnt;
5201 # endif /* __hpux */
5202 # endif /* _SC_NPROCESSORS_ONLN */
5203 #endif /* USESYSCTL */
5210 ** SM_CLOSEFROM -- close file descriptors
5213 ** lowest -- first fd to close
5214 ** highest -- last fd + 1 to close
5221 sm_closefrom(lowest, highest)
5222 int lowest, highest;
5226 #else /* HASCLOSEFROM */
5229 for (i = lowest; i < highest; i++)
5231 #endif /* HASCLOSEFROM */
5235 ** CLOSEFD_WALK -- walk fd's arranging to close them
5236 ** Callback for fdwalk()
5239 ** lowest -- first fd to arrange to be closed
5240 ** fd -- fd to arrange to be closed
5247 closefd_walk(lowest, fd)
5251 if (fd >= *(int *)lowest)
5252 (void) fcntl(fd, F_SETFD, FD_CLOEXEC);
5255 #endif /* HASFDWALK */
5257 ** SM_CLOSE_ON_EXEC -- arrange for file descriptors to be closed
5260 ** lowest -- first fd to arrange to be closed
5261 ** highest -- last fd + 1 to arrange to be closed
5268 sm_close_on_exec(highest, lowest)
5269 int highest, lowest;
5272 (void) fdwalk(closefd_walk, &lowest);
5273 #else /* HASFDWALK */
5276 for (i = lowest; i < highest; i++)
5278 if ((j = fcntl(i, F_GETFD, 0)) != -1)
5279 (void) fcntl(i, F_SETFD, j | FD_CLOEXEC);
5281 #endif /* HASFDWALK */
5284 ** SEED_RANDOM -- seed the random number generator
5298 #else /* HASSRANDOMDEV */
5302 seed = (long) CurrentPid;
5303 if (gettimeofday(&t, NULL) >= 0)
5304 seed += t.tv_sec + t.tv_usec;
5307 (void) srandom(seed);
5308 # else /* HASRANDOM */
5309 (void) srand((unsigned int) seed);
5310 # endif /* HASRANDOM */
5311 #endif /* HASSRANDOMDEV */
5314 ** SM_SYSLOG -- syslog wrapper to keep messages under SYSLOG_BUFSIZE
5317 ** level -- syslog level
5318 ** id -- envelope ID or NULL (NOQUEUE)
5319 ** fmt -- format string
5320 ** arg... -- arguments as implied by fmt.
5329 sm_syslog(int level, const char *id, const char *fmt, ...)
5330 #else /* __STDC__ */
5331 sm_syslog(level, id, fmt, va_alist)
5336 #endif /* __STDC__ */
5346 extern int SyslogPrefixLen;
5352 idlen = strlen(id) + SyslogPrefixLen;
5355 bufsize = sizeof(buf0);
5361 /* print log message into buf */
5362 SM_VA_START(ap, fmt);
5363 n = sm_vsnprintf(buf, bufsize, fmt, ap);
5369 /* String too small, redo with correct size */
5376 buf = sm_malloc_x(bufsize);
5379 /* clean up buf after it has been expanded with args */
5380 newstring = str2prt(buf);
5381 if ((strlen(newstring) + idlen + 1) < SYSLOG_BUFSIZE)
5390 gettimeofday(&tv, NULL);
5391 sm_dprintf("%ld.%06ld %s\n", (long) tv.tv_sec,
5392 (long) tv.tv_usec, newstring);
5394 else if (tTd(89, 8))
5395 sm_dprintf("%s\n", newstring);
5397 syslog(level, "%s", newstring);
5405 gettimeofday(&tv, NULL);
5406 sm_dprintf("%ld.%06ld %s: %s\n", (long) tv.tv_sec,
5407 (long) tv.tv_usec, id, newstring);
5409 else if (tTd(89, 8))
5410 sm_dprintf("%s: %s\n", id, newstring);
5412 syslog(level, "%s: %s", id, newstring);
5415 /*XXX should do something more sensible */
5417 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT, "%s\n",
5420 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
5421 "%s: %s\n", id, newstring);
5430 ** additional length for splitting: " ..." + 3, where 3 is magic to
5431 ** have some data for the next entry.
5437 idlen += 5; /* strlen("[999]"), see below */
5438 while (*begin != '\0' &&
5439 (strlen(begin) + idlen) > SYSLOG_BUFSIZE)
5445 /* Too many messages */
5448 end = begin + SYSLOG_BUFSIZE - idlen - SL_SPLIT;
5451 /* Break on comma or space */
5452 if (*end == ',' || *end == ' ')
5454 end++; /* Include separator */
5459 /* No separator, break midstring... */
5461 end = begin + SYSLOG_BUFSIZE - idlen - SL_SPLIT;
5466 sm_dprintf("%s[%d]: %s ...\n", id, seq++, begin);
5468 syslog(level, "%s[%d]: %s ...", id, seq++, begin);
5470 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
5471 "%s[%d]: %s ...\n", id, seq++, begin);
5480 sm_dprintf("%s[%d]: log terminated, too many parts\n",
5483 syslog(level, "%s[%d]: log terminated, too many parts",
5486 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
5487 "%s[%d]: log terminated, too many parts\n", id, seq);
5490 else if (*begin != '\0')
5494 sm_dprintf("%s[%d]: %s\n", id, seq, begin);
5496 syslog(level, "%s[%d]: %s", id, seq, begin);
5498 (void) sm_io_fprintf(smioerr, SM_TIME_DEFAULT,
5499 "%s[%d]: %s\n", id, seq, begin);
5507 ** HARD_SYSLOG -- call syslog repeatedly until it works
5509 ** Needed on HP-UX, which apparently doesn't guarantee that
5510 ** syslog succeeds during interrupt handlers.
5513 #if defined(__hpux) && !defined(HPUX11)
5515 # define MAXSYSLOGTRIES 100
5518 # define XCNST const
5519 # define CAST (const char *)
5527 hard_syslog(int pri, XCNST char *msg, ...)
5528 # else /* __STDC__ */
5529 hard_syslog(pri, msg, va_alist)
5533 # endif /* __STDC__ */
5536 char buf[SYSLOG_BUFSIZE];
5539 SM_VA_START(ap, msg);
5540 (void) sm_vsnprintf(buf, sizeof(buf), msg, ap);
5543 for (i = MAXSYSLOGTRIES; --i >= 0 && syslog(pri, CAST "%s", buf) < 0; )
5548 #endif /* defined(__hpux) && !defined(HPUX11) */
5549 #if NEEDLOCAL_HOSTNAME_LENGTH
5551 ** LOCAL_HOSTNAME_LENGTH
5553 ** This is required to get sendmail to compile against BIND 4.9.x
5556 ** Unfortunately, a Compaq Y2K patch kit provides it without
5557 ** bumping __RES in /usr/include/resolv.h so we can't automatically
5558 ** figure out whether it is needed.
5562 local_hostname_length(hostname)
5565 size_t len_host, len_domain;
5567 if (!*_res.defdname)
5569 len_host = strlen(hostname);
5570 len_domain = strlen(_res.defdname);
5571 if (len_host > len_domain &&
5572 (sm_strcasecmp(hostname + len_host - len_domain,
5573 _res.defdname) == 0) &&
5574 hostname[len_host - len_domain - 1] == '.')
5575 return len_host - len_domain - 1;
5579 #endif /* NEEDLOCAL_HOSTNAME_LENGTH */
5583 ** LINK -- clone a file
5585 ** Some OS's lacks link() and hard links. Since sendmail is using
5586 ** link() as an efficient way to clone files, this implementation
5587 ** will simply do a file copy.
5589 ** NOTE: This link() replacement is not a generic replacement as it
5590 ** does not handle all of the semantics of the real link(2).
5593 ** source -- pathname of existing file.
5594 ** target -- pathname of link (clone) to be created.
5598 ** -1 -- failure, see errno for details.
5602 link(source, target)
5608 int src = -1, dst = -1;
5614 sff = SFF_REGONLY|SFF_OPENASROOT;
5615 if (DontLockReadFiles)
5618 /* Open the original file */
5619 src = safeopen((char *)source, O_RDONLY, 0, sff);
5623 /* Obtain the size and the mode */
5624 if (fstat(src, &st) < 0)
5627 /* Create the duplicate copy */
5630 dst = safeopen((char *)target, O_CREAT|O_EXCL|O_WRONLY,
5635 /* Copy all of the bytes one buffer at a time */
5636 while ((readlen = read(src, &buf, sizeof(buf))) > 0)
5638 ssize_t left = readlen;
5642 (writelen = write(dst, p, (size_t) left)) >= 0)
5651 /* Any trouble reading? */
5652 if (readlen < 0 || writelen < 0)
5655 /* Close the input file */
5663 /* Close the output file */
5666 /* don't set dst = -1 here so we unlink the file */
5679 (void) unlink(target);
5685 #endif /* NEEDLINK */
5688 ** Compile-Time options
5691 char *CompileOptions[] =
5695 #endif /* ALLOW_255 */
5699 # endif /* DNSMAP */
5700 #endif /* NAMED_BIND */
5709 #endif /* HES_GETMAILHOST */
5712 #endif /* LDAPMAP */
5715 #endif /* LDAP_REFERRALS */
5721 #endif /* MAP_NSD */
5724 #endif /* MAP_REGEX */
5727 #endif /* MATCHGECOS */
5733 #endif /* MIME7TO8 */
5736 #endif /* MIME7TO8_OLD */
5739 #endif /* MIME8TO7 */
5742 #endif /* NAMED_BIND */
5748 #endif /* NETINET */
5751 #endif /* NETINET6 */
5754 #endif /* NETINFO */
5763 #endif /* NETUNIX */
5775 #endif /* NISPLUS */
5782 #ifdef PICKY_HELO_CHECK
5784 #endif /* PICKY_HELO_CHECK */
5787 #endif /* PIPELINING */
5791 # else /* SASL >= 20000 */
5793 # endif /* SASL >= 20000 */
5798 #if SM_LDAP_ERROR_ON_MISSING_ARGS
5799 "SM_LDAP_ERROR_ON_MISSING_ARGS",
5800 #endif /* SM_LDAP_ERROR_ON_MISSING_ARGS */
5803 #endif /* SMTPDEBUG */
5806 #endif /* SOCKETMAP */
5809 #endif /* STARTTLS */
5810 #if SUID_ROOT_FILES_OK
5811 "SUID_ROOT_FILES_OK",
5812 #endif /* SUID_ROOT_FILES_OK */
5815 #endif /* TCPWRAPPERS */
5818 #endif /* TLS_NO_RSA */
5819 #if TLS_VRFY_PER_CTX
5821 #endif /* TLS_VRFY_PER_CTX */
5827 #endif /* USE_LDAP_INIT */
5830 #endif /* USE_TTYPATH */
5842 ** OS compile options.
5845 char *OsCompileOptions[] =
5847 #if ADDRCONFIG_IS_BROKEN
5848 "ADDRCONFIG_IS_BROKEN",
5849 #endif /* ADDRCONFIG_IS_BROKEN */
5850 #ifdef AUTO_NETINFO_HOSTS
5851 "AUTO_NETINFO_HOSTS",
5852 #endif /* AUTO_NETINFO_HOSTS */
5853 #ifdef AUTO_NIS_ALIASES
5855 #endif /* AUTO_NIS_ALIASES */
5856 #if BROKEN_RES_SEARCH
5857 "BROKEN_RES_SEARCH",
5858 #endif /* BROKEN_RES_SEARCH */
5859 #ifdef BSD4_4_SOCKADDR
5861 #endif /* BSD4_4_SOCKADDR */
5864 #endif /* BOGUS_O_EXCL */
5865 #if DEC_OSF_BROKEN_GETPWENT
5866 "DEC_OSF_BROKEN_GETPWENT",
5867 #endif /* DEC_OSF_BROKEN_GETPWENT */
5868 #if FAST_PID_RECYCLE
5870 #endif /* FAST_PID_RECYCLE */
5873 #endif /* HASCLOSEFROM */
5876 #endif /* HASFCHOWN */
5879 #endif /* HASFCHMOD */
5882 #endif /* HASFDWALK */
5885 #endif /* HASFLOCK */
5886 #if HASGETDTABLESIZE
5888 #endif /* HASGETDTABLESIZE */
5891 #endif /* HASGETUSERSHELL */
5894 #endif /* HASINITGROUPS */
5895 #if HASLDAPGETALIASBYNAME
5896 "HASLDAPGETALIASBYNAME",
5897 #endif /* HASLDAPGETALIASBYNAME */
5900 #endif /* HASLSTAT */
5903 #endif /* HASNICE */
5906 #endif /* HASRANDOM */
5909 #endif /* HASRRESVPORT */
5912 #endif /* HASSETEGID */
5915 #endif /* HASSETLOGIN */
5918 #endif /* HASSETREGID */
5921 #endif /* HASSETRESGID */
5924 #endif /* HASSETREUID */
5927 #endif /* HASSETRLIMIT */
5930 #endif /* HASSETSID */
5931 #if HASSETUSERCONTEXT
5932 "HASSETUSERCONTEXT",
5933 #endif /* HASSETUSERCONTEXT */
5936 #endif /* HASSETVBUF */
5939 #endif /* HAS_ST_GEN */
5942 #endif /* HASSRANDOMDEV */
5945 #endif /* HASURANDOMDEV */
5948 #endif /* HASSTRERROR */
5951 #endif /* HASULIMIT */
5954 #endif /* HASUNAME */
5957 #endif /* HASUNSETENV */
5960 #endif /* HASWAITPID */
5963 #endif /* HAVE_NANOSLEEP */
5966 #endif /* IDENTPROTO */
5969 #endif /* IP_SRCROUTE */
5970 #if O_EXLOCK && HASFLOCK && !BOGUS_O_EXCL
5972 #endif /* O_EXLOCK && HASFLOCK && !BOGUS_O_EXCL */
5975 #endif /* MILTER_NO_NAGLE */
5978 #endif /* NEEDFSYNC */
5981 #endif /* NEEDLINK */
5982 #if NEEDLOCAL_HOSTNAME_LENGTH
5983 "NEEDLOCAL_HOSTNAME_LENGTH",
5984 #endif /* NEEDLOCAL_HOSTNAME_LENGTH */
5987 #endif /* NEEDSGETIPNODE */
5990 #endif /* NEEDSTRSTR */
5993 #endif /* NEEDSTRTOL */
5994 #ifdef NO_GETSERVBYNAME
5996 #endif /* NO_GETSERVBYNAME */
5999 #endif /* NOFTRUNCATE */
6000 #if REQUIRES_DIR_FSYNC
6001 "REQUIRES_DIR_FSYNC",
6002 #endif /* REQUIRES_DIR_FSYNC */
6003 #if RLIMIT_NEEDS_SYS_TIME_H
6004 "RLIMIT_NEEDS_SYS_TIME_H",
6005 #endif /* RLIMIT_NEEDS_SYS_TIME_H */
6008 #endif /* SAFENFSPATHCONF */
6011 #endif /* SECUREWARE */
6012 #if SFS_TYPE == SFS_4ARGS
6014 #elif SFS_TYPE == SFS_MOUNT
6016 #elif SFS_TYPE == SFS_NONE
6018 #elif SFS_TYPE == SFS_NT
6020 #elif SFS_TYPE == SFS_STATFS
6022 #elif SFS_TYPE == SFS_STATVFS
6024 #elif SFS_TYPE == SFS_USTAT
6026 #elif SFS_TYPE == SFS_VFS
6031 #endif /* SHARE_V1 */
6032 #if SIOCGIFCONF_IS_BROKEN
6033 "SIOCGIFCONF_IS_BROKEN",
6034 #endif /* SIOCGIFCONF_IS_BROKEN */
6035 #if SIOCGIFNUM_IS_BROKEN
6036 "SIOCGIFNUM_IS_BROKEN",
6037 #endif /* SIOCGIFNUM_IS_BROKEN */
6038 #if SNPRINTF_IS_BROKEN
6039 "SNPRINTF_IS_BROKEN",
6040 #endif /* SNPRINTF_IS_BROKEN */
6041 #if SO_REUSEADDR_IS_BROKEN
6042 "SO_REUSEADDR_IS_BROKEN",
6043 #endif /* SO_REUSEADDR_IS_BROKEN */
6046 #endif /* SYS5SETPGRP */
6049 #endif /* SYSTEM5 */
6052 #endif /* USE_DOUBLE_FORK */
6055 #endif /* USE_ENVIRON */
6056 #if USE_SA_SIGACTION
6058 #endif /* USE_SA_SIGACTION */
6061 #endif /* USE_SIGLONGJMP */
6064 #endif /* USEGETCONFATTR */
6067 #endif /* USESETEUID */
6070 #endif /* USESYSCTL */
6071 #if USE_OPENSSL_ENGINE
6072 "USE_OPENSSL_ENGINE",
6073 #endif /* USE_OPENSSL_ENGINE */
6074 #if USING_NETSCAPE_LDAP
6075 "USING_NETSCAPE_LDAP",
6076 #endif /* USING_NETSCAPE_LDAP */
6079 #endif /* WAITUNION */
6084 ** FFR compile options.
6087 char *FFRCompileOptions[] =
6089 #if _FFR_ADDR_TYPE_MODES
6090 /* more info in {addr_type}, requires m4 changes! */
6091 "_FFR_ADDR_TYPE_MODES",
6092 #endif /* _FFR_ADDR_TYPE_MODES */
6093 #if _FFR_ALLOW_SASLINFO
6094 /* DefaultAuthInfo can be specified by user. */
6095 /* DefaultAuthInfo doesn't really work in 8.13 anymore. */
6096 "_FFR_ALLOW_SASLINFO",
6097 #endif /* _FFR_ALLOW_SASLINFO */
6098 #if _FFR_BADRCPT_SHUTDOWN
6099 /* shut down connection (421) if there are too many bad RCPTs */
6100 "_FFR_BADRCPT_SHUTDOWN",
6101 #endif /* _FFR_BADRCPT_SHUTDOWN */
6102 #if _FFR_BESTMX_BETTER_TRUNCATION
6103 /* Better truncation of list of MX records for dns map. */
6104 "_FFR_BESTMX_BETTER_TRUNCATION",
6105 #endif /* _FFR_BESTMX_BETTER_TRUNCATION */
6106 #if _FFR_CATCH_BROKEN_MTAS
6107 /* Deal with MTAs that send a reply during the DATA phase. */
6108 "_FFR_CATCH_BROKEN_MTAS",
6109 #endif /* _FFR_CATCH_BROKEN_MTAS */
6110 #if _FFR_CHECKCONFIG
6111 /* New OpMode to check the configuration file */
6113 #endif /* _FFR_CHECKCONFIG */
6115 /* Stricter checks about queue directory permissions. */
6117 #endif /* _FFR_CHK_QUEUE */
6118 #if _FFR_CLIENT_SIZE
6119 /* Don't try to send mail if its size exceeds SIZE= of server. */
6121 #endif /* _FFR_CLIENT_SIZE */
6123 /* CRLPath; needs documentation; Al Smith */
6125 #endif /* _FFR_CRLPATH */
6126 #if _FFR_DAEMON_NETUNIX
6127 /* Allow local (not just TCP) socket connection to server. */
6128 "_FFR_DAEMON_NETUNIX",
6129 #endif /* _FFR_DAEMON_NETUNIX */
6130 #if _FFR_DEPRECATE_MAILER_FLAG_I
6131 /* What it says :-) */
6132 "_FFR_DEPRECATE_MAILER_FLAG_I",
6133 #endif /* _FFR_DEPRECATE_MAILER_FLAG_I */
6135 /* deliver first TA in background, then queue */
6137 #endif /* _FFR_DM_ONE */
6138 #if _FFR_DIGUNIX_SAFECHOWN
6139 /* Properly set SAFECHOWN (include/sm/conf.h) for Digital UNIX */
6140 /* Problem noted by Anne Bennett of Concordia University */
6141 "_FFR_DIGUNIX_SAFECHOWN",
6142 #endif /* _FFR_DIGUNIX_SAFECHOWN */
6143 #if _FFR_DNSMAP_ALIASABLE
6144 /* Allow dns map type to be used for aliases. */
6145 /* Don Lewis of TDK */
6146 "_FFR_DNSMAP_ALIASABLE",
6147 #endif /* _FFR_DNSMAP_ALIASABLE */
6148 #if _FFR_DONTLOCKFILESFORREAD_OPTION
6149 /* Enable DontLockFilesForRead option. */
6150 "_FFR_DONTLOCKFILESFORREAD_OPTION",
6151 #endif /* _FFR_DONTLOCKFILESFORREAD_OPTION */
6152 #if _FFR_DOTTED_USERNAMES
6153 /* Allow usernames with '.' */
6154 "_FFR_DOTTED_USERNAMES",
6155 #endif /* _FFR_DOTTED_USERNAMES */
6158 ** Make DaemonPortOptions case sensitive.
6159 ** For some unknown reasons the code converted every option
6160 ** to uppercase (first letter only, as that's the only one that
6161 ** is actually checked). This prevented all new lower case options
6163 ** The documentation doesn't say anything about case (in)sensitivity,
6164 ** which means it should be case sensitive by default,
6165 ** but it's not a good idea to change this within a patch release,
6166 ** so let's delay this to 8.15.
6170 #endif /* _FFR_DPO_CS */
6171 #if _FFR_DPRINTF_MAP
6172 /* dprintf map for logging */
6174 #endif /* _FFR_DPRINTF_MAP */
6175 #if _FFR_DROP_TRUSTUSER_WARNING
6177 ** Don't issue this warning:
6178 ** "readcf: option TrustedUser may cause problems on systems
6179 ** which do not support fchown() if UseMSP is not set.
6182 "_FFR_DROP_TRUSTUSER_WARNING",
6183 #endif /* _FFR_DROP_TRUSTUSER_WARNING */
6184 #if _FFR_EIGHT_BIT_ADDR_OK
6185 /* EightBitAddrOK: allow 8-bit e-mail addresses */
6186 "_FFR_EIGHT_BIT_ADDR_OK",
6187 #endif /* _FFR_EIGHT_BIT_ADDR_OK */
6189 /* exponential queue delay */
6191 #endif /* _FFR_EXPDELAY */
6192 #if _FFR_EXTRA_MAP_CHECK
6193 /* perform extra checks on $( $) in R lines */
6194 "_FFR_EXTRA_MAP_CHECK",
6195 #endif /* _FFR_EXTRA_MAP_CHECK */
6196 #if _FFR_GETHBN_ExFILE
6198 ** According to Motonori Nakamura some gethostbyname()
6199 ** implementations (TurboLinux?) may (temporarily) fail
6200 ** due to a lack of file discriptors. Enabling this FFR
6201 ** will check errno for EMFILE and ENFILE and in case of a match
6202 ** cause a temporary error instead of a permanent error.
6203 ** The right solution is of course to file a bug against those
6204 ** systems such that they actually set h_errno = TRY_AGAIN.
6207 "_FFR_GETHBN_ExFILE",
6208 #endif /* _FFR_GETHBN_ExFILE */
6210 /* FIPSMode (if supported by OpenSSL library) */
6212 #endif /* _FFR_FIPSMODE */
6215 ** If using -t, force not sending to argv recipients, even
6216 ** if they are mentioned in the headers.
6220 #endif /* _FFR_FIX_DASHT */
6221 #if _FFR_FORWARD_SYSERR
6222 /* Cause a "syserr" if forward file isn't "safe". */
6223 "_FFR_FORWARD_SYSERR",
6224 #endif /* _FFR_FORWARD_SYSERR */
6226 /* Generate a ORCPT DSN arg if not already provided */
6228 #endif /* _FFR_GEN_ORCPT */
6229 #if _FFR_GROUPREADABLEAUTHINFOFILE
6230 /* Allow group readable DefaultAuthInfo file. */
6231 "_FFR_GROUPREADABLEAUTHINFOFILE",
6232 #endif /* _FFR_GROUPREADABLEAUTHINFOFILE */
6233 #if _FFR_HANDLE_ISO8859_GECOS
6235 ** Allow ISO 8859 characters in GECOS field: replace them
6236 ** ith ASCII "equivalent".
6239 /* Peter Eriksson of Linkopings universitet */
6240 "_FFR_HANDLE_ISO8859_GECOS",
6241 #endif /* _FFR_HANDLE_ISO8859_GECOS */
6242 #if _FFR_HPUX_NSSWITCH
6243 /* Use nsswitch on HP-UX */
6244 "_FFR_HPUX_NSSWITCH",
6245 #endif /* _FFR_HPUX_NSSWITCH */
6246 #if _FFR_IGNORE_BOGUS_ADDR
6247 /* Ignore addresses for which prescan() failed */
6248 "_FFR_IGNORE_BOGUS_ADDR",
6249 #endif /* _FFR_IGNORE_BOGUS_ADDR */
6250 #if _FFR_IGNORE_EXT_ON_HELO
6251 /* Ignore extensions offered in response to HELO */
6252 "_FFR_IGNORE_EXT_ON_HELO",
6253 #endif /* _FFR_IGNORE_EXT_ON_HELO */
6255 /* Set MAXHOSTNAMELEN to 256 (Linux) */
6257 #endif /* _FFR_LINUX_MHNL */
6258 #if _FFR_LOCAL_DAEMON
6259 /* Local daemon mode (-bl) which only accepts loopback connections */
6260 "_FFR_LOCAL_DAEMON",
6261 #endif /* _FFR_LOCAL_DAEMON */
6264 #endif /* _FFR_MAIL_MACRO */
6265 #if _FFR_MAXDATASIZE
6267 ** It is possible that a header is larger than MILTER_CHUNK_SIZE,
6268 ** hence this shouldn't be used as limit for milter communication.
6269 ** see also libmilter/comm.c
6270 ** Gurusamy Sarathy of ActiveState
6274 #endif /* _FFR_MAXDATASIZE */
6275 #if _FFR_MAX_FORWARD_ENTRIES
6276 /* Try to limit number of .forward entries */
6277 /* (doesn't work) */
6278 /* Randall S. Winchester of the University of Maryland */
6279 "_FFR_MAX_FORWARD_ENTRIES",
6280 #endif /* _FFR_MAX_FORWARD_ENTRIES */
6281 #if _FFR_MAX_SLEEP_TIME
6282 /* Limit sleep(2) time in libsm/clock.c */
6283 "_FFR_MAX_SLEEP_TIME",
6284 #endif /* _FFR_MAX_SLEEP_TIME */
6285 #if _FFR_MDS_NEGOTIATE
6286 /* MaxDataSize negotation with libmilter */
6287 "_FFR_MDS_NEGOTIATE",
6288 #endif /* _FFR_MDS_NEGOTIATE */
6290 /* Check free memory */
6292 #endif /* _FFR_MEMSTAT */
6293 #if _FFR_MILTER_CHECK
6294 "_FFR_MILTER_CHECK",
6295 #endif /* _FFR_MILTER_CHECK */
6296 #if _FFR_MILTER_CONVERT_ALL_LF_TO_CRLF
6298 ** milter_body() uses the same conversion algorithm as putbody()
6299 ** to translate the "local" df format (\n) to SMTP format (\r\n).
6300 ** However, putbody() and mime8to7() use different conversion
6302 ** If the input date does not follow the SMTP standard
6303 ** (e.g., if it has "naked \r"s), then the output from putbody()
6304 ** and mime8to7() will most likely be different.
6305 ** By turning on this FFR milter_body() will try to "imitate"
6307 ** Note: there is no (simple) way to deal with both conversions
6308 ** in a consistent manner. Moreover, as the "GiGo" principle applies,
6309 ** it's not really worth to fix it.
6312 "_FFR_MILTER_CONVERT_ALL_LF_TO_CRLF",
6313 #endif /* _FFR_MILTER_CONVERT_ALL_LF_TO_CRLF */
6314 #if _FFR_MILTER_CHECK_REJECTIONS_TOO
6316 ** Also send RCPTs that are rejected by check_rcpt to a milter
6317 ** (if requested during option negotiation).
6320 "_FFR_MILTER_CHECK_REJECTIONS_TOO",
6321 #endif /* _FFR_MILTER_CHECK_REJECTIONS_TOO */
6322 #if _FFR_MILTER_ENHSC
6323 /* extract enhanced status code from milter replies for dsn= logging */
6324 "_FFR_MILTER_ENHSC",
6325 #endif /* _FFR_MILTER_ENHSC */
6326 #if _FFR_MIME7TO8_OLD
6327 /* Old mime7to8 code, the new is broken for at least one example. */
6328 "_FFR_MIME7TO8_OLD",
6329 #endif /* _FFR_MAX_SLEEP_TIME */
6330 #if _FFR_MORE_MACROS
6331 /* allow more long macro names ("unprintable" characters). */
6333 #endif /* _FFR_MORE_MACROS */
6335 /* allow to override "Message accepted for delivery" */
6337 #endif /* _FFR_MSG_ACCEPT */
6338 #if _FFR_NODELAYDSN_ON_HOLD
6339 /* Do not issue a DELAY DSN for mailers that use the hold flag. */
6341 "_FFR_NODELAYDSN_ON_HOLD",
6342 #endif /* _FFR_NODELAYDSN_ON_HOLD */
6344 /* Disable PIPELINING, delay client if used. */
6346 #endif /* _FFR_NO_PIPE */
6347 #if _FFR_LDAP_NETWORK_TIMEOUT
6348 /* set LDAP_OPT_NETWORK_TIMEOUT if available (-c) */
6349 "_FFR_LDAP_NETWORK_TIMEOUT",
6350 #endif /* _FFR_LDAP_NETWORK_TIMEOUT */
6352 /* log ntries=, from Nik Clayton of FreeBSD */
6354 #endif /* _FFR_LOG_NTRIES */
6355 #if _FFR_QF_PARANOIA
6357 #endif /* _FFR_QF_PARANOIA */
6359 /* Exponential queue delay; disabled in 8.13 since it isn't used. */
6361 #endif /* _FFR_QUEUEDELAY */
6362 #if _FFR_QUEUE_GROUP_SORTORDER
6363 /* Allow QueueSortOrder per queue group. */
6364 /* XXX: Still need to actually use qgrp->qg_sortorder */
6365 "_FFR_QUEUE_GROUP_SORTORDER",
6366 #endif /* _FFR_QUEUE_GROUP_SORTORDER */
6367 #if _FFR_QUEUE_MACRO
6368 /* Define {queue} macro. */
6370 #endif /* _FFR_QUEUE_MACRO */
6371 #if _FFR_QUEUE_RUN_PARANOIA
6372 /* Additional checks when doing queue runs; interval of checks */
6373 "_FFR_QUEUE_RUN_PARANOIA",
6374 #endif /* _FFR_QUEUE_RUN_PARANOIA */
6375 #if _FFR_QUEUE_SCHED_DBG
6376 /* Debug output for the queue scheduler. */
6377 "_FFR_QUEUE_SCHED_DBG",
6378 #endif /* _FFR_QUEUE_SCHED_DBG */
6379 #if _FFR_RCPTTHROTDELAY
6380 /* configurable delay for BadRcptThrottle */
6381 "_FFR_RCPTTHROTDELAY",
6382 #endif /* _FFR_RCPTTHROTDELAY */
6383 #if _FFR_REDIRECTEMPTY
6385 ** envelope <> can't be sent to mailing lists, only owner-
6386 ** send spam of this type to owner- of the list
6387 ** ---- to stop spam from going to mailing lists.
6390 "_FFR_REDIRECTEMPTY",
6391 #endif /* _FFR_REDIRECTEMPTY */
6392 #if _FFR_REJECT_NUL_BYTE
6393 /* reject NUL bytes in body */
6394 "_FFR_REJECT_NUL_BYTE",
6395 #endif /* _FFR_REJECT_NUL_BYTE */
6396 #if _FFR_RESET_MACRO_GLOBALS
6397 /* Allow macro 'j' to be set dynamically via rulesets. */
6398 "_FFR_RESET_MACRO_GLOBALS",
6399 #endif /* _FFR_RESET_MACRO_GLOBALS */
6401 /* Random shuffle for queue sorting. */
6403 #endif /* _FFR_RHS */
6406 ** allow -qGqueue_group -qp to work, i.e.,
6407 ** restrict a persistent queue runner to a queue group.
6411 #endif /* _FFR_RUNPQG */
6413 /* session id (for logging) */
6415 #endif /* _FFR_SESSID */
6417 /* Donated code (unused). */
6419 #endif /* _FFR_SHM_STATUS */
6420 #if _FFR_LDAP_SINGLEDN
6422 ** The LDAP database map code in Sendmail 8.12.10, when
6423 ** given the -1 switch, would match only a single DN,
6424 ** but was able to return multiple attributes for that
6425 ** DN. In Sendmail 8.13 this "bug" was corrected to
6426 ** only return if exactly one attribute matched.
6428 ** Unfortunately, our configuration uses the former
6429 ** behaviour. Attached is a relatively simple patch
6430 ** to 8.13.4 which adds a -2 switch (for lack of a
6431 ** better option) which returns the single dn/multiple
6434 ** Jeffrey T. Eaton, Carnegie-Mellon University
6437 "_FFR_LDAP_SINGLEDN",
6438 #endif /* _FFR_LDAP_SINGLEDN */
6439 #if _FFR_SKIP_DOMAINS
6440 /* process every N'th domain instead of every N'th message */
6441 "_FFR_SKIP_DOMAINS",
6442 #endif /* _FFR_SKIP_DOMAINS */
6443 #if _FFR_SLEEP_USE_SELECT
6444 /* Use select(2) in libsm/clock.c to emulate sleep(2) */
6445 "_FFR_SLEEP_USE_SELECT ",
6446 #endif /* _FFR_SLEEP_USE_SELECT */
6449 ** It looks like the Compaq Tru64 5.1A now aligns argv and envp to 64
6450 ** bit alignment, so unless each piece of argv and envp is a multiple
6451 ** of 8 bytes (including terminating NULL), initsetproctitle() won't
6452 ** use any of the space beyond argv[0]. Be sure to set SPT_ALIGN_SIZE
6453 ** if you use this FFR.
6456 /* Chris Adams of HiWAAY Informations Services */
6458 #endif /* _FFR_SPT_ALIGN */
6459 #if _FFR_SS_PER_DAEMON
6460 /* SuperSafe per DaemonPortOptions: 'T' (better letter?) */
6461 "_FFR_SS_PER_DAEMON",
6462 #endif /* _FFR_SS_PER_DAEMON */
6464 /* enable some test code */
6466 #endif /* _FFR_TESTS */
6468 /* Donated code (unused). */
6470 #endif /* _FFR_TIMERS */
6472 /* More STARTTLS options, e.g., secondary certs. */
6474 #endif /* _FFR_TLS_1 */
6477 ** If we don't own the file mark it as unsafe.
6478 ** However, allow TrustedUser to own it as well
6479 ** in case TrustedUser manipulates the queue.
6483 #endif /* _FFR_TRUSTED_QF */
6484 #if _FFR_USE_SEM_LOCKING
6485 "_FFR_USE_SEM_LOCKING",
6486 #endif /* _FFR_USE_SEM_LOCKING */
6487 #if _FFR_USE_SETLOGIN
6488 /* Use setlogin() */
6490 "_FFR_USE_SETLOGIN",
6491 #endif /* _FFR_USE_SETLOGIN */