madscientist
/
SNFMilter
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Kods Problēmas 0 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
12 Revīzijas
1 Atzars
Koks: dd4a0b4809
Atzari Tagi
${ item.name }
Izveidot atzaru ${ searchTerm }
no 'dd4a0b4809'
${ noResults }
SNFMilter/SNFMilter.cpp

SNFMilter.cpp 62KB
Neapstrādāts Vainot Vēsture

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398 
  1. // SNFMilter.cpp

  2. // Copyright (C) 2008 ARM Research Labs, LLC.

  3. // See www.armresearch.com for the copyright terms.

  4. //

  5. // This file contains the "guts" of the SNFMilter interface. Specifically,

  6. // the SNFMilter() function.

  7. 

  8. #include <sys/types.h>

  9. #include <sys/stat.h>

  10. #include <errno.h>

  11. #include <unistd.h>

  12. #include <grp.h>

  13. 

  14. #include "SNFMulti.hpp"

  15. #include "configuration.hpp"

  16. #include "SNFMilter.hpp"

  17. #include "config.h"

  18. 

  19. #include <syslog.h>

  20. #include <sstream>

  21. 

  22. #if SMFI_VERSION > 3

  23. #define NEW_LIBMILTER

  24. #endif

  25. 

  26. SNFMilterContextPool* MilterContexts = 0;                                       // The global contexts handle.

  27. bool MilterDebugMode;                                                           // True if debug mode is on.

  28. sfsistat SkipReturn = SMFIS_CONTINUE;                                           // libmilter return value when further

  29.                                                                                 // callbacks of the same type are to be skipped.

  30. 

  31. /// Get the connection context object.

  32. //

  33. // \param[in] Ctx is the libmilter context object.

  34. //

  35. // \returns the pointer to the connection context object.

  36. //

  37. // \throws runtime_error if the obtained pointer is 0.

  38. //

  39. SNFMilterContext*

  40. getContextFromCtx(SMFICTX* Ctx) {

  41.     SNFMilterContext* Context = (SNFMilterContext*) smfi_getpriv(Ctx);          // Get the context object.

  42.     if(0 == Context) throw runtime_error("Got NULL from smfi_getpriv()");

  43.     return Context;

  44. }

  45. 

  46. /// Get a new connection object and assign it to the context.

  47. //

  48. // \param[in] Ctx is the libmilter context object.

  49. //

  50. // \returns the pointer to the connection context object.

  51. //

  52. // \throws runtime_error if the obtained pointer is 0.

  53. //

  54. SNFMilterContext*

  55. assignContextToCtx(SMFICTX* Ctx) {

  56.     SNFMilterContext* Context = MilterContexts->grab();                         // Get any existing context object.

  57.     if(0 == Context)                                                            // Check address.

  58. 	throw runtime_error("Got NULL from MilterContexts->grab()");

  59.     smfi_setpriv(Ctx, Context);                                                 // Save the context object.

  60.     Context->ConnectionData.clear();                                            // Clear the connection context object.

  61.     return Context;

  62. }

  63. 

  64. // Function to output an info message.

  65. void logInfo(const string ContextName, int Code, std::string Message) {

  66.     cout << ContextName << " (code " << Code << "): " << Message << endl;

  67. #if 0

  68.     syslog(LOG_MAIL | LOG_DEBUG, "%s", Message.c_str());                        // Output to system mail log.

  69. #endif

  70.     MilterContexts->logThisInfo(ContextName, Code, Message);                    // Log message.

  71. }

  72. 

  73. // Function to output an error message.

  74. void logError(const string &ContextName, const int &Code, const std::string &Message) {

  75.     cout << ContextName << " (code " << Code << "): " << Message << endl;

  76. #if 0

  77.     syslog(LOG_MAIL | LOG_DEBUG, "%s", Message.c_str());                        // Output to system mail log.

  78. #endif

  79.     MilterContexts->logThisError(ContextName, Code, Message);                   // Log message.

  80. }

  81. 

  82. class ResultActionHandler : public Configurator {

  83. private:

  84.     SNFMilterEngine* Target;

  85. 

  86. public:

  87.     ResultActionHandler(SNFMilterEngine* T) : Target(T) {}

  88.     void operator()(ConfigurationElement& E, ConfigurationData& D) {

  89.         Target->setResultAction(

  90.                                 Code,

  91.                                 (Action >= Allow && Action <= Quarantine) ?

  92.                                 static_cast<SNFMilterAction>(Action)

  93.                                 : Allow

  94.                                 );

  95.     }

  96.     int Code;

  97.     int Action;

  98. };

  99. 

  100. const int NoSuchCode = -1;                                                      // Magic number for no such code

  101. const int NoSuchAction = -1;                                                    // Magic number for no such action

  102. 

  103. void SNFMilterEngine::readConfiguration() {                                     // Parse the configuration.

  104.     string NewConfiguration = myRulebase->PlatformConfiguration();              // Get the latest configuration.

  105.     if(0 != RunningConfiguration.compare(NewConfiguration)) {                   // If it does not match, read it!

  106.         RunningConfiguration = NewConfiguration;                                // Capture the latest.

  107.         for(int i = 1; i < ResultCodesCount; i++) ResultActions[i] = NoAction;  // Init Result/Action config.

  108.         ResultActions[0] = Allow;

  109.         NonZeroAction = NoAction;                                               // NoAction if no configuration for

  110.                                                                                 // non-zero result.

  111.         ResultActionHandler ResultActionConfigurator(this);                     // Create a Result/Action handler.

  112.         ConfigurationElement Reader("milter");                                  // Create a configuration reader.

  113.         Reader

  114.           .Element("connect")

  115.             .Element("white")

  116.               .Attribute("action", reinterpret_cast<int&>(WhiteAction), static_cast<int>(Allow))

  117.                  .Mnemonic("Allow", AllowActionMnemonic)

  118.                  .Mnemonic("Accept", AcceptActionMnemonic)

  119.                  .Mnemonic("Retry", RetryActionMnemonic)

  120.                  .Mnemonic("Reject", RejectActionMnemonic)

  121.                  .Mnemonic("Discard", DiscardActionMnemonic)

  122.                  .Mnemonic("Quarantine", QuarantineActionMnemonic)

  123.             .End("white")

  124.             .Element("caution")

  125.               .Attribute("action", reinterpret_cast<int&>(CautionAction), static_cast<int>(Allow))

  126.                  .Mnemonic("Allow", AllowActionMnemonic)

  127.                  .Mnemonic("Accept", AcceptActionMnemonic)

  128.                  .Mnemonic("Retry", RetryActionMnemonic)

  129.                  .Mnemonic("Reject", RejectActionMnemonic)

  130.                  .Mnemonic("Discard", DiscardActionMnemonic)

  131.                  .Mnemonic("Quarantine", QuarantineActionMnemonic)

  132.             .End("caution")

  133.             .Element("black")

  134.               .Attribute("action", reinterpret_cast<int&>(BlackAction), static_cast<int>(Allow))

  135.                  .Mnemonic("Allow", AllowActionMnemonic)

  136.                  .Mnemonic("Accept", AcceptActionMnemonic)

  137.                  .Mnemonic("Retry", RetryActionMnemonic)

  138.                  .Mnemonic("Reject", RejectActionMnemonic)

  139.                  .Mnemonic("Discard", DiscardActionMnemonic)

  140.                  .Mnemonic("Quarantine", QuarantineActionMnemonic)

  141.             .End("black")

  142.             .Element("truncate")

  143.               .Attribute("action", reinterpret_cast<int&>(TruncateAction), static_cast<int>(Allow))

  144.                  .Mnemonic("Allow", AllowActionMnemonic)

  145.                  .Mnemonic("Accept", AcceptActionMnemonic)

  146.                  .Mnemonic("Retry", RetryActionMnemonic)

  147.                  .Mnemonic("Reject", RejectActionMnemonic)

  148.                  .Mnemonic("Discard", DiscardActionMnemonic)

  149.                  .Mnemonic("Quarantine", QuarantineActionMnemonic)

  150.             .End("truncate")

  151.           .End("connect")

  152.           .Element("scan")

  153.             .Element("result")

  154.               .atEndCall(ResultActionConfigurator)

  155.               .Attribute("code", ResultActionConfigurator.Code, NoSuchCode)

  156.               .Attribute("action", ResultActionConfigurator.Action, NoSuchAction)

  157.                  .Mnemonic("Allow", AllowActionMnemonic)

  158.                  .Mnemonic("Accept", AcceptActionMnemonic)

  159.                  .Mnemonic("Retry", RetryActionMnemonic)

  160.                  .Mnemonic("Reject", RejectActionMnemonic)

  161.                  .Mnemonic("Discard", DiscardActionMnemonic)

  162.                  .Mnemonic("Quarantine", QuarantineActionMnemonic)

  163.             .End("result")

  164.             .Element("nonzero")

  165.               .Attribute("action", reinterpret_cast<int&>(NonZeroAction), static_cast<int>(NoAction))

  166.                  .Mnemonic("Allow", AllowActionMnemonic)

  167.                  .Mnemonic("Accept", AcceptActionMnemonic)

  168.                  .Mnemonic("Retry", RetryActionMnemonic)

  169.                  .Mnemonic("Reject", RejectActionMnemonic)

  170.                  .Mnemonic("Discard", DiscardActionMnemonic)

  171.                  .Mnemonic("Quarantine", QuarantineActionMnemonic)

  172.             .End("nonzero")

  173.           .End("scan")

  174.         .End("milter");

  175.         ConfigurationData ConfigurationData(                                    // Convert our configuration string

  176.                                             NewConfiguration.c_str(),           // to a configuration data buffer.

  177.                                             NewConfiguration.length());

  178. 

  179.         Reader.initialize();                                                    // Initialize the defaults.

  180.         Reader.interpret(ConfigurationData);                                    // Read the new configuration.

  181.     }

  182. 

  183. }

  184. 

  185. void SNFMilterEngine::setResultAction(int Result, SNFMilterAction Action) {     // Set a result / action pair.

  186.     if(

  187.        0 <= Result &&

  188.        ResultCodesCount > Result                                                // If the Result code is in

  189.        ) { ResultActions[Result] = Action; }                                    // range then set the action.

  190. }

  191. 

  192. void SNFMilterEngine::checkConfiguration() {                                    // Reload the config if it is old.

  193.     if(ConfigurationCheckTime.isExpired()) readConfiguration();

  194. }

  195. 

  196. SNFMilterEngine::SNFMilterEngine(snf_RulebaseHandler* R) :                      // Construct the engine.

  197.     myRulebase(R),                                                              // Remember our rulebase.

  198.     myEngine(0),                                                                // We need to set this later.

  199.     WhiteAction(Allow),                                                         // Initialize our default actions.

  200.     CautionAction(Allow),

  201.     BlackAction(Allow),

  202.     TruncateAction(Allow),

  203.     ConfigurationCheckTime(ConfigurationLifetime)

  204. {

  205.     myEngine = new snf_EngineHandler();                                         // Create an engine handler.

  206.     myEngine->open(myRulebase);                                                 // Connect it to the rulebase.

  207.     readConfiguration();                                                        // Read our configuration.

  208. }

  209. 

  210. SNFMilterEngine::~SNFMilterEngine() {                                           // Destroy the engine.

  211.     try {

  212.         ScopeMutex EngineLock(ConfigMutex);                                     // Don't die while scanning.

  213.         if(myEngine) {                                                          // If we're not dead then die.

  214.             myEngine->close();                                                  // Close the engine.

  215.             delete myEngine;                                                    // Delete it.

  216.             myEngine = 0;                                                       // Forget it.

  217.             myRulebase = 0;                                                     // Forget (don't delete) this too.

  218.         }

  219.     }

  220.     catch(...) {}                                                               // Silently capture exceptions.

  221. }

  222. 

  223. SNFMilterAction SNFMilterEngine::scanIP(unsigned long int IP) {                 // Scans an IP.

  224.     IPTestRecord Tester(IP);                                                    // Make up a test record for this IP.

  225.     ScopeMutex ConfigurationLock(ConfigMutex);                                  // Lock our configuration.

  226.     if(0 == myEngine) throw runtime_error("Null engine when scanning IP");      // Skip safely if we're down.

  227.     checkConfiguration();                                                       // Re-read our config if it is old.

  228.     myRulebase->performIPTest(Tester);                                          // Tun it past the engine.

  229.     SNFMilterAction TestResult = Allow;                                         // Allow by default.

  230.     switch(Tester.R) {                                                          // Convert the result to an action.

  231.     case White: { TestResult = WhiteAction; break; }                            // If the IP scan range is recognized

  232.     case Caution: { TestResult = CautionAction; break; }                        // in our configuration then we will

  233.     case Black: { TestResult = BlackAction; break; }                            // return the action code that is

  234.     case Truncate: { TestResult = TruncateAction; break; }                      // configured. Otherwise we will return

  235.     default: break;

  236.     }                                                                           // the default "Allow" action.

  237.     return TestResult;                                                          // Tell them what we've got.

  238. }

  239. 

  240. SNFMilterAction SNFMilterEngine::scanMessage(                                   // Scans a message.

  241.                                              const unsigned char* bfr,          // Requires a pointer to the buffer.

  242.                                              int length) {                      // Requires the buffer length.

  243.     ScopeMutex ConfigurationLock(ConfigMutex);                                  // Lock the configuration.

  244.     if(0 == myEngine) throw runtime_error("Null engine when scanning message"); // Skip safely if we're down.

  245.     checkConfiguration();                                                       // Re-read our config if it is old.

  246.     int R = myEngine->scanMessage(bfr, length, "", 0);                          // Scan the message & get the result.

  247.     if(0 > R || ResultCodesCount <= R) return Error;                            // If R is out of range, return Error.

  248.     if (0 == R || NoAction != ResultActions[R]) return ResultActions[R];        // Return the translated action.

  249.     return NonZeroAction;

  250. }

  251. 

  252. string SNFMilterEngine::XHeaders() {                                            // Return X headers from last scan.

  253.     ScopeMutex EngineLock(ConfigMutex);                                         // Use myEngine safely.

  254.     if(0 == myEngine) return "";                                                // Return no headers if dead.

  255.     return myEngine->getXHDRs();                                                // Simply return them.

  256. }

  257. 

  258. //// SNFMilterContext

  259. 

  260. SNFMilterContext::SNFMilterContext(snf_RulebaseHandler *myRulebase) :

  261.     milterEngine(myRulebase),

  262.     MessageData(MailBufferReserveSize) {}

  263. 

  264. SNFMilterContext::~SNFMilterContext() {}

  265. 

  266. /// Return the local received header.

  267. //

  268. // \returns the local received header.

  269. //

  270. string

  271. SNFMilterContext::getLocalReceivedHeader() {

  272. 

  273.     string locHeader;

  274. 

  275.     locHeader = "Received: from <" + ConnectionData.HostName;

  276.     locHeader += "> [" + (string) ConnectionData.HostIP;

  277.     locHeader += "] by " PACKAGE_NAME;

  278.     return locHeader;

  279. }

  280. 

  281. /// Map return value from SNFMilterEngine scan to libmilter return value.

  282. //

  283. // \param[in] MilterAction is the return from an SNFMilterEngine scan.

  284. //

  285. // \returns the return value for the libmilter callback.

  286. //

  287. // \throws std::out_of_range if MilterAction of out of range.

  288. //

  289. sfsistat

  290. SNFMilterContext::smfisReturn(SNFMilterAction MilterAction) {

  291. 

  292.     static const sfsistat ReturnValue[] = {

  293.         SMFIS_CONTINUE,

  294.         SMFIS_ACCEPT,

  295.         SMFIS_TEMPFAIL,

  296.         SMFIS_REJECT,

  297.         SMFIS_DISCARD,

  298.         SMFIS_CONTINUE

  299.     };

  300. 

  301.     if ( (MilterAction < 0) || (MilterAction >= NMilterActions) ) {

  302.         ostringstream Temp;

  303.         Temp << "Illegal value of SNFMilterAction in SNFMilterContext::smfisReturn ("

  304.              << MilterAction << ") while processing message from "

  305.              << MessageData.SenderAddress

  306.              << " (connection from " << ConnectionData.HostName << " ("

  307.              << (string) ConnectionData.HostIP << ").";

  308.         throw std::out_of_range(Temp.str());

  309.     }

  310. 

  311.     return ReturnValue[MilterAction];

  312.     

  313. }

  314. 

  315. //// SNFMilterContextPool

  316. 

  317. SNFMilterContextPool::SNFMilterContextPool(snf_RulebaseHandler* Rulebase) :     // Ctor needs a live rulebase handler.

  318.     myRulebase(Rulebase),                                                       // Capture the rulebase handler.

  319.     MilterSocketPort(0) {

  320. 

  321.     string NewConfiguration = myRulebase->PlatformConfiguration();              // Get the latest configuration.

  322.     ConfigurationElement Reader("milter");                                      // Create a configuration reader.

  323.     Reader

  324.       .Element("socket")

  325.         .Attribute("type", reinterpret_cast<int&>(MilterSocketType), static_cast<int>(NOMilterSocket))

  326.            .Mnemonic("unix", UNIXMilterSocketMnemonic)

  327.            .Mnemonic("tcp", TCPMilterSocketMnemonic)

  328.         .Attribute("path", MilterSocketPath, "")

  329.         .Attribute("group", MilterSocketGroup, "")

  330.         .Attribute("ip", MilterSocketIP, "")

  331.         .Attribute("port", MilterSocketPort, 0)

  332.       .End("socket")

  333.     .End("milter");

  334. 

  335.     ConfigurationData ConfigurationData(                                        // Convert our configuration string

  336.                                         NewConfiguration.c_str(),               // to a configuration data buffer.

  337.                                         NewConfiguration.length());

  338. 

  339.     Reader.initialize();                                                        // Initialize the defaults.

  340.     Reader.interpret(ConfigurationData);                                        // Read the new configuration.

  341. 

  342.     switch (MilterSocketType) {                                                 // Named pipe.

  343.     case UNIXMilterSocket:

  344.         if (0 == MilterSocketPath.size()) {                                     // Path specified?

  345.             ostringstream Temp;                                                 // No.

  346.             Temp << "Path needs to be specified for socket type \"unix\"";

  347.             throw runtime_error(Temp.str());

  348.         }

  349.         if ( (0 != MilterSocketIP.size()) ||                                    // These should not be specified.

  350.              (0 != MilterSocketPort) ) {

  351.             ostringstream Temp;

  352.             Temp << "IP (" << MilterSocketIP << ") and/or port (" << MilterSocketPort

  353.                  << ") were specified for socket type \"unix\".  They should not be specified.";

  354.             throw runtime_error(Temp.str());

  355.         }

  356. 

  357.         break;

  358.     case TCPMilterSocket:

  359.         if (0 == MilterSocketIP.size()) {                                       // IP/host specified?

  360.             ostringstream Temp;                                                 // No.

  361.             Temp << "Host or IP address needs to be specified for socket type \"inet\"";

  362.             throw runtime_error(Temp.str());

  363.         }

  364.         if (0 == MilterSocketPort) {                                            // Port specified?

  365.             ostringstream Temp;                                                 // No.

  366.             Temp << "Port needs to be specified for socket type \"inet\"";

  367.             throw runtime_error(Temp.str());

  368.         }

  369.         if ( (0 != MilterSocketPath.size()) ||                                  // These should not be specified.

  370.              (0 != MilterSocketGroup.size()) ) {

  371.             ostringstream Temp;

  372.             Temp << "Path (" << MilterSocketPath << ") and/or group (" << MilterSocketGroup

  373.                  << ") were specified for socket type \"inet\".  They should not be specified.";

  374.             throw runtime_error(Temp.str());

  375.         }

  376. 

  377.         break;

  378. 

  379.     case NOMilterSocket:

  380.         {

  381.             ostringstream Temp;

  382.             Temp << "The required <socket> element was not present in the configuration file.";

  383.             throw runtime_error(Temp.str());

  384.         }

  385. 

  386.         break;

  387. 

  388.     default:

  389.         {

  390.             ostringstream Temp;

  391.             Temp << "The type of the <socket> element configuration file is invalid.  "

  392.               "The type must by \"unix\" or \"inet\"";

  393.             throw runtime_error(Temp.str());

  394.         }

  395.     }

  396. }

  397. 

  398. SNFMilterSocketType SNFMilterContextPool::getSocketType() {

  399.     return MilterSocketType;

  400. }

  401. 

  402. string SNFMilterContextPool::getSocketPath() { return MilterSocketPath; }

  403. 

  404. string SNFMilterContextPool::getSocketGroup() { return MilterSocketGroup; }

  405. 

  406. string SNFMilterContextPool::getSocketIP() { return MilterSocketIP; }

  407. 

  408. int SNFMilterContextPool::getSocketPort() { return MilterSocketPort; }

  409. 

  410. SNFMilterContextPool::~SNFMilterContextPool() {                                 // Dtor gracefully discards contexts.

  411.     ScopeMutex ContextPoolLock(ContextAllocationControl);                       // Lock the context allocation system.

  412.     myRulebase = 0;                                                             // Forget our rulebase. We're dead.

  413.     for(                                                                        // Loop through the context pool

  414.         vector<SNFMilterContext*>::iterator iC = ContextPool.begin();           // and delete any contexts we have

  415.         iC != ContextPool.end();                                                // allocated.

  416.         iC++) { delete (*iC); }

  417. }

  418. 

  419. SNFMilterContext* SNFMilterContextPool::grab() {                                // Get a context to use.

  420.     ScopeMutex ContextPoolLock(ContextAllocationControl);                       // Lock the context allocation system.

  421.     if(0 == myRulebase) return 0;                                               // No contexts left if we're dead.

  422.     if(1 > AvailableContexts.size()) {                                          // If we need more contexts then

  423.         SNFMilterContext* N = new SNFMilterContext(myRulebase);                 // Create a new context,

  424.         ContextPool.push_back(N);                                               // add it to the pool,

  425.         AvailableContexts.give(N);                                              // and make it available.

  426.     }

  427.     return AvailableContexts.take();                                            // Return the next avialable context.

  428. }

  429. 

  430. void SNFMilterContextPool::drop(SNFMilterContext* E) {                          // Drop a context after use.

  431.     // Update context state.

  432.     E->State = SNFMilterContext::Pooled;

  433. 

  434.     AvailableContexts.give(E);                                                  // Make this context available.

  435. }

  436. 

  437. bool SNFMilterContextPool::allUnused() {

  438.     return (AvailableContexts.size() == ContextPool.size());

  439. }

  440. 

  441. void SNFMilterContextPool::logThisError(string ContextName, int Code, string Text) {

  442.     myRulebase->logThisError(ContextName, Code, Text);

  443. }

  444. 

  445. void SNFMilterContextPool::logThisInfo(string ContextName, int Code, string Text) {

  446.     myRulebase->logThisInfo(ContextName, Code, Text);

  447. }

  448. 

  449. // End of configuration setup and engine and context interface components

  450. ////////////////////////////////////////////////////////////////////////////////

  451. 

  452. ////////////////////////////////////////////////////////////////////////////////

  453. // SNFMilter callback definitions, constants, and global data.

  454. 

  455. extern "C" {

  456. 

  457.     // Connection callback.

  458.     //

  459.     // This callback is invoked when a new connection is made to the

  460.     // MTA.  It obtains an available connection context object if one

  461.     // hasn't already been assigned, and saves the IP address and name

  462.     // of the connecting MTA.  Next, it performs an IP scan, and

  463.     // returns the appropriate response.

  464.     //

  465.     // Returns: SMFIS_CONTINUE, SMFIS_ACCEPT, SMFIS_TEMPFAIL, or

  466.     // SMFIS_REJECT according to the following mapping:

  467.     //

  468.     //   IPScanResult return                      mlfi_connect return

  469.     //

  470.     //   Quarantine, Discard, Error               FailSafeMilterResponse

  471.     //

  472.     //   Anything else                            SNFMilterContext::smfisReturn(IPScanResult)

  473.     //

  474.     sfsistat

  475.     mlfi_connect(SMFICTX *Ctx, char *HostName, _SOCK_ADDR *HostAddr)

  476.     {

  477.         const string ContextName = PACKAGE_NAME "::mlfi_connect";

  478.         int ErrorCode = 1;

  479.         int InfoCode = 1;

  480.         sfsistat CallbackResult = FailSafeMilterResponse;

  481.  

  482.         try {

  483.             SNFMilterContext *Context = assignContextToCtx(Ctx);                // Get the existing context object,

  484.                                                                                 // or assign a new context object.

  485. 

  486.             Context->State = SNFMilterContext::Connect;                         // Update context state.

  487. 

  488.             sockaddr_in *SaIn = (sockaddr_in *) HostAddr;                       // Fetch the IP address.

  489. 

  490.             Context->ConnectionData.HostName = HostName;                        // Load the info.

  491. 

  492. 	    if (0 == SaIn) {                                                    // If HostAddr is 0...

  493. 

  494. 		Context->ConnectionData.HostIP = "127.0.0.1";                   // Set to a valid value.

  495. 

  496. 	    } else {

  497. 

  498. 		Context->ConnectionData.HostIP = ntohl(SaIn->sin_addr.s_addr);

  499. 

  500. 	    }

  501. 

  502.             if (MilterDebugMode) {

  503.                 ostringstream Temp;

  504.                 Temp << "Connect from " << Context->ConnectionData.HostName << " ("

  505.                      << (string) Context->ConnectionData.HostIP << ").";

  506.                 logInfo(ContextName, InfoCode, Temp.str());

  507.             }

  508. 

  509. 	    if (0 == SaIn) {                                                    // If HostAddr is 0, don't do a scan.

  510. 

  511. 		return FailSafeMilterResponse;

  512. 

  513. 	    }

  514. 

  515.             SNFMilterAction IpScanResult;                                       // Perform IP scan.

  516. 

  517.             IpScanResult = Context->milterEngine.scanIP(Context->ConnectionData.HostIP);

  518. 

  519.             if (MilterDebugMode) {

  520.                 ostringstream Temp;

  521.                 Temp << "IP scan result for connection from "

  522.                      << Context->ConnectionData.HostName << " ("

  523.                      << (string) Context->ConnectionData.HostIP << "):  " << IpScanResult << ".";

  524.                 logInfo(ContextName, InfoCode, Temp.str());

  525.             }

  526. 

  527.             if ( (Error == IpScanResult) ||                                     // Check for error

  528.                  (Quarantine == IpScanResult) ||

  529.                  (Discard == IpScanResult) ) {

  530.                 std::ostringstream Temp;                                        // Illegal result.

  531.                 Temp << "Illegal result from IP scan for "

  532.                      << (string) Context->ConnectionData.HostIP

  533.                      << ":  " << IpScanResult;

  534.                 throw std::runtime_error(Temp.str());

  535.             }

  536. 

  537.             CallbackResult = Context->smfisReturn(IpScanResult);                // Load return value.

  538.         } catch (exception &E) {

  539.             logError(ContextName, ErrorCode, E.what());

  540.         } catch (...) {

  541.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  542.         }

  543. 

  544.         return CallbackResult;

  545.     }

  546. 

  547.     //

  548.     // HELO callback.

  549.     //

  550.     // This callback is invoked when the connecting MTA sends a HELO

  551.     // message.  It saves the argument of the HELO command in the

  552.     // connection context object.

  553.     //

  554.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  555.     // otherwise.

  556.     //

  557.     sfsistat

  558.     mlfi_helo(SMFICTX *Ctx, char *heloHost)

  559.     {

  560.         const string ContextName = PACKAGE_NAME "::mlfi_helo";

  561.         int ErrorCode = 1;

  562.         int InfoCode = 1;

  563.         sfsistat CallbackResult = FailSafeMilterResponse;

  564.  

  565.         try {

  566. 

  567.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  568. 

  569.             Context->State = SNFMilterContext::Helo;                            // Update context state.

  570. 

  571.             Context->ConnectionData.HostHelo = heloHost;                        // Save the helo host name.

  572. 

  573.             if (MilterDebugMode) {

  574.                 ostringstream Temp;

  575.                 Temp << "HELO " << Context->ConnectionData.HostHelo << " from "

  576.                      << Context->ConnectionData.HostName << " ("

  577.                      << (string) Context->ConnectionData.HostIP << ").";

  578.                 logInfo(ContextName, InfoCode, Temp.str());

  579.             }

  580. 

  581.             CallbackResult =  SMFIS_CONTINUE;                                   // Load return value.

  582.         } catch (exception &E) {

  583.             logError(ContextName, ErrorCode, E.what());

  584.         } catch (...) {

  585.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  586.         }

  587. 

  588.         return CallbackResult;

  589.     }

  590. 

  591.     //

  592.     // envfrom callback.

  593.     //

  594.     // This callback is invoked to process the envelope from line of the

  595.     // mail message.  It clears the message buffer, and adds the local

  596.     // received header to the message buffer to scan.  The local received

  597.     // header is added to the email message in mlfi_eom.

  598.     //

  599.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  600.     // otherwise.

  601.     //

  602.     sfsistat

  603.     mlfi_envfrom(SMFICTX *Ctx, char **argv)

  604.     {

  605.         const string ContextName = PACKAGE_NAME "::mlfi_envfrom";

  606.         int ErrorCode = 1;

  607.         int InfoCode = 1;

  608.         sfsistat CallbackResult = FailSafeMilterResponse;

  609.  

  610.         try {

  611.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  612. 

  613.             Context->State = SNFMilterContext::EnvFrom;                         // Update context state.

  614. 

  615.             Context->MessageData.clear();                                       // This is the beginning of a new message.

  616.                                                                                 // Clear data from any previous message.

  617. 

  618.             if (MilterDebugMode) {

  619.                 Context->MessageData.SenderAddress = argv[0];

  620.                 ostringstream Temp;

  621.                 Temp << "Processing sender address " << Context->MessageData.SenderAddress

  622.                      << " (connection from " << Context->ConnectionData.HostName << " ("

  623.                      << (string) Context->ConnectionData.HostIP << ")).\n";

  624.                 logInfo(ContextName, InfoCode, Temp.str());

  625.             }

  626. 

  627.             CallbackResult =  SMFIS_CONTINUE;                                   // Load return value.

  628.         } catch (exception &E) {

  629.             logError(ContextName, ErrorCode, E.what());

  630.         } catch (...) {

  631.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  632.         }

  633. 

  634.         return CallbackResult;

  635.     }

  636. 

  637.     //

  638.     // envrcpt callback.

  639.     //

  640.     // This callback is invoked to process the envelope receipt line of

  641.     // the mail message.

  642.     //

  643.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  644.     // otherwise.

  645.     //

  646.     sfsistat

  647.     mlfi_envrcpt(SMFICTX *Ctx, char **argv)

  648.     {

  649.         const string ContextName = PACKAGE_NAME "::mlfi_envrcpt";

  650.         int ErrorCode = 1;

  651.         int InfoCode = 1;

  652.         sfsistat CallbackResult = FailSafeMilterResponse;

  653.  

  654.         try {

  655.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  656. 

  657.             // Update context state.

  658.             Context->State = SNFMilterContext::EnvRcpt;

  659. 

  660.             if (MilterDebugMode) {

  661.                 ostringstream Temp;

  662.                 Temp << "Processing recipient " << argv[0] << " for message from "

  663.                      << Context->MessageData.SenderAddress

  664.                      << " (connection from " << Context->ConnectionData.HostName << " ("

  665.                      << (string) Context->ConnectionData.HostIP << ")).";

  666.                 logInfo(ContextName, InfoCode, Temp.str());

  667.             }

  668. 

  669.             CallbackResult =  SMFIS_CONTINUE;                                   // Load return value.

  670.         } catch (exception &E) {

  671.             logError(ContextName, ErrorCode, E.what());

  672.         } catch (...) {

  673.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  674.         }

  675. 

  676.         return CallbackResult;

  677.     }

  678. 

  679.     //

  680.     // header callback.

  681.     //

  682.     // This callback is invoked to process the a header line of the mail

  683.     // message.  It writes the header line + SMTPENDL to the message buffer

  684.     // that is scanned.

  685.     //

  686.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  687.     // otherwise.

  688.     //

  689.     sfsistat

  690.     mlfi_header(SMFICTX *Ctx, char *headerf, char *headerv)

  691.     {

  692.         const string ContextName = PACKAGE_NAME "::mlfi_header";

  693.         int ErrorCode = 1;

  694.         int InfoCode = 1;

  695.         sfsistat CallbackResult = FailSafeMilterResponse;

  696.  

  697.         try {

  698.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  699. 

  700.             Context->State = SNFMilterContext::Header;                          // Update context state.

  701. 

  702.             if (MilterDebugMode) {

  703.                 ostringstream Temp;

  704.                 Temp << "Processing header '" << headerf << ": " << headerv

  705.                      << "' for message from "

  706.                      << Context->MessageData.SenderAddress

  707.                      << " (connection from " << Context->ConnectionData.HostName << " ("

  708.                      << (string) Context->ConnectionData.HostIP << ")).";

  709.                 logInfo(ContextName, InfoCode, Temp.str());

  710.             }

  711. 

  712. 

  713.             Context->MessageData.MessageBuffer += headerf;                      // Add the header.

  714.             Context->MessageData.MessageBuffer += ": ";

  715.             Context->MessageData.MessageBuffer += headerv;

  716.             Context->MessageData.MessageBuffer += SMTPENDL;

  717. 

  718.             CallbackResult =  SMFIS_CONTINUE;                                   // Load return value.

  719.         } catch (exception &E) {

  720.             logError(ContextName, ErrorCode, E.what());

  721.         } catch (...) {

  722.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  723.         }

  724. 

  725.         return CallbackResult;

  726.     }

  727. 

  728.     //

  729.     // End of header callback.

  730.     //

  731.     // This callback is invoked after the last header of the mail

  732.     // message is sent.  It writes SMTPENDL SMTPENDL to the message

  733.     // buffer that is scanned.

  734.     //

  735.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  736.     // otherwise.

  737.     //

  738.     sfsistat

  739.     mlfi_eoh(SMFICTX *Ctx)

  740.     {

  741.         const string ContextName = PACKAGE_NAME "::mlfi_eoh";

  742.         int ErrorCode = 1;

  743.         int InfoCode = 1;

  744.         sfsistat CallbackResult = FailSafeMilterResponse;

  745.  

  746.         try {

  747.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  748. 

  749.             Context->State = SNFMilterContext::EOH;                             // Update context state.

  750. 

  751.             Context->MessageData.MessageBuffer += SMTPENDL + SMTPENDL;          // Add the blank lines..

  752. 

  753.             if (MilterDebugMode) {

  754.                 ostringstream Temp;

  755.                 Temp << "All headers received  for message from "

  756.                      << Context->MessageData.SenderAddress

  757.                      << " (connection from " << Context->ConnectionData.HostName << " ("

  758.                      << (string) Context->ConnectionData.HostIP << ")).  Message buffer--\n'"

  759.                      << Context->MessageData.MessageBuffer << "'.";

  760.                 logInfo(ContextName, InfoCode, Temp.str());

  761.             }

  762. 

  763.             CallbackResult =  SMFIS_CONTINUE;                                   // Load return value.

  764.         } catch (exception &E) {

  765.             logError(ContextName, ErrorCode, E.what());

  766.         } catch (...) {

  767.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  768.         }

  769. 

  770.         return CallbackResult;

  771.     }

  772. 

  773.     //

  774.     // message body callback.

  775.     //

  776.     // This callback is invoked zero or more times to send the body of the

  777.     // mail message is sent. It writes the body to the message buffer that

  778.     // is scanned.

  779.     //

  780.     // Returns: SMFIS_CONTINUE if more of the message body is needed,

  781.     // SkipReturn if more of the message body is not needed, or

  782.     // FailSafeMilterResponse if an error occurs.  Context is the

  783.     // connection context object.

  784.     //

  785.     sfsistat

  786.     mlfi_body(SMFICTX *Ctx, unsigned char *Bodyp, size_t Bodylen)

  787.     {

  788. 

  789.         const string ContextName = PACKAGE_NAME "::mlfi_body";

  790.         int ErrorCode = 1;

  791.         int InfoCode = 1;

  792.         sfsistat CallbackResult = FailSafeMilterResponse;

  793.  

  794.         try {

  795.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  796. 

  797.             Context->State = SNFMilterContext::Body;                            // Update context state.

  798. 

  799.             if (Context->MessageData.MessageBuffer.size() >=                    // Return if there is enough in the

  800.               MailBufferReserveSize) {                                          // message buffer.

  801. 

  802.                 return SkipReturn;

  803. 

  804.             }

  805. 

  806.             if (Context->MessageData.MessageBuffer.size() <                     // Do we need to copy this?

  807.               MailBufferReserveSize) {

  808. 

  809.                 string::size_type NCharToTransfer = MailBufferReserveSize -     // Yes. How much more?

  810.                   Context->MessageData.MessageBuffer.size();

  811. 

  812.                 if (NCharToTransfer > Bodylen) {                                // Don't transfer more characters

  813.                                                                                 // than are available.

  814.                     NCharToTransfer = Bodylen;

  815.                 }

  816.     

  817.                 Context->MessageData.MessageBuffer.append((const char *) Bodyp, // Append the message.

  818.                                                           NCharToTransfer);

  819. 

  820.                 if (MilterDebugMode) {

  821.                     ostringstream Temp;

  822.                     Temp << "Appended " << NCharToTransfer << " bytes to "

  823.                          << "message from " << Context->MessageData.SenderAddress

  824.                          << " (connection from " << Context->ConnectionData.HostName << " ("

  825.                          << (string) Context->ConnectionData.HostIP << ")).  Message length:  "

  826.                          << Context->MessageData.MessageBuffer.size() << ".";

  827.                     logInfo(ContextName, InfoCode, Temp.str());

  828.                 }

  829. 

  830.             } else {

  831.                 if (MilterDebugMode) {

  832.                     ostringstream Temp;

  833.                     Temp << "Discarded " << Bodylen << " bytes "

  834.                          << "message from " << Context->MessageData.SenderAddress

  835.                          << " (connection from " << Context->ConnectionData.HostName << " ("

  836.                          << (string) Context->ConnectionData.HostIP << ")) because "

  837.                          << MailBufferReserveSize << " bytes have already been "

  838.                          << "transferred.  Message length:  "

  839.                          << Context->MessageData.MessageBuffer.size() << ".";

  840.                     logInfo(ContextName, InfoCode, Temp.str());

  841.                 }

  842.             }

  843.             CallbackResult =  SMFIS_CONTINUE;                               // Load return value.

  844.         } catch (exception &E) {

  845.             logError(ContextName, ErrorCode, E.what());

  846.         } catch (...) {

  847.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  848.         }

  849. 

  850.         return CallbackResult;

  851.     }

  852. 

  853.     //

  854.     // End-Of-Message callback.

  855.     //

  856.     // This callback is invoked to when the entire message has been sent

  857.     // to SNFMilter.  It adds the local received header to the email

  858.     // message, and then scans the message body.  If the scan result

  859.     // indicates that the message is to be quarantined, then the message

  860.     // is set to be quarantined (using smfi_quarantine).

  861.     //

  862.     // Returns: SMFIS_CONTINUE, SMFIS_ACCEPT, SMFIS_TEMPFAIL, or

  863.     // SMFIS_DISCARD, SMFIS_REJECT, or FailSafeMilterResponse

  864.     // according to the following mapping:

  865.     //

  866.     //   MessageScan return                       mlfi_connect return

  867.     //

  868.     //   Error                                    FailSafeMilterResponse

  869.     //

  870.     //   Anything else                            SNFMilterContext::smfisReturn(IPScanResult)

  871.     //

  872.     // Side effect: If the MessageScan result is Quarantine, the

  873.     // message is quarantined using smfi_quarantine().

  874.     //

  875.     sfsistat

  876.     mlfi_eom(SMFICTX *Ctx)

  877.     {

  878.         const string ContextName = PACKAGE_NAME "::mlfi_eom";

  879.         int ErrorCode = 1;

  880.         int InfoCode = 1;

  881.         sfsistat CallbackResult = FailSafeMilterResponse;

  882.  

  883.         try {

  884.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  885. 

  886.             Context->State = SNFMilterContext::EOM;                             // Update context state.

  887. 

  888.             if (MilterDebugMode) {

  889.                 ostringstream Temp;

  890.                 Temp << "End of message from " << Context->MessageData.SenderAddress

  891.                      << " (connection from " << Context->ConnectionData.HostName << " ("

  892.                      << (string) Context->ConnectionData.HostIP << ")).";

  893.                 logInfo(ContextName, InfoCode, Temp.str());

  894.             }

  895. 

  896. 

  897.             if (PrependLocalReceivedHeader) {

  898.               Context->MessageData.MessageBuffer.

  899.                 insert(0, Context->getLocalReceivedHeader() + SMTPENDL);        // Prepend local received header line

  900.                                                                                 // to the message buffer.

  901.             }

  902. 

  903.             SNFMilterAction MsgScanResult;                                     // Perform scan.

  904. 

  905.             MsgScanResult =

  906.               Context->milterEngine.scanMessage((unsigned char *) Context->MessageData.MessageBuffer.c_str(),

  907.                                                 Context->MessageData.MessageBuffer.size());

  908. 

  909.             if (MilterDebugMode) {

  910.                 ostringstream Temp;

  911.                 Temp << "Message scan result for message from " << Context->MessageData.SenderAddress

  912.                      << " (connection from " << Context->ConnectionData.HostName << " ("

  913.                      << (string) Context->ConnectionData.HostIP << ")):  " << MsgScanResult << ".";

  914.                 logInfo(ContextName, InfoCode, Temp.str());

  915.             }

  916. 

  917. 

  918.             if (Error == MsgScanResult) {                                       // Check for scan error

  919. 

  920.                 // Illegal result.

  921.                 std::ostringstream Temp;

  922. 

  923.                 Temp << "Illegal message scan result for message from "

  924.                      << Context->MessageData.SenderAddress

  925.                      << " (connection from " << Context->ConnectionData.HostName << " ("

  926.                      << (string) Context->ConnectionData.HostIP << ")):  " << MsgScanResult;

  927.                 throw std::runtime_error(Temp.str());

  928. 

  929.             }

  930. 

  931.             string XHeaders = Context->milterEngine.XHeaders();                 // Fetch X-headers to submit.

  932.             MailHeaders MailHeadersParse;                                       // Object to parse X-headers.

  933. 

  934.             MailHeadersParse.loadHeaders(XHeaders);                             // Load the headers to be parsed.

  935. 

  936.             string HeaderName;                                                  // Name of X-header.

  937.             string HeaderBody;                                                  // Body of X-header, formatted for libmilter.

  938. 

  939.             while (MailHeadersParse.getNameBody(&HeaderName, &HeaderBody)) {    // While there is an X-Header...

  940. 

  941.                 if (MilterDebugMode) {

  942.                     ostringstream Temp;

  943.                     Temp << "Processed X-Header for message from " << Context->MessageData.SenderAddress

  944.                          << " (connection from " << Context->ConnectionData.HostName << " ("

  945.                          << (string) Context->ConnectionData.HostIP << ")).  X-Header name:  '"

  946.                          << HeaderName << "'.  X-Header body:  '" << HeaderBody << "'.";

  947.                     logInfo(ContextName, InfoCode, Temp.str());

  948.                 }

  949. 

  950.                 if (MI_SUCCESS != smfi_addheader(Ctx,                           // Add header to the email message.

  951.                                                  (char *) HeaderName.c_str(),

  952.                                                  (char *) HeaderBody.c_str())) {

  953.                     ostringstream Temp;

  954.                     Temp << "Error adding X-header to message from " << Context->MessageData.SenderAddress

  955.                          << " (connection from " << Context->ConnectionData.HostName << " ("

  956.                          << (string) Context->ConnectionData.HostIP

  957.                          << ")).\nX-Header name:  '" << HeaderName << "'.  X-Header body--\n'"

  958.                          << HeaderBody << "'.";

  959.                     logError(ContextName, 1, Temp.str());

  960.                 }

  961.             }

  962. 

  963.             if (Quarantine == MsgScanResult) {                                  // Quarantine the message?

  964. 

  965.                 if (MilterDebugMode) {

  966.                     ostringstream Temp;

  967.                     Temp << "Quarantining message from " << Context->MessageData.SenderAddress

  968.                          << " (connection from " << Context->ConnectionData.HostName << " ("

  969.                          << (string) Context->ConnectionData.HostIP << ")).";

  970.                     logInfo(ContextName, InfoCode, Temp.str());

  971.                 }

  972. 

  973.                 if (MI_SUCCESS != smfi_quarantine(Ctx,

  974.                                                   (char *) "Quarantined by " PACKAGE_NAME)) {

  975. 

  976.                     ostringstream Temp;

  977.                     Temp << "Error quarantining message from "

  978.                          << Context->MessageData.SenderAddress

  979.                          << " (connection from " << Context->ConnectionData.HostName << " ("

  980.                          << (string) Context->ConnectionData.HostIP << ")).";

  981.                     logError(ContextName, 1, Temp.str());

  982. 

  983.                 }

  984. 

  985.                 return SMFIS_CONTINUE;

  986.             }

  987. 

  988.             CallbackResult = Context->smfisReturn(MsgScanResult);               // Load return value.

  989.         } catch (exception &E) {

  990.             logError(ContextName, ErrorCode, E.what());

  991.         } catch (...) {

  992.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  993.         }

  994. 

  995.         return CallbackResult;

  996.     }

  997. 

  998.     //

  999.     // Callback for aborting the message.

  1000.     //

  1001.     // This callback is invoked to when the processing of the current

  1002.     // message is to be aborted.  It logs the abort as an info event,

  1003.     // clears the email message buffer, and sets the state to

  1004.     // connected.

  1005.     //

  1006.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  1007.     // otherwise.

  1008.     //

  1009.     sfsistat

  1010.     mlfi_abort(SMFICTX *Ctx)

  1011.     {

  1012.         const string ContextName = PACKAGE_NAME "::mlfi_abort";

  1013.         int ErrorCode = 1;

  1014.         int InfoCode = 1;

  1015.         sfsistat CallbackResult = FailSafeMilterResponse;

  1016.  

  1017.         try {

  1018.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  1019. 

  1020.             Context->State = SNFMilterContext::Connect;                         // Update context state.

  1021. 

  1022.             ostringstream Temp;                                                 // Log message.

  1023.             Temp << "Aborted processing of message from " << Context->MessageData.SenderAddress

  1024.                  << " (connection from " << Context->ConnectionData.HostName << " ("

  1025.                  << (string) Context->ConnectionData.HostIP << ")).";

  1026.             logInfo(ContextName, InfoCode, Temp.str());

  1027. 

  1028.             Context->MessageData.clear();                                       // Clear data for this message.

  1029.             CallbackResult =  SMFIS_CONTINUE;                                   // Load return value.

  1030.         } catch (exception &E) {

  1031.             logError(ContextName, ErrorCode, E.what());

  1032.         } catch (...) {

  1033.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  1034.         }

  1035. 

  1036.         return CallbackResult;

  1037. 

  1038.     }

  1039. 

  1040.     //

  1041.     // Callback for closing the connection.

  1042.     //

  1043.     // This callback is invoked to when the connection with the remote MTA is closed.

  1044.     // It returns the connection context object to the pool.

  1045.     //

  1046.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  1047.     // otherwise.

  1048.     //

  1049.     sfsistat

  1050.     mlfi_close(SMFICTX *Ctx)

  1051.     {

  1052.         const string ContextName = PACKAGE_NAME "::mlfi_close";

  1053.         int ErrorCode = 1;

  1054.         int InfoCode = 1;

  1055.         sfsistat CallbackResult = FailSafeMilterResponse;

  1056.  

  1057.         try {

  1058.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  1059. 

  1060.             Context->State = SNFMilterContext::Close;                           // Update context state.

  1061. 

  1062.             if (MilterDebugMode) {

  1063.                 ostringstream Temp;

  1064.                 Temp << "Closing connection from "

  1065.                      << Context->ConnectionData.HostName << " ("

  1066.                      << (string) Context->ConnectionData.HostIP << ").";

  1067.                 logInfo(ContextName, InfoCode, Temp.str());

  1068.             }

  1069. 

  1070. 

  1071.             MilterContexts->drop(Context);                                      // Return the context object.

  1072. 

  1073.             smfi_setpriv(Ctx, 0);

  1074.             CallbackResult =  SMFIS_CONTINUE;                                   // Load return value.

  1075.         } catch (exception &E) {

  1076.             logError(ContextName, ErrorCode, E.what());

  1077.         } catch (...) {

  1078.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  1079.         }

  1080. 

  1081.         return CallbackResult;

  1082. 

  1083.     }

  1084. 

  1085. #ifdef NEW_LIBMILTER

  1086.     //

  1087.     // Callback for unknown SMTP command.

  1088.     //

  1089.     // This callback is invoked to when an unknown SMTP command is

  1090.     // received by the local MTA.  The unknown command is logged.

  1091.     //

  1092.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  1093.     // otherwise.

  1094.     //

  1095.     sfsistat

  1096.     mlfi_unknown(SMFICTX *Ctx, const char *Cmd)

  1097.     {

  1098.         const string ContextName = PACKAGE_NAME "::mlfi_unknown";

  1099.         int ErrorCode = 1;

  1100.         int InfoCode = 1;

  1101.         sfsistat CallbackResult = FailSafeMilterResponse;

  1102.  

  1103.         try {

  1104.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  1105. 

  1106.             ostringstream Temp;                                                 // Log.

  1107.             Temp << "Unknown SMTP command from "

  1108.                  << Context->ConnectionData.HostName << " ("

  1109.                  << (string) Context->ConnectionData.HostIP << "):  '"

  1110.                  << *Cmd << "'";

  1111.             logInfo(ContextName, InfoCode, Temp.str());

  1112. 

  1113.             CallbackResult =  SMFIS_CONTINUE;                                   // Load return value.

  1114.         } catch (exception &E) {

  1115.             logError(ContextName, ErrorCode, E.what());

  1116.         } catch (...) {

  1117.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  1118.         }

  1119. 

  1120.         return CallbackResult;

  1121. 

  1122.     }

  1123. 

  1124.     //

  1125.     // data callback.

  1126.     //

  1127.     // This callback is invoked when the connecting MTA sends a DATA

  1128.     // message.

  1129.     //

  1130.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  1131.     // otherwise.

  1132.     //

  1133.     sfsistat

  1134.     mlfi_data(SMFICTX *Ctx)

  1135.     {

  1136.         const string ContextName = PACKAGE_NAME "::mlfi_data";

  1137.         int ErrorCode = 1;

  1138.         int InfoCode = 1;

  1139.         sfsistat CallbackResult = FailSafeMilterResponse;

  1140.  

  1141.         try {

  1142.             SNFMilterContext *Context = getContextFromCtx(Ctx);                 // Get the context object.

  1143. 

  1144.             Context->State = SNFMilterContext::Data;                            // Update context state.

  1145. 

  1146.             if (MilterDebugMode) {

  1147.                 ostringstream Temp;

  1148.                 Temp << "DATA for message from "

  1149.                      << Context->MessageData.SenderAddress

  1150.                      << " (connection from " << Context->ConnectionData.HostName << " ("

  1151.                      << (string) Context->ConnectionData.HostIP << ")).";

  1152.                 logInfo(ContextName, InfoCode, Temp.str());

  1153.             }

  1154. 

  1155.             CallbackResult =  SMFIS_CONTINUE;                                   // Load return value.

  1156.         } catch (exception &E) {

  1157.             logError(ContextName, ErrorCode, E.what());

  1158.         } catch (...) {

  1159.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  1160.         }

  1161. 

  1162.         return CallbackResult;

  1163.     }

  1164. 

  1165.     //

  1166.     // Callback for negotiating the capabilities of the MTA.

  1167.     //

  1168.     // This callback is invoked at the start of each SMTP connection.

  1169.     // It obtains an available connection context object if one hasn't

  1170.     // already been assigned, checks whether the MTA can accept an

  1171.     // SMFIS_SKIP return, and configures the connection context object

  1172.     // to return an acceptable value.

  1173.     //

  1174.     // Returns: SMFIS_CONTINUE if no error, FailSafeMilterResponse

  1175.     // otherwise.

  1176.     //

  1177.     sfsistat

  1178.     mlfi_negotiate(SMFICTX *Ctx,

  1179.                    unsigned long F0,

  1180.                    unsigned long F1,

  1181.                    unsigned long F2,

  1182.                    unsigned long F3,

  1183.                    unsigned long *PF0,

  1184.                    unsigned long *PF1,

  1185.                    unsigned long *PF2,

  1186.                    unsigned long *PF3)

  1187.     {

  1188.         const string ContextName = PACKAGE_NAME "::mlfi_negotiate";

  1189.         int ErrorCode = 1;

  1190.         int InfoCode = 1;

  1191.         sfsistat CallbackResult = SMFIS_ALL_OPTS;

  1192.  

  1193.         try {

  1194.             bool AcceptsSkip = F1 & SMFIP_SKIP;

  1195.             if (AcceptsSkip) {                                                  // MTA accepts SMFIS_SKIP return?

  1196.                 SkipReturn = SMFIS_SKIP;                                        // Yes.  Use SMFIS_SKIP.

  1197.             } else {

  1198.                 SkipReturn = SMFIS_CONTINUE;                                    // No.  Use SMFIS_CONTINUE.

  1199.             }

  1200. 

  1201.             if (MilterDebugMode) {

  1202.                 ostringstream Temp;                                             // Log message.

  1203.                 Temp << "MTA does " << (AcceptsSkip ? "" : "not ") << "accept SMFIS_SKIP.";

  1204.                 logInfo(ContextName, InfoCode, Temp.str());

  1205.             }

  1206.             CallbackResult =  SMFIS_ALL_OPTS;                                   // Load return value.

  1207.         } catch (exception &E) {

  1208.             logError(ContextName, ErrorCode, E.what());

  1209.         } catch (...) {

  1210.             logError(ContextName, ErrorCode, UnknownExceptionMessage);

  1211.         }

  1212. 

  1213.         return CallbackResult;

  1214. 

  1215.     }

  1216. 

  1217. #endif

  1218. 

  1219. }

  1220. 

  1221. // End of SNFMilter callback definitions, constants, and global data.

  1222. ////////////////////////////////////////////////////////////////////////////////

  1223. 

  1224. ////////////////////////////////////////////////////////////////////////////////

  1225. // SNFMilter setup & run function.

  1226. 

  1227. // The runLibMilter function establishes the appropriate libmilter call backs and

  1228. // accepts calls from the MTA via libmilter until it is told to quit. When it

  1229. // is told to quit it gracefully closes down, reclaims any memory it allocated,

  1230. // and returns.

  1231. 

  1232. void runLibMilter(SNFMilterContextPool* Contexts, bool DebugMode) {             // Run the milter 'til it's done.

  1233. 

  1234.     MilterContexts = Contexts;                                                  // Save the pool of context objects.

  1235.     MilterDebugMode = DebugMode;                                                // Save the debug mode flag.

  1236. 

  1237. #if 0

  1238.     if (MilterDebugMode) {

  1239.         openlog(PACKAGE_NAME, LOG_PID | LOG_PERROR, LOG_MAIL);                  // Initialize system logging to log

  1240.                                                                                 // messages to mail file.

  1241.     }

  1242. #endif

  1243. 

  1244.     struct smfiDesc smfilter = {                                                // Load structure containing callbacks.

  1245.         (char *) PACKAGE_NAME,	                                                // Filter name.

  1246.         SMFI_VERSION,	                                                        // Version code -- do not change.

  1247.         SMFIF_ADDHDRS | SMFIF_QUARANTINE,                                       // Flags.

  1248.         mlfi_connect,                                                           // Connection info callback.

  1249.         mlfi_helo,                                                              // SMTP HELO command callback.

  1250.         mlfi_envfrom,                                                           // Envelope sender callback.

  1251.         mlfi_envrcpt,                                                           // Envelope recipient callback.

  1252.         mlfi_header,                                                            // Header callback.

  1253.         mlfi_eoh,                                                               // End of headers callback.

  1254.         mlfi_body,                                                              // Body block callback.

  1255.         mlfi_eom,                                                               // End of message callback.

  1256.         mlfi_abort,                                                             // Message abort callback.

  1257.         mlfi_close                                                              // Connection closed callback.

  1258. #ifdef NEW_LIBMILTER

  1259.         ,

  1260.         mlfi_unknown,                                                           // Unknown SMTP command callback.

  1261.         mlfi_data,                                                              // DATA ccallback.

  1262.         mlfi_negotiate                                                          // Negotiation at the start of each SMTP

  1263. #endif

  1264.                                                                                 // connection callback.

  1265.     };

  1266. 

  1267.     string MilterConnSpec;

  1268. 

  1269.     switch (Contexts->getSocketType()) {                                        // Configure the connection.

  1270.     case UNIXMilterSocket:

  1271. 

  1272.         MilterConnSpec = "unix:" +  Contexts->getSocketPath();                  // Generate the connection spec.

  1273.               

  1274.         break;

  1275. 

  1276.     case TCPMilterSocket:

  1277.         {

  1278.             ostringstream Temp;

  1279. 

  1280.             Temp << "inet:" << Contexts->getSocketPort() << "@"                 // Generate the connection spec.

  1281.                  << Contexts->getSocketIP();

  1282.             MilterConnSpec = Temp.str();

  1283.         }

  1284. 

  1285.         break;

  1286. 

  1287.     default:

  1288.         {

  1289.             ostringstream Temp;

  1290.             Temp << PACKAGE " internal error:  Invalid socket type from SNFMilterContextPool.";

  1291.             throw logic_error(Temp.str());

  1292.         }

  1293.     }

  1294. 

  1295.     if (MI_FAILURE == smfi_setconn(const_cast<char *>(MilterConnSpec.c_str()))) {

  1296.         ostringstream Temp;

  1297.         Temp << "smfi_setconn failed with input \"" << MilterConnSpec << "\"";

  1298.         throw std::runtime_error(Temp.str());

  1299.     }

  1300. 

  1301.     if (MI_FAILURE == smfi_register(smfilter)) {                                // Register the callbacks.

  1302.         string msg = "smfi_register failed";

  1303.         throw std::runtime_error(msg);

  1304.     }

  1305. 

  1306.     if (UNIXMilterSocket == Contexts->getSocketType()) {

  1307.         if (MI_FAILURE == smfi_opensocket(true)) {                              // Create the named pipe.

  1308.             ostringstream Temp;

  1309.             Temp << "smfi_opensocket failed for \"" << MilterConnSpec << "\"";

  1310.             throw std::runtime_error(Temp.str());

  1311.         }

  1312. 

  1313.         string MilterConnPath = Contexts->getSocketPath();

  1314. 

  1315.         if (chmod(MilterConnPath.c_str(),                                       // Set permissions.

  1316.                   S_IRUSR | S_IWUSR |

  1317.                   S_IRGRP | S_IWGRP) != 0) {

  1318.             ostringstream Temp;

  1319.             Temp << "Error setting permissions of " << MilterConnPath << ":  "

  1320.                  << strerror(errno);

  1321.             throw runtime_error(Temp.str());

  1322.         }

  1323. 

  1324.         string GroupName = Contexts->getSocketGroup();

  1325.         if (0 != GroupName.size()) {                                            // Was a group specified?

  1326.             struct group *Group = getgrnam(GroupName.c_str());                  // Get the ID of the group.

  1327.             errno = 0;

  1328.             if (NULL == Group) {

  1329.                 ostringstream Temp;

  1330.                 if (0 != errno) {                                               // Error?

  1331.                     Temp << "Error obtaining the group ID of " << GroupName << ":  "

  1332.                          << strerror(errno);

  1333.                 } else {                                                        // Group not found.

  1334.                     Temp << "Error obtaining the group ID of " << GroupName << ":  "

  1335.                          << "No such group";

  1336.                 }

  1337.                 throw runtime_error(Temp.str());

  1338.             }

  1339. 

  1340.             if (chown(MilterConnPath.c_str(),                                   // Set group.

  1341.                       -1,

  1342.                       Group->gr_gid) != 0) {

  1343.                 ostringstream Temp;

  1344.                 Temp << "Error setting group of " << MilterConnPath << " to "

  1345.                      << Group->gr_name << ":  " << strerror(errno);

  1346.                 throw runtime_error(Temp.str());

  1347.             }

  1348.         }

  1349.     }

  1350. 

  1351.     if (MI_FAILURE == smfi_main()) {                                            // Hand control to libmilter

  1352.         string msg = "smfi_main failed";

  1353.         throw std::runtime_error(msg);

  1354.     }

  1355. 

  1356.     const string ContextName = "--EXITING--";

  1357.     int ErrorCode = 1;

  1358.     int InfoCode = 1;

  1359. 

  1360.     logInfo(ContextName, InfoCode, "Shutdown command received.  Waiting for message processing to complete...");

  1361. 

  1362.     Sleeper WaitATic;

  1363. 

  1364.     try {

  1365. 

  1366.         WaitATic.setMillisecondsToSleep(ShutdownWaitPeriod_ms);                 // Learn to wait.

  1367. 

  1368.     }

  1369.     catch(...) {

  1370. 

  1371.         ostringstream Temp;

  1372.         Temp << "Invalid value for ShutdownWaitPeriod_ms:  " << ShutdownWaitPeriod_ms << ".";

  1373.         throw out_of_range(Temp.str());

  1374. 

  1375.     }

  1376. 

  1377.     int iPeriod = 0;                                                            // Number of periods waited.

  1378. 

  1379.     while (!MilterContexts->allUnused() && iPeriod < ShutdownPeriods) {

  1380. 

  1381.         iPeriod++;

  1382.         WaitATic();                                                             // Wait a period.

  1383.         

  1384.     }

  1385. 

  1386.     if (!MilterContexts->allUnused()) {

  1387. 

  1388.         logError(ContextName, ErrorCode, "Not all messages finished processing.");

  1389. 

  1390.     }

  1391. 

  1392.     logInfo(ContextName, InfoCode, "Exiting");

  1393. 

  1394.     WaitATic();                                                                 // Wait for messages to be logged.

  1395. 

  1396.     MilterContexts = 0;                                                         // Turn off.

  1397. 

  1398. }