notdcc: include/dcc_ck.h comparison

comparison include/dcc_ck.h @ 0:c7f6b056b673

First import of vendor version

author	Peter Gervai <grin@grin.hu>
date	Tue, 10 Mar 2009 13:49:58 +0100
parents
children

comparison

equal deleted inserted replaced

--1:000000000000
+:c7f6b056b673
+/* Distributed Checksum Clearinghouse
+*
+* checksum routines
+*
+* Copyright (c) 2008 by Rhyolite Software, LLC
+*
+* This agreement is not applicable to any entity which sells anti-spam
+* solutions to others or provides an anti-spam solution as part of a
+* security solution sold to other entities, or to a private network
+* which employs the DCC or uses data provided by operation of the DCC
+* but does not provide corresponding data to other users.
+*
+* Permission to use, copy, modify, and distribute this software without
+* changes for any purpose with or without fee is hereby granted, provided
+* that the above copyright notice and this permission notice appear in all
+* copies and any distributed versions or copies are either unchanged
+* or not called anything similar to "DCC" or "Distributed Checksum
+* Clearinghouse".
+*
+* Parties not eligible to receive a license under this agreement can
+* obtain a commercial license to use DCC by contacting Rhyolite Software
+* at sales@rhyolite.com.
+*
+* A commercial license would be for Distributed Checksum and Reputation
+* Clearinghouse software.  That software includes additional features.  This
+* free license for Distributed ChecksumClearinghouse Software does not in any
+* way grant permision to use Distributed Checksum and Reputation Clearinghouse
+* software
+*
+* THE SOFTWARE IS PROVIDED "AS IS" AND RHYOLITE SOFTWARE, LLC DISCLAIMS ALL
+* WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL RHYOLITE SOFTWARE, LLC
+* BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES
+* OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+* WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
+* ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+* SOFTWARE.
+*
+* Rhyolite Software DCC 1.3.103-1.182 $Revision$
+*/
+#ifndef DCC_CK_H
+#define DCC_CK_H
+#include "dcc_clnt.h"
+#include "dcc_md5.h"
+typedef DCC_TGTS DCC_CKSUM_THOLDS[DCC_DIM_CKS];
+#define DCC_THOLD_NEVER	    (DCC_TGTS_TOO_MANY+1)
+#define DCC_THOLD_UNSET	    (DCC_TGTS_INVALID)
+extern DCC_CKSUM_THOLDS dcc_tholds_rej;
+/* MIME boundary
+* RFC 1341 says boundaries can be 70 bytes, but handle non-conformant spam */
+#define DCC_CK_BND_MAX	    94
+#define DCC_CK_BND_DIM	(DCC_CK_BND_MAX+2)  /* including leading -- */
+#define DCC_CK_BND_MISS	(DCC_CK_BND_DIM+1)
+typedef struct {
+u_char	bnd_len;		/* length including leading "--" */
+u_char	cmp_len;		/* compared so far */
+char	bnd[DCC_CK_BND_DIM];	/* "--"boundary */
+} DCC_CK_BND;
+typedef u_char DCC_CK_FC[256];
+extern const DCC_CK_FC dcc_cset_1, dcc_cset_2;
+/* state machine for ignoring parts of URLs */
+typedef struct {
+enum {
+	DCC_URL_ST_IDLE,		/* waiting for H or = */
+	DCC_URL_ST_QUOTE,		/*    "     " '"' or 'H' after = */
+	DCC_URL_ST_QH,			/*    "     "  H after quote */
+	DCC_URL_ST_T1,			/*    "     "  T */
+	DCC_URL_ST_T2,			/*    "     "  T */
+	DCC_URL_ST_P,			/*    "     "  P */
+	DCC_URL_ST_S,			/*    "     "  [S] */
+	DCC_URL_ST_COLON,		/*    "     "  : */
+	DCC_URL_ST_SLASH1,		/*    "     "  / */
+	DCC_URL_ST_SLASH2,		/*    "     "  / */
+	DCC_URL_ST_SLASH3_START,
+	DCC_URL_ST_SLASH3,		/*    "     "  third / */
+	DCC_URL_ST_SKIP			/* skipping rest of URL */
+} st;
+char	*start;			/* start of hostname in URL */
+char	*dot;			/* last '.' in hostname */
+int		total;			/* length of URL */
+u_char	flags;
+#    define	 DCC_URL_QUOTED	    0x01
+#    define	 DCC_URL_DEL_DOMAIN 0x02    /* waiting for domain to delete */
+#    define	 DCC_URL_PERCENT1   0x04    /* waiting for 1st digit after % */
+#    define	 DCC_URL_PERCENT2   0x08    /* waiting for 2nd digit after % */
+#    define	 DCC_URL_SQUOTED    0x10    /* single quoted (') URL */
+#    define	 DCC_URL_DQUOTED    0x20    /* double quoted (") URL */
+#    define	 DCC_URL_QUOTES (DCC_URL_DQUOTED | DCC_URL_SQUOTED)
+#    define	 DCC_URL_SIMPLE (DCC_URL_DEL_DOMAIN	\
+				 | DCC_URL_PERCENT1	\
+				 | DCC_URL_PERCENT2)
+u_char	percent;
+} DCC_URL_SKIP;
+#define DCC_URL_MAX	    65		/* 63 is RFC 1034 limit on labels */
+#define DCC_URL_FAILSAFE    2000	/* big bogus "username:password@" */
+/* a template for generating a reply to an SMTP command */
+typedef enum {
+REPLY_TPLT_NULL,
+REPLY_TPLT_ID,	/* queue ID for sendmail, fake for dccifd */
+REPLY_TPLT_CIP,	/* SMTP client IP address */
+REPLY_TPLT_BTYPE,	/* type of DNSBL hit */
+REPLY_TPLT_BTGT,	/* DNSBL hit IP address or name */
+REPLY_TPLT_BPROBE,	/* DNSBL probe domain name */
+REPLY_TPLT_BRESULT	/* DNSBL probe result */
+} REPLY_TPLT_ARGS;
+typedef struct {
+const char *log_result;		/* "reject" etc. for log */
+#    define NUM_REPLY_TPLT_ARGS 6
+REPLY_TPLT_ARGS args[NUM_REPLY_TPLT_ARGS];
+char    rcode[sizeof("5yz")];
+char    xcode[sizeof("1.2.3")];
+u_char  is_pat;			/* template has %s references */
+#    define  REPLY_BUF_LEN 256
+char    pat[REPLY_BUF_LEN];		/* pattern for SMTP message */
+}  REPLY_TPLT;
+/* specify a DNS blacklist */
+typedef struct {
+char    c[DCC_MAXDOMAINLEN];	/* null terminated */
+} DNSBL_DOM;
+typedef u_char DNSBL_FGS;
+#define	DNSBL_FG_DUP	    0x01	/* duplicate blacklist */
+#define DNSBL_FG_TIMEO	    0x02	/* suffered a timeout */
+#define	DNSBL_FG_TFAIL	    0x04	/* want SMTP failure on timeout */
+#define	DNSBL_FG_CLIENT	    0x08	/* check client IP address */
+#define	DNSBL_FG_MAIL_HOST  0x10	/* check env_from domain */
+#define	DNSBL_FG_URL	    0x20	/* check URLs in message body */
+#define	DNSBL_FG_MX	    0x40	/* MX for _URL & _MAIL_HOST */
+#define	DNSBL_FG_NS	    0x80	/* NS for _URL & _MAIL_HOST */
+# define DNSBL_FG_HITS	   (DNSBL_FG_CLIENT | DNSBL_FG_MAIL_HOST | DNSBL_FG_URL)
+# define DNSBL_FG_TYPES	   (DNSBL_FG_HITS | DNSBL_FG_MX | DNSBL_FG_NS)
+# define DNSBL_FG_DEFAULT   DNSBL_FG_TYPES
+typedef enum DNSBL_TYPE {
+DNSBL_TYPE_IPV4,
+DNSBL_TYPE_IPV6,
+DNSBL_TYPE_NAME
+} DNSBL_TYPE;
+#define	MAX_DNSBL_GROUPS    3
+typedef u_char	DNSBL_GBITS;
+#define DNSBL_G2B(n) ((1<<(n)) & ((2<<MAX_DNSBL_GROUPS)-1))
+typedef struct dnsbl {
+struct dnsbl *fwd;
+struct dnsbl *dup;			/* same except result */
+u_char	group;			/* 1-indexed */
+struct in6_addr tgt;		/* hit if DNSBL matches this block */
+struct in6_addr tgt_mask;
+u_char	tgt_use_ipv6;		/* ipv4 vs. ipv6 result weighting */
+DNSBL_TYPE	bl_type;
+int		bl_num;
+int		bl_dom_len;
+DNSBL_DOM	bl_dom;
+const REPLY_TPLT *reply;
+DNSBL_FGS	fgs;
+} DNSBL;
+/* working storage for one set of DNSBLs */
+typedef struct {
+DNSBL_FGS	fgs;			/* kind of DNSBL hit */
+const char	*btype;			/* type of hit string */
+const DNSBL	*dnsbl;			/* hit DNSBL */
+char	btype_buf[64];
+char	result[DCC_SU2STR_SIZE];    /* IP address found in DNSBL */
+DNSBL_DOM	tgt;			/* IP address or name sought in DNSBL */
+DNSBL_DOM	probe;			/* what was actually looked up */
+} DNSBL_GROUP;
+/* working storage for all DNSBLs */
+typedef struct {
+DNSBL_DOM	dom;			/* domain name */
+struct in6_addr addr;		/* and/or IP address sought in DNSBL */
+} DNSBL_TGT;
+typedef struct {
+DNSBL_GBITS all;
+DNSBL_GBITS	client;
+DNSBL_GBITS	mail_host;
+DNSBL_GBITS	mail_host_ns;
+DNSBL_GBITS	mail_host_mx;
+DNSBL_GBITS	url;
+DNSBL_GBITS	url_ns;
+DNSBL_GBITS	url_mx;
+} DNSBL_UNHIT;
+typedef struct {
+DCC_CLNT_CTXT *dcc_ctxt;
+void	*log_ctxt;
+const char	*id;
+time_t	msg_us;			/* microseconds remaining for msg */
+struct timeval url_start;
+time_t	url_us;			/* microseconds to look up URL */
+time_t	url_us_used;
+DNSBL_UNHIT	unhit;			/* groups of DNSBLs not yet hit */
+u_short	tgt_dom_len;
+DNSBL_TGT	tgt;
+struct {
+	DNSBL_DOM   dom;
+} tgt_cache[8];
+int		tgt_cache_pos;
+DNSBL_GROUP	groups[MAX_DNSBL_GROUPS];
+} DNSBL_WORK;
+extern DNSBL *dnsbls;
+extern u_char have_dnsbl_groups;
+extern u_char have_helpers;
+extern DCC_PATH dnsbl_progpath;
+/* accumulated checksums for an SMTP message */
+typedef struct {
+const char *hdr_nm;			/* name if substitute checksum */
+DCC_TGTS	tgts;			/* server's answer or previous total */
+DCC_CK_TYPE_B type;
+u_char	rpt2srvr;		/* 1=report to server */
+DCC_SUM	sum;
+} DCC_GOT_SUM;
+#define CLR_GOT_SUM(g) ((g)->hdr_nm = 0, (g)->tgts = DCC_TGTS_INVALID,	\
+			(g)->type = DCC_CK_INVALID, (g)->rpt2srvr = 0)
+typedef union {
+u_int32_t	w32[4];
+u_char	b[16];
+} DCC_FUZ2_WORD;
+#define DCC_FUZ2_WORD_CLEAR(_w) ((_w)->w32[0]=0, (_w)->w32[1]=0,	\
+				 (_w)->w32[2]=0, (_w)->w32[3]=0)
+typedef struct {
+DCC_URL_SKIP url;
+u_int	total;			/* bytes */
+char	*cp;			/* end of data in buffer */
+char	*eol;			/* most recent eol */
+#    define	 DCC_FUZ1_MAX_LINE  78
+#    define	 DCC_HTTPS_STR	    "https"
+#    define	 DCC_HTTPS_LEN	    LITZ(DCC_HTTPS_STR)
+char	buf[DCC_FUZ1_MAX_LINE*4
+		    +DCC_HTTPS_LEN];
+MD5_CTX	md5;
+} DCC_CTX_FUZ1;
+typedef struct {			/* per-language counts */
+u_int	wsummed;		/* bytes of words summed */
+u_int	wtotal;			/* words summed */
+MD5_CTX	md5;
+} FUZ2_LANG;
+typedef struct {
+u_int	btotal;			/* total non-whitespace bytes seen */
+u_int	xsummed;		/* non-word bytes checksummed */
+u_int	wlen;			/* length of current word */
+u_int	cref_cnt;		/* fancy character length */
+u_int	tag_len;		/* HTML tag length */
+DCC_FUZ2_WORD w;
+DCC_FUZ2_WORD cref_w;
+DCC_FUZ2_WORD tag;
+int		urls;			/* # of URLs seen */
+char	*url_cp;		/* accumulated URLs */
+#    define	 DCC_FUZ2_URL_MAX   (1+DCC_URL_MAX)
+char	url_buf[DCC_FUZ2_URL_MAX*2];
+DCC_URL_SKIP url;			/* state machine for skipping URLs */
+enum {
+	DCC_CREF_ST_IDLE = 0,
+	DCC_CREF_ST_START,		/* get HTML character reference */
+	DCC_CREF_ST_NUM,		/*	hex or decimal */
+	DCC_CREF_ST_DEC,
+	DCC_CREF_ST_HEX,
+	DCC_CREF_ST_NAME
+} cref_st;
+enum {
+	DCC_FUZ2_ST_WORD = 0,		/* gathering word */
+	DCC_FUZ2_ST_START_TAG,		/* gathering start of HTML tag */
+	DCC_FUZ2_ST_SKIP_TAG,		/* skipping HTML tag */
+	DCC_FUZ2_ST_SKIP_COMMENT	/* skipping HTML comment */
+} st;
+#    define FUZ2_LAN_NUM 3
+FUZ2_LANG	lang[FUZ2_LAN_NUM];
+} DCC_CTX_FUZ2;
+/* The maximum length of a checksumed HELO value and the continuation string
+* need to be the same for all users of the local white-/blacklist */
+#define DCC_HELO_MAX	(DCC_MAXDOMAINLEN+8)
+#define	DCC_HELO_CONT	"..."
+/* local-part maximum in RFC 2821 */
+#define DCC_LOCAL_PART_MAX  64
+#define DCC_ENV_FROM_MAX    (DCC_LOCAL_PART_MAX+DCC_MAXDOMAINLEN)
+#define DCC_MSG_ID_LEN	    24
+/* do not checksum more than this much of a header line */
+#define DCC_HDR_CK_MAX	1024
+/* substitute or locally configured checksums */
+#define DCC_MAX_SUB_CKS 6
+#define DCC_WSUMS (DCC_DIM_CKS+DCC_MAX_SUB_CKS)	/* max whitelist checksums */
+typedef struct {
+DCC_GOT_SUM	sums[DCC_WSUMS];
+struct in6_addr ip_addr;		/* SMTP client IP address */
+struct {				/*  quoted-printable state machine */
+	int	    x;
+	int	    y;
+	u_char	    n;
+	enum {
+	    DCC_CK_QP_IDLE,		/* waiting for '=' */
+	    DCC_CK_QP_EQ,		/* seen "=" */
+	    DCC_CK_QP_1,		/* seen "=X" of "=XY" */
+	    DCC_CK_QP_FAIL1,		/* have output '=' after bad =X */
+	    DCC_CK_QP_FAIL2,		/* have output '=' after bad =XY */
+	    DCC_CK_QP_FAIL3		/* have output 'X' after bad =XY */
+	} state;
+} qp;
+struct {				/* base64 state machine */
+	u_int32_t   quantum;
+	int	    quantum_cnt;
+} b64;
+enum {
+	CK_MP_ST_PREAMBLE,		/* preamble before first boundary */
+	CK_MP_ST_BND,			/* MIME boundary */
+	CK_MP_ST_HDRS,			/* headers after a boundary */
+	CK_MP_ST_TEXT,			/* body or entity */
+	CK_MP_ST_EPILOGUE		/* text after last boundary */
+} mp_st;
+enum CK_MHDR_ST {			/* parse entity fields */
+	CK_MHDR_ST_IDLE,
+	CK_MHDR_ST_CE_CT,		/* matching "Content-T" */
+	CK_MHDR_ST_CE,			/*	"ransfer-Encoding:" */
+	CK_MHDR_ST_CE_WS,		/* white space after "encoding:" */
+	CK_MHDR_ST_CT,			/*	"ype:" */
+	CK_MHDR_ST_CT_WS,		/* white space after "type:" */
+	CK_MHDR_ST_QP,			/*	"quoted-printable" */
+	CK_MHDR_ST_B64,			/*	"base64" */
+	CK_MHDR_ST_TEXT,		/*	"text" */
+	CK_MHDR_ST_HTML,		/*	"/html" */
+	CK_MHDR_ST_CSET_SKIP_PARAM,	/*	skip to ";" after "text" */
+	CK_MHDR_ST_CSET_SPAN_WS,	/*	skip blanks before "charset" */
+	CK_MHDR_ST_CSET,		/* match "charset=" */
+	CK_MHDR_ST_CSET_ISO_8859,	/*	"ISO-8859-" */
+	CK_MHDR_ST_CSET_ISO_X,		/* find the 8859 type number */
+	CK_MHDR_ST_MULTIPART,		/* match "multipart" */
+	CK_MHDR_ST_BND_SKIP_PARAM,	/* skip "/alternative;" or similar */
+	CK_MHDR_ST_BND_SPAN_WS,		/* skip whitespace before "boundary" */
+	CK_MHDR_ST_BND,			/* match "boundary=" */
+	CK_MHDR_ST_BND_VALUE		/* collecting boundary */
+} mhdr_st;
+u_char	mhdr_pos;
+u_char	mime_nest;		/* # of nested MIME entities */
+u_char	mime_bnd_matches;	/* # of active boundary matches */
+DCC_CK_BND	mime_bnd[3];
+enum {
+	DCC_CK_CT_TEXT = 0,
+	DCC_CK_CT_HTML,
+	DCC_CK_CT_BINARY
+} mime_ct;
+const u_char *mime_cset;
+enum {
+	DCC_CK_CE_ASCII = 0,
+	DCC_CK_CE_QP,
+	DCC_CK_CE_B64
+} mime_ce;
+struct {
+	u_int	    total;		/* non-whitespace text */
+	u_char	    flen;		/* bytes of ">From" seen */
+	MD5_CTX	    md5;
+} ctx_body;
+DCC_CTX_FUZ1 fuz1;
+DCC_CTX_FUZ2 fuz2;
+DNSBL_WORK	*dnsbl;			/* pointer to malloc()'ed state */
+DCC_CKSUM_THOLDS tholds_rej;
+u_char	flags;
+#    define	 DCC_CKS_MIME_BOL	0x01    /* header decoder is at BOL */
+#    define	 DCC_CKS_MIME_QUOTED	0x02    /* quoted boundary */
+} DCC_GOT_CKS;
+typedef DCC_TGTS DCC_CKS_WTGTS[DCC_WSUMS];
+/* sscanf() a checksum */
+#define DCC_CKSUM_HEX_PAT	"%8x %8x %8x %8x"
+/* whiteclnt files */
+#define DCC_WHITE_SUFFIX	".dccw"
+#define DCC_WHITE_NEW_SUFFIX	".dccx"	/* hash table under construction */
+typedef char DCC_WHITE_MAGIC[128];
+#define WHITE_MAGIC_B_STR "DCC client whitelist hash table version "
+#define WHITE_MAGIC_V_STR "23"
+typedef struct {
+DCC_TGTS	tgts;
+int		bits;
+struct in6_addr addr;
+struct in6_addr mask;
+u_short	lno;
+u_char	fno;
+} DCC_WHITE_CIDR_ENTRY;
+typedef struct {
+u_char	len;
+#    define	 WHITE_CIDR_MAX_ENTRIES 64
+DCC_WHITE_CIDR_ENTRY e[WHITE_CIDR_MAX_ENTRIES];
+} DCC_WHITE_CIDR;
+typedef u_int DCC_WHITE_INX;		/* 1-based index into hash table */
+typedef struct {
+DCC_WHITE_INX fwd;
+DCC_TGTS	tgts;
+u_short	lno;
+u_char	fno;
+DCC_CK_TYPE_B type;
+DCC_SUM	sum;
+} DCC_WHITE_ENTRY;
+#ifdef DCC_WIN32
+#define DCC_WHITE_TBL_BINS 521		/* should be prime */
+#else
+#define DCC_WHITE_TBL_BINS 8209		/* should be prime */
+#endif
+typedef u_int DCC_WHITE_FGS;
+typedef struct {
+DCC_WHITE_MAGIC magic;		/* WHITE_MAGIC_* in ckwhite.c */
+struct {
+	DCC_WHITE_INX entries;		/* # of entries in the file */
+	DCC_WHITE_FGS flags;
+#	 define	 DCC_WHITE_FG_PER_USER	    0x00000001
+#	 define	 DCC_WHITE_FG_HOSTNAMES	    0x00000002	/* have some */
+#	 define	 DCC_WHITE_FG_GREY_LOG_ON   0x00000004
+#	 define	 DCC_WHITE_FG_GREY_LOG_OFF  0x00000008
+#	 define	 DCC_WHITE_FG_GREY_ON	    0x00000010
+#	 define	 DCC_WHITE_FG_GREY_OFF	    0x00000020
+#	 define	 DCC_WHITE_FG_LOG_ALL	    0x00000040
+#	 define	 DCC_WHITE_FG_LOG_NORMAL    0x00000080
+#	 define	 DCC_WHITE_FG_DISCARD_OK    0x00000100
+#	 define	 DCC_WHITE_FG_NO_DISCARD    0x00000200
+#	 define	 DCC_WHITE_FG_DCC_ON	    0x00000400
+#	 define	 DCC_WHITE_FG_DCC_OFF	    0x00000800
+#	 define	 DCC_WHITE_FG_REP_ON	    0x00001000
+#	 define	 DCC_WHITE_FG_REP_OFF	    0x00002000
+#	 define	 DCC_WHITE_FG_MTA_FIRST	    0x00004000
+#	 define	 DCC_WHITE_FG_MTA_LAST	    0x00008000
+#	 define	 DCC_WHITE_FG_LOG_D	    0x00010000
+#	 define	 DCC_WHITE_FG_LOG_H	    0x00020000
+#	 define	 DCC_WHITE_FG_LOG_M	    0x00040000
+#	 define	 DCC_WHITE_FG_TRAP_ACC	    0x00080000	/* spam trap */
+#	 define	 DCC_WHITE_FG_TRAP_REJ	    0x00100000	/* spam trap */
+#	  define  DCC_WHITE_FG_TRAPS (DCC_WHITE_FG_TRAP_ACC		\
+				       | DCC_WHITE_FG_TRAP_REJ)
+#	 define	 DCC_WHITE_FG_DNSBL_ON(n)  (0x00200000*DNSBL_G2B(n))
+#	  define  DCC_WHITE_FG_DNSBL_ON_M   0x00e00000
+#	 define	 DCC_WHITE_FG_DNSBL_OFF(n) (0x01000000*DNSBL_G2B(n))
+#	  define  DCC_WHITE_FG_DNSBL_OFF_M  0x07000000
+	time_t	reparse;		/* re-parse after this */
+	time_t	broken;			/* serious broken until then */
+	time_t	ascii_mtime;		/* ASCII file mtime at last parsing */
+	struct {			/* included files */
+	    time_t	mtime;
+	    DCC_PATH	nm;
+	} white_incs[8];
+	DCC_CKSUM_THOLDS tholds_rej;
+	DCC_SUM	ck_sum;			/* checksum of following contents */
+	DCC_WHITE_CIDR cidr;
+} hdr;
+DCC_WHITE_INX bins[DCC_WHITE_TBL_BINS]; /* 1-based indeces or 0 for empty */
+DCC_WHITE_ENTRY tbl[1];
+} DCC_WHITE_TBL;
+/* a ASCII whiteclnt file (including the files it includes) can be
+*	OK
+*	unreadable or otherwise badly broken
+*	missing
+*	    if permanent, the hash table should be removed, but
+*	    it might be temporary as an editor changes it
+* a hash table can be
+*	OK
+*	out of date compared to the ASCII file(s)
+*	badly broken but not removable (e.g. bad directory permissions).
+*
+* Do not stat() the files iand so do not complain on every message by
+*	using wf->next_stat_time
+* Avoid generating a complaint on every error message using wf->broken
+* Reparse ASCII files with errors using wf->reparse or when their mtimes
+*	change, but not more often than we use stat() to check mtimes..
+* Reparse the main ASCII file if it contains host names by noticing the
+*	DCC_WHITE_FG_HOSTNAMES bit and that the mtime of the hash table is
+*	more than DCC_WHITECLNT_RESOLVE seconds old
+*/
+#define DCC_WHITE_REPARSE_DELAY	(30*60)	/* look for new DNS values */
+#define DCC_WHITE_BROKEN_DELAY	(5*60)	/* do not complain more often */
+#define DCC_WHITE_STAT_DELAY	10	/* don't stat() more often */
+/* computed from DCC_WHITE_FGS */
+typedef u_int32_t FLTR_SWS;
+#define	FLTR_SW_SET		0x00000001
+#define FLTR_SW_NO_DISCARD	0x00000002  /* always reject spam */
+#define	FLTR_SW_DCC_OFF		0x00000004  /* no DCC check */
+#define	FLTR_SW_REP_ON		0x00000008  /* honor DCC reputation */
+#define	FLTR_SW_LOG_ALL		0x00000010
+#define	FLTR_SW_GREY_OFF	0x00000020  /* greylisting off */
+#define	FLTR_SW_GREY_LOG_OFF	0x00000040  /* log greylist embargos */
+#define FLTR_SW_LOG_D		0x00000080
+#define FLTR_SW_LOG_H		0x00000100
+#define FLTR_SW_LOG_M		0x00000200
+#define	FLTR_SW_MTA_FIRST	0x00000400  /* MTA IS/NOTSPAM checked first */
+#define	FLTR_SW_TRAP_ACC	0x00000800  /* accepting spam trap */
+#define	FLTR_SW_TRAP_REJ	0x00001000  /* rejecting spam trap */
+# define  FLTR_SW_TRAPS (FLTR_SW_TRAP_ACC | FLTR_SW_TRAP_REJ)
+#define	FLTR_SW_DNSBL(n)       (0x00002000*DNSBL_G2B(n))    /* check DNSBL */
+# define FLTR_SW_DNSBL_M	0x0000e000
+# define FLTR_SW_DNSBL_BITS(sws) (((sws)&FLTR_SW_DNSBL_M)		\
+				  / FLTR_SW_DNSBL(0))
+/* bits set to enable something */
+#define FLTR_SWS_SETTINGS_ON	(FLTR_SW_REP_ON				\
+				 | FLTR_SW_LOG_ALL			\
+				 | FLTR_SW_MTA_FIRST			\
+				 | FLTR_SW_DNSBL_M			\
+				 | FLTR_SW_TRAPS)
+/* bits set to disable something */
+#define FLTR_SWS_SETTINGS_OFF	(FLTR_SW_DCC_OFF			\
+				 | FLTR_SW_NO_DISCARD			\
+				 | FLTR_SW_TRAP_REJ			\
+				 | FLTR_SW_GREY_OFF			\
+				 | FLTR_SW_GREY_LOG_OFF)
+/* get bits of enabled FILTERS */
+#define FLTR_SWS_ON(sws)    (((sws) ^ FLTR_SW_DCC_OFF)			\
+			     & (FLTR_SW_DCC_OFF				\
+				| FLTR_SW_REP_ON			\
+				| FLTR_SW_DNSBL_M			\
+				| FLTR_SW_TRAP_REJ))
+/* everything there is to know about a currently active whitelist file */
+typedef struct {
+DCC_WHITE_TBL *wtbl;
+int		ht_fd;			/* hash table file */
+struct stat ht_sb;
+DCC_WHITE_FGS wtbl_flags;
+u_int	wtbl_entries;		/* # of entries mapped window */
+u_int	wtbl_size;		/* bytes in mapped window */
+time_t	next_stat_time;
+time_t	reparse;		/* when to re-parse file */
+time_t	broken;			/* something very sick until then */
+#ifdef DCC_WIN32
+HANDLE	ht_map;			/* WIN32 hash table map handle */
+#endif
+u_int	ascii_nm_len;
+DCC_PATH	ascii_nm;
+DCC_PATH	ht_nm;
+int		fno, lno;		/* currently being parsed */
+u_char	wf_flags;
+#    define	 DCC_WF_PER_USER    0x01    /* hostnames not allowed */
+#    define	 DCC_WF_NOFILE	    0x02    /* no whiteclnt file */
+#    define	 DCC_WF_EITHER	    0x04    /* either global or per-user ok */
+#    define	 DCC_WF_RO	    0x08    /* read only access */
+#    define	 DCC_WF_WLIST	    0x10    /* wlist command */
+#    define	 DCC_WF_WLIST_RO    0x20    /* read-only wlist command */
+#    define	 DCC_WF_WLIST_RW    0x40    /* read/write wlist command */
+u_char	closed;
+u_char	need_reopen;		/* lock-safe change flag */
+} DCC_WF;
+extern DCC_WF cmn_wf, cmn_tmp_wf;
+typedef enum {				/* greylist result */
+ASK_GREY_FAIL,			/* greylist server or other failure */
+ASK_GREY_OFF,			/* client whitelist or blacklist */
+ASK_GREY_EMBARGO,
+ASK_GREY_EMBARGO_END,		/* first time server says ok */
+ASK_GREY_PASS,			/* greylist server says ok */
+ASK_GREY_WHITE,			/* greylist server says whitelisted */
+ASK_GREY_SPAM			/* reported as spam to server */
+} ASK_GREY_RESULT;
+extern u_char grey_on;
+extern u_char grey_query_only;
+extern u_int dcc_ck_qp_decode(DCC_GOT_CKS *, const char **, u_int *,
+			      char *, u_int);
+extern u_int dcc_ck_b64_decode(DCC_GOT_CKS *, const char **, u_int *,
+			       char *, u_int);
+extern int dcc_ck_url(DCC_URL_SKIP *, char, char **);
+#define DCC_CK_URL_MASK	    0xff
+#define DCC_CK_URL_SHIFT    8
+typedef enum {
+DCC_CK_URL_CHAR,			/* character in URL after host name */
+DCC_CK_URL_CK_LEN,			/* 2nd slash */
+DCC_CK_URL_HOST,			/* character in URL host name */
+DCC_CK_URL_DOT,			/* dot in host name */
+DCC_CK_URL_HOST_END,		/* end of host name */
+DCC_CK_URL_HOST_RESET,		/* wasn't in host name after all */
+DCC_CK_URL_SKIP			/* shipping URL or not in URL */
+} DCC_CK_URL;
+extern void dcc_ck_fuz1_init(DCC_GOT_CKS *);
+extern void dcc_ck_fuz1(DCC_GOT_CKS *, const char *, u_int);
+extern void dcc_ck_fuz1_fin(DCC_GOT_CKS *);
+extern void dcc_ck_fuz2_init(DCC_GOT_CKS *);
+extern void dcc_ck_fuz2(DCC_GOT_CKS *, const char *, u_int);
+extern void dcc_ck_fuz2_fin(DCC_GOT_CKS *);
+extern void dcc_wf_init(DCC_WF *, u_int);
+extern void dcc_wf_lock(DCC_WF *);
+extern void dcc_wf_unlock(DCC_WF *);
+extern void dcc_str2ck(DCC_SUM, const char *, u_int, const char *);
+extern u_char dcc_get_cks(DCC_GOT_CKS *, DCC_CK_TYPES, const char *, u_char);
+extern u_char dcc_ck_get_sub(DCC_GOT_CKS *, const char *, const char *);
+extern u_char dcc_add_sub_hdr(DCC_EMSG, const char *);
+extern void dcc_ck_ipv6(DCC_SUM, const struct in6_addr *);
+extern void dcc_get_ipv6_ck(DCC_GOT_CKS *, const struct in6_addr *);
+extern void dcc_unget_ip_ck(DCC_GOT_CKS *);
+extern u_char dcc_get_str_ip_ck(DCC_GOT_CKS *, const char *);
+extern const char *parse_received(const char *, DCC_GOT_CKS *,
+				  char *, int, char *, int, char *, int);
+extern u_char parse_return_path(const char *,  char *, int);
+extern u_char parse_unix_from(const char *, char *, int);
+extern u_char parse_mail_host(const char *, char *, int);
+extern void dcc_print_cks(LOG_WRITE_FNC, void *, u_char, DCC_TGTS,
+			  const DCC_GOT_CKS *, DCC_CKS_WTGTS, u_char);
+#define PRINT_CK_TYPE_LEN	25
+#define PRINT_CK_SUM_LEN	35
+#define PRINT_CK_PAT_CK		"%25s: %-35s"
+#define PRINT_CK_PAT_LIM_CK	"%25.*s%c %-35.*s"
+#define PRINT_CK_PAT_SRVR	" %7s"
+#define PRINT_CK_PAT_SRVR_LEN   8
+#define PRINT_CK_PAT_WLIST	" %5s"
+#define PRINT_CK_PAT_WLIST_LEN	6
+#define PRINT_CK_PAT_THOLD	PRINT_CK_PAT_WLIST
+extern void dcc_cks_init(DCC_GOT_CKS *);
+extern void dcc_ck_mime_hdr(DCC_GOT_CKS *, const char *, const char *);
+extern u_char parse_mime_hdr(DCC_GOT_CKS *, const char *, u_int, u_char);
+extern void dcc_ck_body(DCC_GOT_CKS *, const void *, u_int);
+extern void dcc_cks_fin(DCC_GOT_CKS *);
+extern u_char dcc_get_white(DCC_EMSG, DCC_WHITE_INX);
+typedef int (*DCC_PARSED_CK_FNC)(DCC_EMSG, DCC_WF *,
+				DCC_CK_TYPES,	/* type of checksum */
+				DCC_SUM,    /* computed checksum */
+				DCC_TGTS);  /* "OK2" etc */
+typedef int (*DCC_PARSED_CK_CIDR_FNC)(DCC_EMSG, DCC_WF *,
+				      int,
+				      const struct in6_addr *,
+				      const struct in6_addr *,
+				      DCC_TGTS);
+extern int dcc_parse_ck(DCC_EMSG, DCC_WF *wf,
+			const char *, DCC_CK_TYPES, const char *, DCC_TGTS,
+			DCC_PARSED_CK_FNC, DCC_PARSED_CK_CIDR_FNC);
+extern int dcc_parse_hex_ck(DCC_EMSG, DCC_WF *wf,
+			    const char *, DCC_CK_TYPES, const char *, DCC_TGTS,
+			    DCC_PARSED_CK_FNC);
+extern const char *wf_fnm(const DCC_WF *, int);
+extern const char *wf_fnm_lno(DCC_FNM_LNO_BUF *, const DCC_WF *);
+extern DCC_TGTS dcc_str2thold(DCC_CK_TYPES, const char *);
+extern int dcc_parse_whitefile(DCC_EMSG, DCC_WF *, int,
+			       DCC_PARSED_CK_FNC, DCC_PARSED_CK_CIDR_FNC);
+typedef enum {
+DCC_WHITE_USE_DCC,
+DCC_WHITE_LISTED,
+DCC_WHITE_UNLISTED,
+DCC_WHITE_BLACK
+} DCC_WHITE_LISTING;
+typedef enum {
+DCC_WHITE_OK,
+DCC_WHITE_NOFILE,			/* no ASCII file */
+DCC_WHITE_CONTINUE,			/* modest error or bad host name */
+DCC_WHITE_COMPLAIN,			/* bad hash table */
+DCC_WHITE_SILENT			/* no more complaints */
+} DCC_WHITE_RESULT;
+#define DCC_WHITE_RESULT_FAILURE DCC_WHITE_UNLISTED
+u_char dcc_new_white_nm(DCC_EMSG, DCC_WF *, const char *);
+extern DCC_WHITE_RESULT dcc_rdy_white(DCC_EMSG, DCC_WF *, DCC_WF *);
+extern DCC_WHITE_RESULT dcc_white_sum(DCC_EMSG, DCC_WF *,
+				      DCC_CK_TYPES, const DCC_SUM,
+				      DCC_TGTS *, DCC_WHITE_LISTING *);
+extern u_char dcc_white_mx(DCC_EMSG, DCC_TGTS *, const DCC_GOT_CKS *);
+extern DCC_WHITE_RESULT dcc_white_cks(DCC_EMSG, DCC_WF *, DCC_GOT_CKS *,
+				      DCC_CKS_WTGTS, DCC_WHITE_LISTING *);
+typedef u_int32_t ASK_ST;
+#define ASK_ST_INVALID_MSG	0x00000001  /* incomplete SMTP transaction */
+#define	ASK_ST_QUERY		0x00000002  /* ask but do not report */
+#define	ASK_ST_QUERY_GREY	0x00000004
+#define	ASK_ST_SRVR_OK2		0x00000008  /* have honored DCC_TGTS_OK2 */
+#define	ASK_ST_SRVR_NOTSPAM	0x00000010  /* not spam by DCC server */
+#define	ASK_ST_SRVR_ISSPAM	0x00000020  /* spam by DCC server & threshold */
+#define ASK_ST_REP_ISSPAM	0x00000040  /* spam by reputation & threshold */
+#define	ASK_ST_MTA_NOTSPAM	0x00000080  /* MTA says it is not spam */
+#define	ASK_ST_MTA_ISSPAM	0x00000100  /* MTA says it is spam */
+#define	ASK_ST_WLIST_NOTSPAM	0x00000200  /* locally whitelisted message */
+#define	ASK_ST_WLIST_ISSPAM	0x00000400  /* locally blacklisted message */
+#define	ASK_ST_CLNT_ISSPAM	0x00000800  /* report to DCC server as spam */
+#define	ASK_ST_GREY_EMBARGO	0x00001000  /* embargo this message */
+#define	ASK_ST_GREY_LOGIT	0x00002000  /* greylist logging indicated */
+#define	ASK_ST_LOGIT		0x00004000  /* log message for all recipients */
+#define	ASK_ST_DNSBL_HIT(n)    (0x00008000*DNSBL_G2B(n))    /* DNSBL hit */
+# define ASK_ST_DNSBL_HIT_M	0x00038000
+# define ASK_ST_DNSBL_HIT_BITS(st) (((st)&ASK_ST_DNSBL_HIT_M)		    \
+				    / ASK_ST_DNSBL_HIT(0))
+#define	ASK_ST_DNSBL_TIMEO(n)  (0x00040000*DNSBL_G2B(n))    /* DNSBL timeout */
+# define ASK_ST_DNSBL_TIMEO_M	0x001c0000
+# define ASK_ST_DNSBL_TIMEO_BITS(st) (((st)&ASK_ST_DNSBL_TIMEO_M)	    \
+				      / ASK_ST_DNSBL_TIMEO(0))
+#define	ASK_ST_DNSBL_TFAIL(n)  (0x00200000*DNSBL_G2B(n))
+# define ASK_ST_DNSBL_TFAIL_M	0x00e00000
+# define ASK_ST_DNSBL_TFAIL_BITS(st) (((st)&ASK_ST_DNSBL_TFAIL_M)	    \
+				      / ASK_ST_DNSBL_TFAIL(0))
+extern u_char dcc_ck_grey_answer(DCC_EMSG, const DCC_OP_RESP *);
+extern int ask_dcc(DCC_EMSG, DCC_CLNT_CTXT *, u_char,
+		   DCC_HEADER_BUF *, DCC_GOT_CKS *, ASK_ST *, u_char,
+		   DCC_TGTS);
+extern u_char unthr_ask_white(DCC_EMSG, ASK_ST *, FLTR_SWS *, const char *,
+			      DCC_GOT_CKS *, DCC_CKS_WTGTS);
+extern u_char unthr_ask_dcc(DCC_EMSG, DCC_CLNT_CTXT*, DCC_HEADER_BUF*, ASK_ST *,
+			    DCC_GOT_CKS *, u_char, DCC_TGTS);
+extern void dcc_clear_tholds(void);
+extern u_char dcc_merge_tholds(DCC_CKSUM_THOLDS,
+			       const DCC_CKSUM_THOLDS, const DCC_WHITE_TBL *);
+extern void dcc_parse_honor(const char *);
+extern u_char dcc_parse_tholds(const char *, const char *);
+extern void dcc_honor_log_cnts(ASK_ST *, const DCC_GOT_CKS *, DCC_TGTS);
+extern FLTR_SWS wf2sws(FLTR_SWS, const DCC_WF *);
+extern void log_ask_st(LOG_WRITE_FNC, void *, ASK_ST, FLTR_SWS, u_char,
+		       const DCC_HEADER_BUF *);
+extern u_char dcc_parse_client_grey(const char *);
+extern ASK_GREY_RESULT ask_grey(DCC_EMSG, DCC_CLNT_CTXT *, DCC_OPS,
+				DCC_SUM, DCC_SUM,
+				const DCC_GOT_CKS *, const DCC_SUM,
+				DCC_TGTS *, DCC_TGTS *, DCC_TGTS *);
+extern u_char dcc_parse_dnsbl(DCC_EMSG, const char *, const char *, u_char);
+extern const REPLY_TPLT *dnsbl_parse_reply(const char *);
+extern void helper_save_arg(const char *, const char *);
+extern void helper_init(int);
+extern void dcc_dnsbl_init(DCC_GOT_CKS *,
+			   DCC_CLNT_CTXT *, void *, const char *);
+extern void url_dnsbl(DNSBL_WORK *);
+extern void dcc_mail_host_dnsbl(DNSBL_WORK *, const char *);
+extern void dcc_client_dnsbl(DNSBL_WORK *, const struct in6_addr *,
+			     const char *);
+extern void dcc_dnsbl_result(ASK_ST *, DNSBL_WORK *);
+extern int PATTRIB(3,4) thr_log_print(void *, u_char, const char *, ...);
+extern int PATTRIB(2,3) thr_error_msg(void *, const char *, ...);
+extern void PATTRIB(2,3) thr_trace_msg(void *, const char *, ...);
+#endif /* DCC_CK_H */

Mercurial > notdcc

comparison include/dcc_ck.h @ 0:c7f6b056b673