1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) University of Cambridge 1995 - 2016 */
6 /* See the file NOTICE for conditions of use and distribution. */
8 /* A number of functions for driving outgoing SMTP calls. */
12 #include "transports/smtp.h"
16 /*************************************************
17 * Find an outgoing interface *
18 *************************************************/
20 /* This function is called from the smtp transport and also from the callout
21 code in verify.c. Its job is to expand a string to get a list of interfaces,
22 and choose a suitable one (IPv4 or IPv6) for the outgoing address.
25 istring string interface setting, may be NULL, meaning "any", in
26 which case the function does nothing
27 host_af AF_INET or AF_INET6 for the outgoing IP address
28 addr the mail address being handled (for setting errors)
29 interface point this to the interface
30 msg to add to any error message
32 Returns: TRUE on success, FALSE on failure, with error message
33 set in addr and transport_return set to PANIC
37 smtp_get_interface(uschar *istring, int host_af, address_item *addr,
38 uschar **interface, uschar *msg)
40 const uschar * expint;
44 if (!istring) return TRUE;
46 if (!(expint = expand_string(istring)))
48 if (expand_string_forcedfail) return TRUE;
49 addr->transport_return = PANIC;
50 addr->message = string_sprintf("failed to expand \"interface\" "
51 "option for %s: %s", msg, expand_string_message);
55 while (isspace(*expint)) expint++;
56 if (*expint == 0) return TRUE;
58 while ((iface = string_nextinlist(&expint, &sep, big_buffer,
61 if (string_is_ip_address(iface, NULL) == 0)
63 addr->transport_return = PANIC;
64 addr->message = string_sprintf("\"%s\" is not a valid IP "
65 "address for the \"interface\" option for %s",
70 if (((Ustrchr(iface, ':') == NULL)? AF_INET:AF_INET6) == host_af)
74 if (iface) *interface = string_copy(iface);
80 /*************************************************
81 * Find an outgoing port *
82 *************************************************/
84 /* This function is called from the smtp transport and also from the callout
85 code in verify.c. Its job is to find a port number. Note that getservbyname()
86 produces the number in network byte order.
89 rstring raw (unexpanded) string representation of the port
90 addr the mail address being handled (for setting errors)
91 port stick the port in here
92 msg for adding to error message
94 Returns: TRUE on success, FALSE on failure, with error message set
95 in addr, and transport_return set to PANIC
99 smtp_get_port(uschar *rstring, address_item *addr, int *port, uschar *msg)
101 uschar *pstring = expand_string(rstring);
105 addr->transport_return = PANIC;
106 addr->message = string_sprintf("failed to expand \"%s\" (\"port\" option) "
107 "for %s: %s", rstring, msg, expand_string_message);
111 if (isdigit(*pstring))
114 *port = Ustrtol(pstring, &end, 0);
115 if (end != pstring + Ustrlen(pstring))
117 addr->transport_return = PANIC;
118 addr->message = string_sprintf("invalid port number for %s: %s", msg,
126 struct servent *smtp_service = getservbyname(CS pstring, "tcp");
129 addr->transport_return = PANIC;
130 addr->message = string_sprintf("TCP port \"%s\" is not defined for %s",
134 *port = ntohs(smtp_service->s_port);
145 tfo_out_check(int sock)
147 # if defined(TCP_INFO) && defined(EXIM_HAVE_TCPI_UNACKED)
148 struct tcp_info tinfo;
149 socklen_t len = sizeof(tinfo);
151 if (getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0)
153 /* This is a somewhat dubious detection method; totally undocumented so likely
154 to fail in future kernels. There seems to be no documented way. */
156 if (tinfo.tcpi_unacked > 1)
158 DEBUG(D_transport|D_v) debug_printf("TCP_FASTOPEN mode connection\n");
159 tcp_out_fastopen = TRUE;
168 smtp_sock_connect(host_item * host, int host_af, int port, uschar * interface,
169 transport_instance * tb, int timeout)
171 smtp_transport_options_block * ob =
172 (smtp_transport_options_block *)tb->options_block;
173 const uschar * dscp = ob->dscp;
179 BOOL fastopen = FALSE;
181 #ifndef DISABLE_EVENT
182 deliver_host_address = host->address;
183 deliver_host_port = port;
184 if (event_raise(tb->event_action, US"tcp:connect", NULL)) return -1;
187 if ((sock = ip_socket(SOCK_STREAM, host_af)) < 0) return -1;
189 /* Set TCP_NODELAY; Exim does its own buffering. */
191 if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, US &on, sizeof(on)))
192 HDEBUG(D_transport|D_acl|D_v)
193 debug_printf_indent("failed to set NODELAY: %s ", strerror(errno));
195 /* Set DSCP value, if we can. For now, if we fail to set the value, we don't
196 bomb out, just log it and continue in default traffic class. */
198 if (dscp && dscp_lookup(dscp, host_af, &dscp_level, &dscp_option, &dscp_value))
200 HDEBUG(D_transport|D_acl|D_v)
201 debug_printf_indent("DSCP \"%s\"=%x ", dscp, dscp_value);
202 if (setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value)) < 0)
203 HDEBUG(D_transport|D_acl|D_v)
204 debug_printf_indent("failed to set DSCP: %s ", strerror(errno));
205 /* If the kernel supports IPv4 and IPv6 on an IPv6 socket, we need to set the
206 option for both; ignore failures here */
207 if (host_af == AF_INET6 &&
208 dscp_lookup(dscp, AF_INET, &dscp_level, &dscp_option, &dscp_value))
209 (void) setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value));
213 if (verify_check_given_host (&ob->hosts_try_fastopen, host) == OK) fastopen = TRUE;
216 /* Bind to a specific interface if requested. Caller must ensure the interface
217 is the same type (IPv4 or IPv6) as the outgoing address. */
219 if (interface && ip_bind(sock, host_af, interface, 0) < 0)
222 HDEBUG(D_transport|D_acl|D_v)
223 debug_printf_indent("unable to bind outgoing SMTP call to %s: %s", interface,
227 /* Connect to the remote host, and add keepalive to the socket before returning
230 else if (ip_connect(sock, host_af, host->address, port, timeout, fastopen) < 0)
233 /* Either bind() or connect() failed */
237 HDEBUG(D_transport|D_acl|D_v)
239 debug_printf_indent("failed: %s", CUstrerror(save_errno));
240 if (save_errno == ETIMEDOUT)
241 debug_printf(" (timeout=%s)", readconf_printtime(timeout));
249 /* Both bind() and connect() succeeded */
253 union sockaddr_46 interface_sock;
254 EXIM_SOCKLEN_T size = sizeof(interface_sock);
255 HDEBUG(D_transport|D_acl|D_v) debug_printf_indent("connected\n");
256 if (getsockname(sock, (struct sockaddr *)(&interface_sock), &size) == 0)
257 sending_ip_address = host_ntoa(-1, &interface_sock, NULL, &sending_port);
260 log_write(0, LOG_MAIN | ((errno == ECONNRESET)? 0 : LOG_PANIC),
261 "getsockname() failed: %s", strerror(errno));
265 if (ob->keepalive) ip_keepalive(sock, host->address, TRUE);
278 smtp_port_for_connect(host_item * host, int port)
280 if (host->port != PORT_NONE)
282 HDEBUG(D_transport|D_acl|D_v)
283 debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
287 else host->port = port; /* Set the port actually used */
291 /*************************************************
292 * Connect to remote host *
293 *************************************************/
295 /* Create a socket, and connect it to a remote host. IPv6 addresses are
296 detected by checking for a colon in the address. AF_INET6 is defined even on
297 non-IPv6 systems, to enable the code to be less messy. However, on such systems
298 host->address will always be an IPv4 address.
301 host host item containing name and address and port
302 host_af AF_INET or AF_INET6
303 interface outgoing interface address or NULL
304 timeout timeout value or 0
307 Returns: connected socket number, or -1 with errno set
311 smtp_connect(host_item *host, int host_af, uschar *interface,
312 int timeout, transport_instance * tb)
314 int port = host->port;
316 smtp_transport_options_block * ob =
317 (smtp_transport_options_block *)tb->options_block;
320 callout_address = string_sprintf("[%s]:%d", host->address, port);
322 HDEBUG(D_transport|D_acl|D_v)
325 if (interface) s = string_sprintf(" from %s ", interface);
327 if (ob->socks_proxy) s = string_sprintf("%svia proxy ", s);
329 debug_printf_indent("Connecting to %s %s%s... ", host->name, callout_address, s);
332 /* Create and connect the socket */
336 return socks_sock_connect(host, host_af, port, interface, tb, timeout);
339 return smtp_sock_connect(host, host_af, port, interface, tb, timeout);
343 /*************************************************
344 * Flush outgoing command buffer *
345 *************************************************/
347 /* This function is called only from smtp_write_command() below. It flushes
348 the buffer of outgoing commands. There is more than one in the buffer only when
352 outblock the SMTP output block
353 mode further data expected, or plain
355 Returns: TRUE if OK, FALSE on error, with errno set
359 flush_buffer(smtp_outblock * outblock, int mode)
362 int n = outblock->ptr - outblock->buffer;
363 BOOL more = mode == SCMD_MORE;
365 HDEBUG(D_transport|D_acl) debug_printf_indent("cmd buf flush %d bytes%s\n", n,
366 more ? " (more expected)" : "");
369 if (tls_out.active == outblock->sock)
370 rc = tls_write(FALSE, outblock->buffer, n, more);
373 rc = send(outblock->sock, outblock->buffer, n,
383 HDEBUG(D_transport|D_acl) debug_printf_indent("send failed: %s\n", strerror(errno));
387 outblock->ptr = outblock->buffer;
388 outblock->cmd_count = 0;
394 /*************************************************
395 * Write SMTP command *
396 *************************************************/
398 /* The formatted command is left in big_buffer so that it can be reflected in
402 outblock contains buffer for pipelining, and socket
403 mode buffer, write-with-more-likely, write
404 format a format, starting with one of
405 of HELO, MAIL FROM, RCPT TO, DATA, ".", or QUIT.
406 If NULL, flush pipeline buffer only.
407 ... data for the format
409 Returns: 0 if command added to pipelining buffer, with nothing transmitted
410 +n if n commands transmitted (may still have buffered the new one)
411 -1 on error, with errno set
415 smtp_write_command(smtp_outblock * outblock, int mode, const char *format, ...)
423 va_start(ap, format);
424 if (!string_vformat(big_buffer, big_buffer_size, CS format, ap))
425 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
428 count = Ustrlen(big_buffer);
430 if (count > outblock->buffersize)
431 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
434 if (count > outblock->buffersize - (outblock->ptr - outblock->buffer))
436 rc = outblock->cmd_count; /* flush resets */
437 if (!flush_buffer(outblock, SCMD_FLUSH)) return -1;
440 Ustrncpy(CS outblock->ptr, big_buffer, count);
441 outblock->ptr += count;
442 outblock->cmd_count++;
444 big_buffer[count] = 0; /* remove \r\n for error message */
446 /* We want to hide the actual data sent in AUTH transactions from reflections
447 and logs. While authenticating, a flag is set in the outblock to enable this.
448 The AUTH command itself gets any data flattened. Other lines are flattened
451 if (outblock->authenticating)
453 uschar *p = big_buffer;
454 if (Ustrncmp(big_buffer, "AUTH ", 5) == 0)
457 while (isspace(*p)) p++;
458 while (!isspace(*p)) p++;
459 while (isspace(*p)) p++;
461 while (*p != 0) *p++ = '*';
464 HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> %s\n", big_buffer);
467 if (mode != SCMD_BUFFER)
469 rc += outblock->cmd_count; /* flush resets */
470 if (!flush_buffer(outblock, mode)) return -1;
478 /*************************************************
479 * Read one line of SMTP response *
480 *************************************************/
482 /* This function reads one line of SMTP response from the server host. This may
483 not be a complete response - it could be just part of a multiline response. We
484 have to use a buffer for incoming packets, because when pipelining or using
485 LMTP, there may well be more than one response in a single packet. This
486 function is called only from the one that follows.
489 inblock the SMTP input block (contains holding buffer, socket, etc.)
490 buffer where to put the line
491 size space available for the line
492 timeout the timeout to use when reading a packet
494 Returns: length of a line that has been put in the buffer
495 -1 otherwise, with errno set
499 read_response_line(smtp_inblock *inblock, uschar *buffer, int size, int timeout)
502 uschar *ptr = inblock->ptr;
503 uschar *ptrend = inblock->ptrend;
504 int sock = inblock->sock;
506 /* Loop for reading multiple packets or reading another packet after emptying
507 a previously-read one. */
513 /* If there is data in the input buffer left over from last time, copy
514 characters from it until the end of a line, at which point we can return,
515 having removed any whitespace (which will include CR) at the end of the line.
516 The rules for SMTP say that lines end in CRLF, but there are have been cases
517 of hosts using just LF, and other MTAs are reported to handle this, so we
518 just look for LF. If we run out of characters before the end of a line,
519 carry on to read the next incoming packet. */
526 while (p > buffer && isspace(p[-1])) p--;
534 *p = 0; /* Leave malformed line for error message */
535 errno = ERRNO_SMTPFORMAT;
540 /* Need to read a new input packet. */
542 if((rc = ip_recv(sock, inblock->buffer, inblock->buffersize, timeout)) <= 0)
544 DEBUG(D_deliver|D_transport|D_acl)
545 debug_printf_indent(errno ? " SMTP(%s)<<\n" : " SMTP(closed)<<\n",
550 /* Another block of data has been successfully read. Set up the pointers
551 and let the loop continue. */
553 ptrend = inblock->ptrend = inblock->buffer + rc;
554 ptr = inblock->buffer;
555 DEBUG(D_transport|D_acl) debug_printf_indent("read response data: size=%d\n", rc);
558 /* Get here if there has been some kind of recv() error; errno is set, but we
559 ensure that the result buffer is empty before returning. */
569 /*************************************************
570 * Read SMTP response *
571 *************************************************/
573 /* This function reads an SMTP response with a timeout, and returns the
574 response in the given buffer, as a string. A multiline response will contain
575 newline characters between the lines. The function also analyzes the first
576 digit of the reply code and returns FALSE if it is not acceptable. FALSE is
577 also returned after a reading error. In this case buffer[0] will be zero, and
578 the error code will be in errno.
581 inblock the SMTP input block (contains holding buffer, socket, etc.)
582 buffer where to put the response
583 size the size of the buffer
584 okdigit the expected first digit of the response
585 timeout the timeout to use, in seconds
587 Returns: TRUE if a valid, non-error response was received; else FALSE
591 smtp_read_response(smtp_inblock *inblock, uschar *buffer, int size, int okdigit,
594 uschar *ptr = buffer;
597 errno = 0; /* Ensure errno starts out zero */
599 /* This is a loop to read and concatenate the lines that make up a multi-line
604 if ((count = read_response_line(inblock, ptr, size, timeout)) < 0)
607 HDEBUG(D_transport|D_acl|D_v)
608 debug_printf_indent(" %s %s\n", (ptr == buffer)? "SMTP<<" : " ", ptr);
610 /* Check the format of the response: it must start with three digits; if
611 these are followed by a space or end of line, the response is complete. If
612 they are followed by '-' this is a multi-line response and we must look for
613 another line until the final line is reached. The only use made of multi-line
614 responses is to pass them back as error messages. We therefore just
615 concatenate them all within the buffer, which should be large enough to
616 accept any reasonable number of lines. */
622 (ptr[3] != '-' && ptr[3] != ' ' && ptr[3] != 0))
624 errno = ERRNO_SMTPFORMAT; /* format error */
628 /* If the line we have just read is a terminal line, line, we are done.
629 Otherwise more data has to be read. */
631 if (ptr[3] != '-') break;
633 /* Move the reading pointer upwards in the buffer and insert \n between the
634 components of a multiline response. Space is left for this by read_response_
642 /* Return a value that depends on the SMTP return code. On some systems a
643 non-zero value of errno has been seen at this point, so ensure it is zero,
644 because the caller of this function looks at errno when FALSE is returned, to
645 distinguish between an unexpected return code and other errors such as
646 timeouts, lost connections, etc. */
649 return buffer[0] == okdigit;
652 /* End of smtp_out.c */