* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2009 */
+/* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 - 2021 */
/* See the file NOTICE for conditions of use and distribution. */
/* A number of functions for driving outgoing SMTP calls. */
#include "exim.h"
+#include "transports/smtp.h"
which case the function does nothing
host_af AF_INET or AF_INET6 for the outgoing IP address
addr the mail address being handled (for setting errors)
- changed if not NULL, set TRUE if expansion actually changed istring
- interface point this to the interface
+ interface point this to the interface if there is one defined
msg to add to any error message
Returns: TRUE on success, FALSE on failure, with error message
BOOL
smtp_get_interface(uschar *istring, int host_af, address_item *addr,
- BOOL *changed, uschar **interface, uschar *msg)
+ uschar **interface, uschar *msg)
{
-uschar *expint;
+const uschar * expint;
uschar *iface;
int sep = 0;
-if (istring == NULL) return TRUE;
+if (!istring) return TRUE;
-expint = expand_string(istring);
-if (expint == NULL)
+if (!(expint = expand_string(istring)))
{
- if (expand_string_forcedfail) return TRUE;
+ if (f.expand_string_forcedfail) return TRUE;
addr->transport_return = PANIC;
addr->message = string_sprintf("failed to expand \"interface\" "
"option for %s: %s", msg, expand_string_message);
return FALSE;
}
-if (changed != NULL) *changed = expint != istring;
+if (is_tainted(expint))
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "attempt to use tainted value '%s' from '%s' for interface",
+ expint, istring);
+ addr->transport_return = PANIC;
+ addr->message = string_sprintf("failed to expand \"interface\" "
+ "option for %s: configuration error", msg);
+ return FALSE;
+ }
-while (isspace(*expint)) expint++;
-if (*expint == 0) return TRUE;
+Uskip_whitespace(&expint);
+if (!*expint) return TRUE;
-while ((iface = string_nextinlist(&expint, &sep, big_buffer,
- big_buffer_size)) != NULL)
+while ((iface = string_nextinlist(&expint, &sep, NULL, 0)))
{
- if (string_is_ip_address(iface, NULL) == 0)
+ int if_af = string_is_ip_address(iface, NULL);
+ if (if_af == 0)
{
addr->transport_return = PANIC;
addr->message = string_sprintf("\"%s\" is not a valid IP "
return FALSE;
}
- if (((Ustrchr(iface, ':') == NULL)? AF_INET:AF_INET6) == host_af)
+ if ((if_af == 4 ? AF_INET : AF_INET6) == host_af)
break;
}
-if (iface != NULL) *interface = string_copy(iface);
+*interface = iface;
return TRUE;
}
{
uschar *pstring = expand_string(rstring);
-if (pstring == NULL)
+if (!pstring)
{
addr->transport_return = PANIC;
addr->message = string_sprintf("failed to expand \"%s\" (\"port\" option) "
else
{
struct servent *smtp_service = getservbyname(CS pstring, "tcp");
- if (smtp_service == NULL)
+ if (!smtp_service)
{
addr->transport_return = PANIC;
addr->message = string_sprintf("TCP port \"%s\" is not defined for %s",
-/*************************************************
-* Connect to remote host *
-*************************************************/
-
-/* Create a socket, and connect it to a remote host. IPv6 addresses are
-detected by checking for a colon in the address. AF_INET6 is defined even on
-non-IPv6 systems, to enable the code to be less messy. However, on such systems
-host->address will always be an IPv4 address.
-
-The port field in the host item is used if it is set (usually router from SRV
-records or elsewhere). In other cases, the default passed as an argument is
-used, and the host item is updated with its value.
+#ifdef TCP_FASTOPEN
+/* Try to record if TFO was attmepted and if it was successfully used. */
-Arguments:
- host host item containing name and address (and sometimes port)
- host_af AF_INET or AF_INET6
- port default remote port to connect to, in host byte order, for those
- hosts whose port setting is PORT_NONE
- interface outgoing interface address or NULL
- timeout timeout value or 0
- keepalive TRUE to use keepalive
- dscp DSCP value to assign to socket
- tpda_event event expansion
+static void
+tfo_out_check(int sock)
+{
+static BOOL done_once = FALSE;
-Returns: connected socket number, or -1 with errno set
-*/
+if (done_once) return;
+done_once = TRUE;
-int
-smtp_connect(host_item *host, int host_af, int port, uschar *interface,
- int timeout, BOOL keepalive, const uschar *dscp
-#ifdef EXPERIMENTAL_TPDA
- , uschar * tpda_event
-#endif
- )
-{
-int on = 1;
-int save_errno = 0;
-int dscp_value;
-int dscp_level;
-int dscp_option;
-int sock;
+# ifdef __FreeBSD__
+struct tcp_info tinfo;
+socklen_t len = sizeof(tinfo);
-if (host->port != PORT_NONE)
+/* A getsockopt TCP_FASTOPEN unfortunately returns "was-used" for a TFO/R as
+well as a TFO/C. Use what we can of the Linux hack below; reliability issues ditto. */
+switch (tcp_out_fastopen)
{
- HDEBUG(D_transport|D_acl|D_v)
- debug_printf("Transport port=%d replaced by host-specific port=%d\n", port,
- host->port);
- port = host->port;
+ case TFO_ATTEMPTED_NODATA:
+ if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
+ && tinfo.tcpi_state == TCPS_SYN_SENT
+ && tinfo.__tcpi_unacked > 0
+ )
+ {
+ DEBUG(D_transport|D_v)
+ debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.__tcpi_unacked);
+ tcp_out_fastopen = TFO_USED_NODATA;
+ }
+ break;
+ /*
+ case TFO_ATTEMPTED_DATA:
+ case TFO_ATTEMPTED_DATA:
+ if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA) XXX no equvalent as of 12.2
+ */
}
-else host->port = port; /* Set the port actually used */
-HDEBUG(D_transport|D_acl|D_v)
+switch (tcp_out_fastopen)
{
- if (interface == NULL)
- debug_printf("Connecting to %s [%s]:%d ... ",host->name,host->address,port);
- else
- debug_printf("Connecting to %s [%s]:%d from %s ... ", host->name,
- host->address, port, interface);
+ case TFO_ATTEMPTED_DATA: tcp_out_fastopen = TFO_USED_DATA; break;
+ default: break; /* compiler quietening */
}
-#ifdef EXPERIMENTAL_TPDA
- /*XXX Called from both delivery and verify. Is that status observable? */
- deliver_host_address = host->address;
- deliver_host_port = port;
- if (tpda_raise_event(tpda_event, US"tcp:connect", NULL) == DEFER) return -1;
+# else /* Linux & Apple */
+# if defined(TCP_INFO) && defined(EXIM_HAVE_TCPI_UNACKED)
+struct tcp_info tinfo;
+socklen_t len = sizeof(tinfo);
+
+switch (tcp_out_fastopen)
+ {
+ /* This is a somewhat dubious detection method; totally undocumented so likely
+ to fail in future kernels. There seems to be no documented way. What we really
+ want to know is if the server sent smtp-banner data before our ACK of his SYN,ACK
+ hit him. What this (possibly?) detects is whether we sent a TFO cookie with our
+ SYN, as distinct from a TFO request. This gets a false-positive when the server
+ key is rotated; we send the old one (which this test sees) but the server returns
+ the new one and does not send its SMTP banner before we ACK his SYN,ACK.
+ To force that rotation case:
+ '# echo -n "00000000-00000000-00000000-0000000" >/proc/sys/net/ipv4/tcp_fastopen_key'
+ The kernel seems to be counting unack'd packets. */
+
+ case TFO_ATTEMPTED_NODATA:
+ if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
+ && tinfo.tcpi_state == TCP_SYN_SENT
+ && tinfo.tcpi_unacked > 1
+ )
+ {
+ DEBUG(D_transport|D_v)
+ debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.tcpi_unacked);
+ tcp_out_fastopen = TFO_USED_NODATA;
+ }
+ break;
+
+ /* When called after waiting for received data we should be able
+ to tell if data we sent was accepted. */
+
+ case TFO_ATTEMPTED_DATA:
+ if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
+ && tinfo.tcpi_state == TCP_ESTABLISHED
+ )
+ if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA)
+ {
+ DEBUG(D_transport|D_v) debug_printf("TFO: data was acked\n");
+ tcp_out_fastopen = TFO_USED_DATA;
+ }
+ else
+ {
+ DEBUG(D_transport|D_v) debug_printf("TFO: had to retransmit\n");
+ tcp_out_fastopen = TFO_NOT_USED;
+ }
+ break;
+
+ default: break; /* compiler quietening */
+ }
+# endif
+# endif /* Linux & Apple */
+}
#endif
-/* Create the socket */
-if ((sock = ip_socket(SOCK_STREAM, host_af)) < 0) return -1;
+/* Create and bind a socket, given the connect-args.
+Update those with the state. Return the fd, or -1 with errno set.
+*/
+
+int
+smtp_boundsock(smtp_connect_args * sc)
+{
+transport_instance * tb = sc->tblock;
+smtp_transport_options_block * ob =
+ (smtp_transport_options_block *)tb->options_block;
+const uschar * dscp = ob->dscp;
+int sock, dscp_value, dscp_level, dscp_option;
+
+if ((sock = ip_socket(SOCK_STREAM, sc->host_af)) < 0)
+ return -1;
/* Set TCP_NODELAY; Exim does its own buffering. */
-setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (uschar *)(&on), sizeof(on));
+if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, US &on, sizeof(on)))
+ HDEBUG(D_transport|D_acl|D_v)
+ debug_printf_indent("failed to set NODELAY: %s ", strerror(errno));
/* Set DSCP value, if we can. For now, if we fail to set the value, we don't
bomb out, just log it and continue in default traffic class. */
-if (dscp && dscp_lookup(dscp, host_af, &dscp_level, &dscp_option, &dscp_value))
+if (dscp && dscp_lookup(dscp, sc->host_af, &dscp_level, &dscp_option, &dscp_value))
{
HDEBUG(D_transport|D_acl|D_v)
- debug_printf("DSCP \"%s\"=%x ", dscp, dscp_value);
+ debug_printf_indent("DSCP \"%s\"=%x ", dscp, dscp_value);
if (setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value)) < 0)
HDEBUG(D_transport|D_acl|D_v)
- debug_printf("failed to set DSCP: %s ", strerror(errno));
+ debug_printf_indent("failed to set DSCP: %s ", strerror(errno));
/* If the kernel supports IPv4 and IPv6 on an IPv6 socket, we need to set the
option for both; ignore failures here */
- if (host_af == AF_INET6 &&
+ if (sc->host_af == AF_INET6 &&
dscp_lookup(dscp, AF_INET, &dscp_level, &dscp_option, &dscp_value))
- {
(void) setsockopt(sock, dscp_level, dscp_option, &dscp_value, sizeof(dscp_value));
- }
}
/* Bind to a specific interface if requested. Caller must ensure the interface
is the same type (IPv4 or IPv6) as the outgoing address. */
-if (interface != NULL && ip_bind(sock, host_af, interface, 0) < 0)
+if (sc->interface)
{
- save_errno = errno;
- HDEBUG(D_transport|D_acl|D_v)
- debug_printf("unable to bind outgoing SMTP call to %s: %s", interface,
- strerror(errno));
+ union sockaddr_46 interface_sock;
+ EXIM_SOCKLEN_T size = sizeof(interface_sock);
+
+ if ( ip_bind(sock, sc->host_af, sc->interface, 0) < 0
+ || getsockname(sock, (struct sockaddr *) &interface_sock, &size) < 0
+ )
+ {
+ HDEBUG(D_transport|D_acl|D_v)
+ debug_printf_indent("unable to bind outgoing SMTP call to %s: %s", sc->interface,
+ strerror(errno));
+ close(sock);
+ return -1;
+ }
+ sending_ip_address = host_ntoa(-1, &interface_sock, NULL, &sending_port);
}
-/* Connect to the remote host, and add keepalive to the socket before returning
-it, if requested. */
+sc->sock = sock;
+return sock;
+}
+
+
+/* Arguments:
+ host host item containing name and address and port
+ host_af AF_INET or AF_INET6
+ port TCP port number
+ interface outgoing interface address or NULL
+ tb transport
+ timeout timeout value or 0
+ early_data if non-NULL, idempotent data to be sent -
+ preferably in the TCP SYN segment
+ Special case: non-NULL but with NULL blob.data - caller is
+ client-data-first (eg. TLS-on-connect) and a lazy-TCP-connect is
+ acceptable.
-else if (ip_connect(sock, host_af, host->address, port, timeout) < 0)
+Returns: connected socket number, or -1 with errno set
+*/
+
+int
+smtp_sock_connect(smtp_connect_args * sc, int timeout, const blob * early_data)
+{
+smtp_transport_options_block * ob =
+ (smtp_transport_options_block *)sc->tblock->options_block;
+int sock;
+int save_errno = 0;
+const blob * fastopen_blob = NULL;
+
+
+#ifndef DISABLE_EVENT
+deliver_host_address = sc->host->address;
+deliver_host_port = sc->host->port;
+if (event_raise(sc->tblock->event_action, US"tcp:connect", NULL, &errno)) return -1;
+#endif
+
+if ( (sock = sc->sock) < 0
+ && (sock = smtp_boundsock(sc)) < 0)
save_errno = errno;
+sc->sock = -1;
-/* Either bind() or connect() failed */
+/* Connect to the remote host, and add keepalive to the socket before returning
+it, if requested. If the build supports TFO, request it - and if the caller
+requested some early-data then include that in the TFO request. If there is
+early-data but no TFO support, send it after connecting. */
-if (save_errno != 0)
+if (!save_errno)
{
- HDEBUG(D_transport|D_acl|D_v)
+#ifdef TCP_FASTOPEN
+ /* See if TCP Fast Open usable. Default is a traditional 3WHS connect */
+ if (verify_check_given_host(CUSS &ob->hosts_try_fastopen, sc->host) == OK)
{
- debug_printf("failed: %s", CUstrerror(save_errno));
- if (save_errno == ETIMEDOUT)
- debug_printf(" (timeout=%s)", readconf_printtime(timeout));
- debug_printf("\n");
+ if (!early_data)
+ fastopen_blob = &tcp_fastopen_nodata; /* TFO, with no data */
+ else if (early_data->data)
+ fastopen_blob = early_data; /* TFO, with data */
+# ifdef TCP_FASTOPEN_CONNECT
+ else
+ { /* expecting client data */
+ debug_printf(" set up lazy-connect\n");
+ setsockopt(sock, IPPROTO_TCP, TCP_FASTOPEN_CONNECT, US &on, sizeof(on));
+ /* fastopen_blob = NULL; lazy TFO, triggered by data write */
+ }
+# endif
}
- (void)close(sock);
- errno = save_errno;
- return -1;
- }
+#endif
-/* Both bind() and connect() succeeded */
+ if (ip_connect(sock, sc->host_af, sc->host->address, sc->host->port, timeout, fastopen_blob) < 0)
+ save_errno = errno;
+ else if (early_data && !fastopen_blob && early_data->data && early_data->len)
+ {
+ /* We had some early-data to send, but couldn't do TFO */
+ HDEBUG(D_transport|D_acl|D_v)
+ debug_printf("sending %ld nonTFO early-data\n", (long)early_data->len);
-else
+#ifdef TCP_QUICKACK_notdef
+ (void) setsockopt(sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
+#endif
+ if (send(sock, early_data->data, early_data->len, 0) < 0)
+ save_errno = errno;
+ }
+#ifdef TCP_QUICKACK_notdef
+ /* Under TFO (with openssl & pipe-conn; testcase 4069, as of
+ 5.10.8-100.fc32.x86_64) this seems to be inop.
+ Perhaps overwritten when we (client) go -> ESTABLISHED on seeing the 3rd-ACK?
+ For that case, added at smtp_reap_banner(). */
+ (void) setsockopt(sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
+#endif
+ }
+
+if (!save_errno)
{
union sockaddr_46 interface_sock;
EXIM_SOCKLEN_T size = sizeof(interface_sock);
- HDEBUG(D_transport|D_acl|D_v) debug_printf("connected\n");
+
+ /* Both bind() and connect() succeeded, and any early-data */
+
+ HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" connected\n");
if (getsockname(sock, (struct sockaddr *)(&interface_sock), &size) == 0)
sending_ip_address = host_ntoa(-1, &interface_sock, NULL, &sending_port);
else
close(sock);
return -1;
}
- if (keepalive) ip_keepalive(sock, host->address, TRUE);
+
+ if (ob->keepalive) ip_keepalive(sock, sc->host->address, TRUE);
+#ifdef TCP_FASTOPEN
+ tfo_out_check(sock);
+#endif
+ return sock;
+ }
+
+/* Either bind() or connect() failed */
+
+HDEBUG(D_transport|D_acl|D_v)
+ {
+ debug_printf_indent(" failed: %s", CUstrerror(save_errno));
+ if (save_errno == ETIMEDOUT)
+ debug_printf(" (timeout=%s)", readconf_printtime(timeout));
+ debug_printf("\n");
+ }
+(void)close(sock);
+errno = save_errno;
+return -1;
+}
+
+
+
+
+
+void
+smtp_port_for_connect(host_item * host, int port)
+{
+if (host->port != PORT_NONE)
+ {
+ HDEBUG(D_transport|D_acl|D_v) if (port != host->port)
+ debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
+ host->port);
+ port = host->port;
+ }
+else host->port = port; /* Set the port actually used */
+}
+
+
+/*************************************************
+* Connect to remote host *
+*************************************************/
+
+/* Create a socket, and connect it to a remote host. IPv6 addresses are
+detected by checking for a colon in the address. AF_INET6 is defined even on
+non-IPv6 systems, to enable the code to be less messy. However, on such systems
+host->address will always be an IPv4 address.
+
+Arguments:
+ sc details for making connection: host, af, interface, transport
+ early_data if non-NULL, data to be sent - preferably in the TCP SYN segment
+ Special case: non-NULL but with NULL blob.data - caller is
+ client-data-first (eg. TLS-on-connect) and a lazy-TCP-connect is
+ acceptable.
+
+Returns: connected socket number, or -1 with errno set
+*/
+
+int
+smtp_connect(smtp_connect_args * sc, const blob * early_data)
+{
+int port = sc->host->port;
+smtp_transport_options_block * ob = sc->ob;
+
+callout_address = string_sprintf("[%s]:%d", sc->host->address, port);
+
+HDEBUG(D_transport|D_acl|D_v)
+ {
+ uschar * s = US" ";
+ if (sc->interface) s = string_sprintf(" from %s ", sc->interface);
+#ifdef SUPPORT_SOCKS
+ if (ob->socks_proxy) s = string_sprintf("%svia proxy ", s);
+#endif
+ debug_printf_indent("Connecting to %s %s%s... ", sc->host->name, callout_address, s);
+ }
+
+/* Create and connect the socket */
+
+#ifdef SUPPORT_SOCKS
+if (ob->socks_proxy)
+ {
+ int sock = socks_sock_connect(sc->host, sc->host_af, port, sc->interface,
+ sc->tblock, ob->connect_timeout);
+
+ if (sock >= 0)
+ {
+ if (early_data && early_data->data && early_data->len)
+ if (send(sock, early_data->data, early_data->len, 0) < 0)
+ {
+ int save_errno = errno;
+ HDEBUG(D_transport|D_acl|D_v)
+ {
+ debug_printf_indent("failed: %s", CUstrerror(save_errno));
+ if (save_errno == ETIMEDOUT)
+ debug_printf(" (timeout=%s)", readconf_printtime(ob->connect_timeout));
+ debug_printf("\n");
+ }
+ (void)close(sock);
+ sock = -1;
+ errno = save_errno;
+ }
+ }
return sock;
}
+#endif
+
+return smtp_sock_connect(sc, ob->connect_timeout, early_data);
}
Argument:
outblock the SMTP output block
+ mode further data expected, or plain
Returns: TRUE if OK, FALSE on error, with errno set
*/
static BOOL
-flush_buffer(smtp_outblock *outblock)
+flush_buffer(smtp_outblock * outblock, int mode)
{
int rc;
+int n = outblock->ptr - outblock->buffer;
+BOOL more = mode == SCMD_MORE;
+client_conn_ctx * cctx;
+
+HDEBUG(D_transport|D_acl) debug_printf_indent("cmd buf flush %d bytes%s\n", n,
+ more ? " (more expected)" : "");
-#ifdef SUPPORT_TLS
-if (tls_out.active == outblock->sock)
- rc = tls_write(FALSE, outblock->buffer, outblock->ptr - outblock->buffer);
+if (!(cctx = outblock->cctx))
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC, "null conn-context pointer");
+ errno = 0;
+ return FALSE;
+ }
+
+#ifndef DISABLE_TLS
+if (cctx->tls_ctx) /*XXX have seen a null cctx here, rvfy sending QUIT, hence check above */
+ rc = tls_write(cctx->tls_ctx, outblock->buffer, n, more);
else
#endif
-rc = send(outblock->sock, outblock->buffer, outblock->ptr - outblock->buffer, 0);
+ {
+ if (outblock->conn_args)
+ {
+ blob early_data = { .data = outblock->buffer, .len = n };
+
+ /* We ignore the more-flag if we're doing a connect with early-data, which
+ means we won't get BDAT+data. A pity, but wise due to the idempotency
+ requirement: TFO with data can, in rare cases, replay the data to the
+ receiver. */
+
+ if ( (cctx->sock = smtp_connect(outblock->conn_args, &early_data))
+ < 0)
+ return FALSE;
+ outblock->conn_args = NULL;
+ rc = n;
+ }
+ else
+ {
+ rc = send(cctx->sock, outblock->buffer, n,
+#ifdef MSG_MORE
+ more ? MSG_MORE : 0
+#else
+ 0
+#endif
+ );
+
+#if defined(__linux__)
+ /* This is a workaround for a current linux kernel bug: as of
+ 5.6.8-200.fc31.x86_64 small (<MSS) writes get delayed by about 200ms,
+ This is despite NODELAY being active.
+ https://bugzilla.redhat.com/show_bug.cgi?id=1803806 */
+
+ if (!more)
+ setsockopt(cctx->sock, IPPROTO_TCP, TCP_CORK, &off, sizeof(off));
+#endif
+ }
+ }
+
if (rc <= 0)
{
- HDEBUG(D_transport|D_acl) debug_printf("send failed: %s\n", strerror(errno));
+ HDEBUG(D_transport|D_acl) debug_printf_indent("send failed: %s\n", strerror(errno));
return FALSE;
}
+/* This might be called both due to callout and then from delivery.
+Use memory that will not be released between those phases.
+*/
+static void
+smtp_debug_resp(const uschar * buf)
+{
+#ifndef DISABLE_CLIENT_CMD_LOG
+int old_pool = store_pool;
+store_pool = POOL_PERM;
+client_cmd_log = string_append_listele_n(client_cmd_log, ':', buf,
+ buf[3] == ' ' ? 3 : 4);
+store_pool = old_pool;
+#endif
+}
+
+
/*************************************************
* Write SMTP command *
*************************************************/
any error message.
Arguments:
- outblock contains buffer for pipelining, and socket
- noflush if TRUE, save the command in the output buffer, for pipelining
+ sx SMTP connection, contains buffer for pipelining, and socket
+ mode buffer, write-with-more-likely, write
format a format, starting with one of
of HELO, MAIL FROM, RCPT TO, DATA, ".", or QUIT.
+ If NULL, flush pipeline buffer only.
... data for the format
Returns: 0 if command added to pipelining buffer, with nothing transmitted
*/
int
-smtp_write_command(smtp_outblock *outblock, BOOL noflush, const char *format, ...)
+smtp_write_command(void * sx, int mode, const char * format, ...)
{
-int count;
+smtp_outblock * outblock = &((smtp_context *)sx)->outblock;
int rc = 0;
-va_list ap;
-
-va_start(ap, format);
-if (!string_vformat(big_buffer, big_buffer_size, CS format, ap))
- log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
- "SMTP");
-va_end(ap);
-count = Ustrlen(big_buffer);
-
-if (count > outblock->buffersize)
- log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
- "SMTP");
-if (count > outblock->buffersize - (outblock->ptr - outblock->buffer))
+if (format)
{
- rc = outblock->cmd_count; /* flush resets */
- if (!flush_buffer(outblock)) return -1;
- }
+ gstring gs = { .size = big_buffer_size, .ptr = 0, .s = big_buffer };
+ va_list ap;
+
+ /* Use taint-unchecked routines for writing into big_buffer, trusting that
+ we'll never expand the results. Actually, the error-message use - leaving
+ the results in big_buffer for potential later use - is uncomfortably distant.
+ XXX Would be better to assume all smtp commands are short, use normal pool
+ alloc rather than big_buffer, and another global for the data-for-error. */
+
+ va_start(ap, format);
+ if (!string_vformat(&gs, SVFMT_TAINT_NOCHK, CS format, ap))
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
+ "SMTP");
+ va_end(ap);
+ string_from_gstring(&gs);
+
+ if (gs.ptr > outblock->buffersize)
+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "overlong write_command in outgoing "
+ "SMTP");
+
+ if (gs.ptr > outblock->buffersize - (outblock->ptr - outblock->buffer))
+ {
+ rc = outblock->cmd_count; /* flush resets */
+ if (!flush_buffer(outblock, SCMD_FLUSH)) return -1;
+ }
-Ustrncpy(CS outblock->ptr, big_buffer, count);
-outblock->ptr += count;
-outblock->cmd_count++;
-count -= 2;
-big_buffer[count] = 0; /* remove \r\n for error message */
+ Ustrncpy(outblock->ptr, gs.s, gs.ptr);
+ outblock->ptr += gs.ptr;
+ outblock->cmd_count++;
+ gs.ptr -= 2; string_from_gstring(&gs); /* remove \r\n for error message */
-/* We want to hide the actual data sent in AUTH transactions from reflections
-and logs. While authenticating, a flag is set in the outblock to enable this.
-The AUTH command itself gets any data flattened. Other lines are flattened
-completely. */
+ /* We want to hide the actual data sent in AUTH transactions from reflections
+ and logs. While authenticating, a flag is set in the outblock to enable this.
+ The AUTH command itself gets any data flattened. Other lines are flattened
+ completely. */
-if (outblock->authenticating)
- {
- uschar *p = big_buffer;
- if (Ustrncmp(big_buffer, "AUTH ", 5) == 0)
+ if (outblock->authenticating)
{
- p += 5;
- while (isspace(*p)) p++;
- while (!isspace(*p)) p++;
- while (isspace(*p)) p++;
+ uschar *p = big_buffer;
+ if (Ustrncmp(big_buffer, "AUTH ", 5) == 0)
+ {
+ p += 5;
+ while (isspace(*p)) p++;
+ while (!isspace(*p)) p++;
+ while (isspace(*p)) p++;
+ }
+ while (*p) *p++ = '*';
}
- while (*p != 0) *p++ = '*';
- }
-HDEBUG(D_transport|D_acl|D_v) debug_printf(" SMTP>> %s\n", big_buffer);
+ smtp_debug_cmd(big_buffer, mode);
+ }
-if (!noflush)
+if (mode != SCMD_BUFFER)
{
rc += outblock->cmd_count; /* flush resets */
- if (!flush_buffer(outblock)) return -1;
+ if (!flush_buffer(outblock, mode)) return -1;
}
return rc;
inblock the SMTP input block (contains holding buffer, socket, etc.)
buffer where to put the line
size space available for the line
- timeout the timeout to use when reading a packet
+ timelimit deadline for reading the lime, seconds past epoch
Returns: length of a line that has been put in the buffer
- -1 otherwise, with errno set
+ -1 otherwise, with errno set, and inblock->ptr adjusted
*/
static int
-read_response_line(smtp_inblock *inblock, uschar *buffer, int size, int timeout)
+read_response_line(smtp_inblock *inblock, uschar *buffer, int size, time_t timelimit)
{
uschar *p = buffer;
uschar *ptr = inblock->ptr;
uschar *ptrend = inblock->ptrend;
-int sock = inblock->sock;
+client_conn_ctx * cctx = inblock->cctx;
/* Loop for reading multiple packets or reading another packet after emptying
a previously-read one. */
{
*p = 0; /* Leave malformed line for error message */
errno = ERRNO_SMTPFORMAT;
+ inblock->ptr = ptr;
return -1;
}
}
/* Need to read a new input packet. */
- rc = ip_recv(sock, inblock->buffer, inblock->buffersize, timeout);
- if (rc <= 0) break;
+ if((rc = ip_recv(cctx, inblock->buffer, inblock->buffersize, timelimit)) <= 0)
+ {
+ DEBUG(D_deliver|D_transport|D_acl|D_v)
+ debug_printf_indent(errno ? " SMTP(%s)<<\n" : " SMTP(closed)<<\n",
+ strerror(errno));
+ break;
+ }
/* Another block of data has been successfully read. Set up the pointers
and let the loop continue. */
ptrend = inblock->ptrend = inblock->buffer + rc;
ptr = inblock->buffer;
- DEBUG(D_transport|D_acl) debug_printf("read response data: size=%d\n", rc);
+ DEBUG(D_transport|D_acl) debug_printf_indent("read response data: size=%d\n", rc);
}
/* Get here if there has been some kind of recv() error; errno is set, but we
ensure that the result buffer is empty before returning. */
+inblock->ptr = inblock->ptrend = inblock->buffer;
*buffer = 0;
return -1;
}
the error code will be in errno.
Arguments:
- inblock the SMTP input block (contains holding buffer, socket, etc.)
+ sx the SMTP connection (contains input block with holding buffer,
+ socket, etc.)
buffer where to put the response
size the size of the buffer
okdigit the expected first digit of the response
- timeout the timeout to use
+ timeout the timeout to use, in seconds
Returns: TRUE if a valid, non-error response was received; else FALSE
*/
+/*XXX could move to smtp transport; no other users */
BOOL
-smtp_read_response(smtp_inblock *inblock, uschar *buffer, int size, int okdigit,
+smtp_read_response(void * sx0, uschar * buffer, int size, int okdigit,
int timeout)
{
-uschar *ptr = buffer;
-int count;
+smtp_context * sx = sx0;
+uschar * ptr = buffer;
+int count = 0;
+time_t timelimit = time(NULL) + timeout;
+BOOL yield = FALSE;
errno = 0; /* Ensure errno starts out zero */
+buffer[0] = '\0';
-/* This is a loop to read and concatentate the lines that make up a multi-line
+#ifndef DISABLE_PIPE_CONNECT
+if (sx->pending_BANNER || sx->pending_EHLO)
+ {
+ int rc;
+ if ((rc = smtp_reap_early_pipe(sx, &count)) != OK)
+ {
+ DEBUG(D_transport) debug_printf("failed reaping pipelined cmd responsess\n");
+ if (rc == DEFER) errno = ERRNO_TLSFAILURE;
+ goto out;
+ }
+ }
+#endif
+
+/* This is a loop to read and concatenate the lines that make up a multi-line
response. */
for (;;)
{
- if ((count = read_response_line(inblock, ptr, size, timeout)) < 0)
+ if ((count = read_response_line(&sx->inblock, ptr, size, timelimit)) < 0)
return FALSE;
HDEBUG(D_transport|D_acl|D_v)
- debug_printf(" %s %s\n", (ptr == buffer)? "SMTP<<" : " ", ptr);
+ debug_printf_indent(" %s %s\n", ptr == buffer ? "SMTP<<" : " ", ptr);
/* Check the format of the response: it must start with three digits; if
these are followed by a space or end of line, the response is complete. If
(ptr[3] != '-' && ptr[3] != ' ' && ptr[3] != 0))
{
errno = ERRNO_SMTPFORMAT; /* format error */
- return FALSE;
+ goto out;
}
/* If the line we have just read is a terminal line, line, we are done.
size -= count + 1;
}
+#ifdef TCP_FASTOPEN
+tfo_out_check(sx->cctx.sock);
+#endif
+
/* Return a value that depends on the SMTP return code. On some systems a
non-zero value of errno has been seen at this point, so ensure it is zero,
because the caller of this function looks at errno when FALSE is returned, to
timeouts, lost connections, etc. */
errno = 0;
-return buffer[0] == okdigit;
+yield = buffer[0] == okdigit;
+
+out:
+ smtp_debug_resp(buffer);
+ return yield;
}
/* End of smtp_out.c */
+/* vi: aw ai sw=2
+*/