1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) The Exim Maintainers 2020 - 2024 */
6 /* Copyright (c) University of Cambridge 1995 - 2018 */
7 /* See the file NOTICE for conditions of use and distribution. */
8 /* SPDX-License-Identifier: GPL-2.0-or-later */
10 #define DELIVER_BUFFER_SIZE 4096
13 #define PENDING_DEFER (PENDING + DEFER)
14 #define PENDING_OK (PENDING + OK)
18 /* Flags structure for validity of TLS configuration */
21 BOOL conn_certs:1; /* certificates etc. loaded */
22 BOOL cabundle:1; /* CA certificates loaded */
23 BOOL crl:1; /* CRL loaded */
24 BOOL pri_string:1; /* cipher priority-string cache loaded */
25 BOOL dh:1; /* Diffie-Helman params loaded */
26 BOOL ecdh:1; /* EC Diffie-Helman params loaded */
28 BOOL ca_rdn_emulate:1; /* do not advertise usable-cert list */
29 BOOL ocsp_hook:1; /* need hshake callback on session */
31 void * libdata0; /* library-dependent preloaded data */
32 void * libdata1; /* library-dependent preloaded data */
37 /* Private structure for the private options and other private data. */
41 uschar *fallback_hosts;
43 host_item *fallback_hostlist;
44 uschar *authenticated_sender;
50 uschar *serialize_hosts;
51 uschar *hosts_try_auth;
52 uschar *hosts_require_alpn;
53 uschar *hosts_require_auth;
54 uschar *hosts_try_chunking;
56 uschar *hosts_try_dane;
57 uschar *hosts_require_dane;
58 uschar *dane_require_tls_ciphers;
60 uschar *hosts_try_fastopen;
62 uschar *hosts_try_prdr;
65 uschar *hosts_request_ocsp;
66 uschar *hosts_require_ocsp;
68 uschar *hosts_require_tls;
69 uschar *hosts_avoid_tls;
70 uschar *hosts_verify_avoid_tls;
71 uschar *hosts_avoid_pipelining;
72 #ifndef DISABLE_PIPE_CONNECT
73 uschar *hosts_pipe_connect;
75 uschar *hosts_avoid_esmtp;
77 uschar *hosts_nopass_tls;
78 uschar *hosts_noproxy_tls;
86 int hosts_max_try_hardlimit;
87 int message_linelength_limit;
88 BOOL address_retry_include_sender;
90 BOOL authenticated_sender_force;
92 BOOL dns_qualify_single;
93 BOOL dns_search_parents;
94 dnssec_domains dnssec;
95 BOOL delay_after_cutoff;
99 BOOL lmtp_ignore_quota;
100 uschar *expand_retry_include_ip_address;
101 BOOL retry_include_ip_address;
107 uschar *tls_certificate;
109 uschar *tls_privatekey;
110 uschar *tls_require_ciphers;
111 # ifndef DISABLE_TLS_RESUME
112 # define HNE_DEFAULT US"${if and {{match{$host}{.outlook.com\\$}} {match{$item}{\\N^250-([\\w.]+)\\s\\N}}} {$1}}"
113 uschar *host_name_extract;
114 uschar *tls_resumption_hosts;
116 const uschar *tls_sni;
117 uschar *tls_verify_certificates;
119 BOOL tls_tempfail_tryclear;
120 uschar *tls_verify_hosts;
121 uschar *tls_try_verify_hosts;
122 uschar *tls_verify_cert_hostnames;
125 uschar *utf8_downconvert;
130 #ifdef EXPERIMENTAL_ARC
134 exim_tlslib_state tls_preload;
136 } smtp_transport_options_block;
138 #define SOB (smtp_transport_options_block *)
141 /* smtp connect context */
143 const uschar * from_addr;
144 address_item * addrlist;
146 smtp_connect_args conn_args;
154 #ifndef DISABLE_PIPE_CONNECT
155 BOOL early_pipe_ok:1;
156 BOOL early_pipe_active:1;
160 BOOL pipelining_used:1;
167 BOOL dsn_all_lasthop:1;
168 #if !defined(DISABLE_TLS) && defined(SUPPORT_DANE)
169 BOOL dane_required:1;
171 #ifndef DISABLE_PIPE_CONNECT
172 BOOL pending_BANNER:1;
179 #ifndef DISABLE_ESMTP_LIMITS
180 BOOL single_rcpt_domain:1;
182 BOOL completed_addr:1;
185 BOOL send_tlsclose:1;
187 unsigned peer_offered;
188 #ifndef DISABLE_ESMTP_LIMITS
189 unsigned peer_limit_mail;
190 unsigned peer_limit_rcpt;
191 unsigned peer_limit_rcptdom;
198 unsigned avoid_option;
201 #ifdef EXPERIMENTAL_DSN_INFO
202 uschar * smtp_greeting;
203 uschar * helo_response;
205 #ifndef DISABLE_PIPE_CONNECT
206 /* Info about the EHLO response stored to / retrieved from cache. When
207 operating early-pipe, we use the cached values. For each of plaintext and
208 crypted we store bitmaps for ESMTP features and AUTH methods. If the LIMITS
209 extension is built and usable them at least one of the limits values cached
210 is nonzero, and we use the values to constrain the connection. */
211 ehlo_resp_precis ehlo_resp;
214 struct timeval delivery_start;
215 address_item * first_addr;
216 address_item * next_addr;
217 address_item * sync_addr;
219 client_conn_ctx cctx;
220 smtp_inblock inblock;
221 smtp_outblock outblock;
222 uschar buffer[DELIVER_BUFFER_SIZE];
223 uschar inbuffer[4096];
224 uschar outbuffer[4096];
227 extern int smtp_setup_conn(smtp_context *, BOOL);
228 extern sw_mrc_t smtp_write_mail_and_rcpt_cmds(smtp_context *, int *);
229 extern int smtp_reap_early_pipe(smtp_context *, int *);
232 /* Data for reading the private options. */
234 extern optionlist smtp_transport_options[];
235 extern int smtp_transport_options_count;
237 /* Block containing default values. */
239 extern smtp_transport_options_block smtp_transport_option_defaults;
241 /* The main, init, and closedown entry points for the transport */
243 extern BOOL smtp_transport_entry(transport_instance *, address_item *);
244 extern void smtp_transport_init(transport_instance *);
245 extern void smtp_transport_closedown(transport_instance *);
250 extern int socks_sock_connect(host_item *, int, int, uschar *,
251 transport_instance *, int);
254 /* End of transports/smtp.h */