-/* $Cambridge: exim/src/src/smtp_in.c,v 1.47 2006/11/14 16:40:36 ph10 Exp $ */
+/* $Cambridge: exim/src/src/smtp_in.c,v 1.53 2007/01/30 11:45:20 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2006 */
+/* Copyright (c) University of Cambridge 1995 - 2007 */
/* See the file NOTICE for conditions of use and distribution. */
/* Functions for handling an incoming SMTP call. */
TOO_MANY_NONMAIL_CMD };
+/* This is a convenience macro for adding the identity of an SMTP command
+to the circular buffer that holds a list of the last n received. */
+
+#define HAD(n) \
+ smtp_connection_had[smtp_ch_index++] = n; \
+ if (smtp_ch_index >= SMTP_HBUFF_SIZE) smtp_ch_index = 0
+
/*************************************************
* Local static variables *
#define CMD_LIST_AUTH 3
#define CMD_LIST_STARTTLS 4
+/* This list of names is used for performing the smtp_no_mail logging action.
+It must be kept in step with the SCH_xxx enumerations. */
+
+static uschar *smtp_names[] =
+ {
+ US"NONE", US"AUTH", US"DATA", US"EHLO", US"ETRN", US"EXPN", US"HELO",
+ US"HELP", US"MAIL", US"NOOP", US"QUIT", US"RCPT", US"RSET", US"STARTTLS",
+ US"VRFY" };
+
static uschar *protocols[] = {
US"local-smtp", /* HELO */
US"local-smtps", /* The rare case EHLO->STARTTLS->HELO */
+/*************************************************
+* Log lack of MAIL if so configured *
+*************************************************/
+
+/* This function is called when an SMTP session ends. If the log selector
+smtp_no_mail is set, write a log line giving some details of what has happened
+in the SMTP session.
+
+Arguments: none
+Returns: nothing
+*/
+
+void
+smtp_log_no_mail(void)
+{
+int size, ptr, i;
+uschar *s, *sep;
+
+if (smtp_mailcmd_count > 0 || (log_extra_selector & LX_smtp_no_mail) == 0)
+ return;
+
+s = NULL;
+size = ptr = 0;
+
+if (sender_host_authenticated != NULL)
+ {
+ s = string_append(s, &size, &ptr, 2, US" A=", sender_host_authenticated);
+ if (authenticated_id != NULL)
+ s = string_append(s, &size, &ptr, 2, US":", authenticated_id);
+ }
+
+#ifdef SUPPORT_TLS
+if ((log_extra_selector & LX_tls_cipher) != 0 && tls_cipher != NULL)
+ s = string_append(s, &size, &ptr, 2, US" X=", tls_cipher);
+if ((log_extra_selector & LX_tls_certificate_verified) != 0 &&
+ tls_cipher != NULL)
+ s = string_append(s, &size, &ptr, 2, US" CV=",
+ tls_certificate_verified? "yes":"no");
+if ((log_extra_selector & LX_tls_peerdn) != 0 && tls_peerdn != NULL)
+ s = string_append(s, &size, &ptr, 3, US" DN=\"", tls_peerdn, US"\"");
+#endif
+
+sep = (smtp_connection_had[SMTP_HBUFF_SIZE-1] != SCH_NONE)?
+ US" C=..." : US" C=";
+for (i = smtp_ch_index; i < SMTP_HBUFF_SIZE; i++)
+ {
+ if (smtp_connection_had[i] != SCH_NONE)
+ {
+ s = string_append(s, &size, &ptr, 2, sep,
+ smtp_names[smtp_connection_had[i]]);
+ sep = US",";
+ }
+ }
+
+for (i = 0; i < smtp_ch_index; i++)
+ {
+ s = string_append(s, &size, &ptr, 2, sep, smtp_names[smtp_connection_had[i]]);
+ sep = US",";
+ }
+
+if (s != NULL) s[ptr] = 0; else s = US"";
+log_write(0, LOG_MAIN, "no MAIL in SMTP connection from %s D=%s%s",
+ host_and_ident(FALSE),
+ readconf_printtime(time(NULL) - smtp_connection_start), s);
+}
+
+
+
/*************************************************
* Check HELO line and set sender_helo_name *
*************************************************/
uschar *code, *esc;
uschar *p, *s, *ss;
+smtp_connection_start = time(NULL);
+for (smtp_ch_index = 0; smtp_ch_index < SMTP_HBUFF_SIZE; smtp_ch_index++)
+ smtp_connection_had[smtp_ch_index] = SCH_NONE;
+smtp_ch_index = 0;
+
/* Default values for certain variables */
helo_seen = esmtp = helo_accept_junk = FALSE;
+smtp_mailcmd_count = 0;
count_nonmail = TRUE_UNSET;
synprot_error_count = unknown_command_count = nonmail_command_count = 0;
smtp_delay_mail = smtp_rlm_base;
auth_advertised = FALSE;
pipelining_advertised = FALSE;
+pipelining_enable = TRUE;
sync_cmd_limit = NON_SYNC_CMD_NON_PIPELINING;
memset(sender_host_cache, 0, sizeof(sender_host_cache));
smtps port for use with older style SSL MTAs. */
#ifdef SUPPORT_TLS
- if (tls_on_connect && tls_server_start(tls_require_ciphers) != OK)
+ if (tls_on_connect &&
+ tls_server_start(tls_require_ciphers,
+ gnutls_require_mac, gnutls_require_kx, gnutls_require_proto) != OK)
return FALSE;
#endif
}
#endif
- /* Check for reserved slots. Note that the count value doesn't include
- this process, as it gets upped in the parent process. */
+ /* Check for reserved slots. The value of smtp_accept_count has already been
+ incremented to include this process. */
if (smtp_accept_max > 0 &&
- smtp_accept_count + 1 > smtp_accept_max - smtp_accept_reserve)
+ smtp_accept_count > smtp_accept_max - smtp_accept_reserve)
{
if ((rc = verify_check_host(&smtp_reserve_hosts)) != OK)
{
log_write(L_connection_reject,
LOG_MAIN, "temporarily refused connection from %s: not in "
"reserve list: connected=%d max=%d reserve=%d%s",
- host_and_ident(FALSE), smtp_accept_count, smtp_accept_max,
+ host_and_ident(FALSE), smtp_accept_count - 1, smtp_accept_max,
smtp_accept_reserve, (rc == DEFER)? " (lookup deferred)" : "");
smtp_printf("421 %s: Too many concurrent SMTP connections; "
"please try again later\r\n", smtp_active_hostname);
int codelen = 3;
s = user_msg;
smtp_message_code(&code, &codelen, &s, NULL);
- if (codelen > 3)
+ if (codelen > 4)
{
esc = code + 4;
esclen = codelen - 4;
Arguments:
code SMTP code, may involve extended status codes
- codelen length of smtp code; if > 3 there's an ESC
+ codelen length of smtp code; if > 4 there's an ESC
final FALSE if the last line isn't the final line
msg message text, possibly containing newlines
if (!final && no_multiline_responses) return;
-if (codelen > 3)
+if (codelen > 4)
{
esc = code + 4;
esclen = codelen - 4;
This function is global because it is called from receive.c as well as within
this module.
+Note that the code length returned includes the terminating whitespace
+character, which is always included in the regex match.
+
Arguments:
code SMTP code, may involve extended status codes
- codelen length of smtp code; if > 3 there's an ESC
+ codelen length of smtp code; if > 4 there's an ESC
msg message text
log_msg optional log message, to be adjusted with the new SMTP code
AUTHS will eventually hit the nonmail threshold. */
case AUTH_CMD:
+ HAD(SCH_AUTH);
authentication_failed = TRUE;
cmd_list[CMD_LIST_AUTH].is_mail_cmd = FALSE;
it did the reset first. */
case HELO_CMD:
+ HAD(SCH_HELO);
hello = US"HELO";
esmtp = FALSE;
goto HELO_EHLO;
case EHLO_CMD:
+ HAD(SCH_EHLO);
hello = US"EHLO";
esmtp = TRUE;
tls_advertised = FALSE;
#endif
- smtp_code = US"250"; /* Default response code */
+ smtp_code = US"250 "; /* Default response code plus space*/
if (user_msg == NULL)
{
s = string_sprintf("%.3s %s Hello %s%s%s",
}
}
- /* A user-supplied EHLO greeting may not contain more than one line */
+ /* A user-supplied EHLO greeting may not contain more than one line. Note
+ that the code returned by smtp_message_code() includes the terminating
+ whitespace character. */
else
{
char *ss;
- int codelen = 3;
+ int codelen = 4;
smtp_message_code(&smtp_code, &codelen, &user_msg, NULL);
- s = string_sprintf("%.*s %s", codelen, smtp_code, user_msg);
+ s = string_sprintf("%.*s%s", codelen, smtp_code, user_msg);
if ((ss = strpbrk(CS s, "\r\n")) != NULL)
{
log_write(0, LOG_MAIN|LOG_PANIC, "EHLO/HELO response must not contain "
/* Exim is quite happy with pipelining, so let the other end know that
it is safe to use it, unless advertising is disabled. */
- if (verify_check_host(&pipelining_advertise_hosts) == OK)
+ if (pipelining_enable &&
+ verify_check_host(&pipelining_advertise_hosts) == OK)
{
s = string_cat(s, &size, &ptr, smtp_code, 3);
s = string_cat(s, &size, &ptr, US"-PIPELINING\r\n", 13);
it is the canonical extracted address which is all that is kept. */
case MAIL_CMD:
+ HAD(SCH_MAIL);
smtp_mailcmd_count++; /* Count for limit and ratelimit */
was_rej_mail = TRUE; /* Reset if accepted */
extracted address. */
case RCPT_CMD:
+ HAD(SCH_RCPT);
rcpt_count++;
was_rcpt = TRUE;
because it is the same whether pipelining is in use or not. */
case DATA_CMD:
+ HAD(SCH_DATA);
if (!discarded && recipients_count <= 0)
{
if (pipelining_advertised && last_was_rcpt)
case VRFY_CMD:
+ HAD(SCH_VRFY);
rc = acl_check(ACL_WHERE_VRFY, NULL, acl_smtp_vrfy, &user_msg, &log_msg);
if (rc != OK)
done = smtp_handle_acl_fail(ACL_WHERE_VRFY, rc, user_msg, log_msg);
case EXPN_CMD:
+ HAD(SCH_EXPN);
rc = acl_check(ACL_WHERE_EXPN, NULL, acl_smtp_expn, &user_msg, &log_msg);
if (rc != OK)
done = smtp_handle_acl_fail(ACL_WHERE_EXPN, rc, user_msg, log_msg);
#ifdef SUPPORT_TLS
case STARTTLS_CMD:
+ HAD(SCH_STARTTLS);
if (!tls_advertised)
{
done = synprot_error(L_smtp_protocol_error, 503, NULL,
We must allow for an extra EHLO command and an extra AUTH command after
STARTTLS that don't add to the nonmail command count. */
- if ((rc = tls_server_start(tls_require_ciphers)) == OK)
+ if ((rc = tls_server_start(tls_require_ciphers, gnutls_require_mac,
+ gnutls_require_kx, gnutls_require_proto)) == OK)
{
if (!tls_remember_esmtp)
helo_seen = esmtp = auth_advertised = pipelining_advertised = FALSE;
message. */
case QUIT_CMD:
+ HAD(SCH_QUIT);
incomplete_transaction_log(US"QUIT");
if (acl_smtp_quit != NULL)
case RSET_CMD:
+ HAD(SCH_RSET);
incomplete_transaction_log(US"RSET");
smtp_reset(reset_point);
toomany = FALSE;
case NOOP_CMD:
+ HAD(SCH_NOOP);
smtp_printf("250 OK\r\n");
break;
permitted hosts. */
case HELP_CMD:
+ HAD(SCH_HELP);
smtp_printf("214-Commands supported:\r\n");
{
uschar buffer[256];
case ETRN_CMD:
+ HAD(SCH_ETRN);
if (sender_address != NULL)
{
done = synprot_error(L_smtp_protocol_error, 503, NULL,
git://git.exim.org / exim.git / blobdiff