1 /*************************************************
2 * Exim - an Internet mail transport agent *
3 *************************************************/
5 /* Copyright (c) The Exim Maintainers 2020 - 2024 */
6 /* Copyright (c) University of Cambridge 1995 - 2018 */
7 /* See the file NOTICE for conditions of use and distribution. */
8 /* SPDX-License-Identifier: GPL-2.0-or-later */
10 /* A number of functions for driving outgoing SMTP calls. */
14 #include "transports/smtp.h"
18 /*************************************************
19 * Find an outgoing interface *
20 *************************************************/
22 /* This function is called from the smtp transport and also from the callout
23 code in verify.c. Its job is to expand a string to get a list of interfaces,
24 and choose a suitable one (IPv4 or IPv6) for the outgoing address.
27 istring string interface setting, may be NULL, meaning "any", in
28 which case the function does nothing
29 host_af AF_INET or AF_INET6 for the outgoing IP address
30 addr the mail address being handled (for setting errors)
31 interface point this to the interface if there is one defined
32 msg to add to any error message
34 Returns: TRUE on success, FALSE on failure, with error message
35 set in addr and transport_return set to PANIC
39 smtp_get_interface(uschar *istring, int host_af, address_item *addr,
40 uschar **interface, uschar *msg)
42 const uschar * expint;
46 if (!istring) return TRUE;
48 if (!(expint = expand_string(istring)))
50 if (f.expand_string_forcedfail) return TRUE;
51 addr->transport_return = PANIC;
52 addr->message = string_sprintf("failed to expand \"interface\" "
53 "option for %s: %s", msg, expand_string_message);
57 if (is_tainted(expint))
59 log_write(0, LOG_MAIN|LOG_PANIC,
60 "attempt to use tainted value '%s' from '%s' for interface",
62 addr->transport_return = PANIC;
63 addr->message = string_sprintf("failed to expand \"interface\" "
64 "option for %s: configuration error", msg);
68 Uskip_whitespace(&expint);
69 if (!*expint) return TRUE;
71 while ((iface = string_nextinlist(&expint, &sep, NULL, 0)))
73 int if_af = string_is_ip_address(iface, NULL);
76 addr->transport_return = PANIC;
77 addr->message = string_sprintf("\"%s\" is not a valid IP "
78 "address for the \"interface\" option for %s",
83 if ((if_af == 4 ? AF_INET : AF_INET6) == host_af)
93 /*************************************************
94 * Find an outgoing port *
95 *************************************************/
97 /* This function is called from the smtp transport and also from the callout
98 code in verify.c. Its job is to find a port number. Note that getservbyname()
99 produces the number in network byte order.
102 rstring raw (unexpanded) string representation of the port
103 addr the mail address being handled (for setting errors)
104 port stick the port in here
105 msg for adding to error message
107 Returns: TRUE on success, FALSE on failure, with error message set
108 in addr, and transport_return set to PANIC
112 smtp_get_port(uschar *rstring, address_item *addr, int *port, uschar *msg)
114 uschar *pstring = expand_string(rstring);
118 addr->transport_return = PANIC;
119 addr->message = string_sprintf("failed to expand \"%s\" (\"port\" option) "
120 "for %s: %s", rstring, msg, expand_string_message);
124 if (isdigit(*pstring))
127 *port = Ustrtol(pstring, &end, 0);
128 if (end != pstring + Ustrlen(pstring))
130 addr->transport_return = PANIC;
131 addr->message = string_sprintf("invalid port number for %s: %s", msg,
139 struct servent *smtp_service = getservbyname(CS pstring, "tcp");
142 addr->transport_return = PANIC;
143 addr->message = string_sprintf("TCP port \"%s\" is not defined for %s",
147 *port = ntohs(smtp_service->s_port);
157 /* Try to record if TFO was attmepted and if it was successfully used. */
160 tfo_out_check(int sock)
162 static BOOL done_once = FALSE;
164 if (done_once) return;
168 struct tcp_info tinfo;
169 socklen_t len = sizeof(tinfo);
171 /* A getsockopt TCP_FASTOPEN unfortunately returns "was-used" for a TFO/R as
172 well as a TFO/C. Use what we can of the Linux hack below; reliability issues ditto. */
173 switch (tcp_out_fastopen)
175 case TFO_ATTEMPTED_NODATA:
176 if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
177 && tinfo.tcpi_state == TCPS_SYN_SENT
178 && tinfo.__tcpi_unacked > 0
181 DEBUG(D_transport|D_v)
182 debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.__tcpi_unacked);
183 tcp_out_fastopen = TFO_USED_NODATA;
187 case TFO_ATTEMPTED_DATA:
188 case TFO_ATTEMPTED_DATA:
189 if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA) XXX no equvalent as of 12.2
193 switch (tcp_out_fastopen)
195 case TFO_ATTEMPTED_DATA: tcp_out_fastopen = TFO_USED_DATA; break;
196 default: break; /* compiler quietening */
199 # else /* Linux & Apple */
200 # if defined(TCP_INFO) && defined(EXIM_HAVE_TCPI_UNACKED)
201 struct tcp_info tinfo;
202 socklen_t len = sizeof(tinfo);
204 switch (tcp_out_fastopen)
206 /* This is a somewhat dubious detection method; totally undocumented so likely
207 to fail in future kernels. There seems to be no documented way. What we really
208 want to know is if the server sent smtp-banner data before our ACK of his SYN,ACK
209 hit him. What this (possibly?) detects is whether we sent a TFO cookie with our
210 SYN, as distinct from a TFO request. This gets a false-positive when the server
211 key is rotated; we send the old one (which this test sees) but the server returns
212 the new one and does not send its SMTP banner before we ACK his SYN,ACK.
213 To force that rotation case:
214 '# echo -n "00000000-00000000-00000000-0000000" >/proc/sys/net/ipv4/tcp_fastopen_key'
215 The kernel seems to be counting unack'd packets. */
217 case TFO_ATTEMPTED_NODATA:
218 if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
219 && tinfo.tcpi_state == TCP_SYN_SENT
220 && tinfo.tcpi_unacked > 1
223 DEBUG(D_transport|D_v)
224 debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.tcpi_unacked);
225 tcp_out_fastopen = TFO_USED_NODATA;
229 /* When called after waiting for received data we should be able
230 to tell if data we sent was accepted. */
232 case TFO_ATTEMPTED_DATA:
233 if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
234 && tinfo.tcpi_state == TCP_ESTABLISHED
236 if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA)
238 DEBUG(D_transport|D_v) debug_printf("TFO: data was acked\n");
239 tcp_out_fastopen = TFO_USED_DATA;
243 DEBUG(D_transport|D_v) debug_printf("TFO: had to retransmit\n");
244 tcp_out_fastopen = TFO_NOT_USED;
248 default: break; /* compiler quietening */
251 # endif /* Linux & Apple */
256 /* Create and bind a socket, given the connect-args.
257 Update those with the state. Return the fd, or -1 with errno set.
261 smtp_boundsock(smtp_connect_args * sc)
263 transport_instance * tb = sc->tblock;
264 smtp_transport_options_block * ob =
265 (smtp_transport_options_block *)tb->options_block;
266 const uschar * dscp = ob->dscp;
267 int sock, dscp_value, dscp_level, dscp_option;
269 if ((sock = ip_socket(SOCK_STREAM, sc->host_af)) < 0)
272 /* Set TCP_NODELAY; Exim does its own buffering. */
274 if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, US &on, sizeof(on)))
275 HDEBUG(D_transport|D_acl|D_v)
276 debug_printf_indent("failed to set NODELAY: %s ", strerror(errno));
278 /* Set DSCP value, if we can. For now, if we fail to set the value, we don't
279 bomb out, just log it and continue in default traffic class. */
282 if (dscp && dscp_lookup(dscp, sc->host_af, &dscp_level, &dscp_option, &dscp_value))
284 HDEBUG(D_transport|D_acl|D_v)
285 debug_printf_indent("DSCP \"%s\"=%x ", dscp, dscp_value);
286 if (setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value)) < 0)
287 HDEBUG(D_transport|D_acl|D_v)
288 debug_printf_indent("failed to set DSCP: %s ", strerror(errno));
289 /* If the kernel supports IPv4 and IPv6 on an IPv6 socket, we need to set the
290 option for both; ignore failures here */
291 if (sc->host_af == AF_INET6 &&
292 dscp_lookup(dscp, AF_INET, &dscp_level, &dscp_option, &dscp_value))
293 (void) setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value));
296 /* Bind to a specific interface if requested. Caller must ensure the interface
297 is the same type (IPv4 or IPv6) as the outgoing address. */
301 union sockaddr_46 interface_sock;
302 EXIM_SOCKLEN_T size = sizeof(interface_sock);
304 if ( ip_bind(sock, sc->host_af, sc->interface, 0) < 0
305 || getsockname(sock, (struct sockaddr *) &interface_sock, &size) < 0
308 HDEBUG(D_transport|D_acl|D_v)
309 debug_printf_indent("unable to bind outgoing SMTP call to %s: %s\n", sc->interface,
314 sending_ip_address = host_ntoa(-1, &interface_sock, NULL, &sending_port);
323 host host item containing name and address and port
324 host_af AF_INET or AF_INET6
326 interface outgoing interface address or NULL
328 timeout timeout value or 0
329 early_data if non-NULL, idempotent data to be sent -
330 preferably in the TCP SYN segment
331 Special case: non-NULL but with NULL blob.data - caller is
332 client-data-first (eg. TLS-on-connect) and a lazy-TCP-connect is
335 Returns: connected socket number, or -1 with errno set
339 smtp_sock_connect(smtp_connect_args * sc, int timeout, const blob * early_data)
341 smtp_transport_options_block * ob =
342 (smtp_transport_options_block *)sc->tblock->options_block;
345 const blob * fastopen_blob = NULL;
348 #ifndef DISABLE_EVENT
349 deliver_host_address = sc->host->address;
350 deliver_host_port = sc->host->port;
351 if (event_raise(sc->tblock->event_action, US"tcp:connect", NULL, &errno)) return -1;
354 if ( (sock = sc->sock) < 0
355 && (sock = smtp_boundsock(sc)) < 0)
359 /* Connect to the remote host, and add keepalive to the socket before returning
360 it, if requested. If the build supports TFO, request it - and if the caller
361 requested some early-data then include that in the TFO request. If there is
362 early-data but no TFO support, send it after connecting. */
367 /* See if TCP Fast Open usable. Default is a traditional 3WHS connect */
369 if (verify_check_given_host(CUSS &ob->hosts_try_fastopen, sc->host) == OK)
372 fastopen_blob = &tcp_fastopen_nodata; /* TFO, with no data */
373 else if (early_data->data)
374 fastopen_blob = early_data; /* TFO, with data */
375 # ifdef TCP_FASTOPEN_CONNECT
377 { /* expecting client data */
378 DEBUG(D_transport|D_acl|D_v) debug_printf(" set up lazy-connect\n");
379 setsockopt(sock, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, US &on, sizeof(on));
380 /* fastopen_blob = NULL; lazy TFO, triggered by data write */
387 if (ip_connect(sock, sc->host_af, sc->host->address, sc->host->port, timeout, fastopen_blob) < 0)
389 else if (early_data && !fastopen_blob && early_data->data && early_data->len)
391 /* We had some early-data to send, but couldn't do TFO */
392 HDEBUG(D_transport|D_acl|D_v)
393 debug_printf("sending %ld nonTFO early-data\n", (long)early_data->len);
395 #ifdef TCP_QUICKACK_notdef
396 (void) setsockopt(sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
398 if (send(sock, early_data->data, early_data->len, 0) < 0)
401 #ifdef TCP_QUICKACK_notdef
402 /* Under TFO (with openssl & pipe-conn; testcase 4069, as of
403 5.10.8-100.fc32.x86_64) this seems to be inop.
404 Perhaps overwritten when we (client) go -> ESTABLISHED on seeing the 3rd-ACK?
405 For that case, added at smtp_reap_banner(). */
406 (void) setsockopt(sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
412 union sockaddr_46 interface_sock;
413 EXIM_SOCKLEN_T size = sizeof(interface_sock);
415 /* Both bind() and connect() succeeded, and any early-data */
417 HDEBUG(D_transport|D_acl|D_v) debug_printf_indent("connected\n");
418 if (getsockname(sock, (struct sockaddr *)(&interface_sock), &size) == 0)
419 sending_ip_address = host_ntoa(-1, &interface_sock, NULL, &sending_port);
422 log_write(0, LOG_MAIN | ((errno == ECONNRESET)? 0 : LOG_PANIC),
423 "getsockname() failed: %s", strerror(errno));
428 if (ob->keepalive) ip_keepalive(sock, sc->host->address, TRUE);
435 /* Either bind() or connect() failed */
437 HDEBUG(D_transport|D_acl|D_v)
439 debug_printf_indent(" failed: %s", CUstrerror(save_errno));
440 if (save_errno == ETIMEDOUT)
441 debug_printf(" (timeout=%s)", readconf_printtime(timeout));
454 smtp_port_for_connect(host_item * host, int port)
456 if (host->port != PORT_NONE)
458 HDEBUG(D_transport|D_acl|D_v) if (port != host->port)
459 debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
463 else host->port = port; /* Set the port actually used */
467 /*************************************************
468 * Connect to remote host *
469 *************************************************/
471 /* Create a socket, and connect it to a remote host. IPv6 addresses are
472 detected by checking for a colon in the address. AF_INET6 is defined even on
473 non-IPv6 systems, to enable the code to be less messy. However, on such systems
474 host->address will always be an IPv4 address.
477 sc details for making connection: host, af, interface, transport
478 early_data if non-NULL, data to be sent - preferably in the TCP SYN segment
479 Special case: non-NULL but with NULL blob.data - caller is
480 client-data-first (eg. TLS-on-connect) and a lazy-TCP-connect is
483 Returns: connected socket number, or -1 with errno set
487 smtp_connect(smtp_connect_args * sc, const blob * early_data)
489 int port = sc->host->port;
490 smtp_transport_options_block * ob = sc->ob;
492 callout_address = string_sprintf("[%s]:%d", sc->host->address, port);
494 HDEBUG(D_transport|D_acl|D_v)
497 if (sc->interface) s = string_sprintf(" from %s ", sc->interface);
499 if (ob->socks_proxy) s = string_sprintf("%svia proxy ", s);
501 debug_printf_indent("Connecting to %s %s%s...\n", sc->host->name, callout_address, s);
504 /* Create and connect the socket */
509 int sock = socks_sock_connect(sc->host, sc->host_af, port, sc->interface,
510 sc->tblock, ob->connect_timeout);
514 if (early_data && early_data->data && early_data->len)
515 if (send(sock, early_data->data, early_data->len, 0) < 0)
517 int save_errno = errno;
518 HDEBUG(D_transport|D_acl|D_v)
520 debug_printf_indent("failed: %s", CUstrerror(save_errno));
521 if (save_errno == ETIMEDOUT)
522 debug_printf(" (timeout=%s)", readconf_printtime(ob->connect_timeout));
534 return smtp_sock_connect(sc, ob->connect_timeout, early_data);
538 /*************************************************
539 * Flush outgoing command buffer *
540 *************************************************/
542 /* This function is called only from smtp_write_command() below. It flushes
543 the buffer of outgoing commands. There is more than one in the buffer only when
547 outblock the SMTP output block
548 mode further data expected, or plain
550 Returns: TRUE if OK, FALSE on error, with errno set
554 flush_buffer(smtp_outblock * outblock, int mode)
557 int n = outblock->ptr - outblock->buffer;
558 BOOL more = mode == SCMD_MORE;
559 client_conn_ctx * cctx;
561 HDEBUG(D_transport|D_acl) debug_printf_indent("cmd buf flush %d bytes%s\n", n,
562 more ? " (more expected)" : "");
564 if (!(cctx = outblock->cctx))
566 log_write(0, LOG_MAIN|LOG_PANIC, "null conn-context pointer");
572 if (cctx->tls_ctx) /*XXX have seen a null cctx here, rvfy sending QUIT, hence check above */
573 rc = tls_write(cctx->tls_ctx, outblock->buffer, n, more);
578 if (outblock->conn_args)
580 blob early_data = { .data = outblock->buffer, .len = n };
582 /* We ignore the more-flag if we're doing a connect with early-data, which
583 means we won't get BDAT+data. A pity, but wise due to the idempotency
584 requirement: TFO with data can, in rare cases, replay the data to the
587 if ( (cctx->sock = smtp_connect(outblock->conn_args, &early_data))
590 outblock->conn_args = NULL;
595 rc = send(cctx->sock, outblock->buffer, n,
603 #if defined(__linux__)
604 /* This is a workaround for a current linux kernel bug: as of
605 5.6.8-200.fc31.x86_64 small (<MSS) writes get delayed by about 200ms,
606 This is despite NODELAY being active.
607 https://bugzilla.redhat.com/show_bug.cgi?id=1803806 */
610 setsockopt(cctx->sock, IPPROTO_TCP, TCP_CORK, &off, sizeof(off));
617 HDEBUG(D_transport|D_acl) debug_printf_indent("send failed: %s\n", strerror(errno));
621 outblock->ptr = outblock->buffer;
622 outblock->cmd_count = 0;
628 /* This might be called both due to callout and then from delivery.
629 Use memory that will not be released between those phases.
632 smtp_debug_resp(const uschar * buf)
634 #ifndef DISABLE_CLIENT_CMD_LOG
635 int old_pool = store_pool;
636 store_pool = POOL_PERM;
637 client_cmd_log = string_append_listele_n(client_cmd_log, ':', buf,
638 buf[3] == ' ' ? 3 : 4);
639 store_pool = old_pool;
644 /*************************************************
645 * Write SMTP command *
646 *************************************************/
648 /* The formatted command is left in big_buffer so that it can be reflected in
652 sx SMTP connection, contains buffer for pipelining, and socket
653 mode buffer, write-with-more-likely, write
654 format a format, starting with one of
655 of HELO, MAIL FROM, RCPT TO, DATA, BDAT, ".", or QUIT.
656 If NULL, flush pipeline buffer only.
657 ... data for the format
659 Returns: 0 if command added to pipelining buffer, with nothing transmitted
660 +n if n commands transmitted (may still have buffered the new one)
661 -1 on error, with errno set
665 smtp_write_command(void * sx, int mode, const char * format, ...)
667 smtp_outblock * outblock = &((smtp_context *)sx)->outblock;
672 gstring gs = { .size = big_buffer_size, .ptr = 0, .s = big_buffer };
675 /* Use taint-unchecked routines for writing into big_buffer, trusting that
676 we'll never expand the results. Actually, the error-message use - leaving
677 the results in big_buffer for potential later use - is uncomfortably distant.
678 XXX Would be better to assume all smtp commands are short, use normal pool
679 alloc rather than big_buffer, and another global for the data-for-error. */
681 va_start(ap, format);
682 if (!string_vformat(&gs, SVFMT_TAINT_NOCHK, CS format, ap))
683 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
687 if (gs.ptr > outblock->buffersize)
688 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
691 if (gs.ptr > outblock->buffersize - (outblock->ptr - outblock->buffer))
693 rc = outblock->cmd_count; /* flush resets */
694 if (!flush_buffer(outblock, SCMD_FLUSH)) return -1;
697 Ustrncpy(outblock->ptr, gs.s, gs.ptr);
698 outblock->ptr += gs.ptr;
699 outblock->cmd_count++;
700 gs.ptr -= 2; string_from_gstring(&gs); /* remove \r\n for error message */
702 /* We want to hide the actual data sent in AUTH transactions from reflections
703 and logs. While authenticating, a flag is set in the outblock to enable this.
704 The AUTH command itself gets any data flattened. Other lines are flattened
707 if (outblock->authenticating)
709 uschar * p = big_buffer;
710 if (Ustrncmp(big_buffer, "AUTH ", 5) == 0)
713 Uskip_whitespace(&p);
715 Uskip_whitespace(&p);
717 while (*p) *p++ = '*';
720 smtp_debug_cmd(big_buffer, mode);
723 if (mode != SCMD_BUFFER)
725 rc += outblock->cmd_count; /* flush resets */
726 if (!flush_buffer(outblock, mode)) return -1;
734 /*************************************************
735 * Read one line of SMTP response *
736 *************************************************/
738 /* This function reads one line of SMTP response from the server host. This may
739 not be a complete response - it could be just part of a multiline response. We
740 have to use a buffer for incoming packets, because when pipelining or using
741 LMTP, there may well be more than one response in a single packet. This
742 function is called only from the one that follows.
745 inblock the SMTP input block (contains holding buffer, socket, etc.)
746 buffer where to put the line
747 size space available for the line
748 timelimit deadline for reading the lime, seconds past epoch
750 Returns: length of a line that has been put in the buffer
751 -1 otherwise, with errno set, and inblock->ptr adjusted
755 read_response_line(smtp_inblock *inblock, uschar *buffer, int size, time_t timelimit)
758 uschar *ptr = inblock->ptr;
759 uschar *ptrend = inblock->ptrend;
760 client_conn_ctx * cctx = inblock->cctx;
762 /* Loop for reading multiple packets or reading another packet after emptying
763 a previously-read one. */
769 /* If there is data in the input buffer left over from last time, copy
770 characters from it until the end of a line, at which point we can return,
771 having removed any whitespace (which will include CR) at the end of the line.
772 The rules for SMTP say that lines end in CRLF, but there are have been cases
773 of hosts using just LF, and other MTAs are reported to handle this, so we
774 just look for LF. If we run out of characters before the end of a line,
775 carry on to read the next incoming packet. */
782 while (p > buffer && isspace(p[-1])) p--;
790 *p = 0; /* Leave malformed line for error message */
791 errno = ERRNO_SMTPFORMAT;
797 /* Need to read a new input packet. */
799 if((rc = ip_recv(cctx, inblock->buffer, inblock->buffersize, timelimit)) <= 0)
801 DEBUG(D_deliver|D_transport|D_acl|D_v)
802 debug_printf_indent(errno ? " SMTP(%s)<<\n" : " SMTP(closed)<<\n",
807 /* Another block of data has been successfully read. Set up the pointers
808 and let the loop continue. */
810 ptrend = inblock->ptrend = inblock->buffer + rc;
811 ptr = inblock->buffer;
812 DEBUG(D_transport|D_acl) debug_printf_indent("read response data: size=%d\n", rc);
815 /* Get here if there has been some kind of recv() error; errno is set, but we
816 ensure that the result buffer is empty before returning. */
818 inblock->ptr = inblock->ptrend = inblock->buffer;
827 /*************************************************
828 * Read SMTP response *
829 *************************************************/
831 /* This function reads an SMTP response with a timeout, and returns the
832 response in the given buffer, as a string. A multiline response will contain
833 newline characters between the lines. The function also analyzes the first
834 digit of the reply code and returns FALSE if it is not acceptable. FALSE is
835 also returned after a reading error. In this case buffer[0] will be zero, and
836 the error code will be in errno.
839 sx the SMTP connection (contains input block with holding buffer,
841 buffer where to put the response
842 size the size of the buffer
843 okdigit the expected first digit of the response
844 timeout the timeout to use, in seconds
846 Returns: TRUE if a valid, non-error response was received; else FALSE
848 /*XXX could move to smtp transport; no other users */
851 smtp_read_response(void * sx0, uschar * buffer, int size, int okdigit,
854 smtp_context * sx = sx0;
855 uschar * ptr = buffer;
857 time_t timelimit = time(NULL) + timeout;
860 errno = 0; /* Ensure errno starts out zero */
863 #ifndef DISABLE_PIPE_CONNECT
864 if (sx->pending_BANNER || sx->pending_EHLO)
867 if ((rc = smtp_reap_early_pipe(sx, &count)) != OK)
869 DEBUG(D_transport) debug_printf("failed reaping pipelined cmd responsess\n");
870 if (rc == DEFER) errno = ERRNO_TLSFAILURE;
876 /* This is a loop to read and concatenate the lines that make up a multi-line
881 if ((count = read_response_line(&sx->inblock, ptr, size, timelimit)) < 0)
884 HDEBUG(D_transport|D_acl|D_v)
885 debug_printf_indent(" %s %s\n", ptr == buffer ? "SMTP<<" : " ", ptr);
887 /* Check the format of the response: it must start with three digits; if
888 these are followed by a space or end of line, the response is complete. If
889 they are followed by '-' this is a multi-line response and we must look for
890 another line until the final line is reached. The only use made of multi-line
891 responses is to pass them back as error messages. We therefore just
892 concatenate them all within the buffer, which should be large enough to
893 accept any reasonable number of lines. */
899 (ptr[3] != '-' && ptr[3] != ' ' && ptr[3] != 0))
901 errno = ERRNO_SMTPFORMAT; /* format error */
905 /* If the line we have just read is a terminal line, line, we are done.
906 Otherwise more data has to be read. */
908 if (ptr[3] != '-') break;
910 /* Move the reading pointer upwards in the buffer and insert \n between the
911 components of a multiline response. Space is left for this by read_response_
920 tfo_out_check(sx->cctx.sock);
923 /* Return a value that depends on the SMTP return code. On some systems a
924 non-zero value of errno has been seen at this point, so ensure it is zero,
925 because the caller of this function looks at errno when FALSE is returned, to
926 distinguish between an unexpected return code and other errors such as
927 timeouts, lost connections, etc. */
930 yield = buffer[0] == okdigit;
933 smtp_debug_resp(buffer);
937 /* End of smtp_out.c */