if (smtp_inptr >= smtp_inend)
{
int rc, save_errno;
+ if (!smtp_out) return EOF;
fflush(smtp_out);
if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout);
rc = read(fileno(smtp_in), smtp_inbuffer, in_buffer_size);
return *smtp_inptr++;
}
+void
+smtp_get_cache(void)
+{
+#ifndef DISABLE_DKIM
+int n = smtp_inend - smtp_inptr;
+if (n > 0)
+ dkim_exim_verify_feed(smtp_inptr, n);
+#endif
+}
/* Get a byte from the smtp input, in CHUNKING mode. Handle ack of the
/* If not the last, ack the received chunk. The last response is delayed
until after the data ACL decides on it */
- /*XXX find that "last response" and append the chunk size */
if (chunking_state == CHUNKING_LAST)
+ {
+#ifndef DISABLE_DKIM
+ dkim_exim_verify_feed(NULL, 0); /* notify EOD */
+#endif
return EOD;
+ }
chunking_state = CHUNKING_OFFERED;
smtp_printf("250 %u byte chunk received\r\n", chunking_datasize);
}
}
+static void
+bdat_flush_data(void)
+{
+while (chunking_data_left-- > 0)
+ if (lwr_receive_getc() < 0)
+ break;
+
+receive_getc = lwr_receive_getc;
+receive_ungetc = lwr_receive_ungetc;
+
+if (chunking_state != CHUNKING_LAST)
+ chunking_state = CHUNKING_OFFERED;
+}
+
Returns: none
*/
static void
-restore_socket_timeout(int fd, int get_ok, struct timeval tvtmp, socklen_t vslen)
+restore_socket_timeout(int fd, int get_ok, struct timeval * tvtmp, socklen_t vslen)
{
if (get_ok == 0)
- setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&tvtmp, vslen);
+ (void) setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, CS tvtmp, vslen);
}
/*************************************************
includes an incorrect number of spaces separating args.
Arguments: none
-Returns: int
+Returns: Boolean success
*/
static BOOL
struct sockaddr_in6 tmpaddr6;
int get_ok = 0;
-int size, ret, fd;
+int size, ret;
+int fd = fileno(smtp_in);
const char v2sig[12] = "\x0D\x0A\x0D\x0A\x00\x0D\x0A\x51\x55\x49\x54\x0A";
uschar *iptype; /* To display debug info */
struct timeval tv;
-socklen_t vslen = 0;
struct timeval tvtmp;
-
-vslen = sizeof(struct timeval);
-
-fd = fileno(smtp_in);
+socklen_t vslen = sizeof(struct timeval);
/* Save current socket timeout values */
-get_ok = getsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&tvtmp,
- &vslen);
+get_ok = getsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, CS &tvtmp, &vslen);
/* Proxy Protocol host must send header within a short time
(default 3 seconds) or it's considered invalid */
tv.tv_sec = PROXY_NEGOTIATION_TIMEOUT_SEC;
tv.tv_usec = PROXY_NEGOTIATION_TIMEOUT_USEC;
-setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&tv,
- sizeof(struct timeval));
+if (setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, CS &tv, sizeof(tv)) < 0)
+ return FALSE;
do
{
while (ret == -1 && errno == EINTR);
if (ret == -1)
- {
- restore_socket_timeout(fd, get_ok, tvtmp, vslen);
- return (errno == EAGAIN) ? 0 : ERRNO_PROXYFAIL;
- }
+ goto proxyfail;
if (ret >= 16 &&
memcmp(&hdr.v2, v2sig, 12) == 0)
if (!string_is_ip_address(US tmpip,NULL))
{
DEBUG(D_receive) debug_printf("Invalid %s source IP\n", iptype);
- return ERRNO_PROXYFAIL;
+ goto proxyfail;
}
proxy_local_address = sender_host_address;
sender_host_address = string_copy(US tmpip);
if (!string_is_ip_address(US tmpip,NULL))
{
DEBUG(D_receive) debug_printf("Invalid %s dest port\n", iptype);
- return ERRNO_PROXYFAIL;
+ goto proxyfail;
}
proxy_external_address = string_copy(US tmpip);
tmpport = ntohs(hdr.v2.addr.ip4.dst_port);
if (!string_is_ip_address(US tmpip6,NULL))
{
DEBUG(D_receive) debug_printf("Invalid %s source IP\n", iptype);
- return ERRNO_PROXYFAIL;
+ goto proxyfail;
}
proxy_local_address = sender_host_address;
sender_host_address = string_copy(US tmpip6);
if (!string_is_ip_address(US tmpip6,NULL))
{
DEBUG(D_receive) debug_printf("Invalid %s dest port\n", iptype);
- return ERRNO_PROXYFAIL;
+ goto proxyfail;
}
proxy_external_address = string_copy(US tmpip6);
tmpport = ntohs(hdr.v2.addr.ip6.dst_port);
}
proxyfail:
-restore_socket_timeout(fd, get_ok, tvtmp, vslen);
+restore_socket_timeout(fd, get_ok, &tvtmp, vslen);
/* Don't flush any potential buffer contents. Any input should cause a
synchronization failure */
return FALSE;
done:
-restore_socket_timeout(fd, get_ok, tvtmp, vslen);
+restore_socket_timeout(fd, get_ok, &tvtmp, vslen);
DEBUG(D_receive)
debug_printf("Valid %s sender from Proxy Protocol header\n", iptype);
return proxy_session;
receive_swallow_smtp();
smtp_printf("421 %s\r\n", message);
-for (;;)
+for (;;) switch(smtp_read_command(FALSE))
{
- switch(smtp_read_command(FALSE))
- {
- case EOF_CMD:
- return;
+ case EOF_CMD:
+ return;
- case QUIT_CMD:
- smtp_printf("221 %s closing connection\r\n", smtp_active_hostname);
- mac_smtp_fflush();
- return;
+ case QUIT_CMD:
+ smtp_printf("221 %s closing connection\r\n", smtp_active_hostname);
+ mac_smtp_fflush();
+ return;
- case RSET_CMD:
- smtp_printf("250 Reset OK\r\n");
- break;
+ case RSET_CMD:
+ smtp_printf("250 Reset OK\r\n");
+ break;
- default:
- smtp_printf("421 %s\r\n", message);
- break;
- }
+ default:
+ smtp_printf("421 %s\r\n", message);
+ break;
}
}
uschar *
smtp_get_connection_info(void)
{
-uschar *hostname = (sender_fullhost == NULL)?
- sender_host_address : sender_fullhost;
+const uschar * hostname = sender_fullhost
+ ? sender_fullhost : sender_host_address;
if (host_checking)
return string_sprintf("SMTP connection from %s", hostname);
/* Allow for trailing 0 in the command and data buffers. */
-smtp_cmd_buffer = (uschar *)malloc(2*smtp_cmd_buffer_size + 2);
-if (smtp_cmd_buffer == NULL)
+if (!(smtp_cmd_buffer = US malloc(2*smtp_cmd_buffer_size + 2)))
log_write(0, LOG_MAIN|LOG_PANIC_DIE,
"malloc() failed for SMTP command buffer");
+
smtp_cmd_buffer[0] = 0;
smtp_data_buffer = smtp_cmd_buffer + smtp_cmd_buffer_size + 1;
if (smtp_batched_input)
{
- if (received_protocol == NULL) received_protocol = US"local-bsmtp";
+ if (!received_protocol) received_protocol = US"local-bsmtp";
}
/* For non-batched SMTP input, the protocol setting is forced here. It will be
/* Set up the buffer for inputting using direct read() calls, and arrange to
call the local functions instead of the standard C ones. */
-smtp_inbuffer = (uschar *)malloc(in_buffer_size);
-if (smtp_inbuffer == NULL)
+if (!(smtp_inbuffer = (uschar *)malloc(in_buffer_size)))
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "malloc() failed for SMTP input buffer");
+
receive_getc = smtp_getc;
+receive_get_cache = smtp_get_cache;
receive_ungetc = smtp_ungetc;
receive_feof = smtp_feof;
receive_ferror = smtp_ferror;
proxy_session = FALSE;
proxy_session_failed = FALSE;
if (check_proxy_protocol_host())
- {
- if (setup_proxy_protocol_host() == FALSE)
+ if (!setup_proxy_protocol_host())
{
proxy_session_failed = TRUE;
DEBUG(D_receive)
(void)host_name_lookup();
host_build_sender_fullhost();
}
- }
#endif
/* Run the ACL if it exists */
user_msg = NULL;
-if (acl_smtp_connect != NULL)
+if (acl_smtp_connect)
{
int rc;
- rc = acl_check(ACL_WHERE_CONNECT, NULL, acl_smtp_connect, &user_msg,
- &log_msg);
- if (rc != OK)
+ if ((rc = acl_check(ACL_WHERE_CONNECT, NULL, acl_smtp_connect, &user_msg,
+ &log_msg)) != OK)
{
- (void)smtp_handle_acl_fail(ACL_WHERE_CONNECT, rc, user_msg, log_msg);
+ (void) smtp_handle_acl_fail(ACL_WHERE_CONNECT, rc, user_msg, log_msg);
return FALSE;
}
}
uschar *sender_info = US"";
uschar *what =
#ifdef WITH_CONTENT_SCAN
- (where == ACL_WHERE_MIME)? US"during MIME ACL checks" :
+ where == ACL_WHERE_MIME ? US"during MIME ACL checks" :
#endif
- (where == ACL_WHERE_PREDATA)? US"DATA" :
- (where == ACL_WHERE_DATA)? US"after DATA" :
+ where == ACL_WHERE_PREDATA ? US"DATA" :
+ where == ACL_WHERE_DATA ? US"after DATA" :
#ifndef DISABLE_PRDR
- (where == ACL_WHERE_PRDR)? US"after DATA PRDR" :
+ where == ACL_WHERE_PRDR ? US"after DATA PRDR" :
#endif
- (smtp_cmd_data == NULL)?
- string_sprintf("%s in \"connect\" ACL", acl_wherenames[where]) :
- string_sprintf("%s %s", acl_wherenames[where], smtp_cmd_data);
+ smtp_cmd_data ?
+ string_sprintf("%s %s", acl_wherenames[where], smtp_cmd_data) :
+ string_sprintf("%s in \"connect\" ACL", acl_wherenames[where]);
if (drop) rc = FAIL;
/* Sort out text for logging */
-log_msg = (log_msg == NULL)? US"" : string_sprintf(": %s", log_msg);
-lognl = Ustrchr(log_msg, '\n');
-if (lognl != NULL) *lognl = 0;
+log_msg = log_msg ? string_sprintf(": %s", log_msg) : US"";
+if ((lognl = Ustrchr(log_msg, '\n'))) *lognl = 0;
/* Send permanent failure response to the command, but the code used isn't
always a 5xx one - see comments at the start of this function. If the original
rc was FAIL_DROP we drop the connection and yield 2. */
-if (rc == FAIL) smtp_respond(smtp_code, codelen, TRUE, (user_msg == NULL)?
- US"Administrative prohibition" : user_msg);
+if (rc == FAIL)
+ smtp_respond(smtp_code, codelen, TRUE,
+ user_msg ? user_msg : US"Administrative prohibition");
/* Send temporary failure response to the command. Don't give any details,
unless acl_temp_details is set. This is TRUE for a callout defer, a "defer"
be re-implemented in a tidier fashion. */
else
- {
- if (acl_temp_details && user_msg != NULL)
+ if (acl_temp_details && user_msg)
{
- if (smtp_return_error_details &&
- sender_verified_failed != NULL &&
- sender_verified_failed->message != NULL)
- {
+ if ( smtp_return_error_details
+ && sender_verified_failed
+ && sender_verified_failed->message
+ )
smtp_respond(smtp_code, codelen, FALSE, sender_verified_failed->message);
- }
+
smtp_respond(smtp_code, codelen, TRUE, user_msg);
}
else
smtp_respond(smtp_code, codelen, TRUE,
US"Temporary local problem - please try later");
- }
/* Log the incident to the logs that are specified by log_reject_target
(default main, reject). This can be empty to suppress logging of rejections. If
#else
uschar * tls = US"";
#endif
- log_write(0, log_reject_target, "%s%s%s %s%srejected %s%s",
+ log_write(where == ACL_WHERE_CONNECT ? L_connection_reject : 0,
+ log_reject_target, "%s%s%s %s%srejected %s%s",
LOGGING(dnssec) && sender_host_dnssec ? US" DS" : US"",
host_and_ident(TRUE),
tls,
/* Call the not-QUIT ACL, if there is one, unless no reason is given. */
-if (acl_smtp_notquit != NULL && reason != NULL)
+if (acl_smtp_notquit && reason)
{
smtp_notquit_reason = reason;
- rc = acl_check(ACL_WHERE_NOTQUIT, NULL, acl_smtp_notquit, &user_msg,
- &log_msg);
- if (rc == ERROR)
+ if ((rc = acl_check(ACL_WHERE_NOTQUIT, NULL, acl_smtp_notquit, &user_msg,
+ &log_msg)) == ERROR)
log_write(0, LOG_MAIN|LOG_PANIC, "ACL for not-QUIT returned ERROR: %s",
log_msg);
}
warning, just in case. Note that string_vformat() still leaves a complete
string, even if it is incomplete. */
-if (code != NULL && defaultrespond != NULL)
+if (code && defaultrespond)
{
- if (user_msg == NULL)
+ if (user_msg)
+ smtp_respond(code, 3, TRUE, user_msg);
+ else
{
uschar buffer[128];
va_list ap;
smtp_printf("%s %s\r\n", code, buffer);
va_end(ap);
}
- else
- smtp_respond(code, 3, TRUE, user_msg);
mac_smtp_fflush();
}
}
{
HAD(SCH_QUIT);
incomplete_transaction_log(US"QUIT");
-if (acl_smtp_quit != NULL)
+if (acl_smtp_quit)
{
int rc = acl_check(ACL_WHERE_QUIT, NULL, acl_smtp_quit, user_msgp, log_msgp);
if (rc == ERROR)
}
#endif
+#ifdef TCP_QUICKACK
+ if (smtp_in) /* Avoid pure-ACKs while in cmd pingpong phase */
+ (void) setsockopt(fileno(smtp_in), IPPROTO_TCP, TCP_QUICKACK,
+ US &off, sizeof(off));
+#endif
+
switch(smtp_read_command(TRUE))
{
/* The AUTH command is not permitted to occur inside a transaction, and may
smtp_connection_had[smtp_ch_index-1] == SCH_DATA
? US"valid RCPT command must precede DATA"
: US"valid RCPT command must precede BDAT");
+
+ if (chunking_state > CHUNKING_OFFERED)
+ bdat_flush_data();
break;
}
"354 Enter message, ending with \".\" on a line by itself\r\n");
}
+#ifdef TCP_QUICKACK
+ if (smtp_in) /* all ACKs needed to ramp window up for bulk data */
+ (void) setsockopt(fileno(smtp_in), IPPROTO_TCP, TCP_QUICKACK,
+ US &on, sizeof(on));
+#endif
done = 3;
message_ended = END_NOTENDED; /* Indicate in middle of data */
set, but we must still reject all incoming commands. */
DEBUG(D_tls) debug_printf("TLS failed to start\n");
- while (done <= 0)
+ while (done <= 0) switch(smtp_read_command(FALSE))
{
- switch(smtp_read_command(FALSE))
- {
- case EOF_CMD:
- log_write(L_smtp_connection, LOG_MAIN, "%s closed by EOF",
- smtp_get_connection_info());
- smtp_notquit_exit(US"tls-failed", NULL, NULL);
- done = 2;
- break;
-
- /* It is perhaps arguable as to which exit ACL should be called here,
- but as it is probably a situation that almost never arises, it
- probably doesn't matter. We choose to call the real QUIT ACL, which in
- some sense is perhaps "right". */
+ case EOF_CMD:
+ log_write(L_smtp_connection, LOG_MAIN, "%s closed by EOF",
+ smtp_get_connection_info());
+ smtp_notquit_exit(US"tls-failed", NULL, NULL);
+ done = 2;
+ break;
- case QUIT_CMD:
- user_msg = NULL;
- if (acl_smtp_quit != NULL)
- {
- rc = acl_check(ACL_WHERE_QUIT, NULL, acl_smtp_quit, &user_msg,
- &log_msg);
- if (rc == ERROR)
- log_write(0, LOG_MAIN|LOG_PANIC, "ACL for QUIT returned ERROR: %s",
- log_msg);
- }
- if (user_msg == NULL)
- smtp_printf("221 %s closing connection\r\n", smtp_active_hostname);
- else
- smtp_respond(US"221", 3, TRUE, user_msg);
- log_write(L_smtp_connection, LOG_MAIN, "%s closed by QUIT",
- smtp_get_connection_info());
- done = 2;
- break;
+ /* It is perhaps arguable as to which exit ACL should be called here,
+ but as it is probably a situation that almost never arises, it
+ probably doesn't matter. We choose to call the real QUIT ACL, which in
+ some sense is perhaps "right". */
+
+ case QUIT_CMD:
+ user_msg = NULL;
+ if ( acl_smtp_quit
+ && ((rc = acl_check(ACL_WHERE_QUIT, NULL, acl_smtp_quit, &user_msg,
+ &log_msg)) == ERROR))
+ log_write(0, LOG_MAIN|LOG_PANIC, "ACL for QUIT returned ERROR: %s",
+ log_msg);
+ if (user_msg)
+ smtp_respond(US"221", 3, TRUE, user_msg);
+ else
+ smtp_printf("221 %s closing connection\r\n", smtp_active_hostname);
+ log_write(L_smtp_connection, LOG_MAIN, "%s closed by QUIT",
+ smtp_get_connection_info());
+ done = 2;
+ break;
- default:
- smtp_printf("554 Security failure\r\n");
- break;
- }
+ default:
+ smtp_printf("554 Security failure\r\n");
+ break;
}
tls_close(TRUE, TRUE);
break;
git://git.exim.org / exim.git / blobdiff