/*
 * Copyright (c) 1998-2007, 2009 Sendmail, Inc. and its suppliers.
 *      All rights reserved.
 * Copyright (c) 1983, 1995-1997 Eric P. Allman.  All rights reserved.
 * Copyright (c) 1988, 1993
 *      The Regents of the University of California.  All rights reserved.
 *
 * By using this file, you agree to the terms and conditions set
 * forth in the LICENSE file which can be found at the top level of
 * the sendmail distribution.
 *
 */

#include <sendmail.h>
#include "map.h"

SM_RCSID("@(#)$Id: daemon.c,v 8.683 2009/12/18 01:12:40 ca Exp $")

#if defined(SOCK_STREAM) || defined(__GNU_LIBRARY__)
# define USE_SOCK_STREAM        1
#endif /* defined(SOCK_STREAM) || defined(__GNU_LIBRARY__) */

#if defined(USE_SOCK_STREAM)
# if NETINET || NETINET6
#  include <arpa/inet.h>
# endif /* NETINET || NETINET6 */
# if NAMED_BIND
#  ifndef NO_DATA
#   define NO_DATA      NO_ADDRESS
#  endif /* ! NO_DATA */
# endif /* NAMED_BIND */
#endif /* defined(USE_SOCK_STREAM) */

#if STARTTLS
#  include <openssl/rand.h>
#endif /* STARTTLS */

#include <sm/time.h>

#if IP_SRCROUTE && NETINET
# include <netinet/in_systm.h>
# include <netinet/ip.h>
# if HAS_IN_H
#  include <netinet/in.h>
#  ifndef IPOPTION
#   define IPOPTION     ip_opts
#   define IP_LIST      ip_opts
#   define IP_DST       ip_dst
#  endif /* ! IPOPTION */
# else /* HAS_IN_H */
#  include <netinet/ip_var.h>
#  ifndef IPOPTION
#   define IPOPTION     ipoption
#   define IP_LIST      ipopt_list
#   define IP_DST       ipopt_dst
#  endif /* ! IPOPTION */
# endif /* HAS_IN_H */
#endif /* IP_SRCROUTE && NETINET */

#include <sm/fdset.h>

#define DAEMON_C 1
#include <daemon.h>

static void             connecttimeout __P((int));
static int              opendaemonsocket __P((DAEMON_T *, bool));
static unsigned short   setupdaemon __P((SOCKADDR *));
static void             getrequests_checkdiskspace __P((ENVELOPE *e));
static void             setsockaddroptions __P((char *, DAEMON_T *));
static void             printdaemonflags __P((DAEMON_T *));
static int              addr_family __P((char *));
static int              addrcmp __P((struct hostent *, char *, SOCKADDR *));
static void             authtimeout __P((int));

/*
**  DAEMON.C -- routines to use when running as a daemon.
**
**      This entire file is highly dependent on the 4.2 BSD
**      interprocess communication primitives.  No attempt has
**      been made to make this file portable to Version 7,
**      Version 6, MPX files, etc.  If you should try such a
**      thing yourself, I recommend chucking the entire file
**      and starting from scratch.  Basic semantics are:
**
**      getrequests(e)
**              Opens a port and initiates a connection.
**              Returns in a child.  Must set InChannel and
**              OutChannel appropriately.
**      clrdaemon()
**              Close any open files associated with getting
**              the connection; this is used when running the queue,
**              etc., to avoid having extra file descriptors during
**              the queue run and to avoid confusing the network
**              code (if it cares).
**      makeconnection(host, port, mci, e, enough)
**              Make a connection to the named host on the given
**              port. Returns zero on success, else an exit status
**              describing the error.
**      host_map_lookup(map, hbuf, avp, pstat)
**              Convert the entry in hbuf into a canonical form.
*/

static int      NDaemons = 0;                   /* actual number of daemons */

static time_t   NextDiskSpaceCheck = 0;

/*
**  GETREQUESTS -- open mail IPC port and get requests.
**
**      Parameters:
**              e -- the current envelope.
**
**      Returns:
**              pointer to flags.
**
**      Side Effects:
**              Waits until some interesting activity occurs.  When
**              it does, a child is created to process it, and the
**              parent waits for completion.  Return from this
**              routine is always in the child.  The file pointers
**              "InChannel" and "OutChannel" should be set to point
**              to the communication channel.
**              May restart persistent queue runners if they have ended
**              for some reason.
*/

BITMAP256 *
getrequests(e)
        ENVELOPE *e;
{
        int t;
        int idx, curdaemon = -1;
        int i, olddaemon = 0;
#if XDEBUG
        bool j_has_dot;
#endif /* XDEBUG */
        char status[MAXLINE];
        SOCKADDR sa;
        SOCKADDR_LEN_T len = sizeof(sa);
#if _FFR_QUEUE_RUN_PARANOIA
        time_t lastrun;
#endif /* _FFR_QUEUE_RUN_PARANOIA */
# if NETUNIX
        extern int ControlSocket;
# endif /* NETUNIX */
        extern ENVELOPE BlankEnvelope;


        /* initialize data for function that generates queue ids */
        init_qid_alg();
        for (idx = 0; idx < NDaemons; idx++)
        {
                Daemons[idx].d_port = setupdaemon(&(Daemons[idx].d_addr));
                Daemons[idx].d_firsttime = true;
                Daemons[idx].d_refuse_connections_until = (time_t) 0;
        }

        /*
        **  Try to actually open the connection.
        */

        if (tTd(15, 1))
        {
                for (idx = 0; idx < NDaemons; idx++)
                {
                        sm_dprintf("getrequests: daemon %s: port %d\n",
                                   Daemons[idx].d_name,
                                   ntohs(Daemons[idx].d_port));
                }
        }

        /* get a socket for the SMTP connection */
        for (idx = 0; idx < NDaemons; idx++)
                Daemons[idx].d_socksize = opendaemonsocket(&Daemons[idx], true);

        if (opencontrolsocket() < 0)
                sm_syslog(LOG_WARNING, NOQID,
                          "daemon could not open control socket %s: %s",
                          ControlSocketName, sm_errstring(errno));

        /* If there are any queue runners released reapchild() co-ord's */
        (void) sm_signal(SIGCHLD, reapchild);

        /* write the pid to file, command line args to syslog */
        log_sendmail_pid(e);

#if XDEBUG
        {
                char jbuf[MAXHOSTNAMELEN];

                expand("\201j", jbuf, sizeof(jbuf), e);
                j_has_dot = strchr(jbuf, '.') != NULL;
        }
#endif /* XDEBUG */

        /* Add parent process as first item */
        proc_list_add(CurrentPid, "Sendmail daemon", PROC_DAEMON, 0, -1, NULL);

        if (tTd(15, 1))
        {
                for (idx = 0; idx < NDaemons; idx++)
                        sm_dprintf("getrequests: daemon %s: socket %d\n",
                                Daemons[idx].d_name,
                                Daemons[idx].d_socket);
        }

        for (;;)
        {
                register pid_t pid;
                auto SOCKADDR_LEN_T lotherend;
                bool timedout = false;
                bool control = false;
                int save_errno;
                int pipefd[2];
                time_t now;
#if STARTTLS
                long seed;
#endif /* STARTTLS */

                /* see if we are rejecting connections */
                (void) sm_blocksignal(SIGALRM);
                CHECK_RESTART;

                for (idx = 0; idx < NDaemons; idx++)
                {
                        /*
                        **  XXX do this call outside the loop?
                        **      no: refuse_connections may sleep().
                        */

                        now = curtime();
                        if (now < Daemons[idx].d_refuse_connections_until)
                                continue;
                        if (bitnset(D_DISABLE, Daemons[idx].d_flags))
                                continue;
                        if (refuseconnections(e, idx, curdaemon == idx))
                        {
                                if (Daemons[idx].d_socket >= 0)
                                {
                                        /* close socket so peer fails quickly */
                                        (void) close(Daemons[idx].d_socket);
                                        Daemons[idx].d_socket = -1;
                                }

                                /* refuse connections for next 15 seconds */
                                Daemons[idx].d_refuse_connections_until = now + 15;
                        }
                        else if (Daemons[idx].d_socket < 0 ||
                                 Daemons[idx].d_firsttime)
                        {
                                if (!Daemons[idx].d_firsttime && LogLevel > 8)
                                        sm_syslog(LOG_INFO, NOQID,
                                                "accepting connections again for daemon %s",
                                                Daemons[idx].d_name);

                                /* arrange to (re)open the socket if needed */
                                (void) opendaemonsocket(&Daemons[idx], false);
                                Daemons[idx].d_firsttime = false;
                        }
                }

                /* May have been sleeping above, check again */
                CHECK_RESTART;

                getrequests_checkdiskspace(e);

#if XDEBUG
                /* check for disaster */
                {
                        char jbuf[MAXHOSTNAMELEN];

                        expand("\201j", jbuf, sizeof(jbuf), e);
                        if (!wordinclass(jbuf, 'w'))
                        {
                                dumpstate("daemon lost $j");
                                sm_syslog(LOG_ALERT, NOQID,
                                          "daemon process doesn't have $j in $=w; see syslog");
                                abort();
                        }
                        else if (j_has_dot && strchr(jbuf, '.') == NULL)
                        {
                                dumpstate("daemon $j lost dot");
                                sm_syslog(LOG_ALERT, NOQID,
                                          "daemon process $j lost dot; see syslog");
                                abort();
                        }
                }
#endif /* XDEBUG */

#if 0
                /*
                **  Andrew Sun <asun@ieps-sun.ml.com> claims that this will
                **  fix the SVr4 problem.  But it seems to have gone away,
                **  so is it worth doing this?
                */

                if (DaemonSocket >= 0 &&
                    SetNonBlocking(DaemonSocket, false) < 0)
                        log an error here;
#endif /* 0 */
                (void) sm_releasesignal(SIGALRM);

                for (;;)
                {
                        bool setproc = false;
                        int highest = -1;
                        fd_set readfds;
                        struct timeval timeout;

                        CHECK_RESTART;
                        FD_ZERO(&readfds);
                        for (idx = 0; idx < NDaemons; idx++)
                        {
                                /* wait for a connection */
                                if (Daemons[idx].d_socket >= 0)
                                {
                                        if (!setproc &&
                                            !bitnset(D_ETRNONLY,
                                                     Daemons[idx].d_flags))
                                        {
                                                sm_setproctitle(true, e,
                                                                "accepting connections");
                                                setproc = true;
                                        }
                                        if (Daemons[idx].d_socket > highest)
                                                highest = Daemons[idx].d_socket;
                                        SM_FD_SET(Daemons[idx].d_socket,
                                                  &readfds);
                                }
                        }

#if NETUNIX
                        if (ControlSocket >= 0)
                        {
                                if (ControlSocket > highest)
                                        highest = ControlSocket;
                                SM_FD_SET(ControlSocket, &readfds);
                        }
#endif /* NETUNIX */

                        timeout.tv_sec = 5;
                        timeout.tv_usec = 0;

                        t = select(highest + 1, FDSET_CAST &readfds,
                                   NULL, NULL, &timeout);

                        /* Did someone signal while waiting? */
                        CHECK_RESTART;

                        curdaemon = -1;
                        if (doqueuerun())
                        {
                                (void) runqueue(true, false, false, false);
#if _FFR_QUEUE_RUN_PARANOIA
                                lastrun = now;
#endif /* _FFR_QUEUE_RUN_PARANOIA */
                        }
#if _FFR_QUEUE_RUN_PARANOIA
                        else if (CheckQueueRunners > 0 && QueueIntvl > 0 &&
                                 lastrun + QueueIntvl + CheckQueueRunners < now)
                        {

                                /*
                                **  set lastrun unconditionally to avoid
                                **  calling checkqueuerunner() all the time.
                                **  That's also why we currently ignore the
                                **  result of the function call.
                                */

                                (void) checkqueuerunner();
                                lastrun = now;
                        }
#endif /* _FFR_QUEUE_RUN_PARANOIA */

                        if (t <= 0)
                        {
                                timedout = true;
                                break;
                        }

                        control = false;
                        errno = 0;

                        /* look "round-robin" for an active socket */
                        if ((idx = olddaemon + 1) >= NDaemons)
                                idx = 0;
                        for (i = 0; i < NDaemons; i++)
                        {
                                if (Daemons[idx].d_socket >= 0 &&
                                    SM_FD_ISSET(Daemons[idx].d_socket,
                                                &readfds))
                                {
                                        lotherend = Daemons[idx].d_socksize;
                                        memset(&RealHostAddr, '\0',
                                               sizeof(RealHostAddr));
                                        t = accept(Daemons[idx].d_socket,
                                                   (struct sockaddr *)&RealHostAddr,
                                                   &lotherend);

                                        /*
                                        **  If remote side closes before
                                        **  accept() finishes, sockaddr
                                        **  might not be fully filled in.
                                        */

                                        if (t >= 0 &&
                                            (lotherend == 0 ||
# ifdef BSD4_4_SOCKADDR
                                             RealHostAddr.sa.sa_len == 0 ||
# endif /* BSD4_4_SOCKADDR */
                                             RealHostAddr.sa.sa_family != Daemons[idx].d_addr.sa.sa_family))
                                        {
                                                (void) close(t);
                                                t = -1;
                                                errno = EINVAL;
                                        }
                                        olddaemon = curdaemon = idx;
                                        break;
                                }
                                if (++idx >= NDaemons)
                                        idx = 0;
                        }
#if NETUNIX
                        if (curdaemon == -1 && ControlSocket >= 0 &&
                            SM_FD_ISSET(ControlSocket, &readfds))
                        {
                                struct sockaddr_un sa_un;

                                lotherend = sizeof(sa_un);
                                memset(&sa_un, '\0', sizeof(sa_un));
                                t = accept(ControlSocket,
                                           (struct sockaddr *)&sa_un,
                                           &lotherend);

                                /*
                                **  If remote side closes before
                                **  accept() finishes, sockaddr
                                **  might not be fully filled in.
                                */

                                if (t >= 0 &&
                                    (lotherend == 0 ||
# ifdef BSD4_4_SOCKADDR
                                     sa_un.sun_len == 0 ||
# endif /* BSD4_4_SOCKADDR */
                                     sa_un.sun_family != AF_UNIX))
                                {
                                        (void) close(t);
                                        t = -1;
                                        errno = EINVAL;
                                }
                                if (t >= 0)
                                        control = true;
                        }
#else /* NETUNIX */
                        if (curdaemon == -1)
                        {
                                /* No daemon to service */
                                continue;
                        }
#endif /* NETUNIX */
                        if (t >= 0 || errno != EINTR)
                                break;
                }
                if (timedout)
                {
                        timedout = false;
                        continue;
                }
                save_errno = errno;
                (void) sm_blocksignal(SIGALRM);
                if (t < 0)
                {
                        errno = save_errno;

                        /* let's ignore these temporary errors */
                        if (save_errno == EINTR
#ifdef EAGAIN
                            || save_errno == EAGAIN
#endif /* EAGAIN */
#ifdef ECONNABORTED
                            || save_errno == ECONNABORTED
#endif /* ECONNABORTED */
#ifdef EWOULDBLOCK
                            || save_errno == EWOULDBLOCK
#endif /* EWOULDBLOCK */
                           )
                                continue;

                        syserr("getrequests: accept");

                        if (curdaemon >= 0)
                        {
                                /* arrange to re-open socket next time around */
                                (void) close(Daemons[curdaemon].d_socket);
                                Daemons[curdaemon].d_socket = -1;
#if SO_REUSEADDR_IS_BROKEN
                                /*
                                **  Give time for bound socket to be released.
                                **  This creates a denial-of-service if you can
                                **  force accept() to fail on affected systems.
                                */

                                Daemons[curdaemon].d_refuse_connections_until =
                                        curtime() + 15;
#endif /* SO_REUSEADDR_IS_BROKEN */
                        }
                        continue;
                }

                if (!control)
                {
                        /* set some daemon related macros */
                        switch (Daemons[curdaemon].d_addr.sa.sa_family)
                        {
                          case AF_UNSPEC:
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{daemon_family}"), "unspec");
                                break;
#if _FFR_DAEMON_NETUNIX
# if NETUNIX
                          case AF_UNIX:
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{daemon_family}"), "local");
                                break;
# endif /* NETUNIX */
#endif /* _FFR_DAEMON_NETUNIX */
#if NETINET
                          case AF_INET:
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{daemon_family}"), "inet");
                                break;
#endif /* NETINET */
#if NETINET6
                          case AF_INET6:
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{daemon_family}"), "inet6");
                                break;
#endif /* NETINET6 */
#if NETISO
                          case AF_ISO:
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{daemon_family}"), "iso");
                                break;
#endif /* NETISO */
#if NETNS
                          case AF_NS:
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{daemon_family}"), "ns");
                                break;
#endif /* NETNS */
#if NETX25
                          case AF_CCITT:
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{daemon_family}"), "x.25");
                                break;
#endif /* NETX25 */
                        }
                        macdefine(&BlankEnvelope.e_macro, A_PERM,
                                macid("{daemon_name}"),
                                Daemons[curdaemon].d_name);
                        if (Daemons[curdaemon].d_mflags != NULL)
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{daemon_flags}"),
                                        Daemons[curdaemon].d_mflags);
                        else
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{daemon_flags}"), "");
                }

                /*
                **  If connection rate is exceeded here, connection shall be
                **  refused later by a new call after fork() by the
                **  validate_connection() function. Closing the connection
                **  at this point violates RFC 2821.
                **  Do NOT remove this call, its side effects are needed.
                */

                connection_rate_check(&RealHostAddr, NULL);

                /*
                **  Create a subprocess to process the mail.
                */

                if (tTd(15, 2))
                        sm_dprintf("getrequests: forking (fd = %d)\n", t);

                /*
                **  Advance state of PRNG.
                **  This is necessary because otherwise all child processes
                **  will produce the same PRN sequence and hence the selection
                **  of a queue directory (and other things, e.g., MX selection)
                **  are not "really" random.
                */
#if STARTTLS
                /* XXX get some better "random" data? */
                seed = get_random();
                RAND_seed((void *) &NextDiskSpaceCheck,
                          sizeof(NextDiskSpaceCheck));
                RAND_seed((void *) &now, sizeof(now));
                RAND_seed((void *) &seed, sizeof(seed));
#else /* STARTTLS */
                (void) get_random();
#endif /* STARTTLS */

#if NAMED_BIND
                /*
                **  Update MX records for FallbackMX.
                **  Let's hope this is fast otherwise we screw up the
                **  response time.
                */

                if (FallbackMX != NULL)
                        (void) getfallbackmxrr(FallbackMX);
#endif /* NAMED_BIND */

                if (tTd(93, 100))
                {
                        /* don't fork, handle connection in this process */
                        pid = 0;
                        pipefd[0] = pipefd[1] = -1;
                }
                else
                {
                        /*
                        **  Create a pipe to keep the child from writing to
                        **  the socket until after the parent has closed
                        **  it.  Otherwise the parent may hang if the child
                        **  has closed it first.
                        */

                        if (pipe(pipefd) < 0)
                                pipefd[0] = pipefd[1] = -1;

                        (void) sm_blocksignal(SIGCHLD);
                        pid = fork();
                        if (pid < 0)
                        {
                                syserr("daemon: cannot fork");
                                if (pipefd[0] != -1)
                                {
                                        (void) close(pipefd[0]);
                                        (void) close(pipefd[1]);
                                }
                                (void) sm_releasesignal(SIGCHLD);
                                (void) sleep(10);
                                (void) close(t);
                                continue;
                        }
                }

                if (pid == 0)
                {
                        char *p;
                        SM_FILE_T *inchannel, *outchannel = NULL;

                        /*
                        **  CHILD -- return to caller.
                        **      Collect verified idea of sending host.
                        **      Verify calling user id if possible here.
                        */

                        /* Reset global flags */
                        RestartRequest = NULL;
                        RestartWorkGroup = false;
                        ShutdownRequest = NULL;
                        PendingSignal = 0;
                        CurrentPid = getpid();
                        close_sendmail_pid();

                        (void) sm_releasesignal(SIGALRM);
                        (void) sm_releasesignal(SIGCHLD);
                        (void) sm_signal(SIGCHLD, SIG_DFL);
                        (void) sm_signal(SIGHUP, SIG_DFL);
                        (void) sm_signal(SIGTERM, intsig);

                        /* turn on profiling */
                        /* SM_PROF(0); */

                        /*
                        **  Initialize exception stack and default exception
                        **  handler for child process.
                        */

                        sm_exc_newthread(fatal_error);

                        if (!control)
                        {
                                macdefine(&BlankEnvelope.e_macro, A_TEMP,
                                        macid("{daemon_addr}"),
                                        anynet_ntoa(&Daemons[curdaemon].d_addr));
                                (void) sm_snprintf(status, sizeof(status), "%d",
                                                ntohs(Daemons[curdaemon].d_port));
                                macdefine(&BlankEnvelope.e_macro, A_TEMP,
                                        macid("{daemon_port}"), status);
                        }

                        for (idx = 0; idx < NDaemons; idx++)
                        {
                                if (Daemons[idx].d_socket >= 0)
                                        (void) close(Daemons[idx].d_socket);
                                Daemons[idx].d_socket = -1;
                        }
                        clrcontrol();

                        /* Avoid SMTP daemon actions if control command */
                        if (control)
                        {
                                /* Add control socket process */
                                proc_list_add(CurrentPid,
                                              "console socket child",
                                              PROC_CONTROL_CHILD, 0, -1, NULL);
                        }
                        else
                        {
                                proc_list_clear();

                                /* clean up background delivery children */
                                (void) sm_signal(SIGCHLD, reapchild);

                                /* Add parent process as first child item */
                                proc_list_add(CurrentPid, "daemon child",
                                              PROC_DAEMON_CHILD, 0, -1, NULL);
                                /* don't schedule queue runs if ETRN */
                                QueueIntvl = 0;

                                /*
                                **  Hack: override global variables if
                                **      the corresponding DaemonPortOption
                                **      is set.
                                */
#if _FFR_SS_PER_DAEMON
                                if (Daemons[curdaemon].d_supersafe !=
                                    DPO_NOTSET)
                                        SuperSafe = Daemons[curdaemon].
                                                                d_supersafe;
#endif /* _FFR_SS_PER_DAEMON */
                                if (Daemons[curdaemon].d_dm != DM_NOTSET)
                                        set_delivery_mode(
                                                Daemons[curdaemon].d_dm, e);

                                if (Daemons[curdaemon].d_refuseLA !=
                                    DPO_NOTSET)
                                        RefuseLA = Daemons[curdaemon].
                                                                d_refuseLA;
                                if (Daemons[curdaemon].d_queueLA != DPO_NOTSET)
                                        QueueLA = Daemons[curdaemon].d_queueLA;
                                if (Daemons[curdaemon].d_delayLA != DPO_NOTSET)
                                        DelayLA = Daemons[curdaemon].d_delayLA;
                                if (Daemons[curdaemon].d_maxchildren !=
                                    DPO_NOTSET)
                                        MaxChildren = Daemons[curdaemon].
                                                                d_maxchildren;

                                sm_setproctitle(true, e, "startup with %s",
                                                anynet_ntoa(&RealHostAddr));
                        }

                        if (pipefd[0] != -1)
                        {
                                auto char c;

                                /*
                                **  Wait for the parent to close the write end
                                **  of the pipe, which we will see as an EOF.
                                **  This guarantees that we won't write to the
                                **  socket until after the parent has closed
                                **  the pipe.
                                */

                                /* close the write end of the pipe */
                                (void) close(pipefd[1]);

                                /* we shouldn't be interrupted, but ... */
                                while (read(pipefd[0], &c, 1) < 0 &&
                                       errno == EINTR)
                                        continue;
                                (void) close(pipefd[0]);
                        }

                        /* control socket processing */
                        if (control)
                        {
                                control_command(t, e);
                                /* NOTREACHED */
                                exit(EX_SOFTWARE);
                        }

                        /* determine host name */
                        p = hostnamebyanyaddr(&RealHostAddr);
                        if (strlen(p) > MAXNAME) /* XXX  - 1 ? */
                                p[MAXNAME] = '\0';
                        RealHostName = newstr(p);
                        if (RealHostName[0] == '[')
                        {
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{client_resolve}"),
                                        h_errno == TRY_AGAIN ? "TEMP" : "FAIL");
                        }
                        else
                        {
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                          macid("{client_resolve}"), "OK");
                        }
                        sm_setproctitle(true, e, "startup with %s", p);
                        markstats(e, NULL, STATS_CONNECT);

                        if ((inchannel = sm_io_open(SmFtStdiofd,
                                                    SM_TIME_DEFAULT,
                                                    (void *) &t,
                                                    SM_IO_RDONLY_B,
                                                    NULL)) == NULL ||
                            (t = dup(t)) < 0 ||
                            (outchannel = sm_io_open(SmFtStdiofd,
                                                     SM_TIME_DEFAULT,
                                                     (void *) &t,
                                                     SM_IO_WRONLY_B,
                                                     NULL)) == NULL)
                        {
                                syserr("cannot open SMTP server channel, fd=%d",
                                        t);
                                finis(false, true, EX_OK);
                        }
                        sm_io_automode(inchannel, outchannel);

                        InChannel = inchannel;
                        OutChannel = outchannel;
                        DisConnected = false;

#if XLA
                        if (!xla_host_ok(RealHostName))
                        {
                                message("421 4.4.5 Too many SMTP sessions for this host");
                                finis(false, true, EX_OK);
                        }
#endif /* XLA */
                        /* find out name for interface of connection */
                        if (getsockname(sm_io_getinfo(InChannel, SM_IO_WHAT_FD,
                                                      NULL), &sa.sa, &len) == 0)
                        {
                                p = hostnamebyanyaddr(&sa);
                                if (tTd(15, 9))
                                        sm_dprintf("getreq: got name %s\n", p);
                                macdefine(&BlankEnvelope.e_macro, A_TEMP,
                                        macid("{if_name}"), p);

                                /*
                                **  Do this only if it is not the loopback
                                **  interface.
                                */

                                if (!isloopback(sa))
                                {
                                        char *addr;
                                        char family[5];

                                        addr = anynet_ntoa(&sa);
                                        (void) sm_snprintf(family,
                                                sizeof(family),
                                                "%d", sa.sa.sa_family);
                                        macdefine(&BlankEnvelope.e_macro,
                                                A_TEMP,
                                                macid("{if_addr}"), addr);
                                        macdefine(&BlankEnvelope.e_macro,
                                                A_TEMP,
                                                macid("{if_family}"), family);
                                        if (tTd(15, 7))
                                                sm_dprintf("getreq: got addr %s and family %s\n",
                                                        addr, family);
                                }
                                else
                                {
                                        macdefine(&BlankEnvelope.e_macro,
                                                A_PERM,
                                                macid("{if_addr}"), NULL);
                                        macdefine(&BlankEnvelope.e_macro,
                                                A_PERM,
                                                macid("{if_family}"), NULL);
                                }
                        }
                        else
                        {
                                if (tTd(15, 7))
                                        sm_dprintf("getreq: getsockname failed\n");
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{if_name}"), NULL);
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{if_addr}"), NULL);
                                macdefine(&BlankEnvelope.e_macro, A_PERM,
                                        macid("{if_family}"), NULL);
                        }
                        break;
                }

                /* parent -- keep track of children */
                if (control)
                {
                        (void) sm_snprintf(status, sizeof(status),
                                           "control socket server child");
                        proc_list_add(pid, status, PROC_CONTROL, 0, -1, NULL);
                }
                else
                {
                        (void) sm_snprintf(status, sizeof(status),
                                           "SMTP server child for %s",
                                           anynet_ntoa(&RealHostAddr));
                        proc_list_add(pid, status, PROC_DAEMON, 0, -1,
                                        &RealHostAddr);
                }
                (void) sm_releasesignal(SIGCHLD);

                /* close the read end of the synchronization pipe */
                if (pipefd[0] != -1)
                {
                        (void) close(pipefd[0]);
                        pipefd[0] = -1;
                }

                /* close the port so that others will hang (for a while) */
                (void) close(t);

                /* release the child by closing the read end of the sync pipe */
                if (pipefd[1] != -1)
                {
                        (void) close(pipefd[1]);
                        pipefd[1] = -1;
                }
        }
        if (tTd(15, 2))
                sm_dprintf("getreq: returning\n");

#if MILTER
        /* set the filters for this daemon */
        if (Daemons[curdaemon].d_inputfilterlist != NULL)
        {
                for (i = 0;
                     (i < MAXFILTERS &&
                      Daemons[curdaemon].d_inputfilters[i] != NULL);
                     i++)
                {
                        InputFilters[i] = Daemons[curdaemon].d_inputfilters[i];
                }
                if (i < MAXFILTERS)
                        InputFilters[i] = NULL;
        }
#endif /* MILTER */
        return &Daemons[curdaemon].d_flags;
}

/*
**  GETREQUESTS_CHECKDISKSPACE -- check available diskspace.
**
**      Parameters:
**              e -- envelope.
**
**      Returns:
**              none.
**
**      Side Effects:
**              Modifies Daemon flags (D_ETRNONLY) if not enough disk space.
*/

static void
getrequests_checkdiskspace(e)
        ENVELOPE *e;
{
        bool logged = false;
        int idx;
        time_t now;

        now = curtime();
        if (now < NextDiskSpaceCheck)
                return;

        /* Check if there is available disk space in all queue groups. */
        if (!enoughdiskspace(0, NULL))
        {
                for (idx = 0; idx < NDaemons; ++idx)
                {
                        if (bitnset(D_ETRNONLY, Daemons[idx].d_flags))
                                continue;

                        /* log only if not logged before */
                        if (!logged)
                        {
                                if (LogLevel > 8)
                                        sm_syslog(LOG_INFO, NOQID,
                                                  "rejecting new messages: min free: %ld",
                                                  MinBlocksFree);
                                sm_setproctitle(true, e,
                                                "rejecting new messages: min free: %ld",
                                                MinBlocksFree);
                                logged = true;
                        }
                        setbitn(D_ETRNONLY, Daemons[idx].d_flags);
                }
        }
        else
        {
                for (idx = 0; idx < NDaemons; ++idx)
                {
                        if (!bitnset(D_ETRNONLY, Daemons[idx].d_flags))
                                continue;

                        /* log only if not logged before */
                        if (!logged)
                        {
                                if (LogLevel > 8)
                                        sm_syslog(LOG_INFO, NOQID,
                                                  "accepting new messages (again)");
                                logged = true;
                        }

                        /* title will be set later */
                        clrbitn(D_ETRNONLY, Daemons[idx].d_flags);
                }
        }

        /* only check disk space once a minute */
        NextDiskSpaceCheck = now + 60;
}

/*
**  OPENDAEMONSOCKET -- open SMTP socket
**
**      Deals with setting all appropriate options.
**
**      Parameters:
**              d -- the structure for the daemon to open.
**              firsttime -- set if this is the initial open.
**
**      Returns:
**              Size in bytes of the daemon socket addr.
**
**      Side Effects:
**              Leaves DaemonSocket set to the open socket.
**              Exits if the socket cannot be created.
*/

#define MAXOPENTRIES    10      /* maximum number of tries to open connection */

static int
opendaemonsocket(d, firsttime)
        DAEMON_T *d;
        bool firsttime;
{
        int on = 1;
        int fdflags;
        SOCKADDR_LEN_T socksize = 0;
        int ntries = 0;
        int save_errno;

        if (tTd(15, 2))
                sm_dprintf("opendaemonsocket(%s)\n", d->d_name);

        do
        {
                if (ntries > 0)
                        (void) sleep(5);
                if (firsttime || d->d_socket < 0)
                {
#if _FFR_DAEMON_NETUNIX
# if NETUNIX
                        if (d->d_addr.sa.sa_family == AF_UNIX)
                        {
                                int rval;
                                long sff = SFF_SAFEDIRPATH|SFF_OPENASROOT|SFF_NOLINK|SFF_ROOTOK|SFF_EXECOK|SFF_CREAT;

                                /* if not safe, don't use it */
                                rval = safefile(d->d_addr.sunix.sun_path,
                                                RunAsUid, RunAsGid,
                                                RunAsUserName, sff,
                                                S_IRUSR|S_IWUSR, NULL);
                                if (rval != 0)
                                {
                                        save_errno = errno;
                                        syserr("opendaemonsocket: daemon %s: unsafe domain socket %s",
                                               d->d_name,
                                               d->d_addr.sunix.sun_path);
                                        goto fail;
                                }

                                /* Don't try to overtake an existing socket */
                                (void) unlink(d->d_addr.sunix.sun_path);
                        }
# endif /* NETUNIX */
#endif /* _FFR_DOMAIN_NETUNIX */
                        d->d_socket = socket(d->d_addr.sa.sa_family,
                                             SOCK_STREAM, 0);
                        if (d->d_socket < 0)
                        {
                                save_errno = errno;
                                syserr("opendaemonsocket: daemon %s: can't create server SMTP socket",
                                       d->d_name);
                          fail:
                                if (bitnset(D_OPTIONAL, d->d_flags) &&
                                    (!transienterror(save_errno) ||
                                     ntries >= MAXOPENTRIES - 1))
                                {
                                        syserr("opendaemonsocket: daemon %s: optional socket disabled",
                                               d->d_name);
                                        setbitn(D_DISABLE, d->d_flags);
                                        d->d_socket = -1;
                                        return -1;
                                }
                          severe:
                                if (LogLevel > 0)
                                        sm_syslog(LOG_ALERT, NOQID,
                                                  "daemon %s: problem creating SMTP socket",
                                                  d->d_name);
                                d->d_socket = -1;
                                continue;
                        }

                        if (SM_FD_SETSIZE > 0 && d->d_socket >= SM_FD_SETSIZE)
                        {
                                save_errno = EINVAL;
                                syserr("opendaemonsocket: daemon %s: server SMTP socket (%d) too large",
                                       d->d_name, d->d_socket);
                                goto fail;
                        }

                        /* turn on network debugging? */
                        if (tTd(15, 101))
                                (void) setsockopt(d->d_socket, SOL_SOCKET,
                                                  SO_DEBUG, (char *)&on,
                                                  sizeof(on));

                        (void) setsockopt(d->d_socket, SOL_SOCKET,
                                          SO_REUSEADDR, (char *)&on, sizeof(on));
                        (void) setsockopt(d->d_socket, SOL_SOCKET,
                                          SO_KEEPALIVE, (char *)&on, sizeof(on));

#ifdef SO_RCVBUF
                        if (d->d_tcprcvbufsize > 0)
                        {
                                if (setsockopt(d->d_socket, SOL_SOCKET,
                                               SO_RCVBUF,
                                               (char *) &d->d_tcprcvbufsize,
                                               sizeof(d->d_tcprcvbufsize)) < 0)
                                        syserr("opendaemonsocket: daemon %s: setsockopt(SO_RCVBUF)", d->d_name);
                        }
#endif /* SO_RCVBUF */
#ifdef SO_SNDBUF
                        if (d->d_tcpsndbufsize > 0)
                        {
                                if (setsockopt(d->d_socket, SOL_SOCKET,
                                               SO_SNDBUF,
                                               (char *) &d->d_tcpsndbufsize,
                                               sizeof(d->d_tcpsndbufsize)) < 0)
                                        syserr("opendaemonsocket: daemon %s: setsockopt(SO_SNDBUF)", d->d_name);
                        }
#endif /* SO_SNDBUF */

                        if ((fdflags = fcntl(d->d_socket, F_GETFD, 0)) == -1 ||
                            fcntl(d->d_socket, F_SETFD,
                                  fdflags | FD_CLOEXEC) == -1)
                        {
                                save_errno = errno;
                                syserr("opendaemonsocket: daemon %s: failed to %s close-on-exec flag: %s",
                                       d->d_name,
                                       fdflags == -1 ? "get" : "set",
                                       sm_errstring(save_errno));
                                (void) close(d->d_socket);
                                goto severe;
                        }

                        switch (d->d_addr.sa.sa_family)
                        {
#if _FFR_DAEMON_NETUNIX
# ifdef NETUNIX
                          case AF_UNIX:
                                socksize = sizeof(d->d_addr.sunix);
                                break;
# endif /* NETUNIX */
#endif /* _FFR_DAEMON_NETUNIX */
#if NETINET
                          case AF_INET:
                                socksize = sizeof(d->d_addr.sin);
                                break;
#endif /* NETINET */

#if NETINET6
                          case AF_INET6:
                                socksize = sizeof(d->d_addr.sin6);
                                break;
#endif /* NETINET6 */

#if NETISO
                          case AF_ISO:
                                socksize = sizeof(d->d_addr.siso);
                                break;
#endif /* NETISO */

                          default:
                                socksize = sizeof(d->d_addr);
                                break;
                        }

                        if (bind(d->d_socket, &d->d_addr.sa, socksize) < 0)
                        {
                                /* probably another daemon already */
                                save_errno = errno;
                                syserr("opendaemonsocket: daemon %s: cannot bind",
                                       d->d_name);
                                (void) close(d->d_socket);
                                goto fail;
                        }
                }
                if (!firsttime &&
                    listen(d->d_socket, d->d_listenqueue) < 0)
                {
                        save_errno = errno;
                        syserr("opendaemonsocket: daemon %s: cannot listen",
                               d->d_name);
                        (void) close(d->d_socket);
                        goto severe;
                }
                return socksize;
        } while (ntries++ < MAXOPENTRIES && transienterror(save_errno));
        syserr("!opendaemonsocket: daemon %s: server SMTP socket wedged: exiting",
               d->d_name);
        /* NOTREACHED */
        return -1;  /* avoid compiler warning on IRIX */
}
/*
**  SETUPDAEMON -- setup socket for daemon
**
**      Parameters:
**              daemonaddr -- socket for daemon
**
**      Returns:
**              port number on which daemon should run
**
*/

static unsigned short
setupdaemon(daemonaddr)
        SOCKADDR *daemonaddr;
{
        unsigned short port;

        /*
        **  Set up the address for the mailer.
        */

        if (daemonaddr->sa.sa_family == AF_UNSPEC)
        {
                memset(daemonaddr, '\0', sizeof(*daemonaddr));
#if NETINET
                daemonaddr->sa.sa_family = AF_INET;
#endif /* NETINET */
        }

        switch (daemonaddr->sa.sa_family)
        {
#if NETINET
          case AF_INET:
                if (daemonaddr->sin.sin_addr.s_addr == 0)
                        daemonaddr->sin.sin_addr.s_addr =
                            LocalDaemon ? htonl(INADDR_LOOPBACK) : INADDR_ANY;
                port = daemonaddr->sin.sin_port;
                break;
#endif /* NETINET */

#if NETINET6
          case AF_INET6:
                if (IN6_IS_ADDR_UNSPECIFIED(&daemonaddr->sin6.sin6_addr))
                        daemonaddr->sin6.sin6_addr =
                            LocalDaemon ? in6addr_loopback : in6addr_any;
                port = daemonaddr->sin6.sin6_port;
                break;
#endif /* NETINET6 */

          default:
                /* unknown protocol */
                port = 0;
                break;
        }
        if (port == 0)
        {
#ifdef NO_GETSERVBYNAME
                port = htons(25);
#else /* NO_GETSERVBYNAME */
                {
                        register struct servent *sp;

                        sp = getservbyname("smtp", "tcp");
                        if (sp == NULL)
                        {
                                syserr("554 5.3.5 service \"smtp\" unknown");
                                port = htons(25);
                        }
                        else
                                port = sp->s_port;
                }
#endif /* NO_GETSERVBYNAME */
        }

        switch (daemonaddr->sa.sa_family)
        {
#if NETINET
          case AF_INET:
                daemonaddr->sin.sin_port = port;
                break;
#endif /* NETINET */

#if NETINET6
          case AF_INET6:
                daemonaddr->sin6.sin6_port = port;
                break;
#endif /* NETINET6 */

          default:
                /* unknown protocol */
                break;
        }
        return port;
}
/*
**  CLRDAEMON -- reset the daemon connection
**
**      Parameters:
**              none.
**
**      Returns:
**              none.
**
**      Side Effects:
**              releases any resources used by the passive daemon.
*/

void
clrdaemon()
{
        int i;

        for (i = 0; i < NDaemons; i++)
        {
                if (Daemons[i].d_socket >= 0)
                        (void) close(Daemons[i].d_socket);
                Daemons[i].d_socket = -1;
        }
}

/*
**  GETMODIFIERS -- get modifier flags
**
**      Parameters:
**              v -- the modifiers (input text line).
**              modifiers -- pointer to flag field to represent modifiers.
**
**      Returns:
**              (xallocat()ed) string representation of modifiers.
**
**      Side Effects:
**              fills in modifiers.
*/

char *
getmodifiers(v, modifiers)
        char *v;
        BITMAP256 modifiers;
{
        int l;
        char *h, *f, *flags;

        /* maximum length of flags: upper case Option -> "OO " */
        l = 3 * strlen(v) + 3;

        /* is someone joking? */
        if (l < 0 || l > 256)
        {
                if (LogLevel > 2)
                        sm_syslog(LOG_ERR, NOQID,
                                  "getmodifiers too long, ignored");
                return NULL;
        }
        flags = xalloc(l);
        f = flags;
        clrbitmap(modifiers);
        for (h = v; *h != '\0'; h++)
        {
                if (isascii(*h) && !isspace(*h) && isprint(*h))
                {
                        setbitn(*h, modifiers);
                        if (flags != f)
                                *flags++ = ' ';
                        *flags++ = *h;
                        if (isupper(*h))
                                *flags++ = *h;
                }
        }
        *flags++ = '\0';
        return f;
}

/*
**  CHKDAEMONMODIFIERS -- check whether all daemons have set a flag.
**
**      Parameters:
**              flag -- the flag to test.
**
**      Returns:
**              true iff all daemons have set flag.
*/

bool
chkdaemonmodifiers(flag)
        int flag;
{
        int i;

        for (i = 0; i < NDaemons; i++)
                if (!bitnset((char) flag, Daemons[i].d_flags))
                        return false;
        return true;
}

/*
**  SETSOCKADDROPTIONS -- set options for SOCKADDR (daemon or client)
**
**      Parameters:
**              p -- the options line.
**              d -- the daemon structure to fill in.
**
**      Returns:
**              none.
*/

static void
setsockaddroptions(p, d)
        char *p;
        DAEMON_T *d;
{
#if NETISO
        short portno;
#endif /* NETISO */
        char *port = NULL;
        char *addr = NULL;

#if NETINET
        if (d->d_addr.sa.sa_family == AF_UNSPEC)
                d->d_addr.sa.sa_family = AF_INET;
#endif /* NETINET */
#if _FFR_SS_PER_DAEMON
        d->d_supersafe = DPO_NOTSET;
#endif /* _FFR_SS_PER_DAEMON */
        d->d_dm = DM_NOTSET;
        d->d_refuseLA = DPO_NOTSET;
        d->d_queueLA = DPO_NOTSET;
        d->d_delayLA = DPO_NOTSET;
        d->d_maxchildren = DPO_NOTSET;

        while (p != NULL)
        {
                register char *f;
                register char *v;

                while (isascii(*p) && isspace(*p))
                        p++;
                if (*p == '\0')
                        break;
                f = p;
                p = strchr(p, ',');
                if (p != NULL)
                        *p++ = '\0';
                v = strchr(f, '=');
                if (v == NULL)
                        continue;
                while (isascii(*++v) && isspace(*v))
                        continue;

                switch (*f)
                {
                  case 'A':             /* address */
#if !_FFR_DPO_CS
                  case 'a':
#endif /* !_FFR_DPO_CS */
                        addr = v;
                        break;

                  case 'c':
                        d->d_maxchildren = atoi(v);
                        break;

                  case 'D':             /* DeliveryMode */
                        switch (*v)
                        {
                          case SM_QUEUE:
                          case SM_DEFER:
                          case SM_DELIVER:
                          case SM_FORK:
                                d->d_dm = *v;
                                break;
                          default:
                                syserr("554 5.3.5 Unknown delivery mode %c",
                                        *v);
                                break;
                        }
                        break;

                  case 'd':             /* delayLA */
                        d->d_delayLA = atoi(v);
                        break;

                  case 'F':             /* address family */
#if !_FFR_DPO_CS
                  case 'f':
#endif /* !_FFR_DPO_CS */
                        if (isascii(*v) && isdigit(*v))
                                d->d_addr.sa.sa_family = atoi(v);
#if _FFR_DAEMON_NETUNIX
# ifdef NETUNIX
                        else if (sm_strcasecmp(v, "unix") == 0 ||
                                 sm_strcasecmp(v, "local") == 0)
                                d->d_addr.sa.sa_family = AF_UNIX;
# endif /* NETUNIX */
#endif /* _FFR_DAEMON_NETUNIX */
#if NETINET
                        else if (sm_strcasecmp(v, "inet") == 0)
                                d->d_addr.sa.sa_family = AF_INET;
#endif /* NETINET */
#if NETINET6
                        else if (sm_strcasecmp(v, "inet6") == 0)
                                d->d_addr.sa.sa_family = AF_INET6;
#endif /* NETINET6 */
#if NETISO
                        else if (sm_strcasecmp(v, "iso") == 0)
                                d->d_addr.sa.sa_family = AF_ISO;
#endif /* NETISO */
#if NETNS
                        else if (sm_strcasecmp(v, "ns") == 0)
                                d->d_addr.sa.sa_family = AF_NS;
#endif /* NETNS */
#if NETX25
                        else if (sm_strcasecmp(v, "x.25") == 0)
                                d->d_addr.sa.sa_family = AF_CCITT;
#endif /* NETX25 */
                        else
                                syserr("554 5.3.5 Unknown address family %s in Family=option",
                                       v);
                        break;

#if MILTER
                  case 'I':
# if !_FFR_DPO_CS
                  case 'i':
# endif /* !_FFR_DPO_CS */
                        d->d_inputfilterlist = v;
                        break;
#endif /* MILTER */

                  case 'L':             /* listen queue size */
#if !_FFR_DPO_CS
                  case 'l':
#endif /* !_FFR_DPO_CS */
                        d->d_listenqueue = atoi(v);
                        break;

                  case 'M':             /* modifiers (flags) */
#if !_FFR_DPO_CS
                  case 'm':
#endif /* !_FFR_DPO_CS */
                        d->d_mflags = getmodifiers(v, d->d_flags);
                        break;

                  case 'N':             /* name */
#if !_FFR_DPO_CS
                  case 'n':
#endif /* !_FFR_DPO_CS */
                        d->d_name = v;
                        break;

                  case 'P':             /* port */
#if !_FFR_DPO_CS
                  case 'p':
#endif /* !_FFR_DPO_CS */
                        port = v;
                        break;

                  case 'q':
                        d->d_queueLA = atoi(v);
                        break;

                  case 'R':             /* receive buffer size */
                        d->d_tcprcvbufsize = atoi(v);
                        break;

                  case 'r':
                        d->d_refuseLA = atoi(v);
                        break;

                  case 'S':             /* send buffer size */
#if !_FFR_DPO_CS
                  case 's':
#endif /* !_FFR_DPO_CS */
                        d->d_tcpsndbufsize = atoi(v);
                        break;

#if _FFR_SS_PER_DAEMON
                  case 'T':             /* SuperSafe */
                        if (tolower(*v) == 'i')
                                d->d_supersafe = SAFE_INTERACTIVE;
                        else if (tolower(*v) == 'p')
# if MILTER
                                d->d_supersafe = SAFE_REALLY_POSTMILTER;
# else /* MILTER */
                                (void) sm_io_fprintf(smioout, SM_TIME_DEFAULT,
                                        "Warning: SuperSafe=PostMilter requires Milter support (-DMILTER)\n");
# endif /* MILTER */
                        else
                                d->d_supersafe = atobool(v) ? SAFE_REALLY
                                                        : SAFE_NO;
                        break;
#endif /* _FFR_SS_PER_DAEMON */

                  default:
                        syserr("554 5.3.5 PortOptions parameter \"%s\" unknown",
                               f);
                }
        }

        /* Check addr and port after finding family */
        if (addr != NULL)
        {
                switch (d->d_addr.sa.sa_family)
                {
#if _FFR_DAEMON_NETUNIX
# if NETUNIX
                  case AF_UNIX:
                        if (strlen(addr) >= sizeof(d->d_addr.sunix.sun_path))
                        {
                                errno = ENAMETOOLONG;
                                syserr("setsockaddroptions: domain socket name too long: %s > %d",
                                       addr, sizeof(d->d_addr.sunix.sun_path));
                                break;
                        }

                        /* file safety check done in opendaemonsocket() */
                        (void) memset(&d->d_addr.sunix.sun_path, '\0',
                                      sizeof(d->d_addr.sunix.sun_path));
                        (void) sm_strlcpy((char *)&d->d_addr.sunix.sun_path,
                                          addr,
                                          sizeof(d->d_addr.sunix.sun_path));
                        break;
# endif /* NETUNIX */
#endif  /* _FFR_DAEMON_NETUNIX */
#if NETINET
                  case AF_INET:
                        if (!isascii(*addr) || !isdigit(*addr) ||
                            ((d->d_addr.sin.sin_addr.s_addr = inet_addr(addr))
                             == INADDR_NONE))
                        {
                                register struct hostent *hp;

                                hp = sm_gethostbyname(addr, AF_INET);
                                if (hp == NULL)
                                        syserr("554 5.3.0 host \"%s\" unknown",
                                               addr);
                                else
                                {
                                        while (*(hp->h_addr_list) != NULL &&
                                               hp->h_addrtype != AF_INET)
                                                hp->h_addr_list++;
                                        if (*(hp->h_addr_list) == NULL)
                                                syserr("554 5.3.0 host \"%s\" unknown",
                                                       addr);
                                        else
                                                memmove(&d->d_addr.sin.sin_addr,
                                                        *(hp->h_addr_list),
                                                        INADDRSZ);
# if NETINET6
                                        freehostent(hp);
                                        hp = NULL;
# endif /* NETINET6 */
                                }
                        }
                        break;
#endif /* NETINET */

#if NETINET6
                  case AF_INET6:
                        if (anynet_pton(AF_INET6, addr,
                                        &d->d_addr.sin6.sin6_addr) != 1)
                        {
                                register struct hostent *hp;

                                hp = sm_gethostbyname(addr, AF_INET6);
                                if (hp == NULL)
                                        syserr("554 5.3.0 host \"%s\" unknown",
                                               addr);
                                else
                                {
                                        while (*(hp->h_addr_list) != NULL &&
                                               hp->h_addrtype != AF_INET6)
                                                hp->h_addr_list++;
                                        if (*(hp->h_addr_list) == NULL)
                                                syserr("554 5.3.0 host \"%s\" unknown",
                                                       addr);
                                        else
                                                memmove(&d->d_addr.sin6.sin6_addr,
                                                        *(hp->h_addr_list),
                                                        IN6ADDRSZ);
                                        freehostent(hp);
                                        hp = NULL;
                                }
                        }
                        break;
#endif /* NETINET6 */

                  default:
                        syserr("554 5.3.5 address= option unsupported for family %d",
                               d->d_addr.sa.sa_family);
                        break;
                }
        }

        if (port != NULL)
        {
                switch (d->d_addr.sa.sa_family)
                {
#if NETINET
                  case AF_INET:
                        if (isascii(*port) && isdigit(*port))
                                d->d_addr.sin.sin_port = htons((unsigned short)
                                                     atoi((const char *) port));
                        else
                        {
# ifdef NO_GETSERVBYNAME
                                syserr("554 5.3.5 invalid port number: %s",
                                       port);
# else /* NO_GETSERVBYNAME */
                                register struct servent *sp;

                                sp = getservbyname(port, "tcp");
                                if (sp == NULL)
                                        syserr("554 5.3.5 service \"%s\" unknown",
                                               port);
                                else
                                        d->d_addr.sin.sin_port = sp->s_port;
# endif /* NO_GETSERVBYNAME */
                        }
                        break;
#endif /* NETINET */

#if NETINET6
                  case AF_INET6:
                        if (isascii(*port) && isdigit(*port))
                                d->d_addr.sin6.sin6_port = htons((unsigned short)
                                                                  atoi(port));
                        else
                        {
# ifdef NO_GETSERVBYNAME
                                syserr("554 5.3.5 invalid port number: %s",
                                       port);
# else /* NO_GETSERVBYNAME */
                                register struct servent *sp;

                                sp = getservbyname(port, "tcp");
                                if (sp == NULL)
                                        syserr("554 5.3.5 service \"%s\" unknown",
                                               port);
                                else
                                        d->d_addr.sin6.sin6_port = sp->s_port;
# endif /* NO_GETSERVBYNAME */
                        }
                        break;
#endif /* NETINET6 */

#if NETISO
                  case AF_ISO:
                        /* assume two byte transport selector */
                        if (isascii(*port) && isdigit(*port))
                                portno = htons((unsigned short) atoi(port));
                        else
                        {
# ifdef NO_GETSERVBYNAME
                                syserr("554 5.3.5 invalid port number: %s",
                                       port);
# else /* NO_GETSERVBYNAME */
                                register struct servent *sp;

                                sp = getservbyname(port, "tcp");
                                if (sp == NULL)
                                        syserr("554 5.3.5 service \"%s\" unknown",
                                               port);
                                else
                                        portno = sp->s_port;
# endif /* NO_GETSERVBYNAME */
                        }
                        memmove(TSEL(&d->d_addr.siso),
                                (char *) &portno, 2);
                        break;
#endif /* NETISO */

                  default:
                        syserr("554 5.3.5 Port= option unsupported for family %d",
                               d->d_addr.sa.sa_family);
                        break;
                }
        }
}
/*
**  SETDAEMONOPTIONS -- set options for running the MTA daemon
**
**      Parameters:
**              p -- the options line.
**
**      Returns:
**              true if successful, false otherwise.
**
**      Side Effects:
**              increments number of daemons.
*/

#define DEF_LISTENQUEUE 10

struct dflags
{
        char    *d_name;
        int     d_flag;
};

static struct dflags    DaemonFlags[] =
{
        { "AUTHREQ",            D_AUTHREQ       },
        { "BINDIF",             D_BINDIF        },
        { "CANONREQ",           D_CANONREQ      },
        { "IFNHELO",            D_IFNHELO       },
        { "FQMAIL",             D_FQMAIL        },
        { "FQRCPT",             D_FQRCPT        },
        { "SMTPS",              D_SMTPS         },
        { "UNQUALOK",           D_UNQUALOK      },
        { "NOAUTH",             D_NOAUTH        },
        { "NOCANON",            D_NOCANON       },
        { "NOETRN",             D_NOETRN        },
        { "NOTLS",              D_NOTLS         },
        { "ETRNONLY",           D_ETRNONLY      },
        { "OPTIONAL",           D_OPTIONAL      },
        { "DISABLE",            D_DISABLE       },
        { "ISSET",              D_ISSET         },
        { NULL,                 0               }
};

static void
printdaemonflags(d)
        DAEMON_T *d;
{
        register struct dflags *df;
        bool first = true;

        for (df = DaemonFlags; df->d_name != NULL; df++)
        {
                if (!bitnset(df->d_flag, d->d_flags))
                        continue;
                if (first)
                        sm_dprintf("<%s", df->d_name);
                else
                        sm_dprintf(",%s", df->d_name);
                first = false;
        }
        if (!first)
                sm_dprintf(">");
}

bool
setdaemonoptions(p)
        register char *p;
{
        if (NDaemons >= MAXDAEMONS)
                return false;
        Daemons[NDaemons].d_socket = -1;
        Daemons[NDaemons].d_listenqueue = DEF_LISTENQUEUE;
        clrbitmap(Daemons[NDaemons].d_flags);
        setsockaddroptions(p, &Daemons[NDaemons]);

#if MILTER
        if (Daemons[NDaemons].d_inputfilterlist != NULL)
                Daemons[NDaemons].d_inputfilterlist = newstr(Daemons[NDaemons].d_inputfilterlist);
#endif /* MILTER */

        if (Daemons[NDaemons].d_name != NULL)
                Daemons[NDaemons].d_name = newstr(Daemons[NDaemons].d_name);
        else
        {
                char num[30];

                (void) sm_snprintf(num, sizeof(num), "Daemon%d", NDaemons);
                Daemons[NDaemons].d_name = newstr(num);
        }

        if (tTd(37, 1))
        {
                sm_dprintf("Daemon %s flags: ", Daemons[NDaemons].d_name);
                printdaemonflags(&Daemons[NDaemons]);
                sm_dprintf("\n");
        }
        ++NDaemons;
        return true;
}
/*
**  INITDAEMON -- initialize daemon if not yet done.
**
**      Parameters:
**              none
**
**      Returns:
**              none
**
**      Side Effects:
**              initializes structure for one daemon.
*/

void
initdaemon()
{
        if (NDaemons == 0)
        {
                Daemons[NDaemons].d_socket = -1;
                Daemons[NDaemons].d_listenqueue = DEF_LISTENQUEUE;
                Daemons[NDaemons].d_name = "Daemon0";
                NDaemons = 1;
        }
}
/*
**  SETCLIENTOPTIONS -- set options for running the client
**
**      Parameters:
**              p -- the options line.
**
**      Returns:
**              none.
*/

static DAEMON_T ClientSettings[AF_MAX + 1];

void
setclientoptions(p)
        register char *p;
{
        int family;
        DAEMON_T d;

        memset(&d, '\0', sizeof(d));
        setsockaddroptions(p, &d);

        /* grab what we need */
        family = d.d_addr.sa.sa_family;
        STRUCTCOPY(d, ClientSettings[family]);
        setbitn(D_ISSET, ClientSettings[family].d_flags); /* mark as set */
        if (d.d_name != NULL)
                ClientSettings[family].d_name = newstr(d.d_name);
        else
        {
                char num[30];

                (void) sm_snprintf(num, sizeof(num), "Client%d", family);
                ClientSettings[family].d_name = newstr(num);
        }
}
/*
**  ADDR_FAMILY -- determine address family from address
**
**      Parameters:
**              addr -- the string representation of the address
**
**      Returns:
**              AF_INET, AF_INET6 or AF_UNSPEC
**
**      Side Effects:
**              none.
*/

static int
addr_family(addr)
        char *addr;
{
#if NETINET6
        SOCKADDR clt_addr;
#endif /* NETINET6 */

#if NETINET
        if (inet_addr(addr) != INADDR_NONE)
        {
                if (tTd(16, 9))
                        sm_dprintf("addr_family(%s): INET\n", addr);
                return AF_INET;
        }
#endif /* NETINET */
#if NETINET6
        if (anynet_pton(AF_INET6, addr, &clt_addr.sin6.sin6_addr) == 1)
        {
                if (tTd(16, 9))
                        sm_dprintf("addr_family(%s): INET6\n", addr);
                return AF_INET6;
        }
#endif /* NETINET6 */
#if _FFR_DAEMON_NETUNIX
# if NETUNIX
        if (*addr == '/')
        {
                if (tTd(16, 9))
                        sm_dprintf("addr_family(%s): LOCAL\n", addr);
                return AF_UNIX;
        }
# endif /* NETUNIX */
#endif  /* _FFR_DAEMON_NETUNIX */
        if (tTd(16, 9))
                sm_dprintf("addr_family(%s): UNSPEC\n", addr);
        return AF_UNSPEC;
}

/*
**  CHKCLIENTMODIFIERS -- check whether all clients have set a flag.
**
**      Parameters:
**              flag -- the flag to test.
**
**      Returns:
**              true iff all configured clients have set the flag.
*/

bool
chkclientmodifiers(flag)
        int flag;
{
        int i;
        bool flagisset;

        flagisset = false;
        for (i = 0; i < AF_MAX; i++)
        {
                if (bitnset(D_ISSET, ClientSettings[i].d_flags))
                {
                        if (!bitnset((char) flag, ClientSettings[i].d_flags))
                                return false;
                        flagisset = true;
                }
        }
        return flagisset;
}

#if MILTER
/*
**  SETUP_DAEMON_FILTERS -- Parse per-socket filters
**
**      Parameters:
**              none
**
**      Returns:
**              none
*/

void
setup_daemon_milters()
{
        int idx;

        if (OpMode == MD_SMTP)
        {
                /* no need to configure the daemons */
                return;
        }

        for (idx = 0; idx < NDaemons; idx++)
        {
                if (Daemons[idx].d_inputfilterlist != NULL)
                {
                        milter_config(Daemons[idx].d_inputfilterlist,
                                      Daemons[idx].d_inputfilters,
                                      MAXFILTERS);
                }
        }
}
#endif /* MILTER */
/*
**  MAKECONNECTION -- make a connection to an SMTP socket on a machine.
**
**      Parameters:
**              host -- the name of the host.
**              port -- the port number to connect to.
**              mci -- a pointer to the mail connection information
**                      structure to be filled in.
**              e -- the current envelope.
**              enough -- time at which to stop further connection attempts.
**                      (0 means no limit)
**
**      Returns:
**              An exit code telling whether the connection could be
**                      made and if not why not.
**
**      Side Effects:
**              none.
*/

static jmp_buf  CtxConnectTimeout;

SOCKADDR        CurHostAddr;            /* address of current host */

int
makeconnection(host, port, mci, e, enough)
        char *host;
        volatile unsigned int port;
        register MCI *mci;
        ENVELOPE *e;
        time_t enough;
{
        register volatile int addrno = 0;
        volatile int s;
        register struct hostent *volatile hp = (struct hostent *) NULL;
        SOCKADDR addr;
        SOCKADDR clt_addr;
        int save_errno = 0;
        volatile SOCKADDR_LEN_T addrlen;
        volatile bool firstconnect = true;
        SM_EVENT *volatile ev = NULL;
#if NETINET6
        volatile bool v6found = false;
#endif /* NETINET6 */
        volatile int family = InetMode;
        SOCKADDR_LEN_T len;
        volatile SOCKADDR_LEN_T socksize = 0;
        volatile bool clt_bind;
        BITMAP256 d_flags;
        char *p;
        extern ENVELOPE BlankEnvelope;

        /* retranslate {daemon_flags} into bitmap */
        clrbitmap(d_flags);
        if ((p = macvalue(macid("{daemon_flags}"), e)) != NULL)
        {
                for (; *p != '\0'; p++)
                {
                        if (!(isascii(*p) && isspace(*p)))
                                setbitn(bitidx(*p), d_flags);
                }
        }

#if NETINET6
 v4retry:
#endif /* NETINET6 */
        clt_bind = false;

        /* Set up the address for outgoing connection. */
        if (bitnset(D_BINDIF, d_flags) &&
            (p = macvalue(macid("{if_addr}"), e)) != NULL &&
            *p != '\0')
        {
#if NETINET6
                char p6[INET6_ADDRSTRLEN];
#endif /* NETINET6 */

                memset(&clt_addr, '\0', sizeof(clt_addr));

                /* infer the address family from the address itself */
                clt_addr.sa.sa_family = addr_family(p);
                switch (clt_addr.sa.sa_family)
                {
#if NETINET
                  case AF_INET:
                        clt_addr.sin.sin_addr.s_addr = inet_addr(p);
                        if (clt_addr.sin.sin_addr.s_addr != INADDR_NONE &&
                            clt_addr.sin.sin_addr.s_addr !=
                                htonl(INADDR_LOOPBACK))
                        {
                                clt_bind = true;
                                socksize = sizeof(struct sockaddr_in);
                        }
                        break;
#endif /* NETINET */

#if NETINET6
                  case AF_INET6:
                        if (inet_addr(p) != INADDR_NONE)
                                (void) sm_snprintf(p6, sizeof(p6),
                                                   "IPv6:::ffff:%s", p);
                        else
                                (void) sm_strlcpy(p6, p, sizeof(p6));
                        if (anynet_pton(AF_INET6, p6,
                                        &clt_addr.sin6.sin6_addr) == 1 &&
                            !IN6_IS_ADDR_LOOPBACK(&clt_addr.sin6.sin6_addr))
                        {
                                clt_bind = true;
                                socksize = sizeof(struct sockaddr_in6);
                        }
                        break;
#endif /* NETINET6 */

#if 0
                  default:
                        syserr("554 5.3.5 Address= option unsupported for family %d",
                               clt_addr.sa.sa_family);
                        break;
#endif /* 0 */
                }
                if (clt_bind)
                        family = clt_addr.sa.sa_family;
        }

        /* D_BINDIF not set or not available, fallback to ClientPortOptions */
        if (!clt_bind)
        {
                STRUCTCOPY(ClientSettings[family].d_addr, clt_addr);
                switch (clt_addr.sa.sa_family)
                {
#if NETINET
                  case AF_INET:
                        if (clt_addr.sin.sin_addr.s_addr == 0)
                                clt_addr.sin.sin_addr.s_addr = LocalDaemon ?
                                        htonl(INADDR_LOOPBACK) : INADDR_ANY;
                        else
                                clt_bind = true;
                        if (clt_addr.sin.sin_port != 0)
                                clt_bind = true;
                        socksize = sizeof(struct sockaddr_in);
                        break;
#endif /* NETINET */
#if NETINET6
                  case AF_INET6:
                        if (IN6_IS_ADDR_UNSPECIFIED(&clt_addr.sin6.sin6_addr))
                                clt_addr.sin6.sin6_addr = LocalDaemon ?
                                        in6addr_loopback : in6addr_any;
                        else
                                clt_bind = true;
                        socksize = sizeof(struct sockaddr_in6);
                        if (clt_addr.sin6.sin6_port != 0)
                                clt_bind = true;
                        break;
#endif /* NETINET6 */
#if NETISO
                  case AF_ISO:
                        socksize = sizeof(clt_addr.siso);
                        clt_bind = true;
                        break;
#endif /* NETISO */
                  default:
                        break;
                }
        }

        /*
        **  Set up the address for the mailer.
        **      Accept "[a.b.c.d]" syntax for host name.
        */

        SM_SET_H_ERRNO(0);
        errno = 0;
        memset(&CurHostAddr, '\0', sizeof(CurHostAddr));
        memset(&addr, '\0', sizeof(addr));
        SmtpPhase = mci->mci_phase = "initial connection";
        CurHostName = host;

        if (host[0] == '[')
        {
                p = strchr(host, ']');
                if (p != NULL)
                {
#if NETINET
                        unsigned long hid = INADDR_NONE;
#endif /* NETINET */
#if NETINET6
                        struct sockaddr_in6 hid6;
#endif /* NETINET6 */

                        *p = '\0';
#if NETINET6
                        memset(&hid6, '\0', sizeof(hid6));
#endif /* NETINET6 */
#if NETINET
                        if (family == AF_INET &&
                            (hid = inet_addr(&host[1])) != INADDR_NONE)
                        {
                                addr.sin.sin_family = AF_INET;
                                addr.sin.sin_addr.s_addr = hid;
                        }
                        else
#endif /* NETINET */
#if NETINET6
                        if (family == AF_INET6 &&
                            anynet_pton(AF_INET6, &host[1],
                                        &hid6.sin6_addr) == 1)
                        {
                                addr.sin6.sin6_family = AF_INET6;
                                addr.sin6.sin6_addr = hid6.sin6_addr;
                        }
                        else
#endif /* NETINET6 */
                        {
                                /* try it as a host name (avoid MX lookup) */
                                hp = sm_gethostbyname(&host[1], family);
                                if (hp == NULL && p[-1] == '.')
                                {
#if NAMED_BIND
                                        int oldopts = _res.options;

                                        _res.options &= ~(RES_DEFNAMES|RES_DNSRCH);
#endif /* NAMED_BIND */
                                        p[-1] = '\0';
                                        hp = sm_gethostbyname(&host[1],
                                                              family);
                                        p[-1] = '.';
#if NAMED_BIND
                                        _res.options = oldopts;
#endif /* NAMED_BIND */
                                }
                                *p = ']';
                                goto gothostent;
                        }
                        *p = ']';
                }
                if (p == NULL)
                {
                        extern char MsgBuf[];

                        usrerrenh("5.1.2",
                                  "553 Invalid numeric domain spec \"%s\"",
                                  host);
                        mci_setstat(mci, EX_NOHOST, "5.1.2", MsgBuf);
                        errno = EINVAL;
                        return EX_NOHOST;
                }
        }
        else
        {
                /* contortion to get around SGI cc complaints */
                {
                        p = &host[strlen(host) - 1];
                        hp = sm_gethostbyname(host, family);
                        if (hp == NULL && *p == '.')
                        {
#if NAMED_BIND
                                int oldopts = _res.options;

                                _res.options &= ~(RES_DEFNAMES|RES_DNSRCH);
#endif /* NAMED_BIND */
                                *p = '\0';
                                hp = sm_gethostbyname(host, family);
                                *p = '.';
#if NAMED_BIND
                                _res.options = oldopts;
#endif /* NAMED_BIND */
                        }
                }
gothostent:
                if (hp == NULL || hp->h_addr == NULL)
                {
#if NAMED_BIND
                        /* check for name server timeouts */
# if NETINET6
                        if (WorkAroundBrokenAAAA && family == AF_INET6 &&
                            errno == ETIMEDOUT)
                        {
                                /*
                                **  An attempt with family AF_INET may
                                **  succeed By skipping the next section
                                **  of code, we will try AF_INET before
                                **  failing.
                                */

                                if (tTd(16, 10))
                                        sm_dprintf("makeconnection: WorkAroundBrokenAAAA: Trying AF_INET lookup (AF_INET6 failed)\n");
                        }
                        else
# endif /* NETINET6 */
                        {
                                if (errno == ETIMEDOUT ||
# if _FFR_GETHBN_ExFILE
#  ifdef EMFILE
                                   errno == EMFILE ||
#  endif /* EMFILE */
#  ifdef ENFILE
                                   errno == ENFILE ||
#  endif /* ENFILE */
# endif /* _FFR_GETHBN_ExFILE */
                                    h_errno == TRY_AGAIN ||
                                    (errno == ECONNREFUSED && UseNameServer))
                                {
                                        save_errno = errno;
                                        mci_setstat(mci, EX_TEMPFAIL,
                                                    "4.4.3", NULL);
                                        errno = save_errno;
                                        return EX_TEMPFAIL;
                                }
                        }
#endif /* NAMED_BIND */
#if NETINET6
                        /*
                        **  Try v6 first, then fall back to v4.
                        **  If we found a v6 address, but no v4
                        **  addresses, then TEMPFAIL.
                        */

                        if (family == AF_INET6)
                        {
                                family = AF_INET;
                                goto v4retry;
                        }
                        if (v6found)
                                goto v6tempfail;
#endif /* NETINET6 */
                        save_errno = errno;
                        mci_setstat(mci, EX_NOHOST, "5.1.2", NULL);
                        errno = save_errno;
                        return EX_NOHOST;
                }
                addr.sa.sa_family = hp->h_addrtype;
                switch (hp->h_addrtype)
                {
#if NETINET
                  case AF_INET:
                        memmove(&addr.sin.sin_addr,
                                hp->h_addr,
                                INADDRSZ);
                        break;
#endif /* NETINET */

#if NETINET6
                  case AF_INET6:
                        memmove(&addr.sin6.sin6_addr,
                                hp->h_addr,
                                IN6ADDRSZ);
                        break;
#endif /* NETINET6 */

                  default:
                        if (hp->h_length > sizeof(addr.sa.sa_data))
                        {
                                syserr("makeconnection: long sa_data: family %d len %d",
                                        hp->h_addrtype, hp->h_length);
                                mci_setstat(mci, EX_NOHOST, "5.1.2", NULL);
                                errno = EINVAL;
                                return EX_NOHOST;
                        }
                        memmove(addr.sa.sa_data, hp->h_addr, hp->h_length);
                        break;
                }
                addrno = 1;
        }

        /*
        **  Determine the port number.
        */

        if (port == 0)
        {
#ifdef NO_GETSERVBYNAME
                port = htons(25);
#else /* NO_GETSERVBYNAME */
                register struct servent *sp = getservbyname("smtp", "tcp");

                if (sp == NULL)
                {
                        if (LogLevel > 2)
                                sm_syslog(LOG_ERR, NOQID,
                                          "makeconnection: service \"smtp\" unknown");
                        port = htons(25);
                }
                else
                        port = sp->s_port;
#endif /* NO_GETSERVBYNAME */
        }

#if NETINET6
        if (addr.sa.sa_family == AF_INET6 &&
            IN6_IS_ADDR_V4MAPPED(&addr.sin6.sin6_addr) &&
            ClientSettings[AF_INET].d_addr.sa.sa_family != 0)
        {
                /*
                **  Ignore mapped IPv4 address since
                **  there is a ClientPortOptions setting
                **  for IPv4.
                */

                goto nextaddr;
        }
#endif /* NETINET6 */

        switch (addr.sa.sa_family)
        {
#if NETINET
          case AF_INET:
                addr.sin.sin_port = port;
                addrlen = sizeof(struct sockaddr_in);
                break;
#endif /* NETINET */

#if NETINET6
          case AF_INET6:
                addr.sin6.sin6_port = port;
                addrlen = sizeof(struct sockaddr_in6);
                break;
#endif /* NETINET6 */

#if NETISO
          case AF_ISO:
                /* assume two byte transport selector */
                memmove(TSEL((struct sockaddr_iso *) &addr), (char *) &port, 2);
                addrlen = sizeof(struct sockaddr_iso);
                break;
#endif /* NETISO */

          default:
                syserr("Can't connect to address family %d", addr.sa.sa_family);
                mci_setstat(mci, EX_NOHOST, "5.1.2", NULL);
                errno = EINVAL;
#if NETINET6
                if (hp != NULL)
                        freehostent(hp);
#endif /* NETINET6 */
                return EX_NOHOST;
        }

        /*
        **  Try to actually open the connection.
        */

#if XLA
        /* if too many connections, don't bother trying */
        if (!xla_noqueue_ok(host))
        {
# if NETINET6
                if (hp != NULL)
                        freehostent(hp);
# endif /* NETINET6 */
                return EX_TEMPFAIL;
        }
#endif /* XLA */

        for (;;)
        {
                if (tTd(16, 1))
                        sm_dprintf("makeconnection (%s [%s].%d (%d))\n",
                                   host, anynet_ntoa(&addr), ntohs(port),
                                   (int) addr.sa.sa_family);

                /* save for logging */
                CurHostAddr = addr;

#if HASRRESVPORT
                if (bitnset(M_SECURE_PORT, mci->mci_mailer->m_flags))
                {
                        int rport = IPPORT_RESERVED - 1;

                        s = rresvport(&rport);
                }
                else
#endif /* HASRRESVPORT */
                {
                        s = socket(addr.sa.sa_family, SOCK_STREAM, 0);
                }
                if (s < 0)
                {
                        save_errno = errno;
                        syserr("makeconnection: cannot create socket");
#if XLA
                        xla_host_end(host);
#endif /* XLA */
                        mci_setstat(mci, EX_TEMPFAIL, "4.4.5", NULL);
#if NETINET6
                        if (hp != NULL)
                                freehostent(hp);
#endif /* NETINET6 */
                        errno = save_errno;
                        return EX_TEMPFAIL;
                }

#ifdef SO_SNDBUF
                if (ClientSettings[family].d_tcpsndbufsize > 0)
                {
                        if (setsockopt(s, SOL_SOCKET, SO_SNDBUF,
                                       (char *) &ClientSettings[family].d_tcpsndbufsize,
                                       sizeof(ClientSettings[family].d_tcpsndbufsize)) < 0)
                                syserr("makeconnection: setsockopt(SO_SNDBUF)");
                }
#endif /* SO_SNDBUF */
#ifdef SO_RCVBUF
                if (ClientSettings[family].d_tcprcvbufsize > 0)
                {
                        if (setsockopt(s, SOL_SOCKET, SO_RCVBUF,
                                       (char *) &ClientSettings[family].d_tcprcvbufsize,
                                       sizeof(ClientSettings[family].d_tcprcvbufsize)) < 0)
                                syserr("makeconnection: setsockopt(SO_RCVBUF)");
                }
#endif /* SO_RCVBUF */

                if (tTd(16, 1))
                        sm_dprintf("makeconnection: fd=%d\n", s);

                /* turn on network debugging? */
                if (tTd(16, 101))
                {
                        int on = 1;

                        (void) setsockopt(s, SOL_SOCKET, SO_DEBUG,
                                          (char *)&on, sizeof(on));
                }
                if (e->e_xfp != NULL)   /* for debugging */
                        (void) sm_io_flush(e->e_xfp, SM_TIME_DEFAULT);
                errno = 0;              /* for debugging */

                if (clt_bind)
                {
                        int on = 1;

                        switch (clt_addr.sa.sa_family)
                        {
#if NETINET
                          case AF_INET:
                                if (clt_addr.sin.sin_port != 0)
                                        (void) setsockopt(s, SOL_SOCKET,
                                                          SO_REUSEADDR,
                                                          (char *) &on,
                                                          sizeof(on));
                                break;
#endif /* NETINET */

#if NETINET6
                          case AF_INET6:
                                if (clt_addr.sin6.sin6_port != 0)
                                        (void) setsockopt(s, SOL_SOCKET,
                                                          SO_REUSEADDR,
                                                          (char *) &on,
                                                          sizeof(on));
                                break;
#endif /* NETINET6 */
                        }

                        if (bind(s, &clt_addr.sa, socksize) < 0)
                        {
                                save_errno = errno;
                                (void) close(s);
                                errno = save_errno;
                                syserr("makeconnection: cannot bind socket [%s]",
                                       anynet_ntoa(&clt_addr));
#if NETINET6
                                if (hp != NULL)
                                        freehostent(hp);
#endif /* NETINET6 */
                                errno = save_errno;
                                return EX_TEMPFAIL;
                        }
                }

                /*
                **  Linux seems to hang in connect for 90 minutes (!!!).
                **  Time out the connect to avoid this problem.
                */

                if (setjmp(CtxConnectTimeout) == 0)
                {
                        int i;

                        if (e->e_ntries <= 0 && TimeOuts.to_iconnect != 0)
                                ev = sm_setevent(TimeOuts.to_iconnect,
                                                 connecttimeout, 0);
                        else if (TimeOuts.to_connect != 0)
                                ev = sm_setevent(TimeOuts.to_connect,
                                                 connecttimeout, 0);
                        else
                                ev = NULL;

                        switch (ConnectOnlyTo.sa.sa_family)
                        {
#if NETINET
                          case AF_INET:
                                addr.sin.sin_addr.s_addr = ConnectOnlyTo.sin.sin_addr.s_addr;
                                break;
#endif /* NETINET */

#if NETINET6
                          case AF_INET6:
                                memmove(&addr.sin6.sin6_addr,
                                        &ConnectOnlyTo.sin6.sin6_addr,
                                        IN6ADDRSZ);
                                break;
#endif /* NETINET6 */
                        }
                        if (tTd(16, 1))
                                sm_dprintf("Connecting to [%s]...\n", anynet_ntoa(&addr));
                        i = connect(s, (struct sockaddr *) &addr, addrlen);
                        save_errno = errno;
                        if (ev != NULL)
                                sm_clrevent(ev);
                        if (i >= 0)
                                break;
                }
                else
                        save_errno = errno;

                /* couldn't connect.... figure out why */
                (void) close(s);

                /* if running demand-dialed connection, try again */
                if (DialDelay > 0 && firstconnect &&
                    bitnset(M_DIALDELAY, mci->mci_mailer->m_flags))
                {
                        if (tTd(16, 1))
                                sm_dprintf("Connect failed (%s); trying again...\n",
                                           sm_errstring(save_errno));
                        firstconnect = false;
                        (void) sleep(DialDelay);
                        continue;
                }

                if (LogLevel > 13)
                        sm_syslog(LOG_INFO, e->e_id,
                                  "makeconnection (%s [%s]) failed: %s",
                                  host, anynet_ntoa(&addr),
                                  sm_errstring(save_errno));

#if NETINET6
nextaddr:
#endif /* NETINET6 */
                if (hp != NULL && hp->h_addr_list[addrno] != NULL &&
                    (enough == 0 || curtime() < enough))
                {
                        if (tTd(16, 1))
                                sm_dprintf("Connect failed (%s); trying new address....\n",
                                           sm_errstring(save_errno));
                        switch (addr.sa.sa_family)
                        {
#if NETINET
                          case AF_INET:
                                memmove(&addr.sin.sin_addr,
                                        hp->h_addr_list[addrno++],
                                        INADDRSZ);
                                break;
#endif /* NETINET */

#if NETINET6
                          case AF_INET6:
                                memmove(&addr.sin6.sin6_addr,
                                        hp->h_addr_list[addrno++],
                                        IN6ADDRSZ);
                                break;
#endif /* NETINET6 */

                          default:
                                memmove(addr.sa.sa_data,
                                        hp->h_addr_list[addrno++],
                                        hp->h_length);
                                break;
                        }
                        continue;
                }
                errno = save_errno;

#if NETINET6
                if (family == AF_INET6)
                {
                        if (tTd(16, 1))
                                sm_dprintf("Connect failed (%s); retrying with AF_INET....\n",
                                           sm_errstring(save_errno));
                        v6found = true;
                        family = AF_INET;
                        if (hp != NULL)
                        {
                                freehostent(hp);
                                hp = NULL;
                        }
                        goto v4retry;
                }
        v6tempfail:
#endif /* NETINET6 */
                /* couldn't open connection */
#if NETINET6
                /* Don't clobber an already saved errno from v4retry */
                if (errno > 0)
#endif /* NETINET6 */
                        save_errno = errno;
                if (tTd(16, 1))
                        sm_dprintf("Connect failed (%s)\n",
                                   sm_errstring(save_errno));
#if XLA
                xla_host_end(host);
#endif /* XLA */
                mci_setstat(mci, EX_TEMPFAIL, "4.4.1", NULL);
#if NETINET6
                if (hp != NULL)
                        freehostent(hp);
#endif /* NETINET6 */
                errno = save_errno;
                return EX_TEMPFAIL;
        }

#if NETINET6
        if (hp != NULL)
        {
                freehostent(hp);
                hp = NULL;
        }
#endif /* NETINET6 */

        /* connection ok, put it into canonical form */
        mci->mci_out = NULL;
        if ((mci->mci_out = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
                                       (void *) &s,
                                       SM_IO_WRONLY_B, NULL)) == NULL ||
            (s = dup(s)) < 0 ||
            (mci->mci_in = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
                                      (void *) &s,
                                      SM_IO_RDONLY_B, NULL)) == NULL)
        {
                save_errno = errno;
                syserr("cannot open SMTP client channel, fd=%d", s);
                mci_setstat(mci, EX_TEMPFAIL, "4.4.5", NULL);
                if (mci->mci_out != NULL)
                        (void) sm_io_close(mci->mci_out, SM_TIME_DEFAULT);
                (void) close(s);
                errno = save_errno;
                return EX_TEMPFAIL;
        }
        sm_io_automode(mci->mci_out, mci->mci_in);

        /* set {client_flags} */
        if (ClientSettings[addr.sa.sa_family].d_mflags != NULL)
        {
                macdefine(&mci->mci_macro, A_PERM,
                          macid("{client_flags}"),
                          ClientSettings[addr.sa.sa_family].d_mflags);
        }
        else
                macdefine(&mci->mci_macro, A_PERM,
                          macid("{client_flags}"), "");

        /* "add" {client_flags} to bitmap */
        if (bitnset(D_IFNHELO, ClientSettings[addr.sa.sa_family].d_flags))
        {
                /* look for just this one flag */
                setbitn(D_IFNHELO, d_flags);
        }

        /* find out name for Interface through which we connect */
        len = sizeof(addr);
        if (getsockname(s, &addr.sa, &len) == 0)
        {
                char *name;
                char family[5];

                macdefine(&BlankEnvelope.e_macro, A_TEMP,
                        macid("{if_addr_out}"), anynet_ntoa(&addr));
                (void) sm_snprintf(family, sizeof(family), "%d",
                        addr.sa.sa_family);
                macdefine(&BlankEnvelope.e_macro, A_TEMP,
                        macid("{if_family_out}"), family);

                name = hostnamebyanyaddr(&addr);
                macdefine(&BlankEnvelope.e_macro, A_TEMP,
                        macid("{if_name_out}"), name);
                if (LogLevel > 11)
                {
                        /* log connection information */
                        sm_syslog(LOG_INFO, e->e_id,
                                  "SMTP outgoing connect on %.40s", name);
                }
                if (bitnset(D_IFNHELO, d_flags))
                {
                        if (name[0] != '[' && strchr(name, '.') != NULL)
                                mci->mci_heloname = newstr(name);
                }
        }
        else
        {
                macdefine(&BlankEnvelope.e_macro, A_PERM,
                        macid("{if_name_out}"), NULL);
                macdefine(&BlankEnvelope.e_macro, A_PERM,
                        macid("{if_addr_out}"), NULL);
                macdefine(&BlankEnvelope.e_macro, A_PERM,
                        macid("{if_family_out}"), NULL);
        }

        /* Use the configured HeloName as appropriate */
        if (HeloName != NULL && HeloName[0] != '\0')
                mci->mci_heloname = newstr(HeloName);

        mci_setstat(mci, EX_OK, NULL, NULL);
        return EX_OK;
}

static void
connecttimeout(ignore)
        int ignore;
{
        /*
        **  NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER.  DO NOT ADD
        **      ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
        **      DOING.
        */

        errno = ETIMEDOUT;
        longjmp(CtxConnectTimeout, 1);
}
/*
**  MAKECONNECTION_DS -- make a connection to a domain socket.
**
**      Parameters:
**              mux_path -- the path of the socket to connect to.
**              mci -- a pointer to the mail connection information
**                      structure to be filled in.
**
**      Returns:
**              An exit code telling whether the connection could be
**                      made and if not why not.
**
**      Side Effects:
**              none.
*/

#if NETUNIX
int
makeconnection_ds(mux_path, mci)
        char *mux_path;
        register MCI *mci;
{
        int sock;
        int rval, save_errno;
        long sff = SFF_SAFEDIRPATH|SFF_OPENASROOT|SFF_NOLINK|SFF_ROOTOK|SFF_EXECOK;
        struct sockaddr_un unix_addr;

        /* if not safe, don't connect */
        rval = safefile(mux_path, RunAsUid, RunAsGid, RunAsUserName,
                        sff, S_IRUSR|S_IWUSR, NULL);

        if (rval != 0)
        {
                syserr("makeconnection_ds: unsafe domain socket %s",
                        mux_path);
                mci_setstat(mci, EX_TEMPFAIL, "4.3.5", NULL);
                errno = rval;
                return EX_TEMPFAIL;
        }

        /* prepare address structure */
        memset(&unix_addr, '\0', sizeof(unix_addr));
        unix_addr.sun_family = AF_UNIX;

        if (strlen(mux_path) >= sizeof(unix_addr.sun_path))
        {
                syserr("makeconnection_ds: domain socket name %s too long",
                        mux_path);

                /* XXX why TEMPFAIL but 5.x.y ? */
                mci_setstat(mci, EX_TEMPFAIL, "5.3.5", NULL);
                errno = ENAMETOOLONG;
                return EX_UNAVAILABLE;
        }
        (void) sm_strlcpy(unix_addr.sun_path, mux_path,
                          sizeof(unix_addr.sun_path));

        /* initialize domain socket */
        sock = socket(AF_UNIX, SOCK_STREAM, 0);
        if (sock == -1)
        {
                save_errno = errno;
                syserr("makeconnection_ds: could not create domain socket %s",
                        mux_path);
                mci_setstat(mci, EX_TEMPFAIL, "4.4.5", NULL);
                errno = save_errno;
                return EX_TEMPFAIL;
        }

        /* connect to server */
        if (connect(sock, (struct sockaddr *) &unix_addr,
                    sizeof(unix_addr)) == -1)
        {
                save_errno = errno;
                syserr("Could not connect to socket %s", mux_path);
                mci_setstat(mci, EX_TEMPFAIL, "4.4.1", NULL);
                (void) close(sock);
                errno = save_errno;
                return EX_TEMPFAIL;
        }

        /* connection ok, put it into canonical form */
        mci->mci_out = NULL;
        if ((mci->mci_out = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
                                       (void *) &sock, SM_IO_WRONLY_B, NULL))
                                        == NULL
            || (sock = dup(sock)) < 0 ||
            (mci->mci_in = sm_io_open(SmFtStdiofd, SM_TIME_DEFAULT,
                                      (void *) &sock, SM_IO_RDONLY_B, NULL))
                                        == NULL)
        {
                save_errno = errno;
                syserr("cannot open SMTP client channel, fd=%d", sock);
                mci_setstat(mci, EX_TEMPFAIL, "4.4.5", NULL);
                if (mci->mci_out != NULL)
                        (void) sm_io_close(mci->mci_out, SM_TIME_DEFAULT);
                (void) close(sock);
                errno = save_errno;
                return EX_TEMPFAIL;
        }
        sm_io_automode(mci->mci_out, mci->mci_in);

        mci_setstat(mci, EX_OK, NULL, NULL);
        errno = 0;
        return EX_OK;
}
#endif /* NETUNIX */
/*
**  SHUTDOWN_DAEMON -- Performs a clean shutdown of the daemon
**
**      Parameters:
**              none.
**
**      Returns:
**              none.
**
**      Side Effects:
**              closes control socket, exits.
*/

void
shutdown_daemon()
{
        int i;
        char *reason;

        sm_allsignals(true);

        reason = ShutdownRequest;
        ShutdownRequest = NULL;
        PendingSignal = 0;

        if (LogLevel > 9)
                sm_syslog(LOG_INFO, CurEnv->e_id, "stopping daemon, reason=%s",
                          reason == NULL ? "implicit call" : reason);

        FileName = NULL;
        closecontrolsocket(true);
#if XLA
        xla_all_end();
#endif /* XLA */

        for (i = 0; i < NDaemons; i++)
        {
                if (Daemons[i].d_socket >= 0)
                {
                        (void) close(Daemons[i].d_socket);
                        Daemons[i].d_socket = -1;

#if _FFR_DAEMON_NETUNIX
# if NETUNIX
                        /* Remove named sockets */
                        if (Daemons[i].d_addr.sa.sa_family == AF_UNIX)
                        {
                                int rval;
                                long sff = SFF_SAFEDIRPATH|SFF_OPENASROOT|SFF_NOLINK|SFF_MUSTOWN|SFF_EXECOK|SFF_CREAT;

                                /* if not safe, don't use it */
                                rval = safefile(Daemons[i].d_addr.sunix.sun_path,
                                                RunAsUid, RunAsGid,
                                                RunAsUserName, sff,
                                                S_IRUSR|S_IWUSR, NULL);
                                if (rval == 0 &&
                                    unlink(Daemons[i].d_addr.sunix.sun_path) < 0)
                                {
                                        sm_syslog(LOG_WARNING, NOQID,
                                                  "Could not remove daemon %s socket: %s: %s",
                                                  Daemons[i].d_name,
                                                  Daemons[i].d_addr.sunix.sun_path,
                                                  sm_errstring(errno));
                                }
                        }
# endif /* NETUNIX */
#endif  /* _FFR_DAEMON_NETUNIX */
                }
        }

        finis(false, true, EX_OK);
}
/*
**  RESTART_DAEMON -- Performs a clean restart of the daemon
**
**      Parameters:
**              none.
**
**      Returns:
**              none.
**
**      Side Effects:
**              restarts the daemon or exits if restart fails.
*/

/* Make a non-DFL/IGN signal a noop */
#define SM_NOOP_SIGNAL(sig, old)                                \
do                                                              \
{                                                               \
        (old) = sm_signal((sig), sm_signal_noop);               \
        if ((old) == SIG_IGN || (old) == SIG_DFL)               \
                (void) sm_signal((sig), (old));                 \
} while (0)

void
restart_daemon()
{
        bool drop;
        int save_errno;
        char *reason;
        sigfunc_t ignore, oalrm, ousr1;
        extern int DtableSize;

        /* clear the events to turn off SIGALRMs */
        sm_clear_events();
        sm_allsignals(true);

        reason = RestartRequest;
        RestartRequest = NULL;
        PendingSignal = 0;

        if (SaveArgv[0][0] != '/')
        {
                if (LogLevel > 3)
                        sm_syslog(LOG_INFO, NOQID,
                                  "could not restart: need full path");
                finis(false, true, EX_OSFILE);
                /* NOTREACHED */
        }
        if (LogLevel > 3)
                sm_syslog(LOG_INFO, NOQID, "restarting %s due to %s",
                          SaveArgv[0],
                          reason == NULL ? "implicit call" : reason);

        closecontrolsocket(true);
#if SM_CONF_SHM
        cleanup_shm(DaemonPid == getpid());
#endif /* SM_CONF_SHM */

        /* close locked pid file */
        close_sendmail_pid();

        /*
        **  Want to drop to the user who started the process in all cases
        **  *but* when running as "smmsp" for the clientmqueue queue run
        **  daemon.  In that case, UseMSP will be true, RunAsUid should not
        **  be root, and RealUid should be either 0 or RunAsUid.
        */

        drop = !(UseMSP && RunAsUid != 0 &&
                 (RealUid == 0 || RealUid == RunAsUid));

        if (drop_privileges(drop) != EX_OK)
        {
                if (LogLevel > 0)
                        sm_syslog(LOG_ALERT, NOQID,
                                  "could not drop privileges: %s",
                                  sm_errstring(errno));
                finis(false, true, EX_OSERR);
                /* NOTREACHED */
        }

        sm_close_on_exec(STDERR_FILENO + 1, DtableSize);

        /*
        **  Need to allow signals before execve() to make them "harmless".
        **  However, the default action can be "terminate", so it isn't
        **  really harmless.  Setting signals to IGN will cause them to be
        **  ignored in the new process to, so that isn't a good alternative.
        */

        SM_NOOP_SIGNAL(SIGALRM, oalrm);
        SM_NOOP_SIGNAL(SIGCHLD, ignore);
        SM_NOOP_SIGNAL(SIGHUP, ignore);
        SM_NOOP_SIGNAL(SIGINT, ignore);
        SM_NOOP_SIGNAL(SIGPIPE, ignore);
        SM_NOOP_SIGNAL(SIGTERM, ignore);
#ifdef SIGUSR1
        SM_NOOP_SIGNAL(SIGUSR1, ousr1);
#endif /* SIGUSR1 */

        /* Turn back on signals */
        sm_allsignals(false);

        (void) execve(SaveArgv[0], (ARGV_T) SaveArgv, (ARGV_T) ExternalEnviron);
        save_errno = errno;

        /* block signals again and restore needed signals */
        sm_allsignals(true);

        /* For finis() events */
        (void) sm_signal(SIGALRM, oalrm);

#ifdef SIGUSR1
        /* For debugging finis() */
        (void) sm_signal(SIGUSR1, ousr1);
#endif /* SIGUSR1 */

        errno = save_errno;
        if (LogLevel > 0)
                sm_syslog(LOG_ALERT, NOQID, "could not exec %s: %s",
                          SaveArgv[0], sm_errstring(errno));
        finis(false, true, EX_OSFILE);
        /* NOTREACHED */
}
/*
**  MYHOSTNAME -- return the name of this host.
**
**      Parameters:
**              hostbuf -- a place to return the name of this host.
**              size -- the size of hostbuf.
**
**      Returns:
**              A list of aliases for this host.
**
**      Side Effects:
**              Adds numeric codes to $=w.
*/

struct hostent *
myhostname(hostbuf, size)
        char hostbuf[];
        int size;
{
        register struct hostent *hp;

        if (gethostname(hostbuf, size) < 0 || hostbuf[0] == '\0')
                (void) sm_strlcpy(hostbuf, "localhost", size);
        hp = sm_gethostbyname(hostbuf, InetMode);
#if NETINET && NETINET6
        if (hp == NULL && InetMode == AF_INET6)
        {
                /*
                **  It's possible that this IPv6 enabled machine doesn't
                **  actually have any IPv6 interfaces and, therefore, no
                **  IPv6 addresses.  Fall back to AF_INET.
                */

                hp = sm_gethostbyname(hostbuf, AF_INET);
        }
#endif /* NETINET && NETINET6 */
        if (hp == NULL)
                return NULL;
        if (strchr(hp->h_name, '.') != NULL || strchr(hostbuf, '.') == NULL)
                (void) cleanstrcpy(hostbuf, hp->h_name, size);

#if NETINFO
        if (strchr(hostbuf, '.') == NULL)
        {
                char *domainname;

                domainname = ni_propval("/locations", NULL, "resolver",
                                        "domain", '\0');
                if (domainname != NULL &&
                    strlen(domainname) + strlen(hostbuf) + 1 < size)
                        (void) sm_strlcat2(hostbuf, ".", domainname, size);
        }
#endif /* NETINFO */

        /*
        **  If there is still no dot in the name, try looking for a
        **  dotted alias.
        */

        if (strchr(hostbuf, '.') == NULL)
        {
                char **ha;

                for (ha = hp->h_aliases; ha != NULL && *ha != NULL; ha++)
                {
                        if (strchr(*ha, '.') != NULL)
                        {
                                (void) cleanstrcpy(hostbuf, *ha, size - 1);
                                hostbuf[size - 1] = '\0';
                                break;
                        }
                }
        }

        /*
        **  If _still_ no dot, wait for a while and try again -- it is
        **  possible that some service is starting up.  This can result
        **  in excessive delays if the system is badly configured, but
        **  there really isn't a way around that, particularly given that
        **  the config file hasn't been read at this point.
        **  All in all, a bit of a mess.
        */

        if (strchr(hostbuf, '.') == NULL &&
            !getcanonname(hostbuf, size, true, NULL))
        {
                sm_syslog(LocalDaemon ? LOG_WARNING : LOG_CRIT, NOQID,
                          "My unqualified host name (%s) unknown; sleeping for retry",
                          hostbuf);
                message("My unqualified host name (%s) unknown; sleeping for retry",
                        hostbuf);
                (void) sleep(60);
                if (!getcanonname(hostbuf, size, true, NULL))
                {
                        sm_syslog(LocalDaemon ? LOG_WARNING : LOG_ALERT, NOQID,
                                  "unable to qualify my own domain name (%s) -- using short name",
                                  hostbuf);
                        message("WARNING: unable to qualify my own domain name (%s) -- using short name",
                                hostbuf);
                }
        }
        return hp;
}
/*
**  ADDRCMP -- compare two host addresses
**
**      Parameters:
**              hp -- hostent structure for the first address
**              ha -- actual first address
**              sa -- second address
**
**      Returns:
**              0 -- if ha and sa match
**              else -- they don't match
*/

static int
addrcmp(hp, ha, sa)
        struct hostent *hp;
        char *ha;
        SOCKADDR *sa;
{
#if NETINET6
        unsigned char *a;
#endif /* NETINET6 */

        switch (sa->sa.sa_family)
        {
#if NETINET
          case AF_INET:
                if (hp->h_addrtype == AF_INET)
                        return memcmp(ha, (char *) &sa->sin.sin_addr, INADDRSZ);
                break;
#endif /* NETINET */

#if NETINET6
          case AF_INET6:
                a = (unsigned char *) &sa->sin6.sin6_addr;

                /* Straight binary comparison */
                if (hp->h_addrtype == AF_INET6)
                        return memcmp(ha, a, IN6ADDRSZ);

                /* If IPv4-mapped IPv6 address, compare the IPv4 section */
                if (hp->h_addrtype == AF_INET &&
                    IN6_IS_ADDR_V4MAPPED(&sa->sin6.sin6_addr))
                        return memcmp(a + IN6ADDRSZ - INADDRSZ, ha, INADDRSZ);
                break;
#endif /* NETINET6 */
        }
        return -1;
}
/*
**  GETAUTHINFO -- get the real host name associated with a file descriptor
**
**      Uses RFC1413 protocol to try to get info from the other end.
**
**      Parameters:
**              fd -- the descriptor
**              may_be_forged -- an outage that is set to true if the
**                      forward lookup of RealHostName does not match
**                      RealHostAddr; set to false if they do match.
**
**      Returns:
**              The user@host information associated with this descriptor.
*/

static jmp_buf  CtxAuthTimeout;

static void
authtimeout(ignore)
        int ignore;
{
        /*
        **  NOTE: THIS CAN BE CALLED FROM A SIGNAL HANDLER.  DO NOT ADD
        **      ANYTHING TO THIS ROUTINE UNLESS YOU KNOW WHAT YOU ARE
        **      DOING.
        */

        errno = ETIMEDOUT;
        longjmp(CtxAuthTimeout, 1);
}

char *
getauthinfo(fd, may_be_forged)
        int fd;
        bool *may_be_forged;
{
        unsigned short SM_NONVOLATILE port = 0;
        SOCKADDR_LEN_T falen;
        register char *volatile p = NULL;
        SOCKADDR la;
        SOCKADDR_LEN_T lalen;
#ifndef NO_GETSERVBYNAME
        register struct servent *sp;
# if NETINET
        static unsigned short port4 = 0;
# endif /* NETINET */
# if NETINET6
        static unsigned short port6 = 0;
# endif /* NETINET6 */
#endif /* ! NO_GETSERVBYNAME */
        volatile int s;
        int i = 0;
        size_t len;
        SM_EVENT *ev;
        int nleft;
        struct hostent *hp;
        char *ostype = NULL;
        char **ha;
        char ibuf[MAXNAME + 1];
        static char hbuf[MAXNAME + MAXAUTHINFO + 11];

        *may_be_forged = false;
        falen = sizeof(RealHostAddr);
        if (isatty(fd) || (i = getpeername(fd, &RealHostAddr.sa, &falen)) < 0 ||
            falen <= 0 || RealHostAddr.sa.sa_family == 0)
        {
                if (i < 0)
                {
                        /*
                        **  ENOTSOCK is OK: bail on anything else, but reset
                        **  errno in this case, so a mis-report doesn't
                        **  happen later.
                        */

                        if (errno != ENOTSOCK)
                                return NULL;
                        errno = 0;
                }
                (void) sm_strlcpyn(hbuf, sizeof(hbuf), 2, RealUserName,
                                   "@localhost");
                if (tTd(9, 1))
                        sm_dprintf("getauthinfo: %s\n", hbuf);
                return hbuf;
        }

        if (RealHostName == NULL)
        {
                /* translate that to a host name */
                RealHostName = newstr(hostnamebyanyaddr(&RealHostAddr));
                if (strlen(RealHostName) > MAXNAME)
                        RealHostName[MAXNAME] = '\0'; /* XXX - 1 ? */
        }

        /* cross check RealHostName with forward DNS lookup */
        if (anynet_ntoa(&RealHostAddr)[0] != '[' &&
            RealHostName[0] != '[')
        {
                int family;

                family = RealHostAddr.sa.sa_family;
#if NETINET6 && NEEDSGETIPNODE
                /*
                **  If RealHostAddr is an IPv6 connection with an
                **  IPv4-mapped address, we need RealHostName's IPv4
                **  address(es) for addrcmp() to compare against
                **  RealHostAddr.
                **
                **  Actually, we only need to do this for systems
                **  which NEEDSGETIPNODE since the real getipnodebyname()
                **  already does V4MAPPED address via the AI_V4MAPPEDCFG
                **  flag.  A better fix to this problem is to add this
                **  functionality to our stub getipnodebyname().
                */

                if (family == AF_INET6 &&
                    IN6_IS_ADDR_V4MAPPED(&RealHostAddr.sin6.sin6_addr))
                        family = AF_INET;
#endif /* NETINET6 && NEEDSGETIPNODE */

                /* try to match the reverse against the forward lookup */
                hp = sm_gethostbyname(RealHostName, family);
                if (hp == NULL)
                {
                        /* XXX: Could be a temporary error on forward lookup */
                        *may_be_forged = true;
                }
                else
                {
                        for (ha = hp->h_addr_list; *ha != NULL; ha++)
                        {
                                if (addrcmp(hp, *ha, &RealHostAddr) == 0)
                                        break;
                        }
                        *may_be_forged = *ha == NULL;
#if NETINET6
                        freehostent(hp);
                        hp = NULL;
#endif /* NETINET6 */
                }
        }

        if (TimeOuts.to_ident == 0)
                goto noident;

        lalen = sizeof(la);
        switch (RealHostAddr.sa.sa_family)
        {
#if NETINET
          case AF_INET:
                if (getsockname(fd, &la.sa, &lalen) < 0 ||
                    lalen <= 0 ||
                    la.sa.sa_family != AF_INET)
                {
                        /* no ident info */
                        goto noident;
                }
                port = RealHostAddr.sin.sin_port;

                /* create ident query */
                (void) sm_snprintf(ibuf, sizeof(ibuf), "%d,%d\r\n",
                                ntohs(RealHostAddr.sin.sin_port),
                                ntohs(la.sin.sin_port));

                /* create local address */
                la.sin.sin_port = 0;

                /* create foreign address */
# ifdef NO_GETSERVBYNAME
                RealHostAddr.sin.sin_port = htons(113);
# else /* NO_GETSERVBYNAME */

                /*
                **  getservbyname() consumes about 5% of the time
                **  when receiving a small message (almost all of the time
                **  spent in this routine).
                **  Hence we store the port in a static variable
                **  to save this time.
                **  The portnumber shouldn't change very often...
                **  This code makes the assumption that the port number
                **  is not 0.
                */

                if (port4 == 0)
                {
                        sp = getservbyname("auth", "tcp");
                        if (sp != NULL)
                                port4 = sp->s_port;
                        else
                                port4 = htons(113);
                }
                RealHostAddr.sin.sin_port = port4;
                break;
# endif /* NO_GETSERVBYNAME */
#endif /* NETINET */

#if NETINET6
          case AF_INET6:
                if (getsockname(fd, &la.sa, &lalen) < 0 ||
                    lalen <= 0 ||
                    la.sa.sa_family != AF_INET6)
                {
                        /* no ident info */
                        goto noident;
                }
                port = RealHostAddr.sin6.sin6_port;

                /* create ident query */
                (void) sm_snprintf(ibuf, sizeof(ibuf), "%d,%d\r\n",
                                ntohs(RealHostAddr.sin6.sin6_port),
                                ntohs(la.sin6.sin6_port));

                /* create local address */
                la.sin6.sin6_port = 0;

                /* create foreign address */
# ifdef NO_GETSERVBYNAME
                RealHostAddr.sin6.sin6_port = htons(113);
# else /* NO_GETSERVBYNAME */
                if (port6 == 0)
                {
                        sp = getservbyname("auth", "tcp");
                        if (sp != NULL)
                                port6 = sp->s_port;
                        else
                                port6 = htons(113);
                }
                RealHostAddr.sin6.sin6_port = port6;
                break;
# endif /* NO_GETSERVBYNAME */
#endif /* NETINET6 */
          default:
                /* no ident info */
                goto noident;
        }

        s = -1;
        if (setjmp(CtxAuthTimeout) != 0)
        {
                if (s >= 0)
                        (void) close(s);
                goto noident;
        }

        /* put a timeout around the whole thing */
        ev = sm_setevent(TimeOuts.to_ident, authtimeout, 0);

        /* connect to foreign IDENT server using same address as SMTP socket */
        s = socket(la.sa.sa_family, SOCK_STREAM, 0);
        if (s < 0)
        {
                sm_clrevent(ev);
                goto noident;
        }
        if (bind(s, &la.sa, lalen) < 0 ||
            connect(s, &RealHostAddr.sa, lalen) < 0)
                goto closeident;

        if (tTd(9, 10))
                sm_dprintf("getauthinfo: sent %s", ibuf);

        /* send query */
        if (write(s, ibuf, strlen(ibuf)) < 0)
                goto closeident;

        /* get result */
        p = &ibuf[0];
        nleft = sizeof(ibuf) - 1;
        while ((i = read(s, p, nleft)) > 0)
        {
                char *s;

                p += i;
                nleft -= i;
                *p = '\0';
                if ((s = strchr(ibuf, '\n')) != NULL)
                {
                        if (p > s + 1)
                        {
                                p = s + 1;
                                *p = '\0';
                        }
                        break;
                }
                if (nleft <= 0)
                        break;
        }
        (void) close(s);
        sm_clrevent(ev);
        if (i < 0 || p == &ibuf[0])
                goto noident;

        if (p >= &ibuf[2] && *--p == '\n' && *--p == '\r')
                p--;
        *++p = '\0';

        if (tTd(9, 3))
                sm_dprintf("getauthinfo:  got %s\n", ibuf);

        /* parse result */
        p = strchr(ibuf, ':');
        if (p == NULL)
        {
                /* malformed response */
                goto noident;
        }
        while (isascii(*++p) && isspace(*p))
                continue;
        if (sm_strncasecmp(p, "userid", 6) != 0)
        {
                /* presumably an error string */
                goto noident;
        }
        p += 6;
        while (isascii(*p) && isspace(*p))
                p++;
        if (*p++ != ':')
        {
                /* either useridxx or malformed response */
                goto noident;
        }

        /* p now points to the OSTYPE field */
        while (isascii(*p) && isspace(*p))
                p++;
        ostype = p;
        p = strchr(p, ':');
        if (p == NULL)
        {
                /* malformed response */
                goto noident;
        }
        else
        {
                char *charset;

                *p = '\0';
                charset = strchr(ostype, ',');
                if (charset != NULL)
                        *charset = '\0';
        }

        /* 1413 says don't do this -- but it's broken otherwise */
        while (isascii(*++p) && isspace(*p))
                continue;

        /* p now points to the authenticated name -- copy carefully */
        if (sm_strncasecmp(ostype, "other", 5) == 0 &&
            (ostype[5] == ' ' || ostype[5] == '\0'))
        {
                (void) sm_strlcpy(hbuf, "IDENT:", sizeof(hbuf));
                cleanstrcpy(&hbuf[6], p, MAXAUTHINFO);
        }
        else
                cleanstrcpy(hbuf, p, MAXAUTHINFO);
        len = strlen(hbuf);
        (void) sm_strlcpyn(&hbuf[len], sizeof(hbuf) - len, 2, "@",
                           RealHostName == NULL ? "localhost" : RealHostName);
        goto postident;

closeident:
        (void) close(s);
        sm_clrevent(ev);

noident:
        /* put back the original incoming port */
        switch (RealHostAddr.sa.sa_family)
        {
#if NETINET
          case AF_INET:
                if (port > 0)
                        RealHostAddr.sin.sin_port = port;
                break;
#endif /* NETINET */

#if NETINET6
          case AF_INET6:
                if (port > 0)
                        RealHostAddr.sin6.sin6_port = port;
                break;
#endif /* NETINET6 */
        }

        if (RealHostName == NULL)
        {
                if (tTd(9, 1))
                        sm_dprintf("getauthinfo: NULL\n");
                return NULL;
        }
        (void) sm_strlcpy(hbuf, RealHostName, sizeof(hbuf));

postident:
#if IP_SRCROUTE
# ifndef GET_IPOPT_DST
#  define GET_IPOPT_DST(dst)    (dst)
# endif /* ! GET_IPOPT_DST */
        /*
        **  Extract IP source routing information.
        **
        **      Format of output for a connection from site a through b
        **      through c to d:
        **              loose:      @site-c@site-b:site-a
        **              strict:    !@site-c@site-b:site-a
        **
        **      o - pointer within ipopt_list structure.
        **      q - pointer within ls/ss rr route data
        **      p - pointer to hbuf
        */

        if (RealHostAddr.sa.sa_family == AF_INET)
        {
                SOCKOPT_LEN_T ipoptlen;
                int j;
                unsigned char *q;
                unsigned char *o;
                int l;
                struct IPOPTION ipopt;

                ipoptlen = sizeof(ipopt);
                if (getsockopt(fd, IPPROTO_IP, IP_OPTIONS,
                               (char *) &ipopt, &ipoptlen) < 0)
                        goto noipsr;
                if (ipoptlen == 0)
                        goto noipsr;
                o = (unsigned char *) ipopt.IP_LIST;
                while (o != NULL && o < (unsigned char *) &ipopt + ipoptlen)
                {
                        switch (*o)
                        {
                          case IPOPT_EOL:
                                o = NULL;
                                break;

                          case IPOPT_NOP:
                                o++;
                                break;

                          case IPOPT_SSRR:
                          case IPOPT_LSRR:
                                /*
                                **  Source routing.
                                **      o[0] is the option type (loose/strict).
                                **      o[1] is the length of this option,
                                **              including option type and
                                **              length.
                                **      o[2] is the pointer into the route
                                **              data.
                                **      o[3] begins the route data.
                                */

                                p = &hbuf[strlen(hbuf)];
                                l = sizeof(hbuf) - (hbuf - p) - 6;
                                (void) sm_snprintf(p, SPACELEFT(hbuf, p),
                                        " [%s@%.*s",
                                        *o == IPOPT_SSRR ? "!" : "",
                                        l > 240 ? 120 : l / 2,
                                        inet_ntoa(GET_IPOPT_DST(ipopt.IP_DST)));
                                i = strlen(p);
                                p += i;
                                l -= strlen(p);

                                j = o[1] / sizeof(struct in_addr) - 1;

                                /* q skips length and router pointer to data */
                                q = &o[3];
                                for ( ; j >= 0; j--)
                                {
                                        struct in_addr addr;

                                        memcpy(&addr, q, sizeof(addr));
                                        (void) sm_snprintf(p,
                                                SPACELEFT(hbuf, p),
                                                "%c%.*s",
                                                j != 0 ? '@' : ':',
                                                l > 240 ? 120 :
                                                        j == 0 ? l : l / 2,
                                                inet_ntoa(addr));
                                        i = strlen(p);
                                        p += i;
                                        l -= i + 1;
                                        q += sizeof(struct in_addr);
                                }
                                o += o[1];
                                break;

                          default:
                                /* Skip over option */
                                o += o[1];
                                break;
                        }
                }
                (void) sm_snprintf(p, SPACELEFT(hbuf, p), "]");
                goto postipsr;
        }

noipsr:
#endif /* IP_SRCROUTE */
        if (RealHostName != NULL && RealHostName[0] != '[')
        {
                p = &hbuf[strlen(hbuf)];
                (void) sm_snprintf(p, SPACELEFT(hbuf, p), " [%.100s]",
                                   anynet_ntoa(&RealHostAddr));
        }
        if (*may_be_forged)
        {
                p = &hbuf[strlen(hbuf)];
                (void) sm_strlcpy(p, " (may be forged)", SPACELEFT(hbuf, p));
                macdefine(&BlankEnvelope.e_macro, A_PERM,
                          macid("{client_resolve}"), "FORGED");
        }

#if IP_SRCROUTE
postipsr:
#endif /* IP_SRCROUTE */

        /* put back the original incoming port */
        switch (RealHostAddr.sa.sa_family)
        {
#if NETINET
          case AF_INET:
                if (port > 0)
                        RealHostAddr.sin.sin_port = port;
                break;
#endif /* NETINET */

#if NETINET6
          case AF_INET6:
                if (port > 0)
                        RealHostAddr.sin6.sin6_port = port;
                break;
#endif /* NETINET6 */
        }

        if (tTd(9, 1))
                sm_dprintf("getauthinfo: %s\n", hbuf);
        return hbuf;
}
/*
**  HOST_MAP_LOOKUP -- turn a hostname into canonical form
**
**      Parameters:
**              map -- a pointer to this map.
**              name -- the (presumably unqualified) hostname.
**              av -- unused -- for compatibility with other mapping
**                      functions.
**              statp -- an exit status (out parameter) -- set to
**                      EX_TEMPFAIL if the name server is unavailable.
**
**      Returns:
**              The mapping, if found.
**              NULL if no mapping found.
**
**      Side Effects:
**              Looks up the host specified in hbuf.  If it is not
**              the canonical name for that host, return the canonical
**              name (unless MF_MATCHONLY is set, which will cause the
**              status only to be returned).
*/

char *
host_map_lookup(map, name, av, statp)
        MAP *map;
        char *name;
        char **av;
        int *statp;
{
        register struct hostent *hp;
#if NETINET
        struct in_addr in_addr;
#endif /* NETINET */
#if NETINET6
        struct in6_addr in6_addr;
#endif /* NETINET6 */
        char *cp, *ans = NULL;
        register STAB *s;
        time_t now;
#if NAMED_BIND
        time_t SM_NONVOLATILE retrans = 0;
        int SM_NONVOLATILE retry = 0;
#endif /* NAMED_BIND */
        char hbuf[MAXNAME + 1];

        /*
        **  See if we have already looked up this name.  If so, just
        **  return it (unless expired).
        */

        now = curtime();
        s = stab(name, ST_NAMECANON, ST_ENTER);
        if (bitset(NCF_VALID, s->s_namecanon.nc_flags) &&
            s->s_namecanon.nc_exp >= now)
        {
                if (tTd(9, 1))
                        sm_dprintf("host_map_lookup(%s) => CACHE %s\n",
                                    name,
                                    s->s_namecanon.nc_cname == NULL
                                        ? "NULL"
                                        : s->s_namecanon.nc_cname);
                errno = s->s_namecanon.nc_errno;
                SM_SET_H_ERRNO(s->s_namecanon.nc_herrno);
                *statp = s->s_namecanon.nc_stat;
                if (*statp == EX_TEMPFAIL)
                {
                        CurEnv->e_status = "4.4.3";
                        message("851 %s: Name server timeout",
                                shortenstring(name, 33));
                }
                if (*statp != EX_OK)
                        return NULL;
                if (s->s_namecanon.nc_cname == NULL)
                {
                        syserr("host_map_lookup(%s): bogus NULL cache entry, errno=%d, h_errno=%d",
                               name,
                               s->s_namecanon.nc_errno,
                               s->s_namecanon.nc_herrno);
                        return NULL;
                }
                if (bitset(MF_MATCHONLY, map->map_mflags))
                        cp = map_rewrite(map, name, strlen(name), NULL);
                else
                        cp = map_rewrite(map,
                                         s->s_namecanon.nc_cname,
                                         strlen(s->s_namecanon.nc_cname),
                                         av);
                return cp;
        }

        /*
        **  If we are running without a regular network connection (usually
        **  dial-on-demand) and we are just queueing, we want to avoid DNS
        **  lookups because those could try to connect to a server.
        */

        if (CurEnv->e_sendmode == SM_DEFER &&
            bitset(MF_DEFER, map->map_mflags))
        {
                if (tTd(9, 1))
                        sm_dprintf("host_map_lookup(%s) => DEFERRED\n", name);
                *statp = EX_TEMPFAIL;
                return NULL;
        }

        /*
        **  If first character is a bracket, then it is an address
        **  lookup.  Address is copied into a temporary buffer to
        **  strip the brackets and to preserve name if address is
        **  unknown.
        */

        if (tTd(9, 1))
                sm_dprintf("host_map_lookup(%s) => ", name);
#if NAMED_BIND
        if (map->map_timeout > 0)
        {
                retrans = _res.retrans;
                _res.retrans = map->map_timeout;
        }
        if (map->map_retry > 0)
        {
                retry = _res.retry;
                _res.retry = map->map_retry;
        }
#endif /* NAMED_BIND */

        /* set default TTL */
        s->s_namecanon.nc_exp = now + SM_DEFAULT_TTL;
        if (*name != '[')
        {
                int ttl;

                (void) sm_strlcpy(hbuf, name, sizeof(hbuf));
                if (getcanonname(hbuf, sizeof(hbuf) - 1, !HasWildcardMX, &ttl))
                {
                        ans = hbuf;
                        if (ttl > 0)
                                s->s_namecanon.nc_exp = now + SM_MIN(ttl,
                                                                SM_DEFAULT_TTL);
                }
        }
        else
        {
                if ((cp = strchr(name, ']')) == NULL)
                {
                        if (tTd(9, 1))
                                sm_dprintf("FAILED\n");
                        return NULL;
                }
                *cp = '\0';

                hp = NULL;
#if NETINET
                if ((in_addr.s_addr = inet_addr(&name[1])) != INADDR_NONE)
                        hp = sm_gethostbyaddr((char *)&in_addr,
                                              INADDRSZ, AF_INET);
#endif /* NETINET */
#if NETINET6
                if (hp == NULL &&
                    anynet_pton(AF_INET6, &name[1], &in6_addr) == 1)
                        hp = sm_gethostbyaddr((char *)&in6_addr,
                                              IN6ADDRSZ, AF_INET6);
#endif /* NETINET6 */
                *cp = ']';

                if (hp != NULL)
                {
                        /* found a match -- copy out */
                        ans = denlstring((char *) hp->h_name, true, true);
#if NETINET6
                        if (ans == hp->h_name)
                        {
                                static char n[MAXNAME + 1];

                                /* hp->h_name is about to disappear */
                                (void) sm_strlcpy(n, ans, sizeof(n));
                                ans = n;
                        }
                        freehostent(hp);
                        hp = NULL;
#endif /* NETINET6 */
                }
        }
#if NAMED_BIND
        if (map->map_timeout > 0)
                _res.retrans = retrans;
        if (map->map_retry > 0)
                _res.retry = retry;
#endif /* NAMED_BIND */

        s->s_namecanon.nc_flags |= NCF_VALID;   /* will be soon */

        /* Found an answer */
        if (ans != NULL)
        {
                s->s_namecanon.nc_stat = *statp = EX_OK;
                if (s->s_namecanon.nc_cname != NULL)
                        sm_free(s->s_namecanon.nc_cname);
                s->s_namecanon.nc_cname = sm_strdup_x(ans);
                if (bitset(MF_MATCHONLY, map->map_mflags))
                        cp = map_rewrite(map, name, strlen(name), NULL);
                else
                        cp = map_rewrite(map, ans, strlen(ans), av);
                if (tTd(9, 1))
                        sm_dprintf("FOUND %s\n", ans);
                return cp;
        }


        /* No match found */
        s->s_namecanon.nc_errno = errno;
#if NAMED_BIND
        s->s_namecanon.nc_herrno = h_errno;
        if (tTd(9, 1))
                sm_dprintf("FAIL (%d)\n", h_errno);
        switch (h_errno)
        {
          case TRY_AGAIN:
                if (UseNameServer)
                {
                        CurEnv->e_status = "4.4.3";
                        message("851 %s: Name server timeout",
                                shortenstring(name, 33));
                }
                *statp = EX_TEMPFAIL;
                break;

          case HOST_NOT_FOUND:
          case NO_DATA:
                *statp = EX_NOHOST;
                break;

          case NO_RECOVERY:
                *statp = EX_SOFTWARE;
                break;

          default:
                *statp = EX_UNAVAILABLE;
                break;
        }
#else /* NAMED_BIND */
        if (tTd(9, 1))
                sm_dprintf("FAIL\n");
        *statp = EX_NOHOST;
#endif /* NAMED_BIND */
        s->s_namecanon.nc_stat = *statp;
        return NULL;
}
/*
**  HOST_MAP_INIT -- initialize host class structures
**
**      Parameters:
**              map -- a pointer to this map.
**              args -- argument string.
**
**      Returns:
**              true.
*/

bool
host_map_init(map, args)
        MAP *map;
        char *args;
{
        register char *p = args;

        for (;;)
        {
                while (isascii(*p) && isspace(*p))
                        p++;
                if (*p != '-')
                        break;
                switch (*++p)
                {
                  case 'a':
                        map->map_app = ++p;
                        break;

                  case 'T':
                        map->map_tapp = ++p;
                        break;

                  case 'm':
                        map->map_mflags |= MF_MATCHONLY;
                        break;

                  case 't':
                        map->map_mflags |= MF_NODEFER;
                        break;

                  case 'S':     /* only for consistency */
                        map->map_spacesub = *++p;
                        break;

                  case 'D':
                        map->map_mflags |= MF_DEFER;
                        break;

                  case 'd':
                        {
                                char *h;

                                while (isascii(*++p) && isspace(*p))
                                        continue;
                                h = strchr(p, ' ');
                                if (h != NULL)
                                        *h = '\0';
                                map->map_timeout = convtime(p, 's');
                                if (h != NULL)
                                        *h = ' ';
                        }
                        break;

                  case 'r':
                        while (isascii(*++p) && isspace(*p))
                                continue;
                        map->map_retry = atoi(p);
                        break;
                }
                while (*p != '\0' && !(isascii(*p) && isspace(*p)))
                        p++;
                if (*p != '\0')
                        *p++ = '\0';
        }
        if (map->map_app != NULL)
                map->map_app = newstr(map->map_app);
        if (map->map_tapp != NULL)
                map->map_tapp = newstr(map->map_tapp);
        return true;
}

#if NETINET6
/*
**  ANYNET_NTOP -- convert an IPv6 network address to printable form.
**
**      Parameters:
**              s6a -- a pointer to an in6_addr structure.
**              dst -- buffer to store result in
**              dst_len -- size of dst buffer
**
**      Returns:
**              A printable version of that structure.
*/

char *
anynet_ntop(s6a, dst, dst_len)
        struct in6_addr *s6a;
        char *dst;
        size_t dst_len;
{
        register char *ap;

        if (IN6_IS_ADDR_V4MAPPED(s6a))
                ap = (char *) inet_ntop(AF_INET,
                                        &s6a->s6_addr[IN6ADDRSZ - INADDRSZ],
                                        dst, dst_len);
        else
        {
                char *d;
                size_t sz;

                /* Save pointer to beginning of string */
                d = dst;

                /* Add IPv6: protocol tag */
                sz = sm_strlcpy(dst, "IPv6:", dst_len);
                if (sz >= dst_len)
                        return NULL;
                dst += sz;
                dst_len -= sz;
                ap = (char *) inet_ntop(AF_INET6, s6a, dst, dst_len);

                /* Restore pointer to beginning of string */
                if (ap != NULL)
                        ap = d;
        }
        return ap;
}

/*
**  ANYNET_PTON -- convert printed form to network address.
**
**      Wrapper for inet_pton() which handles IPv6: labels.
**
**      Parameters:
**              family -- address family
**              src -- string
**              dst -- destination address structure
**
**      Returns:
**              1 if the address was valid
**              0 if the address wasn't parseable
**              -1 if error
*/

int
anynet_pton(family, src, dst)
        int family;
        const char *src;
        void *dst;
{
        if (family == AF_INET6 && sm_strncasecmp(src, "IPv6:", 5) == 0)
                src += 5;
        return inet_pton(family, src, dst);
}
#endif /* NETINET6 */
/*
**  ANYNET_NTOA -- convert a network address to printable form.
**
**      Parameters:
**              sap -- a pointer to a sockaddr structure.
**
**      Returns:
**              A printable version of that sockaddr.
*/

#ifdef USE_SOCK_STREAM

# if NETLINK
#  include <net/if_dl.h>
# endif /* NETLINK */

char *
anynet_ntoa(sap)
        register SOCKADDR *sap;
{
        register char *bp;
        register char *ap;
        int l;
        static char buf[100];

        /* check for null/zero family */
        if (sap == NULL)
                return "NULLADDR";
        if (sap->sa.sa_family == 0)
                return "0";

        switch (sap->sa.sa_family)
        {
# if NETUNIX
          case AF_UNIX:
                if (sap->sunix.sun_path[0] != '\0')
                        (void) sm_snprintf(buf, sizeof(buf), "[UNIX: %.64s]",
                                           sap->sunix.sun_path);
                else
                        (void) sm_strlcpy(buf, "[UNIX: localhost]", sizeof(buf));
                return buf;
# endif /* NETUNIX */

# if NETINET
          case AF_INET:
                return (char *) inet_ntoa(sap->sin.sin_addr);
# endif /* NETINET */

# if NETINET6
          case AF_INET6:
                ap = anynet_ntop(&sap->sin6.sin6_addr, buf, sizeof(buf));
                if (ap != NULL)
                        return ap;
                break;
# endif /* NETINET6 */

# if NETLINK
          case AF_LINK:
                (void) sm_snprintf(buf, sizeof(buf), "[LINK: %s]",
                                   link_ntoa((struct sockaddr_dl *) &sap->sa));
                return buf;
# endif /* NETLINK */
          default:
                /* this case is needed when nothing is #defined */
                /* in order to keep the switch syntactically correct */
                break;
        }

        /* unknown family -- just dump bytes */
        (void) sm_snprintf(buf, sizeof(buf), "Family %d: ", sap->sa.sa_family);
        bp = &buf[strlen(buf)];
        ap = sap->sa.sa_data;
        for (l = sizeof(sap->sa.sa_data); --l >= 0 && SPACELEFT(buf, bp) > 3; )
        {
                (void) sm_snprintf(bp, SPACELEFT(buf, bp), "%02x:",
                                   *ap++ & 0377);

                bp += 3;
        }
        *--bp = '\0';
        return buf;
}
/*
**  HOSTNAMEBYANYADDR -- return name of host based on address
**
**      Parameters:
**              sap -- SOCKADDR pointer
**
**      Returns:
**              text representation of host name.
**
**      Side Effects:
**              none.
*/

char *
hostnamebyanyaddr(sap)
        register SOCKADDR *sap;
{
        register struct hostent *hp;
# if NAMED_BIND
        int saveretry;
# endif /* NAMED_BIND */
# if NETINET6
        struct in6_addr in6_addr;
# endif /* NETINET6 */

# if NAMED_BIND
        /* shorten name server timeout to avoid higher level timeouts */
        saveretry = _res.retry;
        if (_res.retry * _res.retrans > 20)
                _res.retry = 20 / _res.retrans;
# endif /* NAMED_BIND */

        switch (sap->sa.sa_family)
        {
# if NETINET
          case AF_INET:
                hp = sm_gethostbyaddr((char *) &sap->sin.sin_addr,
                                      INADDRSZ, AF_INET);
                break;
# endif /* NETINET */

# if NETINET6
          case AF_INET6:
                hp = sm_gethostbyaddr((char *) &sap->sin6.sin6_addr,
                                      IN6ADDRSZ, AF_INET6);
                break;
# endif /* NETINET6 */

# if NETISO
          case AF_ISO:
                hp = sm_gethostbyaddr((char *) &sap->siso.siso_addr,
                                      sizeof(sap->siso.siso_addr), AF_ISO);
                break;
# endif /* NETISO */

# if NETUNIX
          case AF_UNIX:
                hp = NULL;
                break;
# endif /* NETUNIX */

          default:
                hp = sm_gethostbyaddr(sap->sa.sa_data, sizeof(sap->sa.sa_data),
                                      sap->sa.sa_family);
                break;
        }

# if NAMED_BIND
        _res.retry = saveretry;
# endif /* NAMED_BIND */

# if NETINET || NETINET6
        if (hp != NULL && hp->h_name[0] != '['
#  if NETINET6
            && inet_pton(AF_INET6, hp->h_name, &in6_addr) != 1
#  endif /* NETINET6 */
#  if NETINET
            && inet_addr(hp->h_name) == INADDR_NONE
#  endif /* NETINET */
            )
        {
                char *name;

                name = denlstring((char *) hp->h_name, true, true);
#  if NETINET6
                if (name == hp->h_name)
                {
                        static char n[MAXNAME + 1];

                        /* Copy the string, hp->h_name is about to disappear */
                        (void) sm_strlcpy(n, name, sizeof(n));
                        name = n;
                }
                freehostent(hp);
#  endif /* NETINET6 */
                return name;
        }
# endif /* NETINET || NETINET6 */

# if NETINET6
        if (hp != NULL)
        {
                freehostent(hp);
                hp = NULL;
        }
# endif /* NETINET6 */

# if NETUNIX
        if (sap->sa.sa_family == AF_UNIX && sap->sunix.sun_path[0] == '\0')
                return "localhost";
# endif /* NETUNIX */
        {
                static char buf[203];

                (void) sm_snprintf(buf, sizeof(buf), "[%.200s]",
                                   anynet_ntoa(sap));
                return buf;
        }
}
#endif /* USE_SOCK_STREAM */