X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/a55697acf8d60ff8fc67f8fc46f23b8f53a3b823..4ca005cdf526b0c6803c29a154bd85dc112bc6a3:/src/src/transports/smtp.c diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index d7147b2f9..6f999097a 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -18,195 +18,126 @@ over TCP/IP. The options must be in alphabetic order (note that "_" comes before the lower case letters). Some live in the transport_instance block so as to be publicly visible; these are flagged with opt_public. */ +#define LOFF(field) OPT_OFF(smtp_transport_options_block, field) + optionlist smtp_transport_options[] = { { "*expand_multi_domain", opt_stringptr | opt_hidden | opt_public, - (void *)offsetof(transport_instance, expand_multi_domain) }, + OPT_OFF(transport_instance, expand_multi_domain) }, { "*expand_retry_include_ip_address", opt_stringptr | opt_hidden, - (void *)(offsetof(smtp_transport_options_block, expand_retry_include_ip_address)) }, + LOFF(expand_retry_include_ip_address) }, { "address_retry_include_sender", opt_bool, - (void *)offsetof(smtp_transport_options_block, address_retry_include_sender) }, - { "allow_localhost", opt_bool, - (void *)offsetof(smtp_transport_options_block, allow_localhost) }, + LOFF(address_retry_include_sender) }, + { "allow_localhost", opt_bool, LOFF(allow_localhost) }, #ifdef EXPERIMENTAL_ARC - { "arc_sign", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, arc_sign) }, -#endif - { "authenticated_sender", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, authenticated_sender) }, - { "authenticated_sender_force", opt_bool, - (void *)offsetof(smtp_transport_options_block, authenticated_sender_force) }, - { "command_timeout", opt_time, - (void *)offsetof(smtp_transport_options_block, command_timeout) }, - { "connect_timeout", opt_time, - (void *)offsetof(smtp_transport_options_block, connect_timeout) }, + { "arc_sign", opt_stringptr, LOFF(arc_sign) }, +#endif + { "authenticated_sender", opt_stringptr, LOFF(authenticated_sender) }, + { "authenticated_sender_force", opt_bool, LOFF(authenticated_sender_force) }, + { "command_timeout", opt_time, LOFF(command_timeout) }, + { "connect_timeout", opt_time, LOFF(connect_timeout) }, { "connection_max_messages", opt_int | opt_public, - (void *)offsetof(transport_instance, connection_max_messages) }, + OPT_OFF(transport_instance, connection_max_messages) }, # ifdef SUPPORT_DANE - { "dane_require_tls_ciphers", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dane_require_tls_ciphers) }, + { "dane_require_tls_ciphers", opt_stringptr, LOFF(dane_require_tls_ciphers) }, # endif - { "data_timeout", opt_time, - (void *)offsetof(smtp_transport_options_block, data_timeout) }, - { "delay_after_cutoff", opt_bool, - (void *)offsetof(smtp_transport_options_block, delay_after_cutoff) }, + { "data_timeout", opt_time, LOFF(data_timeout) }, + { "delay_after_cutoff", opt_bool, LOFF(delay_after_cutoff) }, #ifndef DISABLE_DKIM - { "dkim_canon", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dkim.dkim_canon) }, - { "dkim_domain", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dkim.dkim_domain) }, - { "dkim_hash", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dkim.dkim_hash) }, - { "dkim_identity", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dkim.dkim_identity) }, - { "dkim_private_key", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dkim.dkim_private_key) }, - { "dkim_selector", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dkim.dkim_selector) }, - { "dkim_sign_headers", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dkim.dkim_sign_headers) }, - { "dkim_strict", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dkim.dkim_strict) }, - { "dkim_timestamps", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dkim.dkim_timestamps) }, -#endif - { "dns_qualify_single", opt_bool, - (void *)offsetof(smtp_transport_options_block, dns_qualify_single) }, - { "dns_search_parents", opt_bool, - (void *)offsetof(smtp_transport_options_block, dns_search_parents) }, - { "dnssec_request_domains", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dnssec.request) }, - { "dnssec_require_domains", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dnssec.require) }, - { "dscp", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, dscp) }, - { "fallback_hosts", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, fallback_hosts) }, - { "final_timeout", opt_time, - (void *)offsetof(smtp_transport_options_block, final_timeout) }, - { "gethostbyname", opt_bool, - (void *)offsetof(smtp_transport_options_block, gethostbyname) }, - { "helo_data", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, helo_data) }, - { "hosts", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts) }, - { "hosts_avoid_esmtp", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_avoid_esmtp) }, - { "hosts_avoid_pipelining", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_avoid_pipelining) }, + { "dkim_canon", opt_stringptr, LOFF(dkim.dkim_canon) }, + { "dkim_domain", opt_stringptr, LOFF(dkim.dkim_domain) }, + { "dkim_hash", opt_stringptr, LOFF(dkim.dkim_hash) }, + { "dkim_identity", opt_stringptr, LOFF(dkim.dkim_identity) }, + { "dkim_private_key", opt_stringptr, LOFF(dkim.dkim_private_key) }, + { "dkim_selector", opt_stringptr, LOFF(dkim.dkim_selector) }, + { "dkim_sign_headers", opt_stringptr, LOFF(dkim.dkim_sign_headers) }, + { "dkim_strict", opt_stringptr, LOFF(dkim.dkim_strict) }, + { "dkim_timestamps", opt_stringptr, LOFF(dkim.dkim_timestamps) }, +#endif + { "dns_qualify_single", opt_bool, LOFF(dns_qualify_single) }, + { "dns_search_parents", opt_bool, LOFF(dns_search_parents) }, + { "dnssec_request_domains", opt_stringptr, LOFF(dnssec.request) }, + { "dnssec_require_domains", opt_stringptr, LOFF(dnssec.require) }, + { "dscp", opt_stringptr, LOFF(dscp) }, + { "fallback_hosts", opt_stringptr, LOFF(fallback_hosts) }, + { "final_timeout", opt_time, LOFF(final_timeout) }, + { "gethostbyname", opt_bool, LOFF(gethostbyname) }, + { "helo_data", opt_stringptr, LOFF(helo_data) }, + { "hosts", opt_stringptr, LOFF(hosts) }, + { "hosts_avoid_esmtp", opt_stringptr, LOFF(hosts_avoid_esmtp) }, + { "hosts_avoid_pipelining", opt_stringptr, LOFF(hosts_avoid_pipelining) }, #ifndef DISABLE_TLS - { "hosts_avoid_tls", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_avoid_tls) }, + { "hosts_avoid_tls", opt_stringptr, LOFF(hosts_avoid_tls) }, #endif - { "hosts_max_try", opt_int, - (void *)offsetof(smtp_transport_options_block, hosts_max_try) }, - { "hosts_max_try_hardlimit", opt_int, - (void *)offsetof(smtp_transport_options_block, hosts_max_try_hardlimit) }, + { "hosts_max_try", opt_int, LOFF(hosts_max_try) }, + { "hosts_max_try_hardlimit", opt_int, LOFF(hosts_max_try_hardlimit) }, #ifndef DISABLE_TLS - { "hosts_nopass_tls", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_nopass_tls) }, - { "hosts_noproxy_tls", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_noproxy_tls) }, + { "hosts_nopass_tls", opt_stringptr, LOFF(hosts_nopass_tls) }, + { "hosts_noproxy_tls", opt_stringptr, LOFF(hosts_noproxy_tls) }, #endif - { "hosts_override", opt_bool, - (void *)offsetof(smtp_transport_options_block, hosts_override) }, + { "hosts_override", opt_bool, LOFF(hosts_override) }, #ifndef DISABLE_PIPE_CONNECT - { "hosts_pipe_connect", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_pipe_connect) }, + { "hosts_pipe_connect", opt_stringptr, LOFF(hosts_pipe_connect) }, #endif - { "hosts_randomize", opt_bool, - (void *)offsetof(smtp_transport_options_block, hosts_randomize) }, + { "hosts_randomize", opt_bool, LOFF(hosts_randomize) }, #if !defined(DISABLE_TLS) && !defined(DISABLE_OCSP) - { "hosts_request_ocsp", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_request_ocsp) }, + { "hosts_request_ocsp", opt_stringptr, LOFF(hosts_request_ocsp) }, #endif - { "hosts_require_auth", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_require_auth) }, + { "hosts_require_auth", opt_stringptr, LOFF(hosts_require_auth) }, #ifndef DISABLE_TLS # ifdef SUPPORT_DANE - { "hosts_require_dane", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_require_dane) }, + { "hosts_require_dane", opt_stringptr, LOFF(hosts_require_dane) }, # endif # ifndef DISABLE_OCSP - { "hosts_require_ocsp", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_require_ocsp) }, + { "hosts_require_ocsp", opt_stringptr, LOFF(hosts_require_ocsp) }, # endif - { "hosts_require_tls", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_require_tls) }, + { "hosts_require_tls", opt_stringptr, LOFF(hosts_require_tls) }, #endif - { "hosts_try_auth", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_try_auth) }, - { "hosts_try_chunking", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_try_chunking) }, + { "hosts_try_auth", opt_stringptr, LOFF(hosts_try_auth) }, + { "hosts_try_chunking", opt_stringptr, LOFF(hosts_try_chunking) }, #ifdef SUPPORT_DANE - { "hosts_try_dane", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_try_dane) }, + { "hosts_try_dane", opt_stringptr, LOFF(hosts_try_dane) }, #endif - { "hosts_try_fastopen", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_try_fastopen) }, + { "hosts_try_fastopen", opt_stringptr, LOFF(hosts_try_fastopen) }, #ifndef DISABLE_PRDR - { "hosts_try_prdr", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_try_prdr) }, + { "hosts_try_prdr", opt_stringptr, LOFF(hosts_try_prdr) }, #endif #ifndef DISABLE_TLS - { "hosts_verify_avoid_tls", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, hosts_verify_avoid_tls) }, -#endif - { "interface", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, interface) }, - { "keepalive", opt_bool, - (void *)offsetof(smtp_transport_options_block, keepalive) }, - { "lmtp_ignore_quota", opt_bool, - (void *)offsetof(smtp_transport_options_block, lmtp_ignore_quota) }, + { "hosts_verify_avoid_tls", opt_stringptr, LOFF(hosts_verify_avoid_tls) }, +#endif + { "interface", opt_stringptr, LOFF(interface) }, + { "keepalive", opt_bool, LOFF(keepalive) }, + { "lmtp_ignore_quota", opt_bool, LOFF(lmtp_ignore_quota) }, { "max_rcpt", opt_int | opt_public, - (void *)offsetof(transport_instance, max_addresses) }, + OPT_OFF(transport_instance, max_addresses) }, { "multi_domain", opt_expand_bool | opt_public, - (void *)offsetof(transport_instance, multi_domain) }, - { "port", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, port) }, - { "protocol", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, protocol) }, - { "retry_include_ip_address", opt_expand_bool, - (void *)offsetof(smtp_transport_options_block, retry_include_ip_address) }, - { "serialize_hosts", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, serialize_hosts) }, - { "size_addition", opt_int, - (void *)offsetof(smtp_transport_options_block, size_addition) }, + OPT_OFF(transport_instance, multi_domain) }, + { "port", opt_stringptr, LOFF(port) }, + { "protocol", opt_stringptr, LOFF(protocol) }, + { "retry_include_ip_address", opt_expand_bool, LOFF(retry_include_ip_address) }, + { "serialize_hosts", opt_stringptr, LOFF(serialize_hosts) }, + { "size_addition", opt_int, LOFF(size_addition) }, #ifdef SUPPORT_SOCKS - { "socks_proxy", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, socks_proxy) }, + { "socks_proxy", opt_stringptr, LOFF(socks_proxy) }, #endif #ifndef DISABLE_TLS - { "tls_certificate", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, tls_certificate) }, - { "tls_crl", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, tls_crl) }, - { "tls_dh_min_bits", opt_int, - (void *)offsetof(smtp_transport_options_block, tls_dh_min_bits) }, - { "tls_privatekey", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, tls_privatekey) }, - { "tls_require_ciphers", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, tls_require_ciphers) }, + { "tls_certificate", opt_stringptr, LOFF(tls_certificate) }, + { "tls_crl", opt_stringptr, LOFF(tls_crl) }, + { "tls_dh_min_bits", opt_int, LOFF(tls_dh_min_bits) }, + { "tls_privatekey", opt_stringptr, LOFF(tls_privatekey) }, + { "tls_require_ciphers", opt_stringptr, LOFF(tls_require_ciphers) }, # ifdef EXPERIMENTAL_TLS_RESUME - { "tls_resumption_hosts", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, tls_resumption_hosts) }, + { "tls_resumption_hosts", opt_stringptr, LOFF(tls_resumption_hosts) }, # endif - { "tls_sni", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, tls_sni) }, - { "tls_tempfail_tryclear", opt_bool, - (void *)offsetof(smtp_transport_options_block, tls_tempfail_tryclear) }, - { "tls_try_verify_hosts", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, tls_try_verify_hosts) }, - { "tls_verify_cert_hostnames", opt_stringptr, - (void *)offsetof(smtp_transport_options_block,tls_verify_cert_hostnames)}, - { "tls_verify_certificates", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, tls_verify_certificates) }, - { "tls_verify_hosts", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, tls_verify_hosts) }, + { "tls_sni", opt_stringptr, LOFF(tls_sni) }, + { "tls_tempfail_tryclear", opt_bool, LOFF(tls_tempfail_tryclear) }, + { "tls_try_verify_hosts", opt_stringptr, LOFF(tls_try_verify_hosts) }, + { "tls_verify_cert_hostnames", opt_stringptr, LOFF(tls_verify_cert_hostnames)}, + { "tls_verify_certificates", opt_stringptr, LOFF(tls_verify_certificates) }, + { "tls_verify_hosts", opt_stringptr, LOFF(tls_verify_hosts) }, #endif #ifdef SUPPORT_I18N - { "utf8_downconvert", opt_stringptr, - (void *)offsetof(smtp_transport_options_block, utf8_downconvert) }, + { "utf8_downconvert", opt_stringptr, LOFF(utf8_downconvert) }, #endif }; @@ -2148,6 +2079,7 @@ if (!continue_hostname) else DEBUG(D_transport) debug_printf("helo needs $sending_ip_address\n"); +PIPE_CONNECT_RETRY: if (sx->early_pipe_active) sx->outblock.conn_args = &sx->conn_args; else @@ -2446,6 +2378,7 @@ else } sx->inblock.cctx = sx->outblock.cctx = &sx->cctx; smtp_command = big_buffer; + sx->peer_offered = smtp_peer_options; sx->helo_data = NULL; /* ensure we re-expand ob->helo_data */ /* For a continued connection with TLS being proxied for us, or a @@ -2456,7 +2389,6 @@ else && cutthrough.is_tls) ) { - sx->peer_offered = smtp_peer_options; sx->pipelining_used = pipelining_active = !!(smtp_peer_options & OPTION_PIPE); HDEBUG(D_transport) debug_printf("continued connection, %s TLS\n", continue_proxy_cipher ? "proxied" : "verify conn with"); @@ -2494,7 +2426,10 @@ if ( smtp_peer_options & OPTION_TLS { HDEBUG(D_transport) debug_printf("failed reaping pipelined cmd responses\n"); - goto RESPONSE_FAILED; + close(sx->cctx.sock); + sx->cctx.sock = -1; + sx->early_pipe_active = FALSE; + goto PIPE_CONNECT_RETRY; } #endif @@ -3441,8 +3376,9 @@ done: /* If continue_hostname is not null, we get here only when continuing to deliver down an existing channel. The channel was passed as the standard -input. TLS is never active on a passed channel; the previous process always -closes it down before passing the connection on. +input. TLS is never active on a passed channel; the previous process either +closes it down before passing the connection on, or inserts a TLS-proxy +process and passes on a cleartext conection. Otherwise, we have to make a connection to the remote host, and do the initial protocol exchange. @@ -3581,7 +3517,6 @@ always has a sequence number greater than one. */ if (continue_hostname && continue_sequence == 1) { - sx->peer_offered = smtp_peer_options; /* sx->pending_MAIL = FALSE; */ sx->ok = TRUE; /* sx->next_addr = NULL; */ @@ -4935,15 +4870,19 @@ retry_non_continued: were not in it. We don't want to hold up all SMTP deliveries! Except when doing a two-stage queue run, don't do this if forcing. */ - if ((!f.deliver_force || f.queue_2stage) && (f.queue_smtp || - match_isinlist(addrlist->domain, - (const uschar **)&queue_smtp_domains, 0, - &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK)) + if ( (!f.deliver_force || f.queue_2stage) + && ( f.queue_smtp + || match_isinlist(addrlist->domain, + CUSS &queue_smtp_domains, 0, + &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL) == OK) + ) { + DEBUG(D_transport) debug_printf("first-pass routing only\n"); expired = FALSE; for (address_item * addr = addrlist; addr; addr = addr->next) if (addr->transport_return == DEFER) - addr->message = US"domain matches queue_smtp_domains, or -odqs set"; + addr->message = US"first-pass only routing due to -odqs, " + "queue_smtp_domains or control=queue"; continue; /* With next host */ }