TLS: variables $tls_(in,out)_tlsver
[exim.git] / src / src / transports / smtp.c
CommitLineData
0756eb3c
PH
1/*************************************************
2* Exim - an Internet mail transport agent *
3*************************************************/
4
f9ba5e22 5/* Copyright (c) University of Cambridge 1995 - 2018 */
0756eb3c
PH
6/* See the file NOTICE for conditions of use and distribution. */
7
8#include "../exim.h"
9#include "smtp.h"
10
14ca5d2a
JH
11#if defined(SUPPORT_DANE) && defined(DISABLE_TLS)
12# error TLS is required for DANE
13#endif
14
0756eb3c
PH
15
16/* Options specific to the smtp transport. This transport also supports LMTP
17over TCP/IP. The options must be in alphabetic order (note that "_" comes
18before the lower case letters). Some live in the transport_instance block so as
19to be publicly visible; these are flagged with opt_public. */
20
21optionlist smtp_transport_options[] = {
506900af
JH
22 { "*expand_multi_domain", opt_stringptr | opt_hidden | opt_public,
23 (void *)offsetof(transport_instance, expand_multi_domain) },
9c695f6d
JH
24 { "*expand_retry_include_ip_address", opt_stringptr | opt_hidden,
25 (void *)(offsetof(smtp_transport_options_block, expand_retry_include_ip_address)) },
26
48c7f9e2
PH
27 { "address_retry_include_sender", opt_bool,
28 (void *)offsetof(smtp_transport_options_block, address_retry_include_sender) },
0756eb3c
PH
29 { "allow_localhost", opt_bool,
30 (void *)offsetof(smtp_transport_options_block, allow_localhost) },
617d3932
JH
31#ifdef EXPERIMENTAL_ARC
32 { "arc_sign", opt_stringptr,
33 (void *)offsetof(smtp_transport_options_block, arc_sign) },
34#endif
0756eb3c
PH
35 { "authenticated_sender", opt_stringptr,
36 (void *)offsetof(smtp_transport_options_block, authenticated_sender) },
382afc6b
PH
37 { "authenticated_sender_force", opt_bool,
38 (void *)offsetof(smtp_transport_options_block, authenticated_sender_force) },
0756eb3c
PH
39 { "command_timeout", opt_time,
40 (void *)offsetof(smtp_transport_options_block, command_timeout) },
41 { "connect_timeout", opt_time,
42 (void *)offsetof(smtp_transport_options_block, connect_timeout) },
43 { "connection_max_messages", opt_int | opt_public,
44 (void *)offsetof(transport_instance, connection_max_messages) },
5ec37a55
PP
45# ifdef SUPPORT_DANE
46 { "dane_require_tls_ciphers", opt_stringptr,
47 (void *)offsetof(smtp_transport_options_block, dane_require_tls_ciphers) },
48# endif
0756eb3c
PH
49 { "data_timeout", opt_time,
50 (void *)offsetof(smtp_transport_options_block, data_timeout) },
51 { "delay_after_cutoff", opt_bool,
52 (void *)offsetof(smtp_transport_options_block, delay_after_cutoff) },
80a47a2c 53#ifndef DISABLE_DKIM
f7572e5a 54 { "dkim_canon", opt_stringptr,
ff5aac2b 55 (void *)offsetof(smtp_transport_options_block, dkim.dkim_canon) },
f7572e5a 56 { "dkim_domain", opt_stringptr,
ff5aac2b 57 (void *)offsetof(smtp_transport_options_block, dkim.dkim_domain) },
d73e45df
JH
58 { "dkim_hash", opt_stringptr,
59 (void *)offsetof(smtp_transport_options_block, dkim.dkim_hash) },
7c6ec81b
JH
60 { "dkim_identity", opt_stringptr,
61 (void *)offsetof(smtp_transport_options_block, dkim.dkim_identity) },
f7572e5a 62 { "dkim_private_key", opt_stringptr,
ff5aac2b 63 (void *)offsetof(smtp_transport_options_block, dkim.dkim_private_key) },
f7572e5a 64 { "dkim_selector", opt_stringptr,
ff5aac2b 65 (void *)offsetof(smtp_transport_options_block, dkim.dkim_selector) },
f7572e5a 66 { "dkim_sign_headers", opt_stringptr,
ff5aac2b 67 (void *)offsetof(smtp_transport_options_block, dkim.dkim_sign_headers) },
f7572e5a 68 { "dkim_strict", opt_stringptr,
ff5aac2b 69 (void *)offsetof(smtp_transport_options_block, dkim.dkim_strict) },
2bc0f45e
JH
70 { "dkim_timestamps", opt_stringptr,
71 (void *)offsetof(smtp_transport_options_block, dkim.dkim_timestamps) },
80a47a2c 72#endif
0756eb3c
PH
73 { "dns_qualify_single", opt_bool,
74 (void *)offsetof(smtp_transport_options_block, dns_qualify_single) },
75 { "dns_search_parents", opt_bool,
76 (void *)offsetof(smtp_transport_options_block, dns_search_parents) },
578897ea 77 { "dnssec_request_domains", opt_stringptr,
7cd171b7 78 (void *)offsetof(smtp_transport_options_block, dnssec.request) },
578897ea 79 { "dnssec_require_domains", opt_stringptr,
7cd171b7 80 (void *)offsetof(smtp_transport_options_block, dnssec.require) },
9e4f5962
PP
81 { "dscp", opt_stringptr,
82 (void *)offsetof(smtp_transport_options_block, dscp) },
0756eb3c
PH
83 { "fallback_hosts", opt_stringptr,
84 (void *)offsetof(smtp_transport_options_block, fallback_hosts) },
85 { "final_timeout", opt_time,
86 (void *)offsetof(smtp_transport_options_block, final_timeout) },
87 { "gethostbyname", opt_bool,
88 (void *)offsetof(smtp_transport_options_block, gethostbyname) },
89 { "helo_data", opt_stringptr,
90 (void *)offsetof(smtp_transport_options_block, helo_data) },
91 { "hosts", opt_stringptr,
92 (void *)offsetof(smtp_transport_options_block, hosts) },
93 { "hosts_avoid_esmtp", opt_stringptr,
94 (void *)offsetof(smtp_transport_options_block, hosts_avoid_esmtp) },
c51b8e75
PH
95 { "hosts_avoid_pipelining", opt_stringptr,
96 (void *)offsetof(smtp_transport_options_block, hosts_avoid_pipelining) },
01603eec 97#ifndef DISABLE_TLS
0756eb3c
PH
98 { "hosts_avoid_tls", opt_stringptr,
99 (void *)offsetof(smtp_transport_options_block, hosts_avoid_tls) },
80a47a2c 100#endif
0756eb3c
PH
101 { "hosts_max_try", opt_int,
102 (void *)offsetof(smtp_transport_options_block, hosts_max_try) },
533244af
PH
103 { "hosts_max_try_hardlimit", opt_int,
104 (void *)offsetof(smtp_transport_options_block, hosts_max_try_hardlimit) },
01603eec 105#ifndef DISABLE_TLS
0756eb3c
PH
106 { "hosts_nopass_tls", opt_stringptr,
107 (void *)offsetof(smtp_transport_options_block, hosts_nopass_tls) },
875512a3
JH
108 { "hosts_noproxy_tls", opt_stringptr,
109 (void *)offsetof(smtp_transport_options_block, hosts_noproxy_tls) },
80a47a2c 110#endif
0756eb3c
PH
111 { "hosts_override", opt_bool,
112 (void *)offsetof(smtp_transport_options_block, hosts_override) },
81344b40 113#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
114 { "hosts_pipe_connect", opt_stringptr,
115 (void *)offsetof(smtp_transport_options_block, hosts_pipe_connect) },
116#endif
0756eb3c
PH
117 { "hosts_randomize", opt_bool,
118 (void *)offsetof(smtp_transport_options_block, hosts_randomize) },
01603eec 119#if !defined(DISABLE_TLS) && !defined(DISABLE_OCSP)
44662487
JH
120 { "hosts_request_ocsp", opt_stringptr,
121 (void *)offsetof(smtp_transport_options_block, hosts_request_ocsp) },
122#endif
0756eb3c
PH
123 { "hosts_require_auth", opt_stringptr,
124 (void *)offsetof(smtp_transport_options_block, hosts_require_auth) },
01603eec 125#ifndef DISABLE_TLS
c0635b6d 126# ifdef SUPPORT_DANE
7a31d643
JH
127 { "hosts_require_dane", opt_stringptr,
128 (void *)offsetof(smtp_transport_options_block, hosts_require_dane) },
129# endif
f2de3a33 130# ifndef DISABLE_OCSP
f5d78688
JH
131 { "hosts_require_ocsp", opt_stringptr,
132 (void *)offsetof(smtp_transport_options_block, hosts_require_ocsp) },
133# endif
0756eb3c
PH
134 { "hosts_require_tls", opt_stringptr,
135 (void *)offsetof(smtp_transport_options_block, hosts_require_tls) },
80a47a2c 136#endif
0756eb3c
PH
137 { "hosts_try_auth", opt_stringptr,
138 (void *)offsetof(smtp_transport_options_block, hosts_try_auth) },
f98442df
JH
139 { "hosts_try_chunking", opt_stringptr,
140 (void *)offsetof(smtp_transport_options_block, hosts_try_chunking) },
21ee816d 141#ifdef SUPPORT_DANE
96e47838
TL
142 { "hosts_try_dane", opt_stringptr,
143 (void *)offsetof(smtp_transport_options_block, hosts_try_dane) },
144#endif
fb05276a
JH
145 { "hosts_try_fastopen", opt_stringptr,
146 (void *)offsetof(smtp_transport_options_block, hosts_try_fastopen) },
8ccd00b1 147#ifndef DISABLE_PRDR
fd98a5c6
JH
148 { "hosts_try_prdr", opt_stringptr,
149 (void *)offsetof(smtp_transport_options_block, hosts_try_prdr) },
150#endif
01603eec 151#ifndef DISABLE_TLS
99400968
JH
152 { "hosts_verify_avoid_tls", opt_stringptr,
153 (void *)offsetof(smtp_transport_options_block, hosts_verify_avoid_tls) },
154#endif
0756eb3c
PH
155 { "interface", opt_stringptr,
156 (void *)offsetof(smtp_transport_options_block, interface) },
157 { "keepalive", opt_bool,
158 (void *)offsetof(smtp_transport_options_block, keepalive) },
f1513293
PH
159 { "lmtp_ignore_quota", opt_bool,
160 (void *)offsetof(smtp_transport_options_block, lmtp_ignore_quota) },
0756eb3c
PH
161 { "max_rcpt", opt_int | opt_public,
162 (void *)offsetof(transport_instance, max_addresses) },
506900af 163 { "multi_domain", opt_expand_bool | opt_public,
0756eb3c
PH
164 (void *)offsetof(transport_instance, multi_domain) },
165 { "port", opt_stringptr,
166 (void *)offsetof(smtp_transport_options_block, port) },
167 { "protocol", opt_stringptr,
168 (void *)offsetof(smtp_transport_options_block, protocol) },
9c695f6d 169 { "retry_include_ip_address", opt_expand_bool,
0756eb3c
PH
170 (void *)offsetof(smtp_transport_options_block, retry_include_ip_address) },
171 { "serialize_hosts", opt_stringptr,
172 (void *)offsetof(smtp_transport_options_block, serialize_hosts) },
173 { "size_addition", opt_int,
1ddf77d0 174 (void *)offsetof(smtp_transport_options_block, size_addition) },
f0989ec0 175#ifdef SUPPORT_SOCKS
1ddf77d0
JH
176 { "socks_proxy", opt_stringptr,
177 (void *)offsetof(smtp_transport_options_block, socks_proxy) },
7eb6c37c 178#endif
01603eec 179#ifndef DISABLE_TLS
1ddf77d0 180 { "tls_certificate", opt_stringptr,
0756eb3c
PH
181 (void *)offsetof(smtp_transport_options_block, tls_certificate) },
182 { "tls_crl", opt_stringptr,
183 (void *)offsetof(smtp_transport_options_block, tls_crl) },
54c90be1
PP
184 { "tls_dh_min_bits", opt_int,
185 (void *)offsetof(smtp_transport_options_block, tls_dh_min_bits) },
0756eb3c
PH
186 { "tls_privatekey", opt_stringptr,
187 (void *)offsetof(smtp_transport_options_block, tls_privatekey) },
3f0945ff 188 { "tls_require_ciphers", opt_stringptr,
0756eb3c 189 (void *)offsetof(smtp_transport_options_block, tls_require_ciphers) },
b10c87b3
JH
190# ifdef EXPERIMENTAL_TLS_RESUME
191 { "tls_resumption_hosts", opt_stringptr,
192 (void *)offsetof(smtp_transport_options_block, tls_resumption_hosts) },
193# endif
3f0945ff
PP
194 { "tls_sni", opt_stringptr,
195 (void *)offsetof(smtp_transport_options_block, tls_sni) },
0756eb3c
PH
196 { "tls_tempfail_tryclear", opt_bool,
197 (void *)offsetof(smtp_transport_options_block, tls_tempfail_tryclear) },
a63be306
WB
198 { "tls_try_verify_hosts", opt_stringptr,
199 (void *)offsetof(smtp_transport_options_block, tls_try_verify_hosts) },
e51c7be2
JH
200 { "tls_verify_cert_hostnames", opt_stringptr,
201 (void *)offsetof(smtp_transport_options_block,tls_verify_cert_hostnames)},
0756eb3c 202 { "tls_verify_certificates", opt_stringptr,
a63be306
WB
203 (void *)offsetof(smtp_transport_options_block, tls_verify_certificates) },
204 { "tls_verify_hosts", opt_stringptr,
71c15846
JH
205 (void *)offsetof(smtp_transport_options_block, tls_verify_hosts) },
206#endif
207#ifdef SUPPORT_I18N
208 { "utf8_downconvert", opt_stringptr,
209 (void *)offsetof(smtp_transport_options_block, utf8_downconvert) },
80a47a2c 210#endif
0756eb3c
PH
211};
212
213/* Size of the options list. An extern variable has to be used so that its
214address can appear in the tables drtables.c. */
215
71c15846 216int smtp_transport_options_count = nelem(smtp_transport_options);
0756eb3c 217
d185889f
JH
218
219#ifdef MACRO_PREDEF
220
221/* Dummy values */
222smtp_transport_options_block smtp_transport_option_defaults = {0};
223void smtp_transport_init(transport_instance *tblock) {}
224BOOL smtp_transport_entry(transport_instance *tblock, address_item *addr) {return FALSE;}
225void smtp_transport_closedown(transport_instance *tblock) {}
226
227#else /*!MACRO_PREDEF*/
228
229
0756eb3c
PH
230/* Default private options block for the smtp transport. */
231
232smtp_transport_options_block smtp_transport_option_defaults = {
838d897c 233 .hosts = NULL,
847cd15f 234 .fallback_hosts = NULL,
838d897c
JH
235 .hostlist = NULL,
236 .fallback_hostlist = NULL,
838d897c
JH
237 .helo_data = US"$primary_hostname",
238 .interface = NULL,
239 .port = NULL,
240 .protocol = US"smtp",
241 .dscp = NULL,
242 .serialize_hosts = NULL,
243 .hosts_try_auth = NULL,
244 .hosts_require_auth = NULL,
245 .hosts_try_chunking = US"*",
c0635b6d 246#ifdef SUPPORT_DANE
59c0959a 247 .hosts_try_dane = US"*",
838d897c 248 .hosts_require_dane = NULL,
5ec37a55 249 .dane_require_tls_ciphers = NULL,
96e47838 250#endif
efad2f41 251 .hosts_try_fastopen = US"*",
8ccd00b1 252#ifndef DISABLE_PRDR
838d897c 253 .hosts_try_prdr = US"*",
fd98a5c6 254#endif
f2de3a33 255#ifndef DISABLE_OCSP
838d897c
JH
256 .hosts_request_ocsp = US"*", /* hosts_request_ocsp (except under DANE; tls_client_start()) */
257 .hosts_require_ocsp = NULL,
f5d78688 258#endif
838d897c
JH
259 .hosts_require_tls = NULL,
260 .hosts_avoid_tls = NULL,
261 .hosts_verify_avoid_tls = NULL,
262 .hosts_avoid_pipelining = NULL,
81344b40 263#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
264 .hosts_pipe_connect = NULL,
265#endif
838d897c 266 .hosts_avoid_esmtp = NULL,
01603eec 267#ifndef DISABLE_TLS
838d897c 268 .hosts_nopass_tls = NULL,
96eb7d2a 269 .hosts_noproxy_tls = NULL,
57cc2785 270#endif
838d897c
JH
271 .command_timeout = 5*60,
272 .connect_timeout = 5*60,
273 .data_timeout = 5*60,
274 .final_timeout = 10*60,
275 .size_addition = 1024,
276 .hosts_max_try = 5,
277 .hosts_max_try_hardlimit = 50,
278 .address_retry_include_sender = TRUE,
279 .allow_localhost = FALSE,
280 .authenticated_sender_force = FALSE,
281 .gethostbyname = FALSE,
282 .dns_qualify_single = TRUE,
283 .dns_search_parents = FALSE,
284 .dnssec = { .request=NULL, .require=NULL },
285 .delay_after_cutoff = TRUE,
286 .hosts_override = FALSE,
287 .hosts_randomize = FALSE,
288 .keepalive = TRUE,
289 .lmtp_ignore_quota = FALSE,
290 .expand_retry_include_ip_address = NULL,
291 .retry_include_ip_address = TRUE,
f0989ec0 292#ifdef SUPPORT_SOCKS
838d897c 293 .socks_proxy = NULL,
b8bf753b 294#endif
01603eec 295#ifndef DISABLE_TLS
838d897c
JH
296 .tls_certificate = NULL,
297 .tls_crl = NULL,
298 .tls_privatekey = NULL,
299 .tls_require_ciphers = NULL,
300 .tls_sni = NULL,
301 .tls_verify_certificates = US"system",
302 .tls_dh_min_bits = EXIM_CLIENT_DH_DEFAULT_MIN_BITS,
303 .tls_tempfail_tryclear = TRUE,
b10c87b3
JH
304# ifdef EXPERIMENTAL_TLS_RESUME
305 .tls_resumption_hosts = NULL,
306# endif
838d897c
JH
307 .tls_verify_hosts = NULL,
308 .tls_try_verify_hosts = US"*",
309 .tls_verify_cert_hostnames = US"*",
80a47a2c 310#endif
71c15846
JH
311#ifdef SUPPORT_I18N
312 .utf8_downconvert = NULL,
313#endif
80a47a2c 314#ifndef DISABLE_DKIM
838d897c
JH
315 .dkim =
316 {.dkim_domain = NULL,
7c6ec81b 317 .dkim_identity = NULL,
838d897c
JH
318 .dkim_private_key = NULL,
319 .dkim_selector = NULL,
320 .dkim_canon = NULL,
7c6ec81b 321 .dkim_sign_headers = NULL,
838d897c 322 .dkim_strict = NULL,
d73e45df 323 .dkim_hash = US"sha256",
2bc0f45e 324 .dkim_timestamps = NULL,
617d3932
JH
325 .dot_stuffed = FALSE,
326 .force_bodyhash = FALSE,
327# ifdef EXPERIMENTAL_ARC
328 .arc_signspec = NULL,
329# endif
330 },
331# ifdef EXPERIMENTAL_ARC
332 .arc_sign = NULL,
333# endif
80a47a2c 334#endif
0756eb3c
PH
335};
336
6c1c3d1d
WB
337/* some DSN flags for use later */
338
339static int rf_list[] = {rf_notify_never, rf_notify_success,
340 rf_notify_failure, rf_notify_delay };
341
45500060 342static uschar *rf_names[] = { US"NEVER", US"SUCCESS", US"FAILURE", US"DELAY" };
6c1c3d1d
WB
343
344
0756eb3c
PH
345
346/* Local statics */
347
87cb4a16
JH
348static uschar *smtp_command; /* Points to last cmd for error messages */
349static uschar *mail_command; /* Points to MAIL cmd for error messages */
350static uschar *data_command = US""; /* Points to DATA cmd for error messages */
351static BOOL update_waiting; /* TRUE to update the "wait" database */
875512a3
JH
352
353/*XXX move to smtp_context */
87cb4a16 354static BOOL pipelining_active; /* current transaction is in pipe mode */
0756eb3c
PH
355
356
ee8b8090
JH
357static unsigned ehlo_response(uschar * buf, unsigned checks);
358
359
d85cdeb5
JH
360/******************************************************************************/
361
362void
363smtp_deliver_init(void)
364{
365if (!regex_PIPELINING) regex_PIPELINING =
366 regex_must_compile(US"\\n250[\\s\\-]PIPELINING(\\s|\\n|$)", FALSE, TRUE);
367
368if (!regex_SIZE) regex_SIZE =
369 regex_must_compile(US"\\n250[\\s\\-]SIZE(\\s|\\n|$)", FALSE, TRUE);
370
371if (!regex_AUTH) regex_AUTH =
372 regex_must_compile(AUTHS_REGEX, FALSE, TRUE);
373
374#ifndef DISABLE_TLS
375if (!regex_STARTTLS) regex_STARTTLS =
376 regex_must_compile(US"\\n250[\\s\\-]STARTTLS(\\s|\\n|$)", FALSE, TRUE);
377#endif
378
379if (!regex_CHUNKING) regex_CHUNKING =
380 regex_must_compile(US"\\n250[\\s\\-]CHUNKING(\\s|\\n|$)", FALSE, TRUE);
381
382#ifndef DISABLE_PRDR
383if (!regex_PRDR) regex_PRDR =
384 regex_must_compile(US"\\n250[\\s\\-]PRDR(\\s|\\n|$)", FALSE, TRUE);
385#endif
386
387#ifdef SUPPORT_I18N
388if (!regex_UTF8) regex_UTF8 =
389 regex_must_compile(US"\\n250[\\s\\-]SMTPUTF8(\\s|\\n|$)", FALSE, TRUE);
390#endif
391
392if (!regex_DSN) regex_DSN =
393 regex_must_compile(US"\\n250[\\s\\-]DSN(\\s|\\n|$)", FALSE, TRUE);
394
395if (!regex_IGNOREQUOTA) regex_IGNOREQUOTA =
396 regex_must_compile(US"\\n250[\\s\\-]IGNOREQUOTA(\\s|\\n|$)", FALSE, TRUE);
397
81344b40 398#ifndef DISABLE_PIPE_CONNECT
d85cdeb5
JH
399if (!regex_EARLY_PIPE) regex_EARLY_PIPE =
400 regex_must_compile(US"\\n250[\\s\\-]" EARLY_PIPE_FEATURE_NAME "(\\s|\\n|$)", FALSE, TRUE);
401#endif
402}
403
404
0756eb3c
PH
405/*************************************************
406* Setup entry point *
407*************************************************/
408
409/* This function is called when the transport is about to be used,
410but before running it in a sub-process. It is used for two things:
411
412 (1) To set the fallback host list in addresses, when delivering.
26da7e20
PH
413 (2) To pass back the interface, port, protocol, and other options, for use
414 during callout verification.
0756eb3c
PH
415
416Arguments:
417 tblock pointer to the transport instance block
418 addrlist list of addresses about to be transported
419 tf if not NULL, pointer to block in which to return options
929ba01c
PH
420 uid the uid that will be set (not used)
421 gid the gid that will be set (not used)
0756eb3c
PH
422 errmsg place for error message (not used)
423
424Returns: OK always (FAIL, DEFER not used)
425*/
426
427static int
428smtp_transport_setup(transport_instance *tblock, address_item *addrlist,
929ba01c 429 transport_feedback *tf, uid_t uid, gid_t gid, uschar **errmsg)
0756eb3c 430{
ee8b8090 431smtp_transport_options_block *ob = SOB tblock->options_block;
0756eb3c
PH
432
433errmsg = errmsg; /* Keep picky compilers happy */
929ba01c
PH
434uid = uid;
435gid = gid;
0756eb3c
PH
436
437/* Pass back options if required. This interface is getting very messy. */
438
02b41d71 439if (tf)
0756eb3c
PH
440 {
441 tf->interface = ob->interface;
442 tf->port = ob->port;
443 tf->protocol = ob->protocol;
444 tf->hosts = ob->hosts;
445 tf->hosts_override = ob->hosts_override;
446 tf->hosts_randomize = ob->hosts_randomize;
447 tf->gethostbyname = ob->gethostbyname;
448 tf->qualify_single = ob->dns_qualify_single;
449 tf->search_parents = ob->dns_search_parents;
26da7e20 450 tf->helo_data = ob->helo_data;
0756eb3c
PH
451 }
452
453/* Set the fallback host list for all the addresses that don't have fallback
454host lists, provided that the local host wasn't present in the original host
455list. */
456
457if (!testflag(addrlist, af_local_host_removed))
02b41d71
JH
458 for (; addrlist; addrlist = addrlist->next)
459 if (!addrlist->fallback_hosts) addrlist->fallback_hosts = ob->fallback_hostlist;
0756eb3c
PH
460
461return OK;
462}
463
464
465
466/*************************************************
467* Initialization entry point *
468*************************************************/
469
470/* Called for each instance, after its options have been read, to
471enable consistency checks to be done, or anything else that needs
472to be set up.
473
474Argument: pointer to the transport instance block
475Returns: nothing
476*/
477
478void
479smtp_transport_init(transport_instance *tblock)
480{
ee8b8090 481smtp_transport_options_block *ob = SOB tblock->options_block;
0756eb3c
PH
482
483/* Retry_use_local_part defaults FALSE if unset */
484
485if (tblock->retry_use_local_part == TRUE_UNSET)
486 tblock->retry_use_local_part = FALSE;
487
488/* Set the default port according to the protocol */
489
ee8b8090
JH
490if (!ob->port)
491 ob->port = strcmpic(ob->protocol, US"lmtp") == 0
492 ? US"lmtp"
493 : strcmpic(ob->protocol, US"smtps") == 0
494 ? US"smtps" : US"smtp";
0756eb3c
PH
495
496/* Set up the setup entry point, to be called before subprocesses for this
497transport. */
498
499tblock->setup = smtp_transport_setup;
500
501/* Complain if any of the timeouts are zero. */
502
503if (ob->command_timeout <= 0 || ob->data_timeout <= 0 ||
504 ob->final_timeout <= 0)
505 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
506 "command, data, or final timeout value is zero for %s transport",
507 tblock->name);
508
509/* If hosts_override is set and there are local hosts, set the global
510flag that stops verify from showing router hosts. */
511
512if (ob->hosts_override && ob->hosts != NULL) tblock->overrides_hosts = TRUE;
513
514/* If there are any fallback hosts listed, build a chain of host items
515for them, but do not do any lookups at this time. */
516
517host_build_hostlist(&(ob->fallback_hostlist), ob->fallback_hosts, FALSE);
518}
519
520
521
522
523
524/*************************************************
525* Set delivery info into all active addresses *
526*************************************************/
527
528/* Only addresses whose status is >= PENDING are relevant. A lesser
529status means that an address is not currently being processed.
530
531Arguments:
447d236c
PH
532 addrlist points to a chain of addresses
533 errno_value to put in each address's errno field
534 msg to put in each address's message field
535 rc to put in each address's transport_return field
536 pass_message if TRUE, set the "pass message" flag in the address
c562fd30 537 host if set, mark addrs as having used this host
895fbaf2
JH
538 smtp_greeting from peer
539 helo_response from peer
0756eb3c
PH
540
541If errno_value has the special value ERRNO_CONNECTTIMEOUT, ETIMEDOUT is put in
542the errno field, and RTEF_CTOUT is ORed into the more_errno field, to indicate
543this particular type of timeout.
544
545Returns: nothing
546*/
547
7cd1141b
PH
548static void
549set_errno(address_item *addrlist, int errno_value, uschar *msg, int rc,
895fbaf2
JH
550 BOOL pass_message, host_item * host
551#ifdef EXPERIMENTAL_DSN_INFO
552 , const uschar * smtp_greeting, const uschar * helo_response
553#endif
554 )
0756eb3c 555{
0756eb3c
PH
556int orvalue = 0;
557if (errno_value == ERRNO_CONNECTTIMEOUT)
558 {
559 errno_value = ETIMEDOUT;
560 orvalue = RTEF_CTOUT;
561 }
d7978c0f 562for (address_item * addr = addrlist; addr; addr = addr->next)
168dec3b 563 if (addr->transport_return >= PENDING)
447d236c 564 {
168dec3b
JH
565 addr->basic_errno = errno_value;
566 addr->more_errno |= orvalue;
02b41d71 567 if (msg)
168dec3b
JH
568 {
569 addr->message = msg;
570 if (pass_message) setflag(addr, af_pass_message);
571 }
572 addr->transport_return = rc;
573 if (host)
895fbaf2 574 {
168dec3b 575 addr->host_used = host;
895fbaf2
JH
576#ifdef EXPERIMENTAL_DSN_INFO
577 if (smtp_greeting)
578 {uschar * s = Ustrchr(smtp_greeting, '\n'); if (s) *s = '\0';}
579 addr->smtp_greeting = smtp_greeting;
580
581 if (helo_response)
582 {uschar * s = Ustrchr(helo_response, '\n'); if (s) *s = '\0';}
583 addr->helo_response = helo_response;
584#endif
585 }
447d236c 586 }
0756eb3c
PH
587}
588
895fbaf2
JH
589static void
590set_errno_nohost(address_item *addrlist, int errno_value, uschar *msg, int rc,
591 BOOL pass_message)
592{
593set_errno(addrlist, errno_value, msg, rc, pass_message, NULL
594#ifdef EXPERIMENTAL_DSN_INFO
595 , NULL, NULL
596#endif
597 );
598}
0756eb3c
PH
599
600
601/*************************************************
602* Check an SMTP response *
603*************************************************/
604
605/* This function is given an errno code and the SMTP response buffer
606to analyse, together with the host identification for generating messages. It
607sets an appropriate message and puts the first digit of the response code into
608the yield variable. If no response was actually read, a suitable digit is
609chosen.
610
611Arguments:
447d236c
PH
612 host the current host, to get its name for messages
613 errno_value pointer to the errno value
614 more_errno from the top address for use with ERRNO_FILTER_FAIL
615 buffer the SMTP response buffer
616 yield where to put a one-digit SMTP response code
4c04137d 617 message where to put an error message
447d236c
PH
618 pass_message set TRUE if message is an SMTP response
619
620Returns: TRUE if an SMTP "QUIT" command should be sent, else FALSE
0756eb3c
PH
621*/
622
a7538db1
JH
623static BOOL
624check_response(host_item *host, int *errno_value, int more_errno,
447d236c 625 uschar *buffer, int *yield, uschar **message, BOOL *pass_message)
0756eb3c 626{
0d9fa8c0 627uschar * pl = pipelining_active ? US"pipelined " : US"";
e9166683 628const uschar * s;
0756eb3c
PH
629
630*yield = '4'; /* Default setting is to give a temporary error */
631
e9166683 632switch(*errno_value)
0756eb3c 633 {
e9166683
JH
634 case ETIMEDOUT: /* Handle response timeout */
635 *message = US string_sprintf("SMTP timeout after %s%s",
636 pl, smtp_command);
637 if (transport_count > 0)
638 *message = US string_sprintf("%s (%d bytes written)", *message,
639 transport_count);
640 return FALSE;
641
642 case ERRNO_SMTPFORMAT: /* Handle malformed SMTP response */
643 s = string_printing(buffer);
644 while (isspace(*s)) s++;
645 *message = *s == 0
646 ? string_sprintf("Malformed SMTP reply (an empty line) "
647 "in response to %s%s", pl, smtp_command)
648 : string_sprintf("Malformed SMTP reply in response to %s%s: %s",
649 pl, smtp_command, s);
650 return FALSE;
651
fc243e94
JH
652 case ERRNO_TLSFAILURE: /* Handle bad first read; can happen with
653 GnuTLS and TLS1.3 */
654 *message = US"bad first read from TLS conn";
655 return TRUE;
656
e9166683
JH
657 case ERRNO_FILTER_FAIL: /* Handle a failed filter process error;
658 can't send QUIT as we mustn't end the DATA. */
659 *message = string_sprintf("transport filter process failed (%d)%s",
660 more_errno,
661 more_errno == EX_EXECFAILED ? ": unable to execute command" : "");
662 return FALSE;
663
664 case ERRNO_CHHEADER_FAIL: /* Handle a failed add_headers expansion;
665 can't send QUIT as we mustn't end the DATA. */
666 *message =
667 string_sprintf("failed to expand headers_add or headers_remove: %s",
668 expand_string_message);
669 return FALSE;
670
671 case ERRNO_WRITEINCOMPLETE: /* failure to write a complete data block */
f3ebb786 672 *message = US"failed to write a data block";
e9166683 673 return FALSE;
0756eb3c 674
8c5d388a 675#ifdef SUPPORT_I18N
e9166683
JH
676 case ERRNO_UTF8_FWD: /* no advertised SMTPUTF8, for international message */
677 *message = US"utf8 support required but not offered for forwarding";
678 DEBUG(D_deliver|D_transport) debug_printf("%s\n", *message);
679 return TRUE;
250b6871 680#endif
e9166683 681 }
250b6871 682
0756eb3c
PH
683/* Handle error responses from the remote mailer. */
684
685if (buffer[0] != 0)
686 {
e9166683
JH
687 *message = string_sprintf("SMTP error from remote mail server after %s%s: "
688 "%s", pl, smtp_command, s = string_printing(buffer));
447d236c 689 *pass_message = TRUE;
0756eb3c
PH
690 *yield = buffer[0];
691 return TRUE;
692 }
693
694/* No data was read. If there is no errno, this must be the EOF (i.e.
19b9dc85
PH
695connection closed) case, which causes deferral. An explicit connection reset
696error has the same effect. Otherwise, put the host's identity in the message,
697leaving the errno value to be interpreted as well. In all cases, we have to
698assume the connection is now dead. */
0756eb3c 699
19b9dc85 700if (*errno_value == 0 || *errno_value == ECONNRESET)
0756eb3c
PH
701 {
702 *errno_value = ERRNO_SMTPCLOSED;
c562fd30 703 *message = US string_sprintf("Remote host closed connection "
02b41d71 704 "in response to %s%s", pl, smtp_command);
0756eb3c 705 }
de6273b4
JH
706else
707 *message = US string_sprintf("%s [%s]", host->name, host->address);
0756eb3c
PH
708
709return FALSE;
710}
711
712
713
714/*************************************************
715* Write error message to logs *
716*************************************************/
717
718/* This writes to the main log and to the message log.
719
720Arguments:
0756eb3c 721 host the current host
ec62d0a9
HSHR
722 detail the current message (addr_item->message)
723 basic_errno the errno (addr_item->basic_errno)
0756eb3c
PH
724
725Returns: nothing
726*/
727
728static void
ec62d0a9 729write_logs(const host_item *host, const uschar *suffix, int basic_errno)
0756eb3c 730{
52f12a7c
JH
731gstring * message = LOGGING(outgoing_port)
732 ? string_fmt_append(NULL, "H=%s [%s]:%d", host->name, host->address,
584ddd64 733 host->port == PORT_NONE ? 25 : host->port)
52f12a7c 734 : string_fmt_append(NULL, "H=%s [%s]", host->name, host->address);
c562fd30 735
ec62d0a9 736if (suffix)
0756eb3c 737 {
52f12a7c 738 message = string_fmt_append(message, ": %s", suffix);
ec62d0a9 739 if (basic_errno > 0)
52f12a7c 740 message = string_fmt_append(message, ": %s", strerror(basic_errno));
0756eb3c
PH
741 }
742else
52f12a7c 743 message = string_fmt_append(message, " %s", exim_errstr(basic_errno));
ec62d0a9 744
52f12a7c
JH
745log_write(0, LOG_MAIN, "%s", string_from_gstring(message));
746deliver_msglog("%s %s\n", tod_stamp(tod_log), message->s);
0756eb3c
PH
747}
748
c562fd30
JH
749static void
750msglog_line(host_item * host, uschar * message)
751{
37f3dc43
JH
752deliver_msglog("%s H=%s [%s] %s\n", tod_stamp(tod_log),
753 host->name, host->address, message);
c562fd30
JH
754}
755
0756eb3c
PH
756
757
0cbf2b82 758#ifndef DISABLE_EVENT
d68218c7
JH
759/*************************************************
760* Post-defer action *
761*************************************************/
762
763/* This expands an arbitrary per-transport string.
764 It might, for example, be used to write to the database log.
765
766Arguments:
d68218c7
JH
767 addr the address item containing error information
768 host the current host
769
770Returns: nothing
771*/
772
773static void
774ef2d7 774deferred_event_raise(address_item *addr, host_item *host)
d68218c7 775{
774ef2d7 776uschar * action = addr->transport->event_action;
55414b25 777const uschar * save_domain;
a7538db1
JH
778uschar * save_local;
779
d68218c7 780if (!action)
a7538db1 781 return;
d68218c7 782
a7538db1
JH
783save_domain = deliver_domain;
784save_local = deliver_localpart;
785
786/*XXX would ip & port already be set up? */
787deliver_host_address = string_copy(host->address);
774ef2d7
JH
788deliver_host_port = host->port == PORT_NONE ? 25 : host->port;
789event_defer_errno = addr->basic_errno;
d68218c7
JH
790
791router_name = addr->router->name;
792transport_name = addr->transport->name;
a7538db1
JH
793deliver_domain = addr->domain;
794deliver_localpart = addr->local_part;
795
774ef2d7 796(void) event_raise(action, US"msg:host:defer",
a7538db1
JH
797 addr->message
798 ? addr->basic_errno > 0
799 ? string_sprintf("%s: %s", addr->message, strerror(addr->basic_errno))
800 : string_copy(addr->message)
801 : addr->basic_errno > 0
802 ? string_copy(US strerror(addr->basic_errno))
803 : NULL);
804
805deliver_localpart = save_local;
806deliver_domain = save_domain;
d68218c7
JH
807router_name = transport_name = NULL;
808}
809#endif
810
0756eb3c 811/*************************************************
ee8b8090
JH
812* Reap SMTP specific responses *
813*************************************************/
814static int
815smtp_discard_responses(smtp_context * sx, smtp_transport_options_block * ob,
816 int count)
817{
818uschar flushbuffer[4096];
819
820while (count-- > 0)
821 {
822 if (!smtp_read_response(sx, flushbuffer, sizeof(flushbuffer),
823 '2', ob->command_timeout)
824 && (errno != 0 || flushbuffer[0] == 0))
825 break;
826 }
827return count;
828}
829
830
831/* Return boolean success */
832
833static BOOL
834smtp_reap_banner(smtp_context * sx)
835{
836BOOL good_response = smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
837 '2', (SOB sx->conn_args.ob)->command_timeout);
838#ifdef EXPERIMENTAL_DSN_INFO
839sx->smtp_greeting = string_copy(sx->buffer);
840#endif
841return good_response;
842}
843
844static BOOL
845smtp_reap_ehlo(smtp_context * sx)
846{
847if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer), '2',
848 (SOB sx->conn_args.ob)->command_timeout))
849 {
850 if (errno != 0 || sx->buffer[0] == 0 || sx->lmtp)
851 {
852#ifdef EXPERIMENTAL_DSN_INFO
853 sx->helo_response = string_copy(sx->buffer);
854#endif
855 return FALSE;
856 }
857 sx->esmtp = FALSE;
858 }
859#ifdef EXPERIMENTAL_DSN_INFO
860sx->helo_response = string_copy(sx->buffer);
861#endif
8e78571a
JH
862#ifndef DISABLE_EVENT
863(void) event_raise(sx->conn_args.tblock->event_action,
864 US"smtp:ehlo", sx->buffer);
865#endif
ee8b8090
JH
866return TRUE;
867}
868
869
870
81344b40 871#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
872static uschar *
873ehlo_cache_key(const smtp_context * sx)
874{
875host_item * host = sx->conn_args.host;
876return Ustrchr(host->address, ':')
877 ? string_sprintf("[%s]:%d.EHLO", host->address,
878 host->port == PORT_NONE ? sx->port : host->port)
879 : string_sprintf("%s:%d.EHLO", host->address,
880 host->port == PORT_NONE ? sx->port : host->port);
881}
882
883static void
884write_ehlo_cache_entry(const smtp_context * sx)
885{
886open_db dbblock, * dbm_file;
887
b10c87b3 888if ((dbm_file = dbfn_open(US"misc", O_RDWR, &dbblock, TRUE, TRUE)))
ee8b8090
JH
889 {
890 uschar * ehlo_resp_key = ehlo_cache_key(sx);
891 dbdata_ehlo_resp er = { .data = sx->ehlo_resp };
892
cb6bd80f
JH
893 HDEBUG(D_transport) debug_printf("writing clr %04x/%04x cry %04x/%04x\n",
894 sx->ehlo_resp.cleartext_features, sx->ehlo_resp.cleartext_auths,
895 sx->ehlo_resp.crypted_features, sx->ehlo_resp.crypted_auths);
896
ee8b8090
JH
897 dbfn_write(dbm_file, ehlo_resp_key, &er, (int)sizeof(er));
898 dbfn_close(dbm_file);
899 }
900}
901
902static void
903invalidate_ehlo_cache_entry(smtp_context * sx)
904{
905open_db dbblock, * dbm_file;
906
907if ( sx->early_pipe_active
b10c87b3 908 && (dbm_file = dbfn_open(US"misc", O_RDWR, &dbblock, TRUE, TRUE)))
ee8b8090
JH
909 {
910 uschar * ehlo_resp_key = ehlo_cache_key(sx);
911 dbfn_delete(dbm_file, ehlo_resp_key);
912 dbfn_close(dbm_file);
913 }
914}
915
916static BOOL
917read_ehlo_cache_entry(smtp_context * sx)
918{
919open_db dbblock;
920open_db * dbm_file;
921
b10c87b3 922if (!(dbm_file = dbfn_open(US"misc", O_RDONLY, &dbblock, FALSE, TRUE)))
ee8b8090
JH
923 { DEBUG(D_transport) debug_printf("ehlo-cache: no misc DB\n"); }
924else
925 {
926 uschar * ehlo_resp_key = ehlo_cache_key(sx);
927 dbdata_ehlo_resp * er;
928
929 if (!(er = dbfn_read(dbm_file, ehlo_resp_key)))
930 { DEBUG(D_transport) debug_printf("no ehlo-resp record\n"); }
931 else if (time(NULL) - er->time_stamp > retry_data_expire)
932 {
933 DEBUG(D_transport) debug_printf("ehlo-resp record too old\n");
934 dbfn_close(dbm_file);
b10c87b3 935 if ((dbm_file = dbfn_open(US"misc", O_RDWR, &dbblock, TRUE, TRUE)))
ee8b8090
JH
936 dbfn_delete(dbm_file, ehlo_resp_key);
937 }
938 else
939 {
940 sx->ehlo_resp = er->data;
941 dbfn_close(dbm_file);
942 DEBUG(D_transport) debug_printf(
943 "EHLO response bits from cache: cleartext 0x%04x crypted 0x%04x\n",
944 er->data.cleartext_features, er->data.crypted_features);
945 return TRUE;
946 }
947 dbfn_close(dbm_file);
948 }
949return FALSE;
950}
951
952
953
954/* Return an auths bitmap for the set of AUTH methods offered by the server
955which match our authenticators. */
956
957static unsigned short
958study_ehlo_auths(smtp_context * sx)
959{
960uschar * names;
961auth_instance * au;
962uschar authnum;
963unsigned short authbits = 0;
964
965if (!sx->esmtp) return 0;
966if (!regex_AUTH) regex_AUTH = regex_must_compile(AUTHS_REGEX, FALSE, TRUE);
967if (!regex_match_and_setup(regex_AUTH, sx->buffer, 0, -1)) return 0;
968expand_nmax = -1; /* reset */
969names = string_copyn(expand_nstring[1], expand_nlength[1]);
970
971for (au = auths, authnum = 0; au; au = au->next, authnum++) if (au->client)
972 {
973 const uschar * list = names;
974 int sep = ' ';
975 uschar name[32];
976
977 while (string_nextinlist(&list, &sep, name, sizeof(name)))
978 if (strcmpic(au->public_name, name) == 0)
979 { authbits |= BIT(authnum); break; }
980 }
981
982DEBUG(D_transport)
983 debug_printf("server offers %s AUTH, methods '%s', bitmap 0x%04x\n",
984 tls_out.active.sock >= 0 ? "crypted" : "plaintext", names, authbits);
985
986if (tls_out.active.sock >= 0)
987 sx->ehlo_resp.crypted_auths = authbits;
988else
989 sx->ehlo_resp.cleartext_auths = authbits;
990return authbits;
991}
992
993
994
995
996/* Wait for and check responses for early-pipelining.
997
998Called from the lower-level smtp_read_response() function
999used for general code that assume synchronisation, if context
1000flags indicate outstanding early-pipelining commands. Also
1001called fom sync_responses() which handles pipelined commands.
1002
1003Arguments:
1004 sx smtp connection context
1005 countp number of outstanding responses, adjusted on return
1006
1007Return:
1008 OK all well
fc243e94 1009 DEFER error on first read of TLS'd conn
ee8b8090
JH
1010 FAIL SMTP error in response
1011*/
1012int
1013smtp_reap_early_pipe(smtp_context * sx, int * countp)
1014{
1015BOOL pending_BANNER = sx->pending_BANNER;
1016BOOL pending_EHLO = sx->pending_EHLO;
fc243e94 1017int rc = FAIL;
ee8b8090
JH
1018
1019sx->pending_BANNER = FALSE; /* clear early to avoid recursion */
1020sx->pending_EHLO = FALSE;
1021
1022if (pending_BANNER)
1023 {
1024 DEBUG(D_transport) debug_printf("%s expect banner\n", __FUNCTION__);
1025 (*countp)--;
1026 if (!smtp_reap_banner(sx))
1027 {
1028 DEBUG(D_transport) debug_printf("bad banner\n");
fc243e94 1029 if (tls_out.active.sock >= 0) rc = DEFER;
ee8b8090
JH
1030 goto fail;
1031 }
1032 }
1033
1034if (pending_EHLO)
1035 {
1036 unsigned peer_offered;
1037 unsigned short authbits = 0, * ap;
1038
1039 DEBUG(D_transport) debug_printf("%s expect ehlo\n", __FUNCTION__);
1040 (*countp)--;
1041 if (!smtp_reap_ehlo(sx))
1042 {
1043 DEBUG(D_transport) debug_printf("bad response for EHLO\n");
fc243e94 1044 if (tls_out.active.sock >= 0) rc = DEFER;
ee8b8090
JH
1045 goto fail;
1046 }
1047
1048 /* Compare the actual EHLO response to the cached value we assumed;
1049 on difference, dump or rewrite the cache and arrange for a retry. */
1050
1051 ap = tls_out.active.sock < 0
1052 ? &sx->ehlo_resp.cleartext_auths : &sx->ehlo_resp.crypted_auths;
1053
1054 peer_offered = ehlo_response(sx->buffer,
9883af72 1055 (tls_out.active.sock < 0 ? OPTION_TLS : 0)
ee8b8090
JH
1056 | OPTION_CHUNKING | OPTION_PRDR | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
1057 | OPTION_UTF8 | OPTION_EARLY_PIPE
1058 );
1059 if ( peer_offered != sx->peer_offered
1060 || (authbits = study_ehlo_auths(sx)) != *ap)
1061 {
1062 HDEBUG(D_transport)
cb6bd80f
JH
1063 debug_printf("EHLO %s extensions changed, 0x%04x/0x%04x -> 0x%04x/0x%04x\n",
1064 tls_out.active.sock < 0 ? "cleartext" : "crypted",
ee8b8090 1065 sx->peer_offered, *ap, peer_offered, authbits);
cb6bd80f
JH
1066 *(tls_out.active.sock < 0
1067 ? &sx->ehlo_resp.cleartext_features : &sx->ehlo_resp.crypted_features) = peer_offered;
ee8b8090
JH
1068 *ap = authbits;
1069 if (peer_offered & OPTION_EARLY_PIPE)
1070 write_ehlo_cache_entry(sx);
1071 else
1072 invalidate_ehlo_cache_entry(sx);
1073
1074 return OK; /* just carry on */
1075 }
1076 }
1077return OK;
1078
1079fail:
1080 invalidate_ehlo_cache_entry(sx);
1081 (void) smtp_discard_responses(sx, sx->conn_args.ob, *countp);
fc243e94 1082 return rc;
ee8b8090
JH
1083}
1084#endif
1085
1086
1087/*************************************************
0756eb3c
PH
1088* Synchronize SMTP responses *
1089*************************************************/
1090
1091/* This function is called from smtp_deliver() to receive SMTP responses from
1092the server, and match them up with the commands to which they relate. When
1093PIPELINING is not in use, this function is called after every command, and is
1094therefore somewhat over-engineered, but it is simpler to use a single scheme
1095that works both with and without PIPELINING instead of having two separate sets
1096of code.
1097
1098The set of commands that are buffered up with pipelining may start with MAIL
1099and may end with DATA; in between are RCPT commands that correspond to the
1100addresses whose status is PENDING_DEFER. All other commands (STARTTLS, AUTH,
1101etc.) are never buffered.
1102
1103Errors after MAIL or DATA abort the whole process leaving the response in the
1104buffer. After MAIL, pending responses are flushed, and the original command is
1105re-instated in big_buffer for error messages. For RCPT commands, the remote is
1106permitted to reject some recipient addresses while accepting others. However
1107certain errors clearly abort the whole process. Set the value in
1108transport_return to PENDING_OK if the address is accepted. If there is a
1109subsequent general error, it will get reset accordingly. If not, it will get
1110converted to OK at the end.
1111
1112Arguments:
df5b41e3 1113 sx smtp connection context
48c7f9e2 1114 count the number of responses to read
48c7f9e2
PH
1115 pending_DATA 0 if last command sent was not DATA
1116 +1 if previously had a good recipient
1117 -1 if not previously had a good recipient
0756eb3c
PH
1118
1119Returns: 3 if at least one address had 2xx and one had 5xx
1120 2 if at least one address had 5xx but none had 2xx
1121 1 if at least one host had a 2xx response, but none had 5xx
1122 0 no address had 2xx or 5xx but no errors (all 4xx, or just DATA)
1123 -1 timeout while reading RCPT response
1124 -2 I/O or other non-response error for RCPT
1125 -3 DATA or MAIL failed - errno and buffer set
ee8b8090 1126 -4 banner or EHLO failed (early-pipelining)
fc243e94 1127 -5 banner or EHLO failed (early-pipelining, TLS)
0756eb3c
PH
1128*/
1129
1130static int
df5b41e3 1131sync_responses(smtp_context * sx, int count, int pending_DATA)
0756eb3c 1132{
ee8b8090
JH
1133address_item * addr = sx->sync_addr;
1134smtp_transport_options_block * ob = sx->conn_args.ob;
0756eb3c
PH
1135int yield = 0;
1136
81344b40 1137#ifndef DISABLE_PIPE_CONNECT
dca6d121 1138int rc;
fc243e94
JH
1139if ((rc = smtp_reap_early_pipe(sx, &count)) != OK)
1140 return rc == FAIL ? -4 : -5;
ee8b8090
JH
1141#endif
1142
0756eb3c
PH
1143/* Handle the response for a MAIL command. On error, reinstate the original
1144command in big_buffer for error message use, and flush any further pending
1145responses before returning, except after I/O errors and timeouts. */
1146
df5b41e3 1147if (sx->pending_MAIL)
0756eb3c 1148 {
7c576fca 1149 DEBUG(D_transport) debug_printf("%s expect mail\n", __FUNCTION__);
0756eb3c 1150 count--;
251b9eb4 1151 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
e9166683 1152 '2', ob->command_timeout))
0756eb3c 1153 {
e027f545 1154 DEBUG(D_transport) debug_printf("bad response for MAIL\n");
0756eb3c 1155 Ustrcpy(big_buffer, mail_command); /* Fits, because it came from there! */
fc243e94
JH
1156 if (errno == ERRNO_TLSFAILURE)
1157 return -5;
df5b41e3 1158 if (errno == 0 && sx->buffer[0] != 0)
0756eb3c 1159 {
e97957bc 1160 int save_errno = 0;
df5b41e3 1161 if (sx->buffer[0] == '4')
e97957bc
PH
1162 {
1163 save_errno = ERRNO_MAIL4XX;
df5b41e3 1164 addr->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
e97957bc 1165 }
ee8b8090 1166 count = smtp_discard_responses(sx, ob, count);
e97957bc 1167 errno = save_errno;
0756eb3c 1168 }
c562fd30
JH
1169
1170 if (pending_DATA) count--; /* Number of RCPT responses to come */
1171 while (count-- > 0) /* Mark any pending addrs with the host used */
1172 {
1173 while (addr->transport_return != PENDING_DEFER) addr = addr->next;
ee8b8090 1174 addr->host_used = sx->conn_args.host;
c562fd30
JH
1175 addr = addr->next;
1176 }
0756eb3c
PH
1177 return -3;
1178 }
1179 }
1180
1181if (pending_DATA) count--; /* Number of RCPT responses to come */
1182
1183/* Read and handle the required number of RCPT responses, matching each one up
1184with an address by scanning for the next address whose status is PENDING_DEFER.
1185*/
1186
1187while (count-- > 0)
1188 {
4c2471ca
JH
1189 while (addr->transport_return != PENDING_DEFER)
1190 if (!(addr = addr->next))
1191 return -2;
0756eb3c
PH
1192
1193 /* The address was accepted */
ee8b8090 1194 addr->host_used = sx->conn_args.host;
0756eb3c 1195
7c576fca 1196 DEBUG(D_transport) debug_printf("%s expect rcpt\n", __FUNCTION__);
251b9eb4 1197 if (smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
e9166683 1198 '2', ob->command_timeout))
0756eb3c
PH
1199 {
1200 yield |= 1;
1201 addr->transport_return = PENDING_OK;
1202
1203 /* If af_dr_retry_exists is set, there was a routing delay on this address;
09945f1e
PH
1204 ensure that any address-specific retry record is expunged. We do this both
1205 for the basic key and for the version that also includes the sender. */
0756eb3c
PH
1206
1207 if (testflag(addr, af_dr_retry_exists))
09945f1e
PH
1208 {
1209 uschar *altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
1210 sender_address);
1211 retry_add_item(addr, altkey, rf_delete);
0756eb3c 1212 retry_add_item(addr, addr->address_retry_key, rf_delete);
09945f1e 1213 }
0756eb3c
PH
1214 }
1215
fc243e94
JH
1216 /* Error on first TLS read */
1217
1218 else if (errno == ERRNO_TLSFAILURE)
1219 return -5;
1220
0756eb3c
PH
1221 /* Timeout while reading the response */
1222
1223 else if (errno == ETIMEDOUT)
1224 {
c562fd30 1225 uschar *message = string_sprintf("SMTP timeout after RCPT TO:<%s>",
ee8b8090 1226 transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes));
df5b41e3 1227 set_errno_nohost(sx->first_addr, ETIMEDOUT, message, DEFER, FALSE);
0756eb3c 1228 retry_add_item(addr, addr->address_retry_key, 0);
f6c332bd 1229 update_waiting = FALSE;
0756eb3c
PH
1230 return -1;
1231 }
1232
1233 /* Handle other errors in obtaining an SMTP response by returning -1. This
1234 will cause all the addresses to be deferred. Restore the SMTP command in
1235 big_buffer for which we are checking the response, so the error message
1236 makes sense. */
1237
df5b41e3 1238 else if (errno != 0 || sx->buffer[0] == 0)
0756eb3c 1239 {
f3ebb786
JH
1240 gstring gs = { .size = big_buffer_size, .ptr = 0, .s = big_buffer }, * g = &gs;
1241
1242 /* Use taint-unchecked routines for writing into big_buffer, trusting
1243 that we'll never expand it. */
1244
1245 g = string_fmt_append_f(g, SVFMT_TAINT_NOCHK, "RCPT TO:<%s>",
ee8b8090 1246 transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes));
f3ebb786 1247 string_from_gstring(g);
0756eb3c
PH
1248 return -2;
1249 }
1250
1251 /* Handle SMTP permanent and temporary response codes. */
1252
1253 else
1254 {
1255 addr->message =
447d236c 1256 string_sprintf("SMTP error from remote mail server after RCPT TO:<%s>: "
ee8b8090 1257 "%s", transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes),
df5b41e3 1258 string_printing(sx->buffer));
447d236c 1259 setflag(addr, af_pass_message);
e9166683 1260 if (!sx->verify)
ee8b8090 1261 msglog_line(sx->conn_args.host, addr->message);
0756eb3c
PH
1262
1263 /* The response was 5xx */
1264
df5b41e3 1265 if (sx->buffer[0] == '5')
0756eb3c
PH
1266 {
1267 addr->transport_return = FAIL;
1268 yield |= 2;
1269 }
1270
1271 /* The response was 4xx */
1272
1273 else
1274 {
0756eb3c
PH
1275 addr->transport_return = DEFER;
1276 addr->basic_errno = ERRNO_RCPT4XX;
df5b41e3 1277 addr->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
0756eb3c 1278
e9166683
JH
1279 if (!sx->verify)
1280 {
0cbf2b82 1281#ifndef DISABLE_EVENT
e9166683
JH
1282 event_defer_errno = addr->more_errno;
1283 msg_event_raise(US"msg:rcpt:host:defer", addr);
5ef5dd52
JB
1284#endif
1285
e9166683
JH
1286 /* Log temporary errors if there are more hosts to be tried.
1287 If not, log this last one in the == line. */
0756eb3c 1288
ee8b8090 1289 if (sx->conn_args.host->next)
67ea939c
JH
1290 if (LOGGING(outgoing_port))
1291 log_write(0, LOG_MAIN, "H=%s [%s]:%d %s", sx->conn_args.host->name,
1292 sx->conn_args.host->address,
1293 sx->port == PORT_NONE ? 25 : sx->port, addr->message);
1294 else
1295 log_write(0, LOG_MAIN, "H=%s [%s]: %s", sx->conn_args.host->name,
1296 sx->conn_args.host->address, addr->message);
0756eb3c 1297
0cbf2b82 1298#ifndef DISABLE_EVENT
e9166683
JH
1299 else
1300 msg_event_raise(US"msg:rcpt:defer", addr);
5ef5dd52
JB
1301#endif
1302
e9166683
JH
1303 /* Do not put this message on the list of those waiting for specific
1304 hosts, as otherwise it is likely to be tried too often. */
0756eb3c 1305
e9166683 1306 update_waiting = FALSE;
0756eb3c 1307
e9166683
JH
1308 /* Add a retry item for the address so that it doesn't get tried again
1309 too soon. If address_retry_include_sender is true, add the sender address
1310 to the retry key. */
0756eb3c 1311
e9166683
JH
1312 retry_add_item(addr,
1313 ob->address_retry_include_sender
1314 ? string_sprintf("%s:<%s>", addr->address_retry_key, sender_address)
1315 : addr->address_retry_key,
1316 0);
1317 }
0756eb3c
PH
1318 }
1319 }
1320 } /* Loop for next RCPT response */
1321
1322/* Update where to start at for the next block of responses, unless we
1323have already handled all the addresses. */
1324
e9166683 1325if (addr) sx->sync_addr = addr->next;
0756eb3c
PH
1326
1327/* Handle a response to DATA. If we have not had any good recipients, either
1328previously or in this block, the response is ignored. */
1329
7c576fca 1330if (pending_DATA != 0)
0756eb3c 1331 {
7c576fca 1332 DEBUG(D_transport) debug_printf("%s expect data\n", __FUNCTION__);
251b9eb4 1333 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
7c576fca 1334 '3', ob->command_timeout))
e97957bc 1335 {
7c576fca
JH
1336 int code;
1337 uschar *msg;
1338 BOOL pass_message;
fc243e94
JH
1339
1340 if (errno == ERRNO_TLSFAILURE) /* Error on first TLS read */
1341 return -5;
1342
7c576fca 1343 if (pending_DATA > 0 || (yield & 1) != 0)
e97957bc 1344 {
7c576fca
JH
1345 if (errno == 0 && sx->buffer[0] == '4')
1346 {
1347 errno = ERRNO_DATA4XX;
1348 sx->first_addr->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
1349 }
1350 return -3;
e97957bc 1351 }
ee8b8090 1352 (void)check_response(sx->conn_args.host, &errno, 0, sx->buffer, &code, &msg, &pass_message);
7c576fca
JH
1353 DEBUG(D_transport) debug_printf("%s\nerror for DATA ignored: pipelining "
1354 "is in use and there were no good recipients\n", msg);
e97957bc 1355 }
0756eb3c
PH
1356 }
1357
1358/* All responses read and handled; MAIL (if present) received 2xx and DATA (if
1359present) received 3xx. If any RCPTs were handled and yielded anything other
1360than 4xx, yield will be set non-zero. */
1361
1362return yield;
1363}
1364
1365
1366
ee8b8090
JH
1367
1368
1369/* Try an authenticator's client entry */
1370
1371static int
1372try_authenticator(smtp_context * sx, auth_instance * au)
1373{
1374smtp_transport_options_block * ob = sx->conn_args.ob; /* transport options */
1375host_item * host = sx->conn_args.host; /* host to deliver to */
1376int rc;
1377
1378sx->outblock.authenticating = TRUE;
1379rc = (au->info->clientcode)(au, sx, ob->command_timeout,
1380 sx->buffer, sizeof(sx->buffer));
1381sx->outblock.authenticating = FALSE;
1382DEBUG(D_transport) debug_printf("%s authenticator yielded %d\n", au->name, rc);
1383
1384/* A temporary authentication failure must hold up delivery to
1385this host. After a permanent authentication failure, we carry on
1386to try other authentication methods. If all fail hard, try to
1387deliver the message unauthenticated unless require_auth was set. */
1388
1389switch(rc)
1390 {
1391 case OK:
1392 f.smtp_authenticated = TRUE; /* stops the outer loop */
1393 client_authenticator = au->name;
1394 if (au->set_client_id)
1395 client_authenticated_id = expand_string(au->set_client_id);
1396 break;
1397
1398 /* Failure after writing a command */
1399
1400 case FAIL_SEND:
1401 return FAIL_SEND;
1402
1403 /* Failure after reading a response */
1404
1405 case FAIL:
1406 if (errno != 0 || sx->buffer[0] != '5') return FAIL;
1407 log_write(0, LOG_MAIN, "%s authenticator failed H=%s [%s] %s",
1408 au->name, host->name, host->address, sx->buffer);
1409 break;
1410
1411 /* Failure by some other means. In effect, the authenticator
1412 decided it wasn't prepared to handle this case. Typically this
1413 is the result of "fail" in an expansion string. Do we need to
1414 log anything here? Feb 2006: a message is now put in the buffer
1415 if logging is required. */
1416
1417 case CANCELLED:
1418 if (*sx->buffer != 0)
1419 log_write(0, LOG_MAIN, "%s authenticator cancelled "
1420 "authentication H=%s [%s] %s", au->name, host->name,
1421 host->address, sx->buffer);
1422 break;
1423
1424 /* Internal problem, message in buffer. */
1425
1426 case ERROR:
1427 set_errno_nohost(sx->addrlist, ERRNO_AUTHPROB, string_copy(sx->buffer),
1428 DEFER, FALSE);
1429 return ERROR;
1430 }
1431return OK;
1432}
1433
1434
1435
1436
1437/* Do the client side of smtp-level authentication.
1438
fcc8e047 1439Arguments:
ee8b8090
JH
1440 sx smtp connection context
1441
1442sx->buffer should have the EHLO response from server (gets overwritten)
fcc8e047
JH
1443
1444Returns:
1445 OK Success, or failed (but not required): global "smtp_authenticated" set
1446 DEFER Failed authentication (and was required)
1447 ERROR Internal problem
1448
1449 FAIL_SEND Failed communications - transmit
1450 FAIL - response
1451*/
1452
251b9eb4 1453static int
ee8b8090 1454smtp_auth(smtp_context * sx)
fcc8e047 1455{
ee8b8090
JH
1456host_item * host = sx->conn_args.host; /* host to deliver to */
1457smtp_transport_options_block * ob = sx->conn_args.ob; /* transport options */
1458int require_auth = verify_check_given_host(CUSS &ob->hosts_require_auth, host);
81344b40 1459#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
1460unsigned short authbits = tls_out.active.sock >= 0
1461 ? sx->ehlo_resp.crypted_auths : sx->ehlo_resp.cleartext_auths;
1462#endif
1463uschar * fail_reason = US"server did not advertise AUTH support";
fcc8e047 1464
8768d548 1465f.smtp_authenticated = FALSE;
a7538db1 1466client_authenticator = client_authenticated_id = client_authenticated_sender = NULL;
fcc8e047 1467
ee8b8090
JH
1468if (!regex_AUTH)
1469 regex_AUTH = regex_must_compile(AUTHS_REGEX, FALSE, TRUE);
1470
1471/* Is the server offering AUTH? */
fcc8e047 1472
ee8b8090
JH
1473if ( sx->esmtp
1474 &&
81344b40 1475#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
1476 sx->early_pipe_active ? authbits
1477 :
1478#endif
1479 regex_match_and_setup(regex_AUTH, sx->buffer, 0, -1)
1480 )
a7538db1 1481 {
ee8b8090 1482 uschar * names = NULL;
a7538db1 1483 expand_nmax = -1; /* reset */
fcc8e047 1484
81344b40 1485#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
1486 if (!sx->early_pipe_active)
1487#endif
1488 names = string_copyn(expand_nstring[1], expand_nlength[1]);
1489
a7538db1 1490 /* Must not do this check until after we have saved the result of the
ee8b8090 1491 regex match above as the check could be another RE. */
fcc8e047 1492
ee8b8090
JH
1493 if ( require_auth == OK
1494 || verify_check_given_host(CUSS &ob->hosts_try_auth, host) == OK)
a7538db1 1495 {
a7538db1 1496 DEBUG(D_transport) debug_printf("scanning authentication mechanisms\n");
ee8b8090
JH
1497 fail_reason = US"no common mechanisms were found";
1498
81344b40 1499#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
1500 if (sx->early_pipe_active)
1501 {
1502 /* Scan our authenticators (which support use by a client and were offered
1503 by the server (checked at cache-write time)), not suppressed by
1504 client_condition. If one is found, attempt to authenticate by calling its
1505 client function. We are limited to supporting up to 16 authenticator
1506 public-names by the number of bits in a short. */
1507
dca6d121 1508 auth_instance * au;
ee8b8090
JH
1509 uschar bitnum;
1510 int rc;
1511
1512 for (bitnum = 0, au = auths;
1513 !f.smtp_authenticated && au && bitnum < 16;
1514 bitnum++, au = au->next) if (authbits & BIT(bitnum))
1515 {
1516 if ( au->client_condition
1517 && !expand_check_condition(au->client_condition, au->name,
1518 US"client authenticator"))
1519 {
1520 DEBUG(D_transport) debug_printf("skipping %s authenticator: %s\n",
1521 au->name, "client_condition is false");
1522 continue;
1523 }
1524
1525 /* Found data for a listed mechanism. Call its client entry. Set
1526 a flag in the outblock so that data is overwritten after sending so
1527 that reflections don't show it. */
1528
1529 fail_reason = US"authentication attempt(s) failed";
1530
1531 if ((rc = try_authenticator(sx, au)) != OK)
1532 return rc;
1533 }
1534 }
1535 else
1536#endif
fcc8e047 1537
a7538db1
JH
1538 /* Scan the configured authenticators looking for one which is configured
1539 for use as a client, which is not suppressed by client_condition, and
1540 whose name matches an authentication mechanism supported by the server.
1541 If one is found, attempt to authenticate by calling its client function.
1542 */
fcc8e047 1543
d7978c0f 1544 for (auth_instance * au = auths; !f.smtp_authenticated && au; au = au->next)
a7538db1
JH
1545 {
1546 uschar *p = names;
ee8b8090
JH
1547
1548 if ( !au->client
1549 || ( au->client_condition
1550 && !expand_check_condition(au->client_condition, au->name,
1551 US"client authenticator")))
a7538db1
JH
1552 {
1553 DEBUG(D_transport) debug_printf("skipping %s authenticator: %s\n",
1554 au->name,
1555 (au->client)? "client_condition is false" :
1556 "not configured as a client");
1557 continue;
1558 }
fcc8e047 1559
a7538db1 1560 /* Loop to scan supported server mechanisms */
fcc8e047 1561
cab0c277 1562 while (*p)
a7538db1 1563 {
a7538db1 1564 int len = Ustrlen(au->public_name);
ee8b8090
JH
1565 int rc;
1566
a7538db1 1567 while (isspace(*p)) p++;
fcc8e047 1568
a7538db1
JH
1569 if (strncmpic(au->public_name, p, len) != 0 ||
1570 (p[len] != 0 && !isspace(p[len])))
1571 {
1572 while (*p != 0 && !isspace(*p)) p++;
1573 continue;
1574 }
fcc8e047 1575
a7538db1
JH
1576 /* Found data for a listed mechanism. Call its client entry. Set
1577 a flag in the outblock so that data is overwritten after sending so
1578 that reflections don't show it. */
fcc8e047 1579
a7538db1 1580 fail_reason = US"authentication attempt(s) failed";
a7538db1 1581
ee8b8090
JH
1582 if ((rc = try_authenticator(sx, au)) != OK)
1583 return rc;
fcc8e047 1584
a7538db1
JH
1585 break; /* If not authenticated, try next authenticator */
1586 } /* Loop for scanning supported server mechanisms */
1587 } /* Loop for further authenticators */
fcc8e047 1588 }
a7538db1 1589 }
fcc8e047 1590
a7538db1 1591/* If we haven't authenticated, but are required to, give up. */
fcc8e047 1592
8768d548 1593if (require_auth == OK && !f.smtp_authenticated)
a7538db1 1594 {
251b9eb4 1595 set_errno_nohost(sx->addrlist, ERRNO_AUTHFAIL,
a7538db1 1596 string_sprintf("authentication required but %s", fail_reason), DEFER,
895fbaf2 1597 FALSE);
a7538db1
JH
1598 return DEFER;
1599 }
4d8d62b9 1600
a7538db1 1601return OK;
fcc8e047
JH
1602}
1603
1604
1605/* Construct AUTH appendix string for MAIL TO */
1606/*
1607Arguments
1608 buffer to build string
1609 addrlist chain of potential addresses to deliver
1610 ob transport options
1611
8768d548 1612Globals f.smtp_authenticated
fcc8e047
JH
1613 client_authenticated_sender
1614Return True on error, otherwise buffer has (possibly empty) terminated string
1615*/
1616
f3ebb786 1617static BOOL
fcc8e047
JH
1618smtp_mail_auth_str(uschar *buffer, unsigned bufsize, address_item *addrlist,
1619 smtp_transport_options_block *ob)
1620{
f3ebb786 1621uschar * local_authenticated_sender = authenticated_sender;
fcc8e047
JH
1622
1623#ifdef notdef
8768d548 1624 debug_printf("smtp_mail_auth_str: as<%s> os<%s> SA<%s>\n", authenticated_sender, ob->authenticated_sender, f.smtp_authenticated?"Y":"N");
fcc8e047
JH
1625#endif
1626
f3ebb786 1627if (ob->authenticated_sender)
fcc8e047
JH
1628 {
1629 uschar *new = expand_string(ob->authenticated_sender);
f3ebb786 1630 if (!new)
fcc8e047 1631 {
8768d548 1632 if (!f.expand_string_forcedfail)
fcc8e047
JH
1633 {
1634 uschar *message = string_sprintf("failed to expand "
1635 "authenticated_sender: %s", expand_string_message);
895fbaf2 1636 set_errno_nohost(addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
fcc8e047
JH
1637 return TRUE;
1638 }
1639 }
f3ebb786 1640 else if (*new) local_authenticated_sender = new;
fcc8e047
JH
1641 }
1642
1643/* Add the authenticated sender address if present */
1644
f3ebb786
JH
1645if ( (f.smtp_authenticated || ob->authenticated_sender_force)
1646 && local_authenticated_sender)
fcc8e047 1647 {
f3ebb786 1648 string_format_nt(buffer, bufsize, " AUTH=%s",
fcc8e047 1649 auth_xtextencode(local_authenticated_sender,
f3ebb786 1650 Ustrlen(local_authenticated_sender)));
fcc8e047
JH
1651 client_authenticated_sender = string_copy(local_authenticated_sender);
1652 }
1653else
1654 *buffer= 0;
1655
1656return FALSE;
1657}
1658
1659
1660
c0635b6d 1661#ifdef SUPPORT_DANE
2d5fdd53
JH
1662/* Lookup TLSA record for host/port.
1663Return: OK success with dnssec; DANE mode
1664 DEFER Do not use this host now, may retry later
1665 FAIL_FORCED No TLSA record; DANE not usable
1666 FAIL Do not use this connection
1667*/
1668
0e66b3b6 1669int
4b0fe319 1670tlsa_lookup(const host_item * host, dns_answer * dnsa, BOOL dane_required)
0e66b3b6
JH
1671{
1672/* move this out to host.c given the similarity to dns_lookup() ? */
1673uschar buffer[300];
55414b25 1674const uschar * fullname = buffer;
58c30e47
JH
1675int rc;
1676BOOL sec;
0e66b3b6
JH
1677
1678/* TLSA lookup string */
1679(void)sprintf(CS buffer, "_%d._tcp.%.256s", host->port, host->name);
1680
58c30e47
JH
1681rc = dns_lookup(dnsa, buffer, T_TLSA, &fullname);
1682sec = dns_is_secure(dnsa);
1683DEBUG(D_transport)
1684 debug_printf("TLSA lookup ret %d %sDNSSEC\n", rc, sec ? "" : "not ");
1685
1686switch (rc)
0e66b3b6 1687 {
2d5fdd53
JH
1688 case DNS_AGAIN:
1689 return DEFER; /* just defer this TLS'd conn */
1690
899b8bbc 1691 case DNS_SUCCEED:
624f33df
JH
1692 if (sec)
1693 {
1694 DEBUG(D_transport)
1695 {
1696 dns_scan dnss;
d7978c0f 1697 for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
1b76ad22
JH
1698 rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
1699 if (rr->type == T_TLSA && rr->size > 3)
1700 {
1701 uint16_t payload_length = rr->size - 3;
1702 uschar s[MAX_TLSA_EXPANDED_SIZE], * sp = s, * p = US rr->data;
1703
1704 sp += sprintf(CS sp, "%d ", *p++); /* usage */
1705 sp += sprintf(CS sp, "%d ", *p++); /* selector */
1706 sp += sprintf(CS sp, "%d ", *p++); /* matchtype */
1707 while (payload_length-- > 0 && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4))
1708 sp += sprintf(CS sp, "%02x", *p++);
1709
1710 debug_printf(" %s\n", s);
1711 }
624f33df
JH
1712 }
1713 return OK;
1714 }
899b8bbc
JH
1715 log_write(0, LOG_MAIN,
1716 "DANE error: TLSA lookup for %s not DNSSEC", host->name);
1717 /*FALLTRHOUGH*/
1718
ef3a1a30
JH
1719 case DNS_NODATA: /* no TLSA RR for this lookup */
1720 case DNS_NOMATCH: /* no records at all for this lookup */
6b524204 1721 return dane_required ? FAIL : FAIL_FORCED;
2d5fdd53
JH
1722
1723 default:
1724 case DNS_FAIL:
1725 return dane_required ? FAIL : DEFER;
0e66b3b6 1726 }
0e66b3b6
JH
1727}
1728#endif
1729
1730
a39bd74d
JB
1731
1732typedef struct smtp_compare_s
1733{
1734 uschar *current_sender_address;
1735 struct transport_instance *tblock;
1736} smtp_compare_t;
1737
d093f8e5
JH
1738
1739/* Create a unique string that identifies this message, it is based on
1740sender_address, helo_data and tls_certificate if enabled.
1741*/
a39bd74d
JB
1742
1743static uschar *
1744smtp_local_identity(uschar * sender, struct transport_instance * tblock)
1745{
1746address_item * addr1;
1747uschar * if1 = US"";
1748uschar * helo1 = US"";
01603eec 1749#ifndef DISABLE_TLS
a39bd74d
JB
1750uschar * tlsc1 = US"";
1751#endif
1752uschar * save_sender_address = sender_address;
1753uschar * local_identity = NULL;
ee8b8090 1754smtp_transport_options_block * ob = SOB tblock->options_block;
a39bd74d
JB
1755
1756sender_address = sender;
1757
1758addr1 = deliver_make_addr (sender, TRUE);
1759deliver_set_expansions(addr1);
1760
1761if (ob->interface)
1762 if1 = expand_string(ob->interface);
1763
1764if (ob->helo_data)
1765 helo1 = expand_string(ob->helo_data);
1766
01603eec 1767#ifndef DISABLE_TLS
a39bd74d
JB
1768if (ob->tls_certificate)
1769 tlsc1 = expand_string(ob->tls_certificate);
1770local_identity = string_sprintf ("%s^%s^%s", if1, helo1, tlsc1);
1771#else
1772local_identity = string_sprintf ("%s^%s", if1, helo1);
1773#endif
1774
1775deliver_set_expansions(NULL);
1776sender_address = save_sender_address;
1777
1778return local_identity;
1779}
1780
1781
1782
1783/* This routine is a callback that is called from transport_check_waiting.
1784This function will evaluate the incoming message versus the previous
1785message. If the incoming message is using a different local identity then
1786we will veto this new message. */
1787
1788static BOOL
1789smtp_are_same_identities(uschar * message_id, smtp_compare_t * s_compare)
1790{
dadff1d4
HSHR
1791uschar * message_local_identity,
1792 * current_local_identity,
1793 * new_sender_address;
1794
1795current_local_identity =
a39bd74d 1796 smtp_local_identity(s_compare->current_sender_address, s_compare->tblock);
a39bd74d 1797
dadff1d4
HSHR
1798if (!(new_sender_address = deliver_get_sender_address(message_id)))
1799 return 0;
1800
1801message_local_identity =
1802 smtp_local_identity(new_sender_address, s_compare->tblock);
a39bd74d
JB
1803
1804return Ustrcmp(current_local_identity, message_local_identity) == 0;
1805}
1806
1807
1808
8ac90765
JH
1809static unsigned
1810ehlo_response(uschar * buf, unsigned checks)
9094b84b 1811{
e9166683
JH
1812size_t bsize = Ustrlen(buf);
1813
ee8b8090 1814/* debug_printf("%s: check for 0x%04x\n", __FUNCTION__, checks); */
8ac90765 1815
01603eec 1816#ifndef DISABLE_TLS
ee8b8090
JH
1817if ( checks & OPTION_TLS
1818 && pcre_exec(regex_STARTTLS, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
9094b84b 1819#endif
ee8b8090 1820 checks &= ~OPTION_TLS;
9094b84b 1821
14de8063 1822if ( checks & OPTION_IGNQ
ff5aac2b
JH
1823 && pcre_exec(regex_IGNOREQUOTA, NULL, CS buf, bsize, 0,
1824 PCRE_EOPT, NULL, 0) < 0)
14de8063 1825 checks &= ~OPTION_IGNQ;
9094b84b 1826
14de8063 1827if ( checks & OPTION_CHUNKING
f98442df 1828 && pcre_exec(regex_CHUNKING, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
14de8063 1829 checks &= ~OPTION_CHUNKING;
f98442df 1830
9094b84b 1831#ifndef DISABLE_PRDR
14de8063 1832if ( checks & OPTION_PRDR
ff5aac2b 1833 && pcre_exec(regex_PRDR, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
9094b84b 1834#endif
ee8b8090 1835 checks &= ~OPTION_PRDR;
9094b84b
JH
1836
1837#ifdef SUPPORT_I18N
14de8063 1838if ( checks & OPTION_UTF8
ff5aac2b 1839 && pcre_exec(regex_UTF8, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
9094b84b 1840#endif
ee8b8090 1841 checks &= ~OPTION_UTF8;
9094b84b 1842
14de8063 1843if ( checks & OPTION_DSN
ff5aac2b 1844 && pcre_exec(regex_DSN, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
14de8063 1845 checks &= ~OPTION_DSN;
9094b84b 1846
14de8063 1847if ( checks & OPTION_PIPE
ff5aac2b
JH
1848 && pcre_exec(regex_PIPELINING, NULL, CS buf, bsize, 0,
1849 PCRE_EOPT, NULL, 0) < 0)
14de8063 1850 checks &= ~OPTION_PIPE;
9094b84b 1851
14de8063 1852if ( checks & OPTION_SIZE
ff5aac2b 1853 && pcre_exec(regex_SIZE, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
14de8063 1854 checks &= ~OPTION_SIZE;
9094b84b 1855
81344b40 1856#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
1857if ( checks & OPTION_EARLY_PIPE
1858 && pcre_exec(regex_EARLY_PIPE, NULL, CS buf, bsize, 0,
1859 PCRE_EOPT, NULL, 0) < 0)
1860#endif
1861 checks &= ~OPTION_EARLY_PIPE;
1862
1863/* debug_printf("%s: found 0x%04x\n", __FUNCTION__, checks); */
9094b84b
JH
1864return checks;
1865}
1866
1867
6d5c916c
JH
1868
1869/* Callback for emitting a BDAT data chunk header.
6d5c916c 1870
e027f545
JH
1871If given a nonzero size, first flush any buffered SMTP commands
1872then emit the command.
1873
d2aa036b
JH
1874Reap previous SMTP command responses if requested, and always reap
1875the response from a previous BDAT command.
1876
1877Args:
1878 tctx transport context
1879 chunk_size value for SMTP BDAT command
1880 flags
1881 tc_chunk_last add LAST option to SMTP BDAT command
1882 tc_reap_prev reap response to previous SMTP commands
6d5c916c 1883
fc243e94
JH
1884Returns:
1885 OK or ERROR
1886 DEFER TLS error on first read (EHLO-resp); errno set
6d5c916c
JH
1887*/
1888
1889static int
d2aa036b
JH
1890smtp_chunk_cmd_callback(transport_ctx * tctx, unsigned chunk_size,
1891 unsigned flags)
6d5c916c 1892{
ee8b8090 1893smtp_transport_options_block * ob = SOB tctx->tblock->options_block;
e9166683 1894smtp_context * sx = tctx->smtp_context;
e027f545
JH
1895int cmd_count = 0;
1896int prev_cmd_count;
6d5c916c 1897
4e910c01
JH
1898/* Write SMTP chunk header command. If not reaping responses, note that
1899there may be more writes (like, the chunk data) done soon. */
6d5c916c 1900
e027f545 1901if (chunk_size > 0)
87cb4a16 1902 {
81344b40 1903#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
1904 BOOL new_conn = !!(sx->outblock.conn_args);
1905#endif
251b9eb4 1906 if((cmd_count = smtp_write_command(sx,
4e910c01
JH
1907 flags & tc_reap_prev ? SCMD_FLUSH : SCMD_MORE,
1908 "BDAT %u%s\r\n", chunk_size, flags & tc_chunk_last ? " LAST" : "")
e027f545 1909 ) < 0) return ERROR;
87cb4a16
JH
1910 if (flags & tc_chunk_last)
1911 data_command = string_copy(big_buffer); /* Save for later error message */
81344b40 1912#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
1913 /* That command write could have been the one that made the connection.
1914 Copy the fd from the client conn ctx (smtp transport specific) to the
1915 generic transport ctx. */
1916
1917 if (new_conn)
1918 tctx->u.fd = sx->outblock.cctx->sock;
1919#endif
87cb4a16 1920 }
e027f545 1921
e9166683 1922prev_cmd_count = cmd_count += sx->cmd_count;
6d5c916c 1923
e027f545 1924/* Reap responses for any previous, but not one we just emitted */
6d5c916c 1925
e027f545
JH
1926if (chunk_size > 0)
1927 prev_cmd_count--;
e9166683 1928if (sx->pending_BDAT)
e027f545 1929 prev_cmd_count--;
6d5c916c 1930
e027f545 1931if (flags & tc_reap_prev && prev_cmd_count > 0)
6d5c916c 1932 {
58fc5fb2
JH
1933 DEBUG(D_transport) debug_printf("look for %d responses"
1934 " for previous pipelined cmds\n", prev_cmd_count);
6d5c916c 1935
e9166683 1936 switch(sync_responses(sx, prev_cmd_count, 0))
e027f545
JH
1937 {
1938 case 1: /* 2xx (only) => OK */
e9166683
JH
1939 case 3: sx->good_RCPT = TRUE; /* 2xx & 5xx => OK & progress made */
1940 case 2: sx->completed_addr = TRUE; /* 5xx (only) => progress made */
e027f545
JH
1941 case 0: break; /* No 2xx or 5xx, but no probs */
1942
fc243e94
JH
1943 case -5: errno = ERRNO_TLSFAILURE;
1944 return DEFER;
81344b40 1945#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
1946 case -4: /* non-2xx for pipelined banner or EHLO */
1947#endif
fc243e94 1948 case -1: /* Timeout on RCPT */
e027f545
JH
1949 default: return ERROR; /* I/O error, or any MAIL/DATA error */
1950 }
1951 cmd_count = 1;
e9166683 1952 if (!sx->pending_BDAT)
e027f545 1953 pipelining_active = FALSE;
6d5c916c 1954 }
e027f545 1955
58fc5fb2 1956/* Reap response for an outstanding BDAT */
e027f545 1957
e9166683 1958if (sx->pending_BDAT)
e027f545 1959 {
58fc5fb2
JH
1960 DEBUG(D_transport) debug_printf("look for one response for BDAT\n");
1961
251b9eb4 1962 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer), '2',
e027f545
JH
1963 ob->command_timeout))
1964 {
e9166683 1965 if (errno == 0 && sx->buffer[0] == '4')
e027f545
JH
1966 {
1967 errno = ERRNO_DATA4XX; /*XXX does this actually get used? */
36e55f49 1968 sx->addrlist->more_errno |=
e9166683 1969 ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
e027f545
JH
1970 }
1971 return ERROR;
1972 }
1973 cmd_count--;
e9166683 1974 sx->pending_BDAT = FALSE;
e027f545
JH
1975 pipelining_active = FALSE;
1976 }
1977else if (chunk_size > 0)
e9166683 1978 sx->pending_BDAT = TRUE;
e027f545
JH
1979
1980
e9166683 1981sx->cmd_count = cmd_count;
e027f545 1982return OK;
6d5c916c
JH
1983}
1984
1985
1986
ee8b8090
JH
1987
1988
0756eb3c 1989/*************************************************
d093f8e5 1990* Make connection for given message *
0756eb3c
PH
1991*************************************************/
1992
d093f8e5
JH
1993/*
1994Arguments:
1995 ctx connection context
d093f8e5
JH
1996 suppress_tls if TRUE, don't attempt a TLS connection - this is set for
1997 a second attempt after TLS initialization fails
d093f8e5
JH
1998
1999Returns: OK - the connection was made and the delivery attempted;
2000 fd is set in the conn context, tls_out set up.
2001 DEFER - the connection could not be made, or something failed
2002 while setting up the SMTP session, or there was a
2003 non-message-specific error, such as a timeout.
2004 ERROR - helo_data or add_headers or authenticated_sender is
2005 specified for this transport, and the string failed
2006 to expand
2007*/
2008int
e9166683 2009smtp_setup_conn(smtp_context * sx, BOOL suppress_tls)
d093f8e5 2010{
ee8b8090 2011smtp_transport_options_block * ob = sx->conn_args.tblock->options_block;
d093f8e5 2012BOOL pass_message = FALSE;
d093f8e5 2013uschar * message = NULL;
d093f8e5 2014int yield = OK;
01603eec 2015#ifndef DISABLE_TLS
fc243e94
JH
2016uschar * tls_errstr;
2017#endif
d093f8e5 2018
ee8b8090 2019sx->conn_args.ob = ob;
d093f8e5 2020
ee8b8090
JH
2021sx->lmtp = strcmpic(ob->protocol, US"lmtp") == 0;
2022sx->smtps = strcmpic(ob->protocol, US"smtps") == 0;
d093f8e5
JH
2023sx->ok = FALSE;
2024sx->send_rset = TRUE;
2025sx->send_quit = TRUE;
2026sx->setting_up = TRUE;
2027sx->esmtp = TRUE;
2028sx->esmtp_sent = FALSE;
59a286ef 2029#ifdef SUPPORT_I18N
d093f8e5 2030sx->utf8_needed = FALSE;
59a286ef 2031#endif
d093f8e5 2032sx->dsn_all_lasthop = TRUE;
21ee816d 2033#ifdef SUPPORT_DANE
c05bdbd6 2034sx->conn_args.dane = FALSE;
8ac90765 2035sx->dane_required =
ee8b8090
JH
2036 verify_check_given_host(CUSS &ob->hosts_require_dane, sx->conn_args.host) == OK;
2037#endif
81344b40 2038#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2039sx->early_pipe_active = sx->early_pipe_ok = FALSE;
2040sx->ehlo_resp.cleartext_features = sx->ehlo_resp.crypted_features = 0;
2041sx->pending_BANNER = sx->pending_EHLO = FALSE;
d093f8e5
JH
2042#endif
2043
ee8b8090 2044if ((sx->max_rcpt = sx->conn_args.tblock->max_addresses) == 0) sx->max_rcpt = 999999;
d093f8e5 2045sx->peer_offered = 0;
14de8063 2046sx->avoid_option = 0;
d093f8e5 2047sx->igquotstr = US"";
ee8b8090 2048if (!sx->helo_data) sx->helo_data = ob->helo_data;
d093f8e5
JH
2049#ifdef EXPERIMENTAL_DSN_INFO
2050sx->smtp_greeting = NULL;
2051sx->helo_response = NULL;
59a286ef
JH
2052#endif
2053
0756eb3c 2054smtp_command = US"initial connection";
d093f8e5 2055sx->buffer[0] = '\0';
0756eb3c
PH
2056
2057/* Set up the buffer for reading SMTP response packets. */
2058
d093f8e5
JH
2059sx->inblock.buffer = sx->inbuffer;
2060sx->inblock.buffersize = sizeof(sx->inbuffer);
2061sx->inblock.ptr = sx->inbuffer;
2062sx->inblock.ptrend = sx->inbuffer;
0756eb3c
PH
2063
2064/* Set up the buffer for holding SMTP commands while pipelining */
2065
d093f8e5
JH
2066sx->outblock.buffer = sx->outbuffer;
2067sx->outblock.buffersize = sizeof(sx->outbuffer);
2068sx->outblock.ptr = sx->outbuffer;
2069sx->outblock.cmd_count = 0;
2070sx->outblock.authenticating = FALSE;
ee8b8090 2071sx->outblock.conn_args = NULL;
0756eb3c 2072
6c512171
PH
2073/* Reset the parameters of a TLS session. */
2074
817d9f57
JH
2075tls_out.bits = 0;
2076tls_out.cipher = NULL; /* the one we may use for this transport */
9d1c15ef
JH
2077tls_out.ourcert = NULL;
2078tls_out.peercert = NULL;
817d9f57 2079tls_out.peerdn = NULL;
de517fd3 2080#ifdef USE_OPENSSL
817d9f57 2081tls_out.sni = NULL;
5b456975 2082#endif
018058b2 2083tls_out.ocsp = OCSP_NOT_REQ;
b10c87b3
JH
2084#ifdef EXPERIMENTAL_TLS_RESUME
2085tls_out.resumption = 0;
2086#endif
5b195d6b 2087tls_out.ver = NULL;
6c512171 2088
35aba663
JH
2089/* Flip the legacy TLS-related variables over to the outbound set in case
2090they're used in the context of the transport. Don't bother resetting
02b41d71
JH
2091afterward (when being used by a transport) as we're in a subprocess.
2092For verify, unflipped once the callout is dealt with */
35aba663
JH
2093
2094tls_modify_variables(&tls_out);
2095
01603eec 2096#ifdef DISABLE_TLS
d093f8e5 2097if (sx->smtps)
061b7ebd 2098 {
d093f8e5 2099 set_errno_nohost(sx->addrlist, ERRNO_TLSFAILURE, US"TLS support not available",
895fbaf2 2100 DEFER, FALSE);
018058b2 2101 return ERROR;
061b7ebd
PP
2102 }
2103#endif
2104
0756eb3c
PH
2105/* Make a connection to the host if this isn't a continued delivery, and handle
2106the initial interaction and HELO/EHLO/LHLO. Connect timeout errors are handled
2107specially so they can be identified for retries. */
2108
58c30e47 2109if (!continue_hostname)
0756eb3c 2110 {
e9166683 2111 if (sx->verify)
ee8b8090 2112 HDEBUG(D_verify) debug_printf("interface=%s port=%d\n", sx->conn_args.interface, sx->port);
02b41d71 2113
ee8b8090 2114 /* Get the actual port the connection will use, into sx->conn_args.host */
4311097e 2115
ee8b8090 2116 smtp_port_for_connect(sx->conn_args.host, sx->port);
0756eb3c 2117
21ee816d 2118#ifdef SUPPORT_DANE
58c30e47 2119 /* Do TLSA lookup for DANE */
0e66b3b6 2120 {
0e66b3b6
JH
2121 tls_out.dane_verified = FALSE;
2122 tls_out.tlsa_usage = 0;
2123
ee8b8090 2124 if (sx->conn_args.host->dnssec == DS_YES)
0e66b3b6 2125 {
81a559c8 2126 int rc;
d093f8e5 2127 if( sx->dane_required
ee8b8090 2128 || verify_check_given_host(CUSS &ob->hosts_try_dane, sx->conn_args.host) == OK
0e66b3b6 2129 )
c05bdbd6 2130 switch (rc = tlsa_lookup(sx->conn_args.host, &sx->conn_args.tlsa_dnsa, sx->dane_required))
4b0fe319 2131 {
c05bdbd6 2132 case OK: sx->conn_args.dane = TRUE;
ee8b8090 2133 ob->tls_tempfail_tryclear = FALSE;
58c30e47 2134 break;
2d5fdd53 2135 case FAIL_FORCED: break;
d093f8e5 2136 default: set_errno_nohost(sx->addrlist, ERRNO_DNSDEFER,
2d5fdd53 2137 string_sprintf("DANE error: tlsa lookup %s",
aeb65e91 2138 rc_to_string(rc)),
2d5fdd53 2139 rc, FALSE);
8d3dc239 2140# ifndef DISABLE_EVENT
ee8b8090 2141 (void) event_raise(sx->conn_args.tblock->event_action,
c4b57fdd
JH
2142 US"dane:fail", sx->dane_required
2143 ? US"dane-required" : US"dnssec-invalid");
8d3dc239 2144# endif
2d5fdd53 2145 return rc;
4b0fe319 2146 }
0e66b3b6 2147 }
d093f8e5 2148 else if (sx->dane_required)
0e66b3b6 2149 {
d093f8e5 2150 set_errno_nohost(sx->addrlist, ERRNO_DNSDEFER,
ee8b8090 2151 string_sprintf("DANE error: %s lookup not DNSSEC", sx->conn_args.host->name),
895fbaf2 2152 FAIL, FALSE);
8d3dc239 2153# ifndef DISABLE_EVENT
ee8b8090 2154 (void) event_raise(sx->conn_args.tblock->event_action,
c4b57fdd 2155 US"dane:fail", US"dane-required");
8d3dc239 2156# endif
4b0fe319 2157 return FAIL;
0e66b3b6 2158 }
0e66b3b6
JH
2159 }
2160#endif /*DANE*/
2161
58c30e47
JH
2162 /* Make the TCP connection */
2163
74f1a423
JH
2164 sx->cctx.tls_ctx = NULL;
2165 sx->inblock.cctx = sx->outblock.cctx = &sx->cctx;
ee8b8090 2166 sx->avoid_option = sx->peer_offered = smtp_peer_options = 0;
58c30e47 2167
81344b40 2168#ifndef DISABLE_PIPE_CONNECT
fd6e2d18
JH
2169 if ( verify_check_given_host(CUSS &ob->hosts_pipe_connect,
2170 sx->conn_args.host) == OK)
2171
2172 /* We don't find out the local ip address until the connect, so if
2173 the helo string might use it avoid doing early-pipelining. */
2174
2175 if ( !sx->helo_data
2176 || !Ustrstr(sx->helo_data, "$sending_ip_address")
2177 || Ustrstr(sx->helo_data, "def:sending_ip_address")
2178 )
58c30e47 2179 {
fd6e2d18
JH
2180 sx->early_pipe_ok = TRUE;
2181 if ( read_ehlo_cache_entry(sx)
2182 && sx->ehlo_resp.cleartext_features & OPTION_EARLY_PIPE)
2183 {
2184 DEBUG(D_transport)
2185 debug_printf("Using cached cleartext PIPE_CONNECT\n");
2186 sx->early_pipe_active = TRUE;
2187 sx->peer_offered = sx->ehlo_resp.cleartext_features;
2188 }
58c30e47 2189 }
fd6e2d18
JH
2190 else DEBUG(D_transport)
2191 debug_printf("helo needs $sending_ip_address\n");
58c30e47 2192
ee8b8090
JH
2193 if (sx->early_pipe_active)
2194 sx->outblock.conn_args = &sx->conn_args;
2195 else
2196#endif
2197 {
2198 if ((sx->cctx.sock = smtp_connect(&sx->conn_args, NULL)) < 0)
2199 {
ee8b8090
JH
2200 set_errno_nohost(sx->addrlist,
2201 errno == ETIMEDOUT ? ERRNO_CONNECTTIMEOUT : errno,
b471ea6f 2202 sx->verify ? US strerror(errno) : NULL,
ee8b8090
JH
2203 DEFER, FALSE);
2204 sx->send_quit = FALSE;
2205 return DEFER;
2206 }
2207 }
41c7c167
PH
2208 /* Expand the greeting message while waiting for the initial response. (Makes
2209 sense if helo_data contains ${lookup dnsdb ...} stuff). The expansion is
2210 delayed till here so that $sending_interface and $sending_port are set. */
ee8b8090
JH
2211/*XXX early-pipe: they still will not be. Is there any way to find out what they
2212will be? Somehow I doubt it. */
41c7c167 2213
02b41d71
JH
2214 if (sx->helo_data)
2215 if (!(sx->helo_data = expand_string(sx->helo_data)))
e9166683 2216 if (sx->verify)
02b41d71
JH
2217 log_write(0, LOG_MAIN|LOG_PANIC,
2218 "<%s>: failed to expand transport's helo_data value for callout: %s",
2219 sx->addrlist->address, expand_string_message);
2220
8c5d388a 2221#ifdef SUPPORT_I18N
d093f8e5 2222 if (sx->helo_data)
810d16ad 2223 {
02b41d71
JH
2224 expand_string_message = NULL;
2225 if ((sx->helo_data = string_domain_utf8_to_alabel(sx->helo_data,
2226 &expand_string_message)),
2227 expand_string_message)
e9166683 2228 if (sx->verify)
02b41d71
JH
2229 log_write(0, LOG_MAIN|LOG_PANIC,
2230 "<%s>: failed to expand transport's helo_data value for callout: %s",
2231 sx->addrlist->address, expand_string_message);
2232 else
2233 sx->helo_data = NULL;
810d16ad
JH
2234 }
2235#endif
41c7c167 2236
0756eb3c
PH
2237 /* The first thing is to wait for an initial OK response. The dreaded "goto"
2238 is nevertheless a reasonably clean way of programming this kind of logic,
2239 where you want to escape on any error. */
2240
d093f8e5 2241 if (!sx->smtps)
061b7ebd 2242 {
81344b40 2243#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2244 if (sx->early_pipe_active)
2245 {
2246 sx->pending_BANNER = TRUE; /* sync_responses() must eventually handle */
2247 sx->outblock.cmd_count = 1;
2248 }
2249 else
8d330698 2250#endif
ee8b8090
JH
2251 {
2252#ifdef TCP_QUICKACK
2253 (void) setsockopt(sx->cctx.sock, IPPROTO_TCP, TCP_QUICKACK, US &off,
2254 sizeof(off));
895fbaf2 2255#endif
ee8b8090
JH
2256 if (!smtp_reap_banner(sx))
2257 goto RESPONSE_FAILED;
2258 }
0756eb3c 2259
0cbf2b82 2260#ifndef DISABLE_EVENT
b30275b8 2261 {
805c9d53 2262 uschar * s;
ee8b8090
JH
2263 lookup_dnssec_authenticated = sx->conn_args.host->dnssec==DS_YES ? US"yes"
2264 : sx->conn_args.host->dnssec==DS_NO ? US"no" : NULL;
2265 s = event_raise(sx->conn_args.tblock->event_action, US"smtp:connect", sx->buffer);
b30275b8 2266 if (s)
a7538db1 2267 {
d093f8e5 2268 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL,
b30275b8 2269 string_sprintf("deferred by smtp:connect event expansion: %s", s),
895fbaf2 2270 DEFER, FALSE);
a7538db1
JH
2271 yield = DEFER;
2272 goto SEND_QUIT;
2273 }
b30275b8 2274 }
a7538db1
JH
2275#endif
2276
061b7ebd
PP
2277 /* Now check if the helo_data expansion went well, and sign off cleanly if
2278 it didn't. */
41c7c167 2279
d093f8e5 2280 if (!sx->helo_data)
061b7ebd 2281 {
d093f8e5 2282 message = string_sprintf("failed to expand helo_data: %s",
061b7ebd 2283 expand_string_message);
d093f8e5 2284 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
061b7ebd
PP
2285 yield = DEFER;
2286 goto SEND_QUIT;
2287 }
41c7c167
PH
2288 }
2289
0756eb3c 2290/** Debugging without sending a message
d093f8e5 2291sx->addrlist->transport_return = DEFER;
0756eb3c
PH
2292goto SEND_QUIT;
2293**/
2294
2295 /* Errors that occur after this point follow an SMTP command, which is
2296 left in big_buffer by smtp_write_command() for use in error messages. */
2297
2298 smtp_command = big_buffer;
2299
2300 /* Tell the remote who we are...
2301
2302 February 1998: A convention has evolved that ESMTP-speaking MTAs include the
2303 string "ESMTP" in their greeting lines, so make Exim send EHLO if the
2304 greeting is of this form. The assumption was that the far end supports it
2305 properly... but experience shows that there are some that give 5xx responses,
2306 even though the banner includes "ESMTP" (there's a bloody-minded one that
2307 says "ESMTP not spoken here"). Cope with that case.
2308
2309 September 2000: Time has passed, and it seems reasonable now to always send
2310 EHLO at the start. It is also convenient to make the change while installing
2311 the TLS stuff.
2312
2313 July 2003: Joachim Wieland met a broken server that advertises "PIPELINING"
2314 but times out after sending MAIL FROM, RCPT TO and DATA all together. There
2315 would be no way to send out the mails, so there is now a host list
2316 "hosts_avoid_esmtp" that disables ESMTP for special hosts and solves the
2317 PIPELINING problem as well. Maybe it can also be useful to cure other
2318 problems with broken servers.
2319
2320 Exim originally sent "Helo" at this point and ran for nearly a year that way.
2321 Then somebody tried it with a Microsoft mailer... It seems that all other
2322 mailers use upper case for some reason (the RFC is quite clear about case
2323 independence) so, for peace of mind, I gave in. */
2324
ee8b8090 2325 sx->esmtp = verify_check_given_host(CUSS &ob->hosts_avoid_esmtp, sx->conn_args.host) != OK;
0756eb3c 2326
061b7ebd
PP
2327 /* Alas; be careful, since this goto is not an error-out, so conceivably
2328 we might set data between here and the target which we assume to exist
2329 and be usable. I can see this coming back to bite us. */
01603eec 2330#ifndef DISABLE_TLS
d093f8e5 2331 if (sx->smtps)
061b7ebd 2332 {
14de8063 2333 smtp_peer_options |= OPTION_TLS;
061b7ebd 2334 suppress_tls = FALSE;
ee8b8090 2335 ob->tls_tempfail_tryclear = FALSE;
061b7ebd
PP
2336 smtp_command = US"SSL-on-connect";
2337 goto TLS_NEGOTIATE;
2338 }
a7538db1 2339#endif
061b7ebd 2340
d093f8e5 2341 if (sx->esmtp)
0756eb3c 2342 {
ee8b8090 2343 if (smtp_write_command(sx,
81344b40 2344#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2345 sx->early_pipe_active ? SCMD_BUFFER :
2346#endif
2347 SCMD_FLUSH,
2348 "%s %s\r\n", sx->lmtp ? "LHLO" : "EHLO", sx->helo_data) < 0)
0756eb3c 2349 goto SEND_FAILED;
d093f8e5 2350 sx->esmtp_sent = TRUE;
ee8b8090 2351
81344b40 2352#ifndef DISABLE_PIPE_CONNECT
ee8b8090 2353 if (sx->early_pipe_active)
0756eb3c 2354 {
ee8b8090
JH
2355 sx->pending_EHLO = TRUE;
2356
2357 /* If we have too many authenticators to handle and might need to AUTH
2358 for this transport, pipeline no further as we will need the
2359 list of auth methods offered. Reap the banner and EHLO. */
2360
2361 if ( (ob->hosts_require_auth || ob->hosts_try_auth)
2362 && f.smtp_in_early_pipe_no_auth)
895fbaf2 2363 {
ee8b8090
JH
2364 DEBUG(D_transport) debug_printf("may need to auth, so pipeline no further\n");
2365 if (smtp_write_command(sx, SCMD_FLUSH, NULL) < 0)
2366 goto SEND_FAILED;
2367 if (sync_responses(sx, 2, 0) != 0)
2368 {
2369 HDEBUG(D_transport)
2370 debug_printf("failed reaping pipelined cmd responses\n");
2371 goto RESPONSE_FAILED;
2372 }
2373 sx->early_pipe_active = FALSE;
895fbaf2 2374 }
0756eb3c 2375 }
ee8b8090 2376 else
895fbaf2 2377#endif
ee8b8090
JH
2378 if (!smtp_reap_ehlo(sx))
2379 goto RESPONSE_FAILED;
0756eb3c
PH
2380 }
2381 else
0756eb3c
PH
2382 DEBUG(D_transport)
2383 debug_printf("not sending EHLO (host matches hosts_avoid_esmtp)\n");
0756eb3c 2384
81344b40 2385#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2386 if (!sx->early_pipe_active)
2387#endif
2388 if (!sx->esmtp)
2389 {
2390 BOOL good_response;
2391 int n = sizeof(sx->buffer);
2392 uschar * rsp = sx->buffer;
a57ce043 2393
ee8b8090
JH
2394 if (sx->esmtp_sent && (n = Ustrlen(sx->buffer)) < sizeof(sx->buffer)/2)
2395 { rsp = sx->buffer + n + 1; n = sizeof(sx->buffer) - n; }
895fbaf2 2396
ee8b8090
JH
2397 if (smtp_write_command(sx, SCMD_FLUSH, "HELO %s\r\n", sx->helo_data) < 0)
2398 goto SEND_FAILED;
2399 good_response = smtp_read_response(sx, rsp, n, '2', ob->command_timeout);
895fbaf2 2400#ifdef EXPERIMENTAL_DSN_INFO
ee8b8090 2401 sx->helo_response = string_copy(rsp);
895fbaf2 2402#endif
ee8b8090 2403 if (!good_response)
a57ce043 2404 {
ee8b8090
JH
2405 /* Handle special logging for a closed connection after HELO
2406 when had previously sent EHLO */
2407
2408 if (rsp != sx->buffer && rsp[0] == 0 && (errno == 0 || errno == ECONNRESET))
2409 {
2410 errno = ERRNO_SMTPCLOSED;
2411 goto EHLOHELO_FAILED;
2412 }
2413 memmove(sx->buffer, rsp, Ustrlen(rsp));
2414 goto RESPONSE_FAILED;
a57ce043 2415 }
a57ce043 2416 }
2d14f397 2417
d093f8e5 2418 if (sx->esmtp || sx->lmtp)
2d14f397 2419 {
81344b40 2420#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2421 if (!sx->early_pipe_active)
2422#endif
2423 {
2424 sx->peer_offered = ehlo_response(sx->buffer,
2425 OPTION_TLS /* others checked later */
81344b40 2426#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2427 | (sx->early_pipe_ok
2428 ? OPTION_IGNQ
2429 | OPTION_CHUNKING | OPTION_PRDR | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
2430#ifdef SUPPORT_I18N
2431 | OPTION_UTF8
2432#endif
2433 | OPTION_EARLY_PIPE
2434 : 0
2435 )
2436#endif
2437 );
81344b40 2438#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2439 if (sx->early_pipe_ok)
2440 {
2441 sx->ehlo_resp.cleartext_features = sx->peer_offered;
2442
2443 if ( (sx->peer_offered & (OPTION_PIPE | OPTION_EARLY_PIPE))
2444 == (OPTION_PIPE | OPTION_EARLY_PIPE))
2445 {
2446 DEBUG(D_transport) debug_printf("PIPE_CONNECT usable in future for this IP\n");
2447 sx->ehlo_resp.cleartext_auths = study_ehlo_auths(sx);
2448 write_ehlo_cache_entry(sx);
2449 }
2450 }
2451#endif
2452 }
f1513293 2453
0756eb3c
PH
2454 /* Set tls_offered if the response to EHLO specifies support for STARTTLS. */
2455
01603eec 2456#ifndef DISABLE_TLS
14de8063 2457 smtp_peer_options |= sx->peer_offered & OPTION_TLS;
7ade712c 2458#endif
2d14f397 2459 }
0756eb3c
PH
2460 }
2461
57cc2785
JH
2462/* For continuing deliveries down the same channel, having re-exec'd the socket
2463is the standard input; for a socket held open from verify it is recorded
2464in the cutthrough context block. Either way we don't need to redo EHLO here
2465(but may need to do so for TLS - see below).
2466Set up the pointer to where subsequent commands will be left, for
2d14f397 2467error messages. Note that smtp_peer_options will have been
0756eb3c
PH
2468set from the command line if they were set in the process that passed the
2469connection on. */
2470
895fbaf2 2471/*XXX continue case needs to propagate DSN_INFO, prob. in deliver.c
4c04137d 2472as the continue goes via transport_pass_socket() and doublefork and exec.
895fbaf2
JH
2473It does not wait. Unclear how we keep separate host's responses
2474separate - we could match up by host ip+port as a bodge. */
2475
0756eb3c
PH
2476else
2477 {
74f1a423 2478 if (cutthrough.cctx.sock >= 0 && cutthrough.callout_hold_only)
57cc2785 2479 {
74f1a423 2480 sx->cctx = cutthrough.cctx;
ee8b8090 2481 sx->conn_args.host->port = sx->port = cutthrough.host.port;
57cc2785
JH
2482 }
2483 else
2484 {
74f1a423
JH
2485 sx->cctx.sock = 0; /* stdin */
2486 sx->cctx.tls_ctx = NULL;
ee8b8090 2487 smtp_port_for_connect(sx->conn_args.host, sx->port); /* Record the port that was used */
57cc2785 2488 }
74f1a423 2489 sx->inblock.cctx = sx->outblock.cctx = &sx->cctx;
0756eb3c 2490 smtp_command = big_buffer;
02b41d71 2491 sx->helo_data = NULL; /* ensure we re-expand ob->helo_data */
875512a3 2492
57cc2785
JH
2493 /* For a continued connection with TLS being proxied for us, or a
2494 held-open verify connection with TLS, nothing more to do. */
875512a3 2495
57cc2785 2496 if ( continue_proxy_cipher
74f1a423
JH
2497 || (cutthrough.cctx.sock >= 0 && cutthrough.callout_hold_only
2498 && cutthrough.is_tls)
57cc2785 2499 )
875512a3
JH
2500 {
2501 sx->peer_offered = smtp_peer_options;
7c576fca 2502 sx->pipelining_used = pipelining_active = !!(smtp_peer_options & OPTION_PIPE);
57cc2785
JH
2503 HDEBUG(D_transport) debug_printf("continued connection, %s TLS\n",
2504 continue_proxy_cipher ? "proxied" : "verify conn with");
875512a3
JH
2505 return OK;
2506 }
2507 HDEBUG(D_transport) debug_printf("continued connection, no TLS\n");
0756eb3c
PH
2508 }
2509
2510/* If TLS is available on this connection, whether continued or not, attempt to
2511start up a TLS session, unless the host is in hosts_avoid_tls. If successful,
2512send another EHLO - the server may give a different answer in secure mode. We
2513use a separate buffer for reading the response to STARTTLS so that if it is
2514negative, the original EHLO data is available for subsequent analysis, should
2515the client not be required to use TLS. If the response is bad, copy the buffer
2516for error analysis. */
2517
01603eec 2518#ifndef DISABLE_TLS
14de8063 2519if ( smtp_peer_options & OPTION_TLS
5130845b 2520 && !suppress_tls
ee8b8090 2521 && verify_check_given_host(CUSS &ob->hosts_avoid_tls, sx->conn_args.host) != OK
e9166683 2522 && ( !sx->verify
ee8b8090 2523 || verify_check_given_host(CUSS &ob->hosts_verify_avoid_tls, sx->conn_args.host) != OK
02b41d71 2524 ) )
0756eb3c
PH
2525 {
2526 uschar buffer2[4096];
ee8b8090 2527
251b9eb4 2528 if (smtp_write_command(sx, SCMD_FLUSH, "STARTTLS\r\n") < 0)
0756eb3c
PH
2529 goto SEND_FAILED;
2530
81344b40 2531#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2532 /* If doing early-pipelining reap the banner and EHLO-response but leave
2533 the response for the STARTTLS we just sent alone. */
2534
2535 if (sx->early_pipe_active && sync_responses(sx, 2, 0) != 0)
2536 {
2537 HDEBUG(D_transport)
2538 debug_printf("failed reaping pipelined cmd responses\n");
2539 goto RESPONSE_FAILED;
2540 }
2541#endif
2542
0756eb3c
PH
2543 /* If there is an I/O error, transmission of this message is deferred. If
2544 there is a temporary rejection of STARRTLS and tls_tempfail_tryclear is
2545 false, we also defer. However, if there is a temporary rejection of STARTTLS
2546 and tls_tempfail_tryclear is true, or if there is an outright rejection of
2547 STARTTLS, we carry on. This means we will try to send the message in clear,
2548 unless the host is in hosts_require_tls (tested below). */
2549
ee8b8090 2550 if (!smtp_read_response(sx, buffer2, sizeof(buffer2), '2', ob->command_timeout))
0756eb3c 2551 {
4b0fe319
JH
2552 if ( errno != 0
2553 || buffer2[0] == 0
ee8b8090 2554 || (buffer2[0] == '4' && !ob->tls_tempfail_tryclear)
4b0fe319 2555 )
0dda4340 2556 {
d093f8e5 2557 Ustrncpy(sx->buffer, buffer2, sizeof(sx->buffer));
9e7e0f6a 2558 sx->buffer[sizeof(sx->buffer)-1] = '\0';
0756eb3c 2559 goto RESPONSE_FAILED;
0dda4340 2560 }
0756eb3c
PH
2561 }
2562
2563 /* STARTTLS accepted: try to negotiate a TLS session. */
2564
2565 else
061b7ebd 2566 TLS_NEGOTIATE:
0756eb3c 2567 {
c05bdbd6 2568 if (!tls_client_start(&sx->cctx, &sx->conn_args, sx->addrlist, &tls_out, &tls_errstr))
0756eb3c 2569 {
74f1a423
JH
2570 /* TLS negotiation failed; give an error. From outside, this function may
2571 be called again to try in clear on a new connection, if the options permit
2572 it for this host. */
dca6d121
JH
2573#ifdef USE_GNUTLS
2574 GNUTLS_CONN_FAILED:
2575#endif
fc243e94 2576 DEBUG(D_tls) debug_printf("TLS session fail: %s\n", tls_errstr);
74f1a423 2577
c0635b6d 2578# ifdef SUPPORT_DANE
c05bdbd6 2579 if (sx->conn_args.dane)
c4b57fdd
JH
2580 {
2581 log_write(0, LOG_MAIN,
cf0c6164 2582 "DANE attempt failed; TLS connection to %s [%s]: %s",
fc243e94 2583 sx->conn_args.host->name, sx->conn_args.host->address, tls_errstr);
8d3dc239 2584# ifndef DISABLE_EVENT
ee8b8090 2585 (void) event_raise(sx->conn_args.tblock->event_action,
c4b57fdd 2586 US"dane:fail", US"validation-failure"); /* could do with better detail */
8d3dc239 2587# endif
c4b57fdd 2588 }
6ebd79ec
JH
2589# endif
2590
de6273b4 2591 errno = ERRNO_TLSFAILURE;
fc243e94 2592 message = string_sprintf("TLS session: %s", tls_errstr);
d093f8e5 2593 sx->send_quit = FALSE;
0756eb3c
PH
2594 goto TLS_FAILED;
2595 }
2596
2597 /* TLS session is set up */
2598
2d14f397 2599 smtp_peer_options_wrap = smtp_peer_options;
d7978c0f 2600 for (address_item * addr = sx->addrlist; addr; addr = addr->next)
5ca2a9a1
PH
2601 if (addr->transport_return == PENDING_DEFER)
2602 {
817d9f57 2603 addr->cipher = tls_out.cipher;
9d1c15ef
JH
2604 addr->ourcert = tls_out.ourcert;
2605 addr->peercert = tls_out.peercert;
817d9f57 2606 addr->peerdn = tls_out.peerdn;
018058b2 2607 addr->ocsp = tls_out.ocsp;
5b195d6b 2608 addr->tlsver = tls_out.ver;
5ca2a9a1 2609 }
0756eb3c
PH
2610 }
2611 }
2612
061b7ebd
PP
2613/* if smtps, we'll have smtp_command set to something else; always safe to
2614reset it here. */
2615smtp_command = big_buffer;
2616
41c7c167
PH
2617/* If we started TLS, redo the EHLO/LHLO exchange over the secure channel. If
2618helo_data is null, we are dealing with a connection that was passed from
2619another process, and so we won't have expanded helo_data above. We have to
2620expand it here. $sending_ip_address and $sending_port are set up right at the
2621start of the Exim process (in exim.c). */
0756eb3c 2622
74f1a423 2623if (tls_out.active.sock >= 0)
0756eb3c 2624 {
ee8b8090 2625 uschar * greeting_cmd;
895fbaf2 2626
ee8b8090 2627 if (!sx->helo_data && !(sx->helo_data = expand_string(ob->helo_data)))
41c7c167 2628 {
d093f8e5
JH
2629 uschar *message = string_sprintf("failed to expand helo_data: %s",
2630 expand_string_message);
2631 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
2632 yield = DEFER;
2633 goto SEND_QUIT;
41c7c167
PH
2634 }
2635
81344b40 2636#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2637 /* For SMTPS there is no cleartext early-pipe; use the crypted permission bit.
2638 We're unlikely to get the group sent and delivered before the server sends its
2639 banner, but it's still worth sending as a group.
2640 For STARTTLS allow for cleartext early-pipe but no crypted early-pipe, but not
2641 the reverse. */
2642
2643 if (sx->smtps ? sx->early_pipe_ok : sx->early_pipe_active)
2644 {
2645 sx->peer_offered = sx->ehlo_resp.crypted_features;
2646 if ((sx->early_pipe_active =
2647 !!(sx->ehlo_resp.crypted_features & OPTION_EARLY_PIPE)))
2648 DEBUG(D_transport) debug_printf("Using cached crypted PIPE_CONNECT\n");
2649 }
2650#endif
2651
0d0e4455 2652 /* For SMTPS we need to wait for the initial OK response. */
d093f8e5 2653 if (sx->smtps)
81344b40 2654#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2655 if (sx->early_pipe_active)
2656 {
2657 sx->pending_BANNER = TRUE;
2658 sx->outblock.cmd_count = 1;
2659 }
2660 else
895fbaf2 2661#endif
ee8b8090
JH
2662 if (!smtp_reap_banner(sx))
2663 goto RESPONSE_FAILED;
0d0e4455 2664
ee8b8090
JH
2665 if (sx->lmtp)
2666 greeting_cmd = US"LHLO";
2667 else if (sx->esmtp)
2668 greeting_cmd = US"EHLO";
0d0e4455
PP
2669 else
2670 {
ee8b8090 2671 greeting_cmd = US"HELO";
0d0e4455
PP
2672 DEBUG(D_transport)
2673 debug_printf("not sending EHLO (host matches hosts_avoid_esmtp)\n");
061b7ebd
PP
2674 }
2675
ee8b8090 2676 if (smtp_write_command(sx,
81344b40 2677#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2678 sx->early_pipe_active ? SCMD_BUFFER :
2679#endif
2680 SCMD_FLUSH,
2681 "%s %s\r\n", greeting_cmd, sx->helo_data) < 0)
0756eb3c 2682 goto SEND_FAILED;
ee8b8090 2683
81344b40 2684#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2685 if (sx->early_pipe_active)
2686 sx->pending_EHLO = TRUE;
2687 else
895fbaf2 2688#endif
ee8b8090
JH
2689 {
2690 if (!smtp_reap_ehlo(sx))
fc243e94
JH
2691#ifdef USE_GNUTLS
2692 {
2693 /* The GnuTLS layer in Exim only spots a server-rejection of a client
2694 cert late, under TLS1.3 - which means here; the first time we try to
2695 receive crypted data. Treat it as if it was a connect-time failure.
2696 See also the early-pipe equivalent... which will be hard; every call
2697 to sync_responses will need to check the result.
2698 It would be nicer to have GnuTLS check the cert during the handshake.
2699 Can it do that, with all the flexibility we need? */
2700
2701 tls_errstr = US"error on first read";
2702 goto GNUTLS_CONN_FAILED;
2703 }
2704#else
ee8b8090 2705 goto RESPONSE_FAILED;
fc243e94 2706#endif
ee8b8090
JH
2707 smtp_peer_options = 0;
2708 }
0756eb3c
PH
2709 }
2710
2711/* If the host is required to use a secure channel, ensure that we
2712have one. */
2713
d093f8e5 2714else if ( sx->smtps
c0635b6d 2715# ifdef SUPPORT_DANE
c05bdbd6 2716 || sx->conn_args.dane
0e66b3b6 2717# endif
ee8b8090 2718 || verify_check_given_host(CUSS &ob->hosts_require_tls, sx->conn_args.host) == OK
7a31d643 2719 )
0756eb3c 2720 {
9883af72 2721 errno = ERRNO_TLSREQUIRED;
c562fd30 2722 message = string_sprintf("a TLS session is required, but %s",
14de8063 2723 smtp_peer_options & OPTION_TLS
2d14f397 2724 ? "an attempt to start TLS failed" : "the server did not offer TLS support");
8d3dc239 2725# if defined(SUPPORT_DANE) && !defined(DISABLE_EVENT)
c05bdbd6 2726 if (sx->conn_args.dane)
ee8b8090 2727 (void) event_raise(sx->conn_args.tblock->event_action, US"dane:fail",
c4b57fdd
JH
2728 smtp_peer_options & OPTION_TLS
2729 ? US"validation-failure" /* could do with better detail */
2730 : US"starttls-not-supported");
2731# endif
0756eb3c
PH
2732 goto TLS_FAILED;
2733 }
01603eec 2734#endif /*DISABLE_TLS*/
0756eb3c
PH
2735
2736/* If TLS is active, we have just started it up and re-done the EHLO command,
2737so its response needs to be analyzed. If TLS is not active and this is a
2738continued session down a previously-used socket, we haven't just done EHLO, so
2739we skip this. */
2740
2741if (continue_hostname == NULL
01603eec 2742#ifndef DISABLE_TLS
74f1a423 2743 || tls_out.active.sock >= 0
a7538db1 2744#endif
0756eb3c
PH
2745 )
2746 {
d093f8e5 2747 if (sx->esmtp || sx->lmtp)
2d14f397 2748 {
81344b40 2749#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2750 if (!sx->early_pipe_active)
2751#endif
2752 {
e9166683 2753 sx->peer_offered = ehlo_response(sx->buffer,
d093f8e5 2754 0 /* no TLS */
81344b40 2755#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2756 | (sx->lmtp && ob->lmtp_ignore_quota ? OPTION_IGNQ : 0)
2757 | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
9883af72 2758 | OPTION_CHUNKING | OPTION_PRDR | OPTION_UTF8
ee8b8090
JH
2759 | (tls_out.active.sock >= 0 ? OPTION_EARLY_PIPE : 0) /* not for lmtp */
2760
2761#else
2762
2763 | (sx->lmtp && ob->lmtp_ignore_quota ? OPTION_IGNQ : 0)
14de8063
JH
2764 | OPTION_CHUNKING
2765 | OPTION_PRDR
ee8b8090 2766# ifdef SUPPORT_I18N
14de8063 2767 | (sx->addrlist->prop.utf8_msg ? OPTION_UTF8 : 0)
d093f8e5
JH
2768 /*XXX if we hand peercaps on to continued-conn processes,
2769 must not depend on this addr */
ee8b8090 2770# endif
14de8063
JH
2771 | OPTION_DSN
2772 | OPTION_PIPE
ee8b8090 2773 | (ob->size_addition >= 0 ? OPTION_SIZE : 0)
8ac90765 2774#endif
9094b84b 2775 );
81344b40 2776#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2777 if (tls_out.active.sock >= 0)
2778 sx->ehlo_resp.crypted_features = sx->peer_offered;
2779#endif
2780 }
9094b84b 2781
2d14f397
JH
2782 /* Set for IGNOREQUOTA if the response to LHLO specifies support and the
2783 lmtp_ignore_quota option was set. */
f1513293 2784
14de8063 2785 sx->igquotstr = sx->peer_offered & OPTION_IGNQ ? US" IGNOREQUOTA" : US"";
f1513293 2786
2d14f397
JH
2787 /* If the response to EHLO specified support for the SIZE parameter, note
2788 this, provided size_addition is non-negative. */
f1513293 2789
14de8063 2790 smtp_peer_options |= sx->peer_offered & OPTION_SIZE;
0756eb3c 2791
2d14f397
JH
2792 /* Note whether the server supports PIPELINING. If hosts_avoid_esmtp matched
2793 the current host, esmtp will be false, so PIPELINING can never be used. If
2794 the current host matches hosts_avoid_pipelining, don't do it. */
0756eb3c 2795
14de8063 2796 if ( sx->peer_offered & OPTION_PIPE
ee8b8090 2797 && verify_check_given_host(CUSS &ob->hosts_avoid_pipelining, sx->conn_args.host) != OK)
14de8063 2798 smtp_peer_options |= OPTION_PIPE;
0756eb3c 2799
2d14f397 2800 DEBUG(D_transport) debug_printf("%susing PIPELINING\n",
14de8063 2801 smtp_peer_options & OPTION_PIPE ? "" : "not ");
0756eb3c 2802
14de8063 2803 if ( sx->peer_offered & OPTION_CHUNKING
ee8b8090 2804 && verify_check_given_host(CUSS &ob->hosts_try_chunking, sx->conn_args.host) != OK)
14de8063 2805 sx->peer_offered &= ~OPTION_CHUNKING;
f98442df 2806
14de8063 2807 if (sx->peer_offered & OPTION_CHUNKING)
ee8b8090 2808 DEBUG(D_transport) debug_printf("CHUNKING usable\n");
0756eb3c 2809
8ccd00b1 2810#ifndef DISABLE_PRDR
14de8063 2811 if ( sx->peer_offered & OPTION_PRDR
ee8b8090 2812 && verify_check_given_host(CUSS &ob->hosts_try_prdr, sx->conn_args.host) != OK)
14de8063 2813 sx->peer_offered &= ~OPTION_PRDR;
fd98a5c6 2814
14de8063 2815 if (sx->peer_offered & OPTION_PRDR)
ee8b8090 2816 DEBUG(D_transport) debug_printf("PRDR usable\n");
fd98a5c6
JH
2817#endif
2818
2d14f397 2819 /* Note if the server supports DSN */
14de8063 2820 smtp_peer_options |= sx->peer_offered & OPTION_DSN;
2d14f397 2821 DEBUG(D_transport) debug_printf("%susing DSN\n",
14de8063 2822 sx->peer_offered & OPTION_DSN ? "" : "not ");
6c1c3d1d 2823
81344b40 2824#ifndef DISABLE_PIPE_CONNECT
ee8b8090
JH
2825 if ( sx->early_pipe_ok
2826 && !sx->early_pipe_active
2827 && tls_out.active.sock >= 0
2828 && smtp_peer_options & OPTION_PIPE
2829 && ( sx->ehlo_resp.cleartext_features | sx->ehlo_resp.crypted_features)
2830 & OPTION_EARLY_PIPE)
2831 {
2832 DEBUG(D_transport) debug_printf("PIPE_CONNECT usable in future for this IP\n");
2833 sx->ehlo_resp.crypted_auths = study_ehlo_auths(sx);
2834 write_ehlo_cache_entry(sx);
2835 }
2836#endif
2837
2d14f397
JH
2838 /* Note if the response to EHLO specifies support for the AUTH extension.
2839 If it has, check that this host is one we want to authenticate to, and do
2840 the business. The host name and address must be available when the
2841 authenticator's client driver is running. */
0756eb3c 2842
ee8b8090 2843 switch (yield = smtp_auth(sx))
2d14f397
JH
2844 {
2845 default: goto SEND_QUIT;
2846 case OK: break;
2847 case FAIL_SEND: goto SEND_FAILED;
2848 case FAIL: goto RESPONSE_FAILED;
2849 }
0756eb3c
PH
2850 }
2851 }
7c576fca 2852sx->pipelining_used = pipelining_active = !!(smtp_peer_options & OPTION_PIPE);
0756eb3c
PH
2853
2854/* The setting up of the SMTP call is now complete. Any subsequent errors are
2855message-specific. */
2856
d093f8e5 2857sx->setting_up = FALSE;
0756eb3c 2858
8c5d388a 2859#ifdef SUPPORT_I18N
d093f8e5 2860if (sx->addrlist->prop.utf8_msg)
9094b84b 2861 {
71c15846
JH
2862 uschar * s;
2863
2864 /* If the transport sets a downconversion mode it overrides any set by ACL
2865 for the message. */
2866
ee8b8090 2867 if ((s = ob->utf8_downconvert))
71c15846
JH
2868 {
2869 if (!(s = expand_string(s)))
2870 {
2871 message = string_sprintf("failed to expand utf8_downconvert: %s",
2872 expand_string_message);
2873 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
2874 yield = DEFER;
2875 goto SEND_QUIT;
2876 }
2877 switch (*s)
2878 {
2879 case '1': sx->addrlist->prop.utf8_downcvt = TRUE;
2880 sx->addrlist->prop.utf8_downcvt_maybe = FALSE;
2881 break;
2882 case '0': sx->addrlist->prop.utf8_downcvt = FALSE;
2883 sx->addrlist->prop.utf8_downcvt_maybe = FALSE;
2884 break;
2885 case '-': if (s[1] == '1')
2886 {
2887 sx->addrlist->prop.utf8_downcvt = FALSE;
2888 sx->addrlist->prop.utf8_downcvt_maybe = TRUE;
2889 }
2890 break;
2891 }
2892 }
2893
d093f8e5
JH
2894 sx->utf8_needed = !sx->addrlist->prop.utf8_downcvt
2895 && !sx->addrlist->prop.utf8_downcvt_maybe;
2896 DEBUG(D_transport) if (!sx->utf8_needed)
59a286ef 2897 debug_printf("utf8: %s downconvert\n",
d093f8e5 2898 sx->addrlist->prop.utf8_downcvt ? "mandatory" : "optional");
9094b84b
JH
2899 }
2900
7ade712c 2901/* If this is an international message we need the host to speak SMTPUTF8 */
14de8063 2902if (sx->utf8_needed && !(sx->peer_offered & OPTION_UTF8))
7ade712c
JH
2903 {
2904 errno = ERRNO_UTF8_FWD;
2905 goto RESPONSE_FAILED;
2906 }
71c15846 2907#endif /*SUPPORT_I18N*/
7ade712c 2908
d093f8e5
JH
2909return OK;
2910
2911
2912 {
2913 int code;
d093f8e5
JH
2914
2915 RESPONSE_FAILED:
eebcfa1c
JH
2916 if (errno == ECONNREFUSED) /* first-read error on a TFO conn */
2917 {
2918 /* There is a testing facility for simulating a connection timeout, as I
2919 can't think of any other way of doing this. It converts a connection
2920 refused into a timeout if the timeout is set to 999999. This is done for
2921 a 3whs connection in ip_connect(), but a TFO connection does not error
2922 there - instead it gets ECONNREFUSED on the first data read. Tracking
2923 that a TFO really was done is too hard, or we would set a
2924 sx->pending_conn_done bit and test that in smtp_reap_banner() and
2925 smtp_reap_ehlo(). That would let us also add the conn-timeout to the
2926 cmd-timeout. */
2927
2928 if (f.running_in_test_harness && ob->connect_timeout == 999999)
2929 errno = ETIMEDOUT;
2930 set_errno_nohost(sx->addrlist,
2931 errno == ETIMEDOUT ? ERRNO_CONNECTTIMEOUT : errno,
2932 sx->verify ? US strerror(errno) : NULL,
2933 DEFER, FALSE);
2934 sx->send_quit = FALSE;
2935 return DEFER;
2936 }
2937
2938 /* really an error on an SMTP read */
d093f8e5 2939 message = NULL;
ee8b8090 2940 sx->send_quit = check_response(sx->conn_args.host, &errno, sx->addrlist->more_errno,
d093f8e5 2941 sx->buffer, &code, &message, &pass_message);
8ac90765 2942 yield = DEFER;
d093f8e5 2943 goto FAILED;
d093f8e5
JH
2944
2945 SEND_FAILED:
d093f8e5
JH
2946 code = '4';
2947 message = US string_sprintf("send() to %s [%s] failed: %s",
ee8b8090 2948 sx->conn_args.host->name, sx->conn_args.host->address, strerror(errno));
d093f8e5 2949 sx->send_quit = FALSE;
8ac90765 2950 yield = DEFER;
d093f8e5 2951 goto FAILED;
d093f8e5 2952
de6273b4
JH
2953 EHLOHELO_FAILED:
2954 code = '4';
2955 message = string_sprintf("Remote host closed connection in response to %s"
2956 " (EHLO response was: %s)", smtp_command, sx->buffer);
2957 sx->send_quit = FALSE;
8ac90765 2958 yield = DEFER;
de6273b4
JH
2959 goto FAILED;
2960
e5ab0ba9
JH
2961 /* This label is jumped to directly when a TLS negotiation has failed,
2962 or was not done for a host for which it is required. Values will be set
2963 in message and errno, and setting_up will always be true. Treat as
2964 a temporary error. */
2965
01603eec 2966#ifndef DISABLE_TLS
d093f8e5 2967 TLS_FAILED:
9883af72 2968 code = '4', yield = DEFER;
de6273b4 2969 goto FAILED;
d093f8e5
JH
2970#endif
2971
2972 /* The failure happened while setting up the call; see if the failure was
2973 a 5xx response (this will either be on connection, or following HELO - a 5xx
e69636bc
JH
2974 after EHLO causes it to try HELO). If so, and there are no more hosts to try,
2975 fail all addresses, as this host is never going to accept them. For other
2976 errors during setting up (timeouts or whatever), defer all addresses, and
2977 yield DEFER, so that the host is not tried again for a while.
2978
2979 XXX This peeking for another host feels like a layering violation. We want
2980 to note the host as unusable, but down here we shouldn't know if this was
2981 the last host to try for the addr(list). Perhaps the upper layer should be
2982 the one to do set_errno() ? The problem is that currently the addr is where
2983 errno etc. are stashed, but until we run out of hosts to try the errors are
2984 host-specific. Maybe we should enhance the host_item definition? */
d093f8e5 2985
de6273b4 2986FAILED:
d093f8e5 2987 sx->ok = FALSE; /* For when reached by GOTO */
e69636bc 2988 set_errno(sx->addrlist, errno, message,
ee8b8090 2989 sx->conn_args.host->next
e69636bc
JH
2990 ? DEFER
2991 : code == '5'
d093f8e5 2992#ifdef SUPPORT_I18N
e69636bc 2993 || errno == ERRNO_UTF8_FWD
d093f8e5 2994#endif
e69636bc 2995 ? FAIL : DEFER,
2d56d634
JH
2996 pass_message,
2997 errno == ECONNREFUSED ? NULL : sx->conn_args.host
d093f8e5
JH
2998#ifdef EXPERIMENTAL_DSN_INFO
2999 , sx->smtp_greeting, sx->helo_response
3000#endif
3001 );
3002 }
3003
3004
3005SEND_QUIT:
3006
3007if (sx->send_quit)
251b9eb4 3008 (void)smtp_write_command(sx, SCMD_FLUSH, "QUIT\r\n");
d093f8e5 3009
01603eec 3010#ifndef DISABLE_TLS
74f1a423
JH
3011if (sx->cctx.tls_ctx)
3012 {
3013 tls_close(sx->cctx.tls_ctx, TLS_SHUTDOWN_NOWAIT);
3014 sx->cctx.tls_ctx = NULL;
3015 }
d093f8e5
JH
3016#endif
3017
3018/* Close the socket, and return the appropriate value, first setting
3019works because the NULL setting is passed back to the calling process, and
3020remote_max_parallel is forced to 1 when delivering over an existing connection,
b7d3afcf 3021*/
d093f8e5 3022
e1d04f48 3023HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP(close)>>\n");
d093f8e5
JH
3024if (sx->send_quit)
3025 {
74f1a423
JH
3026 shutdown(sx->cctx.sock, SHUT_WR);
3027 if (fcntl(sx->cctx.sock, F_SETFL, O_NONBLOCK) == 0)
d7978c0f
JH
3028 for (int i = 16; read(sx->cctx.sock, sx->inbuffer, sizeof(sx->inbuffer)) > 0 && i > 0;)
3029 i--; /* drain socket */
02b41d71 3030 sx->send_quit = FALSE;
d093f8e5 3031 }
74f1a423
JH
3032(void)close(sx->cctx.sock);
3033sx->cctx.sock = -1;
d093f8e5
JH
3034
3035#ifndef DISABLE_EVENT
ee8b8090 3036(void) event_raise(sx->conn_args.tblock->event_action, US"tcp:close", NULL);
d093f8e5
JH
3037#endif
3038
3039continue_transport = NULL;
3040continue_hostname = NULL;
3041return yield;
3042}
3043
3044
9be4572b
JH
3045
3046
3047/* Create the string of options that will be appended to the MAIL FROM:
3048in the connection context buffer */
3049
3050static int
3051build_mailcmd_options(smtp_context * sx, address_item * addrlist)
3052{
3053uschar * p = sx->buffer;
3054address_item * addr;
3055int address_count;
3056
3057*p = 0;
3058
14de8063 3059/* If we know the receiving MTA supports the SIZE qualification, and we know it,
9be4572b
JH
3060send it, adding something to the message size to allow for imprecision
3061and things that get added en route. Exim keeps the number of lines
3062in a message, so we can give an accurate value for the original message, but we
3063need some additional to handle added headers. (Double "." characters don't get
3064included in the count.) */
3065
14de8063
JH
3066if ( message_size > 0
3067 && sx->peer_offered & OPTION_SIZE && !(sx->avoid_option & OPTION_SIZE))
9be4572b 3068 {
328c5688
JH
3069/*XXX problem here under spool_files_wireformat?
3070Or just forget about lines? Or inflate by a fixed proportion? */
3071
ee8b8090 3072 sprintf(CS p, " SIZE=%d", message_size+message_linecount+(SOB sx->conn_args.ob)->size_addition);
9be4572b
JH
3073 while (*p) p++;
3074 }
3075
3076#ifndef DISABLE_PRDR
aded2255 3077/* If it supports Per-Recipient Data Responses, and we have more than one recipient,
9be4572b
JH
3078request that */
3079
3080sx->prdr_active = FALSE;
14de8063 3081if (sx->peer_offered & OPTION_PRDR)
d7978c0f 3082 for (address_item * addr = addrlist; addr; addr = addr->next)
9be4572b
JH
3083 if (addr->transport_return == PENDING_DEFER)
3084 {
3085 for (addr = addr->next; addr; addr = addr->next)
3086 if (addr->transport_return == PENDING_DEFER)
3087 { /* at least two recipients to send */
3088 sx->prdr_active = TRUE;
3089 sprintf(CS p, " PRDR"); p += 5;
3090 break;
3091 }
3092 break;
3093 }
3094#endif
3095
3096#ifdef SUPPORT_I18N
3097/* If it supports internationalised messages, and this meesage need that,
3098request it */
3099
14de8063 3100if ( sx->peer_offered & OPTION_UTF8
9be4572b
JH
3101 && addrlist->prop.utf8_msg
3102 && !addrlist->prop.utf8_downcvt
3103 )
f3ebb786 3104 Ustrcpy(p, US" SMTPUTF8"), p += 9;
9be4572b
JH
3105#endif
3106
3107/* check if all addresses have DSN-lasthop flag; do not send RET and ENVID if so */
3108for (sx->dsn_all_lasthop = TRUE, addr = addrlist, address_count = 0;
3109 addr && address_count < sx->max_rcpt;
3110 addr = addr->next) if (addr->transport_return == PENDING_DEFER)
3111 {
3112 address_count++;
3113 if (!(addr->dsn_flags & rf_dsnlasthop))
3114 {
3115 sx->dsn_all_lasthop = FALSE;
3116 break;
3117 }
3118 }
3119
3120/* Add any DSN flags to the mail command */
3121
14de8063 3122if (sx->peer_offered & OPTION_DSN && !sx->dsn_all_lasthop)
9be4572b
JH
3123 {
3124 if (dsn_ret == dsn_ret_hdrs)
f3ebb786 3125 { Ustrcpy(p, US" RET=HDRS"); p += 9; }
9be4572b 3126 else if (dsn_ret == dsn_ret_full)
f3ebb786 3127 { Ustrcpy(p, US" RET=FULL"); p += 9; }
9be4572b
JH
3128
3129 if (dsn_envid)
3130 {
3131 string_format(p, sizeof(sx->buffer) - (p-sx->buffer), " ENVID=%s", dsn_envid);
3132 while (*p) p++;
3133 }
3134 }
3135
3136/* If an authenticated_sender override has been specified for this transport
3137instance, expand it. If the expansion is forced to fail, and there was already
3138an authenticated_sender for this message, the original value will be used.
3139Other expansion failures are serious. An empty result is ignored, but there is
3140otherwise no check - this feature is expected to be used with LMTP and other
3141cases where non-standard addresses (e.g. without domains) might be required. */
3142
ee8b8090 3143if (smtp_mail_auth_str(p, sizeof(sx->buffer) - (p-sx->buffer), addrlist, sx->conn_args.ob))
9be4572b
JH
3144 return ERROR;
3145
3146return OK;
3147}
3148
3149
3150static void
3151build_rcptcmd_options(smtp_context * sx, const address_item * addr)
3152{
3153uschar * p = sx->buffer;
3154*p = 0;
3155
3156/* Add any DSN flags to the rcpt command */
3157
14de8063 3158if (sx->peer_offered & OPTION_DSN && !(addr->dsn_flags & rf_dsnlasthop))
9be4572b
JH
3159 {
3160 if (addr->dsn_flags & rf_dsnflags)
3161 {
9be4572b
JH
3162 BOOL first = TRUE;
3163
f3ebb786 3164 Ustrcpy(p, US" NOTIFY=");
9be4572b 3165 while (*p) p++;
d7978c0f 3166 for (int i = 0; i < nelem(rf_list); i++) if (addr->dsn_flags & rf_list[i])
9be4572b
JH
3167 {
3168 if (!first) *p++ = ',';
3169 first = FALSE;
3170 Ustrcpy(p, rf_names[i]);
3171 while (*p) p++;
3172 }
3173 }
3174
3175 if (addr->dsn_orcpt)
3176 {
3177 string_format(p, sizeof(sx->buffer) - (p-sx->buffer), " ORCPT=%s",
3178 addr->dsn_orcpt);
3179 while (*p) p++;
3180 }
3181 }
3182}
3183
3184
d9c3c8ed
JH
3185
3186/*
3187Return:
e9166683
JH
3188 0 good, rcpt results in addr->transport_return (PENDING_OK, DEFER, FAIL)
3189 -1 MAIL response error
3190 -2 any non-MAIL read i/o error
3191 -3 non-MAIL response timeout
3192 -4 internal error; channel still usable
3193 -5 transmit failed
d9c3c8ed
JH
3194 */
3195
3196int
3197smtp_write_mail_and_rcpt_cmds(smtp_context * sx, int * yield)
3198{
3199address_item * addr;
3200int address_count;
3201int rc;
3202
3203if (build_mailcmd_options(sx, sx->first_addr) != OK)
3204 {
3205 *yield = ERROR;
e9166683 3206 return -4;
d9c3c8ed
JH
3207 }
3208
3209/* From here until we send the DATA command, we can make use of PIPELINING
3210if the server host supports it. The code has to be able to check the responses
3211at any point, for when the buffer fills up, so we write it totally generally.
3212When PIPELINING is off, each command written reports that it has flushed the
3213buffer. */
3214
3215sx->pending_MAIL = TRUE; /* The block starts with MAIL */
3216
3217 {
3218 uschar * s = sx->from_addr;
3219#ifdef SUPPORT_I18N
3220 uschar * errstr = NULL;
3221
3222 /* If we must downconvert, do the from-address here. Remember we had to
3223 for the to-addresses (done below), and also (ugly) for re-doing when building
3224 the delivery log line. */
3225
3226 if ( sx->addrlist->prop.utf8_msg
14de8063 3227 && (sx->addrlist->prop.utf8_downcvt || !(sx->peer_offered & OPTION_UTF8))
d9c3c8ed
JH
3228 )
3229 {
3230 if (s = string_address_utf8_to_alabel(s, &errstr), errstr)
3231 {
3232 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, errstr, DEFER, FALSE);
3233 *yield = ERROR;
e9166683 3234 return -4;
d9c3c8ed
JH
3235 }
3236 setflag(sx->addrlist, af_utf8_downcvt);
3237 }
3238#endif
3239
251b9eb4 3240 rc = smtp_write_command(sx, pipelining_active ? SCMD_BUFFER : SCMD_FLUSH,
d9c3c8ed
JH
3241 "MAIL FROM:<%s>%s\r\n", s, sx->buffer);
324