summaryrefslogtreecommitdiffstats
path: root/src/postmap/postmap.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/postmap/postmap.c1173
1 files changed, 1173 insertions, 0 deletions
diff --git a/src/postmap/postmap.c b/src/postmap/postmap.c
new file mode 100644
index 0000000..2826fc6
--- /dev/null
+++ b/src/postmap/postmap.c
@@ -0,0 +1,1173 @@
+/*++
+/* NAME
+/* postmap 1
+/* SUMMARY
+/* Postfix lookup table management
+/* SYNOPSIS
+/* .fi
+/* \fBpostmap\fR [\fB-bfFhimnNoprsuUvw\fR] [\fB-c \fIconfig_dir\fR]
+/* [\fB-d \fIkey\fR] [\fB-q \fIkey\fR]
+/* [\fIfile_type\fR:]\fIfile_name\fR ...
+/* DESCRIPTION
+/* The \fBpostmap\fR(1) command creates or queries one or more Postfix
+/* lookup tables, or updates an existing one.
+/*
+/* If the result files do not exist they will be created with the
+/* same group and other read permissions as their source file.
+/*
+/* While the table update is in progress, signal delivery is
+/* postponed, and an exclusive, advisory, lock is placed on the
+/* entire table, in order to avoid surprises in spectator
+/* processes.
+/* INPUT FILE FORMAT
+/* .ad
+/* .fi
+/* The format of a lookup table input file is as follows:
+/* .IP \(bu
+/* A table entry has the form
+/* .sp
+/* .nf
+/* \fIkey\fR whitespace \fIvalue\fR
+/* .fi
+/* .IP \(bu
+/* Empty lines and whitespace-only lines are ignored, as
+/* are lines whose first non-whitespace character is a `#'.
+/* .IP \(bu
+/* A logical line starts with non-whitespace text. A line that
+/* starts with whitespace continues a logical line.
+/* .PP
+/* The \fIkey\fR and \fIvalue\fR are processed as is, except that
+/* surrounding white space is stripped off. Whitespace in lookup
+/* keys is supported in Postfix 3.2 and later, by surrounding the
+/* key with double quote characters `"'. Within the double quotes,
+/* double quote `"' and backslash `\\' characters can be included
+/* by quoting them with a preceding backslash.
+/*
+/* When the \fB-F\fR option is given, the \fIvalue\fR must
+/* specify one or more filenames separated by comma and/or
+/* whitespace; \fBpostmap\fR(1) will concatenate the file
+/* content (with a newline character inserted between files)
+/* and will store the base64-encoded result instead of the
+/* \fIvalue\fR.
+/*
+/* When the \fIkey\fR specifies email address information, the
+/* localpart should be enclosed with double quotes if required
+/* by RFC 5322. For example, an address localpart that contains
+/* ";", or a localpart that starts or ends with ".".
+/*
+/* By default the lookup key is mapped to lowercase to make
+/* the lookups case insensitive; as of Postfix 2.3 this case
+/* folding happens only with tables whose lookup keys are
+/* fixed-case strings such as btree:, dbm: or hash:. With
+/* earlier versions, the lookup key is folded even with tables
+/* where a lookup field can match both upper and lower case
+/* text, such as regexp: and pcre:. This resulted in loss of
+/* information with $\fInumber\fR substitutions.
+/* COMMAND-LINE ARGUMENTS
+/* .ad
+/* .fi
+/* .IP \fB-b\fR
+/* Enable message body query mode. When reading lookup keys
+/* from standard input with "\fB-q -\fR", process the input
+/* as if it is an email message in RFC 5322 format. Each line
+/* of body content becomes one lookup key.
+/* .sp
+/* By default, the \fB-b\fR option starts generating lookup
+/* keys at the first non-header line, and stops when the end
+/* of the message is reached.
+/* To simulate \fBbody_checks\fR(5) processing, enable MIME
+/* parsing with \fB-m\fR. With this, the \fB-b\fR option
+/* generates no body-style lookup keys for attachment MIME
+/* headers and for attached message/* headers.
+/* .sp
+/* NOTE: with "smtputf8_enable = yes", the \fB-b\fR option
+/* disables UTF-8 syntax checks on query keys and lookup
+/* results. Specify the \fB-U\fR option to force UTF-8
+/* syntax checks anyway.
+/* .sp
+/* This feature is available in Postfix version 2.6 and later.
+/* .IP "\fB-c \fIconfig_dir\fR"
+/* Read the \fBmain.cf\fR configuration file in the named directory
+/* instead of the default configuration directory.
+/* .IP "\fB-d \fIkey\fR"
+/* Search the specified maps for \fIkey\fR and remove one entry per map.
+/* The exit status is zero when the requested information was found.
+/*
+/* If a key value of \fB-\fR is specified, the program reads key
+/* values from the standard input stream. The exit status is zero
+/* when at least one of the requested keys was found.
+/* .IP \fB-f\fR
+/* Do not fold the lookup key to lower case while creating or querying
+/* a table.
+/*
+/* With Postfix version 2.3 and later, this option has no
+/* effect for regular expression tables. There, case folding
+/* is controlled by appending a flag to a pattern.
+/* .IP \fB-F\fR
+/* When querying a map, or listing a map, base64-decode each
+/* value. When creating a map from source file, process each
+/* value as a list of filenames, concatenate the content of
+/* those files, and store the base64-encoded result instead
+/* of the value (see INPUT FILE FORMAT for details).
+/* .sp
+/* This feature is available in Postfix version 3.4 and later.
+/* .IP \fB-h\fR
+/* Enable message header query mode. When reading lookup keys
+/* from standard input with "\fB-q -\fR", process the input
+/* as if it is an email message in RFC 5322 format. Each
+/* logical header line becomes one lookup key. A multi-line
+/* header becomes one lookup key with one or more embedded
+/* newline characters.
+/* .sp
+/* By default, the \fB-h\fR option generates lookup keys until
+/* the first non-header line is reached.
+/* To simulate \fBheader_checks\fR(5) processing, enable MIME
+/* parsing with \fB-m\fR. With this, the \fB-h\fR option also
+/* generates header-style lookup keys for attachment MIME
+/* headers and for attached message/* headers.
+/* .sp
+/* NOTE: with "smtputf8_enable = yes", the \fB-b\fR option
+/* option disables UTF-8 syntax checks on query keys and
+/* lookup results. Specify the \fB-U\fR option to force UTF-8
+/* syntax checks anyway.
+/* .sp
+/* This feature is available in Postfix version 2.6 and later.
+/* .IP \fB-i\fR
+/* Incremental mode. Read entries from standard input and do not
+/* truncate an existing database. By default, \fBpostmap\fR(1) creates
+/* a new database from the entries in \fBfile_name\fR.
+/* .IP \fB-m\fR
+/* Enable MIME parsing with "\fB-b\fR" and "\fB-h\fR".
+/* .sp
+/* This feature is available in Postfix version 2.6 and later.
+/* .IP \fB-N\fR
+/* Include the terminating null character that terminates lookup keys
+/* and values. By default, \fBpostmap\fR(1) does whatever is
+/* the default for
+/* the host operating system.
+/* .IP \fB-n\fR
+/* Don't include the terminating null character that terminates lookup
+/* keys and values. By default, \fBpostmap\fR(1) does whatever
+/* is the default for
+/* the host operating system.
+/* .IP \fB-o\fR
+/* Do not release root privileges when processing a non-root
+/* input file. By default, \fBpostmap\fR(1) drops root privileges
+/* and runs as the source file owner instead.
+/* .IP \fB-p\fR
+/* Do not inherit the file access permissions from the input file
+/* when creating a new file. Instead, create a new file with default
+/* access permissions (mode 0644).
+/* .IP "\fB-q \fIkey\fR"
+/* Search the specified maps for \fIkey\fR and write the first value
+/* found to the standard output stream. The exit status is zero
+/* when the requested information was found.
+/*
+/* Note: this performs a single query with the key as specified,
+/* and does not make iterative queries with substrings of the
+/* key as described for access(5), canonical(5), transport(5),
+/* virtual(5) and other Postfix table-driven features.
+/*
+/* If a key value of \fB-\fR is specified, the program reads key
+/* values from the standard input stream and writes one line of
+/* \fIkey value\fR output for each key that was found. The exit
+/* status is zero when at least one of the requested keys was found.
+/* .IP \fB-r\fR
+/* When updating a table, do not complain about attempts to update
+/* existing entries, and make those updates anyway.
+/* .IP \fB-s\fR
+/* Retrieve all database elements, and write one line of
+/* \fIkey value\fR output for each element. The elements are
+/* printed in database order, which is not necessarily the same
+/* as the original input order.
+/* .sp
+/* This feature is available in Postfix version 2.2 and later,
+/* and is not available for all database types.
+/* .IP \fB-u\fR
+/* Disable UTF-8 support. UTF-8 support is enabled by default
+/* when "smtputf8_enable = yes". It requires that keys and
+/* values are valid UTF-8 strings.
+/* .IP \fB-U\fR
+/* With "smtputf8_enable = yes", force UTF-8 syntax checks
+/* with the \fB-b\fR and \fB-h\fR options.
+/* .IP \fB-v\fR
+/* Enable verbose logging for debugging purposes. Multiple \fB-v\fR
+/* options make the software increasingly verbose.
+/* .IP \fB-w\fR
+/* When updating a table, do not complain about attempts to update
+/* existing entries, and ignore those attempts.
+/* .PP
+/* Arguments:
+/* .IP \fIfile_type\fR
+/* The database type. To find out what types are supported, use
+/* the "\fBpostconf -m\fR" command.
+/*
+/* The \fBpostmap\fR(1) command can query any supported file type,
+/* but it can create only the following file types:
+/* .RS
+/* .IP \fBbtree\fR
+/* The output file is a btree file, named \fIfile_name\fB.db\fR.
+/* This is available on systems with support for \fBdb\fR databases.
+/* .IP \fBcdb\fR
+/* The output consists of one file, named \fIfile_name\fB.cdb\fR.
+/* This is available on systems with support for \fBcdb\fR databases.
+/* .IP \fBdbm\fR
+/* The output consists of two files, named \fIfile_name\fB.pag\fR and
+/* \fIfile_name\fB.dir\fR.
+/* This is available on systems with support for \fBdbm\fR databases.
+/* .IP \fBfail\fR
+/* A table that reliably fails all requests. The lookup table
+/* name is used for logging only. This table exists to simplify
+/* Postfix error tests.
+/* .IP \fBhash\fR
+/* The output file is a hashed file, named \fIfile_name\fB.db\fR.
+/* This is available on systems with support for \fBdb\fR databases.
+/* .IP \fBlmdb\fR
+/* The output is a btree-based file, named \fIfile_name\fB.lmdb\fR.
+/* \fBlmdb\fR supports concurrent writes and reads from different
+/* processes, unlike other supported file-based tables.
+/* This is available on systems with support for \fBlmdb\fR databases.
+/* .IP \fBsdbm\fR
+/* The output consists of two files, named \fIfile_name\fB.pag\fR and
+/* \fIfile_name\fB.dir\fR.
+/* This is available on systems with support for \fBsdbm\fR databases.
+/* .PP
+/* When no \fIfile_type\fR is specified, the software uses the database
+/* type specified via the \fBdefault_database_type\fR configuration
+/* parameter.
+/* .RE
+/* .IP \fIfile_name\fR
+/* The name of the lookup table source file when rebuilding a database.
+/* DIAGNOSTICS
+/* Problems are logged to the standard error stream and to
+/* \fBsyslogd\fR(8) or \fBpostlogd\fR(8).
+/* No output means that no problems were detected. Duplicate entries are
+/* skipped and are flagged with a warning.
+/*
+/* \fBpostmap\fR(1) terminates with zero exit status in case of success
+/* (including successful "\fBpostmap -q\fR" lookup) and terminates
+/* with non-zero exit status in case of failure.
+/* ENVIRONMENT
+/* .ad
+/* .fi
+/* .IP \fBMAIL_CONFIG\fR
+/* Directory with Postfix configuration files.
+/* .IP \fBMAIL_VERBOSE\fR
+/* Enable verbose logging for debugging purposes.
+/* CONFIGURATION PARAMETERS
+/* .ad
+/* .fi
+/* The following \fBmain.cf\fR parameters are especially relevant to
+/* this program.
+/* The text below provides only a parameter summary. See
+/* \fBpostconf\fR(5) for more details including examples.
+/* .IP "\fBberkeley_db_create_buffer_size (16777216)\fR"
+/* The per-table I/O buffer size for programs that create Berkeley DB
+/* hash or btree tables.
+/* .IP "\fBberkeley_db_read_buffer_size (131072)\fR"
+/* The per-table I/O buffer size for programs that read Berkeley DB
+/* hash or btree tables.
+/* .IP "\fBconfig_directory (see 'postconf -d' output)\fR"
+/* The default location of the Postfix main.cf and master.cf
+/* configuration files.
+/* .IP "\fBdefault_database_type (see 'postconf -d' output)\fR"
+/* The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
+/* and \fBpostmap\fR(1) commands.
+/* .IP "\fBimport_environment (see 'postconf -d' output)\fR"
+/* The list of environment variables that a privileged Postfix
+/* process will import from a non-Postfix parent process, or name=value
+/* environment overrides.
+/* .IP "\fBsmtputf8_enable (yes)\fR"
+/* Enable preliminary SMTPUTF8 support for the protocols described
+/* in RFC 6531, RFC 6532, and RFC 6533.
+/* .IP "\fBsyslog_facility (mail)\fR"
+/* The syslog facility of Postfix logging.
+/* .IP "\fBsyslog_name (see 'postconf -d' output)\fR"
+/* A prefix that is prepended to the process name in syslog
+/* records, so that, for example, "smtpd" becomes "prefix/smtpd".
+/* .PP
+/* Available in Postfix 2.11 and later:
+/* .IP "\fBlmdb_map_size (16777216)\fR"
+/* The initial OpenLDAP LMDB database size limit in bytes.
+/* SEE ALSO
+/* postalias(1), create/update/query alias database
+/* postconf(1), supported database types
+/* postconf(5), configuration parameters
+/* postlogd(8), Postfix logging
+/* syslogd(8), system logging
+/* README FILES
+/* .ad
+/* .fi
+/* Use "\fBpostconf readme_directory\fR" or
+/* "\fBpostconf html_directory\fR" to locate this information.
+/* .na
+/* .nf
+/* DATABASE_README, Postfix lookup table overview
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+#include <sys/stat.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <ctype.h>
+#include <string.h>
+
+/* Utility library. */
+
+#include <msg.h>
+#include <mymalloc.h>
+#include <vstring.h>
+#include <vstream.h>
+#include <msg_vstream.h>
+#include <readlline.h>
+#include <stringops.h>
+#include <split_at.h>
+#include <vstring_vstream.h>
+#include <set_eugid.h>
+#include <warn_stat.h>
+#include <clean_env.h>
+#include <dict_db.h>
+
+/* Global library. */
+
+#include <mail_conf.h>
+#include <mail_dict.h>
+#include <mail_params.h>
+#include <mail_version.h>
+#include <mail_task.h>
+#include <dict_proxy.h>
+#include <mime_state.h>
+#include <rec_type.h>
+#include <mail_parm_split.h>
+#include <maillog_client.h>
+
+/* Application-specific. */
+
+#define STR vstring_str
+#define LEN VSTRING_LEN
+
+#define POSTMAP_FLAG_AS_OWNER (1<<0) /* open dest as owner of source */
+#define POSTMAP_FLAG_SAVE_PERM (1<<1) /* copy access permission from source */
+#define POSTMAP_FLAG_HEADER_KEY (1<<2) /* apply to header text */
+#define POSTMAP_FLAG_BODY_KEY (1<<3) /* apply to body text */
+#define POSTMAP_FLAG_MIME_KEY (1<<4) /* enable MIME parsing */
+
+#define POSTMAP_FLAG_HB_KEY (POSTMAP_FLAG_HEADER_KEY | POSTMAP_FLAG_BODY_KEY)
+#define POSTMAP_FLAG_FULL_KEY (POSTMAP_FLAG_BODY_KEY | POSTMAP_FLAG_MIME_KEY)
+#define POSTMAP_FLAG_ANY_KEY (POSTMAP_FLAG_HB_KEY | POSTMAP_FLAG_MIME_KEY)
+
+ /*
+ * MIME Engine call-back state for generating lookup keys from an email
+ * message read from standard input.
+ */
+typedef struct {
+ DICT **dicts; /* map handles */
+ char **maps; /* map names */
+ int map_count; /* yes, indeed */
+ int dict_flags; /* query flags */
+ int header_done; /* past primary header */
+ int found; /* result */
+} POSTMAP_KEY_STATE;
+
+/* postmap - create or update mapping database */
+
+static void postmap(char *map_type, char *path_name, int postmap_flags,
+ int open_flags, int dict_flags)
+{
+ VSTREAM *NOCLOBBER source_fp;
+ VSTRING *line_buffer;
+ MKMAP *mkmap;
+ int lineno;
+ int last_line;
+ char *key;
+ char *value;
+ struct stat st;
+ mode_t saved_mask;
+
+ /*
+ * Initialize.
+ */
+ line_buffer = vstring_alloc(100);
+ if ((open_flags & O_TRUNC) == 0) {
+ /* Incremental mode. */
+ source_fp = VSTREAM_IN;
+ vstream_control(source_fp, CA_VSTREAM_CTL_PATH("stdin"), CA_VSTREAM_CTL_END);
+ } else {
+ /* Create database. */
+ if (strcmp(map_type, DICT_TYPE_PROXY) == 0)
+ msg_fatal("can't create maps via the proxy service");
+ dict_flags |= DICT_FLAG_BULK_UPDATE;
+ if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0)
+ msg_fatal("open %s: %m", path_name);
+ }
+ if (fstat(vstream_fileno(source_fp), &st) < 0)
+ msg_fatal("fstat %s: %m", path_name);
+
+ /*
+ * Turn off group/other read permissions as indicated in the source file.
+ */
+ if ((postmap_flags & POSTMAP_FLAG_SAVE_PERM) && S_ISREG(st.st_mode))
+ saved_mask = umask(022 | (~st.st_mode & 077));
+
+ /*
+ * If running as root, run as the owner of the source file, so that the
+ * result shows proper ownership, and so that a bug in postmap does not
+ * allow privilege escalation.
+ */
+ if ((postmap_flags & POSTMAP_FLAG_AS_OWNER) && getuid() == 0
+ && (st.st_uid != geteuid() || st.st_gid != getegid()))
+ set_eugid(st.st_uid, st.st_gid);
+
+ /*
+ * Override the default per-table cache size for DB map (re)builds. We
+ * can't do this in the mkmap* functions because those don't have access
+ * to Postfix parameter settings.
+ *
+ * db_cache_size" is defined in util/dict_open.c and defaults to 128kB,
+ * which works well for the lookup code.
+ *
+ * We use a larger per-table cache when building ".db" files. For "hash"
+ * files performance degrades rapidly unless the memory pool is O(file
+ * size).
+ *
+ * For "btree" files performance is good with sorted input even for small
+ * memory pools, but with random input degrades rapidly unless the memory
+ * pool is O(file size).
+ */
+ dict_db_cache_size = var_db_create_buf;
+
+ /*
+ * Open the database, optionally create it when it does not exist,
+ * optionally truncate it when it does exist, and lock out any
+ * spectators.
+ */
+ mkmap = mkmap_open(map_type, path_name, open_flags, dict_flags);
+
+ /*
+ * And restore the umask, in case it matters.
+ */
+ if ((postmap_flags & POSTMAP_FLAG_SAVE_PERM) && S_ISREG(st.st_mode))
+ umask(saved_mask);
+
+ /*
+ * Trap "exceptions" so that we can restart a bulk-mode update after a
+ * recoverable error.
+ */
+ for (;;) {
+ if (dict_isjmp(mkmap->dict) != 0
+ && dict_setjmp(mkmap->dict) != 0
+ && vstream_fseek(source_fp, SEEK_SET, 0) < 0)
+ msg_fatal("seek %s: %m", VSTREAM_PATH(source_fp));
+
+ /*
+ * Add records to the database. XXX This duplicates the parser in
+ * dict_thash.c.
+ */
+ last_line = 0;
+ while (readllines(line_buffer, source_fp, &last_line, &lineno)) {
+ int in_quotes = 0;
+
+ /*
+ * First some UTF-8 checks sans casefolding.
+ */
+ if ((mkmap->dict->flags & DICT_FLAG_UTF8_ACTIVE)
+ && !allascii(STR(line_buffer))
+ && !valid_utf8_string(STR(line_buffer), LEN(line_buffer))) {
+ msg_warn("%s, line %d: non-UTF-8 input \"%s\""
+ " -- ignoring this line",
+ VSTREAM_PATH(source_fp), lineno, STR(line_buffer));
+ continue;
+ }
+
+ /*
+ * Terminate the key on the first unquoted whitespace character,
+ * then trim leading and trailing whitespace from the value.
+ */
+ for (value = STR(line_buffer); *value; value++) {
+ if (*value == '\\') {
+ if (*++value == 0)
+ break;
+ } else if (ISSPACE(*value)) {
+ if (!in_quotes)
+ break;
+ } else if (*value == '"') {
+ in_quotes = !in_quotes;
+ }
+ }
+ if (in_quotes) {
+ msg_warn("%s, line %d: unbalanced '\"' in '%s'"
+ " -- ignoring this line",
+ VSTREAM_PATH(source_fp), lineno, STR(line_buffer));
+ continue;
+ }
+ if (*value)
+ *value++ = 0;
+ while (ISSPACE(*value))
+ value++;
+ trimblanks(value, 0)[0] = 0;
+
+ /*
+ * Leave the key in quoted form, because 1) postmap cannot assume
+ * that a string without @ contains an email address localpart,
+ * and 2) an address localpart may require quoting even when the
+ * quoted form contains no backslash or ".
+ */
+ key = STR(line_buffer);
+
+ /*
+ * Enforce the "key whitespace value" format. Disallow missing
+ * keys or missing values.
+ */
+ if (*key == 0 || *value == 0) {
+ msg_warn("%s, line %d: expected format: key whitespace value",
+ VSTREAM_PATH(source_fp), lineno);
+ continue;
+ }
+ if (key[strlen(key) - 1] == ':')
+ msg_warn("%s, line %d: record is in \"key: value\" format; is this an alias file?",
+ VSTREAM_PATH(source_fp), lineno);
+
+ /*
+ * Optionally treat the vale as a filename, and replace the value
+ * with the BASE64-encoded content of the named file.
+ */
+ if (dict_flags & DICT_FLAG_SRC_RHS_IS_FILE) {
+ VSTRING *base64_buf;
+ char *err;
+
+ if ((base64_buf = dict_file_to_b64(mkmap->dict, value)) == 0) {
+ err = dict_file_get_error(mkmap->dict);
+ msg_warn("%s, line %d: %s: skipping this entry",
+ VSTREAM_PATH(source_fp), lineno, err);
+ myfree(err);
+ continue;
+ }
+ value = vstring_str(base64_buf);
+ }
+
+ /*
+ * Store the value under a (possibly case-insensitive) key, as
+ * specified with open_flags.
+ */
+ mkmap_append(mkmap, key, value);
+ if (mkmap->dict->error)
+ msg_fatal("table %s:%s: write error: %m",
+ mkmap->dict->type, mkmap->dict->name);
+ }
+ break;
+ }
+
+ /*
+ * Close the mapping database, and release the lock.
+ */
+ mkmap_close(mkmap);
+
+ /*
+ * Cleanup. We're about to terminate, but it is a good sanity check.
+ */
+ vstring_free(line_buffer);
+ if (source_fp != VSTREAM_IN)
+ vstream_fclose(source_fp);
+}
+
+/* postmap_body - MIME engine body call-back routine */
+
+static void postmap_body(void *ptr, int unused_rec_type,
+ const char *keybuf,
+ ssize_t unused_len,
+ off_t unused_offset)
+{
+ POSTMAP_KEY_STATE *state = (POSTMAP_KEY_STATE *) ptr;
+ DICT **dicts = state->dicts;
+ char **maps = state->maps;
+ int map_count = state->map_count;
+ int dict_flags = state->dict_flags;
+ const char *map_name;
+ const char *value;
+ int n;
+
+ for (n = 0; n < map_count; n++) {
+ if (dicts[n] == 0)
+ dicts[n] = ((map_name = split_at(maps[n], ':')) != 0 ?
+ dict_open3(maps[n], map_name, O_RDONLY, dict_flags) :
+ dict_open3(var_db_type, maps[n], O_RDONLY, dict_flags));
+ if ((value = dict_get(dicts[n], keybuf)) != 0) {
+ if (*value == 0) {
+ msg_warn("table %s:%s: key %s: empty string result is not allowed",
+ dicts[n]->type, dicts[n]->name, keybuf);
+ msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND",
+ dicts[n]->type, dicts[n]->name);
+ }
+ vstream_printf("%s %s\n", keybuf, value);
+ state->found = 1;
+ break;
+ }
+ if (dicts[n]->error)
+ msg_fatal("table %s:%s: query error: %m",
+ dicts[n]->type, dicts[n]->name);
+ }
+}
+
+/* postmap_header - MIME engine header call-back routine */
+
+static void postmap_header(void *ptr, int unused_header_class,
+ const HEADER_OPTS *unused_header_info,
+ VSTRING *header_buf,
+ off_t offset)
+{
+
+ /*
+ * Don't re-invent an already working wheel.
+ */
+ postmap_body(ptr, 0, STR(header_buf), LEN(header_buf), offset);
+}
+
+/* postmap_head_end - MIME engine end-of-header call-back routine */
+
+static void postmap_head_end(void *ptr)
+{
+ POSTMAP_KEY_STATE *state = (POSTMAP_KEY_STATE *) ptr;
+
+ /*
+ * Don't process the message body when we only examine primary headers.
+ */
+ state->header_done = 1;
+}
+
+/* postmap_queries - apply multiple requests from stdin */
+
+static int postmap_queries(VSTREAM *in, char **maps, const int map_count,
+ const int postmap_flags,
+ const int dict_flags)
+{
+ int found = 0;
+ VSTRING *keybuf = vstring_alloc(100);
+ DICT **dicts;
+ const char *map_name;
+ const char *value;
+ int n;
+
+ /*
+ * Sanity check.
+ */
+ if (map_count <= 0)
+ msg_panic("postmap_queries: bad map count");
+
+ /*
+ * Prepare to open maps lazily.
+ */
+ dicts = (DICT **) mymalloc(sizeof(*dicts) * map_count);
+ for (n = 0; n < map_count; n++)
+ dicts[n] = 0;
+
+ /*
+ * Perform all queries. Open maps on the fly, to avoid opening
+ * unnecessary maps.
+ */
+ if ((postmap_flags & POSTMAP_FLAG_HB_KEY) == 0) {
+ while (vstring_get_nonl(keybuf, in) != VSTREAM_EOF) {
+ for (n = 0; n < map_count; n++) {
+ if (dicts[n] == 0)
+ dicts[n] = ((map_name = split_at(maps[n], ':')) != 0 ?
+ dict_open3(maps[n], map_name, O_RDONLY, dict_flags) :
+ dict_open3(var_db_type, maps[n], O_RDONLY, dict_flags));
+ value = ((dict_flags & DICT_FLAG_SRC_RHS_IS_FILE) ?
+ dict_file_lookup : dicts[n]->lookup)
+ (dicts[n], STR(keybuf));
+ if (value != 0) {
+ if (*value == 0) {
+ msg_warn("table %s:%s: key %s: empty string result is not allowed",
+ dicts[n]->type, dicts[n]->name, STR(keybuf));
+ msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND",
+ dicts[n]->type, dicts[n]->name);
+ }
+ vstream_printf("%s %s\n", STR(keybuf), value);
+ found = 1;
+ break;
+ }
+ switch (dicts[n]->error) {
+ case 0:
+ break;
+ case DICT_ERR_CONFIG:
+ msg_fatal("table %s:%s: query error",
+ dicts[n]->type, dicts[n]->name);
+ default:
+ msg_fatal("table %s:%s: query error: %m",
+ dicts[n]->type, dicts[n]->name);
+ }
+ }
+ }
+ } else {
+ POSTMAP_KEY_STATE key_state;
+ MIME_STATE *mime_state;
+ int mime_errs = 0;
+
+ /*
+ * Bundle up the request and instantiate a MIME parsing engine.
+ */
+ key_state.dicts = dicts;
+ key_state.maps = maps;
+ key_state.map_count = map_count;
+ key_state.dict_flags = dict_flags;
+ key_state.header_done = 0;
+ key_state.found = 0;
+ mime_state =
+ mime_state_alloc((postmap_flags & POSTMAP_FLAG_MIME_KEY) ?
+ 0 : MIME_OPT_DISABLE_MIME,
+ (postmap_flags & POSTMAP_FLAG_HEADER_KEY) ?
+ postmap_header : (MIME_STATE_HEAD_OUT) 0,
+ (postmap_flags & POSTMAP_FLAG_FULL_KEY) ?
+ (MIME_STATE_ANY_END) 0 : postmap_head_end,
+ (postmap_flags & POSTMAP_FLAG_BODY_KEY) ?
+ postmap_body : (MIME_STATE_BODY_OUT) 0,
+ (MIME_STATE_ANY_END) 0,
+ (MIME_STATE_ERR_PRINT) 0,
+ (void *) &key_state);
+
+ /*
+ * Process the input message.
+ */
+ while (vstring_get_nonl(keybuf, in) != VSTREAM_EOF
+ && key_state.header_done == 0 && mime_errs == 0)
+ mime_errs = mime_state_update(mime_state, REC_TYPE_NORM,
+ STR(keybuf), LEN(keybuf));
+
+ /*
+ * Flush the MIME engine output buffer and tidy up loose ends.
+ */
+ if (mime_errs == 0)
+ mime_errs = mime_state_update(mime_state, REC_TYPE_END, "", 0);
+ if (mime_errs)
+ msg_fatal("message format error: %s",
+ mime_state_detail(mime_errs)->text);
+ mime_state_free(mime_state);
+ found = key_state.found;
+ }
+
+ if (found)
+ vstream_fflush(VSTREAM_OUT);
+
+ /*
+ * Cleanup.
+ */
+ for (n = 0; n < map_count; n++)
+ if (dicts[n])
+ dict_close(dicts[n]);
+ myfree((void *) dicts);
+ vstring_free(keybuf);
+
+ return (found);
+}
+
+/* postmap_query - query a map and print the result to stdout */
+
+static int postmap_query(const char *map_type, const char *map_name,
+ const char *key, int dict_flags)
+{
+ DICT *dict;
+ const char *value;
+
+ dict = dict_open3(map_type, map_name, O_RDONLY, dict_flags);
+ value = ((dict_flags & DICT_FLAG_SRC_RHS_IS_FILE) ?
+ dict_file_lookup : dict->lookup) (dict, key);
+ if (value != 0) {
+ if (*value == 0) {
+ msg_warn("table %s:%s: key %s: empty string result is not allowed",
+ map_type, map_name, key);
+ msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND",
+ map_type, map_name);
+ }
+ vstream_printf("%s\n", value);
+ }
+ switch (dict->error) {
+ case 0:
+ break;
+ case DICT_ERR_CONFIG:
+ msg_fatal("table %s:%s: query error",
+ dict->type, dict->name);
+ default:
+ msg_fatal("table %s:%s: query error: %m",
+ dict->type, dict->name);
+ }
+ vstream_fflush(VSTREAM_OUT);
+ dict_close(dict);
+ return (value != 0);
+}
+
+/* postmap_deletes - apply multiple requests from stdin */
+
+static int postmap_deletes(VSTREAM *in, char **maps, const int map_count,
+ int dict_flags)
+{
+ int found = 0;
+ VSTRING *keybuf = vstring_alloc(100);
+ DICT **dicts;
+ const char *map_name;
+ int n;
+ int open_flags;
+
+ /*
+ * Sanity check.
+ */
+ if (map_count <= 0)
+ msg_panic("postmap_deletes: bad map count");
+
+ /*
+ * Open maps ahead of time.
+ */
+ dicts = (DICT **) mymalloc(sizeof(*dicts) * map_count);
+ for (n = 0; n < map_count; n++) {
+ map_name = split_at(maps[n], ':');
+ if (map_name && strcmp(maps[n], DICT_TYPE_PROXY) == 0)
+ open_flags = O_RDWR | O_CREAT; /* XXX */
+ else
+ open_flags = O_RDWR;
+ dicts[n] = (map_name != 0 ?
+ dict_open3(maps[n], map_name, open_flags, dict_flags) :
+ dict_open3(var_db_type, maps[n], open_flags, dict_flags));
+ }
+
+ /*
+ * Perform all requests.
+ */
+ while (vstring_get_nonl(keybuf, in) != VSTREAM_EOF) {
+ for (n = 0; n < map_count; n++) {
+ found |= (dict_del(dicts[n], STR(keybuf)) == 0);
+ if (dicts[n]->error)
+ msg_fatal("table %s:%s: delete error: %m",
+ dicts[n]->type, dicts[n]->name);
+ }
+ }
+
+ /*
+ * Cleanup.
+ */
+ for (n = 0; n < map_count; n++)
+ if (dicts[n])
+ dict_close(dicts[n]);
+ myfree((void *) dicts);
+ vstring_free(keybuf);
+
+ return (found);
+}
+
+/* postmap_delete - delete a (key, value) pair from a map */
+
+static int postmap_delete(const char *map_type, const char *map_name,
+ const char *key, int dict_flags)
+{
+ DICT *dict;
+ int status;
+ int open_flags;
+
+ if (strcmp(map_type, DICT_TYPE_PROXY) == 0)
+ open_flags = O_RDWR | O_CREAT; /* XXX */
+ else
+ open_flags = O_RDWR;
+ dict = dict_open3(map_type, map_name, open_flags, dict_flags);
+ status = dict_del(dict, key);
+ if (dict->error)
+ msg_fatal("table %s:%s: delete error: %m", dict->type, dict->name);
+ dict_close(dict);
+ return (status == 0);
+}
+
+/* postmap_seq - print all map entries to stdout */
+
+static void postmap_seq(const char *map_type, const char *map_name,
+ int dict_flags)
+{
+ DICT *dict;
+ const char *key;
+ const char *value;
+ int func;
+
+ if (strcmp(map_type, DICT_TYPE_PROXY) == 0)
+ msg_fatal("can't sequence maps via the proxy service");
+ dict = dict_open3(map_type, map_name, O_RDONLY, dict_flags);
+ for (func = DICT_SEQ_FUN_FIRST; /* void */ ; func = DICT_SEQ_FUN_NEXT) {
+ if (dict_seq(dict, func, &key, &value) != 0)
+ break;
+ if (*key == 0) {
+ msg_warn("table %s:%s: empty lookup key value is not allowed",
+ map_type, map_name);
+ } else if (*value == 0) {
+ msg_warn("table %s:%s: key %s: empty string result is not allowed",
+ map_type, map_name, key);
+ msg_warn("table %s:%s should return NO RESULT in case of NOT FOUND",
+ map_type, map_name);
+ }
+ if (dict_flags & DICT_FLAG_SRC_RHS_IS_FILE) {
+ VSTRING *unb64;
+ char *err;
+
+ if ((unb64 = dict_file_from_b64(dict, value)) == 0) {
+ err = dict_file_get_error(dict);
+ msg_warn("table %s:%s: key %s: %s",
+ dict->type, dict->name, key, err);
+ myfree(err);
+ /* dict->error = DICT_ERR_CONFIG; */
+ continue;
+ }
+ value = STR(unb64);
+ }
+ vstream_printf("%s %s\n", key, value);
+ }
+ if (dict->error)
+ msg_fatal("table %s:%s: sequence error: %m", dict->type, dict->name);
+ vstream_fflush(VSTREAM_OUT);
+ dict_close(dict);
+}
+
+/* usage - explain */
+
+static NORETURN usage(char *myname)
+{
+ msg_fatal("usage: %s [-bfFhimnNoprsuUvw] [-c config_dir] [-d key] [-q key] [map_type:]file...",
+ myname);
+}
+
+MAIL_VERSION_STAMP_DECLARE;
+
+int main(int argc, char **argv)
+{
+ char *path_name;
+ int ch;
+ int fd;
+ char *slash;
+ struct stat st;
+ int postmap_flags = POSTMAP_FLAG_AS_OWNER | POSTMAP_FLAG_SAVE_PERM;
+ int open_flags = O_RDWR | O_CREAT | O_TRUNC;
+ int dict_flags = (DICT_FLAG_DUP_WARN | DICT_FLAG_FOLD_FIX
+ | DICT_FLAG_UTF8_REQUEST);
+ char *query = 0;
+ char *delkey = 0;
+ int sequence = 0;
+ int found;
+ int force_utf8 = 0;
+ ARGV *import_env;
+
+ /*
+ * Fingerprint executables and core dumps.
+ */
+ MAIL_VERSION_STAMP_ALLOCATE;
+
+ /*
+ * Be consistent with file permissions.
+ */
+ umask(022);
+
+ /*
+ * To minimize confusion, make sure that the standard file descriptors
+ * are open before opening anything else. XXX Work around for 44BSD where
+ * fstat can return EBADF on an open file descriptor.
+ */
+ for (fd = 0; fd < 3; fd++)
+ if (fstat(fd, &st) == -1
+ && (close(fd), open("/dev/null", O_RDWR, 0)) != fd)
+ msg_fatal("open /dev/null: %m");
+
+ /*
+ * Process environment options as early as we can. We are not set-uid,
+ * and we are supposed to be running in a controlled environment.
+ */
+ if (getenv(CONF_ENV_VERB))
+ msg_verbose = 1;
+
+ /*
+ * Initialize. Set up logging. Read the global configuration file after
+ * parsing command-line arguments.
+ */
+ if ((slash = strrchr(argv[0], '/')) != 0 && slash[1])
+ argv[0] = slash + 1;
+ msg_vstream_init(argv[0], VSTREAM_ERR);
+ maillog_client_init(mail_task(argv[0]), MAILLOG_CLIENT_FLAG_NONE);
+
+ /*
+ * Check the Postfix library version as soon as we enable logging.
+ */
+ MAIL_VERSION_CHECK;
+
+ /*
+ * Parse JCL.
+ */
+ while ((ch = GETOPT(argc, argv, "bc:d:fFhimnNopq:rsuUvw")) > 0) {
+ switch (ch) {
+ default:
+ usage(argv[0]);
+ break;
+ case 'N':
+ dict_flags |= DICT_FLAG_TRY1NULL;
+ dict_flags &= ~DICT_FLAG_TRY0NULL;
+ break;
+ case 'b':
+ postmap_flags |= POSTMAP_FLAG_BODY_KEY;
+ break;
+ case 'c':
+ if (setenv(CONF_ENV_PATH, optarg, 1) < 0)
+ msg_fatal("out of memory");
+ break;
+ case 'd':
+ if (sequence || query || delkey)
+ msg_fatal("specify only one of -s -q or -d");
+ delkey = optarg;
+ break;
+ case 'f':
+ dict_flags &= ~DICT_FLAG_FOLD_FIX;
+ break;
+ case 'F':
+ dict_flags |= DICT_FLAG_SRC_RHS_IS_FILE;
+ break;
+ case 'h':
+ postmap_flags |= POSTMAP_FLAG_HEADER_KEY;
+ break;
+ case 'i':
+ open_flags &= ~O_TRUNC;
+ break;
+ case 'm':
+ postmap_flags |= POSTMAP_FLAG_MIME_KEY;
+ break;
+ case 'n':
+ dict_flags |= DICT_FLAG_TRY0NULL;
+ dict_flags &= ~DICT_FLAG_TRY1NULL;
+ break;
+ case 'o':
+ postmap_flags &= ~POSTMAP_FLAG_AS_OWNER;
+ break;
+ case 'p':
+ postmap_flags &= ~POSTMAP_FLAG_SAVE_PERM;
+ break;
+ case 'q':
+ if (sequence || query || delkey)
+ msg_fatal("specify only one of -s -q or -d");
+ query = optarg;
+ break;
+ case 'r':
+ dict_flags &= ~(DICT_FLAG_DUP_WARN | DICT_FLAG_DUP_IGNORE);
+ dict_flags |= DICT_FLAG_DUP_REPLACE;
+ break;
+ case 's':
+ if (query || delkey)
+ msg_fatal("specify only one of -s or -q or -d");
+ sequence = 1;
+ break;
+ case 'u':
+ dict_flags &= ~DICT_FLAG_UTF8_REQUEST;
+ break;
+ case 'U':
+ force_utf8 = 1;
+ break;
+ case 'v':
+ msg_verbose++;
+ break;
+ case 'w':
+ dict_flags &= ~(DICT_FLAG_DUP_WARN | DICT_FLAG_DUP_REPLACE);
+ dict_flags |= DICT_FLAG_DUP_IGNORE;
+ break;
+ }
+ }
+ mail_conf_read();
+ /* Enforce consistent operation of different Postfix parts. */
+ import_env = mail_parm_split(VAR_IMPORT_ENVIRON, var_import_environ);
+ update_env(import_env->argv);
+ argv_free(import_env);
+ /* Re-evaluate mail_task() after reading main.cf. */
+ maillog_client_init(mail_task(argv[0]), MAILLOG_CLIENT_FLAG_NONE);
+ mail_dict_init();
+ if ((query == 0 || strcmp(query, "-") != 0)
+ && (postmap_flags & POSTMAP_FLAG_ANY_KEY))
+ msg_fatal("specify -b -h or -m only with \"-q -\"");
+ if ((postmap_flags & POSTMAP_FLAG_ANY_KEY) != 0
+ && (postmap_flags & POSTMAP_FLAG_ANY_KEY)
+ == (postmap_flags & POSTMAP_FLAG_MIME_KEY))
+ msg_warn("ignoring -m option without -b or -h");
+ if ((postmap_flags & (POSTMAP_FLAG_ANY_KEY & ~POSTMAP_FLAG_MIME_KEY))
+ && force_utf8 == 0)
+ dict_flags &= ~DICT_FLAG_UTF8_MASK;
+
+ /*
+ * Use the map type specified by the user, or fall back to a default
+ * database type.
+ */
+ if (delkey) { /* remove entry */
+ if (optind + 1 > argc)
+ usage(argv[0]);
+ if (strcmp(delkey, "-") == 0)
+ exit(postmap_deletes(VSTREAM_IN, argv + optind, argc - optind,
+ dict_flags | DICT_FLAG_LOCK) == 0);
+ found = 0;
+ while (optind < argc) {
+ if ((path_name = split_at(argv[optind], ':')) != 0) {
+ found |= postmap_delete(argv[optind], path_name, delkey,
+ dict_flags | DICT_FLAG_LOCK);
+ } else {
+ found |= postmap_delete(var_db_type, argv[optind], delkey,
+ dict_flags | DICT_FLAG_LOCK);
+ }
+ optind++;
+ }
+ exit(found ? 0 : 1);
+ } else if (query) { /* query map(s) */
+ if (optind + 1 > argc)
+ usage(argv[0]);
+ if (strcmp(query, "-") == 0)
+ exit(postmap_queries(VSTREAM_IN, argv + optind, argc - optind,
+ postmap_flags, dict_flags | DICT_FLAG_LOCK) == 0);
+ while (optind < argc) {
+ if ((path_name = split_at(argv[optind], ':')) != 0) {
+ found = postmap_query(argv[optind], path_name, query,
+ dict_flags | DICT_FLAG_LOCK);
+ } else {
+ found = postmap_query(var_db_type, argv[optind], query,
+ dict_flags | DICT_FLAG_LOCK);
+ }
+ if (found)
+ exit(0);
+ optind++;
+ }
+ exit(1);
+ } else if (sequence) {
+ while (optind < argc) {
+ if ((path_name = split_at(argv[optind], ':')) != 0) {
+ postmap_seq(argv[optind], path_name,
+ dict_flags | DICT_FLAG_LOCK);
+ } else {
+ postmap_seq(var_db_type, argv[optind],
+ dict_flags | DICT_FLAG_LOCK);
+ }
+ exit(0);
+ }
+ exit(1);
+ } else { /* create/update map(s) */
+ if (optind + 1 > argc)
+ usage(argv[0]);
+ while (optind < argc) {
+ if ((path_name = split_at(argv[optind], ':')) != 0) {
+ postmap(argv[optind], path_name, postmap_flags,
+ open_flags, dict_flags);
+ } else {
+ postmap(var_db_type, argv[optind], postmap_flags,
+ open_flags, dict_flags);
+ }
+ optind++;
+ }
+ exit(0);
+ }
+}