Support transport hosts_avoid_tls for cutthrough.
authorJeremy Harris <jgh146exb@wizmail.org>
Fri, 11 May 2012 20:46:57 +0000 (21:46 +0100)
committerJeremy Harris <jgh146exb@wizmail.org>
Mon, 4 Jun 2012 13:57:03 +0000 (14:57 +0100)
src/src/verify.c
test/confs/5402 [new file with mode: 0644]
test/log/5402 [new file with mode: 0644]
test/scripts/5400-cutthrough/5402 [new file with mode: 0644]
test/stderr/5401
test/stderr/5402 [new file with mode: 0644]
test/stdout/5402 [new file with mode: 0644]

index 23eab0598f822782a4e7b783f666df26dd8ae069..6d31b8256ceaead4619486171021d71ef0a60bf0 100644 (file)
@@ -407,13 +407,6 @@ else
 
   if (smtp_out != NULL && !disable_callout_flush) mac_smtp_fflush();
 
-  /* Precompile some regex that are used to recognize parameters in response
-  to an EHLO command, if they aren't already compiled. */
-  #ifdef SUPPORT_TLS
-  if (regex_STARTTLS == NULL) regex_STARTTLS =
-    regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE);
-  #endif
-
   /* Now make connections to the hosts and do real callouts. The list of hosts
   is passed in as an argument. */
 
@@ -570,11 +563,11 @@ else
         goto SEND_FAILED;
       if (!smtp_read_response(&inblock, responsebuffer, sizeof(responsebuffer), '2', callout))
         {
-        if (errno != 0 || responsebuffer[0] == 0 || lmtp || !esmtp || tls_out.active >= 0)
-       {
-       done= FALSE;
-          goto RESPONSE_FAILED;
-       }
+       if (errno != 0 || responsebuffer[0] == 0 || lmtp || !esmtp || tls_out.active >= 0)
+         {
+         done= FALSE;
+         goto RESPONSE_FAILED;
+         }
         #ifdef SUPPORT_TLS
         tls_offered = FALSE;
         #endif
@@ -584,9 +577,16 @@ else
 
       /* Set tls_offered if the response to EHLO specifies support for STARTTLS. */
       #ifdef SUPPORT_TLS
-      tls_offered = esmtp && !suppress_tls &&  tls_out.active < 0  &&
-        pcre_exec(regex_STARTTLS, NULL, CS responsebuffer, Ustrlen(responsebuffer), 0,
-          PCRE_EOPT, NULL, 0) >= 0;
+      if (esmtp && !suppress_tls &&  tls_out.active < 0)
+        {
+          if (regex_STARTTLS == NULL) regex_STARTTLS =
+           regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE);
+
+          tls_offered = pcre_exec(regex_STARTTLS, NULL, CS responsebuffer,
+                       Ustrlen(responsebuffer), 0, PCRE_EOPT, NULL, 0) >= 0;
+       }
+      else
+        tls_offered = FALSE;
       #endif
       }
 
@@ -1711,6 +1711,9 @@ while (addr_new != NULL)
           }
         else
           {
+#ifdef SUPPORT_TLS
+         deliver_set_expansions(addr);
+#endif
           rc = do_callout(addr, host_list, &tf, callout, callout_overall,
             callout_connect, options, se_mailfrom, pm_mailfrom);
           }
diff --git a/test/confs/5402 b/test/confs/5402
new file mode 100644 (file)
index 0000000..aff16fa
--- /dev/null
@@ -0,0 +1,58 @@
+# Exim test configuration 5402
+
+exim_path = EXIM_PATH
+host_lookup_order = bydns
+primary_hostname = myhost.test.ex
+rfc1413_query_timeout = 0s
+spool_directory = DIR/spool
+log_file_path = DIR/spool/log/%slog
+gecos_pattern = ""
+gecos_name = CALLER_NAME
+
+# ----- Main settings -----
+
+log_selector =  +smtp_confirmation
+tls_advertise_hosts = *
+tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
+
+domainlist local_domains = test.ex : *.test.ex
+
+acl_smtp_rcpt = ${if eq {SERVER}{server}{queue}{cutthrough}}
+
+# ----- ACLs -------
+
+begin acl
+
+cutthrough:
+    accept     control = cutthrough_delivery
+               verify = recipient
+
+queue:
+    accept     control = queue_only
+
+# ----- Routers -----
+
+begin routers
+
+all:
+  driver = manualroute
+  domains = ! +local_domains
+  route_list = * 127.0.0.1
+  self = send
+  address_data = $local_part
+  transport = smtp
+  no_more
+
+
+# ----- Transports -----
+
+begin transports
+
+smtp:
+  driver = smtp
+  interface = HOSTIPV4
+  port = PORT_D
+  hosts_avoid_tls = ${if eq {$address_data}{usery}{*}{:}}
+
+
+# End
diff --git a/test/log/5402 b/test/log/5402
new file mode 100644 (file)
index 0000000..ba90ed7
--- /dev/null
@@ -0,0 +1,11 @@
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLSv1:AES256-SHA:256 S=sss id=E10HmaY-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmaX-0005vi-00 no immediate delivery: queued by ACL
+1999-03-02 09:44:33 10HmaY-0005vi-00 >> userx@domain.com R=all T=smtp H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 C="250 OK id=10HmaX-0005vi-00"
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbA-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmaZ-0005vi-00 no immediate delivery: queued by ACL
+1999-03-02 09:44:33 10HmbA-0005vi-00 >> usery@domain.com R=all T=smtp H=127.0.0.1 [127.0.0.1] C="250 OK id=10HmaZ-0005vi-00"
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
diff --git a/test/scripts/5400-cutthrough/5402 b/test/scripts/5400-cutthrough/5402
new file mode 100644 (file)
index 0000000..d670abf
--- /dev/null
@@ -0,0 +1,24 @@
+# cutthrough_delivery to target oferring TLS
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim -d-all+acl+transport+expand+lists -bs
+EHLO myhost.test.ex
+MAIL FROM:<eximtest@myhost.test.ex>
+RCPT TO:<userx@domain.com>
+DATA
+
+.
+QUIT
+****
+# via a transport setting never-tls
+exim -d-all+acl+transport+expand+lists -bs
+EHLO myhost.test.ex
+MAIL FROM:<eximtest@myhost.test.ex>
+RCPT TO:<usery@domain.com>
+DATA
+
+.
+QUIT
+****
+killdaemon
+no_msglog_check
index 5db13fc410085c20a0883bb337573c4fe361c085..91f453e7c9ad0f73939b39d9ed18b7928c3902c0 100644 (file)
@@ -30,7 +30,7 @@ LOG: MAIN
   >> userx@domain.com R=all T=smtp H=127.0.0.1 [127.0.0.1]
 created log directory TESTSUITE/spool/log
   SMTP>> QUIT
------------ cutthrough shutdown ------------
+----------- cutthrough shutdown (delivered) ------------
 LOG: MAIN
   <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss
 LOG: MAIN
diff --git a/test/stderr/5402 b/test/stderr/5402
new file mode 100644 (file)
index 0000000..7babe35
--- /dev/null
@@ -0,0 +1,274 @@
+Exim version x.yz ....
+configuration file is TESTSUITE/test-config
+admin user
+ in hosts_connection_nolog? no (option unset)
+LOG: smtp_connection MAIN
+  SMTP connection from CALLER
+expanding: $smtp_active_hostname ESMTP Exim $version_number $tod_full
+   result: myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+ in pipelining_advertise_hosts? yes (matched "*")
+ in tls_advertise_hosts? yes (matched "*")
+expanding: SERVER
+   result: SERVER
+expanding: server
+   result: server
+condition: eq {SERVER}{server}
+   result: false
+expanding: queue
+   result: queue
+skipping: result is not used
+expanding: cutthrough
+   result: cutthrough
+expanding: ${if eq {SERVER}{server}{queue}{cutthrough}}
+   result: cutthrough
+using ACL "cutthrough"
+processing "accept"
+check control = cutthrough_delivery
+check verify = recipient
+domain.com in "test.ex : *.test.ex"? no (end of list)
+domain.com in "! +local_domains"? yes (end of list)
+expanding: $local_part
+   result: userx
+domain.com in "*"? yes (matched "*")
+----------- end verify ------------
+accept: condition test succeeded in ACL "cutthrough"
+----------- start cutthrough setup ------------
+domain.com in "test.ex : *.test.ex"? no (end of list)
+domain.com in "! +local_domains"? yes (end of list)
+expanding: $local_part
+   result: userx
+domain.com in "*"? yes (matched "*")
+Connecting to 127.0.0.1 [127.0.0.1]:1225 from ip4.ip4.ip4.ip4 ... connected
+expanding: $primary_hostname
+   result: myhost.test.ex
+  SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+127.0.0.1 in hosts_avoid_esmtp? no (option unset)
+  SMTP>> EHLO myhost.test.ex
+  SMTP<< 250-myhost.test.ex Hello the.local.host.name [ip4.ip4.ip4.ip4]
+         250-SIZE 52428800
+         250-8BITMIME
+         250-PIPELINING
+         250-STARTTLS
+         250 HELP
+expanding: $address_data
+   result: userx
+expanding: usery
+   result: usery
+condition: eq {$address_data}{usery}
+   result: false
+expanding: *
+   result: *
+skipping: result is not used
+expanding: :
+   result: :
+expanding: ${if eq {$address_data}{usery}{*}{:}}
+   result: :
+127.0.0.1 in hosts_avoid_tls? no (end of list)
+  SMTP>> STARTTLS
+  SMTP<< 220 TLS go ahead
+  SMTP>> EHLO myhost.test.ex
+  SMTP<< 250-myhost.test.ex Hello the.local.host.name [ip4.ip4.ip4.ip4]
+         250-SIZE 52428800
+         250-8BITMIME
+         250-PIPELINING
+         250 HELP
+  SMTP>> MAIL FROM:<CALLER@myhost.test.ex>
+  SMTP<< 250 OK
+  SMTP>> RCPT TO:<userx@domain.com>
+  SMTP<< 250 Accepted
+----------- end cutthrough setup ------------
+processing "accept"
+accept: condition test succeeded in inline ACL
+  SMTP>> DATA
+  SMTP<< 354 Enter message, ending with "." on a line by itself
+expanding: ${tod_full}
+   result: Tue, 2 Mar 1999 09:44:33 +0000
+condition: def:sender_rcvhost
+   result: false
+expanding: from $sender_rcvhost
+       
+   result: from 
+       
+skipping: result is not used
+condition: def:sender_ident
+   result: true
+expanding: $sender_ident
+   result: CALLER
+expanding: from ${quote_local_part:$sender_ident} 
+   result: from CALLER 
+condition: def:sender_helo_name
+   result: true
+expanding: (helo=$sender_helo_name)
+       
+   result: (helo=myhost.test.ex)
+       
+expanding: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+       }}
+   result: from CALLER (helo=myhost.test.ex)
+       
+condition: def:received_protocol
+   result: true
+expanding: with $received_protocol
+   result: with local-esmtp
+condition: def:sender_address
+   result: true
+expanding: (envelope-from <$sender_address>)
+       
+   result: (envelope-from <CALLER@myhost.test.ex>)
+       
+condition: def:received_for
+   result: true
+expanding: 
+       for $received_for
+   result: 
+       for userx@domain.com
+PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+expanding: ${tod_full}
+   result: Tue, 2 Mar 1999 09:44:33 +0000
+  SMTP>> .
+  SMTP<< 250 OK id=10HmaX-0005vi-00
+LOG: MAIN
+  >> userx@domain.com R=all T=smtp H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 C="250 OK id=10HmaX-0005vi-00"
+  SMTP>> QUIT
+----------- cutthrough shutdown (delivered) ------------
+LOG: MAIN
+  <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss
+LOG: MAIN
+  Completed
+LOG: smtp_connection MAIN
+  SMTP connection from CALLER closed by QUIT
+>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
+Exim version x.yz ....
+configuration file is TESTSUITE/test-config
+admin user
+ in hosts_connection_nolog? no (option unset)
+LOG: smtp_connection MAIN
+  SMTP connection from CALLER
+expanding: $smtp_active_hostname ESMTP Exim $version_number $tod_full
+   result: myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+ in pipelining_advertise_hosts? yes (matched "*")
+ in tls_advertise_hosts? yes (matched "*")
+expanding: SERVER
+   result: SERVER
+expanding: server
+   result: server
+condition: eq {SERVER}{server}
+   result: false
+expanding: queue
+   result: queue
+skipping: result is not used
+expanding: cutthrough
+   result: cutthrough
+expanding: ${if eq {SERVER}{server}{queue}{cutthrough}}
+   result: cutthrough
+using ACL "cutthrough"
+processing "accept"
+check control = cutthrough_delivery
+check verify = recipient
+domain.com in "test.ex : *.test.ex"? no (end of list)
+domain.com in "! +local_domains"? yes (end of list)
+expanding: $local_part
+   result: usery
+domain.com in "*"? yes (matched "*")
+----------- end verify ------------
+accept: condition test succeeded in ACL "cutthrough"
+----------- start cutthrough setup ------------
+domain.com in "test.ex : *.test.ex"? no (end of list)
+domain.com in "! +local_domains"? yes (end of list)
+expanding: $local_part
+   result: usery
+domain.com in "*"? yes (matched "*")
+Connecting to 127.0.0.1 [127.0.0.1]:1225 from ip4.ip4.ip4.ip4 ... connected
+expanding: $primary_hostname
+   result: myhost.test.ex
+  SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+127.0.0.1 in hosts_avoid_esmtp? no (option unset)
+  SMTP>> EHLO myhost.test.ex
+  SMTP<< 250-myhost.test.ex Hello the.local.host.name [ip4.ip4.ip4.ip4]
+         250-SIZE 52428800
+         250-8BITMIME
+         250-PIPELINING
+         250-STARTTLS
+         250 HELP
+expanding: $address_data
+   result: usery
+expanding: usery
+   result: usery
+condition: eq {$address_data}{usery}
+   result: true
+expanding: *
+   result: *
+expanding: :
+   result: :
+skipping: result is not used
+expanding: ${if eq {$address_data}{usery}{*}{:}}
+   result: *
+127.0.0.1 in hosts_avoid_tls? yes (matched "*")
+  SMTP>> MAIL FROM:<CALLER@myhost.test.ex>
+  SMTP<< 250 OK
+  SMTP>> RCPT TO:<usery@domain.com>
+  SMTP<< 250 Accepted
+----------- end cutthrough setup ------------
+processing "accept"
+accept: condition test succeeded in inline ACL
+  SMTP>> DATA
+  SMTP<< 354 Enter message, ending with "." on a line by itself
+expanding: ${tod_full}
+   result: Tue, 2 Mar 1999 09:44:33 +0000
+condition: def:sender_rcvhost
+   result: false
+expanding: from $sender_rcvhost
+       
+   result: from 
+       
+skipping: result is not used
+condition: def:sender_ident
+   result: true
+expanding: $sender_ident
+   result: CALLER
+expanding: from ${quote_local_part:$sender_ident} 
+   result: from CALLER 
+condition: def:sender_helo_name
+   result: true
+expanding: (helo=$sender_helo_name)
+       
+   result: (helo=myhost.test.ex)
+       
+expanding: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)
+       }}
+   result: from CALLER (helo=myhost.test.ex)
+       
+condition: def:received_protocol
+   result: true
+expanding: with $received_protocol
+   result: with local-esmtp
+condition: def:sender_address
+   result: true
+expanding: (envelope-from <$sender_address>)
+       
+   result: (envelope-from <CALLER@myhost.test.ex>)
+       
+condition: def:received_for
+   result: true
+expanding: 
+       for $received_for
+   result: 
+       for usery@domain.com
+PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+expanding: ${tod_full}
+   result: Tue, 2 Mar 1999 09:44:33 +0000
+  SMTP>> .
+  SMTP<< 250 OK id=10HmaZ-0005vi-00
+LOG: MAIN
+  >> usery@domain.com R=all T=smtp H=127.0.0.1 [127.0.0.1] C="250 OK id=10HmaZ-0005vi-00"
+  SMTP>> QUIT
+----------- cutthrough shutdown (delivered) ------------
+LOG: MAIN
+  <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss
+LOG: MAIN
+  Completed
+LOG: smtp_connection MAIN
+  SMTP connection from CALLER closed by QUIT
+>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
+
+******** SERVER ********
diff --git a/test/stdout/5402 b/test/stdout/5402
new file mode 100644 (file)
index 0000000..252c829
--- /dev/null
@@ -0,0 +1,24 @@
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250-myhost.test.ex Hello CALLER at myhost.test.ex\r
+250-SIZE 52428800\r
+250-8BITMIME\r
+250-PIPELINING\r
+250-STARTTLS\r
+250 HELP\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+250 OK id=10HmaY-0005vi-00\r
+221 myhost.test.ex closing connection\r
+220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000\r
+250-myhost.test.ex Hello CALLER at myhost.test.ex\r
+250-SIZE 52428800\r
+250-8BITMIME\r
+250-PIPELINING\r
+250-STARTTLS\r
+250 HELP\r
+250 OK\r
+250 Accepted\r
+354 Enter message, ending with "." on a line by itself\r
+250 OK id=10HmbA-0005vi-00\r
+221 myhost.test.ex closing connection\r