mail.local.c revision 1.28.6.1
1 1.28.6.1 bouyer /* $NetBSD: mail.local.c,v 1.28.6.1 2022/05/17 12:12:14 bouyer Exp $ */ 2 1.10 mrg 3 1.1 cgd /*- 4 1.11 mrg * Copyright (c) 1990, 1993, 1994 5 1.11 mrg * The Regents of the University of California. All rights reserved. 6 1.1 cgd * 7 1.1 cgd * Redistribution and use in source and binary forms, with or without 8 1.1 cgd * modification, are permitted provided that the following conditions 9 1.1 cgd * are met: 10 1.1 cgd * 1. Redistributions of source code must retain the above copyright 11 1.1 cgd * notice, this list of conditions and the following disclaimer. 12 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright 13 1.1 cgd * notice, this list of conditions and the following disclaimer in the 14 1.1 cgd * documentation and/or other materials provided with the distribution. 15 1.22 agc * 3. Neither the name of the University nor the names of its contributors 16 1.1 cgd * may be used to endorse or promote products derived from this software 17 1.1 cgd * without specific prior written permission. 18 1.1 cgd * 19 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 1.1 cgd * SUCH DAMAGE. 30 1.1 cgd */ 31 1.1 cgd 32 1.11 mrg #include <sys/cdefs.h> 33 1.1 cgd #ifndef lint 34 1.25 lukem __COPYRIGHT("@(#) Copyright (c) 1990, 1993, 1994\ 35 1.25 lukem The Regents of the University of California. All rights reserved."); 36 1.11 mrg #if 0 37 1.11 mrg static char sccsid[] = "@(#)mail.local.c 8.22 (Berkeley) 6/21/95"; 38 1.11 mrg #else 39 1.28.6.1 bouyer __RCSID("$NetBSD: mail.local.c,v 1.28.6.1 2022/05/17 12:12:14 bouyer Exp $"); 40 1.11 mrg #endif 41 1.1 cgd #endif /* not lint */ 42 1.1 cgd 43 1.1 cgd #include <sys/param.h> 44 1.1 cgd #include <sys/stat.h> 45 1.1 cgd #include <sys/socket.h> 46 1.11 mrg 47 1.1 cgd #include <netinet/in.h> 48 1.11 mrg 49 1.11 mrg #include <errno.h> 50 1.1 cgd #include <fcntl.h> 51 1.11 mrg #include <pwd.h> 52 1.1 cgd #include <netdb.h> 53 1.20 wiz #include <stdarg.h> 54 1.1 cgd #include <stdio.h> 55 1.1 cgd #include <stdlib.h> 56 1.1 cgd #include <string.h> 57 1.11 mrg #include <syslog.h> 58 1.11 mrg #include <time.h> 59 1.11 mrg #include <unistd.h> 60 1.24 manu #include <sysexits.h> 61 1.24 manu 62 1.11 mrg 63 1.1 cgd #include "pathnames.h" 64 1.1 cgd 65 1.26 joerg static int deliver(int, char *, int); 66 1.26 joerg __dead static void logerr(int, const char *, ...) __printflike(2, 3); 67 1.26 joerg static void logwarn(const char *, ...) __printflike(1, 2); 68 1.26 joerg static void notifybiff(char *); 69 1.26 joerg static int store(const char *); 70 1.26 joerg __dead static void usage(void); 71 1.1 cgd 72 1.11 mrg int 73 1.26 joerg main(int argc, char *argv[]) 74 1.1 cgd { 75 1.1 cgd struct passwd *pw; 76 1.11 mrg int ch, fd, eval, lockfile = 0; 77 1.1 cgd uid_t uid; 78 1.15 mycroft const char *from; 79 1.1 cgd 80 1.11 mrg /* use a reasonable umask */ 81 1.11 mrg (void) umask(0077); 82 1.11 mrg 83 1.1 cgd openlog("mail.local", LOG_PERROR, LOG_MAIL); 84 1.1 cgd 85 1.1 cgd from = NULL; 86 1.13 enami while ((ch = getopt(argc, argv, "ldf:r:")) != -1) 87 1.14 enami switch (ch) { 88 1.1 cgd case 'd': /* backward compatible */ 89 1.1 cgd break; 90 1.1 cgd case 'f': 91 1.1 cgd case 'r': /* backward compatible */ 92 1.1 cgd if (from) 93 1.24 manu logerr(EX_USAGE, "multiple -f options"); 94 1.1 cgd from = optarg; 95 1.1 cgd break; 96 1.2 deraadt case 'l': 97 1.2 deraadt lockfile++; 98 1.2 deraadt break; 99 1.1 cgd case '?': 100 1.1 cgd default: 101 1.1 cgd usage(); 102 1.1 cgd } 103 1.1 cgd argc -= optind; 104 1.1 cgd argv += optind; 105 1.1 cgd 106 1.1 cgd if (!*argv) 107 1.1 cgd usage(); 108 1.1 cgd 109 1.1 cgd /* 110 1.1 cgd * If from not specified, use the name from getlogin() if the 111 1.1 cgd * uid matches, otherwise, use the name from the password file 112 1.1 cgd * corresponding to the uid. 113 1.1 cgd */ 114 1.1 cgd uid = getuid(); 115 1.1 cgd if (!from && (!(from = getlogin()) || 116 1.1 cgd !(pw = getpwnam(from)) || pw->pw_uid != uid)) 117 1.1 cgd from = (pw = getpwuid(uid)) ? pw->pw_name : "???"; 118 1.1 cgd 119 1.1 cgd fd = store(from); 120 1.24 manu for (eval = EX_OK; *argv; ++argv) { 121 1.24 manu int rval; 122 1.24 manu 123 1.24 manu rval = deliver(fd, *argv, lockfile); 124 1.24 manu if (eval == EX_OK && rval != EX_OK) 125 1.24 manu eval = rval; 126 1.24 manu } 127 1.10 mrg exit (eval); 128 1.1 cgd } 129 1.1 cgd 130 1.26 joerg static int 131 1.26 joerg store(const char *from) 132 1.1 cgd { 133 1.11 mrg FILE *fp = NULL; /* XXX gcc */ 134 1.1 cgd time_t tval; 135 1.1 cgd int fd, eline; 136 1.1 cgd char *tn, line[2048]; 137 1.1 cgd 138 1.1 cgd tn = strdup(_PATH_LOCTMP); 139 1.21 itojun if (!tn) 140 1.24 manu logerr(EX_OSERR, "not enough core"); 141 1.1 cgd if ((fd = mkstemp(tn)) == -1 || !(fp = fdopen(fd, "w+"))) 142 1.24 manu logerr(EX_OSERR, "unable to open temporary file"); 143 1.1 cgd (void)unlink(tn); 144 1.1 cgd free(tn); 145 1.1 cgd 146 1.1 cgd (void)time(&tval); 147 1.1 cgd (void)fprintf(fp, "From %s %s", from, ctime(&tval)); 148 1.1 cgd 149 1.1 cgd line[0] = '\0'; 150 1.1 cgd for (eline = 1; fgets(line, sizeof(line), stdin);) { 151 1.1 cgd if (line[0] == '\n') 152 1.1 cgd eline = 1; 153 1.1 cgd else { 154 1.16 perry if (eline && line[0] == 'F' && !memcmp(line, "From ", 5)) 155 1.1 cgd (void)putc('>', fp); 156 1.1 cgd eline = 0; 157 1.1 cgd } 158 1.1 cgd (void)fprintf(fp, "%s", line); 159 1.1 cgd if (ferror(fp)) 160 1.1 cgd break; 161 1.1 cgd } 162 1.1 cgd 163 1.1 cgd /* If message not newline terminated, need an extra. */ 164 1.1 cgd if (!index(line, '\n')) 165 1.1 cgd (void)putc('\n', fp); 166 1.1 cgd /* Output a newline; note, empty messages are allowed. */ 167 1.1 cgd (void)putc('\n', fp); 168 1.1 cgd 169 1.1 cgd (void)fflush(fp); 170 1.1 cgd if (ferror(fp)) 171 1.24 manu logerr(EX_OSERR, "temporary file write error"); 172 1.27 shm if ((fd = dup(fd)) == -1) 173 1.27 shm logerr(EX_OSERR, "dup failed"); 174 1.23 christos (void)fclose(fp); 175 1.1 cgd return(fd); 176 1.1 cgd } 177 1.1 cgd 178 1.26 joerg static int 179 1.26 joerg deliver(int fd, char *name, int lockfile) 180 1.1 cgd { 181 1.27 shm struct stat sb, nsb; 182 1.24 manu struct passwd pwres, *pw; 183 1.24 manu char pwbuf[1024]; 184 1.27 shm int created = 0, mbfd, nr, nw, off, rval=EX_OK, lfd = -1; 185 1.2 deraadt char biffmsg[100], buf[8*1024], path[MAXPATHLEN], lpath[MAXPATHLEN]; 186 1.6 pk off_t curoff; 187 1.1 cgd 188 1.1 cgd /* 189 1.1 cgd * Disallow delivery to unknown names -- special mailboxes can be 190 1.1 cgd * handled in the sendmail aliases file. 191 1.1 cgd */ 192 1.24 manu if ((getpwnam_r(name, &pwres, pwbuf, sizeof(pwbuf), &pw)) != 0) { 193 1.24 manu logwarn("unable to find user %s: %s", name, strerror(errno)); 194 1.24 manu return(EX_TEMPFAIL); 195 1.24 manu } 196 1.24 manu if (pw == NULL) { 197 1.24 manu logwarn("unknown name: %s", name); 198 1.24 manu return(EX_NOUSER); 199 1.1 cgd } 200 1.1 cgd 201 1.10 mrg (void)snprintf(path, sizeof path, "%s/%s", _PATH_MAILDIR, name); 202 1.1 cgd 203 1.10 mrg if (lockfile) { 204 1.10 mrg (void)snprintf(lpath, sizeof lpath, "%s/%s.lock", 205 1.10 mrg _PATH_MAILDIR, name); 206 1.2 deraadt 207 1.2 deraadt if((lfd = open(lpath, O_CREAT|O_WRONLY|O_EXCL, 208 1.2 deraadt S_IRUSR|S_IWUSR)) < 0) { 209 1.24 manu logwarn("%s: %s", lpath, strerror(errno)); 210 1.24 manu return(EX_OSERR); 211 1.2 deraadt } 212 1.2 deraadt } 213 1.2 deraadt 214 1.27 shm if ((lstat(path, &sb) != -1) && 215 1.1 cgd (sb.st_nlink != 1 || S_ISLNK(sb.st_mode))) { 216 1.24 manu logwarn("%s: linked file", path); 217 1.24 manu return(EX_OSERR); 218 1.1 cgd } 219 1.24 manu 220 1.28.6.1 bouyer if ((mbfd = open(path, O_APPEND|O_WRONLY|O_EXLOCK|O_NOFOLLOW, 221 1.28 shm S_IRUSR|S_IWUSR)) == -1) { 222 1.27 shm /* create file */ 223 1.28.6.1 bouyer if (errno != ENOENT || 224 1.28.6.1 bouyer (mbfd = open(path, O_APPEND|O_CREAT|O_WRONLY|O_EXLOCK|O_EXCL, 225 1.28.6.1 bouyer S_IRUSR|S_IWUSR)) == -1) { 226 1.24 manu logwarn("%s: %s", path, strerror(errno)); 227 1.27 shm rval = EX_OSERR; 228 1.27 shm goto bad; 229 1.27 shm } 230 1.27 shm created = 1; 231 1.27 shm } else { 232 1.27 shm /* opened existing file, check for TOCTTOU */ 233 1.27 shm if (fstat(mbfd, &nsb) == -1) { 234 1.27 shm rval = EX_OSERR; 235 1.27 shm goto bad; 236 1.27 shm } 237 1.27 shm 238 1.27 shm /* file is not what we expected */ 239 1.27 shm if (nsb.st_ino != sb.st_ino || nsb.st_dev != sb.st_dev) { 240 1.27 shm rval = EX_OSERR; 241 1.27 shm goto bad; 242 1.10 mrg } 243 1.1 cgd } 244 1.1 cgd 245 1.27 shm if ((curoff = lseek(mbfd, 0, SEEK_END)) == (off_t)-1) { 246 1.27 shm logwarn("%s: %s", path, strerror(errno)); 247 1.27 shm rval = EX_OSERR; 248 1.27 shm goto bad; 249 1.27 shm } 250 1.27 shm 251 1.18 lukem (void)snprintf(biffmsg, sizeof biffmsg, "%s@%lld\n", name, 252 1.12 mrg (long long)curoff); 253 1.6 pk if (lseek(fd, 0, SEEK_SET) == (off_t)-1) { 254 1.24 manu logwarn("temporary file: %s", strerror(errno)); 255 1.24 manu rval = EX_OSERR; 256 1.1 cgd goto bad; 257 1.1 cgd } 258 1.1 cgd 259 1.1 cgd while ((nr = read(fd, buf, sizeof(buf))) > 0) 260 1.3 mycroft for (off = 0; off < nr; off += nw) 261 1.3 mycroft if ((nw = write(mbfd, buf + off, nr - off)) < 0) { 262 1.24 manu logwarn("%s: %s", path, strerror(errno)); 263 1.1 cgd goto trunc; 264 1.1 cgd } 265 1.1 cgd if (nr < 0) { 266 1.24 manu logwarn("temporary file: %s", strerror(errno)); 267 1.1 cgd trunc: (void)ftruncate(mbfd, curoff); 268 1.24 manu rval = EX_OSERR; 269 1.1 cgd } 270 1.1 cgd 271 1.1 cgd /* 272 1.1 cgd * Set the owner and group. Historically, binmail repeated this at 273 1.1 cgd * each mail delivery. We no longer do this, assuming that if the 274 1.1 cgd * ownership or permissions were changed there was a reason for doing 275 1.1 cgd * so. 276 1.1 cgd */ 277 1.2 deraadt bad: 278 1.10 mrg if (lockfile) { 279 1.10 mrg if (lfd >= 0) { 280 1.2 deraadt unlink(lpath); 281 1.2 deraadt close(lfd); 282 1.2 deraadt } 283 1.2 deraadt } 284 1.1 cgd 285 1.27 shm if (mbfd >= 0) { 286 1.27 shm if (created) 287 1.27 shm (void)fchown(mbfd, pw->pw_uid, pw->pw_gid); 288 1.27 shm 289 1.27 shm (void)fsync(mbfd); /* Don't wait for update. */ 290 1.27 shm (void)close(mbfd); /* Implicit unlock. */ 291 1.27 shm } 292 1.1 cgd 293 1.24 manu if (rval == EX_OK) 294 1.1 cgd notifybiff(biffmsg); 295 1.24 manu 296 1.24 manu return rval; 297 1.1 cgd } 298 1.1 cgd 299 1.1 cgd void 300 1.26 joerg notifybiff(char *msg) 301 1.1 cgd { 302 1.1 cgd static struct sockaddr_in addr; 303 1.1 cgd static int f = -1; 304 1.1 cgd struct hostent *hp; 305 1.1 cgd struct servent *sp; 306 1.1 cgd int len; 307 1.1 cgd 308 1.1 cgd if (!addr.sin_family) { 309 1.1 cgd /* Be silent if biff service not available. */ 310 1.1 cgd if (!(sp = getservbyname("biff", "udp"))) 311 1.1 cgd return; 312 1.1 cgd if (!(hp = gethostbyname("localhost"))) { 313 1.24 manu logwarn("localhost: %s", strerror(errno)); 314 1.1 cgd return; 315 1.1 cgd } 316 1.9 mycroft addr.sin_len = sizeof(struct sockaddr_in); 317 1.1 cgd addr.sin_family = hp->h_addrtype; 318 1.9 mycroft addr.sin_port = sp->s_port; 319 1.16 perry memcpy(&addr.sin_addr, hp->h_addr, hp->h_length); 320 1.1 cgd } 321 1.1 cgd if (f < 0 && (f = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { 322 1.24 manu logwarn("socket: %s", strerror(errno)); 323 1.1 cgd return; 324 1.1 cgd } 325 1.1 cgd len = strlen(msg) + 1; 326 1.1 cgd if (sendto(f, msg, len, 0, (struct sockaddr *)&addr, sizeof(addr)) 327 1.1 cgd != len) 328 1.24 manu logwarn("sendto biff: %s", strerror(errno)); 329 1.1 cgd } 330 1.1 cgd 331 1.26 joerg static void 332 1.26 joerg usage(void) 333 1.1 cgd { 334 1.24 manu logerr(EX_USAGE, "usage: mail.local [-l] [-f from] user ..."); 335 1.24 manu } 336 1.24 manu 337 1.26 joerg static void 338 1.24 manu logerr(int status, const char *fmt, ...) 339 1.24 manu { 340 1.24 manu va_list ap; 341 1.24 manu 342 1.24 manu va_start(ap, fmt); 343 1.24 manu vsyslog(LOG_ERR, fmt, ap); 344 1.24 manu va_end(ap); 345 1.24 manu 346 1.24 manu exit(status); 347 1.24 manu /* NOTREACHED */ 348 1.1 cgd } 349 1.1 cgd 350 1.26 joerg static void 351 1.24 manu logwarn(const char *fmt, ...) 352 1.1 cgd { 353 1.1 cgd va_list ap; 354 1.20 wiz 355 1.1 cgd va_start(ap, fmt); 356 1.1 cgd vsyslog(LOG_ERR, fmt, ap); 357 1.1 cgd va_end(ap); 358 1.24 manu return; 359 1.1 cgd } 360
Indexes created Tue Oct 28 12:10:06 GMT 2025