From 2081aac24b67f3f3f34389aadc06354abcad0cad Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Wed, 7 Apr 2021 21:34:42 +0100 Subject: [PATCH] Pass proxy addresses/ports to continued trasnports. Bug 2710 --- doc/doc-docbook/spec.xfpt | 9 +++++ doc/doc-txt/ChangeLog | 5 +++ src/src/exim.c | 20 +++++++++++ src/src/transport.c | 13 ++++++- test/confs/4020 | 11 +++++- test/confs/4021 | 1 + test/log/4020 | 6 ++-- test/log/4021 | 9 +++++ test/log/4027 | 9 +++-- test/scripts/4020-socks/4021 | 68 ++++++++++++++++++++++++++++++++++++ test/stdout/4021 | 53 ++++++++++++++++++++++++++++ 11 files changed, 197 insertions(+), 7 deletions(-) create mode 120000 test/confs/4021 create mode 100644 test/log/4021 create mode 100644 test/scripts/4020-socks/4021 create mode 100644 test/stdout/4021 diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 1d982d1a6..5c42afc93 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -3946,6 +3946,15 @@ This option is not intended for use by external callers. It is used internally by Exim in conjunction with the &%-MC%& option. It signifies that the server to which Exim is connected supports pipelining. +.new +.vitem &%-MCp%& +.oindex "&%-MCp%&" +This option is not intended for use by external callers. It is used internally +by Exim in conjunction with the &%-MC%& option. It signifies that the connection +t a remote server is via a SOCKS proxy, using addresses and ports given by +the following four arguments. +.wen + .vitem &%-MCQ%&&~<&'process&~id'&>&~<&'pipe&~fd'&> .oindex "&%-MCQ%&" This option is not intended for use by external callers. It is used internally diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 3995eb05d..db4735f8f 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -230,6 +230,11 @@ JH/48 Use a less bogus-looking filename for a temporary used for DH-parameters for GnuTLS. Previously the name started "%s" which, while not a bug, looked as if if might be one. +JH/49 Bug 2710: when using SOCKS for additional messages after the first (a + "continued connection") make the $proxy_* variables available. Previously + the information was not passed across the exec() call for subsequent + transport executions. This also mean that the log lines for the + messages can show the proxy information. diff --git a/src/src/exim.c b/src/src/exim.c index cb11a2a38..1244aee0b 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -2793,6 +2793,26 @@ on the second character (the one after '-'), to save some effort. */ case 'P': smtp_peer_options |= OPTION_PIPE; break; +#ifdef SUPPORT_SOCKS + /* -MCp: Socks proxy in use; nearside IP, port, external IP, port */ + case 'p': proxy_session = TRUE; + if (++i < argc) + { + proxy_local_address = string_copy_taint(argv[i], TRUE); + if (++i < argc) + { + proxy_local_port = Uatoi(argv[i]); + if (++i < argc) + { + proxy_external_address = string_copy_taint(argv[i], TRUE); + if (++i < argc) + { + proxy_external_port = Uatoi(argv[i]); + break; + } } } } + badarg = TRUE; + break; +#endif /* -MCQ: pass on the pid of the queue-running process that started this chain of deliveries and the fd of its synchronizing pipe; this is useful only when it precedes -MC (see above) */ diff --git a/src/src/transport.c b/src/src/transport.c index 31edb9692..39b8c411a 100644 --- a/src/src/transport.c +++ b/src/src/transport.c @@ -1880,7 +1880,7 @@ void transport_do_pass_socket(const uschar *transport_name, const uschar *hostname, const uschar *hostaddress, uschar *id, int socket_fd) { -int i = 22; +int i = 27; const uschar **argv; /* Set up the calling arguments; use the standard function for the basics, @@ -1923,6 +1923,17 @@ if (queue_run_pid != (pid_t)0) argv[i++] = string_sprintf("%d", queue_run_pipe); } +#ifdef SUPPORT_SOCKS +if (proxy_session) + { + argv[i++] = US"-MCp"; + argv[i++] = proxy_local_address; + argv[i++] = string_sprintf("%d", proxy_local_port); + argv[i++] = proxy_external_address; + argv[i++] = string_sprintf("%d", proxy_external_port); + } +#endif + argv[i++] = US"-MC"; argv[i++] = US transport_name; argv[i++] = US hostname; diff --git a/test/confs/4020 b/test/confs/4020 index 05c95a571..dc0db460e 100644 --- a/test/confs/4020 +++ b/test/confs/4020 @@ -5,6 +5,7 @@ OPT = .include DIR/aux-var/std_conf_prefix primary_hostname = myhost.test.ex +queue_run_in_order # ----- Main settings ----- @@ -14,6 +15,13 @@ domainlist local_domains = test.ex : *.test.ex acl_smtp_rcpt = accept +# ----- ACL ----- + +begin acl + +logger: + accept logwrite = pla $proxy_local_address plp $proxy_local_port pea $proxy_external_address pep $proxy_external_port + # ----- Routers ----- begin routers @@ -35,9 +43,10 @@ my_smtp: driver = smtp interface = HOSTIPV4 port = PORT_S - hide socks_proxy = 127.0.0.1 port=PORT_D OPT + hide socks_proxy = HOSTIPV4 port=PORT_D OPT hosts_try_fastopen = ${if eq {$local_part}{user_tfo} {*}} debug_print = transport_name <$transport_name> + event_action = ${if eq {smtp:connect}{$event_name} {${acl {logger}}} {}} # End diff --git a/test/confs/4021 b/test/confs/4021 new file mode 120000 index 000000000..4af051ca9 --- /dev/null +++ b/test/confs/4021 @@ -0,0 +1 @@ +4020 \ No newline at end of file diff --git a/test/log/4020 b/test/log/4020 index 22eab1fd9..fd6e3972a 100644 --- a/test/log/4020 +++ b/test/log/4020 @@ -1,6 +1,8 @@ 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss -1999-03-02 09:44:33 10HmaX-0005vi-00 => userx@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[127.0.0.1]:PORT_D C="250 accepted OK" +1999-03-02 09:44:33 10HmaX-0005vi-00 pla ip4.ip4.ip4.ip4 plp 1225 pea 127.0.0.1 pep 48879 +1999-03-02 09:44:33 10HmaX-0005vi-00 => userx@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[ip4.ip4.ip4.ip4]:PORT_D C="250 accepted OK" 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss -1999-03-02 09:44:33 10HmaY-0005vi-00 => userx@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[127.0.0.1]:PORT_D C="250 accepted OK" +1999-03-02 09:44:33 10HmaY-0005vi-00 pla ip4.ip4.ip4.ip4 plp 1225 pea 127.0.0.1 pep 48879 +1999-03-02 09:44:33 10HmaY-0005vi-00 => userx@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[ip4.ip4.ip4.ip4]:PORT_D C="250 accepted OK" 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed diff --git a/test/log/4021 b/test/log/4021 new file mode 100644 index 000000000..5729b657b --- /dev/null +++ b/test/log/4021 @@ -0,0 +1,9 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss +1999-03-02 09:44:33 Start queue run: pid=pppp -qq +1999-03-02 09:44:33 10HmaX-0005vi-00 pla ip4.ip4.ip4.ip4 plp 1225 pea 127.0.0.1 pep 48879 +1999-03-02 09:44:33 10HmaX-0005vi-00 => userx@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[ip4.ip4.ip4.ip4]:PORT_D C="250 message accepted OK" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S* PRX=[ip4.ip4.ip4.ip4]:PORT_D C="250 second message accepted OK" +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp -qq diff --git a/test/log/4027 b/test/log/4027 index 4b49cb15b..85e5899f1 100644 --- a/test/log/4027 +++ b/test/log/4027 @@ -1,9 +1,12 @@ 1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss -1999-03-02 09:44:33 10HmaX-0005vi-00 => user_tfo@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[127.0.0.1]:PORT_D C="250 accepted OK" +1999-03-02 09:44:33 10HmaX-0005vi-00 pla ip4.ip4.ip4.ip4 plp 1225 pea 127.0.0.1 pep 48879 +1999-03-02 09:44:33 10HmaX-0005vi-00 => user_tfo@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[ip4.ip4.ip4.ip4]:PORT_D C="250 accepted OK" 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss -1999-03-02 09:44:33 10HmaY-0005vi-00 => user_tfo@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[127.0.0.1]:PORT_D C="250 accepted OK" +1999-03-02 09:44:33 10HmaY-0005vi-00 pla ip4.ip4.ip4.ip4 plp 1225 pea 127.0.0.1 pep 48879 +1999-03-02 09:44:33 10HmaY-0005vi-00 => user_tfo@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[ip4.ip4.ip4.ip4]:PORT_D C="250 accepted OK" 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed 1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local-esmtp S=sss -1999-03-02 09:44:33 10HmaZ-0005vi-00 => user_tfo@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[127.0.0.1]:PORT_D TFO* C="250 accepted OK" +1999-03-02 09:44:33 10HmaZ-0005vi-00 pla ip4.ip4.ip4.ip4 plp 1225 pea 127.0.0.1 pep 48879 +1999-03-02 09:44:33 10HmaZ-0005vi-00 => user_tfo@test.ex R=my_main_router T=my_smtp H=127.0.0.1 [127.0.0.1]:PORT_S PRX=[ip4.ip4.ip4.ip4]:PORT_D TFO* C="250 accepted OK" 1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed diff --git a/test/scripts/4020-socks/4021 b/test/scripts/4020-socks/4021 new file mode 100644 index 000000000..d2a4dc7ce --- /dev/null +++ b/test/scripts/4020-socks/4021 @@ -0,0 +1,68 @@ +# socks5 proxy on smtp transport, continued-connection +# +munge loopback +# +exim -odq -bs -DOPT= +ehlo test.ex +mail from:<> +rcpt to: +data +Date: Fri, 17 Dec 2004 14:35:01 +0100 +Subject: message should be queued + +Queued body +. +quit +**** +exim -odq -bs -DOPT= +ehlo test.ex +mail from:<> +rcpt to: +data +Date: Fri, 17 Dec 2004 14:35:01 +0100 +Subject: message should be queud + +via null-auth proxy +. +quit +**** +# +# +# +# auth: null +server PORT_D +<<\x05\x01\x00 +>>\x05\x00 +<<\x05\x01\x00\x01\x7f\x00\x00\x01\x04\xc8 +>>\x05\x00\x00\x01\x7f\x00\x00\x01\xbe\xef +220 Connected OK +EHLO +250-server id +250 +MAIL FROM +250 mail cmd ok +RCPT TO +250 rcpt cmd ok +DATA +354 hit me +. +250 message accepted OK +MAIL FROM +250 second mail cmd ok +RCPT TO +250 second rcpt cmd ok +DATA +354 hit me one more time +. +250 second message accepted OK +QUIT +220 bye +**** +# +# +# +exim -DOPT= -qq +**** +# +# +# Ends diff --git a/test/stdout/4021 b/test/stdout/4021 new file mode 100644 index 000000000..5e8877da4 --- /dev/null +++ b/test/stdout/4021 @@ -0,0 +1,53 @@ +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +250-myhost.test.ex Hello CALLER at test.ex +250-SIZE 52428800 +250-8BITMIME +250-PIPELINING +250 HELP +250 OK +250 Accepted +354 Enter message, ending with "." on a line by itself +250 OK id=10HmaX-0005vi-00 +221 myhost.test.ex closing connection +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +250-myhost.test.ex Hello CALLER at test.ex +250-SIZE 52428800 +250-8BITMIME +250-PIPELINING +250 HELP +250 OK +250 Accepted +354 Enter message, ending with "." on a line by itself +250 OK id=10HmaY-0005vi-00 +221 myhost.test.ex closing connection + +******** SERVER ******** +Listening on port 1225 ... +Connection request from [ip4.ip4.ip4.ip4] +<<\x05\x01\x00 +>>\x05\x00 +<<\x05\x01\x00\x01\x7f\x00\x00\x01\x04\xc8 +>>\x05\x00\x00\x01\x7f\x00\x00\x01\xbe\xef +220 Connected OK +EHLO +250-server id +250 +MAIL FROM +250 mail cmd ok +RCPT TO +250 rcpt cmd ok +DATA +354 hit me +R +250 message accepted OK +MAIL FROM +250 second mail cmd ok +RCPT TO +250 second rcpt cmd ok +DATA +354 hit me one more time +R +250 second message accepted OK +QUIT +220 bye +End of script -- 2.30.2