usr.sbin/spamdb/spamdb.c

root/usr.sbin/spamdb/spamdb.c
/*      $OpenBSD: spamdb.c,v 1.36 2018/07/26 19:33:20 mestre Exp $      */

/*
 * Copyright (c) 2004 Bob Beck.  All rights reserved.
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <db.h>
#include <err.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <netdb.h>
#include <ctype.h>
#include <errno.h>
#include <unistd.h>

#include "grey.h"

/* things we may add/delete from the db */
#define WHITE 0
#define TRAPHIT 1
#define SPAMTRAP 2
#define GREY 3

int     dblist(DB *);
int     dbupdate(DB *, char *, int, int);

int
dbupdate(DB *db, char *ip, int add, int type)
{
        DBT             dbk, dbd;
        struct gdata    gd;
        time_t          now;
        int             r;
        struct addrinfo hints, *res;

        now = time(NULL);
        memset(&hints, 0, sizeof(hints));
        hints.ai_family = PF_UNSPEC;
        hints.ai_socktype = SOCK_DGRAM; /*dummy*/
        hints.ai_flags = AI_NUMERICHOST;
        if (add && (type == TRAPHIT || type == WHITE)) {
                if (getaddrinfo(ip, NULL, &hints, &res) != 0) {
                        warnx("invalid ip address %s", ip);
                        goto bad;
                }
                freeaddrinfo(res);
        }
        memset(&dbk, 0, sizeof(dbk));
        dbk.size = strlen(ip);
        dbk.data = ip;
        memset(&dbd, 0, sizeof(dbd));
        if (!add) {
                /* remove entry */
                if (type == GREY) {
                        for (r = db->seq(db, &dbk, &dbd, R_FIRST); !r;
                            r = db->seq(db, &dbk, &dbd, R_NEXT)) {
                                char *cp = memchr(dbk.data, '\n', dbk.size);
                                if (cp != NULL) {
                                        size_t len = cp - (char *)dbk.data;
                                        if (memcmp(ip, dbk.data, len) == 0 &&
                                            ip[len] == '\0')
                                                break;
                                }
                        }
                } else {
                        r = db->get(db, &dbk, &dbd, 0);
                        if (r == -1) {
                                warn("db->get failed");
                                goto bad;
                        }
                }
                if (r) {
                        warnx("no entry for %s", ip);
                        goto bad;
                } else if (db->del(db, &dbk, 0)) {
                        warn("db->del failed");
                        goto bad;
                }
        } else {
                /* add or update entry */
                r = db->get(db, &dbk, &dbd, 0);
                if (r == -1) {
                        warn("db->get failed");
                        goto bad;
                }
                if (r) {
                        int i;

                        /* new entry */
                        memset(&gd, 0, sizeof(gd));
                        gd.first = now;
                        gd.bcount = 1;
                        switch (type) {
                        case WHITE:
                                gd.pass = now;
                                gd.expire = now + WHITEEXP;
                                break;
                        case TRAPHIT:
                                gd.expire = now + TRAPEXP;
                                gd.pcount = -1;
                                break;
                        case SPAMTRAP:
                                gd.expire = 0;
                                gd.pcount = -2;
                                /* ensure address is of the form user@host */
                                if (strchr(ip, '@') == NULL)
                                        errx(-1, "not an email address: %s", ip);
                                /* ensure address is lower case*/
                                for (i = 0; ip[i] != '\0'; i++)
                                        if (isupper((unsigned char)ip[i]))
                                                ip[i] = tolower((unsigned char)ip[i]);
                                break;
                        default:
                                errx(-1, "unknown type %d", type);
                        }
                        memset(&dbk, 0, sizeof(dbk));
                        dbk.size = strlen(ip);
                        dbk.data = ip;
                        memset(&dbd, 0, sizeof(dbd));
                        dbd.size = sizeof(gd);
                        dbd.data = &gd;
                        r = db->put(db, &dbk, &dbd, 0);
                        if (r) {
                                warn("db->put failed");
                                goto bad;
                        }
                } else {
                        if (gdcopyin(&dbd, &gd) == -1) {
                                /* whatever this is, it doesn't belong */
                                db->del(db, &dbk, 0);
                                goto bad;
                        }
                        gd.pcount++;
                        switch (type) {
                        case WHITE:
                                gd.pass = now;
                                gd.expire = now + WHITEEXP;
                                break;
                        case TRAPHIT:
                                gd.expire = now + TRAPEXP;
                                gd.pcount = -1;
                                break;
                        case SPAMTRAP:
                                gd.expire = 0; /* XXX */
                                gd.pcount = -2;
                                break;
                        default:
                                errx(-1, "unknown type %d", type);
                        }

                        memset(&dbk, 0, sizeof(dbk));
                        dbk.size = strlen(ip);
                        dbk.data = ip;
                        memset(&dbd, 0, sizeof(dbd));
                        dbd.size = sizeof(gd);
                        dbd.data = &gd;
                        r = db->put(db, &dbk, &dbd, 0);
                        if (r) {
                                warn("db->put failed");
                                goto bad;
                        }
                }
        }
        return (0);
 bad:
        return (1);
}

int
print_entry(DBT *dbk, DBT *dbd)
{
        struct gdata gd;
        char *a, *cp;

        if ((dbk->size < 1) || gdcopyin(dbd, &gd) == -1) {
                warnx("bogus size db entry - bad db file?");
                return (1);
        }
        a = malloc(dbk->size + 1);
        if (a == NULL)
                err(1, "malloc");
        memcpy(a, dbk->data, dbk->size);
        a[dbk->size]='\0';
        cp = strchr(a, '\n');
        if (cp == NULL) {
                /* this is a non-greylist entry */
                switch (gd.pcount) {
                case -1: /* spamtrap hit, with expiry time */
                        printf("TRAPPED|%s|%lld\n", a,
                            (long long)gd.expire);
                        break;
                case -2: /* spamtrap address */
                        printf("SPAMTRAP|%s\n", a);
                        break;
                default: /* whitelist */
                        printf("WHITE|%s|||%lld|%lld|%lld|%d|%d\n", a,
                            (long long)gd.first, (long long)gd.pass,
                            (long long)gd.expire, gd.bcount,
                            gd.pcount);
                        break;
                }
        } else {
                char *helo, *from, *to;

                /* greylist entry */
                *cp = '\0';
                helo = cp + 1;
                from = strchr(helo, '\n');
                if (from == NULL) {
                        warnx("No from part in grey key %s", a);
                        free(a);
                        return (1);
                }
                *from = '\0';
                from++;
                to = strchr(from, '\n');
                if (to == NULL) {
                        /* probably old format - print it the
                         * with an empty HELO field instead 
                         * of erroring out.
                         */                       
                        printf("GREY|%s|%s|%s|%s|%lld|%lld|%lld|%d|%d\n",
                            a, "", helo, from, (long long)gd.first,
                            (long long)gd.pass, (long long)gd.expire,
                            gd.bcount, gd.pcount);
                
                } else {
                        *to = '\0';
                        to++;
                        printf("GREY|%s|%s|%s|%s|%lld|%lld|%lld|%d|%d\n",
                            a, helo, from, to, (long long)gd.first,
                            (long long)gd.pass, (long long)gd.expire,
                            gd.bcount, gd.pcount);
                }
        }
        free(a);

        return (0);
}

int
dblist(DB *db)
{
        DBT             dbk, dbd;
        int             r;

        /* walk db, list in text format */
        memset(&dbk, 0, sizeof(dbk));
        memset(&dbd, 0, sizeof(dbd));
        for (r = db->seq(db, &dbk, &dbd, R_FIRST); !r;
            r = db->seq(db, &dbk, &dbd, R_NEXT)) {
                if (print_entry(&dbk, &dbd) != 0) {
                        r = -1;
                        break;
                }
        }
        db->close(db);
        db = NULL;
        return (r == -1);
}

int
dbshow(DB *db, char **addrs)
{
        DBT dbk, dbd;
        int errors = 0;
        char *a;

        /* look up each addr */
        while ((a = *addrs) != NULL) {
                memset(&dbk, 0, sizeof(dbk));
                dbk.size = strlen(a);
                dbk.data = a;
                memset(&dbd, 0, sizeof(dbd));
                switch (db->get(db, &dbk, &dbd, 0)) {
                case -1:
                        warn("db->get failed");
                        errors++;
                        goto done;
                case 0:
                        if (print_entry(&dbk, &dbd) != 0) {
                                errors++;
                                goto done;
                        }
                        break;
                case 1:
                default:
                        /* not found */
                        errors++;
                        break;
                }
                addrs++;
        }
 done:
        db->close(db);
        db = NULL;
        return (errors);
}

extern char *__progname;

static int
usage(void)
{
        fprintf(stderr, "usage: %s [-adGTt] [keys ...]\n", __progname);
        exit(1);
        /* NOTREACHED */
}

int
main(int argc, char **argv)
{
        int i, ch, action = 0, type = WHITE, r = 0, c = 0;
        HASHINFO        hashinfo;
        DB              *db;

        while ((ch = getopt(argc, argv, "adGtT")) != -1) {
                switch (ch) {
                case 'a':
                        action = 1;
                        break;
                case 'd':
                        action = 2;
                        break;
                case 'G':
                        type = GREY;
                        break;
                case 't':
                        type = TRAPHIT;
                        break;
                case 'T':
                        type = SPAMTRAP;
                        break;
                default:
                        usage();
                        break;
                }
        }
        argc -= optind;
        argv += optind;
        if (action == 0 && type != WHITE)
                usage();

        memset(&hashinfo, 0, sizeof(hashinfo));
        db = dbopen(PATH_SPAMD_DB, O_EXLOCK | (action ? O_RDWR : O_RDONLY),
            0600, DB_HASH, &hashinfo);
        if (db == NULL) {
                err(1, "cannot open %s for %s", PATH_SPAMD_DB,
                    action ? "writing" : "reading");
        }

        if (pledge("stdio", NULL) == -1)
                err(1, "pledge");

        switch (action) {
        case 0:
                if (argc)
                        return dbshow(db, argv);
                else
                        return dblist(db);
        case 1:
                if (type == GREY)
                        errx(2, "cannot add GREY entries");
                for (i=0; i<argc; i++)
                        if (argv[i][0] != '\0') {
                                c++;
                                r += dbupdate(db, argv[i], 1, type);
                        }
                if (c == 0)
                        errx(2, "no addresses specified");
                break;
        case 2:
                for (i=0; i<argc; i++)
                        if (argv[i][0] != '\0') {
                                c++;
                                r += dbupdate(db, argv[i], 0, type);
                        }
                if (c == 0)
                        errx(2, "no addresses specified");
                break;
        default:
                errx(-1, "bad action");
        }
        db->close(db);
        return (r);
}