Commit | Line | Data |
---|---|---|
0756eb3c PH |
1 | /************************************************* |
2 | * Exim - an Internet mail transport agent * | |
3 | *************************************************/ | |
4 | ||
f9ba5e22 | 5 | /* Copyright (c) University of Cambridge 1995 - 2018 */ |
1e1ddfac | 6 | /* Copyright (c) The Exim Maintainers 2020 */ |
0756eb3c PH |
7 | /* See the file NOTICE for conditions of use and distribution. */ |
8 | ||
9 | ||
10 | #include "../exim.h" | |
11 | #include "lmtp.h" | |
12 | ||
13 | #define PENDING_OK 256 | |
14 | ||
15 | ||
16 | /* Options specific to the lmtp transport. They must be in alphabetic | |
17 | order (note that "_" comes before the lower case letters). Those starting | |
18 | with "*" are not settable by the user but are used by the option-reading | |
19 | software for alternative value types. Some options are stored in the transport | |
20 | instance block so as to be publicly visible; these are flagged with opt_public. | |
21 | */ | |
22 | ||
23 | optionlist lmtp_transport_options[] = { | |
24 | { "batch_id", opt_stringptr | opt_public, | |
13a4b4c1 | 25 | OPT_OFF(transport_instance, batch_id) }, |
0756eb3c | 26 | { "batch_max", opt_int | opt_public, |
13a4b4c1 | 27 | OPT_OFF(transport_instance, batch_max) }, |
0756eb3c | 28 | { "command", opt_stringptr, |
13a4b4c1 | 29 | OPT_OFF(lmtp_transport_options_block, cmd) }, |
f1513293 | 30 | { "ignore_quota", opt_bool, |
13a4b4c1 | 31 | OPT_OFF(lmtp_transport_options_block, ignore_quota) }, |
0756eb3c | 32 | { "socket", opt_stringptr, |
13a4b4c1 | 33 | OPT_OFF(lmtp_transport_options_block, skt) }, |
0756eb3c | 34 | { "timeout", opt_time, |
13a4b4c1 | 35 | OPT_OFF(lmtp_transport_options_block, timeout) } |
0756eb3c PH |
36 | }; |
37 | ||
38 | /* Size of the options list. An extern variable has to be used so that its | |
39 | address can appear in the tables drtables.c. */ | |
40 | ||
41 | int lmtp_transport_options_count = | |
42 | sizeof(lmtp_transport_options)/sizeof(optionlist); | |
43 | ||
d185889f JH |
44 | |
45 | #ifdef MACRO_PREDEF | |
46 | ||
47 | /* Dummy values */ | |
48 | lmtp_transport_options_block lmtp_transport_option_defaults = {0}; | |
49 | void lmtp_transport_init(transport_instance *tblock) {} | |
50 | BOOL lmtp_transport_entry(transport_instance *tblock, address_item *addr) {return FALSE;} | |
51 | ||
52 | #else /*!MACRO_PREDEF*/ | |
53 | ||
54 | ||
0756eb3c PH |
55 | /* Default private options block for the lmtp transport. */ |
56 | ||
57 | lmtp_transport_options_block lmtp_transport_option_defaults = { | |
58 | NULL, /* cmd */ | |
59 | NULL, /* skt */ | |
60 | 5*60, /* timeout */ | |
f1513293 PH |
61 | 0, /* options */ |
62 | FALSE /* ignore_quota */ | |
0756eb3c PH |
63 | }; |
64 | ||
65 | ||
66 | ||
67 | /************************************************* | |
68 | * Initialization entry point * | |
69 | *************************************************/ | |
70 | ||
71 | /* Called for each instance, after its options have been read, to | |
72 | enable consistency checks to be done, or anything else that needs | |
73 | to be set up. */ | |
74 | ||
75 | void | |
76 | lmtp_transport_init(transport_instance *tblock) | |
77 | { | |
78 | lmtp_transport_options_block *ob = | |
79 | (lmtp_transport_options_block *)(tblock->options_block); | |
80 | ||
81 | /* Either the command field or the socket field must be set */ | |
82 | ||
83 | if ((ob->cmd == NULL) == (ob->skt == NULL)) | |
84 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG, | |
85 | "one (and only one) of command or socket must be set for the %s transport", | |
86 | tblock->name); | |
87 | ||
88 | /* If a fixed uid field is set, then a gid field must also be set. */ | |
89 | ||
90 | if (tblock->uid_set && !tblock->gid_set && tblock->expand_gid == NULL) | |
91 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG, | |
92 | "user set without group for the %s transport", tblock->name); | |
93 | ||
94 | /* Set up the bitwise options for transport_write_message from the various | |
95 | driver options. Only one of body_only and headers_only can be set. */ | |
96 | ||
97 | ob->options |= | |
98 | (tblock->body_only? topt_no_headers : 0) | | |
99 | (tblock->headers_only? topt_no_body : 0) | | |
100 | (tblock->return_path_add? topt_add_return_path : 0) | | |
101 | (tblock->delivery_date_add? topt_add_delivery_date : 0) | | |
102 | (tblock->envelope_to_add? topt_add_envelope_to : 0) | | |
103 | topt_use_crlf | topt_end_dot; | |
104 | } | |
105 | ||
106 | ||
107 | /************************************************* | |
108 | * Check an LMTP response * | |
109 | *************************************************/ | |
110 | ||
111 | /* This function is given an errno code and the LMTP response buffer to | |
112 | analyse. It sets an appropriate message and puts the first digit of the | |
113 | response code into the yield variable. If no response was actually read, a | |
114 | suitable digit is chosen. | |
115 | ||
116 | Arguments: | |
117 | errno_value pointer to the errno value | |
118 | more_errno from the top address for use with ERRNO_FILTER_FAIL | |
119 | buffer the LMTP response buffer | |
120 | yield where to put a one-digit LMTP response code | |
4c04137d | 121 | message where to put an error message |
0756eb3c PH |
122 | |
123 | Returns: TRUE if a "QUIT" command should be sent, else FALSE | |
124 | */ | |
125 | ||
fc243e94 JH |
126 | static BOOL |
127 | check_response(int *errno_value, int more_errno, uschar *buffer, | |
0756eb3c PH |
128 | int *yield, uschar **message) |
129 | { | |
130 | *yield = '4'; /* Default setting is to give a temporary error */ | |
131 | ||
132 | /* Handle response timeout */ | |
133 | ||
134 | if (*errno_value == ETIMEDOUT) | |
135 | { | |
136 | *message = string_sprintf("LMTP timeout after %s", big_buffer); | |
137 | if (transport_count > 0) | |
138 | *message = string_sprintf("%s (%d bytes written)", *message, | |
139 | transport_count); | |
140 | *errno_value = 0; | |
141 | return FALSE; | |
142 | } | |
143 | ||
144 | /* Handle malformed LMTP response */ | |
145 | ||
146 | if (*errno_value == ERRNO_SMTPFORMAT) | |
147 | { | |
148 | *message = string_sprintf("Malformed LMTP response after %s: %s", | |
149 | big_buffer, string_printing(buffer)); | |
150 | return FALSE; | |
151 | } | |
152 | ||
153 | /* Handle a failed filter process error; can't send QUIT as we mustn't | |
154 | end the DATA. */ | |
155 | ||
156 | if (*errno_value == ERRNO_FILTER_FAIL) | |
157 | { | |
8e669ac1 PH |
158 | *message = string_sprintf("transport filter process failed (%d)%s", |
159 | more_errno, | |
35af9f61 | 160 | (more_errno == EX_EXECFAILED)? ": unable to execute command" : ""); |
0756eb3c PH |
161 | return FALSE; |
162 | } | |
163 | ||
164 | /* Handle a failed add_headers expansion; can't send QUIT as we mustn't | |
165 | end the DATA. */ | |
166 | ||
167 | if (*errno_value == ERRNO_CHHEADER_FAIL) | |
168 | { | |
169 | *message = | |
170 | string_sprintf("failed to expand headers_add or headers_remove: %s", | |
171 | expand_string_message); | |
172 | return FALSE; | |
173 | } | |
174 | ||
175 | /* Handle failure to write a complete data block */ | |
176 | ||
177 | if (*errno_value == ERRNO_WRITEINCOMPLETE) | |
178 | { | |
f3ebb786 | 179 | *message = US"failed to write a data block"; |
0756eb3c PH |
180 | return FALSE; |
181 | } | |
182 | ||
183 | /* Handle error responses from the remote process. */ | |
184 | ||
185 | if (buffer[0] != 0) | |
186 | { | |
55414b25 | 187 | const uschar *s = string_printing(buffer); |
0756eb3c PH |
188 | *message = string_sprintf("LMTP error after %s: %s", big_buffer, s); |
189 | *yield = buffer[0]; | |
190 | return TRUE; | |
191 | } | |
192 | ||
193 | /* No data was read. If there is no errno, this must be the EOF (i.e. | |
194 | connection closed) case, which causes deferral. Otherwise, leave the errno | |
195 | value to be interpreted. In all cases, we have to assume the connection is now | |
196 | dead. */ | |
197 | ||
198 | if (*errno_value == 0) | |
199 | { | |
200 | *errno_value = ERRNO_SMTPCLOSED; | |
201 | *message = string_sprintf("LMTP connection closed after %s", big_buffer); | |
202 | } | |
203 | ||
204 | return FALSE; | |
205 | } | |
206 | ||
207 | ||
208 | ||
209 | /************************************************* | |
210 | * Write LMTP command * | |
211 | *************************************************/ | |
212 | ||
213 | /* The formatted command is left in big_buffer so that it can be reflected in | |
214 | any error message. | |
215 | ||
216 | Arguments: | |
217 | fd the fd to write to | |
218 | format a format, starting with one of | |
219 | of HELO, MAIL FROM, RCPT TO, DATA, ".", or QUIT. | |
220 | ... data for the format | |
221 | ||
222 | Returns: TRUE if successful, FALSE if not, with errno set | |
223 | */ | |
224 | ||
225 | static BOOL | |
1ba28e2b | 226 | lmtp_write_command(int fd, const char *format, ...) |
0756eb3c | 227 | { |
d12746bc JH |
228 | gstring gs = { .size = big_buffer_size, .ptr = 0, .s = big_buffer }; |
229 | int rc; | |
0756eb3c | 230 | va_list ap; |
d12746bc | 231 | |
f3ebb786 JH |
232 | /*XXX see comment in smtp_write_command() regarding leaving stuff in |
233 | big_buffer */ | |
234 | ||
0756eb3c | 235 | va_start(ap, format); |
f3ebb786 | 236 | if (!string_vformat(&gs, SVFMT_TAINT_NOCHK, CS format, ap)) |
0756eb3c | 237 | { |
cb570b5e | 238 | va_end(ap); |
0756eb3c PH |
239 | errno = ERRNO_SMTPFORMAT; |
240 | return FALSE; | |
241 | } | |
242 | va_end(ap); | |
d12746bc JH |
243 | DEBUG(D_transport|D_v) debug_printf(" LMTP>> %s", string_from_gstring(&gs)); |
244 | rc = write(fd, gs.s, gs.ptr); | |
245 | gs.ptr -= 2; string_from_gstring(&gs); /* remove \r\n for debug and error message */ | |
0756eb3c PH |
246 | if (rc > 0) return TRUE; |
247 | DEBUG(D_transport) debug_printf("write failed: %s\n", strerror(errno)); | |
248 | return FALSE; | |
249 | } | |
250 | ||
251 | ||
252 | ||
253 | ||
254 | /************************************************* | |
255 | * Read LMTP response * | |
256 | *************************************************/ | |
257 | ||
258 | /* This function reads an LMTP response with a timeout, and returns the | |
259 | response in the given buffer. It also analyzes the first digit of the reply | |
260 | code and returns FALSE if it is not acceptable. | |
261 | ||
262 | FALSE is also returned after a reading error. In this case buffer[0] will be | |
263 | zero, and the error code will be in errno. | |
264 | ||
265 | Arguments: | |
266 | f a file to read from | |
267 | buffer where to put the response | |
268 | size the size of the buffer | |
269 | okdigit the expected first digit of the response | |
270 | timeout the timeout to use | |
271 | ||
272 | Returns: TRUE if a valid, non-error response was received; else FALSE | |
273 | */ | |
274 | ||
275 | static BOOL | |
276 | lmtp_read_response(FILE *f, uschar *buffer, int size, int okdigit, int timeout) | |
277 | { | |
278 | int count; | |
279 | uschar *ptr = buffer; | |
280 | uschar *readptr = buffer; | |
281 | ||
282 | /* Ensure errno starts out zero */ | |
283 | ||
284 | errno = 0; | |
285 | ||
286 | /* Loop for handling LMTP responses that do not all come in one line. */ | |
287 | ||
288 | for (;;) | |
289 | { | |
290 | /* If buffer is too full, something has gone wrong. */ | |
291 | ||
292 | if (size < 10) | |
293 | { | |
294 | *readptr = 0; | |
295 | errno = ERRNO_SMTPFORMAT; | |
296 | return FALSE; | |
297 | } | |
298 | ||
299 | /* Loop to cover the read getting interrupted. */ | |
300 | ||
301 | for (;;) | |
302 | { | |
303 | char *rc; | |
304 | int save_errno; | |
305 | ||
306 | *readptr = 0; /* In case nothing gets read */ | |
307 | sigalrm_seen = FALSE; | |
c2a1bba0 | 308 | ALARM(timeout); |
0756eb3c PH |
309 | rc = Ufgets(readptr, size-1, f); |
310 | save_errno = errno; | |
c2a1bba0 | 311 | ALARM_CLR(0); |
0756eb3c PH |
312 | errno = save_errno; |
313 | ||
314 | if (rc != NULL) break; /* A line has been read */ | |
315 | ||
316 | /* Handle timeout; must do this first because it uses EINTR */ | |
317 | ||
318 | if (sigalrm_seen) errno = ETIMEDOUT; | |
319 | ||
320 | /* If some other interrupt arrived, just retry. We presume this to be rare, | |
321 | but it can happen (e.g. the SIGUSR1 signal sent by exiwhat causes | |
322 | read() to exit). */ | |
323 | ||
324 | else if (errno == EINTR) | |
325 | { | |
326 | DEBUG(D_transport) debug_printf("EINTR while reading LMTP response\n"); | |
327 | continue; | |
328 | } | |
329 | ||
330 | /* Handle other errors, including EOF; ensure buffer is completely empty. */ | |
331 | ||
332 | buffer[0] = 0; | |
333 | return FALSE; | |
334 | } | |
335 | ||
336 | /* Adjust size in case we have to read another line, and adjust the | |
337 | count to be the length of the line we are about to inspect. */ | |
338 | ||
339 | count = Ustrlen(readptr); | |
340 | size -= count; | |
341 | count += readptr - ptr; | |
342 | ||
343 | /* See if the final two characters in the buffer are \r\n. If not, we | |
344 | have to read some more. At least, that is what we should do on a strict | |
345 | interpretation of the RFC. But accept LF as well, as we do for SMTP. */ | |
346 | ||
347 | if (ptr[count-1] != '\n') | |
348 | { | |
349 | DEBUG(D_transport) | |
350 | { | |
0756eb3c | 351 | debug_printf("LMTP input line incomplete in one buffer:\n "); |
d7978c0f | 352 | for (int i = 0; i < count; i++) |
0756eb3c PH |
353 | { |
354 | int c = (ptr[i]); | |
355 | if (mac_isprint(c)) debug_printf("%c", c); else debug_printf("<%d>", c); | |
356 | } | |
357 | debug_printf("\n"); | |
358 | } | |
359 | readptr = ptr + count; | |
360 | continue; | |
361 | } | |
362 | ||
363 | /* Remove any whitespace at the end of the buffer. This gets rid of CR, LF | |
364 | etc. at the end. Show it, if debugging, formatting multi-line responses. */ | |
365 | ||
366 | while (count > 0 && isspace(ptr[count-1])) count--; | |
367 | ptr[count] = 0; | |
368 | ||
369 | DEBUG(D_transport|D_v) | |
370 | { | |
371 | uschar *s = ptr; | |
372 | uschar *t = ptr; | |
373 | while (*t != 0) | |
374 | { | |
375 | while (*t != 0 && *t != '\n') t++; | |
376 | debug_printf(" %s %*s\n", (s == ptr)? "LMTP<<" : " ", | |
377 | (int)(t-s), s); | |
378 | if (*t == 0) break; | |
379 | s = t = t + 1; | |
380 | } | |
381 | } | |
382 | ||
383 | /* Check the format of the response: it must start with three digits; if | |
384 | these are followed by a space or end of line, the response is complete. If | |
385 | they are followed by '-' this is a multi-line response and we must look for | |
386 | another line until the final line is reached. The only use made of multi-line | |
387 | responses is to pass them back as error messages. We therefore just | |
388 | concatenate them all within the buffer, which should be large enough to | |
389 | accept any reasonable number of lines. A multiline response may already | |
390 | have been read in one go - hence the loop here. */ | |
391 | ||
392 | for(;;) | |
393 | { | |
394 | uschar *p; | |
395 | if (count < 3 || | |
396 | !isdigit(ptr[0]) || | |
397 | !isdigit(ptr[1]) || | |
398 | !isdigit(ptr[2]) || | |
399 | (ptr[3] != '-' && ptr[3] != ' ' && ptr[3] != 0)) | |
400 | { | |
401 | errno = ERRNO_SMTPFORMAT; /* format error */ | |
402 | return FALSE; | |
403 | } | |
404 | ||
405 | /* If a single-line response, exit the loop */ | |
406 | ||
407 | if (ptr[3] != '-') break; | |
408 | ||
409 | /* For a multi-line response see if the next line is already read, and if | |
410 | so, stay in this loop to check it. */ | |
411 | ||
412 | p = ptr + 3; | |
413 | while (*(++p) != 0) | |
414 | { | |
415 | if (*p == '\n') | |
416 | { | |
417 | ptr = ++p; | |
418 | break; | |
419 | } | |
420 | } | |
421 | if (*p == 0) break; /* No more lines to check */ | |
422 | } | |
423 | ||
424 | /* End of response. If the last of the lines we are looking at is the final | |
425 | line, we are done. Otherwise more data has to be read. */ | |
426 | ||
427 | if (ptr[3] != '-') break; | |
428 | ||
429 | /* Move the reading pointer upwards in the buffer and insert \n in case this | |
430 | is an error message that subsequently gets printed. Set the scanning pointer | |
431 | to the reading pointer position. */ | |
432 | ||
433 | ptr += count; | |
434 | *ptr++ = '\n'; | |
435 | size--; | |
436 | readptr = ptr; | |
437 | } | |
438 | ||
439 | /* Return a value that depends on the LMTP return code. Ensure that errno is | |
440 | zero, because the caller of this function looks at errno when FALSE is | |
441 | returned, to distinguish between an unexpected return code and other errors | |
442 | such as timeouts, lost connections, etc. */ | |
443 | ||
444 | errno = 0; | |
445 | return buffer[0] == okdigit; | |
446 | } | |
447 | ||
448 | ||
449 | ||
450 | ||
451 | ||
452 | ||
453 | /************************************************* | |
454 | * Main entry point * | |
455 | *************************************************/ | |
456 | ||
457 | /* See local README for interface details. For setup-errors, this transport | |
458 | returns FALSE, indicating that the first address has the status for all; in | |
459 | normal cases it returns TRUE, indicating that each address has its own status | |
460 | set. */ | |
461 | ||
462 | BOOL | |
463 | lmtp_transport_entry( | |
464 | transport_instance *tblock, /* data for this instantiation */ | |
465 | address_item *addrlist) /* address(es) we are working on */ | |
466 | { | |
467 | pid_t pid = 0; | |
468 | FILE *out; | |
469 | lmtp_transport_options_block *ob = | |
470 | (lmtp_transport_options_block *)(tblock->options_block); | |
471 | struct sockaddr_un sockun; /* don't call this "sun" ! */ | |
472 | int timeout = ob->timeout; | |
473 | int fd_in = -1, fd_out = -1; | |
474 | int code, save_errno; | |
475 | BOOL send_data; | |
476 | BOOL yield = FALSE; | |
f1513293 | 477 | uschar *igquotstr = US""; |
0756eb3c | 478 | uschar *sockname = NULL; |
55414b25 | 479 | const uschar **argv; |
0756eb3c PH |
480 | uschar buffer[256]; |
481 | ||
482 | DEBUG(D_transport) debug_printf("%s transport entered\n", tblock->name); | |
483 | ||
484 | /* Initialization ensures that either a command or a socket is specified, but | |
485 | not both. When a command is specified, call the common function for creating an | |
486 | argument list and expanding the items. */ | |
487 | ||
55414b25 | 488 | if (ob->cmd) |
0756eb3c PH |
489 | { |
490 | DEBUG(D_transport) debug_printf("using command %s\n", ob->cmd); | |
491 | sprintf(CS buffer, "%.50s transport", tblock->name); | |
492 | if (!transport_set_up_command(&argv, ob->cmd, TRUE, PANIC, addrlist, buffer, | |
493 | NULL)) | |
494 | return FALSE; | |
55414b25 JH |
495 | |
496 | /* If the -N option is set, can't do any more. Presume all has gone well. */ | |
8768d548 | 497 | if (f.dont_deliver) |
55414b25 JH |
498 | goto MINUS_N; |
499 | ||
500 | /* As this is a local transport, we are already running with the required | |
501 | uid/gid and current directory. Request that the new process be a process group | |
502 | leader, so we can kill it and all its children on an error. */ | |
503 | ||
eb24befc JH |
504 | if ((pid = child_open(USS argv, NULL, 0, &fd_in, &fd_out, TRUE, |
505 | US"lmtp-tpt-cmd")) < 0) | |
55414b25 JH |
506 | { |
507 | addrlist->message = string_sprintf( | |
508 | "Failed to create child process for %s transport: %s", tblock->name, | |
509 | strerror(errno)); | |
510 | return FALSE; | |
511 | } | |
0756eb3c PH |
512 | } |
513 | ||
514 | /* When a socket is specified, expand the string and create a socket. */ | |
515 | ||
516 | else | |
517 | { | |
518 | DEBUG(D_transport) debug_printf("using socket %s\n", ob->skt); | |
eb24befc | 519 | if (!(sockname = expand_string(ob->skt))) |
0756eb3c PH |
520 | { |
521 | addrlist->message = string_sprintf("Expansion of \"%s\" (socket setting " | |
522 | "for %s transport) failed: %s", ob->skt, tblock->name, | |
523 | expand_string_message); | |
524 | return FALSE; | |
525 | } | |
526 | if ((fd_in = fd_out = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) | |
527 | { | |
528 | addrlist->message = string_sprintf( | |
529 | "Failed to create socket %s for %s transport: %s", | |
530 | ob->skt, tblock->name, strerror(errno)); | |
531 | return FALSE; | |
532 | } | |
0756eb3c | 533 | |
55414b25 | 534 | /* If the -N option is set, can't do any more. Presume all has gone well. */ |
8768d548 | 535 | if (f.dont_deliver) |
55414b25 | 536 | goto MINUS_N; |
0756eb3c | 537 | |
0756eb3c PH |
538 | sockun.sun_family = AF_UNIX; |
539 | sprintf(sockun.sun_path, "%.*s", (int)(sizeof(sockun.sun_path)-1), sockname); | |
540 | if(connect(fd_out, (struct sockaddr *)(&sockun), sizeof(sockun)) == -1) | |
541 | { | |
542 | addrlist->message = string_sprintf( | |
543 | "Failed to connect to socket %s for %s transport: %s", | |
544 | sockun.sun_path, tblock->name, strerror(errno)); | |
545 | return FALSE; | |
546 | } | |
547 | } | |
548 | ||
55414b25 | 549 | |
0756eb3c PH |
550 | /* Make the output we are going to read into a file. */ |
551 | ||
552 | out = fdopen(fd_out, "rb"); | |
553 | ||
554 | /* Now we must implement the LMTP protocol. It is like SMTP, except that after | |
555 | the end of the message, a return code for every accepted RCPT TO is sent. This | |
556 | allows for message+recipient checks after the message has been received. */ | |
557 | ||
558 | /* First thing is to wait for an initial greeting. */ | |
559 | ||
f3ebb786 | 560 | Ustrcpy(big_buffer, US"initial connection"); |
0756eb3c PH |
561 | if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', |
562 | timeout)) goto RESPONSE_FAILED; | |
563 | ||
564 | /* Next, we send a LHLO command, and expect a positive response */ | |
565 | ||
566 | if (!lmtp_write_command(fd_in, "%s %s\r\n", "LHLO", | |
567 | primary_hostname)) goto WRITE_FAILED; | |
568 | ||
569 | if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', | |
570 | timeout)) goto RESPONSE_FAILED; | |
571 | ||
f1513293 PH |
572 | /* If the ignore_quota option is set, note whether the server supports the |
573 | IGNOREQUOTA option, and if so, set an appropriate addition for RCPT. */ | |
574 | ||
575 | if (ob->ignore_quota) | |
576 | igquotstr = (pcre_exec(regex_IGNOREQUOTA, NULL, CS buffer, | |
577 | Ustrlen(CS buffer), 0, PCRE_EOPT, NULL, 0) >= 0)? US" IGNOREQUOTA" : US""; | |
578 | ||
0756eb3c PH |
579 | /* Now the envelope sender */ |
580 | ||
581 | if (!lmtp_write_command(fd_in, "MAIL FROM:<%s>\r\n", return_path)) | |
582 | goto WRITE_FAILED; | |
583 | ||
584 | if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout)) | |
e97957bc PH |
585 | { |
586 | if (errno == 0 && buffer[0] == '4') | |
587 | { | |
588 | errno = ERRNO_MAIL4XX; | |
589 | addrlist->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8; | |
590 | } | |
0756eb3c | 591 | goto RESPONSE_FAILED; |
e97957bc | 592 | } |
0756eb3c PH |
593 | |
594 | /* Next, we hand over all the recipients. Some may be permanently or | |
595 | temporarily rejected; others may be accepted, for now. */ | |
596 | ||
597 | send_data = FALSE; | |
d7978c0f | 598 | for (address_item * addr = addrlist; addr; addr = addr->next) |
0756eb3c | 599 | { |
f1513293 PH |
600 | if (!lmtp_write_command(fd_in, "RCPT TO:<%s>%s\r\n", |
601 | transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr)) | |
0756eb3c PH |
602 | goto WRITE_FAILED; |
603 | if (lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout)) | |
604 | { | |
605 | send_data = TRUE; | |
606 | addr->transport_return = PENDING_OK; | |
607 | } | |
608 | else | |
609 | { | |
610 | if (errno != 0 || buffer[0] == 0) goto RESPONSE_FAILED; | |
611 | addr->message = string_sprintf("LMTP error after %s: %s", big_buffer, | |
612 | string_printing(buffer)); | |
99ea1c86 | 613 | setflag(addr, af_pass_message); /* Allow message to go to user */ |
0756eb3c PH |
614 | if (buffer[0] == '5') addr->transport_return = FAIL; else |
615 | { | |
0756eb3c | 616 | addr->basic_errno = ERRNO_RCPT4XX; |
e97957bc | 617 | addr->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8; |
0756eb3c PH |
618 | } |
619 | } | |
620 | } | |
621 | ||
622 | /* Now send the text of the message if there were any good recipients. */ | |
623 | ||
624 | if (send_data) | |
625 | { | |
626 | BOOL ok; | |
65de12cc | 627 | transport_ctx tctx = { |
cab0c277 | 628 | {fd_in}, |
65de12cc JH |
629 | tblock, |
630 | addrlist, | |
6d5c916c | 631 | US".", US"..", |
65de12cc JH |
632 | ob->options |
633 | }; | |
0756eb3c PH |
634 | |
635 | if (!lmtp_write_command(fd_in, "DATA\r\n")) goto WRITE_FAILED; | |
636 | if (!lmtp_read_response(out, buffer, sizeof(buffer), '3', timeout)) | |
e97957bc PH |
637 | { |
638 | if (errno == 0 && buffer[0] == '4') | |
639 | { | |
640 | errno = ERRNO_DATA4XX; | |
641 | addrlist->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8; | |
642 | } | |
0756eb3c | 643 | goto RESPONSE_FAILED; |
e97957bc | 644 | } |
0756eb3c PH |
645 | |
646 | sigalrm_seen = FALSE; | |
647 | transport_write_timeout = timeout; | |
f3ebb786 | 648 | Ustrcpy(big_buffer, US"sending data block"); /* For error messages */ |
0756eb3c PH |
649 | DEBUG(D_transport|D_v) |
650 | debug_printf(" LMTP>> writing message and terminating \".\"\n"); | |
651 | ||
652 | transport_count = 0; | |
42055a33 | 653 | ok = transport_write_message(&tctx, 0); |
0756eb3c PH |
654 | |
655 | /* Failure can either be some kind of I/O disaster (including timeout), | |
656 | or the failure of a transport filter or the expansion of added headers. */ | |
657 | ||
658 | if (!ok) | |
659 | { | |
660 | buffer[0] = 0; /* There hasn't been a response */ | |
661 | goto RESPONSE_FAILED; | |
662 | } | |
663 | ||
f3ebb786 | 664 | Ustrcpy(big_buffer, US"end of data"); /* For error messages */ |
0756eb3c PH |
665 | |
666 | /* We now expect a response for every address that was accepted above, | |
667 | in the same order. For those that get a response, their status is fixed; | |
668 | any that are accepted have been handed over, even if later responses crash - | |
669 | at least, that's how I read RFC 2033. */ | |
670 | ||
d7978c0f | 671 | for (address_item * addr = addrlist; addr; addr = addr->next) |
0756eb3c PH |
672 | { |
673 | if (addr->transport_return != PENDING_OK) continue; | |
674 | ||
675 | if (lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout)) | |
76f44207 | 676 | { |
0756eb3c | 677 | addr->transport_return = OK; |
6c6d6e48 | 678 | if (LOGGING(smtp_confirmation)) |
76f44207 | 679 | { |
55414b25 JH |
680 | const uschar *s = string_printing(buffer); |
681 | /* de-const safe here as string_printing known to have alloc'n'copied */ | |
5903c6ff | 682 | addr->message = (s == buffer)? US string_copy(s) : US s; |
76f44207 WB |
683 | } |
684 | } | |
0756eb3c PH |
685 | /* If the response has failed badly, use it for all the remaining pending |
686 | addresses and give up. */ | |
687 | ||
688 | else if (errno != 0 || buffer[0] == 0) | |
689 | { | |
0756eb3c PH |
690 | save_errno = errno; |
691 | check_response(&save_errno, addr->more_errno, buffer, &code, | |
692 | &(addr->message)); | |
693 | addr->transport_return = (code == '5')? FAIL : DEFER; | |
d7978c0f | 694 | for (address_item * a = addr->next; a; a = a->next) |
0756eb3c PH |
695 | { |
696 | if (a->transport_return != PENDING_OK) continue; | |
697 | a->basic_errno = addr->basic_errno; | |
698 | a->message = addr->message; | |
699 | a->transport_return = addr->transport_return; | |
700 | } | |
701 | break; | |
702 | } | |
703 | ||
704 | /* Otherwise, it's an LMTP error code return for one address */ | |
705 | ||
706 | else | |
707 | { | |
e97957bc PH |
708 | if (buffer[0] == '4') |
709 | { | |
710 | addr->basic_errno = ERRNO_DATA4XX; | |
711 | addr->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8; | |
712 | } | |
0756eb3c PH |
713 | addr->message = string_sprintf("LMTP error after %s: %s", big_buffer, |
714 | string_printing(buffer)); | |
715 | addr->transport_return = (buffer[0] == '5')? FAIL : DEFER; | |
99ea1c86 | 716 | setflag(addr, af_pass_message); /* Allow message to go to user */ |
0756eb3c PH |
717 | } |
718 | } | |
719 | } | |
720 | ||
721 | /* The message transaction has completed successfully - this doesn't mean that | |
722 | all the addresses have necessarily been transferred, but each has its status | |
723 | set, so we change the yield to TRUE. */ | |
724 | ||
725 | yield = TRUE; | |
726 | (void) lmtp_write_command(fd_in, "QUIT\r\n"); | |
727 | (void) lmtp_read_response(out, buffer, sizeof(buffer), '2', 1); | |
728 | ||
729 | goto RETURN; | |
730 | ||
731 | ||
732 | /* Come here if any call to read_response, other than a response after the data | |
733 | phase, failed. Put the error in the top address - this will be replicated | |
e97957bc PH |
734 | because the yield is still FALSE. (But omit ETIMEDOUT, as there will already be |
735 | a suitable message.) Analyse the error, and if if isn't too bad, send a QUIT | |
736 | command. Wait for the response with a short timeout, so we don't wind up this | |
737 | process before the far end has had time to read the QUIT. */ | |
0756eb3c PH |
738 | |
739 | RESPONSE_FAILED: | |
740 | ||
741 | save_errno = errno; | |
e97957bc | 742 | if (errno != ETIMEDOUT && errno != 0) addrlist->basic_errno = errno; |
0756eb3c PH |
743 | addrlist->message = NULL; |
744 | ||
745 | if (check_response(&save_errno, addrlist->more_errno, | |
746 | buffer, &code, &(addrlist->message))) | |
747 | { | |
748 | (void) lmtp_write_command(fd_in, "QUIT\r\n"); | |
749 | (void) lmtp_read_response(out, buffer, sizeof(buffer), '2', 1); | |
750 | } | |
751 | ||
752 | addrlist->transport_return = (code == '5')? FAIL : DEFER; | |
753 | if (code == '4' && save_errno > 0) | |
754 | addrlist->message = string_sprintf("%s: %s", addrlist->message, | |
755 | strerror(save_errno)); | |
756 | goto KILL_AND_RETURN; | |
757 | ||
758 | /* Come here if there are errors during writing of a command or the message | |
759 | itself. This error will be applied to all the addresses. */ | |
760 | ||
761 | WRITE_FAILED: | |
762 | ||
763 | addrlist->transport_return = PANIC; | |
764 | addrlist->basic_errno = errno; | |
765 | if (errno == ERRNO_CHHEADER_FAIL) | |
766 | addrlist->message = | |
767 | string_sprintf("Failed to expand headers_add or headers_remove: %s", | |
768 | expand_string_message); | |
769 | else if (errno == ERRNO_FILTER_FAIL) | |
f3ebb786 | 770 | addrlist->message = US"Filter process failure"; |
0756eb3c | 771 | else if (errno == ERRNO_WRITEINCOMPLETE) |
f3ebb786 | 772 | addrlist->message = US"Failed repeatedly to write data"; |
0756eb3c PH |
773 | else if (errno == ERRNO_SMTPFORMAT) |
774 | addrlist->message = US"overlong LMTP command generated"; | |
775 | else | |
776 | addrlist->message = string_sprintf("Error %d", errno); | |
777 | ||
778 | /* Come here after errors. Kill off the process. */ | |
779 | ||
780 | KILL_AND_RETURN: | |
781 | ||
782 | if (pid > 0) killpg(pid, SIGKILL); | |
783 | ||
784 | /* Come here from all paths after the subprocess is created. Wait for the | |
785 | process, but with a timeout. */ | |
786 | ||
787 | RETURN: | |
788 | ||
789 | (void)child_close(pid, timeout); | |
790 | ||
f1e894f3 PH |
791 | if (fd_in >= 0) (void)close(fd_in); |
792 | if (fd_out >= 0) (void)fclose(out); | |
0756eb3c PH |
793 | |
794 | DEBUG(D_transport) | |
795 | debug_printf("%s transport yields %d\n", tblock->name, yield); | |
796 | ||
797 | return yield; | |
55414b25 JH |
798 | |
799 | ||
800 | MINUS_N: | |
801 | DEBUG(D_transport) | |
802 | debug_printf("*** delivery by %s transport bypassed by -N option", | |
803 | tblock->name); | |
804 | addrlist->transport_return = OK; | |
805 | return FALSE; | |
0756eb3c PH |
806 | } |
807 | ||
d185889f | 808 | #endif /*!MACRO_PREDEF*/ |
0756eb3c | 809 | /* End of transport/lmtp.c */ |