X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/fd98a5c6771f3a5a686e54370b0525dcc3dca2f9..1072af868662ea8fec30454c2d62afdee24f2c8e:/src/src/transports/smtp.h diff --git a/src/src/transports/smtp.h b/src/src/transports/smtp.h index ef53292bc..319e8494e 100644 --- a/src/src/transports/smtp.h +++ b/src/src/transports/smtp.h @@ -2,76 +2,231 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2012 */ +/* Copyright (c) The Exim Maintainers 2020 - 2022 */ +/* Copyright (c) University of Cambridge 1995 - 2018 */ /* See the file NOTICE for conditions of use and distribution. */ +#define DELIVER_BUFFER_SIZE 4096 + +#define PENDING 256 +#define PENDING_DEFER (PENDING + DEFER) +#define PENDING_OK (PENDING + OK) + + +#ifndef DISABLE_TLS +/* Flags structure for validity of TLS configuration */ + +typedef struct { + BOOL conn_certs:1; /* certificates etc. loaded */ + BOOL cabundle:1; /* CA certificates loaded */ + BOOL crl:1; /* CRL loaded */ + BOOL pri_string:1; /* cipher priority-string cache loaded */ + BOOL dh:1; /* Diffie-Helman params loaded */ + BOOL ecdh:1; /* EC Diffie-Helman params loaded */ + + BOOL ca_rdn_emulate:1; /* do not advertise usable-cert list */ + BOOL ocsp_hook:1; /* need hshake callback on session */ + + void * libdata0; /* library-dependent preloaded data */ + void * libdata1; /* library-dependent preloaded data */ +} exim_tlslib_state; +#endif + + /* Private structure for the private options and other private data. */ typedef struct { - uschar *hosts; - uschar *fallback_hosts; - host_item *hostlist; - host_item *fallback_hostlist; - uschar *authenticated_sender; - uschar *helo_data; - uschar *interface; - uschar *port; - uschar *protocol; - uschar *dscp; - uschar *serialize_hosts; - uschar *hosts_try_auth; - uschar *hosts_require_auth; -#ifdef EXPERIMENTAL_PRDR - uschar *hosts_try_prdr; -#endif - uschar *hosts_require_tls; - uschar *hosts_avoid_tls; - uschar *hosts_verify_avoid_tls; - uschar *hosts_avoid_pipelining; - uschar *hosts_avoid_esmtp; - uschar *hosts_nopass_tls; - int command_timeout; - int connect_timeout; - int data_timeout; - int final_timeout; - int size_addition; - int hosts_max_try; - int hosts_max_try_hardlimit; - BOOL address_retry_include_sender; - BOOL allow_localhost; - BOOL authenticated_sender_force; - BOOL gethostbyname; - BOOL dns_qualify_single; - BOOL dns_search_parents; - BOOL delay_after_cutoff; - BOOL hosts_override; - BOOL hosts_randomize; - BOOL keepalive; - BOOL lmtp_ignore_quota; - BOOL retry_include_ip_address; - #ifdef SUPPORT_TLS - uschar *tls_certificate; - uschar *tls_crl; - uschar *tls_privatekey; - uschar *tls_require_ciphers; - uschar *gnutls_require_kx; - uschar *gnutls_require_mac; - uschar *gnutls_require_proto; - uschar *tls_sni; - uschar *tls_verify_certificates; - int tls_dh_min_bits; - BOOL tls_tempfail_tryclear; - #endif - #ifndef DISABLE_DKIM - uschar *dkim_domain; - uschar *dkim_private_key; - uschar *dkim_selector; - uschar *dkim_canon; - uschar *dkim_sign_headers; - uschar *dkim_strict; - #endif + uschar *hosts; + uschar *fallback_hosts; + host_item *hostlist; + host_item *fallback_hostlist; + uschar *authenticated_sender; + uschar *helo_data; + uschar *interface; + uschar *port; + uschar *protocol; + uschar *dscp; + uschar *serialize_hosts; + uschar *hosts_try_auth; + uschar *hosts_require_alpn; + uschar *hosts_require_auth; + uschar *hosts_try_chunking; +#ifdef SUPPORT_DANE + uschar *hosts_try_dane; + uschar *hosts_require_dane; + uschar *dane_require_tls_ciphers; +#endif + uschar *hosts_try_fastopen; +#ifndef DISABLE_PRDR + uschar *hosts_try_prdr; +#endif +#ifndef DISABLE_OCSP + uschar *hosts_request_ocsp; + uschar *hosts_require_ocsp; +#endif + uschar *hosts_require_tls; + uschar *hosts_avoid_tls; + uschar *hosts_verify_avoid_tls; + uschar *hosts_avoid_pipelining; +#ifndef DISABLE_PIPE_CONNECT + uschar *hosts_pipe_connect; +#endif + uschar *hosts_avoid_esmtp; +#ifndef DISABLE_TLS + uschar *hosts_nopass_tls; + uschar *hosts_noproxy_tls; +#endif + int command_timeout; + int connect_timeout; + int data_timeout; + int final_timeout; + int size_addition; + int hosts_max_try; + int hosts_max_try_hardlimit; + int message_linelength_limit; + BOOL address_retry_include_sender; + BOOL allow_localhost; + BOOL authenticated_sender_force; + BOOL gethostbyname; + BOOL dns_qualify_single; + BOOL dns_search_parents; + dnssec_domains dnssec; + BOOL delay_after_cutoff; + BOOL hosts_override; + BOOL hosts_randomize; + BOOL keepalive; + BOOL lmtp_ignore_quota; + uschar *expand_retry_include_ip_address; + BOOL retry_include_ip_address; +#ifdef SUPPORT_SOCKS + uschar *socks_proxy; +#endif +#ifndef DISABLE_TLS + uschar *tls_alpn; + uschar *tls_certificate; + uschar *tls_crl; + uschar *tls_privatekey; + uschar *tls_require_ciphers; +# ifndef DISABLE_TLS_RESUME + uschar *host_name_extract; + uschar *tls_resumption_hosts; +# endif + const uschar *tls_sni; + uschar *tls_verify_certificates; + int tls_dh_min_bits; + BOOL tls_tempfail_tryclear; + uschar *tls_verify_hosts; + uschar *tls_try_verify_hosts; + uschar *tls_verify_cert_hostnames; +#endif +#ifdef SUPPORT_I18N + uschar *utf8_downconvert; +#endif +#ifndef DISABLE_DKIM + struct ob_dkim dkim; +#endif +#ifdef EXPERIMENTAL_ARC + uschar *arc_sign; +#endif +#ifndef DISABLE_TLS + exim_tlslib_state tls_preload; +#endif } smtp_transport_options_block; +#define SOB (smtp_transport_options_block *) + + +/* smtp connect context */ +typedef struct { + uschar * from_addr; + address_item * addrlist; + + smtp_connect_args conn_args; + int port; + + BOOL verify:1; + BOOL lmtp:1; + BOOL smtps:1; + BOOL ok:1; + BOOL setting_up:1; +#ifndef DISABLE_PIPE_CONNECT + BOOL early_pipe_ok:1; + BOOL early_pipe_active:1; +#endif + BOOL esmtp:1; + BOOL esmtp_sent:1; + BOOL pipelining_used:1; +#ifndef DISABLE_PRDR + BOOL prdr_active:1; +#endif +#ifdef SUPPORT_I18N + BOOL utf8_needed:1; +#endif + BOOL dsn_all_lasthop:1; +#if !defined(DISABLE_TLS) && defined(SUPPORT_DANE) + BOOL dane_required:1; +#endif +#ifndef DISABLE_PIPE_CONNECT + BOOL pending_BANNER:1; + BOOL pending_EHLO:1; +#endif + BOOL pending_MAIL:1; + BOOL pending_BDAT:1; + BOOL RCPT_452:1; + BOOL good_RCPT:1; +#ifdef EXPERIMENTAL_ESMTP_LIMITS + BOOL single_rcpt_domain:1; +#endif + BOOL completed_addr:1; + BOOL send_rset:1; + BOOL send_quit:1; + BOOL send_tlsclose:1; + + unsigned peer_offered; +#ifdef EXPERIMENTAL_ESMTP_LIMITS + unsigned peer_limit_mail; + unsigned peer_limit_rcpt; + unsigned peer_limit_rcptdom; +#endif + + unsigned max_mail; + int max_rcpt; + int cmd_count; + + unsigned avoid_option; + uschar * igquotstr; + uschar * helo_data; +#ifdef EXPERIMENTAL_DSN_INFO + uschar * smtp_greeting; + uschar * helo_response; +#endif +#ifndef DISABLE_PIPE_CONNECT + /* Info about the EHLO response stored to / retrieved from cache. When + operating early-pipe, we use the cached values. For each of plaintext and + crypted we store bitmaps for ESMTP features and AUTH methods. If the LIMITS + extension is built and usable them at least one of the limits values cached + is nonzero, and we use the values to constrain the connection. */ + ehlo_resp_precis ehlo_resp; +#endif + + struct timeval delivery_start; + address_item * first_addr; + address_item * next_addr; + address_item * sync_addr; + + client_conn_ctx cctx; + smtp_inblock inblock; + smtp_outblock outblock; + uschar buffer[DELIVER_BUFFER_SIZE]; + uschar inbuffer[4096]; + uschar outbuffer[4096]; +} smtp_context; + +extern int smtp_setup_conn(smtp_context *, BOOL); +extern int smtp_write_mail_and_rcpt_cmds(smtp_context *, int *); +extern int smtp_reap_early_pipe(smtp_context *, int *); + + /* Data for reading the private options. */ extern optionlist smtp_transport_options[]; @@ -87,4 +242,11 @@ extern BOOL smtp_transport_entry(transport_instance *, address_item *); extern void smtp_transport_init(transport_instance *); extern void smtp_transport_closedown(transport_instance *); + + +#ifdef SUPPORT_SOCKS +extern int socks_sock_connect(host_item *, int, int, uschar *, + transport_instance *, int); +#endif + /* End of transports/smtp.h */