1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) University of Cambridge 1995 - 2016 */
6 /* See the file NOTICE for conditions of use and distribution. */
8 /* Functions for reading spool files. When compiling for a utility (eximon),
9 not all are needed, and some functionality can be cut out. */
16 #ifndef COMPILE_UTILITY
17 /*************************************************
18 * Open and lock data file *
19 *************************************************/
21 /* The data file is the one that is used for locking, because the header file
22 can get replaced during delivery because of header rewriting. The file has
23 to opened with write access so that we can get an exclusive lock, but in
24 fact it won't be written to. Just in case there's a major disaster (e.g.
25 overwriting some other file descriptor with the value of this one), open it
28 Argument: the id of the message
29 Returns: fd if file successfully opened and locked, else -1
31 Side effect: message_subdir is set for the (possibly split) spool directory
35 spool_open_datafile(uschar *id)
42 /* If split_spool_directory is set, first look for the file in the appropriate
43 sub-directory of the input directory. If it is not found there, try the input
44 directory itself, to pick up leftovers from before the splitting. If split_
45 spool_directory is not set, first look in the main input directory. If it is
46 not found there, try the split sub-directory, in case it is left over from a
49 for (i = 0; i < 2; i++)
53 message_subdir[0] = split_spool_directory == (i == 0) ? id[5] : 0;
54 fname = spool_fname(US"input", message_subdir, id, US"-D");
55 DEBUG(D_deliver) debug_printf("Trying spool file %s\n", fname);
57 if ((fd = Uopen(fname, O_RDWR | O_APPEND, 0)) >= 0)
64 log_write(0, LOG_MAIN, "Spool file %s-D not found", id);
66 else log_write(0, LOG_MAIN, "Spool error for %s: %s", fname,
72 /* File is open and message_subdir is set. Set the close-on-exec flag, and lock
73 the file. We lock only the first line of the file (containing the message ID)
74 because this apparently is needed for running Exim under Cygwin. If the entire
75 file is locked in one process, a sub-process cannot access it, even when passed
76 an open file descriptor (at least, I think that's the Cygwin story). On real
77 Unix systems it doesn't make any difference as long as Exim is consistent in
80 (void)fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) |
83 lock_data.l_type = F_WRLCK;
84 lock_data.l_whence = SEEK_SET;
85 lock_data.l_start = 0;
86 lock_data.l_len = SPOOL_DATA_START_OFFSET;
88 if (fcntl(fd, F_SETLK, &lock_data) < 0)
90 log_write(L_skip_delivery,
92 "Spool file is locked (another process is handling this message)");
98 /* Get the size of the data; don't include the leading filename line
99 in the count, but add one for the newline before the data. */
101 if (fstat(fd, &statbuf) == 0)
103 message_body_size = statbuf.st_size - SPOOL_DATA_START_OFFSET;
104 message_size = message_body_size + 1;
109 #endif /* COMPILE_UTILITY */
113 /*************************************************
114 * Read non-recipients tree from spool file *
115 *************************************************/
117 /* The tree of non-recipients is written to the spool file in a form that
118 makes it easy to read back into a tree. The format is as follows:
120 . Each node is preceded by two letter(Y/N) indicating whether it has left
121 or right children. There's one space after the two flags, before the name.
123 . The left subtree (if any) then follows, then the right subtree (if any).
125 This function is entered with the next input line in the buffer. Note we must
126 save the right flag before recursing with the same buffer.
128 Once the tree is read, we re-construct the balance fields by scanning the tree.
129 I forgot to write them out originally, and the compatible fix is to do it this
130 way. This initial local recursing function does the necessary.
135 Returns: maximum depth below the node, including the node itself
139 count_below(tree_node *node)
142 if (node == NULL) return 0;
143 nleft = count_below(node->left);
144 nright = count_below(node->right);
145 node->balance = (nleft > nright)? 1 : ((nright > nleft)? 2 : 0);
146 return 1 + ((nleft > nright)? nleft : nright);
149 /* This is the real function...
152 connect pointer to the root of the tree
153 f FILE to read data from
154 buffer contains next input line; further lines read into it
155 buffer_size size of the buffer
157 Returns: FALSE on format error
161 read_nonrecipients_tree(tree_node **connect, FILE *f, uschar *buffer,
165 int n = Ustrlen(buffer);
166 BOOL right = buffer[1] == 'Y';
168 if (n < 5) return FALSE; /* malformed line */
169 buffer[n-1] = 0; /* Remove \n */
170 node = store_get(sizeof(tree_node) + n - 3);
172 Ustrcpy(node->name, buffer + 3);
173 node->data.ptr = NULL;
175 if (buffer[0] == 'Y')
177 if (Ufgets(buffer, buffer_size, f) == NULL ||
178 !read_nonrecipients_tree(&node->left, f, buffer, buffer_size))
181 else node->left = NULL;
185 if (Ufgets(buffer, buffer_size, f) == NULL ||
186 !read_nonrecipients_tree(&node->right, f, buffer, buffer_size))
189 else node->right = NULL;
191 (void) count_below(*connect);
198 /*************************************************
199 * Read spool header file *
200 *************************************************/
202 /* This function reads a spool header file and places the data into the
203 appropriate global variables. The header portion is always read, but header
204 structures are built only if read_headers is set true. It isn't, for example,
205 while generating -bp output.
207 It may be possible for blocks of nulls (binary zeroes) to get written on the
208 end of a file if there is a system crash during writing. It was observed on an
209 earlier version of Exim that omitted to fsync() the files - this is thought to
210 have been the cause of that incident, but in any case, this code must be robust
211 against such an event, and if such a file is encountered, it must be treated as
215 name name of the header file, including the -H
216 read_headers TRUE if in-store header structures are to be built
217 subdir_set TRUE is message_subdir is already set
219 Returns: spool_read_OK success
220 spool_read_notopen open failed
221 spool_read_enverror error in the envelope portion
222 spool_read_hdrdrror error in the header portion
226 spool_read_header(uschar *name, BOOL read_headers, BOOL subdir_set)
232 BOOL inheader = FALSE;
235 /* Reset all the global variables to their default values. However, there is
236 one exception. DO NOT change the default value of dont_deliver, because it may
237 be forced by an external setting. */
239 acl_var_c = acl_var_m = NULL;
240 authenticated_id = NULL;
241 authenticated_sender = NULL;
242 allow_unqualified_recipient = FALSE;
243 allow_unqualified_sender = FALSE;
246 deliver_firsttime = FALSE;
247 deliver_freeze = FALSE;
248 deliver_frozen_at = 0;
249 deliver_manual_thaw = FALSE;
250 /* dont_deliver must NOT be reset */
251 header_list = header_last = NULL;
252 host_lookup_deferred = FALSE;
253 host_lookup_failed = FALSE;
254 interface_address = NULL;
256 local_error_message = FALSE;
257 local_scan_data = NULL;
258 max_received_linelength = 0;
259 message_linecount = 0;
260 received_protocol = NULL;
262 recipients_list = NULL;
263 sender_address = NULL;
264 sender_fullhost = NULL;
265 sender_helo_name = NULL;
266 sender_host_address = NULL;
267 sender_host_name = NULL;
268 sender_host_port = 0;
269 sender_host_authenticated = NULL;
271 sender_local = FALSE;
272 sender_set_untrusted = FALSE;
273 smtp_active_hostname = primary_hostname;
274 tree_nonrecipients = NULL;
276 #ifdef EXPERIMENTAL_BRIGHTMAIL
283 dkim_disable_verify = FALSE;
284 dkim_collect_input = FALSE;
288 tls_in.certificate_verified = FALSE;
289 # ifdef EXPERIMENTAL_DANE
290 tls_in.dane_verified = FALSE;
292 tls_in.cipher = NULL;
293 # ifndef COMPILE_UTILITY /* tls support fns not built in */
294 tls_free_cert(&tls_in.ourcert);
295 tls_free_cert(&tls_in.peercert);
297 tls_in.peerdn = NULL;
299 tls_in.ocsp = OCSP_NOT_REQ;
302 #ifdef WITH_CONTENT_SCAN
305 spam_score_int = NULL;
308 #if defined(SUPPORT_I18N) && !defined(COMPILE_UTILITY)
309 message_smtputf8 = FALSE;
310 message_utf8_downconvert = 0;
316 /* Generate the full name and open the file. If message_subdir is already
317 set, just look in the given directory. Otherwise, look in both the split
318 and unsplit directories, as for the data file above. */
320 for (n = 0; n < 2; n++)
323 message_subdir[0] = split_spool_directory == (n == 0) ? name[5] : 0;
325 if ((f = Ufopen(spool_fname(US"input", message_subdir, name, US""), "rb")))
327 if (n != 0 || subdir_set || errno != ENOENT)
328 return spool_read_notopen;
333 #ifndef COMPILE_UTILITY
334 DEBUG(D_deliver) debug_printf("reading spool file %s\n", name);
335 #endif /* COMPILE_UTILITY */
337 /* The first line of a spool file contains the message id followed by -H (i.e.
338 the file name), in order to make the file self-identifying. */
340 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
341 if (Ustrlen(big_buffer) != MESSAGE_ID_LENGTH + 3 ||
342 Ustrncmp(big_buffer, name, MESSAGE_ID_LENGTH + 2) != 0)
343 goto SPOOL_FORMAT_ERROR;
345 /* The next three lines in the header file are in a fixed format. The first
346 contains the login, uid, and gid of the user who caused the file to be written.
347 There are known cases where a negative gid is used, so we allow for both
348 negative uids and gids. The second contains the mail address of the message's
349 sender, enclosed in <>. The third contains the time the message was received,
350 and the number of warning messages for delivery delays that have been sent. */
352 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
354 p = big_buffer + Ustrlen(big_buffer);
355 while (p > big_buffer && isspace(p[-1])) p--;
357 if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
358 while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
360 if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
362 if (!isdigit(p[-1])) goto SPOOL_FORMAT_ERROR;
363 while (p > big_buffer && (isdigit(p[-1]) || '-' == p[-1])) p--;
365 if (p <= big_buffer || *(--p) != ' ') goto SPOOL_FORMAT_ERROR;
368 originator_login = string_copy(big_buffer);
369 originator_uid = (uid_t)uid;
370 originator_gid = (gid_t)gid;
373 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
374 n = Ustrlen(big_buffer);
375 if (n < 3 || big_buffer[0] != '<' || big_buffer[n-2] != '>')
376 goto SPOOL_FORMAT_ERROR;
378 sender_address = store_get(n-2);
379 Ustrncpy(sender_address, big_buffer+1, n-3);
380 sender_address[n-3] = 0;
383 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
384 if (sscanf(CS big_buffer, "%d %d", &received_time, &warning_count) != 2)
385 goto SPOOL_FORMAT_ERROR;
387 message_age = time(NULL) - received_time;
389 #ifndef COMPILE_UTILITY
390 DEBUG(D_deliver) debug_printf("user=%s uid=%ld gid=%ld sender=%s\n",
391 originator_login, (long int)originator_uid, (long int)originator_gid,
393 #endif /* COMPILE_UTILITY */
395 /* Now there may be a number of optional lines, each starting with "-". If you
396 add a new setting here, make sure you set the default above.
398 Because there are now quite a number of different possibilities, we use a
399 switch on the first character to avoid too many failing tests. Thanks to Nico
400 Erfurth for the patch that implemented this. I have made it even more efficient
401 by not re-scanning the first two characters.
403 To allow new versions of Exim that add additional flags to interwork with older
404 versions that do not understand them, just ignore any lines starting with "-"
405 that we don't recognize. Otherwise it wouldn't be possible to back off a new
406 version that left new-style flags written on the spool. */
412 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
413 if (big_buffer[0] != '-') break;
414 while ( (len = Ustrlen(big_buffer)) == big_buffer_size-1
415 && big_buffer[len-1] != '\n'
417 { /* buffer not big enough for line; certs make this possible */
419 if (big_buffer_size >= BIG_BUFFER_SIZE*4) goto SPOOL_READ_ERROR;
420 buf = store_get_perm(big_buffer_size *= 2);
421 memcpy(buf, big_buffer, --len);
423 if (Ufgets(big_buffer+len, big_buffer_size-len, f) == NULL)
424 goto SPOOL_READ_ERROR;
426 big_buffer[len-1] = 0;
428 switch(big_buffer[1])
432 /* Nowadays we use "-aclc" and "-aclm" for the different types of ACL
433 variable, because Exim allows any number of them, with arbitrary names.
434 The line in the spool file is "-acl[cm] <name> <length>". The name excludes
437 if (Ustrncmp(p, "clc ", 4) == 0 ||
438 Ustrncmp(p, "clm ", 4) == 0)
440 uschar *name, *endptr;
443 endptr = Ustrchr(big_buffer + 6, ' ');
444 if (endptr == NULL) goto SPOOL_FORMAT_ERROR;
445 name = string_sprintf("%c%.*s", big_buffer[4], endptr - big_buffer - 6,
447 if (sscanf(CS endptr, " %d", &count) != 1) goto SPOOL_FORMAT_ERROR;
448 node = acl_var_create(name);
449 node->data.ptr = store_get(count + 1);
450 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
451 ((uschar*)node->data.ptr)[count] = 0;
454 else if (Ustrcmp(p, "llow_unqualified_recipient") == 0)
455 allow_unqualified_recipient = TRUE;
456 else if (Ustrcmp(p, "llow_unqualified_sender") == 0)
457 allow_unqualified_sender = TRUE;
459 else if (Ustrncmp(p, "uth_id", 6) == 0)
460 authenticated_id = string_copy(big_buffer + 9);
461 else if (Ustrncmp(p, "uth_sender", 10) == 0)
462 authenticated_sender = string_copy(big_buffer + 13);
463 else if (Ustrncmp(p, "ctive_hostname", 14) == 0)
464 smtp_active_hostname = string_copy(big_buffer + 17);
466 /* For long-term backward compatibility, we recognize "-acl", which was
467 used before the number of ACL variables changed from 10 to 20. This was
468 before the subsequent change to an arbitrary number of named variables.
469 This code is retained so that upgrades from very old versions can still
470 handle old-format spool files. The value given after "-acl" is a number
471 that is 0-9 for connection variables, and 10-19 for message variables. */
473 else if (Ustrncmp(p, "cl ", 3) == 0)
476 uschar name[20]; /* Need plenty of space for %d format */
478 if ( sscanf(CS big_buffer + 5, "%d %d", &index, &count) != 2
481 goto SPOOL_FORMAT_ERROR;
483 (void) string_format(name, sizeof(name), "%c%d", 'c', index);
485 (void) string_format(name, sizeof(name), "%c%d", 'm', index - 10);
486 node = acl_var_create(name);
487 node->data.ptr = store_get(count + 1);
488 if (fread(node->data.ptr, 1, count+1, f) < count) goto SPOOL_READ_ERROR;
489 ((uschar*)node->data.ptr)[count] = 0;
494 if (Ustrncmp(p, "ody_linecount", 13) == 0)
495 body_linecount = Uatoi(big_buffer + 15);
496 else if (Ustrncmp(p, "ody_zerocount", 13) == 0)
497 body_zerocount = Uatoi(big_buffer + 15);
498 #ifdef EXPERIMENTAL_BRIGHTMAIL
499 else if (Ustrncmp(p, "mi_verdicts ", 12) == 0)
500 bmi_verdicts = string_copy(big_buffer + 14);
505 if (Ustrcmp(p, "eliver_firsttime") == 0)
506 deliver_firsttime = TRUE;
507 /* Check if the dsn flags have been set in the header file */
508 else if (Ustrncmp(p, "sn_ret", 6) == 0)
509 dsn_ret= atoi(CS big_buffer + 8);
510 else if (Ustrncmp(p, "sn_envid", 8) == 0)
511 dsn_envid = string_copy(big_buffer + 11);
515 if (Ustrncmp(p, "rozen", 5) == 0)
517 deliver_freeze = TRUE;
518 if (sscanf(CS big_buffer+7, TIME_T_FMT, &deliver_frozen_at) != 1)
519 goto SPOOL_READ_ERROR;
524 if (Ustrcmp(p, "ost_lookup_deferred") == 0)
525 host_lookup_deferred = TRUE;
526 else if (Ustrcmp(p, "ost_lookup_failed") == 0)
527 host_lookup_failed = TRUE;
528 else if (Ustrncmp(p, "ost_auth", 8) == 0)
529 sender_host_authenticated = string_copy(big_buffer + 11);
530 else if (Ustrncmp(p, "ost_name", 8) == 0)
531 sender_host_name = string_copy(big_buffer + 11);
532 else if (Ustrncmp(p, "elo_name", 8) == 0)
533 sender_helo_name = string_copy(big_buffer + 11);
535 /* We now record the port number after the address, separated by a
536 dot. For compatibility during upgrading, do nothing if there
537 isn't a value (it gets left at zero). */
539 else if (Ustrncmp(p, "ost_address", 11) == 0)
541 sender_host_port = host_address_extract_port(big_buffer + 14);
542 sender_host_address = string_copy(big_buffer + 14);
547 if (Ustrncmp(p, "nterface_address", 16) == 0)
549 interface_port = host_address_extract_port(big_buffer + 19);
550 interface_address = string_copy(big_buffer + 19);
552 else if (Ustrncmp(p, "dent", 4) == 0)
553 sender_ident = string_copy(big_buffer + 7);
557 if (Ustrcmp(p, "ocal") == 0) sender_local = TRUE;
558 else if (Ustrcmp(big_buffer, "-localerror") == 0)
559 local_error_message = TRUE;
560 else if (Ustrncmp(p, "ocal_scan ", 10) == 0)
561 local_scan_data = string_copy(big_buffer + 12);
565 if (Ustrcmp(p, "anual_thaw") == 0) deliver_manual_thaw = TRUE;
566 else if (Ustrncmp(p, "ax_received_linelength", 22) == 0)
567 max_received_linelength = Uatoi(big_buffer + 24);
571 if (*p == 0) dont_deliver = TRUE; /* -N */
575 if (Ustrncmp(p, "eceived_protocol", 16) == 0)
576 received_protocol = string_copy(big_buffer + 19);
580 if (Ustrncmp(p, "ender_set_untrusted", 19) == 0)
581 sender_set_untrusted = TRUE;
582 #ifdef WITH_CONTENT_SCAN
583 else if (Ustrncmp(p, "pam_bar ", 8) == 0)
584 spam_bar = string_copy(big_buffer + 10);
585 else if (Ustrncmp(p, "pam_score ", 10) == 0)
586 spam_score = string_copy(big_buffer + 12);
587 else if (Ustrncmp(p, "pam_score_int ", 14) == 0)
588 spam_score_int = string_copy(big_buffer + 16);
590 #if defined(SUPPORT_I18N) && !defined(COMPILE_UTILITY)
591 else if (Ustrncmp(p, "mtputf8", 7) == 0)
592 message_smtputf8 = TRUE;
598 if (Ustrncmp(p, "ls_certificate_verified", 23) == 0)
599 tls_in.certificate_verified = TRUE;
600 else if (Ustrncmp(p, "ls_cipher", 9) == 0)
601 tls_in.cipher = string_copy(big_buffer + 12);
602 # ifndef COMPILE_UTILITY /* tls support fns not built in */
603 else if (Ustrncmp(p, "ls_ourcert", 10) == 0)
604 (void) tls_import_cert(big_buffer + 13, &tls_in.ourcert);
605 else if (Ustrncmp(p, "ls_peercert", 11) == 0)
606 (void) tls_import_cert(big_buffer + 14, &tls_in.peercert);
608 else if (Ustrncmp(p, "ls_peerdn", 9) == 0)
609 tls_in.peerdn = string_unprinting(string_copy(big_buffer + 12));
610 else if (Ustrncmp(p, "ls_sni", 6) == 0)
611 tls_in.sni = string_unprinting(string_copy(big_buffer + 9));
612 else if (Ustrncmp(p, "ls_ocsp", 7) == 0)
613 tls_in.ocsp = big_buffer[10] - '0';
617 #if defined(SUPPORT_I18N) && !defined(COMPILE_UTILITY)
619 if (Ustrncmp(p, "tf8_downcvt", 11) == 0)
620 message_utf8_downconvert = 1;
621 else if (Ustrncmp(p, "tf8_optdowncvt", 15) == 0)
622 message_utf8_downconvert = -1;
626 default: /* Present because some compilers complain if all */
627 break; /* possibilities are not covered. */
631 /* Build sender_fullhost if required */
633 #ifndef COMPILE_UTILITY
634 host_build_sender_fullhost();
635 #endif /* COMPILE_UTILITY */
637 #ifndef COMPILE_UTILITY
639 debug_printf("sender_local=%d ident=%s\n", sender_local,
640 (sender_ident == NULL)? US"unset" : sender_ident);
641 #endif /* COMPILE_UTILITY */
643 /* We now have the tree of addresses NOT to deliver to, or a line
644 containing "XX", indicating no tree. */
646 if (Ustrncmp(big_buffer, "XX\n", 3) != 0 &&
647 !read_nonrecipients_tree(&tree_nonrecipients, f, big_buffer, big_buffer_size))
648 goto SPOOL_FORMAT_ERROR;
650 #ifndef COMPILE_UTILITY
653 debug_printf("Non-recipients:\n");
654 debug_print_tree(tree_nonrecipients);
656 #endif /* COMPILE_UTILITY */
658 /* After reading the tree, the next line has not yet been read into the
659 buffer. It contains the count of recipients which follow on separate lines. */
661 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
662 if (sscanf(CS big_buffer, "%d", &rcount) != 1) goto SPOOL_FORMAT_ERROR;
664 #ifndef COMPILE_UTILITY
665 DEBUG(D_deliver) debug_printf("recipients_count=%d\n", rcount);
666 #endif /* COMPILE_UTILITY */
668 recipients_list_max = rcount;
669 recipients_list = store_get(rcount * sizeof(recipient_item));
671 for (recipients_count = 0; recipients_count < rcount; recipients_count++)
676 uschar *orcpt = NULL;
677 uschar *errors_to = NULL;
680 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
681 nn = Ustrlen(big_buffer);
682 if (nn < 2) goto SPOOL_FORMAT_ERROR;
684 /* Remove the newline; this terminates the address if there is no additional
687 p = big_buffer + nn - 1;
690 /* Look back from the end of the line for digits and special terminators.
691 Since an address must end with a domain, we can tell that extra data is
692 present by the presence of the terminator, which is always some character
693 that cannot exist in a domain. (If I'd thought of the need for additional
694 data early on, I'd have put it at the start, with the address at the end. As
695 it is, we have to operate backwards. Addresses are permitted to contain
698 This code has to cope with various versions of this data that have evolved
699 over time. In all cases, the line might just contain an address, with no
700 additional data. Otherwise, the possibilities are as follows:
702 Exim 3 type: <address><space><digits>,<digits>,<digits>
704 The second set of digits is the parent number for one_time addresses. The
705 other values were remnants of earlier experiments that were abandoned.
707 Exim 4 first type: <address><space><digits>
709 The digits are the parent number for one_time addresses.
711 Exim 4 new type: <address><space><data>#<type bits>
713 The type bits indicate what the contents of the data are.
715 Bit 01 indicates that, reading from right to left, the data
716 ends with <errors_to address><space><len>,<pno> where pno is
717 the parent number for one_time addresses, and len is the length
718 of the errors_to address (zero meaning none).
720 Bit 02 indicates that, again reading from right to left, the data continues
721 with orcpt len(orcpt),dsn_flags
724 while (isdigit(*p)) p--;
726 /* Handle Exim 3 spool files */
731 while (isdigit(*(--p)) || *p == ',');
735 (void)sscanf(CS p, "%d,%d", &dummy, &pno);
739 /* Handle early Exim 4 spool files */
744 (void)sscanf(CS p, "%d", &pno);
747 /* Handle current format Exim 4 spool files */
753 #if !defined (COMPILE_UTILITY)
754 DEBUG(D_deliver) debug_printf("**** SPOOL_IN - Exim 4 standard format spoolfile\n");
757 (void)sscanf(CS p+1, "%d", &flags);
759 if ((flags & 0x01) != 0) /* one_time data exists */
762 while (isdigit(*(--p)) || *p == ',' || *p == '-');
763 (void)sscanf(CS p+1, "%d,%d", &len, &pno);
768 errors_to = string_copy(p);
772 *(--p) = 0; /* Terminate address */
773 if ((flags & 0x02) != 0) /* one_time data exists */
776 while (isdigit(*(--p)) || *p == ',' || *p == '-');
777 (void)sscanf(CS p+1, "%d,%d", &len, &dsn_flags);
782 orcpt = string_copy(p);
786 *(--p) = 0; /* Terminate address */
788 #if !defined(COMPILE_UTILITY)
790 { DEBUG(D_deliver) debug_printf("**** SPOOL_IN - No additional fields\n"); }
792 if ((orcpt != NULL) || (dsn_flags != 0))
794 DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| orcpt: |%s| dsn_flags: %d\n",
795 big_buffer, orcpt, dsn_flags);
797 if (errors_to != NULL)
799 DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s|\n",
800 big_buffer, errors_to);
804 recipients_list[recipients_count].address = string_copy(big_buffer);
805 recipients_list[recipients_count].pno = pno;
806 recipients_list[recipients_count].errors_to = errors_to;
807 recipients_list[recipients_count].orcpt = orcpt;
808 recipients_list[recipients_count].dsn_flags = dsn_flags;
811 /* The remainder of the spool header file contains the headers for the message,
812 separated off from the previous data by a blank line. Each header is preceded
813 by a count of its length and either a certain letter (for various identified
814 headers), space (for a miscellaneous live header) or an asterisk (for a header
815 that has been rewritten). Count the Received: headers. We read the headers
816 always, in order to check on the format of the file, but only create a header
817 list if requested to do so. */
820 if (Ufgets(big_buffer, big_buffer_size, f) == NULL) goto SPOOL_READ_ERROR;
821 if (big_buffer[0] != '\n') goto SPOOL_FORMAT_ERROR;
823 while ((n = fgetc(f)) != EOF)
829 if (!isdigit(n)) goto SPOOL_FORMAT_ERROR;
830 if(ungetc(n, f) == EOF || fscanf(f, "%d%c ", &n, flag) == EOF)
831 goto SPOOL_READ_ERROR;
832 if (flag[0] != '*') message_size += n; /* Omit non-transmitted headers */
836 h = store_get(sizeof(header_line));
840 h->text = store_get(n+1);
842 if (h->type == htype_received) received_count++;
844 if (header_list == NULL) header_list = h;
845 else header_last->next = h;
848 for (i = 0; i < n; i++)
851 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
852 if (c == '\n' && h->type != htype_old) message_linecount++;
858 /* Not requiring header data, just skip through the bytes */
860 else for (i = 0; i < n; i++)
863 if (c == 0 || c == EOF) goto SPOOL_FORMAT_ERROR;
867 /* We have successfully read the data in the header file. Update the message
868 line count by adding the body linecount to the header linecount. Close the file
869 and give a positive response. */
871 #ifndef COMPILE_UTILITY
872 DEBUG(D_deliver) debug_printf("body_linecount=%d message_linecount=%d\n",
873 body_linecount, message_linecount);
874 #endif /* COMPILE_UTILITY */
876 message_linecount += body_linecount;
879 return spool_read_OK;
882 /* There was an error reading the spool or there was missing data,
883 or there was a format error. A "read error" with no errno means an
884 unexpected EOF, which we treat as a format error. */
891 #ifndef COMPILE_UTILITY
892 DEBUG(D_any) debug_printf("Error while reading spool file %s\n", name);
893 #endif /* COMPILE_UTILITY */
897 return inheader? spool_read_hdrerror : spool_read_enverror;
902 #ifndef COMPILE_UTILITY
903 DEBUG(D_any) debug_printf("Format error in spool file %s\n", name);
904 #endif /* COMPILE_UTILITY */
907 errno = ERRNO_SPOOLFORMAT;
908 return inheader? spool_read_hdrerror : spool_read_enverror;
913 /* End of spool_in.c */