Fix info on using local_scan() in the default Makefile
[exim.git] / src / src / transports / smtp.c
CommitLineData
0756eb3c
PH
1/*************************************************
2* Exim - an Internet mail transport agent *
3*************************************************/
4
f9ba5e22 5/* Copyright (c) University of Cambridge 1995 - 2018 */
0756eb3c
PH
6/* See the file NOTICE for conditions of use and distribution. */
7
8#include "../exim.h"
9#include "smtp.h"
10
0756eb3c
PH
11
12/* Options specific to the smtp transport. This transport also supports LMTP
13over TCP/IP. The options must be in alphabetic order (note that "_" comes
14before the lower case letters). Some live in the transport_instance block so as
15to be publicly visible; these are flagged with opt_public. */
16
17optionlist smtp_transport_options[] = {
506900af
JH
18 { "*expand_multi_domain", opt_stringptr | opt_hidden | opt_public,
19 (void *)offsetof(transport_instance, expand_multi_domain) },
9c695f6d
JH
20 { "*expand_retry_include_ip_address", opt_stringptr | opt_hidden,
21 (void *)(offsetof(smtp_transport_options_block, expand_retry_include_ip_address)) },
22
48c7f9e2
PH
23 { "address_retry_include_sender", opt_bool,
24 (void *)offsetof(smtp_transport_options_block, address_retry_include_sender) },
0756eb3c
PH
25 { "allow_localhost", opt_bool,
26 (void *)offsetof(smtp_transport_options_block, allow_localhost) },
617d3932
JH
27#ifdef EXPERIMENTAL_ARC
28 { "arc_sign", opt_stringptr,
29 (void *)offsetof(smtp_transport_options_block, arc_sign) },
30#endif
0756eb3c
PH
31 { "authenticated_sender", opt_stringptr,
32 (void *)offsetof(smtp_transport_options_block, authenticated_sender) },
382afc6b
PH
33 { "authenticated_sender_force", opt_bool,
34 (void *)offsetof(smtp_transport_options_block, authenticated_sender_force) },
0756eb3c
PH
35 { "command_timeout", opt_time,
36 (void *)offsetof(smtp_transport_options_block, command_timeout) },
37 { "connect_timeout", opt_time,
38 (void *)offsetof(smtp_transport_options_block, connect_timeout) },
39 { "connection_max_messages", opt_int | opt_public,
40 (void *)offsetof(transport_instance, connection_max_messages) },
5ec37a55
PP
41# ifdef SUPPORT_DANE
42 { "dane_require_tls_ciphers", opt_stringptr,
43 (void *)offsetof(smtp_transport_options_block, dane_require_tls_ciphers) },
44# endif
0756eb3c
PH
45 { "data_timeout", opt_time,
46 (void *)offsetof(smtp_transport_options_block, data_timeout) },
47 { "delay_after_cutoff", opt_bool,
48 (void *)offsetof(smtp_transport_options_block, delay_after_cutoff) },
80a47a2c 49#ifndef DISABLE_DKIM
f7572e5a 50 { "dkim_canon", opt_stringptr,
ff5aac2b 51 (void *)offsetof(smtp_transport_options_block, dkim.dkim_canon) },
f7572e5a 52 { "dkim_domain", opt_stringptr,
ff5aac2b 53 (void *)offsetof(smtp_transport_options_block, dkim.dkim_domain) },
d73e45df
JH
54 { "dkim_hash", opt_stringptr,
55 (void *)offsetof(smtp_transport_options_block, dkim.dkim_hash) },
7c6ec81b
JH
56 { "dkim_identity", opt_stringptr,
57 (void *)offsetof(smtp_transport_options_block, dkim.dkim_identity) },
f7572e5a 58 { "dkim_private_key", opt_stringptr,
ff5aac2b 59 (void *)offsetof(smtp_transport_options_block, dkim.dkim_private_key) },
f7572e5a 60 { "dkim_selector", opt_stringptr,
ff5aac2b 61 (void *)offsetof(smtp_transport_options_block, dkim.dkim_selector) },
f7572e5a 62 { "dkim_sign_headers", opt_stringptr,
ff5aac2b 63 (void *)offsetof(smtp_transport_options_block, dkim.dkim_sign_headers) },
f7572e5a 64 { "dkim_strict", opt_stringptr,
ff5aac2b 65 (void *)offsetof(smtp_transport_options_block, dkim.dkim_strict) },
2bc0f45e
JH
66 { "dkim_timestamps", opt_stringptr,
67 (void *)offsetof(smtp_transport_options_block, dkim.dkim_timestamps) },
80a47a2c 68#endif
0756eb3c
PH
69 { "dns_qualify_single", opt_bool,
70 (void *)offsetof(smtp_transport_options_block, dns_qualify_single) },
71 { "dns_search_parents", opt_bool,
72 (void *)offsetof(smtp_transport_options_block, dns_search_parents) },
578897ea 73 { "dnssec_request_domains", opt_stringptr,
7cd171b7 74 (void *)offsetof(smtp_transport_options_block, dnssec.request) },
578897ea 75 { "dnssec_require_domains", opt_stringptr,
7cd171b7 76 (void *)offsetof(smtp_transport_options_block, dnssec.require) },
9e4f5962
PP
77 { "dscp", opt_stringptr,
78 (void *)offsetof(smtp_transport_options_block, dscp) },
0756eb3c
PH
79 { "fallback_hosts", opt_stringptr,
80 (void *)offsetof(smtp_transport_options_block, fallback_hosts) },
81 { "final_timeout", opt_time,
82 (void *)offsetof(smtp_transport_options_block, final_timeout) },
83 { "gethostbyname", opt_bool,
84 (void *)offsetof(smtp_transport_options_block, gethostbyname) },
85 { "helo_data", opt_stringptr,
86 (void *)offsetof(smtp_transport_options_block, helo_data) },
87 { "hosts", opt_stringptr,
88 (void *)offsetof(smtp_transport_options_block, hosts) },
89 { "hosts_avoid_esmtp", opt_stringptr,
90 (void *)offsetof(smtp_transport_options_block, hosts_avoid_esmtp) },
c51b8e75
PH
91 { "hosts_avoid_pipelining", opt_stringptr,
92 (void *)offsetof(smtp_transport_options_block, hosts_avoid_pipelining) },
80a47a2c 93#ifdef SUPPORT_TLS
0756eb3c
PH
94 { "hosts_avoid_tls", opt_stringptr,
95 (void *)offsetof(smtp_transport_options_block, hosts_avoid_tls) },
80a47a2c 96#endif
0756eb3c
PH
97 { "hosts_max_try", opt_int,
98 (void *)offsetof(smtp_transport_options_block, hosts_max_try) },
533244af
PH
99 { "hosts_max_try_hardlimit", opt_int,
100 (void *)offsetof(smtp_transport_options_block, hosts_max_try_hardlimit) },
80a47a2c 101#ifdef SUPPORT_TLS
0756eb3c
PH
102 { "hosts_nopass_tls", opt_stringptr,
103 (void *)offsetof(smtp_transport_options_block, hosts_nopass_tls) },
875512a3
JH
104 { "hosts_noproxy_tls", opt_stringptr,
105 (void *)offsetof(smtp_transport_options_block, hosts_noproxy_tls) },
80a47a2c 106#endif
0756eb3c
PH
107 { "hosts_override", opt_bool,
108 (void *)offsetof(smtp_transport_options_block, hosts_override) },
ee8b8090
JH
109#ifdef EXPERIMENTAL_PIPE_CONNECT
110 { "hosts_pipe_connect", opt_stringptr,
111 (void *)offsetof(smtp_transport_options_block, hosts_pipe_connect) },
112#endif
0756eb3c
PH
113 { "hosts_randomize", opt_bool,
114 (void *)offsetof(smtp_transport_options_block, hosts_randomize) },
f2de3a33 115#if defined(SUPPORT_TLS) && !defined(DISABLE_OCSP)
44662487
JH
116 { "hosts_request_ocsp", opt_stringptr,
117 (void *)offsetof(smtp_transport_options_block, hosts_request_ocsp) },
118#endif
0756eb3c
PH
119 { "hosts_require_auth", opt_stringptr,
120 (void *)offsetof(smtp_transport_options_block, hosts_require_auth) },
80a47a2c 121#ifdef SUPPORT_TLS
c0635b6d 122# ifdef SUPPORT_DANE
7a31d643
JH
123 { "hosts_require_dane", opt_stringptr,
124 (void *)offsetof(smtp_transport_options_block, hosts_require_dane) },
125# endif
f2de3a33 126# ifndef DISABLE_OCSP
f5d78688
JH
127 { "hosts_require_ocsp", opt_stringptr,
128 (void *)offsetof(smtp_transport_options_block, hosts_require_ocsp) },
129# endif
0756eb3c
PH
130 { "hosts_require_tls", opt_stringptr,
131 (void *)offsetof(smtp_transport_options_block, hosts_require_tls) },
80a47a2c 132#endif
0756eb3c
PH
133 { "hosts_try_auth", opt_stringptr,
134 (void *)offsetof(smtp_transport_options_block, hosts_try_auth) },
f98442df
JH
135 { "hosts_try_chunking", opt_stringptr,
136 (void *)offsetof(smtp_transport_options_block, hosts_try_chunking) },
c0635b6d 137#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE)
96e47838
TL
138 { "hosts_try_dane", opt_stringptr,
139 (void *)offsetof(smtp_transport_options_block, hosts_try_dane) },
140#endif
fb05276a
JH
141 { "hosts_try_fastopen", opt_stringptr,
142 (void *)offsetof(smtp_transport_options_block, hosts_try_fastopen) },
8ccd00b1 143#ifndef DISABLE_PRDR
fd98a5c6
JH
144 { "hosts_try_prdr", opt_stringptr,
145 (void *)offsetof(smtp_transport_options_block, hosts_try_prdr) },
146#endif
99400968
JH
147#ifdef SUPPORT_TLS
148 { "hosts_verify_avoid_tls", opt_stringptr,
149 (void *)offsetof(smtp_transport_options_block, hosts_verify_avoid_tls) },
150#endif
0756eb3c
PH
151 { "interface", opt_stringptr,
152 (void *)offsetof(smtp_transport_options_block, interface) },
153 { "keepalive", opt_bool,
154 (void *)offsetof(smtp_transport_options_block, keepalive) },
f1513293
PH
155 { "lmtp_ignore_quota", opt_bool,
156 (void *)offsetof(smtp_transport_options_block, lmtp_ignore_quota) },
0756eb3c
PH
157 { "max_rcpt", opt_int | opt_public,
158 (void *)offsetof(transport_instance, max_addresses) },
506900af 159 { "multi_domain", opt_expand_bool | opt_public,
0756eb3c
PH
160 (void *)offsetof(transport_instance, multi_domain) },
161 { "port", opt_stringptr,
162 (void *)offsetof(smtp_transport_options_block, port) },
163 { "protocol", opt_stringptr,
164 (void *)offsetof(smtp_transport_options_block, protocol) },
9c695f6d 165 { "retry_include_ip_address", opt_expand_bool,
0756eb3c
PH
166 (void *)offsetof(smtp_transport_options_block, retry_include_ip_address) },
167 { "serialize_hosts", opt_stringptr,
168 (void *)offsetof(smtp_transport_options_block, serialize_hosts) },
169 { "size_addition", opt_int,
1ddf77d0 170 (void *)offsetof(smtp_transport_options_block, size_addition) },
f0989ec0 171#ifdef SUPPORT_SOCKS
1ddf77d0
JH
172 { "socks_proxy", opt_stringptr,
173 (void *)offsetof(smtp_transport_options_block, socks_proxy) },
7eb6c37c 174#endif
80a47a2c 175#ifdef SUPPORT_TLS
1ddf77d0 176 { "tls_certificate", opt_stringptr,
0756eb3c
PH
177 (void *)offsetof(smtp_transport_options_block, tls_certificate) },
178 { "tls_crl", opt_stringptr,
179 (void *)offsetof(smtp_transport_options_block, tls_crl) },
54c90be1
PP
180 { "tls_dh_min_bits", opt_int,
181 (void *)offsetof(smtp_transport_options_block, tls_dh_min_bits) },
0756eb3c
PH
182 { "tls_privatekey", opt_stringptr,
183 (void *)offsetof(smtp_transport_options_block, tls_privatekey) },
3f0945ff 184 { "tls_require_ciphers", opt_stringptr,
0756eb3c 185 (void *)offsetof(smtp_transport_options_block, tls_require_ciphers) },
3f0945ff
PP
186 { "tls_sni", opt_stringptr,
187 (void *)offsetof(smtp_transport_options_block, tls_sni) },
0756eb3c
PH
188 { "tls_tempfail_tryclear", opt_bool,
189 (void *)offsetof(smtp_transport_options_block, tls_tempfail_tryclear) },
a63be306
WB
190 { "tls_try_verify_hosts", opt_stringptr,
191 (void *)offsetof(smtp_transport_options_block, tls_try_verify_hosts) },
e51c7be2
JH
192 { "tls_verify_cert_hostnames", opt_stringptr,
193 (void *)offsetof(smtp_transport_options_block,tls_verify_cert_hostnames)},
0756eb3c 194 { "tls_verify_certificates", opt_stringptr,
a63be306
WB
195 (void *)offsetof(smtp_transport_options_block, tls_verify_certificates) },
196 { "tls_verify_hosts", opt_stringptr,
71c15846
JH
197 (void *)offsetof(smtp_transport_options_block, tls_verify_hosts) },
198#endif
199#ifdef SUPPORT_I18N
200 { "utf8_downconvert", opt_stringptr,
201 (void *)offsetof(smtp_transport_options_block, utf8_downconvert) },
80a47a2c 202#endif
0756eb3c
PH
203};
204
205/* Size of the options list. An extern variable has to be used so that its
206address can appear in the tables drtables.c. */
207
71c15846 208int smtp_transport_options_count = nelem(smtp_transport_options);
0756eb3c 209
d185889f
JH
210
211#ifdef MACRO_PREDEF
212
213/* Dummy values */
214smtp_transport_options_block smtp_transport_option_defaults = {0};
215void smtp_transport_init(transport_instance *tblock) {}
216BOOL smtp_transport_entry(transport_instance *tblock, address_item *addr) {return FALSE;}
217void smtp_transport_closedown(transport_instance *tblock) {}
218
219#else /*!MACRO_PREDEF*/
220
221
0756eb3c
PH
222/* Default private options block for the smtp transport. */
223
224smtp_transport_options_block smtp_transport_option_defaults = {
838d897c 225 .hosts = NULL,
847cd15f 226 .fallback_hosts = NULL,
838d897c
JH
227 .hostlist = NULL,
228 .fallback_hostlist = NULL,
838d897c
JH
229 .helo_data = US"$primary_hostname",
230 .interface = NULL,
231 .port = NULL,
232 .protocol = US"smtp",
233 .dscp = NULL,
234 .serialize_hosts = NULL,
235 .hosts_try_auth = NULL,
236 .hosts_require_auth = NULL,
237 .hosts_try_chunking = US"*",
c0635b6d 238#ifdef SUPPORT_DANE
838d897c
JH
239 .hosts_try_dane = NULL,
240 .hosts_require_dane = NULL,
5ec37a55 241 .dane_require_tls_ciphers = NULL,
96e47838 242#endif
838d897c 243 .hosts_try_fastopen = NULL,
8ccd00b1 244#ifndef DISABLE_PRDR
838d897c 245 .hosts_try_prdr = US"*",
fd98a5c6 246#endif
f2de3a33 247#ifndef DISABLE_OCSP
838d897c
JH
248 .hosts_request_ocsp = US"*", /* hosts_request_ocsp (except under DANE; tls_client_start()) */
249 .hosts_require_ocsp = NULL,
f5d78688 250#endif
838d897c
JH
251 .hosts_require_tls = NULL,
252 .hosts_avoid_tls = NULL,
253 .hosts_verify_avoid_tls = NULL,
254 .hosts_avoid_pipelining = NULL,
ee8b8090
JH
255#ifdef EXPERIMENTAL_PIPE_CONNECT
256 .hosts_pipe_connect = NULL,
257#endif
838d897c 258 .hosts_avoid_esmtp = NULL,
57cc2785 259#ifdef SUPPORT_TLS
838d897c
JH
260 .hosts_nopass_tls = NULL,
261 .hosts_noproxy_tls = US"*",
57cc2785 262#endif
838d897c
JH
263 .command_timeout = 5*60,
264 .connect_timeout = 5*60,
265 .data_timeout = 5*60,
266 .final_timeout = 10*60,
267 .size_addition = 1024,
268 .hosts_max_try = 5,
269 .hosts_max_try_hardlimit = 50,
270 .address_retry_include_sender = TRUE,
271 .allow_localhost = FALSE,
272 .authenticated_sender_force = FALSE,
273 .gethostbyname = FALSE,
274 .dns_qualify_single = TRUE,
275 .dns_search_parents = FALSE,
276 .dnssec = { .request=NULL, .require=NULL },
277 .delay_after_cutoff = TRUE,
278 .hosts_override = FALSE,
279 .hosts_randomize = FALSE,
280 .keepalive = TRUE,
281 .lmtp_ignore_quota = FALSE,
282 .expand_retry_include_ip_address = NULL,
283 .retry_include_ip_address = TRUE,
f0989ec0 284#ifdef SUPPORT_SOCKS
838d897c 285 .socks_proxy = NULL,
b8bf753b 286#endif
80a47a2c 287#ifdef SUPPORT_TLS
838d897c
JH
288 .tls_certificate = NULL,
289 .tls_crl = NULL,
290 .tls_privatekey = NULL,
291 .tls_require_ciphers = NULL,
292 .tls_sni = NULL,
293 .tls_verify_certificates = US"system",
294 .tls_dh_min_bits = EXIM_CLIENT_DH_DEFAULT_MIN_BITS,
295 .tls_tempfail_tryclear = TRUE,
296 .tls_verify_hosts = NULL,
297 .tls_try_verify_hosts = US"*",
298 .tls_verify_cert_hostnames = US"*",
80a47a2c 299#endif
71c15846
JH
300#ifdef SUPPORT_I18N
301 .utf8_downconvert = NULL,
302#endif
80a47a2c 303#ifndef DISABLE_DKIM
838d897c
JH
304 .dkim =
305 {.dkim_domain = NULL,
7c6ec81b 306 .dkim_identity = NULL,
838d897c
JH
307 .dkim_private_key = NULL,
308 .dkim_selector = NULL,
309 .dkim_canon = NULL,
7c6ec81b 310 .dkim_sign_headers = NULL,
838d897c 311 .dkim_strict = NULL,
d73e45df 312 .dkim_hash = US"sha256",
2bc0f45e 313 .dkim_timestamps = NULL,
617d3932
JH
314 .dot_stuffed = FALSE,
315 .force_bodyhash = FALSE,
316# ifdef EXPERIMENTAL_ARC
317 .arc_signspec = NULL,
318# endif
319 },
320# ifdef EXPERIMENTAL_ARC
321 .arc_sign = NULL,
322# endif
80a47a2c 323#endif
0756eb3c
PH
324};
325
6c1c3d1d
WB
326/* some DSN flags for use later */
327
328static int rf_list[] = {rf_notify_never, rf_notify_success,
329 rf_notify_failure, rf_notify_delay };
330
45500060 331static uschar *rf_names[] = { US"NEVER", US"SUCCESS", US"FAILURE", US"DELAY" };
6c1c3d1d
WB
332
333
0756eb3c
PH
334
335/* Local statics */
336
87cb4a16
JH
337static uschar *smtp_command; /* Points to last cmd for error messages */
338static uschar *mail_command; /* Points to MAIL cmd for error messages */
339static uschar *data_command = US""; /* Points to DATA cmd for error messages */
340static BOOL update_waiting; /* TRUE to update the "wait" database */
875512a3
JH
341
342/*XXX move to smtp_context */
87cb4a16 343static BOOL pipelining_active; /* current transaction is in pipe mode */
0756eb3c
PH
344
345
ee8b8090
JH
346static unsigned ehlo_response(uschar * buf, unsigned checks);
347
348
0756eb3c
PH
349/*************************************************
350* Setup entry point *
351*************************************************/
352
353/* This function is called when the transport is about to be used,
354but before running it in a sub-process. It is used for two things:
355
356 (1) To set the fallback host list in addresses, when delivering.
26da7e20
PH
357 (2) To pass back the interface, port, protocol, and other options, for use
358 during callout verification.
0756eb3c
PH
359
360Arguments:
361 tblock pointer to the transport instance block
362 addrlist list of addresses about to be transported
363 tf if not NULL, pointer to block in which to return options
929ba01c
PH
364 uid the uid that will be set (not used)
365 gid the gid that will be set (not used)
0756eb3c
PH
366 errmsg place for error message (not used)
367
368Returns: OK always (FAIL, DEFER not used)
369*/
370
371static int
372smtp_transport_setup(transport_instance *tblock, address_item *addrlist,
929ba01c 373 transport_feedback *tf, uid_t uid, gid_t gid, uschar **errmsg)
0756eb3c 374{
ee8b8090 375smtp_transport_options_block *ob = SOB tblock->options_block;
0756eb3c
PH
376
377errmsg = errmsg; /* Keep picky compilers happy */
929ba01c
PH
378uid = uid;
379gid = gid;
0756eb3c
PH
380
381/* Pass back options if required. This interface is getting very messy. */
382
02b41d71 383if (tf)
0756eb3c
PH
384 {
385 tf->interface = ob->interface;
386 tf->port = ob->port;
387 tf->protocol = ob->protocol;
388 tf->hosts = ob->hosts;
389 tf->hosts_override = ob->hosts_override;
390 tf->hosts_randomize = ob->hosts_randomize;
391 tf->gethostbyname = ob->gethostbyname;
392 tf->qualify_single = ob->dns_qualify_single;
393 tf->search_parents = ob->dns_search_parents;
26da7e20 394 tf->helo_data = ob->helo_data;
0756eb3c
PH
395 }
396
397/* Set the fallback host list for all the addresses that don't have fallback
398host lists, provided that the local host wasn't present in the original host
399list. */
400
401if (!testflag(addrlist, af_local_host_removed))
02b41d71
JH
402 for (; addrlist; addrlist = addrlist->next)
403 if (!addrlist->fallback_hosts) addrlist->fallback_hosts = ob->fallback_hostlist;
0756eb3c
PH
404
405return OK;
406}
407
408
409
410/*************************************************
411* Initialization entry point *
412*************************************************/
413
414/* Called for each instance, after its options have been read, to
415enable consistency checks to be done, or anything else that needs
416to be set up.
417
418Argument: pointer to the transport instance block
419Returns: nothing
420*/
421
422void
423smtp_transport_init(transport_instance *tblock)
424{
ee8b8090 425smtp_transport_options_block *ob = SOB tblock->options_block;
0756eb3c
PH
426
427/* Retry_use_local_part defaults FALSE if unset */
428
429if (tblock->retry_use_local_part == TRUE_UNSET)
430 tblock->retry_use_local_part = FALSE;
431
432/* Set the default port according to the protocol */
433
ee8b8090
JH
434if (!ob->port)
435 ob->port = strcmpic(ob->protocol, US"lmtp") == 0
436 ? US"lmtp"
437 : strcmpic(ob->protocol, US"smtps") == 0
438 ? US"smtps" : US"smtp";
0756eb3c
PH
439
440/* Set up the setup entry point, to be called before subprocesses for this
441transport. */
442
443tblock->setup = smtp_transport_setup;
444
445/* Complain if any of the timeouts are zero. */
446
447if (ob->command_timeout <= 0 || ob->data_timeout <= 0 ||
448 ob->final_timeout <= 0)
449 log_write(0, LOG_PANIC_DIE|LOG_CONFIG,
450 "command, data, or final timeout value is zero for %s transport",
451 tblock->name);
452
453/* If hosts_override is set and there are local hosts, set the global
454flag that stops verify from showing router hosts. */
455
456if (ob->hosts_override && ob->hosts != NULL) tblock->overrides_hosts = TRUE;
457
458/* If there are any fallback hosts listed, build a chain of host items
459for them, but do not do any lookups at this time. */
460
461host_build_hostlist(&(ob->fallback_hostlist), ob->fallback_hosts, FALSE);
462}
463
464
465
466
467
468/*************************************************
469* Set delivery info into all active addresses *
470*************************************************/
471
472/* Only addresses whose status is >= PENDING are relevant. A lesser
473status means that an address is not currently being processed.
474
475Arguments:
447d236c
PH
476 addrlist points to a chain of addresses
477 errno_value to put in each address's errno field
478 msg to put in each address's message field
479 rc to put in each address's transport_return field
480 pass_message if TRUE, set the "pass message" flag in the address
c562fd30 481 host if set, mark addrs as having used this host
895fbaf2
JH
482 smtp_greeting from peer
483 helo_response from peer
0756eb3c
PH
484
485If errno_value has the special value ERRNO_CONNECTTIMEOUT, ETIMEDOUT is put in
486the errno field, and RTEF_CTOUT is ORed into the more_errno field, to indicate
487this particular type of timeout.
488
489Returns: nothing
490*/
491
7cd1141b
PH
492static void
493set_errno(address_item *addrlist, int errno_value, uschar *msg, int rc,
895fbaf2
JH
494 BOOL pass_message, host_item * host
495#ifdef EXPERIMENTAL_DSN_INFO
496 , const uschar * smtp_greeting, const uschar * helo_response
497#endif
498 )
0756eb3c 499{
0756eb3c
PH
500int orvalue = 0;
501if (errno_value == ERRNO_CONNECTTIMEOUT)
502 {
503 errno_value = ETIMEDOUT;
504 orvalue = RTEF_CTOUT;
505 }
d7978c0f 506for (address_item * addr = addrlist; addr; addr = addr->next)
168dec3b 507 if (addr->transport_return >= PENDING)
447d236c 508 {
168dec3b
JH
509 addr->basic_errno = errno_value;
510 addr->more_errno |= orvalue;
02b41d71 511 if (msg)
168dec3b
JH
512 {
513 addr->message = msg;
514 if (pass_message) setflag(addr, af_pass_message);
515 }
516 addr->transport_return = rc;
517 if (host)
895fbaf2 518 {
168dec3b 519 addr->host_used = host;
895fbaf2
JH
520#ifdef EXPERIMENTAL_DSN_INFO
521 if (smtp_greeting)
522 {uschar * s = Ustrchr(smtp_greeting, '\n'); if (s) *s = '\0';}
523 addr->smtp_greeting = smtp_greeting;
524
525 if (helo_response)
526 {uschar * s = Ustrchr(helo_response, '\n'); if (s) *s = '\0';}
527 addr->helo_response = helo_response;
528#endif
529 }
447d236c 530 }
0756eb3c
PH
531}
532
895fbaf2
JH
533static void
534set_errno_nohost(address_item *addrlist, int errno_value, uschar *msg, int rc,
535 BOOL pass_message)
536{
537set_errno(addrlist, errno_value, msg, rc, pass_message, NULL
538#ifdef EXPERIMENTAL_DSN_INFO
539 , NULL, NULL
540#endif
541 );
542}
0756eb3c
PH
543
544
545/*************************************************
546* Check an SMTP response *
547*************************************************/
548
549/* This function is given an errno code and the SMTP response buffer
550to analyse, together with the host identification for generating messages. It
551sets an appropriate message and puts the first digit of the response code into
552the yield variable. If no response was actually read, a suitable digit is
553chosen.
554
555Arguments:
447d236c
PH
556 host the current host, to get its name for messages
557 errno_value pointer to the errno value
558 more_errno from the top address for use with ERRNO_FILTER_FAIL
559 buffer the SMTP response buffer
560 yield where to put a one-digit SMTP response code
4c04137d 561 message where to put an error message
447d236c
PH
562 pass_message set TRUE if message is an SMTP response
563
564Returns: TRUE if an SMTP "QUIT" command should be sent, else FALSE
0756eb3c
PH
565*/
566
a7538db1
JH
567static BOOL
568check_response(host_item *host, int *errno_value, int more_errno,
447d236c 569 uschar *buffer, int *yield, uschar **message, BOOL *pass_message)
0756eb3c 570{
0d9fa8c0 571uschar * pl = pipelining_active ? US"pipelined " : US"";
e9166683 572const uschar * s;
0756eb3c
PH
573
574*yield = '4'; /* Default setting is to give a temporary error */
575
e9166683 576switch(*errno_value)
0756eb3c 577 {
e9166683
JH
578 case ETIMEDOUT: /* Handle response timeout */
579 *message = US string_sprintf("SMTP timeout after %s%s",
580 pl, smtp_command);
581 if (transport_count > 0)
582 *message = US string_sprintf("%s (%d bytes written)", *message,
583 transport_count);
584 return FALSE;
585
586 case ERRNO_SMTPFORMAT: /* Handle malformed SMTP response */
587 s = string_printing(buffer);
588 while (isspace(*s)) s++;
589 *message = *s == 0
590 ? string_sprintf("Malformed SMTP reply (an empty line) "
591 "in response to %s%s", pl, smtp_command)
592 : string_sprintf("Malformed SMTP reply in response to %s%s: %s",
593 pl, smtp_command, s);
594 return FALSE;
595
596 case ERRNO_FILTER_FAIL: /* Handle a failed filter process error;
597 can't send QUIT as we mustn't end the DATA. */
598 *message = string_sprintf("transport filter process failed (%d)%s",
599 more_errno,
600 more_errno == EX_EXECFAILED ? ": unable to execute command" : "");
601 return FALSE;
602
603 case ERRNO_CHHEADER_FAIL: /* Handle a failed add_headers expansion;
604 can't send QUIT as we mustn't end the DATA. */
605 *message =
606 string_sprintf("failed to expand headers_add or headers_remove: %s",
607 expand_string_message);
608 return FALSE;
609
610 case ERRNO_WRITEINCOMPLETE: /* failure to write a complete data block */
611 *message = string_sprintf("failed to write a data block");
612 return FALSE;
0756eb3c 613
8c5d388a 614#ifdef SUPPORT_I18N
e9166683
JH
615 case ERRNO_UTF8_FWD: /* no advertised SMTPUTF8, for international message */
616 *message = US"utf8 support required but not offered for forwarding";
617 DEBUG(D_deliver|D_transport) debug_printf("%s\n", *message);
618 return TRUE;
250b6871 619#endif
e9166683 620 }
250b6871 621
0756eb3c
PH
622/* Handle error responses from the remote mailer. */
623
624if (buffer[0] != 0)
625 {
e9166683
JH
626 *message = string_sprintf("SMTP error from remote mail server after %s%s: "
627 "%s", pl, smtp_command, s = string_printing(buffer));
447d236c 628 *pass_message = TRUE;
0756eb3c
PH
629 *yield = buffer[0];
630 return TRUE;
631 }
632
633/* No data was read. If there is no errno, this must be the EOF (i.e.
19b9dc85
PH
634connection closed) case, which causes deferral. An explicit connection reset
635error has the same effect. Otherwise, put the host's identity in the message,
636leaving the errno value to be interpreted as well. In all cases, we have to
637assume the connection is now dead. */
0756eb3c 638
19b9dc85 639if (*errno_value == 0 || *errno_value == ECONNRESET)
0756eb3c
PH
640 {
641 *errno_value = ERRNO_SMTPCLOSED;
c562fd30 642 *message = US string_sprintf("Remote host closed connection "
02b41d71 643 "in response to %s%s", pl, smtp_command);
0756eb3c 644 }
de6273b4
JH
645else
646 *message = US string_sprintf("%s [%s]", host->name, host->address);
0756eb3c
PH
647
648return FALSE;
649}
650
651
652
653/*************************************************
654* Write error message to logs *
655*************************************************/
656
657/* This writes to the main log and to the message log.
658
659Arguments:
0756eb3c 660 host the current host
ec62d0a9
HSHR
661 detail the current message (addr_item->message)
662 basic_errno the errno (addr_item->basic_errno)
0756eb3c
PH
663
664Returns: nothing
665*/
666
667static void
ec62d0a9 668write_logs(const host_item *host, const uschar *suffix, int basic_errno)
0756eb3c 669{
52f12a7c
JH
670gstring * message = LOGGING(outgoing_port)
671 ? string_fmt_append(NULL, "H=%s [%s]:%d", host->name, host->address,
584ddd64 672 host->port == PORT_NONE ? 25 : host->port)
52f12a7c 673 : string_fmt_append(NULL, "H=%s [%s]", host->name, host->address);
c562fd30 674
ec62d0a9 675if (suffix)
0756eb3c 676 {
52f12a7c 677 message = string_fmt_append(message, ": %s", suffix);
ec62d0a9 678 if (basic_errno > 0)
52f12a7c 679 message = string_fmt_append(message, ": %s", strerror(basic_errno));
0756eb3c
PH
680 }
681else
52f12a7c 682 message = string_fmt_append(message, " %s", exim_errstr(basic_errno));
ec62d0a9 683
52f12a7c
JH
684log_write(0, LOG_MAIN, "%s", string_from_gstring(message));
685deliver_msglog("%s %s\n", tod_stamp(tod_log), message->s);
0756eb3c
PH
686}
687
c562fd30
JH
688static void
689msglog_line(host_item * host, uschar * message)
690{
37f3dc43
JH
691deliver_msglog("%s H=%s [%s] %s\n", tod_stamp(tod_log),
692 host->name, host->address, message);
c562fd30
JH
693}
694
0756eb3c
PH
695
696
0cbf2b82 697#ifndef DISABLE_EVENT
d68218c7
JH
698/*************************************************
699* Post-defer action *
700*************************************************/
701
702/* This expands an arbitrary per-transport string.
703 It might, for example, be used to write to the database log.
704
705Arguments:
d68218c7
JH
706 addr the address item containing error information
707 host the current host
708
709Returns: nothing
710*/
711
712static void
774ef2d7 713deferred_event_raise(address_item *addr, host_item *host)
d68218c7 714{
774ef2d7 715uschar * action = addr->transport->event_action;
55414b25 716const uschar * save_domain;
a7538db1
JH
717uschar * save_local;
718
d68218c7 719if (!action)
a7538db1 720 return;
d68218c7 721
a7538db1
JH
722save_domain = deliver_domain;
723save_local = deliver_localpart;
724
725/*XXX would ip & port already be set up? */
726deliver_host_address = string_copy(host->address);
774ef2d7
JH
727deliver_host_port = host->port == PORT_NONE ? 25 : host->port;
728event_defer_errno = addr->basic_errno;
d68218c7
JH
729
730router_name = addr->router->name;
731transport_name = addr->transport->name;
a7538db1
JH
732deliver_domain = addr->domain;
733deliver_localpart = addr->local_part;
734
774ef2d7 735(void) event_raise(action, US"msg:host:defer",
a7538db1
JH
736 addr->message
737 ? addr->basic_errno > 0
738 ? string_sprintf("%s: %s", addr->message, strerror(addr->basic_errno))
739 : string_copy(addr->message)
740 : addr->basic_errno > 0
741 ? string_copy(US strerror(addr->basic_errno))
742 : NULL);
743
744deliver_localpart = save_local;
745deliver_domain = save_domain;
d68218c7
JH
746router_name = transport_name = NULL;
747}
748#endif
749
0756eb3c 750/*************************************************
ee8b8090
JH
751* Reap SMTP specific responses *
752*************************************************/
753static int
754smtp_discard_responses(smtp_context * sx, smtp_transport_options_block * ob,
755 int count)
756{
757uschar flushbuffer[4096];
758
759while (count-- > 0)
760 {
761 if (!smtp_read_response(sx, flushbuffer, sizeof(flushbuffer),
762 '2', ob->command_timeout)
763 && (errno != 0 || flushbuffer[0] == 0))
764 break;
765 }
766return count;
767}
768
769
770/* Return boolean success */
771
772static BOOL
773smtp_reap_banner(smtp_context * sx)
774{
775BOOL good_response = smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
776 '2', (SOB sx->conn_args.ob)->command_timeout);
777#ifdef EXPERIMENTAL_DSN_INFO
778sx->smtp_greeting = string_copy(sx->buffer);
779#endif
780return good_response;
781}
782
783static BOOL
784smtp_reap_ehlo(smtp_context * sx)
785{
786if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer), '2',
787 (SOB sx->conn_args.ob)->command_timeout))
788 {
789 if (errno != 0 || sx->buffer[0] == 0 || sx->lmtp)
790 {
791#ifdef EXPERIMENTAL_DSN_INFO
792 sx->helo_response = string_copy(sx->buffer);
793#endif
794 return FALSE;
795 }
796 sx->esmtp = FALSE;
797 }
798#ifdef EXPERIMENTAL_DSN_INFO
799sx->helo_response = string_copy(sx->buffer);
800#endif
801return TRUE;
802}
803
804
805
806#ifdef EXPERIMENTAL_PIPE_CONNECT
807static uschar *
808ehlo_cache_key(const smtp_context * sx)
809{
810host_item * host = sx->conn_args.host;
811return Ustrchr(host->address, ':')
812 ? string_sprintf("[%s]:%d.EHLO", host->address,
813 host->port == PORT_NONE ? sx->port : host->port)
814 : string_sprintf("%s:%d.EHLO", host->address,
815 host->port == PORT_NONE ? sx->port : host->port);
816}
817
818static void
819write_ehlo_cache_entry(const smtp_context * sx)
820{
821open_db dbblock, * dbm_file;
822
823if ((dbm_file = dbfn_open(US"misc", O_RDWR, &dbblock, TRUE)))
824 {
825 uschar * ehlo_resp_key = ehlo_cache_key(sx);
826 dbdata_ehlo_resp er = { .data = sx->ehlo_resp };
827
cb6bd80f
JH
828 HDEBUG(D_transport) debug_printf("writing clr %04x/%04x cry %04x/%04x\n",
829 sx->ehlo_resp.cleartext_features, sx->ehlo_resp.cleartext_auths,
830 sx->ehlo_resp.crypted_features, sx->ehlo_resp.crypted_auths);
831
ee8b8090
JH
832 dbfn_write(dbm_file, ehlo_resp_key, &er, (int)sizeof(er));
833 dbfn_close(dbm_file);
834 }
835}
836
837static void
838invalidate_ehlo_cache_entry(smtp_context * sx)
839{
840open_db dbblock, * dbm_file;
841
842if ( sx->early_pipe_active
843 && (dbm_file = dbfn_open(US"misc", O_RDWR, &dbblock, TRUE)))
844 {
845 uschar * ehlo_resp_key = ehlo_cache_key(sx);
846 dbfn_delete(dbm_file, ehlo_resp_key);
847 dbfn_close(dbm_file);
848 }
849}
850
851static BOOL
852read_ehlo_cache_entry(smtp_context * sx)
853{
854open_db dbblock;
855open_db * dbm_file;
856
857if (!(dbm_file = dbfn_open(US"misc", O_RDONLY, &dbblock, FALSE)))
858 { DEBUG(D_transport) debug_printf("ehlo-cache: no misc DB\n"); }
859else
860 {
861 uschar * ehlo_resp_key = ehlo_cache_key(sx);
862 dbdata_ehlo_resp * er;
863
864 if (!(er = dbfn_read(dbm_file, ehlo_resp_key)))
865 { DEBUG(D_transport) debug_printf("no ehlo-resp record\n"); }
866 else if (time(NULL) - er->time_stamp > retry_data_expire)
867 {
868 DEBUG(D_transport) debug_printf("ehlo-resp record too old\n");
869 dbfn_close(dbm_file);
870 if ((dbm_file = dbfn_open(US"misc", O_RDWR, &dbblock, TRUE)))
871 dbfn_delete(dbm_file, ehlo_resp_key);
872 }
873 else
874 {
875 sx->ehlo_resp = er->data;
876 dbfn_close(dbm_file);
877 DEBUG(D_transport) debug_printf(
878 "EHLO response bits from cache: cleartext 0x%04x crypted 0x%04x\n",
879 er->data.cleartext_features, er->data.crypted_features);
880 return TRUE;
881 }
882 dbfn_close(dbm_file);
883 }
884return FALSE;
885}
886
887
888
889/* Return an auths bitmap for the set of AUTH methods offered by the server
890which match our authenticators. */
891
892static unsigned short
893study_ehlo_auths(smtp_context * sx)
894{
895uschar * names;
896auth_instance * au;
897uschar authnum;
898unsigned short authbits = 0;
899
900if (!sx->esmtp) return 0;
901if (!regex_AUTH) regex_AUTH = regex_must_compile(AUTHS_REGEX, FALSE, TRUE);
902if (!regex_match_and_setup(regex_AUTH, sx->buffer, 0, -1)) return 0;
903expand_nmax = -1; /* reset */
904names = string_copyn(expand_nstring[1], expand_nlength[1]);
905
906for (au = auths, authnum = 0; au; au = au->next, authnum++) if (au->client)
907 {
908 const uschar * list = names;
909 int sep = ' ';
910 uschar name[32];
911
912 while (string_nextinlist(&list, &sep, name, sizeof(name)))
913 if (strcmpic(au->public_name, name) == 0)
914 { authbits |= BIT(authnum); break; }
915 }
916
917DEBUG(D_transport)
918 debug_printf("server offers %s AUTH, methods '%s', bitmap 0x%04x\n",
919 tls_out.active.sock >= 0 ? "crypted" : "plaintext", names, authbits);
920
921if (tls_out.active.sock >= 0)
922 sx->ehlo_resp.crypted_auths = authbits;
923else
924 sx->ehlo_resp.cleartext_auths = authbits;
925return authbits;
926}
927
928
929
930
931/* Wait for and check responses for early-pipelining.
932
933Called from the lower-level smtp_read_response() function
934used for general code that assume synchronisation, if context
935flags indicate outstanding early-pipelining commands. Also
936called fom sync_responses() which handles pipelined commands.
937
938Arguments:
939 sx smtp connection context
940 countp number of outstanding responses, adjusted on return
941
942Return:
943 OK all well
944 FAIL SMTP error in response
945*/
946int
947smtp_reap_early_pipe(smtp_context * sx, int * countp)
948{
949BOOL pending_BANNER = sx->pending_BANNER;
950BOOL pending_EHLO = sx->pending_EHLO;
951
952sx->pending_BANNER = FALSE; /* clear early to avoid recursion */
953sx->pending_EHLO = FALSE;
954
955if (pending_BANNER)
956 {
957 DEBUG(D_transport) debug_printf("%s expect banner\n", __FUNCTION__);
958 (*countp)--;
959 if (!smtp_reap_banner(sx))
960 {
961 DEBUG(D_transport) debug_printf("bad banner\n");
962 goto fail;
963 }
964 }
965
966if (pending_EHLO)
967 {
968 unsigned peer_offered;
969 unsigned short authbits = 0, * ap;
970
971 DEBUG(D_transport) debug_printf("%s expect ehlo\n", __FUNCTION__);
972 (*countp)--;
973 if (!smtp_reap_ehlo(sx))
974 {
975 DEBUG(D_transport) debug_printf("bad response for EHLO\n");
976 goto fail;
977 }
978
979 /* Compare the actual EHLO response to the cached value we assumed;
980 on difference, dump or rewrite the cache and arrange for a retry. */
981
982 ap = tls_out.active.sock < 0
983 ? &sx->ehlo_resp.cleartext_auths : &sx->ehlo_resp.crypted_auths;
984
985 peer_offered = ehlo_response(sx->buffer,
986 (tls_out.active.sock < 0 ? OPTION_TLS : OPTION_REQUIRETLS)
987 | OPTION_CHUNKING | OPTION_PRDR | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
988 | OPTION_UTF8 | OPTION_EARLY_PIPE
989 );
990 if ( peer_offered != sx->peer_offered
991 || (authbits = study_ehlo_auths(sx)) != *ap)
992 {
993 HDEBUG(D_transport)
cb6bd80f
JH
994 debug_printf("EHLO %s extensions changed, 0x%04x/0x%04x -> 0x%04x/0x%04x\n",
995 tls_out.active.sock < 0 ? "cleartext" : "crypted",
ee8b8090 996 sx->peer_offered, *ap, peer_offered, authbits);
cb6bd80f
JH
997 *(tls_out.active.sock < 0
998 ? &sx->ehlo_resp.cleartext_features : &sx->ehlo_resp.crypted_features) = peer_offered;
ee8b8090
JH
999 *ap = authbits;
1000 if (peer_offered & OPTION_EARLY_PIPE)
1001 write_ehlo_cache_entry(sx);
1002 else
1003 invalidate_ehlo_cache_entry(sx);
1004
1005 return OK; /* just carry on */
1006 }
1007 }
1008return OK;
1009
1010fail:
1011 invalidate_ehlo_cache_entry(sx);
1012 (void) smtp_discard_responses(sx, sx->conn_args.ob, *countp);
1013 return FAIL;
1014}
1015#endif
1016
1017
1018/*************************************************
0756eb3c
PH
1019* Synchronize SMTP responses *
1020*************************************************/
1021
1022/* This function is called from smtp_deliver() to receive SMTP responses from
1023the server, and match them up with the commands to which they relate. When
1024PIPELINING is not in use, this function is called after every command, and is
1025therefore somewhat over-engineered, but it is simpler to use a single scheme
1026that works both with and without PIPELINING instead of having two separate sets
1027of code.
1028
1029The set of commands that are buffered up with pipelining may start with MAIL
1030and may end with DATA; in between are RCPT commands that correspond to the
1031addresses whose status is PENDING_DEFER. All other commands (STARTTLS, AUTH,
1032etc.) are never buffered.
1033
1034Errors after MAIL or DATA abort the whole process leaving the response in the
1035buffer. After MAIL, pending responses are flushed, and the original command is
1036re-instated in big_buffer for error messages. For RCPT commands, the remote is
1037permitted to reject some recipient addresses while accepting others. However
1038certain errors clearly abort the whole process. Set the value in
1039transport_return to PENDING_OK if the address is accepted. If there is a
1040subsequent general error, it will get reset accordingly. If not, it will get
1041converted to OK at the end.
1042
1043Arguments:
df5b41e3 1044 sx smtp connection context
48c7f9e2 1045 count the number of responses to read
48c7f9e2
PH
1046 pending_DATA 0 if last command sent was not DATA
1047 +1 if previously had a good recipient
1048 -1 if not previously had a good recipient
0756eb3c
PH
1049
1050Returns: 3 if at least one address had 2xx and one had 5xx
1051 2 if at least one address had 5xx but none had 2xx
1052 1 if at least one host had a 2xx response, but none had 5xx
1053 0 no address had 2xx or 5xx but no errors (all 4xx, or just DATA)
1054 -1 timeout while reading RCPT response
1055 -2 I/O or other non-response error for RCPT
1056 -3 DATA or MAIL failed - errno and buffer set
ee8b8090 1057 -4 banner or EHLO failed (early-pipelining)
0756eb3c
PH
1058*/
1059
1060static int
df5b41e3 1061sync_responses(smtp_context * sx, int count, int pending_DATA)
0756eb3c 1062{
ee8b8090
JH
1063address_item * addr = sx->sync_addr;
1064smtp_transport_options_block * ob = sx->conn_args.ob;
0756eb3c
PH
1065int yield = 0;
1066
ee8b8090
JH
1067#ifdef EXPERIMENTAL_PIPE_CONNECT
1068if (smtp_reap_early_pipe(sx, &count) != OK)
1069 return -4;
1070#endif
1071
0756eb3c
PH
1072/* Handle the response for a MAIL command. On error, reinstate the original
1073command in big_buffer for error message use, and flush any further pending
1074responses before returning, except after I/O errors and timeouts. */
1075
df5b41e3 1076if (sx->pending_MAIL)
0756eb3c 1077 {
7c576fca 1078 DEBUG(D_transport) debug_printf("%s expect mail\n", __FUNCTION__);
0756eb3c 1079 count--;
251b9eb4 1080 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
e9166683 1081 '2', ob->command_timeout))
0756eb3c 1082 {
e027f545 1083 DEBUG(D_transport) debug_printf("bad response for MAIL\n");
0756eb3c 1084 Ustrcpy(big_buffer, mail_command); /* Fits, because it came from there! */
df5b41e3 1085 if (errno == 0 && sx->buffer[0] != 0)
0756eb3c 1086 {
e97957bc 1087 int save_errno = 0;
df5b41e3 1088 if (sx->buffer[0] == '4')
e97957bc
PH
1089 {
1090 save_errno = ERRNO_MAIL4XX;
df5b41e3 1091 addr->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
e97957bc 1092 }
ee8b8090 1093 count = smtp_discard_responses(sx, ob, count);
e97957bc 1094 errno = save_errno;
0756eb3c 1095 }
c562fd30
JH
1096
1097 if (pending_DATA) count--; /* Number of RCPT responses to come */
1098 while (count-- > 0) /* Mark any pending addrs with the host used */
1099 {
1100 while (addr->transport_return != PENDING_DEFER) addr = addr->next;
ee8b8090 1101 addr->host_used = sx->conn_args.host;
c562fd30
JH
1102 addr = addr->next;
1103 }
0756eb3c
PH
1104 return -3;
1105 }
1106 }
1107
1108if (pending_DATA) count--; /* Number of RCPT responses to come */
1109
1110/* Read and handle the required number of RCPT responses, matching each one up
1111with an address by scanning for the next address whose status is PENDING_DEFER.
1112*/
1113
1114while (count-- > 0)
1115 {
4c2471ca
JH
1116 while (addr->transport_return != PENDING_DEFER)
1117 if (!(addr = addr->next))
1118 return -2;
0756eb3c
PH
1119
1120 /* The address was accepted */
ee8b8090 1121 addr->host_used = sx->conn_args.host;
0756eb3c 1122
7c576fca 1123 DEBUG(D_transport) debug_printf("%s expect rcpt\n", __FUNCTION__);
251b9eb4 1124 if (smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
e9166683 1125 '2', ob->command_timeout))
0756eb3c
PH
1126 {
1127 yield |= 1;
1128 addr->transport_return = PENDING_OK;
1129
1130 /* If af_dr_retry_exists is set, there was a routing delay on this address;
09945f1e
PH
1131 ensure that any address-specific retry record is expunged. We do this both
1132 for the basic key and for the version that also includes the sender. */
0756eb3c
PH
1133
1134 if (testflag(addr, af_dr_retry_exists))
09945f1e
PH
1135 {
1136 uschar *altkey = string_sprintf("%s:<%s>", addr->address_retry_key,
1137 sender_address);
1138 retry_add_item(addr, altkey, rf_delete);
0756eb3c 1139 retry_add_item(addr, addr->address_retry_key, rf_delete);
09945f1e 1140 }
0756eb3c
PH
1141 }
1142
1143 /* Timeout while reading the response */
1144
1145 else if (errno == ETIMEDOUT)
1146 {
c562fd30 1147 uschar *message = string_sprintf("SMTP timeout after RCPT TO:<%s>",
ee8b8090 1148 transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes));
df5b41e3 1149 set_errno_nohost(sx->first_addr, ETIMEDOUT, message, DEFER, FALSE);
0756eb3c 1150 retry_add_item(addr, addr->address_retry_key, 0);
f6c332bd 1151 update_waiting = FALSE;
0756eb3c
PH
1152 return -1;
1153 }
1154
1155 /* Handle other errors in obtaining an SMTP response by returning -1. This
1156 will cause all the addresses to be deferred. Restore the SMTP command in
1157 big_buffer for which we are checking the response, so the error message
1158 makes sense. */
1159
df5b41e3 1160 else if (errno != 0 || sx->buffer[0] == 0)
0756eb3c
PH
1161 {
1162 string_format(big_buffer, big_buffer_size, "RCPT TO:<%s>",
ee8b8090 1163 transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes));
0756eb3c
PH
1164 return -2;
1165 }
1166
1167 /* Handle SMTP permanent and temporary response codes. */
1168
1169 else
1170 {
1171 addr->message =
447d236c 1172 string_sprintf("SMTP error from remote mail server after RCPT TO:<%s>: "
ee8b8090 1173 "%s", transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes),
df5b41e3 1174 string_printing(sx->buffer));
447d236c 1175 setflag(addr, af_pass_message);
e9166683 1176 if (!sx->verify)
ee8b8090 1177 msglog_line(sx->conn_args.host, addr->message);
0756eb3c
PH
1178
1179 /* The response was 5xx */
1180
df5b41e3 1181 if (sx->buffer[0] == '5')
0756eb3c
PH
1182 {
1183 addr->transport_return = FAIL;
1184 yield |= 2;
1185 }
1186
1187 /* The response was 4xx */
1188
1189 else
1190 {
0756eb3c
PH
1191 addr->transport_return = DEFER;
1192 addr->basic_errno = ERRNO_RCPT4XX;
df5b41e3 1193 addr->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
0756eb3c 1194
e9166683
JH
1195 if (!sx->verify)
1196 {
0cbf2b82 1197#ifndef DISABLE_EVENT
e9166683
JH
1198 event_defer_errno = addr->more_errno;
1199 msg_event_raise(US"msg:rcpt:host:defer", addr);
5ef5dd52
JB
1200#endif
1201
e9166683
JH
1202 /* Log temporary errors if there are more hosts to be tried.
1203 If not, log this last one in the == line. */
0756eb3c 1204
ee8b8090 1205 if (sx->conn_args.host->next)
67ea939c
JH
1206 if (LOGGING(outgoing_port))
1207 log_write(0, LOG_MAIN, "H=%s [%s]:%d %s", sx->conn_args.host->name,
1208 sx->conn_args.host->address,
1209 sx->port == PORT_NONE ? 25 : sx->port, addr->message);
1210 else
1211 log_write(0, LOG_MAIN, "H=%s [%s]: %s", sx->conn_args.host->name,
1212 sx->conn_args.host->address, addr->message);
0756eb3c 1213
0cbf2b82 1214#ifndef DISABLE_EVENT
e9166683
JH
1215 else
1216 msg_event_raise(US"msg:rcpt:defer", addr);
5ef5dd52
JB
1217#endif
1218
e9166683
JH
1219 /* Do not put this message on the list of those waiting for specific
1220 hosts, as otherwise it is likely to be tried too often. */
0756eb3c 1221
e9166683 1222 update_waiting = FALSE;
0756eb3c 1223
e9166683
JH
1224 /* Add a retry item for the address so that it doesn't get tried again
1225 too soon. If address_retry_include_sender is true, add the sender address
1226 to the retry key. */
0756eb3c 1227
e9166683
JH
1228 retry_add_item(addr,
1229 ob->address_retry_include_sender
1230 ? string_sprintf("%s:<%s>", addr->address_retry_key, sender_address)
1231 : addr->address_retry_key,
1232 0);
1233 }
0756eb3c
PH
1234 }
1235 }
1236 } /* Loop for next RCPT response */
1237
1238/* Update where to start at for the next block of responses, unless we
1239have already handled all the addresses. */
1240
e9166683 1241if (addr) sx->sync_addr = addr->next;
0756eb3c
PH
1242
1243/* Handle a response to DATA. If we have not had any good recipients, either
1244previously or in this block, the response is ignored. */
1245
7c576fca 1246if (pending_DATA != 0)
0756eb3c 1247 {
7c576fca 1248 DEBUG(D_transport) debug_printf("%s expect data\n", __FUNCTION__);
251b9eb4 1249 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer),
7c576fca 1250 '3', ob->command_timeout))
e97957bc 1251 {
7c576fca
JH
1252 int code;
1253 uschar *msg;
1254 BOOL pass_message;
1255 if (pending_DATA > 0 || (yield & 1) != 0)
e97957bc 1256 {
7c576fca
JH
1257 if (errno == 0 && sx->buffer[0] == '4')
1258 {
1259 errno = ERRNO_DATA4XX;
1260 sx->first_addr->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
1261 }
1262 return -3;
e97957bc 1263 }
ee8b8090 1264 (void)check_response(sx->conn_args.host, &errno, 0, sx->buffer, &code, &msg, &pass_message);
7c576fca
JH
1265 DEBUG(D_transport) debug_printf("%s\nerror for DATA ignored: pipelining "
1266 "is in use and there were no good recipients\n", msg);
e97957bc 1267 }
0756eb3c
PH
1268 }
1269
1270/* All responses read and handled; MAIL (if present) received 2xx and DATA (if
1271present) received 3xx. If any RCPTs were handled and yielded anything other
1272than 4xx, yield will be set non-zero. */
1273
1274return yield;
1275}
1276
1277
1278
ee8b8090
JH
1279
1280
1281/* Try an authenticator's client entry */
1282
1283static int
1284try_authenticator(smtp_context * sx, auth_instance * au)
1285{
1286smtp_transport_options_block * ob = sx->conn_args.ob; /* transport options */
1287host_item * host = sx->conn_args.host; /* host to deliver to */
1288int rc;
1289
1290sx->outblock.authenticating = TRUE;
1291rc = (au->info->clientcode)(au, sx, ob->command_timeout,
1292 sx->buffer, sizeof(sx->buffer));
1293sx->outblock.authenticating = FALSE;
1294DEBUG(D_transport) debug_printf("%s authenticator yielded %d\n", au->name, rc);
1295
1296/* A temporary authentication failure must hold up delivery to
1297this host. After a permanent authentication failure, we carry on
1298to try other authentication methods. If all fail hard, try to
1299deliver the message unauthenticated unless require_auth was set. */
1300
1301switch(rc)
1302 {
1303 case OK:
1304 f.smtp_authenticated = TRUE; /* stops the outer loop */
1305 client_authenticator = au->name;
1306 if (au->set_client_id)
1307 client_authenticated_id = expand_string(au->set_client_id);
1308 break;
1309
1310 /* Failure after writing a command */
1311
1312 case FAIL_SEND:
1313 return FAIL_SEND;
1314
1315 /* Failure after reading a response */
1316
1317 case FAIL:
1318 if (errno != 0 || sx->buffer[0] != '5') return FAIL;
1319 log_write(0, LOG_MAIN, "%s authenticator failed H=%s [%s] %s",
1320 au->name, host->name, host->address, sx->buffer);
1321 break;
1322
1323 /* Failure by some other means. In effect, the authenticator
1324 decided it wasn't prepared to handle this case. Typically this
1325 is the result of "fail" in an expansion string. Do we need to
1326 log anything here? Feb 2006: a message is now put in the buffer
1327 if logging is required. */
1328
1329 case CANCELLED:
1330 if (*sx->buffer != 0)
1331 log_write(0, LOG_MAIN, "%s authenticator cancelled "
1332 "authentication H=%s [%s] %s", au->name, host->name,
1333 host->address, sx->buffer);
1334 break;
1335
1336 /* Internal problem, message in buffer. */
1337
1338 case ERROR:
1339 set_errno_nohost(sx->addrlist, ERRNO_AUTHPROB, string_copy(sx->buffer),
1340 DEFER, FALSE);
1341 return ERROR;
1342 }
1343return OK;
1344}
1345
1346
1347
1348
1349/* Do the client side of smtp-level authentication.
1350
fcc8e047 1351Arguments:
ee8b8090
JH
1352 sx smtp connection context
1353
1354sx->buffer should have the EHLO response from server (gets overwritten)
fcc8e047
JH
1355
1356Returns:
1357 OK Success, or failed (but not required): global "smtp_authenticated" set
1358 DEFER Failed authentication (and was required)
1359 ERROR Internal problem
1360
1361 FAIL_SEND Failed communications - transmit
1362 FAIL - response
1363*/
1364
251b9eb4 1365static int
ee8b8090 1366smtp_auth(smtp_context * sx)
fcc8e047 1367{
ee8b8090
JH
1368host_item * host = sx->conn_args.host; /* host to deliver to */
1369smtp_transport_options_block * ob = sx->conn_args.ob; /* transport options */
1370int require_auth = verify_check_given_host(CUSS &ob->hosts_require_auth, host);
1371#ifdef EXPERIMENTAL_PIPE_CONNECT
1372unsigned short authbits = tls_out.active.sock >= 0
1373 ? sx->ehlo_resp.crypted_auths : sx->ehlo_resp.cleartext_auths;
1374#endif
1375uschar * fail_reason = US"server did not advertise AUTH support";
fcc8e047 1376
8768d548 1377f.smtp_authenticated = FALSE;
a7538db1 1378client_authenticator = client_authenticated_id = client_authenticated_sender = NULL;
fcc8e047 1379
ee8b8090
JH
1380if (!regex_AUTH)
1381 regex_AUTH = regex_must_compile(AUTHS_REGEX, FALSE, TRUE);
1382
1383/* Is the server offering AUTH? */
fcc8e047 1384
ee8b8090
JH
1385if ( sx->esmtp
1386 &&
1387#ifdef EXPERIMENTAL_PIPE_CONNECT
1388 sx->early_pipe_active ? authbits
1389 :
1390#endif
1391 regex_match_and_setup(regex_AUTH, sx->buffer, 0, -1)
1392 )
a7538db1 1393 {
ee8b8090 1394 uschar * names = NULL;
a7538db1 1395 expand_nmax = -1; /* reset */
fcc8e047 1396
ee8b8090
JH
1397#ifdef EXPERIMENTAL_PIPE_CONNECT
1398 if (!sx->early_pipe_active)
1399#endif
1400 names = string_copyn(expand_nstring[1], expand_nlength[1]);
1401
a7538db1 1402 /* Must not do this check until after we have saved the result of the
ee8b8090 1403 regex match above as the check could be another RE. */
fcc8e047 1404
ee8b8090
JH
1405 if ( require_auth == OK
1406 || verify_check_given_host(CUSS &ob->hosts_try_auth, host) == OK)
a7538db1 1407 {
ee8b8090 1408 auth_instance * au;
fcc8e047 1409
a7538db1 1410 DEBUG(D_transport) debug_printf("scanning authentication mechanisms\n");
ee8b8090
JH
1411 fail_reason = US"no common mechanisms were found";
1412
1413#ifdef EXPERIMENTAL_PIPE_CONNECT
1414 if (sx->early_pipe_active)
1415 {
1416 /* Scan our authenticators (which support use by a client and were offered
1417 by the server (checked at cache-write time)), not suppressed by
1418 client_condition. If one is found, attempt to authenticate by calling its
1419 client function. We are limited to supporting up to 16 authenticator
1420 public-names by the number of bits in a short. */
1421
1422 uschar bitnum;
1423 int rc;
1424
1425 for (bitnum = 0, au = auths;
1426 !f.smtp_authenticated && au && bitnum < 16;
1427 bitnum++, au = au->next) if (authbits & BIT(bitnum))
1428 {
1429 if ( au->client_condition
1430 && !expand_check_condition(au->client_condition, au->name,
1431 US"client authenticator"))
1432 {
1433 DEBUG(D_transport) debug_printf("skipping %s authenticator: %s\n",
1434 au->name, "client_condition is false");
1435 continue;
1436 }
1437
1438 /* Found data for a listed mechanism. Call its client entry. Set
1439 a flag in the outblock so that data is overwritten after sending so
1440 that reflections don't show it. */
1441
1442 fail_reason = US"authentication attempt(s) failed";
1443
1444 if ((rc = try_authenticator(sx, au)) != OK)
1445 return rc;
1446 }
1447 }
1448 else
1449#endif
fcc8e047 1450
a7538db1
JH
1451 /* Scan the configured authenticators looking for one which is configured
1452 for use as a client, which is not suppressed by client_condition, and
1453 whose name matches an authentication mechanism supported by the server.
1454 If one is found, attempt to authenticate by calling its client function.
1455 */
fcc8e047 1456
d7978c0f 1457 for (auth_instance * au = auths; !f.smtp_authenticated && au; au = au->next)
a7538db1
JH
1458 {
1459 uschar *p = names;
ee8b8090
JH
1460
1461 if ( !au->client
1462 || ( au->client_condition
1463 && !expand_check_condition(au->client_condition, au->name,
1464 US"client authenticator")))
a7538db1
JH
1465 {
1466 DEBUG(D_transport) debug_printf("skipping %s authenticator: %s\n",
1467 au->name,
1468 (au->client)? "client_condition is false" :
1469 "not configured as a client");
1470 continue;
1471 }
fcc8e047 1472
a7538db1 1473 /* Loop to scan supported server mechanisms */
fcc8e047 1474
cab0c277 1475 while (*p)
a7538db1 1476 {
a7538db1 1477 int len = Ustrlen(au->public_name);
ee8b8090
JH
1478 int rc;
1479
a7538db1 1480 while (isspace(*p)) p++;
fcc8e047 1481
a7538db1
JH
1482 if (strncmpic(au->public_name, p, len) != 0 ||
1483 (p[len] != 0 && !isspace(p[len])))
1484 {
1485 while (*p != 0 && !isspace(*p)) p++;
1486 continue;
1487 }
fcc8e047 1488
a7538db1
JH
1489 /* Found data for a listed mechanism. Call its client entry. Set
1490 a flag in the outblock so that data is overwritten after sending so
1491 that reflections don't show it. */
fcc8e047 1492
a7538db1 1493 fail_reason = US"authentication attempt(s) failed";
a7538db1 1494
ee8b8090
JH
1495 if ((rc = try_authenticator(sx, au)) != OK)
1496 return rc;
fcc8e047 1497
a7538db1
JH
1498 break; /* If not authenticated, try next authenticator */
1499 } /* Loop for scanning supported server mechanisms */
1500 } /* Loop for further authenticators */
fcc8e047 1501 }
a7538db1 1502 }
fcc8e047 1503
a7538db1 1504/* If we haven't authenticated, but are required to, give up. */
fcc8e047 1505
8768d548 1506if (require_auth == OK && !f.smtp_authenticated)
a7538db1 1507 {
251b9eb4 1508 set_errno_nohost(sx->addrlist, ERRNO_AUTHFAIL,
a7538db1 1509 string_sprintf("authentication required but %s", fail_reason), DEFER,
895fbaf2 1510 FALSE);
a7538db1
JH
1511 return DEFER;
1512 }
4d8d62b9 1513
a7538db1 1514return OK;
fcc8e047
JH
1515}
1516
1517
1518/* Construct AUTH appendix string for MAIL TO */
1519/*
1520Arguments
1521 buffer to build string
1522 addrlist chain of potential addresses to deliver
1523 ob transport options
1524
8768d548 1525Globals f.smtp_authenticated
fcc8e047
JH
1526 client_authenticated_sender
1527Return True on error, otherwise buffer has (possibly empty) terminated string
1528*/
1529
1530BOOL
1531smtp_mail_auth_str(uschar *buffer, unsigned bufsize, address_item *addrlist,
1532 smtp_transport_options_block *ob)
1533{
1534uschar *local_authenticated_sender = authenticated_sender;
1535
1536#ifdef notdef
8768d548 1537 debug_printf("smtp_mail_auth_str: as<%s> os<%s> SA<%s>\n", authenticated_sender, ob->authenticated_sender, f.smtp_authenticated?"Y":"N");
fcc8e047
JH
1538#endif
1539
1540if (ob->authenticated_sender != NULL)
1541 {
1542 uschar *new = expand_string(ob->authenticated_sender);
1543 if (new == NULL)
1544 {
8768d548 1545 if (!f.expand_string_forcedfail)
fcc8e047
JH
1546 {
1547 uschar *message = string_sprintf("failed to expand "
1548 "authenticated_sender: %s", expand_string_message);
895fbaf2 1549 set_errno_nohost(addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
fcc8e047
JH
1550 return TRUE;
1551 }
1552 }
1553 else if (new[0] != 0) local_authenticated_sender = new;
1554 }
1555
1556/* Add the authenticated sender address if present */
1557
8768d548 1558if ((f.smtp_authenticated || ob->authenticated_sender_force) &&
fcc8e047
JH
1559 local_authenticated_sender != NULL)
1560 {
1561 string_format(buffer, bufsize, " AUTH=%s",
1562 auth_xtextencode(local_authenticated_sender,
1563 Ustrlen(local_authenticated_sender)));
1564 client_authenticated_sender = string_copy(local_authenticated_sender);
1565 }
1566else
1567 *buffer= 0;
1568
1569return FALSE;
1570}
1571
1572
1573
c0635b6d 1574#ifdef SUPPORT_DANE
2d5fdd53
JH
1575/* Lookup TLSA record for host/port.
1576Return: OK success with dnssec; DANE mode
1577 DEFER Do not use this host now, may retry later
1578 FAIL_FORCED No TLSA record; DANE not usable
1579 FAIL Do not use this connection
1580*/
1581
0e66b3b6 1582int
4b0fe319 1583tlsa_lookup(const host_item * host, dns_answer * dnsa, BOOL dane_required)
0e66b3b6
JH
1584{
1585/* move this out to host.c given the similarity to dns_lookup() ? */
1586uschar buffer[300];
55414b25 1587const uschar * fullname = buffer;
58c30e47
JH
1588int rc;
1589BOOL sec;
0e66b3b6
JH
1590
1591/* TLSA lookup string */
1592(void)sprintf(CS buffer, "_%d._tcp.%.256s", host->port, host->name);
1593
58c30e47
JH
1594rc = dns_lookup(dnsa, buffer, T_TLSA, &fullname);
1595sec = dns_is_secure(dnsa);
1596DEBUG(D_transport)
1597 debug_printf("TLSA lookup ret %d %sDNSSEC\n", rc, sec ? "" : "not ");
1598
1599switch (rc)
0e66b3b6 1600 {
2d5fdd53
JH
1601 case DNS_AGAIN:
1602 return DEFER; /* just defer this TLS'd conn */
1603
899b8bbc 1604 case DNS_SUCCEED:
624f33df
JH
1605 if (sec)
1606 {
1607 DEBUG(D_transport)
1608 {
1609 dns_scan dnss;
d7978c0f 1610 for (dns_record * rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); rr;
1b76ad22
JH
1611 rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
1612 if (rr->type == T_TLSA && rr->size > 3)
1613 {
1614 uint16_t payload_length = rr->size - 3;
1615 uschar s[MAX_TLSA_EXPANDED_SIZE], * sp = s, * p = US rr->data;
1616
1617 sp += sprintf(CS sp, "%d ", *p++); /* usage */
1618 sp += sprintf(CS sp, "%d ", *p++); /* selector */
1619 sp += sprintf(CS sp, "%d ", *p++); /* matchtype */
1620 while (payload_length-- > 0 && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4))
1621 sp += sprintf(CS sp, "%02x", *p++);
1622
1623 debug_printf(" %s\n", s);
1624 }
624f33df
JH
1625 }
1626 return OK;
1627 }
899b8bbc
JH
1628 log_write(0, LOG_MAIN,
1629 "DANE error: TLSA lookup for %s not DNSSEC", host->name);
1630 /*FALLTRHOUGH*/
1631
ef3a1a30
JH
1632 case DNS_NODATA: /* no TLSA RR for this lookup */
1633 case DNS_NOMATCH: /* no records at all for this lookup */
6b524204 1634 return dane_required ? FAIL : FAIL_FORCED;
2d5fdd53
JH
1635
1636 default:
1637 case DNS_FAIL:
1638 return dane_required ? FAIL : DEFER;
0e66b3b6 1639 }
0e66b3b6
JH
1640}
1641#endif
1642
1643
a39bd74d
JB
1644
1645typedef struct smtp_compare_s
1646{
1647 uschar *current_sender_address;
1648 struct transport_instance *tblock;
1649} smtp_compare_t;
1650
d093f8e5
JH
1651
1652/* Create a unique string that identifies this message, it is based on
1653sender_address, helo_data and tls_certificate if enabled.
1654*/
a39bd74d
JB
1655
1656static uschar *
1657smtp_local_identity(uschar * sender, struct transport_instance * tblock)
1658{
1659address_item * addr1;
1660uschar * if1 = US"";
1661uschar * helo1 = US"";
1662#ifdef SUPPORT_TLS
1663uschar * tlsc1 = US"";
1664#endif
1665uschar * save_sender_address = sender_address;
1666uschar * local_identity = NULL;
ee8b8090 1667smtp_transport_options_block * ob = SOB tblock->options_block;
a39bd74d
JB
1668
1669sender_address = sender;
1670
1671addr1 = deliver_make_addr (sender, TRUE);
1672deliver_set_expansions(addr1);
1673
1674if (ob->interface)
1675 if1 = expand_string(ob->interface);
1676
1677if (ob->helo_data)
1678 helo1 = expand_string(ob->helo_data);
1679
1680#ifdef SUPPORT_TLS
1681if (ob->tls_certificate)
1682 tlsc1 = expand_string(ob->tls_certificate);
1683local_identity = string_sprintf ("%s^%s^%s", if1, helo1, tlsc1);
1684#else
1685local_identity = string_sprintf ("%s^%s", if1, helo1);
1686#endif
1687
1688deliver_set_expansions(NULL);
1689sender_address = save_sender_address;
1690
1691return local_identity;
1692}
1693
1694
1695
1696/* This routine is a callback that is called from transport_check_waiting.
1697This function will evaluate the incoming message versus the previous
1698message. If the incoming message is using a different local identity then
1699we will veto this new message. */
1700
1701static BOOL
1702smtp_are_same_identities(uschar * message_id, smtp_compare_t * s_compare)
1703{
dadff1d4
HSHR
1704uschar * message_local_identity,
1705 * current_local_identity,
1706 * new_sender_address;
1707
1708current_local_identity =
a39bd74d 1709 smtp_local_identity(s_compare->current_sender_address, s_compare->tblock);
a39bd74d 1710
dadff1d4
HSHR
1711if (!(new_sender_address = deliver_get_sender_address(message_id)))
1712 return 0;
1713
1714message_local_identity =
1715 smtp_local_identity(new_sender_address, s_compare->tblock);
a39bd74d
JB
1716
1717return Ustrcmp(current_local_identity, message_local_identity) == 0;
1718}
1719
1720
1721
8ac90765
JH
1722static unsigned
1723ehlo_response(uschar * buf, unsigned checks)
9094b84b 1724{
e9166683
JH
1725size_t bsize = Ustrlen(buf);
1726
ee8b8090 1727/* debug_printf("%s: check for 0x%04x\n", __FUNCTION__, checks); */
8ac90765 1728
ee8b8090 1729#ifdef SUPPORT_TLS
8ac90765
JH
1730# ifdef EXPERIMENTAL_REQUIRETLS
1731if ( checks & OPTION_REQUIRETLS
1732 && pcre_exec(regex_REQUIRETLS, NULL, CS buf,bsize, 0, PCRE_EOPT, NULL,0) < 0)
8ac90765 1733# endif
ee8b8090
JH
1734 checks &= ~OPTION_REQUIRETLS;
1735
1736if ( checks & OPTION_TLS
1737 && pcre_exec(regex_STARTTLS, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
9094b84b 1738#endif
ee8b8090 1739 checks &= ~OPTION_TLS;
9094b84b 1740
14de8063 1741if ( checks & OPTION_IGNQ
ff5aac2b
JH
1742 && pcre_exec(regex_IGNOREQUOTA, NULL, CS buf, bsize, 0,
1743 PCRE_EOPT, NULL, 0) < 0)
14de8063 1744 checks &= ~OPTION_IGNQ;
9094b84b 1745
14de8063 1746if ( checks & OPTION_CHUNKING
f98442df 1747 && pcre_exec(regex_CHUNKING, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
14de8063 1748 checks &= ~OPTION_CHUNKING;
f98442df 1749
9094b84b 1750#ifndef DISABLE_PRDR
14de8063 1751if ( checks & OPTION_PRDR
ff5aac2b 1752 && pcre_exec(regex_PRDR, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
9094b84b 1753#endif
ee8b8090 1754 checks &= ~OPTION_PRDR;
9094b84b
JH
1755
1756#ifdef SUPPORT_I18N
14de8063 1757if ( checks & OPTION_UTF8
ff5aac2b 1758 && pcre_exec(regex_UTF8, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
9094b84b 1759#endif
ee8b8090 1760 checks &= ~OPTION_UTF8;
9094b84b 1761
14de8063 1762if ( checks & OPTION_DSN
ff5aac2b 1763 && pcre_exec(regex_DSN, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
14de8063 1764 checks &= ~OPTION_DSN;
9094b84b 1765
14de8063 1766if ( checks & OPTION_PIPE
ff5aac2b
JH
1767 && pcre_exec(regex_PIPELINING, NULL, CS buf, bsize, 0,
1768 PCRE_EOPT, NULL, 0) < 0)
14de8063 1769 checks &= ~OPTION_PIPE;
9094b84b 1770
14de8063 1771if ( checks & OPTION_SIZE
ff5aac2b 1772 && pcre_exec(regex_SIZE, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0)
14de8063 1773 checks &= ~OPTION_SIZE;
9094b84b 1774
ee8b8090
JH
1775#ifdef EXPERIMENTAL_PIPE_CONNECT
1776if ( checks & OPTION_EARLY_PIPE
1777 && pcre_exec(regex_EARLY_PIPE, NULL, CS buf, bsize, 0,
1778 PCRE_EOPT, NULL, 0) < 0)
1779#endif
1780 checks &= ~OPTION_EARLY_PIPE;
1781
1782/* debug_printf("%s: found 0x%04x\n", __FUNCTION__, checks); */
9094b84b
JH
1783return checks;
1784}
1785
1786
6d5c916c
JH
1787
1788/* Callback for emitting a BDAT data chunk header.
6d5c916c 1789
e027f545
JH
1790If given a nonzero size, first flush any buffered SMTP commands
1791then emit the command.
1792
d2aa036b
JH
1793Reap previous SMTP command responses if requested, and always reap
1794the response from a previous BDAT command.
1795
1796Args:
1797 tctx transport context
1798 chunk_size value for SMTP BDAT command
1799 flags
1800 tc_chunk_last add LAST option to SMTP BDAT command
1801 tc_reap_prev reap response to previous SMTP commands
6d5c916c
JH
1802
1803Returns: OK or ERROR
1804*/
1805
1806static int
d2aa036b
JH
1807smtp_chunk_cmd_callback(transport_ctx * tctx, unsigned chunk_size,
1808 unsigned flags)
6d5c916c 1809{
ee8b8090 1810smtp_transport_options_block * ob = SOB tctx->tblock->options_block;
e9166683 1811smtp_context * sx = tctx->smtp_context;
e027f545
JH
1812int cmd_count = 0;
1813int prev_cmd_count;
6d5c916c 1814
4e910c01
JH
1815/* Write SMTP chunk header command. If not reaping responses, note that
1816there may be more writes (like, the chunk data) done soon. */
6d5c916c 1817
e027f545 1818if (chunk_size > 0)
87cb4a16 1819 {
ee8b8090
JH
1820#ifdef EXPERIMENTAL_PIPE_CONNECT
1821 BOOL new_conn = !!(sx->outblock.conn_args);
1822#endif
251b9eb4 1823 if((cmd_count = smtp_write_command(sx,
4e910c01
JH
1824 flags & tc_reap_prev ? SCMD_FLUSH : SCMD_MORE,
1825 "BDAT %u%s\r\n", chunk_size, flags & tc_chunk_last ? " LAST" : "")
e027f545 1826 ) < 0) return ERROR;
87cb4a16
JH
1827 if (flags & tc_chunk_last)
1828 data_command = string_copy(big_buffer); /* Save for later error message */
ee8b8090
JH
1829#ifdef EXPERIMENTAL_PIPE_CONNECT
1830 /* That command write could have been the one that made the connection.
1831 Copy the fd from the client conn ctx (smtp transport specific) to the
1832 generic transport ctx. */
1833
1834 if (new_conn)
1835 tctx->u.fd = sx->outblock.cctx->sock;
1836#endif
87cb4a16 1837 }
e027f545 1838
e9166683 1839prev_cmd_count = cmd_count += sx->cmd_count;
6d5c916c 1840
e027f545 1841/* Reap responses for any previous, but not one we just emitted */
6d5c916c 1842
e027f545
JH
1843if (chunk_size > 0)
1844 prev_cmd_count--;
e9166683 1845if (sx->pending_BDAT)
e027f545 1846 prev_cmd_count--;
6d5c916c 1847
e027f545 1848if (flags & tc_reap_prev && prev_cmd_count > 0)
6d5c916c 1849 {
58fc5fb2
JH
1850 DEBUG(D_transport) debug_printf("look for %d responses"
1851 " for previous pipelined cmds\n", prev_cmd_count);
6d5c916c 1852
e9166683 1853 switch(sync_responses(sx, prev_cmd_count, 0))
e027f545
JH
1854 {
1855 case 1: /* 2xx (only) => OK */
e9166683
JH
1856 case 3: sx->good_RCPT = TRUE; /* 2xx & 5xx => OK & progress made */
1857 case 2: sx->completed_addr = TRUE; /* 5xx (only) => progress made */
e027f545
JH
1858 case 0: break; /* No 2xx or 5xx, but no probs */
1859
1860 case -1: /* Timeout on RCPT */
ee8b8090
JH
1861#ifdef EXPERIMENTAL_PIPE_CONNECT
1862 case -4: /* non-2xx for pipelined banner or EHLO */
1863#endif
e027f545
JH
1864 default: return ERROR; /* I/O error, or any MAIL/DATA error */
1865 }
1866 cmd_count = 1;
e9166683 1867 if (!sx->pending_BDAT)
e027f545 1868 pipelining_active = FALSE;
6d5c916c 1869 }
e027f545 1870
58fc5fb2 1871/* Reap response for an outstanding BDAT */
e027f545 1872
e9166683 1873if (sx->pending_BDAT)
e027f545 1874 {
58fc5fb2
JH
1875 DEBUG(D_transport) debug_printf("look for one response for BDAT\n");
1876
251b9eb4 1877 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer), '2',
e027f545
JH
1878 ob->command_timeout))
1879 {
e9166683 1880 if (errno == 0 && sx->buffer[0] == '4')
e027f545
JH
1881 {
1882 errno = ERRNO_DATA4XX; /*XXX does this actually get used? */
36e55f49 1883 sx->addrlist->more_errno |=
e9166683 1884 ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
e027f545
JH
1885 }
1886 return ERROR;
1887 }
1888 cmd_count--;
e9166683 1889 sx->pending_BDAT = FALSE;
e027f545
JH
1890 pipelining_active = FALSE;
1891 }
1892else if (chunk_size > 0)
e9166683 1893 sx->pending_BDAT = TRUE;
e027f545
JH
1894
1895
e9166683 1896sx->cmd_count = cmd_count;
e027f545 1897return OK;
6d5c916c
JH
1898}
1899
1900
1901
ee8b8090
JH
1902
1903
0756eb3c 1904/*************************************************
d093f8e5 1905* Make connection for given message *
0756eb3c
PH
1906*************************************************/
1907
d093f8e5
JH
1908/*
1909Arguments:
1910 ctx connection context
d093f8e5
JH
1911 suppress_tls if TRUE, don't attempt a TLS connection - this is set for
1912 a second attempt after TLS initialization fails
d093f8e5
JH
1913
1914Returns: OK - the connection was made and the delivery attempted;
1915 fd is set in the conn context, tls_out set up.
1916 DEFER - the connection could not be made, or something failed
1917 while setting up the SMTP session, or there was a
1918 non-message-specific error, such as a timeout.
1919 ERROR - helo_data or add_headers or authenticated_sender is
1920 specified for this transport, and the string failed
1921 to expand
1922*/
1923int
e9166683 1924smtp_setup_conn(smtp_context * sx, BOOL suppress_tls)
d093f8e5 1925{
c0635b6d 1926#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE)
d093f8e5
JH
1927dns_answer tlsa_dnsa;
1928#endif
ee8b8090 1929smtp_transport_options_block * ob = sx->conn_args.tblock->options_block;
d093f8e5 1930BOOL pass_message = FALSE;
d093f8e5 1931uschar * message = NULL;
d093f8e5
JH
1932int yield = OK;
1933int rc;
1934
ee8b8090 1935sx->conn_args.ob = ob;
d093f8e5 1936
ee8b8090
JH
1937sx->lmtp = strcmpic(ob->protocol, US"lmtp") == 0;
1938sx->smtps = strcmpic(ob->protocol, US"smtps") == 0;
d093f8e5
JH
1939sx->ok = FALSE;
1940sx->send_rset = TRUE;
1941sx->send_quit = TRUE;
1942sx->setting_up = TRUE;
1943sx->esmtp = TRUE;
1944sx->esmtp_sent = FALSE;
59a286ef 1945#ifdef SUPPORT_I18N
d093f8e5 1946sx->utf8_needed = FALSE;
59a286ef 1947#endif
d093f8e5 1948sx->dsn_all_lasthop = TRUE;
c0635b6d 1949#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE)
d093f8e5 1950sx->dane = FALSE;
8ac90765 1951sx->dane_required =
ee8b8090
JH
1952 verify_check_given_host(CUSS &ob->hosts_require_dane, sx->conn_args.host) == OK;
1953#endif
1954#ifdef EXPERIMENTAL_PIPE_CONNECT
1955sx->early_pipe_active = sx->early_pipe_ok = FALSE;
1956sx->ehlo_resp.cleartext_features = sx->ehlo_resp.crypted_features = 0;
1957sx->pending_BANNER = sx->pending_EHLO = FALSE;
d093f8e5
JH
1958#endif
1959
ee8b8090 1960if ((sx->max_rcpt = sx->conn_args.tblock->max_addresses) == 0) sx->max_rcpt = 999999;
d093f8e5 1961sx->peer_offered = 0;
14de8063 1962sx->avoid_option = 0;
d093f8e5 1963sx->igquotstr = US"";
ee8b8090 1964if (!sx->helo_data) sx->helo_data = ob->helo_data;
d093f8e5
JH
1965#ifdef EXPERIMENTAL_DSN_INFO
1966sx->smtp_greeting = NULL;
1967sx->helo_response = NULL;
59a286ef
JH
1968#endif
1969
0756eb3c 1970smtp_command = US"initial connection";
d093f8e5 1971sx->buffer[0] = '\0';
0756eb3c
PH
1972
1973/* Set up the buffer for reading SMTP response packets. */
1974
d093f8e5
JH
1975sx->inblock.buffer = sx->inbuffer;
1976sx->inblock.buffersize = sizeof(sx->inbuffer);
1977sx->inblock.ptr = sx->inbuffer;
1978sx->inblock.ptrend = sx->inbuffer;
0756eb3c
PH
1979
1980/* Set up the buffer for holding SMTP commands while pipelining */
1981
d093f8e5
JH
1982sx->outblock.buffer = sx->outbuffer;
1983sx->outblock.buffersize = sizeof(sx->outbuffer);
1984sx->outblock.ptr = sx->outbuffer;
1985sx->outblock.cmd_count = 0;
1986sx->outblock.authenticating = FALSE;
ee8b8090 1987sx->outblock.conn_args = NULL;
0756eb3c 1988
6c512171
PH
1989/* Reset the parameters of a TLS session. */
1990
817d9f57
JH
1991tls_out.bits = 0;
1992tls_out.cipher = NULL; /* the one we may use for this transport */
9d1c15ef
JH
1993tls_out.ourcert = NULL;
1994tls_out.peercert = NULL;
817d9f57
JH
1995tls_out.peerdn = NULL;
1996#if defined(SUPPORT_TLS) && !defined(USE_GNUTLS)
1997tls_out.sni = NULL;
5b456975 1998#endif
018058b2 1999tls_out.ocsp = OCSP_NOT_REQ;
6c512171 2000
35aba663
JH
2001/* Flip the legacy TLS-related variables over to the outbound set in case
2002they're used in the context of the transport. Don't bother resetting
02b41d71
JH
2003afterward (when being used by a transport) as we're in a subprocess.
2004For verify, unflipped once the callout is dealt with */
35aba663
JH
2005
2006tls_modify_variables(&tls_out);
2007
061b7ebd 2008#ifndef SUPPORT_TLS
d093f8e5 2009if (sx->smtps)
061b7ebd 2010 {
d093f8e5 2011 set_errno_nohost(sx->addrlist, ERRNO_TLSFAILURE, US"TLS support not available",
895fbaf2 2012 DEFER, FALSE);
018058b2 2013 return ERROR;
061b7ebd
PP
2014 }
2015#endif
2016
0756eb3c
PH
2017/* Make a connection to the host if this isn't a continued delivery, and handle
2018the initial interaction and HELO/EHLO/LHLO. Connect timeout errors are handled
2019specially so they can be identified for retries. */
2020
58c30e47 2021if (!continue_hostname)
0756eb3c 2022 {
e9166683 2023 if (sx->verify)
ee8b8090 2024 HDEBUG(D_verify) debug_printf("interface=%s port=%d\n", sx->conn_args.interface, sx->port);
02b41d71 2025
ee8b8090 2026 /* Get the actual port the connection will use, into sx->conn_args.host */
4311097e 2027
ee8b8090 2028 smtp_port_for_connect(sx->conn_args.host, sx->port);
0756eb3c 2029
c0635b6d 2030#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE)
58c30e47 2031 /* Do TLSA lookup for DANE */
0e66b3b6 2032 {
0e66b3b6
JH
2033 tls_out.dane_verified = FALSE;
2034 tls_out.tlsa_usage = 0;
2035
ee8b8090 2036 if (sx->conn_args.host->dnssec == DS_YES)
0e66b3b6 2037 {
d093f8e5 2038 if( sx->dane_required
ee8b8090 2039 || verify_check_given_host(CUSS &ob->hosts_try_dane, sx->conn_args.host) == OK
0e66b3b6 2040 )
ee8b8090 2041 switch (rc = tlsa_lookup(sx->conn_args.host, &tlsa_dnsa, sx->dane_required))
4b0fe319 2042 {
58c30e47 2043 case OK: sx->dane = TRUE;
ee8b8090 2044 ob->tls_tempfail_tryclear = FALSE;
58c30e47 2045 break;
2d5fdd53 2046 case FAIL_FORCED: break;
d093f8e5 2047 default: set_errno_nohost(sx->addrlist, ERRNO_DNSDEFER,
2d5fdd53 2048 string_sprintf("DANE error: tlsa lookup %s",
aeb65e91 2049 rc_to_string(rc)),
2d5fdd53 2050 rc, FALSE);
8d3dc239 2051# ifndef DISABLE_EVENT
ee8b8090 2052 (void) event_raise(sx->conn_args.tblock->event_action,
c4b57fdd
JH
2053 US"dane:fail", sx->dane_required
2054 ? US"dane-required" : US"dnssec-invalid");
8d3dc239 2055# endif
2d5fdd53 2056 return rc;
4b0fe319 2057 }
0e66b3b6 2058 }
d093f8e5 2059 else if (sx->dane_required)
0e66b3b6 2060 {
d093f8e5 2061 set_errno_nohost(sx->addrlist, ERRNO_DNSDEFER,
ee8b8090 2062 string_sprintf("DANE error: %s lookup not DNSSEC", sx->conn_args.host->name),
895fbaf2 2063 FAIL, FALSE);
8d3dc239 2064# ifndef DISABLE_EVENT
ee8b8090 2065 (void) event_raise(sx->conn_args.tblock->event_action,
c4b57fdd 2066 US"dane:fail", US"dane-required");
8d3dc239 2067# endif
4b0fe319 2068 return FAIL;
0e66b3b6 2069 }
0e66b3b6
JH
2070 }
2071#endif /*DANE*/
2072
58c30e47
JH
2073 /* Make the TCP connection */
2074
74f1a423
JH
2075 sx->cctx.tls_ctx = NULL;
2076 sx->inblock.cctx = sx->outblock.cctx = &sx->cctx;
ee8b8090 2077 sx->avoid_option = sx->peer_offered = smtp_peer_options = 0;
58c30e47 2078
ee8b8090
JH
2079#ifdef EXPERIMENTAL_PIPE_CONNECT
2080 if (verify_check_given_host(CUSS &ob->hosts_pipe_connect, sx->conn_args.host) == OK)
58c30e47 2081 {
ee8b8090
JH
2082 sx->early_pipe_ok = TRUE;
2083 if ( read_ehlo_cache_entry(sx)
2084 && sx->ehlo_resp.cleartext_features & OPTION_EARLY_PIPE)
58c30e47 2085 {
ee8b8090
JH
2086 DEBUG(D_transport) debug_printf("Using cached cleartext PIPE_CONNECT\n");
2087 sx->early_pipe_active = TRUE;
2088 sx->peer_offered = sx->ehlo_resp.cleartext_features;
58c30e47 2089 }
58c30e47
JH
2090 }
2091
ee8b8090
JH
2092 if (sx->early_pipe_active)
2093 sx->outblock.conn_args = &sx->conn_args;
2094 else
2095#endif
2096 {
2097 if ((sx->cctx.sock = smtp_connect(&sx->conn_args, NULL)) < 0)
2098 {
2099 uschar * msg = NULL;
2100 if (sx->verify)
2101 {
2102 msg = US strerror(errno);
2103 HDEBUG(D_verify) debug_printf("connect: %s\n", msg);
2104 }
2105 set_errno_nohost(sx->addrlist,
2106 errno == ETIMEDOUT ? ERRNO_CONNECTTIMEOUT : errno,
2107 sx->verify ? string_sprintf("could not connect: %s", msg)
2108 : NULL,
2109 DEFER, FALSE);
2110 sx->send_quit = FALSE;
2111 return DEFER;
2112 }
2113 }
41c7c167
PH
2114 /* Expand the greeting message while waiting for the initial response. (Makes
2115 sense if helo_data contains ${lookup dnsdb ...} stuff). The expansion is
2116 delayed till here so that $sending_interface and $sending_port are set. */
ee8b8090
JH
2117/*XXX early-pipe: they still will not be. Is there any way to find out what they
2118will be? Somehow I doubt it. */
41c7c167 2119
02b41d71
JH
2120 if (sx->helo_data)
2121 if (!(sx->helo_data = expand_string(sx->helo_data)))
e9166683 2122 if (sx->verify)
02b41d71
JH
2123 log_write(0, LOG_MAIN|LOG_PANIC,
2124 "<%s>: failed to expand transport's helo_data value for callout: %s",
2125 sx->addrlist->address, expand_string_message);
2126
8c5d388a 2127#ifdef SUPPORT_I18N
d093f8e5 2128 if (sx->helo_data)
810d16ad 2129 {
02b41d71
JH
2130 expand_string_message = NULL;
2131 if ((sx->helo_data = string_domain_utf8_to_alabel(sx->helo_data,
2132 &expand_string_message)),
2133 expand_string_message)
e9166683 2134 if (sx->verify)
02b41d71
JH
2135 log_write(0, LOG_MAIN|LOG_PANIC,
2136 "<%s>: failed to expand transport's helo_data value for callout: %s",
2137 sx->addrlist->address, expand_string_message);
2138 else
2139 sx->helo_data = NULL;
810d16ad
JH
2140 }
2141#endif
41c7c167 2142
0756eb3c
PH
2143 /* The first thing is to wait for an initial OK response. The dreaded "goto"
2144 is nevertheless a reasonably clean way of programming this kind of logic,
2145 where you want to escape on any error. */
2146
d093f8e5 2147 if (!sx->smtps)
061b7ebd 2148 {
ee8b8090
JH
2149#ifdef EXPERIMENTAL_PIPE_CONNECT
2150 if (sx->early_pipe_active)
2151 {
2152 sx->pending_BANNER = TRUE; /* sync_responses() must eventually handle */
2153 sx->outblock.cmd_count = 1;
2154 }
2155 else
8d330698 2156#endif
ee8b8090
JH
2157 {
2158#ifdef TCP_QUICKACK
2159 (void) setsockopt(sx->cctx.sock, IPPROTO_TCP, TCP_QUICKACK, US &off,
2160 sizeof(off));
895fbaf2 2161#endif
ee8b8090
JH
2162 if (!smtp_reap_banner(sx))
2163 goto RESPONSE_FAILED;
2164 }
0756eb3c 2165
0cbf2b82 2166#ifndef DISABLE_EVENT
b30275b8 2167 {
805c9d53 2168 uschar * s;
ee8b8090
JH
2169 lookup_dnssec_authenticated = sx->conn_args.host->dnssec==DS_YES ? US"yes"
2170 : sx->conn_args.host->dnssec==DS_NO ? US"no" : NULL;
2171 s = event_raise(sx->conn_args.tblock->event_action, US"smtp:connect", sx->buffer);
b30275b8 2172 if (s)
a7538db1 2173 {
d093f8e5 2174 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL,
b30275b8 2175 string_sprintf("deferred by smtp:connect event expansion: %s", s),
895fbaf2 2176 DEFER, FALSE);
a7538db1
JH
2177 yield = DEFER;
2178 goto SEND_QUIT;
2179 }
b30275b8 2180 }
a7538db1
JH
2181#endif
2182
061b7ebd
PP
2183 /* Now check if the helo_data expansion went well, and sign off cleanly if
2184 it didn't. */
41c7c167 2185
d093f8e5 2186 if (!sx->helo_data)
061b7ebd 2187 {
d093f8e5 2188 message = string_sprintf("failed to expand helo_data: %s",
061b7ebd 2189 expand_string_message);
d093f8e5 2190 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
061b7ebd
PP
2191 yield = DEFER;
2192 goto SEND_QUIT;
2193 }
41c7c167
PH
2194 }
2195
0756eb3c 2196/** Debugging without sending a message
d093f8e5 2197sx->addrlist->transport_return = DEFER;
0756eb3c
PH
2198goto SEND_QUIT;
2199**/
2200
2201 /* Errors that occur after this point follow an SMTP command, which is
2202 left in big_buffer by smtp_write_command() for use in error messages. */
2203
2204 smtp_command = big_buffer;
2205
2206 /* Tell the remote who we are...
2207
2208 February 1998: A convention has evolved that ESMTP-speaking MTAs include the
2209 string "ESMTP" in their greeting lines, so make Exim send EHLO if the
2210 greeting is of this form. The assumption was that the far end supports it
2211 properly... but experience shows that there are some that give 5xx responses,
2212 even though the banner includes "ESMTP" (there's a bloody-minded one that
2213 says "ESMTP not spoken here"). Cope with that case.
2214
2215 September 2000: Time has passed, and it seems reasonable now to always send
2216 EHLO at the start. It is also convenient to make the change while installing
2217 the TLS stuff.
2218
2219 July 2003: Joachim Wieland met a broken server that advertises "PIPELINING"
2220 but times out after sending MAIL FROM, RCPT TO and DATA all together. There
2221 would be no way to send out the mails, so there is now a host list
2222 "hosts_avoid_esmtp" that disables ESMTP for special hosts and solves the
2223 PIPELINING problem as well. Maybe it can also be useful to cure other
2224 problems with broken servers.
2225
2226 Exim originally sent "Helo" at this point and ran for nearly a year that way.
2227 Then somebody tried it with a Microsoft mailer... It seems that all other
2228 mailers use upper case for some reason (the RFC is quite clear about case
2229 independence) so, for peace of mind, I gave in. */
2230
ee8b8090 2231 sx->esmtp = verify_check_given_host(CUSS &ob->hosts_avoid_esmtp, sx->conn_args.host) != OK;
0756eb3c 2232
061b7ebd
PP
2233 /* Alas; be careful, since this goto is not an error-out, so conceivably
2234 we might set data between here and the target which we assume to exist
2235 and be usable. I can see this coming back to bite us. */
a7538db1 2236#ifdef SUPPORT_TLS
d093f8e5 2237 if (sx->smtps)
061b7ebd 2238 {
14de8063 2239 smtp_peer_options |= OPTION_TLS;
061b7ebd 2240 suppress_tls = FALSE;
ee8b8090 2241 ob->tls_tempfail_tryclear = FALSE;
061b7ebd
PP
2242 smtp_command = US"SSL-on-connect";
2243 goto TLS_NEGOTIATE;
2244 }
a7538db1 2245#endif
061b7ebd 2246
d093f8e5 2247 if (sx->esmtp)
0756eb3c 2248 {
ee8b8090
JH
2249 if (smtp_write_command(sx,
2250#ifdef EXPERIMENTAL_PIPE_CONNECT
2251 sx->early_pipe_active ? SCMD_BUFFER :
2252#endif
2253 SCMD_FLUSH,
2254 "%s %s\r\n", sx->lmtp ? "LHLO" : "EHLO", sx->helo_data) < 0)
0756eb3c 2255 goto SEND_FAILED;
d093f8e5 2256 sx->esmtp_sent = TRUE;
ee8b8090
JH
2257
2258#ifdef EXPERIMENTAL_PIPE_CONNECT
2259 if (sx->early_pipe_active)
0756eb3c 2260 {
ee8b8090
JH
2261 sx->pending_EHLO = TRUE;
2262
2263 /* If we have too many authenticators to handle and might need to AUTH
2264 for this transport, pipeline no further as we will need the
2265 list of auth methods offered. Reap the banner and EHLO. */
2266
2267 if ( (ob->hosts_require_auth || ob->hosts_try_auth)
2268 && f.smtp_in_early_pipe_no_auth)
895fbaf2 2269 {
ee8b8090
JH
2270 DEBUG(D_transport) debug_printf("may need to auth, so pipeline no further\n");
2271 if (smtp_write_command(sx, SCMD_FLUSH, NULL) < 0)
2272 goto SEND_FAILED;
2273 if (sync_responses(sx, 2, 0) != 0)
2274 {
2275 HDEBUG(D_transport)
2276 debug_printf("failed reaping pipelined cmd responses\n");
2277 goto RESPONSE_FAILED;
2278 }
2279 sx->early_pipe_active = FALSE;
895fbaf2 2280 }
0756eb3c 2281 }
ee8b8090 2282 else
895fbaf2 2283#endif
ee8b8090
JH
2284 if (!smtp_reap_ehlo(sx))
2285 goto RESPONSE_FAILED;
0756eb3c
PH
2286 }
2287 else
0756eb3c
PH
2288 DEBUG(D_transport)
2289 debug_printf("not sending EHLO (host matches hosts_avoid_esmtp)\n");
0756eb3c 2290
ee8b8090
JH
2291#ifdef EXPERIMENTAL_PIPE_CONNECT
2292 if (!sx->early_pipe_active)
2293#endif
2294 if (!sx->esmtp)
2295 {
2296 BOOL good_response;
2297 int n = sizeof(sx->buffer);
2298 uschar * rsp = sx->buffer;
a57ce043 2299
ee8b8090
JH
2300 if (sx->esmtp_sent && (n = Ustrlen(sx->buffer)) < sizeof(sx->buffer)/2)
2301 { rsp = sx->buffer + n + 1; n = sizeof(sx->buffer) - n; }
895fbaf2 2302
ee8b8090
JH
2303 if (smtp_write_command(sx, SCMD_FLUSH, "HELO %s\r\n", sx->helo_data) < 0)
2304 goto SEND_FAILED;
2305 good_response = smtp_read_response(sx, rsp, n, '2', ob->command_timeout);
895fbaf2 2306#ifdef EXPERIMENTAL_DSN_INFO
ee8b8090 2307 sx->helo_response = string_copy(rsp);
895fbaf2 2308#endif
ee8b8090 2309 if (!good_response)
a57ce043 2310 {
ee8b8090
JH
2311 /* Handle special logging for a closed connection after HELO
2312 when had previously sent EHLO */
2313
2314 if (rsp != sx->buffer && rsp[0] == 0 && (errno == 0 || errno == ECONNRESET))
2315 {
2316 errno = ERRNO_SMTPCLOSED;
2317 goto EHLOHELO_FAILED;
2318 }
2319 memmove(sx->buffer, rsp, Ustrlen(rsp));
2320 goto RESPONSE_FAILED;
a57ce043 2321 }
a57ce043 2322 }
2d14f397 2323
d093f8e5 2324 if (sx->esmtp || sx->lmtp)
2d14f397 2325 {
ee8b8090
JH
2326#ifdef EXPERIMENTAL_PIPE_CONNECT
2327 if (!sx->early_pipe_active)
2328#endif
2329 {
2330 sx->peer_offered = ehlo_response(sx->buffer,
2331 OPTION_TLS /* others checked later */
2332#ifdef EXPERIMENTAL_PIPE_CONNECT
2333 | (sx->early_pipe_ok
2334 ? OPTION_IGNQ
2335 | OPTION_CHUNKING | OPTION_PRDR | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
2336#ifdef SUPPORT_I18N
2337 | OPTION_UTF8
2338#endif
2339 | OPTION_EARLY_PIPE
2340 : 0
2341 )
2342#endif
2343 );
2344#ifdef EXPERIMENTAL_PIPE_CONNECT
2345 if (sx->early_pipe_ok)
2346 {
2347 sx->ehlo_resp.cleartext_features = sx->peer_offered;
2348
2349 if ( (sx->peer_offered & (OPTION_PIPE | OPTION_EARLY_PIPE))
2350 == (OPTION_PIPE | OPTION_EARLY_PIPE))
2351 {
2352 DEBUG(D_transport) debug_printf("PIPE_CONNECT usable in future for this IP\n");
2353 sx->ehlo_resp.cleartext_auths = study_ehlo_auths(sx);
2354 write_ehlo_cache_entry(sx);
2355 }
2356 }
2357#endif
2358 }
f1513293 2359
0756eb3c
PH
2360 /* Set tls_offered if the response to EHLO specifies support for STARTTLS. */
2361
a7538db1 2362#ifdef SUPPORT_TLS
14de8063 2363 smtp_peer_options |= sx->peer_offered & OPTION_TLS;
7ade712c 2364#endif
2d14f397 2365 }
0756eb3c
PH
2366 }
2367
57cc2785
JH
2368/* For continuing deliveries down the same channel, having re-exec'd the socket
2369is the standard input; for a socket held open from verify it is recorded
2370in the cutthrough context block. Either way we don't need to redo EHLO here
2371(but may need to do so for TLS - see below).
2372Set up the pointer to where subsequent commands will be left, for
2d14f397 2373error messages. Note that smtp_peer_options will have been
0756eb3c
PH
2374set from the command line if they were set in the process that passed the
2375connection on. */
2376
895fbaf2 2377/*XXX continue case needs to propagate DSN_INFO, prob. in deliver.c
4c04137d 2378as the continue goes via transport_pass_socket() and doublefork and exec.
895fbaf2
JH
2379It does not wait. Unclear how we keep separate host's responses
2380separate - we could match up by host ip+port as a bodge. */
2381
0756eb3c
PH
2382else
2383 {
74f1a423 2384 if (cutthrough.cctx.sock >= 0 && cutthrough.callout_hold_only)
57cc2785 2385 {
74f1a423 2386 sx->cctx = cutthrough.cctx;
ee8b8090 2387 sx->conn_args.host->port = sx->port = cutthrough.host.port;
57cc2785
JH
2388 }
2389 else
2390 {
74f1a423
JH
2391 sx->cctx.sock = 0; /* stdin */
2392 sx->cctx.tls_ctx = NULL;
ee8b8090 2393 smtp_port_for_connect(sx->conn_args.host, sx->port); /* Record the port that was used */
57cc2785 2394 }
74f1a423 2395 sx->inblock.cctx = sx->outblock.cctx = &sx->cctx;
0756eb3c 2396 smtp_command = big_buffer;
02b41d71 2397 sx->helo_data = NULL; /* ensure we re-expand ob->helo_data */
875512a3 2398
57cc2785
JH
2399 /* For a continued connection with TLS being proxied for us, or a
2400 held-open verify connection with TLS, nothing more to do. */
875512a3 2401
57cc2785 2402 if ( continue_proxy_cipher
74f1a423
JH
2403 || (cutthrough.cctx.sock >= 0 && cutthrough.callout_hold_only
2404 && cutthrough.is_tls)
57cc2785 2405 )
875512a3
JH
2406 {
2407 sx->peer_offered = smtp_peer_options;
7c576fca 2408 sx->pipelining_used = pipelining_active = !!(smtp_peer_options & OPTION_PIPE);
57cc2785
JH
2409 HDEBUG(D_transport) debug_printf("continued connection, %s TLS\n",
2410 continue_proxy_cipher ? "proxied" : "verify conn with");
875512a3
JH
2411 return OK;
2412 }
2413 HDEBUG(D_transport) debug_printf("continued connection, no TLS\n");
0756eb3c
PH
2414 }
2415
2416/* If TLS is available on this connection, whether continued or not, attempt to
2417start up a TLS session, unless the host is in hosts_avoid_tls. If successful,
2418send another EHLO - the server may give a different answer in secure mode. We
2419use a separate buffer for reading the response to STARTTLS so that if it is
2420negative, the original EHLO data is available for subsequent analysis, should
2421the client not be required to use TLS. If the response is bad, copy the buffer
2422for error analysis. */
2423
2424#ifdef SUPPORT_TLS
14de8063 2425if ( smtp_peer_options & OPTION_TLS
5130845b 2426 && !suppress_tls
ee8b8090 2427 && verify_check_given_host(CUSS &ob->hosts_avoid_tls, sx->conn_args.host) != OK
e9166683 2428 && ( !sx->verify
ee8b8090 2429 || verify_check_given_host(CUSS &ob->hosts_verify_avoid_tls, sx->conn_args.host) != OK
02b41d71 2430 ) )
0756eb3c
PH
2431 {
2432 uschar buffer2[4096];
ee8b8090 2433
251b9eb4 2434 if (smtp_write_command(sx, SCMD_FLUSH, "STARTTLS\r\n") < 0)
0756eb3c
PH
2435 goto SEND_FAILED;
2436
ee8b8090
JH
2437#ifdef EXPERIMENTAL_PIPE_CONNECT
2438 /* If doing early-pipelining reap the banner and EHLO-response but leave
2439 the response for the STARTTLS we just sent alone. */
2440
2441 if (sx->early_pipe_active && sync_responses(sx, 2, 0) != 0)
2442 {
2443 HDEBUG(D_transport)
2444 debug_printf("failed reaping pipelined cmd responses\n");
2445 goto RESPONSE_FAILED;
2446 }
2447#endif
2448
0756eb3c
PH
2449 /* If there is an I/O error, transmission of this message is deferred. If
2450 there is a temporary rejection of STARRTLS and tls_tempfail_tryclear is
2451 false, we also defer. However, if there is a temporary rejection of STARTTLS
2452 and tls_tempfail_tryclear is true, or if there is an outright rejection of
2453 STARTTLS, we carry on. This means we will try to send the message in clear,
2454 unless the host is in hosts_require_tls (tested below). */
2455
ee8b8090 2456 if (!smtp_read_response(sx, buffer2, sizeof(buffer2), '2', ob->command_timeout))
0756eb3c 2457 {
4b0fe319
JH
2458 if ( errno != 0
2459 || buffer2[0] == 0
ee8b8090 2460 || (buffer2[0] == '4' && !ob->tls_tempfail_tryclear)
4b0fe319 2461 )
0dda4340 2462 {
d093f8e5 2463 Ustrncpy(sx->buffer, buffer2, sizeof(sx->buffer));
9e7e0f6a 2464 sx->buffer[sizeof(sx->buffer)-1] = '\0';
0756eb3c 2465 goto RESPONSE_FAILED;
0dda4340 2466 }
0756eb3c
PH
2467 }
2468
2469 /* STARTTLS accepted: try to negotiate a TLS session. */
2470
2471 else
061b7ebd 2472 TLS_NEGOTIATE:
0756eb3c 2473 {
cf0c6164 2474 uschar * errstr;
ee8b8090
JH
2475 sx->cctx.tls_ctx = tls_client_start(sx->cctx.sock, sx->conn_args.host,
2476 sx->addrlist, sx->conn_args.tblock,
c0635b6d 2477# ifdef SUPPORT_DANE
cf0c6164 2478 sx->dane ? &tlsa_dnsa : NULL,
0e66b3b6 2479# endif
74f1a423 2480 &tls_out, &errstr);
0756eb3c 2481
74f1a423 2482 if (!sx->cctx.tls_ctx)
0756eb3c 2483 {
74f1a423
JH
2484 /* TLS negotiation failed; give an error. From outside, this function may
2485 be called again to try in clear on a new connection, if the options permit
2486 it for this host. */
8008accd 2487 DEBUG(D_tls) debug_printf("TLS session fail: %s\n", errstr);
74f1a423 2488
c0635b6d 2489# ifdef SUPPORT_DANE
c4b57fdd
JH
2490 if (sx->dane)
2491 {
2492 log_write(0, LOG_MAIN,
cf0c6164 2493 "DANE attempt failed; TLS connection to %s [%s]: %s",
ee8b8090 2494 sx->conn_args.host->name, sx->conn_args.host->address, errstr);
8d3dc239 2495# ifndef DISABLE_EVENT
ee8b8090 2496 (void) event_raise(sx->conn_args.tblock->event_action,
c4b57fdd 2497 US"dane:fail", US"validation-failure"); /* could do with better detail */
8d3dc239 2498# endif
c4b57fdd 2499 }
6ebd79ec
JH
2500# endif
2501
de6273b4 2502 errno = ERRNO_TLSFAILURE;
cf0c6164 2503 message = string_sprintf("TLS session: %s", errstr);
d093f8e5 2504 sx->send_quit = FALSE;
0756eb3c
PH
2505 goto TLS_FAILED;
2506 }
2507
2508 /* TLS session is set up */
2509
2d14f397 2510 smtp_peer_options_wrap = smtp_peer_options;
d7978c0f 2511 for (address_item * addr = sx->addrlist; addr; addr = addr->next)
5ca2a9a1
PH
2512 if (addr->transport_return == PENDING_DEFER)
2513 {
817d9f57 2514 addr->cipher = tls_out.cipher;
9d1c15ef
JH
2515 addr->ourcert = tls_out.ourcert;
2516 addr->peercert = tls_out.peercert;
817d9f57 2517 addr->peerdn = tls_out.peerdn;
018058b2 2518 addr->ocsp = tls_out.ocsp;
5ca2a9a1 2519 }
0756eb3c
PH
2520 }
2521 }
2522
061b7ebd
PP
2523/* if smtps, we'll have smtp_command set to something else; always safe to
2524reset it here. */
2525smtp_command = big_buffer;
2526
41c7c167
PH
2527/* If we started TLS, redo the EHLO/LHLO exchange over the secure channel. If
2528helo_data is null, we are dealing with a connection that was passed from
2529another process, and so we won't have expanded helo_data above. We have to
2530expand it here. $sending_ip_address and $sending_port are set up right at the
2531start of the Exim process (in exim.c). */
0756eb3c 2532
74f1a423 2533if (tls_out.active.sock >= 0)
0756eb3c 2534 {
ee8b8090 2535 uschar * greeting_cmd;
895fbaf2 2536
ee8b8090 2537 if (!sx->helo_data && !(sx->helo_data = expand_string(ob->helo_data)))
41c7c167 2538 {
d093f8e5
JH
2539 uschar *message = string_sprintf("failed to expand helo_data: %s",
2540 expand_string_message);
2541 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
2542 yield = DEFER;
2543 goto SEND_QUIT;
41c7c167
PH
2544 }
2545
ee8b8090
JH
2546#ifdef EXPERIMENTAL_PIPE_CONNECT
2547 /* For SMTPS there is no cleartext early-pipe; use the crypted permission bit.
2548 We're unlikely to get the group sent and delivered before the server sends its
2549 banner, but it's still worth sending as a group.
2550 For STARTTLS allow for cleartext early-pipe but no crypted early-pipe, but not
2551 the reverse. */
2552
2553 if (sx->smtps ? sx->early_pipe_ok : sx->early_pipe_active)
2554 {
2555 sx->peer_offered = sx->ehlo_resp.crypted_features;
2556 if ((sx->early_pipe_active =
2557 !!(sx->ehlo_resp.crypted_features & OPTION_EARLY_PIPE)))
2558 DEBUG(D_transport) debug_printf("Using cached crypted PIPE_CONNECT\n");
2559 }
2560#endif
2561
0d0e4455 2562 /* For SMTPS we need to wait for the initial OK response. */
d093f8e5 2563 if (sx->smtps)
ee8b8090
JH
2564#ifdef EXPERIMENTAL_PIPE_CONNECT
2565 if (sx->early_pipe_active)
2566 {
2567 sx->pending_BANNER = TRUE;
2568 sx->outblock.cmd_count = 1;
2569 }
2570 else
895fbaf2 2571#endif
ee8b8090
JH
2572 if (!smtp_reap_banner(sx))
2573 goto RESPONSE_FAILED;
0d0e4455 2574
ee8b8090
JH
2575 if (sx->lmtp)
2576 greeting_cmd = US"LHLO";
2577 else if (sx->esmtp)
2578 greeting_cmd = US"EHLO";
0d0e4455
PP
2579 else
2580 {
ee8b8090 2581 greeting_cmd = US"HELO";
0d0e4455
PP
2582 DEBUG(D_transport)
2583 debug_printf("not sending EHLO (host matches hosts_avoid_esmtp)\n");
061b7ebd
PP
2584 }
2585
ee8b8090
JH
2586 if (smtp_write_command(sx,
2587#ifdef EXPERIMENTAL_PIPE_CONNECT
2588 sx->early_pipe_active ? SCMD_BUFFER :
2589#endif
2590 SCMD_FLUSH,
2591 "%s %s\r\n", greeting_cmd, sx->helo_data) < 0)
0756eb3c 2592 goto SEND_FAILED;
ee8b8090
JH
2593
2594#ifdef EXPERIMENTAL_PIPE_CONNECT
2595 if (sx->early_pipe_active)
2596 sx->pending_EHLO = TRUE;
2597 else
895fbaf2 2598#endif
ee8b8090
JH
2599 {
2600 if (!smtp_reap_ehlo(sx))
2601 goto RESPONSE_FAILED;
2602 smtp_peer_options = 0;
2603 }
0756eb3c
PH
2604 }
2605
2606/* If the host is required to use a secure channel, ensure that we
2607have one. */
2608
d093f8e5 2609else if ( sx->smtps
c0635b6d 2610# ifdef SUPPORT_DANE
d093f8e5 2611 || sx->dane
0e66b3b6 2612# endif
8ac90765
JH
2613# ifdef EXPERIMENTAL_REQUIRETLS
2614 || tls_requiretls & REQUIRETLS_MSG
2615# endif
ee8b8090 2616 || verify_check_given_host(CUSS &ob->hosts_require_tls, sx->conn_args.host) == OK
7a31d643 2617 )
0756eb3c 2618 {
8ac90765
JH
2619 errno =
2620# ifdef EXPERIMENTAL_REQUIRETLS
2621 tls_requiretls & REQUIRETLS_MSG ? ERRNO_REQUIRETLS :
2622# endif
2623 ERRNO_TLSREQUIRED;
c562fd30 2624 message = string_sprintf("a TLS session is required, but %s",
14de8063 2625 smtp_peer_options & OPTION_TLS
2d14f397 2626 ? "an attempt to start TLS failed" : "the server did not offer TLS support");
8d3dc239 2627# if defined(SUPPORT_DANE) && !defined(DISABLE_EVENT)
c4b57fdd 2628 if (sx->dane)
ee8b8090 2629 (void) event_raise(sx->conn_args.tblock->event_action, US"dane:fail",
c4b57fdd
JH
2630 smtp_peer_options & OPTION_TLS
2631 ? US"validation-failure" /* could do with better detail */
2632 : US"starttls-not-supported");
2633# endif
0756eb3c
PH
2634 goto TLS_FAILED;
2635 }
0e66b3b6 2636#endif /*SUPPORT_TLS*/
0756eb3c
PH
2637
2638/* If TLS is active, we have just started it up and re-done the EHLO command,
2639so its response needs to be analyzed. If TLS is not active and this is a
2640continued session down a previously-used socket, we haven't just done EHLO, so
2641we skip this. */
2642
2643if (continue_hostname == NULL
a7538db1 2644#ifdef SUPPORT_TLS
74f1a423 2645 || tls_out.active.sock >= 0
a7538db1 2646#endif
0756eb3c
PH
2647 )
2648 {
d093f8e5 2649 if (sx->esmtp || sx->lmtp)
2d14f397 2650 {
ee8b8090
JH
2651#ifdef EXPERIMENTAL_PIPE_CONNECT
2652 if (!sx->early_pipe_active)
2653#endif
2654 {
e9166683 2655 sx->peer_offered = ehlo_response(sx->buffer,
d093f8e5 2656 0 /* no TLS */
ee8b8090
JH
2657#ifdef EXPERIMENTAL_PIPE_CONNECT
2658 | (sx->lmtp && ob->lmtp_ignore_quota ? OPTION_IGNQ : 0)
2659 | OPTION_DSN | OPTION_PIPE | OPTION_SIZE
2660 | OPTION_CHUNKING | OPTION_PRDR | OPTION_UTF8 | OPTION_REQUIRETLS
2661 | (tls_out.active.sock >= 0 ? OPTION_EARLY_PIPE : 0) /* not for lmtp */
2662
2663#else
2664
2665 | (sx->lmtp && ob->lmtp_ignore_quota ? OPTION_IGNQ : 0)
14de8063
JH
2666 | OPTION_CHUNKING
2667 | OPTION_PRDR
ee8b8090 2668# ifdef SUPPORT_I18N
14de8063 2669 | (sx->addrlist->prop.utf8_msg ? OPTION_UTF8 : 0)
d093f8e5
JH
2670 /*XXX if we hand peercaps on to continued-conn processes,
2671 must not depend on this addr */
ee8b8090 2672# endif
14de8063
JH
2673 | OPTION_DSN
2674 | OPTION_PIPE
ee8b8090
JH
2675 | (ob->size_addition >= 0 ? OPTION_SIZE : 0)
2676# if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
8ac90765 2677 | (tls_requiretls & REQUIRETLS_MSG ? OPTION_REQUIRETLS : 0)
ee8b8090 2678# endif
8ac90765 2679#endif
9094b84b 2680 );
ee8b8090
JH
2681#ifdef EXPERIMENTAL_PIPE_CONNECT
2682 if (tls_out.active.sock >= 0)
2683 sx->ehlo_resp.crypted_features = sx->peer_offered;
2684#endif
2685 }
9094b84b 2686
2d14f397
JH
2687 /* Set for IGNOREQUOTA if the response to LHLO specifies support and the
2688 lmtp_ignore_quota option was set. */
f1513293 2689
14de8063 2690 sx->igquotstr = sx->peer_offered & OPTION_IGNQ ? US" IGNOREQUOTA" : US"";
f1513293 2691
2d14f397
JH
2692 /* If the response to EHLO specified support for the SIZE parameter, note
2693 this, provided size_addition is non-negative. */
f1513293 2694
14de8063 2695 smtp_peer_options |= sx->peer_offered & OPTION_SIZE;
0756eb3c 2696
2d14f397
JH
2697 /* Note whether the server supports PIPELINING. If hosts_avoid_esmtp matched
2698 the current host, esmtp will be false, so PIPELINING can never be used. If
2699 the current host matches hosts_avoid_pipelining, don't do it. */
0756eb3c 2700
14de8063 2701 if ( sx->peer_offered & OPTION_PIPE
ee8b8090 2702 && verify_check_given_host(CUSS &ob->hosts_avoid_pipelining, sx->conn_args.host) != OK)
14de8063 2703 smtp_peer_options |= OPTION_PIPE;
0756eb3c 2704
2d14f397 2705 DEBUG(D_transport) debug_printf("%susing PIPELINING\n",
14de8063 2706 smtp_peer_options & OPTION_PIPE ? "" : "not ");
0756eb3c 2707
14de8063 2708 if ( sx->peer_offered & OPTION_CHUNKING
ee8b8090 2709 && verify_check_given_host(CUSS &ob->hosts_try_chunking, sx->conn_args.host) != OK)
14de8063 2710 sx->peer_offered &= ~OPTION_CHUNKING;
f98442df 2711
14de8063 2712 if (sx->peer_offered & OPTION_CHUNKING)
ee8b8090 2713 DEBUG(D_transport) debug_printf("CHUNKING usable\n");
0756eb3c 2714
8ccd00b1 2715#ifndef DISABLE_PRDR
14de8063 2716 if ( sx->peer_offered & OPTION_PRDR
ee8b8090 2717 && verify_check_given_host(CUSS &ob->hosts_try_prdr, sx->conn_args.host) != OK)
14de8063 2718 sx->peer_offered &= ~OPTION_PRDR;
fd98a5c6 2719
14de8063 2720 if (sx->peer_offered & OPTION_PRDR)
ee8b8090 2721 DEBUG(D_transport) debug_printf("PRDR usable\n");
fd98a5c6
JH
2722#endif
2723
2d14f397 2724 /* Note if the server supports DSN */
14de8063 2725 smtp_peer_options |= sx->peer_offered & OPTION_DSN;
2d14f397 2726 DEBUG(D_transport) debug_printf("%susing DSN\n",
14de8063 2727 sx->peer_offered & OPTION_DSN ? "" : "not ");
6c1c3d1d 2728
8ac90765
JH
2729#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
2730 if (sx->peer_offered & OPTION_REQUIRETLS)
2731 {
2732 smtp_peer_options |= OPTION_REQUIRETLS;
2733 DEBUG(D_transport) debug_printf(
2734 tls_requiretls & REQUIRETLS_MSG
2735 ? "using REQUIRETLS\n" : "REQUIRETLS offered\n");
2736 }
2737#endif
2738
ee8b8090
JH
2739#ifdef EXPERIMENTAL_PIPE_CONNECT
2740 if ( sx->early_pipe_ok
2741 && !sx->early_pipe_active
2742 && tls_out.active.sock >= 0
2743 && smtp_peer_options & OPTION_PIPE
2744 && ( sx->ehlo_resp.cleartext_features | sx->ehlo_resp.crypted_features)
2745 & OPTION_EARLY_PIPE)
2746 {
2747 DEBUG(D_transport) debug_printf("PIPE_CONNECT usable in future for this IP\n");
2748 sx->ehlo_resp.crypted_auths = study_ehlo_auths(sx);
2749 write_ehlo_cache_entry(sx);
2750 }
2751#endif
2752
2d14f397
JH
2753 /* Note if the response to EHLO specifies support for the AUTH extension.
2754 If it has, check that this host is one we want to authenticate to, and do
2755 the business. The host name and address must be available when the
2756 authenticator's client driver is running. */
0756eb3c 2757
ee8b8090 2758 switch (yield = smtp_auth(sx))
2d14f397
JH
2759 {
2760 default: goto SEND_QUIT;
2761 case OK: break;
2762 case FAIL_SEND: goto SEND_FAILED;
2763 case FAIL: goto RESPONSE_FAILED;
2764 }
0756eb3c
PH
2765 }
2766 }
7c576fca 2767sx->pipelining_used = pipelining_active = !!(smtp_peer_options & OPTION_PIPE);
0756eb3c
PH
2768
2769/* The setting up of the SMTP call is now complete. Any subsequent errors are
2770message-specific. */
2771
d093f8e5 2772sx->setting_up = FALSE;
0756eb3c 2773
8c5d388a 2774#ifdef SUPPORT_I18N
d093f8e5 2775if (sx->addrlist->prop.utf8_msg)
9094b84b 2776 {
71c15846
JH
2777 uschar * s;
2778
2779 /* If the transport sets a downconversion mode it overrides any set by ACL
2780 for the message. */
2781
ee8b8090 2782 if ((s = ob->utf8_downconvert))
71c15846
JH
2783 {
2784 if (!(s = expand_string(s)))
2785 {
2786 message = string_sprintf("failed to expand utf8_downconvert: %s",
2787 expand_string_message);
2788 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, message, DEFER, FALSE);
2789 yield = DEFER;
2790 goto SEND_QUIT;
2791 }
2792 switch (*s)
2793 {
2794 case '1': sx->addrlist->prop.utf8_downcvt = TRUE;
2795 sx->addrlist->prop.utf8_downcvt_maybe = FALSE;
2796 break;
2797 case '0': sx->addrlist->prop.utf8_downcvt = FALSE;
2798 sx->addrlist->prop.utf8_downcvt_maybe = FALSE;
2799 break;
2800 case '-': if (s[1] == '1')
2801 {
2802 sx->addrlist->prop.utf8_downcvt = FALSE;
2803 sx->addrlist->prop.utf8_downcvt_maybe = TRUE;
2804 }
2805 break;
2806 }
2807 }
2808
d093f8e5
JH
2809 sx->utf8_needed = !sx->addrlist->prop.utf8_downcvt
2810 && !sx->addrlist->prop.utf8_downcvt_maybe;
2811 DEBUG(D_transport) if (!sx->utf8_needed)
59a286ef 2812 debug_printf("utf8: %s downconvert\n",
d093f8e5 2813 sx->addrlist->prop.utf8_downcvt ? "mandatory" : "optional");
9094b84b
JH
2814 }
2815
7ade712c 2816/* If this is an international message we need the host to speak SMTPUTF8 */
14de8063 2817if (sx->utf8_needed && !(sx->peer_offered & OPTION_UTF8))
7ade712c
JH
2818 {
2819 errno = ERRNO_UTF8_FWD;
2820 goto RESPONSE_FAILED;
2821 }
71c15846 2822#endif /*SUPPORT_I18N*/
7ade712c 2823
8ac90765
JH
2824#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
2825 /*XXX should tls_requiretls actually be per-addr? */
2826
2827if ( tls_requiretls & REQUIRETLS_MSG
2828 && !(sx->peer_offered & OPTION_REQUIRETLS)
2829 )
2830 {
2831 sx->setting_up = TRUE;
2832 errno = ERRNO_REQUIRETLS;
2833 message = US"REQUIRETLS support is required from the server"
2834 " but it was not offered";
2835 DEBUG(D_transport) debug_printf("%s\n", message);
2836 goto TLS_FAILED;
2837 }
2838#endif
2839
d093f8e5
JH
2840return OK;
2841
2842
2843 {
2844 int code;
d093f8e5
JH
2845
2846 RESPONSE_FAILED:
d093f8e5 2847 message = NULL;
ee8b8090 2848 sx->send_quit = check_response(sx->conn_args.host, &errno, sx->addrlist->more_errno,
d093f8e5 2849 sx->buffer, &code, &message, &pass_message);
8ac90765 2850 yield = DEFER;
d093f8e5 2851 goto FAILED;
d093f8e5
JH
2852
2853 SEND_FAILED:
d093f8e5
JH
2854 code = '4';
2855 message = US string_sprintf("send() to %s [%s] failed: %s",
ee8b8090 2856 sx->conn_args.host->name, sx->conn_args.host->address, strerror(errno));
d093f8e5 2857 sx->send_quit = FALSE;
8ac90765 2858 yield = DEFER;
d093f8e5 2859 goto FAILED;
d093f8e5 2860
de6273b4
JH
2861 EHLOHELO_FAILED:
2862 code = '4';
2863 message = string_sprintf("Remote host closed connection in response to %s"
2864 " (EHLO response was: %s)", smtp_command, sx->buffer);
2865 sx->send_quit = FALSE;
8ac90765 2866 yield = DEFER;
de6273b4
JH
2867 goto FAILED;
2868
e5ab0ba9
JH
2869 /* This label is jumped to directly when a TLS negotiation has failed,
2870 or was not done for a host for which it is required. Values will be set
2871 in message and errno, and setting_up will always be true. Treat as
2872 a temporary error. */
2873
d093f8e5
JH
2874#ifdef SUPPORT_TLS
2875 TLS_FAILED:
8ac90765
JH
2876# ifdef EXPERIMENTAL_REQUIRETLS
2877 if (errno == ERRNO_REQUIRETLS)
2878 code = '5', yield = FAIL;
2879 /*XXX DSN will be labelled 500; prefer 530 5.7.4 */
2880 else
2881# endif
2882 code = '4', yield = DEFER;
de6273b4 2883 goto FAILED;
d093f8e5
JH
2884#endif
2885
2886 /* The failure happened while setting up the call; see if the failure was
2887 a 5xx response (this will either be on connection, or following HELO - a 5xx
e69636bc
JH
2888 after EHLO causes it to try HELO). If so, and there are no more hosts to try,
2889 fail all addresses, as this host is never going to accept them. For other
2890 errors during setting up (timeouts or whatever), defer all addresses, and
2891 yield DEFER, so that the host is not tried again for a while.
2892
2893 XXX This peeking for another host feels like a layering violation. We want
2894 to note the host as unusable, but down here we shouldn't know if this was
2895 the last host to try for the addr(list). Perhaps the upper layer should be
2896 the one to do set_errno() ? The problem is that currently the addr is where
2897 errno etc. are stashed, but until we run out of hosts to try the errors are
2898 host-specific. Maybe we should enhance the host_item definition? */
d093f8e5 2899
de6273b4 2900FAILED:
d093f8e5 2901 sx->ok = FALSE; /* For when reached by GOTO */
e69636bc 2902 set_errno(sx->addrlist, errno, message,
ee8b8090 2903 sx->conn_args.host->next
e69636bc
JH
2904 ? DEFER
2905 : code == '5'
d093f8e5 2906#ifdef SUPPORT_I18N
e69636bc 2907 || errno == ERRNO_UTF8_FWD
d093f8e5 2908#endif
e69636bc 2909 ? FAIL : DEFER,
ee8b8090 2910 pass_message, sx->conn_args.host
d093f8e5
JH
2911#ifdef EXPERIMENTAL_DSN_INFO
2912 , sx->smtp_greeting, sx->helo_response
2913#endif
2914 );
2915 }
2916
2917
2918SEND_QUIT:
2919
2920if (sx->send_quit)
251b9eb4 2921 (void)smtp_write_command(sx, SCMD_FLUSH, "QUIT\r\n");
d093f8e5 2922
d093f8e5 2923#ifdef SUPPORT_TLS
74f1a423
JH
2924if (sx->cctx.tls_ctx)
2925 {
2926 tls_close(sx->cctx.tls_ctx, TLS_SHUTDOWN_NOWAIT);
2927 sx->cctx.tls_ctx = NULL;
2928 }
d093f8e5
JH
2929#endif
2930
2931/* Close the socket, and return the appropriate value, first setting
2932works because the NULL setting is passed back to the calling process, and
2933remote_max_parallel is forced to 1 when delivering over an existing connection,
b7d3afcf 2934*/
d093f8e5 2935
e1d04f48 2936HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP(close)>>\n");
d093f8e5
JH
2937if (sx->send_quit)
2938 {
74f1a423
JH
2939 shutdown(sx->cctx.sock, SHUT_WR);
2940 if (fcntl(sx->cctx.sock, F_SETFL, O_NONBLOCK) == 0)
d7978c0f
JH
2941 for (int i = 16; read(sx->cctx.sock, sx->inbuffer, sizeof(sx->inbuffer)) > 0 && i > 0;)
2942 i--; /* drain socket */
02b41d71 2943 sx->send_quit = FALSE;
d093f8e5 2944 }
74f1a423
JH
2945(void)close(sx->cctx.sock);
2946sx->cctx.sock = -1;
d093f8e5
JH
2947
2948#ifndef DISABLE_EVENT
ee8b8090 2949(void) event_raise(sx->conn_args.tblock->event_action, US"tcp:close", NULL);
d093f8e5
JH
2950#endif
2951
2952continue_transport = NULL;
2953continue_hostname = NULL;
2954return yield;
2955}
2956
2957
9be4572b
JH
2958
2959
2960/* Create the string of options that will be appended to the MAIL FROM:
2961in the connection context buffer */
2962
2963static int
2964build_mailcmd_options(smtp_context * sx, address_item * addrlist)
2965{
2966uschar * p = sx->buffer;
2967address_item * addr;
2968int address_count;
2969
2970*p = 0;
2971
14de8063 2972/* If we know the receiving MTA supports the SIZE qualification, and we know it,
9be4572b
JH
2973send it, adding something to the message size to allow for imprecision
2974and things that get added en route. Exim keeps the number of lines
2975in a message, so we can give an accurate value for the original message, but we
2976need some additional to handle added headers. (Double "." characters don't get
2977included in the count.) */
2978
14de8063
JH
2979if ( message_size > 0
2980 && sx->peer_offered & OPTION_SIZE && !(sx->avoid_option & OPTION_SIZE))
9be4572b 2981 {
328c5688
JH
2982/*XXX problem here under spool_files_wireformat?
2983Or just forget about lines? Or inflate by a fixed proportion? */
2984
ee8b8090 2985 sprintf(CS p, " SIZE=%d", message_size+message_linecount+(SOB sx->conn_args.ob)->size_addition);
9be4572b
JH
2986 while (*p) p++;
2987 }
2988
2989#ifndef DISABLE_PRDR
aded2255 2990/* If it supports Per-Recipient Data Responses, and we have more than one recipient,
9be4572b
JH
2991request that */
2992
2993sx->prdr_active = FALSE;
14de8063 2994if (sx->peer_offered & OPTION_PRDR)
d7978c0f 2995 for (address_item * addr = addrlist; addr; addr = addr->next)
9be4572b
JH
2996 if (addr->transport_return == PENDING_DEFER)
2997 {
2998 for (addr = addr->next; addr; addr = addr->next)
2999 if (addr->transport_return == PENDING_DEFER)
3000 { /* at least two recipients to send */
3001 sx->prdr_active = TRUE;
3002 sprintf(CS p, " PRDR"); p += 5;
3003 break;
3004 }
3005 break;
3006 }
3007#endif
3008
3009#ifdef SUPPORT_I18N
3010/* If it supports internationalised messages, and this meesage need that,
3011request it */
3012
14de8063 3013if ( sx->peer_offered & OPTION_UTF8
9be4572b
JH
3014 && addrlist->prop.utf8_msg
3015 && !addrlist->prop.utf8_downcvt
3016 )
3017 Ustrcpy(p, " SMTPUTF8"), p += 9;
3018#endif
3019
8ac90765
JH
3020#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_REQUIRETLS)
3021if (tls_requiretls & REQUIRETLS_MSG)
3022 Ustrcpy(p, " REQUIRETLS") , p += 11;
3023#endif
3024
9be4572b
JH
3025/* check if all addresses have DSN-lasthop flag; do not send RET and ENVID if so */
3026for (sx->dsn_all_lasthop = TRUE, addr = addrlist, address_count = 0;
3027 addr && address_count < sx->max_rcpt;
3028 addr = addr->next) if (addr->transport_return == PENDING_DEFER)
3029 {
3030 address_count++;
3031 if (!(addr->dsn_flags & rf_dsnlasthop))
3032 {
3033 sx->dsn_all_lasthop = FALSE;
3034 break;
3035 }
3036 }
3037
3038/* Add any DSN flags to the mail command */
3039
14de8063 3040if (sx->peer_offered & OPTION_DSN && !sx->dsn_all_lasthop)
9be4572b
JH
3041 {
3042 if (dsn_ret == dsn_ret_hdrs)
3043 { Ustrcpy(p, " RET=HDRS"); p += 9; }
3044 else if (dsn_ret == dsn_ret_full)
3045 { Ustrcpy(p, " RET=FULL"); p += 9; }
3046
3047 if (dsn_envid)
3048 {
3049 string_format(p, sizeof(sx->buffer) - (p-sx->buffer), " ENVID=%s", dsn_envid);
3050 while (*p) p++;
3051 }
3052 }
3053
3054/* If an authenticated_sender override has been specified for this transport
3055instance, expand it. If the expansion is forced to fail, and there was already
3056an authenticated_sender for this message, the original value will be used.
3057Other expansion failures are serious. An empty result is ignored, but there is
3058otherwise no check - this feature is expected to be used with LMTP and other
3059cases where non-standard addresses (e.g. without domains) might be required. */
3060
ee8b8090 3061if (smtp_mail_auth_str(p, sizeof(sx->buffer) - (p-sx->buffer), addrlist, sx->conn_args.ob))
9be4572b
JH
3062 return ERROR;
3063
3064return OK;
3065}
3066
3067
3068static void
3069build_rcptcmd_options(smtp_context * sx, const address_item * addr)
3070{
3071uschar * p = sx->buffer;
3072*p = 0;
3073
3074/* Add any DSN flags to the rcpt command */
3075
14de8063 3076if (sx->peer_offered & OPTION_DSN && !(addr->dsn_flags & rf_dsnlasthop))
9be4572b
JH
3077 {
3078 if (addr->dsn_flags & rf_dsnflags)
3079 {
9be4572b
JH
3080 BOOL first = TRUE;
3081
3082 Ustrcpy(p, " NOTIFY=");
3083 while (*p) p++;
d7978c0f 3084 for (int i = 0; i < nelem(rf_list); i++) if (addr->dsn_flags & rf_list[i])
9be4572b
JH
3085 {
3086 if (!first) *p++ = ',';
3087 first = FALSE;
3088 Ustrcpy(p, rf_names[i]);
3089 while (*p) p++;
3090 }
3091 }
3092
3093 if (addr->dsn_orcpt)
3094 {
3095 string_format(p, sizeof(sx->buffer) - (p-sx->buffer), " ORCPT=%s",
3096 addr->dsn_orcpt);
3097 while (*p) p++;
3098 }
3099 }
3100}
3101
3102
d9c3c8ed
JH
3103
3104/*
3105Return:
e9166683
JH
3106 0 good, rcpt results in addr->transport_return (PENDING_OK, DEFER, FAIL)
3107 -1 MAIL response error
3108 -2 any non-MAIL read i/o error
3109 -3 non-MAIL response timeout
3110 -4 internal error; channel still usable
3111 -5 transmit failed
d9c3c8ed
JH
3112 */
3113
3114int
3115smtp_write_mail_and_rcpt_cmds(smtp_context * sx, int * yield)
3116{
3117address_item * addr;
3118int address_count;
3119int rc;
3120
3121if (build_mailcmd_options(sx, sx->first_addr) != OK)
3122 {
3123 *yield = ERROR;
e9166683 3124 return -4;
d9c3c8ed
JH
3125 }
3126
3127/* From here until we send the DATA command, we can make use of PIPELINING
3128if the server host supports it. The code has to be able to check the responses
3129at any point, for when the buffer fills up, so we write it totally generally.
3130When PIPELINING is off, each command written reports that it has flushed the
3131buffer. */
3132
3133sx->pending_MAIL = TRUE; /* The block starts with MAIL */
3134
3135 {
3136 uschar * s = sx->from_addr;
3137#ifdef SUPPORT_I18N
3138 uschar * errstr = NULL;
3139
3140 /* If we must downconvert, do the from-address here. Remember we had to
3141 for the to-addresses (done below), and also (ugly) for re-doing when building
3142 the delivery log line. */
3143
3144 if ( sx->addrlist->prop.utf8_msg
14de8063 3145 && (sx->addrlist->prop.utf8_downcvt || !(sx->peer_offered & OPTION_UTF8))
d9c3c8ed
JH
3146 )
3147 {
3148 if (s = string_address_utf8_to_alabel(s, &errstr), errstr)
3149 {
3150 set_errno_nohost(sx->addrlist, ERRNO_EXPANDFAIL, errstr, DEFER, FALSE);
3151 *yield = ERROR;
e9166683 3152 return -4;
d9c3c8ed
JH
3153 }
3154 setflag(sx->addrlist, af_utf8_downcvt);
3155 }
3156#endif
3157
251b9eb4 3158 rc = smtp_write_command(sx, pipelining_active ? SCMD_BUFFER : SCMD_FLUSH,
d9c3c8ed
JH
3159 "MAIL FROM:<%s>%s\r\n", s, sx->buffer);
3160 }
3161
3162mail_command = string_copy(big_buffer); /* Save for later error message */
3163
3164switch(rc)
3165 {
3166 case -1: /* Transmission error */
e9166683 3167 return -5;
d9c3c8ed 3168
df5b41e3 3169 case +1: /* Cmd was sent */
251b9eb4 3170 if (!smtp_read_response(sx, sx->buffer, sizeof(sx->buffer), '2',
ee8b8090 3171 (SOB sx->conn_args.ob)->command_timeout))
d9c3c8ed
JH
3172 {
3173 if (errno == 0 && sx->buffer[0] == '4')
3174 {
3175 errno = ERRNO_MAIL4XX;
3176 sx->addrlist->more_errno |= ((sx->buffer[1] - '0')*10 + sx->buffer[2] - '0') << 8;
3177 }
3178 return -1;
3179 }
3180 sx->pending_MAIL = FALSE;
3181 break;
e9166683
JH
3182
3183 /* otherwise zero: command queued for pipeline */
d9c3c8ed
JH
3184 }
3185
3186/* Pass over all the relevant recipient addresses for this host, which are the
3187ones that have status PENDING_DEFER. If we are using PIPELINING, we can send
3188several before we have to read the responses for those seen so far. This
3189checking is done by a subroutine because it also needs to be done at the end.
3190Send only up to max_rcpt addresses at a time, leaving next_addr pointing to
3191the next one if not all are sent.
3192
3193In the MUA wrapper situation, we want to flush the PIPELINING buffer for the
3194last address because we want to abort if any recipients have any kind of
3195problem, temporary or permanent. We know that all recipient addresses will have
3196the PENDING_DEFER status, because only one attempt is ever made, and we know
e9166683
JH
3197that max_rcpt will be large, so all addresses will be done at once.
3198
3199For verify we flush the pipeline after any (the only) rcpt address. */
d9c3c8ed
JH
3200
3201for (addr = sx->first_addr, address_count = 0;
3202 addr && address_count < sx->max_rcpt;
3203 addr = addr->next) if (addr->transport_return == PENDING_DEFER)
3204 {
3205 int count;
3206 BOOL no_flush;
3207 uschar * rcpt_addr;
3208
14de8063 3209 addr->dsn_aware = sx->peer_offered & OPTION_DSN
d9c3c8ed
JH
3210 ? dsn_support_yes : dsn_support_no;
3211
3212 address_count++;
4c2471ca
JH
3213 no_flush = pipelining_active && !sx->verify
3214 && (!mua_wrapper || addr->next && address_count < sx->max_rcpt);
d9c3c8ed
JH
3215
3216 build_rcptcmd_options(sx, addr);
3217
3218 /* Now send the RCPT command, and process outstanding responses when
3219 necessary. After a timeout on RCPT, we just end the function, leaving the
3220 yield as OK, because this error can often mean that there is a problem with
3221 just one address, so we don't want to delay the host. */
3222
ee8b8090 3223 rcpt_addr = transport_rcpt_address(addr, sx->conn_args.tblock->rcpt_include_affixes);
d9c3c8ed
JH
3224
3225#ifdef SUPPORT_I18N
3226 if ( testflag(sx->addrlist, af_utf8_downcvt)
3227 && !(rcpt_addr = string_address_utf8_to_alabel(rcpt_addr, NULL))
3228 )
3229 {
3230 /*XXX could we use a per-address errstr here? Not fail the whole send? */
3231 errno = ERRNO_EXPANDFAIL;
e9166683 3232 return -5; /*XXX too harsh? */
d9c3c8ed
JH
3233 }
3234#endif
3235
251b9eb4 3236 count = smtp_write_command(sx, no_flush ? SCMD_BUFFER : SCMD_FLUSH,
4e910c01 3237 "RCPT TO:<%s>%s%s\r\n", rcpt_addr, sx->igquotstr, sx->buffer);
d9c3c8ed 3238
e9166683 3239 if (count < 0) return -5;
d9c3c8ed
JH
3240 if (count > 0)
3241 {
df5b41e3 3242 switch(sync_responses(sx, count, 0))
d9c3c8ed
JH
3243 {
3244 case 3: sx->ok = TRUE; /* 2xx & 5xx => OK & progress made */
3245 case 2: sx->completed_addr = TRUE; /* 5xx (only) => progress made */
e9166683 3246 break;
d9c3c8ed
JH
3247
3248 case 1: sx->ok = TRUE; /* 2xx (only) => OK, but if LMTP, */
3249 if (!sx->lmtp) /* can't tell about progress yet */
3250 sx->completed_addr = TRUE;
3251 case 0: /* No 2xx or 5xx, but no probs */
3252 break;
3253
e9166683
JH
3254 case -1: return -3; /* Timeout on RCPT */
3255 case -2: return -2; /* non-MAIL read i/o error */
3256 default: return -1; /* any MAIL error */
ee8b8090
JH
3257
3258#ifdef EXPERIMENTAL_PIPE_CONNECT
3259 case -4: return -1; /* non-2xx for pipelined banner or EHLO */
3260#endif
d9c3c8ed
JH
3261 }
3262 sx->pending_MAIL = FALSE; /* Dealt with MAIL */
3263 }
3264 } /* Loop for next address */
3265
3266sx->next_addr = addr;
3267return 0;
3268}
3269
3270
875512a3
JH
3271#ifdef SUPPORT_TLS
3272/*****************************************************
3273* Proxy TLS connection for another transport process *
3274******************************************************/
3275/*
d097cc73
JH
3276Close the unused end of the pipe, fork once more, then use the given buffer
3277as a staging area, and select on both the given fd and the TLS'd client-fd for
3278data to read (per the coding in ip_recv() and fd_ready() this is legitimate).
3279Do blocking full-size writes, and reads under a timeout. Once both input
3280channels are closed, exit the process.
875512a3
JH
3281
3282Arguments:
74f1a423 3283 ct_ctx tls context
57cc2785
JH
3284 buf space to use for buffering
3285 bufsiz size of buffer
d097cc73 3286 pfd pipe filedescriptor array; [0] is comms to proxied process
875512a3
JH
3287 timeout per-read timeout, seconds
3288*/
3289
57cc2785 3290void
74f1a423
JH
3291smtp_proxy_tls(void * ct_ctx, uschar * buf, size_t bsize, int * pfd,
3292 int timeout)
875512a3 3293{
e47252f5 3294fd_set rfds, efds;
74f1a423 3295int max_fd = MAX(pfd[0], tls_out.active.sock) + 1;
d7978c0f 3296int rc, i;
875512a3 3297
d097cc73
JH
3298close(pfd[1]);
3299if ((rc = fork()))
3300 {