projects / exim.git / blame
| Commit | Line | Data |
|---|---|---|
| 0756eb3c PH |
1 | /************************************************* |
| 2 | * Exim - an Internet mail transport agent * | |
| 3 | *************************************************/ | |
| 4 | ||
| f9ba5e22 | 5 | /* Copyright (c) University of Cambridge 1995 - 2018 */ |
| 0756eb3c PH |
6 | /* See the file NOTICE for conditions of use and distribution. */ |
| 7 | ||
| 8 | ||
| 9 | #include "../exim.h" | |
| 10 | #include "lmtp.h" | |
| 11 | ||
| 12 | #define PENDING_OK 256 | |
| 13 | ||
| 14 | ||
| 15 | /* Options specific to the lmtp transport. They must be in alphabetic | |
| 16 | order (note that "_" comes before the lower case letters). Those starting | |
| 17 | with "*" are not settable by the user but are used by the option-reading | |
| 18 | software for alternative value types. Some options are stored in the transport | |
| 19 | instance block so as to be publicly visible; these are flagged with opt_public. | |
| 20 | */ | |
| 21 | ||
| 22 | optionlist lmtp_transport_options[] = { | |
| 23 | { "batch_id", opt_stringptr | opt_public, | |
| 24 | (void *)offsetof(transport_instance, batch_id) }, | |
| 25 | { "batch_max", opt_int | opt_public, | |
| 26 | (void *)offsetof(transport_instance, batch_max) }, | |
| 27 | { "command", opt_stringptr, | |
| 28 | (void *)offsetof(lmtp_transport_options_block, cmd) }, | |
| f1513293 PH |
29 | { "ignore_quota", opt_bool, |
| 30 | (void *)offsetof(lmtp_transport_options_block, ignore_quota) }, | |
| 0756eb3c PH |
31 | { "socket", opt_stringptr, |
| 32 | (void *)offsetof(lmtp_transport_options_block, skt) }, | |
| 33 | { "timeout", opt_time, | |
| 34 | (void *)offsetof(lmtp_transport_options_block, timeout) } | |
| 35 | }; | |
| 36 | ||
| 37 | /* Size of the options list. An extern variable has to be used so that its | |
| 38 | address can appear in the tables drtables.c. */ | |
| 39 | ||
| 40 | int lmtp_transport_options_count = | |
| 41 | sizeof(lmtp_transport_options)/sizeof(optionlist); | |
| 42 | ||
| d185889f JH |
43 | |
| 44 | #ifdef MACRO_PREDEF | |
| 45 | ||
| 46 | /* Dummy values */ | |
| 47 | lmtp_transport_options_block lmtp_transport_option_defaults = {0}; | |
| 48 | void lmtp_transport_init(transport_instance *tblock) {} | |
| 49 | BOOL lmtp_transport_entry(transport_instance *tblock, address_item *addr) {return FALSE;} | |
| 50 | ||
| 51 | #else /*!MACRO_PREDEF*/ | |
| 52 | ||
| 53 | ||
| 0756eb3c PH |
54 | /* Default private options block for the lmtp transport. */ |
| 55 | ||
| 56 | lmtp_transport_options_block lmtp_transport_option_defaults = { | |
| 57 | NULL, /* cmd */ | |
| 58 | NULL, /* skt */ | |
| 59 | 5*60, /* timeout */ | |
| f1513293 PH |
60 | 0, /* options */ |
| 61 | FALSE /* ignore_quota */ | |
| 0756eb3c PH |
62 | }; |
| 63 | ||
| 64 | ||
| 65 | ||
| 66 | /************************************************* | |
| 67 | * Initialization entry point * | |
| 68 | *************************************************/ | |
| 69 | ||
| 70 | /* Called for each instance, after its options have been read, to | |
| 71 | enable consistency checks to be done, or anything else that needs | |
| 72 | to be set up. */ | |
| 73 | ||
| 74 | void | |
| 75 | lmtp_transport_init(transport_instance *tblock) | |
| 76 | { | |
| 77 | lmtp_transport_options_block *ob = | |
| 78 | (lmtp_transport_options_block *)(tblock->options_block); | |
| 79 | ||
| 80 | /* Either the command field or the socket field must be set */ | |
| 81 | ||
| 82 | if ((ob->cmd == NULL) == (ob->skt == NULL)) | |
| 83 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG, | |
| 84 | "one (and only one) of command or socket must be set for the %s transport", | |
| 85 | tblock->name); | |
| 86 | ||
| 87 | /* If a fixed uid field is set, then a gid field must also be set. */ | |
| 88 | ||
| 89 | if (tblock->uid_set && !tblock->gid_set && tblock->expand_gid == NULL) | |
| 90 | log_write(0, LOG_PANIC_DIE|LOG_CONFIG, | |
| 91 | "user set without group for the %s transport", tblock->name); | |
| 92 | ||
| 93 | /* Set up the bitwise options for transport_write_message from the various | |
| 94 | driver options. Only one of body_only and headers_only can be set. */ | |
| 95 | ||
| 96 | ob->options |= | |
| 97 | (tblock->body_only? topt_no_headers : 0) | | |
| 98 | (tblock->headers_only? topt_no_body : 0) | | |
| 99 | (tblock->return_path_add? topt_add_return_path : 0) | | |
| 100 | (tblock->delivery_date_add? topt_add_delivery_date : 0) | | |
| 101 | (tblock->envelope_to_add? topt_add_envelope_to : 0) | | |
| 102 | topt_use_crlf | topt_end_dot; | |
| 103 | } | |
| 104 | ||
| 105 | ||
| 106 | /************************************************* | |
| 107 | * Check an LMTP response * | |
| 108 | *************************************************/ | |
| 109 | ||
| 110 | /* This function is given an errno code and the LMTP response buffer to | |
| 111 | analyse. It sets an appropriate message and puts the first digit of the | |
| 112 | response code into the yield variable. If no response was actually read, a | |
| 113 | suitable digit is chosen. | |
| 114 | ||
| 115 | Arguments: | |
| 116 | errno_value pointer to the errno value | |
| 117 | more_errno from the top address for use with ERRNO_FILTER_FAIL | |
| 118 | buffer the LMTP response buffer | |
| 119 | yield where to put a one-digit LMTP response code | |
| 4c04137d | 120 | message where to put an error message |
| 0756eb3c PH |
121 | |
| 122 | Returns: TRUE if a "QUIT" command should be sent, else FALSE | |
| 123 | */ | |
| 124 | ||
| fc243e94 JH |
125 | static BOOL |
| 126 | check_response(int *errno_value, int more_errno, uschar *buffer, | |
| 0756eb3c PH |
127 | int *yield, uschar **message) |
| 128 | { | |
| 129 | *yield = '4'; /* Default setting is to give a temporary error */ | |
| 130 | ||
| 131 | /* Handle response timeout */ | |
| 132 | ||
| 133 | if (*errno_value == ETIMEDOUT) | |
| 134 | { | |
| 135 | *message = string_sprintf("LMTP timeout after %s", big_buffer); | |
| 136 | if (transport_count > 0) | |
| 137 | *message = string_sprintf("%s (%d bytes written)", *message, | |
| 138 | transport_count); | |
| 139 | *errno_value = 0; | |
| 140 | return FALSE; | |
| 141 | } | |
| 142 | ||
| 143 | /* Handle malformed LMTP response */ | |
| 144 | ||
| 145 | if (*errno_value == ERRNO_SMTPFORMAT) | |
| 146 | { | |
| 147 | *message = string_sprintf("Malformed LMTP response after %s: %s", | |
| 148 | big_buffer, string_printing(buffer)); | |
| 149 | return FALSE; | |
| 150 | } | |
| 151 | ||
| 152 | /* Handle a failed filter process error; can't send QUIT as we mustn't | |
| 153 | end the DATA. */ | |
| 154 | ||
| 155 | if (*errno_value == ERRNO_FILTER_FAIL) | |
| 156 | { | |
| 8e669ac1 PH |
157 | *message = string_sprintf("transport filter process failed (%d)%s", |
| 158 | more_errno, | |
| 35af9f61 | 159 | (more_errno == EX_EXECFAILED)? ": unable to execute command" : ""); |
| 0756eb3c PH |
160 | return FALSE; |
| 161 | } | |
| 162 | ||
| 163 | /* Handle a failed add_headers expansion; can't send QUIT as we mustn't | |
| 164 | end the DATA. */ | |
| 165 | ||
| 166 | if (*errno_value == ERRNO_CHHEADER_FAIL) | |
| 167 | { | |
| 168 | *message = | |
| 169 | string_sprintf("failed to expand headers_add or headers_remove: %s", | |
| 170 | expand_string_message); | |
| 171 | return FALSE; | |
| 172 | } | |
| 173 | ||
| 174 | /* Handle failure to write a complete data block */ | |
| 175 | ||
| 176 | if (*errno_value == ERRNO_WRITEINCOMPLETE) | |
| 177 | { | |
| 178 | *message = string_sprintf("failed to write a data block"); | |
| 179 | return FALSE; | |
| 180 | } | |
| 181 | ||
| 182 | /* Handle error responses from the remote process. */ | |
| 183 | ||
| 184 | if (buffer[0] != 0) | |
| 185 | { | |
| 55414b25 | 186 | const uschar *s = string_printing(buffer); |
| 0756eb3c PH |
187 | *message = string_sprintf("LMTP error after %s: %s", big_buffer, s); |
| 188 | *yield = buffer[0]; | |
| 189 | return TRUE; | |
| 190 | } | |
| 191 | ||
| 192 | /* No data was read. If there is no errno, this must be the EOF (i.e. | |
| 193 | connection closed) case, which causes deferral. Otherwise, leave the errno | |
| 194 | value to be interpreted. In all cases, we have to assume the connection is now | |
| 195 | dead. */ | |
| 196 | ||
| 197 | if (*errno_value == 0) | |
| 198 | { | |
| 199 | *errno_value = ERRNO_SMTPCLOSED; | |
| 200 | *message = string_sprintf("LMTP connection closed after %s", big_buffer); | |
| 201 | } | |
| 202 | ||
| 203 | return FALSE; | |
| 204 | } | |
| 205 | ||
| 206 | ||
| 207 | ||
| 208 | /************************************************* | |
| 209 | * Write LMTP command * | |
| 210 | *************************************************/ | |
| 211 | ||
| 212 | /* The formatted command is left in big_buffer so that it can be reflected in | |
| 213 | any error message. | |
| 214 | ||
| 215 | Arguments: | |
| 216 | fd the fd to write to | |
| 217 | format a format, starting with one of | |
| 218 | of HELO, MAIL FROM, RCPT TO, DATA, ".", or QUIT. | |
| 219 | ... data for the format | |
| 220 | ||
| 221 | Returns: TRUE if successful, FALSE if not, with errno set | |
| 222 | */ | |
| 223 | ||
| 224 | static BOOL | |
| 1ba28e2b | 225 | lmtp_write_command(int fd, const char *format, ...) |
| 0756eb3c | 226 | { |
| d12746bc JH |
227 | gstring gs = { .size = big_buffer_size, .ptr = 0, .s = big_buffer }; |
| 228 | int rc; | |
| 0756eb3c | 229 | va_list ap; |
| d12746bc | 230 | |
| 0756eb3c | 231 | va_start(ap, format); |
| d12746bc | 232 | if (!string_vformat(&gs, FALSE, CS format, ap)) |
| 0756eb3c | 233 | { |
| cb570b5e | 234 | va_end(ap); |
| 0756eb3c PH |
235 | errno = ERRNO_SMTPFORMAT; |
| 236 | return FALSE; | |
| 237 | } | |
| 238 | va_end(ap); | |
| d12746bc JH |
239 | DEBUG(D_transport|D_v) debug_printf(" LMTP>> %s", string_from_gstring(&gs)); |
| 240 | rc = write(fd, gs.s, gs.ptr); | |
| 241 | gs.ptr -= 2; string_from_gstring(&gs); /* remove \r\n for debug and error message */ | |
| 0756eb3c PH |
242 | if (rc > 0) return TRUE; |
| 243 | DEBUG(D_transport) debug_printf("write failed: %s\n", strerror(errno)); | |
| 244 | return FALSE; | |
| 245 | } | |
| 246 | ||
| 247 | ||
| 248 | ||
| 249 | ||
| 250 | /************************************************* | |
| 251 | * Read LMTP response * | |
| 252 | *************************************************/ | |
| 253 | ||
| 254 | /* This function reads an LMTP response with a timeout, and returns the | |
| 255 | response in the given buffer. It also analyzes the first digit of the reply | |
| 256 | code and returns FALSE if it is not acceptable. | |
| 257 | ||
| 258 | FALSE is also returned after a reading error. In this case buffer[0] will be | |
| 259 | zero, and the error code will be in errno. | |
| 260 | ||
| 261 | Arguments: | |
| 262 | f a file to read from | |
| 263 | buffer where to put the response | |
| 264 | size the size of the buffer | |
| 265 | okdigit the expected first digit of the response | |
| 266 | timeout the timeout to use | |
| 267 | ||
| 268 | Returns: TRUE if a valid, non-error response was received; else FALSE | |
| 269 | */ | |
| 270 | ||
| 271 | static BOOL | |
| 272 | lmtp_read_response(FILE *f, uschar *buffer, int size, int okdigit, int timeout) | |
| 273 | { | |
| 274 | int count; | |
| 275 | uschar *ptr = buffer; | |
| 276 | uschar *readptr = buffer; | |
| 277 | ||
| 278 | /* Ensure errno starts out zero */ | |
| 279 | ||
| 280 | errno = 0; | |
| 281 | ||
| 282 | /* Loop for handling LMTP responses that do not all come in one line. */ | |
| 283 | ||
| 284 | for (;;) | |
| 285 | { | |
| 286 | /* If buffer is too full, something has gone wrong. */ | |
| 287 | ||
| 288 | if (size < 10) | |
| 289 | { | |
| 290 | *readptr = 0; | |
| 291 | errno = ERRNO_SMTPFORMAT; | |
| 292 | return FALSE; | |
| 293 | } | |
| 294 | ||
| 295 | /* Loop to cover the read getting interrupted. */ | |
| 296 | ||
| 297 | for (;;) | |
| 298 | { | |
| 299 | char *rc; | |
| 300 | int save_errno; | |
| 301 | ||
| 302 | *readptr = 0; /* In case nothing gets read */ | |
| 303 | sigalrm_seen = FALSE; | |
| c2a1bba0 | 304 | ALARM(timeout); |
| 0756eb3c PH |
305 | rc = Ufgets(readptr, size-1, f); |
| 306 | save_errno = errno; | |
| c2a1bba0 | 307 | ALARM_CLR(0); |
| 0756eb3c PH |
308 | errno = save_errno; |
| 309 | ||
| 310 | if (rc != NULL) break; /* A line has been read */ | |
| 311 | ||
| 312 | /* Handle timeout; must do this first because it uses EINTR */ | |
| 313 | ||
| 314 | if (sigalrm_seen) errno = ETIMEDOUT; | |
| 315 | ||
| 316 | /* If some other interrupt arrived, just retry. We presume this to be rare, | |
| 317 | but it can happen (e.g. the SIGUSR1 signal sent by exiwhat causes | |
| 318 | read() to exit). */ | |
| 319 | ||
| 320 | else if (errno == EINTR) | |
| 321 | { | |
| 322 | DEBUG(D_transport) debug_printf("EINTR while reading LMTP response\n"); | |
| 323 | continue; | |
| 324 | } | |
| 325 | ||
| 326 | /* Handle other errors, including EOF; ensure buffer is completely empty. */ | |
| 327 | ||
| 328 | buffer[0] = 0; | |
| 329 | return FALSE; | |
| 330 | } | |
| 331 | ||
| 332 | /* Adjust size in case we have to read another line, and adjust the | |
| 333 | count to be the length of the line we are about to inspect. */ | |
| 334 | ||
| 335 | count = Ustrlen(readptr); | |
| 336 | size -= count; | |
| 337 | count += readptr - ptr; | |
| 338 | ||
| 339 | /* See if the final two characters in the buffer are \r\n. If not, we | |
| 340 | have to read some more. At least, that is what we should do on a strict | |
| 341 | interpretation of the RFC. But accept LF as well, as we do for SMTP. */ | |
| 342 | ||
| 343 | if (ptr[count-1] != '\n') | |
| 344 | { | |
| 345 | DEBUG(D_transport) | |
| 346 | { | |
| 0756eb3c | 347 | debug_printf("LMTP input line incomplete in one buffer:\n "); |
| d7978c0f | 348 | for (int i = 0; i < count; i++) |
| 0756eb3c PH |
349 | { |
| 350 | int c = (ptr[i]); | |
| 351 | if (mac_isprint(c)) debug_printf("%c", c); else debug_printf("<%d>", c); | |
| 352 | } | |
| 353 | debug_printf("\n"); | |
| 354 | } | |
| 355 | readptr = ptr + count; | |
| 356 | continue; | |
| 357 | } | |
| 358 | ||
| 359 | /* Remove any whitespace at the end of the buffer. This gets rid of CR, LF | |
| 360 | etc. at the end. Show it, if debugging, formatting multi-line responses. */ | |
| 361 | ||
| 362 | while (count > 0 && isspace(ptr[count-1])) count--; | |
| 363 | ptr[count] = 0; | |
| 364 | ||
| 365 | DEBUG(D_transport|D_v) | |
| 366 | { | |
| 367 | uschar *s = ptr; | |
| 368 | uschar *t = ptr; | |
| 369 | while (*t != 0) | |
| 370 | { | |
| 371 | while (*t != 0 && *t != '\n') t++; | |
| 372 | debug_printf(" %s %*s\n", (s == ptr)? "LMTP<<" : " ", | |
| 373 | (int)(t-s), s); | |
| 374 | if (*t == 0) break; | |
| 375 | s = t = t + 1; | |
| 376 | } | |
| 377 | } | |
| 378 | ||
| 379 | /* Check the format of the response: it must start with three digits; if | |
| 380 | these are followed by a space or end of line, the response is complete. If | |
| 381 | they are followed by '-' this is a multi-line response and we must look for | |
| 382 | another line until the final line is reached. The only use made of multi-line | |
| 383 | responses is to pass them back as error messages. We therefore just | |
| 384 | concatenate them all within the buffer, which should be large enough to | |
| 385 | accept any reasonable number of lines. A multiline response may already | |
| 386 | have been read in one go - hence the loop here. */ | |
| 387 | ||
| 388 | for(;;) | |
| 389 | { | |
| 390 | uschar *p; | |
| 391 | if (count < 3 || | |
| 392 | !isdigit(ptr[0]) || | |
| 393 | !isdigit(ptr[1]) || | |
| 394 | !isdigit(ptr[2]) || | |
| 395 | (ptr[3] != '-' && ptr[3] != ' ' && ptr[3] != 0)) | |
| 396 | { | |
| 397 | errno = ERRNO_SMTPFORMAT; /* format error */ | |
| 398 | return FALSE; | |
| 399 | } | |
| 400 | ||
| 401 | /* If a single-line response, exit the loop */ | |
| 402 | ||
| 403 | if (ptr[3] != '-') break; | |
| 404 | ||
| 405 | /* For a multi-line response see if the next line is already read, and if | |
| 406 | so, stay in this loop to check it. */ | |
| 407 | ||
| 408 | p = ptr + 3; | |
| 409 | while (*(++p) != 0) | |
| 410 | { | |
| 411 | if (*p == '\n') | |
| 412 | { | |
| 413 | ptr = ++p; | |
| 414 | break; | |
| 415 | } | |
| 416 | } | |
| 417 | if (*p == 0) break; /* No more lines to check */ | |
| 418 | } | |
| 419 | ||
| 420 | /* End of response. If the last of the lines we are looking at is the final | |
| 421 | line, we are done. Otherwise more data has to be read. */ | |
| 422 | ||
| 423 | if (ptr[3] != '-') break; | |
| 424 | ||
| 425 | /* Move the reading pointer upwards in the buffer and insert \n in case this | |
| 426 | is an error message that subsequently gets printed. Set the scanning pointer | |
| 427 | to the reading pointer position. */ | |
| 428 | ||
| 429 | ptr += count; | |
| 430 | *ptr++ = '\n'; | |
| 431 | size--; | |
| 432 | readptr = ptr; | |
| 433 | } | |
| 434 | ||
| 435 | /* Return a value that depends on the LMTP return code. Ensure that errno is | |
| 436 | zero, because the caller of this function looks at errno when FALSE is | |
| 437 | returned, to distinguish between an unexpected return code and other errors | |
| 438 | such as timeouts, lost connections, etc. */ | |
| 439 | ||
| 440 | errno = 0; | |
| 441 | return buffer[0] == okdigit; | |
| 442 | } | |
| 443 | ||
| 444 | ||
| 445 | ||
| 446 | ||
| 447 | ||
| 448 | ||
| 449 | /************************************************* | |
| 450 | * Main entry point * | |
| 451 | *************************************************/ | |
| 452 | ||
| 453 | /* See local README for interface details. For setup-errors, this transport | |
| 454 | returns FALSE, indicating that the first address has the status for all; in | |
| 455 | normal cases it returns TRUE, indicating that each address has its own status | |
| 456 | set. */ | |
| 457 | ||
| 458 | BOOL | |
| 459 | lmtp_transport_entry( | |
| 460 | transport_instance *tblock, /* data for this instantiation */ | |
| 461 | address_item *addrlist) /* address(es) we are working on */ | |
| 462 | { | |
| 463 | pid_t pid = 0; | |
| 464 | FILE *out; | |
| 465 | lmtp_transport_options_block *ob = | |
| 466 | (lmtp_transport_options_block *)(tblock->options_block); | |
| 467 | struct sockaddr_un sockun; /* don't call this "sun" ! */ | |
| 468 | int timeout = ob->timeout; | |
| 469 | int fd_in = -1, fd_out = -1; | |
| 470 | int code, save_errno; | |
| 471 | BOOL send_data; | |
| 472 | BOOL yield = FALSE; | |
| f1513293 | 473 | uschar *igquotstr = US""; |
| 0756eb3c | 474 | uschar *sockname = NULL; |
| 55414b25 | 475 | const uschar **argv; |
| 0756eb3c PH |
476 | uschar buffer[256]; |
| 477 | ||
| 478 | DEBUG(D_transport) debug_printf("%s transport entered\n", tblock->name); | |
| 479 | ||
| 480 | /* Initialization ensures that either a command or a socket is specified, but | |
| 481 | not both. When a command is specified, call the common function for creating an | |
| 482 | argument list and expanding the items. */ | |
| 483 | ||
| 55414b25 | 484 | if (ob->cmd) |
| 0756eb3c PH |
485 | { |
| 486 | DEBUG(D_transport) debug_printf("using command %s\n", ob->cmd); | |
| 487 | sprintf(CS buffer, "%.50s transport", tblock->name); | |
| 488 | if (!transport_set_up_command(&argv, ob->cmd, TRUE, PANIC, addrlist, buffer, | |
| 489 | NULL)) | |
| 490 | return FALSE; | |
| 55414b25 JH |
491 | |
| 492 | /* If the -N option is set, can't do any more. Presume all has gone well. */ | |
| 8768d548 | 493 | if (f.dont_deliver) |
| 55414b25 JH |
494 | goto MINUS_N; |
| 495 | ||
| 496 | /* As this is a local transport, we are already running with the required | |
| 497 | uid/gid and current directory. Request that the new process be a process group | |
| 498 | leader, so we can kill it and all its children on an error. */ | |
| 499 | ||
| 500 | if ((pid = child_open(USS argv, NULL, 0, &fd_in, &fd_out, TRUE)) < 0) | |
| 501 | { | |
| 502 | addrlist->message = string_sprintf( | |
| 503 | "Failed to create child process for %s transport: %s", tblock->name, | |
| 504 | strerror(errno)); | |
| 505 | return FALSE; | |
| 506 | } | |
| 0756eb3c PH |
507 | } |
| 508 | ||
| 509 | /* When a socket is specified, expand the string and create a socket. */ | |
| 510 | ||
| 511 | else | |
| 512 | { | |
| 513 | DEBUG(D_transport) debug_printf("using socket %s\n", ob->skt); | |
| 514 | sockname = expand_string(ob->skt); | |
| 515 | if (sockname == NULL) | |
| 516 | { | |
| 517 | addrlist->message = string_sprintf("Expansion of \"%s\" (socket setting " | |
| 518 | "for %s transport) failed: %s", ob->skt, tblock->name, | |
| 519 | expand_string_message); | |
| 520 | return FALSE; | |
| 521 | } | |
| 522 | if ((fd_in = fd_out = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) | |
| 523 | { | |
| 524 | addrlist->message = string_sprintf( | |
| 525 | "Failed to create socket %s for %s transport: %s", | |
| 526 | ob->skt, tblock->name, strerror(errno)); | |
| 527 | return FALSE; | |
| 528 | } | |
| 0756eb3c | 529 | |
| 55414b25 | 530 | /* If the -N option is set, can't do any more. Presume all has gone well. */ |
| 8768d548 | 531 | if (f.dont_deliver) |
| 55414b25 | 532 | goto MINUS_N; |
| 0756eb3c | 533 | |
| 0756eb3c PH |
534 | sockun.sun_family = AF_UNIX; |
| 535 | sprintf(sockun.sun_path, "%.*s", (int)(sizeof(sockun.sun_path)-1), sockname); | |
| 536 | if(connect(fd_out, (struct sockaddr *)(&sockun), sizeof(sockun)) == -1) | |
| 537 | { | |
| 538 | addrlist->message = string_sprintf( | |
| 539 | "Failed to connect to socket %s for %s transport: %s", | |
| 540 | sockun.sun_path, tblock->name, strerror(errno)); | |
| 541 | return FALSE; | |
| 542 | } | |
| 543 | } | |
| 544 | ||
| 55414b25 | 545 | |
| 0756eb3c PH |
546 | /* Make the output we are going to read into a file. */ |
| 547 | ||
| 548 | out = fdopen(fd_out, "rb"); | |
| 549 | ||
| 550 | /* Now we must implement the LMTP protocol. It is like SMTP, except that after | |
| 551 | the end of the message, a return code for every accepted RCPT TO is sent. This | |
| 552 | allows for message+recipient checks after the message has been received. */ | |
| 553 | ||
| 554 | /* First thing is to wait for an initial greeting. */ | |
| 555 | ||
| 556 | Ustrcpy(big_buffer, "initial connection"); | |
| 557 | if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', | |
| 558 | timeout)) goto RESPONSE_FAILED; | |
| 559 | ||
| 560 | /* Next, we send a LHLO command, and expect a positive response */ | |
| 561 | ||
| 562 | if (!lmtp_write_command(fd_in, "%s %s\r\n", "LHLO", | |
| 563 | primary_hostname)) goto WRITE_FAILED; | |
| 564 | ||
| 565 | if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', | |
| 566 | timeout)) goto RESPONSE_FAILED; | |
| 567 | ||
| f1513293 PH |
568 | /* If the ignore_quota option is set, note whether the server supports the |
| 569 | IGNOREQUOTA option, and if so, set an appropriate addition for RCPT. */ | |
| 570 | ||
| 571 | if (ob->ignore_quota) | |
| 572 | igquotstr = (pcre_exec(regex_IGNOREQUOTA, NULL, CS buffer, | |
| 573 | Ustrlen(CS buffer), 0, PCRE_EOPT, NULL, 0) >= 0)? US" IGNOREQUOTA" : US""; | |
| 574 | ||
| 0756eb3c PH |
575 | /* Now the envelope sender */ |
| 576 | ||
| 577 | if (!lmtp_write_command(fd_in, "MAIL FROM:<%s>\r\n", return_path)) | |
| 578 | goto WRITE_FAILED; | |
| 579 | ||
| 580 | if (!lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout)) | |
| e97957bc PH |
581 | { |
| 582 | if (errno == 0 && buffer[0] == '4') | |
| 583 | { | |
| 584 | errno = ERRNO_MAIL4XX; | |
| 585 | addrlist->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8; | |
| 586 | } | |
| 0756eb3c | 587 | goto RESPONSE_FAILED; |
| e97957bc | 588 | } |
| 0756eb3c PH |
589 | |
| 590 | /* Next, we hand over all the recipients. Some may be permanently or | |
| 591 | temporarily rejected; others may be accepted, for now. */ | |
| 592 | ||
| 593 | send_data = FALSE; | |
| d7978c0f | 594 | for (address_item * addr = addrlist; addr; addr = addr->next) |
| 0756eb3c | 595 | { |
| f1513293 PH |
596 | if (!lmtp_write_command(fd_in, "RCPT TO:<%s>%s\r\n", |
| 597 | transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr)) | |
| 0756eb3c PH |
598 | goto WRITE_FAILED; |
| 599 | if (lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout)) | |
| 600 | { | |
| 601 | send_data = TRUE; | |
| 602 | addr->transport_return = PENDING_OK; | |
| 603 | } | |
| 604 | else | |
| 605 | { | |
| 606 | if (errno != 0 || buffer[0] == 0) goto RESPONSE_FAILED; | |
| 607 | addr->message = string_sprintf("LMTP error after %s: %s", big_buffer, | |
| 608 | string_printing(buffer)); | |
| 99ea1c86 | 609 | setflag(addr, af_pass_message); /* Allow message to go to user */ |
| 0756eb3c PH |
610 | if (buffer[0] == '5') addr->transport_return = FAIL; else |
| 611 | { | |
| 0756eb3c | 612 | addr->basic_errno = ERRNO_RCPT4XX; |
| e97957bc | 613 | addr->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8; |
| 0756eb3c PH |
614 | } |
| 615 | } | |
| 616 | } | |
| 617 | ||
| 618 | /* Now send the text of the message if there were any good recipients. */ | |
| 619 | ||
| 620 | if (send_data) | |
| 621 | { | |
| 622 | BOOL ok; | |
| 65de12cc | 623 | transport_ctx tctx = { |
| cab0c277 | 624 | {fd_in}, |
| 65de12cc JH |
625 | tblock, |
| 626 | addrlist, | |
| 6d5c916c | 627 | US".", US"..", |
| 65de12cc JH |
628 | ob->options |
| 629 | }; | |
| 0756eb3c PH |
630 | |
| 631 | if (!lmtp_write_command(fd_in, "DATA\r\n")) goto WRITE_FAILED; | |
| 632 | if (!lmtp_read_response(out, buffer, sizeof(buffer), '3', timeout)) | |
| e97957bc PH |
633 | { |
| 634 | if (errno == 0 && buffer[0] == '4') | |
| 635 | { | |
| 636 | errno = ERRNO_DATA4XX; | |
| 637 | addrlist->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8; | |
| 638 | } | |
| 0756eb3c | 639 | goto RESPONSE_FAILED; |
| e97957bc | 640 | } |
| 0756eb3c PH |
641 | |
| 642 | sigalrm_seen = FALSE; | |
| 643 | transport_write_timeout = timeout; | |
| 644 | Ustrcpy(big_buffer, "sending data block"); /* For error messages */ | |
| 645 | DEBUG(D_transport|D_v) | |
| 646 | debug_printf(" LMTP>> writing message and terminating \".\"\n"); | |
| 647 | ||
| 648 | transport_count = 0; | |
| 42055a33 | 649 | ok = transport_write_message(&tctx, 0); |
| 0756eb3c PH |
650 | |
| 651 | /* Failure can either be some kind of I/O disaster (including timeout), | |
| 652 | or the failure of a transport filter or the expansion of added headers. */ | |
| 653 | ||
| 654 | if (!ok) | |
| 655 | { | |
| 656 | buffer[0] = 0; /* There hasn't been a response */ | |
| 657 | goto RESPONSE_FAILED; | |
| 658 | } | |
| 659 | ||
| 660 | Ustrcpy(big_buffer, "end of data"); /* For error messages */ | |
| 661 | ||
| 662 | /* We now expect a response for every address that was accepted above, | |
| 663 | in the same order. For those that get a response, their status is fixed; | |
| 664 | any that are accepted have been handed over, even if later responses crash - | |
| 665 | at least, that's how I read RFC 2033. */ | |
| 666 | ||
| d7978c0f | 667 | for (address_item * addr = addrlist; addr; addr = addr->next) |
| 0756eb3c PH |
668 | { |
| 669 | if (addr->transport_return != PENDING_OK) continue; | |
| 670 | ||
| 671 | if (lmtp_read_response(out, buffer, sizeof(buffer), '2', timeout)) | |
| 76f44207 | 672 | { |
| 0756eb3c | 673 | addr->transport_return = OK; |
| 6c6d6e48 | 674 | if (LOGGING(smtp_confirmation)) |
| 76f44207 | 675 | { |
| 55414b25 JH |
676 | const uschar *s = string_printing(buffer); |
| 677 | /* de-const safe here as string_printing known to have alloc'n'copied */ | |
| 5903c6ff | 678 | addr->message = (s == buffer)? US string_copy(s) : US s; |
| 76f44207 WB |
679 | } |
| 680 | } | |
| 0756eb3c PH |
681 | /* If the response has failed badly, use it for all the remaining pending |
| 682 | addresses and give up. */ | |
| 683 | ||
| 684 | else if (errno != 0 || buffer[0] == 0) | |
| 685 | { | |
| 0756eb3c PH |
686 | save_errno = errno; |
| 687 | check_response(&save_errno, addr->more_errno, buffer, &code, | |
| 688 | &(addr->message)); | |
| 689 | addr->transport_return = (code == '5')? FAIL : DEFER; | |
| d7978c0f | 690 | for (address_item * a = addr->next; a; a = a->next) |
| 0756eb3c PH |
691 | { |
| 692 | if (a->transport_return != PENDING_OK) continue; | |
| 693 | a->basic_errno = addr->basic_errno; | |
| 694 | a->message = addr->message; | |
| 695 | a->transport_return = addr->transport_return; | |
| 696 | } | |
| 697 | break; | |
| 698 | } | |
| 699 | ||
| 700 | /* Otherwise, it's an LMTP error code return for one address */ | |
| 701 | ||
| 702 | else | |
| 703 | { | |
| e97957bc PH |
704 | if (buffer[0] == '4') |
| 705 | { | |
| 706 | addr->basic_errno = ERRNO_DATA4XX; | |
| 707 | addr->more_errno |= ((buffer[1] - '0')*10 + buffer[2] - '0') << 8; | |
| 708 | } | |
| 0756eb3c PH |
709 | addr->message = string_sprintf("LMTP error after %s: %s", big_buffer, |
| 710 | string_printing(buffer)); | |
| 711 | addr->transport_return = (buffer[0] == '5')? FAIL : DEFER; | |
| 99ea1c86 | 712 | setflag(addr, af_pass_message); /* Allow message to go to user */ |
| 0756eb3c PH |
713 | } |
| 714 | } | |
| 715 | } | |
| 716 | ||
| 717 | /* The message transaction has completed successfully - this doesn't mean that | |
| 718 | all the addresses have necessarily been transferred, but each has its status | |
| 719 | set, so we change the yield to TRUE. */ | |
| 720 | ||
| 721 | yield = TRUE; | |
| 722 | (void) lmtp_write_command(fd_in, "QUIT\r\n"); | |
| 723 | (void) lmtp_read_response(out, buffer, sizeof(buffer), '2', 1); | |
| 724 | ||
| 725 | goto RETURN; | |
| 726 | ||
| 727 | ||
| 728 | /* Come here if any call to read_response, other than a response after the data | |
| 729 | phase, failed. Put the error in the top address - this will be replicated | |
| e97957bc PH |
730 | because the yield is still FALSE. (But omit ETIMEDOUT, as there will already be |
| 731 | a suitable message.) Analyse the error, and if if isn't too bad, send a QUIT | |
| 732 | command. Wait for the response with a short timeout, so we don't wind up this | |
| 733 | process before the far end has had time to read the QUIT. */ | |
| 0756eb3c PH |
734 | |
| 735 | RESPONSE_FAILED: | |
| 736 | ||
| 737 | save_errno = errno; | |
| e97957bc | 738 | if (errno != ETIMEDOUT && errno != 0) addrlist->basic_errno = errno; |
| 0756eb3c PH |
739 | addrlist->message = NULL; |
| 740 | ||
| 741 | if (check_response(&save_errno, addrlist->more_errno, | |
| 742 | buffer, &code, &(addrlist->message))) | |
| 743 | { | |
| 744 | (void) lmtp_write_command(fd_in, "QUIT\r\n"); | |
| 745 | (void) lmtp_read_response(out, buffer, sizeof(buffer), '2', 1); | |
| 746 | } | |
| 747 | ||
| 748 | addrlist->transport_return = (code == '5')? FAIL : DEFER; | |
| 749 | if (code == '4' && save_errno > 0) | |
| 750 | addrlist->message = string_sprintf("%s: %s", addrlist->message, | |
| 751 | strerror(save_errno)); | |
| 752 | goto KILL_AND_RETURN; | |
| 753 | ||
| 754 | /* Come here if there are errors during writing of a command or the message | |
| 755 | itself. This error will be applied to all the addresses. */ | |
| 756 | ||
| 757 | WRITE_FAILED: | |
| 758 | ||
| 759 | addrlist->transport_return = PANIC; | |
| 760 | addrlist->basic_errno = errno; | |
| 761 | if (errno == ERRNO_CHHEADER_FAIL) | |
| 762 | addrlist->message = | |
| 763 | string_sprintf("Failed to expand headers_add or headers_remove: %s", | |
| 764 | expand_string_message); | |
| 765 | else if (errno == ERRNO_FILTER_FAIL) | |
| 766 | addrlist->message = string_sprintf("Filter process failure"); | |
| 767 | else if (errno == ERRNO_WRITEINCOMPLETE) | |
| 768 | addrlist->message = string_sprintf("Failed repeatedly to write data"); | |
| 769 | else if (errno == ERRNO_SMTPFORMAT) | |
| 770 | addrlist->message = US"overlong LMTP command generated"; | |
| 771 | else | |
| 772 | addrlist->message = string_sprintf("Error %d", errno); | |
| 773 | ||
| 774 | /* Come here after errors. Kill off the process. */ | |
| 775 | ||
| 776 | KILL_AND_RETURN: | |
| 777 | ||
| 778 | if (pid > 0) killpg(pid, SIGKILL); | |
| 779 | ||
| 780 | /* Come here from all paths after the subprocess is created. Wait for the | |
| 781 | process, but with a timeout. */ | |
| 782 | ||
| 783 | RETURN: | |
| 784 | ||
| 785 | (void)child_close(pid, timeout); | |
| 786 | ||
| f1e894f3 PH |
787 | if (fd_in >= 0) (void)close(fd_in); |
| 788 | if (fd_out >= 0) (void)fclose(out); | |
| 0756eb3c PH |
789 | |
| 790 | DEBUG(D_transport) | |
| 791 | debug_printf("%s transport yields %d\n", tblock->name, yield); | |
| 792 | ||
| 793 | return yield; | |
| 55414b25 JH |
794 | |
| 795 | ||
| 796 | MINUS_N: | |
| 797 | DEBUG(D_transport) | |
| 798 | debug_printf("*** delivery by %s transport bypassed by -N option", | |
| 799 | tblock->name); | |
| 800 | addrlist->transport_return = OK; | |
| 801 | return FALSE; | |
| 0756eb3c PH |
802 | } |
| 803 | ||
| d185889f | 804 | #endif /*!MACRO_PREDEF*/ |
| 0756eb3c | 805 | /* End of transport/lmtp.c */ |