mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21175 Commits
28 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
rspamd/src/libserver/milter.c

milter.c 59KB
Raw Permalink Blame History

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263 
  1. /*

  2.  * Copyright 2024 Vsevolod Stakhov

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *    http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. 

  17. #include "config.h"

  18. #include "milter.h"

  19. #include "milter_internal.h"

  20. #include "email_addr.h"

  21. #include "addr.h"

  22. #include "unix-std.h"

  23. #include "logger.h"

  24. #include "ottery.h"

  25. #include "libserver/http/http_connection.h"

  26. #include "libserver/http/http_private.h"

  27. #include "libserver/protocol_internal.h"

  28. #include "libserver/cfg_file_private.h"

  29. #include "libmime/scan_result.h"

  30. #include "libserver/worker_util.h"

  31. #include "utlist.h"

  32. 

  33. #define msg_err_milter(...) rspamd_default_log_function(G_LOG_LEVEL_CRITICAL,          \

  34. 														"milter", priv->pool->tag.uid, \

  35. 														RSPAMD_LOG_FUNC,               \

  36. 														__VA_ARGS__)

  37. #define msg_warn_milter(...) rspamd_default_log_function(G_LOG_LEVEL_WARNING,           \

  38. 														 "milter", priv->pool->tag.uid, \

  39. 														 RSPAMD_LOG_FUNC,               \

  40. 														 __VA_ARGS__)

  41. #define msg_info_milter(...) rspamd_default_log_function(G_LOG_LEVEL_INFO,              \

  42. 														 "milter", priv->pool->tag.uid, \

  43. 														 RSPAMD_LOG_FUNC,               \

  44. 														 __VA_ARGS__)

  45. #define msg_debug_milter(...) rspamd_conditional_debug_fast(NULL, NULL,                                          \

  46. 															rspamd_milter_log_id, "milter", priv->pool->tag.uid, \

  47. 															RSPAMD_LOG_FUNC,                                     \

  48. 															__VA_ARGS__)

  49. 

  50. INIT_LOG_MODULE(milter)

  51. 

  52. static const struct rspamd_milter_context *milter_ctx = NULL;

  53. 

  54. static gboolean rspamd_milter_handle_session(

  55. 	struct rspamd_milter_session *session,

  56. 	struct rspamd_milter_private *priv);

  57. static inline void rspamd_milter_plan_io(struct rspamd_milter_session *session,

  58. 										 struct rspamd_milter_private *priv, gshort what);

  59. 

  60. static GQuark

  61. rspamd_milter_quark(void)

  62. {

  63. 	return g_quark_from_static_string("milter");

  64. }

  65. 

  66. static void

  67. rspamd_milter_obuf_free(struct rspamd_milter_outbuf *obuf)

  68. {

  69. 	if (obuf) {

  70. 		if (obuf->buf) {

  71. 			rspamd_fstring_free(obuf->buf);

  72. 		}

  73. 

  74. 		g_free(obuf);

  75. 	}

  76. }

  77. 

  78. #define RSPAMD_MILTER_RESET_COMMON (1 << 0)

  79. #define RSPAMD_MILTER_RESET_IO (1 << 1)

  80. #define RSPAMD_MILTER_RESET_ADDR (1 << 2)

  81. #define RSPAMD_MILTER_RESET_MACRO (1 << 3)

  82. #define RSPAMD_MILTER_RESET_ALL (RSPAMD_MILTER_RESET_COMMON | \

  83. 								 RSPAMD_MILTER_RESET_IO |     \

  84. 								 RSPAMD_MILTER_RESET_ADDR |   \

  85. 								 RSPAMD_MILTER_RESET_MACRO)

  86. #define RSPAMD_MILTER_RESET_QUIT_NC (RSPAMD_MILTER_RESET_COMMON | \

  87. 									 RSPAMD_MILTER_RESET_ADDR |   \

  88. 									 RSPAMD_MILTER_RESET_MACRO)

  89. #define RSPAMD_MILTER_RESET_ABORT (RSPAMD_MILTER_RESET_COMMON)

  90. 

  91. static void

  92. rspamd_milter_session_reset(struct rspamd_milter_session *session,

  93. 							unsigned int how)

  94. {

  95. 	struct rspamd_milter_outbuf *obuf, *obuf_tmp;

  96. 	struct rspamd_milter_private *priv = session->priv;

  97. 	struct rspamd_email_address *cur;

  98. 	unsigned int i;

  99. 

  100. 	if (how & RSPAMD_MILTER_RESET_IO) {

  101. 		msg_debug_milter("cleanup IO on abort");

  102. 

  103. 		DL_FOREACH_SAFE(priv->out_chain, obuf, obuf_tmp)

  104. 		{

  105. 			rspamd_milter_obuf_free(obuf);

  106. 		}

  107. 

  108. 		priv->out_chain = NULL;

  109. 

  110. 		if (priv->parser.buf) {

  111. 			priv->parser.buf->len = 0;

  112. 		}

  113. 	}

  114. 

  115. 	if (how & RSPAMD_MILTER_RESET_COMMON) {

  116. 		msg_debug_milter("cleanup common data on abort");

  117. 

  118. 		if (session->message) {

  119. 			session->message->len = 0;

  120. 			msg_debug_milter("cleanup message on abort");

  121. 		}

  122. 

  123. 		if (session->rcpts) {

  124. 			PTR_ARRAY_FOREACH(session->rcpts, i, cur)

  125. 			{

  126. 				rspamd_email_address_free(cur);

  127. 			}

  128. 

  129. 			msg_debug_milter("cleanup %d recipients on abort",

  130. 							 (int) session->rcpts->len);

  131. 

  132. 			g_ptr_array_free(session->rcpts, TRUE);

  133. 			session->rcpts = NULL;

  134. 		}

  135. 

  136. 		if (session->from) {

  137. 			msg_debug_milter("cleanup from");

  138. 			rspamd_email_address_free(session->from);

  139. 			session->from = NULL;

  140. 		}

  141. 

  142. 		if (priv->headers) {

  143. 			msg_debug_milter("cleanup headers");

  144. 			char *k;

  145. 			GArray *ar;

  146. 

  147. 			kh_foreach(priv->headers, k, ar, {

  148. 				g_free(k);

  149. 				g_array_free(ar, TRUE);

  150. 			});

  151. 

  152. 			kh_clear(milter_headers_hash_t, priv->headers);

  153. 		}

  154. 

  155. 		priv->cur_hdr = 0;

  156. 	}

  157. 

  158. 	if (how & RSPAMD_MILTER_RESET_ADDR) {

  159. 		if (session->addr) {

  160. 			msg_debug_milter("cleanup addr");

  161. 			rspamd_inet_address_free(session->addr);

  162. 			session->addr = NULL;

  163. 		}

  164. 		if (session->hostname) {

  165. 			msg_debug_milter("cleanup hostname");

  166. 			session->hostname->len = 0;

  167. 		}

  168. 	}

  169. 

  170. 	if (how & RSPAMD_MILTER_RESET_MACRO) {

  171. 		if (session->macros) {

  172. 			msg_debug_milter("cleanup macros");

  173. 			g_hash_table_unref(session->macros);

  174. 			session->macros = NULL;

  175. 		}

  176. 	}

  177. }

  178. 

  179. static void

  180. rspamd_milter_session_dtor(struct rspamd_milter_session *session)

  181. {

  182. 	struct rspamd_milter_private *priv;

  183. 

  184. 	if (session) {

  185. 		priv = session->priv;

  186. 		msg_debug_milter("destroying milter session");

  187. 

  188. 		rspamd_ev_watcher_stop(priv->event_loop, &priv->ev);

  189. 		rspamd_milter_session_reset(session, RSPAMD_MILTER_RESET_ALL);

  190. 		close(priv->fd);

  191. 

  192. 		if (priv->parser.buf) {

  193. 			rspamd_fstring_free(priv->parser.buf);

  194. 		}

  195. 

  196. 		if (session->message) {

  197. 			rspamd_fstring_free(session->message);

  198. 		}

  199. 

  200. 		if (session->helo) {

  201. 			rspamd_fstring_free(session->helo);

  202. 		}

  203. 

  204. 		if (session->hostname) {

  205. 			rspamd_fstring_free(session->hostname);

  206. 		}

  207. 

  208. 		if (priv->headers) {

  209. 			char *k;

  210. 			GArray *ar;

  211. 

  212. 			kh_foreach(priv->headers, k, ar, {

  213. 				g_free(k);

  214. 				g_array_free(ar, TRUE);

  215. 			});

  216. 

  217. 			kh_destroy(milter_headers_hash_t, priv->headers);

  218. 		}

  219. 

  220. 		if (milter_ctx->sessions_cache) {

  221. 			rspamd_worker_session_cache_remove(milter_ctx->sessions_cache,

  222. 											   session);

  223. 		}

  224. 

  225. 		rspamd_mempool_delete(priv->pool);

  226. 		g_free(priv);

  227. 		g_free(session);

  228. 	}

  229. }

  230. 

  231. static void

  232. rspamd_milter_on_protocol_error(struct rspamd_milter_session *session,

  233. 								struct rspamd_milter_private *priv, GError *err)

  234. {

  235. 	msg_debug_milter("protocol error: %e", err);

  236. 	priv->state = RSPAMD_MILTER_WANNA_DIE;

  237. 	REF_RETAIN(session);

  238. 	priv->err_cb(priv->fd, session, priv->ud, err);

  239. 	REF_RELEASE(session);

  240. 	g_error_free(err);

  241. 

  242. 	rspamd_milter_plan_io(session, priv, EV_WRITE);

  243. }

  244. 

  245. static void

  246. rspamd_milter_on_protocol_ping(struct rspamd_milter_session *session,

  247. 							   struct rspamd_milter_private *priv)

  248. {

  249. 	GError *err = NULL;

  250. 	static const char reply[] = "HTTP/1.1 200 OK\r\n"

  251. 								"Connection: close\r\n"

  252. 								"Server: rspamd/2.7 (milter mode)\r\n"

  253. 								"Content-Length: 6\r\n"

  254. 								"Content-Type: text/plain\r\n"

  255. 								"\r\n"

  256. 								"pong\r\n";

  257. 

  258. 	if (write(priv->fd, reply, sizeof(reply)) == -1) {

  259. 		int serrno = errno;

  260. 		msg_err_milter("cannot write pong reply: %s", strerror(serrno));

  261. 		g_set_error(&err, rspamd_milter_quark(), serrno, "ping command IO error: %s",

  262. 					strerror(serrno));

  263. 		priv->state = RSPAMD_MILTER_WANNA_DIE;

  264. 		REF_RETAIN(session);

  265. 		priv->err_cb(priv->fd, session, priv->ud, err);

  266. 		REF_RELEASE(session);

  267. 		g_error_free(err);

  268. 	}

  269. 	else {

  270. 		priv->state = RSPAMD_MILTER_PONG_AND_DIE;

  271. 		rspamd_milter_plan_io(session, priv, EV_WRITE);

  272. 	}

  273. }

  274. 

  275. static int

  276. rspamd_milter_http_on_url(http_parser *parser, const char *at, size_t length)

  277. {

  278. 	GString *url = (GString *) parser->data;

  279. 

  280. 	g_string_append_len(url, at, length);

  281. 

  282. 	return 0;

  283. }

  284. 

  285. static void

  286. rspamd_milter_io_handler(int fd, gshort what, void *ud)

  287. {

  288. 	struct rspamd_milter_session *session = ud;

  289. 	struct rspamd_milter_private *priv;

  290. 	GError *err;

  291. 

  292. 	priv = session->priv;

  293. 

  294. 	if (what == EV_TIMEOUT) {

  295. 		msg_debug_milter("connection timed out");

  296. 		err = g_error_new(rspamd_milter_quark(), ETIMEDOUT, "connection "

  297. 															"timed out");

  298. 		rspamd_milter_on_protocol_error(session, priv, err);

  299. 	}

  300. 	else {

  301. 		rspamd_milter_handle_session(session, priv);

  302. 	}

  303. }

  304. 

  305. static inline void

  306. rspamd_milter_plan_io(struct rspamd_milter_session *session,

  307. 					  struct rspamd_milter_private *priv, gshort what)

  308. {

  309. 	rspamd_ev_watcher_reschedule(priv->event_loop, &priv->ev, what);

  310. }

  311. 

  312. 

  313. #define READ_INT_32(pos, var)               \

  314. 	do {                                    \

  315. 		memcpy(&(var), (pos), sizeof(var)); \

  316. 		(pos) += sizeof(var);               \

  317. 		(var) = ntohl(var);                 \

  318. 	} while (0)

  319. #define READ_INT_16(pos, var)               \

  320. 	do {                                    \

  321. 		memcpy(&(var), (pos), sizeof(var)); \

  322. 		(pos) += sizeof(var);               \

  323. 		(var) = ntohs(var);                 \

  324. 	} while (0)

  325. 

  326. static gboolean

  327. rspamd_milter_process_command(struct rspamd_milter_session *session,

  328. 							  struct rspamd_milter_private *priv)

  329. {

  330. 	GError *err;

  331. 	rspamd_fstring_t *buf;

  332. 	const unsigned char *pos, *end, *zero;

  333. 	unsigned int cmdlen;

  334. 	uint32_t version, actions, protocol;

  335. 

  336. 	buf = priv->parser.buf;

  337. 	pos = buf->str + priv->parser.cmd_start;

  338. 	cmdlen = priv->parser.datalen;

  339. 	end = pos + cmdlen;

  340. 

  341. 	switch (priv->parser.cur_cmd) {

  342. 	case RSPAMD_MILTER_CMD_ABORT:

  343. 		msg_debug_milter("got abort command");

  344. 		rspamd_milter_session_reset(session, RSPAMD_MILTER_RESET_ABORT);

  345. 		break;

  346. 	case RSPAMD_MILTER_CMD_BODY:

  347. 		if (!session->message) {

  348. 			session->message = rspamd_fstring_sized_new(

  349. 				RSPAMD_MILTER_MESSAGE_CHUNK);

  350. 		}

  351. 

  352. 		msg_debug_milter("got body chunk: %d bytes", (int) cmdlen);

  353. 		session->message = rspamd_fstring_append(session->message,

  354. 												 pos, cmdlen);

  355. 		break;

  356. 	case RSPAMD_MILTER_CMD_CONNECT:

  357. 		msg_debug_milter("got connect command");

  358. 

  359. 		/*

  360. 		 * char hostname[]: Hostname, NUL terminated

  361. 		 * char family: Protocol family

  362. 		 * uint16 port: Port number (SMFIA_INET or SMFIA_INET6 only)

  363. 		 * char address[]: IP address (ASCII) or unix socket path, NUL terminated

  364. 		 */

  365. 		zero = memchr(pos, '\0', cmdlen);

  366. 

  367. 		if (zero == NULL || zero > (end - sizeof(uint16_t) + 1)) {

  368. 			err = g_error_new(rspamd_milter_quark(), EINVAL, "invalid "

  369. 															 "connect command (no name)");

  370. 			rspamd_milter_on_protocol_error(session, priv, err);

  371. 

  372. 			return FALSE;

  373. 		}

  374. 		else {

  375. 			unsigned char proto;

  376. 			uint16_t port;

  377. 			char ip6_str[INET6_ADDRSTRLEN + 3];

  378. 			gsize r;

  379. 

  380. 			/*

  381. 			 * Important notice: Postfix do NOT use this command to pass

  382. 			 * client's info (e.g. hostname is not really here)

  383. 			 * Sendmail will pass it here

  384. 			 */

  385. 			if (session->hostname == NULL) {

  386. 				session->hostname = rspamd_fstring_new_init(pos, zero - pos);

  387. 				msg_debug_milter("got hostname on connect phase: %V",

  388. 								 session->hostname);

  389. 			}

  390. 			else {

  391. 				session->hostname = rspamd_fstring_assign(session->hostname,

  392. 														  pos, zero - pos);

  393. 				msg_debug_milter("rewrote hostname on connect phase: %V",

  394. 								 session->hostname);

  395. 			}

  396. 

  397. 			pos = zero + 1;

  398. 			proto = *pos++;

  399. 

  400. 			if (proto == RSPAMD_MILTER_CONN_UNKNOWN) {

  401. 				/* We have no information about host */

  402. 				msg_debug_milter("unknown connect address");

  403. 			}

  404. 			else {

  405. 				READ_INT_16(pos, port);

  406. 

  407. 				if (pos >= end) {

  408. 					/* No IP somehow */

  409. 					msg_debug_milter("unknown connect IP/socket");

  410. 				}

  411. 				else {

  412. 					zero = memchr(pos, '\0', end - pos);

  413. 

  414. 					if (zero == NULL) {

  415. 						err = g_error_new(rspamd_milter_quark(), EINVAL, "invalid "

  416. 																		 "connect command (no zero terminated IP)");

  417. 						rspamd_milter_on_protocol_error(session, priv, err);

  418. 

  419. 						return FALSE;

  420. 					}

  421. 

  422. 					switch (proto) {

  423. 					case RSPAMD_MILTER_CONN_UNIX:

  424. 						session->addr = rspamd_inet_address_new(AF_UNIX,

  425. 																pos);

  426. 						break;

  427. 

  428. 					case RSPAMD_MILTER_CONN_INET:

  429. 						session->addr = rspamd_inet_address_new(AF_INET, NULL);

  430. 

  431. 						if (!rspamd_parse_inet_address_ip(pos, zero - pos,

  432. 														  session->addr)) {

  433. 							err = g_error_new(rspamd_milter_quark(), EINVAL,

  434. 											  "invalid connect command (bad IPv4)");

  435. 							rspamd_milter_on_protocol_error(session, priv,

  436. 															err);

  437. 

  438. 							return FALSE;

  439. 						}

  440. 

  441. 						rspamd_inet_address_set_port(session->addr, port);

  442. 						break;

  443. 

  444. 					case RSPAMD_MILTER_CONN_INET6:

  445. 						session->addr = rspamd_inet_address_new(AF_INET6, NULL);

  446. 

  447. 						if (zero - pos > sizeof("IPv6:") &&

  448. 							rspamd_lc_cmp(pos, "IPv6:",

  449. 										  sizeof("IPv6:") - 1) == 0) {

  450. 							/* Kill sendmail please */

  451. 							pos += sizeof("IPv6:") - 1;

  452. 

  453. 							if (*pos != '[') {

  454. 								/* Add explicit braces */

  455. 								r = rspamd_snprintf(ip6_str, sizeof(ip6_str),

  456. 													"[%*s]", (int) (zero - pos), pos);

  457. 							}

  458. 							else {

  459. 								r = rspamd_strlcpy(ip6_str, pos, sizeof(ip6_str));

  460. 							}

  461. 						}

  462. 						else {

  463. 							r = rspamd_strlcpy(ip6_str, pos, sizeof(ip6_str));

  464. 						}

  465. 

  466. 						if (!rspamd_parse_inet_address_ip(ip6_str, r,

  467. 														  session->addr)) {

  468. 							err = g_error_new(rspamd_milter_quark(), EINVAL,

  469. 											  "invalid connect command (bad IPv6)");

  470. 							rspamd_milter_on_protocol_error(session, priv,

  471. 															err);

  472. 

  473. 							return FALSE;

  474. 						}

  475. 

  476. 						rspamd_inet_address_set_port(session->addr, port);

  477. 						break;

  478. 

  479. 					default:

  480. 						err = g_error_new(rspamd_milter_quark(), EINVAL,

  481. 										  "invalid connect command (bad protocol: %c)",

  482. 										  proto);

  483. 						rspamd_milter_on_protocol_error(session, priv,

  484. 														err);

  485. 

  486. 						return FALSE;

  487. 					}

  488. 				}

  489. 			}

  490. 

  491. 			msg_info_milter("got connection from %s",

  492. 							rspamd_inet_address_to_string_pretty(session->addr));

  493. 		}

  494. 		break;

  495. 	case RSPAMD_MILTER_CMD_MACRO:

  496. 		msg_debug_milter("got macro command");

  497. 		/*

  498. 		 * Format is

  499. 		 * 1 byte - command associated (we don't care about it)

  500. 		 * 0-terminated name

  501. 		 * 0-terminated value

  502. 		 * ...

  503. 		 */

  504. 		if (session->macros == NULL) {

  505. 			session->macros = g_hash_table_new_full(rspamd_ftok_icase_hash,

  506. 													rspamd_ftok_icase_equal,

  507. 													rspamd_fstring_mapped_ftok_free,

  508. 													rspamd_fstring_mapped_ftok_free);

  509. 		}

  510. 

  511. 		/* Ignore one byte */

  512. 		pos++;

  513. 

  514. 		while (pos < end) {

  515. 			zero = memchr(pos, '\0', cmdlen);

  516. 

  517. 			if (zero == NULL || zero >= end) {

  518. 				err = g_error_new(rspamd_milter_quark(), EINVAL, "invalid "

  519. 																 "macro command (no name)");

  520. 				rspamd_milter_on_protocol_error(session, priv, err);

  521. 

  522. 				return FALSE;

  523. 			}

  524. 			else {

  525. 				rspamd_fstring_t *name, *value;

  526. 				rspamd_ftok_t *name_tok, *value_tok;

  527. 				const unsigned char *zero_val;

  528. 

  529. 				zero_val = memchr(zero + 1, '\0', end - zero - 1);

  530. 

  531. 				if (zero_val != NULL && end > zero_val) {

  532. 					name = rspamd_fstring_new_init(pos, zero - pos);

  533. 					value = rspamd_fstring_new_init(zero + 1,

  534. 													zero_val - zero - 1);

  535. 					name_tok = rspamd_ftok_map(name);

  536. 					value_tok = rspamd_ftok_map(value);

  537. 

  538. 					g_hash_table_replace(session->macros, name_tok, value_tok);

  539. 					msg_debug_milter("got macro: %T -> %T",

  540. 									 name_tok, value_tok);

  541. 

  542. 					cmdlen -= zero_val - pos;

  543. 					pos = zero_val + 1;

  544. 				}

  545. 				else {

  546. 					err = g_error_new(rspamd_milter_quark(), EINVAL,

  547. 									  "invalid macro command (bad value)");

  548. 					rspamd_milter_on_protocol_error(session, priv, err);

  549. 

  550. 					return FALSE;

  551. 				}

  552. 			}

  553. 		}

  554. 		break;

  555. 	case RSPAMD_MILTER_CMD_BODYEOB:

  556. 		msg_debug_milter("got eob command");

  557. 		REF_RETAIN(session);

  558. 		priv->fin_cb(priv->fd, session, priv->ud);

  559. 		REF_RELEASE(session);

  560. 		break;

  561. 	case RSPAMD_MILTER_CMD_HELO:

  562. 		msg_debug_milter("got helo command");

  563. 

  564. 		if (end > pos && *(end - 1) == '\0') {

  565. 			if (session->helo == NULL) {

  566. 				session->helo = rspamd_fstring_new_init(pos, cmdlen - 1);

  567. 			}

  568. 			else {

  569. 				session->helo = rspamd_fstring_assign(session->helo,

  570. 													  pos, cmdlen - 1);

  571. 			}

  572. 		}

  573. 		else if (end > pos) {

  574. 			/* Should not happen */

  575. 			if (session->helo == NULL) {

  576. 				session->helo = rspamd_fstring_new_init(pos, cmdlen);

  577. 			}

  578. 			else {

  579. 				session->helo = rspamd_fstring_assign(session->helo,

  580. 													  pos, cmdlen);

  581. 			}

  582. 		}

  583. 

  584. 		msg_debug_milter("got helo value: %V", session->helo);

  585. 

  586. 		break;

  587. 	case RSPAMD_MILTER_CMD_QUIT_NC:

  588. 		/* We need to reset session and start over */

  589. 		msg_debug_milter("got quit_nc command");

  590. 		rspamd_milter_session_reset(session, RSPAMD_MILTER_RESET_QUIT_NC);

  591. 		break;

  592. 	case RSPAMD_MILTER_CMD_HEADER:

  593. 		msg_debug_milter("got header command");

  594. 		if (!session->message) {

  595. 			session->message = rspamd_fstring_sized_new(

  596. 				RSPAMD_MILTER_MESSAGE_CHUNK);

  597. 		}

  598. 		zero = memchr(pos, '\0', cmdlen);

  599. 

  600. 		if (zero == NULL) {

  601. 			err = g_error_new(rspamd_milter_quark(), EINVAL, "invalid "

  602. 															 "header command (no name)");

  603. 			rspamd_milter_on_protocol_error(session, priv, err);

  604. 

  605. 			return FALSE;

  606. 		}

  607. 		else {

  608. 			if (end > zero && *(end - 1) == '\0') {

  609. 				khiter_t k;

  610. 				int res;

  611. 

  612. 				k = kh_get(milter_headers_hash_t, priv->headers, (char *) pos);

  613. 

  614. 				if (k == kh_end(priv->headers)) {

  615. 					GArray *ar;

  616. 

  617. 					k = kh_put(milter_headers_hash_t, priv->headers,

  618. 							   g_strdup(pos), &res);

  619. 					ar = g_array_new(FALSE, FALSE, sizeof(int));

  620. 					g_array_append_val(ar, priv->cur_hdr);

  621. 					kh_value(priv->headers, k) = ar;

  622. 				}

  623. 				else {

  624. 					g_array_append_val(kh_value(priv->headers, k),

  625. 									   priv->cur_hdr);

  626. 				}

  627. 

  628. 				rspamd_printf_fstring(&session->message, "%*s: %*s\r\n",

  629. 									  (int) (zero - pos), pos,

  630. 									  (int) (end - zero - 2), zero + 1);

  631. 				priv->cur_hdr++;

  632. 			}

  633. 			else {

  634. 				err = g_error_new(rspamd_milter_quark(), EINVAL, "invalid "

  635. 																 "header command (bad value)");

  636. 				rspamd_milter_on_protocol_error(session, priv, err);

  637. 

  638. 				return FALSE;

  639. 			}

  640. 		}

  641. 		break;

  642. 	case RSPAMD_MILTER_CMD_MAIL:

  643. 		msg_debug_milter("mail command");

  644. 

  645. 		while (pos < end) {

  646. 			struct rspamd_email_address *addr;

  647. 			char *cpy;

  648. 

  649. 			zero = memchr(pos, '\0', end - pos);

  650. 

  651. 			if (zero && zero > pos) {

  652. 				cpy = rspamd_mempool_alloc(priv->pool, zero - pos);

  653. 				memcpy(cpy, pos, zero - pos);

  654. 				msg_debug_milter("got mail: %*s", (int) (zero - pos), cpy);

  655. 				addr = rspamd_email_address_from_smtp(cpy, zero - pos);

  656. 

  657. 				if (addr) {

  658. 					session->from = addr;

  659. 				}

  660. 

  661. 				/* TODO: parse esmtp arguments */

  662. 				break;

  663. 			}

  664. 			else {

  665. 				msg_debug_milter("got weird from: %*s", (int) (end - pos),

  666. 								 pos);

  667. 				/* That actually should not happen */

  668. 				cpy = rspamd_mempool_alloc(priv->pool, end - pos);

  669. 				memcpy(cpy, pos, end - pos);

  670. 				addr = rspamd_email_address_from_smtp(cpy, end - pos);

  671. 

  672. 				if (addr) {

  673. 					session->from = addr;

  674. 				}

  675. 

  676. 				break;

  677. 			}

  678. 		}

  679. 		break;

  680. 	case RSPAMD_MILTER_CMD_EOH:

  681. 		msg_debug_milter("got eoh command");

  682. 

  683. 		if (!session->message) {

  684. 			session->message = rspamd_fstring_sized_new(

  685. 				RSPAMD_MILTER_MESSAGE_CHUNK);

  686. 		}

  687. 

  688. 		session->message = rspamd_fstring_append(session->message,

  689. 												 "\r\n", 2);

  690. 		break;

  691. 	case RSPAMD_MILTER_CMD_OPTNEG:

  692. 		if (cmdlen != sizeof(uint32_t) * 3) {

  693. 			err = g_error_new(rspamd_milter_quark(), EINVAL, "invalid "

  694. 															 "optneg command");

  695. 			rspamd_milter_on_protocol_error(session, priv, err);

  696. 

  697. 			return FALSE;

  698. 		}

  699. 

  700. 		READ_INT_32(pos, version);

  701. 		READ_INT_32(pos, actions);

  702. 		READ_INT_32(pos, protocol);

  703. 

  704. 		msg_debug_milter("optneg: version: %d, actions: %d, protocol: %d",

  705. 						 version, actions, protocol);

  706. 

  707. 		if (version < RSPAMD_MILTER_PROTO_VER) {

  708. 			msg_warn_milter("MTA specifies too old protocol: %d, "

  709. 							"aborting connection",

  710. 							version);

  711. 

  712. 			err = g_error_new(rspamd_milter_quark(), EINVAL, "invalid "

  713. 															 "protocol version: %d",

  714. 							  version);

  715. 			rspamd_milter_on_protocol_error(session, priv, err);

  716. 

  717. 			return FALSE;

  718. 		}

  719. 

  720. 		version = RSPAMD_MILTER_PROTO_VER;

  721. 		actions |= RSPAMD_MILTER_ACTIONS_MASK;

  722. 		protocol = RSPAMD_MILTER_FLAG_NOREPLY_MASK;

  723. 

  724. 		return rspamd_milter_send_action(session, RSPAMD_MILTER_OPTNEG,

  725. 										 version, actions, protocol);

  726. 		break;

  727. 	case RSPAMD_MILTER_CMD_QUIT:

  728. 		if (priv->out_chain) {

  729. 			msg_debug_milter("quit command, refcount: %d, "

  730. 							 "some output buffers left - draining",

  731. 							 session->ref.refcount);

  732. 

  733. 			priv->state = RSPAMD_MILTER_WRITE_AND_DIE;

  734. 		}

  735. 		else {

  736. 			msg_debug_milter("quit command, refcount: %d",

  737. 							 session->ref.refcount);

  738. 

  739. 			priv->state = RSPAMD_MILTER_WANNA_DIE;

  740. 			REF_RETAIN(session);

  741. 			priv->fin_cb(priv->fd, session, priv->ud);

  742. 			REF_RELEASE(session);

  743. 			return FALSE;

  744. 		}

  745. 		break;

  746. 	case RSPAMD_MILTER_CMD_RCPT:

  747. 		msg_debug_milter("rcpt command");

  748. 

  749. 		while (pos < end) {

  750. 			struct rspamd_email_address *addr;

  751. 			char *cpy;

  752. 

  753. 			zero = memchr(pos, '\0', end - pos);

  754. 

  755. 			if (zero && zero > pos) {

  756. 				cpy = rspamd_mempool_alloc(priv->pool, end - pos);

  757. 				memcpy(cpy, pos, end - pos);

  758. 

  759. 				msg_debug_milter("got rcpt: %*s", (int) (zero - pos), cpy);

  760. 				addr = rspamd_email_address_from_smtp(cpy, zero - pos);

  761. 

  762. 				if (addr) {

  763. 					if (!session->rcpts) {

  764. 						session->rcpts = g_ptr_array_sized_new(1);

  765. 					}

  766. 

  767. 					g_ptr_array_add(session->rcpts, addr);

  768. 				}

  769. 

  770. 				pos = zero + 1;

  771. 			}

  772. 			else {

  773. 				cpy = rspamd_mempool_alloc(priv->pool, end - pos);

  774. 				memcpy(cpy, pos, end - pos);

  775. 

  776. 				msg_debug_milter("got weird rcpt: %*s", (int) (end - pos),

  777. 								 pos);

  778. 				/* That actually should not happen */

  779. 				addr = rspamd_email_address_from_smtp(cpy, end - pos);

  780. 

  781. 				if (addr) {

  782. 					if (!session->rcpts) {

  783. 						session->rcpts = g_ptr_array_sized_new(1);

  784. 					}

  785. 

  786. 					g_ptr_array_add(session->rcpts, addr);

  787. 				}

  788. 

  789. 				break;

  790. 			}

  791. 		}

  792. 		break;

  793. 	case RSPAMD_MILTER_CMD_DATA:

  794. 		if (!session->message) {

  795. 			session->message = rspamd_fstring_sized_new(

  796. 				RSPAMD_MILTER_MESSAGE_CHUNK);

  797. 		}

  798. 		msg_debug_milter("got data command");

  799. 		/* We do not need reply as specified */

  800. 		break;

  801. 	default:

  802. 		msg_debug_milter("got bad command: %c", priv->parser.cur_cmd);

  803. 		break;

  804. 	}

  805. 

  806. 	return TRUE;

  807. }

  808. 

  809. static gboolean

  810. rspamd_milter_is_valid_cmd(unsigned char c)

  811. {

  812. 	switch (c) {

  813. 	case RSPAMD_MILTER_CMD_ABORT:

  814. 	case RSPAMD_MILTER_CMD_BODY:

  815. 	case RSPAMD_MILTER_CMD_CONNECT:

  816. 	case RSPAMD_MILTER_CMD_MACRO:

  817. 	case RSPAMD_MILTER_CMD_BODYEOB:

  818. 	case RSPAMD_MILTER_CMD_HELO:

  819. 	case RSPAMD_MILTER_CMD_QUIT_NC:

  820. 	case RSPAMD_MILTER_CMD_HEADER:

  821. 	case RSPAMD_MILTER_CMD_MAIL:

  822. 	case RSPAMD_MILTER_CMD_EOH:

  823. 	case RSPAMD_MILTER_CMD_OPTNEG:

  824. 	case RSPAMD_MILTER_CMD_QUIT:

  825. 	case RSPAMD_MILTER_CMD_RCPT:

  826. 	case RSPAMD_MILTER_CMD_DATA:

  827. 	case RSPAMD_MILTER_CMD_UNKNOWN:

  828. 		return TRUE;

  829. 	default:

  830. 		break;

  831. 	}

  832. 

  833. 	return FALSE;

  834. }

  835. 

  836. static gboolean

  837. rspamd_milter_consume_input(struct rspamd_milter_session *session,

  838. 							struct rspamd_milter_private *priv)

  839. {

  840. 	const unsigned char *p, *end;

  841. 	GError *err;

  842. 

  843. 	p = priv->parser.buf->str + priv->parser.pos;

  844. 	end = priv->parser.buf->str + priv->parser.buf->len;

  845. 

  846. 	while (p < end) {

  847. 		msg_debug_milter("offset: %d, state: %d",

  848. 						 (int) (p - (const unsigned char *) priv->parser.buf->str),

  849. 						 priv->parser.state);

  850. 

  851. 		switch (priv->parser.state) {

  852. 		case st_len_1:

  853. 			/* The first length byte in big endian order */

  854. 			priv->parser.datalen = 0;

  855. 			priv->parser.datalen |= ((gsize) *p) << 24;

  856. 			priv->parser.state = st_len_2;

  857. 			p++;

  858. 			break;

  859. 		case st_len_2:

  860. 			/* The second length byte in big endian order */

  861. 			priv->parser.datalen |= ((gsize) *p) << 16;

  862. 			priv->parser.state = st_len_3;

  863. 			p++;

  864. 			break;

  865. 		case st_len_3:

  866. 			/* The third length byte in big endian order */

  867. 			priv->parser.datalen |= ((gsize) *p) << 8;

  868. 			priv->parser.state = st_len_4;

  869. 			p++;

  870. 			break;

  871. 		case st_len_4:

  872. 			/* The fourth length byte in big endian order */

  873. 			priv->parser.datalen |= ((gsize) *p);

  874. 			priv->parser.state = st_read_cmd;

  875. 			p++;

  876. 			break;

  877. 		case st_read_cmd:

  878. 			priv->parser.cur_cmd = *p;

  879. 			priv->parser.state = st_read_data;

  880. 

  881. 			if (priv->parser.datalen < 1) {

  882. 				err = g_error_new(rspamd_milter_quark(), EINVAL,

  883. 								  "Command length is too short");

  884. 				rspamd_milter_on_protocol_error(session, priv, err);

  885. 

  886. 				return FALSE;

  887. 			}

  888. 			else {

  889. 				/* Eat command itself */

  890. 				priv->parser.datalen--;

  891. 			}

  892. 

  893. 			p++;

  894. 			priv->parser.cmd_start = p - (const unsigned char *) priv->parser.buf->str;

  895. 			break;

  896. 		case st_read_data:

  897. 			/* We might need some more data in buffer for further steps */

  898. 			if (priv->parser.datalen >

  899. 				RSPAMD_MILTER_MESSAGE_CHUNK * 2) {

  900. 				/* Check if we have HTTP input instead of milter */

  901. 				if (priv->parser.buf->len > sizeof("GET") &&

  902. 					memcmp(priv->parser.buf->str, "GET", 3) == 0) {

  903. 					struct http_parser http_parser;

  904. 					struct http_parser_settings http_callbacks;

  905. 					GString *url = g_string_new(NULL);

  906. 

  907. 					/* Hack, hack, hack */

  908. 					/*

  909. 					 * This code is assumed to read `/ping` command and

  910. 					 * handle it to monitor port's availability since

  911. 					 * milter protocol is stupid and does not allow to do that

  912. 					 * This code also assumes that HTTP request can be read

  913. 					 * as as single data chunk which is not true in some cases

  914. 					 * In general, don't use it for anything but ping checks

  915. 					 */

  916. 					memset(&http_callbacks, 0, sizeof(http_callbacks));

  917. 					http_parser.data = url;

  918. 					http_parser_init(&http_parser, HTTP_REQUEST);

  919. 					http_callbacks.on_url = rspamd_milter_http_on_url;

  920. 					http_parser_execute(&http_parser, &http_callbacks,

  921. 										priv->parser.buf->str, priv->parser.buf->len);

  922. 

  923. 					if (url->len == sizeof("/ping") - 1 &&

  924. 						rspamd_lc_cmp(url->str, "/ping", url->len) == 0) {

  925. 						rspamd_milter_on_protocol_ping(session, priv);

  926. 						g_string_free(url, TRUE);

  927. 

  928. 						return TRUE;

  929. 					}

  930. 					else {

  931. 						err = g_error_new(rspamd_milter_quark(), EINVAL,

  932. 										  "HTTP GET request is not supported in milter mode, url: %s",

  933. 										  url->str);

  934. 					}

  935. 

  936. 					g_string_free(url, TRUE);

  937. 				}

  938. 				else if (priv->parser.buf->len > sizeof("POST") &&

  939. 						 memcmp(priv->parser.buf->str, "POST", 4) == 0) {

  940. 					err = g_error_new(rspamd_milter_quark(), EINVAL,

  941. 									  "HTTP POST request is not supported in milter mode");

  942. 				}

  943. 				else {

  944. 					err = g_error_new(rspamd_milter_quark(), E2BIG,

  945. 									  "Command length is too big: %zd",

  946. 									  priv->parser.datalen);

  947. 				}

  948. 

  949. 				rspamd_milter_on_protocol_error(session, priv, err);

  950. 

  951. 				return FALSE;

  952. 			}

  953. 			if (!rspamd_milter_is_valid_cmd(priv->parser.cur_cmd)) {

  954. 				err = g_error_new(rspamd_milter_quark(), E2BIG,

  955. 								  "Unvalid command: %c",

  956. 								  priv->parser.cur_cmd);

  957. 				rspamd_milter_on_protocol_error(session, priv, err);

  958. 

  959. 				return FALSE;

  960. 			}

  961. 			if (priv->parser.buf->allocated < priv->parser.datalen) {

  962. 				priv->parser.pos = p - (const unsigned char *) priv->parser.buf->str;

  963. 				priv->parser.buf = rspamd_fstring_grow(priv->parser.buf,

  964. 													   priv->parser.buf->len + priv->parser.datalen);

  965. 				/* This can realloc buffer */

  966. 				rspamd_milter_plan_io(session, priv, EV_READ);

  967. 				goto end;

  968. 			}

  969. 			else {

  970. 				/* We may have the full command available */

  971. 				if (p + priv->parser.datalen <= end) {

  972. 					/* We can process command */

  973. 					if (!rspamd_milter_process_command(session, priv)) {

  974. 						return FALSE;

  975. 					}

  976. 

  977. 					p += priv->parser.datalen;

  978. 					priv->parser.state = st_len_1;

  979. 					priv->parser.cur_cmd = '\0';

  980. 					priv->parser.cmd_start = 0;

  981. 				}

  982. 				else {

  983. 					/* Need to read more */

  984. 					priv->parser.pos = p - (const unsigned char *) priv->parser.buf->str;

  985. 					rspamd_milter_plan_io(session, priv, EV_READ);

  986. 					goto end;

  987. 				}

  988. 			}

  989. 			break;

  990. 		}

  991. 	}

  992. 

  993. 	/* Leftover */

  994. 	switch (priv->parser.state) {

  995. 	case st_read_data:

  996. 		if (p + priv->parser.datalen <= end) {

  997. 			if (!rspamd_milter_process_command(session, priv)) {

  998. 				return FALSE;

  999. 			}

  1000. 

  1001. 			priv->parser.state = st_len_1;

  1002. 			priv->parser.cur_cmd = '\0';

  1003. 			priv->parser.cmd_start = 0;

  1004. 		}

  1005. 		break;

  1006. 	default:

  1007. 		/* No need to do anything */

  1008. 		break;

  1009. 	}

  1010. 

  1011. 	if (p == end) {

  1012. 		priv->parser.buf->len = 0;

  1013. 		priv->parser.pos = 0;

  1014. 		priv->parser.cmd_start = 0;

  1015. 	}

  1016. 

  1017. 	if (priv->out_chain) {

  1018. 		rspamd_milter_plan_io(session, priv, EV_READ | EV_WRITE);

  1019. 	}

  1020. 	else {

  1021. 		rspamd_milter_plan_io(session, priv, EV_READ);

  1022. 	}

  1023. end:

  1024. 

  1025. 	return TRUE;

  1026. }

  1027. 

  1028. static gboolean

  1029. rspamd_milter_handle_session(struct rspamd_milter_session *session,

  1030. 							 struct rspamd_milter_private *priv)

  1031. {

  1032. 	struct rspamd_milter_outbuf *obuf, *obuf_tmp;

  1033. 	gssize r, to_write;

  1034. 	GError *err;

  1035. 

  1036. 	g_assert(session != NULL);

  1037. 

  1038. 	switch (priv->state) {

  1039. 	case RSPAMD_MILTER_READ_MORE:

  1040. 		if (priv->parser.buf->len >= priv->parser.buf->allocated) {

  1041. 			priv->parser.buf = rspamd_fstring_grow(priv->parser.buf,

  1042. 												   priv->parser.buf->len * 2);

  1043. 		}

  1044. 

  1045. 		r = read(priv->fd, priv->parser.buf->str + priv->parser.buf->len,

  1046. 				 priv->parser.buf->allocated - priv->parser.buf->len);

  1047. 

  1048. 		msg_debug_milter("read %z bytes, %z remain, %z allocated",

  1049. 						 r, priv->parser.buf->len, priv->parser.buf->allocated);

  1050. 

  1051. 		if (r == -1) {

  1052. 			if (errno == EAGAIN || errno == EINTR) {

  1053. 				rspamd_milter_plan_io(session, priv, EV_READ);

  1054. 

  1055. 				return TRUE;

  1056. 			}

  1057. 			else {

  1058. 				/* Fatal IO error */

  1059. 				err = g_error_new(rspamd_milter_quark(), errno,

  1060. 								  "IO read error: %s", strerror(errno));

  1061. 				REF_RETAIN(session);

  1062. 				priv->err_cb(priv->fd, session, priv->ud, err);

  1063. 				REF_RELEASE(session);

  1064. 				g_error_free(err);

  1065. 

  1066. 				REF_RELEASE(session);

  1067. 

  1068. 				return FALSE;

  1069. 			}

  1070. 		}

  1071. 		else if (r == 0) {

  1072. 			err = g_error_new(rspamd_milter_quark(), ECONNRESET,

  1073. 							  "Unexpected EOF");

  1074. 			REF_RETAIN(session);

  1075. 			priv->err_cb(priv->fd, session, priv->ud, err);

  1076. 			REF_RELEASE(session);

  1077. 			g_error_free(err);

  1078. 

  1079. 			REF_RELEASE(session);

  1080. 

  1081. 			return FALSE;

  1082. 		}

  1083. 		else {

  1084. 			priv->parser.buf->len += r;

  1085. 

  1086. 			return rspamd_milter_consume_input(session, priv);

  1087. 		}

  1088. 

  1089. 		break;

  1090. 	case RSPAMD_MILTER_WRITE_REPLY:

  1091. 	case RSPAMD_MILTER_WRITE_AND_DIE:

  1092. 		if (priv->out_chain == NULL) {

  1093. 			if (priv->state == RSPAMD_MILTER_WRITE_AND_DIE) {

  1094. 				/* Finished writing, let's die finally */

  1095. 				msg_debug_milter("output drained, terminating, refcount: %d",

  1096. 								 session->ref.refcount);

  1097. 

  1098. 				/* Session should be destroyed by fin_cb... */

  1099. 				REF_RETAIN(session);

  1100. 				priv->fin_cb(priv->fd, session, priv->ud);

  1101. 				REF_RELEASE(session);

  1102. 

  1103. 				return FALSE;

  1104. 			}

  1105. 			else {

  1106. 				/* We have written everything, so we can read something */

  1107. 				priv->state = RSPAMD_MILTER_READ_MORE;

  1108. 				rspamd_milter_plan_io(session, priv, EV_READ);

  1109. 			}

  1110. 		}

  1111. 		else {

  1112. 			DL_FOREACH_SAFE(priv->out_chain, obuf, obuf_tmp)

  1113. 			{

  1114. 				to_write = obuf->buf->len - obuf->pos;

  1115. 

  1116. 				g_assert(to_write > 0);

  1117. 

  1118. 				r = write(priv->fd, obuf->buf->str + obuf->pos, to_write);

  1119. 

  1120. 				if (r == -1) {

  1121. 					if (errno == EAGAIN || errno == EINTR) {

  1122. 						rspamd_milter_plan_io(session, priv, EV_WRITE);

  1123. 					}

  1124. 					else {

  1125. 						/* Fatal IO error */

  1126. 						err = g_error_new(rspamd_milter_quark(), errno,

  1127. 										  "IO write error: %s", strerror(errno));

  1128. 						REF_RETAIN(session);

  1129. 						priv->err_cb(priv->fd, session, priv->ud, err);

  1130. 						REF_RELEASE(session);

  1131. 						g_error_free(err);

  1132. 

  1133. 						REF_RELEASE(session);

  1134. 

  1135. 						return FALSE;

  1136. 					}

  1137. 				}

  1138. 				else if (r == 0) {

  1139. 					err = g_error_new(rspamd_milter_quark(), ECONNRESET,

  1140. 									  "Unexpected EOF");

  1141. 					REF_RETAIN(session);

  1142. 					priv->err_cb(priv->fd, session, priv->ud, err);

  1143. 					REF_RELEASE(session);

  1144. 					g_error_free(err);

  1145. 

  1146. 					REF_RELEASE(session);

  1147. 

  1148. 					return FALSE;

  1149. 				}

  1150. 				else {

  1151. 					if (r == to_write) {

  1152. 						/* We have done with this buf */

  1153. 						DL_DELETE(priv->out_chain, obuf);

  1154. 						rspamd_milter_obuf_free(obuf);

  1155. 					}

  1156. 					else {

  1157. 						/* We need to plan another write */

  1158. 						obuf->pos += r;

  1159. 						rspamd_milter_plan_io(session, priv, EV_WRITE);

  1160. 

  1161. 						return TRUE;

  1162. 					}

  1163. 				}

  1164. 			}

  1165. 

  1166. 			/* Here we have written everything, so we can plan reading */

  1167. 			priv->state = RSPAMD_MILTER_READ_MORE;

  1168. 			rspamd_milter_plan_io(session, priv, EV_READ);

  1169. 		}

  1170. 		break;

  1171. 	case RSPAMD_MILTER_WANNA_DIE:

  1172. 		/* We are here after processing everything, so release session */

  1173. 		REF_RELEASE(session);

  1174. 		return FALSE;

  1175. 		break;

  1176. 	case RSPAMD_MILTER_PONG_AND_DIE:

  1177. 		err = g_error_new(rspamd_milter_quark(), 0,

  1178. 						  "ping command");

  1179. 		REF_RETAIN(session);

  1180. 		priv->err_cb(priv->fd, session, priv->ud, err);

  1181. 		REF_RELEASE(session);

  1182. 		g_error_free(err);

  1183. 		REF_RELEASE(session);

  1184. 		return FALSE;

  1185. 		break;

  1186. 	}

  1187. 

  1188. 	return TRUE;

  1189. }

  1190. 

  1191. 

  1192. gboolean

  1193. rspamd_milter_handle_socket(int fd, ev_tstamp timeout,

  1194. 							rspamd_mempool_t *pool,

  1195. 							struct ev_loop *ev_base, rspamd_milter_finish finish_cb,

  1196. 							rspamd_milter_error error_cb, void *ud)

  1197. {

  1198. 	struct rspamd_milter_session *session;

  1199. 	struct rspamd_milter_private *priv;

  1200. 	int nfd = dup(fd);

  1201. 

  1202. 	if (nfd == -1) {

  1203. 		GError *err = g_error_new(rspamd_milter_quark(), errno,

  1204. 								  "dup failed: %s", strerror(errno));

  1205. 		error_cb(fd, NULL, ud, err);

  1206. 

  1207. 		return FALSE;

  1208. 	}

  1209. 

  1210. 	g_assert(finish_cb != NULL);

  1211. 	g_assert(error_cb != NULL);

  1212. 	g_assert(milter_ctx != NULL);

  1213. 

  1214. 	session = g_malloc0(sizeof(*session));

  1215. 	priv = g_malloc0(sizeof(*priv));

  1216. 	priv->fd = nfd;

  1217. 	priv->ud = ud;

  1218. 	priv->fin_cb = finish_cb;

  1219. 	priv->err_cb = error_cb;

  1220. 	priv->parser.state = st_len_1;

  1221. 	priv->parser.buf = rspamd_fstring_sized_new(RSPAMD_MILTER_MESSAGE_CHUNK + 5);

  1222. 	priv->event_loop = ev_base;

  1223. 	priv->state = RSPAMD_MILTER_READ_MORE;

  1224. 	priv->pool = rspamd_mempool_new(rspamd_mempool_suggest_size(), "milter", 0);

  1225. 	priv->discard_on_reject = milter_ctx->discard_on_reject;

  1226. 	priv->quarantine_on_reject = milter_ctx->quarantine_on_reject;

  1227. 	priv->ev.timeout = timeout;

  1228. 

  1229. 	rspamd_ev_watcher_init(&priv->ev, priv->fd, EV_READ | EV_WRITE,

  1230. 						   rspamd_milter_io_handler, session);

  1231. 

  1232. 	if (pool) {

  1233. 		/* Copy tag */

  1234. 		memcpy(priv->pool->tag.uid, pool->tag.uid, sizeof(pool->tag.uid));

  1235. 	}

  1236. 

  1237. 	priv->headers = kh_init(milter_headers_hash_t);

  1238. 	kh_resize(milter_headers_hash_t, priv->headers, 32);

  1239. 

  1240. 	session->priv = priv;

  1241. 	REF_INIT_RETAIN(session, rspamd_milter_session_dtor);

  1242. 

  1243. 	if (milter_ctx->sessions_cache) {

  1244. 		rspamd_worker_session_cache_add(milter_ctx->sessions_cache,

  1245. 										priv->pool->tag.uid, &session->ref.refcount, session);

  1246. 	}

  1247. 

  1248. 	return rspamd_milter_handle_session(session, priv);

  1249. }

  1250. 

  1251. gboolean

  1252. rspamd_milter_set_reply(struct rspamd_milter_session *session,

  1253. 						rspamd_fstring_t *rcode,

  1254. 						rspamd_fstring_t *xcode,

  1255. 						rspamd_fstring_t *reply)

  1256. {

  1257. 	GString *buf;

  1258. 	gboolean ret;

  1259. 

  1260. 	buf = g_string_sized_new(xcode->len + rcode->len + reply->len + 2);

  1261. 	rspamd_printf_gstring(buf, "%V %V %V", rcode, xcode, reply);

  1262. 	ret = rspamd_milter_send_action(session, RSPAMD_MILTER_REPLYCODE,

  1263. 									buf);

  1264. 	g_string_free(buf, TRUE);

  1265. 

  1266. 	return ret;

  1267. }

  1268. 

  1269. #define SET_COMMAND(cmd, sz, reply, pos)                           \

  1270. 	do {                                                           \

  1271. 		uint32_t _len;                                             \

  1272. 		_len = (sz) + 1;                                           \

  1273. 		(reply) = rspamd_fstring_sized_new(sizeof(_len) + _len);   \

  1274. 		(reply)->len = sizeof(_len) + _len;                        \

  1275. 		_len = htonl(_len);                                        \

  1276. 		memcpy((reply)->str, &_len, sizeof(_len));                 \

  1277. 		(reply)->str[sizeof(_len)] = (cmd);                        \

  1278. 		(pos) = (unsigned char *) (reply)->str + sizeof(_len) + 1; \

  1279. 	} while (0)

  1280. 

  1281. gboolean

  1282. rspamd_milter_send_action(struct rspamd_milter_session *session,

  1283. 						  enum rspamd_milter_reply act, ...)

  1284. {

  1285. 	uint32_t ver, actions, protocol, idx;

  1286. 	va_list ap;

  1287. 	unsigned char cmd, *pos;

  1288. 	rspamd_fstring_t *reply = NULL;

  1289. 	gsize len;

  1290. 	GString *name, *value;

  1291. 	const char *body_str;

  1292. 	struct rspamd_milter_outbuf *obuf;

  1293. 	struct rspamd_milter_private *priv = session->priv;

  1294. 	const rspamd_fstring_t *reason;

  1295. 

  1296. 	va_start(ap, act);

  1297. 	cmd = act;

  1298. 

  1299. 	switch (act) {

  1300. 	case RSPAMD_MILTER_ACCEPT:

  1301. 	case RSPAMD_MILTER_CONTINUE:

  1302. 	case RSPAMD_MILTER_DISCARD:

  1303. 	case RSPAMD_MILTER_PROGRESS:

  1304. 	case RSPAMD_MILTER_REJECT:

  1305. 	case RSPAMD_MILTER_TEMPFAIL:

  1306. 		/* No additional arguments */

  1307. 		msg_debug_milter("send %c command", cmd);

  1308. 		SET_COMMAND(cmd, 0, reply, pos);

  1309. 		break;

  1310. 	case RSPAMD_MILTER_QUARANTINE:

  1311. 		reason = va_arg(ap, const rspamd_fstring_t *);

  1312. 

  1313. 		if (reason != NULL) {

  1314. 			len = reason->len;

  1315. 			msg_debug_milter("send quarantine action %*s", (int) len, reason->str);

  1316. 			SET_COMMAND(cmd, len + 1, reply, pos);

  1317. 			memcpy(pos, reason->str, len);

  1318. 			pos[len] = '\0';

  1319. 		}

  1320. 		else {

  1321. 			msg_debug_milter("send quarantine action with no specific string");

  1322. 			SET_COMMAND(cmd, 1, reply, pos);

  1323. 			*pos = '\0';

  1324. 		}

  1325. 

  1326. 		break;

  1327. 	case RSPAMD_MILTER_ADDHEADER:

  1328. 		name = va_arg(ap, GString *);

  1329. 		value = va_arg(ap, GString *);

  1330. 

  1331. 		/* Name and value must be zero terminated */

  1332. 		msg_debug_milter("add header command - \"%v\"=\"%v\"", name, value);

  1333. 		SET_COMMAND(cmd, name->len + value->len + 2, reply, pos);

  1334. 		memcpy(pos, name->str, name->len + 1);

  1335. 		pos += name->len + 1;

  1336. 		memcpy(pos, value->str, value->len + 1);

  1337. 		break;

  1338. 	case RSPAMD_MILTER_CHGHEADER:

  1339. 	case RSPAMD_MILTER_INSHEADER:

  1340. 		idx = va_arg(ap, uint32_t);

  1341. 		name = va_arg(ap, GString *);

  1342. 		value = va_arg(ap, GString *);

  1343. 

  1344. 		msg_debug_milter("change/insert header command pos = %d- \"%v\"=\"%v\"",

  1345. 						 idx, name, value);

  1346. 		/* Name and value must be zero terminated */

  1347. 		SET_COMMAND(cmd, name->len + value->len + 2 + sizeof(uint32_t),

  1348. 					reply, pos);

  1349. 		idx = htonl(idx);

  1350. 		memcpy(pos, &idx, sizeof(idx));

  1351. 		pos += sizeof(idx);

  1352. 		memcpy(pos, name->str, name->len + 1);

  1353. 		pos += name->len + 1;

  1354. 		memcpy(pos, value->str, value->len + 1);

  1355. 		break;

  1356. 	case RSPAMD_MILTER_REPLBODY:

  1357. 		len = va_arg(ap, gsize);

  1358. 		body_str = va_arg(ap, const char *);

  1359. 		msg_debug_milter("want to change body; size = %uz",

  1360. 						 len);

  1361. 		SET_COMMAND(cmd, len, reply, pos);

  1362. 		memcpy(pos, body_str, len);

  1363. 		break;

  1364. 	case RSPAMD_MILTER_REPLYCODE:

  1365. 	case RSPAMD_MILTER_ADDRCPT:

  1366. 	case RSPAMD_MILTER_DELRCPT:

  1367. 	case RSPAMD_MILTER_CHGFROM:

  1368. 		/* Single GString * argument */

  1369. 		value = va_arg(ap, GString *);

  1370. 		msg_debug_milter("command %c; value=%v", cmd, value);

  1371. 		SET_COMMAND(cmd, value->len + 1, reply, pos);

  1372. 		memcpy(pos, value->str, value->len + 1);

  1373. 		break;

  1374. 	case RSPAMD_MILTER_OPTNEG:

  1375. 		ver = va_arg(ap, uint32_t);

  1376. 		actions = va_arg(ap, uint32_t);

  1377. 		protocol = va_arg(ap, uint32_t);

  1378. 

  1379. 		msg_debug_milter("optneg reply: ver=%d, actions=%d, protocol=%d",

  1380. 						 ver, actions, protocol);

  1381. 		ver = htonl(ver);

  1382. 		actions = htonl(actions);

  1383. 		protocol = htonl(protocol);

  1384. 		SET_COMMAND(cmd, sizeof(uint32_t) * 3, reply, pos);

  1385. 		memcpy(pos, &ver, sizeof(ver));

  1386. 		pos += sizeof(ver);

  1387. 		memcpy(pos, &actions, sizeof(actions));

  1388. 		pos += sizeof(actions);

  1389. 		memcpy(pos, &protocol, sizeof(protocol));

  1390. 		break;

  1391. 	default:

  1392. 		msg_err_milter("invalid command: %c", cmd);

  1393. 		break;

  1394. 	}

  1395. 

  1396. 	va_end(ap);

  1397. 

  1398. 	if (reply) {

  1399. 		obuf = g_malloc(sizeof(*obuf));

  1400. 		obuf->buf = reply;

  1401. 		obuf->pos = 0;

  1402. 		DL_APPEND(priv->out_chain, obuf);

  1403. 		priv->state = RSPAMD_MILTER_WRITE_REPLY;

  1404. 		rspamd_milter_plan_io(session, priv, EV_WRITE);

  1405. 

  1406. 		return TRUE;

  1407. 	}

  1408. 

  1409. 	return FALSE;

  1410. }

  1411. 

  1412. gboolean

  1413. rspamd_milter_add_header(struct rspamd_milter_session *session,

  1414. 						 GString *name, GString *value)

  1415. {

  1416. 	return rspamd_milter_send_action(session, RSPAMD_MILTER_ADDHEADER,

  1417. 									 name, value);

  1418. }

  1419. 

  1420. gboolean

  1421. rspamd_milter_del_header(struct rspamd_milter_session *session,

  1422. 						 GString *name)

  1423. {

  1424. 	GString value;

  1425. 	uint32_t idx = 1;

  1426. 

  1427. 	value.str = (char *) "";

  1428. 	value.len = 0;

  1429. 

  1430. 	return rspamd_milter_send_action(session, RSPAMD_MILTER_CHGHEADER,

  1431. 									 idx, name, &value);

  1432. }

  1433. 

  1434. void rspamd_milter_session_unref(struct rspamd_milter_session *session)

  1435. {

  1436. 	REF_RELEASE(session);

  1437. }

  1438. 

  1439. struct rspamd_milter_session *

  1440. rspamd_milter_session_ref(struct rspamd_milter_session *session)

  1441. {

  1442. 	REF_RETAIN(session);

  1443. 

  1444. 	return session;

  1445. }

  1446. 

  1447. #define IF_MACRO(lit)                                    \

  1448. 	RSPAMD_FTOK_ASSIGN(&srch, (lit));                    \

  1449. 	found = g_hash_table_lookup(session->macros, &srch); \

  1450. 	if (found)

  1451. 

  1452. static void

  1453. rspamd_milter_macro_http(struct rspamd_milter_session *session,

  1454. 						 struct rspamd_http_message *msg)

  1455. {

  1456. 	rspamd_ftok_t *found, srch;

  1457. 	struct rspamd_milter_private *priv = session->priv;

  1458. 

  1459. 	/*

  1460. 	 * We assume postfix macros here, sendmail ones might be slightly

  1461. 	 * different

  1462. 	 */

  1463. 

  1464. 	if (!session->macros) {

  1465. 		return;

  1466. 	}

  1467. 

  1468. 	IF_MACRO("{i}")

  1469. 	{

  1470. 		rspamd_http_message_add_header_len(msg, QUEUE_ID_HEADER,

  1471. 										   found->begin, found->len);

  1472. 	}

  1473. 	else

  1474. 	{

  1475. 		IF_MACRO("i")

  1476. 		{

  1477. 			rspamd_http_message_add_header_len(msg, QUEUE_ID_HEADER,

  1478. 											   found->begin, found->len);

  1479. 		}

  1480. 	}

  1481. 

  1482. 	IF_MACRO("{v}")

  1483. 	{

  1484. 		rspamd_http_message_add_header_len(msg, USER_AGENT_HEADER,

  1485. 										   found->begin, found->len);

  1486. 	}

  1487. 	else

  1488. 	{

  1489. 		IF_MACRO("v")

  1490. 		{

  1491. 			rspamd_http_message_add_header_len(msg, USER_AGENT_HEADER,

  1492. 											   found->begin, found->len);

  1493. 		}

  1494. 	}

  1495. 

  1496. 	IF_MACRO("{cipher}")

  1497. 	{

  1498. 		rspamd_http_message_add_header_len(msg, TLS_CIPHER_HEADER,

  1499. 										   found->begin, found->len);

  1500. 	}

  1501. 

  1502. 	IF_MACRO("{tls_version}")

  1503. 	{

  1504. 		rspamd_http_message_add_header_len(msg, TLS_VERSION_HEADER,

  1505. 										   found->begin, found->len);

  1506. 	}

  1507. 

  1508. 	IF_MACRO("{auth_authen}")

  1509. 	{

  1510. 		rspamd_http_message_add_header_len(msg, USER_HEADER,

  1511. 										   found->begin, found->len);

  1512. 	}

  1513. 

  1514. 	IF_MACRO("{rcpt_mailer}")

  1515. 	{

  1516. 		rspamd_http_message_add_header_len(msg, MAILER_HEADER,

  1517. 										   found->begin, found->len);

  1518. 	}

  1519. 

  1520. 	if (milter_ctx->client_ca_name) {

  1521. 		IF_MACRO("{cert_issuer}")

  1522. 		{

  1523. 			rspamd_http_message_add_header_len(msg, CERT_ISSUER_HEADER,

  1524. 											   found->begin, found->len);

  1525. 

  1526. 			if (found->len == strlen(milter_ctx->client_ca_name) &&

  1527. 				rspamd_cryptobox_memcmp(found->begin,

  1528. 										milter_ctx->client_ca_name, found->len) == 0) {

  1529. 				msg_debug_milter("process certificate issued by %T", found);

  1530. 				IF_MACRO("{cert_subject}")

  1531. 				{

  1532. 					rspamd_http_message_add_header_len(msg, USER_HEADER,

  1533. 													   found->begin, found->len);

  1534. 				}

  1535. 			}

  1536. 			else {

  1537. 				msg_debug_milter("skip certificate issued by %T", found);

  1538. 			}

  1539. 		}

  1540. 	}

  1541. 	else {

  1542. 		IF_MACRO("{cert_issuer}")

  1543. 		{

  1544. 			rspamd_http_message_add_header_len(msg, CERT_ISSUER_HEADER,

  1545. 											   found->begin, found->len);

  1546. 		}

  1547. 	}

  1548. 

  1549. 	if (!session->hostname || session->hostname->len == 0) {

  1550. 		IF_MACRO("{client_name}")

  1551. 		{

  1552. 			if (!(found->len == sizeof("unknown") - 1 &&

  1553. 				  memcmp(found->begin, "unknown",

  1554. 						 sizeof("unknown") - 1) == 0)) {

  1555. 				rspamd_http_message_add_header_len(msg, HOSTNAME_HEADER,

  1556. 												   found->begin, found->len);

  1557. 			}

  1558. 			else {

  1559. 				msg_debug_milter("skip unknown hostname from being added");

  1560. 			}

  1561. 		}

  1562. 	}

  1563. 

  1564. 	IF_MACRO("{daemon_name}")

  1565. 	{

  1566. 		/* Postfix style */

  1567. 		rspamd_http_message_add_header_len(msg, MTA_NAME_HEADER,

  1568. 										   found->begin, found->len);

  1569. 	}

  1570. 	else

  1571. 	{

  1572. 		/* Sendmail style */

  1573. 		IF_MACRO("{j}")

  1574. 		{

  1575. 			rspamd_http_message_add_header_len(msg, MTA_NAME_HEADER,

  1576. 											   found->begin, found->len);

  1577. 		}

  1578. 		else

  1579. 		{

  1580. 			IF_MACRO("j")

  1581. 			{

  1582. 				rspamd_http_message_add_header_len(msg, MTA_NAME_HEADER,

  1583. 												   found->begin, found->len);

  1584. 			}

  1585. 		}

  1586. 	}

  1587. }

  1588. 

  1589. struct rspamd_http_message *

  1590. rspamd_milter_to_http(struct rspamd_milter_session *session)

  1591. {

  1592. 	struct rspamd_http_message *msg;

  1593. 	unsigned int i;

  1594. 	struct rspamd_email_address *rcpt;

  1595. 	struct rspamd_milter_private *priv = session->priv;

  1596. 

  1597. 	g_assert(session != NULL);

  1598. 

  1599. 	msg = rspamd_http_new_message(HTTP_REQUEST);

  1600. 

  1601. 	msg->url = rspamd_fstring_assign(msg->url, "/" MSG_CMD_CHECK_V2,

  1602. 									 sizeof("/" MSG_CMD_CHECK_V2) - 1);

  1603. 

  1604. 	if (session->message) {

  1605. 		rspamd_http_message_set_body_from_fstring_steal(msg, session->message);

  1606. 		session->message = NULL;

  1607. 	}

  1608. 

  1609. 	if (session->hostname && RSPAMD_FSTRING_LEN(session->hostname) > 0) {

  1610. 		if (!(session->hostname->len == sizeof("unknown") - 1 &&

  1611. 			  memcmp(RSPAMD_FSTRING_DATA(session->hostname), "unknown",

  1612. 					 sizeof("unknown") - 1) == 0)) {

  1613. 			rspamd_http_message_add_header_fstr(msg, HOSTNAME_HEADER,

  1614. 												session->hostname);

  1615. 		}

  1616. 		else {

  1617. 			msg_debug_milter("skip unknown hostname from being added");

  1618. 		}

  1619. 	}

  1620. 

  1621. 	if (session->helo && session->helo->len > 0) {

  1622. 		rspamd_http_message_add_header_fstr(msg, HELO_HEADER,

  1623. 											session->helo);

  1624. 	}

  1625. 

  1626. 	if (session->from) {

  1627. 		rspamd_http_message_add_header_len(msg, FROM_HEADER,

  1628. 										   session->from->raw, session->from->raw_len);

  1629. 	}

  1630. 

  1631. 	if (session->rcpts) {

  1632. 		PTR_ARRAY_FOREACH(session->rcpts, i, rcpt)

  1633. 		{

  1634. 			rspamd_http_message_add_header_len(msg, RCPT_HEADER,

  1635. 											   rcpt->raw, rcpt->raw_len);

  1636. 		}

  1637. 	}

  1638. 

  1639. 	if (session->addr) {

  1640. 		if (rspamd_inet_address_get_af(session->addr) != AF_UNIX) {

  1641. 			rspamd_http_message_add_header(msg, IP_ADDR_HEADER,

  1642. 										   rspamd_inet_address_to_string_pretty(session->addr));

  1643. 		}

  1644. 		else {

  1645. 			rspamd_http_message_add_header(msg, IP_ADDR_HEADER,

  1646. 										   rspamd_inet_address_to_string(session->addr));

  1647. 		}

  1648. 	}

  1649. 

  1650. 	rspamd_milter_macro_http(session, msg);

  1651. 	rspamd_http_message_add_header(msg, FLAGS_HEADER, "milter,body_block");

  1652. 

  1653. 	return msg;

  1654. }

  1655. 

  1656. void *

  1657. rspamd_milter_update_userdata(struct rspamd_milter_session *session,

  1658. 							  void *ud)

  1659. {

  1660. 	struct rspamd_milter_private *priv = session->priv;

  1661. 	void *prev_ud;

  1662. 

  1663. 	prev_ud = priv->ud;

  1664. 	priv->ud = ud;

  1665. 

  1666. 	return prev_ud;

  1667. }

  1668. 

  1669. static void

  1670. rspamd_milter_remove_header_safe(struct rspamd_milter_session *session,

  1671. 								 const char *key, int nhdr)

  1672. {

  1673. 	int i;

  1674. 	GString *hname, *hvalue;

  1675. 	struct rspamd_milter_private *priv = session->priv;

  1676. 	khiter_t k;

  1677. 	GArray *ar;

  1678. 

  1679. 	k = kh_get(milter_headers_hash_t, priv->headers, (char *) key);

  1680. 

  1681. 	if (k != kh_end(priv->headers)) {

  1682. 		ar = kh_val(priv->headers, k);

  1683. 

  1684. 		hname = g_string_new(key);

  1685. 		hvalue = g_string_new("");

  1686. 

  1687. 		if (nhdr > 0) {

  1688. 			if (ar->len >= nhdr) {

  1689. 				rspamd_milter_send_action(session,

  1690. 										  RSPAMD_MILTER_CHGHEADER,

  1691. 										  nhdr, hname, hvalue);

  1692. 				priv->cur_hdr--;

  1693. 			}

  1694. 		}

  1695. 		else if (nhdr == 0) {

  1696. 			/* We need to clear all headers */

  1697. 			for (i = ar->len; i > 0; i--) {

  1698. 				rspamd_milter_send_action(session,

  1699. 										  RSPAMD_MILTER_CHGHEADER,

  1700. 										  i, hname, hvalue);

  1701. 				priv->cur_hdr--;

  1702. 			}

  1703. 		}

  1704. 		else {

  1705. 			/* Remove from the end */

  1706. 			if (nhdr >= -(ar->len)) {

  1707. 				rspamd_milter_send_action(session,

  1708. 										  RSPAMD_MILTER_CHGHEADER,

  1709. 										  ar->len + nhdr + 1, hname, hvalue);

  1710. 				priv->cur_hdr--;

  1711. 			}

  1712. 		}

  1713. 

  1714. 		g_string_free(hname, TRUE);

  1715. 		g_string_free(hvalue, TRUE);

  1716. 

  1717. 		if (priv->cur_hdr < 0) {

  1718. 			msg_err_milter("negative header count after removing %s", key);

  1719. 			priv->cur_hdr = 0;

  1720. 		}

  1721. 	}

  1722. }

  1723. 

  1724. static void

  1725. rspamd_milter_extract_single_header(struct rspamd_milter_session *session,

  1726. 									const char *hdr, const ucl_object_t *obj)

  1727. {

  1728. 	GString *hname, *hvalue;

  1729. 	struct rspamd_milter_private *priv = session->priv;

  1730. 	int idx = -1;

  1731. 	const ucl_object_t *val;

  1732. 

  1733. 	val = ucl_object_lookup(obj, "value");

  1734. 

  1735. 	if (val && ucl_object_type(val) == UCL_STRING) {

  1736. 		const ucl_object_t *idx_obj;

  1737. 		gboolean has_idx = FALSE;

  1738. 

  1739. 		idx_obj = ucl_object_lookup_any(obj, "order",

  1740. 										"index", NULL);

  1741. 

  1742. 		if (idx_obj && (ucl_object_type(idx_obj) == UCL_INT || ucl_object_type(idx_obj) == UCL_FLOAT)) {

  1743. 			idx = ucl_object_toint(idx_obj);

  1744. 			has_idx = TRUE;

  1745. 		}

  1746. 

  1747. 		hname = g_string_new(hdr);

  1748. 		hvalue = g_string_new(ucl_object_tostring(val));

  1749. 

  1750. 		if (has_idx) {

  1751. 			if (idx >= 0) {

  1752. 				rspamd_milter_send_action(session,

  1753. 										  RSPAMD_MILTER_INSHEADER,

  1754. 										  idx,

  1755. 										  hname, hvalue);

  1756. 			}

  1757. 			else {

  1758. 				/* Calculate negative offset */

  1759. 

  1760. 				if (idx == -1) {

  1761. 					rspamd_milter_send_action(session,

  1762. 											  RSPAMD_MILTER_ADDHEADER,

  1763. 											  hname, hvalue);

  1764. 				}

  1765. 				else if (-idx <= priv->cur_hdr) {

  1766. 					/*

  1767. 					 * Note: We should account MTA's own "Received:" field

  1768. 					 * which wasn't passed by Milter's header command.

  1769. 					 */

  1770. 					rspamd_milter_send_action(session,

  1771. 											  RSPAMD_MILTER_INSHEADER,

  1772. 											  priv->cur_hdr + idx + 2,

  1773. 											  hname, hvalue);

  1774. 				}

  1775. 				else {

  1776. 					rspamd_milter_send_action(session,

  1777. 											  RSPAMD_MILTER_INSHEADER,

  1778. 											  0,

  1779. 											  hname, hvalue);

  1780. 				}

  1781. 			}

  1782. 		}

  1783. 		else {

  1784. 			rspamd_milter_send_action(session,

  1785. 									  RSPAMD_MILTER_ADDHEADER,

  1786. 									  hname, hvalue);

  1787. 		}

  1788. 

  1789. 		priv->cur_hdr++;

  1790. 

  1791. 		g_string_free(hname, TRUE);

  1792. 		g_string_free(hvalue, TRUE);

  1793. 	}

  1794. }

  1795. 

  1796. /*

  1797.  * Returns `TRUE` if action has been processed internally by this function

  1798.  */

  1799. static gboolean

  1800. rspamd_milter_process_milter_block(struct rspamd_milter_session *session,

  1801. 								   const ucl_object_t *obj, struct rspamd_action *action)

  1802. {

  1803. 	const ucl_object_t *elt, *cur;

  1804. 	ucl_object_iter_t it;

  1805. 	struct rspamd_milter_private *priv = session->priv;

  1806. 	GString *hname, *hvalue;

  1807. 

  1808. 	if (obj && ucl_object_type(obj) == UCL_OBJECT) {

  1809. 		elt = ucl_object_lookup(obj, "remove_headers");

  1810. 		/*

  1811. 		 * remove_headers:  {"name": 1, ... }

  1812. 		 * where number is the header's position starting from '1'

  1813. 		 */

  1814. 		if (elt && ucl_object_type(elt) == UCL_OBJECT) {

  1815. 			it = NULL;

  1816. 

  1817. 			while ((cur = ucl_object_iterate(elt, &it, true)) != NULL) {

  1818. 				if (ucl_object_type(cur) == UCL_INT) {

  1819. 					rspamd_milter_remove_header_safe(session,

  1820. 													 ucl_object_key(cur),

  1821. 													 ucl_object_toint(cur));

  1822. 				}

  1823. 			}

  1824. 		}

  1825. 

  1826. 		elt = ucl_object_lookup(obj, "add_headers");

  1827. 		/*

  1828. 		 * add_headers: {"name": "value", ... }

  1829. 		 * name could have multiple values

  1830. 		 * -or- (since 1.7)

  1831. 		 * {"name": {"value": "val", "order": 0}, ... }

  1832. 		 */

  1833. 		if (elt && ucl_object_type(elt) == UCL_OBJECT) {

  1834. 			it = NULL;

  1835. 

  1836. 			while ((cur = ucl_object_iterate(elt, &it, true)) != NULL) {

  1837. 

  1838. 				const char *key_name = ucl_object_key(cur);

  1839. 

  1840. 				if (ucl_object_type(cur) == UCL_STRING) {

  1841. 					/*

  1842. 					 * Legacy support of {"name": "value", ... } with

  1843. 					 * multiple names under the same name

  1844. 					 */

  1845. 					ucl_object_iter_t *elt_it;

  1846. 					const ucl_object_t *cur_elt;

  1847. 

  1848. 					elt_it = ucl_object_iterate_new(cur);

  1849. 					while ((cur_elt = ucl_object_iterate_safe(elt_it, false)) != NULL) {

  1850. 						if (ucl_object_type(cur_elt) == UCL_STRING) {

  1851. 							hname = g_string_new(key_name);

  1852. 							hvalue = g_string_new(ucl_object_tostring(cur_elt));

  1853. 

  1854. 							rspamd_milter_send_action(session,

  1855. 													  RSPAMD_MILTER_ADDHEADER,

  1856. 													  hname, hvalue);

  1857. 							g_string_free(hname, TRUE);

  1858. 							g_string_free(hvalue, TRUE);

  1859. 						}

  1860. 						else {

  1861. 							msg_warn_milter("legacy header with name %s, that has not a string value: %s",

  1862. 											key_name, ucl_object_type_to_string(cur_elt->type));

  1863. 						}

  1864. 					}

  1865. 					ucl_object_iterate_free(elt_it);

  1866. 				}

  1867. 				else {

  1868. 					if (ucl_object_type(cur) == UCL_OBJECT) {

  1869. 						rspamd_milter_extract_single_header(session,

  1870. 															key_name, cur);

  1871. 					}

  1872. 					else if (ucl_object_type(cur) == UCL_ARRAY) {

  1873. 						/* Multiple values for the same key */

  1874. 						ucl_object_iter_t *array_it;

  1875. 						const ucl_object_t *array_elt;

  1876. 

  1877. 						array_it = ucl_object_iterate_new(cur);

  1878. 

  1879. 						while ((array_elt = ucl_object_iterate_safe(array_it,

  1880. 																	true)) != NULL) {

  1881. 							rspamd_milter_extract_single_header(session,

  1882. 																key_name, array_elt);

  1883. 						}

  1884. 

  1885. 						ucl_object_iterate_free(array_it);

  1886. 					}

  1887. 					else {

  1888. 						msg_warn_milter("non-legacy header with name %s, that has unsupported value type: %s",

  1889. 										key_name, ucl_object_type_to_string(cur->type));

  1890. 					}

  1891. 				}

  1892. 			}

  1893. 		}

  1894. 

  1895. 		elt = ucl_object_lookup(obj, "change_from");

  1896. 

  1897. 		if (elt && ucl_object_type(elt) == UCL_STRING) {

  1898. 			hvalue = g_string_new(ucl_object_tostring(elt));

  1899. 			rspamd_milter_send_action(session,

  1900. 									  RSPAMD_MILTER_CHGFROM,

  1901. 									  hvalue);

  1902. 			g_string_free(hvalue, TRUE);

  1903. 		}

  1904. 

  1905. 		elt = ucl_object_lookup(obj, "add_rcpt");

  1906. 

  1907. 		if (elt && ucl_object_type(elt) == UCL_ARRAY) {

  1908. 			it = NULL;

  1909. 

  1910. 			while ((cur = ucl_object_iterate(elt, &it, true)) != NULL) {

  1911. 				hvalue = g_string_new(ucl_object_tostring(cur));

  1912. 				rspamd_milter_send_action(session,

  1913. 										  RSPAMD_MILTER_ADDRCPT,

  1914. 										  hvalue);

  1915. 				g_string_free(hvalue, TRUE);

  1916. 			}

  1917. 		}

  1918. 

  1919. 		elt = ucl_object_lookup(obj, "del_rcpt");

  1920. 

  1921. 		if (elt && ucl_object_type(elt) == UCL_ARRAY) {

  1922. 			it = NULL;

  1923. 

  1924. 			while ((cur = ucl_object_iterate(elt, &it, true)) != NULL) {

  1925. 				hvalue = g_string_new(ucl_object_tostring(cur));

  1926. 				rspamd_milter_send_action(session,

  1927. 										  RSPAMD_MILTER_DELRCPT,

  1928. 										  hvalue);

  1929. 				g_string_free(hvalue, TRUE);

  1930. 			}

  1931. 		}

  1932. 

  1933. 		elt = ucl_object_lookup(obj, "reject");

  1934. 

  1935. 		if (elt && ucl_object_type(elt) == UCL_STRING) {

  1936. 			if (strcmp(ucl_object_tostring(elt), "discard") == 0) {

  1937. 				priv->discard_on_reject = TRUE;

  1938. 				msg_info_milter("discard message instead of rejection");

  1939. 			}

  1940. 			else if (strcmp(ucl_object_tostring(elt), "quarantine") == 0) {

  1941. 				priv->quarantine_on_reject = TRUE;

  1942. 				msg_info_milter("quarantine message instead of rejection");

  1943. 			}

  1944. 			else {

  1945. 				priv->discard_on_reject = FALSE;

  1946. 				priv->quarantine_on_reject = FALSE;

  1947. 			}

  1948. 		}

  1949. 

  1950. 		elt = ucl_object_lookup(obj, "no_action");

  1951. 

  1952. 		if (elt && ucl_object_type(elt) == UCL_BOOLEAN) {

  1953. 			priv->no_action = ucl_object_toboolean(elt);

  1954. 		}

  1955. 	}

  1956. 

  1957. 	if (action->action_type == METRIC_ACTION_ADD_HEADER) {

  1958. 		elt = ucl_object_lookup(obj, "spam_header");

  1959. 

  1960. 		if (elt) {

  1961. 			if (ucl_object_type(elt) == UCL_STRING) {

  1962. 				rspamd_milter_remove_header_safe(session,

  1963. 												 milter_ctx->spam_header,

  1964. 												 0);

  1965. 

  1966. 				hname = g_string_new(milter_ctx->spam_header);

  1967. 				hvalue = g_string_new(ucl_object_tostring(elt));

  1968. 				rspamd_milter_send_action(session, RSPAMD_MILTER_CHGHEADER,

  1969. 										  (uint32_t) 1, hname, hvalue);

  1970. 				g_string_free(hname, TRUE);

  1971. 				g_string_free(hvalue, TRUE);

  1972. 				rspamd_milter_send_action(session, RSPAMD_MILTER_ACCEPT);

  1973. 

  1974. 				return TRUE;

  1975. 			}

  1976. 			else if (ucl_object_type(elt) == UCL_OBJECT) {

  1977. 				it = NULL;

  1978. 

  1979. 				while ((cur = ucl_object_iterate(elt, &it, true)) != NULL) {

  1980. 					rspamd_milter_remove_header_safe(session,

  1981. 													 ucl_object_key(cur),

  1982. 													 0);

  1983. 

  1984. 					hname = g_string_new(ucl_object_key(cur));

  1985. 					hvalue = g_string_new(ucl_object_tostring(cur));

  1986. 					rspamd_milter_send_action(session, RSPAMD_MILTER_CHGHEADER,

  1987. 											  (uint32_t) 1, hname, hvalue);

  1988. 					g_string_free(hname, TRUE);

  1989. 					g_string_free(hvalue, TRUE);

  1990. 				}

  1991. 

  1992. 				rspamd_milter_send_action(session, RSPAMD_MILTER_ACCEPT);

  1993. 

  1994. 				return TRUE;

  1995. 			}

  1996. 		}

  1997. 	}

  1998. 

  1999. 	return FALSE;

  2000. }

  2001. 

  2002. void rspamd_milter_send_task_results(struct rspamd_milter_session *session,

  2003. 									 const ucl_object_t *results,

  2004. 									 const char *new_body,

  2005. 									 gsize bodylen)

  2006. {

  2007. 	const ucl_object_t *elt;

  2008. 	struct rspamd_milter_private *priv = session->priv;

  2009. 	const char *str_action;

  2010. 	struct rspamd_action *action;

  2011. 	rspamd_fstring_t *xcode = NULL, *rcode = NULL, *reply = NULL;

  2012. 	GString *hname, *hvalue;

  2013. 	gboolean processed = FALSE;

  2014. 

  2015. 	if (results == NULL) {

  2016. 		msg_err_milter("cannot find scan results, tempfail");

  2017. 		rspamd_milter_send_action(session, RSPAMD_MILTER_TEMPFAIL);

  2018. 

  2019. 		goto cleanup;

  2020. 	}

  2021. 

  2022. 	elt = ucl_object_lookup(results, "action");

  2023. 

  2024. 	if (!elt) {

  2025. 		msg_err_milter("cannot find action in results, tempfail");

  2026. 		rspamd_milter_send_action(session, RSPAMD_MILTER_TEMPFAIL);

  2027. 

  2028. 		goto cleanup;

  2029. 	}

  2030. 

  2031. 	str_action = ucl_object_tostring(elt);

  2032. 	action = rspamd_config_get_action(milter_ctx->cfg, str_action);

  2033. 

  2034. 	if (action == NULL) {

  2035. 		msg_err_milter("action %s has not been registered", str_action);

  2036. 		rspamd_milter_send_action(session, RSPAMD_MILTER_TEMPFAIL);

  2037. 

  2038. 		goto cleanup;

  2039. 	}

  2040. 

  2041. 	elt = ucl_object_lookup(results, "messages");

  2042. 	if (elt) {

  2043. 		const ucl_object_t *smtp_res;

  2044. 		const char *msg;

  2045. 		gsize len = 0;

  2046. 

  2047. 		smtp_res = ucl_object_lookup(elt, "smtp_message");

  2048. 

  2049. 		if (smtp_res) {

  2050. 			msg = ucl_object_tolstring(smtp_res, &len);

  2051. 			reply = rspamd_fstring_new_init(msg, len);

  2052. 		}

  2053. 	}

  2054. 

  2055. 	/* Deal with milter headers */

  2056. 	elt = ucl_object_lookup(results, "milter");

  2057. 

  2058. 	if (elt) {

  2059. 		processed = rspamd_milter_process_milter_block(session, elt, action);

  2060. 	}

  2061. 

  2062. 	/* DKIM-Signature */

  2063. 	elt = ucl_object_lookup(results, "dkim-signature");

  2064. 

  2065. 	if (elt) {

  2066. 		hname = g_string_new(RSPAMD_MILTER_DKIM_HEADER);

  2067. 

  2068. 		if (ucl_object_type(elt) == UCL_STRING) {

  2069. 			hvalue = g_string_new(ucl_object_tostring(elt));

  2070. 

  2071. 			rspamd_milter_send_action(session, RSPAMD_MILTER_INSHEADER,

  2072. 									  1, hname, hvalue);

  2073. 

  2074. 			g_string_free(hvalue, TRUE);

  2075. 		}

  2076. 		else {

  2077. 			ucl_object_iter_t it;

  2078. 			const ucl_object_t *cur;

  2079. 			int i = 1;

  2080. 

  2081. 			it = ucl_object_iterate_new(elt);

  2082. 

  2083. 			while ((cur = ucl_object_iterate_safe(it, true)) != NULL) {

  2084. 				hvalue = g_string_new(ucl_object_tostring(cur));

  2085. 

  2086. 				rspamd_milter_send_action(session, RSPAMD_MILTER_INSHEADER,

  2087. 										  i++, hname, hvalue);

  2088. 

  2089. 				g_string_free(hvalue, TRUE);

  2090. 			}

  2091. 

  2092. 			ucl_object_iterate_free(it);

  2093. 		}

  2094. 

  2095. 		g_string_free(hname, TRUE);

  2096. 	}

  2097. 

  2098. 	if (processed) {

  2099. 		goto cleanup;

  2100. 	}

  2101. 

  2102. 	if (new_body) {

  2103. 		rspamd_milter_send_action(session, RSPAMD_MILTER_REPLBODY,

  2104. 								  bodylen, new_body);

  2105. 	}

  2106. 

  2107. 	if (priv->no_action) {

  2108. 		msg_info_milter("do not apply action %s, no_action is set",

  2109. 						str_action);

  2110. 		hname = g_string_new(RSPAMD_MILTER_ACTION_HEADER);

  2111. 		hvalue = g_string_new(str_action);

  2112. 

  2113. 		rspamd_milter_send_action(session, RSPAMD_MILTER_ADDHEADER,

  2114. 								  hname, hvalue);

  2115. 		g_string_free(hname, TRUE);

  2116. 		g_string_free(hvalue, TRUE);

  2117. 		rspamd_milter_send_action(session, RSPAMD_MILTER_ACCEPT);

  2118. 

  2119. 		goto cleanup;

  2120. 	}

  2121. 

  2122. 	switch (action->action_type) {

  2123. 	case METRIC_ACTION_REJECT:

  2124. 		if (priv->discard_on_reject) {

  2125. 			rspamd_milter_send_action(session, RSPAMD_MILTER_DISCARD);

  2126. 		}

  2127. 		else if (priv->quarantine_on_reject) {

  2128. 			if (!reply) {

  2129. 				if (milter_ctx->quarantine_message == NULL) {

  2130. 					reply = rspamd_fstring_new_init(

  2131. 						RSPAMD_MILTER_QUARANTINE_MESSAGE,

  2132. 						sizeof(RSPAMD_MILTER_QUARANTINE_MESSAGE) - 1);

  2133. 				}

  2134. 				else {

  2135. 					reply = rspamd_fstring_new_init(milter_ctx->quarantine_message,

  2136. 													strlen(milter_ctx->quarantine_message));

  2137. 				}

  2138. 				rspamd_milter_send_action(session, RSPAMD_MILTER_QUARANTINE, reply);

  2139. 			}

  2140. 

  2141. 			/* Quarantine also requires accept action, all hail Sendmail */

  2142. 			rspamd_milter_send_action(session, RSPAMD_MILTER_ACCEPT);

  2143. 		}

  2144. 		else {

  2145. 			rcode = rspamd_fstring_new_init(RSPAMD_MILTER_RCODE_REJECT,

  2146. 											sizeof(RSPAMD_MILTER_RCODE_REJECT) - 1);

  2147. 			xcode = rspamd_fstring_new_init(RSPAMD_MILTER_XCODE_REJECT,

  2148. 											sizeof(RSPAMD_MILTER_XCODE_REJECT) - 1);

  2149. 

  2150. 			if (!reply) {

  2151. 				if (milter_ctx->reject_message == NULL) {

  2152. 					reply = rspamd_fstring_new_init(

  2153. 						RSPAMD_MILTER_REJECT_MESSAGE,

  2154. 						sizeof(RSPAMD_MILTER_REJECT_MESSAGE) - 1);

  2155. 				}

  2156. 				else {

  2157. 					reply = rspamd_fstring_new_init(milter_ctx->reject_message,

  2158. 													strlen(milter_ctx->reject_message));

  2159. 				}

  2160. 			}

  2161. 

  2162. 			rspamd_milter_set_reply(session, rcode, xcode, reply);

  2163. 		}

  2164. 		break;

  2165. 	case METRIC_ACTION_SOFT_REJECT:

  2166. 		rcode = rspamd_fstring_new_init(RSPAMD_MILTER_RCODE_TEMPFAIL,

  2167. 										sizeof(RSPAMD_MILTER_RCODE_TEMPFAIL) - 1);

  2168. 		xcode = rspamd_fstring_new_init(RSPAMD_MILTER_XCODE_TEMPFAIL,

  2169. 										sizeof(RSPAMD_MILTER_XCODE_TEMPFAIL) - 1);

  2170. 

  2171. 		if (!reply) {

  2172. 			if (milter_ctx->tempfail_message == NULL) {

  2173. 				reply = rspamd_fstring_new_init(

  2174. 					RSPAMD_MILTER_TEMPFAIL_MESSAGE,

  2175. 					sizeof(RSPAMD_MILTER_TEMPFAIL_MESSAGE) - 1);

  2176. 			}

  2177. 			else {

  2178. 				reply = rspamd_fstring_new_init(milter_ctx->tempfail_message,

  2179. 												strlen(milter_ctx->tempfail_message));

  2180. 			}

  2181. 		}

  2182. 

  2183. 		rspamd_milter_set_reply(session, rcode, xcode, reply);

  2184. 		break;

  2185. 

  2186. 	case METRIC_ACTION_REWRITE_SUBJECT:

  2187. 		elt = ucl_object_lookup(results, "subject");

  2188. 

  2189. 		if (elt) {

  2190. 			hname = g_string_new("Subject");

  2191. 			hvalue = g_string_new(ucl_object_tostring(elt));

  2192. 

  2193. 			rspamd_milter_send_action(session, RSPAMD_MILTER_CHGHEADER,

  2194. 									  (uint32_t) 1, hname, hvalue);

  2195. 			g_string_free(hname, TRUE);

  2196. 			g_string_free(hvalue, TRUE);

  2197. 		}

  2198. 

  2199. 		rspamd_milter_send_action(session, RSPAMD_MILTER_ACCEPT);

  2200. 		break;

  2201. 

  2202. 	case METRIC_ACTION_ADD_HEADER:

  2203. 		/* Remove existing headers */

  2204. 		rspamd_milter_remove_header_safe(session,

  2205. 										 milter_ctx->spam_header,

  2206. 										 0);

  2207. 

  2208. 		hname = g_string_new(milter_ctx->spam_header);

  2209. 		hvalue = g_string_new("Yes");

  2210. 		rspamd_milter_send_action(session, RSPAMD_MILTER_CHGHEADER,

  2211. 								  (uint32_t) 1, hname, hvalue);

  2212. 		g_string_free(hname, TRUE);

  2213. 		g_string_free(hvalue, TRUE);

  2214. 		rspamd_milter_send_action(session, RSPAMD_MILTER_ACCEPT);

  2215. 		break;

  2216. 

  2217. 	case METRIC_ACTION_QUARANTINE:

  2218. 		if (!reply) {

  2219. 			if (milter_ctx->quarantine_message == NULL) {

  2220. 				reply = rspamd_fstring_new_init(

  2221. 					RSPAMD_MILTER_QUARANTINE_MESSAGE,

  2222. 					sizeof(RSPAMD_MILTER_QUARANTINE_MESSAGE) - 1);

  2223. 			}

  2224. 			else {

  2225. 				reply = rspamd_fstring_new_init(milter_ctx->quarantine_message,

  2226. 												strlen(milter_ctx->quarantine_message));

  2227. 			}

  2228. 			rspamd_milter_send_action(session, RSPAMD_MILTER_QUARANTINE, reply);

  2229. 		}

  2230. 

  2231. 		/* Quarantine also requires accept action, all hail Sendmail */

  2232. 		rspamd_milter_send_action(session, RSPAMD_MILTER_ACCEPT);

  2233. 		break;

  2234. 	case METRIC_ACTION_DISCARD:

  2235. 		rspamd_milter_send_action(session, RSPAMD_MILTER_DISCARD);

  2236. 		break;

  2237. 	case METRIC_ACTION_GREYLIST:

  2238. 	case METRIC_ACTION_NOACTION:

  2239. 	default:

  2240. 		rspamd_milter_send_action(session, RSPAMD_MILTER_ACCEPT);

  2241. 		break;

  2242. 	}

  2243. 

  2244. cleanup:

  2245. 	rspamd_fstring_free(rcode);

  2246. 	rspamd_fstring_free(xcode);

  2247. 	rspamd_fstring_free(reply);

  2248. 

  2249. 	rspamd_milter_session_reset(session, RSPAMD_MILTER_RESET_ABORT);

  2250. }

  2251. 

  2252. void rspamd_milter_init_library(const struct rspamd_milter_context *ctx)

  2253. {

  2254. 	milter_ctx = ctx;

  2255. }

  2256. 

  2257. rspamd_mempool_t *

  2258. rspamd_milter_get_session_pool(struct rspamd_milter_session *session)

  2259. {

  2260. 	struct rspamd_milter_private *priv = session->priv;

  2261. 

  2262. 	return priv->pool;

  2263. }