X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/5bfe3b3511e3e4f0ef0be45231cedf661d877b45..66387a737208e277990b0cbfe58db3db419f34b2:/src/src/transports/smtp.c

diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index 9dc632e7f..ac61a405b 100644
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -206,7 +206,7 @@ void smtp_transport_closedown(transport_instance *tblock) {}
 
 smtp_transport_options_block smtp_transport_option_defaults = {
   .hosts =			NULL,
-  .hosts =			NULL,
+  .fallback_hosts =		NULL,
   .hostlist =			NULL,
   .fallback_hostlist =		NULL,
   .authenticated_sender =	NULL,
@@ -623,34 +623,34 @@ return FALSE;
 /* This writes to the main log and to the message log.
 
 Arguments:
-  addr     the address item containing error information
   host     the current host
+  detail  the current message (addr_item->message)
+  basic_errno the errno (addr_item->basic_errno)
 
 Returns:   nothing
 */
 
 static void
-write_logs(address_item *addr, host_item *host)
+write_logs(const host_item *host, const uschar *suffix, int basic_errno)
 {
-uschar * message = LOGGING(outgoing_port)
+
+
+uschar *message = LOGGING(outgoing_port)
   ? string_sprintf("H=%s [%s]:%d", host->name, host->address,
 		    host->port == PORT_NONE ? 25 : host->port)
   : string_sprintf("H=%s [%s]", host->name, host->address);
 
-if (addr->message)
+if (suffix)
   {
-  message = string_sprintf("%s: %s", message, addr->message);
-  if (addr->basic_errno > 0)
-    message = string_sprintf("%s: %s", message, strerror(addr->basic_errno));
-  log_write(0, LOG_MAIN, "%s", message);
-  deliver_msglog("%s %s\n", tod_stamp(tod_log), message);
+  message = string_sprintf("%s: %s", message, suffix);
+  if (basic_errno > 0)
+    message = string_sprintf("%s: %s", message, strerror(basic_errno));
   }
 else
-  {
-  const uschar * s = exim_errstr(addr->basic_errno);
-  log_write(0, LOG_MAIN, "%s %s", message, s);
-  deliver_msglog("%s %s %s\n", tod_stamp(tod_log), message, s);
-  }
+  message = string_sprintf("%s %s", message, exim_errstr(basic_errno));
+
+log_write(0, LOG_MAIN, "%s", message);
+deliver_msglog("%s %s\n", tod_stamp(tod_log), message);
 }
 
 static void
@@ -1217,14 +1217,15 @@ DEBUG(D_transport)
 
 switch (rc)
   {
-  case DNS_SUCCEED:
-    if (sec) return OK;
-
-    log_write(0, LOG_MAIN, "DANE error: TLSA lookup not DNSSEC");
-    /*FALLTHROUGH*/
   case DNS_AGAIN:
     return DEFER; /* just defer this TLS'd conn */
 
+  case DNS_SUCCEED:
+    if (sec) return OK;
+    log_write(0, LOG_MAIN,
+      "DANE error: TLSA lookup for %s not DNSSEC", host->name);
+    /*FALLTRHOUGH*/
+
   case DNS_NODATA:	/* no TLSA RR for this lookup */
   case DNS_NOMATCH:	/* no records at all for this lookup */
     return dane_required ? FAIL : FAIL_FORCED;
@@ -2607,6 +2608,7 @@ if ((rc = fork()))
   _exit(rc < 0 ? EXIT_FAILURE : EXIT_SUCCESS);
   }
 
+if (running_in_test_harness) millisleep(100); /* let parent debug out */
 set_process_info("proxying TLS connection for continued transport");
 FD_ZERO(&rfds);
 FD_SET(tls_out.active, &rfds);
@@ -3319,8 +3321,9 @@ if (!sx.ok)
 	set_rc = DEFER;
         if (save_errno > 0)
           message = US string_sprintf("%s: %s", message, strerror(save_errno));
-        if (host->next != NULL) log_write(0, LOG_MAIN, "%s", message);
-	msglog_line(host, message);
+
+        write_logs(host, message, sx.first_addr ? sx.first_addr->basic_errno : 0);
+
         *message_defer = TRUE;
         }
       }
@@ -3507,9 +3510,12 @@ propagate it from the initial
 	  {
 	  int pid = fork();
 	  if (pid == 0)		/* child; fork again to disconnect totally */
+	    {
+	    if (running_in_test_harness) millisleep(100); /* let parent debug out */
 	    /* does not return */
 	    smtp_proxy_tls(sx.buffer, sizeof(sx.buffer), pfd,
 			    sx.ob->command_timeout);
+	    }
 
 	  if (pid > 0)		/* parent */
 	    {
@@ -3727,7 +3733,7 @@ uschar *tid = string_sprintf("%s transport", tblock->name);
 smtp_transport_options_block *ob =
   (smtp_transport_options_block *)(tblock->options_block);
 host_item *hostlist = addrlist->host_list;
-host_item *host = NULL;
+host_item *host;
 
 DEBUG(D_transport)
   {
@@ -3738,7 +3744,7 @@ DEBUG(D_transport)
     {
     debug_printf("hostlist:\n");
     for (host = hostlist; host; host = host->next)
-      debug_printf("  %s:%d\n", host->name, host->port);
+      debug_printf("  '%s' IP %s port %d\n", host->name, host->address, host->port);
     }
   if (continue_hostname)
     debug_printf("already connected to %s [%s] (on fd %d)\n",
@@ -3919,7 +3925,9 @@ for (cutoff_retry = 0;
   {
   host_item *nexthost = NULL;
   int unexpired_hosts_tried = 0;
+  BOOL continue_host_tried = FALSE;
 
+retry_non_continued:
   for (host = hostlist;
           host
        && unexpired_hosts_tried < ob->hosts_max_try
@@ -3984,7 +3992,7 @@ for (cutoff_retry = 0;
       /* Find by name if so configured, or if it's an IP address. We don't
       just copy the IP address, because we need the test-for-local to happen. */
 
-      flags = HOST_FIND_BY_A;
+      flags = HOST_FIND_BY_A | HOST_FIND_BY_AAAA;
       if (ob->dns_qualify_single) flags |= HOST_FIND_QUALIFY_SINGLE;
       if (ob->dns_search_parents) flags |= HOST_FIND_SEARCH_PARENTS;
 
@@ -4052,14 +4060,16 @@ for (cutoff_retry = 0;
     result of the lookup. Set expired FALSE, to save the outer loop executing
     twice. */
 
-    if (  continue_hostname
-       && (  Ustrcmp(continue_hostname, host->name) != 0
-          || Ustrcmp(continue_host_address, host->address) != 0
-       )  )
-      {
-      expired = FALSE;
-      continue;      /* With next host */
-      }
+    if (continue_hostname)
+      if (  Ustrcmp(continue_hostname, host->name) != 0
+         || Ustrcmp(continue_host_address, host->address) != 0
+	 )
+	{
+	expired = FALSE;
+	continue;      /* With next host */
+	}
+      else
+	continue_host_tried = TRUE;
 
     /* Reset the default next host in case a multihomed host whose addresses
     are not looked up till just above added to the host list. */
@@ -4325,7 +4335,7 @@ for (cutoff_retry = 0;
 
       if (rc == DEFER && first_addr->basic_errno != ERRNO_AUTHFAIL
 		      && first_addr->basic_errno != ERRNO_TLSFAILURE)
-        write_logs(first_addr, host);
+        write_logs(host, first_addr->message, first_addr->basic_errno);
 
 #ifndef DISABLE_EVENT
       if (rc == DEFER)
@@ -4355,7 +4365,7 @@ for (cutoff_retry = 0;
         rc = smtp_deliver(addrlist, thost, host_af, defport, interface, tblock,
           &message_defer, TRUE);
         if (rc == DEFER && first_addr->basic_errno != ERRNO_AUTHFAIL)
-          write_logs(first_addr, host);
+          write_logs(host, first_addr->message, first_addr->basic_errno);
 # ifndef DISABLE_EVENT
         if (rc == DEFER)
           deferred_event_raise(first_addr, host);
@@ -4517,6 +4527,32 @@ for (cutoff_retry = 0;
       }
     }   /* End of loop for trying multiple hosts. */
 
+  /* If we failed to find a matching host in the list, for an already-open
+  connection, just close it and start over with the list.  This can happen
+  for routing that changes from run to run, or big multi-IP sites with
+  round-robin DNS. */
+
+  if (continue_hostname && !continue_host_tried)
+    {
+    int fd = cutthrough.fd >= 0 ? cutthrough.fd : 0;
+
+    DEBUG(D_transport) debug_printf("no hosts match already-open connection\n");
+#ifdef SUPPORT_TLS
+    if (tls_out.active == fd)
+      {
+      (void) tls_write(FALSE, US"QUIT\r\n", 6, FALSE);
+      tls_close(FALSE, TRUE);
+      }
+    else
+#else
+      (void) write(fd, US"QUIT\r\n", 6);
+#endif
+    (void) close(fd);
+    cutthrough.fd = -1;
+    continue_hostname = NULL;
+    goto retry_non_continued;
+    }
+
   /* This is the end of the loop that repeats iff expired is TRUE and
   ob->delay_after_cutoff is FALSE. The second time round we will
   try those hosts that haven't been tried since the message arrived. */