conf.c revision 49218d4f8e4d84d1c08aeb267bcf6e451f2056dc
/*
* Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers.
* All rights reserved.
* Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved.
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* By using this file, you agree to the terms and conditions set
* forth in the LICENSE file which can be found at the top level of
* the sendmail distribution.
*
*/
/*
* Copyright 1999-2004 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <sendmail.h>
#include <sendmail/pathnames.h>
#if NEWDB
#endif /* NEWDB */
#ifdef DEC
# if NETINET6
/* for the IPv6 device lookup */
# define _SOCKADDR_LEN
# include <macros.h>
# endif /* NETINET6 */
#endif /* DEC */
#include <limits.h>
#endif /* NETINET || NETINET6 */
# include <ulimit.h>
#endif /* HASULIMIT && defined(HPUX11) */
static void setupmailers __P((void));
static void setupqueues __P((void));
static int get_num_procs_online __P((void));
#if NETINET6 && NEEDSGETIPNODE
#endif /* NETINET6 && NEEDSGETIPNODE */
/*
** CONF.C -- Sendmail Configuration Tables.
**
** Defines the configuration of this installation.
**
** Configuration Variables:
** HdrInfo -- a table describing well-known header fields.
** Each entry has the field name and some flags,
** which are described in sendmail.h.
**
** Notes:
** I have tried to put almost all the reasonable
** configuration information into the configuration
** file read at runtime. My intent is that anything
** here is a function of the version of UNIX you
** are running, or is really static -- for example
** the headers are a superset of widely used
** protocols. If you find yourself playing with
** this file too much, you may be making a mistake!
*/
/*
** Header info table
** Final (null) entry contains the flags used for any other field.
**
** Not all of these are actually handled specially by sendmail
** at this time. They are included as placeholders, to let
** you know that "someday" I intend to have sendmail do
** something with them.
*/
{
/* originator fields, most to least significant */
/* destination fields */
/* message identification and control */
{ "message-id", 0, NULL },
/* date fields */
{ "date", 0, NULL },
/* trace fields */
/* miscellaneous fields */
};
/*
** Privacy values
*/
struct prival PrivacyValues[] =
{
{ "public", PRIV_PUBLIC },
{ "needmailhelo", PRIV_NEEDMAILHELO },
{ "needexpnhelo", PRIV_NEEDEXPNHELO },
{ "needvrfyhelo", PRIV_NEEDVRFYHELO },
{ "noexpn", PRIV_NOEXPN },
{ "novrfy", PRIV_NOVRFY },
{ "restrictexpand", PRIV_RESTRICTEXPAND },
{ "restrictmailq", PRIV_RESTRICTMAILQ },
{ "restrictqrun", PRIV_RESTRICTQRUN },
{ "noetrn", PRIV_NOETRN },
{ "noverb", PRIV_NOVERB },
{ "authwarnings", PRIV_AUTHWARNINGS },
{ "noreceipts", PRIV_NORECEIPTS },
{ "nobodyreturn", PRIV_NOBODYRETN },
{ "goaway", PRIV_GOAWAY },
{ "noactualrecipient", PRIV_NOACTUALRECIPIENT },
#endif /* _FFR_PRIV_NOACTUALRECIPIENT */
{ NULL, 0 }
};
/*
** DontBlameSendmail values
*/
struct dbsval DontBlameSendmailValues[] =
{
{ "safe", DBS_SAFE },
{ "assumesafechown", DBS_ASSUMESAFECHOWN },
{ "groupwritabledirpathsafe", DBS_GROUPWRITABLEDIRPATHSAFE },
{ "groupwritableforwardfilesafe",
{ "groupwritableincludefilesafe",
{ "groupwritablealiasfile", DBS_GROUPWRITABLEALIASFILE },
{ "worldwritablealiasfile", DBS_WORLDWRITABLEALIASFILE },
{ "forwardfileinunsafedirpath", DBS_FORWARDFILEINUNSAFEDIRPATH },
{ "includefileinunsafedirpath", DBS_INCLUDEFILEINUNSAFEDIRPATH },
{ "mapinunsafedirpath", DBS_MAPINUNSAFEDIRPATH },
{ "linkedaliasfileinwritabledir",
{ "linkedclassfileinwritabledir",
{ "linkedforwardfileinwritabledir",
{ "linkedincludefileinwritabledir",
{ "linkedmapinwritabledir", DBS_LINKEDMAPINWRITABLEDIR },
{ "linkedserviceswitchfileinwritabledir",
{ "filedeliverytohardlink", DBS_FILEDELIVERYTOHARDLINK },
{ "filedeliverytosymlink", DBS_FILEDELIVERYTOSYMLINK },
{ "writemaptohardlink", DBS_WRITEMAPTOHARDLINK },
{ "writemaptosymlink", DBS_WRITEMAPTOSYMLINK },
{ "writestatstohardlink", DBS_WRITESTATSTOHARDLINK },
{ "writestatstosymlink", DBS_WRITESTATSTOSYMLINK },
{ "forwardfileingroupwritabledirpath",
{ "includefileingroupwritabledirpath",
{ "classfileinunsafedirpath", DBS_CLASSFILEINUNSAFEDIRPATH },
{ "errorheaderinunsafedirpath", DBS_ERRORHEADERINUNSAFEDIRPATH },
{ "helpfileinunsafedirpath", DBS_HELPFILEINUNSAFEDIRPATH },
{ "forwardfileinunsafedirpathsafe",
{ "includefileinunsafedirpathsafe",
{ "runprograminunsafedirpath", DBS_RUNPROGRAMINUNSAFEDIRPATH },
{ "runwritableprogram", DBS_RUNWRITABLEPROGRAM },
{ "nonrootsafeaddr", DBS_NONROOTSAFEADDR },
{ "truststickybit", DBS_TRUSTSTICKYBIT },
{ "dontwarnforwardfileinunsafedirpath",
{ "insufficiententropy", DBS_INSUFFICIENTENTROPY },
{ "groupreadablesasldbfile", DBS_GROUPREADABLESASLDBFILE },
{ "groupwritablesasldbfile", DBS_GROUPWRITABLESASLDBFILE },
{ "groupwritableforwardfile", DBS_GROUPWRITABLEFORWARDFILE },
{ "groupwritableincludefile", DBS_GROUPWRITABLEINCLUDEFILE },
{ "worldwritableforwardfile", DBS_WORLDWRITABLEFORWARDFILE },
{ "worldwritableincludefile", DBS_WORLDWRITABLEINCLUDEFILE },
{ "groupreadablekeyfile", DBS_GROUPREADABLEKEYFILE },
{ "groupreadableadefaultauthinfofile",
#endif /* _FFR_GROUPREADABLEAUTHINFOFILE */
{ NULL, 0 }
};
/*
** Miscellaneous stuff.
*/
/*
** SETDEFAULTS -- set default values
**
** Some of these must be initialized using direct code since they
** depend on run-time values. So let's do all of them this way.
**
** Parameters:
** e -- the default envelope.
**
** Returns:
** none.
**
** Side Effects:
** Initializes a bunch of global variables to their
** default values.
*/
#define MINUTES * 60
#ifndef MAXRULERECURSION
#endif /* ! MAXRULERECURSION */
void
setdefaults(e)
register ENVELOPE *e;
{
int i;
int numprocs;
/* option F */
/* option QueueFileMode */
{
}
else
{
setdefuser();
}
TrustedUid = 0;
sm_dprintf("setdefaults: DefUser=%s, DefUid=%d, DefGid=%d\n",
SevenBitInput = false; /* option 7 */
#if MILTER
MilterLogLevel = -1;
#endif /* MILTER */
MeToo = true; /* option m */
SendMIMEErrors = true; /* option f */
#if MIME8TO7
#else /* MIME8TO7 */
#endif /* MIME8TO7 */
for (i = 0; i < MAXTOCLASS; i++)
{
}
MustQuoteChars = "@,;:\\()[].'";
MaxAliasRecursion = 10;
MaxMacroRecursion = 10;
ColonOkInAddr = true;
DontLockReadFiles = true;
DoubleBounceAddr = "postmaster";
MaxForwardEntries = 0;
FastSplit = 1;
#if SASL
#endif /* SASL */
#if STARTTLS
#endif /* STARTTLS */
#ifdef HESIOD_INIT
#endif /* HESIOD_INIT */
#if NETINET6
/* Detect if IPv6 is available at run time */
if (i >= 0)
{
(void) close(i);
}
else
#else /* NETINET6 */
#endif /* NETINET6 */
DataFileBufferSize = 4096;
XscriptFileBufferSize = 4096;
for (i = 0; i < MAXRWSETS; i++)
RuleSetNames[i] = NULL;
#if MILTER
InputFilters[0] = NULL;
#endif /* MILTER */
RequiresDirfsync = true;
#endif /* REQUIRES_DIR_FSYNC */
ConnectionRateWindowSize = 60;
setupmaps();
setupqueues();
setupmailers();
setupheaders();
}
/*
*/
void
{
static char defuserbuf[40];
(void) sm_strlcpy(defuserbuf,
sizeof defuserbuf);
sm_dprintf("setdefuser: DefUid=%d, DefUser=%s\n",
}
/*
** SETUPQUEUES -- initialize default queues
**
** The mqueue QUEUE structure gets filled in after readcf() but
** we need something to point to now for the mailer setup,
** which use "mqueue" as default queue.
*/
static void
{
char buf[100];
MaxRunnersPerQueue = 1;
}
/*
** SETUPMAILERS -- initialize default mailers
*/
static void
{
char buf[100];
sizeof buf);
sizeof buf);
sizeof buf);
}
/*
** SETUPMAPS -- set up map classes
*/
{ \
}
static void
{
register STAB *s;
#if NEWDB
# if DB_VERSION_MAJOR > 1
{
errno = 0;
syserr("Berkeley DB version mismatch: compiled against %d.%d.%d, run-time linked against %d.%d.%d",
}
# endif /* DB_VERSION_MAJOR > 1 */
#endif /* NEWDB */
#if NDBM
#endif /* NDBM */
#if NIS
#endif /* NIS */
#if NISPLUS
#endif /* NISPLUS */
#if LDAPMAP
#endif /* LDAPMAP */
#if PH_MAP
#endif /* PH_MAP */
#if MAP_NSD
/* IRIX 6.5 nsd support */
#endif /* MAP_NSD */
#if HESIOD
#endif /* HESIOD */
#if NETINFO
#endif /* NETINFO */
#if 0
#endif /* 0 */
#if NAMED_BIND
# if DNSMAP
# else /* _FFR_DNSMAP_ALIASABLE */
# endif /* _FFR_DNSMAP_ALIASABLE */
# endif /* DNSMAP */
#endif /* NAMED_BIND */
#if NAMED_BIND
/* best MX DNS lookup */
#endif /* NAMED_BIND */
/* access to system passwd file */
/* dequote map */
#if MAP_REGEX
#endif /* MAP_REGEX */
#if USERDB
/* user database */
#endif /* USERDB */
/* arbitrary programs */
/* sequenced maps */
/* switched interface to sequenced maps */
/* null map lookup -- really for internal use only */
/* syslog map -- logs information to syslog */
/* macro storage map -- rulesets can set macros */
#if SOCKETMAP
/* arbitrary daemons */
#endif /* SOCKETMAP */
{
/* bogus map -- always return tempfail */
}
}
/*
** INITHOSTMAPS -- initial host-dependent maps
**
** This should act as an interface to any local service switch
** provided by the host operating system.
**
** Parameters:
** none
**
** Returns:
** none
**
** Side Effects:
** Should define maps "host" and "users" as necessary
** for this OS. If they are not defined, they will get
** a default value later. It should check to make sure
** they are not defined first, since it's possible that
** the config file has provided an override.
*/
void
{
register int i;
int nmaps;
char *maptype[MAXMAPSTACK];
short mapreturn[MAXMAPACTIONS];
/*
** Set up default hosts maps.
*/
#if 0
for (i = 0; i < nmaps; i++)
{
{
sizeof buf);
(void) makemapentry(buf);
}
# if NAMED_BIND
{
(void) makemapentry(buf);
}
# endif /* NAMED_BIND */
# if NISPLUS
{
sizeof buf);
(void) makemapentry(buf);
}
# endif /* NISPLUS */
# if NIS
{
sizeof buf);
(void) makemapentry(buf);
}
# endif /* NIS */
# if NETINFO
{
sizeof buf);
(void) makemapentry(buf);
}
# endif /* NETINFO */
}
#endif /* 0 */
/*
** Make sure we have a host map.
*/
{
/* user didn't initialize: set up host map */
#if NAMED_BIND
if (ConfigLevel >= 2)
#endif /* NAMED_BIND */
(void) makemapentry(buf);
}
/*
** Set up default aliases maps
*/
for (i = 0; i < nmaps; i++)
{
{
sizeof buf);
(void) makemapentry(buf);
}
#if NISPLUS
{
sizeof buf);
(void) makemapentry(buf);
}
#endif /* NISPLUS */
#if NIS
{
sizeof buf);
(void) makemapentry(buf);
}
#endif /* NIS */
#if NETINFO
{
sizeof buf);
(void) makemapentry(buf);
}
#endif /* NETINFO */
#if HESIOD
{
sizeof buf);
(void) makemapentry(buf);
}
#endif /* HESIOD */
#if defined(LDAPMAP) && defined(SUN_EXTENSIONS) && \
defined(SUN_SIMPLIFIED_LDAP) && defined(HASLDAPGETALIASBYNAME)
{
sizeof buf);
(void) makemapentry(buf);
}
#endif
}
{
(void) makemapentry(buf);
}
#if 0 /* "user" map class is a better choice */
/*
** Set up default users maps.
*/
for (i = 0; i < nmaps; i++)
{
{
sizeof buf);
(void) makemapentry(buf);
}
# if NISPLUS
{
sizeof buf);
(void) makemapentry(buf);
}
# endif /* NISPLUS */
# if NIS
{
sizeof buf);
(void) makemapentry(buf);
}
# endif /* NIS */
# if HESIOD
{
(void) makemapentry(buf);
}
# endif /* HESIOD */
}
{
(void) makemapentry(buf);
}
#endif /* 0 */
}
/*
** SWITCH_MAP_FIND -- find the list of types associated with a map
**
** This is the system-dependent interface to the service switch.
**
** Parameters:
** service -- the name of the service of interest.
** maptype -- an out-array of strings containing the types
** of access to use for this service. There can
** be at most MAXMAPSTACK types for a single service.
** mapreturn -- an out-array of return information bitmaps
** for the map.
**
** Returns:
** The number of map types filled in, or -1 for failure.
**
** Side effects:
** Preserves errno so nothing in the routine clobbers it.
*/
# define _USE_SUN_NSSWITCH_
#endif /* defined(SOLARIS) || (defined(sony_news) && defined(__svr4)) */
# ifdef __hpux
# define _USE_SUN_NSSWITCH_
# endif /* __hpux */
#endif /* _FFR_HPUX_NSSWITCH */
#ifdef _USE_SUN_NSSWITCH_
# include <nsswitch.h>
#endif /* _USE_SUN_NSSWITCH_ */
# define _USE_DEC_SVC_CONF_
#endif /* defined(ultrix) || (defined(__osf__) && defined(__alpha)) */
#ifdef _USE_DEC_SVC_CONF_
#endif /* _USE_DEC_SVC_CONF_ */
int
char *service;
char *maptype[MAXMAPSTACK];
short mapreturn[MAXMAPACTIONS];
{
int svcno = 0;
int save_errno = errno;
#ifdef _USE_SUN_NSSWITCH_
struct __nsw_switchconfig *nsw_conf;
enum __nsw_parse_err pserr;
struct __nsw_lookup *lk;
static struct __nsw_lookup lkp0 =
static struct __nsw_switchconfig lkp_default =
else
svcno = 0;
{
svcno++;
}
errno = save_errno;
return svcno;
#endif /* _USE_SUN_NSSWITCH_ */
#ifdef _USE_DEC_SVC_CONF_
int svc;
goto punt;
svc = SVC_ALIASES;
svc = SVC_PASSWD;
else
{
errno = save_errno;
return -1;
}
{
{
case SVC_LOCAL:
break;
case SVC_YP:
break;
case SVC_BIND:
break;
# ifdef SVC_HESIOD
case SVC_HESIOD:
break;
# endif /* SVC_HESIOD */
case SVC_LAST:
errno = save_errno;
return svcno;
}
}
errno = save_errno;
return svcno;
#endif /* _USE_DEC_SVC_CONF_ */
#if !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_)
/*
** Fall-back mechanism.
*/
{
/* (re)read service switch */
sff |= SFF_NOWLINK;
if (ConfigFileRead)
{
{
register char *p;
if (p != NULL)
*p = '\0';
if (p != NULL)
*p++ = '\0';
if (buf[0] == '\0')
continue;
if (p == NULL)
{
"Bad line on %.100s: %.100s",
buf);
continue;
}
while (isspace(*p))
p++;
if (*p == '\0')
continue;
/*
** Space for all of the service strings
** are allocated at once. This means
** that we only have to free the first
** one to free all of them.
*/
p = newstr(p);
{
if (*p == '\0')
break;
p = strpbrk(p, " \t");
if (p == NULL)
break;
*p++ = '\0';
while (isspace(*p))
p++;
}
if (svcno < MAXMAPSTACK)
}
}
}
/* look up entry in cache */
{
/* extract data */
svcno = 0;
while (svcno < MAXMAPSTACK)
{
break;
}
errno = save_errno;
return --svcno;
}
#endif /* !defined(_USE_SUN_NSSWITCH_) && !defined(_USE_DEC_SVC_CONF_) */
#if !defined(_USE_SUN_NSSWITCH_)
/* if the service file doesn't work, use an absolute fallback */
# ifdef _USE_DEC_SVC_CONF_
punt:
# endif /* _USE_DEC_SVC_CONF_ */
svcno = 0;
{
# if defined(AUTO_NETINFO_ALIASES) && defined (NETINFO)
# endif /* defined(AUTO_NETINFO_ALIASES) && defined (NETINFO) */
# ifdef AUTO_NIS_ALIASES
# if NISPLUS
# endif /* NISPLUS */
# if NIS
# endif /* NIS */
# endif /* AUTO_NIS_ALIASES */
errno = save_errno;
return svcno;
}
{
# if NAMED_BIND
# else /* NAMED_BIND */
/* SunOS */
# endif /* defined(sun) && !defined(BSD) */
# endif /* NAMED_BIND */
# if defined(AUTO_NETINFO_HOSTS) && defined (NETINFO)
# endif /* defined(AUTO_NETINFO_HOSTS) && defined (NETINFO) */
errno = save_errno;
return svcno;
}
errno = save_errno;
return -1;
#endif /* !defined(_USE_SUN_NSSWITCH_) */
}
/*
** USERNAME -- return the user id of the logged in user.
**
** Parameters:
** none.
**
** Returns:
** The login name of the logged in user.
**
** Side Effects:
** none.
**
** Notes:
** The return value is statically allocated.
*/
char *
username()
{
extern char *getlogin();
/* cache the result */
{
{
}
else
{
{
}
}
{
syserr("554 5.3.0 Who are you?");
myname = "postmaster";
}
else
}
return myname;
}
/*
** TTYPATH -- Get the path of the user's tty
**
** Returns the pathname of the user's tty. Returns NULL if
** denied.
**
** Parameters:
** none
**
** Returns:
** pathname of the user's tty.
** NULL if not logged in or write permission denied.
**
** Side Effects:
** none.
**
** WARNING:
** Return value is in a local buffer.
**
** Called By:
** savemail
*/
char *
ttypath()
{
register char *pathn;
extern char *ttyname();
extern char *getlogin();
/* compute the pathname of the controlling tty */
{
errno = 0;
return NULL;
}
/* see if we have write permission */
{
errno = 0;
return NULL;
}
/* see if the user is logged in */
return NULL;
/* looks good */
return pathn;
}
/*
** CHECKCOMPAT -- check for From and To person compatible.
**
** This routine can be supplied on a per-installation basis
** to determine whether a person is allowed to send a message.
** This allows restriction of certain types of internet
** forwarding or registration of users.
**
** If the hosts are found to be incompatible, an error
** message should be given using "usrerr" and an EX_ code
** should be returned. You can also set to->q_status to
** a DSN-style status code.
**
** EF_NO_BODY_RETN can be set in e->e_flags to suppress the
** body during the return-to-sender function; this should be done
** on huge messages. This bit may already be set by the ESMTP
** protocol.
**
** Parameters:
** to -- the person being sent to.
**
** Returns:
** an exit status
**
** Side Effects:
** none (unless you include the usrerr stuff)
*/
int
checkcompat(to, e)
register ENVELOPE *e;
{
sm_dprintf("checkcompat(to=%s, from=%s)\n",
#ifdef EXAMPLE_CODE
/* this code is intended as an example only */
register STAB *s;
{
usrerr("553 No ARPA mail through this machine: see your system administration");
/* e->e_flags |= EF_NO_BODY_RETN; to suppress body on return */
return EX_UNAVAILABLE;
}
#endif /* EXAMPLE_CODE */
return EX_OK;
}
/*
** INIT_MD -- do machine dependent initializations
**
** Systems that have global modes that should be set should do
** them here rather than in main.
*/
#ifdef _AUX_SOURCE
# include <compat.h>
#endif /* _AUX_SOURCE */
#if SHARE_V1
# include <shares.h>
#endif /* SHARE_V1 */
void
int argc;
char **argv;
{
#ifdef _AUX_SOURCE
#endif /* _AUX_SOURCE */
#ifdef SUN_EXTENSIONS
init_md_sun();
#endif /* SUN_EXTENSIONS */
#if _CONVEX_SOURCE
/* keep gethostby*() from stripping the local domain name */
#endif /* _CONVEX_SOURCE */
#ifdef __QNX__
/*
** Due to QNX's network distributed nature, you can target a tcpip
** stack on a different node in the qnx network; this patch lets
** this feature work. The __sock_locate() must be done before the
** environment is clear.
*/
#endif /* __QNX__ */
#if SECUREWARE || defined(_SCO_unix_)
# ifdef _SCO_unix_
/*
** This is required for highest security levels (the kernel
** won't let it call set*uid() or run setuid binaries without
** it). It may be necessary on other SECUREWARE systems.
*/
if (getluid() == -1)
setluid(0);
# endif /* _SCO_unix_ */
#endif /* SECUREWARE || defined(_SCO_unix_) */
#ifdef VENDOR_DEFAULT
#else /* VENDOR_DEFAULT */
#endif /* VENDOR_DEFAULT */
}
/*
** INIT_VENDOR_MACROS -- vendor-dependent macro initializations
**
** Called once, on startup.
**
** Parameters:
** e -- the global envelope.
**
** Returns:
** none.
**
** Side Effects:
** vendor-dependent.
*/
void
register ENVELOPE *e;
{
}
/*
** GETLA -- get the current load average
**
** This code stolen from la.c.
**
** Parameters:
** none.
**
** Returns:
** The current load average as an integer.
**
** Side Effects:
** none.
*/
/* try to guess what style of load average we have */
/* do guesses based on general OS type */
#ifndef LA_TYPE
#endif /* ! LA_TYPE */
#ifndef FSHIFT
# if defined(unixpc)
# define FSHIFT 5
# endif /* defined(unixpc) */
# define FSHIFT 10
# endif /* defined(__alpha) || defined(IRIX) */
#endif /* ! FSHIFT */
#ifndef FSHIFT
# define FSHIFT 8
#endif /* ! FSHIFT */
#ifndef FSCALE
#endif /* ! FSCALE */
#ifndef LA_AVENRUN
# ifdef SYSTEM5
# define LA_AVENRUN "avenrun"
# else /* SYSTEM5 */
# define LA_AVENRUN "_avenrun"
# endif /* SYSTEM5 */
#endif /* ! LA_AVENRUN */
/* _PATH_KMEM should be defined in <paths.h> */
#ifndef _PATH_KMEM
# define _PATH_KMEM "/dev/kmem"
#endif /* ! _PATH_KMEM */
#if (LA_TYPE == LA_INT) || (LA_TYPE == LA_FLOAT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG)
# include <nlist.h>
/* _PATH_UNIX should be defined in <paths.h> */
# ifndef _PATH_UNIX
# if defined(SYSTEM5)
# define _PATH_UNIX "/unix"
# else /* defined(SYSTEM5) */
# define _PATH_UNIX "/vmunix"
# endif /* defined(SYSTEM5) */
# endif /* ! _PATH_UNIX */
# ifdef _AUX_SOURCE
# else /* _AUX_SOURCE */
{
{ LA_AVENRUN },
{ 0 },
};
# endif /* _AUX_SOURCE */
# define X_AVENRUN 0
int
getla()
{
int j;
static int kmem = -1;
long avenrun[3];
# else /* LA_TYPE == LA_INT */
short avenrun[3];
# else
# if LA_TYPE == LA_LONGLONG
long long avenrun[3];
# else /* LA_TYPE == LA_LONGLONG */
double avenrun[3];
# endif /* LA_TYPE == LA_LONGLONG */
# endif /* LA_TYPE == LA_SHORT */
# endif /* LA_TYPE == LA_INT */
if (kmem < 0)
{
# ifdef _AUX_SOURCE
# endif /* _AUX_SOURCE */
# else /* defined(_AIX3) || defined(_AIX4) */
# endif /* defined(_AIX3) || defined(_AIX4) */
{
return -1;
}
{
sm_dprintf("getla: nlist(%s, %s) ==> 0\n",
return -1;
}
# ifdef NAMELISTMASK
# endif /* NAMELISTMASK */
if (kmem < 0)
{
sm_dprintf("getla: open(/dev/kmem): %s\n",
return -1;
}
{
sm_dprintf("getla: fcntl(/dev/kmem, FD_CLOEXEC): %s\n",
kmem = -1;
return -1;
}
}
sm_dprintf("getla: symbol address = %#lx\n",
{
/* thank you Ian */
sm_dprintf("getla: lseek or read: %s\n",
return -1;
}
{
# else /* LA_TYPE == LA_SHORT */
# if LA_TYPE == LA_LONGLONG
# else /* LA_TYPE == LA_LONGLONG */
# endif /* LA_TYPE == LA_LONGLONG */
# endif /* LA_TYPE == LA_SHORT */
sm_dprintf("\n");
}
sm_dprintf("getla: %d\n",
# else /* (LA_TYPE == LA_INT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG) */
{
sm_dprintf("\n");
}
return ((int) (avenrun[0] + 0.5));
# endif /* (LA_TYPE == LA_INT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG) */
}
#endif /* (LA_TYPE == LA_INT) || (LA_TYPE == LA_FLOAT) || (LA_TYPE == LA_SHORT) || (LA_TYPE == LA_LONGLONG) */
#if LA_TYPE == LA_READKSYM
int
getla()
{
int j;
static int kmem = -1;
long avenrun[3];
struct mioc_rksym mirk;
if (kmem < 0)
{
if (kmem < 0)
{
sm_dprintf("getla: open(/dev/kmem): %s\n",
return -1;
}
{
sm_dprintf("getla: fcntl(/dev/kmem, FD_CLOEXEC): %s\n",
kmem = -1;
return -1;
}
}
{
sm_dprintf("getla: ioctl(MIOC_READKSYM) failed: %s\n",
return -1;
}
{
sm_dprintf("\n");
}
sm_dprintf("getla: %d\n",
}
#endif /* LA_TYPE == LA_READKSYM */
# include <sys/dg_sys_info.h>
int
getla()
{
struct dg_sys_info_load_info load_info;
dg_sys_info((long *)&load_info,
}
#endif /* LA_TYPE == LA_DGUX */
/* forward declarations to keep gcc from complaining */
struct pst_dynamic;
struct pst_status;
struct pst_static;
struct pst_vminfo;
struct pst_diskinfo;
struct pst_processor;
struct pst_lv;
struct pst_swapinfo;
int
getla()
{
struct pst_dynamic pstd;
return 0;
}
#endif /* LA_TYPE == LA_HPUX */
int
getla()
{
double avenrun[3];
{
sm_dprintf("getla: getloadavg failed: %s",
return -1;
}
return ((int) (avenrun[0] + 0.5));
}
#endif /* LA_TYPE == LA_SUBR */
/*
** This has been tested on NEXTSTEP release 2.1/3.X.
*/
# else /* defined(NX_CURRENT_COMPILER_RELEASE) && NX_CURRENT_COMPILER_RELEASE > NX_COMPILER_RELEASE_3_0 */
# include <mach.h>
# endif /* defined(NX_CURRENT_COMPILER_RELEASE) && NX_CURRENT_COMPILER_RELEASE > NX_COMPILER_RELEASE_3_0 */
int
getla()
{
unsigned int info_count;
struct processor_set_basic_info info;
if (error != KERN_SUCCESS)
{
sm_dprintf("getla: processor_set_default failed: %s",
return -1;
}
&info_count) != KERN_SUCCESS)
{
sm_dprintf("getla: processor_set_info failed: %s",
return -1;
}
sm_dprintf("getla: %d\n",
LOAD_SCALE));
}
#endif /* LA_TYPE == LA_MACH */
#if LA_TYPE == LA_PROCSTR
# endif /* SM_CONF_BROKEN_STRTOD */
/*
** in a format like "0.15 0.12 0.06".
**
** Initially intended for Linux. This has been in the kernel
** since at least 0.99.15.
*/
# ifndef _PATH_LOADAVG
# define _PATH_LOADAVG "/proc/loadavg"
# endif /* ! _PATH_LOADAVG */
int
getla()
{
double avenrun;
register int result;
NULL);
{
sm_dprintf("getla: sm_io_open(%s): %s\n",
return -1;
}
if (result != 1)
{
sm_dprintf("getla: sm_io_fscanf() = %d: %s\n",
return -1;
}
return ((int) (avenrun + 0.5));
}
#endif /* LA_TYPE == LA_PROCSTR */
# ifdef _UNICOSMP
# define CAST_SYSMP(x) (x)
# else /* _UNICOSMP */
# define CAST_SYSMP(x) ((x) & 0x7fffffff)
# endif /* _UNICOSMP */
int
getla(void)
{
int j;
static int kmem = -1;
int avenrun[3];
if (kmem < 0)
{
if (kmem < 0)
{
return -1;
}
{
sm_dprintf("getla: fcntl(/dev/kmem, FD_CLOEXEC): %s\n",
kmem = -1;
return -1;
}
}
== -1 ||
{
sm_dprintf("getla: lseek or read: %s\n",
return -1;
}
{
sm_dprintf(", %ld, %ld",
sm_dprintf("\n");
}
sm_dprintf("getla: %d\n",
}
#endif /* LA_TYPE == LA_IRIX6 */
# include <kstat.h>
int
getla()
{
int la;
kc = kstat_open();
{
sm_dprintf("getla: kstat_open(): %s\n",
return -1;
}
{
sm_dprintf("getla: kstat_lookup(): %s\n",
return -1;
}
{
sm_dprintf("getla: kstat_read(): %s\n",
return -1;
}
/* kstat_close(kc); /o do not close for fast access */
return la;
}
#endif /* LA_TYPE == LA_KSTAT */
#if LA_TYPE == LA_DEVSHORT
/*
** three shorts for the 1, 5, and 15 minute loads. We only read the
** first, since that's all we care about.
**
** Intended for SCO OpenServer 5.
*/
# ifndef _PATH_AVENRUN
# define _PATH_AVENRUN "/dev/table/avenrun"
# endif /* ! _PATH_AVENRUN */
int
getla()
{
static int afd = -1;
short avenrun;
int loadav;
int r;
{
return -1;
if (afd < 0)
{
"can't open %s: %s",
return -1;
}
}
return loadav;
}
#endif /* LA_TYPE == LA_DEVSHORT */
#if LA_TYPE == LA_ALPHAOSF
struct rtentry;
struct mbuf;
int
getla()
{
int ave = 0;
struct tbl_loadavg tab;
{
return -1;
}
else
return ave;
}
#endif /* LA_TYPE == LA_ALPHAOSF */
int
getla()
{
double avenrun[3];
{
sm_dprintf("getla: pset_getloadavg failed: %s",
return -1;
}
return ((int) (avenrun[0] + 0.5));
}
#endif /* LA_TYPE == LA_PSET */
int
getla()
{
sm_dprintf("getla: ZERO\n");
return 0;
}
#endif /* LA_TYPE == LA_ZERO */
/*
* Copyright 1989 Massachusetts Institute of Technology
*
* Permission to use, copy, modify, distribute, and sell this software and its
* documentation for any purpose is hereby granted without fee, provided that
* the above copyright notice appear in all copies and that both that
* copyright notice and this permission notice appear in supporting
* documentation, and that the name of M.I.T. not be used in advertising or
* publicity pertaining to distribution of the software without specific,
* written prior permission. M.I.T. makes no representations about the
* suitability of this software for any purpose. It is provided "as is"
* without express or implied warranty.
*
* M.I.T. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL M.I.T.
* BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
* Authors: Many and varied...
*/
/* Non Apollo stuff removed by Don Lewis 11/15/93 */
#ifndef lint
#endif /* ! lint */
#ifdef apollo
# undef volatile
/* ARGSUSED */
int getloadavg( call_data )
{
int i;
long loadav[3];
return 0;
}
#endif /* apollo */
/*
** SM_GETLA -- get the current load average
**
** Parameters:
** none
**
** Returns:
** none
**
** Side Effects:
** Set CurrentLA to the current load average.
** Set {load_avg} in GlobalMacros to the current load average.
*/
void
sm_getla()
{
char labuf[8];
}
/*
** SHOULDQUEUE -- should this message be queued or sent?
**
** Compares the message cost to the load average to decide.
**
** Note: Do NOT change this API! It is documented in op.me
** and theoretically the user can change this function...
**
** Parameters:
** pri -- the priority of the message in question.
** ct -- the message creation time (unused, but see above).
**
** Returns:
** true -- if this message should be queued up for the
** time being.
** false -- if the load is low enough to send this message.
**
** Side Effects:
** none.
*/
/* ARGSUSED1 */
bool
long pri;
{
bool rval;
sm_dprintf("shouldqueue: CurrentLA=%d, pri=%ld: ",
{
sm_dprintf("false (CurrentLA < QueueLA)\n");
return false;
}
# if 0 /* this code is reported to cause oscillation around RefuseLA */
{
sm_dprintf("TRUE (CurrentLA >= RefuseLA)\n");
return true;
}
# endif /* 0 */
return rval;
}
/*
** REFUSECONNECTIONS -- decide if connections should be refused
**
** Parameters:
** name -- daemon name (for error messages only)
** e -- the current envelope.
** d -- number of daemon
** active -- was this daemon actually active?
**
** Returns:
** true if incoming SMTP connections should be refused
** (for now).
** false if we should accept new work.
**
** Side Effects:
** Sets process title when it is rejecting connections.
*/
bool
char *name;
ENVELOPE *e;
int d;
bool active;
{
static int conncnt[MAXDAEMONS];
#if XLA
if (!xla_smtp_ok())
return true;
#endif /* XLA */
SM_ASSERT(d >= 0);
SM_ASSERT(d < MAXDAEMONS);
if (ConnRateThrottle > 0)
{
if (active)
{
{
conncnt[d] = 1;
}
else if (conncnt[d]++ > ConnRateThrottle)
{
#define D_MSG_CRT "deferring connections on daemon %s: %d per second"
/* sleep to flatten out connection load */
sm_setproctitle(true, e, D_MSG_CRT,
if (LogLevel > 8)
(void) sleep(1);
}
}
conncnt[d] = 0;
}
sm_getla();
{
# define R_MSG_LA "rejecting connections on daemon %s: load average: %d"
# define R2_MSG_LA "have been rejecting connections on daemon %s for %s"
if (LogLevel > 8)
if (firstrejtime[d] == 0)
{
firstrejtime[d] = now;
}
else if (nextlogtime[d] < now)
{
}
return true;
}
else
firstrejtime[d] = 0;
{
# define D_MSG_LA "delaying connections on daemon %s: load average=%d >= %d"
/* sleep to flatten out connection load */
{
}
(void) sleep(1);
}
{
if (CurChildren >= MaxChildren)
{
#define R_MSG_CHILD "rejecting connections on daemon %s: %d children, max %d"
sm_setproctitle(true, e, R_MSG_CHILD,
if (LogLevel > 8)
return true;
}
}
return false;
}
/*
** SETPROCTITLE -- set process title for ps
**
** Parameters:
** fmt -- a printf style format string.
** a, b, c -- possible parameters to fmt.
**
** Returns:
** none.
**
** Side Effects:
** Clobbers argv of our main procedure so ps(1) will
** display the title.
*/
#define SPT_NONE 0 /* don't use it at all */
#ifndef SPT_TYPE
# define SPT_TYPE SPT_REUSEARGV
#endif /* ! SPT_TYPE */
# endif /* SPT_TYPE == SPT_PSTAT */
# if SPT_TYPE == SPT_PSSTRINGS
# ifndef PS_STRINGS /* hmmmm.... apparently not available after all */
# define SPT_TYPE SPT_REUSEARGV
# else /* ! PS_STRINGS */
# ifndef NKPDE /* FreeBSD 2.0 */
# define NKPDE 63
typedef unsigned int *pt_entry_t;
# endif /* ! NKPDE */
# endif /* ! PS_STRINGS */
# endif /* SPT_TYPE == SPT_PSSTRINGS */
# define SETPROC_STATIC static
# else /* SPT_TYPE == SPT_PSSTRINGS || SPT_TYPE == SPT_CHANGEARGV */
# define SETPROC_STATIC
# endif /* SPT_TYPE == SPT_PSSTRINGS || SPT_TYPE == SPT_CHANGEARGV */
# if SPT_TYPE == SPT_SYSMIPS
# endif /* SPT_TYPE == SPT_SYSMIPS */
# define SPT_BUFSIZE PSARGSZ
# endif /* PSARGSZ > MAXLINE */
# endif /* SPT_TYPE == SPT_SCO */
# ifndef SPT_PADCHAR
# define SPT_PADCHAR ' '
# endif /* ! SPT_PADCHAR */
#endif /* SPT_TYPE != SPT_NONE && SPT_TYPE != SPT_BUILTIN */
#ifndef SPT_BUFSIZE
# define SPT_BUFSIZE MAXLINE
#endif /* ! SPT_BUFSIZE */
#if _FFR_SPT_ALIGN
/*
** It looks like the Compaq Tru64 5.1A now aligns argv and envp to
** 64 bit alignment, so unless each piece of argv and envp is a multiple
** of 8 bytes (including terminating NULL), initsetproctitle() won't use
** any of the space beyond argv[0]. Be sure to set SPT_ALIGN_SIZE if
** you use this FFR.
*/
# ifdef SPT_ALIGN_SIZE
# else /* SPT_ALIGN_SIZE */
# endif /* SPT_ALIGN_SIZE */
#else /* _FFR_SPT_ALIGN */
#endif /* _FFR_SPT_ALIGN */
/*
** Pointers for setproctitle.
** This allows "ps" listings to give more useful information.
*/
#if SPT_TYPE != SPT_BUILTIN
static void setproctitle __P((const char *, ...));
#endif /* SPT_TYPE != SPT_BUILTIN */
void
int argc;
char **argv;
char **envp;
{
register int i;
int align;
extern char **environ;
/*
** Move the environment so setproctitle can use the space at
** the top of memory.
*/
{
continue;
}
/*
** Save start and extent of argv for setproctitle.
*/
/*
** Determine how much space we can use for setproctitle.
** Use all contiguous argv and envp pointers starting at argv[0]
*/
align = -1;
# if _FFR_SPT_ALIGN
# ifdef SPT_ALIGN_SIZE
for (i = SPT_ALIGN_SIZE; i > 0; i >>= 1)
align++;
# endif /* SPT_ALIGN_SIZE */
# endif /* _FFR_SPT_ALIGN */
for (i = 0; i < argc; i++)
{
}
{
}
}
#if SPT_TYPE != SPT_BUILTIN
/*VARARGS1*/
static void
# ifdef __STDC__
setproctitle(const char *fmt, ...)
# else /* __STDC__ */
const char *fmt;
# endif /* __STDC__ */
{
register int i;
register char *p;
# endif /* SPT_TYPE == SPT_PSTAT */
int j;
static int kmem = -1;
struct user u;
# endif /* SPT_TYPE == SPT_SCO */
p = buf;
/* print sendmail: heading for grep */
p += strlen(p);
/* print the argument string */
if (i < 0)
return;
# endif /* SPT_TYPE == SPT_PSTAT */
# if SPT_TYPE == SPT_PSSTRINGS
# endif /* SPT_TYPE == SPT_PSSTRINGS */
# if SPT_TYPE == SPT_SYSMIPS
# endif /* SPT_TYPE == SPT_SYSMIPS */
{
if (kmem >= 0)
if (kmem < 0)
return;
{
kmem = -1;
return;
}
}
# endif /* SPT_TYPE == SPT_SCO */
# if SPT_TYPE == SPT_REUSEARGV
return;
{
buf[i] = '\0';
}
p = &Argv[0][i];
while (p < LastArgv)
*p++ = SPT_PADCHAR;
# endif /* SPT_TYPE == SPT_REUSEARGV */
# if SPT_TYPE == SPT_CHANGEARGV
Argv[1] = 0;
# endif /* SPT_TYPE == SPT_CHANGEARGV */
# endif /* SPT_TYPE != SPT_NONE */
}
#endif /* SPT_TYPE != SPT_BUILTIN */
/*
** SM_SETPROCTITLE -- set process task and set process title for ps
**
** Possibly set process status and call setproctitle() to
** change the ps display.
**
** Parameters:
** status -- whether or not to store as process status
** e -- the current envelope.
** fmt -- a printf style format string.
** a, b, c -- possible parameters to fmt.
**
** Returns:
** none.
*/
/*VARARGS2*/
void
#ifdef __STDC__
#else /* __STDC__ */
bool status;
ENVELOPE *e;
const char *fmt;
#endif /* __STDC__ */
{
char buf[SPT_BUFSIZE];
/* print the argument string */
if (status)
if (ProcTitlePrefix != NULL)
{
char prefix[SPT_BUFSIZE];
}
else
}
/*
** WAITFOR -- wait for a particular process id.
**
** Parameters:
** pid -- process id to wait for.
**
** Returns:
** status of pid.
** -1 if pid never shows up.
**
** Side Effects:
** none.
*/
int
{
int st;
pid_t i;
do
{
errno = 0;
if (i > 0)
if (i < 0)
return -1;
return st;
}
/*
** SM_WAIT -- wait
**
** Parameters:
** status -- pointer to status (return value)
**
** Returns:
** pid
*/
int *status;
{
# ifdef WAITUNION
# else /* WAITUNION */
auto int st;
# endif /* WAITUNION */
pid_t i;
# if defined(ISC_UNIX) || defined(_SCO_unix_)
int savesig;
# endif /* defined(ISC_UNIX) || defined(_SCO_unix_) */
# if defined(ISC_UNIX) || defined(_SCO_unix_)
# endif /* defined(ISC_UNIX) || defined(_SCO_unix_) */
# if defined(ISC_UNIX) || defined(_SCO_unix_)
if (savesig > 0)
# endif /* defined(ISC_UNIX) || defined(_SCO_unix_) */
# ifdef WAITUNION
# else /* WAITUNION */
# endif /* WAITUNION */
return i;
}
/*
** REAPCHILD -- pick up the body of my child, lest it become a zombie
**
** Parameters:
** sig -- the signal that got us here (unused).
**
** Returns:
** none.
**
** Side Effects:
** Picks up extant zombies.
**
** NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER. DO NOT ADD
** ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
** DOING.
*/
/* ARGSUSED0 */
int sig;
{
int save_errno = errno;
int st;
# if HASWAITPID
auto int status;
int count;
count = 0;
{
if (count++ > 1000)
break;
# else /* HASWAITPID */
# ifdef WNOHANG
{
# else /* WNOHANG */
auto int status;
/*
** Catch one zombie -- we will be re-invoked (we hope) if there
** are more. Unreliable signals probably break this, but this
** is the "old system" situation -- waitpid or wait3 are to be
** strongly preferred.
*/
{
# endif /* WNOHANG */
# endif /* HASWAITPID */
/* Drop PID and check if it was a control socket child */
}
errno = save_errno;
return SIGFUNC_RETURN;
}
/*
** GETDTABLESIZE -- return number of file descriptors
**
** Only on non-BSD systems
**
** Parameters:
** none
**
** Returns:
** size of file descriptor table
**
** Side Effects:
** none
*/
#ifdef SOLARIS
# include <sys/resource.h>
#endif /* SOLARIS */
int
{
# ifdef RLIMIT_NOFILE
# endif /* RLIMIT_NOFILE */
# if HASGETDTABLESIZE
return getdtablesize();
# else /* HASGETDTABLESIZE */
# ifdef _SC_OPEN_MAX
return sysconf(_SC_OPEN_MAX);
# else /* _SC_OPEN_MAX */
return NOFILE;
# endif /* _SC_OPEN_MAX */
# endif /* HASGETDTABLESIZE */
}
/*
** UNAME -- get the UUCP name of this system.
*/
#if !HASUNAME
int
{
char *n;
{
NODE_LENGTH + 1);
if (n != NULL)
*n = '\0';
return 0;
}
!= NULL)
{
{
break;
}
return 0;
}
return -1;
}
#endif /* !HASUNAME */
/*
** INITGROUPS -- initialize groups
**
** Stub implementation for System V style systems
*/
#if !HASINITGROUPS
char *name;
int basegid;
{
return 0;
}
#endif /* !HASINITGROUPS */
/*
** SETGROUPS -- set group list
**
** Stub implementation for systems that don't have group lists
*/
#ifndef NGROUPS_MAX
int
int ngroups;
{
return 0;
}
#endif /* ! NGROUPS_MAX */
/*
** SETSID -- set session id (for non-POSIX systems)
*/
#if !HASSETSID
{
# ifdef TIOCNOTTY
int fd;
if (fd >= 0)
{
}
# endif /* TIOCNOTTY */
# ifdef SYS5SETPGRP
return setpgrp();
# else /* SYS5SETPGRP */
return setpgid(0, CurrentPid);
# endif /* SYS5SETPGRP */
}
#endif /* !HASSETSID */
/*
** FSYNC -- dummy fsync
*/
#if NEEDFSYNC
int fd;
{
# ifdef O_SYNC
# else /* O_SYNC */
/* nothing we can do */
return 0;
# endif /* O_SYNC */
}
#endif /* NEEDFSYNC */
/*
**
** instead of a long. This patches things. Only needed on versions
** prior to 5.4.3.
*/
#ifdef DGUX_5_4_2
long
char *host;
{
}
#endif /* DGUX_5_4_2 */
/*
** GETOPT -- for old systems or systems with bogus implementations
*/
#if !SM_CONF_GETOPT
/*
* Copyright (c) 1985 Regents of the University of California.
* All rights reserved. The Berkeley software License Agreement
* specifies the terms and conditions for redistribution.
*/
/*
** this version hacked to add `atend' flag to allow state machine
** to reset if invoked by the program to scan args for a 2nd time
*/
# endif /* defined(LIBC_SCCS) && !defined(lint) */
/*
** get option letter from argument vector
*/
# ifdef _CONVEX_SOURCE
extern char *optarg;
# else /* _CONVEX_SOURCE */
int optopt = 0; /* character checked for validity */
# endif /* _CONVEX_SOURCE */
# define BADCH (int)'?'
# define EMSG ""
return BADCH;}
int
int nargc;
char *const *nargv;
const char *ostr;
{
static char atend = 0;
if (atend) {
atend = 0;
}
if(!*place) { /* update scanning pointer */
atend++;
return -1;
}
++optind;
atend++;
return -1;
}
} /* option letter okay? */
tell(": illegal option -- ");
}
}
else { /* need an argument */
tell(": option requires an argument -- ");
}
++optind;
}
return optopt; /* dump back option letter */
}
#endif /* !SM_CONF_GETOPT */
/*
** USERSHELLOK -- tell if a user's shell is ok for unrestricted use
**
** Parameters:
** user -- the name of the user we are checking.
**
** Returns:
** true -- if it is ok to use this for unrestricted access.
** false -- if the shell is restricted.
*/
#if !HASGETUSERSHELL
# ifndef _PATH_SHELLS
# define _PATH_SHELLS "/etc/shells"
# endif /* ! _PATH_SHELLS */
# include <userconf.h>
# if _AIX4 >= 40200
# include <userpw.h>
# endif /* _AIX4 >= 40200 */
# include <usersec.h>
# endif /* defined(_AIX3) || defined(_AIX4) */
static char *DefaultUserShells[] =
{
# ifdef MPE
# else /* MPE */
# endif /* MPE */
# ifdef __hpux
# ifdef V4FS
# else /* V4FS */
# endif /* V4FS */
# endif /* __hpux */
# endif /* defined(_AIX3) || defined(_AIX4) */
# endif /* defined(__svr4__) || defined(__svr5__) */
# ifdef sgi
# endif /* sgi */
};
#endif /* !HASGETUSERSHELL */
#define WILDCARD_SHELL "/SENDMAIL/ANY/SHELL/"
bool
char *user;
char *shell;
{
# if HASGETUSERSHELL
register char *p;
extern char *getusershell();
ConfigLevel <= 1)
return true;
setusershell();
while ((p = getusershell()) != NULL)
break;
endusershell();
return p != NULL;
# else /* HASGETUSERSHELL */
# if USEGETCONFATTR
auto char *v;
# endif /* USEGETCONFATTR */
ConfigLevel <= 1)
return true;
# if USEGETCONFATTR
/*
** Naturally IBM has a "better" idea.....
**
** What a crock. This interface isn't documented, it is
** considered part of the security library (-ls), and it
** only works if you are running as root (since the list
** of valid shells is obviously a source of great concern).
** I recommend that you do NOT define USEGETCONFATTR,
** especially since you are going to have to set up an
** fails.
*/
{
while (*v != '\0')
{
return true;
v += strlen(v) + 1;
}
return false;
}
# endif /* USEGETCONFATTR */
SM_IO_RDONLY, NULL);
{
char **d;
"usershellok: cannot open %s: %s",
for (d = DefaultUserShells; *d != NULL; d++)
{
return true;
}
return false;
}
{
register char *p, *q;
p = buf;
while (*p != '\0' && *p != '#' && *p != '/')
p++;
if (*p == '#' || *p == '\0')
continue;
q = p;
p++;
*p = '\0';
{
return true;
}
}
return false;
# endif /* HASGETUSERSHELL */
}
/*
** FREEDISKSPACE -- see how much free space is on the queue filesystem
**
** Only implemented if you have statfs.
**
** Parameters:
** dir -- the directory in question.
** bsize -- a variable into which the filesystem
** block size is stored.
**
** Returns:
** The number of blocks free on the queue filesystem.
** -1 if the statfs call fails.
**
** Side effects:
** Puts the filesystem block size into bsize.
*/
/* statfs types */
# define SFS_NONE 0 /* no statfs implementation */
# ifndef SFS_TYPE
# endif /* ! SFS_TYPE */
# include <ustat.h>
# endif /* SFS_TYPE == SFS_USTAT */
# endif /* SFS_TYPE == SFS_4ARGS || SFS_TYPE == SFS_STATFS */
# endif /* SFS_TYPE == SFS_VFS */
# endif /* SFS_TYPE == SFS_MOUNT */
# if SFS_TYPE == SFS_STATVFS
# endif /* SFS_TYPE == SFS_STATVFS */
long
char *dir;
long *bsize;
{
*bsize = 4096L;
/* assume free space is plentiful */
return (long) LONG_MAX;
# else /* SFS_TYPE == SFS_NONE */
# define FSBLOCKSIZE DEV_BSIZE
# define SFS_BAVAIL f_tfree
# else /* SFS_TYPE == SFS_USTAT */
# if defined(ultrix)
# define SFS_BAVAIL fd_bfreen
# define FSBLOCKSIZE 1024L
# else /* defined(ultrix) */
# if SFS_TYPE == SFS_STATVFS
# else /* SFS_TYPE == SFS_STATVFS */
# endif /* SFS_TYPE == SFS_STATVFS */
# endif /* defined(ultrix) */
# endif /* SFS_TYPE == SFS_USTAT */
# ifndef SFS_BAVAIL
# define SFS_BAVAIL f_bavail
# endif /* ! SFS_BAVAIL */
# else /* SFS_TYPE == SFS_USTAT */
# else /* SFS_TYPE == SFS_4ARGS */
# if SFS_TYPE == SFS_STATVFS
# else /* SFS_TYPE == SFS_STATVFS */
# if defined(ultrix)
# else /* defined(ultrix) */
# endif /* defined(ultrix) */
# endif /* SFS_TYPE == SFS_STATVFS */
# endif /* SFS_TYPE == SFS_4ARGS */
# endif /* SFS_TYPE == SFS_USTAT */
{
*bsize = FSBLOCKSIZE;
if (fs.SFS_BAVAIL <= 0)
return 0;
return (long) LONG_MAX;
else
return (long) fs.SFS_BAVAIL;
}
return -1;
# endif /* SFS_TYPE == SFS_NONE */
}
/*
** ENOUGHDISKSPACE -- is there enough free space on the queue file systems?
**
** Parameters:
** msize -- the size to check against. If zero, we don't yet
** know how big the message will be, so just check for
** a "reasonable" amount.
** e -- envelope, or NULL -- controls logging
**
** Returns:
** true if in every queue group there is at least one
** queue directory whose file system contains enough free space.
** false otherwise.
**
** Side Effects:
** If there is not enough disk space and e != NULL
** then sm_syslog is called.
*/
bool
enoughdiskspace(msize, e)
long msize;
ENVELOPE *e;
{
int i;
if (MinBlocksFree <= 0 && msize <= 0)
{
sm_dprintf("enoughdiskspace: no threshold\n");
return true;
}
for (i = 0; i < NumQueue; ++i)
{
return false;
}
return true;
}
/*
** TRANSIENTERROR -- tell if an error code indicates a transient failure
**
** This looks at an errno value and tells if this is likely to
** go away if retried later.
**
** Parameters:
** err -- the errno code to classify.
**
** Returns:
** true if this is probably transient.
** false otherwise.
*/
bool
int err;
{
switch (err)
{
case EIO: /* I/O error */
case ENXIO: /* Device not configured */
case EAGAIN: /* Resource temporarily unavailable */
case ENOMEM: /* Cannot allocate memory */
case ENODEV: /* Operation not supported by device */
case ENFILE: /* Too many open files in system */
case EMFILE: /* Too many open files */
case ENOSPC: /* No space left on device */
case ETIMEDOUT: /* Connection timed out */
#ifdef ESTALE
case ESTALE: /* Stale NFS file handle */
#endif /* ESTALE */
#ifdef ENETDOWN
case ENETDOWN: /* Network is down */
#endif /* ENETDOWN */
#ifdef ENETUNREACH
case ENETUNREACH: /* Network is unreachable */
#endif /* ENETUNREACH */
#ifdef ENETRESET
case ENETRESET: /* Network dropped connection on reset */
#endif /* ENETRESET */
#ifdef ECONNABORTED
case ECONNABORTED: /* Software caused connection abort */
#endif /* ECONNABORTED */
#ifdef ECONNRESET
case ECONNRESET: /* Connection reset by peer */
#endif /* ECONNRESET */
#ifdef ENOBUFS
case ENOBUFS: /* No buffer space available */
#endif /* ENOBUFS */
#ifdef ESHUTDOWN
case ESHUTDOWN: /* Can't send after socket shutdown */
#endif /* ESHUTDOWN */
#ifdef ECONNREFUSED
case ECONNREFUSED: /* Connection refused */
#endif /* ECONNREFUSED */
#ifdef EHOSTDOWN
case EHOSTDOWN: /* Host is down */
#endif /* EHOSTDOWN */
#ifdef EHOSTUNREACH
case EHOSTUNREACH: /* No route to host */
#endif /* EHOSTUNREACH */
#ifdef EDQUOT
case EDQUOT: /* Disc quota exceeded */
#endif /* EDQUOT */
#ifdef EPROCLIM
case EPROCLIM: /* Too many processes */
#endif /* EPROCLIM */
#ifdef EUSERS
case EUSERS: /* Too many users */
#endif /* EUSERS */
#ifdef EDEADLK
case EDEADLK: /* Resource deadlock avoided */
#endif /* EDEADLK */
#ifdef EISCONN
case EISCONN: /* Socket already connected */
#endif /* EISCONN */
#ifdef EINPROGRESS
case EINPROGRESS: /* Operation now in progress */
#endif /* EINPROGRESS */
#ifdef EALREADY
case EALREADY: /* Operation already in progress */
#endif /* EALREADY */
#ifdef EADDRINUSE
case EADDRINUSE: /* Address already in use */
#endif /* EADDRINUSE */
#ifdef EADDRNOTAVAIL
case EADDRNOTAVAIL: /* Can't assign requested address */
#endif /* EADDRNOTAVAIL */
#ifdef ETXTBSY
case ETXTBSY: /* (Apollo) file locked */
#endif /* ETXTBSY */
case ENOSR: /* Out of streams resources */
#endif /* defined(ENOSR) && (!defined(ENOBUFS) || (ENOBUFS != ENOSR)) */
#ifdef ENOLCK
case ENOLCK: /* No locks available */
#endif /* ENOLCK */
case E_SM_OPENTIMEOUT: /* PSEUDO: open timed out */
return true;
}
/* nope, must be permanent */
return false;
}
/*
** LOCKFILE -- lock a file using flock or (shudder) fcntl locking
**
** Parameters:
** fd -- the file descriptor of the file.
** filename -- the file name (for error messages).
** ext -- the filename extension.
** type -- type of the lock. Bits can be:
** LOCK_EX -- exclusive lock.
** LOCK_NB -- non-blocking.
** LOCK_UN -- unlock.
**
** Returns:
** true if the lock was acquired.
** false otherwise.
*/
bool
int fd;
char *filename;
char *ext;
int type;
{
int i;
int save_errno;
# if !HASFLOCK
int action;
ext = "";
else
else
sm_dprintf("lockfile(%s%s, action=%d, type=%d): ",
continue;
if (i >= 0)
{
sm_dprintf("SUCCESS\n");
return true;
}
save_errno = errno;
/*
** as type "tmp" (that is, served from swap space), the
** previous fcntl will fail with "Invalid argument" errors.
** Since this is fairly common during testing, we will assume
** that this indicates that the lock is successfully grabbed.
*/
if (save_errno == EINVAL)
{
sm_dprintf("SUCCESS\n");
return true;
}
{
errno = save_errno;
syserr("cannot lockf(%s%s, fd=%d, type=%o, omode=%o, euid=%d)",
}
# else /* !HASFLOCK */
ext = "";
continue;
if (i >= 0)
{
sm_dprintf("SUCCESS\n");
return true;
}
save_errno = errno;
{
errno = save_errno;
syserr("cannot flock(%s%s, fd=%d, type=%o, omode=%o, euid=%d)",
}
# endif /* !HASFLOCK */
sm_dprintf("FAIL\n");
errno = save_errno;
return false;
}
/*
** CHOWNSAFE -- tell if chown is "safe" (executable only by root)
**
** Unfortunately, given that we can't predict other systems on which
** a remote mounted (NFS) filesystem will be mounted, the answer is
** almost always that this is unsafe.
**
** Note also that many operating systems have non-compliant
** implementations of the _POSIX_CHOWN_RESTRICTED variable and the
** fpathconf() routine. According to IEEE 1003.1-1990, if
** _POSIX_CHOWN_RESTRICTED is defined and not equal to -1, then
** no non-root process can give away the file. However, vendors
** don't take NFS into account, so a comfortable value of
** _POSIX_CHOWN_RESTRICTED tells us nothing.
**
** Also, some systems (e.g., IRIX 6.2) return 1 from fpathconf()
** even on files where chown is not restricted. Many systems get
** this wrong on NFS-based filesystems (that is, they say that chown
** is restricted [safe] on NFS filesystems where it may not be, since
** other systems can access the same filesystem and do file giveaway;
** only the NFS server knows for sure!) Hence, it is important to
** get the value of SAFENFSPATHCONF correct -- it should be defined
** _only_ after testing (see test/t_pathconf.c) a system on an unsafe
** NFS-based filesystem to ensure that you can get meaningful results.
** If in doubt, assume unsafe!
**
** You may also need to tweak IS_SAFE_CHOWN -- it should be a
** condition indicating whether the return from pathconf indicates
** that chown is safe (typically either > 0 or >= 0 -- there isn't
** even any agreement about whether a zero return means that a file
** is or is not safe). It defaults to "> 0".
**
** If the parent directory is safe (writable only by owner back
** to the root) then we can relax slightly and trust fpathconf
** in more circumstances. This is really a crock -- if this is an
** NFS mounted filesystem then we really know nothing about the
** underlying implementation. However, most systems pessimize and
** return an error (EINVAL or EOPNOTSUPP) on NFS filesystems, which
** we interpret as unsafe, as we should. Thus, this heuristic gets
** us into a possible problem only on systems that have a broken
** pathconf implementation and which are also poorly configured
** (have :include: files in group- or world-writable directories).
**
** Parameters:
** fd -- the file descriptor to check.
** safedir -- set if the parent directory is safe.
**
** Returns:
** true -- if the chown(2) operation is "safe" -- that is,
** only root can chown the file to an arbitrary user.
** false -- if an arbitrary user can give away a file.
*/
#ifndef IS_SAFE_CHOWN
# define IS_SAFE_CHOWN > 0
#endif /* ! IS_SAFE_CHOWN */
bool
int fd;
bool safedir;
{
(defined(_PC_CHOWN_RESTRICTED) || defined(_GNU_TYPES_H))
int rval;
/* give the system administrator a chance to override */
return true;
/*
** Some systems (e.g., SunOS) seem to have the call and the
** #define _PC_CHOWN_RESTRICTED, but don't actually implement
** the call. This heuristic checks for that.
*/
errno = 0;
# if SAFENFSPATHCONF
# else /* SAFENFSPATHCONF */
# endif /* SAFENFSPATHCONF */
# else /* (!defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1) && ... */
# endif /* (!defined(_POSIX_CHOWN_RESTRICTED) || _POSIX_CHOWN_RESTRICTED != -1) && ... */
}
/*
** RESETLIMITS -- reset system controlled resource limits
**
** This is to avoid denial-of-service attacks
**
** Parameters:
** none
**
** Returns:
** none
*/
#if HASSETRLIMIT
# ifdef RLIMIT_NEEDS_SYS_TIME_H
# endif /* RLIMIT_NEEDS_SYS_TIME_H */
# include <sys/resource.h>
#endif /* HASSETRLIMIT */
void
{
#if HASSETRLIMIT
# ifdef RLIMIT_NOFILE
# endif /* RLIMIT_NOFILE */
#else /* HASSETRLIMIT */
# if HASULIMIT
# endif /* HASULIMIT */
#endif /* HASSETRLIMIT */
errno = 0;
}
/*
** SETVENDOR -- process vendor code from V configuration line
**
** Parameters:
** vendor -- string representation of vendor.
**
** Returns:
** true -- if ok.
** false -- if vendor code could not be processed.
**
** Side Effects:
** It is reasonable to set mode flags here to tweak
** processing in other parts of the code if necessary.
** For example, if you are a vendor that uses $%y to
** indicate YP lookups, you could enable that here.
*/
bool
char *vendor;
{
{
return true;
}
/* add vendor extensions here */
#ifdef SUN_EXTENSIONS
{
return true;
}
#endif /* SUN_EXTENSIONS */
#ifdef DEC
{
return true;
}
#endif /* DEC */
#if defined(VENDOR_NAME) && defined(VENDOR_CODE)
{
return true;
}
#endif /* defined(VENDOR_NAME) && defined(VENDOR_CODE) */
return false;
}
/*
** GETVENDOR -- return vendor name based on vendor code
**
** Parameters:
** vendorcode -- numeric representation of vendor.
**
** Returns:
** string containing vendor name.
*/
char *
int vendorcode;
{
#if defined(VENDOR_NAME) && defined(VENDOR_CODE)
/*
** Can't have the same switch case twice so need to
** handle VENDOR_CODE outside of switch. It might
** match one of the existing VENDOR_* codes.
*/
if (vendorcode == VENDOR_CODE)
return VENDOR_NAME;
#endif /* defined(VENDOR_NAME) && defined(VENDOR_CODE) */
switch (vendorcode)
{
case VENDOR_BERKELEY:
return "Berkeley";
case VENDOR_SUN:
return "Sun";
case VENDOR_HP:
return "HP";
case VENDOR_IBM:
return "IBM";
case VENDOR_SENDMAIL:
return "Sendmail";
default:
return "Unknown";
}
}
/*
** VENDOR_PRE_DEFAULTS, VENDOR_POST_DEFAULTS -- set vendor-specific defaults
**
** Vendor_pre_defaults is called before reading the configuration
** file; vendor_post_defaults is called immediately after.
**
** Parameters:
** e -- the global environment to initialize.
**
** Returns:
** none.
*/
#if SHARE_V1
int DefShareUid; /* default share uid to run as -- unused??? */
#endif /* SHARE_V1 */
void
ENVELOPE *e;
{
#if SHARE_V1
/* OTHERUID is defined in shares.h, do not be alarmed */
#endif /* SHARE_V1 */
#if defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES)
sun_pre_defaults(e);
#endif /* defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES) */
#ifdef apollo
/*
** /etc/mail/sendmail.cf without this
*/
#endif /* apollo */
}
void
ENVELOPE *e;
{
#ifdef __QNX__
char *p;
/* Makes sure the SOCK environment variable remains */
if (p = getextenv("SOCK"))
setuserenv("SOCK", p);
#endif /* __QNX__ */
#if defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES)
#endif /* defined(SUN_EXTENSIONS) && defined(SUN_DEFAULT_VALUES) */
}
/*
** VENDOR_DAEMON_SETUP -- special vendor setup needed for daemon mode
*/
void
ENVELOPE *e;
{
#if HASSETLOGIN
(void) setlogin(RunAsUserName);
#endif /* HASSETLOGIN */
#if SECUREWARE
if (getluid() != -1)
{
usrerr("Daemon cannot have LUID");
}
#endif /* SECUREWARE */
}
/*
** VENDOR_SET_UID -- do setup for setting a user id
**
** This is called when we are still root.
**
** Parameters:
** uid -- the uid we are about to become.
**
** Returns:
** none.
*/
void
{
/*
** We need to setup the share groups (lnodes)
** and add auditing information (luid's)
** before we loose our ``root''ness.
*/
#if SHARE_V1
syserr("Unable to set up shares");
#endif /* SHARE_V1 */
#if SECUREWARE
(void) setup_secure(uid);
#endif /* SECUREWARE */
}
/*
** VALIDATE_CONNECTION -- check connection for rationality
**
** If the connection is rejected, this routine should log an
** appropriate message -- but should never issue any SMTP protocol.
**
** Parameters:
** sap -- a pointer to a SOCKADDR naming the peer.
** hostname -- the name corresponding to sap.
** e -- the current envelope.
**
** Returns:
** error message from rejection.
** NULL if not rejected.
*/
#if TCPWRAPPERS
# include <tcpd.h>
/* tcpwrappers does no logging, but you still have to declare these -- ugh */
int allow_severity = LOG_INFO;
int deny_severity = LOG_NOTICE;
#endif /* TCPWRAPPERS */
char *
char *hostname;
ENVELOPE *e;
{
#if TCPWRAPPERS
char *host;
char *addr;
extern int hosts_ctl();
#endif /* TCPWRAPPERS */
sm_dprintf("validate_connection(%s, %s)\n",
connection_rate_check(sap, e);
{
extern char MsgBuf[];
sm_dprintf(" ... validate_connection: BAD (rscheck)\n");
else
return reject;
}
#if TCPWRAPPERS
host = "unknown";
else
# if NETINET6
addr += 5;
# endif /* NETINET6 */
{
sm_dprintf(" ... validate_connection: BAD (tcpwrappers)\n");
if (LogLevel > 3)
"tcpwrappers (%s, %s) rejection",
return "Access denied";
}
#endif /* TCPWRAPPERS */
sm_dprintf(" ... validate_connection: OK\n");
return NULL;
}
/*
** STRTOL -- convert string to long integer
**
** For systems that don't have it in the C library.
**
** This is taken verbatim from the 4.4-Lite C library.
*/
#if NEEDSTRTOL
# endif /* defined(LIBC_SCCS) && !defined(lint) */
/*
** Convert a string to a long integer.
**
** Ignores `locale' stuff. Assumes that the upper and lower case
** alphabets and digits are each contiguous.
*/
long
const char *nptr;
char **endptr;
register int base;
{
register const char *s = nptr;
register unsigned long acc;
register int c;
register unsigned long cutoff;
/*
** Skip white space and pick up leading +/- sign if any.
** If base is 0, allow 0x for hex and 0 for octal, else
** assume decimal; if base is already 16, allow 0x.
*/
do {
c = *s++;
} while (isspace(c));
if (c == '-') {
neg = 1;
c = *s++;
} else if (c == '+')
c = *s++;
c == '0' && (*s == 'x' || *s == 'X')) {
c = s[1];
s += 2;
base = 16;
}
if (base == 0)
/*
** Compute the cutoff value between legal numbers and illegal
** numbers. That is the largest legal value, divided by the
** base. An input number that is greater than this value, if
** followed by a legal input character, is too big. One that
** is equal to this value may be valid or not; the limit
** between valid and invalid numbers is then based on the last
** digit. For instance, if the range for longs is
** [-2147483648..2147483647] and the input base is 10,
** cutoff will be set to 214748364 and cutlim to either
** 7 (neg==0) or 8 (neg==1), meaning that if we have accumulated
** a value > 214748364, or equal but the next digit is > 7 (or 8),
** the number is too big, and we will return a range error.
**
** Set any if any `digits' consumed; make it negative to indicate
** overflow.
*/
if (isdigit(c))
c -= '0';
else if (isalpha(c))
else
break;
if (c >= base)
break;
any = -1;
else {
any = 1;
acc += c;
}
}
if (any < 0) {
} else if (neg)
if (endptr != 0)
return acc;
}
#endif /* NEEDSTRTOL */
/*
** STRSTR -- find first substring in string
**
** Parameters:
** big -- the big (full) string.
** little -- the little (sub) string.
**
** Returns:
** A pointer to the first instance of little in big.
** big if little is the null string.
** NULL if little is not contained in big.
*/
#if NEEDSTRSTR
char *
char *big;
char *little;
{
register char *p = big;
int l;
if (*little == '\0')
return big;
{
return p;
p++;
}
return NULL;
}
#endif /* NEEDSTRSTR */
/*
** SM_GETHOSTBY{NAME,ADDR} -- compatibility routines for gethostbyXXX
**
** Some operating systems have wierd problems with the gethostbyXXX
** routines. For example, Solaris versions at least through 2.3
** don't properly deliver a canonical h_name field. This tries to
** work around these problems.
**
** Support IPv6 as well as IPv4.
*/
#if NETINET6 && NEEDSGETIPNODE
# ifndef AI_DEFAULT
# define AI_DEFAULT 0 /* dummy */
# endif /* ! AI_DEFAULT */
# ifndef AI_ADDRCONFIG
# define AI_ADDRCONFIG 0 /* dummy */
# endif /* ! AI_ADDRCONFIG */
# ifndef AI_V4MAPPED
# define AI_V4MAPPED 0 /* dummy */
# endif /* ! AI_V4MAPPED */
# ifndef AI_ALL
# define AI_ALL 0 /* dummy */
# endif /* ! AI_ALL */
static struct hostent *
char *name;
int family;
int flags;
int *err;
{
bool resv6 = true;
struct hostent *h;
{
/* From RFC2133, section 6.1 */
}
SM_SET_H_ERRNO(0);
h = gethostbyname(name);
if (!resv6)
return h;
}
static struct hostent *
char *addr;
int len;
int family;
int *err;
{
struct hostent *h;
SM_SET_H_ERRNO(0);
return h;
}
void
freehostent(h)
struct hostent *h;
{
/*
** Stub routine -- if they don't have getipnodeby*(),
** they probably don't have the free routine either.
*/
return;
}
#endif /* NETINET6 && NEEDSGETIPNODE */
struct hostent *
char *name;
int family;
{
int save_errno;
#if (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4))
static char buf[1000];
extern struct hostent *_switch_gethostbyname_r();
save_errno = errno;
# else /* SOLARIS == 20300 || SOLARIS == 203 */
extern struct hostent *__switch_gethostbyname();
h = __switch_gethostbyname(name);
save_errno = errno;
# endif /* SOLARIS == 20300 || SOLARIS == 203 */
#else /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4)) */
int nmaps;
# if NETINET6
int err;
# endif /* NETINET6 */
char *maptype[MAXMAPSTACK];
short mapreturn[MAXMAPACTIONS];
# if NETINET6
# if ADDRCONFIG_IS_BROKEN
flags &= ~AI_ADDRCONFIG;
# endif /* ADDRCONFIG_IS_BROKEN */
# else /* NETINET6 */
h = gethostbyname(name);
# endif /* NETINET6 */
save_errno = errno;
if (h == NULL)
{
sm_dprintf("failure\n");
while (--nmaps >= 0)
{
break;
}
if (nmaps >= 0)
{
/* try short name */
{
errno = save_errno;
return NULL;
}
(void) shorten_hostname(hbuf);
/* if it hasn't been shortened, there's no point */
{
sm_dprintf("sm_gethostbyname(%s, %d)... ",
# if NETINET6
save_errno = errno;
# else /* NETINET6 */
h = gethostbyname(hbuf);
save_errno = errno;
# endif /* NETINET6 */
}
}
}
#endif /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) || (defined(sony_news) && defined(__svr4)) */
{
if (h == NULL)
sm_dprintf("failure\n");
else
{
{
#if NETINET6
char buf6[INET6_ADDRSTRLEN];
#else /* NETINET6 */
#endif /* NETINET6 */
size_t i;
i++)
sm_dprintf("\talias: %s\n",
h->h_aliases[i]);
for (i = 0; h->h_addr_list[i] != NULL; i++)
{
char *addr;
#if NETINET6
#else /* NETINET6 */
INADDRSZ);
#endif /* NETINET6 */
}
}
}
}
errno = save_errno;
return h;
}
struct hostent *
char *addr;
int len;
int type;
{
#if NETINET6
{
/* Avoid reverse lookup for IPv6 unspecified address */
return NULL;
}
#endif /* NETINET6 */
{
static char buf[1000];
extern struct hostent *_switch_gethostbyaddr_r();
}
# else /* SOLARIS == 20300 || SOLARIS == 203 */
{
extern struct hostent *__switch_gethostbyaddr();
}
# endif /* SOLARIS == 20300 || SOLARIS == 203 */
#else /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) */
# if NETINET6
{
int err;
}
# else /* NETINET6 */
# endif /* NETINET6 */
#endif /* (SOLARIS > 10000 && SOLARIS < 20400) || (defined(SOLARIS) && SOLARIS < 204) */
return hp;
}
/*
** SM_GETPW{NAM,UID} -- wrapper for getpwnam and getpwuid
*/
struct passwd *
char *user;
{
#ifdef _AIX4
extern struct passwd *_getpwnam_shadow(const char *, const int);
return _getpwnam_shadow(user, 0);
#else /* _AIX4 */
#endif /* _AIX4 */
}
struct passwd *
{
#if defined(_AIX4) && 0
extern struct passwd *_getpwuid_shadow(const int, const int);
return _getpwuid_shadow(uid,0);
#else /* defined(_AIX4) && 0 */
#endif /* defined(_AIX4) && 0 */
}
/*
** SECUREWARE_SETUP_SECURE -- Convex SecureWare setup
**
** Set up the trusted computing environment for C2 level security
** under SecureWare.
**
** Parameters:
** uid -- uid of the user to initialize in the TCB
**
** Returns:
** none
**
** Side Effects:
** Initialized the user in the trusted computing base
*/
#if SECUREWARE
# include <sys/security.h>
# include <prot.h>
void
{
int rc;
if (getluid() != -1)
return;
{
switch (rc)
{
case SSI_NO_PRPW_ENTRY:
syserr("No protected passwd entry, uid = %d",
(int) uid);
break;
case SSI_LOCKED:
syserr("Account has been disabled, uid = %d",
(int) uid);
break;
case SSI_RETIRED:
syserr("Account has been retired, uid = %d",
(int) uid);
break;
case SSI_BAD_SET_LUID:
break;
case SSI_BAD_SET_PRIVS:
syserr("Could not set kernel privs, uid = %d",
(int) uid);
default:
syserr("Unknown return code (%d) from set_secure_info(%d)",
break;
}
}
}
#endif /* SECUREWARE */
/*
** ADD_HOSTNAMES -- Add a hostname to class 'w' based on IP address
**
** Add hostnames to class 'w' based on the IP address read from
** the network interface.
**
** Parameters:
** sa -- a pointer to a SOCKADDR containing the address
**
** Returns:
** 0 if successful, -1 if host lookup fails.
*/
static int
{
char **ha;
char hnb[MAXHOSTNAMELEN];
/* lookup name with IP address */
{
#if NETINET
case AF_INET:
break;
#endif /* NETINET */
#if NETINET6
case AF_INET6:
break;
#endif /* NETINET6 */
default:
/* Give warning about unsupported family */
if (LogLevel > 3)
"Unsupported address family %d: %.100s",
return -1;
}
{
int save_errno = errno;
if (LogLevel > 3 &&
#if NETINET6
#endif /* NETINET6 */
true)
"gethostbyaddr(%.100s) failed: %d",
#if NAMED_BIND
#else /* NAMED_BIND */
-1
#endif /* NAMED_BIND */
);
errno = save_errno;
return -1;
}
/* save its cname */
{
if (tTd(0, 4))
}
else
{
if (tTd(0, 43))
}
/* save all it aliases name */
{
{
if (tTd(0, 4))
}
else
{
if (tTd(0, 43))
sm_dprintf("\ta.k.a.: %s (already in $=w)\n",
*ha);
}
}
#if NETINET6
#endif /* NETINET6 */
return 0;
}
/*
** LOAD_IF_NAMES -- load interface-specific names into $=w
**
** Parameters:
** none.
**
** Returns:
** none.
**
** Side Effects:
** Loads $=w with the names of all the interfaces.
*/
#if !NETINET
#endif /* !NETINET */
#if defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN
struct rtentry;
struct mbuf;
# ifndef SUNOS403
# endif /* ! SUNOS403 */
# endif /* (_AIX4 >= 40300) && !defined(_NET_IF_H) */
#endif /* defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN */
void
{
# if NETINET6 && defined(SIOCGLIFCONF)
# ifdef __hpux
/*
** Unfortunately, HP has changed all of the structures,
** making life difficult for implementors.
*/
# define lifconf if_laddrconf
# define lifreq if_laddrreq
# define lifr_flags iflr_flags
# endif /* __hpux */
int s;
int i;
int numifs;
char *buf;
# ifdef SIOCGLIFNUM
# endif /* SIOCGLIFNUM */
if (s == -1)
return;
/* get the list of known IP address from the kernel */
# ifdef __hpux
# endif /* __hpux */
# ifdef SIOCGLIFNUM
lifn.lifn_flags = 0;
# endif /* SIOCGLIFNUM */
# if defined(__hpux) || defined(SIOCGLIFNUM)
if (i < 0)
{
/* can't get number of interfaces -- fall back */
if (tTd(0, 4))
sm_dprintf("SIOCGLIFNUM failed: %s\n",
numifs = -1;
}
else if (tTd(0, 42))
if (numifs < 0)
# endif /* defined(__hpux) || defined(SIOCGLIFNUM) */
if (numifs <= 0)
{
(void) close(s);
return;
}
# ifndef __hpux
lifc.lifc_flags = 0;
# endif /* ! __hpux */
{
if (tTd(0, 4))
sm_dprintf("SIOCGLIFCONF failed: %s\n",
(void) close(s);
return;
}
/* scan the list of IP address */
if (tTd(0, 40))
sm_dprintf("scanning for interface specific names, lifc_len=%ld\n",
(long) len);
for (i = 0; i < len && i >= 0; )
{
int flags;
char *addr;
char *name;
# ifdef SIOCGLIFFLAGS
# endif /* SIOCGLIFFLAGS */
char ip_addr[256];
char buf6[INET6_ADDRSTRLEN];
/*
** We must close and recreate the socket each time
** since we don't know what type of socket it is now
** (each status function may change it).
*/
(void) close(s);
if (s == -1)
{
return;
}
/*
** If we don't have a complete ifr structure,
** don't try to use it.
*/
break;
# ifdef BSD4_4_SOCKADDR
else
# endif /* BSD4_4_SOCKADDR */
# ifdef DEC
/* fix for IPv6 size differences */
# else /* DEC */
i += sizeof *ifr;
# endif /* DEC */
if (tTd(0, 20))
continue;
# ifdef SIOCGLIFFLAGS
{
if (tTd(0, 4))
sm_dprintf("SIOCGLIFFLAGS failed: %s\n",
continue;
}
if (tTd(0, 41))
continue;
# endif /* SIOCGLIFFLAGS */
ip_addr[0] = '\0';
/* extract IP address from the list*/
switch (af)
{
case AF_INET6:
# ifdef __KAME__
/* convert into proper scoped address */
{
}
# endif /* __KAME__ */
if (IN6_IS_ADDR_UNSPECIFIED(&ia6))
{
message("WARNING: interface %s is UP with %s address",
continue;
}
/* save IP address in text from */
"[%.*s]",
(int) sizeof ip_addr - 3,
addr);
break;
case AF_INET:
{
message("WARNING: interface %s is UP with %s address",
continue;
}
/* save IP address in text from */
break;
}
if (*ip_addr == '\0')
continue;
{
if (tTd(0, 4))
}
# ifdef SIOCGLIFFLAGS
/* skip "loopback" interface "lo" */
if (DontProbeInterfaces == DPI_SKIPLOOPBACK &&
continue;
# endif /* SIOCGLIFFLAGS */
(void) add_hostnames(sa);
}
(void) close(s);
# else /* NETINET6 && defined(SIOCGLIFCONF) */
# if defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN
int s;
int i;
int numifs;
if (s == -1)
return;
/* get the list of known IP address from the kernel */
# if defined(SIOCGIFNUM) && !SIOCGIFNUM_IS_BROKEN
{
/* can't get number of interfaces -- fall back */
if (tTd(0, 4))
sm_dprintf("SIOCGIFNUM failed: %s\n",
numifs = -1;
}
else if (tTd(0, 42))
if (numifs < 0)
# endif /* defined(SIOCGIFNUM) && !SIOCGIFNUM_IS_BROKEN */
if (numifs <= 0)
{
(void) close(s);
return;
}
{
if (tTd(0, 4))
sm_dprintf("SIOCGIFCONF failed: %s\n",
(void) close(s);
return;
}
/* scan the list of IP address */
if (tTd(0, 40))
sm_dprintf("scanning for interface specific names, ifc_len=%d\n",
{
int af;
# if NETINET6
char *addr;
# endif /* NETINET6 */
# ifdef SIOCGIFFLAGS
# endif /* SIOCGIFFLAGS */
char ip_addr[256];
# if NETINET6
char buf6[INET6_ADDRSTRLEN];
# endif /* NETINET6 */
/*
** If we don't have a complete ifr structure,
** don't try to use it.
*/
break;
# ifdef BSD4_4_SOCKADDR
else
# endif /* BSD4_4_SOCKADDR */
i += sizeof *ifr;
if (tTd(0, 20))
# if NETINET6
# endif /* NETINET6 */
)
continue;
# ifdef SIOCGIFFLAGS
if (tTd(0, 41))
sm_dprintf("\tflags: %lx\n",
# else /* SIOCGIFFLAGS */
# endif /* SIOCGIFFLAGS */
continue;
ip_addr[0] = '\0';
/* extract IP address from the list*/
switch (af)
{
case AF_INET:
{
message("WARNING: interface %s is UP with %s address",
continue;
}
/* save IP address in text from */
(int) sizeof ip_addr - 3,
break;
# if NETINET6
case AF_INET6:
# ifdef __KAME__
/* convert into proper scoped address */
{
}
# endif /* __KAME__ */
if (IN6_IS_ADDR_UNSPECIFIED(&ia6))
{
message("WARNING: interface %s is UP with %s address",
continue;
}
/* save IP address in text from */
"[%.*s]",
(int) sizeof ip_addr - 3,
addr);
break;
# endif /* NETINET6 */
}
if (ip_addr[0] == '\0')
continue;
{
if (tTd(0, 4))
}
/* skip "loopback" interface "lo" */
if (DontProbeInterfaces == DPI_SKIPLOOPBACK &&
continue;
(void) add_hostnames(sa);
}
(void) close(s);
# endif /* defined(SIOCGIFCONF) && !SIOCGIFCONF_IS_BROKEN */
# endif /* NETINET6 && defined(SIOCGLIFCONF) */
}
/*
** ISLOOPBACK -- is socket address in the loopback net?
**
** Parameters:
** sa -- socket address.
**
** Returns:
** true -- is socket address in the loopback net?
** false -- otherwise
**
*/
bool
{
#if NETINET6
return true;
#else /* NETINET6 */
/* XXX how to correctly extract IN_LOOPBACKNET part? */
>> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET)
return true;
#endif /* NETINET6 */
return false;
}
/*
** GET_NUM_PROCS_ONLINE -- return the number of processors currently online
**
** Parameters:
** none.
**
** Returns:
** The number of processors online.
*/
static int
{
int nproc = 0;
#ifdef USESYSCTL
int mib[2];
# endif /* defined(CTL_HW) && defined(HW_NCPU) */
#else /* USESYSCTL */
# ifdef _SC_NPROCESSORS_ONLN
# else /* _SC_NPROCESSORS_ONLN */
# ifdef __hpux
struct pst_dynamic psd;
# endif /* __hpux */
# endif /* _SC_NPROCESSORS_ONLN */
#endif /* USESYSCTL */
if (nproc <= 0)
nproc = 1;
return nproc;
}
/*
** SM_CLOSEFROM -- close file descriptors
**
** Parameters:
** lowest -- first fd to close
** highest -- last fd + 1 to close
**
** Returns:
** none
*/
void
{
#if HASCLOSEFROM
#else /* HASCLOSEFROM */
int i;
(void) close(i);
#endif /* HASCLOSEFROM */
}
#if HASFDWALK
/*
** CLOSEFD_WALK -- walk fd's arranging to close them
** Callback for fdwalk()
**
** Parameters:
** lowest -- first fd to arrange to be closed
** fd -- fd to arrange to be closed
**
** Returns:
** zero
*/
static int
void *lowest;
int fd;
{
return 0;
}
#endif /* HASFDWALK */
/*
** SM_CLOSE_ON_EXEC -- arrange for file descriptors to be closed
**
** Parameters:
** lowest -- first fd to arrange to be closed
** highest -- last fd + 1 to arrange to be closed
**
** Returns:
** none
*/
void
{
#if HASFDWALK
#else /* HASFDWALK */
int i, j;
{
}
#endif /* HASFDWALK */
}
/*
** SEED_RANDOM -- seed the random number generator
**
** Parameters:
** none
**
** Returns:
** none
*/
void
{
#if HASSRANDOMDEV
srandomdev();
#else /* HASSRANDOMDEV */
long seed;
struct timeval t;
seed = (long) CurrentPid;
if (gettimeofday(&t, NULL) >= 0)
# if HASRANDOM
# else /* HASRANDOM */
# endif /* HASRANDOM */
#endif /* HASSRANDOMDEV */
}
/*
** SM_SYSLOG -- syslog wrapper to keep messages under SYSLOG_BUFSIZE
**
** Parameters:
** level -- syslog level
** id -- envelope ID or NULL (NOQUEUE)
** fmt -- format string
** arg... -- arguments as implied by fmt.
**
** Returns:
** none
*/
/* VARARGS3 */
void
#ifdef __STDC__
#else /* __STDC__ */
int level;
const char *id;
const char *fmt;
#endif /* __STDC__ */
{
int save_errno;
int seq = 1;
int idlen;
char *newstring;
extern int SyslogPrefixLen;
save_errno = errno;
{
id = "NOQUEUE";
}
{
id = "";
}
else
{
}
for (;;)
{
int n;
/* print log message into buf */
SM_ASSERT(n > 0);
if (n < bufsize)
break;
/* String too small, redo with correct size */
bufsize = n + 1;
{
}
}
/* clean up buf after it has been expanded with args */
{
#if LOG
if (*id == '\0')
else
#else /* LOG */
/*XXX should do something more sensible */
if (*id == '\0')
else
#endif /* LOG */
errno = save_errno;
return;
}
/*
** additional length for splitting: " ..." + 3, where 3 is magic to
** have some data for the next entry.
*/
#define SL_SPLIT 7
while (*begin != '\0' &&
{
char save;
if (seq >= 999)
{
/* Too many messages */
break;
}
{
/* Break on comma or space */
{
end++; /* Include separator */
break;
}
end--;
}
/* No separator, break midstring... */
*end = 0;
#if LOG
#else /* LOG */
#endif /* LOG */
}
if (seq >= 999)
#if LOG
#else /* LOG */
#endif /* LOG */
else if (*begin != '\0')
#if LOG
#else /* LOG */
#endif /* LOG */
errno = save_errno;
}
/*
** HARD_SYSLOG -- call syslog repeatedly until it works
**
** Needed on HP-UX, which apparently doesn't guarantee that
** syslog succeeds during interrupt handlers.
*/
# define MAXSYSLOGTRIES 100
# ifdef V4FS
# define XCNST const
# define CAST (const char *)
# else /* V4FS */
# define XCNST
# define CAST
# endif /* V4FS */
void
# ifdef __STDC__
# else /* __STDC__ */
int pri;
# endif /* __STDC__ */
{
int i;
char buf[SYSLOG_BUFSIZE];
continue;
}
#endif /* defined(__hpux) && !defined(HPUX11) */
/*
** LOCAL_HOSTNAME_LENGTH
**
** This is required to get sendmail to compile against BIND 4.9.x
** on Ultrix.
**
** Unfortunately, a Compaq Y2K patch kit provides it without
** figure out whether it is needed.
*/
int
char *hostname;
{
res_init();
if (len_host > len_domain &&
else
return 0;
}
#endif /* NEEDLOCAL_HOSTNAME_LENGTH */
#if NEEDLINK
/*
** LINK -- clone a file
**
** Some OS's lacks link() and hard links. Since sendmail is using
** link() as an efficient way to clone files, this implementation
** will simply do a file copy.
**
** NOTE: This link() replacement is not a generic replacement as it
** does not handle all of the semantics of the real link(2).
**
** Parameters:
** source -- pathname of existing file.
** target -- pathname of link (clone) to be created.
**
** Returns:
** 0 -- success.
** -1 -- failure, see errno for details.
*/
int
const char *source;
const char *target;
{
int save_errno;
int sff;
if (DontLockReadFiles)
sff |= SFF_NOLOCK;
/* Open the original file */
if (src < 0)
goto fail;
/* Obtain the size and the mode */
goto fail;
/* Create the duplicate copy */
sff &= ~SFF_NOLOCK;
if (dst < 0)
goto fail;
/* Copy all of the bytes one buffer at a time */
{
char *p = buf;
while (left > 0 &&
{
p += writelen;
}
if (writelen < 0)
break;
}
/* Any trouble reading? */
goto fail;
/* Close the input file */
{
src = -1;
goto fail;
}
src = -1;
/* Close the output file */
{
/* don't set dst = -1 here so we unlink the file */
goto fail;
}
/* Success */
return 0;
fail:
save_errno = errno;
if (src >= 0)
if (dst >= 0)
{
}
errno = save_errno;
return -1;
}
#endif /* NEEDLINK */
/*
** Compile-Time options
*/
char *CompileOptions[] =
{
#if ALLOW_255
"ALLOW_255",
#endif /* ALLOW_255 */
#if NAMED_BIND
# if DNSMAP
"DNSMAP",
# endif /* DNSMAP */
#endif /* NAMED_BIND */
#if EGD
"EGD",
#endif /* EGD */
#if HESIOD
"HESIOD",
#endif /* HESIOD */
#if HES_GETMAILHOST
"HES_GETMAILHOST",
#endif /* HES_GETMAILHOST */
#if LDAPMAP
"LDAPMAP",
#endif /* LDAPMAP */
#if LDAP_REFERRALS
"LDAP_REFERRALS",
#endif /* LDAP_REFERRALS */
#if LOG
"LOG",
#endif /* LOG */
#if MAP_NSD
"MAP_NSD",
#endif /* MAP_NSD */
#if MAP_REGEX
"MAP_REGEX",
#endif /* MAP_REGEX */
#if MATCHGECOS
"MATCHGECOS",
#endif /* MATCHGECOS */
#if MILTER
"MILTER",
#endif /* MILTER */
#if MIME7TO8
"MIME7TO8",
#endif /* MIME7TO8 */
#if MIME7TO8_OLD
"MIME7TO8_OLD",
#endif /* MIME7TO8_OLD */
#if MIME8TO7
"MIME8TO7",
#endif /* MIME8TO7 */
#if NAMED_BIND
"NAMED_BIND",
#endif /* NAMED_BIND */
#if NDBM
"NDBM",
#endif /* NDBM */
#if NETINET
"NETINET",
#endif /* NETINET */
#if NETINET6
"NETINET6",
#endif /* NETINET6 */
#if NETINFO
"NETINFO",
#endif /* NETINFO */
#if NETISO
"NETISO",
#endif /* NETISO */
#if NETNS
"NETNS",
#endif /* NETNS */
#if NETUNIX
"NETUNIX",
#endif /* NETUNIX */
#if NETX25
"NETX25",
#endif /* NETX25 */
#if NEWDB
"NEWDB",
#endif /* NEWDB */
#if NIS
"NIS",
#endif /* NIS */
#if NISPLUS
"NISPLUS",
#endif /* NISPLUS */
#if NO_DH
"NO_DH",
#endif /* NO_DH */
#if PH_MAP
"PH_MAP",
#endif /* PH_MAP */
#ifdef PICKY_HELO_CHECK
"PICKY_HELO_CHECK",
#endif /* PICKY_HELO_CHECK */
#if PIPELINING
"PIPELINING",
#endif /* PIPELINING */
#if SASL
# if SASL >= 20000
"SASLv2",
# else /* SASL >= 20000 */
"SASL",
# endif /* SASL >= 20000 */
#endif /* SASL */
#if SCANF
"SCANF",
#endif /* SCANF */
#if SMTPDEBUG
"SMTPDEBUG",
#endif /* SMTPDEBUG */
#if SOCKETMAP
"SOCKETMAP",
#endif /* SOCKETMAP */
#if STARTTLS
"STARTTLS",
#endif /* STARTTLS */
"SUID_ROOT_FILES_OK",
#endif /* SUID_ROOT_FILES_OK */
#if TCPWRAPPERS
"TCPWRAPPERS",
#endif /* TCPWRAPPERS */
#if TLS_NO_RSA
"TLS_NO_RSA",
#endif /* TLS_NO_RSA */
#if TLS_VRFY_PER_CTX
"TLS_VRFY_PER_CTX",
#endif /* TLS_VRFY_PER_CTX */
#if USERDB
"USERDB",
#endif /* USERDB */
#if USE_LDAP_INIT
"USE_LDAP_INIT",
#endif /* USE_LDAP_INIT */
#if USE_TTYPATH
"USE_TTYPATH",
#endif /* USE_TTYPATH */
#if XDEBUG
"XDEBUG",
#endif /* XDEBUG */
#if XLA
"XLA",
#endif /* XLA */
};
/*
** OS compile options.
*/
char *OsCompileOptions[] =
{
"ADDRCONFIG_IS_BROKEN",
#endif /* ADDRCONFIG_IS_BROKEN */
#ifdef AUTO_NETINFO_HOSTS
"AUTO_NETINFO_HOSTS",
#endif /* AUTO_NETINFO_HOSTS */
#ifdef AUTO_NIS_ALIASES
"AUTO_NIS_ALIASES",
#endif /* AUTO_NIS_ALIASES */
"BROKEN_RES_SEARCH",
#endif /* BROKEN_RES_SEARCH */
#ifdef BSD4_4_SOCKADDR
"BSD4_4_SOCKADDR",
#endif /* BSD4_4_SOCKADDR */
#if BOGUS_O_EXCL
"BOGUS_O_EXCL",
#endif /* BOGUS_O_EXCL */
"DEC_OSF_BROKEN_GETPWENT",
#endif /* DEC_OSF_BROKEN_GETPWENT */
#if FAST_PID_RECYCLE
"FAST_PID_RECYCLE",
#endif /* FAST_PID_RECYCLE */
#if HASCLOSEFROM
"HASCLOSEFROM",
#endif /* HASCLOSEFROM */
#if HASFCHOWN
"HASFCHOWN",
#endif /* HASFCHOWN */
#if HASFCHMOD
"HASFCHMOD",
#endif /* HASFCHMOD */
#if HASFDWALK
"HASFDWALK",
#endif /* HASFDWALK */
#if HASFLOCK
"HASFLOCK",
#endif /* HASFLOCK */
#if HASGETDTABLESIZE
"HASGETDTABLESIZE",
#endif /* HASGETDTABLESIZE */
#if HASGETUSERSHELL
"HASGETUSERSHELL",
#endif /* HASGETUSERSHELL */
#if HASINITGROUPS
"HASINITGROUPS",
#endif /* HASINITGROUPS */
"HASLDAPGETALIASBYNAME",
#endif /* HASLDAPGETALIASBYNAME */
#if HASLSTAT
"HASLSTAT",
#endif /* HASLSTAT */
#if HASNICE
"HASNICE",
#endif /* HASNICE */
#if HASRANDOM
"HASRANDOM",
#endif /* HASRANDOM */
#if HASRRESVPORT
"HASRRESVPORT",
#endif /* HASRRESVPORT */
#if HASSETEGID
"HASSETEGID",
#endif /* HASSETEGID */
#if HASSETLOGIN
"HASSETLOGIN",
#endif /* HASSETLOGIN */
#if HASSETREGID
"HASSETREGID",
#endif /* HASSETREGID */
#if HASSETRESGID
"HASSETRESGID",
#endif /* HASSETRESGID */
#if HASSETREUID
"HASSETREUID",
#endif /* HASSETREUID */
#if HASSETRLIMIT
"HASSETRLIMIT",
#endif /* HASSETRLIMIT */
#if HASSETSID
"HASSETSID",
#endif /* HASSETSID */
"HASSETUSERCONTEXT",
#endif /* HASSETUSERCONTEXT */
#if HASSETVBUF
"HASSETVBUF",
#endif /* HASSETVBUF */
#if HAS_ST_GEN
"HAS_ST_GEN",
#endif /* HAS_ST_GEN */
#if HASSRANDOMDEV
"HASSRANDOMDEV",
#endif /* HASSRANDOMDEV */
#if HASURANDOMDEV
"HASURANDOMDEV",
#endif /* HASURANDOMDEV */
#if HASSTRERROR
"HASSTRERROR",
#endif /* HASSTRERROR */
#if HASULIMIT
"HASULIMIT",
#endif /* HASULIMIT */
#if HASUNAME
"HASUNAME",
#endif /* HASUNAME */
#if HASUNSETENV
"HASUNSETENV",
#endif /* HASUNSETENV */
#if HASWAITPID
"HASWAITPID",
#endif /* HASWAITPID */
#if IDENTPROTO
"IDENTPROTO",
#endif /* IDENTPROTO */
#if IP_SRCROUTE
"IP_SRCROUTE",
#endif /* IP_SRCROUTE */
"LOCK_ON_OPEN",
#endif /* O_EXLOCK && HASFLOCK && !BOGUS_O_EXCL */
#if NEEDFSYNC
"NEEDFSYNC",
#endif /* NEEDFSYNC */
#if NEEDLINK
"NEEDLINK",
#endif /* NEEDLINK */
"NEEDLOCAL_HOSTNAME_LENGTH",
#endif /* NEEDLOCAL_HOSTNAME_LENGTH */
#if NEEDSGETIPNODE
"NEEDSGETIPNODE",
#endif /* NEEDSGETIPNODE */
#if NEEDSTRSTR
"NEEDSTRSTR",
#endif /* NEEDSTRSTR */
#if NEEDSTRTOL
"NEEDSTRTOL",
#endif /* NEEDSTRTOL */
#ifdef NO_GETSERVBYNAME
"NO_GETSERVBYNAME",
#endif /* NO_GETSERVBYNAME */
#if NOFTRUNCATE
"NOFTRUNCATE",
#endif /* NOFTRUNCATE */
"REQUIRES_DIR_FSYNC",
#endif /* REQUIRES_DIR_FSYNC */
"RLIMIT_NEEDS_SYS_TIME_H",
#endif /* RLIMIT_NEEDS_SYS_TIME_H */
#if SAFENFSPATHCONF
"SAFENFSPATHCONF",
#endif /* SAFENFSPATHCONF */
#if SECUREWARE
"SECUREWARE",
#endif /* SECUREWARE */
#if SHARE_V1
"SHARE_V1",
#endif /* SHARE_V1 */
"SIOCGIFCONF_IS_BROKEN",
#endif /* SIOCGIFCONF_IS_BROKEN */
"SIOCGIFNUM_IS_BROKEN",
#endif /* SIOCGIFNUM_IS_BROKEN */
"SNPRINTF_IS_BROKEN",
#endif /* SNPRINTF_IS_BROKEN */
"SO_REUSEADDR_IS_BROKEN",
#endif /* SO_REUSEADDR_IS_BROKEN */
#if SYS5SETPGRP
"SYS5SETPGRP",
#endif /* SYS5SETPGRP */
#if SYSTEM5
"SYSTEM5",
#endif /* SYSTEM5 */
#if USE_DOUBLE_FORK
"USE_DOUBLE_FORK",
#endif /* USE_DOUBLE_FORK */
#if USE_ENVIRON
"USE_ENVIRON",
#endif /* USE_ENVIRON */
#if USE_SA_SIGACTION
"USE_SA_SIGACTION",
#endif /* USE_SA_SIGACTION */
#if USE_SIGLONGJMP
"USE_SIGLONGJMP",
#endif /* USE_SIGLONGJMP */
#if USEGETCONFATTR
"USEGETCONFATTR",
#endif /* USEGETCONFATTR */
#if USESETEUID
"USESETEUID",
#endif /* USESETEUID */
#ifdef USESYSCTL
"USESYSCTL",
#endif /* USESYSCTL */
"USING_NETSCAPE_LDAP",
#endif /* USING_NETSCAPE_LDAP */
#ifdef WAITUNION
"WAITUNION",
#endif /* WAITUNION */
};
/*
** FFR compile options.
*/
char *FFRCompileOptions[] =
{
/* DefaultAuthInfo can be specified by user. */
/* DefaultAuthInfo doesn't really work in 8.13 anymore. */
"_FFR_ALLOW_SASLINFO",
#endif /* _FFR_ALLOW_SASLINFO */
/* Better truncation of list of MX records for dns map. */
"_FFR_BESTMX_BETTER_TRUNCATION",
#endif /* _FFR_BESTMX_BETTER_TRUNCATION */
/*
** Try to deal with open HTTP proxies that are used to send spam
** by recognizing some commands from them.
*/
"_FFR_BLOCK_PROXIES",
#endif /* _FFR_BLOCK_PROXIES */
/* Deal with MTAs that send a reply during the DATA phase. */
"_FFR_CATCH_BROKEN_MTAS",
#endif /* _FFR_CATCH_BROKEN_MTAS */
#if _FFR_CHECK_EOM
/* Enable check_eom ruleset */
"_FFR_CHECK_EOM",
#endif /* _FFR_CHECK_EOM */
#if _FFR_CHK_QUEUE
/* Stricter checks about queue directory permissions. */
"_FFR_CHK_QUEUE",
#endif /* _FFR_CHK_QUEUE */
#if _FFR_CLIENT_SIZE
/* Don't try to send mail if its size exceeds SIZE= of server. */
"_FFR_CLIENT_SIZE",
#endif /* _FFR_CLIENT_SIZE */
/* Extended daemon status. */
"_FFR_CONTROL_MSTAT",
#endif /* _FFR_CONTROL_MSTAT */
#if _FFR_CRLPATH
/* CRLPath; needs documentation; Al Smith */
"_FFR_CRLPATH",
#endif /* _FFR_CRLPATH */
/* Allow local (not just TCP) socket connection to server. */
"_FFR_DAEMON_NETUNIX",
#endif /* _FFR_DAEMON_NETUNIX */
/* What it says :-) */
"_FFR_DEPRECATE_MAILER_FLAG_I",
#endif /* _FFR_DEPRECATE_MAILER_FLAG_I */
/* Problem noted by Anne Bennett of Concordia University */
"_FFR_DIGUNIX_SAFECHOWN",
#endif /* _FFR_DIGUNIX_SAFECHOWN */
/* DeliveryMode per DaemonPortOptions: 'D' */
"_FFR_DM_PER_DAEMON",
#endif /* _FFR_DM_PER_DAEMON */
/* Allow dns map type to be used for aliases. */
/* Don Lewis of TDK */
"_FFR_DNSMAP_ALIASABLE",
#endif /* _FFR_DNSMAP_ALIASABLE */
#if _FFR_DNSMAP_BASE
/* Specify a "base" domain for DNS lookups. */
"_FFR_DNSMAP_BASE",
#endif /* _FFR_DNSMAP_BASE */
/* Allow multiple return values for DNS map. */
"_FFR_DNSMAP_MULTI",
/* Limit number of return values for DNS map. */
"_FFR_DNSMAP_MULTILIMIT",
# endif /* _FFR_DNSMAP_MULTILIMIT */
#endif /* _FFR_DNSMAP_MULTI */
/* Enable DontLockFilesForRead option. */
"_FFR_DONTLOCKFILESFORREAD_OPTION",
#endif /* _FFR_DONTLOCKFILESFORREAD_OPTION */
/* Allow usernames with '.' */
"_FFR_DOTTED_USERNAMES",
#endif /* _FFR_DOTTED_USERNAMES */
/*
** Don't issue this warning:
** "readcf: option TrustedUser may cause problems on systems
** which do not support fchown() if UseMSP is not set.
*/
"_FFR_DROP_TRUSTUSER_WARNING",
#endif /* _FFR_DROP_TRUSTUSER_WARNING */
/* perform extra checks on $( $) in R lines */
"_FFR_EXTRA_MAP_CHECK",
#endif /* _FFR_EXTRA_MAP_CHECK */
#if _FFR_FIX_DASHT
/*
** If using -t, force not sending to argv recipients, even
** if they are mentioned in the headers.
*/
"_FFR_FIX_DASHT",
#endif /* _FFR_FIX_DASHT */
/* Cause a "syserr" if forward file isn't "safe". */
"_FFR_FORWARD_SYSERR",
#endif /* _FFR_FORWARD_SYSERR */
#if _FFR_GEN_ORCPT
/* Generate a ORCPT DSN arg if not already provided */
"_FFR_GEN_ORCPT",
#endif /* _FFR_GEN_ORCPT */
/* log time for greet_pause delay; from Nik Clayton */
"_FFR_LOG_GREET_PAUSE",
#endif /* _FFR_LOG_GREET_PAUSE */
/* Allow group readable DefaultAuthInfo file. */
"_FFR_GROUPREADABLEAUTHINFOFILE",
#endif /* _FFR_GROUPREADABLEAUTHINFOFILE */
/*
** Allow ISO 8859 characters in GECOS field: replace them
** ith ASCII "equivalent".
*/
/* Peter Eriksson of Linkopings universitet */
"_FFR_HANDLE_ISO8859_GECOS",
#endif /* _FFR_HANDLE_ISO8859_GECOS */
#if _FFR_HDR_TYPE
/* Set 'h' in {addr_type} for headers. */
"_FFR_HDR_TYPE",
#endif /* _FFR_HDR_TYPE */
#if _FFR_HELONAME
/* option to set heloname; Nik Clayton of FreeBSD */
"_FFR_HELONAME",
#endif /* _FFR_HELONAME */
/* Use nsswitch on HP-UX */
"_FFR_HPUX_NSSWITCH",
#endif /* _FFR_HPUX_NSSWITCH */
/* Ignore addresses for which prescan() failed */
"_FFR_IGNORE_BOGUS_ADDR",
#endif /* _FFR_IGNORE_BOGUS_ADDR */
/* Ignore extensions offered in response to HELO */
"_FFR_IGNORE_EXT_ON_HELO",
#endif /* _FFR_IGNORE_EXT_ON_HELO */
#if _FFR_MAXDATASIZE
/*
** It is possible that a header is larger than MILTER_CHUNK_SIZE,
** hence this shouldn't be used as limit for milter communication.
** Gurusamy Sarathy of ActiveState
*/
"_FFR_MAXDATASIZE",
#endif /* _FFR_MAXDATASIZE */
/* Try to limit number of .forward entries */
/* (doesn't work) */
/* Randall S. Winchester of the University of Maryland */
"_FFR_MAX_FORWARD_ENTRIES",
#endif /* _FFR_MAX_FORWARD_ENTRIES */
"_FFR_MAX_SLEEP_TIME",
#endif /* _FFR_MAX_SLEEP_TIME */
/* milter: turn off Nagle ("cork" on Linux) */
/* John Gardiner Myers of Proofpoint */
"_FFR_MILTER_NAGLE ",
#endif /* _FFR_MILTER_NAGLE */
/* milter: no response expected when sending headers */
/* John Gardiner Myers of Proofpoint */
"_FFR_MILTER_NOHDR_RESP",
#endif /* _FFR_MILTER_NOHDR_RESP */
/* Old mime7to8 code, the new is broken for at least one example. */
"_FFR_MIME7TO8_OLD",
#endif /* _FFR_MAX_SLEEP_TIME */
/* Do not issue a DELAY DSN for mailers that use the hold flag. */
/* Steven Pitzl */
"_FFR_NODELAYDSN_ON_HOLD",
#endif /* _FFR_NODELAYDSN_ON_HOLD */
#if _FFR_NO_PIPE
/* Disable PIPELINING, delay client if used. */
"_FFR_NO_PIPE",
#endif /* _FFR_NO_PIPE */
#if _FFR_LOG_NTRIES
/* log ntries=, from Nik Clayton of FreeBSD */
"_FFR_LOG_NTRIES",
#endif /* _FFR_LOG_NTRIES */
/*
** PrivacyOptions=noactualrecipient stops sendmail from putting
** X-Actual-Recipient lines in DSNs revealing the actual
** account that addresses map to. Patch from Dan Harkless.
*/
"_FFR_PRIV_NOACTUALRECIPIENT",
#endif /* _FFR_PRIV_NOACTUALRECIPIENT */
#if _FFR_QUEUEDELAY
/* Exponential queue delay; disabled in 8.13 since it isn't used. */
"_FFR_QUEUEDELAY",
#endif /* _FFR_QUEUEDELAY */
/* Allow QueueSortOrder per queue group. */
/* XXX: Still need to actually use qgrp->qg_sortorder */
"_FFR_QUEUE_GROUP_SORTORDER",
#endif /* _FFR_QUEUE_GROUP_SORTORDER */
#if _FFR_QUEUE_MACRO
/* Define {queue} macro. */
"_FFR_QUEUE_MACRO",
#endif /* _FFR_QUEUE_MACRO */
/* Additional checks when doing queue runs. */
"_FFR_QUEUE_RUN_PARANOIA",
#endif /* _FFR_QUEUE_RUN_PARANOIA */
/* Debug output for the queue scheduler. */
"_FFR_QUEUE_SCHED_DBG",
#endif /* _FFR_QUEUE_SCHED_DBG */
/*
** envelope <> can't be sent to mailing lists, only owner-
** send spam of this type to owner- of the list
** ---- to stop spam from going to mailing lists.
*/
"_FFR_REDIRECTEMPTY",
#endif /* _FFR_REDIRECTEMPTY */
/* Allow macro 'j' to be set dynamically via rulesets. */
"_FFR_RESET_MACRO_GLOBALS",
#endif /* _FFR_RESET_MACRO_GLOBALS */
#if _FFR_RHS
/* Random shuffle for queue sorting. */
"_FFR_RHS",
#endif /* _FFR_RHS */
#if _FFR_SELECT_SHM
/* Auto-select of shared memory key */
"_FFR_SELECT_SHM",
#endif /* _FFR_SELECT_SHM */
#if _FFR_SHM_STATUS
/* Donated code (unused). */
"_FFR_SHM_STATUS",
#endif /* _FFR_SHM_STATUS */
/*
** The LDAP database map code in Sendmail 8.12.10, when
** given the -1 switch, would match only a single DN,
** but was able to return multiple attributes for that
** DN. In Sendmail 8.13 this "bug" was corrected to
** only return if exactly one attribute matched.
**
** Unfortuntately, our configuration uses the former
** behaviour. Attached is a relatively simple patch
** to 8.13.4 which adds a -2 switch (for lack of a
** attributes.
**
** Jeffrey T. Eaton, Carnegie-Mellon University
*/
"_FFR_LDAP_SINGLEDN",
#endif /* _FFR_LDAP_SINGLEDN */
/* process every N'th domain instead of every N'th message */
"_FFR_SKIP_DOMAINS",
#endif /* _FFR_SKIP_DOMAINS */
"_FFR_SLEEP_USE_SELECT ",
#endif /* _FFR_SLEEP_USE_SELECT */
#if _FFR_SOFT_BOUNCE
/* Turn all errors into temporary errors. */
"_FFR_SOFT_BOUNCE",
#endif /* _FFR_SOFT_BOUNCE */
#if _FFR_SPT_ALIGN
/*
** It looks like the Compaq Tru64 5.1A now aligns argv and envp to 64
** bit alignment, so unless each piece of argv and envp is a multiple
** of 8 bytes (including terminating NULL), initsetproctitle() won't
** use any of the space beyond argv[0]. Be sure to set SPT_ALIGN_SIZE
** if you use this FFR.
*/
/* Chris Adams of HiWAAY Informations Services */
"_FFR_SPT_ALIGN",
#endif /* _FFR_SPT_ALIGN */
/* SuperSafe per DaemonPortOptions: 'T' (better letter?) */
"_FFR_SS_PER_DAEMON",
#endif /* _FFR_SS_PER_DAEMON */
#if _FFR_TIMERS
/* Donated code (unused). */
"_FFR_TIMERS",
#endif /* _FFR_TIMERS */
#if _FFR_TLS_1
/* More STARTTLS options, e.g., secondary certs. */
"_FFR_TLS_1",
#endif /* _FFR_TLS_1 */
#if _FFR_TRUSTED_QF
/*
** If we don't own the file mark it as unsafe.
** However, allow TrustedUser to own it as well
** in case TrustedUser manipulates the queue.
*/
"_FFR_TRUSTED_QF",
#endif /* _FFR_TRUSTED_QF */
"_FFR_USE_SEM_LOCKING",
#endif /* _FFR_USE_SEM_LOCKING */
/* Use setlogin() */
/* Peter Philipp */
"_FFR_USE_SETLOGIN",
#endif /* _FFR_USE_SETLOGIN */
};